1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2010 ProFUSION embedded systems
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <linux/loop.h>
25 #include <sys/mount.h>
30 #include "alloc-util.h"
31 #include "blockdev-util.h"
35 #include "fstab-util.h"
36 #include "linux-3.13/dm-ioctl.h"
38 #include "mount-setup.h"
39 #include "mount-util.h"
40 #include "path-util.h"
41 #include "process-util.h"
42 #include "signal-util.h"
43 #include "string-util.h"
44 #include "udev-util.h"
49 typedef struct MountPoint
{
51 char *remount_options
;
52 unsigned long remount_flags
;
55 LIST_FIELDS(struct MountPoint
, mount_point
);
58 static void mount_point_free(MountPoint
**head
, MountPoint
*m
) {
62 LIST_REMOVE(mount_point
, *head
, m
);
65 free(m
->remount_options
);
69 static void mount_points_list_free(MountPoint
**head
) {
73 mount_point_free(head
, *head
);
76 static int mount_points_list_get(MountPoint
**head
) {
77 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
83 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
84 if (!proc_self_mountinfo
)
88 _cleanup_free_
char *path
= NULL
, *options
= NULL
, *flags
= NULL
, *type
= NULL
, *p
= NULL
;
92 k
= fscanf(proc_self_mountinfo
,
93 "%*s " /* (1) mount id */
94 "%*s " /* (2) parent id */
95 "%*s " /* (3) major:minor */
97 "%ms " /* (5) mount point */
98 "%ms" /* (6) mount flags */
99 "%*[^-]" /* (7) optional fields */
100 "- " /* (8) separator */
101 "%ms " /* (9) file system type */
102 "%*s" /* (10) mount source */
103 "%ms" /* (11) mount options */
104 "%*[^\n]", /* some rubbish at the end */
105 &path
, &flags
, &type
, &options
);
110 log_warning("Failed to parse /proc/self/mountinfo:%u.", i
);
114 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
118 /* Ignore mount points we can't unmount because they
119 * are API or because we are keeping them open (like
120 * /dev/console). Also, ignore all mounts below API
121 * file systems, since they are likely virtual too,
122 * and hence not worth spending time on. Also, in
123 * unprivileged containers we might lack the rights to
124 * unmount these things, hence don't bother. */
125 if (mount_point_is_api(p
) ||
126 mount_point_ignore(p
) ||
127 path_startswith(p
, "/dev") ||
128 path_startswith(p
, "/sys") ||
129 path_startswith(p
, "/proc"))
132 m
= new0(MountPoint
, 1);
136 free_and_replace(m
->path
, p
);
138 /* If we are in a container, don't attempt to
139 * read-only mount anything as that brings no real
140 * benefits, but might confuse the host, as we remount
141 * the superblock here, not the bind mount.
143 * If the filesystem is a network fs, also skip the
144 * remount. It brings no value (we cannot leave
145 * a "dirty fs") and could hang if the network is down.
146 * Note that umount2() is more careful and will not
147 * hang because of the network being down. */
148 m
->try_remount_ro
= detect_container() <= 0 &&
149 !fstype_is_network(type
) &&
150 !fstype_is_api_vfs(type
) &&
151 !fstype_is_ro(type
) &&
152 !fstab_test_yes_no_option(options
, "ro\0rw\0");
154 if (m
->try_remount_ro
) {
155 _cleanup_free_
char *unknown_flags
= NULL
;
157 /* mount(2) states that mount flags and options need to be exactly the same
158 * as they were when the filesystem was mounted, except for the desired
159 * changes. So we reconstruct both here and adjust them for the later
160 * remount call too. */
162 r
= mount_option_mangle(flags
, 0, &m
->remount_flags
, &unknown_flags
);
165 if (!isempty(unknown_flags
))
166 log_warning("Ignoring unknown mount flags '%s'.", unknown_flags
);
168 r
= mount_option_mangle(options
, m
->remount_flags
, &m
->remount_flags
, &m
