Merge "Have vold inform keymaster that early boot ended" am: 68b9fb10ae am: fce0d92ce4

Change-Id: If58cc1911c477ac9bed03fc39952a573db71651e
4 years ago · bf352873ad
parent 3660bf983c fce0d92ce4
commit bf352873ad
3 changed files with 24 additions and 0 deletions
--- a/Keymaster.cpp
+++ b/Keymaster.cpp
@ -207,6 +207,17 @@ bool Keymaster::isSecure() {
    return mDevice->halVersion().securityLevel != km::SecurityLevel::SOFTWARE;
 }

+void Keymaster::earlyBootEnded() {
+    auto error = mDevice->earlyBootEnded();
+    if (!error.isOk()) {
+        LOG(ERROR) << "earlyBootEnded failed: " << error.description();
+    }
+    km::V4_1_ErrorCode km_error = error;
+    if (km_error != km::V4_1_ErrorCode::OK && km_error != km::V4_1_ErrorCode::UNIMPLEMENTED) {
+        LOG(ERROR) << "Error reporting early boot ending to keymaster: " << int32_t(km_error);
+    }
+}
+
 }  // namespace vold
 }  // namespace android

--- a/Keymaster.h
+++ b/Keymaster.h
@ -39,6 +39,7 @@ using namespace ::android::hardware::keymaster::V4_1;
 // dangerous thing to rely on, but in this case its implications are simple and straightforward:
 // km::ErrorCode refers to the 4.0 ErrorCode, though we pull everything else from 4.1.
 using ErrorCode = ::android::hardware::keymaster::V4_0::ErrorCode;
+using V4_1_ErrorCode = ::android::hardware::keymaster::V4_1::ErrorCode;

 }  // namespace km

@ -125,6 +126,10 @@ class Keymaster {
                             km::AuthorizationSet* outParams);
    bool isSecure();

+    // Tell Keymaster that early boot has ended and early boot-only keys can no longer be created or
+    // used.
+    void earlyBootEnded();
+
  private:
    std::unique_ptr<KmDevice> mDevice;
    DISALLOW_COPY_AND_ASSIGN(Keymaster);
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@ -56,6 +56,14 @@ static const char* kFn_keymaster_key_blob = "keymaster_key_blob";
 static const char* kFn_keymaster_key_blob_upgraded = "keymaster_key_blob_upgraded";

 static bool mount_via_fs_mgr(const char* mount_point, const char* blk_device) {
+    // We're about to mount data not verified by verified boot.  Tell Keymaster that early boot has
+    // ended.
+    //
+    // TODO(paulcrowley): Make a Keymaster singleton or something, so we don't have to repeatedly
+    // open and initialize the service.
+    ::android::vold::Keymaster keymaster;
+    keymaster.earlyBootEnded();
+
    // fs_mgr_do_mount runs fsck. Use setexeccon to run trusted
    // partitions in the fsck domain.
    if (setexeccon(android::vold::sFsckContext)) {