@ -70,10 +70,6 @@
# define UNUSED __attribute__((unused))
# ifdef CONFIG_HW_DISK_ENCRYPTION
# include "cryptfs_hw.h"
# endif
# define DM_CRYPT_BUF_SIZE 4096
# define HASH_COUNT 2000
@ -1080,16 +1076,7 @@ static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
tgt - > status = 0 ;
tgt - > sector_start = 0 ;
tgt - > length = crypt_ftr - > fs_size ;
# ifdef CONFIG_HW_DISK_ENCRYPTION
if ( ! strcmp ( ( char * ) crypt_ftr - > crypto_type_name , " aes-xts " ) ) {
strlcpy ( tgt - > target_type , " req-crypt " , DM_MAX_TYPE_NAME ) ;
}
else {
strlcpy ( tgt - > target_type , " crypt " , DM_MAX_TYPE_NAME ) ;
}
# else
strlcpy ( tgt - > target_type , " crypt " , DM_MAX_TYPE_NAME ) ;
# endif
crypt_params = buffer + sizeof ( struct dm_ioctl ) + sizeof ( struct dm_target_spec ) ;
convert_key_to_hex_ascii ( master_key , crypt_ftr - > keysize , master_key_ascii ) ;
@ -1134,11 +1121,7 @@ static int get_dm_crypt_version(int fd, const char *name, int *version)
*/
v = ( struct dm_target_versions * ) & buffer [ sizeof ( struct dm_ioctl ) ] ;
while ( v - > next ) {
# ifdef CONFIG_HW_DISK_ENCRYPTION
if ( ! strcmp ( v - > name , " crypt " ) | | ! strcmp ( v - > name , " req-crypt " ) ) {
# else
if ( ! strcmp ( v - > name , " crypt " ) ) {
# endif
/* We found the crypt driver, return the version, and get out */
version [ 0 ] = v - > version [ 0 ] ;
version [ 1 ] = v - > version [ 1 ] ;
@ -1851,14 +1834,6 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
fs_mgr_get_crypt_info ( fstab , 0 , real_blkdev , sizeof ( real_blkdev ) ) ;
# ifdef CONFIG_HW_DISK_ENCRYPTION
if ( ! strcmp ( ( char * ) crypt_ftr - > crypto_type_name , " aes-xts " ) ) {
if ( ! set_hw_device_encryption_key ( passwd , ( char * ) crypt_ftr - > crypto_type_name ) ) {
SLOGE ( " Hardware encryption key does not match " ) ;
}
}
# endif
// Create crypto block device - all (non fatal) code paths
// need it
if ( create_crypto_blk_dev ( crypt_ftr , decrypted_master_key ,
@ -2252,11 +2227,7 @@ static int cryptfs_enable_wipe(char *crypto_blkdev, off64_t size, int type)
/* aligned 32K writes tends to make flash happy.
* SD card association recommends it .
*/
# ifndef CONFIG_HW_DISK_ENCRYPTION
# define BLOCKS_AT_A_TIME 8
# else
# define BLOCKS_AT_A_TIME 1024
# endif
struct encryptGroupsData
{
@ -3123,23 +3094,7 @@ int cryptfs_enable_internal(char *howarg, int crypt_type, char *passwd,
crypt_ftr . flags | = CRYPT_INCONSISTENT_STATE ;
}
crypt_ftr . crypt_type = crypt_type ;
# ifndef CONFIG_HW_DISK_ENCRYPTION
strlcpy ( ( char * ) crypt_ftr . crypto_type_name , " aes-cbc-essiv:sha256 " , MAX_CRYPTO_TYPE_NAME_LEN ) ;
# else
strlcpy ( ( char * ) crypt_ftr . crypto_type_name , " aes-xts " , MAX_CRYPTO_TYPE_NAME_LEN ) ;
rc = clear_hw_device_encryption_key ( ) ;
if ( ! rc ) {
SLOGE ( " Error clearing device encryption hardware key. rc = %d " , rc ) ;
}
rc = set_hw_device_encryption_key ( passwd ,
( char * ) crypt_ftr . crypto_type_name ) ;
if ( ! rc ) {
SLOGE ( " Error initializing device encryption hardware key. rc = %d " , rc ) ;
goto error_shutting_down ;
}
# endif
/* Make an encrypted master key */
if ( create_encrypted_random_key ( onlyCreateHeader ? DEFAULT_PASSWORD : passwd ,
@ -3373,21 +3328,6 @@ int cryptfs_changepw(int crypt_type, const char *newpw)
/* save the key */
put_crypt_ftr_and_key ( & crypt_ftr ) ;
# ifdef CONFIG_HW_DISK_ENCRYPTION
if ( ! strcmp ( ( char * ) crypt_ftr . crypto_type_name , " aes-xts " ) ) {
if ( crypt_type = = CRYPT_TYPE_DEFAULT ) {
int rc = update_hw_device_encryption_key ( DEFAULT_PASSWORD , ( char * ) crypt_ftr . crypto_type_name ) ;
SLOGD ( " Update hardware encryption key to default for crypt_type: %d. rc = %d " , crypt_type , rc ) ;
if ( ! rc )
return - 1 ;
} else {
int rc = update_hw_device_encryption_key ( newpw , ( char * ) crypt_ftr . crypto_type_name ) ;
SLOGD ( " Update hardware encryption key for crypt_type: %d. rc = %d " , crypt_type , rc ) ;
if ( ! rc )
return - 1 ;
}
}
# endif
return 0 ;
}