From 4154f18b3b06f8d45d30ab5d8a47fc29bcc70944 Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Sat, 30 Aug 2025 15:52:22 +0800
Subject: [PATCH 01/10] =?UTF-8?q?=E7=BB=B4=E4=BF=AE=E6=A8=A1=E5=BC=8Fmount?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: jerry <ganrui3@huawei.com>
---
 .../native/storage_service_errno.h            |  1 +
 .../storage_daemon/crypto/src/key_manager.cpp |  5 ++++
 .../include/user/mount_manager.h              |  1 +
 .../mock/mount_manager_mock.cpp               |  5 ++++
 .../storage_daemon/user/src/mount_manager.cpp | 16 ++++++++++
 .../user/test/mount_manager_test.cpp          | 29 +++++++++++++++++++
 6 files changed, 57 insertions(+)

diff --git a/interfaces/innerkits/storage_manager/native/storage_service_errno.h b/interfaces/innerkits/storage_manager/native/storage_service_errno.h
index d2d63c74a..cf3e113da 100644
--- a/interfaces/innerkits/storage_manager/native/storage_service_errno.h
+++ b/interfaces/innerkits/storage_manager/native/storage_service_errno.h
@@ -177,6 +177,7 @@ enum ErrNo {
     E_MOUNT_FILE_MGR_FUSE = STORAGE_SERVICE_SYS_CAP_TAG + 747,
     E_MOUNT_SHARE_FILE = STORAGE_SERVICE_SYS_CAP_TAG + 748,
     E_UMOUNT_SHARE_FILE = STORAGE_SERVICE_SYS_CAP_TAG + 749,
+    E_MOUNT_FBE = STORAGE_SERVICE_SYS_CAP_TAG + 750,
 
     // 空间统计 13601201 ~ 13601700
     E_BUNDLEMGR_ERROR = STORAGE_SERVICE_SYS_CAP_TAG + 1201,
diff --git a/services/storage_daemon/crypto/src/key_manager.cpp b/services/storage_daemon/crypto/src/key_manager.cpp
index 62fa8aac9..83de699a6 100644
--- a/services/storage_daemon/crypto/src/key_manager.cpp
+++ b/services/storage_daemon/crypto/src/key_manager.cpp
@@ -1694,6 +1694,11 @@ int32_t KeyManager::ResetSecretWithRecoveryKey(uint32_t userId, uint32_t rkType,
             return E_ELX_KEY_STORE_ERROR;
         }
     }
+    ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    if (ret !=0) {
+        LOGE("mount file based encrypt fs failed!");
+        return ret;
+    }
 #endif
     return E_OK;
 }
diff --git a/services/storage_daemon/include/user/mount_manager.h b/services/storage_daemon/include/user/mount_manager.h
index b1948c6d4..1cd71768f 100644
--- a/services/storage_daemon/include/user/mount_manager.h
+++ b/services/storage_daemon/include/user/mount_manager.h
@@ -213,6 +213,7 @@ public:
         std::vector<std::string> &outputList, bool &isOccupy);
     int32_t MountDisShareFile(int32_t userId, const std::map<std::string, std::string> &shareFiles);
     int32_t UMountDisShareFile(int32_t userId, const std::string &networkId);
+    int32_t FileBaseEncryptfsMount();
 
 private:
     bool SupportHmdfs();
diff --git a/services/storage_daemon/mock/mount_manager_mock.cpp b/services/storage_daemon/mock/mount_manager_mock.cpp
index e64fd398f..5ec8056e0 100644
--- a/services/storage_daemon/mock/mount_manager_mock.cpp
+++ b/services/storage_daemon/mock/mount_manager_mock.cpp
@@ -54,6 +54,11 @@ int32_t MountManager::DestroySystemServiceDirs(int32_t userId)
 }
 
