diff options
| author | 2024-06-26 07:16:29 +0000 | |
|---|---|---|
| committer | 2024-06-26 07:16:29 +0000 | |
| commit | c85d5febdc186f7fa1af2d0a6bdf705683437a98 (patch) | |
| tree | eb19fc52399b1ad6b211dbca388cd4e27b0a63ac /libs/androidfw/StringPool.cpp | |
| parent | 2fb8cb913fdcee3508eb24f8d6c0230bf8ad1947 (diff) | |
Delete keystore keys from RecoveryService.rebootRecoveryWithCommand()
Adds deleteSecrets() to RecoverySystemService. This method is called
from rebootRecoveryWithCommand () before the --wipe_data command is
passed to recovery and the device is force-rebooted.
deleteSecerts() calls IKeystoreMaintenance.deleteAllKeys() in order to
quickly destroy the keys protecting the synthetic password blobs
used to derive FBE encryption keys.
The intent is to make FBE-encrypted data unrecoverable even if the full
data wipe in recovery is interrupted or skipped.
Bug: 324321147
Test: Manual - System -> Reset options -> Erase all data.
Test: Hold VolDown key to interrupt reboot and stop at bootloader
screen.
Test: fastboot oem bcd wipe command && fastboot oem bcd wipe recovery
Test: fastboot reboot
Test: Device reboots into recovery and prompts to factory reset:
Test: 'Cannot load Android system. Your data may be corrupt. ...'
(cherry picked from https://android-review.googlesource.com/q/commit:0d00031851e9f5d8ef93947205a7e8b5257f0d8d)
Merged-In: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a
Change-Id: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a
Ignore-AOSP-First: Security fix backport
Diffstat (limited to 'libs/androidfw/StringPool.cpp')
0 files changed, 0 insertions, 0 deletions