diff options
-rw-r--r-- | fs_mgr/fs_mgr.c | 4 | ||||
-rw-r--r-- | fs_mgr/fs_mgr_fstab.c | 5 | ||||
-rw-r--r-- | fs_mgr/include/fs_mgr.h | 1 | ||||
-rw-r--r-- | rootdir/init.rc | 2 |
4 files changed, 4 insertions, 8 deletions
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c index 3eb2872..ad02922 100644 --- a/fs_mgr/fs_mgr.c +++ b/fs_mgr/fs_mgr.c @@ -387,7 +387,9 @@ int fs_mgr_mount_all(struct fstab *fstab) /* Deal with encryptability. */ if (!mret) { /* If this is encryptable, need to trigger encryption */ - if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) { + if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT) + || (device_is_force_encrypted() + && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) { if (umount(fstab->recs[attempted_idx].mount_point) == 0) { if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) { ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point, diff --git a/fs_mgr/fs_mgr_fstab.c b/fs_mgr/fs_mgr_fstab.c index 9d536bd..ab8f128 100644 --- a/fs_mgr/fs_mgr_fstab.c +++ b/fs_mgr/fs_mgr_fstab.c @@ -428,11 +428,6 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab) return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT); } -int fs_mgr_is_force_encrypted(struct fstab_rec *fstab) -{ - return fstab->fs_mgr_flags & MF_FORCECRYPT; -} - int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab) { return fstab->fs_mgr_flags & MF_NOEMULATEDSD; diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h index 5ec3b99..5e2ff41 100644 --- a/fs_mgr/include/fs_mgr.h +++ b/fs_mgr/include/fs_mgr.h @@ -83,7 +83,6 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab); int fs_mgr_is_nonremovable(struct fstab_rec *fstab); int fs_mgr_is_verified(struct fstab_rec *fstab); int fs_mgr_is_encryptable(struct fstab_rec *fstab); -int fs_mgr_is_force_encrypted(struct fstab_rec *fstab); int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab); int fs_mgr_swapon_all(struct fstab *fstab); #ifdef __cplusplus diff --git a/rootdir/init.rc b/rootdir/init.rc index e90acee..cbcb842 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -572,7 +572,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted # encryption) or trigger_restart_min_framework (other encryption) # One shot invocation to encrypt unencrypted volumes -service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto +service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default disabled oneshot # vold will set vold.decrypt to trigger_restart_framework (default |