[thirdparty/systemd.git] / src / import / pull-tar.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <curl/curl.h>
#include <sys/prctl.h>

#include "sd-daemon.h"

#include "alloc-util.h"
#include "btrfs-util.h"
#include "copy.h"
#include "curl-util.h"
#include "fd-util.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
#include "install-file.h"
#include "macro.h"
#include "mkdir.h"
#include "path-util.h"
#include "process-util.h"
#include "pull-common.h"
#include "pull-job.h"
#include "pull-tar.h"
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
#include "tmpfile-util.h"
#include "user-util.h"
#include "utf8.h"
#include "util.h"
#include "web-util.h"

typedef enum TarProgress {
        TAR_DOWNLOADING,
        TAR_VERIFYING,
        TAR_FINALIZING,
        TAR_COPYING,
} TarProgress;

struct TarPull {
        sd_event *event;
        CurlGlue *glue;

        PullFlags flags;
        ImportVerify verify;
        char *image_root;

        PullJob *tar_job;
        PullJob *checksum_job;
        PullJob *signature_job;
        PullJob *settings_job;

        TarPullFinished on_finished;
        void *userdata;

        char *local;

        pid_t tar_pid;

        char *final_path;
        char *temp_path;

        char *settings_path;
        char *settings_temp_path;

        char *checksum;
};

TarPull* tar_pull_unref(TarPull *i) {
        if (!i)
                return NULL;

        if (i->tar_pid > 1)
                sigkill_wait(i->tar_pid);

        pull_job_unref(i->tar_job);
        pull_job_unref(i->checksum_job);
        pull_job_unref(i->signature_job);
        pull_job_unref(i->settings_job);

        curl_glue_unref(i->glue);
        sd_event_unref(i->event);

        rm_rf_subvolume_and_free(i->temp_path);
        unlink_and_free(i->settings_temp_path);

        free(i->final_path);
        free(i->settings_path);
        free(i->image_root);
        free(i->local);
        free(i->checksum);

        return mfree(i);
}

int tar_pull_new(
                TarPull **ret,
                sd_event *event,
                const char *image_root,
                TarPullFinished on_finished,
                void *userdata) {

        _cleanup_(curl_glue_unrefp) CurlGlue *g = NULL;
        _cleanup_(sd_event_unrefp) sd_event *e = NULL;
        _cleanup_(tar_pull_unrefp) TarPull *i = NULL;
        _cleanup_free_ char *root = NULL;
        int r;

        assert(ret);

        root = strdup(image_root ?: "/var/lib/machines");
        if (!root)
                return -ENOMEM;

        if (event)
                e = sd_event_ref(event);
        else {
                r = sd_event_default(&e);
                if (r < 0)
                        return r;
        }

        r = curl_glue_new(&g, e);
        if (r < 0)
                return r;

        i = new(TarPull, 1);
        if (!i)
                return -ENOMEM;

        *i = (TarPull) {
                .on_finished = on_finished,
                .userdata = userdata,
                .image_root = TAKE_PTR(root),
                .event = TAKE_PTR(e),
                .glue = TAKE_PTR(g),
        };

        i->glue->on_finished = pull_job_curl_on_finished;
        i->glue->userdata = i;

        *ret = TAKE_PTR(i);

        return 0;
}

static void tar_pull_report_progress(TarPull *i, TarProgress p) {
        unsigned percent;

        assert(i);

        switch (p) {

        case TAR_DOWNLOADING: {
                unsigned remain = 85;

                percent = 0;

                if (i->checksum_job) {
                        percent += i->checksum_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->signature_job) {
                        percent += i->signature_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->settings_job) {
                        percent += i->settings_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->tar_job)
                        percent += i->tar_job->progress_percent * remain / 100;
                break;
        }

        case TAR_VERIFYING:
                percent = 85;
                break;

        case TAR_FINALIZING:
                percent = 90;
                break;

        case TAR_COPYING:
                percent = 95;
                break;

        default:
                assert_not_reached();
        }

        sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
        log_debug("Combined progress %u%%", percent);
}

static int tar_pull_determine_path(
                TarPull *i,
                const char *suffix,
                char **field /* input + output (!) */) {
        int r;

        assert(i);
        assert(field);

        if (*field)
                return 0;

        assert(i->tar_job);

        r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field);
        if (r < 0)
                return log_oom();

        return 1;
}

static int tar_pull_make_local_copy(TarPull *i) {
        _cleanup_(rm_rf_subvolume_and_freep) char *t = NULL;
        const char *p;
        int r;

        assert(i);
        assert(i->tar_job);

        if (!i->local)
                return 0;

        assert(i->final_path);

        p = prefix_roota(i->image_root, i->local);

        r = tempfn_random(p, NULL, &t);
        if (r < 0)
                return log_error_errno(r, "Failed to generate temporary filename for %s: %m", p);

        if (i->flags & PULL_BTRFS_SUBVOL)
                r = btrfs_subvol_snapshot(
                                i->final_path,
                                t,
                                (i->flags & PULL_BTRFS_QUOTA ? BTRFS_SNAPSHOT_QUOTA : 0)|
                                BTRFS_SNAPSHOT_FALLBACK_COPY|
                                BTRFS_SNAPSHOT_FALLBACK_DIRECTORY|
                                BTRFS_SNAPSHOT_RECURSIVE);
        else
                r = copy_tree(i->final_path, t, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_HARDLINKS);
        if (r < 0)
                return log_error_errno(r, "Failed to create local image: %m");

