diff options
| author | Eric Biggers <ebiggers@google.com> | 2018-10-23 13:39:07 -0700 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2018-10-25 17:10:15 -0700 |
| commit | b46c3591e1e2b091d0fb727715a8d617dfc80aa6 (patch) | |
| tree | 8336261d742bfe2a0dbe7467cf3093efec4f38ee /libfscrypt/include | |
| parent | 67f1b299ade36c4b419d15fd1d63e1dfb5b222f2 (diff) | |
| download | extras-b46c3591e1e2b091d0fb727715a8d617dfc80aa6.tar.gz | |
Refactor "ext4 encryption" code into libfscrypt
File-based encryption related code no longer belongs in ext4_utils, as
it is now used on both ext4 and f2fs, since both filesystems share the
same kernel API for encryption. Refactor it into its own library,
libfscrypt.
Note that the keyring is renamed from "e4crypt" to "fscrypt", which is
technically a user-visible change, but as far as I know nothing depends
on it other than vold which is being updated too.
Test: built, booted device with f2fs encryption
Change-Id: I3c302564262412a5d5e672bd213e7cfada5f49cc
Diffstat (limited to 'libfscrypt/include')
| -rw-r--r-- | libfscrypt/include/fscrypt/fscrypt.h | 39 | ||||
| -rw-r--r-- | libfscrypt/include/fscrypt/fscrypt_init_extensions.h | 33 |
2 files changed, 72 insertions, 0 deletions
diff --git a/libfscrypt/include/fscrypt/fscrypt.h b/libfscrypt/include/fscrypt/fscrypt.h new file mode 100644 index 00000000..8a68b935 --- /dev/null +++ b/libfscrypt/include/fscrypt/fscrypt.h @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef _FSCRYPT_H_ +#define _FSCRYPT_H_ + +#include <sys/cdefs.h> +#include <stdbool.h> +#include <cutils/multiuser.h> + +__BEGIN_DECLS + +bool fscrypt_is_native(); + +int fscrypt_policy_ensure(const char *directory, const char *policy, + size_t policy_length, + const char *contents_encryption_mode, + const char *filenames_encryption_mode); + +static const char* fscrypt_unencrypted_folder = "/unencrypted"; +static const char* fscrypt_key_ref = "/unencrypted/ref"; +static const char* fscrypt_key_mode = "/unencrypted/mode"; + +__END_DECLS + +#endif // _FSCRYPT_H_ diff --git a/libfscrypt/include/fscrypt/fscrypt_init_extensions.h b/libfscrypt/include/fscrypt/fscrypt_init_extensions.h new file mode 100644 index 00000000..2b6c46e1 --- /dev/null +++ b/libfscrypt/include/fscrypt/fscrypt_init_extensions.h @@ -0,0 +1,33 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef _FSCRYPT_INIT_EXTENSIONS_H_ +#define _FSCRYPT_INIT_EXTENSIONS_H_ + +#include <sys/cdefs.h> +#include <stdbool.h> +#include <cutils/multiuser.h> + +__BEGIN_DECLS + +// These functions assume they are being called from init +// They will not operate properly outside of init +int fscrypt_install_keyring(); +int fscrypt_set_directory_policy(const char* path); + +__END_DECLS + +#endif // _FSCRYPT_INIT_EXTENSIONS_H_ |