vold_decrypt: remove deprecated code
This code is for FDE and is only functional in trees
up to Android 9. Remove this non-functioning code
Change-Id: Ide3420cdb45ecbbc671b4c1f3d9ef6160b4834de
(cherry picked from commit d157f26991be55e626732d961873e6223a2d09b4)
diff --git a/Android.mk b/Android.mk
index 62c12e8..5048557 100755
--- a/Android.mk
+++ b/Android.mk
@@ -337,13 +337,6 @@
LOCAL_STATIC_LIBRARIES += libkeymint_support
LOCAL_CFLAGS += -DTW_INCLUDE_FBE_METADATA_DECRYPT
- ifneq ($(TW_CRYPTO_USE_SYSTEM_VOLD),)
- ifneq ($(TW_CRYPTO_USE_SYSTEM_VOLD),false)
- TW_INCLUDE_LIBRESETPROP := true
- LOCAL_CFLAGS += -DTW_CRYPTO_USE_SYSTEM_VOLD
- LOCAL_STATIC_LIBRARIES += libvolddecrypt
- endif
- endif
ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)
ifeq ($(TARGET_CRYPTFS_HW_PATH),)
@@ -739,13 +732,7 @@
endif
ifeq ($(TW_INCLUDE_CRYPTO), true)
- # include $(commands_TWRP_local_path)/crypto/fde/Android.mk
include $(commands_TWRP_local_path)/crypto/scrypt/Android.mk
- ifneq ($(TW_CRYPTO_USE_SYSTEM_VOLD),)
- ifneq ($(TW_CRYPTO_USE_SYSTEM_VOLD),false)
- include $(commands_TWRP_local_path)/crypto/vold_decrypt/Android.mk
- endif
- endif
include $(commands_TWRP_local_path)/gpt/Android.mk
endif
ifeq ($(BUILD_ID), GINGERBREAD)
diff --git a/crypto/vold_decrypt/Android.bp--skip_soong-- b/crypto/vold_decrypt/Android.bp--skip_soong--
deleted file mode 100644
index f16942d..0000000
--- a/crypto/vold_decrypt/Android.bp--skip_soong--
+++ /dev/null
@@ -1,15 +0,0 @@
-cc_binary {
- name: "vdc_pie",
- defaults: ["vold_default_flags"],
-
- srcs: ["vdc_pie.cpp"],
- shared_libs: [
- "libbase",
- "libbinder",
- "libcutils",
- "libutils",
- ],
- static_libs: [
- "libvold_binder",
- ],
-}
diff --git a/crypto/vold_decrypt/Android.mk b/crypto/vold_decrypt/Android.mk
deleted file mode 100755
index a36abf4..0000000
--- a/crypto/vold_decrypt/Android.mk
+++ /dev/null
@@ -1,156 +0,0 @@
-# Copyright (C) 2017 TeamWin Recovery Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-LOCAL_PATH := $(call my-dir)
-
-ifeq ($(TW_INCLUDE_CRYPTO), true)
- ifneq ($(TW_CRYPTO_USE_SYSTEM_VOLD),)
-
- # Parse TW_CRYPTO_USE_SYSTEM_VOLD
- ifeq ($(TW_CRYPTO_USE_SYSTEM_VOLD),true)
- # Just enabled, so only vold + vdc
- services :=
- else
- # Additional services needed by vold
- services := $(TW_CRYPTO_USE_SYSTEM_VOLD)
- endif
-
- # Parse TW_CRYPTO_SYSTEM_VOLD_MOUNT
- ifneq ($(TW_CRYPTO_SYSTEM_VOLD_MOUNT),)
- # Per device additional partitions to mount
- partitions := $(TW_CRYPTO_SYSTEM_VOLD_MOUNT)
- endif
-
- # List of .rc files for each additional service
- rc_files := $(foreach item,$(services),init.recovery.vold_decrypt.$(item).rc)
-
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := init.recovery.vold_decrypt.rc
- LOCAL_MODULE_TAGS := optional
- LOCAL_MODULE_CLASS := RECOVERY_EXECUTABLES
-
- # Cannot send to TARGET_RECOVERY_ROOT_OUT since build system wipes init*.rc
- # during ramdisk creation and only allows init.recovery.*.rc files to be copied
- # from TARGET_ROOT_OUT thereafter
- LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
-
- LOCAL_SRC_FILES := $(LOCAL_MODULE)
-
- # Add additional .rc files and imports into init.recovery.vold_decrypt.rc
- # Note: any init.recovery.vold_decrypt.{service}.rc that are not default
- # in crypto/vold_decrypt should be in the device tree
- LOCAL_POST_INSTALL_CMD := $(hide) \
- $(foreach item, $(rc_files), \
- sed -i '1iimport \/$(item)' "$(TARGET_ROOT_OUT)/$(LOCAL_MODULE)"; \
- if [ -f "$(LOCAL_PATH)/$(item)" ]; then \
- cp -f "$(LOCAL_PATH)/$(item)" "$(TARGET_ROOT_OUT)"/; \
- fi; \
- )
-
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 26; echo $$?),0)
- # Truncate service_name to max 16 characters
- LOCAL_POST_INSTALL_CMD += \
- $(foreach item, $(rc_files), \
- if [ -f "$(TARGET_ROOT_OUT)/$(item)" ]; then \
- sed -i 's/\([ \t]*service[ \t]*\)\(.\{16\}\).*\([ \t].*\)/\1\2\3/' "$(TARGET_ROOT_OUT)/$(item)"; \
- fi; \
- )
- endif
-
- include $(BUILD_PREBUILT)
-
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := libvolddecrypt
- LOCAL_MODULE_TAGS := optional
- LOCAL_CFLAGS := -Wall
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 23; echo $$?),0)
- LOCAL_C_INCLUDES += external/stlport/stlport bionic bionic/libstdc++/include
- endif
-
- ifneq ($(services),)
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 26; echo $$?),0)
- # Truncate service_name to max 12 characters due to the 4 character prefix
- truncated_services := $(foreach item,$(services),$(shell echo -n "$(item)" | sed 's/\(.\{12\}\).*/\1/'))
- LOCAL_CFLAGS += -DTW_CRYPTO_SYSTEM_VOLD_SERVICES='"$(truncated_services)"'
- LOCAL_CFLAGS += -D_USING_SHORT_SERVICE_NAMES
- else
- LOCAL_CFLAGS += -DTW_CRYPTO_SYSTEM_VOLD_SERVICES='"$(services)"'
- endif
- endif
-
- ifneq ($(partitions),)
- LOCAL_CFLAGS += -DTW_CRYPTO_SYSTEM_VOLD_MOUNT='"$(partitions)"'
- endif
-
- ifeq ($(TW_CRYPTO_SYSTEM_VOLD_DEBUG),true)
- # Enabling strace will expose the password in the strace logs!!
- LOCAL_CFLAGS += -DTW_CRYPTO_SYSTEM_VOLD_DEBUG
- else
- ifneq ($(TW_CRYPTO_SYSTEM_VOLD_DEBUG),)
- # Specify strace path
- LOCAL_CFLAGS += -DTW_CRYPTO_SYSTEM_VOLD_DEBUG
- LOCAL_CFLAGS += -DVD_STRACE_BIN=\"$(TW_CRYPTO_SYSTEM_VOLD_DEBUG)\"
- endif
- endif
-
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 26; echo $$?),0)
- ifeq ($(TW_INCLUDE_LIBRESETPROP), true)
- LOCAL_CFLAGS += -DTW_INCLUDE_LIBRESETPROP
- endif
- endif
-
- LOCAL_SRC_FILES = vold_decrypt.cpp
- LOCAL_SHARED_LIBRARIES := libcutils
- LOCAL_C_INCLUDES += system/extras/ext4_utils/include
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 29; echo $$?),0)
- LOCAL_C_INCLUDES += bootable/recovery/crypto/fscrypt
- else
- LOCAL_C_INCLUDES += bootable/recovery/crypto/ext4crypt
- endif
- include $(BUILD_STATIC_LIBRARY)
-
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 28; echo $$?),0)
- include $(CLEAR_VARS)
- LOCAL_MODULE := vdc_pie
- LOCAL_SRC_FILES := vdc_pie.cpp
- LOCAL_MODULE_TAGS := optional
- LOCAL_MODULE_CLASS := RECOVERY_EXECUTABLES
- LOCAL_MODULE_PATH := $(TARGET_RECOVERY_ROOT_OUT)/
- LOCAL_CLANG := true
- LOCAL_TIDY := true
- LOCAL_TIDY_FLAGS := -warnings-as-errors=clang-analyzer-security*,cert-*
- LOCAL_TIDY_CHECKS := -*,cert-*,clang,-analyzer-security*
- LOCAL_STATIC_LIBRARIES := libvold_binder
- LOCAL_SHARED_LIBRARIES := libbase libcutils libutils libbinder
- LOCAL_CFLAGS := -Wall
- ifeq ($(TWRP_INCLUDE_LOGCAT), true)
- LOCAL_CFLAGS += -DTWRP_INCLUDE_LOGCAT
- endif
- ifneq ($(TARGET_ARCH), arm64)
- ifneq ($(TARGET_ARCH), x86_64)
- LOCAL_LDFLAGS += -Wl,-dynamic-linker,/system/bin/linker
- else
- LOCAL_LDFLAGS += -Wl,-dynamic-linker,/system/bin/linker64
- endif
- else
- LOCAL_LDFLAGS += -Wl,-dynamic-linker,/system/bin/linker64
- endif
-
- include $(BUILD_EXECUTABLE)
- endif
-
- endif
-endif
diff --git a/crypto/vold_decrypt/init.recovery.vold_decrypt.hwservicemanager.rc b/crypto/vold_decrypt/init.recovery.vold_decrypt.hwservicemanager.rc
deleted file mode 100755
index ab8b4ac..0000000
--- a/crypto/vold_decrypt/init.recovery.vold_decrypt.hwservicemanager.rc
+++ /dev/null
@@ -1,18 +0,0 @@
-# Service names must be less than 16 characters in android-7.1 and
-# below. The makefile will truncate service names if needed in any
-# init.recovery.vold_decryp.*.rc file found in the vold_decrypt
-# directory.
