Loading fs_mgr/fs_mgr.c +1 −11 Original line number Diff line number Diff line Loading @@ -31,7 +31,7 @@ #include <dirent.h> #include <ext4.h> #include <ext4_sb.h> #include <ext4_crypt.h> #include <ext4_crypt_init_extensions.h> #include <linux/loop.h> #include <private/android_filesystem_config.h> Loading Loading @@ -483,16 +483,6 @@ static int handle_encryptable(struct fstab *fstab, const struct fstab_rec* rec) return FS_MGR_MNTALL_FAIL; } // Link it to the normal place so ext4_crypt functions work normally strlcat(tmp_mnt, "/unencrypted", sizeof(tmp_mnt)); char link_path[PATH_MAX]; strlcpy(link_path, rec->mount_point, sizeof(link_path)); strlcat(link_path, "/unencrypted", sizeof(link_path)); if (symlink(tmp_mnt, link_path)) { ERROR("Error creating symlink to unencrypted directory\n"); return FS_MGR_MNTALL_FAIL; } return FS_MGR_MNTALL_DEV_NON_DEFAULT_FILE_ENCRYPTED; } Loading init/builtins.cpp +15 −30 Original line number Diff line number Diff line Loading @@ -29,7 +29,7 @@ #include <sys/wait.h> #include <unistd.h> #include <linux/loop.h> #include <ext4_crypt.h> #include <ext4_crypt_init_extensions.h> #include <selinux/selinux.h> #include <selinux/label.h> Loading Loading @@ -385,18 +385,6 @@ static int wipe_data_via_recovery() while (1) { pause(); } // never reached } /* * Callback to make a directory from the ext4 code */ static int do_mount_alls_make_dir(const char* dir) { if (make_dir(dir, 0700) && errno != EEXIST) { return -1; } return 0; } /* * This function might request a reboot, in which case it will * not return. Loading Loading @@ -465,22 +453,6 @@ int do_mount_all(int nargs, char **args) ret = wipe_data_via_recovery(); /* If reboot worked, there is no return. */ } else if (ret == FS_MGR_MNTALL_DEV_DEFAULT_FILE_ENCRYPTED) { // We have to create the key files here. Only init can call make_dir, // and we can't do it from fs_mgr as then fs_mgr would depend on // make_dir creating a circular dependency. fstab = fs_mgr_read_fstab(args[1]); for (int i = 0; i < fstab->num_entries; ++i) { if (fs_mgr_is_file_encrypted(&fstab->recs[i])) { if (e4crypt_create_device_key(fstab->recs[i].mount_point, do_mount_alls_make_dir)) { ERROR("Could not create device key on %s" " - continue unencrypted\n", fstab->recs[i].mount_point); } } } fs_mgr_free_fstab(fstab); if (e4crypt_install_keyring()) { return -1; } Loading Loading @@ -840,10 +812,23 @@ int do_wait(int nargs, char **args) return -1; } /* * Callback to make a directory from the ext4 code */ static int do_installkeys_ensure_dir_exists(const char* dir) { if (make_dir(dir, 0700) && errno != EEXIST) { return -1; } return 0; } int do_installkey(int nargs, char **args) { if (nargs == 2) { return e4crypt_install_key(args[1]); return e4crypt_create_device_key(args[1], do_installkeys_ensure_dir_exists); } return -1; Loading rootdir/init.rc +5 −3 Original line number Diff line number Diff line Loading @@ -220,14 +220,17 @@ on post-fs mkdir /cache/lost+found 0770 root root on post-fs-data installkey /data # We chown/chmod /data again so because mount is run as root + defaults chown system system /data chmod 0771 /data # We restorecon /data in case the userdata partition has been reset. restorecon /data # Make sure we have the device encryption key start logd start vold installkey /data # Start bootcharting as soon as possible after the data partition is # mounted to collect more data. mkdir /data/bootchart 0755 shell shell Loading Loading @@ -449,7 +452,6 @@ on property:vold.decrypt=trigger_restart_min_framework class_start main on property:vold.decrypt=trigger_restart_framework installkey /data class_start main class_start late_start Loading Loading
