Google Git
Sign in
fuchsia / integration / 5c53b67e4d18f5434a352d8a6a859c213d3bcd5c
commit5c53b67e4d18f5434a352d8a6a859c213d3bcd5c[log] [tgz]
authorJames Sullivan <jfsulliv@fuchsia.infra.roller.google.com>Fri Aug 19 23:55:53 2022 +0000
committerCopybara-Service <copybara-worker@google.com>Fri Aug 19 16:57:25 2022 -0700
tree0f8c6b23a330a8157133b83275aca6113acba892
parentf67452a3db35e976db61eeed31c0a3240de4ef6d [diff]
[roll] Roll fuchsia [fxfs][reland] Support native encryption

This feature is gated behind the "use_native_fxfs_crypto" flag which is
unset for all products at the moment.

On boot, if the "unencrypted" and "data" volumes are not set up, the
entire Fxfs partition will be reformatted and initialized with the
required volume scheme.  This implies that this change results in data
loss for any existing users of Fxfs.

Fshost supports either using the kms_stateless service for keys, or
using static (insecure) keys if that isn't available due to lack of
hardware support.   The existing zxcrypt policy knob is used to decide
where to get keys from (TEE vs null key).

Note that this CL also disables fsck-on-mount for Fxfs temporarily while
we make this work with multiple volumes (fxbug.dev/106845).

Reland of fxrev.dev/712883, with a fix to a flaky test.  (init_data() in
fshost-rust/src/tests/main.rs used fuchsia_fs::create_sub_directories,
which returns before the directories are guaranteed to be created.)

Original-Bug: 102666
Original-Fixed: 107347
Multiply: fshost_integration_tests

This reverts commit 3e2459c86de0a9716ede66566cdd379812db62d7.

Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/714669
Original-Revision: afe58609a140103c1040aab83b2200db8660da46
GitOrigin-RevId: 68303c0289cc7737fc696aa82a7dddf7587e669e
Change-Id: I771e770beac35b88d879cfa2705bcd382d69fdd4
1 file changed
tree: 0f8c6b23a330a8157133b83275aca6113acba892
  1. git-hooks/
  2. infra/
  3. third_party/
  4. cts
  5. firmware
  6. flower
  7. jiri.lock
  8. minimal
  9. prebuilts
  10. README.md
  11. stem
  12. test_durations
  13. toolchain
README.md

Integration

This repository contains Fuchsia's Global Integration manifest files.

Making changes

All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.

Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance via the IRC channel #fuchsia on Freenode.

Obtaining the source

First install Jiri.

Next run:

$ jiri init
$ jiri import minimal https://fuchsia.googlesource.com/integration
$ jiri update

Third party

Third party projects should have their own subdirectory in ./third_party.