1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "ipc/storage_daemon.h"
17
18 #include <dlfcn.h>
19 #include <fcntl.h>
20 #include <fstream>
21 #include <thread>
22 #include "file_ex.h"
23 #include "hisysevent.h"
24 #include "utils/set_flag_utils.h"
25 #include "utils/storage_radar.h"
26 #include "utils/string_utils.h"
27
28 #ifdef USER_CRYPTO_MANAGER
29 #include "crypto/app_clone_key_manager.h"
30 #include "crypto/iam_client.h"
31 #include "crypto/key_manager.h"
32 #endif
33 #ifdef EXTERNAL_STORAGE_MANAGER
34 #include "disk/disk_manager.h"
35 #include "volume/volume_manager.h"
36 #endif
37 #include "file_sharing/file_sharing.h"
38 #include "quota/quota_manager.h"
39 #include "storage_service_constant.h"
40 #include "storage_service_errno.h"
41 #include "storage_service_log.h"
42 #include "user/user_manager.h"
43 #include "user/mount_manager.h"
44 #include "utils/file_utils.h"
45 #include "system_ability_definition.h"
46 #include "file_share.h"
47 #ifdef DFS_SERVICE
48 #include "cloud_daemon_manager.h"
49 #endif
50 #ifdef USER_CRYPTO_MIGRATE_KEY
51 #include "string_ex.h"
52 #include <filesystem>
53 #endif
54 #ifdef USE_LIBRESTORECON
55 #include "policycoreutils.h"
56 #endif
57
58 using namespace OHOS::StorageService;
59 namespace OHOS {
60 namespace StorageDaemon {
61 #ifdef DFS_SERVICE
62 using namespace OHOS::FileManagement::CloudFile;
63 #endif
64
65 constexpr int32_t DEFAULT_VFS_CACHE_PRESSURE = 100;
66 constexpr int32_t MAX_VFS_CACHE_PRESSURE = 10000;
67 static const std::string DATA = "/data";
68 static const std::string VFS_CACHE_PRESSURE = "/proc/sys/vm/vfs_cache_pressure";
69 const std::string DATA_SERVICE_EL2 = "/data/service/el2/";
70 const std::string DATA_SERVICE_EL3 = "/data/service/el3/";
71 const std::string DATA_SERVICE_EL4 = "/data/service/el4/";
72 const std::string DATA_SERVICE_EL1_PUBLIC_STORAGE_DAEMON_SD = "/data/service/el1/public/storage_daemon/sd";
73 const std::string DATA_SERVICE_EL0_STORAGE_DAEMON_SD = "/data/service/el0/storage_daemon/sd";
74 const std::string NEED_RESTORE_SUFFIX = "/latest/need_restore";
75 const std::string NEW_DOUBLE_2_SINGELE = "2";
76
77 typedef int32_t (*CreateShareFileFunc)(const std::vector<std::string> &, uint32_t, uint32_t, std::vector<int32_t> &);
78 typedef int32_t (*DeleteShareFileFunc)(uint32_t, const std::vector<std::string> &);
79
Shutdown()80 int32_t StorageDaemon::Shutdown()
81 {
82 return E_OK;
83 }
84
Mount(const std::string & volId,uint32_t flags)85 int32_t StorageDaemon::Mount(const std::string &volId, uint32_t flags)
86 {
87 #ifdef EXTERNAL_STORAGE_MANAGER
88 LOGI("Handle Mount");
89 int32_t ret = VolumeManager::Instance()->Mount(volId, flags);
90 if (ret != E_OK) {
91 LOGW("Mount failed, please check");
92 StorageRadar::ReportVolumeOperation("VolumeManager::Mount", ret);
93 }
94 return ret;
95 #else
96 return E_OK;
97 #endif
98 }
99
UMount(const std::string & volId)100 int32_t StorageDaemon::UMount(const std::string &volId)
101 {
102 #ifdef EXTERNAL_STORAGE_MANAGER
103 LOGI("Handle UMount");
104 int32_t ret = VolumeManager::Instance()->UMount(volId);
105 if (ret != E_OK) {
106 LOGW("UMount failed, please check");
107 StorageRadar::ReportVolumeOperation("VolumeManager::UMount", ret);
108 }
109 return ret;
110 #else
111 return E_OK;
112 #endif
113 }
114
Check(const std::string & volId)115 int32_t StorageDaemon::Check(const std::string &volId)
116 {
117 #ifdef EXTERNAL_STORAGE_MANAGER
118 LOGI("Handle Check");
119 return VolumeManager::Instance()->Check(volId);
120 #else
121 return E_OK;
122 #endif
123 }
124
Format(const std::string & volId,const std::string & fsType)125 int32_t StorageDaemon::Format(const std::string &volId, const std::string &fsType)
126 {
127 #ifdef EXTERNAL_STORAGE_MANAGER
128 LOGI("Handle Format");
129 int32_t ret = VolumeManager::Instance()->Format(volId, fsType);
130 if (ret != E_OK) {
131 LOGW("Format failed, please check");
132 StorageRadar::ReportVolumeOperation("VolumeManager::Format", ret);
133 }
134 return ret;
135 #else
136 return E_OK;
137 #endif
138 }
139
Partition(const std::string & diskId,int32_t type)140 int32_t StorageDaemon::Partition(const std::string &diskId, int32_t type)
141 {
142 #ifdef EXTERNAL_STORAGE_MANAGER
143 LOGI("Handle Partition");
144 int32_t ret = DiskManager::Instance()->HandlePartition(diskId);
145 if (ret != E_OK) {
146 LOGW("HandlePartition failed, please check");
147 StorageRadar::ReportVolumeOperation("VolumeManager::Partition", ret);
148 }
149 return ret;
150 #else
151 return E_OK;
152 #endif
153 }
154
SetVolumeDescription(const std::string & volId,const std::string & description)155 int32_t StorageDaemon::SetVolumeDescription(const std::string &volId, const std::string &description)
156 {
157 #ifdef EXTERNAL_STORAGE_MANAGER
158 LOGI("Handle SetVolumeDescription");
159 int32_t ret = VolumeManager::Instance()->SetVolumeDescription(volId, description);
160 if (ret != E_OK) {
161 LOGW("SetVolumeDescription failed, please check");
162 StorageRadar::ReportVolumeOperation("VolumeManager::SetVolumeDescription", ret);
163 }
164 return ret;
165 #else
