commit 551f21c552cbd92a4e25110f6e806afb76d5d758
author Ilya Bobyr <ilya.bobyr@gmail.com> Mon Jun 17 21:40:51 2019 +0000
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Mon Jun 17 21:40:51 2019 +0000
tree 82fc9146a38b65f09369c9c4009f28f3326a30b4
parent 29311321345ca2db806cad6a07b07ecbb400155b

[component_manager] Mount with OPEN_RIGHT_WRITABLE

Services need to be hosted with both read and write rights.  There is an
upcoming change for pseudo-fs that will enforce hierarchical rights and
mounting with only read permission breaks, as fdio is already requesting
both read and write when opening a service.

Yefei is working on a smilar change for the C++ code as part of

    https://fuchsia.atlassian.net/browse/ZX-3251

Change-Id: I2bf93638f8ee335b375f9c8deb942d8ec23ffef7

src/sys/component_manager/src/model/namespace.rs

diff --git a/src/sys/component_manager/src/model/namespace.rs b/src/sys/component_manager/src/model/namespace.rs
index 3f592dd..9aaa2a8 100644
--- a/src/sys/component_manager/src/model/namespace.rs
+++ b/src/sys/component_manager/src/model/namespace.rs
@@ -8,7 +8,9 @@
     crate::model::*,
     cm_rust::{self, ComponentDecl, UseDirectoryDecl, UseServiceDecl},
     fidl::endpoints::{create_endpoints, ClientEnd, ServerEnd},
-    fidl_fuchsia_io::{DirectoryProxy, NodeMarker, MODE_TYPE_DIRECTORY, OPEN_RIGHT_READABLE},
+    fidl_fuchsia_io::{
+        DirectoryProxy, NodeMarker, MODE_TYPE_DIRECTORY, OPEN_RIGHT_READABLE, OPEN_RIGHT_WRITABLE,
+    },
     fidl_fuchsia_sys2 as fsys, fuchsia_async as fasync, fuchsia_vfs_pseudo_fs as fvfs,
     fuchsia_vfs_pseudo_fs::directory::entry::DirectoryEntry,
     fuchsia_zircon as zx,
@@ -236,7 +238,7 @@
             let (client_end, server_end) =
                 create_endpoints::<NodeMarker>().expect("could not create node proxy endpoints");
             pseudo_dir.open(
-                OPEN_RIGHT_READABLE,
+                OPEN_RIGHT_READABLE | OPEN_RIGHT_WRITABLE,
                 MODE_TYPE_DIRECTORY,
                 &mut iter::empty(),
                 server_end,

src/sys/component_manager/src/model/routing.rs

diff --git a/src/sys/component_manager/src/model/routing.rs b/src/sys/component_manager/src/model/routing.rs
index 09ecaf6..1ce2825 100644
--- a/src/sys/component_manager/src/model/routing.rs
+++ b/src/sys/component_manager/src/model/routing.rs
@@ -6,7 +6,9 @@
     crate::model::*,
     cm_rust::{self, Capability, CapabilityPath, ExposeDecl, ExposeSource, OfferDecl, OfferSource},
     failure::format_err,
-    fidl_fuchsia_io::{MODE_TYPE_DIRECTORY, MODE_TYPE_SERVICE, OPEN_RIGHT_READABLE},
+    fidl_fuchsia_io::{
+        MODE_TYPE_DIRECTORY, MODE_TYPE_SERVICE, OPEN_RIGHT_READABLE, OPEN_RIGHT_WRITABLE,
+    },
     fuchsia_zircon as zx,
     std::sync::Arc,
 };
@@ -59,7 +61,7 @@
 ) -> Result<(), ModelError> {
     let source = await!(find_capability_source(model, capability, abs_moniker))?;
 
-    let flags = OPEN_RIGHT_READABLE;
+    let flags = OPEN_RIGHT_READABLE | OPEN_RIGHT_WRITABLE;
     match source {
         CapabilitySource::ComponentMgrNamespace(source_capability) => {
             if let Some(path) = source_capability.path() {

src/sys/component_manager/src/model/testing/routing_test_helpers.rs

diff --git a/src/sys/component_manager/src/model/testing/routing_test_helpers.rs b/src/sys/component_manager/src/model/testing/routing_test_helpers.rs
index 2f314db..5c21396 100644
--- a/src/sys/component_manager/src/model/testing/routing_test_helpers.rs
+++ b/src/sys/component_manager/src/model/testing/routing_test_helpers.rs
@@ -13,7 +13,7 @@
     fidl_fuchsia_data as fdata,
     fidl_fuchsia_io::{
         DirectoryMarker, DirectoryProxy, NodeMarker, MODE_TYPE_DIRECTORY, MODE_TYPE_SERVICE,
-        OPEN_RIGHT_READABLE,
+        OPEN_RIGHT_READABLE, OPEN_RIGHT_WRITABLE,
     },
     fidl_fuchsia_sys2 as fsys, fuchsia_async as fasync,
     fuchsia_vfs_pseudo_fs::{
@@ -491,7 +491,7 @@
                         .expect("failed to add data entry");
                 }
                 pseudo_dir.open(
-                    OPEN_RIGHT_READABLE,
+                    OPEN_RIGHT_READABLE | OPEN_RIGHT_WRITABLE,
                     MODE_TYPE_DIRECTORY,
                     &mut iter::empty(),
                     ServerEnd::new(server_end.into_channel()),

src/sys/component_manager/src/process_launcher.rs

diff --git a/src/sys/component_manager/src/process_launcher.rs b/src/sys/component_manager/src/process_launcher.rs
index f6335e7..3bcc6c2 100644
--- a/src/sys/component_manager/src/process_launcher.rs
+++ b/src/sys/component_manager/src/process_launcher.rs
@@ -419,7 +419,7 @@
                 "test_file" => read_only(|| Ok(test_content_bytes.clone())),
             };
             dir.open(
-                fio::OPEN_RIGHT_READABLE,
+                fio::OPEN_RIGHT_READABLE | fio::OPEN_RIGHT_WRITABLE,
                 fio::MODE_TYPE_DIRECTORY,
                 &mut iter::empty(),
                 ServerEnd::new(dir_server),

src/sys/component_manager/tests/mock_pkg_resolver.rs

diff --git a/src/sys/component_manager/tests/mock_pkg_resolver.rs b/src/sys/component_manager/tests/mock_pkg_resolver.rs
index 0911005..3975a446 100644
--- a/src/sys/component_manager/tests/mock_pkg_resolver.rs
+++ b/src/sys/component_manager/tests/mock_pkg_resolver.rs
@@ -8,7 +8,7 @@
     failure::{Error, ResultExt},
     fdio,
     fidl::endpoints::ServerEnd,
-    fidl_fuchsia_io::{DirectoryMarker, OPEN_RIGHT_READABLE},
+    fidl_fuchsia_io::{DirectoryMarker, OPEN_RIGHT_READABLE, OPEN_RIGHT_WRITABLE},
     fidl_fuchsia_pkg as fpkg, fuchsia_async as fasync,
     fuchsia_component::server::ServiceFs,
     fuchsia_syslog::{self, macros::*},
@@ -77,7 +77,7 @@
         fdio::fdio_sys::fdio_ns_connect(
             ns_ptr,
             cstr.as_ptr(),
-            OPEN_RIGHT_READABLE,
+            OPEN_RIGHT_READABLE | OPEN_RIGHT_WRITABLE,
             dir.into_channel().into_raw(),
         )
     })?;