22:28
YWPMGFA
Starting in Android 4.2, devices can support multiple users, and external
storage must meet the following constraints:
- Each user must have their own isolated primary external storage, and must not have access to the primary external storage of other users.
- The
/sdcardpath must resolve to the correct user-specific primary external storage based on the user a process is running as. - Storage for large OBB files in the
Android/obbdirectory may be shared between multiple users as an optimization. - Secondary external storage must not be writable by apps, except in package-specific directories as allowed by synthesized permissions.
The default platform implementation of this feature leverages Linux kernel
namespaces to create isolated mount tables for each Zygote-forked process,
and then uses bind mounts to offer the correct user-specific primary external
storage into that private namespace.
At boot, the system mounts a single emulated external storage FUSE daemon
at
EMULATED_STORAGE_SOURCE, which is hidden from apps. After
the Zygote forks, it bind mounts the appropriate user-specific subdirectory
from under the FUSE daemon to EMULATED_STORAGE_TARGET so that
external storage paths resolve correctly for the app. Because an app lacks
accessible mount points for other users' storage, they can only access
storage for the user it was started as.
This implementation also uses the shared subtree kernel feature to
propagate mount events from the default root namespace into app namespaces,
which ensures that features like ASEC containers and OBB mounting continue
working correctly. It does this by mounting the rootfs as shared, and then
remounting it as slave after each Zygote namespace is created. Read more...
0 comments:
Post a Comment