Add encryption support and cleaned up init.aries.rc for it

5 files changed, 69 insertions, 30 deletions

diff --git a/device_base.mk b/device_base.mk
index 65b03f0..c2498b7 100644
--- a/device_base.mk
+++ b/device_base.mk
@@ -53,7 +53,7 @@ PRODUCT_COPY_FILES += \
 	device/samsung/aries-common/init.aries.usb.rc:recovery/root/usb.rc \
 	device/samsung/aries-common/lpm.rc:root/lpm.rc \
 	device/samsung/aries-common/ueventd.aries.rc:root/ueventd.aries.rc \
-	device/samsung/aries-common/setupenv.sh:recovery/root/sbin/setupenv.sh
+	device/samsung/aries-common/setupdatadata.sh:root/sbin/setupdatadata.sh
 
 # Prebuilt kl keymaps
 PRODUCT_COPY_FILES += \
diff --git a/init.aries.rc b/init.aries.rc
index b8b7236..650a63a 100644
--- a/init.aries.rc
+++ b/init.aries.rc
@@ -14,6 +14,10 @@ on init
     symlink /mnt/sdcard /sdcard
     mkdir /datadata 0771 system system
 
+    # We will create our own ril-daemon service in class 'core' because the
+    # rild doesn't like being killed. (During device encryption.)
+    stop ril-daemon
+
 on boot
     mount debugfs /sys/kernel/debug /sys/kernel/debug
 
@@ -67,21 +71,8 @@ on fs
     chown radio radio /sys/class/sec/uart_switch/UART_SEL/value
     chmod 660 /sys/class/sec/uart_switch/UART_SEL/value
 
-# create data/gps for GPS demon
-    mkdir /data/gps 700 gps system
-    chown gps system /data/gps
-    chown gps root /sys/class/sec/gps/GPS_PWR_EN/value
-    chmod 660 /sys/class/sec/gps/GPS_PWR_EN/value
-
-    symlink /datadata /data/data
 on post-fs
-
-    # remove /sbin/sh so that "adb install" can work properly
-    exec /sbin/setupenv.sh
-
-    # We chown/chmod /data and /datadata again so because mount is run as root + defaults
-    chown system system /data
-    chmod 0771 /data
+    # We chown/chmod /datadata again so because mount is run as root + defaults
     chown system system /datadata
     chmod 0771 /datadata
 
@@ -97,6 +88,15 @@ on post-fs
     chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
 
 on post-fs-data
+    # setup datadata
+    exec /sbin/setupdatadata.sh
+
+    # create data/gps for GPS demon
+    mkdir /data/gps 700 gps system
+    chown gps system /data/gps
+    chown gps root /sys/class/sec/gps/GPS_PWR_EN/value
+    chmod 660 /sys/class/sec/gps/GPS_PWR_EN/value
+
     # wi-fi
     mkdir /data/misc/wifi/sockets 0770 wifi wifi
     mkdir /data/misc/dhcp 0770 dhcp dhcp
@@ -104,6 +104,15 @@ on post-fs-data
     # download cache
     mkdir /data/download 0770 system cache
 
+    setprop vold.post_fs_data_done 1
+
+service aries-ril-daemon /system/bin/rild
+    class core
+    socket rild stream 660 root radio
+    socket rild-debug stream 660 radio system
+    user root
+    group radio cache inet misc audio sdcard_rw log
+
 # 3D init
 service pvrsrvinit /system/vendor/bin/pvrsrvinit
     class core
@@ -112,7 +121,7 @@ service pvrsrvinit /system/vendor/bin/pvrsrvinit
     oneshot
 
 service gpsd /system/vendor/bin/gpsd -c /vendor/etc/gps.xml
-    class main
+    class late_start
     socket gps seqpacket 0660 gps system
     user gps
     group system inet
@@ -158,16 +167,11 @@ service bugreport /system/bin/dumpstate -d -v -o /sdcard/bugreports/bugreport
     keycodes 114 115 116
 
 service orientationd /system/vendor/bin/orientationd
-    class main
+    class late_start
     user compass
     group system input
 
 service geomagneticd /system/vendor/bin/geomagneticd
-    class main
+    class late_start
     user compass
     group system input
-
-service tvout /system/bin/tvoutserver
-    class main
-    user system
-    group graphics
diff --git a/recovery.fstab b/recovery.fstab
index 0de500a..ebb5433 100644
--- a/recovery.fstab
+++ b/recovery.fstab
@@ -1,4 +1,4 @@
-# mount point	fstype		device
+# mount point	fstype		device				options (length for cryptfs encryption footer)
 
 /recovery	mtd		recovery
 /boot		mtd		boot
@@ -9,6 +9,6 @@
 /datadata	yaffs2		datadata
 
 /sdcard		vfat		/dev/block/mmcblk0p1
-/data		ext4		/dev/block/mmcblk0p2
+/data		ext4		/dev/block/mmcblk0p2	length=-16384
 
 /emmc		vfat		/dev/block/mmcblk1p1
diff --git a/setupdatadata.sh b/setupdatadata.sh
new file mode 100644
index 0000000..f3c44e2
--- /dev/null
+++ b/setupdatadata.sh
@@ -0,0 +1,40 @@
+#!/system/bin/sh
+#
+# Setup /data/data based on whether the phone is encrypted or not
+# and migrate the data to the correct location on en/decryption
+# Encrypted => leave on /data/data (/datadata cannot be encrypted)
+# Unencrypted => symlink to /datadata for performance
+
+PATH=/system/bin/:/system/xbin/
+
+# There are 4 states which this script can be called from.
+# They can be detected using vold.decrypt and ro.crypto.state props
+
+CRYPTO_STATE="`getprop ro.crypto.state`"
+VOLD_DECRYPT="`getprop vold.decrypt`"
+
+if test "$CRYPTO_STATE" = "unencrypted" ; then
+    if test "$VOLD_DECRYPT" = "" ; then
+        # Normal unencrypted boot
+        rm -r /data/data
+        ln -s /datadata /data/data
+    fi
+    # else: Encrypting, do nothing
+else
+    if test "$VOLD_DECRYPT" = "trigger_post_fs_data" ; then
+        # Encrypted boot (after decryption)
+        # Migrate data from /datadata to /data/data
+        if test -h /data/data ; then
+            rm /data/data
+            mkdir /data/data
+            chown system.system /data/data
+            chmod 0771 /data/data
+            cp -a /datadata/* /data/data/
+            rm -r /data/data/lost+found
+            busybox umount /datadata
+            erase_image datadata
+            busybox mount /datadata
+        fi
+    fi
+    # else: Encrypted boot (before decryption), do nothing
+fi
diff --git a/setupenv.sh b/setupenv.sh
deleted file mode 100755
index 797b4a9..0000000
--- a/setupenv.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/system/bin/sh
-
-rm -rf /sbin/sh
-
-exit
\ No newline at end of file