diff options
| author | Yo Chiang <yochiang@google.com> | 2020-10-26 05:27:36 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2020-10-26 05:27:36 +0000 |
| commit | 5dc456a68480062409dda0c32448c20aaa680275 (patch) | |
| tree | 153ce2c337e497c748dd9b400410fcacea21064c | |
| parent | adb1b891a86ba0755122cdc6a2a3f3d1d23807d6 (diff) | |
| parent | 1f08091aea005c86612e5900ab213670956e9492 (diff) | |
| download | gsid-5dc456a68480062409dda0c32448c20aaa680275.tar.gz | |
Merge "Destroy DSU metadata encryption key when wiping an installation"
| -rw-r--r-- | Android.bp | 1 | ||||
| -rw-r--r-- | gsi_service.cpp | 34 |
2 files changed, 35 insertions, 0 deletions
@@ -99,6 +99,7 @@ cc_binary { "liblp", "libutils", "libc++fs", + "libvold_binder", ], target: { android: { diff --git a/gsi_service.cpp b/gsi_service.cpp index 3c875f8..41b8811 100644 --- a/gsi_service.cpp +++ b/gsi_service.cpp @@ -32,6 +32,8 @@ #include <android-base/strings.h> #include <android/gsi/BnImageService.h> #include <android/gsi/IGsiService.h> +#include <android/os/IVold.h> +#include <binder/IServiceManager.h> #include <binder/LazyServiceRegistrar.h> #include <ext4_utils/ext4_utils.h> #include <fs_mgr.h> @@ -171,6 +173,18 @@ binder::Status GsiService::createPartition(const ::std::string& name, int64_t si if (size == 0 && name == "userdata") { size = kDefaultUserdataSize; } + + if (name == "userdata") { + auto dsu_slot = GetDsuSlot(install_dir_); + auto key_dir = DefaultDsuMetadataKeyDir(dsu_slot); + auto key_dir_file = DsuMetadataKeyDirFile(dsu_slot); + if (!android::base::WriteStringToFile(key_dir, key_dir_file)) { + PLOG(ERROR) << "write failed: " << key_dir_file; + *_aidl_return = INSTALL_ERROR_GENERIC; + return binder::Status::ok(); + } + } + installer_ = std::make_unique<PartitionInstaller>(this, install_dir_, name, GetDsuSlot(install_dir_), size, readOnly); progress_ = {}; @@ -891,6 +905,10 @@ int GsiService::ReenableGsi(bool one_shot) { return IGsiService::INSTALL_OK; } +static android::sp<android::os::IVold> GetVoldService() { + return android::waitForService<android::os::IVold>(android::String16("vold")); +} + bool GsiService::RemoveGsiFiles(const std::string& install_dir) { bool ok = true; auto active_dsu = GetDsuSlot(install_dir); @@ -920,6 +938,22 @@ bool GsiService::RemoveGsiFiles(const std::string& install_dir) { ok = false; } } + if (auto vold = GetVoldService()) { + auto status = vold->destroyDsuMetadataKey(dsu_slot); + if (status.isOk()) { + std::string message; + if (!RemoveFileIfExists(DsuMetadataKeyDirFile(dsu_slot), &message)) { + LOG(ERROR) << message; + ok = false; + } + } else { + LOG(ERROR) << "Failed to destroy DSU metadata encryption key."; + ok = false; + } + } else { + LOG(ERROR) << "Failed to retrieve vold service."; + ok = false; + } if (ok) { SetProperty(kGsiInstalledProp, "0"); } |