diff options
author | Rubin Xu <rubinxu@google.com> | 2017-04-26 20:07:30 +0100 |
---|---|---|
committer | Rubin Xu <rubinxu@google.com> | 2017-04-26 20:07:30 +0100 |
commit | 85c85e9840b9546a1919eeb23b7e9d3e2dadef69 (patch) | |
tree | b165dea76b57cb682c0491edd6d3ebed00e369a9 | |
parent | 211dcefb7762c1dcb130f89a282cb4c4f666ec56 (diff) | |
download | security-85c85e9840b9546a1919eeb23b7e9d3e2dadef69.tar.gz |
Do not clear critical keys in clear_uid()
If clear_uid() is called on system uid, skip clearing keys with
FLAG_CRITICAL_TO_DEVICE_ENCRYPTION flag since device authenticaion
would be broken without them.
Bug: 34600579
Test: Add device lock under synthtic password, goto Settings/security/encryption,
tap clear credentials and verify device lock is still intact.
Change-Id: I6c009163831b0901b0973d13906f56139028052c
-rw-r--r-- | keystore/key_store_service.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp index a509eeaa..caf0655d 100644 --- a/keystore/key_store_service.cpp +++ b/keystore/key_store_service.cpp @@ -632,6 +632,17 @@ KeyStoreServiceReturnCode KeyStoreService::clear_uid(int64_t targetUid64) { for (uint32_t i = 0; i < aliases.size(); i++) { String8 name8(aliases[i]); String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid, ::TYPE_ANY)); + + if (get_app_id(targetUid) == AID_SYSTEM) { + Blob keyBlob; + ResponseCode responseCode = + mKeyStore->get(filename.string(), &keyBlob, ::TYPE_ANY, get_user_id(targetUid)); + if (responseCode == ResponseCode::NO_ERROR && keyBlob.isCriticalToDeviceEncryption()) { + // Do not clear keys critical to device encryption under system uid. + continue; + } + } + mKeyStore->del(filename.string(), ::TYPE_ANY, get_user_id(targetUid)); // del() will fail silently if no cached characteristics are present for this alias. |