Merge "Discards frames for code within library."
diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp
index 6dc7d34..e139bcd 100644
--- a/fastboot/fastboot.cpp
+++ b/fastboot/fastboot.cpp
@@ -538,7 +538,7 @@
static struct sparse_file **load_sparse_files(int fd, int max_size)
{
- struct sparse_file* s = sparse_file_import_auto(fd, false);
+ struct sparse_file* s = sparse_file_import_auto(fd, false, true);
if (!s) {
die("cannot sparse read file\n");
}
diff --git a/fs_mgr/Android.mk b/fs_mgr/Android.mk
index 61bf1ee..1179eaa 100644
--- a/fs_mgr/Android.mk
+++ b/fs_mgr/Android.mk
@@ -35,6 +35,7 @@
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)
LOCAL_STATIC_LIBRARIES := libfs_mgr liblogwrap libcutils liblog libc libmincrypt libext4_utils_static
+LOCAL_CXX_STL := libc++_static
LOCAL_CFLAGS := -Werror
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c
index d4daed6..273a2ec 100644
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@@ -31,6 +31,7 @@
#include <dirent.h>
#include <ext4.h>
#include <ext4_sb.h>
+#include <ext4_crypt.h>
#include <linux/loop.h>
#include <private/android_filesystem_config.h>
@@ -428,6 +429,73 @@
return ret;
}
+// Check to see if a mountable volume has encryption requirements
+static int handle_encryptable(struct fstab *fstab, const struct fstab_rec* rec)
+{
+ /* If this is block encryptable, need to trigger encryption */
+ if ( (rec->fs_mgr_flags & MF_FORCECRYPT)
+ || (device_is_force_encrypted() && fs_mgr_is_encryptable(rec))) {
+ if (umount(rec->mount_point) == 0) {
+ return FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
+ } else {
+ WARNING("Could not umount %s (%s) - allow continue unencrypted\n",
+ rec->mount_point, strerror(errno));
+ return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
+ }
+ }
+
+ // Deal with file level encryption
+ if (rec->fs_mgr_flags & MF_FILEENCRYPTION) {
+ // Default or not yet initialized encryption requires no more work here
+ if (!e4crypt_non_default_key(rec->mount_point)) {
+ INFO("%s is default file encrypted\n", rec->mount_point);
+ return FS_MGR_MNTALL_DEV_DEFAULT_FILE_ENCRYPTED;
+ }
+
+ INFO("%s is non-default file encrypted\n", rec->mount_point);
+
+ // Uses non-default key, so must unmount and set up temp file system
+ if (umount(rec->mount_point)) {
+ ERROR("Failed to umount %s - rebooting\n", rec->mount_point);
+ return FS_MGR_MNTALL_FAIL;
+ }
+
+ if (fs_mgr_do_tmpfs_mount(rec->mount_point) != 0) {
+ ERROR("Failed to mount a tmpfs at %s\n", rec->mount_point);
+ return FS_MGR_MNTALL_FAIL;
+ }
+
+ // Mount data temporarily so we can access unencrypted dir
+ char tmp_mnt[PATH_MAX];
+ strlcpy(tmp_mnt, rec->mount_point, sizeof(tmp_mnt));
+ strlcat(tmp_mnt, "/tmp_mnt", sizeof(tmp_mnt));
+ if (mkdir(tmp_mnt, 0700)) {
+ ERROR("Failed to create temp mount point\n");
+ return FS_MGR_MNTALL_FAIL;
+ }
+
+ if (fs_mgr_do_mount(fstab, rec->mount_point,
+ rec->blk_device, tmp_mnt)) {
+ ERROR("Error temp mounting encrypted file system\n");
+ return FS_MGR_MNTALL_FAIL;
+ }
+
+ // Link it to the normal place so ext4_crypt functions work normally
+ strlcat(tmp_mnt, "/unencrypted", sizeof(tmp_mnt));
+ char link_path[PATH_MAX];
+ strlcpy(link_path, rec->mount_point, sizeof(link_path));
+ strlcat(link_path, "/unencrypted", sizeof(link_path));
+ if (symlink(tmp_mnt, link_path)) {
+ ERROR("Error creating symlink to unencrypted directory\n");
+ return FS_MGR_MNTALL_FAIL;
+ }
+
+ return FS_MGR_MNTALL_DEV_NON_DEFAULT_FILE_ENCRYPTED;
+ }
+
+ return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
+}
+
/* When multiple fstab records share the same mount_point, it will
* try to mount each one in turn, and ignore any duplicates after a
* first successful mount.
