Merge "Revert "Revert "Do not mount whitelisted package in storage data and obb dirs""" into rvc-dev am: afef06a0f6 am: 216018145e am: 453e2b4177 am: 7501351e3e
Change-Id: Iff6bbcba909c6b489a0524ab1f3d86dd3ddd3aab
This commit is contained in:
TreeHugger Robot
@@ -205,9 +205,15 @@ public final class Zygote {
|
||||
/** List of packages with the same uid, and its app data info: volume uuid and inode. */
|
||||
public static final String PKG_DATA_INFO_MAP = "--pkg-data-info-map";
|
||||
|
||||
/** List of whitelisted packages and its app data info: volume uuid and inode. */
|
||||
public static final String WHITELISTED_DATA_INFO_MAP = "--whitelisted-data-info-map";
|
||||
|
||||
/** Bind mount app storage dirs to lower fs not via fuse */
|
||||
public static final String BIND_MOUNT_APP_STORAGE_DIRS = "--bind-mount-storage-dirs";
|
||||
|
||||
/** Bind mount app storage dirs to lower fs not via fuse */
|
||||
public static final String BIND_MOUNT_APP_DATA_DIRS = "--bind-mount-data-dirs";
|
||||
|
||||
/**
|
||||
* An extraArg passed when a zygote process is forking a child-zygote, specifying a name
|
||||
* in the abstract socket namespace. This socket name is what the new child zygote
|
||||
@@ -313,6 +319,8 @@ public final class Zygote {
|
||||
* @param isTopApp true if the process is for top (high priority) application.
|
||||
* @param pkgDataInfoList A list that stores related packages and its app data
|
||||
* info: volume uuid and inode.
|
||||
* @param whitelistedDataInfoList Like pkgDataInfoList, but it's for whitelisted apps.
|
||||
* @param bindMountAppDataDirs True if the zygote needs to mount data dirs.
|
||||
* @param bindMountAppStorageDirs True if the zygote needs to mount storage dirs.
|
||||
*
|
||||
* @return 0 if this is the child, pid of the child
|
||||
@@ -321,13 +329,15 @@ public final class Zygote {
|
||||
static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags,
|
||||
int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose,
|
||||
int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir,
|
||||
boolean isTopApp, String[] pkgDataInfoList, boolean bindMountAppStorageDirs) {
|
||||
boolean isTopApp, String[] pkgDataInfoList, String[] whitelistedDataInfoList,
|
||||
boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs) {
|
||||
ZygoteHooks.preFork();
|
||||
|
||||
int pid = nativeForkAndSpecialize(
|
||||
uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose,
|
||||
fdsToIgnore, startChildZygote, instructionSet, appDataDir, isTopApp,
|
||||
pkgDataInfoList, bindMountAppStorageDirs);
|
||||
pkgDataInfoList, whitelistedDataInfoList, bindMountAppDataDirs,
|
||||
bindMountAppStorageDirs);
|
||||
if (pid == 0) {
|
||||
// Note that this event ends at the end of handleChildProc,
|
||||
Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork");
|
||||
@@ -344,6 +354,7 @@ public final class Zygote {
|
||||
int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,
|
||||
int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet,
|
||||
String appDataDir, boolean isTopApp, String[] pkgDataInfoList,
|
||||
String[] whitelistedDataInfoList, boolean bindMountAppDataDirs,
|
||||
boolean bindMountAppStorageDirs);
|
||||
|
||||
/**
|
||||
@@ -371,15 +382,19 @@ public final class Zygote {
|
||||
* volume uuid and CE dir inode. For example, pkgDataInfoList = [app_a_pkg_name,
|
||||
* app_a_data_volume_uuid, app_a_ce_inode, app_b_pkg_name, app_b_data_volume_uuid,
|
||||
* app_b_ce_inode, ...];
|
||||
* @param whitelistedDataInfoList Like pkgDataInfoList, but it's for whitelisted apps.
|
||||
* @param bindMountAppDataDirs True if the zygote needs to mount data dirs.
|
||||
* @param bindMountAppStorageDirs True if the zygote needs to mount storage dirs.
