Support setting v2 encryption policies on init-created directories. The
policy version to set is gotten from a new field in
/data/unencrypted/mode, which is the file that's used to pass the
encryption options from vold to init.
Also don't bother falling back to defaults if fields are missing from
this file, since it's re-written on every boot by vold.
Bug: 140500999
Test: tested as series; see If64028d8580584b2c33c614cabd5d6b93657f608
Change-Id: Ia9c5d4b80199686799e3ac80de78a50ed3bdabf4
Bug: 140882488
Test: Booted twice, checked logs to ensure encryption
is different each time, adb created files in directory.
Change-Id: I44f746acd1040f7baa9123d4824ba39b194f287b
On every boot, there is a "duplicate" message logged at INFO level for
every system device-encrypted directory, e.g.:
1 1 I init : Setting policy on /data/app-private
1 1 I init : Encryption policy of /data/app-private set to 3a19970b1aa3abed modes 127/4
Or:
1 1 I init : Setting policy on /data/app-private
1 1 I init : Verified that /data/app-private has the encryption policy 3a19970b1aa3abed modes 127/4
(Before I51ee70706bc9ccb216ccefd7bdfbbfc57faae14d the second messages
were slightly different, but were similar and still at INFO level.)
The issue is that set_system_de_policy_on() prints its own log message,
then calls fscrypt_policy_ensure() which prints a message too; and the
second message is essentially a superset of the first.
Clean this up by removing the message from set_system_de_policy_on().
Test: Booted and checked the log.
Change-Id: I2786ba7e2dbb355f159ac9d8fe5ad1f0a4cdbfea
