cryptfs: Fix legacy QCOM HW FDE encryption

* Commit 740377dda5 added back older create_crypto_blk_dev function renamed as create_crypto_blk_dev_hw for QCOM HW FDE devices, however it only switched to this function for ICE-enabled devices. * Using create_crypto_blk_dev_hw in all cases fixes encryption on older devices that do not support ICE. * Matches android 10 code, which is working. Change-Id: Id06dce34120c26fecd48f1328fee7a1b456fc421
3 years ago · d023c4b825
parent b823b879c8
commit d023c4b825
1 changed files with 7 additions and 11 deletions
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@ -1363,7 +1363,7 @@ static int create_crypto_blk_dev_hw(struct crypt_mnt_ftr* crypt_ftr, const unsig
      load_count = load_crypto_mapping_table(crypt_ftr, master_key, real_blk_name, name, fd,
                                           extra_params);
    }
-    
+
    if (load_count < 0) {
        SLOGE("Cannot load dm-crypt mapping table.\n");
        goto errout;
@ -2108,7 +2108,6 @@ static int test_mount_hw_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
 {
    /* Allocate enough space for a 256 bit key, but we may use less */
    unsigned char decrypted_master_key[32];
-    std::string crypto_blkdev_hw;
    std::string crypto_blkdev;
    std::string real_blkdev;
    unsigned int orig_failed_decrypt_count;
@ -2130,14 +2129,14 @@ static int test_mount_hw_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
            if (is_ice_enabled()) {
 #ifndef CONFIG_HW_DISK_ENCRYPT_PERF
                if (create_crypto_blk_dev_hw(crypt_ftr, (unsigned char*)&key_index,
-                                          real_blkdev.c_str(), &crypto_blkdev_hw, label, 0)) {
+                                          real_blkdev.c_str(), &crypto_blkdev, label, 0)) {
                    SLOGE("Error creating decrypted block device");
                    rc = -1;
                    goto errout;
                }
 #endif
            } else {
-                if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key,
+                if (create_crypto_blk_dev_hw(crypt_ftr, decrypted_master_key,
                                          real_blkdev.c_str(), &crypto_blkdev, label, 0)) {
                    SLOGE("Error creating decrypted block device");
                    rc = -1;
@ -2155,13 +2154,10 @@ static int test_mount_hw_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,

        /* Save the name of the crypto block device
         * so we can mount it when restarting the framework. */
-        if (is_ice_enabled()) {
-#ifndef CONFIG_HW_DISK_ENCRYPT_PERF
-            property_set("ro.crypto.fs_crypto_blkdev", crypto_blkdev_hw.c_str());
+#ifdef CONFIG_HW_DISK_ENCRYPT_PERF
+        if (!is_ice_enabled())
 #endif
-        } else {
-            property_set("ro.crypto.fs_crypto_blkdev", crypto_blkdev.c_str());
-        }
+        property_set("ro.crypto.fs_crypto_blkdev", crypto_blkdev.c_str());
        master_key_saved = 1;
    }

@ -2918,7 +2914,7 @@ int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
                          CRYPTO_BLOCK_DEVICE, 0);
 #endif
    else
-      create_crypto_blk_dev(&crypt_ftr, decrypted_master_key, real_blkdev.c_str(), &crypto_blkdev,
+      create_crypto_blk_dev_hw(&crypt_ftr, decrypted_master_key, real_blkdev.c_str(), &crypto_blkdev,
                          CRYPTO_BLOCK_DEVICE, 0);
 #else
    create_crypto_blk_dev(&crypt_ftr, decrypted_master_key, real_blkdev.c_str(), &crypto_blkdev,