Merge "Serialize key eviction vs. user storage preparation" into pi-dev

2018-04-18 19:12:36 +00:00
parent eb432b1092 634c34ea17
commit a2f4dd1cfd
1 changed files with 25 additions and 13 deletions
--- a/services/core/java/com/android/server/am/UserController.java
+++ b/services/core/java/com/android/server/am/UserController.java
@@ -400,6 +400,10 @@ class UserController implements Handler.Callback {

        // Call onBeforeUnlockUser on a worker thread that allows disk I/O
        FgThread.getHandler().post(() -> {
+            if (!StorageManager.isUserKeyUnlocked(userId)) {
+                Slog.w(TAG, "User key got locked unexpectedly, leaving user locked.");
+                return;
+            }
            mInjector.getUserManager().onBeforeUnlockUser(userId);
            synchronized (mLock) {
                // Do not proceed if unexpected state
@@ -714,14 +718,11 @@ class UserController implements Handler.Callback {

    void finishUserStopped(UserState uss) {
        final int userId = uss.mHandle.getIdentifier();
-        boolean stopped;
+        final boolean stopped;
        ArrayList<IStopUserCallback> callbacks;
-        boolean forceStopUser = false;
        synchronized (mLock) {
            callbacks = new ArrayList<>(uss.mStopCallbacks);
-            if (mStartedUsers.get(userId) != uss) {
-                stopped = false;
-            } else if (uss.state != UserState.STATE_SHUTDOWN) {
+            if (mStartedUsers.get(userId) != uss || uss.state != UserState.STATE_SHUTDOWN) {
                stopped = false;
            } else {
                stopped = true;
@@ -729,10 +730,10 @@ class UserController implements Handler.Callback {
                mStartedUsers.remove(userId);
                mUserLru.remove(Integer.valueOf(userId));
                updateStartedUserArrayLU();
-                forceStopUser = true;
            }
        }
-        if (forceStopUser) {
+
+        if (stopped) {
            mInjector.getUserManagerInternal().removeUserState(userId);
            mInjector.activityManagerOnUserStopped(userId);
            // Clean up all state and processes associated with the user.
@@ -755,12 +756,23 @@ class UserController implements Handler.Callback {
            if (getUserInfo(userId).isEphemeral()) {
                mInjector.getUserManager().removeUserEvenWhenDisallowed(userId);
            }
-            // Evict the user's credential encryption key.
-            try {
-                getStorageManager().lockUserKey(userId);
-            } catch (RemoteException re) {
-                throw re.rethrowAsRuntimeException();
-            }
+
+            // Evict the user's credential encryption key. Performed on FgThread to make it
+            // serialized with call to UserManagerService.onBeforeUnlockUser in finishUserUnlocking
+            // to prevent data corruption.
+            FgThread.getHandler().post(() -> {
+                synchronized (mLock) {
+                    if (mStartedUsers.get(userId) != null) {
+                        Slog.w(TAG, "User was restarted, skipping key eviction");
+                        return;
+                    }
+                }
+                try {
+                    getStorageManager().lockUserKey(userId);
+                } catch (RemoteException re) {
+                    throw re.rethrowAsRuntimeException();
+                }
+            });
        }
    }