Add @SensitiveData tag to IVold
Mitigate data leak across the Binder boundary to Vold, of secrets derived from the LSKF.
Specifically: the `String secret` argument to both `setCeStorageProtection` and `unlockCeStorage` is
a secret derived from the user's synthetic password.
This CL is part of an effort to wipe instances of the LSKF and
secrets derived from it, so they are not available in a RAMdump.
Bug: 320392352
Test: launch_cvd -daemon
Change-Id: I0439f63fd4739bf5a6c957695cc9c3003ec89eb0
1 file changed