[thirdparty/systemd.git] / src / import / pull-tar.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <curl/curl.h>
#include <sys/prctl.h>

#include "sd-daemon.h"

#include "alloc-util.h"
#include "btrfs-util.h"
#include "copy.h"
#include "curl-util.h"
#include "fd-util.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
#include "install-file.h"
#include "macro.h"
#include "mkdir-label.h"
#include "path-util.h"
#include "process-util.h"
#include "pull-common.h"
#include "pull-job.h"
#include "pull-tar.h"
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
#include "tmpfile-util.h"
#include "user-util.h"
#include "utf8.h"
#include "web-util.h"

typedef enum TarProgress {
        TAR_DOWNLOADING,
        TAR_VERIFYING,
        TAR_FINALIZING,
        TAR_COPYING,
} TarProgress;

struct TarPull {
        sd_event *event;
        CurlGlue *glue;

        PullFlags flags;
        ImportVerify verify;
        char *image_root;

        PullJob *tar_job;
        PullJob *checksum_job;
        PullJob *signature_job;
        PullJob *settings_job;

        TarPullFinished on_finished;
        void *userdata;

        char *local;

        pid_t tar_pid;

        char *final_path;
        char *temp_path;

        char *settings_path;
        char *settings_temp_path;

        char *checksum;
};

TarPull* tar_pull_unref(TarPull *i) {
        if (!i)
                return NULL;

        if (i->tar_pid > 1)
                sigkill_wait(i->tar_pid);

        pull_job_unref(i->tar_job);
        pull_job_unref(i->checksum_job);
        pull_job_unref(i->signature_job);
        pull_job_unref(i->settings_job);

        curl_glue_unref(i->glue);
        sd_event_unref(i->event);

        rm_rf_subvolume_and_free(i->temp_path);
        unlink_and_free(i->settings_temp_path);

        free(i->final_path);
        free(i->settings_path);
        free(i->image_root);
        free(i->local);
        free(i->checksum);

        return mfree(i);
}

int tar_pull_new(
                TarPull **ret,
                sd_event *event,
                const char *image_root,
                TarPullFinished on_finished,
                void *userdata) {

        _cleanup_(curl_glue_unrefp) CurlGlue *g = NULL;
        _cleanup_(sd_event_unrefp) sd_event *e = NULL;
        _cleanup_(tar_pull_unrefp) TarPull *i = NULL;
        _cleanup_free_ char *root = NULL;
        int r;

        assert(ret);

        root = strdup(image_root ?: "/var/lib/machines");
        if (!root)
                return -ENOMEM;

        if (event)
                e = sd_event_ref(event);
        else {
                r = sd_event_default(&e);
                if (r < 0)
                        return r;
        }

        r = curl_glue_new(&g, e);
        if (r < 0)
                return r;

        i = new(TarPull, 1);
        if (!i)
                return -ENOMEM;

        *i = (TarPull) {
                .on_finished = on_finished,
                .userdata = userdata,
                .image_root = TAKE_PTR(root),
                .event = TAKE_PTR(e),
                .glue = TAKE_PTR(g),
        };

        i->glue->on_finished = pull_job_curl_on_finished;
        i->glue->userdata = i;

        *ret = TAKE_PTR(i);

        return 0;
}

static void tar_pull_report_progress(TarPull *i, TarProgress p) {
        unsigned percent;

        assert(i);

        switch (p) {

        case TAR_DOWNLOADING: {
                unsigned remain = 85;

                percent = 0;

                if (i->checksum_job) {
                        percent += i->checksum_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->signature_job) {
                        percent += i->signature_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->settings_job) {
                        percent += i->settings_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->tar_job)
                        percent += i->tar_job->progress_percent * remain / 100;
                break;
        }

        case TAR_VERIFYING:
                percent = 85;
                break;

        case TAR_FINALIZING:
                percent = 90;
                break;

        case TAR_COPYING:
                percent = 95;
                break;

        default:
                assert_not_reached();
        }

        sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
        log_debug("Combined progress %u%%", percent);
}

static int tar_pull_determine_path(
                TarPull *i,
                const char *suffix,
                char **field /* input + output (!) */) {
        int r;

        assert(i);
        assert(field);

        if (*field)
                return 0;

        assert(i->tar_job);

        r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field);
        if (r < 0)
                return log_oom();

        return 1;
}

static int tar_pull_make_local_copy(TarPull *i) {
        _cleanup_(rm_rf_subvolume_and_freep) char *t = NULL;
        const char *p;
        int r;

        assert(i);
        assert(i->tar_job);

        if (!i->local)
                return 0;

        assert(i->final_path);

        p = prefix_roota(i->image_root, i->local);

        r = tempfn_random(p, NULL, &t);
        if (r < 0)
                return log_error_errno(r, "Failed to generate temporary filename for %s: %m", p);

        if (i->flags & PULL_BTRFS_SUBVOL)
                r = btrfs_subvol_snapshot(
                                i->final_path,
                                t,
                                (i->flags & PULL_BTRFS_QUOTA ? BTRFS_SNAPSHOT_QUOTA : 0)|
                                BTRFS_SNAPSHOT_FALLBACK_COPY|
                                BTRFS_SNAPSHOT_FALLBACK_DIRECTORY|
                                BTRFS_SNAPSHOT_RECURSIVE);
        else
                r = copy_tree(i->final_path, t, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_HARDLINKS, NULL);
        if (r < 0)
                return log_error_errno(r, "Failed to create local image: %m");

