Merge "Enable HCTR2 for filenames encryption"

2023-02-20 02:15:24 +00:00 · 2023-02-20 02:15:24 +00:00 · 5e2783f956
commit 5e2783f956
parent c97337e9f8 3d2698105e
2 changed files with 6 additions and 2 deletions
--- a/conf/Android.bp
+++ b/conf/Android.bp
@ -37,7 +37,7 @@ genrule {
    name: "gen_fstab.zuma-hw-encrypt",
    srcs: ["fstab.zuma.in"],
    out: ["fstab.zuma"],
-    cmd: "sed -e s/@fileencryption@/fileencryption=::inlinecrypt_optimized+wrappedkey_v0/" +
+    cmd: "sed -e s/@fileencryption@/fileencryption=:aes-256-hctr2:inlinecrypt_optimized+wrappedkey_v0/" +
        " -e s/@inlinecrypt@/inlinecrypt/ " +
        " -e s/@metadata_encryption@/metadata_encryption=:wrappedkey_v0/ $(in) > $(out)",
 }
@ -46,7 +46,7 @@ genrule {
    name: "gen_fstab.zuma-sw-encrypt",
    srcs: ["fstab.zuma.in"],
    out: ["fstab.zuma"],
-    cmd: "sed -e s/@fileencryption@/fileencryption=aes-256-xts/" +
+    cmd: "sed -e s/@fileencryption@/fileencryption=aes-256-xts:aes-256-hctr2/" +
        " -e s/@inlinecrypt@// " +
        " -e s/@metadata_encryption@/metadata_encryption=/ $(in) > $(out)",
 }
--- a/device.mk
+++ b/device.mk
@ -1154,6 +1154,10 @@ PRODUCT_COPY_FILES += \
 # Call deleteAllKeys if vold detects a factory reset
 PRODUCT_VENDOR_PROPERTIES += ro.crypto.metadata_init_delete_all_keys.enabled?=true
 # Use HCTR2 for filenames encryption on adoptable storage.
 PRODUCT_PROPERTY_OVERRIDES += \
    ro.crypto.volume.options=aes-256-xts:aes-256-hctr2
 # Hardware Info Collection
 include hardware/google/pixel/HardwareInfo/HardwareInfo.mk