]>
Commit | Line | Data |
---|---|---|
021b6e45 JH |
1 | /* |
2 | * Copyright (c) 2005, Junio C Hamano | |
3 | */ | |
021b6e45 | 4 | #include "cache.h" |
4a16d072 | 5 | #include "sigchain.h" |
021b6e45 | 6 | |
0a06f148 MH |
7 | /* |
8 | * File write-locks as used by Git. | |
9 | * | |
10 | * For an overview of how to use the lockfile API, please see | |
11 | * | |
12 | * Documentation/technical/api-lockfile.txt | |
13 | * | |
14 | * This module keeps track of all locked files in lock_file_list for | |
15 | * use at cleanup. This list and the lock_file objects that comprise | |
16 | * it must be kept in self-consistent states at all time, because the | |
17 | * program can be interrupted any time by a signal, in which case the | |
18 | * signal handler will walk through the list attempting to clean up | |
19 | * any open lock files. | |
20 | * | |
21 | * A lockfile is owned by the process that created it. The lock_file | |
22 | * object has an "owner" field that records its owner. This field is | |
23 | * used to prevent a forked process from closing a lockfile created by | |
24 | * its parent. | |
25 | * | |
26 | * A lock_file object can be in several states: | |
27 | * | |
28 | * - Uninitialized. In this state the object's on_list field must be | |
29 | * zero but the rest of its contents need not be initialized. As | |
30 | * soon as the object is used in any way, it is irrevocably | |
31 | * registered in the lock_file_list, and on_list is set. | |
32 | * | |
33 | * - Locked, lockfile open (after hold_lock_file_for_update(), | |
34 | * hold_lock_file_for_append(), or reopen_lock_file()). In this | |
35 | * state, the lockfile exists, filename holds the filename of the | |
36 | * lockfile, fd holds a file descriptor open for writing to the | |
37 | * lockfile, and owner holds the PID of the process that locked the | |
38 | * file. | |
39 | * | |
40 | * - Locked, lockfile closed (after close_lock_file()). Same as the | |
41 | * previous state, except that the lockfile is closed and fd is -1. | |
42 | * | |
43 | * - Unlocked (after commit_lock_file(), rollback_lock_file(), or a | |
44 | * failed attempt to lock). In this state, filename[0] == '\0' and | |
45 | * fd is -1. The object is left registered in the lock_file_list, | |
46 | * and on_list is set. | |
47 | */ | |
48 | ||
021b6e45 JH |
49 | static struct lock_file *lock_file_list; |
50 | ||
51 | static void remove_lock_file(void) | |
52 | { | |
5e635e39 JH |
53 | pid_t me = getpid(); |
54 | ||
021b6e45 | 55 | while (lock_file_list) { |
a1754bcc MH |
56 | if (lock_file_list->owner == me) |
57 | rollback_lock_file(lock_file_list); | |
021b6e45 JH |
58 | lock_file_list = lock_file_list->next; |
59 | } | |
60 | } | |
61 | ||
62 | static void remove_lock_file_on_signal(int signo) | |
63 | { | |
64 | remove_lock_file(); | |
4a16d072 | 65 | sigchain_pop(signo); |
021b6e45 JH |
66 | raise(signo); |
67 | } | |
68 | ||
5d5a7a67 BS |
69 | /* |
70 | * p = absolute or relative path name | |
71 | * | |
72 | * Return a pointer into p showing the beginning of the last path name | |
73 | * element. If p is empty or the root directory ("/"), just return p. | |
74 | */ | |
75 | static char *last_path_elm(char *p) | |
76 | { | |
77 | /* r starts pointing to null at the end of the string */ | |
78 | char *r = strchr(p, '\0'); | |
79 | ||
80 | if (r == p) | |
81 | return p; /* just return empty string */ | |
82 | ||
83 | r--; /* back up to last non-null character */ | |
84 | ||
85 | /* back up past trailing slashes, if any */ | |
86 | while (r > p && *r == '/') | |
87 | r--; | |
88 | ||
89 | /* | |
90 | * then go backwards until I hit a slash, or the beginning of | |
91 | * the string | |
92 | */ | |
93 | while (r > p && *(r-1) != '/') | |
94 | r--; | |
95 | return r; | |
96 | } | |
97 | ||
98 | ||
99 | /* We allow "recursive" symbolic links. Only within reason, though */ | |
100 | #define MAXDEPTH 5 | |
101 | ||
102 | /* | |
103 | * p = path that may be a symlink | |
104 | * s = full size of p | |
105 | * | |
