From b459591fd1a46729e6203a021563989fc7c21b17 Mon Sep 17 00:00:00 2001 From: Mohammad Samiul Islam Date: Mon, 7 Mar 2022 20:27:06 +0000 Subject: [PATCH] Create misc_ce and misc_de directories on /mnt/expand We want to store sdk data on the same volume as app data. Since sdk data is stored in misc_ce and misc_de directory, we need to ensure they exist on adopted storage mounted at /mnt/expand/. This CL creates `/mnt/expand//misc_{ce,de}` directories when disk is mouted and then when user storage is prepared, the sdk root directory is created. By having these directories, we can now move the sdk data to other volume when app data is moved. Bug: b/222034645 Test: atest SdkSandboxStorageHostTest (see ag/17120883) Ignore-AOSP-First: End to end test added which exists in internal branch only. Will cherry-pick this CL to aosp standalone once it is safely merged to internal branch. Change-Id: I0e73d9ce105abec4b77c378cde58aa7365258f01 --- FsCrypt.cpp | 41 ++++++++++++++++++++++++---------------- Utils.cpp | 16 ++++++++-------- Utils.h | 4 ++-- model/PrivateVolume.cpp | 2 ++ vold_prepare_subdirs.cpp | 20 +++++++++++--------- 5 files changed, 48 insertions(+), 35 deletions(-) diff --git a/FsCrypt.cpp b/FsCrypt.cpp index be68222..49e7bd0 100644 --- a/FsCrypt.cpp +++ b/FsCrypt.cpp @@ -764,7 +764,7 @@ bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& se // unlock directories when not in emulation mode, to bring devices // back into a known-good state. if (!emulated_unlock(android::vold::BuildDataSystemCePath(user_id), 0771) || - !emulated_unlock(android::vold::BuildDataMiscCePath(user_id), 01771) || + !emulated_unlock(android::vold::BuildDataMiscCePath("", user_id), 01771) || !emulated_unlock(android::vold::BuildDataMediaCePath("", user_id), 0770) || !emulated_unlock(android::vold::BuildDataUserCePath("", user_id), 0771)) { LOG(ERROR) << "Failed to unlock user " << user_id; @@ -782,7 +782,7 @@ bool fscrypt_lock_user_key(userid_t user_id) { } else if (fscrypt_is_emulated()) { // When in emulation mode, we just use chmod if (!emulated_lock(android::vold::BuildDataSystemCePath(user_id)) || - !emulated_lock(android::vold::BuildDataMiscCePath(user_id)) || + !emulated_lock(android::vold::BuildDataMiscCePath("", user_id)) || !emulated_lock(android::vold::BuildDataMediaCePath("", user_id)) || !emulated_lock(android::vold::BuildDataUserCePath("", user_id))) { LOG(ERROR) << "Failed to lock user " << user_id; @@ -817,7 +817,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ // DE_n key auto system_de_path = android::vold::BuildDataSystemDePath(user_id); - auto misc_de_path = android::vold::BuildDataMiscDePath(user_id); + auto misc_de_path = android::vold::BuildDataMiscDePath(volume_uuid, user_id); auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id); auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id); @@ -831,9 +831,10 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ if (!prepare_dir(profiles_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false; if (!prepare_dir(system_de_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false; - if (!prepare_dir(misc_de_path, 01771, AID_SYSTEM, AID_MISC)) return false; if (!prepare_dir(vendor_de_path, 0771, AID_ROOT, AID_ROOT)) return false; } + + if (!prepare_dir(misc_de_path, 01771, AID_SYSTEM, AID_MISC)) return false; if (!prepare_dir(user_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false; if (fscrypt_is_native()) { @@ -841,11 +842,14 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ if (volume_uuid.empty()) { if (!lookup_policy(s_de_policies, user_id, &de_policy)) return false; if (!EnsurePolicy(de_policy, system_de_path)) return false; - if (!EnsurePolicy(de_policy, misc_de_path)) return false; if (!EnsurePolicy(de_policy, vendor_de_path)) return false; } else { - if (!read_or_create_volkey(misc_de_path, volume_uuid, &de_policy)) return false; + auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id); + if (!read_or_create_volkey(misc_de_empty_volume_path, volume_uuid, &de_policy)) { + return false; + } } + if (!EnsurePolicy(de_policy, misc_de_path)) return false; if (!EnsurePolicy(de_policy, user_de_path)) return false; } } @@ -853,14 +857,13 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ if (flags & android::os::IVold::STORAGE_FLAG_CE) { // CE_n key auto system_ce_path = android::vold::BuildDataSystemCePath(user_id); - auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id); + auto