Merge changes from topic "remove-fde"

#include "blockdev.h"

#include "fs_mgr_priv.h"

#define KEY_LOC_PROP   "ro.crypto.keyfile.userdata"

#define KEY_IN_FOOTER  "footer"

#define E2FSCK_BIN      "/system/bin/e2fsck"

#define F2FS_FSCK_BIN   "/system/bin/fsck.f2fs"

#define MKSWAP_BIN      "/system/bin/mkswap"

                   << "(): skipping mount due to invalid magic, mountpoint=" << fstab[i].mount_point

                   << " blk_dev=" << realpath(fstab[i].blk_device) << " rec[" << i

                   << "].fs_type=" << fstab[i].fs_type;

            mount_errno = EINVAL;  // continue bootup for FDE

            mount_errno = EINVAL;  // continue bootup for metadata encryption

            continue;

        }

    return false;

}

static bool needs_block_encryption(const FstabEntry& entry) {

    if (android::base::GetBoolProperty("ro.vold.forceencryption", false) && entry.is_encryptable())

        return true;

    if (entry.fs_mgr_flags.force_crypt) return true;

    if (entry.fs_mgr_flags.crypt) {

        // Check for existence of convert_fde breadcrumb file.

        auto convert_fde_name = entry.mount_point + "/misc/vold/convert_fde";

        if (access(convert_fde_name.c_str(), F_OK) == 0) return true;

    }

    if (entry.fs_mgr_flags.force_fde_or_fbe) {

        // Check for absence of convert_fbe breadcrumb file.

        auto convert_fbe_name = entry.mount_point + "/convert_fbe";

        if (access(convert_fbe_name.c_str(), F_OK) != 0) return true;

    }

    return false;

}

static bool should_use_metadata_encryption(const FstabEntry& entry) {

    return !entry.metadata_key_dir.empty() &&

           (entry.fs_mgr_flags.file_encryption || entry.fs_mgr_flags.force_fde_or_fbe);

    return !entry.metadata_key_dir.empty() && entry.fs_mgr_flags.file_encryption;

}

// Check to see if a mountable volume has encryption requirements

static int handle_encryptable(const FstabEntry& entry) {

    // If this is block encryptable, need to trigger encryption.

    if (needs_block_encryption(entry)) {

        if (umount(entry.mount_point.c_str()) == 0) {

            return FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;

        } else {

            PWARNING << "Could not umount " << entry.mount_point << " - allow continue unencrypted";

            return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;

        }

    } else if (should_use_metadata_encryption(entry)) {

    if (should_use_metadata_encryption(entry)) {

        if (umount(entry.mount_point.c_str()) == 0) {

            return FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION;

        } else {

            PERROR << "Could not umount " << entry.mount_point << " - fail since can't encrypt";

            return FS_MGR_MNTALL_FAIL;

        }

    } else if (entry.fs_mgr_flags.file_encryption || entry.fs_mgr_flags.force_fde_or_fbe) {

    } else if (entry.fs_mgr_flags.file_encryption) {

        LINFO << entry.mount_point << " is file encrypted";

        return FS_MGR_MNTALL_DEV_FILE_ENCRYPTED;

    } else if (entry.is_encryptable()) {

        return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;

    } else {

        return FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE;

    }

static void set_type_property(int status) {

    switch (status) {

        case FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED:

            SetProperty("ro.crypto.type", "block");

            break;

        case FS_MGR_MNTALL_DEV_FILE_ENCRYPTED:

        case FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED:

        case FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION:

        // Mounting failed, understand why and retry.

        wiped = partition_wiped(current_entry.blk_device.c_str());

        bool crypt_footer = false;

        if (mount_errno != EBUSY && mount_errno != EACCES &&

            current_entry.fs_mgr_flags.formattable && wiped) {

            // current_entry and attempted_entry point at the same partition, but sometimes

            checkpoint_manager.Revert(&current_entry);

            if (current_entry.is_encryptable() && current_entry.key_loc != KEY_IN_FOOTER) {

                unique_fd fd(TEMP_FAILURE_RETRY(

                        open(current_entry.key_loc.c_str(), O_WRONLY | O_CLOEXEC)));

                if (fd >= 0) {

                    LINFO << __FUNCTION__ << "(): also wipe " << current_entry.key_loc;

                    wipe_block_device(fd, get_file_size(fd));

