Organize external storage to enforce sdcard_r.

Create /storage/ to require that users have sdcard_r GID, and place
both emulated and real SD card mount points inside it.  Also reduce
visibility of /data/media.

Bug: 6131916
Change-Id: I088218e7df131dc206356f33174abc0702d9b271
diff --git a/init.herring.rc b/init.herring.rc
index 40d7b3a..13a6b2e 100755
--- a/init.herring.rc
+++ b/init.herring.rc
@@ -40,9 +40,11 @@
     mount ext4 /dev/block/platform/s3c-sdhci.0/by-name/system /system wait ro
     mount ext4 /dev/block/platform/s3c-sdhci.0/by-name/userdata /data wait noatime nosuid nodev nomblk_io_submit
 
-    export EXTERNAL_STORAGE /mnt/sdcard
-    mkdir /mnt/sdcard 0000 system system
-    symlink /mnt/sdcard /sdcard
+    export EXTERNAL_STORAGE /storage/sdcard0
+    mkdir /storage 0550 system sdcard_r
+    mkdir /storage/sdcard0 0000 system system
+    symlink /storage/sdcard0 /sdcard
+    symlink /storage/sdcard0 /mnt/sdcard
 
 # permissions for bluetooth.
     chown bluetooth bluetooth /efs/bluetooth
diff --git a/overlay/frameworks/base/core/res/res/xml/storage_list.xml b/overlay/frameworks/base/core/res/res/xml/storage_list.xml
index 9670ba5..3df9d42 100644
--- a/overlay/frameworks/base/core/res/res/xml/storage_list.xml
+++ b/overlay/frameworks/base/core/res/res/xml/storage_list.xml
@@ -36,7 +36,7 @@
 
 <StorageList xmlns:android="http://schemas.android.com/apk/res/android">
     <!-- removable is not set in nosdcard product -->
-    <storage android:mountPoint="/mnt/sdcard"
+    <storage android:mountPoint="/storage/sdcard0"
         android:storageDescription="@string/storage_usb"
         android:primary="true"
         android:allowMassStorage="true"
diff --git a/vold.fstab b/vold.fstab
index 974dd6a..3b520b8 100644
--- a/vold.fstab
+++ b/vold.fstab
@@ -13,4 +13,4 @@
 ## flags        - (optional) Comma separated list of flags, must not contain '/' character
 ######################
 
-dev_mount sdcard /mnt/sdcard 3 /devices/platform/s3c-sdhci.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0 nonremovable,encryptable
+dev_mount sdcard /storage/sdcard0 3 /devices/platform/s3c-sdhci.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0 nonremovable,encryptable