Initial unified commit for Android 12, syncing up to v400.a

patches_treble_phh/platform_system_vold/0001-Fallback-to-non-rollback-resistant-keys-if-not-avail.patch

@@ -0,0 +1,54 @@
+From 30e1b738f07d636015d0a4f6b4c3fd214b7b474f Mon Sep 17 00:00:00 2001
+From: Pierre-Hugues Husson <phh@phh.me>
+Date: Tue, 5 Oct 2021 16:17:15 -0400
+Subject: [PATCH 1/6] Fallback to non-rollback resistant keys if not available
+
+Boot on Mediatek devices was broken with:
+~ Add ROLLBACK_RESISTANCE tag to key usage
+
+Change-Id: I0ab7103c317c70779dee03dce25ba9c9da1629f4
+---
+ KeyStorage.cpp | 16 +++++++++++-----
+ 1 file changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/KeyStorage.cpp b/KeyStorage.cpp
+index 93c5c29..ef089ad 100644
+--- a/KeyStorage.cpp
++++ b/KeyStorage.cpp
+@@ -378,12 +378,15 @@ static KeymasterOperation BeginKeymasterOp(Keymaster& keymaster, const std::stri
+ static bool encryptWithKeymasterKey(Keymaster& keymaster, const std::string& dir,
+                                     const km::AuthorizationSet& keyParams,
+                                     const KeyBuffer& message, std::string* ciphertext) {
+-    km::AuthorizationSet opParams =
++    auto opParams =
+             km::AuthorizationSetBuilder()
+-                    .Authorization(km::TAG_ROLLBACK_RESISTANCE)
+                     .Authorization(km::TAG_PURPOSE, km::KeyPurpose::ENCRYPT);
++    auto opParamsWithRollback = opParams;
++    opParamsWithRollback.Authorization(km::TAG_ROLLBACK_RESISTANCE);
++
+     km::AuthorizationSet outParams;
+-    auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, &outParams);
++    auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParamsWithRollback, &outParams);
++    if (!opHandle) opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, &outParams);
+     if (!opHandle) return false;
+     auto nonceBlob = outParams.GetTagValue(km::TAG_NONCE);
+     if (!nonceBlob) {
+@@ -410,9 +413,12 @@ static bool decryptWithKeymasterKey(Keymaster& keymaster, const std::string& dir
+     auto bodyAndMac = ciphertext.substr(GCM_NONCE_BYTES);
+     auto opParams = km::AuthorizationSetBuilder()
+                             .Authorization(km::TAG_NONCE, nonce)
+-                            .Authorization(km::TAG_ROLLBACK_RESISTANCE)
+                             .Authorization(km::TAG_PURPOSE, km::KeyPurpose::DECRYPT);
+-    auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, nullptr);
++    auto opParamsWithRollback = opParams;
++    opParamsWithRollback.Authorization(km::TAG_ROLLBACK_RESISTANCE);
++
++    auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParamsWithRollback, nullptr);
++    if (!opHandle) opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, nullptr);
+     if (!opHandle) return false;
+     if (!opHandle.updateCompletely(bodyAndMac, message)) return false;
+     if (!opHandle.finish(nullptr)) return false;
+-- 
+2.29.2
+

patches_treble_phh/platform_system_vold/0002-Allow-deletion-of-symlink.patch

@@ -0,0 +1,25 @@
+From a4ae95a2de9f912a4e4aca075a28aa4d0ff886b9 Mon Sep 17 00:00:00 2001
+From: Pierre-Hugues Husson <phh@phh.me>
+Date: Sat, 17 Feb 2018 19:39:38 +0100
+Subject: [PATCH 2/6] Allow deletion of symlink
+
+Change-Id: I9731895f88729072297f753088583aabbe6990f4
+---
+ FsCrypt.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/FsCrypt.cpp b/FsCrypt.cpp
+index 04def5c..c7de48e 100644
+--- a/FsCrypt.cpp
++++ b/FsCrypt.cpp
+@@ -315,6 +315,7 @@ static bool prepare_dir(const std::string& dir, mode_t mode, uid_t uid, gid_t gi
+ static bool destroy_dir(const std::string& dir) {
+     LOG(DEBUG) << "Destroying: " << dir;
+     if (rmdir(dir.c_str()) != 0 && errno != ENOENT) {
++        if(unlink(dir.c_str()) == 0) return true;
+         PLOG(ERROR) << "Failed to destroy " << dir;
+         return false;
+     }
+-- 
+2.29.2
+

patches_treble_phh/platform_system_vold/0003-Support-Samsung-s-implementation-of-exfat-called-sdf.patch

@@ -0,0 +1,44 @@
+From 07bbca4e931e960e25f714079f176f31ca218b41 Mon Sep 17 00:00:00 2001
+From: Pierre-Hugues Husson <phh@phh.me>
+Date: Mon, 20 Aug 2018 22:37:54 +0200
+Subject: [PATCH 3/6] Support Samsung's implementation of exfat, called sdfat
+
+---
+ fs/Exfat.cpp | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/fs/Exfat.cpp b/fs/Exfat.cpp
+index 7782dd3..91a4c50 100644
+--- a/fs/Exfat.cpp
++++ b/fs/Exfat.cpp
+@@ -35,7 +35,7 @@ static const char* kFsckPath = "/system/bin/fsck.exfat";
+ 
+ bool IsSupported() {
+     return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
+-           IsFilesystemSupported("exfat");
++           (IsFilesystemSupported("exfat") || IsFilesystemSupported("sdfat"));
+ }
+ 
+ status_t Check(const std::string& source) {
+@@ -61,13 +61,16 @@ status_t Mount(const std::string& source, const std::string& target, int ownerUi
+     auto mountData = android::base::StringPrintf("uid=%d,gid=%d,fmask=%o,dmask=%o", ownerUid,
+                                                  ownerGid, permMask, permMask);
+ 
+-    if (mount(source.c_str(), target.c_str(), "exfat", mountFlags, mountData.c_str()) == 0) {
++    const char *fs = "exfat";
++    if(IsFilesystemSupported("sdfat"))
++        fs = "sdfat";
++    if (mount(source.c_str(), target.c_str(), fs, mountFlags, mountData.c_str()) == 0) {
+         return 0;
+     }
+ 
+     PLOG(ERROR) << "Mount failed; attempting read-only";
+     mountFlags |= MS_RDONLY;
+-    if (mount(source.c_str(), target.c_str(), "exfat", mountFlags, mountData.c_str()) == 0) {
++    if (mount(source.c_str(), target.c_str(), fs, mountFlags, mountData.c_str()) == 0) {
+         return 0;
+     }
+ 
+-- 
+2.29.2
+

