Delete the user key when deleting a user.
BUG=19706593
Change-Id: I36ec1b987f5a07450c6a564c74f124ec8d3403ad
diff --git a/services/core/java/com/android/server/MountService.java b/services/core/java/com/android/server/MountService.java
index 8c6c25b..7e6dd5b 100644
--- a/services/core/java/com/android/server/MountService.java
+++ b/services/core/java/com/android/server/MountService.java
@@ -2336,6 +2336,35 @@
}
}
+ // ext4enc:TODO duplication between this and createNewUserDir is nasty
+ @Override
+ public void deleteUserKey(int userHandle) {
+ if (Binder.getCallingUid() != Process.SYSTEM_UID) {
+ throw new SecurityException("Only SYSTEM_UID can delete user keys");
+ }
+
+ waitForReady();
+
+ if (DEBUG_EVENTS) {
+ Slog.i(TAG, "Deleting user key");
+ }
+
+ try {
+ NativeDaemonEvent event = mConnector.execute(
+ "cryptfs", "deleteuserkey", userHandle);
+ if (!"0".equals(event.getMessage())) {
+ String error = "deleteuserkey sent unexpected message: "
+ + event.getMessage();
+ Slog.e(TAG, error);
+ // ext4enc:TODO is this the right exception?
+ throw new RuntimeException(error);
+ }
+ } catch (NativeDaemonConnectorException e) {
+ Slog.e(TAG, "deleteuserkey threw exception", e);
+ throw new RuntimeException("deleteuserkey threw exception", e);
+ }
+ }
+
@Override
public int mkdirs(String callingPkg, String appPath) {
final int userId = UserHandle.getUserId(Binder.getCallingUid());
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 15d1535a..d859442 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -42,6 +42,7 @@
import android.os.ServiceManager;
import android.os.UserHandle;
import android.os.UserManager;
+import android.os.storage.StorageManager;
import android.util.AtomicFile;
import android.util.Log;
import android.util.Slog;
@@ -1444,6 +1445,8 @@
}
private void removeUserStateLocked(final int userHandle) {
+ mContext.getSystemService(StorageManager.class)
+ .deleteUserKey(userHandle);
// Cleanup package manager settings
mPm.cleanUpUserLILPw(this, userHandle);