Move loopdevice module to dm_rust lib
This is a generic module, not specific to apkdmverity. Will be reused
for unit-testing other dm- devices. Also, setup the test infra for
dm_rust module...
Bug: 250880499
Test: atest libdm_rust.test
Test: atest apkdmverity.test
Change-Id: I32971938908ea8c0213583885403910baac8be10
diff --git a/libs/devicemapper/Android.bp b/libs/devicemapper/Android.bp
index 61ffa22..088b320 100644
--- a/libs/devicemapper/Android.bp
+++ b/libs/devicemapper/Android.bp
@@ -27,3 +27,14 @@
name: "libdm_rust",
defaults: ["libdm_rust.defaults"],
}
+
+rust_test {
+ name: "libdm_rust.test",
+ defaults: ["libdm_rust.defaults"],
+ test_suites: ["general-tests"],
+ rustlibs: [
+ "libscopeguard",
+ "libtempfile",
+ ],
+ data: ["tests/data/*"],
+}
diff --git a/libs/devicemapper/AndroidTest.xml b/libs/devicemapper/AndroidTest.xml
new file mode 100644
index 0000000..9890bb6
--- /dev/null
+++ b/libs/devicemapper/AndroidTest.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2022 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<configuration description="Config for device mapper tests">
+ <!--
+ Creating and configuring the loop devices and the device-mapper devices require root privilege.
+ -->
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <!--
+ We need to disable selinux because kernel (which is implementing the loop device) doesn't have
+ the privilege to read files on /data. Otherwise, we hit the following errors:
+
+ avc: denied { read } for comm="loop32"
+ path="/data/local/tmp/.tmp.ptPChH/**" dev="dm-8" ino=2939
+ scontext=u:r:kernel:s0 tcontext=u:object_r:shell_data_file:s0
+ tclass=file
+ -->
+ <target_preparer class="com.android.tradefed.targetprep.DisableSELinuxTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="push-file" key="libdm_rust.test" value="/data/local/tmp/libdm_rust.test" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.rust.RustBinaryTest" >
+ <option name="test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="libdm_rust.test" />
+ </test>
+</configuration>
diff --git a/libs/devicemapper/TEST_MAPPING b/libs/devicemapper/TEST_MAPPING
new file mode 100644
index 0000000..23d10c4
--- /dev/null
+++ b/libs/devicemapper/TEST_MAPPING
@@ -0,0 +1,7 @@
+{
+ "avf-presubmit" : [
+ {
+ "name" : "libdm_rust.test"
+ }
+ ]
+}
diff --git a/libs/devicemapper/src/lib.rs b/libs/devicemapper/src/lib.rs
index 1bcaf1a..938ca0f 100644
--- a/libs/devicemapper/src/lib.rs
+++ b/libs/devicemapper/src/lib.rs
@@ -42,6 +42,8 @@
pub mod util;
/// Exposes the DmVerityTarget & related builder
pub mod verity;
+// Expose loopdevice
+pub mod loopdevice;
mod sys;
use sys::*;
diff --git a/libs/devicemapper/src/loopdevice.rs b/libs/devicemapper/src/loopdevice.rs
new file mode 100644
index 0000000..bdbc0f6
--- /dev/null
+++ b/libs/devicemapper/src/loopdevice.rs
@@ -0,0 +1,196 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// `loopdevice` module provides `attach` and `detach` functions that are for attaching and
+// detaching a regular file to and from a loop device. Note that
+// `loopdev`(https://crates.io/crates/loopdev) is a public alternative to this. In-house
+// implementation was chosen to make Android-specific changes (like the use of the new
+// LOOP_CONFIGURE instead of the legacy LOOP_SET_FD + LOOP_SET_STATUS64 combo which is considerably
+// slower than the former).
+
+mod sys;
+
+use crate::util::*;
+use anyhow::{Context, Result};
+use data_model::DataInit;
+use libc::O_DIRECT;
+use std::fs::{File, OpenOptions};
+use std::mem::size_of;
+use std::os::unix::fs::OpenOptionsExt;
+use std::os::unix::io::AsRawFd;
+use std::path::{Path, PathBuf};
+use std::thread;
+use std::time::{Duration, Instant};
+
+use crate::loopdevice::sys::*;
+
+// These are old-style ioctls, thus *_bad.
