commit 1cba413896052533720feb21d91e69b8d62d8560
author Jackeagle <jackeagle102@gmail.com> Wed Dec 19 17:08:24 2018 +0100
committer Jackeagle <jackeagle102@gmail.com> Wed Dec 19 17:08:56 2018 +0100
tree 882714578e3e883384d5285377cd2cfe7c8cdf05
parent a3ae16b36d4594e7a765a3d79d7fded14c07ff2c

patches: Bliss GSI v11.4 Release

Signed-off-by: Jackeagle <jackeagle102@gmail.com>
Change-Id: I372e872292ed19dde130635da2882309751f59dd

patches/frameworks/base/0023-Revert-LockSettingsService-Support-for-separate-clea.patch

diff --git a/patches/frameworks/base/0023-Revert-LockSettingsService-Support-for-separate-clea.patch b/patches/frameworks/base/0023-Revert-LockSettingsService-Support-for-separate-clea.patch
new file mode 100644
index 0000000..b7a792e
--- /dev/null
+++ b/patches/frameworks/base/0023-Revert-LockSettingsService-Support-for-separate-clea.patch
@@ -0,0 +1,87 @@
+From d695b3ddea63624a658650291d58dab437688e98 Mon Sep 17 00:00:00 2001
+From: Jackeagle <jackeagle102@gmail.com>
+Date: Wed, 19 Dec 2018 17:05:29 +0100
+Subject: [PATCH 23/25] Revert "LockSettingsService: Support for separate clear
+ key api"
+
+This reverts commit 32b8f829d566bfd3d89c9b3eb018f0fc4d408e2d.
+---
+ .../android/os/storage/IStorageManager.aidl    |  1 -
+ .../android/server/StorageManagerService.java  | 18 ------------------
+ .../locksettings/LockSettingsService.java      | 14 +-------------
+ 3 files changed, 1 insertion(+), 32 deletions(-)
+
+diff --git a/core/java/android/os/storage/IStorageManager.aidl b/core/java/android/os/storage/IStorageManager.aidl
+index 49bc9e4d8d0..55a202fd3a6 100644
+--- a/core/java/android/os/storage/IStorageManager.aidl
++++ b/core/java/android/os/storage/IStorageManager.aidl
+@@ -187,5 +187,4 @@ interface IStorageManager {
+     void allocateBytes(String volumeUuid, long bytes, int flags, String callingPackage) = 78;
+     void runIdleMaintenance() = 79;
+     void abortIdleMaintenance() = 80;
+-    void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 81;
+ }
+diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
+index e70e12c25da..aa0e33e15df 100644
+--- a/services/core/java/com/android/server/StorageManagerService.java
++++ b/services/core/java/com/android/server/StorageManagerService.java
+@@ -2530,24 +2530,6 @@ class StorageManagerService extends IStorageManager.Stub
+         }
+     }
+ 
+-    /*
+-     * Clear disk encryption key bound to the associated token / secret pair. Removing the user
+-     * binding of the Disk encryption key is done in two phases: first, this call will retrieve
+-     * the disk encryption key using the provided token / secret pair and store it by
+-     * encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth
+-     * is called to delete all other bindings of the disk encryption key.
+-     */
+-    @Override
+-    public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {
+-        enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
+-
+-        try {
+-            mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));
+-        } catch (Exception e) {
+-            Slog.wtf(TAG, e);
+-        }
+-    }
+-
+     /*
+      * Delete all disk encryption token/secret pairs except the most recently added one
+      */
+diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
+index 66cc1a3334d..f04a36d4f78 100644
+--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
++++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
+@@ -1564,18 +1564,6 @@ public class LockSettingsService extends ILockSettings.Stub {
+         addUserKeyAuth(userId, null, null);
+     }
+ 
+-    private void clearUserKeyAuth(int userId, byte[] token, byte[] secret) throws RemoteException {
+-        if (DEBUG) Slog.d(TAG, "clearUserKeyProtection user=" + userId);
+-        final UserInfo userInfo = mUserManager.getUserInfo(userId);
+-        final IStorageManager storageManager = mInjector.getStorageManager();
+-        final long callingId = Binder.clearCallingIdentity();
+-        try {
+-            storageManager.clearUserKeyAuth(userId, userInfo.serialNumber, token, secret);
+-        } finally {
+-            Binder.restoreCallingIdentity(callingId);
+-        }
+-    }
+-
+     private static byte[] secretFromCredential(String credential) throws RemoteException {
+         try {
+             MessageDigest digest = MessageDigest.getInstance("SHA-512");
+@@ -2519,7 +2507,7 @@ public class LockSettingsService extends ILockSettings.Stub {
+             getGateKeeperService().clearSecureUserId(userId);
+             // Clear key from vold so ActivityManager can just unlock the user with empty secret
+             // during boot.
+-            clearUserKeyAuth(userId, null, auth.deriveDiskEncryptionKey());
++            clearUserKeyProtection(userId);
+             fixateNewestUserKeyAuth(userId);
+             setKeystorePassword(null, userId);
+         }
+-- 
+2.17.1
+