                } else {

                    PERROR << __FUNCTION__ << "(): " << current_entry.key_loc << " wouldn't open";

                }

            } else if (current_entry.is_encryptable() && current_entry.key_loc == KEY_IN_FOOTER) {

                crypt_footer = true;

            }

            // EncryptInplace will be used when vdc gives an error or needs to format partitions

            // other than /data

            if (should_use_metadata_encryption(current_entry) &&

                }

            }

            if (fs_mgr_do_format(current_entry, crypt_footer) == 0) {

            if (fs_mgr_do_format(current_entry) == 0) {

                // Let's replay the mount actions.

                i = top_idx - 1;

                continue;

        }

        // mount(2) returned an error, handle the encryptable/formattable case.

        if (mount_errno != EBUSY && mount_errno != EACCES && attempted_entry.is_encryptable()) {

            if (wiped) {

                LERROR << __FUNCTION__ << "(): " << attempted_entry.blk_device << " is wiped and "

                       << attempted_entry.mount_point << " " << attempted_entry.fs_type

                       << " is encryptable. Suggest recovery...";

                encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;

                continue;

            } else {

                // Need to mount a tmpfs at this mountpoint for now, and set

                // properties that vold will query later for decrypting

                LERROR << __FUNCTION__ << "(): possibly an encryptable blkdev "

                       << attempted_entry.blk_device << " for mount " << attempted_entry.mount_point

                       << " type " << attempted_entry.fs_type;

                if (fs_mgr_do_tmpfs_mount(attempted_entry.mount_point.c_str()) < 0) {

                    ++error_count;

                    continue;

                }

            }

            encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;

        } else if (mount_errno != EBUSY && mount_errno != EACCES &&

        if (mount_errno != EBUSY && mount_errno != EACCES &&

            should_use_metadata_encryption(attempted_entry)) {

            if (!call_vdc({"cryptfs", "mountFstab", attempted_entry.blk_device,

                           attempted_entry.mount_point},

#include <selinux/selinux.h>

#include "fs_mgr_priv.h"

#include "cryptfs.h"

using android::base::unique_fd;

}

static int format_ext4(const std::string& fs_blkdev, const std::string& fs_mnt_point,

                       bool crypt_footer, bool needs_projid, bool needs_metadata_csum) {

                       bool needs_projid, bool needs_metadata_csum) {

    uint64_t dev_sz;

    int rc = 0;

    }

    /* Format the partition using the calculated length */

    if (crypt_footer) {

        dev_sz -= CRYPT_FOOTER_OFFSET;

    }

    std::string size_str = std::to_string(dev_sz / 4096);

    return rc;

}

static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool crypt_footer,

                       bool needs_projid, bool needs_casefold, bool fs_compress) {

static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool needs_projid,

                       bool needs_casefold, bool fs_compress) {

    if (!dev_sz) {

        int rc = get_dev_sz(fs_blkdev, &dev_sz);

        if (rc) {

    }

    /* Format the partition using the calculated length */

    if (crypt_footer) {

        dev_sz -= CRYPT_FOOTER_OFFSET;

    }

    std::string size_str = std::to_string(dev_sz / 4096);

    return logwrap_fork_execvp(args.size(), args.data(), nullptr, false, LOG_KLOG, false, nullptr);

}

int fs_mgr_do_format(const FstabEntry& entry, bool crypt_footer) {

int fs_mgr_do_format(const FstabEntry& entry) {

    LERROR << __FUNCTION__ << ": Format " << entry.blk_device << " as '" << entry.fs_type << "'";

    bool needs_casefold = false;

    }

    if (entry.fs_type == "f2fs") {

        return format_f2fs(entry.blk_device, entry.length, crypt_footer, needs_projid,

                           needs_casefold, entry.fs_mgr_flags.fs_compress);

        return format_f2fs(entry.blk_device, entry.length, needs_projid, needs_casefold,

                           entry.fs_mgr_flags.fs_compress);

    } else if (entry.fs_type == "ext4") {

        return format_ext4(entry.blk_device, entry.mount_point, crypt_footer, needs_projid,

        return format_ext4(entry.blk_device, entry.mount_point, needs_projid,

                           entry.fs_mgr_flags.ext_meta_csum);

