tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Rename fscrypt_is_native() to IsFbeEnabled()"

Browse source
This commit is contained in:
Eric Biggers 2022-06-22 18:24:38 +00:00 committed by Gerrit Code Review
commit d99898496f
4 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
FsCrypt.cpp
View file

@ -324,7 +324,7 @@ static bool prepare_dir(const std::string& dir, mode_t mode, uid_t uid, gid_t gi
static bool prepare_dir_with_policy(const std::string& dir, mode_t mode, uid_t uid, gid_t gid, static bool prepare_dir_with_policy(const std::string& dir, mode_t mode, uid_t uid, gid_t gid,
const EncryptionPolicy& policy) { const EncryptionPolicy& policy) {
if (!prepare_dir(dir, mode, uid, gid)) return false; if (!prepare_dir(dir, mode, uid, gid)) return false;
if (fscrypt_is_native() && !EnsurePolicy(policy, dir)) return false; if (IsFbeEnabled() && !EnsurePolicy(policy, dir)) return false;
return true; return true;
} }
@ -533,7 +533,7 @@ bool fscrypt_init_user0_done;
bool fscrypt_init_user0() { bool fscrypt_init_user0() {
LOG(DEBUG) << "fscrypt_init_user0"; LOG(DEBUG) << "fscrypt_init_user0";
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
if (!prepare_dir(user_key_dir, 0700, AID_ROOT, AID_ROOT)) return false; if (!prepare_dir(user_key_dir, 0700, AID_ROOT, AID_ROOT)) return false;
if (!prepare_dir(user_key_dir + "/ce", 0700, AID_ROOT, AID_ROOT)) return false; if (!prepare_dir(user_key_dir + "/ce", 0700, AID_ROOT, AID_ROOT)) return false;
if (!prepare_dir(user_key_dir + "/de", 0700, AID_ROOT, AID_ROOT)) return false; if (!prepare_dir(user_key_dir + "/de", 0700, AID_ROOT, AID_ROOT)) return false;
@ -560,7 +560,7 @@ bool fscrypt_init_user0() {
// In some scenarios (e.g. userspace reboot) we might unmount userdata // In some scenarios (e.g. userspace reboot) we might unmount userdata
// without doing a hard reboot. If CE keys were stored in fs keyring then // without doing a hard reboot. If CE keys were stored in fs keyring then
// they will be lost after unmount. Attempt to re-install them. // they will be lost after unmount. Attempt to re-install them.
if (fscrypt_is_native() && android::vold::isFsKeyringSupported()) { if (IsFbeEnabled() && android::vold::isFsKeyringSupported()) {
if (!try_reload_ce_keys()) return false; if (!try_reload_ce_keys()) return false;
} }
@ -570,7 +570,7 @@ bool fscrypt_init_user0() {
bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral) { bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral) {
LOG(DEBUG) << "fscrypt_vold_create_user_key for " << user_id << " serial " << serial; LOG(DEBUG) << "fscrypt_vold_create_user_key for " << user_id << " serial " << serial;
if (!fscrypt_is_native()) { if (!IsFbeEnabled()) {
return true; return true;
} }
// FIXME test for existence of key that is not loaded yet // FIXME test for existence of key that is not loaded yet
@ -621,7 +621,7 @@ static bool evict_ce_key(userid_t user_id) {
bool fscrypt_destroy_user_key(userid_t user_id) { bool fscrypt_destroy_user_key(userid_t user_id) {
LOG(DEBUG) << "fscrypt_destroy_user_key(" << user_id << ")"; LOG(DEBUG) << "fscrypt_destroy_user_key(" << user_id << ")";
if (!fscrypt_is_native()) { if (!IsFbeEnabled()) {
return true; return true;
} }
bool success = true; bool success = true;
@ -740,7 +740,7 @@ static bool fscrypt_rewrap_user_key(userid_t user_id, int serial,
bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& secret_hex) { bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& secret_hex) {
LOG(DEBUG) << "fscrypt_add_user_key_auth " << user_id << " serial=" << serial; LOG(DEBUG) << "fscrypt_add_user_key_auth " << user_id << " serial=" << serial;
if (!fscrypt_is_native()) return true; if (!IsFbeEnabled()) return true;
auto auth = authentication_from_hex(secret_hex); auto auth = authentication_from_hex(secret_hex);
if (!auth) return false; if (!auth) return false;
return fscrypt_rewrap_user_key(user_id, serial, kEmptyAuthentication, *auth); return fscrypt_rewrap_user_key(user_id, serial, kEmptyAuthentication, *auth);
@ -748,7 +748,7 @@ bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string&
bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& secret_hex) { bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& secret_hex) {
LOG(DEBUG) << "fscrypt_clear_user_key_auth " << user_id << " serial=" << serial; LOG(DEBUG) << "fscrypt_clear_user_key_auth " << user_id << " serial=" << serial;
if (!fscrypt_is_native()) return true; if (!IsFbeEnabled()) return true;
auto auth = authentication_from_hex(secret_hex); auto auth = authentication_from_hex(secret_hex);
if (!auth) return false; if (!auth) return false;
return fscrypt_rewrap_user_key(user_id, serial, *auth, kEmptyAuthentication); return fscrypt_rewrap_user_key(user_id, serial, *auth, kEmptyAuthentication);
@ -756,7 +756,7 @@ bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string
bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) { bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) {
LOG(DEBUG) << "fscrypt_fixate_newest_user_key_auth " << user_id; LOG(DEBUG) << "fscrypt_fixate_newest_user_key_auth " << user_id;
if (!fscrypt_is_native()) return true; if (!IsFbeEnabled()) return true;
if (s_ephemeral_users.count(user_id) != 0) return true; if (s_ephemeral_users.count(user_id) != 0) return true;
auto const directory_path = get_ce_key_directory_path(user_id); auto const directory_path = get_ce_key_directory_path(user_id);
auto const paths = get_ce_key_paths(directory_path); auto const paths = get_ce_key_paths(directory_path);
@ -779,7 +779,7 @@ std::vector<int> fscrypt_get_unlocked_users() {
// TODO: rename to 'install' for consistency, and take flags to know which keys to install // TODO: rename to 'install' for consistency, and take flags to know which keys to install
bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) { bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) {
LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial; LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial;
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
if (s_ce_policies.count(user_id) != 0) { if (s_ce_policies.count(user_id) != 0) {
LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id; LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;
return true; return true;
@ -797,7 +797,7 @@ bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& se
// TODO: rename to 'evict' for consistency // TODO: rename to 'evict' for consistency
bool fscrypt_lock_user_key(userid_t user_id) { bool fscrypt_lock_user_key(userid_t user_id) {
LOG(DEBUG) << "fscrypt_lock_user_key " << user_id; LOG(DEBUG) << "fscrypt_lock_user_key " << user_id;
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
return evict_ce_key(user_id); return evict_ce_key(user_id);
} }
return true; return true;
@ -849,7 +849,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_
auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id); auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id);
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id); auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
if (volume_uuid.empty()) { if (volume_uuid.empty()) {
if (!lookup_policy(s_de_policies, user_id, &de_policy)) { if (!lookup_policy(s_de_policies, user_id, &de_policy)) {
LOG(ERROR) << "Cannot find DE policy for user " << user_id; LOG(ERROR) << "Cannot find DE policy for user " << user_id;
@ -893,7 +893,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id); auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id); auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
if (volume_uuid.empty()) { if (volume_uuid.empty()) {
if (!lookup_policy(s_ce_policies, user_id, &ce_policy)) { if (!lookup_policy(s_ce_policies, user_id, &ce_policy)) {
LOG(ERROR) << "Cannot find CE policy for user " << user_id; LOG(ERROR) << "Cannot find CE policy for user " << user_id;
@ -964,7 +964,7 @@ bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_
res &= destroy_dir(system_ce_path); res &= destroy_dir(system_ce_path);
res &= destroy_dir(vendor_ce_path); res &= destroy_dir(vendor_ce_path);
} else { } else {
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id); auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id);
res &= destroy_volkey(misc_ce_empty_volume_path, volume_uuid); res &= destroy_volkey(misc_ce_empty_volume_path, volume_uuid);
} }
@ -994,7 +994,7 @@ bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_
res &= destroy_dir(system_de_path); res &= destroy_dir(system_de_path);
res &= destroy_dir(vendor_de_path); res &= destroy_dir(vendor_de_path);
} else { } else {
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id); auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id);
res &= destroy_volkey(misc_de_empty_volume_path, volume_uuid); res &= destroy_volkey(misc_de_empty_volume_path, volume_uuid);
} }

