Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 3f2955c3259e25104ac35ea631bd2bb1b1e19836^! / . / keystore2 / src / globals.rs
commit3f2955c3259e25104ac35ea631bd2bb1b1e19836[log] [tgz]
authorJanis Danisevskis <jdanis@google.com>Tue Feb 02 21:53:35 2021 -0800
committerJanis Danisevskis <jdanis@google.com>Thu Feb 04 12:50:41 2021 -0800
treedde04e3f7b51d546233446b5464c2d9a0a8109b5
parentb00ebd0c8c0ab677442899a2c89219ae42855e23 [diff] [blame]
Keystore 2.0: No longer transition to database directory.

Keystore no longer transitions to the database directory as its working
directory. This allows keystore to start before data is mounted.

Test: keystore starts and early.
Change-Id: I98272fb0e97e8fe93eb87a657286681c78d28a60

diff --git a/keystore2/src/globals.rs b/keystore2/src/globals.rs
index c488a18..cfaa28c 100644
--- a/keystore2/src/globals.rs
+++ b/keystore2/src/globals.rs

@@ -34,9 +34,9 @@
 use android_security_compat::aidl::android::security::compat::IKeystoreCompatService::IKeystoreCompatService;
 use anyhow::{Context, Result};
 use lazy_static::lazy_static;
-use std::collections::HashMap;
 use std::sync::Mutex;
 use std::{cell::RefCell, sync::Once};
+use std::{collections::HashMap, path::Path, path::PathBuf};
 
 static DB_INIT: Once = Once::new();
 
@@ -45,12 +45,8 @@
 /// we also call KeystoreDB::cleanup_leftovers to restore the key lifecycle invariant. See the
 /// documentation of cleanup_leftovers for more details.
 fn create_thread_local_db() -> KeystoreDB {
-    let mut db = KeystoreDB::new(
-        // Keystore changes to the database directory on startup
-        // (see keystore2_main.rs).
-        &std::env::current_dir().expect("Could not get the current working directory."),
-    )
-    .expect("Failed to open database.");
+    let mut db = KeystoreDB::new(&DB_PATH.lock().expect("Could not get the database directory."))
+        .expect("Failed to open database.");
     DB_INIT.call_once(|| {
         log::info!("Touching Keystore 2.0 database for this first time since boot.");
         db.insert_last_off_body(MonotonicRawTime::now())
@@ -113,6 +109,9 @@
 }
 
 lazy_static! {
+    /// The path where keystore stores all its keys.
+    pub static ref DB_PATH: Mutex<PathBuf> = Mutex::new(
+        Path::new("/data/misc/keystore").to_path_buf());
     /// Runtime database of unwrapped super keys.
     pub static ref SUPER_KEY: SuperKeyManager = Default::default();
     /// Map of KeyMint devices.
@@ -127,7 +126,7 @@
     /// LegacyBlobLoader is initialized and exists globally.
     /// The same directory used by the database is used by the LegacyBlobLoader as well.
     pub static ref LEGACY_BLOB_LOADER: LegacyBlobLoader = LegacyBlobLoader::new(
-        &std::env::current_dir().expect("Could not get the current working directory."));
+        &DB_PATH.lock().expect("Could not get the database path for legacy blob loader."));
 }
 
 static KEYMINT_SERVICE_NAME: &str = "android.hardware.security.keymint.IKeyMintDevice";