        r = install_file(AT_FDCWD, t,
                         AT_FDCWD, p,
                         (i->flags & PULL_FORCE ? INSTALL_REPLACE : 0) |
                         (i->flags & PULL_READ_ONLY ? INSTALL_READ_ONLY : 0) |
                         (i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
        if (r < 0)
                return log_error_errno(r, "Failed to install local image '%s': %m", p);

        t = mfree(t);

        log_info("Created new local image '%s'.", i->local);

        if (FLAGS_SET(i->flags, PULL_SETTINGS)) {
                const char *local_settings;
                assert(i->settings_job);

                r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
                if (r < 0)
                        return r;

                local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");

                r = copy_file_atomic(
                                i->settings_path,
                                local_settings,
                                0664,
                                0, 0,
                                COPY_REFLINK |
                                (FLAGS_SET(i->flags, PULL_FORCE) ? COPY_REPLACE : 0) |
                                (FLAGS_SET(i->flags, PULL_SYNC) ? COPY_FSYNC_FULL : 0));
                if (r == -EEXIST)
                        log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
                else if (r == -ENOENT)
                        log_debug_errno(r, "Skipping creation of settings file, since none was found.");
                else if (r < 0)
                        log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
                else
                        log_info("Created new settings file %s.", local_settings);
        }

        return 0;
}

static bool tar_pull_is_done(TarPull *i) {
        assert(i);
        assert(i->tar_job);

        if (!PULL_JOB_IS_COMPLETE(i->tar_job))
                return false;
        if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
                return false;
        if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
                return false;
        if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
                return false;

        return true;
}

static void tar_pull_job_on_finished(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        if (j->error != 0) {
                if (j == i->tar_job) {
                        if (j->error == ENOMEDIUM) /* HTTP 404 */
                                r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
                        else
                                r = log_error_errno(j->error, "Failed to retrieve image file.");
                        goto finish;
                } else if (j == i->checksum_job) {
                        r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
                        goto finish;
                } else if (j == i->signature_job)
                        log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
                else if (j == i->settings_job)
                        log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
                else
                        assert("unexpected job");
        }

        /* This is invoked if either the download completed successfully, or the download was skipped because
         * we already have the etag. */

        if (!tar_pull_is_done(i))
                return;

        if (i->signature_job && i->signature_job->error != 0) {
                VerificationStyle style;

                assert(i->checksum_job);

                r = verification_style_from_url(i->checksum_job->url, &style);
                if (r < 0) {
                        log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
                        goto finish;
                }

                if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters
                                                            * in per-directory verification mode, since only
                                                            * then the signature is detached, and thus a file
                                                            * of its own. */
                        r = log_error_errno(i->signature_job->error,
                                            "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
                        goto finish;
                }
        }

        pull_job_close_disk_fd(i->tar_job);
        pull_job_close_disk_fd(i->settings_job);

        if (i->tar_pid > 0) {
                r = wait_for_terminate_and_check("tar", TAKE_PID(i->tar_pid), WAIT_LOG);
                if (r < 0)
                        goto finish;
                if (r != EXIT_SUCCESS) {
                        r = -EIO;
                        goto finish;
                }
        }

        if (!i->tar_job->etag_exists) {
                /* This is a new download, verify it, and move it into place */

                tar_pull_report_progress(i, TAR_VERIFYING);

                r = pull_verify(i->verify,
                                i->checksum,
                                i->tar_job,
                                i->checksum_job,
                                i->signature_job,
                                i->settings_job,
                                /* roothash_job = */ NULL,
                                /* roothash_signature_job = */ NULL,
                                /* verity_job = */ NULL);
                if (r < 0)
                        goto finish;
        }

        if (i->flags & PULL_DIRECT) {
                assert(!i->settings_job);
                assert(i->local);
                assert(!i->temp_path);

                tar_pull_report_progress(i, TAR_FINALIZING);

                r = import_mangle_os_tree(i->local);
                if (r < 0)
                        goto finish;

                r = install_file(
                                AT_FDCWD, i->local,
                                AT_FDCWD, NULL,
                                (i->flags & PULL_READ_ONLY) ? INSTALL_READ_ONLY : 0 |
                                (i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
                if (r < 0) {
                        log_error_errno(r, "Failed to finalize '%s': %m", i->local);
                        goto finish;
                }
        } else {
                r = tar_pull_determine_path(i, NULL, &i->final_path);
                if (r < 0)
                        goto finish;

                if (!i->tar_job->etag_exists) {
                        /* This is a new download, verify it, and move it into place */

                        assert(i->temp_path);
                        assert(i->final_path);

                        tar_pull_report_progress(i, TAR_FINALIZING);

                        r = import_mangle_os_tree(i->temp_path);
                        if (r < 0)
                                goto finish;

                        r = install_file(
                                        AT_FDCWD, i->temp_path,
                                        AT_FDCWD, i->final_path,
                                        INSTALL_READ_ONLY|
                                        (i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
                        if (r < 0) {
                                log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
                                goto finish;
                        }

                        i->temp_path = mfree(i->temp_path);

                        if (i->settings_job &&
                            i->settings_job->error == 0) {

                                /* Also move the settings file into place, if it exists. Note that we do so only if we also
                                 * moved the tar file in place, to keep things strictly in sync. */
                                assert(i->settings_temp_path);

                                /* Regenerate final name for this auxiliary file, we might know the etag of the file now, and
                                 * we should incorporate it in the file name if we can */
                                i->settings_path = mfree(i->settings_path);

