Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8d633834 authored by Paul Lawrence's avatar Paul Lawrence
Browse files

Encrypt on reboot 

Change encryption to happen after a reboot, not before. This
removes the problem whereby if data cannot be unmounted, we cannot
encrypt.

Bug: 25426629

Change-Id: Icb2ec6cf330b5cc45b7e944c858a314f983fcaa4
parent e68e3f45

fs_mgr/fs_mgr.c

+7 −0
Original line number Diff line number Diff line
@@ -448,8 +448,15 @@ static int handle_encryptable(struct fstab *fstab, const struct fstab_rec* rec) 
             "%s/convert_fbe", rec->mount_point);

    bool convert_fbe = (access(convert_fbe_name, F_OK) == 0);



    /* Check for existence of convert_fbe breadcrumb file */

    char convert_fde_name[PATH_MAX];

    snprintf(convert_fde_name, sizeof(convert_fbe_name),

             "%s/misc/vold/convert_fde", rec->mount_point);

    bool convert_fde = (access(convert_fde_name, F_OK) == 0);



    /* If this is block encryptable, need to trigger encryption */

    if (   (rec->fs_mgr_flags & MF_FORCECRYPT)

        || ((rec->fs_mgr_flags & MF_CRYPT) && convert_fde)

        || ((rec->fs_mgr_flags & MF_FORCEFDEORFBE) && !convert_fbe)

        || (device_is_force_encrypted() && fs_mgr_is_encryptable(rec))) {

        if (umount(rec->mount_point) == 0) {