clang-format many files.

Test: Format-only changes; treehugger suffices.
Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48

Benchmark.cpp

@@ -28,8 +28,8 @@
 
 #include <thread>
 
-#include <sys/time.h>
 #include <sys/resource.h>
+#include <sys/time.h>
 #include <unistd.h>
 
 using android::base::ReadFileToString;

Benchmark.h

@@ -24,8 +24,10 @@
 namespace android {
 namespace vold {
 
+// clang-format off
 void Benchmark(const std::string& path,
                const android::sp<android::os::IVoldTaskListener>& listener);
+// clang-format on
 
 }  // namespace vold
 }  // namespace android

Devmapper.cpp

@@ -16,23 +16,22 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
+#include <errno.h>
+#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
 #include <string.h>
-#include <stdlib.h>
+#include <unistd.h>
 
-#include <sys/types.h>
 #include <sys/ioctl.h>
 #include <sys/stat.h>
+#include <sys/types.h>
 
 #include <linux/kdev_t.h>
 
 #include <android-base/logging.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 #include <utils/Trace.h>
 
 #include "Devmapper.h"
@@ -43,8 +42,7 @@ using android::base::StringPrintf;
 
 static const char* kVoldPrefix = "vold:";
 
-void Devmapper::ioctlInit(struct dm_ioctl *io, size_t dataSize,
+void Devmapper::ioctlInit(struct dm_ioctl* io, size_t dataSize, const char* name, unsigned flags) {
-                          const char *name, unsigned flags) {
     memset(io, 0, dataSize);
     io->data_size = dataSize;
     io->data_start = sizeof(struct dm_ioctl);
@@ -54,8 +52,7 @@ void Devmapper::ioctlInit(struct dm_ioctl *io, size_t dataSize,
     io->flags = flags;
     if (name) {
         size_t ret = strlcpy(io->name, name, sizeof(io->name));
-        if (ret >= sizeof(io->name))
+        if (ret >= sizeof(io->name)) abort();
-            abort();
     }
 }
 
@@ -266,8 +263,7 @@ int Devmapper::destroyAll() {
     return 0;
 }
 
-void *Devmapper::_align(void *ptr, unsigned int a)
+void* Devmapper::_align(void* ptr, unsigned int a) {
-{
     unsigned long agn = --a;
 
     return (void*)(((unsigned long)ptr + agn) & ~agn);

Devmapper.h

@@ -17,8 +17,8 @@
 #ifndef _DEVMAPPER_H
 #define _DEVMAPPER_H
 
-#include <unistd.h>
 #include <linux/dm-ioctl.h>
+#include <unistd.h>
 
 class Devmapper {
   public:
@@ -29,8 +29,7 @@ public:
 
   private:
     static void* _align(void* ptr, unsigned int a);
-    static void ioctlInit(struct dm_ioctl *io, size_t data_size,
+    static void ioctlInit(struct dm_ioctl* io, size_t data_size, const char* name, unsigned flags);
-                          const char *name, unsigned flags);
 };
 
 #endif

EncryptInplace.cpp

@@ -16,16 +16,16 @@
 
 #include "EncryptInplace.h"
 
-#include <stdio.h>
-#include <stdint.h>
-#include <inttypes.h>
-#include <time.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
 #include <ext4_utils/ext4.h>
 #include <ext4_utils/ext4_utils.h>
 #include <f2fs_sparseblock.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
 
 #include <algorithm>
 
@@ -36,13 +36,11 @@
 #include "cryptfs.h"
 
 // FIXME horrible cut-and-paste code
-static inline int unix_read(int  fd, void*  buff, int  len)
+static inline int unix_read(int fd, void* buff, int len) {
-{
     return TEMP_FAILURE_RETRY(read(fd, buff, len));
 }
 
-static inline int unix_write(int  fd, const void*  buff, int  len)
+static inline int unix_write(int fd, const void* buff, int len) {
-{
     return TEMP_FAILURE_RETRY(write(fd, buff, len));
 }
 
@@ -57,8 +55,7 @@ static inline int unix_write(int  fd, const void*  buff, int  len)
 #define BLOCKS_AT_A_TIME 1024
 #endif
 
-struct encryptGroupsData
+struct encryptGroupsData {
-{
     int realfd;
     int cryptofd;
     off64_t numblocks;
@@ -76,8 +73,7 @@ struct encryptGroupsData
     bool set_progress_properties;
 };
 
-static void update_progress(struct encryptGroupsData* data, int is_used)
+static void update_progress(struct encryptGroupsData* data, int is_used) {
-{
     data->blocks_already_done++;
 
     if (is_used) {
@@ -104,16 +100,14 @@ static void update_progress(struct encryptGroupsData* data, int is_used)
             LOG(WARNING) << "Error getting time";
         } else {
             double elapsed_time = difftime(time_now.tv_sec, data->time_started);
-            off64_t remaining_blocks = data->tot_used_blocks
+            off64_t remaining_blocks = data->tot_used_blocks - data->used_blocks_already_done;
-                                       - data->used_blocks_already_done;
+            int remaining_time =
-            int remaining_time = (int)(elapsed_time * remaining_blocks
+                (int)(elapsed_time * remaining_blocks / data->used_blocks_already_done);
-                                       / data->used_blocks_already_done);
 
             // Change time only if not yet set, lower, or a lot higher for
             // best user experience
-            if (data->remaining_time == -1
+            if (data->remaining_time == -1 || remaining_time < data->remaining_time ||
-                || remaining_time < data->remaining_time
+                remaining_time > data->remaining_time + 60) {
-                || remaining_time > data->remaining_time + 60) {
                 char buf[8];
                 snprintf(buf, sizeof(buf), "%d", remaining_time);
                 android::base::SetProperty("vold.encrypt_time_remaining", buf);
@@ -123,8 +117,7 @@ static void update_progress(struct encryptGroupsData* data, int is_used)
     }
 }
 
-static void log_progress(struct encryptGroupsData const* data, bool completed)
+static void log_progress(struct encryptGroupsData const* data, bool completed) {
-{
     // Precondition - if completed data = 0 else data != 0
 
     // Track progress so we can skip logging blocks
@@ -147,8 +140,7 @@ static void log_progress(struct encryptGroupsData const* data, bool completed)
     }
 }
 
-static int flush_outstanding_data(struct encryptGroupsData* data)
+static int flush_outstanding_data(struct encryptGroupsData* data) {
-{
     if (data->count == 0) {
         return 0;
     }
@@ -169,13 +161,12 @@ static int flush_outstanding_data(struct encryptGroupsData* data)
     }
 
     data->count = 0;
-    data->last_written_sector = (data->offset + data->count)
+    data->last_written_sector =
-                                / info.block_size * CRYPT_SECTOR_SIZE - 1;
+        (data->offset + data->count) / info.block_size * CRYPT_SECTOR_SIZE - 1;
     return 0;
 }
 
-static int encrypt_groups(struct encryptGroupsData* data)
+static int encrypt_groups(struct encryptGroupsData* data) {
-{
     unsigned int i;
     u8* block_bitmap = 0;
     unsigned int block;
@@ -198,11 +189,9 @@ static int encrypt_groups(struct encryptGroupsData* data)
         LOG(INFO) << "Encrypting group " << i;
 
         u32 first_block = aux_info.first_data_block + i * info.blocks_per_group;
-        u32 block_count = std::min(info.blocks_per_group,
+        u32 block_count = std::min(info.blocks_per_group, (u32)(aux_info.len_blocks - first_block));
-                             (u32)(aux_info.len_blocks - first_block));
 
-        off64_t offset = (u64)info.block_size
+        off64_t offset = (u64)info.block_size * aux_info.bg_desc[i].bg_block_bitmap;
-                         * aux_info.bg_desc[i].bg_block_bitmap;
 
         ret = pread64(data->realfd, block_bitmap, info.block_size, offset);
         if (ret != (int)info.block_size) {
@@ -215,8 +204,9 @@ static int encrypt_groups(struct encryptGroupsData* data)
         data->count = 0;
 
         for (block = 0; block < block_count; block++) {
-            int used = (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT) ?
+            int used = (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT)
-                    0 : bitmap_get_bit(block_bitmap, block);
+                           ? 0
+                           : bitmap_get_bit(block_bitmap, block);
             update_progress(data, used);
             if (used) {
                 if (data->count == 0) {
@@ -232,8 +222,8 @@ static int encrypt_groups(struct encryptGroupsData* data)
             offset += info.block_size;
 
             /* Write data if we are aligned or buffer size reached */
-            if (offset % (info.block_size * BLOCKS_AT_A_TIME) == 0
+            if (offset % (info.block_size * BLOCKS_AT_A_TIME) == 0 ||
-                || data->count == BLOCKS_AT_A_TIME) {
+                data->count == BLOCKS_AT_A_TIME) {
                 if (flush_outstanding_data(data)) {
                     goto errout;
                 }
@@ -345,8 +335,7 @@ errout:
     return rc;
 }
 
-static void log_progress_f2fs(u64 block, bool completed)
+static void log_progress_f2fs(u64 block, bool completed) {
-{
     // Precondition - if completed data = 0 else data != 0
 
     // Track progress so we can skip logging blocks
@@ -369,8 +358,7 @@ static void log_progress_f2fs(u64 block, bool completed)
     }
 }
 
-static int encrypt_one_block_f2fs(u64 pos, void *data)
+static int encrypt_one_block_f2fs(u64 pos, void* data) {
-{
     struct encryptGroupsData* priv_dat = (struct encryptGroupsData*)data;
 
     priv_dat->blocks_already_done = pos - 1;
@@ -424,8 +412,7 @@ static int cryptfs_enable_inplace_f2fs(char* crypto_blkdev, char* real_blkdev, o
     }
 
     f2fs_info = generate_f2fs_info(data.realfd);
-    if (!f2fs_info)
+    if (!f2fs_info) goto errout;
-      goto errout;
 
     data.numblocks = size / CRYPT_SECTORS_PER_BUFSIZE;
     data.tot_numblocks = tot_size / CRYPT_SECTORS_PER_BUFSIZE;
@@ -626,9 +613,8 @@ int cryptfs_enable_inplace(char* crypto_blkdev, char* real_blkdev, off64_t size,
     LOG(DEBUG) << "cryptfs_enable_inplace_full()=" << rc_full;
 
     /* Hack for b/17898962, the following is the symptom... */
-    if (rc_ext4 == ENABLE_INPLACE_ERR_DEV
+    if (rc_ext4 == ENABLE_INPLACE_ERR_DEV && rc_f2fs == ENABLE_INPLACE_ERR_DEV &&
-        && rc_f2fs == ENABLE_INPLACE_ERR_DEV
+        rc_full == ENABLE_INPLACE_ERR_DEV) {
-        && rc_full == ENABLE_INPLACE_ERR_DEV) {
         LOG(DEBUG) << "ENABLE_INPLACE_ERR_DEV";
         return ENABLE_INPLACE_ERR_DEV;
     }

Ext4Crypt.cpp

@@ -31,12 +31,12 @@
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <unistd.h>
 #include <limits.h>
 #include <selinux/android.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
 #include <sys/types.h>
+#include <unistd.h>
 
 #include <private/android_filesystem_config.h>
 
@@ -93,7 +93,7 @@ std::map<userid_t, std::string> s_ce_key_raw_refs;
 // TODO abolish this map, per b/26948053
 std::map<userid_t, KeyBuffer> s_ce_keys;
 
-}
+}  // namespace
 
 static bool e4crypt_is_emulated() {
     return property_get_bool("persist.sys.emulate_fbe", false);
@@ -145,8 +145,7 @@ static std::string get_ce_key_current_path(const std::string& directory_path) {
 }
 
 static bool get_ce_key_new_path(const std::string& directory_path,
-                                const std::vector<std::string>& paths,
+                                const std::vector<std::string>& paths, std::string* ce_key_path) {
-                                std::string *ce_key_path) {
     if (paths.empty()) {
         *ce_key_path = get_ce_key_current_path(directory_path);
         return true;
@@ -242,12 +241,14 @@ static bool create_and_install_user_keys(userid_t user_id, bool create_ephemeral
         auto const paths = get_ce_key_paths(directory_path);
         std::string ce_key_path;
         if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
-        if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp,
+        if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, kEmptyAuthentication,
-                kEmptyAuthentication, ce_key)) return false;
+                                               ce_key))
+            return false;
         fixate_user_ce_key(directory_path, ce_key_path, paths);
         // Write DE key second; once this is written, all is good.
         if (!android::vold::storeKeyAtomically(get_de_key_path(user_id), user_key_temp,
-                kEmptyAuthentication, de_key)) return false;
+                                               kEmptyAuthentication, de_key))
+            return false;
     }
     std::string de_raw_ref;
     if (!android::vold::installKey(de_key, &de_raw_ref)) return false;
@@ -440,8 +441,8 @@ bool e4crypt_destroy_user_key(userid_t user_id) {
     bool success = true;
     std::string raw_ref;
     success &= evict_ce_key(user_id);
-    success &= lookup_key_ref(s_de_key_raw_refs, user_id, &raw_ref)
+    success &=
-        && android::vold::evictKey(raw_ref);
+        lookup_key_ref(s_de_key_raw_refs, user_id, &raw_ref) && android::vold::evictKey(raw_ref);
     s_de_key_raw_refs.erase(user_id);
     auto it = s_ephemeral_users.find(user_id);
     if (it != s_ephemeral_users.end()) {
@@ -556,8 +557,8 @@ bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const std::string&
     std::string token, secret;
     if (!parse_hex(token_hex, &token)) return false;
     if (!parse_hex(secret_hex, &secret)) return false;
-    auto auth = secret.empty() ? kEmptyAuthentication
+    auto auth =
-                                   : android::vold::KeyAuthentication(token, secret);
+        secret.empty() ? kEmptyAuthentication : android::vold::KeyAuthentication(token, secret);
     auto it = s_ce_keys.find(user_id);
     if (it == s_ce_keys.end()) {
         LOG(ERROR) << "Key not loaded into memory, can't change for user " << user_id;
@@ -670,7 +671,8 @@ bool e4crypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_
             if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
 #if MANAGE_MISC_DIRS
             if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),
-                    multiuser_get_uid(user_id, AID_EVERYBODY))) return false;
+                             multiuser_get_uid(user_id, AID_EVERYBODY)))
+                return false;
 #endif
             if (!prepare_dir(profiles_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
 

FileDeviceUtils.cpp

@@ -16,15 +16,15 @@
 
 #include "FileDeviceUtils.h"
 
+#include <errno.h>
+#include <fcntl.h>
+#include <linux/fiemap.h>
+#include <linux/fs.h>
+#include <mntent.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
-#include <sys/types.h>
 #include <sys/stat.h>
-#include <fcntl.h>
+#include <sys/types.h>
-#include <linux/fs.h>
-#include <linux/fiemap.h>
-#include <mntent.h>
 
 #include <android-base/file.h>
 #include <android-base/logging.h>
@@ -40,8 +40,7 @@ namespace android {
 namespace vold {
 
 // Given a file path, look for the corresponding block device in /proc/mount
-std::string BlockDeviceForPath(const std::string &path)
+std::string BlockDeviceForPath(const std::string& path) {
-{
     std::unique_ptr<FILE, int (*)(FILE*)> mnts(setmntent("/proc/mounts", "re"), endmntent);
     if (!mnts) {
         PLOG(ERROR) << "Unable to open /proc/mounts";
@@ -52,9 +51,7 @@ std::string BlockDeviceForPath(const std::string &path)
     struct mntent* mnt;  // getmntent returns a thread local, so it's safe.
     while ((mnt = getmntent(mnts.get())) != nullptr) {
         auto l = strlen(mnt->mnt_dir);
-        if (l > best_length &&
+        if (l > best_length && path.size() > l && path[l] == '/' &&
-            path.size() > l &&
-            path[l] == '/' &&
             path.compare(0, l, mnt->mnt_dir) == 0) {
             result = mnt->mnt_fsname;
             best_length = l;
@@ -68,10 +65,8 @@ std::string BlockDeviceForPath(const std::string &path)
     return result;
 }
 