-# It cannot however do this for any .rc file(s) that may be
-# overridden by the device tree files!
-
-# The seclabels are not needed when built in Android 8.0 tree
-# in 7.1 however the below do not exist, so run them under vold
-service sys_hwservicemanager /system/bin/hwservicemanager
- user root
- group root
- setenv PATH /system/bin
- setenv LD_LIBRARY_PATH /system/lib64:/system/lib
- onrestart setprop hwservicemanager.ready false
- disabled
- oneshot
- seclabel u:r:vold:s0
diff --git a/crypto/vold_decrypt/init.recovery.vold_decrypt.keymaster-3-0.rc b/crypto/vold_decrypt/init.recovery.vold_decrypt.keymaster-3-0.rc
deleted file mode 100755
index e9f0b02..0000000
--- a/crypto/vold_decrypt/init.recovery.vold_decrypt.keymaster-3-0.rc
+++ /dev/null
@@ -1,17 +0,0 @@
-# Service names must be less than 16 characters in android-7.1 and
-# below. The makefile will truncate service names if needed in any
-# init.recovery.vold_decryp.*.rc file found in the vold_decrypt
-# directory.
-# It cannot however do this for any .rc file(s) that may be
-# overridden by the device tree files!
-
-# The seclabels are not needed when built in Android 8.0 tree
-# in 7.1 however the below do not exist, so run them under vold
-service ven_keymaster-3-0 /vendor/bin/hw/android.hardware.keymaster@3.0-service
- user root
- group root
- setenv PATH /vendor/bin:/system/bin
- setenv LD_LIBRARY_PATH /vendor/lib64:/system/lib64:/vendor/lib:/system/lib
- disabled
- oneshot
- seclabel u:r:vold:s0
diff --git a/crypto/vold_decrypt/init.recovery.vold_decrypt.qseecomd.rc b/crypto/vold_decrypt/init.recovery.vold_decrypt.qseecomd.rc
deleted file mode 100755
index 0866608..0000000
--- a/crypto/vold_decrypt/init.recovery.vold_decrypt.qseecomd.rc
+++ /dev/null
@@ -1,26 +0,0 @@
-on fs
- # needed to make qseecomd work in recovery
- chmod 0660 /dev/qseecom
- chown system drmrpc /dev/qseecom
- chmod 0664 /dev/ion
- chown system system /dev/ion
-
-
-# Oreo has qseecomd in /vendor/bin so add the additional
-# service. Only an existing binary will be started, never both.
-
-service sys_qseecomd /system/bin/qseecomd
- user root
- group root
- setenv PATH /system/bin
- setenv LD_LIBRARY_PATH /system/lib64:/system/lib
- disabled
- oneshot
-
-service ven_qseecomd /vendor/bin/qseecomd
- user root
- group root
- setenv PATH /vendor/bin:/system/bin
- setenv LD_LIBRARY_PATH /vendor/lib64:/system/lib64:/vendor/lib:/system/lib
- disabled
- oneshot
diff --git a/crypto/vold_decrypt/init.recovery.vold_decrypt.rc b/crypto/vold_decrypt/init.recovery.vold_decrypt.rc
deleted file mode 100755
index 65983eb..0000000
--- a/crypto/vold_decrypt/init.recovery.vold_decrypt.rc
+++ /dev/null
@@ -1,10 +0,0 @@
-
-service sys_vold /system/bin/vold \
- --blkid_context=u:r:blkid:s0 --blkid_untrusted_context=u:r:blkid_untrusted:s0 \
- --fsck_context=u:r:fsck:s0 --fsck_untrusted_context=u:r:fsck_untrusted:s0
- socket vold stream 0660 root mount
- socket cryptd stream 0660 root mount
- setenv PATH /system/bin
- setenv LD_LIBRARY_PATH /system/lib64:/system/lib
- disabled
- oneshot
diff --git a/crypto/vold_decrypt/init.recovery.vold_decrypt.servicemanager.rc b/crypto/vold_decrypt/init.recovery.vold_decrypt.servicemanager.rc
deleted file mode 100644
index 40672d7..0000000
--- a/crypto/vold_decrypt/init.recovery.vold_decrypt.servicemanager.rc
+++ /dev/null
@@ -1,8 +0,0 @@
-service sys_servicemanager /system/bin/servicemanager
- user root
- group root
- setenv PATH /system/bin
- setenv LD_LIBRARY_PATH /system/lib64:/system/lib
- disabled
- oneshot
- seclabel u:r:vold:s0
diff --git a/crypto/vold_decrypt/vdc_pie.cpp b/crypto/vold_decrypt/vdc_pie.cpp
deleted file mode 100644
index a840712..0000000
--- a/crypto/vold_decrypt/vdc_pie.cpp
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <signal.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdlib.h>
-#include <poll.h>
-
-#include <cutils/properties.h>
-#include <sys/select.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/un.h>
-
-#include "android/os/IVold.h"
-
-#include <binder/IServiceManager.h>
-#include <binder/Status.h>
-
-#include <private/android_filesystem_config.h>
-
-static void usage();
-
-static android::sp<android::IBinder> getServiceAggressive() {
- static char prop_value[PROPERTY_VALUE_MAX];
- property_get("init.svc.sys_vold", prop_value, "error");
- if (strncmp(prop_value, "running", strlen("running")) != 0) {
- printf("vdc_pie: vold is not running, init.svc.sys_vold=%s\n", prop_value);
- exit(EINVAL);
- }
-
- android::sp<android::IBinder> res;
- auto sm = android::defaultServiceManager();
- auto name = android::String16("vold");
- for (int i = 0; i < 5000; i++) {
- res = sm->checkService(name);
- if (res) {
- printf("vdc_pie: Got vold, waited %d ms\n", (i * 10));
- break;
- }
- usleep(10000); // 10ms
- }
- return res;
-}
-
-static int checkStatus(android::binder::Status status) {
- if (status.isOk()) return 0;
- std::string ret = status.toString8().string();
-#ifdef TWRP_INCLUDE_LOGCAT
- printf("vdc_pie: Decryption failed, vold service returned: %s,"
- " see logcat for details\n", ret.c_str());
-#else
- printf("vdc_pie: Decryption failed, vold service returned: %s\n", ret.c_str());
-#endif
- return -1;
-}
-
-int main(int argc, char** argv) {
- std::vector<std::string> args(argv + 1, argv + argc);
-
- if (args.size() > 0 && args[0] == "--wait") {
- // Just ignore the --wait flag
- args.erase(args.begin());
- }
-
- if (args.size() < 2) {
- usage();
- exit(5);
- }
- android::sp<android::IBinder> binder = getServiceAggressive();
- if (!binder) {
- printf("vdc_pie: Failed to obtain vold Binder\n");
- exit(EINVAL);
- }
- auto vold = android::interface_cast<android::os::IVold>(binder);
-
- if (args[0] == "cryptfs" && args[1] == "checkpw" && args.size() == 3) {
- return checkStatus(vold->fdeCheckPassword(args[2]));
- } else {
- usage();
- exit(EINVAL);
- }
- return 0;
-}
-
-static void usage() {
- printf("vdc_pie: Usage: vold_pie cryptfs checkpw <password>\n");
-}
diff --git a/crypto/vold_decrypt/vold_decrypt.cpp b/crypto/vold_decrypt/vold_decrypt.cpp
deleted file mode 100755
index 4a76405..0000000
--- a/crypto/vold_decrypt/vold_decrypt.cpp
+++ /dev/null
@@ -1,1441 +0,0 @@
-/*
- Copyright 2017 TeamWin
- This file is part of TWRP/TeamWin Recovery Project.
