Merge "Don't do private app-dir permissions/quota on public volumes." into rvc-dev
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index bd11be5..b6edd9e 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -947,7 +947,7 @@
!StartsWith(test, "/mnt/scratch") &&
#endif
!StartsWith(test, "/mnt/vendor") && !StartsWith(test, "/mnt/product") &&
- !StartsWith(test, "/mnt/installer")) ||
+ !StartsWith(test, "/mnt/installer") && !StartsWith(test, "/mnt/androidwritable")) ||
StartsWith(test, "/storage/")) {
toUnmount.push_front(test);
}
diff --git a/fs/Ext4.cpp b/fs/Ext4.cpp
index 8bb930d..6bc7ad2 100644
--- a/fs/Ext4.cpp
+++ b/fs/Ext4.cpp
@@ -171,8 +171,9 @@
cmd.push_back("-M");
cmd.push_back(target);
- bool needs_casefold = android::base::GetBoolProperty("ro.emulated_storage.casefold", false);
- bool needs_projid = android::base::GetBoolProperty("ro.emulated_storage.projid", false);
+ bool needs_casefold =
+ android::base::GetBoolProperty("external_storage.casefold.enabled", false);
+ bool needs_projid = android::base::GetBoolProperty("external_storage.projid.enabled", false);
if (needs_projid) {
cmd.push_back("-I");
diff --git a/fs/F2fs.cpp b/fs/F2fs.cpp
index ee39f2b..9b8d2c4 100644
--- a/fs/F2fs.cpp
+++ b/fs/F2fs.cpp
@@ -90,8 +90,9 @@
cmd.push_back("verity");
const bool needs_casefold =
- android::base::GetBoolProperty("ro.emulated_storage.casefold", false);
- const bool needs_projid = android::base::GetBoolProperty("ro.emulated_storage.projid", false);
+ android::base::GetBoolProperty("external_storage.casefold.enabled", false);
+ const bool needs_projid =
+ android::base::GetBoolProperty("external_storage.projid.enabled", false);
if (needs_projid) {
cmd.push_back("-O");
cmd.push_back("project_quota,extra_attr");
diff --git a/model/EmulatedVolume.cpp b/model/EmulatedVolume.cpp
index e411b33..e7cd36e 100644
--- a/model/EmulatedVolume.cpp
+++ b/model/EmulatedVolume.cpp
@@ -141,12 +141,49 @@
// a special bind mount, since app-private and OBB dirs share the same GID, but we
// only want to give access to the latter.
if (mUseSdcardFs) {
- std::string installerSource(
- StringPrintf("/mnt/runtime/write/%s/%d/Android/obb", label.c_str(), userId));
- std::string installerTarget(
- StringPrintf("/mnt/installer/%d/%s/%d/Android/obb", userId, label.c_str(), userId));
+ std::string obbSource(StringPrintf("/mnt/runtime/write/%s/%d/Android/obb",
+ label.c_str(), userId));
+ std::string obbInstallerTarget(StringPrintf("/mnt/installer/%d/%s/%d/Android/obb",
+ userId, label.c_str(), userId));
- status = doFuseBindMount(installerSource, installerTarget, pathsToUnmount);
+ status = doFuseBindMount(obbSource, obbInstallerTarget, pathsToUnmount);
+ if (status != OK) {
+ return status;
+ }
+ } else if (mAppDataIsolationEnabled) {
+ std::string obbSource(StringPrintf("%s/obb", androidSource.c_str()));
+ std::string obbInstallerTarget(StringPrintf("/mnt/installer/%d/%s/%d/Android/obb",
+ userId, label.c_str(), userId));
+
+ status = doFuseBindMount(obbSource, obbInstallerTarget, pathsToUnmount);
+ if (status != OK) {
+ return status;
+ }
+ }
+
+ // /mnt/androidwriteable is similar to /mnt/installer, but it's for
+ // MOUNT_EXTERNAL_ANDROID_WRITABLE apps and it can also access DATA (Android/data) dirs.
+ if (mAppDataIsolationEnabled) {
+ std::string obbSource = mUseSdcardFs ?
+ StringPrintf("/mnt/runtime/write/%s/%d/Android/obb", label.c_str(), userId)
+ : StringPrintf("%s/obb", androidSource.c_str());
+
+ std::string obbAndroidWritableTarget(
+ StringPrintf("/mnt/androidwritable/%d/%s/%d/Android/obb",
+ userId, label.c_str(), userId));
+
+ status = doFuseBindMount(obbSource, obbAndroidWritableTarget, pathsToUnmount);
+ if (status != OK) {
+ return status;
+ }
+
+ std::string dataSource = mUseSdcardFs ?
+ StringPrintf("/mnt/runtime/write/%s/%d/Android/data", label.c_str(), userId)
+ : StringPrintf("%s/data", androidSource.c_str());
+ std::string dataTarget(StringPrintf("/mnt/androidwritable/%d/%s/%d/Android/data",
+ userId, label.c_str(), userId));
+
+ status = doFuseBindMount(dataSource, dataTarget, pathsToUnmount);
if (status != OK) {
return status;
}
@@ -159,7 +196,7 @@
std::string label = getLabel();
int userId = getMountUserId();
- if (mUseSdcardFs) {
+ if (mUseSdcardFs || mAppDataIsolationEnabled) {
std::string installerTarget(
StringPrintf("/mnt/installer/%d/%s/%d/Android/obb", userId, label.c_str(), userId));
LOG(INFO) << "Unmounting " << installerTarget;
@@ -169,6 +206,25 @@
// Intentional continue to try to unmount the other bind mount
}
}
+ if (mAppDataIsolationEnabled) {
+ std::string obbTarget( StringPrintf("/mnt/androidwritable/%d/%s/%d/Android/obb",
+ userId, label.c_str(), userId));
+ LOG(INFO) << "Unmounting " << obbTarget;
+ auto status = UnmountTree(obbTarget);
+ if (status != OK) {
+ LOG(ERROR) << "Failed to unmount " << obbTarget;
+ // Intentional continue to try to unmount the other bind mount
+ }
+ std::string dataTarget(StringPrintf("/mnt/androidwritable/%d/%s/%d/Android/data",
+ userId, label.c_str(), userId));
+ LOG(INFO) << "Unmounting " << dataTarget;
+ status = UnmountTree(dataTarget);
+ if (status != OK) {
+ LOG(ERROR) << "Failed to unmount " << dataTarget;
+ // Intentional continue to try to unmount the other bind mount
+ }
+ }
+
// When app data isolation is enabled, kill all apps that obb/ is mounted, otherwise we should
// umount the whole Android/ dir.
if (mAppDataIsolationEnabled) {