fs_mgr_fstab: support specifying encryption policy version in fstab

};

void ParseFileEncryption(const std::string& arg, FstabEntry* entry) {

    // The fileencryption flag is followed by an = and the mode of contents encryption, then

    // optionally a and the mode of filenames encryption (defaults to aes-256-cts).  Get it and

    // return it.

    // The fileencryption flag is followed by an = and 1 to 3 colon-separated fields:

    //

    // 1. Contents encryption mode

    // 2. Filenames encryption mode (defaults to "aes-256-cts" or "adiantum"

    //    depending on the contents encryption mode)

    // 3. Encryption policy version (defaults to "v1". Use "v2" on new devices.)

    entry->fs_mgr_flags.file_encryption = true;

    auto parts = Split(arg, ":");

    if (parts.empty() || parts.size() > 2) {

    if (parts.empty() || parts.size() > 3) {

        LWARNING << "Warning: fileencryption= flag malformed: " << arg;

        return;

    }

    entry->file_contents_mode = parts[0];

    if (parts.size() == 2) {

    if (parts.size() >= 2) {

        if (std::find(kFileNamesEncryptionMode.begin(), kFileNamesEncryptionMode.end(), parts[1]) ==

            kFileNamesEncryptionMode.end()) {

            LWARNING << "fileencryption= flag malformed, file names encryption mode not found: "

    } else {

        entry->file_names_mode = "aes-256-cts";

    }

    if (parts.size() >= 3) {

        if (!android::base::StartsWith(parts[2], 'v') ||

            !android::base::ParseInt(&parts[2][1], &entry->file_policy_version)) {

            LWARNING << "fileencryption= flag malformed, unknown options: " << arg;

            return;

        }

    } else {

        entry->file_policy_version = 1;

    }

}

bool SetMountFlag(const std::string& flag, FstabEntry* entry) {

            entry->key_loc = arg;

            entry->file_contents_mode = "aes-256-xts";

            entry->file_names_mode = "aes-256-cts";

            entry->file_policy_version = 1;

        } else if (StartsWith(flag, "max_comp_streams=")) {

            if (!ParseInt(arg, &entry->max_comp_streams)) {

                LWARNING << "Warning: max_comp_streams= flag malformed: " << arg;

    off64_t reserved_size = 0;

    std::string file_contents_mode;

    std::string file_names_mode;

    int file_policy_version = 0;

    off64_t erase_blk_size = 0;

    off64_t logical_blk_size = 0;

    std::string sysfs_path;

    }

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    EXPECT_EQ("", entry->key_loc);

}

    EXPECT_EQ("/dir/key", entry->key_loc);

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

}

TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_FileEncryption) {

source none7       swap   defaults      fileencryption=ice:aes-256-cts

source none8       swap   defaults      fileencryption=ice:aes-256-heh

source none9       swap   defaults      fileencryption=ice:adiantum

source none10      swap   defaults      fileencryption=ice:adiantum:

source none10      swap   defaults      fileencryption=aes-256-xts:aes-256-cts:v1

source none11      swap   defaults      fileencryption=aes-256-xts:aes-256-cts:v2

source none12      swap   defaults      fileencryption=aes-256-xts:aes-256-cts:v2:

source none13      swap   defaults      fileencryption=aes-256-xts:aes-256-cts:blah

source none14      swap   defaults      fileencryption=aes-256-xts:aes-256-cts:vblah

)fs";

    ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));

    Fstab fstab;

    EXPECT_TRUE(ReadFstabFromFile(tf.path, &fstab));

    ASSERT_EQ(11U, fstab.size());

    ASSERT_EQ(15U, fstab.size());

    FstabEntry::FsMgrFlags flags = {};

    flags.file_encryption = true;

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("", entry->file_contents_mode);

    EXPECT_EQ("", entry->file_names_mode);

    EXPECT_EQ(0, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none1", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none2", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none3", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("adiantum", entry->file_contents_mode);

    EXPECT_EQ("adiantum", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none4", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("adiantum", entry->file_contents_mode);

    EXPECT_EQ("aes-256-heh", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none5", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("ice", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none6", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("ice", entry->file_contents_mode);

    EXPECT_EQ("", entry->file_names_mode);

    EXPECT_EQ(0, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none7", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("ice", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none8", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("ice", entry->file_contents_mode);

    EXPECT_EQ("aes-256-heh", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none9", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("ice", entry->file_contents_mode);

    EXPECT_EQ("adiantum", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none10", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(1, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none11", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(2, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none12", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("", entry->file_contents_mode);

    EXPECT_EQ("", entry->file_names_mode);

    EXPECT_EQ(0, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none13", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(0, entry->file_policy_version);

    entry++;

    EXPECT_EQ("none14", entry->mount_point);

    EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

    EXPECT_EQ("aes-256-xts", entry->file_contents_mode);

    EXPECT_EQ("aes-256-cts", entry->file_names_mode);

    EXPECT_EQ(0, entry->file_policy_version);

}

TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_MaxCompStreams) {