-
- TWRP is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- TWRP is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with TWRP. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <sys/mount.h>
-#include <sys/time.h>
-#include <dirent.h>
-#include <fnmatch.h>
-
-#include <signal.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-
-#include <fstream>
-#include <string>
-#include <vector>
-#include <sstream>
-
-#ifdef _USING_SHORT_SERVICE_NAMES
-#include <map>
-#endif
-
-#include "../../partitions.hpp"
-#include "../../twrp-functions.hpp"
-
-using namespace std;
-
-extern "C" {
- #include <cutils/properties.h>
-}
-
-#include "vold_decrypt.h"
-
-namespace {
-
-/* Timeouts as defined by ServiceManager */
-
-/* The maximum amount of time to wait for a service to start or stop,
- * in micro-seconds (really an approximation) */
-#define SLEEP_MAX_USEC 2000000 /* 2 seconds */
-/* The minimal sleeping interval between checking for the service's state
- * when looping for SLEEP_MAX_USEC */
-#define SLEEP_MIN_USEC 200000 /* 200 msec */
-
-
-/* vold response codes defined in ResponseCode.h */
-// 200 series - Requested action has been successfully completed
-#define COMMAND_OKAY 200
-#define PASSWORD_TYPE_RESULT 213
-
-
-#define LOGINFO(...) do { printf(__VA_ARGS__); if (fp_kmsg) { fprintf(fp_kmsg, "[VOLD_DECRYPT]I:" __VA_ARGS__); fflush(fp_kmsg); } } while (0)
-#define LOGKMSG(...) do { if (fp_kmsg) { fprintf(fp_kmsg, "[VOLD_DECRYPT]K:" __VA_ARGS__); fflush(fp_kmsg); } } while (0)
-#define LOGERROR(...) do { printf(__VA_ARGS__); if (fp_kmsg) { fprintf(fp_kmsg, "[VOLD_DECRYPT]E:" __VA_ARGS__); fflush(fp_kmsg); } } while (0)
-
-FILE *fp_kmsg = NULL;
-int sdkver = 20;
-
-
-/* Debugging Functions */
-#ifdef TW_CRYPTO_SYSTEM_VOLD_DEBUG
-
-#ifndef VD_STRACE_BIN
-#define VD_STRACE_BIN "/system/bin/strace"
-#endif
-
-bool has_strace = false;
-pid_t pid_strace = 0;
-
-void Strace_init_Start(void) {
- has_strace = TWFunc::Path_Exists(VD_STRACE_BIN);
- if (!has_strace) {
- LOGINFO("strace binary (%s) not found, disabling strace in vold_decrypt!\n", VD_STRACE_BIN);
- return;
- }
-
- pid_t pid;
- switch(pid = fork())
- {
- case -1:
- LOGKMSG("forking strace_init failed: %d (%s)!\n", errno, strerror(errno));
- return;
- case 0: // child
- execl(VD_STRACE_BIN, "strace", "-q", "-tt", "-ff", "-v", "-y", "-s", "1000", "-o", "/tmp/strace_init.log", "-p", "1" , NULL);
- LOGKMSG("strace_init fork failed: %d (%s)!\n", errno, strerror(errno));
- exit(-1);
- default:
- LOGKMSG("Starting strace_init (pid=%d)\n", pid);
- pid_strace = pid;
- return;
- }
-}
-
-void Strace_init_Stop(void) {
- if (pid_strace > 0) {
- LOGKMSG("Stopping strace_init (pid=%d)\n", pid_strace);
- int timeout;
- int status;
- pid_t retpid = waitpid(pid_strace, &status, WNOHANG);
-
- kill(pid_strace, SIGTERM);
- for (timeout = 5; retpid == 0 && timeout; --timeout) {
- sleep(1);
- retpid = waitpid(pid_strace, &status, WNOHANG);
- }
- if (retpid)
- LOGKMSG("strace_init terminated successfully\n");
- else {
- // SIGTERM didn't work, kill it instead
- kill(pid_strace, SIGKILL);
- for (timeout = 5; retpid == 0 && timeout; --timeout) {
- sleep(1);
- retpid = waitpid(pid_strace, &status, WNOHANG);
- }
- if (retpid)
- LOGKMSG("strace_init killed successfully\n");
- else
- LOGKMSG("strace_init took too long to kill, may be a zombie process\n");
- }
- }
-}
-#endif // TW_CRYPTO_SYSTEM_VOLD_DEBUG
-
-
-/* Convert a binary key of specified length into an ascii hex string equivalent,
- * without the leading 0x and with null termination
- *
- * Original code from cryptfs.c
- */
-string convert_key_to_hex_ascii(const string& master_key) {
- size_t i;
- unsigned char nibble;
- string master_key_ascii = "";
-
- for (i = 0; i < master_key.size(); ++i) {
- nibble = (master_key[i] >> 4) & 0xf;
- nibble += nibble > 9 ? 0x57 : 0x30;
- master_key_ascii += nibble;
-
- nibble = master_key[i] & 0xf;
- nibble += nibble > 9 ? 0x57 : 0x30;
- master_key_ascii += nibble;
- }
-
- return master_key_ascii;
-}
-
-/* Helper Functions */
-#define PATH_EXISTS(path) (access(path, F_OK) >= 0)
-
-int vrename(const string& oldname, const string& newname, bool verbose = false) {
- const char *old_name = oldname.c_str();
- const char *new_name = newname.c_str();
-
- if (!PATH_EXISTS(old_name))
- return 0;
-
- if (rename(old_name, new_name) < 0) {
- LOGERROR("Moving %s to %s failed: %d (%s)\n", old_name, new_name, errno, strerror(errno));
- return -1;
- } else if (verbose)
- LOGINFO("Renamed %s to %s\n", old_name, new_name);
- else
- LOGKMSG("Renamed %s to %s\n", old_name, new_name);
- return 0;
-}
-
-int vsymlink(const string& oldname, const string& newname, bool verbose = false) {
- const char *old_name = oldname.c_str();
- const char *new_name = newname.c_str();
-
- if (!PATH_EXISTS(old_name))
- return 0;
-
- if (symlink(old_name, new_name) < 0) {
- LOGERROR("Symlink %s -> %s failed: %d (%s)\n", new_name, old_name, errno, strerror(errno));
- return -1;
- } else if (verbose)
- LOGINFO("Symlinked %s -> %s\n", new_name, old_name);
- else
- LOGKMSG("Symlinked %s -> %s\n", new_name, old_name);
- return 0;
-}
-
-
-/* Properties and Services Functions */
-string Wait_For_Property(const string& property_name, int utimeout = SLEEP_MAX_USEC, const string& expected_value = "not_empty") {
- char prop_value[PROPERTY_VALUE_MAX];
-
- if (expected_value == "not_empty") {
- while (utimeout > 0) {
- property_get(property_name.c_str(), prop_value, "error");
- if (strcmp(prop_value, "error") != 0)
- break;
- LOGKMSG("waiting for %s to get set\n", property_name.c_str());
- utimeout -= SLEEP_MIN_USEC;
- usleep(SLEEP_MIN_USEC);;
- }
- }
- else {
- while (utimeout > 0) {
- property_get(property_name.c_str(), prop_value, "error");
- if (strcmp(prop_value, expected_value.c_str()) == 0)
- break;
- LOGKMSG("waiting for %s to change from '%s' to '%s'\n", property_name.c_str(), prop_value, expected_value.c_str());
- utimeout -= SLEEP_MIN_USEC;
- usleep(SLEEP_MIN_USEC);
- }
- }
- property_get(property_name.c_str(), prop_value, "error");
-
- return prop_value;
-}
-
-string Get_Service_State(const string& initrc_svc) {
- char prop_value[PROPERTY_VALUE_MAX];
- string init_svc = "init.svc." + initrc_svc;
- property_get(init_svc.c_str(), prop_value, "error");
- return prop_value;
-}
-
-bool Service_Exists(const string& initrc_svc) {
- return (Get_Service_State(initrc_svc) != "error");
-}
-
-bool Is_Service_Running(const string& initrc_svc) {
- return (Get_Service_State(initrc_svc) == "running");
-}
-
-bool Is_Service_Stopped(const string& initrc_svc) {
- return (Get_Service_State(initrc_svc) == "stopped");
-}
-
-bool Start_Service(const string& initrc_svc, int utimeout = SLEEP_MAX_USEC) {
- string res = "error";
- string init_svc = "init.svc." + initrc_svc;
-
- property_set("ctl.start", initrc_svc.c_str());
-
- res = Wait_For_Property(init_svc, utimeout, "running");
-
- LOGINFO("Start service %s: %s.\n", initrc_svc.c_str(), res.c_str());
-
- return (res == "running");
-}
-
-bool Stop_Service(const string& initrc_svc, int utimeout = SLEEP_MAX_USEC) {
- string res = "error";
-
- if (Service_Exists(initrc_svc)) {
- string init_svc = "init.svc." + initrc_svc;
- property_set("ctl.stop", initrc_svc.c_str());
- res = Wait_For_Property(init_svc, utimeout, "stopped");
- LOGINFO("Stop service %s: %s.\n", initrc_svc.c_str(), res.c_str());
- }
-
- return (res == "stopped");
-}
-
-
-/* Vendor, Firmware and fstab symlink Functions */
-bool is_Vendor_Mounted(void) {
- static int is_mounted = -1;
- if (is_mounted < 0)
- is_mounted = PartitionManager.Is_Mounted_By_Path("/vendor") ? 1 : 0;
- return is_mounted;
-}
-
-bool is_Firmware_Mounted(void) {
- static int is_mounted = -1;
- if (is_mounted < 0)
- is_mounted = PartitionManager.Is_Mounted_By_Path("/firmware") ? 1 : 0;
- return is_mounted;
-}
-
-bool will_VendorBin_Be_Symlinked(void) {
- return (!is_Vendor_Mounted() && TWFunc::Path_Exists("/system/vendor"));
-}
-
-bool Symlink_Vendor_Folder(void) {
- bool is_vendor_symlinked = false;
-
- if (is_Vendor_Mounted()) {
- LOGINFO("vendor partition mounted, skipping /vendor substitution\n");
- }
- else if (TWFunc::Path_Exists("/system/vendor")) {
- LOGINFO("Symlinking vendor folder...\n");
- if (!TWFunc::Path_Exists("/vendor") || vrename("/vendor", "/vendor-orig") == 0) {
- TWFunc::Recursive_Mkdir("/vendor/firmware/keymaster");
- vsymlink("/system/vendor/lib64", "/vendor/lib64", true);
- vsymlink("/system/vendor/lib", "/vendor/lib", true);
- vsymlink("/system/vendor/bin", "/vendor/bin", true);
- is_vendor_symlinked = true;
- property_set("vold_decrypt.symlinked_vendor", "1");
- }
- }
- return is_vendor_symlinked;
-}
-
-void Restore_Vendor_Folder(void) {
- property_set("vold_decrypt.symlinked_vendor", "0");
- TWFunc::removeDir("/vendor", false);
- vrename("/vendor-orig", "/vendor");
-}
-
-bool Symlink_Firmware_Folder(void) {
- bool is_firmware_symlinked = false;
-
- if (is_Firmware_Mounted()) {
- LOGINFO("firmware partition mounted, skipping /firmware substitution\n");
- }
- else {
- LOGINFO("Symlinking firmware folder...\n");
- if (!TWFunc::Path_Exists("/firmware") || vrename("/firmware", "/firmware-orig") == 0) {