 int32_t MountManager::DestroyHmdfsDirs(int32_t userId)
+{
+    return 0;
+}
+
+int32_t MountManager::FileBaseEncryptfsMount()
 {
     return 0;
 }
\ No newline at end of file
diff --git a/services/storage_daemon/user/src/mount_manager.cpp b/services/storage_daemon/user/src/mount_manager.cpp
index 2e191ebec..faa63139f 100644
--- a/services/storage_daemon/user/src/mount_manager.cpp
+++ b/services/storage_daemon/user/src/mount_manager.cpp
@@ -46,6 +46,9 @@ using namespace OHOS::FileManagement::CloudFile;
 using namespace OHOS::StorageService;
 constexpr int32_t PATH_MAX_FOR_LINK = 4096;
 constexpr int32_t DEFAULT_USERID = 100;
+const std::string FILE_BASE_ENCRYPT_SRC_PATH = "/mnt/data_old/service/el1/public/sec_storage_data/fbe3";
+const std::string FILE_BASE_ENCRYPT_DST_PATH = "/data/service/el1/public/sec_storage_data/fbe3";
+constexpr int32_t DEFAULT_REPAIR_USERID = 10736;
 
 MountManager::MountManager() : hmdfsDirVec_(InitHmdfsDirVec()), virtualDir_(InitVirtualDir()),
     systemServiceDir_(InitSystemServiceDir()), fileManagerDir_(InitFileManagerDir()), appdataDir_(InitAppdataDir())
@@ -2098,5 +2101,18 @@ void MountManager::FindProcForMulti(const std::string &pidPath, const std::strin
         CheckSymlinkForMulti(fdPath + FILE_SEPARATOR_CHAR + fdDirent->d_name, path, occupyFiles);
     }
 }
+
+int32_t MountManager::FileBaseEncryptfsMount() {
+    std::string srcPath = FILE_BASED_ENCRYPT_SRC_PATH;
+    std::string dstPath = FILE_BASED_ENCRYPT_DST_PATH;
+    int32_t mountRes = BindMount(srcPath, dstPath);
+    if (mountRes!=E_OK) {
+        LOGE("failed to bind mount file based encrypt fs, err %{public}d", errno);
+        std::string extraData = "srcPath=" + srcPath + ",dstPath=" + dstPath + ",kernelCode=" + to_string(errno);
+        StorageRadar::ReportUserManager("HmdfsTwiceMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
+        return E_MOUNT_FBE;
+    }
+    return E_OK;
+}
 } // namespace StorageDaemon
 } // namespace OHOS
diff --git a/services/storage_daemon/user/test/mount_manager_test.cpp b/services/storage_daemon/user/test/mount_manager_test.cpp
index 3f6ae4101..fd87a1280 100644
--- a/services/storage_daemon/user/test/mount_manager_test.cpp
+++ b/services/storage_daemon/user/test/mount_manager_test.cpp
@@ -963,5 +963,34 @@ HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerExtTest_FilterNotMountedPa
     EXPECT_EQ(ret, E_OK);
     GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerExtTest_FilterNotMountedPath_001 end";
 }
+
+/**
+ * @tc.name: Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001
+ * @tc.desc: Verify the HmdfsTwiceMount function.
+ * @tc.type: FUNC
+ * @tc.require: IB49AM
+ */
+HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001, TestSize.Level1)
+{
+    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001 start";
+
+    EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
+    EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(true));
+    auto ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    EXPECT_EQ(ret, E_OK);
+
+    EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
+    EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(false));
+    EXPECT_CALL(*fileUtilMoc_, Mount(_, _, _, _, _)).WillOnce(Return(1));
+    ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    EXPECT_EQ(ret, E_MOUNT_FBE);
+
+    EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
+    EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(false));
+    EXPECT_CALL(*fileUtilMoc_, Mount(_, _, _, _, _)).WillOnce(Return(0));
+    ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    EXPECT_EQ(ret, E_OK);
+    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001 end";
+}
 } // STORAGE_DAEMON
 } // OHOS
-- 
Gitee


