Blame - keystore/KeyStore.cpp - android_system_security

2012-02-15 15:00:46 -0800

[diff] [blame]

1

/*

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

2

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

3

*

4

* Licensed under the Apache License, Version 2.0 (the "License");

5

* you may not use this file except in compliance with the License.

6

* You may obtain a copy of the License at

7

*

8

* http://www.apache.org/licenses/LICENSE-2.0

9

*

10

* Unless required by applicable law or agreed to in writing, software

11

* distributed under the License is distributed on an "AS IS" BASIS,

12

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

13

* See the License for the specific language governing permissions and

14

* limitations under the License.

15

*/

16

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

17

#define LOG_TAG "keystore"

18

Shawn Willden

fa5702f

2017-12-03 15:14:58 -0700

[diff] [blame]

19

#include "KeyStore.h"

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

20

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

21

#include <dirent.h>

22

#include <fcntl.h>

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

23

Kenny Root

822c3a9

2012-03-23 16:34:39 -0700

[diff] [blame]

24

#include <openssl/bio.h>

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

25

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

26

#include <utils/String16.h>

Janis Danisevskis

6905c33

2017-09-01 13:24:23 -0700

[diff] [blame]

27

#include <utils/String8.h>

Kenny Root

2012-02-15 17:20:23 -0800

[diff] [blame]

28

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

29

#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

30

#include <android/security/IKeystoreService.h>

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

31

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

32

#include "keystore_utils.h"

33

#include "permissions.h"

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

34

#include <keystore/keystore_hidl_support.h>

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

35

Shawn Willden

c67a8aa

2017-12-03 17:51:29 -0700

[diff] [blame]

36

namespace keystore {

37

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

38

const char* KeyStore::kOldMasterKey = ".masterkey";

39

const char* KeyStore::kMetaDataFile = ".metadata";

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

40

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

41

const android::String16 KeyStore::kRsaKeyType("RSA");

42

const android::String16 KeyStore::kEcKeyType("EC");

Riley Spahn

eaabae9

2014-06-30 12:39:52 -0700

[diff] [blame]

43

Janis Danisevskis

6905c33

2017-09-01 13:24:23 -0700

[diff] [blame]

44

using android::String8;

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

45

Shawn Willden

c67a8aa

2017-12-03 17:51:29 -0700

[diff] [blame]

46

KeyStore::KeyStore(Entropy* entropy, const sp<Keymaster>& device, const sp<Keymaster>& fallback,

Janis Danisevskis

e8ba180

2017-01-30 10:49:51 +0000

[diff] [blame]

47

bool allowNewFallback)

48

: mEntropy(entropy), mDevice(device), mFallbackDevice(fallback),

49

mAllowNewFallback(allowNewFallback) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

50

memset(&mMetaData, '\0', sizeof(mMetaData));

Kenny Root

2012-02-15 17:20:23 -0800

[diff] [blame]

51

}

52

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

53

KeyStore::~KeyStore() {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

54

for (android::Vector<UserState*>::iterator it(mMasterKeys.begin()); it != mMasterKeys.end();

55

it++) {

56

delete *it;

Shawn Willden

2015-07-28 11:06:00 -0600

[diff] [blame]

57

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

58

mMasterKeys.clear();

Shawn Willden

2015-07-28 11:06:00 -0600

[diff] [blame]

59

}

60

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

61

ResponseCode KeyStore::initialize() {

62

readMetaData();

63

if (upgradeKeystore()) {

64

writeMetaData();

Shawn Willden

2015-07-28 11:06:00 -0600

[diff] [blame]

65

}

66

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

67

return ResponseCode::NO_ERROR;

Shawn Willden

2015-07-28 11:06:00 -0600

[diff] [blame]

68

}

69

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

70

ResponseCode KeyStore::initializeUser(const android::String8& pw, uid_t userId) {

71

UserState* userState = getUserState(userId);

72

return userState->initialize(pw, mEntropy);

Chad Brubaker

fc18edc

2015-01-12 15:17:18 -0800

[diff] [blame]

73

}

74

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

75

ResponseCode KeyStore::copyMasterKey(uid_t srcUser, uid_t dstUser) {

76

UserState* userState = getUserState(dstUser);

77

UserState* initState = getUserState(srcUser);

78

return userState->copyMasterKey(initState);

Kenny Root

2012-02-15 17:20:23 -0800

[diff] [blame]

