Remove now-unnecessary Mutex.
Strong is now Sync (b/164453341), so the Mutex workaround is
redundant.
Bug: 191763370
Test: Manual - builds, key generation & validation still work.
Change-Id: If1cd905046c996569b28377aa1cf325ac5699291
diff --git a/compos/src/compos_key_service.rs b/compos/src/compos_key_service.rs
index 97fd855..0cbe8de 100644
--- a/compos/src/compos_key_service.rs
+++ b/compos/src/compos_key_service.rs
@@ -39,7 +39,6 @@
use ring::signature;
use scopeguard::ScopeGuard;
use std::ffi::CString;
-use std::sync::Mutex;
const LOG_TAG: &str = "CompOsKeyService";
const OUR_SERVICE_NAME: &str = "android.system.composkeyservice";
@@ -68,10 +67,6 @@
struct CompOsKeyService {
random: SystemRandom,
- state: Mutex<State>,
-}
-
-struct State {
security_level: Strong<dyn IKeystoreSecurityLevel>,
}
@@ -102,20 +97,12 @@
fn new(keystore_service: &Strong<dyn IKeystoreService>) -> Self {
Self {
random: SystemRandom::new(),
- state: Mutex::new(State {
- security_level: keystore_service
- .getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT)
- .unwrap(),
- }),
+ security_level: keystore_service
+ .getSecurityLevel(SecurityLevel::TRUSTED_ENVIRONMENT)
+ .unwrap(),
}
}
- fn security_level(&self) -> Strong<dyn IKeystoreSecurityLevel> {
- // We need the Mutex because Strong<_> isn't sync. But we don't need to keep it locked
- // to make the call, once we've cloned the pointer.
- self.state.lock().unwrap().security_level.clone()
- }
-
fn do_generate(&self) -> Result<CompOsKeyData> {
let key_parameters =
[PURPOSE_SIGN, ALGORITHM, PADDING, DIGEST, KEY_SIZE, EXPONENT, NO_AUTH_REQUIRED];
@@ -124,7 +111,7 @@
let entropy = [];
let key_metadata = self
- .security_level()
+ .security_level
.generateKey(&KEY_DESCRIPTOR, attestation_key, &key_parameters, flags, &entropy)
.context("Generating key failed")?;
@@ -154,7 +141,7 @@
let forced = false;
let response = self
- .security_level()
+ .security_level
.createOperation(&key_descriptor, &operation_parameters, forced)
.context("Creating key failed")?;
let operation = scopeguard::guard(