vold: Stage the mounting of media to hide the ASEC imagefile directory

  In order to protect the '/android_secure' directory on VFAT removable media
from being mucked with by 3rd party applications on the device, we hide the
directory with a read-only, zero-sized tmpfs mounted on-top. A reference to the
hidden directory is kept by a bind-mount which is mounted at a location which
only root can access.

Staging consists of:
  1. Mount checked media at a secure location (/mnt/secure/staging)
  2. Ensure /android_secure exists on the media, (creating if it doesnt)
  3. Bind-mount /mnt/secure/staging/android_secure -> /mnt/secure/asec
     (where only root can access it)
  4. Mount an RDONLY zero-sized tmpfs over /mnt/secure/staging/android_secure
  5. Atomically move /mnt/secure/staging to the publicly accessable storage
     directory (/mnt/sdcard)

Signed-off-by: San Mehat <san@google.com>

1 files changed, 1 insertions, 1 deletions

diff --git a/CommandListener.cpp b/CommandListener.cpp
index f47d66c..9516a67 100644
--- a/CommandListener.cpp
+++ b/CommandListener.cpp
@@ -191,7 +191,7 @@ int CommandListener::AsecCmd::runCommand(SocketClient *cli,
     int rc = 0;
 
     if (!strcmp(argv[1], "list")) {
-        DIR *d = opendir("/sdcard/android_secure");
+        DIR *d = opendir(Volume::SEC_ASECDIR);
 
         if (!d) {
             cli->sendMsg(ResponseCode::OperationFailed, "Failed to open asec dir", true);