Merge "Add IVold::destroyDsuMetadataKey()" am: cb581cc8de

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1452395

Change-Id: I6241d71e331eebe0222696a052e40d2222a9c537
This commit is contained in:
Yo Chiang 2020-10-26 05:49:35 +00:00 committed by Automerger Merge Worker
commit 3ae0c6737c
6 changed files with 54 additions and 0 deletions

View file

@ -54,6 +54,7 @@ cc_defaults {
"libdiskconfig", "libdiskconfig",
"libext4_utils", "libext4_utils",
"libf2fs_sparseblock", "libf2fs_sparseblock",
"libgsi",
"libhardware", "libhardware",
"libhardware_legacy", "libhardware_legacy",
"libincfs", "libincfs",

View file

@ -35,6 +35,7 @@
#include <cutils/fs.h> #include <cutils/fs.h>
#include <fs_mgr.h> #include <fs_mgr.h>
#include <libdm/dm.h> #include <libdm/dm.h>
#include <libgsi/libgsi.h>
#include "Checkpoint.h" #include "Checkpoint.h"
#include "CryptoType.h" #include "CryptoType.h"
@ -352,5 +353,44 @@ bool defaultkey_setup_ext_volume(const std::string& label, const std::string& bl
return create_crypto_blk_dev(label, blk_device, key, options, out_crypto_blkdev, &nr_sec); return create_crypto_blk_dev(label, blk_device, key, options, out_crypto_blkdev, &nr_sec);
} }
bool destroy_dsu_metadata_key(const std::string& dsu_slot) {
LOG(DEBUG) << "destroy_dsu_metadata_key: " << dsu_slot;
const auto dsu_metadata_key_dir = android::gsi::GetDsuMetadataKeyDir(dsu_slot);
if (!pathExists(dsu_metadata_key_dir)) {
LOG(DEBUG) << "DSU metadata_key_dir doesn't exist, nothing to remove: "
<< dsu_metadata_key_dir;
return true;
}
// Ensure that the DSU key directory is different from the host OS'.
// Under normal circumstances, this should never happen, but handle it just in case.
if (auto data_rec = GetEntryForMountPoint(&fstab_default, "/data")) {
if (dsu_metadata_key_dir == data_rec->metadata_key_dir) {
LOG(ERROR) << "DSU metadata_key_dir is same as host OS: " << dsu_metadata_key_dir;
return false;
}
}
bool ok = true;
for (auto suffix : {"/key", "/tmp"}) {
const auto key_path = dsu_metadata_key_dir + suffix;
if (pathExists(key_path)) {
LOG(DEBUG) << "Destroy key: " << key_path;
if (!android::vold::destroyKey(key_path)) {
LOG(ERROR) << "Failed to destroyKey(): " << key_path;
ok = false;
}
}
}
if (!ok) {
return false;
}
LOG(DEBUG) << "Remove DSU metadata_key_dir: " << dsu_metadata_key_dir;
// DeleteDirContentsAndDir() already logged any error, so don't log repeatedly.
return android::vold::DeleteDirContentsAndDir(dsu_metadata_key_dir) == android::OK;
}
} // namespace vold } // namespace vold
} // namespace android } // namespace android

View file

@ -34,6 +34,8 @@ bool defaultkey_setup_ext_volume(const std::string& label, const std::string& bl
const android::vold::KeyBuffer& key, const android::vold::KeyBuffer& key,
std::string* out_crypto_blkdev); std::string* out_crypto_blkdev);
bool destroy_dsu_metadata_key(const std::string& dsu_slot);
} // namespace vold } // namespace vold
} // namespace android } // namespace android
#endif #endif

View file

@ -950,5 +950,12 @@ binder::Status VoldNativeService::bindMount(const std::string& sourceDir,
return translate(incfs::bindMount(sourceDir, targetDir)); return translate(incfs::bindMount(sourceDir, targetDir));
} }
binder::Status VoldNativeService::destroyDsuMetadataKey(const std::string& dsuSlot) {
ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_LOCK;
return translateBool(destroy_dsu_metadata_key(dsuSlot));
}
} // namespace vold } // namespace vold
} // namespace android } // namespace android

View file

@ -159,6 +159,8 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn
const ::android::os::incremental::IncrementalFileSystemControlParcel& control, const ::android::os::incremental::IncrementalFileSystemControlParcel& control,
bool enableReadLogs) override; bool enableReadLogs) override;
binder::Status bindMount(const std::string& sourceDir, const std::string& targetDir) override; binder::Status bindMount(const std::string& sourceDir, const std::string& targetDir) override;
binder::Status destroyDsuMetadataKey(const std::string& dsuSlot) override;
}; };
} // namespace vold } // namespace vold

View file

@ -139,6 +139,8 @@ interface IVold {
void setIncFsMountOptions(in IncrementalFileSystemControlParcel control, boolean enableReadLogs); void setIncFsMountOptions(in IncrementalFileSystemControlParcel control, boolean enableReadLogs);
void bindMount(@utf8InCpp String sourceDir, @utf8InCpp String targetDir); void bindMount(@utf8InCpp String sourceDir, @utf8InCpp String targetDir);
void destroyDsuMetadataKey(@utf8InCpp String dsuSlot);
const int ENCRYPTION_FLAG_NO_UI = 4; const int ENCRYPTION_FLAG_NO_UI = 4;
const int ENCRYPTION_STATE_NONE = 1; const int ENCRYPTION_STATE_NONE = 1;