system/vold: Update patches after pie-gsi merge
Signed-off-by: Jackeagle <jackeagle102@gmail.com>
diff --git a/patches/system/vold/0008-Revert-vold-Add-Hardware-FDE-feature.patch b/patches/system/vold/0008-Revert-vold-Add-Hardware-FDE-feature.patch
index 7c33769..3368eac 100644
--- a/patches/system/vold/0008-Revert-vold-Add-Hardware-FDE-feature.patch
+++ b/patches/system/vold/0008-Revert-vold-Add-Hardware-FDE-feature.patch
@@ -1,17 +1,20 @@
-From fb99aa2057ddf1c6477777bc02aa4c0d54513a0c Mon Sep 17 00:00:00 2001
+From 3df1faeb7e70914cddefb4fb6ecd27bb989c4cc5 Mon Sep 17 00:00:00 2001
From: Jackeagle <jackeagle102@gmail.com>
-Date: Wed, 19 Dec 2018 17:02:25 +0100
+Date: Mon, 6 May 2019 19:57:11 +0200
Subject: [PATCH 8/8] Revert "vold: Add Hardware FDE feature"
This reverts commit 3585008ea98f4a1caf69d10c32a02e1169eeb248.
+
+Change-Id: I808cd01881cd9c968e9a631adccdbaf22501e650
+Signed-off-by: Jackeagle <jackeagle102@gmail.com>
---
Android.bp | 8 -
VoldNativeService.cpp | 4 +-
VoldNativeService.h | 2 +-
binder/android/os/IVold.aidl | 2 +-
- cryptfs.cpp | 637 +++--------------------------------
+ cryptfs.cpp | 638 +++--------------------------------
cryptfs.h | 10 +-
- 6 files changed, 49 insertions(+), 614 deletions(-)
+ 6 files changed, 50 insertions(+), 614 deletions(-)
diff --git a/Android.bp b/Android.bp
index ffb139e..48dfaaf 100644
@@ -84,12 +87,12 @@
@utf8InCpp String fdeGetField(@utf8InCpp String key);
void fdeSetField(@utf8InCpp String key, @utf8InCpp String value);
diff --git a/cryptfs.cpp b/cryptfs.cpp
-index 3452fe3..5a061bb 100644
+index bea9b2f..7aee819 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
-@@ -63,9 +63,6 @@
- #include "Keymaster.h"
+@@ -66,9 +66,6 @@
#include "android-base/properties.h"
+ #include "android-base/stringprintf.h"
#include <bootloader_message/bootloader_message.h>
-#ifdef CONFIG_HW_DISK_ENCRYPTION
-#include <cryptfs_hw.h>
@@ -97,7 +100,7 @@
extern "C" {
#include <crypto_scrypt.h>
}
-@@ -87,7 +84,6 @@ static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN,
+@@ -94,7 +91,6 @@ static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN,
#define KEY_IN_FOOTER "footer"
@@ -105,7 +108,7 @@
#define DEFAULT_PASSWORD "default_password"
#define CRYPTO_BLOCK_DEVICE "userdata"
-@@ -103,7 +99,6 @@ static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN,
+@@ -110,7 +106,6 @@ static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN,
#define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
#define RSA_EXPONENT 0x10001
#define KEYMASTER_CRYPTFS_RATE_LIMIT 1 // Maximum one try per second
@@ -113,7 +116,7 @@
#define RETRY_MOUNT_ATTEMPTS 10
#define RETRY_MOUNT_DELAY_SECONDS 1
-@@ -117,151 +112,6 @@ static char *saved_mount_point;
+@@ -124,151 +119,6 @@ static char *saved_mount_point;
static int master_key_saved = 0;
static struct crypt_persist_data *persist_data = NULL;
@@ -265,7 +268,7 @@
/* Should we use keymaster? */
static int keymaster_check_compatibility()
{
-@@ -1150,36 +1000,16 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
+@@ -1161,40 +1011,21 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
tgt->status = 0;
tgt->sector_start = 0;
tgt->length = crypt_ftr->fs_size;
@@ -275,8 +278,12 @@
+ convert_key_to_hex_ascii(master_key, crypt_ftr->keysize, master_key_ascii);
+
buff_offset = crypt_params - buffer;
- SLOGI("Extra parameters for dm_crypt: %s\n", extra_params);
--
++
+ SLOGI(
+ "Creating crypto dev \"%s\"; cipher=%s, keysize=%u, real_dev=%s, len=%llu, params=\"%s\"\n",
+ name, crypt_ftr->crypto_type_name, crypt_ftr->keysize, real_blk_name, tgt->length * 512,
+ extra_params);
+-
-#ifdef CONFIG_HW_DISK_ENCRYPTION
- if(is_hw_disk_encryption((char*)crypt_ftr->crypto_type_name)) {
