allow encrypted filesystems to be mounted readonly

By setting ro.crypto.readonly to 1, cryptfs will mount an encrypted filesystem that is normally mounted read-write as read-only instead. To be used when recovery mounts /data. Bug: 12188746 Change-Id: If3f3f9a3024f29ebc4ad721a48546a332cb92b6b

allow encrypted filesystems to be mounted readonly
By setting ro.crypto.readonly to 1, cryptfs will mount an encrypted filesystem that is normally mounted read-write as read-only instead. To be used when recovery mounts /data. Bug: 12188746 Change-Id: If3f3f9a3024f29ebc4ad721a48546a332cb92b6b
6fd57713 · Doug Zongker · dbf5b665 · 6fd57713
Commit 6fd57713 authored 11 years ago by Doug Zongker
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 0 deletions

cryptfs.c cryptfs.c +11 -0

No files found.
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -1125,6 +1125,17 @@ int cryptfs_restart(void)
    }

    if (! (rc = wait_and_unmount(DATA_MNT_POINT)) ) {
+        /* If ro.crypto.readonly is set to 1, mount the decrypted
+         * filesystem readonly.  This is used when /data is mounted by
+         * recovery mode.
+         */
+        char ro_prop[PROPERTY_VALUE_MAX];
+        property_get("ro.crypto.readonly", ro_prop, "");
+        if (strlen(ro_prop) > 0 && atoi(ro_prop)) {
+            struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab, DATA_MNT_POINT);
+            rec->flags |= MS_RDONLY;
+        }
+        
        /* If that succeeded, then mount the decrypted filesystem */
        fs_mgr_do_mount(fstab, DATA_MNT_POINT, crypto_blkdev, 0);