166 return E_OK;
167 #endif
168 }
169
GetCryptoFlag(KeyType type,uint32_t & flags)170 int32_t StorageDaemon::GetCryptoFlag(KeyType type, uint32_t &flags)
171 {
172 switch (type) {
173 case EL1_KEY:
174 flags = IStorageDaemon::CRYPTO_FLAG_EL1;
175 return E_OK;
176 case EL2_KEY:
177 flags = IStorageDaemon::CRYPTO_FLAG_EL2;
178 return E_OK;
179 case EL3_KEY:
180 flags = IStorageDaemon::CRYPTO_FLAG_EL3;
181 return E_OK;
182 case EL4_KEY:
183 flags = IStorageDaemon::CRYPTO_FLAG_EL4;
184 return E_OK;
185 case EL5_KEY:
186 flags = IStorageDaemon::CRYPTO_FLAG_EL5;
187 return E_OK;
188 default:
189 LOGE("GetCryptoFlag error, type = %{public}u", type);
190 return E_KEY_TYPE_INVAL;
191 }
192 }
193
194 #ifdef USER_CRYPTO_MIGRATE_KEY
GetNeedRestoreFilePath(int32_t userId,const std::string & user_dir)195 std::string StorageDaemon::GetNeedRestoreFilePath(int32_t userId, const std::string &user_dir)
196 {
197 std::string path = user_dir + "/" + std::to_string(userId) + "/latest/need_restore";
198 return path;
199 }
200
GetNeedRestoreFilePathByType(int32_t userId,KeyType type)201 std::string StorageDaemon::GetNeedRestoreFilePathByType(int32_t userId, KeyType type)
202 {
203 switch (type) {
204 case EL1_KEY:
205 return GetNeedRestoreFilePath(userId, USER_EL1_DIR);
206 case EL2_KEY:
207 return GetNeedRestoreFilePath(userId, USER_EL2_DIR);
208 case EL3_KEY:
209 return GetNeedRestoreFilePath(userId, USER_EL3_DIR);
210 case EL4_KEY:
211 return GetNeedRestoreFilePath(userId, USER_EL4_DIR);
212 case EL5_KEY:
213 return GetNeedRestoreFilePath(userId, USER_EL5_DIR);
214 default:
215 LOGE("GetNeedRestoreFilePathByType key type error, type = %{public}u", type);
216 return "";
217 }
218 }
219
RestoreOneUserKey(int32_t userId,KeyType type)220 int32_t StorageDaemon::RestoreOneUserKey(int32_t userId, KeyType type)
221 {
222 uint32_t flags = 0;
223 int32_t ret = GetCryptoFlag(type, flags);
224 if (ret != E_OK) {
225 return ret;
226 }
227
228 std::string elNeedRestorePath = GetNeedRestoreFilePathByType(userId, type);
229 if (elNeedRestorePath.empty()) {
230 return E_KEY_TYPE_INVAL;
231 }
232
233 std::error_code errCode;
234 if (!std::filesystem::exists(elNeedRestorePath, errCode)) {
235 return E_OK;
236 }
237 LOGI("start restore User %{public}u el%{public}u", userId, type);
238 ret = KeyManager::GetInstance()->RestoreUserKey(userId, type);
239 if (ret != E_OK) {
240 if (type != EL1_KEY) {
241 LOGE("userId %{public}u type %{public}u restore key failed, but return success, error = %{public}d",
242 userId, type, ret);
243 return E_MIGRATE_ELX_FAILED; // maybe need user key, so return E_OK to continue
244 }
245 LOGE("RestoreUserKey EL1_KEY failed, error = %{public}d, userId %{public}u", ret, userId);
246 return ret;
247 }
248
249 ret = UserManager::GetInstance()->PrepareUserDirs(userId, flags);
250 if (ret != E_OK) {
251 LOGE("PrepareUserDirs failed, userId %{public}u, flags %{public}u, error %{public}d", userId, flags, ret);
252 return ret;
253 }
254 if (type == EL2_KEY) {
255 PrepareUeceDir(userId);
256 }
257 if (userId < StorageService::START_APP_CLONE_USER_ID || userId > StorageService::MAX_APP_CLONE_USER_ID) {
258 if (type != EL1_KEY) {
259 (void)remove(elNeedRestorePath.c_str());
260 }
261 }
262 if (type == EL4_KEY) {
263 UserManager::GetInstance()->CreateBundleDataDir(userId);
264 }
265 LOGW("restore User %{public}u el%{public}u success", userId, type);
266
267 return E_OK;
268 }
269
RestoreUserKey(int32_t userId,uint32_t flags)270 int32_t StorageDaemon::RestoreUserKey(int32_t userId, uint32_t flags)
271 {
272 LOGI("prepare restore user dirs for %{public}d, flags %{public}u", userId, flags);
273 if (!IsNeedRestorePathExist(userId, true)) {
274 LOGE("need_restore file is not existed");
275 return -EEXIST;
276 }
277
278 std::vector<KeyType> keyTypes = {EL1_KEY, EL2_KEY, EL3_KEY, EL4_KEY, EL5_KEY};
279 for (auto type : keyTypes) {
280 auto ret = RestoreOneUserKey(userId, type);
281 if (ret == E_MIGRATE_ELX_FAILED) {
282 LOGE("Try restore user: %{public}d type: %{public}d migrate key, wait user pin !", userId, type);
283 break;
284 }
285 if (ret != E_OK) {
286 return ret;
287 }
288 }
289 MountManager::GetInstance()->PrepareAppdataDir(userId);
290 return E_OK;
291 }
292 #endif
293
PrepareUserDirs(int32_t userId,uint32_t flags)294 int32_t StorageDaemon::PrepareUserDirs(int32_t userId, uint32_t flags)
295 {
296 //CRYPTO_FLAG_EL3 create el3, CRYPTO_FLAG_EL4 create el4
297 flags = flags | IStorageDaemon::CRYPTO_FLAG_EL3 | IStorageDaemon::CRYPTO_FLAG_EL4 | IStorageDaemon::CRYPTO_FLAG_EL5;
298 #ifdef USER_CRYPTO_MANAGER
299 int32_t ret = KeyManager::GetInstance()->GenerateUserKeys(userId, flags);
300 #ifdef USER_CRYPTO_MIGRATE_KEY
301 if (ret == -EEXIST) {
302 return RestoreUserKey(userId, flags);
303 }
304 #endif
305 if (ret != E_OK) {
306 LOGE("Generate user %{public}d key error", userId);
307 StorageRadar::ReportUserManager("PrepareUserDirs::UserManager::GenerateUserKeys", userId, ret,
308 BizStage::BIZ_STAGE_PREPARE_ADD_USER);
309 return ret;
310 }
311 #endif
312 int32_t prepareRet = UserManager::GetInstance()->PrepareUserDirs(userId, flags);
