vold2: Enable support for custom mount perm masks and wire to asec
Signed-off-by: San Mehat <san@google.com>
diff --git a/Fat.cpp b/Fat.cpp
index 6537a68..4b1558a 100644
--- a/Fat.cpp
+++ b/Fat.cpp
@@ -92,9 +92,12 @@
return 0;
}
-int Fat::doMount(const char *fsPath, const char *mountPoint, bool ro, bool remount) {
+int Fat::doMount(const char *fsPath, const char *mountPoint,
+ bool ro, bool remount, int ownerUid, int ownerGid,
+ int permMask, bool createLost) {
int rc;
unsigned long flags;
+ char mountData[255];
flags = MS_NODEV | MS_NOEXEC | MS_NOSUID | MS_DIRSYNC;
@@ -112,28 +115,22 @@
if (value[0] == '1') {
LOGW("The SD card is world-writable because the"
" 'persist.sampling_profiler' system property is set to '1'.");
- rc = mount(fsPath, mountPoint, (const char *) "vfat", (unsigned long) flags,
- (const void *) "utf8,uid=1000,gid=1015,fmask=000,dmask=000,shortname=mixed");
- } else {
- /*
- * The mount masks restrict access so that:
- * 1. The 'system' user cannot access the SD card at all -
- * (protects system_server from grabbing file references)
- * 2. Group users can RWX
- * 3. Others can only RX
- */
- rc = mount(fsPath, mountPoint, "vfat", flags,
- "utf8,uid=1000,gid=1015,fmask=702,dmask=702,shortname=mixed");
+ permMask = 0;
}
+ sprintf(mountData,
+ "utf8,uid=%d,gid=%d,fmask=%o,dmask=%o,shortname=mixed",
+ ownerUid, ownerGid, permMask, permMask);
+
+ rc = mount(fsPath, mountPoint, "vfat", flags, mountData);
+
if (rc && errno == EROFS) {
LOGE("%s appears to be a read only filesystem - retrying mount RO", fsPath);
flags |= MS_RDONLY;
- rc = mount(fsPath, mountPoint, "vfat", flags,
- "utf8,uid=1000,gid=1015,fmask=702,dmask=702,shortname=mixed");
+ rc = mount(fsPath, mountPoint, "vfat", flags, mountData);
}
- if (rc == 0) {
+ if (rc == 0 && createLost) {
char *lost_path;
asprintf(&lost_path, "%s/LOST.DIR", mountPoint);
if (access(lost_path, F_OK)) {
diff --git a/Fat.h b/Fat.h
index e5d76e3..ab16a7f 100644
--- a/Fat.h
+++ b/Fat.h
@@ -23,7 +23,8 @@
public:
static int check(const char *fsPath);
static int doMount(const char *fsPath, const char *mountPoint, bool ro,
- bool remount);
+ bool remount, int ownerUid, int ownerGid, int permMask,
+ bool createLost);
static int format(const char *fsPath);
};
diff --git a/Volume.cpp b/Volume.cpp
index 787d4cd..6926d77 100644
--- a/Volume.cpp
+++ b/Volume.cpp
@@ -268,7 +268,8 @@
LOGI("%s checks out - attempting to mount\n", devicePath);
errno = 0;
- if (!(rc = Fat::doMount(devicePath, getMountpoint(), false, false))) {
+ if (!(rc = Fat::doMount(devicePath, getMountpoint(), false, false,
+ 1000, 1015, 0702, true))) {
LOGI("%s sucessfully mounted for volume %s\n", devicePath,
getLabel());
setState(Volume::State_Mounted);
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index f4b62c4..830c634 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -226,7 +226,8 @@
return -1;
}
- if (Fat::doMount(loopDevice, mountPoint, false, false)) {
+ if (Fat::doMount(loopDevice, mountPoint, false, false, ownerUid,
+ 0, 0007, false)) {
LOGE("ASEC FAT mount failed (%s)", strerror(errno));
Loop::destroyByDevice(loopDevice);
unlink(asecFileName);
@@ -250,7 +251,8 @@
}
snprintf(mountPoint, sizeof(mountPoint), "/asec/%s", id);
- if (Fat::doMount(loopDevice, mountPoint, true, true)) {
+ // XXX:
+ if (Fat::doMount(loopDevice, mountPoint, true, true, 0, 0, 0227, false)) {
LOGE("ASEC finalize mount failed (%s)", strerror(errno));
return -1;
}
@@ -331,7 +333,8 @@
return -1;
}
- if (Fat::doMount(loopDevice, mountPoint, true, false)) {
+ if (Fat::doMount(loopDevice, mountPoint, true, false, ownerUid, 0,
+ 0227, false)) {
LOGE("ASEC mount failed (%s)", strerror(errno));
return -1;
}