diff options
Diffstat (limited to 'libfscrypt/fscrypt_init_extensions.cpp')
-rw-r--r-- | libfscrypt/fscrypt_init_extensions.cpp | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/libfscrypt/fscrypt_init_extensions.cpp b/libfscrypt/fscrypt_init_extensions.cpp index 9781267c..2fd70e79 100644 --- a/libfscrypt/fscrypt_init_extensions.cpp +++ b/libfscrypt/fscrypt_init_extensions.cpp @@ -39,7 +39,7 @@ static const std::string arbitrary_sequence_number = "42"; -static int set_system_de_policy_on(char const* dir); +static int set_policy_on(char const* ref_basename, char const* dir); int fscrypt_install_keyring() { @@ -65,7 +65,7 @@ int fscrypt_set_directory_policy(const char* dir) // Special-case /data/media/obb per b/64566063 if (strcmp(dir, "/data/media/obb") == 0) { // Try to set policy on this directory, but if it is non-empty this may fail. - set_system_de_policy_on(dir); + set_policy_on(fscrypt_key_ref, dir); return 0; } @@ -97,11 +97,20 @@ int fscrypt_set_directory_policy(const char* dir) return 0; } } - return set_system_de_policy_on(dir); + std::vector<std::string> per_boot_directories = { + "per_boot", + }; + for (const auto& d : per_boot_directories) { + if ((prefix + d) == dir) { + LOG(INFO) << "Setting per_boot key on " << dir; + return set_policy_on(fscrypt_key_per_boot_ref, dir); + } + } + return set_policy_on(fscrypt_key_ref, dir); } -static int set_system_de_policy_on(char const* dir) { - std::string ref_filename = std::string("/data") + fscrypt_key_ref; +static int set_policy_on(char const* ref_basename, char const* dir) { + std::string ref_filename = std::string("/data") + ref_basename; std::string policy; if (!android::base::ReadFileToString(ref_filename, &policy)) { LOG(ERROR) << "Unable to read system policy to set on " << dir; |