decrypt: AOSP 10 requires the use of fscrypt
fscrypt aosp doc: https://source.android.com/security/encryption/file-based
kernel fscrypt doc: https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html
This commit implements the ability for TWRP to use fscrypt to decrypt
files on the fscrypt implementation. It has been implemented mostly
in a new successor library to e4crypt called libtwrpfscrypt. Most of the
code was ported from AOSP vold.
Notable updates include:
- updated policy storage by libtar
- lookup of fbe policies by libtwrpfscrypt
- threaded keystore operations
Big thanks to Dees_Troy for the initial trailblazing
of encryption in TWRP.
Change-Id: I69cd2eba3693a9914e00213d4943229635d0cdae
diff --git a/gui/Android.mk b/gui/Android.mk
index 0c7a02c..33b9020 100755
--- a/gui/Android.mk
+++ b/gui/Android.mk
@@ -43,6 +43,9 @@
ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 26; echo $$?),0)
LOCAL_SHARED_LIBRARIES += libziparchive
LOCAL_STATIC_LIBRARIES += libotautil
+ ifneq ($(TW_INCLUDE_CRYPTO),)
+ LOCAL_C_INCLUDES += bootable/recovery/crypto/fscrypt
+ endif
ifeq ($(shell test $(PLATFORM_SDK_VERSION) -gt 28; echo $$?),0)
LOCAL_C_INCLUDES += $(LOCAL_PATH)/../install/include \
system/core/libziparchive/include/ \
diff --git a/gui/gui.cpp b/gui/gui.cpp
index c91dd43..6d1a0c0 100755
--- a/gui/gui.cpp
+++ b/gui/gui.cpp
@@ -774,7 +774,6 @@
#ifndef TW_OEM_BUILD
int check = 0;
DataManager::GetValue(TW_IS_ENCRYPTED, check);
-
if (check)
{
if (PageManager::LoadPackage("TWRP", TWRES "ui.xml", "decrypt"))
diff --git a/gui/partitionlist.cpp b/gui/partitionlist.cpp
index 570b16a..a5a68e0 100755
--- a/gui/partitionlist.cpp
+++ b/gui/partitionlist.cpp
@@ -1,5 +1,5 @@
/*
- Copyright 2013 bigbiff/Dees_Troy TeamWin
+ Copyright 2020 TeamWin
This file is part of TWRP/TeamWin Recovery Project.
TWRP is free software: you can redistribute it and/or modify
@@ -261,7 +261,6 @@
}
mList.at(item_selected).selected = 1;
mUpdate = 1;
-
DataManager::SetValue(mVariable, str);
}
} else {
diff --git a/gui/theme/common/languages/en.xml b/gui/theme/common/languages/en.xml
index 478f88d..7982a3b 100755
--- a/gui/theme/common/languages/en.xml
+++ b/gui/theme/common/languages/en.xml
@@ -726,5 +726,6 @@
<string name="flash_ab_reboot">To flash additional zips, please reboot recovery to switch to the updated slot.</string>
<string name="ozip_decrypt_decryption">Starting Ozip Decryption...</string>
<string name="ozip_decrypt_finish">Ozip Decryption Finished!</string>
+ <string name="fbe_wipe_msg">WARNING: {1} wiped. FBE device should be booted into Android and not Recovery to set initial FBE policy after wipe.</string>
</resources>
</language>