79

}

80

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

81

ResponseCode KeyStore::writeMasterKey(const android::String8& pw, uid_t userId) {

82

UserState* userState = getUserState(userId);

83

return userState->writeMasterKey(pw, mEntropy);

Shawn Willden

2015-07-28 11:06:00 -0600

[diff] [blame]

84

}

85

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

86

ResponseCode KeyStore::readMasterKey(const android::String8& pw, uid_t userId) {

87

UserState* userState = getUserState(userId);

88

return userState->readMasterKey(pw, mEntropy);

Kenny Root

4946890

2013-03-19 13:41:33 -0700

[diff] [blame]

89

}

90

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

91

/* Here is the encoding of keys. This is necessary in order to allow arbitrary

92

* characters in keys. Characters in [0-~] are not encoded. Others are encoded

93

* into two bytes. The first byte is one of [+-.] which represents the first

94

* two bits of the character. The second byte encodes the rest of the bits into

95

* [0-o]. Therefore in the worst case the length of a key gets doubled. Note

96

* that Base64 cannot be used here due to the need of prefix match on keys. */

97

Kenny Root

655b958

2013-04-04 08:37:42 -0700

[diff] [blame]

98

static size_t encode_key_length(const android::String8& keyName) {

99

const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string());

100

size_t length = keyName.length();

101

for (int i = length; i > 0; --i, ++in) {

102

if (*in < '0' || *in > '~') {

++length;

}

}

return length;

}

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

109

static int encode_key(char* out, const android::String8& keyName) {

110

const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string());

111

size_t length = keyName.length();

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

112

for (int i = length; i > 0; --i, ++in, ++out) {

Kenny Root

655b958

2013-04-04 08:37:42 -0700

[diff] [blame]

113

if (*in < '0' || *in > '~') {

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

114

*out = '+' + (*in >> 6);

115

*++out = '0' + (*in & 0x3F);

116

++length;

Kenny Root

655b958

2013-04-04 08:37:42 -0700

[diff] [blame]

117

} else {

118

*out = *in;

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

119

}

120

}

121

*out = '\0';

Kenny Root

2012-02-15 17:20:23 -0800

[diff] [blame]

return length;

}

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

125

android::String8 KeyStore::getKeyName(const android::String8& keyName, const BlobType type) {

Bin Chen

cfd95ae

2016-08-22 12:16:09 +1000

[diff] [blame]

126

std::vector<char> encoded(encode_key_length(keyName) + 1); // add 1 for null char

127

encode_key(encoded.data(), keyName);

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

128

if (type == TYPE_KEY_CHARACTERISTICS) {

Tucker Sylvestro

2016-10-06 15:09:48 -0400

[diff] [blame]

129

return android::String8::format(".chr_%s", encoded.data());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

130

} else {

Tucker Sylvestro

2016-10-06 15:09:48 -0400

[diff] [blame]

131

return android::String8(encoded.data());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

132

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

133

}

134

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

135

android::String8 KeyStore::getKeyNameForUid(const android::String8& keyName, uid_t uid,

136

const BlobType type) {

Bin Chen

cfd95ae

2016-08-22 12:16:09 +1000

[diff] [blame]

137

std::vector<char> encoded(encode_key_length(keyName) + 1); // add 1 for null char

138

encode_key(encoded.data(), keyName);

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

139

if (type == TYPE_KEY_CHARACTERISTICS) {

Tucker Sylvestro

2016-10-06 15:09:48 -0400

[diff] [blame]

140

return android::String8::format(".%u_chr_%s", uid, encoded.data());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

141

} else {

Tucker Sylvestro

2016-10-06 15:09:48 -0400

[diff] [blame]

142

return android::String8::format("%u_%s", uid, encoded.data());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

143

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

144

}

145

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

146

android::String8 KeyStore::getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid,

147

const BlobType type) {

Bin Chen

cfd95ae

2016-08-22 12:16:09 +1000

[diff] [blame]

148

std::vector<char> encoded(encode_key_length(keyName) + 1); // add 1 for null char

149

encode_key(encoded.data(), keyName);

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

150

151

if (type == TYPE_KEY_CHARACTERISTICS) {

152

return android::String8::format("%s/.%u_chr_%s", getUserStateByUid(uid)->getUserDirName(),

Tucker Sylvestro

2016-10-06 15:09:48 -0400

[diff] [blame]

153

uid, encoded.data());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

154

} else {

155

return android::String8::format("%s/%u_%s", getUserStateByUid(uid)->getUserDirName(), uid,

Tucker Sylvestro

2016-10-06 15:09:48 -0400

[diff] [blame]

156

encoded.data());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

157

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

158

}

159

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

160

NullOr<android::String8> KeyStore::getBlobFileNameIfExists(const android::String8& alias, uid_t uid,

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

161

const BlobType type) {

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

162

android::String8 filepath8(getKeyNameForUidWithDir(alias, uid, type));

163

164

if (!access(filepath8.string(), R_OK | W_OK)) return filepath8;

165

166

// If this is one of the legacy UID->UID mappings, use it.

