Public volumes belong to a single user.

When a public (vfat) device is inserted, it's strongly associated with the current foreground user, and no other users should be able to access it, since otherwise that would be a cross-user data leak. To use the device under a different user, switch users and then eject/remount the device. Test: verified user isolation of USB drive Bug: 32523490 Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614
2016-11-02 15:26:01 -06:00
parent aa394dd42c
commit 3a062a67fa
2 changed files with 10 additions and 2 deletions
--- a/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java
+++ b/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java
@@ -134,7 +134,8 @@ public class ExternalStorageProvider extends DocumentsProvider {
                    final VolumeInfo privateVol = mStorageManager.findPrivateForEmulated(volume);
                    title = mStorageManager.getBestVolumeDescription(privateVol);
                }
-            } else if (volume.getType() == VolumeInfo.TYPE_PUBLIC) {
+            } else if (volume.getType() == VolumeInfo.TYPE_PUBLIC
+                    && volume.getMountUserId() == userId) {
                rootId = volume.getFsUuid();
                title = mStorageManager.getBestVolumeDescription(volume);
            } else {
--- a/services/core/java/com/android/server/MountService.java
+++ b/services/core/java/com/android/server/MountService.java
@@ -168,6 +168,11 @@ class MountService extends IMountService.Stub
            }
        }

+        @Override
+        public void onSwitchUser(int userHandle) {
+            mMountService.mCurrentUserId = userHandle;
+        }
+
        @Override
        public void onStartUser(int userHandle) {
            mMountService.onStartUser(userHandle);
@@ -307,6 +312,8 @@ class MountService extends IMountService.Stub
    @GuardedBy("mLock")
    private String mMoveTargetUuid;

+    private volatile int mCurrentUserId = UserHandle.USER_OWNER;
+
    private VolumeInfo findVolumeByIdOrThrow(String id) {
        synchronized (mLock) {
            final VolumeInfo vol = mVolumes.get(id);
@@ -1183,7 +1190,7 @@ class MountService extends IMountService.Stub
                vol.mountFlags |= VolumeInfo.MOUNT_FLAG_VISIBLE;
            }

-            vol.mountUserId = UserHandle.USER_OWNER;
+            vol.mountUserId = mCurrentUserId;
            mHandler.obtainMessage(H_VOLUME_MOUNT, vol).sendToTarget();

        } else if (vol.type == VolumeInfo.TYPE_PRIVATE) {