- TWFunc::Recursive_Mkdir("/firmware/image");
- is_firmware_symlinked = true;
- property_set("vold_decrypt.symlinked_firmware", "1");
- }
- }
- return is_firmware_symlinked;
-}
-
-void Restore_Firmware_Folder(void) {
- property_set("vold_decrypt.symlinked_firmware", "0");
- TWFunc::removeDir("/firmware", false);
- vrename("/firmware-orig", "/firmware");
-}
-
-int Find_Firmware_Files(const string& Path, vector<string> *FileList) {
- int ret;
- DIR* d;
- struct dirent* de;
- string FileName;
-
- d = opendir(Path.c_str());
- if (d == NULL) {
- closedir(d);
- return -1;
- }
- while ((de = readdir(d)) != NULL) {
- if (de->d_type == DT_DIR) {
- if (strcmp(de->d_name, ".") == 0 || strcmp(de->d_name, "..") == 0)
- continue;
- FileName = Path + "/" + de->d_name;
- ret = Find_Firmware_Files(FileName, FileList);
- if (ret < 0)
- return -1;
- } else if (de->d_type == DT_REG) {
- if (fnmatch("keymaste*.*", de->d_name, 0) == 0 || fnmatch("cmnlib.*", de->d_name, 0) == 0) {
- FileName = Path + "/" + de->d_name;
- FileList->push_back(FileName);
- }
- }
- }
- closedir(d);
- return 0;
-}
-
-void Symlink_Firmware_Files(bool is_vendor_symlinked, bool is_firmware_symlinked) {
- if (!is_vendor_symlinked && !is_firmware_symlinked)
- return;
-
- LOGINFO("Symlinking firmware files...\n");
-
- vector<string> FirmwareFiles;
- Find_Firmware_Files("/system", &FirmwareFiles);
-
- for (size_t i = 0; i < FirmwareFiles.size(); ++i) {
- string base_name = TWFunc::Get_Filename(FirmwareFiles[i]);
-
- if (is_firmware_symlinked)
- vsymlink(FirmwareFiles[i], "/firmware/image/" + base_name);
-
- if (is_vendor_symlinked) {
- vsymlink(FirmwareFiles[i], "/vendor/firmware/" + base_name);
- vsymlink(FirmwareFiles[i], "/vendor/firmware/keymaster/" + base_name);
- }
- }
- LOGINFO("%d file(s) symlinked.\n", (int)FirmwareFiles.size());
-}
-
-// Android 8.0 fs_mgr checks for "/system/bin/recovery", in which case it will
-// use /etc/recovery.fstab -> symlink it temporarily. Reference:
-// https://android.googlesource.com/platform/system/core/+/android-8.0.0_r17/fs_mgr/fs_mgr_fstab.cpp#693
-bool Symlink_Recovery_Fstab(void) {
- bool is_fstab_symlinked = false;
-
- if (vrename("/etc/recovery.fstab", "/etc/recovery-fstab-orig") == 0) {
- is_fstab_symlinked = true;
-
- // now attempt to symlink to /fstab.{ro.hardware}, but even if that
- // fails, keep TWRP's fstab hidden since it cannot be parsed by fs_mgr
- char prop_value[PROPERTY_VALUE_MAX];
- property_get("ro.hardware", prop_value, "error");
- if (strcmp(prop_value, "error")) {
- string fstab_device = "/fstab."; fstab_device += prop_value;
- vsymlink(fstab_device, "/etc/recovery.fstab");
- }
- }
- return is_fstab_symlinked;
-}
-
-void Restore_Recovery_Fstab(void) {
- unlink("/etc/recovery.fstab");
- vrename("/etc/recovery-fstab-orig", "/etc/recovery.fstab");
-}
-
-
-/* Additional Services Functions */
-#ifdef TW_CRYPTO_SYSTEM_VOLD_SERVICES
-typedef struct {
- string Service_Name;
- string Service_Path;
- string Service_Binary;
-
- string VOLD_Service_Name;
- string TWRP_Service_Name;
- bool is_running;
- bool resume;
- bool bin_exists;
- bool svc_exists;
-} AdditionalService;
-
-typedef struct {
- string Service_Name;
- string Service_Path;
- string Service_Binary;
-} RC_Service;
-
-// expand_props() courtesy of platform_system_core_init_util.cpp
-bool expand_props(const std::string& src, std::string* dst) {
- const char* src_ptr = src.c_str();
-
- if (!dst) {
- return false;
- }
-
- /* - variables can either be $x.y or ${x.y}, in case they are only part
- * of the string.
- * - will accept $$ as a literal $.
- * - no nested property expansion, i.e. ${foo.${bar}} is not supported,
- * bad things will happen
- * - ${x.y:-default} will return default value if property empty.
- */
- while (*src_ptr) {
- const char* c;
-
- c = strchr(src_ptr, '$');
- if (!c) {
- dst->append(src_ptr);
- return true;
- }
-
- dst->append(src_ptr, c);
- c++;
-
- if (*c == '$') {
- dst->push_back(*(c++));
- src_ptr = c;
- continue;
- } else if (*c == '\0') {
- return true;
- }
-
- std::string prop_name;
- std::string def_val;
- if (*c == '{') {
- c++;
- const char* end = strchr(c, '}');
- if (!end) {
- // failed to find closing brace, abort.
- return false;
- }
- prop_name = std::string(c, end);
- c = end + 1;
- size_t def = prop_name.find(":-");
- if (def < prop_name.size()) {
- def_val = prop_name.substr(def + 2);
- prop_name = prop_name.substr(0, def);
- }
- } else {
- prop_name = c;
- c += prop_name.size();
- }
-
- if (prop_name.empty()) {
- return false;
- }
-
- char prop_value[PROPERTY_VALUE_MAX];
- property_get(prop_name.c_str(), prop_value, "");
- std::string prop_val = prop_value;
- if (prop_val.empty()) {
- if (def_val.empty()) {
- return false;
- }
- prop_val = def_val;
- }
-
- dst->append(prop_val);
- src_ptr = c;
- }
-
- return true;
-}
-
-string GetArgument(const string& line, size_t argument_number, bool expand_properties) {
- size_t beg;
- size_t end;
- string argument;
-
- beg = line.find_first_not_of(" \t\r");
- if (beg == string::npos)
- return "";
-
- for (size_t i = 0; i < argument_number; ++i) {
- end = line.find_first_of(" \t\r", beg);
- if (end == string::npos)
- return "";
-
- beg = line.find_first_not_of(" \t\r", end);
- if (beg == string::npos)
- return "";
- }
-
- end = line.find_first_of(" \t\r", beg);
- if (end == string::npos)
- argument = line.substr(beg);
- else
- argument = line.substr(beg, end - beg); // exclude trailing whitespace
-
- if (expand_properties) {
- string expanded_property_argument;
- if (expand_props(argument, &expanded_property_argument))
- return expanded_property_argument;
- else
- return "";
- } else {
- return argument;
- }
-}
-
-// Very simplified .rc parser to get services
-void Parse_RC_File(const string& rc_file, vector<RC_Service>& RC_Services) {
- ifstream file;
-
- file.open(rc_file.c_str(), ios::in);
- if (!file.is_open())
- return;
-
- size_t beg; // left trim
- size_t end; // right trim
- bool continuation = false; // backslash continuation
- string line; // line
- string real_line; // trimmed line with backslash continuation removal
- vector<string> imports; // file names of imports (we don't want to recursively do while the file is open)
-
- while (getline(file, line)) {
- beg = line.find_first_not_of(" \t\r");
- end = line.find_last_not_of(" \t\r");
- if (end == string::npos)
- end = line.length();
-
- if (beg == string::npos) {
- if (continuation)
- continuation = false;
- else
- continue;
- } else if (line[end] == '\\') {
- continuation = true;
- real_line += line.substr(beg, end - beg); // excluding backslash
- continue;
- } else if (continuation) {
- continuation = false;
- real_line += line.substr(beg, end - beg + 1);
- } else {
- real_line = line.substr(beg, end - beg + 1);
- }
-
- if (GetArgument(real_line, 0, false) == "import") {
- // handle: import <file>
- string file_name = GetArgument(real_line, 1, true);
- if (file_name.empty()) {
- // INVALID IMPORT
- } else
- imports.push_back(file_name);
- } else if (GetArgument(real_line, 0, false) == "service") {
- // handle: service <name> <path>
- RC_Service svc;
-
- svc.Service_Name = GetArgument(real_line, 1, false);
- svc.Service_Path = GetArgument(real_line, 2, true);
-
- if (svc.Service_Name.empty() || svc.Service_Path.empty()) {
- // INVALID SERVICE ENTRY
- } else {
- beg = svc.Service_Path.find_last_of("/");
- if (beg == string::npos)
- svc.Service_Binary = svc.Service_Path;
- else
- svc.Service_Binary = svc.Service_Path.substr(beg + 1);
-
-/*
-#ifdef _USING_SHORT_SERVICE_NAMES
- if (svc.Service_Name.length() > 16) {
- LOGERROR("WARNING: Ignoring service %s (-> %s)\n"
- " defined in %s is greater than 16 characters and will\n"
- " not be able to be run by init on android-7.1 or below!\n",
- svc.Service_Name.c_str(), svc.Service_Path.c_str(), rc_file.c_str()
- );
- }
- else
-#endif
-*/
- RC_Services.push_back(svc);
- }
- }
- real_line.clear();
- }
- file.close();
-
- for (size_t i = 0; i < imports.size(); ++i) {
- Parse_RC_File(imports[i], RC_Services);
- }
-}
-
-vector<AdditionalService> Get_List_Of_Additional_Services(void) {
- vector<AdditionalService> services;
-
- // Additional Services needed by vold_decrypt (eg qseecomd, hwservicemanager, etc)
- vector<string> service_names = TWFunc::Split_String(TW_CRYPTO_SYSTEM_VOLD_SERVICES, " ");
- for (size_t i = 0; i < service_names.size(); ++i) {
- AdditionalService svc;
- svc.Service_Name = service_names[i];
- svc.bin_exists = false;
- svc.svc_exists = false;
- services.push_back(svc);
-
-#ifdef _USING_SHORT_SERVICE_NAMES
- // Fallback code for >16 character service names which
- // allows for multiple definitions in custom .rc files
- if (service_names[i].length() > 12) {
- svc.Service_Name = service_names[i].substr(0, 12); // 16-4(prefix)=12
- svc.bin_exists = false;
- svc.svc_exists = false;
- services.push_back(svc);
- }
-#endif
- }
-
- // Read list of all services defined in all .rc files
- vector<RC_Service> RC_Services;
- Parse_RC_File("/init.rc", RC_Services);
-
-
- // Cross reference Additional Services against the .rc Services and establish
- // availability of the binaries, otherwise disable it to avoid unnecessary
- // delays and log spam.
