Merge "Delete the user key when deleting a user." into mnc-dr-dev (bac3d093) · Commits · e / os / android_frameworks_base

core/java/android/os/storage/IMountService.java

+30 −0

Original line number	Diff line number	Diff line
		@@ -1208,6 +1208,21 @@ public interface IMountService extends IInterface {
		_data.recycle();
		}
		}

		@Override
		public void deleteUserKey(int userHandle) throws RemoteException {
		Parcel _data = Parcel.obtain();
		Parcel _reply = Parcel.obtain();
		try {
		_data.writeInterfaceToken(DESCRIPTOR);
		_data.writeInt(userHandle);
		mRemote.transact(Stub.TRANSACTION_deleteUserKey, _data, _reply, 0);
		_reply.readException();
		} finally {
		_reply.recycle();
		_data.recycle();
		}
		}
		}

		private static final String DESCRIPTOR = "IMountService";
		@@ -1326,6 +1341,7 @@ public interface IMountService extends IInterface {
		static final int TRANSACTION_remountUid = IBinder.FIRST_CALL_TRANSACTION + 61;

		static final int TRANSACTION_createNewUserDir = IBinder.FIRST_CALL_TRANSACTION + 62;
		static final int TRANSACTION_deleteUserKey = IBinder.FIRST_CALL_TRANSACTION + 63;

		/**
		* Cast an IBinder object into an IMountService interface, generating a
		@@ -1895,6 +1911,13 @@ public interface IMountService extends IInterface {
		reply.writeNoException();
		return true;
		}
		case TRANSACTION_deleteUserKey: {
		data.enforceInterface(DESCRIPTOR);
		int userHandle = data.readInt();
		deleteUserKey(userHandle);
		reply.writeNoException();
		return true;
		}
		}
		return super.onTransact(code, data, reply, flags);
		}
		@@ -2214,4 +2237,11 @@ public interface IMountService extends IInterface {
		*/
		public void createNewUserDir(int userHandle, String path)
		throws RemoteException;

		/**
		* Securely delete the user's encryption key
		* @param userHandle Handle of the user whose key we are deleting
		*/
		public void deleteUserKey(int userHandle)
		throws RemoteException;
		}

core/java/android/os/storage/StorageManager.java

+9 −0

Original line number	Diff line number	Diff line
		@@ -954,6 +954,15 @@ public class StorageManager {
		}
		}

		/** {@hide} */
		public void deleteUserKey(int userHandle) {
		try {
		mMountService.deleteUserKey(userHandle);
		} catch (RemoteException e) {
		throw e.rethrowAsRuntimeException();
		}
		}

		/** {@hide} */
		public static File maybeTranslateEmulatedPathToInternal(File path) {
		final IMountService mountService = IMountService.Stub.asInterface(

services/core/java/com/android/server/MountService.java

+29 −0

Original line number	Diff line number	Diff line
		@@ -2586,6 +2586,35 @@ class MountService extends IMountService.Stub
		}
		}

		// ext4enc:TODO duplication between this and createNewUserDir is nasty
		@Override
		public void deleteUserKey(int userHandle) {
		if (Binder.getCallingUid() != Process.SYSTEM_UID) {
		throw new SecurityException("Only SYSTEM_UID can delete user keys");
		}

		waitForReady();

		if (DEBUG_EVENTS) {
		Slog.i(TAG, "Deleting user key");
		}

		try {
		NativeDaemonEvent event = mCryptConnector.execute(
		"cryptfs", "deleteuserkey", userHandle);
		if (!"0".equals(event.getMessage())) {
		String error = "deleteuserkey sent unexpected message: "
		+ event.getMessage();
		Slog.e(TAG, error);
		// ext4enc:TODO is this the right exception?
		throw new RuntimeException(error);
		}
		} catch (NativeDaemonConnectorException e) {
		Slog.e(TAG, "deleteuserkey threw exception", e);
		throw new RuntimeException("deleteuserkey threw exception", e);
		}
		}

		@Override
		public int mkdirs(String callingPkg, String appPath) {
		final int userId = UserHandle.getUserId(Binder.getCallingUid());

services/core/java/com/android/server/pm/UserManagerService.java

+2 −0

Original line number	Diff line number	Diff line
		@@ -1470,6 +1470,8 @@ public class UserManagerService extends IUserManager.Stub {
		}

		private void removeUserStateLocked(final int userHandle) {
		mContext.getSystemService(StorageManager.class)
		.deleteUserKey(userHandle);
		// Cleanup package manager settings
		mPm.cleanUpUserLILPw(this, userHandle);