-std::unique_ptr<struct fiemap> PathFiemap(const std::string &path, uint32_t extent_count)
+std::unique_ptr<struct fiemap> PathFiemap(const std::string& path, uint32_t extent_count) {
-{
+    android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(path.c_str(), O_RDONLY | O_CLOEXEC, 0)));
-    android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(
-        path.c_str(), O_RDONLY | O_CLOEXEC, 0)));
     if (fd == -1) {
         if (errno == ENOENT) {
             PLOG(DEBUG) << "Unable to open " << path;
@@ -99,8 +94,7 @@ std::unique_ptr<struct fiemap> PathFiemap(const std::string &path, uint32_t exte
 
 namespace {
 
-std::unique_ptr<struct fiemap> alloc_fiemap(uint32_t extent_count)
+std::unique_ptr<struct fiemap> alloc_fiemap(uint32_t extent_count) {
-{
     size_t allocsize = offsetof(struct fiemap, fm_extents[extent_count]);
     std::unique_ptr<struct fiemap> res(new (::operator new(allocsize)) struct fiemap);
     memset(res.get(), 0, allocsize);
@@ -112,4 +106,4 @@ std::unique_ptr<struct fiemap> alloc_fiemap(uint32_t extent_count)
     return res;
 }
 
-}
+}  // namespace

FileDeviceUtils.h

@@ -17,8 +17,8 @@
 #ifndef ANDROID_VOLD_FILEDEVICEUTILS_H
 #define ANDROID_VOLD_FILEDEVICEUTILS_H
 
-#include <string>
 #include <linux/fiemap.h>
+#include <string>
 
 namespace android {
 namespace vold {

IdleMaint.cpp

@@ -33,11 +33,11 @@
 #include <private/android_filesystem_config.h>
 
 #include <dirent.h>
+#include <fcntl.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
-#include <fcntl.h>
 
 using android::base::Basename;
 using android::base::ReadFileToString;
@@ -80,8 +80,7 @@ static IdleMaintStats idle_maint_stat(IdleMaintStats::kStopped);
 static std::condition_variable cv_abort, cv_stop;
 static std::mutex cv_m;
 
-static void addFromVolumeManager(std::list<std::string>* paths,
+static void addFromVolumeManager(std::list<std::string>* paths, PathTypes path_type) {
-                                 PathTypes path_type) {
     VolumeManager* vm = VolumeManager::Instance();
     std::list<std::string> privateIds;
     vm->listVolumes(VolumeBase::Type::kPrivate, privateIds);
@@ -95,11 +94,9 @@ static void addFromVolumeManager(std::list<std::string>* paths,
                 const std::string& fs_type = vol->getFsType();
                 if (fs_type == "f2fs" && (Realpath(vol->getRawDmDevPath(), &gc_path) ||
                                           Realpath(vol->getRawDevPath(), &gc_path))) {
-                    paths->push_back(std::string("/sys/fs/") + fs_type +
+                    paths->push_back(std::string("/sys/fs/") + fs_type + "/" + Basename(gc_path));
-                                     "/" + Basename(gc_path));
                 }
             }
-
         }
     }
 }
@@ -138,10 +135,11 @@ static void addFromFstab(std::list<std::string>* paths, PathTypes path_type) {
         } else if (path_type == PathTypes::kBlkDevice) {
             std::string gc_path;
             if (std::string(fstab->recs[i].fs_type) == "f2fs" &&
-                Realpath(android::vold::BlockDeviceForPath(
+                Realpath(
-                    std::string(fstab->recs[i].mount_point) + "/"), &gc_path)) {
+                    android::vold::BlockDeviceForPath(std::string(fstab->recs[i].mount_point) + "/"),
-                paths->push_back(std::string("/sys/fs/") + fstab->recs[i].fs_type +
+                    &gc_path)) {
-                                 "/" + Basename(gc_path));
+                paths->push_back(std::string("/sys/fs/") + fstab->recs[i].fs_type + "/" +
+                                 Basename(gc_path));
             }
         }
 
@@ -184,8 +182,8 @@ void Trim(const android::sp<android::os::IVoldTaskListener>& listener) {
             }
         } else {
             nsecs_t time = systemTime(SYSTEM_TIME_BOOTTIME) - start;
-            LOG(INFO) << "Trimmed " << range.len << " bytes on " << path
+            LOG(INFO) << "Trimmed " << range.len << " bytes on " << path << " in "
-                    << " in " << nanoseconds_to_milliseconds(time) << "ms";
+                      << nanoseconds_to_milliseconds(time) << "ms";
             extras.putLong(String16("bytes"), range.len);
             extras.putLong(String16("time"), time);
             if (listener) {
@@ -230,8 +228,8 @@ static bool waitForGc(const std::list<std::string>& paths) {
         }
 
         lk.lock();
-        aborted = cv_abort.wait_for(lk, 10s, []{
+        aborted =
-            return idle_maint_stat == IdleMaintStats::kAbort;});
+            cv_abort.wait_for(lk, 10s, [] { return idle_maint_stat == IdleMaintStats::kAbort; });
         lk.unlock();
     }
 
@@ -427,8 +425,7 @@ int AbortIdleMaint(const android::sp<android::os::IVoldTaskListener>& listener)
         cv_abort.notify_one();
         lk.lock();
         LOG(DEBUG) << "aborting idle maintenance";
-        cv_stop.wait(lk, []{
+        cv_stop.wait(lk, [] { return idle_maint_stat == IdleMaintStats::kStopped; });
-            return idle_maint_stat == IdleMaintStats::kStopped;});
     }
     lk.unlock();
 

KeyBuffer.cpp

@@ -34,4 +34,3 @@ KeyBuffer operator+(KeyBuffer&& lhs, const char* rhs) {
 
 }  // namespace vold
 }  // namespace android
-

KeyBuffer.h

@@ -33,8 +33,7 @@ namespace vold {
 #define OPTNONE __attribute__((optimize("O0")))
 #endif  // not __clang__
 inline OPTNONE void* memset_s(void* s, int c, size_t n) {
-    if (!s)
+    if (!s) return s;
-        return s;
     return memset(s, c, n);
 }
 #undef OPTNONE
@@ -42,8 +41,7 @@ inline OPTNONE void* memset_s(void* s, int c, size_t n) {
 // Allocator that delegates useful work to standard one but zeroes data before deallocating.
 class ZeroingAllocator : public std::allocator<char> {
   public:
-    void deallocate(pointer p, size_type n)
+    void deallocate(pointer p, size_type n) {
-    {
         memset_s(p, 0, n);
         std::allocator<char>::deallocate(p, n);
     }
@@ -60,4 +58,3 @@ KeyBuffer operator+(KeyBuffer&& lhs, const char* rhs);
 }  // namespace android
 
 #endif
-

KeyStorage.cpp

@@ -568,7 +568,10 @@ bool destroyKey(const std::string& dir) {
         success &= deleteKey(dir);
     }
     auto secdiscard_cmd = std::vector<std::string>{
-        kSecdiscardPath, "--", dir + "/" + kFn_encrypted_key, dir + "/" + kFn_secdiscardable,
+        kSecdiscardPath,
+        "--",
+        dir + "/" + kFn_encrypted_key,
+        dir + "/" + kFn_secdiscardable,
     };
     if (uses_km) {
         secdiscard_cmd.emplace_back(dir + "/" + kFn_keymaster_key_blob);

KeyUtil.cpp

@@ -88,12 +88,7 @@ static bool fillKey(const KeyBuffer& key, ext4_encryption_key* ext4_key) {
     return true;
 }
 
-static char const* const NAME_PREFIXES[] = {
+static char const* const NAME_PREFIXES[] = {"ext4", "f2fs", "fscrypt", nullptr};
-    "ext4",
-    "f2fs",
-    "fscrypt",
-    nullptr
-};
 
 static std::string keyname(const std::string& prefix, const std::string& raw_ref) {
     std::ostringstream o;
@@ -185,8 +180,8 @@ bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_a
     return true;
 }
 
-bool retrieveKey(bool create_if_absent, const std::string& key_path,
+bool retrieveKey(bool create_if_absent, const std::string& key_path, const std::string& tmp_path,
-                 const std::string& tmp_path, KeyBuffer* key) {
+                 KeyBuffer* key) {
     if (pathExists(key_path)) {
         LOG(DEBUG) << "Key exists, using: " << key_path;
         if (!retrieveKey(key_path, kEmptyAuthentication, key)) return false;
@@ -197,8 +192,7 @@ bool retrieveKey(bool create_if_absent, const std::string& key_path,
         }
         LOG(INFO) << "Creating new key in " << key_path;
         if (!randomKey(key)) return false;
-        if (!storeKeyAtomically(key_path, tmp_path,
+        if (!storeKeyAtomically(key_path, tmp_path, kEmptyAuthentication, *key)) return false;
-                kEmptyAuthentication, *key)) return false;
     }
     return true;
 }

KeyUtil.h

@@ -20,8 +20,8 @@
 #include "KeyBuffer.h"
 #include "KeyStorage.h"
 
-#include <string>
 #include <memory>
+#include <string>
 
 namespace android {
 namespace vold {
@@ -32,8 +32,8 @@ bool evictKey(const std::string& raw_ref);
 bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
                            const std::string& key_path, const std::string& tmp_path,
                            std::string* key_ref);
-bool retrieveKey(bool create_if_absent, const std::string& key_path,
+bool retrieveKey(bool create_if_absent, const std::string& key_path, const std::string& tmp_path,
-                 const std::string& tmp_path, KeyBuffer* key);
+                 KeyBuffer* key);
 
 }  // namespace vold
 }  // namespace android

Loop.cpp

@@ -16,24 +16,24 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <dirent.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
 #include <string.h>
+#include <unistd.h>
 
-#include <sys/mount.h>
-#include <sys/types.h>
-#include <sys/stat.h>
 #include <sys/ioctl.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 
 #include <linux/kdev_t.h>
 
 #include <android-base/logging.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 #include <android-base/unique_fd.h>
 #include <utils/Trace.h>
 

Loop.h

@@ -17,13 +17,14 @@
 #ifndef _LOOP_H
 #define _LOOP_H
 
-#include <string>
-#include <unistd.h>
 #include <linux/loop.h>
+#include <unistd.h>
+#include <string>
 
 class Loop {
   public:
     static const int LOOP_MAX = 4096;
+
   public:
     static int create(const std::string& file, std::string& out_device);
     static int destroyByDevice(const char* loopDevice);

MetadataCrypt.cpp

@@ -14,13 +14,13 @@
  * limitations under the License.
  */
 
-#include "KeyBuffer.h"
 #include "MetadataCrypt.h"
+#include "KeyBuffer.h"
 
+#include <algorithm>
 #include <string>
 #include <thread>
 #include <vector>
-#include <algorithm>
 
 #include <fcntl.h>
 #include <sys/ioctl.h>
@@ -39,9 +39,9 @@
 #include "EncryptInplace.h"
 #include "KeyStorage.h"
 #include "KeyUtil.h"
-#include "secontext.h"
 #include "Utils.h"
 #include "VoldUtil.h"
+#include "secontext.h"
 
 #define DM_CRYPT_BUF_SIZE 4096
 #define TABLE_LOAD_RETRIES 10
@@ -100,8 +100,8 @@ static KeyBuffer default_key_params(const std::string& real_blkdev, const KeyBuf
 }
 
 static bool get_number_of_sectors(const std::string& real_blkdev, uint64_t* nr_sec) {
-    android::base::unique_fd dev_fd(TEMP_FAILURE_RETRY(open(
+    android::base::unique_fd dev_fd(
-        real_blkdev.c_str(), O_RDONLY | O_CLOEXEC, 0)));
+        TEMP_FAILURE_RETRY(open(real_blkdev.c_str(), O_RDONLY | O_CLOEXEC, 0)));
     if (dev_fd == -1) {
         PLOG(ERROR) << "Unable to open " << real_blkdev << " to measure size";
         return false;
@@ -117,8 +117,7 @@ static bool get_number_of_sectors(const std::string& real_blkdev, uint64_t *nr_s
     return true;
 }
 
-static struct dm_ioctl* dm_ioctl_init(char *buffer, size_t buffer_size,
+static struct dm_ioctl* dm_ioctl_init(char* buffer, size_t buffer_size, const std::string& dm_name) {
-                                      const std::string& dm_name) {
     if (buffer_size < sizeof(dm_ioctl)) {
         LOG(ERROR) << "dm_ioctl buffer too small";
         return nullptr;
@@ -139,8 +138,8 @@ static struct dm_ioctl* dm_ioctl_init(char *buffer, size_t buffer_size,
 static bool create_crypto_blk_dev(const std::string& dm_name, uint64_t nr_sec,
                                   const std::string& target_type, const KeyBuffer& crypt_params,
                                   std::string* crypto_blkdev) {
-    android::base::unique_fd dm_fd(TEMP_FAILURE_RETRY(open(
+    android::base::unique_fd dm_fd(
-        "/dev/device-mapper", O_RDWR | O_CLOEXEC, 0)));
+        TEMP_FAILURE_RETRY(open("/dev/device-mapper", O_RDWR | O_CLOEXEC, 0)));
     if (dm_fd == -1) {
         PLOG(ERROR) << "Cannot open device-mapper";
         return false;
@@ -158,8 +157,8 @@ static bool create_crypto_blk_dev(const std::string& dm_name, uint64_t nr_sec,
         PLOG(ERROR) << "Cannot retrieve dm-crypt device status " << dm_name;
         return false;
     }
-    *crypto_blkdev = std::string() + "/dev/block/dm-" + std::to_string(
+    *crypto_blkdev = std::string() + "/dev/block/dm-" +
-        (io->dev & 0xff) | ((io->dev >> 12) & 0xfff00));
+                     std::to_string((io->dev & 0xff) | ((io->dev >> 12) & 0xfff00));
 
     io = dm_ioctl_init(buffer, sizeof(buffer), dm_name);
     size_t paramix = io->data_start + sizeof(struct dm_target_spec);

MoveStorage.cpp

@@ -29,7 +29,8 @@
 #include <dirent.h>
 #include <sys/wait.h>
 
-#define CONSTRAIN(amount, low, high) ((amount) < (low) ? (low) : ((amount) > (high) ? (high) : (amount)))
+#define CONSTRAIN(amount, low, high) \
+    ((amount) < (low) ? (low) : ((amount) > (high) ? (high) : (amount)))
 
 static const char* kPropBlockingExec = "persist.sys.blocking_exec";
 
@@ -114,14 +115,17 @@ static status_t execRm(const std::string& path, int startProgress, int stepProgr
 
         sleep(1);
         uint64_t deltaFreeBytes = GetFreeBytes(path) - startFreeBytes;
-        notifyProgress(startProgress + CONSTRAIN((int)
+        notifyProgress(
-                ((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress), listener);
+            startProgress +
+                CONSTRAIN((int)((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress),
+            listener);
     }
     return -1;
 }
 
 static status_t execCp(const std::string& fromPath, const std::string& toPath, int startProgress,
-        int stepProgress, const android::sp<android::os::IVoldTaskListener>& listener) {
+                       int stepProgress,
+                       const android::sp<android::os::IVoldTaskListener>& listener) {
     notifyProgress(startProgress, listener);
 
     uint64_t expectedBytes = GetTreeBytes(fromPath);
@@ -165,8 +169,10 @@ static status_t execCp(const std::string& fromPath, const std::string& toPath, i
 
         sleep(1);
         uint64_t deltaFreeBytes = startFreeBytes - GetFreeBytes(toPath);
-        notifyProgress(startProgress + CONSTRAIN((int)
+        notifyProgress(
-                ((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress), listener);
+            startProgress +
+                CONSTRAIN((int)((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress),
+            listener);
     }
     return -1;
 }
@@ -239,11 +245,13 @@ copy_fail:
     // useful anyway.
     execRm(toPath, 80, 1, listener);
 fail:
+    // clang-format off
     {
         std::lock_guard<std::mutex> lock(VolumeManager::Instance()->getLock());
         bringOnline(from);
         bringOnline(to);
     }
+    // clang-format on
     notifyProgress(kMoveFailedInternalError, listener);
     return -1;
 }

