Keep /mnt/secure private to default namespace.
When vold mounts things in /mnt/secure/staging, it expects to MS_MOVE
those mountpoints when vetting is finished. However, the kernel
doesn't allow MS_MOVE when the source is shared to child namespaces.
To work around this, create a tmpfs at /mnt/secure and mark it as
private (not shared). Verified that vold can now successfully move
from the staging area.
Bug: 7094858
Change-Id: I5e05b1005c63efa277935c9bbd18cbf3ffdd47a3
diff --git a/rootdir/init.rc b/rootdir/init.rc
index fc678f0..3d57211 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -63,6 +63,8 @@
# Directory for putting things only root should see.
mkdir /mnt/secure 0700 root root
+ # Create private mountpoint so we can MS_MOVE from staging
+ mount tmpfs tmpfs /mnt/secure mode=0700,uid=0,gid=0
# Directory for staging bindmounts
mkdir /mnt/secure/staging 0700 root root
@@ -135,6 +137,7 @@
mount rootfs rootfs / ro remount
# mount shared so changes propagate into child namespaces
mount rootfs rootfs / shared rec
+ mount tmpfs tmpfs /mnt/secure private rec
# We chown/chmod /cache again so because mount is run as root + defaults
chown system cache /cache