Allow forward locked apps to be in ASECs

We couldn't put forward-locked apps in ASEC containers before since we didn't have any permissioned filesystems. This adds the ability for forward-locked applications to be in ASEC containers. This means that forward locked applications will be able to be on the SD card now. This change also removes the old type of forward-locking that placed parts of apps in /data/app-private. Now all forward-locked applications will be in ASEC containers. Change-Id: I17ae0b0d65a4a965ef33c0ac2c47e990e55707ad
author: Kenny Root <kroot@google.com> 2012-04-12 14:23:49 -0700
committer: Kenny Root <kroot@google.com> 2012-04-25 14:17:02 -0700
commit: 6dceb88f1c7c42c6ab43834af2c993d599895d82 (patch)
tree: cbdc33b4dd84f7ad388a4f331c0e7a3056e142e5 /core/java/com
parent: 7725180c646d1976a2a2097735862a75ec47c544 (diff)
download: frameworks_base-6dceb88f1c7c42c6ab43834af2c993d599895d82.zip
frameworks_base-6dceb88f1c7c42c6ab43834af2c993d599895d82.tar.gz
frameworks_base-6dceb88f1c7c42c6ab43834af2c993d599895d82.tar.bz2
2 files changed, 52 insertions, 23 deletions
diff --git a/core/java/com/android/internal/app/IMediaContainerService.aidl b/core/java/com/android/internal/app/IMediaContainerService.aidl
index 4322a20..727c094 100755
--- a/core/java/com/android/internal/app/IMediaContainerService.aidl
+++ b/core/java/com/android/internal/app/IMediaContainerService.aidl
@@ -22,14 +22,14 @@ import android.content.pm.PackageInfoLite;
 import android.content.res.ObbInfo;
 
 interface IMediaContainerService {
-    String copyResourceToContainer(in Uri packageURI,
-                String containerId,
-                String key, String resFileName);
+    String copyResourceToContainer(in Uri packageURI, String containerId, String key,
+            String resFileName, String publicResFileName, boolean isExternal,
+            boolean isForwardLocked);
     int copyResource(in Uri packageURI,
                 in ParcelFileDescriptor outStream);
     PackageInfoLite getMinimalPackageInfo(in Uri fileUri, in int flags, in long threshold);
-    boolean checkInternalFreeStorage(in Uri fileUri, in long threshold);
-    boolean checkExternalFreeStorage(in Uri fileUri);
+    boolean checkInternalFreeStorage(in Uri fileUri, boolean isForwardLocked, in long threshold);
+    boolean checkExternalFreeStorage(in Uri fileUri, boolean isForwardLocked);
     ObbInfo getObbInfo(in String filename);
     long calculateDirectorySize(in String directory);
     /** Return file system stats: [0] is total bytes, [1] is available bytes */
diff --git a/core/java/com/android/internal/content/PackageHelper.java b/core/java/com/android/internal/content/PackageHelper.java
index 61866e5..48ed561 100644
--- a/core/java/com/android/internal/content/PackageHelper.java
+++ b/core/java/com/android/internal/content/PackageHelper.java
@@ -67,8 +67,8 @@ public class PackageHelper {
         return null;
     }
 
-    public static String createSdDir(int sizeMb, String cid,
-            String sdEncKey, int uid) {
+    public static String createSdDir(int sizeMb, String cid, String sdEncKey, int uid,
+            boolean isExternal) {
         // Create mount point via MountService
         IMountService mountService = getMountService();
 
@@ -76,8 +76,8 @@ public class PackageHelper {
             Log.i(TAG, "Size of container " + sizeMb + " MB");
 
         try {
-            int rc = mountService.createSecureContainer(
-                    cid, sizeMb, "fat", sdEncKey, uid);
+            int rc = mountService.createSecureContainer(cid, sizeMb, "ext4", sdEncKey, uid,
+                    isExternal);
             if (rc != StorageResultCode.OperationSucceeded) {
                 Log.e(TAG, "Failed to create secure container " + cid);
                 return null;
@@ -206,10 +206,21 @@ public class PackageHelper {
        return false;
    }
 
