Merge "health.filesystem HAL renamed to health.storage"
diff --git a/Benchmark.cpp b/Benchmark.cpp
index dfe3366..7fbf92e 100644
--- a/Benchmark.cpp
+++ b/Benchmark.cpp
@@ -28,8 +28,8 @@
 
 #include <thread>
 
-#include <sys/time.h>
 #include <sys/resource.h>
+#include <sys/time.h>
 #include <unistd.h>
 
 using android::base::ReadFileToString;
@@ -50,12 +50,12 @@
 
 // RAII class for boosting device performance during benchmarks.
 class PerformanceBoost {
-private:
+  private:
     int orig_prio;
     int orig_ioprio;
     IoSchedClass orig_clazz;
 
-public:
+  public:
     PerformanceBoost() {
         errno = 0;
         orig_prio = getpriority(PRIO_PROCESS, 0);
@@ -87,8 +87,8 @@
 };
 
 static status_t benchmarkInternal(const std::string& rootPath,
-        const android::sp<android::os::IVoldTaskListener>& listener,
-        android::os::PersistableBundle* extras) {
+                                  const android::sp<android::os::IVoldTaskListener>& listener,
+                                  android::os::PersistableBundle* extras) {
     status_t res = 0;
 
     auto path = rootPath;
@@ -179,7 +179,7 @@
 }
 
 void Benchmark(const std::string& path,
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+               const android::sp<android::os::IVoldTaskListener>& listener) {
     std::lock_guard<std::mutex> lock(kBenchmarkLock);
     acquire_wake_lock(PARTIAL_WAKE_LOCK, kWakeLock);
 
diff --git a/Benchmark.h b/Benchmark.h
index 4f19b01..d5882cd 100644
--- a/Benchmark.h
+++ b/Benchmark.h
@@ -24,8 +24,10 @@
 namespace android {
 namespace vold {
 
+// clang-format off
 void Benchmark(const std::string& path,
-        const android::sp<android::os::IVoldTaskListener>& listener);
+               const android::sp<android::os::IVoldTaskListener>& listener);
+// clang-format on
 
 }  // namespace vold
 }  // namespace android
diff --git a/Devmapper.cpp b/Devmapper.cpp
index 2510771..e5c7e37 100644
--- a/Devmapper.cpp
+++ b/Devmapper.cpp
@@ -16,23 +16,22 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
+#include <errno.h>
+#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
 #include <string.h>
-#include <stdlib.h>
+#include <unistd.h>
 
-#include <sys/types.h>
 #include <sys/ioctl.h>
 #include <sys/stat.h>
+#include <sys/types.h>
 
 #include <linux/kdev_t.h>
 
 #include <android-base/logging.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 #include <utils/Trace.h>
 
 #include "Devmapper.h"
@@ -43,8 +42,7 @@
 
 static const char* kVoldPrefix = "vold:";
 
-void Devmapper::ioctlInit(struct dm_ioctl *io, size_t dataSize,
-                          const char *name, unsigned flags) {
+void Devmapper::ioctlInit(struct dm_ioctl* io, size_t dataSize, const char* name, unsigned flags) {
     memset(io, 0, dataSize);
     io->data_size = dataSize;
     io->data_start = sizeof(struct dm_ioctl);
@@ -54,17 +52,16 @@
     io->flags = flags;
     if (name) {
         size_t ret = strlcpy(io->name, name, sizeof(io->name));
-        if (ret >= sizeof(io->name))
-            abort();
+        if (ret >= sizeof(io->name)) abort();
     }
 }
 
-int Devmapper::create(const char *name_raw, const char *loopFile, const char *key,
-                      unsigned long numSectors, char *ubuffer, size_t len) {
+int Devmapper::create(const char* name_raw, const char* loopFile, const char* key,
+                      unsigned long numSectors, char* ubuffer, size_t len) {
     auto name_string = StringPrintf("%s%s", kVoldPrefix, name_raw);
     const char* name = name_string.c_str();
 
-    char *buffer = (char *) malloc(DEVMAPPER_BUFFER_SIZE);
+    char* buffer = (char*)malloc(DEVMAPPER_BUFFER_SIZE);
     if (!buffer) {
         PLOG(ERROR) << "Failed malloc";
         return -1;
@@ -77,8 +74,8 @@
         return -1;
     }
 
-    struct dm_ioctl *io = (struct dm_ioctl *) buffer;
- 
+    struct dm_ioctl* io = (struct dm_ioctl*)buffer;
+
     // Create the DM device
     ioctlInit(io, DEVMAPPER_BUFFER_SIZE, name, 0);
 
@@ -92,11 +89,11 @@
     // Set the legacy geometry
     ioctlInit(io, DEVMAPPER_BUFFER_SIZE, name, 0);
 
-    char *geoParams = buffer + sizeof(struct dm_ioctl);
+    char* geoParams = buffer + sizeof(struct dm_ioctl);
     // bps=512 spc=8 res=32 nft=2 sec=8190 mid=0xf0 spt=63 hds=64 hid=0 bspf=8 rdcl=2 infs=1 bkbs=2
     strlcpy(geoParams, "0 64 63 0", DEVMAPPER_BUFFER_SIZE - sizeof(struct dm_ioctl));
     geoParams += strlen(geoParams) + 1;
-    geoParams = (char *) _align(geoParams, 8);
+    geoParams = (char*)_align(geoParams, 8);
     if (ioctl(fd, DM_DEV_SET_GEOMETRY, io)) {
         PLOG(ERROR) << "Failed DM_DEV_SET_GEOMETRY";
         free(buffer);
@@ -117,8 +114,8 @@
     snprintf(ubuffer, len, "/dev/block/dm-%u", minor);
 
     // Load the table
-    struct dm_target_spec *tgt;
-    tgt = (struct dm_target_spec *) &buffer[sizeof(struct dm_ioctl)];
+    struct dm_target_spec* tgt;
+    tgt = (struct dm_target_spec*)&buffer[sizeof(struct dm_ioctl)];
 
     ioctlInit(io, DEVMAPPER_BUFFER_SIZE, name, DM_STATUS_TABLE_FLAG);
     io->target_count = 1;
@@ -129,12 +126,12 @@
 
     strlcpy(tgt->target_type, "crypt", sizeof(tgt->target_type));
 
-    char *cryptParams = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
+    char* cryptParams = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
     snprintf(cryptParams,
-            DEVMAPPER_BUFFER_SIZE - (sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec)),
-            "twofish %s 0 %s 0", key, loopFile);
+             DEVMAPPER_BUFFER_SIZE - (sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec)),
+             "twofish %s 0 %s 0", key, loopFile);
     cryptParams += strlen(cryptParams) + 1;
-    cryptParams = (char *) _align(cryptParams, 8);
+    cryptParams = (char*)_align(cryptParams, 8);
     tgt->next = cryptParams - buffer;
 
     if (ioctl(fd, DM_TABLE_LOAD, io)) {
@@ -160,11 +157,11 @@
     return 0;
 }
 
-int Devmapper::destroy(const char *name_raw) {
+int Devmapper::destroy(const char* name_raw) {
     auto name_string = StringPrintf("%s%s", kVoldPrefix, name_raw);
     const char* name = name_string.c_str();
 
-    char *buffer = (char *) malloc(DEVMAPPER_BUFFER_SIZE);
+    char* buffer = (char*)malloc(DEVMAPPER_BUFFER_SIZE);
     if (!buffer) {
         PLOG(ERROR) << "Failed malloc";
         return -1;
@@ -177,8 +174,8 @@
         return -1;
     }
 
-    struct dm_ioctl *io = (struct dm_ioctl *) buffer;
- 
+    struct dm_ioctl* io = (struct dm_ioctl*)buffer;
+
     // Create the DM device
     ioctlInit(io, DEVMAPPER_BUFFER_SIZE, name, 0);
 
@@ -198,14 +195,14 @@
 
 int Devmapper::destroyAll() {
     ATRACE_NAME("Devmapper::destroyAll");
-    char *buffer = (char *) malloc(1024 * 64);
+    char* buffer = (char*)malloc(1024 * 64);
     if (!buffer) {
         PLOG(ERROR) << "Failed malloc";
         return -1;
     }
     memset(buffer, 0, (1024 * 64));
 
-    char *buffer2 = (char *) malloc(DEVMAPPER_BUFFER_SIZE);
+    char* buffer2 = (char*)malloc(DEVMAPPER_BUFFER_SIZE);
     if (!buffer2) {
         PLOG(ERROR) << "Failed malloc";
         free(buffer);
@@ -220,7 +217,7 @@
         return -1;
     }
 
-    struct dm_ioctl *io = (struct dm_ioctl *) buffer;
+    struct dm_ioctl* io = (struct dm_ioctl*)buffer;
     ioctlInit(io, (1024 * 64), NULL, 0);
 
     if (ioctl(fd, DM_LIST_DEVICES, io)) {
@@ -231,7 +228,7 @@
         return -1;
     }
 
-    struct dm_name_list *n = (struct dm_name_list *) (((char *) buffer) + io->data_start);
+    struct dm_name_list* n = (struct dm_name_list*)(((char*)buffer) + io->data_start);
     if (!n->dev) {
         free(buffer);
         free(buffer2);
@@ -241,13 +238,13 @@
 
     unsigned nxt = 0;
     do {
-        n = (struct dm_name_list *) (((char *) n) + nxt);
+        n = (struct dm_name_list*)(((char*)n) + nxt);
         auto name = std::string(n->name);
         if (android::base::StartsWith(name, kVoldPrefix)) {
             LOG(DEBUG) << "Tearing down stale dm device named " << name;
 
             memset(buffer2, 0, DEVMAPPER_BUFFER_SIZE);
-            struct dm_ioctl *io2 = (struct dm_ioctl *) buffer2;
+            struct dm_ioctl* io2 = (struct dm_ioctl*)buffer2;
             ioctlInit(io2, DEVMAPPER_BUFFER_SIZE, n->name, 0);
             if (ioctl(fd, DM_DEV_REMOVE, io2)) {
                 if (errno != ENXIO) {
@@ -266,9 +263,8 @@
     return 0;
 }
 
-void *Devmapper::_align(void *ptr, unsigned int a)
-{
-        unsigned long agn = --a;
+void* Devmapper::_align(void* ptr, unsigned int a) {
+    unsigned long agn = --a;
 
-        return (void *) (((unsigned long) ptr + agn) & ~agn);
+    return (void*)(((unsigned long)ptr + agn) & ~agn);
 }
diff --git a/Devmapper.h b/Devmapper.h
index 7bb9786..b1f6dfa 100644
--- a/Devmapper.h
+++ b/Devmapper.h
@@ -17,20 +17,19 @@
 #ifndef _DEVMAPPER_H
 #define _DEVMAPPER_H
 
-#include <unistd.h>
 #include <linux/dm-ioctl.h>
+#include <unistd.h>
 
 class Devmapper {
-public:
-    static int create(const char *name, const char *loopFile, const char *key,
-                      unsigned long numSectors, char *buffer, size_t len);
-    static int destroy(const char *name);
+  public:
+    static int create(const char* name, const char* loopFile, const char* key,
+                      unsigned long numSectors, char* buffer, size_t len);
+    static int destroy(const char* name);
     static int destroyAll();
 
-private:
-    static void *_align(void *ptr, unsigned int a);
-    static void ioctlInit(struct dm_ioctl *io, size_t data_size,
-                          const char *name, unsigned flags);
+  private:
+    static void* _align(void* ptr, unsigned int a);
+    static void ioctlInit(struct dm_ioctl* io, size_t data_size, const char* name, unsigned flags);
 };
 
 #endif
diff --git a/EncryptInplace.cpp b/EncryptInplace.cpp
index 6462dbf..7f0d770 100644
--- a/EncryptInplace.cpp
+++ b/EncryptInplace.cpp
@@ -16,16 +16,16 @@
 
 #include "EncryptInplace.h"
 
-#include <stdio.h>
-#include <stdint.h>
-#include <inttypes.h>
-#include <time.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
 #include <ext4_utils/ext4.h>
 #include <ext4_utils/ext4_utils.h>
 #include <f2fs_sparseblock.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
 
 #include <algorithm>
 
@@ -36,13 +36,11 @@
 #include "cryptfs.h"
 
 // FIXME horrible cut-and-paste code
-static inline int unix_read(int  fd, void*  buff, int  len)
-{
+static inline int unix_read(int fd, void* buff, int len) {
     return TEMP_FAILURE_RETRY(read(fd, buff, len));
 }
 
-static inline int unix_write(int  fd, const void*  buff, int  len)
-{
+static inline int unix_write(int fd, const void* buff, int len) {
     return TEMP_FAILURE_RETRY(write(fd, buff, len));
 }
 
@@ -57,15 +55,14 @@
 #define BLOCKS_AT_A_TIME 1024
 #endif
 
-struct encryptGroupsData
-{
+struct encryptGroupsData {
     int realfd;
     int cryptofd;
     off64_t numblocks;
     off64_t one_pct, cur_pct, new_pct;
     off64_t blocks_already_done, tot_numblocks;
     off64_t used_blocks_already_done, tot_used_blocks;
-    char* real_blkdev, * crypto_blkdev;
+    char *real_blkdev, *crypto_blkdev;
     int count;
     off64_t offset;
     char* buffer;
@@ -76,8 +73,7 @@
     bool set_progress_properties;
 };
 
-static void update_progress(struct encryptGroupsData* data, int is_used)
-{
+static void update_progress(struct encryptGroupsData* data, int is_used) {
     data->blocks_already_done++;
 
     if (is_used) {
@@ -104,16 +100,14 @@
             LOG(WARNING) << "Error getting time";
         } else {
             double elapsed_time = difftime(time_now.tv_sec, data->time_started);
-            off64_t remaining_blocks = data->tot_used_blocks
-                                       - data->used_blocks_already_done;
-            int remaining_time = (int)(elapsed_time * remaining_blocks
-                                       / data->used_blocks_already_done);
+            off64_t remaining_blocks = data->tot_used_blocks - data->used_blocks_already_done;
+            int remaining_time =
+                (int)(elapsed_time * remaining_blocks / data->used_blocks_already_done);
 
             // Change time only if not yet set, lower, or a lot higher for
             // best user experience
-            if (data->remaining_time == -1
-                || remaining_time < data->remaining_time
-                || remaining_time > data->remaining_time + 60) {
+            if (data->remaining_time == -1 || remaining_time < data->remaining_time ||
+                remaining_time > data->remaining_time + 60) {
                 char buf[8];
                 snprintf(buf, sizeof(buf), "%d", remaining_time);
                 android::base::SetProperty("vold.encrypt_time_remaining", buf);
@@ -123,8 +117,7 @@
     }
 }
 
-static void log_progress(struct encryptGroupsData const* data, bool completed)
-{
+static void log_progress(struct encryptGroupsData const* data, bool completed) {
     // Precondition - if completed data = 0 else data != 0
 
     // Track progress so we can skip logging blocks
@@ -147,8 +140,7 @@
     }
 }
 
-static int flush_outstanding_data(struct encryptGroupsData* data)
-{
+static int flush_outstanding_data(struct encryptGroupsData* data) {
     if (data->count == 0) {
         return 0;
     }
@@ -165,30 +157,29 @@
                    << " for inplace encrypt";
         return -1;
     } else {
-      log_progress(data, false);
+        log_progress(data, false);
     }
 
     data->count = 0;
-    data->last_written_sector = (data->offset + data->count)
-                                / info.block_size * CRYPT_SECTOR_SIZE - 1;
+    data->last_written_sector =
+        (data->offset + data->count) / info.block_size * CRYPT_SECTOR_SIZE - 1;
     return 0;
 }
 
-static int encrypt_groups(struct encryptGroupsData* data)
-{
+static int encrypt_groups(struct encryptGroupsData* data) {
     unsigned int i;
-    u8 *block_bitmap = 0;
+    u8* block_bitmap = 0;
     unsigned int block;
     off64_t ret;
     int rc = -1;
 
-    data->buffer = (char*) malloc(info.block_size * BLOCKS_AT_A_TIME);
+    data->buffer = (char*)malloc(info.block_size * BLOCKS_AT_A_TIME);
     if (!data->buffer) {
         LOG(ERROR) << "Failed to allocate crypto buffer";
         goto errout;
     }
 
-    block_bitmap = (u8*) malloc(info.block_size);
+    block_bitmap = (u8*)malloc(info.block_size);
     if (!block_bitmap) {
         LOG(ERROR) << "failed to allocate block bitmap";
         goto errout;
@@ -198,11 +189,9 @@
         LOG(INFO) << "Encrypting group " << i;
 
         u32 first_block = aux_info.first_data_block + i * info.blocks_per_group;
-        u32 block_count = std::min(info.blocks_per_group,
-                             (u32)(aux_info.len_blocks - first_block));
+        u32 block_count = std::min(info.blocks_per_group, (u32)(aux_info.len_blocks - first_block));
 
-        off64_t offset = (u64)info.block_size
-                         * aux_info.bg_desc[i].bg_block_bitmap;
+        off64_t offset = (u64)info.block_size * aux_info.bg_desc[i].bg_block_bitmap;
 
         ret = pread64(data->realfd, block_bitmap, info.block_size, offset);
         if (ret != (int)info.block_size) {
@@ -215,8 +204,9 @@
         data->count = 0;
 
         for (block = 0; block < block_count; block++) {
-            int used = (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT) ?
-                    0 : bitmap_get_bit(block_bitmap, block);
+            int used = (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT)
+                           ? 0
+                           : bitmap_get_bit(block_bitmap, block);
             update_progress(data, used);
             if (used) {
                 if (data->count == 0) {
@@ -232,8 +222,8 @@
             offset += info.block_size;
 
             /* Write data if we are aligned or buffer size reached */
-            if (offset % (info.block_size * BLOCKS_AT_A_TIME) == 0
-                || data->count == BLOCKS_AT_A_TIME) {
+            if (offset % (info.block_size * BLOCKS_AT_A_TIME) == 0 ||
+                data->count == BLOCKS_AT_A_TIME) {
                 if (flush_outstanding_data(data)) {
                     goto errout;
                 }
@@ -260,7 +250,7 @@
                                        bool set_progress_properties) {
     u32 i;
     struct encryptGroupsData data;
-    int rc; // Can't initialize without causing warning -Wclobbered
+    int rc;  // Can't initialize without causing warning -Wclobbered
     int retries = RETRY_MOUNT_ATTEMPTS;
     struct timespec time_started = {0};
 
@@ -275,7 +265,7 @@
     data.set_progress_properties = set_progress_properties;
 
     LOG(DEBUG) << "Opening" << real_blkdev;
-    if ( (data.realfd = open(real_blkdev, O_RDWR|O_CLOEXEC)) < 0) {
+    if ((data.realfd = open(real_blkdev, O_RDWR | O_CLOEXEC)) < 0) {
         PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for inplace encrypt";
         rc = -1;
         goto errout;
@@ -283,7 +273,7 @@
 
     LOG(DEBUG) << "Opening" << crypto_blkdev;
     // Wait until the block device appears.  Re-use the mount retry values since it is reasonable.
-    while ((data.cryptofd = open(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
+    while ((data.cryptofd = open(crypto_blkdev, O_WRONLY | O_CLOEXEC)) < 0) {
         if (--retries) {
             PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
                         << " for ext4 inplace encrypt, retrying";
@@ -296,7 +286,7 @@
         }
     }
 
-    if (setjmp(setjmp_env)) { // NOLINT
+    if (setjmp(setjmp_env)) {  // NOLINT
         LOG(ERROR) << "Reading ext4 extent caused an exception";
         rc = -1;
         goto errout;
@@ -316,7 +306,7 @@
 
     data.tot_used_blocks = data.numblocks;
     for (i = 0; i < aux_info.groups; ++i) {
-      data.tot_used_blocks -= aux_info.bg_desc[i].bg_free_blocks_count;
+        data.tot_used_blocks -= aux_info.bg_desc[i].bg_free_blocks_count;
     }
 
     data.one_pct = data.tot_used_blocks / 100;
@@ -345,8 +335,7 @@
     return rc;
 }
 
-static void log_progress_f2fs(u64 block, bool completed)
-{
+static void log_progress_f2fs(u64 block, bool completed) {
     // Precondition - if completed data = 0 else data != 0
 
     // Track progress so we can skip logging blocks
@@ -369,9 +358,8 @@
     }
 }
 
-static int encrypt_one_block_f2fs(u64 pos, void *data)
-{
-    struct encryptGroupsData *priv_dat = (struct encryptGroupsData *)data;
+static int encrypt_one_block_f2fs(u64 pos, void* data) {
+    struct encryptGroupsData* priv_dat = (struct encryptGroupsData*)data;
 
     priv_dat->blocks_already_done = pos - 1;
     update_progress(priv_dat, 1);
@@ -400,7 +388,7 @@
                                        off64_t previously_encrypted_upto,
                                        bool set_progress_properties) {
     struct encryptGroupsData data;
-    struct f2fs_info *f2fs_info = NULL;
+    struct f2fs_info* f2fs_info = NULL;
     int rc = ENABLE_INPLACE_ERR_OTHER;
     if (previously_encrypted_upto > *size_already_done) {
         LOG(DEBUG) << "Not fast encrypting since resuming part way through";
@@ -412,11 +400,11 @@
     data.set_progress_properties = set_progress_properties;
     data.realfd = -1;
     data.cryptofd = -1;
-    if ( (data.realfd = open64(real_blkdev, O_RDWR|O_CLOEXEC)) < 0) {
+    if ((data.realfd = open64(real_blkdev, O_RDWR | O_CLOEXEC)) < 0) {
         PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for f2fs inplace encrypt";
         goto errout;
     }
-    if ( (data.cryptofd = open64(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
+    if ((data.cryptofd = open64(crypto_blkdev, O_WRONLY | O_CLOEXEC)) < 0) {
         PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
                     << " for f2fs inplace encrypt";
         rc = ENABLE_INPLACE_ERR_DEV;
@@ -424,8 +412,7 @@
     }
 
     f2fs_info = generate_f2fs_info(data.realfd);
-    if (!f2fs_info)
-      goto errout;
+    if (!f2fs_info) goto errout;
 
     data.numblocks = size / CRYPT_SECTORS_PER_BUFSIZE;
     data.tot_numblocks = tot_size / CRYPT_SECTORS_PER_BUFSIZE;
@@ -438,7 +425,7 @@
     data.time_started = time(NULL);
     data.remaining_time = -1;
 
-    data.buffer = (char*) malloc(f2fs_info->block_size);
+    data.buffer = (char*)malloc(f2fs_info->block_size);
     if (!data.buffer) {
         LOG(ERROR) << "Failed to allocate crypto buffer";
         goto errout;
@@ -475,18 +462,18 @@
                                        off64_t previously_encrypted_upto,
                                        bool set_progress_properties) {
     int realfd, cryptofd;
-    char *buf[CRYPT_INPLACE_BUFSIZE];
+    char* buf[CRYPT_INPLACE_BUFSIZE];
     int rc = ENABLE_INPLACE_ERR_OTHER;
     off64_t numblocks, i, remainder;
     off64_t one_pct, cur_pct, new_pct;
     off64_t blocks_already_done, tot_numblocks;
 
-    if ( (realfd = open(real_blkdev, O_RDONLY|O_CLOEXEC)) < 0) {
+    if ((realfd = open(real_blkdev, O_RDONLY | O_CLOEXEC)) < 0) {
         PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for inplace encrypt";
         return ENABLE_INPLACE_ERR_OTHER;
     }
 
-    if ( (cryptofd = open(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
+    if ((cryptofd = open(crypto_blkdev, O_WRONLY | O_CLOEXEC)) < 0) {
         PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev << " for inplace encrypt";
         close(realfd);
         return ENABLE_INPLACE_ERR_DEV;
@@ -516,7 +503,7 @@
         goto errout;
     }
 
-    for (;i < size && i % CRYPT_SECTORS_PER_BUFSIZE != 0; ++i) {
+    for (; i < size && i % CRYPT_SECTORS_PER_BUFSIZE != 0; ++i) {
         if (unix_read(realfd, buf, CRYPT_SECTOR_SIZE) <= 0) {
             PLOG(ERROR) << "Error reading initial sectors from real_blkdev " << real_blkdev
                         << " for inplace encrypt";
@@ -534,7 +521,7 @@
     one_pct = tot_numblocks / 100;
     cur_pct = 0;
     /* process the majority of the filesystem in blocks */
-    for (i/=CRYPT_SECTORS_PER_BUFSIZE; i<numblocks; i++) {
+    for (i /= CRYPT_SECTORS_PER_BUFSIZE; i < numblocks; i++) {
         new_pct = (i + blocks_already_done) / one_pct;
         if (set_progress_properties && new_pct > cur_pct) {
             char buf[8];
@@ -557,7 +544,7 @@
     }
 
     /* Do any remaining sectors */
-    for (i=0; i<remainder; i++) {
+    for (i = 0; i < remainder; i++) {
         if (unix_read(realfd, buf, CRYPT_SECTOR_SIZE) <= 0) {
             LOG(ERROR) << "Error reading final sectors from real_blkdev " << real_blkdev
                        << " for inplace encrypt";
@@ -626,9 +613,8 @@
     LOG(DEBUG) << "cryptfs_enable_inplace_full()=" << rc_full;
 
     /* Hack for b/17898962, the following is the symptom... */
-    if (rc_ext4 == ENABLE_INPLACE_ERR_DEV
-        && rc_f2fs == ENABLE_INPLACE_ERR_DEV
-        && rc_full == ENABLE_INPLACE_ERR_DEV) {
+    if (rc_ext4 == ENABLE_INPLACE_ERR_DEV && rc_f2fs == ENABLE_INPLACE_ERR_DEV &&
+        rc_full == ENABLE_INPLACE_ERR_DEV) {
         LOG(DEBUG) << "ENABLE_INPLACE_ERR_DEV";
         return ENABLE_INPLACE_ERR_DEV;
     }
diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 67b7e90..21071d4 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -31,12 +31,12 @@
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <unistd.h>
 #include <limits.h>
 #include <selinux/android.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
 #include <sys/types.h>
+#include <unistd.h>
 
 #include <private/android_filesystem_config.h>
 
@@ -93,7 +93,7 @@
 // TODO abolish this map, per b/26948053
 std::map<userid_t, KeyBuffer> s_ce_keys;
 
-}
+}  // namespace
 
 static bool e4crypt_is_emulated() {
     return property_get_bool("persist.sys.emulate_fbe", false);
@@ -145,8 +145,7 @@
 }
 
 static bool get_ce_key_new_path(const std::string& directory_path,
-                                const std::vector<std::string>& paths,
-                                std::string *ce_key_path) {
+                                const std::vector<std::string>& paths, std::string* ce_key_path) {
     if (paths.empty()) {
         *ce_key_path = get_ce_key_current_path(directory_path);
         return true;
@@ -163,9 +162,9 @@
 
 // Discard all keys but the named one; rename it to canonical name.
 // No point in acting on errors in this; ignore them.
-static void fixate_user_ce_key(const std::string& directory_path, const std::string &to_fix,
+static void fixate_user_ce_key(const std::string& directory_path, const std::string& to_fix,
                                const std::vector<std::string>& paths) {
-    for (auto const other_path: paths) {
+    for (auto const other_path : paths) {
         if (other_path != to_fix) {
             android::vold::destroyKey(other_path);
         }
@@ -181,10 +180,10 @@
 
 static bool read_and_fixate_user_ce_key(userid_t user_id,
                                         const android::vold::KeyAuthentication& auth,
-                                        KeyBuffer *ce_key) {
+                                        KeyBuffer* ce_key) {
     auto const directory_path = get_ce_key_directory_path(user_id);
     auto const paths = get_ce_key_paths(directory_path);
-    for (auto const ce_key_path: paths) {
+    for (auto const ce_key_path : paths) {
         LOG(DEBUG) << "Trying user CE key " << ce_key_path;
         if (android::vold::retrieveKey(ce_key_path, auth, ce_key)) {
             LOG(DEBUG) << "Successfully retrieved key";
@@ -242,12 +241,14 @@
         auto const paths = get_ce_key_paths(directory_path);
         std::string ce_key_path;
         if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
-        if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp,
-                kEmptyAuthentication, ce_key)) return false;
+        if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, kEmptyAuthentication,
+                                               ce_key))
+            return false;
         fixate_user_ce_key(directory_path, ce_key_path, paths);
         // Write DE key second; once this is written, all is good.
         if (!android::vold::storeKeyAtomically(get_de_key_path(user_id), user_key_temp,
-                kEmptyAuthentication, de_key)) return false;
+                                               kEmptyAuthentication, de_key))
+            return false;
     }
     std::string de_raw_ref;
     if (!android::vold::installKey(de_key, &de_raw_ref)) return false;
@@ -440,14 +441,14 @@
     bool success = true;
     std::string raw_ref;
     success &= evict_ce_key(user_id);
-    success &= lookup_key_ref(s_de_key_raw_refs, user_id, &raw_ref)
-        && android::vold::evictKey(raw_ref);
+    success &=
+        lookup_key_ref(s_de_key_raw_refs, user_id, &raw_ref) && android::vold::evictKey(raw_ref);
     s_de_key_raw_refs.erase(user_id);
     auto it = s_ephemeral_users.find(user_id);
     if (it != s_ephemeral_users.end()) {
         s_ephemeral_users.erase(it);
     } else {
-        for (auto const path: get_ce_key_paths(get_ce_key_directory_path(user_id))) {
+        for (auto const path : get_ce_key_paths(get_ce_key_directory_path(user_id))) {
             success &= android::vold::destroyKey(path);
         }
         auto de_key_path = get_de_key_path(user_id);
@@ -556,14 +557,14 @@
     std::string token, secret;
     if (!parse_hex(token_hex, &token)) return false;
     if (!parse_hex(secret_hex, &secret)) return false;
-    auto auth = secret.empty() ? kEmptyAuthentication
-                                   : android::vold::KeyAuthentication(token, secret);
+    auto auth =
+        secret.empty() ? kEmptyAuthentication : android::vold::KeyAuthentication(token, secret);
     auto it = s_ce_keys.find(user_id);
     if (it == s_ce_keys.end()) {
         LOG(ERROR) << "Key not loaded into memory, can't change for user " << user_id;
         return false;
     }
-    const auto &ce_key = it->second;
+    const auto& ce_key = it->second;
     auto const directory_path = get_ce_key_directory_path(user_id);
     auto const paths = get_ce_key_paths(directory_path);
     std::string ce_key_path;
@@ -670,7 +671,8 @@
             if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
 #if MANAGE_MISC_DIRS
             if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),
-                    multiuser_get_uid(user_id, AID_EVERYBODY))) return false;
+                             multiuser_get_uid(user_id, AID_EVERYBODY)))
+                return false;
 #endif
             if (!prepare_dir(profiles_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
 
diff --git a/FileDeviceUtils.cpp b/FileDeviceUtils.cpp
index bc9f4bd..ce938a9 100644
--- a/FileDeviceUtils.cpp
+++ b/FileDeviceUtils.cpp
@@ -16,15 +16,15 @@
 
 #include "FileDeviceUtils.h"
 
+#include <errno.h>
+#include <fcntl.h>
+#include <linux/fiemap.h>
+#include <linux/fs.h>
+#include <mntent.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
-#include <sys/types.h>
 #include <sys/stat.h>
-#include <fcntl.h>
-#include <linux/fs.h>
-#include <linux/fiemap.h>
-#include <mntent.h>
+#include <sys/types.h>
 
 #include <android-base/file.h>
 #include <android-base/logging.h>
@@ -40,38 +40,33 @@
 namespace vold {
 
 // Given a file path, look for the corresponding block device in /proc/mount
-std::string BlockDeviceForPath(const std::string &path)
-{
-    std::unique_ptr<FILE, int(*)(FILE*)> mnts(setmntent("/proc/mounts", "re"), endmntent);
+std::string BlockDeviceForPath(const std::string& path) {
+    std::unique_ptr<FILE, int (*)(FILE*)> mnts(setmntent("/proc/mounts", "re"), endmntent);
     if (!mnts) {
         PLOG(ERROR) << "Unable to open /proc/mounts";
         return "";
     }
     std::string result;
     size_t best_length = 0;
-    struct mntent *mnt; // getmntent returns a thread local, so it's safe.
+    struct mntent* mnt;  // getmntent returns a thread local, so it's safe.
     while ((mnt = getmntent(mnts.get())) != nullptr) {
         auto l = strlen(mnt->mnt_dir);
-        if (l > best_length &&
-            path.size() > l &&
-            path[l] == '/' &&
+        if (l > best_length && path.size() > l && path[l] == '/' &&
             path.compare(0, l, mnt->mnt_dir) == 0) {
-                result = mnt->mnt_fsname;
-                best_length = l;
+            result = mnt->mnt_fsname;
+            best_length = l;
         }
     }
     if (result.empty()) {
-        LOG(ERROR) <<"Didn't find a mountpoint to match path " << path;
+        LOG(ERROR) << "Didn't find a mountpoint to match path " << path;
         return "";
     }
     LOG(DEBUG) << "For path " << path << " block device is " << result;
     return result;
 }
 
-std::unique_ptr<struct fiemap> PathFiemap(const std::string &path, uint32_t extent_count)
-{
-    android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(
-        path.c_str(), O_RDONLY | O_CLOEXEC, 0)));
+std::unique_ptr<struct fiemap> PathFiemap(const std::string& path, uint32_t extent_count) {
+    android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(path.c_str(), O_RDONLY | O_CLOEXEC, 0)));
     if (fd == -1) {
         if (errno == ENOENT) {
             PLOG(DEBUG) << "Unable to open " << path;
@@ -88,7 +83,7 @@
     auto mapped = fiemap->fm_mapped_extents;
     if (mapped < 1 || mapped > extent_count) {
         LOG(ERROR) << "Extent count not in bounds 1 <= " << mapped << " <= " << extent_count
-            << " in " << path;
+                   << " in " << path;
         return nullptr;
     }
     return fiemap;
@@ -99,10 +94,9 @@
 
 namespace {
 
-std::unique_ptr<struct fiemap> alloc_fiemap(uint32_t extent_count)
-{
+std::unique_ptr<struct fiemap> alloc_fiemap(uint32_t extent_count) {
     size_t allocsize = offsetof(struct fiemap, fm_extents[extent_count]);
-    std::unique_ptr<struct fiemap> res(new (::operator new (allocsize)) struct fiemap);
+    std::unique_ptr<struct fiemap> res(new (::operator new(allocsize)) struct fiemap);
     memset(res.get(), 0, allocsize);
     res->fm_start = 0;
     res->fm_length = UINT64_MAX;
@@ -112,4 +106,4 @@
     return res;
 }
 
-}
+}  // namespace
diff --git a/FileDeviceUtils.h b/FileDeviceUtils.h
index 4c1d49a..4428cef 100644
--- a/FileDeviceUtils.h
+++ b/FileDeviceUtils.h
@@ -17,17 +17,17 @@
 #ifndef ANDROID_VOLD_FILEDEVICEUTILS_H
 #define ANDROID_VOLD_FILEDEVICEUTILS_H
 
-#include <string>
 #include <linux/fiemap.h>
+#include <string>
 
 namespace android {
 namespace vold {
 
 // Given a file path, look for the corresponding block device in /proc/mount
-std::string BlockDeviceForPath(const std::string &path);
+std::string BlockDeviceForPath(const std::string& path);
 
 // Read the file's FIEMAP
-std::unique_ptr<struct fiemap> PathFiemap(const std::string &path, uint32_t extent_count);
+std::unique_ptr<struct fiemap> PathFiemap(const std::string& path, uint32_t extent_count);
 
 }  // namespace vold
 }  // namespace android
diff --git a/IdleMaint.cpp b/IdleMaint.cpp
index c5baa9e..79894fc 100644
--- a/IdleMaint.cpp
+++ b/IdleMaint.cpp
@@ -33,11 +33,11 @@
 #include <private/android_filesystem_config.h>
 
 #include <dirent.h>
+#include <fcntl.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
-#include <fcntl.h>
 
 using android::base::Basename;
 using android::base::ReadFileToString;
@@ -80,8 +80,7 @@
 static std::condition_variable cv_abort, cv_stop;
 static std::mutex cv_m;
 
-static void addFromVolumeManager(std::list<std::string>* paths,
-                                 PathTypes path_type) {
+static void addFromVolumeManager(std::list<std::string>* paths, PathTypes path_type) {
     VolumeManager* vm = VolumeManager::Instance();
     std::list<std::string> privateIds;
     vm->listVolumes(VolumeBase::Type::kPrivate, privateIds);
@@ -95,11 +94,9 @@
                 const std::string& fs_type = vol->getFsType();
                 if (fs_type == "f2fs" && (Realpath(vol->getRawDmDevPath(), &gc_path) ||
                                           Realpath(vol->getRawDevPath(), &gc_path))) {
-                    paths->push_back(std::string("/sys/fs/") + fs_type +
-                                     "/" + Basename(gc_path));
+                    paths->push_back(std::string("/sys/fs/") + fs_type + "/" + Basename(gc_path));
                 }
             }
-
         }
     }
 }
@@ -107,7 +104,7 @@
 static void addFromFstab(std::list<std::string>* paths, PathTypes path_type) {
     std::unique_ptr<fstab, decltype(&fs_mgr_free_fstab)> fstab(fs_mgr_read_fstab_default(),
                                                                fs_mgr_free_fstab);
-    struct fstab_rec *prev_rec = NULL;
+    struct fstab_rec* prev_rec = NULL;
 
     for (int i = 0; i < fstab->num_entries; i++) {
         auto fs_type = std::string(fstab->recs[i].fs_type);
@@ -138,10 +135,11 @@
         } else if (path_type == PathTypes::kBlkDevice) {
             std::string gc_path;
             if (std::string(fstab->recs[i].fs_type) == "f2fs" &&
-                Realpath(android::vold::BlockDeviceForPath(
-                    std::string(fstab->recs[i].mount_point) + "/"), &gc_path)) {
-                paths->push_back(std::string("/sys/fs/") + fstab->recs[i].fs_type +
-                                 "/" + Basename(gc_path));
+                Realpath(
+                    android::vold::BlockDeviceForPath(std::string(fstab->recs[i].mount_point) + "/"),
+                    &gc_path)) {
+                paths->push_back(std::string("/sys/fs/") + fstab->recs[i].fs_type + "/" +
+                                 Basename(gc_path));
             }
         }
 
