Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 64167478 authored by Ricky Wai's avatar Ricky Wai
Browse files

Check if fuse enabled before mounting storage data and obb dirs 

Also, do not bind mount storage obb and data dirs if mount external is
in pass_through mode.

Fix: 151219235
Fix: 152395018
Fix: 152490627
Test: atest AdoptableHostTest
Change-Id: I77a86be5582ded0915b0a8a49d2b2a8c17fe58b7
parent afef06a0

core/jni/com_android_internal_os_Zygote.cpp

+3 −1
Original line number Diff line number Diff line
@@ -1653,7 +1653,9 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, 
            uid, process_name, managed_nice_name, fail_fn);

    isolateJitProfile(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);

  }

  if ((mount_external != MOUNT_EXTERNAL_INSTALLER) && mount_storage_dirs) {

  if (mount_external != MOUNT_EXTERNAL_INSTALLER &&

      mount_external != MOUNT_EXTERNAL_PASS_THROUGH &&

      mount_storage_dirs) {

    BindMountStorageDirs(env, pkg_data_info_list, uid, process_name, managed_nice_name, fail_fn);

  }

services/core/java/com/android/server/StorageManagerService.java

+9 −1
Original line number Diff line number Diff line
@@ -220,6 +220,10 @@ class StorageManagerService extends IStorageManager.Stub 


    private static final boolean ENABLE_ISOLATED_STORAGE = StorageManager.hasIsolatedStorage();



    // A system property to control if obb app data isolation is enabled in vold.

    private static final String ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY =

            "persist.sys.vold_app_data_isolation_enabled";



    /**

     * If {@code 1}, enables the isolated storage feature. If {@code -1},

     * disables the isolated storage feature. If {@code 0}, uses the default
@@ -596,6 +600,8 @@ class StorageManagerService extends IStorageManager.Stub 


    private final boolean mIsFuseEnabled;



    private final boolean mVoldAppDataIsolationEnabled;



    @GuardedBy("mLock")

    private final Set<Integer> mUidsWithLegacyExternalStorage = new ArraySet<>();

    // Not guarded by lock, always used on the ActivityManager thread
@@ -1516,7 +1522,7 @@ class StorageManagerService extends IStorageManager.Stub 
        if (vol.type == VolumeInfo.TYPE_EMULATED) {

            if (newState != VolumeInfo.STATE_MOUNTED) {

                mFuseMountedUser.remove(vol.getMountUserId());

            } else {

            } else if (mVoldAppDataIsolationEnabled){

                final int userId = vol.getMountUserId();

                mFuseMountedUser.add(userId);

                // Async remount app storage so it won't block the main thread.
@@ -1740,6 +1746,8 @@ class StorageManagerService extends IStorageManager.Stub 
        // incorrect until #updateFusePropFromSettings where we set the correct value and reboot if

        // different

        mIsFuseEnabled = SystemProperties.getBoolean(PROP_FUSE, DEFAULT_FUSE_ENABLED);

        mVoldAppDataIsolationEnabled = mIsFuseEnabled && SystemProperties.getBoolean(

                ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY, false);

        mContext = context;

        mResolver = mContext.getContentResolver();

        mCallbacks = new Callbacks(FgThread.get().getLooper());

services/core/java/com/android/server/am/ProcessList.java

+9 −1
Original line number Diff line number Diff line
@@ -154,6 +154,9 @@ public final class ProcessList { 
    static final String ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY =

            "persist.sys.vold_app_data_isolation_enabled";



    // A system property to control if fuse is enabled.

    static final String ANDROID_FUSE_ENABLED = "persist.sys.fuse";



    // The minimum time we allow between crashes, for us to consider this

    // application to be bad and stop and its services and reject broadcasts.

    static final int MIN_CRASH_INTERVAL = 60 * 1000;
@@ -707,8 +710,13 @@ public final class ProcessList { 
        // want some apps enabled while some apps disabled

        mAppDataIsolationEnabled =

                SystemProperties.getBoolean(ANDROID_APP_DATA_ISOLATION_ENABLED_PROPERTY, true);

        mVoldAppDataIsolationEnabled = SystemProperties.getBoolean(

        boolean fuseEnabled = SystemProperties.getBoolean(ANDROID_FUSE_ENABLED, false);

        boolean voldAppDataIsolationEnabled = SystemProperties.getBoolean(

                ANDROID_VOLD_APP_DATA_ISOLATION_ENABLED_PROPERTY, false);

        if (!fuseEnabled && voldAppDataIsolationEnabled) {

            Slog.e(TAG, "Fuse is not enabled while vold app data isolation is enabled");

        }

        mVoldAppDataIsolationEnabled = fuseEnabled && voldAppDataIsolationEnabled;

        mAppDataIsolationWhitelistedApps = new ArrayList<>(

                SystemConfig.getInstance().getAppDataIsolationWhitelistedApps());