Remove userSerial param from vold methods that don't use it

createUserStorageKeys(), unlockCeStorage(), and prepareUserStorage()
have a user serial number parameter, but they don't actually do anything
with it except log it.  Remove this unnecessary parameter.

Bug: 316035110
Test: presubmit
Flag: N/A, mechanical refactoring
Change-Id: I73ebae1afb2bdb7ca856b40b34ce806fdda718fe
This commit is contained in:
Eric Biggers 2023-12-12 23:53:55 +00:00
parent 69c4d769ed
commit a5a468c431
5 changed files with 23 additions and 29 deletions

View file

@ -603,7 +603,7 @@ bool fscrypt_init_user0() {
// only prepare DE storage here, since user 0's CE key won't be installed // only prepare DE storage here, since user 0's CE key won't be installed
// yet unless it was just created. The framework will prepare the user's CE // yet unless it was just created. The framework will prepare the user's CE
// storage later, once their CE key is installed. // storage later, once their CE key is installed.
if (!fscrypt_prepare_user_storage("", 0, 0, android::os::IVold::STORAGE_FLAG_DE)) { if (!fscrypt_prepare_user_storage("", 0, android::os::IVold::STORAGE_FLAG_DE)) {
LOG(ERROR) << "Failed to prepare user 0 storage"; LOG(ERROR) << "Failed to prepare user 0 storage";
return false; return false;
} }
@ -613,14 +613,14 @@ bool fscrypt_init_user0() {
} }
// Creates the CE and DE keys for a new user. // Creates the CE and DE keys for a new user.
bool fscrypt_create_user_keys(userid_t user_id, int serial, bool ephemeral) { bool fscrypt_create_user_keys(userid_t user_id, bool ephemeral) {
LOG(DEBUG) << "fscrypt_create_user_keys for " << user_id << " serial " << serial; LOG(DEBUG) << "fscrypt_create_user_keys for " << user_id;
if (!IsFbeEnabled()) { if (!IsFbeEnabled()) {
return true; return true;
} }
// FIXME test for existence of key that is not loaded yet // FIXME test for existence of key that is not loaded yet
if (s_ce_policies.count(user_id) != 0) { if (s_ce_policies.count(user_id) != 0) {
LOG(ERROR) << "Already exists, can't create keys for " << user_id << " serial " << serial; LOG(ERROR) << "Already exists, can't create keys for " << user_id;
// FIXME should we fail the command? // FIXME should we fail the command?
return true; return true;
} }
@ -847,8 +847,8 @@ std::vector<int> fscrypt_get_unlocked_users() {
// Unlocks internal CE storage for the given user. This only unlocks internal storage, since // Unlocks internal CE storage for the given user. This only unlocks internal storage, since
// fscrypt_prepare_user_storage() has to be called for each adoptable storage volume anyway (since // fscrypt_prepare_user_storage() has to be called for each adoptable storage volume anyway (since
// the volume might have been absent when the user was created), and that handles the unlocking. // the volume might have been absent when the user was created), and that handles the unlocking.
bool fscrypt_unlock_ce_storage(userid_t user_id, int serial, const std::string& secret_hex) { bool fscrypt_unlock_ce_storage(userid_t user_id, const std::string& secret_hex) {
LOG(DEBUG) << "fscrypt_unlock_ce_storage " << user_id << " serial=" << serial; LOG(DEBUG) << "fscrypt_unlock_ce_storage " << user_id;
if (!IsFbeEnabled()) return true; if (!IsFbeEnabled()) return true;
if (s_ce_policies.count(user_id) != 0) { if (s_ce_policies.count(user_id) != 0) {
LOG(WARNING) << "CE storage for user " << user_id << " is already unlocked"; LOG(WARNING) << "CE storage for user " << user_id << " is already unlocked";
@ -883,10 +883,9 @@ static bool prepare_subdirs(const std::string& action, const std::string& volume
return true; return true;
} }
bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial, bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int flags) {
int flags) {
LOG(DEBUG) << "fscrypt_prepare_user_storage for volume " << escape_empty(volume_uuid) LOG(DEBUG) << "fscrypt_prepare_user_storage for volume " << escape_empty(volume_uuid)
<< ", user " << user_id << ", serial " << serial << ", flags " << flags; << ", user " << user_id << ", flags " << flags;
// Internal storage must be prepared before adoptable storage, since the // Internal storage must be prepared before adoptable storage, since the
// user's volume keys are stored in their internal storage. // user's volume keys are stored in their internal storage.

