allow encrypted filesystems to be mounted readonly
By setting ro.crypto.readonly to 1, cryptfs will mount an encrypted
filesystem that is normally mounted read-write as read-only instead.
To be used when recovery mounts /data.
Bug: 12188746
Change-Id: If3f3f9a3024f29ebc4ad721a48546a332cb92b6b
diff --git a/cryptfs.c b/cryptfs.c
index e695fab..7641612 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -1125,6 +1125,17 @@
}
if (! (rc = wait_and_unmount(DATA_MNT_POINT)) ) {
+ /* If ro.crypto.readonly is set to 1, mount the decrypted
+ * filesystem readonly. This is used when /data is mounted by
+ * recovery mode.
+ */
+ char ro_prop[PROPERTY_VALUE_MAX];
+ property_get("ro.crypto.readonly", ro_prop, "");
+ if (strlen(ro_prop) > 0 && atoi(ro_prop)) {
+ struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+ rec->flags |= MS_RDONLY;
+ }
+
/* If that succeeded, then mount the decrypted filesystem */
fs_mgr_do_mount(fstab, DATA_MNT_POINT, crypto_blkdev, 0);