NetlinkHandler.cpp

@@ -14,9 +14,9 @@
  * limitations under the License.
  */
 
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
 #include <string.h>
 
 #include <android-base/logging.h>
@@ -25,12 +25,9 @@
 #include "NetlinkHandler.h"
 #include "VolumeManager.h"
 
-NetlinkHandler::NetlinkHandler(int listenerSocket) :
+NetlinkHandler::NetlinkHandler(int listenerSocket) : NetlinkListener(listenerSocket) {}
-                NetlinkListener(listenerSocket) {
-}
 
-NetlinkHandler::~NetlinkHandler() {
+NetlinkHandler::~NetlinkHandler() {}
-}
 
 int NetlinkHandler::start() {
     return this->startListener();

NetlinkHandler.h

@@ -20,7 +20,6 @@
 #include <sysutils/NetlinkListener.h>
 
 class NetlinkHandler : public NetlinkListener {
-
   public:
     explicit NetlinkHandler(int listenerSocket);
     virtual ~NetlinkHandler();

NetlinkManager.cpp

@@ -14,12 +14,12 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
 #include <errno.h>
+#include <stdio.h>
 #include <string.h>
 
-#include <sys/socket.h>
 #include <sys/select.h>
+#include <sys/socket.h>
 #include <sys/time.h>
 #include <sys/types.h>
 #include <sys/un.h>
@@ -28,14 +28,13 @@
 
 #include <android-base/logging.h>
 
-#include "NetlinkManager.h"
 #include "NetlinkHandler.h"
+#include "NetlinkManager.h"
 
 NetlinkManager* NetlinkManager::sInstance = NULL;
 
 NetlinkManager* NetlinkManager::Instance() {
-    if (!sInstance)
+    if (!sInstance) sInstance = new NetlinkManager();
-        sInstance = new NetlinkManager();
     return sInstance;
 }
 
@@ -43,8 +42,7 @@ NetlinkManager::NetlinkManager() {
     mBroadcaster = NULL;
 }
 
-NetlinkManager::~NetlinkManager() {
+NetlinkManager::~NetlinkManager() {}
-}
 
 int NetlinkManager::start() {
     struct sockaddr_nl nladdr;
@@ -56,8 +54,7 @@ int NetlinkManager::start() {
     nladdr.nl_pid = getpid();
     nladdr.nl_groups = 0xffffffff;
 
-    if ((mSock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC,
+    if ((mSock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, NETLINK_KOBJECT_UEVENT)) < 0) {
-            NETLINK_KOBJECT_UEVENT)) < 0) {
         PLOG(ERROR) << "Unable to create uevent socket";
         return -1;
     }

NetlinkManager.h

@@ -17,8 +17,8 @@
 #ifndef _NETLINKMANAGER_H
 #define _NETLINKMANAGER_H
 
-#include <sysutils/SocketListener.h>
 #include <sysutils/NetlinkListener.h>
+#include <sysutils/SocketListener.h>
 
 class NetlinkHandler;
 

Process.cpp

@@ -14,28 +14,28 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
+#include <ctype.h>
-#include <unistd.h>
+#include <dirent.h>
 #include <errno.h>
-#include <string.h>
 #include <fcntl.h>
 #include <fts.h>
-#include <dirent.h>
-#include <ctype.h>
-#include <pwd.h>
-#include <stdlib.h>
 #include <poll.h>
-#include <sys/stat.h>
+#include <pwd.h>
 #include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <unistd.h>
 
 #include <fstream>
 #include <unordered_set>
 
 #include <android-base/file.h>
-#include <android-base/parseint.h>
-#include <android-base/strings.h>
-#include <android-base/stringprintf.h>
 #include <android-base/logging.h>
+#include <android-base/parseint.h>
+#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 
 #include "Process.h"
 

ScryptParameters.cpp

@@ -30,8 +30,7 @@ bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf) {
      * colons (e.g., "12:8:1"). Scan the property to make sure it matches.
      */
     for (i = 0, token = strtok_r(const_cast<char*>(paramstr), ":", &saveptr);
-            token != nullptr && i < 3;
+         token != nullptr && i < 3; i++, token = strtok_r(nullptr, ":", &saveptr)) {
-            i++, token = strtok_r(nullptr, ":", &saveptr)) {
         char* endptr;
         params[i] = strtol(token, &endptr, 10);
 
@@ -45,6 +44,8 @@ bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf) {
     if (token != nullptr) {
         return false;
     }
-    *Nf = params[0]; *rf = params[1]; *pf = params[2];
+    *Nf = params[0];
+    *rf = params[1];
+    *pf = params[2];
     return true;
 }

Utils.cpp

@@ -22,23 +22,23 @@
 #include <android-base/file.h>
 #include <android-base/logging.h>
 #include <android-base/properties.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 #include <cutils/fs.h>
 #include <logwrap/logwrap.h>
 #include <private/android_filesystem_config.h>
 
-#include <mutex>
 #include <dirent.h>
 #include <fcntl.h>
 #include <linux/fs.h>
 #include <stdlib.h>
 #include <sys/mount.h>
-#include <sys/types.h>
 #include <sys/stat.h>
-#include <sys/sysmacros.h>
-#include <sys/wait.h>
 #include <sys/statvfs.h>
+#include <sys/sysmacros.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <mutex>
 
 #ifndef UMOUNT_NOFOLLOW
 #define UMOUNT_NOFOLLOW 0x00000008 /* Don't follow symlink on umount */
@@ -81,8 +81,8 @@ status_t CreateDeviceNode(const std::string& path, dev_t dev) {
     mode_t mode = 0660 | S_IFBLK;
     if (mknod(cpath, mode, dev) < 0) {
         if (errno != EEXIST) {
-            PLOG(ERROR) << "Failed to create device node for " << major(dev)
+            PLOG(ERROR) << "Failed to create device node for " << major(dev) << ":" << minor(dev)
-                    << ":" << minor(dev) << " at " << path;
+                        << " at " << path;
             res = -errno;
         }
     }
@@ -209,8 +209,8 @@ bool FindValue(const std::string& raw, const std::string& key, std::string* valu
     return true;
 }
 
-static status_t readMetadata(const std::string& path, std::string* fsType,
+static status_t readMetadata(const std::string& path, std::string* fsType, std::string* fsUuid,
-        std::string* fsUuid, std::string* fsLabel, bool untrusted) {
+                             std::string* fsLabel, bool untrusted) {
     fsType->clear();
     fsUuid->clear();
     fsLabel->clear();
@@ -244,13 +244,13 @@ static status_t readMetadata(const std::string& path, std::string* fsType,
     return OK;
 }
 
-status_t ReadMetadata(const std::string& path, std::string* fsType,
+status_t ReadMetadata(const std::string& path, std::string* fsType, std::string* fsUuid,
-        std::string* fsUuid, std::string* fsLabel) {
+                      std::string* fsLabel) {
     return readMetadata(path, fsType, fsUuid, fsLabel, false);
 }
 
-status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType,
+status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType, std::string* fsUuid,
-        std::string* fsUuid, std::string* fsLabel) {
+                               std::string* fsLabel) {
     return readMetadata(path, fsType, fsUuid, fsLabel, true);
 }
 
@@ -289,13 +289,12 @@ status_t ForkExecvp(const std::vector<std::string>& args, security_context_t con
     return res;
 }
 
-status_t ForkExecvp(const std::vector<std::string>& args,
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output) {
-        std::vector<std::string>& output) {
     return ForkExecvp(args, output, nullptr);
 }
 
-status_t ForkExecvp(const std::vector<std::string>& args,
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output,
-        std::vector<std::string>& output, security_context_t context) {
+                    security_context_t context) {
     std::lock_guard<std::mutex> lock(kSecurityLock);
     std::string cmd;
     for (size_t i = 0; i < args.size(); i++) {
@@ -415,6 +414,7 @@ status_t HexToStr(const std::string& hex, std::string& str) {
     for (size_t i = 0; i < hex.size(); i++) {
         int val = 0;
         switch (hex[i]) {
+            // clang-format off
             case ' ': case '-': case ':': continue;
             case 'f': case 'F': val = 15; break;
             case 'e': case 'E': val = 14; break;
@@ -433,6 +433,7 @@ status_t HexToStr(const std::string& hex, std::string& str) {
             case '1': val = 1; break;
             case '0': val = 0; break;
             default: return -EINVAL;
+                // clang-format on
         }
 
         if (even) {
@@ -523,10 +524,8 @@ int64_t calculate_dir_size(int dfd) {
 
             /* always skip "." and ".." */
             if (name[0] == '.') {
-                if (name[1] == 0)
+                if (name[1] == 0) continue;
-                    continue;
+                if ((name[1] == '.') && (name[2] == 0)) continue;
-                if ((name[1] == '.') && (name[2] == 0))
-                    continue;
             }
 
             subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
@@ -592,8 +591,7 @@ done:
 }
 
 static bool isValidFilename(const std::string& name) {
-    if (name.empty() || (name == ".") || (name == "..")
+    if (name.empty() || (name == ".") || (name == "..") || (name.find('/') != std::string::npos)) {
-            || (name.find('/') != std::string::npos)) {
         return false;
     } else {
         return true;
@@ -713,8 +711,7 @@ bool Readlinkat(int dirfd, const std::string& path, std::string* result) {
     while (true) {
         ssize_t size = readlinkat(dirfd, path.c_str(), &buf[0], buf.size());
         // Unrecoverable error?
-        if (size == -1)
+        if (size == -1) return false;
-            return false;
         // It fit! (If size == buf.size(), it may have been truncated.)
         if (static_cast<size_t>(size) < buf.size()) {
             result->assign(&buf[0], size);

Utils.h

@@ -20,12 +20,12 @@
 #include "KeyBuffer.h"
 
 #include <android-base/macros.h>
-#include <utils/Errors.h>
 #include <cutils/multiuser.h>
 #include <selinux/selinux.h>
+#include <utils/Errors.h>
 
-#include <vector>
 #include <string>
+#include <vector>
 
 struct DIR;
 
@@ -59,21 +59,20 @@ status_t BindMount(const std::string& source, const std::string& target);
 bool FindValue(const std::string& raw, const std::string& key, std::string* value);
 
 /* Reads filesystem metadata from device at path */
-status_t ReadMetadata(const std::string& path, std::string* fsType,
+status_t ReadMetadata(const std::string& path, std::string* fsType, std::string* fsUuid,
-        std::string* fsUuid, std::string* fsLabel);
+                      std::string* fsLabel);
 
 /* Reads filesystem metadata from untrusted device at path */
-status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType,
+status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType, std::string* fsUuid,
-        std::string* fsUuid, std::string* fsLabel);
+                               std::string* fsLabel);
 
 /* Returns either WEXITSTATUS() status, or a negative errno */
 status_t ForkExecvp(const std::vector<std::string>& args);
 status_t ForkExecvp(const std::vector<std::string>& args, security_context_t context);
 
-status_t ForkExecvp(const std::vector<std::string>& args,
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output);
-        std::vector<std::string>& output);
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output,
-status_t ForkExecvp(const std::vector<std::string>& args,
+                    security_context_t context);
-        std::vector<std::string>& output, security_context_t context);
 
 pid_t ForkExecvpAsync(const std::vector<std::string>& args);
 

VoldUtil.cpp

@@ -14,8 +14,8 @@
  * limitations under the License.
  */
 
-#include <sys/ioctl.h>
 #include <linux/fs.h>
+#include <sys/ioctl.h>
 
 struct fstab* fstab_default;
 

cryptfs.cpp

@@ -80,12 +80,10 @@ extern "C" {
 
 constexpr size_t INTERMEDIATE_KEY_LEN_BYTES = 16;
 constexpr size_t INTERMEDIATE_IV_LEN_BYTES = 16;
-constexpr size_t INTERMEDIATE_BUF_SIZE =
+constexpr size_t INTERMEDIATE_BUF_SIZE = (INTERMEDIATE_KEY_LEN_BYTES + INTERMEDIATE_IV_LEN_BYTES);
-    (INTERMEDIATE_KEY_LEN_BYTES + INTERMEDIATE_IV_LEN_BYTES);
 
 // SCRYPT_LEN is used by struct crypt_mnt_ftr for its intermediate key.
-static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN,
+static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN, "Mismatch of intermediate key sizes");
-              "Mismatch of intermediate key sizes");
 
 #define KEY_IN_FOOTER "footer"
 
@@ -118,22 +116,20 @@ static int  master_key_saved = 0;
 static struct crypt_persist_data* persist_data = NULL;
 
 /* Should we use keymaster? */
-static int keymaster_check_compatibility()
+static int keymaster_check_compatibility() {
-{
     return keymaster_compatibility_cryptfs_scrypt();
 }
 
 /* Create a new keymaster key and store it in this footer */
-static int keymaster_create_key(struct crypt_mnt_ftr *ftr)
+static int keymaster_create_key(struct crypt_mnt_ftr* ftr) {
-{
     if (ftr->keymaster_blob_size) {
         SLOGI("Already have key");
         return 0;
     }
 
-    int rc = keymaster_create_key_for_cryptfs_scrypt(RSA_KEY_SIZE, RSA_EXPONENT,
+    int rc = keymaster_create_key_for_cryptfs_scrypt(
-            KEYMASTER_CRYPTFS_RATE_LIMIT, ftr->keymaster_blob, KEYMASTER_BLOB_SIZE,
+        RSA_KEY_SIZE, RSA_EXPONENT, KEYMASTER_CRYPTFS_RATE_LIMIT, ftr->keymaster_blob,
-            &ftr->keymaster_blob_size);
+        KEYMASTER_BLOB_SIZE, &ftr->keymaster_blob_size);
     if (rc) {
         if (ftr->keymaster_blob_size > KEYMASTER_BLOB_SIZE) {
             SLOGE("Keymaster key blob too large");
@@ -146,12 +142,9 @@ static int keymaster_create_key(struct crypt_mnt_ftr *ftr)
 }
 
 /* This signs the given object using the keymaster key. */
-static int keymaster_sign_object(struct crypt_mnt_ftr *ftr,
+static int keymaster_sign_object(struct crypt_mnt_ftr* ftr, const unsigned char* object,
-                                 const unsigned char *object,
+                                 const size_t object_size, unsigned char** signature,
-                                 const size_t object_size,
+                                 size_t* signature_size) {
-                                 unsigned char **signature,
-                                 size_t *signature_size)
-{
     unsigned char to_sign[RSA_KEY_SIZE_BYTES];
     size_t to_sign_size = sizeof(to_sign);
     memset(to_sign, 0, RSA_KEY_SIZE_BYTES);
@@ -231,8 +224,7 @@ static int password_expiry_time = 0;
 static const int password_max_age_seconds = 60;
 
 enum class RebootType { reboot, recovery, shutdown };
-static void cryptfs_reboot(RebootType rt)
+static void cryptfs_reboot(RebootType rt) {
-{
     switch (rt) {
         case RebootType::reboot:
             property_set(ANDROID_RB_PROPERTY, "reboot");
@@ -253,8 +245,7 @@ static void cryptfs_reboot(RebootType rt)
     return;
 }
 
-static void ioctl_init(struct dm_ioctl *io, size_t dataSize, const char *name, unsigned flags)
+static void ioctl_init(struct dm_ioctl* io, size_t dataSize, const char* name, unsigned flags) {
-{
     memset(io, 0, dataSize);
     io->data_size = dataSize;
     io->data_start = sizeof(struct dm_ioctl);
@@ -300,8 +291,7 @@ struct CryptoType {
     const char* crypto_name;
     uint32_t keysize;
 
-    constexpr CryptoType(const char *property, const char *crypto,
+    constexpr CryptoType(const char* property, const char* crypto, uint32_t ksize)
-                         uint32_t ksize)
         : property_name(property), crypto_name(crypto), keysize(ksize) {}
     friend const CryptoType& get_crypto_type();
     static const CryptoType& get_device_crypto_algorithm();
@@ -325,13 +315,14 @@ constexpr CryptoType supported_crypto_types[] = {
     // Add new CryptoTypes here.  Order is not important.
 };
 
-
 // ---------- START COMPILE-TIME SANITY CHECK BLOCK -------------------------
 // We confirm all supported_crypto_types have a small enough keysize and
 // had both set_property_name() and set_crypto_name() called.
 
 template <typename T, size_t N>
-constexpr size_t array_length(T (&)[N]) { return N; }
+constexpr size_t array_length(T (&)[N]) {
+    return N;
+}
 
 constexpr bool indexOutOfBoundsForCryptoTypes(size_t index) {
     return (index >= array_length(supported_crypto_types));
@@ -357,28 +348,24 @@ static_assert(validateSupportedCryptoTypes(0),
               "incompletely constructed.");
 //  ---------- END COMPILE-TIME SANITY CHECK BLOCK -------------------------
 
-
 // Don't call this directly, use get_crypto_type(), which caches this result.
 const CryptoType& CryptoType::get_device_crypto_algorithm() {
     constexpr char CRYPT_ALGO_PROP[] = "ro.crypto.fde_algorithm";
     char paramstr[PROPERTY_VALUE_MAX];
 
-    property_get(CRYPT_ALGO_PROP, paramstr,
+    property_get(CRYPT_ALGO_PROP, paramstr, default_crypto_type.get_property_name());
-                 default_crypto_type.get_property_name());
     for (auto const& ctype : supported_crypto_types) {
         if (strcmp(paramstr, ctype.get_property_name()) == 0) {
             return ctype;
         }
     }
-    ALOGE("Invalid name (%s) for %s.  Defaulting to %s\n", paramstr,
+    ALOGE("Invalid name (%s) for %s.  Defaulting to %s\n", paramstr, CRYPT_ALGO_PROP,
-          CRYPT_ALGO_PROP, default_crypto_type.get_property_name());
+          default_crypto_type.get_property_name());
     return default_crypto_type;
 }
 
 }  // namespace
 
-
-
 /**
  * Gets the default device scrypt parameters for key derivation time tuning.
  * The parameters should lead to about one second derivation time for the
@@ -406,8 +393,7 @@ const char *cryptfs_get_crypto_name() {
     return get_crypto_type().get_crypto_name();
 }
 
-static unsigned int get_fs_size(char *dev)
+static unsigned int get_fs_size(char* dev) {
-{
     int fd, block_size;
     struct ext4_super_block sb;
     off64_t len;
@@ -441,8 +427,7 @@ static unsigned int get_fs_size(char *dev)
     return (unsigned int)(len / 512);
 }
 
-static int get_crypt_ftr_info(char **metadata_fname, off64_t *off)
+static int get_crypt_ftr_info(char** metadata_fname, off64_t* off) {
-{
     static int cached_data = 0;
     static off64_t cached_off = 0;
     static char cached_metadata_fname[PROPERTY_VALUE_MAX] = "";
@@ -495,8 +480,7 @@ static int get_crypt_ftr_info(char **metadata_fname, off64_t *off)
 }
 
 /* Set sha256 checksum in structure */
-static void set_ftr_sha(struct crypt_mnt_ftr *crypt_ftr)
+static void set_ftr_sha(struct crypt_mnt_ftr* crypt_ftr) {
-{
     SHA256_CTX c;
     SHA256_Init(&c);
     memset(crypt_ftr->sha256, 0, sizeof(crypt_ftr->sha256));
@@ -507,8 +491,7 @@ static void set_ftr_sha(struct crypt_mnt_ftr *crypt_ftr)
 /* key or salt can be NULL, in which case just skip writing that value.  Useful to
  * update the failed mount count but not change the key.
  */
-static int put_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
+static int put_crypt_ftr_and_key(struct crypt_mnt_ftr* crypt_ftr) {
-{
     int fd;
     unsigned int cnt;
     /* starting_off is set to the SEEK_SET offset
@@ -560,29 +543,24 @@ static int put_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
 errout:
     close(fd);
     return rc;
-
 }
 
-static bool check_ftr_sha(const struct crypt_mnt_ftr *crypt_ftr)
+static bool check_ftr_sha(const struct crypt_mnt_ftr* crypt_ftr) {
-{
     struct crypt_mnt_ftr copy;
     memcpy(&copy, crypt_ftr, sizeof(copy));
     set_ftr_sha(&copy);
     return memcmp(copy.sha256, crypt_ftr->sha256, sizeof(copy.sha256)) == 0;
 }
 
-static inline int unix_read(int  fd, void*  buff, int  len)
+static inline int unix_read(int fd, void* buff, int len) {
-{
     return TEMP_FAILURE_RETRY(read(fd, buff, len));
 }
 
-static inline int unix_write(int  fd, const void*  buff, int  len)
+static inline int unix_write(int fd, const void* buff, int len) {
-{
     return TEMP_FAILURE_RETRY(write(fd, buff, len));
 }
 
-static void init_empty_persist_data(struct crypt_persist_data *pdata, int len)
+static void init_empty_persist_data(struct crypt_persist_data* pdata, int len) {
-{
     memset(pdata, 0, len);
     pdata->persist_magic = PERSIST_DATA_MAGIC;
     pdata->persist_valid_entries = 0;
@@ -593,8 +571,7 @@ static void init_empty_persist_data(struct crypt_persist_data *pdata, int len)
  * data, crypt_ftr is a pointer to the struct to be updated, and offset is the
  * absolute offset to the start of the crypt_mnt_ftr on the passed in fd.
  */
-static void upgrade_crypt_ftr(int fd, struct crypt_mnt_ftr *crypt_ftr, off64_t offset)
+static void upgrade_crypt_ftr(int fd, struct crypt_mnt_ftr* crypt_ftr, off64_t offset) {
-{
     int orig_major = crypt_ftr->major_version;
     int orig_minor = crypt_ftr->minor_version;
 
@@ -657,9 +634,7 @@ static void upgrade_crypt_ftr(int fd, struct crypt_mnt_ftr *crypt_ftr, off64_t o
     }
 }
 
-
+static int get_crypt_ftr_and_key(struct crypt_mnt_ftr* crypt_ftr) {
-static int get_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
-{
     int fd;
     unsigned int cnt;
     off64_t starting_off;
@@ -714,9 +689,10 @@ static int get_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
     // AES-CBC key wrapping only works for multiples of 16 bytes.
     if ((crypt_ftr->keysize == 0) || ((crypt_ftr->keysize % 16) != 0) ||
         (crypt_ftr->keysize > MAX_KEY_LEN)) {
-    SLOGE("Invalid keysize (%u) for block device %s; Must be non-zero, "
+        SLOGE(
-          "divisible by 16, and <= %d\n", crypt_ftr->keysize, fname,
+            "Invalid keysize (%u) for block device %s; Must be non-zero, "
-          MAX_KEY_LEN);
+            "divisible by 16, and <= %d\n",
+            crypt_ftr->keysize, fname, MAX_KEY_LEN);
         goto errout;
     }
 
@@ -740,8 +716,7 @@ errout:
     return rc;
 }
 
-static int validate_persistent_data_storage(struct crypt_mnt_ftr *crypt_ftr)
+static int validate_persistent_data_storage(struct crypt_mnt_ftr* crypt_ftr) {
-{
     if (crypt_ftr->persist_data_offset[0] + crypt_ftr->persist_data_size >
         crypt_ftr->persist_data_offset[1]) {
         SLOGE("Crypt_ftr persist data regions overlap");
@@ -763,8 +738,7 @@ static int validate_persistent_data_storage(struct crypt_mnt_ftr *crypt_ftr)
     return 0;
 }
 
-static int load_persistent_data(void)
+static int load_persistent_data(void) {
-{
     struct crypt_mnt_ftr crypt_ftr;
     struct crypt_persist_data* pdata = NULL;
     char encrypted_state[PROPERTY_VALUE_MAX];
@@ -779,7 +753,6 @@ static int load_persistent_data(void)
         return 0;
     }
 
-
     /* If not encrypted, just allocate an empty table and initialize it */
     property_get("ro.crypto.state", encrypted_state, "");
     if (strcmp(encrypted_state, "encrypted")) {
@@ -796,8 +769,8 @@ static int load_persistent_data(void)
         return -1;
     }
 
-    if ((crypt_ftr.major_version < 1)
+    if ((crypt_ftr.major_version < 1) ||
-        || (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
+        (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
         SLOGE("Crypt_ftr version doesn't support persistent data");
         return -1;
     }
@@ -856,8 +829,7 @@ err:
     return -1;
 }
 
-static int save_persistent_data(void)
+static int save_persistent_data(void) {
-{
     struct crypt_mnt_ftr crypt_ftr;
     struct crypt_persist_data* pdata;
     char* fname;
@@ -875,8 +847,8 @@ static int save_persistent_data(void)
         return -1;
     }
 
-    if ((crypt_ftr.major_version < 1)
+    if ((crypt_ftr.major_version < 1) ||
-        || (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
+        (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
         SLOGE("Crypt_ftr version doesn't support persistent data");
         return -1;
     }
@@ -937,8 +909,7 @@ static int save_persistent_data(void)
         }
         fsync(fd);
         memset(pdata, 0, crypt_ftr.persist_data_size);
-        if (unix_write(fd, pdata, crypt_ftr.persist_data_size) !=
+        if (unix_write(fd, pdata, crypt_ftr.persist_data_size) != (int)crypt_ftr.persist_data_size) {
-            (int) crypt_ftr.persist_data_size) {
             SLOGE("Cannot write to erase previous persistent data");
             goto err2;
         }
@@ -963,8 +934,8 @@ err:
 /* Convert a binary key of specified length into an ascii hex string equivalent,
  * without the leading 0x and with null termination
  */
-static void convert_key_to_hex_ascii(const unsigned char *master_key,
+static void convert_key_to_hex_ascii(const unsigned char* master_key, unsigned int keysize,
-                                     unsigned int keysize, char *master_key_ascii) {
+                                     char* master_key_ascii) {
     unsigned int i, a;
     unsigned char nibble;
 
@@ -979,7 +950,6 @@ static void convert_key_to_hex_ascii(const unsigned char *master_key,
 
     /* Add the null termination */
     master_key_ascii[a] = '\0';
-
 }
 
 static int load_crypto_mapping_table(struct crypt_mnt_ftr* crypt_ftr,
@@ -1013,10 +983,10 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
     buff_offset = crypt_params - buffer;
     SLOGI("Extra parameters for dm_crypt: %s\n", extra_params);
     snprintf(crypt_params, sizeof(buffer) - buff_offset, "%s %s 0 %s 0 %s",
-           crypt_ftr->crypto_type_name, master_key_ascii, real_blk_name,
+             crypt_ftr->crypto_type_name, master_key_ascii, real_blk_name, extra_params);
-           extra_params);
     crypt_params += strlen(crypt_params) + 1;
-  crypt_params = (char *) (((unsigned long)crypt_params + 7) & ~8); /* Align to an 8 byte boundary */
+    crypt_params =
+        (char*)(((unsigned long)crypt_params + 7) & ~8); /* Align to an 8 byte boundary */
     tgt->next = crypt_params - buffer;
 
     for (i = 0; i < TABLE_LOAD_RETRIES; i++) {
@@ -1034,9 +1004,7 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
     }
 }
 
-
+static int get_dm_crypt_version(int fd, const char* name, int* version) {
-static int get_dm_crypt_version(int fd, const char *name,  int *version)
-{
     char buffer[DM_CRYPT_BUF_SIZE];
     struct dm_ioctl* io;
     struct dm_target_versions* v;
@@ -1148,8 +1116,7 @@ errout:
     return retval;
 }
 
-static int delete_crypto_blk_dev(const char *name)
+static int delete_crypto_blk_dev(const char* name) {
-{
     int fd;
     char buffer[DM_CRYPT_BUF_SIZE];
     struct dm_ioctl* io;
@@ -1175,23 +1142,18 @@ errout:
     close(fd); /* If fd is <0 from a failed open call, it's safe to just ignore the close error */
 
     return retval;
-
 }
 
-static int pbkdf2(const char *passwd, const unsigned char *salt,
+static int pbkdf2(const char* passwd, const unsigned char* salt, unsigned char* ikey,
-                  unsigned char *ikey, void *params UNUSED)
+                  void* params UNUSED) {
-{
     SLOGI("Using pbkdf2 for cryptfs KDF");
 
     /* Turn the password into a key and IV that can decrypt the master key */
-    return PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd), salt, SALT_LEN,
+    return PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd), salt, SALT_LEN, HASH_COUNT,
-                                  HASH_COUNT, INTERMEDIATE_BUF_SIZE,
+                                  INTERMEDIATE_BUF_SIZE, ikey) != 1;
-                                  ikey) != 1;
 }
 
-static int scrypt(const char *passwd, const unsigned char *salt,
+static int scrypt(const char* passwd, const unsigned char* salt, unsigned char* ikey, void* params) {
-                  unsigned char *ikey, void *params)
-{
     SLOGI("Using scrypt for cryptfs KDF");
 
     struct crypt_mnt_ftr* ftr = (struct crypt_mnt_ftr*)params;
@@ -1201,16 +1163,14 @@ static int scrypt(const char *passwd, const unsigned char *salt,
     int p = 1 << ftr->p_factor;
 
     /* Turn the password into a key and IV that can decrypt the master key */
-    crypto_scrypt((const uint8_t*)passwd, strlen(passwd),
+    crypto_scrypt((const uint8_t*)passwd, strlen(passwd), salt, SALT_LEN, N, r, p, ikey,
-                  salt, SALT_LEN, N, r, p, ikey,
                   INTERMEDIATE_BUF_SIZE);
 
     return 0;
 }
 
-static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
+static int scrypt_keymaster(const char* passwd, const unsigned char* salt, unsigned char* ikey,
-                            unsigned char *ikey, void *params)
+                            void* params) {
-{
     SLOGI("Using scrypt with keymaster for cryptfs KDF");
 
     int rc;
@@ -1222,8 +1182,7 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
     int r = 1 << ftr->r_factor;
     int p = 1 << ftr->p_factor;
 
-    rc = crypto_scrypt((const uint8_t*)passwd, strlen(passwd),
+    rc = crypto_scrypt((const uint8_t*)passwd, strlen(passwd), salt, SALT_LEN, N, r, p, ikey,
-                       salt, SALT_LEN, N, r, p, ikey,
                        INTERMEDIATE_BUF_SIZE);
 
     if (rc) {
@@ -1231,14 +1190,13 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
         return -1;
     }
 
-    if (keymaster_sign_object(ftr, ikey, INTERMEDIATE_BUF_SIZE,
+    if (keymaster_sign_object(ftr, ikey, INTERMEDIATE_BUF_SIZE, &signature, &signature_size)) {
-                              &signature, &signature_size)) {
         SLOGE("Signing failed");
         return -1;
     }
 
-    rc = crypto_scrypt(signature, signature_size, salt, SALT_LEN,
+    rc = crypto_scrypt(signature, signature_size, salt, SALT_LEN, N, r, p, ikey,
-                       N, r, p, ikey, INTERMEDIATE_BUF_SIZE);
+                       INTERMEDIATE_BUF_SIZE);
     free(signature);
 
     if (rc) {
@@ -1251,9 +1209,7 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
 
 static int encrypt_master_key(const char* passwd, const unsigned char* salt,
                               const unsigned char* decrypted_master_key,
-                              unsigned char *encrypted_master_key,
+                              unsigned char* encrypted_master_key, struct crypt_mnt_ftr* crypt_ftr) {
-                              struct crypt_mnt_ftr *crypt_ftr)
-{
     unsigned char ikey[INTERMEDIATE_BUF_SIZE] = {0};
     EVP_CIPHER_CTX e_ctx;
     int encrypted_len, final_len;
@@ -1297,8 +1253,8 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
     EVP_CIPHER_CTX_set_padding(&e_ctx, 0); /* Turn off padding as our data is block aligned */
 
