am 3368f167: am 9cb6e501: Ignore change "Set SO_PASSCRED on the uevent socket." in favor of change in internal tree.
* commit '3368f167578fcd2ef024e6d8da723f349089fa7c':
Set SO_PASSCRED on the uevent socket. (needed for change I393c21da)
diff --git a/Volume.cpp b/Volume.cpp
index d67a6c4..ce41455 100644
--- a/Volume.cpp
+++ b/Volume.cpp
@@ -33,6 +33,8 @@
#include <diskconfig/diskconfig.h>
+#include <private/android_filesystem_config.h>
+
#define LOG_TAG "Vold"
#include <cutils/log.h>
@@ -280,6 +282,8 @@
dev_t deviceNodes[4];
int n, i, rc = 0;
char errmsg[255];
+ const char* externalStorage = getenv("EXTERNAL_STORAGE");
+ bool primaryStorage = externalStorage && !strcmp(getMountpoint(), externalStorage);
if (getState() == Volume::State_NoMedia) {
snprintf(errmsg, sizeof(errmsg),
@@ -336,8 +340,18 @@
* muck with it before exposing it to non priviledged users.
*/
errno = 0;
+ int gid;
+
+ if (primaryStorage) {
+ // Special case the primary SD card.
+ // For this we grant write access to the SDCARD_RW group.
+ gid = AID_SDCARD_RW;
+ } else {
+ // For secondary external storage we keep things locked up.
+ gid = AID_MEDIA_RW;
+ }
if (Fat::doMount(devicePath, "/mnt/secure/staging", false, false, false,
- 1000, 1015, 0702, true)) {
+ AID_SYSTEM, gid, 0702, true)) {
SLOGE("%s failed to mount via VFAT (%s)\n", devicePath, strerror(errno));
continue;
}
@@ -346,7 +360,8 @@
protectFromAutorunStupidity();
- if (createBindMounts()) {
+ // only create android_secure on primary storage
+ if (primaryStorage && createBindMounts()) {
SLOGE("Failed to create bindmounts (%s)", strerror(errno));
umount("/mnt/secure/staging");
setState(Volume::State_Idle);