Create and support isolation for /data/storage_area
Creating the directory /data/storage_area (which will store each user's directory of app directories of storage areas) on startup, and adding this directory /data/storage_area to the tmpfs mirror so it can be protected by app data isolation in zygote. Bug: 325121608 Test: atest StorageAreaTest Change-Id: Ia938e89fd8b794dbcbb844b01b790db7c0a62319
This commit is contained in:
Ellen Arteca
parent
63ef65c138
commit
f885d551c2
1 changed files with 13 additions and 0 deletions
|
|
@ -958,6 +958,10 @@ on post-fs-data
|
|||
mkdir /data/vendor_ce 0551 root root encryption=None
|
||||
mkdir /data/vendor_de 0551 root root encryption=None
|
||||
|
||||
# Similar to the top-level CE and DE directories, /data/storage_area must
|
||||
# itself be unencrypted, since it contains encrypted directories.
|
||||
mkdir /data/storage_area 0551 root root encryption=None
|
||||
|
||||
# Set the casefold flag on /data/media. For upgrades, a restorecon can be
|
||||
# needed first to relabel the directory from media_rw_data_file.
|
||||
restorecon /data/media
|
||||
|
|
@ -971,8 +975,12 @@ on post-fs-data
|
|||
mkdir /data_mirror/data_de 0700 root root
|
||||
mkdir /data_mirror/misc_ce 0700 root root
|
||||
mkdir /data_mirror/misc_de 0700 root root
|
||||
mkdir /data_mirror/storage_area 0700 root root
|
||||
|
||||
# Create CE and DE data directory for default volume
|
||||
# Not needed for storage_area directory, since this is
|
||||
# not supported for non-default volumes and the path
|
||||
# does not include the volume ID
|
||||
mkdir /data_mirror/data_ce/null 0700 root root
|
||||
mkdir /data_mirror/data_de/null 0700 root root
|
||||
mkdir /data_mirror/misc_ce/null 0700 root root
|
||||
|
|
@ -987,6 +995,9 @@ on post-fs-data
|
|||
mount none /data/misc_ce /data_mirror/misc_ce/null bind rec
|
||||
mount none /data/misc_de /data_mirror/misc_de/null bind rec
|
||||
|
||||
# Also bind mount for the storage area directory (minus the volume ID)
|
||||
mount none /data/storage_area /data_mirror/storage_area bind rec
|
||||
|
||||
# Create mirror directory for jit profiles
|
||||
mkdir /data_mirror/cur_profiles 0700 root root
|
||||
mount none /data/misc/profiles/cur /data_mirror/cur_profiles bind rec
|
||||
|
|
@ -1327,6 +1338,8 @@ on userspace-reboot-fs-remount
|
|||
umount /data_mirror/data_ce/null/0
|
||||
umount /data_mirror/data_ce/null
|
||||
umount /data_mirror/data_de/null
|
||||
umount /data_mirror/storage_area/0
|
||||
umount /data_mirror/storage_area
|
||||
umount /data_mirror/cur_profiles
|
||||
umount /data_mirror/ref_profiles
|
||||
umount /data_mirror
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue