Volume.cpp revision 2a5b8ce09b8836a8463ef9beaaff865c36ca5e6a
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <stdlib.h> 18#include <string.h> 19#include <dirent.h> 20#include <errno.h> 21#include <fcntl.h> 22 23#include <sys/types.h> 24#include <sys/stat.h> 25#include <sys/types.h> 26#include <sys/mman.h> 27#include <sys/mount.h> 28 29#include <linux/kdev_t.h> 30 31#include <cutils/properties.h> 32 33#include <diskconfig/diskconfig.h> 34 35#define LOG_TAG "Vold" 36 37#include <cutils/log.h> 38 39#include "Volume.h" 40#include "VolumeManager.h" 41#include "ResponseCode.h" 42#include "Fat.h" 43#include "Process.h" 44 45extern "C" void dos_partition_dec(void const *pp, struct dos_partition *d); 46extern "C" void dos_partition_enc(void *pp, struct dos_partition *d); 47 48 49/* 50 * Secure directory - stuff that only root can see 51 */ 52const char *Volume::SECDIR = "/mnt/secure"; 53 54/* 55 * Secure staging directory - where media is mounted for preparation 56 */ 57const char *Volume::SEC_STGDIR = "/mnt/secure/staging"; 58 59/* 60 * Path to the directory on the media which contains publicly accessable 61 * asec imagefiles. This path will be obscured before the mount is 62 * exposed to non priviledged users. 63 */ 64const char *Volume::SEC_STG_SECIMGDIR = "/mnt/secure/staging/.android_secure"; 65 66/* 67 * Path to where *only* root can access asec imagefiles 68 */ 69const char *Volume::SEC_ASECDIR = "/mnt/secure/asec"; 70 71/* 72 * Path to where secure containers are mounted 73 */ 74const char *Volume::ASECDIR = "/mnt/asec"; 75 76static const char *stateToStr(int state) { 77 if (state == Volume::State_Init) 78 return "Initializing"; 79 else if (state == Volume::State_NoMedia) 80 return "No-Media"; 81 else if (state == Volume::State_Idle) 82 return "Idle-Unmounted"; 83 else if (state == Volume::State_Pending) 84 return "Pending"; 85 else if (state == Volume::State_Mounted) 86 return "Mounted"; 87 else if (state == Volume::State_Unmounting) 88 return "Unmounting"; 89 else if (state == Volume::State_Checking) 90 return "Checking"; 91 else if (state == Volume::State_Formatting) 92 return "Formatting"; 93 else if (state == Volume::State_Shared) 94 return "Shared-Unmounted"; 95 else if (state == Volume::State_SharedMnt) 96 return "Shared-Mounted"; 97 else 98 return "Unknown-Error"; 99} 100 101Volume::Volume(VolumeManager *vm, const char *label, const char *mount_point) { 102 mVm = vm; 103 mLabel = strdup(label); 104 mMountpoint = strdup(mount_point); 105 mState = Volume::State_Init; 106 mCurrentlyMountedKdev = -1; 107} 108 109Volume::~Volume() { 110 free(mLabel); 111 free(mMountpoint); 112} 113 114dev_t Volume::getDiskDevice() { 115 return MKDEV(0, 0); 116}; 117 118void Volume::handleVolumeShared() { 119} 120 121void Volume::handleVolumeUnshared() { 122} 123 124int Volume::handleBlockEvent(NetlinkEvent *evt) { 125 errno = ENOSYS; 126 return -1; 127} 128 129void Volume::setState(int state) { 130 char msg[255]; 131 int oldState = mState; 132 133 if (oldState == state) { 134 LOGW("Duplicate state (%d)\n", state); 