Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2021 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | use anyhow::Result; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 18 | use log::{debug, error, warn}; |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 19 | use std::collections::{btree_map, BTreeMap, HashMap}; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 20 | use std::convert::TryFrom; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 21 | use std::ffi::{CStr, OsStr}; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 22 | use std::fs::OpenOptions; |
| 23 | use std::io; |
| 24 | use std::mem::MaybeUninit; |
| 25 | use std::option::Option; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 26 | use std::os::unix::{ffi::OsStrExt, io::AsRawFd}; |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 27 | use std::path::{Path, PathBuf}; |
| 28 | use std::sync::Mutex; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 29 | use std::time::Duration; |
| 30 | |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 31 | use fuse::filesystem::{ |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 32 | Context, DirEntry, DirectoryIterator, Entry, FileSystem, FsOptions, GetxattrReply, |
| 33 | SetattrValid, ZeroCopyReader, ZeroCopyWriter, |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 34 | }; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 35 | use fuse::mount::MountOption; |
| 36 | |
Victor Hsieh | ac4f3f4 | 2021-02-26 12:35:58 -0800 | [diff] [blame] | 37 | use crate::common::{divide_roundup, ChunkedSizeIter, CHUNK_SIZE}; |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 38 | use crate::file::{ |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 39 | RandomWrite, ReadByChunk, RemoteDirEditor, RemoteFileEditor, RemoteFileReader, |
| 40 | RemoteMerkleTreeReader, |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 41 | }; |
| 42 | use crate::fsverity::{VerifiedFileEditor, VerifiedFileReader}; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 43 | |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 44 | pub type Inode = u64; |
| 45 | type Handle = u64; |
| 46 | |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 47 | const DEFAULT_METADATA_TIMEOUT: Duration = Duration::from_secs(5); |
| 48 | const ROOT_INODE: Inode = 1; |
| 49 | |
Victor Hsieh | 766e533 | 2021-11-09 09:41:25 -0800 | [diff] [blame^] | 50 | /// Maximum bytes in the write transaction to the FUSE device. This limits the maximum buffer |
| 51 | /// size in a read request (including FUSE protocol overhead) that the filesystem writes to. |
| 52 | const MAX_WRITE_BYTES: u32 = 65536; |
| 53 | |
| 54 | /// Maximum bytes in a read operation. |
| 55 | /// TODO(victorhsieh): This option is deprecated by FUSE. Figure out if we can remove this. |
| 56 | const MAX_READ_BYTES: u32 = 65536; |
| 57 | |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 58 | /// `AuthFsEntry` defines the filesystem entry type supported by AuthFS. |
| 59 | pub enum AuthFsEntry { |
Victor Hsieh | 1bcf411 | 2021-03-19 14:26:57 -0700 | [diff] [blame] | 60 | /// A file type that is verified against fs-verity signature (thus read-only). The file is |
Victor Hsieh | 1bcf411 | 2021-03-19 14:26:57 -0700 | [diff] [blame] | 61 | /// served from a remote server. |
Victor Hsieh | 88e5017 | 2021-10-15 13:27:13 -0700 | [diff] [blame] | 62 | VerifiedReadonly { |
Victor Hsieh | 1bcf411 | 2021-03-19 14:26:57 -0700 | [diff] [blame] | 63 | reader: VerifiedFileReader<RemoteFileReader, RemoteMerkleTreeReader>, |
| 64 | file_size: u64, |
| 65 | }, |
| 66 | /// A file type that is a read-only passthrough from a file on a remote serrver. |
Victor Hsieh | 88e5017 | 2021-10-15 13:27:13 -0700 | [diff] [blame] | 67 | UnverifiedReadonly { reader: RemoteFileReader, file_size: u64 }, |
Victor Hsieh | 1bcf411 | 2021-03-19 14:26:57 -0700 | [diff] [blame] | 68 | /// A file type that is initially empty, and the content is stored on a remote server. File |
| 69 | /// integrity is guaranteed with private Merkle tree. |
Victor Hsieh | 88e5017 | 2021-10-15 13:27:13 -0700 | [diff] [blame] | 70 | VerifiedNew { editor: VerifiedFileEditor<RemoteFileEditor> }, |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 71 | /// A directory type that is initially empty. One can create new file (`VerifiedNew`) and new |
