Merge "authfs: replace tuple w/ anonymous struct in FileConfig"
diff --git a/authfs/src/fusefs.rs b/authfs/src/fusefs.rs
index 13ec87d..fa46489 100644
--- a/authfs/src/fusefs.rs
+++ b/authfs/src/fusefs.rs
@@ -44,12 +44,27 @@
pub type Inode = u64;
type Handle = u64;
+/// `FileConfig` defines the file type supported by AuthFS.
pub enum FileConfig {
- LocalVerifiedReadonlyFile(VerifiedFileReader<LocalFileReader, LocalFileReader>, u64),
- LocalUnverifiedReadonlyFile(LocalFileReader, u64),
- RemoteVerifiedReadonlyFile(VerifiedFileReader<RemoteFileReader, RemoteMerkleTreeReader>, u64),
- RemoteUnverifiedReadonlyFile(RemoteFileReader, u64),
- RemoteVerifiedNewFile(VerifiedFileEditor<RemoteFileEditor>),
+ /// A file type that is verified against fs-verity signature (thus read-only). The file is
+ /// backed by a local file. Debug only.
+ LocalVerifiedReadonlyFile {
+ reader: VerifiedFileReader<LocalFileReader, LocalFileReader>,
+ file_size: u64,
+ },
+ /// A file type that is a read-only passthrough from a local file. Debug only.
+ LocalUnverifiedReadonlyFile { reader: LocalFileReader, file_size: u64 },
+ /// A file type that is verified against fs-verity signature (thus read-only). The file is
+ /// served from a remote server.
+ RemoteVerifiedReadonlyFile {
+ reader: VerifiedFileReader<RemoteFileReader, RemoteMerkleTreeReader>,
+ file_size: u64,
+ },
+ /// A file type that is a read-only passthrough from a file on a remote serrver.
+ RemoteUnverifiedReadonlyFile { reader: RemoteFileReader, file_size: u64 },
+ /// A file type that is initially empty, and the content is stored on a remote server. File
+ /// integrity is guaranteed with private Merkle tree.
+ RemoteVerifiedNewFile { editor: VerifiedFileEditor<RemoteFileEditor> },
}
struct AuthFs {
@@ -191,14 +206,14 @@
// be static.
let inode = num.parse::<Inode>().map_err(|_| io::Error::from_raw_os_error(libc::ENOENT))?;
let st = match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonlyFile(_, file_size)
- | FileConfig::LocalUnverifiedReadonlyFile(_, file_size)
- | FileConfig::RemoteUnverifiedReadonlyFile(_, file_size)
- | FileConfig::RemoteVerifiedReadonlyFile(_, file_size) => {
+ FileConfig::LocalVerifiedReadonlyFile { file_size, .. }
+ | FileConfig::LocalUnverifiedReadonlyFile { file_size, .. }
+ | FileConfig::RemoteUnverifiedReadonlyFile { file_size, .. }
+ | FileConfig::RemoteVerifiedReadonlyFile { file_size, .. } => {
create_stat(inode, *file_size, FileMode::ReadOnly)?
}
- FileConfig::RemoteVerifiedNewFile(file) => {
- create_stat(inode, file.size(), FileMode::ReadWrite)?
+ FileConfig::RemoteVerifiedNewFile { editor } => {
+ create_stat(inode, editor.size(), FileMode::ReadWrite)?
}
};
Ok(Entry {
@@ -218,14 +233,14 @@
) -> io::Result<(libc::stat64, Duration)> {
Ok((
match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonlyFile(_, file_size)
- | FileConfig::LocalUnverifiedReadonlyFile(_, file_size)
- | FileConfig::RemoteUnverifiedReadonlyFile(_, file_size)
- | FileConfig::RemoteVerifiedReadonlyFile(_, file_size) => {
+ FileConfig::LocalVerifiedReadonlyFile { file_size, .. }
+ | FileConfig::LocalUnverifiedReadonlyFile { file_size, .. }
+ | FileConfig::RemoteUnverifiedReadonlyFile { file_size, .. }
+ | FileConfig::RemoteVerifiedReadonlyFile { file_size, .. } => {
create_stat(inode, *file_size, FileMode::ReadOnly)?
}
- FileConfig::RemoteVerifiedNewFile(file) => {
- create_stat(inode, file.size(), FileMode::ReadWrite)?
+ FileConfig::RemoteVerifiedNewFile { editor } => {
+ create_stat(inode, editor.size(), FileMode::ReadWrite)?
}
},
DEFAULT_METADATA_TIMEOUT,
@@ -241,23 +256,23 @@
// Since file handle is not really used in later operations (which use Inode directly),
// return None as the handle.
match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonlyFile(_, _)
- | FileConfig::RemoteVerifiedReadonlyFile(_, _) => {
+ FileConfig::LocalVerifiedReadonlyFile { .. }
+ | FileConfig::RemoteVerifiedReadonlyFile { .. } => {
check_access_mode(flags, libc::O_RDONLY)?;
// Once verified, and only if verified, the file content can be cached. This is not
// really needed for a local file, but is the behavior of RemoteVerifiedReadonlyFile
// later.
Ok((None, fuse::sys::OpenOptions::KEEP_CACHE))
}
- FileConfig::LocalUnverifiedReadonlyFile(_, _)
- | FileConfig::RemoteUnverifiedReadonlyFile(_, _) => {
+ FileConfig::LocalUnverifiedReadonlyFile { .. }
+ | FileConfig::RemoteUnverifiedReadonlyFile { .. } => {
check_access_mode(flags, libc::O_RDONLY)?;
// Do not cache the content. This type of file is supposed to be verified using
// dm-verity. The filesystem mount over dm-verity already is already cached, so use
// direct I/O here to avoid double cache.