- // Also check for duplicate entries between TWRP and vold_decrypt so we can
- // stop and restart any conflicting services.
- for (size_t i = 0; i < RC_Services.size(); ++i) {
- string prefix = RC_Services[i].Service_Name.substr(0, 4);
-
-#ifdef _USING_SHORT_SERVICE_NAMES
- map<string,size_t> rc_indeces;
-#endif
-
- if (prefix != "sys_" && prefix != "ven_") {
-#ifdef _USING_SHORT_SERVICE_NAMES
- if (RC_Services[i].Service_Name.length() > 12) {
- // save this entry for potential binary name match
- rc_indeces.insert(pair<string,size_t>(RC_Services[i].Service_Binary, i));
- }
-#endif
- continue;
- }
-
- for (size_t j = 0; j < services.size(); ++j) {
- string path = RC_Services[i].Service_Path;
- if (prefix == "ven_" && will_VendorBin_Be_Symlinked()) {
- path = "/system" + path; // vendor is going to get symlinked to /system/vendor
- }
-
- if (RC_Services[i].Service_Name == prefix + services[j].Service_Name) {
- services[j].svc_exists = true;
-
- if (!services[j].VOLD_Service_Name.empty() && TWFunc::Path_Exists(path)) {
- // Duplicate match, log but use previous definition
- LOGERROR("Service %s: VOLD_Service_Name already defined as %s\n", RC_Services[i].Service_Name.c_str(), services[j].VOLD_Service_Name.c_str());
- }
- else if (TWFunc::Path_Exists(path)) {
- services[j].bin_exists = true;
- services[j].VOLD_Service_Name = RC_Services[i].Service_Name; // prefix + service_name
- services[j].Service_Path = RC_Services[i].Service_Path;
- services[j].Service_Binary = RC_Services[i].Service_Binary;
-
- if (Service_Exists(services[j].Service_Name))
- services[j].TWRP_Service_Name = services[j].Service_Name;
- else if (Service_Exists("system/bin" + services[j].Service_Name))
- services[j].TWRP_Service_Name = "system/bin" + services[j].Service_Name;
- else
- services[j].TWRP_Service_Name.clear();
-
-#ifdef _USING_SHORT_SERVICE_NAMES
- if (services[j].TWRP_Service_Name.empty()) {
- // Try matching Service_Binary (due to 16 character service_name limit in 7.1 and below)
- map<string,size_t>::iterator it = rc_indeces.find(services[j].Service_Binary);
- if (it != rc_indeces.end()) {
- services[j].TWRP_Service_Name = RC_Services[it->second].Service_Name;
- }
- }
-#endif
- }
- break;
- }
- }
- }
-
- LOGINFO("List of additional services for vold_decrypt:\n");
- for (size_t i = 0; i < services.size(); ++i) {
- if (!services[i].svc_exists) {
- LOGINFO(" %s: Disabled due to lack of .rc service entry\n", services[i].Service_Name.c_str());
- } else if (services[i].bin_exists) {
- if (services[i].TWRP_Service_Name.empty()) {
- LOGINFO(" %s: Enabled as %s -> %s\n",
- services[i].Service_Name.c_str(),
- services[i].VOLD_Service_Name.c_str(), services[i].Service_Path.c_str()
- );
- } else {
- LOGINFO(" %s: Enabled as %s -> %s (temporarily replacing TWRP's %s service)\n",
- services[i].Service_Name.c_str(),
- services[i].VOLD_Service_Name.c_str(), services[i].Service_Path.c_str(),
- services[i].TWRP_Service_Name.c_str()
- );
- }
- }
- else {
- LOGINFO(" %s: Disabled due to lack of matching binary\n", services[i].Service_Name.c_str());
- }
- }
- return services;
-}
-#endif
-
-
-/* Misc Functions */
-void Set_Needed_Properties(void) {
- // vold won't start without ro.storage_structure on Kitkat
- string sdkverstr = TWFunc::System_Property_Get("ro.build.version.sdk");
- if (!sdkverstr.empty()) {
- sdkver = atoi(sdkverstr.c_str());
- }
- if (sdkver <= 19) {
- string ro_storage_structure = TWFunc::System_Property_Get("ro.storage_structure");
- if (!ro_storage_structure.empty())
- property_set("ro.storage_structure", ro_storage_structure.c_str());
- }
- property_set("hwservicemanager.ready", "false");
- property_set("sys.listeners.registered", "false");
- property_set("vendor.sys.listeners.registered", "false");
-}
-
-void Update_Patch_Level(void) {
- // On Oreo and above, keymaster requires Android version & patch level to match installed system
- string sdkverstr = TWFunc::System_Property_Get("ro.build.version.sdk");
- if (!sdkverstr.empty()) {
- sdkver = atoi(sdkverstr.c_str());
- }
- if (sdkver <= 25) {
- property_set("vold_decrypt.legacy_system", "true");
- } else {
- LOGINFO("Current system is Oreo or above. Setting OS version and security patch level from installed system...\n");
- property_set("vold_decrypt.legacy_system", "false");
- }
-
- char prop_value[PROPERTY_VALUE_MAX];
- char legacy_system_value[PROPERTY_VALUE_MAX] = "false";
- property_get("vold_decrypt.legacy_system", prop_value, "");
-
- // Only set OS ver and patch level if device uses Oreo+ system
- if (strcmp(prop_value, legacy_system_value) == 0) {
- property_get("ro.build.version.release", prop_value, "");
- std::string osver_orig = prop_value;
- property_set("vold_decrypt.osver_orig", osver_orig.c_str());
- LOGINFO("Current OS version: %s\n", osver_orig.c_str());
-
- int error = 0;
- std::string osver = TWFunc::System_Property_Get("ro.build.version.release");
- if (!(osver == osver_orig)) {
- if (!(error = TWFunc::Property_Override("ro.build.version.release", osver))) {
- LOGINFO("Property override successful! New OS version: %s\n", osver.c_str());
- } else {
- LOGERROR("Property override failed, code %d\n", error);
- return;
- }
- // TODO: Confirm whether we actually need to update the props in prop.default
- std::string sed_osver = "sed -i 's/ro.build.version.release=.*/ro.build.version.release=" + osver + "/g' /prop.default";
- TWFunc::Exec_Cmd(sed_osver);
- property_set("vold_decrypt.osver_set", "true");
- } else {
- LOGINFO("Current OS version & System OS version already match. Proceeding to next step.\n");
- property_set("vold_decrypt.osver_set", "false");
- }
-
- property_get("ro.build.version.security_patch", prop_value, "");
- std::string patchlevel_orig = prop_value;
- property_set("vold_decrypt.patchlevel_orig", patchlevel_orig.c_str());
- LOGINFO("Current security patch level: %s\n", patchlevel_orig.c_str());
-
- std::string patchlevel = TWFunc::System_Property_Get("ro.build.version.security_patch");
- if (!(patchlevel == patchlevel_orig)) {
- if (!(error = TWFunc::Property_Override("ro.build.version.security_patch", patchlevel))) {
- LOGINFO("Property override successful! New security patch level: %s\n", patchlevel.c_str());
- } else {
- LOGERROR("Property override failed, code %d\n", error);
- return;
- }
- // TODO: Confirm whether we actually need to update the props in prop.default
- std::string sed_patchlevel = "sed -i 's/ro.build.version.security_patch=.*/ro.build.version.security_patch=" + patchlevel + "/g' /prop.default";
- TWFunc::Exec_Cmd(sed_patchlevel);
- property_set("vold_decrypt.patchlevel_set", "true");
- } else {
- LOGINFO("Current security patch level & System security patch level already match. Proceeding to next step.\n");
- property_set("vold_decrypt.patchlevel_set", "false");
- }
- return;
- } else {
- LOGINFO("Current system is Nougat or older. Skipping OS version and security patch level setting...\n");
- return;
- }
-}
-
-void Revert_Patch_Level(void) {
- char osver_set[PROPERTY_VALUE_MAX];
- char patchlevel_set[PROPERTY_VALUE_MAX];
- char osver_patchlevel_set[PROPERTY_VALUE_MAX] = "false";
-
- property_get("vold_decrypt.osver_set", osver_set, "");
- property_get("vold_decrypt.patchlevel_set", patchlevel_set, "");
-
- int osver_result = strcmp(osver_set, osver_patchlevel_set);