From 4ed8e1fa328eb12e23ce60b0ced8b6ab8b2d6c3f Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Sat, 30 Aug 2025 08:38:35 +0000
Subject: [PATCH 02/10] update
 services/storage_daemon/user/src/mount_manager.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/user/src/mount_manager.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/storage_daemon/user/src/mount_manager.cpp b/services/storage_daemon/user/src/mount_manager.cpp
index faa63139f..7ed7a22e3 100644
--- a/services/storage_daemon/user/src/mount_manager.cpp
+++ b/services/storage_daemon/user/src/mount_manager.cpp
@@ -2109,7 +2109,7 @@ int32_t MountManager::FileBaseEncryptfsMount() {
     if (mountRes!=E_OK) {
         LOGE("failed to bind mount file based encrypt fs, err %{public}d", errno);
         std::string extraData = "srcPath=" + srcPath + ",dstPath=" + dstPath + ",kernelCode=" + to_string(errno);
-        StorageRadar::ReportUserManager("HmdfsTwiceMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
+        StorageRadar::ReportUserManager("FileBaseEncryptfsMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
         return E_MOUNT_FBE;
     }
     return E_OK;
-- 
Gitee


From dab21e6189f1ce83c9620aa2018a0df4255f649b Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Sat, 30 Aug 2025 08:53:40 +0000
Subject: [PATCH 03/10] update
 services/storage_daemon/user/src/mount_manager.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/user/src/mount_manager.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/storage_daemon/user/src/mount_manager.cpp b/services/storage_daemon/user/src/mount_manager.cpp
index 7ed7a22e3..d8fdda81a 100644
--- a/services/storage_daemon/user/src/mount_manager.cpp
+++ b/services/storage_daemon/user/src/mount_manager.cpp
@@ -2102,7 +2102,8 @@ void MountManager::FindProcForMulti(const std::string &pidPath, const std::strin
     }
 }
 
-int32_t MountManager::FileBaseEncryptfsMount() {
+int32_t MountManager::FileBaseEncryptfsMount()
+{
     std::string srcPath = FILE_BASED_ENCRYPT_SRC_PATH;
     std::string dstPath = FILE_BASED_ENCRYPT_DST_PATH;
     int32_t mountRes = BindMount(srcPath, dstPath);
-- 
Gitee


From 209045feeb8443a56ab133c6d93ae83224b8c78e Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Sat, 30 Aug 2025 08:56:01 +0000
Subject: [PATCH 04/10] update
 services/storage_daemon/user/src/mount_manager.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/user/src/mount_manager.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/storage_daemon/user/src/mount_manager.cpp b/services/storage_daemon/user/src/mount_manager.cpp
index d8fdda81a..1412e4533 100644
--- a/services/storage_daemon/user/src/mount_manager.cpp
+++ b/services/storage_daemon/user/src/mount_manager.cpp
@@ -46,8 +46,8 @@ using namespace OHOS::FileManagement::CloudFile;
 using namespace OHOS::StorageService;
 constexpr int32_t PATH_MAX_FOR_LINK = 4096;
 constexpr int32_t DEFAULT_USERID = 100;
-const std::string FILE_BASE_ENCRYPT_SRC_PATH = "/mnt/data_old/service/el1/public/sec_storage_data/fbe3";
-const std::string FILE_BASE_ENCRYPT_DST_PATH = "/data/service/el1/public/sec_storage_data/fbe3";
+const std::string FILE_BASED_ENCRYPT_SRC_PATH = "/mnt/data_old/service/el1/public/sec_storage_data/fbe3";
+const std::string FILE_BASED_ENCRYPT_DST_PATH = "/data/service/el1/public/sec_storage_data/fbe3";
 constexpr int32_t DEFAULT_REPAIR_USERID = 10736;
 
 MountManager::MountManager() : hmdfsDirVec_(InitHmdfsDirVec()), virtualDir_(InitVirtualDir()),
-- 
Gitee


From d96368b6eb4b2d213736973fa3882ad6625b0888 Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Mon, 1 Sep 2025 03:29:39 +0000
Subject: [PATCH 05/10] update
 services/storage_daemon/crypto/src/key_manager.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/crypto/src/key_manager.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/storage_daemon/crypto/src/key_manager.cpp b/services/storage_daemon/crypto/src/key_manager.cpp
index bcccafd69..f68b5f710 100644
--- a/services/storage_daemon/crypto/src/key_manager.cpp
+++ b/services/storage_daemon/crypto/src/key_manager.cpp
@@ -1694,7 +1694,7 @@ int32_t KeyManager::ResetSecretWithRecoveryKey(uint32_t userId, uint32_t rkType,
             return E_ELX_KEY_STORE_ERROR;
         }
     }
-    ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    ret = MountManager::GetInstance().FileBasedEncryptfsMount();
     if (ret !=0) {
         LOGE("mount file based encrypt fs failed!");
         return ret;
-- 
Gitee


