int Fat::check(const char *fsPath) { bool rw = true; if (access(FSCK_MSDOS_PATH, X_OK)) { SLOGW("Skipping fs checks\n"); return 0; } //return 0; int pass = 1; int rc = 0; do { const char *args[5]; args[0] = FSCK_MSDOS_PATH; args[1] = "-p"; args[2] = "-f"; args[3] = fsPath; args[4] = NULL; rc = logwrap(4, args, 1); switch(rc) { case 0: SLOGI("Filesystem check completed OK"); return 0; case 2: SLOGE("Filesystem check failed (not a FAT filesystem)"); errno = ENODATA; return -1; case 4: if (pass++ <= 3) { SLOGW("Filesystem modified - rechecking (pass %d)", pass); continue; } SLOGE("Failing check after too many rechecks"); errno = EIO; return -1; case 16: SLOGE("Too large SD card with too small cluster size"); errno = ENOMEM; return -1; default: SLOGE("Filesystem check failed (unknown exit code %d)", rc); errno = EIO; return -1; } } while (0); return 0; }
int Fat::format(const char *fsPath, unsigned int numSectors, bool wipe) { int fd; const char *args[11]; int rc; int status; if (wipe) { Fat::wipe(fsPath, numSectors); } args[0] = MKDOSFS_PATH; args[1] = "-F"; args[2] = "32"; args[3] = "-O"; args[4] = "android"; args[5] = "-c"; args[6] = "64"; args[7] = "-A"; if (numSectors) { char tmp[32]; snprintf(tmp, sizeof(tmp), "%u", numSectors); const char *size = tmp; args[8] = "-s"; args[9] = size; args[10] = fsPath; rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status, false, true); } else { args[8] = fsPath; rc = android_fork_execvp(9, (char **)args, &status, false, true); } if (rc != 0) { SLOGE("Filesystem format failed due to logwrap error"); errno = EIO; return -1; } if (!WIFEXITED(status)) { SLOGE("Filesystem format did not exit properly"); errno = EIO; return -1; } status = WEXITSTATUS(status); if (status == 0) { SLOGI("Filesystem formatted OK"); return 0; } else { SLOGE("Format failed (unknown exit code %d)", status); errno = EIO; return -1; } return 0; }
status_t Check(const std::string& source) { if (access(kFsckPath, X_OK)) { SLOGW("Skipping fs checks\n"); return 0; } int pass = 1; int rc = 0; do { std::vector<std::string> cmd; cmd.push_back(kFsckPath); cmd.push_back("-p"); cmd.push_back("-f"); cmd.push_back(source); // Fat devices are currently always untrusted rc = ForkExecvp(cmd, sFsckUntrustedContext); if (rc < 0) { SLOGE("Filesystem check failed due to logwrap error"); errno = EIO; return -1; } switch(rc) { case 0: SLOGI("Filesystem check completed OK"); return 0; case 2: SLOGE("Filesystem check failed (not a FAT filesystem)"); errno = ENODATA; return -1; case 4: if (pass++ <= 3) { SLOGW("Filesystem modified - rechecking (pass %d)", pass); continue; } SLOGE("Failing check after too many rechecks"); errno = EIO; return -1; case 8: SLOGE("Filesystem check failed (no filesystem)"); errno = ENODATA; return -1; default: SLOGE("Filesystem check failed (unknown exit code %d)", rc); errno = EIO; return -1; } } while (0); return 0; }
