libdm: Redact keys from dm-crypt targets when calling GetTable.HEADt13.0

Ignore-AOSP-First: security fix
Bug: 368069390
Test: libdm_test
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:034e2dd670e8bc81e35da74235c3d97f06556fa4)
Merged-In: I40b9a0129e58b1a0f116ca29f0ee66f91a27a73d
Change-Id: I40b9a0129e58b1a0f116ca29f0ee66f91a27a73d

1 files changed, 29 insertions, 0 deletions

diff --git a/fs_mgr/libdm/dm_test.cpp b/fs_mgr/libdm/dm_test.cpp
index 541f254cbc..f4c9784da8 100644
--- a/fs_mgr/libdm/dm_test.cpp
+++ b/fs_mgr/libdm/dm_test.cpp
@@ -690,3 +690,32 @@ TEST(libdm, CreateEmptyDevice) {
     // Empty device should be in suspended state.
     ASSERT_EQ(DmDeviceState::SUSPENDED, dm.GetState("empty-device"));
 }
+
+TEST(libdm, RedactDmCrypt) {
+    static constexpr uint64_t kImageSize = 65536;
+    static constexpr const char* kTestName = "RedactDmCrypt";
+    unique_fd temp_file(CreateTempFile("file_1", kImageSize));
+    ASSERT_GE(temp_file, 0);
+
+    LoopDevice loop(temp_file, 10s);
+    ASSERT_TRUE(loop.valid());
+
+    static constexpr const char* kAlgorithm = "aes-cbc-essiv:sha256";
+    static constexpr const char* kKey = "0e64ef514e6a1315b1f6390cb57c9e6a";
+
+    auto target = std::make_unique<DmTargetCrypt>(0, kImageSize / 512, kAlgorithm, kKey, 0,
+                                                  loop.device(), 0);
+    target->AllowDiscards();
+
+    DmTable table;
+    table.AddTarget(std::move(target));
+
+    auto& dm = DeviceMapper::Instance();
+    std::string crypt_path;
+    ASSERT_TRUE(dm.CreateDevice(kTestName, table, &crypt_path, 10s));
+
+    std::vector<DeviceMapper::TargetInfo> targets;
+    ASSERT_TRUE(dm.GetTableInfo(kTestName, &targets));
+    ASSERT_EQ(targets.size(), 1);
+    EXPECT_EQ(targets[0].data.find(kKey), std::string::npos);
+}