diff options
Diffstat (limited to 'ext4_utils/ext4_crypt_init_extensions.cpp')
-rw-r--r-- | ext4_utils/ext4_crypt_init_extensions.cpp | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/ext4_utils/ext4_crypt_init_extensions.cpp b/ext4_utils/ext4_crypt_init_extensions.cpp index aab7cbfc..64ec330c 100644 --- a/ext4_utils/ext4_crypt_init_extensions.cpp +++ b/ext4_utils/ext4_crypt_init_extensions.cpp @@ -37,7 +37,7 @@ static std::string vold_command(std::string const& command) } if (sock < 0) { - KLOG_INFO(TAG, "Cannot open vold, failing command\n"); + KLOG_INFO(TAG, "Cannot open vold, failing command (%s)\n", strerror(errno)); return ""; } @@ -55,7 +55,7 @@ static std::string vold_command(std::string const& command) // framework is down, so this is (mostly) OK. std::string actual_command = arbitrary_sequence_number + " " + command; if (write(sock, actual_command.c_str(), actual_command.size() + 1) < 0) { - KLOG_ERROR(TAG, "Cannot write command\n"); + KLOG_ERROR(TAG, "Cannot write command (%s)\n", strerror(errno)); return ""; } @@ -63,7 +63,7 @@ static std::string vold_command(std::string const& command) int rc = TEMP_FAILURE_RETRY(poll(&poll_sock, 1, vold_command_timeout_ms)); if (rc < 0) { - KLOG_ERROR(TAG, "Error in poll %s\n", strerror(errno)); + KLOG_ERROR(TAG, "Error in poll (%s)\n", strerror(errno)); return ""; } @@ -104,7 +104,7 @@ int e4crypt_create_device_key(const char* dir, // Make sure folder exists. Use make_dir to set selinux permissions. if (ensure_dir_exists(UnencryptedProperties::GetPath(dir).c_str())) { - KLOG_ERROR(TAG, "Failed to create %s with error %s\n", + KLOG_ERROR(TAG, "Failed to create %s (%s)\n", UnencryptedProperties::GetPath(dir).c_str(), strerror(errno)); return -1; @@ -124,7 +124,7 @@ int e4crypt_install_keyring() KEY_SPEC_SESSION_KEYRING); if (device_keyring == -1) { - KLOG_ERROR(TAG, "Failed to create keyring\n"); + KLOG_ERROR(TAG, "Failed to create keyring (%s)\n", strerror(errno)); return -1; } @@ -143,6 +143,12 @@ int e4crypt_set_directory_policy(const char* dir) if (!dir || strncmp(dir, "/data/", 6) || strchr(dir + 6, '/')) { return 0; } + + // Don't encrypt lost+found - ext4 doesn't like it + if (!strcmp(dir, "/data/lost+found")) { + return 0; + } + // ext4enc:TODO exclude /data/user with a horrible special case. if (!strcmp(dir, "/data/user")) { return 0; @@ -158,10 +164,20 @@ int e4crypt_set_directory_policy(const char* dir) KLOG_INFO(TAG, "Setting policy on %s\n", dir); int result = do_policy_set(dir, policy.c_str(), policy.size()); if (result) { - KLOG_ERROR(TAG, "Setting %s policy on %s failed!\n", - policy.c_str(), dir); + KLOG_ERROR(TAG, "Setting %02x%02x%02x%02x policy on %s failed!\n", + policy[0], policy[1], policy[2], policy[3], dir); return -1; } return 0; } + +int e4crypt_set_user_crypto_policies(const char* dir) +{ + auto command = std::string() + "cryptfs setusercryptopolicies " + dir; + auto result = vold_command(command); + // ext4enc:TODO proper error handling + KLOG_INFO(TAG, "setusercryptopolicies returned with result %s\n", + result.c_str()); + return 0; +} |