]>
Commit | Line | Data |
---|---|---|
021b6e45 JH |
1 | /* |
2 | * Copyright (c) 2005, Junio C Hamano | |
3 | */ | |
021b6e45 | 4 | #include "cache.h" |
4a16d072 | 5 | #include "sigchain.h" |
021b6e45 | 6 | |
0a06f148 MH |
7 | /* |
8 | * File write-locks as used by Git. | |
9 | * | |
10 | * For an overview of how to use the lockfile API, please see | |
11 | * | |
12 | * Documentation/technical/api-lockfile.txt | |
13 | * | |
14 | * This module keeps track of all locked files in lock_file_list for | |
15 | * use at cleanup. This list and the lock_file objects that comprise | |
16 | * it must be kept in self-consistent states at all time, because the | |
17 | * program can be interrupted any time by a signal, in which case the | |
18 | * signal handler will walk through the list attempting to clean up | |
19 | * any open lock files. | |
20 | * | |
21 | * A lockfile is owned by the process that created it. The lock_file | |
22 | * object has an "owner" field that records its owner. This field is | |
23 | * used to prevent a forked process from closing a lockfile created by | |
24 | * its parent. | |
25 | * | |
707103fd | 26 | * The possible states of a lock_file object are as follows: |
0a06f148 MH |
27 | * |
28 | * - Uninitialized. In this state the object's on_list field must be | |
29 | * zero but the rest of its contents need not be initialized. As | |
30 | * soon as the object is used in any way, it is irrevocably | |
31 | * registered in the lock_file_list, and on_list is set. | |
32 | * | |
33 | * - Locked, lockfile open (after hold_lock_file_for_update(), | |
34 | * hold_lock_file_for_append(), or reopen_lock_file()). In this | |
707103fd MH |
35 | * state: |
36 | * - the lockfile exists | |
37 | * - active is set | |
38 | * - filename holds the filename of the lockfile | |
39 | * - fd holds a file descriptor open for writing to the lockfile | |
40 | * - owner holds the PID of the process that locked the file | |
0a06f148 | 41 | * |
8e86c155 MH |
42 | * - Locked, lockfile closed (after successful close_lock_file()). |
43 | * Same as the previous state, except that the lockfile is closed | |
44 | * and fd is -1. | |
0a06f148 | 45 | * |
8e86c155 | 46 | * - Unlocked (after commit_lock_file(), rollback_lock_file(), a |
707103fd MH |
47 | * failed attempt to lock, or a failed close_lock_file()). In this |
48 | * state: | |
49 | * - active is unset | |
cf6950d3 MH |
50 | * - filename is empty (usually, though there are transitory |
51 | * states in which this condition doesn't hold). Client code should | |
52 | * *not* rely on the filename being empty in this state. | |
707103fd MH |
53 | * - fd is -1 |
54 | * - the object is left registered in the lock_file_list, and | |
55 | * on_list is set. | |
0a06f148 MH |
56 | */ |
57 | ||
2091c506 | 58 | static struct lock_file *volatile lock_file_list; |
021b6e45 JH |
59 | |
60 | static void remove_lock_file(void) | |
61 | { | |
5e635e39 JH |
62 | pid_t me = getpid(); |
63 | ||
021b6e45 | 64 | while (lock_file_list) { |
a1754bcc MH |
65 | if (lock_file_list->owner == me) |
66 | rollback_lock_file(lock_file_list); | |
021b6e45 JH |
67 | lock_file_list = lock_file_list->next; |
68 | } | |
69 | } | |
70 | ||
71 | static void remove_lock_file_on_signal(int signo) | |
72 | { | |
73 | remove_lock_file(); | |
4a16d072 | 74 | sigchain_pop(signo); |
021b6e45 JH |
75 | raise(signo); |
76 | } | |
