diff options
author | Yo Chiang <yochiang@google.com> | 2020-10-07 14:20:00 +0800 |
---|---|---|
committer | Yo Chiang <yochiang@google.com> | 2020-10-13 16:00:43 +0800 |
commit | 0af25a3a9857b20f652e96660758632277062c65 (patch) | |
tree | 28be8874eb403e5c32c6b9b1d0529f8d051ce1d8 | |
parent | dd66de13ea0461e133070d2a09a7befdd576f427 (diff) | |
download | vold-0af25a3a9857b20f652e96660758632277062c65.tar.gz |
Add IVold::destroyDsuMetadataKey()
destroyDsuMetadataKey() / destroy_dsu_metadata_key() calls
android::gsi::GetDsuMetadataKeyDir() to query the DSU metadata
encryption key dir and destroy the key.
This releases the resource and allows consecutive DSU installations to
use the same key *directory*, but not the same key *blob*.
Bug: 168571434
Test: 1. Install a DSU system.
2. Boot the DSU system and reboot back to the host system.
3. Wipe the DSU installation.
4. DSU metadata key dir /metadata/vold/metadata_encryption/dsu/dsu is
destroyed.
Change-Id: Ib851177315a5a266807f46ccfd446de1848232cf
-rw-r--r-- | Android.bp | 1 | ||||
-rw-r--r-- | MetadataCrypt.cpp | 40 | ||||
-rw-r--r-- | MetadataCrypt.h | 2 | ||||
-rw-r--r-- | VoldNativeService.cpp | 7 | ||||
-rw-r--r-- | VoldNativeService.h | 2 | ||||
-rw-r--r-- | binder/android/os/IVold.aidl | 2 |
6 files changed, 54 insertions, 0 deletions
@@ -54,6 +54,7 @@ cc_defaults { "libdiskconfig", "libext4_utils", "libf2fs_sparseblock", + "libgsi", "libhardware", "libhardware_legacy", "libincfs", diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp index c61132c8..52add4a9 100644 --- a/MetadataCrypt.cpp +++ b/MetadataCrypt.cpp @@ -35,6 +35,7 @@ #include <cutils/fs.h> #include <fs_mgr.h> #include <libdm/dm.h> +#include <libgsi/libgsi.h> #include "Checkpoint.h" #include "CryptoType.h" @@ -366,5 +367,44 @@ bool defaultkey_setup_ext_volume(const std::string& label, const std::string& bl return create_crypto_blk_dev(label, blk_device, key, options, out_crypto_blkdev, &nr_sec); } +bool destroy_dsu_metadata_key(const std::string& dsu_slot) { + LOG(DEBUG) << "destroy_dsu_metadata_key: " << dsu_slot; + + const auto dsu_metadata_key_dir = android::gsi::GetDsuMetadataKeyDir(dsu_slot); + if (!pathExists(dsu_metadata_key_dir)) { + LOG(DEBUG) << "DSU metadata_key_dir doesn't exist, nothing to remove: " + << dsu_metadata_key_dir; + return true; + } + + // Ensure that the DSU key directory is different from the host OS'. + // Under normal circumstances, this should never happen, but handle it just in case. + if (auto data_rec = GetEntryForMountPoint(&fstab_default, "/data")) { + if (dsu_metadata_key_dir == data_rec->metadata_key_dir) { + LOG(ERROR) << "DSU metadata_key_dir is same as host OS: " << dsu_metadata_key_dir; + return false; + } + } + + bool ok = true; + for (auto suffix : {"/key", "/tmp"}) { + const auto key_path = dsu_metadata_key_dir + suffix; + if (pathExists(key_path)) { + LOG(DEBUG) << "Destroy key: " << key_path; + if (!android::vold::destroyKey(key_path)) { + LOG(ERROR) << "Failed to destroyKey(): " << key_path; + ok = false; + } + } + } + if (!ok) { + return false; + } + + LOG(DEBUG) << "Remove DSU metadata_key_dir: " << dsu_metadata_key_dir; + // DeleteDirContentsAndDir() already logged any error, so don't log repeatedly. + return android::vold::DeleteDirContentsAndDir(dsu_metadata_key_dir) == android::OK; +} + } // namespace vold } // namespace android diff --git a/MetadataCrypt.h b/MetadataCrypt.h index dc68e7ce..7341a086 100644 --- a/MetadataCrypt.h +++ b/MetadataCrypt.h @@ -34,6 +34,8 @@ bool defaultkey_setup_ext_volume(const std::string& label, const std::string& bl const android::vold::KeyBuffer& key, std::string* out_crypto_blkdev); +bool destroy_dsu_metadata_key(const std::string& dsu_slot); + } // namespace vold } // namespace android #endif diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp index d310acd6..3fb4e65b 100644 --- a/VoldNativeService.cpp +++ b/VoldNativeService.cpp @@ -950,5 +950,12 @@ binder::Status VoldNativeService::bindMount(const std::string& sourceDir, return translate(incfs::bindMount(sourceDir, targetDir)); } +binder::Status VoldNativeService::destroyDsuMetadataKey(const std::string& dsuSlot) { + ENFORCE_SYSTEM_OR_ROOT; + ACQUIRE_LOCK; + + return translateBool(destroy_dsu_metadata_key(dsuSlot)); +} + } // namespace vold } // namespace android diff --git a/VoldNativeService.h b/VoldNativeService.h index f10bf5f0..9914879d 100644 --- a/VoldNativeService.h +++ b/VoldNativeService.h @@ -159,6 +159,8 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn const ::android::os::incremental::IncrementalFileSystemControlParcel& control, bool enableReadLogs) override; binder::Status bindMount(const std::string& sourceDir, const std::string& targetDir) override; + + binder::Status destroyDsuMetadataKey(const std::string& dsuSlot) override; }; } // namespace vold diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl index 61e1e543..1d6225f0 100644 --- a/binder/android/os/IVold.aidl +++ b/binder/android/os/IVold.aidl @@ -139,6 +139,8 @@ interface IVold { void setIncFsMountOptions(in IncrementalFileSystemControlParcel control, boolean enableReadLogs); void bindMount(@utf8InCpp String sourceDir, @utf8InCpp String targetDir); + void destroyDsuMetadataKey(@utf8InCpp String dsuSlot); + const int ENCRYPTION_FLAG_NO_UI = 4; const int ENCRYPTION_STATE_NONE = 1; |