use blob_writer::BlobWriter;
use block_client::BlockClient as _;
use delivery_blob::{delivery_blob_path, CompressionMode, Type1Blob};
use device_watcher::{recursive_wait_and_open, recursive_wait_and_open_directory};
use fidl::endpoints::{create_proxy, Proxy as _, ServerEnd};
use fidl_fuchsia_device::{ControllerMarker, ControllerProxy};
use fidl_fuchsia_fs_startup::{CreateOptions, MountOptions};
use fidl_fuchsia_fxfs::{BlobCreatorProxy, CryptManagementMarker, CryptMarker, KeyPurpose};
use fidl_fuchsia_hardware_block::BlockMarker;
use fs_management::filesystem::ServingMultiVolumeFilesystem;
use fs_management::format::constants::{F2FS_MAGIC, FXFS_MAGIC, MINFS_MAGIC};
use fs_management::{Blobfs, Fxfs, BLOBFS_TYPE_GUID, DATA_TYPE_GUID, FVM_TYPE_GUID_STR};
use fuchsia_component::client::{
connect_to_named_protocol_at_dir_root, connect_to_protocol_at_dir_svc,
};
use fuchsia_component_test::{Capability, ChildOptions, RealmBuilder, RealmInstance, Ref, Route};
use fuchsia_hash::Hash;
use fuchsia_runtime::vmar_root_self;
use gpt::{partition_types, GptConfig};
use key_bag::Aes256Key;
use ramdevice_client::{RamdiskClient, RamdiskClientBuilder};
use std::io::Write;
use std::ops::Deref;
use storage_isolated_driver_manager::fvm::{create_fvm_volume, set_up_fvm};
use storage_isolated_driver_manager::zxcrypt;
use uuid::Uuid;
use zerocopy::{Immutable, IntoBytes};
use zx::{self as zx, HandleBased};
use {fidl_fuchsia_io as fio, fidl_fuchsia_logger as flogger};
const GPT_DRIVER_PATH: &str = "gpt.cm";
const RAMDISK_BLOCK_SIZE: u64 = 512;
pub const FVM_SLICE_SIZE: u64 = 32 * 1024;
pub const DEFAULT_DATA_VOLUME_SIZE: u64 = 101 * 1024 * 1024;
pub const DEFAULT_REMAINING_VOLUME_SIZE: u64 = 4 * 1024 * 1024;
pub const DEFAULT_DISK_SIZE: u64 = DEFAULT_DATA_VOLUME_SIZE + DEFAULT_REMAINING_VOLUME_SIZE;
const KEY_BAG_CONTENTS: &'static str = "\
{
\"version\":1,
\"keys\": {
\"0\":{
\"Aes128GcmSivWrapped\": [
\"7a7c6a718cfde7078f6edec5\",
\"7cc31b765c74db3191e269d2666267022639e758fe3370e8f36c166d888586454fd4de8aeb47aadd81c531b0a0a66f27\"
]
},
\"1\":{
\"Aes128GcmSivWrapped\": [
\"b7d7f459cbee4cc536cc4324\",
\"9f6a5d894f526b61c5c091e5e02a7ff94d18e6ad36a0aa439c86081b726eca79e6b60bd86ee5d86a20b3df98f5265a99\"
]
}
}
}";
pub const BLOB_CONTENTS: [u8; 1000] = [1; 1000];
const DATA_KEY: Aes256Key = Aes256Key::create([
0xcf, 0x9e, 0x45, 0x2a, 0x22, 0xa5, 0x70, 0x31, 0x33, 0x3b, 0x4d, 0x6b, 0x6f, 0x78, 0x58, 0x29,
0x04, 0x79, 0xc7, 0xd6, 0xa9, 0x4b, 0xce, 0x82, 0x04, 0x56, 0x5e, 0x82, 0xfc, 0xe7, 0x37, 0xa8,
]);
const METADATA_KEY: Aes256Key = Aes256Key::create([
0x0f, 0x4d, 0xca, 0x6b, 0x35, 0x0e, 0x85, 0x6a, 0xb3, 0x8c, 0xdd, 0xe9, 0xda, 0x0e, 0xc8, 0x22,
0x8e, 0xea, 0xd8, 0x05, 0xc4, 0xc9, 0x0b, 0xa8, 0xd8, 0x85, 0x87, 0x50, 0x75, 0x40, 0x1c, 0x4c,
]);
fn initialize_gpt(vmo: &zx::Vmo, block_size: u64) {
let flags =
zx::VmarFlags::PERM_READ | zx::VmarFlags::PERM_WRITE | zx::VmarFlags::REQUIRE_NON_RESIZABLE;
let size: usize = vmo.get_size().expect("Failed to obtain VMO size").try_into().unwrap();
let addr = vmar_root_self().map(0, &vmo, 0, size, flags).unwrap();
assert!(flags.contains(zx::VmarFlags::REQUIRE_NON_RESIZABLE));
let buffer = unsafe { std::slice::from_raw_parts_mut(addr as *mut u8, size) };
let vmo_wrapper = Box::new(std::io::Cursor::new(buffer));
let mut disk = GptConfig::new()
.initialized(false)
.writable(true)
.logical_block_size(block_size.try_into().expect("Unsupported logical block size"))
