Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable HCTR2 for filenames encryption am: d4aea9089b

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma/+/21489264

Change-Id: If82987b77de0bee14ef689a5a16c5160c63ce5fc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Nathan Huckleberry 2023-02-20 02:59:19 +00:00 committed by Automerger Merge Worker
commit 213617c8c5
2 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
conf/Android.bp
View file

@ -37,7 +37,7 @@ genrule {
name: "gen_fstab.zuma-hw-encrypt", name: "gen_fstab.zuma-hw-encrypt",
srcs: ["fstab.zuma.in"], srcs: ["fstab.zuma.in"],
out: ["fstab.zuma"], out: ["fstab.zuma"],
cmd: "sed -e s/@fileencryption@/fileencryption=::inlinecrypt_optimized+wrappedkey_v0/" + cmd: "sed -e s/@fileencryption@/fileencryption=:aes-256-hctr2:inlinecrypt_optimized+wrappedkey_v0/" +
" -e s/@inlinecrypt@/inlinecrypt/ " + " -e s/@inlinecrypt@/inlinecrypt/ " +
" -e s/@metadata_encryption@/metadata_encryption=:wrappedkey_v0/ $(in) > $(out)", " -e s/@metadata_encryption@/metadata_encryption=:wrappedkey_v0/ $(in) > $(out)",
} }
@ -46,7 +46,7 @@ genrule {
name: "gen_fstab.zuma-sw-encrypt", name: "gen_fstab.zuma-sw-encrypt",
srcs: ["fstab.zuma.in"], srcs: ["fstab.zuma.in"],
out: ["fstab.zuma"], out: ["fstab.zuma"],
cmd: "sed -e s/@fileencryption@/fileencryption=aes-256-xts/" + cmd: "sed -e s/@fileencryption@/fileencryption=aes-256-xts:aes-256-hctr2/" +
" -e s/@inlinecrypt@// " + " -e s/@inlinecrypt@// " +
" -e s/@metadata_encryption@/metadata_encryption=/ $(in) > $(out)", " -e s/@metadata_encryption@/metadata_encryption=/ $(in) > $(out)",
} }

4
device.mk
View file

@ -1152,6 +1152,10 @@ PRODUCT_COPY_FILES += \
# Call deleteAllKeys if vold detects a factory reset # Call deleteAllKeys if vold detects a factory reset
PRODUCT_VENDOR_PROPERTIES += ro.crypto.metadata_init_delete_all_keys.enabled?=true PRODUCT_VENDOR_PROPERTIES += ro.crypto.metadata_init_delete_all_keys.enabled?=true
# Use HCTR2 for filenames encryption on adoptable storage.
PRODUCT_PROPERTY_OVERRIDES += \
ro.crypto.volume.options=aes-256-xts:aes-256-hctr2
# Hardware Info Collection # Hardware Info Collection
include hardware/google/pixel/HardwareInfo/HardwareInfo.mk include hardware/google/pixel/HardwareInfo/HardwareInfo.mk