Update vold to prepare package sandboxes for primary volume.
Vold is updated to create package specific sandboxes for primary
volume and mount them at
"/mnt/user/<user-id>/package/<package-name>/<primary-label>".
This will later be mounted at /storage when a new process starts.
Bug: 111890351
Test: Manually verified that a package has access to "/sdcard" and
"/storage/emulated/0", both of which are just the package specific
sandboxes and the package doesn't have access to other sandboxes
and can't see other package names.
Change-Id: I72dc8ae9eb2260a298159c5de18387dad2f9de48
diff --git a/model/EmulatedVolume.cpp b/model/EmulatedVolume.cpp
index 6e1ffce..25ea602 100644
--- a/model/EmulatedVolume.cpp
+++ b/model/EmulatedVolume.cpp
@@ -17,8 +17,8 @@
#include "EmulatedVolume.h"
#include "Utils.h"
-#include <android-base/stringprintf.h>
#include <android-base/logging.h>
+#include <android-base/stringprintf.h>
#include <cutils/fs.h>
#include <private/android_filesystem_config.h>
#include <utils/Timers.h>
@@ -69,6 +69,7 @@
setInternalPath(mRawPath);
setPath(StringPrintf("/storage/%s", label.c_str()));
+ setLabel(label);
if (fs_prepare_dir(mFuseDefault.c_str(), 0700, AID_ROOT, AID_ROOT) ||
fs_prepare_dir(mFuseRead.c_str(), 0700, AID_ROOT, AID_ROOT) ||
diff --git a/model/PublicVolume.cpp b/model/PublicVolume.cpp
index 9f2ed85..4076e73 100644
--- a/model/PublicVolume.cpp
+++ b/model/PublicVolume.cpp
@@ -129,6 +129,7 @@
} else {
setPath(mRawPath);
}
+ setLabel(stableName);
if (fs_prepare_dir(mRawPath.c_str(), 0700, AID_ROOT, AID_ROOT)) {
PLOG(ERROR) << getId() << " failed to create mount points";
diff --git a/model/VolumeBase.cpp b/model/VolumeBase.cpp
index 429f134..cf3d54e 100644
--- a/model/VolumeBase.cpp
+++ b/model/VolumeBase.cpp
@@ -136,6 +136,16 @@
return OK;
}
+status_t VolumeBase::setLabel(const std::string& label) {
+ if (mState != State::kChecking) {
+ LOG(WARNING) << getId() << " label change requires state checking";
+ return -EBUSY;
+ }
+
+ mLabel = label;
+ return OK;
+}
+
android::sp<android::os::IVoldListener> VolumeBase::getListener() {
if (mSilent) {
return nullptr;
diff --git a/model/VolumeBase.h b/model/VolumeBase.h
index 4aa8b02..2052c15 100644
--- a/model/VolumeBase.h
+++ b/model/VolumeBase.h
@@ -84,6 +84,7 @@
State getState() { return mState; }
const std::string& getPath() { return mPath; }
const std::string& getInternalPath() { return mInternalPath; }
+ const std::string& getLabel() { return mLabel; }
status_t setDiskId(const std::string& diskId);
status_t setPartGuid(const std::string& partGuid);
@@ -114,6 +115,7 @@
status_t setId(const std::string& id);
status_t setPath(const std::string& path);
status_t setInternalPath(const std::string& internalPath);
+ status_t setLabel(const std::string& label);
android::sp<android::os::IVoldListener> getListener();
@@ -140,6 +142,12 @@
std::string mInternalPath;
/* Flag indicating that volume should emit no events */
bool mSilent;
+ /**
+ * Label used for representing the package sandboxes on external storage volumes.
+ * For emulated volume, this would be "emulated" and for public volumes, UUID if available,
+ * otherwise some other unique id.
+ */
+ std::string mLabel;
/* Volumes stacked on top of this volume */
std::list<std::shared_ptr<VolumeBase>> mVolumes;