|
||||
*/
|
||||
private static void specializeAppProcess(int uid, int gid, int[] gids, int runtimeFlags,
|
||||
int[][] rlimits, int mountExternal, String seInfo, String niceName,
|
||||
boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,
|
||||
String[] pkgDataInfoList, boolean bindMountAppStorageDirs) {
|
||||
String[] pkgDataInfoList, String[] whitelistedDataInfoList,
|
||||
boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs) {
|
||||
nativeSpecializeAppProcess(uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo,
|
||||
niceName, startChildZygote, instructionSet, appDataDir, isTopApp,
|
||||
pkgDataInfoList, bindMountAppStorageDirs);
|
||||
pkgDataInfoList, whitelistedDataInfoList,
|
||||
bindMountAppDataDirs, bindMountAppStorageDirs);
|
||||
|
||||
// Note that this event ends at the end of handleChildProc.
|
||||
Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork");
|
||||
@@ -399,7 +414,8 @@ public final class Zygote {
|
||||
private static native void nativeSpecializeAppProcess(int uid, int gid, int[] gids,
|
||||
int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName,
|
||||
boolean startChildZygote, String instructionSet, String appDataDir, boolean isTopApp,
|
||||
String[] pkgDataInfoList, boolean bindMountAppStorageDirs);
|
||||
String[] pkgDataInfoList, String[] whitelistedDataInfoList,
|
||||
boolean bindMountAppDataDirs, boolean bindMountAppStorageDirs);
|
||||
|
||||
/**
|
||||
* Called to do any initialization before starting an application.
|
||||
@@ -724,7 +740,8 @@ public final class Zygote {
|
||||
args.mRuntimeFlags, rlimits, args.mMountExternal,
|
||||
args.mSeInfo, args.mNiceName, args.mStartChildZygote,
|
||||
args.mInstructionSet, args.mAppDataDir, args.mIsTopApp,
|
||||
args.mPkgDataInfoList, args.mBindMountAppStorageDirs);
|
||||
args.mPkgDataInfoList, args.mWhitelistedDataInfoList,
|
||||
args.mBindMountAppDataDirs, args.mBindMountAppStorageDirs);
|
||||
|
||||
Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER);
|
||||
|
||||
|
||||
@@ -226,11 +226,22 @@ class ZygoteArguments {
|
||||
*/
|
||||
String[] mPkgDataInfoList;
|
||||
|
||||
/**
|
||||
* A list that stores all whitelisted app data info: volume uuid and inode.
|
||||
* Null if it does need to do app data isolation.
|
||||
*/
|
||||
String[] mWhitelistedDataInfoList;
|
||||
|
||||
/**
|
||||
* @see Zygote#BIND_MOUNT_APP_STORAGE_DIRS
|
||||
*/
|
||||
boolean mBindMountAppStorageDirs;
|
||||
|
||||
/**
|
||||
* @see Zygote#BIND_MOUNT_APP_DATA_DIRS
|
||||
*/
|
||||
boolean mBindMountAppDataDirs;
|
||||
|
||||
/**
|
||||
* Constructs instance and parses args
|
||||
*
|
||||
@@ -452,8 +463,12 @@ class ZygoteArguments {
|
||||
}
|
||||
} else if (arg.startsWith(Zygote.PKG_DATA_INFO_MAP)) {
|
||||
mPkgDataInfoList = getAssignmentList(arg);
|
||||
} else if (arg.startsWith(Zygote.WHITELISTED_DATA_INFO_MAP)) {
|
||||
mWhitelistedDataInfoList = getAssignmentList(arg);
|
||||
} else if (arg.equals(Zygote.BIND_MOUNT_APP_STORAGE_DIRS)) {
|
||||
mBindMountAppStorageDirs = true;
|
||||
} else if (arg.equals(Zygote.BIND_MOUNT_APP_DATA_DIRS)) {
|
||||
mBindMountAppDataDirs = true;
|
||||
} else {
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -258,7 +258,8 @@ class ZygoteConnection {
|
||||
parsedArgs.mRuntimeFlags, rlimits, parsedArgs.mMountExternal, parsedArgs.mSeInfo,
|
||||
parsedArgs.mNiceName, fdsToClose, fdsToIgnore, parsedArgs.mStartChildZygote,
|
||||
parsedArgs.mInstructionSet, parsedArgs.mAppDataDir, parsedArgs.mIsTopApp,
|
||||
parsedArgs.mPkgDataInfoList, parsedArgs.mBindMountAppStorageDirs);
|
||||
parsedArgs.mPkgDataInfoList, parsedArgs.mWhitelistedDataInfoList,
|
||||
parsedArgs.mBindMountAppDataDirs, parsedArgs.mBindMountAppStorageDirs);
|
||||
|
||||
try {
|
||||
if (pid == 0) {
|
||||
|
||||
Reference in New Issue
Block a user