]>
Commit | Line | Data |
---|---|---|
1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ | |
2 | ||
3 | #include <curl/curl.h> | |
4 | #include <sys/prctl.h> | |
5 | ||
6 | #include "sd-daemon.h" | |
7 | ||
8 | #include "alloc-util.h" | |
9 | #include "btrfs-util.h" | |
10 | #include "copy.h" | |
11 | #include "curl-util.h" | |
12 | #include "fd-util.h" | |
13 | #include "fs-util.h" | |
14 | #include "hostname-util.h" | |
15 | #include "import-common.h" | |
16 | #include "import-util.h" | |
17 | #include "macro.h" | |
18 | #include "mkdir.h" | |
19 | #include "path-util.h" | |
20 | #include "process-util.h" | |
21 | #include "pull-common.h" | |
22 | #include "pull-job.h" | |
23 | #include "pull-tar.h" | |
24 | #include "rm-rf.h" | |
25 | #include "string-util.h" | |
26 | #include "strv.h" | |
27 | #include "tmpfile-util.h" | |
28 | #include "utf8.h" | |
29 | #include "util.h" | |
30 | #include "web-util.h" | |
31 | ||
32 | typedef enum TarProgress { | |
33 | TAR_DOWNLOADING, | |
34 | TAR_VERIFYING, | |
35 | TAR_FINALIZING, | |
36 | TAR_COPYING, | |
37 | } TarProgress; | |
38 | ||
39 | struct TarPull { | |
40 | sd_event *event; | |
41 | CurlGlue *glue; | |
42 | ||
43 | char *image_root; | |
44 | ||
45 | PullJob *tar_job; | |
46 | PullJob *settings_job; | |
47 | PullJob *checksum_job; | |
48 | PullJob *signature_job; | |
49 | ||
50 | TarPullFinished on_finished; | |
51 | void *userdata; | |
52 | ||
53 | char *local; | |
54 | bool force_local; | |
55 | bool settings; | |
56 | ||
57 | pid_t tar_pid; | |
58 | ||
59 | char *final_path; | |
60 | char *temp_path; | |
61 | ||
62 | char *settings_path; | |
63 | char *settings_temp_path; | |
64 | ||
65 | ImportVerify verify; | |
66 | }; | |
67 | ||
68 | TarPull* tar_pull_unref(TarPull *i) { | |
69 | if (!i) | |
70 | return NULL; | |
71 | ||
72 | if (i->tar_pid > 1) { | |
73 | (void) kill_and_sigcont(i->tar_pid, SIGKILL); | |
74 | (void) wait_for_terminate(i->tar_pid, NULL); | |
75 | } | |
76 | ||
77 | pull_job_unref(i->tar_job); | |
78 | pull_job_unref(i->settings_job); | |
79 | pull_job_unref(i->checksum_job); | |
80 | pull_job_unref(i->signature_job); | |
81 | ||
82 | curl_glue_unref(i->glue); | |
83 | sd_event_unref(i->event); | |
84 | ||
85 | if (i->temp_path) { | |
86 | (void) rm_rf(i->temp_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME); | |
87 | free(i->temp_path); | |
88 | } | |
89 | ||
90 | if (i->settings_temp_path) { | |
91 | (void) unlink(i->settings_temp_path); | |
92 | free(i->settings_temp_path); | |
93 | } | |
94 | ||
95 | free(i->final_path); | |
96 | free(i->settings_path); | |
97 | free(i->image_root); | |
98 | free(i->local); | |
99 | ||
100 | return mfree(i); | |
101 | } | |
102 | ||
103 | int tar_pull_new( | |
104 | TarPull **ret, | |
105 | sd_event *event, | |
106 | const char *image_root, | |
107 | TarPullFinished on_finished, | |
108 | void *userdata) { | |
109 | ||
110 | _cleanup_(curl_glue_unrefp) CurlGlue *g = NULL; | |
111 | _cleanup_(sd_event_unrefp) sd_event *e = NULL; | |
112 | _cleanup_(tar_pull_unrefp) TarPull *i = NULL; | |
113 | _cleanup_free_ char *root = NULL; | |
114 | int r; | |
115 | ||
116 | assert(ret); | |
117 | ||
118 | root = strdup(image_root ?: "/var/lib/machines"); | |
119 | if (!root) | |
120 | return -ENOMEM; | |
121 | ||
122 | if (event) | |
123 | e = sd_event_ref(event); | |
124 | else { | |
125 | r = sd_event_default(&e); | |
