fskeyring & userspace reboot: support DE keys

During userspace reboot /data might be unmounted, which means that if
device supports filesystem keyring, DE keys will be lost and are needed
to be re-installed.

Test: adb shell setprop sys.init.userdata_remount.force_umount 1
Test: adb shell svc power reboot userspace
Test: atest CtsUserspaceRebootHostSideTestCases
Bug: 143970043
Change-Id: I153caa1d7c373b3c906a34f1184c681e52854a9d
Merged-In: I153caa1d7c373b3c906a34f1184c681e52854a9d
(cherry picked from commit 1eaea5a6a2)
This commit is contained in:
Nikita Ioffe 2020-02-27 18:21:55 +00:00
parent 3a0fd35b62
commit f0550af103

View file

@ -83,8 +83,6 @@ const std::string prepare_subdirs_path = "/system/bin/vold_prepare_subdirs";
const std::string systemwide_volume_key_dir =
std::string() + DATA_MNT_POINT + "/misc/vold/volume_keys";
bool s_systemwide_keys_initialized = false;
// Some users are ephemeral, don't try to wipe their keys from disk
std::set<userid_t> s_ephemeral_users;
@ -359,15 +357,17 @@ static bool load_all_de_keys() {
continue;
}
userid_t user_id = std::stoi(entry->d_name);
if (s_de_policies.count(user_id) == 0) {
auto key_path = de_dir + "/" + entry->d_name;
KeyBuffer de_key;
if (!retrieveKey(key_path, kEmptyAuthentication, &de_key)) return false;
EncryptionPolicy de_policy;
if (!install_storage_key(DATA_MNT_POINT, options, de_key, &de_policy)) return false;
s_de_policies[user_id] = de_policy;
LOG(DEBUG) << "Installed de key for user " << user_id;
auto key_path = de_dir + "/" + entry->d_name;
KeyBuffer de_key;
if (!retrieveKey(key_path, kEmptyAuthentication, &de_key)) return false;
EncryptionPolicy de_policy;
if (!install_storage_key(DATA_MNT_POINT, options, de_key, &de_policy)) return false;
auto ret = s_de_policies.insert({user_id, de_policy});
if (!ret.second && ret.first->second != de_policy) {
LOG(ERROR) << "DE policy for user" << user_id << " changed";
return false;
}
LOG(DEBUG) << "Installed de key for user " << user_id;
}
// fscrypt:TODO: go through all DE directories, ensure that all user dirs have the
// correct policy set on them, and that no rogue ones exist.
@ -377,10 +377,6 @@ static bool load_all_de_keys() {
bool fscrypt_initialize_systemwide_keys() {
LOG(INFO) << "fscrypt_initialize_systemwide_keys";
if (s_systemwide_keys_initialized) {
LOG(INFO) << "Already initialized";
return true;
}
EncryptionOptions options;
if (!get_data_file_encryption_options(&options)) return false;
@ -414,7 +410,6 @@ bool fscrypt_initialize_systemwide_keys() {
LOG(INFO) << "Wrote per boot key reference to:" << per_boot_ref_filename;
if (!android::vold::FsyncDirectory(device_key_dir)) return false;
s_systemwide_keys_initialized = true;
return true;
}