FsCrypt update: support fscrypt policies v1 and v2
This patchset introduces support decryption for Android 11.
In this update we deprecate ext4crypt. To specify the
policy version to use, use TW_USE_FSCRYPT_POLICY := 1 or
TW_USE_FSCRYPT_POLICY := 2. By default policy version will
be set to 2 if this variable is omitted.
Change-Id: I62a29c1bef36c259ec4b11259f71be613d20a112
diff --git a/libtar/Android.mk b/libtar/Android.mk
index 9b051e6..9209da9 100755
--- a/libtar/Android.mk
+++ b/libtar/Android.mk
@@ -14,15 +14,9 @@
LOCAL_SHARED_LIBRARIES += libselinux
ifeq ($(TW_INCLUDE_CRYPTO_FBE), true)
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 29; echo $$?),0)
- LOCAL_SHARED_LIBRARIES += libtwrpfscrypt
- LOCAL_CFLAGS += -DUSE_FSCRYPT
- LOCAL_C_INCLUDES += $(LOCAL_PATH)/../crypto/fscrypt
- else
- LOCAL_SHARED_LIBRARIES += libe4crypt
- LOCAL_CFLAGS += -DHAVE_EXT4_CRYPT
- LOCAL_C_INCLUDES += $(LOCAL_PATH)/../crypto/ext4crypt
- endif
+ LOCAL_SHARED_LIBRARIES += libtwrpfscrypt
+ LOCAL_CFLAGS += -DUSE_FSCRYPT
+ LOCAL_C_INCLUDES += $(LOCAL_PATH)/../crypto/fscrypt
endif
ifeq ($(TW_LIBTAR_DEBUG),true)
@@ -45,15 +39,9 @@
LOCAL_STATIC_LIBRARIES += libselinux
ifeq ($(TW_INCLUDE_CRYPTO_FBE), true)
- ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 29; echo $$?),0)
- LOCAL_SHARED_LIBRARIES += libtwrpfscrypt
- LOCAL_CFLAGS += -DUSE_FSCRYPT
- LOCAL_C_INCLUDES += $(LOCAL_PATH)/../crypto/fscrypt
- else
- LOCAL_SHARED_LIBRARIES += libe4crypt
- LOCAL_CFLAGS += -DHAVE_EXT4_CRYPT
- LOCAL_C_INCLUDES += $(LOCAL_PATH)/../crypto/ext4crypt
- endif
+ LOCAL_SHARED_LIBRARIES += libtwrpfscrypt
+ LOCAL_CFLAGS += -DUSE_FSCRYPT
+ LOCAL_C_INCLUDES += $(LOCAL_PATH)/../crypto/fscrypt
endif
ifeq ($(TW_LIBTAR_DEBUG),true)
diff --git a/libtar/append.c b/libtar/append.c
index 3075a61..860ab46 100755
--- a/libtar/append.c
+++ b/libtar/append.c
@@ -38,16 +38,16 @@
#include <selinux/selinux.h>
-#ifdef HAVE_EXT4_CRYPT
-#include "ext4crypt_tar.h"
-#endif
-
#ifdef USE_FSCRYPT
#include "fscrypt_policy.h"
#endif
#include "android_utils.h"
+#ifdef TW_LIBTAR_DEBUG
+#define DEBUG 1
+#endif
+
struct tar_dev
{
dev_t td_dev;
@@ -84,8 +84,8 @@
char path[MAXPATHLEN];
#ifdef DEBUG
- printf("==> tar_append_file(TAR=0x%lx (\"%s\"), realname=\"%s\", "
- "savename=\"%s\")\n", t, t->pathname, realname,
+ printf("==> tar_append_file(TAR=0x%p (\"%s\"), realname=\"%s\", "
+ "savename=\"%s\")\n", (void*) t, t->pathname, realname,
(savename ? savename : "[NULL]"));
#endif
@@ -134,45 +134,6 @@
}
}
-#ifdef HAVE_EXT4_CRYPT
- if (TH_ISDIR(t) && t->options & TAR_STORE_EXT4_POL)
- {
- if (t->th_buf.eep != NULL)
- {
- free(t->th_buf.eep);
- t->th_buf.eep = NULL;
- }
-
- t->th_buf.eep = (struct ext4_encryption_policy*)malloc(sizeof(struct ext4_encryption_policy));
- if (!t->th_buf.eep) {
- printf("malloc ext4_encryption_policy\n");
- return -1;
- }
-
- if (e4crypt_policy_get_struct(realname, t->th_buf.eep))
- {
- char tar_policy[EXT4_KEY_DESCRIPTOR_SIZE];
- memset(tar_policy, 0, sizeof(tar_policy));
