Remove unencrypted properties

Change-Id: I59596be7c7df9151f4966a5051f06bcb087345dd
author: Paul Lawrence <paullawrence@google.com> 2016-02-04 10:37:13 -0800
committer: Paul Lawrence <paullawrence@google.com> 2016-02-04 10:37:13 -0800
commit: 59ffd6d9c7dd3ddaa036956d89c3e4d416769bf6 (patch)
tree: 7e95831325d5923088776e8365fb2a813ab5443b
parent: 737bcfc0980573db6c83e270e5c20d92d3704dff (diff)
download: extras-59ffd6d9c7dd3ddaa036956d89c3e4d416769bf6.tar.gz
6 files changed, 16 insertions, 193 deletions
diff --git a/ext4_utils/Android.mk b/ext4_utils/Android.mk
index 15abf73c..3bfab5c4 100644
--- a/ext4_utils/Android.mk
+++ b/ext4_utils/Android.mk
@@ -55,8 +55,7 @@ include $(BUILD_HOST_EXECUTABLE)
 
 libext4_utils_src_files += \
     key_control.cpp \
-    ext4_crypt.cpp \
-    unencrypted_properties.cpp
+    ext4_crypt.cpp
 
 ifneq ($(HOST_OS),windows)
 
@@ -84,7 +83,8 @@ LOCAL_MODULE := libext4_utils_static
 LOCAL_CFLAGS += -fno-strict-aliasing
 LOCAL_STATIC_LIBRARIES := \
     libsparse_static \
-    libselinux
+    libselinux \
+    libbase
 include $(BUILD_STATIC_LIBRARY)
 
 
diff --git a/ext4_utils/ext4_crypt.cpp b/ext4_utils/ext4_crypt.cpp
index 2ffbe8be..4000447a 100644
--- a/ext4_utils/ext4_crypt.cpp
+++ b/ext4_utils/ext4_crypt.cpp
@@ -19,8 +19,6 @@
 
 #include <cutils/klog.h>
 
-#include "unencrypted_properties.h"
-
 #define XATTR_NAME_ENCRYPTION_POLICY "encryption.policy"
 #define EXT4_KEYREF_DELIMITER ((char)'.')
 
diff --git a/ext4_utils/ext4_crypt_init_extensions.cpp b/ext4_utils/ext4_crypt_init_extensions.cpp
index 3e0337ce..81ddf956 100644
--- a/ext4_utils/ext4_crypt_init_extensions.cpp
+++ b/ext4_utils/ext4_crypt_init_extensions.cpp
@@ -11,13 +11,14 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
+#include <android-base/file.h>
+
 #include <cutils/klog.h>
 #include <cutils/properties.h>
 #include <cutils/sockets.h>
 #include <poll.h>
 
 #include "key_control.h"
-#include "unencrypted_properties.h"
 
 static const std::string arbitrary_sequence_number = "42";
 static const int vold_command_timeout_ms = 60 * 1000;
@@ -95,18 +96,11 @@ static std::string vold_command(std::string const& command)
 int e4crypt_create_device_key(const char* dir,
                               int ensure_dir_exists(const char*))
 {
-    // Already encrypted with password? If so bail
-    std::string temp_folder = std::string() + dir + "/tmp_mnt";
-    DIR* temp_dir = opendir(temp_folder.c_str());
-    if (temp_dir) {
-        closedir(temp_dir);
-        return 0;
-    }
-
     // Make sure folder exists. Use make_dir to set selinux permissions.
-    if (ensure_dir_exists(UnencryptedProperties::GetPath(dir).c_str())) {
+    std::string unencrypted_dir = std::string(dir) + "/unencrypted";
+    if (ensure_dir_exists(unencrypted_dir.c_str())) {
         KLOG_ERROR(TAG, "Failed to create %s (%s)\n",
-                   UnencryptedProperties::GetPath(dir).c_str(),
+                   unencrypted_dir.c_str(),
                    strerror(errno));
         return -1;
     }
@@ -169,10 +163,11 @@ int e4crypt_set_directory_policy(const char* dir)
             return 0;
         }
     }
-    UnencryptedProperties props("/data");
-    std::string policy = props.Get<std::string>(properties::ref);
-    if (policy.empty()) {
-        // ext4enc:TODO why is this OK?
+
+    std::string ref_filename = std::string("/data") + e4crypt_key_ref;
+    std::string policy;
+    if (!android::base::ReadFileToString(ref_filename, &policy)) {
+        KLOG_INFO(TAG, "Not file encrypted so no policy for %s\n", dir);
         return 0;
     }
 
diff --git a/ext4_utils/ext4_crypt_init_extensions.h b/ext4_utils/ext4_crypt_init_extensions.h
index d7bf3b50..f5643561 100644
--- a/ext4_utils/ext4_crypt_init_extensions.h
+++ b/ext4_utils/ext4_crypt_init_extensions.h
@@ -13,4 +13,7 @@ int e4crypt_set_directory_policy(const char* path);
 int e4crypt_do_init_user0();
 int do_policy_set(const char *directory, const char *policy, int policy_length);
 
