Look for visible vols for a user under /mnt/user/<userId>/package/.

Currently, we pass down visisble volumes for a user to zygote so that
it can set up appropriate bind mounts after forking. This method has
atleast a couple of race conditions, so instead make zygote just
look under /mnt/user/<userId>/package for volumes that need to be
handled for a particular user.

Bug: 126069494
Test: manual
Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/ExternalStorageHostTest.java
Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
Test: atest cts/tests/tests/provider/src/android/provider/cts/MediaStore*
Change-Id: If996cde24d9fc158729fcc8a8bdb17ca952a518e
This commit is contained in:
Sudheer Shanka 2019-02-24 10:16:09 -08:00
parent 30df1c61d9
commit 8368040841

View file

@ -401,9 +401,6 @@ int VolumeManager::mountPkgSpecificDir(const std::string& mntSourceRoot,
int VolumeManager::mountPkgSpecificDirsForRunningProcs(
userid_t userId, const std::vector<std::string>& packageNames,
const std::vector<std::string>& visibleVolLabels, int remountMode) {
// TODO: New processes could be started while traversing over the existing
// processes which would end up not having the necessary bind mounts. This
// issue needs to be fixed, may be by doing multiple passes here?
std::unique_ptr<DIR, decltype(&closedir)> dirp(opendir("/proc"), closedir);
if (!dirp) {
PLOG(ERROR) << "Failed to opendir /proc";
@ -664,8 +661,6 @@ int VolumeManager::handleMountModeInstaller(int mountMode, int obbMountDirFd,
int VolumeManager::prepareSandboxes(userid_t userId, const std::vector<std::string>& packageNames,
const std::vector<std::string>& visibleVolLabels) {
prepareSandboxTargets(userId, visibleVolLabels);
if (visibleVolLabels.empty()) {
return 0;
}
@ -685,6 +680,11 @@ int VolumeManager::prepareSandboxes(userid_t userId, const std::vector<std::stri
return -errno;
}
}
if (prepareSandboxTargets(userId, visibleVolLabels) < 0) {
return -errno;
}
if (mountPkgSpecificDirsForRunningProcs(userId, packageNames, visibleVolLabels, -1) < 0) {
PLOG(ERROR) << "Failed to setup sandboxes for already running processes";
return -errno;
@ -706,7 +706,6 @@ int VolumeManager::prepareSandboxTargets(userid_t userId,
return -errno;
}
uid_t uid = multiuser_get_uid(userId, AID_EVERYBODY);
for (auto& volumeLabel : visibleVolLabels) {
std::string sandboxTarget =
StringPrintf("%s/%s", mntTargetRoot.c_str(), volumeLabel.c_str());