| 72 | /// directory (`VerifiedNewDirectory` itself) with integrity guaranteed within the VM. |
| 73 | VerifiedNewDirectory { dir: RemoteDirEditor }, |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 74 | } |
| 75 | |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 76 | // AuthFS needs to be `Sync` to be accepted by fuse::worker::start_message_loop as a `FileSystem`. |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 77 | struct AuthFs { |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 78 | /// Table for `Inode` to `AuthFsEntry` lookup. This needs to be `Sync` to be used in |
| 79 | /// `fuse::worker::start_message_loop`. |
| 80 | inode_table: Mutex<BTreeMap<Inode, AuthFsEntry>>, |
| 81 | |
| 82 | /// Root directory entry table for path to `Inode` lookup. The root directory content should |
| 83 | /// remain constant throughout the filesystem's lifetime. |
| 84 | root_entries: HashMap<PathBuf, Inode>, |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 85 | } |
| 86 | |
| 87 | impl AuthFs { |
Victor Hsieh | 766e533 | 2021-11-09 09:41:25 -0800 | [diff] [blame^] | 88 | pub fn new(root_entries_by_path: HashMap<PathBuf, AuthFsEntry>) -> AuthFs { |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 89 | let mut next_inode = ROOT_INODE + 1; |
| 90 | let mut inode_table = BTreeMap::new(); |
| 91 | let mut root_entries = HashMap::new(); |
| 92 | |
| 93 | root_entries_by_path.into_iter().for_each(|(path_buf, entry)| { |
| 94 | next_inode += 1; |
| 95 | root_entries.insert(path_buf, next_inode); |
| 96 | inode_table.insert(next_inode, entry); |
| 97 | }); |
| 98 | |
Victor Hsieh | 766e533 | 2021-11-09 09:41:25 -0800 | [diff] [blame^] | 99 | AuthFs { inode_table: Mutex::new(inode_table), root_entries } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 100 | } |
| 101 | |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 102 | /// Handles the file associated with `inode` if found. This function returns whatever |
| 103 | /// `handle_fn` returns. |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 104 | fn handle_inode<F, R>(&self, inode: &Inode, handle_fn: F) -> io::Result<R> |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 105 | where |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 106 | F: FnOnce(&AuthFsEntry) -> io::Result<R>, |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 107 | { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 108 | let inode_table = self.inode_table.lock().unwrap(); |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 109 | let config = |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 110 | inode_table.get(inode).ok_or_else(|| io::Error::from_raw_os_error(libc::ENOENT))?; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 111 | handle_fn(config) |
| 112 | } |
| 113 | |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 114 | /// Inserts a new inode and corresponding `AuthFsEntry` created by `create_fn` to the inode |
| 115 | /// table, then returns the new inode number. |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 116 | fn insert_new_inode<F>(&self, inode: &Inode, create_fn: F) -> io::Result<Inode> |
| 117 | where |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 118 | F: FnOnce(&mut AuthFsEntry) -> io::Result<(Inode, AuthFsEntry)>, |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 119 | { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 120 | let mut inode_table = self.inode_table.lock().unwrap(); |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 121 | let mut config = |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 122 | inode_table.get_mut(inode).ok_or_else(|| io::Error::from_raw_os_error(libc::ENOENT))?; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 123 | let (new_inode, new_file_config) = create_fn(&mut config)?; |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 124 | if let btree_map::Entry::Vacant(entry) = inode_table.entry(new_inode) { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 125 | entry.insert(new_file_config); |
| 126 | Ok(new_inode) |
| 127 | } else { |
| 128 | // We can't assume fd_server is trusted, so the returned FD may collide with existing |
| 129 | // one, even when we are creating a new file. Do not override an existing FD. In terms |