@@ -184,8 +182,8 @@
             }
         } else {
             nsecs_t time = systemTime(SYSTEM_TIME_BOOTTIME) - start;
-            LOG(INFO) << "Trimmed " << range.len << " bytes on " << path
-                    << " in " << nanoseconds_to_milliseconds(time) << "ms";
+            LOG(INFO) << "Trimmed " << range.len << " bytes on " << path << " in "
+                      << nanoseconds_to_milliseconds(time) << "ms";
             extras.putLong(String16("bytes"), range.len);
             extras.putLong(String16("time"), time);
             if (listener) {
@@ -230,8 +228,8 @@
         }
 
         lk.lock();
-        aborted = cv_abort.wait_for(lk, 10s, []{
-            return idle_maint_stat == IdleMaintStats::kAbort;});
+        aborted =
+            cv_abort.wait_for(lk, 10s, [] { return idle_maint_stat == IdleMaintStats::kAbort; });
         lk.unlock();
     }
 
@@ -267,7 +265,7 @@
 static void runDevGcFstab(void) {
     std::unique_ptr<fstab, decltype(&fs_mgr_free_fstab)> fstab(fs_mgr_read_fstab_default(),
                                                                fs_mgr_free_fstab);
-    struct fstab_rec *rec = NULL;
+    struct fstab_rec* rec = NULL;
 
     for (int i = 0; i < fstab->num_entries; i++) {
         if (fs_mgr_has_sysfs_path(&fstab->recs[i])) {
@@ -427,8 +425,7 @@
         cv_abort.notify_one();
         lk.lock();
         LOG(DEBUG) << "aborting idle maintenance";
-        cv_stop.wait(lk, []{
-            return idle_maint_stat == IdleMaintStats::kStopped;});
+        cv_stop.wait(lk, [] { return idle_maint_stat == IdleMaintStats::kStopped; });
     }
     lk.unlock();
 
diff --git a/KeyBuffer.cpp b/KeyBuffer.cpp
index e7aede5..5633bf8 100644
--- a/KeyBuffer.cpp
+++ b/KeyBuffer.cpp
@@ -34,4 +34,3 @@
 
 }  // namespace vold
 }  // namespace android
-
diff --git a/KeyBuffer.h b/KeyBuffer.h
index 2087187..a68311f 100644
--- a/KeyBuffer.h
+++ b/KeyBuffer.h
@@ -33,17 +33,15 @@
 #define OPTNONE __attribute__((optimize("O0")))
 #endif  // not __clang__
 inline OPTNONE void* memset_s(void* s, int c, size_t n) {
-    if (!s)
-        return s;
+    if (!s) return s;
     return memset(s, c, n);
 }
 #undef OPTNONE
 
 // Allocator that delegates useful work to standard one but zeroes data before deallocating.
 class ZeroingAllocator : public std::allocator<char> {
-    public:
-    void deallocate(pointer p, size_type n)
-    {
+  public:
+    void deallocate(pointer p, size_type n) {
         memset_s(p, 0, n);
         std::allocator<char>::deallocate(p, n);
     }
@@ -60,4 +58,3 @@
 }  // namespace android
 
 #endif
-
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 0518930..035c7b7 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -568,7 +568,10 @@
         success &= deleteKey(dir);
     }
     auto secdiscard_cmd = std::vector<std::string>{
-        kSecdiscardPath, "--", dir + "/" + kFn_encrypted_key, dir + "/" + kFn_secdiscardable,
+        kSecdiscardPath,
+        "--",
+        dir + "/" + kFn_encrypted_key,
+        dir + "/" + kFn_secdiscardable,
     };
     if (uses_km) {
         secdiscard_cmd.emplace_back(dir + "/" + kFn_keymaster_key_blob);
diff --git a/KeyUtil.cpp b/KeyUtil.cpp
index 9885440..29ba699 100644
--- a/KeyUtil.cpp
+++ b/KeyUtil.cpp
@@ -88,12 +88,7 @@
     return true;
 }
 
-static char const* const NAME_PREFIXES[] = {
-    "ext4",
-    "f2fs",
-    "fscrypt",
-    nullptr
-};
+static char const* const NAME_PREFIXES[] = {"ext4", "f2fs", "fscrypt", nullptr};
 
 static std::string keyname(const std::string& prefix, const std::string& raw_ref) {
     std::ostringstream o;
@@ -119,7 +114,7 @@
 bool installKey(const KeyBuffer& key, std::string* raw_ref) {
     // Place ext4_encryption_key into automatically zeroing buffer.
     KeyBuffer ext4KeyBuffer(sizeof(ext4_encryption_key));
-    ext4_encryption_key &ext4_key = *reinterpret_cast<ext4_encryption_key*>(ext4KeyBuffer.data());
+    ext4_encryption_key& ext4_key = *reinterpret_cast<ext4_encryption_key*>(ext4KeyBuffer.data());
 
     if (!fillKey(key, &ext4_key)) return false;
     *raw_ref = generateKeyRef(ext4_key.raw, ext4_key.size);
@@ -170,8 +165,8 @@
         if (!retrieveKey(key_path, key_authentication, &key)) return false;
     } else {
         if (!create_if_absent) {
-           LOG(ERROR) << "No key found in " << key_path;
-           return false;
+            LOG(ERROR) << "No key found in " << key_path;
+            return false;
         }
         LOG(INFO) << "Creating new key in " << key_path;
         if (!randomKey(&key)) return false;
@@ -185,20 +180,19 @@
     return true;
 }
 
-bool retrieveKey(bool create_if_absent, const std::string& key_path,
-                 const std::string& tmp_path, KeyBuffer* key) {
+bool retrieveKey(bool create_if_absent, const std::string& key_path, const std::string& tmp_path,
+                 KeyBuffer* key) {
     if (pathExists(key_path)) {
         LOG(DEBUG) << "Key exists, using: " << key_path;
         if (!retrieveKey(key_path, kEmptyAuthentication, key)) return false;
     } else {
         if (!create_if_absent) {
-           LOG(ERROR) << "No key found in " << key_path;
-           return false;
+            LOG(ERROR) << "No key found in " << key_path;
+            return false;
         }
         LOG(INFO) << "Creating new key in " << key_path;
         if (!randomKey(key)) return false;
-        if (!storeKeyAtomically(key_path, tmp_path,
-                kEmptyAuthentication, *key)) return false;
+        if (!storeKeyAtomically(key_path, tmp_path, kEmptyAuthentication, *key)) return false;
     }
     return true;
 }
diff --git a/KeyUtil.h b/KeyUtil.h
index a85eca1..b4115f4 100644
--- a/KeyUtil.h
+++ b/KeyUtil.h
@@ -20,8 +20,8 @@
 #include "KeyBuffer.h"
 #include "KeyStorage.h"
 
-#include <string>
 #include <memory>
+#include <string>
 
 namespace android {
 namespace vold {
@@ -32,8 +32,8 @@
 bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
                            const std::string& key_path, const std::string& tmp_path,
                            std::string* key_ref);
-bool retrieveKey(bool create_if_absent, const std::string& key_path,
-                 const std::string& tmp_path, KeyBuffer* key);
+bool retrieveKey(bool create_if_absent, const std::string& key_path, const std::string& tmp_path,
+                 KeyBuffer* key);
 
 }  // namespace vold
 }  // namespace android
diff --git a/Loop.cpp b/Loop.cpp
index 335ca13..92f1e97 100644
--- a/Loop.cpp
+++ b/Loop.cpp
@@ -16,24 +16,24 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <dirent.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
 #include <string.h>
+#include <unistd.h>
 
-#include <sys/mount.h>
-#include <sys/types.h>
-#include <sys/stat.h>
 #include <sys/ioctl.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 
 #include <linux/kdev_t.h>
 
 #include <android-base/logging.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 #include <android-base/unique_fd.h>
 #include <utils/Trace.h>
 
@@ -79,7 +79,7 @@
 
     struct loop_info64 li;
     memset(&li, 0, sizeof(li));
-    strlcpy((char*) li.lo_crypt_name, kVoldPrefix, LO_NAME_SIZE);
+    strlcpy((char*)li.lo_crypt_name, kVoldPrefix, LO_NAME_SIZE);
     if (ioctl(device_fd.get(), LOOP_SET_STATUS64, &li) == -1) {
         PLOG(ERROR) << "Failed to LOOP_SET_STATUS64";
         return -errno;
@@ -88,7 +88,7 @@
     return 0;
 }
 
-int Loop::destroyByDevice(const char *loopDevice) {
+int Loop::destroyByDevice(const char* loopDevice) {
     int device_fd;
 
     device_fd = open(loopDevice, O_RDONLY | O_CLOEXEC);
@@ -138,7 +138,7 @@
             continue;
         }
 
-        auto id = std::string((char*) li.lo_crypt_name);
+        auto id = std::string((char*)li.lo_crypt_name);
         if (android::base::StartsWith(id, kVoldPrefix)) {
             LOG(DEBUG) << "Tearing down stale loop device at " << path << " named " << id;
 
@@ -153,7 +153,7 @@
     return 0;
 }
 
-int Loop::createImageFile(const char *file, unsigned long numSectors) {
+int Loop::createImageFile(const char* file, unsigned long numSectors) {
     unique_fd fd(open(file, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0600));
     if (fd.get() == -1) {
         PLOG(ERROR) << "Failed to create image " << file;
@@ -169,7 +169,7 @@
     return 0;
 }
 
-int Loop::resizeImageFile(const char *file, unsigned long numSectors) {
+int Loop::resizeImageFile(const char* file, unsigned long numSectors) {
     int fd;
 
     if ((fd = open(file, O_RDWR | O_CLOEXEC)) < 0) {
diff --git a/Loop.h b/Loop.h
index 130c5b6..4e5f9c1 100644
--- a/Loop.h
+++ b/Loop.h
@@ -17,19 +17,20 @@
 #ifndef _LOOP_H
 #define _LOOP_H
 
-#include <string>
-#include <unistd.h>
 #include <linux/loop.h>
+#include <unistd.h>
+#include <string>
 
 class Loop {
-public:
+  public:
     static const int LOOP_MAX = 4096;
-public:
+
+  public:
     static int create(const std::string& file, std::string& out_device);
-    static int destroyByDevice(const char *loopDevice);
+    static int destroyByDevice(const char* loopDevice);
     static int destroyAll();
-    static int createImageFile(const char *file, unsigned long numSectors);
-    static int resizeImageFile(const char *file, unsigned long numSectors);
+    static int createImageFile(const char* file, unsigned long numSectors);
+    static int resizeImageFile(const char* file, unsigned long numSectors);
 };
 
 #endif
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index c14b9a2..842b19b 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -14,13 +14,13 @@
  * limitations under the License.
  */
 
-#include "KeyBuffer.h"
 #include "MetadataCrypt.h"
+#include "KeyBuffer.h"
 
+#include <algorithm>
 #include <string>
 #include <thread>
 #include <vector>
-#include <algorithm>
 
 #include <fcntl.h>
 #include <sys/ioctl.h>
@@ -39,9 +39,9 @@
 #include "EncryptInplace.h"
 #include "KeyStorage.h"
 #include "KeyUtil.h"
-#include "secontext.h"
 #include "Utils.h"
 #include "VoldUtil.h"
+#include "secontext.h"
 
 #define DM_CRYPT_BUF_SIZE 4096
 #define TABLE_LOAD_RETRIES 10
@@ -99,9 +99,9 @@
     return res;
 }
 
-static bool get_number_of_sectors(const std::string& real_blkdev, uint64_t *nr_sec) {
-    android::base::unique_fd dev_fd(TEMP_FAILURE_RETRY(open(
-        real_blkdev.c_str(), O_RDONLY | O_CLOEXEC, 0)));
+static bool get_number_of_sectors(const std::string& real_blkdev, uint64_t* nr_sec) {
+    android::base::unique_fd dev_fd(
+        TEMP_FAILURE_RETRY(open(real_blkdev.c_str(), O_RDONLY | O_CLOEXEC, 0)));
     if (dev_fd == -1) {
         PLOG(ERROR) << "Unable to open " << real_blkdev << " to measure size";
         return false;
@@ -117,15 +117,14 @@
     return true;
 }
 
-static struct dm_ioctl* dm_ioctl_init(char *buffer, size_t buffer_size,
-                                      const std::string& dm_name) {
+static struct dm_ioctl* dm_ioctl_init(char* buffer, size_t buffer_size, const std::string& dm_name) {
     if (buffer_size < sizeof(dm_ioctl)) {
         LOG(ERROR) << "dm_ioctl buffer too small";
         return nullptr;
     }
 
     memset(buffer, 0, buffer_size);
-    struct dm_ioctl* io = (struct dm_ioctl*) buffer;
+    struct dm_ioctl* io = (struct dm_ioctl*)buffer;
     io->data_size = buffer_size;
     io->data_start = sizeof(struct dm_ioctl);
     io->version[0] = 4;
@@ -139,8 +138,8 @@
 static bool create_crypto_blk_dev(const std::string& dm_name, uint64_t nr_sec,
                                   const std::string& target_type, const KeyBuffer& crypt_params,
                                   std::string* crypto_blkdev) {
-    android::base::unique_fd dm_fd(TEMP_FAILURE_RETRY(open(
-        "/dev/device-mapper", O_RDWR | O_CLOEXEC, 0)));
+    android::base::unique_fd dm_fd(
+        TEMP_FAILURE_RETRY(open("/dev/device-mapper", O_RDWR | O_CLOEXEC, 0)));
     if (dm_fd == -1) {
         PLOG(ERROR) << "Cannot open device-mapper";
         return false;
@@ -158,13 +157,13 @@
         PLOG(ERROR) << "Cannot retrieve dm-crypt device status " << dm_name;
         return false;
     }
-    *crypto_blkdev = std::string() + "/dev/block/dm-" + std::to_string(
-        (io->dev & 0xff) | ((io->dev >> 12) & 0xfff00));
+    *crypto_blkdev = std::string() + "/dev/block/dm-" +
+                     std::to_string((io->dev & 0xff) | ((io->dev >> 12) & 0xfff00));
 
     io = dm_ioctl_init(buffer, sizeof(buffer), dm_name);
     size_t paramix = io->data_start + sizeof(struct dm_target_spec);
     size_t nullix = paramix + crypt_params.size();
-    size_t endix = (nullix + 1 + 7) & 8; // Add room for \0 and align to 8 byte boundary
+    size_t endix = (nullix + 1 + 7) & 8;  // Add room for \0 and align to 8 byte boundary
 
     if (endix > sizeof(buffer)) {
         LOG(ERROR) << "crypt_params too big for DM_CRYPT_BUF_SIZE";
@@ -172,21 +171,21 @@
     }
 
     io->target_count = 1;
-    auto tgt = (struct dm_target_spec *) (buffer + io->data_start);
+    auto tgt = (struct dm_target_spec*)(buffer + io->data_start);
     tgt->status = 0;
     tgt->sector_start = 0;
     tgt->length = nr_sec;
     target_type.copy(tgt->target_type, sizeof(tgt->target_type));
     memcpy(buffer + paramix, crypt_params.data(),
-            std::min(crypt_params.size(), sizeof(buffer) - paramix));
+           std::min(crypt_params.size(), sizeof(buffer) - paramix));
     buffer[nullix] = '\0';
     tgt->next = endix;
 
-    for (int i = 0; ; i++) {
+    for (int i = 0;; i++) {
         if (ioctl(dm_fd.get(), DM_TABLE_LOAD, io) == 0) {
             break;
         }
-        if (i+1 >= TABLE_LOAD_RETRIES) {
+        if (i + 1 >= TABLE_LOAD_RETRIES) {
             PLOG(ERROR) << "DM_TABLE_LOAD ioctl failed";
             return false;
         }
diff --git a/MoveStorage.cpp b/MoveStorage.cpp
index 4624026..4653e01 100644
--- a/MoveStorage.cpp
+++ b/MoveStorage.cpp
@@ -29,7 +29,8 @@
 #include <dirent.h>
 #include <sys/wait.h>
 
-#define CONSTRAIN(amount, low, high) ((amount) < (low) ? (low) : ((amount) > (high) ? (high) : (amount)))
+#define CONSTRAIN(amount, low, high) \
+    ((amount) < (low) ? (low) : ((amount) > (high) ? (high) : (amount)))
 
 static const char* kPropBlockingExec = "persist.sys.blocking_exec";
 
@@ -48,7 +49,7 @@
 static const char* kWakeLock = "MoveTask";
 
 static void notifyProgress(int progress,
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+                           const android::sp<android::os::IVoldTaskListener>& listener) {
     if (listener) {
         android::os::PersistableBundle extras;
         listener->onStatus(progress, extras);
@@ -56,7 +57,7 @@
 }
 
 static status_t pushBackContents(const std::string& path, std::vector<std::string>& cmd,
-        bool addWildcard) {
+                                 bool addWildcard) {
     DIR* dir = opendir(path.c_str());
     if (dir == NULL) {
         return -1;
@@ -79,7 +80,7 @@
 }
 
 static status_t execRm(const std::string& path, int startProgress, int stepProgress,
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+                       const android::sp<android::os::IVoldTaskListener>& listener) {
     notifyProgress(startProgress, listener);
 
     uint64_t expectedBytes = GetTreeBytes(path);
@@ -114,14 +115,17 @@
 
         sleep(1);
         uint64_t deltaFreeBytes = GetFreeBytes(path) - startFreeBytes;
-        notifyProgress(startProgress + CONSTRAIN((int)
-                ((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress), listener);
+        notifyProgress(
+            startProgress +
+                CONSTRAIN((int)((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress),
+            listener);
     }
     return -1;
 }
 
 static status_t execCp(const std::string& fromPath, const std::string& toPath, int startProgress,
-        int stepProgress, const android::sp<android::os::IVoldTaskListener>& listener) {
+                       int stepProgress,
+                       const android::sp<android::os::IVoldTaskListener>& listener) {
     notifyProgress(startProgress, listener);
 
     uint64_t expectedBytes = GetTreeBytes(fromPath);
@@ -129,7 +133,7 @@
 
     if (expectedBytes > startFreeBytes) {
         LOG(ERROR) << "Data size " << expectedBytes << " is too large to fit in free space "
-                << startFreeBytes;
+                   << startFreeBytes;
         return -1;
     }
 
@@ -165,8 +169,10 @@
 
         sleep(1);
         uint64_t deltaFreeBytes = startFreeBytes - GetFreeBytes(toPath);
-        notifyProgress(startProgress + CONSTRAIN((int)
-                ((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress), listener);
+        notifyProgress(
+            startProgress +
+                CONSTRAIN((int)((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress),
+            listener);
     }
     return -1;
 }
@@ -186,8 +192,8 @@
 }
 
 static status_t moveStorageInternal(const std::shared_ptr<VolumeBase>& from,
-        const std::shared_ptr<VolumeBase>& to,
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+                                    const std::shared_ptr<VolumeBase>& to,
+                                    const android::sp<android::os::IVoldTaskListener>& listener) {
     std::string fromPath;
     std::string toPath;
 
@@ -239,17 +245,19 @@
     // useful anyway.
     execRm(toPath, 80, 1, listener);
 fail:
+    // clang-format off
     {
         std::lock_guard<std::mutex> lock(VolumeManager::Instance()->getLock());
         bringOnline(from);
         bringOnline(to);
     }
+    // clang-format on
     notifyProgress(kMoveFailedInternalError, listener);
     return -1;
 }
 
 void MoveStorage(const std::shared_ptr<VolumeBase>& from, const std::shared_ptr<VolumeBase>& to,
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+                 const android::sp<android::os::IVoldTaskListener>& listener) {
     acquire_wake_lock(PARTIAL_WAKE_LOCK, kWakeLock);
 
     android::os::PersistableBundle extras;
diff --git a/MoveStorage.h b/MoveStorage.h
index d271704..46f745f 100644
--- a/MoveStorage.h
+++ b/MoveStorage.h
@@ -24,7 +24,7 @@
 namespace vold {
 
 void MoveStorage(const std::shared_ptr<VolumeBase>& from, const std::shared_ptr<VolumeBase>& to,
-        const android::sp<android::os::IVoldTaskListener>& listener);
+                 const android::sp<android::os::IVoldTaskListener>& listener);
 
 }  // namespace vold
 }  // namespace android
diff --git a/NetlinkHandler.cpp b/NetlinkHandler.cpp
index 92131e9..d180a95 100644
--- a/NetlinkHandler.cpp
+++ b/NetlinkHandler.cpp
@@ -14,9 +14,9 @@
  * limitations under the License.
  */
 
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
 #include <string.h>
 
 #include <android-base/logging.h>
@@ -25,12 +25,9 @@
 #include "NetlinkHandler.h"
 #include "VolumeManager.h"
 
-NetlinkHandler::NetlinkHandler(int listenerSocket) :
-                NetlinkListener(listenerSocket) {
-}
+NetlinkHandler::NetlinkHandler(int listenerSocket) : NetlinkListener(listenerSocket) {}
 
-NetlinkHandler::~NetlinkHandler() {
-}
+NetlinkHandler::~NetlinkHandler() {}
 
 int NetlinkHandler::start() {
     return this->startListener();
@@ -40,9 +37,9 @@
     return this->stopListener();
 }
 
-void NetlinkHandler::onEvent(NetlinkEvent *evt) {
-    VolumeManager *vm = VolumeManager::Instance();
-    const char *subsys = evt->getSubsystem();
+void NetlinkHandler::onEvent(NetlinkEvent* evt) {
+    VolumeManager* vm = VolumeManager::Instance();
+    const char* subsys = evt->getSubsystem();
 
     if (!subsys) {
         LOG(WARNING) << "No subsystem found in netlink event";
diff --git a/NetlinkHandler.h b/NetlinkHandler.h
index 56eb23c..8af7575 100644
--- a/NetlinkHandler.h
+++ b/NetlinkHandler.h
@@ -19,16 +19,15 @@
 
 #include <sysutils/NetlinkListener.h>
 
-class NetlinkHandler: public NetlinkListener {
-
-public:
+class NetlinkHandler : public NetlinkListener {
+  public:
     explicit NetlinkHandler(int listenerSocket);
     virtual ~NetlinkHandler();
 
     int start(void);
     int stop(void);
 
-protected:
-    virtual void onEvent(NetlinkEvent *evt);
+  protected:
+    virtual void onEvent(NetlinkEvent* evt);
 };
 #endif
diff --git a/NetlinkManager.cpp b/NetlinkManager.cpp
index 409cdc8..aacf4b9 100644
--- a/NetlinkManager.cpp
+++ b/NetlinkManager.cpp
@@ -14,12 +14,12 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
 #include <errno.h>
+#include <stdio.h>
 #include <string.h>
 
-#include <sys/socket.h>
 #include <sys/select.h>
+#include <sys/socket.h>
 #include <sys/time.h>
 #include <sys/types.h>
 #include <sys/un.h>
@@ -28,14 +28,13 @@
 
 #include <android-base/logging.h>
 
-#include "NetlinkManager.h"
 #include "NetlinkHandler.h"
+#include "NetlinkManager.h"
 
-NetlinkManager *NetlinkManager::sInstance = NULL;
+NetlinkManager* NetlinkManager::sInstance = NULL;
 
-NetlinkManager *NetlinkManager::Instance() {
-    if (!sInstance)
-        sInstance = new NetlinkManager();
+NetlinkManager* NetlinkManager::Instance() {
+    if (!sInstance) sInstance = new NetlinkManager();
     return sInstance;
 }
 
@@ -43,8 +42,7 @@
     mBroadcaster = NULL;
 }
 
-NetlinkManager::~NetlinkManager() {
-}
+NetlinkManager::~NetlinkManager() {}
 
 int NetlinkManager::start() {
     struct sockaddr_nl nladdr;
@@ -56,8 +54,7 @@
     nladdr.nl_pid = getpid();
     nladdr.nl_groups = 0xffffffff;
 
-    if ((mSock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC,
-            NETLINK_KOBJECT_UEVENT)) < 0) {
+    if ((mSock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, NETLINK_KOBJECT_UEVENT)) < 0) {
         PLOG(ERROR) << "Unable to create uevent socket";
         return -1;
     }
@@ -76,7 +73,7 @@
         goto out;
     }
 
-    if (bind(mSock, (struct sockaddr *) &nladdr, sizeof(nladdr)) < 0) {
+    if (bind(mSock, (struct sockaddr*)&nladdr, sizeof(nladdr)) < 0) {
         PLOG(ERROR) << "Unable to bind uevent socket";
         goto out;
     }
diff --git a/NetlinkManager.h b/NetlinkManager.h
index 9c7ba11..e31fc2e 100644
--- a/NetlinkManager.h
+++ b/NetlinkManager.h
@@ -17,32 +17,32 @@
 #ifndef _NETLINKMANAGER_H
 #define _NETLINKMANAGER_H
 
-#include <sysutils/SocketListener.h>
 #include <sysutils/NetlinkListener.h>
+#include <sysutils/SocketListener.h>
 
 class NetlinkHandler;
 
 class NetlinkManager {
-private:
-    static NetlinkManager *sInstance;
+  private:
+    static NetlinkManager* sInstance;
 
-private:
-    SocketListener       *mBroadcaster;
-    NetlinkHandler       *mHandler;
-    int                  mSock;
+  private:
+    SocketListener* mBroadcaster;
+    NetlinkHandler* mHandler;
+    int mSock;
 
-public:
+  public:
     virtual ~NetlinkManager();
 
     int start();
     int stop();
 
-    void setBroadcaster(SocketListener *sl) { mBroadcaster = sl; }
-    SocketListener *getBroadcaster() { return mBroadcaster; }
+    void setBroadcaster(SocketListener* sl) { mBroadcaster = sl; }
+    SocketListener* getBroadcaster() { return mBroadcaster; }
 
-    static NetlinkManager *Instance();
+    static NetlinkManager* Instance();
 
-private:
+  private:
     NetlinkManager();
 };
 #endif
diff --git a/Process.cpp b/Process.cpp
index 9038af2..a5028f2 100644
--- a/Process.cpp
+++ b/Process.cpp
@@ -14,28 +14,28 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <unistd.h>
+#include <ctype.h>
+#include <dirent.h>
 #include <errno.h>
-#include <string.h>
 #include <fcntl.h>
 #include <fts.h>
-#include <dirent.h>
-#include <ctype.h>
-#include <pwd.h>
-#include <stdlib.h>
 #include <poll.h>
-#include <sys/stat.h>
+#include <pwd.h>
 #include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <unistd.h>
 
 #include <fstream>
 #include <unordered_set>
 
 #include <android-base/file.h>
-#include <android-base/parseint.h>
-#include <android-base/strings.h>
-#include <android-base/stringprintf.h>
 #include <android-base/logging.h>
+#include <android-base/parseint.h>
+#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 
 #include "Process.h"
 
diff --git a/ScryptParameters.cpp b/ScryptParameters.cpp
index c0e2030..f5a964f 100644
--- a/ScryptParameters.cpp
+++ b/ScryptParameters.cpp
@@ -19,20 +19,19 @@
 #include <stdlib.h>
 #include <string.h>
 
-bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf) {
+bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf) {
     int params[3] = {};
-    char *token;
-    char *saveptr;
+    char* token;
+    char* saveptr;
     int i;
 
     /*
      * The token we're looking for should be three integers separated by
      * colons (e.g., "12:8:1"). Scan the property to make sure it matches.
      */
-    for (i = 0, token = strtok_r(const_cast<char *>(paramstr), ":", &saveptr);
-            token != nullptr && i < 3;
-            i++, token = strtok_r(nullptr, ":", &saveptr)) {
-        char *endptr;
+    for (i = 0, token = strtok_r(const_cast<char*>(paramstr), ":", &saveptr);
+         token != nullptr && i < 3; i++, token = strtok_r(nullptr, ":", &saveptr)) {
+        char* endptr;
         params[i] = strtol(token, &endptr, 10);
 
         /*
@@ -45,6 +44,8 @@
     if (token != nullptr) {
         return false;
     }
-    *Nf = params[0]; *rf = params[1]; *pf = params[2];
+    *Nf = params[0];
+    *rf = params[1];
+    *pf = params[2];
     return true;
 }
diff --git a/ScryptParameters.h b/ScryptParameters.h
index 190842b..edb80cc 100644
--- a/ScryptParameters.h
+++ b/ScryptParameters.h
@@ -23,6 +23,6 @@
 #define SCRYPT_PROP "ro.crypto.scrypt_params"
 #define SCRYPT_DEFAULTS "15:3:1"
 
-bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf);
+bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf);
 
 #endif
diff --git a/Utils.cpp b/Utils.cpp
index 002af03..f085c22 100644
--- a/Utils.cpp
+++ b/Utils.cpp
@@ -22,26 +22,26 @@
 #include <android-base/file.h>
 #include <android-base/logging.h>
 #include <android-base/properties.h>
-#include <android-base/strings.h>
 #include <android-base/stringprintf.h>
+#include <android-base/strings.h>
 #include <cutils/fs.h>
 #include <logwrap/logwrap.h>
 #include <private/android_filesystem_config.h>
 
-#include <mutex>
 #include <dirent.h>
 #include <fcntl.h>
 #include <linux/fs.h>
 #include <stdlib.h>
 #include <sys/mount.h>
-#include <sys/types.h>
 #include <sys/stat.h>
-#include <sys/sysmacros.h>
-#include <sys/wait.h>
 #include <sys/statvfs.h>
+#include <sys/sysmacros.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <mutex>
 
 #ifndef UMOUNT_NOFOLLOW
-#define UMOUNT_NOFOLLOW    0x00000008  /* Don't follow symlink on umount */
+#define UMOUNT_NOFOLLOW 0x00000008 /* Don't follow symlink on umount */
 #endif
 
 using android::base::ReadFileToString;
@@ -81,8 +81,8 @@
     mode_t mode = 0660 | S_IFBLK;
     if (mknod(cpath, mode, dev) < 0) {
         if (errno != EEXIST) {
-            PLOG(ERROR) << "Failed to create device node for " << major(dev)
-                    << ":" << minor(dev) << " at " << path;
+            PLOG(ERROR) << "Failed to create device node for " << major(dev) << ":" << minor(dev)
+                        << " at " << path;
             res = -errno;
         }
     }
@@ -209,8 +209,8 @@
     return true;
 }
 
-static status_t readMetadata(const std::string& path, std::string* fsType,
-        std::string* fsUuid, std::string* fsLabel, bool untrusted) {
+static status_t readMetadata(const std::string& path, std::string* fsType, std::string* fsUuid,
+                             std::string* fsLabel, bool untrusted) {
     fsType->clear();
     fsUuid->clear();
     fsLabel->clear();
@@ -244,13 +244,13 @@
     return OK;
 }
 
-status_t ReadMetadata(const std::string& path, std::string* fsType,
-        std::string* fsUuid, std::string* fsLabel) {
+status_t ReadMetadata(const std::string& path, std::string* fsType, std::string* fsUuid,
+                      std::string* fsLabel) {
     return readMetadata(path, fsType, fsUuid, fsLabel, false);
 }
 
-status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType,
-        std::string* fsUuid, std::string* fsLabel) {
+status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType, std::string* fsUuid,
+                               std::string* fsLabel) {
     return readMetadata(path, fsType, fsUuid, fsLabel, true);
 }
 
@@ -261,9 +261,9 @@
 status_t ForkExecvp(const std::vector<std::string>& args, security_context_t context) {
     std::lock_guard<std::mutex> lock(kSecurityLock);
     size_t argc = args.size();
-    char** argv = (char**) calloc(argc, sizeof(char*));
+    char** argv = (char**)calloc(argc, sizeof(char*));
     for (size_t i = 0; i < argc; i++) {
-        argv[i] = (char*) args[i].c_str();
+        argv[i] = (char*)args[i].c_str();
         if (i == 0) {
             LOG(VERBOSE) << args[i];
         } else {
@@ -289,13 +289,12 @@
     return res;
 }
 
-status_t ForkExecvp(const std::vector<std::string>& args,
-        std::vector<std::string>& output) {
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output) {
     return ForkExecvp(args, output, nullptr);
 }
 
-status_t ForkExecvp(const std::vector<std::string>& args,
-        std::vector<std::string>& output, security_context_t context) {
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output,
+                    security_context_t context) {
     std::lock_guard<std::mutex> lock(kSecurityLock);
     std::string cmd;
     for (size_t i = 0; i < args.size(); i++) {
@@ -314,7 +313,7 @@
             abort();
         }
     }
-    FILE* fp = popen(cmd.c_str(), "r"); // NOLINT
+    FILE* fp = popen(cmd.c_str(), "r");  // NOLINT
     if (context) {
         if (setexeccon(nullptr)) {
             LOG(ERROR) << "Failed to setexeccon";
@@ -341,9 +340,9 @@
 
 pid_t ForkExecvpAsync(const std::vector<std::string>& args) {
     size_t argc = args.size();
-    char** argv = (char**) calloc(argc + 1, sizeof(char*));
+    char** argv = (char**)calloc(argc + 1, sizeof(char*));
     for (size_t i = 0; i < argc; i++) {
-        argv[i] = (char*) args[i].c_str();
+        argv[i] = (char*)args[i].c_str();
         if (i == 0) {
             LOG(VERBOSE) << args[i];
         } else {
@@ -400,10 +399,10 @@
 status_t GenerateRandomUuid(std::string& out) {
     status_t res = ReadRandomBytes(16, out);
     if (res == OK) {
-        out[6] &= 0x0f;  /* clear version        */
-        out[6] |= 0x40;  /* set to version 4     */
-        out[8] &= 0x3f;  /* clear variant        */
-        out[8] |= 0x80;  /* set to IETF variant  */
+        out[6] &= 0x0f; /* clear version        */
+        out[6] |= 0x40; /* set to version 4     */
+        out[8] &= 0x3f; /* clear variant        */
+        out[8] |= 0x80; /* set to IETF variant  */
     }
     return res;
 }
@@ -415,24 +414,26 @@
     for (size_t i = 0; i < hex.size(); i++) {
         int val = 0;
         switch (hex[i]) {
-        case ' ': case '-': case ':': continue;
-        case 'f': case 'F': val = 15; break;
-        case 'e': case 'E': val = 14; break;
-        case 'd': case 'D': val = 13; break;
-        case 'c': case 'C': val = 12; break;
-        case 'b': case 'B': val = 11; break;
-        case 'a': case 'A': val = 10; break;
-        case '9': val = 9; break;
-        case '8': val = 8; break;
-        case '7': val = 7; break;
-        case '6': val = 6; break;
-        case '5': val = 5; break;
-        case '4': val = 4; break;
-        case '3': val = 3; break;
-        case '2': val = 2; break;
-        case '1': val = 1; break;
-        case '0': val = 0; break;
-        default: return -EINVAL;
+            // clang-format off
+            case ' ': case '-': case ':': continue;
+            case 'f': case 'F': val = 15; break;
+            case 'e': case 'E': val = 14; break;
+            case 'd': case 'D': val = 13; break;
+            case 'c': case 'C': val = 12; break;
+            case 'b': case 'B': val = 11; break;
+            case 'a': case 'A': val = 10; break;
+            case '9': val = 9; break;
+            case '8': val = 8; break;
+            case '7': val = 7; break;
+            case '6': val = 6; break;
+            case '5': val = 5; break;
+            case '4': val = 4; break;
+            case '3': val = 3; break;
+            case '2': val = 2; break;
+            case '1': val = 1; break;
+            case '0': val = 0; break;
+            default: return -EINVAL;
+                // clang-format on
         }
 
         if (even) {
@@ -478,7 +479,7 @@
 uint64_t GetFreeBytes(const std::string& path) {
     struct statvfs sb;
     if (statvfs(path.c_str(), &sb) == 0) {
-        return (uint64_t) sb.f_bavail * sb.f_frsize;
+        return (uint64_t)sb.f_bavail * sb.f_frsize;
     } else {
         return -1;
     }
@@ -486,7 +487,7 @@
 
 // TODO: borrowed from frameworks/native/libs/diskusage/ which should
 // eventually be migrated into system/
-static int64_t stat_size(struct stat *s) {
+static int64_t stat_size(struct stat* s) {
     int64_t blksize = s->st_blksize;
     // count actual blocks used instead of nominal file size
     int64_t size = s->st_blocks * 512;
@@ -504,8 +505,8 @@
 int64_t calculate_dir_size(int dfd) {
     int64_t size = 0;
     struct stat s;
-    DIR *d;
-    struct dirent *de;
+    DIR* d;
+    struct dirent* de;
 
     d = fdopendir(dfd);
     if (d == NULL) {
@@ -514,7 +515,7 @@
     }
 
     while ((de = readdir(d))) {
-        const char *name = de->d_name;
+        const char* name = de->d_name;
         if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) {
             size += stat_size(&s);
         }
@@ -523,10 +524,8 @@
 
             /* always skip "." and ".." */
             if (name[0] == '.') {
-                if (name[1] == 0)
-                    continue;
-                if ((name[1] == '.') && (name[2] == 0))
-                    continue;
+                if (name[1] == 0) continue;
+                if ((name[1] == '.') && (name[2] == 0)) continue;
             }
 
             subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
@@ -576,7 +575,7 @@
     }
 
     range[0] = 0;
-    range[1] = (unsigned long long) nr_sec * 512;
+    range[1] = (unsigned long long)nr_sec * 512;
 
     LOG(INFO) << "About to discard " << range[1] << " on " << path;
     if (ioctl(fd, BLKDISCARD, &range) == 0) {
@@ -592,8 +591,7 @@
 }
 
 static bool isValidFilename(const std::string& name) {
-    if (name.empty() || (name == ".") || (name == "..")
-            || (name.find('/') != std::string::npos)) {
+    if (name.empty() || (name == ".") || (name == "..") || (name.find('/') != std::string::npos)) {
         return false;
     } else {
         return true;
@@ -713,8 +711,7 @@
     while (true) {
         ssize_t size = readlinkat(dirfd, path.c_str(), &buf[0], buf.size());
         // Unrecoverable error?
-        if (size == -1)
-            return false;
+        if (size == -1) return false;
         // It fit! (If size == buf.size(), it may have been truncated.)
         if (static_cast<size_t>(size) < buf.size()) {
             result->assign(&buf[0], size);
diff --git a/Utils.h b/Utils.h
index 5caa4e9..09ce8fa 100644
--- a/Utils.h
+++ b/Utils.h
@@ -20,12 +20,12 @@
 #include "KeyBuffer.h"
 
 #include <android-base/macros.h>
-#include <utils/Errors.h>
 #include <cutils/multiuser.h>
 #include <selinux/selinux.h>
+#include <utils/Errors.h>
 
-#include <vector>
 #include <string>
+#include <vector>
 
 struct DIR;
 
@@ -59,21 +59,20 @@
 bool FindValue(const std::string& raw, const std::string& key, std::string* value);
 
 /* Reads filesystem metadata from device at path */
-status_t ReadMetadata(const std::string& path, std::string* fsType,
-        std::string* fsUuid, std::string* fsLabel);
+status_t ReadMetadata(const std::string& path, std::string* fsType, std::string* fsUuid,
+                      std::string* fsLabel);
 
 /* Reads filesystem metadata from untrusted device at path */
-status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType,
-        std::string* fsUuid, std::string* fsLabel);
+status_t ReadMetadataUntrusted(const std::string& path, std::string* fsType, std::string* fsUuid,
+                               std::string* fsLabel);
 
 /* Returns either WEXITSTATUS() status, or a negative errno */
 status_t ForkExecvp(const std::vector<std::string>& args);
 status_t ForkExecvp(const std::vector<std::string>& args, security_context_t context);
 
-status_t ForkExecvp(const std::vector<std::string>& args,
-        std::vector<std::string>& output);
-status_t ForkExecvp(const std::vector<std::string>& args,
-        std::vector<std::string>& output, security_context_t context);
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output);
+status_t ForkExecvp(const std::vector<std::string>& args, std::vector<std::string>& output,
+                    security_context_t context);
 
 pid_t ForkExecvpAsync(const std::vector<std::string>& args);
 
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 81523c6..1a15304 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -24,9 +24,9 @@
 #include "Process.h"
 #include "VolumeManager.h"
 
-#include "cryptfs.h"
 #include "Ext4Crypt.h"
 #include "MetadataCrypt.h"
+#include "cryptfs.h"
 
 #include <fstream>
 #include <thread>
@@ -83,11 +83,11 @@
     uid_t uid;
 
     if (checkCallingPermission(String16(permission), reinterpret_cast<int32_t*>(&pid),
-            reinterpret_cast<int32_t*>(&uid))) {
+                               reinterpret_cast<int32_t*>(&uid))) {
         return ok();
     } else {
         return exception(binder::Status::EX_SECURITY,
-                StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission));
+                         StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission));
     }
 }
 
@@ -97,7 +97,7 @@
         return ok();
     } else {
         return exception(binder::Status::EX_SECURITY,
-                StringPrintf("UID %d is not expected UID %d", uid, expectedUid));
+                         StringPrintf("UID %d is not expected UID %d", uid, expectedUid));
     }
 }
 
@@ -108,7 +108,7 @@
     for (const char& c : id) {
         if (!std::isalnum(c) && c != ':' && c != ',') {
             return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
-                    StringPrintf("ID %s is malformed", id.c_str()));
+                             StringPrintf("ID %s is malformed", id.c_str()));
         }
     }
     return ok();
@@ -120,16 +120,16 @@
     }
     if (path[0] != '/') {
         return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
-                StringPrintf("Path %s is relative", path.c_str()));
+                         StringPrintf("Path %s is relative", path.c_str()));
     }
     if ((path + '/').find("/../") != std::string::npos) {
         return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
-                StringPrintf("Path %s is shady", path.c_str()));
+                         StringPrintf("Path %s is shady", path.c_str()));
     }
     for (const char& c : path) {
         if (c == '\0' || c == '\n') {
             return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
-                    StringPrintf("Path %s is malformed", path.c_str()));
+                             StringPrintf("Path %s is malformed", path.c_str()));
         }
     }
     return ok();
@@ -140,45 +140,49 @@
     for (const char& c : hex) {
         if (!std::isxdigit(c) && c != ':' && c != '-') {
             return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
-                    StringPrintf("Hex %s is malformed", hex.c_str()));
+                             StringPrintf("Hex %s is malformed", hex.c_str()));
         }
     }
     return ok();
 }
 
-#define ENFORCE_UID(uid) {                                  \
-    binder::Status status = checkUid((uid));                \
-    if (!status.isOk()) {                                   \
-        return status;                                      \
-    }                                                       \
-}
+#define ENFORCE_UID(uid)                         \
+    {                                            \
+        binder::Status status = checkUid((uid)); \
+        if (!status.isOk()) {                    \
+            return status;                       \
+        }                                        \
+    }
 
-#define CHECK_ARGUMENT_ID(id) {                             \
-    binder::Status status = checkArgumentId((id));          \
-    if (!status.isOk()) {                                   \
-        return status;                                      \
-    }                                                       \
-}
+#define CHECK_ARGUMENT_ID(id)                          \
+    {                                                  \
+        binder::Status status = checkArgumentId((id)); \
+        if (!status.isOk()) {                          \
+            return status;                             \
+        }                                              \
+    }
 
-#define CHECK_ARGUMENT_PATH(path) {                         \
-    binder::Status status = checkArgumentPath((path));      \
-    if (!status.isOk()) {                                   \
-        return status;                                      \
-    }                                                       \
-}
+#define CHECK_ARGUMENT_PATH(path)                          \
+    {                                                      \
+        binder::Status status = checkArgumentPath((path)); \
+        if (!status.isOk()) {                              \
+            return status;                                 \
+        }                                                  \
+    }
 
-#define CHECK_ARGUMENT_HEX(hex) {                           \
-    binder::Status status = checkArgumentHex((hex));        \
-    if (!status.isOk()) {                                   \
-        return status;                                      \
-    }                                                       \
-}
+#define CHECK_ARGUMENT_HEX(hex)                          \
+    {                                                    \
+        binder::Status status = checkArgumentHex((hex)); \
+        if (!status.isOk()) {                            \
+            return status;                               \
+        }                                                \
+    }
 
-#define ACQUIRE_LOCK \
+#define ACQUIRE_LOCK                                                        \
     std::lock_guard<std::mutex> lock(VolumeManager::Instance()->getLock()); \
     ATRACE_CALL();
 
-#define ACQUIRE_CRYPT_LOCK \
+#define ACQUIRE_CRYPT_LOCK                                                       \
     std::lock_guard<std::mutex> lock(VolumeManager::Instance()->getCryptLock()); \
     ATRACE_CALL();
 
@@ -196,7 +200,7 @@
     return android::OK;
 }
 
-status_t VoldNativeService::dump(int fd, const Vector<String16> & /* args */) {
+status_t VoldNativeService::dump(int fd, const Vector<String16>& /* args */) {
     auto out = std::fstream(StringPrintf("/proc/self/fd/%d", fd));
     const binder::Status dump_permission = checkPermission(kDump);
     if (!dump_permission.isOk()) {
@@ -211,7 +215,7 @@
 }
 
 binder::Status VoldNativeService::setListener(
-        const android::sp<android::os::IVoldListener>& listener) {
+    const android::sp<android::os::IVoldListener>& listener) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_LOCK;
 
@@ -223,12 +227,8 @@
     ENFORCE_UID(AID_SYSTEM);
 
     // Simply acquire/release each lock for watchdog
-    {
-        ACQUIRE_LOCK;
-    }
-    {
-        ACQUIRE_CRYPT_LOCK;
-    }
+    { ACQUIRE_LOCK; }
+    { ACQUIRE_CRYPT_LOCK; }
 
     return ok();
 }
@@ -283,7 +283,7 @@
 }
 
 binder::Status VoldNativeService::partition(const std::string& diskId, int32_t partitionType,
-        int32_t ratio) {
+                                            int32_t ratio) {
     ENFORCE_UID(AID_SYSTEM);
     CHECK_ARGUMENT_ID(diskId);
     ACQUIRE_LOCK;
@@ -293,15 +293,19 @@
         return error("Failed to find disk " + diskId);
     }
     switch (partitionType) {
-    case PARTITION_TYPE_PUBLIC: return translate(disk->partitionPublic());
-    case PARTITION_TYPE_PRIVATE: return translate(disk->partitionPrivate());
-    case PARTITION_TYPE_MIXED: return translate(disk->partitionMixed(ratio));
-    default: return error("Unknown type " + std::to_string(partitionType));
+        case PARTITION_TYPE_PUBLIC:
+            return translate(disk->partitionPublic());
+        case PARTITION_TYPE_PRIVATE:
+            return translate(disk->partitionPrivate());
+        case PARTITION_TYPE_MIXED:
+            return translate(disk->partitionMixed(ratio));
+        default:
+            return error("Unknown type " + std::to_string(partitionType));
     }
 }
 
 binder::Status VoldNativeService::forgetPartition(const std::string& partGuid,
-        const std::string& fsUuid) {
+                                                  const std::string& fsUuid) {
     ENFORCE_UID(AID_SYSTEM);
     CHECK_ARGUMENT_HEX(partGuid);
     CHECK_ARGUMENT_HEX(fsUuid);
@@ -311,7 +315,7 @@
 }
 
 binder::Status VoldNativeService::mount(const std::string& volId, int32_t mountFlags,
-        int32_t mountUserId) {
+                                        int32_t mountUserId) {
     ENFORCE_UID(AID_SYSTEM);
     CHECK_ARGUMENT_ID(volId);
     ACQUIRE_LOCK;
@@ -387,9 +391,7 @@
     auto status = pathForVolId(volId, &path);
     if (!status.isOk()) return status;
 
-    std::thread([=]() {
-        android::vold::Benchmark(path, listener);
-    }).detach();
+    std::thread([=]() { android::vold::Benchmark(path, listener); }).detach();
     return ok();
 }
 
@@ -404,8 +406,9 @@
     return translate(android::vold::CheckEncryption(path));
 }
 
-binder::Status VoldNativeService::moveStorage(const std::string& fromVolId,
-        const std::string& toVolId, const android::sp<android::os::IVoldTaskListener>& listener) {
+binder::Status VoldNativeService::moveStorage(
+    const std::string& fromVolId, const std::string& toVolId,
+    const android::sp<android::os::IVoldTaskListener>& listener) {
     ENFORCE_UID(AID_SYSTEM);
     CHECK_ARGUMENT_ID(fromVolId);
     CHECK_ARGUMENT_ID(toVolId);
@@ -419,9 +422,7 @@
         return error("Failed to find volume " + toVolId);
     }
 
-    std::thread([=]() {
-        android::vold::MoveStorage(fromVol, toVol, listener);
-    }).detach();
+    std::thread([=]() { android::vold::MoveStorage(fromVol, toVol, listener); }).detach();
     return ok();
 }
 
@@ -431,11 +432,20 @@
 
     std::string tmp;
     switch (remountMode) {
-    case REMOUNT_MODE_NONE: tmp = "none"; break;
-    case REMOUNT_MODE_DEFAULT: tmp = "default"; break;
-    case REMOUNT_MODE_READ: tmp = "read"; break;
-    case REMOUNT_MODE_WRITE: tmp = "write"; break;
-    default: return error("Unknown mode " + std::to_string(remountMode));
+        case REMOUNT_MODE_NONE:
+            tmp = "none";
+            break;
+        case REMOUNT_MODE_DEFAULT:
+            tmp = "default";
+            break;
+        case REMOUNT_MODE_READ:
+            tmp = "read";
+            break;
+        case REMOUNT_MODE_WRITE:
+            tmp = "write";
+            break;
+        default:
+            return error("Unknown mode " + std::to_string(remountMode));
     }
     return translate(VolumeManager::Instance()->remountUid(uid, tmp));
 }
@@ -449,14 +459,15 @@
 }
 
 binder::Status VoldNativeService::createObb(const std::string& sourcePath,
-        const std::string& sourceKey, int32_t ownerGid, std::string* _aidl_return) {
+                                            const std::string& sourceKey, int32_t ownerGid,
+                                            std::string* _aidl_return) {
     ENFORCE_UID(AID_SYSTEM);
     CHECK_ARGUMENT_PATH(sourcePath);
     CHECK_ARGUMENT_HEX(sourceKey);
     ACQUIRE_LOCK;
 
     return translate(
-            VolumeManager::Instance()->createObb(sourcePath, sourceKey, ownerGid, _aidl_return));
+        VolumeManager::Instance()->createObb(sourcePath, sourceKey, ownerGid, _aidl_return));
 }
 
 binder::Status VoldNativeService::destroyObb(const std::string& volId) {
@@ -467,41 +478,35 @@
     return translate(VolumeManager::Instance()->destroyObb(volId));
 }
 
-binder::Status VoldNativeService::fstrim(int32_t fstrimFlags,
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+binder::Status VoldNativeService::fstrim(
+    int32_t fstrimFlags, const android::sp<android::os::IVoldTaskListener>& listener) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_LOCK;
 
-    std::thread([=]() {
-        android::vold::Trim(listener);
-    }).detach();
+    std::thread([=]() { android::vold::Trim(listener); }).detach();
     return ok();
 }
 
 binder::Status VoldNativeService::runIdleMaint(
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+    const android::sp<android::os::IVoldTaskListener>& listener) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_LOCK;
 
-    std::thread([=]() {
-        android::vold::RunIdleMaint(listener);
-    }).detach();
+    std::thread([=]() { android::vold::RunIdleMaint(listener); }).detach();
     return ok();
 }
 
 binder::Status VoldNativeService::abortIdleMaint(
-        const android::sp<android::os::IVoldTaskListener>& listener) {
+    const android::sp<android::os::IVoldTaskListener>& listener) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_LOCK;
 
-    std::thread([=]() {
-        android::vold::AbortIdleMaint(listener);
-    }).detach();
+    std::thread([=]() { android::vold::AbortIdleMaint(listener); }).detach();
     return ok();
 }
 
 binder::Status VoldNativeService::mountAppFuse(int32_t uid, int32_t pid, int32_t mountId,
-        android::base::unique_fd* _aidl_return) {
+                                               android::base::unique_fd* _aidl_return) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_LOCK;
 
@@ -541,7 +546,7 @@
 }
 
 static int fdeEnableInternal(int32_t passwordType, const std::string& password,
-        int32_t encryptionFlags) {
+                             int32_t encryptionFlags) {
     bool noUi = (encryptionFlags & VoldNativeService::ENCRYPTION_FLAG_NO_UI) != 0;
 
     for (int tries = 0; tries < 2; ++tries) {
@@ -562,8 +567,8 @@
     return -1;
 }
 
-binder::Status VoldNativeService::fdeEnable(int32_t passwordType,
-        const std::string& password, int32_t encryptionFlags) {
+binder::Status VoldNativeService::fdeEnable(int32_t passwordType, const std::string& password,
+                                            int32_t encryptionFlags) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -581,7 +586,7 @@
 }
 
 binder::Status VoldNativeService::fdeChangePassword(int32_t passwordType,
-        const std::string& password) {
+                                                    const std::string& password) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -595,8 +600,7 @@
     return translate(cryptfs_verify_passwd(password.c_str()));
 }
 
-binder::Status VoldNativeService::fdeGetField(const std::string& key,
-        std::string* _aidl_return) {
+binder::Status VoldNativeService::fdeGetField(const std::string& key, std::string* _aidl_return) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -609,8 +613,7 @@
     }
 }
 
-binder::Status VoldNativeService::fdeSetField(const std::string& key,
-        const std::string& value) {
+binder::Status VoldNativeService::fdeSetField(const std::string& key, const std::string& value) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -692,8 +695,7 @@
     return translateBool(e4crypt_mount_metadata_encrypted(mountPoint, true));
 }
 
-binder::Status VoldNativeService::createUserKey(int32_t userId, int32_t userSerial,
-        bool ephemeral) {
+binder::Status VoldNativeService::createUserKey(int32_t userId, int32_t userSerial, bool ephemeral) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -708,7 +710,8 @@
 }
 
 binder::Status VoldNativeService::addUserKeyAuth(int32_t userId, int32_t userSerial,
-        const std::string& token, const std::string& secret) {
+                                                 const std::string& token,
+                                                 const std::string& secret) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -723,7 +726,8 @@
 }
 
 binder::Status VoldNativeService::unlockUserKey(int32_t userId, int32_t userSerial,
-        const std::string& token, const std::string& secret) {
+                                                const std::string& token,
+                                                const std::string& secret) {
     ENFORCE_UID(AID_SYSTEM);
     ACQUIRE_CRYPT_LOCK;
 
@@ -738,7 +742,8 @@
 }
 
 binder::Status VoldNativeService::prepareUserStorage(const std::unique_ptr<std::string>& uuid,
-        int32_t userId, int32_t userSerial, int32_t flags) {
+                                                     int32_t userId, int32_t userSerial,
+                                                     int32_t flags) {
     ENFORCE_UID(AID_SYSTEM);
     std::string empty_string = "";
     auto uuid_ = uuid ? *uuid : empty_string;
@@ -749,7 +754,7 @@
 }
 
 binder::Status VoldNativeService::destroyUserStorage(const std::unique_ptr<std::string>& uuid,
-        int32_t userId, int32_t flags) {
+                                                     int32_t userId, int32_t flags) {
     ENFORCE_UID(AID_SYSTEM);
     std::string empty_string = "";
     auto uuid_ = uuid ? *uuid : empty_string;
diff --git a/VoldNativeService.h b/VoldNativeService.h
index 2e90101..0a080e1 100644
--- a/VoldNativeService.h
+++ b/VoldNativeService.h
@@ -26,10 +26,10 @@
 namespace vold {
 
 class VoldNativeService : public BinderService<VoldNativeService>, public os::BnVold {
-public:
+  public:
     static status_t start();
     static char const* getServiceName() { return "vold"; }
-    virtual status_t dump(int fd, const Vector<String16> &args) override;
+    virtual status_t dump(int fd, const Vector<String16>& args) override;
 
     binder::Status setListener(const android::sp<android::os::IVoldListener>& listener);
 
@@ -51,38 +51,35 @@
     binder::Status unmount(const std::string& volId);
     binder::Status format(const std::string& volId, const std::string& fsType);
     binder::Status benchmark(const std::string& volId,
-            const android::sp<android::os::IVoldTaskListener>& listener);
+                             const android::sp<android::os::IVoldTaskListener>& listener);
     binder::Status checkEncryption(const std::string& volId);
 
     binder::Status moveStorage(const std::string& fromVolId, const std::string& toVolId,
-            const android::sp<android::os::IVoldTaskListener>& listener);
+                               const android::sp<android::os::IVoldTaskListener>& listener);
 
     binder::Status remountUid(int32_t uid, int32_t remountMode);
 
     binder::Status mkdirs(const std::string& path);
 
     binder::Status createObb(const std::string& sourcePath, const std::string& sourceKey,
-            int32_t ownerGid, std::string* _aidl_return);
+                             int32_t ownerGid, std::string* _aidl_return);
     binder::Status destroyObb(const std::string& volId);
 
     binder::Status fstrim(int32_t fstrimFlags,
-            const android::sp<android::os::IVoldTaskListener>& listener);
-    binder::Status runIdleMaint(
-            const android::sp<android::os::IVoldTaskListener>& listener);
-    binder::Status abortIdleMaint(
-            const android::sp<android::os::IVoldTaskListener>& listener);
+                          const android::sp<android::os::IVoldTaskListener>& listener);
+    binder::Status runIdleMaint(const android::sp<android::os::IVoldTaskListener>& listener);
+    binder::Status abortIdleMaint(const android::sp<android::os::IVoldTaskListener>& listener);
 
     binder::Status mountAppFuse(int32_t uid, int32_t pid, int32_t mountId,
-            android::base::unique_fd* _aidl_return);
+                                android::base::unique_fd* _aidl_return);
     binder::Status unmountAppFuse(int32_t uid, int32_t pid, int32_t mountId);
 
     binder::Status fdeCheckPassword(const std::string& password);
     binder::Status fdeRestart();
     binder::Status fdeComplete(int32_t* _aidl_return);
-    binder::Status fdeEnable(int32_t passwordType,
-            const std::string& password, int32_t encryptionFlags);
-    binder::Status fdeChangePassword(int32_t passwordType,
-            const std::string& password);
+    binder::Status fdeEnable(int32_t passwordType, const std::string& password,
+                             int32_t encryptionFlags);
+    binder::Status fdeChangePassword(int32_t passwordType, const std::string& password);
     binder::Status fdeVerifyPassword(const std::string& password);
     binder::Status fdeGetField(const std::string& key, std::string* _aidl_return);
     binder::Status fdeSetField(const std::string& key, const std::string& value);
@@ -101,18 +98,18 @@
     binder::Status createUserKey(int32_t userId, int32_t userSerial, bool ephemeral);
     binder::Status destroyUserKey(int32_t userId);
 
-    binder::Status addUserKeyAuth(int32_t userId, int32_t userSerial,
-            const std::string& token, const std::string& secret);
+    binder::Status addUserKeyAuth(int32_t userId, int32_t userSerial, const std::string& token,
+                                  const std::string& secret);
     binder::Status fixateNewestUserKeyAuth(int32_t userId);
 
-    binder::Status unlockUserKey(int32_t userId, int32_t userSerial,
-            const std::string& token, const std::string& secret);
+    binder::Status unlockUserKey(int32_t userId, int32_t userSerial, const std::string& token,
+                                 const std::string& secret);
     binder::Status lockUserKey(int32_t userId);
 
-    binder::Status prepareUserStorage(const std::unique_ptr<std::string>& uuid,
-            int32_t userId, int32_t userSerial, int32_t flags);
-    binder::Status destroyUserStorage(const std::unique_ptr<std::string>& uuid,
-            int32_t userId, int32_t flags);
+    binder::Status prepareUserStorage(const std::unique_ptr<std::string>& uuid, int32_t userId,
+                                      int32_t userSerial, int32_t flags);
+    binder::Status destroyUserStorage(const std::unique_ptr<std::string>& uuid, int32_t userId,
+                                      int32_t flags);
 };
 
 }  // namespace vold
diff --git a/VoldUtil.cpp b/VoldUtil.cpp
index afe8b53..26c817c 100644
--- a/VoldUtil.cpp
+++ b/VoldUtil.cpp
@@ -14,13 +14,13 @@
  * limitations under the License.
  */
 
-#include <sys/ioctl.h>
 #include <linux/fs.h>
+#include <sys/ioctl.h>
 
-struct fstab *fstab_default;
+struct fstab* fstab_default;
 
 void get_blkdev_size(int fd, unsigned long* nr_sec) {
-  if ((ioctl(fd, BLKGETSIZE, nr_sec)) == -1) {
-    *nr_sec = 0;
-  }
+    if ((ioctl(fd, BLKGETSIZE, nr_sec)) == -1) {
+        *nr_sec = 0;
+    }
 }
diff --git a/VoldUtil.h b/VoldUtil.h
index fd66672..4311586 100644
--- a/VoldUtil.h
+++ b/VoldUtil.h
@@ -20,7 +20,7 @@
 #include <fstab/fstab.h>
 #include <sys/cdefs.h>
 
-extern struct fstab *fstab_default;
+extern struct fstab* fstab_default;
 
 #define ARRAY_SIZE(a) (sizeof(a) / sizeof(*(a)))
 
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index 21e132a..f0b742e 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -26,8 +26,8 @@
 #include <sys/ioctl.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/sysmacros.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 #include <unistd.h>
 
@@ -79,11 +79,10 @@
 static const unsigned int kMajorBlockExperimentalMin = 240;
 static const unsigned int kMajorBlockExperimentalMax = 254;
 
-VolumeManager *VolumeManager::sInstance = NULL;
+VolumeManager* VolumeManager::sInstance = NULL;
 
-VolumeManager *VolumeManager::Instance() {
-    if (!sInstance)
-        sInstance = new VolumeManager();
+VolumeManager* VolumeManager::Instance() {
+    if (!sInstance) sInstance = new VolumeManager();
     return sInstance;
 }
 
@@ -95,8 +94,7 @@
     mSecureKeyguardShowing = true;
 }
 
-VolumeManager::~VolumeManager() {
-}
+VolumeManager::~VolumeManager() {}
 
 int VolumeManager::updateVirtualDisk() {
     ATRACE_NAME("VolumeManager::updateVirtualDisk");
@@ -117,8 +115,9 @@
                 return -1;
             }
 
-            auto disk = new android::vold::Disk("virtual", buf.st_rdev, "virtual",
-                    android::vold::Disk::Flags::kAdoptable | android::vold::Disk::Flags::kSd);
+            auto disk = new android::vold::Disk(
+                "virtual", buf.st_rdev, "virtual",
+                android::vold::Disk::Flags::kAdoptable | android::vold::Disk::Flags::kSd);
             mVirtualDisk = std::shared_ptr<android::vold::Disk>(disk);
             handleDiskAdded(mVirtualDisk);
         }
@@ -157,7 +156,7 @@
     // storage; the framework will decide if it should be mounted.
     CHECK(mInternalEmulated == nullptr);
     mInternalEmulated = std::shared_ptr<android::vold::VolumeBase>(
-            new android::vold::EmulatedVolume("/data/media"));
+        new android::vold::EmulatedVolume("/data/media"));
     mInternalEmulated->create();
 
     // Consider creating a virtual disk
@@ -173,17 +172,17 @@
     return 0;
 }
 
-void VolumeManager::handleBlockEvent(NetlinkEvent *evt) {
+void VolumeManager::handleBlockEvent(NetlinkEvent* evt) {
     std::lock_guard<std::mutex> lock(mLock);
 
     if (mDebug) {
         LOG(VERBOSE) << "----------------";
-        LOG(VERBOSE) << "handleBlockEvent with action " << (int) evt->getAction();
+        LOG(VERBOSE) << "handleBlockEvent with action " << (int)evt->getAction();
         evt->dump();
     }
 
-    std::string eventPath(evt->findParam("DEVPATH")?evt->findParam("DEVPATH"):"");
-    std::string devType(evt->findParam("DEVTYPE")?evt->findParam("DEVTYPE"):"");
+    std::string eventPath(evt->findParam("DEVPATH") ? evt->findParam("DEVPATH") : "");
+    std::string devType(evt->findParam("DEVTYPE") ? evt->findParam("DEVTYPE") : "");
 
     if (devType != "disk") return;
 
@@ -192,43 +191,42 @@
     dev_t device = makedev(major, minor);
 
     switch (evt->getAction()) {
-    case NetlinkEvent::Action::kAdd: {
-        for (const auto& source : mDiskSources) {
-            if (source->matches(eventPath)) {
-                // For now, assume that MMC and virtio-blk (the latter is
-                // emulator-specific; see Disk.cpp for details) devices are SD,
-                // and that everything else is USB
-                int flags = source->getFlags();
-                if (major == kMajorBlockMmc
-                    || (android::vold::IsRunningInEmulator()
-                    && major >= (int) kMajorBlockExperimentalMin
-                    && major <= (int) kMajorBlockExperimentalMax)) {
-                    flags |= android::vold::Disk::Flags::kSd;
-                } else {
-                    flags |= android::vold::Disk::Flags::kUsb;
-                }
+        case NetlinkEvent::Action::kAdd: {
+            for (const auto& source : mDiskSources) {
+                if (source->matches(eventPath)) {
+                    // For now, assume that MMC and virtio-blk (the latter is
+                    // emulator-specific; see Disk.cpp for details) devices are SD,
+                    // and that everything else is USB
+                    int flags = source->getFlags();
+                    if (major == kMajorBlockMmc || (android::vold::IsRunningInEmulator() &&
+                                                    major >= (int)kMajorBlockExperimentalMin &&
+                                                    major <= (int)kMajorBlockExperimentalMax)) {
+                        flags |= android::vold::Disk::Flags::kSd;
+                    } else {
+                        flags |= android::vold::Disk::Flags::kUsb;
+                    }
 
-                auto disk = new android::vold::Disk(eventPath, device,
-                        source->getNickname(), flags);
-                handleDiskAdded(std::shared_ptr<android::vold::Disk>(disk));
-                break;
+                    auto disk =
+                        new android::vold::Disk(eventPath, device, source->getNickname(), flags);
+                    handleDiskAdded(std::shared_ptr<android::vold::Disk>(disk));
+                    break;
+                }
             }
+            break;
         }
-        break;
-    }
-    case NetlinkEvent::Action::kChange: {
-        LOG(DEBUG) << "Disk at " << major << ":" << minor << " changed";
-        handleDiskChanged(device);
-        break;
-    }
-    case NetlinkEvent::Action::kRemove: {
-        handleDiskRemoved(device);
-        break;
-    }
-    default: {
-        LOG(WARNING) << "Unexpected block event action " << (int) evt->getAction();
-        break;
-    }
+        case NetlinkEvent::Action::kChange: {
+            LOG(DEBUG) << "Disk at " << major << ":" << minor << " changed";
+            handleDiskChanged(device);
+            break;
+        }
+        case NetlinkEvent::Action::kRemove: {
+            handleDiskRemoved(device);
+            break;
+        }
+        default: {
+            LOG(WARNING) << "Unexpected block event action " << (int)evt->getAction();
+            break;
+        }
     }
 }
 
@@ -237,7 +235,7 @@
     // until the user unlocks the device to actually touch it
     if (mSecureKeyguardShowing) {
         LOG(INFO) << "Found disk at " << disk->getEventPath()
-                << " but delaying scan due to secure keyguard";
+                  << " but delaying scan due to secure keyguard";
         mPendingDisks.push_back(disk);
     } else {
         disk->create();
@@ -312,8 +310,7 @@
     return nullptr;
 }
 
-void VolumeManager::listVolumes(android::vold::VolumeBase::Type type,
-        std::list<std::string>& list) {
+void VolumeManager::listVolumes(android::vold::VolumeBase::Type type, std::list<std::string>& list) {
     list.clear();
     for (const auto& disk : mDisks) {
         disk->listVolumes(type, list);
@@ -497,7 +494,7 @@
         }
 
         // We purposefully leave the namespace open across the fork
-        nsFd = openat(pidFd, "ns/mnt", O_RDONLY); // not O_CLOEXEC
+        nsFd = openat(pidFd, "ns/mnt", O_RDONLY);  // not O_CLOEXEC
         if (nsFd < 0) {
             PLOG(WARNING) << "Failed to open namespace for " << de->d_name;
             goto next;
@@ -522,26 +519,22 @@
                 // Sane default of no storage visible
                 _exit(0);
             }
-            if (TEMP_FAILURE_RETRY(mount(storageSource.c_str(), "/storage",
-                    NULL, MS_BIND | MS_REC, NULL)) == -1) {
-                PLOG(ERROR) << "Failed to mount " << storageSource << " for "
-                        << de->d_name;
+            if (TEMP_FAILURE_RETRY(
+                    mount(storageSource.c_str(), "/storage", NULL, MS_BIND | MS_REC, NULL)) == -1) {
+                PLOG(ERROR) << "Failed to mount " << storageSource << " for " << de->d_name;
                 _exit(1);
             }
-            if (TEMP_FAILURE_RETRY(mount(NULL, "/storage", NULL,
-                    MS_REC | MS_SLAVE, NULL)) == -1) {
-                PLOG(ERROR) << "Failed to set MS_SLAVE to /storage for "
-                        << de->d_name;
+            if (TEMP_FAILURE_RETRY(mount(NULL, "/storage", NULL, MS_REC | MS_SLAVE, NULL)) == -1) {
+                PLOG(ERROR) << "Failed to set MS_SLAVE to /storage for " << de->d_name;
                 _exit(1);
             }
 
             // Mount user-specific symlink helper into place
             userid_t user_id = multiuser_get_user_id(uid);
             std::string userSource(StringPrintf("/mnt/user/%d", user_id));
-            if (TEMP_FAILURE_RETRY(mount(userSource.c_str(), "/storage/self",
-                    NULL, MS_BIND, NULL)) == -1) {
-                PLOG(ERROR) << "Failed to mount " << userSource << " for "
-                        << de->d_name;
+            if (TEMP_FAILURE_RETRY(
+                    mount(userSource.c_str(), "/storage/self", NULL, MS_BIND, NULL)) == -1) {
+                PLOG(ERROR) << "Failed to mount " << userSource << " for " << de->d_name;
                 _exit(1);
             }
 
@@ -555,7 +548,7 @@
             TEMP_FAILURE_RETRY(waitpid(child, nullptr, 0));
         }
 
-next:
+    next:
         close(nsFd);
         close(pidFd);
     }
@@ -583,7 +576,7 @@
 // Can be called twice (sequentially) during shutdown. should be safe for that.
 int VolumeManager::shutdown() {
     if (mInternalEmulated == nullptr) {
-        return 0; // already shutdown
+        return 0;  // already shutdown
     }
     android::vold::sSleepOnUnmount = false;
     mInternalEmulated->destroy();
@@ -673,20 +666,18 @@
     android::vold::ForceUnmount(path);
 
     const auto opts = android::base::StringPrintf(
-            "fd=%i,"
-            "rootmode=40000,"
-            "default_permissions,"
-            "allow_other,"
-            "user_id=%d,group_id=%d,"
-            "context=\"u:object_r:app_fuse_file:s0\","
-            "fscontext=u:object_r:app_fusefs:s0",
-            device_fd,
-            uid,
-            uid);
+        "fd=%i,"
+        "rootmode=40000,"
+        "default_permissions,"
+        "allow_other,"
+        "user_id=%d,group_id=%d,"
+        "context=\"u:object_r:app_fuse_file:s0\","
+        "fscontext=u:object_r:app_fusefs:s0",
+        device_fd, uid, uid);
 
-    const int result = TEMP_FAILURE_RETRY(mount(
-            "/dev/fuse", path.c_str(), "fuse",
-            MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_NOATIME, opts.c_str()));
+    const int result =
+        TEMP_FAILURE_RETRY(mount("/dev/fuse", path.c_str(), "fuse",
+                                 MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_NOATIME, opts.c_str()));
     if (result != 0) {
         PLOG(ERROR) << "Failed to mount " << path;
         return -errno;
@@ -695,11 +686,8 @@
     return android::OK;
 }
 
-static android::status_t runCommandInNamespace(const std::string& command,
-                                               uid_t uid,
-                                               pid_t pid,
-                                               const std::string& path,
-                                               int device_fd) {
+static android::status_t runCommandInNamespace(const std::string& command, uid_t uid, pid_t pid,
+                                               const std::string& path, int device_fd) {
     if (DEBUG_APPFUSE) {
         LOG(DEBUG) << "Run app fuse command " << command << " for the path " << path
                    << " in namespace " << uid;
@@ -713,8 +701,7 @@
 
     // Obtains process file descriptor.
     const std::string pid_str = android::base::StringPrintf("%d", pid);
-    const unique_fd pid_fd(
-            openat(dir.get(), pid_str.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC));
+    const unique_fd pid_fd(openat(dir.get(), pid_str.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC));
     if (pid_fd.get() == -1) {
         PLOG(ERROR) << "Failed to open /proc/" << pid;
         return -errno;
@@ -730,7 +717,7 @@
         }
         if (sb.st_uid != AID_SYSTEM) {
             LOG(ERROR) << "Only system can mount appfuse. UID expected=" << AID_SYSTEM
-                    << ", actual=" << sb.st_uid;
+                       << ", actual=" << sb.st_uid;
             return -EPERM;
         }
     }
@@ -739,8 +726,8 @@
     {
         std::string rootName;
         std::string pidName;
-        if (!android::vold::Readlinkat(dir.get(), "1/ns/mnt", &rootName)
-                || !android::vold::Readlinkat(pid_fd.get(), "ns/mnt", &pidName)) {
+        if (!android::vold::Readlinkat(dir.get(), "1/ns/mnt", &rootName) ||
+            !android::vold::Readlinkat(pid_fd.get(), "ns/mnt", &pidName)) {
             PLOG(ERROR) << "Failed to read namespaces";
             return -EPERM;
         }
@@ -751,7 +738,7 @@
     }
 
     // We purposefully leave the namespace open across the fork
-    unique_fd ns_fd(openat(pid_fd.get(), "ns/mnt", O_RDONLY)); // not O_CLOEXEC
+    unique_fd ns_fd(openat(pid_fd.get(), "ns/mnt", O_RDONLY));  // not O_CLOEXEC
     if (ns_fd.get() < 0) {
         PLOG(ERROR) << "Failed to open namespace for /proc/" << pid << "/ns/mnt";
         return -errno;
@@ -769,8 +756,8 @@
         } else if (command == "unmount") {
             // If it's just after all FD opened on mount point are closed, umount2 can fail with
             // EBUSY. To avoid the case, specify MNT_DETACH.
-            if (umount2(path.c_str(), UMOUNT_NOFOLLOW | MNT_DETACH) != 0 &&
-                    errno != EINVAL && errno != ENOENT) {
+            if (umount2(path.c_str(), UMOUNT_NOFOLLOW | MNT_DETACH) != 0 && errno != EINVAL &&
+                errno != ENOENT) {
                 PLOG(ERROR) << "Failed to unmount directory.";
                 _exit(-errno);
             }
@@ -797,11 +784,11 @@
 }
 
 int VolumeManager::createObb(const std::string& sourcePath, const std::string& sourceKey,
-        int32_t ownerGid, std::string* outVolId) {
+                             int32_t ownerGid, std::string* outVolId) {
     int id = mNextObbId++;
 
     auto vol = std::shared_ptr<android::vold::VolumeBase>(
-            new android::vold::ObbVolume(id, sourcePath, sourceKey, ownerGid));
+        new android::vold::ObbVolume(id, sourcePath, sourceKey, ownerGid));
     vol->create();
 
     mObbVolumes.push_back(vol);
@@ -823,7 +810,7 @@
 }
 
 int VolumeManager::mountAppFuse(uid_t uid, pid_t pid, int mountId,
-        android::base::unique_fd* device_fd) {
+                                android::base::unique_fd* device_fd) {
     std::string name = std::to_string(mountId);
 
