tequilaOS/platform_system_vold

Fork 0

Commit graph

Author	SHA1	Message	Date
Yurii Zubrytskyi	18eb877246	[vold] Check incremental paths before mounting Vold was trusting system_server too much and allowed for pretty much any path in mount()/bindMount() calls for incremental. This CL adds validation to make sure it's only accessing own directories. This includes enforcing no symlinks in the paths Bug: 198657657 Bug: 216722132 Test: manual Change-Id: I6035447f94ef44c4ae3294c3ae47de2d7210683a Merged-In: I6035447f94ef44c4ae3294c3ae47de2d7210683a	2022-01-31 22:13:14 +00:00
Alex Buynytskyy	605a44fe93	Additional operation check when enabling read logs. Vold now does not check caller's permission, but only accepts transactions from system_server. And it's up to system server to do the right thing and check permissions/appops. Bug: b/152633648 Test: atest PackageManagerShellCommandTest PackageManagerShellCommandIncrementalTest Test: adb shell appops set 1000 GET_USAGE_STATS deny Change-Id: Id56c1673b135b72b3ec86e572aa4bcca3afc19ab	2020-04-03 18:42:04 -07:00
Yurii Zubrytskyi	131365a3e5	[vold] Add argument verification to IncFS methods + Get rid of an extra string copy in path validation function Bug: 152349257 Test: atest vold_tests Change-Id: I03a8cab0dd6abd7d5c9dcbbc2acb651e818e6cd8	2020-03-25 14:33:24 -07:00

Author

SHA1

Message

Date

Yurii Zubrytskyi

18eb877246

[vold] Check incremental paths before mounting

Vold was trusting system_server too much and allowed for pretty
much any path in mount()/bindMount() calls for incremental.
This CL adds validation to make sure it's only accessing own
directories. This includes enforcing no symlinks in the paths

Bug: 198657657
Bug: 216722132
Test: manual
Change-Id: I6035447f94ef44c4ae3294c3ae47de2d7210683a
Merged-In: I6035447f94ef44c4ae3294c3ae47de2d7210683a

2022-01-31 22:13:14 +00:00

Alex Buynytskyy

605a44fe93

Additional operation check when enabling read logs.

Vold now does not check caller's permission, but only accepts
transactions from system_server. And it's up to system server to do the
right thing and check permissions/appops.

Bug: b/152633648
Test: atest PackageManagerShellCommandTest PackageManagerShellCommandIncrementalTest
Test: adb shell appops set 1000 GET_USAGE_STATS deny
Change-Id: Id56c1673b135b72b3ec86e572aa4bcca3afc19ab

2020-04-03 18:42:04 -07:00

Yurii Zubrytskyi

131365a3e5

[vold] Add argument verification to IncFS methods

+ Get rid of an extra string copy in path validation function

Bug: 152349257
Test: atest vold_tests
Change-Id: I03a8cab0dd6abd7d5c9dcbbc2acb651e818e6cd8

2020-03-25 14:33:24 -07:00

3 commits