]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/shared/loop-util.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #23065 from poettering/env-var-generator
[thirdparty/systemd.git] / src / shared / loop-util.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
8c1be37e 2
10c1b188
LP		 3#if HAVE_VALGRIND_MEMCHECK_H
4#include <valgrind/memcheck.h>
5#endif
6
dccca82b 7#include <errno.h>
8c1be37e 8#include <fcntl.h>
f1443709
LP		 9#include <linux/blkpg.h>
10#include <linux/fs.h>
8c1be37e 11#include <linux/loop.h>
441ec804 12#include <sys/file.h>
8c1be37e 13#include <sys/ioctl.h>
f2d9213f 14#include <unistd.h>
8c1be37e 15
021bf175
LP		 16#include "sd-device.h"
17
8c1be37e 18#include "alloc-util.h"
86c1c1f3 19#include "blockdev-util.h"
021bf175 20#include "device-util.h"
e8c7c4d9 21#include "env-util.h"
b0a94268 22#include "errno-util.h"
8c1be37e 23#include "fd-util.h"
f1443709 24#include "fileio.h"
8c1be37e 25#include "loop-util.h"
86c1c1f3 26#include "missing_loop.h"
f1443709 27#include "parse-util.h"
b202ec20 28#include "random-util.h"
3cc44114 29#include "stat-util.h"
f1443709 30#include "stdio-util.h"
f2d9213f 31#include "string-util.h"
021bf175 32#include "tmpfile-util.h"
8c1be37e 33
e8af3bfd 34static void cleanup_clear_loop_close(int *fd) {
86c1c1f3
LP		 35 if (*fd < 0)
36 return;
37
38 (void) ioctl(*fd, LOOP_CLR_FD);
39 (void) safe_close(*fd);
40}
41
021bf175
LP		 42static int loop_is_bound(int fd) {
43 struct loop_info64 info;
44
45 assert(fd >= 0);
46
47 if (ioctl(fd, LOOP_GET_STATUS64, &info) < 0) {
48 if (errno == ENXIO)
49 return false; /* not bound! */
50
51 return -errno;
52 }
53
54 return true; /* bound! */
55}
56
31c75fcc
LP		 57static int get_current_uevent_seqnum(uint64_t *ret) {
58 _cleanup_free_ char *p = NULL;
59 int r;
60
61 r = read_full_virtual_file("/sys/kernel/uevent_seqnum", &p, NULL);
62 if (r < 0)
63 return log_debug_errno(r, "Failed to read current uevent sequence number: %m");
64
a145f8c0 65 r = safe_atou64(strstrip(p), ret);
31c75fcc
LP		 66 if (r < 0)
67 return log_debug_errno(r, "Failed to parse current uevent sequence number: %s", p);
68
69 return 0;
70}
71
021bf175
LP		 72static int device_has_block_children(sd_device *d) {
73 _cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;
7ffc7f3f 74 const char *main_ss, *main_dt;
021bf175
LP		 75 sd_device *q;
76 int r;
77
78 assert(d);
79
80 /* Checks if the specified device currently has block device children (i.e. partition block
81 * devices). */
82
7ffc7f3f 83 r = sd_device_get_subsystem(d, &main_ss);
021bf175
LP		 84 if (r < 0)
85 return r;
86
7ffc7f3f
LP		 87 if (!streq(main_ss, "block"))
88 return -EINVAL;
89
90 r = sd_device_get_devtype(d, &main_dt);
021bf175
LP		 91 if (r < 0)
92 return r;
93
7ffc7f3f 94 if (!streq(main_dt, "disk")) /* Refuse invocation on partition block device, insist on "whole" device */
021bf175
LP		 95 return -EINVAL;
96
97 r = sd_device_enumerator_new(&e);
98 if (r < 0)
99 return r;
100
101 r = sd_device_enumerator_allow_uninitialized(e);
102 if (r < 0)
103 return r;
104
105 r = sd_device_enumerator_add_match_parent(e, d);
106 if (r < 0)
107 return r;
108
109 FOREACH_DEVICE(e, q) {
7ffc7f3f 110 const char *ss, *dt;
021bf175
LP		 111
112 r = sd_device_get_subsystem(q, &ss);
7ffc7f3f
LP		 113 if (r < 0) {
114 log_device_debug_errno(q, r, "Failed to get subsystem of child, ignoring: %m");
021bf175 115 continue;
7ffc7f3f 116 }
021bf175 117
7ffc7f3f
LP		 118 if (!streq(ss, "block")) {
119 log_device_debug(q, "Skipping child that is not a block device (subsystem=%s).", ss);
021bf175 120 continue;
7ffc7f3f 121 }
021bf175 122
7ffc7f3f
LP		 123 r = sd_device_get_devtype(q, &dt);
124 if (r < 0) {
125 log_device_debug_errno(q, r, "Failed to get devtype of child, ignoring: %m");
021bf175 126 continue;
7ffc7f3f 127 }
021bf175 128
7ffc7f3f
LP		 129 if (!streq(dt, "partition")) {
130 log_device_debug(q, "Skipping non-partition child (devtype=%s).", dt);
021bf175 131 continue;
7ffc7f3f 132 }
021bf175 133
7ffc7f3f 134 return true; /* we have block device children */
021bf175
LP		 135 }
136
7ffc7f3f 137 return false;
021bf175
LP		 138}
139
95c50092
LP		 140static int loop_configure(
141 int fd,
021bf175 142 int nr,
95c50092 143 const struct loop_config *c,
31c75fcc 144 bool *try_loop_configure,
8ede1e86
LP		 145 uint64_t *ret_seqnum_not_before,
146 usec_t *ret_timestamp_not_before) {
95c50092 147
021bf175
LP		 148 _cleanup_(sd_device_unrefp) sd_device *d = NULL;
149 _cleanup_free_ char *sysname = NULL;
738f29cb 150 _cleanup_close_ int lock_fd = -1;
e8c7c4d9 151 struct loop_info64 info_copy;
