diff options
| author | 2024-07-30 15:50:40 +0000 | |
|---|---|---|
| committer | 2024-08-02 23:11:45 +0000 | |
| commit | f6823e71d0a7dc868600f9a9d207984df2c52e7b (patch) | |
| tree | 1e9c6529a62dfded1ab1c7d6d37f67982d06fd80 /wifi/java/src | |
| parent | f6f830510922e417352837955fa03dbe5d5ca4ca (diff) | |
Update WifiKeystore and WifiMigration behavior
when the supplicant cannot access WifiBlobstore.
On vendor partitions that are <= T, the supplicant
will expect certs to be in the Legacy Keystore
database. This means that:
- New certs should be stored in Legacy Keystore
- Certificates should not be migrated out of
Legacy Keystore on bootup.
Bug: 353140706
Flag: EXEMPT bugfix
Test: atest WifiKeystoreTest WifiMigrationTest
Test: Manual test - verify that the certs are
stored in the expected database on a V
device and a V sys + T vend device
Change-Id: Ic7c49b5b3d1ad310b23f201d20c45b4fee142d22
Diffstat (limited to 'wifi/java/src')
| -rw-r--r-- | wifi/java/src/android/net/wifi/WifiKeystore.java | 15 | ||||
| -rw-r--r-- | wifi/java/src/android/net/wifi/WifiMigration.java | 4 |
2 files changed, 15 insertions, 4 deletions
diff --git a/wifi/java/src/android/net/wifi/WifiKeystore.java b/wifi/java/src/android/net/wifi/WifiKeystore.java index 2ba7468a8c9c..59f14a94b514 100644 --- a/wifi/java/src/android/net/wifi/WifiKeystore.java +++ b/wifi/java/src/android/net/wifi/WifiKeystore.java @@ -36,6 +36,8 @@ import java.util.Set; @SuppressLint("UnflaggedApi") // Promoting from @SystemApi(MODULE_LIBRARIES) public final class WifiKeystore { private static final String TAG = "WifiKeystore"; + private static final String sPrimaryDbName = + WifiBlobStore.supplicantCanAccessBlobstore() ? "WifiBlobstore" : "LegacyKeystore"; /** @hide */ WifiKeystore() { @@ -57,8 +59,13 @@ public final class WifiKeystore { // are able to access the same values. final long identity = Binder.clearCallingIdentity(); try { - Log.i(TAG, "put blob. alias " + alias); - return WifiBlobStore.getInstance().put(alias, blob); + Log.i(TAG, "put blob. alias=" + alias + ", primaryDb=" + sPrimaryDbName); + if (WifiBlobStore.supplicantCanAccessBlobstore()) { + return WifiBlobStore.getInstance().put(alias, blob); + } else { + WifiBlobStore.getLegacyKeystore().put(alias, Process.WIFI_UID, blob); + return true; + } } catch (Exception e) { Log.e(TAG, "Failed to put blob.", e); return false; @@ -80,7 +87,7 @@ public final class WifiKeystore { public static @NonNull byte[] get(@NonNull String alias) { final long identity = Binder.clearCallingIdentity(); try { - Log.i(TAG, "get blob. alias " + alias); + Log.i(TAG, "get blob. alias=" + alias + ", primaryDb=" + sPrimaryDbName); byte[] blob = WifiBlobStore.getInstance().get(alias); if (blob != null) { return blob; @@ -112,7 +119,7 @@ public final class WifiKeystore { boolean legacyKsSuccess = false; final long identity = Binder.clearCallingIdentity(); try { - Log.i(TAG, "remove blob. alias " + alias); + Log.i(TAG, "remove blob. alias=" + alias + ", primaryDb=" + sPrimaryDbName); blobStoreSuccess = WifiBlobStore.getInstance().remove(alias); // Legacy Keystore will throw an exception if the alias is not found. WifiBlobStore.getLegacyKeystore().remove(alias, Process.WIFI_UID); diff --git a/wifi/java/src/android/net/wifi/WifiMigration.java b/wifi/java/src/android/net/wifi/WifiMigration.java index 6ea20ecdac6e..7df1d4b47204 100644 --- a/wifi/java/src/android/net/wifi/WifiMigration.java +++ b/wifi/java/src/android/net/wifi/WifiMigration.java @@ -577,6 +577,10 @@ public final class WifiMigration { @FlaggedApi(Flags.FLAG_LEGACY_KEYSTORE_TO_WIFI_BLOBSTORE_MIGRATION_READ_ONLY) @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES) public static void migrateLegacyKeystoreToWifiBlobstore() { + if (!WifiBlobStore.supplicantCanAccessBlobstore()) { + Log.i(TAG, "Avoiding migration since supplicant cannot access WifiBlobstore"); + return; + } final long identity = Binder.clearCallingIdentity(); try { ILegacyKeystore legacyKeystore = WifiBlobStore.getLegacyKeystore(); |