From c46a2febabe7c4824b24f1c0da2a894f0cc42008 Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Mon, 1 Sep 2025 03:30:16 +0000
Subject: [PATCH 06/10] update
 services/storage_daemon/include/user/mount_manager.h.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/include/user/mount_manager.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/storage_daemon/include/user/mount_manager.h b/services/storage_daemon/include/user/mount_manager.h
index 1cd71768f..eb43fb2fa 100644
--- a/services/storage_daemon/include/user/mount_manager.h
+++ b/services/storage_daemon/include/user/mount_manager.h
@@ -213,7 +213,7 @@ public:
         std::vector<std::string> &outputList, bool &isOccupy);
     int32_t MountDisShareFile(int32_t userId, const std::map<std::string, std::string> &shareFiles);
     int32_t UMountDisShareFile(int32_t userId, const std::string &networkId);
-    int32_t FileBaseEncryptfsMount();
+    int32_t FileBasedEncryptfsMount();
 
 private:
     bool SupportHmdfs();
-- 
Gitee


From 64fec23c2c6436e45309a7ba85f6e70194ec0f4b Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Mon, 1 Sep 2025 03:31:01 +0000
Subject: [PATCH 07/10] update
 services/storage_daemon/mock/mount_manager_mock.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/mock/mount_manager_mock.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/storage_daemon/mock/mount_manager_mock.cpp b/services/storage_daemon/mock/mount_manager_mock.cpp
index 5ec8056e0..8463b4ff3 100644
--- a/services/storage_daemon/mock/mount_manager_mock.cpp
+++ b/services/storage_daemon/mock/mount_manager_mock.cpp
@@ -58,7 +58,7 @@ int32_t MountManager::DestroyHmdfsDirs(int32_t userId)
     return 0;
 }
 
-int32_t MountManager::FileBaseEncryptfsMount()
+int32_t MountManager::FileBasedEncryptfsMount()
 {
     return 0;
 }
\ No newline at end of file
-- 
Gitee


From cd48e329f5e6f9c64926a59f6805a205dbed47fd Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Mon, 1 Sep 2025 03:31:59 +0000
Subject: [PATCH 08/10] update
 services/storage_daemon/user/src/mount_manager.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 services/storage_daemon/user/src/mount_manager.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/storage_daemon/user/src/mount_manager.cpp b/services/storage_daemon/user/src/mount_manager.cpp
index 1412e4533..9545b52ec 100644
--- a/services/storage_daemon/user/src/mount_manager.cpp
+++ b/services/storage_daemon/user/src/mount_manager.cpp
@@ -2102,7 +2102,7 @@ void MountManager::FindProcForMulti(const std::string &pidPath, const std::strin
     }
 }
 
-int32_t MountManager::FileBaseEncryptfsMount()
+int32_t MountManager::FileBasedEncryptfsMount()
 {
     std::string srcPath = FILE_BASED_ENCRYPT_SRC_PATH;
     std::string dstPath = FILE_BASED_ENCRYPT_DST_PATH;
@@ -2110,7 +2110,7 @@ int32_t MountManager::FileBaseEncryptfsMount()
     if (mountRes!=E_OK) {
         LOGE("failed to bind mount file based encrypt fs, err %{public}d", errno);
         std::string extraData = "srcPath=" + srcPath + ",dstPath=" + dstPath + ",kernelCode=" + to_string(errno);
-        StorageRadar::ReportUserManager("FileBaseEncryptfsMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
+        StorageRadar::ReportUserManager("FileBasedEncryptfsMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
         return E_MOUNT_FBE;
     }
     return E_OK;
-- 
Gitee


From 75024f6ee0fcbc0ffd0d5e8d5bcebab31bf966ed Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Mon, 1 Sep 2025 03:33:46 +0000
Subject: [PATCH 09/10] update
 services/storage_daemon/user/test/mount_manager_test.cpp.