- char policy_hex[EXT4_KEY_DESCRIPTOR_SIZE_HEX];
- policy_to_hex(t->th_buf.eep->master_key_descriptor, policy_hex);
- if (lookup_ref_key(t->th_buf.eep->master_key_descriptor, &tar_policy[0])) {
- printf("found policy '%s' - '%s' - '%s'\n", realname, tar_policy, policy_hex);
- memcpy(t->th_buf.eep->master_key_descriptor, tar_policy, EXT4_KEY_DESCRIPTOR_SIZE);
- } else {
- printf("failed to lookup tar policy for '%s' - '%s'\n", realname, policy_hex);
- free(t->th_buf.eep);
- t->th_buf.eep = NULL;
- return -1;
- }
- }
- else
- {
- // no policy found, but this is not an error as not all dirs will have a policy
- free(t->th_buf.eep);
- t->th_buf.eep = NULL;
- }
- }
-#endif
#ifdef USE_FSCRYPT
if (TH_ISDIR(t) && t->options & TAR_STORE_FSCRYPT_POL)
{
@@ -181,21 +142,31 @@
free(t->th_buf.fep);
t->th_buf.fep = NULL;
}
-
- t->th_buf.fep = (struct fscrypt_encryption_policy*)malloc(sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+ t->th_buf.fep = (struct fscrypt_policy_v1 *)malloc(sizeof(struct fscrypt_policy_v1));
+#else
+ t->th_buf.fep = (struct fscrypt_policy_v2 *)malloc(sizeof(struct fscrypt_policy_v2));
+#endif
if (!t->th_buf.fep) {
printf("malloc fs_encryption_policy\n");
return -1;
}
if (fscrypt_policy_get_struct(realname, t->th_buf.fep)) {
- uint8_t tar_policy[FS_KEY_DESCRIPTOR_SIZE];
+ uint8_t tar_policy[FSCRYPT_KEY_IDENTIFIER_SIZE];
memset(tar_policy, 0, sizeof(tar_policy));
- char policy_hex[FS_KEY_DESCRIPTOR_SIZE_HEX];
- policy_to_hex(t->th_buf.fep->master_key_descriptor, policy_hex);
- if (lookup_ref_key(t->th_buf.fep->master_key_descriptor, &tar_policy[0])) {
- printf("found fscrypt policy '%s' - '%s' - '%s'\n", realname, tar_policy, policy_hex);
- memcpy(t->th_buf.fep->master_key_descriptor, tar_policy, FS_KEY_DESCRIPTOR_SIZE);
+ char policy_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
+ bytes_to_hex(t->th_buf.fep->master_key_identifier, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_hex);
+ if (lookup_ref_key(t->th_buf.fep, &tar_policy[0])) {
+ if (strncmp((char *) tar_policy, "0CE0", 4) == 0 || strncmp((char *) tar_policy, "0DE0", 4) == 0
+ || strncmp((char *) tar_policy, "0DK", 3) == 0) {
+ memcpy(t->th_buf.fep->master_key_identifier, tar_policy, FSCRYPT_KEY_IDENTIFIER_SIZE);
+ printf("found fscrypt policy '%s' - '%s' - '%s'\n", realname, t->th_buf.fep->master_key_identifier, policy_hex);
+ } else {
+ printf("failed to match fscrypt tar policy for '%s' - '%s'\n", realname, policy_hex);
+ free(t->th_buf.fep);
+ t->th_buf.fep = NULL;
+ }
} else {
printf("failed to lookup fscrypt tar policy for '%s' - '%s'\n", realname, policy_hex);
free(t->th_buf.fep);
@@ -266,7 +237,7 @@
else
{
#ifdef DEBUG
- printf("+++ adding hash for device (0x%lx, 0x%lx)...\n",
+ printf("+++ adding hash for device (0x%x, 0x%x)...\n",
major(s.st_dev), minor(s.st_dev));
#endif
td = (tar_dev_t *)calloc(1, sizeof(tar_dev_t));
@@ -292,9 +263,9 @@
else
{
#ifdef DEBUG
- printf("+++ adding entry: device (0x%lx,0x%lx), inode %ld "
+ printf("+++ adding entry: device (0x%d,0x%x), inode %lu"
