Created
September 9, 2020 10:44
-
-
Save luca020400/ef089d066fc31f6e96bce387617eadde to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From 2e5a6f0453d6782ca14b24a4e18999fd02ce4c62 Mon Sep 17 00:00:00 2001 | |
| From: Luca Stefani <[email protected]> | |
| Date: Wed, 9 Sep 2020 12:43:54 +0200 | |
| Subject: [PATCH] libfscrypt: Don't bail out if we can't open directory | |
| * On QCOM vendor API 29 init.qcom.rc has a 'mkdir' entry | |
| for /data/system | |
| * While the encryption policy matches and is applied properly in | |
| permissive, vendor_init doesn't have enough perms to open | |
| and run ioctl over system_data_file to check its policy | |
| * Instead of opening th possiblity to vendors, just | |
| bail out if we fail to open the directory | |
| Test: m, boot r-gsi on Zenfone 6 | |
| Change-Id: I5ea37019221cd0887b8a5d7454f5a42ac01335c7 | |
| --- | |
| libfscrypt/fscrypt.cpp | 2 +- | |
| 1 file changed, 1 insertion(+), 1 deletion(-) | |
| diff --git a/libfscrypt/fscrypt.cpp b/libfscrypt/fscrypt.cpp | |
| index a52ed90c..435de51d 100644 | |
| --- a/libfscrypt/fscrypt.cpp | |
| +++ b/libfscrypt/fscrypt.cpp | |
| @@ -323,7 +323,7 @@ bool EnsurePolicy(const EncryptionPolicy& policy, const std::string& directory) | |
| android::base::unique_fd fd(open(directory.c_str(), O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC)); | |
| if (fd == -1) { | |
| PLOG(ERROR) << "Failed to open directory " << directory; | |
| - return false; | |
| + return true; | |
| } | |
| bool already_encrypted = fscrypt_is_encrypted(fd); | |
| -- | |
| 2.28.0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment