Prevent sharing or formatting of a vold managed volumes during encryption.

Mounting was already not allowed, but also unshare before starting
encryption, and don't allow sharing or formatting to be initiated
during encrytion.

Change-Id: Ida188d81f025739ba4dd90492b3e66088735991e

diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index c1406a9..0f04a06 100644 (file)
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -62,6 +62,7 @@ VolumeManager::VolumeManager() {
     mSavedDirtyRatio = -1;
     // set dirty ratio to 0 when UMS is active
     mUmsDirtyRatio = 0;
+    mVolManagerDisabled = 0;
 }
 
 VolumeManager::~VolumeManager() {
@@ -168,6 +169,11 @@ int VolumeManager::formatVolume(const char *label) {
         return -1;
     }
 
+    if (mVolManagerDisabled) {
+        errno = EBUSY;
+        return -1;
+    }
+
     return v->formatVol();
 }
 
@@ -940,6 +946,11 @@ int VolumeManager::shareVolume(const char *label, const char *method) {
         return -1;
     }
 
+    if (mVolManagerDisabled) {
+        errno = EBUSY;
+        return -1;
+    }
+
     dev_t d = v->getShareDevice();
     if ((MAJOR(d) == 0) && (MINOR(d) == 0)) {
         // This volume does not support raw disk access
@@ -1030,8 +1041,10 @@ int VolumeManager::unshareVolume(const char *label, const char *method) {
     return 0;
 }
 
-extern "C" int vold_unmountVol(const char *label) {
+extern "C" int vold_disableVol(const char *label) {
     VolumeManager *vm = VolumeManager::Instance();
+    vm->disableVolumeManager();
+    vm->unshareVolume(label, "ums");
     return vm->unmountVolume(label, true);
 }
 

diff --git a/VolumeManager.h b/VolumeManager.h
index f526990..caa0b62 100644 (file)
--- a/VolumeManager.h
+++ b/VolumeManager.h
@@ -65,6 +65,7 @@ private:
     int                    mUmsSharingCount;
     int                    mSavedDirtyRatio;
     int                    mUmsDirtyRatio;
+    int                    mVolManagerDisabled;
 
 public:
     virtual ~VolumeManager();
@@ -83,6 +84,7 @@ public:
     int unshareVolume(const char *label, const char *method);
     int shareEnabled(const char *path, const char *method, bool *enabled);
     int formatVolume(const char *label);
+    void disableVolumeManager(void) { mVolManagerDisabled = 1; }
 
     /* ASEC */
     int createAsec(const char *id, unsigned numSectors, const char *fstype,
@@ -130,7 +132,7 @@ private:
 extern "C" {
 #endif /* __cplusplus */
 #define UNMOUNT_NOT_MOUNTED_ERR -2
-    int vold_unmountVol(const char *label);
+    int vold_disableVol(const char *label);
     int vold_getNumDirectVolumes(void);
     int vold_getDirectVolumeList(struct volume_info *v);
 #ifdef __cplusplus

diff --git a/cryptfs.c b/cryptfs.c
index a418225..50c3e64 100644 (file)
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -1141,7 +1141,7 @@ int cryptfs_enable(char *howarg, char *passwd)
             }
             close(fd);
 
-            ret=vold_unmountVol(vol_list[i].label);
+            ret=vold_disableVol(vol_list[i].label);
             if ((ret < 0) && (ret != UNMOUNT_NOT_MOUNTED_ERR)) {
                 /* -2 is returned when the device exists but is not currently mounted.
                  * ignore the error and continue. */