31c75fcc 152 uint64_t seqnum;
8ede1e86 153 usec_t timestamp;
86c1c1f3
LP		 154 int r;
155
156 assert(fd >= 0);
021bf175 157 assert(nr >= 0);
86c1c1f3 158 assert(c);
95c50092
LP		 159 assert(try_loop_configure);
160
021bf175
LP		 161 if (asprintf(&sysname, "loop%i", nr) < 0)
162 return -ENOMEM;
163
164 r = sd_device_new_from_subsystem_sysname(&d, "block", sysname);
165 if (r < 0)
166 return r;
167
168 /* Let's lock the device before we do anything. We take the BSD lock on a second, separately opened
169 * fd for the device. udev after all watches for close() events (specifically IN_CLOSE_WRITE) on
170 * block devices to reprobe them, hence by having a separate fd we will later close() we can ensure
171 * we trigger udev after everything is done. If we'd lock our own fd instead and keep it open for a
172 * long time udev would possibly never run on it again, even though the fd is unlocked, simply
173 * because we never close() it. It also has the nice benefit we can use the _cleanup_close_ logic to
174 * automatically release the lock, after we are done. */
175 lock_fd = fd_reopen(fd, O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
176 if (lock_fd < 0)
177 return lock_fd;
178 if (flock(lock_fd, LOCK_EX) < 0)
179 return -errno;
180
181 /* Let's see if the device is really detached, i.e. currently has no associated partition block
182 * devices. On various kernels (such as 5.8) it is possible to have a loopback block device that
183 * superficially is detached but still has partition block devices associated for it. They only go
184 * away when the device is reattached. (Yes, LOOP_CLR_FD doesn't work then, because officially
185 * nothing is attached and LOOP_CTL_REMOVE doesn't either, since it doesn't care about partition
186 * block devices. */
187 r = device_has_block_children(d);
188 if (r < 0)
189 return r;
190 if (r > 0) {
191 r = loop_is_bound(fd);
192 if (r < 0)
193 return r;
194 if (r > 0)
195 return -EBUSY;
196
197 return -EUCLEAN; /* Bound but children? Tell caller to reattach something so that the
198 * partition block devices are gone too. */
199 }
200
95c50092 201 if (*try_loop_configure) {
31c75fcc
LP		 202 /* Acquire uevent seqnum immediately before attaching the loopback device. This allows
203 * callers to ignore all uevents with a seqnum before this one, if they need to associate
204 * uevent with this attachment. Doing so isn't race-free though, as uevents that happen in
205 * the window between this reading of the seqnum, and the LOOP_CONFIGURE call might still be
206 * mistaken as originating from our attachment, even though might be caused by an earlier
207 * use. But doing this at least shortens the race window a bit. */
208 r = get_current_uevent_seqnum(&seqnum);
209 if (r < 0)
210 return r;
8ede1e86 211 timestamp = now(CLOCK_MONOTONIC);
31c75fcc 212
95c50092
LP		 213 if (ioctl(fd, LOOP_CONFIGURE, c) < 0) {
214 /* Do fallback only if LOOP_CONFIGURE is not supported, propagate all other
215 * errors. Note that the kernel is weird: non-existing ioctls currently return EINVAL
216 * rather than ENOTTY on loopback block devices. They should fix that in the kernel,
217 * but in the meantime we accept both here. */
218 if (!ERRNO_IS_NOT_SUPPORTED(errno) && errno != EINVAL)
219 return -errno;
86c1c1f3 220
95c50092
LP		 221 *try_loop_configure = false;
222 } else {
223 bool good = true;
224
225 if (c->info.lo_sizelimit != 0) {
226 /* Kernel 5.8 vanilla doesn't properly propagate the size limit into the
227 * block device. If it's used, let's immediately check if it had the desired
228 * effect hence. And if not use classic LOOP_SET_STATUS64. */
229 uint64_t z;
230
231 if (ioctl(fd, BLKGETSIZE64, &z) < 0) {
232 r = -errno;
233 goto fail;
234 }
235
236 if (z != c->info.lo_sizelimit) {
237 log_debug("LOOP_CONFIGURE is broken, doesn't honour .lo_sizelimit. Falling back to LOOP_SET_STATUS64.");
238 good = false;
239 }
bb2551bd 240 }
86c1c1f3 241
95c50092
LP		 242 if (FLAGS_SET(c->info.lo_flags, LO_FLAGS_PARTSCAN)) {
243 /* Kernel 5.8 vanilla doesn't properly propagate the partition scanning flag
244 * into the block device. Let's hence verify if things work correctly here
245 * before returning. */
246
247 r = blockdev_partscan_enabled(fd);
248 if (r < 0)
249 goto fail;
250 if (r == 0) {
251 log_debug("LOOP_CONFIGURE is broken, doesn't honour LO_FLAGS_PARTSCAN. Falling back to LOOP_SET_STATUS64.");
252 good = false;
253 }
bb2551bd 254 }
86c1c1f3 255
95c50092
LP		 256 if (!good) {
257 /* LOOP_CONFIGURE doesn't work. Remember that. */
258 *try_loop_configure = false;
