139 bool OptionsToString(const EncryptionOptions& options, std::string* options_string) {  in OptionsToString()  argument
140     return OptionsToStringForApiLevel(GetFirstApiLevel(), options, options_string);  in OptionsToString()
143 bool OptionsToStringForApiLevel(unsigned int first_api_level, const EncryptionOptions& options,  in OptionsToStringForApiLevel()  argument
146     if (!LookupModeById(contents_modes, options.contents_mode, &contents_mode)) {  in OptionsToStringForApiLevel()
149     if (!LookupModeById(filenames_modes, options.filenames_mode, &filenames_mode)) {  in OptionsToStringForApiLevel()
152     *options_string = contents_mode + ":" + filenames_mode + ":v" + std::to_string(options.version);  in OptionsToStringForApiLevel()
153     if ((options.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64)) {  in OptionsToStringForApiLevel()
156     if ((options.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)) {  in OptionsToStringForApiLevel()
159     if (options.use_hw_wrapped_key) {  in OptionsToStringForApiLevel()
168     if (options != options_check) {  in OptionsToStringForApiLevel()
176 bool ParseOptions(const std::string& options_string, EncryptionOptions* options) {  in ParseOptions()  argument
177     return ParseOptionsForApiLevel(GetFirstApiLevel(), options_string, options);  in ParseOptions()
181                              EncryptionOptions* options) {  in ParseOptionsForApiLevel()  argument
184         LOG(ERROR) << "Invalid encryption options: " << options;  in ParseOptionsForApiLevel()
187     options->contents_mode = FSCRYPT_MODE_AES_256_XTS;  in ParseOptionsForApiLevel()
189         if (!LookupModeByName(contents_modes, parts[0], &options->contents_mode)) {  in ParseOptionsForApiLevel()
194     if (options->contents_mode == FSCRYPT_MODE_ADIANTUM) {  in ParseOptionsForApiLevel()
195         options->filenames_mode = FSCRYPT_MODE_ADIANTUM;  in ParseOptionsForApiLevel()
197         options->filenames_mode = FSCRYPT_MODE_AES_256_CTS;  in ParseOptionsForApiLevel()
200         if (!LookupModeByName(filenames_modes, parts[1], &options->filenames_mode)) {  in ParseOptionsForApiLevel()
208     options->version = is_gki ? 2 : 1;  in ParseOptionsForApiLevel()
209     options->flags = 0;  in ParseOptionsForApiLevel()
210     options->use_hw_wrapped_key = false;  in ParseOptionsForApiLevel()
215                 options->version = 1;  in ParseOptionsForApiLevel()
217                 options->version = 2;  in ParseOptionsForApiLevel()
219                 options->flags |= FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64;  in ParseOptionsForApiLevel()
221                 options->flags |= FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32;  in ParseOptionsForApiLevel()
223                 options->use_hw_wrapped_key = true;  in ParseOptionsForApiLevel()
237     if (!is_gki && options->version == 1 && options->filenames_mode == FSCRYPT_MODE_AES_256_CTS) {  in ParseOptionsForApiLevel()
238         options->flags |= FSCRYPT_POLICY_FLAGS_PAD_4;  in ParseOptionsForApiLevel()
240         options->flags |= FSCRYPT_POLICY_FLAGS_PAD_16;  in ParseOptionsForApiLevel()
246     if (options->contents_mode == FSCRYPT_MODE_ADIANTUM) {  in ParseOptionsForApiLevel()
247         if (options->filenames_mode != FSCRYPT_MODE_ADIANTUM) {  in ParseOptionsForApiLevel()
251         options->flags |= FSCRYPT_POLICY_FLAG_DIRECT_KEY;  in ParseOptionsForApiLevel()
252     } else if (options->filenames_mode == FSCRYPT_MODE_ADIANTUM) {  in ParseOptionsForApiLevel()
259     iv_methods += !!(options->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64);  in ParseOptionsForApiLevel()
260     iv_methods += !!(options->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32);  in ParseOptionsForApiLevel()
261     iv_methods += !!(options->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY);  in ParseOptionsForApiLevel()
276     ss << " v" << policy.options.version;  in PolicyDebugString()
277     ss << " modes " << policy.options.contents_mode << "/" << policy.options.filenames_mode;  in PolicyDebugString()
278     ss << std::hex << " flags 0x" << policy.options.flags;  in PolicyDebugString()
289     switch (policy.options.version) {  in EnsurePolicy()
299             kern_policy.v1.contents_encryption_mode = policy.options.contents_mode;  in EnsurePolicy()
300             kern_policy.v1.filenames_encryption_mode = policy.options.filenames_mode;  in EnsurePolicy()
301             kern_policy.v1.flags = policy.options.flags;  in EnsurePolicy()
312             kern_policy.v2.contents_encryption_mode = policy.options.contents_mode;  in EnsurePolicy()
313             kern_policy.v2.filenames_encryption_mode = policy.options.filenames_mode;  in EnsurePolicy()
314             kern_policy.v2.flags = policy.options.flags;  in EnsurePolicy()
319             LOG(ERROR) << "Invalid encryption policy version: " << policy.options.version;  in EnsurePolicy()