.create_from_device(vmo_wrapper, None)
.unwrap();
disk.update_partitions(std::collections::BTreeMap::new()).expect("Failed to initialize GPT");
let sectors = disk.find_free_sectors();
assert!(sectors.len() == 1);
let block_size: u64 = disk.logical_block_size().clone().into();
let available_space = block_size * sectors[0].1 as u64;
let fvm_type = partition_types::Type {
guid: FVM_TYPE_GUID_STR,
os: partition_types::OperatingSystem::Custom("Fuchsia".to_owned()),
};
disk.add_partition("fvm", available_space, fvm_type, 0, None).unwrap();
let disk = disk.write().expect("Failed to write GPT");
unsafe {
std::mem::drop(disk);
vmar_root_self().unmap(addr, size).expect("Failed to unmap VMAR");
}
}
async fn bind_gpt_driver(ramdisk: &RamdiskClient) {
ramdisk
.as_controller()
.unwrap()
.bind(GPT_DRIVER_PATH)
.await
.expect("FIDL error calling bind()")
.map_err(zx::Status::from_raw)
.expect("bind() returned non-Ok status");
}
async fn create_hermetic_crypt_service(
data_key: Aes256Key,
metadata_key: Aes256Key,
) -> RealmInstance {
let builder = RealmBuilder::new().await.unwrap();
let url = "#meta/fxfs-crypt.cm";
let crypt = builder.add_child("fxfs-crypt", url, ChildOptions::new().eager()).await.unwrap();
builder
.add_route(
Route::new()
.capability(Capability::protocol::<CryptMarker>())
.capability(Capability::protocol::<CryptManagementMarker>())
.from(&crypt)
.to(Ref::parent()),
)
.await
.unwrap();
builder
.add_route(
Route::new()
.capability(Capability::protocol::<flogger::LogSinkMarker>())
.from(Ref::parent())
.to(&crypt),
)
.await
.unwrap();
let realm = builder.build().await.expect("realm build failed");
let crypt_management =
realm.root.connect_to_protocol_at_exposed_dir::<CryptManagementMarker>().unwrap();
let wrapping_key_id_0 = [0; 16];
let mut wrapping_key_id_1 = [0; 16];
wrapping_key_id_1[0] = 1;
crypt_management
.add_wrapping_key(&wrapping_key_id_0, data_key.deref())
.await
.unwrap()
.expect("add_wrapping_key failed");
crypt_management
.add_wrapping_key(&wrapping_key_id_1, metadata_key.deref())
.await
.unwrap()
.expect("add_wrapping_key failed");
crypt_management
.set_active_key(KeyPurpose::Data, &wrapping_key_id_0)
.await
.unwrap()
.expect("set_active_key failed");
crypt_management
.set_active_key(KeyPurpose::Metadata, &wrapping_key_id_1)
.await
.unwrap()
.expect("set_active_key failed");
realm
}
pub async fn write_test_blob(
blob_volume_root: &fio::DirectoryProxy,
data: &[u8],
as_delivery_blob: bool,
) -> Hash {
let hash = fuchsia_merkle::from_slice(data).root();
let compressed_data = Type1Blob::generate(&data, CompressionMode::Always);
let (name, data) = if as_delivery_blob {
(delivery_blob_path(hash), compressed_data.as_slice())
} else {
(hash.to_string(), data)
};
let (blob, server_end) = create_proxy::<fio::FileMarker>();
let flags =
fio::OpenFlags::CREATE | fio::OpenFlags::RIGHT_READABLE | fio::OpenFlags::RIGHT_WRITABLE;
blob_volume_root
.open(flags, fio::ModeType::empty(), &name, ServerEnd::new(server_end.into_channel()))
.expect("open failed");
let _: Vec<_> = blob.query().await.expect("open file failed");
blob.resize(data.len() as u64).await.expect("FIDL call failed").expect("truncate failed");
for chunk in data.chunks(fio::MAX_TRANSFER_SIZE as usize) {
assert_eq!(
blob.write(&chunk).await.expect("FIDL call failed").expect("write failed"),
chunk.len() as u64
);
}
hash
}
pub async fn write_test_blob_fxblob(blob_creator: BlobCreatorProxy, data: &[u8]) -> Hash {