patches_treble_phh/platform_system_vold/0004-Sony-has-texfat-exfat-fs.patch

@@ -0,0 +1,38 @@
+From 33b5d2f1da3e8c775baf042f734c899af68a8a75 Mon Sep 17 00:00:00 2001
+From: Pierre-Hugues Husson <phh@phh.me>
+Date: Tue, 28 Jan 2020 00:27:17 +0100
+Subject: [PATCH 4/6] Sony has `texfat` exfat fs
+
+---
+ fs/Exfat.cpp | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/fs/Exfat.cpp b/fs/Exfat.cpp
+index 91a4c50..6c49c10 100644
+--- a/fs/Exfat.cpp
++++ b/fs/Exfat.cpp
+@@ -35,7 +35,11 @@ static const char* kFsckPath = "/system/bin/fsck.exfat";
+ 
+ bool IsSupported() {
+     return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
+-           (IsFilesystemSupported("exfat") || IsFilesystemSupported("sdfat"));
++           (
++            IsFilesystemSupported("exfat") ||
++            IsFilesystemSupported("sdfat") ||
++            IsFilesystemSupported("texfat")
++            );
+ }
+ 
+ status_t Check(const std::string& source) {
+@@ -64,6 +68,8 @@ status_t Mount(const std::string& source, const std::string& target, int ownerUi
+     const char *fs = "exfat";
+     if(IsFilesystemSupported("sdfat"))
+         fs = "sdfat";
++    if(IsFilesystemSupported("texfat"))
++        fs = "texfat";
+     if (mount(source.c_str(), target.c_str(), fs, mountFlags, mountData.c_str()) == 0) {
+         return 0;
+     }
+-- 
+2.29.2
+

patches_treble_phh/platform_system_vold/0005-Failing-to-create-facedata-shouldn-t-be-fatal.patch

@@ -0,0 +1,38 @@
+From c8c2f84551ba8cf706b5ca1e880f216261f78100 Mon Sep 17 00:00:00 2001
+From: Pierre-Hugues Husson <phh@phh.me>
+Date: Sat, 7 Mar 2020 14:49:09 +0100
+Subject: [PATCH 5/6] Failing to create facedata shouldn't be fatal
+
+Some Pie vendors create it on their own, so SELinux would deny that
+Also not all devices have face unlock anyway
+
+See https://github.com/phhusson/treble_experimentations/issues/1119
+---
+ vold_prepare_subdirs.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/vold_prepare_subdirs.cpp b/vold_prepare_subdirs.cpp
+index e2afb81..de863ff 100644
+--- a/vold_prepare_subdirs.cpp
++++ b/vold_prepare_subdirs.cpp
+@@ -193,7 +193,7 @@ static bool prepare_subdirs(const std::string& volume_uuid, int user_id, int fla
+             }
+             auto facedata_path = vendor_de_path + "/facedata";
+             if (!prepare_dir(sehandle, 0700, AID_SYSTEM, AID_SYSTEM, facedata_path)) {
+-                return false;
++                LOG(ERROR) << "Failed preparing folder for de facedata";
+             }
+         }
+     }
+@@ -224,7 +224,7 @@ static bool prepare_subdirs(const std::string& volume_uuid, int user_id, int fla
+             auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id);
+             auto facedata_path = vendor_ce_path + "/facedata";
+             if (!prepare_dir(sehandle, 0700, AID_SYSTEM, AID_SYSTEM, facedata_path)) {
+-                return false;
++                LOG(ERROR) << "Failed preparing folder for de facedata";
+             }
+         }
+     }
+-- 
+2.29.2
+

patches_treble_phh/platform_system_vold/0006-Every-voldmanaged-storage-is-adoptable.patch

@@ -0,0 +1,25 @@
+From 425cd7837ca789af3eb79e659851b67edb87d431 Mon Sep 17 00:00:00 2001
+From: Pierre-Hugues Husson <phh@phh.me>
+Date: Wed, 11 Mar 2020 14:02:35 +0100
+Subject: [PATCH 6/6] Every voldmanaged storage is adoptable
+
+---
+ main.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/main.cpp b/main.cpp
+index 1f85fb5..52aa896 100644
+--- a/main.cpp
++++ b/main.cpp
+@@ -257,7 +257,7 @@ static int process_config(VolumeManager* vm, VoldConfigs* configs) {
+             std::string nickname(entry.label);
+             int flags = 0;
+ 
+-            if (entry.is_encryptable()) {
++            if (entry.is_encryptable() || true) {
+                 flags |= android::vold::Disk::Flags::kAdoptable;
+                 configs->has_adoptable = true;
+             }
+-- 
+2.29.2
+