Blame - authfs/service/src/main.rs - android_packages_modules_Virtualization

blob: 890e108a363cb150a9b67322e8dc7b84895bfd5d [file] [log] [blame]

Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	1	/*
				2	* Copyright (C) 2021 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	//! AuthFsService facilitates authfs mounting (which is a privileged operation) for the client. The
				18	//! client will provide an `AuthFsConfig` which includes the backend address (only port for now) and
				19	//! the filesystem configuration. It is up to the client to ensure the backend server is running. On
				20	//! a successful mount, the client receives an `IAuthFs`, and through the binder object, the client
				21	//! is able to retrieve "remote file descriptors".
				22
				23	mod authfs;
Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	24
				25	use anyhow::{bail, Context, Result};
				26	use log::*;
				27	use std::ffi::OsString;
				28	use std::fs::{create_dir, read_dir, remove_dir_all, remove_file};
				29	use std::sync::atomic::{AtomicUsize, Ordering};
				30
Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	31	use authfs_aidl_interface::aidl::com::android::virt::fs::AuthFsConfig::AuthFsConfig;
				32	use authfs_aidl_interface::aidl::com::android::virt::fs::IAuthFs::IAuthFs;
				33	use authfs_aidl_interface::aidl::com::android::virt::fs::IAuthFsService::{
				34	BnAuthFsService, IAuthFsService,
				35	};
				36	use authfs_aidl_interface::binder::{
				37	self, add_service, BinderFeatures, ExceptionCode, Interface, ProcessState, Strong,
				38	};
Alan Stokes	3189af0	2021-09-30 17:51:19 +0100	[diff] [blame]	39	use binder_common::new_binder_exception;
Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	40
				41	const SERVICE_NAME: &str = "authfs_service";
Victor Hsieh	8bb67b6	2021-08-04 12:10:58 -0700	[diff] [blame]	42	const SERVICE_ROOT: &str = "/data/misc/authfs";
Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	43
				44	/// Implementation of `IAuthFsService`.
				45	pub struct AuthFsService {
				46	serial_number: AtomicUsize,
				47	debuggable: bool,
				48	}
				49
				50	impl Interface for AuthFsService {}
				51
				52	impl IAuthFsService for AuthFsService {
				53	fn mount(&self, config: &AuthFsConfig) -> binder::Result<Strong<dyn IAuthFs>> {
				54	self.validate(config)?;
				55
				56	let mountpoint = self.get_next_mount_point();
				57
				58	// The directory is supposed to be deleted when `AuthFs` is dropped.
				59	create_dir(&mountpoint).map_err(\|e\| {
				60	new_binder_exception(
				61	ExceptionCode::SERVICE_SPECIFIC,
Alan Stokes	e1b6e1c	2021-10-01 12:44:49 +0100	[diff] [blame^]	62	format!("Cannot create mount directory {:?}: {:?}", &mountpoint, e),
Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	63	)
				64	})?;
				65
				66	authfs::AuthFs::mount_and_wait(mountpoint, config, self.debuggable).map_err(\|e\| {
				67	new_binder_exception(
				68	ExceptionCode::SERVICE_SPECIFIC,
				69	format!("mount_and_wait failed: {:?}", e),
				70	)
				71	})
				72	}
				73	}
				74
				75	impl AuthFsService {
				76	fn new_binder(debuggable: bool) -> Strong<dyn IAuthFsService> {
				77	let service = AuthFsService { serial_number: AtomicUsize::new(1), debuggable };
				78	BnAuthFsService::new_binder(service, BinderFeatures::default())
				79	}
				80
				81	fn validate(&self, config: &AuthFsConfig) -> binder::Result<()> {
				82	if config.port < 0 {
				83	return Err(new_binder_exception(
				84	ExceptionCode::ILLEGAL_ARGUMENT,
				85	format!("Invalid port: {}", config.port),
				86	));
				87	}
				88	Ok(())
				89	}
				90
				91	fn get_next_mount_point(&self) -> OsString {
				92	let previous = self.serial_number.fetch_add(1, Ordering::Relaxed);
				93	OsString::from(format!("{}/{}", SERVICE_ROOT, previous))
				94	}
				95	}
				96
				97	fn clean_up_working_directory() -> Result<()> {
				98	for entry in read_dir(SERVICE_ROOT)? {
				99	let entry = entry?;
				100	let path = entry.path();
				101	if path.is_dir() {
				102	remove_dir_all(path)?;
				103	} else if path.is_file() {
				104	remove_file(path)?;
				105	} else {
				106	bail!("Unrecognized path type: {:?}", path);
				107	}
				108	}
				109	Ok(())
				110	}
				111
Alan Stokes	e1b6e1c	2021-10-01 12:44:49 +0100	[diff] [blame^]	112	fn try_main() -> Result<()> {
Victor Hsieh	045f1e6	2021-08-03 12:04:34 -0700	[diff] [blame]	113	let debuggable = env!("TARGET_BUILD_VARIANT") != "user";
				114	let log_level = if debuggable { log::Level::Trace } else { log::Level::Info };
				115	android_logger::init_once(
				116	android_logger::Config::default().with_tag("authfs_service").with_min_level(log_level),
				117	);
				118
				119	clean_up_working_directory()?;
				120
				121	ProcessState::start_thread_pool();
				122
				123	let service = AuthFsService::new_binder(debuggable).as_binder();
				124	add_service(SERVICE_NAME, service)
				125	.with_context(\|\| format!("Failed to register service {}", SERVICE_NAME))?;
				126	debug!("{} is running", SERVICE_NAME);
				127
				128	ProcessState::join_thread_pool();
				129	bail!("Unexpected exit after join_thread_pool")
				130	}
Alan Stokes	e1b6e1c	2021-10-01 12:44:49 +0100	[diff] [blame^]	131
				132	fn main() {
				133	if let Err(e) = try_main() {
				134	error!("failed with {:?}", e);
				135	std::process::exit(1);
				136	}
				137	}