From 8a3a6ffa865ab21b0575eda782700c8920faf566 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Mon, 31 Oct 2016 11:25:10 -0400 Subject: [PATCH] In MountEmulatedStorage() don't create a mount namespace unless actually mounting. When the zygote starts, it creates its own mount namespace in nativeUnmountStorageOnInit(). When the zygote forks a new process, unless the new process actually has permission to access emulated storage (and thus it needs to be mounted), there is no reason to create another new mount namespace in the child. This supports the WebView zygote, which does not have CAP_SYS_ADMIN to perform mount operations. But since it only forks isolated_app processes, which do not have access to storage, it does not need to handle mounting. Test: m checkbuild Test: angler boots Bug: 21643067 Change-Id: Ieb75cc3009ed26b7366213409d5fad836f597084 --- core/jni/com_android_internal_os_Zygote.cpp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp index 5202a98bc0301..3e111c01c1dac 100644 --- a/core/jni/com_android_internal_os_Zygote.cpp +++ b/core/jni/com_android_internal_os_Zygote.cpp @@ -297,12 +297,6 @@ static bool MountEmulatedStorage(uid_t uid, jint mount_mode, bool force_mount_namespace) { // See storage config details at http://source.android.com/tech/storage/ - // Create a second private mount namespace for our process - if (unshare(CLONE_NEWNS) == -1) { - ALOGW("Failed to unshare(): %s", strerror(errno)); - return false; - } - String8 storageSource; if (mount_mode == MOUNT_EXTERNAL_DEFAULT) { storageSource = "/mnt/runtime/default"; @@ -314,6 +308,13 @@ static bool MountEmulatedStorage(uid_t uid, jint mount_mode, // Sane default of no storage visible return true; } + + // Create a second private mount namespace for our process + if (unshare(CLONE_NEWNS) == -1) { + ALOGW("Failed to unshare(): %s", strerror(errno)); + return false; + } + if (TEMP_FAILURE_RETRY(mount(storageSource.string(), "/storage", NULL, MS_BIND | MS_REC | MS_SLAVE, NULL)) == -1) { ALOGW("Failed to mount %s to /storage: %s", storageSource.string(), strerror(errno));