@@ -490,25 +558,21 @@
/* Deal with encryptability. */
if (!mret) {
- /* If this is encryptable, need to trigger encryption */
- if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)
- || (device_is_force_encrypted()
- && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
- if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
- if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
- ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,
- fstab->recs[attempted_idx].fs_type);
- encryptable = FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
- } else {
- ERROR("Only one encryptable/encrypted partition supported\n");
- encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
- }
- } else {
- WARNING("Could not umount %s (%s) - allow continue unencrypted\n",
- fstab->recs[attempted_idx].mount_point, strerror(errno));
- continue;
- }
+ int status = handle_encryptable(fstab, &fstab->recs[attempted_idx]);
+
+ if (status == FS_MGR_MNTALL_FAIL) {
+ /* Fatal error - no point continuing */
+ return status;
}
+
+ if (status != FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
+ if (encryptable != FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
+ // Log and continue
+ ERROR("Only one encryptable/encrypted partition supported\n");
+ }
+ encryptable = status;
+ }
+
/* Success! Go get the next one */
continue;
}
diff --git a/fs_mgr/fs_mgr_fstab.c b/fs_mgr/fs_mgr_fstab.c
index 2c3c90d..8b0f714 100644
--- a/fs_mgr/fs_mgr_fstab.c
+++ b/fs_mgr/fs_mgr_fstab.c
@@ -61,6 +61,7 @@
{ "check", MF_CHECK },
{ "encryptable=",MF_CRYPT },
{ "forceencrypt=",MF_FORCECRYPT },
+ { "fileencryption",MF_FILEENCRYPTION },
{ "nonremovable",MF_NONREMOVABLE },
{ "voldmanaged=",MF_VOLDMANAGED},
{ "length=", MF_LENGTH },
@@ -418,27 +419,32 @@
return fs_mgr_get_entry_for_mount_point_after(NULL, fstab, path);
}
-int fs_mgr_is_voldmanaged(struct fstab_rec *fstab)
+int fs_mgr_is_voldmanaged(const struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_VOLDMANAGED;
}
-int fs_mgr_is_nonremovable(struct fstab_rec *fstab)
+int fs_mgr_is_nonremovable(const struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_NONREMOVABLE;
}
-int fs_mgr_is_verified(struct fstab_rec *fstab)
+int fs_mgr_is_verified(const struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_VERIFY;
}
-int fs_mgr_is_encryptable(struct fstab_rec *fstab)
+int fs_mgr_is_encryptable(const struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);
}
-int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)
+int fs_mgr_is_file_encrypted(const struct fstab_rec *fstab)
+{
+ return fstab->fs_mgr_flags & MF_FILEENCRYPTION;
+}
+
+int fs_mgr_is_noemulatedsd(const struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_NOEMULATEDSD;
}
diff --git a/fs_mgr/fs_mgr_priv.h b/fs_mgr/fs_mgr_priv.h
index 88a1040..d56111a 100644
--- a/fs_mgr/fs_mgr_priv.h
+++ b/fs_mgr/fs_mgr_priv.h
@@ -76,6 +76,7 @@
#define MF_FORCECRYPT 0x400
#define MF_NOEMULATEDSD 0x800 /* no emulated sdcard daemon, sd card is the only
external storage */
+#define MF_FILEENCRYPTION 0x2000
#define DM_BUF_SIZE 4096
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index ad8a8fc..b5e02f9 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -74,10 +74,13 @@
struct fstab *fs_mgr_read_fstab(const char *fstab_path);
void fs_mgr_free_fstab(struct fstab *fstab);
+#define FS_MGR_MNTALL_DEV_NON_DEFAULT_FILE_ENCRYPTED 5
+#define FS_MGR_MNTALL_DEV_DEFAULT_FILE_ENCRYPTED 4
#define FS_MGR_MNTALL_DEV_NEEDS_RECOVERY 3
#define FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION 2
#define FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED 1
