From c4405e9c17bf29a40787d2b9eb1cce01e9838de7 Mon Sep 17 00:00:00 2001 From: Mark Salyzyn Date: Thu, 20 Sep 2018 10:09:27 -0700 Subject: [PATCH] Protect /mnt/scratch from stale umount on userdebug On userdebug protect /mnt/scratch. On user builds ensure that /mnt/scratch is considered a stale mount so it can not be used. vold runs before ro.debuggable is set, so this must be a compile time decision. Minor technical debt cleanup associated with using android::base. Test: compile Bug: 109821005 Change-Id: I8efdbedfe850dd24daecf03a37aea61de47edc7d Merged-In: I8efdbedfe850dd24daecf03a37aea61de47edc7d --- Android.bp | 3 +++ VolumeManager.cpp | 22 ++++++++++++---------- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/Android.bp b/Android.bp index 1e45727..b115bc1 100644 --- a/Android.bp +++ b/Android.bp @@ -139,6 +139,9 @@ cc_library_static { "libarcobbvolume", ], }, + debuggable: { + cppflags: ["-D__ANDROID_DEBUGGABLE__"], + }, }, shared_libs: [ "android.hardware.health.storage@1.0", diff --git a/VolumeManager.cpp b/VolumeManager.cpp index cbe3187..75e28d4 100644 --- a/VolumeManager.cpp +++ b/VolumeManager.cpp @@ -64,6 +64,7 @@ #include "model/EmulatedVolume.h" #include "model/ObbVolume.h" +using android::base::StartsWith; using android::base::StringPrintf; using android::base::unique_fd; @@ -589,10 +590,12 @@ int VolumeManager::unmountAll() { mntent* mentry; while ((mentry = getmntent(fp)) != NULL) { auto test = std::string(mentry->mnt_dir); - if ((android::base::StartsWith(test, "/mnt/") && - !android::base::StartsWith(test, "/mnt/vendor") && - !android::base::StartsWith(test, "/mnt/product")) || - android::base::StartsWith(test, "/storage/")) { + if ((StartsWith(test, "/mnt/") && +#ifdef __ANDROID_DEBUGGABLE__ + !StartsWith(test, "/mnt/scratch") && +#endif + !StartsWith(test, "/mnt/vendor") && !StartsWith(test, "/mnt/product")) || + StartsWith(test, "/storage/")) { toUnmount.push_front(test); } } @@ -608,7 +611,7 @@ int VolumeManager::unmountAll() { int VolumeManager::mkdirs(const std::string& path) { // Only offer to create directories for paths managed by vold - if (android::base::StartsWith(path, "/storage/")) { + if (StartsWith(path, "/storage/")) { // fs_mkdirs() does symlink checking and relative path enforcement return fs_mkdirs(path.c_str(), 0700); } else { @@ -630,7 +633,7 @@ static android::status_t getMountPath(uid_t uid, const std::string& name, std::s return -EINVAL; } } - *path = android::base::StringPrintf("/mnt/appfuse/%d_%s", uid, name.c_str()); + *path = StringPrintf("/mnt/appfuse/%d_%s", uid, name.c_str()); return android::OK; } @@ -638,7 +641,7 @@ static android::status_t mountInNamespace(uid_t uid, int device_fd, const std::s // Remove existing mount. android::vold::ForceUnmount(path); - const auto opts = android::base::StringPrintf( + const auto opts = StringPrintf( "fd=%i," "rootmode=40000," "default_permissions," @@ -673,7 +676,7 @@ static android::status_t runCommandInNamespace(const std::string& command, uid_t } // Obtains process file descriptor. - const std::string pid_str = android::base::StringPrintf("%d", pid); + const std::string pid_str = StringPrintf("%d", pid); const unique_fd pid_fd(openat(dir.get(), pid_str.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC)); if (pid_fd.get() == -1) { PLOG(ERROR) << "Failed to open /proc/" << pid; @@ -782,8 +785,7 @@ int VolumeManager::destroyObb(const std::string& volId) { return android::OK; } -int VolumeManager::mountAppFuse(uid_t uid, pid_t pid, int mountId, - android::base::unique_fd* device_fd) { +int VolumeManager::mountAppFuse(uid_t uid, pid_t pid, int mountId, unique_fd* device_fd) { std::string name = std::to_string(mountId); // Check mount point name.