diff options
author | Paul Lawrence <paullawrence@google.com> | 2019-08-27 08:45:00 -0700 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2019-08-27 08:45:00 -0700 |
commit | 3096e373beb74e64169465cd0422d18bb9c74730 (patch) | |
tree | d2069b6fb1056732bb1b1e255c140bc414ed5898 | |
parent | 6c5944f899cfaa6c439637e0d456c9acd07c7485 (diff) | |
parent | ee867be1f1bc6628cea3dcabb84a55a4ad7d459d (diff) | |
download | vold-temp_140451723.tar.gz |
Merge "Fix ext4/metadata/udc issue"temp_140451723
am: ee867be1f1
Change-Id: I69b89b464a4d04b27e1da7d3990dcbec9525afe4
-rw-r--r-- | MetadataCrypt.cpp | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp index bff38b20..abcf6dba 100644 --- a/MetadataCrypt.cpp +++ b/MetadataCrypt.cpp @@ -153,7 +153,7 @@ static bool get_number_of_sectors(const std::string& real_blkdev, uint64_t* nr_s static bool create_crypto_blk_dev(const std::string& dm_name, uint64_t nr_sec, const std::string& real_blkdev, const KeyBuffer& key, - std::string* crypto_blkdev) { + std::string* crypto_blkdev, bool set_dun) { auto& dm = DeviceMapper::Instance(); KeyBuffer hex_key_buffer; @@ -164,7 +164,7 @@ static bool create_crypto_blk_dev(const std::string& dm_name, uint64_t nr_sec, std::string hex_key(hex_key_buffer.data(), hex_key_buffer.size()); DmTable table; - table.Emplace<DmTargetDefaultKey>(0, nr_sec, "AES-256-XTS", hex_key, real_blkdev, 0); + table.Emplace<DmTargetDefaultKey>(0, nr_sec, "AES-256-XTS", hex_key, real_blkdev, 0, set_dun); for (int i = 0;; i++) { if (dm.CreateDevice(dm_name, table)) { @@ -203,8 +203,14 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std:: if (!read_key(*data_rec, needs_encrypt, &key)) return false; uint64_t nr_sec; if (!get_number_of_sectors(data_rec->blk_device, &nr_sec)) return false; + bool set_dun = android::base::GetBoolProperty("ro.crypto.set_dun", false); + if (!set_dun && data_rec->fs_mgr_flags.checkpoint_blk) { + LOG(ERROR) << "Block checkpoints and metadata encryption require setdun option!"; + return false; + } + std::string crypto_blkdev; - if (!create_crypto_blk_dev(kDmNameUserdata, nr_sec, blk_device, key, &crypto_blkdev)) + if (!create_crypto_blk_dev(kDmNameUserdata, nr_sec, blk_device, key, &crypto_blkdev, set_dun)) return false; // FIXME handle the corrupt case |