diff options
Diffstat (limited to 'utils/fs/operations.cpp')
-rw-r--r-- | utils/fs/operations.cpp | 803 |
1 files changed, 803 insertions, 0 deletions
diff --git a/utils/fs/operations.cpp b/utils/fs/operations.cpp new file mode 100644 index 000000000000..7a96d0b2058a --- /dev/null +++ b/utils/fs/operations.cpp @@ -0,0 +1,803 @@ +// Copyright 2010 The Kyua Authors. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in the +// documentation and/or other materials provided with the distribution. +// * Neither the name of Google Inc. nor the names of its contributors +// may be used to endorse or promote products derived from this software +// without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "utils/fs/operations.hpp" + +#if defined(HAVE_CONFIG_H) +# include "config.h" +#endif + +extern "C" { +#include <sys/param.h> +#if defined(HAVE_SYS_MOUNT_H) +# include <sys/mount.h> +#endif +#include <sys/stat.h> +#if defined(HAVE_SYS_STATVFS_H) && defined(HAVE_STATVFS) +# include <sys/statvfs.h> +#endif +#if defined(HAVE_SYS_VFS_H) +# include <sys/vfs.h> +#endif +#include <sys/wait.h> + +#include <unistd.h> +} + +#include <cerrno> +#include <cstdlib> +#include <cstring> +#include <fstream> +#include <iostream> +#include <sstream> +#include <string> + +#include "utils/auto_array.ipp" +#include "utils/defs.hpp" +#include "utils/env.hpp" +#include "utils/format/macros.hpp" +#include "utils/fs/directory.hpp" +#include "utils/fs/exceptions.hpp" +#include "utils/fs/path.hpp" +#include "utils/logging/macros.hpp" +#include "utils/optional.ipp" +#include "utils/sanity.hpp" +#include "utils/units.hpp" + +namespace fs = utils::fs; +namespace units = utils::units; + +using utils::optional; + + +namespace { + + +/// Operating systems recognized by the code below. +enum os_type { + os_unsupported = 0, + os_freebsd, + os_linux, + os_netbsd, + os_sunos, +}; + + +/// The current operating system. +static enum os_type current_os = +#if defined(__FreeBSD__) + os_freebsd +#elif defined(__linux__) + os_linux +#elif defined(__NetBSD__) + os_netbsd +#elif defined(__SunOS__) + os_sunos +#else + os_unsupported +#endif + ; + + +/// Specifies if a real unmount(2) is available. +/// +/// We use this as a constant instead of a macro so that we can compile both +/// versions of the unmount code unconditionally. This is a way to prevent +/// compilation bugs going unnoticed for long. +static const bool have_unmount2 = +#if defined(HAVE_UNMOUNT) + true; +#else + false; +#endif + + +#if !defined(UMOUNT) +/// Fake replacement value to the path to umount(8). +# define UMOUNT "do-not-use-this-value" +#else +# if defined(HAVE_UNMOUNT) +# error "umount(8) detected when unmount(2) is also available" +# endif +#endif + + +#if !defined(HAVE_UNMOUNT) +/// Fake unmount(2) function for systems without it. +/// +/// This is only provided to allow our code to compile in all platforms +/// regardless of whether they actually have an unmount(2) or not. +/// +/// \return -1 to indicate error, although this should never happen. +static int +unmount(const char* /* path */, + const int /* flags */) +{ + PRE(false); + return -1; +} +#endif + + +/// Error code returned by subprocess to indicate a controlled failure. +const int exit_known_error = 123; + + +static void run_mount_tmpfs(const fs::path&, const uint64_t) UTILS_NORETURN; + + +/// Executes 'mount -t tmpfs' (or a similar variant). +/// +/// This function must be called from a subprocess as it never returns. +/// +/// \param mount_point Location on which to mount a tmpfs. +/// \param size The size of the tmpfs to mount. If 0, use unlimited. +static void +run_mount_tmpfs(const fs::path& mount_point, const uint64_t size) +{ + const char* mount_args[16]; + std::string size_arg; + + std::size_t last = 0; + switch (current_os) { + case os_freebsd: + mount_args[last++] = "mount"; + mount_args[last++] = "-ttmpfs"; + if (size > 0) { + size_arg = F("-osize=%s") % size; + mount_args[last++] = size_arg.c_str(); + } + mount_args[last++] = "tmpfs"; + mount_args[last++] = mount_point.c_str(); + break; + + case os_linux: + mount_args[last++] = "mount"; + mount_args[last++] = "-ttmpfs"; + if (size > 0) { + size_arg = F("-osize=%s") % size; + mount_args[last++] = size_arg.c_str(); + } + mount_args[last++] = "tmpfs"; + mount_args[last++] = mount_point.c_str(); + break; + + case os_netbsd: + mount_args[last++] = "mount"; + mount_args[last++] = "-ttmpfs"; + if (size > 0) { + size_arg = F("-o-s%s") % size; + mount_args[last++] = size_arg.c_str(); + } + mount_args[last++] = "tmpfs"; + mount_args[last++] = mount_point.c_str(); + break; + + case os_sunos: + mount_args[last++] = "mount"; + mount_args[last++] = "-Ftmpfs"; + if (size > 0) { + size_arg = F("-o-s%s") % size; + mount_args[last++] = size_arg.c_str(); + } + mount_args[last++] = "tmpfs"; + mount_args[last++] = mount_point.c_str(); + break; + + default: + std::cerr << "Don't know how to mount a temporary file system in this " + "host operating system\n"; + std::exit(exit_known_error); + } + mount_args[last] = NULL; + + const char** arg; + std::cout << "Mounting tmpfs onto " << mount_point << " with:"; + for (arg = &mount_args[0]; *arg != NULL; arg++) + std::cout << " " << *arg; + std::cout << "\n"; + + const int ret = ::execvp(mount_args[0], + UTILS_UNCONST(char* const, mount_args)); + INV(ret == -1); + std::cerr << "Failed to exec " << mount_args[0] << "\n"; + std::exit(EXIT_FAILURE); +} + + +/// Unmounts a file system using unmount(2). +/// +/// \pre unmount(2) must be available; i.e. have_unmount2 must be true. +/// +/// \param mount_point The file system to unmount. +/// +/// \throw fs::system_error If the call to unmount(2) fails. +static void +unmount_with_unmount2(const fs::path& mount_point) +{ + PRE(have_unmount2); + + if (::unmount(mount_point.c_str(), 0) == -1) { + const int original_errno = errno; + throw fs::system_error(F("unmount(%s) failed") % mount_point, + original_errno); + } +} + + +/// Unmounts a file system using umount(8). +/// +/// \pre umount(2) must not be available; i.e. have_unmount2 must be false. +/// +/// \param mount_point The file system to unmount. +/// +/// \throw fs::error If the execution of umount(8) fails. +static void +unmount_with_umount8(const fs::path& mount_point) +{ + PRE(!have_unmount2); + + const pid_t pid = ::fork(); + if (pid == -1) { + const int original_errno = errno; + throw fs::system_error("Cannot fork to execute unmount tool", + original_errno); + } else if (pid == 0) { + const int ret = ::execlp(UMOUNT, "umount", mount_point.c_str(), NULL); + INV(ret == -1); + std::cerr << "Failed to exec " UMOUNT "\n"; + std::exit(EXIT_FAILURE); + } + + int status; +retry: + if (::waitpid(pid, &status, 0) == -1) { + const int original_errno = errno; + if (errno == EINTR) + goto retry; + throw fs::system_error("Failed to wait for unmount subprocess", + original_errno); + } + + if (WIFEXITED(status)) { + if (WEXITSTATUS(status) == EXIT_SUCCESS) + return; + else + throw fs::error(F("Failed to unmount %s; returned exit code %s") + % mount_point % WEXITSTATUS(status)); + } else + throw fs::error(F("Failed to unmount %s; unmount tool received signal") + % mount_point); +} + + +/// Stats a file, without following links. +/// +/// \param path The file to stat. +/// +/// \return The stat structure on success. +/// +/// \throw system_error An error on failure. +static struct ::stat +safe_stat(const fs::path& path) +{ + struct ::stat sb; + if (::lstat(path.c_str(), &sb) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Cannot get information about %s") % path, + original_errno); + } + return sb; +} + + +} // anonymous namespace + + +/// Copies a file. +/// +/// \param source The file to copy. +/// \param target The destination of the new copy; must be a file name, not a +/// directory. +/// +/// \throw error If there is a problem copying the file. +void +fs::copy(const fs::path& source, const fs::path& target) +{ + std::ifstream input(source.c_str()); + if (!input) + throw error(F("Cannot open copy source %s") % source); + + std::ofstream output(target.c_str()); + if (!output) + throw error(F("Cannot create copy target %s") % target); + + char buffer[1024]; + while (input.good()) { + input.read(buffer, sizeof(buffer)); + if (input.good() || input.eof()) + output.write(buffer, input.gcount()); + } + if (!input.good() && !input.eof()) + throw error(F("Error while reading input file %s") % source); +} + + +/// Queries the path to the current directory. +/// +/// \return The path to the current directory. +/// +/// \throw fs::error If there is a problem querying the current directory. +fs::path +fs::current_path(void) +{ + char* cwd; +#if defined(HAVE_GETCWD_DYN) + cwd = ::getcwd(NULL, 0); +#else + cwd = ::getcwd(NULL, MAXPATHLEN); +#endif + if (cwd == NULL) { + const int original_errno = errno; + throw fs::system_error(F("Failed to get current working directory"), + original_errno); + } + + try { + const fs::path result(cwd); + std::free(cwd); + return result; + } catch (...) { + std::free(cwd); + throw; + } +} + + +/// Checks if a file exists. +/// +/// Be aware that this is racy in the same way as access(2) is. +/// +/// \param path The file to check the existance of. +/// +/// \return True if the file exists; false otherwise. +bool +fs::exists(const fs::path& path) +{ + return ::access(path.c_str(), F_OK) == 0; +} + + +/// Locates a file in the PATH. +/// +/// \param name The file to locate. +/// +/// \return The path to the located file or none if it was not found. The +/// returned path is always absolute. +optional< fs::path > +fs::find_in_path(const char* name) +{ + const optional< std::string > current_path = utils::getenv("PATH"); + if (!current_path || current_path.get().empty()) + return none; + + std::istringstream path_input(current_path.get() + ":"); + std::string path_component; + while (std::getline(path_input, path_component, ':').good()) { + const fs::path candidate = path_component.empty() ? + fs::path(name) : (fs::path(path_component) / name); + if (exists(candidate)) { + if (candidate.is_absolute()) + return utils::make_optional(candidate); + else + return utils::make_optional(candidate.to_absolute()); + } + } + return none; +} + + +/// Calculates the free space in a given file system. +/// +/// \param path Path to a file in the file system for which to check the free +/// disk space. +/// +/// \return The amount of free space usable by a non-root user. +/// +/// \throw system_error If the call to statfs(2) fails. +utils::units::bytes +fs::free_disk_space(const fs::path& path) +{ +#if defined(HAVE_STATVFS) + struct ::statvfs buf; + if (::statvfs(path.c_str(), &buf) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Failed to stat file system for %s") % path, + original_errno); + } + return units::bytes(uint64_t(buf.f_bsize) * buf.f_bavail); +#elif defined(HAVE_STATFS) + struct ::statfs buf; + if (::statfs(path.c_str(), &buf) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Failed to stat file system for %s") % path, + original_errno); + } + return units::bytes(uint64_t(buf.f_bsize) * buf.f_bavail); +#else +# error "Don't know how to query free disk space" +#endif +} + + +/// Checks if the given path is a directory or not. +/// +/// \return True if the path is a directory; false otherwise. +bool +fs::is_directory(const fs::path& path) +{ + const struct ::stat sb = safe_stat(path); + return S_ISDIR(sb.st_mode); +} + + +/// Creates a directory. +/// +/// \param dir The path to the directory to create. +/// \param mode The permissions for the new directory. +/// +/// \throw system_error If the call to mkdir(2) fails. +void +fs::mkdir(const fs::path& dir, const int mode) +{ + if (::mkdir(dir.c_str(), static_cast< mode_t >(mode)) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Failed to create directory %s") % dir, + original_errno); + } +} + + +/// Creates a directory and any missing parents. +/// +/// This is separate from the fs::mkdir function to clearly differentiate the +/// libc wrapper from the more complex algorithm implemented here. +/// +/// \param dir The path to the directory to create. +/// \param mode The permissions for the new directories. +/// +/// \throw system_error If any call to mkdir(2) fails. +void +fs::mkdir_p(const fs::path& dir, const int mode) +{ + try { + fs::mkdir(dir, mode); + } catch (const fs::system_error& e) { + if (e.original_errno() == ENOENT) { + fs::mkdir_p(dir.branch_path(), mode); + fs::mkdir(dir, mode); + } else if (e.original_errno() != EEXIST) + throw e; + } +} + + +/// Creates a temporary directory that is world readable/accessible. +/// +/// The temporary directory is created using mkdtemp(3) using the provided +/// template. This should be most likely used in conjunction with +/// fs::auto_directory. +/// +/// The temporary directory is given read and execute permissions to everyone +/// and thus should not be used to protect data that may be subject to snooping. +/// This goes together with the assumption that this function is used to create +/// temporary directories for test cases, and that those test cases may +/// sometimes be executed as an unprivileged user. In those