Loading cmds/statsd/src/atoms.proto +12 −0 Original line number Diff line number Diff line Loading @@ -333,6 +333,7 @@ message Atom { MediaProviderSchemaChange media_provider_schema_change = 236 [(module) = "mediaprovider"]; MediaProviderIdleMaintenance media_provider_idle_maintenance = 237 [(module) = "mediaprovider"]; RebootEscrowRecoveryReported reboot_escrow_recovery_reported = 238; } // Pulled events will start at field 10000. Loading Loading @@ -7338,6 +7339,17 @@ message UpdateEngineSuccessfulUpdateReported { optional int32 reboot_count = 7; } /** * Reported when the RebootEscrow HAL has attempted to recover the escrowed * key to indicate whether it was successful or not. * * Logged from: * frameworks/base/services/core/java/com/android/server/locksettings/RebootEscrowManager.java */ message RebootEscrowRecoveryReported { optional bool successful = 1; } /** * Global display pipeline metrics reported by SurfaceFlinger. * Pulled from: Loading services/core/java/com/android/server/locksettings/RebootEscrowManager.java +43 −16 Original line number Diff line number Diff line Loading @@ -25,11 +25,13 @@ import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserManager; import android.util.Slog; import android.util.StatsLog; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.widget.RebootEscrowListener; import java.io.IOException; import java.util.ArrayList; import java.util.List; import java.util.NoSuchElementException; import java.util.concurrent.atomic.AtomicBoolean; Loading Loading @@ -109,20 +111,50 @@ class RebootEscrowManager { } void loadRebootEscrowDataIfAvailable() { List<UserInfo> users = mUserManager.getUsers(); List<UserInfo> rebootEscrowUsers = new ArrayList<>(); for (UserInfo user : users) { if (mCallbacks.isUserSecure(user.id) && mStorage.hasRebootEscrow(user.id)) { rebootEscrowUsers.add(user); } } if (rebootEscrowUsers.isEmpty()) { return; } SecretKeySpec escrowKey = getAndClearRebootEscrowKey(); if (escrowKey == null) { Slog.w(TAG, "Had reboot escrow data for users, but no key; removing escrow storage."); for (UserInfo user : users) { mStorage.removeRebootEscrow(user.id); } StatsLog.write(StatsLog.REBOOT_ESCROW_RECOVERY_REPORTED, false); return; } boolean allUsersUnlocked = true; for (UserInfo user : rebootEscrowUsers) { allUsersUnlocked &= restoreRebootEscrowForUser(user.id, escrowKey); } StatsLog.write(StatsLog.REBOOT_ESCROW_RECOVERY_REPORTED, allUsersUnlocked); } private SecretKeySpec getAndClearRebootEscrowKey() { IRebootEscrow rebootEscrow = mInjector.getRebootEscrow(); if (rebootEscrow == null) { return; return null; } final SecretKeySpec escrowKey; try { byte[] escrowKeyBytes = rebootEscrow.retrieveKey(); if (escrowKeyBytes == null) { return; Slog.w(TAG, "Had reboot escrow data for users, but could not retrieve key"); return null; } else if (escrowKeyBytes.length != 32) { Slog.e(TAG, "IRebootEscrow returned key of incorrect size " + escrowKeyBytes.length); return; return null; } // Make sure we didn't get the null key. Loading @@ -132,29 +164,22 @@ class RebootEscrowManager { } if (zero == 0) { Slog.w(TAG, "IRebootEscrow returned an all-zeroes key"); return; return null; } // Overwrite the existing key with the null key rebootEscrow.storeKey(new byte[32]); escrowKey = RebootEscrowData.fromKeyBytes(escrowKeyBytes); return RebootEscrowData.fromKeyBytes(escrowKeyBytes); } catch (RemoteException e) { Slog.w(TAG, "Could not retrieve escrow data"); return; } List<UserInfo> users = mUserManager.getUsers(); for (UserInfo user : users) { if (mCallbacks.isUserSecure(user.id)) { restoreRebootEscrowForUser(user.id, escrowKey); } return null; } } private void restoreRebootEscrowForUser(@UserIdInt int userId, SecretKeySpec escrowKey) { private boolean restoreRebootEscrowForUser(@UserIdInt int userId, SecretKeySpec escrowKey) { if (!mStorage.hasRebootEscrow(userId)) { return; return false; } try { Loading @@ -165,9 +190,11 @@ class RebootEscrowManager { mCallbacks.onRebootEscrowRestored(escrowData.getSpVersion(), escrowData.getSyntheticPassword(), userId); return true; } catch (IOException e) { Slog.w(TAG, "Could not load reboot escrow data for user " + userId, e); } return false; } void callToRebootEscrowIfNeeded(@UserIdInt int userId, byte spVersion, Loading Loading