                                r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
                                if (r < 0)
                                        goto finish;

                                r = install_file(
                                                AT_FDCWD, i->settings_temp_path,
                                                AT_FDCWD, i->settings_path,
                                                INSTALL_READ_ONLY|
                                                (i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
                                if (r < 0) {
                                        log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
                                        goto finish;
                                }

                                i->settings_temp_path = mfree(i->settings_temp_path);
                        }
                }

                tar_pull_report_progress(i, TAR_COPYING);

                r = tar_pull_make_local_copy(i);
                if (r < 0)
                        goto finish;
        }

        r = 0;

finish:
        if (i->on_finished)
                i->on_finished(i, r, i->userdata);
        else
                sd_event_exit(i->event, r);
}

static int tar_pull_job_on_open_disk_tar(PullJob *j) {
        const char *where;
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->tar_job == j);
        assert(i->tar_pid <= 0);

        if (i->flags & PULL_DIRECT)
                where = i->local;
        else {
                if (!i->temp_path) {
                        r = tempfn_random_child(i->image_root, "tar", &i->temp_path);
                        if (r < 0)
                                return log_oom();
                }

                where = i->temp_path;
        }

        (void) mkdir_parents_label(where, 0700);

        if (FLAGS_SET(i->flags, PULL_DIRECT|PULL_FORCE))
                (void) rm_rf(where, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);

        if (i->flags & PULL_BTRFS_SUBVOL)
                r = btrfs_subvol_make_fallback(where, 0755);
        else
                r = RET_NERRNO(mkdir(where, 0755));
        if (r == -EEXIST && (i->flags & PULL_DIRECT)) /* EEXIST is OK if in direct mode, but not otherwise,
                                                       * because in that case our temporary path collided */
                r = 0;
        if (r < 0)
                return log_error_errno(r, "Failed to create directory/subvolume %s: %m", where);
        if (r > 0 && (i->flags & PULL_BTRFS_QUOTA)) { /* actually btrfs subvol */
                if (!(i->flags & PULL_DIRECT))
                        (void) import_assign_pool_quota_and_warn(i->image_root);
                (void) import_assign_pool_quota_and_warn(where);
        }

        j->disk_fd = import_fork_tar_x(where, &i->tar_pid);
        if (j->disk_fd < 0)
                return j->disk_fd;

        return 0;
}

static int tar_pull_job_on_open_disk_settings(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->settings_job == j);

        if (!i->settings_temp_path) {
                r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path);
                if (r < 0)
                        return log_oom();
        }

        (void) mkdir_parents_label(i->settings_temp_path, 0700);

        j->disk_fd = open(i->settings_temp_path, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
        if (j->disk_fd < 0)
                return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);

        return 0;
}

static void tar_pull_job_on_progress(PullJob *j) {
        TarPull *i;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        tar_pull_report_progress(i, TAR_DOWNLOADING);
}

int tar_pull_start(
                TarPull *i,
                const char *url,
                const char *local,
                PullFlags flags,
                ImportVerify verify,
                const char *checksum) {

        PullJob *j;
        int r;

        assert(i);
        assert(verify == _IMPORT_VERIFY_INVALID || verify < _IMPORT_VERIFY_MAX);
        assert(verify == _IMPORT_VERIFY_INVALID || verify >= 0);
        assert((verify < 0) || !checksum);
        assert(!(flags & ~PULL_FLAGS_MASK_TAR));
        assert(!(flags & PULL_SETTINGS) || !(flags & PULL_DIRECT));
        assert(!(flags & PULL_SETTINGS) || !checksum);

        if (!http_url_is_valid(url) && !file_url_is_valid(url))
                return -EINVAL;

        if (local && !pull_validate_local(local, flags))
                return -EINVAL;

        if (i->tar_job)
                return -EBUSY;

        r = free_and_strdup(&i->local, local);
        if (r < 0)
                return r;

        r = free_and_strdup(&i->checksum, checksum);
        if (r < 0)
                return r;

        i->flags = flags;
        i->verify = verify;

        /* Set up download job for TAR file */
        r = pull_job_new(&i->tar_job, url, i->glue, i);
        if (r < 0)
                return r;

        i->tar_job->on_finished = tar_pull_job_on_finished;
        i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
        i->tar_job->calc_checksum = checksum || IN_SET(verify, IMPORT_VERIFY_CHECKSUM, IMPORT_VERIFY_SIGNATURE);

        if (!FLAGS_SET(flags, PULL_DIRECT)) {
                r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
                if (r < 0)
                        return r;
        }

        /* Set up download of checksum/signature files */
        r = pull_make_verification_jobs(
                        &i->checksum_job,
                        &i->signature_job,
                        verify,
                        checksum,
                        url,
                        i->glue,
                        tar_pull_job_on_finished,
                        i);
        if (r < 0)
                return r;

        /* Set up download job for the settings file (.nspawn) */
        if (FLAGS_SET(flags, PULL_SETTINGS)) {
                r = pull_make_auxiliary_job(
                                &i->settings_job,
                                url,
                                tar_strip_suffixes,
                                ".nspawn",
                                verify,
                                i->glue,
                                tar_pull_job_on_open_disk_settings,
                                tar_pull_job_on_finished,
                                i);
                if (r < 0)
                        return r;
        }

