Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 317b4024 authored by Paul Lawrence's avatar Paul Lawrence
Browse files

Revert "Make encryption configurable" 

This reverts commit bda62724.

The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.

Requires change
    https://googleplex-android-review.git.corp.google.com/#/c/629764/

Bug: 19278390
Bug: 19199624

Change-Id: I8b6ab585666f2b0f585ffb2a5f61ac2e3462e06e
parent bda62724

fs_mgr/fs_mgr.c

+3 −1
Original line number Diff line number Diff line
@@ -387,7 +387,9 @@ int fs_mgr_mount_all(struct fstab *fstab) 
        /* Deal with encryptability. */

        if (!mret) {

            /* If this is encryptable, need to trigger encryption */

          if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {

            if (   (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)

                || (device_is_force_encrypted()

                    && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {

                if (umount(fstab->recs[attempted_idx].mount_point) == 0) {

                    if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {

                        ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,

fs_mgr/fs_mgr_fstab.c

+0 −5
Original line number Diff line number Diff line
@@ -428,11 +428,6 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab) 
    return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);

}



int fs_mgr_is_force_encrypted(struct fstab_rec *fstab)

{

    return fstab->fs_mgr_flags & MF_FORCECRYPT;

}



int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)

{

    return fstab->fs_mgr_flags & MF_NOEMULATEDSD;

fs_mgr/include/fs_mgr.h

+0 −1
Original line number Diff line number Diff line
@@ -83,7 +83,6 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab); 
int fs_mgr_is_nonremovable(struct fstab_rec *fstab);

int fs_mgr_is_verified(struct fstab_rec *fstab);

int fs_mgr_is_encryptable(struct fstab_rec *fstab);

int fs_mgr_is_force_encrypted(struct fstab_rec *fstab);

int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);

int fs_mgr_swapon_all(struct fstab *fstab);

#ifdef __cplusplus

rootdir/init.rc

+1 −1
Original line number Diff line number Diff line
@@ -572,7 +572,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted 
    # encryption) or trigger_restart_min_framework (other encryption)



# One shot invocation to encrypt unencrypted volumes

service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto

service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default

    disabled

    oneshot

    # vold will set vold.decrypt to trigger_restart_framework (default