Loading core/java/android/os/storage/IMountService.java +6 −1 Original line number Diff line number Diff line Loading @@ -2286,7 +2286,12 @@ public interface IMountService extends IInterface { /** * Determines the encryption state of the volume. * @return a numerical value. See {@code ENCRYPTION_STATE_*} for possible values. * @return a numerical value. See {@code ENCRYPTION_STATE_*} for possible * values. * Note that this has been replaced in most cases by the APIs in * StorageManager (see isEncryptable and below) * This is still useful to get the error state when encryption has failed * and CryptKeeper needs to throw up a screen advising the user what to do */ public int getEncryptionState() throws RemoteException; Loading core/java/android/os/storage/StorageManager.java +105 −7 Original line number Diff line number Diff line Loading @@ -1025,21 +1025,119 @@ public class StorageManager { } } /** {@hide} */ public static boolean isFileBasedEncryptionEnabled() { return isNativeFileBasedEncryptionEnabled() || isEmulatedFileBasedEncryptionEnabled(); /** {@hide} * Is this device encryptable or already encrypted? * @return true for encryptable or encrypted * false not encrypted and not encryptable */ public static boolean isEncryptable() { final String state = SystemProperties.get("ro.crypto.state", "unsupported"); return !"unsupported".equalsIgnoreCase(state); } /** {@hide} */ public static boolean isNativeFileBasedEncryptionEnabled() { return "file".equals(SystemProperties.get("ro.crypto.type", "none")); /** {@hide} * Is this device already encrypted? * @return true for encrypted. (Implies isEncryptable() == true) * false not encrypted */ public static boolean isEncrypted() { final String state = SystemProperties.get("ro.crypto.state", ""); return "encrypted".equalsIgnoreCase(state); } /** {@hide} * Is this device file encrypted? * @return true for file encrypted. (Implies isEncrypted() == true) * false not encrypted or block encrypted */ public static boolean isFileEncryptedNativeOnly() { if (!isEncrypted()) { return false; } final String status = SystemProperties.get("ro.crypto.type", ""); return "file".equalsIgnoreCase(status); } /** {@hide} * Is this device block encrypted? * @return true for block encrypted. (Implies isEncrypted() == true) * false not encrypted or file encrypted */ public static boolean isBlockEncrypted() { if (!isEncrypted()) { return false; } final String status = SystemProperties.get("ro.crypto.type", ""); return "block".equalsIgnoreCase(status); } /** {@hide} * Is this device block encrypted with credentials? * @return true for crediential block encrypted. * (Implies isBlockEncrypted() == true) * false not encrypted, file encrypted or default block encrypted */ public static boolean isNonDefaultBlockEncrypted() { if (!isBlockEncrypted()) { return false; } try { IMountService mountService = IMountService.Stub.asInterface( ServiceManager.getService("mount")); return mountService.getPasswordType() != CRYPT_TYPE_DEFAULT; } catch (RemoteException e) { Log.e(TAG, "Error getting encryption type"); return false; } } /** {@hide} * Is this device in the process of being block encrypted? * @return true for encrypting. * false otherwise * Whether device isEncrypted at this point is undefined * Note that only system services and CryptKeeper will ever see this return * true - no app will ever be launched in this state. * Also note that this state will not change without a teardown of the * framework, so no service needs to check for changes during their lifespan */ public static boolean isBlockEncrypting() { final String state = SystemProperties.get("vold.encrypt_progress", ""); return !"".equalsIgnoreCase(state); } /** {@hide} * Is this device non default block encrypted and in the process of * prompting for credentials? * @return true for prompting for credentials. * (Implies isNonDefaultBlockEncrypted() == true) * false otherwise * Note that only system services and CryptKeeper will ever see this return * true - no app will ever be launched in this state. * Also note that this state will not change without a teardown of the * framework, so no service needs to check for changes during their lifespan */ public static boolean inCryptKeeperBounce() { final String status = SystemProperties.get("vold.decrypt"); return "trigger_restart_min_framework".equals(status); } /** {@hide} */ public static boolean isEmulatedFileBasedEncryptionEnabled() { public static boolean isFileEncryptedEmulatedOnly() { return SystemProperties.getBoolean(StorageManager.PROP_EMULATE_FBE, false); } /** {@hide} * Is this device running in a file encrypted mode, either native or emulated? * @return true for file encrypted, false otherwise */ public static boolean isFileEncryptedNativeOrEmulated() { return isFileEncryptedNativeOnly() || isFileEncryptedEmulatedOnly(); } /** {@hide} */ public static File maybeTranslateEmulatedPathToInternal(File path) { final IMountService mountService = IMountService.Stub.asInterface( Loading core/java/com/android/internal/widget/LockPatternUtils.java +2 −3 Original line number Diff line number Diff line Loading @@ -887,8 +887,7 @@ public class LockPatternUtils { * @return true if device encryption is enabled */ public static boolean isDeviceEncryptionEnabled() { final String status = SystemProperties.get("ro.crypto.state", "unsupported"); return "encrypted".equalsIgnoreCase(status); return StorageManager.isEncrypted(); } /** Loading @@ -896,7 +895,7 @@ public class LockPatternUtils { * @return true if device is file encrypted */ public static boolean isFileEncryptionEnabled() { return StorageManager.isFileBasedEncryptionEnabled(); return StorageManager.isFileEncryptedNativeOrEmulated(); } /** Loading core/java/com/android/server/BootReceiver.java +2 −2 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ import android.os.RecoverySystem; import android.os.RemoteException; import android.os.ServiceManager; import android.os.SystemProperties; import android.os.storage.StorageManager; import android.provider.Downloads; import android.util.AtomicFile; import android.util.Slog; Loading Loading @@ -143,8 +144,7 @@ public class BootReceiver extends BroadcastReceiver { HashMap<String, Long> timestamps = readTimestamps(); if (SystemProperties.getLong("ro.runtime.firstboot", 0) == 0) { if ("encrypted".equals(SystemProperties.get("ro.crypto.state")) && "trigger_restart_min_framework".equals(SystemProperties.get("vold.decrypt"))) { if (StorageManager.inCryptKeeperBounce()) { // Encrypted, first boot to get PIN/pattern/password so data is tmpfs // Don't set ro.runtime.firstboot so that we will do this again // when data is properly mounted Loading packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java +1 −1 Original line number Diff line number Diff line Loading @@ -684,7 +684,7 @@ public class KeyguardViewMediator extends SystemUI { doKeyguardLocked(null); mUpdateMonitor.registerCallback(mUpdateCallback); } mIsPerUserLock = StorageManager.isFileBasedEncryptionEnabled(); mIsPerUserLock = StorageManager.isFileEncryptedNativeOrEmulated(); // Most services aren't available until the system reaches the ready state, so we // send it here when the device first boots. maybeSendUserPresentBroadcast(); Loading Loading
core/java/android/os/storage/IMountService.java +6 −1 Original line number Diff line number Diff line Loading @@ -2286,7 +2286,12 @@ public interface IMountService extends IInterface { /** * Determines the encryption state of the volume. * @return a numerical value. See {@code ENCRYPTION_STATE_*} for possible values. * @return a numerical value. See {@code ENCRYPTION_STATE_*} for possible * values. * Note that this has been replaced in most cases by the APIs in * StorageManager (see isEncryptable and below) * This is still useful to get the error state when encryption has failed * and CryptKeeper needs to throw up a screen advising the user what to do */ public int getEncryptionState() throws RemoteException; Loading
core/java/android/os/storage/StorageManager.java +105 −7 Original line number Diff line number Diff line Loading @@ -1025,21 +1025,119 @@ public class StorageManager { } } /** {@hide} */ public static boolean isFileBasedEncryptionEnabled() { return isNativeFileBasedEncryptionEnabled() || isEmulatedFileBasedEncryptionEnabled(); /** {@hide} * Is this device encryptable or already encrypted? * @return true for encryptable or encrypted * false not encrypted and not encryptable */ public static boolean isEncryptable() { final String state = SystemProperties.get("ro.crypto.state", "unsupported"); return !"unsupported".equalsIgnoreCase(state); } /** {@hide} */ public static boolean isNativeFileBasedEncryptionEnabled() { return "file".equals(SystemProperties.get("ro.crypto.type", "none")); /** {@hide} * Is this device already encrypted? * @return true for encrypted. (Implies isEncryptable() == true) * false not encrypted */ public static boolean isEncrypted() { final String state = SystemProperties.get("ro.crypto.state", ""); return "encrypted".equalsIgnoreCase(state); } /** {@hide} * Is this device file encrypted? * @return true for file encrypted. (Implies isEncrypted() == true) * false not encrypted or block encrypted */ public static boolean isFileEncryptedNativeOnly() { if (!isEncrypted()) { return false; } final String status = SystemProperties.get("ro.crypto.type", ""); return "file".equalsIgnoreCase(status); } /** {@hide} * Is this device block encrypted? * @return true for block encrypted. (Implies isEncrypted() == true) * false not encrypted or file encrypted */ public static boolean isBlockEncrypted() { if (!isEncrypted()) { return false; } final