167

uid_t euid = get_keystore_euid(uid);

168

if (euid != uid) {

169

filepath8 = getKeyNameForUidWithDir(alias, euid, type);

170

if (!access(filepath8.string(), R_OK | W_OK)) return filepath8;

171

}

172

173

// They might be using a granted key.

174

auto grant = mGrants.get(uid, alias.string());

175

if (grant) {

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

176

filepath8 = String8::format(

177

"%s/%s", grant->owner_dir_name_.c_str(),

178

getKeyNameForUid(String8(grant->alias_.c_str()), grant->owner_uid_, type).c_str());

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

179

if (!access(filepath8.string(), R_OK | W_OK)) return filepath8;

}

return {};

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

184

void KeyStore::resetUser(uid_t userId, bool keepUnenryptedEntries) {

185

android::String8 prefix("");

186

android::Vector<android::String16> aliases;

187

UserState* userState = getUserState(userId);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

188

if (list(prefix, &aliases, userId) != ResponseCode::NO_ERROR) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

189

return;

190

}

191

for (uint32_t i = 0; i < aliases.size(); i++) {

192

android::String8 filename(aliases[i]);

193

filename = android::String8::format("%s/%s", userState->getUserDirName(),

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

194

getKeyName(filename, TYPE_ANY).string());

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

195

bool shouldDelete = true;

196

if (keepUnenryptedEntries) {

197

Blob blob;

198

ResponseCode rc = get(filename, &blob, ::TYPE_ANY, userId);

199

Shawn Willden

07aebe7

2017-02-28 13:53:24 -0700

[diff] [blame]

200

switch (rc) {

201

case ResponseCode::SYSTEM_ERROR:

202

case ResponseCode::VALUE_CORRUPTED:

203

// If we can't read blobs, delete them.

shouldDelete = true;

break;

case ResponseCode::NO_ERROR:

208

case ResponseCode::LOCKED:

209

// Delete encrypted blobs but keep unencrypted blobs and super-encrypted blobs. We

210

// need to keep super-encrypted blobs so we can report that the user is

211

// unauthenticated if a caller tries to use them, rather than reporting that they

212

// don't exist.

213

shouldDelete = blob.isEncrypted();

break;

default:

ALOGE("Got unexpected return code %d from KeyStore::get()", rc);

218

// This shouldn't happen. To be on the safe side, delete it.

219

shouldDelete = true;

220

break;

221

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

222

}

223

if (shouldDelete) {

224

del(filename, ::TYPE_ANY, userId);

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

225

226

// del() will fail silently if no cached characteristics are present for this alias.

227

android::String8 chr_filename(aliases[i]);

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

228

chr_filename = android::String8::format(

229

"%s/%s", userState->getUserDirName(),

230

getKeyName(chr_filename, TYPE_KEY_CHARACTERISTICS).string());

Tucker Sylvestro

2016-08-05 18:02:47 -0400

[diff] [blame]

231

del(chr_filename, ::TYPE_KEY_CHARACTERISTICS, userId);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

232

}

233

}

234

if (!userState->deleteMasterKey()) {

235

ALOGE("Failed to delete user %d's master key", userId);

236

}

237

if (!keepUnenryptedEntries) {

238

if (!userState->reset()) {

239

ALOGE("Failed to remove user %d's directory", userId);

}

}

}

bool KeyStore::isEmpty(uid_t userId) const {

245

const UserState* userState = getUserState(userId);

246

if (userState == NULL) {

return true;

}

DIR* dir = opendir(userState->getUserDirName());

if (!dir) {

return true;

}

bool result = true;

struct dirent* file;

while ((file = readdir(dir)) != NULL) {

258

// We only care about files.

259

if (file->d_type != DT_REG) {

continue;

}

// Skip anything that starts with a "."