     /* Encrypt the master key */
-    if (! EVP_EncryptUpdate(&e_ctx, encrypted_master_key, &encrypted_len,
+    if (!EVP_EncryptUpdate(&e_ctx, encrypted_master_key, &encrypted_len, decrypted_master_key,
-                            decrypted_master_key, crypt_ftr->keysize)) {
+                           crypt_ftr->keysize)) {
         SLOGE("EVP_EncryptUpdate failed\n");
         return -1;
     }
@@ -1321,9 +1277,8 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
     int r = 1 << crypt_ftr->r_factor;
     int p = 1 << crypt_ftr->p_factor;
 
-    rc = crypto_scrypt(ikey, INTERMEDIATE_KEY_LEN_BYTES,
+    rc = crypto_scrypt(ikey, INTERMEDIATE_KEY_LEN_BYTES, crypt_ftr->salt, sizeof(crypt_ftr->salt),
-                       crypt_ftr->salt, sizeof(crypt_ftr->salt), N, r, p,
+                       N, r, p, crypt_ftr->scrypted_intermediate_key,
-                       crypt_ftr->scrypted_intermediate_key,
                        sizeof(crypt_ftr->scrypted_intermediate_key));
 
     if (rc) {
@@ -1336,13 +1291,10 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
 }
 
 static int decrypt_master_key_aux(const char* passwd, unsigned char* salt,
-                                  const unsigned char *encrypted_master_key,
+                                  const unsigned char* encrypted_master_key, size_t keysize,
-                                  size_t keysize,
+                                  unsigned char* decrypted_master_key, kdf_func kdf,
-                                  unsigned char *decrypted_master_key,
+                                  void* kdf_params, unsigned char** intermediate_key,
-                                  kdf_func kdf, void *kdf_params,
+                                  size_t* intermediate_key_size) {
-                                  unsigned char** intermediate_key,
-                                  size_t* intermediate_key_size)
-{
     unsigned char ikey[INTERMEDIATE_BUF_SIZE] = {0};
     EVP_CIPHER_CTX d_ctx;
     int decrypted_len, final_len;
@@ -1356,13 +1308,14 @@ static int decrypt_master_key_aux(const char *passwd, unsigned char *salt,
 
     /* Initialize the decryption engine */
     EVP_CIPHER_CTX_init(&d_ctx);
-  if (! EVP_DecryptInit_ex(&d_ctx, EVP_aes_128_cbc(), NULL, ikey, ikey+INTERMEDIATE_KEY_LEN_BYTES)) {
+    if (!EVP_DecryptInit_ex(&d_ctx, EVP_aes_128_cbc(), NULL, ikey,
+                            ikey + INTERMEDIATE_KEY_LEN_BYTES)) {
         return -1;
     }
     EVP_CIPHER_CTX_set_padding(&d_ctx, 0); /* Turn off padding as our data is block aligned */
     /* Decrypt the master key */
-  if (! EVP_DecryptUpdate(&d_ctx, decrypted_master_key, &decrypted_len,
+    if (!EVP_DecryptUpdate(&d_ctx, decrypted_master_key, &decrypted_len, encrypted_master_key,
-                            encrypted_master_key, keysize)) {
+                           keysize)) {
         return -1;
     }
     if (!EVP_DecryptFinal_ex(&d_ctx, decrypted_master_key + decrypted_len, &final_len)) {
@@ -1387,8 +1340,7 @@ static int decrypt_master_key_aux(const char *passwd, unsigned char *salt,
     return 0;
 }
 
-static void get_kdf_func(struct crypt_mnt_ftr *ftr, kdf_func *kdf, void** kdf_params)
+static void get_kdf_func(struct crypt_mnt_ftr* ftr, kdf_func* kdf, void** kdf_params) {
-{
     if (ftr->kdf_type == KDF_SCRYPT_KEYMASTER) {
         *kdf = scrypt_keymaster;
         *kdf_params = ftr;
@@ -1402,19 +1354,16 @@ static void get_kdf_func(struct crypt_mnt_ftr *ftr, kdf_func *kdf, void** kdf_pa
 }
 
 static int decrypt_master_key(const char* passwd, unsigned char* decrypted_master_key,
-                              struct crypt_mnt_ftr *crypt_ftr,
+                              struct crypt_mnt_ftr* crypt_ftr, unsigned char** intermediate_key,
-                              unsigned char** intermediate_key,
+                              size_t* intermediate_key_size) {
-                              size_t* intermediate_key_size)
-{
     kdf_func kdf;
     void* kdf_params;
     int ret;
 
     get_kdf_func(crypt_ftr, &kdf, &kdf_params);
-    ret = decrypt_master_key_aux(passwd, crypt_ftr->salt, crypt_ftr->master_key,
+    ret = decrypt_master_key_aux(passwd, crypt_ftr->salt, crypt_ftr->master_key, crypt_ftr->keysize,
-                                 crypt_ftr->keysize,
+                                 decrypted_master_key, kdf, kdf_params, intermediate_key,
-                                 decrypted_master_key, kdf, kdf_params,
+                                 intermediate_key_size);
-                                 intermediate_key, intermediate_key_size);
     if (ret != 0) {
         SLOGW("failure decrypting master key");
     }
@@ -1422,8 +1371,8 @@ static int decrypt_master_key(const char *passwd, unsigned char *decrypted_maste
     return ret;
 }
 
-static int create_encrypted_random_key(const char *passwd, unsigned char *master_key, unsigned char *salt,
+static int create_encrypted_random_key(const char* passwd, unsigned char* master_key,
-        struct crypt_mnt_ftr *crypt_ftr) {
+                                       unsigned char* salt, struct crypt_mnt_ftr* crypt_ftr) {
     int fd;
     unsigned char key_buf[MAX_KEY_LEN];
 
@@ -1437,8 +1386,7 @@ static int create_encrypted_random_key(const char *passwd, unsigned char *master
     return encrypt_master_key(passwd, salt, key_buf, master_key, crypt_ftr);
 }
 
-int wait_and_unmount(const char *mountpoint, bool kill)
+int wait_and_unmount(const char* mountpoint, bool kill) {
-{
     int i, err, rc;
 #define WAIT_UNMOUNT_COUNT 20
 
@@ -1483,8 +1431,7 @@ int wait_and_unmount(const char *mountpoint, bool kill)
     return rc;
 }
 
-static void prep_data_fs(void)
+static void prep_data_fs(void) {
-{
     // NOTE: post_fs_data results in init calling back around to vold, so all
     // callers to this method must be async
 
@@ -1494,17 +1441,14 @@ static void prep_data_fs(void)
     SLOGD("Just triggered post_fs_data");
 
     /* Wait a max of 50 seconds, hopefully it takes much less */
-    while (!android::base::WaitForProperty("vold.post_fs_data_done",
+    while (!android::base::WaitForProperty("vold.post_fs_data_done", "1", std::chrono::seconds(15))) {
-                                        "1",
-                                        std::chrono::seconds(15))) {
         /* We timed out to prep /data in time.  Continue wait. */
         SLOGE("waited 15s for vold.post_fs_data_done, still waiting...");
     }
     SLOGD("post_fs_data done");
 }
 
-static void cryptfs_set_corrupt()
+static void cryptfs_set_corrupt() {
-{
     // Mark the footer as bad
     struct crypt_mnt_ftr crypt_ftr;
     if (get_crypt_ftr_and_key(&crypt_ftr)) {
@@ -1519,8 +1463,7 @@ static void cryptfs_set_corrupt()
     }
 }
 
-static void cryptfs_trigger_restart_min_framework()
+static void cryptfs_trigger_restart_min_framework() {
-{
     if (fs_mgr_do_tmpfs_mount(DATA_MNT_POINT)) {
         SLOGE("Failed to mount tmpfs on data - panic");
         return;
@@ -1538,8 +1481,7 @@ static void cryptfs_trigger_restart_min_framework()
 }
 
 /* returns < 0 on failure */
-static int cryptfs_restart_internal(int restart_main)
+static int cryptfs_restart_internal(int restart_main) {
-{
     char crypto_blkdev[MAXPATHLEN];
     int rc = -1;
     static int restart_successful = 0;
@@ -1620,15 +1562,12 @@ static int cryptfs_restart_internal(int restart_main)
             SLOGE("Failed to setexeccon");
             return -1;
         }
-        while ((mount_rc = fs_mgr_do_mount(fstab_default, DATA_MNT_POINT,
+        while ((mount_rc = fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, 0)) != 0) {
-                                           crypto_blkdev, 0))
-               != 0) {
             if (mount_rc == FS_MGR_DOMNT_BUSY) {
                 /* TODO: invoke something similar to
                    Process::killProcessWithOpenFiles(DATA_MNT_POINT,
                                    retries > RETRY_MOUNT_ATTEMPT/2 ? 1 : 2 ) */
-                SLOGI("Failed to mount %s because it is busy - waiting",
+                SLOGI("Failed to mount %s because it is busy - waiting", crypto_blkdev);
-                      crypto_blkdev);
                 if (--retries) {
                     sleep(RETRY_MOUNT_DELAY_SECONDS);
                 } else {
@@ -1671,8 +1610,7 @@ static int cryptfs_restart_internal(int restart_main)
     return rc;
 }
 
-int cryptfs_restart(void)
+int cryptfs_restart(void) {
-{
     SLOGI("cryptfs_restart");
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_restart not valid for file encryption:");
@@ -1683,8 +1621,7 @@ int cryptfs_restart(void)
     return cryptfs_restart_internal(1);
 }
 
-static int do_crypto_complete(const char *mount_point)
+static int do_crypto_complete(const char* mount_point) {
-{
     struct crypt_mnt_ftr crypt_ftr;
     char encrypted_state[PROPERTY_VALUE_MAX];
     char key_loc[PROPERTY_VALUE_MAX];
@@ -1739,9 +1676,8 @@ static int do_crypto_complete(const char *mount_point)
     return CRYPTO_COMPLETE_ENCRYPTED;
 }
 
-static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
+static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr, const char* passwd,
-                                   const char *passwd, const char *mount_point, const char *label)
+                                   const char* mount_point, const char* label) {
-{
     unsigned char decrypted_master_key[MAX_KEY_LEN];
     char crypto_blkdev[MAXPATHLEN];
     char real_blkdev[MAXPATHLEN];
@@ -1760,8 +1696,8 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
     orig_failed_decrypt_count = crypt_ftr->failed_decrypt_count;
 
     if (!(crypt_ftr->flags & CRYPT_MNT_KEY_UNENCRYPTED)) {
-    if (decrypt_master_key(passwd, decrypted_master_key, crypt_ftr,
+        if (decrypt_master_key(passwd, decrypted_master_key, crypt_ftr, &intermediate_key,
-                           &intermediate_key, &intermediate_key_size)) {
+                               &intermediate_key_size)) {
             SLOGE("Failed to decrypt master key\n");
             rc = -1;
             goto errout;
@@ -1772,32 +1708,29 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
 
     // Create crypto block device - all (non fatal) code paths
     // need it
-  if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key, real_blkdev, crypto_blkdev, label, 0)) {
+    if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key, real_blkdev, crypto_blkdev, label,
+                              0)) {
         SLOGE("Error creating decrypted block device\n");
         rc = -1;
         goto errout;
     }
 
     /* Work out if the problem is the password or the data */
-  unsigned char scrypted_intermediate_key[sizeof(crypt_ftr->
+    unsigned char scrypted_intermediate_key[sizeof(crypt_ftr->scrypted_intermediate_key)];
-                                                 scrypted_intermediate_key)];
 
-  rc = crypto_scrypt(intermediate_key, intermediate_key_size,
+    rc = crypto_scrypt(intermediate_key, intermediate_key_size, crypt_ftr->salt,
-                     crypt_ftr->salt, sizeof(crypt_ftr->salt),
+                       sizeof(crypt_ftr->salt), N, r, p, scrypted_intermediate_key,
-                     N, r, p, scrypted_intermediate_key,
                        sizeof(scrypted_intermediate_key));
 
     // Does the key match the crypto footer?
-  if (rc == 0 && memcmp(scrypted_intermediate_key,
+    if (rc == 0 && memcmp(scrypted_intermediate_key, crypt_ftr->scrypted_intermediate_key,
-                        crypt_ftr->scrypted_intermediate_key,
                           sizeof(scrypted_intermediate_key)) == 0) {
         SLOGI("Password matches");
         rc = 0;
     } else {
         /* Try mounting the file system anyway, just in case the problem's with
          * the footer, not the key. */
-    snprintf(tmp_mount_point, sizeof(tmp_mount_point), "%s/tmp_mnt",
+        snprintf(tmp_mount_point, sizeof(tmp_mount_point), "%s/tmp_mnt", mount_point);
-             mount_point);
         mkdir(tmp_mount_point, 0755);
         if (fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, tmp_mount_point)) {
             SLOGE("Error temp mounting decrypted block device\n");
@@ -1856,7 +1789,8 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
             // since KDFs should never fail. You *must* fix the kdf before
             // proceeding!
             if (rc) {
-          SLOGW("Upgrade failed with error %d,"
+                SLOGW(
+                    "Upgrade failed with error %d,"
                     " but continuing with previous state",
                     rc);
                 rc = 0;
@@ -1880,8 +1814,8 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
  *
  * out_crypto_blkdev must be MAXPATHLEN.
  */
-int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
+int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, const unsigned char* key,
-        const unsigned char* key, char* out_crypto_blkdev) {
+                             char* out_crypto_blkdev) {
     int fd = open(real_blkdev, O_RDONLY | O_CLOEXEC);
     if (fd == -1) {
         SLOGE("Failed to open %s: %s", real_blkdev, strerror(errno));
@@ -1919,17 +1853,16 @@ int cryptfs_revert_ext_volume(const char* label) {
     return delete_crypto_blk_dev((char*)label);
 }
 
-int cryptfs_crypto_complete(void)
+int cryptfs_crypto_complete(void) {
-{
     return do_crypto_complete("/data");
 }
 
-int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr)
+int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr) {
-{
     char encrypted_state[PROPERTY_VALUE_MAX];
     property_get("ro.crypto.state", encrypted_state, "");
     if (master_key_saved || strcmp(encrypted_state, "encrypted")) {
-        SLOGE("encrypted fs already validated or not running with encryption,"
+        SLOGE(
+            "encrypted fs already validated or not running with encryption,"
             " aborting");
         return -1;
     }
@@ -1942,8 +1875,7 @@ int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr)
     return 0;
 }
 
-int cryptfs_check_passwd(const char *passwd)
+int cryptfs_check_passwd(const char* passwd) {
-{
     SLOGI("cryptfs_check_passwd");
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_check_passwd not valid for file encryption");
@@ -1959,8 +1891,7 @@ int cryptfs_check_passwd(const char *passwd)
         return rc;
     }
 
-    rc = test_mount_encrypted_fs(&crypt_ftr, passwd,
+    rc = test_mount_encrypted_fs(&crypt_ftr, passwd, DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
-                                 DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
     if (rc) {
         SLOGE("Password did not match");
         return rc;
@@ -1972,8 +1903,8 @@ int cryptfs_check_passwd(const char *passwd)
         // First, we must delete the crypto block device that
         // test_mount_encrypted_fs leaves behind as a side effect
         delete_crypto_blk_dev(CRYPTO_BLOCK_DEVICE);
-        rc = test_mount_encrypted_fs(&crypt_ftr, DEFAULT_PASSWORD,
+        rc = test_mount_encrypted_fs(&crypt_ftr, DEFAULT_PASSWORD, DATA_MNT_POINT,
-                                     DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
+                                     CRYPTO_BLOCK_DEVICE);
         if (rc) {
             SLOGE("Default password did not match on reboot encryption");
             return rc;
@@ -1999,8 +1930,7 @@ int cryptfs_check_passwd(const char *passwd)
     return rc;
 }
 
