summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/java/android/accounts/AccountManagerService.java36
-rw-r--r--core/java/android/content/SyncStorageEngine.java14
-rw-r--r--core/java/android/content/pm/ApplicationInfo.java12
-rw-r--r--core/java/android/content/pm/PackageParser.java29
-rw-r--r--core/java/android/os/Environment.java44
-rw-r--r--core/res/res/values/attrs_manifest.xml8
-rw-r--r--packages/VpnServices/src/com/android/server/vpn/VpnServiceBinder.java3
-rw-r--r--services/java/com/android/server/BackupManagerService.java21
-rw-r--r--services/java/com/android/server/Installer.java56
-rw-r--r--services/java/com/android/server/PackageManagerService.java136
-rw-r--r--vpn/java/android/net/vpn/VpnManager.java7
11 files changed, 211 insertions, 155 deletions
diff --git a/core/java/android/accounts/AccountManagerService.java b/core/java/android/accounts/AccountManagerService.java
index ce3d2a3..6e04587 100644
--- a/core/java/android/accounts/AccountManagerService.java
+++ b/core/java/android/accounts/AccountManagerService.java
@@ -43,6 +43,7 @@ import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;
import android.os.Binder;
import android.os.Bundle;
+import android.os.Environment;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.IBinder;
@@ -51,11 +52,13 @@ import android.os.Message;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.SystemClock;
+import android.os.SystemProperties;
import android.telephony.TelephonyManager;
import android.text.TextUtils;
import android.util.Log;
import android.util.Pair;
+import java.io.File;
import java.io.FileDescriptor;
import java.io.PrintWriter;
import java.util.ArrayList;
@@ -450,7 +453,6 @@ public class AccountManagerService
mAccount = account;
}
- @Override
public void run() throws RemoteException {
try {
mAuthenticator.hasFeatures(this, mAccount, mFeatures);
@@ -459,7 +461,6 @@ public class AccountManagerService
}
}
- @Override
public void onResult(Bundle result) {
IAccountManagerResponse response = getResponseAndClose();
if (response != null) {
@@ -485,7 +486,6 @@ public class AccountManagerService
}
}
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", hasFeatures"
+ ", " + mAccount
@@ -531,18 +531,15 @@ public class AccountManagerService
mAccount = account;
}
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", removeAccount"
+ ", account " + mAccount;
}
- @Override
public void run() throws RemoteException {
mAuthenticator.getAccountRemovalAllowed(this, mAccount);
}
- @Override
public void onResult(Bundle result) {
if (result != null && result.containsKey(AccountManager.KEY_BOOLEAN_RESULT)
&& !result.containsKey(AccountManager.KEY_INTENT)) {
@@ -835,19 +832,16 @@ public class AccountManagerService
try {
new Session(response, account.type, false,
false /* stripAuthTokenFromResult */) {
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", getAuthTokenLabel"
+ ", " + account
+ ", authTokenType " + authTokenType;
}
- @Override
public void run() throws RemoteException {
mAuthenticator.getAuthTokenLabel(this, authTokenType);
}
- @Override
public void onResult(Bundle result) {
if (result != null) {
String label = result.getString(AccountManager.KEY_AUTH_TOKEN_LABEL);
@@ -918,7 +912,6 @@ public class AccountManagerService
new Session(response, account.type, expectActivityLaunch,
false /* stripAuthTokenFromResult */) {
- @Override
protected String toDebugString(long now) {
if (loginOptions != null) loginOptions.keySet();
return super.toDebugString(now) + ", getAuthToken"
@@ -928,7 +921,6 @@ public class AccountManagerService
+ ", notifyOnAuthFailure " + notifyOnAuthFailure;
}
- @Override
public void run() throws RemoteException {
// If the caller doesn't have permission then create and return the
// "grant permission" intent instead of the "getAuthToken" intent.
@@ -939,7 +931,6 @@ public class AccountManagerService
}
}
- @Override
public void onResult(Bundle result) {
if (result != null) {
if (result.containsKey(AccountManager.KEY_AUTH_TOKEN_LABEL)) {
@@ -1084,13 +1075,11 @@ public class AccountManagerService
try {
new Session(response, accountType, expectActivityLaunch,
true /* stripAuthTokenFromResult */) {
- @Override
public void run() throws RemoteException {
mAuthenticator.addAccount(this, mAccountType, authTokenType, requiredFeatures,
options);
}
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", addAccount"
+ ", accountType " + accountType
@@ -1121,11 +1110,9 @@ public class AccountManagerService
try {
new Session(response, account.type, expectActivityLaunch,
true /* stripAuthTokenFromResult */) {
- @Override
public void run() throws RemoteException {
mAuthenticator.confirmCredentials(this, account, options);
}
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", confirmCredentials"
+ ", " + account;
@@ -1155,11 +1142,9 @@ public class AccountManagerService
try {
new Session(response, account.type, expectActivityLaunch,
true /* stripAuthTokenFromResult */) {
- @Override
public void run() throws RemoteException {
mAuthenticator.updateCredentials(this, account, authTokenType, loginOptions);
}
- @Override
protected String toDebugString(long now) {
if (loginOptions != null) loginOptions.keySet();
return super.toDebugString(now) + ", updateCredentials"
@@ -1189,11 +1174,9 @@ public class AccountManagerService
try {
new Session(response, accountType, expectActivityLaunch,
true /* stripAuthTokenFromResult */) {
- @Override
public void run() throws RemoteException {
mAuthenticator.editProperties(this, mAccountType);
}