264

if (file->d_name[0] == '.') {

continue;

}

result = false;

break;

}

closedir(dir);

return result;

}

void KeyStore::lock(uid_t userId) {

276

UserState* userState = getUserState(userId);

277

userState->zeroizeMasterKeysInMemory();

278

userState->setState(STATE_LOCKED);

279

}

280

281

ResponseCode KeyStore::get(const char* filename, Blob* keyBlob, const BlobType type, uid_t userId) {

282

UserState* userState = getUserState(userId);

283

ResponseCode rc =

Shawn Willden

e983058

2017-04-18 10:47:57 -0600

[diff] [blame]

284

keyBlob->readBlob(filename, userState->getEncryptionKey(), userState->getState());

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

285

if (rc != ResponseCode::NO_ERROR) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

return rc;

}

const uint8_t version = keyBlob->getVersion();

290

if (version < CURRENT_BLOB_VERSION) {

291

/* If we upgrade the key, we need to write it to disk again. Then

292

* it must be read it again since the blob is encrypted each time

293

* it's written.

294

*/

295

if (upgradeBlob(filename, keyBlob, version, type, userId)) {

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

296

if ((rc = this->put(filename, keyBlob, userId)) != ResponseCode::NO_ERROR ||

Shawn Willden

e983058

2017-04-18 10:47:57 -0600

[diff] [blame]

297

(rc = keyBlob->readBlob(filename, userState->getEncryptionKey(),

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

298

userState->getState())) != ResponseCode::NO_ERROR) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

return rc;

}

}

}

/*

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

305

* This will upgrade software-backed keys to hardware-backed keys.

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

306

*/

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

307

if (rc == ResponseCode::NO_ERROR && type == TYPE_KEY_PAIR && keyBlob->isFallback()) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

308

ResponseCode imported =

309

importKey(keyBlob->getValue(), keyBlob->getLength(), filename, userId,

310

keyBlob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE);

311

Shawn Willden

07aebe7

2017-02-28 13:53:24 -0700

[diff] [blame]

312

// The HAL allowed the import, reget the key to have the "fresh" version.

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

313

if (imported == ResponseCode::NO_ERROR) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

314

rc = get(filename, keyBlob, TYPE_KEY_PAIR, userId);

}

}

// Keymaster 0.3 keys are valid keymaster 1.0 keys, so silently upgrade.

319

if (keyBlob->getType() == TYPE_KEY_PAIR) {

320

keyBlob->setType(TYPE_KEYMASTER_10);

321

rc = this->put(filename, keyBlob, userId);

322

}

323

324

if (type != TYPE_ANY && keyBlob->getType() != type) {

325

ALOGW("key found but type doesn't match: %d vs %d", keyBlob->getType(), type);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

326

return ResponseCode::KEY_NOT_FOUND;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

}

return rc;

}

ResponseCode KeyStore::put(const char* filename, Blob* keyBlob, uid_t userId) {

333

UserState* userState = getUserState(userId);

334

return keyBlob->writeBlob(filename, userState->getEncryptionKey(), userState->getState(),

mEntropy);

}

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

338

static NullOr<std::tuple<uid_t, std::string>> filename2UidAlias(const std::string& filename);

339

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

340

ResponseCode KeyStore::del(const char* filename, const BlobType type, uid_t userId) {

341

Blob keyBlob;

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

342

auto uidAlias = filename2UidAlias(filename);

343

uid_t uid;

344

std::string alias;

345

if (uidAlias.isOk()) {

346

std::tie(uid, alias) = std::move(uidAlias).value();

347

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

348

ResponseCode rc = get(filename, &keyBlob, type, userId);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

349

if (rc == ResponseCode::VALUE_CORRUPTED) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

350

// The file is corrupt, the best we can do is rm it.

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

351

if (uidAlias.isOk()) {

352

// remove possible grants

353

mGrants.removeAllGrantsToKey(uid, alias);

354

}

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

355

return (unlink(filename) && errno != ENOENT) ? ResponseCode::SYSTEM_ERROR

356

: ResponseCode::NO_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

357

}

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

358

if (rc != ResponseCode::NO_ERROR) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

return rc;

}

Janis Danisevskis

2017-01-30 10:27:10 +0000

[diff] [blame]

362

auto& dev = getDevice(keyBlob);

363

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

364

if (keyBlob.getType() == ::TYPE_KEY_PAIR || keyBlob.getType() == ::TYPE_KEYMASTER_10) {

Janis Danisevskis

69c434a

2017-01-30 10:27:10 +0000

[diff] [blame]

365

auto ret = KS_HANDLE_HIDL_ERROR(dev->deleteKey(blob2hidlVec(keyBlob)));

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

366

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

367

// A device doesn't have to implement delete_key.