+nix::ioctl_none_bad!(_loop_ctl_get_free, LOOP_CTL_GET_FREE);
+nix::ioctl_write_ptr_bad!(_loop_configure, LOOP_CONFIGURE, loop_config);
+nix::ioctl_none_bad!(_loop_clr_fd, LOOP_CLR_FD);
+
+fn loop_ctl_get_free(ctrl_file: &File) -> Result<i32> {
+ // SAFETY: this ioctl changes the state in kernel, but not the state in this process.
+ // The returned device number is a global resource; not tied to this process. So, we don't
+ // need to keep track of it.
+ Ok(unsafe { _loop_ctl_get_free(ctrl_file.as_raw_fd()) }?)
+}
+
+fn loop_configure(device_file: &File, config: &loop_config) -> Result<i32> {
+ // SAFETY: this ioctl changes the state in kernel, but not the state in this process.
+ Ok(unsafe { _loop_configure(device_file.as_raw_fd(), config) }?)
+}
+
+pub fn loop_clr_fd(device_file: &File) -> Result<i32> {
+ // SAFETY: this ioctl disassociates the loop device with `device_file`, where the FD will
+ // remain opened afterward. The association itself is kept for open FDs.
+ Ok(unsafe { _loop_clr_fd(device_file.as_raw_fd()) }?)
+}
+
+/// Creates a loop device and attach the given file at `path` as the backing store.
+pub fn attach<P: AsRef<Path>>(
+ path: P,
+ offset: u64,
+ size_limit: u64,
+ direct_io: bool,
+) -> Result<PathBuf> {
+ // Attaching a file to a loop device can make a race condition; a loop device number obtained
+ // from LOOP_CTL_GET_FREE might have been used by another thread or process. In that case the
+ // subsequent LOOP_CONFIGURE ioctl returns with EBUSY. Try until it succeeds.
+ //
+ // Note that the timing parameters below are chosen rather arbitrarily. In practice (i.e.
+ // inside Microdroid) we can't experience the race condition because `apkverity` is the only
+ // user of /dev/loop-control at the moment. This loop is mostly for testing where multiple
+ // tests run concurrently.
+ const TIMEOUT: Duration = Duration::from_secs(1);
+ const INTERVAL: Duration = Duration::from_millis(10);
+
+ let begin = Instant::now();
+ loop {
+ match try_attach(&path, offset, size_limit, direct_io) {
+ Ok(loop_dev) => return Ok(loop_dev),
+ Err(e) => {
+ if begin.elapsed() > TIMEOUT {
+ return Err(e);
+ }
+ }
+ };
+ thread::sleep(INTERVAL);
+ }
+}
+
+#[cfg(not(target_os = "android"))]
+const LOOP_DEV_PREFIX: &str = "/dev/loop";
+
+#[cfg(target_os = "android")]
+const LOOP_DEV_PREFIX: &str = "/dev/block/loop";
+
+fn try_attach<P: AsRef<Path>>(
+ path: P,
+ offset: u64,
+ size_limit: u64,
+ direct_io: bool,
+) -> Result<PathBuf> {
+ // Get a free loop device
+ wait_for_path(LOOP_CONTROL)?;
+ let ctrl_file = OpenOptions::new()
+ .read(true)
+ .write(true)
+ .open(LOOP_CONTROL)
+ .context("Failed to open loop control")?;
+ let num = loop_ctl_get_free(&ctrl_file).context("Failed to get free loop device")?;
+
+ // Construct the loop_info64 struct
+ let backing_file = OpenOptions::new()
+ .read(true)
+ .custom_flags(if direct_io { O_DIRECT } else { 0 })
+ .open(&path)
+ .context(format!("failed to open {:?}", path.as_ref()))?;
+ // safe because the size of the array is the same as the size of the struct
+ let mut config: loop_config =
+ *DataInit::from_mut_slice(&mut [0; size_of::<loop_config>()]).unwrap();
+ config.fd = backing_file.as_raw_fd() as u32;
+ config.block_size = 4096;
+ config.info.lo_offset = offset;
+ config.info.lo_sizelimit = size_limit;
+ config.info.lo_flags = Flag::LO_FLAGS_READ_ONLY;
+ if direct_io {
+ config.info.lo_flags.insert(Flag::LO_FLAGS_DIRECT_IO);
+ }
+
+ // Configure the loop device to attach the backing file
+ let device_path = format!("{}{}", LOOP_DEV_PREFIX, num);
+ wait_for_path(&device_path)?;
+ let device_file = OpenOptions::new()
+ .read(true)
+ .write(true)
+ .open(&device_path)
+ .context(format!("failed to open {:?}", &device_path))?;
+ loop_configure(&device_file, &config)
+ .context(format!("Failed to configure {:?}", &device_path))?;
+
+ Ok(PathBuf::from(device_path))
+}
+
+/// Detaches backing file from the loop device `path`.
