Add VPN and Keystore services and data directories.

-- changed the default mode to 0770 for keystore with the new user 'keystore'.
-- add the keystore service providing the basic key lookup/install/remove, but
  only keystore user can access the key content.

include/private/android_filesystem_config.h

@@ -50,6 +50,7 @@
 #define AID_DHCP          1014  /* dhcp client */
 #define AID_SDCARD_RW     1015  /* external storage write access */
 #define AID_VPN           1016  /* vpn system */
+#define AID_KEYSTORE      1017  /* keystore subsystem */
 
 #define AID_SHELL         2000  /* adb and debug shell user */
 #define AID_CACHE         2001  /* cache access */
@@ -97,6 +98,7 @@ static struct android_id_info android_ids[] = {
     { "net_bt",    AID_NET_BT, },
     { "sdcard_rw", AID_SDCARD_RW, },
     { "vpn",       AID_VPN, },
+    { "keystore",  AID_KEYSTORE, },
     { "inet",      AID_INET, },
     { "net_raw",   AID_NET_RAW, },
     { "misc",      AID_MISC, },

rootdir/init.rc

@@ -74,6 +74,9 @@ loglevel 3
 # create basic filesystem structure
     mkdir /data/misc 01771 system misc
     mkdir /data/misc/hcid 0770 bluetooth bluetooth
+    mkdir /data/misc/keystore 0770 keystore keystore
+    mkdir /data/misc/vpn 0770 system system
+    mkdir /data/misc/vpn/profiles 0770 system system
     mkdir /data/local 0771 shell shell
     mkdir /data/local/tmp 0771 shell shell
     mkdir /data/data 0771 system system
@@ -284,3 +287,19 @@ service installd /system/bin/installd
 
 service flash_recovery /system/bin/flash_image recovery /system/recovery.img
     oneshot
+
+service racoon /system/bin/racoon -F -f /etc/racoon/racoon.conf
+    socket racoon stream 600 system system
+    disabled
+    oneshot
+
+service mtpd /system/bin/mtpd
+    socket mtpd stream 600 system system
+    disabled
+    oneshot
+
+service keystore /system/bin/keystore
+    user keystore
+    group keystore
+    socket keystore stream 666
+