From c8a3ef3f3c501c7bc14a2078dde513765cdb56d7 Mon Sep 17 00:00:00 2001
From: Paul Crowley <paulcrowley@google.com>
Date: Wed, 11 Sep 2019 15:00:08 -0700
Subject: [PATCH] Create a per-boot key on each boot

Bug: 140882488
Test: Booted twice, checked logs to ensure encryption
    is different each time, adb created files in directory.
Change-Id: I74077bf8f727dab726c25f512ed7406a74cbe0bf
---
 FsCrypt.cpp           | 19 +++++++++++++------
 FsCrypt.h             |  2 +-
 VoldNativeService.cpp |  2 +-
 3 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 3028b60..8d78473 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -84,7 +84,7 @@ const std::string prepare_subdirs_path = "/system/bin/vold_prepare_subdirs";
 const std::string systemwide_volume_key_dir =
     std::string() + DATA_MNT_POINT + "/misc/vold/volume_keys";
 
-bool s_global_de_initialized = false;
+bool s_systemwide_keys_initialized = false;
 
 // Some users are ephemeral, don't try to wipe their keys from disk
 std::set<userid_t> s_ephemeral_users;
@@ -335,10 +335,10 @@ static bool load_all_de_keys() {
     return true;
 }
 
-bool fscrypt_initialize_global_de() {
-    LOG(INFO) << "fscrypt_initialize_global_de";
+bool fscrypt_initialize_systemwide_keys() {
+    LOG(INFO) << "fscrypt_initialize_systemwide_keys";
 
-    if (s_global_de_initialized) {
+    if (s_systemwide_keys_initialized) {
         LOG(INFO) << "Already initialized";
         return true;
     }
@@ -355,11 +355,18 @@ bool fscrypt_initialize_global_de() {
 
     std::string ref_filename = std::string("/data") + fscrypt_key_ref;
     if (!android::vold::writeStringToFile(device_ref.key_raw_ref, ref_filename)) return false;
-
     LOG(INFO) << "Wrote system DE key reference to:" << ref_filename;
 
+    KeyBuffer per_boot_key;
+    if (!android::vold::randomKey(&per_boot_key)) return false;
+    std::string per_boot_raw_ref;
+    if (!android::vold::installKey(per_boot_key, &per_boot_raw_ref)) return false;
+    std::string per_boot_ref_filename = std::string("/data") + fscrypt_key_per_boot_ref;
+    if (!android::vold::writeStringToFile(per_boot_raw_ref, per_boot_ref_filename)) return false;
+    LOG(INFO) << "Wrote per boot key reference to:" << per_boot_ref_filename;
+
     if (!android::vold::FsyncDirectory(device_key_dir)) return false;
-    s_global_de_initialized = true;
+    s_systemwide_keys_initialized = true;
     return true;
 }
 
diff --git a/FsCrypt.h b/FsCrypt.h
index 16e2f9a..03ec2e1 100644
--- a/FsCrypt.h
+++ b/FsCrypt.h
@@ -18,7 +18,7 @@
 
 #include <cutils/multiuser.h>
 
-bool fscrypt_initialize_global_de();
+bool fscrypt_initialize_systemwide_keys();
 
 bool fscrypt_init_user0();
 bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 1762b70..7f7f289 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -691,7 +691,7 @@ binder::Status VoldNativeService::fbeEnable() {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
-    return translateBool(fscrypt_initialize_global_de());
+    return translateBool(fscrypt_initialize_systemwide_keys());
 }
 
 binder::Status VoldNativeService::mountDefaultEncrypted() {