+pub fn detach<P: AsRef<Path>>(path: P) -> Result<()> {
+ let device_file = OpenOptions::new().read(true).write(true).open(&path)?;
+ loop_clr_fd(&device_file)?;
+ Ok(())
+}
+
+#[cfg(test)]
+mod tests {
+ use super::*;
+ use std::fs;
+ use std::path::Path;
+
+ fn create_empty_file(path: &Path, size: u64) {
+ let f = File::create(path).unwrap();
+ f.set_len(size).unwrap();
+ }
+
+ fn is_direct_io(dev: &Path) -> bool {
+ let dio = Path::new("/sys/block").join(dev.file_name().unwrap()).join("loop/dio");
+ "1" == fs::read_to_string(&dio).unwrap().trim()
+ }
+
+ #[test]
+ fn attach_loop_device_with_dio() {
+ let a_dir = tempfile::TempDir::new().unwrap();
+ let a_file = a_dir.path().join("test");
+ let a_size = 4096u64;
+ create_empty_file(&a_file, a_size);
+ let dev = attach(a_file, 0, a_size, /*direct_io*/ true).unwrap();
+ scopeguard::defer! {
+ detach(&dev).unwrap();
+ }
+ assert!(is_direct_io(&dev));
+ }
+
+ #[test]
+ fn attach_loop_device_without_dio() {
+ let a_dir = tempfile::TempDir::new().unwrap();
+ let a_file = a_dir.path().join("test");
+ let a_size = 4096u64;
+ create_empty_file(&a_file, a_size);
+ let dev = attach(a_file, 0, a_size, /*direct_io*/ false).unwrap();
+ scopeguard::defer! {
+ detach(&dev).unwrap();
+ }
+ assert!(!is_direct_io(&dev));
+ }
+}
diff --git a/libs/devicemapper/src/loopdevice/sys.rs b/libs/devicemapper/src/loopdevice/sys.rs
new file mode 100644
index 0000000..98b5085
--- /dev/null
+++ b/libs/devicemapper/src/loopdevice/sys.rs
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+use bitflags::bitflags;
+use data_model::DataInit;
+
+// This UAPI is copied and converted from include/uapi/linux/loop.h Note that this module doesn't
+// implement all the features introduced in loop(4). Only the features that are required to support
+// the `apkdmverity` use cases are implemented.
+
+pub const LOOP_CONTROL: &str = "/dev/loop-control";
+
+pub const LOOP_CTL_GET_FREE: libc::c_ulong = 0x4C82;
+pub const LOOP_CONFIGURE: libc::c_ulong = 0x4C0A;
+pub const LOOP_CLR_FD: libc::c_ulong = 0x4C01;
+
+#[repr(C)]
+#[derive(Copy, Clone)]
+pub struct loop_config {
+ pub fd: u32,
+ pub block_size: u32,
+ pub info: loop_info64,
+ pub reserved: [u64; 8],
+}
+
+// SAFETY: C struct is safe to be initialized from raw data
+unsafe impl DataInit for loop_config {}
+
+#[repr(C)]
+#[derive(Copy, Clone)]
+pub struct loop_info64 {
+ pub lo_device: u64,
+ pub lo_inode: u64,
+ pub lo_rdevice: u64,
+ pub lo_offset: u64,
+ pub lo_sizelimit: u64,
+ pub lo_number: u32,
+ pub lo_encrypt_type: u32,
+ pub lo_encrypt_key_size: u32,
+ pub lo_flags: Flag,
+ pub lo_file_name: [u8; LO_NAME_SIZE],
+ pub lo_crypt_name: [u8; LO_NAME_SIZE],
+ pub lo_encrypt_key: [u8; LO_KEY_SIZE],
+ pub lo_init: [u64; 2],
+}
+
+// SAFETY: C struct is safe to be initialized from raw data
+unsafe impl DataInit for loop_info64 {}
+
+bitflags! {
+ pub struct Flag: u32 {
+ const LO_FLAGS_READ_ONLY = 1 << 0;
+ const LO_FLAGS_AUTOCLEAR = 1 << 2;
+ const LO_FLAGS_PARTSCAN = 1 << 3;
+ const LO_FLAGS_DIRECT_IO = 1 << 4;
+ }
+}
+
+pub const LO_NAME_SIZE: usize = 64;
+pub const LO_KEY_SIZE: usize = 32;