commit 45bda64b3dea4eec792281bcb037eb6eab068cef
author bigbiff <bigbiff@teamw.in> Thu Dec 23 19:58:22 2021 -0500
committer bigbiff <bigbiff@teamw.in> Fri Dec 31 15:45:10 2021 +0000
tree 39a65251709edc2d2c4e518e0d6989cd68509eb8
parent a9e4c468305b059d260c3aaff98d00a286c0e5b3

fscrypt v1: support legacy ioctl

Crosshatch uses a legacy ioctl for setting and getting fscrypt
policies. If the device is legacy, we will use the legacy ioctl.

Change-Id: I5c2e068f166b89fe9f7839a6d6a9533e49fc5b07
(cherry picked from commit a84acc7fa5b7b9d2f3ad3168839d52ef56fce2c4)

crypto/fscrypt/fscrypt_policy.cpp

diff --git a/crypto/fscrypt/fscrypt_policy.cpp b/crypto/fscrypt/fscrypt_policy.cpp
index 9ca3ed4..c4986e5 100755
--- a/crypto/fscrypt/fscrypt_policy.cpp
+++ b/crypto/fscrypt/fscrypt_policy.cpp
@@ -33,6 +33,7 @@
 #include <logwrap/logwrap.h>
 #include <utils/misc.h>
 #include <fscrypt/fscrypt.h>
+#include "KeyUtil.h"
 
 #include "fscrypt_policy.h"
 
@@ -144,14 +145,22 @@
 #endif
     int fd = open(directory, O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC);
     if (fd == -1) {
-		printf("failed to open %s\n", directory);
+        printf("failed to open %s\n", directory);
         PLOG(ERROR) << "Failed to open directory " << directory;
         return false;
     }
-    if (ioctl(fd, FS_IOC_SET_ENCRYPTION_POLICY, fep)) {
-        PLOG(ERROR) << "Failed to set encryption policy for " << directory;
-        close(fd);
-        return false;
+    if (isFsKeyringSupported()) {
+        if (ioctl(fd, FS_IOC_SET_ENCRYPTION_POLICY, fep)) {
+            PLOG(ERROR) << "Failed to set encryption policy for " << directory;
+            close(fd);
+            return false;
+        }
+    } else {
+        if (ioctl(fd, FS_IOC_SET_ENCRYPTION_POLICY, fep)) {
+            PLOG(ERROR) << "Failed to set encryption policy for " << directory;
+            close(fd);
+            return false;
+        }
     }
     close(fd);
     return true;
@@ -172,19 +181,28 @@
 #else
     memset(fep, 0, sizeof(fscrypt_policy_v2));
 #endif
-
     struct fscrypt_get_policy_ex_arg ex_policy = {0};
-    ex_policy.policy_size = sizeof(ex_policy.policy);
-    if (ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY_EX, &ex_policy) != 0) {
-        PLOG(ERROR) << "Failed to get encryption policy for " << directory;
-        close(fd);
-        return false;
-    }
+
+    if (isFsKeyringSupported()) {
+        ex_policy.policy_size = sizeof(ex_policy.policy);
+        if (ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY_EX, &ex_policy) != 0) {
+            PLOG(ERROR) << "Failed to get encryption policy for " << directory;
+            close(fd);
+            return false;
+        }
 #ifdef USE_FSCRYPT_POLICY_V1
-    memcpy(fep, &ex_policy.policy.v1, sizeof(ex_policy.policy.v1));
+        memcpy(fep, &ex_policy.policy.v1, sizeof(ex_policy.policy.v1));
 #else
-    memcpy(fep, &ex_policy.policy.v2, sizeof(ex_policy.policy.v2));
+        memcpy(fep, &ex_policy.policy.v2, sizeof(ex_policy.policy.v2));
 #endif
+    } else {
+        if (ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY, &ex_policy.policy.v1) != 0) {
+            PLOG(ERROR) << "Failed to get encryption policy for " << directory;
+            close(fd);
+            return false;
+        }
+        memcpy(fep, &ex_policy.policy.v1, sizeof(ex_policy.policy.v1));
+    }
     close(fd);
     return true;
 }