Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_vold / efe8b3de968b3bc66153b823a4dfbdf7f4276e8d^2..efe8b3de968b3bc66153b823a4dfbdf7f4276e8d / .
commitefe8b3de968b3bc66153b823a4dfbdf7f4276e8d[log] [tgz]
authorChih-Hung Hsieh <chh@google.com>Wed Jun 22 21:36:05 2016 +0000
committerandroid-build-merger <android-build-merger@google.com>Wed Jun 22 21:36:05 2016 +0000
tree483dac620402ba8a6088c2ca411aec0e0b53ef80
parent3560d44f709fc11eda978c4c513c24ed805193cc [diff]
parentf5e9bc9517a5024dafd588a9528bef9205700789 [diff]
Merge \\\"Fix misc-macro-parentheses warnings in system/vold.\\\" am: 786c536e84 am: c83c87e681
am: f5e9bc9517

Change-Id: I1a505858b0a0407489e9adcdd894048e66cfc939

diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 1158475..28140d2 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp

@@ -170,6 +170,14 @@
     }
     LOG(DEBUG) << "Added key " << key_id << " (" << ref << ") to keyring " << device_keyring
                << " in process " << getpid();
+
+    // *TODO* Remove this code when kernel is fixed - see b/28373400
+    // Kernel preserves caches across a key insertion with ext4ice, which leads
+    // to contradictory dirents
+    if (!android::base::WriteStringToFile("3", "/proc/sys/vm/drop_caches")) {
+        PLOG(ERROR) << "Failed to drop_caches";
+    }
+
     return true;
 }
 
@@ -373,7 +381,9 @@
 }
 
 static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
-    if (e4crypt_policy_ensure(path.c_str(), raw_ref.data(), raw_ref.size()) != 0) {
+    if (e4crypt_policy_ensure(path.c_str(),
+                              raw_ref.data(), raw_ref.size(),
+                              cryptfs_get_file_encryption_mode()) != 0) {
         LOG(ERROR) << "Failed to set policy on: " << path;
         return false;
     }
@@ -432,6 +442,13 @@
         return true;
     }
 
+    std::string mode_filename = std::string("/data") + e4crypt_key_mode;
+    std::string mode = cryptfs_get_file_encryption_mode();
+    if (!android::base::WriteStringToFile(mode, mode_filename)) {
+        PLOG(ERROR) << "Cannot save type";
+        return false;
+    }
+
     std::string device_key;
     if (path_exists(device_key_path)) {
         if (!android::vold::retrieveKey(device_key_path,

diff --git a/cryptfs.c b/cryptfs.c
index eb9a8ed..a96d909 100644
--- a/cryptfs.c
+++ b/cryptfs.c

@@ -3855,3 +3855,9 @@
     return encrypt_master_key(password, ftr->salt, master_key, ftr->master_key,
                               ftr);
 }
+
+const char* cryptfs_get_file_encryption_mode()
+{
+    struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+    return fs_mgr_get_file_encryption_mode(rec);
+}

diff --git a/cryptfs.h b/cryptfs.h
index c713067..bf158de 100644
--- a/cryptfs.h
+++ b/cryptfs.h

@@ -252,6 +252,7 @@
                              unsigned char* master_key);
   int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
                            const unsigned char* master_key);
+  const char* cryptfs_get_file_encryption_mode();
 
 #ifdef __cplusplus
 }