135 return; 136 } 137 138 mState = state; 139 140 LOGD("Volume %s state changing %d (%s) -> %d (%s)", mLabel, 141 oldState, stateToStr(oldState), mState, stateToStr(mState)); 142 snprintf(msg, sizeof(msg), 143 "Volume %s %s state changed from %d (%s) to %d (%s)", getLabel(), 144 getMountpoint(), oldState, stateToStr(oldState), mState, 145 stateToStr(mState)); 146 147 mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeStateChange, 148 msg, false); 149} 150 151int Volume::createDeviceNode(const char *path, int major, int minor) { 152 mode_t mode = 0660 | S_IFBLK; 153 dev_t dev = (major << 8) | minor; 154 if (mknod(path, mode, dev) < 0) { 155 if (errno != EEXIST) { 156 return -1; 157 } 158 } 159 return 0; 160} 161 162int Volume::formatVol() { 163 164 if (getState() == Volume::State_NoMedia) { 165 errno = ENODEV; 166 return -1; 167 } else if (getState() != Volume::State_Idle) { 168 errno = EBUSY; 169 return -1; 170 } 171 172 if (isMountpointMounted(getMountpoint())) { 173 LOGW("Volume is idle but appears to be mounted - fixing"); 174 setState(Volume::State_Mounted); 175 // mCurrentlyMountedKdev = XXX 176 errno = EBUSY; 177 return -1; 178 } 179 180 char devicePath[255]; 181 dev_t diskNode = getDiskDevice(); 182 dev_t partNode = MKDEV(MAJOR(diskNode), 1); // XXX: Hmmm 183 184 sprintf(devicePath, "/dev/block/vold/%d:%d", 185 MAJOR(diskNode), MINOR(diskNode)); 186 187 LOGI("Formatting volume %s (%s)", getLabel(), devicePath); 188 setState(Volume::State_Formatting); 189 190 if (initializeMbr(devicePath)) { 191 LOGE("Failed to initialize MBR (%s)", strerror(errno)); 192 goto err; 193 } 194 195 sprintf(devicePath, "/dev/block/vold/%d:%d", 196 MAJOR(partNode), MINOR(partNode)); 197 198 if (Fat::format(devicePath, 0)) { 199 LOGE("Failed to format (%s)", strerror(errno)); 200 goto err; 201 } 202 203 setState(Volume::State_Idle); 204 return 0; 205err: 206 return -1; 207} 208 209bool Volume::isMountpointMounted(const char *path) { 210 char device[256]; 211 char mount_path[256]; 212 char rest[256]; 213 FILE *fp; 214 char line[1024]; 215 216 if (!(fp = fopen("/proc/mounts", "r"))) { 217 LOGE("Error opening /proc/mounts (%s)", strerror(errno)); 218 return false; 219 } 220 221 while(fgets(line, sizeof(line), fp)) { 222 line[strlen(line)-1] = '\0'; 223 sscanf(line, "%255s %255s %255s\n", device, mount_path, rest); 224 if (!strcmp(mount_path, path)) { 225 fclose(fp); 226 return true; 227 } 228 229 } 230 231 fclose(fp); 232 return false; 233} 234 235int Volume::mountVol() { 236 dev_t deviceNodes[4]; 237 int n, i, rc = 0; 238 char errmsg[255]; 239 240 if (getState() == Volume::State_NoMedia) { 241 snprintf(errmsg, sizeof(errmsg), 242 "Volume %s %s mount failed - no media", 243 getLabel(), getMountpoint()); 244 mVm->getBroadcaster()->sendBroadcast( 245 ResponseCode::VolumeMountFailedNoMedia, 246 errmsg, false); 247 errno = ENODEV; 248 return -1; 249 } else if (getState() != Volume::State_Idle) { 250 errno = EBUSY; 251 return -1; 252 } 253 254 if (isMountpointMounted(getMountpoint())) { 255 LOGW("Volume is idle