blob: 5565701bf5560037eca668b9fc10a87a4001dc20 [file] [log] [blame] [edit]
// Copyright 2020 The Fuchsia Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SRC_STORAGE_BLOBFS_BLOB_LOADER_H_
#define SRC_STORAGE_BLOBFS_BLOB_LOADER_H_
#include <lib/fzl/owned-vmo-mapper.h>
#include <lib/zx/status.h>
#include <lib/zx/vmo.h>
#include <zircon/status.h>
#include <memory>
#include <fbl/function.h>
#include <fbl/macros.h>
#include <storage/buffer/owned_vmoid.h>
#include "src/storage/blobfs/blob-layout.h"
#include "src/storage/blobfs/compression/external-decompressor.h"
#include "src/storage/blobfs/compression/seekable-decompressor.h"
#include "src/storage/blobfs/format.h"
#include "src/storage/blobfs/iterator/block-iterator-provider.h"
#include "src/storage/blobfs/metrics.h"
#include "src/storage/blobfs/node-finder.h"
#include "src/storage/blobfs/pager/page-watcher.h"
#include "src/storage/blobfs/transaction-manager.h"
namespace blobfs {
// BlobLoader is responsible for loading blobs from disk, decoding them and verifying their
// contents as needed.
class BlobLoader {
public:
BlobLoader() = default;
BlobLoader(BlobLoader&& o) = default;
BlobLoader& operator=(BlobLoader&& o) = default;
DISALLOW_COPY_AND_ASSIGN_ALLOW_MOVE(BlobLoader);
// Creates a BlobLoader.
static zx::status<BlobLoader> Create(TransactionManager* txn_manager,
BlockIteratorProvider* block_iter_provider,
NodeFinder* node_finder, pager::UserPager* pager,
BlobfsMetrics* metrics, bool sandbox_decompression);
// Loads the merkle tree and data for the blob with index |node_index|.
//
// |data_out| will be a VMO containing all of the data of the blob, padded up to a block size.
// |merkle_out| will be a VMO containing the merkle tree of the blob. For small blobs, there
// may be no merkle tree (i.e. the entire 'tree' is just a single hash stored inline in the
// inode), in which case no VMO is returned.
//
// This method verifies the following correctness properties:
// - The stored merkle tree is well-formed.
// - The blob's merkle root in |inode| matches the root of the merkle tree stored on-disk.
// - The blob's contents match the merkle tree.
zx_status_t LoadBlob(uint32_t node_index, const BlobCorruptionNotifier* corruption_notifier,
fzl::OwnedVmoMapper* data_out, fzl::OwnedVmoMapper* merkle_out);
// Loads the merkle tree for the blob referenced |inode|, and prepare a pager-backed VMO for
// data.
//
// |page_watcher_out| will be a PageWatcher that is backing |data_out|.
// |data_out| will be a pager-backed VMO with no resident pages, padded up to a block size.
// |merkle_out| will be a VMO containing the merkle tree of the blob. For small blobs, there
// may be no merkle tree, in which case no VMO is returned.
//
// This method verifies the following correctness properties:
// - The stored merkle tree is well-formed.
// - The blob's merkle root in |inode| matches the root of the merkle tree stored on-disk.
//
// This method does *NOT* immediately verify the integrity of the blob's data, this will be
// lazily verified by the pager as chunks of the blob are loaded.
zx_status_t LoadBlobPaged(uint32_t node_index, const BlobCorruptionNotifier* corruption_notifier,
std::unique_ptr<pager::PageWatcher>* page_watcher_out,
fzl::OwnedVmoMapper* data_out, fzl::OwnedVmoMapper* merkle_out);
private:
BlobLoader(TransactionManager* txn_manager, BlockIteratorProvider* block_iter_provider,
NodeFinder* node_finder, pager::UserPager* pager, BlobfsMetrics* metrics,
fzl::OwnedVmoMapper read_mapper, zx::vmo sandbox_vmo,
std::unique_ptr<ExternalDecompressorClient> decompressor_client);
// Loads the merkle tree from disk and initializes a VMO mapping and BlobVerifier with the
// contents. (Small blobs may have no stored tree, in which case |vmo_out| is not mapped but
// |verifier_out| is still initialized.)
zx_status_t InitMerkleVerifier(uint32_t node_index, const Inode& inode,
const BlobLayout& blob_layout,
const BlobCorruptionNotifier* corruption_notifier,
fzl::OwnedVmoMapper* vmo_out,
std::unique_ptr<BlobVerifier>* verifier_out);
// Prepares |decompressor_out| to decompress the blob contents of |inode|.
// If |inode| is not compressed, this is a NOP.
// Depending on the format, some data may be read (e.g. for the CHUNKED format, the header
// containing the seek table is read and used to initialize the decompressor).
zx_status_t InitForDecompression(uint32_t node_index, const Inode& inode,
const BlobLayout& blob_layout, const BlobVerifier& verifier,
std::unique_ptr<SeekableDecompressor>* decompressor_out);
zx_status_t LoadMerkle(uint32_t node_index, const BlobLayout& blob_layout,
const fzl::OwnedVmoMapper& vmo) const;
zx_status_t LoadData(uint32_t node_index, const BlobLayout& blob_layout,
const fzl::OwnedVmoMapper& vmo) const;
zx_status_t LoadAndDecompressData(uint32_t node_index, const Inode& inode,
const BlobLayout& blob_layout,
const fzl::OwnedVmoMapper& vmo) const;
// Verifies that |merkle_root| is the root hash of the null blob.
zx_status_t VerifyNullBlob(Digest merkle_root, const BlobCorruptionNotifier* notifier);
// Reads |block_count| blocks starting at |block_offset| from the blob specified by |node_index|
// into |vmo|.
zx::status<uint64_t> LoadBlocks(uint32_t node_index, uint32_t block_offset, uint32_t block_count,
const fzl::OwnedVmoMapper& vmo) const;
// If part of the Merkle tree is located within the data blocks then this function zeros out the
// Merkle tree within those blocks.
// |vmo| should contain the raw data stored which might be compressed or uncompressed.
void ZeroMerkleTreeWithinDataVmo(const fzl::OwnedVmoMapper& vmo,
const BlobLayout& blob_layout) const;
// Returns the block size used by blobfs.
uint32_t GetBlockSize() const;
TransactionManager* txn_manager_ = nullptr;
BlockIteratorProvider* block_iter_provider_ = nullptr;
NodeFinder* node_finder_ = nullptr;
pager::UserPager* pager_ = nullptr;
BlobfsMetrics* metrics_ = nullptr;
fzl::OwnedVmoMapper read_mapper_;
zx::vmo sandbox_vmo_;
std::unique_ptr<ExternalDecompressorClient> decompressor_client_ = nullptr;
};
} // namespace blobfs
#endif // SRC_STORAGE_BLOBFS_BLOB_LOADER_H_