Merge "Split MOUNT_FLAG_VISIBLE into MOUNT_FLAG_VISIBLE_FOR_{READ, WRITE}"diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 017ffec..be68222 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -208,7 +208,7 @@
return false;
}
-static bool IsEmmcStorage(const std::string& blk_device) {
+static bool MightBeEmmcStorage(const std::string& blk_device) {
// Handle symlinks.
std::string real_path;
if (!Realpath(blk_device, &real_path)) {
@@ -224,8 +224,15 @@
}
// Now we should have the "real" block device.
- LOG(DEBUG) << "IsEmmcStorage(): blk_device = " << blk_device << ", real_path=" << real_path;
- return StartsWith(Basename(real_path), "mmcblk");
+ LOG(DEBUG) << "MightBeEmmcStorage(): blk_device = " << blk_device
+ << ", real_path=" << real_path;
+ std::string name = Basename(real_path);
+ return StartsWith(name, "mmcblk") ||
+ // virtio devices may provide inline encryption support that is
+ // backed by eMMC inline encryption on the host, thus inheriting the
+ // DUN size limitation. So virtio devices must be allowed here too.
+ // TODO(b/207390665): check the maximum DUN size directly instead.
+ StartsWith(name, "vd");
}
// Retrieve the options to use for encryption policies on the /data filesystem.
@@ -241,7 +248,7 @@
return false;
}
if ((options->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) &&
- !IsEmmcStorage(entry->blk_device)) {
+ !MightBeEmmcStorage(entry->blk_device)) {
LOG(ERROR) << "The emmc_optimized encryption flag is only allowed on eMMC storage. Remove "
"this flag from the device's fstab";
return false;