From: Paul Crowley <paulcrowley@google.com>
Date: Tue, 27 Jun 2017 16:33:39 +0000 (-0700)
Subject: resolve merge conflicts of 4ad7784 to stage-aosp-master
X-Git-Tag: android-x86-9.0-r1~104^2^2~2^2
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=ddb542f5745d37a8d5b72732f67a4e60b895254b;p=android-x86%2Fsystem-vold.git

resolve merge conflicts of 4ad7784 to stage-aosp-master

Test: Build seems to be unrelatedly broken
Change-Id: I2df307aa1c7134f217c558495e1438412480f324
Merged-In: I6ccfe0894551ba068de9bf5e23fe4fd1e10e36b1
---

ddb542f5745d37a8d5b72732f67a4e60b895254b
diff --cc Ext4Crypt.cpp
index 2d4ae89,e04d547..74617ec
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@@ -134,10 -133,17 +134,17 @@@ static bool fill_key(const std::string
      return true;
  }
  
- static std::string keyname(const std::string& raw_ref) {
+ static char const* const NAME_PREFIXES[] = {
+     "ext4",
+     "f2fs",
+     "fscrypt",
+     nullptr
+ };
+ 
+ static std::string keyname(const std::string& prefix, const std::string& raw_ref) {
      std::ostringstream o;
-     o << "ext4:";
+     o << prefix << ":";
 -    for (auto i : raw_ref) {
 +    for (unsigned char i : raw_ref) {
          o << std::hex << std::setw(2) << std::setfill('0') << (int)i;
      }
      return o.str();
@@@ -526,36 -524,6 +534,40 @@@ bool e4crypt_vold_create_user_key(useri
      return true;
  }
  
 +static bool evict_key(const std::string &raw_ref) {
-     auto ref = keyname(raw_ref);
 +    key_serial_t device_keyring;
 +    if (!e4crypt_keyring(&device_keyring)) return false;
-     auto key_serial = keyctl_search(device_keyring, "logon", ref.c_str(), 0);
- 
-     // Unlink the key from the keyring.  Prefer unlinking to revoking or
-     // invalidating, since unlinking is actually no less secure currently, and
-     // it avoids bugs in certain kernel versions where the keyring key is
-     // referenced from places it shouldn't be.
-     if (keyctl_unlink(key_serial, device_keyring) != 0) {
-         PLOG(ERROR) << "Failed to unlink key with serial " << key_serial << " ref " << ref;
-         return false;
++    bool success = true;
++    for (char const* const* name_prefix = NAME_PREFIXES; *name_prefix != nullptr; name_prefix++) {
++        auto ref = keyname(*name_prefix, raw_ref);
++        auto key_serial = keyctl_search(device_keyring, "logon", ref.c_str(), 0);
++
++        // Unlink the key from the keyring.  Prefer unlinking to revoking or
++        // invalidating, since unlinking is actually no less secure currently, and
++        // it avoids bugs in certain kernel versions where the keyring key is
++        // referenced from places it shouldn't be.
++        if (keyctl_unlink(key_serial, device_keyring) != 0) {
++            PLOG(ERROR) << "Failed to unlink key with serial " << key_serial << " ref " << ref;
++            success = false;
++        } else {
++            LOG(DEBUG) << "Unlinked key with serial " << key_serial << " ref " << ref;
++        }
 +    }
-     LOG(DEBUG) << "Unlinked key with serial " << key_serial << " ref " << ref;
-     return true;
++    return success;
 +}
 +
 +static bool evict_ce_key(userid_t user_id) {
 +    s_ce_keys.erase(user_id);
 +    bool success = true;
 +    std::string raw_ref;
 +    // If we haven't loaded the CE key, no need to evict it.
 +    if (lookup_key_ref(s_ce_key_raw_refs, user_id, &raw_ref)) {
 +        success &= evict_key(raw_ref);
 +    }
 +    s_ce_key_raw_refs.erase(user_id);
 +    return success;
 +}
 +
  bool e4crypt_destroy_user_key(userid_t user_id) {
      LOG(DEBUG) << "e4crypt_destroy_user_key(" << user_id << ")";
      if (!e4crypt_is_native()) {