diff options
Diffstat (limited to 'fs_mgr')
-rw-r--r-- | fs_mgr/fs_mgr.c | 16 | ||||
-rw-r--r-- | fs_mgr/fs_mgr_verity.c | 6 |
2 files changed, 17 insertions, 5 deletions
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c index 40878c1..ad02922 100644 --- a/fs_mgr/fs_mgr.c +++ b/fs_mgr/fs_mgr.c @@ -141,9 +141,10 @@ static void check_fs(char *blk_device, char *fs_type, char *target) } else if (!strcmp(fs_type, "f2fs")) { char *f2fs_fsck_argv[] = { F2FS_FSCK_BIN, + "-f", blk_device }; - INFO("Running %s on %s\n", F2FS_FSCK_BIN, blk_device); + INFO("Running %s -f %s\n", F2FS_FSCK_BIN, blk_device); ret = android_fork_execvp_ext(ARRAY_SIZE(f2fs_fsck_argv), f2fs_fsck_argv, &status, true, LOG_KLOG | LOG_FILE, @@ -255,6 +256,15 @@ static int device_is_secure() { return strcmp(value, "0") ? 1 : 0; } +static int device_is_force_encrypted() { + int ret = -1; + char value[PROP_VALUE_MAX]; + ret = __system_property_get("ro.vold.forceencryption", value); + if (ret < 0) + return 0; + return strcmp(value, "1") ? 0 : 1; +} + /* * Tries to mount any of the consecutive fstab entries that match * the mountpoint of the one given by fstab->recs[start_idx]. @@ -377,7 +387,9 @@ int fs_mgr_mount_all(struct fstab *fstab) /* Deal with encryptability. */ if (!mret) { /* If this is encryptable, need to trigger encryption */ - if ((fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)) { + if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT) + || (device_is_force_encrypted() + && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) { if (umount(fstab->recs[attempted_idx].mount_point) == 0) { if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) { ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point, diff --git a/fs_mgr/fs_mgr_verity.c b/fs_mgr/fs_mgr_verity.c index ef7cf6e..f02781c 100644 --- a/fs_mgr/fs_mgr_verity.c +++ b/fs_mgr/fs_mgr_verity.c @@ -86,11 +86,11 @@ static RSAPublicKey *load_key(char *path) static int verify_table(char *signature, char *table, int table_length) { RSAPublicKey *key; - uint8_t hash_buf[SHA_DIGEST_SIZE]; + uint8_t hash_buf[SHA256_DIGEST_SIZE]; int retval = -1; // Hash the table - SHA_hash((uint8_t*)table, table_length, hash_buf); + SHA256_hash((uint8_t*)table, table_length, hash_buf); // Now get the public key from the keyfile key = load_key(VERITY_TABLE_RSA_KEY); @@ -104,7 +104,7 @@ static int verify_table(char *signature, char *table, int table_length) (uint8_t*) signature, RSANUMBYTES, (uint8_t*) hash_buf, - SHA_DIGEST_SIZE)) { + SHA256_DIGEST_SIZE)) { ERROR("Couldn't verify table."); goto out; } |