Enable metadata encryption

Bug: 26778031
Test: Boots, reboots, sector 0 of userdata encrypted
      Make sure an FDE device, both default and password protected,
      boots.
      Make sure an FBE device without metadata encryption boots.
Change-Id: Ic44a32ce7e9b978e9c9e2dc112b26206741c838d

diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index b707549..91382da 100644 (file)
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -212,34 +212,14 @@ static bool prep_data_fs(void)
     // callers to this method must be async
 
     /* Do the prep of the /data filesystem */
-    property_set("vold.post_fs_data_done", "0");
     property_set("vold.decrypt", "trigger_post_fs_data");
-    LOG(DEBUG) << "Waiting for post_fs_data_done";
-
-    /* Wait a max of 50 seconds, hopefully it takes much less */
-    for (int i = 0; ; i++) {
-        char p[PROPERTY_VALUE_MAX];
-
-        property_get("vold.post_fs_data_done", p, "0");
-        if (*p == '1') {
-            LOG(INFO) << "Successful data prep";
-            return true;
-        }
-        if (i + 1 == DATA_PREP_TIMEOUT) {
-            LOG(ERROR) << "post_fs_data timed out";
-            return false;
-        }
-        usleep(50000);
-    }
+    property_set("vold.decrypt", "trigger_restart_framework");
+    return true;
 }
 
 static void async_kick_off() {
     LOG(DEBUG) << "Asynchronously restarting framework";
-    sleep(2); // TODO: this mirrors cryptfs, but can it be made shorter?
-    property_set("vold.decrypt", "trigger_load_persist_props");
     if (!prep_data_fs()) return;
-    /* startup service classes main and late_start */
-    property_set("vold.decrypt", "trigger_restart_framework");
 }
 
 bool e4crypt_mount_metadata_encrypted() {
@@ -306,7 +286,6 @@ bool e4crypt_enable_crypto() {
     property_set("ro.crypto.type", "file");
 
     mount_via_fs_mgr(data_rec->mount_point, crypto_blkdev.c_str());
-    property_set("vold.decrypt", "trigger_reset_main");
     std::thread(&async_kick_off).detach();
     return true;
 }

diff --git a/cryptfs.cpp b/cryptfs.cpp
index 6319362..d5bfe6d 100644 (file)
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -2826,6 +2826,7 @@ int cryptfs_mount_default_encrypted(void)
     } else if (crypt_type != CRYPT_TYPE_DEFAULT) {
         SLOGD("Password is not default - "
               "starting min framework to prompt");
+        property_set("vold.decrypt", "trigger_post_fs_data");
         property_set("vold.decrypt", "trigger_restart_min_framework");
         return 0;
     } else if (cryptfs_check_passwd(DEFAULT_PASSWORD) == 0) {

diff --git a/vdc.rc b/vdc.rc
index 4d51ced..9a95779 100644 (file)
--- a/vdc.rc
+++ b/vdc.rc
@@ -1,5 +1,6 @@
 # One shot invocation to deal with encrypted volume.
 on defaultcrypto
+    start vold
     exec - root -- /system/bin/vdc --wait cryptfs mountdefaultencrypted
     # vold will set vold.decrypt to trigger_restart_framework (default
     # encryption) or trigger_restart_min_framework (other encryption)
@@ -7,6 +8,7 @@ on defaultcrypto
 # One shot invocation to encrypt unencrypted volumes
 on encrypt
     start surfaceflinger
+    start vold
     exec - root -- /system/bin/vdc --wait cryptfs enablecrypto inplace default noui
     # vold will set vold.decrypt to trigger_restart_framework (default
     # encryption)