Merge "FscryptInstallKeyring: don't re-create keyring if it's already created"

init/builtins.cpp

@@ -583,7 +583,7 @@ static Result<void> queue_fs_event(int code, bool userdata_remount) {
         return reboot_into_recovery(options);
         /* If reboot worked, there is no return. */
     } else if (code == FS_MGR_MNTALL_DEV_FILE_ENCRYPTED) {
-        if (!userdata_remount && !FscryptInstallKeyring()) {
+        if (!FscryptInstallKeyring()) {
             return Error() << "FscryptInstallKeyring() failed";
         }
         property_set("ro.crypto.state", "encrypted");
@@ -594,7 +594,7 @@ static Result<void> queue_fs_event(int code, bool userdata_remount) {
         ActionManager::GetInstance().QueueEventTrigger("nonencrypted");
         return {};
     } else if (code == FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED) {
-        if (!userdata_remount && !FscryptInstallKeyring()) {
+        if (!FscryptInstallKeyring()) {
             return Error() << "FscryptInstallKeyring() failed";
         }
         property_set("ro.crypto.state", "encrypted");
@@ -605,7 +605,7 @@ static Result<void> queue_fs_event(int code, bool userdata_remount) {
         ActionManager::GetInstance().QueueEventTrigger("nonencrypted");
         return {};
     } else if (code == FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION) {
-        if (!userdata_remount && !FscryptInstallKeyring()) {
+        if (!FscryptInstallKeyring()) {
             return Error() << "FscryptInstallKeyring() failed";
         }
         property_set("ro.crypto.state", "encrypted");

init/fscrypt_init_extensions.cpp

@@ -42,6 +42,10 @@
 using namespace android::fscrypt;
 
 bool FscryptInstallKeyring() {
+    if (keyctl_search(KEY_SPEC_SESSION_KEYRING, "keyring", "fscrypt", 0) != -1) {
+        LOG(INFO) << "Keyring is already created";
+        return true;
+    }
     key_serial_t device_keyring = add_key("keyring", "fscrypt", 0, 0, KEY_SPEC_SESSION_KEYRING);
 
     if (device_keyring == -1) {