From 703b87de5b84e24ea119556dcc3683cb4ce941cf Mon Sep 17 00:00:00 2001 From: Paul Lawrence Date: Wed, 7 Jan 2015 11:44:51 -0800 Subject: Provide a way to select force encryption from vendor partition This allows a vendor to force encryption on devices via a vendor partition flag: ro.vold.forceencryption 1 Bug: 18764230 Change-Id: Id0049ce64e34e4f6f96e593aadd70c277ac131c8 --- fs_mgr/fs_mgr.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'fs_mgr/fs_mgr.c') diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c index d1e92f2..ad02922 100644 --- a/fs_mgr/fs_mgr.c +++ b/fs_mgr/fs_mgr.c @@ -256,6 +256,15 @@ static int device_is_secure() { return strcmp(value, "0") ? 1 : 0; } +static int device_is_force_encrypted() { + int ret = -1; + char value[PROP_VALUE_MAX]; + ret = __system_property_get("ro.vold.forceencryption", value); + if (ret < 0) + return 0; + return strcmp(value, "1") ? 0 : 1; +} + /* * Tries to mount any of the consecutive fstab entries that match * the mountpoint of the one given by fstab->recs[start_idx]. @@ -378,7 +387,9 @@ int fs_mgr_mount_all(struct fstab *fstab) /* Deal with encryptability. */ if (!mret) { /* If this is encryptable, need to trigger encryption */ - if ((fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT)) { + if ( (fstab->recs[attempted_idx].fs_mgr_flags & MF_FORCECRYPT) + || (device_is_force_encrypted() + && fs_mgr_is_encryptable(&fstab->recs[attempted_idx]))) { if (umount(fstab->recs[attempted_idx].mount_point) == 0) { if (encryptable == FS_MGR_MNTALL_DEV_NOT_ENCRYPTED) { ERROR("Will try to encrypt %s %s\n", fstab->recs[attempted_idx].mount_point, -- cgit v1.1