[thirdparty/systemd.git] / src / import / import-tar.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2015 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <sys/prctl.h>
#include <curl/curl.h>

#include "sd-daemon.h"
#include "utf8.h"
#include "strv.h"
#include "copy.h"
#include "btrfs-util.h"
#include "util.h"
#include "macro.h"
#include "mkdir.h"
#include "import-util.h"
#include "curl-util.h"
#include "import-job.h"
#include "import-common.h"
#include "import-tar.h"

typedef enum TarProgress {
        TAR_DOWNLOADING,
        TAR_VERIFYING,
        TAR_FINALIZING,
        TAR_COPYING,
} TarProgress;

struct TarImport {
        sd_event *event;
        CurlGlue *glue;

        char *image_root;

        ImportJob *tar_job;
        ImportJob *checksum_job;
        ImportJob *signature_job;

        TarImportFinished on_finished;
        void *userdata;

        char *local;
        bool force_local;

        pid_t tar_pid;

        char *temp_path;
        char *final_path;

        ImportVerify verify;
};

TarImport* tar_import_unref(TarImport *i) {
        if (!i)
                return NULL;

        if (i->tar_pid > 1) {
                (void) kill_and_sigcont(i->tar_pid, SIGKILL);
                (void) wait_for_terminate(i->tar_pid, NULL);
        }

        import_job_unref(i->tar_job);
        import_job_unref(i->checksum_job);
        import_job_unref(i->signature_job);

        curl_glue_unref(i->glue);
        sd_event_unref(i->event);

        if (i->temp_path) {
                (void) btrfs_subvol_remove(i->temp_path);
                (void) rm_rf_dangerous(i->temp_path, false, true, false);
                free(i->temp_path);
        }

        free(i->final_path);
        free(i->image_root);
        free(i->local);
        free(i);

        return NULL;
}

int tar_import_new(
                TarImport **ret,
                sd_event *event,
                const char *image_root,
                TarImportFinished on_finished,
                void *userdata) {

        _cleanup_(tar_import_unrefp) TarImport *i = NULL;
        int r;

        assert(ret);
        assert(event);

        i = new0(TarImport, 1);
        if (!i)
                return -ENOMEM;

        i->on_finished = on_finished;
        i->userdata = userdata;

        i->image_root = strdup(image_root ?: "/var/lib/machines");
        if (!i->image_root)
                return -ENOMEM;

        if (event)
                i->event = sd_event_ref(event);
        else {
                r = sd_event_default(&i->event);
                if (r < 0)
                        return r;
        }

        r = curl_glue_new(&i->glue, i->event);
        if (r < 0)
                return r;

        i->glue->on_finished = import_job_curl_on_finished;
        i->glue->userdata = i;

        *ret = i;
        i = NULL;

        return 0;
}

static void tar_import_report_progress(TarImport *i, TarProgress p) {
        unsigned percent;

        assert(i);

        switch (p) {

        case TAR_DOWNLOADING: {
                unsigned remain = 85;

                percent = 0;

                if (i->checksum_job) {
                        percent += i->checksum_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->signature_job) {
                        percent += i->signature_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->tar_job)
                        percent += i->tar_job->progress_percent * remain / 100;
                break;
        }

        case TAR_VERIFYING:
                percent = 85;
                break;

        case TAR_FINALIZING:
                percent = 90;
                break;

        case TAR_COPYING:
                percent = 95;
                break;

        default:
                assert_not_reached("Unknown progress state");
        }

        sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
        log_debug("Combined progress %u%%", percent);
}

static int tar_import_make_local_copy(TarImport *i) {
        int r;

        assert(i);
        assert(i->tar_job);

        if (!i->local)
                return 0;

        if (!i->final_path) {
                r = import_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", NULL, &i->final_path);
                if (r < 0)
                        return log_oom();
        }

        r = import_make_local_copy(i->final_path, i->image_root, i->local, i->force_local);
        if (r < 0)
                return r;

        return 0;
}

static bool tar_import_is_done(TarImport *i) {
        assert(i);
        assert(i->tar_job);

        if (i->tar_job->state != IMPORT_JOB_DONE)
                return false;
        if (i->checksum_job && i->checksum_job->state != IMPORT_JOB_DONE)
                return false;
        if (i->signature_job && i->signature_job->state != IMPORT_JOB_DONE)
                return false;