let hash = fuchsia_merkle::from_slice(data).root();
let compressed_data = Type1Blob::generate(&data, CompressionMode::Always);
let blob_writer_client_end = blob_creator
.create(&hash.into(), false)
.await
.expect("transport error on create")
.expect("failed to create blob");
let writer = blob_writer_client_end.into_proxy();
let mut blob_writer = BlobWriter::create(writer, compressed_data.len() as u64)
.await
.expect("failed to create BlobWriter");
blob_writer.write(&compressed_data).await.unwrap();
hash
}
pub enum Disk {
Prebuilt(zx::Vmo),
Builder(DiskBuilder),
}
impl Disk {
pub async fn get_vmo(self) -> zx::Vmo {
match self {
Disk::Prebuilt(vmo) => vmo,
Disk::Builder(builder) => builder.build().await,
}
}
pub fn builder(&mut self) -> &mut DiskBuilder {
match self {
Disk::Prebuilt(_) => panic!("attempted to get builder for prebuilt disk"),
Disk::Builder(builder) => builder,
}
}
}
#[derive(Debug, Default)]
pub struct DataSpec {
pub format: Option<&'static str>,
pub zxcrypt: bool,
}
#[derive(Debug)]
pub struct VolumesSpec {
pub fxfs_blob: bool,
pub create_data_partition: bool,
}
enum FxfsType {
Fxfs(ControllerProxy),
FxBlob(ServingMultiVolumeFilesystem, RealmInstance),
}
pub struct DiskBuilder {
size: u64,
uninitialized: bool,
blob_hash: Option<Hash>,
data_volume_size: u64,
data_spec: DataSpec,
volumes_spec: VolumesSpec,
corrupt_data: bool,
gpt: bool,
with_account_and_virtualization: bool,
format_volume_manager: bool,
legacy_data_label: bool,
fs_switch: Option<String>,
}
impl DiskBuilder {
pub fn uninitialized() -> DiskBuilder {
Self { uninitialized: true, ..Self::new() }
}
pub fn new() -> DiskBuilder {
DiskBuilder {
size: DEFAULT_DISK_SIZE,
uninitialized: false,
blob_hash: None,
data_volume_size: DEFAULT_DATA_VOLUME_SIZE,
data_spec: DataSpec { format: None, zxcrypt: false },
volumes_spec: VolumesSpec { fxfs_blob: false, create_data_partition: true },
corrupt_data: false,
gpt: false,
with_account_and_virtualization: false,
format_volume_manager: true,
legacy_data_label: false,
fs_switch: None,
}
}
pub fn size(&mut self, size: u64) -> &mut Self {
self.size = size;
self
}
pub fn data_volume_size(&mut self, data_volume_size: u64) -> &mut Self {
self.data_volume_size = data_volume_size;
self.size = self.size.max(self.data_volume_size + DEFAULT_REMAINING_VOLUME_SIZE);
self
}
pub fn format_volumes(&mut self, volumes_spec: VolumesSpec) -> &mut Self {
self.volumes_spec = volumes_spec;
self
}
pub fn format_data(&mut self, data_spec: DataSpec) -> &mut Self {
tracing::info!(?data_spec, "formatting data volume");
if !self.volumes_spec.fxfs_blob {
assert!(self.format_volume_manager);
} else {
if let Some(format) = data_spec.format {
assert_eq!(format, "fxfs");
}
}
self.data_spec = data_spec;
self
}
pub fn set_fs_switch(&mut self, content: &str) -> &mut Self {
self.fs_switch = Some(content.to_string());
self
}
pub fn corrupt_data(&mut self) -> &mut Self {
self.corrupt_data = true;
self
}
pub fn with_gpt(&mut self) -> &mut Self {
self.gpt = true;
self
}
pub fn with_account_and_virtualization(&mut self) -> &mut Self {
self.with_account_and_virtualization = true;
self
}
pub fn with_unformatted_volume_manager(&mut self) -> &mut Self {
assert!(self.data_spec.format.is_none());
self.format_volume_manager = false;
self
}
pub fn with_legacy_data_label(&mut self) -> &mut Self {
self.legacy_data_label = true;
self
}
