Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 841fd433 authored by Rubin Xu's avatar Rubin Xu
Browse files

Stop invoking secdiscard when deleting password data 

secdiscard never works on recent devices; stop calling it to
reduce the false SELinux denials messages. Just logically
zeroize the data before unlinking it.

Bug: 62140539
Test: flash device; change PIN; observe no SELinux error messages.
Change-Id: I5f47fc81735a7d9995c2da9e52a25ae903db3ced
parent 999e97f4

core/java/android/os/storage/IStorageManager.aidl

+2 −3
Original line number Diff line number Diff line
@@ -185,7 +185,6 @@ interface IStorageManager { 
    long getCacheSizeBytes(String volumeUuid, int uid) = 76;

    long getAllocatableBytes(String volumeUuid, int flags, String callingPackage) = 77;

    void allocateBytes(String volumeUuid, long bytes, int flags, String callingPackage) = 78;

    void secdiscard(in String path) = 79;

    void runIdleMaintenance() = 80;

    void abortIdleMaintenance() = 81;

    void runIdleMaintenance() = 79;

    void abortIdleMaintenance() = 80;

}

core/java/android/os/storage/StorageManager.java

+0 −10
Original line number Diff line number Diff line
@@ -50,7 +50,6 @@ import android.os.RemoteException; 
import android.os.ServiceManager;

import android.os.ServiceManager.ServiceNotFoundException;

import android.os.SystemProperties;

import android.os.UserHandle;

import android.provider.Settings;

import android.system.ErrnoException;

import android.system.Os;
@@ -1322,15 +1321,6 @@ public class StorageManager { 
        }

    }



    /** {@hide} */

    public void secdiscard(String path) {

        try {

            mStorageManager.secdiscard(path);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }



    /** {@hide} */

    public static boolean isUserKeyUnlocked(int userId) {

        if (sStorageManager == null) {

services/core/java/com/android/server/StorageManagerService.java

+0 −11
Original line number Diff line number Diff line
@@ -2583,17 +2583,6 @@ class StorageManagerService extends IStorageManager.Stub 
        }

    }



    @Override

    public void secdiscard(String path) {

        enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);



        try {

            mVold.secdiscard(path);

        } catch (Exception e) {

            Slog.wtf(TAG, e);

        }

    }



    class AppFuseMountScope extends AppFuseBridge.MountScope {

        boolean opened = false;

services/core/java/com/android/server/locksettings/LockSettingsStorage.java

+4 −3
Original line number Diff line number Diff line
@@ -495,10 +495,11 @@ class LockSettingsStorage { 
        String path = getSynthenticPasswordStateFilePathForUser(userId, handle, name);

        File file = new File(path);

        if (file.exists()) {

            try {

                mContext.getSystemService(StorageManager.class).secdiscard(file.getAbsolutePath());

            try (RandomAccessFile raf = new RandomAccessFile(path, "rws")) {

                final int fileSize = (int) raf.length();

                raf.write(new byte[fileSize]);

            } catch (Exception e) {

                Slog.w(TAG, "Failed to secdiscard " + path, e);

                Slog.w(TAG, "Failed to zeroize " + path, e);

            } finally {

                file.delete();

            }