int Exfat::check(const char *fsPath) { int rc = -1; int status; if (access(EXFAT_FSCK, X_OK)) { SLOGW("Skipping fs checks, exfatfsck not found.\n"); return 0; } do { const char *args[3]; args[0] = EXFAT_FSCK; args[1] = fsPath; args[2] = NULL; rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status, false, true); switch(rc) { case 0: SLOGI("exFAT filesystem check completed OK.\n"); return 0; case 1: SLOGI("exFAT filesystem check completed, errors corrected OK.\n"); return 0; case 2: SLOGE("exFAT filesystem check completed, errors corrected, need reboot.\n"); return 0; case 4: SLOGE("exFAT filesystem errors left uncorrected.\n"); return 0; case 8: SLOGE("exfatfsck operational error.\n"); errno = EIO; return -1; default: SLOGE("exFAT filesystem check failed (unknown exit code %d).\n", rc); errno = EIO; return -1; } } while (0); return 0; }
int main() { SLOGI("usb 3g monitor v0.1 start"); uevent_init(); coldboot("/sys/devices"); uevent_next_event(on_uevent); return 0; }
bool Fat::isFat32(int dosfs) { struct bootblock boot; if (!readboot(dosfs, &boot)) { return boot.flags & FAT32; } else { SLOGI("Not valid BPB. return NOT FAT32."); return false; } }
void sigCld(int sig) { pid_t pid = (pid_t)0; int status; SLOGI("===>%s:signal received, %u, sPid = %d", __FUNCTION__, sig, sPid); if (sPid > 0) { pid = waitpid(sPid, NULL, 0); sPid = 0; } }
int read_vid_pid(char * path) { int fd,size; char usb_path[0x60] = {0}; memset(usb_vid,0,sizeof(usb_vid)); memset(usb_pid,0,sizeof(usb_pid)); //read Vid memset(usb_path,0,0x60); strcat(usb_path,path); strcat(usb_path,"/idVendor"); fd=open(usb_path,O_RDONLY); size=read(fd,usb_vid,sizeof(usb_vid)); close(fd); SLOGI("VID :size %d,vid_path '%s',VID '%s'.\n",size,usb_path,usb_vid); if(size<=0) { SLOGE("Vid :err\n"); return -1; } //最后一个字符是换行符号,需要去掉 usb_vid[size-1] = 0; //read Pid memset(usb_path,0,0x60); strcat(usb_path,path); strcat(usb_path,"/idProduct"); fd=open(usb_path,O_RDONLY); size=read(fd,usb_pid,sizeof(usb_pid)); close(fd); SLOGI("PID :size %d,Pid_path '%s',PID '%s'.\n",size,usb_path,usb_pid); if(size<=0) { SLOGE("Pid :err\n"); return -1; } //最后一个字符是换行符号,需要去掉 usb_pid[size-1] = 0; return 0; }
int should_use_keymaster() { /* HW FDE key would be tied to keymaster only if: * New Keymaster is available * keymaster partition exists on the device */ int rc = 0; if (get_keymaster_version() != KEYMASTER_MODULE_API_VERSION_1_0) { SLOGI("Keymaster version is not 1.0"); return rc; } if (access(KEYMASTER_PARTITION_NAME, F_OK) == -1) { SLOGI("Keymaster partition does not exists"); return rc; } return 1; }
int Volume::formatVol() { if (getState() == Volume::State_NoMedia) { errno = ENODEV; return -1; } else if (getState() != Volume::State_Idle) { errno = EBUSY; return -1; } if (isMountpointMounted(getMountpoint())) { SLOGW("Volume is idle but appears to be mounted - fixing"); setState(Volume::State_Mounted); // mCurrentlyMountedKdev = XXX errno = EBUSY; return -1; } bool formatEntireDevice = (mPartIdx == -1); char devicePath[255]; dev_t diskNode = getDiskDevice(); dev_t partNode = MKDEV(MAJOR(diskNode), (formatEntireDevice ? 1 : mPartIdx)); setState(Volume::State_Formatting); int ret = -1; // Only initialize the MBR if we are formatting the entire device if (formatEntireDevice) { sprintf(devicePath, "/dev/block/vold/%d:%d", MAJOR(diskNode), MINOR(diskNode)); if (initializeMbr(devicePath)) { SLOGE("Failed to initialize MBR (%s)", strerror(errno)); goto err; } } sprintf(devicePath, "/dev/block/vold/%d:%d", MAJOR(partNode), MINOR(partNode)); if (mDebug) { SLOGI("Formatting volume %s (%s)", getLabel(), devicePath); } if (Fat::format(devicePath, 0)) { SLOGE("Failed to format (%s)", strerror(errno)); goto err; } ret = 0; err: setState(Volume::State_Idle); return ret; }