313 MountManager::GetInstance()->PrepareAppdataDir(userId);
314 return prepareRet;
315 }
316
DestroyUserDirs(int32_t userId,uint32_t flags)317 int32_t StorageDaemon::DestroyUserDirs(int32_t userId, uint32_t flags)
318 {
319 int32_t errCode = 0;
320 //CRYPTO_FLAG_EL3 destroy el3, CRYPTO_FLAG_EL4 destroy el4
321 flags = flags | IStorageDaemon::CRYPTO_FLAG_EL3 | IStorageDaemon::CRYPTO_FLAG_EL4 | IStorageDaemon::CRYPTO_FLAG_EL5;
322 int32_t destroyUserRet = UserManager::GetInstance()->DestroyUserDirs(userId, flags);
323 if (destroyUserRet != E_OK) {
324 errCode = destroyUserRet;
325 LOGW("Destroy user %{public}d dirs failed, please check", userId);
326 StorageRadar::ReportUserManager("DestroyUserDirs", userId, errCode, BizStage::BIZ_STAGE_REMOVE_USER);
327 }
328
329 #ifdef USER_CRYPTO_MANAGER
330 destroyUserRet = KeyManager::GetInstance()->DeleteUserKeys(userId);
331 if (destroyUserRet != E_OK) {
332 errCode = destroyUserRet;
333 LOGW("DeleteUserKeys failed, please check");
334 StorageRadar::ReportUserManager("DestroyUserDirs::DeleteUserKeys", userId, errCode,
335 BizStage::BIZ_STAGE_REMOVE_USER);
336 }
337 return errCode;
338 #else
339 return errCode;
340 #endif
341 }
342
StartUser(int32_t userId)343 int32_t StorageDaemon::StartUser(int32_t userId)
344 {
345 int32_t ret = UserManager::GetInstance()->StartUser(userId);
346 if (ret != E_OK) {
347 LOGE("StartUser failed, please check");
348 StorageRadar::ReportUserManager("StartUser", userId, ret, BizStage::BIZ_STAGE_START_USER);
349 }
350 return ret;
351 }
352
StopUser(int32_t userId)353 int32_t StorageDaemon::StopUser(int32_t userId)
354 {
355 int32_t ret = UserManager::GetInstance()->StopUser(userId);
356 if (ret != E_OK) {
357 LOGE("StopUser failed, please check");
358 StorageRadar::ReportUserManager("StopUser", userId, ret, BizStage::BIZ_STAGE_STOP_USER);
359 }
360 return ret;
361 }
362
CompleteAddUser(int32_t userId)363 int32_t StorageDaemon::CompleteAddUser(int32_t userId)
364 {
365 LOGI("CompleteAddUser enter.");
366 #ifdef USER_CRYPTO_MIGRATE_KEY
367 std::error_code errCode;
368 std::string elNeedRestorePath = GetNeedRestoreFilePathByType(userId, EL1_KEY);
369 if (elNeedRestorePath.empty() || !std::filesystem::exists(elNeedRestorePath, errCode)) {
370 return E_OK;
371 }
372 (void)remove(elNeedRestorePath.c_str());
373 LOGI("CompleteAddUser remove el1 needRestore flag");
374 #endif
375 return E_OK;
376 }
377
InitGlobalKey(void)378 int32_t StorageDaemon::InitGlobalKey(void)
379 {
380 #ifdef USER_CRYPTO_MANAGER
381 int ret = KeyManager::GetInstance()->InitGlobalDeviceKey();
382 if (ret != E_OK) {
383 LOGE("InitGlobalDeviceKey failed, please check");
384 StorageRadar::ReportUserKeyResult("InitGlobalKey::InitGlobalDeviceKey", 0, ret, "EL1", "");
385 }
386 #ifdef USE_LIBRESTORECON
387 RestoreconRecurse(DATA_SERVICE_EL0_STORAGE_DAEMON_SD.c_str());
388 #endif
389 return ret;
390 #else
391 return E_OK;
392 #endif
393 }
394
InitGlobalUserKeys(void)395 int32_t StorageDaemon::InitGlobalUserKeys(void)
396 {
397 #ifdef USER_FILE_SHARING
398 // File sharing depends on the /data/service/el1/public be decrypted.
399 // A hack way to prepare the sharing dir, move it to callbacks after the parameter ready.
400 if (SetupFileSharingDir() == -1) {
401 LOGE("Failed to set up the directory for file sharing");
402 }
403 #endif
404
405 #ifdef USER_CRYPTO_MANAGER
406
407 #ifdef USER_CRYPTO_MIGRATE_KEY
408 std::error_code errCode;
409 std::string el2NeedRestorePath = GetNeedRestoreFilePath(START_USER_ID, USER_EL2_DIR);
410 if (std::filesystem::exists(el2NeedRestorePath, errCode)) {
411 LOGE("USER_EL2_DIR is exist, update NEW_DOUBLE_2_SINGLE");
412 std::string EL0_NEED_RESTORE = DATA_SERVICE_EL0_STORAGE_DAEMON_SD + NEED_RESTORE_SUFFIX;
413 if (!SaveStringToFile(EL0_NEED_RESTORE, NEW_DOUBLE_2_SINGELE)) {
414 LOGE("Save NEW_DOUBLE_2_SINGELE file failed");
415 return false;
416 }
417 }
418 #endif
419
420 int ret = KeyManager::GetInstance()->InitGlobalUserKeys();
421 if (ret) {
422 LOGE("Init global users els failed");
423 StorageRadar::ReportUserKeyResult("InitGlobalUserKeys", GLOBAL_USER_ID, ret, "EL1", "");
424 return ret;
425 }
426 #endif
427 #ifdef USE_LIBRESTORECON
428 RestoreconRecurse(DATA_SERVICE_EL1_PUBLIC_STORAGE_DAEMON_SD.c_str());
429 #endif
430 auto result = UserManager::GetInstance()->PrepareUserDirs(GLOBAL_USER_ID, CRYPTO_FLAG_EL1);
431 if (result != E_OK) {
432 LOGE("PrepareUserDirs failed, please check");
433 StorageRadar::ReportUserKeyResult("InitGlobalUserKeys::PrepareUserDirs", GLOBAL_USER_ID, result, "EL1", "");
434 }
435
436 std::thread thread([this]() { SetDeleteFlag4KeyFiles(); });
437 thread.detach();
438 return result;
439 }
440
SetDeleteFlag4KeyFiles()441 void StorageDaemon::SetDeleteFlag4KeyFiles()
442 {
443 StorageService::SetFlagUtils::ParseDirAllPath();
444 }
445
GenerateUserKeys(uint32_t userId,uint32_t flags)446 int32_t StorageDaemon::GenerateUserKeys(uint32_t userId, uint32_t flags)
447 {
448 #ifdef USER_CRYPTO_MANAGER
449 int32_t ret = KeyManager::GetInstance()->GenerateUserKeys(userId, flags);
