Merge changes I935424a5,Ib321e2a2,I2a2513ad,Icaad2935

* changes:
  Add --uid --gid options to zipfuse
  Enable permission checks for zipfuse filesystems
  Root dir of zipfuse gets permission 500
  zipfuse: files default permission is 400
diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index 4018d00..1ef41cb 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs
@@ -488,6 +488,8 @@
 }
 
 impl Zipfuse {
+    const MICRODROID_PAYLOAD_UID: u32 = 0; // TODO(b/264861173) should be non-root
+    const MICRODROID_PAYLOAD_GID: u32 = 0; // TODO(b/264861173) should be non-root
     fn mount(
         &mut self,
         noexec: MountForExec,
@@ -501,6 +503,8 @@
             cmd.arg("--noexec");
         }
         cmd.args(["-p", &ready_prop, "-o", option]);
+        cmd.args(["-u", &Self::MICRODROID_PAYLOAD_UID.to_string()]);
+        cmd.args(["-g", &Self::MICRODROID_PAYLOAD_GID.to_string()]);
         cmd.arg(zip_path).arg(mount_dir);
         self.ready_properties.push(ready_prop);
         cmd.spawn().with_context(|| format!("Failed to run zipfuse for {mount_dir:?}"))
diff --git a/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java b/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
index e02f85f..464e091 100644
--- a/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
+++ b/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
@@ -678,9 +678,6 @@
         // Check if the native library in the APK is has correct filesystem info
         final String[] abis = microdroid.run("getprop", "ro.product.cpu.abilist").split(",");
         assertThat(abis).hasLength(1);
-        final String testLib = "/mnt/apk/lib/" + abis[0] + "/MicrodroidTestNativeLib.so";
-        final String label = "u:object_r:system_file:s0";
-        assertThat(microdroid.run("ls", "-Z", testLib)).isEqualTo(label + " " + testLib);
 
         // Check that no denials have happened so far
         CommandRunner android = new CommandRunner(getDevice());
diff --git a/zipfuse/src/inode.rs b/zipfuse/src/inode.rs
index 5d52922..3edbc49 100644
--- a/zipfuse/src/inode.rs
+++ b/zipfuse/src/inode.rs
@@ -31,6 +31,11 @@
 const INVALID: Inode = 0;
 const ROOT: Inode = 1;
 
+const DEFAULT_DIR_MODE: u32 = libc::S_IRUSR | libc::S_IXUSR;
+// b/264668376 some files in APK don't have unix permissions specified. Default to 400
+// otherwise those files won't be readable even by the owner.
+const DEFAULT_FILE_MODE: u32 = libc::S_IRUSR;
+
 /// `InodeData` represents an inode which has metadata about a file or a directory
 #[derive(Debug)]
 pub struct InodeData {
@@ -96,7 +101,7 @@
 
     fn new_file(zip_index: ZipIndex, zip_file: &zip::read::ZipFile) -> InodeData {
         InodeData {
-            mode: zip_file.unix_mode().unwrap_or(0),
+            mode: zip_file.unix_mode().unwrap_or(DEFAULT_FILE_MODE),
             size: zip_file.size(),
             data: InodeDataData::File(zip_index),
         }
@@ -169,7 +174,7 @@
 
         // Add the inodes for the invalid and the root directory
         assert_eq!(INVALID, table.put(InodeData::new_dir(0)));
-        assert_eq!(ROOT, table.put(InodeData::new_dir(0)));
+        assert_eq!(ROOT, table.put(InodeData::new_dir(DEFAULT_DIR_MODE)));
 
         // For each zip file in the archive, create an inode and add it to the table. If the file's
         // parent directories don't have corresponding inodes in the table, handle them too.
@@ -200,13 +205,11 @@
                     // Update the mode if this is a directory leaf.
                     if !is_file && is_leaf {
                         let mut inode = table.get_mut(parent).unwrap();
-                        inode.mode = file.unix_mode().unwrap_or(0);
+                        inode.mode = file.unix_mode().unwrap_or(DEFAULT_DIR_MODE);
                     }
                     continue;
                 }
 
