In attestKey we did not check a return value after retrieving a key
blob. This results in a segfault if an attestation is requested on a non
existent or corrupted key.
Bug: 135907940
Merged-In: I1e84d334bb93ac878b63e15a59c35631f9e6e397
Change-Id: I1e84d334bb93ac878b63e15a59c35631f9e6e397
Keystore was conceptually single threaded. Even with the introduction of
Keymaster workers it was always assumed that the service dispatcher
thread was single threaded. The wifi keystore service, however, calls
into the keystore service concurrently.
This patch adds a lock around all keystore service entry points to make
sure all dispatcher executions are serialised despite being called from
both the binder and hwbinder service thread.
Bug: 128810613
Bug: 129145334
Bug: 128774635
Bug: 130045583
Bug: 131622568
Test: Regressions tested with Keystore CTS test suite.
Merged-In: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Change-Id: I8c5602d2c2cb1dd9423df713037e99b247cee71f
(cherry picked from commit 4ea6d7a447)
Keystore was conceptually single threaded. Even with the introduction of
Keymaster workers it was always assumed that the service dispatcher
thread was single threaded. The wifi keystore service, however, calls
into the keystore service concurrently.
This patch adds a lock around all keystore service entry points to make
sure all dispatcher executions are serialised despite being called from
both the binder and hwbinder service thread.
Bug: 128810613
Bug: 129145334
Bug: 128774635
Bug: 130045583
Bug: 131622568
Test: Regressions tested with Keystore CTS test suite.
Merged-In: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Change-Id: I8c5602d2c2cb1dd9423df713037e99b247cee71f
(cherry picked from commit 4ea6d7a447)
This does two things:
- makes sure that HALs configured as lazy HALs will be retrieved
- will detect bad manifest entries earlier
Bug: 131703193
Test: boot
Change-Id: I6a5290a3eb8b48cca2206d3e08897b0aca0e69b3
am: 48a4d0f64a -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 1849841b48 is in history
Change-Id: I8f556af5b0a5d302bc08ad424ea1f3ef9aac359a
am: 550cf87b04 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 1849841b48 is in history
Change-Id: I64cf5fc78ce7d4c9545180715f38ddbeb49cb53d
am: 7ba3854d5d -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 1849841b48 is in history
Change-Id: I01d77417e1400b7c7d4547920478c052826dce27
am: e583877904 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 1849841b48 is in history
Change-Id: I64158f8b9ca9c7ec1e67ae7a9f495f2857965a92
am: 1d898d107c -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 1849841b48 is in history
Change-Id: Iba35334932fe563e564f5c607503c6786a41cc6a
am: 27ba2054c0 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 54fcc9954b is in history
Change-Id: I63aa01522e358ee62f94fa8aa4ae2f881b6432ee
am: bf5f2ddd1e -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 54fcc9954b is in history
Change-Id: Ibd73fefb27ced4e992d2298845c5ad2d498a6b04
am: 2bfc0d9d73 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 54fcc9954b is in history
Change-Id: Ia55834ce7f458033a41868b0aca1247375cad0f9
am: 1849841b48 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 54fcc9954b is in history
Change-Id: If416ad7de274420185e1cdc497399560f99bcbad
Keystore was conceptually single threaded. Even with the introduction of
Keymaster workers it was always assumed that the service dispatcher
thread was single threaded. The wifi keystore service, however, calls
into the keystore service concurrently.
This patch adds a lock around all keystore service entry points to make
sure all dispatcher executions are serialised despite being called from
both the binder and hwbinder service thread.
Bug: 128810613
Bug: 129145334
Bug: 128774635
Bug: 130045583
Bug: 131622568
Test: Regressions tested with Keystore CTS test suite.
