From d815178b7512cb44d8b5f234e3f823b5a3e44dea Mon Sep 17 00:00:00 2001 From: Paul Lawrence Date: Wed, 1 Jul 2015 14:40:56 -0700 Subject: [PATCH] Change init sequence to support file level encryption File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063 Change-Id: I8a6c40d44e17de386417a443c9dfc3b4e7fe59a5 --- init/builtins.cpp | 4 ++-- init/init_parser.cpp | 2 +- init/keywords.h | 4 ++-- init/property_service.cpp | 8 +------- init/property_service.h | 2 +- rootdir/init.rc | 12 ++++++++---- 6 files changed, 15 insertions(+), 17 deletions(-) diff --git a/init/builtins.cpp b/init/builtins.cpp index 9e5f9ff89..64a363e98 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -803,9 +803,9 @@ int do_load_persist_props(int nargs, char **args) { return -1; } -int do_load_all_props(int nargs, char **args) { +int do_load_system_props(int nargs, char **args) { if (nargs == 1) { - load_all_props(); + load_system_props(); return 0; } return -1; diff --git a/init/init_parser.cpp b/init/init_parser.cpp index 666a86e06..0f0c88e94 100644 --- a/init/init_parser.cpp +++ b/init/init_parser.cpp @@ -159,7 +159,7 @@ static int lookup_keyword(const char *s) case 'l': if (!strcmp(s, "oglevel")) return K_loglevel; if (!strcmp(s, "oad_persist_props")) return K_load_persist_props; - if (!strcmp(s, "oad_all_props")) return K_load_all_props; + if (!strcmp(s, "oad_system_props")) return K_load_system_props; break; case 'm': if (!strcmp(s, "kdir")) return K_mkdir; diff --git a/init/keywords.h b/init/keywords.h index e637d7dd9..ddaaffba6 100644 --- a/init/keywords.h +++ b/init/keywords.h @@ -34,7 +34,7 @@ int do_chown(int nargs, char **args); int do_chmod(int nargs, char **args); int do_loglevel(int nargs, char **args); int do_load_persist_props(int nargs, char **args); -int do_load_all_props(int nargs, char **args); +int do_load_system_props(int nargs, char **args); int do_verity_load_state(int nargs, char **args); int do_verity_update_state(int nargs, char **args); int do_wait(int nargs, char **args); @@ -66,7 +66,7 @@ enum { KEYWORD(installkey, COMMAND, 1, do_installkey) KEYWORD(ioprio, OPTION, 0, 0) KEYWORD(keycodes, OPTION, 0, 0) - KEYWORD(load_all_props, COMMAND, 0, do_load_all_props) + KEYWORD(load_system_props, COMMAND, 0, do_load_system_props) KEYWORD(load_persist_props, COMMAND, 0, do_load_persist_props) KEYWORD(loglevel, COMMAND, 1, do_loglevel) KEYWORD(mkdir, COMMAND, 1, do_mkdir) diff --git a/init/property_service.cpp b/init/property_service.cpp index c2881aeb1..52f6b98a6 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -560,16 +560,10 @@ void load_recovery_id_prop() { close(fd); } -void load_all_props() { +void load_system_props() { load_properties_from_file(PROP_PATH_SYSTEM_BUILD, NULL); load_properties_from_file(PROP_PATH_VENDOR_BUILD, NULL); load_properties_from_file(PROP_PATH_FACTORY, "ro.*"); - - load_override_properties(); - - /* Read persistent properties after all default values have been loaded. */ - load_persistent_properties(); - load_recovery_id_prop(); } diff --git a/init/property_service.h b/init/property_service.h index a27053d93..303f25162 100644 --- a/init/property_service.h +++ b/init/property_service.h @@ -23,7 +23,7 @@ extern void property_init(void); extern void property_load_boot_defaults(void); extern void load_persist_props(void); -extern void load_all_props(void); +extern void load_system_props(void); extern void start_property_service(void); void get_property_workspace(int *fd, int *sz); extern int __property_get(const char *name, char *value); diff --git a/rootdir/init.rc b/rootdir/init.rc index 3353c6400..b25a371f8 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -181,8 +181,8 @@ on property:sys.boot_from_charger_mode=1 trigger late-init # Load properties from /system/ + /factory after fs mount. -on load_all_props_action - load_all_props +on load_system_props_action + load_system_props start logd start logd-reinit @@ -195,12 +195,16 @@ on late-init trigger early-fs trigger fs trigger post-fs - trigger post-fs-data # Load properties from /system/ + /factory after fs mount. Place # this in another action so that the load will be scheduled after the prior # issued fs triggers have completed. - trigger load_all_props_action + trigger load_system_props_action + + # Now we can mount /data. File encryption requires keymaster to decrypt + # /data, which in turn can only be loaded when system properties are present + trigger post-fs-data + trigger load_persist_props # Remove a file to wake up anything waiting for firmware. trigger firmware_mounts_complete