        r = install_file(AT_FDCWD, t,
                         AT_FDCWD, p,
                         (i->flags & PULL_FORCE ? INSTALL_REPLACE : 0) |
                         (i->flags & PULL_READ_ONLY ? INSTALL_READ_ONLY : 0) |
                         (i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
        if (r < 0)
                return log_error_errno(r, "Failed to install local image '%s': %m", p);

        t = mfree(t);

        log_info("Created new local image '%s'.", i->local);

        if (FLAGS_SET(i->flags, PULL_SETTINGS)) {
                const char *local_settings;
                assert(i->settings_job);

                r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
                if (r < 0)
                        return r;

                local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");

                r = copy_file_atomic(
                                i->settings_path,
                                local_settings,
                                0664,
                                0, 0,
                                COPY_REFLINK |
                                (FLAGS_SET(i->flags, PULL_FORCE) ? COPY_REPLACE : 0) |
                                (FLAGS_SET(i->flags, PULL_SYNC) ? COPY_FSYNC_FULL : 0));
                if (r == -EEXIST)
                        log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
                else if (r == -ENOENT)
                        log_debug_errno(r, "Skipping creation of settings file, since none was found.");
                else if (r < 0)
                        log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
                else
                        log_info("Created new settings file %s.", local_settings);
        }

        return 0;
}

static bool tar_pull_is_done(TarPull *i) {
        assert(i);
        assert(i->tar_job);

        if (!PULL_JOB_IS_COMPLETE(i->tar_job))
                return false;
        if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
                return false;
        if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
                return false;
        if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
                return false;

        return true;
}

static void tar_pull_job_on_finished(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        if (j->error != 0) {
                if (j == i->tar_job) {
                        if (j->error == ENOMEDIUM) /* HTTP 404 */
                                r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
                        else
                                r = log_error_errno(j->error, "Failed to retrieve image file.");
                        goto finish;
                } else if (j == i->checksum_job) {
                        r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
                        goto finish;
                } else if (j == i->signature_job)
                        log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
                else if (j == i->settings_job)
                        log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
                else
                        assert("unexpected job");
        }

        /* This is invoked if either the download completed successfully, or the download was skipped because
         * we already have the etag. */

        if (!tar_pull_is_done(i))
                return;

        if (i->signature_job && i->signature_job->error != 0) {
                VerificationStyle style;

                assert(i->checksum_job);

                r = verification_style_from_url(i->checksum_job->url, &style);
                if (r < 0) {
                        log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
                        goto finish;
                }

                if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters
                                                            * in per-directory verification mode, since only
                                                            * then the signature is detached, and thus a file
                                                            * of its own. */
                        r = log_error_errno(i->signature_job->error,
                                            "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
                        goto finish;
                }
        }

        pull_job_close_disk_fd(i->tar_job);
        pull_job_close_disk_fd(i->settings_job);

        if (i->tar_pid > 0) {
                r = wait_for_terminate_and_check("tar", TAKE_PID(i->tar_pid), WAIT_LOG);
                if (r < 0)
                        goto finish;
                if (r != EXIT_SUCCESS) {
                        r = -EIO;
                        goto finish;
                }
        }

        if (!i->tar_job->etag_exists) {
                /* This is a new download, verify it, and move it into place */

                tar_pull_report_progress(i, TAR_VERIFYING);

                r = pull_verify(i->verify,
                                i->checksum,
                                i->tar_job,
                                i->checksum_job,
                                i->signature_job,
                                i->settings_job,
                                /* roothash_job = */ NULL,
                                /* roothash_signature_job = */ NULL,
                                /* verity_job = */ NULL);
                if (r < 0)
                        goto finish;
        }

        if (i->flags & PULL_DIRECT) {
                assert(!i->settings_job);
                assert(i->local);
                assert(!i->temp_path);

                tar_pull_report_progress(i, TAR_FINALIZING);

                r = import_mangle_os_tree(i->local);
                if (r < 0)
                        goto finish;

                r = install_file(
                                AT_FDCWD, i->local,
                                AT_FDCWD, NULL,
                                (i->flags & PULL_READ_ONLY) ? INSTALL_READ_ONLY : 0 |
                                (i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
                if (r < 0) {
                        log_error_errno(r, "Failed to finalize '%s': %m", i->local);
                        goto finish;
                }
        } else {
                r = tar_pull_determine_path(i, NULL, &i->final_path);
                if (r < 0)
                        goto finish;

                if (!i->tar_job->etag_exists) {
                        /* This is a new download, verify it, and move it into place */

                        assert(i->temp_path);
                        assert(i->final_path);

                        tar_pull_report_progress(i, TAR_FINALIZING);

                        r = import_mangle_os_tree(i->temp_path);
                        if (r < 0)
                                goto finish;

                        r = install_file(
                                        AT_FDCWD, i->temp_path,
                                        AT_FDCWD, i->final_path,
                                        INSTALL_READ_ONLY|
                                        (i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
                        if (r < 0) {
                                log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
                                goto finish;
                        }

                        i->temp_path = mfree(i->temp_path);

                        if (i->settings_job &&
                            i->settings_job->error == 0) {

                                /* Also move the settings file into place, if it exists. Note that we do so only if we also
                                 * moved the tar file in place, to keep things strictly in sync. */
                                assert(i->settings_temp_path);

