commit 40ab6742a7b8f96abc0fb9407df473fd310a3513
author Sudheer Shanka <sudheersai@google.com> Tue Sep 18 13:07:45 2018 -0700
committer Sudheer Shanka <sudheersai@google.com> Thu Sep 27 15:50:26 2018 -0700
tree e7565ffda5a24aa9f0db683e6ee48fb5445c9069
parent 144e7cc25ac094be4374b8eadca2b10b3ab48f2d

Bind mount pkg specific dirs in the zygote child namespaces.

- Also update vold to create sandboxes for secondary storage devices.
- Since bind mounts are created in the process specific namespaces, we
  don't need /mnt/storage anymore which we were using it to prevent
  some bind mounts from propagating onto /mnt/runtime/write.
- Create bind mounts for {media,obb} dirs similar to data dir in
  per process namespace.
- Also fix a bug where we are not passing correct packages to vold when
  a new user starts.

Bug: 111890351
Test: manual
Change-Id: I7849efc4fbf3c654606fa30de7ab2de0236d766f

VolumeManager.h

diff --git a/VolumeManager.h b/VolumeManager.h
index 492770e..5d211db 100644
--- a/VolumeManager.h
+++ b/VolumeManager.h
@@ -99,6 +99,9 @@
     int mountExternalStorageForApp(const std::string& packageName, appid_t appId,
                                    const std::string& sandboxId, userid_t userId);
 
+    int onVolumeMounted(android::vold::VolumeBase* vol);
+    int onVolumeUnmounted(android::vold::VolumeBase* vol);
+
     int onSecureKeyguardStateChanged(bool isShowing);
 
     int setPrimary(const std::shared_ptr<android::vold::VolumeBase>& vol);
@@ -137,8 +140,14 @@
     VolumeManager();
     void readInitialState();
 
-    int linkPrimary(userid_t userId, const std::vector<std::string>& packageNames);
+    int linkPrimary(userid_t userId);
 
+    int prepareSandboxes(userid_t userId, const std::vector<std::string>& packageNames,
+                         const std::vector<std::string>& visibleVolLabels);
+    int mountPkgSpecificDirsForRunningProcs(userid_t userId,
+                                            const std::vector<std::string>& packageNames,
+                                            const std::vector<std::string>& visibleVolLabels);
+    int destroySandboxesForVol(android::vold::VolumeBase* vol, userid_t userId);
     std::string prepareSandboxSource(uid_t uid, const std::string& sandboxId,
                                      const std::string& sandboxRootDir);
     std::string prepareSandboxTarget(const std::string& packageName, uid_t uid,
@@ -146,11 +155,13 @@
                                      const std::string& mntTargetRootDir, bool isUserDependent);
     std::string preparePkgDataSource(const std::string& packageName, uid_t uid,
                                      const std::string& dataRootDir);
-    std::string preparePkgDataTarget(const std::string& packageName, uid_t uid,
-                                     const std::string& pkgSandboxDir);
-    int mountSandboxesForPrimaryVol(userid_t userId, const std::vector<std::string>& packageNames);
     std::string prepareSubDirs(const std::string& pathPrefix, const std::string& subDirs,
                                mode_t mode, uid_t uid, gid_t gid);
+    bool createPkgSpecificDirRoots(const std::string& volumeRoot);
+    bool createPkgSpecificDirs(const std::string& packageName, uid_t uid,
+                               const std::string& volumeRoot, const std::string& sandboxDirRoot);
+    int mountPkgSpecificDir(const std::string& mntSourceRoot, const std::string& mntTargetRoot,
+                            const std::string& packageName, const char* dirName);
 
     void handleDiskAdded(const std::shared_ptr<android::vold::Disk>& disk);
     void handleDiskChanged(dev_t device);
@@ -177,10 +188,10 @@
     std::unordered_map<std::string, appid_t> mAppIds;
     std::unordered_map<appid_t, std::string> mSandboxIds;
     std::unordered_map<userid_t, std::vector<std::string>> mUserPackages;
+    std::unordered_set<std::string> mVisibleVolumeIds;
 
     int mNextObbId;
     bool mSecureKeyguardShowing;
-    bool mMntStorageCreated;
 };
 
 #endif