From 18ba15223ccb9eb4a1d73af04a8a85e6aa68fd15 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Tue, 6 Apr 2021 12:02:56 -0700 Subject: [PATCH] vold: add getUnlockedUsers() method to Binder interface This is needed so that system_server can remind itself about which users have their storage unlocked, if system_server is restarted due to a userspace reboot (soft restart). Bug: 146206679 Test: see I482ed8017f7bbc8f7d4fd5a2c0f58629317ce4ed Change-Id: I02f0494d827094bd41bcfe5f63c24e204b728595 (cherry picked from commit 1799debfd6561ca7348880bb59ad8c059f4891b0) --- FsCrypt.cpp | 8 ++++++++ FsCrypt.h | 2 ++ VoldNativeService.cpp | 8 ++++++++ VoldNativeService.h | 1 + binder/android/os/IVold.aidl | 1 + 5 files changed, 20 insertions(+) diff --git a/FsCrypt.cpp b/FsCrypt.cpp index cfa74e0..04def5c 100644 --- a/FsCrypt.cpp +++ b/FsCrypt.cpp @@ -730,6 +730,14 @@ bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) { return true; } +std::vector fscrypt_get_unlocked_users() { + std::vector user_ids; + for (const auto& it : s_ce_policies) { + user_ids.push_back(it.first); + } + return user_ids; +} + // TODO: rename to 'install' for consistency, and take flags to know which keys to install bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) { LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial; diff --git a/FsCrypt.h b/FsCrypt.h index 96159d5..2946be5 100644 --- a/FsCrypt.h +++ b/FsCrypt.h @@ -15,6 +15,7 @@ */ #include +#include #include @@ -27,6 +28,7 @@ bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& secret); bool fscrypt_fixate_newest_user_key_auth(userid_t user_id); +std::vector fscrypt_get_unlocked_users(); bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret); bool fscrypt_lock_user_key(userid_t user_id); diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp index 938e7db..5ea72bb 100644 --- a/VoldNativeService.cpp +++ b/VoldNativeService.cpp @@ -764,6 +764,14 @@ binder::Status VoldNativeService::fixateNewestUserKeyAuth(int32_t userId) { return translateBool(fscrypt_fixate_newest_user_key_auth(userId)); } +binder::Status VoldNativeService::getUnlockedUsers(std::vector* _aidl_return) { + ENFORCE_SYSTEM_OR_ROOT; + ACQUIRE_CRYPT_LOCK; + + *_aidl_return = fscrypt_get_unlocked_users(); + return Ok(); +} + binder::Status VoldNativeService::unlockUserKey(int32_t userId, int32_t userSerial, const std::string& token, const std::string& secret) { diff --git a/VoldNativeService.h b/VoldNativeService.h index 123f127..33d0f3a 100644 --- a/VoldNativeService.h +++ b/VoldNativeService.h @@ -127,6 +127,7 @@ class VoldNativeService : public BinderService, public os::Bn const std::string& secret); binder::Status fixateNewestUserKeyAuth(int32_t userId); + binder::Status getUnlockedUsers(std::vector* _aidl_return); binder::Status unlockUserKey(int32_t userId, int32_t userSerial, const std::string& token, const std::string& secret); binder::Status lockUserKey(int32_t userId); diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl index fd134c5..62685e5 100644 --- a/binder/android/os/IVold.aidl +++ b/binder/android/os/IVold.aidl @@ -102,6 +102,7 @@ interface IVold { @utf8InCpp String secret); void fixateNewestUserKeyAuth(int userId); + int[] getUnlockedUsers(); void unlockUserKey(int userId, int userSerial, @utf8InCpp String token, @utf8InCpp String secret); void lockUserKey(int userId);