misc_ce_path = android::vold::BuildDataMiscCePath(volume_uuid, user_id); auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id); auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id); auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id); if (volume_uuid.empty()) { if (!prepare_dir(system_ce_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false; - if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false; if (!prepare_dir(vendor_ce_path, 0771, AID_ROOT, AID_ROOT)) return false; } if (!prepare_dir(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW)) return false; @@ -873,6 +876,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ return false; } + if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false; if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false; if (fscrypt_is_native()) { @@ -880,12 +884,15 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ if (volume_uuid.empty()) { if (!lookup_policy(s_ce_policies, user_id, &ce_policy)) return false; if (!EnsurePolicy(ce_policy, system_ce_path)) return false; - if (!EnsurePolicy(ce_policy, misc_ce_path)) return false; if (!EnsurePolicy(ce_policy, vendor_ce_path)) return false; } else { - if (!read_or_create_volkey(misc_ce_path, volume_uuid, &ce_policy)) return false; + auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id); + if (!read_or_create_volkey(misc_ce_empty_volume_path, volume_uuid, &ce_policy)) { + return false; + } } if (!EnsurePolicy(ce_policy, media_ce_path)) return false; + if (!EnsurePolicy(ce_policy, misc_ce_path)) return false; if (!EnsurePolicy(ce_policy, user_ce_path)) return false; } @@ -913,20 +920,21 @@ bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_ if (flags & android::os::IVold::STORAGE_FLAG_CE) { // CE_n key auto system_ce_path = android::vold::BuildDataSystemCePath(user_id); - auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id); + auto misc_ce_path = android::vold::BuildDataMiscCePath(volume_uuid, user_id); auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id); auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id); auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id); res &= destroy_dir(media_ce_path); + res &= destroy_dir(misc_ce_path); res &= destroy_dir(user_ce_path); if (volume_uuid.empty()) { res &= destroy_dir(system_ce_path); - res &= destroy_dir(misc_ce_path); res &= destroy_dir(vendor_ce_path); } else { if (fscrypt_is_native()) { - res &= destroy_volkey(misc_ce_path, volume_uuid); + auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id); + res &= destroy_volkey(misc_ce_empty_volume_path, volume_uuid); } } } @@ -939,11 +947,12 @@ bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_ // DE_n key auto system_de_path = android::vold::BuildDataSystemDePath(user_id); - auto misc_de_path = android::vold::BuildDataMiscDePath(user_id); + auto misc_de_path = android::vold::BuildDataMiscDePath(volume_uuid, user_id); auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id); auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id); res &= destroy_dir(user_de_path); + res &= destroy_dir(misc_de_path); if (volume_uuid.empty()) { res &= destroy_dir(system_legacy_path); #if MANAGE_MISC_DIRS @@ -951,11 +960,11 @@ bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_ #endif res &= destroy_dir(profiles_de_path); res &= destroy_dir(system_de_path); - res &= destroy_dir(misc_de_path); res &= destroy_dir(vendor_de_path); } else { if (fscrypt_is_native()) { - res &= destroy_volkey(misc_de_path, volume_uuid); + auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id); + res &= destroy_volkey(misc_de_empty_volume_path, volume_uuid); } } } diff --git a/Utils.cpp b/Utils.cpp index 864cbf8..70b70f4 100644 --- a/Utils.cpp +++ b/Utils.cpp @@ -1120,14 +1120,6 @@ std::string BuildDataMiscLegacyPath(userid_t userId) { return StringPrintf("%s/misc/user/%u", BuildDataPath("").c_str(), userId); } -std::string BuildDataMiscCePath(userid_t userId) { - return StringPrintf("%s/misc_ce/%u", BuildDataPath("").c_str(), userId); -} - -std::string BuildDataMiscDePath(userid_t userId) { - return StringPrintf("%s/misc_de/%u", BuildDataPath("").c_str(), userId); -} - // Keep in sync with installd (frameworks/native/cmds/installd/utils.h) std::string BuildDataProfilesDePath(userid_t userId) { return StringPrintf("%s/misc/profiles/cur/%u", BuildDataPath("").c_str(), userId); @@ -1157,6 +1149,14 @@ std::string BuildDataMediaCePath(const