Merge "Revert "Do not mount whitelisted package in storage data and obb dirs""... (ee7f81ac) · Commits · e / os / android_frameworks_base

core/java/android/os/Process.java

+2 −10

Original line number	Original line	Diff line number	Diff line
	@@ -607,9 +607,6 @@ public class Process {
	* started.		* started.
	* @param pkgDataInfoMap Map from related package names to private data directory		* @param pkgDataInfoMap Map from related package names to private data directory
	* volume UUID and inode number.		* volume UUID and inode number.
	* @param whitelistedDataInfoMap Map from whitelisted package names to private data directory
	* volume UUID and inode number.
	* @param bindMountAppsData whether zygote needs to mount CE and DE data.
	* @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.		* @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.
	* @param zygoteArgs Additional arguments to supply to the zygote process.		* @param zygoteArgs Additional arguments to supply to the zygote process.
	* @return An object that describes the result of the attempt to start the process.		* @return An object that describes the result of the attempt to start the process.
	@@ -634,17 +631,13 @@ public class Process {
	@Nullable long[] disabledCompatChanges,		@Nullable long[] disabledCompatChanges,
	@Nullable Map<String, Pair<String, Long>>		@Nullable Map<String, Pair<String, Long>>
	pkgDataInfoMap,		pkgDataInfoMap,
	@Nullable Map<String, Pair<String, Long>>
	whitelistedDataInfoMap,
	boolean bindMountAppsData,
	boolean bindMountAppStorageDirs,		boolean bindMountAppStorageDirs,
	@Nullable String[] zygoteArgs) {		@Nullable String[] zygoteArgs) {
	return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids,		return ZYGOTE_PROCESS.start(processClass, niceName, uid, gid, gids,
	runtimeFlags, mountExternal, targetSdkVersion, seInfo,		runtimeFlags, mountExternal, targetSdkVersion, seInfo,
	abi, instructionSet, appDataDir, invokeWith, packageName,		abi, instructionSet, appDataDir, invokeWith, packageName,
	zygotePolicyFlags, isTopApp, disabledCompatChanges,		zygotePolicyFlags, isTopApp, disabledCompatChanges,
	pkgDataInfoMap, whitelistedDataInfoMap, bindMountAppsData,		pkgDataInfoMap, bindMountAppStorageDirs, zygoteArgs);
	bindMountAppStorageDirs, zygoteArgs);
	}		}

	/** @hide */		/** @hide */
	@@ -668,8 +661,7 @@ public class Process {
	runtimeFlags, mountExternal, targetSdkVersion, seInfo,		runtimeFlags, mountExternal, targetSdkVersion, seInfo,
	abi, instructionSet, appDataDir, invokeWith, packageName,		abi, instructionSet, appDataDir, invokeWith, packageName,
	/zygotePolicyFlags=/ ZYGOTE_POLICY_FLAG_EMPTY, /isTopApp=/ false,		/zygotePolicyFlags=/ ZYGOTE_POLICY_FLAG_EMPTY, /isTopApp=/ false,
	disabledCompatChanges, /* pkgDataInfoMap */ null,		disabledCompatChanges, /* pkgDataInfoMap */ null, false, zygoteArgs);
	/* whitelistedDataInfoMap */ null, false, false, zygoteArgs);
	}		}

