Set encryption mode in mode file
Bug: 28905864
Change-Id: Ie2a5c3e029075d53a86ef3afb7fe364c16d8d52b
diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 90fc411..28140d2 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -381,7 +381,9 @@
}
static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
- if (e4crypt_policy_ensure(path.c_str(), raw_ref.data(), raw_ref.size()) != 0) {
+ if (e4crypt_policy_ensure(path.c_str(),
+ raw_ref.data(), raw_ref.size(),
+ cryptfs_get_file_encryption_mode()) != 0) {
LOG(ERROR) << "Failed to set policy on: " << path;
return false;
}
@@ -440,6 +442,13 @@
return true;
}
+ std::string mode_filename = std::string("/data") + e4crypt_key_mode;
+ std::string mode = cryptfs_get_file_encryption_mode();
+ if (!android::base::WriteStringToFile(mode, mode_filename)) {
+ PLOG(ERROR) << "Cannot save type";
+ return false;
+ }
+
std::string device_key;
if (path_exists(device_key_path)) {
if (!android::vold::retrieveKey(device_key_path,
diff --git a/cryptfs.c b/cryptfs.c
index eb9a8ed..a96d909 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -3855,3 +3855,9 @@
return encrypt_master_key(password, ftr->salt, master_key, ftr->master_key,
ftr);
}
+
+const char* cryptfs_get_file_encryption_mode()
+{
+ struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+ return fs_mgr_get_file_encryption_mode(rec);
+}
diff --git a/cryptfs.h b/cryptfs.h
index fbcec4e..11d9bb7 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -252,6 +252,7 @@
unsigned char* master_key);
int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
const unsigned char* master_key);
+ const char* cryptfs_get_file_encryption_mode();
#ifdef __cplusplus
}