summaryrefslogtreecommitdiffstats
path: root/sdcard
Commit message (Collapse)AuthorAgeFilesLines
* Use bionic's <linux/fuse.h>.Elliott Hughes2014-05-072-594/+15
| | | | | | No need for an out-of-date copy of a uapi header. Change-Id: Iec68c6ceb2bceca1ceef0c57e0b45a89a139e292
* Handle FUSE_FSYNCDIR as FUSE_FSYNCDaisuke Okitsu2014-02-191-2/+2
| | | | | | | | There have been issues with sdcard data corruption even after successfully calling fsync for /sdcard. This is caused by the sdcard daemon doing nothing in this case. Change-Id: I48149ceabdac79ac535b35c2598bb1fbb5410883
* sdcard: direct I/O file access write buffer alignmentArpad Horvath2014-02-181-0/+6
| | | | | | | | | It is not enough to align the read buffer only, because consequent writes might still fail with EINVAL. The write buffer should be also aligned according to the write(2) manual page. Change-Id: I7547dec5208732c56f4466c1b0c88f36dabacf5b
* sdcard: direct I/O file access fixArpad Horvath2014-02-141-4/+5
| | | | | | | | | | If a file is opened in direct I/O mode (with O_DIRECT flag), the read buffer addess must be aligned to memory page size boundary. The Direct I/O is not needed for normal files, however, some special hardware access (e.g. smart SD cards) will not work without it. Change-Id: I42babeee86dba1880fd23e2592fddd7060da3e20
* system/core LP64 cleanup.Elliott Hughes2014-02-051-5/+5
| | | | | | | Fixes -Wint-to-pointer and -Wpointer-to-int warnings, plus various -Wformat warnings. Change-Id: I6c5eea6b4273d82d28b8e5d2925f3e5457511b17
* Set GID required to write, media_rw mount point.Jeff Sharkey2013-10-081-13/+16
| | | | | | | | | | | | | Add sdcard FUSE daemon flag to specify the GID required for a package to have write access. Normally sdcard_rw, but it will be media_rw for secondary external storage devices, so DefaultContainerService can still clean up package directories after uninstall. Create /mnt/media_rw which is where vold will mount raw secondary external storage devices before wrapping them in a FUSE instance. Bug: 10330128, 10330229 Change-Id: I4385c36fd9035cdf56892aaf7b36ef4b81f4418a
* Remove mkdir() side effect, add .nomedia, utils.Jeff Sharkey2013-09-201-51/+59
| | | | | | | | | | | | | | | | | Before this change, FUSE lookup() would have the side effect of creating the directory on behalf of apps. This resulted in most directories being created just by Settings trying to measure disk space. Instead, we're switching to have vold do directory creation when an app doesn't have enough permissions. Create fs_mkdirs() utility to create all parent directories in a path as needed. Allow traversal (+x) into /storage directories. Fix FUSE derived permissions to be case insensitive. Mark well-known directories as .nomedia when created. Bug: 10577808, 10330221 Change-Id: I53114f2e63ffbe6de4ba6a72d94a232523231cad
* Only check caller when deriving permissions.Jeff Sharkey2013-08-301-0/+5
| | | | | Bug: 10547597 Change-Id: Ied909f9047c2567e93dde0f4658d6e4b9ff161ab
* Fix recursive locking bug.Jeff Sharkey2013-08-301-21/+36
| | | | | | | | | handle_rename() would end up acquiring the lock twice. Change to always derive has_rw inside earlier locks (instead of acquiring a second time), and pass the value into check_caller_access_to_name(). Bug: 10547597 Change-Id: If5744d6d226a4785676c19d0f7fdf1c05060ed76
* Merge "Fix handle_opendir() in the sdcard daemon" into klp-devKen Sumrall2013-08-151-0/+2
|\
| * Fix handle_opendir() in the sdcard daemonKen Sumrall2013-08-141-0/+2
| | | | | | | | | | | | | | | | | | | | The fuse_open_out structure returned to the kernel by handle_opendir() was not properly initializing all the fields. The symptom was recursive ls (ls -R) failing on the emulated sdcard filesystem, because rewinddir(3) was failing with ESPIPE. Bug: 7168594 Change-Id: I56ddfd3453e6aac34fe6e001e88c4c46fb2eb271
* | Add legacy layout support to FUSE, enforce write.Jeff Sharkey2013-08-141-67/+263