        FOREACH_POINTER(j,
                        i->tar_job,
                        i->checksum_job,
                        i->signature_job,
                        i->settings_job) {

                if (!j)
                        continue;

                j->on_progress = tar_pull_job_on_progress;
                j->sync = FLAGS_SET(flags, PULL_SYNC);

                r = pull_job_begin(j);
                if (r < 0)
                        return r;
        }

        return 0;
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
56ebfaf1	2
56ebfaf1	3	#include <curl/curl.h>
cf0fbc49	4	#include <sys/prctl.h>
56ebfaf1	5
7079cfef	6	#include "sd-daemon.h"
07630cea	7
b5efdb8a	8	#include "alloc-util.h"
56ebfaf1	9	#include "btrfs-util.h"
07630cea LP	10	#include "copy.h"
07630cea LP	11	#include "curl-util.h"
3ffd4af2	12	#include "fd-util.h"
f4f15635	13	#include "fs-util.h"
07630cea LP	14	#include "hostname-util.h"
	15	#include "import-common.h"
	16	#include "import-util.h"
c40d82ab	17	#include "install-file.h"
56ebfaf1	18	#include "macro.h"
35cd0ba5	19	#include "mkdir-label.h"
26166c88	20	#include "path-util.h"
25300b5a	21	#include "process-util.h"
dc2c282b	22	#include "pull-common.h"
07630cea	23	#include "pull-job.h"
3ffd4af2	24	#include "pull-tar.h"
07630cea LP	25	#include "rm-rf.h"
	26	#include "string-util.h"
	27	#include "strv.h"
e4de7287	28	#include "tmpfile-util.h"
c40d82ab	29	#include "user-util.h"
07630cea	30	#include "utf8.h"
49cf4170	31	#include "web-util.h"
56ebfaf1	32
7079cfef LP	33	typedef enum TarProgress {
	34	TAR_DOWNLOADING,
	35	TAR_VERIFYING,
	36	TAR_FINALIZING,
	37	TAR_COPYING,
	38	} TarProgress;
	39
dc2c282b	40	struct TarPull {
56ebfaf1 LP	41	sd_event *event;
	42	CurlGlue *glue;
	43
133b34f6 LP	44	PullFlags flags;
133b34f6 LP	45	ImportVerify verify;
56ebfaf1 LP	46	char *image_root;
56ebfaf1 LP	47
dc2c282b LP	48	PullJob *tar_job;
	49	PullJob *checksum_job;
	50	PullJob *signature_job;
133b34f6	51	PullJob *settings_job;
56ebfaf1	52
dc2c282b	53	TarPullFinished on_finished;
56ebfaf1 LP	54	void *userdata;
56ebfaf1 LP	55
56ebfaf1	56	char *local;
56ebfaf1 LP	57
	58	pid_t tar_pid;
	59
56ebfaf1	60	char *final_path;
9854730b LP	61	char *temp_path;
	62
	63	char *settings_path;
	64	char *settings_temp_path;
c40d82ab LP	65
c40d82ab LP	66	char *checksum;
56ebfaf1 LP	67	};
56ebfaf1 LP	68
dc2c282b	69	TarPull* tar_pull_unref(TarPull *i) {
56ebfaf1 LP	70	if (!i)
	71	return NULL;
	72
7950211d LP	73	if (i->tar_pid > 1)
7950211d LP	74	sigkill_wait(i->tar_pid);
56ebfaf1	75
dc2c282b LP	76	pull_job_unref(i->tar_job);
	77	pull_job_unref(i->checksum_job);
	78	pull_job_unref(i->signature_job);
133b34f6	79	pull_job_unref(i->settings_job);
56ebfaf1 LP	80
	81	curl_glue_unref(i->glue);
	82	sd_event_unref(i->event);
	83
133b34f6 LP	84	rm_rf_subvolume_and_free(i->temp_path);
133b34f6 LP	85	unlink_and_free(i->settings_temp_path);
9854730b	86
56ebfaf1	87	free(i->final_path);
9854730b	88	free(i->settings_path);
56ebfaf1 LP	89	free(i->image_root);
56ebfaf1 LP	90	free(i->local);
c40d82ab	91	free(i->checksum);
e0061812	92
6b430fdb	93	return mfree(i);
56ebfaf1 LP	94	}
56ebfaf1 LP	95
dc2c282b LP	96	int tar_pull_new(
dc2c282b LP	97	TarPull **ret,
8b71fce8 LP	98	sd_event *event,
8b71fce8 LP	99	const char *image_root,
dc2c282b	100	TarPullFinished on_finished,
8b71fce8 LP	101	void *userdata) {
8b71fce8 LP	102
0d94088e YW	103	_cleanup_(curl_glue_unrefp) CurlGlue *g = NULL;
0d94088e YW	104	_cleanup_(sd_event_unrefp) sd_event *e = NULL;
dc2c282b	105	_cleanup_(tar_pull_unrefp) TarPull *i = NULL;
0d94088e	106	_cleanup_free_ char *root = NULL;
56ebfaf1 LP	107	int r;
	108
	109	assert(ret);
56ebfaf1	110
0d94088e YW	111	root = strdup(image_root ?: "/var/lib/machines");
0d94088e YW	112	if (!root)
56ebfaf1 LP	113	return -ENOMEM;
56ebfaf1 LP	114
9854730b	115	if (event)
0d94088e	116	e = sd_event_ref(event);
9854730b	117	else {
0d94088e	118	r = sd_event_default(&e);
9854730b LP	119	if (r < 0)
	120	return r;
	121	}
56ebfaf1	122
0d94088e	123	r = curl_glue_new(&g, e);
56ebfaf1 LP	124	if (r < 0)
	125	return r;
	126
0d94088e YW	127	i = new(TarPull, 1);
	128	if (!i)
	129	return -ENOMEM;
	130
	131	*i = (TarPull) {
	132	.on_finished = on_finished,
	133	.userdata = userdata,
	134	.image_root = TAKE_PTR(root),
0d94088e YW	135	.event = TAKE_PTR(e),
	136	.glue = TAKE_PTR(g),
	137	};
	138
dc2c282b	139	i->glue->on_finished = pull_job_curl_on_finished;
56ebfaf1 LP	140	i->glue->userdata = i;
56ebfaf1 LP	141
1cc6c93a	142	*ret = TAKE_PTR(i);
56ebfaf1 LP	143
	144	return 0;
	145	}
	146
dc2c282b	147	static void tar_pull_report_progress(TarPull *i, TarProgress p) {
7079cfef LP	148	unsigned percent;
	149
	150	assert(i);
	151
	152	switch (p) {
	153
	154	case TAR_DOWNLOADING: {
	155	unsigned remain = 85;
	156
	157	percent = 0;
	158
	159	if (i->checksum_job) {
	160	percent += i->checksum_job->progress_percent * 5 / 100;
	161	remain -= 5;
	162	}
	163
	164	if (i->signature_job) {
	165	percent += i->signature_job->progress_percent * 5 / 100;
	166	remain -= 5;
	167	}
	168
133b34f6 LP	169	if (i->settings_job) {
	170	percent += i->settings_job->progress_percent * 5 / 100;
	171	remain -= 5;
	172	}
	173
7079cfef LP	174	if (i->tar_job)
	175	percent += i->tar_job->progress_percent * remain / 100;
	176	break;
	177	}
	178
	179	case TAR_VERIFYING:
	180	percent = 85;
	181	break;
	182
	183	case TAR_FINALIZING:
	184	percent = 90;
	185	break;
	186
	187	case TAR_COPYING:
	188	percent = 95;
	189	break;
	190
	191	default:
04499a70	192	assert_not_reached();
7079cfef LP	193	}
	194
	195	sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
	196	log_debug("Combined progress %u%%", percent);
	197	}
	198
c40d82ab LP	199	static int tar_pull_determine_path(
	200	TarPull *i,
	201	const char *suffix,
	202	char *field / input + output (!) */) {
91359193 LP	203	int r;
	204
	205	assert(i);
	206	assert(field);
	207
	208	if (*field)
	209	return 0;
	210
	211	assert(i->tar_job);
	212
	213	r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field);
	214	if (r < 0)
	215	return log_oom();
	216
	217	return 1;
	218	}
	219
dc2c282b	220	static int tar_pull_make_local_copy(TarPull *i) {
c40d82ab LP	221	_cleanup_(rm_rf_subvolume_and_freep) char *t = NULL;
c40d82ab LP	222	const char *p;
0d6e763b LP	223	int r;
	224
	225	assert(i);
	226	assert(i->tar_job);
	227
	228	if (!i->local)
	229	return 0;
	230
c40d82ab LP	231	assert(i->final_path);
	232
	233	p = prefix_roota(i->image_root, i->local);
	234
	235	r = tempfn_random(p, NULL, &t);
0100b6e1	236	if (r < 0)
c40d82ab LP	237	return log_error_errno(r, "Failed to generate temporary filename for %s: %m", p);
	238
	239	if (i->flags & PULL_BTRFS_SUBVOL)
	240	r = btrfs_subvol_snapshot(
	241	i->final_path,
	242	t,
	243	(i->flags & PULL_BTRFS_QUOTA ? BTRFS_SNAPSHOT_QUOTA : 0)\|
	244	BTRFS_SNAPSHOT_FALLBACK_COPY\|
	245	BTRFS_SNAPSHOT_FALLBACK_DIRECTORY\|
	246	BTRFS_SNAPSHOT_RECURSIVE);
	247	else
a424958a	248	r = copy_tree(i->final_path, t, UID_INVALID, GID_INVALID, COPY_REFLINK\|COPY_HARDLINKS, NULL);
c40d82ab LP	249	if (r < 0)
	250	return log_error_errno(r, "Failed to create local image: %m");
	251
	252	r = install_file(AT_FDCWD, t,
	253	AT_FDCWD, p,
	254	(i->flags & PULL_FORCE ? INSTALL_REPLACE : 0) \|
	255	(i->flags & PULL_READ_ONLY ? INSTALL_READ_ONLY : 0) \|
	256	(i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
	257	if (r < 0)
	258	return log_error_errno(r, "Failed to install local image '%s': %m", p);
	259
	260	t = mfree(t);
	261
	262	log_info("Created new local image '%s'.", i->local);
0100b6e1	263
133b34f6	264	if (FLAGS_SET(i->flags, PULL_SETTINGS)) {
9854730b LP	265	const char *local_settings;
	266	assert(i->settings_job);
	267
91359193 LP	268	r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
	269	if (r < 0)
	270	return r;
9854730b LP	271
	272	local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");
	273
c40d82ab LP	274	r = copy_file_atomic(
	275	i->settings_path,
	276	local_settings,
	277	0664,
	278	0, 0,
	279	COPY_REFLINK \|
	280	(FLAGS_SET(i->flags, PULL_FORCE) ? COPY_REPLACE : 0) \|
	281	(FLAGS_SET(i->flags, PULL_SYNC) ? COPY_FSYNC_FULL : 0));
9854730b LP	282	if (r == -EEXIST)
9854730b LP	283	log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
33859a6b LP	284	else if (r == -ENOENT)
