FsCrypt update: support fscrypt policies v1 and v2

This patchset introduces support decryption for Android 11.

In this update we deprecate ext4crypt. To specify the
policy version to use, use TW_USE_FSCRYPT_POLICY := 1 or
TW_USE_FSCRYPT_POLICY := 2. By default policy version will
be set to 2 if this variable is omitted.

Change-Id: I62a29c1bef36c259ec4b11259f71be613d20a112
diff --git a/libtar/block.c b/libtar/block.c
index 6285547..db97222 100755
--- a/libtar/block.c
+++ b/libtar/block.c
@@ -22,10 +22,6 @@
 #define DEBUG 1
 #endif
 
-#ifdef HAVE_EXT4_CRYPT
-#include "ext4crypt_tar.h"
-#endif
-
 #ifdef USE_FSCRYPT
 #include "fscrypt_policy.h"
 #endif
@@ -37,10 +33,6 @@
 #define SELINUX_TAG "RHT.security.selinux="
 #define SELINUX_TAG_LEN strlen(SELINUX_TAG)
 
-// Used to identify e4crypt_policy in extended ('x')
-#define E4CRYPT_TAG "TWRP.security.e4crypt="
-#define E4CRYPT_TAG_LEN strlen(E4CRYPT_TAG)
-
 // Used to identify fscrypt_policy in extended ('x')
 #define FSCRYPT_TAG "TWRP.security.fscrypt="
 #define FSCRYPT_TAG_LEN strlen(FSCRYPT_TAG)
@@ -153,10 +145,6 @@
 		free(t->th_buf.gnu_longlink);
 	if (t->th_buf.selinux_context != NULL)
 		free(t->th_buf.selinux_context);
-#ifdef HAVE_EXT4_CRYPT
-	if (t->th_buf.eep != NULL)
-		free(t->th_buf.eep);
-#endif
 
 #ifdef USE_FSCRYPT
 	if (t->th_buf.fep != NULL)
@@ -362,71 +350,41 @@
 				printf("    th_read(): android user.inode_code_cache xattr detected\n");
 #endif
 			} // end android user.inode_code_cache xattr
-#ifdef HAVE_EXT4_CRYPT
-			start = strstr(buf, E4CRYPT_TAG);
-			if (start && start+E4CRYPT_TAG_LEN < buf+len)
-			{
-				t->th_buf.eep = (struct ext4_encryption_policy*)malloc(sizeof(struct ext4_encryption_policy));
-				if (!t->th_buf.eep) {
-					printf("malloc ext4_encryption_policy\n");
-					return -1;
-				}
-				start += E4CRYPT_TAG_LEN;
-				if (*start == '2')
-				{
-					start++;
-					char *newline_check = start + sizeof(struct ext4_encryption_policy);
-					if (*newline_check != '\n')
-						printf("did not find newline char in expected location, continuing anyway...\n");
-					memcpy(t->th_buf.eep, start, sizeof(struct ext4_encryption_policy));
-#ifdef DEBUG
-					printf("    th_read(): E4Crypt policy v2 detected: %i %i %i %i %s\n",
-						(int)t->th_buf.eep->version,
-						(int)t->th_buf.eep->contents_encryption_mode,
-						(int)t->th_buf.eep->filenames_encryption_mode,
-						(int)t->th_buf.eep->flags,
-						t->th_buf.eep->master_key_descriptor);
-#endif
-				}
-				else
-				{
-					e4crypt_policy_fill_default_struct(t->th_buf.eep);
-					char *end = strchr(start, '\n');
-					if(!end)
-						end = strchr(start, '\0');
-					if(end)
-					{
-						strncpy(t->th_buf.eep->master_key_descriptor, start, end-start);
-#ifdef DEBUG
-						printf("    th_read(): E4Crypt policy v1 detected: %s\n", t->th_buf.eep->master_key_descriptor);
-#endif
-					}
-				}
-			}
-#endif // HAVE_EXT4_CRYPT
 
