summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/jni/com_android_internal_os_Zygote.cpp41
-rw-r--r--services/core/java/com/android/server/display/BrightnessTracker.java32
-rw-r--r--services/tests/servicestests/src/com/android/server/display/BrightnessTrackerTest.java6
3 files changed, 61 insertions, 18 deletions
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index f4f9f9437eb0..1122c20dda22 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -1153,8 +1153,8 @@ static void relabelDir(const char* path, const char* context, fail_fn_t fail_fn)
}
}
-// Relabel all directories under a path non-recursively.
-static void relabelAllDirs(const char* path, const char* context, fail_fn_t fail_fn) {
+// Relabel the subdirectories and symlinks in the given directory, non-recursively.
+static void relabelSubdirs(const char* path, const char* context, fail_fn_t fail_fn) {
DIR* dir = opendir(path);
if (dir == nullptr) {
fail_fn(CREATE_ERROR("Failed to opendir %s", path));
@@ -1231,11 +1231,19 @@ static void isolateAppData(JNIEnv* env, const std::vector<std::string>& merged_d
snprintf(internalDePath, PATH_MAX, "/data/user_de");
snprintf(externalPrivateMountPath, PATH_MAX, "/mnt/expand");
- char* dataDataContext = nullptr;
- if (getfilecon(internalDePath, &dataDataContext) < 0) {
- fail_fn(CREATE_ERROR("Unable to getfilecon on %s %s", internalDePath,
+ // Get the "u:object_r:system_userdir_file:s0" security context. This can be
+ // gotten from several different places; we use /data/user.
+ char* dataUserdirContext = nullptr;
+ if (getfilecon(internalCePath, &dataUserdirContext) < 0) {
+ fail_fn(CREATE_ERROR("Unable to getfilecon on %s %s", internalCePath,
strerror(errno)));
}
+ // Get the "u:object_r:system_data_file:s0" security context. This can be
+ // gotten from several different places; we use /data/misc.
+ char* dataFileContext = nullptr;
+ if (getfilecon("/data/misc", &dataFileContext) < 0) {
+ fail_fn(CREATE_ERROR("Unable to getfilecon on /data/misc %s", strerror(errno)));
+ }
MountAppDataTmpFs(internalLegacyCePath, fail_fn);
MountAppDataTmpFs(internalCePath, fail_fn);
@@ -1330,19 +1338,19 @@ static void isolateAppData(JNIEnv* env, const std::vector<std::string>& merged_d
// the file operations on tmpfs. If we set the label when we mount
// tmpfs, SELinux will not happy as we are changing system_data_files.
// Relabel dir under /data/user, including /data/user/0
- relabelAllDirs(internalCePath, dataDataContext, fail_fn);
+ relabelSubdirs(internalCePath, dataFileContext, fail_fn);
// Relabel /data/user
- relabelDir(internalCePath, dataDataContext, fail_fn);
+ relabelDir(internalCePath, dataUserdirContext, fail_fn);
// Relabel /data/data
- relabelDir(internalLegacyCePath, dataDataContext, fail_fn);
+ relabelDir(internalLegacyCePath, dataFileContext, fail_fn);
- // Relabel dir under /data/user_de
- relabelAllDirs(internalDePath, dataDataContext, fail_fn);
+ // Relabel subdirectories of /data/user_de
+ relabelSubdirs(internalDePath, dataFileContext, fail_fn);
// Relabel /data/user_de
- relabelDir(internalDePath, dataDataContext, fail_fn);
+ relabelDir(internalDePath, dataUserdirContext, fail_fn);
// Relabel CE and DE dirs under /mnt/expand
dir = opendir(externalPrivateMountPath);
@@ -1355,14 +1363,15 @@ static void isolateAppData(JNIEnv* env, const std::vector<std::string>& merged_d
auto cePath = StringPrintf("%s/user", volPath.c_str());
auto dePath = StringPrintf("%s/user_de", volPath.c_str());
- relabelAllDirs(cePath.c_str(), dataDataContext, fail_fn);
- relabelDir(cePath.c_str(), dataDataContext, fail_fn);
- relabelAllDirs(dePath.c_str(), dataDataContext, fail_fn);
- relabelDir(dePath.c_str(), dataDataContext, fail_fn);
+ relabelSubdirs(cePath.c_str(), dataFileContext, fail_fn);
+ relabelDir(cePath.c_str(), dataUserdirContext, fail_fn);
+ relabelSubdirs(dePath.c_str(), dataFileContext, fail_fn);
+ relabelDir(dePath.c_str(), dataUserdirContext, fail_fn);
}
closedir(dir);
- freecon(dataDataContext);
+ freecon(dataUserdirContext);
+ freecon(dataFileContext);
}
static void insertPackagesToMergedList(JNIEnv* env,
diff --git a/services/core/java/com/android/server/display/BrightnessTracker.java b/services/core/java/com/android/server/display/BrightnessTracker.java
index 17215e5ae4ad..6de08aed9687 100644
--- a/services/core/java/com/android/server/display/BrightnessTracker.java
+++ b/services/core/java/com/android/server/display/BrightnessTracker.java
@@ -530,12 +530,36 @@ public class BrightnessTracker {
}
}
+ // Return the path to the given file, either the new path
+ // /data/system/$filename, or the old path /data/system_de/$filename if the
+ // file exists there but not at the new path. Only use this for EVENTS_FILE
+ // and AMBIENT_BRIGHTNESS_STATS_FILE.
