diff options
| author | Eric Biggers <ebiggers@google.com> | 2023-10-06 22:18:47 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-10-06 22:18:47 +0000 |
| commit | f3b0d263f522e48deec336513b36bd37df8fa3f4 (patch) | |
| tree | 96619e150a6e83cea6760d3c34958d49a4aafaba | |
| parent | 5d0830aabc058bb13451899459cef5ac03208e64 (diff) | |
| parent | 66fdfbcfe371f5a9ab90bd9fa48db405086b069c (diff) | |
| download | vold-f3b0d263f522e48deec336513b36bd37df8fa3f4.tar.gz | |
Fold read_and_install_user_ce_key() into fscrypt_unlock_user_key() am: fc1df0eae0 am: db7a017bdd am: 988342f572 am: 66fdfbcfe3
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2777076
Change-Id: Ia8f13fc2a170938524772a3b70fe475451adf619
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
| -rw-r--r-- | FsCrypt.cpp | 35 |
1 files changed, 12 insertions, 23 deletions
diff --git a/FsCrypt.cpp b/FsCrypt.cpp index 9d257406..7ba31620 100644 --- a/FsCrypt.cpp +++ b/FsCrypt.cpp @@ -316,18 +316,6 @@ static bool get_volume_file_encryption_options(EncryptionOptions* options) { return true; } -static bool read_and_install_user_ce_key(userid_t user_id, - const android::vold::KeyAuthentication& auth) { - if (s_ce_policies.count(user_id) != 0) return true; - KeyBuffer ce_key; - if (!read_and_fixate_user_ce_key(user_id, auth, &ce_key)) return false; - EncryptionPolicy ce_policy; - if (!install_storage_key(DATA_MNT_POINT, s_data_options, ce_key, &ce_policy)) return false; - s_ce_policies[user_id] = ce_policy; - LOG(DEBUG) << "Installed ce key for user " << user_id; - return true; -} - // Prepare a directory without assigning it an encryption policy. The directory // will inherit the encryption policy of its parent directory, or will be // unencrypted if the parent directory is unencrypted. @@ -896,18 +884,19 @@ std::vector<int> fscrypt_get_unlocked_users() { // TODO: rename to 'install' for consistency, and take flags to know which keys to install bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) { LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial; - if (IsFbeEnabled()) { - if (s_ce_policies.count(user_id) != 0) { - LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id; - return true; - } - auto auth = authentication_from_hex(secret_hex); - if (!auth) return false; - if (!read_and_install_user_ce_key(user_id, *auth)) { - LOG(ERROR) << "Couldn't read key for " << user_id; - return false; - } + if (!IsFbeEnabled()) return true; + if (s_ce_policies.count(user_id) != 0) { + LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id; + return true; } + auto auth = authentication_from_hex(secret_hex); + if (!auth) return false; + KeyBuffer ce_key; + if (!read_and_fixate_user_ce_key(user_id, *auth, &ce_key)) return false; + EncryptionPolicy ce_policy; + if (!install_storage_key(DATA_MNT_POINT, s_data_options, ce_key, &ce_policy)) return false; + s_ce_policies[user_id] = ce_policy; + LOG(DEBUG) << "Installed ce key for user " << user_id; return true; } |