Implement MediaProviderWrapper and redaction in fuse reads
Add a layer, called MediaProviderWrapper, that simplifies the
interaction between FuseDaemon and MediaProvider. This layer is
responsible for:
* JNI calls from FuseDaemon to MediaProvider
* Packaging the data FuseDaemon wants in cpp friendly objects
This layer does NOT directly manipulate FUSE replies and is not aware
of the existence of FUSE.
Also implement metadata redaction on read requests, where redaction is
needed. MediaProvider is the ultimate source of truth regarding when and
what to redact.
Add test for RedactionInfo logic.
Also add a LocalCallingIdentity implementation for adb
shell when running as root, for debugging reasons.
adbd's calling indentity behaviour can be controlled by setting the
following system property:
* persist.sys.fuse.shell-root.redaction-needed
* default: false
It has all other permissions.
Bug: 140281217
Test: adb shell setprop persist.fuse.shell-root.redaction-needed true
adb root
adb pull <photo with location data, e.g. GPSLatitude>
Observe location data has been removed
Test: atest RedactionInfoTest
Change-Id: I183bcf5ec3b6745d3d216dc840e46f5fd753fde7
diff --git a/jni/FuseDaemon.h b/jni/FuseDaemon.h
index 68b4423..580712c 100644
--- a/jni/FuseDaemon.h
+++ b/jni/FuseDaemon.h
@@ -19,13 +19,14 @@
#include <string>
+#include "MediaProviderWrapper.h"
#include "jni.h"
namespace mediaprovider {
namespace fuse {
class FuseDaemon final {
-public:
+ public:
FuseDaemon(JNIEnv* env, jobject mediaProvider);
~FuseDaemon() {
@@ -43,6 +44,7 @@
private:
FuseDaemon(const FuseDaemon&) = delete;
void operator=(const FuseDaemon&) = delete;
+ MediaProviderWrapper mp;
};
} // namespace fuse