                                /* Regenerate final name for this auxiliary file, we might know the etag of the file now, and
                                 * we should incorporate it in the file name if we can */
                                i->settings_path = mfree(i->settings_path);

                                r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
                                if (r < 0)
                                        goto finish;

                                r = install_file(
                                                AT_FDCWD, i->settings_temp_path,
                                                AT_FDCWD, i->settings_path,
                                                INSTALL_READ_ONLY|
                                                (i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
                                if (r < 0) {
                                        log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
                                        goto finish;
                                }

                                i->settings_temp_path = mfree(i->settings_temp_path);
                        }
                }

                tar_pull_report_progress(i, TAR_COPYING);

                r = tar_pull_make_local_copy(i);
                if (r < 0)
                        goto finish;
        }

        r = 0;

finish:
        if (i->on_finished)
                i->on_finished(i, r, i->userdata);
        else
                sd_event_exit(i->event, r);
}

static int tar_pull_job_on_open_disk_tar(PullJob *j) {
        const char *where;
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->tar_job == j);
        assert(i->tar_pid <= 0);

        if (i->flags & PULL_DIRECT)
                where = i->local;
        else {
                if (!i->temp_path) {
                        r = tempfn_random_child(i->image_root, "tar", &i->temp_path);
                        if (r < 0)
                                return log_oom();
                }

                where = i->temp_path;
        }

        (void) mkdir_parents_label(where, 0700);

        if (FLAGS_SET(i->flags, PULL_DIRECT|PULL_FORCE))
                (void) rm_rf(where, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);

        if (i->flags & PULL_BTRFS_SUBVOL)
                r = btrfs_subvol_make_fallback(where, 0755);
        else
                r = mkdir(where, 0755) < 0 ? -errno : 0;
        if (r == -EEXIST && (i->flags & PULL_DIRECT)) /* EEXIST is OK if in direct mode, but not otherwise,
                                                       * because in that case our temporary path collided */
                r = 0;
        if (r < 0)
                return log_error_errno(r, "Failed to create directory/subvolume %s: %m", where);
        if (r > 0 && (i->flags & PULL_BTRFS_QUOTA)) { /* actually btrfs subvol */
                if (!(i->flags & PULL_DIRECT))
                        (void) import_assign_pool_quota_and_warn(i->image_root);
                (void) import_assign_pool_quota_and_warn(where);
        }

        j->disk_fd = import_fork_tar_x(where, &i->tar_pid);
        if (j->disk_fd < 0)
                return j->disk_fd;

        return 0;
}

static int tar_pull_job_on_open_disk_settings(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->settings_job == j);

        if (!i->settings_temp_path) {
                r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path);
                if (r < 0)
                        return log_oom();
        }

        (void) mkdir_parents_label(i->settings_temp_path, 0700);

        j->disk_fd = open(i->settings_temp_path, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
        if (j->disk_fd < 0)
                return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);

        return 0;
}

static void tar_pull_job_on_progress(PullJob *j) {
        TarPull *i;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        tar_pull_report_progress(i, TAR_DOWNLOADING);
}

int tar_pull_start(
                TarPull *i,
                const char *url,
                const char *local,
                PullFlags flags,
                ImportVerify verify,
                const char *checksum) {

        PullJob *j;
        int r;

        assert(i);
        assert(verify == _IMPORT_VERIFY_INVALID || verify < _IMPORT_VERIFY_MAX);
        assert(verify == _IMPORT_VERIFY_INVALID || verify >= 0);
        assert((verify < 0) || !checksum);
        assert(!(flags & ~PULL_FLAGS_MASK_TAR));
        assert(!(flags & PULL_SETTINGS) || !(flags & PULL_DIRECT));
        assert(!(flags & PULL_SETTINGS) || !checksum);

        if (!http_url_is_valid(url) && !file_url_is_valid(url))
                return -EINVAL;

        if (local && !pull_validate_local(local, flags))
                return -EINVAL;

        if (i->tar_job)
                return -EBUSY;

        r = free_and_strdup(&i->local, local);
        if (r < 0)
                return r;

        r = free_and_strdup(&i->checksum, checksum);
        if (r < 0)
                return r;

        i->flags = flags;
        i->verify = verify;

        /* Set up download job for TAR file */
        r = pull_job_new(&i->tar_job, url, i->glue, i);
        if (r < 0)
                return r;

        i->tar_job->on_finished = tar_pull_job_on_finished;
        i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
        i->tar_job->calc_checksum = checksum || IN_SET(verify, IMPORT_VERIFY_CHECKSUM, IMPORT_VERIFY_SIGNATURE);

        if (!FLAGS_SET(flags, PULL_DIRECT)) {
                r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
                if (r < 0)
                        return r;
        }

        /* Set up download of checksum/signature files */
        r = pull_make_verification_jobs(
                        &i->checksum_job,
                        &i->signature_job,
                        verify,
                        checksum,
                        url,
                        i->glue,
                        tar_pull_job_on_finished,
                        i);
        if (r < 0)
                return r;

        /* Set up download job for the settings file (.nspawn) */
        if (FLAGS_SET(flags, PULL_SETTINGS)) {
                r = pull_make_auxiliary_job(
                                &i->settings_job,
                                url,
                                tar_strip_suffixes,
                                ".nspawn",
                                verify,
                                i->glue,
                                tar_pull_job_on_open_disk_settings,
                                tar_pull_job_on_finished,
                                i);
                if (r < 0)
                        return r;
        }

