commit 9a1b43ed0b830c34ef58fc9da89c50099f3b0218
author Wei Wang <wvw@google.com> Fri Jan 12 11:49:31 2018 -0800
committer Wei Wang <wvw@google.com> Fri Jan 12 13:42:03 2018 -0800
tree 91b9f8bc3aff4ff82d43883e47c756729ac8c6ca
parent 0fe257420b5b24931d90016449ff5111288b8f8b
parent 0d5d67eaca13798bd4195a96a614b40e90d949ce

Merge branch 'android-msm-bullhead-3.10-security-next' into android-msm-bullhead-3.10

March 2018.1
Change-Id: Ice243e35cad9f32e9ab30bc007f00440bae25aff

fs/sdcardfs/file.c

diff --git a/fs/sdcardfs/file.c b/fs/sdcardfs/file.c
index 8943bef..03e1cc5 100755
--- a/fs/sdcardfs/file.c
+++ b/fs/sdcardfs/file.c
@@ -18,6 +18,7 @@
  * General Public License.
  */
 
+#include <linux/fsnotify.h>
 #include "sdcardfs.h"
 #ifdef CONFIG_SDCARD_FS_FADV_NOACTIVE
 #include <linux/backing-dev.h>
@@ -243,6 +244,7 @@
 			fput(lower_file); /* fput calls dput for lower_dentry */
 		}
 	} else {
+		fsnotify_open(lower_file);
 		sdcardfs_set_lower_file(file, lower_file);
 	}
 

fs/sdcardfs/main.c

diff --git a/fs/sdcardfs/main.c b/fs/sdcardfs/main.c
index 2a75f74..f4c7ff3c 100755
--- a/fs/sdcardfs/main.c
+++ b/fs/sdcardfs/main.c
@@ -33,6 +33,7 @@
 	Opt_userid,
 	Opt_reserved_mb,
 	Opt_gid_derivation,
+	Opt_default_normal,
 	Opt_err,
 };
 
@@ -45,6 +46,7 @@
 	{Opt_userid, "userid=%d"},
 	{Opt_multiuser, "multiuser"},
 	{Opt_gid_derivation, "derive_gid"},
+	{Opt_default_normal, "default_normal"},
 	{Opt_reserved_mb, "reserved_mb=%u"},
 	{Opt_err, NULL}
 };
@@ -68,6 +70,7 @@
 	opts->reserved_mb = 0;
 	/* by default, gid derivation is off */
 	opts->gid_derivation = false;
+	vfsopts->default_normal = false;
 
 	*debug = 0;
 
@@ -122,6 +125,8 @@
 		case Opt_gid_derivation:
 			opts->gid_derivation = true;
 			break;
+		case Opt_default_normal:
+			vfsopts->default_normal = true;
 		/* unknown option */
 		default:
 			if (!silent)
@@ -175,6 +180,7 @@
 				return 0;
 			vfsopts->mask = option;
 			break;
+		case Opt_default_normal:
 		case Opt_multiuser:
 		case Opt_userid:
 		case Opt_fsuid:

fs/sdcardfs/sdcardfs.h

diff --git a/fs/sdcardfs/sdcardfs.h b/fs/sdcardfs/sdcardfs.h
index 9389f73..3d83c7e 100755
--- a/fs/sdcardfs/sdcardfs.h
+++ b/fs/sdcardfs/sdcardfs.h
@@ -224,6 +224,7 @@
 struct sdcardfs_vfsmount_options {
 	gid_t gid;
 	mode_t mask;
+	bool default_normal;
 };
 
 extern int parse_options_remount(struct super_block *sb, char *options, int silent,
@@ -415,7 +416,7 @@
 {
 	struct sdcardfs_vfsmount_options *opts = mnt->data;
 
-	if (opts->gid == AID_SDCARD_RW)
+	if (opts->gid == AID_SDCARD_RW && !opts->default_normal)
 		/* As an optimization, certain trusted system components only run
 		 * as owner but operate across all users. Since we're now handing
 		 * out the sdcard_rw GID only to trusted apps, we're okay relaxing

fs/sdcardfs/super.c

diff --git a/fs/sdcardfs/super.c b/fs/sdcardfs/super.c
index b89947d..a28b40f 100755
--- a/fs/sdcardfs/super.c
+++ b/fs/sdcardfs/super.c
@@ -304,6 +304,8 @@
 		seq_printf(m, ",userid=%u", opts->fs_user_id);
 	if (opts->gid_derivation)
 		seq_puts(m, ",derive_gid");
+	if (vfsopts->default_normal)
+		seq_puts(m, ",default_normal");
 	if (opts->reserved_mb != 0)
 		seq_printf(m, ",reserved=%uMB", opts->reserved_mb);