diff --git a/cryptfs.cpp b/cryptfs.cpp index 2ac20e1..28facac 100644 --- a/cryptfs.cpp +++ b/cryptfs.cpp @@ -36,6 +36,7 @@ #include "secontext.h" #include +#include #include #include #include @@ -74,6 +75,7 @@ extern "C" { #include } +using android::base::StringPrintf; using namespace std::chrono_literals; #define UNUSED __attribute__((unused)) @@ -1044,6 +1046,21 @@ static std::string extra_params_as_string(const std::vector& extra_ return extra_params; } +// Only adds parameters if the property is set. +static void add_sector_size_param(std::vector* extra_params_vec) { + constexpr char DM_CRYPT_SECTOR_SIZE[] = "ro.crypto.fde_sector_size"; + char sector_size[PROPERTY_VALUE_MAX]; + + if (property_get(DM_CRYPT_SECTOR_SIZE, sector_size, "") > 0) { + std::string param = StringPrintf("sector_size:%s", sector_size); + extra_params_vec->push_back(std::move(param)); + + // With this option, IVs will match the sector numbering, instead + // of being hard-coded to being based on 512-byte sectors. + extra_params_vec->emplace_back("iv_large_sectors"); + } +} + static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned char* master_key, const char* real_blk_name, char* crypto_blk_name, const char* name, uint32_t flags) { @@ -1089,6 +1106,7 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned if (flags & CREATE_CRYPTO_BLK_DEV_FLAGS_ALLOW_ENCRYPT_OVERRIDE) { extra_params_vec.emplace_back("allow_encrypt_override"); } + add_sector_size_param(&extra_params_vec); load_count = load_crypto_mapping_table(crypt_ftr, master_key, real_blk_name, name, fd, extra_params_as_string(extra_params_vec).c_str()); if (load_count < 0) {