tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Protect runtime storage mount points.

Browse source 
We have a bunch of magic that mounts the correct view of storage
access based on the runtime permissions of an app, but we forgot to
protect the real underlying data sources; oops.

This series of changes just bumps the directory heirarchy one level
to give us /mnt/runtime which we can mask off as 0700 to prevent
people from jumping to the exposed internals.

Also add CTS tests to verify that we're protecting access to
internal mount points like this.

Bug: 22964288
Change-Id: I83f09f0423f4993e766273c50389dd29b1c50589
This commit is contained in:
Jeff Sharkey 2015-08-06 11:40:00 -07:00
parent 8474ee3231
commit 1bd078fa7b
3 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
EmulatedVolume.cpp
View file

@ -61,9 +61,9 @@ status_t EmulatedVolume::doMount() {
label = "emulated";
}
mFuseDefault = StringPrintf("/mnt/runtime_default/%s", label.c_str());
mFuseRead = StringPrintf("/mnt/runtime_read/%s", label.c_str());
mFuseWrite = StringPrintf("/mnt/runtime_write/%s", label.c_str());
mFuseDefault = StringPrintf("/mnt/runtime/default/%s", label.c_str());
mFuseRead = StringPrintf("/mnt/runtime/read/%s", label.c_str());
mFuseWrite = StringPrintf("/mnt/runtime/write/%s", label.c_str());
setInternalPath(mRawPath);
setPath(StringPrintf("/storage/%s", label.c_str()));

6
PublicVolume.cpp
View file

@ -112,9 +112,9 @@ status_t PublicVolume::doMount() {
mRawPath = StringPrintf("/mnt/media_rw/%s", stableName.c_str());
mFuseDefault = StringPrintf("/mnt/runtime_default/%s", stableName.c_str());
mFuseRead = StringPrintf("/mnt/runtime_read/%s", stableName.c_str());
mFuseWrite = StringPrintf("/mnt/runtime_write/%s", stableName.c_str());
mFuseDefault = StringPrintf("/mnt/runtime/default/%s", stableName.c_str());
mFuseRead = StringPrintf("/mnt/runtime/read/%s", stableName.c_str());
mFuseWrite = StringPrintf("/mnt/runtime/write/%s", stableName.c_str());
setInternalPath(mRawPath);
if (getMountFlags() & MountFlags::kVisible) {

6
VolumeManager.cpp
View file

@ -580,11 +580,11 @@ int VolumeManager::remountUid(uid_t uid, const std::string& mode) {
std::string storageSource;
if (mode == "default") {
storageSource = "/mnt/runtime_default";
storageSource = "/mnt/runtime/default";
} else if (mode == "read") {
storageSource = "/mnt/runtime_read";
storageSource = "/mnt/runtime/read";
} else if (mode == "write") {
storageSource = "/mnt/runtime_write";
storageSource = "/mnt/runtime/write";
} else {
// Sane default of no storage visible
_exit(0);