Set media folder +F for adopted storage as well am: 083221f5cf
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/12384351
Change-Id: Ic7f73074717788e13abe7ed29a3e69b8c1ba409a
diff --git a/Android.bp b/Android.bp
index b033647..593dd27 100644
--- a/Android.bp
+++ b/Android.bp
@@ -110,7 +110,6 @@
srcs: [
"AppFuseUtil.cpp",
"Benchmark.cpp",
- "CheckEncryption.cpp",
"Checkpoint.cpp",
"CryptoType.cpp",
"Devmapper.cpp",
@@ -149,15 +148,6 @@
"model/VolumeEncryption.cpp",
],
product_variables: {
- arc: {
- exclude_srcs: [
- "model/ObbVolume.cpp",
- ],
- static_libs: [
- "arc_services_aidl",
- "libarcobbvolume",
- ],
- },
debuggable: {
cppflags: ["-D__ANDROID_DEBUGGABLE__"],
},
@@ -180,14 +170,6 @@
srcs: ["main.cpp"],
static_libs: ["libvold"],
- product_variables: {
- arc: {
- static_libs: [
- "arc_services_aidl",
- "libarcobbvolume",
- ],
- },
- },
init_rc: [
"vold.rc",
"wait_for_keymaster.rc",
diff --git a/CheckEncryption.cpp b/CheckEncryption.cpp
deleted file mode 100644
index ffa3698..0000000
--- a/CheckEncryption.cpp
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "CheckEncryption.h"
-#include "FileDeviceUtils.h"
-#include "Utils.h"
-#include "VolumeManager.h"
-
-#include <android-base/file.h>
-#include <android-base/logging.h>
-#include <android-base/unique_fd.h>
-#include <cutils/iosched_policy.h>
-#include <private/android_filesystem_config.h>
-
-#include <sstream>
-
-#include <sys/resource.h>
-#include <sys/time.h>
-#include <unistd.h>
-
-#include <assert.h>
-#include <fcntl.h>
-#include <linux/fs.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <fcntl.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-
-using android::base::unique_fd;
-
-using android::base::ReadFileToString;
-using android::base::WriteStringToFile;
-
-namespace android {
-namespace vold {
-
-constexpr uint32_t max_extents = 32;
-constexpr size_t bytecount = 8;
-constexpr int repeats = 256;
-
-bool check_file(const std::string& needle) {
- LOG(DEBUG) << "checkEncryption check_file: " << needle;
- auto haystack = android::vold::BlockDeviceForPath(needle);
- if (haystack.empty()) {
- LOG(ERROR) << "Failed to find device for path: " << needle;
- return false;
- }
-
- std::string randombytes;
- if (ReadRandomBytes(bytecount, randombytes) != 0) {
- LOG(ERROR) << "Failed to read random bytes";
- return false;
- }
- std::string randomhex;
- StrToHex(randombytes, randomhex);
- std::ostringstream os;
- for (int i = 0; i < repeats; i++) os << randomhex;
- auto towrite = os.str();
-
- if (access(needle.c_str(), F_OK) == 0) {
- if (unlink(needle.c_str()) != 0) {
- PLOG(ERROR) << "Failed to unlink " << needle;
- return false;
- }
- }
- LOG(DEBUG) << "Writing to " << needle;
- if (!WriteStringToFile(towrite, needle)) {
- PLOG(ERROR) << "Failed to write " << needle;
- return false;
- }
- sync();
-
- unique_fd haystack_fd(open(haystack.c_str(), O_RDONLY | O_CLOEXEC));
- if (haystack_fd.get() == -1) {
- PLOG(ERROR) << "Failed to open " << haystack;
- return false;
- }
-
- auto fiemap = PathFiemap(needle, max_extents);
-
- std::string area;
- for (uint32_t i = 0; i < fiemap->fm_mapped_extents; i++) {
- auto xt = &(fiemap->fm_extents[i]);
- LOG(DEBUG) << "Extent " << i << " at " << xt->fe_physical << " length " << xt->fe_length;
- if (lseek64(haystack_fd.get(), xt->fe_physical, SEEK_SET) == -1) {
- PLOG(ERROR) << "Failed lseek";
- return false;
- }
- auto toread = xt->fe_length;
- while (toread > 0) {
- char buf[BUFSIZ];
- size_t wlen =
