Keystore 2.0: Revise GC.
* Store GC relevant information with blobs.
* Marking a key unreferenced now deletes the main key entry and all
associated artifacts from the database except the blobs and their
associated metadata, which is left to the GC.
* The GC is now automatically called by the DB module and it is now
modular enough to use local test GC.
Test: keystore2_test
Change-Id: Iaf9e851d2895c8c457d160052fcab7f8d20e6555
diff --git a/keystore2/src/enforcements.rs b/keystore2/src/enforcements.rs
index fe3bfb5..9c3bc89 100644
--- a/keystore2/src/enforcements.rs
+++ b/keystore2/src/enforcements.rs
@@ -14,13 +14,10 @@
//! This is the Keystore 2.0 Enforcements module.
// TODO: more description to follow.
+use crate::database::{AuthTokenEntry, MonotonicRawTime};
use crate::error::{map_binder_status, Error, ErrorCode};
use crate::globals::{get_timestamp_service, ASYNC_TASK, DB, ENFORCEMENTS};
use crate::key_parameter::{KeyParameter, KeyParameterValue};
-use crate::{
- database::{AuthTokenEntry, MonotonicRawTime},
- gc::Gc,
-};
use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
Algorithm::Algorithm, ErrorCode::ErrorCode as Ec, HardwareAuthToken::HardwareAuthToken,
HardwareAuthenticatorType::HardwareAuthenticatorType,
@@ -305,16 +302,12 @@
if let Some(key_id) = self.key_usage_limited {
// On the last successful use, the key gets deleted. In this case we
// have to notify the garbage collector.
- let need_gc = DB
- .with(|db| {
- db.borrow_mut()
- .check_and_update_key_usage_count(key_id)
- .context("Trying to update key usage count.")
- })
- .context("In after_finish.")?;
- if need_gc {
- Gc::notify_gc();
- }
+ DB.with(|db| {
+ db.borrow_mut()
+ .check_and_update_key_usage_count(key_id)
+ .context("Trying to update key usage count.")
+ })
+ .context("In after_finish.")?;
}
Ok(())
}