Set encryption mode in mode file

Bug: 28905864
Change-Id: Ie2a5c3e029075d53a86ef3afb7fe364c16d8d52b
This commit is contained in:
Paul Lawrence 2016-05-24 14:20:38 -07:00
parent 3ae29e7740
commit 6e41059734
3 changed files with 17 additions and 1 deletions

View file

@ -381,7 +381,9 @@ static bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, useri
} }
static bool ensure_policy(const std::string& raw_ref, const std::string& path) { static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
if (e4crypt_policy_ensure(path.c_str(), raw_ref.data(), raw_ref.size()) != 0) { if (e4crypt_policy_ensure(path.c_str(),
raw_ref.data(), raw_ref.size(),
cryptfs_get_file_encryption_mode()) != 0) {
LOG(ERROR) << "Failed to set policy on: " << path; LOG(ERROR) << "Failed to set policy on: " << path;
return false; return false;
} }
@ -440,6 +442,13 @@ bool e4crypt_initialize_global_de() {
return true; return true;
} }
std::string mode_filename = std::string("/data") + e4crypt_key_mode;
std::string mode = cryptfs_get_file_encryption_mode();
if (!android::base::WriteStringToFile(mode, mode_filename)) {
PLOG(ERROR) << "Cannot save type";
return false;
}
std::string device_key; std::string device_key;
if (path_exists(device_key_path)) { if (path_exists(device_key_path)) {
if (!android::vold::retrieveKey(device_key_path, if (!android::vold::retrieveKey(device_key_path,

View file

@ -3855,3 +3855,9 @@ int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
return encrypt_master_key(password, ftr->salt, master_key, ftr->master_key, return encrypt_master_key(password, ftr->salt, master_key, ftr->master_key,
ftr); ftr);
} }
const char* cryptfs_get_file_encryption_mode()
{
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
return fs_mgr_get_file_encryption_mode(rec);
}

View file

@ -252,6 +252,7 @@ extern "C" {
unsigned char* master_key); unsigned char* master_key);
int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password, int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
const unsigned char* master_key); const unsigned char* master_key);
const char* cryptfs_get_file_encryption_mode();
#ifdef __cplusplus #ifdef __cplusplus
} }