diff options
author | Ellen Arteca <emarteca@google.com> | 2024-04-25 20:46:05 +0000 |
---|---|---|
committer | Ellen Arteca <emarteca@google.com> | 2024-04-25 22:52:55 +0000 |
commit | 08d389fc62208afb1737e1a2c88e6c0b847d0f61 (patch) | |
tree | d31b9af0284aa60a98a57a26071844ad339ac82a | |
parent | 4857d7011dead69039771c5b05807615e859fa1c (diff) | |
download | base-08d389fc62208afb1737e1a2c88e6c0b847d0f61.tar.gz |
Add a finalizer to LockscreenCredential to wipe the LSKF on GC
Adds a finalizer to the `LockscreenCredential` class, which calls
the `zeroize` method to zeroize the LSKF `byte[]`. This ensures that
`LockscreenCredential` objects that were not closed still have their
data wiped when they are garbage collected.
This is part of an effort to remove instances of the LSKF available
in a RAMdump.
Bug: 320392352
Test: atest com.android.server.locksettings
Change-Id: Id7f1f102cdaa182659e2632bdaf81bd2c46d0f86
-rw-r--r-- | core/java/com/android/internal/widget/LockscreenCredential.java | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/core/java/com/android/internal/widget/LockscreenCredential.java b/core/java/com/android/internal/widget/LockscreenCredential.java index 18d5f6db6ac9..54b9a225f944 100644 --- a/core/java/com/android/internal/widget/LockscreenCredential.java +++ b/core/java/com/android/internal/widget/LockscreenCredential.java @@ -386,6 +386,11 @@ public class LockscreenCredential implements Parcelable, AutoCloseable { } @Override + public void finalize() { + zeroize(); + } + + @Override public int hashCode() { // Effective Java — Always override hashCode when you override equals return Objects.hash(mType, Arrays.hashCode(mCredential), mHasInvalidChars); |