Merge "Create a File Based Encryption check API" (243336b3) · Commits · e / os / android_frameworks_base

core/java/android/os/storage/IMountService.java

+32 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1211,6 +1211,23 @@ public interface IMountService extends IInterface {
	_data.recycle();		_data.recycle();
	}		}
	}		}

			@Override
			public boolean isPerUserEncryptionEnabled() throws RemoteException {
			Parcel _data = Parcel.obtain();
			Parcel _reply = Parcel.obtain();
			boolean _result;
			try {
			_data.writeInterfaceToken(DESCRIPTOR);
			mRemote.transact(Stub.TRANSACTION_isPerUserEncryptionEnabled, _data, _reply, 0);
			_reply.readException();
			_result = 0 != _reply.readInt();
			} finally {
			_reply.recycle();
			_data.recycle();
			}
			return _result;
			}
	}		}

	private static final String DESCRIPTOR = "IMountService";		private static final String DESCRIPTOR = "IMountService";
	@@ -1330,6 +1347,8 @@ public interface IMountService extends IInterface {

	static final int TRANSACTION_deleteUserKey = IBinder.FIRST_CALL_TRANSACTION + 63;		static final int TRANSACTION_deleteUserKey = IBinder.FIRST_CALL_TRANSACTION + 63;

			static final int TRANSACTION_isPerUserEncryptionEnabled = IBinder.FIRST_CALL_TRANSACTION + 64;

	/**		/**
	* Cast an IBinder object into an IMountService interface, generating a		* Cast an IBinder object into an IMountService interface, generating a
	* proxy if needed.		* proxy if needed.
	@@ -1900,6 +1919,13 @@ public interface IMountService extends IInterface {
	reply.writeNoException();		reply.writeNoException();
	return true;		return true;
	}		}
			case TRANSACTION_isPerUserEncryptionEnabled: {
			data.enforceInterface(DESCRIPTOR);
			boolean result = isPerUserEncryptionEnabled();
			reply.writeNoException();
			reply.writeInt((result ? 1 : 0));
			return true;
			}
	}		}
	return super.onTransact(code, data, reply, flags);		return super.onTransact(code, data, reply, flags);
	}		}
	@@ -2224,4 +2250,10 @@ public interface IMountService extends IInterface {
	*/		*/
	public void deleteUserKey(int userHandle)		public void deleteUserKey(int userHandle)
	throws RemoteException;		throws RemoteException;

			/**
			* Returns whether the current encryption type is per user.
			*/
			public boolean isPerUserEncryptionEnabled()
			throws RemoteException;
	}		}

core/java/android/os/storage/StorageManager.java

+9 −0

Original line number	Original line	Diff line number	Diff line
	@@ -977,6 +977,15 @@ public class StorageManager {
	}		}
	}		}

			/** {@hide} */
			public boolean isPerUserEncryptionEnabled() {
			try {
			return mMountService.isPerUserEncryptionEnabled();
			} catch (RemoteException e) {
			throw e.rethrowAsRuntimeException();
			}
			}

	/** {@hide} */		/** {@hide} */
	public static File maybeTranslateEmulatedPathToInternal(File path) {		public static File maybeTranslateEmulatedPathToInternal(File path) {
	final IMountService mountService = IMountService.Stub.asInterface(		final IMountService mountService = IMountService.Stub.asInterface(

services/core/java/com/android/server/LockSettingsStorage.java

+3 −2

Original line number	Original line	Diff line number	Diff line
	@@ -27,6 +27,7 @@ import android.database.sqlite.SQLiteOpenHelper;
	import android.os.Environment;		import android.os.Environment;
	import android.os.SystemProperties;		import android.os.SystemProperties;
	import android.os.UserManager;		import android.os.UserManager;
			import android.os.storage.StorageManager;
	import android.util.ArrayMap;		import android.util.ArrayMap;
	import android.util.Log;		import android.util.Log;
	import android.util.Slog;		import android.util.Slog;
	@@ -387,8 +388,8 @@ class LockSettingsStorage {
	}		}

	private int getUserParentOrSelfId(int userId) {		private int getUserParentOrSelfId(int userId) {
	// Device supports File Based Encryption, and lock is applied per-user		// Device supports per user encryption, so lock is applied to the given user.
	if ("file".equals(SystemProperties.get("ro.crypto.type", "none"))) {		if (mContext.getSystemService(StorageManager.class).isPerUserEncryptionEnabled()) {
	return userId;		return userId;
	}		}
	// Device uses Block Based Encryption, and the parent user's lock is used for the whole		// Device uses Block Based Encryption, and the parent user's lock is used for the whole

services/core/java/com/android/server/MountService.java

+5 −0

Original line number	Original line	Diff line number	Diff line
	@@ -2692,6 +2692,11 @@ class MountService extends IMountService.Stub
	}		}
	}		}

			@Override
			public boolean isPerUserEncryptionEnabled() {
			return "file".equals(SystemProperties.get("ro.crypto.type", "none"));
			}

	@Override		@Override
	public int mkdirs(String callingPkg, String appPath) {		public int mkdirs(String callingPkg, String appPath) {
	final int userId = UserHandle.getUserId(Binder.getCallingUid());		final int userId = UserHandle.getUserId(Binder.getCallingUid());

services/core/java/com/android/server/pm/UserManagerService.java

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -404,7 +404,7 @@ public class UserManagerService extends IUserManager.Stub {
	@Override		@Override
	public int getCredentialOwnerProfile(int userHandle) {		public int getCredentialOwnerProfile(int userHandle) {
	checkManageUsersPermission("get the credential owner");		checkManageUsersPermission("get the credential owner");
	if (!"file".equals(SystemProperties.get("ro.crypto.type", "none"))) {		if (!mContext.getSystemService(StorageManager.class).isPerUserEncryptionEnabled()) {
	synchronized (mUsersLock) {		synchronized (mUsersLock) {
	UserInfo profileParent = getProfileParentLU(userHandle);		UserInfo profileParent = getProfileParentLU(userHandle);
	if (profileParent != null) {		if (profileParent != null) {