• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 use fuse::mount::MountOption;
18 use std::fs::OpenOptions;
19 use std::num::NonZeroU8;
20 use std::os::unix::io::AsRawFd;
21 use std::path::Path;
22 
23 use super::AuthFs;
24 
25 /// Maximum bytes (excluding the FUSE header) `AuthFs` will receive from the kernel for write
26 /// operations by another process.
27 pub const MAX_WRITE_BYTES: u32 = 65536;
28 
29 /// Maximum bytes (excluding the FUSE header) `AuthFs` will receive from the kernel for read
30 /// operations by another process.
31 /// TODO(victorhsieh): This option is deprecated by FUSE. Figure out if we can remove this.
32 const MAX_READ_BYTES: u32 = 65536;
33 
34 /// Mount and start the FUSE instance to handle messages. This requires CAP_SYS_ADMIN.
mount_and_enter_message_loop( authfs: AuthFs, mountpoint: &Path, extra_options: &Option<String>, threads: Option<NonZeroU8>, ) -> Result<(), fuse::Error>35 pub fn mount_and_enter_message_loop(
36     authfs: AuthFs,
37     mountpoint: &Path,
38     extra_options: &Option<String>,
39     threads: Option<NonZeroU8>,
40 ) -> Result<(), fuse::Error> {
41     let dev_fuse = OpenOptions::new()
42         .read(true)
43         .write(true)
44         .open("/dev/fuse")
45         .expect("Failed to open /dev/fuse");
46 
47     let mut mount_options = vec![
48         MountOption::FD(dev_fuse.as_raw_fd()),
49         MountOption::RootMode(libc::S_IFDIR | libc::S_IXUSR | libc::S_IXGRP | libc::S_IXOTH),
50         MountOption::AllowOther,
51         MountOption::UserId(0),
52         MountOption::GroupId(0),
53         MountOption::MaxRead(MAX_READ_BYTES),
54     ];
55     if let Some(value) = extra_options {
56         mount_options.push(MountOption::Extra(value));
57     }
58 
59     fuse::mount(
60         mountpoint,
61         "authfs",
62         libc::MS_NOSUID | libc::MS_NODEV | libc::MS_NOEXEC,
63         &mount_options,
64     )
65     .expect("Failed to mount fuse");
66 
67     let mut config = fuse::FuseConfig::new();
68     config.dev_fuse(dev_fuse).max_write(MAX_WRITE_BYTES).max_read(MAX_READ_BYTES);
69     if let Some(num) = threads {
70         config.num_threads(u8::from(num).into());
71     }
72     config.enter_message_loop(authfs)
73 }
74