Protect /mnt/scratch from stale umount on userdebug
On userdebug protect /mnt/scratch. On user builds ensure that
/mnt/scratch is considered a stale mount so it can not be used.
vold runs before ro.debuggable is set, so this must be a compile
time decision.
Minor technical debt cleanup associated with using android::base.
Test: compile
Bug: 109821005
Change-Id: I8efdbedfe850dd24daecf03a37aea61de47edc7d
Merged-In: I8efdbedfe850dd24daecf03a37aea61de47edc7d
diff --git a/Android.bp b/Android.bp
index 1e45727..b115bc1 100644
--- a/Android.bp
+++ b/Android.bp
@@ -139,6 +139,9 @@
"libarcobbvolume",
],
},
+ debuggable: {
+ cppflags: ["-D__ANDROID_DEBUGGABLE__"],
+ },
},
shared_libs: [
"android.hardware.health.storage@1.0",
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index cbe3187..75e28d4 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -64,6 +64,7 @@
#include "model/EmulatedVolume.h"
#include "model/ObbVolume.h"
+using android::base::StartsWith;
using android::base::StringPrintf;
using android::base::unique_fd;
@@ -589,10 +590,12 @@
mntent* mentry;
while ((mentry = getmntent(fp)) != NULL) {
auto test = std::string(mentry->mnt_dir);
- if ((android::base::StartsWith(test, "/mnt/") &&
- !android::base::StartsWith(test, "/mnt/vendor") &&
- !android::base::StartsWith(test, "/mnt/product")) ||
- android::base::StartsWith(test, "/storage/")) {
+ if ((StartsWith(test, "/mnt/") &&
+#ifdef __ANDROID_DEBUGGABLE__
+ !StartsWith(test, "/mnt/scratch") &&
+#endif
+ !StartsWith(test, "/mnt/vendor") && !StartsWith(test, "/mnt/product")) ||
+ StartsWith(test, "/storage/")) {
toUnmount.push_front(test);
}
}
@@ -608,7 +611,7 @@
int VolumeManager::mkdirs(const std::string& path) {
// Only offer to create directories for paths managed by vold
- if (android::base::StartsWith(path, "/storage/")) {
+ if (StartsWith(path, "/storage/")) {
// fs_mkdirs() does symlink checking and relative path enforcement
return fs_mkdirs(path.c_str(), 0700);
} else {
@@ -630,7 +633,7 @@
return -EINVAL;
}
}
- *path = android::base::StringPrintf("/mnt/appfuse/%d_%s", uid, name.c_str());
+ *path = StringPrintf("/mnt/appfuse/%d_%s", uid, name.c_str());
return android::OK;
}
@@ -638,7 +641,7 @@
// Remove existing mount.
android::vold::ForceUnmount(path);
- const auto opts = android::base::StringPrintf(
+ const auto opts = StringPrintf(
"fd=%i,"
"rootmode=40000,"
"default_permissions,"
@@ -673,7 +676,7 @@
}
// Obtains process file descriptor.
- const std::string pid_str = android::base::StringPrintf("%d", pid);
+ const std::string pid_str = StringPrintf("%d", pid);
const unique_fd pid_fd(openat(dir.get(), pid_str.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC));
if (pid_fd.get() == -1) {
PLOG(ERROR) << "Failed to open /proc/" << pid;
@@ -782,8 +785,7 @@
return android::OK;
}
-int VolumeManager::mountAppFuse(uid_t uid, pid_t pid, int mountId,
- android::base::unique_fd* device_fd) {
+int VolumeManager::mountAppFuse(uid_t uid, pid_t pid, int mountId, unique_fd* device_fd) {
std::string name = std::to_string(mountId);
// Check mount point name.