Ok((None, fuse::sys::OpenOptions::DIRECT_IO))
}
- FileConfig::RemoteVerifiedNewFile(_) => {
+ FileConfig::RemoteVerifiedNewFile { .. } => {
// No need to check access modes since all the modes are allowed to the
// read-writable file.
Ok((None, fuse::sys::OpenOptions::KEEP_CACHE))
@@ -277,22 +292,22 @@
_flags: u32,
) -> io::Result<usize> {
match self.get_file_config(&inode)? {
- FileConfig::LocalVerifiedReadonlyFile(file, file_size) => {
- read_chunks(w, file, *file_size, offset, size)
+ FileConfig::LocalVerifiedReadonlyFile { reader, file_size } => {
+ read_chunks(w, reader, *file_size, offset, size)
}
- FileConfig::LocalUnverifiedReadonlyFile(file, file_size) => {
- read_chunks(w, file, *file_size, offset, size)
+ FileConfig::LocalUnverifiedReadonlyFile { reader, file_size } => {
+ read_chunks(w, reader, *file_size, offset, size)
}
- FileConfig::RemoteVerifiedReadonlyFile(file, file_size) => {
- read_chunks(w, file, *file_size, offset, size)
+ FileConfig::RemoteVerifiedReadonlyFile { reader, file_size } => {
+ read_chunks(w, reader, *file_size, offset, size)
}
- FileConfig::RemoteUnverifiedReadonlyFile(file, file_size) => {
- read_chunks(w, file, *file_size, offset, size)
+ FileConfig::RemoteUnverifiedReadonlyFile { reader, file_size } => {
+ read_chunks(w, reader, *file_size, offset, size)
}
- FileConfig::RemoteVerifiedNewFile(file) => {
+ FileConfig::RemoteVerifiedNewFile { editor } => {
// Note that with FsOptions::WRITEBACK_CACHE, it's possible for the kernel to
// request a read even if the file is open with O_WRONLY.
- read_chunks(w, file, file.size(), offset, size)
+ read_chunks(w, editor, editor.size(), offset, size)
}
}
}
@@ -310,10 +325,10 @@
_flags: u32,
) -> io::Result<usize> {
match self.get_file_config(&inode)? {
- FileConfig::RemoteVerifiedNewFile(file) => {
+ FileConfig::RemoteVerifiedNewFile { editor } => {
let mut buf = vec![0; size as usize];
r.read_exact(&mut buf)?;
- file.write_at(&buf, offset)
+ editor.write_at(&buf, offset)
}
_ => Err(io::Error::from_raw_os_error(libc::EBADF)),
}
diff --git a/authfs/src/main.rs b/authfs/src/main.rs
index a4b0d40..0db73e9 100644
--- a/authfs/src/main.rs
+++ b/authfs/src/main.rs
@@ -207,8 +207,8 @@
let service = Arc::new(Mutex::new(service));
let authenticator = FakeAuthenticator::always_succeed();
- Ok(FileConfig::RemoteVerifiedReadonlyFile(
- VerifiedFileReader::new(
+ Ok(FileConfig::RemoteVerifiedReadonlyFile {
+ reader: VerifiedFileReader::new(
&authenticator,
RemoteFileReader::new(Arc::clone(&service), remote_id),
file_size,
@@ -216,13 +216,12 @@
RemoteMerkleTreeReader::new(Arc::clone(&service), remote_id),
)?,
file_size,
- ))
+ })
}
fn new_config_remote_unverified_file(remote_id: i32, file_size: u64) -> Result<FileConfig> {
- let file_reader =
- RemoteFileReader::new(Arc::new(Mutex::new(file::get_local_binder())), remote_id);
- Ok(FileConfig::RemoteUnverifiedReadonlyFile(file_reader, file_size))
+ let reader = RemoteFileReader::new(Arc::new(Mutex::new(file::get_local_binder())), remote_id);
+ Ok(FileConfig::RemoteUnverifiedReadonlyFile { reader, file_size })
}
fn new_config_local_ro_file(
@@ -237,21 +236,21 @@
let authenticator = FakeAuthenticator::always_succeed();
let mut sig = Vec::new();
let _ = File::open(signature)?.read_to_end(&mut sig)?;
- let file_reader =
+ let reader =
VerifiedFileReader::new(&authenticator, file_reader, file_size, sig, merkle_tree_reader)?;
- Ok(FileConfig::LocalVerifiedReadonlyFile(file_reader, file_size))
+ Ok(FileConfig::LocalVerifiedReadonlyFile { reader, file_size })
}
fn new_config_local_ro_file_unverified(file_path: &PathBuf) -> Result<FileConfig> {
- let file_reader = LocalFileReader::new(File::open(file_path)?)?;
- let file_size = file_reader.len();
- Ok(FileConfig::LocalUnverifiedReadonlyFile(file_reader, file_size))
+ let reader = LocalFileReader::new(File::open(file_path)?)?;
+ let file_size = reader.len();
+ Ok(FileConfig::LocalUnverifiedReadonlyFile { reader, file_size })
}
fn new_config_remote_new_verified_file(remote_id: i32) -> Result<FileConfig> {
let remote_file =
RemoteFileEditor::new(Arc::new(Mutex::new(file::get_local_binder())), remote_id);
- Ok(FileConfig::RemoteVerifiedNewFile(VerifiedFileEditor::new(remote_file)))
+ Ok(FileConfig::RemoteVerifiedNewFile { editor: VerifiedFileEditor::new(remote_file) })
}
fn prepare_file_pool(args: &Args) -> Result<BTreeMap<Inode, FileConfig>> {