Defer deleteKey in KeyStorage in Checkpointing mode

am: 8cc5716ef1

Change-Id: Iecd54afeec49d27ce0c74d1ee41fa3aefe169c84
This commit is contained in:
Daniel Rosenberg 2019-06-07 13:05:41 -07:00 committed by android-build-merger
commit cfc8afa3c4

View file

@ -19,7 +19,9 @@
#include "Keymaster.h"
#include "ScryptParameters.h"
#include "Utils.h"
#include "Checkpoint.h"
#include <thread>
#include <vector>
#include <errno.h>
@ -36,6 +38,7 @@
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/unique_fd.h>
#include <android-base/properties.h>
#include <cutils/properties.h>
@ -171,6 +174,28 @@ bool readSecdiscardable(const std::string& filename, std::string* hash) {
return true;
}
static void deferedKmDeleteKey(const std::string& kmkey) {
while (!android::base::WaitForProperty("vold.checkpoint_committed", "1")) {
LOG(ERROR) << "Wait for boot timed out";
}
Keymaster keymaster;
if (!keymaster || !keymaster.deleteKey(kmkey)) {
LOG(ERROR) << "Defered Key deletion failed during upgrade";
}
}
bool kmDeleteKey(Keymaster& keymaster, const std::string& kmKey) {
bool needs_cp = cp_needsCheckpoint();
if (needs_cp) {
std::thread(deferedKmDeleteKey, kmKey).detach();
LOG(INFO) << "Deferring Key deletion during upgrade";
return true;
} else {
return keymaster.deleteKey(kmKey);
}
}
static KeymasterOperation begin(Keymaster& keymaster, const std::string& dir,
km::KeyPurpose purpose, const km::AuthorizationSet& keyParams,
const km::AuthorizationSet& opParams,
@ -201,7 +226,7 @@ static KeymasterOperation begin(Keymaster& keymaster, const std::string& dir,
LOG(ERROR) << "Key dir sync failed: " << dir;
return KeymasterOperation();
}
if (!keymaster.deleteKey(kmKey)) {
if (!kmDeleteKey(keymaster, kmKey)) {
LOG(ERROR) << "Key deletion failed during upgrade, continuing anyway: " << dir;
}
}