        FOREACH_POINTER(j,
                        i->tar_job,
                        i->checksum_job,
                        i->signature_job,
                        i->settings_job) {

                if (!j)
                        continue;

                j->on_progress = tar_pull_job_on_progress;
                j->sync = FLAGS_SET(flags, PULL_SYNC);

                r = pull_job_begin(j);
                if (r < 0)
                        return r;
        }

        return 0;
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
56ebfaf1	2
56ebfaf1	3	#include <curl/curl.h>
cf0fbc49	4	#include <sys/prctl.h>
56ebfaf1	5
7079cfef	6	#include "sd-daemon.h"
07630cea	7
b5efdb8a	8	#include "alloc-util.h"
56ebfaf1	9	#include "btrfs-util.h"
07630cea LP	10	#include "copy.h"
07630cea LP	11	#include "curl-util.h"
3ffd4af2	12	#include "fd-util.h"
f4f15635	13	#include "fs-util.h"
07630cea LP	14	#include "hostname-util.h"
	15	#include "import-common.h"
	16	#include "import-util.h"
c40d82ab	17	#include "install-file.h"
56ebfaf1 LP	18	#include "macro.h"
56ebfaf1 LP	19	#include "mkdir.h"
26166c88	20	#include "path-util.h"
25300b5a	21	#include "process-util.h"
dc2c282b	22	#include "pull-common.h"
07630cea	23	#include "pull-job.h"
3ffd4af2	24	#include "pull-tar.h"
07630cea LP	25	#include "rm-rf.h"
	26	#include "string-util.h"
	27	#include "strv.h"
e4de7287	28	#include "tmpfile-util.h"
c40d82ab	29	#include "user-util.h"
07630cea LP	30	#include "utf8.h"
07630cea LP	31	#include "util.h"
49cf4170	32	#include "web-util.h"
56ebfaf1	33
7079cfef LP	34	typedef enum TarProgress {
	35	TAR_DOWNLOADING,
	36	TAR_VERIFYING,
	37	TAR_FINALIZING,
	38	TAR_COPYING,
	39	} TarProgress;
	40
dc2c282b	41	struct TarPull {
56ebfaf1 LP	42	sd_event *event;
	43	CurlGlue *glue;
	44
133b34f6 LP	45	PullFlags flags;
133b34f6 LP	46	ImportVerify verify;
56ebfaf1 LP	47	char *image_root;
56ebfaf1 LP	48
dc2c282b LP	49	PullJob *tar_job;
	50	PullJob *checksum_job;
	51	PullJob *signature_job;
133b34f6	52	PullJob *settings_job;
56ebfaf1	53
dc2c282b	54	TarPullFinished on_finished;
56ebfaf1 LP	55	void *userdata;
56ebfaf1 LP	56
56ebfaf1	57	char *local;
56ebfaf1 LP	58
	59	pid_t tar_pid;
	60
56ebfaf1	61	char *final_path;
9854730b LP	62	char *temp_path;
	63
	64	char *settings_path;
	65	char *settings_temp_path;
c40d82ab LP	66
c40d82ab LP	67	char *checksum;
56ebfaf1 LP	68	};
56ebfaf1 LP	69
dc2c282b	70	TarPull* tar_pull_unref(TarPull *i) {
56ebfaf1 LP	71	if (!i)
	72	return NULL;
	73
7950211d LP	74	if (i->tar_pid > 1)
7950211d LP	75	sigkill_wait(i->tar_pid);
56ebfaf1	76
dc2c282b LP	77	pull_job_unref(i->tar_job);
	78	pull_job_unref(i->checksum_job);
	79	pull_job_unref(i->signature_job);
133b34f6	80	pull_job_unref(i->settings_job);
56ebfaf1 LP	81
	82	curl_glue_unref(i->glue);
	83	sd_event_unref(i->event);
	84
133b34f6 LP	85	rm_rf_subvolume_and_free(i->temp_path);
133b34f6 LP	86	unlink_and_free(i->settings_temp_path);
9854730b	87
56ebfaf1	88	free(i->final_path);
9854730b	89	free(i->settings_path);
56ebfaf1 LP	90	free(i->image_root);
56ebfaf1 LP	91	free(i->local);
c40d82ab	92	free(i->checksum);
e0061812	93
6b430fdb	94	return mfree(i);
56ebfaf1 LP	95	}
56ebfaf1 LP	96
dc2c282b LP	97	int tar_pull_new(
dc2c282b LP	98	TarPull **ret,
8b71fce8 LP	99	sd_event *event,
8b71fce8 LP	100	const char *image_root,
dc2c282b	101	TarPullFinished on_finished,
8b71fce8 LP	102	void *userdata) {
8b71fce8 LP	103
0d94088e YW	104	_cleanup_(curl_glue_unrefp) CurlGlue *g = NULL;
0d94088e YW	105	_cleanup_(sd_event_unrefp) sd_event *e = NULL;
dc2c282b	106	_cleanup_(tar_pull_unrefp) TarPull *i = NULL;
0d94088e	107	_cleanup_free_ char *root = NULL;
56ebfaf1 LP	108	int r;
	109
	110	assert(ret);
56ebfaf1	111
0d94088e YW	112	root = strdup(image_root ?: "/var/lib/machines");
0d94088e YW	113	if (!root)
56ebfaf1 LP	114	return -ENOMEM;
56ebfaf1 LP	115
9854730b	116	if (event)
0d94088e	117	e = sd_event_ref(event);
9854730b	118	else {
0d94088e	119	r = sd_event_default(&e);
9854730b LP	120	if (r < 0)
	121	return r;
	122	}
56ebfaf1	123
0d94088e	124	r = curl_glue_new(&g, e);
56ebfaf1 LP	125	if (r < 0)
	126	return r;
	127
0d94088e YW	128	i = new(TarPull, 1);
