Revert "storageproxyd: Use alternate data path if in DSU state"
This reverts commit 7c5658b5fd386f5343e6fbfaebc8f20745a7d3ad.
Reason for revert: selinux test errors in some branches
Bug: 215630608
Change-Id: I2a9c9d914b6c1d1248b4f11bd69484ae6b0ba8d1
diff --git a/trusty/storage/proxy/Android.bp b/trusty/storage/proxy/Android.bp
index 94f26d8..38d8685 100644
--- a/trusty/storage/proxy/Android.bp
+++ b/trusty/storage/proxy/Android.bp
@@ -35,10 +35,7 @@
"liblog",
"libhardware_legacy",
],
- header_libs: [
- "libcutils_headers",
- "libgsi_headers",
- ],
+ header_libs: ["libcutils_headers"],
static_libs: [
"libfstab",
diff --git a/trusty/storage/proxy/checkpoint_handling.cpp b/trusty/storage/proxy/checkpoint_handling.cpp
index 3305d8d..6c2fd36 100644
--- a/trusty/storage/proxy/checkpoint_handling.cpp
+++ b/trusty/storage/proxy/checkpoint_handling.cpp
@@ -18,12 +18,9 @@
#include "log.h"
#include <fstab/fstab.h>
-#include <unistd.h>
#include <cstring>
#include <string>
-#include <libgsi/libgsi.h>
-
namespace {
bool checkpointingDoneForever = false;
@@ -78,15 +75,3 @@
return 0;
}
-
-/**
- * is_gsi_running() - Check if a GSI image is running via DSU.
- *
- * This function is equivalent to android::gsi::IsGsiRunning(), but this API is
- * not yet vendor-accessible although the underlying metadata file is.
- *
- */
-bool is_gsi_running() {
- /* TODO(b/210501710): Expose GSI image running state to vendor storageproxyd */
- return !access(android::gsi::kGsiBootedIndicatorFile, F_OK);
-}
diff --git a/trusty/storage/proxy/checkpoint_handling.h b/trusty/storage/proxy/checkpoint_handling.h
index dfe2947..f1bf27c 100644
--- a/trusty/storage/proxy/checkpoint_handling.h
+++ b/trusty/storage/proxy/checkpoint_handling.h
@@ -32,8 +32,6 @@
*/
int is_data_checkpoint_active(bool* active);
-bool is_gsi_running();
-
#ifdef __cplusplus
}
#endif
diff --git a/trusty/storage/proxy/proxy.c b/trusty/storage/proxy/proxy.c
index 2620034..c690a28 100644
--- a/trusty/storage/proxy/proxy.c
+++ b/trusty/storage/proxy/proxy.c
@@ -104,11 +104,8 @@
return -1;
}
- /*
- * No access for group and other. We need execute access for user to create
- * an accessible directory.
- */
- umask(S_IRWXG | S_IRWXO);
+ /* no-execute for user, no access for group and other */
+ umask(S_IXUSR | S_IRWXG | S_IRWXO);
return 0;
}
diff --git a/trusty/storage/proxy/storage.c b/trusty/storage/proxy/storage.c
index d74a708..2fde30f 100644
--- a/trusty/storage/proxy/storage.c
+++ b/trusty/storage/proxy/storage.c
@@ -16,7 +16,6 @@
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
-#include <libgen.h>
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
@@ -25,16 +24,13 @@
#include <sys/types.h>
#include <unistd.h>
-#include "checkpoint_handling.h"
-#include "ipc.h"
#include "log.h"
+#include "ipc.h"
#include "storage.h"
#define FD_TBL_SIZE 64
#define MAX_READ_SIZE 4096
-#define ALTERNATE_DATA_DIR "alternate/"
-
enum sync_state {
SS_UNUSED = -1,
SS_CLEAN = 0,
@@ -48,8 +44,6 @@
static enum sync_state dir_state;
static enum sync_state fd_state[FD_TBL_SIZE];
-static bool alternate_mode;
-
static struct {
struct storage_file_read_resp hdr;
uint8_t data[MAX_READ_SIZE];
@@ -222,7 +216,6 @@
const void *r, size_t req_len)
{
char *path = NULL;
- char* parent_path;
const struct storage_file_open_req *req = r;
struct storage_file_open_resp resp = {0};
@@ -241,24 +234,6 @@
goto err_response;
}
- /*
- * TODO(b/210501710): Expose GSI image running state to vendor
- * storageproxyd. We want to control data file paths in vendor_init, but we
- * don't have access to the necessary property there yet. When we have
- * access to that property we can set the root data path read-only and only
- * allow creation of files in alternate/. Checking paths here temporarily
- * until that is fixed.
- *
- * We are just checking for "/" instead of "alternate/" because we still
- * want to still allow access to "persist/" in alternate mode (for now, this
- * may change in the future).
- */
- if (alternate_mode && !strchr(req->name, '/')) {
- ALOGE("%s: Cannot open root data file \"%s\" in alternate mode\n", __func__, req->name);
- msg->result = STORAGE_ERR_ACCESS;
- goto err_response;
- }
-
int rc = asprintf(&path, "%s/%s", ssdir_name, req->name);
if (rc < 0) {
ALOGE("%s: asprintf failed\n", __func__);
@@ -271,23 +246,7 @@
if (req->flags & STORAGE_FILE_OPEN_TRUNCATE)
open_flags |= O_TRUNC;
- parent_path = dirname(path);
if (req->flags & STORAGE_FILE_OPEN_CREATE) {
- /*
- * Create the alternate parent dir if needed & allowed.
- *
- * TODO(b/210501710): Expose GSI image running state to vendor
- * storageproxyd. This directory should be created by vendor_init, once
- * it has access to the necessary bit of information.
- */
- if (strstr(req->name, ALTERNATE_DATA_DIR) == req->name) {
- rc = mkdir(parent_path, S_IRWXU);
- if (rc && errno != EEXIST) {
- ALOGE("%s: Could not create parent directory \"%s\": %s\n", __func__, parent_path,
- strerror(errno));
- }
- }
-
/* open or create */
if (req->flags & STORAGE_FILE_OPEN_CREATE_EXCLUSIVE) {
/* create exclusive */
@@ -508,9 +467,6 @@
int storage_init(const char *dirname)
{
- /* If there is an active DSU image, use the alternate fs mode. */
- alternate_mode = is_gsi_running();
-
fs_state = SS_CLEAN;
dir_state = SS_CLEAN;
for (uint i = 0; i < FD_TBL_SIZE; i++) {