Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8f9038c0 authored by Robert Berry's avatar Robert Berry
Browse files

Fix setServerParams to not always set snapshot pending 

Only updates should set snapshot pending. Setting the server params for
the first time should not set snapshot pending. If it did, then just
initializing the recovery agent would cause a snapshot to be made, even
if it contained no keys. Also, setting the snapshot to the same value as
it was previously should not set snapshot pending, for the exact same
reason. If the server params were to change, however, for some reason,
then a new snapshot must be made, so that it can be synced to the correct
vault.

Bug: 74949975
Test: runtest frameworks-services -p \
      com.android.server.locksettings.recoverablekeystore

Change-Id: Ie09284553f922de869be7bcd577d0f0eb9d0bbd3
parent 3ff20e22

services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java

+23 −2
Original line number Original line Diff line number Diff line
@@ -317,14 +317,35 @@ public class RecoverableKeyStoreManager { 
        mListenersStorage.setSnapshotListener(uid, intent);

        mListenersStorage.setSnapshotListener(uid, intent);

    }

    }





    /**

     * Set the server params for the user's key chain. This is used to uniquely identify a key

     * chain. Along with the counter ID, it is used to uniquely identify an instance of a vault.

     */

    public void setServerParams(@NonNull byte[] serverParams) throws RemoteException {

    public void setServerParams(@NonNull byte[] serverParams) throws RemoteException {

        checkRecoverKeyStorePermission();

        checkRecoverKeyStorePermission();

        int userId = UserHandle.getCallingUserId();

        int userId = UserHandle.getCallingUserId();

        int uid = Binder.getCallingUid();

        int uid = Binder.getCallingUid();



        byte[] currentServerParams = mDatabase.getServerParams(userId, uid);



        if (Arrays.equals(serverParams, currentServerParams)) {

            Log.v(TAG, "Not updating server params - same as old value.");

            return;

        }



        long updatedRows = mDatabase.setServerParams(userId, uid, serverParams);

        long updatedRows = mDatabase.setServerParams(userId, uid, serverParams);

        if (updatedRows > 0) {

        if (updatedRows < 1) {

            mDatabase.setShouldCreateSnapshot(userId, uid, true);

            throw new ServiceSpecificException(

                    ERROR_SERVICE_INTERNAL_ERROR, "Database failure trying to set server params.");

        }

        }



        if (currentServerParams == null) {

            Log.i(TAG, "Initialized server params.");

            return;

        }



        Log.i(TAG, "Updated server params. Snapshot pending.");

        mDatabase.setShouldCreateSnapshot(userId, uid, true);

    }

    }





    /**

    /**

services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java

+45 −0
Original line number Original line Diff line number Diff line
@@ -895,6 +895,51 @@ public class RecoverableKeyStoreManagerTest { 
        verify(mMockListenersStorage).setSnapshotListener(eq(uid), any(PendingIntent.class));

        verify(mMockListenersStorage).setSnapshotListener(eq(uid), any(PendingIntent.class));

    }

    }





    @Test

    public void setServerParams_updatesServerParams() throws Exception {

        int uid = Binder.getCallingUid();

        int userId = UserHandle.getCallingUserId();

        byte[] serverParams = new byte[] { 1 };



        mRecoverableKeyStoreManager.setServerParams(serverParams);



        assertThat(mRecoverableKeyStoreDb.getServerParams(userId, uid)).isEqualTo(serverParams);

    }



    @Test

    public void setServerParams_doesNotSetSnapshotPendingIfInitializing() throws Exception {

        int uid = Binder.getCallingUid();

        int userId = UserHandle.getCallingUserId();

        byte[] serverParams = new byte[] { 1 };



        mRecoverableKeyStoreManager.setServerParams(serverParams);



        assertThat(mRecoverableKeyStoreDb.getShouldCreateSnapshot(userId, uid)).isFalse();

    }



    @Test

    public void setServerParams_doesNotSetSnapshotPendingIfSettingSameValue() throws Exception {

        int uid = Binder.getCallingUid();

        int userId = UserHandle.getCallingUserId();

        byte[] serverParams = new byte[] { 1 };



        mRecoverableKeyStoreManager.setServerParams(serverParams);

        mRecoverableKeyStoreManager.setServerParams(serverParams);



        assertThat(mRecoverableKeyStoreDb.getShouldCreateSnapshot(userId, uid)).isFalse();

    }



    @Test

    public void setServerParams_setsSnapshotPendingIfUpdatingValue() throws Exception {

        int uid = Binder.getCallingUid();

        int userId = UserHandle.getCallingUserId();



        mRecoverableKeyStoreManager.setServerParams(new byte[] { 1 });

        mRecoverableKeyStoreManager.setServerParams(new byte[] { 2 });



        assertThat(mRecoverableKeyStoreDb.getShouldCreateSnapshot(userId, uid)).isTrue();

    }



    @Test

    @Test

    public void setRecoverySecretTypes() throws Exception {

    public void setRecoverySecretTypes() throws Exception {

        int[] types1 = new int[]{11, 2000};

        int[] types1 = new int[]{11, 2000};