- static_cast<size_t>(std::min(static_cast<typeof(toread)>(sizeof(buf)), toread));
- auto l = read(haystack_fd.get(), buf, wlen);
- if (l < 1) {
- PLOG(ERROR) << "Failed read";
- if (errno != EINTR) {
- return false;
- }
- }
- area.append(buf, l);
- toread -= l;
- }
- }
-
- LOG(DEBUG) << "Searching " << area.size() << " bytes of " << needle;
- LOG(DEBUG) << "First position of blob: " << area.find(randomhex);
- return true;
-}
-
-int CheckEncryption(const std::string& path) {
- auto deNeedle(path);
- deNeedle += "/misc";
- if (android::vold::PrepareDir(deNeedle, 01771, AID_SYSTEM, AID_MISC)) {
- return -1;
- }
- deNeedle += "/vold";
- if (android::vold::PrepareDir(deNeedle, 0700, AID_ROOT, AID_ROOT)) {
- return -1;
- }
- deNeedle += "/checkEncryption";
-
- auto neNeedle(path);
- neNeedle += "/unencrypted/checkEncryption";
-
- check_file(deNeedle);
- check_file(neNeedle);
-
- return 0;
-}
-
-} // namespace vold
-} // namespace android
diff --git a/CheckEncryption.h b/CheckEncryption.h
deleted file mode 100644
index 158d886..0000000
--- a/CheckEncryption.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef ANDROID_VOLD_CHECK_ENCRYPTION_H
-#define ANDROID_VOLD_CHECK_ENCRYPTION_H
-
-#include <string>
-
-namespace android {
-namespace vold {
-
-/* Check encryption of private volume mounted at the given path */
-int CheckEncryption(const std::string& path);
-
-} // namespace vold
-} // namespace android
-
-#endif
diff --git a/EncryptInplace.cpp b/EncryptInplace.cpp
index 9d304da..b1bd11d 100644
--- a/EncryptInplace.cpp
+++ b/EncryptInplace.cpp
@@ -205,9 +205,16 @@
data->count = 0;
for (block = 0; block < block_count; block++) {
- int used = (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT)
- ? 0
- : bitmap_get_bit(block_bitmap, block);
+ int used;
+
+ if (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT) {
+ // In block groups with an uninitialized block bitmap, we only
+ // need to encrypt the backup superblock (if one is present).
+ used = (ext4_bg_has_super_block(i) && block < 1 + aux_info.bg_desc_blocks);
+ } else {
+ used = bitmap_get_bit(block_bitmap, block);
+ }
+
update_progress(data, used);
if (used) {
if (data->count == 0) {
diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index e21524a..9bdade5 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -269,10 +269,9 @@
// HEH as default was always a mistake. Use the libfscrypt default (CTS)
// for devices launching on versions above Android 10.
auto first_api_level = GetFirstApiLevel();
- constexpr uint64_t pre_gki_level = 29;
auto filenames_mode =
android::base::GetProperty("ro.crypto.volume.filenames_mode",
- first_api_level > pre_gki_level ? "" : "aes-256-heh");
+ first_api_level > __ANDROID_API_Q__ ? "" : "aes-256-heh");
auto options_string = android::base::GetProperty("ro.crypto.volume.options",
contents_mode + ":" + filenames_mode);
if (!ParseOptionsForApiLevel(first_api_level, options_string, options)) {
diff --git a/KeyUtil.cpp b/KeyUtil.cpp
index acc42db..f3a2986 100644
--- a/KeyUtil.cpp
+++ b/KeyUtil.cpp
@@ -30,7 +30,6 @@
#include <android-base/properties.h>
#include <keyutils.h>
-#include <fscrypt_uapi.h>
#include "KeyStorage.h"
#include "Utils.h"
@@ -64,40 +63,37 @@
}
}
+static bool isFsKeyringSupportedImpl() {
+ android::base::unique_fd fd(open("/data", O_RDONLY | O_DIRECTORY | O_CLOEXEC));
+
+ // FS_IOC_ADD_ENCRYPTION_KEY with a NULL argument will fail with ENOTTY if
+ // the ioctl isn't supported. Otherwise it will fail with another error
+ // code such as EFAULT.
