Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clear secure deletion keys upon factory reset

Browse source 
This ports the gs101 configuration - which clears the secure
deletion keys upon factory reset - to (REDACTED DEVICE), as
suggested by David Drysdale in b/223934835#comment53. In the
absence of this change, the key slots may eventually get filled
up (e.g., by failing tests) and never be released.

Bug: 223934835
Test: Check logcat that keys are cleared after factory reset
Change-Id: I56efb76cb6bb0cdfe2eb9b0ac3ca89e49bfc57f0
(cherry picked from commit 4da7fdc1a7)
This commit is contained in:
Thurston Dang 2022-06-08 00:38:01 +00:00 committed by Armelle Laine
parent 1c1776a05e
commit eeecbaf3cc
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
device.mk
View file

@ -1118,3 +1118,6 @@ DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE := device/google/gs201/device_framework
PRODUCT_COPY_FILES += \ PRODUCT_COPY_FILES += \
frameworks/native/data/etc/android.software.device_id_attestation.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.software.device_id_attestation.xml \ frameworks/native/data/etc/android.software.device_id_attestation.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.software.device_id_attestation.xml \
frameworks/native/data/etc/android.hardware.device_unique_attestation.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.device_unique_attestation.xml frameworks/native/data/etc/android.hardware.device_unique_attestation.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.device_unique_attestation.xml
# Call deleteAllKeys if vold detects a factory reset
PRODUCT_VENDOR_PROPERTIES += ro.crypto.metadata_init_delete_all_keys.enabled=true