- strlcpy(tgt->target_type, "req-crypt",DM_MAX_TYPE_NAME);
@@ -298,6 +305,7 @@
-#else
- convert_key_to_hex_ascii(master_key, crypt_ftr->keysize, master_key_ascii);
- strlcpy(tgt->target_type, "crypt", DM_MAX_TYPE_NAME);
+
snprintf(crypt_params, sizeof(buffer) - buff_offset, "%s %s 0 %s 0 %s",
crypt_ftr->crypto_type_name, master_key_ascii, real_blk_name,
extra_params);
@@ -306,7 +314,7 @@
crypt_params += strlen(crypt_params) + 1;
crypt_params = (char *) (((unsigned long)crypt_params + 7) & ~8); /* Align to an 8 byte boundary */
tgt->next = crypt_params - buffer;
-@@ -1199,6 +1029,7 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
+@@ -1214,6 +1045,7 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
}
}
@@ -314,7 +322,7 @@
static int get_dm_crypt_version(int fd, const char *name, int *version)
{
char buffer[DM_CRYPT_BUF_SIZE];
-@@ -1218,11 +1049,7 @@ static int get_dm_crypt_version(int fd, const char *name, int *version)
+@@ -1233,11 +1065,7 @@ static int get_dm_crypt_version(int fd, const char *name, int *version)
*/
v = (struct dm_target_versions *) &buffer[sizeof(struct dm_ioctl)];
while (v->next) {
@@ -326,7 +334,7 @@
/* We found the crypt driver, return the version, and get out */
version[0] = v->version[0];
version[1] = v->version[1];
-@@ -1235,7 +1062,6 @@ static int get_dm_crypt_version(int fd, const char *name, int *version)
+@@ -1250,7 +1078,6 @@ static int get_dm_crypt_version(int fd, const char *name, int *version)
return -1;
}
@@ -334,15 +342,15 @@
static std::string extra_params_as_string(const std::vector<std::string>& extra_params_vec) {
if (extra_params_vec.empty()) return "";
std::string extra_params = std::to_string(extra_params_vec.size());
-@@ -1245,7 +1071,6 @@ static std::string extra_params_as_string(const std::vector<std::string>& extra_
+@@ -1260,7 +1087,6 @@ static std::string extra_params_as_string(const std::vector<std::string>& extra_
}
return extra_params;
}
-#endif
- static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned char* master_key,
- const char* real_blk_name, char* crypto_blk_name, const char* name,
-@@ -1258,13 +1083,7 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned
+ /*
+ * If the ro.crypto.fde_sector_size system property is set, append the
+@@ -1306,13 +1132,7 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned
int retval = -1;
int version[3];
int load_count;
@@ -356,7 +364,7 @@
if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Cannot open device-mapper\n");
-@@ -1289,45 +1108,6 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned
+@@ -1337,45 +1157,6 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned
minor = (io->dev & 0xff) | ((io->dev >> 12) & 0xfff00);
snprintf(crypto_blk_name, MAXPATHLEN, "/dev/block/dm-%u", minor);
@@ -402,7 +410,7 @@
if (!get_dm_crypt_version(fd, name, version)) {
/* Support for allow_discards was added in version 1.11.0 */
if ((version[0] >= 2) || ((version[0] == 1) && (version[1] >= 11))) {
-@@ -1339,7 +1119,6 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned
+@@ -1391,7 +1172,6 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned
}
load_count = load_crypto_mapping_table(crypt_ftr, master_key, real_blk_name, name, fd,
extra_params_as_string(extra_params_vec).c_str());
@@ -410,7 +418,7 @@
if (load_count < 0) {
SLOGE("Cannot load dm-crypt mapping table.\n");
goto errout;
-@@ -1468,8 +1247,7 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
+@@ -1526,8 +1306,7 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
static int encrypt_master_key(const char *passwd, const unsigned char *salt,
const unsigned char *decrypted_master_key,
unsigned char *encrypted_master_key,
@@ -420,7 +428,7 @@
{