 #ifdef USE_FSCRYPT
 			start = strstr(buf, FSCRYPT_TAG);
 			if (start && start+FSCRYPT_TAG_LEN < buf+len) {
-				t->th_buf.fep = (struct fscrypt_encryption_policy*)malloc(sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+				t->th_buf.fep = (struct fscrypt_policy_v1*)malloc(sizeof(struct fscrypt_policy_v1));
+#else
+				t->th_buf.fep = (struct fscrypt_policy_v2*)malloc(sizeof(struct fscrypt_policy_v2));
+#endif
 				if (!t->th_buf.fep) {
-					printf("malloc fscrypt_encryption_policy\n");
+					printf("malloc failed for fscrypt policy\n");
 					return -1;
 				}
 				start += FSCRYPT_TAG_LEN;
 				if (*start == '0') {
 					start++;
-					char *newline_check = start + sizeof(struct fscrypt_encryption_policy);
+#ifdef USE_FSCRYPT_POLICY_V1
+					char *newline_check = start + sizeof(struct fscrypt_policy_v1);
+#else
+					char *newline_check = start + sizeof(struct fscrypt_policy_v2);
+#endif
 					if (*newline_check != '\n')
 						printf("did not find newline char in expected location, continuing anyway...\n");
-					memcpy(t->th_buf.fep, start, sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+					memcpy(t->th_buf.fep, start, sizeof(struct fscrypt_policy_v1));
+#else
+					memcpy(t->th_buf.fep, start, sizeof(struct fscrypt_policy_v2));
+#endif
 #ifdef DEBUG
-					printf("    th_read(): FSCrypt policy v1 detected: %i %i %i %i %s\n",
+					printf("    th_read(): FSCrypt policy detected: %i %i %i %i %s\n",
 						(int)t->th_buf.fep->version,
 						(int)t->th_buf.fep->contents_encryption_mode,
 						(int)t->th_buf.fep->filenames_encryption_mode,
 						(int)t->th_buf.fep->flags,
-						t->th_buf.fep->master_key_descriptor);
+						t->th_buf.fep->master_key_identifier);
 #endif
 				}
 				else {
@@ -632,48 +590,20 @@
 		ptr += sz;
 	}
 
-#ifdef HAVE_EXT4_CRYPT
-	if((t->options & TAR_STORE_EXT4_POL) && t->th_buf.eep != NULL)
-	{
-#ifdef DEBUG
-		printf("th_write(): using e4crypt_policy %s\n",
-		       t->th_buf.eep->master_key_descriptor);
-#endif
-		/* setup size - EXT header has format "*size of this whole tag as ascii numbers* *space* *version code* *content* *newline* */
-		//                                                       size   newline
-		sz = E4CRYPT_TAG_LEN + sizeof(struct ext4_encryption_policy) + 1 + 3  +    1;
-
-		if(sz >= 100) // another ascci digit for size
-			++sz;
-
-		if (total_sz + sz >= T_BLOCKSIZE)
-		{
-			if (th_write_extended(t, &buf[0], total_sz))
-				return -1;
-			ptr = buf;
-			total_sz = sz;
-		}
-		else
-			total_sz += sz;
-
-		snprintf(ptr, T_BLOCKSIZE, "%d "E4CRYPT_TAG"2", (int)sz);
-		memcpy(ptr + sz - sizeof(struct ext4_encryption_policy) - 1, t->th_buf.eep, sizeof(struct ext4_encryption_policy));
-		char *nlptr = ptr + sz - 1;
-		*nlptr = '\n';
-		ptr += sz;
-	}
-#endif
-
 #ifdef USE_FSCRYPT
 	if((t->options & TAR_STORE_FSCRYPT_POL) && t->th_buf.fep != NULL)
 	{
 #ifdef DEBUG
 		printf("th_write(): using fscrypt_policy %s\n",
-		       t->th_buf.fep->master_key_descriptor);
+		       t->th_buf.fep->master_key_identifier);
 #endif
 		/* setup size - EXT header has format "*size of this whole tag as ascii numbers* *space* *version code* *content* *newline* */
 		//                                                       size   newline
-		sz = FSCRYPT_TAG_LEN + sizeof(struct fscrypt_encryption_policy) + 1 + 3  +    1;
+#ifdef USE_FSCRYPT_POLICY_V1
+		sz = FSCRYPT_TAG_LEN + sizeof(struct fscrypt_policy_v1) + 1 + 3  +    1;
+#else
+		sz = FSCRYPT_TAG_LEN + sizeof(struct fscrypt_policy_v2) + 1 + 3  +    1;
+#endif
 
 		if(sz >= 100) // another ascci digit for size
 			++sz;
@@ -689,7 +619,11 @@
 			total_sz += sz;
 
 		snprintf(ptr, T_BLOCKSIZE, "%d "FSCRYPT_TAG"0", (int)sz);
-		memcpy(ptr + sz - sizeof(struct fscrypt_encryption_policy) - 1, t->th_buf.fep, sizeof(struct fscrypt_encryption_policy));
+#ifdef USE_FSCRYPT_POLICY_V1
+		memcpy(ptr + sz - sizeof(struct fscrypt_policy_v1) - 1, t->th_buf.fep, sizeof(struct fscrypt_policy_v1));
+#else
+		memcpy(ptr + sz - sizeof(struct fscrypt_policy_v2) - 1, t->th_buf.fep, sizeof(struct fscrypt_policy_v2));
+#endif
 		char *nlptr = ptr + sz - 1;
 		*nlptr = '\n';
 		ptr += sz;