450 if (ret != E_OK) {
451 LOGE("GenerateUserKeys failed, please check");
452 RadarParameter parameterRes = {
453 .orgPkg = DEFAULT_ORGPKGNAME,
454 .userId = userId,
455 .funcName = "GenerateUserKeys",
456 .bizScene = BizScene::USER_KEY_ENCRYPTION,
457 .bizStage = BizStage::BIZ_STAGE_GENERATE_USER_KEYS,
458 .keyElxLevel = "EL1",
459 .errorCode = ret
460 };
461 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
462 }
463 return ret;
464 #else
465 return E_OK;
466 #endif
467 }
468
DeleteUserKeys(uint32_t userId)469 int32_t StorageDaemon::DeleteUserKeys(uint32_t userId)
470 {
471 #ifdef USER_CRYPTO_MANAGER
472 int32_t ret = KeyManager::GetInstance()->DeleteUserKeys(userId);
473 if (ret != E_OK) {
474 LOGE("DeleteUserKeys failed, please check");
475 RadarParameter parameterRes = {
476 .orgPkg = DEFAULT_ORGPKGNAME,
477 .userId = userId,
478 .funcName = "DeleteUserKeys",
479 .bizScene = BizScene::USER_KEY_ENCRYPTION,
480 .bizStage = BizStage::BIZ_STAGE_DELETE_USER_KEYS,
481 .keyElxLevel = "EL1",
482 .errorCode = ret
483 };
484 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
485 }
486 return ret;
487 #else
488 return E_OK;
489 #endif
490 }
491
UpdateUserAuth(uint32_t userId,uint64_t secureUid,const std::vector<uint8_t> & token,const std::vector<uint8_t> & oldSecret,const std::vector<uint8_t> & newSecret)492 int32_t StorageDaemon::UpdateUserAuth(uint32_t userId, uint64_t secureUid,
493 const std::vector<uint8_t> &token,
494 const std::vector<uint8_t> &oldSecret,
495 const std::vector<uint8_t> &newSecret)
496 {
497 UserTokenSecret userTokenSecret = {
498 .token = token, .oldSecret = oldSecret, .newSecret = newSecret, .secureUid = secureUid};
499 #ifdef USER_CRYPTO_MANAGER
500 int32_t ret = KeyManager::GetInstance()->UpdateUserAuth(userId, userTokenSecret);
501 if (ret != E_OK) {
502 LOGE("UpdateUserAuth failed, please check");
503 RadarParameter parameterRes = {
504 .orgPkg = "account_mgr",
505 .userId = userId,
506 .funcName = "UpdateUserAuth",
507 .bizScene = BizScene::USER_KEY_ENCRYPTION,
508 .bizStage = BizStage::BIZ_STAGE_UPDATE_USER_AUTH,
509 .keyElxLevel = "ELx",
510 .errorCode = ret
511 };
512 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
513 }
514 return ret;
515 #else
516 return E_OK;
517 #endif
518 }
519
520 #ifdef USER_CRYPTO_MIGRATE_KEY
PrepareUserDirsAndUpdateUserAuth(uint32_t userId,KeyType type,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)521 int32_t StorageDaemon::PrepareUserDirsAndUpdateUserAuth(uint32_t userId, KeyType type,
522 const std::vector<uint8_t> &token, const std::vector<uint8_t> &secret)
523 {
524 LOGI("start userId %{public}u KeyType %{public}u", userId, type);
525 int32_t ret = E_OK;
526 uint32_t flags = 0;
527
528 ret = GetCryptoFlag(type, flags);
529 if (ret != E_OK) {
530 return ret;
531 }
532
533 ret = KeyManager::GetInstance()->ActiveCeSceSeceUserKey(userId, type, token, {'!'});
534 if (ret != E_OK) {
535 LOGE("Active user %{public}u key fail, type %{public}u, flags %{public}u", userId, type, flags);
536 return ret;
537 }
538
539 uint64_t secureUid = { 0 };
540 if (!IamClient::GetInstance().GetSecureUid(userId, secureUid)) {
541 LOGE("Get secure uid form iam failed, use default value.");
542 }
543 UserTokenSecret userTokenSecret = { .token = token, .oldSecret = {'!'}, .newSecret = secret,
544 .secureUid = secureUid };
545 ret = KeyManager::GetInstance()->UpdateCeEceSeceUserAuth(userId, userTokenSecret, type, false);
546 if (ret != E_OK) {
547 std::string isOldEmy = userTokenSecret.oldSecret.empty() ? "true" : "false";
548 std::string isNewEmy = userTokenSecret.newSecret.empty() ? "true" : "false";
549 std::string secretInfo = "oldSecret isEmpty = " + isOldEmy + ", newSecret isEmpty = " + isNewEmy;
550 StorageRadar::ReportUpdateUserAuth("PrepareUserDirsAndUpdateUserAuth::UpdateCeEceSeceUserAuth",
551 userId, ret, std::to_string(type), secretInfo);
552 return ret;
553 }
554
555 ret = KeyManager::GetInstance()->UpdateCeEceSeceKeyContext(userId, type);
556 if (ret != E_OK) {
557 StorageRadar::ReportUpdateUserAuth("PrepareUserDirsAndUpdateUserAuth::UpdateCeEceSeceKeyContext",
558 userId, ret, std::to_string(type), "");
559 return ret;
560 }
561
562 LOGI("try to destory dir first, user %{public}u, flags %{public}u", userId, flags);
563 (void)UserManager::GetInstance()->DestroyUserDirs(userId, flags);
564 ret = UserManager::GetInstance()->PrepareUserDirs(userId, flags);
565 if (ret != E_OK) {
566 return ret;
567 }
568 if (flags == IStorageDaemon::CRYPTO_FLAG_EL2) {
569 PrepareUeceDir(userId);
570 }
571 LOGI("userId %{public}u type %{public}u sucess", userId, type);
572 return E_OK;
573 }
574
IsNeedRestorePathExist(uint32_t userId,bool needCheckEl1)575 bool StorageDaemon::IsNeedRestorePathExist(uint32_t userId, bool needCheckEl1)
576 {
577 std::error_code errCode;
578 std::string el2NeedRestorePath = GetNeedRestoreFilePath(userId, USER_EL2_DIR);
579 std::string el3NeedRestorePath = GetNeedRestoreFilePath(userId, USER_EL3_DIR);
580 std::string el4NeedRestorePath = GetNeedRestoreFilePath(userId, USER_EL4_DIR);