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

368

if (ret != ErrorCode::OK && ret != ErrorCode::UNIMPLEMENTED)

369

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

370

}

371

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

372

rc =

373

(unlink(filename) && errno != ENOENT) ? ResponseCode::SYSTEM_ERROR : ResponseCode::NO_ERROR;

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

374

375

if (rc == ResponseCode::NO_ERROR && keyBlob.getType() != ::TYPE_KEY_CHARACTERISTICS) {

376

// now that we have successfully deleted a key, let's make sure there are no stale grants

377

if (uidAlias.isOk()) {

378

mGrants.removeAllGrantsToKey(uid, alias);

379

}

380

}

381

return rc;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

382

}

383

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

384

/*

385

* Converts from the "escaped" format on disk to actual name.

386

* This will be smaller than the input string.

387

*

388

* Characters that should combine with the next at the end will be truncated.

389

*/

390

static size_t decode_key_length(const char* in, size_t length) {

391

size_t outLength = 0;

392

393

for (const char* end = in + length; in < end; in++) {

394

/* This combines with the next character. */

395

if (*in < '0' || *in > '~') {

continue;

}

outLength++;

}

return outLength;

}

static void decode_key(char* out, const char* in, size_t length) {

405

for (const char* end = in + length; in < end; in++) {

406

if (*in < '0' || *in > '~') {

407

/* Truncate combining characters at the end. */

if (in + 1 >= end) {

break;

}

*out = (*in++ - '+') << 6;

413

*out++ |= (*in - '0') & 0x3F;

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

414

} else {

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

415

*out++ = *in;

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

416

}

417

}

418

*out = '\0';

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

419

}

420

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

421

static NullOr<std::tuple<uid_t, std::string>> filename2UidAlias(const std::string& filepath) {

422

auto filenamebase = filepath.find_last_of('/');

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

423

std::string filename =

424

filenamebase == std::string::npos ? filepath : filepath.substr(filenamebase + 1);

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

425

426

if (filename[0] == '.') return {};

427

428

auto sep = filename.find('_');

429

if (sep == std::string::npos) return {};

430

431

std::stringstream s(filename.substr(0, sep));

uid_t uid;

s >> uid;

if (!s) return {};

auto alias = filename.substr(sep + 1);

437

438

std::vector<char> alias_buffer(decode_key_length(alias.c_str(), alias.size()) + 1);

439

440

decode_key(alias_buffer.data(), alias.c_str(), alias.size());

441

return std::tuple<uid_t, std::string>(uid, alias_buffer.data());

442

}

443

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

444

ResponseCode KeyStore::list(const android::String8& prefix,

445

android::Vector<android::String16>* matches, uid_t userId) {

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

446

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

447

UserState* userState = getUserState(userId);

448

size_t n = prefix.length();

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

449

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

450

DIR* dir = opendir(userState->getUserDirName());

451

if (!dir) {

452

ALOGW("can't open directory for user: %s", strerror(errno));

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

453

return ResponseCode::SYSTEM_ERROR;

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

454

}

455

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

456

struct dirent* file;

457

while ((file = readdir(dir)) != NULL) {

458

// We only care about files.

459

if (file->d_type != DT_REG) {

460

continue;

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

461

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

462

463

// Skip anything that starts with a "."

464

if (file->d_name[0] == '.') {

465

continue;

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

466

}

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

467

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

468

if (!strncmp(prefix.string(), file->d_name, n)) {

469

const char* p = &file->d_name[n];

470

size_t plen = strlen(p);

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

471

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

472

size_t extra = decode_key_length(p, plen);

473

char* match = (char*)malloc(extra + 1);

474

if (match != NULL) {

475

decode_key(match, p, plen);

476

matches->push(android::String16(match, extra));

477

free(match);

Chad Brubaker

df70517

2015-06-17 20:17:51 -0700

[diff] [blame]

478

} else {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

479

ALOGW("could not allocate match of size %zd", extra);

Chad Brubaker

df70517

2015-06-17 20:17:51 -0700

[diff] [blame]

