Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 66da82fb authored by Sanjana Sunil's avatar Sanjana Sunil Committed by Android (Google) Code Review
Browse files

Merge "Ensure subdirectories of sdk data inherit group id of parent" into tm-dev

parents 057ffe1e 431d9218

cmds/installd/InstalldNativeService.cpp

+2 −2
Original line number Original line Diff line number Diff line
@@ -787,7 +787,7 @@ binder::Status InstalldNativeService::createSdkSandboxDataPackageDirectory( 
                             StringPrintf("cacheGid cannot be -1 for sdksandbox data"));

                             StringPrintf("cacheGid cannot be -1 for sdksandbox data"));

        }

        }

        auto status = createAppDataDirs(sharedPath, sdkSandboxUid, AID_NOBODY,

        auto status = createAppDataDirs(sharedPath, sdkSandboxUid, AID_NOBODY,

                                        &previousSdkSandboxUid, cacheGid, seInfo, 0700);

                                        &previousSdkSandboxUid, cacheGid, seInfo, 0700 | S_ISGID);

        if (!status.isOk()) {

        if (!status.isOk()) {

            return status;

            return status;

        }

        }
@@ -967,7 +967,7 @@ binder::Status InstalldNativeService::reconcileSdkData( 
            const int32_t sandboxUid = multiuser_get_sdk_sandbox_uid(userId, appId);

            const int32_t sandboxUid = multiuser_get_sdk_sandbox_uid(userId, appId);

            int32_t previousSandboxUid = multiuser_get_sdk_sandbox_uid(userId, previousAppId);

            int32_t previousSandboxUid = multiuser_get_sdk_sandbox_uid(userId, previousAppId);

            auto status = createAppDataDirs(path, sandboxUid, AID_NOBODY, &previousSandboxUid,

            auto status = createAppDataDirs(path, sandboxUid, AID_NOBODY, &previousSandboxUid,

                                            cacheGid, seInfo, 0700);

                                            cacheGid, seInfo, 0700 | S_ISGID);

            if (!status.isOk()) {

            if (!status.isOk()) {

                res = status;

                res = status;

                continue;

                continue;

cmds/installd/tests/installd_service_test.cpp

+12 −10
Original line number Original line Diff line number Diff line
@@ -1051,7 +1051,8 @@ TEST_F(SdkSandboxDataTest, CreateAppData_CreatesSdkPackageData) { 




    const std::string fooCePath = "misc_ce/0/sdksandbox/com.foo";

    const std::string fooCePath = "misc_ce/0/sdksandbox/com.foo";

    CheckFileAccess(fooCePath, kSystemUid, kSystemUid, S_IFDIR | 0751);

    CheckFileAccess(fooCePath, kSystemUid, kSystemUid, S_IFDIR | 0751);

    CheckFileAccess(fooCePath + "/shared", kTestSdkSandboxUid, kNobodyUid, S_IFDIR | 0700);

    CheckFileAccess(fooCePath + "/shared", kTestSdkSandboxUid, kNobodyUid,

                    S_IFDIR | S_ISGID | 0700);

    CheckFileAccess(fooCePath + "/shared/cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(fooCePath + "/shared/cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);

    CheckFileAccess(fooCePath + "/shared/code_cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(fooCePath + "/shared/code_cache", kTestSdkSandboxUid, kTestCacheGid,
@@ -1059,7 +1060,8 @@ TEST_F(SdkSandboxDataTest, CreateAppData_CreatesSdkPackageData) { 




    const std::string fooDePath = "misc_de/0/sdksandbox/com.foo";

    const std::string fooDePath = "misc_de/0/sdksandbox/com.foo";

    CheckFileAccess(fooDePath, kSystemUid, kSystemUid, S_IFDIR | 0751);

    CheckFileAccess(fooDePath, kSystemUid, kSystemUid, S_IFDIR | 0751);

    CheckFileAccess(fooDePath + "/shared", kTestSdkSandboxUid, kNobodyUid, S_IFDIR | 0700);

    CheckFileAccess(fooDePath + "/shared", kTestSdkSandboxUid, kNobodyUid,

                    S_IFDIR | S_ISGID | 0700);

    CheckFileAccess(fooDePath + "/shared/cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(fooDePath + "/shared/cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);

    CheckFileAccess(fooDePath + "/shared/code_cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(fooDePath + "/shared/code_cache", kTestSdkSandboxUid, kTestCacheGid,
@@ -1130,28 +1132,28 @@ TEST_F(SdkSandboxDataTest, ReconcileSdkData) { 
    ASSERT_BINDER_SUCCESS(service->reconcileSdkData(args));

