Google Git
Sign in
android / platform / system / vold / android-cts-8.0_r12^1..android-cts-8.0_r12 / .
commitd0adc9821fc2c23df46f09ca6f76db1d0dfeb778[log] [tgz]
authorandroid-build-team Robot <android-build-team-robot@google.com>Wed May 17 07:20:00 2017 +0000
committerandroid-build-team Robot <android-build-team-robot@google.com>Wed May 17 07:20:00 2017 +0000
tree69c7b05400a6f042860aebe3a98d5a4a076ae2ca
parentf41cf796880ba78467f5cdb9e73eb3808c3928b1 [diff]
parentf8d604caf3f9bf0aed9ef070c40933a94016232b [diff]
release-request-6c498b17-9310-412b-ad36-3dcf25ffef73-for-git_oc-release-4017086 snap-temp-L16500000064871237

Change-Id: I757165e8d8d146d4b57dc008025dfba703e34339

diff --git a/CryptCommandListener.cpp b/CryptCommandListener.cpp
index e4a2d3a..094a474 100644
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp

@@ -414,6 +414,11 @@
         return sendGenericOkFailOnBool(cli,
                 e4crypt_destroy_user_storage(parseNull(argv[2]), atoi(argv[3]), atoi(argv[4])));
 
+    } else if (subcommand == "secdiscard") {
+        if (!check_argc(cli, subcommand, argc, 3, "<path>")) return 0;
+        return sendGenericOkFailOnBool(cli,
+                e4crypt_secdiscard(parseNull(argv[2])));
+
     } else {
         dumpArgs(argc, argv, -1);
         cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs subcommand", false);

diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index e40593e..b41e09c 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp

@@ -830,3 +830,7 @@
 
     return res;
 }
+
+bool e4crypt_secdiscard(const char* path) {
+    return android::vold::runSecdiscardSingle(std::string(path));
+}

diff --git a/Ext4Crypt.h b/Ext4Crypt.h
index 2dcc197..e90167b 100644
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h

@@ -38,4 +38,5 @@
 bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial, int flags);
 bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags);
 
+bool e4crypt_secdiscard(const char* path);
 __END_DECLS

diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 34dd6c0..a36ac6a 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp

@@ -489,6 +489,16 @@
     return true;
 }
 
+bool runSecdiscardSingle(const std::string& file) {
+    if (ForkExecvp(
+            std::vector<std::string>{kSecdiscardPath, "--",
+                file}) != 0) {
+        LOG(ERROR) << "secdiscard failed";
+        return false;
+    }
+    return true;
+}
+
 static bool recursiveDeleteKey(const std::string& dir) {
     if (ForkExecvp(std::vector<std::string>{kRmPath, "-rf", dir}) != 0) {
         LOG(ERROR) << "recursive delete failed";

diff --git a/KeyStorage.h b/KeyStorage.h
index 65458d4..bce6a99 100644
--- a/KeyStorage.h
+++ b/KeyStorage.h

@@ -51,6 +51,7 @@
 // Securely destroy the key stored in the named directory and delete the directory.
 bool destroyKey(const std::string& dir);
 
+bool runSecdiscardSingle(const std::string& file);
 }  // namespace vold
 }  // namespace android