Remove file size from authfs flags
authfs used to take flags like `--remote-unverified-file 5:10:40960`
where the 40969 is the file size provided by the client. The intention
is that since the file is readonly, we can set up the FUSE with the
information ready, and avoid requesting the size on every stat(2)-like
syscall.
It's just that this make it harder to use for authfs' clients. This
change remove the needs for the clients to provide the size. Instead,
authfs internally just query fd_server before starting the FUSE.
Bug: 198824883
Test: atest AuthFsHostTest ComposHostTestCases
Change-Id: I9b26b6e13bfa170d766a2428cb485d97e0423e13
diff --git a/authfs/src/main.rs b/authfs/src/main.rs
index 32ea3de..e004b81 100644
--- a/authfs/src/main.rs
+++ b/authfs/src/main.rs
@@ -29,6 +29,7 @@
use anyhow::{bail, Context, Result};
use std::collections::BTreeMap;
+use std::convert::TryInto;
use std::fs::File;
use std::io::Read;
use std::path::{Path, PathBuf};
@@ -62,16 +63,15 @@
/// A read-only remote file with integrity check. Can be multiple.
///
- /// For example, `--remote-verified-file 5:10:1234:/path/to/cert` tells the filesystem to
- /// associate entry 5 with a remote file 10 of size 1234 bytes, and need to be verified against
- /// the /path/to/cert.
+ /// For example, `--remote-verified-file 5:10:/path/to/cert` tells the filesystem to associate
+ /// entry 5 with a remote file 10, and need to be verified against the /path/to/cert.
#[structopt(long, parse(try_from_str = parse_remote_ro_file_option))]
remote_ro_file: Vec<OptionRemoteRoFile>,
/// A read-only remote file without integrity check. Can be multiple.
///
- /// For example, `--remote-unverified-file 5:10:1234` tells the filesystem to associate entry 5
- /// with a remote file 10 of size 1234 bytes.
+ /// For example, `--remote-unverified-file 5:10` tells the filesystem to associate entry 5
+ /// with a remote file 10.
#[structopt(long, parse(try_from_str = parse_remote_ro_file_unverified_option))]
remote_ro_file_unverified: Vec<OptionRemoteRoFileUnverified>,
@@ -109,10 +109,6 @@
/// ID to refer to the remote file.
remote_id: i32,
- /// Expected size of the remote file. Necessary for signature check and Merkle tree
- /// verification.
- file_size: u64,
-
/// Certificate to verify the authenticity of the file's fs-verity signature.
/// TODO(170494765): Implement PKCS#7 signature verification.
_certificate_path: PathBuf,
@@ -123,9 +119,6 @@
/// ID to refer to the remote file.
remote_id: i32,
-
- /// Expected size of the remote file.
- file_size: u64,
}
struct OptionRemoteRwFile {
@@ -161,26 +154,24 @@
fn parse_remote_ro_file_option(option: &str) -> Result<OptionRemoteRoFile> {
let strs: Vec<&str> = option.split(':').collect();
- if strs.len() != 4 {
+ if strs.len() != 3 {
bail!("Invalid option: {}", option);
}
Ok(OptionRemoteRoFile {
ino: strs[0].parse::<Inode>()?,
remote_id: strs[1].parse::<i32>()?,
- file_size: strs[2].parse::<u64>()?,
- _certificate_path: PathBuf::from(strs[3]),
+ _certificate_path: PathBuf::from(strs[2]),
})
}
fn parse_remote_ro_file_unverified_option(option: &str) -> Result<OptionRemoteRoFileUnverified> {
let strs: Vec<&str> = option.split(':').collect();
- if strs.len() != 3 {
+ if strs.len() != 2 {
bail!("Invalid option: {}", option);
}
Ok(OptionRemoteRoFileUnverified {
ino: strs[0].parse::<Inode>()?,
remote_id: strs[1].parse::<i32>()?,
- file_size: strs[2].parse::<u64>()?,
})
}
@@ -292,7 +283,7 @@
new_config_remote_verified_file(
service.clone(),
config.remote_id,
- config.file_size,
+ service.getFileSize(config.remote_id)?.try_into()?,
)?,
);
}
@@ -303,7 +294,7 @@
new_config_remote_unverified_file(
service.clone(),
config.remote_id,
- config.file_size,
+ service.getFileSize(config.remote_id)?.try_into()?,
)?,
);
}