"(\"%s\")...\n", major(s.st_dev), minor(s.st_dev),
- s.st_ino, realname);
+ (unsigned long) s.st_ino, realname);
#endif
ti = (tar_ino_t *)calloc(1, sizeof(tar_ino_t));
if (ti == NULL)
@@ -332,7 +303,7 @@
if (th_write(t) != 0)
{
#ifdef DEBUG
- printf("t->fd = %d\n", t->fd);
+ printf("t->fd = %ld\n", t->fd);
#endif
return -1;
}
@@ -448,7 +419,7 @@
if (th_write(t) != 0)
{
#ifdef DEBUG
- fprintf(stderr, "tar_append_file_contents(): could not write header, t->fd = %d\n", t->fd);
+ fprintf(stderr, "tar_append_file_contents(): could not write header, t->fd = %ld\n", t->fd);
#endif
return -1;
}
diff --git a/libtar/block.c b/libtar/block.c
index 6285547..db97222 100755
--- a/libtar/block.c
+++ b/libtar/block.c
@@ -22,10 +22,6 @@
#define DEBUG 1
#endif
-#ifdef HAVE_EXT4_CRYPT
-#include "ext4crypt_tar.h"
-#endif
-
#ifdef USE_FSCRYPT
#include "fscrypt_policy.h"
#endif
@@ -37,10 +33,6 @@
#define SELINUX_TAG "RHT.security.selinux="
#define SELINUX_TAG_LEN strlen(SELINUX_TAG)
-// Used to identify e4crypt_policy in extended ('x')
-#define E4CRYPT_TAG "TWRP.security.e4crypt="
-#define E4CRYPT_TAG_LEN strlen(E4CRYPT_TAG)
-
// Used to identify fscrypt_policy in extended ('x')
#define FSCRYPT_TAG "TWRP.security.fscrypt="
#define FSCRYPT_TAG_LEN strlen(FSCRYPT_TAG)
@@ -153,10 +145,6 @@
free(t->th_buf.gnu_longlink);
if (t->th_buf.selinux_context != NULL)
free(t->th_buf.selinux_context);
-#ifdef HAVE_EXT4_CRYPT
- if (t->th_buf.eep != NULL)
- free(t->th_buf.eep);
-#endif
#ifdef USE_FSCRYPT
if (t->th_buf.fep != NULL)
@@ -362,71 +350,41 @@
printf(" th_read(): android user.inode_code_cache xattr detected\n");
#endif
} // end android user.inode_code_cache xattr
-#ifdef HAVE_EXT4_CRYPT
- start = strstr(buf, E4CRYPT_TAG);
- if (start && start+E4CRYPT_TAG_LEN < buf+len)
- {
- t->th_buf.eep = (struct ext4_encryption_policy*)malloc(sizeof(struct ext4_encryption_policy));
- if (!t->th_buf.eep) {
- printf("malloc ext4_encryption_policy\n");
- return -1;
- }
- start += E4CRYPT_TAG_LEN;
- if (*start == '2')
- {
- start++;
- char *newline_check = start + sizeof(struct ext4_encryption_policy);
- if (*newline_check != '\n')
- printf("did not find newline char in expected location, continuing anyway...\n");
- memcpy(t->th_buf.eep, start, sizeof(struct ext4_encryption_policy));
-#ifdef DEBUG
- printf(" th_read(): E4Crypt policy v2 detected: %i %i %i %i %s\n",
- (int)t->th_buf.eep->version,
- (int)t->th_buf.eep->contents_encryption_mode,
- (int)t->th_buf.eep->filenames_encryption_mode,
- (int)t->th_buf.eep->flags,
- t->th_buf.eep->master_key_descriptor);
-#endif
- }
- else
- {
- e4crypt_policy_fill_default_struct(t->th_buf.eep);
- char *end = strchr(start, '\n');
- if(!end)
- end = strchr(start, '\0');
- if(end)
- {
- strncpy(t->th_buf.eep->master_key_descriptor, start, end-start);
-#ifdef DEBUG
- printf(" th_read(): E4Crypt policy v1 detected: %s\n", t->th_buf.eep->master_key_descriptor);
-#endif
- }
- }
- }
-#endif // HAVE_EXT4_CRYPT
#ifdef USE_FSCRYPT
