commit 05335c344d73411439774dfa548c633020e158e1
author Paul Lawrence <paullawrence@google.com> Thu Mar 05 09:46:23 2015 -0800
committer Paul Lawrence <paullawrence@google.com> Thu Mar 19 09:46:47 2015 -0700
tree e1aa395301e8d441e4162c57e51966ca43470f7f
parent 0b9489b027dac041dd00bd0e065877fd1084ec89

Adding e4crypt support

Redirect all crypto calls to e4crypt equivalents if file level encryption
detected. Note this change implements only the ones needed for minimal
functionality.

Requires matching change:
  https://googleplex-android-review.git.corp.google.com/#/c/642778/

Change-Id: I622d1a91704de4b3ab655486e6d38cd6718e6016

cryptfs.c

diff --git a/cryptfs.c b/cryptfs.c
index 5786210..735232d 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -53,6 +53,7 @@
 #include "VolumeManager.h"
 #include "VoldUtil.h"
 #include "crypto_scrypt.h"
+#include "ext4_crypt.h"
 #include "ext4_utils.h"
 #include "f2fs_sparseblock.h"
 #include "CheckBattery.h"
@@ -1656,11 +1657,37 @@
 
 int cryptfs_restart(void)
 {
+    SLOGI("cryptfs_restart");
+    if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
+        struct fstab_rec* rec;
+        int rc;
+
+        if (e4crypt_restart(DATA_MNT_POINT)) {
+            SLOGE("Can't unmount e4crypt temp volume\n");
+            return -1;
+        }
+
+        rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+        if (!rec) {
+            SLOGE("Can't get fstab record for %s\n", DATA_MNT_POINT);
+            return -1;
+        }
+
+        rc = fs_mgr_do_mount(fstab, DATA_MNT_POINT, rec->blk_device, 0);
+        if (rc) {
+            SLOGE("Can't mount %s\n", DATA_MNT_POINT);
+            return rc;
+        }
+
+        property_set("vold.decrypt", "trigger_restart_framework");
+        return 0;
+    }
+
     /* Call internal implementation forcing a restart of main service group */
     return cryptfs_restart_internal(1);
 }
 
-static int do_crypto_complete(char *mount_point UNUSED)
+static int do_crypto_complete(char *mount_point)
 {
   struct crypt_mnt_ftr crypt_ftr;
   char encrypted_state[PROPERTY_VALUE_MAX];
@@ -1672,6 +1699,10 @@
     return CRYPTO_COMPLETE_NOT_ENCRYPTED;
   }
 
+  if (e4crypt_crypto_complete(mount_point) == 0) {
+    return CRYPTO_COMPLETE_ENCRYPTED;
+  }
+
   if (get_crypt_ftr_and_key(&crypt_ftr)) {
     fs_mgr_get_crypt_info(fstab, key_loc, 0, sizeof(key_loc));
 
@@ -1994,6 +2025,11 @@
 
 int cryptfs_check_passwd(char *passwd)
 {
+    SLOGI("cryptfs_check_passwd");
+    if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
+        return e4crypt_check_passwd(DATA_MNT_POINT, passwd);
+    }
+
     struct crypt_mnt_ftr crypt_ftr;
     int rc;
 
@@ -3284,6 +3320,10 @@
 
 int cryptfs_changepw(int crypt_type, const char *newpw)
 {
+    if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
+        return e4crypt_change_password(DATA_MNT_POINT, crypt_type, newpw);
+    }
+
     struct crypt_mnt_ftr crypt_ftr;
     int rc;
 
@@ -3694,6 +3734,10 @@
  */
 int cryptfs_get_password_type(void)
 {
+    if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
+        return e4crypt_get_password_type(DATA_MNT_POINT);
+    }
+
     struct crypt_mnt_ftr crypt_ftr;
 
     if (get_crypt_ftr_and_key(&crypt_ftr)) {
@@ -3708,8 +3752,12 @@
     return crypt_ftr.crypt_type;
 }
 
-char* cryptfs_get_password()
+const char* cryptfs_get_password()
 {
+    if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
+        return e4crypt_get_password(DATA_MNT_POINT);
+    }
+
     struct timespec now;
     clock_gettime(CLOCK_BOOTTIME, &now);
     if (now.tv_sec < password_expiry_time) {