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", editProperties"
+ ", accountType " + accountType;
@@ -1217,7 +1200,6 @@ public class AccountManagerService
mFeatures = features;
}
- @Override
public void run() throws RemoteException {
mAccountsOfType = getAccountsByTypeFromCache(mAccountType);
// check whether each account matches the requested features
@@ -1252,7 +1234,6 @@ public class AccountManagerService
}
}
- @Override
public void onResult(Bundle result) {
mNumResults++;
if (result == null) {
@@ -1291,7 +1272,6 @@ public class AccountManagerService
}
- @Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", getAccountsByTypeAndFeatures"
+ ", " + (mFeatures != null ? TextUtils.join(",", mFeatures) : null);
@@ -1614,7 +1594,6 @@ public class AccountManagerService
super(looper);
}
- @Override
public void handleMessage(Message msg) {
switch (msg.what) {
case MESSAGE_TIMED_OUT:
@@ -1629,7 +1608,13 @@ public class AccountManagerService
}
private static String getDatabaseName() {
- return DATABASE_NAME;
+ if(Environment.isEncryptedFilesystemEnabled()) {
+ // Hard-coded path in case of encrypted file system
+ return Environment.getSystemSecureDirectory().getPath() + File.separator + DATABASE_NAME;
+ } else {
+ // Regular path in case of non-encrypted file system
+ return DATABASE_NAME;
+ }
}
private class DatabaseHelper extends SQLiteOpenHelper {
@@ -1852,7 +1837,6 @@ public class AccountManagerService
return false;
}
- @Override
protected void dump(FileDescriptor fd, PrintWriter fout, String[] args) {
final boolean isCheckinRequest = scanArgs(args, "--checkin") || scanArgs(args, "-c");
diff --git a/core/java/android/content/SyncStorageEngine.java b/core/java/android/content/SyncStorageEngine.java
index ef1db35..c8ca618 100644
--- a/core/java/android/content/SyncStorageEngine.java
+++ b/core/java/android/content/SyncStorageEngine.java
@@ -20,6 +20,10 @@ import com.android.internal.os.AtomicFile;
import com.android.internal.util.ArrayUtils;
import com.android.internal.util.FastXmlSerializer;
+import org.xmlpull.v1.XmlPullParser;
+import org.xmlpull.v1.XmlPullParserException;
+import org.xmlpull.v1.XmlSerializer;
+
import android.accounts.Account;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
@@ -33,9 +37,9 @@ import android.os.Parcel;
import android.os.RemoteCallbackList;
import android.os.RemoteException;
import android.util.Log;
-import android.util.Pair;
import android.util.SparseArray;
import android.util.Xml;
+import android.util.Pair;
import java.io.File;
import java.io.FileInputStream;
@@ -44,12 +48,8 @@ import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
-import java.util.List;
import java.util.TimeZone;
-
-import org.xmlpull.v1.XmlPullParser;
-import org.xmlpull.v1.XmlPullParserException;
-import org.xmlpull.v1.XmlSerializer;
+import java.util.List;
/**
* Singleton that tracks the sync data and overall sync
@@ -319,7 +319,7 @@ public class SyncStorageEngine extends Handler {
}
// This call will return the correct directory whether Encrypted File Systems is
// enabled or not.
- File dataDir = Environment.getDataDirectory();
+ File dataDir = Environment.getSecureDataDirectory();
sSyncStorageEngine = new SyncStorageEngine(context, dataDir);
}
diff --git a/core/java/android/content/pm/ApplicationInfo.java b/core/java/android/content/pm/ApplicationInfo.java
index 68840d9..bb0ed6a 100644
--- a/core/java/android/content/pm/ApplicationInfo.java
+++ b/core/java/android/content/pm/ApplicationInfo.java
@@ -270,6 +270,16 @@ public class ApplicationInfo extends PackageItemInfo implements Parcelable {
public static final int FLAG_SUPPORTS_XLARGE_SCREENS = 1<<19;
/**
+ * Value for {@link #flags}: this is true if the application has set
+ * its android:neverEncrypt to true, false otherwise. It is used to specify
+ * that this package specifically "opts-out" of a secured file system solution,
+ * and will always store its data in-the-clear.
+ *
+ * {@hide}
+ */
+ public static final int FLAG_NEVER_ENCRYPT = 1<<30;
+
+ /**
* Value for {@link #flags}: Set to true if the application has been
* installed using the forward lock option.
*
@@ -459,7 +469,6 @@ public class ApplicationInfo extends PackageItemInfo implements Parcelable {
}
- @Override
public String toString() {
return "ApplicationInfo{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -470,7 +479,6 @@ public class ApplicationInfo extends PackageItemInfo implements Parcelable {
return 0;
}
- @Override
public void writeToParcel(Parcel dest, int parcelableFlags) {
super.writeToParcel(dest, parcelableFlags);
dest.writeString(taskAffinity);
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index b4177d6..b2937ba 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -16,8 +16,6 @@
package android.content.pm;
-import com.android.internal.util.XmlUtils;
-
import android.content.ComponentName;
import android.content.Intent;
import android.content.IntentFilter;
@@ -34,6 +32,9 @@ import android.util.Config;
import android.util.DisplayMetrics;
import android.util.Log;
import android.util.TypedValue;
+import com.android.internal.util.XmlUtils;
+import org.xmlpull.v1.XmlPullParser;
+import org.xmlpull.v1.XmlPullParserException;
import java.io.BufferedInputStream;
import java.io.File;
@@ -48,9 +49,6 @@ import java.util.Iterator;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
-import org.xmlpull.v1.XmlPullParser;
-import org.xmlpull.v1.XmlPullParserException;
-
/**
* Package archive parsing
*
@@ -1575,6 +1573,12 @@ public class PackageParser {