Signed-off-by: jerry <ganrui3@huawei.com>
---
 .../user/test/mount_manager_test.cpp               | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/services/storage_daemon/user/test/mount_manager_test.cpp b/services/storage_daemon/user/test/mount_manager_test.cpp
index fd87a1280..2c9261318 100644
--- a/services/storage_daemon/user/test/mount_manager_test.cpp
+++ b/services/storage_daemon/user/test/mount_manager_test.cpp
@@ -965,32 +965,32 @@ HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerExtTest_FilterNotMountedPa
 }
 
 /**
- * @tc.name: Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001
+ * @tc.name: Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001
  * @tc.desc: Verify the HmdfsTwiceMount function.
  * @tc.type: FUNC
  * @tc.require: IB49AM
  */
-HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001, TestSize.Level1)
+HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001, TestSize.Level1)
 {
-    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001 start";
+    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001 start";
 
     EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
     EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(true));
-    auto ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    auto ret = MountManager::GetInstance().FileBasedEncryptfsMount();
     EXPECT_EQ(ret, E_OK);
 
     EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
     EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(false));
     EXPECT_CALL(*fileUtilMoc_, Mount(_, _, _, _, _)).WillOnce(Return(1));
-    ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    ret = MountManager::GetInstance().FileBasedEncryptfsMount();
     EXPECT_EQ(ret, E_MOUNT_FBE);
 
     EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
     EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(false));
     EXPECT_CALL(*fileUtilMoc_, Mount(_, _, _, _, _)).WillOnce(Return(0));
-    ret = MountManager::GetInstance().FileBaseEncryptfsMount();
+    ret = MountManager::GetInstance().FileBasedEncryptfsMount();
     EXPECT_EQ(ret, E_OK);
-    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBaseEncryptfsMount_001 end";
+    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001 end";
 }
 } // STORAGE_DAEMON
 } // OHOS
-- 
Gitee


From 6d264628835e7ecb9630b22580364f983870d413 Mon Sep 17 00:00:00 2001
From: jerry <ganrui3@huawei.com>
Date: Mon, 1 Sep 2025 19:50:50 +0800
Subject: [PATCH 10/10] =?UTF-8?q?=E6=A3=80=E8=A7=86=E6=84=8F=E8=A7=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: jerry <ganrui3@huawei.com>
---
 .../storage_daemon/crypto/src/key_manager.cpp | 33 ++++++++++++++++++-
 .../key_manager_another_test.cpp              |  2 +-
 .../include/crypto/key_manager.h              |  3 ++
 .../include/user/mount_manager.h              |  1 -
 .../mock/mount_manager_mock.cpp               |  5 ---
 services/storage_daemon/mtp/test/BUILD.gn     |  1 +
 .../storage_daemon/mtpfs/include/mtpfs_fuse.h |  2 +-
 .../storage_daemon/user/src/mount_manager.cpp | 17 ----------
 .../user/test/mount_manager_test.cpp          | 29 ----------------
 9 files changed, 38 insertions(+), 55 deletions(-)

diff --git a/services/storage_daemon/crypto/src/key_manager.cpp b/services/storage_daemon/crypto/src/key_manager.cpp
index f68b5f710..80e6f1494 100644
--- a/services/storage_daemon/crypto/src/key_manager.cpp
+++ b/services/storage_daemon/crypto/src/key_manager.cpp
@@ -68,6 +68,11 @@ constexpr uint32_t FILE_ENCRY_ERROR_UECE_AUTH_STATUS_WRONG = 0xFBE30034;
 #ifdef EL5_FILEKEY_MANAGER
 constexpr int32_t WAIT_THREAD_TIMEOUT_MS = 500;
 #endif
+#ifdef RECOVER_KEY_TEE_ENVIRONMENT
+const std::string FILE_BASED_ENCRYPT_SRC_PATH = "/mnt/data_old/service/el1/public/sec_storage_data/fbe3";
+const std::string FILE_BASED_ENCRYPT_DST_PATH = "/data/service/el1/public/sec_storage_data/fbe3";
+constexpr int32_t DEFAULT_REPAIR_USERID = 10736;
+#endif
 