cases, we need to +/// support two different things: +/// +/// - Allow the unprivileged code to write to files in the work directory by +/// name (e.g. to write the results file, whose name is provided by the +/// monitor code running as root). This requires us to grant search +/// permissions. +/// +/// - Allow the test cases themselves to call getcwd(3) at any point. At least +/// on NetBSD 7.x, getcwd(3) requires both read and search permissions on all +/// path components leading to the current directory. This requires us to +/// grant both read and search permissions. +/// +/// TODO(jmmv): A cleaner way to support this would be for the test executor to +/// create two work directory hierarchies directly rooted under TMPDIR: one for +/// root and one for the unprivileged user. However, that requires more +/// bookkeeping for no real gain, because we are not really trying to protect +/// the data within our temporary directories against attacks. +/// +/// \param path_template The template for the temporary path, which is a +/// basename that is created within the TMPDIR. Must contain the XXXXXX +/// pattern, which is atomically replaced by a random unique string. +/// +/// \return The generated path for the temporary directory. +/// +/// \throw fs::system_error If the call to mkdtemp(3) fails. +fs::path +fs::mkdtemp_public(const std::string& path_template) +{ + PRE(path_template.find("XXXXXX") != std::string::npos); + + const fs::path tmpdir(utils::getenv_with_default("TMPDIR", "/tmp")); + const fs::path full_template = tmpdir / path_template; + + utils::auto_array< char > buf(new char[full_template.str().length() + 1]); + std::strcpy(buf.get(), full_template.c_str()); + if (::mkdtemp(buf.get()) == NULL) { + const int original_errno = errno; + throw fs::system_error(F("Cannot create temporary directory using " + "template %s") % full_template, + original_errno); + } + const fs::path path(buf.get()); + + if (::chmod(path.c_str(), 0755) == -1) { + const int original_errno = errno; + + try { + rmdir(path); + } catch (const fs::system_error& e) { + // This really should not fail. We just created the directory and + // have not written anything to it so there is no reason for this to + // fail. But better handle the failure just in case. + LW(F("Failed to delete just-created temporary directory %s") + % path); + } + + throw fs::system_error(F("Failed to grant search permissions on " + "temporary directory %s") % path, + original_errno); + } + + return path; +} + + +/// Creates a temporary file. +/// +/// The temporary file is created using mkstemp(3) using the provided template. +/// This should be most likely used in conjunction with fs::auto_file. +/// +/// \param path_template The template for the temporary path, which is a +/// basename that is created within the TMPDIR. Must contain the XXXXXX +/// pattern, which is atomically replaced by a random unique string. +/// +/// \return The generated path for the temporary directory. +/// +/// \throw fs::system_error If the call to mkstemp(3) fails. +fs::path +fs::mkstemp(const std::string& path_template) +{ + PRE(path_template.find("XXXXXX") != std::string::npos); + + const fs::path tmpdir(utils::getenv_with_default("TMPDIR", "/tmp")); + const fs::path full_template = tmpdir / path_template; + + utils::auto_array< char > buf(new char[full_template.str().length() + 1]); + std::strcpy(buf.get(), full_template.c_str()); + if (::mkstemp(buf.get()) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Cannot create temporary file using template " + "%s") % full_template, original_errno); + } + return fs::path(buf.get()); +} + + +/// Mounts a temporary file system with unlimited size. +/// +/// \param in_mount_point The path on which the file system will be mounted. +/// +/// \throw fs::system_error If the attempt to mount process fails. +/// \throw fs::unsupported_operation_error If the code does not know how to +/// mount a temporary file system in the current operating system. +void +fs::mount_tmpfs(const fs::path& in_mount_point) +{ + mount_tmpfs(in_mount_point, units::bytes()); +} + + +/// Mounts a temporary file system. +/// +/// \param in_mount_point The path on which the file system will be mounted. +/// \param size The size of the tmpfs to mount. If 0, use unlimited. +/// +/// \throw fs::system_error If the attempt to mount process fails. +/// \throw