Blame - patches/frameworks/base/0026-Revert-LockSettingsService-Support-for-separate-clea.patch - treble_patches

blob: d698d8f9e0513479b346c9a14240e744d0f0a054 [file] [log] [blame]

Jackeagle	5b8a0da	2019-04-25 06:24:48 +0200	[diff] [blame^]	1	From bbccdea5094fdebb4e238c731699f434dd0bf708 Mon Sep 17 00:00:00 2001
				2	From: Jackeagle <jackeagle102@gmail.com>
				3	Date: Thu, 25 Apr 2019 05:34:02 +0200
				4	Subject: [PATCH 26/28] Revert "LockSettingsService: Support for separate clear
				5	key api"
				6
				7	This reverts commit 32b8f829d566bfd3d89c9b3eb018f0fc4d408e2d.
				8	---
				9	.../android/os/storage/IStorageManager.aidl \| 1 -
				10	.../android/server/StorageManagerService.java \| 18 ------------------
				11	.../locksettings/LockSettingsService.java \| 14 +-------------
				12	3 files changed, 1 insertion(+), 32 deletions(-)
				13
				14	diff --git a/core/java/android/os/storage/IStorageManager.aidl b/core/java/android/os/storage/IStorageManager.aidl
				15	index 49bc9e4d8d0..55a202fd3a6 100644
				16	--- a/core/java/android/os/storage/IStorageManager.aidl
				17	+++ b/core/java/android/os/storage/IStorageManager.aidl
				18	@@ -187,5 +187,4 @@ interface IStorageManager {
				19	void allocateBytes(String volumeUuid, long bytes, int flags, String callingPackage) = 78;
				20	void runIdleMaintenance() = 79;
				21	void abortIdleMaintenance() = 80;
				22	- void clearUserKeyAuth(int userId, int serialNumber, in byte[] token, in byte[] secret) = 81;
				23	}
				24	diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
				25	index 14b02030714..7a726ce802c 100644
				26	--- a/services/core/java/com/android/server/StorageManagerService.java
				27	+++ b/services/core/java/com/android/server/StorageManagerService.java
				28	@@ -2531,24 +2531,6 @@ class StorageManagerService extends IStorageManager.Stub
				29	}
				30	}
				31
				32	- /*
				33	- * Clear disk encryption key bound to the associated token / secret pair. Removing the user
				34	- * binding of the Disk encryption key is done in two phases: first, this call will retrieve
				35	- * the disk encryption key using the provided token / secret pair and store it by
				36	- * encrypting it with a keymaster key not bound to the user, then fixateNewestUserKeyAuth
				37	- * is called to delete all other bindings of the disk encryption key.
				38	- */
				39	- @Override
				40	- public void clearUserKeyAuth(int userId, int serialNumber, byte[] token, byte[] secret) {
				41	- enforcePermission(android.Manifest.permission.STORAGE_INTERNAL);
				42	-
				43	- try {
				44	- mVold.clearUserKeyAuth(userId, serialNumber, encodeBytes(token), encodeBytes(secret));
				45	- } catch (Exception e) {
				46	- Slog.wtf(TAG, e);
				47	- }
				48	- }
				49	-
				50	/*
				51	* Delete all disk encryption token/secret pairs except the most recently added one
				52	*/
				53	diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
				54	index edd68b7d2eb..faf5a09e91b 100644
				55	--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
				56	+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
				57	@@ -1568,18 +1568,6 @@ public class LockSettingsService extends ILockSettings.Stub {
				58	addUserKeyAuth(userId, null, null);
				59	}
				60
				61	- private void clearUserKeyAuth(int userId, byte[] token, byte[] secret) throws RemoteException {
				62	- if (DEBUG) Slog.d(TAG, "clearUserKeyProtection user=" + userId);
				63	- final UserInfo userInfo = mUserManager.getUserInfo(userId);
				64	- final IStorageManager storageManager = mInjector.getStorageManager();
				65	- final long callingId = Binder.clearCallingIdentity();
				66	- try {
				67	- storageManager.clearUserKeyAuth(userId, userInfo.serialNumber, token, secret);
				68	- } finally {
				69	- Binder.restoreCallingIdentity(callingId);
				70	- }
				71	- }
				72	-
				73	private static byte[] secretFromCredential(String credential) throws RemoteException {
				74	try {
				75	MessageDigest digest = MessageDigest.getInstance("SHA-512");
				76	@@ -2530,7 +2518,7 @@ public class LockSettingsService extends ILockSettings.Stub {
				77	getGateKeeperService().clearSecureUserId(userId);
				78	// Clear key from vold so ActivityManager can just unlock the user with empty secret
				79	// during boot.
				80	- clearUserKeyAuth(userId, null, auth.deriveDiskEncryptionKey());
				81	+ clearUserKeyProtection(userId);
				82	fixateNewestUserKeyAuth(userId);
				83	setKeystorePassword(null, userId);
				84	}
				85	--
				86	2.21.0
				87