Snap for 4778776 from a229dac0e7 to pi-release

Change-Id: I343a17b8d7a69aace12031bc26c3888b21ae8356
2018-05-13 07:25:09 +00:00 · 2018-05-13 07:25:09 +00:00 · 95f87153b9
commit 95f87153b9
parent 71b3133394 a229dac0e7
3 changed files with 10 additions and 2 deletions
--- a/Keymaster.cpp
+++ b/Keymaster.cpp
@ -96,8 +96,14 @@ bool KeymasterOperation::finish(std::string* output) {
    return true;
 }

+/* static */ bool Keymaster::hmacKeyGenerated = false;
+
 Keymaster::Keymaster() {
    auto devices = KmDevice::enumerateAvailableDevices();
+    if (!hmacKeyGenerated) {
+        KmDevice::performHmacKeyAgreement(devices);
+        hmacKeyGenerated = true;
+    }
    for (auto& dev : devices) {
        // Explicitly avoid using STRONGBOX for now.
        // TODO: Re-enable STRONGBOX, since it's what we really want. b/77338527
--- a/Keymaster.h
+++ b/Keymaster.h
@ -117,6 +117,7 @@ class Keymaster {
  private:
    std::unique_ptr<KmDevice> mDevice;
    DISALLOW_COPY_AND_ASSIGN(Keymaster);
+    static bool hmacKeyGenerated;
 };

 }  // namespace vold
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@ -79,9 +79,10 @@ static bool read_key(struct fstab_rec const* data_rec, bool create_if_absent, Ke
    }
    std::string key_dir = data_rec->key_dir;
    auto dir = key_dir + "/key";
-    LOG(DEBUG) << "key_dir/key: " << key;
-    if (!fs_mkdirs(dir.c_str(), 0700)) {
+    LOG(DEBUG) << "key_dir/key: " << dir;
+    if (fs_mkdirs(dir.c_str(), 0700)) {
        PLOG(ERROR) << "Creating directories: " << dir;
+        return false;
    }
    auto temp = key_dir + "/tmp";
    if (!android::vold::retrieveKey(create_if_absent, dir, temp, key)) return false;