commit 84274cc35cf4100794796e2027e733fa2fc8cd1f
author Paul Lawrence <paullawrence@google.com> Fri Apr 15 15:41:33 2016 -0700
committer Paul Lawrence <paullawrence@google.com> Mon Apr 18 15:39:04 2016 -0700
tree d9a7e4f80e288531af3aa064f8d27554fa4db45e
parent cbedcc30b32d79d77d89f23074da4dc76bf5e26d

Don't start defaultcrypto twice

The old way (using triggers) starts defaultcrypto twice because
queue_property_triggers_action retriggers the action.

Bug: 27452459

Change-Id: I715d5441f8ae0b820b680f6a75f51694c4420992

cryptfs.c

diff --git a/cryptfs.c b/cryptfs.c
index f217fa5..eb9a8ed 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -3705,26 +3705,20 @@
  */
 int cryptfs_mount_default_encrypted(void)
 {
-    char decrypt_state[PROPERTY_VALUE_MAX];
-    property_get("vold.decrypt", decrypt_state, "0");
-    if (!strcmp(decrypt_state, "0")) {
-        SLOGE("Not encrypted - should not call here");
+    int crypt_type = cryptfs_get_password_type();
+    if (crypt_type < 0 || crypt_type > CRYPT_TYPE_MAX_TYPE) {
+        SLOGE("Bad crypt type - error");
+    } else if (crypt_type != CRYPT_TYPE_DEFAULT) {
+        SLOGD("Password is not default - "
+              "starting min framework to prompt");
+        property_set("vold.decrypt", "trigger_restart_min_framework");
+        return 0;
+    } else if (cryptfs_check_passwd(DEFAULT_PASSWORD) == 0) {
+        SLOGD("Password is default - restarting filesystem");
+        cryptfs_restart_internal(0);
+        return 0;
     } else {
-        int crypt_type = cryptfs_get_password_type();
-        if (crypt_type < 0 || crypt_type > CRYPT_TYPE_MAX_TYPE) {
-            SLOGE("Bad crypt type - error");
-        } else if (crypt_type != CRYPT_TYPE_DEFAULT) {
-            SLOGD("Password is not default - "
-                  "starting min framework to prompt");
-            property_set("vold.decrypt", "trigger_restart_min_framework");
-            return 0;
-        } else if (cryptfs_check_passwd(DEFAULT_PASSWORD) == 0) {
-            SLOGD("Password is default - restarting filesystem");
-            cryptfs_restart_internal(0);
-            return 0;
-        } else {
-            SLOGE("Encrypted, default crypt type but can't decrypt");
-        }
+        SLOGE("Encrypted, default crypt type but can't decrypt");
     }
 
     /** Corrupt. Allow us to boot into framework, which will detect bad

vdc.rc

diff --git a/vdc.rc b/vdc.rc
index d5483d0..4d51ced 100644
--- a/vdc.rc
+++ b/vdc.rc
@@ -1,13 +1,12 @@
 # One shot invocation to deal with encrypted volume.
-service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
-    disabled
-    oneshot
+on defaultcrypto
+    exec - root -- /system/bin/vdc --wait cryptfs mountdefaultencrypted
     # vold will set vold.decrypt to trigger_restart_framework (default
     # encryption) or trigger_restart_min_framework (other encryption)
 
 # One shot invocation to encrypt unencrypted volumes
-service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default noui
-    disabled
-    oneshot
+on encrypt
+    start surfaceflinger
+    exec - root -- /system/bin/vdc --wait cryptfs enablecrypto inplace default noui
     # vold will set vold.decrypt to trigger_restart_framework (default
     # encryption)