-    public static void extractPublicFiles(String packagePath, File publicZipFile)
+    public static int extractPublicFiles(String packagePath, File publicZipFile)
             throws IOException {
-        final FileOutputStream fstr = new FileOutputStream(publicZipFile);
-        final ZipOutputStream publicZipOutStream = new ZipOutputStream(fstr);
+        final FileOutputStream fstr;
+        final ZipOutputStream publicZipOutStream;
+
+        if (publicZipFile == null) {
+            fstr = null;
+            publicZipOutStream = null;
+        } else {
+            fstr = new FileOutputStream(publicZipFile);
+            publicZipOutStream = new ZipOutputStream(fstr);
+        }
+
+        int size = 0;
+
         try {
             final ZipFile privateZip = new ZipFile(packagePath);
             try {
@@ -219,25 +230,29 @@ public class PackageHelper {
                     if ("AndroidManifest.xml".equals(zipEntryName)
                             || "resources.arsc".equals(zipEntryName)
                             || zipEntryName.startsWith("res/")) {
-                        copyZipEntry(zipEntry, privateZip, publicZipOutStream);
+                        size += zipEntry.getSize();
+                        if (publicZipFile != null) {
+                            copyZipEntry(zipEntry, privateZip, publicZipOutStream);
+                        }
                     }
                 }
             } finally {
-                try {
-                    privateZip.close();
-                } catch (IOException e) {
-                }
+                try { privateZip.close(); } catch (IOException e) {}
             }
 
-            publicZipOutStream.finish();
-            publicZipOutStream.flush();
-            FileUtils.sync(fstr);
-            publicZipOutStream.close();
-            FileUtils.setPermissions(publicZipFile.getAbsolutePath(), FileUtils.S_IRUSR
-                    | FileUtils.S_IWUSR | FileUtils.S_IRGRP | FileUtils.S_IROTH, -1, -1);
+            if (publicZipFile != null) {
+                publicZipOutStream.finish();
+                publicZipOutStream.flush();
+                FileUtils.sync(fstr);
+                publicZipOutStream.close();
+                FileUtils.setPermissions(publicZipFile.getAbsolutePath(), FileUtils.S_IRUSR
+                        | FileUtils.S_IWUSR | FileUtils.S_IRGRP | FileUtils.S_IROTH, -1, -1);
+            }
         } finally {
             IoUtils.closeQuietly(publicZipOutStream);
         }
+
+        return size;
     }
 
     private static void copyZipEntry(ZipEntry zipEntry, ZipFile inZipFile,
@@ -265,4 +280,18 @@ public class PackageHelper {
             IoUtils.closeQuietly(data);
         }
     }
+
+    public static boolean fixSdPermissions(String cid, int gid, String filename) {
+        try {
+            int rc = getMountService().fixPermissionsSecureContainer(cid, gid, filename);
+            if (rc != StorageResultCode.OperationSucceeded) {
+                Log.i(TAG, "Failed to fixperms container " + cid);
+                return false;
+            }
+            return true;
+        } catch (RemoteException e) {
+            Log.e(TAG, "Failed to fixperms container " + cid + " with exception " + e);
+        }
+        return false;
+    }
 }
author	Kenny Root <kroot@google.com>	2012-04-12 14:23:49 -0700
committer	Kenny Root <kroot@google.com>	2012-04-25 14:17:02 -0700
commit	6dceb88f1c7c42c6ab43834af2c993d599895d82 (patch)
tree	cbdc33b4dd84f7ad388a4f331c0e7a3056e142e5 /core/java/com
parent	7725180c646d1976a2a2097735862a75ec47c544 (diff)
download	frameworks_base-6dceb88f1c7c42c6ab43834af2c993d599895d82.zip frameworks_base-6dceb88f1c7c42c6ab43834af2c993d599895d82.tar.gz frameworks_base-6dceb88f1c7c42c6ab43834af2c993d599895d82.tar.bz2