From 792484081da01e65618533c24b73d91825ee498b Mon Sep 17 00:00:00 2001 From: Neeraj Soni Date: Fri, 14 Dec 2018 15:18:15 +0530 Subject: [PATCH] system: vold: Use wrapped key for metadata encryption Wrapped key feature is needed for better security of encryption keys and to ensure data integrity when crypto key cache is cleared during reset operation of storage/crypto hardware. Original patch: https://source.codeaurora.org/quic/la/platform/system/vold/commit/?h=LA.QSSI.11.0.r1-05600-qssi.0&id=c480f913e6abc2757c0d79afba5a3df1c4adc731 [Pig]: Clean up all deprecated codes that were removed during latter merge. CRs-Fixed: 2367150 Change-Id: I83d14861bf81e102151fa3417d84008c214a9ac0 --- FsCrypt.cpp | 4 ++++ FsCrypt.h | 1 + VoldUtil.h | 1 + 3 files changed, 6 insertions(+) diff --git a/FsCrypt.cpp b/FsCrypt.cpp index e21524a..33cac04 100644 --- a/FsCrypt.cpp +++ b/FsCrypt.cpp @@ -287,6 +287,10 @@ static bool get_volume_file_encryption_options(EncryptionOptions* options) { return true; } +bool is_metadata_wrapped_key_supported() { + return GetEntryForMountPoint(&fstab_default, METADATA_MNT_POINT)->fs_mgr_flags.wrapped_key; +} + static bool read_and_install_user_ce_key(userid_t user_id, const android::vold::KeyAuthentication& auth) { if (s_ce_policies.count(user_id) != 0) return true; diff --git a/FsCrypt.h b/FsCrypt.h index 641991a..899f20f 100644 --- a/FsCrypt.h +++ b/FsCrypt.h @@ -38,3 +38,4 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags); bool fscrypt_destroy_volume_keys(const std::string& volume_uuid); +bool is_metadata_wrapped_key_supported(); diff --git a/VoldUtil.h b/VoldUtil.h index ce6b411..e0945bf 100644 --- a/VoldUtil.h +++ b/VoldUtil.h @@ -21,3 +21,4 @@ extern android::fs_mgr::Fstab fstab_default; #define DATA_MNT_POINT "/data" +#define METADATA_MNT_POINT "/metadata"