Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5c65b1ee authored by Eric Biggers's avatar Eric Biggers
Browse files

Don't prepare CE storage on user creation 

Since the CE key is now always protected by the synthetic password, it
is no longer saved to disk before PHASE_BOOT_COMPLETED.  Unfortunately,
that means that if the device is rebooted after a user was created but
before the CE key was written to disk, then the CE key needs to be
regenerated.  But that doesn't work if CE storage was already prepared.

Address this by not preparing the user's CE storage at creation time.
It has never actually been necessary, since the CE storage will be
prepared when the user is unlocked anyway.  This is also how user 0
works already (with the exception of the /data/data directory).

Bug: 232452368
Bug: 251213447
Change-Id: I78ba39030bbd3d1561f822fc7711d7169a21c467
parent 22b672bb

services/core/java/com/android/server/pm/Settings.java

+6 −5
Original line number Diff line number Diff line
@@ -4185,15 +4185,16 @@ public final class Settings implements Watchable, Snappable { 
                        // such as APEX

                        continue;

                    }

                    // Need to create a data directory for all apps installed for this user.

                    // Accumulate all required args and call the installer after mPackages lock

                    // has been released

                    // We need to create the DE data directory for all apps installed for this user.

                    // (CE storage is not ready yet; the CE data directories will be created later,

                    // when the user is "unlocked".)  Accumulate all required args, and call the

                    // installer after the mPackages lock has been released.

                    final String seInfo = AndroidPackageUtils.getSeInfo(ps.getPkg(), ps);

                    final boolean usesSdk = !ps.getPkg().getUsesSdkLibraries().isEmpty();

                    final CreateAppDataArgs args = Installer.buildCreateAppDataArgs(

                            ps.getVolumeUuid(), ps.getPackageName(), userHandle,

                            StorageManager.FLAG_STORAGE_CE | StorageManager.FLAG_STORAGE_DE,

                            ps.getAppId(), seInfo, ps.getPkg().getTargetSdkVersion(), usesSdk);

                            StorageManager.FLAG_STORAGE_DE, ps.getAppId(), seInfo,

                            ps.getPkg().getTargetSdkVersion(), usesSdk);

                    batch.createAppData(args);

                } else {

                    // Make sure the app is excluded from storage mapping for this user

services/core/java/com/android/server/pm/UserManagerService.java

+4 −1
Original line number Diff line number Diff line
@@ -4662,9 +4662,12 @@ public class UserManagerService extends IUserManager.Stub { 
            storage.createUserKey(userId, userInfo.serialNumber, userInfo.isEphemeral());

            t.traceEnd();



            // Only prepare DE storage here.  CE storage will be prepared later, when the user is

            // unlocked.  We do this to ensure that CE storage isn't prepared before the CE key is

            // saved to disk.  This also matches what is done for user 0.

            t.traceBegin("prepareUserData");

            mUserDataPreparer.prepareUserData(userId, userInfo.serialNumber,

                    StorageManager.FLAG_STORAGE_DE | StorageManager.FLAG_STORAGE_CE);

                    StorageManager.FLAG_STORAGE_DE);

            t.traceEnd();



            t.traceBegin("LSS.createNewUser");