With native FBE, lock user directories when framework is started (171217cb) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/StorageManagerService.java

+14 −7

Original line number	Original line	Diff line number	Diff line
	@@ -943,13 +943,20 @@ class StorageManagerService extends IStorageManager.Stub
	private void initIfBootedAndConnected() {		private void initIfBootedAndConnected() {
	Slog.d(TAG, "Thinking about init, mBootCompleted=" + mBootCompleted		Slog.d(TAG, "Thinking about init, mBootCompleted=" + mBootCompleted
	+ ", mDaemonConnected=" + mDaemonConnected);		+ ", mDaemonConnected=" + mDaemonConnected);
	if (mBootCompleted && mDaemonConnected		if (mBootCompleted && mDaemonConnected) {
	&& !StorageManager.isFileEncryptedNativeOnly()) {		// Tell vold to lock or unlock the user directories based on the
	// When booting a device without native support, make sure that our		// current file-based encryption status.
	// user directories are locked or unlocked based on the current		final boolean initLocked;
	// emulation status.		if (StorageManager.isFileEncryptedNativeOrEmulated()) {
	final boolean initLocked = StorageManager.isFileEncryptedEmulatedOnly();		// For native FBE this is a no-op after reboot, but this is
	Slog.d(TAG, "Setting up emulation state, initlocked=" + initLocked);		// still needed in case of framework restarts.
			Slog.d(TAG, "FBE is enabled; ensuring all user directories are locked.");
			initLocked = true;
			} else {
			// This is in case FBE emulation was turned off.
			Slog.d(TAG, "FBE is disabled; ensuring the FBE emulation state is cleared.");
			initLocked = false;
			}
	final List<UserInfo> users = mContext.getSystemService(UserManager.class).getUsers();		final List<UserInfo> users = mContext.getSystemService(UserManager.class).getUsers();
	for (UserInfo user : users) {		for (UserInfo user : users) {
	try {		try {