| 130 | // of security, it is better to "leak" the file created earlier, than returning an |
| 131 | // existing inode as a new file. |
| 132 | error!("Inode {} already exists, do not override", new_inode); |
| 133 | Err(io::Error::from_raw_os_error(libc::EIO)) |
| 134 | } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 135 | } |
| 136 | } |
| 137 | |
| 138 | fn check_access_mode(flags: u32, mode: libc::c_int) -> io::Result<()> { |
| 139 | if (flags & libc::O_ACCMODE as u32) == mode as u32 { |
| 140 | Ok(()) |
| 141 | } else { |
| 142 | Err(io::Error::from_raw_os_error(libc::EACCES)) |
| 143 | } |
| 144 | } |
| 145 | |
| 146 | cfg_if::cfg_if! { |
| 147 | if #[cfg(all(target_arch = "aarch64", target_pointer_width = "64"))] { |
Victor Hsieh | da3fbc4 | 2021-02-23 16:12:49 -0800 | [diff] [blame] | 148 | fn blk_size() -> libc::c_int { CHUNK_SIZE as libc::c_int } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 149 | } else { |
Victor Hsieh | da3fbc4 | 2021-02-23 16:12:49 -0800 | [diff] [blame] | 150 | fn blk_size() -> libc::c_long { CHUNK_SIZE as libc::c_long } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 151 | } |
| 152 | } |
| 153 | |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 154 | #[allow(clippy::enum_variant_names)] |
| 155 | enum AccessMode { |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 156 | ReadOnly, |
| 157 | ReadWrite, |
| 158 | } |
| 159 | |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 160 | fn create_stat( |
| 161 | ino: libc::ino_t, |
| 162 | file_size: u64, |
| 163 | access_mode: AccessMode, |
| 164 | ) -> io::Result<libc::stat64> { |
| 165 | // SAFETY: stat64 is a plan C struct without pointer. |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 166 | let mut st = unsafe { MaybeUninit::<libc::stat64>::zeroed().assume_init() }; |
| 167 | |
| 168 | st.st_ino = ino; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 169 | st.st_mode = match access_mode { |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 170 | // Until needed, let's just grant the owner access. |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 171 | // TODO(205169366): Implement mode properly. |
| 172 | AccessMode::ReadOnly => libc::S_IFREG | libc::S_IRUSR, |
| 173 | AccessMode::ReadWrite => libc::S_IFREG | libc::S_IRUSR | libc::S_IWUSR, |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 174 | }; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 175 | st.st_nlink = 1; |
| 176 | st.st_uid = 0; |
| 177 | st.st_gid = 0; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 178 | st.st_size = libc::off64_t::try_from(file_size) |
| 179 | .map_err(|_| io::Error::from_raw_os_error(libc::EFBIG))?; |
| 180 | st.st_blksize = blk_size(); |
| 181 | // Per man stat(2), st_blocks is "Number of 512B blocks allocated". |
| 182 | st.st_blocks = libc::c_longlong::try_from(divide_roundup(file_size, 512)) |
| 183 | .map_err(|_| io::Error::from_raw_os_error(libc::EFBIG))?; |
| 184 | Ok(st) |
| 185 | } |
| 186 | |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 187 | fn create_dir_stat(ino: libc::ino_t, file_number: u16) -> io::Result<libc::stat64> { |
| 188 | // SAFETY: stat64 is a plan C struct without pointer. |
| 189 | let mut st = unsafe { MaybeUninit::<libc::stat64>::zeroed().assume_init() }; |
| 190 | |
| 191 | st.st_ino = ino; |
| 192 | // TODO(205169366): Implement mode properly. |
| 193 | st.st_mode = libc::S_IFDIR |
| 194 | | libc::S_IXUSR |
| 195 | | libc::S_IWUSR |
| 196 | | libc::S_IRUSR |
| 197 | | libc::S_IXGRP |
| 198 | | libc::S_IXOTH; |
| 199 | |
| 200 | // 2 extra for . and .. |
| 201 | st.st_nlink = file_number |
| 202 | .checked_add(2) |
| 203 | .ok_or_else(|| io::Error::from_raw_os_error(libc::EOVERFLOW))? |
| 204 | .into(); |
| 205 | |
| 206 | st.st_uid = 0; |
| 207 | st.st_gid = 0; |
| 208 | Ok(st) |
| 209 | } |
| 210 | |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 211 | fn offset_to_chunk_index(offset: u64) -> u64 { |
Victor Hsieh | da3fbc4 | 2021-02-23 16:12:49 -0800 | [diff] [blame] | 212 | offset / CHUNK_SIZE |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 213 | } |
| 214 | |
Victor Hsieh | d0bb5d3 | 2021-03-19 12:48:03 -0700 | [diff] [blame] | 215 | fn read_chunks<W: io::Write, T: ReadByChunk>( |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 216 | mut w: W, |
| 217 | file: &T, |
| 218 | file_size: u64, |
| 219 | offset: u64, |
