PawletOS/android_bootable_recovery
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
550a199e676f879fcaa1ca65e65b72fdc7ff3f21
android_bootable_recovery/crypto/fscrypt/FsCrypt.h
bigbiff bcd23d3e0c wrappedkey: import fixes from lineage 
vold: Enable legacy support for wrapped key

Legacy wrapped key support was dropped while merging changes
to support multiple versions of dm-default key driver in kernel.
Fix this by calling legacy API to check wrapped key support for
metadata encryption.

CRs-Fixed: 2678344
Change-Id: I7d9efec09ddf7169cf0b1114b4e16b9fe38cad4b
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>

 system: vold: Use wrapped key for metadata encryption

Wrapped key feature is needed for better security of encryption keys and
to
ensure data integrity when crypto key cache is cleared during reset
operation
of storage/crypto hardware.

Original patch:
https://source.codeaurora.org/quic/la/platform/system/vold/commit/?h=LA.QSSI.11.0.r1-05600-qssi.0&id=c480f913e6abc2757c0d79afba5a3df1c4adc731
[Pig]: Clean up all deprecated codes that were removed during latter
merge.

CRs-Fixed: 2367150
Change-Id: I83d14861bf81e102151fa3417d84008c214a9ac0

 vold: Bring in more wrapped key changes

Change-Id: I44e81afaec78c567a0bf2eed30a79eb737e2a867
2021-09-27 20:18:37 +00:00

50 lines
2.1 KiB
C++
Executable File
Raw Blame History

/*
* Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <map>
#include <string>
#include <fscrypt/fscrypt.h>
#include <cutils/multiuser.h>
using namespace android::fscrypt;
bool fscrypt_initialize_systemwide_keys();
bool fscrypt_init_user0();
bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
bool fscrypt_destroy_user_key(userid_t user_id);
bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token,
const std::string& secret);
bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& token,
const std::string& secret);
bool fscrypt_fixate_newest_user_key_auth(userid_t user_id);
bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& token,
const std::string& secret);
bool fscrypt_lock_user_key(userid_t user_id);
bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,
int flags);
bool is_metadata_wrapped_key_supported();
bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
bool fscrypt_destroy_volume_keys(const std::string& volume_uuid);
bool lookup_key_ref(const std::map<userid_t, android::fscrypt::EncryptionPolicy>& key_map, userid_t user_id,
std::string* raw_ref);
bool lookup_policy(const std::map<userid_t, EncryptionPolicy>& key_map, userid_t user_id,
EncryptionPolicy* policy);
Reference in New Issue View Git Blame Copy Permalink