but appears to be mounted - fixing"); 256 setState(Volume::State_Mounted); 257 // mCurrentlyMountedKdev = XXX 258 return 0; 259 } 260 261 n = getDeviceNodes((dev_t *) &deviceNodes, 4); 262 if (!n) { 263 LOGE("Failed to get device nodes (%s)\n", strerror(errno)); 264 return -1; 265 } 266 267 for (i = 0; i < n; i++) { 268 char devicePath[255]; 269 270 sprintf(devicePath, "/dev/block/vold/%d:%d", MAJOR(deviceNodes[i]), 271 MINOR(deviceNodes[i])); 272 273 LOGI("%s being considered for volume %s\n", devicePath, getLabel()); 274 275 errno = 0; 276 setState(Volume::State_Checking); 277 278 if (Fat::check(devicePath)) { 279 if (errno == ENODATA) { 280 LOGW("%s does not contain a FAT filesystem\n", devicePath); 281 continue; 282 } 283 errno = EIO; 284 /* Badness - abort the mount */ 285 LOGE("%s failed FS checks (%s)", devicePath, strerror(errno)); 286 setState(Volume::State_Idle); 287 return -1; 288 } 289 290 /* 291 * Mount the device on our internal staging mountpoint so we can 292 * muck with it before exposing it to non priviledged users. 293 */ 294 errno = 0; 295 if (Fat::doMount(devicePath, "/mnt/secure/staging", false, false, 1000, 1015, 0702, true)) { 296 LOGE("%s failed to mount via VFAT (%s)\n", devicePath, strerror(errno)); 297 continue; 298 } 299 300 LOGI("Device %s, target %s mounted @ /mnt/secure/staging", devicePath, getMountpoint()); 301 302 if (createBindMounts()) { 303 LOGE("Failed to create bindmounts (%s)", strerror(errno)); 304 umount("/mnt/secure/staging"); 305 setState(Volume::State_Idle); 306 return -1; 307 } 308 309 /* 310 * Now that the bindmount trickery is done, atomically move the 311 * whole subtree to expose it to non priviledged users. 312 */ 313 if (doMoveMount("/mnt/secure/staging", getMountpoint(), false)) { 314 LOGE("Failed to move mount (%s)", strerror(errno)); 315 umount("/mnt/secure/staging"); 316 setState(Volume::State_Idle); 317 return -1; 318 } 319 setState(Volume::State_Mounted); 320 mCurrentlyMountedKdev = deviceNodes[i]; 321 return 0; 322 } 323 324 LOGE("Volume %s found no suitable devices for mounting :(\n", getLabel()); 325 setState(Volume::State_Idle); 326 327 return -1; 328} 329 330int Volume::createBindMounts() { 331 unsigned long flags; 332 333 /* 334 * Rename old /android_secure -> /.android_secure 335 */ 336 if (!access("/mnt/secure/staging/android_secure", R_OK | X_OK) && 337 access(SEC_STG_SECIMGDIR, R_OK | X_OK)) { 338 if (rename("/mnt/secure/staging/android_secure", SEC_STG_SECIMGDIR)) { 339 LOGE("Failed to rename legacy asec dir (%s)", strerror(errno)); 340 } 341 } 342 343 /* 344 * Ensure that /android_secure exists and is a directory 345 */ 346 if (access(SEC_STG_SECIMGDIR, R_OK | X_OK)) { 347 if (errno == ENOENT) { 348 if (mkdir(SEC_STG_SECIMGDIR, 0777)) { 349 LOGE("Failed to create %s (%s)", SEC_STG_SECIMGDIR, strerror(errno)); 350 return -1; 351 } 352 } else { 353 LOGE("Failed to access %s (%s)", SEC_STG_SECIMGDIR, strerror(errno)); 354 return -1; 355 } 356 } else { 357 struct stat sbuf; 358 359 if (stat(SEC_STG_SECIMGDIR, &sbuf)) { 360 LOGE("Failed to stat %s (%s)", SEC_STG_SECIMGDIR, strerror(errno)); 361 return -1; 362 } 363 if (!S_ISDIR(sbuf.st_mode)) { 364 LOGE("%s is not a directory", SEC_STG_SECIMGDIR); 365 errno = ENOTDIR; 366 return -1; 367 } 368 } 369 370 /* 371 * Bind mount /mnt/secure/staging/android_secure -> /mnt/secure/asec so we'll 372 * have a root only accessable mountpoint for it. 373 */ 374 if (mount(SEC_STG_SECIMGDIR, SEC_ASECDIR, "", MS_BIND, NULL)) { 375 LOGE("Failed to bind mount points %s -> %s (%s)", 376 SEC_STG_SECIMGDIR, SEC_ASECDIR, strerror(errno)); 377 return -1; 378 } 379 380 /* 381 * Mount a read-only, zero-sized tmpfs on <mountpoint>/android_secure to 382 * obscure the underlying directory from everybody - sneaky eh? ;) 383 */ 384 if (mount("tmpfs", SEC_STG_SECIMGDIR, "tmpfs", MS_RDONLY, "size=0,mode=000,uid=0,gid=0")) { 385 LOGE("Failed to obscure %s (%s)", SEC_STG_SECIMGDIR, strerror(errno)); 386 umount("/mnt/asec_secure"); 387 return -1; 388 } 389 390 return 0; 391} 392 393int Volume::doMoveMount(const char *src, const char *dst, bool force) { 394 unsigned int flags = MS_MOVE; 395 int retries = 5; 396 397 while(retries--) { 398 if (!mount(src, dst, "", flags, NULL)) { 399 LOGD("Moved mount %s -> %s sucessfully", src, dst); 400 return 0; 401 } else if (errno != EBUSY) { 402 LOGE("Failed to move mount %s -> %s (%s)", src, dst, strerror(errno)); 403 return -1; 404 } 405 int action = 0; 406 407 if (force) { 408 if (retries == 1) { 409 action = 2; // SIGKILL 410 } else if (retries == 2) { 411 action = 1; // SIGHUP 412 } 413 } 414 LOGW("Failed to move %s -> %s (%s, retries %d, action %d)", 415 src, dst, strerror(errno), retries, action); 416 Process::killProcessesWithOpenFiles(src, action); 417 usleep(1000*250); 418 } 419 420 errno = EBUSY; 421 LOGE("Giving up on move %s -> %s (%s)", src, dst, strerror(errno)); 422 return -1; 423} 424 425int Volume::doUnmount(const char *path, bool force) { 426 int retries = 10; 427 428 LOGD("Unmounting {%s}, force = %d", path, force); 429 while (retries--) { 430 if (!umount(path) || errno == EINVAL || errno == ENOENT) { 431 LOGI("%s sucessfully unmounted", path); 432 return 0; 433 } 434 435 int action = 0; 436 437 if (force) { 438 if (retries == 1) { 439 action = 2; // SIGKILL 440 } else if (retries == 2) { 441 action = 1; // SIGHUP 442 } 443 } 444 445 LOGW("Failed to unmount %s (%s, retries %d, action %d)", 446 path, strerror(errno), retries, action); 447 448 Process::killProcessesWithOpenFiles(path, action); 449 usleep(1000*1000); 450 } 451 errno = EBUSY; 452 LOGE("Giving up on unmount %s (%s)", path, strerror(errno)); 453 return -1; 454} 455 456int Volume::unmountVol(bool force) { 457 int i, rc; 458 459 if (getState() != Volume::State_Mounted) { 460 LOGE("Volume %s unmount request when not mounted", getLabel()); 461 errno = EINVAL; 462 return -1; 463 } 464 465 setState(Volume::State_Unmounting); 466 usleep(1000 * 1000); // Give the framework some time to react 467 468 /* 469 * First move the mountpoint back to our internal staging point 470 * so nobody else can muck with it