126 | if (r < 0) | |
127 | return r; | |
128 | } | |
129 | ||
130 | r = curl_glue_new(&g, e); | |
131 | if (r < 0) | |
132 | return r; | |
133 | ||
134 | i = new(TarPull, 1); | |
135 | if (!i) | |
136 | return -ENOMEM; | |
137 | ||
138 | *i = (TarPull) { | |
139 | .on_finished = on_finished, | |
140 | .userdata = userdata, | |
141 | .image_root = TAKE_PTR(root), | |
142 | .event = TAKE_PTR(e), | |
143 | .glue = TAKE_PTR(g), | |
144 | }; | |
145 | ||
146 | i->glue->on_finished = pull_job_curl_on_finished; | |
147 | i->glue->userdata = i; | |
148 | ||
149 | *ret = TAKE_PTR(i); | |
150 | ||
151 | return 0; | |
152 | } | |
153 | ||
154 | static void tar_pull_report_progress(TarPull *i, TarProgress p) { | |
155 | unsigned percent; | |
156 | ||
157 | assert(i); | |
158 | ||
159 | switch (p) { | |
160 | ||
161 | case TAR_DOWNLOADING: { | |
162 | unsigned remain = 85; | |
163 | ||
164 | percent = 0; | |
165 | ||
166 | if (i->settings_job) { | |
167 | percent += i->settings_job->progress_percent * 5 / 100; | |
168 | remain -= 5; | |
169 | } | |
170 | ||
171 | if (i->checksum_job) { | |
172 | percent += i->checksum_job->progress_percent * 5 / 100; | |
173 | remain -= 5; | |
174 | } | |
175 | ||
176 | if (i->signature_job) { | |
177 | percent += i->signature_job->progress_percent * 5 / 100; | |
178 | remain -= 5; | |
179 | } | |
180 | ||
181 | if (i->tar_job) | |
182 | percent += i->tar_job->progress_percent * remain / 100; | |
183 | break; | |
184 | } | |
185 | ||
186 | case TAR_VERIFYING: | |
187 | percent = 85; | |
188 | break; | |
189 | ||
190 | case TAR_FINALIZING: | |
191 | percent = 90; | |
192 | break; | |
193 | ||
194 | case TAR_COPYING: | |
195 | percent = 95; | |
196 | break; | |
197 | ||
198 | default: | |
199 | assert_not_reached("Unknown progress state"); | |
200 | } | |
201 | ||
202 | sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent); | |
203 | log_debug("Combined progress %u%%", percent); | |
204 | } | |
205 | ||
206 | static int tar_pull_determine_path(TarPull *i, const char *suffix, char **field) { | |
207 | int r; | |
208 | ||
209 | assert(i); | |
210 | assert(field); | |
211 | ||
212 | if (*field) | |
213 | return 0; | |
214 | ||
215 | assert(i->tar_job); | |
216 | ||
217 | r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field); | |
218 | if (r < 0) | |
219 | return log_oom(); | |
220 | ||
221 | return 1; | |
222 | } | |
223 | ||
224 | static int tar_pull_make_local_copy(TarPull *i) { | |
225 | int r; | |
226 | ||
227 | assert(i); | |
228 | assert(i->tar_job); | |
229 | ||
230 | if (!i->local) | |
231 | return 0; | |
232 | ||
233 | r = pull_make_local_copy(i->final_path, i->image_root, i->local, i->force_local); | |
234 | if (r < 0) | |
235 | return r; | |
236 | ||
237 | if (i->settings) { | |
238 | const char *local_settings; | |
239 | assert(i->settings_job); | |
240 | ||
241 | r = tar_pull_determine_path(i, ".nspawn", &i->settings_path); | |
242 | if (r < 0) | |
243 | return r; | |
244 | ||
245 | local_settings = strjoina(i->image_root, "/", i->local, ".nspawn"); | |
246 | ||
247 | r = copy_file_atomic(i->settings_path, local_settings, 0664, 0, 0, COPY_REFLINK | (i->force_local ? COPY_REPLACE : 0)); | |
248 | if (r == -EEXIST) | |
249 | log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings); | |
250 | else if (r == -ENOENT) | |
251 | log_debug_errno(r, "Skipping creation of settings file, since none was found."); | |
