| commit | adb48d70a986bd8e1aedb084f418edd9a8653983 | [log] [tgz] |
|---|---|---|
| author | Ben Keller <galbanum@google.com> | Mon May 16 17:24:40 2022 +0000 |
| committer | Commit Bot <commit-bot@chromium.org> | Mon May 16 17:24:40 2022 +0000 |
| tree | dc87edfa1812cbb36e400fdac4c3d5477d3d68c8 | |
| parent | b7b2e6986a44eb972bdaf47fadc40ae52da337ba [diff] |
[reland] Revert "[revert] Revert "[pkg-cache][pkgfs][fshost] pkg-cache provides all pkgfs directories"" This reverts commit 631fa7a0a06c38fa7e58d8398554f45ca70ea36b. Reason for revert: All OOT clients should now handle hierarchical rights enforcement Original change's description: > [revert] Revert "[pkg-cache][pkgfs][fshost] pkg-cache provides all pkgfs directories" > > This reverts commit 021b6cdc9d9e0bd5f91f5a083fec30e7dfd1791f. > > Reason for revert: Broke file access on some OOT clients. > > Original change's description: > > [pkg-cache][pkgfs][fshost] pkg-cache provides all pkgfs directories > > > > All pkgfs directories (including pkgfs/, pkgfs/packages/, > > pkgfs/versions/, and pkgfs/system/) are now provided by pkg-cache > > instead of pkgfs. > > > > Package directories themselves (including the elements of > > pkgfs/versions/ and pkgfs/packages/*/*/ and the /pkg directory mounted > > in components' namespaces) are now served by pkg-cache instead of > > pkgfs. > > > > The pkgfs directories and package directories themselves are > > implemented on top of the Rust VFS library. As a result, they now > > enforce hierarchical rights (e.g. opening a file with RIGHT_READABLE > > requires that the directory connection over which the > > fuchsia.io/Directory.Open FIDL call was made had RIGHT_READABLE) and > > perform more validation of the flag, mode, and path > > arguments (e.g. paths of the empty string and paths containing ".." > > segments are now rejected). See > > https://cs.opensource.google/fuchsia/fuchsia/+/main:src/sys/pkg/tests/pkgdir/README.md > > for a full listing of the package directory behavior changes. > > > > fshost no longer starts pkgfs (sometimes called pkgsvr). > > > > pkg-cache is now routed an executable handle to blobfs (so it can serve > > package directories). > > > > pkg-cache is now a child of bootstrap and is resolved by the > > base-resolver. > > > > pkg-cache's other package APIs (fuchsia.pkg/PackageCache.{Open|Get}) now > > use the same machinery that powers its pkgfs replacements (instead of > > forwarding to pkgfs). > > > > Bug: 99148 > > Fixed: 88871 > > Change-Id: Ib1151e58bbdb625965e454b46919164698bd8762 > > Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/630466 > > Reviewed-by: Kevin Wells <kevinwells@google.com> > > Reviewed-by: Mark Dittmer <markdittmer@google.com> > > Reviewed-by: Erick Tryzelaar <etryzelaar@google.com> > > Reviewed-by: Stephen Demos <sdemos@google.com> > > Reviewed-by: Allison Pearce <ampearce@google.com> > > Reviewed-by: Olivia Nordquist <nolivia@google.com> > > Reviewed-by: Gary Bressler <geb@google.com> > > Commit-Queue: Ben Keller <galbanum@google.com> > > Bug: 99148 > Change-Id: I3bf2af28b1803c1150c0e0714e56db67186a30ba > Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/678298 > Reviewed-by: RubberStamper 🤖 <android-build-ayeaye@system.gserviceaccount.com> > Commit-Queue: Ben Keller <galbanum@google.com> Bug: 99148 Change-Id: Ie9107004e12c6472241f350f1cc5da2154e3d48c Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/678507 Reviewed-by: Stephen Demos <sdemos@google.com> Reviewed-by: Allison Pearce <ampearce@google.com> Commit-Queue: Ben Keller <galbanum@google.com> Reviewed-by: Gary Bressler <geb@google.com>
Fuchsia is an open source, general purpose operating system supporting modern 64-bit Intel and ARM processors.
We expect everyone interacting with our project to respect our code of conduct.
Read more about Fuchsia's principles.
See Getting Started.
See fuchsia.dev.