diff options
| author | Jeff Sharkey <jsharkey@android.com> | 2016-10-31 14:33:49 -0600 |
|---|---|---|
| committer | Abhisek Devkota <ciwrl@lineageos.org> | 2017-02-03 23:17:31 +0000 |
| commit | 012f0762275df7125358e8db352834af60495b43 (patch) | |
| tree | 9488c57511b12aff42543e1b3401924043e39227 | |
| parent | b144167b77155517639372713070556fbc510d81 (diff) | |
| download | frameworks_base-012f0762275df7125358e8db352834af60495b43.zip frameworks_base-012f0762275df7125358e8db352834af60495b43.tar.gz frameworks_base-012f0762275df7125358e8db352834af60495b43.tar.bz2 | |
Public volumes belong to a single user.
When a public (vfat) device is inserted, it's strongly associated
with the current foreground user, and no other users should be able
to access it, since otherwise that would be a cross-user data leak.
To use the device under a different user, switch users and then
eject/remount the device.
Test: verified user isolation of USB drive
Bug: 32523490
Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614
(cherry picked from commit 8b38d083c42e2706e1ff5a1410fa61d1f5dea3f5)
(cherry picked from commit 47e62b7fe6807a274ba760a8fecfd624fe792da9)
| -rw-r--r-- | packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java | 3 | ||||
| -rw-r--r-- | services/core/java/com/android/server/MountService.java | 9 |
2 files changed, 10 insertions, 2 deletions
diff --git a/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java b/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java index 46b73d8..f72832a 100644 --- a/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java +++ b/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java @@ -135,7 +135,8 @@ public class ExternalStorageProvider extends DocumentsProvider { final VolumeInfo privateVol = mStorageManager.findPrivateForEmulated(volume); title = mStorageManager.getBestVolumeDescription(privateVol); } - } else if (volume.getType() == VolumeInfo.TYPE_PUBLIC) { + } else if (volume.getType() == VolumeInfo.TYPE_PUBLIC + && volume.getMountUserId() == userId) { rootId = volume.getFsUuid(); title = mStorageManager.getBestVolumeDescription(volume); } else { diff --git a/services/core/java/com/android/server/MountService.java b/services/core/java/com/android/server/MountService.java index d539201..60d7428 100644 --- a/services/core/java/com/android/server/MountService.java +++ b/services/core/java/com/android/server/MountService.java @@ -169,6 +169,11 @@ class MountService extends IMountService.Stub } @Override + public void onSwitchUser(int userHandle) { + mMountService.mCurrentUserId = userHandle; + } + + @Override public void onStartUser(int userHandle) { mMountService.onStartUser(userHandle); } @@ -307,6 +312,8 @@ class MountService extends IMountService.Stub @GuardedBy("mLock") private String mMoveTargetUuid; + private volatile int mCurrentUserId = UserHandle.USER_OWNER; + private VolumeInfo findVolumeByIdOrThrow(String id) { synchronized (mLock) { final VolumeInfo vol = mVolumes.get(id); @@ -1193,7 +1200,7 @@ class MountService extends IMountService.Stub vol.mountFlags |= VolumeInfo.MOUNT_FLAG_VISIBLE; } - vol.mountUserId = UserHandle.USER_OWNER; + vol.mountUserId = mCurrentUserId; mHandler.obtainMessage(H_VOLUME_MOUNT, vol).sendToTarget(); } else if (vol.type == VolumeInfo.TYPE_PRIVATE) { |