->remount_options
);
172 /* MS_BIND is special. If it is provided it will only make the mount-point
173 * read-only. If left out, the super block itself is remounted, which we want. */
174 m
->remount_flags
= (m
->remount_flags
|MS_REMOUNT
|MS_RDONLY
) & ~MS_BIND
;
177 LIST_PREPEND(mount_point
, *head
, m
);
183 static int swap_list_get(MountPoint
**head
) {
184 _cleanup_fclose_
FILE *proc_swaps
= NULL
;
190 proc_swaps
= fopen("/proc/swaps", "re");
192 return (errno
== ENOENT
) ? 0 : -errno
;
194 (void) fscanf(proc_swaps
, "%*s %*s %*s %*s %*s\n");
198 _cleanup_free_
char *dev
= NULL
, *d
= NULL
;
201 k
= fscanf(proc_swaps
,
202 "%ms " /* device/file */
203 "%*s " /* type of swap */
204 "%*s " /* swap size */
206 "%*s\n", /* priority */
213 log_warning("Failed to parse /proc/swaps:%u.", i
);
217 if (endswith(dev
, " (deleted)"))
220 r
= cunescape(dev
, UNESCAPE_RELAX
, &d
);
224 swap
= new0(MountPoint
, 1);
228 free_and_replace(swap
->path
, d
);
229 LIST_PREPEND(mount_point
, *head
, swap
);
235 static int loopback_list_get(MountPoint
**head
) {
236 _cleanup_udev_enumerate_unref_
struct udev_enumerate
*e
= NULL
;
237 struct udev_list_entry
*item
= NULL
, *first
= NULL
;
238 _cleanup_udev_unref_
struct udev
*udev
= NULL
;
247 e
= udev_enumerate_new(udev
);
251 r
= udev_enumerate_add_match_subsystem(e
, "block");
255 r
= udev_enumerate_add_match_sysname(e
, "loop*");
259 r
= udev_enumerate_add_match_sysattr(e
, "loop/backing_file", NULL
);
263 r
= udev_enumerate_scan_devices(e
);
267 first
= udev_enumerate_get_list_entry(e
);
268 udev_list_entry_foreach(item
, first
) {
270 _cleanup_udev_device_unref_
struct udev_device
*d
;
274 d
= udev_device_new_from_syspath(udev
, udev_list_entry_get_name(item
));
278 dn
= udev_device_get_devnode(d
);
286 lb
= new0(MountPoint
, 1);
293 LIST_PREPEND(mount_point
, *head
, lb
);
299 static int dm_list_get(MountPoint
**head
) {
300 _cleanup_udev_enumerate_unref_
struct udev_enumerate
*e
= NULL
;
301 struct udev_list_entry
*item
= NULL
, *first
= NULL
;
302 _cleanup_udev_unref_
struct udev
*udev
= NULL
;
311 e
= udev_enumerate_new(udev
);
315 r
= udev_enumerate_add_match_subsystem(e
, "block");
319 r
= udev_enumerate_add_match_sysname(e
, "dm-*");
323 r
= udev_enumerate_scan_devices(e
);
327 first
= udev_enumerate_get_list_entry(e
);
328 udev_list_entry_foreach(item
, first
) {
330 _cleanup_udev_device_unref_
struct udev_device
*d
;
335 d
= udev_device_new_from_syspath(udev
, udev_list_entry_get_name(item
));
339 devnum
= udev_device_get_devnum(d
);
340 dn
= udev_device_get_devnode(d
);
341 if (major(devnum
) == 0 || !dn
)
348 m
= new(MountPoint
, 1);
356 LIST_PREPEND(mount_point
, *head
, m
);
362 static int delete_loopback(const char *device
) {
363 _cleanup_close_
int fd
= -1;
368 fd
= open(device
, O_RDONLY
|O_CLOEXEC
);
370 return errno
== ENOENT
? 0 : -errno
;
372 r
= ioctl(fd
, LOOP_CLR_FD
, 0);
376 /* ENXIO: not bound, so no error */
383 static int delete_dm(dev_t devnum
) {
385 struct dm_ioctl dm
= {
389 DM_VERSION_PATCHLEVEL
391 .data_size
= sizeof(dm
),
395 _cleanup_close_
int fd
= -1;
397 assert(major(devnum
) != 0);
399 fd
= open("/dev/mapper/control", O_RDWR
|O_CLOEXEC
);
403 if (ioctl(fd
, DM_DEV_REMOVE
, &dm
) < 0)
409 static bool nonunmountable_path(const char *path
) {
410 return path_equal(path
, "/")
412 || path_equal(path
, "/usr")
414 || path_startswith(path
, "/run/initramfs");
417 static int remount_with_timeout(MountPoint
*m
, int umount_log_level
) {
421 BLOCK_SIGNALS(SIGCHLD
);
425 /* Due to the possiblity of a remount operation hanging, we
426 * fork a child process and set a timeout. If the timeout
427 * lapses, the assumption is that that particular remount
429 r
= safe_fork("(sd-remount)", FORK_RESET_SIGNALS
|FORK_CLOSE_ALL_FDS
|FORK_LOG
|FORK_REOPEN_LOG
, &pid
);
433 log_info("Remounting '%s' read-only in with options '%s'.", m
->path
, m
->remount_options
);
435 /* Start the mount operation here in the child */
436 r
= mount(NULL
, m
->path
, NULL
, m
->remount_flags
, m
->remount_options
);
438 log_full_errno(umount_log_level
, errno
, "Failed to remount '%s' read-only: %m", m
->path
);
440 _exit(r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
);
443 r
= wait_for_terminate_with_timeout(pid
, DEFAULT_TIMEOUT_USEC
);
444 if (r
== -ETIMEDOUT
) {
445 log_error_errno(r
, "Remounting '%s' timed out, issuing SIGKILL to PID " PID_FMT
".", m
->path
, pid
);
446 (void) kill(pid
, SIGKILL
);
447 } else if (r
== -EPROTO
)
448 log_debug_errno(r
, "Remounting '%s' failed abnormally, child process " PID_FMT
" aborted or exited non-zero.", m
->path
, pid
);
450 log_error_errno(r
, "Remounting '%s' failed unexpectedly, couldn't wait for child process " PID_FMT
": %m", m
->path
, pid
);
455 static int umount_with_timeout(MountPoint
*m
, int umount_log_level
) {
459 BLOCK_SIGNALS(SIGCHLD
);
463 /* Due to the possiblity of a umount operation hanging, we
464 * fork a child process and set a timeout. If the timeout
465 * lapses, the assumption is that that particular umount
467 r
= safe_fork("(sd-umount)", FORK_RESET_SIGNALS
|FORK_CLOSE_ALL_FDS
|FORK_LOG
|FORK_REOPEN_LOG
, &pid
);
471 log_info("Unmounting '%s'.", m
->path
);
473 /* Start the mount operation here in the child Using MNT_FORCE
474 * causes some filesystems (e.g. FUSE and NFS and other network
475 * filesystems) to abort any pending requests and return -EIO
476 * rather than blocking indefinitely. If the filesysten is
477 * "busy", this may allow processes to die, thus making the
478 * filesystem less busy so the unmount might succeed (rather
479 * then return EBUSY).*/
480 r
= umount2(m
->path
, MNT_FORCE
);
482 log_full_errno(umount_log_level
, errno
, "Failed to unmount %s: %m", m
->path
);
484 _exit(r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
);
487 r
= wait_for_terminate_with_timeout(pid
, DEFAULT_TIMEOUT_USEC
);
488 if (r
== -ETIMEDOUT
) {
489 log_error_errno(r
, "Unmounting '%s' timed out, issuing SIGKILL to PID " PID_FMT
".", m
->path
, pid
);
490 (void) kill(pid
, SIGKILL
);
491 } else if (r
== -EPROTO
)
492 log_debug_errno(r
, "Unmounting '%s' failed abnormally, child process " PID_FMT
" aborted or exited non-zero.", m
->path
, pid
);
494 log_error_errno(r
, "Unmounting '%s' failed unexpectedly, couldn't wait for child process " PID_FMT
": %m", m
->path
, pid
);
499 /* This includes remounting readonly, which changes the kernel mount options.
500 * Therefore the list passed to this function is invalidated, and should not be reused. */
501 static int mount_points_list_umount(MountPoint
**head
, bool *changed
, int umount_log_level
) {
508 LIST_FOREACH(mount_point
, m
, *head
) {
509 if (m
->try_remount_ro
) {
510 /* We always try to remount directories
511 * read-only first, before we go on and umount
514 * Mount points can be stacked. If a mount
515 * point is stacked below / or /usr, we
516 * cannot umount or remount it directly,
517 * since there is no way to refer to the
518 * underlying mount. There's nothing we can do
519 * about it for the general case, but we can
520 * do something about it if it is aliased
521 * somehwere else via a bind mount. If we
522 * explicitly remount the super block of that
523 * alias read-only we hence should be
524 * relatively safe regarding keeping a dirty fs
525 * we cannot otherwise see.
