Support backup/restore of FBE policies

Change-Id: Iba8ef20f57b0fb57bb9406c53148a806441d0b59

crypto/ext4crypt/Ext4Crypt.cpp

@@ -67,6 +67,12 @@ using android::vold::kEmptyAuthentication;
 //static constexpr int FLAG_STORAGE_DE = 1 << 0; // moved to Decrypt.h
 //static constexpr int FLAG_STORAGE_CE = 1 << 1;
 
+// Store main DE raw ref / policy
+std::string de_raw_ref;
+// Map user ids to key references
+std::map<userid_t, std::string> s_de_key_raw_refs;
+std::map<userid_t, std::string> s_ce_key_raw_refs;
+
 namespace {
 const std::string device_key_dir = std::string() + DATA_MNT_POINT + e4crypt_unencrypted_folder;
 const std::string device_key_path = device_key_dir + "/key";
@@ -80,9 +86,6 @@ bool s_global_de_initialized = false;
 // Some users are ephemeral, don't try to wipe their keys from disk
 std::set<userid_t> s_ephemeral_users;
 
-// Map user ids to key references
-std::map<userid_t, std::string> s_de_key_raw_refs;
-std::map<userid_t, std::string> s_ce_key_raw_refs;
 // TODO abolish this map. Keys should not be long-lived in user memory, only kernel memory.
 // See b/26948053
 std::map<userid_t, std::string> s_ce_keys;
@@ -290,7 +293,7 @@ static bool path_exists(const std::string& path) {
     return access(path.c_str(), F_OK) == 0;
 }
 
-static bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, userid_t user_id,
+bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, userid_t user_id,
                            std::string* raw_ref) {
     auto refi = key_map.find(user_id);
     if (refi == key_map.end()) {
@@ -379,6 +382,7 @@ bool e4crypt_initialize_global_de() {
     }
 
     s_global_de_initialized = true;
+    de_raw_ref = device_key_ref;
     return true;
 }