252 | else if (r < 0) | |
253 | log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings); | |
254 | else | |
255 | log_info("Created new settings file %s.", local_settings); | |
256 | } | |
257 | ||
258 | return 0; | |
259 | } | |
260 | ||
261 | static bool tar_pull_is_done(TarPull *i) { | |
262 | assert(i); | |
263 | assert(i->tar_job); | |
264 | ||
265 | if (!PULL_JOB_IS_COMPLETE(i->tar_job)) | |
266 | return false; | |
267 | if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job)) | |
268 | return false; | |
269 | if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job)) | |
270 | return false; | |
271 | if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job)) | |
272 | return false; | |
273 | ||
274 | return true; | |
275 | } | |
276 | ||
277 | static void tar_pull_job_on_finished(PullJob *j) { | |
278 | TarPull *i; | |
279 | int r; | |
280 | ||
281 | assert(j); | |
282 | assert(j->userdata); | |
283 | ||
284 | i = j->userdata; | |
285 | ||
286 | if (j == i->settings_job) { | |
287 | if (j->error != 0) | |
288 | log_info_errno(j->error, "Settings file could not be retrieved, proceeding without."); | |
289 | } else if (j->error != 0 && j != i->signature_job) { | |
290 | if (j == i->checksum_job) | |
291 | log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)"); | |
292 | else | |
293 | log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)"); | |
294 | ||
295 | r = j->error; | |
296 | goto finish; | |
297 | } | |
298 | ||
299 | /* This is invoked if either the download completed successfully, or the download was skipped because | |
300 | * we already have the etag. */ | |
301 | ||
302 | if (!tar_pull_is_done(i)) | |
303 | return; | |
304 | ||
305 | if (i->signature_job && i->signature_job->error != 0) { | |
306 | VerificationStyle style; | |
307 | ||
308 | r = verification_style_from_url(i->checksum_job->url, &style); | |
309 | if (r < 0) { | |
310 | log_error_errno(r, "Failed to determine verification style from checksum URL: %m"); | |
311 | goto finish; | |
312 | } | |
313 | ||
314 | if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters | |
315 | * in per-directory verification mode, since only | |
316 | * then the signature is detached, and thus a file | |
317 | * of its own. */ | |
318 | log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)"); | |
319 | r = i->signature_job->error; | |
320 | goto finish; | |
321 | } | |
322 | } | |
323 | ||
324 | i->tar_job->disk_fd = safe_close(i->tar_job->disk_fd); | |
325 | if (i->settings_job) | |
326 | i->settings_job->disk_fd = safe_close(i->settings_job->disk_fd); | |
327 | ||
328 | r = tar_pull_determine_path(i, NULL, &i->final_path); | |
329 | if (r < 0) | |
330 | goto finish; | |
331 | ||
332 | if (i->tar_pid > 0) { | |
333 | r = wait_for_terminate_and_check("tar", i->tar_pid, WAIT_LOG); | |
334 | i->tar_pid = 0; | |
335 | if (r < 0) | |
336 | goto finish; | |
337 | if (r != EXIT_SUCCESS) { | |
338 | r = -EIO; | |
339 | goto finish; | |
340 | } | |
341 | } | |
342 | ||
343 | if (!i->tar_job->etag_exists) { | |
344 | /* This is a new download, verify it, and move it into place */ | |
345 | ||
346 | tar_pull_report_progress(i, TAR_VERIFYING); | |
347 | ||
348 | r = pull_verify(i->tar_job, NULL, i->settings_job, i->checksum_job, i->signature_job); | |
349 | if (r < 0) | |
350 | goto finish; | |
351 | ||
352 | tar_pull_report_progress(i, TAR_FINALIZING); | |