        return true;
}

static void tar_import_job_on_finished(ImportJob *j) {
        TarImport *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        if (j->error != 0) {
                if (j == i->checksum_job)
                        log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
                else if (j == i->signature_job)
                        log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
                else
                        log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");

                r = j->error;
                goto finish;
        }

        /* This is invoked if either the download completed
         * successfully, or the download was skipped because we
         * already have the etag. */

        if (!tar_import_is_done(i))
                return;

        j->disk_fd = safe_close(i->tar_job->disk_fd);

        if (i->tar_pid > 0) {
                r = wait_for_terminate_and_warn("tar", i->tar_pid, true);
                i->tar_pid = 0;
                if (r < 0)
                        goto finish;
        }

        if (!i->tar_job->etag_exists) {
                /* This is a new download, verify it, and move it into place */

                tar_import_report_progress(i, TAR_VERIFYING);

                r = import_verify(i->tar_job, i->checksum_job, i->signature_job);
                if (r < 0)
                        goto finish;

                tar_import_report_progress(i, TAR_FINALIZING);

                r = import_make_read_only(i->temp_path);
                if (r < 0)
                        goto finish;

                if (rename(i->temp_path, i->final_path) < 0) {
                        r = log_error_errno(errno, "Failed to rename to final image name: %m");
                        goto finish;
                }

                free(i->temp_path);
                i->temp_path = NULL;
        }

        tar_import_report_progress(i, TAR_COPYING);

        r = tar_import_make_local_copy(i);
        if (r < 0)
                goto finish;

        r = 0;

finish:
        if (i->on_finished)
                i->on_finished(i, r, i->userdata);
        else
                sd_event_exit(i->event, r);
}

static int tar_import_job_on_open_disk(ImportJob *j) {
        TarImport *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->tar_job == j);
        assert(!i->final_path);
        assert(!i->temp_path);
        assert(i->tar_pid <= 0);

        r = import_make_path(j->url, j->etag, i->image_root, ".tar-", NULL, &i->final_path);
        if (r < 0)
                return log_oom();

        r = tempfn_random(i->final_path, &i->temp_path);
        if (r < 0)
                return log_oom();

        mkdir_parents_label(i->temp_path, 0700);

        r = btrfs_subvol_make(i->temp_path);
        if (r == -ENOTTY) {
                if (mkdir(i->temp_path, 0755) < 0)
                        return log_error_errno(errno, "Failed to create directory %s: %m", i->temp_path);
        } else if (r < 0)
                return log_error_errno(errno, "Failed to create subvolume %s: %m", i->temp_path);

        j->disk_fd = import_fork_tar(i->temp_path, &i->tar_pid);
        if (j->disk_fd < 0)
                return j->disk_fd;

        return 0;
}

static void tar_import_job_on_progress(ImportJob *j) {
        TarImport *i;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        tar_import_report_progress(i, TAR_DOWNLOADING);
}

int tar_import_pull(TarImport *i, const char *url, const char *local, bool force_local, ImportVerify verify) {
        int r;

        assert(i);

        if (!http_url_is_valid(url))
                return -EINVAL;

        if (local && !machine_name_is_valid(local))
                return -EINVAL;

        if (i->tar_job)
                return -EBUSY;

        r = free_and_strdup(&i->local, local);
        if (r < 0)
                return r;
        i->force_local = force_local;
        i->verify = verify;

        r = import_job_new(&i->tar_job, url, i->glue, i);
        if (r < 0)
                return r;

        i->tar_job->on_finished = tar_import_job_on_finished;
        i->tar_job->on_open_disk = tar_import_job_on_open_disk;
        i->tar_job->on_progress = tar_import_job_on_progress;
        i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO;

        r = import_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
        if (r < 0)
                return r;

        r = import_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_import_job_on_finished, i);
        if (r < 0)
                return r;

        r = import_job_begin(i->tar_job);
        if (r < 0)
                return r;

        if (i->checksum_job) {
                i->checksum_job->on_progress = tar_import_job_on_progress;

                r = import_job_begin(i->checksum_job);
                if (r < 0)
                        return r;
        }

        if (i->signature_job) {
                i->signature_job->on_progress = tar_import_job_on_progress;

                r = import_job_begin(i->signature_job);
                if (r < 0)
                        return r;
        }

