Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709)
Bug: 166295507
Merged-In: Id417587a550b0f4abf5a6a3e4b4535011b21f627
Change-Id: Ibb5e8cf5f36dad408cf047dd0498aba24249b695
diff --git a/EncryptInplace.cpp b/EncryptInplace.cpp
index 9d304da..b1bd11d 100644
--- a/EncryptInplace.cpp
+++ b/EncryptInplace.cpp
@@ -205,9 +205,16 @@
data->count = 0;
for (block = 0; block < block_count; block++) {
- int used = (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT)
- ? 0
- : bitmap_get_bit(block_bitmap, block);
+ int used;
+
+ if (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT) {
+ // In block groups with an uninitialized block bitmap, we only
+ // need to encrypt the backup superblock (if one is present).
+ used = (ext4_bg_has_super_block(i) && block < 1 + aux_info.bg_desc_blocks);
+ } else {
+ used = bitmap_get_bit(block_bitmap, block);
+ }
+
update_progress(data, used);
if (used) {
if (data->count == 0) {
diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index e21524a..9bdade5 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -269,10 +269,9 @@
// HEH as default was always a mistake. Use the libfscrypt default (CTS)
// for devices launching on versions above Android 10.
auto first_api_level = GetFirstApiLevel();
- constexpr uint64_t pre_gki_level = 29;
auto filenames_mode =
android::base::GetProperty("ro.crypto.volume.filenames_mode",
- first_api_level > pre_gki_level ? "" : "aes-256-heh");
+ first_api_level > __ANDROID_API_Q__ ? "" : "aes-256-heh");
auto options_string = android::base::GetProperty("ro.crypto.volume.options",
contents_mode + ":" + filenames_mode);
if (!ParseOptionsForApiLevel(first_api_level, options_string, options)) {
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index ca2813d..c61132c 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -283,10 +283,9 @@
return false;
}
- constexpr unsigned int pre_gki_level = 29;
unsigned int options_format_version = android::base::GetUintProperty<unsigned int>(
"ro.crypto.dm_default_key.options_format.version",
- (GetFirstApiLevel() <= pre_gki_level ? 1 : 2));
+ (GetFirstApiLevel() <= __ANDROID_API_Q__ ? 1 : 2));
CryptoOptions options;
if (options_format_version == 1) {
diff --git a/OWNERS b/OWNERS
index bab0ef6..deeceb7 100644
--- a/OWNERS
+++ b/OWNERS
@@ -4,3 +4,4 @@
ebiggers@google.com
drosen@google.com
zezeozue@google.com
+maco@google.com
diff --git a/model/VolumeEncryption.cpp b/model/VolumeEncryption.cpp
index 5b0e73d..e6a55a9 100644
--- a/model/VolumeEncryption.cpp
+++ b/model/VolumeEncryption.cpp
@@ -32,16 +32,16 @@
enum class VolumeMethod { kFailed, kCrypt, kDefaultKey };
static VolumeMethod lookup_volume_method() {
- constexpr uint64_t pre_gki_level = 29;
auto first_api_level =
android::base::GetUintProperty<uint64_t>("ro.product.first_api_level", 0);
auto method = android::base::GetProperty("ro.crypto.volume.metadata.method", "default");
if (method == "default") {
- return first_api_level > pre_gki_level ? VolumeMethod::kDefaultKey : VolumeMethod::kCrypt;
+ return first_api_level > __ANDROID_API_Q__ ? VolumeMethod::kDefaultKey
+ : VolumeMethod::kCrypt;
} else if (method == "dm-default-key") {
return VolumeMethod::kDefaultKey;
} else if (method == "dm-crypt") {
- if (first_api_level > pre_gki_level) {
+ if (first_api_level > __ANDROID_API_Q__) {
LOG(ERROR) << "volume encryption method dm-crypt cannot be used, "
"ro.product.first_api_level = "
<< first_api_level;