ai.flags |= ApplicationInfo.FLAG_TEST_ONLY;
}
+ if (sa.getBoolean(
+ com.android.internal.R.styleable.AndroidManifestApplication_neverEncrypt,
+ false)) {
+ ai.flags |= ApplicationInfo.FLAG_NEVER_ENCRYPT;
+ }
+
String str;
str = sa.getNonConfigurationString(
com.android.internal.R.styleable.AndroidManifestApplication_permission, 0);
@@ -2859,7 +2863,6 @@ public class PackageParser {
}
}
- @Override
public String toString() {
return "Package{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3000,13 +3003,11 @@ public class PackageParser {
info = _info;
}
- @Override
public void setPackageName(String packageName) {
super.setPackageName(packageName);
info.packageName = packageName;
}
- @Override
public String toString() {
return "Permission{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3027,13 +3028,11 @@ public class PackageParser {
info = _info;
}
- @Override
public void setPackageName(String packageName) {
super.setPackageName(packageName);
info.packageName = packageName;
}
- @Override
public String toString() {
return "PermissionGroup{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3120,13 +3119,11 @@ public class PackageParser {
info.applicationInfo = args.owner.applicationInfo;
}
- @Override
public void setPackageName(String packageName) {
super.setPackageName(packageName);
info.packageName = packageName;
}
- @Override
public String toString() {
return "Activity{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3156,13 +3153,11 @@ public class PackageParser {
info.applicationInfo = args.owner.applicationInfo;
}
- @Override
public void setPackageName(String packageName) {
super.setPackageName(packageName);
info.packageName = packageName;
}
- @Override
public String toString() {
return "Service{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3199,13 +3194,11 @@ public class PackageParser {
this.syncable = existingProvider.syncable;
}
- @Override
public void setPackageName(String packageName) {
super.setPackageName(packageName);
info.packageName = packageName;
}
- @Override
public String toString() {
return "Provider{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3239,13 +3232,11 @@ public class PackageParser {
info = _info;
}
- @Override
public void setPackageName(String packageName) {
super.setPackageName(packageName);
info.packageName = packageName;
}
- @Override
public String toString() {
return "Instrumentation{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3279,7 +3270,6 @@ public class PackageParser {
activity = _activity;
}
- @Override
public String toString() {
return "ActivityIntentInfo{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -3294,7 +3284,6 @@ public class PackageParser {
service = _service;
}
- @Override
public String toString() {
return "ServiceIntentInfo{"
+ Integer.toHexString(System.identityHashCode(this))
diff --git a/core/java/android/os/Environment.java b/core/java/android/os/Environment.java
index c36031e..4f188f8 100644
--- a/core/java/android/os/Environment.java
+++ b/core/java/android/os/Environment.java
@@ -16,11 +16,11 @@
package android.os;
+import java.io.File;
+
import android.content.res.Resources;
import android.os.storage.IMountService;
-import java.io.File;
-
/**
* Provides access to environment variables.
*/
@@ -47,6 +47,46 @@ public class Environment {
return ROOT_DIRECTORY;
}
+ /**
+ * Gets the system directory available for secure storage.
+ * If Encrypted File system is enabled, it returns an encrypted directory (/data/secure/system).
+ * Otherwise, it returns the unencrypted /data/system directory.
+ * @return File object representing the secure storage system directory.
+ * @hide
+ */
+ public static File getSystemSecureDirectory() {
+ if (isEncryptedFilesystemEnabled()) {
+ return new File(SECURE_DATA_DIRECTORY, "system");
+ } else {
+ return new File(DATA_DIRECTORY, "system");
+ }
+ }
+
+ /**
+ * Gets the data directory for secure storage.
+ * If Encrypted File system is enabled, it returns an encrypted directory (/data/secure).
+ * Otherwise, it returns the unencrypted /data directory.
+ * @return File object representing the data directory for secure storage.
+ * @hide
+ */
+ public static File getSecureDataDirectory() {
+ if (isEncryptedFilesystemEnabled()) {
+ return SECURE_DATA_DIRECTORY;
+ } else {
+ return DATA_DIRECTORY;
+ }
+ }
+
+ /**
+ * Returns whether the Encrypted File System feature is enabled on the device or not.
+ * @return <code>true</code> if Encrypted File System feature is enabled, <code>false</code>
+ * if disabled.
+ * @hide
+ */
+ public static boolean isEncryptedFilesystemEnabled() {
+ return SystemProperties.getBoolean(SYSTEM_PROPERTY_EFS_ENABLED, false);
+ }
+
private static final File DATA_DIRECTORY
= getDirectory("ANDROID_DATA", "/data");
diff --git a/core/res/res/values/attrs_manifest.xml b/core/res/res/values/attrs_manifest.xml
index d86c9e2..5ff6212 100644
--- a/core/res/res/values/attrs_manifest.xml
+++ b/core/res/res/values/attrs_manifest.xml
@@ -94,6 +94,13 @@
included in the system image. Third-party apps cannot use it.</em> -->
<attr name="allowClearUserData" format="boolean" />
+ <!-- Option to let applications specify that user data should
+ never be encrypted if an Encrypted File System solution
+ is enabled. Specifically, this is an "opt-out" feature, meaning
+ that, by default, user data will be encrypted if the EFS feature
+ is enabled. -->
+ <attr name="neverEncrypt" format="boolean" />
+
<!-- Option to indicate this application is only for testing purposes.