259
260 /* We return EBUSY here instead of retrying immediately with LOOP_SET_FD,
261 * because LOOP_CLR_FD is async: if the operation cannot be executed right
262 * away it just sets the autoclear flag on the device. This means there's a
263 * good chance we cannot actually reuse the loopback device right-away. Hence
264 * let's assume it's busy, avoid the trouble and let the calling loop call us
265 * again with a new, likely unused device. */
266 r = -EBUSY;
bb2551bd 267 goto fail;
bb2551bd 268 }
bb2551bd 269
31c75fcc
LP		 270 if (ret_seqnum_not_before)
271 *ret_seqnum_not_before = seqnum;
8ede1e86
LP		 272 if (ret_timestamp_not_before)
273 *ret_timestamp_not_before = timestamp;
31c75fcc 274
bb2551bd 275 return 0;
95c50092 276 }
86c1c1f3
LP		 277 }
278
31c75fcc
LP		 279 /* Let's read the seqnum again, to shorten the window. */
280 r = get_current_uevent_seqnum(&seqnum);
281 if (r < 0)
282 return r;
8ede1e86 283 timestamp = now(CLOCK_MONOTONIC);
31c75fcc 284
738f29cb
LP		 285 /* Since kernel commit 5db470e229e22b7eda6e23b5566e532c96fb5bc3 (kernel v5.0) the LOOP_SET_STATUS64
286 * ioctl can return EAGAIN in case we change the lo_offset field, if someone else is accessing the
287 * block device while we try to reconfigure it. This is a pretty common case, since udev might
288 * instantly start probing the device as soon as we attach an fd to it. Hence handle it in two ways:
273d76f4 289 * first, let's take the BSD lock to ensure that udev will not step in between the point in
738f29cb
LP		 290 * time where we attach the fd and where we reconfigure the device. Secondly, let's wait 50ms on
291 * EAGAIN and retry. The former should be an efficient mechanism to avoid we have to wait 50ms
292 * needlessly if we are just racing against udev. The latter is protection against all other cases,
021bf175 293 * i.e. peers that do not take the BSD lock. */
738f29cb 294
86c1c1f3
LP		 295 if (ioctl(fd, LOOP_SET_FD, c->fd) < 0)
296 return -errno;
297
e8c7c4d9
LP		 298 /* Only some of the flags LOOP_CONFIGURE can set are also settable via LOOP_SET_STATUS64, hence mask
299 * them out. */
300 info_copy = c->info;
301 info_copy.lo_flags &= LOOP_SET_STATUS_SETTABLE_FLAGS;
302
738f29cb 303 for (unsigned n_attempts = 0;;) {
e8c7c4d9 304 if (ioctl(fd, LOOP_SET_STATUS64, &info_copy) >= 0)
738f29cb
LP		 305 break;
306 if (errno != EAGAIN || ++n_attempts >= 64) {
307 r = log_debug_errno(errno, "Failed to configure loopback device: %m");
308 goto fail;
309 }
310
b202ec20
LP		 311 /* Sleep some random time, but at least 10ms, at most 250ms. Increase the delay the more
312 * failed attempts we see */
313 (void) usleep(UINT64_C(10) * USEC_PER_MSEC +
b0dbffd8 314 random_u64_range(UINT64_C(240) * USEC_PER_MSEC * n_attempts/64));
e8af3bfd 315 }
86c1c1f3 316
b9a9748a
LP		 317 /* Work around a kernel bug, where changing offset/size of the loopback device doesn't correctly
318 * invalidate the buffer cache. For details see:
319 *
320 * https://android.googlesource.com/platform/system/apex/+/bef74542fbbb4cd629793f4efee8e0053b360570
321 *
322 * This was fixed in kernel 5.0, see:
323 *
324 * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5db470e229e22b7eda6e23b5566e532c96fb5bc3
325 *
326 * We'll run the work-around here in the legacy LOOP_SET_STATUS64 codepath. In the LOOP_CONFIGURE
327 * codepath above it should not be necessary. */
328 if (c->info.lo_offset != 0 || c->info.lo_sizelimit != 0)
329 if (ioctl(fd, BLKFLSBUF, 0) < 0)
330 log_debug_errno(errno, "Failed to issue BLKFLSBUF ioctl, ignoring: %m");
331
e8c7c4d9
LP		 332 /* LO_FLAGS_DIRECT_IO is a flags we need to configure via explicit ioctls. */
333 if (FLAGS_SET(c->info.lo_flags, LO_FLAGS_DIRECT_IO)) {
334 unsigned long b = 1;
335
336 if (ioctl(fd, LOOP_SET_DIRECT_IO, b) < 0)
337 log_debug_errno(errno, "Failed to enable direct IO mode on loopback device /dev/loop%i, ignoring: %m", nr);
338 }
339
31c75fcc
LP		 340 if (ret_seqnum_not_before)
341 *ret_seqnum_not_before = seqnum;
8ede1e86
LP		 342 if (ret_timestamp_not_before)
343 *ret_timestamp_not_before = timestamp;
31c75fcc 344
86c1c1f3
LP		 345 return 0;
346
347fail:
348 (void) ioctl(fd, LOOP_CLR_FD);
349 return r;
e8af3bfd
ZJS		 350}
351
021bf175
LP		 352static int attach_empty_file(int loop, int nr) {
353 _cleanup_close_ int fd = -1;
354
355 /* So here's the thing: on various kernels (5.8 at least) loop block devices might enter a state
356 * where they are detached but nonetheless have partitions, when used heavily. Accessing these
357 * partitions results in immediatey IO errors. There's no pretty way to get rid of them
