113 static std::string get_de_key_path(userid_t user_id) {  in get_de_key_path()  argument
114     return StringPrintf("%s/de/%d", user_key_dir.c_str(), user_id);  in get_de_key_path()
117 static std::string get_ce_key_directory_path(userid_t user_id) {  in get_ce_key_directory_path()  argument
118     return StringPrintf("%s/ce/%d", user_key_dir.c_str(), user_id);  in get_ce_key_directory_path()
190 static bool read_and_fixate_user_ce_key(userid_t user_id,  in read_and_fixate_user_ce_key()  argument
193     auto const directory_path = get_ce_key_directory_path(user_id);  in read_and_fixate_user_ce_key()
203     LOG(ERROR) << "Failed to find working ce key for user " << user_id;  in read_and_fixate_user_ce_key()
286 static bool read_and_install_user_ce_key(userid_t user_id,  in read_and_install_user_ce_key()  argument
288     if (s_ce_policies.count(user_id) != 0) return true;  in read_and_install_user_ce_key()
292     if (!read_and_fixate_user_ce_key(user_id, auth, &ce_key)) return false;  in read_and_install_user_ce_key()
295     s_ce_policies[user_id] = ce_policy;  in read_and_install_user_ce_key()
296     LOG(DEBUG) << "Installed ce key for user " << user_id;  in read_and_install_user_ce_key()
320 static bool create_and_install_user_keys(userid_t user_id, bool create_ephemeral) {  in create_and_install_user_keys()  argument
328         s_ephemeral_users.insert(user_id);  in create_and_install_user_keys()
330         auto const directory_path = get_ce_key_directory_path(user_id);  in create_and_install_user_keys()
340         if (!android::vold::storeKeyAtomically(get_de_key_path(user_id), user_key_temp,  in create_and_install_user_keys()
346     s_de_policies[user_id] = de_policy;  in create_and_install_user_keys()
349     s_ce_policies[user_id] = ce_policy;  in create_and_install_user_keys()
350     LOG(DEBUG) << "Created keys for user " << user_id;  in create_and_install_user_keys()
354 static bool lookup_policy(const std::map<userid_t, EncryptionPolicy>& key_map, userid_t user_id,  in lookup_policy()  argument
356     auto refi = key_map.find(user_id);  in lookup_policy()
358         LOG(DEBUG) << "Cannot find key for " << user_id;  in lookup_policy()
395         userid_t user_id = std::stoi(entry->d_name);  in load_all_de_keys()  local
401         auto ret = s_de_policies.insert({user_id, de_policy});  in load_all_de_keys()
403             LOG(ERROR) << "DE policy for user" << user_id << " changed";  in load_all_de_keys()
406         LOG(DEBUG) << "Installed de key for user " << user_id;  in load_all_de_keys()
500 bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral) {  in fscrypt_vold_create_user_key()  argument
501     LOG(DEBUG) << "fscrypt_vold_create_user_key for " << user_id << " serial " << serial;  in fscrypt_vold_create_user_key()
506     if (s_ce_policies.count(user_id) != 0) {  in fscrypt_vold_create_user_key()
507         LOG(ERROR) << "Already exists, can't fscrypt_vold_create_user_key for " << user_id  in fscrypt_vold_create_user_key()
512     if (!create_and_install_user_keys(user_id, ephemeral)) {  in fscrypt_vold_create_user_key()
539 static bool evict_ce_key(userid_t user_id) {  in evict_ce_key()  argument
543     if (lookup_policy(s_ce_policies, user_id, &policy)) {  in evict_ce_key()
547     s_ce_policies.erase(user_id);  in evict_ce_key()
551 bool fscrypt_destroy_user_key(userid_t user_id) {  in fscrypt_destroy_user_key()  argument
552     LOG(DEBUG) << "fscrypt_destroy_user_key(" << user_id << ")";  in fscrypt_destroy_user_key()
557     success &= evict_ce_key(user_id);  in fscrypt_destroy_user_key()
559     success &= lookup_policy(s_de_policies, user_id, &de_policy) &&  in fscrypt_destroy_user_key()
561     s_de_policies.erase(user_id);  in fscrypt_destroy_user_key()
562     auto it = s_ephemeral_users.find(user_id);  in fscrypt_destroy_user_key()
