Gitiles
Code Review Sign In
review.blissroms.org / platform_system_vold / 8f869aa1bc685b505c58e97b4e11a9c7491a16f9^! / . / cryptfs.h
commit8f869aa1bc685b505c58e97b4e11a9c7491a16f9[log] [tgz]
authorKen Sumrall <ksumrall@android.com>Fri Dec 03 03:47:09 2010 -0800
committerKen Sumrall <ksumrall@android.com>Sat Dec 18 18:35:56 2010 -0800
tree0465222f35b0e0c36e39e225cdbbd920f799e3a8
parent3c9a73f643f7c782bdd326f628eeea97bec42ae8 [diff] [blame]
Support for encrypting /data on Stingray.

There are still a few hacks and performance issues related
to shutting down the framework in this code, but it is
functional and tested.  Without the UI changes, it requires
cryptic adb shell commands to enable, which I shall not
utter here.

Change-Id: I0b8f90afd707e17fbdb0373d156236946633cf8b

diff --git a/cryptfs.h b/cryptfs.h
new file mode 100644
index 0000000..32f1724
--- /dev/null
+++ b/cryptfs.h

@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2010 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* This structure starts 16,384 bytes before the end of a hardware
+ * partition that is encrypted.
+ * Immediately following this structure is the encrypted key.
+ * Obviously, the filesystem does not include the last 16 kbytes
+ * of the partition.
+ */
+
+#define CRYPT_FOOTER_OFFSET 0x4000
+
+#define MAX_CRYPTO_TYPE_NAME_LEN 64
+
+/* definitions of flags in the structure below */
+#define CRYPT_MNT_KEY_UNENCRYPTED 0x1 /* The key for the partition is not encrypted. */
+
+#define CRYPT_MNT_MAGIC 0xD0B5B1C4
+
+#define __le32 unsigned int
+#define __le16 unsigned short int 
+
+struct crypt_mnt_ftr {
+  __le32 magic;		/* See above */
+  __le16 major_version;
+  __le16 minor_version;
+  __le32 ftr_size; 	/* in bytes, not including key following */
+  __le32 flags;		/* See above */
+  __le32 keysize;	/* in bytes */
+  __le32 spare1;	/* ignored */
+  __le64 fs_size;	/* Size of the encrypted fs, in 512 byte sectors */
+  __le32 failed_decrypt_count; /* count of # of failed attempts to decrypt and
+				  mount, set to 0 on successful mount */
+  unsigned char crypto_type_name[MAX_CRYPTO_TYPE_NAME_LEN]; /* The type of encryption
+							       needed to decrypt this
+							       partition, null terminated */
+};
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+  int cryptfs_check_passwd(char *pw);
+  int cryptfs_enable(char *flag, char *passwd);
+#ifdef __cplusplus
+}
+#endif
+