From 0c24746627e642460b7b0b9133aee0e1da764ae4 Mon Sep 17 00:00:00 2001
From: Paul Lawrence <paullawrence@google.com>
Date: Thu, 29 Oct 2015 10:30:57 -0700
Subject: [PATCH] Add developer option to convert from FDE to FBE

This set of changes adds the screen that offers this conversion,
and the plumbing so the option is only available on suitable
devices.

It does not implement the conversion mechanism.

Change-Id: I801199c37b03436045d40bf8840a8746daf94d27
---
 CryptCommandListener.cpp | 10 ++++++++++
 cryptfs.c                |  6 ++++++
 cryptfs.h                |  2 ++
 3 files changed, 18 insertions(+)

diff --git a/CryptCommandListener.cpp b/CryptCommandListener.cpp
index 3132a82..575ec90 100644
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp
@@ -358,6 +358,16 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli,
         SLOGD("cryptfs deleteuserkey");
         dumpArgs(argc, argv, -1);
         rc = e4crypt_delete_user_key(argv[2]);
+    } else if (!strcmp(argv[1], "isConvertibleToFBE")) {
+        if (argc != 2) {
+            cli->sendMsg(ResponseCode::CommandSyntaxError,
+                "Usage: cryptfs isConvertibleToFBE", false);
+            return 0;
+        }
+        // ext4enc:TODO: send a CommandSyntaxError if argv[2] not an integer
+        SLOGD("cryptfs isConvertibleToFBE");
+        dumpArgs(argc, argv, -1);
+        rc = cryptfs_isConvertibleToFBE();
     } else {
         dumpArgs(argc, argv, -1);
         cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs cmd", false);
diff --git a/cryptfs.c b/cryptfs.c
index 47acbc3..1fcc3b4 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -3712,6 +3712,12 @@ int cryptfs_enable_file()
     return e4crypt_enable(DATA_MNT_POINT);
 }
 
+int cryptfs_isConvertibleToFBE()
+{
+    struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+    return fs_mgr_is_convertible_to_fbe(rec) ? 1 : 0;
+}
+
 int cryptfs_create_default_ftr(struct crypt_mnt_ftr* crypt_ftr, __attribute__((unused))int key_length)
 {
     if (cryptfs_init_crypt_mnt_ftr(crypt_ftr)) {
diff --git a/cryptfs.h b/cryptfs.h
index fd6f3da..1320bfe 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -231,6 +231,7 @@ extern "C" {
   int cryptfs_get_password_type(void);
   const char* cryptfs_get_password(void);
   void cryptfs_clear_password(void);
+  int cryptfs_isConvertibleToFBE(void);
 
   // Functions for file encryption to use to inherit our encryption logic
   int cryptfs_create_default_ftr(struct crypt_mnt_ftr* ftr, int key_length);
@@ -238,6 +239,7 @@ extern "C" {
                              unsigned char* master_key);
   int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
                            const unsigned char* master_key);
+
 #ifdef __cplusplus
 }
 #endif