    } else {

        LERROR << "File system type '" << entry.fs_type << "' is not supported";

    entry->fs_options = std::move(fs_options);

}

void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {

bool ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {

    for (const auto& flag : Split(flags, ",")) {

        if (flag.empty() || flag == "defaults") continue;

        std::string arg;

#undef CheckFlag

        // Then handle flags that take an argument.

        if (StartsWith(flag, "encryptable=")) {

            // The encryptable flag is followed by an = and the  location of the keys.

        if (flag == "encryptable=userdata") {

            // The "encryptable" flag identifies adoptable storage volumes.  The

            // argument to this flag must be "userdata".

            //

            // Historical note: this flag was originally meant just for /data,

            // to indicate that FDE (full disk encryption) can be enabled.

            // Unfortunately, it was also overloaded to identify adoptable

            // storage volumes.  Today, FDE is no longer supported, leaving only

            // the adoptable storage volume meaning for this flag.

            entry->fs_mgr_flags.crypt = true;

            entry->key_loc = arg;

        } else if (StartsWith(flag, "encryptable=") || StartsWith(flag, "forceencrypt=") ||

                   StartsWith(flag, "forcefdeorfbe=")) {

            LERROR << "flag no longer supported: " << flag;

            return false;

        } else if (StartsWith(flag, "voldmanaged=")) {

            // The voldmanaged flag is followed by an = and the label, a colon and the partition

            // number or the word "auto", e.g. voldmanaged=sdcard:3

                    LWARNING << "Warning: zramsize= flag malformed: " << arg;

                }

            }

        } else if (StartsWith(flag, "forceencrypt=")) {

            // The forceencrypt flag is followed by an = and the location of the keys.

            entry->fs_mgr_flags.force_crypt = true;

            entry->key_loc = arg;

        } else if (StartsWith(flag, "fileencryption=")) {

            ParseFileEncryption(arg, entry);

        } else if (StartsWith(flag, "forcefdeorfbe=")) {

            // The forcefdeorfbe flag is followed by an = and the location of the keys.  Get it and

            // return it.

            entry->fs_mgr_flags.force_fde_or_fbe = true;

            entry->key_loc = arg;

            entry->encryption_options = "aes-256-xts:aes-256-cts";

        } else if (StartsWith(flag, "max_comp_streams=")) {

            if (!ParseInt(arg, &entry->max_comp_streams)) {

                LWARNING << "Warning: max_comp_streams= flag malformed: " << arg;

            LWARNING << "Warning: unknown flag: " << flag;

        }

    }

    if (entry->fs_mgr_flags.crypt && !entry->fs_mgr_flags.vold_managed) {

        LERROR << "FDE is no longer supported; 'encryptable' can only be used for adoptable "

                  "storage";

        return false;

    }

    return true;

}

std::string InitAndroidDtDir() {

            goto err;

        }

        ParseFsMgrFlags(p, &entry);

        if (!ParseFsMgrFlags(p, &entry)) {

            LERROR << "Error parsing fs_mgr_flags";

            goto err;

        }

        if (entry.fs_mgr_flags.logical) {

            entry.logical_partition_name = entry.blk_device;

    int result = fs_mgr_do_mount_one(*rec, mount_point);

    if (result == -1 && rec->fs_mgr_flags.formattable) {

        PERROR << "Failed to mount " << mount_point << "; formatting";

        bool crypt_footer = rec->is_encryptable() && rec->key_loc == "footer";

        if (fs_mgr_do_format(*rec, crypt_footer) != 0) {

        if (fs_mgr_do_format(*rec) != 0) {

            PERROR << "Failed to format " << mount_point;

            return false;

        }

#define FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION 6

#define FS_MGR_MNTALL_DEV_FILE_ENCRYPTED 5

#define FS_MGR_MNTALL_DEV_NEEDS_RECOVERY 4

#define FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION 3

#define FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED 2

#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTED 1

#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE 0

#define FS_MGR_MNTALL_FAIL (-1)

// device is in "check_at_most_once" mode.

bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry);

int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry, bool reserve_footer);

int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry);

#define FS_MGR_SETUP_VERITY_SKIPPED  (-3)

#define FS_MGR_SETUP_VERITY_DISABLED (-2)