Merge "Revert "Revert "Revert "Set a default ACL on /data/media/userId."""" am: a98846d8d5 am: 375884bd0a

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1592902

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I38ed5d51a2f7712bf6a72b01f35e4c99a4edb43f
This commit is contained in:
Dhiraj Jadhav 2021-02-18 19:13:34 +00:00 committed by Automerger Merge Worker
commit e5d8fe2474
3 changed files with 3 additions and 15 deletions

View file

@ -74,7 +74,6 @@ using android::vold::KeyBuffer;
using android::vold::KeyGeneration; using android::vold::KeyGeneration;
using android::vold::retrieveKey; using android::vold::retrieveKey;
using android::vold::retrieveOrGenerateKey; using android::vold::retrieveOrGenerateKey;
using android::vold::SetDefaultAcl;
using android::vold::SetQuotaInherit; using android::vold::SetQuotaInherit;
using android::vold::SetQuotaProjectId; using android::vold::SetQuotaProjectId;
using android::vold::writeStringToFile; using android::vold::writeStringToFile;
@ -863,15 +862,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_
if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false; if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false;
if (!prepare_dir(vendor_ce_path, 0771, AID_ROOT, AID_ROOT)) return false; if (!prepare_dir(vendor_ce_path, 0771, AID_ROOT, AID_ROOT)) return false;
} }
if (!prepare_dir(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW)) return false; if (!prepare_dir(media_ce_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW)) return false;
// On devices without sdcardfs (kernel 5.4+), the path permissions aren't fixed
// up automatically; therefore, use a default ACL, to ensure apps with MEDIA_RW
// can keep reading external storage; in particular, this allows app cloning
// scenarios to work correctly on such devices.
int ret = SetDefaultAcl(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW, {AID_MEDIA_RW});
if (ret != android::OK) {
return false;
}
if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false; if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;

View file

@ -136,8 +136,8 @@ status_t DestroyDeviceNode(const std::string& path) {
} }
// Sets a default ACL on the directory. // Sets a default ACL on the directory.
status_t SetDefaultAcl(const std::string& path, mode_t mode, uid_t uid, gid_t gid, int SetDefaultAcl(const std::string& path, mode_t mode, uid_t uid, gid_t gid,
std::vector<gid_t> additionalGids) { std::vector<gid_t> additionalGids) {
if (IsSdcardfsUsed()) { if (IsSdcardfsUsed()) {
// sdcardfs magically takes care of this // sdcardfs magically takes care of this
return OK; return OK;

View file

@ -51,9 +51,6 @@ std::string GetFuseMountPathForUser(userid_t user_id, const std::string& relativ
status_t CreateDeviceNode(const std::string& path, dev_t dev); status_t CreateDeviceNode(const std::string& path, dev_t dev);
status_t DestroyDeviceNode(const std::string& path); status_t DestroyDeviceNode(const std::string& path);
status_t SetDefaultAcl(const std::string& path, mode_t mode, uid_t uid, gid_t gid,
std::vector<gid_t> additionalGids);
status_t AbortFuseConnections(); status_t AbortFuseConnections();
int SetQuotaInherit(const std::string& path); int SetQuotaInherit(const std::string& path);