	/**		/**

core/java/android/os/ZygoteProcess.java

+1 −37

Original line number	Original line	Diff line number	Diff line
	@@ -333,9 +333,6 @@ public class ZygoteProcess {
	* started.		* started.
	* @param pkgDataInfoMap Map from related package names to private data directory		* @param pkgDataInfoMap Map from related package names to private data directory
	* volume UUID and inode number.		* volume UUID and inode number.
	* @param whitelistedDataInfoMap Map from whitelisted package names to private data directory
	* volume UUID and inode number.
	* @param bindMountAppsData whether zygote needs to mount CE and DE data.
	* @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.		* @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.
	*		*
	* @param zygoteArgs Additional arguments to supply to the Zygote process.		* @param zygoteArgs Additional arguments to supply to the Zygote process.
	@@ -358,9 +355,6 @@ public class ZygoteProcess {
	@Nullable long[] disabledCompatChanges,		@Nullable long[] disabledCompatChanges,
	@Nullable Map<String, Pair<String, Long>>		@Nullable Map<String, Pair<String, Long>>
	pkgDataInfoMap,		pkgDataInfoMap,
	@Nullable Map<String, Pair<String, Long>>
	whitelistedDataInfoMap,
	boolean bindMountAppsData,
	boolean bindMountAppStorageDirs,		boolean bindMountAppStorageDirs,
	@Nullable String[] zygoteArgs) {		@Nullable String[] zygoteArgs) {
	// TODO (chriswailes): Is there a better place to check this value?		// TODO (chriswailes): Is there a better place to check this value?
	@@ -373,8 +367,7 @@ public class ZygoteProcess {
	runtimeFlags, mountExternal, targetSdkVersion, seInfo,		runtimeFlags, mountExternal, targetSdkVersion, seInfo,
	abi, instructionSet, appDataDir, invokeWith, /startChildZygote=/ false,		abi, instructionSet, appDataDir, invokeWith, /startChildZygote=/ false,
	packageName, zygotePolicyFlags, isTopApp, disabledCompatChanges,		packageName, zygotePolicyFlags, isTopApp, disabledCompatChanges,
	pkgDataInfoMap, whitelistedDataInfoMap, bindMountAppsData,		pkgDataInfoMap, bindMountAppStorageDirs, zygoteArgs);
	bindMountAppStorageDirs, zygoteArgs);
	} catch (ZygoteStartFailedEx ex) {		} catch (ZygoteStartFailedEx ex) {
	Log.e(LOG_TAG,		Log.e(LOG_TAG,
	"Starting VM process through Zygote failed");		"Starting VM process through Zygote failed");
	@@ -615,9 +608,6 @@ public class ZygoteProcess {
	* @param disabledCompatChanges a list of disabled compat changes for the process being started.		* @param disabledCompatChanges a list of disabled compat changes for the process being started.
	* @param pkgDataInfoMap Map from related package names to private data directory volume UUID		* @param pkgDataInfoMap Map from related package names to private data directory volume UUID
	* and inode number.		* and inode number.
	* @param whitelistedDataInfoMap Map from whitelisted package names to private data directory
	* volume UUID and inode number.
	* @param bindMountAppsData whether zygote needs to mount CE and DE data.
	* @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.		* @param bindMountAppStorageDirs whether zygote needs to mount Android/obb and Android/data.
	* @param extraArgs Additional arguments to supply to the zygote process.		* @param extraArgs Additional arguments to supply to the zygote process.
	* @return An object that describes the result of the attempt to start the process.		* @return An object that describes the result of the attempt to start the process.
	@@ -641,9 +631,6 @@ public class ZygoteProcess {
	@Nullable long[] disabledCompatChanges,		@Nullable long[] disabledCompatChanges,
	@Nullable Map<String, Pair<String, Long>>		@Nullable Map<String, Pair<String, Long>>
	pkgDataInfoMap,		pkgDataInfoMap,
	@Nullable Map<String, Pair<String, Long>>
	whitelistedDataInfoMap,
	boolean bindMountAppsData,
	boolean bindMountAppStorageDirs,		boolean bindMountAppStorageDirs,
	@Nullable String[] extraArgs)		@Nullable String[] extraArgs)
	throws ZygoteStartFailedEx {		throws ZygoteStartFailedEx {
	@@ -741,33 +728,11 @@ public class ZygoteProcess {
	}		}
	argsForZygote.add(sb.toString());		argsForZygote.add(sb.toString());
	}		}
	if (whitelistedDataInfoMap != null && whitelistedDataInfoMap.size() > 0) {
	StringBuilder sb = new StringBuilder();
	sb.append(Zygote.WHITELISTED_DATA_INFO_MAP);
	sb.append("=");
	boolean started = false;
	for (Map.Entry<String, Pair<String, Long>> entry : whitelistedDataInfoMap.entrySet()) {
	if (started) {
	sb.append(',');
	}
	started = true;
	sb.append(entry.getKey());
	sb.append(',');
	sb.append(entry.getValue().first);
	sb.append(',');
	sb.append(entry.getValue().second);
	}
	argsForZygote.add(sb.toString());
	}

