Sk Maintenance: payload's rollback protected data
Microdroid now allows payload to (indirectly) store a Secretkeeper
entry. This needs to be plugged into the maintenance database that the
VS keeps. This allows deletion of such entries when the app is
uninstalled.
Test: Builds
Test: logcat -e "Claiming Secretkeeper entry"
Bug: 389631490
Change-Id: I412cd2b0a2ee6f5eabeea700b6b88e830a5f20d9
diff --git a/android/virtualizationservice/src/aidl.rs b/android/virtualizationservice/src/aidl.rs
index f4e64e3..62cede8 100644
--- a/android/virtualizationservice/src/aidl.rs
+++ b/android/virtualizationservice/src/aidl.rs
@@ -196,6 +196,28 @@
service
}
+
+ // Attempt to update the sk_state maintenance database. Errors are ignored - calling app
+ // can not really do much to fix the errors & letting AVF VMs run irrespective of such internal
+ // error is acceptable.
+ fn try_updating_sk_state(&self, id: &[u8; 64]) {
+ let state = &mut *self.state.lock().unwrap();
+ if let Some(sk_state) = &mut state.sk_state {
+ let uid = get_calling_uid();
+ let user_id = multiuser_get_user_id(uid);
+ let app_id = multiuser_get_app_id(uid);
+ info!(
+ "Recording possible new owner of Secretkeeper entry={:?}:
+ (user_id={user_id}, app_id={app_id},)",
+ hex::encode(id)
+ );
+ if let Err(e) = sk_state.add_id(id, user_id, app_id) {
+ error!("Failed to update the Secretkeeper entry owner: {e:?}");
+ }
+ } else {
+ info!("ignoring update of Secretkeeper entry as no ISecretkeeper");
+ }
+ }
}
impl Interface for VirtualizationServiceInternal {}
@@ -467,16 +489,7 @@
.or_service_specific_exception(-1)?;
let uid = get_calling_uid();
info!("Allocated a VM's instance_id: {:?}..., for uid: {:?}", &hex::encode(id)[..8], uid);
- let state = &mut *self.state.lock().unwrap();
- if let Some(sk_state) = &mut state.sk_state {
- let user_id = multiuser_get_user_id(uid);
- let app_id = multiuser_get_app_id(uid);
- info!("Recording possible existence of state for (user_id={user_id}, app_id={app_id})");
- if let Err(e) = sk_state.add_id(&id, user_id, app_id) {
- error!("Failed to record the instance_id: {e:?}");
- }
- }
-
+ self.try_updating_sk_state(&id);
Ok(id)
}
@@ -500,24 +513,8 @@
}
fn claimVmInstance(&self, instance_id: &[u8; 64]) -> binder::Result<()> {
- let state = &mut *self.state.lock().unwrap();
- if let Some(sk_state) = &mut state.sk_state {
- let uid = get_calling_uid();
- info!(
- "Claiming a VM's instance_id: {:?}, for uid: {:?}",
- hex::encode(instance_id),
- uid
- );
-
- let user_id = multiuser_get_user_id(uid);
- let app_id = multiuser_get_app_id(uid);
- info!("Recording possible new owner of state for (user_id={user_id}, app_id={app_id})");
- if let Err(e) = sk_state.add_id(instance_id, user_id, app_id) {
- error!("Failed to update the instance_id owner: {e:?}");
- }
- } else {
- info!("ignoring claimVmInstance() as no ISecretkeeper");
- }
+ info!("Claiming a VM's instance_id: {:?}", hex::encode(instance_id));
+ self.try_updating_sk_state(instance_id);
Ok(())
}
@@ -559,6 +556,12 @@
NETWORK_SERVICE.deleteTapInterface(tap_fd)
}
+
+ fn claimSecretkeeperEntry(&self, id: &[u8; 64]) -> binder::Result<()> {
+ info!("Claiming Secretkeeper entry: {:?}", hex::encode(id));
+ self.try_updating_sk_state(id);
+ Ok(())
+ }
}
impl IVirtualizationMaintenance for VirtualizationServiceInternal {