fs: Make posix acl support optional

Google drive and file systems used for external media (like FAT32) don't
support xattrs, which means they also don't support posix acls.
However, we unconditionally enable FUSE support for posix acls
preventing us from using virtio-fs for those mount points.

Make posix acl support optional so that we can also use virtio-fs for
gdrive and external media.  This feature is on-by-default since we
currently use it for every other virtio-fs mount point.

BUG=b:196946147
TEST=arc.PlayStore.vm

Change-Id: I9139852d6dceb46bef21af43f77fc527f3fa58d9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3168564
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>

devices/src/virtio/fs/passthrough.rs

@@ -510,6 +510,14 @@ pub struct Config {
     ///
     /// The default value for this option is `false`.
     pub use_dax: bool,
+
+    /// Enable support for POSIX acls.
+    ///
+    /// Enable POSIX acl support for the shared directory. This requires that the underlying file
+    /// system also supports POSIX acls.
+    ///
+    /// The default value for this option is `true`.
+    pub posix_acl: bool,
 }
 
 impl Default for Config {
@@ -524,6 +532,7 @@ impl Default for Config {
             #[cfg(feature = "chromeos")]
             privileged_quota_uids: Default::default(),
             use_dax: false,
+            posix_acl: true,
         }
     }
 }
@@ -1407,8 +1416,10 @@ impl FileSystem for PassthroughFs {
         let mut opts = FsOptions::DO_READDIRPLUS
             | FsOptions::READDIRPLUS_AUTO
             | FsOptions::EXPORT_SUPPORT
-            | FsOptions::DONT_MASK
-            | FsOptions::POSIX_ACL;
+            | FsOptions::DONT_MASK;
+        if self.cfg.posix_acl {
+            opts |= FsOptions::POSIX_ACL;
+        }
         if self.cfg.writeback && capable.contains(FsOptions::WRITEBACK_CACHE) {
             opts |= FsOptions::WRITEBACK_CACHE;
             self.writeback.store(true, Ordering::Relaxed);

src/main.rs

@@ -1576,6 +1576,14 @@ fn set_argument(cfg: &mut Config, name: &str, value: Option<&str>) -> argument::
                         })?;
                         shared_dir.fs_cfg.use_dax = use_dax;
                     }
+                    "posix_acl" => {
+                        let posix_acl =
+                            value.parse().map_err(|_| argument::Error::InvalidValue {
+                                value: value.to_owned(),
+                                expected: String::from("`posix_acl` must be a boolean"),
+                            })?;
+                        shared_dir.fs_cfg.posix_acl = posix_acl;
+                    }
                     _ => {
                         return Err(argument::Error::InvalidValue {
                             value: kind.to_owned(),
@@ -2114,7 +2122,7 @@ fn run_vm(args: std::env::Args) -> std::result::Result<(), ()> {
                                 "Path to put the control socket. If PATH is a directory, a name will be generated."),
           Argument::flag("disable-sandbox", "Run all devices in one, non-sandboxed process."),
           Argument::value("cid", "CID", "Context ID for virtual sockets."),
-          Argument::value("shared-dir", "PATH:TAG[:type=TYPE:writeback=BOOL:timeout=SECONDS:uidmap=UIDMAP:gidmap=GIDMAP:cache=CACHE:dax=BOOL]",
+          Argument::value("shared-dir", "PATH:TAG[:type=TYPE:writeback=BOOL:timeout=SECONDS:uidmap=UIDMAP:gidmap=GIDMAP:cache=CACHE:dax=BOOL,posix_acl=BOOL]",
                           "Colon-separated options for configuring a directory to be shared with the VM.
                               The first field is the directory to be shared and the second field is the tag that the VM can use to identify the device.
                               The remaining fields are key=value pairs that may appear in any order.  Valid keys are:
@@ -2125,6 +2133,7 @@ fn run_vm(args: std::env::Args) -> std::result::Result<(), ()> {
                               timeout=SECONDS - How long the VM should consider file attributes and directory entries to be valid (default: 5).  If the VM has exclusive access to the directory, then this should be a large value.  If the directory can be modified by other processes, then this should be 0.
                               writeback=BOOL - Indicates whether the VM can use writeback caching (default: false).  This is only safe to do when the VM has exclusive access to the files in a directory.  Additionally, the server should have read permission for all files as the VM may issue read requests even for files that are opened write-only.
                               dax=BOOL - Indicates whether DAX support should be enabled.  Enabling DAX can improve performance for frequently accessed files by mapping regions of the file directory into the VM's memory, allowing direct access at the cost of slightly increased latency the first time the file is accessed.  Since the mapping is shared directly from the host kernel's file cache, enabling DAX can improve performance even when the cache policy is \"Never\".  The default value for this option is \"false\".
+                              posix_acl=BOOL - Indicates whether the shared directory supports POSIX ACLs.  This should only be enabled when the underlying file system supports POSIX ACLs.  The default value for this option is \"true\".
 "),
           Argument::value("seccomp-policy-dir", "PATH", "Path to seccomp .policy files."),
           Argument::flag("seccomp-log-failures", "Instead of seccomp filter failures being fatal, they will be logged instead."),