358 * again. Neither LOOP_CLR_FD nor LOOP_CTL_REMOVE suffice (see above). What does work is to
359 * reassociate them with a new fd however. This is what we do here hence: we associate the devices
377a9545 360 * with an empty file (i.e. an image that definitely has no partitions). We then immediately clear it
021bf175
LP		 361 * again. This suffices to make the partitions go away. Ugly but appears to work. */
362
363 log_debug("Found unattached loopback block device /dev/loop%i with partitions. Attaching empty file to remove them.", nr);
364
365 fd = open_tmpfile_unlinkable(NULL, O_RDONLY);
366 if (fd < 0)
367 return fd;
368
369 if (flock(loop, LOCK_EX) < 0)
370 return -errno;
371
372 if (ioctl(loop, LOOP_SET_FD, fd) < 0)
373 return -errno;
374
375 if (ioctl(loop, LOOP_SET_STATUS64, &(struct loop_info64) {
376 .lo_flags = LO_FLAGS_READ_ONLY|
377 LO_FLAGS_AUTOCLEAR|
378 LO_FLAGS_PARTSCAN, /* enable partscan, so that the partitions really go away */
379 }) < 0)
380 return -errno;
381
382 if (ioctl(loop, LOOP_CLR_FD) < 0)
383 return -errno;
384
385 /* The caller is expected to immediately close the loopback device after this, so that the BSD lock
386 * is released, and udev sees the changes. */
387 return 0;
388}
389
e8c7c4d9 390static int loop_device_make_internal(
ed9eeb7b
LP		 391 int fd,
392 int open_flags,
393 uint64_t offset,
394 uint64_t size,
395 uint32_t loop_flags,
396 LoopDevice **ret) {
8c1be37e 397
e8c7c4d9 398 _cleanup_close_ int direct_io_fd = -1;
8c1be37e 399 _cleanup_free_ char *loopdev = NULL;
95c50092 400 bool try_loop_configure = true;
86c1c1f3 401 struct loop_config config;
50d04699 402 LoopDevice *d = NULL;
31c75fcc 403 uint64_t seqnum = UINT64_MAX;
8ede1e86 404 usec_t timestamp = USEC_INFINITY;
e8c7c4d9 405 int nr = -1, r, f_flags;
8c1be37e 406 struct stat st;
8c1be37e
LP		 407
408 assert(fd >= 0);
409 assert(ret);
410 assert(IN_SET(open_flags, O_RDWR, O_RDONLY));
411
412 if (fstat(fd, &st) < 0)
413 return -errno;
414
415 if (S_ISBLK(st.st_mode)) {
86c1c1f3 416 if (ioctl(fd, LOOP_GET_STATUS64, &config.info) >= 0) {
b26c39ad 417 /* Oh! This is a loopback device? That's interesting! */
10c1b188
LP		 418
419#if HAVE_VALGRIND_MEMCHECK_H
420 /* Valgrind currently doesn't know LOOP_GET_STATUS64. Remove this once it does */
86c1c1f3 421 VALGRIND_MAKE_MEM_DEFINED(&config.info, sizeof(config.info));
10c1b188 422#endif
86c1c1f3 423 nr = config.info.lo_number;
b26c39ad
LP		 424
425 if (asprintf(&loopdev, "/dev/loop%i", nr) < 0)
426 return -ENOMEM;
427 }
428
ed9eeb7b 429 if (offset == 0 && IN_SET(size, 0, UINT64_MAX)) {
ba5450f4 430 _cleanup_close_ int copy = -1;
bcef1743 431 uint64_t diskseq = 0;
8c1be37e 432
d7654742
LP		 433 /* If this is already a block device and we are supposed to cover the whole of it
434 * then store an fd to the original open device node — and do not actually create an
435 * unnecessary loopback device for it. Note that we reopen the inode here, instead of
436 * keeping just a dup() clone of it around, since we want to ensure that the O_DIRECT
437 * flag of the handle we keep is off, we have our own file index, and have the right
438 * read/write mode in effect. */
439
440 copy = fd_reopen(fd, open_flags|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
ed9eeb7b 441 if (copy < 0)
d7654742 442 return copy;
8c1be37e 443
7e93a658 444 r = fd_get_diskseq(copy, &diskseq);
bcef1743
LB		 445 if (r < 0 && r != -EOPNOTSUPP)
446 return r;
447
ed9eeb7b
LP		 448 d = new(LoopDevice, 1);
449 if (!d)
450 return -ENOMEM;
ed9eeb7b 451 *d = (LoopDevice) {
ba5450f4 452 .fd = TAKE_FD(copy),
b26c39ad
LP		 453 .nr = nr,
454 .node = TAKE_PTR(loopdev),
ed9eeb7b 455 .relinquished = true, /* It's not allocated by us, don't destroy it when this object is freed */
f3859d5f 456 .devno = st.st_rdev,
bcef1743 457 .diskseq = diskseq,
31c75fcc 458 .uevent_seqnum_not_before = UINT64_MAX,
8ede1e86 459 .timestamp_not_before = USEC_INFINITY,
ed9eeb7b
LP		 460 };
461
462 *ret = d;
463 return d->fd;
464 }
465 } else {
466 r = stat_verify_regular(&st);
467 if (r < 0)
468 return r;
8c1be37e
LP		 469 }
470
e8c7c4d9
LP		 471 f_flags = fcntl(fd, F_GETFL);
472 if (f_flags < 0)
473 return -errno;
474
475 if (FLAGS_SET(loop_flags, LO_FLAGS_DIRECT_IO) != FLAGS_SET(f_flags, O_DIRECT)) {
476 /* If LO_FLAGS_DIRECT_IO is requested, then make sure we have the fd open with O_DIRECT, as
477 * that's required. Conversely, if it's off require that O_DIRECT is off too (that's because
478 * new kernels will implicitly enable LO_FLAGS_DIRECT_IO if O_DIRECT is set).
