Defer deleteKey in KeyStorage in Checkpointing mode
am: 8cc5716ef1
Change-Id: Iecd54afeec49d27ce0c74d1ee41fa3aefe169c84
This commit is contained in:
commit
cfc8afa3c4
1 changed files with 26 additions and 1 deletions
|
@ -19,7 +19,9 @@
|
|||
#include "Keymaster.h"
|
||||
#include "ScryptParameters.h"
|
||||
#include "Utils.h"
|
||||
#include "Checkpoint.h"
|
||||
|
||||
#include <thread>
|
||||
#include <vector>
|
||||
|
||||
#include <errno.h>
|
||||
|
@ -36,6 +38,7 @@
|
|||
#include <android-base/file.h>
|
||||
#include <android-base/logging.h>
|
||||
#include <android-base/unique_fd.h>
|
||||
#include <android-base/properties.h>
|
||||
|
||||
#include <cutils/properties.h>
|
||||
|
||||
|
@ -171,6 +174,28 @@ bool readSecdiscardable(const std::string& filename, std::string* hash) {
|
|||
return true;
|
||||
}
|
||||
|
||||
static void deferedKmDeleteKey(const std::string& kmkey) {
|
||||
while (!android::base::WaitForProperty("vold.checkpoint_committed", "1")) {
|
||||
LOG(ERROR) << "Wait for boot timed out";
|
||||
}
|
||||
Keymaster keymaster;
|
||||
if (!keymaster || !keymaster.deleteKey(kmkey)) {
|
||||
LOG(ERROR) << "Defered Key deletion failed during upgrade";
|
||||
}
|
||||
}
|
||||
|
||||
bool kmDeleteKey(Keymaster& keymaster, const std::string& kmKey) {
|
||||
bool needs_cp = cp_needsCheckpoint();
|
||||
|
||||
if (needs_cp) {
|
||||
std::thread(deferedKmDeleteKey, kmKey).detach();
|
||||
LOG(INFO) << "Deferring Key deletion during upgrade";
|
||||
return true;
|
||||
} else {
|
||||
return keymaster.deleteKey(kmKey);
|
||||
}
|
||||
}
|
||||
|
||||
static KeymasterOperation begin(Keymaster& keymaster, const std::string& dir,
|
||||
km::KeyPurpose purpose, const km::AuthorizationSet& keyParams,
|
||||
const km::AuthorizationSet& opParams,
|
||||
|
@ -201,7 +226,7 @@ static KeymasterOperation begin(Keymaster& keymaster, const std::string& dir,
|
|||
LOG(ERROR) << "Key dir sync failed: " << dir;
|
||||
return KeymasterOperation();
|
||||
}
|
||||
if (!keymaster.deleteKey(kmKey)) {
|
||||
if (!kmDeleteKey(keymaster, kmKey)) {
|
||||
LOG(ERROR) << "Key deletion failed during upgrade, continuing anyway: " << dir;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue