int fs_mgr_mount_all(char *fstab_file)
{
int i = 0;
int encrypted = 0;
int ret = -1;
int mret;
struct fstab_rec *fstab = 0;
if (!(fstab = read_fstab(fstab_file))) {
return ret;
}
for (i = 0; fstab[i].blk_dev; i++) {
if (fstab[i].fs_mgr_flags & MF_WAIT) {
wait_for_file(fstab[i].blk_dev, WAIT_TIMEOUT);
}
if (fstab[i].fs_mgr_flags & MF_CHECK) {
check_fs(fstab[i].blk_dev, fstab[i].type, fstab[i].mnt_point);
}
mret = mount(fstab[i].blk_dev, fstab[i].mnt_point, fstab[i].type,
fstab[i].flags, fstab[i].fs_options);
if (!mret) {
/* Success! Go get the next one */
continue;
}
/* mount(2) returned an error, check if it's encrypted and deal with it */
if ((fstab[i].fs_mgr_flags & MF_CRYPT) && !partition_wiped(fstab[i].blk_dev)) {
/* Need to mount a tmpfs at this mountpoint for now, and set
* properties that vold will query later for decrypting
*/
if (mount("tmpfs", fstab[i].mnt_point, "tmpfs",
MS_NOATIME | MS_NOSUID | MS_NODEV, CRYPTO_TMPFS_OPTIONS) < 0) {
ERROR("Cannot mount tmpfs filesystem for encrypted fs at %s\n",
fstab[i].mnt_point);
goto out;
}
encrypted = 1;
} else {
ERROR("Cannot mount filesystem on %s at %s\n",
fstab[i].blk_dev, fstab[i].mnt_point);
goto out;
}
}
if (encrypted) {
ret = 1;
} else {
ret = 0;
}
out:
free_fstab(fstab);
return ret;
}
/* mount <type> <device> <path> <flags ...> <options> */
int do_mount(int nargs, char **args)
{
char tmp[64];
char *source, *target, *system;
char *options = NULL;
unsigned flags = 0;
int n, i;
int wait = 0;
for (n = 4; n < nargs; n++) {
for (i = 0; mount_flags[i].name; i++) {
if (!strcmp(args[n], mount_flags[i].name)) {
flags |= mount_flags[i].flag;
break;
}
}
if (!mount_flags[i].name) {
if (!strcmp(args[n], "wait"))
wait = 1;
/* if our last argument isn't a flag, wolf it up as an option string */
else if (n + 1 == nargs)
options = args[n];
}
}
system = args[1];
source = args[2];
target = args[3];
if (!strncmp(source, "mtd@", 4)) {
n = mtd_name_to_number(source + 4);
if (n < 0) {
return -1;
}
sprintf(tmp, "/dev/block/mtdblock%d", n);
if (wait)
wait_for_file(tmp, COMMAND_RETRY_TIMEOUT);
if (mount(tmp, target, system, flags, options) < 0) {
return -1;
}
goto exit_success;
} else if (!strncmp(source, "loop@", 5)) {
int mode, loop, fd;
struct loop_info info;
mode = (flags & MS_RDONLY) ? O_RDONLY : O_RDWR;
fd = open(source + 5, mode);
if (fd < 0) {
return -1;
}
for (n = 0; ; n++) {
sprintf(tmp, "/dev/block/loop%d", n);
loop = open(tmp, mode);
if (loop < 0) {
return -1;
}
/* if it is a blank loop device */
if (ioctl(loop, LOOP_GET_STATUS, &info) < 0 && errno == ENXIO) {
/* if it becomes our loop device */
if (ioctl(loop, LOOP_SET_FD, fd) >= 0) {
close(fd);
if (mount(tmp, target, system, flags, options) < 0) {
ioctl(loop, LOOP_CLR_FD, 0);
close(loop);
return -1;
}
close(loop);
goto exit_success;
}
}
close(loop);
}
close(fd);
ERROR("out of loopback devices");
return -1;
} else {
if (wait)
wait_for_file(source, COMMAND_RETRY_TIMEOUT);
if (mount(source, target, system, flags, options) < 0) {
/* If this fails, it may be an encrypted filesystem
* or it could just be wiped. If wiped, that will be
* handled later in the boot process.
* We only support encrypting /data. Check
* if we're trying to mount it, and if so,
* assume it's encrypted, mount a tmpfs instead.
* Then save the orig mount parms in properties
* for vold to query when it mounts the real
* encrypted /data.
*/
if (!strcmp(target, DATA_MNT_POINT) && !partition_wiped(source)) {
const char *tmpfs_options;
tmpfs_options = property_get("ro.crypto.tmpfs_options");
if (mount("tmpfs", target, "tmpfs", MS_NOATIME | MS_NOSUID | MS_NODEV,
tmpfs_options) < 0) {
return -1;
}
/* Set the property that triggers the framework to do a minimal
* startup and ask the user for a password
*/
property_set("ro.crypto.state", "encrypted");
property_set("vold.decrypt", "1");
} else {
return -1;
}
}
if (!strcmp(target, DATA_MNT_POINT)) {
char fs_flags[32];
/* Save the original mount options */
property_set("ro.crypto.fs_type", system);
property_set("ro.crypto.fs_real_blkdev", source);
property_set("ro.crypto.fs_mnt_point", target);
if (options) {
property_set("ro.crypto.fs_options", options);
}
snprintf(fs_flags, sizeof(fs_flags), "0x%8.8x", flags);
property_set("ro.crypto.fs_flags", fs_flags);
}
}
exit_success:
/* If not running encrypted, then set the property saying we are
* unencrypted, and also trigger the action for a nonencrypted system.
*/
if (!strcmp(target, DATA_MNT_POINT)) {
const char *prop;
prop = property_get("ro.crypto.state");
if (! prop) {
prop = "notset";
}
if (strcmp(prop, "encrypted")) {
property_set("ro.crypto.state", "unencrypted");
action_for_each_trigger("nonencrypted", action_add_queue_tail);
}
}
return 0;
}
/* When multiple fstab records share the same mount_point, it will
* try to mount each one in turn, and ignore any duplicates after a
* first successful mount.
* Returns -1 on error, and FS_MGR_MNTALL_* otherwise.
*/
int fs_mgr_mount_all(struct fstab *fstab)
{
int i = 0;
int encryptable = FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
int error_count = 0;
int mret = -1;
int mount_errno = 0;
int attempted_idx = -1;
if (!fstab) {
return -1;
}
for (i = 0; i < fstab->num_entries; i++) {
/* Don't mount entries that are managed by vold */
if (fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) {
continue;
}
/* Skip swap and raw partition entries such as boot, recovery, etc */
if (!strcmp(fstab->recs[i].fs_type, "swap") ||
!strcmp(fstab->recs[i].fs_type, "emmc") ||
!strcmp(fstab->recs[i].fs_type, "mtd")) {
continue;
}
ERROR("[xiaolei] : blk device name %s\n", fstab->recs[i].blk_device);
#ifdef MTK_UBIFS_SUPPORT
if (!strcmp(fstab->recs[i].fs_type, "ubifs")) {
char tmp[80];
int n = ubi_attach_mtd(fstab->recs[i].blk_device + 5);
if (n < 0) {
return -1;
}
n = sprintf(tmp, "/dev/ubi%d_0", n);
free(fstab->recs[i].blk_device);
fstab->recs[i].blk_device = malloc(n+1);
sprintf(fstab->recs[i].blk_device, "%s", tmp);
ERROR("debug : ubifs blk_device %s", fstab->recs[i].blk_device);
}
#endif
if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
}
if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) &&
!device_is_debuggable()) {
if (fs_mgr_setup_verity(&fstab->recs[i]) < 0) {
ERROR("Could not set up verified partition, skipping!\n");
continue;
}
}
int last_idx_inspected;
mret = mount_with_alternatives(fstab, i, &last_idx_inspected, &attempted_idx, encryptable);
i = last_idx_inspected;
mount_errno = errno;
