RESTRICT AUTOMERGE Delete keystore keys from... (7c3df3c2) · Commits · e / os / android_frameworks_base

keystore/java/android/security/AndroidKeyStoreMaintenance.java

+22 −0

Original line number	Diff line number	Diff line
		@@ -18,8 +18,10 @@ package android.security;

		import android.annotation.NonNull;
		import android.annotation.Nullable;
		import android.os.RemoteException;
		import android.os.ServiceManager;
		import android.os.ServiceSpecificException;
		import android.os.StrictMode;
		import android.security.maintenance.IKeystoreMaintenance;
		import android.system.keystore2.Domain;
		import android.system.keystore2.KeyDescriptor;
		@@ -183,4 +185,24 @@ public class AndroidKeyStoreMaintenance {
		return SYSTEM_ERROR;
		}
		}

		/**
		* Deletes all keys in all KeyMint devices.
		* Called by RecoverySystem before rebooting to recovery in order to delete all KeyMint keys,
		* including synthetic password protector keys (used by LockSettingsService), as well as keys
		* protecting DE and metadata encryption keys (used by vold). This ensures that FBE-encrypted
		* data is unrecoverable even if the data wipe in recovery is interrupted or skipped.
		*/
		public static void deleteAllKeys() throws KeyStoreException {
		StrictMode.noteDiskWrite();
		try {
		getService().deleteAllKeys();
		} catch (RemoteException \| NullPointerException e) {
		throw new KeyStoreException(SYSTEM_ERROR,
		"Failure to connect to Keystore while trying to delete all keys.");
		} catch (ServiceSpecificException e) {
		throw new KeyStoreException(e.errorCode,
		"Keystore error while trying to delete all keys.");
		}
		}
		}

services/core/java/com/android/server/recoverysystem/RecoverySystemService.java

+19 −0

Original line number	Diff line number	Diff line
		@@ -52,6 +52,7 @@ import android.os.ShellCallback;
		import android.os.SystemProperties;
		import android.provider.DeviceConfig;
		import android.sysprop.ApexProperties;
		import android.security.AndroidKeyStoreMaintenance;
		import android.util.ArrayMap;
		import android.util.ArraySet;
		import android.util.FastImmutableArraySet;
		@@ -66,6 +67,7 @@ import com.android.internal.widget.RebootEscrowListener;
		import com.android.server.LocalServices;
		import com.android.server.SystemService;
		import com.android.server.pm.ApexManager;
		import com.android.server.utils.Slogf;

		import libcore.io.IoUtils;

		@@ -117,6 +119,8 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo
		static final String LSKF_CAPTURED_TIMESTAMP_PREF = "lskf_captured_timestamp";
		static final String LSKF_CAPTURED_COUNT_PREF = "lskf_captured_count";

		static final String RECOVERY_WIPE_DATA_COMMAND = "--wipe_data";

		private final Injector mInjector;
		private final Context mContext;

		@@ -511,17 +515,32 @@ public class RecoverySystemService extends IRecoverySystem.Stub implements Reboo
		@Override // Binder call
		public void rebootRecoveryWithCommand(String command) {
		if (DEBUG) Slog.d(TAG, "rebootRecoveryWithCommand: [" + command + "]");

		boolean isForcedWipe = command != null && command.contains(RECOVERY_WIPE_DATA_COMMAND);
		synchronized (sRequestLock) {
		if (!setupOrClearBcb(true, command)) {
		return;
		}

		if (isForcedWipe) {
		deleteSecrets();
		}

		// Having set up the BCB, go ahead and reboot.
		PowerManager pm = mInjector.getPowerManager();
		pm.reboot(PowerManager.REBOOT_RECOVERY);
		}
		}

		private static void deleteSecrets() {
		Slogf.w(TAG, "deleteSecrets");
		try {
		AndroidKeyStoreMaintenance.deleteAllKeys();
		} catch (android.security.KeyStoreException e) {
		Log.wtf(TAG, "Failed to delete all keys from keystore.", e);
		}
		}

		private void enforcePermissionForResumeOnReboot() {
		if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.RECOVERY)
		!= PackageManager.PERMISSION_GRANTED