Add a config updater component for the intent firewall
Change-Id: I43f6defa16691099592bf87e75f2d1a732135cf3
diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java
index 03ee9eb..a0473a4 100644
--- a/core/java/android/provider/Settings.java
+++ b/core/java/android/provider/Settings.java
@@ -5398,6 +5398,20 @@
public static final String CERT_PIN_UPDATE_METADATA_URL = "cert_pin_metadata_url";
/**
+ * URL for intent firewall updates
+ * @hide
+ */
+ public static final String INTENT_FIREWALL_UPDATE_CONTENT_URL =
+ "intent_firewall_content_url";
+
+ /**
+ * URL for intent firewall update metadata
+ * @hide
+ */
+ public static final String INTENT_FIREWALL_UPDATE_METADATA_URL =
+ "intent_firewall_metadata_url";
+
+ /**
* SELinux enforcement status. If 0, permissive; if 1, enforcing.
* @hide
*/
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 666d1c6..ffceb68 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2301,6 +2301,12 @@
</intent-filter>
</receiver>
+ <receiver android:name="com.android.server.updates.IntentFirewallInstallReceiver" >
+ <intent-filter>
+ <action android:name="android.intent.action.UPDATE_INTENT_FIREWALL" />
+ </intent-filter>
+ </receiver>
+
<receiver android:name="com.android.server.updates.SmsShortCodesInstallReceiver" >
<intent-filter>
<action android:name="android.intent.action.UPDATE_SMS_SHORT_CODES" />
diff --git a/services/java/com/android/server/firewall/IntentFirewall.java b/services/java/com/android/server/firewall/IntentFirewall.java
index ebbbd86..062183b 100644
--- a/services/java/com/android/server/firewall/IntentFirewall.java
+++ b/services/java/com/android/server/firewall/IntentFirewall.java
@@ -42,7 +42,9 @@
public class IntentFirewall {
private static final String TAG = "IntentFirewall";
- private static final String RULES_FILENAME = "ifw.xml";
+ // e.g. /data/system/ifw/ifw.xml or /data/secure/system/ifw/ifw.xml
+ private static final File RULES_FILE =
+ new File(Environment.getSystemSecureDirectory(), "ifw/ifw.xml");
private static final String TAG_RULES = "rules";
private static final String TAG_ACTIVITY = "activity";
@@ -93,9 +95,7 @@
public IntentFirewall(AMSInterface ams) {
mAms = ams;
- File dataSystemDir = new File(Environment.getDataDirectory(), "system");
- File rulesFile = new File(dataSystemDir, RULES_FILENAME);
- readRules(rulesFile);
+ readRules(getRulesFile());
}
public boolean checkStartActivity(Intent intent, ApplicationInfo callerApp,
@@ -127,6 +127,10 @@
return !block;
}
+ public static File getRulesFile() {
+ return RULES_FILE;
+ }
+
private void readRules(File rulesFile) {
FileInputStream fis;
try {
diff --git a/services/java/com/android/server/updates/IntentFirewallInstallReceiver.java b/services/java/com/android/server/updates/IntentFirewallInstallReceiver.java
new file mode 100644
index 0000000..9185903
--- /dev/null
+++ b/services/java/com/android/server/updates/IntentFirewallInstallReceiver.java
@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.updates;
+
+import com.android.server.firewall.IntentFirewall;
+
+public class IntentFirewallInstallReceiver extends ConfigUpdateInstallReceiver {
+
+ public IntentFirewallInstallReceiver() {
+ super(IntentFirewall.getRulesFile().getParent(), IntentFirewall.getRulesFile().getName(),
+ "metadata/", "version");
+ }
+}