OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf

   1 ## @file
   2 # Provide EFI_SIMPLE_FILE_SYSTEM_PROTOCOL instances on virtio-fs devices.
   3 #
   4 # Copyright (C) 2020, Red Hat, Inc.
   5 #
   6 # SPDX-License-Identifier: BSD-2-Clause-Patent
   7 #
   8 #
   9 # Permission Model of this driver:
  10 #
  11 # Regardless of the UID and GID values this driver send in the FUSE request
  12 # header, the daemon (that is, the Virtio Filesystem device) always acts with
  13 # root privileges on the host side. The only time the daemon considers said UID
  14 # and GID fields is when creating a new file or directory. Thus, the guest
  15 # driver cannot rely on the host for enforcing any file mode permissions,
  16 # regardless of the "personality" that the guest driver poses as, because
  17 # "root" on the host side ignores all file mode bits.
  18 #
  19 # Therefore the guest driver has to do its own permission checking, and use the
  20 # host-side file mode bits only as a kind of "metadata storage" or "reminder"
  21 # -- hopefully in a way that makes some sense on the host side too.
  22 #
  23 # The complete mapping between the EFI_FILE_PROTOCOL and the host-side file
  24 # mode bits is described below.
  25 #
  26 # - The guest driver poses as UID 0, GID 0, PID 1.
  27 #
  28 # - If and only if all "w" bits are missing from a file on the host side, then
  29 #   the file or directory is reported as EFI_FILE_READ_ONLY in the guest. When
  30 #   setting EFI_FILE_READ_ONLY in the guest, all "w" bits (0222) are cleared on
  31 #   the host; when clearing EFI_FILE_READ_ONLY in the guest, all "w" bits are
  32 #   set on the host. Viewed from the host side, this sort of reflects that an
  33 #   EFI_FILE_READ_ONLY file should not be written by anyone.
  34 #
  35 # - The attributes EFI_FILE_HIDDEN, EFI_FILE_SYSTEM, EFI_FILE_RESERVED, and
  36 #   EFI_FILE_ARCHIVE are never reported in the guest, and they are silently
  37 #   ignored when a SetInfo() call or a file-creating Open() call requests them.
  38 #
  39 # - On the host, files are created with 0666 file mode bits, directories are
  40 #   created with 0777 file mode bits.
  41 #
  42 # - In the guest, the EFI_FILE_READ_ONLY attribute only controls the permitted
  43 #   open mode. In particular, on directories, the EFI_FILE_READ_ONLY attribute
  44 #   does not prevent the creation or deletion of entries inside the directory;
  45 #   EFI_FILE_READ_ONLY only prevents the renaming, deleting, flushing (syncing)
  46 #   and touching of the directory itself (with "touching" meaning updating the
  47 #   timestamps). The fact that EFI_FILE_READ_ONLY being set on a directory is
  48 #   irrelevant in the guest with regard to entry creation/deletion, is
  49 #   well-mirrored by the fact that virtiofsd -- which runs as root, regardless
  50 #   of guest driver personality -- ignores the absence of "w" permissions on a
  51 #   host-side directory, when creating or removing entries in it.
  52 #
  53 # - When an EFI_FILE_PROTOCOL is opened read-only, then the Delete(), Write()
  54 #   and Flush() member functions are disabled for it. Additionally, SetInfo()
  55 #   is restricted to flipping the EFI_FILE_READ_ONLY bit (which takes effect at
  56 #   the next Open()).
  57 #
  58 # - As a consequence of the above, for deleting a directory, it must be
  59 #   presented in the guest as openable for writing.
  60 #
  61 # - We diverge from the UEFI spec, and permit Flush() on a directory that has
  62 #   been opened read-write; otherwise the only way to invoke FUSE_FSYNCDIR on a
  63 #   directory would be to Close() it.
  64 #
  65 # - OpenVolume() opens the root directory for read-only access. The Open()
  66 #   member function may open it for read-write access. While the root directory
  67 #   cannot be renamed or deleted, opening it for read-write access is useful
  68 #   for calling Flush(), according to the previous paragraph, or for updating
  69 #   the root directory's timestamps with SetInfo().
  70 ##
  71
  72 [Defines]
  73   INF_VERSION                           = 1.29
  74   BASE_NAME                             = VirtioFsDxe
  75   FILE_GUID                             = 7BD9DDF7-8B83-488E-AEC9-24C78610289C
  76   MODULE_TYPE                           = UEFI_DRIVER
  77   ENTRY_POINT                           = VirtioFsEntryPoint
  78
  79 [Packages]
  80   MdePkg/MdePkg.dec
  81   OvmfPkg/OvmfPkg.dec
  82
  83 [Sources]
  84   DriverBinding.c
  85   FuseFlush.c
  86   FuseForget.c
  87   FuseFsync.c
  88   FuseInit.c
  89   FuseMkDir.c
  90   FuseOpen.c
  91   FuseOpenDir.c
  92   FuseOpenOrCreate.c
  93   FuseRelease.c
  94   Helpers.c
  95   SimpleFsClose.c
  96   SimpleFsDelete.c
  97   SimpleFsFlush.c
  98   SimpleFsGetInfo.c
  99   SimpleFsGetPosition.c
 100   SimpleFsOpen.c
 101   SimpleFsOpenVolume.c
 102   SimpleFsRead.c
 103   SimpleFsSetInfo.c
 104   SimpleFsSetPosition.c
 105   SimpleFsWrite.c
 106   VirtioFsDxe.h
 107
 108 [LibraryClasses]
 109   BaseLib
 110   BaseMemoryLib
 111   DebugLib
 112   MemoryAllocationLib
 113   UefiBootServicesTableLib
 114   UefiDriverEntryPoint
 115   VirtioLib
 116
 117 [Protocols]
 118   gEfiComponentName2ProtocolGuid        ## PRODUCES
 119   gEfiDriverBindingProtocolGuid         ## PRODUCES
 120   gEfiSimpleFileSystemProtocolGuid      ## BY_START
 121   gVirtioDeviceProtocolGuid             ## TO_START