581 bool isExist = std::filesystem::exists(el2NeedRestorePath, errCode) ||
582 std::filesystem::exists(el3NeedRestorePath, errCode) ||
583 std::filesystem::exists(el4NeedRestorePath, errCode);
584 if (needCheckEl1) {
585 std::string el1NeedRestorePath = GetNeedRestoreFilePath(userId, USER_EL1_DIR);
586 isExist = isExist || std::filesystem::exists(el1NeedRestorePath, errCode);
587 }
588 return isExist;
589 }
590
PrepareUeceDir(uint32_t userId)591 int32_t StorageDaemon::PrepareUeceDir(uint32_t userId)
592 {
593 int32_t ret = UserManager::GetInstance()->DestroyUserDirs(userId, IStorageDaemon::CRYPTO_FLAG_EL5);
594 LOGI("delete user %{public}u uece %{public}u, ret %{public}d", userId, IStorageDaemon::CRYPTO_FLAG_EL5, ret);
595 ret = UserManager::GetInstance()->PrepareUserDirs(userId, IStorageDaemon::CRYPTO_FLAG_EL5);
596 LOGI("prepare user %{public}u uece %{public}u, ret %{public}d", userId, IStorageDaemon::CRYPTO_FLAG_EL5, ret);
597 return ret;
598 }
599 #endif
600
GenerateKeyAndPrepareUserDirs(uint32_t userId,KeyType type,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)601 int32_t StorageDaemon::GenerateKeyAndPrepareUserDirs(uint32_t userId, KeyType type,
602 const std::vector<uint8_t> &token,
603 const std::vector<uint8_t> &secret)
604 {
605 #ifdef USER_CRYPTO_MANAGER
606 int32_t ret;
607 uint32_t flags = 0;
608
609 LOGI("enter:");
610 ret = KeyManager::GetInstance()->GenerateUserKeyByType(userId, type, token, secret);
611 if (ret != E_OK) {
612 LOGE("upgrade scene:generate user key fail, userId %{public}u, KeyType %{public}u, sec empty %{public}d",
613 userId, type, secret.empty());
614 return ret;
615 }
616 ret = GetCryptoFlag(type, flags);
617 if (ret != E_OK) {
618 return ret;
619 }
620 std::string keyUeceDir = UECE_DIR + "/" + std::to_string(userId);
621 if ((flags & IStorageDaemon::CRYPTO_FLAG_EL5) && IsDir(keyUeceDir) && !std::filesystem::is_empty(keyUeceDir)) {
622 LOGE("uece has already create, do not need create !");
623 return ret;
624 }
625 (void)UserManager::GetInstance()->DestroyUserDirs(userId, flags);
626 ret = UserManager::GetInstance()->PrepareUserDirs(userId, flags);
627 if (ret != E_OK) {
628 LOGE("upgrade scene:prepare user dirs fail, userId %{public}u, flags %{public}u, sec empty %{public}d",
629 userId, flags, secret.empty());
630 }
631
632 return ret;
633 #else
634 return E_OK;
635 #endif
636 }
637
ActiveUserKeyAndPrepare(uint32_t userId,KeyType type,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)638 int32_t StorageDaemon::ActiveUserKeyAndPrepare(uint32_t userId, KeyType type,
639 const std::vector<uint8_t> &token,
640 const std::vector<uint8_t> &secret)
641 {
642 #ifdef USER_CRYPTO_MANAGER
643 LOGW("ActiveUserKey with type %{public}u enter", type);
644 int ret = KeyManager::GetInstance()->ActiveCeSceSeceUserKey(userId, type, token, secret);
645 if (ret != E_OK && ret != -ENOENT) {
646 #ifdef USER_CRYPTO_MIGRATE_KEY
647 std::error_code errCode;
648 std::string elNeedRestorePath = GetNeedRestoreFilePathByType(userId, type);
649 if ((!token.empty() || !secret.empty()) && std::filesystem::exists(elNeedRestorePath, errCode)) {
650 LOGW("Migrate PrepareUserDirsAndUpdateUserAuth userId %{public}u, type %{public}u", userId, type);
651 ret = PrepareUserDirsAndUpdateUserAuth(userId, type, token, secret);
652 }
653 #endif
654 if (ret != E_OK) {
655 LOGE("active and restore fail, ret %{public}d, userId %{public}u, type %{public}u sec empty %{public}d",
656 ret, userId, type, secret.empty());
657 return ret;
658 }
659 } else if (ret == -ENOENT) {
660 LOGW("start GenerateKeyAndPrepareUserDirs userId %{public}u, type %{public}u sec empty %{public}d",
661 userId, type, secret.empty());
662 ret = GenerateKeyAndPrepareUserDirs(userId, type, token, secret);
663 if (ret != E_OK) {
664 LOGE("active and generate fail ret %{public}d, userId %{public}u, type %{public}u, sec empty %{public}d",
665 ret, userId, type, secret.empty());
666 return ret;
667 }
668 }
669
670 return ret;
671 #else
672 return E_OK;
673 #endif
674 }
675
ActiveUserKeyAndPrepareElX(uint32_t userId,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)676 int32_t StorageDaemon::ActiveUserKeyAndPrepareElX(uint32_t userId,
677 const std::vector<uint8_t> &token,
678 const std::vector<uint8_t> &secret)
679 {
680 #ifdef USER_CRYPTO_MANAGER
681 int ret = ActiveUserKeyAndPrepare(userId, EL3_KEY, token, secret);
682 if (ret != E_OK) {
683 LOGE("ActiveUserKeyAndPrepare failed, userId %{public}u, type %{public}u", userId, EL3_KEY);
684 StorageRadar::ReportActiveUserKey("ActiveUserKey::ActiveUserKeyAndPrepare", userId, ret, "EL3");
685 return ret;
686 }
687 ret = ActiveUserKeyAndPrepare(userId, EL4_KEY, token, secret);
688 if (ret != E_OK) {
689 LOGE("ActiveUserKeyAndPrepare failed, userId %{public}u, type %{public}u", userId, EL4_KEY);
690 StorageRadar::ReportActiveUserKey("ActiveUserKey::ActiveUserKeyAndPrepare", userId, ret, "EL4");
691 return ret;
692 }
693 ret = ActiveUserKeyAndPrepare(userId, EL5_KEY, token, secret);
694 if (ret != E_OK) {
695 LOGE("ActiveUserKeyAndPrepare failed, userId %{public}u, type %{public}u", userId, EL5_KEY);
