From b97bccecfe97270eb15f77d1580f16eb1125fc1c Mon Sep 17 00:00:00 2001 From: Theodore Ts'o Date: Tue, 14 Jul 2015 23:19:08 -0400 Subject: [PATCH] android: add add_ext4_encrypt helper program Signed-off-by: Theodore Ts'o --- contrib/Android.mk | 43 ++++++++++++++++++++++++++++++ contrib/add_ext4_encrypt.c | 65 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 108 insertions(+) create mode 100644 contrib/add_ext4_encrypt.c diff --git a/contrib/Android.mk b/contrib/Android.mk index 9557320..6628145 100644 --- a/contrib/Android.mk +++ b/contrib/Android.mk @@ -34,3 +34,46 @@ LOCAL_MODULE_TAGS := optional include $(BUILD_HOST_EXECUTABLE) +######################################################################### +# Build add_ext4_encrypt +# +include $(CLEAR_VARS) + +add_ext4_encrypt_src_files := \ + add_ext4_encrypt.c + +add_ext4_encrypt_c_includes := \ + external/e2fsprogs/lib + +add_ext4_encrypt_cflags := -O2 -g -W -Wall + +add_ext4_encrypt_shared_libraries := \ + libext2fs \ + libext2_com_err + +add_ext4_encrypt_system_shared_libraries := libc + +include $(CLEAR_VARS) + +LOCAL_SRC_FILES := $(add_ext4_encrypt_src_files) +LOCAL_C_INCLUDES := $(add_ext4_encrypt_c_includes) +LOCAL_CFLAGS := $(add_ext4_encrypt_cflags) +LOCAL_SHARED_LIBRARIES := $(add_ext4_encrypt_shared_libraries) +LOCAL_SYSTEM_SHARED_LIBRARIES := $(add_ext4_encrypt_system_shared_libraries) +LOCAL_MODULE := add_ext4_encrypt +LOCAL_MODULE_TAGS := optional + +include $(BUILD_EXECUTABLE) + +include $(CLEAR_VARS) + +LOCAL_SRC_FILES := $(add_ext4_encrypt_src_files) +LOCAL_C_INCLUDES := $(add_ext4_encrypt_c_includes) +LOCAL_CFLAGS := $(add_ext4_encrypt_cflags) +LOCAL_SHARED_LIBRARIES := $(addsuffix _host, $(add_ext4_encrypt_shared_libraries)) +LOCAL_MODULE := add_ext4_encrypt_host +LOCAL_MODULE_STEM := add_ext4_encrypt +LOCAL_MODULE_TAGS := optional + +include $(BUILD_HOST_EXECUTABLE) + diff --git a/contrib/add_ext4_encrypt.c b/contrib/add_ext4_encrypt.c new file mode 100644 index 0000000..73008dc --- /dev/null +++ b/contrib/add_ext4_encrypt.c @@ -0,0 +1,65 @@ +/* + * Basic progam to add ext4 encryption to a file system + * + * Copyright 2015, Google, Inc. + * + * %Begin-Header% + * This file may be redistributed under the terms of the GNU Public + * License. + * %End-Header% + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +int main (int argc, char *argv[]) +{ + errcode_t retval = 0; + ext2_filsys fs; + + setbuf(stdout, NULL); + setbuf(stderr, NULL); + initialize_ext2_error_table(); + + if (argc != 2) { + fprintf(stderr, "%s: Usage \n", argv[0]); + exit(1); + } + + retval = ext2fs_open(argv[1], EXT2_FLAG_RW, 0, 0, + unix_io_manager, &fs); + + if (retval) { + com_err(argv[0], retval, "while trying to open '%s'", + argv[1]); + exit(1); + } + if (!EXT2_HAS_INCOMPAT_FEATURE(fs->super, + EXT4_FEATURE_INCOMPAT_ENCRYPT)) { + fs->super->s_feature_incompat |= EXT4_FEATURE_INCOMPAT_ENCRYPT; + fs->super->s_encrypt_algos[0] = + EXT4_ENCRYPTION_MODE_AES_256_XTS; + fs->super->s_encrypt_algos[1] = + EXT4_ENCRYPTION_MODE_AES_256_CTS; + ext2fs_mark_super_dirty(fs); + printf("Ext4 encryption enabled on %s\n", argv[1]); + } else + printf("Ext4 encryption already enabled on %s\n", argv[1]); + + retval = ext2fs_close(fs); + if (retval) { + com_err(argv[0], retval, "while trying to close '%s'", + argv[1]); + exit(1); + } + return (0); +} + -- 1.8.3.1