root@arter97-dgist:~/caf/platform/system/security# git log --no-merges @^..@|ca

1. root@arter97-dgist:~/caf/platform/system/security# git log --no-merges @^..@|cat
2. commit 0a62361d9ffd460afcaa32d8550f357e9c1e0812
3. Author: Janis Danisevskis <jdanis@google.com>
4. Date: Fri Oct 4 11:01:54 2019 -0700
5.  
6. Fix memory leak in keystore
7.  
8. The operation device map needs to be cleand up on finish regardless of
9. whether the operations succeeds of fails. The operation lifecycle ends
10. in any case.
11.  
12. Bug: 141317862
13. Test: Generate key and perform repeated operations.
14. Watch memory consumptoin not raise with using:
15. adb shell dumpsys meminfo keystore
16.  
17. Merged-In: I3a25aa67f121832640848a38398c523e20a2c6df
18. Change-Id: I3a25aa67f121832640848a38398c523e20a2c6df
19.  
20. commit 85735d8693cfee84989112263131f0d1cf0d3be4
21. Author: Janis Danisevskis <jdanis@google.com>
22. Date: Wed Aug 14 13:42:19 2019 -0700
23.  
24. Fix memory leak in keystore
25.  
26. When operations are aborted by an app or an app dies, tokens are not
27. removed from the device token map. This patch moves the this map from
28. key_store_service to KeyStore so that it can be accessed by the
29. keymaster workers. It also adds calls to removeOperationDevice to the
30. binderDied hook of the keymaster workers as well as to keystore service
31. abort.
32.  
33. Add a call to removeOperationDevice() inside pruneOperation() function on
34. keystore/keymaster_worker.cpp
35.  
36. Bug: 139383076
37. Bug: 141317862
38. Test: atest keystore_unit_tests (passed)
39.  
40. Merged-In: I90d4dc9d4510f4ac250022c89240a742b9e8d4b4
41. Change-Id: I90d4dc9d4510f4ac250022c89240a742b9e8d4b4
42.  
43. commit 3c04bca28a68b9a0148b9ec7fcd4f53d27b151a5
44. Author: Shawn Willden <swillden@google.com>
45. Date: Tue Oct 1 17:43:43 2019 -0600
46.  
47. Fix handling of user password changes.
48.  
49. A bug introduced in a patch intended to upgrade keystore master keys
50. to use AES-256 and SHA-256 instead of AES-128 and SHA1 causes the
51. newly-updated master key to fail to be retrievable ever again. Making
52. this worse, after five successive failures, keystore decided that all
53. the data is bad and wipes the user's keystore. This problem happens
54. on every password change if the master key is 128 bits. Luckily,
55. since the introduction of synthetic passwords to support escrow
56. tokens, the password presented to keystore is the synthetic password,
57. which never changes. So this problem only crops up in devices that
58. did not have synthetic passwords (launched with Android N or earlier),
59. were not upgraded to O DR1 (when synthetic passwords were enabled by
60. default), were never factory reset or had their password removed and
61. re-added during all of that time and were then upgraded to P or Q,
62. when the master key upgrade code was present.
63.  
64. This CL fixes the upgrade process so that updated master keys can be
65. used. It doesn't change the key size, the keys stay 128 bits, but now
66. they're readable and usable. Factory resetting allows an entirely
67. new master key to be generated, which will be AES-256.
68.  
69. Note that the keystore master key is not really essential to the
70. security of Keystore keys. They're also encrypted by the secure
71. world (TEE or SE), which is their primary protection. The master key
72. just provides a cryptographic dependency on the user's password, so
73. that in the event of a secure world break the attacker still has to
74. brute force the user's password to recover the key material, or use of
75. the protected keys.
76.  
77. Bug: 129970023
78. Test: Manual
79. Change-Id: I8ce2bb2359cf822039c137bb6bb1fc225da47c29
80.  
81. commit 58e675567c446b77c6ec83d8e07fecbd829f60ae
82. Author: Shawn Willden <swillden@google.com>
83. Date: Wed Oct 2 08:58:22 2019 -0600
84.  
85. Encrypt AES-256 keystore master keys.
86.  
87. ag/5984229 that added support for AES-256 master keys inadvertently
88. caused them not to be encyrpted by the user's password. This is less
89. damaging to security than it might appear because these keys are also
90. encrypted by Keymaster, in the TEE or StrongBox.
91.  
92. Bug: 141955555
93. Test: Manually verify password is encryption on a userdebug build.
94. Change-Id: Ic5e82546df67346e4c348273cf4fe2bac382c9dc
95. Merged-In: Ie44a4097e058bd5b9e45aa73115c266b9570a4fc
96.  
97. commit 921d3a3678408af3598ef6bd8ec8f8afd4f6ee2e
98. Author: Shawn Willden <swillden@google.com>
99. Date: Wed Oct 2 08:58:22 2019 -0600
100.  
101. Encrypt AES-256 keystore master keys.
102.  
103. ag/5984229 that added support for AES-256 master keys inadvertently
104. caused them not to be encyrpted by the user's password. This is less
105. damaging to security than it might appear because these keys are also
106. encrypted by Keymaster, in the TEE or StrongBox.
107.  
108. Bug: 141955555
109. Test: Manually verify password is encryption on a userdebug build.
110. Change-Id: Ic5e82546df67346e4c348273cf4fe2bac382c9dc
111.  
112. commit b951bc53174bc583e7b76c40982aa82da8b01854
113. Author: Shawn Willden <swillden@google.com>
114. Date: Wed Oct 2 08:58:22 2019 -0600
115.  
116. Encrypt AES-256 keystore master keys.
117.  
118. ag/5984229 that added support for AES-256 master keys inadvertently
119. caused them not to be encyrpted by the user's password. This is less
120. damaging to security than it might appear because these keys are also
121. encrypted by Keymaster, in the TEE or StrongBox.
122.  
123. Bug: 141955555
124. Test: Manually verify password is encryption on a userdebug build.
125. Change-Id: Ic5e82546df67346e4c348273cf4fe2bac382c9dc