diff options
| author | 2020-12-22 14:23:26 +0000 | |
|---|---|---|
| committer | 2020-12-22 14:23:26 +0000 | |
| commit | 5200c2c86bffb84ee6359ffcdee815577ddcea18 (patch) | |
| tree | 4a8b8f938b65d14e808fe8a921aa3a2f9fb761a4 | |
| parent | 6080e03adf39797252ac60a83d0228d992db93c2 (diff) | |
| parent | b5fc9412d005d381626399aa96ced7dc5c641dfe (diff) | |
Merge "Disable CE access checking for canAccessDataDir."
| -rw-r--r-- | core/java/android/app/LoadedApk.java | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/core/java/android/app/LoadedApk.java b/core/java/android/app/LoadedApk.java index 99785e1e73f4..50853a3bcf9c 100644 --- a/core/java/android/app/LoadedApk.java +++ b/core/java/android/app/LoadedApk.java @@ -729,6 +729,23 @@ public final class LoadedApk { } } + private StrictMode.VmPolicy allowVmViolations() { + if (mActivityThread == null) { + // When LoadedApk is used without an ActivityThread (usually in a + // zygote context), don't call into StrictMode, as it initializes + // the binder subsystem, which we don't want. + return null; + } + + return StrictMode.allowVmViolations(); + } + + private void setVmPolicy(StrictMode.VmPolicy policy) { + if (mActivityThread != null && policy != null) { + StrictMode.setVmPolicy(policy); + } + } + private void createOrUpdateClassLoaderLocked(List<String> addedPaths) { if (mPackageName.equals("android")) { // Note: This branch is taken for system server and we don't need to setup @@ -984,13 +1001,20 @@ public final class LoadedApk { // Temporarily disable logging of disk reads on the Looper thread as this is necessary - // and the loader will access the directory anyway if we don't check it. - StrictMode.ThreadPolicy oldPolicy = allowThreadDiskReads(); + StrictMode.ThreadPolicy oldThreadPolicy = allowThreadDiskReads(); + + // Also disable logging of access to /data/user before CE storage is unlocked. The check + // below will return false (because the directory name we pass will not match the + // encrypted one), but that's correct. + StrictMode.VmPolicy oldVmPolicy = allowVmViolations(); + try { // We are constructing a classloader for a different package. It is likely, // but not certain, that we can't acccess its app data dir - so check. return new File(mDataDir).canExecute(); } finally { - setThreadPolicy(oldPolicy); + setThreadPolicy(oldThreadPolicy); + setVmPolicy(oldVmPolicy); } } |