commit e15e3cbad50f54d6be4dcbdb04eacf1edc055896
author David Drysdale <drysdale@google.com> Fri Nov 22 11:19:21 2024 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Nov 22 11:19:21 2024 +0000
tree da58f9e940551f4b16b8eea25545692bf9a4f3df
parent 47550b3f17bc44b75d42bb2d1c1adaba8d0f704f
parent ee784bb9f63ebb381f56ff0cf21c0a5d23871a53

Merge "Skip DE-critical system keys on clearNamespace" into main

keystore2/src/legacy_importer.rs

diff --git a/keystore2/src/legacy_importer.rs b/keystore2/src/legacy_importer.rs
index 24f3263..0d8dc4a 100644
--- a/keystore2/src/legacy_importer.rs
+++ b/keystore2/src/legacy_importer.rs
@@ -786,7 +786,7 @@
                 .context(ks_err!("Trying to load legacy blob."))?;
 
             // Determine if the key needs special handling to be deleted.
-            let (need_gc, is_super_encrypted) = km_blob_params
+            let (need_gc, is_super_encrypted, is_de_critical) = km_blob_params
                 .as_ref()
                 .map(|(blob, params)| {
                     let params = match params {
@@ -798,13 +798,18 @@
                             KeyParameterValue::RollbackResistance == *kp.key_parameter_value()
                         }),
                         blob.is_encrypted(),
+                        blob.is_critical_to_device_encryption(),
                     )
                 })
-                .unwrap_or((false, false));
+                .unwrap_or((false, false, false));
 
             if keep_non_super_encrypted_keys && !is_super_encrypted {
                 continue;
             }
+            if uid == rustutils::users::AID_SYSTEM && is_de_critical {
+                log::info!("skip deletion of system key '{alias}' which is DE-critical");
+                continue;
+            }
 
             if need_gc {
                 let mark_deleted = match km_blob_params