        return 0;
}
Commit	Line	Data
56ebfaf1 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2015 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <sys/prctl.h>
	23	#include <curl/curl.h>
	24
7079cfef	25	#include "sd-daemon.h"
56ebfaf1 LP	26	#include "utf8.h"
	27	#include "strv.h"
	28	#include "copy.h"
	29	#include "btrfs-util.h"
	30	#include "util.h"
	31	#include "macro.h"
	32	#include "mkdir.h"
3d7415f4	33	#include "import-util.h"
56ebfaf1 LP	34	#include "curl-util.h"
56ebfaf1 LP	35	#include "import-job.h"
3d7415f4	36	#include "import-common.h"
56ebfaf1 LP	37	#include "import-tar.h"
56ebfaf1 LP	38
7079cfef LP	39	typedef enum TarProgress {
	40	TAR_DOWNLOADING,
	41	TAR_VERIFYING,
	42	TAR_FINALIZING,
	43	TAR_COPYING,
	44	} TarProgress;
	45
56ebfaf1 LP	46	struct TarImport {
	47	sd_event *event;
	48	CurlGlue *glue;
	49
	50	char *image_root;
	51
	52	ImportJob *tar_job;
0100b6e1 LP	53	ImportJob *checksum_job;
0100b6e1 LP	54	ImportJob *signature_job;
56ebfaf1 LP	55
	56	TarImportFinished on_finished;
	57	void *userdata;
	58
56ebfaf1 LP	59	char *local;
	60	bool force_local;
	61
	62	pid_t tar_pid;
	63
	64	char *temp_path;
	65	char *final_path;
0100b6e1 LP	66
0100b6e1 LP	67	ImportVerify verify;
56ebfaf1 LP	68	};
	69
	70	TarImport* tar_import_unref(TarImport *i) {
	71	if (!i)
	72	return NULL;
	73
0100b6e1	74	if (i->tar_pid > 1) {
8b71fce8	75	(void) kill_and_sigcont(i->tar_pid, SIGKILL);
0100b6e1	76	(void) wait_for_terminate(i->tar_pid, NULL);
56ebfaf1 LP	77	}
	78
	79	import_job_unref(i->tar_job);
0100b6e1 LP	80	import_job_unref(i->checksum_job);
0100b6e1 LP	81	import_job_unref(i->signature_job);
56ebfaf1 LP	82
	83	curl_glue_unref(i->glue);
	84	sd_event_unref(i->event);
	85
	86	if (i->temp_path) {
	87	(void) btrfs_subvol_remove(i->temp_path);
	88	(void) rm_rf_dangerous(i->temp_path, false, true, false);
0d6e763b	89	free(i->temp_path);
56ebfaf1 LP	90	}
	91
	92	free(i->final_path);
	93	free(i->image_root);
	94	free(i->local);
56ebfaf1 LP	95	free(i);
	96
	97	return NULL;
	98	}
	99
8b71fce8 LP	100	int tar_import_new(
	101	TarImport **ret,
	102	sd_event *event,
	103	const char *image_root,
	104	TarImportFinished on_finished,
	105	void *userdata) {
	106
56ebfaf1 LP	107	_cleanup_(tar_import_unrefp) TarImport *i = NULL;
	108	int r;
	109
	110	assert(ret);
	111	assert(event);
	112
	113	i = new0(TarImport, 1);
	114	if (!i)
	115	return -ENOMEM;
	116
	117	i->on_finished = on_finished;
	118	i->userdata = userdata;
	119
	120	i->image_root = strdup(image_root ?: "/var/lib/machines");
	121	if (!i->image_root)
	122	return -ENOMEM;
	123
	124	if (event)
	125	i->event = sd_event_ref(event);
	126	else {
	127	r = sd_event_default(&i->event);
	128	if (r < 0)
	129	return r;
	130	}
	131
	132	r = curl_glue_new(&i->glue, i->event);
	133	if (r < 0)
	134	return r;
	135
	136	i->glue->on_finished = import_job_curl_on_finished;
	137	i->glue->userdata = i;
	138
	139	*ret = i;
	140	i = NULL;
	141
	142	return 0;
	143	}
	144
7079cfef LP	145	static void tar_import_report_progress(TarImport *i, TarProgress p) {
	146	unsigned percent;
	147
	148	assert(i);
	149
	150	switch (p) {
	151
	152	case TAR_DOWNLOADING: {
	153	unsigned remain = 85;
	154
	155	percent = 0;
	156
	157	if (i->checksum_job) {
	158	percent += i->checksum_job->progress_percent * 5 / 100;
	159	remain -= 5;
	160	}
	161
	162	if (i->signature_job) {
