Merge "Call earlyBootEnded from vdc." am: 17ebcf7f99

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1496221

Change-Id: Ib084a4c16c790e274232fd4056b3af4b0e39fff7
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index fdee21f..cf7c5f7 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -79,10 +79,6 @@
 }
 
 static bool mount_via_fs_mgr(const char* mount_point, const char* blk_device) {
-    // We're about to mount data not verified by verified boot.  Tell Keymaster instances that early
-    // boot has ended.
-    ::android::vold::Keymaster::earlyBootEnded();
-
     // fs_mgr_do_mount runs fsck. Use setexeccon to run trusted
     // partitions in the fsck domain.
     if (setexeccon(android::vold::sFsckContext)) {
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 3fb4e65..674a721 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -33,6 +33,7 @@
 #include "Checkpoint.h"
 #include "FsCrypt.h"
 #include "IdleMaint.h"
+#include "Keymaster.h"
 #include "MetadataCrypt.h"
 #include "MoveStorage.h"
 #include "Process.h"
@@ -879,6 +880,14 @@
     return Ok();
 }
 
+binder::Status VoldNativeService::earlyBootEnded() {
+    ENFORCE_SYSTEM_OR_ROOT;
+    ACQUIRE_LOCK;
+
+    Keymaster::earlyBootEnded();
+    return Ok();
+}
+
 binder::Status VoldNativeService::incFsEnabled(bool* _aidl_return) {
     ENFORCE_SYSTEM_OR_ROOT;
 
diff --git a/VoldNativeService.h b/VoldNativeService.h
index 9914879..390e9fc 100644
--- a/VoldNativeService.h
+++ b/VoldNativeService.h
@@ -150,6 +150,8 @@
     binder::Status supportsFileCheckpoint(bool* _aidl_return);
     binder::Status resetCheckpoint();
 
+    binder::Status earlyBootEnded();
+
     binder::Status incFsEnabled(bool* _aidl_return) override;
     binder::Status mountIncFs(
             const std::string& backingPath, const std::string& targetDir, int32_t flags,
diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl
index 1d6225f..bb284b8 100644
--- a/binder/android/os/IVold.aidl
+++ b/binder/android/os/IVold.aidl
@@ -126,6 +126,7 @@
     boolean supportsFileCheckpoint();
     void resetCheckpoint();
 
+    void earlyBootEnded();
     @utf8InCpp String createStubVolume(@utf8InCpp String sourcePath,
             @utf8InCpp String mountPath, @utf8InCpp String fsType,
             @utf8InCpp String fsUuid, @utf8InCpp String fsLabel, int flags);
diff --git a/vdc.cpp b/vdc.cpp
index 11562e7..b6bb5ed 100644
--- a/vdc.cpp
+++ b/vdc.cpp
@@ -152,6 +152,8 @@
         checkStatus(args, vold->abortChanges(args[2], retry != 0));
     } else if (args[0] == "checkpoint" && args[1] == "resetCheckpoint") {
         checkStatus(args, vold->resetCheckpoint());
+    } else if (args[0] == "keymaster" && args[1] == "early-boot-ended") {
+        checkStatus(args, vold->earlyBootEnded());
     } else {
         LOG(ERROR) << "Raw commands are no longer supported";
         exit(EINVAL);