| 220 | size: u32, |
| 221 | ) -> io::Result<usize> { |
| 222 | let remaining = file_size.saturating_sub(offset); |
| 223 | let size_to_read = std::cmp::min(size as usize, remaining as usize); |
Victor Hsieh | ac4f3f4 | 2021-02-26 12:35:58 -0800 | [diff] [blame] | 224 | let total = ChunkedSizeIter::new(size_to_read, offset, CHUNK_SIZE as usize).try_fold( |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 225 | 0, |
| 226 | |total, (current_offset, planned_data_size)| { |
| 227 | // TODO(victorhsieh): There might be a non-trivial way to avoid this copy. For example, |
| 228 | // instead of accepting a buffer, the writer could expose the final destination buffer |
| 229 | // for the reader to write to. It might not be generally applicable though, e.g. with |
| 230 | // virtio transport, the buffer may not be continuous. |
Victor Hsieh | da3fbc4 | 2021-02-23 16:12:49 -0800 | [diff] [blame] | 231 | let mut buf = [0u8; CHUNK_SIZE as usize]; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 232 | let read_size = file.read_chunk(offset_to_chunk_index(current_offset), &mut buf)?; |
| 233 | if read_size < planned_data_size { |
| 234 | return Err(io::Error::from_raw_os_error(libc::ENODATA)); |
| 235 | } |
| 236 | |
Victor Hsieh | da3fbc4 | 2021-02-23 16:12:49 -0800 | [diff] [blame] | 237 | let begin = (current_offset % CHUNK_SIZE) as usize; |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 238 | let end = begin + planned_data_size; |
| 239 | let s = w.write(&buf[begin..end])?; |
| 240 | if s != planned_data_size { |
| 241 | return Err(io::Error::from_raw_os_error(libc::EIO)); |
| 242 | } |
| 243 | Ok(total + s) |
| 244 | }, |
| 245 | )?; |
| 246 | |
| 247 | Ok(total) |
| 248 | } |
| 249 | |
| 250 | // No need to support enumerating directory entries. |
| 251 | struct EmptyDirectoryIterator {} |
| 252 | |
| 253 | impl DirectoryIterator for EmptyDirectoryIterator { |
| 254 | fn next(&mut self) -> Option<DirEntry> { |
| 255 | None |
| 256 | } |
| 257 | } |
| 258 | |
| 259 | impl FileSystem for AuthFs { |
| 260 | type Inode = Inode; |
| 261 | type Handle = Handle; |
| 262 | type DirIter = EmptyDirectoryIterator; |
| 263 | |
| 264 | fn max_buffer_size(&self) -> u32 { |
Victor Hsieh | 766e533 | 2021-11-09 09:41:25 -0800 | [diff] [blame^] | 265 | MAX_WRITE_BYTES |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 266 | } |
| 267 | |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 268 | fn init(&self, _capable: FsOptions) -> io::Result<FsOptions> { |
| 269 | // Enable writeback cache for better performance especially since our bandwidth to the |
| 270 | // backend service is limited. |
| 271 | Ok(FsOptions::WRITEBACK_CACHE) |
| 272 | } |
| 273 | |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 274 | fn lookup(&self, _ctx: Context, parent: Inode, name: &CStr) -> io::Result<Entry> { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 275 | if parent == ROOT_INODE { |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 276 | let inode = *self |
| 277 | .root_entries |
| 278 | .get(cstr_to_path(name)) |
| 279 | .ok_or_else(|| io::Error::from_raw_os_error(libc::ENOENT))?; |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 280 | // Normally, `lookup` is required to increase a reference count for the inode (while |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 281 | // `forget` will decrease it). It is not yet necessary until we start to support |
| 282 | // deletion (only for `VerifiedNewDirectory`). |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 283 | let st = self.handle_inode(&inode, |config| match config { |
| 284 | AuthFsEntry::UnverifiedReadonly { file_size, .. } |
| 285 | | AuthFsEntry::VerifiedReadonly { file_size, .. } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 286 | create_stat(inode, *file_size, AccessMode::ReadOnly) |
| 287 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 288 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 289 | create_stat(inode, editor.size(), AccessMode::ReadWrite) |
| 290 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 291 | AuthFsEntry::VerifiedNewDirectory { dir } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 292 | create_dir_stat(inode, dir.number_of_entries()) |
| 293 | } |
| 294 | })?; |
| 295 | Ok(Entry { |
| 296 | inode, |
| 297 | generation: 0, |
