| commit | 8b7b2c66ca96d711fb364cbcc9d655197d9743e0 | [log] [tgz] |
|---|---|---|
| author | Nikolay Elenkov <nikolayelenkov@google.com> | Wed Jun 26 07:16:29 2024 +0000 |
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | Wed Jul 10 22:17:10 2024 +0000 |
| tree | 1fb5aa1464e45d989b955d297ab86f9cefdd2a31 | |
| parent | e7af00cafb52a25933ec4edb80c5111d42af0237 [diff] |
Delete keystore keys from RecoveryService.rebootRecoveryWithCommand() Adds deleteSecrets() to RecoverySystemService. This method is called from rebootRecoveryWithCommand () before the --wipe_data command is passed to recovery and the device is force-rebooted. deleteSecerts() calls IKeystoreMaintenance.deleteAllKeys() in order to quickly destroy the keys protecting the synthetic password blobs used to derive FBE encryption keys. The intent is to make FBE-encrypted data unrecoverable even if the full data wipe in recovery is interrupted or skipped. Bug: 324321147 Test: Manual - System -> Reset options -> Erase all data. Test: Hold VolDown key to interrupt reboot and stop at bootloader screen. Test: fastboot oem bcd wipe command && fastboot oem bcd wipe recovery Test: fastboot reboot Test: Device reboots into recovery and prompts to factory reset: Test: 'Cannot load Android system. Your data may be corrupt. ...' (cherry picked from https://android-review.googlesource.com/q/commit:0d00031851e9f5d8ef93947205a7e8b5257f0d8d) Ignore-AOSP-First: Security fix backport (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c85d5febdc186f7fa1af2d0a6bdf705683437a98) Merged-In: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a Change-Id: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a