return EXIT_FAILURE;
}
+ MmcDevice dev(0);
+ std::string devpath = dev.findNode("user");
+
if (MOUNT == argv[1]) {
- auto masterKey = UpgradeSupport::loadMasterKey(DEV_PATH);
+ auto masterKey = UpgradeSupport::loadMasterKey(devpath);
+ std::string path = INTERNAL_PATH;
+ if (argc == 3)
+ path = argv[2];
- DMCryptEngine dmcrypt(DEV_PATH, INTERNAL_PATH, ProgressBar([](unsigned){}));
- DMCryptEngine dmcrypt(devpath, path, ProgressBar([](int){}));
++ DMCryptEngine dmcrypt(devpath, path, ProgressBar([](unsigned){}));
// mount options are ignored by mount()
dmcrypt.mount(masterKey, 0);
// Create Device (mount_name)
initDMIoctl(dmBuf, DM_MAX_BUFFER_SIZE, mountName, 0);
- if (ioctl(fd, DM_DEV_CREATE, dmBuf)) {
+ if (ioctl(fd, DM_DEV_CREATE, dmBuf) && errno != EBUSY) {
- close(fd);
throw runtime::Exception("Cannot create dm-crypt device");
}
// create crypto type device mapping layer to mount the plain partition
// should be encrypted here.
auto cryptoBlkDev = createCryptoBlkDev(source, DM_DEFAULT_LABEL_NAME, sanitizeKey(key), DM_DEFAULT_CRYPTO_NAME);
+ start = true;
- std::function<bool(blkcnt_t)> isTarget;
- if (!(options & OPTION_INCLUDE_UNUSED_REGION)) {
- INFO(SINK, "FastEncryption: Disabled");
- isTarget = std::bind(&Ext4Tool::isUsedBlock, &ext4Source, _1);
- } else {
- INFO(SINK, "FastEncryption: Enabled");
- isTarget = [](unsigned int n) {
- return true;
- };
- }
-
// We always do In-place encryption
- copyInPlace(source, cryptoBlkDev, isTarget,
- std::bind((void(ProgressBar::*)(int, int, int))&ProgressBar::update,
- &progress, _1, _2, 1));
+ copyInPlace(source, cryptoBlkDev, options, progress);
// remove crypto type device mapper
destroyCryptoBlkDev(DM_DEFAULT_LABEL_NAME);
namespace {
const char *PRIVILEGE_PLATFORM = "http://tizen.org/privilege/internal/default/platform";
+const mode_t MODE_0640 = S_IRUSR | S_IWUSR | S_IRGRP;
+ const std::string ODE_OBJECT_PATH = "/Org/Tizen/OnDeviceEncryption";
+ const std::string ODE_INTERFACE_EVENT = "org.tizen.OnDeviceEncryption.Event";
+ const std::string ODE_SIGNAL_NAME = "unmount";
+ const std::string manifest =
+ "<node>"
+ " <interface name='" + ODE_INTERFACE_EVENT + "'>"
+ " <signal name='" + ODE_SIGNAL_NAME + "'>"
+ " </signal>"
+ " </interface>"
+ "</node>";
// watches systemd jobs
class JobWatch {
std::string source = findDevPath();
+ if (getState() == State::Encrypted) {
+ //"error_partially_encrypted"
+ if (!FileFooter::exist(source) && !UpgradeSupport::checkUpgradeFlag()) {
+ // Trigger key migration process
+ UpgradeSupport::createUpgradeFlag();
+ }
+ }
+
engine.reset(new INTERNAL_ENGINE(
source, INTERNAL_PATH,
- ProgressBar([](int v) {
+ ProgressBar([](unsigned v) {
::vconf_set_str(VCONFKEY_ODE_ENCRYPT_PROGRESS,
std::to_string(v).c_str());
})
::sleep(1);
runtime::File file("/opt/etc/.odeprogress");
- file.create(0640);
+ file.create(MODE_0640);
- INFO(SINK, "Closing all known systemd services that might be using internal storage.");
- stopKnownSystemdUnits();
-
std::string source = engine->getSource();
auto mntPaths = findMountPointsByDevice(source);
::sleep(1);
runtime::File file("/opt/etc/.odeprogress");
- file.create(0640);
+ file.create(MODE_0640);
if (engine->isMounted()) {
- INFO(SINK, "Closing all known systemd services that might be using internal storage.");
- stopKnownSystemdUnits();
INFO(SINK, "Closing all processes using internal storage.");
- stopDependedSystemdUnits();
+ stopSystemdUnits();
INFO(SINK, "Umounting internal storage.");
- while (1) {
- try {
- engine->umount();
- break;
- } catch (runtime::Exception& e) {
- stopDependedSystemdUnits();
- }
- }
+ unmountInternalStorage("/dev/mapper/userdata");
+ engine->umount();
}
INFO(SINK, "Decryption started.");
if (state == State::Unencrypted)
return error::NoSuchDevice;
- if (state == State::Corrupted)
- Ext4Tool::mkfs(engine->getSource());
-
runtime::File file("/opt/.factoryreset");
- file.create(0640);
+ file.create(MODE_0640);
::sync();
try {
{
size_t tokenSize(token.size());
- file.create(S_IRUSR | S_IWUSR);
- file.create(0640);
++ file.create(S_IRUSR | S_IWUSR | S_IRGRP);
file.write(&tokenSize, sizeof(tokenSize));
file.write(token.data(), token.size());
projects / platform / core / security / ode.git / commitdiff