| 298 | attr: st, |
| 299 | entry_timeout: DEFAULT_METADATA_TIMEOUT, |
| 300 | attr_timeout: DEFAULT_METADATA_TIMEOUT, |
| 301 | }) |
| 302 | } else { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 303 | let inode = self.handle_inode(&parent, |config| match config { |
| 304 | AuthFsEntry::VerifiedNewDirectory { dir } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 305 | let path: &Path = cstr_to_path(name); |
| 306 | dir.find_inode(path).ok_or_else(|| io::Error::from_raw_os_error(libc::ENOENT)) |
| 307 | } |
| 308 | _ => Err(io::Error::from_raw_os_error(libc::ENOTDIR)), |
| 309 | })?; |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 310 | let st = self.handle_inode(&inode, |config| match config { |
| 311 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 312 | create_stat(inode, editor.size(), AccessMode::ReadWrite) |
| 313 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 314 | AuthFsEntry::VerifiedNewDirectory { dir } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 315 | create_dir_stat(inode, dir.number_of_entries()) |
| 316 | } |
| 317 | _ => Err(io::Error::from_raw_os_error(libc::EBADF)), |
| 318 | })?; |
| 319 | Ok(Entry { |
| 320 | inode, |
| 321 | generation: 0, |
| 322 | attr: st, |
| 323 | entry_timeout: DEFAULT_METADATA_TIMEOUT, |
| 324 | attr_timeout: DEFAULT_METADATA_TIMEOUT, |
| 325 | }) |
| 326 | } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 327 | } |
| 328 | |
| 329 | fn getattr( |
| 330 | &self, |
| 331 | _ctx: Context, |
| 332 | inode: Inode, |
| 333 | _handle: Option<Handle>, |
| 334 | ) -> io::Result<(libc::stat64, Duration)> { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 335 | self.handle_inode(&inode, |config| { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 336 | Ok(( |
| 337 | match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 338 | AuthFsEntry::UnverifiedReadonly { file_size, .. } |
| 339 | | AuthFsEntry::VerifiedReadonly { file_size, .. } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 340 | create_stat(inode, *file_size, AccessMode::ReadOnly)? |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 341 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 342 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 343 | create_stat(inode, editor.size(), AccessMode::ReadWrite)? |
| 344 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 345 | AuthFsEntry::VerifiedNewDirectory { dir } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 346 | create_dir_stat(inode, dir.number_of_entries())? |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 347 | } |
| 348 | }, |
| 349 | DEFAULT_METADATA_TIMEOUT, |
| 350 | )) |
| 351 | }) |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 352 | } |
| 353 | |
| 354 | fn open( |
| 355 | &self, |
| 356 | _ctx: Context, |
| 357 | inode: Self::Inode, |
| 358 | flags: u32, |
| 359 | ) -> io::Result<(Option<Self::Handle>, fuse::sys::OpenOptions)> { |
| 360 | // Since file handle is not really used in later operations (which use Inode directly), |
Victor Hsieh | 09e2626 | 2021-03-03 16:00:55 -0800 | [diff] [blame] | 361 | // return None as the handle. |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 362 | self.handle_inode(&inode, |config| { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 363 | match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 364 | AuthFsEntry::VerifiedReadonly { .. } | AuthFsEntry::UnverifiedReadonly { .. } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 365 | check_access_mode(flags, libc::O_RDONLY)?; |
| 366 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 367 | AuthFsEntry::VerifiedNew { .. } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 368 | // No need to check access modes since all the modes are allowed to the |
| 369 | // read-writable file. |
| 370 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 371 | AuthFsEntry::VerifiedNewDirectory { .. } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 372 | // TODO(victorhsieh): implement when needed. |
| 373 | return Err(io::Error::from_raw_os_error(libc::ENOSYS)); |
| 374 | } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 375 | } |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 376 | // Always cache the file content. There is currently no need to support direct I/O or |
