| commit | 0b1c7697e71f9503c66c4ea3d1b53dd540d5d11b | [log] [tgz] |
|---|---|---|
| author | Eric Stone <ecstone@google.com> | Sat Dec 03 00:30:35 2022 +0000 |
| committer | releases-try-builder <releases-try-builder@fuchsia-infra.iam.gserviceaccount.com> | Mon Dec 05 22:21:09 2022 +0000 |
| tree | 1faff35726a5221988a50fb2ceeab4524fb74684 | |
| parent | 77011911159b8d931a6a90340dd303e356d4fe11 [diff] |
[kms-stateless] Ignore empty filename in WatchTee If the file watcher is activated before the optee driver is ready, it will can return an empty filename as a result for the watcher to process. If this isn't guarded against, WatchTee will proceed to make a request to the optee driver, which will fail and trigger an immediate retry. The result is a race condition in which fshost asks kms-stateless for the device key to unseal zxcrypt for minfs before optee is ready. After 5 retries, fshost gives up and leaves the device in a state where minfs remains encrypted. Adding this check allows the watcher to continue watching for the actual device to show up instead of trying to proceed with an empty value. Bug: b/260904369 Test: Manual Change-Id: I987f4f1e60ea0410a4bb27f93cbf9313bb5d689e Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/770386 Reviewed-by: Dmitry Yatsushkevich <dmitryya@google.com> Commit-Queue: Eric Stone <ecstone@google.com>
Fuchsia is an open source, general purpose operating system supporting modern 64-bit Intel and ARM processors.
We expect everyone interacting with our project to respect our code of conduct.
Read more about Fuchsia's principles.
See Getting Started.
See fuchsia.dev.