start = strstr(buf, FSCRYPT_TAG);
if (start && start+FSCRYPT_TAG_LEN < buf+len) {
- t->th_buf.fep = (struct fscrypt_encryption_policy*)malloc(sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+ t->th_buf.fep = (struct fscrypt_policy_v1*)malloc(sizeof(struct fscrypt_policy_v1));
+#else
+ t->th_buf.fep = (struct fscrypt_policy_v2*)malloc(sizeof(struct fscrypt_policy_v2));
+#endif
if (!t->th_buf.fep) {
- printf("malloc fscrypt_encryption_policy\n");
+ printf("malloc failed for fscrypt policy\n");
return -1;
}
start += FSCRYPT_TAG_LEN;
if (*start == '0') {
start++;
- char *newline_check = start + sizeof(struct fscrypt_encryption_policy);
+#ifdef USE_FSCRYPT_POLICY_V1
+ char *newline_check = start + sizeof(struct fscrypt_policy_v1);
+#else
+ char *newline_check = start + sizeof(struct fscrypt_policy_v2);
+#endif
if (*newline_check != '\n')
printf("did not find newline char in expected location, continuing anyway...\n");
- memcpy(t->th_buf.fep, start, sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+ memcpy(t->th_buf.fep, start, sizeof(struct fscrypt_policy_v1));
+#else
+ memcpy(t->th_buf.fep, start, sizeof(struct fscrypt_policy_v2));
+#endif
#ifdef DEBUG
- printf(" th_read(): FSCrypt policy v1 detected: %i %i %i %i %s\n",
+ printf(" th_read(): FSCrypt policy detected: %i %i %i %i %s\n",
(int)t->th_buf.fep->version,
(int)t->th_buf.fep->contents_encryption_mode,
(int)t->th_buf.fep->filenames_encryption_mode,
(int)t->th_buf.fep->flags,
- t->th_buf.fep->master_key_descriptor);
+ t->th_buf.fep->master_key_identifier);
#endif
}
else {
@@ -632,48 +590,20 @@
ptr += sz;
}
-#ifdef HAVE_EXT4_CRYPT
- if((t->options & TAR_STORE_EXT4_POL) && t->th_buf.eep != NULL)
- {
-#ifdef DEBUG
- printf("th_write(): using e4crypt_policy %s\n",
- t->th_buf.eep->master_key_descriptor);
-#endif
- /* setup size - EXT header has format "*size of this whole tag as ascii numbers* *space* *version code* *content* *newline* */
- // size newline
- sz = E4CRYPT_TAG_LEN + sizeof(struct ext4_encryption_policy) + 1 + 3 + 1;
-
- if(sz >= 100) // another ascci digit for size
- ++sz;
-
- if (total_sz + sz >= T_BLOCKSIZE)
- {
- if (th_write_extended(t, &buf[0], total_sz))
- return -1;
- ptr = buf;
- total_sz = sz;
- }
- else
- total_sz += sz;
-
- snprintf(ptr, T_BLOCKSIZE, "%d "E4CRYPT_TAG"2", (int)sz);
- memcpy(ptr + sz - sizeof(struct ext4_encryption_policy) - 1, t->th_buf.eep, sizeof(struct ext4_encryption_policy));
- char *nlptr = ptr + sz - 1;
- *nlptr = '\n';
- ptr += sz;
- }
-#endif
-
#ifdef USE_FSCRYPT
if((t->options & TAR_STORE_FSCRYPT_POL) && t->th_buf.fep != NULL)
{
#ifdef DEBUG
printf("th_write(): using fscrypt_policy %s\n",
- t->th_buf.fep->master_key_descriptor);
+ t->th_buf.fep->master_key_identifier);
#endif
/* setup size - EXT header has format "*size of this whole tag as ascii numbers* *space* *version code* *content* *newline* */
// size newline
- sz = FSCRYPT_TAG_LEN + sizeof(struct fscrypt_encryption_policy) + 1 + 3 + 1;
+#ifdef USE_FSCRYPT_POLICY_V1
