Allow execute on mounted ASEC and OBB containers

This allows us to place shared libraries in these containers which may only be loaded if they are executable. Change-Id: I78fa9ab6d5c58ec8b98c40004da72aebc0aade2a
14 years ago · a3e0608456
parent e17e91f63b
commit a3e0608456
4 changed files with 13 additions and 10 deletions
--- a/Fat.cpp
+++ b/Fat.cpp
@ -93,14 +93,15 @@ int Fat::check(const char *fsPath) {
 }

 int Fat::doMount(const char *fsPath, const char *mountPoint,
-                 bool ro, bool remount, int ownerUid, int ownerGid,
-                 int permMask, bool createLost) {
+                 bool ro, bool remount, bool executable,
+                 int ownerUid, int ownerGid, int permMask, bool createLost) {
    int rc;
    unsigned long flags;
    char mountData[255];

-    flags = MS_NODEV | MS_NOEXEC | MS_NOSUID | MS_DIRSYNC;
+    flags = MS_NODEV | MS_NOSUID | MS_DIRSYNC;

+    flags |= (executable ? 0 : MS_NOEXEC);
    flags |= (ro ? MS_RDONLY : 0);
    flags |= (remount ? MS_REMOUNT : 0);

--- a/Fat.h
+++ b/Fat.h
@ -22,8 +22,9 @@
 class Fat {
 public:
    static int check(const char *fsPath);
-    static int doMount(const char *fsPath, const char *mountPoint, bool ro,
-                       bool remount, int ownerUid, int ownerGid, int permMask,
+    static int doMount(const char *fsPath, const char *mountPoint,
+                       bool ro, bool remount, bool executable,
+                       int ownerUid, int ownerGid, int permMask,
                       bool createLost);
    static int format(const char *fsPath, unsigned int numSectors);
 };
--- a/Volume.cpp
+++ b/Volume.cpp
@ -323,7 +323,8 @@ int Volume::mountVol() {
         * muck with it before exposing it to non priviledged users.
         */
        errno = 0;
-        if (Fat::doMount(devicePath, "/mnt/secure/staging", false, false, 1000, 1015, 0702, true)) {
+        if (Fat::doMount(devicePath, "/mnt/secure/staging", false, false, false,
+                1000, 1015, 0702, true)) {
            SLOGE("%s failed to mount via VFAT (%s)\n", devicePath, strerror(errno));
            continue;
        }
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@ -431,7 +431,7 @@ int VolumeManager::createAsec(const char *id, unsigned int numSectors,
            }
        }

-        if (Fat::doMount(dmDevice, mountPoint, false, false, ownerUid,
+        if (Fat::doMount(dmDevice, mountPoint, false, false, false, ownerUid,
                         0, 0000, false)) {
            SLOGE("ASEC FAT mount failed (%s)", strerror(errno));
            if (cleanupDm) {
@ -469,7 +469,7 @@ int VolumeManager::finalizeAsec(const char *id) {

    snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
    // XXX:
-    if (Fat::doMount(loopDevice, mountPoint, true, true, 0, 0, 0227, false)) {
+    if (Fat::doMount(loopDevice, mountPoint, true, true, true, 0, 0, 0227, false)) {
        SLOGE("ASEC finalize mount failed (%s)", strerror(errno));
        return -1;
    }
@ -779,7 +779,7 @@ int VolumeManager::mountAsec(const char *id, const char *key, int ownerUid) {
        }
    }

-    if (Fat::doMount(dmDevice, mountPoint, true, false, ownerUid, 0,
+    if (Fat::doMount(dmDevice, mountPoint, true, false, true, ownerUid, 0,
                     0222, false)) {
 //                     0227, false)) {
        SLOGE("ASEC mount failed (%s)", strerror(errno));
@ -884,7 +884,7 @@ int VolumeManager::mountObb(const char *img, const char *key, int ownerUid) {
        }
    }

-    if (Fat::doMount(dmDevice, mountPoint, true, false, ownerUid, 0,
+    if (Fat::doMount(dmDevice, mountPoint, true, false, true, ownerUid, 0,
                     0227, false)) {
        SLOGE("Image mount failed (%s)", strerror(errno));
        if (cleanupDm) {