    ASSERT_BINDER_SUCCESS(service->reconcileSdkData(args));





    const std::string barCePath = "misc_ce/0/sdksandbox/com.foo/bar@random1";

    const std::string barCePath = "misc_ce/0/sdksandbox/com.foo/bar@random1";

    CheckFileAccess(barCePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | 0700);

    CheckFileAccess(barCePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | S_ISGID | 0700);

    CheckFileAccess(barCePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(barCePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);

    CheckFileAccess(barCePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(barCePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);





    const std::string bazCePath = "misc_ce/0/sdksandbox/com.foo/baz@random2";

    const std::string bazCePath = "misc_ce/0/sdksandbox/com.foo/baz@random2";

    CheckFileAccess(bazCePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | 0700);

    CheckFileAccess(bazCePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | S_ISGID | 0700);

    CheckFileAccess(bazCePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(bazCePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);

    CheckFileAccess(bazCePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(bazCePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);





    const std::string barDePath = "misc_de/0/sdksandbox/com.foo/bar@random1";

    const std::string barDePath = "misc_de/0/sdksandbox/com.foo/bar@random1";

    CheckFileAccess(barDePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | 0700);

    CheckFileAccess(barDePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | S_ISGID | 0700);

    CheckFileAccess(barDePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(barDePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);

    CheckFileAccess(barDePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(barDePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);





    const std::string bazDePath = "misc_de/0/sdksandbox/com.foo/baz@random2";

    const std::string bazDePath = "misc_de/0/sdksandbox/com.foo/baz@random2";

    CheckFileAccess(bazDePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | 0700);

    CheckFileAccess(bazDePath, kTestSdkSandboxUid, kNobodyUid, S_IFDIR | S_ISGID | 0700);

    CheckFileAccess(bazDePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(bazDePath + "/cache", kTestSdkSandboxUid, kTestCacheGid,

                    S_IFDIR | S_ISGID | 0771);

                    S_IFDIR | S_ISGID | 0771);

    CheckFileAccess(bazDePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,

    CheckFileAccess(bazDePath + "/code_cache", kTestSdkSandboxUid, kTestCacheGid,
@@ -1194,9 +1196,9 @@ TEST_F(SdkSandboxDataTest, ReconcileSdkData_DirectoryNotCreatedIfAlreadyExistsIg 




    // Previous directories from first attempt should exist

    // Previous directories from first attempt should exist

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/bar@random1", kTestSdkSandboxUid, kNobodyUid,

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/bar@random1", kTestSdkSandboxUid, kNobodyUid,

                    S_IFDIR | 0700);

                    S_IFDIR | S_ISGID | 0700);

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/baz@random2", kTestSdkSandboxUid, kNobodyUid,

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/baz@random2", kTestSdkSandboxUid, kNobodyUid,

                    S_IFDIR | 0700);

                    S_IFDIR | S_ISGID | 0700);

    // No new directories should be created on second attempt

    // No new directories should be created on second attempt

    ASSERT_FALSE(exists("/data/local/tmp/misc_ce/0/sdksandbox/com.foo/bar@r10"));

    ASSERT_FALSE(exists("/data/local/tmp/misc_ce/0/sdksandbox/com.foo/bar@r10"));

    ASSERT_FALSE(exists("/data/local/tmp/misc_de/0/sdksandbox/com.foo/bar@r20"));

    ASSERT_FALSE(exists("/data/local/tmp/misc_de/0/sdksandbox/com.foo/bar@r20"));
@@ -1217,9 +1219,9 @@ TEST_F(SdkSandboxDataTest, ReconcileSdkData_ExtraCodeDirectoriesAreDeleted) { 




    // New directoris should exist

    // New directoris should exist

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/bar.diff@random1", kTestSdkSandboxUid, kNobodyUid,

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/bar.diff@random1", kTestSdkSandboxUid, kNobodyUid,

                    S_IFDIR | 0700);

                    S_IFDIR | S_ISGID | 0700);

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/baz@random2", kTestSdkSandboxUid, kNobodyUid,

    CheckFileAccess("misc_ce/0/sdksandbox/com.foo/baz@random2", kTestSdkSandboxUid, kNobodyUid,

                    S_IFDIR | 0700);

                    S_IFDIR | S_ISGID | 0700);

    // Directory for old unreferred sdksandbox package name should be removed

    // Directory for old unreferred sdksandbox package name should be removed

    ASSERT_FALSE(exists("/data/local/tmp/misc_ce/0/sdksandbox/com.foo/bar@random1"));

    ASSERT_FALSE(exists("/data/local/tmp/misc_ce/0/sdksandbox/com.foo/bar@random1"));

}

}