+ sz = FSCRYPT_TAG_LEN + sizeof(struct fscrypt_policy_v1) + 1 + 3 + 1;
+#else
+ sz = FSCRYPT_TAG_LEN + sizeof(struct fscrypt_policy_v2) + 1 + 3 + 1;
+#endif
if(sz >= 100) // another ascci digit for size
++sz;
@@ -689,7 +619,11 @@
total_sz += sz;
snprintf(ptr, T_BLOCKSIZE, "%d "FSCRYPT_TAG"0", (int)sz);
- memcpy(ptr + sz - sizeof(struct fscrypt_encryption_policy) - 1, t->th_buf.fep, sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+ memcpy(ptr + sz - sizeof(struct fscrypt_policy_v1) - 1, t->th_buf.fep, sizeof(struct fscrypt_policy_v1));
+#else
+ memcpy(ptr + sz - sizeof(struct fscrypt_policy_v2) - 1, t->th_buf.fep, sizeof(struct fscrypt_policy_v2));
+#endif
char *nlptr = ptr + sz - 1;
*nlptr = '\n';
ptr += sz;
diff --git a/libtar/extract.c b/libtar/extract.c
index fd5e3c9..064ba9b 100755
--- a/libtar/extract.c
+++ b/libtar/extract.c
@@ -35,14 +35,14 @@
#include <selinux/selinux.h>
-#ifdef HAVE_EXT4_CRYPT
-#include "ext4crypt_tar.h"
-#endif
-
#ifdef USE_FSCRYPT
#include "fscrypt_policy.h"
#endif
+#ifdef TW_LIBTAR_DEBUG
+#define DEBUG 1
+#endif
+
#include "android_utils.h"
const unsigned long long progress_size = (unsigned long long)(T_BLOCKSIZE);
@@ -554,44 +554,24 @@
}
}
-#ifdef HAVE_EXT4_CRYPT
- if(t->th_buf.eep != NULL)
- {
-#ifdef DEBUG
- printf("tar_extract_file(): restoring EXT4 crypt policy %s to dir %s\n", t->th_buf.eep->master_key_descriptor, realname);
-#endif
- char binary_policy[EXT4_KEY_DESCRIPTOR_SIZE];
- if (!lookup_ref_tar(t->th_buf.eep->master_key_descriptor, &binary_policy[0])) {
- printf("error looking up proper e4crypt policy for '%s' - %s\n", realname, t->th_buf.eep->master_key_descriptor);
- return -1;
- }
- char policy_hex[EXT4_KEY_DESCRIPTOR_SIZE_HEX];
- policy_to_hex(binary_policy, policy_hex);
- printf("restoring policy %s > '%s' to '%s'\n", t->th_buf.eep->master_key_descriptor, policy_hex, realname);
- memcpy(&t->th_buf.eep->master_key_descriptor, binary_policy, EXT4_KEY_DESCRIPTOR_SIZE);
- if (!e4crypt_policy_set_struct(realname, t->th_buf.eep))
- {
- printf("tar_extract_file(): failed to restore EXT4 crypt policy to dir '%s' '%s'!!!\n", realname, policy_hex);
- //return -1; // This may not be an error in some cases, so log and ignore
- }
- }
-#endif
-
#ifdef USE_FSCRYPT
if(t->th_buf.fep != NULL)
{
+ char policy_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
#ifdef DEBUG
- printf("tar_extract_file(): restoring fscrypt policy %s to dir %s\n", t->th_buf.fep->master_key_descriptor, realname);
+ bytes_to_hex(t->th_buf.fep->master_key_identifier, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_hex);
+ printf("tar_extract_dir(): restoring fscrypt policy %s to dir %s\n", (char *)policy_hex, realname);
#endif
- uint8_t binary_policy[FS_KEY_DESCRIPTOR_SIZE];
- if (!lookup_ref_tar(t->th_buf.fep->master_key_descriptor, &binary_policy[0])) {
- printf("error looking up proper fscrypt policy for '%s' - %s\n", realname, t->th_buf.fep->master_key_descriptor);
+ uint8_t binary_policy[FSCRYPT_KEY_IDENTIFIER_SIZE];
