Add secdiscard command for secure deletion of files

This is used by LockSettingsService to delete sensitive credential files. Bug: 34600579 Test: manual - change device lock under synthetic password, verify old data on disk is erased. Change-Id: I5e11b559ad8818bd2ad2b321d67d21477aab7555 Merged-In: I5e11b559ad8818bd2ad2b321d67d21477aab7555
7 years ago · f8d604caf3
parent c40996e719
commit f8d604caf3
5 changed files with 21 additions and 0 deletions
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp
@ -414,6 +414,11 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli,
        return sendGenericOkFailOnBool(cli,
                e4crypt_destroy_user_storage(parseNull(argv[2]), atoi(argv[3]), atoi(argv[4])));

+    } else if (subcommand == "secdiscard") {
+        if (!check_argc(cli, subcommand, argc, 3, "<path>")) return 0;
+        return sendGenericOkFailOnBool(cli,
+                e4crypt_secdiscard(parseNull(argv[2])));
+
    } else {
        dumpArgs(argc, argv, -1);
        cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs subcommand", false);
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@ -830,3 +830,7 @@ bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int

    return res;
 }
+
+bool e4crypt_secdiscard(const char* path) {
+    return android::vold::runSecdiscardSingle(std::string(path));
+}
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h
@ -38,4 +38,5 @@ bool e4crypt_lock_user_key(userid_t user_id);
 bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial, int flags);
 bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags);

+bool e4crypt_secdiscard(const char* path);
 __END_DECLS
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@ -489,6 +489,16 @@ static bool runSecdiscard(const std::string& dir) {
    return true;
 }

+bool runSecdiscardSingle(const std::string& file) {
+    if (ForkExecvp(
+            std::vector<std::string>{kSecdiscardPath, "--",
+                file}) != 0) {
+        LOG(ERROR) << "secdiscard failed";
+        return false;
+    }
+    return true;
+}
+
 static bool recursiveDeleteKey(const std::string& dir) {
    if (ForkExecvp(std::vector<std::string>{kRmPath, "-rf", dir}) != 0) {
        LOG(ERROR) << "recursive delete failed";
--- a/KeyStorage.h
+++ b/KeyStorage.h
@ -51,6 +51,7 @@ bool retrieveKey(const std::string& dir, const KeyAuthentication& auth, std::str
 // Securely destroy the key stored in the named directory and delete the directory.
 bool destroyKey(const std::string& dir);

+bool runSecdiscardSingle(const std::string& file);
 }  // namespace vold
 }  // namespace android