authfs: FUSE to serve file with fs-verity verification
The filesystem can currently serve local files specified via command
line flags, with verification using manually specified Merkle tree dump.
It also allows regular read without verification.
The change currently only supports local files for debug only. We will
need to add new configuration for remote file access with our own server
and protocol.
See tools/test.sh for the example setup.
BYPASS_INCLUSIVE_LANGUAGE_REASON=man page
Bug: 173507504
Test: atest --host authfs_host_test_src_lib
Test: tools/test.sh (on workstation)
Change-Id: I0ec14559fe8b4df2bd6fe5888018c12963958dc2
diff --git a/authfs/src/reader.rs b/authfs/src/reader.rs
index 135a793..2d1b617 100644
--- a/authfs/src/reader.rs
+++ b/authfs/src/reader.rs
@@ -19,13 +19,14 @@
use std::fs::File;
use std::io::Result;
use std::os::unix::fs::FileExt;
-use std::path::Path;
+
+use crate::common::COMMON_PAGE_SIZE;
/// A trait for reading data by chunks. The data is assumed readonly and has fixed length. Chunks
/// can be read by specifying the chunk index. Only the last chunk may have incomplete chunk size.
pub trait ReadOnlyDataByChunk {
/// Default chunk size.
- const CHUNK_SIZE: u64 = 4096;
+ const CHUNK_SIZE: u64 = COMMON_PAGE_SIZE;
/// Read the `chunk_index`-th chunk to `buf`. Each slice/chunk has size `CHUNK_SIZE` except for
/// the last one, which can be an incomplete chunk. `buf` is currently required to be large
@@ -49,9 +50,7 @@
impl ChunkedFileReader {
/// Creates a `ChunkedFileReader` to read from for the specified `path`.
- #[allow(dead_code)]
- pub fn new<P: AsRef<Path>>(path: P) -> Result<ChunkedFileReader> {
- let file = File::open(path)?;
+ pub fn new(file: File) -> Result<ChunkedFileReader> {
let size = file.metadata()?.len();
Ok(ChunkedFileReader { file, size })
}