	129	if (!i)
	130	return -ENOMEM;
	131
	132	*i = (TarPull) {
	133	.on_finished = on_finished,
	134	.userdata = userdata,
	135	.image_root = TAKE_PTR(root),
0d94088e YW	136	.event = TAKE_PTR(e),
	137	.glue = TAKE_PTR(g),
	138	};
	139
dc2c282b	140	i->glue->on_finished = pull_job_curl_on_finished;
56ebfaf1 LP	141	i->glue->userdata = i;
56ebfaf1 LP	142
1cc6c93a	143	*ret = TAKE_PTR(i);
56ebfaf1 LP	144
	145	return 0;
	146	}
	147
dc2c282b	148	static void tar_pull_report_progress(TarPull *i, TarProgress p) {
7079cfef LP	149	unsigned percent;
	150
	151	assert(i);
	152
	153	switch (p) {
	154
	155	case TAR_DOWNLOADING: {
	156	unsigned remain = 85;
	157
	158	percent = 0;
	159
	160	if (i->checksum_job) {
	161	percent += i->checksum_job->progress_percent * 5 / 100;
	162	remain -= 5;
	163	}
	164
	165	if (i->signature_job) {
	166	percent += i->signature_job->progress_percent * 5 / 100;
	167	remain -= 5;
	168	}
	169
133b34f6 LP	170	if (i->settings_job) {
	171	percent += i->settings_job->progress_percent * 5 / 100;
	172	remain -= 5;
	173	}
	174
7079cfef LP	175	if (i->tar_job)
	176	percent += i->tar_job->progress_percent * remain / 100;
	177	break;
	178	}
	179
	180	case TAR_VERIFYING:
	181	percent = 85;
	182	break;
	183
	184	case TAR_FINALIZING:
	185	percent = 90;
	186	break;
	187
	188	case TAR_COPYING:
	189	percent = 95;
	190	break;
	191
	192	default:
04499a70	193	assert_not_reached();
7079cfef LP	194	}
	195
	196	sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
	197	log_debug("Combined progress %u%%", percent);
	198	}
	199
c40d82ab LP	200	static int tar_pull_determine_path(
	201	TarPull *i,
	202	const char *suffix,
	203	char *field / input + output (!) */) {
91359193 LP	204	int r;
	205
	206	assert(i);
	207	assert(field);
	208
	209	if (*field)
	210	return 0;
	211
	212	assert(i->tar_job);
	213
	214	r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field);
	215	if (r < 0)
	216	return log_oom();
	217
	218	return 1;
	219	}
	220
dc2c282b	221	static int tar_pull_make_local_copy(TarPull *i) {
c40d82ab LP	222	_cleanup_(rm_rf_subvolume_and_freep) char *t = NULL;
c40d82ab LP	223	const char *p;
0d6e763b LP	224	int r;
	225
	226	assert(i);
	227	assert(i->tar_job);
	228
	229	if (!i->local)
	230	return 0;
	231
c40d82ab LP	232	assert(i->final_path);
	233
	234	p = prefix_roota(i->image_root, i->local);
	235
	236	r = tempfn_random(p, NULL, &t);
0100b6e1	237	if (r < 0)
c40d82ab LP	238	return log_error_errno(r, "Failed to generate temporary filename for %s: %m", p);
	239
	240	if (i->flags & PULL_BTRFS_SUBVOL)
	241	r = btrfs_subvol_snapshot(
	242	i->final_path,
	243	t,
	244	(i->flags & PULL_BTRFS_QUOTA ? BTRFS_SNAPSHOT_QUOTA : 0)\|
	245	BTRFS_SNAPSHOT_FALLBACK_COPY\|
	246	BTRFS_SNAPSHOT_FALLBACK_DIRECTORY\|
	247	BTRFS_SNAPSHOT_RECURSIVE);
	248	else
	249	r = copy_tree(i->final_path, t, UID_INVALID, GID_INVALID, COPY_REFLINK\|COPY_HARDLINKS);
	250	if (r < 0)
	251	return log_error_errno(r, "Failed to create local image: %m");
	252
	253	r = install_file(AT_FDCWD, t,
	254	AT_FDCWD, p,
	255	(i->flags & PULL_FORCE ? INSTALL_REPLACE : 0) \|
	256	(i->flags & PULL_READ_ONLY ? INSTALL_READ_ONLY : 0) \|
	257	(i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
	258	if (r < 0)
	259	return log_error_errno(r, "Failed to install local image '%s': %m", p);
	260
	261	t = mfree(t);
	262
	263	log_info("Created new local image '%s'.", i->local);
0100b6e1	264
133b34f6	265	if (FLAGS_SET(i->flags, PULL_SETTINGS)) {
9854730b LP	266	const char *local_settings;
	267	assert(i->settings_job);
	268
91359193 LP	269	r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
	270	if (r < 0)
	271	return r;
9854730b LP	272
	273	local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");
	274
c40d82ab LP	275	r = copy_file_atomic(
	276	i->settings_path,
	277	local_settings,
	278	0664,
	279	0, 0,
	280	COPY_REFLINK \|
	281	(FLAGS_SET(i->flags, PULL_FORCE) ? COPY_REPLACE : 0) \|
	282	(FLAGS_SET(i->flags, PULL_SYNC) ? COPY_FSYNC_FULL : 0));
9854730b LP	283	if (r == -EEXIST)
9854730b LP	284	log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
33859a6b LP	285	else if (r == -ENOENT)