String status = SystemProperties.get("ro.crypto.type", ""); return "block".equalsIgnoreCase(status); } /** {@hide} * Is this device block encrypted with credentials? * @return true for crediential block encrypted. * (Implies isBlockEncrypted() == true) * false not encrypted, file encrypted or default block encrypted */ public static boolean isNonDefaultBlockEncrypted() { if (!isBlockEncrypted()) { return false; } try { IMountService mountService = IMountService.Stub.asInterface( ServiceManager.getService("mount")); return mountService.getPasswordType() != CRYPT_TYPE_DEFAULT; } catch (RemoteException e) { Log.e(TAG, "Error getting encryption type"); return false; } } /** {@hide} * Is this device in the process of being block encrypted? * @return true for encrypting. * false otherwise * Whether device isEncrypted at this point is undefined * Note that only system services and CryptKeeper will ever see this return * true - no app will ever be launched in this state. * Also note that this state will not change without a teardown of the * framework, so no service needs to check for changes during their lifespan */ public static boolean isBlockEncrypting() { final String state = SystemProperties.get("vold.encrypt_progress", ""); return !"".equalsIgnoreCase(state); } /** {@hide} * Is this device non default block encrypted and in the process of * prompting for credentials? * @return true for prompting for credentials. * (Implies isNonDefaultBlockEncrypted() == true) * false otherwise * Note that only system services and CryptKeeper will ever see this return * true - no app will ever be launched in this state. * Also note that this state will not change without a teardown of the * framework, so no service needs to check for changes during their lifespan */ public static boolean inCryptKeeperBounce() { final String status = SystemProperties.get("vold.decrypt"); return "trigger_restart_min_framework".equals(status); } /** {@hide} */ public static boolean isEmulatedFileBasedEncryptionEnabled() { public static boolean isFileEncryptedEmulatedOnly() { return SystemProperties.getBoolean(StorageManager.PROP_EMULATE_FBE, false); } /** {@hide} * Is this device running in a file encrypted mode, either native or emulated? * @return true for file encrypted, false otherwise */ public static boolean isFileEncryptedNativeOrEmulated() { return isFileEncryptedNativeOnly() || isFileEncryptedEmulatedOnly(); } /** {@hide} */ public static File maybeTranslateEmulatedPathToInternal(File path) { final IMountService mountService = IMountService.Stub.asInterface( Loading
core/java/com/android/internal/widget/LockPatternUtils.java +2 −3 Original line number Diff line number Diff line Loading @@ -887,8 +887,7 @@ public class LockPatternUtils { * @return true if device encryption is enabled */ public static boolean isDeviceEncryptionEnabled() { final String status = SystemProperties.get("ro.crypto.state", "unsupported"); return "encrypted".equalsIgnoreCase(status); return StorageManager.isEncrypted(); } /** Loading @@ -896,7 +895,7 @@ public class LockPatternUtils { * @return true if device is file encrypted */ public static boolean isFileEncryptionEnabled() { return StorageManager.isFileBasedEncryptionEnabled(); return StorageManager.isFileEncryptedNativeOrEmulated(); } /** Loading
core/java/com/android/server/BootReceiver.java +2 −2 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ import android.os.RecoverySystem; import android.os.RemoteException; import android.os.ServiceManager; import android.os.SystemProperties; import android.os.storage.StorageManager; import android.provider.Downloads; import android.util.AtomicFile; import android.util.Slog; Loading Loading @@ -143,8 +144,7 @@ public class BootReceiver extends BroadcastReceiver { HashMap<String, Long> timestamps = readTimestamps(); if (SystemProperties.getLong("ro.runtime.firstboot", 0) == 0) { if ("encrypted".equals(SystemProperties.get("ro.crypto.state")) && "trigger_restart_min_framework".equals(SystemProperties.get("vold.decrypt"))) { if (StorageManager.inCryptKeeperBounce()) { // Encrypted, first boot to get PIN/pattern/password so data is tmpfs // Don't set ro.runtime.firstboot so that we will do this again // when data is properly mounted Loading
packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java +1 −1 Original line number Diff line number Diff line Loading @@ -684,7 +684,7 @@ public class KeyguardViewMediator extends SystemUI { doKeyguardLocked(null); mUpdateMonitor.registerCallback(mUpdateCallback); } mIsPerUserLock = StorageManager.isFileBasedEncryptionEnabled(); mIsPerUserLock = StorageManager.isFileEncryptedNativeOrEmulated(); // Most services aren't available until the system reaches the ready state, so we // send it here when the device first boots. maybeSendUserPresentBroadcast(); Loading