77 | ||
5d5a7a67 BS |
78 | /* |
79 | * p = absolute or relative path name | |
80 | * | |
81 | * Return a pointer into p showing the beginning of the last path name | |
82 | * element. If p is empty or the root directory ("/"), just return p. | |
83 | */ | |
84 | static char *last_path_elm(char *p) | |
85 | { | |
86 | /* r starts pointing to null at the end of the string */ | |
87 | char *r = strchr(p, '\0'); | |
88 | ||
89 | if (r == p) | |
90 | return p; /* just return empty string */ | |
91 | ||
92 | r--; /* back up to last non-null character */ | |
93 | ||
94 | /* back up past trailing slashes, if any */ | |
95 | while (r > p && *r == '/') | |
96 | r--; | |
97 | ||
98 | /* | |
99 | * then go backwards until I hit a slash, or the beginning of | |
100 | * the string | |
101 | */ | |
102 | while (r > p && *(r-1) != '/') | |
103 | r--; | |
104 | return r; | |
105 | } | |
106 | ||
107 | ||
108 | /* We allow "recursive" symbolic links. Only within reason, though */ | |
109 | #define MAXDEPTH 5 | |
110 | ||
111 | /* | |
112 | * p = path that may be a symlink | |
113 | * s = full size of p | |
114 | * | |
115 | * If p is a symlink, attempt to overwrite p with a path to the real | |
116 | * file or directory (which may or may not exist), following a chain of | |
117 | * symlinks if necessary. Otherwise, leave p unmodified. | |
118 | * | |
119 | * This is a best-effort routine. If an error occurs, p will either be | |
120 | * left unmodified or will name a different symlink in a symlink chain | |
121 | * that started with p's initial contents. | |
122 | * | |
123 | * Always returns p. | |
124 | */ | |
125 | ||
126 | static char *resolve_symlink(char *p, size_t s) | |
127 | { | |
128 | int depth = MAXDEPTH; | |
129 | ||
130 | while (depth--) { | |
131 | char link[PATH_MAX]; | |
132 | int link_len = readlink(p, link, sizeof(link)); | |
133 | if (link_len < 0) { | |
134 | /* not a symlink anymore */ | |
135 | return p; | |
136 | } | |
137 | else if (link_len < sizeof(link)) | |
138 | /* readlink() never null-terminates */ | |
139 | link[link_len] = '\0'; | |
140 | else { | |
141 | warning("%s: symlink too long", p); | |
142 | return p; | |
143 | } | |
144 | ||
ecf4831d | 145 | if (is_absolute_path(link)) { |
5d5a7a67 BS |
146 | /* absolute path simply replaces p */ |
147 | if (link_len < s) | |
148 | strcpy(p, link); | |
149 | else { | |
150 | warning("%s: symlink too long", p); | |
151 | return p; | |
152 | } | |
153 | } else { | |
154 | /* | |
155 | * link is a relative path, so I must replace the | |
156 | * last element of p with it. | |
157 | */ | |
4b25d091 | 158 | char *r = (char *)last_path_elm(p); |
5d5a7a67 BS |
159 | if (r - p + link_len < s) |
160 | strcpy(r, link); | |
161 | else { | |
162 | warning("%s: symlink too long", p); | |
163 | return p; | |
164 | } | |
165 | } | |
166 | } | |
167 | return p; | |
168 | } | |
169 | ||
447ff1bf | 170 | /* Make sure errno contains a meaningful value on error */ |
acd3b9ec | 171 | static int lock_file(struct lock_file *lk, const char *path, int flags) |
021b6e45 | 172 | { |
04e57d4d MH |
173 | if (!lock_file_list) { |
174 | /* One-time initialization */ | |
175 | sigchain_push_common(remove_lock_file_on_signal); | |
176 | atexit(remove_lock_file); | |
177 | } | |
178 | ||
707103fd MH |
179 | if (lk->active) |
180 | die("BUG: cannot lock_file(\"%s\") using active struct lock_file", | |