- int patchlevel_result = strcmp(patchlevel_set, osver_patchlevel_set);
- if (!(osver_result == 0 && patchlevel_result == 0)) {
- char prop_value[PROPERTY_VALUE_MAX];
- LOGINFO("Reverting OS version and security patch level to original TWRP values...\n");
- property_get("vold_decrypt.osver_orig", prop_value, "");
- std::string osver_orig = prop_value;
- property_get("ro.build.version.release", prop_value, "");
- std::string osver = prop_value;
-
- int error = 0;
- if (!(osver == osver_orig)) {
- if (!(error = TWFunc::Property_Override("ro.build.version.release", osver_orig))) {
- LOGINFO("Property override successful! Original OS version: %s\n", osver_orig.c_str());
- } else {
- LOGERROR("Property override failed, code %d\n", error);
- return;
- }
- // TODO: Confirm whether we actually need to update the props in prop.default
- std::string sed_osver_orig = "sed -i 's/ro.build.version.release=.*/ro.build.version.release=" + osver_orig + "/g' /prop.default";
- TWFunc::Exec_Cmd(sed_osver_orig);
- }
-
- property_get("vold_decrypt.patchlevel_orig", prop_value, "");
- std::string patchlevel_orig = prop_value;
- property_get("ro.build.version.security_patch", prop_value, "");
- std::string patchlevel = prop_value;
-
- if (!(patchlevel == patchlevel_orig)) {
- if (!(error = TWFunc::Property_Override("ro.build.version.security_patch", patchlevel_orig))) {
- LOGINFO("Property override successful! Original security patch level: %s\n", patchlevel_orig.c_str());
- } else {
- LOGERROR("Property override failed, code %d\n", error);
- return;
- }
- // TODO: Confirm whether we actually need to update the props in prop.default
- std::string sed_patchlevel_orig = "sed -i 's/ro.build.version.security_patch=.*/ro.build.version.security_patch=" + patchlevel_orig + "/g' /prop.default";
- TWFunc::Exec_Cmd(sed_patchlevel_orig);
- }
- } else {
- return;
- }
-}
-
-static unsigned int get_blkdev_size(int fd) {
- unsigned long nr_sec;
-
- if ( (ioctl(fd, BLKGETSIZE, &nr_sec)) == -1) {
- nr_sec = 0;
- }
-
- return (unsigned int) nr_sec;
-}
-
-#define CRYPT_FOOTER_OFFSET 0x4000
-static char footer[16 * 1024];
-const char* userdata_path;
-static off64_t offset;
-
-int footer_br(const string& command) {
- int fd;
-
- if (command == "backup") {
- unsigned int nr_sec;
- TWPartition* userdata = PartitionManager.Find_Partition_By_Path("/data");
- userdata_path = userdata->Actual_Block_Device.c_str();
- fd = open(userdata_path, O_RDONLY);
- if (fd < 0) {
- LOGERROR("E:footer_backup: Cannot open '%s': %s\n", userdata_path, strerror(errno));
- return -1;
- }
- if ((nr_sec = get_blkdev_size(fd))) {
- offset = ((off64_t)nr_sec * 512) - CRYPT_FOOTER_OFFSET;
- } else {
- LOGERROR("E:footer_br: Failed to get offset\n");
- close(fd);
- return -1;
- }
- if (lseek64(fd, offset, SEEK_SET) == -1) {
- LOGERROR("E:footer_backup: Failed to lseek64\n");
- close(fd);
- return -1;
- }
- if (read(fd, footer, sizeof(footer)) != sizeof(footer)) {
- LOGERROR("E:footer_br: Failed to read: %s\n", strerror(errno));
- close(fd);
- return -1;
- }
- close(fd);
- } else if (command == "restore") {
- fd = open(userdata_path, O_WRONLY);
- if (fd < 0) {
- LOGERROR("E:footer_restore: Cannot open '%s': %s\n", userdata_path, strerror(errno));
- return -1;
- }
- if (lseek64(fd, offset, SEEK_SET) == -1) {
- LOGERROR("E:footer_restore: Failed to lseek64\n");
- close(fd);
- return -1;
- }
- if (write(fd, footer, sizeof(footer)) != sizeof(footer)) {
- LOGERROR("E:footer_br: Failed to write: %s\n", strerror(errno));
- close(fd);
- return -1;
- }
- close(fd);
- } else {
- LOGERROR("E:footer_br: wrong command argument: %s\n", command.c_str());
- return -1;
- }
- return 0;
-}
-
-/* vdc Functions */
-typedef struct {
- string Output; // Entire line excluding \n
- int ResponseCode; // ResponseCode.h (int)
- int Sequence; // Sequence (int)
- int Message; // Message (string) but we're only interested in int
-} vdc_ReturnValues;
-
-int Exec_vdc_cryptfs(const string& command, const string& argument, vdc_ReturnValues* vdcResult) {
- pid_t pid;
- int status;
- int pipe_fd[2][2];
-
- vdcResult->Output.clear();
- vdcResult->ResponseCode = vdcResult->Sequence = vdcResult->Message = -1;
-
- for (int i = 0; i < 2; ++i) {
- if (pipe(pipe_fd[i])) {
- LOGERROR("exec_vdc_cryptfs: pipe() error!\n");
- return -1;
- }
- }
-
- // getpwtype and checkpw commands are removed from Pie vdc, using modified vdc_pie
- const char *cmd[] = { "/system/bin/vdc_pie", "cryptfs" };
- if (sdkver < 28)
- cmd[0] = "/system/bin/vdc";
- const char *env[] = { "LD_LIBRARY_PATH=/system/lib64:/system/lib", NULL };
-
- LOGINFO("sdkver: %d, using %s\n", sdkver, cmd[0]);
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_DEBUG
- string log_name = "/tmp/strace_vdc_" + command;
-#endif
-
- switch(pid = fork())
- {
- case -1:
- LOGERROR("exec_vdc_cryptfs: fork failed: %d (%s)!\n", errno, strerror(errno));
- return -1;
-
- case 0: // child
- fflush(stdout); fflush(stderr);
- for (int i = 0; i < 2; ++i) {
- close(pipe_fd[i][0]);
- dup2(pipe_fd[i][1], ((i == 0) ? STDOUT_FILENO : STDERR_FILENO));
- close(pipe_fd[i][1]);
- }
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_DEBUG
- if (has_strace) {
- if (argument.empty())
- execl(VD_STRACE_BIN, "strace", "-q", "-tt", "-ff", "-v", "-y", "-s", "1000", "-o", log_name.c_str(),
- "-E", env[0], cmd[0], cmd[1], command.c_str(), NULL);
- else
- execl(VD_STRACE_BIN, "strace", "-q", "-tt", "-ff", "-v", "-y", "-s", "1000", "-o", log_name.c_str(),
- "-E", env[0], cmd[0], cmd[1], command.c_str(), argument.c_str(), NULL);
- } else
-#endif
- if (argument.empty())
- execle(cmd[0], cmd[0], cmd[1], command.c_str(), NULL, env);
- else
- execle(cmd[0], cmd[0], cmd[1], command.c_str(), argument.c_str(), NULL, env);
- _exit(127);
- break;
-
- default:
- {
- int timeout = 30*100;
-
- for (int i = 0; i < 2; ++i) {
- close(pipe_fd[i][1]);
-
- // Non-blocking read loop with timeout
- int flags = fcntl(pipe_fd[i][0], F_GETFL, 0);
- fcntl(pipe_fd[i][0], F_SETFL, flags | O_NONBLOCK);
- }
-
- char buffer[128];
- ssize_t count;
- string strout[2];
- pid_t retpid = waitpid(pid, &status, WNOHANG);
- while (true) {
- for (int i = 0; i < 2; ++i) {
- count = read(pipe_fd[i][0], buffer, sizeof(buffer));
- if (count == -1) {
- if (errno == EINTR)
- continue;
- else if (errno != EAGAIN)
- LOGERROR("exec_vdc_cryptfs: read() error %d (%s)\n!", errno, strerror(errno));
- } else if (count > 0) {
- strout[i].append(buffer, count);
- }
- }
-
- retpid = waitpid(pid, &status, WNOHANG);
- if (retpid == 0 && --timeout)
- usleep(10000);
- else
- break;
- };
-
- for (int i = 0; i < 2; ++i) {
- close(pipe_fd[i][0]);
- }
-
- if (!strout[0].empty()) {
- sscanf(strout[0].c_str(), "%d %d %d", &vdcResult->ResponseCode, &vdcResult->Sequence, &vdcResult->Message);
- vdcResult->Output = "I:" + strout[0];
- }
- if (!strout[1].empty()) {
- vdcResult->Output += "E:" + strout[1];
- }
- std::replace(vdcResult->Output.begin(), vdcResult->Output.end(), '\n', '|');
-
- if (!vdcResult->Output.empty() && vdcResult->Output[vdcResult->Output.length() - 1] != '|')
- vdcResult->Output += "|";
- vdcResult->Output += "RC=" + TWFunc::to_string(WEXITSTATUS(status));
-
- // Error handling
- if (retpid == 0 && timeout == 0) {
- LOGERROR("exec_vdc_cryptfs: took too long, killing process\n");