+static const char* e4crypt_unencrypted_folder = "/unencrypted";
+static const char* e4crypt_key_ref = "/unencrypted/ref";
+
 __END_DECLS
diff --git a/ext4_utils/unencrypted_properties.cpp b/ext4_utils/unencrypted_properties.cpp
deleted file mode 100644
index ed36e206..00000000
--- a/ext4_utils/unencrypted_properties.cpp
+++ /dev/null
@@ -1,99 +0,0 @@
-#include "unencrypted_properties.h"
-
-#include <sys/stat.h>
-#include <dirent.h>
-
-namespace properties {
-    const char* key = "key";
-    const char* ref = "ref";
-    const char* props = "props";
-    const char* is_default = "is_default";
-}
-
-namespace
-{
-    const char* unencrypted_folder = "unencrypted";
-}
-
-std::string UnencryptedProperties::GetPath(const char* device)
-{
-    return std::string() + device + "/" + unencrypted_folder;
-}
-
-UnencryptedProperties::UnencryptedProperties(const char* device)
-  : folder_(GetPath(device))
-{
-    DIR* dir = opendir(folder_.c_str());
-    if (dir) {
-        closedir(dir);
-    } else {
-        folder_.clear();
-    }
-}
-
-UnencryptedProperties::UnencryptedProperties()
-{
-}
-
-template<> std::string UnencryptedProperties::Get(const char* name,
-                                      std::string default_value) const
-{
-    if (!OK()) return default_value;
-    std::ifstream i(folder_ + "/" + name, std::ios::binary);
-    if (!i) {
-        return default_value;
-    }
-
-    i.seekg(0, std::ios::end);
-    int length = i.tellg();
-    i.seekg(0, std::ios::beg);
-    if (length == -1) {
-        return default_value;
-    }
-
-    std::string s(length, 0);
-    i.read(&s[0], length);
-    if (!i) {
-        return default_value;
-    }
-
-    return s;
-}
-
-template<> bool UnencryptedProperties::Set(const char* name, std::string const& value)
-{
-    if (!OK()) return false;
-    std::ofstream o(folder_ + "/" + name, std::ios::binary);
-    o << value;
-    return !o.fail();
-}
-
-UnencryptedProperties UnencryptedProperties::GetChild(const char* name) const
-{
-    UnencryptedProperties up;
-    if (!OK()) return up;
-
-    std::string directory(folder_ + "/" + name);
-    if (mkdir(directory.c_str(), 700) == -1 && errno != EEXIST) {
-        return up;
-    }
-
-    up.folder_ = directory;
-    return up;
-}
-
-bool UnencryptedProperties::Remove(const char* name)
-{
-    if (!OK()) return false;
-    if (remove((folder_ + "/" + name).c_str())
-        && errno != ENOENT) {
-        return false;
-    }
-
-    return true;
-}
-
-bool UnencryptedProperties::OK() const
-{
-    return !folder_.empty();
-}
diff --git a/ext4_utils/unencrypted_properties.h b/ext4_utils/unencrypted_properties.h
deleted file mode 100644
index b2d1295f..00000000
--- a/ext4_utils/unencrypted_properties.h
+++ /dev/null
@@ -1,74 +0,0 @@
-#include <string>
-#include <fstream>
-
-// key names for properties we use
-namespace properties {
-    extern const char* key;
-    extern const char* ref;
-    extern const char* props;
-    extern const char* is_default;
-}
-
-/**
- * Class to store data on the unencrypted folder of a device.
- * Note that the folder must exist before this class is constructed.
- * All names must be valid single level (no '/') file or directory names
- * Data is organized hierarchically so we can get a child folder
- */
-class UnencryptedProperties
-{
-public:
-    // Get path of folder. Must create before using any properties
-    // This is to allow proper setting of SELinux policy
-    static std::string GetPath(const char* device);
-
-    // Opens properties folder on named device.
-    // If folder does not exist, OK will return false, all
-    // getters will return default properties and setters will fail.
-    UnencryptedProperties(const char* device);
-
-    // Get named object. Return default if object does not exist or error.
-    template<typename t> t Get(const char* name, t default_value = t()) const;
-
-    // Set named object. Return true if success, false otherwise
-    template<typename t> bool Set(const char* name, t const& value);
-
-    // Get child properties
-    UnencryptedProperties GetChild(const char* name) const;
-
-    // Remove named object
-    bool Remove(const char* name);
-
-    // Does folder exist?
-    bool OK() const;
-
-private:
-    UnencryptedProperties();
-    std::string folder_;
-};
-
-
-template<typename t> t UnencryptedProperties::Get(const char* name,
-                                                  t default_value) const
-{
-    if (!OK()) return default_value;
-    t value = default_value;
-    std::ifstream(folder_ + "/" + name) >> value;
-    return value;
-}
-
-template<typename t> bool UnencryptedProperties::Set(const char* name,
-                                                     t const& value)
-{
-    if (!OK()) return false;
-    std::ofstream o(folder_ + "/" + name);
-    o << value;
-    return !o.fail();
-}
-
-// Specialized getters/setters for strings
-template<> std::string UnencryptedProperties::Get(const char* name,
-                                      std::string default_value) const;
-
-template<> bool UnencryptedProperties::Set(const char* name,
-                                           std::string const& value);
author	Paul Lawrence <paullawrence@google.com>	2016-02-04 10:37:13 -0800
committer	Paul Lawrence <paullawrence@google.com>	2016-02-04 10:37:13 -0800
commit	59ffd6d9c7dd3ddaa036956d89c3e4d416769bf6 (patch)
tree	7e95831325d5923088776e8365fb2a813ab5443b
parent	737bcfc0980573db6c83e270e5c20d92d3704dff (diff)
download	extras-59ffd6d9c7dd3ddaa036956d89c3e4d416769bf6.tar.gz