479 *
480 * Our intention here is that LO_FLAGS_DIRECT_IO is the primary knob, and O_DIRECT derived
481 * from that automatically. */
482
483 direct_io_fd = fd_reopen(fd, (FLAGS_SET(loop_flags, LO_FLAGS_DIRECT_IO) ? O_DIRECT : 0)|O_CLOEXEC|O_NONBLOCK|open_flags);
484 if (direct_io_fd < 0) {
485 if (!FLAGS_SET(loop_flags, LO_FLAGS_DIRECT_IO))
486 return log_debug_errno(errno, "Failed to reopen file descriptor without O_DIRECT: %m");
487
488 /* Some file systems might not support O_DIRECT, let's gracefully continue without it then. */
489 log_debug_errno(errno, "Failed to enable O_DIRECT for backing file descriptor for loopback device. Continuing without.");
490 loop_flags &= ~LO_FLAGS_DIRECT_IO;
491 } else
492 fd = direct_io_fd; /* From now on, operate on our new O_DIRECT fd */
493 }
494
e8af3bfd
ZJS		 495 _cleanup_close_ int control = -1;
496 _cleanup_(cleanup_clear_loop_close) int loop_with_fd = -1;
497
8c1be37e
LP		 498 control = open("/dev/loop-control", O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK);
499 if (control < 0)
500 return -errno;
501
86c1c1f3
LP		 502 config = (struct loop_config) {
503 .fd = fd,
504 .info = {
505 /* Use the specified flags, but configure the read-only flag from the open flags, and force autoclear */
0950526a 506 .lo_flags = (loop_flags & ~LO_FLAGS_READ_ONLY) | ((open_flags & O_ACCMODE) == O_RDONLY ? LO_FLAGS_READ_ONLY : 0) | LO_FLAGS_AUTOCLEAR,
86c1c1f3
LP		 507 .lo_offset = offset,
508 .lo_sizelimit = size == UINT64_MAX ? 0 : size,
509 },
510 };
511
0f6519d4
LP		 512 /* Loop around LOOP_CTL_GET_FREE, since at the moment we attempt to open the returned device it might
513 * be gone already, taken by somebody else racing against us. */
e8af3bfd
ZJS		 514 for (unsigned n_attempts = 0;;) {
515 _cleanup_close_ int loop = -1;
516
cc530466
LP		 517 /* Let's take a lock on the control device first. On a busy system, where many programs
518 * attempt to allocate a loopback device at the same time, we might otherwise keep looping
519 * around relatively heavy operations: asking for a free loopback device, then opening it,
520 * validating it, attaching something to it. Let's serialize this whole operation, to make
521 * unnecessary busywork less likely. Note that this is just something we do to optimize our
522 * own code (and whoever else decides to use LOCK_EX locks for this), taking this lock is not
523 * necessary, it just means it's less likely we have to iterate through this loop again and
524 * again if our own code races against our own code. */
525 if (flock(control, LOCK_EX) < 0)
526 return -errno;
527
0f6519d4
LP		 528 nr = ioctl(control, LOOP_CTL_GET_FREE);
529 if (nr < 0)
530 return -errno;
8c1be37e 531
0f6519d4
LP		 532 if (asprintf(&loopdev, "/dev/loop%i", nr) < 0)
533 return -ENOMEM;
8c1be37e 534
0f6519d4 535 loop = open(loopdev, O_CLOEXEC|O_NONBLOCK|O_NOCTTY|open_flags);
01813148
ZJS		 536 if (loop < 0) {
537 /* Somebody might've gotten the same number from the kernel, used the device,
538 * and called LOOP_CTL_REMOVE on it. Let's retry with a new number. */
49043f81 539 if (!ERRNO_IS_DEVICE_ABSENT(errno))
01813148
ZJS		 540 return -errno;
541 } else {
8ede1e86 542 r = loop_configure(loop, nr, &config, &try_loop_configure, &seqnum, &timestamp);
86c1c1f3 543 if (r >= 0) {
01813148
ZJS		 544 loop_with_fd = TAKE_FD(loop);
545 break;
546 }
021bf175
LP		 547 if (r == -EUCLEAN) {
548 /* Make left-over partition disappear hack (see above) */
549 r = attach_empty_file(loop, nr);
550 if (r < 0 && r != -EBUSY)
551 return r;
552 } else if (r != -EBUSY)
86c1c1f3 553 return r;
e8af3bfd 554 }
01813148 555
cc530466
LP		 556 /* OK, this didn't work, let's try again a bit later, but first release the lock on the
557 * control device */
558 if (flock(control, LOCK_UN) < 0)
559 return -errno;
560
e8af3bfd
ZJS		 561 if (++n_attempts >= 64) /* Give up eventually */
562 return -EBUSY;
0f6519d4 563
3e921057
LP		 564 /* Now close the loop device explicitly. This will release any lock acquired by
565 * attach_empty_file() or similar, while we sleep below. */
566 loop = safe_close(loop);
0f6519d4 567 loopdev = mfree(loopdev);
b202ec20
LP		 568
569 /* Wait some random time, to make collision less likely. Let's pick a random time in the
570 * range 0ms…250ms, linearly scaled by the number of failed attempts. */
b0dbffd8
LP		 571 (void) usleep(random_u64_range(UINT64_C(10) * USEC_PER_MSEC +
572 UINT64_C(240) * USEC_PER_MSEC * n_attempts/64));
0f6519d4 573 }
8c1be37e 574
e8c7c4d9
LP		 575 if (FLAGS_SET(loop_flags, LO_FLAGS_DIRECT_IO)) {
576 struct loop_info64 info;
577
578 if (ioctl(loop_with_fd, LOOP_GET_STATUS64, &info) < 0)
579 return -errno;
580
581#if HAVE_VALGRIND_MEMCHECK_H
582 VALGRIND_MAKE_MEM_DEFINED(&info, sizeof(info));
583#endif
584
585 /* On older kernels (<= 5.3) it was necessary to set the block size of the loopback block
586 * device to the logical block size of the underlying file system. Since there was no nice
587 * way to query the value, we are not bothering to do this however. On newer kernels the
588 * block size is propagated automatically and does not require intervention from us. We'll
589 * check here if enabling direct IO worked, to make this easily debuggable however.
