Merge "Bind mount pkg specific dirs in the zygote child namespaces."
This commit is contained in:
Sudheer Shanka
committed by
Android (Google) Code Review
Android (Google) Code Review
commit
3bc4ab482b
@@ -483,6 +483,8 @@ public class Process {
|
||||
* @param appDataDir null-ok the data directory of the app.
|
||||
* @param invokeWith null-ok the command to invoke with.
|
||||
* @param packageName null-ok the name of the package this process belongs to.
|
||||
* @param packagesForUid null-ok all the packages with the same uid as this process.
|
||||
* @param visibleVols null-ok storage volumes that can be accessed by this process.
|
||||
* @param zygoteArgs Additional arguments to supply to the zygote process.
|
||||
*
|
||||
* @return An object that describes the result of the attempt to start the process.
|
||||
@@ -501,10 +503,13 @@ public class Process {
|
||||
@Nullable String appDataDir,
|
||||
@Nullable String invokeWith,
|
||||
@Nullable String packageName,
|
||||
@Nullable String[] packagesForUid,
|
||||
@Nullable String[] visibleVols,
|
||||
@Nullable String[] zygoteArgs) {
|
||||
return zygoteProcess.start(processClass, niceName, uid, gid, gids,
|
||||
runtimeFlags, mountExternal, targetSdkVersion, seInfo,
|
||||
abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs);
|
||||
abi, instructionSet, appDataDir, invokeWith, packageName,
|
||||
packagesForUid, visibleVols, zygoteArgs);
|
||||
}
|
||||
|
||||
/** @hide */
|
||||
@@ -519,10 +524,13 @@ public class Process {
|
||||
@Nullable String appDataDir,
|
||||
@Nullable String invokeWith,
|
||||
@Nullable String packageName,
|
||||
@Nullable String[] packagesForUid,
|
||||
@Nullable String[] visibleVols,
|
||||
@Nullable String[] zygoteArgs) {
|
||||
return WebViewZygote.getProcess().start(processClass, niceName, uid, gid, gids,
|
||||
runtimeFlags, mountExternal, targetSdkVersion, seInfo,
|
||||
abi, instructionSet, appDataDir, invokeWith, packageName, zygoteArgs);
|
||||
abi, instructionSet, appDataDir, invokeWith, packageName,
|
||||
packagesForUid, visibleVols, zygoteArgs);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -215,6 +215,8 @@ public class ZygoteProcess {
|
||||
* @param appDataDir null-ok the data directory of the app.
|
||||
* @param invokeWith null-ok the command to invoke with.
|
||||
* @param packageName null-ok the name of the package this process belongs to.
|
||||
* @param packagesForUid null-ok all the packages with the same uid as this process.
|
||||
* @param visibleVols null-ok storage volumes that can be accessed by this process.
|
||||
* @param zygoteArgs Additional arguments to supply to the zygote process.
|
||||
*
|
||||
* @return An object that describes the result of the attempt to start the process.
|
||||
@@ -231,12 +233,14 @@ public class ZygoteProcess {
|
||||
@Nullable String appDataDir,
|
||||
@Nullable String invokeWith,
|
||||
@Nullable String packageName,
|
||||
@Nullable String[] packagesForUid,
|
||||
@Nullable String[] visibleVols,
|
||||
@Nullable String[] zygoteArgs) {
|
||||
try {
|
||||
return startViaZygote(processClass, niceName, uid, gid, gids,
|
||||
runtimeFlags, mountExternal, targetSdkVersion, seInfo,
|
||||
abi, instructionSet, appDataDir, invokeWith, false /* startChildZygote */,
|
||||
packageName, zygoteArgs);
|
||||
packageName, packagesForUid, visibleVols, zygoteArgs);
|
||||
} catch (ZygoteStartFailedEx ex) {
|
||||
Log.e(LOG_TAG,
|
||||
"Starting VM process through Zygote failed");
|
||||
@@ -355,6 +359,8 @@ public class ZygoteProcess {
|
||||
* @param startChildZygote Start a sub-zygote. This creates a new zygote process
|
||||
* that has its state cloned from this zygote process.
|
||||
* @param packageName null-ok the name of the package this process belongs to.
