fscrypt: : Use wrapped key for metadata encryption
Importing of this commit:
https://github.com/LineageOS/android_system_vold/commit/944c48d5a4c6df1eb751b04f52c06adac35ebab6
Change-Id: I048a6c2aeff2591135f47223a99af5ddd215703c
diff --git a/crypto/fscrypt/FsCrypt.cpp b/crypto/fscrypt/FsCrypt.cpp
index 46df2b6..e967339 100755
--- a/crypto/fscrypt/FsCrypt.cpp
+++ b/crypto/fscrypt/FsCrypt.cpp
@@ -230,6 +230,18 @@
return false;
}
+bool is_metadata_wrapped_key_supported() {
+ LOG(DEBUG) << "Determining metadata wrapped-key support for " << mount_point;
+ std::string wrapped_key_supported = android::base::GetProperty("fbe.metadata.wrappedkey", "false");
+ LOG(DEBUG) << "fbe.metadata.wrappedkey = " << wrapped_key_supported;
+ if (mount_point == METADATA_MNT_POINT && wrapped_key_supported == "true") {
+ LOG(DEBUG) << "Wrapped key supported on " << mount_point;
+ return true;
+ } else {
+ return false;
+ }
+}
+
static bool read_and_install_user_ce_key(userid_t user_id,
const android::vold::KeyAuthentication& auth) {
if (s_ce_key_raw_refs.count(user_id) != 0) return true;