Only place files in de on FDE enabled devices

app/src/main/java/com/topjohnwu/magisk/MagiskManager.java

@@ -138,13 +138,11 @@ public class MagiskManager extends Application {
         super.onCreate();
         prefs = PreferenceManager.getDefaultSharedPreferences(this);
 
-        if (getDatabasePath(SuDatabaseHelper.DB_NAME).exists()
-                || Build.VERSION.SDK_INT < Build.VERSION_CODES.N) {
+        if (getDatabasePath(SuDatabaseHelper.DB_NAME).exists()) {
             // Don't migrate yet, wait and check Magisk version
             suDB = new SuDatabaseHelper(this);
         } else {
-            // Place the suDB in DE memory
-            suDB = new SuDatabaseHelper(createDeviceProtectedStorageContext());
+            suDB = new SuDatabaseHelper(Utils.getEncContext(this));
         }
 
         repoDB = new RepoDatabaseHelper(this);
@@ -208,14 +206,14 @@ public class MagiskManager extends Application {
         getMagiskInfo();
 
         // Check if we need to migrate suDB
-        if (magiskVersionCode >= 1410
-                && Build.VERSION.SDK_INT >= Build.VERSION_CODES.N
-                && getDatabasePath(SuDatabaseHelper.DB_NAME).exists()) {
+        if (getDatabasePath(SuDatabaseHelper.DB_NAME).exists() && Utils.useFDE(this)) {
+            if (magiskVersionCode >= 1410) {
                 suDB.close();
                 Context de = createDeviceProtectedStorageContext();
                 de.moveDatabaseFrom(this, SuDatabaseHelper.DB_NAME);
                 suDB = new SuDatabaseHelper(de);
             }
+        }
 
         new LoadLocale(this).exec();
 
@@ -284,7 +282,7 @@ public class MagiskManager extends Application {
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
             NotificationChannel channel = new NotificationChannel(NOTIFICATION_CHANNEL,
                     getString(R.string.magisk_updates), NotificationManager.IMPORTANCE_DEFAULT);
-            ((NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE)).createNotificationChannel(channel);
+            getSystemService(NotificationManager.class).createNotificationChannel(channel);
         }
 
         LoadModules loadModuleTask = new LoadModules(this);

app/src/main/java/com/topjohnwu/magisk/asyncs/InstallMagisk.java

@@ -75,14 +75,7 @@ public class InstallMagisk extends ParallelTask<Void, Void, Boolean> {
         MagiskManager mm = getMagiskManager();
         if (mm == null) return false;
 
-        File install;
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
-            // Need to be stored in device encrypted storage for FBE
-            install = new File(mm.createDeviceProtectedStorageContext().getFilesDir().getParent(),
-                    "install");
-        } else {
-            install = new File(mm.getApplicationInfo().dataDir, "install");
-        }
+        File install = new File(Utils.getEncContext(mm).getFilesDir().getParent(), "install");
         getShell().sh_raw("rm -rf " + install);
 
         List<String> abis = Arrays.asList(Build.SUPPORTED_ABIS);

app/src/main/java/com/topjohnwu/magisk/utils/Utils.java

@@ -5,6 +5,7 @@ import android.app.Activity;
 import android.app.DownloadManager;
 import android.app.NotificationManager;
 import android.app.PendingIntent;
+import android.app.admin.DevicePolicyManager;
 import android.content.Context;
 import android.content.Intent;
 import android.content.IntentFilter;
@@ -15,6 +16,7 @@ import android.database.Cursor;
 import android.net.ConnectivityManager;
 import android.net.NetworkInfo;
 import android.net.Uri;
+import android.os.Build;
 import android.os.Environment;
 import android.provider.OpenableColumns;
 import android.support.annotation.StringRes;
@@ -527,4 +529,17 @@ public class Utils {
             .setNegativeButton(R.string.no_thanks, null)
             .show();
     }
+
+    public static boolean useFDE(Context context) {
+        return Build.VERSION.SDK_INT >= Build.VERSION_CODES.N
+                && context.getSystemService(DevicePolicyManager.class).getStorageEncryptionStatus()
+                == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE_PER_USER;
+    }
+
+    public static Context getEncContext(Context context) {
+        if (useFDE(context))
+            return context.createDeviceProtectedStorageContext();
+        else
+            return context;
+    }
 }

build.gradle

@@ -7,7 +7,7 @@ buildscript {
         maven { url "https://maven.google.com" }
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:3.0.0-beta5'
+        classpath 'com.android.tools.build:gradle:3.0.0-beta6'
 
         // NOTE: Do not place your application dependencies here; they belong
         // in the individual module build.gradle files