/* Deal with encryptability. */
if (!mret) {
/* If this is encryptable, need to trigger encryption */
if ((fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)) {
if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
} else {
ERROR("Only one encryptable/encrypted partition supported\n");
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
}
} else {
INFO("Could not umount %s - allow continue unencrypted\n",
fstab->recs[attempted_idx].mount_point);
continue;
}
}
/* Success! Go get the next one */
continue;
}
/* mount(2) returned an error, check if it's encryptable and deal with it */
if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
if(partition_wiped(fstab->recs[attempted_idx].blk_device)) {
ERROR("%s(): %s is wiped and %s %s is encryptable. Suggest recovery...\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
continue;
} else {
/* Need to mount a tmpfs at this mountpoint for now, and set
* properties that vold will query later for decrypting
*/
ERROR("%s(): possibly an encryptable blkdev %s for mount %s type %s )\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
if (fs_mgr_do_tmpfs_mount(fstab->recs[attempted_idx].mount_point) < 0) {
++error_count;
continue;
}
}
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
} else {
ERROR("Failed to mount an un-encryptable or wiped partition on"
"%s at %s options: %s error: %s\n",
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
++error_count;
continue;
}
}
if (error_count) {
return -1;
} else {
return encryptable;
}
}
int fs_mgr_mount_all(struct fstab *fstab)
{
int i = 0;
int encrypted = 0;
int ret = -1;
int mret;
if (!fstab) {
return ret;
}
for (i = 0; i < fstab->num_entries; i++) {
/* Don't mount entries that are managed by vold */
if (fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) {
continue;
}
/* Skip raw partition entries such as boot, recovery, etc */
if (!strcmp(fstab->recs[i].fs_type, "emmc") ||
!strcmp(fstab->recs[i].fs_type, "mtd")) {
continue;
}
if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
}
if (fstab->recs[i].fs_mgr_flags & MF_CHECK) {
check_fs(fstab->recs[i].blk_device, fstab->recs[i].fs_type,
fstab->recs[i].mount_point);
}
mret = mount(fstab->recs[i].blk_device, fstab->recs[i].mount_point,
fstab->recs[i].fs_type, fstab->recs[i].flags,
fstab->recs[i].fs_options);
if (!mret) {
/* Success! Go get the next one */
continue;
}
/* mount(2) returned an error, check if it's encrypted and deal with it */
if ((fstab->recs[i].fs_mgr_flags & MF_CRYPT) &&
!partition_wiped(fstab->recs[i].blk_device)) {
/* Need to mount a tmpfs at this mountpoint for now, and set
* properties that vold will query later for decrypting
*/
if (mount("tmpfs", fstab->recs[i].mount_point, "tmpfs",
MS_NOATIME | MS_NOSUID | MS_NODEV, CRYPTO_TMPFS_OPTIONS) < 0) {
ERROR("Cannot mount tmpfs filesystem for encrypted fs at %s\n",
fstab->recs[i].mount_point);
goto out;
}
encrypted = 1;
} else {
ERROR("Cannot mount filesystem on %s at %s\n",
fstab->recs[i].blk_device, fstab->recs[i].mount_point);
goto out;
}
}
if (encrypted) {
ret = 1;
} else {
ret = 0;
}
out:
return ret;
}
/* When multiple fstab records share the same mount_point, it will
* try to mount each one in turn, and ignore any duplicates after a
* first successful mount.
* Returns -1 on error, and FS_MGR_MNTALL_* otherwise.