For example, it may expose functionality or data outside of itself
that would cause a security hole, but is useful for testing. This
@@ -770,6 +777,7 @@
<attr name="killAfterRestore" />
<attr name="restoreNeedsApplication" />
<attr name="restoreAnyVersion" />
+ <attr name="neverEncrypt" />
<!-- Declare that this applicationn can't participate in the normal
state save/restore mechanism. Since it is not able to save and
restore its state on demand,
diff --git a/packages/VpnServices/src/com/android/server/vpn/VpnServiceBinder.java b/packages/VpnServices/src/com/android/server/vpn/VpnServiceBinder.java
index 3b53194..eeafd5a 100644
--- a/packages/VpnServices/src/com/android/server/vpn/VpnServiceBinder.java
+++ b/packages/VpnServices/src/com/android/server/vpn/VpnServiceBinder.java
@@ -28,6 +28,7 @@ import android.net.vpn.VpnProfile;
import android.net.vpn.VpnState;
import android.os.Environment;
import android.os.IBinder;
+import android.os.SystemProperties;
import android.util.Log;
import java.io.File;
@@ -55,7 +56,7 @@ public class VpnServiceBinder extends Service {
private static String getStateFilePath() {
// This call will return the correcu directory whether Encrypted FS is enabled or not
// Disabled: /data/misc/vpn/.states Enabled: /data/secure/misc/vpn/.states
- return Environment.getDataDirectory().getPath() + STATES_FILE_RELATIVE_PATH;
+ return Environment.getSecureDataDirectory().getPath() + STATES_FILE_RELATIVE_PATH;
}
private final IBinder mBinder = new IVpnService.Stub() {
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index 3b0a6d5..cb1d775 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java
@@ -16,11 +16,6 @@
package com.android.server;
-import com.android.internal.backup.BackupConstants;
-import com.android.internal.backup.IBackupTransport;
-import com.android.internal.backup.LocalTransport;
-import com.android.server.PackageManagerBackupAgent.Metadata;
-
import android.app.ActivityManagerNative;
import android.app.AlarmManager;
import android.app.AppGlobals;
@@ -28,10 +23,10 @@ import android.app.IActivityManager;
import android.app.IApplicationThread;
import android.app.IBackupAgent;
import android.app.PendingIntent;
+import android.app.backup.RestoreSet;
import android.app.backup.IBackupManager;
import android.app.backup.IRestoreObserver;
import android.app.backup.IRestoreSession;
-import android.app.backup.RestoreSet;
import android.content.BroadcastReceiver;
import android.content.ComponentName;
import android.content.Context;
@@ -43,8 +38,8 @@ import android.content.pm.IPackageDataObserver;
import android.content.pm.IPackageManager;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
-import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.Signature;
+import android.content.pm.PackageManager.NameNotFoundException;
import android.net.Uri;
import android.os.Binder;
import android.os.Bundle;
@@ -66,6 +61,11 @@ import android.util.Slog;
import android.util.SparseArray;
import android.util.SparseIntArray;
+import com.android.internal.backup.BackupConstants;
+import com.android.internal.backup.IBackupTransport;
+import com.android.internal.backup.LocalTransport;
+import com.android.server.PackageManagerBackupAgent.Metadata;
+
import java.io.EOFException;
import java.io.File;
import java.io.FileDescriptor;
@@ -145,7 +145,6 @@ class BackupManagerService extends IBackupManager.Stub {
fullBackup = isFull;
}
- @Override
public String toString() {
return "BackupRequest{app=" + appInfo + " full=" + fullBackup + "}";
}
@@ -272,7 +271,6 @@ class BackupManagerService extends IBackupManager.Stub {
super(looper);
}
- @Override
public void handleMessage(Message msg) {
switch (msg.what) {
@@ -445,7 +443,7 @@ class BackupManagerService extends IBackupManager.Stub {
Settings.Secure.BACKUP_AUTO_RESTORE, 1) != 0;
// If Encrypted file systems is enabled or disabled, this call will return the
// correct directory.
- mBaseStateDir = new File(Environment.getDataDirectory(), "backup");
+ mBaseStateDir = new File(Environment.getSecureDataDirectory(), "backup");
mBaseStateDir.mkdirs();
mDataDir = Environment.getDownloadCacheDirectory();
@@ -535,7 +533,6 @@ class BackupManagerService extends IBackupManager.Stub {
}
private class RunBackupReceiver extends BroadcastReceiver {
- @Override
public void onReceive(Context context, Intent intent) {
if (RUN_BACKUP_ACTION.equals(intent.getAction())) {
synchronized (mQueueLock) {
@@ -572,7 +569,6 @@ class BackupManagerService extends IBackupManager.Stub {
}
private class RunInitializeReceiver extends BroadcastReceiver {
- @Override
public void onReceive(Context context, Intent intent) {
if (RUN_INITIALIZE_ACTION.equals(intent.getAction())) {
synchronized (mQueueLock) {
@@ -816,7 +812,6 @@ class BackupManagerService extends IBackupManager.Stub {
// ----- Track installation/removal of packages -----
BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() {
- @Override
public void onReceive(Context context, Intent intent) {
if (DEBUG) Slog.d(TAG, "Received broadcast " + intent);
diff --git a/services/java/com/android/server/Installer.java b/services/java/com/android/server/Installer.java
index 1028b89..85eca60 100644
--- a/services/java/com/android/server/Installer.java
+++ b/services/java/com/android/server/Installer.java
@@ -17,13 +17,16 @@
package com.android.server;
import android.content.pm.PackageStats;
-import android.net.LocalSocket;
import android.net.LocalSocketAddress;
+import android.net.LocalSocket;
+import android.util.Config;
import android.util.Slog;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.net.Socket;
+
class Installer {
private static final String TAG = "Installer";
@@ -98,7 +101,7 @@ class Installer {
int len;
buflen = 0;
if (!readBytes(buf, 2)) return false;
- len = ((buf[0]) & 0xff) | (((buf[1]) & 0xff) << 8);
+ len = (((int) buf[0]) & 0xff) | ((((int) buf[1]) & 0xff) << 8);
if ((len < 1) || (len > 1024)) {
Slog.e(TAG,"invalid reply length ("+len+")");
disconnect();
@@ -163,11 +166,17 @@ class Installer {
}
}
- public int install(String name, int uid, int gid) {
+ public int install(String name, boolean useEncryptedFilesystem, int uid, int gid) {
StringBuilder builder = new StringBuilder("install");
builder.append(' ');
builder.append(name);
builder.append(' ');
+ if (useEncryptedFilesystem) {
+ builder.append('1');
+ } else {
+ builder.append('0');
+ }
+ builder.append(' ');
builder.append(uid);
builder.append(' ');
builder.append(gid);
@@ -200,34 +209,57 @@ class Installer {
return execute(builder.toString());
}
- public int remove(String name) {
+ public int remove(String name, boolean useEncryptedFilesystem) {
StringBuilder builder = new StringBuilder("remove");
builder.append(' ');
builder.append(name);
+ builder.append(' ');
+ if (useEncryptedFilesystem) {
+ builder.append('1');