#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTED 0
+#define FS_MGR_MNTALL_FAIL -1
int fs_mgr_mount_all(struct fstab *fstab);
#define FS_MGR_DOMNT_FAILED -1
@@ -94,11 +97,12 @@
const char *mount_point, const char *fs_type,
const char *blk_device);
struct fstab_rec *fs_mgr_get_entry_for_mount_point(struct fstab *fstab, const char *path);
-int fs_mgr_is_voldmanaged(struct fstab_rec *fstab);
-int fs_mgr_is_nonremovable(struct fstab_rec *fstab);
-int fs_mgr_is_verified(struct fstab_rec *fstab);
-int fs_mgr_is_encryptable(struct fstab_rec *fstab);
-int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);
+int fs_mgr_is_voldmanaged(const struct fstab_rec *fstab);
+int fs_mgr_is_nonremovable(const struct fstab_rec *fstab);
+int fs_mgr_is_verified(const struct fstab_rec *fstab);
+int fs_mgr_is_encryptable(const struct fstab_rec *fstab);
+int fs_mgr_is_file_encrypted(const struct fstab_rec *fstab);
+int fs_mgr_is_noemulatedsd(const struct fstab_rec *fstab);
int fs_mgr_swapon_all(struct fstab *fstab);
#ifdef __cplusplus
}
diff --git a/include/cutils/trace.h b/include/cutils/trace.h
index 59ff6c1..9d039e6 100644
--- a/include/cutils/trace.h
+++ b/include/cutils/trace.h
@@ -80,7 +80,6 @@
#error ATRACE_TAG must be defined to be one of the tags defined in cutils/trace.h
#endif
-#ifdef HAVE_ANDROID_OS
/**
* Opens the trace file for writing and reads the property for initial tags.
* The atrace.tags.enableflags property sets the tags to trace.
@@ -248,19 +247,6 @@
}
}
-#else // not HAVE_ANDROID_OS
-
-#define ATRACE_INIT()
-#define ATRACE_GET_ENABLED_TAGS()
-#define ATRACE_ENABLED() 0
-#define ATRACE_BEGIN(name)
-#define ATRACE_END()
-#define ATRACE_ASYNC_BEGIN(name, cookie)
-#define ATRACE_ASYNC_END(name, cookie)
-#define ATRACE_INT(name, value)
-
-#endif // not HAVE_ANDROID_OS
-
__END_DECLS
#endif // _LIBS_CUTILS_TRACE_H
diff --git a/init/Android.mk b/init/Android.mk
index 94d3dad..9d91a3f 100644
--- a/init/Android.mk
+++ b/init/Android.mk
@@ -50,7 +50,7 @@
watchdogd.cpp \
LOCAL_MODULE:= init
-
+LOCAL_C_INCLUDES += system/extras/ext4_utils
LOCAL_FORCE_STATIC_EXECUTABLE := true
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)
@@ -61,11 +61,14 @@
liblogwrap \
libcutils \
libbase \
+ libext4_utils_static \
+ libutils \
liblog \
libc \
libselinux \
libmincrypt \
- libext4_utils_static
+ libc++_static \
+ libdl
# Create symlinks
LOCAL_POST_INSTALL_CMD := $(hide) mkdir -p $(TARGET_ROOT_OUT)/sbin; \
diff --git a/init/builtins.cpp b/init/builtins.cpp
index 6daea37..9d5b8a8 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -29,6 +29,7 @@
#include <sys/wait.h>
#include <unistd.h>
#include <linux/loop.h>
+#include <ext4_crypt.h>
#include <selinux/selinux.h>
#include <selinux/label.h>
@@ -302,7 +303,7 @@
}
}
- return 0;
+ return e4crypt_set_directory_policy(args[1]);
}
static struct {
@@ -446,6 +447,17 @@
while (1) { pause(); } // never reached
}
+/*
+ * Callback to make a directory from the ext4 code
+ */
+static int do_mount_alls_make_dir(const char* dir)
+{
+ if (make_dir(dir, 0700) && errno != EEXIST) {
+ return -1;
+ }
+
+ return 0;
+}
/*
* This function might request a reboot, in which case it will
@@ -514,6 +526,37 @@
ERROR("fs_mgr_mount_all suggested recovery, so wiping data via recovery.\n");
ret = wipe_data_via_recovery();
/* If reboot worked, there is no return. */
+ } else if (ret == FS_MGR_MNTALL_DEV_DEFAULT_FILE_ENCRYPTED) {
+ // We have to create the key files here. Only init can call make_dir,
+ // and we can't do it from fs_mgr as then fs_mgr would depend on
+ // make_dir creating a circular dependency.
