From 569649ff1d6d76f89982c391a5b0e119050250e4 Mon Sep 17 00:00:00 2001 From: Paul Lawrence Date: Wed, 9 Sep 2015 12:13:00 -0700 Subject: [PATCH] Don't show UI on default encryption Bug: 22989588 Change-Id: I21403233d84031869d929c46c3c7b2ebefb3caff --- CryptCommandListener.cpp | 54 ++++++++++++++++++++++++++++++++++------ cryptfs.c | 18 ++++++-------- cryptfs.h | 4 +-- 3 files changed, 56 insertions(+), 20 deletions(-) diff --git a/CryptCommandListener.cpp b/CryptCommandListener.cpp index 173be63..3132a82 100644 --- a/CryptCommandListener.cpp +++ b/CryptCommandListener.cpp @@ -147,26 +147,66 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli, rc = cryptfs_crypto_complete(); } else if (!strcmp(argv[1], "enablecrypto")) { const char* syntax = "Usage: cryptfs enablecrypto " - "default|password|pin|pattern [passwd]"; - if ( (argc != 4 && argc != 5) - || (strcmp(argv[2], "wipe") && strcmp(argv[2], "inplace")) ) { + "default|password|pin|pattern [passwd] [noui]"; + + // This should be replaced with a command line parser if more options + // are added + bool valid = true; + bool no_ui = false; + int type = CRYPT_TYPE_DEFAULT; + int options = 4; // Optional parameters are at this offset + if (argc < 4) { + // Minimum 4 parameters + valid = false; + } else if (strcmp(argv[2], "wipe") && strcmp(argv[2], "inplace") ) { + // Second parameter must be wipe or inplace + valid = false; + } else { + // Third parameter must be valid type + type = getType(argv[3]); + if (type == -1) { + valid = false; + } else if (type != CRYPT_TYPE_DEFAULT) { + options++; + } + } + + if (valid) { + if(argc < options) { + // Too few parameters + valid = false; + } else if (argc == options) { + // No more, done + } else if (argc == options + 1) { + // One option, must be noui + if (!strcmp(argv[options], "noui")) { + no_ui = true; + } else { + valid = false; + } + } else { + // Too many options + valid = false; + } + } + + if (!valid ) { cli->sendMsg(ResponseCode::CommandSyntaxError, syntax, false); return 0; } + dumpArgs(argc, argv, 4); int tries; for (tries = 0; tries < 2; ++tries) { - int type = getType(argv[3]); if (type == -1) { cli->sendMsg(ResponseCode::CommandSyntaxError, syntax, false); return 0; } else if (type == CRYPT_TYPE_DEFAULT) { - rc = cryptfs_enable_default(argv[2], /*allow_reboot*/false); + rc = cryptfs_enable_default(argv[2], no_ui); } else { - rc = cryptfs_enable(argv[2], type, argv[4], - /*allow_reboot*/false); + rc = cryptfs_enable(argv[2], type, argv[4], no_ui); } if (rc == 0) { diff --git a/cryptfs.c b/cryptfs.c index 1a63a5b..1828ece 100644 --- a/cryptfs.c +++ b/cryptfs.c @@ -2893,7 +2893,7 @@ static int cryptfs_enable_all_volumes(struct crypt_mnt_ftr *crypt_ftr, int how, } int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd, - int allow_reboot) + int no_ui) { int how = 0; char crypto_blkdev[MAXPATHLEN], real_blkdev[MAXPATHLEN]; @@ -2992,11 +2992,7 @@ int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd, /* Now unmount the /data partition. */ if (wait_and_unmount(DATA_MNT_POINT, false)) { - if (allow_reboot) { - goto error_shutting_down; - } else { - goto error_unencrypted; - } + goto error_unencrypted; } /* Do extra work for a better UX when doing the long inplace encryption */ @@ -3086,7 +3082,7 @@ int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd, } } - if (how == CRYPTO_ENABLE_INPLACE) { + if (how == CRYPTO_ENABLE_INPLACE && !no_ui) { /* startup service classes main and late_start */ property_set("vold.decrypt", "trigger_restart_min_framework"); SLOGD("Just triggered restart_min_framework\n"); @@ -3223,15 +3219,15 @@ error_shutting_down: return -1; } -int cryptfs_enable(char *howarg, int type, char *passwd, int allow_reboot) +int cryptfs_enable(char *howarg, int type, char *passwd, int no_ui) { - return cryptfs_enable_internal(howarg, type, passwd, allow_reboot); + return cryptfs_enable_internal(howarg, type, passwd, no_ui); } -int cryptfs_enable_default(char *howarg, int allow_reboot) +int cryptfs_enable_default(char *howarg, int no_ui) { return cryptfs_enable_internal(howarg, CRYPT_TYPE_DEFAULT, - DEFAULT_PASSWORD, allow_reboot); + DEFAULT_PASSWORD, no_ui); } int cryptfs_changepw(int crypt_type, const char *newpw) diff --git a/cryptfs.h b/cryptfs.h index 94684e2..fd6f3da 100644 --- a/cryptfs.h +++ b/cryptfs.h @@ -218,9 +218,9 @@ extern "C" { int cryptfs_check_passwd(char *pw); int cryptfs_verify_passwd(char *newpw); int cryptfs_restart(void); - int cryptfs_enable(char *flag, int type, char *passwd, int allow_reboot); + int cryptfs_enable(char *flag, int type, char *passwd, int no_ui); int cryptfs_changepw(int type, const char *newpw); - int cryptfs_enable_default(char *flag, int allow_reboot); + int cryptfs_enable_default(char *flag, int no_ui); int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, const unsigned char* key, int keysize, char* out_crypto_blkdev); int cryptfs_revert_ext_volume(const char* label);