     // Check mount point name.
@@ -841,7 +828,7 @@
     }
 
     // Open device FD.
-    device_fd->reset(open("/dev/fuse", O_RDWR)); // not O_CLOEXEC
+    device_fd->reset(open("/dev/fuse", O_RDWR));  // not O_CLOEXEC
     if (device_fd->get() == -1) {
         PLOG(ERROR) << "Failed to open /dev/fuse";
         return -1;
diff --git a/VolumeManager.h b/VolumeManager.h
index fb455d8..eedb1cb 100644
--- a/VolumeManager.h
+++ b/VolumeManager.h
@@ -17,8 +17,8 @@
 #ifndef ANDROID_VOLD_VOLUME_MANAGER_H
 #define ANDROID_VOLD_VOLUME_MANAGER_H
 
-#include <pthread.h>
 #include <fnmatch.h>
+#include <pthread.h>
 #include <stdlib.h>
 
 #include <list>
@@ -29,9 +29,9 @@
 
 #include <android-base/unique_fd.h>
 #include <cutils/multiuser.h>
+#include <sysutils/NetlinkEvent.h>
 #include <utils/List.h>
 #include <utils/Timers.h>
-#include <sysutils/NetlinkEvent.h>
 
 #include "android/os/IVoldListener.h"
 
@@ -41,12 +41,12 @@
 #define DEBUG_APPFUSE 0
 
 class VolumeManager {
-private:
-    static VolumeManager *sInstance;
+  private:
+    static VolumeManager* sInstance;
 
-    bool                   mDebug;
+    bool mDebug;
 
-public:
+  public:
     virtual ~VolumeManager();
 
     // TODO: pipe all requests through VM to avoid exposing this lock
@@ -59,13 +59,12 @@
     int start();
     int stop();
 
-    void handleBlockEvent(NetlinkEvent *evt);
+    void handleBlockEvent(NetlinkEvent* evt);
 
     class DiskSource {
-    public:
-        DiskSource(const std::string& sysPattern, const std::string& nickname, int flags) :
-                mSysPattern(sysPattern), mNickname(nickname), mFlags(flags) {
-        }
+      public:
+        DiskSource(const std::string& sysPattern, const std::string& nickname, int flags)
+            : mSysPattern(sysPattern), mNickname(nickname), mFlags(flags) {}
 
         bool matches(const std::string& sysPath) {
             return !fnmatch(mSysPattern.c_str(), sysPath.c_str(), 0);
@@ -74,7 +73,7 @@
         const std::string& getNickname() { return mNickname; }
         int getFlags() { return mFlags; }
 
-    private:
+      private:
         std::string mSysPattern;
         std::string mNickname;
         int mFlags;
@@ -110,7 +109,7 @@
     int updateVirtualDisk();
     int setDebug(bool enable);
 
-    static VolumeManager *Instance();
+    static VolumeManager* Instance();
 
     /*
      * Ensure that all directories along given path exist, creating parent
@@ -122,13 +121,13 @@
     int mkdirs(const std::string& path);
 
     int createObb(const std::string& path, const std::string& key, int32_t ownerGid,
-            std::string* outVolId);
+                  std::string* outVolId);
     int destroyObb(const std::string& volId);
 
     int mountAppFuse(uid_t uid, pid_t pid, int mountId, android::base::unique_fd* device_fd);
     int unmountAppFuse(uid_t uid, pid_t pid, int mountId);
 
-private:
+  private:
     VolumeManager();
     void readInitialState();
 
diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl
index f386889..567385c 100644
--- a/binder/android/os/IVold.aidl
+++ b/binder/android/os/IVold.aidl
@@ -44,14 +44,14 @@
     void checkEncryption(@utf8InCpp String volId);
 
     void moveStorage(@utf8InCpp String fromVolId, @utf8InCpp String toVolId,
-            IVoldTaskListener listener);
+                     IVoldTaskListener listener);
 
     void remountUid(int uid, int remountMode);
 
     void mkdirs(@utf8InCpp String path);
 
-    @utf8InCpp String createObb(@utf8InCpp String sourcePath,
-            @utf8InCpp String sourceKey, int ownerGid);
+    @utf8InCpp String createObb(@utf8InCpp String sourcePath, @utf8InCpp String sourceKey,
+                                int ownerGid);
     void destroyObb(@utf8InCpp String volId);
 
     void fstrim(int fstrimFlags, IVoldTaskListener listener);
@@ -84,13 +84,16 @@
     void createUserKey(int userId, int userSerial, boolean ephemeral);
     void destroyUserKey(int userId);
 
-    void addUserKeyAuth(int userId, int userSerial, @utf8InCpp String token, @utf8InCpp String secret);
+    void addUserKeyAuth(int userId, int userSerial, @utf8InCpp String token,
+                        @utf8InCpp String secret);
     void fixateNewestUserKeyAuth(int userId);
 
-    void unlockUserKey(int userId, int userSerial, @utf8InCpp String token, @utf8InCpp String secret);
+    void unlockUserKey(int userId, int userSerial, @utf8InCpp String token,
+                       @utf8InCpp String secret);
     void lockUserKey(int userId);
 
-    void prepareUserStorage(@nullable @utf8InCpp String uuid, int userId, int userSerial, int storageFlags);
+    void prepareUserStorage(@nullable @utf8InCpp String uuid, int userId, int userSerial,
+                            int storageFlags);
     void destroyUserStorage(@nullable @utf8InCpp String uuid, int userId, int storageFlags);
 
     const int ENCRYPTION_FLAG_NO_UI = 4;
diff --git a/cryptfs.cpp b/cryptfs.cpp
index c4274ed..00e5519 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -80,14 +80,12 @@
 
 constexpr size_t INTERMEDIATE_KEY_LEN_BYTES = 16;
 constexpr size_t INTERMEDIATE_IV_LEN_BYTES = 16;
-constexpr size_t INTERMEDIATE_BUF_SIZE =
-    (INTERMEDIATE_KEY_LEN_BYTES + INTERMEDIATE_IV_LEN_BYTES);
+constexpr size_t INTERMEDIATE_BUF_SIZE = (INTERMEDIATE_KEY_LEN_BYTES + INTERMEDIATE_IV_LEN_BYTES);
 
 // SCRYPT_LEN is used by struct crypt_mnt_ftr for its intermediate key.
-static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN,
-              "Mismatch of intermediate key sizes");
+static_assert(INTERMEDIATE_BUF_SIZE == SCRYPT_LEN, "Mismatch of intermediate key sizes");
 
-#define KEY_IN_FOOTER  "footer"
+#define KEY_IN_FOOTER "footer"
 
 #define DEFAULT_PASSWORD "default_password"
 
@@ -113,27 +111,25 @@
 static int put_crypt_ftr_and_key(struct crypt_mnt_ftr* crypt_ftr);
 
 static unsigned char saved_master_key[MAX_KEY_LEN];
-static char *saved_mount_point;
-static int  master_key_saved = 0;
-static struct crypt_persist_data *persist_data = NULL;
+static char* saved_mount_point;
+static int master_key_saved = 0;
+static struct crypt_persist_data* persist_data = NULL;
 
 /* Should we use keymaster? */
-static int keymaster_check_compatibility()
-{
+static int keymaster_check_compatibility() {
     return keymaster_compatibility_cryptfs_scrypt();
 }
 
 /* Create a new keymaster key and store it in this footer */
-static int keymaster_create_key(struct crypt_mnt_ftr *ftr)
-{
+static int keymaster_create_key(struct crypt_mnt_ftr* ftr) {
     if (ftr->keymaster_blob_size) {
         SLOGI("Already have key");
         return 0;
     }
 
-    int rc = keymaster_create_key_for_cryptfs_scrypt(RSA_KEY_SIZE, RSA_EXPONENT,
-            KEYMASTER_CRYPTFS_RATE_LIMIT, ftr->keymaster_blob, KEYMASTER_BLOB_SIZE,
-            &ftr->keymaster_blob_size);
+    int rc = keymaster_create_key_for_cryptfs_scrypt(
+        RSA_KEY_SIZE, RSA_EXPONENT, KEYMASTER_CRYPTFS_RATE_LIMIT, ftr->keymaster_blob,
+        KEYMASTER_BLOB_SIZE, &ftr->keymaster_blob_size);
     if (rc) {
         if (ftr->keymaster_blob_size > KEYMASTER_BLOB_SIZE) {
             SLOGE("Keymaster key blob too large");
@@ -146,12 +142,9 @@
 }
 
 /* This signs the given object using the keymaster key. */
-static int keymaster_sign_object(struct crypt_mnt_ftr *ftr,
-                                 const unsigned char *object,
-                                 const size_t object_size,
-                                 unsigned char **signature,
-                                 size_t *signature_size)
-{
+static int keymaster_sign_object(struct crypt_mnt_ftr* ftr, const unsigned char* object,
+                                 const size_t object_size, unsigned char** signature,
+                                 size_t* signature_size) {
     unsigned char to_sign[RSA_KEY_SIZE_BYTES];
     size_t to_sign_size = sizeof(to_sign);
     memset(to_sign, 0, RSA_KEY_SIZE_BYTES);
@@ -230,21 +223,20 @@
 static int password_expiry_time = 0;
 static const int password_max_age_seconds = 60;
 
-enum class RebootType {reboot, recovery, shutdown};
-static void cryptfs_reboot(RebootType rt)
-{
-  switch (rt) {
-      case RebootType::reboot:
-          property_set(ANDROID_RB_PROPERTY, "reboot");
-          break;
+enum class RebootType { reboot, recovery, shutdown };
+static void cryptfs_reboot(RebootType rt) {
+    switch (rt) {
+        case RebootType::reboot:
+            property_set(ANDROID_RB_PROPERTY, "reboot");
+            break;
 
-      case RebootType::recovery:
-          property_set(ANDROID_RB_PROPERTY, "reboot,recovery");
-          break;
+        case RebootType::recovery:
+            property_set(ANDROID_RB_PROPERTY, "reboot,recovery");
+            break;
 
-      case RebootType::shutdown:
-          property_set(ANDROID_RB_PROPERTY, "shutdown");
-          break;
+        case RebootType::shutdown:
+            property_set(ANDROID_RB_PROPERTY, "shutdown");
+            break;
     }
 
     sleep(20);
@@ -253,8 +245,7 @@
     return;
 }
 
-static void ioctl_init(struct dm_ioctl *io, size_t dataSize, const char *name, unsigned flags)
-{
+static void ioctl_init(struct dm_ioctl* io, size_t dataSize, const char* name, unsigned flags) {
     memset(io, 0, dataSize);
     io->data_size = dataSize;
     io->data_start = sizeof(struct dm_ioctl);
@@ -272,7 +263,7 @@
 struct CryptoType;
 
 // Use to get the CryptoType in use on this device.
-const CryptoType &get_crypto_type();
+const CryptoType& get_crypto_type();
 
 struct CryptoType {
     // We should only be constructing CryptoTypes as part of
@@ -284,60 +275,60 @@
     constexpr CryptoType set_keysize(uint32_t size) const {
         return CryptoType(this->property_name, this->crypto_name, size);
     }
-    constexpr CryptoType set_property_name(const char *property) const {
+    constexpr CryptoType set_property_name(const char* property) const {
         return CryptoType(property, this->crypto_name, this->keysize);
     }
-    constexpr CryptoType set_crypto_name(const char *crypto) const {
+    constexpr CryptoType set_crypto_name(const char* crypto) const {
         return CryptoType(this->property_name, crypto, this->keysize);
     }
 
-    constexpr const char *get_property_name() const { return property_name; }
-    constexpr const char *get_crypto_name() const { return crypto_name; }
+    constexpr const char* get_property_name() const { return property_name; }
+    constexpr const char* get_crypto_name() const { return crypto_name; }
     constexpr uint32_t get_keysize() const { return keysize; }
 
- private:
-    const char *property_name;
-    const char *crypto_name;
+  private:
+    const char* property_name;
+    const char* crypto_name;
     uint32_t keysize;
 
-    constexpr CryptoType(const char *property, const char *crypto,
-                         uint32_t ksize)
+    constexpr CryptoType(const char* property, const char* crypto, uint32_t ksize)
         : property_name(property), crypto_name(crypto), keysize(ksize) {}
-    friend const CryptoType &get_crypto_type();
-    static const CryptoType &get_device_crypto_algorithm();
+    friend const CryptoType& get_crypto_type();
+    static const CryptoType& get_device_crypto_algorithm();
 };
 
 // We only want to parse this read-only property once.  But we need to wait
 // until the system is initialized before we can read it.  So we use a static
 // scoped within this function to get it only once.
-const CryptoType &get_crypto_type() {
+const CryptoType& get_crypto_type() {
     static CryptoType crypto_type = CryptoType::get_device_crypto_algorithm();
     return crypto_type;
 }
 
 constexpr CryptoType default_crypto_type = CryptoType()
-    .set_property_name("AES-128-CBC")
-    .set_crypto_name("aes-cbc-essiv:sha256")
-    .set_keysize(16);
+                                               .set_property_name("AES-128-CBC")
+                                               .set_crypto_name("aes-cbc-essiv:sha256")
+                                               .set_keysize(16);
 
 constexpr CryptoType supported_crypto_types[] = {
     default_crypto_type,
     // Add new CryptoTypes here.  Order is not important.
 };
 
-
 // ---------- START COMPILE-TIME SANITY CHECK BLOCK -------------------------
 // We confirm all supported_crypto_types have a small enough keysize and
 // had both set_property_name() and set_crypto_name() called.
 
 template <typename T, size_t N>
-constexpr size_t array_length(T (&)[N]) { return N; }
+constexpr size_t array_length(T (&)[N]) {
+    return N;
+}
 
 constexpr bool indexOutOfBoundsForCryptoTypes(size_t index) {
     return (index >= array_length(supported_crypto_types));
 }
 
-constexpr bool isValidCryptoType(const CryptoType &crypto_type) {
+constexpr bool isValidCryptoType(const CryptoType& crypto_type) {
     return ((crypto_type.get_property_name() != nullptr) &&
             (crypto_type.get_crypto_name() != nullptr) &&
             (crypto_type.get_keysize() <= MAX_KEY_LEN));
@@ -348,8 +339,8 @@
 // but it's asserting at compile time that all of our key lengths are valid.
 constexpr bool validateSupportedCryptoTypes(size_t index) {
     return indexOutOfBoundsForCryptoTypes(index) ||
-        (isValidCryptoType(supported_crypto_types[index]) &&
-         validateSupportedCryptoTypes(index + 1));
+           (isValidCryptoType(supported_crypto_types[index]) &&
+            validateSupportedCryptoTypes(index + 1));
 }
 
 static_assert(validateSupportedCryptoTypes(0),
@@ -357,34 +348,30 @@
               "incompletely constructed.");
 //  ---------- END COMPILE-TIME SANITY CHECK BLOCK -------------------------
 
-
 // Don't call this directly, use get_crypto_type(), which caches this result.
-const CryptoType &CryptoType::get_device_crypto_algorithm() {
+const CryptoType& CryptoType::get_device_crypto_algorithm() {
     constexpr char CRYPT_ALGO_PROP[] = "ro.crypto.fde_algorithm";
     char paramstr[PROPERTY_VALUE_MAX];
 
-    property_get(CRYPT_ALGO_PROP, paramstr,
-                 default_crypto_type.get_property_name());
-    for (auto const &ctype : supported_crypto_types) {
+    property_get(CRYPT_ALGO_PROP, paramstr, default_crypto_type.get_property_name());
+    for (auto const& ctype : supported_crypto_types) {
         if (strcmp(paramstr, ctype.get_property_name()) == 0) {
             return ctype;
         }
     }
-    ALOGE("Invalid name (%s) for %s.  Defaulting to %s\n", paramstr,
-          CRYPT_ALGO_PROP, default_crypto_type.get_property_name());
+    ALOGE("Invalid name (%s) for %s.  Defaulting to %s\n", paramstr, CRYPT_ALGO_PROP,
+          default_crypto_type.get_property_name());
     return default_crypto_type;
 }
 
 }  // namespace
 
-
-
 /**
  * Gets the default device scrypt parameters for key derivation time tuning.
  * The parameters should lead to about one second derivation time for the
  * given device.
  */
-static void get_device_scrypt_params(struct crypt_mnt_ftr *ftr) {
+static void get_device_scrypt_params(struct crypt_mnt_ftr* ftr) {
     char paramstr[PROPERTY_VALUE_MAX];
     int Nf, rf, pf;
 
@@ -402,17 +389,16 @@
     return get_crypto_type().get_keysize();
 }
 
-const char *cryptfs_get_crypto_name() {
+const char* cryptfs_get_crypto_name() {
     return get_crypto_type().get_crypto_name();
 }
 
-static unsigned int get_fs_size(char *dev)
-{
+static unsigned int get_fs_size(char* dev) {
     int fd, block_size;
     struct ext4_super_block sb;
     off64_t len;
 
-    if ((fd = open(dev, O_RDONLY|O_CLOEXEC)) < 0) {
+    if ((fd = open(dev, O_RDONLY | O_CLOEXEC)) < 0) {
         SLOGE("Cannot open device to get filesystem size ");
         return 0;
     }
@@ -435,68 +421,66 @@
     }
     block_size = 1024 << sb.s_log_block_size;
     /* compute length in bytes */
-    len = ( ((off64_t)sb.s_blocks_count_hi << 32) + sb.s_blocks_count_lo) * block_size;
+    len = (((off64_t)sb.s_blocks_count_hi << 32) + sb.s_blocks_count_lo) * block_size;
 
     /* return length in sectors */
-    return (unsigned int) (len / 512);
+    return (unsigned int)(len / 512);
 }
 
-static int get_crypt_ftr_info(char **metadata_fname, off64_t *off)
-{
-  static int cached_data = 0;
-  static off64_t cached_off = 0;
-  static char cached_metadata_fname[PROPERTY_VALUE_MAX] = "";
-  int fd;
-  char key_loc[PROPERTY_VALUE_MAX];
-  char real_blkdev[PROPERTY_VALUE_MAX];
-  int rc = -1;
+static int get_crypt_ftr_info(char** metadata_fname, off64_t* off) {
+    static int cached_data = 0;
+    static off64_t cached_off = 0;
+    static char cached_metadata_fname[PROPERTY_VALUE_MAX] = "";
+    int fd;
+    char key_loc[PROPERTY_VALUE_MAX];
+    char real_blkdev[PROPERTY_VALUE_MAX];
+    int rc = -1;
 
-  if (!cached_data) {
-    fs_mgr_get_crypt_info(fstab_default, key_loc, real_blkdev, sizeof(key_loc));
+    if (!cached_data) {
+        fs_mgr_get_crypt_info(fstab_default, key_loc, real_blkdev, sizeof(key_loc));
 
-    if (!strcmp(key_loc, KEY_IN_FOOTER)) {
-      if ( (fd = open(real_blkdev, O_RDWR|O_CLOEXEC)) < 0) {
-        SLOGE("Cannot open real block device %s\n", real_blkdev);
-        return -1;
-      }
+        if (!strcmp(key_loc, KEY_IN_FOOTER)) {
+            if ((fd = open(real_blkdev, O_RDWR | O_CLOEXEC)) < 0) {
+                SLOGE("Cannot open real block device %s\n", real_blkdev);
+                return -1;
+            }
 
-      unsigned long nr_sec = 0;
-      get_blkdev_size(fd, &nr_sec);
-      if (nr_sec != 0) {
-        /* If it's an encrypted Android partition, the last 16 Kbytes contain the
-         * encryption info footer and key, and plenty of bytes to spare for future
-         * growth.
-         */
-        strlcpy(cached_metadata_fname, real_blkdev, sizeof(cached_metadata_fname));
-        cached_off = ((off64_t)nr_sec * 512) - CRYPT_FOOTER_OFFSET;
-        cached_data = 1;
-      } else {
-        SLOGE("Cannot get size of block device %s\n", real_blkdev);
-      }
-      close(fd);
-    } else {
-      strlcpy(cached_metadata_fname, key_loc, sizeof(cached_metadata_fname));
-      cached_off = 0;
-      cached_data = 1;
+            unsigned long nr_sec = 0;
+            get_blkdev_size(fd, &nr_sec);
+            if (nr_sec != 0) {
+                /* If it's an encrypted Android partition, the last 16 Kbytes contain the
+                 * encryption info footer and key, and plenty of bytes to spare for future
+                 * growth.
+                 */
+                strlcpy(cached_metadata_fname, real_blkdev, sizeof(cached_metadata_fname));
+                cached_off = ((off64_t)nr_sec * 512) - CRYPT_FOOTER_OFFSET;
+                cached_data = 1;
+            } else {
+                SLOGE("Cannot get size of block device %s\n", real_blkdev);
+            }
+            close(fd);
+        } else {
+            strlcpy(cached_metadata_fname, key_loc, sizeof(cached_metadata_fname));
+            cached_off = 0;
+            cached_data = 1;
+        }
     }
-  }
 
-  if (cached_data) {
-    if (metadata_fname) {
-        *metadata_fname = cached_metadata_fname;
+    if (cached_data) {
+        if (metadata_fname) {
+            *metadata_fname = cached_metadata_fname;
+        }
+        if (off) {
+            *off = cached_off;
+        }
+        rc = 0;
     }
-    if (off) {
-        *off = cached_off;
-    }
-    rc = 0;
-  }
 
-  return rc;
+    return rc;
 }
 
 /* Set sha256 checksum in structure */
-static void set_ftr_sha(struct crypt_mnt_ftr *crypt_ftr)
-{
+static void set_ftr_sha(struct crypt_mnt_ftr* crypt_ftr) {
     SHA256_CTX c;
     SHA256_Init(&c);
     memset(crypt_ftr->sha256, 0, sizeof(crypt_ftr->sha256));
@@ -507,82 +491,76 @@
 /* key or salt can be NULL, in which case just skip writing that value.  Useful to
  * update the failed mount count but not change the key.
  */
-static int put_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
-{
-  int fd;
-  unsigned int cnt;
-  /* starting_off is set to the SEEK_SET offset
-   * where the crypto structure starts
-   */
-  off64_t starting_off;
-  int rc = -1;
-  char *fname = NULL;
-  struct stat statbuf;
+static int put_crypt_ftr_and_key(struct crypt_mnt_ftr* crypt_ftr) {
+    int fd;
+    unsigned int cnt;
+    /* starting_off is set to the SEEK_SET offset
+     * where the crypto structure starts
+     */
+    off64_t starting_off;
+    int rc = -1;
+    char* fname = NULL;
+    struct stat statbuf;
 
-  set_ftr_sha(crypt_ftr);
+    set_ftr_sha(crypt_ftr);
 
-  if (get_crypt_ftr_info(&fname, &starting_off)) {
-    SLOGE("Unable to get crypt_ftr_info\n");
-    return -1;
-  }
-  if (fname[0] != '/') {
-    SLOGE("Unexpected value for crypto key location\n");
-    return -1;
-  }
-  if ( (fd = open(fname, O_RDWR | O_CREAT|O_CLOEXEC, 0600)) < 0) {
-    SLOGE("Cannot open footer file %s for put\n", fname);
-    return -1;
-  }
-
-  /* Seek to the start of the crypt footer */
-  if (lseek64(fd, starting_off, SEEK_SET) == -1) {
-    SLOGE("Cannot seek to real block device footer\n");
-    goto errout;
-  }
-
-  if ((cnt = write(fd, crypt_ftr, sizeof(struct crypt_mnt_ftr))) != sizeof(struct crypt_mnt_ftr)) {
-    SLOGE("Cannot write real block device footer\n");
-    goto errout;
-  }
-
-  fstat(fd, &statbuf);
-  /* If the keys are kept on a raw block device, do not try to truncate it. */
-  if (S_ISREG(statbuf.st_mode)) {
-    if (ftruncate(fd, 0x4000)) {
-      SLOGE("Cannot set footer file size\n");
-      goto errout;
+    if (get_crypt_ftr_info(&fname, &starting_off)) {
+        SLOGE("Unable to get crypt_ftr_info\n");
+        return -1;
     }
-  }
+    if (fname[0] != '/') {
+        SLOGE("Unexpected value for crypto key location\n");
+        return -1;
+    }
+    if ((fd = open(fname, O_RDWR | O_CREAT | O_CLOEXEC, 0600)) < 0) {
+        SLOGE("Cannot open footer file %s for put\n", fname);
+        return -1;
+    }
 
-  /* Success! */
-  rc = 0;
+    /* Seek to the start of the crypt footer */
+    if (lseek64(fd, starting_off, SEEK_SET) == -1) {
+        SLOGE("Cannot seek to real block device footer\n");
+        goto errout;
+    }
+
+    if ((cnt = write(fd, crypt_ftr, sizeof(struct crypt_mnt_ftr))) != sizeof(struct crypt_mnt_ftr)) {
+        SLOGE("Cannot write real block device footer\n");
+        goto errout;
+    }
+
+    fstat(fd, &statbuf);
+    /* If the keys are kept on a raw block device, do not try to truncate it. */
+    if (S_ISREG(statbuf.st_mode)) {
+        if (ftruncate(fd, 0x4000)) {
+            SLOGE("Cannot set footer file size\n");
+            goto errout;
+        }
+    }
+
+    /* Success! */
+    rc = 0;
 
 errout:
-  close(fd);
-  return rc;
-
+    close(fd);
+    return rc;
 }
 
-static bool check_ftr_sha(const struct crypt_mnt_ftr *crypt_ftr)
-{
+static bool check_ftr_sha(const struct crypt_mnt_ftr* crypt_ftr) {
     struct crypt_mnt_ftr copy;
     memcpy(&copy, crypt_ftr, sizeof(copy));
     set_ftr_sha(&copy);
     return memcmp(copy.sha256, crypt_ftr->sha256, sizeof(copy.sha256)) == 0;
 }
 
-static inline int unix_read(int  fd, void*  buff, int  len)
-{
+static inline int unix_read(int fd, void* buff, int len) {
     return TEMP_FAILURE_RETRY(read(fd, buff, len));
 }
 
-static inline int unix_write(int  fd, const void*  buff, int  len)
-{
+static inline int unix_write(int fd, const void* buff, int len) {
     return TEMP_FAILURE_RETRY(write(fd, buff, len));
 }
 
-static void init_empty_persist_data(struct crypt_persist_data *pdata, int len)
-{
+static void init_empty_persist_data(struct crypt_persist_data* pdata, int len) {
     memset(pdata, 0, len);
     pdata->persist_magic = PERSIST_DATA_MAGIC;
     pdata->persist_valid_entries = 0;
@@ -593,18 +571,17 @@
  * data, crypt_ftr is a pointer to the struct to be updated, and offset is the
  * absolute offset to the start of the crypt_mnt_ftr on the passed in fd.
  */
-static void upgrade_crypt_ftr(int fd, struct crypt_mnt_ftr *crypt_ftr, off64_t offset)
-{
+static void upgrade_crypt_ftr(int fd, struct crypt_mnt_ftr* crypt_ftr, off64_t offset) {
     int orig_major = crypt_ftr->major_version;
     int orig_minor = crypt_ftr->minor_version;
 
     if ((crypt_ftr->major_version == 1) && (crypt_ftr->minor_version == 0)) {
-        struct crypt_persist_data *pdata;
+        struct crypt_persist_data* pdata;
         off64_t pdata_offset = offset + CRYPT_FOOTER_TO_PERSIST_OFFSET;
 
         SLOGW("upgrading crypto footer to 1.1");
 
-        pdata = (crypt_persist_data *)malloc(CRYPT_PERSIST_DATA_SIZE);
+        pdata = (crypt_persist_data*)malloc(CRYPT_PERSIST_DATA_SIZE);
         if (pdata == NULL) {
             SLOGE("Cannot allocate persisent data\n");
             return;
@@ -657,91 +634,89 @@
     }
 }
 
+static int get_crypt_ftr_and_key(struct crypt_mnt_ftr* crypt_ftr) {
+    int fd;
+    unsigned int cnt;
+    off64_t starting_off;
+    int rc = -1;
+    char* fname = NULL;
+    struct stat statbuf;
 
-static int get_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
-{
-  int fd;
-  unsigned int cnt;
-  off64_t starting_off;
-  int rc = -1;
-  char *fname = NULL;
-  struct stat statbuf;
+    if (get_crypt_ftr_info(&fname, &starting_off)) {
+        SLOGE("Unable to get crypt_ftr_info\n");
+        return -1;
+    }
+    if (fname[0] != '/') {
+        SLOGE("Unexpected value for crypto key location\n");
+        return -1;
+    }
+    if ((fd = open(fname, O_RDWR | O_CLOEXEC)) < 0) {
+        SLOGE("Cannot open footer file %s for get\n", fname);
+        return -1;
+    }
 
-  if (get_crypt_ftr_info(&fname, &starting_off)) {
-    SLOGE("Unable to get crypt_ftr_info\n");
-    return -1;
-  }
-  if (fname[0] != '/') {
-    SLOGE("Unexpected value for crypto key location\n");
-    return -1;
-  }
-  if ( (fd = open(fname, O_RDWR|O_CLOEXEC)) < 0) {
-    SLOGE("Cannot open footer file %s for get\n", fname);
-    return -1;
-  }
+    /* Make sure it's 16 Kbytes in length */
+    fstat(fd, &statbuf);
+    if (S_ISREG(statbuf.st_mode) && (statbuf.st_size != 0x4000)) {
+        SLOGE("footer file %s is not the expected size!\n", fname);
+        goto errout;
+    }
 
-  /* Make sure it's 16 Kbytes in length */
-  fstat(fd, &statbuf);
-  if (S_ISREG(statbuf.st_mode) && (statbuf.st_size != 0x4000)) {
-    SLOGE("footer file %s is not the expected size!\n", fname);
-    goto errout;
-  }
+    /* Seek to the start of the crypt footer */
+    if (lseek64(fd, starting_off, SEEK_SET) == -1) {
+        SLOGE("Cannot seek to real block device footer\n");
+        goto errout;
+    }
 
-  /* Seek to the start of the crypt footer */
-  if (lseek64(fd, starting_off, SEEK_SET) == -1) {
-    SLOGE("Cannot seek to real block device footer\n");
-    goto errout;
-  }
+    if ((cnt = read(fd, crypt_ftr, sizeof(struct crypt_mnt_ftr))) != sizeof(struct crypt_mnt_ftr)) {
+        SLOGE("Cannot read real block device footer\n");
+        goto errout;
+    }
 
-  if ( (cnt = read(fd, crypt_ftr, sizeof(struct crypt_mnt_ftr))) != sizeof(struct crypt_mnt_ftr)) {
-    SLOGE("Cannot read real block device footer\n");
-    goto errout;
-  }
+    if (crypt_ftr->magic != CRYPT_MNT_MAGIC) {
+        SLOGE("Bad magic for real block device %s\n", fname);
+        goto errout;
+    }
 
-  if (crypt_ftr->magic != CRYPT_MNT_MAGIC) {
-    SLOGE("Bad magic for real block device %s\n", fname);
-    goto errout;
-  }
+    if (crypt_ftr->major_version != CURRENT_MAJOR_VERSION) {
+        SLOGE("Cannot understand major version %d real block device footer; expected %d\n",
+              crypt_ftr->major_version, CURRENT_MAJOR_VERSION);
+        goto errout;
+    }
 
-  if (crypt_ftr->major_version != CURRENT_MAJOR_VERSION) {
-    SLOGE("Cannot understand major version %d real block device footer; expected %d\n",
-          crypt_ftr->major_version, CURRENT_MAJOR_VERSION);
-    goto errout;
-  }
+    // We risk buffer overflows with oversized keys, so we just reject them.
+    // 0-sized keys are problematic (essentially by-passing encryption), and
+    // AES-CBC key wrapping only works for multiples of 16 bytes.
+    if ((crypt_ftr->keysize == 0) || ((crypt_ftr->keysize % 16) != 0) ||
+        (crypt_ftr->keysize > MAX_KEY_LEN)) {
+        SLOGE(
+            "Invalid keysize (%u) for block device %s; Must be non-zero, "
+            "divisible by 16, and <= %d\n",
+            crypt_ftr->keysize, fname, MAX_KEY_LEN);
+        goto errout;
+    }
 
-  // We risk buffer overflows with oversized keys, so we just reject them.
-  // 0-sized keys are problematic (essentially by-passing encryption), and
-  // AES-CBC key wrapping only works for multiples of 16 bytes.
-  if ((crypt_ftr->keysize == 0) || ((crypt_ftr->keysize % 16) != 0) ||
-      (crypt_ftr->keysize > MAX_KEY_LEN)) {
-    SLOGE("Invalid keysize (%u) for block device %s; Must be non-zero, "
-          "divisible by 16, and <= %d\n", crypt_ftr->keysize, fname,
-          MAX_KEY_LEN);
-    goto errout;
-  }
+    if (crypt_ftr->minor_version > CURRENT_MINOR_VERSION) {
+        SLOGW("Warning: crypto footer minor version %d, expected <= %d, continuing...\n",
+              crypt_ftr->minor_version, CURRENT_MINOR_VERSION);
+    }
 
-  if (crypt_ftr->minor_version > CURRENT_MINOR_VERSION) {
-    SLOGW("Warning: crypto footer minor version %d, expected <= %d, continuing...\n",
-          crypt_ftr->minor_version, CURRENT_MINOR_VERSION);
-  }
+    /* If this is a verion 1.0 crypt_ftr, make it a 1.1 crypt footer, and update the
+     * copy on disk before returning.
+     */
+    if (crypt_ftr->minor_version < CURRENT_MINOR_VERSION) {
+        upgrade_crypt_ftr(fd, crypt_ftr, starting_off);
+    }
 
-  /* If this is a verion 1.0 crypt_ftr, make it a 1.1 crypt footer, and update the
-   * copy on disk before returning.
-   */
-  if (crypt_ftr->minor_version < CURRENT_MINOR_VERSION) {
-    upgrade_crypt_ftr(fd, crypt_ftr, starting_off);
-  }
-
-  /* Success! */
-  rc = 0;
+    /* Success! */
+    rc = 0;
 
 errout:
-  close(fd);
-  return rc;
+    close(fd);
+    return rc;
 }
 
-static int validate_persistent_data_storage(struct crypt_mnt_ftr *crypt_ftr)
-{
+static int validate_persistent_data_storage(struct crypt_mnt_ftr* crypt_ftr) {
     if (crypt_ftr->persist_data_offset[0] + crypt_ftr->persist_data_size >
         crypt_ftr->persist_data_offset[1]) {
         SLOGE("Crypt_ftr persist data regions overlap");
@@ -754,7 +729,7 @@
     }
 
     if (((crypt_ftr->persist_data_offset[1] + crypt_ftr->persist_data_size) -
-        (crypt_ftr->persist_data_offset[0] - CRYPT_FOOTER_TO_PERSIST_OFFSET)) >
+         (crypt_ftr->persist_data_offset[0] - CRYPT_FOOTER_TO_PERSIST_OFFSET)) >
         CRYPT_FOOTER_OFFSET) {
         SLOGE("Persistent data extends past crypto footer");
         return -1;
@@ -763,12 +738,11 @@
     return 0;
 }
 
-static int load_persistent_data(void)
-{
+static int load_persistent_data(void) {
     struct crypt_mnt_ftr crypt_ftr;
-    struct crypt_persist_data *pdata = NULL;
+    struct crypt_persist_data* pdata = NULL;
     char encrypted_state[PROPERTY_VALUE_MAX];
-    char *fname;
+    char* fname;
     int found = 0;
     int fd;
     int ret;
@@ -779,10 +753,9 @@
         return 0;
     }
 
-
     /* If not encrypted, just allocate an empty table and initialize it */
     property_get("ro.crypto.state", encrypted_state, "");
-    if (strcmp(encrypted_state, "encrypted") ) {
+    if (strcmp(encrypted_state, "encrypted")) {
         pdata = (crypt_persist_data*)malloc(CRYPT_PERSIST_DATA_SIZE);
         if (pdata) {
             init_empty_persist_data(pdata, CRYPT_PERSIST_DATA_SIZE);
@@ -792,12 +765,12 @@
         return -1;
     }
 
-    if(get_crypt_ftr_and_key(&crypt_ftr)) {
+    if (get_crypt_ftr_and_key(&crypt_ftr)) {
         return -1;
     }
 
-    if ((crypt_ftr.major_version < 1)
-        || (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
+    if ((crypt_ftr.major_version < 1) ||
+        (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
         SLOGE("Crypt_ftr version doesn't support persistent data");
         return -1;
     }
@@ -811,7 +784,7 @@
         return -1;
     }
 
-    fd = open(fname, O_RDONLY|O_CLOEXEC);
+    fd = open(fname, O_RDONLY | O_CLOEXEC);
     if (fd < 0) {
         SLOGE("Cannot open %s metadata file", fname);
         return -1;
@@ -828,7 +801,7 @@
             SLOGE("Cannot seek to read persistent data on %s", fname);
             goto err2;
         }
-        if (unix_read(fd, pdata, crypt_ftr.persist_data_size) < 0){
+        if (unix_read(fd, pdata, crypt_ftr.persist_data_size) < 0) {
             SLOGE("Error reading persistent data on iteration %d", i);
             goto err2;
         }
@@ -856,11 +829,10 @@
     return -1;
 }
 