696 StorageRadar::ReportActiveUserKey("ActiveUserKey::ActiveUserKeyAndPrepare", userId, ret, "EL5");
697 return ret;
698 }
699 #endif
700 return E_OK;
701 }
702
ActiveUserKey(uint32_t userId,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)703 int32_t StorageDaemon::ActiveUserKey(uint32_t userId,
704 const std::vector<uint8_t> &token,
705 const std::vector<uint8_t> &secret)
706 {
707 int ret = E_OK;
708 bool updateFlag = false;
709 #ifdef USER_CRYPTO_MANAGER
710 LOGW("userId %{public}u, tok empty %{public}d sec empty %{public}d", userId, token.empty(), secret.empty());
711 ret = KeyManager::GetInstance()->ActiveCeSceSeceUserKey(userId, EL2_KEY, token, secret);
712 if (ret != E_OK) {
713 #ifdef USER_CRYPTO_MIGRATE_KEY
714 LOGW("Migrate usrId %{public}u, Emp_tok %{public}d Emp_sec %{public}d", userId, token.empty(), secret.empty());
715 std::error_code errCode;
716 std::string el2NeedRestorePath = GetNeedRestoreFilePath(userId, USER_EL2_DIR);
717 if (std::filesystem::exists(el2NeedRestorePath, errCode) && (!token.empty() || !secret.empty())) {
718 updateFlag = true;
719 ret = PrepareUserDirsAndUpdateUserAuth(userId, EL2_KEY, token, secret);
720 std::string EL0_NEED_RESTORE = DATA_SERVICE_EL0_STORAGE_DAEMON_SD + NEED_RESTORE_SUFFIX;
721 if (!SaveStringToFile(EL0_NEED_RESTORE, NEW_DOUBLE_2_SINGELE)) {
722 LOGE("Save key type file failed");
723 return false;
724 }
725 }
726 #endif
727 if (ret != E_OK) {
728 LOGE("ActiveUserKey fail, userId %{public}u, type %{public}u, tok empty %{public}d sec empty %{public}d",
729 userId, EL2_KEY, token.empty(), secret.empty());
730 if (!token.empty() && !secret.empty()) {
731 StorageRadar::ReportActiveUserKey("ActiveUserKey::ActiveUserKey", userId, ret, "EL2");
732 }
733 return E_ACTIVE_EL2_FAILED;
734 }
735 }
736 ret = ActiveUserKeyAndPrepareElX(userId, token, secret);
737 if (ret != E_OK) {
738 LOGE("ActiveUserKeyAndPrepare failed, userId %{public}u.", userId);
739 return ret;
740 }
741 ret = KeyManager::GetInstance()->UnlockUserAppKeys(userId, true);
742 if (ret != E_OK) {
743 LOGE("UnlockUserAppKeys failed, userId %{public}u.", userId);
744 StorageRadar::ReportActiveUserKey("ActiveUserKey::UnlockUserAppKeys", userId, ret, "EL2");
745 return E_UNLOCK_APP_KEY2_FAILED;
746 }
747 #endif
748 if (updateFlag) {
749 UserManager::GetInstance()->CreateBundleDataDir(userId);
750 }
751 std::thread([this, userId]() { RestoreconElX(userId); }).detach();
752 std::thread([this]() { ActiveAppCloneUserKey(); }).detach();
753 return ret;
754 }
755
RestoreconElX(uint32_t userId)756 int32_t StorageDaemon::RestoreconElX(uint32_t userId)
757 {
758 #ifdef USE_LIBRESTORECON
759 LOGI("Begin to restorecon path, userId = %{public}d", userId);
760 RestoreconRecurse((DATA_SERVICE_EL2 + "public").c_str());
761 const std::string &path = DATA_SERVICE_EL2 + std::to_string(userId);
762 LOGI("RestoreconRecurse el2 public end, userId = %{public}d", userId);
763 MountManager::GetInstance()->RestoreconSystemServiceDirs(userId);
764 LOGI("RestoreconSystemServiceDirs el2 end, userId = %{public}d", userId);
765 RestoreconRecurse((DATA_SERVICE_EL2 + std::to_string(userId) + "/share").c_str());
766 LOGI("RestoreconRecurse el2 share end, userId = %{public}d", userId);
767 const std::string &DATA_SERVICE_EL2_HMDFS = DATA_SERVICE_EL2 + std::to_string(userId) + "/hmdfs/";
768 Restorecon(DATA_SERVICE_EL2_HMDFS.c_str());
769 LOGI("Restorecon el2 DATA_SERVICE_EL2_HMDFS end, userId = %{public}d", userId);
770 const std::string &ACCOUNT_FILES = "/hmdfs/account/files/";
771 const std::string &EL2_HMDFS_ACCOUNT_FILES = DATA_SERVICE_EL2 + std::to_string(userId) + ACCOUNT_FILES;
772 Restorecon(EL2_HMDFS_ACCOUNT_FILES.c_str());
773 LOGI("Restorecon el2 DATA_SERVICE_EL2_HMDFS_ACCOUNT_FILES end, userId = %{public}d", userId);
774 const std::string &FILES_RECENT = "/hmdfs/account/files/.Recent";
775 const std::string &EL2_HMDFS_ACCOUNT_FILES_RECENT = DATA_SERVICE_EL2 + std::to_string(userId) + FILES_RECENT;
776 Restorecon(EL2_HMDFS_ACCOUNT_FILES_RECENT.c_str());
777 LOGI("Restorecon el2 DATA_SERVICE_EL2_HMDFS_ACCOUNT_FILES_RECENT end, userId = %{public}d", userId);
778 #endif
779 return E_OK;
780 }
781
InactiveUserKey(uint32_t userId)782 int32_t StorageDaemon::InactiveUserKey(uint32_t userId)
783 {
784 #ifdef USER_CRYPTO_MANAGER
785 int32_t ret = KeyManager::GetInstance()->InActiveUserKey(userId);
786 if (ret != E_OK) {
787 LOGE("InActiveUserKey failed, please check");
788 RadarParameter parameterRes = {
789 .orgPkg = DEFAULT_ORGPKGNAME,
790 .userId = userId,
791 .funcName = "InActiveUserKey",
792 .bizScene = BizScene::USER_KEY_ENCRYPTION,
793 .bizStage = BizStage::BIZ_STAGE_INACTIVE_USER_KEY,
794 .keyElxLevel = "EL1",
795 .errorCode = ret
796 };
797 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
798 }
799 return ret;
800 #else
801 return E_OK;
802 #endif
803 }
804
LockUserScreen(uint32_t userId)805 int32_t StorageDaemon::LockUserScreen(uint32_t userId)
806 {
807 #ifdef USER_CRYPTO_MANAGER
808 int32_t ret = KeyManager::GetInstance()->LockUserScreen(userId);
