android: add add_ext4_encrypt helper program

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

2 files changed, 108 insertions, 0 deletions

diff --git a/contrib/Android.mk b/contrib/Android.mk
index 9557320d..66281457 100644
--- a/contrib/Android.mk
+++ b/contrib/Android.mk
@@ -34,3 +34,46 @@ LOCAL_MODULE_TAGS := optional
 
 include $(BUILD_HOST_EXECUTABLE)
 
+#########################################################################
+# Build add_ext4_encrypt
+#
+include $(CLEAR_VARS)
+
+add_ext4_encrypt_src_files := \
+	add_ext4_encrypt.c
+
+add_ext4_encrypt_c_includes := \
+	external/e2fsprogs/lib
+
+add_ext4_encrypt_cflags := -O2 -g -W -Wall
+
+add_ext4_encrypt_shared_libraries := \
+	libext2fs \
+	libext2_com_err
+
+add_ext4_encrypt_system_shared_libraries := libc
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := $(add_ext4_encrypt_src_files)
+LOCAL_C_INCLUDES := $(add_ext4_encrypt_c_includes)
+LOCAL_CFLAGS := $(add_ext4_encrypt_cflags)
+LOCAL_SHARED_LIBRARIES := $(add_ext4_encrypt_shared_libraries)
+LOCAL_SYSTEM_SHARED_LIBRARIES := $(add_ext4_encrypt_system_shared_libraries)
+LOCAL_MODULE := add_ext4_encrypt
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_EXECUTABLE)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := $(add_ext4_encrypt_src_files)
+LOCAL_C_INCLUDES := $(add_ext4_encrypt_c_includes)
+LOCAL_CFLAGS := $(add_ext4_encrypt_cflags)
+LOCAL_SHARED_LIBRARIES := $(addsuffix _host, $(add_ext4_encrypt_shared_libraries))
+LOCAL_MODULE := add_ext4_encrypt_host
+LOCAL_MODULE_STEM := add_ext4_encrypt
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_HOST_EXECUTABLE)
+
diff --git a/contrib/add_ext4_encrypt.c b/contrib/add_ext4_encrypt.c
new file mode 100644
index 00000000..73008dc1
--- /dev/null
+++ b/contrib/add_ext4_encrypt.c
@@ -0,0 +1,65 @@
+/*
+ * Basic progam to add ext4 encryption to a file system
+ *
+ * Copyright 2015, Google, Inc.
+ *
+ * %Begin-Header%
+ * This file may be redistributed under the terms of the GNU Public
+ * License.
+ * %End-Header%
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <ext2fs/ext2_fs.h>
+#include <ext2fs/ext2fs.h>
+
+int main (int argc, char *argv[])
+{
+	errcode_t	retval = 0;
+	ext2_filsys	fs;
+
+	setbuf(stdout, NULL);
+	setbuf(stderr, NULL);
+	initialize_ext2_error_table();
+
+	if (argc != 2) {
+		fprintf(stderr, "%s: Usage <device|filesystem>\n", argv[0]);
+		exit(1);
+	}
+
+	retval = ext2fs_open(argv[1], EXT2_FLAG_RW, 0, 0,
+			     unix_io_manager, &fs);
+
+	if (retval) {
+		com_err(argv[0], retval, "while trying to open '%s'",
+			argv[1]);
+		exit(1);
+	}
+	if (!EXT2_HAS_INCOMPAT_FEATURE(fs->super,
+				       EXT4_FEATURE_INCOMPAT_ENCRYPT)) {
+		fs->super->s_feature_incompat |= EXT4_FEATURE_INCOMPAT_ENCRYPT;
+		fs->super->s_encrypt_algos[0] =
+			EXT4_ENCRYPTION_MODE_AES_256_XTS;
+		fs->super->s_encrypt_algos[1] =
+			EXT4_ENCRYPTION_MODE_AES_256_CTS;
+		ext2fs_mark_super_dirty(fs);
+		printf("Ext4 encryption enabled on %s\n", argv[1]);
+	} else
+		printf("Ext4 encryption already enabled on %s\n", argv[1]);
+
+	retval = ext2fs_close(fs);
+	if (retval) {
+		com_err(argv[0], retval, "while trying to close '%s'",
+			argv[1]);
+		exit(1);
+	}
+	return (0);
+}
+