From e9afc3de0fe1df795cc2f8cfab489177252812be Mon Sep 17 00:00:00 2001 From: Ethan Yonker Date: Thu, 30 Aug 2018 15:16:27 -0500 Subject: Decrypt FBE on 9.0 (backwards compatible) Building in 9.0 may require you to add a flag to your twrp fstab with the fileencryption details like: fileencryption=ice:aes-256-heh Verify this against your device's stock fstab of course. Change-Id: If9286f5d5787280814daca9fbc8f5191ff26a839 --- crypto/ext4crypt/Android.mk | 41 ++++++++++++++++++++++++++++++++--------- 1 file changed, 32 insertions(+), 9 deletions(-) (limited to 'crypto/ext4crypt/Android.mk') diff --git a/crypto/ext4crypt/Android.mk b/crypto/ext4crypt/Android.mk index 4aba9ef45..e589903d9 100644 --- a/crypto/ext4crypt/Android.mk +++ b/crypto/ext4crypt/Android.mk @@ -5,7 +5,7 @@ include $(CLEAR_VARS) LOCAL_MODULE := libe4crypt LOCAL_MODULE_TAGS := eng optional LOCAL_CFLAGS := -LOCAL_SRC_FILES := Decrypt.cpp Ext4Crypt.cpp ScryptParameters.cpp Utils.cpp HashPassword.cpp ext4_crypt.cpp +LOCAL_SRC_FILES := Decrypt.cpp ScryptParameters.cpp Utils.cpp HashPassword.cpp ext4_crypt.cpp LOCAL_SHARED_LIBRARIES := libselinux libc libc++ libext4_utils libbase libcrypto libcutils libkeymaster_messages libhardware libprotobuf-cpp-lite LOCAL_STATIC_LIBRARIES := libscrypt_static LOCAL_C_INCLUDES := system/extras/ext4_utils system/extras/ext4_utils/include/ext4_utils external/scrypt/lib/crypto system/security/keystore hardware/libhardware/include/hardware system/security/softkeymaster/include/keymaster system/keymaster/include @@ -15,22 +15,40 @@ ifneq ($(wildcard hardware/libhardware/include/hardware/keymaster0.h),) LOCAL_C_INCLUDES += external/boringssl/src/include endif ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 26; echo $$?),0) - LOCAL_CFLAGS += -DUSE_KEYSTORAGE_3 -DHAVE_GATEKEEPER1 - LOCAL_SRC_FILES += Keymaster3.cpp KeyStorage3.cpp - LOCAL_SHARED_LIBRARIES += android.hardware.keymaster@3.0 libkeystore_binder libhidlbase libutils libbinder - LOCAL_SHARED_LIBRARIES += android.hardware.gatekeeper@1.0 - ifneq ($(wildcard hardware/interfaces/weaver/Android.bp),) + #8.0 or higher + LOCAL_CFLAGS += -DHAVE_GATEKEEPER1 + LOCAL_SHARED_LIBRARIES += android.hardware.keymaster@3.0 libkeystore_binder libhidlbase libutils libbinder android.hardware.gatekeeper@1.0 + ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 28; echo $$?),0) + #9.0 rules + LOCAL_CFLAGS += -DUSE_KEYSTORAGE_4 -Wno-unused-variable -Wno-sign-compare -Wno-unused-parameter -Wno-comment + LOCAL_SRC_FILES += Ext4CryptPie.cpp Keymaster4.cpp KeyStorage4.cpp KeyUtil.cpp + LOCAL_SHARED_LIBRARIES += android.hardware.keymaster@4.0 libkeymaster4support + LOCAL_SHARED_LIBRARIES += android.hardware.gatekeeper@1.0 libkeystore_parcelables libkeystore_aidl LOCAL_CFLAGS += -DHAVE_SYNTH_PWD_SUPPORT LOCAL_SRC_FILES += Weaver1.cpp LOCAL_SHARED_LIBRARIES += android.hardware.weaver@1.0 - endif - ifneq ($(wildcard system/core/libkeyutils/Android.bp),) LOCAL_CFLAGS += -DHAVE_LIBKEYUTILS LOCAL_SHARED_LIBRARIES += libkeyutils + else + #8.0 rules + LOCAL_CFLAGS += -DUSE_KEYSTORAGE_3 + LOCAL_SRC_FILES += Ext4Crypt.cpp Keymaster3.cpp KeyStorage3.cpp + ifneq ($(wildcard hardware/interfaces/weaver/Android.bp),) + #only present in some 8.0 trees and should be in all 8.1 trees + LOCAL_CFLAGS += -DHAVE_SYNTH_PWD_SUPPORT + LOCAL_SRC_FILES += Weaver1.cpp + LOCAL_SHARED_LIBRARIES += android.hardware.weaver@1.0 + endif + ifneq ($(wildcard system/core/libkeyutils/Android.bp),) + #only present in some 8.0 trees and should be in all 8.1 trees + LOCAL_CFLAGS += -DHAVE_LIBKEYUTILS + LOCAL_SHARED_LIBRARIES += libkeyutils + endif endif LOCAL_REQUIRED_MODULES := keystore_auth else - LOCAL_SRC_FILES += Keymaster.cpp KeyStorage.cpp + #7.x rules + LOCAL_SRC_FILES += Ext4Crypt.cpp Keymaster.cpp KeyStorage.cpp endif ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 28; echo $$?),0) LOCAL_SHARED_LIBRARIES += libsoftkeymaster @@ -69,6 +87,11 @@ LOCAL_MODULE_CLASS := RECOVERY_EXECUTABLES LOCAL_MODULE_PATH := $(TARGET_RECOVERY_ROOT_OUT)/sbin LOCAL_SRC_FILES := keystore_auth.cpp LOCAL_SHARED_LIBRARIES := libc libkeystore_binder libutils libbinder liblog +ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 28; echo $$?),0) + #9.0 + LOCAL_CFLAGS += -DUSE_SECURITY_NAMESPACE + LOCAL_SHARED_LIBRARIES += libkeystore_aidl +endif LOCAL_LDFLAGS += -Wl,-dynamic-linker,/sbin/linker64 include $(BUILD_EXECUTABLE) -- cgit v1.2.3