	163	percent += i->signature_job->progress_percent * 5 / 100;
	164	remain -= 5;
	165	}
	166
	167	if (i->tar_job)
	168	percent += i->tar_job->progress_percent * remain / 100;
	169	break;
	170	}
	171
	172	case TAR_VERIFYING:
	173	percent = 85;
	174	break;
	175
	176	case TAR_FINALIZING:
	177	percent = 90;
	178	break;
	179
	180	case TAR_COPYING:
	181	percent = 95;
	182	break;
	183
	184	default:
	185	assert_not_reached("Unknown progress state");
	186	}
	187
	188	sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
	189	log_debug("Combined progress %u%%", percent);
	190	}
	191
0d6e763b LP	192	static int tar_import_make_local_copy(TarImport *i) {
	193	int r;
	194
	195	assert(i);
	196	assert(i->tar_job);
	197
	198	if (!i->local)
	199	return 0;
	200
	201	if (!i->final_path) {
	202	r = import_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", NULL, &i->final_path);
	203	if (r < 0)
	204	return log_oom();
0d6e763b LP	205	}
0d6e763b LP	206
0100b6e1 LP	207	r = import_make_local_copy(i->final_path, i->image_root, i->local, i->force_local);
	208	if (r < 0)
	209	return r;
	210
0d6e763b LP	211	return 0;
	212	}
	213
8b71fce8 LP	214	static bool tar_import_is_done(TarImport *i) {
	215	assert(i);
	216	assert(i->tar_job);
	217
	218	if (i->tar_job->state != IMPORT_JOB_DONE)
	219	return false;
	220	if (i->checksum_job && i->checksum_job->state != IMPORT_JOB_DONE)
	221	return false;
	222	if (i->signature_job && i->signature_job->state != IMPORT_JOB_DONE)
	223	return false;
	224
	225	return true;
	226	}
	227
56ebfaf1 LP	228	static void tar_import_job_on_finished(ImportJob *j) {
	229	TarImport *i;
	230	int r;
	231
	232	assert(j);
	233	assert(j->userdata);
	234
	235	i = j->userdata;
56ebfaf1	236	if (j->error != 0) {
0100b6e1 LP	237	if (j == i->checksum_job)
	238	log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
	239	else if (j == i->signature_job)
	240	log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
	241	else
	242	log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
	243
56ebfaf1 LP	244	r = j->error;
	245	goto finish;
	246	}
	247
	248	/* This is invoked if either the download completed
	249	* successfully, or the download was skipped because we
	250	* already have the etag. */
	251
8b71fce8	252	if (!tar_import_is_done(i))
0100b6e1 LP	253	return;
	254
	255	j->disk_fd = safe_close(i->tar_job->disk_fd);
56ebfaf1 LP	256
	257	if (i->tar_pid > 0) {
	258	r = wait_for_terminate_and_warn("tar", i->tar_pid, true);
	259	i->tar_pid = 0;
	260	if (r < 0)
	261	goto finish;
	262	}
	263
0100b6e1 LP	264	if (!i->tar_job->etag_exists) {
	265	/* This is a new download, verify it, and move it into place */
	266
7079cfef LP	267	tar_import_report_progress(i, TAR_VERIFYING);
7079cfef LP	268
0100b6e1 LP	269	r = import_verify(i->tar_job, i->checksum_job, i->signature_job);
	270	if (r < 0)
	271	goto finish;
	272
7079cfef LP	273	tar_import_report_progress(i, TAR_FINALIZING);
7079cfef LP	274
56ebfaf1 LP	275	r = import_make_read_only(i->temp_path);
	276	if (r < 0)
	277	goto finish;
	278
	279	if (rename(i->temp_path, i->final_path) < 0) {
	280	r = log_error_errno(errno, "Failed to rename to final image name: %m");
	281	goto finish;
	282	}
56ebfaf1	283
0d6e763b LP	284	free(i->temp_path);
0d6e763b LP	285	i->temp_path = NULL;
56ebfaf1 LP	286	}
56ebfaf1 LP	287
7079cfef LP	288	tar_import_report_progress(i, TAR_COPYING);
