From 85f44ed751461d0368edbf5662c4ebc584078804 Mon Sep 17 00:00:00 2001 From: Dees_Troy Date: Wed, 9 Jan 2013 18:42:36 +0000 Subject: Improve remounting sdcard with ecryptfs --- crypto/ics/cryptfs.c | 16 +++++++--------- partition.cpp | 22 ++++++++++++++++++++-- partitionmanager.cpp | 17 ++++++++++++----- partitions.hpp | 3 +++ 4 files changed, 42 insertions(+), 16 deletions(-) diff --git a/crypto/ics/cryptfs.c b/crypto/ics/cryptfs.c index 8a6c581fe..945864d6a 100644 --- a/crypto/ics/cryptfs.c +++ b/crypto/ics/cryptfs.c @@ -659,6 +659,7 @@ int cryptfs_check_passwd(const char *passwd) int rc2 = 1; #ifndef RECOVERY_SDCARD_ON_DATA +#ifdef TW_INTERNAL_STORAGE_PATH // internal storage for non data/media devices if(!rc) { strcpy(pwbuf, passwd); @@ -667,6 +668,7 @@ int cryptfs_check_passwd(const char *passwd) EXPAND(TW_INTERNAL_STORAGE_MOUNT_POINT)); } #endif +#endif #ifdef TW_EXTERNAL_STORAGE_PATH printf("Temp mounting /data\n"); // mount data so mount_ecryptfs_drive can access edk in /data/system/ @@ -674,21 +676,17 @@ int cryptfs_check_passwd(const char *passwd) // external sd char decrypt_external[256], external_blkdev[256]; property_get("ro.crypto.external_encrypted", decrypt_external, "0"); - // First we have to mount the external storage - if (!rc2 && strcmp(decrypt_external, "1") == 0) { - printf("Mounting external...\n"); - property_get("ro.crypto.external_blkdev", external_blkdev, ""); - rc2 = mount( - external_blkdev, EXPAND(TW_EXTERNAL_STORAGE_PATH), - "vfat", MS_RDONLY, ""); - } // Mount the external storage as ecryptfs so that ecryptfs can act as a pass-through - if (!rc2) { + if (!rc2 && strcmp(decrypt_external, "1") == 0) { printf("Mounting external with ecryptfs...\n"); strcpy(pwbuf, passwd); rc2 = mount_ecryptfs_drive( pwbuf, EXPAND(TW_EXTERNAL_STORAGE_PATH), EXPAND(TW_EXTERNAL_STORAGE_PATH), 0); + if (rc2 == 0) + property_set("ro.crypto.external_use_ecryptfs", "1"); + else + property_set("ro.crypto.external_use_ecryptfs", "0"); } else { printf("Unable to mount external storage with ecryptfs.\n"); umount(EXPAND(TW_EXTERNAL_STORAGE_PATH)); diff --git a/partition.cpp b/partition.cpp index 7eac409f4..4a7a90023 100644 --- a/partition.cpp +++ b/partition.cpp @@ -44,6 +44,9 @@ extern "C" { #include "mtdutils/mtdutils.h" #include "mtdutils/mounts.h" +#ifdef TW_INCLUDE_CRYPTO_SAMSUNG + #include "crypto/libcrypt_samsung/include/libcrypt_samsung.h" +#endif } using namespace std; @@ -87,6 +90,9 @@ TWPartition::TWPartition(void) { Fstab_File_System = ""; Format_Block_Size = 0; Ignore_Blkid = false; +#ifdef TW_INCLUDE_CRYPTO_SAMSUNG + EcryptFS_Password = ""; +#endif } TWPartition::~TWPartition(void) { @@ -684,9 +690,9 @@ bool TWPartition::Mount(bool Display_Error) { return false; } else return true; - } else if (Fstab_File_System == "exfat") { + } else if (Current_File_System == "exfat" && TWFunc::Path_Exists("/sbin/exfat-fuse")) { string cmd = "/sbin/exfat-fuse " + Actual_Block_Device + " " + Mount_Point; - LOGI("cmd: %s\n", cmd.c_str()); + LOGI("cmd: %s\n", cmd.c_str()); string result; if (TWFunc::Exec_Cmd(cmd, result) != 0) return false; @@ -698,6 +704,18 @@ bool TWPartition::Mount(bool Display_Error) { LOGI("Actual block device: '%s', current file system: '%s'\n", Actual_Block_Device.c_str(), Current_File_System.c_str()); return false; } else { +#ifdef TW_INCLUDE_CRYPTO_SAMSUNG + if (EcryptFS_Password.size() > 0) { + if (mount_ecryptfs_drive(EcryptFS_Password.c_str(), Mount_Point.c_str(), Mount_Point.c_str(), 0) != 0) { + if (Display_Error) + LOGE("Unable to mount ecryptfs for '%s'\n", Mount_Point.c_str()); + else + LOGI("Unable to mount ecryptfs for '%s'\n", Mount_Point.c_str()); + } else { + LOGI("Successfully mounted ecryptfs for '%s'\n", Mount_Point.c_str()); + } + } +#endif if (Removable) Update_Size(Display_Error); diff --git a/partitionmanager.cpp b/partitionmanager.cpp index 5f8b66a3a..5d75d3212 100644 --- a/partitionmanager.cpp +++ b/partitionmanager.cpp @@ -1596,7 +1596,7 @@ int TWPartitionManager::Decrypt_Device(string Password) { efs = 0; #ifdef TW_EXTERNAL_STORAGE_PATH TWPartition* sdcard = Find_Partition_By_Path(EXPAND(TW_EXTERNAL_STORAGE_PATH)); - if (sdcard) { + if (sdcard && sdcard->Mount(false)) { property_set("ro.crypto.external_encrypted", "1"); property_set("ro.crypto.external_blkdev", sdcard->Actual_Block_Device.c_str()); } else { @@ -1639,12 +1639,19 @@ int TWPartitionManager::Decrypt_Device(string Password) { emmc->Setup_File_System(false); ui_print("Internal SD successfully decrypted, new block device: '%s'\n", crypto_blkdev_sd); } - +#endif //ifdef CRYPTO_SD_FS_TYPE #ifdef TW_EXTERNAL_STORAGE_PATH - sdcard->Is_Decrypted = true; - sdcard->Setup_File_System(false); + char is_external_decrypted[255]; + property_get("ro.crypto.external_use_ecryptfs", is_external_decrypted, "0"); + if (strcmp(is_external_decrypted, "1") == 0) { + sdcard->Is_Decrypted = true; + sdcard->EcryptFS_Password = Password; + sdcard->Decrypted_Block_Device = sdcard->Actual_Block_Device; + } else { + sdcard->Is_Decrypted = false; + sdcard->Decrypted_Block_Device = ""; + } #endif //ifdef TW_EXTERNAL_STORAGE_PATH -#endif //ifdef CRYPTO_SD_FS_TYPE // Sleep for a bit so that the device will be ready sleep(1); diff --git a/partitions.hpp b/partitions.hpp index 2b2ed2cef..7660b8b4e 100644 --- a/partitions.hpp +++ b/partitions.hpp @@ -107,6 +107,9 @@ protected: string Fstab_File_System; // File system from the recovery.fstab int Format_Block_Size; // Block size for formatting bool Ignore_Blkid; // Ignore blkid results due to superblocks lying to us on certain devices / partitions +#ifdef TW_INCLUDE_CRYPTO_SAMSUNG + string EcryptFS_Password; // Have to store the encryption password to remount +#endif private: bool Process_Flags(string Flags, bool Display_Error); // Process custom fstab flags -- cgit v1.2.3