Fix multiple issues with the keystore grant mechanism
1. Ungrant did not check the callers uid which allowed any caller
to remove grants to any key.
2. Grants were not removed when a key was deleted.
3. clean_uid did not clear the grant cache of the target uid.
This would leave state grants that could have been used
by a new app that happend to get the same uid as the one
that was previously uninstalled.
4. Various paths did not respect grants: del, exist, getmtime
The del path was particularly awkward because it is required
by upgradeKeyBlob. This means it must work when a key that needs
upgrading is accessed through a grant alias.
Bug: 65851049
Change-Id: I6709b7562d47ad6156bee88a9e2d961f8a4a797d
diff --git a/keystore/keystore.h b/keystore/keystore.h
index 39761bb..a0b747f 100644
--- a/keystore/keystore.h
+++ b/keystore/keystore.h
@@ -70,6 +70,8 @@
const BlobType type);
android::String8 getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid,
const BlobType type);
+ NullOr<android::String8> getBlobFileNameIfExists(const android::String8& alias, uid_t uid,
+ const BlobType type);
/*
* Delete entries owned by userId. If keepUnencryptedEntries is true
@@ -88,7 +90,8 @@
uid_t userId);
std::string addGrant(const char* alias, uid_t granterUid, uid_t granteeUid);
- bool removeGrant(const char* alias, uid_t granteeUid);
+ bool removeGrant(const char* alias, const uid_t granterUid, const uid_t granteeUid);
+ void removeAllGrantsToUid(const uid_t granteeUid);
ResponseCode importKey(const uint8_t* key, size_t keyLen, const char* filename, uid_t userId,
int32_t flags);