Merge "Add wrapped key support for metadata encryption" am: 5ed0698b41 am: ca03b68e12 (1427fe5c) · Commits · e / os / android_system_core

fs_mgr/fs_mgr_fstab.cpp

+3 −3

Original line number	Diff line number	Diff line
		@@ -277,9 +277,9 @@ void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
		} else if (StartsWith(flag, "keydirectory=")) {
		// The metadata flag is followed by an = and the directory for the keys.
		entry->metadata_key_dir = arg;
		} else if (StartsWith(flag, "metadata_cipher=")) {
		// Specify the cipher to use for metadata encryption
		entry->metadata_cipher = arg;
		} else if (StartsWith(flag, "metadata_encryption=")) {
		// Specify the cipher and flags to use for metadata encryption
		entry->metadata_encryption = arg;
		} else if (StartsWith(flag, "sysfs_path=")) {
		// The path to trigger device gc by idle-maint of vold.
		entry->sysfs_path = arg;

+1 −1

Original line number	Diff line number	Diff line
		@@ -38,7 +38,7 @@ struct FstabEntry {
		std::string fs_options;
		std::string key_loc;
		std::string metadata_key_dir;
		std::string metadata_cipher;
		std::string metadata_encryption;
		off64_t length = 0;
		std::string label;
		int partnum = -1;

+1 −0

Original line number	Diff line number	Diff line
		@@ -280,6 +280,7 @@ std::string DmTargetDefaultKey::GetParameterString() const {
		extra_argv.emplace_back("allow_discards");
		extra_argv.emplace_back("sector_size:4096");
		extra_argv.emplace_back("iv_large_sectors");
		if (is_hw_wrapped_) extra_argv.emplace_back("wrappedkey_v0");
		}
		if (!extra_argv.empty()) {
		argv.emplace_back(std::to_string(extra_argv.size()));

+7 −2

Original line number	Diff line number	Diff line
		@@ -526,13 +526,18 @@ TEST(libdm, DefaultKeyArgs) {
		bool is_legacy;
		ASSERT_TRUE(DmTargetDefaultKey::IsLegacy(&is_legacy));
		// set_dun only in the non-is_legacy case
		DmTargetDefaultKey target(0, 4096, "AES-256-XTS", "abcdef0123456789", "/dev/loop0", 0,
		is_legacy, !is_legacy);
		DmTargetDefaultKey target(0, 4096, "AES-256-XTS", "abcdef0123456789", "/dev/loop0", 0);
		if (is_legacy) {
		target.SetIsLegacy();
		} else {
		target.SetSetDun();
		}
		ASSERT_EQ(target.name(), "default-key");
		ASSERT_TRUE(target.Valid());
		if (is_legacy) {
		ASSERT_EQ(target.GetParameterString(), "AES-256-XTS abcdef0123456789 /dev/loop0 0");
		} else {
		// TODO: Add case for wrapped key enabled
		ASSERT_EQ(target.GetParameterString(),
		"AES-256-XTS abcdef0123456789 0 /dev/loop0 0 3 allow_discards sector_size:4096 "
		"iv_large_sectors");

+8 −7

Original line number	Diff line number	Diff line
		@@ -280,20 +280,20 @@ class DmTargetCrypt final : public DmTarget {
		class DmTargetDefaultKey final : public DmTarget {
		public:
		DmTargetDefaultKey(uint64_t start, uint64_t length, const std::string& cipher,
		const std::string& key, const std::string& blockdev, uint64_t start_sector,
		bool is_legacy, bool set_dun)
		const std::string& key, const std::string& blockdev, uint64_t start_sector)
		: DmTarget(start, length),
		cipher_(cipher),
		key_(key),
		blockdev_(blockdev),
		start_sector_(start_sector),
		is_legacy_(is_legacy),
		set_dun_(set_dun) {}
		start_sector_(start_sector) {}

		std::string name() const override { return name_; }
		bool Valid() const override;
		std::string GetParameterString() const override;
		static bool IsLegacy(bool* result);
		void SetIsLegacy() { is_legacy_ = true; }
		void SetSetDun() { set_dun_ = true; }
		void SetWrappedKeyV0() { is_hw_wrapped_ = true; }

		private:
		static const std::string name_;
		@@ -301,8 +301,9 @@ class DmTargetDefaultKey final : public DmTarget {
		std::string key_;
		std::string blockdev_;
		uint64_t start_sector_;
		bool is_legacy_;
		bool set_dun_;
		bool is_legacy_ = false;
		bool set_dun_ = false;
		bool is_hw_wrapped_ = false;
		};

		} // namespace dm