Remove sandbox specific bind mounts from root namespace. (03fd40b3) · Commits · e / os / android_frameworks_base

core/java/android/os/Process.java

+4 −2

Original line number	Diff line number	Diff line
		@@ -526,11 +526,12 @@ public class Process {
		@Nullable String packageName,
		@Nullable String[] packagesForUid,
		@Nullable String[] visibleVols,
		@Nullable String sandboxId,
		@Nullable String[] zygoteArgs) {
		return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids,
		runtimeFlags, mountExternal, targetSdkVersion, seInfo,
		abi, instructionSet, appDataDir, invokeWith, packageName,
		packagesForUid, visibleVols, /useBlastulaPool=/ true, zygoteArgs);
		packagesForUid, visibleVols, sandboxId, /useBlastulaPool=/ true, zygoteArgs);
		}

		/** @hide */
		@@ -547,11 +548,12 @@ public class Process {
		@Nullable String packageName,
		@Nullable String[] packagesForUid,
		@Nullable String[] visibleVols,
		@Nullable String sandboxId,
		@Nullable String[] zygoteArgs) {
		return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids,
		runtimeFlags, mountExternal, targetSdkVersion, seInfo,
		abi, instructionSet, appDataDir, invokeWith, packageName,
		packagesForUid, visibleVols, /useBlastulaPool=/ false, zygoteArgs);
		packagesForUid, visibleVols, sandboxId, /useBlastulaPool=/ false, zygoteArgs);
		}

		/**

core/java/android/os/ZygoteProcess.java

+9 −2

Original line number	Diff line number	Diff line
		@@ -324,13 +324,15 @@ public class ZygoteProcess {
		@Nullable String packageName,
		@Nullable String[] packagesForUid,
		@Nullable String[] visibleVols,
		@Nullable String sandboxId,
		boolean useBlastulaPool,
		@Nullable String[] zygoteArgs) {
		try {
		return startViaZygote(processClass, niceName, uid, gid, gids,
		runtimeFlags, mountExternal, targetSdkVersion, seInfo,
		abi, instructionSet, appDataDir, invokeWith, /startChildZygote=/false,
		packageName, packagesForUid, visibleVols, useBlastulaPool, zygoteArgs);
		packageName, packagesForUid, visibleVols, sandboxId,
		useBlastulaPool, zygoteArgs);
		} catch (ZygoteStartFailedEx ex) {
		Log.e(LOG_TAG,
		"Starting VM process through Zygote failed");
		@@ -541,6 +543,7 @@ public class ZygoteProcess {
		@Nullable String packageName,
		@Nullable String[] packagesForUid,
		@Nullable String[] visibleVols,
		@Nullable String sandboxId,
		boolean useBlastulaPool,
		@Nullable String[] extraArgs)
		throws ZygoteStartFailedEx {
		@@ -639,6 +642,10 @@ public class ZygoteProcess {
		argsForZygote.add(sb.toString());
		}

		if (sandboxId != null) {
		argsForZygote.add("--sandbox-id=" + sandboxId);
		}

		argsForZygote.add(processClass);

		if (extraArgs != null) {
		@@ -1014,7 +1021,7 @@ public class ZygoteProcess {
		gids, runtimeFlags, 0 /* mountExternal /, 0 / targetSdkVersion */, seInfo,
		abi, instructionSet, null /* appDataDir /, null / invokeWith */,
		true /* startChildZygote /, null / packageName */,
		null /* packagesForUid /, null / visibleVolumes */,
		null /* packagesForUid /, null / visibleVolumes /, null / sandboxId */,
		false /* useBlastulaPool */, extraArgs);
		} catch (ZygoteStartFailedEx ex) {
		throw new RuntimeException("Starting child-zygote through Zygote failed", ex);

core/java/android/os/storage/StorageManagerInternal.java

+5 −0

Original line number	Diff line number	Diff line
		@@ -132,4 +132,9 @@ public abstract class StorageManagerInternal {
		* @param listener The listener that will be notified on reset events.
		*/
		public abstract void addResetListener(ResetListener listener);