int main(void) { /* Library initialization. Must be called only once. */ SLOG_Init(SLOG_STDERR, "example02-log.txt"); /* Setting log levels: all messages to console and all to the file. * Default settings are: all messages to file and >= INFO to console. */ SLOG_SetLevel(SLOG_DEBUG, SLOG_DEBUG); SLOGD(TAG, "debug message"); SLOGI(TAG, "info"); SLOGW(TAG, "warning"); SLOGE(TAG, "error"); SLOGI(TAG, "formatted message (%d, %s)", 123, "bar"); /* Library deinitialization. */ SLOG_Deinit(); return 0; }
/* 0 means to disable 'default encryption' 1 means to enable 'default encryption' others(ex, 'F') means Failure that no such cfg or something wrong */ int get_encrypt_cfg_status() { char name[] = FORCE_ENCRYPT_CONFIG; char cryptfs_env_value[FORCE_ENCRYPT_CONFIG_MAX_LEN]; unsigned int value_max_len = FORCE_ENCRYPT_CONFIG_MAX_LEN; struct env_ioctl env_ioctl_obj; int env_fd; int ret=0; unsigned int name_len=strlen(name)+1; if((env_fd = open("/proc/lk_env", O_RDWR)) < 0) { SLOGE("Open env fail for read %s.\n",name); goto FAIL_RUTURN; } if(!(env_ioctl_obj.name = malloc(name_len))) { SLOGE("Allocate Memory for env name fail.\n"); goto FREE_FD; }else{ memset(env_ioctl_obj.name,0x0,name_len); } if(!(env_ioctl_obj.value = malloc(value_max_len))){ SLOGE("Allocate Memory for env value fail.\n"); goto FREE_ALLOCATE_NAME; }else{ memset(env_ioctl_obj.value,0x0,value_max_len); } env_ioctl_obj.name_len = name_len; env_ioctl_obj.value_len = value_max_len; memcpy(env_ioctl_obj.name, name, name_len); if((ret = ioctl(env_fd, ENV_READ, &env_ioctl_obj))) { SLOGE("Get env for %s check fail ret = %d, errno = %d.\n", name,ret, errno); goto FREE_ALLOCATE_VALUE; } if(env_ioctl_obj.value) { memcpy(cryptfs_env_value,env_ioctl_obj.value,env_ioctl_obj.value_len); SLOGI("%s = %s \n", env_ioctl_obj.name,env_ioctl_obj.value); } else { SLOGE("%s is not be set.\n",name); goto FREE_ALLOCATE_VALUE; } free(env_ioctl_obj.name); free(env_ioctl_obj.value); close(env_fd); return (cryptfs_env_value[0]-'0'); FREE_ALLOCATE_VALUE: free(env_ioctl_obj.value); FREE_ALLOCATE_NAME: free(env_ioctl_obj.name); FREE_FD: close(env_fd); FAIL_RUTURN: return 'F'; // means failure }
int DirectVolume::addPath(const char *path) { mPaths->push_back(strdup(path)); char *p = strstr(path, "mtk-sd.0"); if (p) { SLOGI("This is emmc storage (%s)", path); mIsEmmcStorage = true; } return 0; }
int main (int argc, char* argv[]) { int ret; if (argc != 2) { fprintf(stderr, "Usage: %s <flush-frequency-in-seconds>\n", argv[0]); ret = -1; } else { hw_module_t* module; ret = hw_get_module(MRKNLOG_HARDWARE_MODULE_ID, (hw_module_t const**)&module); if (ret == 0) { struct mrknlog_device_t *dev; ret = module->methods->open(module, 0, (struct hw_device_t **) &dev); if (ret == 0) { int frequency = atoi(argv[1]); int totalSize = dev->get_total_log_size(dev); int usedSize; int count = 1; while(runFlag) { usedSize = dev->get_used_log_size(dev); if (dev->flush_log(dev) == 