Set up user directory crypto in init.

Bug: 19704432 Change-Id: Ife4928ffbee39c8ae69e6ba66d9ce5ef5a0beb76
2015-05-28 17:35:06 +01:00 · 2015-05-28 17:35:06 +01:00 · b94032b79c
parent f8a6fa503f
commit b94032b79c
4 changed files with 23 additions and 5 deletions
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@ -839,18 +839,31 @@ static int do_installkeys_ensure_dir_exists(const char* dir)
    return 0;
 }

+static bool is_file_crypto() {
+    char prop_value[PROP_VALUE_MAX] = {0};
+    property_get("ro.crypto.type", prop_value);
+    return strcmp(prop_value, "file") == 0;
+}
+
 int do_installkey(int nargs, char **args)
 {
    if (nargs != 2) {
        return -1;
    }
-
-    char prop_value[PROP_VALUE_MAX] = {0};
-    property_get("ro.crypto.type", prop_value);
-    if (strcmp(prop_value, "file")) {
+    if (!is_file_crypto()) {
        return 0;
    }
-
    return e4crypt_create_device_key(args[1],
                                     do_installkeys_ensure_dir_exists);
 }
+
+int do_setusercryptopolicies(int nargs, char **args)
+{
+    if (nargs != 2) {
+        return -1;
+    }
+    if (!is_file_crypto()) {
+        return 0;
+    }
+    return e4crypt_set_user_crypto_policies(args[1]);
+}
--- a/init/init_parser.cpp
+++ b/init/init_parser.cpp
@ -187,6 +187,7 @@ static int lookup_keyword(const char *s)
        if (!strcmp(s, "etenv")) return K_setenv;
        if (!strcmp(s, "etprop")) return K_setprop;
        if (!strcmp(s, "etrlimit")) return K_setrlimit;
+        if (!strcmp(s, "etusercryptopolicies")) return K_setusercryptopolicies;
        if (!strcmp(s, "ocket")) return K_socket;
        if (!strcmp(s, "tart")) return K_start;
        if (!strcmp(s, "top")) return K_stop;
--- a/init/keywords.h
+++ b/init/keywords.h
@ -22,6 +22,7 @@ int do_rm(int nargs, char **args);
 int do_rmdir(int nargs, char **args);
 int do_setprop(int nargs, char **args);
 int do_setrlimit(int nargs, char **args);
+int do_setusercryptopolicies(int nargs, char **args);
 int do_start(int nargs, char **args);
 int do_stop(int nargs, char **args);
 int do_swapon_all(int nargs, char **args);
@ -78,6 +79,7 @@ enum {
    KEYWORD(setenv,      OPTION,  2, 0)
    KEYWORD(setprop,     COMMAND, 2, do_setprop)
    KEYWORD(setrlimit,   COMMAND, 3, do_setrlimit)
+    KEYWORD(setusercryptopolicies,   COMMAND, 1, do_setusercryptopolicies)
    KEYWORD(socket,      OPTION,  0, 0)
    KEYWORD(start,       COMMAND, 1, do_start)
    KEYWORD(stop,        COMMAND, 1, do_stop)
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@ -321,6 +321,8 @@ on post-fs-data
    mkdir /data/system/heapdump 0700 system system
    mkdir /data/user 0711 system system

+    setusercryptopolicies /data/user
+
    # Reload policy from /data/security if present.
    setprop selinux.reload_policy 1