353 | ||
354 | r = import_mangle_os_tree(i->temp_path); | |
355 | if (r < 0) | |
356 | goto finish; | |
357 | ||
358 | r = import_make_read_only(i->temp_path); | |
359 | if (r < 0) | |
360 | goto finish; | |
361 | ||
362 | r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path); | |
363 | if (r < 0) { | |
364 | log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path); | |
365 | goto finish; | |
366 | } | |
367 | ||
368 | i->temp_path = mfree(i->temp_path); | |
369 | ||
370 | if (i->settings_job && | |
371 | i->settings_job->error == 0) { | |
372 | ||
373 | /* Also move the settings file into place, if it exists. Note that we do so only if we also | |
374 | * moved the tar file in place, to keep things strictly in sync. */ | |
375 | assert(i->settings_temp_path); | |
376 | ||
377 | /* Regenerate final name for this auxiliary file, we might know the etag of the file now, and | |
378 | * we should incorporate it in the file name if we can */ | |
379 | i->settings_path = mfree(i->settings_path); | |
380 | ||
381 | r = tar_pull_determine_path(i, ".nspawn", &i->settings_path); | |
382 | if (r < 0) | |
383 | goto finish; | |
384 | ||
385 | r = import_make_read_only(i->settings_temp_path); | |
386 | if (r < 0) | |
387 | goto finish; | |
388 | ||
389 | r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path); | |
390 | if (r < 0) { | |
391 | log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path); | |
392 | goto finish; | |
393 | } | |
394 | ||
395 | i->settings_temp_path = mfree(i->settings_temp_path); | |
396 | } | |
397 | } | |
398 | ||
399 | tar_pull_report_progress(i, TAR_COPYING); | |
400 | ||
401 | r = tar_pull_make_local_copy(i); | |
402 | if (r < 0) | |
403 | goto finish; | |
404 | ||
405 | r = 0; | |
406 | ||
407 | finish: | |
408 | if (i->on_finished) | |
409 | i->on_finished(i, r, i->userdata); | |
410 | else | |
411 | sd_event_exit(i->event, r); | |
412 | } | |
413 | ||
414 | static int tar_pull_job_on_open_disk_tar(PullJob *j) { | |
415 | TarPull *i; | |
416 | int r; | |
417 | ||
418 | assert(j); | |
419 | assert(j->userdata); | |
420 | ||
421 | i = j->userdata; | |
422 | assert(i->tar_job == j); | |
423 | assert(i->tar_pid <= 0); | |
424 | ||
425 | if (!i->temp_path) { | |
426 | r = tempfn_random_child(i->image_root, "tar", &i->temp_path); | |
427 | if (r < 0) | |
428 | return log_oom(); | |
429 | } | |
430 | ||
431 | mkdir_parents_label(i->temp_path, 0700); | |
432 | ||
433 | r = btrfs_subvol_make_fallback(i->temp_path, 0755); | |
434 | if (r < 0) | |
435 | return log_error_errno(r, "Failed to create directory/subvolume %s: %m", i->temp_path); | |
436 | if (r > 0) /* actually btrfs subvol */ | |
437 | (void) import_assign_pool_quota_and_warn(i->temp_path); | |
438 | ||
439 | j->disk_fd = import_fork_tar_x(i->temp_path, &i->tar_pid); | |
440 | if (j->disk_fd < 0) | |
441 | return j->disk_fd; | |
442 | ||
443 | return 0; | |
444 | } | |
445 | ||
446 | static int tar_pull_job_on_open_disk_settings(PullJob *j) { | |
447 | TarPull *i; | |
448 | int r; | |
449 | ||
450 | assert(j); | |
451 | assert(j->userdata); | |
452 | ||
453 | i = j->userdata; | |
454 | assert(i->settings_job == j); | |
455 | ||
456 | if (!i->settings_temp_path) { | |
457 | r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path); | |
458 | if (r < 0) | |
459 | return log_oom(); | |
460 | } | |
461 | ||