|
||||
* @param packagesForUid null-ok all the packages with the same uid as this process.
|
||||
* @param visibleVols null-ok storage volumes that can be accessed by this process.
|
||||
* @param extraArgs Additional arguments to supply to the zygote process.
|
||||
* @return An object that describes the result of the attempt to start the process.
|
||||
* @throws ZygoteStartFailedEx if process start failed for any reason
|
||||
@@ -372,6 +378,8 @@ public class ZygoteProcess {
|
||||
@Nullable String invokeWith,
|
||||
boolean startChildZygote,
|
||||
@Nullable String packageName,
|
||||
@Nullable String[] packagesForUid,
|
||||
@Nullable String[] visibleVols,
|
||||
@Nullable String[] extraArgs)
|
||||
throws ZygoteStartFailedEx {
|
||||
ArrayList<String> argsForZygote = new ArrayList<String>();
|
||||
@@ -439,6 +447,32 @@ public class ZygoteProcess {
|
||||
argsForZygote.add("--package-name=" + packageName);
|
||||
}
|
||||
|
||||
if (packagesForUid != null && packagesForUid.length > 0) {
|
||||
final StringBuilder sb = new StringBuilder();
|
||||
sb.append("--packages-for-uid=");
|
||||
|
||||
for (int i = 0; i < packagesForUid.length; ++i) {
|
||||
if (i != 0) {
|
||||
sb.append(',');
|
||||
}
|
||||
sb.append(packagesForUid[i]);
|
||||
}
|
||||
argsForZygote.add(sb.toString());
|
||||
}
|
||||
|
||||
if (visibleVols != null && visibleVols.length > 0) {
|
||||
final StringBuilder sb = new StringBuilder();
|
||||
sb.append("--visible-vols=");
|
||||
|
||||
for (int i = 0; i < visibleVols.length; ++i) {
|
||||
if (i != 0) {
|
||||
sb.append(',');
|
||||
}
|
||||
sb.append(visibleVols[i]);
|
||||
}
|
||||
argsForZygote.add(sb.toString());
|
||||
}
|
||||
|
||||
argsForZygote.add(processClass);
|
||||
|
||||
if (extraArgs != null) {
|
||||
@@ -746,7 +780,8 @@ public class ZygoteProcess {
|
||||
result = startViaZygote(processClass, niceName, uid, gid,
|
||||
gids, runtimeFlags, 0 /* mountExternal */, 0 /* targetSdkVersion */, seInfo,
|
||||
abi, instructionSet, null /* appDataDir */, null /* invokeWith */,
|
||||
true /* startChildZygote */, null /* packageName */, extraArgs);
|
||||
true /* startChildZygote */, null /* packageName */,
|
||||
null /* packagesForUid */, null /* visibleVolumes */, extraArgs);
|
||||
} catch (ZygoteStartFailedEx ex) {
|
||||
throw new RuntimeException("Starting child-zygote through Zygote failed", ex);
|
||||
}
|
||||
|
||||
@@ -89,8 +89,13 @@ public abstract class StorageManagerInternal {
|
||||
* @param appId The appId for the given package.
|
||||
* @param sharedUserId The sharedUserId for given package if it specified
|
||||
* {@code android:sharedUserId} in the manifest, otherwise {@code null}
|
||||
* @param userId
|
||||
* @param userId The userId in which the storage needs to be mounted.
|
||||
*/
|
||||
public abstract void mountExternalStorageForApp(String packageName, int appId,
|
||||
String sharedUserId, int userId);
|
||||
|
||||
/**
|
||||
* @return Labels of storage volumes that are visible to the given userId.
|
||||
*/
|
||||
public abstract String[] getVisibleVolumesForUser(int userId);
|
||||
}
|
||||
|
||||
@@ -157,7 +157,7 @@ public class VolumeInfo implements Parcelable {
|
||||
public final DiskInfo disk;
|
||||
public final String partGuid;
|
||||
public int mountFlags = 0;
|
||||
public int mountUserId = -1;
|
||||
public int mountUserId = UserHandle.USER_NULL;
|
||||
@UnsupportedAppUsage
|
||||
public int state = STATE_UNMOUNTED;
|
||||
public String fsType;
|
||||
|
||||
Reference in New Issue
Block a user