tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

resolved conflicts for merge of 87701e27 to lmp-mr1-dev-plus-aosp

Browse source 
Change-Id: Ie873baff626fe786515497f2e81aa9db2329168d
This commit is contained in:
Iliyan Malchev 2014-11-21 00:52:40 -08:00
commit b7d35115dc
2 changed files with 74 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Android.mk
View file

@ -76,6 +76,13 @@ LOCAL_SRC_FILES := \
LOCAL_C_INCLUDES := $(common_c_includes)
LOCAL_CFLAGS := -Werror=format
ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)
LOCAL_C_INCLUDES += $(TARGET_CRYPTFS_HW_PATH)
common_shared_libraries += libcryptfs_hw
LOCAL_CFLAGS += -DCONFIG_HW_DISK_ENCRYPTION
endif
LOCAL_SHARED_LIBRARIES := $(common_shared_libraries)
LOCAL_STATIC_LIBRARIES := $(common_static_libraries)

80
cryptfs.c
View file

@ -63,6 +63,10 @@
#define UNUSED __attribute__((unused))
#ifdef CONFIG_HW_DISK_ENCRYPTION
#include "cryptfs_hw.h"
#endif
#define DM_CRYPT_BUF_SIZE 4096
#define HASH_COUNT 2000
@ -992,7 +996,11 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr, unsigned c
tgt->status = 0;
tgt->sector_start = 0;
tgt->length = crypt_ftr->fs_size;
strcpy(tgt->target_type, "crypt");
#ifdef CONFIG_HW_DISK_ENCRYPTION
strlcpy(tgt->target_type, "req-crypt", DM_MAX_TYPE_NAME);
#else
strlcpy(tgt->target_type, "crypt", DM_MAX_TYPE_NAME);
#endif
crypt_params = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
convert_key_to_hex_ascii(master_key, crypt_ftr->keysize, master_key_ascii);
@ -1038,7 +1046,11 @@ static int get_dm_crypt_version(int fd, const char *name, int *version)
*/
v = (struct dm_target_versions *) &buffer[sizeof(struct dm_ioctl)];
while (v->next) {
#ifdef CONFIG_HW_DISK_ENCRYPTION
if(!strcmp(v->name, "crypt") || !strcmp(v->name, "req-crypt")) {
#else
if (! strcmp(v->name, "crypt")) {
#endif
/* We found the crypt driver, return the version, and get out */
version[0] = v->version[0];
version[1] = v->version[1];
@ -1060,7 +1072,7 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr *crypt_ftr, unsigned char
struct dm_ioctl *io;
struct dm_target_spec *tgt;
unsigned int minor;
int fd;
int fd=0;
int i;
int retval = -1;
int version[3];
@ -1753,6 +1765,12 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
fs_mgr_get_crypt_info(fstab, 0, real_blkdev, sizeof(real_blkdev));
#ifdef CONFIG_HW_DISK_ENCRYPTION
if(!set_hw_device_encryption_key(passwd, (char*) crypt_ftr->crypto_type_name)) {
SLOGE("Hardware encryption key does not match");
}
#endif
// Create crypto block device - all (non fatal) code paths
// need it
if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key,
@ -2201,7 +2219,11 @@ static int cryptfs_enable_wipe(char *crypto_blkdev, off64_t size, int type)
/* aligned 32K writes tends to make flash happy.
* SD card association recommends it.
*/
#ifndef CONFIG_HW_DISK_ENCRYPTION
#define BLOCKS_AT_A_TIME 8
#else
#define BLOCKS_AT_A_TIME 1024
#endif
struct encryptGroupsData
{
@ -3060,16 +3082,6 @@ int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd,
* restart the graphics services.
*/
sleep(2);
/* startup service classes main and late_start */
property_set("vold.decrypt", "trigger_restart_min_framework");
SLOGD("Just triggered restart_min_framework\n");
/* OK, the framework is restarted and will soon be showing a
* progress bar. Time to setup an encrypted mapping, and
* either write a new filesystem, or encrypt in place updating
* the progress bar as we work.
*/
}
/* Start the actual work of making an encrypted filesystem */
@ -3091,7 +3103,23 @@ int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd,
On successfully completing encryption, remove this flag */
crypt_ftr.flags |= CRYPT_INCONSISTENT_STATE;
crypt_ftr.crypt_type = crypt_type;
strcpy((char *)crypt_ftr.crypto_type_name, "aes-cbc-essiv:sha256");
#ifndef CONFIG_HW_DISK_ENCRYPTION
strlcpy((char *)crypt_ftr.crypto_type_name, "aes-cbc-essiv:sha256", MAX_CRYPTO_TYPE_NAME_LEN);
#else
strlcpy((char *)crypt_ftr.crypto_type_name, "aes-xts", MAX_CRYPTO_TYPE_NAME_LEN);
rc = clear_hw_device_encryption_key();
if (!rc) {
SLOGE("Error clearing device encryption hardware key. rc = %d", rc);
}
rc = set_hw_device_encryption_key(passwd,
(char*) crypt_ftr.crypto_type_name);
if (!rc) {
SLOGE("Error initializing device encryption hardware key. rc = %d", rc);
goto error_shutting_down;
}
#endif
/* Make an encrypted master key */
if (create_encrypted_random_key(passwd, crypt_ftr.master_key, crypt_ftr.salt, &crypt_ftr)) {
@ -3117,6 +3145,18 @@ int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd,
}
}
if (how == CRYPTO_ENABLE_INPLACE) {
/* startup service classes main and late_start */
property_set("vold.decrypt", "trigger_restart_min_framework");
SLOGD("Just triggered restart_min_framework\n");
/* OK, the framework is restarted and will soon be showing a
* progress bar. Time to setup an encrypted mapping, and
* either write a new filesystem, or encrypt in place updating
* the progress bar as we work.
*/
}
decrypt_master_key(passwd, decrypted_master_key, &crypt_ftr, 0, 0);
create_crypto_blk_dev(&crypt_ftr, decrypted_master_key, real_blkdev, crypto_blkdev,
"userdata");
@ -3302,6 +3342,20 @@ int cryptfs_changepw(int crypt_type, const char *newpw)
put_crypt_ftr_and_key(&crypt_ftr);
free(adjusted_passwd);
#ifdef CONFIG_HW_DISK_ENCRYPTION
if (crypt_type == CRYPT_TYPE_DEFAULT) {
int rc = update_hw_device_encryption_key(DEFAULT_PASSWORD, (char*) crypt_ftr.crypto_type_name);
SLOGD("Update hardware encryption key to default for crypt_type: %d. rc = %d", crypt_type, rc);
if (!rc)
return -1;
} else {
int rc = update_hw_device_encryption_key(newpw, (char*) crypt_ftr.crypto_type_name);
SLOGD("Update hardware encryption key for crypt_type: %d. rc = %d", crypt_type, rc);
if (!rc)
return -1;
}
#endif
return 0;
}