system/extras
Révision | 801d95ca3b71ecf297ce940624f0556d44bc63a2 (tree) |
---|---|
l'heure | 2019-09-19 12:10:20 |
Auteur | android-build-team Robot <android-build-team-robot@goog...> |
Commiter | android-build-team Robot |
Snap for 5885124 from ef17b323e8be065ed9fbcd1ea863d72e63488fc0 to qt-qpr1-release
Change-Id: I7cd78bea3bf10c61d2653ecc50c8741e96a5b6be
@@ -39,7 +39,7 @@ | ||
39 | 39 | |
40 | 40 | static const std::string arbitrary_sequence_number = "42"; |
41 | 41 | |
42 | -static int set_system_de_policy_on(char const* dir); | |
42 | +static int set_policy_on(char const* ref_basename, char const* dir); | |
43 | 43 | |
44 | 44 | int fscrypt_install_keyring() |
45 | 45 | { |
@@ -65,7 +65,7 @@ int fscrypt_set_directory_policy(const char* dir) | ||
65 | 65 | // Special-case /data/media/obb per b/64566063 |
66 | 66 | if (strcmp(dir, "/data/media/obb") == 0) { |
67 | 67 | // Try to set policy on this directory, but if it is non-empty this may fail. |
68 | - set_system_de_policy_on(dir); | |
68 | + set_policy_on(fscrypt_key_ref, dir); | |
69 | 69 | return 0; |
70 | 70 | } |
71 | 71 |
@@ -97,11 +97,20 @@ int fscrypt_set_directory_policy(const char* dir) | ||
97 | 97 | return 0; |
98 | 98 | } |
99 | 99 | } |
100 | - return set_system_de_policy_on(dir); | |
100 | + std::vector<std::string> per_boot_directories = { | |
101 | + "per_boot", | |
102 | + }; | |
103 | + for (const auto& d : per_boot_directories) { | |
104 | + if ((prefix + d) == dir) { | |
105 | + LOG(INFO) << "Setting per_boot key on " << dir; | |
106 | + return set_policy_on(fscrypt_key_per_boot_ref, dir); | |
107 | + } | |
108 | + } | |
109 | + return set_policy_on(fscrypt_key_ref, dir); | |
101 | 110 | } |
102 | 111 | |
103 | -static int set_system_de_policy_on(char const* dir) { | |
104 | - std::string ref_filename = std::string("/data") + fscrypt_key_ref; | |
112 | +static int set_policy_on(char const* ref_basename, char const* dir) { | |
113 | + std::string ref_filename = std::string("/data") + ref_basename; | |
105 | 114 | std::string policy; |
106 | 115 | if (!android::base::ReadFileToString(ref_filename, &policy)) { |
107 | 116 | LOG(ERROR) << "Unable to read system policy to set on " << dir; |
@@ -32,6 +32,7 @@ int fscrypt_policy_ensure(const char *directory, const char *policy, | ||
32 | 32 | |
33 | 33 | static const char* fscrypt_unencrypted_folder = "/unencrypted"; |
34 | 34 | static const char* fscrypt_key_ref = "/unencrypted/ref"; |
35 | +static const char* fscrypt_key_per_boot_ref = "/unencrypted/per_boot_ref"; | |
35 | 36 | static const char* fscrypt_key_mode = "/unencrypted/mode"; |
36 | 37 | |
37 | 38 | __END_DECLS |