5 files changed, 13 insertions, 40 deletions

diff --git a/crypto/ext4crypt/Android.mk b/crypto/ext4crypt/Android.mk
index 693b67518..4aba9ef45 100644
--- a/crypto/ext4crypt/Android.mk
+++ b/crypto/ext4crypt/Android.mk
@@ -6,7 +6,7 @@ LOCAL_MODULE := libe4crypt
 LOCAL_MODULE_TAGS := eng optional
 LOCAL_CFLAGS :=
 LOCAL_SRC_FILES := Decrypt.cpp Ext4Crypt.cpp ScryptParameters.cpp Utils.cpp HashPassword.cpp ext4_crypt.cpp
-LOCAL_SHARED_LIBRARIES := libselinux libc libc++ libext4_utils libsoftkeymaster libbase libcrypto libcutils libkeymaster_messages libhardware libprotobuf-cpp-lite
+LOCAL_SHARED_LIBRARIES := libselinux libc libc++ libext4_utils libbase libcrypto libcutils libkeymaster_messages libhardware libprotobuf-cpp-lite
 LOCAL_STATIC_LIBRARIES := libscrypt_static
 LOCAL_C_INCLUDES := system/extras/ext4_utils system/extras/ext4_utils/include/ext4_utils external/scrypt/lib/crypto system/security/keystore hardware/libhardware/include/hardware system/security/softkeymaster/include/keymaster system/keymaster/include
 
@@ -28,10 +28,13 @@ ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 26; echo $$?),0)
         LOCAL_CFLAGS += -DHAVE_LIBKEYUTILS
         LOCAL_SHARED_LIBRARIES += libkeyutils
     endif
-    LOCAL_ADDITIONAL_DEPENDENCIES := keystore_auth
+    LOCAL_REQUIRED_MODULES := keystore_auth
 else
     LOCAL_SRC_FILES += Keymaster.cpp KeyStorage.cpp
 endif
+ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 28; echo $$?),0)
+    LOCAL_SHARED_LIBRARIES += libsoftkeymaster
+endif
 
 include $(BUILD_SHARED_LIBRARY)
 
diff --git a/crypto/ext4crypt/Ext4Crypt.cpp b/crypto/ext4crypt/Ext4Crypt.cpp
index ea5b1cf88..048a0bd9f 100644
--- a/crypto/ext4crypt/Ext4Crypt.cpp
+++ b/crypto/ext4crypt/Ext4Crypt.cpp
@@ -312,7 +312,7 @@ bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, userid_t use
     return true;
 }
 
-static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
+static bool ensure_policy(const std::string& raw_ref __unused, const std::string& path) {
     LOG(INFO) << "ensure_policy '" << path << "'\n";
     return true;
     return access(path.c_str(), F_OK) == 0; // ensure policy will set a policy if one is not set on an empty folder - we don't want to do this in recovery
@@ -438,7 +438,7 @@ static bool parse_hex(const char* hex, std::string* result) {
 }
 
 // TODO: rename to 'install' for consistency, and take flags to know which keys to install
-bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex,
+bool e4crypt_unlock_user_key(userid_t user_id, int serial __unused, const char* token_hex,
                              const char* secret_hex) {
     if (e4crypt_is_native()) {
         if (s_ce_key_raw_refs.count(user_id) != 0) {
@@ -469,7 +469,7 @@ bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex
     return true;
 }
 
-bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial,
+bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial __unused,
         int flags) {
 
     if (flags & FLAG_STORAGE_DE) {
diff --git a/crypto/lollipop/Android.mk b/crypto/lollipop/Android.mk
index 6dc386a29..1be412138 100644
--- a/crypto/lollipop/Android.mk
+++ b/crypto/lollipop/Android.mk
@@ -24,6 +24,8 @@ ifneq ($(wildcard hardware/libhardware/include/hardware/keymaster0.h),)
     LOCAL_C_INCLUDES +=  external/boringssl/src/include
 endif
 
+LOCAL_CFLAGS += -Wno-unused-function
+
 LOCAL_WHOLE_STATIC_LIBRARIES += libscrypttwrp_static
 
 include $(BUILD_SHARED_LIBRARY)
diff --git a/crypto/lollipop/cryptfs.c b/crypto/lollipop/cryptfs.c
index 80f433bf6..d3bf62955 100644
--- a/crypto/lollipop/cryptfs.c
+++ b/crypto/lollipop/cryptfs.c
@@ -89,10 +89,7 @@
 
 char *me = "cryptfs";
 