	if (bindMountAppStorageDirs) {		if (bindMountAppStorageDirs) {
	argsForZygote.add(Zygote.BIND_MOUNT_APP_STORAGE_DIRS);		argsForZygote.add(Zygote.BIND_MOUNT_APP_STORAGE_DIRS);
	}		}

	if (bindMountAppsData) {
	argsForZygote.add(Zygote.BIND_MOUNT_APP_DATA_DIRS);
	}

	if (disabledCompatChanges != null && disabledCompatChanges.length > 0) {		if (disabledCompatChanges != null && disabledCompatChanges.length > 0) {
	StringBuilder sb = new StringBuilder();		StringBuilder sb = new StringBuilder();
	sb.append("--disabled-compat-changes=");		sb.append("--disabled-compat-changes=");
	@@ -1326,7 +1291,6 @@ public class ZygoteProcess {
	true /* startChildZygote /, null / packageName */,		true /* startChildZygote /, null / packageName */,
	ZYGOTE_POLICY_FLAG_SYSTEM_PROCESS /* zygotePolicyFlags /, false / isTopApp */,		ZYGOTE_POLICY_FLAG_SYSTEM_PROCESS /* zygotePolicyFlags /, false / isTopApp */,
	null /* disabledCompatChanges /, null / pkgDataInfoMap */,		null /* disabledCompatChanges /, null / pkgDataInfoMap */,
	null /* whitelistedDataInfoMap /, false / bindMountAppsData*/,
	/* bindMountAppStorageDirs */ false, extraArgs);		/* bindMountAppStorageDirs */ false, extraArgs);

	} catch (ZygoteStartFailedEx ex) {		} catch (ZygoteStartFailedEx ex) {

core/java/com/android/internal/os/Zygote.java

+6 −23

Original line number	Original line	Diff line number	Diff line
	@@ -205,15 +205,9 @@ public final class Zygote {
	/** List of packages with the same uid, and its app data info: volume uuid and inode. */		/** List of packages with the same uid, and its app data info: volume uuid and inode. */
	public static final String PKG_DATA_INFO_MAP = "--pkg-data-info-map";		public static final String PKG_DATA_INFO_MAP = "--pkg-data-info-map";

	/** List of whitelisted packages and its app data info: volume uuid and inode. */
	public static final String WHITELISTED_DATA_INFO_MAP = "--whitelisted-data-info-map";

	/** Bind mount app storage dirs to lower fs not via fuse */		/** Bind mount app storage dirs to lower fs not via fuse */
	public static final String BIND_MOUNT_APP_STORAGE_DIRS = "--bind-mount-storage-dirs";		public static final String BIND_MOUNT_APP_STORAGE_DIRS = "--bind-mount-storage-dirs";

	/** Bind mount app storage dirs to lower fs not via fuse */
	public static final String BIND_MOUNT_APP_DATA_DIRS = "--bind-mount-data-dirs";

	/**		/**
	* An extraArg passed when a zygote process is forking a child-zygote, specifying a name		* An extraArg passed when a zygote process is forking a child-zygote, specifying a name
	* in the abstract socket namespace. This socket name is what the new child zygote		* in the abstract socket namespace. This socket name is what the new child zygote
	@@ -319,8 +313,6 @@ public final class Zygote {
	* @param isTopApp true if the process is for top (high priority) application.		* @param isTopApp true if the process is for top (high priority) application.
	* @param pkgDataInfoList A list that stores related packages and its app data		* @param pkgDataInfoList A list that stores related packages and its app data
	* info: volume uuid and inode.		* info: volume uuid and inode.
	* @param whitelistedDataInfoList Like pkgDataInfoList, but it's for whitelisted apps.
	* @param bindMountAppDataDirs True if the zygote needs to mount data dirs.
	* @param bindMountAppStorageDirs True if the zygote needs to mount storage dirs.		* @param bindMountAppStorageDirs True if the zygote needs to mount storage dirs.
	*		*
	* @return 0 if this is the child, pid of the child		* @return 0 if this is the child, pid of the child
	@@ -329,15 +321,13 @@ public final class Zygote {
	static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags,		static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags,
	int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose,		int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose,
	int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir,		int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir,
	boolean isTopApp, String[] pkgDataInfoList, String[] whitelistedDataInfoList,		boolean isTopApp, String[] pkgDataInfoList, boolean bindMountAppStorageDirs) {
	boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs) {
	ZygoteHooks.preFork();		ZygoteHooks.preFork();

