Encrypt on reboot
Change encryption to happen after a reboot, not before. This
removes the problem whereby if data cannot be unmounted, we cannot
encrypt.
Bug: 25426629
Change-Id: Icb2ec6cf330b5cc45b7e944c858a314f983fcaa4
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c
index 3fda34f..fadc7ca 100644
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@@ -448,8 +448,15 @@
"%s/convert_fbe", rec->mount_point);
bool convert_fbe = (access(convert_fbe_name, F_OK) == 0);
+ /* Check for existence of convert_fbe breadcrumb file */
+ char convert_fde_name[PATH_MAX];
+ snprintf(convert_fde_name, sizeof(convert_fbe_name),
+ "%s/misc/vold/convert_fde", rec->mount_point);
+ bool convert_fde = (access(convert_fde_name, F_OK) == 0);
+
/* If this is block encryptable, need to trigger encryption */
if ( (rec->fs_mgr_flags & MF_FORCECRYPT)
+ || ((rec->fs_mgr_flags & MF_CRYPT) && convert_fde)
|| ((rec->fs_mgr_flags & MF_FORCEFDEORFBE) && !convert_fbe)
|| (device_is_force_encrypted() && fs_mgr_is_encryptable(rec))) {
if (umount(rec->mount_point) == 0) {