diff options
author | Yo Chiang <yochiang@google.com> | 2020-10-26 06:37:08 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-10-26 06:37:08 +0000 |
commit | 894e55e55fb1f1849bc6c9c7695839b2bfaade37 (patch) | |
tree | 153ce2c337e497c748dd9b400410fcacea21064c | |
parent | 5a973e97778009929367de604eee13a965a2e8fd (diff) | |
parent | b57eb6c4e519414919d6f8f473d095fc6054f099 (diff) | |
download | gsid-894e55e55fb1f1849bc6c9c7695839b2bfaade37.tar.gz |
Merge "Destroy DSU metadata encryption key when wiping an installation" am: 5dc456a684 am: 14a42ed03a am: b57eb6c4e5
Original change: https://android-review.googlesource.com/c/platform/system/gsid/+/1452417
Change-Id: I55247ad1f06ff53423e767f603b96fe57c102e9d
-rw-r--r-- | Android.bp | 1 | ||||
-rw-r--r-- | gsi_service.cpp | 34 |
2 files changed, 35 insertions, 0 deletions
@@ -99,6 +99,7 @@ cc_binary { "liblp", "libutils", "libc++fs", + "libvold_binder", ], target: { android: { diff --git a/gsi_service.cpp b/gsi_service.cpp index 3c875f8..41b8811 100644 --- a/gsi_service.cpp +++ b/gsi_service.cpp @@ -32,6 +32,8 @@ #include <android-base/strings.h> #include <android/gsi/BnImageService.h> #include <android/gsi/IGsiService.h> +#include <android/os/IVold.h> +#include <binder/IServiceManager.h> #include <binder/LazyServiceRegistrar.h> #include <ext4_utils/ext4_utils.h> #include <fs_mgr.h> @@ -171,6 +173,18 @@ binder::Status GsiService::createPartition(const ::std::string& name, int64_t si if (size == 0 && name == "userdata") { size = kDefaultUserdataSize; } + + if (name == "userdata") { + auto dsu_slot = GetDsuSlot(install_dir_); + auto key_dir = DefaultDsuMetadataKeyDir(dsu_slot); + auto key_dir_file = DsuMetadataKeyDirFile(dsu_slot); + if (!android::base::WriteStringToFile(key_dir, key_dir_file)) { + PLOG(ERROR) << "write failed: " << key_dir_file; + *_aidl_return = INSTALL_ERROR_GENERIC; + return binder::Status::ok(); + } + } + installer_ = std::make_unique<PartitionInstaller>(this, install_dir_, name, GetDsuSlot(install_dir_), size, readOnly); progress_ = {}; @@ -891,6 +905,10 @@ int GsiService::ReenableGsi(bool one_shot) { return IGsiService::INSTALL_OK; } +static android::sp<android::os::IVold> GetVoldService() { + return android::waitForService<android::os::IVold>(android::String16("vold")); +} + bool GsiService::RemoveGsiFiles(const std::string& install_dir) { bool ok = true; auto active_dsu = GetDsuSlot(install_dir); @@ -920,6 +938,22 @@ bool GsiService::RemoveGsiFiles(const std::string& install_dir) { ok = false; } } + if (auto vold = GetVoldService()) { + auto status = vold->destroyDsuMetadataKey(dsu_slot); + if (status.isOk()) { + std::string message; + if (!RemoveFileIfExists(DsuMetadataKeyDirFile(dsu_slot), &message)) { + LOG(ERROR) << message; + ok = false; + } + } else { + LOG(ERROR) << "Failed to destroy DSU metadata encryption key."; + ok = false; + } + } else { + LOG(ERROR) << "Failed to retrieve vold service."; + ok = false; + } if (ok) { SetProperty(kGsiInstalledProp, "0"); } |