Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 1e81807b183f08c9b7a68d225afff8b9ffb60fbe
commit1e81807b183f08c9b7a68d225afff8b9ffb60fbe[log] [tgz]
authorNikolay Elenkov <nikolayelenkov@google.com>Sun Jun 30 06:20:30 2024 +0000
committerCherrypicker Worker <android-build-cherrypicker-worker@google.com>Wed Jul 03 02:59:38 2024 +0000
treeb1cf416218fcac4d63485c1d79eb17492e2bfafb
parent43668e40b3b3365e0a4a0a1aea8dc05b16130707 [diff]
RESTRICT AUTOMERGE Delete keystore keys from RecoveryService.rebootRecoveryWithCommand()

Adds deleteSecrets() to RecoverySystemService. This method is called
from rebootRecoveryWithCommand () before the --wipe_data command is
passed to recovery and the device is force-rebooted.

deleteSecerts() calls IKeystoreMaintenance.deleteAllKeys() in order to
quickly destroy the keys protecting the synthetic password blobs
used to derive FBE encryption keys.

The intent is to make FBE-encrypted data unrecoverable even if the full
data wipe in recovery is interrupted or skipped.

Bug: 324321147
Test: Manual - System -> Reset options -> Erase all data.
Test: Hold VolDown key to interrupt reboot and stop at bootloader
screen.
Test: fastboot oem bcd wipe command && fastboot oem bcd wipe recovery
Test: fastboot reboot
Test: Device reboots into recovery and prompts to factory reset:
Test: 'Cannot load Android system. Your data may be corrupt. ...'
(cherry picked from https://android-review.googlesource.com/q/commit:0d00031851e9f5d8ef93947205a7e8b5257f0d8d)
Ignore-AOSP-First: Security fix backport
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:9cdf9eae2e02a6c3651379c33c4655368b009d13)
Merged-In: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a
Change-Id: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a
2 files changed
tree: b1cf416218fcac4d63485c1d79eb17492e2bfafb
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. lowpan/
  19. media/
  20. mime/
  21. mms/
  22. native/
  23. nfc-extras/
  24. obex/
  25. opengl/
  26. packages/
  27. proto/
  28. rs/
  29. samples/
  30. sax/
  31. services/
  32. startop/
  33. telecomm/
  34. telephony/
  35. test-base/
  36. test-legacy/
  37. test-mock/
  38. test-runner/
  39. tests/
  40. tools/
  41. wifi/
  42. .clang-format
  43. .gitignore
  44. .mailmap
  45. Android.bp
  46. Android.mk
  47. ApiDocs.bp
  48. BATTERY_STATS_OWNERS
  49. CleanSpec.mk
  50. framework-jarjar-rules.txt
  51. METADATA
  52. MODULE_LICENSE_APACHE2
  53. MULTIUSER_OWNERS
  54. NOTICE
  55. OWNERS
  56. OWNERS.md
  57. pathmap.mk
  58. PREUPLOAD.cfg
  59. ProtoLibraries.bp
  60. StubLibraries.bp
  61. TEST_MAPPING
  62. TestProtoLibraries.bp
  63. ZYGOTE_OWNERS