crypto: Use system's vold for decryption If TWRP crypto fails to decrypt pa

1. crypto: Use system's vold for decryption
2.  
3. If TWRP crypto fails to decrypt partition, mount the system
4. partition and use system's own vold to attempt decryption.
5. This provides a fallback for proprietary OEM encryption as well as
6. encryption methods which TWRP hasn't been updated for.
7.  
8. Requirements in device tree:
9. * fstab.{ro.hardware} in device/recovery/root
10. The fstab does not need to be complete, but it does need the
11. data partition and the encryption entries.
12.  
13. * 'TW_CRYPTO_USE_SYSTEM_VOLD := true' in BoardConfig
14. or
15. * 'TW_CRYPTO_USE_SYSTEM_VOLD := <list of services>'
16.  
17. Notes:
18. * Setting the flag to 'true' will just use system's vdc+vold
19. or
20. * Setting the flag with additional services, will also start them
21. prior to attempting vdc+vold decryption, eg: for qualcomm based
22. devices you usually need 'TW_CRYPTO_USE_SYSTEM_VOLD := qseecomd'
23.  
24. * For each service listed an additional import will be automatically
25. added to the vold_decrypt.rc file in the form of
26. init.recovery.vold_decrypt.{service}.rc
27. You will need to add any not already existing .rc files in
28. your device/recovery/root folder.
29.  
30. * The service names specified in the vold_decrypt.{service}.rc files
31. have to be named 'sys_{service}'
32. eg: 'service sys_qseecomd /system/bin/qseecomd'
33.  
34. * Any service already existing in TWRP as {service} or sbin{service} will
35. be stopped and restarted as needed.
36.  
37. * You can override the default init.recovery.vold_decrypt.rc file(s)
38. by placing same named ones in your device/recovery/root folder.
39. If you do, you'll need to manually add the needed imports.
40.  
41. * If /vendor and /firmware folders are temporarily moved and symlinked
42. to the folders and files in the system partition, the properties
43. 'vold_decrypt.symlinked_vendor' and 'vold_decrypt.symlinked_firmware'
44. will be set to 1.
45. This allows for additional control in the .rc files for any extra
46. actions (symlinks, cp files, etc) that may be needed for decryption
47. by using: on property:vold_decrypt.symlinked_vendor=1 and/or
48. on property:vold_decrypt.symlinked_firmware=1 triggers.
49.  
50. Debug mode: 'TW_CRYPTO_SYSTEM_VOLD_DEBUG := true' in BoardConfig
51. * Specifying this flag, will enable strace on init and vdc, which will
52. create separate log files in /tmp for every process created, allowing
53. for detailed analysis of which services and files are being accessed.
54. * Note that enabling strace will expose the password in the logs!!
55. * You need to manually add strace to your build.
56.  
57. Thanks to @Captain_Throwback for co-authoring and testing.
58.  
59. Tested successfully on HTC devices:
60. M8 (KK through MM), M9 (MM and N), A9 (N), 10 (N), Bolt (N),
61. Desire 626s (MM), U Ultra (N)
62.  
63. HTC One X9 (MTK device)
64.  
65. And by Nikolay Jeliazkov on: Xiaomi Mi Max