From 763393644a0a6e361f26dfe26f6dc0021579f011 Mon Sep 17 00:00:00 2001 From: Alan Stokes Date: Thu, 19 Nov 2020 16:56:52 +0000 Subject: [PATCH] Enable improved user separation by default. This is already on for all Pixel devices with no problems observed. If this causes issues with a specific device (e.g. vendor apps being unable to access their data) it can be temporarily disabled by adding PRODUCT_PROPERTY_OVERRIDES += ro.vold.level_from_user=0 to the device.mk file. Please file a bug if that happens. Bug: 141677108 Test: presubmits Ignore-AOSP-First: Want to assess impact internally before CP to AOSP Change-Id: Ic9da534f1a5f4c9e3bd62ea5c09a3b11ebcb33e7 --- FsCrypt.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/FsCrypt.cpp b/FsCrypt.cpp index ff8c1f4..8f6ba9c 100644 --- a/FsCrypt.cpp +++ b/FsCrypt.cpp @@ -795,7 +795,7 @@ bool fscrypt_lock_user_key(userid_t user_id) { static bool prepare_subdirs(const std::string& action, const std::string& volume_uuid, userid_t user_id, int flags) { // TODO(b/141677108): Remove this & make it the default behavior - if (android::base::GetProperty("ro.vold.level_from_user", "0") == "1") { + if (android::base::GetProperty("ro.vold.level_from_user", "1") == "1") { flags |= android::os::IVold::STORAGE_FLAG_LEVEL_FROM_USER; }