patches/frameworks/base/0026-Revert-LockSettingsService-Support-for-separate-clea.patch - treble_patches - Gitiles

 From 5e4bf328d5d2c884b85ea2a5c1ba52380e0f77e6 Mon Sep 17 00:00:00 2001
 From: Jackeagle <jackeagle102@gmail.com>
 Date: Thu, 25 Apr 2019 05:34:02 +0200
 Subject: [PATCH 26/28] Revert "LockSettingsService: Support for separate clear
  key api"

 This reverts commit 32b8f829d566bfd3d89c9b3eb018f0fc4d408e2d.
 ---
  .../android/os/storage/IStorageManager.aidl    |  1 -
  .../android/server/StorageManagerService.java  | 18 ------------------
  .../locksettings/LockSettingsService.java      | 14 +-------------
  3 files changed, 1 insertion(+), 32 deletions(-)

 diff --git a/core/java/android/os/storage/IStorageManager.aidl b/core/java/android/os/storage/IStorageManager.aidl
 index 49bc9e4d8d0..55a202fd3a6 100644
 --- a/core/java/android/os/storage/IStorageManager.aidl
 +++ b/core/java/android/os/storage/IStorageManager.aidl
 @@ -187,5 +187,4 @@ interface IStorageManager {
      void allocateBytes(String volumeUuid, long bytes, int flags, String callingPackage) = 78;
      void runIdleMaintenance() = 79;
      void abortIdleMaintenance() = 80;
 -    void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 81;
  }
 diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
 index 14b02030714..7a726ce802c 100644
 --- a/services/core/java/com/android/server/StorageManagerService.java
 +++ b/services/core/java/com/android/server/StorageManagerService.java
 @@ -2531,24 +2531,6 @@ class StorageManagerService extends IStorageManager.Stub
          }
      }

 -    /*
 -     * Clear disk encryption key bound to the associated token / secret pair. Removing the user
 -     * binding of the Disk encryption key is done in two phases: first, this call will retrieve
 -     * the disk encryption key using the provided token / secret pair and store it by
 -     * encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth
 -     * is called to delete all other bindings of the disk encryption key.
 -     */
 -    @Override
 -    public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {
 -        enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
 -
 -        try {
 -            mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));
 -        } catch (Exception e) {
 -            Slog.wtf(TAG, e);
 -        }
 -    }
 -
      /*
       * Delete all disk encryption token/secret pairs except the most recently added one
       */
 diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
 index edd68b7d2eb..faf5a09e91b 100644
 --- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
 +++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
 @@ -1568,18 +1568,6 @@ public class LockSettingsService extends ILockSettings.Stub {
          addUserKeyAuth(userId, null, null);
      }

 -    private void clearUserKeyAuth(int userId, byte[] token, byte[] secret) throws RemoteException {
 -        if (DEBUG) Slog.d(TAG, "clearUserKeyProtection user=" + userId);
 -        final UserInfo userInfo = mUserManager.getUserInfo(userId);
 -        final IStorageManager storageManager = mInjector.getStorageManager();
 -        final long callingId = Binder.clearCallingIdentity();
 -        try {
 -            storageManager.clearUserKeyAuth(userId, userInfo.serialNumber, token, secret);
 -        } finally {
 -            Binder.restoreCallingIdentity(callingId);
 -        }
 -    }
 -
      private static byte[] secretFromCredential(String credential) throws RemoteException {
          try {
              MessageDigest digest = MessageDigest.getInstance("SHA-512");
 @@ -2530,7 +2518,7 @@ public class LockSettingsService extends ILockSettings.Stub {
              getGateKeeperService().clearSecureUserId(userId);
              // Clear key from vold so ActivityManager can just unlock the user with empty secret
              // during boot.
 -            clearUserKeyAuth(userId, null, auth.deriveDiskEncryptionKey());
 +            clearUserKeyProtection(userId);
              fixateNewestUserKeyAuth(userId);
              setKeystorePassword(null, userId);
          }
 --
 2.21.0
	From 5e4bf328d5d2c884b85ea2a5c1ba52380e0f77e6 Mon Sep 17 00:00:00 2001
	From: Jackeagle <jackeagle102@gmail.com>
	Date: Thu, 25 Apr 2019 05:34:02 +0200
	Subject: [PATCH 26/28] Revert "LockSettingsService: Support for separate clear
	key api"

