openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Make encryption configurable 

Delay mounting encryptable but unencrypted volumes until we can
check the ro.vold.forceencrypt flag, then optionally encrypt.

Requires matching vold change from
    https://googleplex-android-review.git.corp.google.com/#/c/615309/

Bug: 18764230
Change-Id: If22008be8de6a4f3216b349f81ace49be1730314
This commit is contained in:
Paul Lawrence 2015-01-21 09:57:01 -08:00
parent 70f6dea9d0
commit bda6272446
4 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
fs_mgr/fs_mgr.c
View File

@ -387,9 +387,7 @@ int fs_mgr_mount_all(struct fstab *fstab)
/* Deal with encryptability. */
if (!mret) {
/* If this is encryptable, need to trigger encryption */
if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)
|| (device_is_force_encrypted()
&& fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,

5
fs_mgr/fs_mgr_fstab.c
View File

@ -428,6 +428,11 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab)
return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);
}
int fs_mgr_is_force_encrypted(struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_FORCECRYPT;
}
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_NOEMULATEDSD;

1
fs_mgr/include/fs_mgr.h
View File

@ -83,6 +83,7 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab);
int fs_mgr_is_nonremovable(struct fstab_rec *fstab);
int fs_mgr_is_verified(struct fstab_rec *fstab);
int fs_mgr_is_encryptable(struct fstab_rec *fstab);
int fs_mgr_is_force_encrypted(struct fstab_rec *fstab);
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);
int fs_mgr_swapon_all(struct fstab *fstab);
#ifdef __cplusplus

2
rootdir/init.rc
View File

@ -572,7 +572,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
# encryption) or trigger_restart_min_framework (other encryption)
# One shot invocation to encrypt unencrypted volumes
service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto
disabled
oneshot
# vold will set vold.decrypt to trigger_restart_framework (default