+ memset(&binary_policy, 0, FSCRYPT_KEY_IDENTIFIER_SIZE);
+
+ if (!lookup_ref_tar(t->th_buf.fep->master_key_identifier, &binary_policy[0])) {
+ printf("error looking up fscrypt policy for '%s' - %s\n", realname, t->th_buf.fep->master_key_identifier);
return -1;
}
- char policy_hex[FS_KEY_DESCRIPTOR_SIZE_HEX];
- policy_to_hex(binary_policy, policy_hex);
- printf("restoring policy %s > '%s' to '%s'\n", t->th_buf.fep->master_key_descriptor, policy_hex, realname);
- memcpy(&t->th_buf.fep->master_key_descriptor, binary_policy, FS_KEY_DESCRIPTOR_SIZE);
+ memcpy(&t->th_buf.fep->master_key_identifier, binary_policy, FSCRYPT_KEY_IDENTIFIER_SIZE);
+ bytes_to_hex(t->th_buf.fep->master_key_identifier, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_hex);
+ printf("attempting to restore policy: %s\n", policy_hex);
if (!fscrypt_policy_set_struct(realname, t->th_buf.fep))
{
printf("tar_extract_file(): failed to restore fscrypt policy to dir '%s' '%s'!!!\n", realname, policy_hex);
diff --git a/libtar/libtar.h b/libtar/libtar.h
index 19ddd06..04782b2 100755
--- a/libtar/libtar.h
+++ b/libtar/libtar.h
@@ -20,10 +20,6 @@
#include "libtar_listhash.h"
-#ifdef HAVE_EXT4_CRYPT
-# include "ext4crypt_tar.h"
-#endif
-
#ifdef USE_FSCRYPT
#include "fscrypt_policy.h"
#endif
@@ -72,11 +68,12 @@
char *gnu_longname;
char *gnu_longlink;
char *selinux_context;
-#ifdef HAVE_EXT4_CRYPT
- struct ext4_encryption_policy *eep;
-#endif
#ifdef USE_FSCRYPT
- struct fscrypt_encryption_policy *fep;
+#ifdef USE_FSCRYPT_POLICY_V1
+ struct fscrypt_policy_v1 *fep;
+#else
+ struct fscrypt_policy_v2 *fep;
+#endif
#endif
int has_cap_data;
struct vfs_cap_data cap_data;
@@ -127,12 +124,11 @@
#define TAR_IGNORE_CRC 64 /* ignore CRC in file header */
#define TAR_STORE_SELINUX 128 /* store selinux context */
#define TAR_USE_NUMERIC_ID 256 /* favor numeric owner over names */
-#ifdef HAVE_EXT4_CRYPT
-#define TAR_STORE_EXT4_POL 512 /* store ext4 crypto policy */
-#endif
+
#ifdef USE_FSCRYPT
#define TAR_STORE_FSCRYPT_POL 512 /* store fscrypt crypto policy */
#endif
+
#define TAR_STORE_POSIX_CAP 1024 /* store posix file capabilities */
#define TAR_STORE_ANDROID_USER_XATTR 2048 /* store android user.* xattr */
diff --git a/libtar/output.c b/libtar/output.c
index 68c3e5f..5e724e5 100755
--- a/libtar/output.c
+++ b/libtar/output.c
@@ -24,10 +24,6 @@
# include <string.h>
#endif
-#ifdef HAVE_EXT4_CRYPT
-#include "ext4crypt_tar.h"
-#endif
-
#ifdef USE_FSCRYPT
#include "fscrypt_policy.h"
#endif
@@ -64,13 +60,10 @@
(t->th_buf.gnu_longname ? t->th_buf.gnu_longname : "[NULL]"));
printf(" gnu_longlink = \"%s\"\n",
(t->th_buf.gnu_longlink ? t->th_buf.gnu_longlink : "[NULL]"));
-#ifdef HAVE_EXT4_CRYPT
- printf(" eep = \"%s\"\n",
- (t->th_buf.eep ? t->th_buf.eep->master_key_descriptor : "[NULL]"));
-#endif
+
#ifdef USE_FSCRYPT
printf(" fep = \"%s\"\n",
- (t->th_buf.fep ? t->th_buf.fep->master_key_descriptor : (uint8_t*) "[NULL]"));
+ (t->th_buf.fep ? t->th_buf.fep->master_key_identifier : (uint8_t*) "[NULL]"));
#endif
}