7079cfef LP	289
0d6e763b LP	290	r = tar_import_make_local_copy(i);
	291	if (r < 0)
	292	goto finish;
	293
56ebfaf1 LP	294	r = 0;
	295
	296	finish:
56ebfaf1 LP	297	if (i->on_finished)
	298	i->on_finished(i, r, i->userdata);
	299	else
	300	sd_event_exit(i->event, r);
	301	}
	302
	303	static int tar_import_job_on_open_disk(ImportJob *j) {
56ebfaf1 LP	304	TarImport *i;
	305	int r;
	306
	307	assert(j);
	308	assert(j->userdata);
	309
	310	i = j->userdata;
8b71fce8 LP	311	assert(i->tar_job == j);
	312	assert(!i->final_path);
	313	assert(!i->temp_path);
	314	assert(i->tar_pid <= 0);
56ebfaf1 LP	315
	316	r = import_make_path(j->url, j->etag, i->image_root, ".tar-", NULL, &i->final_path);
	317	if (r < 0)
	318	return log_oom();
	319
	320	r = tempfn_random(i->final_path, &i->temp_path);
	321	if (r < 0)
	322	return log_oom();
	323
	324	mkdir_parents_label(i->temp_path, 0700);
	325
	326	r = btrfs_subvol_make(i->temp_path);
	327	if (r == -ENOTTY) {
	328	if (mkdir(i->temp_path, 0755) < 0)
	329	return log_error_errno(errno, "Failed to create directory %s: %m", i->temp_path);
	330	} else if (r < 0)
	331	return log_error_errno(errno, "Failed to create subvolume %s: %m", i->temp_path);
	332
2c140ded LP	333	j->disk_fd = import_fork_tar(i->temp_path, &i->tar_pid);
	334	if (j->disk_fd < 0)
	335	return j->disk_fd;
56ebfaf1 LP	336
	337	return 0;
	338	}
	339
7079cfef LP	340	static void tar_import_job_on_progress(ImportJob *j) {
	341	TarImport *i;
	342
	343	assert(j);
	344	assert(j->userdata);
	345
	346	i = j->userdata;
	347
	348	tar_import_report_progress(i, TAR_DOWNLOADING);
	349	}
	350
0100b6e1	351	int tar_import_pull(TarImport i, const char url, const char *local, bool force_local, ImportVerify verify) {
56ebfaf1 LP	352	int r;
	353
	354	assert(i);
	355
56ebfaf1 LP	356	if (!http_url_is_valid(url))
	357	return -EINVAL;
	358
	359	if (local && !machine_name_is_valid(local))
	360	return -EINVAL;
	361
8b71fce8 LP	362	if (i->tar_job)
	363	return -EBUSY;
	364
56ebfaf1 LP	365	r = free_and_strdup(&i->local, local);
	366	if (r < 0)
	367	return r;
56ebfaf1	368	i->force_local = force_local;
0100b6e1	369	i->verify = verify;
56ebfaf1 LP	370
	371	r = import_job_new(&i->tar_job, url, i->glue, i);
	372	if (r < 0)
	373	return r;
	374
	375	i->tar_job->on_finished = tar_import_job_on_finished;
	376	i->tar_job->on_open_disk = tar_import_job_on_open_disk;
7079cfef	377	i->tar_job->on_progress = tar_import_job_on_progress;
0100b6e1	378	i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO;
56ebfaf1 LP	379
	380	r = import_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
	381	if (r < 0)
	382	return r;
	383
0100b6e1 LP	384	r = import_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_import_job_on_finished, i);
	385	if (r < 0)
	386	return r;
	387
	388	r = import_job_begin(i->tar_job);
	389	if (r < 0)
	390	return r;
	391
	392	if (i->checksum_job) {
7079cfef LP	393	i->checksum_job->on_progress = tar_import_job_on_progress;
7079cfef LP	394
0100b6e1 LP	395	r = import_job_begin(i->checksum_job);
	396	if (r < 0)
	397	return r;
	398	}
	399
	400	if (i->signature_job) {
7079cfef LP	401	i->signature_job->on_progress = tar_import_job_on_progress;
7079cfef LP	402
0100b6e1 LP	403	r = import_job_begin(i->signature_job);
	404	if (r < 0)
	405	return r;
	406	}
	407
	408	return 0;
56ebfaf1	409	}