diff options
| author | Kenny Root <kroot@google.com> | 2012-04-03 17:23:01 -0700 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2012-04-25 14:15:15 -0700 |
| commit | 344ca10856f3d3087a3288ce8f91ad83665d93fb (patch) | |
| tree | d1ec4676e989c5dde66eb001a0197caa0a6886da /Volume.cpp | |
| parent | 8cd47b4c3bd811d1f94fd262db6031d4469ee121 (diff) | |
| download | system_vold-344ca10856f3d3087a3288ce8f91ad83665d93fb.zip system_vold-344ca10856f3d3087a3288ce8f91ad83665d93fb.tar.gz system_vold-344ca10856f3d3087a3288ce8f91ad83665d93fb.tar.bz2 | |
Add in ext4 support for ASEC containers
Now forward locked applications will be in ASEC containers both internal
to the system and externally.
This change adds support for putting applications in ext4-based ASECs.
Change-Id: I8d6765b72dd2606e429c067b47a2dbcaa8bef37d
Diffstat (limited to 'Volume.cpp')
| -rw-r--r-- | Volume.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
@@ -69,11 +69,15 @@ const char *Volume::SEC_STGDIR = "/mnt/secure/staging"; const char *Volume::SEC_STG_SECIMGDIR = "/mnt/secure/staging/.android_secure"; /* - * Path to where *only* root can access asec imagefiles + * Path to external storage where *only* root can access ASEC image files */ -const char *Volume::SEC_ASECDIR = "/mnt/secure/asec"; +const char *Volume::SEC_ASECDIR_EXT = "/mnt/secure/asec"; /* + * Path to internal storage where *only* root can access ASEC image files + */ +const char *Volume::SEC_ASECDIR_INT = "/data/app-asec"; +/* * Path to where secure containers are mounted */ const char *Volume::ASECDIR = "/mnt/asec"; @@ -504,9 +508,9 @@ int Volume::createBindMounts() { * Bind mount /mnt/secure/staging/android_secure -> /mnt/secure/asec so we'll * have a root only accessable mountpoint for it. */ - if (mount(SEC_STG_SECIMGDIR, SEC_ASECDIR, "", MS_BIND, NULL)) { + if (mount(SEC_STG_SECIMGDIR, SEC_ASECDIR_EXT, "", MS_BIND, NULL)) { SLOGE("Failed to bind mount points %s -> %s (%s)", - SEC_STG_SECIMGDIR, SEC_ASECDIR, strerror(errno)); + SEC_STG_SECIMGDIR, SEC_ASECDIR_EXT, strerror(errno)); return -1; } @@ -630,8 +634,8 @@ int Volume::unmountVol(bool force, bool revert) { * the previously obscured directory. */ - if (doUnmount(Volume::SEC_ASECDIR, force)) { - SLOGE("Failed to remove bindmount on %s (%s)", SEC_ASECDIR, strerror(errno)); + if (doUnmount(Volume::SEC_ASECDIR_EXT, force)) { + SLOGE("Failed to remove bindmount on %s (%s)", SEC_ASECDIR_EXT, strerror(errno)); goto fail_remount_tmpfs; } @@ -663,7 +667,7 @@ int Volume::unmountVol(bool force, bool revert) { * Failure handling - try to restore everything back the way it was */ fail_recreate_bindmount: - if (mount(SEC_STG_SECIMGDIR, SEC_ASECDIR, "", MS_BIND, NULL)) { + if (mount(SEC_STG_SECIMGDIR, SEC_ASECDIR_EXT, "", MS_BIND, NULL)) { SLOGE("Failed to restore bindmount after failure! - Storage will appear offline!"); goto out_nomedia; } |