+ fstab = fs_mgr_read_fstab(args[1]);
+ for (int i = 0; i < fstab->num_entries; ++i) {
+ if (fs_mgr_is_file_encrypted(&fstab->recs[i])) {
+ if (e4crypt_create_device_key(fstab->recs[i].mount_point,
+ do_mount_alls_make_dir)) {
+ ERROR("Could not create device key on %s"
+ " - continue unencrypted\n",
+ fstab->recs[i].mount_point);
+ }
+ }
+ }
+ fs_mgr_free_fstab(fstab);
+
+ if (e4crypt_install_keyring()) {
+ return -1;
+ }
+ property_set("ro.crypto.state", "encrypted");
+
+ // Although encrypted, we have device key, so we do not need to
+ // do anything different from the nonencrypted case.
+ action_for_each_trigger("nonencrypted", action_add_queue_tail);
+ } else if (ret == FS_MGR_MNTALL_DEV_NON_DEFAULT_FILE_ENCRYPTED) {
+ if (e4crypt_install_keyring()) {
+ return -1;
+ }
+ property_set("ro.crypto.state", "encrypted");
+ property_set("vold.decrypt", "trigger_restart_min_framework");
} else if (ret > 0) {
ERROR("fs_mgr_mount_all returned unexpected error %d\n", ret);
}
@@ -866,3 +909,12 @@
} else
return -1;
}
+
+int do_installkey(int nargs, char **args)
+{
+ if (nargs == 2) {
+ return e4crypt_install_key(args[1]);
+ }
+
+ return -1;
+}
diff --git a/init/init_parser.cpp b/init/init_parser.cpp
index 294dc19..593f0c5 100644
--- a/init/init_parser.cpp
+++ b/init/init_parser.cpp
@@ -122,7 +122,6 @@
break;
case 'c':
if (!strcmp(s, "opy")) return K_copy;
- if (!strcmp(s, "apability")) return K_capability;
if (!strcmp(s, "lass")) return K_class;
if (!strcmp(s, "lass_start")) return K_class_start;
if (!strcmp(s, "lass_stop")) return K_class_stop;
@@ -153,6 +152,7 @@
if (!strcmp(s, "fup")) return K_ifup;
if (!strcmp(s, "nsmod")) return K_insmod;
if (!strcmp(s, "mport")) return K_import;
+ if (!strcmp(s, "nstallkey")) return K_installkey;
break;
case 'k':
if (!strcmp(s, "eycodes")) return K_keycodes;
@@ -775,8 +775,6 @@
kw = lookup_keyword(args[0]);
switch (kw) {
- case K_capability:
- break;
case K_class:
if (nargs != 2) {
parse_error(state, "class option requires a classname\n");
diff --git a/init/keywords.h b/init/keywords.h
index 09f645b..4bd0ba6 100644
--- a/init/keywords.h
+++ b/init/keywords.h
@@ -11,6 +11,7 @@
int do_hostname(int nargs, char **args);
int do_ifup(int nargs, char **args);
int do_insmod(int nargs, char **args);
+int do_installkey(int nargs, char **args);
int do_mkdir(int nargs, char **args);
int do_mount_all(int nargs, char **args);
int do_mount(int nargs, char **args);
@@ -44,7 +45,6 @@
enum {
K_UNKNOWN,
#endif
- KEYWORD(capability, OPTION, 0, 0)
KEYWORD(class, OPTION, 0, 0)
KEYWORD(class_start, COMMAND, 1, do_class_start)
KEYWORD(class_stop, COMMAND, 1, do_class_stop)
@@ -61,6 +61,7 @@
KEYWORD(hostname, COMMAND, 1, do_hostname)
KEYWORD(ifup, COMMAND, 1, do_ifup)
KEYWORD(insmod, COMMAND, 1, do_insmod)
+ KEYWORD(installkey, COMMAND, 1, do_installkey)
KEYWORD(import, SECTION, 1, 0)
KEYWORD(keycodes, OPTION, 0, 0)
KEYWORD(mkdir, COMMAND, 1, do_mkdir)
diff --git a/libcutils/Android.mk b/libcutils/Android.mk
index d890319..9f32307 100644
--- a/libcutils/Android.mk
