commit b615f3beac9681f074f56234142931c66b6e8fbb
author Eric Biggers <ebiggers@google.com> Wed Nov 09 05:48:45 2022 +0000
committer Eric Biggers <ebiggers@google.com> Mon Nov 14 17:45:32 2022 +0000
tree f2693e6b758a4dc127d61eef5a5832e1bb79d790
parent f13b5d9aa2ab42363c41ff64f90a11249851f761

Defer CE key fixations to checkpoint commit

On the first boot after an upgrade, ensure that any Keystore key
deletions triggered by fscrypt_set_user_key_protection() are deferred
until the userdata filesystem checkpoint is committed, so that the
system doesn't end up in a bad state if the checkpoint is rolled back.

Test: see I77d30f9be57de7b7c4818680732331549ecb73c8
Bug: 232452368
Ignore-AOSP-First: depends on other changes in internal master
Change-Id: I59b758bc13b7a2ae270f1a6c409affe2eb61119c

FsCrypt.h

diff --git a/FsCrypt.h b/FsCrypt.h
index 2cb47eb..8d84bdc 100644
--- a/FsCrypt.h
+++ b/FsCrypt.h
@@ -26,6 +26,7 @@
 bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
 bool fscrypt_destroy_user_key(userid_t user_id);
 bool fscrypt_set_user_key_protection(userid_t user_id, const std::string& secret);
+void fscrypt_deferred_fixate_ce_keys();
 
 std::vector<int> fscrypt_get_unlocked_users();
 bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& secret);