diff options
| author | Eric Biggers <ebiggers@google.com> | 2020-11-05 19:58:26 -0800 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2020-11-05 19:58:26 -0800 |
| commit | f74373b17758886ba2880fc1ed838689e2022467 (patch) | |
| tree | 97f6cf28e280832680ba2095d95c7ceab3a87f97 /Utils.h | |
| parent | e244a15f34ae2e85e3f5b40be0bf252e37eab56b (diff) | |
| download | vold-f74373b17758886ba2880fc1ed838689e2022467.tar.gz | |
KeyStorage: rework key upgrade handling
Remove the error-prone 'keepOld' parameter, and instead make begin()
(renamed to BeginKeymasterOp()) do all the key upgrade handling.
Don't handle /data and /metadata differently anymore. Previously, when
a checkpoint is active, key blob files were replaced on /data
immediately; only the actual Keymaster key deletion was delayed until
checkpoint commit. But it's easier to just delay the key blob file
replacement too, as we have to implement that for /metadata anyway.
Also be more vigilant about deleting any leftover upgraded keys.
Test: Tested on bramble using an OTA rvc-d1-release => master. In OTA
success case, verified via logcat that the keys were upgraded and
then were committed after the boot succeeded. In OTA failure
case, verified that the device still boots -- i.e., the old keys
weren't lost. Verified that in either case, no
keymaster_key_blob_upgraded files were left over. Finally, also
tried 'pm create-user' and 'pm remove-user' and verified via
logcat that the Keymaster keys still get deleted.
Change-Id: Ic9c3e63e0bcae0c608fc79050ca4a1676b3852ee
Diffstat (limited to 'Utils.h')
| -rw-r--r-- | Utils.h | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -155,6 +155,8 @@ std::string BuildDataUserDePath(const std::string& volumeUuid, userid_t userid); dev_t GetDevice(const std::string& path); +bool IsSameFile(const std::string& path1, const std::string& path2); + status_t EnsureDirExists(const std::string& path, mode_t mode, uid_t uid, gid_t gid); status_t RestoreconRecursive(const std::string& path); |