	int pid = nativeForkAndSpecialize(		int pid = nativeForkAndSpecialize(
	uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose,		uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose,
	fdsToIgnore, startChildZygote, instructionSet, appDataDir, isTopApp,		fdsToIgnore, startChildZygote, instructionSet, appDataDir, isTopApp,
	pkgDataInfoList, whitelistedDataInfoList, bindMountAppDataDirs,		pkgDataInfoList, bindMountAppStorageDirs);
	bindMountAppStorageDirs);
	if (pid == 0) {		if (pid == 0) {
	// Note that this event ends at the end of handleChildProc,		// Note that this event ends at the end of handleChildProc,
	Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork");		Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork");
	@@ -354,7 +344,6 @@ public final class Zygote {
	int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,		int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,
	int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet,		int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet,
	String appDataDir, boolean isTopApp, String[] pkgDataInfoList,		String appDataDir, boolean isTopApp, String[] pkgDataInfoList,
	String[] whitelistedDataInfoList, boolean bindMountAppDataDirs,
	boolean bindMountAppStorageDirs);		boolean bindMountAppStorageDirs);

	/**		/**
	@@ -382,19 +371,15 @@ public final class Zygote {
	* volume uuid and CE dir inode. For example, pkgDataInfoList = [app_a_pkg_name,		* volume uuid and CE dir inode. For example, pkgDataInfoList = [app_a_pkg_name,
	* app_a_data_volume_uuid, app_a_ce_inode, app_b_pkg_name, app_b_data_volume_uuid,		* app_a_data_volume_uuid, app_a_ce_inode, app_b_pkg_name, app_b_data_volume_uuid,
	* app_b_ce_inode, ...];		* app_b_ce_inode, ...];
	* @param whitelistedDataInfoList Like pkgDataInfoList, but it's for whitelisted apps.
	* @param bindMountAppDataDirs True if the zygote needs to mount data dirs.
	* @param bindMountAppStorageDirs True if the zygote needs to mount storage dirs.		* @param bindMountAppStorageDirs True if the zygote needs to mount storage dirs.
	*/		*/
	private static void specializeAppProcess(int uid, int gid, int[] gids, int runtimeFlags,		private static void specializeAppProcess(int uid, int gid, int[] gids, int runtimeFlags,
	int[][] rlimits, int mountExternal, String seInfo, String niceName,		int[][] rlimits, int mountExternal, String seInfo, String niceName,
	boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,		boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,
	String[] pkgDataInfoList, String[] whitelistedDataInfoList,		String[] pkgDataInfoList, boolean bindMountAppStorageDirs) {
	boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs) {
	nativeSpecializeAppProcess(uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo,		nativeSpecializeAppProcess(uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo,
	niceName, startChildZygote, instructionSet, appDataDir, isTopApp,		niceName, startChildZygote, instructionSet, appDataDir, isTopApp,
	pkgDataInfoList, whitelistedDataInfoList,		pkgDataInfoList, bindMountAppStorageDirs);
	bindMountAppDataDirs, bindMountAppStorageDirs);

	// Note that this event ends at the end of handleChildProc.		// Note that this event ends at the end of handleChildProc.
	Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork");		Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork");
	@@ -414,8 +399,7 @@ public final class Zygote {
	private static native void nativeSpecializeAppProcess(int uid, int gid, int[] gids,		private static native void nativeSpecializeAppProcess(int uid, int gid, int[] gids,
	int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,		int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,
	boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,		boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,
	String[] pkgDataInfoList, String[] whitelistedDataInfoList,		String[] pkgDataInfoList, boolean bindMountAppStorageDirs);
	boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs);

