Linux mount
理解Mount
bind mount 将目录挂载到目录
mount --bind olddir newdir //将olddir挂载到newdir上去,目录权限变成olddir的权限,所有对newdir的修改体现到olddir
umount newdir //解除mount
mount namespace
Mount namespaces (CLONE_NEWNS
, Linux 2.4.19) isolate the set of filesystem mount points seen by a group of processes. Thus, processes in different mount namespaces can have different views of the filesystem hierarchy. With the addition of mount namespaces, the mount()
and umount()
system calls ceased operating on a global set of mount points visible to all processes on the system and instead performed operations that affected just the mount namespace associated with the calling process
<p>Android 6.0 introduces a new <a href="{@docRoot}devices/tech/config/runtime_perms.html">runtime permissions</a> model where apps request
capabilities when needed at runtime. Because the new model includes the <code>READ/WRITE_EXTERNAL_STORAGE</code> permissions, the platform needs to dynamically grant storage access without
killing or restarting already-running apps. It does this by maintaining three
distinct views of all mounted storage devices:</p>
<ul>
<li><code>/mnt/runtime/default</code> is shown to apps with no special storage permissions, and to the root
namespace where <code>adbd</code> and other system components live.
<li><code>/mnt/runtime/read</code> is shown to apps with <code>READ_EXTERNAL_STORAGE</code>
<li><code>/mnt/runtime/write</code> is shown to apps with <code>WRITE_EXTERNAL_STORAGE</code>
</ul>
<p>At Zygote fork time, we create a mount namespace for each running app and bind
mount the appropriate initial view into place. Later, when runtime permissions
are granted, <code>vold</code> jumps into the mount namespace of already-running apps and bind mounts the
upgraded view into place. Note that permission downgrades always result in the
app being killed.</p>
<p>The <code>setns()</code> functionality used to implement this feature requires at least Linux 3.8, but
patches have been backported successfully to Linux 3.4. The <code>PermissionsHostTest</code> CTS test can be used to verify correct kernel behavior.</p>
<p>In Android 6.0, third-party apps don’t have access to the <code>sdcard_r</code> and <code>sdcard_rw</code> GIDs. Instead, access is controlled by mounting only the appropriate runtime
view in place for that app. Cross-user interactions are blocked using the <code>everybody</code> GID.</p>
可实现进程独立的文件系统视图。Android的读写外部存储的运行时权限就是用过这种方式来实现。在低版本的Android系统中,读写外部存储的权限是通过给应用程序进程添加sdcard_rw
group id实现的。Android6.0之后的版本支持运行时权限,当读写外部存储的权限动态改变的时候,PackageManagerService会通过MountService请求vold进程(VolumeManager damon)重新根据当前应用程序的权限选择不同的目录进行bind mount,这样应用程序进程会看到不同的目录文件系统。具体实现参照[VolumeManager::remountUid]