release-request-6c498b17-9310-412b-ad36-3dcf25ffef73-for-git_oc-release-4017086 snap-temp-L16500000064871237android-cts-8.0_r9android-cts-8.0_r8android-cts-8.0_r7android-cts-8.0_r6android-cts-8.0_r5android-cts-8.0_r4android-cts-8.0_r3android-cts-8.0_r26android-cts-8.0_r25android-cts-8.0_r24android-cts-8.0_r23android-cts-8.0_r22android-cts-8.0_r21android-cts-8.0_r20android-cts-8.0_r2android-cts-8.0_r19android-cts-8.0_r18android-cts-8.0_r17android-cts-8.0_r16android-cts-8.0_r15android-cts-8.0_r14android-cts-8.0_r13android-cts-8.0_r12android-cts-8.0_r11android-cts-8.0_r10android-cts-8.0_r1android-8.0.0_r9android-8.0.0_r7android-8.0.0_r4android-8.0.0_r36android-8.0.0_r35android-8.0.0_r32android-8.0.0_r31android-8.0.0_r30android-8.0.0_r3android-8.0.0_r29android-8.0.0_r28android-8.0.0_r2android-8.0.0_r17android-8.0.0_r16android-8.0.0_r15android-8.0.0_r13android-8.0.0_r12android-8.0.0_r11android-8.0.0_r10android-8.0.0_r1oreo-releaseoreo-r6-releaseoreo-r5-releaseoreo-r4-releaseoreo-r3-releaseoreo-r2-releaseoreo-cts-release

Change-Id: I757165e8d8d146d4b57dc008025dfba703e34339

5 files changed, 21 insertions, 0 deletions

diff --git a/CryptCommandListener.cpp b/CryptCommandListener.cpp
index e4a2d3a8..094a4747 100644
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp
@@ -414,6 +414,11 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli,
         return sendGenericOkFailOnBool(cli,
                 e4crypt_destroy_user_storage(parseNull(argv[2]), atoi(argv[3]), atoi(argv[4])));
 
+    } else if (subcommand == "secdiscard") {
+        if (!check_argc(cli, subcommand, argc, 3, "<path>")) return 0;
+        return sendGenericOkFailOnBool(cli,
+                e4crypt_secdiscard(parseNull(argv[2])));
+
     } else {
         dumpArgs(argc, argv, -1);
         cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs subcommand", false);
diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index e40593e6..b41e09c8 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -830,3 +830,7 @@ bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int
 
     return res;
 }
+
+bool e4crypt_secdiscard(const char* path) {
+    return android::vold::runSecdiscardSingle(std::string(path));
+}
diff --git a/Ext4Crypt.h b/Ext4Crypt.h
index 2dcc1976..e90167bd 100644
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h
@@ -38,4 +38,5 @@ bool e4crypt_lock_user_key(userid_t user_id);
 bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial, int flags);
 bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags);
 
+bool e4crypt_secdiscard(const char* path);
 __END_DECLS
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 34dd6c0a..a36ac6a0 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -489,6 +489,16 @@ static bool runSecdiscard(const std::string& dir) {
     return true;
 }
 
+bool runSecdiscardSingle(const std::string& file) {
+    if (ForkExecvp(
+            std::vector<std::string>{kSecdiscardPath, "--",
+                file}) != 0) {
+        LOG(ERROR) << "secdiscard failed";
+        return false;
+    }
+    return true;
+}
+
 static bool recursiveDeleteKey(const std::string& dir) {
     if (ForkExecvp(std::vector<std::string>{kRmPath, "-rf", dir}) != 0) {
         LOG(ERROR) << "recursive delete failed";
diff --git a/KeyStorage.h b/KeyStorage.h
index 65458d47..bce6a99c 100644
--- a/KeyStorage.h
+++ b/KeyStorage.h
@@ -51,6 +51,7 @@ bool retrieveKey(const std::string& dir, const KeyAuthentication& auth, std::str
 // Securely destroy the key stored in the named directory and delete the directory.
 bool destroyKey(const std::string& dir);
 
+bool runSecdiscardSingle(const std::string& file);
 }  // namespace vold
 }  // namespace android