DO NOT MERGE Securely encrypt the master key
(chery-picked from commit 806d10be2336f32cdca16c2540cbf3d548f2fec7)
Move all key management into vold
Reuse vold's existing key management through the crypto footer
to manage the device wide keys.
Use ro.crypto.type flag to determine crypto type, which prevents
any issues when running in block encrypted mode, as well as speeding
up boot in block or no encryption.
This is one of four changes to enable this functionality:
https://android-review.googlesource.com/#/c/148586/
https://android-review.googlesource.com/#/c/148604/
https://android-review.googlesource.com/#/c/148606/
https://android-review.googlesource.com/#/c/148607/
Bug: 18151196
Change-Id: I6a8a18f43ae837e330e2785bd26c2c306ae1816b
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 6278cc7..a3cf6f1 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -223,8 +223,6 @@
mkdir /cache/lost+found 0770 root root
on post-fs-data
- installkey /data
-
# We chown/chmod /data again so because mount is run as root + defaults
chown system system /data
chmod 0771 /data
@@ -234,6 +232,11 @@
# Emulated internal storage area
mkdir /data/media 0770 media_rw media_rw
+ # Make sure we have the device encryption key
+ start logd
+ start vold
+ installkey /data
+
# Start bootcharting as soon as possible after the data partition is
# mounted to collect more data.
mkdir /data/bootchart 0755 shell shell
@@ -457,7 +460,6 @@
class_start main
on property:vold.decrypt=trigger_restart_framework
- installkey /data
class_start main
class_start late_start