commit 9d2e149521a5068e83c8ab88c4c2f7e180ef82a0
author Eric Biggers <ebiggers@google.com> Wed Jun 22 19:07:49 2022 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Wed Jun 22 19:07:49 2022 +0000
tree 7972286183a22e3f2f08ba1d75d02882bcfdb2d1
parent 7f6de29a044e8f833001b1965dac733ac9c55dc0
parent e51736136ab7615be596c8614e8646c4f4ff50f0

Merge "Rename fscrypt_is_native() to IsFbeEnabled()" am: d99898496f am: e51736136a

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2128492

Change-Id: Ic0ef4032bd5596c53f3c7c148928208f62b29300
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

FsCrypt.cpp

diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 111c9aa..5bc55d0 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -324,7 +324,7 @@
 static bool prepare_dir_with_policy(const std::string& dir, mode_t mode, uid_t uid, gid_t gid,
                                     const EncryptionPolicy& policy) {
     if (!prepare_dir(dir, mode, uid, gid)) return false;
-    if (fscrypt_is_native() && !EnsurePolicy(policy, dir)) return false;
+    if (IsFbeEnabled() && !EnsurePolicy(policy, dir)) return false;
     return true;
 }
 
@@ -533,7 +533,7 @@
 bool fscrypt_init_user0() {
     LOG(DEBUG) << "fscrypt_init_user0";
 
-    if (fscrypt_is_native()) {
+    if (IsFbeEnabled()) {
         if (!prepare_dir(user_key_dir, 0700, AID_ROOT, AID_ROOT)) return false;
         if (!prepare_dir(user_key_dir + "/ce", 0700, AID_ROOT, AID_ROOT)) return false;
         if (!prepare_dir(user_key_dir + "/de", 0700, AID_ROOT, AID_ROOT)) return false;
@@ -560,7 +560,7 @@
     // In some scenarios (e.g. userspace reboot) we might unmount userdata
     // without doing a hard reboot. If CE keys were stored in fs keyring then
     // they will be lost after unmount. Attempt to re-install them.
-    if (fscrypt_is_native() && android::vold::isFsKeyringSupported()) {
+    if (IsFbeEnabled() && android::vold::isFsKeyringSupported()) {
         if (!try_reload_ce_keys()) return false;
     }
 
@@ -570,7 +570,7 @@
 
 bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral) {
     LOG(DEBUG) << "fscrypt_vold_create_user_key for " << user_id << " serial " << serial;
-    if (!fscrypt_is_native()) {
+    if (!IsFbeEnabled()) {
         return true;
     }
     // FIXME test for existence of key that is not loaded yet
@@ -621,7 +621,7 @@
 
 bool fscrypt_destroy_user_key(userid_t user_id) {
     LOG(DEBUG) << "fscrypt_destroy_user_key(" << user_id << ")";
-    if (!fscrypt_is_native()) {
+    if (!IsFbeEnabled()) {
         return true;
     }
     bool success = true;
@@ -740,7 +740,7 @@
 
 bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& secret_hex) {
     LOG(DEBUG) << "fscrypt_add_user_key_auth " << user_id << " serial=" << serial;
-    if (!fscrypt_is_native()) return true;
+    if (!IsFbeEnabled()) return true;
     auto auth = authentication_from_hex(secret_hex);
     if (!auth) return false;
     return fscrypt_rewrap_user_key(user_id, serial, kEmptyAuthentication, *auth);
@@ -748,7 +748,7 @@
 
 bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& secret_hex) {
     LOG(DEBUG) << "fscrypt_clear_user_key_auth " << user_id << " serial=" << serial;
-    if (!fscrypt_is_native()) return true;
+    if (!IsFbeEnabled()) return true;
     auto auth = authentication_from_hex(secret_hex);
     if (!auth) return false;
     return fscrypt_rewrap_user_key(user_id, serial, *auth, kEmptyAuthentication);
@@ -756,7 +756,7 @@
 
 bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) {
     LOG(DEBUG) << "fscrypt_fixate_newest_user_key_auth " << user_id;
-    if (!fscrypt_is_native()) return true;
+    if (!IsFbeEnabled()) return true;
     if (s_ephemeral_users.count(user_id) != 0) return true;
     auto const directory_path = get_ce_key_directory_path(user_id);
     auto const paths = get_ce_key_paths(directory_path);
@@ -779,7 +779,7 @@
 // TODO: rename to 'install' for consistency, and take flags to know which keys to install
 bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) {
     LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial;
-    if (fscrypt_is_native()) {
+    if (IsFbeEnabled()) {
         if (s_ce_policies.count(user_id) != 0) {
             LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;
             return true;
@@ -797,7 +797,7 @@
 // TODO: rename to 'evict' for consistency
 bool fscrypt_lock_user_key(userid_t user_id) {
     LOG(DEBUG) << "fscrypt_lock_user_key " << user_id;
-    if (fscrypt_is_native()) {
+    if (IsFbeEnabled()) {
         return evict_ce_key(user_id);
     }
     return true;
@@ -849,7 +849,7 @@
         auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id);
         auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
 
-        if (fscrypt_is_native()) {
+        if (IsFbeEnabled()) {
             if (volume_uuid.empty()) {
                 if (!lookup_policy(s_de_policies, user_id, &de_policy)) {
                     LOG(ERROR) << "Cannot find DE policy for user " << user_id;
@@ -893,7 +893,7 @@
         auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
         auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
 
-        if (fscrypt_is_native()) {
+        if (IsFbeEnabled()) {
             if (volume_uuid.empty()) {
                 if (!lookup_policy(s_ce_policies, user_id, &ce_policy)) {
                     LOG(ERROR) << "Cannot find CE policy for user " << user_id;
@@ -964,7 +964,7 @@
             res &= destroy_dir(system_ce_path);
             res &= destroy_dir(vendor_ce_path);
         } else {
-            if (fscrypt_is_native()) {
+            if (IsFbeEnabled()) {
                 auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id);
                 res &= destroy_volkey(misc_ce_empty_volume_path, volume_uuid);
             }
@@ -994,7 +994,7 @@
             res &= destroy_dir(system_de_path);
             res &= destroy_dir(vendor_de_path);
         } else {
-            if (fscrypt_is_native()) {
+            if (IsFbeEnabled()) {
                 auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id);
                 res &= destroy_volkey(misc_de_empty_volume_path, volume_uuid);
             }

VolumeManager.cpp

diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index a7d39c1..5cef239 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -358,7 +358,7 @@
         LOG(ERROR) << "Failed to unlink " << keyPath;
         success = false;
     }
-    if (fscrypt_is_native()) {
+    if (IsFbeEnabled()) {
         if (!fscrypt_destroy_volume_keys(fsUuid)) {
             success = false;
         }

cryptfs.cpp

diff --git a/cryptfs.cpp b/cryptfs.cpp
index ab8f3ec..5213c18 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -156,7 +156,7 @@
                                                   key_ascii, 0, real_blkdev, 0);
     target->AllowDiscards();
 
-    if (fscrypt_is_native() &&
+    if (IsFbeEnabled() &&
         android::base::GetBoolProperty("ro.crypto.allow_encrypt_override", false)) {
         target->AllowEncryptOverride();
     }

fs/Ext4.cpp

diff --git a/fs/Ext4.cpp b/fs/Ext4.cpp
index 52f6772..293efc4 100644
--- a/fs/Ext4.cpp
+++ b/fs/Ext4.cpp
@@ -182,7 +182,7 @@
     if (android::base::GetBoolProperty("vold.has_quota", false)) {
         options += ",quota";
     }
-    if (fscrypt_is_native()) {
+    if (IsFbeEnabled()) {
         options += ",encrypt";
     }
     if (needs_casefold) {