	286	log_debug_errno(r, "Skipping creation of settings file, since none was found.");
	287	else if (r < 0)
79b6198b LP	288	log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
79b6198b LP	289	else
33859a6b	290	log_info("Created new settings file %s.", local_settings);
9854730b LP	291	}
9854730b LP	292
0d6e763b LP	293	return 0;
	294	}
	295
dc2c282b	296	static bool tar_pull_is_done(TarPull *i) {
8b71fce8 LP	297	assert(i);
	298	assert(i->tar_job);
	299
9854730b	300	if (!PULL_JOB_IS_COMPLETE(i->tar_job))
8b71fce8	301	return false;
9854730b LP	302	if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
	303	return false;
	304	if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
8b71fce8	305	return false;
133b34f6 LP	306	if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
133b34f6 LP	307	return false;
8b71fce8 LP	308
	309	return true;
	310	}
	311
dc2c282b LP	312	static void tar_pull_job_on_finished(PullJob *j) {
dc2c282b LP	313	TarPull *i;
56ebfaf1 LP	314	int r;
	315
	316	assert(j);
	317	assert(j->userdata);
	318
	319	i = j->userdata;
9854730b	320
c40d82ab LP	321	if (j->error != 0) {
	322	if (j == i->tar_job) {
	323	if (j->error == ENOMEDIUM) /* HTTP 404 */
	324	r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
	325	else
	326	r = log_error_errno(j->error, "Failed to retrieve image file.");
	327	goto finish;
	328	} else if (j == i->checksum_job) {
	329	r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
	330	goto finish;
	331	} else if (j == i->signature_job)
	332	log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
	333	else if (j == i->settings_job)
9854730b	334	log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
0100b6e1	335	else
c40d82ab	336	assert("unexpected job");
56ebfaf1 LP	337	}
56ebfaf1 LP	338
c33e405f LP	339	/* This is invoked if either the download completed successfully, or the download was skipped because
c33e405f LP	340	* we already have the etag. */
56ebfaf1	341
dc2c282b	342	if (!tar_pull_is_done(i))
0100b6e1 LP	343	return;
0100b6e1 LP	344
f14717a7 LP	345	if (i->signature_job && i->signature_job->error != 0) {
f14717a7 LP	346	VerificationStyle style;
697be0be	347
c40d82ab LP	348	assert(i->checksum_job);
c40d82ab LP	349
f14717a7 LP	350	r = verification_style_from_url(i->checksum_job->url, &style);
	351	if (r < 0) {
	352	log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
	353	goto finish;
	354	}
	355
	356	if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters
	357	* in per-directory verification mode, since only
	358	* then the signature is detached, and thus a file
	359	* of its own. */
c40d82ab LP	360	r = log_error_errno(i->signature_job->error,
c40d82ab LP	361	"Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
f14717a7 LP	362	goto finish;
f14717a7 LP	363	}
697be0be TB	364	}
697be0be TB	365
c40d82ab LP	366	pull_job_close_disk_fd(i->tar_job);
c40d82ab LP	367	pull_job_close_disk_fd(i->settings_job);
91359193	368
56ebfaf1	369	if (i->tar_pid > 0) {
8f03de53	370	r = wait_for_terminate_and_check("tar", TAKE_PID(i->tar_pid), WAIT_LOG);
56ebfaf1 LP	371	if (r < 0)
56ebfaf1 LP	372	goto finish;
b4a34311	373	if (r != EXIT_SUCCESS) {
9854730b LP	374	r = -EIO;
	375	goto finish;
	376	}
56ebfaf1 LP	377	}
56ebfaf1 LP	378
0100b6e1 LP	379	if (!i->tar_job->etag_exists) {
	380	/* This is a new download, verify it, and move it into place */
	381
dc2c282b	382	tar_pull_report_progress(i, TAR_VERIFYING);
7079cfef	383
ff2f7797	384	r = pull_verify(i->verify,
c40d82ab	385	i->checksum,
ff2f7797 LP	386	i->tar_job,
	387	i->checksum_job,
	388	i->signature_job,
	389	i->settings_job,
	390	/* roothash_job = */ NULL,
	391	/* roothash_signature_job = */ NULL,
	392	/* verity_job = */ NULL);
0100b6e1 LP	393	if (r < 0)
0100b6e1 LP	394	goto finish;
c40d82ab	395	}
0100b6e1	396
c40d82ab LP	397	if (i->flags & PULL_DIRECT) {
	398	assert(!i->settings_job);
	399	assert(i->local);
	400	assert(!i->temp_path);
7079cfef	401
c40d82ab	402	tar_pull_report_progress(i, TAR_FINALIZING);
c33e405f	403
c40d82ab	404	r = import_mangle_os_tree(i->local);
56ebfaf1 LP	405	if (r < 0)
	406	goto finish;
	407
c40d82ab LP	408	r = install_file(
	409	AT_FDCWD, i->local,