527 * Since the remount can hang in the instance of
528 * remote filesystems, we remount asynchronously
529 * and skip the subsequent umount if it fails. */
530 if (remount_with_timeout(m
, umount_log_level
) < 0) {
531 /* Remount failed, but try unmounting anyway,
532 * unless this is a mount point we want to skip. */
533 if (nonunmountable_path(m
->path
)) {
540 /* Skip / and /usr since we cannot unmount that
541 * anyway, since we are running from it. They have
542 * already been remounted ro. */
543 if (nonunmountable_path(m
->path
))
546 /* Trying to umount */
547 if (umount_with_timeout(m
, umount_log_level
) < 0)
556 static int swap_points_list_off(MountPoint
**head
, bool *changed
) {
563 LIST_FOREACH_SAFE(mount_point
, m
, n
, *head
) {
564 log_info("Deactivating swap %s.", m
->path
);
565 if (swapoff(m
->path
) == 0) {
567 mount_point_free(head
, m
);
569 log_warning_errno(errno
, "Could not deactivate swap %s: %m", m
->path
);
577 static int loopback_points_list_detach(MountPoint
**head
, bool *changed
, int umount_log_level
) {
585 k
= lstat("/", &root_st
);
587 LIST_FOREACH_SAFE(mount_point
, m
, n
, *head
) {
589 struct stat loopback_st
;
592 major(root_st
.st_dev
) != 0 &&
593 lstat(m
->path
, &loopback_st
) >= 0 &&
594 root_st
.st_dev
== loopback_st
.st_rdev
) {
599 log_info("Detaching loopback %s.", m
->path
);
600 r
= delete_loopback(m
->path
);
605 mount_point_free(head
, m
);
607 log_full_errno(umount_log_level
, errno
, "Could not detach loopback %s: %m", m
->path
);
615 static int dm_points_list_detach(MountPoint
**head
, bool *changed
, int umount_log_level
) {
623 r
= get_block_device("/", &rootdev
);
627 LIST_FOREACH_SAFE(mount_point
, m
, n
, *head
) {
629 if (major(rootdev
) != 0 && rootdev
== m
->devnum
) {
634 log_info("Detaching DM %u:%u.", major(m
->devnum
), minor(m
->devnum
));
635 r
= delete_dm(m
->devnum
);
638 mount_point_free(head
, m
);
640 log_full_errno(umount_log_level
, errno
, "Could not detach DM %s: %m", m
->path
);
648 static int umount_all_once(bool *changed
, int umount_log_level
) {
650 LIST_HEAD(MountPoint
, mp_list_head
);
654 LIST_HEAD_INIT(mp_list_head
);
655 r
= mount_points_list_get(&mp_list_head
);
659 r
= mount_points_list_umount(&mp_list_head
, changed
, umount_log_level
);
662 mount_points_list_free(&mp_list_head
);
667 int umount_all(bool *changed
, int umount_log_level
) {
673 /* Retry umount, until nothing can be umounted anymore. Mounts are
674 * processed in order, newest first. The retries are needed when
675 * an old mount has been moved, to a path inside a newer mount. */
677 umount_changed
= false;
679 r
= umount_all_once(&umount_changed
, umount_log_level
);
682 } while (umount_changed
);
687 int swapoff_all(bool *changed
) {
689 LIST_HEAD(MountPoint
, swap_list_head
);
693 LIST_HEAD_INIT(swap_list_head
);
695 r
= swap_list_get(&swap_list_head
);
699 r
= swap_points_list_off(&swap_list_head
, changed
);
702 mount_points_list_free(&swap_list_head
);
707 int loopback_detach_all(bool *changed
, int umount_log_level
) {
709 LIST_HEAD(MountPoint
, loopback_list_head
);
713 LIST_HEAD_INIT(loopback_list_head
);
715 r
= loopback_list_get(&loopback_list_head
);
719 r
= loopback_points_list_detach(&loopback_list_head
, changed
, umount_log_level
);
722 mount_points_list_free(&loopback_list_head
);
727 int dm_detach_all(bool *changed
, int umount_log_level
) {
729 LIST_HEAD(MountPoint
, dm_list_head
);
733 LIST_HEAD_INIT(dm_list_head
);
735 r
= dm_list_get(&dm_list_head
);
739 r
= dm_points_list_detach(&dm_list_head
, changed
, umount_log_level
);
742 mount_points_list_free(&dm_list_head
);