Don't use the FDE flow to support metadata encryption; just provide a
vold service which directly mounts the volume and use that.
Bug: 63927601
Test: Boot Taimen to SUW with and without metadata encryption.
Change-Id: Ifc6a012c02c0ea66893020ed1d0da4cba6914aed
std::vector with custom zeroing allocator is used instead of
std::string for data that can contain encryption keys.
Bug: 64201177
Test: manually created a managed profile, changed it's credentials
Test: manually upgraded a phone with profile from O to MR1.
Change-Id: Ic31877049f69eba9f8ea64fd99acaaca5a01d3dd
Android has a standard way to do what AutoCloseFD.h does, so use that
instead. Refactor before work on the bug.
Bug: 36029169
Test: Deleted a user and checked that secdiscard logs looked good.
Change-Id: I5d8bedfb3fa1f032fd2bced88b1b561e4a8c2ff4
Bug: 26778031
Test: Boots, reboots, sector 0 of userdata encrypted
Make sure an FDE device, both default and password protected,
boots.
Make sure an FBE device without metadata encryption boots.
Change-Id: Ic44a32ce7e9b978e9c9e2dc112b26206741c838d
Support encrypting metadata in /userdata using the dm-default-key
driver with a key in the /metadata partition.
Bug: 29189559
Test: Angler & Marlin build and boot
Change-Id: I716b117508d4bb4f6a4039293acb848cbc60f67b