	285	log_debug_errno(r, "Skipping creation of settings file, since none was found.");
	286	else if (r < 0)
79b6198b LP	287	log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
79b6198b LP	288	else
33859a6b	289	log_info("Created new settings file %s.", local_settings);
9854730b LP	290	}
9854730b LP	291
0d6e763b LP	292	return 0;
	293	}
	294
dc2c282b	295	static bool tar_pull_is_done(TarPull *i) {
8b71fce8 LP	296	assert(i);
	297	assert(i->tar_job);
	298
9854730b	299	if (!PULL_JOB_IS_COMPLETE(i->tar_job))
8b71fce8	300	return false;
9854730b LP	301	if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
	302	return false;
	303	if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
8b71fce8	304	return false;
133b34f6 LP	305	if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
133b34f6 LP	306	return false;
8b71fce8 LP	307
	308	return true;
	309	}
	310
dc2c282b LP	311	static void tar_pull_job_on_finished(PullJob *j) {
dc2c282b LP	312	TarPull *i;
56ebfaf1 LP	313	int r;
	314
	315	assert(j);
	316	assert(j->userdata);
	317
	318	i = j->userdata;
9854730b	319
c40d82ab LP	320	if (j->error != 0) {
	321	if (j == i->tar_job) {
	322	if (j->error == ENOMEDIUM) /* HTTP 404 */
	323	r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
	324	else
	325	r = log_error_errno(j->error, "Failed to retrieve image file.");
	326	goto finish;
	327	} else if (j == i->checksum_job) {
	328	r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
	329	goto finish;
	330	} else if (j == i->signature_job)
	331	log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
	332	else if (j == i->settings_job)
9854730b	333	log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
0100b6e1	334	else
c40d82ab	335	assert("unexpected job");
56ebfaf1 LP	336	}
56ebfaf1 LP	337
c33e405f LP	338	/* This is invoked if either the download completed successfully, or the download was skipped because
c33e405f LP	339	* we already have the etag. */
56ebfaf1	340
dc2c282b	341	if (!tar_pull_is_done(i))
0100b6e1 LP	342	return;
0100b6e1 LP	343
f14717a7 LP	344	if (i->signature_job && i->signature_job->error != 0) {
f14717a7 LP	345	VerificationStyle style;
697be0be	346
c40d82ab LP	347	assert(i->checksum_job);
c40d82ab LP	348
f14717a7 LP	349	r = verification_style_from_url(i->checksum_job->url, &style);
	350	if (r < 0) {
	351	log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
	352	goto finish;
	353	}
	354
	355	if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters
	356	* in per-directory verification mode, since only
	357	* then the signature is detached, and thus a file
	358	* of its own. */
c40d82ab LP	359	r = log_error_errno(i->signature_job->error,
c40d82ab LP	360	"Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
f14717a7 LP	361	goto finish;
f14717a7 LP	362	}
697be0be TB	363	}
697be0be TB	364
c40d82ab LP	365	pull_job_close_disk_fd(i->tar_job);
c40d82ab LP	366	pull_job_close_disk_fd(i->settings_job);
91359193	367
56ebfaf1	368	if (i->tar_pid > 0) {
8f03de53	369	r = wait_for_terminate_and_check("tar", TAKE_PID(i->tar_pid), WAIT_LOG);
56ebfaf1 LP	370	if (r < 0)
56ebfaf1 LP	371	goto finish;
b4a34311	372	if (r != EXIT_SUCCESS) {
9854730b LP	373	r = -EIO;
	374	goto finish;
	375	}
56ebfaf1 LP	376	}
56ebfaf1 LP	377
0100b6e1 LP	378	if (!i->tar_job->etag_exists) {
	379	/* This is a new download, verify it, and move it into place */
	380
dc2c282b	381	tar_pull_report_progress(i, TAR_VERIFYING);
7079cfef	382
ff2f7797	383	r = pull_verify(i->verify,
c40d82ab	384	i->checksum,
ff2f7797 LP	385	i->tar_job,
	386	i->checksum_job,
	387	i->signature_job,
	388	i->settings_job,
	389	/* roothash_job = */ NULL,
	390	/* roothash_signature_job = */ NULL,
	391	/* verity_job = */ NULL);
0100b6e1 LP	392	if (r < 0)
0100b6e1 LP	393	goto finish;
c40d82ab	394	}
0100b6e1	395
c40d82ab LP	396	if (i->flags & PULL_DIRECT) {
	397	assert(!i->settings_job);
	398	assert(i->local);
	399	assert(!i->temp_path);
7079cfef	400
c40d82ab	401	tar_pull_report_progress(i, TAR_FINALIZING);
c33e405f	402
c40d82ab	403	r = import_mangle_os_tree(i->local);
56ebfaf1 LP	404	if (r < 0)
	405	goto finish;
	406
c40d82ab LP	407	r = install_file(
	408	AT_FDCWD, i->local,
	409	AT_FDCWD, NULL,