	This reverts commit 32b8f829d566bfd3d89c9b3eb018f0fc4d408e2d.
	---
	.../android/os/storage/IStorageManager.aidl \| 1 -
	.../android/server/StorageManagerService.java \| 18 ------------------
	.../locksettings/LockSettingsService.java \| 14 +-------------
	3 files changed, 1 insertion(+), 32 deletions(-)

	diff --git a/core/java/android/os/storage/IStorageManager.aidl b/core/java/android/os/storage/IStorageManager.aidl
	index 49bc9e4d8d0..55a202fd3a6 100644
	--- a/core/java/android/os/storage/IStorageManager.aidl
	+++ b/core/java/android/os/storage/IStorageManager.aidl
	@@ -187,5 +187,4 @@ interface IStorageManager {
	void allocateBytes(String volumeUuid, long bytes, int flags, String callingPackage) = 78;
	void runIdleMaintenance() = 79;
	void abortIdleMaintenance() = 80;
	- void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 81;
	}
	diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
	index 14b02030714..7a726ce802c 100644
	--- a/services/core/java/com/android/server/StorageManagerService.java
	+++ b/services/core/java/com/android/server/StorageManagerService.java
	@@ -2531,24 +2531,6 @@ class StorageManagerService extends IStorageManager.Stub
	}
	}

	- /*
	- * Clear disk encryption key bound to the associated token / secret pair. Removing the user
	- * binding of the Disk encryption key is done in two phases: first, this call will retrieve
	- * the disk encryption key using the provided token / secret pair and store it by
	- * encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth
	- * is called to delete all other bindings of the disk encryption key.
	- */
	- @Override
	- public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {
	- enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
	-
	- try {
	- mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));
	- } catch (Exception e) {
	- Slog.wtf(TAG, e);
	- }
	- }
	-
	/*
	* Delete all disk encryption token/secret pairs except the most recently added one
	*/
	diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
	index edd68b7d2eb..faf5a09e91b 100644
	--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
	+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
	@@ -1568,18 +1568,6 @@ public class LockSettingsService extends ILockSettings.Stub {
	addUserKeyAuth(userId, null, null);
	}

	- private void clearUserKeyAuth(int userId, byte[] token, byte[] secret) throws RemoteException {
	- if (DEBUG) Slog.d(TAG, "clearUserKeyProtection user=" + userId);
	- final UserInfo userInfo = mUserManager.getUserInfo(userId);
	- final IStorageManager storageManager = mInjector.getStorageManager();
	- final long callingId = Binder.clearCallingIdentity();
	- try {
	- storageManager.clearUserKeyAuth(userId, userInfo.serialNumber, token, secret);
	- } finally {
	- Binder.restoreCallingIdentity(callingId);
	- }
	- }
	-
	private static byte[] secretFromCredential(String credential) throws RemoteException {
	try {
	MessageDigest digest = MessageDigest.getInstance("SHA-512");
	@@ -2530,7 +2518,7 @@ public class LockSettingsService extends ILockSettings.Stub {
	getGateKeeperService().clearSecureUserId(userId);
	// Clear key from vold so ActivityManager can just unlock the user with empty secret
	// during boot.
	- clearUserKeyAuth(userId, null, auth.deriveDiskEncryptionKey());
	+ clearUserKeyProtection(userId);
	fixateNewestUserKeyAuth(userId);
	setKeystorePassword(null, userId);
	}
	--
	2.21.0