diff options
author | Neeraj Soni <neersoni@codeaurora.org> | 2019-06-26 19:18:14 +0530 |
---|---|---|
committer | Neeraj Soni <neersoni@codeaurora.org> | 2019-06-26 19:22:18 +0530 |
commit | 0e83c6004312fab088a1b9364a8f342721d0fc15 (patch) | |
tree | e70e3aeb17d4f8806a527377574580c9641b98b5 | |
parent | 07f77ac64f3fb1bfe1bc4213f5add34b5bfb9dac (diff) | |
download | android_vendor_qcom_opensource_cryptfs_hw-0e83c6004312fab088a1b9364a8f342721d0fc15.tar.gz android_vendor_qcom_opensource_cryptfs_hw-0e83c6004312fab088a1b9364a8f342721d0fc15.tar.bz2 android_vendor_qcom_opensource_cryptfs_hw-0e83c6004312fab088a1b9364a8f342721d0fc15.zip |
cryptfs_hw: remove block disk encryption dependency on metadata partition
Blocking inline crypto engine based disk encryption if metadata
partition is enabled is not required as vold can check if crypto
block device was created at first place or not. Also vold should pass
the disk encryption key index to crypto driver to leverage all
possible key slot usage in crypto engine.
Change-Id: I00bea82f734ea50f2b51b0875ee23371de1b9896
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
-rw-r--r-- | cryptfs_hw.c | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c index ebf9381..d16c47b 100644 --- a/cryptfs_hw.c +++ b/cryptfs_hw.c @@ -68,8 +68,6 @@ #define CRYPTFS_HW_ALGO_MODE_AES_XTS 0x3 -#define METADATA_PARTITION_NAME "/dev/block/bootdevice/by-name/metadata" - enum cryptfs_hw_key_management_usage_type { CRYPTFS_HW_KM_USAGE_DISK_ENCRYPTION = 0x01, CRYPTFS_HW_KM_USAGE_FILE_ENCRYPTION = 0x02, @@ -179,7 +177,7 @@ static int cryptfs_hw_wipe_key(enum cryptfs_hw_key_management_usage_type usage) int set_ice_param(int flag) { int qseecom_fd, ret = -1; - struct qseecom_ice_data_t ice_data; + struct qseecom_ice_data_t ice_data = {0}; qseecom_fd = open("/dev/qseecom", O_RDWR); if (qseecom_fd < 0) return ret; @@ -363,19 +361,6 @@ int is_ice_enabled(void) { char prop_storage[PATH_MAX]; int storage_type = 0; - int fd; - - /* - * Since HW FDE is a compile time flag (due to QSSI requirements), - * this API conflicts with Metadata encryption even when ICE is - * enabled, as it encrypts the whole disk instead. Adding this - * workaround to return 0 if metadata partition is present. - */ - - if (access(METADATA_PARTITION_NAME, F_OK) == 0) { - SLOGI("Metadata partition, returning false"); - return 0; - } if (property_get("ro.boot.bootdevice", prop_storage, "")) { if (strstr(prop_storage, "ufs")) { |