0) { SLOGI("Flushed log (%d, %d of %d bytes). Waiting %d seconds before the next flush.", count, usedSize, totalSize, frequency); } else { SLOGE("Failed to flush log. Bailing out"); break; } count++; sleep(frequency); } SLOGI("Done after %d iterations.", count); dev->common.close((struct hw_device_t *)dev); } else { fprintf(stderr, "Failed to open device: %d", ret); ret = -2; } } else { fprintf(stderr, "Failed to get module: %s", MRKNLOG_HARDWARE_MODULE_ID); ret = -3; } } return ret; }
void e4crypt_clear_password(const char* path) { SLOGI("e4crypt_clear_password"); auto i = s_key_store.find(path); if (i == s_key_store.end()) { return; } memset(&i->second.password[0], 0, i->second.password.size()); i->second.password = std::string(); }
int swapoff_main(int argc, char *argv[]) { if( argc != 2 ) { printf("swapoff dev_path\n"); return -1; } fprintf(stderr, "swapoff %s\n ", argv[1]); SLOGI("swapoff %s ", argv[1]); return swapoff(argv[1]); }
int read_vid_pid(char * path) { int fd,size; char usb_path[0x60] = {0}; memset(usb_vid,0,sizeof(usb_vid)); memset(usb_pid,0,sizeof(usb_pid)); //read Vid memset(usb_path,0,0x60); strcat(usb_path,path); strcat(usb_path,"/idVendor"); fd=open(usb_path,O_RDONLY); size=read(fd,usb_vid,sizeof(usb_vid)); usb_vid[size-1] = 0; close(fd); SLOGI("vid_path '%s',VID '%s'",usb_path,usb_vid); if(size<=0) { SLOGE("Failed to obtain device vendor id"); return -1; } memset(usb_path,0,0x60); strcat(usb_path,path); strcat(usb_path,"/idProduct"); fd=open(usb_path,O_RDONLY); size=read(fd,usb_pid,sizeof(usb_pid)); usb_pid[size-1] = 0; close(fd); SLOGI("pid_path '%s',PID '%s'",usb_path,usb_pid); if(size<=0) { SLOGE("Failed to obtain device product id"); return -1; } return 0; }
int make_key_file() { FILE* fp_key = NULL; int random_dev = -1; int i = 0; char tmp_key[1]; char key[33]; char* key_path = NULL; memset(key, 0x00, 33); key_path = get_key_file_path(); if(key_path == NULL) { SLOGE("[%s] Configuration file is not exist\n", __func__); return 0; } if((random_dev = open("/dev/urandom", O_RDONLY)) < 0) { SLOGE("[%s] Random device Open error\n", __func__); free(key_path); return 0; } while(i < 32) { read(random_dev, tmp_key, 1); if((tmp_key[0] >= '!') && (tmp_key[0] <= '~')) { key[i] = tmp_key[0]; i++; } } SLOGI("key = [%s], [%d]\n", key, strlen(key)); if(!(fp_key = fopen(key_path, "w"))) { SLOGE("[%s] Secret key file Open error, [%s]\n", __func__, key_path); free(key_path); close(random_dev); return 0; } fprintf(fp_key, "%s", key); chmod(key_path, 0600); free(key_path); fclose(fp_key); close(random_dev); return 1; }
static int keymaster_init(keymaster0_device_t **keymaster0_dev, keymaster1_device_t **keymaster1_dev) { int rc; const hw_module_t* mod; rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod); if (rc) { ALOGE("could not find any keystore module"); goto err; } SLOGI("keymaster module name is %s", mod->name); SLOGI("keymaster version is %d", mod->module_api_version); *keymaster0_dev = NULL; *keymaster1_dev = NULL; if (mod->module_api_version == KEYMASTER_MODULE_API_VERSION_1_0) { SLOGI("Found keymaster1 module, using keymaster1 API."); rc = keymaster1_open(mod, keymaster1_dev); } else { SLOGI("Found keymaster0 module, using keymaster0 API."); rc = keymaster0_open(mod, keymaster0_dev); } if (rc) { ALOGE("could not open keymaster device in %s (%s)", KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc)); goto err; } return 0; err: *keymaster0_dev = NULL; *keymaster1_dev = NULL; return rc; }