View file

@ -23,17 +23,16 @@ bool fscrypt_initialize_systemwide_keys();
bool fscrypt_init_user0(); bool fscrypt_init_user0();
extern bool fscrypt_init_user0_done; extern bool fscrypt_init_user0_done;
bool fscrypt_create_user_keys(userid_t user_id, int serial, bool ephemeral); bool fscrypt_create_user_keys(userid_t user_id, bool ephemeral);
bool fscrypt_destroy_user_keys(userid_t user_id); bool fscrypt_destroy_user_keys(userid_t user_id);
bool fscrypt_set_ce_key_protection(userid_t user_id, const std::string& secret); bool fscrypt_set_ce_key_protection(userid_t user_id, const std::string& secret);
void fscrypt_deferred_fixate_ce_keys(); void fscrypt_deferred_fixate_ce_keys();
std::vector<int> fscrypt_get_unlocked_users(); std::vector<int> fscrypt_get_unlocked_users();
bool fscrypt_unlock_ce_storage(userid_t user_id, int serial, const std::string& secret); bool fscrypt_unlock_ce_storage(userid_t user_id, const std::string& secret);
bool fscrypt_lock_ce_storage(userid_t user_id); bool fscrypt_lock_ce_storage(userid_t user_id);
bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial, bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
int flags);
bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags); bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
bool fscrypt_destroy_volume_keys(const std::string& volume_uuid); bool fscrypt_destroy_volume_keys(const std::string& volume_uuid);

View file

@ -607,12 +607,11 @@ binder::Status VoldNativeService::setStorageBindingSeed(const std::vector<uint8_
return translateBool(setKeyStorageBindingSeed(seed)); return translateBool(setKeyStorageBindingSeed(seed));
} }
binder::Status VoldNativeService::createUserStorageKeys(int32_t userId, int32_t userSerial, binder::Status VoldNativeService::createUserStorageKeys(int32_t userId, bool ephemeral) {
bool ephemeral) {
ENFORCE_SYSTEM_OR_ROOT; ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_CRYPT_LOCK; ACQUIRE_CRYPT_LOCK;
return translateBool(fscrypt_create_user_keys(userId, userSerial, ephemeral)); return translateBool(fscrypt_create_user_keys(userId, ephemeral));
} }
binder::Status VoldNativeService::destroyUserStorageKeys(int32_t userId) { binder::Status VoldNativeService::destroyUserStorageKeys(int32_t userId) {
@ -638,12 +637,11 @@ binder::Status VoldNativeService::getUnlockedUsers(std::vector<int>* _aidl_retur
return Ok(); return Ok();
} }
binder::Status VoldNativeService::unlockCeStorage(int32_t userId, int32_t userSerial, binder::Status VoldNativeService::unlockCeStorage(int32_t userId, const std::string& secret) {
const std::string& secret) {
ENFORCE_SYSTEM_OR_ROOT; ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_CRYPT_LOCK; ACQUIRE_CRYPT_LOCK;
return translateBool(fscrypt_unlock_ce_storage(userId, userSerial, secret)); return translateBool(fscrypt_unlock_ce_storage(userId, secret));
} }
binder::Status VoldNativeService::lockCeStorage(int32_t userId) { binder::Status VoldNativeService::lockCeStorage(int32_t userId) {
@ -654,15 +652,14 @@ binder::Status VoldNativeService::lockCeStorage(int32_t userId) {
} }
binder::Status VoldNativeService::prepareUserStorage(const std::optional<std::string>& uuid, binder::Status VoldNativeService::prepareUserStorage(const std::optional<std::string>& uuid,
int32_t userId, int32_t userSerial, int32_t userId, int32_t flags) {
int32_t flags) {
ENFORCE_SYSTEM_OR_ROOT; ENFORCE_SYSTEM_OR_ROOT;
std::string empty_string = ""; std::string empty_string = "";
auto uuid_ = uuid ? *uuid : empty_string; auto uuid_ = uuid ? *uuid : empty_string;
CHECK_ARGUMENT_HEX(uuid_); CHECK_ARGUMENT_HEX(uuid_);
ACQUIRE_CRYPT_LOCK; ACQUIRE_CRYPT_LOCK;
return translateBool(fscrypt_prepare_user_storage(uuid_, userId, userSerial, flags)); return translateBool(fscrypt_prepare_user_storage(uuid_, userId, flags));
} }
binder::Status VoldNativeService::destroyUserStorage(const std::optional<std::string>& uuid, binder::Status VoldNativeService::destroyUserStorage(const std::optional<std::string>& uuid,