	410	(i->flags & PULL_READ_ONLY) ? INSTALL_READ_ONLY : 0 \|
	411	(i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
f85ef957	412	if (r < 0) {
c40d82ab	413	log_error_errno(r, "Failed to finalize '%s': %m", i->local);
56ebfaf1 LP	414	goto finish;
56ebfaf1 LP	415	}
c40d82ab LP	416	} else {
	417	r = tar_pull_determine_path(i, NULL, &i->final_path);
	418	if (r < 0)
	419	goto finish;
56ebfaf1	420
c40d82ab LP	421	if (!i->tar_job->etag_exists) {
c40d82ab LP	422	/* This is a new download, verify it, and move it into place */
9854730b	423
c40d82ab LP	424	assert(i->temp_path);
c40d82ab LP	425	assert(i->final_path);
91359193	426
c40d82ab	427	tar_pull_report_progress(i, TAR_FINALIZING);
e0061812	428
c40d82ab	429	r = import_mangle_os_tree(i->temp_path);
91359193 LP	430	if (r < 0)
91359193 LP	431	goto finish;
9854730b	432
c40d82ab LP	433	r = install_file(
	434	AT_FDCWD, i->temp_path,
	435	AT_FDCWD, i->final_path,
	436	INSTALL_READ_ONLY\|
	437	(i->flags & PULL_SYNC ? INSTALL_SYNCFS : 0));
9854730b	438	if (r < 0) {
c40d82ab	439	log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
9854730b LP	440	goto finish;
	441	}
	442
c40d82ab LP	443	i->temp_path = mfree(i->temp_path);
	444
	445	if (i->settings_job &&
	446	i->settings_job->error == 0) {
	447
	448	/* Also move the settings file into place, if it exists. Note that we do so only if we also
	449	* moved the tar file in place, to keep things strictly in sync. */
	450	assert(i->settings_temp_path);
	451
	452	/* Regenerate final name for this auxiliary file, we might know the etag of the file now, and
	453	* we should incorporate it in the file name if we can */
	454	i->settings_path = mfree(i->settings_path);
	455
	456	r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
	457	if (r < 0)
	458	goto finish;
	459
	460	r = install_file(
	461	AT_FDCWD, i->settings_temp_path,
	462	AT_FDCWD, i->settings_path,
	463	INSTALL_READ_ONLY\|
	464	(i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
	465	if (r < 0) {
	466	log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
	467	goto finish;
	468	}
	469
	470	i->settings_temp_path = mfree(i->settings_temp_path);
	471	}
9854730b	472	}
56ebfaf1	473
c40d82ab	474	tar_pull_report_progress(i, TAR_COPYING);
7079cfef	475
c40d82ab LP	476	r = tar_pull_make_local_copy(i);
	477	if (r < 0)
	478	goto finish;
	479	}
0d6e763b	480
56ebfaf1 LP	481	r = 0;
	482
	483	finish:
56ebfaf1 LP	484	if (i->on_finished)
	485	i->on_finished(i, r, i->userdata);
	486	else
	487	sd_event_exit(i->event, r);
	488	}
	489
9854730b	490	static int tar_pull_job_on_open_disk_tar(PullJob *j) {
c40d82ab	491	const char *where;
dc2c282b	492	TarPull *i;
56ebfaf1 LP	493	int r;
	494
	495	assert(j);
	496	assert(j->userdata);
	497
	498	i = j->userdata;
8b71fce8	499	assert(i->tar_job == j);
8b71fce8	500	assert(i->tar_pid <= 0);
56ebfaf1	501
c40d82ab LP	502	if (i->flags & PULL_DIRECT)
	503	where = i->local;
	504	else {
	505	if (!i->temp_path) {
	506	r = tempfn_random_child(i->image_root, "tar", &i->temp_path);
	507	if (r < 0)
	508	return log_oom();
	509	}
	510
	511	where = i->temp_path;
91359193	512	}
56ebfaf1	513
c40d82ab LP	514	(void) mkdir_parents_label(where, 0700);
	515
	516	if (FLAGS_SET(i->flags, PULL_DIRECT\|PULL_FORCE))
	517	(void) rm_rf(where, REMOVE_ROOT\|REMOVE_PHYSICAL\|REMOVE_SUBVOLUME);
56ebfaf1	518
c40d82ab LP	519	if (i->flags & PULL_BTRFS_SUBVOL)
	520	r = btrfs_subvol_make_fallback(where, 0755);
	521	else
7c248223	522	r = RET_NERRNO(mkdir(where, 0755));
c40d82ab LP	523	if (r == -EEXIST && (i->flags & PULL_DIRECT)) /* EEXIST is OK if in direct mode, but not otherwise,
	524	* because in that case our temporary path collided */
	525	r = 0;
82c4440d	526	if (r < 0)
c40d82ab LP	527	return log_error_errno(r, "Failed to create directory/subvolume %s: %m", where);
	528	if (r > 0 && (i->flags & PULL_BTRFS_QUOTA)) { /* actually btrfs subvol */
	529	if (!(i->flags & PULL_DIRECT))
	530	(void) import_assign_pool_quota_and_warn(i->image_root);
	531	(void) import_assign_pool_quota_and_warn(where);
052ba0eb	532	}
56ebfaf1	533
c40d82ab	534	j->disk_fd = import_fork_tar_x(where, &i->tar_pid);