	/**		/**
	* Called to do any initialization before starting an application.		* Called to do any initialization before starting an application.
	@@ -740,8 +724,7 @@ public final class Zygote {
	args.mRuntimeFlags, rlimits, args.mMountExternal,		args.mRuntimeFlags, rlimits, args.mMountExternal,
	args.mSeInfo, args.mNiceName, args.mStartChildZygote,		args.mSeInfo, args.mNiceName, args.mStartChildZygote,
	args.mInstructionSet, args.mAppDataDir, args.mIsTopApp,		args.mInstructionSet, args.mAppDataDir, args.mIsTopApp,
	args.mPkgDataInfoList, args.mWhitelistedDataInfoList,		args.mPkgDataInfoList, args.mBindMountAppStorageDirs);
	args.mBindMountAppDataDirs, args.mBindMountAppStorageDirs);

	Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER);		Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER);

core/java/com/android/internal/os/ZygoteArguments.java

+0 −15

Original line number	Original line	Diff line number	Diff line
	@@ -226,22 +226,11 @@ class ZygoteArguments {
	*/		*/
	String[] mPkgDataInfoList;		String[] mPkgDataInfoList;

	/**
	* A list that stores all whitelisted app data info: volume uuid and inode.
	* Null if it does need to do app data isolation.
	*/
	String[] mWhitelistedDataInfoList;

	/**		/**
	* @see Zygote#BIND_MOUNT_APP_STORAGE_DIRS		* @see Zygote#BIND_MOUNT_APP_STORAGE_DIRS
	*/		*/
	boolean mBindMountAppStorageDirs;		boolean mBindMountAppStorageDirs;

	/**
	* @see Zygote#BIND_MOUNT_APP_DATA_DIRS
	*/
	boolean mBindMountAppDataDirs;

	/**		/**
	* Constructs instance and parses args		* Constructs instance and parses args
	*		*
	@@ -463,12 +452,8 @@ class ZygoteArguments {
	}		}
	} else if (arg.startsWith(Zygote.PKG_DATA_INFO_MAP)) {		} else if (arg.startsWith(Zygote.PKG_DATA_INFO_MAP)) {
	mPkgDataInfoList = getAssignmentList(arg);		mPkgDataInfoList = getAssignmentList(arg);
	} else if (arg.startsWith(Zygote.WHITELISTED_DATA_INFO_MAP)) {
	mWhitelistedDataInfoList = getAssignmentList(arg);
	} else if (arg.equals(Zygote.BIND_MOUNT_APP_STORAGE_DIRS)) {		} else if (arg.equals(Zygote.BIND_MOUNT_APP_STORAGE_DIRS)) {
	mBindMountAppStorageDirs = true;		mBindMountAppStorageDirs = true;
	} else if (arg.equals(Zygote.BIND_MOUNT_APP_DATA_DIRS)) {
	mBindMountAppDataDirs = true;
	} else {		} else {
	break;		break;
	}		}

core/java/com/android/internal/os/ZygoteConnection.java

+1 −2

Original line number	Original line	Diff line number	Diff line
	@@ -258,8 +258,7 @@ class ZygoteConnection {
	parsedArgs.mRuntimeFlags, rlimits, parsedArgs.mMountExternal, parsedArgs.mSeInfo,		parsedArgs.mRuntimeFlags, rlimits, parsedArgs.mMountExternal, parsedArgs.mSeInfo,
	parsedArgs.mNiceName, fdsToClose, fdsToIgnore, parsedArgs.mStartChildZygote,		parsedArgs.mNiceName, fdsToClose, fdsToIgnore, parsedArgs.mStartChildZygote,
	parsedArgs.mInstructionSet, parsedArgs.mAppDataDir, parsedArgs.mIsTopApp,		parsedArgs.mInstructionSet, parsedArgs.mAppDataDir, parsedArgs.mIsTopApp,
	parsedArgs.mPkgDataInfoList,parsedArgs.mWhitelistedDataInfoList,		parsedArgs.mPkgDataInfoList, parsedArgs.mBindMountAppStorageDirs);
	parsedArgs.mBindMountAppDataDirs, parsedArgs.mBindMountAppStorageDirs);

	try {		try {
	if (pid == 0) {		if (pid == 0) {