*/
int fs_mgr_mount_all(struct fstab *fstab, int mount_mode)
{
int i = 0;
int encryptable = FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE;
int error_count = 0;
int mret = -1;
int mount_errno = 0;
int attempted_idx = -1;
if (!fstab) {
return -1;
}
for (i = 0; i < fstab->num_entries; i++) {
/* Don't mount entries that are managed by vold or not for the mount mode*/
if ((fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) ||
((mount_mode == MOUNT_MODE_LATE) && !fs_mgr_is_latemount(&fstab->recs[i])) ||
((mount_mode == MOUNT_MODE_EARLY) && fs_mgr_is_latemount(&fstab->recs[i]))) {
continue;
}
/* Skip swap and raw partition entries such as boot, recovery, etc */
if (!strcmp(fstab->recs[i].fs_type, "swap") ||
!strcmp(fstab->recs[i].fs_type, "emmc") ||
!strcmp(fstab->recs[i].fs_type, "mtd")) {
continue;
}
/* Skip mounting the root partition, as it will already have been mounted */
if (!strcmp(fstab->recs[i].mount_point, "/")) {
if ((fstab->recs[i].fs_mgr_flags & MS_RDONLY) != 0) {
fs_mgr_set_blk_ro(fstab->recs[i].blk_device);
}
continue;
}
/* Translate LABEL= file system labels into block devices */
if (!strcmp(fstab->recs[i].fs_type, "ext2") ||
!strcmp(fstab->recs[i].fs_type, "ext3") ||
!strcmp(fstab->recs[i].fs_type, "ext4")) {
int tret = translate_ext_labels(&fstab->recs[i]);
if (tret < 0) {
ERROR("Could not translate label to block device\n");
continue;
}
}
if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
}
if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
int rc = fs_mgr_setup_verity(&fstab->recs[i]);
if (__android_log_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
INFO("Verity disabled");
} else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
ERROR("Could not set up verified partition, skipping!\n");
continue;
}
}
int last_idx_inspected;
int top_idx = i;
mret = mount_with_alternatives(fstab, i, &last_idx_inspected, &attempted_idx);
i = last_idx_inspected;
mount_errno = errno;
/* Deal with encryptability. */
if (!mret) {
int status = handle_encryptable(&fstab->recs[attempted_idx]);
if (status == FS_MGR_MNTALL_FAIL) {
/* Fatal error - no point continuing */
return status;
}
if (status != FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) {
if (encryptable != FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) {
// Log and continue
ERROR("Only one encryptable/encrypted partition supported\n");
}
encryptable = status;
}
/* Success! Go get the next one */
continue;
}
/* mount(2) returned an error, handle the encryptable/formattable case */
bool wiped = partition_wiped(fstab->recs[top_idx].blk_device);
bool crypt_footer = false;
if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
fs_mgr_is_formattable(&fstab->recs[top_idx]) && wiped) {
/* top_idx and attempted_idx point at the same partition, but sometimes
* at two different lines in the fstab. Use the top one for formatting
* as that is the preferred one.
*/
ERROR("%s(): %s is wiped and %s %s is formattable. Format it.\n", __func__,
fstab->recs[top_idx].blk_device, fstab->recs[top_idx].mount_point,
fstab->recs[top_idx].fs_type);
if (fs_mgr_is_encryptable(&fstab->recs[top_idx]) &&
strcmp(fstab->recs[top_idx].key_loc, KEY_IN_FOOTER)) {
int fd = open(fstab->recs[top_idx].key_loc, O_WRONLY);
if (fd >= 0) {
INFO("%s(): also wipe %s\n", __func__, fstab->recs[top_idx].key_loc);
wipe_block_device(fd, get_file_size(fd));
close(fd);
} else {
ERROR("%s(): %s wouldn't open (%s)\n", __func__,
fstab->recs[top_idx].key_loc, strerror(errno));
}
} else if (fs_mgr_is_encryptable(&fstab->recs[top_idx]) &&
!strcmp(fstab->recs[top_idx].key_loc, KEY_IN_FOOTER)) {
crypt_footer = true;
}
if (fs_mgr_do_format(&fstab->recs[top_idx], crypt_footer) == 0) {
/* Let's replay the mount actions. */
i = top_idx - 1;
continue;
} else {
ERROR("%s(): Format failed. Suggest recovery...\n", __func__);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
continue;
}
}
if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
if (wiped) {
ERROR("%s(): %s is wiped and %s %s is encryptable. Suggest recovery...\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
continue;
} else {
/* Need to mount a tmpfs at this mountpoint for now, and set
* properties that vold will query later for decrypting
*/
ERROR("%s(): possibly an encryptable blkdev %s for mount %s type %s )\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
if (fs_mgr_do_tmpfs_mount(fstab->recs[attempted_idx].mount_point) < 0) {
++error_count;
continue;
}
}
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
} else {
if (fs_mgr_is_nofail(&fstab->recs[attempted_idx])) {
ERROR("Ignoring failure to mount an un-encryptable or wiped partition on"
"%s at %s options: %s error: %s\n",
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
} else {
ERROR("Failed to mount an un-encryptable or wiped partition on"
"%s at %s options: %s error: %s\n",
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
++error_count;
}
continue;
}
}
if (error_count) {
return -1;
} else {
return encryptable;
}
}
/* When multiple fstab records share the same mount_point, it will
* try to mount each one in turn, and ignore any duplicates after a
* first successful mount.
