commit 8eeb02833800973c3e41872b0777240871333901
author Hongyu Jin <hongyu.jin@unisoc.com> Sat Sep 24 12:00:02 2022 +0800
committer Hongyu Jin <hongyu.jin@unisoc.com> Wed Sep 28 17:44:44 2022 +0800
tree fa201f890c4dc7c158876596163dd7a481662124
parent 3f658163eeb961587a1dd73a97a596ee288622fb

cryptfs: Update the size of dm-crypt device according to sector size

The legacy method for metadata encryption on adoptable storage failed
when the size of the block device isn't a multiple of the crypto sector size.

Update the size of dm-crypt device according to sector size
before construct dm_target.

Bug: 248582018
Change-Id: I5c78889bdfedca7f7b0704500fc313d7a48d5a3b
Signed-off-by: Hongyu Jin <hongyu.jin@unisoc.com>

cryptfs.cpp

diff --git a/cryptfs.cpp b/cryptfs.cpp
index 5213c18..be8ba3c 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -95,37 +95,6 @@
 }
 
 /*
- * If the ro.crypto.fde_sector_size system property is set, append the
- * parameters to make dm-crypt use the specified crypto sector size and round
- * the crypto device size down to a crypto sector boundary.
- */
-static int add_sector_size_param(DmTargetCrypt* target, uint64_t* nr_sec) {
-    constexpr char DM_CRYPT_SECTOR_SIZE[] = "ro.crypto.fde_sector_size";
-    char value[PROPERTY_VALUE_MAX];
-
-    if (property_get(DM_CRYPT_SECTOR_SIZE, value, "") > 0) {
-        unsigned int sector_size;
-
-        if (!ParseUint(value, &sector_size) || sector_size < 512 || sector_size > 4096 ||
-            (sector_size & (sector_size - 1)) != 0) {
-            SLOGE("Invalid value for %s: %s.  Must be >= 512, <= 4096, and a power of 2\n",
-                  DM_CRYPT_SECTOR_SIZE, value);
-            return -1;
-        }
-
-        target->SetSectorSize(sector_size);
-
-        // With this option, IVs will match the sector numbering, instead
-        // of being hard-coded to being based on 512-byte sectors.
-        target->SetIvLargeSectors();
-
-        // Round the crypto device size down to a crypto sector boundary.
-        *nr_sec &= ~((sector_size / 512) - 1);
-    }
-    return 0;
-}
-
-/*
  * Called by vold when it's asked to mount an encrypted external
  * storage volume. The incoming partition has no crypto header/footer,
  * as any metadata is been stored in a separate, small partition.  We
@@ -145,8 +114,25 @@
         return -1;
     }
 
-    auto& dm = DeviceMapper::Instance();
+    constexpr char DM_CRYPT_SECTOR_SIZE[] = "ro.crypto.fde_sector_size";
+    char value[PROPERTY_VALUE_MAX];
+    unsigned int sector_size = 0;
 
+    if (property_get(DM_CRYPT_SECTOR_SIZE, value, "") > 0) {
+        if (!ParseUint(value, &sector_size) || sector_size < 512 || sector_size > 4096 ||
+            (sector_size & (sector_size - 1)) != 0) {
+            SLOGE("Invalid value for %s: %s.  Must be >= 512, <= 4096, and a power of 2\n",
+                  DM_CRYPT_SECTOR_SIZE, value);
+            return -1;
+        }
+    }
+
+    // Round the crypto device size down to a crypto sector boundary.
+    if (sector_size > 0) {
+        nr_sec &= ~((sector_size / 512) - 1);
+    }
+
+    auto& dm = DeviceMapper::Instance();
     // We need two ASCII characters to represent each byte, and need space for
     // the '\0' terminator.
     char key_ascii[MAX_KEY_LEN * 2 + 1];
@@ -160,9 +146,13 @@
         android::base::GetBoolProperty("ro.crypto.allow_encrypt_override", false)) {
         target->AllowEncryptOverride();
     }
-    if (add_sector_size_param(target.get(), &nr_sec)) {
-        SLOGE("Error processing dm-crypt sector size param\n");
-        return -1;
+
+    // Append the parameters to make dm-crypt use the specified crypto sector size.
+    if (sector_size > 0) {
+        target->SetSectorSize(sector_size);
+        // With this option, IVs will match the sector numbering, instead
+        // of being hard-coded to being based on 512-byte sectors.
+        target->SetIvLargeSectors();
     }
 
     DmTable table;