+ } else {
+ builder.append('0');
+ }
return execute(builder.toString());
}
- public int rename(String oldname, String newname) {
+ public int rename(String oldname, String newname, boolean useEncryptedFilesystem) {
StringBuilder builder = new StringBuilder("rename");
builder.append(' ');
builder.append(oldname);
builder.append(' ');
builder.append(newname);
+ builder.append(' ');
+ if (useEncryptedFilesystem) {
+ builder.append('1');
+ } else {
+ builder.append('0');
+ }
return execute(builder.toString());
}
- public int deleteCacheFiles(String name) {
+ public int deleteCacheFiles(String name, boolean useEncryptedFilesystem) {
StringBuilder builder = new StringBuilder("rmcache");
builder.append(' ');
builder.append(name);
builder.append(' ');
+ if (useEncryptedFilesystem) {
+ builder.append('1');
+ } else {
+ builder.append('0');
+ }
return execute(builder.toString());
}
- public int clearUserData(String name) {
+ public int clearUserData(String name, boolean useEncryptedFilesystem) {
StringBuilder builder = new StringBuilder("rmuserdata");
builder.append(' ');
builder.append(name);
+ builder.append(' ');
+ if (useEncryptedFilesystem) {
+ builder.append('1');
+ } else {
+ builder.append('0');
+ }
return execute(builder.toString());
}
@@ -260,8 +292,8 @@ class Installer {
return execute(builder.toString());
}
- public int getSizeInfo(String pkgName, String apkPath, String fwdLockApkPath,
- PackageStats pStats) {
+ public int getSizeInfo(String pkgName, String apkPath,
+ String fwdLockApkPath, PackageStats pStats, boolean useEncryptedFilesystem) {
StringBuilder builder = new StringBuilder("getsize");
builder.append(' ');
builder.append(pkgName);
@@ -269,6 +301,12 @@ class Installer {
builder.append(apkPath);
builder.append(' ');
builder.append(fwdLockApkPath != null ? fwdLockApkPath : "!");
+ builder.append(' ');
+ if (useEncryptedFilesystem) {
+ builder.append('1');
+ } else {
+ builder.append('0');
+ }
String s = transaction(builder.toString());
String res[] = s.split(" ");
diff --git a/services/java/com/android/server/PackageManagerService.java b/services/java/com/android/server/PackageManagerService.java
index 286463d..b196f74 100644
--- a/services/java/com/android/server/PackageManagerService.java
+++ b/services/java/com/android/server/PackageManagerService.java
@@ -16,10 +16,6 @@
package com.android.server;
-import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT;
-import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED;
-import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED;
-
import com.android.internal.app.IMediaContainerService;
import com.android.internal.app.ResolverActivity;
import com.android.internal.content.NativeLibraryHelper;
@@ -28,18 +24,22 @@ import com.android.internal.util.FastXmlSerializer;
import com.android.internal.util.JournaledFile;
import com.android.internal.util.XmlUtils;
+import org.xmlpull.v1.XmlPullParser;
+import org.xmlpull.v1.XmlPullParserException;
+import org.xmlpull.v1.XmlSerializer;
+
import android.app.ActivityManagerNative;
import android.app.IActivityManager;
import android.app.admin.IDevicePolicyManager;
import android.app.backup.IBackupManager;
-import android.content.ComponentName;
import android.content.Context;
+import android.content.ComponentName;
import android.content.IIntentReceiver;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.IntentSender;
-import android.content.IntentSender.SendIntentException;
import android.content.ServiceConnection;
+import android.content.IntentSender.SendIntentException;
import android.content.pm.ActivityInfo;
import android.content.pm.ApplicationInfo;
import android.content.pm.ComponentInfo;
@@ -54,10 +54,13 @@ import android.content.pm.InstrumentationInfo;
import android.content.pm.PackageInfo;
import android.content.pm.PackageInfoLite;
import android.content.pm.PackageManager;
-import android.content.pm.PackageParser;
import android.content.pm.PackageStats;
-import android.content.pm.PermissionGroupInfo;
+import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT;
+import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED;
+import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED;
+import android.content.pm.PackageParser;
import android.content.pm.PermissionInfo;
+import android.content.pm.PermissionGroupInfo;
import android.content.pm.ProviderInfo;
import android.content.pm.ResolveInfo;
import android.content.pm.ServiceInfo;
@@ -67,30 +70,24 @@ import android.os.Binder;
import android.os.Build;
import android.os.Bundle;
import android.os.Debug;
-import android.os.Environment;
-import android.os.FileObserver;
-import android.os.FileUtils;
-import android.os.Handler;
import android.os.HandlerThread;
import android.os.IBinder;
import android.os.Looper;
import android.os.Message;
import android.os.Parcel;
+import android.os.RemoteException;
+import android.os.Environment;
+import android.os.FileObserver;
+import android.os.FileUtils;
+import android.os.Handler;
import android.os.ParcelFileDescriptor;
import android.os.Process;
-import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.SystemClock;
import android.os.SystemProperties;
+import android.provider.Settings;
import android.security.SystemKeyStore;
-import android.util.Config;
-import android.util.DisplayMetrics;
-import android.util.EventLog;
-import android.util.Log;
-import android.util.LogPrinter;
-import android.util.Slog;
-import android.util.SparseArray;
-import android.util.Xml;
+import android.util.*;
import android.view.Display;
import android.view.WindowManager;
@@ -117,17 +114,15 @@ import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
+import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.zip.ZipEntry;
+import java.util.zip.ZipException;
import java.util.zip.ZipFile;
import java.util.zip.ZipOutputStream;
-import org.xmlpull.v1.XmlPullParser;
-import org.xmlpull.v1.XmlPullParserException;
-import org.xmlpull.v1.XmlSerializer;
-
/**
* Keep track of all those .apks everywhere.
*
@@ -435,7 +430,6 @@ class PackageManagerService extends IPackageManager.Stub {
super(looper);
}
- @Override
public void handleMessage(Message msg) {
try {
doHandleMessage(msg);
@@ -577,7 +571,7 @@ class PackageManagerService extends IPackageManager.Stub {
// Send broadcasts
for (int i = 0; i < size; i++) {
sendPackageChangedBroadcast(packages[i], true,
- components[i], uids[i]);
+ (ArrayList<String>)components[i], uids[i]);
}
Process.setThreadPriority(Process.THREAD_PRIORITY_BACKGROUND);
break;
@@ -970,7 +964,9 @@ class PackageManagerService extends IPackageManager.Stub {
+ " no longer exists; wiping its data";
reportSettingsProblem(Log.WARN, msg);
if (mInstaller != null) {
- mInstaller.remove(ps.name);
+ // XXX how to set useEncryptedFSDir for packages that
+ // are not encrypted?
