diff --git a/CommandListener.cpp b/CommandListener.cpp index 551a6ce..c66b9d2 100644 --- a/CommandListener.cpp +++ b/CommandListener.cpp @@ -708,7 +708,7 @@ int CommandListener::CryptfsCmd::runCommand(SocketClient *cli, } else if (!strcmp(argv[1], "getpw")) { SLOGD("cryptfs getpw"); dumpArgs(argc, argv, -1); - char* password = cryptfs_get_password(); + const char* password = cryptfs_get_password(); if (password) { char* message = 0; int size = asprintf(&message, "{{sensitive}} %s", password); diff --git a/cryptfs.c b/cryptfs.c index af74d74..1e8f85b 100644 --- a/cryptfs.c +++ b/cryptfs.c @@ -53,6 +53,7 @@ #include "VolumeManager.h" #include "VoldUtil.h" #include "crypto_scrypt.h" +#include "ext4_crypt.h" #include "ext4_utils.h" #include "f2fs_sparseblock.h" #include "CheckBattery.h" @@ -1674,11 +1675,37 @@ static int cryptfs_restart_internal(int restart_main) int cryptfs_restart(void) { + SLOGI("cryptfs_restart"); + if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) { + struct fstab_rec* rec; + int rc; + + if (e4crypt_restart(DATA_MNT_POINT)) { + SLOGE("Can't unmount e4crypt temp volume\n"); + return -1; + } + + rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT); + if (!rec) { + SLOGE("Can't get fstab record for %s\n", DATA_MNT_POINT); + return -1; + } + + rc = fs_mgr_do_mount(fstab, DATA_MNT_POINT, rec->blk_device, 0); + if (rc) { + SLOGE("Can't mount %s\n", DATA_MNT_POINT); + return rc; + } + + property_set("vold.decrypt", "trigger_restart_framework"); + return 0; + } + /* Call internal implementation forcing a restart of main service group */ return cryptfs_restart_internal(1); } -static int do_crypto_complete(char *mount_point UNUSED) +static int do_crypto_complete(char *mount_point) { struct crypt_mnt_ftr crypt_ftr; char encrypted_state[PROPERTY_VALUE_MAX]; @@ -1690,6 +1717,10 @@ static int do_crypto_complete(char *mount_point UNUSED) return CRYPTO_COMPLETE_NOT_ENCRYPTED; } + if (e4crypt_crypto_complete(mount_point) == 0) { + return CRYPTO_COMPLETE_ENCRYPTED; + } + if (get_crypt_ftr_and_key(&crypt_ftr)) { fs_mgr_get_crypt_info(fstab, key_loc, 0, sizeof(key_loc)); @@ -2012,6 +2043,11 @@ char* adjust_passwd(const char* passwd) int cryptfs_check_passwd(char *passwd) { + SLOGI("cryptfs_check_passwd"); + if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) { + return e4crypt_check_passwd(DATA_MNT_POINT, passwd); + } + struct crypt_mnt_ftr crypt_ftr; int rc; @@ -3302,6 +3338,10 @@ int cryptfs_enable_default(char *howarg, int allow_reboot) int cryptfs_changepw(int crypt_type, const char *newpw) { + if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) { + return e4crypt_change_password(DATA_MNT_POINT, crypt_type, newpw); + } + struct crypt_mnt_ftr crypt_ftr; /* This is only allowed after we've successfully decrypted the master key */ @@ -3709,6 +3749,10 @@ int cryptfs_mount_default_encrypted(void) */ int cryptfs_get_password_type(void) { + if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) { + return e4crypt_get_password_type(DATA_MNT_POINT); + } + struct crypt_mnt_ftr crypt_ftr; if (get_crypt_ftr_and_key(&crypt_ftr)) { @@ -3723,8 +3767,12 @@ int cryptfs_get_password_type(void) return crypt_ftr.crypt_type; } -char* cryptfs_get_password() +const char* cryptfs_get_password() { + if (e4crypt_crypto_complete(DATA_MNT_POINT) == 0) { + return e4crypt_get_password(DATA_MNT_POINT); + } + struct timespec now; clock_gettime(CLOCK_BOOTTIME, &now); if (now.tv_sec < password_expiry_time) { diff --git a/cryptfs.h b/cryptfs.h index bce1dd3..1da6f94 100644 --- a/cryptfs.h +++ b/cryptfs.h @@ -243,7 +243,7 @@ extern "C" { int cryptfs_setfield(const char *fieldname, const char *value); int cryptfs_mount_default_encrypted(void); int cryptfs_get_password_type(void); - char* cryptfs_get_password(void); + const char* cryptfs_get_password(void); void cryptfs_clear_password(void); #ifdef __cplusplus }