summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs_mgr/fs_mgr.c4
-rw-r--r--fs_mgr/fs_mgr_fstab.c5
-rw-r--r--fs_mgr/include/fs_mgr.h1
-rw-r--r--rootdir/init.rc2
4 files changed, 4 insertions, 8 deletions
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c
index 8d788c3..8b2d439 100644
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@@ -488,7 +488,9 @@ int fs_mgr_mount_all(struct fstab *fstab)
/* Deal with encryptability. */
if (!mret) {
/* If this is encryptable, need to trigger encryption */
- if (fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
+ if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)
+ || (device_is_force_encrypted()
+ && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) {
if (umount(fstab->recs[attempted_idx].mount_point) == 0) {
if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) {
ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point,
diff --git a/fs_mgr/fs_mgr_fstab.c b/fs_mgr/fs_mgr_fstab.c
index 9d536bd..ab8f128 100644
--- a/fs_mgr/fs_mgr_fstab.c
+++ b/fs_mgr/fs_mgr_fstab.c
@@ -428,11 +428,6 @@ int fs_mgr_is_encryptable(struct fstab_rec *fstab)
return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT);
}
-int fs_mgr_is_force_encrypted(struct fstab_rec *fstab)
-{
- return fstab->fs_mgr_flags & MF_FORCECRYPT;
-}
-
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_NOEMULATEDSD;
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 5ec3b99..5e2ff41 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -83,7 +83,6 @@ int fs_mgr_is_voldmanaged(struct fstab_rec *fstab);
int fs_mgr_is_nonremovable(struct fstab_rec *fstab);
int fs_mgr_is_verified(struct fstab_rec *fstab);
int fs_mgr_is_encryptable(struct fstab_rec *fstab);
-int fs_mgr_is_force_encrypted(struct fstab_rec *fstab);
int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab);
int fs_mgr_swapon_all(struct fstab *fstab);
#ifdef __cplusplus
diff --git a/rootdir/init.rc b/rootdir/init.rc
index dd665f9..26cc121 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -578,7 +578,7 @@ service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
# encryption) or trigger_restart_min_framework (other encryption)
# One shot invocation to encrypt unencrypted volumes
-service encrypt /system/bin/vdc --wait cryptfs maybeenabledefaultcrypto
+service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
disabled
oneshot
# vold will set vold.decrypt to trigger_restart_framework (default