unsigned char ikey[INTERMEDIATE_BUF_SIZE] = { 0 };
EVP_CIPHER_CTX e_ctx;
-@@ -1481,7 +1259,7 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
+@@ -1539,7 +1318,7 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
switch (crypt_ftr->kdf_type) {
case KDF_SCRYPT_KEYMASTER:
@@ -429,7 +437,7 @@
SLOGE("keymaster_create_key failed");
return -1;
}
-@@ -1651,13 +1429,13 @@ static int create_encrypted_random_key(const char *passwd, unsigned char *master
+@@ -1709,13 +1488,13 @@ static int create_encrypted_random_key(const char *passwd, unsigned char *master
close(fd);
/* Now encrypt it with the password */
@@ -445,7 +453,7 @@
/* Now umount the tmpfs filesystem */
for (i=0; i<WAIT_UNMOUNT_COUNT; i++) {
-@@ -1674,18 +1452,18 @@ int wait_and_unmount(const char *mountpoint, bool kill)
+@@ -1732,18 +1511,18 @@ int wait_and_unmount(const char *mountpoint, bool kill)
err = errno;
@@ -468,7 +476,7 @@
}
if (i < WAIT_UNMOUNT_COUNT) {
-@@ -1852,17 +1630,6 @@ static int cryptfs_restart_internal(int restart_main)
+@@ -1910,17 +1689,6 @@ static int cryptfs_restart_internal(int restart_main)
cryptfs_reboot(RebootType::reboot);
}
} else {
@@ -486,7 +494,7 @@
SLOGE("Failed to mount decrypted data");
cryptfs_set_corrupt();
cryptfs_trigger_restart_min_framework();
-@@ -1871,7 +1638,6 @@ static int cryptfs_restart_internal(int restart_main)
+@@ -1929,7 +1697,6 @@ static int cryptfs_restart_internal(int restart_main)
SLOGE("Failed to setexeccon");
}
return -1;
@@ -494,7 +502,7 @@
}
}
if (setexeccon(NULL)) {
-@@ -1966,66 +1732,6 @@ static int do_crypto_complete(const char *mount_point)
+@@ -2024,66 +1791,6 @@ static int do_crypto_complete(const char *mount_point)
return CRYPTO_COMPLETE_ENCRYPTED;
}
@@ -561,7 +569,7 @@
static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
const char *passwd, const char *mount_point, const char *label)
{
-@@ -2132,7 +1838,7 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
+@@ -2190,7 +1897,7 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
if (upgrade) {
rc = encrypt_master_key(passwd, crypt_ftr->salt, saved_master_key,
@@ -570,7 +578,7 @@
if (!rc) {
rc = put_crypt_ftr_and_key(crypt_ftr);
}
-@@ -2229,66 +1935,6 @@ int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr)
+@@ -2287,66 +1994,6 @@ int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr)
return 0;
}
@@ -637,7 +645,7 @@
int cryptfs_check_passwd(const char *passwd)
{
SLOGI("cryptfs_check_passwd");
-@@ -2306,14 +1952,8 @@ int cryptfs_check_passwd(const char *passwd)
+@@ -2364,14 +2011,8 @@ int cryptfs_check_passwd(const char *passwd)
return rc;
}
@@ -652,7 +660,7 @@
if (rc) {
SLOGE("Password did not match");
return rc;
-@@ -2334,7 +1974,7 @@ int cryptfs_check_passwd(const char *passwd)
+@@ -2392,7 +2033,7 @@ int cryptfs_check_passwd(const char *passwd)
crypt_ftr.flags &= ~CRYPT_FORCE_COMPLETE;
put_crypt_ftr_and_key(&crypt_ftr);
@@ -661,7 +669,7 @@
if (rc) {
SLOGE("Could not change password on reboot encryption");
return rc;
-@@ -2384,24 +2024,6 @@ int cryptfs_verify_passwd(const char *passwd)
+@@ -2442,24 +2083,6 @@ int cryptfs_verify_passwd(const char *passwd)
/* If the device has no password, then just say the password is valid */
rc = 0;
} else {
@@ -686,7 +694,7 @@
decrypt_master_key(passwd, decrypted_master_key, &crypt_ftr, 0, 0);
if (!memcmp(decrypted_master_key, saved_master_key, crypt_ftr.keysize)) {
/* They match, the password is correct */
-@@ -2411,7 +2033,6 @@ int cryptfs_verify_passwd(const char *passwd)
+@@ -2469,7 +2092,6 @@ int cryptfs_verify_passwd(const char *passwd)
sleep(1);
rc = 1;
}
@@ -694,7 +702,7 @@
}
return rc;
-@@ -2535,12 +2156,6 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
