Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / c5ec1dad8f8878d7107d8aea9599d393e0f7eebe
commitc5ec1dad8f8878d7107d8aea9599d393e0f7eebe[log] [tgz]
authorEric Biggers <ebiggers@google.com>Fri Sep 27 20:21:00 2024 +0000
committerEric Biggers <ebiggers@google.com>Fri Sep 27 20:21:00 2024 +0000
tree3b87a8eb202217fb88eb3b4fca634276a4c6724f
parentd88b39e9eaa13bc45faf91f2fe082b505c49684b [diff]
Support disabling Weaver on unsecured users

As a temporary workaround for devices whose Weaver HAL does not work
reliably during boot, add a config option that disables the use of
Weaver to protect the synthetic password of users with no LSKF.  Make
the option take effect when creating any new SP protector.  Also make it
take effect when upgrading, by replacing the existing SP protector if
needed.  If there is an existing SP, also ensure that the CE key is
encrypted by it and that the Keystore super keys have been initialized.

Bug: 368151356
Test: atest FrameworksServicesTests:com.android.server.locksettings
Flag: EXEMPT uses config option instead
Change-Id: Ie67f0141e61bd895c92851bdd4f1352b6c7b6776
5 files changed
tree: 3b87a8eb202217fb88eb3b4fca634276a4c6724f
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. media/
  19. mime/
  20. mms/
  21. native/
  22. nfc/
  23. nfc-extras/
  24. obex/
  25. omapi/
  26. opengl/
  27. packages/
  28. proto/
  29. ravenwood/
  30. rs/
  31. samples/
  32. sax/
  33. services/
  34. startop/
  35. telecomm/
  36. telephony/
  37. test-base/
  38. test-junit/
  39. test-legacy/
  40. test-mock/
  41. test-runner/
  42. tests/
  43. tools/
  44. wifi/
  45. .clang-format
  46. .gitignore
  47. .mailmap
  48. AconfigFlags.bp
  49. ACTIVITY_MANAGER_OWNERS
  50. ADPF_OWNERS
  51. Android.bp
  52. BAL_OWNERS
  53. BATTERY_STATS_OWNERS
  54. BROADCASTS_OWNERS
  55. CleanSpec.mk
  56. framework-jarjar-rules.txt
  57. GAME_MANAGER_OWNERS
  58. INPUT_OWNERS
  59. INTENT_OWNERS
  60. lint-baseline.xml
  61. LSE_APP_COMPAT_OWNERS
  62. MEMORY_OWNERS
  63. METADATA
  64. MODULE_LICENSE_APACHE2
  65. MULTIUSER_OWNERS
  66. NOTICE
  67. OOM_ADJUSTER_OWNERS
  68. OWNERS
  69. OWNERS.md
  70. PACKAGE_MANAGER_OWNERS
  71. pathmap.mk
  72. PERFORMANCE_OWNERS
  73. PREUPLOAD.cfg
  74. ProtoLibraries.bp
  75. Ravenwood.bp
  76. SECURITY_STATE_OWNERS
  77. SQLITE_OWNERS
  78. TEST_MAPPING
  79. TestProtoLibraries.bp
  80. THERMAL_OWNERS
  81. TRACE_OWNERS
  82. WEAR_OWNERS
  83. ZYGOTE_OWNERS