-static int save_persistent_data(void)
-{
+static int save_persistent_data(void) {
     struct crypt_mnt_ftr crypt_ftr;
-    struct crypt_persist_data *pdata;
-    char *fname;
+    struct crypt_persist_data* pdata;
+    char* fname;
     off64_t write_offset;
     off64_t erase_offset;
     int fd;
@@ -871,12 +843,12 @@
         return -1;
     }
 
-    if(get_crypt_ftr_and_key(&crypt_ftr)) {
+    if (get_crypt_ftr_and_key(&crypt_ftr)) {
         return -1;
     }
 
-    if ((crypt_ftr.major_version < 1)
-        || (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
+    if ((crypt_ftr.major_version < 1) ||
+        (crypt_ftr.major_version == 1 && crypt_ftr.minor_version < 1)) {
         SLOGE("Crypt_ftr version doesn't support persistent data");
         return -1;
     }
@@ -890,7 +862,7 @@
         return -1;
     }
 
-    fd = open(fname, O_RDWR|O_CLOEXEC);
+    fd = open(fname, O_RDWR | O_CLOEXEC);
     if (fd < 0) {
         SLOGE("Cannot open %s metadata file", fname);
         return -1;
@@ -908,20 +880,20 @@
     }
 
     if (unix_read(fd, pdata, crypt_ftr.persist_data_size) < 0) {
-            SLOGE("Error reading persistent data before save");
-            goto err2;
+        SLOGE("Error reading persistent data before save");
+        goto err2;
     }
 
     if (pdata->persist_magic == PERSIST_DATA_MAGIC) {
         /* The first copy is the curent valid copy, so write to
          * the second copy and erase this one */
-       write_offset = crypt_ftr.persist_data_offset[1];
-       erase_offset = crypt_ftr.persist_data_offset[0];
+        write_offset = crypt_ftr.persist_data_offset[1];
+        erase_offset = crypt_ftr.persist_data_offset[0];
     } else {
         /* The second copy must be the valid copy, so write to
          * the first copy, and erase the second */
-       write_offset = crypt_ftr.persist_data_offset[0];
-       erase_offset = crypt_ftr.persist_data_offset[1];
+        write_offset = crypt_ftr.persist_data_offset[0];
+        erase_offset = crypt_ftr.persist_data_offset[1];
     }
 
     /* Write the new copy first, if successful, then erase the old copy */
@@ -930,15 +902,14 @@
         goto err2;
     }
     if (unix_write(fd, persist_data, crypt_ftr.persist_data_size) ==
-        (int) crypt_ftr.persist_data_size) {
+        (int)crypt_ftr.persist_data_size) {
         if (lseek64(fd, erase_offset, SEEK_SET) < 0) {
             SLOGE("Cannot seek to erase previous persistent data");
             goto err2;
         }
         fsync(fd);
         memset(pdata, 0, crypt_ftr.persist_data_size);
-        if (unix_write(fd, pdata, crypt_ftr.persist_data_size) !=
-            (int) crypt_ftr.persist_data_size) {
+        if (unix_write(fd, pdata, crypt_ftr.persist_data_size) != (int)crypt_ftr.persist_data_size) {
             SLOGE("Cannot write to erase previous persistent data");
             goto err2;
         }
@@ -963,85 +934,82 @@
 /* Convert a binary key of specified length into an ascii hex string equivalent,
  * without the leading 0x and with null termination
  */
-static void convert_key_to_hex_ascii(const unsigned char *master_key,
-                                     unsigned int keysize, char *master_key_ascii) {
+static void convert_key_to_hex_ascii(const unsigned char* master_key, unsigned int keysize,
+                                     char* master_key_ascii) {
     unsigned int i, a;
     unsigned char nibble;
 
-    for (i=0, a=0; i<keysize; i++, a+=2) {
+    for (i = 0, a = 0; i < keysize; i++, a += 2) {
         /* For each byte, write out two ascii hex digits */
         nibble = (master_key[i] >> 4) & 0xf;
         master_key_ascii[a] = nibble + (nibble > 9 ? 0x37 : 0x30);
 
         nibble = master_key[i] & 0xf;
-        master_key_ascii[a+1] = nibble + (nibble > 9 ? 0x37 : 0x30);
+        master_key_ascii[a + 1] = nibble + (nibble > 9 ? 0x37 : 0x30);
     }
 
     /* Add the null termination */
     master_key_ascii[a] = '\0';
-
 }
 
-static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
-        const unsigned char *master_key, const char *real_blk_name,
-        const char *name, int fd, const char *extra_params) {
-  alignas(struct dm_ioctl) char buffer[DM_CRYPT_BUF_SIZE];
-  struct dm_ioctl *io;
-  struct dm_target_spec *tgt;
-  char *crypt_params;
-  // We need two ASCII characters to represent each byte, and need space for
-  // the '\0' terminator.
-  char master_key_ascii[MAX_KEY_LEN * 2 + 1];
-  size_t buff_offset;
-  int i;
+static int load_crypto_mapping_table(struct crypt_mnt_ftr* crypt_ftr,
+                                     const unsigned char* master_key, const char* real_blk_name,
+                                     const char* name, int fd, const char* extra_params) {
+    alignas(struct dm_ioctl) char buffer[DM_CRYPT_BUF_SIZE];
+    struct dm_ioctl* io;
+    struct dm_target_spec* tgt;
+    char* crypt_params;
+    // We need two ASCII characters to represent each byte, and need space for
+    // the '\0' terminator.
+    char master_key_ascii[MAX_KEY_LEN * 2 + 1];
+    size_t buff_offset;
+    int i;
 
-  io = (struct dm_ioctl *) buffer;
+    io = (struct dm_ioctl*)buffer;
 
-  /* Load the mapping table for this device */
-  tgt = (struct dm_target_spec *) &buffer[sizeof(struct dm_ioctl)];
+    /* Load the mapping table for this device */
+    tgt = (struct dm_target_spec*)&buffer[sizeof(struct dm_ioctl)];
 
-  ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
-  io->target_count = 1;
-  tgt->status = 0;
-  tgt->sector_start = 0;
-  tgt->length = crypt_ftr->fs_size;
-  strlcpy(tgt->target_type, "crypt", DM_MAX_TYPE_NAME);
+    ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
+    io->target_count = 1;
+    tgt->status = 0;
+    tgt->sector_start = 0;
+    tgt->length = crypt_ftr->fs_size;
+    strlcpy(tgt->target_type, "crypt", DM_MAX_TYPE_NAME);
 
-  crypt_params = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
-  convert_key_to_hex_ascii(master_key, crypt_ftr->keysize, master_key_ascii);
+    crypt_params = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
+    convert_key_to_hex_ascii(master_key, crypt_ftr->keysize, master_key_ascii);
 
-  buff_offset = crypt_params - buffer;
-  SLOGI("Extra parameters for dm_crypt: %s\n", extra_params);
-  snprintf(crypt_params, sizeof(buffer) - buff_offset, "%s %s 0 %s 0 %s",
-           crypt_ftr->crypto_type_name, master_key_ascii, real_blk_name,
-           extra_params);
-  crypt_params += strlen(crypt_params) + 1;
-  crypt_params = (char *) (((unsigned long)crypt_params + 7) & ~8); /* Align to an 8 byte boundary */
-  tgt->next = crypt_params - buffer;
+    buff_offset = crypt_params - buffer;
+    SLOGI("Extra parameters for dm_crypt: %s\n", extra_params);
+    snprintf(crypt_params, sizeof(buffer) - buff_offset, "%s %s 0 %s 0 %s",
+             crypt_ftr->crypto_type_name, master_key_ascii, real_blk_name, extra_params);
+    crypt_params += strlen(crypt_params) + 1;
+    crypt_params =
+        (char*)(((unsigned long)crypt_params + 7) & ~8); /* Align to an 8 byte boundary */
+    tgt->next = crypt_params - buffer;
 
-  for (i = 0; i < TABLE_LOAD_RETRIES; i++) {
-    if (! ioctl(fd, DM_TABLE_LOAD, io)) {
-      break;
+    for (i = 0; i < TABLE_LOAD_RETRIES; i++) {
+        if (!ioctl(fd, DM_TABLE_LOAD, io)) {
+            break;
+        }
+        usleep(500000);
     }
-    usleep(500000);
-  }
 
-  if (i == TABLE_LOAD_RETRIES) {
-    /* We failed to load the table, return an error */
-    return -1;
-  } else {
-    return i + 1;
-  }
+    if (i == TABLE_LOAD_RETRIES) {
+        /* We failed to load the table, return an error */
+        return -1;
+    } else {
+        return i + 1;
+    }
 }
 
-
-static int get_dm_crypt_version(int fd, const char *name,  int *version)
-{
+static int get_dm_crypt_version(int fd, const char* name, int* version) {
     char buffer[DM_CRYPT_BUF_SIZE];
-    struct dm_ioctl *io;
-    struct dm_target_versions *v;
+    struct dm_ioctl* io;
+    struct dm_target_versions* v;
 
-    io = (struct dm_ioctl *) buffer;
+    io = (struct dm_ioctl*)buffer;
 
     ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
 
@@ -1052,16 +1020,16 @@
     /* Iterate over the returned versions, looking for name of "crypt".
      * When found, get and return the version.
      */
-    v = (struct dm_target_versions *) &buffer[sizeof(struct dm_ioctl)];
+    v = (struct dm_target_versions*)&buffer[sizeof(struct dm_ioctl)];
     while (v->next) {
-        if (! strcmp(v->name, "crypt")) {
+        if (!strcmp(v->name, "crypt")) {
             /* We found the crypt driver, return the version, and get out */
             version[0] = v->version[0];
             version[1] = v->version[1];
             version[2] = v->version[2];
             return 0;
         }
-        v = (struct dm_target_versions *)(((char *)v) + v->next);
+        v = (struct dm_target_versions*)(((char*)v) + v->next);
     }
 
     return -1;
@@ -1143,87 +1111,78 @@
     retval = 0;
 
 errout:
-  close(fd);   /* If fd is <0 from a failed open call, it's safe to just ignore the close error */
+    close(fd); /* If fd is <0 from a failed open call, it's safe to just ignore the close error */
 
-  return retval;
+    return retval;
 }
 
-static int delete_crypto_blk_dev(const char *name)
-{
-  int fd;
-  char buffer[DM_CRYPT_BUF_SIZE];
-  struct dm_ioctl *io;
-  int retval = -1;
+static int delete_crypto_blk_dev(const char* name) {
+    int fd;
+    char buffer[DM_CRYPT_BUF_SIZE];
+    struct dm_ioctl* io;
+    int retval = -1;
 
-  if ((fd = open("/dev/device-mapper", O_RDWR|O_CLOEXEC)) < 0 ) {
-    SLOGE("Cannot open device-mapper\n");
-    goto errout;
-  }
+    if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
+        SLOGE("Cannot open device-mapper\n");
+        goto errout;
+    }
 
-  io = (struct dm_ioctl *) buffer;
+    io = (struct dm_ioctl*)buffer;
 
-  ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
-  if (ioctl(fd, DM_DEV_REMOVE, io)) {
-    SLOGE("Cannot remove dm-crypt device\n");
-    goto errout;
-  }
+    ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
+    if (ioctl(fd, DM_DEV_REMOVE, io)) {
+        SLOGE("Cannot remove dm-crypt device\n");
+        goto errout;
+    }
 
-  /* We made it here with no errors.  Woot! */
-  retval = 0;
+    /* We made it here with no errors.  Woot! */
+    retval = 0;
 
 errout:
-  close(fd);    /* If fd is <0 from a failed open call, it's safe to just ignore the close error */
+    close(fd); /* If fd is <0 from a failed open call, it's safe to just ignore the close error */
 
-  return retval;
-
+    return retval;
 }
 
-static int pbkdf2(const char *passwd, const unsigned char *salt,
-                  unsigned char *ikey, void *params UNUSED)
-{
+static int pbkdf2(const char* passwd, const unsigned char* salt, unsigned char* ikey,
+                  void* params UNUSED) {
     SLOGI("Using pbkdf2 for cryptfs KDF");
 
     /* Turn the password into a key and IV that can decrypt the master key */
-    return PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd), salt, SALT_LEN,
-                                  HASH_COUNT, INTERMEDIATE_BUF_SIZE,
-                                  ikey) != 1;
+    return PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd), salt, SALT_LEN, HASH_COUNT,
+                                  INTERMEDIATE_BUF_SIZE, ikey) != 1;
 }
 
-static int scrypt(const char *passwd, const unsigned char *salt,
-                  unsigned char *ikey, void *params)
-{
+static int scrypt(const char* passwd, const unsigned char* salt, unsigned char* ikey, void* params) {
     SLOGI("Using scrypt for cryptfs KDF");
 
-    struct crypt_mnt_ftr *ftr = (struct crypt_mnt_ftr *) params;
+    struct crypt_mnt_ftr* ftr = (struct crypt_mnt_ftr*)params;
 
     int N = 1 << ftr->N_factor;
     int r = 1 << ftr->r_factor;
     int p = 1 << ftr->p_factor;
 
     /* Turn the password into a key and IV that can decrypt the master key */
-    crypto_scrypt((const uint8_t*)passwd, strlen(passwd),
-                  salt, SALT_LEN, N, r, p, ikey,
+    crypto_scrypt((const uint8_t*)passwd, strlen(passwd), salt, SALT_LEN, N, r, p, ikey,
                   INTERMEDIATE_BUF_SIZE);
 
-   return 0;
+    return 0;
 }
 
-static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
-                            unsigned char *ikey, void *params)
-{
+static int scrypt_keymaster(const char* passwd, const unsigned char* salt, unsigned char* ikey,
+                            void* params) {
     SLOGI("Using scrypt with keymaster for cryptfs KDF");
 
     int rc;
     size_t signature_size;
     unsigned char* signature;
-    struct crypt_mnt_ftr *ftr = (struct crypt_mnt_ftr *) params;
+    struct crypt_mnt_ftr* ftr = (struct crypt_mnt_ftr*)params;
 
     int N = 1 << ftr->N_factor;
     int r = 1 << ftr->r_factor;
     int p = 1 << ftr->p_factor;
 
-    rc = crypto_scrypt((const uint8_t*)passwd, strlen(passwd),
-                       salt, SALT_LEN, N, r, p, ikey,
+    rc = crypto_scrypt((const uint8_t*)passwd, strlen(passwd), salt, SALT_LEN, N, r, p, ikey,
                        INTERMEDIATE_BUF_SIZE);
 
     if (rc) {
@@ -1231,14 +1190,13 @@
         return -1;
     }
 
-    if (keymaster_sign_object(ftr, ikey, INTERMEDIATE_BUF_SIZE,
-                              &signature, &signature_size)) {
+    if (keymaster_sign_object(ftr, ikey, INTERMEDIATE_BUF_SIZE, &signature, &signature_size)) {
         SLOGE("Signing failed");
         return -1;
     }
 
-    rc = crypto_scrypt(signature, signature_size, salt, SALT_LEN,
-                       N, r, p, ikey, INTERMEDIATE_BUF_SIZE);
+    rc = crypto_scrypt(signature, signature_size, salt, SALT_LEN, N, r, p, ikey,
+                       INTERMEDIATE_BUF_SIZE);
     free(signature);
 
     if (rc) {
@@ -1249,12 +1207,10 @@
     return 0;
 }
 
-static int encrypt_master_key(const char *passwd, const unsigned char *salt,
-                              const unsigned char *decrypted_master_key,
-                              unsigned char *encrypted_master_key,
-                              struct crypt_mnt_ftr *crypt_ftr)
-{
-    unsigned char ikey[INTERMEDIATE_BUF_SIZE] = { 0 };
+static int encrypt_master_key(const char* passwd, const unsigned char* salt,
+                              const unsigned char* decrypted_master_key,
+                              unsigned char* encrypted_master_key, struct crypt_mnt_ftr* crypt_ftr) {
+    unsigned char ikey[INTERMEDIATE_BUF_SIZE] = {0};
     EVP_CIPHER_CTX e_ctx;
     int encrypted_len, final_len;
     int rc = 0;
@@ -1263,46 +1219,46 @@
     get_device_scrypt_params(crypt_ftr);
 
     switch (crypt_ftr->kdf_type) {
-    case KDF_SCRYPT_KEYMASTER:
-        if (keymaster_create_key(crypt_ftr)) {
-            SLOGE("keymaster_create_key failed");
-            return -1;
-        }
+        case KDF_SCRYPT_KEYMASTER:
+            if (keymaster_create_key(crypt_ftr)) {
+                SLOGE("keymaster_create_key failed");
+                return -1;
+            }
 
-        if (scrypt_keymaster(passwd, salt, ikey, crypt_ftr)) {
-            SLOGE("scrypt failed");
-            return -1;
-        }
-        break;
+            if (scrypt_keymaster(passwd, salt, ikey, crypt_ftr)) {
+                SLOGE("scrypt failed");
+                return -1;
+            }
+            break;
 
-    case KDF_SCRYPT:
-        if (scrypt(passwd, salt, ikey, crypt_ftr)) {
-            SLOGE("scrypt failed");
-            return -1;
-        }
-        break;
+        case KDF_SCRYPT:
+            if (scrypt(passwd, salt, ikey, crypt_ftr)) {
+                SLOGE("scrypt failed");
+                return -1;
+            }
+            break;
 
-    default:
-        SLOGE("Invalid kdf_type");
-        return -1;
+        default:
+            SLOGE("Invalid kdf_type");
+            return -1;
     }
 
     /* Initialize the decryption engine */
     EVP_CIPHER_CTX_init(&e_ctx);
-    if (! EVP_EncryptInit_ex(&e_ctx, EVP_aes_128_cbc(), NULL, ikey,
-                             ikey+INTERMEDIATE_KEY_LEN_BYTES)) {
+    if (!EVP_EncryptInit_ex(&e_ctx, EVP_aes_128_cbc(), NULL, ikey,
+                            ikey + INTERMEDIATE_KEY_LEN_BYTES)) {
         SLOGE("EVP_EncryptInit failed\n");
         return -1;
     }
     EVP_CIPHER_CTX_set_padding(&e_ctx, 0); /* Turn off padding as our data is block aligned */
 
     /* Encrypt the master key */
-    if (! EVP_EncryptUpdate(&e_ctx, encrypted_master_key, &encrypted_len,
-                            decrypted_master_key, crypt_ftr->keysize)) {
+    if (!EVP_EncryptUpdate(&e_ctx, encrypted_master_key, &encrypted_len, decrypted_master_key,
+                           crypt_ftr->keysize)) {
         SLOGE("EVP_EncryptUpdate failed\n");
         return -1;
     }
-    if (! EVP_EncryptFinal_ex(&e_ctx, encrypted_master_key + encrypted_len, &final_len)) {
+    if (!EVP_EncryptFinal_ex(&e_ctx, encrypted_master_key + encrypted_len, &final_len)) {
         SLOGE("EVP_EncryptFinal failed\n");
         return -1;
     }
@@ -1321,13 +1277,12 @@
     int r = 1 << crypt_ftr->r_factor;
     int p = 1 << crypt_ftr->p_factor;
 
-    rc = crypto_scrypt(ikey, INTERMEDIATE_KEY_LEN_BYTES,
-                       crypt_ftr->salt, sizeof(crypt_ftr->salt), N, r, p,
-                       crypt_ftr->scrypted_intermediate_key,
+    rc = crypto_scrypt(ikey, INTERMEDIATE_KEY_LEN_BYTES, crypt_ftr->salt, sizeof(crypt_ftr->salt),
+                       N, r, p, crypt_ftr->scrypted_intermediate_key,
                        sizeof(crypt_ftr->scrypted_intermediate_key));
 
     if (rc) {
-      SLOGE("encrypt_master_key: crypto_scrypt failed");
+        SLOGE("encrypt_master_key: crypto_scrypt failed");
     }
 
     EVP_CIPHER_CTX_cleanup(&e_ctx);
@@ -1335,60 +1290,57 @@
     return 0;
 }
 
-static int decrypt_master_key_aux(const char *passwd, unsigned char *salt,
-                                  const unsigned char *encrypted_master_key,
-                                  size_t keysize,
-                                  unsigned char *decrypted_master_key,
-                                  kdf_func kdf, void *kdf_params,
-                                  unsigned char** intermediate_key,
-                                  size_t* intermediate_key_size)
-{
-  unsigned char ikey[INTERMEDIATE_BUF_SIZE] = { 0 };
-  EVP_CIPHER_CTX d_ctx;
-  int decrypted_len, final_len;
+static int decrypt_master_key_aux(const char* passwd, unsigned char* salt,
+                                  const unsigned char* encrypted_master_key, size_t keysize,
+                                  unsigned char* decrypted_master_key, kdf_func kdf,
+                                  void* kdf_params, unsigned char** intermediate_key,
+                                  size_t* intermediate_key_size) {
+    unsigned char ikey[INTERMEDIATE_BUF_SIZE] = {0};
+    EVP_CIPHER_CTX d_ctx;
+    int decrypted_len, final_len;
 
-  /* Turn the password into an intermediate key and IV that can decrypt the
-     master key */
-  if (kdf(passwd, salt, ikey, kdf_params)) {
-    SLOGE("kdf failed");
-    return -1;
-  }
-
-  /* Initialize the decryption engine */
-  EVP_CIPHER_CTX_init(&d_ctx);
-  if (! EVP_DecryptInit_ex(&d_ctx, EVP_aes_128_cbc(), NULL, ikey, ikey+INTERMEDIATE_KEY_LEN_BYTES)) {
-    return -1;
-  }
-  EVP_CIPHER_CTX_set_padding(&d_ctx, 0); /* Turn off padding as our data is block aligned */
-  /* Decrypt the master key */
-  if (! EVP_DecryptUpdate(&d_ctx, decrypted_master_key, &decrypted_len,
-                            encrypted_master_key, keysize)) {
-    return -1;
-  }
-  if (! EVP_DecryptFinal_ex(&d_ctx, decrypted_master_key + decrypted_len, &final_len)) {
-    return -1;
-  }
-
-  if (decrypted_len + final_len != static_cast<int>(keysize)) {
-    return -1;
-  }
-
-  /* Copy intermediate key if needed by params */
-  if (intermediate_key && intermediate_key_size) {
-    *intermediate_key = (unsigned char*) malloc(INTERMEDIATE_KEY_LEN_BYTES);
-    if (*intermediate_key) {
-      memcpy(*intermediate_key, ikey, INTERMEDIATE_KEY_LEN_BYTES);
-      *intermediate_key_size = INTERMEDIATE_KEY_LEN_BYTES;
+    /* Turn the password into an intermediate key and IV that can decrypt the
+       master key */
+    if (kdf(passwd, salt, ikey, kdf_params)) {
+        SLOGE("kdf failed");
+        return -1;
     }
-  }
 
-  EVP_CIPHER_CTX_cleanup(&d_ctx);
+    /* Initialize the decryption engine */
+    EVP_CIPHER_CTX_init(&d_ctx);
+    if (!EVP_DecryptInit_ex(&d_ctx, EVP_aes_128_cbc(), NULL, ikey,
+                            ikey + INTERMEDIATE_KEY_LEN_BYTES)) {
+        return -1;
+    }
+    EVP_CIPHER_CTX_set_padding(&d_ctx, 0); /* Turn off padding as our data is block aligned */
+    /* Decrypt the master key */
+    if (!EVP_DecryptUpdate(&d_ctx, decrypted_master_key, &decrypted_len, encrypted_master_key,
+                           keysize)) {
+        return -1;
+    }
+    if (!EVP_DecryptFinal_ex(&d_ctx, decrypted_master_key + decrypted_len, &final_len)) {
+        return -1;
+    }
 
-  return 0;
+    if (decrypted_len + final_len != static_cast<int>(keysize)) {
+        return -1;
+    }
+
+    /* Copy intermediate key if needed by params */
+    if (intermediate_key && intermediate_key_size) {
+        *intermediate_key = (unsigned char*)malloc(INTERMEDIATE_KEY_LEN_BYTES);
+        if (*intermediate_key) {
+            memcpy(*intermediate_key, ikey, INTERMEDIATE_KEY_LEN_BYTES);
+            *intermediate_key_size = INTERMEDIATE_KEY_LEN_BYTES;
+        }
+    }
+
+    EVP_CIPHER_CTX_cleanup(&d_ctx);
+
+    return 0;
 }
 
-static void get_kdf_func(struct crypt_mnt_ftr *ftr, kdf_func *kdf, void** kdf_params)
-{
+static void get_kdf_func(struct crypt_mnt_ftr* ftr, kdf_func* kdf, void** kdf_params) {
     if (ftr->kdf_type == KDF_SCRYPT_KEYMASTER) {
         *kdf = scrypt_keymaster;
         *kdf_params = ftr;
@@ -1401,20 +1353,17 @@
     }
 }
 
-static int decrypt_master_key(const char *passwd, unsigned char *decrypted_master_key,
-                              struct crypt_mnt_ftr *crypt_ftr,
-                              unsigned char** intermediate_key,
-                              size_t* intermediate_key_size)
-{
+static int decrypt_master_key(const char* passwd, unsigned char* decrypted_master_key,
+                              struct crypt_mnt_ftr* crypt_ftr, unsigned char** intermediate_key,
+                              size_t* intermediate_key_size) {
     kdf_func kdf;
-    void *kdf_params;
+    void* kdf_params;
     int ret;
 
     get_kdf_func(crypt_ftr, &kdf, &kdf_params);
-    ret = decrypt_master_key_aux(passwd, crypt_ftr->salt, crypt_ftr->master_key,
-                                 crypt_ftr->keysize,
-                                 decrypted_master_key, kdf, kdf_params,
-                                 intermediate_key, intermediate_key_size);
+    ret = decrypt_master_key_aux(passwd, crypt_ftr->salt, crypt_ftr->master_key, crypt_ftr->keysize,
+                                 decrypted_master_key, kdf, kdf_params, intermediate_key,
+                                 intermediate_key_size);
     if (ret != 0) {
         SLOGW("failure decrypting master key");
     }
@@ -1422,13 +1371,13 @@
     return ret;
 }
 
-static int create_encrypted_random_key(const char *passwd, unsigned char *master_key, unsigned char *salt,
-        struct crypt_mnt_ftr *crypt_ftr) {
+static int create_encrypted_random_key(const char* passwd, unsigned char* master_key,
+                                       unsigned char* salt, struct crypt_mnt_ftr* crypt_ftr) {
     int fd;
     unsigned char key_buf[MAX_KEY_LEN];
 
     /* Get some random bits for a key */
-    fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC);
+    fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
     read(fd, key_buf, sizeof(key_buf));
     read(fd, salt, SALT_LEN);
     close(fd);
@@ -1437,13 +1386,12 @@
     return encrypt_master_key(passwd, salt, key_buf, master_key, crypt_ftr);
 }
 
-int wait_and_unmount(const char *mountpoint, bool kill)
-{
+int wait_and_unmount(const char* mountpoint, bool kill) {
     int i, err, rc;
 #define WAIT_UNMOUNT_COUNT 20
 
     /*  Now umount the tmpfs filesystem */
-    for (i=0; i<WAIT_UNMOUNT_COUNT; i++) {
+    for (i = 0; i < WAIT_UNMOUNT_COUNT; i++) {
         if (umount(mountpoint) == 0) {
             break;
         }
@@ -1472,19 +1420,18 @@
     }
 
     if (i < WAIT_UNMOUNT_COUNT) {
-      SLOGD("unmounting %s succeeded\n", mountpoint);
-      rc = 0;
+        SLOGD("unmounting %s succeeded\n", mountpoint);
+        rc = 0;
     } else {
-      android::vold::KillProcessesWithOpenFiles(mountpoint, 0);
-      SLOGE("unmounting %s failed: %s\n", mountpoint, strerror(err));
-      rc = -1;
+        android::vold::KillProcessesWithOpenFiles(mountpoint, 0);
+        SLOGE("unmounting %s failed: %s\n", mountpoint, strerror(err));
+        rc = -1;
     }
 
     return rc;
 }
 
-static void prep_data_fs(void)
-{
+static void prep_data_fs(void) {
     // NOTE: post_fs_data results in init calling back around to vold, so all
     // callers to this method must be async
 
@@ -1494,17 +1441,14 @@
     SLOGD("Just triggered post_fs_data");
 
     /* Wait a max of 50 seconds, hopefully it takes much less */
-    while (!android::base::WaitForProperty("vold.post_fs_data_done",
-                                        "1",
-                                        std::chrono::seconds(15))) {
+    while (!android::base::WaitForProperty("vold.post_fs_data_done", "1", std::chrono::seconds(15))) {
         /* We timed out to prep /data in time.  Continue wait. */
         SLOGE("waited 15s for vold.post_fs_data_done, still waiting...");
     }
     SLOGD("post_fs_data done");
 }
 
-static void cryptfs_set_corrupt()
-{
+static void cryptfs_set_corrupt() {
     // Mark the footer as bad
     struct crypt_mnt_ftr crypt_ftr;
     if (get_crypt_ftr_and_key(&crypt_ftr)) {
@@ -1519,11 +1463,10 @@
     }
 }
 
-static void cryptfs_trigger_restart_min_framework()
-{
+static void cryptfs_trigger_restart_min_framework() {
     if (fs_mgr_do_tmpfs_mount(DATA_MNT_POINT)) {
-      SLOGE("Failed to mount tmpfs on data - panic");
-      return;
+        SLOGE("Failed to mount tmpfs on data - panic");
+        return;
     }
 
     if (property_set("vold.decrypt", "trigger_post_fs_data")) {
@@ -1538,14 +1481,13 @@
 }
 
 /* returns < 0 on failure */
-static int cryptfs_restart_internal(int restart_main)
-{
+static int cryptfs_restart_internal(int restart_main) {
     char crypto_blkdev[MAXPATHLEN];
     int rc = -1;
     static int restart_successful = 0;
 
     /* Validate that it's OK to call this routine */
-    if (! master_key_saved) {
+    if (!master_key_saved) {
         SLOGE("Encrypted filesystem not validated, aborting");
         return -1;
     }
@@ -1594,7 +1536,7 @@
         return -1;
     }
 
-    if (! (rc = wait_and_unmount(DATA_MNT_POINT, true)) ) {
+    if (!(rc = wait_and_unmount(DATA_MNT_POINT, true))) {
         /* If ro.crypto.readonly is set to 1, mount the decrypted
          * filesystem readonly.  This is used when /data is mounted by
          * recovery mode.
@@ -1616,19 +1558,16 @@
          * fs_mgr_do_mount runs fsck. Use setexeccon to run trusted
          * partitions in the fsck domain.
          */
-        if (setexeccon(secontextFsck())){
+        if (setexeccon(secontextFsck())) {
             SLOGE("Failed to setexeccon");
             return -1;
         }
-        while ((mount_rc = fs_mgr_do_mount(fstab_default, DATA_MNT_POINT,
-                                           crypto_blkdev, 0))
-               != 0) {
+        while ((mount_rc = fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, 0)) != 0) {
             if (mount_rc == FS_MGR_DOMNT_BUSY) {
                 /* TODO: invoke something similar to
                    Process::killProcessWithOpenFiles(DATA_MNT_POINT,
                                    retries > RETRY_MOUNT_ATTEMPT/2 ? 1 : 2 ) */
-                SLOGI("Failed to mount %s because it is busy - waiting",
-                      crypto_blkdev);
+                SLOGI("Failed to mount %s because it is busy - waiting", crypto_blkdev);
                 if (--retries) {
                     sleep(RETRY_MOUNT_DELAY_SECONDS);
                 } else {
@@ -1671,8 +1610,7 @@
     return rc;
 }
 
-int cryptfs_restart(void)
-{
+int cryptfs_restart(void) {
     SLOGI("cryptfs_restart");
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_restart not valid for file encryption:");
@@ -1683,193 +1621,189 @@
     return cryptfs_restart_internal(1);
 }
 
-static int do_crypto_complete(const char *mount_point)
-{
-  struct crypt_mnt_ftr crypt_ftr;
-  char encrypted_state[PROPERTY_VALUE_MAX];
-  char key_loc[PROPERTY_VALUE_MAX];
+static int do_crypto_complete(const char* mount_point) {
+    struct crypt_mnt_ftr crypt_ftr;
+    char encrypted_state[PROPERTY_VALUE_MAX];
+    char key_loc[PROPERTY_VALUE_MAX];
 
-  property_get("ro.crypto.state", encrypted_state, "");
-  if (strcmp(encrypted_state, "encrypted") ) {
-    SLOGE("not running with encryption, aborting");
-    return CRYPTO_COMPLETE_NOT_ENCRYPTED;
-  }
-
-  // crypto_complete is full disk encrypted status
-  if (e4crypt_is_native()) {
-    return CRYPTO_COMPLETE_NOT_ENCRYPTED;
-  }
-
-  if (get_crypt_ftr_and_key(&crypt_ftr)) {
-    fs_mgr_get_crypt_info(fstab_default, key_loc, 0, sizeof(key_loc));
-
-    /*
-     * Only report this error if key_loc is a file and it exists.
-     * If the device was never encrypted, and /data is not mountable for
-     * some reason, returning 1 should prevent the UI from presenting the
-     * a "enter password" screen, or worse, a "press button to wipe the
-     * device" screen.
-     */
-    if ((key_loc[0] == '/') && (access("key_loc", F_OK) == -1)) {
-      SLOGE("master key file does not exist, aborting");
-      return CRYPTO_COMPLETE_NOT_ENCRYPTED;
-    } else {
-      SLOGE("Error getting crypt footer and key\n");
-      return CRYPTO_COMPLETE_BAD_METADATA;
+    property_get("ro.crypto.state", encrypted_state, "");
+    if (strcmp(encrypted_state, "encrypted")) {
+        SLOGE("not running with encryption, aborting");
+        return CRYPTO_COMPLETE_NOT_ENCRYPTED;
     }
-  }
 
-  // Test for possible error flags
-  if (crypt_ftr.flags & CRYPT_ENCRYPTION_IN_PROGRESS){
-    SLOGE("Encryption process is partway completed\n");
-    return CRYPTO_COMPLETE_PARTIAL;
-  }
+    // crypto_complete is full disk encrypted status
+    if (e4crypt_is_native()) {
+        return CRYPTO_COMPLETE_NOT_ENCRYPTED;
+    }
 
-  if (crypt_ftr.flags & CRYPT_INCONSISTENT_STATE){
-    SLOGE("Encryption process was interrupted but cannot continue\n");
-    return CRYPTO_COMPLETE_INCONSISTENT;
-  }
+    if (get_crypt_ftr_and_key(&crypt_ftr)) {
+        fs_mgr_get_crypt_info(fstab_default, key_loc, 0, sizeof(key_loc));
 
-  if (crypt_ftr.flags & CRYPT_DATA_CORRUPT){
-    SLOGE("Encryption is successful but data is corrupt\n");
-    return CRYPTO_COMPLETE_CORRUPT;
-  }
+        /*
+         * Only report this error if key_loc is a file and it exists.
+         * If the device was never encrypted, and /data is not mountable for
+         * some reason, returning 1 should prevent the UI from presenting the
+         * a "enter password" screen, or worse, a "press button to wipe the
+         * device" screen.
+         */
+        if ((key_loc[0] == '/') && (access("key_loc", F_OK) == -1)) {
+            SLOGE("master key file does not exist, aborting");
+            return CRYPTO_COMPLETE_NOT_ENCRYPTED;
+        } else {
+            SLOGE("Error getting crypt footer and key\n");
+            return CRYPTO_COMPLETE_BAD_METADATA;
+        }
+    }
 
-  /* We passed the test! We shall diminish, and return to the west */
-  return CRYPTO_COMPLETE_ENCRYPTED;
+    // Test for possible error flags
+    if (crypt_ftr.flags & CRYPT_ENCRYPTION_IN_PROGRESS) {
+        SLOGE("Encryption process is partway completed\n");
+        return CRYPTO_COMPLETE_PARTIAL;
+    }
+
+    if (crypt_ftr.flags & CRYPT_INCONSISTENT_STATE) {
+        SLOGE("Encryption process was interrupted but cannot continue\n");
+        return CRYPTO_COMPLETE_INCONSISTENT;
+    }
+
+    if (crypt_ftr.flags & CRYPT_DATA_CORRUPT) {
+        SLOGE("Encryption is successful but data is corrupt\n");
+        return CRYPTO_COMPLETE_CORRUPT;
+    }
+
+    /* We passed the test! We shall diminish, and return to the west */
+    return CRYPTO_COMPLETE_ENCRYPTED;
 }
 
-static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
-                                   const char *passwd, const char *mount_point, const char *label)
-{
-  unsigned char decrypted_master_key[MAX_KEY_LEN];
-  char crypto_blkdev[MAXPATHLEN];
-  char real_blkdev[MAXPATHLEN];
-  char tmp_mount_point[64];
-  unsigned int orig_failed_decrypt_count;
-  int rc;
-  int use_keymaster = 0;
-  int upgrade = 0;
-  unsigned char* intermediate_key = 0;
-  size_t intermediate_key_size = 0;
-  int N = 1 << crypt_ftr->N_factor;
-  int r = 1 << crypt_ftr->r_factor;
-  int p = 1 << crypt_ftr->p_factor;
+static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr, const char* passwd,
+                                   const char* mount_point, const char* label) {
+    unsigned char decrypted_master_key[MAX_KEY_LEN];
+    char crypto_blkdev[MAXPATHLEN];
+    char real_blkdev[MAXPATHLEN];
+    char tmp_mount_point[64];
+    unsigned int orig_failed_decrypt_count;
+    int rc;
+    int use_keymaster = 0;
+    int upgrade = 0;
+    unsigned char* intermediate_key = 0;
+    size_t intermediate_key_size = 0;
+    int N = 1 << crypt_ftr->N_factor;
+    int r = 1 << crypt_ftr->r_factor;
+    int p = 1 << crypt_ftr->p_factor;
 
