summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Lawrence <paullawrence@google.com>2015-01-26 16:22:49 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>2015-01-26 16:22:49 +0000
commit7e890a4d32816d34b30fb5d1f651d966d64bbf36 (patch)
tree6df70cd1ef437a00dffeb7c497bcda90500dc45d
parent406865adcb23e3de573b61b29be205a76b2fc211 (diff)
parentbda6272446454886339841a62daaa1b66c07ad60 (diff)
downloadsystem_core-7e890a4d32816d34b30fb5d1f651d966d64bbf36.zip
system_core-7e890a4d32816d34b30fb5d1f651d966d64bbf36.tar.gz
system_core-7e890a4d32816d34b30fb5d1f651d966d64bbf36.tar.bz2
am bda62724: Make encryption configurable
* commit 'bda6272446454886339841a62daaa1b66c07ad60': Make encryption configurable
-rw-r--r--fs_mgr/fs_mgr.c4
-rw-r--r--fs_mgr/fs_mgr_fstab.c5
-rw-r--r--fs_mgr/include/fs_mgr.h1
-rw-r--r--rootdir/init.rc2
4 files changed, 8 insertions, 4 deletions
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c
index 1055b58..f5947fb 100644
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@@ -478,9 +478,7 @@ int fs_mgr_mount_all(struct fstab *fstab)
/* Deal with encryptability. */
if (!mret) {
/* If this is encryptable, need to trigger encryption */
- if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)
- || (device_is_force_encrypted()
- && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
+ if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,
diff --git a/fs_mgr/fs_mgr_fstab.c b/fs_mgr/fs_mgr_fstab.c
index ab8f128..9d536bd 100644
--- a/fs_mgr/fs_mgr_fstab.c
+++ b/fs_mgr/fs_mgr_fstab.c
@@ -428,6 +428,11 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab)
return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);
}
+int fs_mgr_is_force_encrypted(struct fstab_rec *fstab)
+{
+ return fstab->fs_mgr_flags & MF_FORCECRYPT;
+}
+
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_NOEMULATEDSD;
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 5e2ff41..5ec3b99 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -83,6 +83,7 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab);
int fs_mgr_is_nonremovable(struct fstab_rec *fstab);
int fs_mgr_is_verified(struct fstab_rec *fstab);
int fs_mgr_is_encryptable(struct fstab_rec *fstab);
+int fs_mgr_is_force_encrypted(struct fstab_rec *fstab);
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);
int fs_mgr_swapon_all(struct fstab *fstab);
#ifdef __cplusplus
diff --git a/rootdir/init.rc b/rootdir/init.rc
index b4bed91..3c0b820 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -574,7 +574,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
# encryption) or trigger_restart_min_framework (other encryption)
# One shot invocation to encrypt unencrypted volumes
-service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
+service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto
disabled
oneshot
# vold will set vold.decrypt to trigger_restart_framework (default