-static unsigned char saved_master_key[KEY_LEN_BYTES];
-static char *saved_mount_point;
 static int  master_key_saved = 0;
-static struct crypt_persist_data *persist_data = NULL;
 static char key_fname[PROPERTY_VALUE_MAX] = "";
 static char real_blkdev[PROPERTY_VALUE_MAX] = "";
 static char file_system[PROPERTY_VALUE_MAX] = "";
@@ -629,24 +626,6 @@ static int keymaster_sign_object(struct crypt_mnt_ftr *ftr,
 }
 #endif //#ifndef TW_CRYPTO_HAVE_KEYMASTERX
 
-/* Store password when userdata is successfully decrypted and mounted.
- * Cleared by cryptfs_clear_password
- *
- * To avoid a double prompt at boot, we need to store the CryptKeeper
- * password and pass it to KeyGuard, which uses it to unlock KeyStore.
- * Since the entire framework is torn down and rebuilt after encryption,
- * we have to use a daemon or similar to store the password. Since vold
- * is secured against IPC except from system processes, it seems a reasonable
- * place to store this.
- *
- * password should be cleared once it has been used.
- *
- * password is aged out after password_max_age_seconds seconds.
- */
-static char* password = 0;
-static int password_expiry_time = 0;
-static const int password_max_age_seconds = 60;
-
 static void ioctl_init(struct dm_ioctl *io, size_t dataSize, const char *name, unsigned flags)
 {
     memset(io, 0, dataSize);
@@ -774,7 +753,7 @@ static int get_crypt_ftr_info(char **metadata_fname, off64_t *off)
 static int get_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr)
 {
   int fd;
-  unsigned int nr_sec, cnt;
+  unsigned int cnt;
   off64_t starting_off;
   int rc = -1;
   char *fname = NULL;
@@ -979,8 +958,6 @@ static int get_dm_crypt_version(int fd, const char *name,  int *version)
     char buffer[DM_CRYPT_BUF_SIZE];
     struct dm_ioctl *io;
     struct dm_target_versions *v;
-    int flag;
-    int i;
 
     io = (struct dm_ioctl *) buffer;
 
@@ -996,6 +973,7 @@ static int get_dm_crypt_version(int fd, const char *name,  int *version)
     v = (struct dm_target_versions *) &buffer[sizeof(struct dm_ioctl)];
     while (v->next) {
 #ifdef CONFIG_HW_DISK_ENCRYPTION
+        int flag;
         if (is_hw_fde_enabled()) {
             flag = (!strcmp(v->name, "crypt") || !strcmp(v->name, "req-crypt"));
         } else {
@@ -1022,13 +1000,9 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr *crypt_ftr, const unsigned
                                  const char *real_blk_name, char *crypto_blk_name, const char *name)
 {
   char buffer[DM_CRYPT_BUF_SIZE];
-  char master_key_ascii[129]; /* Large enough to hold 512 bit key and null */
-  char *crypt_params;
   struct dm_ioctl *io;
-  struct dm_target_spec *tgt;
   unsigned int minor;
   int fd=0;
-  int i;
   int retval = -1;
   int version[3];
   char *extra_params;
@@ -1223,7 +1197,7 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
     unsigned char* master_key = convert_hex_ascii_to_key(passwd, &key_size);
     if (!master_key) {
         printf("Failed to convert passwd from hex, using passwd instead\n");
-        master_key = strdup(passwd);
+        master_key = (unsigned char*)strdup(passwd);
     }
 
     rc = crypto_scrypt(master_key, key_size, salt, SALT_LEN,
@@ -1365,10 +1339,6 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
   char crypto_blkdev[MAXPATHLEN];
   char tmp_mount_point[64];
   int rc = 0;
-  kdf_func kdf;
-  void *kdf_params;
-  int use_keymaster = 0;
-  int upgrade = 0;
   unsigned char* intermediate_key = 0;
   size_t intermediate_key_size = 0;
 
diff --git a/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c b/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c
index d05ee1bfe..158bf96f3 100644
--- a/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c
+++ b/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c
@@ -135,9 +135,7 @@ smix(uint8_t * B, size_t r, uint64_t N, void * V, void * XY)
 	uint8x16_t * X = XY;
 	uint8x16_t * Y = (void *)((uintptr_t)(XY) + 128 * r);
         uint8x16_t * Z = (void *)((uintptr_t)(XY) + 256 * r);
-        uint32_t * X32 = (void *)X;
 	uint64_t i, j;
-        size_t k;
 
 	/* 1: X <-- B */
 	blkcpy(X, B, 128 * r);