	410	AT_FDCWD, NULL,
	411	(i->flags & PULL_READ_ONLY) ? INSTALL_READ_ONLY : 0 \|
	412	(i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
f85ef957	413	if (r < 0) {
c40d82ab	414	log_error_errno(r, "Failed to finalize '%s': %m", i->local);
56ebfaf1 LP	415	goto finish;
56ebfaf1 LP	416	}
c40d82ab LP	417	} else {
	418	r = tar_pull_determine_path(i, NULL, &i->final_path);
	419	if (r < 0)
	420	goto finish;
56ebfaf1	421
c40d82ab LP	422	if (!i->tar_job->etag_exists) {
c40d82ab LP	423	/* This is a new download, verify it, and move it into place */
9854730b	424
c40d82ab LP	425	assert(i->temp_path);
c40d82ab LP	426	assert(i->final_path);
91359193	427
c40d82ab	428	tar_pull_report_progress(i, TAR_FINALIZING);
e0061812	429
c40d82ab	430	r = import_mangle_os_tree(i->temp_path);
91359193 LP	431	if (r < 0)
91359193 LP	432	goto finish;
9854730b	433
c40d82ab LP	434	r = install_file(
	435	AT_FDCWD, i->temp_path,
	436	AT_FDCWD, i->final_path,
	437	INSTALL_READ_ONLY\|
	438	(i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
9854730b	439	if (r < 0) {
c40d82ab	440	log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
9854730b LP	441	goto finish;
	442	}
	443
c40d82ab LP	444	i->temp_path = mfree(i->temp_path);
	445
	446	if (i->settings_job &&
	447	i->settings_job->error == 0) {
	448
	449	/* Also move the settings file into place, if it exists. Note that we do so only if we also
	450	* moved the tar file in place, to keep things strictly in sync. */
	451	assert(i->settings_temp_path);
	452
	453	/* Regenerate final name for this auxiliary file, we might know the etag of the file now, and
	454	* we should incorporate it in the file name if we can */
	455	i->settings_path = mfree(i->settings_path);
	456
	457	r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
	458	if (r < 0)
	459	goto finish;
	460
	461	r = install_file(
	462	AT_FDCWD, i->settings_temp_path,
	463	AT_FDCWD, i->settings_path,
	464	INSTALL_READ_ONLY\|
	465	(i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
	466	if (r < 0) {
	467	log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
	468	goto finish;
	469	}
	470
	471	i->settings_temp_path = mfree(i->settings_temp_path);
	472	}
9854730b	473	}
56ebfaf1	474
c40d82ab	475	tar_pull_report_progress(i, TAR_COPYING);
7079cfef	476
c40d82ab LP	477	r = tar_pull_make_local_copy(i);
	478	if (r < 0)
	479	goto finish;
	480	}
0d6e763b	481
56ebfaf1 LP	482	r = 0;
	483
	484	finish:
56ebfaf1 LP	485	if (i->on_finished)
	486	i->on_finished(i, r, i->userdata);
	487	else
	488	sd_event_exit(i->event, r);
	489	}
	490
9854730b	491	static int tar_pull_job_on_open_disk_tar(PullJob *j) {
c40d82ab	492	const char *where;
dc2c282b	493	TarPull *i;
56ebfaf1 LP	494	int r;
	495
	496	assert(j);
	497	assert(j->userdata);
	498
	499	i = j->userdata;
8b71fce8	500	assert(i->tar_job == j);
8b71fce8	501	assert(i->tar_pid <= 0);
56ebfaf1	502
c40d82ab LP	503	if (i->flags & PULL_DIRECT)
	504	where = i->local;
	505	else {
	506	if (!i->temp_path) {
	507	r = tempfn_random_child(i->image_root, "tar", &i->temp_path);
	508	if (r < 0)
	509	return log_oom();
	510	}
	511
	512	where = i->temp_path;
91359193	513	}
56ebfaf1	514
c40d82ab LP	515	(void) mkdir_parents_label(where, 0700);
	516
	517	if (FLAGS_SET(i->flags, PULL_DIRECT\|PULL_FORCE))
	518	(void) rm_rf(where, REMOVE_ROOT\|REMOVE_PHYSICAL\|REMOVE_SUBVOLUME);
56ebfaf1	519
c40d82ab LP	520	if (i->flags & PULL_BTRFS_SUBVOL)
	521	r = btrfs_subvol_make_fallback(where, 0755);
	522	else
	523	r = mkdir(where, 0755) < 0 ? -errno : 0;
	524	if (r == -EEXIST && (i->flags & PULL_DIRECT)) /* EEXIST is OK if in direct mode, but not otherwise,
	525	* because in that case our temporary path collided */
	526	r = 0;
82c4440d	527	if (r < 0)
c40d82ab LP	528	return log_error_errno(r, "Failed to create directory/subvolume %s: %m", where);
	529	if (r > 0 && (i->flags & PULL_BTRFS_QUOTA)) { /* actually btrfs subvol */
	530	if (!(i->flags & PULL_DIRECT))
	531	(void) import_assign_pool_quota_and_warn(i->image_root);
	532	(void) import_assign_pool_quota_and_warn(where);
052ba0eb	533	}
56ebfaf1	534
c40d82ab	535	j->disk_fd = import_fork_tar_x(where, &i->tar_pid);