| 377 | // avoid the cache buffer. Memory mapping is only possible with cache enabled. |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 378 | Ok((None, fuse::sys::OpenOptions::KEEP_CACHE)) |
| 379 | }) |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 380 | } |
| 381 | |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 382 | fn create( |
| 383 | &self, |
| 384 | _ctx: Context, |
| 385 | parent: Self::Inode, |
| 386 | name: &CStr, |
| 387 | _mode: u32, |
| 388 | _flags: u32, |
| 389 | _umask: u32, |
| 390 | ) -> io::Result<(Entry, Option<Self::Handle>, fuse::sys::OpenOptions)> { |
| 391 | // TODO(205169366): Implement mode properly. |
| 392 | // TODO(205172873): handle O_TRUNC and O_EXCL properly. |
| 393 | let new_inode = self.insert_new_inode(&parent, |config| match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 394 | AuthFsEntry::VerifiedNewDirectory { dir } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 395 | let basename: &Path = cstr_to_path(name); |
| 396 | if dir.find_inode(basename).is_some() { |
| 397 | return Err(io::Error::from_raw_os_error(libc::EEXIST)); |
| 398 | } |
| 399 | let (new_inode, new_file) = dir.create_file(basename)?; |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 400 | Ok((new_inode, AuthFsEntry::VerifiedNew { editor: new_file })) |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 401 | } |
| 402 | _ => Err(io::Error::from_raw_os_error(libc::EBADF)), |
| 403 | })?; |
| 404 | |
| 405 | Ok(( |
| 406 | Entry { |
| 407 | inode: new_inode, |
| 408 | generation: 0, |
| 409 | attr: create_stat(new_inode, /* file_size */ 0, AccessMode::ReadWrite)?, |
| 410 | entry_timeout: DEFAULT_METADATA_TIMEOUT, |
| 411 | attr_timeout: DEFAULT_METADATA_TIMEOUT, |
| 412 | }, |
| 413 | // See also `open`. |
| 414 | /* handle */ None, |
| 415 | fuse::sys::OpenOptions::KEEP_CACHE, |
| 416 | )) |
| 417 | } |
| 418 | |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 419 | fn read<W: io::Write + ZeroCopyWriter>( |
| 420 | &self, |
| 421 | _ctx: Context, |
| 422 | inode: Inode, |
| 423 | _handle: Handle, |
| 424 | w: W, |
| 425 | size: u32, |
| 426 | offset: u64, |
| 427 | _lock_owner: Option<u64>, |
| 428 | _flags: u32, |
| 429 | ) -> io::Result<usize> { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 430 | self.handle_inode(&inode, |config| { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 431 | match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 432 | AuthFsEntry::VerifiedReadonly { reader, file_size } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 433 | read_chunks(w, reader, *file_size, offset, size) |
| 434 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 435 | AuthFsEntry::UnverifiedReadonly { reader, file_size } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 436 | read_chunks(w, reader, *file_size, offset, size) |
| 437 | } |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 438 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 439 | // Note that with FsOptions::WRITEBACK_CACHE, it's possible for the kernel to |
| 440 | // request a read even if the file is open with O_WRONLY. |
| 441 | read_chunks(w, editor, editor.size(), offset, size) |
| 442 | } |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 443 | _ => Err(io::Error::from_raw_os_error(libc::EBADF)), |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 444 | } |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 445 | }) |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 446 | } |
| 447 | |
| 448 | fn write<R: io::Read + ZeroCopyReader>( |
| 449 | &self, |
| 450 | _ctx: Context, |
| 451 | inode: Self::Inode, |
| 452 | _handle: Self::Handle, |
| 453 | mut r: R, |
| 454 | size: u32, |
| 455 | offset: u64, |
| 456 | _lock_owner: Option<u64>, |
| 457 | _delayed_write: bool, |
| 458 | _flags: u32, |
| 459 | ) -> io::Result<usize> { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 460 | self.handle_inode(&inode, |config| match config { |
| 461 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 462 | let mut buf = vec![0; size as usize]; |
| 463 | r.read_exact(&mut buf)?; |
Victor Hsieh | 1bcf411 | 2021-03-19 14:26:57 -0700 | [diff] [blame] | 464 | editor.write_at(&buf, offset) |
Victor Hsieh | 6a47e7f | 2021-03-03 15:53:49 -0800 | [diff] [blame] | 465 | } |