 static bool IsEncryption()
 {
@@ -1648,6 +1653,32 @@ int KeyManager::SetRecoverKey(const std::vector<uint8_t> &key)
     }
     return E_OK;
 }
+#ifdef RECOVER_KEY_TEE_ENVIRONMENT
+int32_t KeyManager::FileBasedEncryptfsMount()
+{
+    std::string srcPath = FILE_BASED_ENCRYPT_SRC_PATH;
+    std::string dstPath = FILE_BASED_ENCRYPT_DST_PATH;
+    int32_t ret = TEMP_FAILURE_RETRY(umount(dstPath.c_str()));
+    if (ret != E_OK && errno != ENOENT && errno != EINVAL) {
+        LOGE("failed to unmount file based encrypt fs, err %{public}d", errno);
+        std::string extraData = "srcPath=" + srcPath + ",dstPath=" + dstPath + ",kernelCode=" + std::to_string(errno);
+        StorageRadar::ReportUserManager("FileBasedEncryptfsMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
+        return E_MOUNT_FBE;
+    }
+    auto startTime = StorageService::StorageRadar::RecordCurrentTime();
+    ret = TEMP_FAILURE_RETRY(mount(srcPath.c_str(), dstPath.c_str(), nullptr, MS_BIND, nullptr));
+    if (ret != 0 && errno != EEXIST && errno != EBUSY) {
+        LOGE("failed to bind mount file based encrypt fs, err %{public}d", errno);
+        std::string extraData = "srcPath=" + srcPath + ",dstPath=" + dstPath + ",kernelCode=" + std::to_string(errno);
+        StorageRadar::ReportUserManager("FileBasedEncryptfsMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
+        return E_MOUNT_FBE;
+    }
+    auto delay = StorageService::StorageRadar::ReportDuration("MOUNT: BIND MOUNT",
+        startTime, StorageService::DELAY_TIME_THRESH_HIGH, DEFAULT_REPAIR_USERID);
+    LOGI("SD_DURATION: MOUNT: BIND MOUNT, delayTime = %{public}s", delay.c_str());
+    return E_OK;
+}
+#endif
 
 int32_t KeyManager::ResetSecretWithRecoveryKey(uint32_t userId, uint32_t rkType, const std::vector<uint8_t> &key)
 {
@@ -1694,7 +1725,7 @@ int32_t KeyManager::ResetSecretWithRecoveryKey(uint32_t userId, uint32_t rkType,
             return E_ELX_KEY_STORE_ERROR;
         }
     }
-    ret = MountManager::GetInstance().FileBasedEncryptfsMount();
+    ret = FileBasedEncryptfsMount();
     if (ret !=0) {
         LOGE("mount file based encrypt fs failed!");
         return ret;
diff --git a/services/storage_daemon/crypto/test/key_manager_test/key_manager_another_test.cpp b/services/storage_daemon/crypto/test/key_manager_test/key_manager_another_test.cpp
index 87b491d1e..73ef62770 100644
--- a/services/storage_daemon/crypto/test/key_manager_test/key_manager_another_test.cpp
+++ b/services/storage_daemon/crypto/test/key_manager_test/key_manager_another_test.cpp
@@ -151,7 +151,7 @@ HWTEST_F(KeyMgrAnotherTest, KeyManager_ResetSecretWithRecoveryKey_000, TestSize.
         .WillOnce(Return(FSCRYPT_V2)).WillOnce(Return(FSCRYPT_V2));
     EXPECT_CALL(*recoveryMgrMock_, ResetSecretWithRecoveryKey()).WillOnce(Return(E_OK));
     EXPECT_CALL(*baseKeyMock_, StoreKey(_, _)).Times(6).WillOnce(Return(E_OK));
-    EXPECT_EQ(KeyManager::GetInstance().ResetSecretWithRecoveryKey(userId, rkType, key), E_OK);
+    EXPECT_EQ(KeyManager::GetInstance().ResetSecretWithRecoveryKey(userId, rkType, key), E_MOUNT_FBE);
 