+ mInstaller.remove(ps.name, true);
}
}
}
@@ -1054,7 +1050,8 @@ class PackageManagerService extends IPackageManager.Stub {
void cleanupInstallFailedPackage(PackageSetting ps) {
Slog.i(TAG, "Cleaning up incompletely installed app: " + ps.name);
if (mInstaller != null) {
- int retCode = mInstaller.remove(ps.name);
+ boolean useSecureFS = useEncryptedFilesystemForPackage(ps.pkg);
+ int retCode = mInstaller.remove(ps.name, useSecureFS);
if (retCode < 0) {
Slog.w(TAG, "Couldn't remove app data directory for package: "
+ ps.name + ", retcode=" + retCode);
@@ -2082,12 +2079,12 @@ class PackageManagerService extends IPackageManager.Stub {
synchronized (mPackages) {
String pkgName = intent.getPackage();
if (pkgName == null) {
- return mActivities.queryIntent(intent,
+ return (List<ResolveInfo>)mActivities.queryIntent(intent,
resolvedType, flags);
}
PackageParser.Package pkg = mPackages.get(pkgName);
if (pkg != null) {
- return mActivities.queryIntentForPackage(intent,
+ return (List<ResolveInfo>) mActivities.queryIntentForPackage(intent,
resolvedType, flags, pkg.activities);
}
return null;
@@ -2272,12 +2269,12 @@ class PackageManagerService extends IPackageManager.Stub {
synchronized (mPackages) {
String pkgName = intent.getPackage();
if (pkgName == null) {
- return mReceivers.queryIntent(intent,
+ return (List<ResolveInfo>)mReceivers.queryIntent(intent,
resolvedType, flags);
}
PackageParser.Package pkg = mPackages.get(pkgName);
if (pkg != null) {
- return mReceivers.queryIntentForPackage(intent,
+ return (List<ResolveInfo>) mReceivers.queryIntentForPackage(intent,
resolvedType, flags, pkg.receivers);
}
return null;
@@ -2315,12 +2312,12 @@ class PackageManagerService extends IPackageManager.Stub {
synchronized (mPackages) {
String pkgName = intent.getPackage();
if (pkgName == null) {
- return mServices.queryIntent(intent,
+ return (List<ResolveInfo>)mServices.queryIntent(intent,
resolvedType, flags);
}
PackageParser.Package pkg = mPackages.get(pkgName);
if (pkg != null) {
- return mServices.queryIntentForPackage(intent,
+ return (List<ResolveInfo>)mServices.queryIntentForPackage(intent,
resolvedType, flags, pkg.services);
}
return null;
@@ -2419,7 +2416,6 @@ class PackageManagerService extends IPackageManager.Stub {
/**
* @deprecated
*/
- @Deprecated
public void querySyncProviders(List outNames, List outInfo) {
synchronized (mPackages) {
Iterator<Map.Entry<String, PackageParser.Provider>> i
@@ -2784,6 +2780,11 @@ class PackageManagerService extends IPackageManager.Stub {
return performed ? DEX_OPT_PERFORMED : DEX_OPT_SKIPPED;
}
+ private static boolean useEncryptedFilesystemForPackage(PackageParser.Package pkg) {
+ return Environment.isEncryptedFilesystemEnabled() &&
+ ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_NEVER_ENCRYPT) == 0);
+ }
+
private boolean verifyPackageUpdate(PackageSetting oldPkg, PackageParser.Package newPkg) {
if ((oldPkg.pkgFlags&ApplicationInfo.FLAG_SYSTEM) == 0) {
Slog.w(TAG, "Unable to update from " + oldPkg.name
@@ -2800,7 +2801,14 @@ class PackageManagerService extends IPackageManager.Stub {
}
private File getDataPathForPackage(PackageParser.Package pkg) {
- return new File(mAppDataDir, pkg.packageName);
+ boolean useEncryptedFSDir = useEncryptedFilesystemForPackage(pkg);
+ File dataPath;
+ if (useEncryptedFSDir) {
+ dataPath = new File(mSecureAppDataDir, pkg.packageName);
+ } else {
+ dataPath = new File(mAppDataDir, pkg.packageName);
+ }
+ return dataPath;
}
private PackageParser.Package scanPackageLI(PackageParser.Package pkg,
@@ -3149,6 +3157,7 @@ class PackageManagerService extends IPackageManager.Stub {
pkg.applicationInfo.dataDir = dataPath.getPath();
} else {
// This is a normal package, need to make its data directory.
+ boolean useEncryptedFSDir = useEncryptedFilesystemForPackage(pkg);
dataPath = getDataPathForPackage(pkg);
boolean uidError = false;
@@ -3165,7 +3174,7 @@ class PackageManagerService extends IPackageManager.Stub {
// If this is a system app, we can at least delete its
// current data so the application will still work.
if (mInstaller != null) {
- int ret = mInstaller.remove(pkgName);
+ int ret = mInstaller.remove(pkgName, useEncryptedFSDir);
if (ret >= 0) {
// Old data gone!
String msg = "System package " + pkg.packageName
@@ -3176,7 +3185,7 @@ class PackageManagerService extends IPackageManager.Stub {
recovered = true;
// And now re-install the app.
- ret = mInstaller.install(pkgName, pkg.applicationInfo.uid,
+ ret = mInstaller.install(pkgName, useEncryptedFSDir, pkg.applicationInfo.uid,
pkg.applicationInfo.uid);
if (ret == -1) {
// Ack should not happen!