106 | * If p is a symlink, attempt to overwrite p with a path to the real | |
107 | * file or directory (which may or may not exist), following a chain of | |
108 | * symlinks if necessary. Otherwise, leave p unmodified. | |
109 | * | |
110 | * This is a best-effort routine. If an error occurs, p will either be | |
111 | * left unmodified or will name a different symlink in a symlink chain | |
112 | * that started with p's initial contents. | |
113 | * | |
114 | * Always returns p. | |
115 | */ | |
116 | ||
117 | static char *resolve_symlink(char *p, size_t s) | |
118 | { | |
119 | int depth = MAXDEPTH; | |
120 | ||
121 | while (depth--) { | |
122 | char link[PATH_MAX]; | |
123 | int link_len = readlink(p, link, sizeof(link)); | |
124 | if (link_len < 0) { | |
125 | /* not a symlink anymore */ | |
126 | return p; | |
127 | } | |
128 | else if (link_len < sizeof(link)) | |
129 | /* readlink() never null-terminates */ | |
130 | link[link_len] = '\0'; | |
131 | else { | |
132 | warning("%s: symlink too long", p); | |
133 | return p; | |
134 | } | |
135 | ||
ecf4831d | 136 | if (is_absolute_path(link)) { |
5d5a7a67 BS |
137 | /* absolute path simply replaces p */ |
138 | if (link_len < s) | |
139 | strcpy(p, link); | |
140 | else { | |
141 | warning("%s: symlink too long", p); | |
142 | return p; | |
143 | } | |
144 | } else { | |
145 | /* | |
146 | * link is a relative path, so I must replace the | |
147 | * last element of p with it. | |
148 | */ | |
4b25d091 | 149 | char *r = (char *)last_path_elm(p); |
5d5a7a67 BS |
150 | if (r - p + link_len < s) |
151 | strcpy(r, link); | |
152 | else { | |
153 | warning("%s: symlink too long", p); | |
154 | return p; | |
155 | } | |
156 | } | |
157 | } | |
158 | return p; | |
159 | } | |
160 | ||
447ff1bf | 161 | /* Make sure errno contains a meaningful value on error */ |
acd3b9ec | 162 | static int lock_file(struct lock_file *lk, const char *path, int flags) |
021b6e45 | 163 | { |
5d5a7a67 | 164 | /* |
7108ad23 MH |
165 | * subtract LOCK_SUFFIX_LEN from size to make sure there's |
166 | * room for adding ".lock" for the lock file name: | |
5d5a7a67 | 167 | */ |
7108ad23 MH |
168 | static const size_t max_path_len = sizeof(lk->filename) - |
169 | LOCK_SUFFIX_LEN; | |
2fbd4f92 | 170 | |
04e57d4d MH |
171 | if (!lock_file_list) { |
172 | /* One-time initialization */ | |
173 | sigchain_push_common(remove_lock_file_on_signal); | |
174 | atexit(remove_lock_file); | |
175 | } | |
176 | ||
177 | if (!lk->on_list) { | |
178 | /* Initialize *lk and add it to lock_file_list: */ | |
179 | lk->fd = -1; | |
180 | lk->owner = 0; | |
181 | lk->filename[0] = 0; | |
182 | lk->next = lock_file_list; | |
183 | lock_file_list = lk; | |
184 | lk->on_list = 1; | |
185 | } | |
186 | ||
447ff1bf RS |
187 | if (strlen(path) >= max_path_len) { |
188 | errno = ENAMETOOLONG; | |
2fbd4f92 | 189 | return -1; |
447ff1bf | 190 | } |
2fbd4f92 | 191 | strcpy(lk->filename, path); |
acd3b9ec | 192 | if (!(flags & LOCK_NODEREF)) |
2fbd4f92 | 193 | resolve_symlink(lk->filename, max_path_len); |
7108ad23 | 194 | strcat(lk->filename, LOCK_SUFFIX); |
4723ee99 | 195 | lk->fd = open(lk->filename, O_RDWR | O_CREAT | O_EXCL, 0666); |
e31e949b | 196 | if (lk->fd < 0) { |
1084b845 | 197 | lk->filename[0] = 0; |
e31e949b MH |
198 | return -1; |
199 | } | |
200 | lk->owner = getpid(); | |
201 | if (adjust_shared_perm(lk->filename)) { | |
202 | int save_errno = errno; | |
203 | error("cannot fix permission bits on %s", lk->filename); | |
204 | rollback_lock_file(lk); | |
205 | errno = save_errno; | |
206 | return -1; | |
207 | } | |
4723ee99 | 208 | return lk->fd; |
021b6e45 JH |
209 | } |
210 | ||
6af926e8 | 211 | void unable_to_lock_message(const char *path, int err, struct strbuf *buf) |
e43a6fd3 | 212 | { |
bdfd739d | 213 | if (err == EEXIST) { |
6af926e8 | 214 | strbuf_addf(buf, "Unable to create '%s.lock': %s.\n\n" |
e43a6fd3 MM |
215 | "If no other git process is currently running, this probably means a\n" |
216 | "git process crashed in this repository earlier. Make sure no other git\n" | |
217 | "process is running and remove the file manually to continue.", | |
e2a57aac | 218 | absolute_path(path), strerror(err)); |
1b018fd9 | 219 | } else |
6af926e8 | 220 | strbuf_addf(buf, "Unable to create '%s.lock': %s", |
e2a57aac | 221 | absolute_path(path), strerror(err)); |
1b018fd9 MV |
222 | } |
223 | ||
224 | int unable_to_lock_error(const char *path, int err) | |
225 | { | |
6af926e8 RS |
226 | struct strbuf buf = STRBUF_INIT; |
227 | ||
228 | unable_to_lock_message(path, err, &buf); | |
229 | error("%s", buf.buf); | |
230 | strbuf_release(&buf); | |
1b018fd9 MV |
231 | return -1; |
232 | } | |
233 | ||
e197c218 | 234 | NORETURN void unable_to_lock_die(const char *path, int err) |
1b018fd9 | 235 | { |
6af926e8 RS |
236 | struct strbuf buf = STRBUF_INIT; |
237 | ||
238 | unable_to_lock_message(path, err, &buf); | |
239 | die("%s", buf.buf); | |
e43a6fd3 MM |
240 | } |
241 | ||
447ff1bf | 242 | /* This should return a meaningful errno on failure */ |
acd3b9ec | 243 | int hold_lock_file_for_update(struct lock_file *lk, const char *path, int flags) |
40aaae88 | 244 | { |
acd3b9ec JH |
245 | int fd = lock_file(lk, path, flags); |
246 | if (fd < 0 && (flags & LOCK_DIE_ON_ERROR)) | |
e197c218 | 247 | unable_to_lock_die(path, errno); |
40aaae88 JH |
248 | return fd; |
249 | } | |
250 | ||
acd3b9ec | 251 | int hold_lock_file_for_append(struct lock_file *lk, const char *path, int flags) |
ea3cd5c7 DB |
252 | { |
253 | int fd, orig_fd; | |
254 | ||
acd3b9ec | 255 | fd = lock_file(lk, path, flags); |
ea3cd5c7 | 256 | if (fd < 0) { |
acd3b9ec | 257 | if (flags & LOCK_DIE_ON_ERROR) |
e197c218 | 258 | unable_to_lock_die(path, errno); |
ea3cd5c7 DB |
259 | return fd; |
260 | } | |
261 | ||
262 | orig_fd = open(path, O_RDONLY); | |
263 | if (orig_fd < 0) { | |
264 | if (errno != ENOENT) { | |
acd3b9ec | 265 | if (flags & LOCK_DIE_ON_ERROR) |
ea3cd5c7 | 266 | die("cannot open '%s' for copying", path); |
ebb8e380 | 267 | rollback_lock_file(lk); |
ea3cd5c7 DB |
268 | return error("cannot open '%s' for copying", path); |
269 | } | |
270 | } else if (copy_fd(orig_fd, fd)) { | |
acd3b9ec | 271 | if (flags & LOCK_DIE_ON_ERROR) |
ea3cd5c7 | 272 | exit(128); |
ebb8e380 | 273 | rollback_lock_file(lk); |
ea3cd5c7 DB |
274 | return -1; |
275 | } | |
276 | return fd; | |
277 | } | |
278 | ||
d6cf61bf BC |
279 | int close_lock_file(struct lock_file *lk) |
280 | { | |
281 | int fd = lk->fd; | |
419f0c0f MH |
282 | |
283 | if (fd < 0) | |
284 | return 0; | |
285 | ||
d6cf61bf BC |
286 | lk->fd = -1; |
287 | return close(fd); | |
288 | } | |
289 | ||
93dcaea2 JH |
290 | int reopen_lock_file(struct lock_file *lk) |
291 | { | |
292 | if (0 <= lk->fd) | |
293 | die(_("BUG: reopen a lockfile that is still open")); | |
294 | if (!lk->filename[0]) | |
295 | die(_("BUG: reopen a lockfile that has been committed")); | |
296 | lk->fd = open(lk->filename, O_WRONLY); | |
297 | return lk->fd; | |
298 | } | |
299 | ||
021b6e45 JH |
300 | int commit_lock_file(struct lock_file *lk) |
301 | { | |
302 | char result_file[PATH_MAX]; | |
4f4713df | 303 | |
419f0c0f | 304 | if (close_lock_file(lk)) |
d6cf61bf | 305 | return -1; |
4f4713df | 306 | |
021b6e45 | 307 | strcpy(result_file, lk->filename); |
4f4713df MH |
308 | /* remove ".lock": */ |
309 | result_file[strlen(result_file) - LOCK_SUFFIX_LEN] = 0; | |
310 | ||
d6cf61bf BC |
311 | if (rename(lk->filename, result_file)) |
312 | return -1; | |
021b6e45 | 313 | lk->filename[0] = 0; |
d6cf61bf | 314 | return 0; |
021b6e45 JH |
315 | } |
316 | ||
30ca07a2 JH |
317 | int hold_locked_index(struct lock_file *lk, int die_on_error) |
318 | { | |
acd3b9ec JH |
319 | return hold_lock_file_for_update(lk, get_index_file(), |
320 | die_on_error | |
321 | ? LOCK_DIE_ON_ERROR | |
322 | : 0); | |
30ca07a2 JH |
323 | } |
324 | ||
021b6e45 JH |
325 | void rollback_lock_file(struct lock_file *lk) |
326 | { | |
9085f8e2 MH |
327 | if (!lk->filename[0]) |
328 | return; | |
329 | ||
26f5d3b6 | 330 | close_lock_file(lk); |
9085f8e2 MH |
331 | unlink_or_warn(lk->filename); |
332 | lk->filename[0] = 0; | |
021b6e45 | 333 | } |