ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

am bda62724: Make encryption configurable

Browse source 
* commit 'bda6272446454886339841a62daaa1b66c07ad60':
  Make encryption configurable
This commit is contained in:
Paul Lawrence 2015-01-26 16:22:49 +00:00 committed by Android Git Automerger
commit 7e890a4d32
4 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
fs_mgr/fs_mgr.c
View file

@ -478,9 +478,7 @@ int fs_mgr_mount_all(struct fstab *fstab)
/* Deal with encryptability. */ /* Deal with encryptability. */
if (!mret) { if (!mret) {
/* If this is encryptable, need to trigger encryption */ /* If this is encryptable, need to trigger encryption */
if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT) if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
|| (device_is_force_encrypted()
&& fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
if (umount(fstab->recs[attempted_idx].mount_point) == 0) { if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) { if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point, ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,

5
fs_mgr/fs_mgr_fstab.c
View file

@ -428,6 +428,11 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab)
return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT); return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);
} }
int fs_mgr_is_force_encrypted(struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_FORCECRYPT;
}
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab) int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)
{ {
return fstab->fs_mgr_flags & MF_NOEMULATEDSD; return fstab->fs_mgr_flags & MF_NOEMULATEDSD;

1
fs_mgr/include/fs_mgr.h
View file

@ -83,6 +83,7 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab);
int fs_mgr_is_nonremovable(struct fstab_rec *fstab); int fs_mgr_is_nonremovable(struct fstab_rec *fstab);
int fs_mgr_is_verified(struct fstab_rec *fstab); int fs_mgr_is_verified(struct fstab_rec *fstab);
int fs_mgr_is_encryptable(struct fstab_rec *fstab); int fs_mgr_is_encryptable(struct fstab_rec *fstab);
int fs_mgr_is_force_encrypted(struct fstab_rec *fstab);
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab); int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);
int fs_mgr_swapon_all(struct fstab *fstab); int fs_mgr_swapon_all(struct fstab *fstab);
#ifdef __cplusplus #ifdef __cplusplus

2
rootdir/init.rc
View file

@ -574,7 +574,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
# encryption) or trigger_restart_min_framework (other encryption) # encryption) or trigger_restart_min_framework (other encryption)
# One shot invocation to encrypt unencrypted volumes # One shot invocation to encrypt unencrypted volumes
service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto
disabled disabled
oneshot oneshot
# vold will set vold.decrypt to trigger_restart_framework (default # vold will set vold.decrypt to trigger_restart_framework (default