+ //
+ // Note that there's no need to check for FS_IOC_REMOVE_ENCRYPTION_KEY,
+ // since it's guaranteed to be available if FS_IOC_ADD_ENCRYPTION_KEY is.
+ // There's also no need to check for support on external volumes separately
+ // from /data, since either the kernel supports the ioctls on all
+ // fscrypt-capable filesystems or it doesn't.
+ errno = 0;
+ (void)ioctl(fd, FS_IOC_ADD_ENCRYPTION_KEY, NULL);
+ if (errno == ENOTTY) {
+ LOG(INFO) << "Kernel doesn't support FS_IOC_ADD_ENCRYPTION_KEY. Falling back to "
+ "session keyring";
+ return false;
+ }
+ if (errno != EFAULT) {
+ PLOG(WARNING) << "Unexpected error from FS_IOC_ADD_ENCRYPTION_KEY";
+ }
+ LOG(DEBUG) << "Detected support for FS_IOC_ADD_ENCRYPTION_KEY";
+ android::base::SetProperty("ro.crypto.uses_fs_ioc_add_encryption_key", "true");
+ return true;
+}
+
// Return true if the kernel supports the ioctls to add/remove fscrypt keys
// directly to/from the filesystem.
bool isFsKeyringSupported(void) {
- static bool initialized = false;
- static bool supported;
-
- if (!initialized) {
- android::base::unique_fd fd(open("/data", O_RDONLY | O_DIRECTORY | O_CLOEXEC));
-
- // FS_IOC_ADD_ENCRYPTION_KEY with a NULL argument will fail with ENOTTY
- // if the ioctl isn't supported. Otherwise it will fail with another
- // error code such as EFAULT.
- errno = 0;
- (void)ioctl(fd, FS_IOC_ADD_ENCRYPTION_KEY, NULL);
- if (errno == ENOTTY) {
- LOG(INFO) << "Kernel doesn't support FS_IOC_ADD_ENCRYPTION_KEY. Falling back to "
- "session keyring";
- supported = false;
- } else {
- if (errno != EFAULT) {
- PLOG(WARNING) << "Unexpected error from FS_IOC_ADD_ENCRYPTION_KEY";
- }
- LOG(DEBUG) << "Detected support for FS_IOC_ADD_ENCRYPTION_KEY";
- supported = true;
- android::base::SetProperty("ro.crypto.uses_fs_ioc_add_encryption_key", "true");
- }
- // There's no need to check for FS_IOC_REMOVE_ENCRYPTION_KEY, since it's
- // guaranteed to be available if FS_IOC_ADD_ENCRYPTION_KEY is. There's
- // also no need to check for support on external volumes separately from
- // /data, since either the kernel supports the ioctls on all
- // fscrypt-capable filesystems or it doesn't.