-int cryptfs_verify_passwd(const char *passwd)
+int cryptfs_verify_passwd(const char* passwd) {
-{
     struct crypt_mnt_ftr crypt_ftr;
     unsigned char decrypted_master_key[MAX_KEY_LEN];
     char encrypted_state[PROPERTY_VALUE_MAX];
@@ -2050,8 +1980,7 @@ int cryptfs_verify_passwd(const char *passwd)
  * Presumably, at a minimum, the caller will update the
  * filesystem size and crypto_type_name after calling this function.
  */
-static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr *ftr)
+static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr* ftr) {
-{
     off64_t off;
 
     memset(ftr, 0, sizeof(struct crypt_mnt_ftr));
@@ -2080,8 +2009,7 @@ static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr *ftr)
     ftr->persist_data_size = CRYPT_PERSIST_DATA_SIZE;
     if (get_crypt_ftr_info(NULL, &off) == 0) {
         ftr->persist_data_offset[0] = off + CRYPT_FOOTER_TO_PERSIST_OFFSET;
-        ftr->persist_data_offset[1] = off + CRYPT_FOOTER_TO_PERSIST_OFFSET +
+        ftr->persist_data_offset[1] = off + CRYPT_FOOTER_TO_PERSIST_OFFSET + ftr->persist_data_size;
-                                    ftr->persist_data_size;
     }
 
     return 0;
@@ -2089,8 +2017,7 @@ static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr *ftr)
 
 #define FRAMEWORK_BOOT_WAIT 60
 
-static int cryptfs_SHA256_fileblock(const char* filename, __le8* buf)
+static int cryptfs_SHA256_fileblock(const char* filename, __le8* buf) {
-{
     int fd = open(filename, O_RDONLY | O_CLOEXEC);
     if (fd == -1) {
         SLOGE("Error opening file %s", filename);
@@ -2224,8 +2151,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
     if (!strcmp(key_loc, KEY_IN_FOOTER)) {
         unsigned int fs_size_sec, max_fs_size_sec;
         fs_size_sec = get_fs_size(real_blkdev);
-        if (fs_size_sec == 0)
+        if (fs_size_sec == 0) fs_size_sec = get_f2fs_filesystem_size_sec(real_blkdev);
-            fs_size_sec = get_f2fs_filesystem_size_sec(real_blkdev);
 
         max_fs_size_sec = nr_sec - (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE);
 
@@ -2299,8 +2225,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
         }
 
         if (!strcmp(key_loc, KEY_IN_FOOTER)) {
-            crypt_ftr.fs_size = nr_sec
+            crypt_ftr.fs_size = nr_sec - (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE);
-              - (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE);
         } else {
             crypt_ftr.fs_size = nr_sec;
         }
@@ -2314,7 +2239,8 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
             crypt_ftr.flags |= CRYPT_INCONSISTENT_STATE;
         }
         crypt_ftr.crypt_type = crypt_type;
-        strlcpy((char *)crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(), MAX_CRYPTO_TYPE_NAME_LEN);
+        strlcpy((char*)crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(),
+                MAX_CRYPTO_TYPE_NAME_LEN);
 
         /* Make an encrypted master key */
         if (create_encrypted_random_key(onlyCreateHeader ? DEFAULT_PASSWORD : passwd,
@@ -2328,8 +2254,8 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
             unsigned char fake_master_key[MAX_KEY_LEN];
             unsigned char encrypted_fake_master_key[MAX_KEY_LEN];
             memset(fake_master_key, 0, sizeof(fake_master_key));
-            encrypt_master_key(passwd, crypt_ftr.salt, fake_master_key,
+            encrypt_master_key(passwd, crypt_ftr.salt, fake_master_key, encrypted_fake_master_key,
-                               encrypted_fake_master_key, &crypt_ftr);
+                               &crypt_ftr);
         }
 
         /* Write the key to the end of the partition */
@@ -2377,8 +2303,8 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
         __le8 hash_first_block[SHA256_DIGEST_LENGTH];
         rc = cryptfs_SHA256_fileblock(crypto_blkdev, hash_first_block);
 
-        if (!rc && memcmp(hash_first_block, crypt_ftr.hash_first_block,
+        if (!rc &&
-                          sizeof(hash_first_block)) != 0) {
+            memcmp(hash_first_block, crypt_ftr.hash_first_block, sizeof(hash_first_block)) != 0) {
             SLOGE("Checksums do not match - trigger wipe");
             rc = -1;
         }
@@ -2391,8 +2317,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
 
     /* Calculate checksum if we are not finished */
     if (!rc && crypt_ftr.encrypted_upto != crypt_ftr.fs_size) {
-        rc = cryptfs_SHA256_fileblock(crypto_blkdev,
+        rc = cryptfs_SHA256_fileblock(crypto_blkdev, crypt_ftr.hash_first_block);
-                                      crypt_ftr.hash_first_block);
         if (rc) {
             SLOGE("Error calculating checksum for continuing encryption");
             rc = -1;
@@ -2450,8 +2375,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
             SLOGE("encryption failed - rebooting into recovery to wipe data\n");
             std::string err;
             const std::vector<std::string> options = {
-                "--wipe_data\n--reason=cryptfs_enable_internal\n"
+                "--wipe_data\n--reason=cryptfs_enable_internal\n"};
-            };
             if (!write_bootloader_message(options, &err)) {
                 SLOGE("could not write bootloader message: %s", err.c_str());
             }
@@ -2484,7 +2408,9 @@ error_shutting_down:
      * but the framework is stopped and not restarted to show the error, so it's up to
      * vold to restart the system.
      */
-    SLOGE("Error enabling encryption after framework is shutdown, no data changed, restarting system");
+    SLOGE(
+        "Error enabling encryption after framework is shutdown, no data changed, restarting "
+        "system");
     cryptfs_reboot(RebootType::reboot);
 
     /* shouldn't get here */
@@ -2503,8 +2429,7 @@ int cryptfs_enable_default(int no_ui) {
     return cryptfs_enable_internal(CRYPT_TYPE_DEFAULT, DEFAULT_PASSWORD, no_ui);
 }
 
-int cryptfs_changepw(int crypt_type, const char *newpw)
+int cryptfs_changepw(int crypt_type, const char* newpw) {
-{
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_changepw not valid for file encryption");
         return -1;
@@ -2532,12 +2457,8 @@ int cryptfs_changepw(int crypt_type, const char *newpw)
 
     crypt_ftr.crypt_type = crypt_type;
 
-    rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD
+    rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD : newpw,
-                                                        : newpw,
+                            crypt_ftr.salt, saved_master_key, crypt_ftr.master_key, &crypt_ftr);
-                       crypt_ftr.salt,
-                       saved_master_key,
-                       crypt_ftr.master_key,
-                       &crypt_ftr);
     if (rc) {
         SLOGE("Encrypt master key failed: %d", rc);
         return -1;
@@ -2565,14 +2486,13 @@ static unsigned int persist_get_max_entries(int encrypted) {
         dsize = CRYPT_PERSIST_DATA_SIZE;
     }
 
-    max_persistent_entries = (dsize - sizeof(struct crypt_persist_data)) /
+    max_persistent_entries =
-        sizeof(struct crypt_persist_entry);
+        (dsize - sizeof(struct crypt_persist_data)) / sizeof(struct crypt_persist_entry);
 
     return max_persistent_entries;
 }
 
-static int persist_get_key(const char *fieldname, char *value)
+static int persist_get_key(const char* fieldname, char* value) {
-{
     unsigned int i;
 
     if (persist_data == NULL) {
@@ -2589,8 +2509,7 @@ static int persist_get_key(const char *fieldname, char *value)
     return -1;
 }
 
-static int persist_set_key(const char *fieldname, const char *value, int encrypted)
+static int persist_set_key(const char* fieldname, const char* value, int encrypted) {
-{
     unsigned int i;
     unsigned int num;
     unsigned int max_persistent_entries;
@@ -2655,8 +2574,7 @@ int match_multi_entry(const char *key, const char *field, unsigned index) {
  * and PERSIST_DEL_KEY_ERROR_OTHER if error occurs.
  *
  */
-static int persist_del_keys(const char *fieldname, unsigned index)
+static int persist_del_keys(const char* fieldname, unsigned index) {
-{
     unsigned int i;
     unsigned int j;
     unsigned int num;
@@ -2687,8 +2605,7 @@ static int persist_del_keys(const char *fieldname, unsigned index)
     }
 }
 
-static int persist_count_keys(const char *fieldname)
+static int persist_count_keys(const char* fieldname) {
-{
     unsigned int i;
     unsigned int count;
 
@@ -2707,8 +2624,7 @@ static int persist_count_keys(const char *fieldname)
 }
 
 /* Return the value of the specified field. */
-int cryptfs_getfield(const char *fieldname, char *value, int len)
+int cryptfs_getfield(const char* fieldname, char* value, int len) {
-{
     if (e4crypt_is_native()) {
         SLOGE("Cannot get field when file encrypted");
         return -1;
@@ -2773,8 +2689,7 @@ out:
 }
 
 /* Set the value of the specified field. */
-int cryptfs_setfield(const char *fieldname, const char *value)
+int cryptfs_setfield(const char* fieldname, const char* value) {
-{
     if (e4crypt_is_native()) {
         SLOGE("Cannot set field when file encrypted");
         return -1;
@@ -2867,13 +2782,13 @@ out:
  * On success trigger next init phase and return 0.
  * Currently do not handle failure - see TODO below.
  */
-int cryptfs_mount_default_encrypted(void)
+int cryptfs_mount_default_encrypted(void) {
-{
     int crypt_type = cryptfs_get_password_type();
     if (crypt_type < 0 || crypt_type > CRYPT_TYPE_MAX_TYPE) {
         SLOGE("Bad crypt type - error");
     } else if (crypt_type != CRYPT_TYPE_DEFAULT) {
-        SLOGD("Password is not default - "
+        SLOGD(
+            "Password is not default - "
             "starting min framework to prompt");
         property_set("vold.decrypt", "trigger_restart_min_framework");
         return 0;
@@ -2894,8 +2809,7 @@ int cryptfs_mount_default_encrypted(void)
 
 /* Returns type of the password, default, pattern, pin or password.
  */
-int cryptfs_get_password_type(void)
+int cryptfs_get_password_type(void) {
-{
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_get_password_type not valid for file encryption");
         return -1;
@@ -2915,8 +2829,7 @@ int cryptfs_get_password_type(void)
     return crypt_ftr.crypt_type;
 }
 
-const char* cryptfs_get_password()
+const char* cryptfs_get_password() {
-{
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_get_password not valid for file encryption");
         return 0;
@@ -2932,8 +2845,7 @@ const char* cryptfs_get_password()
     }
 }
 
-void cryptfs_clear_password()
+void cryptfs_clear_password() {
-{
     if (password) {
         size_t len = strlen(password);
         memset(password, 0, len);
@@ -2943,8 +2855,7 @@ void cryptfs_clear_password()
     }
 }
 
-int cryptfs_isConvertibleToFBE()
+int cryptfs_isConvertibleToFBE() {
-{
     struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
     return (rec && fs_mgr_is_convertible_to_fbe(rec)) ? 1 : 0;
 }

cryptfs.h

@@ -51,29 +51,36 @@
 
 /* definitions of flags in the structure below */
 #define CRYPT_MNT_KEY_UNENCRYPTED 0x1 /* The key for the partition is not encrypted. */
-#define CRYPT_ENCRYPTION_IN_PROGRESS 0x2 /* Encryption partially completed,
+#define CRYPT_ENCRYPTION_IN_PROGRESS       \
+    0x2 /* Encryption partially completed, \
            encrypted_upto valid*/
-#define CRYPT_INCONSISTENT_STATE 0x4 /* Set when starting encryption, clear when
+#define CRYPT_INCONSISTENT_STATE                    \
-                                        exit cleanly, either through success or
+    0x4 /* Set when starting encryption, clear when \
+           exit cleanly, either through success or  \
            correctly marked partial encryption */
-#define CRYPT_DATA_CORRUPT 0x8 /* Set when encryption is fine, but the
+#define CRYPT_DATA_CORRUPT                      \
+    0x8 /* Set when encryption is fine, but the \
            underlying volume is corrupt */
-#define CRYPT_FORCE_ENCRYPTION 0x10 /* Set when it is time to encrypt this
+#define CRYPT_FORCE_ENCRYPTION                        \
-                                       volume on boot. Everything in this
+    0x10 /* Set when it is time to encrypt this       \
-                                       structure is set up correctly as
+            volume on boot. Everything in this        \
-                                       though device is encrypted except
+            structure is set up correctly as          \
-                                       that the master key is encrypted with the
+            though device is encrypted except         \
+            that the master key is encrypted with the \
             default password. */
-#define CRYPT_FORCE_COMPLETE 0x20 /* Set when the above encryption cycle is
+#define CRYPT_FORCE_COMPLETE                           \
-                                     complete. On next cryptkeeper entry, match
+    0x20 /* Set when the above encryption cycle is     \
-                                     the password. If it matches fix the master
+            complete. On next cryptkeeper entry, match \
+            the password. If it matches fix the master \
             key and remove this flag. */
 
 /* Allowed values for type in the structure below */
-#define CRYPT_TYPE_PASSWORD 0 /* master_key is encrypted with a password
+#define CRYPT_TYPE_PASSWORD                       \
-                               * Must be zero to be compatible with pre-L
+    0 /* master_key is encrypted with a password  \
+       * Must be zero to be compatible with pre-L \
        * devices where type is always password.*/
-#define CRYPT_TYPE_DEFAULT  1 /* master_key is encrypted with default
+#define CRYPT_TYPE_DEFAULT                                           \
+    1                        /* master_key is encrypted with default \
                               * password */
 #define CRYPT_TYPE_PATTERN 2 /* master_key is encrypted with a pattern */
 #define CRYPT_TYPE_PIN 3     /* master_key is encrypted with a pin */

fs/Ext4.cpp

@@ -14,23 +14,20 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <vector>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 #include <string>
+#include <vector>
 
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/mman.h>
 #include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 
 #include <linux/kdev_t.h>
@@ -59,9 +56,8 @@ static const char* kMkfsPath = "/system/bin/mke2fs";
 static const char* kFsckPath = "/system/bin/e2fsck";
 
 bool IsSupported() {
-    return access(kMkfsPath, X_OK) == 0
+    return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
-            && access(kFsckPath, X_OK) == 0
+           IsFilesystemSupported("ext4");
-            && IsFilesystemSupported("ext4");
 }
 
 status_t Check(const std::string& source, const std::string& target) {
@@ -127,8 +123,8 @@ status_t Check(const std::string& source, const std::string& target) {
     return 0;
 }
 
-status_t Mount(const std::string& source, const std::string& target, bool ro,
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
-        bool remount, bool executable) {
+               bool executable) {
     int rc;
     unsigned long flags;
 
@@ -162,8 +158,7 @@ status_t Resize(const std::string& source, unsigned long numSectors) {
     return ForkExecvp(cmd);
 }
 
-status_t Format(const std::string& source, unsigned long numSectors,
+status_t Format(const std::string& source, unsigned long numSectors, const std::string& target) {
-        const std::string& target) {
     std::vector<std::string> cmd;
     cmd.push_back(kMkfsPath);
 

fs/Ext4.h

@@ -28,10 +28,9 @@ namespace ext4 {
 bool IsSupported();
 
 status_t Check(const std::string& source, const std::string& target);
-status_t Mount(const std::string& source, const std::string& target, bool ro,
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
-        bool remount, bool executable);
+               bool executable);
-status_t Format(const std::string& source, unsigned long numSectors,
+status_t Format(const std::string& source, unsigned long numSectors, const std::string& target);
-        const std::string& target);
 status_t Resize(const std::string& source, unsigned long numSectors);
 