480

}

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

481

}

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

482

}

483

closedir(dir);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

484

return ResponseCode::NO_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

485

}

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

486

Janis Danisevskis

6905c33

2017-09-01 13:24:23 -0700

[diff] [blame]

487

std::string KeyStore::addGrant(const char* alias, uid_t granterUid, uid_t granteeUid) {

488

return mGrants.put(granteeUid, alias, getUserStateByUid(granterUid)->getUserDirName(),

489

granterUid);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

490

}

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

491

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

492

bool KeyStore::removeGrant(const char* alias, const uid_t granterUid, const uid_t granteeUid) {

493

return mGrants.removeByFileAlias(granteeUid, granterUid, alias);

494

}

495

void KeyStore::removeAllGrantsToUid(const uid_t granteeUid) {

496

mGrants.removeAllGrantsToUid(granteeUid);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

497

}

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

498

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

499

ResponseCode KeyStore::importKey(const uint8_t* key, size_t keyLen, const char* filename,

500

uid_t userId, int32_t flags) {

501

Unique_PKCS8_PRIV_KEY_INFO pkcs8(d2i_PKCS8_PRIV_KEY_INFO(NULL, &key, keyLen));

502

if (!pkcs8.get()) {

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

503

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

504

}

505

Unique_EVP_PKEY pkey(EVP_PKCS82PKEY(pkcs8.get()));

506

if (!pkey.get()) {

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

507

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

508

}

509

int type = EVP_PKEY_type(pkey->type);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

510

AuthorizationSet params;

511

add_legacy_key_authorizations(type, &params);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

512

switch (type) {

513

case EVP_PKEY_RSA:

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

514

params.push_back(TAG_ALGORITHM, Algorithm::RSA);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

515

break;

516

case EVP_PKEY_EC:

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

517

params.push_back(TAG_ALGORITHM, Algorithm::EC);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

518

break;

519

default:

520

ALOGW("Unsupported key type %d", type);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

521

return ResponseCode::SYSTEM_ERROR;

Chad Brubaker

2015-06-04 15:01:46 -0700

[diff] [blame]

522

}

523

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

524

AuthorizationSet opParams(params);

525

hidl_vec<uint8_t> blob;

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

526

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

527

ErrorCode error;

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

528

auto hidlCb = [&](ErrorCode ret, const hidl_vec<uint8_t>& keyBlob,

529

const KeyCharacteristics& /* ignored */) {

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

530

error = ret;

531

if (error != ErrorCode::OK) return;

532

blob = keyBlob;

533

};

534

auto input = blob2hidlVec(key, keyLen);

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

535

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

536

ErrorCode rc = KS_HANDLE_HIDL_ERROR(

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

537

mDevice->importKey(params.hidl_data(), KeyFormat::PKCS8, input, hidlCb));

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

538

if (rc != ErrorCode::OK) return ResponseCode::SYSTEM_ERROR;

539

if (error != ErrorCode::OK) {

540

ALOGE("Keymaster error %d importing key pair", error);

541

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

542

}

543

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

544

Blob keyBlob(&blob[0], blob.size(), NULL, 0, TYPE_KEYMASTER_10);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

545

546

keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

547

keyBlob.setFallback(false);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

548

549

return put(filename, &keyBlob, userId);

550

}

551

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

552

bool KeyStore::isHardwareBacked(const android::String16& keyType) const {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

553

if (mDevice == NULL) {

554

ALOGW("can't get keymaster device");

555

return false;

556

}

Janis Danisevskis

e2b6caf

2017-03-02 16:37:10 -0800

[diff] [blame]

557

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

558

auto version = mDevice->halVersion();

559

if (version.error != ErrorCode::OK) {

560

ALOGE("Failed to get HAL version info");

Janis Danisevskis

e2b6caf

2017-03-02 16:37:10 -0800

[diff] [blame]

561

return false;

562

}

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

563

564

if (!version.isSecure) return false;

565

566

if (keyType == kRsaKeyType) return true; // All versions support RSA

567

return keyType == kEcKeyType && version.supportsEc;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

568

}

569

570

ResponseCode KeyStore::getKeyForName(Blob* keyBlob, const android::String8& keyName,

571

const uid_t uid, const BlobType type) {

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

572

auto filepath8 = getBlobFileNameIfExists(keyName, uid, type);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

573

uid_t userId = get_user_id(uid);

574

Dmitry Dementyev

2017-10-27 23:09:53 -0700

[diff] [blame]

575

if (filepath8.isOk()) return get(filepath8.value().string(), keyBlob, type, userId);