-  SLOGD("crypt_ftr->fs_size = %lld\n", crypt_ftr->fs_size);
-  orig_failed_decrypt_count = crypt_ftr->failed_decrypt_count;
+    SLOGD("crypt_ftr->fs_size = %lld\n", crypt_ftr->fs_size);
+    orig_failed_decrypt_count = crypt_ftr->failed_decrypt_count;
 
-  if (! (crypt_ftr->flags & CRYPT_MNT_KEY_UNENCRYPTED) ) {
-    if (decrypt_master_key(passwd, decrypted_master_key, crypt_ftr,
-                           &intermediate_key, &intermediate_key_size)) {
-      SLOGE("Failed to decrypt master key\n");
-      rc = -1;
-      goto errout;
+    if (!(crypt_ftr->flags & CRYPT_MNT_KEY_UNENCRYPTED)) {
+        if (decrypt_master_key(passwd, decrypted_master_key, crypt_ftr, &intermediate_key,
+                               &intermediate_key_size)) {
+            SLOGE("Failed to decrypt master key\n");
+            rc = -1;
+            goto errout;
+        }
     }
-  }
 
-  fs_mgr_get_crypt_info(fstab_default, 0, real_blkdev, sizeof(real_blkdev));
+    fs_mgr_get_crypt_info(fstab_default, 0, real_blkdev, sizeof(real_blkdev));
 
-  // Create crypto block device - all (non fatal) code paths
-  // need it
-  if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key, real_blkdev, crypto_blkdev, label, 0)) {
-      SLOGE("Error creating decrypted block device\n");
-      rc = -1;
-      goto errout;
-  }
+    // Create crypto block device - all (non fatal) code paths
+    // need it
+    if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key, real_blkdev, crypto_blkdev, label,
+                              0)) {
+        SLOGE("Error creating decrypted block device\n");
+        rc = -1;
+        goto errout;
+    }
 
-  /* Work out if the problem is the password or the data */
-  unsigned char scrypted_intermediate_key[sizeof(crypt_ftr->
-                                                 scrypted_intermediate_key)];
+    /* Work out if the problem is the password or the data */
+    unsigned char scrypted_intermediate_key[sizeof(crypt_ftr->scrypted_intermediate_key)];
 
-  rc = crypto_scrypt(intermediate_key, intermediate_key_size,
-                     crypt_ftr->salt, sizeof(crypt_ftr->salt),
-                     N, r, p, scrypted_intermediate_key,
-                     sizeof(scrypted_intermediate_key));
+    rc = crypto_scrypt(intermediate_key, intermediate_key_size, crypt_ftr->salt,
+                       sizeof(crypt_ftr->salt), N, r, p, scrypted_intermediate_key,
+                       sizeof(scrypted_intermediate_key));
 
-  // Does the key match the crypto footer?
-  if (rc == 0 && memcmp(scrypted_intermediate_key,
-                        crypt_ftr->scrypted_intermediate_key,
-                        sizeof(scrypted_intermediate_key)) == 0) {
-    SLOGI("Password matches");
-    rc = 0;
-  } else {
-    /* Try mounting the file system anyway, just in case the problem's with
-     * the footer, not the key. */
-    snprintf(tmp_mount_point, sizeof(tmp_mount_point), "%s/tmp_mnt",
-             mount_point);
-    mkdir(tmp_mount_point, 0755);
-    if (fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, tmp_mount_point)) {
-      SLOGE("Error temp mounting decrypted block device\n");
-      delete_crypto_blk_dev(label);
-
-      rc = ++crypt_ftr->failed_decrypt_count;
-      put_crypt_ftr_and_key(crypt_ftr);
+    // Does the key match the crypto footer?
+    if (rc == 0 && memcmp(scrypted_intermediate_key, crypt_ftr->scrypted_intermediate_key,
+                          sizeof(scrypted_intermediate_key)) == 0) {
+        SLOGI("Password matches");
+        rc = 0;
     } else {
-      /* Success! */
-      SLOGI("Password did not match but decrypted drive mounted - continue");
-      umount(tmp_mount_point);
-      rc = 0;
-    }
-  }
+        /* Try mounting the file system anyway, just in case the problem's with
+         * the footer, not the key. */
+        snprintf(tmp_mount_point, sizeof(tmp_mount_point), "%s/tmp_mnt", mount_point);
+        mkdir(tmp_mount_point, 0755);
+        if (fs_mgr_do_mount(fstab_default, DATA_MNT_POINT, crypto_blkdev, tmp_mount_point)) {
+            SLOGE("Error temp mounting decrypted block device\n");
+            delete_crypto_blk_dev(label);
 
-  if (rc == 0) {
-    crypt_ftr->failed_decrypt_count = 0;
-    if (orig_failed_decrypt_count != 0) {
-      put_crypt_ftr_and_key(crypt_ftr);
-    }
-
-    /* Save the name of the crypto block device
-     * so we can mount it when restarting the framework. */
-    property_set("ro.crypto.fs_crypto_blkdev", crypto_blkdev);
-
-    /* Also save a the master key so we can reencrypted the key
-     * the key when we want to change the password on it. */
-    memcpy(saved_master_key, decrypted_master_key, crypt_ftr->keysize);
-    saved_mount_point = strdup(mount_point);
-    master_key_saved = 1;
-    SLOGD("%s(): Master key saved\n", __FUNCTION__);
-    rc = 0;
-
-    // Upgrade if we're not using the latest KDF.
-    use_keymaster = keymaster_check_compatibility();
-    if (crypt_ftr->kdf_type == KDF_SCRYPT_KEYMASTER) {
-        // Don't allow downgrade
-    } else if (use_keymaster == 1 && crypt_ftr->kdf_type != KDF_SCRYPT_KEYMASTER) {
-        crypt_ftr->kdf_type = KDF_SCRYPT_KEYMASTER;
-        upgrade = 1;
-    } else if (use_keymaster == 0 && crypt_ftr->kdf_type != KDF_SCRYPT) {
-        crypt_ftr->kdf_type = KDF_SCRYPT;
-        upgrade = 1;
-    }
-
-    if (upgrade) {
-        rc = encrypt_master_key(passwd, crypt_ftr->salt, saved_master_key,
-                                crypt_ftr->master_key, crypt_ftr);
-        if (!rc) {
-            rc = put_crypt_ftr_and_key(crypt_ftr);
-        }
-        SLOGD("Key Derivation Function upgrade: rc=%d\n", rc);
-
-        // Do not fail even if upgrade failed - machine is bootable
-        // Note that if this code is ever hit, there is a *serious* problem
-        // since KDFs should never fail. You *must* fix the kdf before
-        // proceeding!
-        if (rc) {
-          SLOGW("Upgrade failed with error %d,"
-                " but continuing with previous state",
-                rc);
-          rc = 0;
+            rc = ++crypt_ftr->failed_decrypt_count;
+            put_crypt_ftr_and_key(crypt_ftr);
+        } else {
+            /* Success! */
+            SLOGI("Password did not match but decrypted drive mounted - continue");
+            umount(tmp_mount_point);
+            rc = 0;
         }
     }
-  }
 
- errout:
-  if (intermediate_key) {
-    memset(intermediate_key, 0, intermediate_key_size);
-    free(intermediate_key);
-  }
-  return rc;
+    if (rc == 0) {
+        crypt_ftr->failed_decrypt_count = 0;
+        if (orig_failed_decrypt_count != 0) {
+            put_crypt_ftr_and_key(crypt_ftr);
+        }
+
+        /* Save the name of the crypto block device
+         * so we can mount it when restarting the framework. */
+        property_set("ro.crypto.fs_crypto_blkdev", crypto_blkdev);
+
+        /* Also save a the master key so we can reencrypted the key
+         * the key when we want to change the password on it. */
+        memcpy(saved_master_key, decrypted_master_key, crypt_ftr->keysize);
+        saved_mount_point = strdup(mount_point);
+        master_key_saved = 1;
+        SLOGD("%s(): Master key saved\n", __FUNCTION__);
+        rc = 0;
+
+        // Upgrade if we're not using the latest KDF.
+        use_keymaster = keymaster_check_compatibility();
+        if (crypt_ftr->kdf_type == KDF_SCRYPT_KEYMASTER) {
+            // Don't allow downgrade
+        } else if (use_keymaster == 1 && crypt_ftr->kdf_type != KDF_SCRYPT_KEYMASTER) {
+            crypt_ftr->kdf_type = KDF_SCRYPT_KEYMASTER;
+            upgrade = 1;
+        } else if (use_keymaster == 0 && crypt_ftr->kdf_type != KDF_SCRYPT) {
+            crypt_ftr->kdf_type = KDF_SCRYPT;
+            upgrade = 1;
+        }
+
+        if (upgrade) {
+            rc = encrypt_master_key(passwd, crypt_ftr->salt, saved_master_key,
+                                    crypt_ftr->master_key, crypt_ftr);
+            if (!rc) {
+                rc = put_crypt_ftr_and_key(crypt_ftr);
+            }
+            SLOGD("Key Derivation Function upgrade: rc=%d\n", rc);
+
+            // Do not fail even if upgrade failed - machine is bootable
+            // Note that if this code is ever hit, there is a *serious* problem
+            // since KDFs should never fail. You *must* fix the kdf before
+            // proceeding!
+            if (rc) {
+                SLOGW(
+                    "Upgrade failed with error %d,"
+                    " but continuing with previous state",
+                    rc);
+                rc = 0;
+            }
+        }
+    }
+
+errout:
+    if (intermediate_key) {
+        memset(intermediate_key, 0, intermediate_key_size);
+        free(intermediate_key);
+    }
+    return rc;
 }
 
 /*
@@ -1880,9 +1814,9 @@
  *
  * out_crypto_blkdev must be MAXPATHLEN.
  */
-int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
-        const unsigned char* key, char* out_crypto_blkdev) {
-    int fd = open(real_blkdev, O_RDONLY|O_CLOEXEC);
+int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, const unsigned char* key,
+                             char* out_crypto_blkdev) {
+    int fd = open(real_blkdev, O_RDONLY | O_CLOEXEC);
     if (fd == -1) {
         SLOGE("Failed to open %s: %s", real_blkdev, strerror(errno));
         return -1;
@@ -1901,7 +1835,7 @@
     memset(&ext_crypt_ftr, 0, sizeof(ext_crypt_ftr));
     ext_crypt_ftr.fs_size = nr_sec;
     ext_crypt_ftr.keysize = cryptfs_get_keysize();
-    strlcpy((char*) ext_crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(),
+    strlcpy((char*)ext_crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(),
             MAX_CRYPTO_TYPE_NAME_LEN);
     uint32_t flags = 0;
     if (e4crypt_is_native() &&
@@ -1916,21 +1850,20 @@
  * storage volume.
  */
 int cryptfs_revert_ext_volume(const char* label) {
-    return delete_crypto_blk_dev((char*) label);
+    return delete_crypto_blk_dev((char*)label);
 }
 
-int cryptfs_crypto_complete(void)
-{
-  return do_crypto_complete("/data");
+int cryptfs_crypto_complete(void) {
+    return do_crypto_complete("/data");
 }
 
-int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr)
-{
+int check_unmounted_and_get_ftr(struct crypt_mnt_ftr* crypt_ftr) {
     char encrypted_state[PROPERTY_VALUE_MAX];
     property_get("ro.crypto.state", encrypted_state, "");
-    if ( master_key_saved || strcmp(encrypted_state, "encrypted") ) {
-        SLOGE("encrypted fs already validated or not running with encryption,"
-              " aborting");
+    if (master_key_saved || strcmp(encrypted_state, "encrypted")) {
+        SLOGE(
+            "encrypted fs already validated or not running with encryption,"
+            " aborting");
         return -1;
     }
 
@@ -1942,8 +1875,7 @@
     return 0;
 }
 
-int cryptfs_check_passwd(const char *passwd)
-{
+int cryptfs_check_passwd(const char* passwd) {
     SLOGI("cryptfs_check_passwd");
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_check_passwd not valid for file encryption");
@@ -1959,8 +1891,7 @@
         return rc;
     }
 
-    rc = test_mount_encrypted_fs(&crypt_ftr, passwd,
-                                 DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
+    rc = test_mount_encrypted_fs(&crypt_ftr, passwd, DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
     if (rc) {
         SLOGE("Password did not match");
         return rc;
@@ -1972,8 +1903,8 @@
         // First, we must delete the crypto block device that
         // test_mount_encrypted_fs leaves behind as a side effect
         delete_crypto_blk_dev(CRYPTO_BLOCK_DEVICE);
-        rc = test_mount_encrypted_fs(&crypt_ftr, DEFAULT_PASSWORD,
-                                     DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
+        rc = test_mount_encrypted_fs(&crypt_ftr, DEFAULT_PASSWORD, DATA_MNT_POINT,
+                                     CRYPTO_BLOCK_DEVICE);
         if (rc) {
             SLOGE("Default password did not match on reboot encryption");
             return rc;
@@ -1999,15 +1930,14 @@
     return rc;
 }
 
-int cryptfs_verify_passwd(const char *passwd)
-{
+int cryptfs_verify_passwd(const char* passwd) {
     struct crypt_mnt_ftr crypt_ftr;
     unsigned char decrypted_master_key[MAX_KEY_LEN];
     char encrypted_state[PROPERTY_VALUE_MAX];
     int rc;
 
     property_get("ro.crypto.state", encrypted_state, "");
-    if (strcmp(encrypted_state, "encrypted") ) {
+    if (strcmp(encrypted_state, "encrypted")) {
         SLOGE("device not encrypted, aborting");
         return -2;
     }
@@ -2050,8 +1980,7 @@
  * Presumably, at a minimum, the caller will update the
  * filesystem size and crypto_type_name after calling this function.
  */
-static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr *ftr)
-{
+static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr* ftr) {
     off64_t off;
 
     memset(ftr, 0, sizeof(struct crypt_mnt_ftr));
@@ -2062,17 +1991,17 @@
     ftr->keysize = cryptfs_get_keysize();
 
     switch (keymaster_check_compatibility()) {
-    case 1:
-        ftr->kdf_type = KDF_SCRYPT_KEYMASTER;
-        break;
+        case 1:
+            ftr->kdf_type = KDF_SCRYPT_KEYMASTER;
+            break;
 
-    case 0:
-        ftr->kdf_type = KDF_SCRYPT;
-        break;
+        case 0:
+            ftr->kdf_type = KDF_SCRYPT;
+            break;
 
-    default:
-        SLOGE("keymaster_check_compatibility failed");
-        return -1;
+        default:
+            SLOGE("keymaster_check_compatibility failed");
+            return -1;
     }
 
     get_device_scrypt_params(ftr);
@@ -2080,8 +2009,7 @@
     ftr->persist_data_size = CRYPT_PERSIST_DATA_SIZE;
     if (get_crypt_ftr_info(NULL, &off) == 0) {
         ftr->persist_data_offset[0] = off + CRYPT_FOOTER_TO_PERSIST_OFFSET;
-        ftr->persist_data_offset[1] = off + CRYPT_FOOTER_TO_PERSIST_OFFSET +
-                                    ftr->persist_data_size;
+        ftr->persist_data_offset[1] = off + CRYPT_FOOTER_TO_PERSIST_OFFSET + ftr->persist_data_size;
     }
 
     return 0;
@@ -2089,9 +2017,8 @@
 
 #define FRAMEWORK_BOOT_WAIT 60
 
-static int cryptfs_SHA256_fileblock(const char* filename, __le8* buf)
-{
-    int fd = open(filename, O_RDONLY|O_CLOEXEC);
+static int cryptfs_SHA256_fileblock(const char* filename, __le8* buf) {
+    int fd = open(filename, O_RDONLY | O_CLOEXEC);
     if (fd == -1) {
         SLOGE("Error opening file %s", filename);
         return -1;
@@ -2117,7 +2044,7 @@
 
 static int cryptfs_enable_all_volumes(struct crypt_mnt_ftr* crypt_ftr, char* crypto_blkdev,
                                       char* real_blkdev, int previously_encrypted_upto) {
-    off64_t cur_encryption_done=0, tot_encryption_size=0;
+    off64_t cur_encryption_done = 0, tot_encryption_size = 0;
     int rc = -1;
 
     /* The size of the userdata partition, and add in the vold volumes below */
@@ -2153,11 +2080,11 @@
 int cryptfs_enable_internal(int crypt_type, const char* passwd, int no_ui) {
     char crypto_blkdev[MAXPATHLEN], real_blkdev[MAXPATHLEN];
     unsigned char decrypted_master_key[MAX_KEY_LEN];
-    int rc=-1, i;
+    int rc = -1, i;
     struct crypt_mnt_ftr crypt_ftr;
-    struct crypt_persist_data *pdata;
+    struct crypt_persist_data* pdata;
     char encrypted_state[PROPERTY_VALUE_MAX];
-    char lockid[32] = { 0 };
+    char lockid[32] = {0};
     char key_loc[PROPERTY_VALUE_MAX];
     int num_vols;
     off64_t previously_encrypted_upto = 0;
@@ -2207,7 +2134,7 @@
     fs_mgr_get_crypt_info(fstab_default, 0, real_blkdev, sizeof(real_blkdev));
 
     /* Get the size of the real block device */
-    fd = open(real_blkdev, O_RDONLY|O_CLOEXEC);
+    fd = open(real_blkdev, O_RDONLY | O_CLOEXEC);
     if (fd == -1) {
         SLOGE("Cannot open block device %s\n", real_blkdev);
         goto error_unencrypted;
@@ -2224,8 +2151,7 @@
     if (!strcmp(key_loc, KEY_IN_FOOTER)) {
         unsigned int fs_size_sec, max_fs_size_sec;
         fs_size_sec = get_fs_size(real_blkdev);
-        if (fs_size_sec == 0)
-            fs_size_sec = get_f2fs_filesystem_size_sec(real_blkdev);
+        if (fs_size_sec == 0) fs_size_sec = get_f2fs_filesystem_size_sec(real_blkdev);
 
         max_fs_size_sec = nr_sec - (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE);
 
@@ -2239,7 +2165,7 @@
      * device to sleep on us.  We'll grab a partial wakelock, and if the UI
      * wants to keep the screen on, it can grab a full wakelock.
      */
-    snprintf(lockid, sizeof(lockid), "enablecrypto%d", (int) getpid());
+    snprintf(lockid, sizeof(lockid), "enablecrypto%d", (int)getpid());
     acquire_wake_lock(PARTIAL_WAKE_LOCK, lockid);
 
     /* The init files are setup to stop the class main and late start when
@@ -2299,8 +2225,7 @@
         }
 
         if (!strcmp(key_loc, KEY_IN_FOOTER)) {
-            crypt_ftr.fs_size = nr_sec
-              - (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE);
+            crypt_ftr.fs_size = nr_sec - (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE);
         } else {
             crypt_ftr.fs_size = nr_sec;
         }
@@ -2314,7 +2239,8 @@
             crypt_ftr.flags |= CRYPT_INCONSISTENT_STATE;
         }
         crypt_ftr.crypt_type = crypt_type;
-        strlcpy((char *)crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(), MAX_CRYPTO_TYPE_NAME_LEN);
+        strlcpy((char*)crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(),
+                MAX_CRYPTO_TYPE_NAME_LEN);
 
         /* Make an encrypted master key */
         if (create_encrypted_random_key(onlyCreateHeader ? DEFAULT_PASSWORD : passwd,
@@ -2328,8 +2254,8 @@
             unsigned char fake_master_key[MAX_KEY_LEN];
             unsigned char encrypted_fake_master_key[MAX_KEY_LEN];
             memset(fake_master_key, 0, sizeof(fake_master_key));
-            encrypt_master_key(passwd, crypt_ftr.salt, fake_master_key,
-                               encrypted_fake_master_key, &crypt_ftr);
+            encrypt_master_key(passwd, crypt_ftr.salt, fake_master_key, encrypted_fake_master_key,
+                               &crypt_ftr);
         }
 
         /* Write the key to the end of the partition */
@@ -2339,11 +2265,11 @@
          * If none, create a valid empty table and save that.
          */
         if (!persist_data) {
-            pdata = (crypt_persist_data *)malloc(CRYPT_PERSIST_DATA_SIZE);
-           if (pdata) {
-               init_empty_persist_data(pdata, CRYPT_PERSIST_DATA_SIZE);
-               persist_data = pdata;
-           }
+            pdata = (crypt_persist_data*)malloc(CRYPT_PERSIST_DATA_SIZE);
+            if (pdata) {
+                init_empty_persist_data(pdata, CRYPT_PERSIST_DATA_SIZE);
+                persist_data = pdata;
+            }
         }
         if (persist_data) {
             save_persistent_data();
@@ -2377,8 +2303,8 @@
         __le8 hash_first_block[SHA256_DIGEST_LENGTH];
         rc = cryptfs_SHA256_fileblock(crypto_blkdev, hash_first_block);
 
-        if (!rc && memcmp(hash_first_block, crypt_ftr.hash_first_block,
-                          sizeof(hash_first_block)) != 0) {
+        if (!rc &&
+            memcmp(hash_first_block, crypt_ftr.hash_first_block, sizeof(hash_first_block)) != 0) {
             SLOGE("Checksums do not match - trigger wipe");
             rc = -1;
         }
@@ -2391,8 +2317,7 @@
 
     /* Calculate checksum if we are not finished */
     if (!rc && crypt_ftr.encrypted_upto != crypt_ftr.fs_size) {
-        rc = cryptfs_SHA256_fileblock(crypto_blkdev,
-                                      crypt_ftr.hash_first_block);
+        rc = cryptfs_SHA256_fileblock(crypto_blkdev, crypt_ftr.hash_first_block);
         if (rc) {
             SLOGE("Error calculating checksum for continuing encryption");
             rc = -1;
@@ -2402,7 +2327,7 @@
     /* Undo the dm-crypt mapping whether we succeed or not */
     delete_crypto_blk_dev(CRYPTO_BLOCK_DEVICE);
 
-    if (! rc) {
+    if (!rc) {
         /* Success */
         crypt_ftr.flags &= ~CRYPT_INCONSISTENT_STATE;
 
@@ -2450,8 +2375,7 @@
             SLOGE("encryption failed - rebooting into recovery to wipe data\n");
             std::string err;
             const std::vector<std::string> options = {
-                "--wipe_data\n--reason=cryptfs_enable_internal\n"
-            };
+                "--wipe_data\n--reason=cryptfs_enable_internal\n"};
             if (!write_bootloader_message(options, &err)) {
                 SLOGE("could not write bootloader message: %s", err.c_str());
             }
@@ -2484,7 +2408,9 @@
      * but the framework is stopped and not restarted to show the error, so it's up to
      * vold to restart the system.
      */
-    SLOGE("Error enabling encryption after framework is shutdown, no data changed, restarting system");
+    SLOGE(
+        "Error enabling encryption after framework is shutdown, no data changed, restarting "
+        "system");
     cryptfs_reboot(RebootType::reboot);
 
     /* shouldn't get here */
@@ -2503,8 +2429,7 @@
     return cryptfs_enable_internal(CRYPT_TYPE_DEFAULT, DEFAULT_PASSWORD, no_ui);
 }
 
-int cryptfs_changepw(int crypt_type, const char *newpw)
-{
+int cryptfs_changepw(int crypt_type, const char* newpw) {
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_changepw not valid for file encryption");
         return -1;
@@ -2532,12 +2457,8 @@
 
     crypt_ftr.crypt_type = crypt_type;
 
-    rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD
-                                                        : newpw,
-                       crypt_ftr.salt,
-                       saved_master_key,
-                       crypt_ftr.master_key,
-                       &crypt_ftr);
+    rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD : newpw,
+                            crypt_ftr.salt, saved_master_key, crypt_ftr.master_key, &crypt_ftr);
     if (rc) {
         SLOGE("Encrypt master key failed: %d", rc);
         return -1;
@@ -2565,14 +2486,13 @@
         dsize = CRYPT_PERSIST_DATA_SIZE;
     }
 
-    max_persistent_entries = (dsize - sizeof(struct crypt_persist_data)) /
-        sizeof(struct crypt_persist_entry);
+    max_persistent_entries =
+        (dsize - sizeof(struct crypt_persist_data)) / sizeof(struct crypt_persist_entry);
 
     return max_persistent_entries;
 }
 
-static int persist_get_key(const char *fieldname, char *value)
-{
+static int persist_get_key(const char* fieldname, char* value) {
     unsigned int i;
 
     if (persist_data == NULL) {
@@ -2589,8 +2509,7 @@
     return -1;
 }
 
-static int persist_set_key(const char *fieldname, const char *value, int encrypted)
-{
+static int persist_set_key(const char* fieldname, const char* value, int encrypted) {
     unsigned int i;
     unsigned int num;
     unsigned int max_persistent_entries;
@@ -2628,7 +2547,7 @@
  * Test if key is part of the multi-entry (field, index) sequence. Return non-zero if key is in the
  * sequence and its index is greater than or equal to index. Return 0 otherwise.
  */
-int match_multi_entry(const char *key, const char *field, unsigned index) {
+int match_multi_entry(const char* key, const char* field, unsigned index) {
     std::string key_ = key;
     std::string field_ = field;
 
@@ -2655,8 +2574,7 @@
  * and PERSIST_DEL_KEY_ERROR_OTHER if error occurs.
  *
  */
-static int persist_del_keys(const char *fieldname, unsigned index)
-{
+static int persist_del_keys(const char* fieldname, unsigned index) {
     unsigned int i;
     unsigned int j;
     unsigned int num;
@@ -2667,7 +2585,7 @@
 
     num = persist_data->persist_valid_entries;
 
-    j = 0; // points to the end of non-deleted entries.
+    j = 0;  // points to the end of non-deleted entries.
     // Filter out to-be-deleted entries in place.
     for (i = 0; i < num; i++) {
         if (!match_multi_entry(persist_data->persist_entry[i].key, fieldname, index)) {
@@ -2687,8 +2605,7 @@
     }
 }
 
-static int persist_count_keys(const char *fieldname)
-{
+static int persist_count_keys(const char* fieldname) {
     unsigned int i;
     unsigned int count;
 
@@ -2707,8 +2624,7 @@
 }
 
 /* Return the value of the specified field. */
-int cryptfs_getfield(const char *fieldname, char *value, int len)
-{
+int cryptfs_getfield(const char* fieldname, char* value, int len) {
     if (e4crypt_is_native()) {
         SLOGE("Cannot get field when file encrypted");
         return -1;
@@ -2736,7 +2652,7 @@
     // stitch them back together.
     if (!persist_get_key(fieldname, temp_value)) {
         // We found it, copy it to the caller's buffer and keep going until all entries are read.
-        if (strlcpy(value, temp_value, len) >= (unsigned) len) {
+        if (strlcpy(value, temp_value, len) >= (unsigned)len) {
             // value too small
             rc = CRYPTO_GETFIELD_ERROR_BUF_TOO_SMALL;
             goto out;
@@ -2745,7 +2661,7 @@
 
         for (i = 1; /* break explicitly */; i++) {
             if (snprintf(temp_field, sizeof(temp_field), "%s_%d", fieldname, i) >=
-                    (int) sizeof(temp_field)) {
+                (int)sizeof(temp_field)) {
                 // If the fieldname is very long, we stop as soon as it begins to overflow the
                 // maximum field length. At this point we have in fact fully read out the original
                 // value because cryptfs_setfield would not allow fields with longer names to be
@@ -2753,11 +2669,11 @@
                 break;
             }
             if (!persist_get_key(temp_field, temp_value)) {
-                  if (strlcat(value, temp_value, len) >= (unsigned)len) {
-                      // value too small.
-                      rc = CRYPTO_GETFIELD_ERROR_BUF_TOO_SMALL;
-                      goto out;
-                  }
+                if (strlcat(value, temp_value, len) >= (unsigned)len) {
+                    // value too small.
+                    rc = CRYPTO_GETFIELD_ERROR_BUF_TOO_SMALL;
+                    goto out;
+                }
             } else {
                 // Exhaust all entries.
                 break;
@@ -2773,8 +2689,7 @@
 }
 
 /* Set the value of the specified field. */
-int cryptfs_setfield(const char *fieldname, const char *value)
-{
+int cryptfs_setfield(const char* fieldname, const char* value) {
     if (e4crypt_is_native()) {
         SLOGE("Cannot set field when file encrypted");
         return -1;
@@ -2798,7 +2713,7 @@
     }
 
     property_get("ro.crypto.state", encrypted_state, "");
-    if (!strcmp(encrypted_state, "encrypted") ) {
+    if (!strcmp(encrypted_state, "encrypted")) {
         encrypted = 1;
     }
 
@@ -2867,14 +2782,14 @@
  * On success trigger next init phase and return 0.
  * Currently do not handle failure - see TODO below.
  */
-int cryptfs_mount_default_encrypted(void)
-{
+int cryptfs_mount_default_encrypted(void) {
     int crypt_type = cryptfs_get_password_type();
     if (crypt_type < 0 || crypt_type > CRYPT_TYPE_MAX_TYPE) {
         SLOGE("Bad crypt type - error");
     } else if (crypt_type != CRYPT_TYPE_DEFAULT) {
-        SLOGD("Password is not default - "
-              "starting min framework to prompt");
+        SLOGD(
+            "Password is not default - "
+            "starting min framework to prompt");
         property_set("vold.decrypt", "trigger_restart_min_framework");
         return 0;
     } else if (cryptfs_check_passwd(DEFAULT_PASSWORD) == 0) {
@@ -2894,8 +2809,7 @@
 
 /* Returns type of the password, default, pattern, pin or password.
  */
-int cryptfs_get_password_type(void)
-{
+int cryptfs_get_password_type(void) {
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_get_password_type not valid for file encryption");
         return -1;
@@ -2915,8 +2829,7 @@
     return crypt_ftr.crypt_type;
 }
 
-const char* cryptfs_get_password()
-{
+const char* cryptfs_get_password() {
     if (e4crypt_is_native()) {
         SLOGE("cryptfs_get_password not valid for file encryption");
         return 0;
@@ -2932,8 +2845,7 @@
     }
 }
 
-void cryptfs_clear_password()
-{
+void cryptfs_clear_password() {
     if (password) {
         size_t len = strlen(password);
         memset(password, 0, len);
@@ -2943,8 +2855,7 @@
     }
 }
 
-int cryptfs_isConvertibleToFBE()
-{
+int cryptfs_isConvertibleToFBE() {
     struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
     return (rec && fs_mgr_is_convertible_to_fbe(rec)) ? 1 : 0;
 }
diff --git a/cryptfs.h b/cryptfs.h
index dc7a8c3..692d7ee 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -51,32 +51,39 @@
 
 /* definitions of flags in the structure below */
 #define CRYPT_MNT_KEY_UNENCRYPTED 0x1 /* The key for the partition is not encrypted. */
-#define CRYPT_ENCRYPTION_IN_PROGRESS 0x2 /* Encryption partially completed,
-                                            encrypted_upto valid*/
-#define CRYPT_INCONSISTENT_STATE 0x4 /* Set when starting encryption, clear when
-                                        exit cleanly, either through success or
-                                        correctly marked partial encryption */
-#define CRYPT_DATA_CORRUPT 0x8 /* Set when encryption is fine, but the
-                                  underlying volume is corrupt */
-#define CRYPT_FORCE_ENCRYPTION 0x10 /* Set when it is time to encrypt this
-                                       volume on boot. Everything in this
-                                       structure is set up correctly as
-                                       though device is encrypted except
-                                       that the master key is encrypted with the
-                                       default password. */
-#define CRYPT_FORCE_COMPLETE 0x20 /* Set when the above encryption cycle is
-                                     complete. On next cryptkeeper entry, match
-                                     the password. If it matches fix the master
-                                     key and remove this flag. */
+#define CRYPT_ENCRYPTION_IN_PROGRESS       \
+    0x2 /* Encryption partially completed, \
+           encrypted_upto valid*/
+#define CRYPT_INCONSISTENT_STATE                    \
+    0x4 /* Set when starting encryption, clear when \
+           exit cleanly, either through success or  \
+           correctly marked partial encryption */
+#define CRYPT_DATA_CORRUPT                      \
+    0x8 /* Set when encryption is fine, but the \
+           underlying volume is corrupt */
+#define CRYPT_FORCE_ENCRYPTION                        \
+    0x10 /* Set when it is time to encrypt this       \
+            volume on boot. Everything in this        \
+            structure is set up correctly as          \
+            though device is encrypted except         \
+            that the master key is encrypted with the \
+            default password. */
+#define CRYPT_FORCE_COMPLETE                           \
+    0x20 /* Set when the above encryption cycle is     \
+            complete. On next cryptkeeper entry, match \
+            the password. If it matches fix the master \
+            key and remove this flag. */
 
 /* Allowed values for type in the structure below */
-#define CRYPT_TYPE_PASSWORD 0 /* master_key is encrypted with a password
-                               * Must be zero to be compatible with pre-L
-                               * devices where type is always password.*/
-#define CRYPT_TYPE_DEFAULT  1 /* master_key is encrypted with default
-                               * password */
-#define CRYPT_TYPE_PATTERN  2 /* master_key is encrypted with a pattern */
-#define CRYPT_TYPE_PIN      3 /* master_key is encrypted with a pin */
+#define CRYPT_TYPE_PASSWORD                       \
+    0 /* master_key is encrypted with a password  \
+       * Must be zero to be compatible with pre-L \
+       * devices where type is always password.*/
+#define CRYPT_TYPE_DEFAULT                                           \
+    1                        /* master_key is encrypted with default \
+                              * password */
+#define CRYPT_TYPE_PATTERN 2 /* master_key is encrypted with a pattern */
+#define CRYPT_TYPE_PIN 3     /* master_key is encrypted with a pin */
 #define CRYPT_TYPE_MAX_TYPE 3 /* type cannot be larger than this value */
 
 #define CRYPT_MNT_MAGIC 0xD0B5B1C4
@@ -92,78 +99,78 @@
 #define KEYMASTER_BLOB_SIZE 2048
 
 /* __le32 and __le16 defined in system/extras/ext4_utils/ext4_utils.h */
-#define __le8  unsigned char
+#define __le8 unsigned char
 
 #if !defined(SHA256_DIGEST_LENGTH)
 #define SHA256_DIGEST_LENGTH 32
 #endif
 
 struct crypt_mnt_ftr {
-  __le32 magic;         /* See above */
-  __le16 major_version;
-  __le16 minor_version;
-  __le32 ftr_size;      /* in bytes, not including key following */
-  __le32 flags;         /* See above */
-  __le32 keysize;       /* in bytes */
-  __le32 crypt_type;    /* how master_key is encrypted. Must be a
-                         * CRYPT_TYPE_XXX value */
-  __le64 fs_size;       /* Size of the encrypted fs, in 512 byte sectors */
-  __le32 failed_decrypt_count; /* count of # of failed attempts to decrypt and
-                                  mount, set to 0 on successful mount */
-  unsigned char crypto_type_name[MAX_CRYPTO_TYPE_NAME_LEN]; /* The type of encryption
-                                                               needed to decrypt this
-                                                               partition, null terminated */
-  __le32 spare2;        /* ignored */
-  unsigned char master_key[MAX_KEY_LEN]; /* The encrypted key for decrypting the filesystem */
-  unsigned char salt[SALT_LEN];   /* The salt used for this encryption */
-  __le64 persist_data_offset[2];  /* Absolute offset to both copies of crypt_persist_data
-                                   * on device with that info, either the footer of the
-                                   * real_blkdevice or the metadata partition. */
+    __le32 magic; /* See above */
+    __le16 major_version;
+    __le16 minor_version;
+    __le32 ftr_size;             /* in bytes, not including key following */
+    __le32 flags;                /* See above */
+    __le32 keysize;              /* in bytes */
+    __le32 crypt_type;           /* how master_key is encrypted. Must be a
+                                  * CRYPT_TYPE_XXX value */
+    __le64 fs_size;              /* Size of the encrypted fs, in 512 byte sectors */
+    __le32 failed_decrypt_count; /* count of # of failed attempts to decrypt and
+                                    mount, set to 0 on successful mount */
+    unsigned char crypto_type_name[MAX_CRYPTO_TYPE_NAME_LEN]; /* The type of encryption
+                                                                 needed to decrypt this
+                                                                 partition, null terminated */
+    __le32 spare2;                                            /* ignored */
+    unsigned char master_key[MAX_KEY_LEN]; /* The encrypted key for decrypting the filesystem */
+    unsigned char salt[SALT_LEN];          /* The salt used for this encryption */
+    __le64 persist_data_offset[2];         /* Absolute offset to both copies of crypt_persist_data
+                                            * on device with that info, either the footer of the
+                                            * real_blkdevice or the metadata partition. */
 
-  __le32 persist_data_size;       /* The number of bytes allocated to each copy of the
-                                   * persistent data table*/
+    __le32 persist_data_size; /* The number of bytes allocated to each copy of the
+                               * persistent data table*/
 
-  __le8  kdf_type; /* The key derivation function used. */
+    __le8 kdf_type; /* The key derivation function used. */
 
-  /* scrypt parameters. See www.tarsnap.com/scrypt/scrypt.pdf */
-  __le8  N_factor; /* (1 << N) */
-  __le8  r_factor; /* (1 << r) */
-  __le8  p_factor; /* (1 << p) */
-  __le64 encrypted_upto; /* If we are in state CRYPT_ENCRYPTION_IN_PROGRESS and
-                            we have to stop (e.g. power low) this is the last
-                            encrypted 512 byte sector.*/
-  __le8  hash_first_block[SHA256_DIGEST_LENGTH]; /* When CRYPT_ENCRYPTION_IN_PROGRESS
-                                                    set, hash of first block, used
-                                                    to validate before continuing*/
+    /* scrypt parameters. See www.tarsnap.com/scrypt/scrypt.pdf */
+    __le8 N_factor;        /* (1 << N) */
+    __le8 r_factor;        /* (1 << r) */
+    __le8 p_factor;        /* (1 << p) */
+    __le64 encrypted_upto; /* If we are in state CRYPT_ENCRYPTION_IN_PROGRESS and
+                              we have to stop (e.g. power low) this is the last
+                              encrypted 512 byte sector.*/
+    __le8 hash_first_block[SHA256_DIGEST_LENGTH]; /* When CRYPT_ENCRYPTION_IN_PROGRESS
+                                                     set, hash of first block, used
+                                                     to validate before continuing*/
 
-  /* key_master key, used to sign the derived key which is then used to generate
-   * the intermediate key
-   * This key should be used for no other purposes! We use this key to sign unpadded 
-   * data, which is acceptable but only if the key is not reused elsewhere. */
-  __le8 keymaster_blob[KEYMASTER_BLOB_SIZE];
-  __le32 keymaster_blob_size;
+    /* key_master key, used to sign the derived key which is then used to generate
+     * the intermediate key
+     * This key should be used for no other purposes! We use this key to sign unpadded
+     * data, which is acceptable but only if the key is not reused elsewhere. */
+    __le8 keymaster_blob[KEYMASTER_BLOB_SIZE];
+    __le32 keymaster_blob_size;
 
-  /* Store scrypt of salted intermediate key. When decryption fails, we can
-     check if this matches, and if it does, we know that the problem is with the
-     drive, and there is no point in asking the user for more passwords.
+    /* Store scrypt of salted intermediate key. When decryption fails, we can
+       check if this matches, and if it does, we know that the problem is with the
+       drive, and there is no point in asking the user for more passwords.
 