@@ -3217,7 +3226,7 @@ class PackageManagerService extends IPackageManager.Stub {
Log.v(TAG, "Want this data dir: " + dataPath);
//invoke installer to do the actual installation
if (mInstaller != null) {
- int ret = mInstaller.install(pkgName, pkg.applicationInfo.uid,
+ int ret = mInstaller.install(pkgName, useEncryptedFSDir, pkg.applicationInfo.uid,
pkg.applicationInfo.uid);
if(ret < 0) {
// Error from installer
@@ -4038,7 +4047,6 @@ class PackageManagerService extends IPackageManager.Stub {
private final class ActivityIntentResolver
extends IntentResolver<PackageParser.ActivityIntentInfo, ResolveInfo> {
- @Override
public List queryIntent(Intent intent, String resolvedType, boolean defaultOnly) {
mFlags = defaultOnly ? PackageManager.MATCH_DEFAULT_ONLY : 0;
return super.queryIntent(intent, resolvedType, defaultOnly);
@@ -4198,7 +4206,6 @@ class PackageManagerService extends IPackageManager.Stub {
private final class ServiceIntentResolver
extends IntentResolver<PackageParser.ServiceIntentInfo, ResolveInfo> {
- @Override
public List queryIntent(Intent intent, String resolvedType, boolean defaultOnly) {
mFlags = defaultOnly ? PackageManager.MATCH_DEFAULT_ONLY : 0;
return super.queryIntent(intent, resolvedType, defaultOnly);
@@ -4294,7 +4301,7 @@ class PackageManagerService extends IPackageManager.Stub {
@Override
protected ResolveInfo newResult(PackageParser.ServiceIntentInfo filter,
int match) {
- final PackageParser.ServiceIntentInfo info = filter;
+ final PackageParser.ServiceIntentInfo info = (PackageParser.ServiceIntentInfo)filter;
if (!mSettings.isEnabledLP(info.service.info, mFlags)) {
return null;
}
@@ -4455,7 +4462,6 @@ class PackageManagerService extends IPackageManager.Stub {
mIsRom = isrom;
}
- @Override
public void onEvent(int event, String path) {
String removedPackage = null;
int removedUid = -1;
@@ -4840,7 +4846,6 @@ class PackageManagerService extends IPackageManager.Stub {
* policy if needed and then create install arguments based
* on the install location.
*/
- @Override
public void handleStartCopy() throws RemoteException {
int ret = PackageManager.INSTALL_SUCCEEDED;
boolean fwdLocked = (flags & PackageManager.INSTALL_FORWARD_LOCK) != 0;
@@ -4950,7 +4955,6 @@ class PackageManagerService extends IPackageManager.Stub {
}
}
- @Override
public void handleStartCopy() throws RemoteException {
mRet = PackageManager.INSTALL_FAILED_INSUFFICIENT_STORAGE;
// Check for storage space on target medium
@@ -5080,7 +5084,6 @@ class PackageManagerService extends IPackageManager.Stub {
libraryPath = new File(dataDir, LIB_DIR_NAME).getPath();
}
- @Override
boolean checkFreeStorage(IMediaContainerService imcs) throws RemoteException {
try {
mContext.grantUriPermission(DEFAULT_CONTAINER_PACKAGE, packageURI,
@@ -5091,12 +5094,10 @@ class PackageManagerService extends IPackageManager.Stub {
}
}
- @Override
String getCodePath() {
return codeFileName;
}
- @Override
void createCopyFile() {
installDir = isFwdLocked() ? mDrmAppPrivateInstallDir : mAppInstallDir;
codeFileName = createTempPackageFile(installDir).getPath();
@@ -5104,7 +5105,6 @@ class PackageManagerService extends IPackageManager.Stub {
created = true;
}
- @Override
int copyApk(IMediaContainerService imcs, boolean temp) throws RemoteException {
if (temp) {
// Generate temp file name
@@ -5148,7 +5148,6 @@ class PackageManagerService extends IPackageManager.Stub {
return ret;
}
- @Override
int doPreInstall(int status) {
if (status != PackageManager.INSTALL_SUCCEEDED) {
cleanUp();
@@ -5156,7 +5155,6 @@ class PackageManagerService extends IPackageManager.Stub {
return status;
}
- @Override
boolean doRename(int status, final String pkgName, String oldCodePath) {
if (status != PackageManager.INSTALL_SUCCEEDED) {
cleanUp();
@@ -5181,7 +5179,6 @@ class PackageManagerService extends IPackageManager.Stub {
}
}
- @Override
int doPostInstall(int status) {
if (status != PackageManager.INSTALL_SUCCEEDED) {
cleanUp();
@@ -5189,7 +5186,6 @@ class PackageManagerService extends IPackageManager.Stub {
return status;
}
- @Override
String getResourcePath() {
return resourceFileName;
}
@@ -5234,7 +5230,6 @@ class PackageManagerService extends IPackageManager.Stub {
return ret;
}
- @Override
void cleanUpResourcesLI() {
String sourceDir = getCodePath();
if (cleanUp() && mInstaller != null) {
@@ -5267,7 +5262,6 @@ class PackageManagerService extends IPackageManager.Stub {
return true;
}
- @Override
boolean doPostDeleteLI(boolean delete) {
// XXX err, shouldn't we respect the delete flag?
