fuse.h revision c255f25ccb700880483c73d9ff823bf9540dd616 
1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef FUSE_H_
18#define FUSE_H_
19
20#include <dirent.h>
21#include <fcntl.h>
22#include <linux/fuse.h>
23#include <pthread.h>
24#include <stdbool.h>
25#include <stdlib.h>
26#include <sys/param.h>
27#include <sys/stat.h>
28#include <sys/statfs.h>
29#include <sys/types.h>
30#include <sys/uio.h>
31#include <unistd.h>
32
33#include <cutils/fs.h>
34#include <cutils/hashmap.h>
35#include <cutils/log.h>
36#include <cutils/multiuser.h>
37#include <packagelistparser/packagelistparser.h>
38
39#include <private/android_filesystem_config.h>
40
41#ifdef __cplusplus
42extern "C" {
43#endif
44
45#define FUSE_TRACE 0
46
47#if FUSE_TRACE
48#define TRACE(x...) ALOGD(x)
49#else
50#define TRACE(x...) do {} while (0)
51#endif
52
53#define ERROR(x...) ALOGE(x)
54
55/* Maximum number of bytes to write in one request. */
56#define MAX_WRITE (256 * 1024)
57
58/* Maximum number of bytes to read in one request. */
59#define MAX_READ (128 * 1024)
60
61/* Largest possible request.
62 * The request size is bounded by the maximum size of a FUSE_WRITE request because it has
63 * the largest possible data payload. */
64#define MAX_REQUEST_SIZE (sizeof(struct fuse_in_header) + sizeof(struct fuse_write_in) + MAX_WRITE)
65
66/* Permission mode for a specific node. Controls how file permissions
67 * are derived for children nodes. */
68typedef enum {
69    /* Nothing special; this node should just inherit from its parent. */
70    PERM_INHERIT,
71    /* This node is one level above a normal root; used for legacy layouts
72     * which use the first level to represent user_id. */
73    PERM_PRE_ROOT,
74    /* This node is "/" */
75    PERM_ROOT,
76    /* This node is "/Android" */
77    PERM_ANDROID,
78    /* This node is "/Android/data" */
79    PERM_ANDROID_DATA,
80    /* This node is "/Android/obb" */
81    PERM_ANDROID_OBB,
82    /* This node is "/Android/media" */
83    PERM_ANDROID_MEDIA,
84} perm_t;
85
86struct handle {
87    int fd;
88};
89
90struct dirhandle {
91    DIR *d;
92};
93
94struct node {
95    __u32 refcount;
96    __u64 nid;
97    __u64 gen;
98    /*
99     * The inode number for this FUSE node. Note that this isn't stable across
100     * multiple invocations of the FUSE daemon.
101     */
102    __u32 ino;
103
104    /* State derived based on current position in hierarchy. */
105    perm_t perm;
106    userid_t userid;
107    uid_t uid;
108    bool under_android;
109
110    struct node *next;          /* per-dir sibling list */
111    struct node *child;         /* first contained file by this dir */
112    struct node *parent;        /* containing directory */
113
114    size_t namelen;
115    char *name;
116    /* If non-null, this is the real name of the file in the underlying storage.
117     * This may differ from the field "name" only by case.
118     * strlen(actual_name) will always equal strlen(name), so it is safe to use
119     * namelen for both fields.
120     */
121    char *actual_name;
122
123    /* If non-null, an exact underlying path that should be grafted into this
124     * position. Used to support things like OBB. */
125    char* graft_path;
126    size_t graft_pathlen;
127
128    bool deleted;
129};
130
131/* Global data for all FUSE mounts */
132struct fuse_global {
133    pthread_mutex_t lock;
134
135    uid_t uid;
136    gid_t gid;
137    bool multi_user;
138
139    char source_path[PATH_MAX];
140    char obb_path[PATH_MAX];
141
142    Hashmap* package_to_appid;
143
144    __u64 next_generation;
145    struct node root;
146
147    /* Used to allocate unique inode numbers for fuse nodes. We use
148     * a simple counter based scheme where inode numbers from deleted
149     * nodes aren't reused. Note that inode allocations are not stable
150     * across multiple invocation of the sdcard daemon, but that shouldn't
151     * be a huge problem in practice.
152     *
153     * Note that we restrict inodes to 32 bit unsigned integers to prevent
154     * truncation on 32 bit processes when unsigned long long stat.st_ino is
155     * assigned to an unsigned long ino_t type in an LP32 process.
156     *
157     * Also note that fuse_attr and fuse_dirent inode values are 64 bits wide
158     * on both LP32 and LP64, but the fuse kernel code doesn't squash 64 bit
159     * inode numbers into 32 bit values on 64 bit kernels (see fuse_squash_ino
160     * in fs/fuse/inode.c).
161     *
162     * Accesses must be guarded by |lock|.
163     */
164    __u32 inode_ctr;
165
166    struct fuse* fuse_default;
167    struct fuse* fuse_read;
168    struct fuse* fuse_write;
169};
170
171/* Single FUSE mount */
172struct fuse {
173    struct fuse_global* global;
174
175    char dest_path[PATH_MAX];
176
177    int fd;
178
179    gid_t gid;
180    mode_t mask;
181};
182
183/* Private data used by a single FUSE handler */
184struct fuse_handler {
185    struct fuse* fuse;
186    int token;
187
188    /* To save memory, we never use the contents of the request buffer and the read
189     * buffer at the same time.  This allows us to share the underlying storage. */
190    union {
191        __u8 request_buffer[MAX_REQUEST_SIZE];
192        __u8 read_buffer[MAX_READ + PAGE_SIZE];
193    };
194};
195
196void handle_fuse_requests(struct fuse_handler* handler);
197void derive_permissions_recursive_locked(struct fuse* fuse, struct node *parent);
198
199#ifdef __cplusplus
200}; /* extern "C" */
201#endif
202
203#endif  /* FUSE_H_ */
204