 }  // namespace ext4

fs/F2fs.cpp

@@ -22,8 +22,8 @@
 #include <android-base/stringprintf.h>
 #include <ext4_utils/ext4_crypt.h>
 
-#include <vector>
 #include <string>
+#include <vector>
 
 #include <sys/mount.h>
 
@@ -37,9 +37,8 @@ static const char* kMkfsPath = "/system/bin/make_f2fs";
 static const char* kFsckPath = "/system/bin/fsck.f2fs";
 
 bool IsSupported() {
-    return access(kMkfsPath, X_OK) == 0
+    return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
-            && access(kFsckPath, X_OK) == 0
+           IsFilesystemSupported("f2fs");
-            && IsFilesystemSupported("f2fs");
 }
 
 status_t Check(const std::string& source) {

fs/Vfat.cpp

@@ -14,24 +14,21 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/mman.h>
-#include <sys/mount.h>
-#include <sys/wait.h>
 #include <linux/fs.h>
 #include <sys/ioctl.h>
+#include <sys/mman.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
 
 #include <linux/kdev_t.h>
 
@@ -41,8 +38,8 @@
 
 #include <logwrap/logwrap.h>
 
-#include "Vfat.h"
 #include "Utils.h"
+#include "Vfat.h"
 #include "VoldUtil.h"
 
 using android::base::StringPrintf;
@@ -55,9 +52,8 @@ static const char* kMkfsPath = "/system/bin/newfs_msdos";
 static const char* kFsckPath = "/system/bin/fsck_msdos";
 
 bool IsSupported() {
-    return access(kMkfsPath, X_OK) == 0
+    return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
-            && access(kFsckPath, X_OK) == 0
+           IsFilesystemSupported("vfat");
-            && IsFilesystemSupported("vfat");
 }
 
 status_t Check(const std::string& source) {
@@ -113,9 +109,8 @@ status_t Check(const std::string& source) {
     return 0;
 }
 
-status_t Mount(const std::string& source, const std::string& target, bool ro,
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
-        bool remount, bool executable, int ownerUid, int ownerGid, int permMask,
+               bool executable, int ownerUid, int ownerGid, int permMask, bool createLost) {
-        bool createLost) {
     int rc;
     unsigned long flags;
 
@@ -128,8 +123,8 @@ status_t Mount(const std::string& source, const std::string& target, bool ro,
     flags |= (ro ? MS_RDONLY : 0);
     flags |= (remount ? MS_REMOUNT : 0);
 
-    auto mountData = android::base::StringPrintf(
+    auto mountData =
-            "utf8,uid=%d,gid=%d,fmask=%o,dmask=%o,shortname=mixed",
+        android::base::StringPrintf("utf8,uid=%d,gid=%d,fmask=%o,dmask=%o,shortname=mixed",
                                     ownerUid, ownerGid, permMask, permMask);
 
     rc = mount(c_source, c_target, "vfat", flags, mountData.c_str());

fs/Vfat.h

@@ -28,9 +28,8 @@ namespace vfat {
 bool IsSupported();
 
 status_t Check(const std::string& source);
-status_t Mount(const std::string& source, const std::string& target, bool ro,
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
-        bool remount, bool executable, int ownerUid, int ownerGid, int permMask,
+               bool executable, int ownerUid, int ownerGid, int permMask, bool createLost);
-        bool createLost);
 status_t Format(const std::string& source, unsigned long numSectors);
 
 }  // namespace vfat

hash.h

@@ -58,9 +58,7 @@
 #define CRAYFIX(X) (X)
 #endif
 
-static inline u_int32_t
+static inline u_int32_t cshift(u_int32_t x, unsigned int n) {
-cshift (u_int32_t x, unsigned int n)
-{
     x = CRAYFIX(x);
     return CRAYFIX((x << n) | (x >> (32 - n)));
 }

main.cpp

@@ -16,12 +16,12 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
-#include "model/Disk.h"
-#include "VolumeManager.h"
 #include "NetlinkManager.h"
 #include "VoldNativeService.h"
 #include "VoldUtil.h"
+#include "VolumeManager.h"
 #include "cryptfs.h"
+#include "model/Disk.h"
 #include "sehandle.h"
 
 #include <android-base/logging.h>
@@ -31,16 +31,16 @@
 #include <hidl/HidlTransportSupport.h>
 #include <utils/Trace.h>
 
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <fs_mgr.h>
+#include <getopt.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
 #include <string.h>
 #include <sys/stat.h>
 #include <sys/types.h>
-#include <getopt.h>
-#include <fcntl.h>
-#include <dirent.h>
-#include <fs_mgr.h>
 
 static int process_config(VolumeManager* vm, bool* has_adoptable, bool* has_quota,
                           bool* has_reserved);
@@ -60,7 +60,6 @@ int main(int argc, char** argv) {
 
     ATRACE_BEGIN("main");
 
-
     LOG(VERBOSE) << "Detected support for:"
                  << (android::vold::IsFilesystemSupported("ext4") ? " ext4" : "")
                  << (android::vold::IsFilesystemSupported("f2fs") ? " f2fs" : "")
@@ -157,10 +156,12 @@ static void parse_args(int argc, char** argv) {
     int c;
     while ((c = getopt_long(argc, argv, "", opts, nullptr)) != -1) {
         switch (c) {
+            // clang-format off
         case 'b': android::vold::sBlkidContext = optarg; break;
         case 'B': android::vold::sBlkidUntrustedContext = optarg; break;
         case 'f': android::vold::sFsckContext = optarg; break;
         case 'F': android::vold::sFsckUntrustedContext = optarg; break;
+                // clang-format on
         }
     }
 
@@ -185,15 +186,12 @@ static void do_coldboot(DIR *d, int lvl) {
     while ((de = readdir(d))) {
         DIR* d2;
 
-        if (de->d_name[0] == '.')
+        if (de->d_name[0] == '.') continue;
-            continue;
 
-        if (de->d_type != DT_DIR && lvl > 0)
+        if (de->d_type != DT_DIR && lvl > 0) continue;
-            continue;
 
         fd = openat(dfd, de->d_name, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
-        if(fd < 0)
+        if (fd < 0) continue;
-            continue;
 
         d2 = fdopendir(fd);
         if (d2 == 0)
@@ -251,8 +249,8 @@ static int process_config(VolumeManager* vm, bool* has_adoptable, bool* has_quot
                 flags |= android::vold::Disk::Flags::kAdoptable;
                 *has_adoptable = true;
             }
-            if (fs_mgr_is_noemulatedsd(rec)
+            if (fs_mgr_is_noemulatedsd(rec) ||
-                    || android::base::GetBoolProperty("vold.debug.default_primary", false)) {
+                android::base::GetBoolProperty("vold.debug.default_primary", false)) {
                 flags |= android::vold::Disk::Flags::kDefaultPrimary;
             }
 

model/Disk.cpp

@@ -15,36 +15,36 @@
  */
 
 #include "Disk.h"
-#include "PublicVolume.h"
+#include "Ext4Crypt.h"
 #include "PrivateVolume.h"
+#include "PublicVolume.h"
 #include "Utils.h"
 #include "VolumeBase.h"
 #include "VolumeManager.h"
-#include "Ext4Crypt.h"
 
 #include <android-base/file.h>
 #include <android-base/logging.h>
+#include <android-base/parseint.h>
 #include <android-base/properties.h>
 #include <android-base/stringprintf.h>
 #include <android-base/strings.h>
-#include <android-base/parseint.h>
 #include <ext4_utils/ext4_crypt.h>
 
 #include "cryptfs.h"
 
-#include <vector>
 #include <fcntl.h>
 #include <inttypes.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <sys/types.h>
+#include <sys/mount.h>
 #include <sys/stat.h>
 #include <sys/sysmacros.h>
-#include <sys/mount.h>
+#include <sys/types.h>
+#include <vector>
 
 using android::base::ReadFileToString;
-using android::base::WriteStringToFile;
 using android::base::StringPrintf;
+using android::base::WriteStringToFile;
 
 namespace android {
 namespace vold {
@@ -112,20 +112,22 @@ static bool isVirtioBlkDevice(unsigned int major) {
      * "ranchu", the device's sysfs path should end with "/block/vd[d-z]", etc.
      * But just having a) and b) is enough for now.
      */
-    return IsRunningInEmulator() && major >= kMajorBlockExperimentalMin
+    return IsRunningInEmulator() && major >= kMajorBlockExperimentalMin &&
-            && major <= kMajorBlockExperimentalMax;
+           major <= kMajorBlockExperimentalMax;
 }
 
 static bool isNvmeBlkDevice(unsigned int major, const std::string& sysPath) {
-    return sysPath.find("nvme") != std::string::npos
+    return sysPath.find("nvme") != std::string::npos && major >= kMajorBlockDynamicMin &&
-            && major >= kMajorBlockDynamicMin
+           major <= kMajorBlockDynamicMax;
-            && major <= kMajorBlockDynamicMax;
 }
 
-Disk::Disk(const std::string& eventPath, dev_t device,
+Disk::Disk(const std::string& eventPath, dev_t device, const std::string& nickname, int flags)
-        const std::string& nickname, int flags) :
+    : mDevice(device),
-        mDevice(device), mSize(-1), mNickname(nickname), mFlags(flags), mCreated(
+      mSize(-1),
-                false), mJustPartitioned(false) {
+      mNickname(nickname),
+      mFlags(flags),
+      mCreated(false),
+      mJustPartitioned(false) {
     mId = StringPrintf("disk:%u,%u", major(device), minor(device));
     mEventPath = eventPath;
     mSysPath = StringPrintf("/sys/%s", eventPath.c_str());
@@ -255,10 +257,14 @@ status_t Disk::readMetadata() {
             mLabel = "Virtual";
             break;
         }
-    case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC: case kMajorBlockScsiD:
+        // clang-format off
-    case kMajorBlockScsiE: case kMajorBlockScsiF: case kMajorBlockScsiG: case kMajorBlockScsiH:
+        case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC:
-    case kMajorBlockScsiI: case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+        case kMajorBlockScsiD: case kMajorBlockScsiE: case kMajorBlockScsiF:
-    case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO: case kMajorBlockScsiP: {
+        case kMajorBlockScsiG: case kMajorBlockScsiH: case kMajorBlockScsiI:
+        case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+        case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO:
+        case kMajorBlockScsiP: {
+            // clang-format on
             std::string path(mSysPath + "/device/vendor");
             std::string tmp;
             if (!ReadFileToString(path, &tmp)) {
@@ -286,10 +292,12 @@ status_t Disk::readMetadata() {
             // matching whatever is silk-screened on the card.  To reduce
             // user confusion, this list doesn't contain white-label manfid.
             switch (manfid) {
+                // clang-format off
                 case 0x000003: mLabel = "SanDisk"; break;
                 case 0x00001b: mLabel = "Samsung"; break;
                 case 0x000028: mLabel = "Lexar"; break;
                 case 0x000074: mLabel = "Transcend"; break;
+                    // clang-format on
             }
             break;
         }
@@ -316,8 +324,7 @@ status_t Disk::readMetadata() {
     }
 
     auto listener = VolumeManager::Instance()->getListener();
-    if (listener) listener->onDiskMetadataChanged(getId(),
+    if (listener) listener->onDiskMetadataChanged(getId(), mSize, mLabel, mSysPath);
-            mSize, mLabel, mSysPath);
 
     return OK;
 }
@@ -571,10 +578,14 @@ int Disk::getMaxMinors() {
             }
             return std::stoi(tmp);
         }
-    case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC: case kMajorBlockScsiD:
+        // clang-format off
-    case kMajorBlockScsiE: case kMajorBlockScsiF: case kMajorBlockScsiG: case kMajorBlockScsiH:
+        case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC:
-    case kMajorBlockScsiI: case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+        case kMajorBlockScsiD: case kMajorBlockScsiE: case kMajorBlockScsiF:
-    case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO: case kMajorBlockScsiP: {
+        case kMajorBlockScsiG: case kMajorBlockScsiH: case kMajorBlockScsiI:
+        case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+        case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO:
+        case kMajorBlockScsiP: {
+            // clang-format on
             // Per Documentation/devices.txt this is static
             return 15;
         }

model/ObbVolume.cpp

@@ -14,12 +14,12 @@
  * limitations under the License.
  */
 
-#include "fs/Vfat.h"
+#include "ObbVolume.h"
 #include "Devmapper.h"
 #include "Loop.h"
-#include "ObbVolume.h"
 #include "Utils.h"
 #include "VoldUtil.h"
+#include "fs/Vfat.h"
 
 #include <android-base/logging.h>
 #include <android-base/stringprintf.h>
@@ -31,8 +31,8 @@
 #include <stdlib.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/sysmacros.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 
 using android::base::StringPrintf;
@@ -42,15 +42,15 @@ namespace android {
 namespace vold {
 
 ObbVolume::ObbVolume(int id, const std::string& sourcePath, const std::string& sourceKey,
-        gid_t ownerGid) : VolumeBase(Type::kObb) {
+                     gid_t ownerGid)
+    : VolumeBase(Type::kObb) {
     setId(StringPrintf("obb:%d", id));
     mSourcePath = sourcePath;
     mSourceKey = sourceKey;
     mOwnerGid = ownerGid;
 }
 
-ObbVolume::~ObbVolume() {
+ObbVolume::~ObbVolume() {}
-}
 
 status_t ObbVolume::doCreate() {
     if (Loop::create(mSourcePath, mLoopPath)) {
@@ -75,8 +75,8 @@ status_t ObbVolume::doCreate() {
         }
 
         char tmp[PATH_MAX];
-        if (Devmapper::create(getId().c_str(), mLoopPath.c_str(), mSourceKey.c_str(), nr_sec,
+        if (Devmapper::create(getId().c_str(), mLoopPath.c_str(), mSourceKey.c_str(), nr_sec, tmp,
-                tmp, PATH_MAX)) {
+                              PATH_MAX)) {
             PLOG(ERROR) << getId() << " failed to create dm";
             return -1;
         }
@@ -108,8 +108,10 @@ status_t ObbVolume::doMount() {
         PLOG(ERROR) << getId() << " failed to create mount point";
         return -1;
     }
-    if (android::vold::vfat::Mount(mMountPath, path,
+    // clang-format off
-            true, false, true, 0, mOwnerGid, 0227, false)) {
+    if (android::vold::vfat::Mount(mMountPath, path, true, false, true,
+                                   0, mOwnerGid, 0227, false)) {
+        // clang-format on
         PLOG(ERROR) << getId() << " failed to mount";
         return -1;
     }

model/ObbVolume.h

@@ -29,8 +29,7 @@ namespace vold {
  */
 class ObbVolume : public VolumeBase {
   public:
-    ObbVolume(int id, const std::string& sourcePath, const std::string& sourceKey,
+    ObbVolume(int id, const std::string& sourcePath, const std::string& sourceKey, gid_t ownerGid);
-            gid_t ownerGid);
     virtual ~ObbVolume();
 
   protected:

model/PrivateVolume.cpp

@@ -14,27 +14,27 @@
  * limitations under the License.
  */
 
-#include "fs/Ext4.h"
-#include "fs/F2fs.h"
 #include "PrivateVolume.h"
 #include "EmulatedVolume.h"
 #include "Utils.h"
 #include "VolumeManager.h"
 #include "cryptfs.h"
+#include "fs/Ext4.h"
+#include "fs/F2fs.h"
 
-#include <android-base/stringprintf.h>
 #include <android-base/logging.h>
+#include <android-base/stringprintf.h>
 #include <cutils/fs.h>
 #include <private/android_filesystem_config.h>
 
 #include <fcntl.h>
 #include <stdlib.h>
 #include <sys/mount.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/sysmacros.h>
-#include <sys/wait.h>
 #include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/sysmacros.h>
+#include <sys/types.h>
+#include <sys/wait.h>
 
 using android::base::StringPrintf;
 
@@ -43,14 +43,13 @@ namespace vold {
 
 static const unsigned int kMajorBlockMmc = 179;
 
-PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw) :
+PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw)
-        VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
+    : VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
     setId(StringPrintf("private:%u,%u", major(device), minor(device)));
     mRawDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
 }
 
-PrivateVolume::~PrivateVolume() {
+PrivateVolume::~PrivateVolume() {}
-}
 
 status_t PrivateVolume::readMetadata() {
     status_t res = ReadMetadata(mDmDevPath, &mFsType, &mFsUuid, &mFsLabel);
@@ -66,8 +65,8 @@ status_t PrivateVolume::doCreate() {
         return -EIO;
     }
     if (mKeyRaw.size() != cryptfs_get_keysize()) {
-      PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size() <<
+        PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size()
-          " does not match crypt keysize " << cryptfs_get_keysize();
+                    << " does not match crypt keysize " << cryptfs_get_keysize();
         return -EIO;
     }
 
@@ -78,8 +77,7 @@ status_t PrivateVolume::doCreate() {
 
     unsigned char* key = (unsigned char*)mKeyRaw.data();
     char crypto_blkdev[MAXPATHLEN];
-    int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(),
+    int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(), key, crypto_blkdev);
-            key, crypto_blkdev);
     mDmDevPath = crypto_blkdev;
     if (res != 0) {
         PLOG(ERROR) << getId() << " failed to setup cryptfs";
@@ -160,8 +158,7 @@ status_t PrivateVolume::doMount() {
     // Create a new emulated volume stacked above us, it will automatically
     // be destroyed during unmount
     std::string mediaPath(mPath + "/media");
-    auto vol = std::shared_ptr<VolumeBase>(
+    auto vol = std::shared_ptr<VolumeBase>(new EmulatedVolume(mediaPath, mRawDevice, mFsUuid));
-            new EmulatedVolume(mediaPath, mRawDevice, mFsUuid));
     addVolume(vol);
     vol->create();
 

secdiscard.cpp

@@ -18,15 +18,15 @@
 #include <string>
 #include <vector>
 
+#include <errno.h>
+#include <fcntl.h>
+#include <linux/fiemap.h>
+#include <linux/fs.h>
+#include <mntent.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
-#include <sys/types.h>
 #include <sys/stat.h>
-#include <fcntl.h>
+#include <sys/types.h>
-#include <linux/fs.h>
-#include <linux/fiemap.h>
-#include <mntent.h>
 
 #include <android-base/logging.h>
 #include <android-base/unique_fd.h>
@@ -48,7 +48,7 @@ bool secdiscard_path(const std::string &path);
 bool check_fiemap(const struct fiemap& fiemap, const std::string& path);
 bool overwrite_with_zeros(int fd, off64_t start, off64_t length);
 
-}
+}  // namespace
 
 int main(int argc, const char* const argv[]) {
     android::base::InitLogging(const_cast<char**>(argv));
@@ -75,8 +75,7 @@ int main(int argc, const char * const argv[]) {
 #define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
 #define F2FS_IOC_GET_PIN_FILE _IOR(F2FS_IOCTL_MAGIC, 14, __u32)
 #endif
-        android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(
+        android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(target.c_str(), O_WRONLY, 0)));
-            target.c_str(), O_WRONLY, 0)));
         if (fd == -1) {
             LOG(ERROR) << "Secure discard open failed for: " << target;
             return 0;
@@ -133,8 +132,8 @@ bool secdiscard_path(const std::string &path) {
     if (block_device.empty()) {
         return false;
     }
-    android::base::unique_fd fs_fd(TEMP_FAILURE_RETRY(open(
+    android::base::unique_fd fs_fd(
-        block_device.c_str(), O_RDWR | O_LARGEFILE | O_CLOEXEC, 0)));
+        TEMP_FAILURE_RETRY(open(block_device.c_str(), O_RDWR | O_LARGEFILE | O_CLOEXEC, 0)));
     if (fs_fd == -1) {
         PLOG(ERROR) << "Failed to open device " << block_device;
         return false;
@@ -188,4 +187,4 @@ bool overwrite_with_zeros(int fd, off64_t start, off64_t length) {
     return true;
 }
 
-}
+}  // namespace

secontext.cpp

@@ -13,10 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-#include <Utils.h>
 #include "secontext.h"
+#include <Utils.h>
 
-security_context_t secontextFsck()
+security_context_t secontextFsck() {
-{
     return android::vold::sFsckContext;
 }

tests/CryptfsScryptHidlizationEquivalence_test.cpp

@@ -18,13 +18,13 @@
 #define LOG_TAG "scrypt_test"
 #include <log/log.h>
 
+#include <gtest/gtest.h>
 #include <hardware/keymaster0.h>
 #include <hardware/keymaster1.h>
 #include <cstring>
-#include <gtest/gtest.h>
 
-#include "../cryptfs.h"
 #include "../Keymaster.h"
+#include "../cryptfs.h"
 
 #ifdef CONFIG_HW_DISK_ENCRYPTION
 #include "cryptfs_hw.h"
@@ -51,8 +51,7 @@
 #define KEYMASTER_CRYPTFS_RATE_LIMIT 1  // Maximum one try per second
 
 static int keymaster_init(keymaster0_device_t** keymaster0_dev,
-                          keymaster1_device_t **keymaster1_dev)
+                          keymaster1_device_t** keymaster1_dev) {
-{
     int rc;
 
     const hw_module_t* mod;
@@ -76,8 +75,8 @@ static int keymaster_init(keymaster0_device_t **keymaster0_dev,
     }
 
     if (rc) {
-        ALOGE("could not open keymaster device in %s (%s)",
+        ALOGE("could not open keymaster device in %s (%s)", KEYSTORE_HARDWARE_MODULE_ID,
-              KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc));
+              strerror(-rc));
         goto err;
     }
 
@@ -90,8 +89,7 @@ err:
 }
 
 /* Should we use keymaster? */
-static int keymaster_check_compatibility_old()
+static int keymaster_check_compatibility_old() {
-{
     keymaster0_device_t* keymaster0_dev = 0;
     keymaster1_device_t* keymaster1_dev = 0;
     int rc = 0;
@@ -114,8 +112,7 @@ static int keymaster_check_compatibility_old()
 
     // TODO(swillden): Check to see if there's any reason to require v0.3.  I think v0.1 and v0.2
     // should work.
-    if (keymaster0_dev->common.module->module_api_version
+    if (keymaster0_dev->common.module->module_api_version < KEYMASTER_MODULE_API_VERSION_0_3) {
-            < KEYMASTER_MODULE_API_VERSION_0_3) {
         rc = 0;
         goto out;
     }
@@ -136,8 +133,7 @@ out:
 }
 
 /* Create a new keymaster key and store it in this footer */
-static int keymaster_create_key_old(struct crypt_mnt_ftr *ftr)
+static int keymaster_create_key_old(struct crypt_mnt_ftr* ftr) {
-{
     uint8_t* key = 0;
     keymaster0_device_t* keymaster0_dev = 0;
     keymaster1_device_t* keymaster1_dev = 0;
@@ -179,9 +175,8 @@ static int keymaster_create_key_old(struct crypt_mnt_ftr *ftr)
         };
         keymaster_key_param_set_t param_set = {params, sizeof(params) / sizeof(*params)};
         keymaster_key_blob_t key_blob;
-        keymaster_error_t error = keymaster1_dev->generate_key(keymaster1_dev, &param_set,
+        keymaster_error_t error = keymaster1_dev->generate_key(
-                                                               &key_blob,
+            keymaster1_dev, &param_set, &key_blob, NULL /* characteristics */);
-                                                               NULL /* characteristics */);
         if (error != KM_ERROR_OK) {
             SLOGE("Failed to generate keymaster1 key, error %d", error);
             rc = -1;
@@ -190,15 +185,13 @@ static int keymaster_create_key_old(struct crypt_mnt_ftr *ftr)
 
         key = (uint8_t*)key_blob.key_material;
         key_size = key_blob.key_material_size;
-    }
+    } else if (keymaster0_dev) {
-    else if (keymaster0_dev) {
         keymaster_rsa_keygen_params_t params;
         memset(&params, '\0', sizeof(params));
         params.public_exponent = RSA_EXPONENT;
         params.modulus_size = RSA_KEY_SIZE;
 
-        if (keymaster0_dev->generate_keypair(keymaster0_dev, TYPE_RSA, &params,
+        if (keymaster0_dev->generate_keypair(keymaster0_dev, TYPE_RSA, &params, &key, &key_size)) {
-                                             &key, &key_size)) {
             SLOGE("Failed to generate keypair");
             rc = -1;
             goto out;
@@ -219,21 +212,16 @@ static int keymaster_create_key_old(struct crypt_mnt_ftr *ftr)
     ftr->keymaster_blob_size = key_size;
 
 out:
-    if (keymaster0_dev)
+    if (keymaster0_dev) keymaster0_close(keymaster0_dev);
-        keymaster0_close(keymaster0_dev);
+    if (keymaster1_dev) keymaster1_close(keymaster1_dev);
-    if (keymaster1_dev)
-        keymaster1_close(keymaster1_dev);
     free(key);
     return rc;
 }
 
 /* This signs the given object using the keymaster key. */
-static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
+static int keymaster_sign_object_old(struct crypt_mnt_ftr* ftr, const unsigned char* object,
-                                 const unsigned char *object,
+                                     const size_t object_size, unsigned char** signature,
-                                 const size_t object_size,
+                                     size_t* signature_size) {
-                                 unsigned char **signature,
-                                 size_t *signature_size)
-{
     int rc = 0;
     keymaster0_device_t* keymaster0_dev = 0;
     keymaster1_device_t* keymaster1_dev = 0;
@@ -284,13 +272,8 @@ static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
         params.digest_type = DIGEST_NONE;
         params.padding_type = PADDING_NONE;
 
-        rc = keymaster0_dev->sign_data(keymaster0_dev,
+        rc = keymaster0_dev->sign_data(keymaster0_dev, &params, ftr->keymaster_blob,
-                                      &params,
+                                       ftr->keymaster_blob_size, to_sign, to_sign_size, signature,
-                                      ftr->keymaster_blob,
-                                      ftr->keymaster_blob_size,
-                                      to_sign,
-                                      to_sign_size,
-                                      signature,
                                        signature_size);
         goto out;
     } else if (keymaster1_dev) {
@@ -301,15 +284,13 @@ static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
         };
         keymaster_key_param_set_t param_set = {params, sizeof(params) / sizeof(*params)};
         keymaster_operation_handle_t op_handle;
-        keymaster_error_t error = keymaster1_dev->begin(keymaster1_dev, KM_PURPOSE_SIGN, &key,
+        keymaster_error_t error = keymaster1_dev->begin(
-                                                        &param_set, NULL /* out_params */,
+            keymaster1_dev, KM_PURPOSE_SIGN, &key, &param_set, NULL /* out_params */, &op_handle);
-                                                        &op_handle);
         if (error == KM_ERROR_KEY_RATE_LIMIT_EXCEEDED) {
             // Key usage has been rate-limited.  Wait a bit and try again.
             sleep(KEYMASTER_CRYPTFS_RATE_LIMIT);
-            error = keymaster1_dev->begin(keymaster1_dev, KM_PURPOSE_SIGN, &key,
+            error = keymaster1_dev->begin(keymaster1_dev, KM_PURPOSE_SIGN, &key, &param_set,
-                                          &param_set, NULL /* out_params */,
+                                          NULL /* out_params */, &op_handle);
-                                          &op_handle);
         }
         if (error != KM_ERROR_OK) {
             SLOGE("Error starting keymaster signature transaction: %d", error);
@@ -319,9 +300,8 @@ static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
 
         keymaster_blob_t input = {to_sign, to_sign_size};
         size_t input_consumed;
-        error = keymaster1_dev->update(keymaster1_dev, op_handle, NULL /* in_params */,
+        error = keymaster1_dev->update(keymaster1_dev, op_handle, NULL /* in_params */, &input,
-                                       &input, &input_consumed, NULL /* out_params */,
+                                       &input_consumed, NULL /* out_params */, NULL /* output */);
-                                       NULL /* output */);
         if (error != KM_ERROR_OK) {
             SLOGE("Error sending data to keymaster signature transaction: %d", error);
             rc = -1;
@@ -337,8 +317,7 @@ static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
 
         keymaster_blob_t tmp_sig;
         error = keymaster1_dev->finish(keymaster1_dev, op_handle, NULL /* in_params */,
-                                       NULL /* verify signature */, NULL /* out_params */,
+                                       NULL /* verify signature */, NULL /* out_params */, &tmp_sig);
-                                       &tmp_sig);
         if (error != KM_ERROR_OK) {
             SLOGE("Error finishing keymaster signature transaction: %d", error);
             rc = -1;
@@ -354,18 +333,14 @@ static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
     }
 
 out:
-        if (keymaster1_dev)
+    if (keymaster1_dev) keymaster1_close(keymaster1_dev);
-            keymaster1_close(keymaster1_dev);
+    if (keymaster0_dev) keymaster0_close(keymaster0_dev);
-        if (keymaster0_dev)
-            keymaster0_close(keymaster0_dev);
 
     return rc;
 }
 
-
 /* Should we use keymaster? */
-static int keymaster_check_compatibility_new()
+static int keymaster_check_compatibility_new() {
-{
     return keymaster_compatibility_cryptfs_scrypt();
 }
 
@@ -394,12 +369,9 @@ static int keymaster_create_key_new(struct crypt_mnt_ftr *ftr)
 #endif
 
 /* This signs the given object using the keymaster key. */
-static int keymaster_sign_object_new(struct crypt_mnt_ftr *ftr,
+static int keymaster_sign_object_new(struct crypt_mnt_ftr* ftr, const unsigned char* object,
-                                 const unsigned char *object,
+                                     const size_t object_size, unsigned char** signature,
-                                 const size_t object_size,
+                                     size_t* signature_size) {
-                                 unsigned char **signature,
-                                 size_t *signature_size)
-{
     unsigned char to_sign[RSA_KEY_SIZE_BYTES];
     size_t to_sign_size = sizeof(to_sign);
     memset(to_sign, 0, RSA_KEY_SIZE_BYTES);
@@ -444,11 +416,9 @@ namespace android {
 
 class CryptFsTest : public testing::Test {
   protected:
-    virtual void SetUp() {
+    virtual void SetUp() {}
-    }
 
-    virtual void TearDown() {
+    virtual void TearDown() {}
-    }
 };
 
 TEST_F(CryptFsTest, ScryptHidlizationEquivalenceTest) {
@@ -477,4 +447,4 @@ TEST_F(CryptFsTest, ScryptHidlizationEquivalenceTest) {
     free(sig2);
 }
 
-}
+}  // namespace android

tests/Utils_test.cpp

@@ -21,8 +21,7 @@
 namespace android {
 namespace vold {
 
-class UtilsTest : public testing::Test {
+class UtilsTest : public testing::Test {};
-};
 
 TEST_F(UtilsTest, FindValueTest) {
     std::string tmp;
@@ -40,5 +39,5 @@ TEST_F(UtilsTest, FindValueTest) {
     ASSERT_EQ("BAZ", tmp);
 }
 
-}
+}  // namespace vold
-}
+}  // namespace android

tests/cryptfs_test.cpp

@@ -22,11 +22,9 @@ namespace android {
 
 class CryptfsTest : public testing::Test {
   protected:
-    virtual void SetUp() {
+    virtual void SetUp() {}
-    }
 
-    virtual void TearDown() {
+    virtual void TearDown() {}
-    }
 };
 
 TEST_F(CryptfsTest, MatchMultiEntryTest) {
@@ -51,4 +49,4 @@ TEST_F(CryptfsTest, MatchMultiEntryTest) {
     ASSERT_EQ(0, match_multi_entry("foo_2", "bar", 0));
 }
 
-}
+}  // namespace android

vdc.cpp

@@ -14,15 +14,14 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <signal.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <stdlib.h>
 #include <poll.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 
 #include <sys/select.h>
 #include <sys/time.h>