From 253368a0726120efa57664cdd1d088af099a3d81 Mon Sep 17 00:00:00 2001 From: Ethan Yonker Date: Tue, 25 Nov 2014 15:00:52 -0600 Subject: Reduce libs needed for decrypt and clean up old decypt files Trim cryptfs.c to remove functions that TWRP does not use for decrypt and remove the need for libfs_mgr from cryptfs.c by passing some items to cryptfs.c from the partition manager. Add support for new fstab flags: encryptable and forceencrypt=/path/to/cryptokey For example: flags=forceencrypt=/dev/block/platform/sdhci-tegra.3/by-name/MD1 Note that "footer" is the default, so you do not need to set this flag on devices that use the footer for the crypto key. Also add mounttodecrypt if you need to mount a partition during the decrypt cycle for firmware of proprietary libs. Clean up decrypt and only support one version Android 5.0 lollipop decrypt should be backwards compatible with older versions so we will only support one version, 1.3 that came with 5.0 lollipop. Remove support for Samsung TouchWiz decrypt. It does not work with the latest versions of Samsung encryption anyway and it has not been updated to work with any AOSP decryption higher than 1.1 Change-Id: I2d9c6e31df50268c91ee642c2fa090f901d9d5c9 --- crypto/fs_mgr/fs_mgr_priv.h | 85 --------------------------------------------- 1 file changed, 85 deletions(-) delete mode 100644 crypto/fs_mgr/fs_mgr_priv.h (limited to 'crypto/fs_mgr/fs_mgr_priv.h') diff --git a/crypto/fs_mgr/fs_mgr_priv.h b/crypto/fs_mgr/fs_mgr_priv.h deleted file mode 100644 index 59ffd785c..000000000 --- a/crypto/fs_mgr/fs_mgr_priv.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (C) 2012 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __CORE_FS_MGR_PRIV_H -#define __CORE_FS_MGR_PRIV_H - -#include -#include - -#define INFO(x...) KLOG_INFO("fs_mgr", x) -#define ERROR(x...) KLOG_ERROR("fs_mgr", x) - -#define CRYPTO_TMPFS_OPTIONS "size=128m,mode=0771,uid=1000,gid=1000" - -#define WAIT_TIMEOUT 20 - -/* fstab has the following format: - * - * Any line starting with a # is a comment and ignored - * - * Any blank line is ignored - * - * All other lines must be in this format: - * - * - * is a comma separated list of flags that can be passed to the - * mount command. The list includes noatime, nosuid, nodev, nodiratime, - * ro, rw, remount, defaults. - * - * is a comma separated list of options accepted by the filesystem being - * mounted. It is passed directly to mount without being parsed - * - * is a comma separated list of flags that control the operation of - * the fs_mgr program. The list includes "wait", which will wait till - * the file exists, and "check", which requests that the fs_mgr - * run an fscheck program on the before mounting the filesystem. - * If check is specifed on a read-only filesystem, it is ignored. - * Also, "encryptable" means that filesystem can be encrypted. - * The "encryptable" flag _MUST_ be followed by a = and a string which - * is the location of the encryption keys. It can either be a path - * to a file or partition which contains the keys, or the word "footer" - * which means the keys are in the last 16 Kbytes of the partition - * containing the filesystem. - * - * When the fs_mgr is requested to mount all filesystems, it will first mount all the - * filesystems that do _NOT_ specify check (including filesystems that are read-only and - * specify check, because check is ignored in that case) and then it will check and mount - * filesystem marked with check. - * - */ - -#define MF_WAIT 0x1 -#define MF_CHECK 0x2 -#define MF_CRYPT 0x4 -#define MF_NONREMOVABLE 0x8 -#define MF_VOLDMANAGED 0x10 -#define MF_LENGTH 0x20 -#define MF_RECOVERYONLY 0x40 -#define MF_SWAPPRIO 0x80 -#define MF_ZRAMSIZE 0x100 -#define MF_VERIFY 0x200 -/* - * There is no emulated sdcard daemon running on /data/media on this device, - * so treat the physical SD card as the only external storage device, - * a la the Nexus One. - */ -#define MF_NOEMULATEDSD 0x400 - -#define DM_BUF_SIZE 4096 - -#endif /* __CORE_FS_MGR_PRIV_H */ - -- cgit v1.2.3