From 9acab5a4d6df53e05b810a6b22a6bc44271cefbc Mon Sep 17 00:00:00 2001 From: Paul Crowley Date: Fri, 14 Aug 2020 11:05:05 -0700 Subject: [PATCH] Set ro.crypto.type even on failure Move responsibility for setting ro.crypto.type into fs_mgr_mount_all, so that even if setting up the filesystem fails, the type is set correctly and so errors are appropriately handled. Bug: 162289984 Test: simulate a failure and check that it's set. Change-Id: Ib061a454e7e21d7206c3c1fa8e88e16618099581 --- fs_mgr/fs_mgr.cpp | 17 +++++++++++++++++ init/builtins.cpp | 4 ---- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp index 1462cc91b..7fd6122cb 100644 --- a/fs_mgr/fs_mgr.cpp +++ b/fs_mgr/fs_mgr.cpp @@ -976,6 +976,19 @@ static int handle_encryptable(const FstabEntry& entry) { } } +static void set_type_property(int status) { + switch (status) { + case FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED: + SetProperty("ro.crypto.type", "block"); + break; + case FS_MGR_MNTALL_DEV_FILE_ENCRYPTED: + case FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED: + case FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION: + SetProperty("ro.crypto.type", "file"); + break; + } +} + static bool call_vdc(const std::vector& args, int* ret) { std::vector argv; argv.emplace_back("/system/bin/vdc"); @@ -1366,6 +1379,7 @@ int fs_mgr_mount_all(Fstab* fstab, int mount_mode) { avb_handle = AvbHandle::Open(); if (!avb_handle) { LERROR << "Failed to open AvbHandle"; + set_type_property(encryptable); return FS_MGR_MNTALL_FAIL; } } @@ -1422,6 +1436,7 @@ int fs_mgr_mount_all(Fstab* fstab, int mount_mode) { attempted_entry.mount_point}, nullptr)) { LERROR << "Encryption failed"; + set_type_property(encryptable); return FS_MGR_MNTALL_FAIL; } } @@ -1519,6 +1534,8 @@ int fs_mgr_mount_all(Fstab* fstab, int mount_mode) { } } + set_type_property(encryptable); + #if ALLOW_ADBD_DISABLE_VERITY == 1 // "userdebug" build fs_mgr_overlayfs_mount_all(fstab); #endif diff --git a/init/builtins.cpp b/init/builtins.cpp index 0b456e70a..f5de1adf1 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -570,7 +570,6 @@ static Result queue_fs_event(int code, bool userdata_remount) { trigger_shutdown("reboot,requested-userdata-remount-on-fde-device"); } SetProperty("ro.crypto.state", "encrypted"); - SetProperty("ro.crypto.type", "block"); ActionManager::GetInstance().QueueEventTrigger("defaultcrypto"); return {}; } else if (code == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) { @@ -595,7 +594,6 @@ static Result queue_fs_event(int code, bool userdata_remount) { return Error() << "FscryptInstallKeyring() failed"; } SetProperty("ro.crypto.state", "encrypted"); - SetProperty("ro.crypto.type", "file"); // Although encrypted, we have device key, so we do not need to // do anything different from the nonencrypted case. @@ -606,7 +604,6 @@ static Result queue_fs_event(int code, bool userdata_remount) { return Error() << "FscryptInstallKeyring() failed"; } SetProperty("ro.crypto.state", "encrypted"); - SetProperty("ro.crypto.type", "file"); // Although encrypted, vold has already set the device up, so we do not need to // do anything different from the nonencrypted case. @@ -617,7 +614,6 @@ static Result queue_fs_event(int code, bool userdata_remount) { return Error() << "FscryptInstallKeyring() failed"; } SetProperty("ro.crypto.state", "encrypted"); - SetProperty("ro.crypto.type", "file"); // Although encrypted, vold has already set the device up, so we do not need to // do anything different from the nonencrypted case.