462 | mkdir_parents_label(i->settings_temp_path, 0700); | |
463 | ||
464 | j->disk_fd = open(i->settings_temp_path, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664); | |
465 | if (j->disk_fd < 0) | |
466 | return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path); | |
467 | ||
468 | return 0; | |
469 | } | |
470 | ||
471 | static void tar_pull_job_on_progress(PullJob *j) { | |
472 | TarPull *i; | |
473 | ||
474 | assert(j); | |
475 | assert(j->userdata); | |
476 | ||
477 | i = j->userdata; | |
478 | ||
479 | tar_pull_report_progress(i, TAR_DOWNLOADING); | |
480 | } | |
481 | ||
482 | int tar_pull_start( | |
483 | TarPull *i, | |
484 | const char *url, | |
485 | const char *local, | |
486 | bool force_local, | |
487 | ImportVerify verify, | |
488 | bool settings) { | |
489 | ||
490 | int r; | |
491 | ||
492 | assert(i); | |
493 | assert(verify < _IMPORT_VERIFY_MAX); | |
494 | assert(verify >= 0); | |
495 | ||
496 | if (!http_url_is_valid(url)) | |
497 | return -EINVAL; | |
498 | ||
499 | if (local && !hostname_is_valid(local, 0)) | |
500 | return -EINVAL; | |
501 | ||
502 | if (i->tar_job) | |
503 | return -EBUSY; | |
504 | ||
505 | r = free_and_strdup(&i->local, local); | |
506 | if (r < 0) | |
507 | return r; | |
508 | ||
509 | i->force_local = force_local; | |
510 | i->verify = verify; | |
511 | i->settings = settings; | |
512 | ||
513 | /* Set up download job for TAR file */ | |
514 | r = pull_job_new(&i->tar_job, url, i->glue, i); | |
515 | if (r < 0) | |
516 | return r; | |
517 | ||
518 | i->tar_job->on_finished = tar_pull_job_on_finished; | |
519 | i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar; | |
520 | i->tar_job->on_progress = tar_pull_job_on_progress; | |
521 | i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO; | |
522 | ||
523 | r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags); | |
524 | if (r < 0) | |
525 | return r; | |
526 | ||
527 | /* Set up download job for the settings file (.nspawn) */ | |
528 | if (settings) { | |
529 | r = pull_make_auxiliary_job(&i->settings_job, url, tar_strip_suffixes, ".nspawn", i->glue, tar_pull_job_on_finished, i); | |
530 | if (r < 0) | |
531 | return r; | |
532 | ||
533 | i->settings_job->on_open_disk = tar_pull_job_on_open_disk_settings; | |
534 | i->settings_job->on_progress = tar_pull_job_on_progress; | |
535 | i->settings_job->calc_checksum = verify != IMPORT_VERIFY_NO; | |
536 | } | |
537 | ||
538 | /* Set up download of checksum/signature files */ | |
539 | r = pull_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_pull_job_on_finished, i); | |
540 | if (r < 0) | |
541 | return r; | |
542 | ||
543 | r = pull_job_begin(i->tar_job); | |
544 | if (r < 0) | |
545 | return r; | |
546 | ||
547 | if (i->settings_job) { | |
548 | r = pull_job_begin(i->settings_job); | |
549 | if (r < 0) | |
550 | return r; | |
551 | } | |
552 | ||
553 | if (i->checksum_job) { | |
554 | i->checksum_job->on_progress = tar_pull_job_on_progress; | |
555 | i->checksum_job->on_not_found = pull_job_restart_with_sha256sum; | |
556 | ||
557 | r = pull_job_begin(i->checksum_job); | |
558 | if (r < 0) | |
559 | return r; | |
560 | } | |
561 | ||
562 | if (i->signature_job) { | |
563 | i->signature_job->on_progress = tar_pull_job_on_progress; | |
564 | ||
565 | r = pull_job_begin(i->signature_job); | |
566 | if (r < 0) | |
567 | return r; | |
568 | } | |
569 | ||
570 | return 0; | |
571 | } |