Delete grants to an app when its namespace is cleared.
Currently, if there is a grant to user ID 1 for app ID A and then app
ID A is uninstalled, a new app installed for user ID 1 with the same
app ID A will inherit the grant, which would give it access to a key
it shouldn't have access to.
Bug: 372415590
Test: atest keystore2_test
Change-Id: I5d354019881185c6629dd36f4bcd1ed51a88bb52
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs
index aacaa92..8f5617f 100644
--- a/keystore2/src/database.rs
+++ b/keystore2/src/database.rs
@@ -2528,7 +2528,19 @@
);",
params![domain.0, namespace, KeyType::Client],
)
- .context("Trying to delete grants.")?;
+ .context(format!(
+ "Trying to delete grants issued for keys in domain {:?} and namespace {:?}.",
+ domain.0, namespace
+ ))?;
+ if domain == Domain::APP {
+ // Keystore uses the UID instead of the namespace argument for Domain::APP, so we
+ // just need to delete rows where grantee == namespace.
+ tx.execute("DELETE FROM persistent.grant WHERE grantee = ?;", params![namespace])
+ .context(format!(
+ "Trying to delete received grants for domain {:?} and namespace {:?}.",
+ domain.0, namespace
+ ))?;
+ }
tx.execute(
"DELETE FROM persistent.keyentry
WHERE domain = ? AND namespace = ? AND key_type = ?;",