809 if (ret != E_OK) {
810 LOGE("LockUserScreen failed, please check");
811 RadarParameter parameterRes = {
812 .orgPkg = DEFAULT_ORGPKGNAME,
813 .userId = userId,
814 .funcName = "LockUserScreen",
815 .bizScene = BizScene::USER_KEY_ENCRYPTION,
816 .bizStage = BizStage::BIZ_STAGE_LOCK_USER_SCREEN,
817 .keyElxLevel = "EL1",
818 .errorCode = ret
819 };
820 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
821 }
822 return ret;
823 #else
824 return E_OK;
825 #endif
826 }
827
UnlockUserScreen(uint32_t userId,const std::vector<uint8_t> & token,const std::vector<uint8_t> & secret)828 int32_t StorageDaemon::UnlockUserScreen(uint32_t userId,
829 const std::vector<uint8_t> &token,
830 const std::vector<uint8_t> &secret)
831 {
832 #ifdef USER_CRYPTO_MANAGER
833 int32_t ret = KeyManager::GetInstance()->UnlockUserScreen(userId, token, secret);
834 if (ret != E_OK) {
835 LOGE("UnlockUserScreen failed, userId=%{public}u, ret=%{public}d", userId, ret);
836 RadarParameter parameterRes = {
837 .orgPkg = DEFAULT_ORGPKGNAME,
838 .userId = userId,
839 .funcName = "UnlockUserScreen",
840 .bizScene = BizScene::USER_KEY_ENCRYPTION,
841 .bizStage = BizStage::BIZ_STAGE_UNLOCK_USER_SCREEN,
842 .keyElxLevel = (ret == E_UNLOCK_APP_KEY2_FAILED)? "EL5" : "EL3/EL4",
843 .errorCode = ret
844 };
845 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
846 }
847 return ret;
848 #else
849 return E_OK;
850 #endif
851 }
852
GetLockScreenStatus(uint32_t userId,bool & lockScreenStatus)853 int32_t StorageDaemon::GetLockScreenStatus(uint32_t userId, bool &lockScreenStatus)
854 {
855 #ifdef USER_CRYPTO_MANAGER
856 return KeyManager::GetInstance()->GetLockScreenStatus(userId, lockScreenStatus);
857 #else
858 return E_OK;
859 #endif
860 }
861
GenerateAppkey(uint32_t userId,uint32_t hashId,std::string & keyId)862 int32_t StorageDaemon::GenerateAppkey(uint32_t userId, uint32_t hashId, std::string &keyId)
863 {
864 #ifdef USER_CRYPTO_MANAGER
865 return KeyManager::GetInstance()->GenerateAppkey(userId, hashId, keyId);
866 #else
867 return E_OK;
868 #endif
869 }
870
DeleteAppkey(uint32_t userId,const std::string & keyId)871 int32_t StorageDaemon::DeleteAppkey(uint32_t userId, const std::string &keyId)
872 {
873 #ifdef USER_CRYPTO_MANAGER
874 return KeyManager::GetInstance()->DeleteAppkey(userId, keyId);
875 #else
876 return E_OK;
877 #endif
878 }
879
UpdateKeyContext(uint32_t userId)880 int32_t StorageDaemon::UpdateKeyContext(uint32_t userId)
881 {
882 #ifdef USER_CRYPTO_MANAGER
883 int32_t ret = KeyManager::GetInstance()->UpdateKeyContext(userId);
884 if (ret != E_OK) {
885 LOGE("UpdateKeyContext failed, please check");
886 RadarParameter parameterRes = {
887 .orgPkg = "account_mgr",
888 .userId = userId,
889 .funcName = "UpdateKeyContext",
890 .bizScene = BizScene::USER_KEY_ENCRYPTION,
891 .bizStage = BizStage::BIZ_STAGE_UPDATE_KEY_CONTEXT,
892 .keyElxLevel = "EL2",
893 .errorCode = ret
894 };
895 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
896 }
897 return ret;
898 #else
899 return E_OK;
900 #endif
901 }
902
MountCryptoPathAgain(uint32_t userId)903 int32_t StorageDaemon::MountCryptoPathAgain(uint32_t userId)
904 {
905 LOGI("begin to MountCryptoPathAgain");
906 #ifdef USER_CRYPTO_MANAGER
907 return MountManager::GetInstance()->MountCryptoPathAgain(userId);
908 #else
909 return E_OK;
910 #endif
911 }
912
CreateShareFile(const std::vector<std::string> & uriList,uint32_t tokenId,uint32_t flag)913 std::vector<int32_t> StorageDaemon::CreateShareFile(const std::vector<std::string> &uriList,
914 uint32_t tokenId, uint32_t flag)
915 {
916 LOGI("Create Share file list len is %{public}zu", uriList.size());
917 std::vector<int32_t> retList;
918 AppFileService::FileShare::CreateShareFile(uriList, tokenId, flag, retList);
919 return retList;
920 }
921
DeleteShareFile(uint32_t tokenId,const std::vector<std::string> & uriList)922 int32_t StorageDaemon::DeleteShareFile(uint32_t tokenId, const std::vector<std::string> &uriList)
923 {
924 int32_t ret = AppFileService::FileShare::DeleteShareFile(tokenId, uriList);
925 return ret;
926 }
927
SetBundleQuota(const std::string & bundleName,int32_t uid,const std::string & bundleDataDirPath,int32_t limitSizeMb)928 int32_t StorageDaemon::SetBundleQuota(const std::string &bundleName, int32_t uid,
929 const std::string &bundleDataDirPath, int32_t limitSizeMb)
930 {
931 return QuotaManager::GetInstance()->SetBundleQuota(bundleName, uid, bundleDataDirPath, limitSizeMb);
932 }
933
GetOccupiedSpace(int32_t idType,int32_t id,int64_t & size)934 int32_t StorageDaemon::GetOccupiedSpace(int32_t idType, int32_t id, int64_t &size)
935 {
936 return QuotaManager::GetInstance()->GetOccupiedSpace(idType, id, size);
937 }
938
GetBundleStatsForIncrease(uint32_t userId,const std::vector<std::string> & bundleNames,const std::vector<int64_t> & incrementalBackTimes,std::vector<int64_t> & pkgFileSizes,std::vector<int64_t> & incPkgFileSizes)939 int32_t StorageDaemon::GetBundleStatsForIncrease(uint32_t userId, const std::vector<std::string> &bundleNames,
940 const std::vector<int64_t> &incrementalBackTimes, std::vector<int64_t> &pkgFileSizes,