* Returns -1 on error, and FS_MGR_MNTALL_* otherwise.
*/
int fs_mgr_mount_all(struct fstab *fstab)
{
int i = 0;
int encryptable = FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
int error_count = 0;
int mret = -1;
int mount_errno = 0;
int attempted_idx = -1;
if (!fstab) {
return -1;
}
for (i = 0; i < fstab->num_entries; i++) {
/* Don't mount entries that are managed by vold */
if (fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) {
continue;
}
/* Skip swap and raw partition entries such as boot, recovery, etc */
if (!strcmp(fstab->recs[i].fs_type, "swap") ||
!strcmp(fstab->recs[i].fs_type, "emmc") ||
!strcmp(fstab->recs[i].fs_type, "mtd")) {
continue;
}
/* Translate LABEL= file system labels into block devices */
if (!strcmp(fstab->recs[i].fs_type, "ext2") ||
!strcmp(fstab->recs[i].fs_type, "ext3") ||
!strcmp(fstab->recs[i].fs_type, "ext4")) {
int tret = translate_ext_labels(&fstab->recs[i]);
if (tret < 0) {
ERROR("Could not translate label to block device\n");
continue;
}
}
if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
}
if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
int rc = fs_mgr_setup_verity(&fstab->recs[i]);
if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
INFO("Verity disabled");
} else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
ERROR("Could not set up verified partition, skipping!\n");
continue;
}
}
int last_idx_inspected;
mret = mount_with_alternatives(fstab, i, &last_idx_inspected, &attempted_idx);
i = last_idx_inspected;
mount_errno = errno;
/* Deal with encryptability. */
if (!mret) {
int status = handle_encryptable(fstab, &fstab->recs[attempted_idx]);
if (status == FS_MGR_MNTALL_FAIL) {
/* Fatal error - no point continuing */
return status;
}
if (status != FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
if (encryptable != FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
// Log and continue
ERROR("Only one encryptable/encrypted partition supported\n");
}
encryptable = status;
}
/* Success! Go get the next one */
continue;
}
/* mount(2) returned an error, check if it's encryptable and deal with it */
if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
if(partition_wiped(fstab->recs[attempted_idx].blk_device)) {
ERROR("%s(): %s is wiped and %s %s is encryptable. Suggest recovery...\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
continue;
} else {
/* Need to mount a tmpfs at this mountpoint for now, and set
* properties that vold will query later for decrypting
*/
ERROR("%s(): possibly an encryptable blkdev %s for mount %s type %s )\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
if (fs_mgr_do_tmpfs_mount(fstab->recs[attempted_idx].mount_point) < 0) {
++error_count;
continue;
}
}
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
} else {
ERROR("Failed to mount an un-encryptable or wiped partition on"
"%s at %s options: %s error: %s\n",
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
++error_count;
continue;
}
}
if (error_count) {
return -1;
} else {
return encryptable;
}
}
/* When multiple fstab records share the same mount_point, it will
* try to mount each one in turn, and ignore any duplicates after a
* first successful mount.
* Returns -1 on error, and FS_MGR_MNTALL_* otherwise.
*/
int fs_mgr_mount_all(struct fstab *fstab)
{
int i = 0;
int encryptable = FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
int error_count = 0;
int mret = -1;
int mount_errno = 0;
int attempted_idx = -1;
if (!fstab) {
return -1;
}
for (i = 0; i < fstab->num_entries; i++) {
/* Don't mount entries that are managed by vold */
if (fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) {
continue;
}
/* Skip swap and raw partition entries such as boot, recovery, etc */
if (!strcmp(fstab->recs[i].fs_type, "swap") ||
!strcmp(fstab->recs[i].fs_type, "emmc") ||
!strcmp(fstab->recs[i].fs_type, "mtd")) {
continue;
}
if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
}
if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
int rc = fs_mgr_setup_verity(&fstab->recs[i]);
if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
INFO("Verity disabled");
} else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
ERROR("Could not set up verified partition, skipping!\n");
continue;
}
}
int last_idx_inspected;
int top_idx = i;
mret = mount_with_alternatives(fstab, i, &last_idx_inspected, &attempted_idx);
i = last_idx_inspected;
mount_errno = errno;
/* Deal with encryptability. */
if (!mret) {
/* If this is encryptable, need to trigger encryption */
if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)
|| (device_is_force_encrypted()
&& fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
} else {
ERROR("Only one encryptable/encrypted partition supported\n");
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
}
} else {
INFO("Could not umount %s - allow continue unencrypted\n",
fstab->recs[attempted_idx].mount_point);
continue;
}
}
/* Success! Go get the next one */
continue;
}
/* mount(2) returned an error, handle the encryptable/formattable case */
bool wiped = partition_wiped(fstab->recs[top_idx].blk_device);
if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
fs_mgr_is_formattable(&fstab->recs[top_idx]) && wiped) {
/* top_idx and attempted_idx point at the same partition, but sometimes
* at two different lines in the fstab. Use the top one for formatting
* as that is the preferred one.
