libdm: Redact keys from dm-crypt targets when calling GetTable.s12.1

Ignore-AOSP-First: security fix
Bug: 368069390
Test: libdm_test
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a48086d28966c20794c3a04af83cdf13af268dcc)
Merged-In: I40b9a0129e58b1a0f116ca29f0ee66f91a27a73d
Change-Id: I40b9a0129e58b1a0f116ca29f0ee66f91a27a73d

1 files changed, 14 insertions, 0 deletions

diff --git a/fs_mgr/libdm/dm.cpp b/fs_mgr/libdm/dm.cpp
index b1d5b397ab..762e83c304 100644
--- a/fs_mgr/libdm/dm.cpp
+++ b/fs_mgr/libdm/dm.cpp
@@ -512,6 +512,17 @@ bool DeviceMapper::GetTableInfo(const std::string& name, std::vector<TargetInfo>
     return GetTable(name, DM_STATUS_TABLE_FLAG, table);
 }
 
+void RedactTableInfo(const struct dm_target_spec& spec, std::string* data) {
+    if (DeviceMapper::GetTargetType(spec) == "crypt") {
+        auto parts = android::base::Split(*data, " ");
+        if (parts.size() < 2) {
+            return;
+        }
+        parts[1] = "redacted";
+        *data = android::base::Join(parts, " ");
+    }
+}
+
 // private methods of DeviceMapper
 bool DeviceMapper::GetTable(const std::string& name, uint32_t flags,
                             std::vector<TargetInfo>* table) {
@@ -550,6 +561,9 @@ bool DeviceMapper::GetTable(const std::string& name, uint32_t flags,
             // Note: we use c_str() to eliminate any extra trailing 0s.
             data = std::string(&buffer[data_offset], next_cursor - data_offset).c_str();
         }
+        if (flags & DM_STATUS_TABLE_FLAG) {
+            RedactTableInfo(*spec, &data);
+        }
         table->emplace_back(*spec, data);
         cursor = next_cursor;
     }