| 466 | _ => Err(io::Error::from_raw_os_error(libc::EBADF)), |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 467 | }) |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 468 | } |
Victor Hsieh | 9d0ab62 | 2021-04-26 17:07:02 -0700 | [diff] [blame] | 469 | |
| 470 | fn setattr( |
| 471 | &self, |
| 472 | _ctx: Context, |
| 473 | inode: Inode, |
| 474 | attr: libc::stat64, |
| 475 | _handle: Option<Handle>, |
| 476 | valid: SetattrValid, |
| 477 | ) -> io::Result<(libc::stat64, Duration)> { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 478 | self.handle_inode(&inode, |config| { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 479 | match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 480 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 481 | // Initialize the default stat. |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 482 | let mut new_attr = create_stat(inode, editor.size(), AccessMode::ReadWrite)?; |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 483 | // `valid` indicates what fields in `attr` are valid. Update to return correctly. |
| 484 | if valid.contains(SetattrValid::SIZE) { |
| 485 | // st_size is i64, but the cast should be safe since kernel should not give a |
| 486 | // negative size. |
| 487 | debug_assert!(attr.st_size >= 0); |
| 488 | new_attr.st_size = attr.st_size; |
| 489 | editor.resize(attr.st_size as u64)?; |
| 490 | } |
Victor Hsieh | 9d0ab62 | 2021-04-26 17:07:02 -0700 | [diff] [blame] | 491 | |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 492 | if valid.contains(SetattrValid::MODE) { |
| 493 | warn!("Changing st_mode is not currently supported"); |
| 494 | return Err(io::Error::from_raw_os_error(libc::ENOSYS)); |
| 495 | } |
| 496 | if valid.contains(SetattrValid::UID) { |
| 497 | warn!("Changing st_uid is not currently supported"); |
| 498 | return Err(io::Error::from_raw_os_error(libc::ENOSYS)); |
| 499 | } |
| 500 | if valid.contains(SetattrValid::GID) { |
| 501 | warn!("Changing st_gid is not currently supported"); |
| 502 | return Err(io::Error::from_raw_os_error(libc::ENOSYS)); |
| 503 | } |
| 504 | if valid.contains(SetattrValid::CTIME) { |
| 505 | debug!( |
| 506 | "Ignoring ctime change as authfs does not maintain timestamp currently" |
| 507 | ); |
| 508 | } |
| 509 | if valid.intersects(SetattrValid::ATIME | SetattrValid::ATIME_NOW) { |
| 510 | debug!( |
| 511 | "Ignoring atime change as authfs does not maintain timestamp currently" |
| 512 | ); |
| 513 | } |
| 514 | if valid.intersects(SetattrValid::MTIME | SetattrValid::MTIME_NOW) { |
| 515 | debug!( |
| 516 | "Ignoring mtime change as authfs does not maintain timestamp currently" |
| 517 | ); |
| 518 | } |
| 519 | Ok((new_attr, DEFAULT_METADATA_TIMEOUT)) |
Victor Hsieh | 9d0ab62 | 2021-04-26 17:07:02 -0700 | [diff] [blame] | 520 | } |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 521 | _ => Err(io::Error::from_raw_os_error(libc::EBADF)), |
Victor Hsieh | 9d0ab62 | 2021-04-26 17:07:02 -0700 | [diff] [blame] | 522 | } |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 523 | }) |
Victor Hsieh | 9d0ab62 | 2021-04-26 17:07:02 -0700 | [diff] [blame] | 524 | } |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 525 | |
| 526 | fn getxattr( |
| 527 | &self, |
| 528 | _ctx: Context, |
| 529 | inode: Self::Inode, |
| 530 | name: &CStr, |
| 531 | size: u32, |
| 532 | ) -> io::Result<GetxattrReply> { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 533 | self.handle_inode(&inode, |config| { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 534 | match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 535 | AuthFsEntry::VerifiedNew { editor } => { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 536 | // FUSE ioctl is limited, thus we can't implement fs-verity ioctls without a kernel |
| 537 | // change (see b/196635431). Until it's possible, use xattr to expose what we need |
| 538 | // as an authfs specific API. |
| 539 | if name != CStr::from_bytes_with_nul(b"authfs.fsverity.digest\0").unwrap() { |
| 540 | return Err(io::Error::from_raw_os_error(libc::ENODATA)); |
| 541 | } |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 542 | |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 543 | if size == 0 { |
| 544 | // Per protocol, when size is 0, return the value size. |