*/
ERROR("%s(): %s is wiped and %s %s is formattable. Format it.\n", __func__,
fstab->recs[top_idx].blk_device, fstab->recs[top_idx].mount_point,
fstab->recs[top_idx].fs_type);
if (fs_mgr_is_encryptable(&fstab->recs[top_idx]) &&
strcmp(fstab->recs[top_idx].key_loc, KEY_IN_FOOTER)) {
int fd = open(fstab->recs[top_idx].key_loc, O_WRONLY, 0644);
if (fd >= 0) {
INFO("%s(): also wipe %s\n", __func__, fstab->recs[top_idx].key_loc);
wipe_block_device(fd, get_file_size(fd));
close(fd);
} else {
ERROR("%s(): %s wouldn't open (%s)\n", __func__,
fstab->recs[top_idx].key_loc, strerror(errno));
}
}
if (fs_mgr_do_format(&fstab->recs[top_idx]) == 0) {
/* Let's replay the mount actions. */
i = top_idx - 1;
continue;
}
}
if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
if (wiped) {
ERROR("%s(): %s is wiped and %s %s is encryptable. Suggest recovery...\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
continue;
} else {
/* Need to mount a tmpfs at this mountpoint for now, and set
* properties that vold will query later for decrypting
*/
ERROR("%s(): possibly an encryptable blkdev %s for mount %s type %s )\n", __func__,
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_type);
if (fs_mgr_do_tmpfs_mount(fstab->recs[attempted_idx].mount_point) < 0) {
++error_count;
continue;
}
}
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
} else {
ERROR("Failed to mount an un-encryptable or wiped partition on"
"%s at %s options: %s error: %s\n",
fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
++error_count;
continue;
}
}
if (error_count) {
return -1;
} else {
return encryptable;
}
}
static void check_fs(char *blk_device, char *fs_type, char *target, bool force_format, char *key_loc, bool is_crypttable)
{
int status;
int ret;
long tmpmnt_flags = MS_NOATIME | MS_NOEXEC | MS_NOSUID;
char *tmpmnt_opts = "nomblk_io_submit,errors=remount-ro";
char *e2fsck_argv[] = {
E2FSCK_BIN,
"-y",
blk_device
};
//reserve 1M for crypted partintion key
off64_t key_loc_reserve=1048576;
//partintion key is saved in 32768 before SEEK_END
off64_t key_loc_pos_to_end=-32768;
/* Check for the types of filesystems we know how to check */
if (!strcmp(fs_type, "ext2") || !strcmp(fs_type, "ext3") || !strcmp(fs_type, "ext4")) {
/*
* First try to mount and unmount the filesystem. We do this because
* the kernel is more efficient than e2fsck in running the journal and
* processing orphaned inodes, and on at least one device with a
* performance issue in the emmc firmware, it can take e2fsck 2.5 minutes
* to do what the kernel does in about a second.
*
* After mounting and unmounting the filesystem, run e2fsck, and if an
* error is recorded in the filesystem superblock, e2fsck will do a full
* check. Otherwise, it does nothing. If the kernel cannot mount the
* filesytsem due to an error, e2fsck is still run to do a full check
* fix the filesystem.
