Merge commit 'f22d9cd819bf8b21bedba3dedcfa08fe8f91a15e' into HEAD

Change-Id: I0a0f6a3057951735943b846270c2d445e5cb4c7b

3 files changed, 29 insertions, 2 deletions

diff --git a/ext4_utils/allocate.c b/ext4_utils/allocate.c
index e0f662c8..d3a77b0a 100644
--- a/ext4_utils/allocate.c
+++ b/ext4_utils/allocate.c
@@ -231,16 +231,20 @@ static int reserve_blocks(struct block_group_info *bg, u32 bg_num, u32 start, u3
 static void free_blocks(struct block_group_info *bg, u32 block, u32 num_blocks)
 {
 	unsigned int i;
+
+	if (num_blocks == 0)
+		return;
 	for (i = 0; i < num_blocks; i++, block--)
 		bg->block_bitmap[block / 8] &= ~(1 << (block % 8));
 	bg->free_blocks += num_blocks;
+	block++;
 	for (i = bg->chunk_count; i > 0 ;) {
 		--i;
 		if (bg->chunks[i].len >= num_blocks && bg->chunks[i].block <= block) {
 			if (bg->chunks[i].block == block) {
 				bg->chunks[i].block += num_blocks;
 				bg->chunks[i].len -= num_blocks;
-			} else if (bg->chunks[i].block + bg->chunks[i].len - 1 == block + num_blocks) {
+			} else if (bg->chunks[i].block + bg->chunks[i].len == block + num_blocks) {
 				bg->chunks[i].len -= num_blocks;
 			}
 			break;
diff --git a/ext4_utils/ext4_crypt_init_extensions.cpp b/ext4_utils/ext4_crypt_init_extensions.cpp
index 2bf88012..35a1c219 100644
--- a/ext4_utils/ext4_crypt_init_extensions.cpp
+++ b/ext4_utils/ext4_crypt_init_extensions.cpp
@@ -41,6 +41,8 @@
 static const std::string arbitrary_sequence_number = "42";
 static const int vold_command_timeout_ms = 60 * 1000;
 
+static int set_system_de_policy_on(char const* dir);
+
 int e4crypt_install_keyring()
 {
     key_serial_t device_keyring = add_key("keyring", "e4crypt", 0, 0,
@@ -58,11 +60,22 @@ int e4crypt_install_keyring()
 
 int e4crypt_set_directory_policy(const char* dir)
 {
+    if (!dir || strncmp(dir, "/data/", 6)) {
+        return 0;
+    }
+
+    // Special-case /data/media/obb per b/64566063
+    if (strcmp(dir, "/data/media/obb") == 0) {
+        // Try to set policy on this directory, but if it is non-empty this may fail.
+        set_system_de_policy_on(dir);
+        return 0;
+    }
+
     // Only set policy on first level /data directories
     // To make this less restrictive, consider using a policy file.
     // However this is overkill for as long as the policy is simply
     // to apply a global policy to all /data folders created via makedir
-    if (!dir || strncmp(dir, "/data/", 6) || strchr(dir + 6, '/')) {
+    if (strchr(dir + 6, '/')) {
         return 0;
     }
 
@@ -83,7 +96,10 @@ int e4crypt_set_directory_policy(const char* dir)
             return 0;
         }
     }
+    return set_system_de_policy_on(dir);
+}
 
+static int set_system_de_policy_on(char const* dir) {
     std::string ref_filename = std::string("/data") + e4crypt_key_ref;
     std::string policy;
     if (!android::base::ReadFileToString(ref_filename, &policy)) {
diff --git a/ext4_utils/make_ext4fs.c b/ext4_utils/make_ext4fs.c
index 077899a4..cadf55c1 100644
--- a/ext4_utils/make_ext4fs.c
+++ b/ext4_utils/make_ext4fs.c
@@ -630,6 +630,13 @@ static void extract_base_fs_allocations(const char *directory, const char *mount
 			int start_block, end_block;
 			u32 block_file_size;
 			u32 real_file_block_size;
+			struct stat buf;
+
+			if (lstat(real_file_name, &buf) == -1)
+				critical_error(err_msg);
+
+			if (!S_ISREG(buf.st_mode))
+				continue;
 
 			real_file_fd = open(real_file_name, O_RDONLY);
 			if (real_file_fd == -1) {