fs_mgr: add /mnt/scratch to possible overlayfs support directories

A default set of options are available, but can override in a fstab overlay entry with upperdir=, lowerdir= to the same mount point, workdir=. The default is a valid /mnt/scratch/overlay/ or /cache/overlay/ directory, with .../<mount_point>/upper and .../<mount_point>/work, associated with each system partition <mount_point>. Test: manual Bug: 109821005 Change-Id: I5662c01fad17d105665be065f6dcd7c3fdc40d95
2018-07-02 08:13:40 -07:00 · 2018-07-02 08:13:40 -07:00 · 1369dfcaad
commit 1369dfcaad
parent 0ab9b61370
4 changed files with 7 additions and 3 deletions
--- a/private/file_contexts
+++ b/private/file_contexts
@ -535,6 +535,7 @@
 # Overlayfs support directories
 #
 /cache/overlay(/.*)?            u:object_r:overlayfs_file:s0
+/mnt/scratch(/.*)?              u:object_r:overlayfs_file:s0

 /data/cache(/.*)?		u:object_r:cache_file:s0
 /data/cache/recovery(/.*)?	u:object_r:cache_recovery_file:s0
--- a/private/file_contexts_overlayfs
+++ b/private/file_contexts_overlayfs
@ -4,3 +4,6 @@
 /cache/overlay/(system|product)/upper       u:object_r:system_file:s0
 /cache/overlay/(vendor|odm)/upper           u:object_r:vendor_file:s0
 /cache/overlay/oem/upper                    u:object_r:vendor_file:s0
+/mnt/scratch/overlay/(system|product)/upper u:object_r:system_file:s0
+/mnt/scratch/overlay/(vendor|odm)/upper     u:object_r:vendor_file:s0
+/mnt/scratch/overlay/oem/upper              u:object_r:vendor_file:s0
--- a/public/file.te
+++ b/public/file.te
@ -310,7 +310,7 @@ type system_app_data_file, file_type, data_file_type, core_data_file_type, mlstr
 # Compatibility with type name used in Android 4.3 and 4.4.
 # Default type for anything under /cache
 type cache_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
-# Type for /cache/overlay
+# Type for /cache/overlay /mnt/scratch/overlay
 type overlayfs_file, file_type, data_file_type, core_data_file_type;
 # Type for /cache/backup_stage/* (fd interchange with apps)
 type cache_backup_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
--- a/public/init.te
+++ b/public/init.te
@ -297,9 +297,9 @@ allow init self:global_capability2_class_set syslog;
 # init access to /proc.
 r_dir_file(init, proc_net_type)

-# Overlayfs workdir write access check during mount to permit remount,rw
 userdebug_or_eng(`
-  allow init overlayfs_file:dir { relabelfrom write };
+  # Overlayfs workdir write access check during mount to permit remount,rw
+  allow init overlayfs_file:dir { relabelfrom mounton write };
 ')

 allow init {