am bac3d093: Merge "Delete the user key when deleting a user." into mnc-dr-dev

* commit 'bac3d0936dfdb4d594873fd8690e8017e748ed96': Delete the user key when deleting a user.
2015-07-13 22:34:51 +00:00
parent 62d43bd9e8 bac3d0936d
commit 140ff7a50b
4 changed files with 70 additions and 0 deletions
--- a/core/java/android/os/storage/IMountService.java
+++ b/core/java/android/os/storage/IMountService.java
@@ -1208,6 +1208,21 @@ public interface IMountService extends IInterface {
                    _data.recycle();
                }
            }
+
+            @Override
+            public void deleteUserKey(int userHandle) throws RemoteException {
+                Parcel _data = Parcel.obtain();
+                Parcel _reply = Parcel.obtain();
+                try {
+                    _data.writeInterfaceToken(DESCRIPTOR);
+                    _data.writeInt(userHandle);
+                    mRemote.transact(Stub.TRANSACTION_deleteUserKey, _data, _reply, 0);
+                    _reply.readException();
+                } finally {
+                    _reply.recycle();
+                    _data.recycle();
+                }
+            }
        }

        private static final String DESCRIPTOR = "IMountService";
@@ -1326,6 +1341,7 @@ public interface IMountService extends IInterface {
        static final int TRANSACTION_remountUid = IBinder.FIRST_CALL_TRANSACTION + 61;

        static final int TRANSACTION_createNewUserDir = IBinder.FIRST_CALL_TRANSACTION + 62;
+        static final int TRANSACTION_deleteUserKey = IBinder.FIRST_CALL_TRANSACTION + 63;

        /**
         * Cast an IBinder object into an IMountService interface, generating a
@@ -1895,6 +1911,13 @@ public interface IMountService extends IInterface {
                    reply.writeNoException();
                    return true;
                }
+                case TRANSACTION_deleteUserKey: {
+                    data.enforceInterface(DESCRIPTOR);
+                    int userHandle = data.readInt();
+                    deleteUserKey(userHandle);
+                    reply.writeNoException();
+                    return true;
+                }
            }
            return super.onTransact(code, data, reply, flags);
        }
@@ -2214,4 +2237,11 @@ public interface IMountService extends IInterface {
     */
    public void createNewUserDir(int userHandle, String path)
        throws RemoteException;
+
+    /**
+     * Securely delete the user's encryption key
+     * @param userHandle Handle of the user whose key we are deleting
+     */
+    public void deleteUserKey(int userHandle)
+        throws RemoteException;
 }
--- a/core/java/android/os/storage/StorageManager.java
+++ b/core/java/android/os/storage/StorageManager.java
@@ -954,6 +954,15 @@ public class StorageManager {
        }
    }

+    /** {@hide} */
+    public void deleteUserKey(int userHandle) {
+        try {
+            mMountService.deleteUserKey(userHandle);
+        } catch (RemoteException e) {
+            throw e.rethrowAsRuntimeException();
+        }
+    }
+
    /** {@hide} */
    public static File maybeTranslateEmulatedPathToInternal(File path) {
        final IMountService mountService = IMountService.Stub.asInterface(
--- a/services/core/java/com/android/server/MountService.java
+++ b/services/core/java/com/android/server/MountService.java
@@ -2586,6 +2586,35 @@ class MountService extends IMountService.Stub
        }
    }

+    // ext4enc:TODO duplication between this and createNewUserDir is nasty
+    @Override
+    public void deleteUserKey(int userHandle) {
+        if (Binder.getCallingUid() != Process.SYSTEM_UID) {
+            throw new SecurityException("Only SYSTEM_UID can delete user keys");
+        }
+
+        waitForReady();
+
+        if (DEBUG_EVENTS) {
+            Slog.i(TAG, "Deleting user key");
+        }
+
+        try {
+            NativeDaemonEvent event = mCryptConnector.execute(
+                "cryptfs", "deleteuserkey", userHandle);
+            if (!"0".equals(event.getMessage())) {
+                String error = "deleteuserkey sent unexpected message: "
+                    + event.getMessage();
+                Slog.e(TAG,  error);
+                // ext4enc:TODO is this the right exception?
+                throw new RuntimeException(error);
+            }
+        } catch (NativeDaemonConnectorException e) {
+            Slog.e(TAG, "deleteuserkey threw exception", e);
+            throw new RuntimeException("deleteuserkey threw exception", e);
+        }
+    }
+
    @Override
    public int mkdirs(String callingPkg, String appPath) {
        final int userId = UserHandle.getUserId(Binder.getCallingUid());
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -1470,6 +1470,8 @@ public class UserManagerService extends IUserManager.Stub {
    }

    private void removeUserStateLocked(final int userHandle) {
+        mContext.getSystemService(StorageManager.class)
+            .deleteUserKey(userHandle);
        // Cleanup package manager settings
        mPm.cleanUpUserLILPw(this, userHandle);