-     Note that if any part of this structure is corrupt, this will not match and
-     we will continue to believe the user entered the wrong password. In that
-     case the only solution is for the user to enter a password enough times to
-     force a wipe.
+       Note that if any part of this structure is corrupt, this will not match and
+       we will continue to believe the user entered the wrong password. In that
+       case the only solution is for the user to enter a password enough times to
+       force a wipe.
 
-     Note also that there is no need to worry about migration. If this data is
-     wrong, we simply won't recognise a right password, and will continue to
-     prompt. On the first password change, this value will be populated and
-     then we will be OK.
-   */
-  unsigned char scrypted_intermediate_key[SCRYPT_LEN];
+       Note also that there is no need to worry about migration. If this data is
+       wrong, we simply won't recognise a right password, and will continue to
+       prompt. On the first password change, this value will be populated and
+       then we will be OK.
+     */
+    unsigned char scrypted_intermediate_key[SCRYPT_LEN];
 
-  /* sha of this structure with this element set to zero
-     Used when encrypting on reboot to validate structure before doing something
-     fatal
-   */
-  unsigned char sha256[SHA256_DIGEST_LENGTH];
+    /* sha of this structure with this element set to zero
+       Used when encrypting on reboot to validate structure before doing something
+       fatal
+     */
+    unsigned char sha256[SHA256_DIGEST_LENGTH];
 };
 
 /* Persistant data that should be available before decryption.
@@ -180,49 +187,49 @@
  * and higher crypt_mnt_ftr structures.
  */
 struct crypt_persist_entry {
-  char key[PROPERTY_KEY_MAX];
-  char val[PROPERTY_VALUE_MAX];
+    char key[PROPERTY_KEY_MAX];
+    char val[PROPERTY_VALUE_MAX];
 };
 
 /* Should be exactly 4K in size */
 struct crypt_persist_data {
-  __le32 persist_magic;
-  __le32 persist_valid_entries;
-  __le32 persist_spare[30];
-  struct crypt_persist_entry persist_entry[0];
+    __le32 persist_magic;
+    __le32 persist_valid_entries;
+    __le32 persist_spare[30];
+    struct crypt_persist_entry persist_entry[0];
 };
 
 #define DATA_MNT_POINT "/data"
 
 /* Return values for cryptfs_crypto_complete */
-#define CRYPTO_COMPLETE_NOT_ENCRYPTED  1
-#define CRYPTO_COMPLETE_ENCRYPTED      0
-#define CRYPTO_COMPLETE_BAD_METADATA  (-1)
-#define CRYPTO_COMPLETE_PARTIAL       (-2)
-#define CRYPTO_COMPLETE_INCONSISTENT  (-3)
-#define CRYPTO_COMPLETE_CORRUPT       (-4)
+#define CRYPTO_COMPLETE_NOT_ENCRYPTED 1
+#define CRYPTO_COMPLETE_ENCRYPTED 0
+#define CRYPTO_COMPLETE_BAD_METADATA (-1)
+#define CRYPTO_COMPLETE_PARTIAL (-2)
+#define CRYPTO_COMPLETE_INCONSISTENT (-3)
+#define CRYPTO_COMPLETE_CORRUPT (-4)
 
 /* Return values for cryptfs_enable_inplace*() */
 #define ENABLE_INPLACE_OK 0
 #define ENABLE_INPLACE_ERR_OTHER (-1)
-#define ENABLE_INPLACE_ERR_DEV (-2)  /* crypto_blkdev issue */
+#define ENABLE_INPLACE_ERR_DEV (-2) /* crypto_blkdev issue */
 
 /* Return values for cryptfs_getfield */
-#define CRYPTO_GETFIELD_OK                   0
-#define CRYPTO_GETFIELD_ERROR_NO_FIELD      (-1)
-#define CRYPTO_GETFIELD_ERROR_OTHER         (-2)
+#define CRYPTO_GETFIELD_OK 0
+#define CRYPTO_GETFIELD_ERROR_NO_FIELD (-1)
+#define CRYPTO_GETFIELD_ERROR_OTHER (-2)
 #define CRYPTO_GETFIELD_ERROR_BUF_TOO_SMALL (-3)
 
 /* Return values for cryptfs_setfield */
-#define CRYPTO_SETFIELD_OK                    0
-#define CRYPTO_SETFIELD_ERROR_OTHER          (-1)
+#define CRYPTO_SETFIELD_OK 0
+#define CRYPTO_SETFIELD_ERROR_OTHER (-1)
 #define CRYPTO_SETFIELD_ERROR_FIELD_TOO_LONG (-2)
 #define CRYPTO_SETFIELD_ERROR_VALUE_TOO_LONG (-3)
 
 /* Return values for persist_del_key */
-#define PERSIST_DEL_KEY_OK                 0
-#define PERSIST_DEL_KEY_ERROR_OTHER       (-1)
-#define PERSIST_DEL_KEY_ERROR_NO_FIELD    (-2)
+#define PERSIST_DEL_KEY_OK 0
+#define PERSIST_DEL_KEY_ERROR_OTHER (-1)
+#define PERSIST_DEL_KEY_ERROR_NO_FIELD (-2)
 
 int match_multi_entry(const char* key, const char* field, unsigned index);
 int wait_and_unmount(const char* mountpoint, bool kill);
diff --git a/fs/Ext4.cpp b/fs/Ext4.cpp
index 717c8b7..7ac4853 100644
--- a/fs/Ext4.cpp
+++ b/fs/Ext4.cpp
@@ -14,23 +14,20 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <vector>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 #include <string>
+#include <vector>
 
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/mman.h>
 #include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 
 #include <linux/kdev_t.h>
@@ -59,9 +56,8 @@
 static const char* kFsckPath = "/system/bin/e2fsck";
 
 bool IsSupported() {
-    return access(kMkfsPath, X_OK) == 0
-            && access(kFsckPath, X_OK) == 0
-            && IsFilesystemSupported("ext4");
+    return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
+           IsFilesystemSupported("ext4");
 }
 
 status_t Check(const std::string& source, const std::string& target) {
@@ -74,7 +70,7 @@
     int status;
     int ret;
     long tmpmnt_flags = MS_NOATIME | MS_NOEXEC | MS_NOSUID;
-    char *tmpmnt_opts = (char*) "nomblk_io_submit,errors=remount-ro";
+    char* tmpmnt_opts = (char*)"nomblk_io_submit,errors=remount-ro";
 
     /*
      * First try to mount and unmount the filesystem.  We do this because
@@ -127,8 +123,8 @@
     return 0;
 }
 
-status_t Mount(const std::string& source, const std::string& target, bool ro,
-        bool remount, bool executable) {
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
+               bool executable) {
     int rc;
     unsigned long flags;
 
@@ -162,8 +158,7 @@
     return ForkExecvp(cmd);
 }
 
-status_t Format(const std::string& source, unsigned long numSectors,
-        const std::string& target) {
+status_t Format(const std::string& source, unsigned long numSectors, const std::string& target) {
     std::vector<std::string> cmd;
     cmd.push_back(kMkfsPath);
 
diff --git a/fs/Ext4.h b/fs/Ext4.h
index f78dc95..329f302 100644
--- a/fs/Ext4.h
+++ b/fs/Ext4.h
@@ -28,10 +28,9 @@
 bool IsSupported();
 
 status_t Check(const std::string& source, const std::string& target);
-status_t Mount(const std::string& source, const std::string& target, bool ro,
-        bool remount, bool executable);
-status_t Format(const std::string& source, unsigned long numSectors,
-        const std::string& target);
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
+               bool executable);
+status_t Format(const std::string& source, unsigned long numSectors, const std::string& target);
 status_t Resize(const std::string& source, unsigned long numSectors);
 
 }  // namespace ext4
diff --git a/fs/F2fs.cpp b/fs/F2fs.cpp
index f24fd91..9d72963 100644
--- a/fs/F2fs.cpp
+++ b/fs/F2fs.cpp
@@ -22,8 +22,8 @@
 #include <android-base/stringprintf.h>
 #include <ext4_utils/ext4_crypt.h>
 
-#include <vector>
 #include <string>
+#include <vector>
 
 #include <sys/mount.h>
 
@@ -37,9 +37,8 @@
 static const char* kFsckPath = "/system/bin/fsck.f2fs";
 
 bool IsSupported() {
-    return access(kMkfsPath, X_OK) == 0
-            && access(kFsckPath, X_OK) == 0
-            && IsFilesystemSupported("f2fs");
+    return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
+           IsFilesystemSupported("f2fs");
 }
 
 status_t Check(const std::string& source) {
diff --git a/fs/Vfat.cpp b/fs/Vfat.cpp
index 9873fd4..7b833d1 100644
--- a/fs/Vfat.cpp
+++ b/fs/Vfat.cpp
@@ -14,24 +14,21 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/mman.h>
-#include <sys/mount.h>
-#include <sys/wait.h>
 #include <linux/fs.h>
 #include <sys/ioctl.h>
+#include <sys/mman.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
 
 #include <linux/kdev_t.h>
 
@@ -41,8 +38,8 @@
 
 #include <logwrap/logwrap.h>
 
-#include "Vfat.h"
 #include "Utils.h"
+#include "Vfat.h"
 #include "VoldUtil.h"
 
 using android::base::StringPrintf;
@@ -55,9 +52,8 @@
 static const char* kFsckPath = "/system/bin/fsck_msdos";
 
 bool IsSupported() {
-    return access(kMkfsPath, X_OK) == 0
-            && access(kFsckPath, X_OK) == 0
-            && IsFilesystemSupported("vfat");
+    return access(kMkfsPath, X_OK) == 0 && access(kFsckPath, X_OK) == 0 &&
+           IsFilesystemSupported("vfat");
 }
 
 status_t Check(const std::string& source) {
@@ -79,43 +75,42 @@
             return -1;
         }
 
-        switch(rc) {
-        case 0:
-            LOG(INFO) << "Filesystem check completed OK";
-            return 0;
+        switch (rc) {
+            case 0:
+                LOG(INFO) << "Filesystem check completed OK";
+                return 0;
 
-        case 2:
-            LOG(ERROR) << "Filesystem check failed (not a FAT filesystem)";
-            errno = ENODATA;
-            return -1;
+            case 2:
+                LOG(ERROR) << "Filesystem check failed (not a FAT filesystem)";
+                errno = ENODATA;
+                return -1;
 
-        case 4:
-            if (pass++ <= 3) {
-                LOG(WARNING) << "Filesystem modified - rechecking (pass " << pass << ")";
-                continue;
-            }
-            LOG(ERROR) << "Failing check after too many rechecks";
-            errno = EIO;
-            return -1;
+            case 4:
+                if (pass++ <= 3) {
+                    LOG(WARNING) << "Filesystem modified - rechecking (pass " << pass << ")";
+                    continue;
+                }
+                LOG(ERROR) << "Failing check after too many rechecks";
+                errno = EIO;
+                return -1;
 
-        case 8:
-            LOG(ERROR) << "Filesystem check failed (no filesystem)";
-            errno = ENODATA;
-            return -1;
+            case 8:
+                LOG(ERROR) << "Filesystem check failed (no filesystem)";
+                errno = ENODATA;
+                return -1;
 
-        default:
-            LOG(ERROR) << "Filesystem check failed (unknown exit code " << rc << ")";
-            errno = EIO;
-            return -1;
+            default:
+                LOG(ERROR) << "Filesystem check failed (unknown exit code " << rc << ")";
+                errno = EIO;
+                return -1;
         }
     } while (0);
 
     return 0;
 }
 
-status_t Mount(const std::string& source, const std::string& target, bool ro,
-        bool remount, bool executable, int ownerUid, int ownerGid, int permMask,
-        bool createLost) {
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
+               bool executable, int ownerUid, int ownerGid, int permMask, bool createLost) {
     int rc;
     unsigned long flags;
 
@@ -128,9 +123,9 @@
     flags |= (ro ? MS_RDONLY : 0);
     flags |= (remount ? MS_REMOUNT : 0);
 
-    auto mountData = android::base::StringPrintf(
-            "utf8,uid=%d,gid=%d,fmask=%o,dmask=%o,shortname=mixed",
-            ownerUid, ownerGid, permMask, permMask);
+    auto mountData =
+        android::base::StringPrintf("utf8,uid=%d,gid=%d,fmask=%o,dmask=%o,shortname=mixed",
+                                    ownerUid, ownerGid, permMask, permMask);
 
     rc = mount(c_source, c_target, "vfat", flags, mountData.c_str());
 
diff --git a/fs/Vfat.h b/fs/Vfat.h
index 40be5f6..2030067 100644
--- a/fs/Vfat.h
+++ b/fs/Vfat.h
@@ -28,9 +28,8 @@
 bool IsSupported();
 
 status_t Check(const std::string& source);
-status_t Mount(const std::string& source, const std::string& target, bool ro,
-        bool remount, bool executable, int ownerUid, int ownerGid, int permMask,
-        bool createLost);
+status_t Mount(const std::string& source, const std::string& target, bool ro, bool remount,
+               bool executable, int ownerUid, int ownerGid, int permMask, bool createLost);
 status_t Format(const std::string& source, unsigned long numSectors);
 
 }  // namespace vfat
diff --git a/hash.h b/hash.h
index 3b483f1..cd81805 100644
--- a/hash.h
+++ b/hash.h
@@ -1,18 +1,18 @@
 /*
  * Copyright (c) 1999 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden). 
- * All rights reserved. 
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
  *
- * Redistribution and use in source and binary forms, with or without 
- * modification, are permitted provided that the following conditions 
- * are met: 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
  *
- * 1. Redistributions of source code must retain the above copyright 
- *    notice, this list of conditions and the following disclaimer. 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
  *
- * 2. Redistributions in binary form must reproduce the above copyright 
- *    notice, this list of conditions and the following disclaimer in the 
- *    documentation and/or other materials provided with the distribution. 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
  *
  * 3. Neither the name of KTH nor the names of its contributors may be
  *    used to endorse or promote products derived from this software without
@@ -42,7 +42,7 @@
 #include <string.h>
 
 #ifndef min
-#define min(a,b) (((a)>(b))?(b):(a))
+#define min(a, b) (((a) > (b)) ? (b) : (a))
 #endif
 
 /* Vector Crays doesn't have a good 32-bit type, or more precisely,
@@ -53,14 +53,12 @@
    */
 
 #ifdef _CRAY
-#define CRAYFIX(X) ((X) & 0xffffffff)
+#define CRAYFIX(X) ((X)&0xffffffff)
 #else
 #define CRAYFIX(X) (X)
 #endif
 
-static inline u_int32_t
-cshift (u_int32_t x, unsigned int n)
-{
+static inline u_int32_t cshift(u_int32_t x, unsigned int n) {
     x = CRAYFIX(x);
     return CRAYFIX((x << n) | (x >> (32 - n)));
 }
diff --git a/main.cpp b/main.cpp
index c4071d1..52abf20 100644
--- a/main.cpp
+++ b/main.cpp
@@ -16,12 +16,12 @@
 
 #define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
 
-#include "model/Disk.h"
-#include "VolumeManager.h"
 #include "NetlinkManager.h"
 #include "VoldNativeService.h"
 #include "VoldUtil.h"
+#include "VolumeManager.h"
 #include "cryptfs.h"
+#include "model/Disk.h"
 #include "sehandle.h"
 
 #include <android-base/logging.h>
@@ -31,23 +31,23 @@
 #include <hidl/HidlTransportSupport.h>
 #include <utils/Trace.h>
 
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <fs_mgr.h>
+#include <getopt.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
 #include <string.h>
 #include <sys/stat.h>
 #include <sys/types.h>
-#include <getopt.h>
-#include <fcntl.h>
-#include <dirent.h>
-#include <fs_mgr.h>
 
 static int process_config(VolumeManager* vm, bool* has_adoptable, bool* has_quota,
                           bool* has_reserved);
-static void coldboot(const char *path);
+static void coldboot(const char* path);
 static void parse_args(int argc, char** argv);
 
-struct selabel_handle *sehandle;
+struct selabel_handle* sehandle;
 
 using android::base::StringPrintf;
 
@@ -60,14 +60,13 @@
 
     ATRACE_BEGIN("main");
 
-
     LOG(VERBOSE) << "Detected support for:"
-            << (android::vold::IsFilesystemSupported("ext4") ? " ext4" : "")
-            << (android::vold::IsFilesystemSupported("f2fs") ? " f2fs" : "")
-            << (android::vold::IsFilesystemSupported("vfat") ? " vfat" : "");
+                 << (android::vold::IsFilesystemSupported("ext4") ? " ext4" : "")
+                 << (android::vold::IsFilesystemSupported("f2fs") ? " f2fs" : "")
+                 << (android::vold::IsFilesystemSupported("vfat") ? " vfat" : "");
 
-    VolumeManager *vm;
-    NetlinkManager *nm;
+    VolumeManager* vm;
+    NetlinkManager* nm;
 
     parse_args(argc, argv);
 
@@ -148,19 +147,21 @@
 
 static void parse_args(int argc, char** argv) {
     static struct option opts[] = {
-        {"blkid_context", required_argument, 0, 'b' },
-        {"blkid_untrusted_context", required_argument, 0, 'B' },
-        {"fsck_context", required_argument, 0, 'f' },
-        {"fsck_untrusted_context", required_argument, 0, 'F' },
+        {"blkid_context", required_argument, 0, 'b'},
+        {"blkid_untrusted_context", required_argument, 0, 'B'},
+        {"fsck_context", required_argument, 0, 'f'},
+        {"fsck_untrusted_context", required_argument, 0, 'F'},
     };
 
     int c;
     while ((c = getopt_long(argc, argv, "", opts, nullptr)) != -1) {
         switch (c) {
+            // clang-format off
         case 'b': android::vold::sBlkidContext = optarg; break;
         case 'B': android::vold::sBlkidUntrustedContext = optarg; break;
         case 'f': android::vold::sFsckContext = optarg; break;
         case 'F': android::vold::sFsckUntrustedContext = optarg; break;
+                // clang-format on
         }
     }
 
@@ -170,33 +171,30 @@
     CHECK(android::vold::sFsckUntrustedContext != nullptr);
 }
 
-static void do_coldboot(DIR *d, int lvl) {
-    struct dirent *de;
+static void do_coldboot(DIR* d, int lvl) {
+    struct dirent* de;
     int dfd, fd;
 
     dfd = dirfd(d);
 
     fd = openat(dfd, "uevent", O_WRONLY | O_CLOEXEC);
-    if(fd >= 0) {
+    if (fd >= 0) {
         write(fd, "add\n", 4);
         close(fd);
     }
 
-    while((de = readdir(d))) {
-        DIR *d2;
+    while ((de = readdir(d))) {
+        DIR* d2;
 
-        if (de->d_name[0] == '.')
-            continue;
+        if (de->d_name[0] == '.') continue;
 
-        if (de->d_type != DT_DIR && lvl > 0)
-            continue;
+        if (de->d_type != DT_DIR && lvl > 0) continue;
 
         fd = openat(dfd, de->d_name, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
-        if(fd < 0)
-            continue;
+        if (fd < 0) continue;
 
         d2 = fdopendir(fd);
-        if(d2 == 0)
+        if (d2 == 0)
             close(fd);
         else {
             do_coldboot(d2, lvl + 1);
@@ -205,10 +203,10 @@
     }
 }
 
-static void coldboot(const char *path) {
+static void coldboot(const char* path) {
     ATRACE_NAME("coldboot");
-    DIR *d = opendir(path);
-    if(d) {
+    DIR* d = opendir(path);
+    if (d) {
         do_coldboot(d, 0);
         closedir(d);
     }
@@ -251,13 +249,13 @@
                 flags |= android::vold::Disk::Flags::kAdoptable;
                 *has_adoptable = true;
             }
-            if (fs_mgr_is_noemulatedsd(rec)
-                    || android::base::GetBoolProperty("vold.debug.default_primary", false)) {
+            if (fs_mgr_is_noemulatedsd(rec) ||
+                android::base::GetBoolProperty("vold.debug.default_primary", false)) {
                 flags |= android::vold::Disk::Flags::kDefaultPrimary;
             }
 
             vm->addDiskSource(std::shared_ptr<VolumeManager::DiskSource>(
-                    new VolumeManager::DiskSource(sysPattern, nickname, flags)));
+                new VolumeManager::DiskSource(sysPattern, nickname, flags)));
         }
     }
     return 0;
diff --git a/model/Disk.cpp b/model/Disk.cpp
index 781d3e9..13cb1c7 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -15,36 +15,36 @@
  */
 
 #include "Disk.h"
-#include "PublicVolume.h"
+#include "Ext4Crypt.h"
 #include "PrivateVolume.h"
+#include "PublicVolume.h"
 #include "Utils.h"
 #include "VolumeBase.h"
 #include "VolumeManager.h"
-#include "Ext4Crypt.h"
 
 #include <android-base/file.h>
 #include <android-base/logging.h>
+#include <android-base/parseint.h>
 #include <android-base/properties.h>
 #include <android-base/stringprintf.h>
 #include <android-base/strings.h>
-#include <android-base/parseint.h>
 #include <ext4_utils/ext4_crypt.h>
 
 #include "cryptfs.h"
 
-#include <vector>
 #include <fcntl.h>
 #include <inttypes.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <sys/types.h>
+#include <sys/mount.h>
 #include <sys/stat.h>
 #include <sys/sysmacros.h>
-#include <sys/mount.h>
+#include <sys/types.h>
+#include <vector>
 
 using android::base::ReadFileToString;
-using android::base::WriteStringToFile;
 using android::base::StringPrintf;
+using android::base::WriteStringToFile;
 
 namespace android {
 namespace vold {
@@ -112,20 +112,22 @@
      * "ranchu", the device's sysfs path should end with "/block/vd[d-z]", etc.
      * But just having a) and b) is enough for now.
      */
-    return IsRunningInEmulator() && major >= kMajorBlockExperimentalMin
-            && major <= kMajorBlockExperimentalMax;
+    return IsRunningInEmulator() && major >= kMajorBlockExperimentalMin &&
+           major <= kMajorBlockExperimentalMax;
 }
 
 static bool isNvmeBlkDevice(unsigned int major, const std::string& sysPath) {
-    return sysPath.find("nvme") != std::string::npos
-            && major >= kMajorBlockDynamicMin
-            && major <= kMajorBlockDynamicMax;
+    return sysPath.find("nvme") != std::string::npos && major >= kMajorBlockDynamicMin &&
+           major <= kMajorBlockDynamicMax;
 }
 
-Disk::Disk(const std::string& eventPath, dev_t device,
-        const std::string& nickname, int flags) :
-        mDevice(device), mSize(-1), mNickname(nickname), mFlags(flags), mCreated(
-                false), mJustPartitioned(false) {
+Disk::Disk(const std::string& eventPath, dev_t device, const std::string& nickname, int flags)
+    : mDevice(device),
+      mSize(-1),
+      mNickname(nickname),
+      mFlags(flags),
+      mCreated(false),
+      mJustPartitioned(false) {
     mId = StringPrintf("disk:%u,%u", major(device), minor(device));
     mEventPath = eventPath;
     mSysPath = StringPrintf("/sys/%s", eventPath.c_str());
@@ -251,73 +253,78 @@
 
     unsigned int majorId = major(mDevice);
     switch (majorId) {
-    case kMajorBlockLoop: {
-        mLabel = "Virtual";
-        break;
-    }
-    case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC: case kMajorBlockScsiD:
-    case kMajorBlockScsiE: case kMajorBlockScsiF: case kMajorBlockScsiG: case kMajorBlockScsiH:
-    case kMajorBlockScsiI: case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
-    case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO: case kMajorBlockScsiP: {
-        std::string path(mSysPath + "/device/vendor");
-        std::string tmp;
-        if (!ReadFileToString(path, &tmp)) {
-            PLOG(WARNING) << "Failed to read vendor from " << path;
-            return -errno;
-        }
-        tmp = android::base::Trim(tmp);
-        mLabel = tmp;
-        break;
-    }
-    case kMajorBlockMmc: {
-        std::string path(mSysPath + "/device/manfid");
-        std::string tmp;
-        if (!ReadFileToString(path, &tmp)) {
-            PLOG(WARNING) << "Failed to read manufacturer from " << path;
-            return -errno;
-        }
-        tmp = android::base::Trim(tmp);
-        int64_t manfid;
-        if (!android::base::ParseInt(tmp, &manfid)) {
-            PLOG(WARNING) << "Failed to parse manufacturer " << tmp;
-            return -EINVAL;
-        }
-        // Our goal here is to give the user a meaningful label, ideally
-        // matching whatever is silk-screened on the card.  To reduce
-        // user confusion, this list doesn't contain white-label manfid.
-        switch (manfid) {
-        case 0x000003: mLabel = "SanDisk"; break;
-        case 0x00001b: mLabel = "Samsung"; break;
-        case 0x000028: mLabel = "Lexar"; break;
-        case 0x000074: mLabel = "Transcend"; break;
-        }
-        break;
-    }
-    default: {
-        if (isVirtioBlkDevice(majorId)) {
-            LOG(DEBUG) << "Recognized experimental block major ID " << majorId
-                    << " as virtio-blk (emulator's virtual SD card device)";
+        case kMajorBlockLoop: {
             mLabel = "Virtual";
             break;
         }
-        if (isNvmeBlkDevice(majorId, mSysPath)) {
-            std::string path(mSysPath + "/device/model");
+        // clang-format off
+        case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC:
+        case kMajorBlockScsiD: case kMajorBlockScsiE: case kMajorBlockScsiF:
+        case kMajorBlockScsiG: case kMajorBlockScsiH: case kMajorBlockScsiI:
+        case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+        case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO:
+        case kMajorBlockScsiP: {
+            // clang-format on
+            std::string path(mSysPath + "/device/vendor");
             std::string tmp;
             if (!ReadFileToString(path, &tmp)) {
                 PLOG(WARNING) << "Failed to read vendor from " << path;
                 return -errno;
             }
+            tmp = android::base::Trim(tmp);
             mLabel = tmp;
             break;
         }
-        LOG(WARNING) << "Unsupported block major type " << majorId;
-        return -ENOTSUP;
-    }
+        case kMajorBlockMmc: {
+            std::string path(mSysPath + "/device/manfid");
+            std::string tmp;
+            if (!ReadFileToString(path, &tmp)) {
+                PLOG(WARNING) << "Failed to read manufacturer from " << path;
+                return -errno;
+            }
+            tmp = android::base::Trim(tmp);
+            int64_t manfid;
+            if (!android::base::ParseInt(tmp, &manfid)) {
+                PLOG(WARNING) << "Failed to parse manufacturer " << tmp;
+                return -EINVAL;
+            }
+            // Our goal here is to give the user a meaningful label, ideally
+            // matching whatever is silk-screened on the card.  To reduce
+            // user confusion, this list doesn't contain white-label manfid.
+            switch (manfid) {
+                // clang-format off
+                case 0x000003: mLabel = "SanDisk"; break;
+                case 0x00001b: mLabel = "Samsung"; break;
+                case 0x000028: mLabel = "Lexar"; break;
+                case 0x000074: mLabel = "Transcend"; break;
+                    // clang-format on
+            }
+            break;
+        }
+        default: {
+            if (isVirtioBlkDevice(majorId)) {
+                LOG(DEBUG) << "Recognized experimental block major ID " << majorId
+                           << " as virtio-blk (emulator's virtual SD card device)";
+                mLabel = "Virtual";
+                break;
+            }
+            if (isNvmeBlkDevice(majorId, mSysPath)) {
+                std::string path(mSysPath + "/device/model");
+                std::string tmp;
+                if (!ReadFileToString(path, &tmp)) {
+                    PLOG(WARNING) << "Failed to read vendor from " << path;
+                    return -errno;
+                }
+                mLabel = tmp;
+                break;
+            }
+            LOG(WARNING) << "Unsupported block major type " << majorId;
+            return -ENOTSUP;
+        }
     }
 
     auto listener = VolumeManager::Instance()->getListener();
-    if (listener) listener->onDiskMetadataChanged(getId(),
-            mSize, mLabel, mSysPath);
+    if (listener) listener->onDiskMetadataChanged(getId(), mSize, mLabel, mSysPath);
 
     return OK;
 }
@@ -563,45 +570,49 @@
     // Figure out maximum partition devices supported
     unsigned int majorId = major(mDevice);
     switch (majorId) {
-    case kMajorBlockLoop: {
-        std::string tmp;
-        if (!ReadFileToString(kSysfsLoopMaxMinors, &tmp)) {
-            LOG(ERROR) << "Failed to read max minors";
-            return -errno;
+        case kMajorBlockLoop: {
+            std::string tmp;
+            if (!ReadFileToString(kSysfsLoopMaxMinors, &tmp)) {
+                LOG(ERROR) << "Failed to read max minors";
+                return -errno;
+            }
+            return std::stoi(tmp);
         }
-        return std::stoi(tmp);
-    }
-    case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC: case kMajorBlockScsiD:
-    case kMajorBlockScsiE: case kMajorBlockScsiF: case kMajorBlockScsiG: case kMajorBlockScsiH:
-    case kMajorBlockScsiI: case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
-    case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO: case kMajorBlockScsiP: {
-        // Per Documentation/devices.txt this is static
-        return 15;
-    }
-    case kMajorBlockMmc: {
-        // Per Documentation/devices.txt this is dynamic
-        std::string tmp;
-        if (!ReadFileToString(kSysfsMmcMaxMinors, &tmp) &&
-                !ReadFileToString(kSysfsMmcMaxMinorsDeprecated, &tmp)) {
-            LOG(ERROR) << "Failed to read max minors";
-            return -errno;
-        }
-        return std::stoi(tmp);
-    }
-    default: {
-        if (isVirtioBlkDevice(majorId)) {
-            // drivers/block/virtio_blk.c has "#define PART_BITS 4", so max is
-            // 2^4 - 1 = 15
+        // clang-format off
+        case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC:
+        case kMajorBlockScsiD: case kMajorBlockScsiE: case kMajorBlockScsiF:
+        case kMajorBlockScsiG: case kMajorBlockScsiH: case kMajorBlockScsiI:
+        case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+        case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO:
+        case kMajorBlockScsiP: {
+            // clang-format on
+            // Per Documentation/devices.txt this is static
             return 15;
         }
-        if (isNvmeBlkDevice(majorId, mSysPath)) {
-            // despite kernel nvme driver supports up to 1M minors,
-            //     #define NVME_MINORS (1U << MINORBITS)
-            // sgdisk can not support more than 127 partitions, due to
-            //     #define MAX_MBR_PARTS 128
-            return 127;
+        case kMajorBlockMmc: {
+            // Per Documentation/devices.txt this is dynamic
+            std::string tmp;
+            if (!ReadFileToString(kSysfsMmcMaxMinors, &tmp) &&
+                !ReadFileToString(kSysfsMmcMaxMinorsDeprecated, &tmp)) {
+                LOG(ERROR) << "Failed to read max minors";
+                return -errno;
+            }
+            return std::stoi(tmp);
         }
-    }
+        default: {
+            if (isVirtioBlkDevice(majorId)) {
+                // drivers/block/virtio_blk.c has "#define PART_BITS 4", so max is
+                // 2^4 - 1 = 15
+                return 15;
+            }
+            if (isNvmeBlkDevice(majorId, mSysPath)) {
+                // despite kernel nvme driver supports up to 1M minors,
+                //     #define NVME_MINORS (1U << MINORBITS)
+                // sgdisk can not support more than 127 partitions, due to
+                //     #define MAX_MBR_PARTS 128
+                return 127;
+            }
+        }
     }
 
     LOG(ERROR) << "Unsupported block major type " << majorId;
diff --git a/model/Disk.h b/model/Disk.h
index 63acf6a..3140144 100644
--- a/model/Disk.h
+++ b/model/Disk.h
@@ -36,7 +36,7 @@
  * how to repartition itself.
  */
 class Disk {
-public:
+  public:
     Disk(const std::string& eventPath, dev_t device, const std::string& nickname, int flags);
     virtual ~Disk();
 
@@ -79,7 +79,7 @@
     status_t partitionPrivate();
     status_t partitionMixed(int8_t ratio);
 
-private:
+  private:
     /* ID that uniquely references this disk */
     std::string mId;
     /* Original event path */
diff --git a/model/EmulatedVolume.cpp b/model/EmulatedVolume.cpp
index 6e1ffce..7ec109c 100644
--- a/model/EmulatedVolume.cpp
+++ b/model/EmulatedVolume.cpp
@@ -27,8 +27,8 @@
 #include <stdlib.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/sysmacros.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 
 using android::base::StringPrintf;
@@ -38,22 +38,21 @@
 
 static const char* kFusePath = "/system/bin/sdcard";
 
-EmulatedVolume::EmulatedVolume(const std::string& rawPath) :
-        VolumeBase(Type::kEmulated), mFusePid(0) {
+EmulatedVolume::EmulatedVolume(const std::string& rawPath)
+    : VolumeBase(Type::kEmulated), mFusePid(0) {
     setId("emulated");
     mRawPath = rawPath;
     mLabel = "emulated";
 }
 
-EmulatedVolume::EmulatedVolume(const std::string& rawPath, dev_t device,
-        const std::string& fsUuid) : VolumeBase(Type::kEmulated), mFusePid(0) {
+EmulatedVolume::EmulatedVolume(const std::string& rawPath, dev_t device, const std::string& fsUuid)
+    : VolumeBase(Type::kEmulated), mFusePid(0) {
     setId(StringPrintf("emulated:%u,%u", major(device), minor(device)));
     mRawPath = rawPath;
     mLabel = fsUuid;
 }
 
-EmulatedVolume::~EmulatedVolume() {
-}
+EmulatedVolume::~EmulatedVolume() {}
 
 status_t EmulatedVolume::doMount() {
     // We could have migrated storage to an adopted private volume, so always
@@ -71,8 +70,8 @@
     setPath(StringPrintf("/storage/%s", label.c_str()));
 
     if (fs_prepare_dir(mFuseDefault.c_str(), 0700, AID_ROOT, AID_ROOT) ||
-            fs_prepare_dir(mFuseRead.c_str(), 0700, AID_ROOT, AID_ROOT) ||
-            fs_prepare_dir(mFuseWrite.c_str(), 0700, AID_ROOT, AID_ROOT)) {
+        fs_prepare_dir(mFuseRead.c_str(), 0700, AID_ROOT, AID_ROOT) ||
+        fs_prepare_dir(mFuseWrite.c_str(), 0700, AID_ROOT, AID_ROOT)) {
         PLOG(ERROR) << getId() << " failed to create mount points";
         return -errno;
     }
@@ -80,6 +79,7 @@
     dev_t before = GetDevice(mFuseWrite);
 
     if (!(mFusePid = fork())) {
+        // clang-format off
         if (execl(kFusePath, kFusePath,
                 "-u", "1023", // AID_MEDIA_RW
                 "-g", "1023", // AID_MEDIA_RW
@@ -90,6 +90,7 @@
                 mRawPath.c_str(),
                 label.c_str(),
                 NULL)) {
+            // clang-format on
             PLOG(ERROR) << "Failed to exec";
         }
 
@@ -105,7 +106,7 @@
     nsecs_t start = systemTime(SYSTEM_TIME_BOOTTIME);
     while (before == GetDevice(mFuseWrite)) {
         LOG(VERBOSE) << "Waiting for FUSE to spin up...";
-        usleep(50000); // 50ms
+        usleep(50000);  // 50ms
 
         nsecs_t now = systemTime(SYSTEM_TIME_BOOTTIME);
         if (nanoseconds_to_milliseconds(now - start) > 5000) {
diff --git a/model/EmulatedVolume.h b/model/EmulatedVolume.h
index 9b0c049..f618c55 100644
--- a/model/EmulatedVolume.h
+++ b/model/EmulatedVolume.h
@@ -36,16 +36,16 @@
  * store data local to their app.
  */
 class EmulatedVolume : public VolumeBase {
-public:
+  public:
     explicit EmulatedVolume(const std::string& rawPath);
     EmulatedVolume(const std::string& rawPath, dev_t device, const std::string& fsUuid);
     virtual ~EmulatedVolume();
 
-protected:
+  protected:
     status_t doMount() override;
     status_t doUnmount() override;
 
-private:
+  private:
     std::string mRawPath;
     std::string mLabel;
 
diff --git a/model/ObbVolume.cpp b/model/ObbVolume.cpp
index 709c7a3..ec3d267 100644
--- a/model/ObbVolume.cpp
+++ b/model/ObbVolume.cpp
@@ -14,12 +14,12 @@
  * limitations under the License.
  */
 
