Check if fuse enabled before mounting storage data and obb dirs
Also, do not bind mount storage obb and data dirs if mount external is
in pass_through mode.
Fix: 151219235
Fix: 152395018
Fix: 152490627
Test: atest AdoptableHostTest
Change-Id: I77a86be5582ded0915b0a8a49d2b2a8c17fe58b7
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index 4b30359..924dc4b 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -1653,7 +1653,9 @@
uid, process_name, managed_nice_name, fail_fn);
isolateJitProfile(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);
}
- if ((mount_external != MOUNT_EXTERNAL_INSTALLER) && mount_storage_dirs) {
+ if (mount_external != MOUNT_EXTERNAL_INSTALLER &&
+ mount_external != MOUNT_EXTERNAL_PASS_THROUGH &&
+ mount_storage_dirs) {
BindMountStorageDirs(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);
}
diff --git a/services/core/java/com/android/server/StorageManagerService.java b/services/core/java/com/android/server/StorageManagerService.java
index 9aefc8d..b0a586d 100644
--- a/services/core/java/com/android/server/StorageManagerService.java
+++ b/services/core/java/com/android/server/StorageManagerService.java
@@ -220,6 +220,10 @@
private static final boolean ENABLE_ISOLATED_STORAGE = StorageManager.hasIsolatedStorage();
+ // A system property to control if obb app data isolation is enabled in vold.
+ private static final String ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY =
+ "persist.sys.vold_app_data_isolation_enabled";
+
/**
* If {@code 1}, enables the isolated storage feature. If {@code -1},
* disables the isolated storage feature. If {@code 0}, uses the default
@@ -596,6 +600,8 @@
private final boolean mIsFuseEnabled;
+ private final boolean mVoldAppDataIsolationEnabled;
+
@GuardedBy("mLock")
private final Set<Integer> mUidsWithLegacyExternalStorage = new ArraySet<>();
// Not guarded by lock, always used on the ActivityManager thread
@@ -1516,7 +1522,7 @@
if (vol.type == VolumeInfo.TYPE_EMULATED) {
if (newState != VolumeInfo.STATE_MOUNTED) {
mFuseMountedUser.remove(vol.getMountUserId());
- } else {
+ } else if (mVoldAppDataIsolationEnabled){
final int userId = vol.getMountUserId();
mFuseMountedUser.add(userId);
// Async remount app storage so it won't block the main thread.
@@ -1740,6 +1746,8 @@
// incorrect until #updateFusePropFromSettings where we set the correct value and reboot if
// different
mIsFuseEnabled = SystemProperties.getBoolean(PROP_FUSE, DEFAULT_FUSE_ENABLED);
+ mVoldAppDataIsolationEnabled = mIsFuseEnabled && SystemProperties.getBoolean(
+ ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY, false);
mContext = context;
mResolver = mContext.getContentResolver();
mCallbacks = new Callbacks(FgThread.get().getLooper());
diff --git a/services/core/java/com/android/server/am/ProcessList.java b/services/core/java/com/android/server/am/ProcessList.java
index 786e9cf..89fa02b 100644
--- a/services/core/java/com/android/server/am/ProcessList.java
+++ b/services/core/java/com/android/server/am/ProcessList.java
@@ -154,6 +154,9 @@
static final String ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY =
"persist.sys.vold_app_data_isolation_enabled";
+ // A system property to control if fuse is enabled.
+ static final String ANDROID_FUSE_ENABLED = "persist.sys.fuse";
+
// The minimum time we allow between crashes, for us to consider this
// application to be bad and stop and its services and reject broadcasts.
static final int MIN_CRASH_INTERVAL = 60 * 1000;
@@ -707,8 +710,13 @@
// want some apps enabled while some apps disabled
mAppDataIsolationEnabled =
SystemProperties.getBoolean(ANDROID_APP_DATA_ISOLATION_ENABLED_PROPERTY, true);
- mVoldAppDataIsolationEnabled = SystemProperties.getBoolean(
+ boolean fuseEnabled = SystemProperties.getBoolean(ANDROID_FUSE_ENABLED, false);
+ boolean voldAppDataIsolationEnabled = SystemProperties.getBoolean(
ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY, false);
+ if (!fuseEnabled && voldAppDataIsolationEnabled) {
+ Slog.e(TAG, "Fuse is not enabled while vold app data isolation is enabled");
+ }
+ mVoldAppDataIsolationEnabled = fuseEnabled && voldAppDataIsolationEnabled;
mAppDataIsolationWhitelistedApps = new ArrayList<>(
SystemConfig.getInstance().getAppDataIsolationWhitelistedApps());