Make authfs start optional

Only start the service if the VM config requests it.

Make CompOS explicitly request authfs, since it requires it.

Also improve the error messages if authfs is missing (which I
triggered while working on this).

This doesn't include restricting the use of the config option, but we
have a seperate bug to handle that in general.

Bug: 245262525
Test: atest MicrodroidTests MicrodroidHostTestCases
Change-Id: I4363daf0f5cfb0c1c7ffbb7ae2ca2b9cc395167d
diff --git a/compos/apk/assets/vm_config.json b/compos/apk/assets/vm_config.json
index c4abfd9..1f5cdba 100644
--- a/compos/apk/assets/vm_config.json
+++ b/compos/apk/assets/vm_config.json
@@ -26,5 +26,6 @@
       "name": "{CLASSPATH}"
     }
   ],
-  "export_tombstones": true
+  "export_tombstones": true,
+  "enable_authfs": true
 }
diff --git a/compos/apk/assets/vm_config_staged.json b/compos/apk/assets/vm_config_staged.json
index 0be6e78..37b1d7a 100644
--- a/compos/apk/assets/vm_config_staged.json
+++ b/compos/apk/assets/vm_config_staged.json
@@ -27,5 +27,6 @@
       "name": "{CLASSPATH}"
     }
   ],
-  "export_tombstones": true
+  "export_tombstones": true,
+  "enable_authfs": true
 }
diff --git a/compos/apk/assets/vm_config_system_ext.json b/compos/apk/assets/vm_config_system_ext.json
index e60dee7..1ef43f0 100644
--- a/compos/apk/assets/vm_config_system_ext.json
+++ b/compos/apk/assets/vm_config_system_ext.json
@@ -29,5 +29,6 @@
       "name": "{CLASSPATH}"
     }
   ],
-  "export_tombstones": true
+  "export_tombstones": true,
+  "enable_authfs": true
 }
diff --git a/compos/apk/assets/vm_config_system_ext_staged.json b/compos/apk/assets/vm_config_system_ext_staged.json
index 99a4160..9103a9e 100644
--- a/compos/apk/assets/vm_config_system_ext_staged.json
+++ b/compos/apk/assets/vm_config_system_ext_staged.json
@@ -30,5 +30,6 @@
       "name": "{CLASSPATH}"
     }
   ],
-  "export_tombstones": true
+  "export_tombstones": true,
+  "enable_authfs": true
 }
diff --git a/compos/src/compsvc.rs b/compos/src/compsvc.rs
index 7ce60cd..3dbb4da 100644
--- a/compos/src/compsvc.rs
+++ b/compos/src/compsvc.rs
@@ -117,7 +117,7 @@
             ));
         }
 
-        let context = to_binder_result(OdrefreshContext::new(
+        let context = OdrefreshContext::new(
             compilation_mode,
             system_dir_fd,
             if system_ext_dir_fd >= 0 { Some(system_ext_dir_fd) } else { None },
@@ -126,21 +126,9 @@
             target_dir_name,
             zygote_arch,
             system_server_compiler_filter,
-        ))?;
+        );
 
-        let authfs_service = binder::get_interface(AUTHFS_SERVICE_NAME)?;
-        let exit_code = to_binder_result(
-            odrefresh(&self.odrefresh_path, context, authfs_service, |output_dir| {
-                // authfs only shows us the files we created, so it's ok to just sign everything
-                // under the output directory.
-                let mut artifact_signer = ArtifactSigner::new(&output_dir);
-                add_artifacts(&output_dir, &mut artifact_signer)?;
-
-                artifact_signer.write_info_and_signature(&output_dir.join("compos.info"))
-            })
-            .context("odrefresh failed"),
-        )?;
-        Ok(exit_code as i8)
+        to_binder_result(context.and_then(|c| self.do_odrefresh(c)))
     }
 
     fn getPublicKey(&self) -> BinderResult<Vec<u8>> {
@@ -158,6 +146,23 @@
     }
 }
 
+impl CompOsService {
+    fn do_odrefresh(&self, context: OdrefreshContext) -> Result<i8> {
+        let authfs_service = binder::get_interface(AUTHFS_SERVICE_NAME)
+            .context("Unable to connect to AuthFS service")?;
+        let exit_code = odrefresh(&self.odrefresh_path, context, authfs_service, |output_dir| {
+            // authfs only shows us the files we created, so it's ok to just sign everything
+            // under the output directory.
+            let mut artifact_signer = ArtifactSigner::new(&output_dir);
+            add_artifacts(&output_dir, &mut artifact_signer)?;
+
+            artifact_signer.write_info_and_signature(&output_dir.join("compos.info"))
+        })
+        .context("odrefresh failed")?;
+        Ok(exit_code as i8)
+    }
+}
+
 fn add_artifacts(target_dir: &Path, artifact_signer: &mut ArtifactSigner) -> Result<()> {
     for entry in
         read_dir(&target_dir).with_context(|| format!("Traversing {}", target_dir.display()))?