Create a new slave bind mount at /mnt/storage and use this for
creating package sandboxes. This will help prevent package
specific data directories from getting duplicated and also make
handling bind mounts for packages with sharedUserIds easier.
Bug: 111890351
Test: manual
Change-Id: I0f590cc99a379d93f6db85bf56e8d274e3ea7488
MODE_EXTERNAL_FULL is added which indicates the app
should get access to entire external storage.
Bug: 111890351
Test: manual
Change-Id: Ie2d8c99f4e3bf064ed238ade7bbf625aa2d1e907
When using make_f2fs to format a filesystem with quota enabled, make_f2fs
will write quota record with group id equtal to make_f2fs's execution
group id.
Vold shall run as root group so that make_f2fs forked by vold will enherit
vold's root group. Make_f2fs can then write quota record with group id for
root group and therefore kernel quota driver can find quota record for
root group.
Bug: 111775499
Change-Id: I0c1fef760597d1695586d24365200b25e2cf07e6
Signed-off-by: Light Hsieh <light.hsieh@mediatek.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
For apps with sharedUserIds, sandbox/shared:<shared-user-id> is
currently used as sandbox root. Given that <shared-user-id> can
be upto 255 characters, adding "shared:" might tip over the
filename limit on ext4 filesystems. So, instead use
sandbox/shared/<shared-user-id> as the sandbox root.
Bug: 111890351
Test: manual
Change-Id: Iba437b3eed59f9eb3094a823e8bf2a5a58410fd7
Remove the Speck encryption support. It was eventually
decided not to allow Speck in Android P, so this code
is no longer needed and wasn't used outside of testing.
Note we don't just "git revert" the original commit
(38723f23ff) because we want
to retain the infrastructure for allowing new types of
crypto algorithms in the future.
Bug: 112009351
Test: Attempted to setup a device with ro.crypto.fde_algorithm set to Speck, and Speck was rejected and the system defaulted to AES.
Change-Id: I69a8b4e8632f8d30b5b54783cb986ab42d4397d9
Remove the Speck encryption support. It was eventually
decided not to allow Speck in Android P, so this code
is no longer needed and wasn't used outside of testing.
Note we don't just "git revert" the original commit
(38723f23ff) because we want
to retain the infrastructure for allowing new types of
crypto algorithms in the future.
Bug: 112009351
Test: Attempted to setup a device with ro.crypto.fde_algorithm set to Speck, and Speck was rejected and the system defaulted to AES.
Change-Id: I69a8b4e8632f8d30b5b54783cb986ab42d4397d9
string::find() looks in every position of the string for a match.
We switch to android::base::StartsWith() so we only look for
a match in the first position.
Test: TreeHugger
Change-Id: Idda1a6b60cab8b4eb4b335921fe0fa38eab724dc
This is same as what we are doing as of P, symlinking
"/mnt/user/<user-id>/primary" to primary volume path.
Bug: 111890351
Test: manual
Change-Id: I3bc538401bf56fd6243ce7eca424cc4c9b585974
This file should avoid F2FS GC, since it directly access block device based
on fibmap.
Bug: 111659036
Change-Id: I15aef8175c23ba4029eb580e2dba59c77cca8227
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Vold is updated to create package specific sandboxes for primary
volume and mount them at
"/mnt/user/<user-id>/package/<package-name>/<primary-label>".
This will later be mounted at /storage when a new process starts.
Bug: 111890351
Test: Manually verified that a package has access to "/sdcard" and
"/storage/emulated/0", both of which are just the package specific
sandboxes and the package doesn't have access to other sandboxes
and can't see other package names.
Change-Id: I72dc8ae9eb2260a298159c5de18387dad2f9de48
Bug: 111890351
Test: n/a
Change-Id: Ia24f15112f9a4ee4994688ff8fedf786cbf479b7
Exempt-From-Owner-Approval: This was approved as part of http://ag/4494673
This fixes F2FS GC failure in idle-maint.
07-28 18:25:54.838 603 11187 D vold : idle maintenance started
07-28 18:25:54.846 603 11187 D vold : Start GC on /sys/fs/f2fs/sda21
07-28 18:25:54.847 603 11187 W vold : Set discard gralunarity failed on/sys/fs/f2fs/sda21: No such file or directory
07-28 18:25:54.847 603 11187 W vold : Start GC failed on /sys/fs/f2fs/sda21: No such file or directory
Bug: 111953875
Change-Id: I1d10802121d5641cf9ba780fee249affd2cf6ffe
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
LOG(DEBUG) tries to print a string pointed by secontext.get() but
crashed if it was nullptr.
Bug: 111888637
Test: "make -j50" and ran emulator
Change-Id: Iac78f650e7f48781030dc610f7d35cd52c250802
Signed-off-by: Roman Kiryanov <rkir@google.com>
