Allow execute on mounted ASEC and OBB containers
This allows us to place shared libraries in these containers which may
only be loaded if they are executable.
Change-Id: I78fa9ab6d5c58ec8b98c40004da72aebc0aade2a
diff --git a/Fat.cpp b/Fat.cpp
index 7a86aac..4754c66 100644
--- a/Fat.cpp
+++ b/Fat.cpp
@@ -93,14 +93,15 @@
}
int Fat::doMount(const char *fsPath, const char *mountPoint,
- bool ro, bool remount, int ownerUid, int ownerGid,
- int permMask, bool createLost) {
+ bool ro, bool remount, bool executable,
+ int ownerUid, int ownerGid, int permMask, bool createLost) {
int rc;
unsigned long flags;
char mountData[255];
- flags = MS_NODEV | MS_NOEXEC | MS_NOSUID | MS_DIRSYNC;
+ flags = MS_NODEV | MS_NOSUID | MS_DIRSYNC;
+ flags |= (executable ? 0 : MS_NOEXEC);
flags |= (ro ? MS_RDONLY : 0);
flags |= (remount ? MS_REMOUNT : 0);
diff --git a/Fat.h b/Fat.h
index f056090..e02d88c 100644
--- a/Fat.h
+++ b/Fat.h
@@ -22,8 +22,9 @@
class Fat {
public:
static int check(const char *fsPath);
- static int doMount(const char *fsPath, const char *mountPoint, bool ro,
- bool remount, int ownerUid, int ownerGid, int permMask,
+ static int doMount(const char *fsPath, const char *mountPoint,
+ bool ro, bool remount, bool executable,
+ int ownerUid, int ownerGid, int permMask,
bool createLost);
static int format(const char *fsPath, unsigned int numSectors);
};
diff --git a/Volume.cpp b/Volume.cpp
index f945b15..190b64b 100644
--- a/Volume.cpp
+++ b/Volume.cpp
@@ -323,7 +323,8 @@
* muck with it before exposing it to non priviledged users.
*/
errno = 0;
- if (Fat::doMount(devicePath, "/mnt/secure/staging", false, false, 1000, 1015, 0702, true)) {
+ if (Fat::doMount(devicePath, "/mnt/secure/staging", false, false, false,
+ 1000, 1015, 0702, true)) {
SLOGE("%s failed to mount via VFAT (%s)\n", devicePath, strerror(errno));
continue;
}
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index 2cdac70..231b308 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -431,7 +431,7 @@
}
}
- if (Fat::doMount(dmDevice, mountPoint, false, false, ownerUid,
+ if (Fat::doMount(dmDevice, mountPoint, false, false, false, ownerUid,
0, 0000, false)) {
SLOGE("ASEC FAT mount failed (%s)", strerror(errno));
if (cleanupDm) {
@@ -469,7 +469,7 @@
snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
// XXX:
- if (Fat::doMount(loopDevice, mountPoint, true, true, 0, 0, 0227, false)) {
+ if (Fat::doMount(loopDevice, mountPoint, true, true, true, 0, 0, 0227, false)) {
SLOGE("ASEC finalize mount failed (%s)", strerror(errno));
return -1;
}
@@ -779,7 +779,7 @@
}
}
- if (Fat::doMount(dmDevice, mountPoint, true, false, ownerUid, 0,
+ if (Fat::doMount(dmDevice, mountPoint, true, false, true, ownerUid, 0,
0222, false)) {
// 0227, false)) {
SLOGE("ASEC mount failed (%s)", strerror(errno));
@@ -884,7 +884,7 @@
}
}
- if (Fat::doMount(dmDevice, mountPoint, true, false, ownerUid, 0,
+ if (Fat::doMount(dmDevice, mountPoint, true, false, true, ownerUid, 0,
0227, false)) {
SLOGE("Image mount failed (%s)", strerror(errno));
if (cleanupDm) {