- kill(pid, SIGKILL);
- for (timeout = 5; retpid == 0 && timeout; --timeout) {
- sleep(1);
- retpid = waitpid(pid, &status, WNOHANG);
- }
- if (retpid)
- LOGINFO("exec_vdc_cryptfs: process killed successfully\n");
- else
- LOGERROR("exec_vdc_cryptfs: process took too long to kill, may be a zombie process\n");
- return VD_ERR_VOLD_OPERATION_TIMEDOUT;
- } else if (retpid > 0) {
- if (WIFSIGNALED(status)) {
- LOGERROR("exec_vdc_cryptfs: process ended with signal: %d\n", WTERMSIG(status)); // Seg fault or some other non-graceful termination
- return -1;
- }
- } else if (retpid < 0) { // no PID returned
- if (errno == ECHILD)
- LOGINFO("exec_vdc_cryptfs: no child process exist\n");
- else {
- LOGERROR("exec_vdc_cryptfs: Unexpected error %d (%s)\n", errno, strerror(errno));
- return -1;
- }
- }
- if (sdkver >= 28) {
- return WEXITSTATUS(status);
- }
- return 0;
- }
- }
-}
-
-int Run_vdc(const string& Password) {
- int res;
- struct timeval t1, t2;
- vdc_ReturnValues vdcResult;
-
- LOGINFO("About to run vdc...\n");
-
- // Pie vdc communicates with vold directly, no socket so lets not waste time
- if (sdkver < 28) {
- // Wait for vold connection
- gettimeofday(&t1, NULL);
- t2 = t1;
- while ((t2.tv_sec - t1.tv_sec) < 5) {
- // cryptfs getpwtype returns: R1=213(PasswordTypeResult) R2=? R3="password", "pattern", "pin", "default"
- res = Exec_vdc_cryptfs("getpwtype", "", &vdcResult);
- if (vdcResult.ResponseCode == PASSWORD_TYPE_RESULT) {
- res = 0;
- break;
- }
- LOGINFO("Retrying connection to vold (Reason: %s)\n", vdcResult.Output.c_str());
- usleep(SLEEP_MIN_USEC); // vdc usually usleep(10000), but that causes too many unnecessary attempts
- gettimeofday(&t2, NULL);
- }
-
- if (res == 0 && (t2.tv_sec - t1.tv_sec) < 5)
- LOGINFO("Connected to vold: %s\n", vdcResult.Output.c_str());
- else if (res == VD_ERR_VOLD_OPERATION_TIMEDOUT)
- return VD_ERR_VOLD_OPERATION_TIMEDOUT; // should never happen for getpwtype
- else if (res)
- return VD_ERR_FORK_EXECL_ERROR;
- else if (vdcResult.ResponseCode != -1)
- return VD_ERR_VOLD_UNEXPECTED_RESPONSE;
- else
- return VD_ERR_VDC_FAILED_TO_CONNECT;
- }
-
- // Input password from GUI, or default password
- res = Exec_vdc_cryptfs("checkpw", Password, &vdcResult);
- if (res == VD_ERR_VOLD_OPERATION_TIMEDOUT)
- return VD_ERR_VOLD_OPERATION_TIMEDOUT;
- else if (res)
- return VD_ERR_FORK_EXECL_ERROR;
-
- LOGINFO("vdc cryptfs result (passwd): %s\n", vdcResult.Output.c_str());
- /*
- if (res == 0 && vdcResult.ResponseCode != COMMAND_OKAY)
- return VD_ERR_VOLD_UNEXPECTED_RESPONSE;
- */
-
- // our vdc returns vold binder op status,
- // we care about status.ok() only which is 0
- if (sdkver >= 28) {
- vdcResult.Message = res;
- }
-
- if (vdcResult.Message != 0) {
- // try falling back to Lollipop hex passwords
- string hexPassword = convert_key_to_hex_ascii(Password);
- res = Exec_vdc_cryptfs("checkpw", hexPassword, &vdcResult);
- if (res == VD_ERR_VOLD_OPERATION_TIMEDOUT)
- return VD_ERR_VOLD_OPERATION_TIMEDOUT;
- else if (res)
- return VD_ERR_FORK_EXECL_ERROR;
-
- LOGINFO("vdc cryptfs result (hex_pw): %s\n", vdcResult.Output.c_str());
- /*
- if (res == 0 && vdcResult.ResponseCode != COMMAND_OKAY)
- return VD_ERR_VOLD_UNEXPECTED_RESPONSE;
- */
- }
-
- // sdk < 28 vdc's return value is dependant upon source origin, it will either
- // return 0 or ResponseCode, so disregard and focus on decryption instead
- // our vdc always returns 0 on success
- if (vdcResult.Message == 0) {
- // Decryption successful wait for crypto blk dev
- Wait_For_Property("ro.crypto.fs_crypto_blkdev");
- res = VD_SUCCESS;
- } else if (vdcResult.ResponseCode != COMMAND_OKAY) {
- res = VD_ERR_VOLD_UNEXPECTED_RESPONSE;
- } else {
- res = VD_ERR_DECRYPTION_FAILED;
- }
-
- return res;
-}
-
-int Vold_Decrypt_Core(const string& Password) {
- int res;
- bool is_vendor_symlinked = false;
- bool is_firmware_symlinked = false;
- bool is_fstab_symlinked = false;
- bool is_vold_running = false;
-
- if (Password.empty()) {
- LOGINFO("vold_decrypt: password is empty!\n");
- return VD_ERR_PASSWORD_EMPTY;
- }
-
- // Mount ANDROID_ROOT and check for vold and vdc
- if (!PartitionManager.Mount_By_Path(PartitionManager.Get_Android_Root_Path(), true)) {
- return VD_ERR_UNABLE_TO_MOUNT_SYSTEM;
- } else if ((!TWFunc::Path_Exists("/system/bin/vold")) && (!TWFunc::Path_Exists(PartitionManager.Get_Android_Root_Path() + "/system/bin/vold"))) {
- LOGINFO("ERROR: vold not found, aborting.\n");
- return VD_ERR_MISSING_VOLD;
- } else if ((!TWFunc::Path_Exists("/system/bin/vdc")) && (!TWFunc::Path_Exists(PartitionManager.Get_Android_Root_Path() + "/system/bin/vdc"))) {
- LOGINFO("ERROR: vdc not found, aborting.\n");
- return VD_ERR_MISSING_VDC;
- }
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_MOUNT
- vector<string> partitions = TWFunc::Split_String(TW_CRYPTO_SYSTEM_VOLD_MOUNT, " ");
- for (size_t i = 0; i < partitions.size(); ++i) {
- string mnt_point = "/" + partitions[i];
- if(PartitionManager.Find_Partition_By_Path(mnt_point)) {
- if (!PartitionManager.Mount_By_Path(mnt_point, true)) {
- LOGERROR("Unable to mount %s\n", mnt_point.c_str());
- return VD_ERR_UNABLE_TO_MOUNT_EXTRA;
- }
- LOGINFO("%s partition mounted\n", partitions[i].c_str());
- }
- }
-#endif
-
- fp_kmsg = fopen("/dev/kmsg", "a");
-
- LOGINFO("TW_CRYPTO_USE_SYSTEM_VOLD := true\n");
-
- // just cache the result to avoid unneeded duplicates in recovery.log
- LOGINFO("Checking existence of vendor and firmware partitions...\n");
- is_Vendor_Mounted();
- is_Firmware_Mounted();
-
- LOGINFO("Attempting to use system's vold for decryption...\n");
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_DEBUG
- Strace_init_Start();
-#endif
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_SERVICES
- vector<AdditionalService> Services = Get_List_Of_Additional_Services();
-
- // Check if TWRP is running any of the services
- for (size_t i = 0; i < Services.size(); ++i) {
- if (!Services[i].TWRP_Service_Name.empty() && !Is_Service_Stopped(Services[i].TWRP_Service_Name)) {
- Services[i].resume = true;
- Stop_Service(Services[i].TWRP_Service_Name);
- } else
- Services[i].resume = false;
- }
-#endif
-
- LOGINFO("Setting up folders and permissions...\n");
- is_fstab_symlinked = Symlink_Recovery_Fstab();
- is_vendor_symlinked = Symlink_Vendor_Folder();
- is_firmware_symlinked = Symlink_Firmware_Folder();
- Symlink_Firmware_Files(is_vendor_symlinked, is_firmware_symlinked);
-
- Set_Needed_Properties();
-#ifdef TW_INCLUDE_LIBRESETPROP
- Update_Patch_Level();
-#endif
-
- // Start services needed for vold decrypt
- LOGINFO("Starting services...\n");
-#ifdef TW_CRYPTO_SYSTEM_VOLD_SERVICES
- for (size_t i = 0; i < Services.size(); ++i) {
- if (Services[i].bin_exists) {
- if (Services[i].Service_Binary.find("keymaster") != string::npos) {
- Wait_For_Property("hwservicemanager.ready", 500000, "true");
- LOGINFO(" hwservicemanager is ready.\n");
- }
-
- Services[i].is_running = Start_Service(Services[i].VOLD_Service_Name);
-
- if (Services[i].Service_Binary == "qseecomd") {
- if (Wait_For_Property("sys.listeners.registered", 500000, "true") == "true"
- || Wait_For_Property("vendor.sys.listeners.registered", 500000, "true") == "true")
- LOGINFO(" qseecomd listeners registered.\n");
- }
- }
- }
-#endif
- is_vold_running = Start_Service("sys_vold");
