Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2ec6bb20 authored by Nikolay Elenkov's avatar Nikolay Elenkov Committed by Automerger Merge Worker
Browse files

Merge "Delete keystore keys from RecoveryService.rebootRecoveryWithCommand()"... 

Merge "Delete keystore keys from RecoveryService.rebootRecoveryWithCommand()" into udc-dev am: a132b5bf

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/28044457



Change-Id: Ic280e4506a207f339610626c2790af5f39d508bf
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 9c8248dd a132b5bf

keystore/java/android/security/AndroidKeyStoreMaintenance.java

+22 −0
Original line number Diff line number Diff line
@@ -18,8 +18,10 @@ package android.security; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.os.ServiceSpecificException;

import android.os.StrictMode;

import android.security.maintenance.IKeystoreMaintenance;

import android.system.keystore2.Domain;

import android.system.keystore2.KeyDescriptor;
@@ -183,4 +185,24 @@ public class AndroidKeyStoreMaintenance { 
            return SYSTEM_ERROR;

        }

    }



    /**

    * Deletes all keys in all KeyMint devices.

    * Called by RecoverySystem before rebooting to recovery in order to delete all KeyMint keys,

    * including synthetic password protector keys (used by LockSettingsService), as well as keys

    * protecting DE and metadata encryption keys (used by vold). This ensures that FBE-encrypted

    * data is unrecoverable even if the data wipe in recovery is interrupted or skipped.

    */

    public static void deleteAllKeys() throws KeyStoreException {

        StrictMode.noteDiskWrite();

        try {

            getService().deleteAllKeys();

        } catch (RemoteException | NullPointerException e) {

            throw new KeyStoreException(SYSTEM_ERROR,

                    "Failure to connect to Keystore while trying to delete all keys.");

        } catch (ServiceSpecificException e) {

            throw new KeyStoreException(e.errorCode,

                    "Keystore error while trying to delete all keys.");

        }

    }

}

services/core/java/com/android/server/recoverysystem/RecoverySystemService.java

+19 −0
Original line number Diff line number Diff line
@@ -53,6 +53,7 @@ import android.os.ShellCallback; 
import android.os.SystemProperties;

import android.provider.DeviceConfig;

import android.sysprop.ApexProperties;

import android.security.AndroidKeyStoreMaintenance;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.FastImmutableArraySet;
@@ -68,6 +69,7 @@ import com.android.server.LocalServices; 
import com.android.server.SystemService;

import com.android.server.pm.ApexManager;

import com.android.server.recoverysystem.hal.BootControlHIDL;

import com.android.server.utils.Slogf;



import libcore.io.IoUtils;
@@ -119,6 +121,8 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo 
    static final String LSKF_CAPTURED_TIMESTAMP_PREF = "lskf_captured_timestamp";

    static final String LSKF_CAPTURED_COUNT_PREF = "lskf_captured_count";



    static final String RECOVERY_WIPE_DATA_COMMAND = "--wipe_data";



    private final Injector mInjector;

    private final Context mContext;
@@ -522,17 +526,32 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo 
    @Override // Binder call

    public void rebootRecoveryWithCommand(String command) {

        if (DEBUG) Slog.d(TAG, "rebootRecoveryWithCommand: [" + command + "]");



        boolean isForcedWipe = command != null && command.contains(RECOVERY_WIPE_DATA_COMMAND);

        synchronized (sRequestLock) {

            if (!setupOrClearBcb(true, command)) {

                return;

            }



            if (isForcedWipe) {

                deleteSecrets();

            }



            // Having set up the BCB, go ahead and reboot.

            PowerManager pm = mInjector.getPowerManager();

            pm.reboot(PowerManager.REBOOT_RECOVERY);

        }

    }



    private static void deleteSecrets() {

        Slogf.w(TAG, "deleteSecrets");

        try {

            AndroidKeyStoreMaintenance.deleteAllKeys();

        } catch (android.security.KeyStoreException e) {

            Log.wtf(TAG, "Failed to delete all keys from keystore.", e);

        }

    }



    private void enforcePermissionForResumeOnReboot() {

        if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.RECOVERY)

                != PackageManager.PERMISSION_GRANTED