| Victor Hsieh | 79f296b | 2021-12-02 15:38:08 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2021 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | use fuse::mount::MountOption; |
| 18 | use std::fs::OpenOptions; |
| 19 | use std::os::unix::io::AsRawFd; |
| 20 | use std::path::Path; |
| 21 | |
| 22 | use super::AuthFs; |
| 23 | |
| 24 | /// Maximum bytes in the write transaction to the FUSE device. This limits the maximum buffer |
| 25 | /// size in a read request (including FUSE protocol overhead) that the filesystem writes to. |
| 26 | pub const MAX_WRITE_BYTES: u32 = 65536; |
| 27 | |
| 28 | /// Maximum bytes in a read operation. |
| 29 | /// TODO(victorhsieh): This option is deprecated by FUSE. Figure out if we can remove this. |
| 30 | const MAX_READ_BYTES: u32 = 65536; |
| 31 | |
| 32 | /// Mount and start the FUSE instance to handle messages. This requires CAP_SYS_ADMIN. |
| 33 | pub fn mount_and_enter_message_loop( |
| 34 | authfs: AuthFs, |
| 35 | mountpoint: &Path, |
| 36 | extra_options: &Option<String>, |
| 37 | ) -> Result<(), fuse::Error> { |
| 38 | let dev_fuse = OpenOptions::new() |
| 39 | .read(true) |
| 40 | .write(true) |
| 41 | .open("/dev/fuse") |
| 42 | .expect("Failed to open /dev/fuse"); |
| 43 | |
| 44 | let mut mount_options = vec![ |
| 45 | MountOption::FD(dev_fuse.as_raw_fd()), |
| 46 | MountOption::RootMode(libc::S_IFDIR | libc::S_IXUSR | libc::S_IXGRP | libc::S_IXOTH), |
| 47 | MountOption::AllowOther, |
| 48 | MountOption::UserId(0), |
| 49 | MountOption::GroupId(0), |
| 50 | MountOption::MaxRead(MAX_READ_BYTES), |
| 51 | ]; |
| 52 | if let Some(value) = extra_options { |
| 53 | mount_options.push(MountOption::Extra(value)); |
| 54 | } |
| 55 | |
| 56 | fuse::mount(mountpoint, "authfs", libc::MS_NOSUID | libc::MS_NODEV, &mount_options) |
| 57 | .expect("Failed to mount fuse"); |
| 58 | |
| 59 | fuse::worker::start_message_loop(dev_fuse, MAX_WRITE_BYTES, MAX_READ_BYTES, authfs) |
| 60 | } |