2c140ded LP	536	if (j->disk_fd < 0)
2c140ded LP	537	return j->disk_fd;
56ebfaf1 LP	538
	539	return 0;
	540	}
	541
9854730b LP	542	static int tar_pull_job_on_open_disk_settings(PullJob *j) {
	543	TarPull *i;
	544	int r;
	545
	546	assert(j);
	547	assert(j->userdata);
	548
	549	i = j->userdata;
	550	assert(i->settings_job == j);
9854730b	551
91359193 LP	552	if (!i->settings_temp_path) {
	553	r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path);
	554	if (r < 0)
	555	return log_oom();
	556	}
9854730b	557
c40d82ab	558	(void) mkdir_parents_label(i->settings_temp_path, 0700);
9854730b LP	559
	560	j->disk_fd = open(i->settings_temp_path, O_RDWR\|O_CREAT\|O_EXCL\|O_NOCTTY\|O_CLOEXEC, 0664);
	561	if (j->disk_fd < 0)
	562	return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);
	563
	564	return 0;
	565	}
	566
dc2c282b LP	567	static void tar_pull_job_on_progress(PullJob *j) {
dc2c282b LP	568	TarPull *i;
7079cfef LP	569
	570	assert(j);
	571	assert(j->userdata);
	572
	573	i = j->userdata;
	574
dc2c282b	575	tar_pull_report_progress(i, TAR_DOWNLOADING);
7079cfef LP	576	}
7079cfef LP	577
9854730b LP	578	int tar_pull_start(
	579	TarPull *i,
	580	const char *url,
	581	const char *local,
133b34f6	582	PullFlags flags,
c40d82ab LP	583	ImportVerify verify,
c40d82ab LP	584	const char *checksum) {
9854730b	585
c40d82ab	586	PullJob *j;
56ebfaf1 LP	587	int r;
	588
	589	assert(i);
c40d82ab LP	590	assert(verify == _IMPORT_VERIFY_INVALID \|\| verify < _IMPORT_VERIFY_MAX);
	591	assert(verify == _IMPORT_VERIFY_INVALID \|\| verify >= 0);
	592	assert((verify < 0) \|\| !checksum);
133b34f6	593	assert(!(flags & ~PULL_FLAGS_MASK_TAR));
c40d82ab LP	594	assert(!(flags & PULL_SETTINGS) \|\| !(flags & PULL_DIRECT));
c40d82ab LP	595	assert(!(flags & PULL_SETTINGS) \|\| !checksum);
56ebfaf1	596
c456862f	597	if (!http_url_is_valid(url) && !file_url_is_valid(url))
56ebfaf1 LP	598	return -EINVAL;
56ebfaf1 LP	599
c40d82ab	600	if (local && !pull_validate_local(local, flags))
56ebfaf1 LP	601	return -EINVAL;
56ebfaf1 LP	602
8b71fce8 LP	603	if (i->tar_job)
	604	return -EBUSY;
	605
56ebfaf1 LP	606	r = free_and_strdup(&i->local, local);
	607	if (r < 0)
	608	return r;
9854730b	609
c40d82ab LP	610	r = free_and_strdup(&i->checksum, checksum);
	611	if (r < 0)
	612	return r;
	613
133b34f6	614	i->flags = flags;
0100b6e1	615	i->verify = verify;
56ebfaf1	616
9854730b	617	/* Set up download job for TAR file */
dc2c282b	618	r = pull_job_new(&i->tar_job, url, i->glue, i);
56ebfaf1 LP	619	if (r < 0)
	620	return r;
	621
dc2c282b	622	i->tar_job->on_finished = tar_pull_job_on_finished;
9854730b	623	i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
c40d82ab	624	i->tar_job->calc_checksum = checksum \|\| IN_SET(verify, IMPORT_VERIFY_CHECKSUM, IMPORT_VERIFY_SIGNATURE);
56ebfaf1	625
c40d82ab LP	626	if (!FLAGS_SET(flags, PULL_DIRECT)) {
	627	r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
	628	if (r < 0)
	629	return r;
	630	}
56ebfaf1	631
133b34f6	632	/* Set up download of checksum/signature files */
c40d82ab LP	633	r = pull_make_verification_jobs(
	634	&i->checksum_job,
	635	&i->signature_job,
	636	verify,
	637	checksum,
	638	url,
	639	i->glue,
	640	tar_pull_job_on_finished,
	641	i);
133b34f6 LP	642	if (r < 0)
	643	return r;
	644
9854730b	645	/* Set up download job for the settings file (.nspawn) */
133b34f6	646	if (FLAGS_SET(flags, PULL_SETTINGS)) {
c40d82ab LP	647	r = pull_make_auxiliary_job(
	648	&i->settings_job,
	649	url,
	650	tar_strip_suffixes,
	651	".nspawn",
	652	verify,
	653	i->glue,
	654	tar_pull_job_on_open_disk_settings,
	655	tar_pull_job_on_finished,
	656	i);
9854730b LP	657	if (r < 0)
9854730b LP	658	return r;
9854730b LP	659	}
9854730b LP	660
c40d82ab LP	661	FOREACH_POINTER(j,
	662	i->tar_job,
	663	i->checksum_job,
	664	i->signature_job,
	665	i->settings_job) {
0100b6e1	666
c40d82ab LP	667	if (!j)
c40d82ab LP	668	continue;
7079cfef	669
c40d82ab LP	670	j->on_progress = tar_pull_job_on_progress;
c40d82ab LP	671	j->sync = FLAGS_SET(flags, PULL_SYNC);
0100b6e1	672
c40d82ab	673	r = pull_job_begin(j);
133b34f6 LP	674	if (r < 0)
	675	return r;
	676	}
	677
0100b6e1	678	return 0;
56ebfaf1	679	}