*/
ret = mount(blk_device, target, fs_type, tmpmnt_flags, tmpmnt_opts);
if (! ret) {
umount(target);
}else{
if (key_loc!=NULL && is_crypttable && !partition_wiped(blk_device))
{
bool is_crypted=true;
char magicBuf[4]= {0};
int databk=open(key_loc, O_RDONLY);
if (databk<0)
is_crypted=false;
if (is_crypted && lseek64(databk,key_loc_pos_to_end,SEEK_END)<0)
is_crypted=false;
if (is_crypted && read(databk,magicBuf,4)<4)
is_crypted=false;
close(databk);
if (is_crypted && magicBuf[0]==0xC4 && magicBuf[1]==0xB1 && magicBuf[2]==0xB5 && magicBuf[3]==0xD0)
{
// is cryptted
INFO("%s is crypted\n", blk_device);
goto out;
}
else
setup_ext4(blk_device,0);
}
else if (key_loc!=NULL && !strcmp(key_loc,blk_device))
{
setup_ext4(blk_device,key_loc_reserve);
}
else if (force_format)
{
setup_ext4(blk_device,0);
}
}
INFO("Running %s on %s\n", E2FSCK_BIN, blk_device);
ret = android_fork_execvp_ext(ARRAY_SIZE(e2fsck_argv), e2fsck_argv,
&status, true, LOG_KLOG | LOG_FILE,
true, FSCK_LOG_FILE);
if (ret < 0) {
/* No need to check for error in fork, we can't really handle it now */
ERROR("Failed trying to run %s\n", E2FSCK_BIN);
}
}
out:
return;
}
/* mount <type> <device> <path> <flags ...> <options> */
int do_mount(int nargs, char **args)
{
char tmp[64];
char *source, *target, *type;
char *options = NULL;
unsigned flags = 0;
int n, i;
int wait = 0;
//add for power loss test
struct stat stbuf;
for (n = 4; n < nargs; n++) {
for (i = 0; mount_flags[i].name; i++) {
if (!strcmp(args[n], mount_flags[i].name)) {
flags |= mount_flags[i].flag;
break;
}
}
if (!mount_flags[i].name) {
if (!strcmp(args[n], "wait"))
wait = 1;
/* if our last argument isn't a flag, wolf it up as an option string */
else if (n + 1 == nargs)
options = args[n];
}
}
type = args[1];
source = args[2];
target = args[3];
if (!strncmp(source, "mtd@", 4)) {
n = mtd_name_to_number(source + 4);
if (n < 0) {
return -1;
}
sprintf(tmp, "/dev/block/mtdblock%d", n);
if (wait)
wait_for_file(tmp, COMMAND_RETRY_TIMEOUT);
if (mount(tmp, target, type, flags, options) < 0) {
return -1;
}
goto exit_success;
} else if (!strncmp(source, "loop@", 5)) {
int mode, loop, fd;
struct loop_info info;
mode = (flags & MS_RDONLY) ? O_RDONLY : O_RDWR;
fd = open(source + 5, mode);
if (fd < 0) {
return -1;
}
for (n = 0; ; n++) {
sprintf(tmp, "/dev/block/loop%d", n);
loop = open(tmp, mode);
if (loop < 0) {
return -1;
}
/* if it is a blank loop device */
if (ioctl(loop, LOOP_GET_STATUS, &info) < 0 && errno == ENXIO) {
/* if it becomes our loop device */
if (ioctl(loop, LOOP_SET_FD, fd) >= 0) {
close(fd);
if (mount(tmp, target, type, flags, options) < 0) {
ioctl(loop, LOOP_CLR_FD, 0);
close(loop);
return -1;
}
close(loop);
goto exit_success;
}
}
close(loop);
}
close(fd);
ERROR("out of loopback devices");
return -1;
} else {
#ifdef MTK_EMMC_SUPPORT
struct phone_encrypt_state ps;
if (!strcmp(target, DATA_MNT_POINT)) {
if (misc_get_phone_encrypt_state(&ps) < 0) {
printf("Failed to get encrypted status in MISC\n");
}
else {
printf("Success: get encrypted status: 0x%x in MISC\n", ps.state);
}
}
#endif
if (wait)
wait_for_file(source, COMMAND_RETRY_TIMEOUT);
if (mount(source, target, type, flags, options) < 0) {
/* If this fails, it may be an encrypted filesystem
* or it could just be wiped. If wiped, that will be
* handled later in the boot process.
* We only support encrypting /data. Check
* if we're trying to mount it, and if so,
* assume it's encrypted, mount a tmpfs instead.
