From b276e80aec54c139587bbc510f503ced9414cf0f Mon Sep 17 00:00:00 2001 From: Martijn Coenen Date: Wed, 20 Jan 2021 15:51:44 +0000 Subject: [PATCH] Revert "Set a default ACL on /data/media/userId." This reverts commit a71323ec0ea0927464c7e6f62770ef43f649b3fb. Reason for revert: b/177926359 - note that this is a Google testing infrastructure issue, and no issue with this patch. Partners can keep using this patch. It will be resubmitted in a few weeks. Change-Id: Ia13279ac1aafa2e4425c4527aeadd5d0fadbc2e4 --- FsCrypt.cpp | 11 +---------- Utils.cpp | 4 ++-- Utils.h | 3 --- 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/FsCrypt.cpp b/FsCrypt.cpp index be51963..8f6ba9c 100644 --- a/FsCrypt.cpp +++ b/FsCrypt.cpp @@ -74,7 +74,6 @@ using android::vold::KeyBuffer; using android::vold::KeyGeneration; using android::vold::retrieveKey; using android::vold::retrieveOrGenerateKey; -using android::vold::SetDefaultAcl; using android::vold::SetQuotaInherit; using android::vold::SetQuotaProjectId; using android::vold::writeStringToFile; @@ -868,15 +867,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_ if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false; if (!prepare_dir(vendor_ce_path, 0771, AID_ROOT, AID_ROOT)) return false; } - if (!prepare_dir(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW)) return false; - // On devices without sdcardfs (kernel 5.4+), the path permissions aren't fixed - // up automatically; therefore, use a default ACL, to ensure apps with MEDIA_RW - // can keep reading external storage; in particular, this allows app cloning - // scenarios to work correctly on such devices. - int ret = SetDefaultAcl(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW, {AID_MEDIA_RW}); - if (ret != android::OK) { - return false; - } + if (!prepare_dir(media_ce_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW)) return false; if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false; diff --git a/Utils.cpp b/Utils.cpp index 98797b2..d5648f7 100644 --- a/Utils.cpp +++ b/Utils.cpp @@ -136,8 +136,8 @@ status_t DestroyDeviceNode(const std::string& path) { } // Sets a default ACL on the directory. -status_t SetDefaultAcl(const std::string& path, mode_t mode, uid_t uid, gid_t gid, - std::vector additionalGids) { +int SetDefaultAcl(const std::string& path, mode_t mode, uid_t uid, gid_t gid, + std::vector additionalGids) { if (IsSdcardfsUsed()) { // sdcardfs magically takes care of this return OK; diff --git a/Utils.h b/Utils.h index 8975adc..cf3fd9b 100644 --- a/Utils.h +++ b/Utils.h @@ -52,9 +52,6 @@ std::string GetFuseMountPathForUser(userid_t user_id, const std::string& relativ status_t CreateDeviceNode(const std::string& path, dev_t dev); status_t DestroyDeviceNode(const std::string& path); -status_t SetDefaultAcl(const std::string& path, mode_t mode, uid_t uid, gid_t gid, - std::vector additionalGids); - status_t AbortFuseConnections(); int SetQuotaInherit(const std::string& path);