commit 5b8a0da7d1ec602cc16e4e73878915c76c320e61
author Jackeagle <jackeagle102@gmail.com> Thu Apr 25 06:24:48 2019 +0200
committer Jackeagle <jackeagle102@gmail.com> Thu Apr 25 06:25:34 2019 +0200
tree 4f992448f28e3fbe7731915d6b52f017e232f007
parent d42a514866be3d0dd99a02788339b8601b6e370b

patches: base: Add more patches

Signed-off-by: Jackeagle <jackeagle102@gmail.com>

patches/frameworks/base/0026-Revert-LockSettingsService-Support-for-separate-clea.patch

diff --git a/patches/frameworks/base/0026-Revert-LockSettingsService-Support-for-separate-clea.patch b/patches/frameworks/base/0026-Revert-LockSettingsService-Support-for-separate-clea.patch
new file mode 100644
index 0000000..d698d8f
--- /dev/null
+++ b/patches/frameworks/base/0026-Revert-LockSettingsService-Support-for-separate-clea.patch
@@ -0,0 +1,87 @@
+From bbccdea5094fdebb4e238c731699f434dd0bf708 Mon Sep 17 00:00:00 2001
+From: Jackeagle <jackeagle102@gmail.com>
+Date: Thu, 25 Apr 2019 05:34:02 +0200
+Subject: [PATCH 26/28] Revert "LockSettingsService: Support for separate clear
+ key api"
+
+This reverts commit 32b8f829d566bfd3d89c9b3eb018f0fc4d408e2d.
+---
+ .../android/os/storage/IStorageManager.aidl    |  1 -
+ .../android/server/StorageManagerService.java  | 18 ------------------
+ .../locksettings/LockSettingsService.java      | 14 +-------------
+ 3 files changed, 1 insertion(+), 32 deletions(-)
+
+diff --git a/core/java/android/os/storage/IStorageManager.aidl b/core/java/android/os/storage/IStorageManager.aidl
+index 49bc9e4d8d0..55a202fd3a6 100644
+--- a/core/java/android/os/storage/IStorageManager.aidl
++++ b/core/java/android/os/storage/IStorageManager.aidl
+@@ -187,5 +187,4 @@ interface IStorageManager {
+     void allocateBytes(String volumeUuid, long bytes, int flags, String callingPackage) = 78;
+     void runIdleMaintenance() = 79;
+     void abortIdleMaintenance() = 80;
+-    void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 81;
+ }
+diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
+index 14b02030714..7a726ce802c 100644
+--- a/services/core/java/com/android/server/StorageManagerService.java
++++ b/services/core/java/com/android/server/StorageManagerService.java
+@@ -2531,24 +2531,6 @@ class StorageManagerService extends IStorageManager.Stub
+         }
+     }
+ 
+-    /*
+-     * Clear disk encryption key bound to the associated token / secret pair. Removing the user
+-     * binding of the Disk encryption key is done in two phases: first, this call will retrieve
+-     * the disk encryption key using the provided token / secret pair and store it by
+-     * encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth
+-     * is called to delete all other bindings of the disk encryption key.
+-     */
+-    @Override
+-    public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {
+-        enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
+-
+-        try {
+-            mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));
+-        } catch (Exception e) {
+-            Slog.wtf(TAG, e);
+-        }
+-    }
+-
+     /*
+      * Delete all disk encryption token/secret pairs except the most recently added one
+      */
+diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
+index edd68b7d2eb..faf5a09e91b 100644
+--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
++++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
+@@ -1568,18 +1568,6 @@ public class LockSettingsService extends ILockSettings.Stub {
+         addUserKeyAuth(userId, null, null);
+     }
+ 
+-    private void clearUserKeyAuth(int userId, byte[] token, byte[] secret) throws RemoteException {
+-        if (DEBUG) Slog.d(TAG, "clearUserKeyProtection user=" + userId);
+-        final UserInfo userInfo = mUserManager.getUserInfo(userId);
+-        final IStorageManager storageManager = mInjector.getStorageManager();
+-        final long callingId = Binder.clearCallingIdentity();
+-        try {
+-            storageManager.clearUserKeyAuth(userId, userInfo.serialNumber, token, secret);
+-        } finally {
+-            Binder.restoreCallingIdentity(callingId);
+-        }
+-    }
+-
+     private static byte[] secretFromCredential(String credential) throws RemoteException {
+         try {
+             MessageDigest digest = MessageDigest.getInstance("SHA-512");
+@@ -2530,7 +2518,7 @@ public class LockSettingsService extends ILockSettings.Stub {
+             getGateKeeperService().clearSecureUserId(userId);
+             // Clear key from vold so ActivityManager can just unlock the user with empty secret
+             // during boot.
+-            clearUserKeyAuth(userId, null, auth.deriveDiskEncryptionKey());
++            clearUserKeyProtection(userId);
+             fixateNewestUserKeyAuth(userId);
+             setKeystorePassword(null, userId);
+         }
+-- 
+2.21.0
+