* Then save the orig mount parms in properties
* for vold to query when it mounts the real
* encrypted /data.
*/
if (!strcmp(target, DATA_MNT_POINT)) {
int fd;
if ((fd = open(source, O_RDONLY)) < 0) {
printf("Mount /data fail because source(%s) doesn't exist.", source);
return -1;
}
}
if (!strcmp(target, DATA_MNT_POINT) && !partition_wiped(source)) {
const char *tmpfs_options;
tmpfs_options = property_get("ro.crypto.tmpfs_options");
if (mount("tmpfs", target, "tmpfs", MS_NOATIME | MS_NOSUID | MS_NODEV,
tmpfs_options) < 0) {
return -1;
}
/* Set the property that triggers the framework to do a minimal
* startup and ask the user for a password
*/
property_set("ro.crypto.state", "encrypted");
property_set("vold.decrypt", "1");
} else {
return -1;
}
}
#ifdef MTK_EMMC_SUPPORT
else {
if (!strcmp(target, DATA_MNT_POINT)) {
if (ps.state == PHONE_ENCRYPTED) {
ps.state = PHONE_UNCRYPTED;
if (misc_set_phone_encrypt_state(&ps) < 0) {
printf("Failed to set encrypted status to 0x%x in MISC\n", ps.state);
}
else {
printf("Success: Set encrypted status to 0x%x in MISC\n", ps.state);
}
}
}
}
#endif
if (!strcmp(target, DATA_MNT_POINT)) {
char fs_flags[32];
/* Save the original mount options */
property_set("ro.crypto.fs_type", type);
property_set("ro.crypto.fs_real_blkdev", source);
property_set("ro.crypto.fs_mnt_point", target);
if (options) {
property_set("ro.crypto.fs_options", options);
}
snprintf(fs_flags, sizeof(fs_flags), "0x%8.8x", flags);
property_set("ro.crypto.fs_flags", fs_flags);
}
if (!strncmp(type, "ext4", 4)){
if (!strncmp(target, "/data", 5)){
printf("delete lost-found in data dir\n");
system("/system/bin/rm -r /data/lost+found/*");
if (stat("/data/data", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/data file\n");
system("/system/bin/rm -r /data/data");
}
if (stat("/data/system", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/system file\n");
system("/system/bin/rm -r /data/system");
}
if (stat("/data/misc", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/misc file\n");
system("/system/bin/rm -r /data/misc");
}
if (stat("/data/local", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/local file\n");
system("/system/bin/rm -r /data/local");
}
if (stat("/data/app-private", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/app-private file\n");
system("/system/bin/rm -r /data/app-private");
}
if (stat("/data/dalvik-cache", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/dalvik-cache file\n");
system("/system/bin/rm -r /data/dalvik-cache");
}
if (stat("/data/property", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/property file\n");
system("/system/bin/rm -r /data/property");
}
if (stat("/data/mvg_root", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/mvg_root file\n");
system("/system/bin/rm -r /data/mvg_root");
}
if (stat("/data/anr", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/anr file\n");
system("/system/bin/rm -r /data/anr");
}
if (stat("/data/app", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/app file\n");
system("/system/bin/rm -r /data/app");
}
if (stat("/data/nvram", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/nvram file\n");
system("/system/bin/rm -r /data/nvram");
}
if (stat("/data/secure", &stbuf) < 0){
printf("stat syscall fail\n");
}
if (S_ISREG(stbuf.st_mode)){
printf("delete /data/secure file\n");
system("/system/bin/rm -r /data/secure");
}
}
if (!strncmp(target, "/cache", 6)){
printf("delete lost-found in cache dir\n");
system("/system/bin/rm -r /cache/lost+found/*");
}
}
}
exit_success:
/* If not running encrypted, then set the property saying we are
* unencrypted, and also trigger the action for a nonencrypted system.
*/
if (!strcmp(target, DATA_MNT_POINT)) {
const char *prop;
prop = property_get("ro.crypto.state");
if (! prop) {
prop = "notset";
}
if (strcmp(prop, "encrypted")) {
property_set("ro.crypto.state", "unencrypted");
action_for_each_trigger("nonencrypted", action_add_queue_tail);
}
}
return 0;
}