Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f9209e98 authored by Daniel Rosenberg's avatar Daniel Rosenberg
Browse files

ANDROID: sdcardfs: Avoid setting GIDs outside of valid ranges 



When setting up the ownership of files on the lower filesystem,
ensure that these values are in reasonable ranges for apps. If
they aren't, default to AID_MEDIA_RW

Signed-off-by: default avatarDaniel Rosenberg <drosen@google.com>
Bug: 37516160
Change-Id: I0bec76a61ac72aff0b993ab1ad04be8382178a00
parent 4131f8cc

fs/sdcardfs/derived_perm.c

+4 −4
Original line number Diff line number Diff line
@@ -215,16 +215,16 @@ void fixup_lower_ownership(struct dentry *dentry, const char *name) 
		gid = AID_MEDIA_OBB;

		break;

	case PERM_ANDROID_PACKAGE:

		if (info->d_uid != 0)

		if (uid_is_app(info->d_uid))

			gid = multiuser_get_ext_gid(info->d_uid);

		else

			gid = multiuser_get_uid(info->userid, uid);

			gid = multiuser_get_uid(info->userid, AID_MEDIA_RW);

		break;

	case PERM_ANDROID_PACKAGE_CACHE:

		if (info->d_uid != 0)

		if (uid_is_app(info->d_uid))

			gid = multiuser_get_ext_cache_gid(info->d_uid);

		else

			gid = multiuser_get_uid(info->userid, uid);

			gid = multiuser_get_uid(info->userid, AID_MEDIA_RW);

		break;

	case PERM_PRE_ROOT:

	default:

fs/sdcardfs/multiuser.h

+7 −0
Original line number Diff line number Diff line
@@ -35,6 +35,13 @@ static inline uid_t multiuser_get_uid(userid_t user_id, appid_t app_id) 
	return (user_id * AID_USER_OFFSET) + (app_id % AID_USER_OFFSET);

}



static inline bool uid_is_app(uid_t uid)

{

	appid_t appid = uid % AID_USER_OFFSET;



	return appid >= AID_APP_START && appid <= AID_APP_END;

}



static inline gid_t multiuser_get_ext_cache_gid(uid_t uid)

{

	return uid - AID_APP_START + AID_EXT_CACHE_GID_START;