941 std::vector<int64_t> &incPkgFileSizes)
942 {
943 return QuotaManager::GetInstance()->GetBundleStatsForIncrease(userId, bundleNames, incrementalBackTimes,
944 pkgFileSizes, incPkgFileSizes);
945 }
946
MountDfsDocs(int32_t userId,const std::string & relativePath,const std::string & networkId,const std::string & deviceId)947 int32_t StorageDaemon::MountDfsDocs(int32_t userId, const std::string &relativePath,
948 const std::string &networkId, const std::string &deviceId)
949 {
950 LOGI("StorageDaemon::MountDfsDocs start.");
951 return MountManager::GetInstance()->MountDfsDocs(userId, relativePath, networkId, deviceId);
952 }
953
UMountDfsDocs(int32_t userId,const std::string & relativePath,const std::string & networkId,const std::string & deviceId)954 int32_t StorageDaemon::UMountDfsDocs(int32_t userId, const std::string &relativePath,
955 const std::string &networkId, const std::string &deviceId)
956 {
957 LOGI("StorageDaemon::UMountDfsDocs start.");
958 return MountManager::GetInstance()->UMountDfsDocs(userId, relativePath, networkId, deviceId);
959 }
960
GetFileEncryptStatus(uint32_t userId,bool & isEncrypted,bool needCheckDirMount)961 int32_t StorageDaemon::GetFileEncryptStatus(uint32_t userId, bool &isEncrypted, bool needCheckDirMount)
962 {
963 #ifdef USER_CRYPTO_MANAGER
964 int32_t ret = KeyManager::GetInstance()->GetFileEncryptStatus(userId, isEncrypted);
965 if (ret != E_OK) {
966 LOGE("GetFileEncryptStatus failed, please check");
967 RadarParameter parameterRes = {
968 .orgPkg = DEFAULT_ORGPKGNAME,
969 .userId = userId,
970 .funcName = "GetFileEncryptStatus",
971 .bizScene = BizScene::USER_KEY_ENCRYPTION,
972 .bizStage = BizStage::BIZ_STAGE_GET_FILE_ENCRYPT_STATUS,
973 .keyElxLevel = "EL1",
974 .errorCode = ret
975 };
976 StorageService::StorageRadar::GetInstance().RecordFuctionResult(parameterRes);
977 }
978 return ret;
979 #else
980 return E_OK;
981 #endif
982 }
983
ReadFileToString(const std::string & pathInst,std::string & oldContent)984 static bool ReadFileToString(const std::string& pathInst, std::string& oldContent)
985 {
986 std::fstream fd;
987 fd.open(pathInst.c_str(), std::ios::in);
988 if (!fd.is_open()) {
989 LOGE("open fail!");
990 return false;
991 }
992 // Get Old data
993 std::getline(fd, oldContent);
994 LOGE("StorageDaemon::ReadFileToString %{public}s", oldContent.c_str());
995 fd.close();
996 return true;
997 }
998
SaveStringToFile(const std::string & pathInst,const std::string & content)999 static bool SaveStringToFile(const std::string& pathInst, const std::string& content)
1000 {
1001 std::fstream fd;
1002 fd.open(pathInst.c_str(), std::ios::out);
1003 if (!fd.is_open()) {
1004 LOGE("open fail!");
1005 return false;
1006 }
1007 LOGI("StorageDaemon::SaveStringToFile %{public}s", content.c_str());
1008 // Write New data
1009 fd << content;
1010 fd.close();
1011 return true;
1012 }
1013
UpdateMemoryPara(int32_t size,int32_t & oldSize)1014 int32_t StorageDaemon::UpdateMemoryPara(int32_t size, int32_t &oldSize)
1015 {
1016 LOGI("StorageDaemon::UpdateMemoryPara");
1017 if (size > MAX_VFS_CACHE_PRESSURE || size < 0) {
1018 LOGE("size is invalid");
1019 return E_NOT_SUPPORT;
1020 }
1021 // Get old data
1022 std::string oldContent;
1023 if (!ReadFileToString(VFS_CACHE_PRESSURE, oldContent)) {
1024 LOGE("Failed to read");
1025 }
1026 if (!oldContent.empty()) {
1027 oldSize = std::stoi(oldContent);
1028 } else {
1029 oldSize = DEFAULT_VFS_CACHE_PRESSURE;
1030 }
1031 // Update new data
1032 if (!SaveStringToFile(VFS_CACHE_PRESSURE, std::to_string(size))) {
1033 LOGE("Failed to write");
1034 return E_SYS_CALL;
1035 }
1036 return E_OK;
1037 }
1038
OnAddSystemAbility(int32_t systemAbilityId,const std::string & deviceId)1039 void StorageDaemon::SystemAbilityStatusChangeListener::OnAddSystemAbility(int32_t systemAbilityId,
1040 const std::string &deviceId)
1041 {
1042 LOGI("SystemAbilityId:%{public}d", systemAbilityId);
1043 #ifdef EXTERNAL_STORAGE_MANAGER
1044 if (systemAbilityId == ACCESS_TOKEN_MANAGER_SERVICE_ID) {
1045 DiskManager::Instance()->ReplayUevent();
1046 }
1047 #endif
1048 if (systemAbilityId == FILEMANAGEMENT_CLOUD_DAEMON_SERVICE_SA_ID) {
1049 MountManager::GetInstance()->SetCloudState(true);
1050 }
1051 }
1052
OnRemoveSystemAbility(int32_t systemAbilityId,const std::string & deviceId)1053 void StorageDaemon::SystemAbilityStatusChangeListener::OnRemoveSystemAbility(int32_t systemAbilityId,
1054 const std::string &deviceId)
1055 {
1056 LOGI("SystemAbilityId:%{public}d", systemAbilityId);
1057 if (systemAbilityId == FILEMANAGEMENT_CLOUD_DAEMON_SERVICE_SA_ID) {
1058 MountManager::GetInstance()->SetCloudState(false);
1059 }
1060 }
1061
ActiveAppCloneUserKey()1062 void StorageDaemon::ActiveAppCloneUserKey()
1063 {
1064 #ifdef USER_CRYPTO_MANAGER
1065 auto ret = AppCloneKeyManager::GetInstance()->ActiveAppCloneUserKey();
1066 if (ret != E_OK && (ret != E_NOT_SUPPORT)) {
1067 LOGE("ActiveAppCloneUserKey failed, errNo %{public}d", ret);
1068 }
1069 #endif
1070 }
1071 } // namespace StorageDaemon
1072 } // namespace OHOS
1073