async fn build_fxfs_as_volume_manager(&mut self, device_controller: ControllerProxy) {
let crypt_realm = create_hermetic_crypt_service(DATA_KEY, METADATA_KEY).await;
let mut fxfs = Fxfs::new(device_controller);
fxfs.format().await.expect("format failed");
let mut fs = fxfs.serve_multi_volume().await.expect("serve_multi_volume failed");
let blob_volume = fs
.create_volume(
"blob",
CreateOptions::default(),
MountOptions { as_blob: Some(true), ..MountOptions::default() },
)
.await
.expect("failed to create blob volume");
let blob_creator = connect_to_protocol_at_dir_svc::<fidl_fuchsia_fxfs::BlobCreatorMarker>(
blob_volume.exposed_dir(),
)
.expect("failed to connect to the Blob service");
self.blob_hash = Some(write_test_blob_fxblob(blob_creator, &BLOB_CONTENTS).await);
if self.data_spec.format.is_some() {
self.init_data_fxfs(FxfsType::FxBlob(fs, crypt_realm)).await;
} else {
fs.shutdown().await.expect("shutdown failed");
}
}
async fn build_fvm_as_volume_manager(
&mut self,
device_dir: &fio::DirectoryProxy,
device_controller: ControllerProxy,
) {
let volume_manager = set_up_fvm(&device_controller, device_dir, FVM_SLICE_SIZE as usize)
.await
.expect("set_up_fvm failed");
create_fvm_volume(
&volume_manager,
"blobfs",
&BLOBFS_TYPE_GUID,
Uuid::new_v4().as_bytes(),
None,
0,
)
.await
.expect("create_fvm_volume failed");
let blobfs_controller = recursive_wait_and_open::<ControllerMarker>(
&device_dir,
"/fvm/blobfs-p-1/block/device_controller",
)
.await
.expect("failed to open controller");
let mut blobfs = Blobfs::new(blobfs_controller);
blobfs.format().await.expect("format failed");
blobfs.fsck().await.expect("failed to fsck blobfs");
let serving_blobfs = blobfs.serve().await.expect("failed to serve blobfs");
self.blob_hash = Some(write_test_blob(serving_blobfs.root(), &BLOB_CONTENTS, false).await);
serving_blobfs.shutdown().await.expect("shutdown failed");
if self.volumes_spec.create_data_partition {
let data_label = if self.legacy_data_label { "minfs" } else { "data" };
create_fvm_volume(
&volume_manager,
data_label,
&DATA_TYPE_GUID,
Uuid::new_v4().as_bytes(),
Some(self.data_volume_size),
0,
)
.await
.expect("create_fvm_volume failed");
let data_block_path = format!("/fvm/{}-p-2/block", data_label);
let data_dir = recursive_wait_and_open_directory(&device_dir, &data_block_path)
.await
.expect("failed to open data partition");
let data_controller = connect_to_named_protocol_at_dir_root::<ControllerMarker>(
&data_dir,
"device_controller",
)
.expect("failed to connect to data device controller");
let data_controller = if self.data_spec.format != Some("fxfs") && self.data_spec.zxcrypt
{
let zxcrypt_block_dir = zxcrypt::set_up_insecure_zxcrypt(&data_dir)
.await
.expect("failed to set up zxcrypt");
connect_to_named_protocol_at_dir_root::<ControllerMarker>(
&zxcrypt_block_dir,
"device_controller",
)
.expect("failed to connect to the device")
} else {
data_controller
};
if let Some(format) = self.data_spec.format {
match format {
"fxfs" => self.init_data_fxfs(FxfsType::Fxfs(data_controller)).await,
"minfs" => self.init_data_minfs(data_controller).await,
"f2fs" => self.init_data_f2fs(data_controller).await,
_ => panic!("unsupported data filesystem format type"),
}
}
}
if self.with_account_and_virtualization {
create_fvm_volume(
&volume_manager,
"account",
&DATA_TYPE_GUID,
Uuid::new_v4().as_bytes(),
None,
0,
)
.await
.expect("create_fvm_volume failed");
create_fvm_volume(
&volume_manager,
