From 444eca232964dbf27d0c4d01447c1493f89186e0 Mon Sep 17 00:00:00 2001
From: Ben Komalo <benkomalo@google.com>
Date: Thu, 1 Sep 2011 15:17:44 -0700
Subject: [PATCH] Expose getting encryptstate through IMountService

- this really just calls cryptfs cryptocomplete
- needed so that UI logic can present a factory reset option if
encryption screwed up

Bug: 3384231
Change-Id: I553de87f0d03a65851030c9c5266e85866d30fa6
---
 .../android/os/storage/IMountService.java     | 42 ++++++++++++++++++-
 .../java/com/android/server/MountService.java | 41 +++++++++++++++---
 2 files changed, 77 insertions(+), 6 deletions(-)

diff --git a/core/java/android/os/storage/IMountService.java b/core/java/android/os/storage/IMountService.java
index 93020601b29c4..e0130b5cd0694 100644
--- a/core/java/android/os/storage/IMountService.java
+++ b/core/java/android/os/storage/IMountService.java
@@ -36,7 +36,7 @@ public interface IMountService extends IInterface {
     /** Local-side IPC implementation stub class. */
     public static abstract class Stub extends Binder implements IMountService {
         private static class Proxy implements IMountService {
-            private IBinder mRemote;
+            private final IBinder mRemote;
 
             Proxy(IBinder remote) {
                 mRemote = remote;
@@ -589,6 +589,22 @@ public interface IMountService extends IInterface {
                 return _result;
             }
 
+            public int getEncryptionState() throws RemoteException {
+                Parcel _data = Parcel.obtain();
+                Parcel _reply = Parcel.obtain();
+                int _result;
+                try {
+                    _data.writeInterfaceToken(DESCRIPTOR);
+                    mRemote.transact(Stub.TRANSACTION_getEncryptionState, _data, _reply, 0);
+                    _reply.readException();
+                    _result = _reply.readInt();
+                } finally {
+                    _reply.recycle();
+                    _data.recycle();
+                }
+                return _result;
+            }
+
             public int decryptStorage(String password) throws RemoteException {
                 Parcel _data = Parcel.obtain();
                 Parcel _reply = Parcel.obtain();
@@ -741,6 +757,8 @@ public interface IMountService extends IInterface {
 
         static final int TRANSACTION_getSecureContainerFilesystemPath = IBinder.FIRST_CALL_TRANSACTION + 30;
 
+        static final int TRANSACTION_getEncryptionState = IBinder.FIRST_CALL_TRANSACTION + 31;
+
         /**
          * Cast an IBinder object into an IMountService interface, generating a
          * proxy if needed.
@@ -1062,6 +1080,13 @@ public interface IMountService extends IInterface {
                     reply.writeString(path);
                     return true;
                 }
+                case TRANSACTION_getEncryptionState: {
+                    data.enforceInterface(DESCRIPTOR);
+                    int result = getEncryptionState();
+                    reply.writeNoException();
+                    reply.writeInt(result);
+                    return true;
+                }
             }
             return super.onTransact(code, data, reply, flags);
         }
@@ -1222,6 +1247,21 @@ public interface IMountService extends IInterface {
      */
     public boolean isExternalStorageEmulated() throws RemoteException;
 
+    /** The volume is not encrypted. */
+    static final int ENCRYPTION_STATE_NONE = 1;
+    /** The volume has been encrypted succesfully. */
+    static final int ENCRYPTION_STATE_OK = 0;
+    /** The volume is in a bad state. */
+    static final int ENCRYPTION_STATE_ERROR_UNKNOWN = -1;
+    /** The volume is in a bad state - partially encrypted. Data is likely irrecoverable. */
+    static final int ENCRYPTION_STATE_ERROR_INCOMPLETE = -2;
+
+    /**
+     * Determines the encryption state of the volume.
+     * @return a numerical value. See {@code ENCRYPTION_STATE_*} for possible values.
+     */
+    public int getEncryptionState() throws RemoteException;
+
     /**
      * Decrypts any encrypted volumes.
      */
diff --git a/services/java/com/android/server/MountService.java b/services/java/com/android/server/MountService.java
index 00aa14cb2ea8f..d806309cd34f0 100644
--- a/services/java/com/android/server/MountService.java
+++ b/services/java/com/android/server/MountService.java
@@ -454,7 +454,7 @@ class MountService extends IMountService.Stub
         }
     }
 
-    private BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() {
+    private final BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() {
         @Override
         public void onReceive(Context context, Intent intent) {
             String action = intent.getAction();
@@ -484,7 +484,7 @@ class MountService extends IMountService.Stub
                             synchronized (mVolumeStates) {
                                 Set<String> keys = mVolumeStates.keySet();
                                 count = keys.size();
-                                paths = (String[])keys.toArray(new String[count]);
+                                paths = keys.toArray(new String[count]);
                                 states = new String[count];
                                 for (int i = 0; i < count; i++) {
                                     states[i] = mVolumeStates.get(paths[i]);
@@ -1761,6 +1761,37 @@ class MountService extends IMountService.Stub
             Slog.i(TAG, "Send to OBB handler: " + action.toString());
     }
 
+    @Override
+    public int getEncryptionState() {
+        mContext.enforceCallingOrSelfPermission(Manifest.permission.CRYPT_KEEPER,
+                "no permission to access the crypt keeper");
+
+        waitForReady();
+
+        try {
+            ArrayList<String> rsp = mConnector.doCommand("cryptfs cryptocomplete");
+            String[] tokens = rsp.get(0).split(" ");
+
+            if (tokens == null || tokens.length != 2) {
+                // Unexpected.
+                Slog.w(TAG, "Unexpected result from cryptfs cryptocomplete");
+                return ENCRYPTION_STATE_ERROR_UNKNOWN;
+            }
+
+            return Integer.parseInt(tokens[1]);
+
+        } catch (NumberFormatException e) {
+            // Bad result - unexpected.
+            Slog.w(TAG, "Unable to parse result from cryptfs cryptocomplete");
+            return ENCRYPTION_STATE_ERROR_UNKNOWN;
+        } catch (NativeDaemonConnectorException e) {
+            // Something bad happened.
+            Slog.w(TAG, "Error in communicating with cryptfs in validating");
+            return ENCRYPTION_STATE_ERROR_UNKNOWN;
+        }
+    }
+
+    @Override
     public int decryptStorage(String password) {
         if (TextUtils.isEmpty(password)) {
             throw new IllegalArgumentException("password cannot be empty");
@@ -2090,7 +2121,7 @@ class MountService extends IMountService.Stub
         public void execute(ObbActionHandler handler) {
             try {
                 if (DEBUG_OBB)
-                    Slog.i(TAG, "Starting to execute action: " + this.toString());
+                    Slog.i(TAG, "Starting to execute action: " + toString());
                 mRetries++;
                 if (mRetries > MAX_RETRIES) {
                     Slog.w(TAG, "Failed to invoke remote methods on default container service. Giving up");
@@ -2147,7 +2178,7 @@ class MountService extends IMountService.Stub
     }
 
     class MountObbAction extends ObbAction {
-        private String mKey;
+        private final String mKey;
 
         MountObbAction(ObbState obbState, String key) {
             super(obbState);
@@ -2258,7 +2289,7 @@ class MountService extends IMountService.Stub
     }
 
     class UnmountObbAction extends ObbAction {
-        private boolean mForceUnmount;
+        private final boolean mForceUnmount;
 
         UnmountObbAction(ObbState obbState, boolean force) {
             super(obbState);