Commit Graph

12 Commits

Author SHA1 Message Date
Nick Kralevich 44a5fb5704 Merge "fs_mgr: make block devices read-only" 2013-04-25 20:22:20 +00:00
Nick Kralevich 29a5298366 mount: fix incorrect string length calculation
Fix bug https://code.google.com/p/android/issues/detail?id=54192
which incorrectly calculated the length of a string.

Fix compiler warning:

system/core/toolbox/mount.c:59:2: warning: initializer-string for array of chars is too long [enabled by default]
system/core/toolbox/mount.c:59:2: warning: (near initialization for 'options[16].str') [enabled by default]

Change-Id: If8663f8311c6348a730fcf731d402b57fee10cb5
2013-04-24 16:31:02 -07:00
Nick Kralevich e18c0d508a fs_mgr: make block devices read-only
When a filesystem is mounted read-only, make the underlying
block device read-only too. This helps prevent an attacker
who is able to change permissions on the files in /dev
(for example, symlink attack) from modifying the block device.

In particular, this change would have stopped the LG Thrill / Optimus
3D rooting exploit
(http://vulnfactory.org/blog/2012/02/26/rooting-the-lg-thrill-optimus-3d/)
as that exploit modified the raw block device corresponding to /system.

This change also makes UID=0 less powerful. Block devices cannot
be made writable again without CAP_SYS_ADMIN, so an escalation
to UID=0 by itself doesn't give full root access.

adb/mount: Prior to mounting something read-write, remove the
read-only restrictions on the underlying block device. This avoids
messing up developer workflows.

Change-Id: I135098a8fe06f327336f045aab0d48ed9de33807
2013-04-24 08:53:26 -07:00
Jeff Sharkey bfcd810b79 Iteration on multi-user external storage.
Define /storage as top-level concept, so that we enforce permissions
uniformly.  Moves external storage paths from headers to per-device
environment variables.  Added missing mount flags, and we no longer
have adb-specific external storage.

Bug: 6925012
Change-Id: Ic7ca953be2f552d3f0ec9e69f89fef751daa1b29
2012-08-22 14:28:37 -07:00
Ken Sumrall 940c81078e Add -o loop= option to mount, and fix error detection in mount and umount
This fixes bug http://b.android.com/18419, which complains about a bogus
error check in the mount command (it also was wrong in the umount command)
and also asks for the mount command to support more than one loopback
device, as mentioned in the FIXME comments in mount.c.  This required some
corresponding changes to umount.c

Change-Id: Ib796c70926395e61557e487bad64984d3295d5f3
2011-07-13 14:37:41 -07:00
Colin Cross 4e7dd3d270 mount: Add support for remounting without specifying device
Change-Id: I48c84fab3ab2a9704ec5b7bf7002b8960fa53c27
2010-05-07 12:09:19 -07:00
Dima Zavin 2f0c41ec3c am 383688b5: toolbox: Fix uninitalized stack variable in mount.
Merge commit '383688b52fb19b9c4d98bb1a660febc880d0e268'

* commit '383688b52fb19b9c4d98bb1a660febc880d0e268':
  toolbox: Fix uninitalized stack variable in mount.
2009-07-01 11:18:15 -07:00
Dima Zavin 383688b52f toolbox: Fix uninitalized stack variable in mount.
Signed-off-by: Dima Zavin <dima@android.com>
2009-06-29 15:53:22 -07:00
The Android Open Source Project dd7bc3319d auto import from //depot/cupcake/@135843 2009-03-03 19:32:55 -08:00
The Android Open Source Project e54eebbf1a auto import from //depot/cupcake/@135843 2009-03-03 18:29:04 -08:00
Jay Freeman (saurik) bc7b0cbe15 Open file and loop device with O_RDONLY when -o loop,ro.
Otherwise: ioctl LOOP_SET_FD failed: Bad file number.
2008-11-16 13:28:23 +00:00
The Android Open Source Project 4f6e8d7a00 Initial Contribution 2008-10-21 07:00:00 -07:00