566         for (auto const path : get_ce_key_paths(get_ce_key_directory_path(user_id))) {  in fscrypt_destroy_user_key()
569         auto de_key_path = get_de_key_path(user_id);  in fscrypt_destroy_user_key()
678 static bool fscrypt_rewrap_user_key(userid_t user_id, int serial,  in fscrypt_rewrap_user_key()  argument
681     if (s_ephemeral_users.count(user_id) != 0) return true;  in fscrypt_rewrap_user_key()
682     auto const directory_path = get_ce_key_directory_path(user_id);  in fscrypt_rewrap_user_key()
693         LOG(ERROR) << "Failed to retrieve key for user " << user_id;  in fscrypt_rewrap_user_key()
705 bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token_hex,  in fscrypt_add_user_key_auth()  argument
707     LOG(DEBUG) << "fscrypt_add_user_key_auth " << user_id << " serial=" << serial  in fscrypt_add_user_key_auth()
712     return fscrypt_rewrap_user_key(user_id, serial, kEmptyAuthentication, *auth);  in fscrypt_add_user_key_auth()
715 bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& token_hex,  in fscrypt_clear_user_key_auth()  argument
717     LOG(DEBUG) << "fscrypt_clear_user_key_auth " << user_id << " serial=" << serial  in fscrypt_clear_user_key_auth()
722     return fscrypt_rewrap_user_key(user_id, serial, *auth, kEmptyAuthentication);  in fscrypt_clear_user_key_auth()
725 bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) {  in fscrypt_fixate_newest_user_key_auth()  argument
726     LOG(DEBUG) << "fscrypt_fixate_newest_user_key_auth " << user_id;  in fscrypt_fixate_newest_user_key_auth()
728     if (s_ephemeral_users.count(user_id) != 0) return true;  in fscrypt_fixate_newest_user_key_auth()
729     auto const directory_path = get_ce_key_directory_path(user_id);  in fscrypt_fixate_newest_user_key_auth()
732         LOG(ERROR) << "No ce keys present, cannot fixate for user " << user_id;  in fscrypt_fixate_newest_user_key_auth()
740 bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& token_hex,  in fscrypt_unlock_user_key()  argument
742     LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial  in fscrypt_unlock_user_key()
745         if (s_ce_policies.count(user_id) != 0) {  in fscrypt_unlock_user_key()
746             LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;  in fscrypt_unlock_user_key()
751         if (!read_and_install_user_ce_key(user_id, *auth)) {  in fscrypt_unlock_user_key()
752             LOG(ERROR) << "Couldn't read key for " << user_id;  in fscrypt_unlock_user_key()
759         if (!emulated_unlock(android::vold::BuildDataSystemCePath(user_id), 0771) ||  in fscrypt_unlock_user_key()
760             !emulated_unlock(android::vold::BuildDataMiscCePath(user_id), 01771) ||  in fscrypt_unlock_user_key()
761             !emulated_unlock(android::vold::BuildDataMediaCePath("", user_id), 0770) ||  in fscrypt_unlock_user_key()
762             !emulated_unlock(android::vold::BuildDataUserCePath("", user_id), 0771)) {  in fscrypt_unlock_user_key()
763             LOG(ERROR) << "Failed to unlock user " << user_id;  in fscrypt_unlock_user_key()
771 bool fscrypt_lock_user_key(userid_t user_id) {  in fscrypt_lock_user_key()  argument
772     LOG(DEBUG) << "fscrypt_lock_user_key " << user_id;  in fscrypt_lock_user_key()
774         return evict_ce_key(user_id);  in fscrypt_lock_user_key()
777         if (!emulated_lock(android::vold::BuildDataSystemCePath(user_id)) ||  in fscrypt_lock_user_key()
778             !emulated_lock(android::vold::BuildDataMiscCePath(user_id)) ||  in fscrypt_lock_user_key()
779             !emulated_lock(android::vold::BuildDataMediaCePath("", user_id)) ||  in fscrypt_lock_user_key()
780             !emulated_lock(android::vold::BuildDataUserCePath("", user_id))) {  in fscrypt_lock_user_key()
781             LOG(ERROR) << "Failed to lock user " << user_id;  in fscrypt_lock_user_key()
790                             userid_t user_id, int flags) {  in prepare_subdirs()  argument
