include $(BUILD_HOST_EXECUTABLE)
+#########################################################################
+# Build add_ext4_encrypt
+#
+include $(CLEAR_VARS)
+
+add_ext4_encrypt_src_files := \
+ add_ext4_encrypt.c
+
+add_ext4_encrypt_c_includes := \
+ external/e2fsprogs/lib
+
+add_ext4_encrypt_cflags := -O2 -g -W -Wall
+
+add_ext4_encrypt_shared_libraries := \
+ libext2fs \
+ libext2_com_err
+
+add_ext4_encrypt_system_shared_libraries := libc
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := $(add_ext4_encrypt_src_files)
+LOCAL_C_INCLUDES := $(add_ext4_encrypt_c_includes)
+LOCAL_CFLAGS := $(add_ext4_encrypt_cflags)
+LOCAL_SHARED_LIBRARIES := $(add_ext4_encrypt_shared_libraries)
+LOCAL_SYSTEM_SHARED_LIBRARIES := $(add_ext4_encrypt_system_shared_libraries)
+LOCAL_MODULE := add_ext4_encrypt
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_EXECUTABLE)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := $(add_ext4_encrypt_src_files)
+LOCAL_C_INCLUDES := $(add_ext4_encrypt_c_includes)
+LOCAL_CFLAGS := $(add_ext4_encrypt_cflags)
+LOCAL_SHARED_LIBRARIES := $(addsuffix _host, $(add_ext4_encrypt_shared_libraries))
+LOCAL_MODULE := add_ext4_encrypt_host
+LOCAL_MODULE_STEM := add_ext4_encrypt
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_HOST_EXECUTABLE)
+
--- /dev/null
+/*
+ * Basic progam to add ext4 encryption to a file system
+ *
+ * Copyright 2015, Google, Inc.
+ *
+ * %Begin-Header%
+ * This file may be redistributed under the terms of the GNU Public
+ * License.
+ * %End-Header%
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <ext2fs/ext2_fs.h>
+#include <ext2fs/ext2fs.h>
+
+int main (int argc, char *argv[])
+{
+ errcode_t retval = 0;
+ ext2_filsys fs;
+
+ setbuf(stdout, NULL);
+ setbuf(stderr, NULL);
+ initialize_ext2_error_table();
+
+ if (argc != 2) {
+ fprintf(stderr, "%s: Usage <device|filesystem>\n", argv[0]);
+ exit(1);
+ }
+
+ retval = ext2fs_open(argv[1], EXT2_FLAG_RW, 0, 0,
+ unix_io_manager, &fs);
+
+ if (retval) {
+ com_err(argv[0], retval, "while trying to open '%s'",
+ argv[1]);
+ exit(1);
+ }
+ if (!EXT2_HAS_INCOMPAT_FEATURE(fs->super,
+ EXT4_FEATURE_INCOMPAT_ENCRYPT)) {
+ fs->super->s_feature_incompat |= EXT4_FEATURE_INCOMPAT_ENCRYPT;
+ fs->super->s_encrypt_algos[0] =
+ EXT4_ENCRYPTION_MODE_AES_256_XTS;
+ fs->super->s_encrypt_algos[1] =
+ EXT4_ENCRYPTION_MODE_AES_256_CTS;
+ ext2fs_mark_super_dirty(fs);
+ printf("Ext4 encryption enabled on %s\n", argv[1]);
+ } else
+ printf("Ext4 encryption already enabled on %s\n", argv[1]);
+
+ retval = ext2fs_close(fs);
+ if (retval) {
+ com_err(argv[0], retval, "while trying to close '%s'",
+ argv[1]);
+ exit(1);
+ }
+ return (0);
+}
+