590 *
591 * (Should anyone really care and actually wants direct IO on old kernels: it might be worth
592 * enabling direct IO with iteratively larger block sizes until it eventually works.) */
593 if (!FLAGS_SET(info.lo_flags, LO_FLAGS_DIRECT_IO))
594 log_debug("Could not enable direct IO mode, proceeding in buffered IO mode.");
595 }
596
f3859d5f
LP		 597 if (fstat(loop_with_fd, &st) < 0)
598 return -errno;
599 assert(S_ISBLK(st.st_mode));
600
bcef1743 601 uint64_t diskseq = 0;
7e93a658 602 r = fd_get_diskseq(loop_with_fd, &diskseq);
bcef1743
LB		 603 if (r < 0 && r != -EOPNOTSUPP)
604 return r;
605
8c1be37e 606 d = new(LoopDevice, 1);
e8af3bfd
ZJS		 607 if (!d)
608 return -ENOMEM;
8c1be37e 609 *d = (LoopDevice) {
e8af3bfd 610 .fd = TAKE_FD(loop_with_fd),
1cc6c93a 611 .node = TAKE_PTR(loopdev),
8c1be37e 612 .nr = nr,
f3859d5f 613 .devno = st.st_rdev,
bcef1743 614 .diskseq = diskseq,
31c75fcc 615 .uevent_seqnum_not_before = seqnum,
8ede1e86 616 .timestamp_not_before = timestamp,
8c1be37e
LP		 617 };
618
3b195f63
LP		 619 log_debug("Successfully acquired %s, devno=%u:%u, nr=%i, diskseq=%" PRIu64,
620 d->node,
621 major(d->devno), minor(d->devno),
622 d->nr,
623 d->diskseq);
624
8c1be37e 625 *ret = d;
38bd449f 626 return d->fd;
8c1be37e
LP		 627}
628
e8c7c4d9
LP		 629static uint32_t loop_flags_mangle(uint32_t loop_flags) {
630 int r;
631
632 r = getenv_bool("SYSTEMD_LOOP_DIRECT_IO");
633 if (r < 0 && r != -ENXIO)
634 log_debug_errno(r, "Failed to parse $SYSTEMD_LOOP_DIRECT_IO, ignoring: %m");
635
bfd08445 636 return UPDATE_FLAG(loop_flags, LO_FLAGS_DIRECT_IO, r != 0); /* Turn on LO_FLAGS_DIRECT_IO by default, unless explicitly configured to off. */
e8c7c4d9
LP		 637}
638
639int loop_device_make(
640 int fd,
641 int open_flags,
642 uint64_t offset,
643 uint64_t size,
644 uint32_t loop_flags,
645 LoopDevice **ret) {
646
647 assert(fd >= 0);
648 assert(ret);
e8c7c4d9
LP		 649
650 return loop_device_make_internal(
651 fd,
652 open_flags,
653 offset,
654 size,
bfd08445 655 loop_flags_mangle(loop_flags),
e8c7c4d9
LP		 656 ret);
657}
658
79e8393a
LP		 659int loop_device_make_by_path(
660 const char *path,
661 int open_flags,
662 uint32_t loop_flags,
663 LoopDevice **ret) {
664
e8c7c4d9 665 int r, basic_flags, direct_flags, rdwr_flags;
8c1be37e 666 _cleanup_close_ int fd = -1;
aa4d3aa3 667 bool direct = false;
8c1be37e
LP		 668
669 assert(path);
670 assert(ret);
b0a94268 671 assert(open_flags < 0 || IN_SET(open_flags, O_RDWR, O_RDONLY));
8c1be37e 672
b0a94268
LP		 673 /* Passing < 0 as open_flags here means we'll try to open the device writable if we can, retrying
674 * read-only if we cannot. */
675
e8c7c4d9
LP		 676 loop_flags = loop_flags_mangle(loop_flags);
677
678 /* Let's open with O_DIRECT if we can. But not all file systems support that, hence fall back to
679 * non-O_DIRECT mode automatically, if it fails. */
680
681 basic_flags = O_CLOEXEC|O_NONBLOCK|O_NOCTTY;
682 direct_flags = FLAGS_SET(loop_flags, LO_FLAGS_DIRECT_IO) ? O_DIRECT : 0;
683 rdwr_flags = open_flags >= 0 ? open_flags : O_RDWR;
684
685 fd = open(path, basic_flags|direct_flags|rdwr_flags);
686 if (fd < 0 && direct_flags != 0) /* If we had O_DIRECT on, and things failed with that, let's immediately try again without */
687 fd = open(path, basic_flags|rdwr_flags);
aa4d3aa3
LP		 688 else
689 direct = direct_flags != 0;
b0a94268
LP		 690 if (fd < 0) {
691 r = -errno;
692
693 /* Retry read-only? */
694 if (open_flags >= 0 || !(ERRNO_IS_PRIVILEGE(r) || r == -EROFS))
695 return r;
696
e8c7c4d9
LP		 697 fd = open(path, basic_flags|direct_flags|O_RDONLY);
698 if (fd < 0 && direct_flags != 0) /* as above */
699 fd = open(path, basic_flags|O_RDONLY);
aa4d3aa3
LP		 700 else
701 direct = direct_flags != 0;
b0a94268
LP		 702 if (fd < 0)
703 return r; /* Propagate original error */
704
705 open_flags = O_RDONLY;
706 } else if (open_flags < 0)
707 open_flags = O_RDWR;
8c1be37e 708
aa4d3aa3
LP		 709 log_debug("Opened '%s' in %s access mode%s, with O_DIRECT %s%s.",
710 path,
