diff options
author | Paul Lawrence <paullawrence@google.com> | 2014-02-20 12:21:31 -0800 |
---|---|---|
committer | JP Abgrall <jpa@google.com> | 2014-03-21 18:30:26 +0000 |
commit | 87999173dd79dbcbd8cb97f5476007e867aaeeba (patch) | |
tree | 95ca8174bd8c264426fe418b69f6e21e9f5d591a /cryptfs.h | |
parent | f8e9569507a641ece6713cb4be072d1d9cfd2dcd (diff) | |
download | android_system_vold-87999173dd79dbcbd8cb97f5476007e867aaeeba.tar.gz android_system_vold-87999173dd79dbcbd8cb97f5476007e867aaeeba.tar.bz2 android_system_vold-87999173dd79dbcbd8cb97f5476007e867aaeeba.zip |
Don't corrupt ssd when encrypting and power fails
Stop encryption when battery is low, mark position, and continue on reboot.
Note - support for multiple encrypted volumes removed as no devices seem
to exist with an fstab that uses this feature. If you want support for such
a device, contact me and we will re-add it with appropriate testing.
Bug: 13284213
Change-Id: I1f7178e4f7dd8ea816cbc03ab5c4f6543e98acaa
Diffstat (limited to 'cryptfs.h')
-rw-r--r-- | cryptfs.h | 13 |
1 files changed, 10 insertions, 3 deletions
@@ -27,6 +27,7 @@ */ #include <cutils/properties.h> +#include <openssl/sha.h> /* The current cryptfs version */ #define CURRENT_MAJOR_VERSION 1 @@ -80,10 +81,10 @@ struct crypt_mnt_ftr { * CRYPT_TYPE_XXX value */ __le64 fs_size; /* Size of the encrypted fs, in 512 byte sectors */ __le32 failed_decrypt_count; /* count of # of failed attempts to decrypt and - mount, set to 0 on successful mount */ + mount, set to 0 on successful mount */ unsigned char crypto_type_name[MAX_CRYPTO_TYPE_NAME_LEN]; /* The type of encryption - needed to decrypt this - partition, null terminated */ + needed to decrypt this + partition, null terminated */ __le32 spare2; /* ignored */ unsigned char master_key[MAX_KEY_LEN]; /* The encrypted key for decrypting the filesystem */ unsigned char salt[SALT_LEN]; /* The salt used for this encryption */ @@ -100,6 +101,12 @@ struct crypt_mnt_ftr { __le8 N_factor; /* (1 << N) */ __le8 r_factor; /* (1 << r) */ __le8 p_factor; /* (1 << p) */ + __le64 encrypted_upto; /* If we are in state CRYPT_ENCRYPTION_IN_PROGRESS and + we have to stop (e.g. power low) this is the last + encrypted 512 byte sector.*/ + __le8 hash_first_block[SHA256_DIGEST_LENGTH]; /* When CRYPT_ENCRYPTION_IN_PROGRESS + set, hash of first block, used + to validate before continuing*/ }; /* Persistant data that should be available before decryption. |