-
- initialized = true;
- }
+ static bool supported = isFsKeyringSupportedImpl();
return supported;
}
@@ -245,7 +241,7 @@
// https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html#fs-ioc-add-encryption-key
static bool installFsKeyringKey(const std::string& mountpoint, const EncryptionOptions& options,
fscrypt_add_key_arg* arg) {
- if (options.use_hw_wrapped_key) arg->flags |= FSCRYPT_ADD_KEY_FLAG_WRAPPED;
+ if (options.use_hw_wrapped_key) arg->__flags |= __FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED;
android::base::unique_fd fd(open(mountpoint.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC));
if (fd == -1) {
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index ca2813d..c61132c 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -283,10 +283,9 @@
return false;
}
- constexpr unsigned int pre_gki_level = 29;
unsigned int options_format_version = android::base::GetUintProperty<unsigned int>(
"ro.crypto.dm_default_key.options_format.version",
- (GetFirstApiLevel() <= pre_gki_level ? 1 : 2));
+ (GetFirstApiLevel() <= __ANDROID_API_Q__ ? 1 : 2));
CryptoOptions options;
if (options_format_version == 1) {
diff --git a/OWNERS b/OWNERS
index bab0ef6..deeceb7 100644
--- a/OWNERS
+++ b/OWNERS
@@ -4,3 +4,4 @@
ebiggers@google.com
drosen@google.com
zezeozue@google.com
+maco@google.com
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 0cb86ce..d310acd 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -30,7 +30,6 @@
#include <thread>
#include "Benchmark.h"
-#include "CheckEncryption.h"
#include "Checkpoint.h"
#include "FsCrypt.h"
#include "IdleMaint.h"
@@ -351,17 +350,6 @@
return Ok();
}
-binder::Status VoldNativeService::checkEncryption(const std::string& volId) {
- ENFORCE_SYSTEM_OR_ROOT;
- CHECK_ARGUMENT_ID(volId);
- ACQUIRE_LOCK;
-
- std::string path;
- auto status = pathForVolId(volId, &path);
- if (!status.isOk()) return status;
- return translate(android::vold::CheckEncryption(path));
-}
-
binder::Status VoldNativeService::moveStorage(
const std::string& fromVolId, const std::string& toVolId,
const android::sp<android::os::IVoldTaskListener>& listener) {
@@ -751,7 +739,7 @@
return translateBool(fscrypt_lock_user_key(userId));
}
-binder::Status VoldNativeService::prepareUserStorage(const std::unique_ptr<std::string>& uuid,
+binder::Status VoldNativeService::prepareUserStorage(const std::optional<std::string>& uuid,
int32_t userId, int32_t userSerial,
int32_t flags) {
ENFORCE_SYSTEM_OR_ROOT;
@@ -763,7 +751,7 @@
return translateBool(fscrypt_prepare_user_storage(uuid_, userId, userSerial, flags));
}
-binder::Status VoldNativeService::destroyUserStorage(const std::unique_ptr<std::string>& uuid,
+binder::Status VoldNativeService::destroyUserStorage(const std::optional<std::string>& uuid,
int32_t userId, int32_t flags) {
ENFORCE_SYSTEM_OR_ROOT;
std::string empty_string = "";
diff --git a/VoldNativeService.h b/VoldNativeService.h
index 013d1c2..f10bf5f 100644
--- a/VoldNativeService.h
+++ b/VoldNativeService.h
@@ -59,7 +59,6 @@
binder::Status format(const std::string& volId, const std::string& fsType);
binder::Status benchmark(const std::string& volId,
const android::sp<android::os::IVoldTaskListener>& listener);
- binder::Status checkEncryption(const std::string& volId);
binder::Status moveStorage(const std::string& fromVolId, const std::string& toVolId,
const android::sp<android::os::IVoldTaskListener>& listener);
@@ -126,9 +125,9 @@
const std::string& secret);
binder::Status lockUserKey(int32_t userId);
