Add "cryptfs deleteuserkey" command to vold.

Bug: 19706593

(cherry-picked from commit eebf44563bf9c6f2795442e8d2bc886e4eb3bbbe)

Change-Id: I50dc4c39595c06bf0016d6a490130bbbc25de91b

diff --git a/CryptCommandListener.cpp b/CryptCommandListener.cpp
index adc2ec6..173be63 100644 (file)
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp
@@ -308,6 +308,16 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli,
         SLOGD("cryptfs createnewuserdir");
         dumpArgs(argc, argv, -1);
         rc = e4crypt_create_new_user_dir(argv[2], argv[3]);
+    } else if (!strcmp(argv[1], "deleteuserkey")) {
+        if (argc != 3) {
+            cli->sendMsg(ResponseCode::CommandSyntaxError,
+                "Usage: cryptfs deleteuserkey <userHandle>", false);
+            return 0;
+        }
+        // ext4enc:TODO: send a CommandSyntaxError if argv[2] not an integer
+        SLOGD("cryptfs deleteuserkey");
+        dumpArgs(argc, argv, -1);
+        rc = e4crypt_delete_user_key(argv[2]);
     } else {
         dumpArgs(argc, argv, -1);
         cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs cmd", false);

diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 7470ff9..cbbea0a 100644 (file)
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -493,12 +493,9 @@ int e4crypt_set_field(const char* path, const char* fieldname,
         .Set(fieldname, std::string(value)) ? 0 : -1;
 }
 
-// ext4enc:TODO this can't be the only place keys are read from /dev/urandom
-// we should unite those places.
-static std::string e4crypt_get_user_key(
+static std::string get_key_path(
     const char *mount_path,
-    const char *user_handle,
-    bool create_if_absent)
+    const char *user_handle)
 {
     // ext4enc:TODO get the path properly
     auto key_dir = android::base::StringPrintf("%s/misc/vold/user_keys",
@@ -507,7 +504,17 @@ static std::string e4crypt_get_user_key(
         SLOGE("Unable to create %s (%s)", key_dir.c_str(), strerror(errno));
         return "";
     }
-    auto key_path = key_dir + "/" + user_handle;
+    return key_dir + "/" + user_handle;
+}
+
+// ext4enc:TODO this can't be the only place keys are read from /dev/urandom
+// we should unite those places.
+static std::string e4crypt_get_user_key(
+    const char *mount_path,
+    const char *user_handle,
+    bool create_if_absent)
+{
+    auto key_path = get_key_path(mount_path, user_handle);
     std::string content;
     if (android::base::ReadFileToString(key_path, &content)) {
         if (content.size() != key_length/8) {
@@ -612,3 +619,16 @@ int e4crypt_set_user_crypto_policies(const char *dir)
     }
     return 0;
 }
+
+int e4crypt_delete_user_key(const char *user_handle) {
+    SLOGD("e4crypt_delete_user_key(\"%s\")", user_handle);
+    auto key_path = get_key_path(DATA_MNT_POINT, user_handle);
+    // ext4enc:TODO delete it securely.
+    // ext4enc:TODO evict the key from the keyring.
+    if (unlink(key_path.c_str()) != 0 && errno != ENOENT) {
+        SLOGE("Unable to delete user key %s: %s\n",
+            key_path.c_str(), strerror(errno));
+        return -1;
+    }
+    return 0;
+}

diff --git a/Ext4Crypt.h b/Ext4Crypt.h
index c502b62..f5c2871 100644 (file)
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h
@@ -20,5 +20,6 @@ int e4crypt_set_field(const char* path, const char* fieldname,
                       const char* value);
 int e4crypt_set_user_crypto_policies(const char *path);
 int e4crypt_create_new_user_dir(const char *user_handle, const char *path);
+int e4crypt_delete_user_key(const char *user_handle);
 
 __END_DECLS