+++ b/libcutils/Android.mk
@@ -59,7 +59,8 @@
sockets.c \
commonHostSources += \
- ashmem-host.c
+ ashmem-host.c \
+ trace-host.c
endif
@@ -116,7 +117,7 @@
partition_utils.c \
properties.c \
qtaguid.c \
- trace.c \
+ trace-dev.c \
uevent.c \
LOCAL_SRC_FILES_arm += \
diff --git a/libcutils/tests/Android.mk b/libcutils/tests/Android.mk
index 5a54698..d532dfb 100644
--- a/libcutils/tests/Android.mk
+++ b/libcutils/tests/Android.mk
@@ -32,21 +32,19 @@
LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64
include $(BUILD_NATIVE_TEST)
-# The static libcutils tests cannot be built when using libc++ because there are
-# multiple symbol definition errors between libc++ and libgcc. b/18389856
-#include $(CLEAR_VARS)
-#LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
-#LOCAL_MODULE := libcutils_test_static
-#LOCAL_FORCE_STATIC_EXECUTABLE := true
-#LOCAL_SRC_FILES := $(test_src_files)
-#LOCAL_STATIC_LIBRARIES := \
-# libc \
-# libcutils \
-# liblog \
-# libutils \
+include $(CLEAR_VARS)
+LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
+LOCAL_MODULE := libcutils_test_static
+LOCAL_FORCE_STATIC_EXECUTABLE := true
+LOCAL_SRC_FILES := $(test_src_files)
+LOCAL_STATIC_LIBRARIES := \
+ libc \
+ libcutils \
+ liblog \
+ libutils \
-#LOCAL_CXX_STL := stlport_static
-#LOCAL_MULTILIB := both
-#LOCAL_MODULE_STEM_32 := $(LOCAL_MODULE)32
-#LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64
-#include $(BUILD_NATIVE_TEST)
+LOCAL_CXX_STL := libc++_static
+LOCAL_MULTILIB := both
+LOCAL_MODULE_STEM_32 := $(LOCAL_MODULE)32
+LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64
+include $(BUILD_NATIVE_TEST)
diff --git a/libcutils/trace.c b/libcutils/trace-dev.c
similarity index 100%
rename from libcutils/trace.c
rename to libcutils/trace-dev.c
diff --git a/libcutils/trace-host.c b/libcutils/trace-host.c
new file mode 100644
index 0000000..b87e543
--- /dev/null
+++ b/libcutils/trace-host.c
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <cutils/trace.h>
+
+#ifndef __unused
+#define __unused __attribute__((__unused__))
+#endif
+
+volatile int32_t atrace_is_ready = 1;
+int atrace_marker_fd = -1;
+uint64_t atrace_enabled_tags = 0;
+
+void atrace_set_debuggable(bool debuggable __unused) { }
+void atrace_set_tracing_enabled(bool enabled __unused) { }
+void atrace_update_tags() { }
+void atrace_setup() { }
+void atrace_begin_body(const char* name __unused) { }
+void atrace_async_begin_body(const char* name __unused, int32_t cookie __unused) { }
+void atrace_async_end_body(const char* name __unused, int32_t cookie __unused) { }
+void atrace_int_body(const char* name __unused, int32_t value __unused) { }
+void atrace_int64_body(const char* name __unused, int64_t value __unused) { }
diff --git a/libsparse/append2simg.c b/libsparse/append2simg.c
index 65e6cc2..1cf827c 100644
--- a/libsparse/append2simg.c
+++ b/libsparse/append2simg.c
@@ -82,7 +82,7 @@
exit(-1);
}
- sparse_output = sparse_file_import_auto(output, true);
+ sparse_output = sparse_file_import_auto(output, true, true);
