From 2bab97c36830a568083ab60767817ef037c5367d Mon Sep 17 00:00:00 2001
From: Shawn Willden <swillden@google.com>
Date: Thu, 12 Aug 2021 01:03:12 +0000
Subject: [PATCH] Revert "Detect factory reset and deleteAllKeys"

Revert "Add deleteAllKeys to IKeystoreMaintenance"

Revert "Enable deleteAllKeys from vold"

Revert "Allow vold to deleteAllKeys in Keystore"

Revert submission 15521094-vold-deleteAllKeys

Reason for revert: Causes infinite loop in Trusty KeyMint
Reverted Changes:
I9c5c54714:Detect factory reset and deleteAllKeys
I2fb0e94db:Allow vold to deleteAllKeys in Keystore
Id23f25c69:Add deleteAllKeys to IKeystoreMaintenance
Ife779307d:Enable deleteAllKeys from vold
I4312b9a11:Enable deleteAllKeys from vold

Bug: 187105270
Change-Id: I8e2621bef234d0a59be422b8d1d8d52a91378a5e
---
 Keymaster.cpp     | 13 -------------
 Keymaster.h       |  3 ---
 MetadataCrypt.cpp | 11 -----------
 3 files changed, 27 deletions(-)

diff --git a/Keymaster.cpp b/Keymaster.cpp
index 23145504..80386818 100644
--- a/Keymaster.cpp
+++ b/Keymaster.cpp
@@ -230,18 +230,5 @@ void Keymaster::earlyBootEnded() {
     logKeystore2ExceptionIfPresent(rc, "earlyBootEnded");
 }
 
-void Keymaster::deleteAllKeys() {
-    ::ndk::SpAIBinder binder(AServiceManager_getService(maintenance_service_name));
-    auto maint_service = ks2_maint::IKeystoreMaintenance::fromBinder(binder);
-
-    if (!maint_service) {
-        LOG(ERROR) << "Unable to connect to keystore2 maintenance service for deleteAllKeys";
-        return;
-    }
-
-    auto rc = maint_service->deleteAllKeys();
-    logKeystore2ExceptionIfPresent(rc, "deleteAllKeys");
-}
-
 }  // namespace vold
 }  // namespace android
diff --git a/Keymaster.h b/Keymaster.h
index 47bf4a26..1100840b 100644
--- a/Keymaster.h
+++ b/Keymaster.h
@@ -127,9 +127,6 @@ class Keymaster {
     // be created or used.
     static void earlyBootEnded();
 
-    // Tell all Keymint devices to delete all rollback-protected keys.
-    static void deleteAllKeys();
-
   private:
     std::shared_ptr<ks2::IKeystoreSecurityLevel> securityLevel;
     DISALLOW_COPY_AND_ASSIGN(Keymaster);
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index 9038e8d5..dc50679e 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -112,17 +112,6 @@ static bool read_key(const std::string& metadata_key_dir, const KeyGeneration& g
     auto dir = metadata_key_dir + "/key";
     LOG(DEBUG) << "metadata_key_dir/key: " << dir;
     if (!MkdirsSync(dir, 0700)) return false;
-    if (!pathExists(dir)) {
-        auto delete_all = android::base::GetBoolProperty(
-                "ro.crypto.metadata_init_delete_all_keys.enabled", false);
-        if (delete_all) {
-            LOG(INFO) << "Metadata key does not exist, calling deleteAllKeys";
-            Keymaster::deleteAllKeys();
-        } else {
-            LOG(DEBUG) << "Metadata key does not exist but "
-                          "ro.crypto.metadata_init_delete_all_keys.enabled is false";
-        }
-    }
     auto temp = metadata_key_dir + "/tmp";
     return retrieveOrGenerateKey(dir, temp, kEmptyAuthentication, gen, key);
 }