		/**
		* Return the sandboxId for the given package on external storage.
		*/
		public abstract String getSandboxId(String packageName);
		}

core/java/com/android/internal/os/Zygote.java

+8 −7

Original line number	Diff line number	Diff line
		@@ -254,14 +254,14 @@ public final class Zygote {
		public static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags,
		int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose,
		int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir,
		String packageName, String[] packagesForUID, String[] visibleVolIDs) {
		String packageName, String[] packagesForUID, String[] visibleVolIDs, String sandboxId) {
		ZygoteHooks.preFork();
		// Resets nice priority for zygote process.
		resetNicePriority();
		int pid = nativeForkAndSpecialize(
		uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose,
		fdsToIgnore, startChildZygote, instructionSet, appDataDir, packageName,
		packagesForUID, visibleVolIDs);
		packagesForUID, visibleVolIDs, sandboxId);
		// Enable tracing as soon as possible for the child process.
		if (pid == 0) {
		Trace.setTracingEnabled(true, runtimeFlags);
		@@ -276,7 +276,8 @@ public final class Zygote {
		private static native int nativeForkAndSpecialize(int uid, int gid, int[] gids,
		int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,
		int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet,
		String appDataDir, String packageName, String[] packagesForUID, String[] visibleVolIDs);
		String appDataDir, String packageName, String[] packagesForUID, String[] visibleVolIDs,
		String sandboxId);

		/**
		* Specialize a Blastula instance. The current VM must have been started
		@@ -302,11 +303,11 @@ public final class Zygote {
		public static void specializeBlastula(int uid, int gid, int[] gids, int runtimeFlags,
		int[][] rlimits, int mountExternal, String seInfo, String niceName,
		boolean startChildZygote, String instructionSet, String appDataDir, String packageName,
		String[] packagesForUID, String[] visibleVolIDs) {
		String[] packagesForUID, String[] visibleVolIDs, String sandboxId) {

		nativeSpecializeBlastula(uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo,
		niceName, startChildZygote, instructionSet, appDataDir,
		packageName, packagesForUID, visibleVolIDs);
		packageName, packagesForUID, visibleVolIDs, sandboxId);

		// Enable tracing as soon as possible for the child process.
		Trace.setTracingEnabled(true, runtimeFlags);
		@@ -326,7 +327,7 @@ public final class Zygote {
		private static native void nativeSpecializeBlastula(int uid, int gid, int[] gids,
		int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,
		boolean startChildZygote, String instructionSet, String appDataDir, String packageName,
		String[] packagesForUID, String[] visibleVolIDs);
		String[] packagesForUID, String[] visibleVolIDs, String sandboxId);

		/**
		* Called to do any initialization before starting an application.
		@@ -638,7 +639,7 @@ public final class Zygote {
		args.mRuntimeFlags, rlimits, args.mMountExternal,
		args.mSeInfo, args.mNiceName, args.mStartChildZygote,
		args.mInstructionSet, args.mAppDataDir, args.mPackageName,
		args.mPackagesForUid, args.mVisibleVolIds);
		args.mPackagesForUid, args.mVisibleVolIds, args.mSandboxId);

		if (args.mNiceName != null) {
		Process.setArgV0(args.mNiceName);

core/java/com/android/internal/os/ZygoteArguments.java

+8 −0

Original line number	Diff line number	Diff line
		@@ -119,6 +119,9 @@ class ZygoteArguments {
		/** from --visible-vols */
		String[] mVisibleVolIds;

		/** from --sandbox-id */
		String mSandboxId;

		/**
		* Any args after and including the first non-option arg (or after a '--')
		*/
		@@ -385,6 +388,11 @@ class ZygoteArguments {
		mPackagesForUid = arg.substring(arg.indexOf('=') + 1).split(",");
		} else if (arg.startsWith("--visible-vols=")) {
		mVisibleVolIds = arg.substring(arg.indexOf('=') + 1).split(",");
		} else if (arg.startsWith("--sandbox-id=")) {
		if (mSandboxId != null) {
		throw new IllegalArgumentException("Duplicate arg specified");
		}
		mSandboxId = arg.substring(arg.indexOf('=') + 1);
		} else {
		break;
		}