Ignore the reboot to normal intent when DSU is locked
This feature provides the application with the ability to lock the device into DSU mode, allowing only authorized users to exit.
Bug: 275484855
Test: manual testing with a slot name ends with ".lock"
Change-Id: Ie00fd897daf2dfb11c2c792887a0e95ee164cea3
diff --git a/core/java/android/os/image/DynamicSystemManager.java b/core/java/android/os/image/DynamicSystemManager.java
index 9610b16..536795b 100644
--- a/core/java/android/os/image/DynamicSystemManager.java
+++ b/core/java/android/os/image/DynamicSystemManager.java
@@ -285,4 +285,16 @@
throw new RuntimeException(e.toString());
}
}
+
+ /**
+ * Returns the active DSU slot
+ */
+ @RequiresPermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
+ public String getActiveDsuSlot() {
+ try {
+ return mService.getActiveDsuSlot();
+ } catch (RemoteException e) {
+ throw new RuntimeException(e.toString());
+ }
+ }
}
diff --git a/core/java/android/os/image/IDynamicSystemService.aidl b/core/java/android/os/image/IDynamicSystemService.aidl
index 755368a..0280ebb 100644
--- a/core/java/android/os/image/IDynamicSystemService.aidl
+++ b/core/java/android/os/image/IDynamicSystemService.aidl
@@ -145,4 +145,10 @@
*/
@EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
long suggestScratchSize();
+
+ /**
+ * Get the active DSU slot
+ */
+ @EnforcePermission("MANAGE_DYNAMIC_SYSTEM")
+ String getActiveDsuSlot();
}
diff --git a/packages/DynamicSystemInstallationService/src/com/android/dynsystem/DynamicSystemInstallationService.java b/packages/DynamicSystemInstallationService/src/com/android/dynsystem/DynamicSystemInstallationService.java
index 5e42f70..e78de49 100644
--- a/packages/DynamicSystemInstallationService/src/com/android/dynsystem/DynamicSystemInstallationService.java
+++ b/packages/DynamicSystemInstallationService/src/com/android/dynsystem/DynamicSystemInstallationService.java
@@ -423,7 +423,10 @@
Log.e(TAG, "It's already running in normal system.");
return;
}
-
+ if (mDynSystem.getActiveDsuSlot().endsWith(".lock")) {
+ Log.e(TAG, "Ignore the reboot intent for a locked DSU slot");
+ return;
+ }
if (!mDynSystem.setEnable(/* enable = */ false, /* oneShot = */ false)) {
Log.e(TAG, "Failed to disable DynamicSystem.");
diff --git a/services/core/java/com/android/server/DynamicSystemService.java b/services/core/java/com/android/server/DynamicSystemService.java
index b0c1d05..cbacee6 100644
--- a/services/core/java/com/android/server/DynamicSystemService.java
+++ b/services/core/java/com/android/server/DynamicSystemService.java
@@ -226,9 +226,7 @@
IGsiService gsiService = getGsiService();
if (enable) {
try {
- if (mDsuSlot == null) {
- mDsuSlot = gsiService.getActiveDsuSlot();
- }
+ getActiveDsuSlot();
GsiServiceCallback callback = new GsiServiceCallback();
synchronized (callback) {
gsiService.enableGsiAsync(oneShot, mDsuSlot, callback);
@@ -287,4 +285,15 @@
return getGsiService().suggestScratchSize();
}
+
+ @Override
+ @EnforcePermission(android.Manifest.permission.MANAGE_DYNAMIC_SYSTEM)
+ public String getActiveDsuSlot() throws RemoteException {
+ super.getActiveDsuSlot_enforcePermission();
+
+ if (mDsuSlot == null) {
+ mDsuSlot = getGsiService().getActiveDsuSlot();
+ }
+ return mDsuSlot;
+ }
}