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The legacy internal layout places users at the top-level of the filesystem, so handle with new PERM_LEGACY_PRE_ROOT when requested. Mirror single OBB directory between all users without requiring fancy bind mounts by letting a nodes graft in another part of the underlying tree. Move to everything having "sdcard_r" GID by default, and verify that calling apps hold "sdcard_rw" when performing mutations. Determines app group membership from new packages.list column. Flag to optionally enable sdcard_pics/sdcard_av permissions splitting. Flag to supply a default GID for all files. Ignore attempts to access security sensitive files. Fix run-as to check for new "package_info" GID. Change-Id: Id5f3680779109141c65fb8fa1daf56597f49ea0d
* | Richer SD card permissions through FUSE.Jeff Sharkey2013-08-082-57/+371
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes the FUSE daemon to synthesize an Android-specific set of filesystem permissions, even when the underlying media storage is permissionless. This is designed to support several features: First, apps can access their own files in /Android/data/com.example/ without requiring any external storage permissions. This is enabled by allowing o+x on parent directories, and assigning the UID owner based on the directory name (package name). The mapping from package to appId is parsed from packages.list, which is updated when apps are added/removed. Changes are observed through inotify. It creates missing package name directories when requested and valid. Second, support for separate permissions for photos and audio/video content on the device through new GIDs which are assigned based on top-level directory names. Finally, support for multi-user separation on the same physical media through new /Android/user/ directory, which will be bind-mounted into place. It recursively applies the above rules to each secondary user. rwxrwx--x root:sdcard_rw / rwxrwx--- root:sdcard_pics /Pictures rwxrwx--- root:sdcard_av /Music rwxrwx--x root:sdcard_rw /Android rwxrwx--x root:sdcard_rw /Android/data rwxrwx--- u0_a12:sdcard_rw /Android/data/com.example rwxrwx--x root:sdcard_rw /Android/obb/ rwxrwx--- u0_a12:sdcard_rw /Android/obb/com.example rwxrwx--- root:sdcard_all /Android/user rwxrwx--x root:sdcard_rw /Android/user/10 rwxrwx--- u10_a12:sdcard_rw /Android/user/10/Android/data/com.example These derived permissions are disabled by default. Switched option parsing to getopt(). Change-Id: I21bf5d79d13f0f07a6a116122b16395f4f97505b
* Raise the max file open limit in sdcardKen Sumrall2013-02-111-0/+9
| | | | | | | | | | | | The default is 1024 files, and in some testing, the limit has been hit. This raises the limit to 8192. Going higher starts to cause performance issues (I started to notice that around 16K open files in my testing) as sdcard does linear searches. If a higher max is needed, then the sdcard daemon will need some optimizations. Bug: 7442187 Change-Id: I7aba7f4556ed70651f36244294a6756f3d6b8963
* resolved conflicts for merge of 2237ca4c to jb-mr1-devJean-Baptiste Queru2012-08-151-5/+17
|\ | | | | | | Change-Id: I04982ff2b092274b940a621b238c2246349aa85e
| * Fixing signed/unsigned comparison warningsEdwin Vane2012-08-141-22/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | Clang turned up some signed/unsigned comparison warnings. These warnings have been fixed by cleaning up sdcard slightly: - Don't use negative numbers for invalid gid/uid. - sdcard takes a fixed number of arguments now so assert on that instead of using a for loop. - Also fixed usage string to reflect this fact. Change-Id: Iee58a8e9aaedb3d40ad7dfeef63d8cd1fe1cd248 Author: Edwin Vane <edwin.vane@intel.com> Reviewed-by: Kevin P Schoedel <kevin.p.schoedel@intel.com>
* | Source and destination paths for sdcard.Jeff Sharkey2012-08-131-23/+25
| | | | | | | | | | | | | | | | Enables init.rc to provide both paths, instead of hard-coding the destination. Bug: 6925012 Change-Id: I666cde710baad965b98619b68fcbcbb104973da3
* | Make sdcard daemon multi-threaded.Jeff Brown2012-06-042-595/+638
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The essential idea here is that a handler thread only needs to hold a lock on the global node table while it is manipulating nodes. The actual I/O operation is then performed without holding any locks. By default, we use 2 threads but this can be configured on the command-line. Work is sheduled somewhat arbitrarily by the handler threads. Whichever thread happens to read() the next request first wins the right process it. This policy is very simple but potentially wastes threads when there isn't much work to be done. We can always improve this later if needed. Change-Id: Id27a27c2c9b40d4f8e35a6bef9dd84f0dfacf337