2
VolumeManager.cpp
View file

@ -358,7 +358,7 @@ int VolumeManager::forgetPartition(const std::string& partGuid, const std::strin
LOG(ERROR) << "Failed to unlink " << keyPath; LOG(ERROR) << "Failed to unlink " << keyPath;
success = false; success = false;
} }
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
if (!fscrypt_destroy_volume_keys(fsUuid)) { if (!fscrypt_destroy_volume_keys(fsUuid)) {
success = false; success = false;
} }

2
cryptfs.cpp
View file

@ -156,7 +156,7 @@ int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, const K
key_ascii, 0, real_blkdev, 0); key_ascii, 0, real_blkdev, 0);
target->AllowDiscards(); target->AllowDiscards();
if (fscrypt_is_native() && if (IsFbeEnabled() &&
android::base::GetBoolProperty("ro.crypto.allow_encrypt_override", false)) { android::base::GetBoolProperty("ro.crypto.allow_encrypt_override", false)) {
target->AllowEncryptOverride(); target->AllowEncryptOverride();
} }

2
fs/Ext4.cpp
View file

@ -182,7 +182,7 @@ status_t Format(const std::string& source, unsigned long numSectors, const std::
if (android::base::GetBoolProperty("vold.has_quota", false)) { if (android::base::GetBoolProperty("vold.has_quota", false)) {
options += ",quota"; options += ",quota";
} }
if (fscrypt_is_native()) { if (IsFbeEnabled()) {
options += ",encrypt"; options += ",encrypt";
} }
if (needs_casefold) { if (needs_casefold) {