vold: add getUnlockedUsers() method to Binder interface

This is needed so that system_server can remind itself about which users
have their storage unlocked, if system_server is restarted due to a
userspace reboot (soft restart).

Bug: 146206679
Test: see I482ed8017f7bbc8f7d4fd5a2c0f58629317ce4ed
Change-Id: I02f0494d827094bd41bcfe5f63c24e204b728595
(cherry picked from commit 1799debfd6)
This commit is contained in:
Eric Biggers 2021-04-06 12:02:56 -07:00
parent 08873d0d7d
commit 18ba15223c
5 changed files with 20 additions and 0 deletions

View file

@ -730,6 +730,14 @@ bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) {
return true; return true;
} }
std::vector<int> fscrypt_get_unlocked_users() {
std::vector<int> user_ids;
for (const auto& it : s_ce_policies) {
user_ids.push_back(it.first);
}
return user_ids;
}
// TODO: rename to 'install' for consistency, and take flags to know which keys to install // TODO: rename to 'install' for consistency, and take flags to know which keys to install
bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) { bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret_hex) {
LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial; LOG(DEBUG) << "fscrypt_unlock_user_key " << user_id << " serial=" << serial;

View file

@ -15,6 +15,7 @@
*/ */
#include <string> #include <string>
#include <vector>
#include <cutils/multiuser.h> #include <cutils/multiuser.h>
@ -27,6 +28,7 @@ bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string&
bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& secret); bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& secret);
bool fscrypt_fixate_newest_user_key_auth(userid_t user_id); bool fscrypt_fixate_newest_user_key_auth(userid_t user_id);
std::vector<int> fscrypt_get_unlocked_users();
bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret); bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret);
bool fscrypt_lock_user_key(userid_t user_id); bool fscrypt_lock_user_key(userid_t user_id);

View file

@ -764,6 +764,14 @@ binder::Status VoldNativeService::fixateNewestUserKeyAuth(int32_t userId) {
return translateBool(fscrypt_fixate_newest_user_key_auth(userId)); return translateBool(fscrypt_fixate_newest_user_key_auth(userId));
} }
binder::Status VoldNativeService::getUnlockedUsers(std::vector<int>* _aidl_return) {
ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_CRYPT_LOCK;
*_aidl_return = fscrypt_get_unlocked_users();
return Ok();
}
binder::Status VoldNativeService::unlockUserKey(int32_t userId, int32_t userSerial, binder::Status VoldNativeService::unlockUserKey(int32_t userId, int32_t userSerial,
const std::string& token, const std::string& token,
const std::string& secret) { const std::string& secret) {

View file

@ -127,6 +127,7 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn
const std::string& secret); const std::string& secret);
binder::Status fixateNewestUserKeyAuth(int32_t userId); binder::Status fixateNewestUserKeyAuth(int32_t userId);
binder::Status getUnlockedUsers(std::vector<int>* _aidl_return);
binder::Status unlockUserKey(int32_t userId, int32_t userSerial, const std::string& token, binder::Status unlockUserKey(int32_t userId, int32_t userSerial, const std::string& token,
const std::string& secret); const std::string& secret);
binder::Status lockUserKey(int32_t userId); binder::Status lockUserKey(int32_t userId);

View file

@ -102,6 +102,7 @@ interface IVold {
@utf8InCpp String secret); @utf8InCpp String secret);
void fixateNewestUserKeyAuth(int userId); void fixateNewestUserKeyAuth(int userId);
int[] getUnlockedUsers();
void unlockUserKey(int userId, int userSerial, @utf8InCpp String token, void unlockUserKey(int userId, int userSerial, @utf8InCpp String token,
@utf8InCpp String secret); @utf8InCpp String secret);
void lockUserKey(int userId); void lockUserKey(int userId);