     OHOS::ForceRemoveDirectory(MAINTAIN_DEVICE_EL1_DIR);
     OHOS::ForceRemoveDirectory(globalUserEl1Path);
diff --git a/services/storage_daemon/include/crypto/key_manager.h b/services/storage_daemon/include/crypto/key_manager.h
index 0e01b016e..f124ecb4a 100644
--- a/services/storage_daemon/include/crypto/key_manager.h
+++ b/services/storage_daemon/include/crypto/key_manager.h
@@ -184,6 +184,9 @@ private:
 
 #ifdef EL5_FILEKEY_MANAGER
     int GenerateAndLoadAppKeyInfo(uint32_t userId, const std::vector<std::pair<int, std::string>> &keyInfo);
+#endif
+#ifdef RECOVER_KEY_TEE_ENVIRONMENT
+    int32_t FileBasedEncryptfsMount();
 #endif
     using KeyMap = std::map<KeyType, std::shared_ptr<BaseKey>>;
     std::map<unsigned int, KeyMap> userElKeys_;
diff --git a/services/storage_daemon/include/user/mount_manager.h b/services/storage_daemon/include/user/mount_manager.h
index eb43fb2fa..b1948c6d4 100644
--- a/services/storage_daemon/include/user/mount_manager.h
+++ b/services/storage_daemon/include/user/mount_manager.h
@@ -213,7 +213,6 @@ public:
         std::vector<std::string> &outputList, bool &isOccupy);
     int32_t MountDisShareFile(int32_t userId, const std::map<std::string, std::string> &shareFiles);
     int32_t UMountDisShareFile(int32_t userId, const std::string &networkId);
-    int32_t FileBasedEncryptfsMount();
 
 private:
     bool SupportHmdfs();
diff --git a/services/storage_daemon/mock/mount_manager_mock.cpp b/services/storage_daemon/mock/mount_manager_mock.cpp
index 8463b4ff3..e64fd398f 100644
--- a/services/storage_daemon/mock/mount_manager_mock.cpp
+++ b/services/storage_daemon/mock/mount_manager_mock.cpp
@@ -54,11 +54,6 @@ int32_t MountManager::DestroySystemServiceDirs(int32_t userId)
 }
 
 int32_t MountManager::DestroyHmdfsDirs(int32_t userId)
-{
-    return 0;
-}
-
-int32_t MountManager::FileBasedEncryptfsMount()
 {
     return 0;
 }
\ No newline at end of file
diff --git a/services/storage_daemon/mtp/test/BUILD.gn b/services/storage_daemon/mtp/test/BUILD.gn
index db61f8f08..a55996718 100644
--- a/services/storage_daemon/mtp/test/BUILD.gn
+++ b/services/storage_daemon/mtp/test/BUILD.gn
@@ -64,6 +64,7 @@ ohos_unittest("mtp_device_manager_test") {
     "ipc:ipc_single",
     "samgr:samgr_proxy",
     "usb_manager:usbsrv_client",
+    "init:libbegetutil",
   ]
 }
 
diff --git a/services/storage_daemon/mtpfs/include/mtpfs_fuse.h b/services/storage_daemon/mtpfs/include/mtpfs_fuse.h
index fd7c24854..2e8e72b6d 100644
--- a/services/storage_daemon/mtpfs/include/mtpfs_fuse.h
+++ b/services/storage_daemon/mtpfs/include/mtpfs_fuse.h
@@ -106,7 +106,7 @@ public:
     int Truncate(const char *path, off_t offset, struct fuse_file_info *fileInfo);
     void *Init(struct fuse_conn_info *conn, struct fuse_config *cfg);
     int Create(const char *path, mode_t mode, fuse_file_info *fileInfo);
-    int SetXAttr(const char *path, const char *in, const char *out);
+    int SetXAttr(const char *path, const char *in, const char *out = nullptr);
     int GetXAttr(const char *path, const char *in, char *out, size_t size);
     int GetThumbAttr(const std::string &path, struct stat *buf);
     void HandleRemove(uint32_t handleId);
diff --git a/services/storage_daemon/user/src/mount_manager.cpp b/services/storage_daemon/user/src/mount_manager.cpp
index 9545b52ec..2e191ebec 100644
--- a/services/storage_daemon/user/src/mount_manager.cpp
+++ b/services/storage_daemon/user/src/mount_manager.cpp
@@ -46,9 +46,6 @@ using namespace OHOS::FileManagement::CloudFile;
 using namespace OHOS::StorageService;
 constexpr int32_t PATH_MAX_FOR_LINK = 4096;
 constexpr int32_t DEFAULT_USERID = 100;
-const std::string FILE_BASED_ENCRYPT_SRC_PATH = "/mnt/data_old/service/el1/public/sec_storage_data/fbe3";
-const std::string FILE_BASED_ENCRYPT_DST_PATH = "/data/service/el1/public/sec_storage_data/fbe3";
-constexpr int32_t DEFAULT_REPAIR_USERID = 10736;
 
