Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8a3a6ffa authored by Robert Sesek's avatar Robert Sesek
Browse files

In MountEmulatedStorage() don't create a mount namespace unless actually mounting. 

When the zygote starts, it creates its own mount namespace in
nativeUnmountStorageOnInit(). When the zygote forks a new process, unless the
new process actually has permission to access emulated storage (and thus it
needs to be mounted), there is no reason to create another new mount namespace
in the child.

This supports the WebView zygote, which does not have CAP_SYS_ADMIN to perform
mount operations. But since it only forks isolated_app processes, which do not
have access to storage, it does not need to handle mounting.

Test: m checkbuild
Test: angler boots

Bug: 21643067
Change-Id: Ieb75cc3009ed26b7366213409d5fad836f597084
parent 678ba245

core/jni/com_android_internal_os_Zygote.cpp

+7 −6
Original line number Diff line number Diff line
@@ -297,12 +297,6 @@ static bool MountEmulatedStorage(uid_t uid, jint mount_mode, 
        bool force_mount_namespace) {

    // See storage config details at http://source.android.com/tech/storage/



    // Create a second private mount namespace for our process

    if (unshare(CLONE_NEWNS) == -1) {

        ALOGW("Failed to unshare(): %s", strerror(errno));

        return false;

    }



    String8 storageSource;

    if (mount_mode == MOUNT_EXTERNAL_DEFAULT) {

        storageSource = "/mnt/runtime/default";
@@ -314,6 +308,13 @@ static bool MountEmulatedStorage(uid_t uid, jint mount_mode, 
        // Sane default of no storage visible

        return true;

    }



    // Create a second private mount namespace for our process

    if (unshare(CLONE_NEWNS) == -1) {

        ALOGW("Failed to unshare(): %s", strerror(errno));

        return false;

    }



    if (TEMP_FAILURE_RETRY(mount(storageSource.string(), "/storage",

            NULL, MS_BIND | MS_REC | MS_SLAVE, NULL)) == -1) {

        ALOGW("Failed to mount %s to /storage: %s", storageSource.string(), strerror(errno));