Invoke BLKSECDISCARD to securely delete sensitive data

Bug: 34600579 Test: manual - change device lock under synthetic password, verify old data on disk is erased. Change-Id: I247bd1f095dd27335e671981f9e2d77e149af84f
2017-04-27 17:01:05 +01:00
parent 74fa79e6d6
commit aa32d15305
9 changed files with 64 additions and 19 deletions
--- a/core/java/android/os/storage/IStorageManager.aidl
+++ b/core/java/android/os/storage/IStorageManager.aidl
@@ -295,4 +295,5 @@ interface IStorageManager {
    long getCacheSizeBytes(String volumeUuid, int uid) = 76;
    long getAllocatableBytes(String volumeUuid, int flags) = 77;
    void allocateBytes(String volumeUuid, long bytes, int flags) = 78;
+    void secdiscard(in String path) = 79;
 }
--- a/core/java/android/os/storage/StorageManager.java
+++ b/core/java/android/os/storage/StorageManager.java
@@ -1251,6 +1251,15 @@ public class StorageManager {
        }
    }

+    /** {@hide} */
+    public void secdiscard(String path) {
+        try {
+            mStorageManager.secdiscard(path);
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
+    }
+
    /** {@hide} */
    public static boolean isUserKeyUnlocked(int userId) {
        if (sStorageManager == null) {