Google Git
Sign in
android / platform / system / security / cbc2860
commitcbc2860dd42f0b7bc0b1af2323696524183f4866[log] [tgz]
authorJanis Danisevskis <jdanis@google.com>Tue Jun 15 08:23:46 2021 -0700
committerJanis Danisevskis <jdanis@google.com>Thu Jul 01 21:09:59 2021 -0700
tree2adbdbdcdac40ea568a0f1ac939bbc546227b93f
parent0855263453f9921bfce0384991be5d6713c0e2e1 [diff]
Keystore 2.0 legacy Keystore: Cleanup when app/user removed.

Without this patch apps may leave the legacy keystore in an undefined
state when uninstalled and when the UID is reused the new app would find
stale entries in the legacy keystore.

There is no public API to use legacy keystore, but malicious apps could
use this to leave identifying information across installs.

Ignore-AOSP-First: No mergepath from AOSP.
Bug: 192575371
Test: legacykeystore_test
Change-Id: I06e8a4927af66092140ec84e7f5d83621cbb0b62
6 files changed
tree: 2adbdbdcdac40ea568a0f1ac939bbc546227b93f
  1. fsverity_init/
  2. identity/
  3. keystore/
  4. keystore-engine/
  5. keystore2/
  6. ondevice-signing/
  7. provisioner/
  8. rustfmt.toml ⇨ ../../build/soong/scripts/rustfmt.toml
  9. .clang-format
  10. .gitignore
  11. Android.bp
  12. METADATA
  13. MODULE_LICENSE_APACHE2
  14. NOTICE
  15. OWNERS
  16. PREUPLOAD.cfg