From adecd0ae753ae1f5dd7e4e807d5f831bf6376eb0 Mon Sep 17 00:00:00 2001 From: Martijn Coenen Date: Fri, 13 Dec 2019 16:05:03 +0100 Subject: [PATCH 1/2] Use the default sdcardfs view for the Android/ bind-mount. Now that StorageManager asks vold to create package directories again, apps only need write access in their own app-private directory. Both app-private and OBB dirs will be created by privileged daemons as needed. This means we can use the "default" sdcardfs view for the Android/ bind-mount again. This has the added benefit that it fixes shell, which wasn't in the "everybody" group, and therefore suddenly couldn't enter /sdcard/Android anymore. Bug: 146189163 Test: atest AdoptableHostTest Change-Id: I37ca3b19ea4d11ed866efa808f51be945a4dc080 --- model/EmulatedVolume.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/model/EmulatedVolume.cpp b/model/EmulatedVolume.cpp index 130e747..aef7b77 100644 --- a/model/EmulatedVolume.cpp +++ b/model/EmulatedVolume.cpp @@ -75,7 +75,7 @@ static status_t mountFuseBindMounts(int userId, const std::string& label) { // TODO(b/134706060) we don't actually want to mount the "write" view by // default, since it gives write access to all OBB dirs. std::string androidSource( - StringPrintf("/mnt/runtime/write/%s/%d/Android", label.c_str(), userId)); + StringPrintf("/mnt/runtime/default/%s/%d/Android", label.c_str(), userId)); std::string androidTarget( StringPrintf("/mnt/user/%d/%s/%d/Android", userId, label.c_str(), userId)); From 1986bfda8d84246637a286e079a0e322d438acc2 Mon Sep 17 00:00:00 2001 From: Martijn Coenen Date: Tue, 17 Dec 2019 09:41:42 +0100 Subject: [PATCH 2/2] Vold mkdirs should use lower filesystem. If vold's view of /storage is FUSE, it means that creation of directories in Android/ will go through FUSE as well. The implementation of fs_mkdirs() tries to opendir() individual parts of the entire path; so for a path "/storage/emulated/0/Android", it will try to opendir() "/storage", "/storage/emulated", etc. By default, "/storage/emulated" is created with 711 permissions; while vold itself is root, access to /storage/emulated is routed through MediaProvider (because of FUSE), and MediaProvider doesn't run as root, nor does it have the capabilities to bypass the ACL. This means that fs_mkdirs() as it is will fail, because opendir("/storage/emulated") will fail from MediaProvider. To prevent this, route these accesses directly to the lower filesystem (currently, sdcardfs), by renaming the paths. Bug: 146189163 Test: atest AdoptableHostTest Change-Id: Idbb41b9ffad9713f3b255c51bd4de16f4d090223 --- VolumeManager.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/VolumeManager.cpp b/VolumeManager.cpp index 8b9c29c..143f53c 100644 --- a/VolumeManager.cpp +++ b/VolumeManager.cpp @@ -809,8 +809,9 @@ int VolumeManager::unmountAll() { int VolumeManager::mkdirs(const std::string& path) { // Only offer to create directories for paths managed by vold if (StartsWith(path, "/storage/")) { + std::string lower_path = "/mnt/runtime/default/" + path.substr(9); // fs_mkdirs() does symlink checking and relative path enforcement - return fs_mkdirs(path.c_str(), 0700); + return fs_mkdirs(lower_path.c_str(), 0700); } else { LOG(ERROR) << "Failed to find mounted volume for " << path; return -EINVAL;