On newer devices, use dm-default-key to encrypt SD cards
The dm-crypt solution requires a kernel patch that won't be present in
the GKI kernel, while the new metadata encryption system in the GKI
kernel solves this problem in a much cleaner way.
Test: create private volume on Cuttlefish, setting property both ways.
Bug: 147814592
Change-Id: Ie02bd647c38d8101af2bbc47637f65845d312cea
diff --git a/model/Disk.cpp b/model/Disk.cpp
index f92435d..6a6585e 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -16,11 +16,11 @@
#include "Disk.h"
#include "FsCrypt.h"
-#include "KeyUtil.h"
#include "PrivateVolume.h"
#include "PublicVolume.h"
#include "Utils.h"
#include "VolumeBase.h"
+#include "VolumeEncryption.h"
#include "VolumeManager.h"
#include <android-base/file.h>
@@ -31,8 +31,6 @@
#include <android-base/strings.h>
#include <fscrypt/fscrypt.h>
-#include "cryptfs.h"
-
#include <fcntl.h>
#include <inttypes.h>
#include <stdio.h>
@@ -507,7 +505,7 @@
}
KeyBuffer key;
- if (!generateStorageKey(cryptfs_get_keygen(), &key)) {
+ if (!generate_volume_key(&key)) {
LOG(ERROR) << "Failed to generate key";
return -EIO;
}