-
- if (is_vold_running) {
-#ifdef TW_CRYPTO_SYSTEM_VOLD_SERVICES
- for (size_t i = 0; i < Services.size(); ++i) {
- if (Services[i].bin_exists && !Is_Service_Running(Services[i].VOLD_Service_Name) && Services[i].resume) {
- // if system_service has died restart the twrp_service
- LOGINFO("%s is not running, resuming %s!\n", Services[i].VOLD_Service_Name.c_str(), Services[i].TWRP_Service_Name.c_str());
- Start_Service(Services[i].TWRP_Service_Name);
- }
- }
-#endif
-
- /*
- * Oreo and Pie vold on some devices alters footer causing
- * system to ask for decryption password at next boot although
- * password haven't changed so we save footer before and restore it
- * after vold operations
- */
- if (sdkver > 25) {
- if (footer_br("backup") == 0) {
- LOGINFO("footer_br: crypto footer backed up\n");
- res = Run_vdc(Password);
- if (footer_br("restore") == 0)
- LOGINFO("footer_br: crypto footer restored\n");
- else
- LOGERROR("footer_br: Failed to restore crypto footer\n");
- } else {
- LOGERROR("footer_br: Failed to backup crypto footer, \
- skipping decrypt to prevent data loss. Reboot recovery to try again...\n");
- res = -1;
- }
- } else {
- res = Run_vdc(Password);
- }
-
- if (res != 0) {
- LOGINFO("Decryption failed\n");
- }
- } else {
- LOGINFO("Failed to start vold\n");
- res = VD_ERR_VOLD_FAILED_TO_START;
- }
-#ifdef TW_INCLUDE_LIBRESETPROP
- Revert_Patch_Level();
-#endif
- // Stop services needed for vold decrypt so /system can be unmounted
- LOGINFO("Stopping services...\n");
- Stop_Service("sys_vold");
-#ifdef TW_CRYPTO_SYSTEM_VOLD_SERVICES
- for (size_t i = 0; i < Services.size(); ++i) {
- if (!Is_Service_Running(Services[i].VOLD_Service_Name) && Services[i].resume)
- Stop_Service(Services[i].TWRP_Service_Name);
- else if (Services[i].bin_exists)
- Stop_Service(Services[i].VOLD_Service_Name);
- }
-#endif
-
- if (is_firmware_symlinked)
- Restore_Firmware_Folder();
- if (is_vendor_symlinked)
- Restore_Vendor_Folder();
- if (is_fstab_symlinked)
- Restore_Recovery_Fstab();
-
- if (!PartitionManager.UnMount_By_Path(PartitionManager.Get_Android_Root_Path(), true)) {
- // PartitionManager failed to unmount ANDROID_ROOT, this should not happen,
- // but in case it does, do a lazy unmount
- LOGINFO("WARNING: '%s' could not be unmounted normally!\n", PartitionManager.Get_Android_Root_Path().c_str());
- umount2(PartitionManager.Get_Android_Root_Path().c_str(), MNT_DETACH);
- }
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_MOUNT
- for (size_t i = 0; i < partitions.size(); ++i) {
- string mnt_point = "/" + partitions[i];
- if(PartitionManager.Is_Mounted_By_Path(mnt_point)) {
- if (!PartitionManager.UnMount_By_Path(mnt_point, true)) {
- LOGINFO("WARNING: %s partition could not be unmounted normally!\n", partitions[i].c_str());
- umount2(mnt_point.c_str(), MNT_DETACH);
- }
- }
- }
-#endif
-
- LOGINFO("Finished.\n");
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_SERVICES
- Set_Needed_Properties();
- // Restart previously running services
- for (size_t i = 0; i < Services.size(); ++i) {
- if (Services[i].resume) {
- if (Services[i].Service_Binary.find("keymaster") != string::npos) {
- Wait_For_Property("hwservicemanager.ready", 500000, "true");
- LOGINFO(" hwservicemanager is ready.\n");
- }
-
- Start_Service(Services[i].TWRP_Service_Name);
-
- if (Services[i].Service_Binary == "qseecomd") {
- if (Wait_For_Property("sys.listeners.registered", 500000, "true") == "true"
- || Wait_For_Property("vendor.sys.listeners.registered", 500000, "true") == "true")
- LOGINFO(" qseecomd listeners registered.\n");
- }
- }
- }
-#endif
-
-#ifdef TW_CRYPTO_SYSTEM_VOLD_DEBUG
- Strace_init_Stop();
-#endif
-
- // Finish up and exit
- if (fp_kmsg) {
- fflush(fp_kmsg);
- fclose(fp_kmsg);
- }
-
- return res;
-}
-
-} // namespace
-
-/*
- * Common vold Response Codes / Errors:
- * 406 (OpFailedStorageNotFound) -> Problem reading or parsing fstab
- *
- */
-
-/* Main function separated from core in case we want to return error info */
-int vold_decrypt(const string& Password) {
- return Vold_Decrypt_Core(Password);
-}
diff --git a/crypto/vold_decrypt/vold_decrypt.h b/crypto/vold_decrypt/vold_decrypt.h
deleted file mode 100644
index 248a427..0000000
--- a/crypto/vold_decrypt/vold_decrypt.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- Copyright 2017 TeamWin
- This file is part of TWRP/TeamWin Recovery Project.
-
- TWRP is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- TWRP is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with TWRP. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _VOLD_DECRYPT_H
-#define _VOLD_DECRYPT_H
-
-#include <string>
-
-// -_-
-enum {
- VD_SUCCESS = 0,
- VD_ERR_DECRYPTION_FAILED = -1,
- VD_ERR_UNABLE_TO_MOUNT_SYSTEM = -2,
- VD_ERR_MISSING_VOLD = -3,
- VD_ERR_MISSING_VDC = -4,
- VD_ERR_VDC_FAILED_TO_CONNECT = -5,
- VD_ERR_VOLD_FAILED_TO_START = -6,
- VD_ERR_VOLD_UNEXPECTED_RESPONSE = -7,
- VD_ERR_VOLD_OPERATION_TIMEDOUT = -8,
- VD_ERR_FORK_EXECL_ERROR = -9,
- VD_ERR_PASSWORD_EMPTY = -10,
- VD_ERR_UNABLE_TO_MOUNT_EXTRA = -11,
-};
-
-
-int vold_decrypt(const std::string& Password);
-
-#endif // _VOLD_DECRYPT_H
diff --git a/etc/init.rc b/etc/init.rc
index c7e8874..0aeb827 100644
--- a/etc/init.rc
+++ b/etc/init.rc
@@ -3,7 +3,6 @@
import /init.recovery.mksh.rc
import /init.recovery.usb.rc
import /init.recovery.service.rc
-import /init.recovery.vold_decrypt.rc
import /init.recovery.${ro.hardware}.rc
on early-init
diff --git a/partitionmanager.cpp b/partitionmanager.cpp
index 305472e..0b77907 100755
--- a/partitionmanager.cpp
+++ b/partitionmanager.cpp
@@ -106,9 +106,6 @@
#endif
#endif
#endif
-#ifdef TW_CRYPTO_USE_SYSTEM_VOLD
-#include "crypto/vold_decrypt/vold_decrypt.h"
-#endif
#endif
#ifdef AB_OTA_UPDATER
@@ -2015,22 +2012,6 @@
pwret = WEXITSTATUS(status) ? -1 : 0;
}
-#ifdef TW_CRYPTO_USE_SYSTEM_VOLD
- if (pwret != 0) {
- pwret = vold_decrypt(Password);
- switch (pwret) {
- case VD_SUCCESS:
- break;
- case VD_ERR_MISSING_VDC:
- gui_msg(Msg(msg::kError, "decrypt_data_vold_os_missing=Missing files needed for vold decrypt: {1}")("/system/bin/vdc"));
- break;
- case VD_ERR_MISSING_VOLD:
- gui_msg(Msg(msg::kError, "decrypt_data_vold_os_missing=Missing files needed for vold decrypt: {1}")("/system/bin/vold"));
- break;
- }
- }
-#endif // TW_CRYPTO_USE_SYSTEM_VOLD
-
// Unmount any partitions that were needed for decrypt
for (iter = Partitions.begin(); iter != Partitions.end(); iter++) {
if ((*iter)->Mount_To_Decrypt) {
diff --git a/prebuilt/Android.mk b/prebuilt/Android.mk
index ffc69c8..c214166 100755
--- a/prebuilt/Android.mk
+++ b/prebuilt/Android.mk
@@ -581,19 +581,6 @@
LOCAL_SRC_FILES := $(LOCAL_MODULE)
include $(BUILD_PREBUILT)
-ifeq ($(TW_INCLUDE_CRYPTO), true)
- ifneq ($(TW_CRYPTO_USE_SYSTEM_VOLD),)
- # Prebuilt vdc_pie for pre-Pie SDK Platforms
- include $(CLEAR_VARS)
- LOCAL_MODULE := vdc_pie
- LOCAL_MODULE_TAGS := optional
- LOCAL_MODULE_CLASS := EXECUTABLES
- LOCAL_MODULE_PATH := $(TARGET_RECOVERY_ROOT_OUT)/system/bin
- LOCAL_SRC_FILES := vdc_pie-$(TARGET_ARCH)
- include $(BUILD_PREBUILT)
- endif
-endif
-
ifneq (,$(filter $(TW_INCLUDE_REPACKTOOLS) $(TW_INCLUDE_RESETPROP) $(TW_INCLUDE_LIBRESETPROP), true))
ifeq ($(wildcard external/magisk-prebuilt/Android.mk),)
$(warning Magisk prebuilt tools not found!)