* | Refactor request opcode handlers.Jeff Brown2012-06-041-329/+513
| | | | | | | | | | | | | | This is mostly a structural change. The handlers have been moved into individual functions, which will help with upcoming changes. Change-Id: I774739d859e177d6b5d4186d2771444166b734fa
* | Move buffers into a handler structure.Jeff Brown2012-06-041-34/+57
| | | | | | | | | | | | | | Also use PATH_MAX instead of PATH_BUFFER to determine the maximum path length. Change-Id: Ic78f731d339a2a97766d29d222dd27cac4e620ce
* | Implement FUSE_FSYNC request.Jeff Brown2012-06-041-1/+15
| | | | | | | | | | | | | | | | This request is needed for application correctness, without which data corruption may result. Bug: 6488845 Change-Id: I3d676c2e40f6e6b37d5d270c7cb40f1bf8c1fa47
* | More code cleanup.Jeff Brown2012-06-041-56/+93
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use constants to specify MAX_READ and MAX_WRITE buffer sizes and use that to determine the size of the buffers that we need. Be more careful about how the request header and data payload are extracted. For example, the old code did len -= hdr->len, but since len == hdr->len, this value was always 0. It turns out we didn't use len thereafter, but we might want to for sanity checking incoming requests. Use const to make it clearer what data is coming out of the request. Removed spurious error reply from FUSE_WRITE. It serves no purpose and is ignored by the kernel. Bug: 6488845 Change-Id: Ia328532979868f0aaea43744a49662f2f4511bfe
* | Code cleanup.Jeff Brown2012-06-041-45/+63
|/ | | | | | | | | Removed references to unsupported command-line arguments. Fixed compiler warnings. Bug: 6488845 Change-Id: I50cb865609ea0fa5824ae2741b831cd886033055
* sdcard: use FUSE_BIG_WRITES for FUSE writesSundar Raman2012-05-011-2/+2
| | | | | | | | | | Slightly optimizes the writes used by sdcard to increase throughput and decrease cpu load. Update the read size to 256 x 1024 + 128 from current 8192 bytes since writes can go as high as that. Change-Id: I3bad425f31d4aa6f44f546e3d31439fd5bdca9ea Signed-off-by: Sundar Raman <sunds@ti.com>
* Migrate emulated SD card to /storage/sdcard.Jeff Sharkey2012-04-091-2/+2
| | | | | Bug: 6131916 Change-Id: Iab4d2a36b1dd979f7a9a0583d51dca3c5e38e681
* Fix returning errno values which should be negative.Yuncheol Heo2011-07-221-3/+3
| | | | Change-Id: Id6464b127678ca1d9f4afa7c99fcfce361f4ad4a
* am b26662c0: am c3e69903: am 97919656: Add support for the utime(2) family ↵Ken Sumrall2011-03-241-2/+35
|\ | | | | | | | | | | | | of system calls to the sdcard fuse filesystem. * commit 'b26662c0a2876767b2c06cb740f07b1010f91548': Add support for the utime(2) family of system calls to the sdcard fuse filesystem.
| * Add support for the utime(2) family of system calls to the sdcard fuse ↵Ken Sumrall2011-03-241-2/+35
| | | | | | | | | | | | | | | | | | | | filesystem. Add support for the utime(2) family of system calls to change the modify and access time of files. Requires an updated bionic with support for the utimensat(2) system call. Change-Id: I8cc0c0e6671c5708849752f47e4c3d4be2858b61
* | Fix uninitialized variable bug in sdcard emulatorTerry Heo (Woncheol)2011-03-161-7/+1
|/ | | | | | | | | - Following members were not initialized in fuse_init(). fuse->root.actual_name fuse->root.gen - Initialize fuse->root with memset(). Change-Id: I4bce754ace608b526961f59049b2d780fd99756f
* sdcard: Fix readdir implementation so rewinddir will work correctlyMike Lockwood2011-01-251-1/+7
| | | | | | | | | Fixes problem with "ls -R" in /mnt/sdcard BUG: 3309556 Change-Id: Ie2246585439116de3cb40f4005f3b44a0439f54c Signed-off-by: Mike Lockwood <lockwood@android.com>
* sdcard: Remove lower case squashing of file namesMike Lockwood2011-01-231-110/+106
| | | | | | | | | | sdcard daemon will now create new files and directories using the actual name passed in by the client. For existing files, sdcard will do case insensitive matching when case sensitive lookup fails. Change-Id: I89f995ea01beb2c63a9b36943dbcfaa16e7cd972 Signed-off-by: Mike Lockwood <lockwood@android.com>
* sdcard: Fix lower case squashing for case insensitivity support.Mike Lockwood2011-01-171-21/+10