 MountManager::MountManager() : hmdfsDirVec_(InitHmdfsDirVec()), virtualDir_(InitVirtualDir()),
     systemServiceDir_(InitSystemServiceDir()), fileManagerDir_(InitFileManagerDir()), appdataDir_(InitAppdataDir())
@@ -2101,19 +2098,5 @@ void MountManager::FindProcForMulti(const std::string &pidPath, const std::strin
         CheckSymlinkForMulti(fdPath + FILE_SEPARATOR_CHAR + fdDirent->d_name, path, occupyFiles);
     }
 }
-
-int32_t MountManager::FileBasedEncryptfsMount()
-{
-    std::string srcPath = FILE_BASED_ENCRYPT_SRC_PATH;
-    std::string dstPath = FILE_BASED_ENCRYPT_DST_PATH;
-    int32_t mountRes = BindMount(srcPath, dstPath);
-    if (mountRes!=E_OK) {
-        LOGE("failed to bind mount file based encrypt fs, err %{public}d", errno);
-        std::string extraData = "srcPath=" + srcPath + ",dstPath=" + dstPath + ",kernelCode=" + to_string(errno);
-        StorageRadar::ReportUserManager("FileBasedEncryptfsMount", DEFAULT_REPAIR_USERID, E_MOUNT_FBE, extraData);
-        return E_MOUNT_FBE;
-    }
-    return E_OK;
-}
 } // namespace StorageDaemon
 } // namespace OHOS
diff --git a/services/storage_daemon/user/test/mount_manager_test.cpp b/services/storage_daemon/user/test/mount_manager_test.cpp
index 2c9261318..3f6ae4101 100644
--- a/services/storage_daemon/user/test/mount_manager_test.cpp
+++ b/services/storage_daemon/user/test/mount_manager_test.cpp
@@ -963,34 +963,5 @@ HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerExtTest_FilterNotMountedPa
     EXPECT_EQ(ret, E_OK);
     GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerExtTest_FilterNotMountedPath_001 end";
 }
-
-/**
- * @tc.name: Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001
- * @tc.desc: Verify the HmdfsTwiceMount function.
- * @tc.type: FUNC
- * @tc.require: IB49AM
- */
-HWTEST_F(MountManagerTest, Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001, TestSize.Level1)
-{
-    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001 start";
-
-    EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
-    EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(true));
-    auto ret = MountManager::GetInstance().FileBasedEncryptfsMount();
-    EXPECT_EQ(ret, E_OK);
-
-    EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
-    EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(false));
-    EXPECT_CALL(*fileUtilMoc_, Mount(_, _, _, _, _)).WillOnce(Return(1));
-    ret = MountManager::GetInstance().FileBasedEncryptfsMount();
-    EXPECT_EQ(ret, E_MOUNT_FBE);
-
-    EXPECT_CALL(*fileUtilMoc_, IsDir(_)).WillOnce(Return(true)).WillOnce(Return(true));
-    EXPECT_CALL(*fileUtilMoc_, IsPathMounted(_)).WillOnce(Return(false));
-    EXPECT_CALL(*fileUtilMoc_, Mount(_, _, _, _, _)).WillOnce(Return(0));
-    ret = MountManager::GetInstance().FileBasedEncryptfsMount();
-    EXPECT_EQ(ret, E_OK);
-    GTEST_LOG_(INFO) << "Storage_Daemon_MountManagerTest_FileBasedEncryptfsMount_001 end";
-}
 } // STORAGE_DAEMON
 } // OHOS
-- 
Gitee