181 | path); | |
04e57d4d MH |
182 | if (!lk->on_list) { |
183 | /* Initialize *lk and add it to lock_file_list: */ | |
184 | lk->fd = -1; | |
707103fd | 185 | lk->active = 0; |
04e57d4d | 186 | lk->owner = 0; |
cf6950d3 | 187 | strbuf_init(&lk->filename, PATH_MAX); |
04e57d4d MH |
188 | lk->next = lock_file_list; |
189 | lock_file_list = lk; | |
190 | lk->on_list = 1; | |
cf6950d3 MH |
191 | } else if (lk->filename.len) { |
192 | /* This shouldn't happen, but better safe than sorry. */ | |
193 | die("BUG: lock_file(\"%s\") called with improperly-reset lock_file object", | |
194 | path); | |
04e57d4d MH |
195 | } |
196 | ||
cf6950d3 MH |
197 | strbuf_addstr(&lk->filename, path); |
198 | if (!(flags & LOCK_NODEREF)) { | |
199 | resolve_symlink(lk->filename.buf, lk->filename.alloc); | |
200 | strbuf_setlen(&lk->filename, strlen(lk->filename.buf)); | |
447ff1bf | 201 | } |
cf6950d3 MH |
202 | strbuf_addstr(&lk->filename, LOCK_SUFFIX); |
203 | lk->fd = open(lk->filename.buf, O_RDWR | O_CREAT | O_EXCL, 0666); | |
e31e949b | 204 | if (lk->fd < 0) { |
cf6950d3 | 205 | strbuf_reset(&lk->filename); |
e31e949b MH |
206 | return -1; |
207 | } | |
208 | lk->owner = getpid(); | |
707103fd | 209 | lk->active = 1; |
cf6950d3 | 210 | if (adjust_shared_perm(lk->filename.buf)) { |
e31e949b | 211 | int save_errno = errno; |
cf6950d3 | 212 | error("cannot fix permission bits on %s", lk->filename.buf); |
e31e949b MH |
213 | rollback_lock_file(lk); |
214 | errno = save_errno; | |
215 | return -1; | |
216 | } | |
4723ee99 | 217 | return lk->fd; |
021b6e45 JH |
218 | } |
219 | ||
6af926e8 | 220 | void unable_to_lock_message(const char *path, int err, struct strbuf *buf) |
e43a6fd3 | 221 | { |
bdfd739d | 222 | if (err == EEXIST) { |
6af926e8 | 223 | strbuf_addf(buf, "Unable to create '%s.lock': %s.\n\n" |
e43a6fd3 MM |
224 | "If no other git process is currently running, this probably means a\n" |
225 | "git process crashed in this repository earlier. Make sure no other git\n" | |
226 | "process is running and remove the file manually to continue.", | |
e2a57aac | 227 | absolute_path(path), strerror(err)); |
1b018fd9 | 228 | } else |
6af926e8 | 229 | strbuf_addf(buf, "Unable to create '%s.lock': %s", |
e2a57aac | 230 | absolute_path(path), strerror(err)); |
1b018fd9 MV |
231 | } |
232 | ||
233 | int unable_to_lock_error(const char *path, int err) | |
234 | { | |
6af926e8 RS |
235 | struct strbuf buf = STRBUF_INIT; |
236 | ||
237 | unable_to_lock_message(path, err, &buf); | |
238 | error("%s", buf.buf); | |
239 | strbuf_release(&buf); | |
1b018fd9 MV |
240 | return -1; |
241 | } | |
242 | ||
e197c218 | 243 | NORETURN void unable_to_lock_die(const char *path, int err) |
1b018fd9 | 244 | { |
6af926e8 RS |
245 | struct strbuf buf = STRBUF_INIT; |
246 | ||
247 | unable_to_lock_message(path, err, &buf); | |
248 | die("%s", buf.buf); | |
e43a6fd3 MM |
249 | } |
250 | ||
447ff1bf | 251 | /* This should return a meaningful errno on failure */ |
acd3b9ec | 252 | int hold_lock_file_for_update(struct lock_file *lk, const char *path, int flags) |
40aaae88 | 253 | { |
acd3b9ec JH |
254 | int fd = lock_file(lk, path, flags); |
255 | if (fd < 0 && (flags & LOCK_DIE_ON_ERROR)) | |
e197c218 | 256 | unable_to_lock_die(path, errno); |
40aaae88 JH |
257 | return fd; |
258 | } | |
259 | ||
acd3b9ec | 260 | int hold_lock_file_for_append(struct lock_file *lk, const char *path, int flags) |
