diff options
| author | 2017-01-19 08:48:47 +0900 | |
|---|---|---|
| committer | 2017-01-20 12:40:15 +0900 | |
| commit | 2f73d551490afe95a86a088d64c39e0bdf783b54 (patch) | |
| tree | c816a17e5cf1f5e9ba2172e40ed3e9d3b0281c2b | |
| parent | cfb19e3ac85f30c904ce340bccfe252a2fc0282d (diff) | |
Infinite reboot when OS upgrade from M to N with set Always-on VPN
Symptom : Infinite reboot
Reproduce step :
1. Set the Always-on VPN in M OS
2. OS upgrade from M to N
Reproduce frequency : 100%
Reason of issue :
https://android.googlesource.com/platform/frameworks/base/+/9a5f485
As you know, in M OS, Always-on VPN information is stored in keystore with encryted.
However, in N OS, there is no encryption when it put in keystore.
So, You deleted keystore check(locked/unlock) logic on ConnectivityService.
By this reason, when device upgrade to N OS(set Always-on VPN), it goes infinite boot.
(Cannot read old always-on vpn information untill device unlock.)
Solution :
I founded exception handling when this case as follows:
If getting Credentials.LOCKDOWN_VPN information has null value(catch the exception),
updateLockdownVpn returns false value.
Signed-off-by: SangJin Cha <sj.cha@lge.com>
Change-Id: I6fd980152440bb5248aab45e2f8fda448d3f6c7b
| -rw-r--r-- | services/core/java/com/android/server/ConnectivityService.java | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index b3627adcf67b..c14c69e9dbf4 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -3669,7 +3669,12 @@ public class ConnectivityService extends IConnectivityManager.Stub // Tear down existing lockdown if profile was removed mLockdownEnabled = LockdownVpnTracker.isEnabled(); if (mLockdownEnabled) { - final String profileName = new String(mKeyStore.get(Credentials.LOCKDOWN_VPN)); + byte[] profileTag = mKeyStore.get(Credentials.LOCKDOWN_VPN); + if (profileTag == null) { + Slog.e(TAG, "Lockdown VPN configured but cannot be read from keystore"); + return false; + } + String profileName = new String(profileTag); final VpnProfile profile = VpnProfile.decode( profileName, mKeyStore.get(Credentials.VPN + profileName)); if (profile == null) { |