if (!sparse_output) {
fprintf(stderr, "Couldn't import output file\n");
exit(-1);
diff --git a/libsparse/include/sparse/sparse.h b/libsparse/include/sparse/sparse.h
index 8b757d2..42d4adb 100644
--- a/libsparse/include/sparse/sparse.h
+++ b/libsparse/include/sparse/sparse.h
@@ -234,6 +234,7 @@
*
* @fd - file descriptor to read from
* @crc - verify the crc of a file in the Android sparse file format
+ * @verbose - whether to use verbose logging
*
* Reads an existing sparse or normal file into a sparse file cookie.
* Attempts to determine if the file is sparse or not by looking for the sparse
@@ -243,7 +244,7 @@
*
* Returns a new sparse file cookie on success, NULL on error.
*/
-struct sparse_file *sparse_file_import_auto(int fd, bool crc);
+struct sparse_file *sparse_file_import_auto(int fd, bool crc, bool verbose);
/** sparse_file_resparse - rechunk an existing sparse file into smaller files
*
diff --git a/libsparse/sparse_read.c b/libsparse/sparse_read.c
index 8e188e9..9b10293 100644
--- a/libsparse/sparse_read.c
+++ b/libsparse/sparse_read.c
@@ -472,13 +472,13 @@
return s;
}
-struct sparse_file *sparse_file_import_auto(int fd, bool crc)
+struct sparse_file *sparse_file_import_auto(int fd, bool crc, bool verbose)
{
struct sparse_file *s;
int64_t len;
int ret;
- s = sparse_file_import(fd, true, crc);
+ s = sparse_file_import(fd, verbose, crc);
if (s) {
return s;
}
diff --git a/logd/LogCommand.cpp b/logd/LogCommand.cpp
index e4c138e..b78c0e0 100644
--- a/logd/LogCommand.cpp
+++ b/logd/LogCommand.cpp
@@ -17,6 +17,7 @@
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <private/android_filesystem_config.h>
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 3ae0954..cda79ce 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -225,6 +225,8 @@
mkdir /cache/lost+found 0770 root root
on post-fs-data
+ installkey /data
+
# We chown/chmod /data again so because mount is run as root + defaults
chown system system /data
chmod 0771 /data
@@ -303,6 +305,14 @@
# Separate location for storing security policy files on data
mkdir /data/security 0711 system system
+ # Create all remaining /data root dirs so that they are made through init
+ # and get proper encryption policy installed
+ mkdir /data/backup 0700 system system
+ mkdir /data/media 0770 media_rw media_rw
+ mkdir /data/ss 0700 system system
+ mkdir /data/system 0775 system system
+ mkdir /data/user 0711 system system
+
# Reload policy from /data/security if present.
setprop selinux.reload_policy 1
@@ -438,6 +448,7 @@
class_start main
on property:vold.decrypt=trigger_restart_framework
+ installkey /data
class_start main
class_start late_start
diff --git a/run-as/package.c b/run-as/package.c
index 4f8f3a7..9e1f5bb 100644
--- a/run-as/package.c
+++ b/run-as/package.c
@@ -16,9 +16,11 @@
*/
#include <errno.h>
#include <fcntl.h>
-#include <unistd.h>
-#include <sys/stat.h>
+#include <string.h>
#include <sys/mman.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
#include <private/android_filesystem_config.h>
#include "package.h"