while we work. 471 */ 472 if (doMoveMount(getMountpoint(), SEC_STGDIR, force)) { 473 LOGE("Failed to move mount %s => %s (%s)", getMountpoint(), SEC_STGDIR, strerror(errno)); 474 setState(Volume::State_Mounted); 475 return -1; 476 } 477 478 /* 479 * Unmount the tmpfs which was obscuring the asec image directory 480 * from non root users 481 */ 482 483 if (doUnmount(Volume::SEC_STG_SECIMGDIR, force)) { 484 LOGE("Failed to unmount tmpfs on %s (%s)", SEC_STG_SECIMGDIR, strerror(errno)); 485 goto fail_republish; 486 } 487 488 /* 489 * Remove the bindmount we were using to keep a reference to 490 * the previously obscured directory. 491 */ 492 493 if (doUnmount(Volume::SEC_ASECDIR, force)) { 494 LOGE("Failed to remove bindmount on %s (%s)", SEC_ASECDIR, strerror(errno)); 495 goto fail_remount_tmpfs; 496 } 497 498 /* 499 * Finally, unmount the actual block device from the staging dir 500 */ 501 if (doUnmount(Volume::SEC_STGDIR, force)) { 502 LOGE("Failed to unmount %s (%s)", SEC_STGDIR, strerror(errno)); 503 goto fail_recreate_bindmount; 504 } 505 506 LOGI("%s unmounted sucessfully", getMountpoint()); 507 508 setState(Volume::State_Idle); 509 mCurrentlyMountedKdev = -1; 510 return 0; 511 512 /* 513 * Failure handling - try to restore everything back the way it was 514 */ 515fail_recreate_bindmount: 516 if (mount(SEC_STG_SECIMGDIR, SEC_ASECDIR, "", MS_BIND, NULL)) { 517 LOGE("Failed to restore bindmount after failure! - Storage will appear offline!"); 518 goto out_nomedia; 519 } 520fail_remount_tmpfs: 521 if (mount("tmpfs", SEC_STG_SECIMGDIR, "tmpfs", MS_RDONLY, "size=0,mode=0,uid=0,gid=0")) { 522 LOGE("Failed to restore tmpfs after failure! - Storage will appear offline!"); 523 goto out_nomedia; 524 } 525fail_republish: 526 if (doMoveMount(SEC_STGDIR, getMountpoint(), force)) { 527 LOGE("Failed to republish mount after failure! - Storage will appear offline!"); 528 goto out_nomedia; 529 } 530 531 setState(Volume::State_Mounted); 532 return -1; 533 534out_nomedia: 535 setState(Volume::State_NoMedia); 536 return -1; 537} 538 539int Volume::initializeMbr(const char *deviceNode) { 540 struct disk_info dinfo; 541 542 memset(&dinfo, 0, sizeof(dinfo)); 543 544 if (!(dinfo.part_lst = (struct part_info *) malloc(MAX_NUM_PARTS * sizeof(struct part_info)))) { 545 LOGE("Failed to malloc prt_lst"); 546 return -1; 547 } 548 549 memset(dinfo.part_lst, 0, MAX_NUM_PARTS * sizeof(struct part_info)); 550 dinfo.device = strdup(deviceNode); 551 dinfo.scheme = PART_SCHEME_MBR; 552 dinfo.sect_size = 512; 553 dinfo.skip_lba = 2048; 554 dinfo.num_lba = 0; 555 dinfo.num_parts = 1; 556 557 struct part_info *pinfo = &dinfo.part_lst[0]; 558 559 pinfo->name = strdup("android_sdcard"); 560 pinfo->flags |= PART_ACTIVE_FLAG; 561 pinfo->type = PC_PART_TYPE_FAT32; 562 pinfo->len_kb = -1; 563 564 int rc = apply_disk_config(&dinfo, 0); 565 566 if (rc) { 567 LOGE("Failed to apply disk configuration (%d)", rc); 568 goto out; 569 } 570 571 out: 572 free(pinfo->name); 573 free(dinfo.device); 574 free(dinfo.part_lst); 575 576 return rc; 577} 578