diff --git a/core/java/android/app/ActivityThread.java b/core/java/android/app/ActivityThread.java index 6424520df3ec4..04883a9612866 100644 --- a/core/java/android/app/ActivityThread.java +++ b/core/java/android/app/ActivityThread.java @@ -5021,6 +5021,9 @@ public final class ActivityThread { final ContextImpl appContext = ContextImpl.createAppContext(this, data.info); if (!Process.isIsolated() && !"android".equals(appContext.getPackageName())) { + // This cache location probably points at credential-encrypted + // storage which may not be accessible yet; assign it anyway instead + // of pointing at device-encrypted storage. final File cacheDir = appContext.getCacheDir(); if (cacheDir != null) { // Provide a usable directory for temporary files @@ -5030,8 +5033,12 @@ public final class ActivityThread { + "due to missing cache directory"); } - // Use codeCacheDir to store generated/compiled graphics code and jit profiling data. - final File codeCacheDir = appContext.getCodeCacheDir(); + // Setup a location to store generated/compiled graphics code and + // JIT profiling data. Note that this data is stored in a + // device-encrypted storage area, so these caches must never contain + // user sensitive user data. + final Context deviceContext = appContext.createDeviceEncryptedStorageContext(); + final File codeCacheDir = deviceContext.getCodeCacheDir(); if (codeCacheDir != null) { setupGraphicsSupport(data.info, codeCacheDir); setupJitProfileSupport(data.info, codeCacheDir); diff --git a/core/java/android/app/ContextImpl.java b/core/java/android/app/ContextImpl.java index 89d4931b9fcb2..eec503b233e88 100644 --- a/core/java/android/app/ContextImpl.java +++ b/core/java/android/app/ContextImpl.java @@ -58,6 +58,9 @@ import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserHandle; import android.os.storage.IMountService; +import android.system.ErrnoException; +import android.system.Os; +import android.system.OsConstants; import android.util.AndroidRuntimeException; import android.util.ArrayMap; import android.util.Log; @@ -482,21 +485,20 @@ class ContextImpl extends Context { return f.delete(); } - // Common-path handling of app data dir creation + /** + * Common-path handling of app data dir creation + */ private static File ensurePrivateDirExists(File file) { if (!file.exists()) { - if (!file.mkdirs()) { - if (file.exists()) { - // spurious failure; probably racing with another process for this app - return file; + try { + Os.mkdir(file.getAbsolutePath(), 0771); + } catch (ErrnoException e) { + if (e.errno == OsConstants.EEXIST) { + // We must have raced with someone; that's okay + } else { + Log.w(TAG, "Failed to ensure " + file + ": " + e.getMessage()); } - Log.w(TAG, "Failed to ensure directory " + file.getAbsolutePath()); - return null; } - FileUtils.setPermissions( - file.getPath(), - FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH, - -1, -1); } return file; } diff --git a/services/core/java/com/android/server/pm/Settings.java b/services/core/java/com/android/server/pm/Settings.java index fcb777b8e7fac..8fa5d2410d275 100644 --- a/services/core/java/com/android/server/pm/Settings.java +++ b/services/core/java/com/android/server/pm/Settings.java @@ -2359,7 +2359,7 @@ final class Settings { } final ApplicationInfo ai = pkg.pkg.applicationInfo; - final String dataPath = new File(ai.dataDir).getCanonicalPath(); + final String dataPath = ai.dataDir; final boolean isDebug = (ai.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0; final int[] gids = pkg.getPermissionsState().computeGids(userIds);