cleanUpResourcesLI();
@@ -5312,12 +5306,10 @@ class PackageManagerService extends IPackageManager.Stub {
this.cid = cid;
}
- @Override
void createCopyFile() {
cid = getTempContainerId();
}
- @Override
boolean checkFreeStorage(IMediaContainerService imcs) throws RemoteException {
try {
mContext.grantUriPermission(DEFAULT_CONTAINER_PACKAGE, packageURI,
@@ -5328,7 +5320,6 @@ class PackageManagerService extends IPackageManager.Stub {
}
}
- @Override
int copyApk(IMediaContainerService imcs, boolean temp) throws RemoteException {
if (temp) {
createCopyFile();
@@ -5367,7 +5358,6 @@ class PackageManagerService extends IPackageManager.Stub {
return libraryPath;
}
- @Override
int doPreInstall(int status) {
if (status != PackageManager.INSTALL_SUCCEEDED) {
// Destroy container
@@ -5387,7 +5377,6 @@ class PackageManagerService extends IPackageManager.Stub {
return status;
}
- @Override
boolean doRename(int status, final String pkgName,
String oldCodePath) {
String newCacheId = getNextCodePath(oldCodePath, pkgName, "/" + RES_FILE_NAME);
@@ -5439,7 +5428,6 @@ class PackageManagerService extends IPackageManager.Stub {
packagePath = new File(cachePath, RES_FILE_NAME).getPath();
}
- @Override
int doPostInstall(int status) {
if (status != PackageManager.INSTALL_SUCCEEDED) {
cleanUp();
@@ -5458,7 +5446,6 @@ class PackageManagerService extends IPackageManager.Stub {
PackageHelper.destroySdDir(cid);
}
- @Override
void cleanUpResourcesLI() {
String sourceFile = getCodePath();
// Remove dex file
@@ -5489,7 +5476,6 @@ class PackageManagerService extends IPackageManager.Stub {
return cid.substring(0, idx);
}
- @Override
boolean doPostDeleteLI(boolean delete) {
boolean ret = false;
boolean mounted = PackageHelper.isContainerMounted(cid);
@@ -6275,8 +6261,9 @@ class PackageManagerService extends IPackageManager.Stub {
deletedPs = mSettings.mPackages.get(packageName);
}
if ((flags&PackageManager.DONT_DELETE_DATA) == 0) {
+ boolean useEncryptedFSDir = useEncryptedFilesystemForPackage(p);
if (mInstaller != null) {
- int retCode = mInstaller.remove(packageName);
+ int retCode = mInstaller.remove(packageName, useEncryptedFSDir);
if (retCode < 0) {
Slog.w(TAG, "Couldn't remove app data or cache directory for package: "
+ packageName + ", retcode=" + retCode);
@@ -6529,9 +6516,10 @@ class PackageManagerService extends IPackageManager.Stub {
Slog.w(TAG, "Package " + packageName + " has no applicationInfo.");
return false;
}
+ useEncryptedFSDir = useEncryptedFilesystemForPackage(p);
}
if (mInstaller != null) {
- int retCode = mInstaller.clearUserData(packageName);
+ int retCode = mInstaller.clearUserData(packageName, useEncryptedFSDir);
if (retCode < 0) {
Slog.w(TAG, "Couldn't remove cache files for package: "
+ packageName);
@@ -6582,8 +6570,9 @@ class PackageManagerService extends IPackageManager.Stub {
Slog.w(TAG, "Package " + packageName + " has no applicationInfo.");
return false;
}
+ boolean useEncryptedFSDir = useEncryptedFilesystemForPackage(p);
if (mInstaller != null) {
- int retCode = mInstaller.deleteCacheFiles(packageName);
+ int retCode = mInstaller.deleteCacheFiles(packageName, useEncryptedFSDir);
if (retCode < 0) {
Slog.w(TAG, "Couldn't remove cache files for package: "
+ packageName);
@@ -6645,8 +6634,10 @@ class PackageManagerService extends IPackageManager.Stub {
}
publicSrcDir = isForwardLocked(p) ? applicationInfo.publicSourceDir : null;
}
+ boolean useEncryptedFSDir = useEncryptedFilesystemForPackage(p);
if (mInstaller != null) {
- int res = mInstaller.getSizeInfo(packageName, p.mPath, publicSrcDir, pStats);
+ int res = mInstaller.getSizeInfo(packageName, p.mPath,
+ publicSrcDir, pStats, useEncryptedFSDir);
if (res < 0) {
return false;
} else {
@@ -7452,7 +7443,6 @@ class PackageManagerService extends IPackageManager.Stub {
protectionLevel = PermissionInfo.PROTECTION_SIGNATURE;
}
- @Override
public String toString() {
return "BasePermission{"
+ Integer.toHexString(System.identityHashCode(this))
@@ -7749,7 +7739,6 @@ class PackageManagerService extends IPackageManager.Stub {
mSetComponents = myComponents;
}
- @Override
public void writeToXml(XmlSerializer serializer) throws IOException {
final int NS = mSetClasses != null ? mSetClasses.length : 0;
serializer.attribute(null, "name", mShortActivity);
@@ -7803,7 +7792,8 @@ class PackageManagerService extends IPackageManager.Stub {
this.pkgFlags = pkgFlags & (
ApplicationInfo.FLAG_SYSTEM |
ApplicationInfo.FLAG_FORWARD_LOCK |
- ApplicationInfo.FLAG_EXTERNAL_STORAGE);
+ ApplicationInfo.FLAG_EXTERNAL_STORAGE |
+ ApplicationInfo.FLAG_NEVER_ENCRYPT);
}
}
@@ -7947,7 +7937,7 @@ class PackageManagerService extends IPackageManager.Stub {
}
public void copyFrom(PackageSetting base) {
- super.copyFrom(base);
+ super.copyFrom((PackageSettingBase) base);
userId = base.userId;
sharedUser = base.sharedUser;
@@ -8760,7 +8750,7 @@ class PackageManagerService extends IPackageManager.Stub {
sb.setLength(0);
sb.append(ai.packageName);
sb.append(" ");
- sb.append(ai.uid);
+ sb.append((int)ai.uid);
sb.append(isDebug ? " 1 " : " 0 ");
sb.append(dataPath);
sb.append("\n");
diff --git a/vpn/java/android/net/vpn/VpnManager.java b/vpn/java/android/net/vpn/VpnManager.java
index 60fecc2..ce40b5d 100644
--- a/vpn/java/android/net/vpn/VpnManager.java
+++ b/vpn/java/android/net/vpn/VpnManager.java
@@ -16,12 +16,15 @@
package android.net.vpn;
+import java.io.File;
+
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.ServiceConnection;
import android.os.Environment;
+import android.os.SystemProperties;
import android.util.Log;
/**
@@ -83,7 +86,7 @@ public class VpnManager {
// TODO(oam): Test VPN when EFS is enabled (will do later)...
public static String getProfilePath() {
// This call will return the correct path if Encrypted FS is enabled or not.
- return Environment.getDataDirectory().getPath() + PROFILES_PATH;
+ return Environment.getSecureDataDirectory().getPath() + PROFILES_PATH;
}
/**
@@ -121,7 +124,7 @@ public class VpnManager {
*/
public VpnProfile createVpnProfile(VpnType type, boolean customized) {
try {
- VpnProfile p = type.getProfileClass().newInstance();
+ VpnProfile p = (VpnProfile) type.getProfileClass().newInstance();
p.setCustomized(customized);
return p;
} catch (InstantiationException e) {
generated by cgit v1.1 at 2025-08-18 07:08:23 +0000