-#include "fs/Vfat.h"
+#include "ObbVolume.h"
 #include "Devmapper.h"
 #include "Loop.h"
-#include "ObbVolume.h"
 #include "Utils.h"
 #include "VoldUtil.h"
+#include "fs/Vfat.h"
 
 #include <android-base/logging.h>
 #include <android-base/stringprintf.h>
@@ -31,8 +31,8 @@
 #include <stdlib.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/sysmacros.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 
 using android::base::StringPrintf;
@@ -42,15 +42,15 @@
 namespace vold {
 
 ObbVolume::ObbVolume(int id, const std::string& sourcePath, const std::string& sourceKey,
-        gid_t ownerGid) : VolumeBase(Type::kObb) {
+                     gid_t ownerGid)
+    : VolumeBase(Type::kObb) {
     setId(StringPrintf("obb:%d", id));
     mSourcePath = sourcePath;
     mSourceKey = sourceKey;
     mOwnerGid = ownerGid;
 }
 
-ObbVolume::~ObbVolume() {
-}
+ObbVolume::~ObbVolume() {}
 
 status_t ObbVolume::doCreate() {
     if (Loop::create(mSourcePath, mLoopPath)) {
@@ -75,8 +75,8 @@
         }
 
         char tmp[PATH_MAX];
-        if (Devmapper::create(getId().c_str(), mLoopPath.c_str(), mSourceKey.c_str(), nr_sec,
-                tmp, PATH_MAX)) {
+        if (Devmapper::create(getId().c_str(), mLoopPath.c_str(), mSourceKey.c_str(), nr_sec, tmp,
+                              PATH_MAX)) {
             PLOG(ERROR) << getId() << " failed to create dm";
             return -1;
         }
@@ -108,8 +108,10 @@
         PLOG(ERROR) << getId() << " failed to create mount point";
         return -1;
     }
-    if (android::vold::vfat::Mount(mMountPath, path,
-            true, false, true, 0, mOwnerGid, 0227, false)) {
+    // clang-format off
+    if (android::vold::vfat::Mount(mMountPath, path, true, false, true,
+                                   0, mOwnerGid, 0227, false)) {
+        // clang-format on
         PLOG(ERROR) << getId() << " failed to mount";
         return -1;
     }
diff --git a/model/ObbVolume.h b/model/ObbVolume.h
index 5ec0cde..8f7ee94 100644
--- a/model/ObbVolume.h
+++ b/model/ObbVolume.h
@@ -28,18 +28,17 @@
  * OBB container.
  */
 class ObbVolume : public VolumeBase {
-public:
-    ObbVolume(int id, const std::string& sourcePath, const std::string& sourceKey,
-            gid_t ownerGid);
+  public:
+    ObbVolume(int id, const std::string& sourcePath, const std::string& sourceKey, gid_t ownerGid);
     virtual ~ObbVolume();
 
-protected:
+  protected:
     status_t doCreate() override;
     status_t doDestroy() override;
     status_t doMount() override;
     status_t doUnmount() override;
 
-private:
+  private:
     std::string mSourcePath;
     std::string mSourceKey;
     gid_t mOwnerGid;
diff --git a/model/PrivateVolume.cpp b/model/PrivateVolume.cpp
index cf21577..de2a09f 100644
--- a/model/PrivateVolume.cpp
+++ b/model/PrivateVolume.cpp
@@ -14,27 +14,27 @@
  * limitations under the License.
  */
 
-#include "fs/Ext4.h"
-#include "fs/F2fs.h"
 #include "PrivateVolume.h"
 #include "EmulatedVolume.h"
 #include "Utils.h"
 #include "VolumeManager.h"
 #include "cryptfs.h"
+#include "fs/Ext4.h"
+#include "fs/F2fs.h"
 
-#include <android-base/stringprintf.h>
 #include <android-base/logging.h>
+#include <android-base/stringprintf.h>
 #include <cutils/fs.h>
 #include <private/android_filesystem_config.h>
 
 #include <fcntl.h>
 #include <stdlib.h>
 #include <sys/mount.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/sysmacros.h>
-#include <sys/wait.h>
 #include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/sysmacros.h>
+#include <sys/types.h>
+#include <sys/wait.h>
 
 using android::base::StringPrintf;
 
@@ -43,14 +43,13 @@
 
 static const unsigned int kMajorBlockMmc = 179;
 
-PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw) :
-        VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
+PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw)
+    : VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
     setId(StringPrintf("private:%u,%u", major(device), minor(device)));
     mRawDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
 }
 
-PrivateVolume::~PrivateVolume() {
-}
+PrivateVolume::~PrivateVolume() {}
 
 status_t PrivateVolume::readMetadata() {
     status_t res = ReadMetadata(mDmDevPath, &mFsType, &mFsUuid, &mFsLabel);
@@ -66,9 +65,9 @@
         return -EIO;
     }
     if (mKeyRaw.size() != cryptfs_get_keysize()) {
-      PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size() <<
-          " does not match crypt keysize " << cryptfs_get_keysize();
-      return -EIO;
+        PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size()
+                    << " does not match crypt keysize " << cryptfs_get_keysize();
+        return -EIO;
     }
 
     // Recover from stale vold by tearing down any old mappings
@@ -76,10 +75,9 @@
 
     // TODO: figure out better SELinux labels for private volumes
 
-    unsigned char* key = (unsigned char*) mKeyRaw.data();
+    unsigned char* key = (unsigned char*)mKeyRaw.data();
     char crypto_blkdev[MAXPATHLEN];
-    int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(),
-            key, crypto_blkdev);
+    int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(), key, crypto_blkdev);
     mDmDevPath = crypto_blkdev;
     if (res != 0) {
         PLOG(ERROR) << getId() << " failed to setup cryptfs";
@@ -147,12 +145,12 @@
 
     // Verify that common directories are ready to roll
     if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
-            PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
-            PrepareDir(mPath + "/user_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
-            PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
-            PrepareDir(mPath + "/media/0", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
-            PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
-            PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {
+        PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
+        PrepareDir(mPath + "/user_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
+        PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
+        PrepareDir(mPath + "/media/0", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
+        PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
+        PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {
         PLOG(ERROR) << getId() << " failed to prepare";
         return -EIO;
     }
@@ -160,8 +158,7 @@
     // Create a new emulated volume stacked above us, it will automatically
     // be destroyed during unmount
     std::string mediaPath(mPath + "/media");
-    auto vol = std::shared_ptr<VolumeBase>(
-            new EmulatedVolume(mediaPath, mRawDevice, mFsUuid));
+    auto vol = std::shared_ptr<VolumeBase>(new EmulatedVolume(mediaPath, mRawDevice, mFsUuid));
     addVolume(vol);
     vol->create();
 
diff --git a/model/PrivateVolume.h b/model/PrivateVolume.h
index 9a61f8d..85aa4dc 100644
--- a/model/PrivateVolume.h
+++ b/model/PrivateVolume.h
@@ -36,14 +36,14 @@
  * keys are tightly tied to this device.
  */
 class PrivateVolume : public VolumeBase {
-public:
+  public:
     PrivateVolume(dev_t device, const std::string& keyRaw);
     virtual ~PrivateVolume();
     const std::string& getFsType() { return mFsType; };
     const std::string& getRawDevPath() { return mRawDevPath; };
     const std::string& getRawDmDevPath() { return mDmDevPath; };
 
-protected:
+  protected:
     status_t doCreate() override;
     status_t doDestroy() override;
     status_t doMount() override;
@@ -52,7 +52,7 @@
 
     status_t readMetadata();
 
-private:
+  private:
     /* Kernel device of raw, encrypted partition */
     dev_t mRawDevice;
     /* Path to raw, encrypted block device */
diff --git a/model/PublicVolume.cpp b/model/PublicVolume.cpp
index 9f2ed85..7420c79 100644
--- a/model/PublicVolume.cpp
+++ b/model/PublicVolume.cpp
@@ -20,8 +20,8 @@
 #include "fs/Exfat.h"
 #include "fs/Vfat.h"
 
-#include <android-base/stringprintf.h>
 #include <android-base/logging.h>
+#include <android-base/stringprintf.h>
 #include <cutils/fs.h>
 #include <private/android_filesystem_config.h>
 #include <utils/Timers.h>
@@ -30,8 +30,8 @@
 #include <stdlib.h>
 #include <sys/mount.h>
 #include <sys/stat.h>
-#include <sys/types.h>
 #include <sys/sysmacros.h>
+#include <sys/types.h>
 #include <sys/wait.h>
 
 using android::base::StringPrintf;
@@ -43,14 +43,12 @@
 
 static const char* kAsecPath = "/mnt/secure/asec";
 
-PublicVolume::PublicVolume(dev_t device) :
-        VolumeBase(Type::kPublic), mDevice(device), mFusePid(0) {
+PublicVolume::PublicVolume(dev_t device) : VolumeBase(Type::kPublic), mDevice(device), mFusePid(0) {
     setId(StringPrintf("public:%u,%u", major(device), minor(device)));
     mDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
 }
 
-PublicVolume::~PublicVolume() {
-}
+PublicVolume::~PublicVolume() {}
 
 status_t PublicVolume::readMetadata() {
     status_t res = ReadMetadataUntrusted(mDevPath, &mFsType, &mFsUuid, &mFsLabel);
@@ -66,8 +64,7 @@
     std::string securePath(mRawPath + "/.android_secure");
 
     // Recover legacy secure path
-    if (!access(legacyPath.c_str(), R_OK | X_OK)
-            && access(securePath.c_str(), R_OK | X_OK)) {
+    if (!access(legacyPath.c_str(), R_OK | X_OK) && access(securePath.c_str(), R_OK | X_OK)) {
         if (rename(legacyPath.c_str(), securePath.c_str())) {
             PLOG(WARNING) << getId() << " failed to rename legacy ASEC dir";
         }
@@ -158,8 +155,8 @@
     }
 
     if (fs_prepare_dir(mFuseDefault.c_str(), 0700, AID_ROOT, AID_ROOT) ||
-            fs_prepare_dir(mFuseRead.c_str(), 0700, AID_ROOT, AID_ROOT) ||
-            fs_prepare_dir(mFuseWrite.c_str(), 0700, AID_ROOT, AID_ROOT)) {
+        fs_prepare_dir(mFuseRead.c_str(), 0700, AID_ROOT, AID_ROOT) ||
+        fs_prepare_dir(mFuseWrite.c_str(), 0700, AID_ROOT, AID_ROOT)) {
         PLOG(ERROR) << getId() << " failed to create FUSE mount points";
         return -errno;
     }
@@ -168,6 +165,7 @@
 
     if (!(mFusePid = fork())) {
         if (getMountFlags() & MountFlags::kPrimary) {
+            // clang-format off
             if (execl(kFusePath, kFusePath,
                     "-u", "1023", // AID_MEDIA_RW
                     "-g", "1023", // AID_MEDIA_RW
@@ -176,9 +174,11 @@
                     mRawPath.c_str(),
                     stableName.c_str(),
                     NULL)) {
+                // clang-format on
                 PLOG(ERROR) << "Failed to exec";
             }
         } else {
+            // clang-format off
             if (execl(kFusePath, kFusePath,
                     "-u", "1023", // AID_MEDIA_RW
                     "-g", "1023", // AID_MEDIA_RW
@@ -186,6 +186,7 @@
                     mRawPath.c_str(),
                     stableName.c_str(),
                     NULL)) {
+                // clang-format on
                 PLOG(ERROR) << "Failed to exec";
             }
         }
@@ -202,7 +203,7 @@
     nsecs_t start = systemTime(SYSTEM_TIME_BOOTTIME);
     while (before == GetDevice(mFuseWrite)) {
         LOG(VERBOSE) << "Waiting for FUSE to spin up...";
-        usleep(50000); // 50ms
+        usleep(50000);  // 50ms
 
         nsecs_t now = systemTime(SYSTEM_TIME_BOOTTIME);
         if (nanoseconds_to_milliseconds(now - start) > 5000) {
diff --git a/model/PublicVolume.h b/model/PublicVolume.h
index 3aa7a73..c918f52 100644
--- a/model/PublicVolume.h
+++ b/model/PublicVolume.h
@@ -38,11 +38,11 @@
  * away the Android directory for secondary users.
  */
 class PublicVolume : public VolumeBase {
-public:
+  public:
     explicit PublicVolume(dev_t device);
     virtual ~PublicVolume();
 
-protected:
+  protected:
     status_t doCreate() override;
     status_t doDestroy() override;
     status_t doMount() override;
@@ -52,7 +52,7 @@
     status_t readMetadata();
     status_t initAsecStage();
 
-private:
+  private:
     /* Kernel device representing partition */
     dev_t mDevice;
     /* Block device path */
diff --git a/model/VolumeBase.cpp b/model/VolumeBase.cpp
index 429f134..300add1 100644
--- a/model/VolumeBase.cpp
+++ b/model/VolumeBase.cpp
@@ -14,12 +14,12 @@
  * limitations under the License.
  */
 
-#include "Utils.h"
 #include "VolumeBase.h"
+#include "Utils.h"
 #include "VolumeManager.h"
 
-#include <android-base/stringprintf.h>
 #include <android-base/logging.h>
+#include <android-base/stringprintf.h>
 
 #include <fcntl.h>
 #include <stdlib.h>
@@ -32,10 +32,13 @@
 namespace android {
 namespace vold {
 
-VolumeBase::VolumeBase(Type type) :
-        mType(type), mMountFlags(0), mMountUserId(-1), mCreated(false), mState(
-                State::kUnmounted), mSilent(false) {
-}
+VolumeBase::VolumeBase(Type type)
+    : mType(type),
+      mMountFlags(0),
+      mMountUserId(-1),
+      mCreated(false),
+      mState(State::kUnmounted),
+      mSilent(false) {}
 
 VolumeBase::~VolumeBase() {
     CHECK(!mCreated);
@@ -45,7 +48,9 @@
     mState = state;
 
     auto listener = getListener();
-    if (listener) listener->onVolumeStateChanged(getId(), static_cast<int32_t>(mState));
+    if (listener) {
+        listener->onVolumeStateChanged(getId(), static_cast<int32_t>(mState));
+    }
 }
 
 status_t VolumeBase::setDiskId(const std::string& diskId) {
@@ -131,7 +136,9 @@
     mInternalPath = internalPath;
 
     auto listener = getListener();
-    if (listener) listener->onVolumeInternalPathChanged(getId(), mInternalPath);
+    if (listener) {
+        listener->onVolumeInternalPathChanged(getId(), mInternalPath);
+    }
 
     return OK;
 }
@@ -168,8 +175,9 @@
     status_t res = doCreate();
 
     auto listener = getListener();
-    if (listener) listener->onVolumeCreated(getId(),
-            static_cast<int32_t>(mType), mDiskId, mPartGuid);
+    if (listener) {
+        listener->onVolumeCreated(getId(), static_cast<int32_t>(mType), mDiskId, mPartGuid);
+    }
 
     setState(State::kUnmounted);
     return res;
@@ -189,9 +197,10 @@
         setState(State::kRemoved);
     }
 
-
     auto listener = getListener();
-    if (listener) listener->onVolumeDestroyed(getId());
+    if (listener) {
+        listener->onVolumeDestroyed(getId());
+    }
 
     status_t res = doDestroy();
     mCreated = false;
@@ -228,8 +237,7 @@
     setState(State::kEjecting);
     for (const auto& vol : mVolumes) {
         if (vol->destroy()) {
-            LOG(WARNING) << getId() << " failed to destroy " << vol->getId()
-                    << " stacked above";
+            LOG(WARNING) << getId() << " failed to destroy " << vol->getId() << " stacked above";
         }
     }
     mVolumes.clear();
diff --git a/model/VolumeBase.h b/model/VolumeBase.h
index 4aa8b02..6532a80 100644
--- a/model/VolumeBase.h
+++ b/model/VolumeBase.h
@@ -17,8 +17,8 @@
 #ifndef ANDROID_VOLD_VOLUME_BASE_H
 #define ANDROID_VOLD_VOLUME_BASE_H
 
-#include "android/os/IVoldListener.h"
 #include "Utils.h"
+#include "android/os/IVoldListener.h"
 
 #include <cutils/multiuser.h>
 #include <utils/Errors.h>
@@ -45,7 +45,7 @@
  * volumes and removes any bind mounts before finally unmounting itself.
  */
 class VolumeBase {
-public:
+  public:
     virtual ~VolumeBase();
 
     enum class Type {
@@ -102,7 +102,7 @@
     status_t unmount();
     status_t format(const std::string& fsType);
 
-protected:
+  protected:
     explicit VolumeBase(Type type);
 
     virtual status_t doCreate();
@@ -117,7 +117,7 @@
 
     android::sp<android::os::IVoldListener> getListener();
 
-private:
+  private:
     /* ID that uniquely references volume while alive */
     std::string mId;
     /* ID that uniquely references parent disk while alive */
diff --git a/secdiscard.cpp b/secdiscard.cpp
index 25a0826..2d9dc35 100644
--- a/secdiscard.cpp
+++ b/secdiscard.cpp
@@ -18,15 +18,15 @@
 #include <string>
 #include <vector>
 
+#include <errno.h>
+#include <fcntl.h>
+#include <linux/fiemap.h>
+#include <linux/fs.h>
+#include <mntent.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
-#include <sys/types.h>
 #include <sys/stat.h>
-#include <fcntl.h>
-#include <linux/fs.h>
-#include <linux/fiemap.h>
-#include <mntent.h>
+#include <sys/types.h>
 
 #include <android-base/logging.h>
 #include <android-base/unique_fd.h>
@@ -42,23 +42,23 @@
 
 constexpr uint32_t max_extents = 32;
 
-bool read_command_line(int argc, const char * const argv[], Options &options);
-void usage(const char *progname);
-bool secdiscard_path(const std::string &path);
-bool check_fiemap(const struct fiemap &fiemap, const std::string &path);
+bool read_command_line(int argc, const char* const argv[], Options& options);
+void usage(const char* progname);
+bool secdiscard_path(const std::string& path);
+bool check_fiemap(const struct fiemap& fiemap, const std::string& path);
 bool overwrite_with_zeros(int fd, off64_t start, off64_t length);
 
-}
+}  // namespace
 
-int main(int argc, const char * const argv[]) {
-    android::base::InitLogging(const_cast<char **>(argv));
+int main(int argc, const char* const argv[]) {
+    android::base::InitLogging(const_cast<char**>(argv));
     Options options;
     if (!read_command_line(argc, argv, options)) {
         usage(argv[0]);
         return -1;
     }
 
-    for (auto const &target: options.targets) {
+    for (auto const& target : options.targets) {
 // F2FS-specific ioctl
 // It requires the below kernel commit merged in v4.16-rc1.
 //   1ad71a27124c ("f2fs: add an ioctl to disable GC for specific file")
@@ -70,13 +70,12 @@
 //   ce767d9a55bc ("f2fs: updates on v4.16-rc1")
 #ifndef F2FS_IOC_SET_PIN_FILE
 #ifndef F2FS_IOCTL_MAGIC
-#define F2FS_IOCTL_MAGIC		0xf5
+#define F2FS_IOCTL_MAGIC 0xf5
 #endif
-#define F2FS_IOC_SET_PIN_FILE	_IOW(F2FS_IOCTL_MAGIC, 13, __u32)
-#define F2FS_IOC_GET_PIN_FILE	_IOR(F2FS_IOCTL_MAGIC, 14, __u32)
+#define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
+#define F2FS_IOC_GET_PIN_FILE _IOR(F2FS_IOCTL_MAGIC, 14, __u32)
 #endif
-        android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(
-            target.c_str(), O_WRONLY, 0)));
+        android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(target.c_str(), O_WRONLY, 0)));
         if (fd == -1) {
             LOG(ERROR) << "Secure discard open failed for: " << target;
             return 0;
@@ -102,29 +101,29 @@
 
 namespace {
 
-bool read_command_line(int argc, const char * const argv[], Options &options) {
+bool read_command_line(int argc, const char* const argv[], Options& options) {
     for (int i = 1; i < argc; i++) {
         if (!strcmp("--no-unlink", argv[i])) {
             options.unlink = false;
         } else if (!strcmp("--", argv[i])) {
-            for (int j = i+1; j < argc; j++) {
-                if (argv[j][0] != '/') return false; // Must be absolute path
+            for (int j = i + 1; j < argc; j++) {
+                if (argv[j][0] != '/') return false;  // Must be absolute path
                 options.targets.emplace_back(argv[j]);
             }
             return options.targets.size() > 0;
         } else {
-            return false; // Unknown option
+            return false;  // Unknown option
         }
     }
-    return false; // "--" not found
+    return false;  // "--" not found
 }
 
-void usage(const char *progname) {
+void usage(const char* progname) {
     fprintf(stderr, "Usage: %s [--no-unlink] -- <absolute path> ...\n", progname);
 }
 
 // BLKSECDISCARD all content in "path", if it's small enough.
-bool secdiscard_path(const std::string &path) {
+bool secdiscard_path(const std::string& path) {
     auto fiemap = android::vold::PathFiemap(path, max_extents);
     if (!fiemap || !check_fiemap(*fiemap, path)) {
         return false;
@@ -133,8 +132,8 @@
     if (block_device.empty()) {
         return false;
     }
-    android::base::unique_fd fs_fd(TEMP_FAILURE_RETRY(open(
-        block_device.c_str(), O_RDWR | O_LARGEFILE | O_CLOEXEC, 0)));
+    android::base::unique_fd fs_fd(
+        TEMP_FAILURE_RETRY(open(block_device.c_str(), O_RDWR | O_LARGEFILE | O_CLOEXEC, 0)));
     if (fs_fd == -1) {
         PLOG(ERROR) << "Failed to open device " << block_device;
         return false;
@@ -153,10 +152,10 @@
 }
 
 // Ensure that the FIEMAP covers the file and is OK to discard
-bool check_fiemap(const struct fiemap &fiemap, const std::string &path) {
+bool check_fiemap(const struct fiemap& fiemap, const std::string& path) {
     auto mapped = fiemap.fm_mapped_extents;
     if (!(fiemap.fm_extents[mapped - 1].fe_flags & FIEMAP_EXTENT_LAST)) {
-        LOG(ERROR) << "Extent " << mapped -1 << " was not the last in " << path;
+        LOG(ERROR) << "Extent " << mapped - 1 << " was not the last in " << path;
         return false;
     }
     for (uint32_t i = 0; i < mapped; i++) {
@@ -188,4 +187,4 @@
     return true;
 }
 
-}
+}  // namespace
diff --git a/secontext.cpp b/secontext.cpp
index 0529a30..bc21fc2 100644
--- a/secontext.cpp
+++ b/secontext.cpp
@@ -13,10 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-#include <Utils.h>
 #include "secontext.h"
+#include <Utils.h>
 
-security_context_t secontextFsck()
-{
+security_context_t secontextFsck() {
     return android::vold::sFsckContext;
 }
diff --git a/sehandle.h b/sehandle.h
index f59d7eb..8921db5 100644
--- a/sehandle.h
+++ b/sehandle.h
@@ -19,6 +19,6 @@
 
 #include <selinux/android.h>
 
-extern struct selabel_handle *sehandle;
+extern struct selabel_handle* sehandle;
 
 #endif
diff --git a/tests/CryptfsScryptHidlizationEquivalence_test.cpp b/tests/CryptfsScryptHidlizationEquivalence_test.cpp
index 2905af2..72170e3 100644
--- a/tests/CryptfsScryptHidlizationEquivalence_test.cpp
+++ b/tests/CryptfsScryptHidlizationEquivalence_test.cpp
@@ -18,13 +18,13 @@
 #define LOG_TAG "scrypt_test"
 #include <log/log.h>
 
+#include <gtest/gtest.h>
 #include <hardware/keymaster0.h>
 #include <hardware/keymaster1.h>
 #include <cstring>
-#include <gtest/gtest.h>
 
-#include "../cryptfs.h"
 #include "../Keymaster.h"
+#include "../cryptfs.h"
 
 #ifdef CONFIG_HW_DISK_ENCRYPTION
 #include "cryptfs_hw.h"
@@ -50,9 +50,8 @@
 #define RSA_EXPONENT 0x10001
 #define KEYMASTER_CRYPTFS_RATE_LIMIT 1  // Maximum one try per second
 
-static int keymaster_init(keymaster0_device_t **keymaster0_dev,
-                          keymaster1_device_t **keymaster1_dev)
-{
+static int keymaster_init(keymaster0_device_t** keymaster0_dev,
+                          keymaster1_device_t** keymaster1_dev) {
     int rc;
 
     const hw_module_t* mod;
@@ -76,8 +75,8 @@
     }
 
     if (rc) {
-        ALOGE("could not open keymaster device in %s (%s)",
-              KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc));
+        ALOGE("could not open keymaster device in %s (%s)", KEYSTORE_HARDWARE_MODULE_ID,
+              strerror(-rc));
         goto err;
     }
 
@@ -90,10 +89,9 @@
 }
 
 /* Should we use keymaster? */
-static int keymaster_check_compatibility_old()
-{
-    keymaster0_device_t *keymaster0_dev = 0;
-    keymaster1_device_t *keymaster1_dev = 0;
+static int keymaster_check_compatibility_old() {
+    keymaster0_device_t* keymaster0_dev = 0;
+    keymaster1_device_t* keymaster1_dev = 0;
     int rc = 0;
 
     if (keymaster_init(&keymaster0_dev, &keymaster1_dev)) {
@@ -114,8 +112,7 @@
 
     // TODO(swillden): Check to see if there's any reason to require v0.3.  I think v0.1 and v0.2
     // should work.
-    if (keymaster0_dev->common.module->module_api_version
-            < KEYMASTER_MODULE_API_VERSION_0_3) {
+    if (keymaster0_dev->common.module->module_api_version < KEYMASTER_MODULE_API_VERSION_0_3) {
         rc = 0;
         goto out;
     }
@@ -136,11 +133,10 @@
 }
 
 /* Create a new keymaster key and store it in this footer */
-static int keymaster_create_key_old(struct crypt_mnt_ftr *ftr)
-{
+static int keymaster_create_key_old(struct crypt_mnt_ftr* ftr) {
     uint8_t* key = 0;
-    keymaster0_device_t *keymaster0_dev = 0;
-    keymaster1_device_t *keymaster1_dev = 0;
+    keymaster0_device_t* keymaster0_dev = 0;
+    keymaster1_device_t* keymaster1_dev = 0;
 
     if (ftr->keymaster_blob_size) {
         SLOGI("Already have key");
@@ -177,11 +173,10 @@
             /* Rate-limit key usage attempts, to rate-limit brute force */
             keymaster_param_int(KM_TAG_MIN_SECONDS_BETWEEN_OPS, KEYMASTER_CRYPTFS_RATE_LIMIT),
         };
-        keymaster_key_param_set_t param_set = { params, sizeof(params)/sizeof(*params) };
+        keymaster_key_param_set_t param_set = {params, sizeof(params) / sizeof(*params)};
         keymaster_key_blob_t key_blob;
-        keymaster_error_t error = keymaster1_dev->generate_key(keymaster1_dev, &param_set,
-                                                               &key_blob,
-                                                               NULL /* characteristics */);
+        keymaster_error_t error = keymaster1_dev->generate_key(
+            keymaster1_dev, &param_set, &key_blob, NULL /* characteristics */);
         if (error != KM_ERROR_OK) {
             SLOGE("Failed to generate keymaster1 key, error %d", error);
             rc = -1;
@@ -190,15 +185,13 @@
 
         key = (uint8_t*)key_blob.key_material;
         key_size = key_blob.key_material_size;
-    }
-    else if (keymaster0_dev) {
+    } else if (keymaster0_dev) {
         keymaster_rsa_keygen_params_t params;
         memset(&params, '\0', sizeof(params));
         params.public_exponent = RSA_EXPONENT;
         params.modulus_size = RSA_KEY_SIZE;
 
-        if (keymaster0_dev->generate_keypair(keymaster0_dev, TYPE_RSA, &params,
-                                             &key, &key_size)) {
+        if (keymaster0_dev->generate_keypair(keymaster0_dev, TYPE_RSA, &params, &key, &key_size)) {
             SLOGE("Failed to generate keypair");
             rc = -1;
             goto out;
@@ -219,24 +212,19 @@
     ftr->keymaster_blob_size = key_size;
 
 out:
-    if (keymaster0_dev)
-        keymaster0_close(keymaster0_dev);
-    if (keymaster1_dev)
-        keymaster1_close(keymaster1_dev);
+    if (keymaster0_dev) keymaster0_close(keymaster0_dev);
+    if (keymaster1_dev) keymaster1_close(keymaster1_dev);
     free(key);
     return rc;
 }
 
 /* This signs the given object using the keymaster key. */
-static int keymaster_sign_object_old(struct crypt_mnt_ftr *ftr,
-                                 const unsigned char *object,
-                                 const size_t object_size,
-                                 unsigned char **signature,
-                                 size_t *signature_size)
-{
+static int keymaster_sign_object_old(struct crypt_mnt_ftr* ftr, const unsigned char* object,
+                                     const size_t object_size, unsigned char** signature,
+                                     size_t* signature_size) {
     int rc = 0;
-    keymaster0_device_t *keymaster0_dev = 0;
-    keymaster1_device_t *keymaster1_dev = 0;
+    keymaster0_device_t* keymaster0_dev = 0;
+    keymaster1_device_t* keymaster1_dev = 0;
 
     unsigned char to_sign[RSA_KEY_SIZE_BYTES];
     size_t to_sign_size = sizeof(to_sign);
@@ -284,32 +272,25 @@
         params.digest_type = DIGEST_NONE;
         params.padding_type = PADDING_NONE;
 
-        rc = keymaster0_dev->sign_data(keymaster0_dev,
-                                      &params,
-                                      ftr->keymaster_blob,
-                                      ftr->keymaster_blob_size,
-                                      to_sign,
-                                      to_sign_size,
-                                      signature,
-                                      signature_size);
+        rc = keymaster0_dev->sign_data(keymaster0_dev, &params, ftr->keymaster_blob,
+                                       ftr->keymaster_blob_size, to_sign, to_sign_size, signature,
+                                       signature_size);
         goto out;
     } else if (keymaster1_dev) {
-        keymaster_key_blob_t key = { ftr->keymaster_blob, ftr->keymaster_blob_size };
+        keymaster_key_blob_t key = {ftr->keymaster_blob, ftr->keymaster_blob_size};
         keymaster_key_param_t params[] = {
             keymaster_param_enum(KM_TAG_PADDING, KM_PAD_NONE),
             keymaster_param_enum(KM_TAG_DIGEST, KM_DIGEST_NONE),
         };
-        keymaster_key_param_set_t param_set = { params, sizeof(params)/sizeof(*params) };
+        keymaster_key_param_set_t param_set = {params, sizeof(params) / sizeof(*params)};
         keymaster_operation_handle_t op_handle;
-        keymaster_error_t error = keymaster1_dev->begin(keymaster1_dev, KM_PURPOSE_SIGN, &key,
-                                                        &param_set, NULL /* out_params */,
-                                                        &op_handle);
+        keymaster_error_t error = keymaster1_dev->begin(
+            keymaster1_dev, KM_PURPOSE_SIGN, &key, &param_set, NULL /* out_params */, &op_handle);
         if (error == KM_ERROR_KEY_RATE_LIMIT_EXCEEDED) {
             // Key usage has been rate-limited.  Wait a bit and try again.
             sleep(KEYMASTER_CRYPTFS_RATE_LIMIT);
-            error = keymaster1_dev->begin(keymaster1_dev, KM_PURPOSE_SIGN, &key,
-                                          &param_set, NULL /* out_params */,
-                                          &op_handle);
+            error = keymaster1_dev->begin(keymaster1_dev, KM_PURPOSE_SIGN, &key, &param_set,
+                                          NULL /* out_params */, &op_handle);
         }
         if (error != KM_ERROR_OK) {
             SLOGE("Error starting keymaster signature transaction: %d", error);
@@ -317,11 +298,10 @@
             goto out;
         }
 
-        keymaster_blob_t input = { to_sign, to_sign_size };
+        keymaster_blob_t input = {to_sign, to_sign_size};
         size_t input_consumed;
-        error = keymaster1_dev->update(keymaster1_dev, op_handle, NULL /* in_params */,
-                                       &input, &input_consumed, NULL /* out_params */,
-                                       NULL /* output */);
+        error = keymaster1_dev->update(keymaster1_dev, op_handle, NULL /* in_params */, &input,
+                                       &input_consumed, NULL /* out_params */, NULL /* output */);
         if (error != KM_ERROR_OK) {
             SLOGE("Error sending data to keymaster signature transaction: %d", error);
             rc = -1;
@@ -337,8 +317,7 @@
 
         keymaster_blob_t tmp_sig;
         error = keymaster1_dev->finish(keymaster1_dev, op_handle, NULL /* in_params */,
-                                       NULL /* verify signature */, NULL /* out_params */,
-                                       &tmp_sig);
+                                       NULL /* verify signature */, NULL /* out_params */, &tmp_sig);
         if (error != KM_ERROR_OK) {
             SLOGE("Error finishing keymaster signature transaction: %d", error);
             rc = -1;
@@ -353,19 +332,15 @@
         goto out;
     }
 
-    out:
-        if (keymaster1_dev)
-            keymaster1_close(keymaster1_dev);
-        if (keymaster0_dev)
-            keymaster0_close(keymaster0_dev);
+out:
+    if (keymaster1_dev) keymaster1_close(keymaster1_dev);
+    if (keymaster0_dev) keymaster0_close(keymaster0_dev);
 
-        return rc;
+    return rc;
 }
 
-
 /* Should we use keymaster? */
-static int keymaster_check_compatibility_new()
-{
+static int keymaster_check_compatibility_new() {
     return keymaster_compatibility_cryptfs_scrypt();
 }
 
@@ -394,12 +369,9 @@
 #endif
 
 /* This signs the given object using the keymaster key. */
-static int keymaster_sign_object_new(struct crypt_mnt_ftr *ftr,
-                                 const unsigned char *object,
-                                 const size_t object_size,
-                                 unsigned char **signature,
-                                 size_t *signature_size)
-{
+static int keymaster_sign_object_new(struct crypt_mnt_ftr* ftr, const unsigned char* object,
+                                     const size_t object_size, unsigned char** signature,
+                                     size_t* signature_size) {
     unsigned char to_sign[RSA_KEY_SIZE_BYTES];
     size_t to_sign_size = sizeof(to_sign);
     memset(to_sign, 0, RSA_KEY_SIZE_BYTES);
@@ -443,12 +415,10 @@
 namespace android {
 
 class CryptFsTest : public testing::Test {
-protected:
-    virtual void SetUp() {
-    }
+  protected:
+    virtual void SetUp() {}
 
-    virtual void TearDown() {
-    }
+    virtual void TearDown() {}
 };
 
 TEST_F(CryptFsTest, ScryptHidlizationEquivalenceTest) {
@@ -458,8 +428,8 @@
 
     ASSERT_EQ(0, keymaster_create_key_old(&ftr));
 
-    uint8_t *sig1 = nullptr;
-    uint8_t *sig2 = nullptr;
+    uint8_t* sig1 = nullptr;
+    uint8_t* sig2 = nullptr;
     size_t sig_size1 = 123456789;
     size_t sig_size2 = 123456789;
     uint8_t object[] = "the object";
@@ -477,4 +447,4 @@
     free(sig2);
 }
 
-}
+}  // namespace android
diff --git a/tests/Utils_test.cpp b/tests/Utils_test.cpp
index ab9809e..e16cbac 100644
--- a/tests/Utils_test.cpp
+++ b/tests/Utils_test.cpp
@@ -21,8 +21,7 @@
 namespace android {
 namespace vold {
 
-class UtilsTest : public testing::Test {
-};
+class UtilsTest : public testing::Test {};
 
 TEST_F(UtilsTest, FindValueTest) {
     std::string tmp;
@@ -40,5 +39,5 @@
     ASSERT_EQ("BAZ", tmp);
 }
 
-}
-}
+}  // namespace vold
+}  // namespace android
diff --git a/tests/cryptfs_test.cpp b/tests/cryptfs_test.cpp
index 6875c0f..2093768 100644
--- a/tests/cryptfs_test.cpp
+++ b/tests/cryptfs_test.cpp
@@ -21,12 +21,10 @@
 namespace android {
 
 class CryptfsTest : public testing::Test {
-protected:
-    virtual void SetUp() {
-    }
+  protected:
+    virtual void SetUp() {}
 
-    virtual void TearDown() {
-    }
+    virtual void TearDown() {}
 };
 
 TEST_F(CryptfsTest, MatchMultiEntryTest) {
@@ -51,4 +49,4 @@
     ASSERT_EQ(0, match_multi_entry("foo_2", "bar", 0));
 }
 
-}
+}  // namespace android
diff --git a/vdc.cpp b/vdc.cpp
index 3c449ae..f49d6b8 100644
--- a/vdc.cpp
+++ b/vdc.cpp
@@ -14,15 +14,14 @@
  * limitations under the License.
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <signal.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <stdlib.h>
 #include <poll.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 
 #include <sys/select.h>
 #include <sys/time.h>
@@ -38,7 +37,7 @@
 
 #include <private/android_filesystem_config.h>
 
-static void usage(char *progname);
+static void usage(char* progname);
 
 static android::sp<android::IBinder> getServiceAggressive() {
     android::sp<android::IBinder> res;
@@ -50,7 +49,7 @@
             LOG(VERBOSE) << "Waited " << (i * 10) << "ms for vold";
             break;
         }
-        usleep(10000); // 10ms
+        usleep(10000);  // 10ms
     }
     return res;
 }
@@ -112,6 +111,6 @@
     return 0;
 }
 
-static void usage(char *progname) {
+static void usage(char* progname) {
     LOG(INFO) << "Usage: " << progname << " [--wait] <system> <subcommand> [args...]";
 }