-                const DEFAULT_DIR_MODE: u32 = libc::S_IRUSR | libc::S_IXUSR;
-
                 // No inode found. Create a new inode and add it to the inode table.
                 let inode = if is_file {
                     InodeData::new_file(i, &file)
diff --git a/zipfuse/src/main.rs b/zipfuse/src/main.rs
index 9411759..ffa0a4a 100644
--- a/zipfuse/src/main.rs
+++ b/zipfuse/src/main.rs
@@ -59,6 +59,18 @@
                 .takes_value(true)
                 .help("Specify a property to be set when mount is ready"),
         )
+        .arg(
+            Arg::with_name("uid")
+                .short('u')
+                .takes_value(true)
+                .help("numeric UID who's the owner of the files"),
+        )
+        .arg(
+            Arg::with_name("gid")
+                .short('g')
+                .takes_value(true)
+                .help("numeric GID who's the group of the files"),
+        )
         .arg(Arg::with_name("ZIPFILE").required(true))
         .arg(Arg::with_name("MOUNTPOINT").required(true))
         .get_matches();
@@ -68,7 +80,9 @@
     let options = matches.value_of("options");
     let noexec = matches.is_present("noexec");
     let ready_prop = matches.value_of("readyprop");
-    run_fuse(zip_file, mount_point, options, noexec, ready_prop)?;
+    let uid: u32 = matches.value_of("uid").map_or(0, |s| s.parse().unwrap());
+    let gid: u32 = matches.value_of("gid").map_or(0, |s| s.parse().unwrap());
+    run_fuse(zip_file, mount_point, options, noexec, ready_prop, uid, gid)?;
     Ok(())
 }
 
@@ -79,6 +93,8 @@
     extra_options: Option<&str>,
     noexec: bool,
     ready_prop: Option<&str>,
+    uid: u32,
+    gid: u32,
 ) -> Result<()> {
     const MAX_READ: u32 = 1 << 20; // TODO(jiyong): tune this
     const MAX_WRITE: u32 = 1 << 13; // This is a read-only filesystem
@@ -87,6 +103,7 @@
 
     let mut mount_options = vec![
         MountOption::FD(dev_fuse.as_raw_fd()),
+        MountOption::DefaultPermissions,
         MountOption::RootMode(libc::S_IFDIR | libc::S_IXUSR | libc::S_IXGRP | libc::S_IXOTH),
         MountOption::AllowOther,
         MountOption::UserId(0),
@@ -110,7 +127,7 @@
 
     let mut config = fuse::FuseConfig::new();
     config.dev_fuse(dev_fuse).max_write(MAX_WRITE).max_read(MAX_READ);
-    Ok(config.enter_message_loop(ZipFuse::new(zip_file)?)?)
+    Ok(config.enter_message_loop(ZipFuse::new(zip_file, uid, gid)?)?)
 }
 
 struct ZipFuse {
@@ -119,6 +136,8 @@
     inode_table: InodeTable,
     open_files: Mutex<HashMap<Handle, OpenFile>>,
     open_dirs: Mutex<HashMap<Handle, OpenDirBuf>>,
+    uid: u32,
+    gid: u32,
 }
 
 /// Represents a [`ZipFile`] that is opened.
@@ -151,7 +170,7 @@
 }
 
 impl ZipFuse {
-    fn new(zip_file: &Path) -> Result<ZipFuse> {
+    fn new(zip_file: &Path, uid: u32, gid: u32) -> Result<ZipFuse> {
         // TODO(jiyong): Use O_DIRECT to avoid double caching.
         // `.custom_flags(nix::fcntl::OFlag::O_DIRECT.bits())` currently doesn't work.
         let f = File::open(zip_file)?;
@@ -166,6 +185,8 @@
             inode_table: it,
             open_files: Mutex::new(HashMap::new()),
             open_dirs: Mutex::new(HashMap::new()),
+            uid,
+            gid,
         })
     }
 
@@ -188,8 +209,8 @@
         st.st_ino = inode;
         st.st_mode = if inode_data.is_dir() { libc::S_IFDIR } else { libc::S_IFREG };
         st.st_mode |= inode_data.mode;
-        st.st_uid = 0;
-        st.st_gid = 0;
+        st.st_uid = self.uid;
+        st.st_gid = self.gid;
         st.st_size = i64::try_from(inode_data.size).unwrap_or(i64::MAX);
         Ok(st)
     }
@@ -465,7 +486,7 @@
         let zip_path = PathBuf::from(zip_path);
         let mnt_path = PathBuf::from(mnt_path);
         std::thread::spawn(move || {
-            crate::run_fuse(&zip_path, &mnt_path, None, noexec).unwrap();
+            crate::run_fuse(&zip_path, &mnt_path, None, noexec, 0, 0).unwrap();
         });
     }