Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_vold / f0121c574ede0898e36eeba0a0e0affd0f8d81a7^! / .
commitf0121c574ede0898e36eeba0a0e0affd0f8d81a7[log] [tgz]
authorJeff Sharkey <jsharkey@android.com>Mon Apr 06 14:08:45 2015 -0700
committerJeff Sharkey <jsharkey@android.com>Mon Apr 06 17:41:30 2015 -0700
tree5050f20d03fd413a6dcfd50b209af4b4f238224c
parent0fd9535474baf9224bc75ad6e9a63dfbfac3aaf7 [diff]
Updates for expanded storage.

Mount private volumes at /mnt/expand, which is where we have new
SELinux policy waiting for us.  Also ensure that foundational
directories are ready when mounting.

Create local fs_prepare_dir() wrapper that sets SELinux context
based on path, avoiding the need for a later restorecon.

Use UUID as directory name for public volumes.  Wait a few seconds
before issuing first signal when force unmounting.

Bug: 19993667
Change-Id: If22595380faaae321705b06c87d877419620da48

diff --git a/PrivateVolume.cpp b/PrivateVolume.cpp
index 42eea64..f652c6b 100644
--- a/PrivateVolume.cpp
+++ b/PrivateVolume.cpp

@@ -43,7 +43,6 @@
         VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
     setId(StringPrintf("private:%u,%u", major(device), minor(device)));
     mRawDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
-    mPath = StringPrintf("/mnt/secure/%s", getId().c_str());
 }
 
 PrivateVolume::~PrivateVolume() {
@@ -101,23 +100,34 @@
         return -EIO;
     }
 
+    mPath = StringPrintf("/mnt/expand/%s", mFsUuid.c_str());
+    setPath(mPath);
+
+    if (PrepareDir(mPath, 0700, AID_ROOT, AID_ROOT)) {
+        PLOG(ERROR) << getId() << " failed to create mount point " << mPath;
+        return -EIO;
+    }
+
     if (Ext4::check(mDmDevPath.c_str(), mPath.c_str())) {
         PLOG(ERROR) << getId() << " failed filesystem check";
         return -EIO;
     }
 
-    setPath(mPath);
-
-    if (fs_prepare_dir(mPath.c_str(), 0700, AID_ROOT, AID_ROOT)) {
-        PLOG(ERROR) << getId() << " failed to create mount point " << mPath;
-        return -errno;
-    }
-
     if (Ext4::doMount(mDmDevPath.c_str(), mPath.c_str(), false, false, true)) {
         PLOG(ERROR) << getId() << " failed to mount";
         return -EIO;
     }
 
+    // Verify that common directories are ready to roll
+    if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
+            PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
+            PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
+            PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
+            PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {
+        PLOG(ERROR) << getId() << " failed to prepare";
+        return -EIO;
+    }
+
     return OK;
 }
 

diff --git a/PublicVolume.cpp b/PublicVolume.cpp
index ffcfc67..6192e7a 100644
--- a/PublicVolume.cpp
+++ b/PublicVolume.cpp

@@ -110,7 +110,7 @@
     // Use UUID as stable name, if available
     std::string stableName = getId();
     if (!mFsUuid.empty()) {
-        stableName = "public:" + mFsUuid;
+        stableName = mFsUuid;
     }
 
     mRawPath = StringPrintf("/mnt/media_rw/%s", stableName.c_str());

diff --git a/Utils.cpp b/Utils.cpp
index 2b02f91..1937c28 100644
--- a/Utils.cpp
+++ b/Utils.cpp

@@ -85,26 +85,53 @@
     }
 }
 
+status_t PrepareDir(const std::string& path, mode_t mode, uid_t uid, gid_t gid) {
+    const char* cpath = path.c_str();
+
+    char* secontext = nullptr;
+    if (sehandle) {
+        if (!selabel_lookup(sehandle, &secontext, cpath, S_IFDIR)) {
+            setfscreatecon(secontext);
+        }
+    }
+
+    int res = fs_prepare_dir(cpath, mode, uid, gid);
+
+    if (secontext) {
+        setfscreatecon(nullptr);
+        freecon(secontext);
+    }
+
+    if (res == 0) {
+        return OK;
+    } else {
+        return -errno;
+    }
+}
+
 status_t ForceUnmount(const std::string& path) {
     const char* cpath = path.c_str();
     if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
         return OK;
     }
-    PLOG(WARNING) << "Failed to unmount " << path << "; sending SIGTERM";
+    PLOG(WARNING) << "Failed to unmount " << path;
+
+    sleep(5);
     Process::killProcessesWithOpenFiles(cpath, SIGTERM);
-    sleep(5);
 
     if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
         return OK;
     }
-    PLOG(WARNING) << "Failed to unmount " << path << "; sending SIGKILL";
+    PLOG(WARNING) << "Failed to unmount " << path;
+
+    sleep(5);
     Process::killProcessesWithOpenFiles(cpath, SIGKILL);
-    sleep(5);
 
     if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
         return OK;
     }
-    PLOG(ERROR) << "Failed to unmount " << path << "; giving up";
+    PLOG(ERROR) << "Failed to unmount " << path;
+
     return -errno;
 }
 

diff --git a/Utils.h b/Utils.h
index 9e366e6..a6e1747 100644
--- a/Utils.h
+++ b/Utils.h

@@ -43,6 +43,9 @@
 status_t CreateDeviceNode(const std::string& path, dev_t dev);
 status_t DestroyDeviceNode(const std::string& path);
 
+/* fs_prepare_dir wrapper that creates with SELinux context */
+status_t PrepareDir(const std::string& path, mode_t mode, uid_t uid, gid_t gid);
+
 /* Really unmounts the path, killing active processes along the way */
 status_t ForceUnmount(const std::string& path);