Remove HardwareAuthToken parameter from clearUserKeyAuth (d04de5ce) · Commits · e / os / android_frameworks_base

core/java/android/os/storage/IStorageManager.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -195,7 +195,7 @@ interface IStorageManager {
		void startCheckpoint(int numTries) = 85;
		boolean needsCheckpoint() = 86;
		void abortChanges(in String message, boolean retry) = 87;
		void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 88;
		void clearUserKeyAuth(int userId, int serialNumber, in byte[] secret) = 88;
		void fixupAppDir(in String path) = 89;
		void disableAppDataIsolation(in String pkgName, int pid, int userId) = 90;
		void notifyAppIoBlocked(in String volumeUuid, int uid, int tid, int reason) = 91;

services/core/java/com/android/server/StorageManagerService.java

+9 −8

Original line number	Diff line number	Diff line
		@@ -3427,25 +3427,26 @@ class StorageManagerService extends IStorageManager.Stub
		}

		/*
		* Clear disk encryption key bound to the associated token / secret pair. Removing the user
		* binding of the Disk encryption key is done in two phases: first, this call will retrieve
		* the disk encryption key using the provided token / secret pair and store it by
		* encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth
		* is called to delete all other bindings of the disk encryption key.
		* Store a user's disk encryption key without secret binding. Removing the
		* secret for a disk encryption key is done in two phases. First, this
		* method is called to retrieve the key using the provided secret and store
		* it encrypted with a keystore key not bound to the user. Second,
		* fixateNewestUserKeyAuth is called to delete the key's other bindings.
		*/
		@Override
		public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {
		public void clearUserKeyAuth(int userId, int serialNumber, byte[] secret) {
		enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);

		try {
		mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));
		mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(secret));
		} catch (Exception e) {
		Slog.wtf(TAG, e);
		}
		}

		/*
		* Delete all disk encryption token/secret pairs except the most recently added one
		* Delete all bindings of a user's disk encryption key except the most
		* recently added one.
		*/
		@Override
		public void fixateNewestUserKeyAuth(int userId) {

services/core/java/com/android/server/locksettings/LockSettingsService.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -1901,7 +1901,7 @@ public class LockSettingsService extends ILockSettings.Stub {
		final UserInfo userInfo = mUserManager.getUserInfo(userId);
		final long callingId = Binder.clearCallingIdentity();
		try {
		mStorageManager.clearUserKeyAuth(userId, userInfo.serialNumber, null, secret);
		mStorageManager.clearUserKeyAuth(userId, userInfo.serialNumber, secret);
		} catch (RemoteException e) {
		throw new IllegalStateException("clearUserKeyAuth failed user=" + userId);
		} finally {

services/tests/servicestests/src/com/android/server/locksettings/BaseLockSettingsServiceTests.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -232,10 +232,10 @@ public abstract class BaseLockSettingsServiceTests {
		Object[] args = invocation.getArguments();
		mStorageManager.clearUserKeyAuth((int) args[0] /* userId */,
		(int) args[1] /* serialNumber */,
		(byte[]) args[3] /* secret */);
		(byte[]) args[2] /* secret */);
		return null;
		}
		}).when(sm).clearUserKeyAuth(anyInt(), anyInt(), any(), any());
		}).when(sm).clearUserKeyAuth(anyInt(), anyInt(), any());

		doAnswer(
		new Answer<Void>() {