View file

@ -112,17 +112,17 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn
binder::Status setStorageBindingSeed(const std::vector<uint8_t>& seed); binder::Status setStorageBindingSeed(const std::vector<uint8_t>& seed);
binder::Status createUserStorageKeys(int32_t userId, int32_t userSerial, bool ephemeral); binder::Status createUserStorageKeys(int32_t userId, bool ephemeral);
binder::Status destroyUserStorageKeys(int32_t userId); binder::Status destroyUserStorageKeys(int32_t userId);
binder::Status setCeStorageProtection(int32_t userId, const std::string& secret); binder::Status setCeStorageProtection(int32_t userId, const std::string& secret);
binder::Status getUnlockedUsers(std::vector<int>* _aidl_return); binder::Status getUnlockedUsers(std::vector<int>* _aidl_return);
binder::Status unlockCeStorage(int32_t userId, int32_t userSerial, const std::string& secret); binder::Status unlockCeStorage(int32_t userId, const std::string& secret);
binder::Status lockCeStorage(int32_t userId); binder::Status lockCeStorage(int32_t userId);
binder::Status prepareUserStorage(const std::optional<std::string>& uuid, int32_t userId, binder::Status prepareUserStorage(const std::optional<std::string>& uuid, int32_t userId,
int32_t userSerial, int32_t flags); int32_t flags);
binder::Status destroyUserStorage(const std::optional<std::string>& uuid, int32_t userId, binder::Status destroyUserStorage(const std::optional<std::string>& uuid, int32_t userId,
int32_t flags); int32_t flags);

View file

@ -85,17 +85,16 @@ interface IVold {
void setStorageBindingSeed(in byte[] seed); void setStorageBindingSeed(in byte[] seed);
void createUserStorageKeys(int userId, int userSerial, boolean ephemeral); void createUserStorageKeys(int userId, boolean ephemeral);
void destroyUserStorageKeys(int userId); void destroyUserStorageKeys(int userId);
void setCeStorageProtection(int userId, @utf8InCpp String secret); void setCeStorageProtection(int userId, @utf8InCpp String secret);
int[] getUnlockedUsers(); int[] getUnlockedUsers();
void unlockCeStorage(int userId, int userSerial, @utf8InCpp String secret); void unlockCeStorage(int userId, @utf8InCpp String secret);
void lockCeStorage(int userId); void lockCeStorage(int userId);
void prepareUserStorage(@nullable @utf8InCpp String uuid, int userId, int userSerial, void prepareUserStorage(@nullable @utf8InCpp String uuid, int userId, int storageFlags);
int storageFlags);
void destroyUserStorage(@nullable @utf8InCpp String uuid, int userId, int storageFlags); void destroyUserStorage(@nullable @utf8InCpp String uuid, int userId, int storageFlags);
void prepareSandboxForApp(in @utf8InCpp String packageName, int appId, void prepareSandboxForApp(in @utf8InCpp String packageName, int appId,