Don't apply default encryption to /data/user, it should get per-user

author Paul Crowley <paulcrowley@google.com>

Wed, 6 May 2015 14:28:35 +0000 (15:28 +0100)

committer Paul Crowley <paulcrowley@google.com>

Thu, 9 Jul 2015 17:08:41 +0000 (18:08 +0100)
author Paul Crowley <paulcrowley@google.com>
Wed, 6 May 2015 14:28:35 +0000 (15:28 +0100)
committer Paul Crowley <paulcrowley@google.com>
Thu, 9 Jul 2015 17:08:41 +0000 (18:08 +0100)
diff --git a/ext4_utils/ext4_crypt_init_extensions.cpp b/ext4_utils/ext4_crypt_init_extensions.cpp

index 3fb04b9..e1b69e1 100644 (file)
--- a/ext4_utils/ext4_crypt_init_extensions.cpp
+++ b/ext4_utils/ext4_crypt_init_extensions.cpp
@@ -142,10 +142,15 @@ int e4crypt_set_directory_policy(const char* dir)
      if (!dir || strncmp(dir, "/data/", 6) || strchr(dir + 6, '/')) {
          return 0;
      }
+    // ext4enc:TODO exclude /data/user with a horrible special case.
+    if (!strcmp(dir, "/data/user")) {
+        return 0;
+    }
  
      UnencryptedProperties props("/data");
      std::string policy = props.Get<std::string>(properties::ref);
      if (policy.empty()) {
+        // ext4enc:TODO why is this OK?
          return 0;
      }
  
diff --git a/ext4_utils/unencrypted_properties.cpp b/ext4_utils/unencrypted_properties.cpp

index d873e91..ed36e20 100644 (file)
--- a/ext4_utils/unencrypted_properties.cpp
+++ b/ext4_utils/unencrypted_properties.cpp
@@ -84,6 +84,7 @@ UnencryptedProperties UnencryptedProperties::GetChild(const char* name) const
  
  bool UnencryptedProperties::Remove(const char* name)
  {
+    if (!OK()) return false;
      if (remove((folder_ + "/" + name).c_str())
          && errno != ENOENT) {
          return false;
author	Paul Crowley <paulcrowley@google.com>
	Wed, 6 May 2015 14:28:35 +0000 (15:28 +0100)
committer	Paul Crowley <paulcrowley@google.com>
	Thu, 9 Jul 2015 17:08:41 +0000 (18:08 +0100)
ext4_utils/ext4_crypt_init_extensions.cpp		patch \| blob \| history
ext4_utils/unencrypted_properties.cpp		patch \| blob \| history