| | | | | | | | | | | | | | | | | | | | | | The fuse layer in the kernel does not support case insensitive file systems. But the sdcard daemon's fuse_lookup was returning the same file object for different file names, which caused problems in the kernel fuse layer's dcache, resulting in EBUSY errors if the same directory was opened twice under different names differing only by case. To fix this, the sdcard daemon will return different file objects for files or directories that differ only by case. Now the squashing occurs only in the interaction between the sdcard daemon and the underlying file system in /data/media, and sdcard maintains the illusion for the kernel fuse layer that there are two separate files. Example: Suppose both /mnt/sdcard/foo.txt and /mnt/sdcard/FOO.TXT are opened. Previously, the sdcard would squash this to a single node, and return the same node to the kernel fuse implementation twice, and would open the underlying file /data/media/foo.txt only once. Now sdcard will create two separate nodes will open /data/media/foo.txt twice, once for mnt/sdcard/foo.txt and again for /mnt/sdcard/FOO.TXT. Change-Id: I70e36b7822142750d3eeeb75edd6464ec7c79f2a Signed-off-by: Mike Lockwood <lockwood@android.com>
* sdcard: Have the -f option fix user/group permissions as well as file name caseMike Lockwood2011-01-131-12/+14
| | | | | Change-Id: I280ded6ce79fb11752c89ebafa663d7ee29edebc Signed-off-by: Mike Lockwood <lockwood@android.com>
* sdcard: Add command line options for lowercase file name squashing:Mike Lockwood2011-01-121-16/+119
| | | | | | | | -l squash all file names to lower case when creating new files -f rename existing files to make them lower case Change-Id: I3245deb690228cf577bdc9bd4b0fcf0306ea3e16 Signed-off-by: Mike Lockwood <lockwood@android.com>
* sdcard: Force file names to lower case in order to provide case insensitivityMike Lockwood2011-01-121-0/+21
| | | | | Change-Id: I2cdb12c7e296e1c28b66e32c7037dce060eecd67 Signed-off-by: Mike Lockwood <lockwood@android.com>
* Use pread64/pwrite64 instead of pread/pwriteKenny Root2011-01-111-2/+2
| | | | | | | | | >2GB files were failing strangely when pread was used instead of pread64. Also writing to files should use pwrite64 in case they grow over 2GB. Bug: 3205336 Change-Id: I0c9619de35680093d7777ca132ce488eae502216
* Fix refcounting in the rename case.Paul Eastham2011-01-041-3/+13
| | | | Change-Id: I59dbac8c92bda450e6d89f7f180241fd4b5bbae6
* Properly reflect RENAME ops in FUSE internal statePaul Eastham2010-10-141-23/+82
| | | | | | | | | In response to a RENAME, we actually need to rename and move the virtual node. To support this, filenames are now allocated separately, as reallocing the whole node to accommodate a longer filename would break the direct mapping of fhs and inodes to fuse pointers. Change-Id: I71e5a965f875dedc5f58f9d182156734b29ca179
* Partially implement SETATTR for sdcard/FUSEPaul Eastham2010-09-241-2/+20
| | | | | | | | Handle truncate cases within SETATTR so that truncate() and ftruncate() call will work. Change-Id: I5a9862dcaa6ca7b5e9115cb5d3bfed88787fa7ac Signed-off-by: Paul Eastham <eastham@google.com>
* sdcard: Add support for the O_TRUNC open() flagMike Lockwood2010-08-201-1/+1
| | | | | | | BUG: 2935163 Change-Id: I9f76b24147b2f87ddb7869bb72baac03e86ef7e6 Signed-off-by: Mike Lockwood <lockwood@android.com>
* sdcard: Implement statfs, stat time values and change mount point to /mnt/sdcardMike Lockwood2010-08-161-5/+36
| | | | | Change-Id: Iac2c4ec47af7d47d76a82916866ad36782caf25c Signed-off-by: Mike Lockwood <lockwood@android.com>
* fix up permissionsBrian Swetland2010-08-121-3/+15
| | | | Change-Id: I93c828ebc755ad2a2055066c8af65dfde7dc7b2e
* sdcard: a program to create a "virtual" /sdcard pointed at a pathBrian Swetland2010-08-123-0/+1340
sdcard is a program that uses FUSE to emulate FAT-on-sdcard style directory permissions (all files are given fixed owner, group, and permissions at creation, owner, group, and permissions are not changeable, symlinks and hardlinks are not createable, etc. usage: sdcard <path> <uid> <gid> It must be run as root, but will change to uid/gid as soon as it mounts a filesystem on /sdcard. It will refuse to run if uid or gid are zero. Change-Id: I9a5d2e5daaebeee632f8470172cbb77b7fa689f8 Signed-off-by: Brian Swetland <swetland@google.com>