Improve remounting sdcard with ecryptfs
diff --git a/crypto/ics/cryptfs.c b/crypto/ics/cryptfs.c
index 8a6c581..945864d 100644
--- a/crypto/ics/cryptfs.c
+++ b/crypto/ics/cryptfs.c
@@ -659,6 +659,7 @@
int rc2 = 1;
#ifndef RECOVERY_SDCARD_ON_DATA
+#ifdef TW_INTERNAL_STORAGE_PATH
// internal storage for non data/media devices
if(!rc) {
strcpy(pwbuf, passwd);
@@ -667,6 +668,7 @@
EXPAND(TW_INTERNAL_STORAGE_MOUNT_POINT));
}
#endif
+#endif
#ifdef TW_EXTERNAL_STORAGE_PATH
printf("Temp mounting /data\n");
// mount data so mount_ecryptfs_drive can access edk in /data/system/
@@ -674,21 +676,17 @@
// external sd
char decrypt_external[256], external_blkdev[256];
property_get("ro.crypto.external_encrypted", decrypt_external, "0");
- // First we have to mount the external storage
- if (!rc2 && strcmp(decrypt_external, "1") == 0) {
- printf("Mounting external...\n");
- property_get("ro.crypto.external_blkdev", external_blkdev, "");
- rc2 = mount(
- external_blkdev, EXPAND(TW_EXTERNAL_STORAGE_PATH),
- "vfat", MS_RDONLY, "");
- }
// Mount the external storage as ecryptfs so that ecryptfs can act as a pass-through
- if (!rc2) {
+ if (!rc2 && strcmp(decrypt_external, "1") == 0) {
printf("Mounting external with ecryptfs...\n");
strcpy(pwbuf, passwd);
rc2 = mount_ecryptfs_drive(
pwbuf, EXPAND(TW_EXTERNAL_STORAGE_PATH),
EXPAND(TW_EXTERNAL_STORAGE_PATH), 0);
+ if (rc2 == 0)
+ property_set("ro.crypto.external_use_ecryptfs", "1");
+ else
+ property_set("ro.crypto.external_use_ecryptfs", "0");
} else {
printf("Unable to mount external storage with ecryptfs.\n");
umount(EXPAND(TW_EXTERNAL_STORAGE_PATH));
diff --git a/partition.cpp b/partition.cpp
index 7eac409..4a7a900 100644
--- a/partition.cpp
+++ b/partition.cpp
@@ -44,6 +44,9 @@
extern "C" {
#include "mtdutils/mtdutils.h"
#include "mtdutils/mounts.h"
+#ifdef TW_INCLUDE_CRYPTO_SAMSUNG
+ #include "crypto/libcrypt_samsung/include/libcrypt_samsung.h"
+#endif
}
using namespace std;
@@ -87,6 +90,9 @@
Fstab_File_System = "";
Format_Block_Size = 0;
Ignore_Blkid = false;
+#ifdef TW_INCLUDE_CRYPTO_SAMSUNG
+ EcryptFS_Password = "";
+#endif
}
TWPartition::~TWPartition(void) {
@@ -684,9 +690,9 @@
return false;
} else
return true;
- } else if (Fstab_File_System == "exfat") {
+ } else if (Current_File_System == "exfat" && TWFunc::Path_Exists("/sbin/exfat-fuse")) {
string cmd = "/sbin/exfat-fuse " + Actual_Block_Device + " " + Mount_Point;
- LOGI("cmd: %s\n", cmd.c_str());
+ LOGI("cmd: %s\n", cmd.c_str());
string result;
if (TWFunc::Exec_Cmd(cmd, result) != 0)
return false;
@@ -698,6 +704,18 @@
LOGI("Actual block device: '%s', current file system: '%s'\n", Actual_Block_Device.c_str(), Current_File_System.c_str());
return false;
} else {
+#ifdef TW_INCLUDE_CRYPTO_SAMSUNG
+ if (EcryptFS_Password.size() > 0) {
+ if (mount_ecryptfs_drive(EcryptFS_Password.c_str(), Mount_Point.c_str(), Mount_Point.c_str(), 0) != 0) {
+ if (Display_Error)
+ LOGE("Unable to mount ecryptfs for '%s'\n", Mount_Point.c_str());
+ else
+ LOGI("Unable to mount ecryptfs for '%s'\n", Mount_Point.c_str());
+ } else {
+ LOGI("Successfully mounted ecryptfs for '%s'\n", Mount_Point.c_str());
+ }
+ }
+#endif
if (Removable)
Update_Size(Display_Error);
diff --git a/partitionmanager.cpp b/partitionmanager.cpp
index 5f8b66a..5d75d32 100644
--- a/partitionmanager.cpp
+++ b/partitionmanager.cpp
@@ -1596,7 +1596,7 @@
efs = 0;
#ifdef TW_EXTERNAL_STORAGE_PATH
TWPartition* sdcard = Find_Partition_By_Path(EXPAND(TW_EXTERNAL_STORAGE_PATH));
- if (sdcard) {
+ if (sdcard && sdcard->Mount(false)) {
property_set("ro.crypto.external_encrypted", "1");
property_set("ro.crypto.external_blkdev", sdcard->Actual_Block_Device.c_str());
} else {
@@ -1639,12 +1639,19 @@
emmc->Setup_File_System(false);
ui_print("Internal SD successfully decrypted, new block device: '%s'\n", crypto_blkdev_sd);
}
-
-#ifdef TW_EXTERNAL_STORAGE_PATH
- sdcard->Is_Decrypted = true;
- sdcard->Setup_File_System(false);
-#endif //ifdef TW_EXTERNAL_STORAGE_PATH
#endif //ifdef CRYPTO_SD_FS_TYPE
+#ifdef TW_EXTERNAL_STORAGE_PATH
+ char is_external_decrypted[255];
+ property_get("ro.crypto.external_use_ecryptfs", is_external_decrypted, "0");
+ if (strcmp(is_external_decrypted, "1") == 0) {
+ sdcard->Is_Decrypted = true;
+ sdcard->EcryptFS_Password = Password;
+ sdcard->Decrypted_Block_Device = sdcard->Actual_Block_Device;
+ } else {
+ sdcard->Is_Decrypted = false;
+ sdcard->Decrypted_Block_Device = "";
+ }
+#endif //ifdef TW_EXTERNAL_STORAGE_PATH
// Sleep for a bit so that the device will be ready
sleep(1);
diff --git a/partitions.hpp b/partitions.hpp
index 2b2ed2c..7660b8b 100644
--- a/partitions.hpp
+++ b/partitions.hpp
@@ -107,6 +107,9 @@
string Fstab_File_System; // File system from the recovery.fstab
int Format_Block_Size; // Block size for formatting
bool Ignore_Blkid; // Ignore blkid results due to superblocks lying to us on certain devices / partitions
+#ifdef TW_INCLUDE_CRYPTO_SAMSUNG
+ string EcryptFS_Password; // Have to store the encryption password to remount
+#endif
private:
bool Process_Flags(string Flags, bool Display_Error); // Process custom fstab flags