793                                           std::to_string(user_id), std::to_string(flags)})) {  in prepare_subdirs()
800 bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,  in fscrypt_prepare_user_storage()  argument
803                << ", user " << user_id << ", serial " << serial << ", flags " << flags;  in fscrypt_prepare_user_storage()
807         auto system_legacy_path = android::vold::BuildDataSystemLegacyPath(user_id);  in fscrypt_prepare_user_storage()
808         auto misc_legacy_path = android::vold::BuildDataMiscLegacyPath(user_id);  in fscrypt_prepare_user_storage()
809         auto profiles_de_path = android::vold::BuildDataProfilesDePath(user_id);  in fscrypt_prepare_user_storage()
812         auto system_de_path = android::vold::BuildDataSystemDePath(user_id);  in fscrypt_prepare_user_storage()
813         auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);  in fscrypt_prepare_user_storage()
814         auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id);  in fscrypt_prepare_user_storage()
815         auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);  in fscrypt_prepare_user_storage()
820             if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),  in fscrypt_prepare_user_storage()
821                              multiuser_get_uid(user_id, AID_EVERYBODY)))  in fscrypt_prepare_user_storage()
835                 if (!lookup_policy(s_de_policies, user_id, &de_policy)) return false;  in fscrypt_prepare_user_storage()
848         auto system_ce_path = android::vold::BuildDataSystemCePath(user_id);  in fscrypt_prepare_user_storage()
849         auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id);  in fscrypt_prepare_user_storage()
850         auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id);  in fscrypt_prepare_user_storage()
851         auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);  in fscrypt_prepare_user_storage()
852         auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);  in fscrypt_prepare_user_storage()
865                 if (!lookup_policy(s_ce_policies, user_id, &ce_policy)) return false;  in fscrypt_prepare_user_storage()
885     if (!prepare_subdirs("prepare", volume_uuid, user_id, flags)) return false;  in fscrypt_prepare_user_storage()
890 bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags) {  in fscrypt_destroy_user_storage()  argument
892                << ", user " << user_id << ", flags " << flags;  in fscrypt_destroy_user_storage()
895     res &= prepare_subdirs("destroy", volume_uuid, user_id, flags);  in fscrypt_destroy_user_storage()
899         auto system_ce_path = android::vold::BuildDataSystemCePath(user_id);  in fscrypt_destroy_user_storage()
900         auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id);  in fscrypt_destroy_user_storage()
901         auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id);  in fscrypt_destroy_user_storage()
902         auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);  in fscrypt_destroy_user_storage()
903         auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);  in fscrypt_destroy_user_storage()
920         auto system_legacy_path = android::vold::BuildDataSystemLegacyPath(user_id);  in fscrypt_destroy_user_storage()
921         auto misc_legacy_path = android::vold::BuildDataMiscLegacyPath(user_id);  in fscrypt_destroy_user_storage()
922         auto profiles_de_path = android::vold::BuildDataProfilesDePath(user_id);  in fscrypt_destroy_user_storage()
925         auto system_de_path = android::vold::BuildDataSystemDePath(user_id);  in fscrypt_destroy_user_storage()
926         auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);  in fscrypt_destroy_user_storage()
927         auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id);  in fscrypt_destroy_user_storage()
928         auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);  in fscrypt_destroy_user_storage()