From 8d6338340d4f6a90493c658dbef18f80adcad65e Mon Sep 17 00:00:00 2001
From: Paul Lawrence <paullawrence@google.com>
Date: Fri, 20 Nov 2015 07:07:12 -0800
Subject: [PATCH] Encrypt on reboot

Change encryption to happen after a reboot, not before. This
removes the problem whereby if data cannot be unmounted, we cannot
encrypt.

Bug: 25426629

Change-Id: Icb2ec6cf330b5cc45b7e944c858a314f983fcaa4
---
 fs_mgr/fs_mgr.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c
index 3fda34ffb..fadc7cad6 100644
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@@ -448,8 +448,15 @@ static int handle_encryptable(struct fstab *fstab, const struct fstab_rec* rec)
              "%s/convert_fbe", rec->mount_point);
     bool convert_fbe = (access(convert_fbe_name, F_OK) == 0);
 
+    /* Check for existence of convert_fbe breadcrumb file */
+    char convert_fde_name[PATH_MAX];
+    snprintf(convert_fde_name, sizeof(convert_fbe_name),
+             "%s/misc/vold/convert_fde", rec->mount_point);
+    bool convert_fde = (access(convert_fde_name, F_OK) == 0);
+
     /* If this is block encryptable, need to trigger encryption */
     if (   (rec->fs_mgr_flags & MF_FORCECRYPT)
+        || ((rec->fs_mgr_flags & MF_CRYPT) && convert_fde)
         || ((rec->fs_mgr_flags & MF_FORCEFDEORFBE) && !convert_fbe)
         || (device_is_force_encrypted() && fs_mgr_is_encryptable(rec))) {
         if (umount(rec->mount_point) == 0) {