711 open_flags == O_RDWR ? "O_RDWR" : "O_RDONLY",
712 open_flags != rdwr_flags ? " (O_RDWR was requested but not allowed)" : "",
713 direct ? "enabled" : "disabled",
714 direct != (direct_flags != 0) ? " (O_DIRECT was requested but not supported)" : "");
715
0193b93e 716 return loop_device_make_internal(fd, open_flags, 0, 0, loop_flags, ret);
8c1be37e
LP		 717}
718
719LoopDevice* loop_device_unref(LoopDevice *d) {
720 if (!d)
721 return NULL;
722
723 if (d->fd >= 0) {
cae1e8fb
LP		 724 /* Implicitly sync the device, since otherwise in-flight blocks might not get written */
725 if (fsync(d->fd) < 0)
726 log_debug_errno(errno, "Failed to sync loop block device, ignoring: %m");
727
a2ea3b2f 728 if (d->nr >= 0 && !d->relinquished) {
8c1be37e
LP		 729 if (ioctl(d->fd, LOOP_CLR_FD) < 0)
730 log_debug_errno(errno, "Failed to clear loop device: %m");
731
732 }
733
734 safe_close(d->fd);
735 }
736
a2ea3b2f 737 if (d->nr >= 0 && !d->relinquished) {
8c1be37e
LP		 738 _cleanup_close_ int control = -1;
739
740 control = open("/dev/loop-control", O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK);
741 if (control < 0)
f2d9213f
ZJS		 742 log_warning_errno(errno,
743 "Failed to open loop control device, cannot remove loop device %s: %m",
744 strna(d->node));
745 else
746 for (unsigned n_attempts = 0;;) {
747 if (ioctl(control, LOOP_CTL_REMOVE, d->nr) >= 0)
748 break;
749 if (errno != EBUSY || ++n_attempts >= 64) {
750 log_warning_errno(errno, "Failed to remove device %s: %m", strna(d->node));
751 break;
752 }
cae1e8fb 753 (void) usleep(50 * USEC_PER_MSEC);
f2d9213f 754 }
8c1be37e
LP		 755 }
756
757 free(d->node);
5fecf46d 758 return mfree(d);
8c1be37e 759}
a2ea3b2f
LP		 760
761void loop_device_relinquish(LoopDevice *d) {
762 assert(d);
763
764 /* Don't attempt to clean up the loop device anymore from this point on. Leave the clean-ing up to the kernel
765 * itself, using the loop device "auto-clear" logic we already turned on when creating the device. */
766
767 d->relinquished = true;
768}
9dabc4fd
LP		 769
770int loop_device_open(const char *loop_path, int open_flags, LoopDevice **ret) {
771 _cleanup_close_ int loop_fd = -1;
772 _cleanup_free_ char *p = NULL;
b26c39ad 773 struct loop_info64 info;
9dabc4fd
LP		 774 struct stat st;
775 LoopDevice *d;
b26c39ad 776 int nr;
9dabc4fd
LP		 777
778 assert(loop_path);
e8c7c4d9 779 assert(IN_SET(open_flags, O_RDWR, O_RDONLY));
9dabc4fd
LP		 780 assert(ret);
781
782 loop_fd = open(loop_path, O_CLOEXEC|O_NONBLOCK|O_NOCTTY|open_flags);
783 if (loop_fd < 0)
784 return -errno;
785
786 if (fstat(loop_fd, &st) < 0)
787 return -errno;
9dabc4fd
LP		 788 if (!S_ISBLK(st.st_mode))
789 return -ENOTBLK;
790
10c1b188
LP		 791 if (ioctl(loop_fd, LOOP_GET_STATUS64, &info) >= 0) {
792#if HAVE_VALGRIND_MEMCHECK_H
793 /* Valgrind currently doesn't know LOOP_GET_STATUS64. Remove this once it does */
794 VALGRIND_MAKE_MEM_DEFINED(&info, sizeof(info));
795#endif
b26c39ad 796 nr = info.lo_number;
10c1b188 797 } else
b26c39ad
LP		 798 nr = -1;
799
9dabc4fd
LP		 800 p = strdup(loop_path);
801 if (!p)
802 return -ENOMEM;
803
804 d = new(LoopDevice, 1);
805 if (!d)
806 return -ENOMEM;
807
808 *d = (LoopDevice) {
809 .fd = TAKE_FD(loop_fd),
b26c39ad 810 .nr = nr,
9dabc4fd
LP		 811 .node = TAKE_PTR(p),
812 .relinquished = true, /* It's not ours, don't try to destroy it when this object is freed */
79e8393a 813 .devno = st.st_dev,
31c75fcc 814 .uevent_seqnum_not_before = UINT64_MAX,
8ede1e86 815 .timestamp_not_before = USEC_INFINITY,
9dabc4fd
LP		 816 };
817
818 *ret = d;
819 return d->fd;
820}
821
f1443709
LP		 822static int resize_partition(int partition_fd, uint64_t offset, uint64_t size) {
823 char sysfs[STRLEN("/sys/dev/block/:/partition") + 2*DECIMAL_STR_MAX(dev_t) + 1];
824 _cleanup_free_ char *whole = NULL, *buffer = NULL;
825 uint64_t current_offset, current_size, partno;
826 _cleanup_close_ int whole_fd = -1;
827 struct stat st;
828 dev_t devno;
829 int r;
830
831 assert(partition_fd >= 0);
832
833 /* Resizes the partition the loopback device refer to (assuming it refers to one instead of an actual
