decrypt: AOSP 10 requires the use of fscrypt
fscrypt aosp doc: https://source.android.com/security/encryption/file-based
kernel fscrypt doc: https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html
This commit implements the ability for TWRP to use fscrypt to decrypt
files on the fscrypt implementation. It has been implemented mostly
in a new successor library to e4crypt called libtwrpfscrypt. Most of the
code was ported from AOSP vold.
Notable updates include:
- updated policy storage by libtar
- lookup of fbe policies by libtwrpfscrypt
- threaded keystore operations
Big thanks to Dees_Troy for the initial trailblazing
of encryption in TWRP.
Change-Id: I69cd2eba3693a9914e00213d4943229635d0cdae
diff --git a/libtar/libtar.h b/libtar/libtar.h
old mode 100644
new mode 100755
index aa637b1..19ddd06
--- a/libtar/libtar.h
+++ b/libtar/libtar.h
@@ -24,6 +24,10 @@
# include "ext4crypt_tar.h"
#endif
+#ifdef USE_FSCRYPT
+#include "fscrypt_policy.h"
+#endif
+
#ifdef __cplusplus
extern "C"
{
@@ -71,6 +75,9 @@
#ifdef HAVE_EXT4_CRYPT
struct ext4_encryption_policy *eep;
#endif
+#ifdef USE_FSCRYPT
+ struct fscrypt_encryption_policy *fep;
+#endif
int has_cap_data;
struct vfs_cap_data cap_data;
int has_user_default;
@@ -120,7 +127,12 @@
#define TAR_IGNORE_CRC 64 /* ignore CRC in file header */
#define TAR_STORE_SELINUX 128 /* store selinux context */
#define TAR_USE_NUMERIC_ID 256 /* favor numeric owner over names */
+#ifdef HAVE_EXT4_CRYPT
#define TAR_STORE_EXT4_POL 512 /* store ext4 crypto policy */
+#endif
+#ifdef USE_FSCRYPT
+#define TAR_STORE_FSCRYPT_POL 512 /* store fscrypt crypto policy */
+#endif
#define TAR_STORE_POSIX_CAP 1024 /* store posix file capabilities */
#define TAR_STORE_ANDROID_USER_XATTR 2048 /* store android user.* xattr */