std::string& volumeUuid, userid_t userId) return StringPrintf("%s/media/%u", data.c_str(), userId); } +std::string BuildDataMiscCePath(const std::string& volumeUuid, userid_t userId) { + return StringPrintf("%s/misc_ce/%u", BuildDataPath(volumeUuid).c_str(), userId); +} + +std::string BuildDataMiscDePath(const std::string& volumeUuid, userid_t userId) { + return StringPrintf("%s/misc_de/%u", BuildDataPath(volumeUuid).c_str(), userId); +} + std::string BuildDataUserCePath(const std::string& volumeUuid, userid_t userId) { // TODO: unify with installd path generation logic std::string data(BuildDataPath(volumeUuid)); diff --git a/Utils.h b/Utils.h index 2d54639..9facb35 100644 --- a/Utils.h +++ b/Utils.h @@ -150,14 +150,14 @@ std::string BuildDataSystemLegacyPath(userid_t userid); std::string BuildDataSystemCePath(userid_t userid); std::string BuildDataSystemDePath(userid_t userid); std::string BuildDataMiscLegacyPath(userid_t userid); -std::string BuildDataMiscCePath(userid_t userid); -std::string BuildDataMiscDePath(userid_t userid); std::string BuildDataProfilesDePath(userid_t userid); std::string BuildDataVendorCePath(userid_t userid); std::string BuildDataVendorDePath(userid_t userid); std::string BuildDataPath(const std::string& volumeUuid); std::string BuildDataMediaCePath(const std::string& volumeUuid, userid_t userid); +std::string BuildDataMiscCePath(const std::string& volumeUuid, userid_t userid); +std::string BuildDataMiscDePath(const std::string& volumeUuid, userid_t userid); std::string BuildDataUserCePath(const std::string& volumeUuid, userid_t userid); std::string BuildDataUserDePath(const std::string& volumeUuid, userid_t userid); diff --git a/model/PrivateVolume.cpp b/model/PrivateVolume.cpp index 1875b7b..a692ea9 100644 --- a/model/PrivateVolume.cpp +++ b/model/PrivateVolume.cpp @@ -173,6 +173,8 @@ status_t PrivateVolume::doMount() { if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) || PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) || PrepareDir(mPath + "/user_de", 0711, AID_SYSTEM, AID_SYSTEM) || + PrepareDir(mPath + "/misc_ce", 0711, AID_SYSTEM, AID_SYSTEM) || + PrepareDir(mPath + "/misc_de", 0711, AID_SYSTEM, AID_SYSTEM) || PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW, attrs) || PrepareDir(mPath + "/media/0", 0770, AID_MEDIA_RW, AID_MEDIA_RW) || PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) || diff --git a/vold_prepare_subdirs.cpp b/vold_prepare_subdirs.cpp index 692c500..94d7f15 100644 --- a/vold_prepare_subdirs.cpp +++ b/vold_prepare_subdirs.cpp @@ -172,7 +172,7 @@ static bool prepare_subdirs(const std::string& volume_uuid, int user_id, int fla return false; } - auto misc_de_path = android::vold::BuildDataMiscDePath(user_id); + auto misc_de_path = android::vold::BuildDataMiscDePath(volume_uuid, user_id); if (!prepare_dir_for_user(sehandle, 0771, AID_SYSTEM, AID_SYSTEM, misc_de_path + "/sdksandbox", user_id)) { return false; @@ -208,7 +208,7 @@ static bool prepare_subdirs(const std::string& volume_uuid, int user_id, int fla return false; } - auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id); + auto misc_ce_path = android::vold::BuildDataMiscCePath(volume_uuid, user_id); if (!prepare_dir_for_user(sehandle, 0771, AID_SYSTEM, AID_SYSTEM, misc_ce_path + "/sdksandbox", user_id)) { return false; @@ -256,18 +256,20 @@ static bool prepare_subdirs(const std::string& volume_uuid, int user_id, int fla static bool destroy_subdirs(const std::string& volume_uuid, int user_id, int flags) { bool res = true; - if (volume_uuid.empty()) { - if (flags & android::os::IVold::STORAGE_FLAG_CE) { - auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id); - res &= rmrf_contents(misc_ce_path); + if (flags & android::os::IVold::STORAGE_FLAG_CE) { + auto misc_ce_path = android::vold::BuildDataMiscCePath(volume_uuid, user_id); + res &= rmrf_contents(misc_ce_path); + if (volume_uuid.empty()) { auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id); res &= rmrf_contents(vendor_ce_path); } - if (flags & android::os::IVold::STORAGE_FLAG_DE) { - auto misc_de_path = android::vold::BuildDataMiscDePath(user_id); - res &= rmrf_contents(misc_de_path); + } + if (flags & android::os::IVold::STORAGE_FLAG_DE) { + auto misc_de_path = android::vold::BuildDataMiscDePath(volume_uuid, user_id); + res &= rmrf_contents(misc_de_path); + if (volume_uuid.empty()) { auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id); res &= rmrf_contents(vendor_de_path); }