commit 401b2603516a64d3ee7804e270c966828e6b454a
author Jeff Sharkey <jsharkey@android.com> Thu Dec 14 22:15:20 2017 -0700
committer Jeff Sharkey <jsharkey@android.com> Fri Dec 15 13:44:55 2017 -0700
tree 3f3e72637a13b91fda19d2b8919453bbca6a2a94
parent 0667b7e7ddb797a6b5dae029f3c7a50d5ca10977

Delay touching disks when secure keyguard showing.

We've tried our best to protect against malicious storage devices
with limited SELinux domains, but let's be even more paranoid and
refuse to look at disks inserted while a secure keyguard is
showing.  We'll gladly scan them right away once the user confirms
their credentials.

Test: builds, boots, manual testing
Bug: 68054513
Change-Id: I37fd6c25bbd6631fa4ba3f84e19384d746a22498

VolumeManager.h

diff --git a/VolumeManager.h b/VolumeManager.h
index 5baa7ce..fb455d8 100644
--- a/VolumeManager.h
+++ b/VolumeManager.h
@@ -94,6 +94,8 @@
     int onUserStarted(userid_t userId);
     int onUserStopped(userid_t userId);
 
+    int onSecureKeyguardStateChanged(bool isShowing);
+
     int setPrimary(const std::shared_ptr<android::vold::VolumeBase>& vol);
 
     int remountUid(uid_t uid, const std::string& mode);
@@ -132,6 +134,10 @@
 
     int linkPrimary(userid_t userId);
 
+    void handleDiskAdded(const std::shared_ptr<android::vold::Disk>& disk);
+    void handleDiskChanged(dev_t device);
+    void handleDiskRemoved(dev_t device);
+
     std::mutex mLock;
     std::mutex mCryptLock;
 
@@ -139,6 +145,7 @@
 
     std::list<std::shared_ptr<DiskSource>> mDiskSources;
     std::list<std::shared_ptr<android::vold::Disk>> mDisks;
+    std::list<std::shared_ptr<android::vold::Disk>> mPendingDisks;
     std::list<std::shared_ptr<android::vold::VolumeBase>> mObbVolumes;
 
     std::unordered_map<userid_t, int> mAddedUsers;
@@ -150,6 +157,7 @@
     std::shared_ptr<android::vold::VolumeBase> mPrimary;
 
     int mNextObbId;
+    bool mSecureKeyguardShowing;
 };
 
 #endif