Merged-In: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Change-Id: I8c5602d2c2cb1dd9423df713037e99b247cee71f
(cherry picked from commit 54fcc9954b)
am: 15d53c8525 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 4ea6d7a447 is in history
Change-Id: I7ba2977ffb0a503c0d133469a75b995901e78782
am: cfbf8a4125 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 b50236a08b is in history
Change-Id: I8b1dfa0c89f996bd4c567cd9390812f4ea1d2ba4
am: e7f2c8fb9f -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 4ea6d7a447 is in history
Change-Id: Ib08d01e09c7b55f95d10117267bf4456d811d1ee
am: 54fcc9954b -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 4ea6d7a447 is in history
Change-Id: If834903f0f0266fd6b5713a4086742f356296769
am: 4ea6d7a447 -s ours
am skip reason: change_id I8c5602d2c2cb1dd9423df713037e99b247cee71f with SHA1 b50236a08b is in history
Change-Id: I5e6537d889463dc170fdb1ab5ebf05004422de34
am: 4378c8ffec -s ours
am skip reason: change_id Ifceece542d6f3536ad87d053145c7aa8dd6d6603 with SHA1 a359c67241 is in history
Change-Id: Icc67744554d5a68e221dce24a3cdcb0e0ffd66c4
The upgrade routine used to call KeyStore->del which purges the given
key blob from the keystore including all existing grants.
With this patch, upgrade only calls Keymaster::delete on the keyblobs
without purging it from the keystore. Also it only calls
Keymaster::delete once the upgrade key was successfully written to disk.
This patch also calls fsync on the directory containing keyblobs to
narrow the window in which keyblob may be lost due to power loss.
Bug: 110450771
Test: Upgrade path tested by manually creating a key, bumping the
patchlevel, using the key subsequently and inspecting the logs.
Change-Id: I89241b5d4033b270733ff61838ab9244fce28c60
This patch addes verbose logging whenever an error code in the vendor
error code range is returned by keymaster.
Bug: 123562864
Test: atest android.keystore.cts
Merged-In: Ifceece542d6f3536ad87d053145c7aa8dd6d6603
Change-Id: Ifceece542d6f3536ad87d053145c7aa8dd6d6603
Keystore was conceptually single threaded. Even with the introduction of
Keymaster workers it was always assumed that the service dispatcher
thread was single threaded. The wifi keystore service, however, calls
into the keystore service concurrently.
This patch adds a lock around all keystore service entry points to make
sure all dispatcher executions are serialised despite being called from
both the binder and hwbinder service thread.
Bug: 128810613
Bug: 129145334
Bug: 128774635
Bug: 130045583
Bug: 131622568
Test: Regressions tested with Keystore CTS test suite.
Merged-In: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Change-Id: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Keystore was conceptually single threaded. Even with the introduction of
Keymaster workers it was always assumed that the service dispatcher
thread was single threaded. The wifi keystore service, however, calls
into the keystore service concurrently.
This patch adds a lock around all keystore service entry points to make
sure all dispatcher executions are serialised despite being called from
both the binder and hwbinder service thread.
Bug: 128810613
Bug: 129145334
Bug: 128774635
Bug: 130045583
Bug: 131622568
Test: Regressions tested with Keystore CTS test suite.
Merged-In: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Change-Id: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Bug:117993149
This reverts commit 82640d48ff.
Reason for revert: removing this from May QPR & pi-dev.
Change-Id: Iba04236d0c662f6381c6d51f336ffa70510cb62f
(cherry picked from commit ea91b947820e41fb5d9f5b5f0a8ae9ae9e5c1794)
Bug:117993149
This reverts commit cb77797d66.
Reason for revert: removing this from May QPR & pi-dev.
Change-Id: I55eb358bd8ea8c82521ac07dbf37f4895fe3e8e9
(cherry picked from commit fab0e5d8e06fe23864c4f89df89271f8a55715a8)
Bug:117993149
This reverts commit cfe00de661.
Reason for revert: removing this from May QPR & pi-dev.
Change-Id: Id3d5381cedcbbb47a1014bdf521e1a1083aa2724
(cherry picked from commit e7a4f584dfb8558ab22e5e7620f00f515f04c4e0)
Keystore was conceptually single threaded. Even with the introduction of
Keymaster workers it was always assumed that the service dispatcher
thread was single threaded. The wifi keystore service, however, calls
into the keystore service concurrently.
This patch adds a lock around all keystore service entry points to make
sure all dispatcher executions are serialised despite being called from
both the binder and hwbinder service thread.
Bug: 128810613
Bug: 129145334
Bug: 128774635
Bug: 130045583
Bug: 131622568
Test: Regressions tested with Keystore CTS test suite.
Merged-In: I8c5602d2c2cb1dd9423df713037e99b247cee71f
Change-Id: I8c5602d2c2cb1dd9423df713037e99b247cee71f
