Call fscrypt_destroy_volume_keys() under mCryptLock

Everything in FsCrypt.cpp seems to run under VolumeManager::mCryptLock,
except for fscrypt_destroy_volume_keys() which uses mLock instead.

This was sort of okay because fscrypt_destroy_volume_keys() didn't
operate on any in-memory data structures.  However, that is going to be
changed.  Therefore, rework VoldNativeService::forgetPartition() to call
fscrypt_destroy_volume_keys() under mCryptLock.

Ignore-AOSP-First: Conflicts. Will cherry-pick after Android 14 push...
Test: see I7f11a135d8550618cd96013f834cebd54be5ef84
Change-Id: Ia27a61faf2fdd546cdbddb2a3985c7c6696f6aa6

FsCrypt.cpp

@@ -1137,7 +1137,10 @@ static bool destroy_volume_keys(const std::string& directory_path, const std::st
     return res;
 }
 
+// Destroys all CE and DE keys for an adoptable storage volume that is permanently going away.
+// Requires VolumeManager::mCryptLock.
 bool fscrypt_destroy_volume_keys(const std::string& volume_uuid) {
+    if (!IsFbeEnabled()) return true;
     bool res = true;
     LOG(DEBUG) << "fscrypt_destroy_volume_keys for volume " << escape_empty(volume_uuid);
     auto secdiscardable_path = volume_secdiscardable_path(volume_uuid);

VoldNativeService.cpp

@@ -256,9 +256,19 @@ binder::Status VoldNativeService::forgetPartition(const std::string& partGuid,
     ENFORCE_SYSTEM_OR_ROOT;
     CHECK_ARGUMENT_HEX(partGuid);
     CHECK_ARGUMENT_HEX(fsUuid);
-    ACQUIRE_LOCK;
+    bool success = true;
 
-    return translate(VolumeManager::Instance()->forgetPartition(partGuid, fsUuid));
+    {
+        ACQUIRE_LOCK;
+        success &= VolumeManager::Instance()->forgetPartition(partGuid, fsUuid);
+    }
+
+    {
+        ACQUIRE_CRYPT_LOCK;
+        success &= fscrypt_destroy_volume_keys(fsUuid);
+    }
+
+    return translateBool(success);
 }
 
 binder::Status VoldNativeService::mount(

VolumeManager.cpp

@@ -346,25 +346,19 @@ void VolumeManager::listVolumes(android::vold::VolumeBase::Type type,
     }
 }
 
-int VolumeManager::forgetPartition(const std::string& partGuid, const std::string& fsUuid) {
+bool VolumeManager::forgetPartition(const std::string& partGuid, const std::string& fsUuid) {
     std::string normalizedGuid;
     if (android::vold::NormalizeHex(partGuid, normalizedGuid)) {
         LOG(WARNING) << "Invalid GUID " << partGuid;
-        return -1;
+        return false;
     }
 
-    bool success = true;
     std::string keyPath = android::vold::BuildKeyPath(normalizedGuid);
     if (unlink(keyPath.c_str()) != 0) {
         LOG(ERROR) << "Failed to unlink " << keyPath;
-        success = false;
+        return false;
     }
-    if (IsFbeEnabled()) {
+    return true;
-        if (!fscrypt_destroy_volume_keys(fsUuid)) {
-            success = false;
-        }
-    }
-    return success ? 0 : -1;
 }
 
 void VolumeManager::destroyEmulatedVolumesForUser(userid_t userId) {

VolumeManager.h

@@ -106,7 +106,7 @@ class VolumeManager {
 
     userid_t getSharedStorageUser(userid_t userId);
 
-    int forgetPartition(const std::string& partGuid, const std::string& fsUuid);
+    bool forgetPartition(const std::string& partGuid, const std::string& fsUuid);
 
     int onUserAdded(userid_t userId, int userSerialNumber, userid_t cloneParentUserId);
     int onUserRemoved(userid_t userId);