Avoid error message when destroying key w/o secdiscardable file

Since commit 08f4bdfe98 ("Don't use a secdiscardable file for keys
encrypted by SP") (https://r.android.com/2242561), some keys don't use a
secdiscardable file.  Currently if such a key is destroyed, an ERROR
message like the following is logged:

    E secdiscard: Secure discard open failed for: /data/misc/vold/user_keys/ce/14/current/secdiscardable

This case is expected, so it should not be an ERROR.  Fix this by only
passing the secdiscardable file to the secdiscard program if it exists.

Bug: 232452368
Change-Id: I490289dfdaf0db6c3f4fb507509095e0033e2f69
This commit is contained in:
Eric Biggers 2023-03-03 19:39:24 +00:00
parent 826eef6b33
commit 73e2936fc2

View file

@ -660,8 +660,11 @@ bool destroyKey(const std::string& dir) {
kSecdiscardPath, kSecdiscardPath,
"--", "--",
dir + "/" + kFn_encrypted_key, dir + "/" + kFn_encrypted_key,
dir + "/" + kFn_secdiscardable,
}; };
auto secdiscardable = dir + "/" + kFn_secdiscardable;
if (pathExists(secdiscardable)) {
secdiscard_cmd.push_back(secdiscardable);
}
// Try each thing, even if previous things failed. // Try each thing, even if previous things failed.
for (auto& fn : {kFn_keymaster_key_blob, kFn_keymaster_key_blob_upgraded}) { for (auto& fn : {kFn_keymaster_key_blob, kFn_keymaster_key_blob_upgraded}) {