fs_mgr/fs_mgr.c +1 −11 Original line number Diff line number Diff line Loading @@ -31,7 +31,7 @@ #include <dirent.h> #include <ext4.h> #include <ext4_sb.h> #include <ext4_crypt.h> #include <ext4_crypt_init_extensions.h> #include <linux/loop.h> #include <private/android_filesystem_config.h> Loading Loading @@ -483,16 +483,6 @@ static int handle_encryptable(struct fstab *fstab, const struct fstab_rec* rec) return FS_MGR_MNTALL_FAIL; } // Link it to the normal place so ext4_crypt functions work normally strlcat(tmp_mnt, "/unencrypted", sizeof(tmp_mnt)); char link_path[PATH_MAX]; strlcpy(link_path, rec->mount_point, sizeof(link_path)); strlcat(link_path, "/unencrypted", sizeof(link_path)); if (symlink(tmp_mnt, link_path)) { ERROR("Error creating symlink to unencrypted directory\n"); return FS_MGR_MNTALL_FAIL; } return FS_MGR_MNTALL_DEV_NON_DEFAULT_FILE_ENCRYPTED; } Loading
init/builtins.cpp +15 −30 Original line number Diff line number Diff line Loading @@ -29,7 +29,7 @@ #include <sys/wait.h> #include <unistd.h> #include <linux/loop.h> #include <ext4_crypt.h> #include <ext4_crypt_init_extensions.h> #include <selinux/selinux.h> #include <selinux/label.h> Loading Loading @@ -385,18 +385,6 @@ static int wipe_data_via_recovery() while (1) { pause(); } // never reached } /* * Callback to make a directory from the ext4 code */ static int do_mount_alls_make_dir(const char* dir) { if (make_dir(dir, 0700) && errno != EEXIST) { return -1; } return 0; } /* * This function might request a reboot, in which case it will * not return. Loading Loading @@ -465,22 +453,6 @@ int do_mount_all(int nargs, char **args) ret = wipe_data_via_recovery(); /* If reboot worked, there is no return. */ } else if (ret == FS_MGR_MNTALL_DEV_DEFAULT_FILE_ENCRYPTED) { // We have to create the key files here. Only init can call make_dir, // and we can't do it from fs_mgr as then fs_mgr would depend on // make_dir creating a circular dependency. fstab = fs_mgr_read_fstab(args[1]); for (int i = 0; i < fstab->num_entries; ++i) { if (fs_mgr_is_file_encrypted(&fstab->recs[i])) { if (e4crypt_create_device_key(fstab->recs[i].mount_point, do_mount_alls_make_dir)) { ERROR("Could not create device key on %s" " - continue unencrypted\n", fstab->recs[i].mount_point); } } } fs_mgr_free_fstab(fstab); if (e4crypt_install_keyring()) { return -1; } Loading Loading @@ -840,10 +812,23 @@ int do_wait(int nargs, char **args) return -1; } /* * Callback to make a directory from the ext4 code */ static int do_installkeys_ensure_dir_exists(const char* dir) { if (make_dir(dir, 0700) && errno != EEXIST) { return -1; } return 0; } int do_installkey(int nargs, char **args) { if (nargs == 2) { return e4crypt_install_key(args[1]); return e4crypt_create_device_key(args[1], do_installkeys_ensure_dir_exists); } return -1; Loading
rootdir/init.rc +5 −3 Original line number Diff line number Diff line Loading @@ -220,14 +220,17 @@ on post-fs mkdir /cache/lost+found 0770 root root on post-fs-data installkey /data # We chown/chmod /data again so because mount is run as root + defaults chown system system /data chmod 0771 /data # We restorecon /data in case the userdata partition has been reset. restorecon /data # Make sure we have the device encryption key start logd start vold installkey /data # Start bootcharting as soon as possible after the data partition is # mounted to collect more data. mkdir /data/bootchart 0755 shell shell Loading Loading @@ -449,7 +452,6 @@ on property:vold.decrypt=trigger_restart_min_framework class_start main on property:vold.decrypt=trigger_restart_framework installkey /data class_start main class_start late_start Loading