cmds/statsd/src/atoms.proto +12 −0 Original line number Diff line number Diff line Loading @@ -333,6 +333,7 @@ message Atom { MediaProviderSchemaChange media_provider_schema_change = 236 [(module) = "mediaprovider"]; MediaProviderIdleMaintenance media_provider_idle_maintenance = 237 [(module) = "mediaprovider"]; RebootEscrowRecoveryReported reboot_escrow_recovery_reported = 238; } // Pulled events will start at field 10000. Loading Loading @@ -7338,6 +7339,17 @@ message UpdateEngineSuccessfulUpdateReported { optional int32 reboot_count = 7; } /** * Reported when the RebootEscrow HAL has attempted to recover the escrowed * key to indicate whether it was successful or not. * * Logged from: * frameworks/base/services/core/java/com/android/server/locksettings/RebootEscrowManager.java */ message RebootEscrowRecoveryReported { optional bool successful = 1; } /** * Global display pipeline metrics reported by SurfaceFlinger. * Pulled from: Loading
services/core/java/com/android/server/locksettings/RebootEscrowManager.java +43 −16 Original line number Diff line number Diff line Loading @@ -25,11 +25,13 @@ import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserManager; import android.util.Slog; import android.util.StatsLog; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.widget.RebootEscrowListener; import java.io.IOException; import java.util.ArrayList; import java.util.List; import java.util.NoSuchElementException; import java.util.concurrent.atomic.AtomicBoolean; Loading Loading @@ -109,20 +111,50 @@ class RebootEscrowManager { } void loadRebootEscrowDataIfAvailable() { List<UserInfo> users = mUserManager.getUsers(); List<UserInfo> rebootEscrowUsers = new ArrayList<>(); for (UserInfo user : users) { if (mCallbacks.isUserSecure(user.id) && mStorage.hasRebootEscrow(user.id)) { rebootEscrowUsers.add(user); } } if (rebootEscrowUsers.isEmpty()) { return; } SecretKeySpec escrowKey = getAndClearRebootEscrowKey(); if (escrowKey == null) { Slog.w(TAG, "Had reboot escrow data for users, but no key; removing escrow storage."); for (UserInfo user : users) { mStorage.removeRebootEscrow(user.id); } StatsLog.write(StatsLog.REBOOT_ESCROW_RECOVERY_REPORTED, false); return; } boolean allUsersUnlocked = true; for (UserInfo user : rebootEscrowUsers) { allUsersUnlocked &= restoreRebootEscrowForUser(user.id, escrowKey); } StatsLog.write(StatsLog.REBOOT_ESCROW_RECOVERY_REPORTED, allUsersUnlocked); } private SecretKeySpec getAndClearRebootEscrowKey() { IRebootEscrow rebootEscrow = mInjector.getRebootEscrow(); if (rebootEscrow == null) { return; return null; } final SecretKeySpec escrowKey; try { byte[] escrowKeyBytes = rebootEscrow.retrieveKey(); if (escrowKeyBytes == null) { return; Slog.w(TAG, "Had reboot escrow data for users, but could not retrieve key"); return null; } else if (escrowKeyBytes.length != 32) { Slog.e(TAG, "IRebootEscrow returned key of incorrect size " + escrowKeyBytes.length); return; return null; } // Make sure we didn't get the null key. Loading @@ -132,29 +164,22 @@ class RebootEscrowManager { } if (zero == 0) { Slog.w(TAG, "IRebootEscrow returned an all-zeroes key"); return; return null; } // Overwrite the existing key with the null key rebootEscrow.storeKey(new byte[32]); escrowKey = RebootEscrowData.fromKeyBytes(escrowKeyBytes); return RebootEscrowData.fromKeyBytes(escrowKeyBytes); } catch (RemoteException e) { Slog.w(TAG, "Could not retrieve escrow data"); return; } List<UserInfo> users = mUserManager.getUsers(); for (UserInfo user : users) { if (mCallbacks.isUserSecure(user.id)) { restoreRebootEscrowForUser(user.id, escrowKey); } return null; } } private void restoreRebootEscrowForUser(@UserIdInt int userId, SecretKeySpec escrowKey) { private boolean restoreRebootEscrowForUser(@UserIdInt int userId, SecretKeySpec escrowKey) { if (!mStorage.hasRebootEscrow(userId)) { return; return false; } try { Loading @@ -165,9 +190,11 @@ class RebootEscrowManager { mCallbacks.onRebootEscrowRestored(escrowData.getSpVersion(), escrowData.getSyntheticPassword(), userId); return true; } catch (IOException e) { Slog.w(TAG, "Could not load reboot escrow data for user " + userId, e); } return false; } void callToRebootEscrowIfNeeded(@UserIdInt int userId, byte spVersion, Loading