int main(void) { SLOGI("[%s] Secure Storage Server Start..\n", __func__); #ifdef USE_KEY_FILE int exist_ret = -1; int make_ret = -1; #endif // USE_KEY_FILE DIR* dp = NULL; // make default directory(if not exist) if((dp = opendir(SS_STORAGE_DEFAULT_PATH)) == NULL) { SLOGI("[%s] directory [%s] is not exist, making now.\n", __func__, SS_STORAGE_DEFAULT_PATH); mkdir(SS_STORAGE_DEFAULT_PATH, 0700); } else closedir(dp); #ifdef USE_KEY_FILE exist_ret = check_key_file(); // if 0, there is not key file. Or 1, exist. if(exist_ret == 0) { make_ret = make_key_file(); if(make_ret == 0) { SLOGE("[%s] Making key file fail. ss-server will be terminated..\n", __func__); return 0; } } #endif // USE_KEY_FILE SsServerComm(); return 0; }
int main(int argc, char **argv) { int ret = 0, erg; int ch; if (argc!=2) { usage(); } if (*argv[1] !='0' && *argv[1] !='1' ) { usage(); } char state[PROPERTY_VALUE_MAX]; char decrypt[PROPERTY_VALUE_MAX]; char encryption_type [PROPERTY_VALUE_MAX]; property_get("ro.crypto.state", state, ""); property_get("vold.decrypt", decrypt, ""); property_get("vold.encryption.type", encryption_type, ""); SLOGI("ro.crypto.state=%s, vold.decrypt=%s, vold.encryption.type=%s, start/stop=%c", state, decrypt, encryption_type, *argv[1]); if(!strcmp(state, "")) { /* first boot and to encrypt-ing */ SLOGE("ccci is waiting. No need to start/stop modem"); return -1; } else if(!strcmp(state, "encrypted")){ if(!strcmp(encryption_type, "default")) { SLOGE("ccci is waiting. No need to start/stop modem"); return -1; } else { /* pin, password, pattern */ if(!strcmp(decrypt, "trigger_restart_min_framework")) { SLOGE("ccci is waiting. No need to start/stop modem"); return -1; } } } if(*argv[1] =='0') { stop_modem(); } if(*argv[1] =='1') { start_modem(); } return 0; }
bool Ext::doDir(const char * mountpoint, const char * path) { char *full_path; struct stat buffer; int rc; mode_t mode = S_IRWXU | S_IRUSR | S_IWUSR | S_IRWXG | S_IRGRP | S_IWGRP | S_IXGRP | S_IXOTH; asprintf(&full_path, "%s/%s", mountpoint, path); rc = stat(full_path, &buffer); if (rc == 0) { if (S_ISDIR(buffer.st_mode)) { /* check owner & permissions */ if (buffer.st_uid != 1000 || buffer.st_gid != 1000) if(chown(full_path, 1000, 1000) != 0) { SLOGE("Cannot set UID/GID for %s - %s", full_path, strerror(errno)); free(full_path); return false; } if (buffer.st_mode != mode) if (chmod(full_path, mode) != 0) { SLOGE("Cannot set permissions on %s - %s", full_path, strerror(errno)); free(full_path); return false; } } else { SLOGE("%s is not a dir. Retreat!", full_path); free(full_path); return false; } } else { /* This assumes that stat will fail only when full_path * doesn't exists */ SLOGI("Creating %s", full_path); if (mkdir(full_path, mode) == 0) { if (chown(full_path, 1000, 1000) != 0) { SLOGE("Cannot set UID/GID for %s - %s", full_path, strerror(errno)); free(full_path); return false; } } else { SLOGE("Cannot create dir %s - %s", full_path, strerror(errno)); free(full_path); return false; } } free(full_path); return true; }
