From eb8ef1b854895a14d21964b9666bb3247a5cf8f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=96=BD=E8=BF=90=E7=90=86?= Date: Mon, 4 Aug 2025 21:41:46 +0800 Subject: [PATCH] =?UTF-8?q?add=20el1=20isolate=20dir=20Signed-off-by:=20?= =?UTF-8?q?=E6=96=BD=E8=BF=90=E7=90=86=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/common/appspawn_common.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/modules/common/appspawn_common.c b/modules/common/appspawn_common.c index 57342e19..8b69efc6 100644 --- a/modules/common/appspawn_common.c +++ b/modules/common/appspawn_common.c @@ -70,7 +70,7 @@ #define PID_NS_INIT_UID 100000 // reserved for pid_ns_init process, avoid app, render proc, etc. #define PID_NS_INIT_GID 100000 #define PREINSTALLED_HAP_FLAG 0x01 // hapFlags 0x01: SELINUX_HAP_RESTORECON_PREINSTALLED_APP in selinux -#define ISOLATE_PATH_NUM 2 +#define ISOLATE_PATH_NUM 3 #define ISOLATE_PATH_SIZE 4096 #define HM_DEC_IOCTL_BASE 's' #define HM_ADD_ISOLATE_DIR 16 @@ -461,6 +461,10 @@ static void HoldIsolateDir(IsolateDirInfo *isolateDirInfo) DIR *dir1 = opendir(isolateDirInfo->isolatePath[1]); APPSPAWN_CHECK_ONLY_LOG(!(dir1 == NULL), "open isolate dir %{public}s failed, errno is %{public}d", isolateDirInfo->isolatePath[1], errno); + + DIR *dir2 = opendir(isolateDirInfo->isolatePath[2]); + APPSPAWN_CHECK_ONLY_LOG(!(dir2 == NULL), "open isolate dir %{public}s failed, errno is %{public}d", + isolateDirInfo->isolatePath[2], errno); } #endif @@ -483,6 +487,9 @@ APPSPAWN_STATIC int SetIsolateDir(const AppSpawningCtx *property) ret = snprintf_s(isolateDirInfo.isolatePath[1], ISOLATE_PATH_SIZE, ISOLATE_PATH_SIZE - 1, "%s/%u/%s", "/storage/media", dacInfo->uid / UID_BASE, "local/files/Docs"); APPSPAWN_CHECK(ret >= 0, return ret, "snprintf_s storage path failed, errno %{public}d", errno); + ret = snprintf_s(isolateDirInfo.isolatePath[2], ISOLATE_PATH_SIZE, ISOLATE_PATH_SIZE - 1, "%s/%u/%s", + "/data/app/el1", dacInfo->uid / UID_BASE, "base"); + APPSPAWN_CHECK(ret >= 0, return ret, "snprintf_s el2 path failed, errno %{public}d", errno); isolateDirInfo.pathNum = ISOLATE_PATH_NUM; HoldIsolateDir(&isolateDirInfo); -- Gitee