ea3cd5c7 DB |
261 | { |
262 | int fd, orig_fd; | |
263 | ||
acd3b9ec | 264 | fd = lock_file(lk, path, flags); |
ea3cd5c7 | 265 | if (fd < 0) { |
acd3b9ec | 266 | if (flags & LOCK_DIE_ON_ERROR) |
e197c218 | 267 | unable_to_lock_die(path, errno); |
ea3cd5c7 DB |
268 | return fd; |
269 | } | |
270 | ||
271 | orig_fd = open(path, O_RDONLY); | |
272 | if (orig_fd < 0) { | |
273 | if (errno != ENOENT) { | |
acd3b9ec | 274 | if (flags & LOCK_DIE_ON_ERROR) |
ea3cd5c7 | 275 | die("cannot open '%s' for copying", path); |
ebb8e380 | 276 | rollback_lock_file(lk); |
ea3cd5c7 DB |
277 | return error("cannot open '%s' for copying", path); |
278 | } | |
279 | } else if (copy_fd(orig_fd, fd)) { | |
acd3b9ec | 280 | if (flags & LOCK_DIE_ON_ERROR) |
ea3cd5c7 | 281 | exit(128); |
ebb8e380 | 282 | rollback_lock_file(lk); |
ea3cd5c7 DB |
283 | return -1; |
284 | } | |
285 | return fd; | |
286 | } | |
287 | ||
d6cf61bf BC |
288 | int close_lock_file(struct lock_file *lk) |
289 | { | |
290 | int fd = lk->fd; | |
419f0c0f MH |
291 | |
292 | if (fd < 0) | |
293 | return 0; | |
294 | ||
d6cf61bf | 295 | lk->fd = -1; |
8e86c155 MH |
296 | if (close(fd)) { |
297 | int save_errno = errno; | |
298 | rollback_lock_file(lk); | |
299 | errno = save_errno; | |
300 | return -1; | |
301 | } | |
302 | return 0; | |
d6cf61bf BC |
303 | } |
304 | ||
93dcaea2 JH |
305 | int reopen_lock_file(struct lock_file *lk) |
306 | { | |
307 | if (0 <= lk->fd) | |
308 | die(_("BUG: reopen a lockfile that is still open")); | |
707103fd | 309 | if (!lk->active) |
93dcaea2 | 310 | die(_("BUG: reopen a lockfile that has been committed")); |
cf6950d3 | 311 | lk->fd = open(lk->filename.buf, O_WRONLY); |
93dcaea2 JH |
312 | return lk->fd; |
313 | } | |
314 | ||
021b6e45 JH |
315 | int commit_lock_file(struct lock_file *lk) |
316 | { | |
3e88e8fc MH |
317 | static struct strbuf result_file = STRBUF_INIT; |
318 | int err; | |
4f4713df | 319 | |
707103fd | 320 | if (!lk->active) |
8a1c7533 MH |
321 | die("BUG: attempt to commit unlocked object"); |
322 | ||
419f0c0f | 323 | if (close_lock_file(lk)) |
d6cf61bf | 324 | return -1; |
4f4713df | 325 | |
4f4713df | 326 | /* remove ".lock": */ |
cf6950d3 MH |
327 | strbuf_add(&result_file, lk->filename.buf, |
328 | lk->filename.len - LOCK_SUFFIX_LEN); | |
329 | err = rename(lk->filename.buf, result_file.buf); | |
3e88e8fc MH |
330 | strbuf_reset(&result_file); |
331 | if (err) { | |
1b1648f4 MH |
332 | int save_errno = errno; |
333 | rollback_lock_file(lk); | |
334 | errno = save_errno; | |
d6cf61bf | 335 | return -1; |
1b1648f4 MH |
336 | } |
337 | ||
707103fd | 338 | lk->active = 0; |
cf6950d3 | 339 | strbuf_reset(&lk->filename); |
d6cf61bf | 340 | return 0; |
021b6e45 JH |
341 | } |
342 | ||
30ca07a2 JH |
343 | int hold_locked_index(struct lock_file *lk, int die_on_error) |
344 | { | |
acd3b9ec JH |
345 | return hold_lock_file_for_update(lk, get_index_file(), |
346 | die_on_error | |
347 | ? LOCK_DIE_ON_ERROR | |
348 | : 0); | |
30ca07a2 JH |
349 | } |
350 | ||
021b6e45 JH |
351 | void rollback_lock_file(struct lock_file *lk) |
352 | { | |
707103fd | 353 | if (!lk->active) |
9085f8e2 MH |
354 | return; |
355 | ||
8e86c155 | 356 | if (!close_lock_file(lk)) { |
cf6950d3 | 357 | unlink_or_warn(lk->filename.buf); |
707103fd | 358 | lk->active = 0; |
cf6950d3 | 359 | strbuf_reset(&lk->filename); |
8e86c155 | 360 | } |
021b6e45 | 361 | } |