"virtualization",
&DATA_TYPE_GUID,
Uuid::new_v4().as_bytes(),
None,
0,
)
.await
.expect("create_fvm_volume failed");
}
}
pub async fn build(mut self) -> zx::Vmo {
let vmo = zx::Vmo::create(self.size).unwrap();
if self.uninitialized {
return vmo;
}
if self.gpt {
initialize_gpt(&vmo, RAMDISK_BLOCK_SIZE);
}
if !self.format_volume_manager {
return vmo;
}
let ramdisk = RamdiskClientBuilder::new_with_vmo(
vmo.duplicate_handle(zx::Rights::SAME_RIGHTS).unwrap(),
Some(RAMDISK_BLOCK_SIZE),
)
.build()
.await
.unwrap();
let block_path = "/part-000/block";
let device_dir = if self.gpt {
bind_gpt_driver(&ramdisk).await;
let device_dir = recursive_wait_and_open_directory(
ramdisk.as_dir().expect("invalid directory proxy"),
block_path,
)
.await
.expect("failed to open device");
Some(device_dir)
} else {
None
};
let device_dir =
device_dir.as_ref().unwrap_or(ramdisk.as_dir().expect("invalid directory proxy"));
let device_controller = connect_to_named_protocol_at_dir_root::<ControllerMarker>(
device_dir,
"device_controller",
)
.expect("failed to connect to device controller");
if self.volumes_spec.fxfs_blob {
self.build_fxfs_as_volume_manager(device_controller).await;
} else {
self.build_fvm_as_volume_manager(device_dir, device_controller).await;
}
ramdisk.destroy().await.expect("destroy failed");
vmo
}
async fn init_data_minfs(&self, data_device: ControllerProxy) {
if self.corrupt_data {
let (block, server) = fidl::endpoints::create_proxy::<BlockMarker>();
let () = data_device.connect_to_device_fidl(server.into_channel()).unwrap();
return self.write_magic(block, MINFS_MAGIC, 0).await;
}
let mut minfs = fs_management::Minfs::new(data_device);
minfs.format().await.expect("format failed");
let fs = minfs.serve().await.expect("serve_single_volume failed");
self.write_test_data(&fs.root()).await;
fs.shutdown().await.expect("shutdown failed");
}
async fn init_data_f2fs(&self, data_device: ControllerProxy) {
if self.corrupt_data {
let (block, server) = fidl::endpoints::create_proxy::<BlockMarker>();
let () = data_device.connect_to_device_fidl(server.into_channel()).unwrap();
return self.write_magic(block, F2FS_MAGIC, 1024).await;
}
let mut f2fs = fs_management::F2fs::new(data_device);
f2fs.format().await.expect("format failed");
let fs = f2fs.serve().await.expect("serve_single_volume failed");
self.write_test_data(&fs.root()).await;
fs.shutdown().await.expect("shutdown failed");
}
async fn init_data_fxfs(&self, fxfs: FxfsType) {
let mut fxblob = false;
let (mut fs, crypt_realm) = match fxfs {
FxfsType::Fxfs(data_device) => {
if self.corrupt_data {
let (block, server) = fidl::endpoints::create_proxy::<BlockMarker>();
let () = data_device.connect_to_device_fidl(server.into_channel()).unwrap();
return self.write_magic(block, FXFS_MAGIC, 0).await;
}
let crypt_realm = create_hermetic_crypt_service(DATA_KEY, METADATA_KEY).await;
let mut fxfs = Fxfs::new(data_device);
fxfs.format().await.expect("format failed");
(fxfs.serve_multi_volume().await.expect("serve_multi_volume failed"), crypt_realm)
}
FxfsType::FxBlob(fs, crypt_realm) => {
fxblob = true;
(fs, crypt_realm)
}
};
let vol = {
let vol = fs
.create_volume("unencrypted", CreateOptions::default(), MountOptions::default())
.await
.expect("create_volume failed");
vol.bind_to_path("/unencrypted_volume").unwrap();
std::fs::create_dir("/unencrypted_volume/keys").expect("create_dir failed");
let mut file = std::fs::File::create("/unencrypted_volume/keys/fxfs-data")
