Add developer option to convert from FDE to FBE

This set of changes adds the screen that offers this conversion, and the plumbing so the option is only available on suitable devices. It does not implement the conversion mechanism. Change-Id: I801199c37b03436045d40bf8840a8746daf94d27
2015-10-29 10:30:57 -07:00 · 2015-10-29 10:30:57 -07:00 · 0c24746627
commit 0c24746627
parent ee9525609e
3 changed files with 18 additions and 0 deletions
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp
@ -358,6 +358,16 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli,
        SLOGD("cryptfs deleteuserkey");
        dumpArgs(argc, argv, -1);
        rc = e4crypt_delete_user_key(argv[2]);
+    } else if (!strcmp(argv[1], "isConvertibleToFBE")) {
+        if (argc != 2) {
+            cli->sendMsg(ResponseCode::CommandSyntaxError,
+                "Usage: cryptfs isConvertibleToFBE", false);
+            return 0;
+        }
+        // ext4enc:TODO: send a CommandSyntaxError if argv[2] not an integer
+        SLOGD("cryptfs isConvertibleToFBE");
+        dumpArgs(argc, argv, -1);
+        rc = cryptfs_isConvertibleToFBE();
    } else {
        dumpArgs(argc, argv, -1);
        cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs cmd", false);
--- a/cryptfs.c
+++ b/cryptfs.c
@ -3712,6 +3712,12 @@ int cryptfs_enable_file()
    return e4crypt_enable(DATA_MNT_POINT);
 }

+int cryptfs_isConvertibleToFBE()
+{
+    struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+    return fs_mgr_is_convertible_to_fbe(rec) ? 1 : 0;
+}
+
 int cryptfs_create_default_ftr(struct crypt_mnt_ftr* crypt_ftr, __attribute__((unused))int key_length)
 {
    if (cryptfs_init_crypt_mnt_ftr(crypt_ftr)) {
--- a/cryptfs.h
+++ b/cryptfs.h
@ -231,6 +231,7 @@ extern "C" {
  int cryptfs_get_password_type(void);
  const char* cryptfs_get_password(void);
  void cryptfs_clear_password(void);
+  int cryptfs_isConvertibleToFBE(void);

  // Functions for file encryption to use to inherit our encryption logic
  int cryptfs_create_default_ftr(struct crypt_mnt_ftr* ftr, int key_length);
@ -238,6 +239,7 @@ extern "C" {
                             unsigned char* master_key);
  int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
                           const unsigned char* master_key);
+
 #ifdef __cplusplus
 }
 #endif