fs::unsupported_operation_error If the code does not know how to +/// mount a temporary file system in the current operating system. +void +fs::mount_tmpfs(const fs::path& in_mount_point, const units::bytes& size) +{ + // SunOS's mount(8) requires paths to be absolute. To err on the side of + // caution, let's make the mount point absolute in all cases. + const fs::path mount_point = in_mount_point.is_absolute() ? + in_mount_point : in_mount_point.to_absolute(); + + const pid_t pid = ::fork(); + if (pid == -1) { + const int original_errno = errno; + throw fs::system_error("Cannot fork to execute mount tool", + original_errno); + } + if (pid == 0) + run_mount_tmpfs(mount_point, size); + + int status; +retry: + if (::waitpid(pid, &status, 0) == -1) { + const int original_errno = errno; + if (errno == EINTR) + goto retry; + throw fs::system_error("Failed to wait for mount subprocess", + original_errno); + } + + if (WIFEXITED(status)) { + if (WEXITSTATUS(status) == exit_known_error) + throw fs::unsupported_operation_error( + "Don't know how to mount a tmpfs on this operating system"); + else if (WEXITSTATUS(status) == EXIT_SUCCESS) + return; + else + throw fs::error(F("Failed to mount tmpfs on %s; returned exit " + "code %s") % mount_point % WEXITSTATUS(status)); + } else { + throw fs::error(F("Failed to mount tmpfs on %s; mount tool " + "received signal") % mount_point); + } +} + + +/// Recursively removes a directory. +/// +/// This operation simulates a "rm -r". No effort is made to forcibly delete +/// files and no attention is paid to mount points. +/// +/// \param directory The directory to remove. +/// +/// \throw fs::error If there is a problem removing any directory or file. +void +fs::rm_r(const fs::path& directory) +{ + const fs::directory dir(directory); + + for (fs::directory::const_iterator iter = dir.begin(); iter != dir.end(); + ++iter) { + if (iter->name == "." || iter->name == "..") + continue; + + const fs::path entry = directory / iter->name; + + if (fs::is_directory(entry)) { + LD(F("Descending into %s") % entry); + fs::rm_r(entry); + } else { + LD(F("Removing file %s") % entry); + fs::unlink(entry); + } + } + + LD(F("Removing empty directory %s") % directory); + fs::rmdir(directory); +} + + +/// Removes an empty directory. +/// +/// \param file The directory to remove. +/// +/// \throw fs::system_error If the call to rmdir(2) fails. +void +fs::rmdir(const path& file) +{ + if (::rmdir(file.c_str()) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Removal of %s failed") % file, + original_errno); + } +} + + +/// Obtains all the entries in a directory. +/// +/// \param path The directory to scan. +/// +/// \return The set of all directory entries in the given directory. +/// +/// \throw fs::system_error If reading the directory fails for any reason. +std::set< fs::directory_entry > +fs::scan_directory(const fs::path& path) +{ + std::set< fs::directory_entry > contents; + + fs::directory dir(path); + for (fs::directory::const_iterator iter = dir.begin(); iter != dir.end(); + ++iter) { + contents.insert(*iter); + } + + return contents; +} + + +/// Removes a file. +/// +/// \param file The file to remove. +/// +/// \throw fs::system_error If the call to unlink(2) fails. +void +fs::unlink(const path& file) +{ + if (::unlink(file.c_str()) == -1) { + const int original_errno = errno; + throw fs::system_error(F("Removal of %s failed") % file, + original_errno); + } +} + + +/// Unmounts a file system. +/// +/// \param in_mount_point The file system to unmount. +/// +/// \throw fs::error If the unmount fails. +void +fs::unmount(const fs::path& in_mount_point) +{ + // FreeBSD's unmount(2) requires paths to be absolute. To err on the side + // of caution, let's make it absolute in all cases. + const fs::path mount_point = in_mount_point.is_absolute() ? + in_mount_point : in_mount_point.to_absolute(); + + static const int unmount_retries = 3; + static const int unmount_retry_delay_seconds = 1; + + int retries = unmount_retries; +retry: + try { + if (have_unmount2) { + unmount_with_unmount2(mount_point); + } else { + unmount_with_umount8(mount_point); + } + } catch (const fs::system_error& error) { + if (error.original_errno() == EBUSY && retries > 0) { + LW(F("%s busy; unmount retries left %s") % mount_point % retries); + retries--; + ::sleep(unmount_retry_delay_seconds); + goto retry; + } + throw; + } +} |