commit 4507f3bdddcae4a0eaf917fdfb2195a0f9f6ce27
author Janis Danisevskis <jdanis@google.com> Wed Jan 13 16:34:39 2021 -0800
committer Janis Danisevskis <jdanis@google.com> Mon Jan 25 11:29:19 2021 -0800
tree 88c8d87e780377311a13d9e2c2a3c78766a20a9a
parent 5ed8c5396092bee52c9a51fb27f244fbde8cb689

Keystore 2.0: Untangle GC from Keystore DB.

Notifying the garbage collector directly from the DB breaks the unit
test because the GC implicitly uses the global DB instance.
This moves GC notification outside of the KeystoreDB.

Also remove #[!allow(dead_code)] from database.rs.

Test: keystore2_test
Change-Id: Ia2812d47ccee05309aaa91063d0d99c853596ea1

keystore2/src/service.rs

diff --git a/keystore2/src/service.rs b/keystore2/src/service.rs
index 9c5a697..f8650e6 100644
--- a/keystore2/src/service.rs
+++ b/keystore2/src/service.rs
@@ -18,7 +18,6 @@
 //! This crate implement the core Keystore 2.0 service API as defined by the Keystore 2.0
 //! AIDL spec.
 
-use crate::error::{self, map_or_log_err, ErrorCode};
 use crate::globals::DB;
 use crate::permission;
 use crate::permission::{KeyPerm, KeystorePerm};
@@ -31,6 +30,10 @@
     database::{KeyEntryLoadBits, KeyType, SubComponentType},
     error::ResponseCode,
 };
+use crate::{
+    error::{self, map_or_log_err, ErrorCode},
+    gc::Gc,
+};
 use android_hardware_security_keymint::aidl::android::hardware::security::keymint::SecurityLevel::SecurityLevel;
 use android_system_keystore2::aidl::android::system::keystore2::{
     Domain::Domain, IKeystoreSecurityLevel::IKeystoreSecurityLevel,
@@ -221,12 +224,16 @@
 
     fn delete_key(&self, key: &KeyDescriptor) -> Result<()> {
         let caller_uid = ThreadState::get_calling_uid();
-        DB.with(|db| {
-            db.borrow_mut().unbind_key(key.clone(), KeyType::Client, caller_uid, |k, av| {
-                check_key_permission(KeyPerm::delete(), k, &av).context("During delete_key.")
+        let need_gc = DB
+            .with(|db| {
+                db.borrow_mut().unbind_key(key.clone(), KeyType::Client, caller_uid, |k, av| {
+                    check_key_permission(KeyPerm::delete(), k, &av).context("During delete_key.")
+                })
             })
-        })
-        .context("In delete_key: Trying to unbind the key.")?;
+            .context("In delete_key: Trying to unbind the key.")?;
+        if need_gc {
+            Gc::notify_gc();
+        }
         Ok(())
     }