2c140ded LP	535	if (j->disk_fd < 0)
2c140ded LP	536	return j->disk_fd;
56ebfaf1 LP	537
	538	return 0;
	539	}
	540
9854730b LP	541	static int tar_pull_job_on_open_disk_settings(PullJob *j) {
	542	TarPull *i;
	543	int r;
	544
	545	assert(j);
	546	assert(j->userdata);
	547
	548	i = j->userdata;
	549	assert(i->settings_job == j);
9854730b	550
91359193 LP	551	if (!i->settings_temp_path) {
	552	r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path);
	553	if (r < 0)
	554	return log_oom();
	555	}
9854730b	556
c40d82ab	557	(void) mkdir_parents_label(i->settings_temp_path, 0700);
9854730b LP	558
	559	j->disk_fd = open(i->settings_temp_path, O_RDWR\|O_CREAT\|O_EXCL\|O_NOCTTY\|O_CLOEXEC, 0664);
	560	if (j->disk_fd < 0)
	561	return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);
	562
	563	return 0;
	564	}
	565
dc2c282b LP	566	static void tar_pull_job_on_progress(PullJob *j) {
dc2c282b LP	567	TarPull *i;
7079cfef LP	568
	569	assert(j);
	570	assert(j->userdata);
	571
	572	i = j->userdata;
	573
dc2c282b	574	tar_pull_report_progress(i, TAR_DOWNLOADING);
7079cfef LP	575	}
7079cfef LP	576
9854730b LP	577	int tar_pull_start(
	578	TarPull *i,
	579	const char *url,
	580	const char *local,
133b34f6	581	PullFlags flags,
c40d82ab LP	582	ImportVerify verify,
c40d82ab LP	583	const char *checksum) {
9854730b	584
c40d82ab	585	PullJob *j;
56ebfaf1 LP	586	int r;
	587
	588	assert(i);
c40d82ab LP	589	assert(verify == _IMPORT_VERIFY_INVALID \|\| verify < _IMPORT_VERIFY_MAX);
	590	assert(verify == _IMPORT_VERIFY_INVALID \|\| verify >= 0);
	591	assert((verify < 0) \|\| !checksum);
133b34f6	592	assert(!(flags & ~PULL_FLAGS_MASK_TAR));
c40d82ab LP	593	assert(!(flags & PULL_SETTINGS) \|\| !(flags & PULL_DIRECT));
c40d82ab LP	594	assert(!(flags & PULL_SETTINGS) \|\| !checksum);
56ebfaf1	595
c456862f	596	if (!http_url_is_valid(url) && !file_url_is_valid(url))
56ebfaf1 LP	597	return -EINVAL;
56ebfaf1 LP	598
c40d82ab	599	if (local && !pull_validate_local(local, flags))
56ebfaf1 LP	600	return -EINVAL;
56ebfaf1 LP	601
8b71fce8 LP	602	if (i->tar_job)
	603	return -EBUSY;
	604
56ebfaf1 LP	605	r = free_and_strdup(&i->local, local);
	606	if (r < 0)
	607	return r;
9854730b	608
c40d82ab LP	609	r = free_and_strdup(&i->checksum, checksum);
	610	if (r < 0)
	611	return r;
	612
133b34f6	613	i->flags = flags;
0100b6e1	614	i->verify = verify;
56ebfaf1	615
9854730b	616	/* Set up download job for TAR file */
dc2c282b	617	r = pull_job_new(&i->tar_job, url, i->glue, i);
56ebfaf1 LP	618	if (r < 0)
	619	return r;
	620
dc2c282b	621	i->tar_job->on_finished = tar_pull_job_on_finished;
9854730b	622	i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
c40d82ab	623	i->tar_job->calc_checksum = checksum \|\| IN_SET(verify, IMPORT_VERIFY_CHECKSUM, IMPORT_VERIFY_SIGNATURE);
56ebfaf1	624
c40d82ab LP	625	if (!FLAGS_SET(flags, PULL_DIRECT)) {
	626	r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
	627	if (r < 0)
	628	return r;
	629	}
56ebfaf1	630
133b34f6	631	/* Set up download of checksum/signature files */
c40d82ab LP	632	r = pull_make_verification_jobs(
	633	&i->checksum_job,
	634	&i->signature_job,
	635	verify,
	636	checksum,
	637	url,
	638	i->glue,
	639	tar_pull_job_on_finished,
	640	i);
133b34f6 LP	641	if (r < 0)
	642	return r;
	643
9854730b	644	/* Set up download job for the settings file (.nspawn) */
133b34f6	645	if (FLAGS_SET(flags, PULL_SETTINGS)) {
c40d82ab LP	646	r = pull_make_auxiliary_job(
	647	&i->settings_job,
	648	url,
	649	tar_strip_suffixes,
	650	".nspawn",
	651	verify,
	652	i->glue,
	653	tar_pull_job_on_open_disk_settings,
	654	tar_pull_job_on_finished,
	655	i);
9854730b LP	656	if (r < 0)
9854730b LP	657	return r;
9854730b LP	658	}
9854730b LP	659
c40d82ab LP	660	FOREACH_POINTER(j,
	661	i->tar_job,
	662	i->checksum_job,
	663	i->signature_job,
	664	i->settings_job) {
0100b6e1	665
c40d82ab LP	666	if (!j)
c40d82ab LP	667	continue;
7079cfef	668
c40d82ab LP	669	j->on_progress = tar_pull_job_on_progress;
c40d82ab LP	670	j->sync = FLAGS_SET(flags, PULL_SYNC);
0100b6e1	671
c40d82ab	672	r = pull_job_begin(j);
133b34f6 LP	673	if (r < 0)
	674	return r;
	675	}
	676
0100b6e1	677	return 0;
56ebfaf1	678	}