Move all crypto commands over to Binder.
Prefix FDE related commands with "fde" to make it clear which devices
they apply to. This will also make it easier to remove once FDE
is fully deprecated in a future release.
To emulate the single-threaded nature of the old socket, introduce a
lock that is acquired for all encryption related methods.
Sprinkle some "const" around older files to make C++ happy.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: I0a6ec6e3660bbddc61424c344ff6ac6da953ccf0
diff --git a/cryptfs.h b/cryptfs.h
index d20d96d..a7b650f 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -229,11 +229,11 @@
int cryptfs_crypto_complete(void);
int cryptfs_check_passwd(const char *pw);
- int cryptfs_verify_passwd(char *newpw);
+ int cryptfs_verify_passwd(const char *pw);
int cryptfs_restart(void);
- int cryptfs_enable(char *flag, int type, char *passwd, int no_ui);
+ int cryptfs_enable(const char *flag, int type, const char *passwd, int no_ui);
int cryptfs_changepw(int type, const char *newpw);
- int cryptfs_enable_default(char *flag, int no_ui);
+ int cryptfs_enable_default(const char *flag, int no_ui);
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
const unsigned char* key, int keysize, char* out_crypto_blkdev);
int cryptfs_revert_ext_volume(const char* label);