- binder::Status prepareUserStorage(const std::unique_ptr<std::string>& uuid, int32_t userId,
+ binder::Status prepareUserStorage(const std::optional<std::string>& uuid, int32_t userId,
int32_t userSerial, int32_t flags);
- binder::Status destroyUserStorage(const std::unique_ptr<std::string>& uuid, int32_t userId,
+ binder::Status destroyUserStorage(const std::optional<std::string>& uuid, int32_t userId,
int32_t flags);
binder::Status prepareSandboxForApp(const std::string& packageName, int32_t appId,
diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl
index 54b86d0..d0e753e 100644
--- a/binder/android/os/IVold.aidl
+++ b/binder/android/os/IVold.aidl
@@ -48,7 +48,6 @@
void unmount(@utf8InCpp String volId);
void format(@utf8InCpp String volId, @utf8InCpp String fsType);
void benchmark(@utf8InCpp String volId, IVoldTaskListener listener);
- void checkEncryption(@utf8InCpp String volId);
void moveStorage(@utf8InCpp String fromVolId, @utf8InCpp String toVolId,
IVoldTaskListener listener);
diff --git a/fs/F2fs.cpp b/fs/F2fs.cpp
index 9b8d2c4..d6f3dab 100644
--- a/fs/F2fs.cpp
+++ b/fs/F2fs.cpp
@@ -85,7 +85,12 @@
cmd.push_back("-O");
cmd.push_back("encrypt");
}
-
+ if (android::base::GetBoolProperty("vold.has_compress", false)) {
+ cmd.push_back("-O");
+ cmd.push_back("compression");
+ cmd.push_back("-O");
+ cmd.push_back("extra_attr");
+ }
cmd.push_back("-O");
cmd.push_back("verity");
diff --git a/fscrypt_uapi.h b/fscrypt_uapi.h
deleted file mode 100644
index 3cda96e..0000000
--- a/fscrypt_uapi.h
+++ /dev/null
@@ -1,27 +0,0 @@
-#ifndef _UAPI_LINUX_FSCRYPT_VOLD_H
-#define _UAPI_LINUX_FSCRYPT_VOLD_H
-
-#include <linux/fscrypt.h>
-#include <linux/types.h>
-
-#define FSCRYPT_ADD_KEY_FLAG_WRAPPED 0x01
-
-struct sys_fscrypt_add_key_arg {
- struct fscrypt_key_specifier key_spec;
- __u32 raw_size;
- __u32 key_id;
- __u32 __reserved[7];
- __u32 flags;
- __u8 raw[];
-};
-
-struct sys_fscrypt_provisioning_key_payload {
- __u32 type;
- __u32 __reserved;
- __u8 raw[];
-};
-
-#define fscrypt_add_key_arg sys_fscrypt_add_key_arg
-#define fscrypt_provisioning_key_payload sys_fscrypt_provisioning_key_payload
-
-#endif //_UAPI_LINUX_FSCRYPT_VOLD_H
diff --git a/main.cpp b/main.cpp
index ebe5510..1f85fb5 100644
--- a/main.cpp
+++ b/main.cpp
@@ -41,8 +41,14 @@
#include <sys/stat.h>
#include <sys/types.h>
-static int process_config(VolumeManager* vm, bool* has_adoptable, bool* has_quota,
- bool* has_reserved);
+typedef struct vold_configs {
+ bool has_adoptable : 1;
+ bool has_quota : 1;
+ bool has_reserved : 1;
+ bool has_compress : 1;
+} VoldConfigs;
+
+static int process_config(VolumeManager* vm, VoldConfigs* configs);
static void coldboot(const char* path);
static void parse_args(int argc, char** argv);
@@ -100,11 +106,8 @@
exit(1);
}
- bool has_adoptable;
- bool has_quota;
- bool has_reserved;
-
- if (process_config(vm, &has_adoptable, &has_quota, &has_reserved)) {
+ VoldConfigs configs = {};
+ if (process_config(vm, &configs)) {
PLOG(ERROR) << "Error reading configuration... continuing anyways";
}
@@ -128,9 +131,10 @@
// This call should go after listeners are started to avoid
// a deadlock between vold and init (see b/34278978 for details)
- android::base::SetProperty("vold.has_adoptable", has_adoptable ? "1" : "0");
- android::base::SetProperty("vold.has_quota", has_quota ? "1" : "0");
- android::base::SetProperty("vold.has_reserved", has_reserved ? "1" : "0");
+ android::base::SetProperty("vold.has_adoptable", configs.has_adoptable ? "1" : "0");
+ android::base::SetProperty("vold.has_quota", configs.has_quota ? "1" : "0");
+ android::base::SetProperty("vold.has_reserved", configs.has_reserved ? "1" : "0");
+ android::base::SetProperty("vold.has_compress", configs.has_compress ? "1" : "0");
// Do coldboot here so it won't block booting,
// also the cold boot is needed in case we have flash drive
@@ -213,8 +217,7 @@
}
}
-static int process_config(VolumeManager* vm, bool* has_adoptable, bool* has_quota,
- bool* has_reserved) {
+static int process_config(VolumeManager* vm, VoldConfigs* configs) {
ATRACE_NAME("process_config");
if (!ReadDefaultFstab(&fstab_default)) {
@@ -223,19 +226,24 @@
}
/* Loop through entries looking for ones that vold manages */
- *has_adoptable = false;
- *has_quota = false;
- *has_reserved = false;
+ configs->has_adoptable = false;
+ configs->has_quota = false;
+ configs->has_reserved = false;
+ configs->has_compress = false;
for (auto& entry : fstab_default) {
if (entry.fs_mgr_flags.quota) {
- *has_quota = true;
+ configs->has_quota = true;
}
if (entry.reserved_size > 0) {
- *has_reserved = true;
+ configs->has_reserved = true;
+ }
+ if (entry.fs_mgr_flags.fs_compress) {
+ configs->has_compress = true;
}
/* Make sure logical partitions have an updated blk_device. */
- if (entry.fs_mgr_flags.logical && !fs_mgr_update_logical_partition(&entry)) {
+ if (entry.fs_mgr_flags.logical && !fs_mgr_update_logical_partition(&entry) &&
+ !entry.fs_mgr_flags.no_fail) {
PLOG(FATAL) << "could not find logical partition " << entry.blk_device;
}
@@ -251,7 +259,7 @@
if (entry.is_encryptable()) {
flags |= android::vold::Disk::Flags::kAdoptable;
- *has_adoptable = true;
+ configs->has_adoptable = true;
}
if (entry.fs_mgr_flags.no_emulated_sd ||
android::base::GetBoolProperty("vold.debug.default_primary", false)) {
diff --git a/model/VolumeEncryption.cpp b/model/VolumeEncryption.cpp
index 5b0e73d..e6a55a9 100644
--- a/model/VolumeEncryption.cpp
+++ b/model/VolumeEncryption.cpp
@@ -32,16 +32,16 @@
enum class VolumeMethod { kFailed, kCrypt, kDefaultKey };
static VolumeMethod lookup_volume_method() {
- constexpr uint64_t pre_gki_level = 29;
auto first_api_level =
android::base::GetUintProperty<uint64_t>("ro.product.first_api_level", 0);
auto method = android::base::GetProperty("ro.crypto.volume.metadata.method", "default");
if (method == "default") {
- return first_api_level > pre_gki_level ? VolumeMethod::kDefaultKey : VolumeMethod::kCrypt;
+ return first_api_level > __ANDROID_API_Q__ ? VolumeMethod::kDefaultKey
+ : VolumeMethod::kCrypt;
} else if (method == "dm-default-key") {
return VolumeMethod::kDefaultKey;
} else if (method == "dm-crypt") {
- if (first_api_level > pre_gki_level) {
+ if (first_api_level > __ANDROID_API_Q__) {
LOG(ERROR) << "volume encryption method dm-crypt cannot be used, "
"ro.product.first_api_level = "
<< first_api_level;
diff --git a/vdc.cpp b/vdc.cpp
index c0b798d..11562e7 100644
--- a/vdc.cpp
+++ b/vdc.cpp
@@ -105,8 +105,6 @@
checkStatus(args, vold->shutdown());
} else if (args[0] == "volume" && args[1] == "reset") {
checkStatus(args, vold->reset());
- } else if (args[0] == "cryptfs" && args[1] == "checkEncryption" && args.size() == 3) {
- checkStatus(args, vold->checkEncryption(args[2]));
} else if (args[0] == "cryptfs" && args[1] == "mountFstab" && args.size() == 4) {
checkStatus(args, vold->mountFstab(args[2], args[3]));
} else if (args[0] == "cryptfs" && args[1] == "encryptFstab" && args.size() == 4) {