| 545 | Ok(GetxattrReply::Count(editor.get_fsverity_digest_size() as u32)) |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 546 | } else { |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 547 | let digest = editor.calculate_fsverity_digest()?; |
| 548 | if digest.len() > size as usize { |
| 549 | Err(io::Error::from_raw_os_error(libc::ERANGE)) |
| 550 | } else { |
| 551 | Ok(GetxattrReply::Value(digest.to_vec())) |
| 552 | } |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 553 | } |
| 554 | } |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 555 | _ => Err(io::Error::from_raw_os_error(libc::ENODATA)), |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 556 | } |
Victor Hsieh | c85e4ef | 2021-10-18 15:28:53 -0700 | [diff] [blame] | 557 | }) |
Victor Hsieh | 71f1003 | 2021-08-13 11:24:02 -0700 | [diff] [blame] | 558 | } |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 559 | |
| 560 | fn mkdir( |
| 561 | &self, |
| 562 | _ctx: Context, |
| 563 | parent: Self::Inode, |
| 564 | name: &CStr, |
| 565 | _mode: u32, |
| 566 | _umask: u32, |
| 567 | ) -> io::Result<Entry> { |
| 568 | // TODO(205169366): Implement mode properly. |
| 569 | let new_inode = self.insert_new_inode(&parent, |config| match config { |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 570 | AuthFsEntry::VerifiedNewDirectory { dir } => { |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 571 | let basename: &Path = cstr_to_path(name); |
| 572 | if dir.find_inode(basename).is_some() { |
| 573 | return Err(io::Error::from_raw_os_error(libc::EEXIST)); |
| 574 | } |
| 575 | let (new_inode, new_dir) = dir.mkdir(basename)?; |
Victor Hsieh | 26cea2f | 2021-11-03 10:28:33 -0700 | [diff] [blame] | 576 | Ok((new_inode, AuthFsEntry::VerifiedNewDirectory { dir: new_dir })) |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 577 | } |
| 578 | _ => Err(io::Error::from_raw_os_error(libc::EBADF)), |
| 579 | })?; |
| 580 | |
| 581 | Ok(Entry { |
| 582 | inode: new_inode, |
| 583 | generation: 0, |
| 584 | attr: create_dir_stat(new_inode, /* file_number */ 0)?, |
| 585 | entry_timeout: DEFAULT_METADATA_TIMEOUT, |
| 586 | attr_timeout: DEFAULT_METADATA_TIMEOUT, |
| 587 | }) |
| 588 | } |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 589 | } |
| 590 | |
| 591 | /// Mount and start the FUSE instance. This requires CAP_SYS_ADMIN. |
| 592 | pub fn loop_forever( |
Victor Hsieh | 60c2f41 | 2021-11-03 13:02:19 -0700 | [diff] [blame] | 593 | root_entries: HashMap<PathBuf, AuthFsEntry>, |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 594 | mountpoint: &Path, |
Victor Hsieh | 4cc3b79 | 2021-08-04 12:00:04 -0700 | [diff] [blame] | 595 | extra_options: &Option<String>, |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 596 | ) -> Result<(), fuse::Error> { |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 597 | let dev_fuse = OpenOptions::new() |
| 598 | .read(true) |
| 599 | .write(true) |
| 600 | .open("/dev/fuse") |
| 601 | .expect("Failed to open /dev/fuse"); |
| 602 | |
Victor Hsieh | 4cc3b79 | 2021-08-04 12:00:04 -0700 | [diff] [blame] | 603 | let mut mount_options = vec![ |
| 604 | MountOption::FD(dev_fuse.as_raw_fd()), |
| 605 | MountOption::RootMode(libc::S_IFDIR | libc::S_IXUSR | libc::S_IXGRP | libc::S_IXOTH), |
| 606 | MountOption::AllowOther, |
| 607 | MountOption::UserId(0), |
| 608 | MountOption::GroupId(0), |
Victor Hsieh | 766e533 | 2021-11-09 09:41:25 -0800 | [diff] [blame^] | 609 | MountOption::MaxRead(MAX_READ_BYTES), |
Victor Hsieh | 4cc3b79 | 2021-08-04 12:00:04 -0700 | [diff] [blame] | 610 | ]; |
| 611 | if let Some(value) = extra_options { |
| 612 | mount_options.push(MountOption::Extra(value)); |
| 613 | } |
| 614 | |
| 615 | fuse::mount(mountpoint, "authfs", libc::MS_NOSUID | libc::MS_NODEV, &mount_options) |
| 616 | .expect("Failed to mount fuse"); |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 617 | |
| 618 | fuse::worker::start_message_loop( |
| 619 | dev_fuse, |
Victor Hsieh | 766e533 | 2021-11-09 09:41:25 -0800 | [diff] [blame^] | 620 | MAX_WRITE_BYTES, |
| 621 | MAX_READ_BYTES, |
| 622 | AuthFs::new(root_entries), |
Victor Hsieh | 88ac6ca | 2020-11-13 15:20:24 -0800 | [diff] [blame] | 623 | ) |
| 624 | } |
Victor Hsieh | 4563623 | 2021-10-15 17:52:51 -0700 | [diff] [blame] | 625 | |
| 626 | fn cstr_to_path(cstr: &CStr) -> &Path { |
| 627 | OsStr::from_bytes(cstr.to_bytes()).as_ref() |
| 628 | } |