Keystore 2.0: Fix racy super key management. The super key and user state management performs concurrent lookups and cache updates that can put keystore2 in an inconsistent state which may lead to loss of keys. It is unlikely that this data loss was trigered, because system server does not call keystore2 in the way required to cause problems. Test: keystore2_tests and CTS tests for regression testing. Bug: 213942761 Change-Id: Ieedb4806403d3aa7175c98f2dca26532ff609cea

commit: 0fd25a6107fa8053abc0c72395f5d11c5fc85055 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Tue Jan 04 19:53:37 2022 -0800
committer: Janis Danisevskis <jdanis@google.com> Thu Jan 27 13:05:45 2022 -0800
tree: ae34634ba46688233b0b6a0cb4439b59f9996a16
parent: ff86de42e23446845eb837646c6516e5d12026cb [diff] [blame]
diff --git a/keystore2/src/enforcements.rs b/keystore2/src/enforcements.rs
index 2407525..ade4751 100644
--- a/keystore2/src/enforcements.rs
+++ b/keystore2/src/enforcements.rs

@@ -602,7 +602,7 @@
         }
 
         if let Some(level) = max_boot_level {
-            if !SUPER_KEY.level_accessible(level) {
+            if !SUPER_KEY.read().unwrap().level_accessible(level) {
                 return Err(Error::Km(Ec::BOOT_LEVEL_EXCEEDED))
                     .context("In authorize_create: boot level is too late.");
             }
commit	0fd25a6107fa8053abc0c72395f5d11c5fc85055	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Tue Jan 04 19:53:37 2022 -0800
committer	Janis Danisevskis <jdanis@google.com>	Thu Jan 27 13:05:45 2022 -0800
tree	ae34634ba46688233b0b6a0cb4439b59f9996a16
parent	ff86de42e23446845eb837646c6516e5d12026cb [diff] [blame]