Merge changes from topic "fuse_fscontext"
* changes:
Mount zipfuse with fscontext and context
zipfuse: supports mount options via -o
diff --git a/tests/hostside/java/android/virt/test/MicrodroidTestCase.java b/tests/hostside/java/android/virt/test/MicrodroidTestCase.java
index 13ca434..b3c3e27 100644
--- a/tests/hostside/java/android/virt/test/MicrodroidTestCase.java
+++ b/tests/hostside/java/android/virt/test/MicrodroidTestCase.java
@@ -177,7 +177,9 @@
assertThat(abiList.length, is(1));
final String libPath = "/mnt/apk/lib/" + abiList[0] + "/MicrodroidTestNativeLib.so";
- assertThat(executeCommandOnMicrodroid("shell ls " + libPath), is(libPath));
+ assertThat(
+ executeCommandOnMicrodroid("shell ls -Z " + libPath),
+ is("u:object_r:system_file:s0 " + libPath));
assertThat(
executeCommandOnMicrodroid(
diff --git a/zipfuse/src/main.rs b/zipfuse/src/main.rs
index 12c891c..9b70d08 100644
--- a/zipfuse/src/main.rs
+++ b/zipfuse/src/main.rs
@@ -39,35 +39,48 @@
fn main() -> Result<()> {
let matches = App::new("zipfuse")
+ .arg(
+ Arg::with_name("options")
+ .short("o")
+ .takes_value(true)
+ .required(false)
+ .help("Comma separated list of mount options")
+ )
.arg(Arg::with_name("ZIPFILE").required(true))
.arg(Arg::with_name("MOUNTPOINT").required(true))
.get_matches();
let zip_file = matches.value_of("ZIPFILE").unwrap().as_ref();
let mount_point = matches.value_of("MOUNTPOINT").unwrap().as_ref();
- run_fuse(zip_file, mount_point)?;
+ let options = matches.value_of("options");
+ run_fuse(zip_file, mount_point, options)?;
Ok(())
}
/// Runs a fuse filesystem by mounting `zip_file` on `mount_point`.
-pub fn run_fuse(zip_file: &Path, mount_point: &Path) -> Result<()> {
+pub fn run_fuse(zip_file: &Path, mount_point: &Path, extra_options: Option<&str>) -> Result<()> {
const MAX_READ: u32 = 1 << 20; // TODO(jiyong): tune this
const MAX_WRITE: u32 = 1 << 13; // This is a read-only filesystem
let dev_fuse = OpenOptions::new().read(true).write(true).open("/dev/fuse")?;
+ let mut mount_options = vec![
+ MountOption::FD(dev_fuse.as_raw_fd()),
+ MountOption::RootMode(libc::S_IFDIR | libc::S_IXUSR | libc::S_IXGRP | libc::S_IXOTH),
+ MountOption::AllowOther,
+ MountOption::UserId(0),
+ MountOption::GroupId(0),
+ MountOption::MaxRead(MAX_READ),
+ ];
+ if let Some(value) = extra_options {
+ mount_options.push(MountOption::Extra(value));
+ }
+
fuse::mount(
mount_point,
"zipfuse",
libc::MS_NOSUID | libc::MS_NODEV | libc::MS_RDONLY,
- &[
- MountOption::FD(dev_fuse.as_raw_fd()),
- MountOption::RootMode(libc::S_IFDIR | libc::S_IXUSR | libc::S_IXGRP | libc::S_IXOTH),
- MountOption::AllowOther,
- MountOption::UserId(0),
- MountOption::GroupId(0),
- MountOption::MaxRead(MAX_READ),
- ],
+ &mount_options,
)?;
Ok(fuse::worker::start_message_loop(dev_fuse, MAX_READ, MAX_WRITE, ZipFuse::new(zip_file)?)?)
}
@@ -388,7 +401,7 @@
let zip_path = PathBuf::from(zip_path);
let mnt_path = PathBuf::from(mnt_path);
std::thread::spawn(move || {
- crate::run_fuse(&zip_path, &mnt_path).unwrap();
+ crate::run_fuse(&zip_path, &mnt_path, None).unwrap();
});
}
diff --git a/zipfuse/zipfuse.rc b/zipfuse/zipfuse.rc
index 97306ea..ccd94b6 100644
--- a/zipfuse/zipfuse.rc
+++ b/zipfuse/zipfuse.rc
@@ -1,2 +1,2 @@
-service zipfuse /system/bin/zipfuse /dev/block/by-name/microdroid-apk /mnt/apk
+service zipfuse /system/bin/zipfuse -o fscontext=u:object_r:zipfusefs:s0,context=u:object_r:system_file:s0 /dev/block/by-name/microdroid-apk /mnt/apk
disabled