+ //
+ // Explanation: this service previously incorrectly stored these two files
+ // directly in /data/system_de, instead of in /data/system where they should
+ // have been. As system_server no longer has write access to
+ // /data/system_de itself, these files were moved to /data/system. To
+ // lazily migrate the files, we simply read from the old path if it exists
+ // and the new one doesn't, and always write to the new path. Note that
+ // system_server doesn't have permission to delete the old files.
+ private AtomicFile getFileWithLegacyFallback(String filename) {
+ AtomicFile file = mInjector.getFile(filename);
+ if (file != null && !file.exists()) {
+ AtomicFile legacyFile = mInjector.getLegacyFile(filename);
+ if (legacyFile != null && legacyFile.exists()) {
+ Slog.i(TAG, "Reading " + filename + " from old location");
+ return legacyFile;
+ }
+ }
+ return file;
+ }
+
private void readEvents() {
synchronized (mEventsLock) {
// Read might prune events so mark as dirty.
mEventsDirty = true;
mEvents.clear();
- final AtomicFile readFrom = mInjector.getFile(EVENTS_FILE);
+ final AtomicFile readFrom = getFileWithLegacyFallback(EVENTS_FILE);
if (readFrom != null && readFrom.exists()) {
FileInputStream input = null;
try {
@@ -553,7 +577,7 @@ public class BrightnessTracker {
private void readAmbientBrightnessStats() {
mAmbientBrightnessStatsTracker = new AmbientBrightnessStatsTracker(mUserManager, null);
- final AtomicFile readFrom = mInjector.getFile(AMBIENT_BRIGHTNESS_STATS_FILE);
+ final AtomicFile readFrom = getFileWithLegacyFallback(AMBIENT_BRIGHTNESS_STATS_FILE);
if (readFrom != null && readFrom.exists()) {
FileInputStream input = null;
try {
@@ -1123,6 +1147,10 @@ public class BrightnessTracker {
}
public AtomicFile getFile(String filename) {
+ return new AtomicFile(new File(Environment.getDataSystemDirectory(), filename));
+ }
+
+ public AtomicFile getLegacyFile(String filename) {
return new AtomicFile(new File(Environment.getDataSystemDeDirectory(), filename));
}
diff --git a/services/tests/servicestests/src/com/android/server/display/BrightnessTrackerTest.java b/services/tests/servicestests/src/com/android/server/display/BrightnessTrackerTest.java
index 356600d84099..0a5df410bcdb 100644
--- a/services/tests/servicestests/src/com/android/server/display/BrightnessTrackerTest.java
+++ b/services/tests/servicestests/src/com/android/server/display/BrightnessTrackerTest.java
@@ -1091,6 +1091,12 @@ public class BrightnessTrackerTest {
}
@Override
+ public AtomicFile getLegacyFile(String filename) {
+ // Don't have the test write / read from anywhere.
+ return null;
+ }
+
+ @Override
public long currentTimeMillis() {
return mCurrentTimeMillis;
}
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-02 14:31:20 +0000