authfs: fd_server to expose local FD via binder interface
fd_server provides a binder service (currently local binder since remote
binder is not ready). The server starts with FDs specified in the
command line flags (and supposedly opened FDs passed from the parent
process).
fd_server is supposed to run in Android to provide backing file to
authfs.
Test: # Start the server to serve the file. Read from the client.
adb shell 'exec
9</system/bin/sh
8</data/local/tmp/input.4m
7</data/local/tmp/input.4m.merkle_dump
6</data/local/tmp/input.4m.fsv_sig
fd_server --ro-fds 9 --ro-fds 8:7:6'`
Bug: 171280169
Change-Id: Ide68f23d7177b726ffd48ef960276bd8cf5e5846
diff --git a/authfs/aidl/Android.bp b/authfs/aidl/Android.bp
new file mode 100644
index 0000000..8cb9dcf
--- /dev/null
+++ b/authfs/aidl/Android.bp
@@ -0,0 +1,10 @@
+aidl_interface {
+ name: "authfs_aidl_interface",
+ unstable: true,
+ srcs: ["com/android/virt/fs/*.aidl"],
+ backend: {
+ rust: {
+ enabled: true,
+ },
+ },
+}
diff --git a/authfs/aidl/com/android/virt/fs/IVirtFdService.aidl b/authfs/aidl/com/android/virt/fs/IVirtFdService.aidl
new file mode 100644
index 0000000..628ee3c
--- /dev/null
+++ b/authfs/aidl/com/android/virt/fs/IVirtFdService.aidl
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.virt.fs;
+
+/** {@hide} */
+interface IVirtFdService {
+ /** Error when the requesting FD is unknown. */
+ const int ERROR_UNKNOWN_FD = 1;
+
+ /**
+ * Error when I/O fails. This can happen when actual I/O error happens to the backing file,
+ * when the given offset or size are invalid, or any problems that can fail a read/write
+ * request.
+ */
+ const int ERROR_IO = 2;
+
+ /** Maximum content size that the service allows the client to request. */
+ const int MAX_REQUESTING_DATA = 16384;
+
+ /**
+ * Returns the content of the given file ID, from the offset, for the amount of requested size
+ * or until EOF.
+ */
+ byte[] readFile(int id, long offset, int size);
+
+ /**
+ * Returns the content of fs-verity compatible Merkle tree of the given file ID, from the
+ * offset, for the amount of requested size or until EOF.
+ */
+ byte[] readFsverityMerkleTree(int id, long offset, int size);
+
+ /** Returns the fs-verity signature of the given file ID. */
+ byte[] readFsveritySignature(int id);
+}