Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6564d713 authored by Eric Biggers's avatar Eric Biggers Committed by Automerger Merge Worker
Browse files

Remove HardwareAuthToken parameter from clearUserKeyAuth am: d04de5ce am: e4f51c74 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2021759

Change-Id: Ia6c464402c3336548c94b2b9450091cc804d6df3
parents 67fb478f e4f51c74

core/java/android/os/storage/IStorageManager.aidl

+1 −1
Original line number Original line Diff line number Diff line
@@ -142,7 +142,7 @@ interface IStorageManager { 
    void startCheckpoint(int numTries) = 85;

    void startCheckpoint(int numTries) = 85;

    boolean needsCheckpoint() = 86;

    boolean needsCheckpoint() = 86;

    void abortChanges(in String message, boolean retry) = 87;

    void abortChanges(in String message, boolean retry) = 87;

    void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 88;

    void clearUserKeyAuth(int userId, int serialNumber, in byte[] secret) = 88;

    void fixupAppDir(in String path) = 89;

    void fixupAppDir(in String path) = 89;

    void disableAppDataIsolation(in String pkgName, int pid, int userId) = 90;

    void disableAppDataIsolation(in String pkgName, int pid, int userId) = 90;

    void notifyAppIoBlocked(in String volumeUuid, int uid, int tid, int reason) = 91;

    void notifyAppIoBlocked(in String volumeUuid, int uid, int tid, int reason) = 91;

services/core/java/com/android/server/StorageManagerService.java

+9 −8
Original line number Original line Diff line number Diff line
@@ -3203,25 +3203,26 @@ class StorageManagerService extends IStorageManager.Stub 
    }

    }





    /*

    /*

     * Clear disk encryption key bound to the associated token / secret pair. Removing the user

     * Store a user's disk encryption key without secret binding.  Removing the

     * binding of the Disk encryption key is done in two phases: first, this call will retrieve

     * secret for a disk encryption key is done in two phases.  First, this

     * the disk encryption key using the provided token / secret pair and store it by

     * method is called to retrieve the key using the provided secret and store

     * encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth

     * it encrypted with a keystore key not bound to the user.  Second,

     * is called to delete all other bindings of the disk encryption key.

     * fixateNewestUserKeyAuth is called to delete the key's other bindings.

     */

     */

    @Override

    @Override

    public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {

    public void clearUserKeyAuth(int userId, int serialNumber, byte[] secret) {

        enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);

        enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);





        try {

        try {

            mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));

            mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(secret));

        } catch (Exception e) {

        } catch (Exception e) {

            Slog.wtf(TAG, e);

            Slog.wtf(TAG, e);

        }

        }

    }

    }





    /*

    /*

     * Delete all disk encryption token/secret pairs except the most recently added one

     * Delete all bindings of a user's disk encryption key except the most

     * recently added one.

     */

     */

    @Override

    @Override

    public void fixateNewestUserKeyAuth(int userId) {

    public void fixateNewestUserKeyAuth(int userId) {

services/core/java/com/android/server/locksettings/LockSettingsService.java

+1 −1
Original line number Original line Diff line number Diff line
@@ -1897,7 +1897,7 @@ public class LockSettingsService extends ILockSettings.Stub { 
        final UserInfo userInfo = mUserManager.getUserInfo(userId);

        final UserInfo userInfo = mUserManager.getUserInfo(userId);

        final long callingId = Binder.clearCallingIdentity();

        final long callingId = Binder.clearCallingIdentity();

        try {

        try {

            mStorageManager.clearUserKeyAuth(userId, userInfo.serialNumber, null, secret);

            mStorageManager.clearUserKeyAuth(userId, userInfo.serialNumber, secret);

        } catch (RemoteException e) {

        } catch (RemoteException e) {

            throw new IllegalStateException("clearUserKeyAuth failed user=" + userId);

            throw new IllegalStateException("clearUserKeyAuth failed user=" + userId);

        } finally {

        } finally {

services/tests/servicestests/src/com/android/server/locksettings/BaseLockSettingsServiceTests.java

+2 −2
Original line number Original line Diff line number Diff line
@@ -232,10 +232,10 @@ public abstract class BaseLockSettingsServiceTests { 
                Object[] args = invocation.getArguments();

                Object[] args = invocation.getArguments();

                mStorageManager.clearUserKeyAuth((int) args[0] /* userId */,

                mStorageManager.clearUserKeyAuth((int) args[0] /* userId */,

                        (int) args[1] /* serialNumber */,

                        (int) args[1] /* serialNumber */,

                        (byte[]) args[3] /* secret */);

                        (byte[]) args[2] /* secret */);

                return null;

                return null;

            }

            }

        }).when(sm).clearUserKeyAuth(anyInt(), anyInt(), any(), any());

        }).when(sm).clearUserKeyAuth(anyInt(), anyInt(), any());





        doAnswer(

        doAnswer(

                new Answer<Void>() {

                new Answer<Void>() {