.expect("create file failed");
let mut key_bag = KEY_BAG_CONTENTS.as_bytes();
if self.corrupt_data && fxblob {
key_bag = &BLOB_CONTENTS;
}
file.write_all(key_bag).expect("write file failed");
let crypt_service = Some(
crypt_realm
.root
.connect_to_protocol_at_exposed_dir::<CryptMarker>()
.expect("Unable to connect to Crypt service")
.into_channel()
.unwrap()
.into_zx_channel()
.into(),
);
fs.create_volume(
"data",
CreateOptions::default(),
MountOptions { crypt: crypt_service, ..MountOptions::default() },
)
.await
.expect("create_volume failed")
};
self.write_test_data(&vol.root()).await;
fs.shutdown().await.expect("shutdown failed");
}
async fn write_test_data(&self, root: &fio::DirectoryProxy) {
fuchsia_fs::directory::open_file(
root,
".testdata",
fio::Flags::FLAG_MAYBE_CREATE | fio::PERM_READABLE,
)
.await
.unwrap();
let ssh_dir = fuchsia_fs::directory::create_directory(
root,
"ssh",
fio::PERM_READABLE | fio::PERM_WRITABLE,
)
.await
.unwrap();
let authorized_keys = fuchsia_fs::directory::open_file(
&ssh_dir,
"authorized_keys",
fio::Flags::FLAG_MAYBE_CREATE | fio::PERM_READABLE | fio::PERM_WRITABLE,
)
.await
.unwrap();
fuchsia_fs::file::write(&authorized_keys, "public key!").await.unwrap();
fuchsia_fs::directory::create_directory(&ssh_dir, "config", fio::PERM_READABLE)
.await
.unwrap();
fuchsia_fs::directory::create_directory(&root, "problems", fio::PERM_READABLE)
.await
.unwrap();
if let Some(content) = &self.fs_switch {
let fs_switch = fuchsia_fs::directory::open_file(
&root,
"fs_switch",
fio::Flags::FLAG_MAYBE_CREATE | fio::PERM_READABLE | fio::PERM_WRITABLE,
)
.await
.unwrap();
fuchsia_fs::file::write(&fs_switch, content).await.unwrap();
}
}
async fn write_magic<const N: usize>(
&self,
block_proxy: fidl_fuchsia_hardware_block::BlockProxy,
value: [u8; N],
offset: u64,
) {
let client = block_client::RemoteBlockClient::new(block_proxy)
.await
.expect("Failed to create client");
let block_size = client.block_size() as usize;
assert!(value.len() <= block_size);
let mut data = vec![0xffu8; block_size];
data[..value.len()].copy_from_slice(&value);
let buffer = block_client::BufferSlice::Memory(&data[..]);
client.write_at(buffer, offset).await.expect("write failed");
}
pub(crate) async fn build_as_zbi_ramdisk(self) -> zx::Vmo {
const ZBI_TYPE_STORAGE_RAMDISK: u32 = 0x4b534452;
const ZBI_FLAGS_VERSION: u32 = 0x00010000;
const ZBI_ITEM_MAGIC: u32 = 0xb5781729;
const ZBI_FLAGS_STORAGE_COMPRESSED: u32 = 0x00000001;
#[repr(C)]
#[derive(IntoBytes, Immutable)]
struct ZbiHeader {
type_: u32,
length: u32,
extra: u32,
flags: u32,
_reserved0: u32,
_reserved1: u32,
magic: u32,
_crc32: u32,
}
let ramdisk_vmo = self.build().await;
let extra = ramdisk_vmo.get_size().unwrap() as u32;
let mut decompressed_buf = vec![0u8; extra as usize];
ramdisk_vmo.read(&mut decompressed_buf, 0).unwrap();
let compressed_buf = zstd::encode_all(decompressed_buf.as_slice(), 0).unwrap();
let length = compressed_buf.len() as u32;
let header = ZbiHeader {
type_: ZBI_TYPE_STORAGE_RAMDISK,
length,
extra,
flags: ZBI_FLAGS_VERSION | ZBI_FLAGS_STORAGE_COMPRESSED,
_reserved0: 0,
_reserved1: 0,
magic: ZBI_ITEM_MAGIC,
_crc32: 0,
};
let header_size = std::mem::size_of::<ZbiHeader>() as u64;
let zbi_vmo = zx::Vmo::create(header_size + length as u64).unwrap();
zbi_vmo.write(header.as_bytes(), 0).unwrap();
zbi_vmo.write(&compressed_buf, header_size).unwrap();
zbi_vmo
}
}