From a58b535495f274f2a576150e4f574d90256d73dd Mon Sep 17 00:00:00 2001 From: Ricky Wai Date: Thu, 29 Apr 2021 17:47:28 +0100 Subject: [PATCH] Only kill apps with storage app data isolation enabled Originally it kills all the apps with obb and data mounted. Due to recent changes, all apps will have obb and data dirs mounted in default root namespace. Hence all apps will be killed by by KillProcessesWithMounts(). To fix this, we also check if the dir is mounted as tmpfs, as the default namespace one is bind mounted to lowerfs, which app data isolation is mounted as tmpfs, so we only kill the process that have obb dir mounted as tmpfs. Bug: 148049767 Test: Able to boot without warnings / errors Ignore-AOSP-First: Merge it along with other CLs, will cherry-pick to AOSP afterwards. Change-Id: I45d9a63ed47cbc27aebb63357a43f51ad62275db --- Process.cpp | 5 +++-- Process.h | 2 +- Utils.cpp | 10 +++++----- Utils.h | 4 ++-- model/EmulatedVolume.cpp | 4 +++- 5 files changed, 14 insertions(+), 11 deletions(-) diff --git a/Process.cpp b/Process.cpp index 62d51a2..79fe15d 100644 --- a/Process.cpp +++ b/Process.cpp @@ -84,7 +84,7 @@ static bool checkSymlink(const std::string& path, const std::string& prefix) { } // TODO: Refactor the code with KillProcessesWithOpenFiles(). -int KillProcessesWithMounts(const std::string& prefix, int signal) { +int KillProcessesWithTmpfsMounts(const std::string& prefix, int signal) { std::unordered_set pids; auto proc_d = std::unique_ptr(opendir("/proc"), closedir); @@ -112,7 +112,8 @@ int KillProcessesWithMounts(const std::string& prefix, int signal) { // Check if obb directory is mounted, and get all packages of mounted app data directory. mntent* mentry; while ((mentry = getmntent(fp.get())) != nullptr) { - if (android::base::StartsWith(mentry->mnt_dir, prefix)) { + if (mentry->mnt_fsname != nullptr && strncmp(mentry->mnt_fsname, "tmpfs", 5) == 0 + && android::base::StartsWith(mentry->mnt_dir, prefix)) { pids.insert(pid); break; } diff --git a/Process.h b/Process.h index a56b9ce..f3728b5 100644 --- a/Process.h +++ b/Process.h @@ -21,7 +21,7 @@ namespace android { namespace vold { int KillProcessesWithOpenFiles(const std::string& path, int signal, bool killFuseDaemon = true); -int KillProcessesWithMounts(const std::string& path, int signal); +int KillProcessesWithTmpfsMounts(const std::string& path, int signal); } // namespace vold } // namespace android diff --git a/Utils.cpp b/Utils.cpp index 9ff7920..b353197 100644 --- a/Utils.cpp +++ b/Utils.cpp @@ -499,25 +499,25 @@ status_t ForceUnmount(const std::string& path) { return -errno; } -status_t KillProcessesWithMountPrefix(const std::string& path) { - if (KillProcessesWithMounts(path, SIGINT) == 0) { +status_t KillProcessesWithTmpfsMountPrefix(const std::string& path) { + if (KillProcessesWithTmpfsMounts(path, SIGINT) == 0) { return OK; } if (sSleepOnUnmount) sleep(5); - if (KillProcessesWithMounts(path, SIGTERM) == 0) { + if (KillProcessesWithTmpfsMounts(path, SIGTERM) == 0) { return OK; } if (sSleepOnUnmount) sleep(5); - if (KillProcessesWithMounts(path, SIGKILL) == 0) { + if (KillProcessesWithTmpfsMounts(path, SIGKILL) == 0) { return OK; } if (sSleepOnUnmount) sleep(5); // Send SIGKILL a second time to determine if we've // actually killed everyone mount - if (KillProcessesWithMounts(path, SIGKILL) == 0) { + if (KillProcessesWithTmpfsMounts(path, SIGKILL) == 0) { return OK; } PLOG(ERROR) << "Failed to kill processes using " << path; diff --git a/Utils.h b/Utils.h index 4771593..a3316c3 100644 --- a/Utils.h +++ b/Utils.h @@ -78,8 +78,8 @@ status_t ForceUnmount(const std::string& path); /* Kills any processes using given path */ status_t KillProcessesUsingPath(const std::string& path); -/* Kills any processes using given mount prifix */ -status_t KillProcessesWithMountPrefix(const std::string& path); +/* Kills any processes using given tmpfs mount prifix */ +status_t KillProcessesWithTmpfsMountPrefix(const std::string& path); /* Creates bind mount from source to target */ status_t BindMount(const std::string& source, const std::string& target); diff --git a/model/EmulatedVolume.cpp b/model/EmulatedVolume.cpp index 9431f95..09a75b5 100644 --- a/model/EmulatedVolume.cpp +++ b/model/EmulatedVolume.cpp @@ -191,7 +191,9 @@ status_t EmulatedVolume::unmountFuseBindMounts() { // umount the whole Android/ dir. if (mAppDataIsolationEnabled) { std::string appObbDir(StringPrintf("%s/%d/Android/obb", getPath().c_str(), userId)); - KillProcessesWithMountPrefix(appObbDir); + // Here we assume obb/data dirs is mounted as tmpfs, then it must be caused by + // app data isolation. + KillProcessesWithTmpfsMountPrefix(appObbDir); } else { std::string androidDataTarget( StringPrintf("/mnt/user/%d/%s/%d/Android/data", userId, label.c_str(), userId));