+@@ -2593,12 +2215,6 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
off64_t previously_encrypted_upto = 0;
bool rebootEncryption = false;
bool onlyCreateHeader = false;
@@ -707,7 +715,7 @@
int fd = -1;
if (get_crypt_ftr_and_key(&crypt_ftr) == 0) {
-@@ -2645,6 +2260,30 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
+@@ -2703,6 +2319,30 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
fclose(breadcrumb);
}
@@ -738,7 +746,7 @@
/* Start the actual work of making an encrypted filesystem */
/* Initialize a crypt_mnt_ftr for the partition */
if (previously_encrypted_upto == 0 && !rebootEncryption) {
-@@ -2668,11 +2307,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
+@@ -2726,11 +2366,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
crypt_ftr.flags |= CRYPT_INCONSISTENT_STATE;
}
crypt_ftr.crypt_type = crypt_type;
@@ -750,7 +758,7 @@
/* Make an encrypted master key */
if (create_encrypted_random_key(onlyCreateHeader ? DEFAULT_PASSWORD : passwd,
-@@ -2687,7 +2322,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
+@@ -2745,7 +2381,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
unsigned char encrypted_fake_master_key[MAX_KEY_LEN];
memset(fake_master_key, 0, sizeof(fake_master_key));
encrypt_master_key(passwd, crypt_ftr.salt, fake_master_key,
@@ -759,7 +767,7 @@
}
/* Write the key to the end of the partition */
-@@ -2708,57 +2343,12 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
+@@ -2766,57 +2402,12 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
}
}
@@ -819,7 +827,7 @@
/* startup service classes main and late_start */
property_set("vold.decrypt", "trigger_restart_min_framework");
SLOGD("Just triggered restart_min_framework\n");
-@@ -2771,17 +2361,8 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
+@@ -2829,17 +2420,8 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
}
decrypt_master_key(passwd, decrypted_master_key, &crypt_ftr, 0, 0);
@@ -837,7 +845,7 @@
/* If we are continuing, check checksums match */
rc = 0;
-@@ -2915,7 +2496,7 @@ int cryptfs_enable_default(int no_ui) {
+@@ -2973,7 +2555,7 @@ int cryptfs_enable_default(int no_ui) {
return cryptfs_enable_internal(CRYPT_TYPE_DEFAULT, DEFAULT_PASSWORD, no_ui);
}
@@ -846,7 +854,7 @@
{
if (e4crypt_is_native()) {
SLOGE("cryptfs_changepw not valid for file encryption");
-@@ -2942,28 +2523,6 @@ int cryptfs_changepw(int crypt_type, const char *currentpw, const char *newpw)
+@@ -3000,28 +2582,6 @@ int cryptfs_changepw(int crypt_type, const char *currentpw, const char *newpw)
return -1;
}
@@ -875,7 +883,7 @@
crypt_ftr.crypt_type = crypt_type;
rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD
-@@ -2971,7 +2530,7 @@ int cryptfs_changepw(int crypt_type, const char *currentpw, const char *newpw)
+@@ -3029,7 +2589,7 @@ int cryptfs_changepw(int crypt_type, const char *currentpw, const char *newpw)
crypt_ftr.salt,
saved_master_key,
crypt_ftr.master_key,
@@ -884,7 +892,7 @@
if (rc) {
SLOGE("Encrypt master key failed: %d", rc);
return -1;
-@@ -2979,57 +2538,8 @@ int cryptfs_changepw(int crypt_type, const char *currentpw, const char *newpw)
+@@ -3037,57 +2597,8 @@ int cryptfs_changepw(int crypt_type, const char *currentpw, const char *newpw)
/* save the key */
put_crypt_ftr_and_key(&crypt_ftr);
@@ -942,7 +950,7 @@
static unsigned int persist_get_max_entries(int encrypted) {
struct crypt_mnt_ftr crypt_ftr;
-@@ -3432,62 +2942,3 @@ int cryptfs_isConvertibleToFBE()
+@@ -3489,62 +3000,3 @@ int cryptfs_isConvertibleToFBE()
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
return fs_mgr_is_convertible_to_fbe(rec) ? 1 : 0;
}
@@ -1034,5 +1042,5 @@
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, const unsigned char* key,
char* out_crypto_blkdev);
--
-2.17.1
+2.21.0