Create device-encrypted directories for apps. (63ec2d64) · Commits · e / os / android_frameworks_native

cmds/installd/commands.cpp

+23 −36

Original line number	Diff line number	Diff line
		@@ -43,37 +43,41 @@ dir_rec_array_t android_system_dirs;

		static const char* kCpPath = "/system/bin/cp";

		int install(const char uuid, const char pkgname, uid_t uid, gid_t gid, const char *seinfo)
		{
		int install(const char uuid, const char pkgname, uid_t uid, gid_t gid, const char *seinfo) {
		if ((uid < AID_SYSTEM) \|\| (gid < AID_SYSTEM)) {
		ALOGE("invalid uid/gid: %d %d\n", uid, gid);
		return -1;
		}

		std::string _pkgdir(create_data_user_package_path(uuid, 0, pkgname));
		const char* pkgdir = _pkgdir.c_str();
		std::string ce_package_path(create_data_user_package_path(uuid, 0, pkgname));
		std::string de_package_path(create_data_user_de_package_path(uuid, 0, pkgname));

		if (mkdir(pkgdir, 0751) < 0) {
		ALOGE("cannot create dir '%s': %s\n", pkgdir, strerror(errno));
		const char* c_ce_package_path = ce_package_path.c_str();
		const char* c_de_package_path = de_package_path.c_str();

		if (fs_prepare_dir(c_ce_package_path, 0751, uid, gid) == -1) {
		PLOG(ERROR) << "Failed to prepare " << ce_package_path;
		unlink(c_ce_package_path);
		return -1;
		}
		if (chmod(pkgdir, 0751) < 0) {
		ALOGE("cannot chmod dir '%s': %s\n", pkgdir, strerror(errno));
		unlink(pkgdir);
		if (selinux_android_setfilecon(c_ce_package_path, pkgname, seinfo, uid) < 0) {
		PLOG(ERROR) << "Failed to setfilecon " << ce_package_path;
		unlink(c_ce_package_path);
		return -1;
		}

		if (selinux_android_setfilecon(pkgdir, pkgname, seinfo, uid) < 0) {
		ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno));
		unlink(pkgdir);
		return -errno;
		if (property_get_bool("vold.has_fbe", false)) {
		if (fs_prepare_dir(c_de_package_path, 0751, uid, gid) == -1) {
		PLOG(ERROR) << "Failed to prepare " << de_package_path;
		unlink(c_de_package_path);
		return -1;
		}

		if (chown(pkgdir, uid, gid) < 0) {
		ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
		unlink(pkgdir);
		if (selinux_android_setfilecon(c_de_package_path, pkgname, seinfo, uid) < 0) {
		PLOG(ERROR) << "Failed to setfilecon " << de_package_path;
		unlink(c_de_package_path);
		return -1;
		}
		}

		return 0;
		}
		@@ -89,23 +93,6 @@ int uninstall(const char uuid, const char pkgname, userid_t userid)
		return delete_dir_contents(pkgdir, 1, NULL);
		}

		int renamepkg(const char oldpkgname, const char newpkgname)
		{
		char oldpkgdir[PKG_PATH_MAX];
		char newpkgdir[PKG_PATH_MAX];

		if (create_pkg_path(oldpkgdir, oldpkgname, PKG_DIR_POSTFIX, 0))
		return -1;
		if (create_pkg_path(newpkgdir, newpkgname, PKG_DIR_POSTFIX, 0))
		return -1;

		if (rename(oldpkgdir, newpkgdir) < 0) {
		ALOGE("cannot rename dir '%s' to '%s': %s\n", oldpkgdir, newpkgdir, strerror(errno));
		return -errno;
		}
		return 0;
		}

		int fix_uid(const char uuid, const char pkgname, uid_t uid, gid_t gid)
		{
		struct stat s;

cmds/installd/installd.cpp

+0 −6

Original line number	Diff line number	Diff line
		@@ -72,11 +72,6 @@ static int do_remove(char **arg, char reply[REPLY_MAX] __unused)
		return uninstall(parse_null(arg[0]), arg[1], atoi(arg[2])); /* uuid, pkgname, userid */
		}

		static int do_rename(char **arg, char reply[REPLY_MAX] __unused)
		{
		return renamepkg(arg[0], arg[1]); /* oldpkgname, newpkgname */
		}

		static int do_fixuid(char **arg, char reply[REPLY_MAX] __unused)
		{
		return fix_uid(parse_null(arg[0]), arg[1], atoi(arg[2]), atoi(arg[3])); /* uuid, pkgname, uid, gid */
		@@ -198,7 +193,6 @@ struct cmdinfo cmds[] = {
		{ "movedex", 3, do_move_dex },
		{ "rmdex", 2, do_rm_dex },
		{ "remove", 3, do_remove },
		{ "rename", 2, do_rename },
		{ "fixuid", 4, do_fixuid },
		{ "freecache", 2, do_free_cache },
		{ "rmcache", 3, do_rm_cache },

cmds/installd/installd.h

+4 −0

Original line number	Diff line number	Diff line
		@@ -171,10 +171,14 @@ std::string create_data_app_path(const char* volume_uuid);

		std::string create_data_app_package_path(const char* volume_uuid, const char* package_name);

		// TODO: finish refactoring to "_ce"
		std::string create_data_user_path(const char* volume_uuid, userid_t userid);
		std::string create_data_user_de_path(const char* volume_uuid, userid_t userid);

		std::string create_data_user_package_path(const char* volume_uuid,
		userid_t user, const char* package_name);
		std::string create_data_user_de_package_path(const char* volume_uuid,
		userid_t user, const char* package_name);

		std::string create_data_media_path(const char* volume_uuid, userid_t userid);

cmds/installd/utils.cpp

+17 −0

Original line number	Diff line number	Diff line
		@@ -64,6 +64,15 @@ std::string create_data_user_package_path(const char* volume_uuid,
		create_data_user_path(volume_uuid, user).c_str(), package_name);
		}

		std::string create_data_user_de_package_path(const char* volume_uuid,
		userid_t user, const char* package_name) {
		CHECK(is_valid_filename(package_name));
		CHECK(is_valid_package_name(package_name) == 0);

		return StringPrintf("%s/%s",
		create_data_user_de_path(volume_uuid, user).c_str(), package_name);
		}

		int create_pkg_path(char path[PKG_PATH_MAX], const char *pkgname,
		const char *postfix, userid_t userid) {
		if (is_valid_package_name(pkgname) != 0) {
		@@ -114,6 +123,14 @@ std::string create_data_user_path(const char* volume_uuid, userid_t userid) {
		}
		}

		/**
		* Create the path name for device encrypted user data for a certain userid.
		*/
		std::string create_data_user_de_path(const char* volume_uuid, userid_t userid) {
		std::string data(create_data_path(volume_uuid));
		return StringPrintf("%s/user_de/%u", data.c_str(), userid);
		}

		/**
		* Create the path name for media for a certain userid.
		*/