Deprecate local file support in authfs
Local file was supported during early development, but it's not actually
used.
The names in FileConfig enum are renamed to make linter happy (which
is reasonable since all files are now remote).
Bug: 203251769
Test: atest AuthFsHostTest authfs_device_test_src_lib
Change-Id: I9f1f800453695c84fe4fc15a89b5a434fdaa0331
diff --git a/authfs/src/fusefs.rs b/authfs/src/fusefs.rs
index 6bdb498..d54b5be 100644
--- a/authfs/src/fusefs.rs
+++ b/authfs/src/fusefs.rs
@@ -35,8 +35,7 @@
use crate::common::{divide_roundup, ChunkedSizeIter, CHUNK_SIZE};
use crate::file::{
- LocalFileReader, RandomWrite, ReadByChunk, RemoteFileEditor, RemoteFileReader,
- RemoteMerkleTreeReader,
+ RandomWrite, ReadByChunk, RemoteFileEditor, RemoteFileReader, RemoteMerkleTreeReader,
};
use crate::fsverity::{VerifiedFileEditor, VerifiedFileReader};
@@ -48,24 +47,16 @@
/// `FileConfig` defines the file type supported by AuthFS.
pub enum FileConfig {
/// A file type that is verified against fs-verity signature (thus read-only). The file is
- /// backed by a local file. Debug only.
- LocalVerifiedReadonly {
- reader: VerifiedFileReader<LocalFileReader, LocalFileReader>,
- file_size: u64,
- },
- /// A file type that is a read-only passthrough from a local file. Debug only.
- LocalUnverifiedReadonly { reader: LocalFileReader, file_size: u64 },
- /// A file type that is verified against fs-verity signature (thus read-only). The file is
/// served from a remote server.
- RemoteVerifiedReadonly {
+ VerifiedReadonly {
reader: VerifiedFileReader<RemoteFileReader, RemoteMerkleTreeReader>,
file_size: u64,
},
/// A file type that is a read-only passthrough from a file on a remote serrver.
- RemoteUnverifiedReadonly { reader: RemoteFileReader, file_size: u64 },
+ UnverifiedReadonly { reader: RemoteFileReader, file_size: u64 },
/// A file type that is initially empty, and the content is stored on a remote server. File
/// integrity is guaranteed with private Merkle tree.
- RemoteVerifiedNew { editor: VerifiedFileEditor<RemoteFileEditor> },
+ VerifiedNew { editor: VerifiedFileEditor<RemoteFileEditor> },
}
struct AuthFs {
@@ -207,13 +198,11 @@
// be static.
let inode = num.parse::<Inode>().map_err(|_| io::Error::from_raw_os_error(libc::ENOENT))?;
let st = match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonly { file_size, .. }
- | FileConfig::LocalUnverifiedReadonly { file_size, .. }
- | FileConfig::RemoteUnverifiedReadonly { file_size, .. }
- | FileConfig::RemoteVerifiedReadonly { file_size, .. } => {
+ FileConfig::UnverifiedReadonly { file_size, .. }
+ | FileConfig::VerifiedReadonly { file_size, .. } => {
create_stat(inode, *file_size, FileMode::ReadOnly)?
}
- FileConfig::RemoteVerifiedNew { editor } => {
+ FileConfig::VerifiedNew { editor } => {
create_stat(inode, editor.size(), FileMode::ReadWrite)?
}
};
@@ -234,13 +223,11 @@
) -> io::Result<(libc::stat64, Duration)> {
Ok((
match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonly { file_size, .. }
- | FileConfig::LocalUnverifiedReadonly { file_size, .. }
- | FileConfig::RemoteUnverifiedReadonly { file_size, .. }
- | FileConfig::RemoteVerifiedReadonly { file_size, .. } => {
+ FileConfig::UnverifiedReadonly { file_size, .. }
+ | FileConfig::VerifiedReadonly { file_size, .. } => {
create_stat(inode, *file_size, FileMode::ReadOnly)?
}
- FileConfig::RemoteVerifiedNew { editor } => {
+ FileConfig::VerifiedNew { editor } => {
create_stat(inode, editor.size(), FileMode::ReadWrite)?
}
},
@@ -257,13 +244,10 @@
// Since file handle is not really used in later operations (which use Inode directly),
// return None as the handle.
match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonly { .. }
- | FileConfig::LocalUnverifiedReadonly { .. }
- | FileConfig::RemoteVerifiedReadonly { .. }
- | FileConfig::RemoteUnverifiedReadonly { .. } => {
+ FileConfig::VerifiedReadonly { .. } | FileConfig::UnverifiedReadonly { .. } => {
check_access_mode(flags, libc::O_RDONLY)?;
}
- FileConfig::RemoteVerifiedNew { .. } => {
+ FileConfig::VerifiedNew { .. } => {
// No need to check access modes since all the modes are allowed to the
// read-writable file.
}
@@ -285,19 +269,13 @@
_flags: u32,
) -> io::Result<usize> {
match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonly { reader, file_size } => {
+ FileConfig::VerifiedReadonly { reader, file_size } => {
read_chunks(w, reader, *file_size, offset, size)
}
- FileConfig::LocalUnverifiedReadonly { reader, file_size } => {
+ FileConfig::UnverifiedReadonly { reader, file_size } => {
read_chunks(w, reader, *file_size, offset, size)
}
- FileConfig::RemoteVerifiedReadonly { reader, file_size } => {
- read_chunks(w, reader, *file_size, offset, size)
- }
- FileConfig::RemoteUnverifiedReadonly { reader, file_size } => {
- read_chunks(w, reader, *file_size, offset, size)
- }
- FileConfig::RemoteVerifiedNew { editor } => {
+ FileConfig::VerifiedNew { editor } => {
// Note that with FsOptions::WRITEBACK_CACHE, it's possible for the kernel to
// request a read even if the file is open with O_WRONLY.
read_chunks(w, editor, editor.size(), offset, size)
@@ -318,7 +296,7 @@
_flags: u32,
) -> io::Result<usize> {
match self.get_file_config(&inode)? {
- FileConfig::RemoteVerifiedNew { editor } => {
+ FileConfig::VerifiedNew { editor } => {
let mut buf = vec![0; size as usize];
r.read_exact(&mut buf)?;
editor.write_at(&buf, offset)
@@ -336,7 +314,7 @@
valid: SetattrValid,
) -> io::Result<(libc::stat64, Duration)> {
match self.get_file_config(&inode)? {
- FileConfig::RemoteVerifiedNew { editor } => {
+ FileConfig::VerifiedNew { editor } => {
// Initialize the default stat.
let mut new_attr = create_stat(inode, editor.size(), FileMode::ReadWrite)?;
// `valid` indicates what fields in `attr` are valid. Update to return correctly.
@@ -383,7 +361,7 @@
size: u32,
) -> io::Result<GetxattrReply> {
match self.get_file_config(&inode)? {
- FileConfig::RemoteVerifiedNew { editor } => {
+ FileConfig::VerifiedNew { editor } => {
// FUSE ioctl is limited, thus we can't implement fs-verity ioctls without a kernel
// change (see b/196635431). Until it's possible, use xattr to expose what we need
// as an authfs specific API.