#
5385b50e |
|
25-May-2018 |
Aaron Green <aarongreen@google.com> |
[crypto] Split Bytes class This CL breaks out the Secret class from the Bytes class. A number of paranoid but expensive functions are only needed for security sensitve secrets, e.g. mandatory_memset in the destructor of keys. This split allows only the data that needs the paranoia to pay for it. Change-Id: Ib3fdc23ef7c0f86a6549c639353ac72bb35ebedf
|
#
8831d90c |
|
21-Mar-2018 |
Aaron Green <aarongreen@google.com> |
[fvm-host] Convert compress enum to flags This CL replaces the compress_type_t to a uint32_t flags field. This allows other values to be plumbed through, like one for fvm::kSparseFlagZxcrypt. Change-Id: I030a749947f5a02402ddf2b9fbe528ee98900911
|
#
2440abdb |
|
21-Mar-2018 |
Aaron Green <aarongreen@google.com> |
[paver] Add zxcrypt support This CL adds a flag to FVM sparse containers. This flag indicates to the disk paver that it should use a zxcrypt volume on top of the FVM partition. The ability to set the flag in the host FVM tool will be added in a later CL. Change-Id: Ica8a416ca7244b1bf8e045ededb2bcfe845092f5
|
#
dacd6af7 |
|
24-Apr-2018 |
Aaron Green <aarongreen@google.com> |
[zxcrypt] Don't cache parent block information This CL removes the copy of the block_info_t from the zxcrypt device. Caching such information caused it to be invalid after FVM resizes. This also caused the 'synthetic' block size to be removed, which hasn't been needed since the Jan. refactor, and which broke atomicity with lower layers. ZX-1948 #comment Fixed Change-Id: I8d2e9ab8eb965f7ead1796eb38d9dc0e6ee939f8
|
#
6f0958fc |
|
13-Apr-2018 |
Aaron Green <aarongreen@google.com> |
[zxcrpyt] Add extra debug output for test flake This CL adds extra output if Volume::Create fails unexpected, as observed in one test flake. The observed flake could only have been caused by an unusual block_info_t or fvm_info_t, so this CL now dumps both on error. ZX-1948 #comment Adds debug output Change-Id: Ifbc53a58e8165a9680832f7f8ef7eedcf9e3dda1
|
#
c40adafa |
|
13-Feb-2018 |
Aaron Green <aarongreen@google.com> |
[zxcrypt] Refactor TestDevice This CL refactors TestDevice's lifecycle, especially with regards to its block fifo lifecycle management. I am fairly certain the root cause of the test flake was the way I was using |fdio_watch_directory| did not guarantee I wouldn't get the wrong device when aggressively un/binding. That method calls a provided callback whenever files are added, removed, etc. to a directory. Watching a directory in the /dev tree is the only way to be notified of new devices being added or removed right now. Notably, it immediately invokes the callback with an 'add' event for each existing files. Previously, since multiple devices could be added by binding a single driver (i.e., the requested driver, auto-detected FVM drivers and a mid-layer driver for each), the code watched the /dev/class/block directory for an alias whose topological path ended in the right suffix. This was racy since we might get an 'add' event for a device from a previous test that hadn't quite unbound, and mtach the suffix. The new approach recursively calls |fdio_watch_directory| for each element in the topological path, thus guaranteeing we can only bind to the new ramdisk created for each test. ZX-1659 #comment Fixes the test flake Change-Id: I3fbf571e5d81a528ecccb9067fe8742e1cf4a151
|
#
813145a3 |
|
12-Feb-2018 |
Aaron Green <aarongreen@google.com> |
[zxcrypt] Rewrite TestDevice a unit test helpers There's some outstanding flake in the zxcrypt unit tests, but current output from failed tests isn't sufficiently useful in isolating it. This CL attempts to improve the reporting of unexpected errors by converting the methods of zxcrypt::testing::TestDevice to be unit test helpers as defined in unittest.h. ZX-1659 Change-Id: Ie23b323e559099ce4b2527ff07a87aee669f4449
|
#
ad68da1d |
|
19-Jan-2018 |
Aaron Green <aarongreen@google.com> |
[zxcrypt] Improve Volume support for Cipher, FVM This CL modifies three areas of Volume: 1. It moves all metadata to the first two FVM slices and doesn't use the last one. 2. It tweaks some tests and test conditions to accomdate changes in ramdisks. 3. It refactors Bind to initialize one cipher at a time. Change-Id: Iff7629473e93beb5fb38a3d97002cc799fc67da1
|
#
1aa56bb7 |
|
19-Jan-2018 |
Aaron Green <aarongreen@google.com> |
[zxcrypt] Rename superblock to volume zxcrypt::Superblock evolved beyond just an interface for a single block of metadata into something more like a zxcrypt volume interface. This CL renames the class to reflect that. Change-Id: I8602a9531687df31e84f701e277f07238c519b6e
|