int Volume::formatVol() { if (getState() == Volume::State_NoMedia) { errno = ENODEV; return -1; } else if (getState() != Volume::State_Idle) { errno = EBUSY; return -1; } if (isMountpointMounted(getMountpoint())) { SLOGW("Volume is idle but appears to be mounted - fixing"); setState(Volume::State_Mounted); // mCurrentlyMountedKdev = XXX errno = EBUSY; return -1; } char devicePath[255]; dev_t diskNode = getDiskDevice(); dev_t partNode = MKDEV(MAJOR(diskNode), 1); // XXX: Hmmm sprintf(devicePath, "/dev/block/vold/%d:%d", MAJOR(diskNode), MINOR(diskNode)); if (mDebug) { SLOGI("Formatting volume %s (%s)", getLabel(), devicePath); } setState(Volume::State_Formatting); if (initializeMbr(devicePath)) { SLOGE("Failed to initialize MBR (%s)", strerror(errno)); goto err; } sprintf(devicePath, "/dev/block/vold/%d:%d", MAJOR(partNode), MINOR(partNode)); if (Fat::format(devicePath, 0)) { SLOGE("Failed to format (%s)", strerror(errno)); goto err; } setState(Volume::State_Idle); return 0; err: return -1; }
int Volume::doUnmount(const char *path, bool force) { int retries = 3; int need_to_wait_count = 0; bool need_to_wait = false; bool isHotPlug = mVm->getHotPlug(); if (isHotPlug == true) { retries = 5; } SLOGD("doUnmount: %s retries = %d, isHotPlug=%d", path, retries, isHotPlug); if (mDebug) { SLOGD("Unmounting {%s}, force = %d", path, force); } while (retries--) { if (!umount(path) || errno == EINVAL || errno == ENOENT) { SLOGI("%s sucessfully unmounted", path); return 0; } int action = 0; if (force) { if (retries == 1) { action = 2; // SIGKILL } else if (retries == 2) { action = 1; // SIGHUP } } SLOGW("Failed to unmount %s (%s, retries %d, action %d)", path, strerror(errno), retries, action); Process::killProcessesWithOpenFiles(path, action); if (retries > 0) usleep(1000*1000); if(isHotPlug && (retries == 1)) usleep(1000*1000); } errno = EBUSY; SLOGE("Giving up on unmount %s (%s)", path, strerror(errno)); Process::FindProcessesWithOpenFiles(path); return -1; }
const char* e4crypt_get_password(const char* path) { SLOGI("e4crypt_get_password"); auto i = s_key_store.find(path); if (i == s_key_store.end()) { return 0; } struct timespec now; clock_gettime(CLOCK_BOOTTIME, &now); if (i->second.expiry_time < now.tv_sec) { e4crypt_clear_password(path); return 0; } return i->second.password.c_str(); }
int Ext::check(const char *fsPath) { bool rw = true; if (access(FSCK_EXT_PATH, X_OK)) { SLOGW("Skipping fs checks\n"); return 0; } int pass = 1; int rc = 0; do { const char *args[5]; args[0] = FSCK_EXT_PATH; args[1] = "-p"; args[2] = "-f"; args[3] = fsPath; args[4] = NULL; rc = logwrap(4, args, 1); switch(rc) { case 0: case 1: SLOGI("Filesystem check completed OK"); return 0; case 2: SLOGE("Filesystem check completed, system should be rebooted"); errno = ENODATA; return -1; case 4: SLOGE("Filesystem errors left uncorrected"); errno = EIO; return -1; default: SLOGE("Filesystem check failed (exit code %d)", rc); errno = EIO; return -1; } } while (0); return 0; }
