Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a9a54506 authored by Eric Biggers's avatar Eric Biggers
Browse files

ANDROID: dm: prevent default-key from being enabled without needed hooks 



While dm-default-key no longer requires that the filesystem is also
using inline encryption (i.e. mounted with '-o inlinecrypt'), it does
still rely on the inline crypto hooks like fscrypt_set_bio_crypt_ctx()
being built into the kernel rather than stubbed out, as these are used
to set the bi_skip_dm_default_key flag on bios for encrypted files.
I.e., CONFIG_FS_ENCRYPTION_INLINE_CRYPT=y is still needed.

The proper solution is to fix these hooks to handle DM_DEFAULT_KEY &&
!FS_ENCRYPTION_INLINE_CRYPT, but that would introduce a case that
wouldn't get tested.  So for now, to avoid problems just make
dm-default-key depend on FS_ENCRYPTION_INLINE_CRYPT.

Test: make gki_defconfig
      echo CONFIG_FS_ENCRYPTION_INLINE_CRYPT=n >> .config
      make olddefconfig
      grep CONFIG_DM_DEFAULT_KEY .config  # was disabled

Bug: 147814592
Change-Id: Ie52686a72d5d14457d87dcf81677e33e291680bb
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
parent a444cff8
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment