Revert "Make encryption configurable"

This reverts commit bda6272446. The original fix seems to have led to boot failures in QA. Rather than risk shipping, revert the change. Bug 18764230 reopened. Requires change https://googleplex-android-review.git.corp.google.com/#/c/629764/ Bug: 19278390 Bug: 19199624 Change-Id: I8b6ab585666f2b0f585ffb2a5f61ac2e3462e06e
2015-02-06 17:18:19 +00:00 · 2015-02-06 17:18:19 +00:00 · 317b4024a2
commit 317b4024a2
parent bda6272446
4 changed files with 4 additions and 8 deletions
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@ -387,7 +387,9 @@ int fs_mgr_mount_all(struct fstab *fstab)
        /* Deal with encryptability. */
        if (!mret) {
            /* If this is encryptable, need to trigger encryption */
-          if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
+            if (   (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)
+                || (device_is_force_encrypted()
+                    && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
                if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
                    if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
                        ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,
--- a/fs_mgr/fs_mgr_fstab.c
+++ b/fs_mgr/fs_mgr_fstab.c
@ -428,11 +428,6 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab)
    return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);
 }

-int fs_mgr_is_force_encrypted(struct fstab_rec *fstab)
-{
-    return fstab->fs_mgr_flags & MF_FORCECRYPT;
-}
-
 int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)
 {
    return fstab->fs_mgr_flags & MF_NOEMULATEDSD;
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@ -83,7 +83,6 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab);
 int fs_mgr_is_nonremovable(struct fstab_rec *fstab);
 int fs_mgr_is_verified(struct fstab_rec *fstab);
 int fs_mgr_is_encryptable(struct fstab_rec *fstab);
-int fs_mgr_is_force_encrypted(struct fstab_rec *fstab);
 int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);
 int fs_mgr_swapon_all(struct fstab *fstab);
 #ifdef __cplusplus
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@ -572,7 +572,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
    # encryption) or trigger_restart_min_framework (other encryption)

 # One shot invocation to encrypt unencrypted volumes
-service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto
+service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
    disabled
    oneshot
    # vold will set vold.decrypt to trigger_restart_framework (default