834 * loopback device), and changes the offset, if needed. This is a fancy wrapper around
835 * BLKPG_RESIZE_PARTITION. */
836
837 if (fstat(partition_fd, &st) < 0)
838 return -errno;
839
840 assert(S_ISBLK(st.st_mode));
841
842 xsprintf(sysfs, "/sys/dev/block/%u:%u/partition", major(st.st_rdev), minor(st.st_rdev));
843 r = read_one_line_file(sysfs, &buffer);
844 if (r == -ENOENT) /* not a partition, cannot resize */
845 return -ENOTTY;
846 if (r < 0)
847 return r;
848 r = safe_atou64(buffer, &partno);
849 if (r < 0)
850 return r;
851
852 xsprintf(sysfs, "/sys/dev/block/%u:%u/start", major(st.st_rdev), minor(st.st_rdev));
853
854 buffer = mfree(buffer);
855 r = read_one_line_file(sysfs, &buffer);
856 if (r < 0)
857 return r;
858 r = safe_atou64(buffer, &current_offset);
859 if (r < 0)
860 return r;
861 if (current_offset > UINT64_MAX/512U)
862 return -EINVAL;
863 current_offset *= 512U;
864
865 if (ioctl(partition_fd, BLKGETSIZE64, &current_size) < 0)
866 return -EINVAL;
867
868 if (size == UINT64_MAX && offset == UINT64_MAX)
869 return 0;
870 if (current_size == size && current_offset == offset)
871 return 0;
872
873 xsprintf(sysfs, "/sys/dev/block/%u:%u/../dev", major(st.st_rdev), minor(st.st_rdev));
874
875 buffer = mfree(buffer);
876 r = read_one_line_file(sysfs, &buffer);
877 if (r < 0)
878 return r;
879 r = parse_dev(buffer, &devno);
880 if (r < 0)
881 return r;
882
883 r = device_path_make_major_minor(S_IFBLK, devno, &whole);
884 if (r < 0)
885 return r;
886
887 whole_fd = open(whole, O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
888 if (whole_fd < 0)
889 return -errno;
890
891 struct blkpg_partition bp = {
892 .pno = partno,
893 .start = offset == UINT64_MAX ? current_offset : offset,
894 .length = size == UINT64_MAX ? current_size : size,
895 };
896
897 struct blkpg_ioctl_arg ba = {
898 .op = BLKPG_RESIZE_PARTITION,
899 .data = &bp,
900 .datalen = sizeof(bp),
901 };
902
7c248223 903 return RET_NERRNO(ioctl(whole_fd, BLKPG, &ba));
f1443709
LP		 904}
905
c37878fc
LP		 906int loop_device_refresh_size(LoopDevice *d, uint64_t offset, uint64_t size) {
907 struct loop_info64 info;
9dabc4fd
LP		 908 assert(d);
909
f1443709
LP		 910 /* Changes the offset/start of the loop device relative to the beginning of the underlying file or
911 * block device. If this loop device actually refers to a partition and not a loopback device, we'll
912 * try to adjust the partition offsets instead.
913 *
914 * If either offset or size is UINT64_MAX we won't change that parameter. */
915
9dabc4fd
LP		 916 if (d->fd < 0)
917 return -EBADF;
918
f1443709
LP		 919 if (d->nr < 0) /* not a loopback device */
920 return resize_partition(d->fd, offset, size);
921
c37878fc
LP		 922 if (ioctl(d->fd, LOOP_GET_STATUS64, &info) < 0)
923 return -errno;
924
10c1b188
LP		 925#if HAVE_VALGRIND_MEMCHECK_H
926 /* Valgrind currently doesn't know LOOP_GET_STATUS64. Remove this once it does */
927 VALGRIND_MAKE_MEM_DEFINED(&info, sizeof(info));
928#endif
929
c37878fc
LP		 930 if (size == UINT64_MAX && offset == UINT64_MAX)
931 return 0;
932 if (info.lo_sizelimit == size && info.lo_offset == offset)
933 return 0;
934
935 if (size != UINT64_MAX)
936 info.lo_sizelimit = size;
937 if (offset != UINT64_MAX)
938 info.lo_offset = offset;
939
7c248223 940 return RET_NERRNO(ioctl(d->fd, LOOP_SET_STATUS64, &info));
9dabc4fd 941}
441ec804
LP		 942
943int loop_device_flock(LoopDevice *d, int operation) {
944 assert(d);
945
946 if (d->fd < 0)
947 return -EBADF;
948
7c248223 949 return RET_NERRNO(flock(d->fd, operation));
441ec804 950}
8dbc208c
LP		 951
952int loop_device_sync(LoopDevice *d) {
953 assert(d);
954
955 /* We also do this implicitly in loop_device_unref(). Doing this explicitly here has the benefit that
956 * we can check the return value though. */
957
958 if (d->fd < 0)
959 return -EBADF;
960
7c248223 961 return RET_NERRNO(fsync(d->fd));
8dbc208c 962}
Unnamed repository; edit this file 'description' to name the repository.