Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
RESTRICT AUTOMERGE Delete keystore keys from RecoveryService.rebootRe…
…coveryWithCommand() Adds deleteSecrets() to RecoverySystemService. This method is called from rebootRecoveryWithCommand () before the --wipe_data command is passed to recovery and the device is force-rebooted. deleteSecerts() calls IKeystoreMaintenance.deleteAllKeys() in order to quickly destroy the keys protecting the synthetic password blobs used to derive FBE encryption keys. The intent is to make FBE-encrypted data unrecoverable even if the full data wipe in recovery is interrupted or skipped. Bug: 324321147 Test: Manual - System -> Reset options -> Erase all data. Test: Hold VolDown key to interrupt reboot and stop at bootloader screen. Test: fastboot oem bcd wipe command && fastboot oem bcd wipe recovery Test: fastboot reboot Test: Device reboots into recovery and prompts to factory reset: Test: 'Cannot load Android system. Your data may be corrupt. ...' (cherry picked from https://android-review.googlesource.com/q/commit:0d00031851e9f5d8ef93947205a7e8b5257f0d8d) Ignore-AOSP-First: Security fix backport (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:dfbaa7295390de97ae2e8b154cc9be5512108ac4) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d020a38e4148a642e2f06363e27cce60097efa5d) Merged-In: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a Change-Id: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a
- Loading branch information