Riley Spahn

eaabae9

2014-06-30 12:39:52 -0700

[diff] [blame]

576

Janis Danisevskis

2017-09-21 11:29:47 -0700

[diff] [blame]

577

return ResponseCode::KEY_NOT_FOUND;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

578

}

579

580

UserState* KeyStore::getUserState(uid_t userId) {

581

for (android::Vector<UserState*>::iterator it(mMasterKeys.begin()); it != mMasterKeys.end();

582

it++) {

583

UserState* state = *it;

584

if (state->getUserId() == userId) {

return state;

}

}

UserState* userState = new UserState(userId);

590

if (!userState->initialize()) {

591

/* There's not much we can do if initialization fails. Trying to

592

* unlock the keystore for that user will fail as well, so any

593

* subsequent request for this user will just return SYSTEM_ERROR.

594

*/

595

ALOGE("User initialization failed for %u; subsuquent operations will fail", userId);

596

}

597

mMasterKeys.add(userState);

return userState;

}

UserState* KeyStore::getUserStateByUid(uid_t uid) {

602

uid_t userId = get_user_id(uid);

603

return getUserState(userId);

604

}

605

606

const UserState* KeyStore::getUserState(uid_t userId) const {

607

for (android::Vector<UserState*>::const_iterator it(mMasterKeys.begin());

608

it != mMasterKeys.end(); it++) {

609

UserState* state = *it;

610

if (state->getUserId() == userId) {

return state;

}

}

return NULL;

}

const UserState* KeyStore::getUserStateByUid(uid_t uid) const {

619

uid_t userId = get_user_id(uid);

620

return getUserState(userId);

621

}

622

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

623

bool KeyStore::upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion,

Janis Danisevskis

2017-09-20 15:08:49 -0700

[diff] [blame]

624

const BlobType type, uid_t userId) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

625

bool updated = false;

626

uint8_t version = oldVersion;

627

628

/* From V0 -> V1: All old types were unknown */

629

if (version == 0) {

630

ALOGV("upgrading to version 1 and setting type %d", type);

631

632

blob->setType(type);

633

if (type == TYPE_KEY_PAIR) {

Janis Danisevskis

2017-09-20 15:08:49 -0700

[diff] [blame]

634

importBlobAsKey(blob, filename, userId);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

}

version = 1;

updated = true;

}

/* From V1 -> V2: All old keys were encrypted */

641

if (version == 1) {

642

ALOGV("upgrading to version 2");

643

644

blob->setEncrypted(true);

645

version = 2;

646

updated = true;

Kenny Root

2012-02-15 15:00:46 -0800

[diff] [blame]

647

}

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

648

649

/*

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

650

* If we've updated, set the key blob to the right version

651

* and write it.

Kenny Root

2012-11-02 15:41:02 -0700

[diff] [blame]

652

*/

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

653

if (updated) {

654

ALOGV("updated and writing file %s", filename);

655

blob->setVersion(version);

656

}

Kenny Root

2012-02-15 17:20:23 -0800

[diff] [blame]

657

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

return updated;

}

struct BIO_Delete {

void operator()(BIO* p) const { BIO_free(p); }

663

};

Janis Danisevskis

ccfff10

2017-05-01 11:02:51 -0700

[diff] [blame]

664

typedef std::unique_ptr<BIO, BIO_Delete> Unique_BIO;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

665

Janis Danisevskis

2017-09-20 15:08:49 -0700

[diff] [blame]

666

ResponseCode KeyStore::importBlobAsKey(Blob* blob, const char* filename, uid_t userId) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

667

// We won't even write to the blob directly with this BIO, so const_cast is okay.

668

Unique_BIO b(BIO_new_mem_buf(const_cast<uint8_t*>(blob->getValue()), blob->getLength()));

669

if (b.get() == NULL) {

670

ALOGE("Problem instantiating BIO");

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

671

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

672

}

673

674

Unique_EVP_PKEY pkey(PEM_read_bio_PrivateKey(b.get(), NULL, NULL, NULL));

675

if (pkey.get() == NULL) {

676

ALOGE("Couldn't read old PEM file");

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

677

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

678

}

679

680

Unique_PKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey.get()));

681

int len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), NULL);

682

if (len < 0) {

683

ALOGE("Couldn't measure PKCS#8 length");

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

684

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

685

}

686

Janis Danisevskis

ccfff10

2017-05-01 11:02:51 -0700

[diff] [blame]