int main() { pid_t pid, sid; pid = fork(); if (pid < 0) exit(EXIT_FAILURE); if (pid > 0) exit(EXIT_SUCCESS); umask(0); sid = setsid(); if (sid < 0) exit(EXIT_FAILURE); if ((chdir("/")) < 0) exit(EXIT_FAILURE); close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); NetlinkManager *nm; if (!(nm = NetlinkManager::Instance())) { SLOGE("Unable to create NetlinkManager"); exit(EXIT_FAILURE); }; if (nm->start()) { SLOGE("Unable to start NetlinkManager (%s)", strerror(errno)); exit(EXIT_FAILURE); } // Eventually we'll become the monitoring thread while(1) { sleep(1000); } SLOGI("DevListener exiting"); exit(EXIT_SUCCESS); }
/* This signs the given object using the keymaster key. */ static int keymaster_sign_object_new(struct crypt_mnt_ftr *ftr, const unsigned char *object, const size_t object_size, unsigned char **signature, size_t *signature_size) { unsigned char to_sign[RSA_KEY_SIZE_BYTES]; size_t to_sign_size = sizeof(to_sign); memset(to_sign, 0, RSA_KEY_SIZE_BYTES); // To sign a message with RSA, the message must satisfy two // constraints: // // 1. The message, when interpreted as a big-endian numeric value, must // be strictly less than the public modulus of the RSA key. Note // that because the most significant bit of the public modulus is // guaranteed to be 1 (else it's an (n-1)-bit key, not an n-bit // key), an n-bit message with most significant bit 0 always // satisfies this requirement. // // 2. The message must have the same length in bits as the public // modulus of the RSA key. This requirement isn't mathematically // necessary, but is necessary to ensure consistency in // implementations. switch (ftr->kdf_type) { case KDF_SCRYPT_KEYMASTER: // This ensures the most significant byte of the signed message // is zero. We could have zero-padded to the left instead, but // this approach is slightly more robust against changes in // object size. However, it's still broken (but not unusably // so) because we really should be using a proper deterministic // RSA padding function, such as PKCS1. memcpy(to_sign + 1, object, min(RSA_KEY_SIZE_BYTES - 1, object_size)); SLOGI("Signing safely-padded object"); break; default: SLOGE("Unknown KDF type %d", ftr->kdf_type); return -1; } return keymaster_sign_object_for_cryptfs_scrypt(ftr->keymaster_blob, ftr->keymaster_blob_size, KEYMASTER_CRYPTFS_RATE_LIMIT, to_sign, to_sign_size, signature, signature_size); }
int Ext::format(const char *fsPath) { int fd; const char *args[3]; int rc; args[0] = MKEXTFS_PATH; args[1] = fsPath; args[2] = NULL; rc = logwrap(3, args, 1); if (rc == 0) { SLOGI("Filesystem formatted OK"); return 0; } else { SLOGE("Format failed (unknown exit code %d)", rc); errno = EIO; return -1; } return 0; }
/* Create a new keymaster key and store it in this footer */ static int keymaster_create_key_new(struct crypt_mnt_ftr *ftr) { if (ftr->keymaster_blob_size) { SLOGI("Already have key"); return 0; } int rc = keymaster_create_key_for_cryptfs_scrypt(RSA_KEY_SIZE, RSA_EXPONENT, KEYMASTER_CRYPTFS_RATE_LIMIT, ftr->keymaster_blob, KEYMASTER_BLOB_SIZE, &ftr->keymaster_blob_size); if (rc) { if (ftr->keymaster_blob_size > KEYMASTER_BLOB_SIZE) { SLOGE("Keymaster key blob to large)"); ftr->keymaster_blob_size = 0; } SLOGE("Failed to generate keypair"); return -1; } return 0; }