From 0b3eca3c05190e5824638f3da25b8b3167dc9d60 Mon Sep 17 00:00:00 2001 From: xshu Date: Tue, 14 Jan 2020 12:12:22 -0800 Subject: fix soft reboot caused by KeyStore exception The Mac handle obtained from AndroidKeyStore is sometimes invalidated by the AndroidKeyStore based on some LRU technique. This change make sure that we always get a valid handle. And adds exception handling to make sure a crash will not happen for the same reason again. If KeyStore continuously fails to generate MAC address, we will use locally generated MAC as it is the next best option. Bug: 146203882 Test: atest FrameworksWifiTests Merged-In: I8a3b810ba95898a96d81fe57979db4787e1a46c4 Change-Id: I8a3b810ba95898a96d81fe57979db4787e1a46c4 (cherry-picked from e299359a6e6e9e13217862f7f66627eccbff46ce) --- .../com/android/server/wifi/MacAddressUtil.java | 10 ++++++++-- .../com/android/server/wifi/WifiConfigManager.java | 22 ++++++++++++---------- 2 files changed, 20 insertions(+), 12 deletions(-) (limited to 'service') diff --git a/service/java/com/android/server/wifi/MacAddressUtil.java b/service/java/com/android/server/wifi/MacAddressUtil.java index effa931a5..4739b6141 100644 --- a/service/java/com/android/server/wifi/MacAddressUtil.java +++ b/service/java/com/android/server/wifi/MacAddressUtil.java @@ -62,8 +62,14 @@ public class MacAddressUtil { if (config == null || hashFunction == null) { return null; } - byte[] hashedBytes = hashFunction.doFinal( - config.getSsidAndSecurityTypeString().getBytes(StandardCharsets.UTF_8)); + byte[] hashedBytes; + try { + hashedBytes = hashFunction.doFinal(config.getSsidAndSecurityTypeString() + .getBytes(StandardCharsets.UTF_8)); + } catch (ProviderException | IllegalStateException e) { + Log.e(TAG, "Failure in calculatePersistentMac", e); + return null; + } ByteBuffer bf = ByteBuffer.wrap(hashedBytes); long longFromSsid = bf.getLong(); /** diff --git a/service/java/com/android/server/wifi/WifiConfigManager.java b/service/java/com/android/server/wifi/WifiConfigManager.java index 80b583feb..c617b9e1f 100644 --- a/service/java/com/android/server/wifi/WifiConfigManager.java +++ b/service/java/com/android/server/wifi/WifiConfigManager.java @@ -76,8 +76,6 @@ import java.util.List; import java.util.Map; import java.util.Set; -import javax.crypto.Mac; - /** * This class provides the APIs to manage configured Wi-Fi networks. * It deals with the following: @@ -278,7 +276,6 @@ public class WifiConfigManager { private final WifiInjector mWifiInjector; private final MacAddressUtil mMacAddressUtil; private boolean mConnectedMacRandomzationSupported; - private Mac mMac; /** * Local log used for debugging any WifiConfigManager issues. @@ -516,7 +513,18 @@ public class WifiConfigManager { mRandomizedMacAddressMapping.remove(config.getSsidAndSecurityTypeString()); } } - return mMacAddressUtil.calculatePersistentMacForConfiguration(config, mMac); + MacAddress result = mMacAddressUtil.calculatePersistentMacForConfiguration( + config, mMacAddressUtil.obtainMacRandHashFunction(Process.WIFI_UID)); + if (result == null) { + result = mMacAddressUtil.calculatePersistentMacForConfiguration( + config, mMacAddressUtil.obtainMacRandHashFunction(Process.WIFI_UID)); + } + if (result == null) { + Log.wtf(TAG, "Failed to generate MAC address from KeyStore even after retrying. " + + "Using locally generated MAC address instead."); + result = MacAddress.createRandomUnicastAddress(); + } + return result; } /** @@ -3146,12 +3154,6 @@ public class WifiConfigManager { * @return true on success or not needed (fresh install), false otherwise. */ public boolean loadFromStore() { - // Get the hashfunction that is used to generate randomized MACs from the KeyStore - mMac = mMacAddressUtil.obtainMacRandHashFunction(Process.WIFI_UID); - if (mMac == null) { - Log.wtf(TAG, "Failed to obtain secret for MAC randomization." - + " All randomized MAC addresses are lost!"); - } // If the user unlock comes in before we load from store, which means the user store have // not been setup yet for the current user. Setup the user store before the read so that // configurations for the current user will also being loaded. -- cgit v1.2.3