687

std::unique_ptr<unsigned char[]> pkcs8key(new unsigned char[len]);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

688

uint8_t* tmp = pkcs8key.get();

689

if (i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &tmp) != len) {

690

ALOGE("Couldn't convert to PKCS#8");

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

691

return ResponseCode::SYSTEM_ERROR;

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

692

}

693

Janis Danisevskis

2017-09-20 15:08:49 -0700

[diff] [blame]

694

ResponseCode rc = importKey(pkcs8key.get(), len, filename, userId,

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

695

blob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE);

Janis Danisevskis

2016-10-13 18:43:45 +0100

[diff] [blame]

696

if (rc != ResponseCode::NO_ERROR) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

return rc;

}

Janis Danisevskis

2017-09-20 15:08:49 -0700

[diff] [blame]

700

return get(filename, blob, TYPE_KEY_PAIR, userId);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

701

}

702

703

void KeyStore::readMetaData() {

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

704

int in = TEMP_FAILURE_RETRY(open(kMetaDataFile, O_RDONLY));

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

if (in < 0) {

return;

}

size_t fileLength = readFully(in, (uint8_t*)&mMetaData, sizeof(mMetaData));

709

if (fileLength != sizeof(mMetaData)) {

710

ALOGI("Metadata file is %zd bytes (%zd experted); upgrade?", fileLength, sizeof(mMetaData));

}

close(in);

}

void KeyStore::writeMetaData() {

716

const char* tmpFileName = ".metadata.tmp";

717

int out =

718

TEMP_FAILURE_RETRY(open(tmpFileName, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR));

719

if (out < 0) {

720

ALOGE("couldn't write metadata file: %s", strerror(errno));

721

return;

722

}

723

size_t fileLength = writeFully(out, (uint8_t*)&mMetaData, sizeof(mMetaData));

724

if (fileLength != sizeof(mMetaData)) {

725

ALOGI("Could only write %zd bytes to metadata file (%zd expected)", fileLength,

726

sizeof(mMetaData));

727

}

728

close(out);

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

729

rename(tmpFileName, kMetaDataFile);

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

730

}

731

732

bool KeyStore::upgradeKeystore() {

733

bool upgraded = false;

734

735

if (mMetaData.version == 0) {

736

UserState* userState = getUserStateByUid(0);

737

738

// Initialize first so the directory is made.

739

userState->initialize();

740

741

// Migrate the old .masterkey file to user 0.

Shawn Willden

2017-12-04 13:55:14 -0700

[diff] [blame]

742

if (access(kOldMasterKey, R_OK) == 0) {

743

if (rename(kOldMasterKey, userState->getMasterKeyFileName()) < 0) {

Shawn Willden

2016-01-26 22:44:56 -0700

[diff] [blame]

744

ALOGE("couldn't migrate old masterkey: %s", strerror(errno));

return false;

}

}

// Initialize again in case we had a key.

750

userState->initialize();

751

752

// Try to migrate existing keys.

753

DIR* dir = opendir(".");

754

if (!dir) {

755

// Give up now; maybe we can upgrade later.

756

ALOGE("couldn't open keystore's directory; something is wrong");

return false;

}

struct dirent* file;

while ((file = readdir(dir)) != NULL) {

762

// We only care about files.

763

if (file->d_type != DT_REG) {

continue;

}

// Skip anything that starts with a "."

768

if (file->d_name[0] == '.') {

continue;

}

// Find the current file's user.

773

char* end;

774

unsigned long thisUid = strtoul(file->d_name, &end, 10);

775

if (end[0] != '_' || end[1] == 0) {

776

continue;

777

}

778

UserState* otherUser = getUserStateByUid(thisUid);

779

if (otherUser->getUserId() != 0) {

780

unlinkat(dirfd(dir), file->d_name, 0);

781

}

782

783

// Rename the file into user directory.

784

DIR* otherdir = opendir(otherUser->getUserDirName());

785

if (otherdir == NULL) {

786

ALOGW("couldn't open user directory for rename");

787

continue;

788

}

789

if (renameat(dirfd(dir), file->d_name, dirfd(otherdir), file->d_name) < 0) {

790

ALOGW("couldn't rename blob: %s: %s", file->d_name, strerror(errno));

}

closedir(otherdir);

}

closedir(dir);

mMetaData.version = 1;

upgraded = true;

}

return upgraded;

Kenny Root