commit 7b6b565fa0d3658be8dc021f1beee5024d54b8c0
author Paul Lawrence <paullawrence@google.com> Tue Feb 02 11:14:59 2016 -0800
committer Paul Lawrence <paullawrence@google.com> Tue Feb 02 12:47:52 2016 -0800
tree 2fbeff7dedb9c675c04f6d46b61a39f6353dbed3
parent dac436f1fea17307a655f00d162622a6a2c71295

Remove support for non-default root passwords in FBE

Change-Id: Ie179cb09f9f24382afd0fe0f3aa2a1ad943a7f5d

cryptfs.c

diff --git a/cryptfs.c b/cryptfs.c
index c1020cd..bd7dd46 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -1780,28 +1780,8 @@
 {
     SLOGI("cryptfs_restart");
     if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
-        struct fstab_rec* rec;
-        int rc;
-
-        if (e4crypt_restart(DATA_MNT_POINT)) {
-            SLOGE("Can't unmount e4crypt temp volume\n");
-            return -1;
-        }
-
-        rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
-        if (!rec) {
-            SLOGE("Can't get fstab record for %s\n", DATA_MNT_POINT);
-            return -1;
-        }
-
-        rc = fs_mgr_do_mount(fstab, DATA_MNT_POINT, rec->blk_device, 0);
-        if (rc) {
-            SLOGE("Can't mount %s\n", DATA_MNT_POINT);
-            return rc;
-        }
-
-        property_set("vold.decrypt", "trigger_restart_framework");
-        return 0;
+        SLOGE("cryptfs_restart not valid for file encryption:");
+        return -1;
     }
 
     /* Call internal implementation forcing a restart of main service group */
@@ -1820,8 +1800,9 @@
     return CRYPTO_COMPLETE_NOT_ENCRYPTED;
   }
 
+  // crypto_complete is full disk encrypted status
   if (e4crypt_crypto_complete(mount_point) == 0) {
-    return CRYPTO_COMPLETE_ENCRYPTED;
+    return CRYPTO_COMPLETE_NOT_ENCRYPTED;
   }
 
   if (get_crypt_ftr_and_key(&crypt_ftr)) {
@@ -2074,7 +2055,8 @@
 {
     SLOGI("cryptfs_check_passwd");
     if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
-        return e4crypt_check_passwd(DATA_MNT_POINT, passwd);
+        SLOGE("cryptfs_check_passwd not valid for file encryption");
+        return -1;
     }
 
     struct crypt_mnt_ftr crypt_ftr;
@@ -3365,9 +3347,8 @@
 int cryptfs_changepw(int crypt_type, const char *newpw)
 {
     if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
-        return e4crypt_change_password(DATA_MNT_POINT, crypt_type,
-                    crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD
-                                                     : newpw);
+        SLOGE("cryptfs_changepw not valid for file encryption");
+        return -1;
     }
 
     struct crypt_mnt_ftr crypt_ftr;
@@ -3783,7 +3764,8 @@
 int cryptfs_get_password_type(void)
 {
     if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
-        return e4crypt_get_password_type(DATA_MNT_POINT);
+        SLOGE("cryptfs_get_password_type not valid for file encryption");
+        return -1;
     }
 
     struct crypt_mnt_ftr crypt_ftr;
@@ -3803,7 +3785,8 @@
 const char* cryptfs_get_password()
 {
     if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
-        return e4crypt_get_password(DATA_MNT_POINT);
+        SLOGE("cryptfs_get_password not valid for file encryption");
+        return 0;
     }
 
     struct timespec now;
@@ -3818,10 +3801,6 @@
 
 void cryptfs_clear_password()
 {
-    if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) {
-        e4crypt_clear_password(DATA_MNT_POINT);
-    }
-
     if (password) {
         size_t len = strlen(password);
         memset(password, 0, len);