X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=cmds-receive.c;h=62a79850580b852253ac797927f94c914c7f4d98;hb=981441102199c5c9e3fca84ff3e723ddfa78de01;hp=358df1f4d91101260818c3160ffd5f2b44872164;hpb=8f921e4859d9bda35e94690330f401a2cdd102f0;p=platform%2Fupstream%2Fbtrfs-progs.git diff --git a/cmds-receive.c b/cmds-receive.c index 358df1f..62a7985 100644 --- a/cmds-receive.c +++ b/cmds-receive.c @@ -16,12 +16,8 @@ * Boston, MA 021110-1307, USA. */ -#define _GNU_SOURCE -#define _POSIX_C_SOURCE 200809 -#define _XOPEN_SOURCE 700 -#define _BSD_SOURCE - #include "kerncompat.h" +#include "androidcompat.h" #include #include @@ -30,9 +26,10 @@ #include #include #include -#include +#include #include #include +#include #include #include @@ -61,17 +58,32 @@ struct btrfs_receive int dest_dir_fd; int write_fd; - char *write_path; + char write_path[PATH_MAX]; char *root_path; char *dest_dir_path; /* relative to root_path */ - char *full_subvol_path; + char full_subvol_path[PATH_MAX]; + char *full_root_path; + int dest_dir_chroot; - struct subvol_info *cur_subvol; + struct subvol_info cur_subvol; + /* + * Substitute for cur_subvol::path which is a pointer and we cannot + * change it to an array as it's a public API. + */ + char cur_subvol_path[PATH_MAX]; struct subvol_uuid_search sus; int honor_end_cmd; + + /* + * Buffer to store capabilities from security.capabilities xattr, + * usually 20 bytes, but make same room for potentially larger + * encodings. Must be set only once per file, denoted by length > 0. + */ + char cached_capabilities[64]; + int cached_capabilities_len; }; static int finish_subvol(struct btrfs_receive *r) @@ -82,21 +94,21 @@ static int finish_subvol(struct btrfs_receive *r) char uuid_str[BTRFS_UUID_UNPARSED_SIZE]; u64 flags; - if (r->cur_subvol == NULL) + if (r->cur_subvol_path[0] == 0) return 0; - subvol_fd = openat(r->mnt_fd, r->cur_subvol->path, + subvol_fd = openat(r->mnt_fd, r->cur_subvol_path, O_RDONLY | O_NOATIME); if (subvol_fd < 0) { ret = -errno; - fprintf(stderr, "ERROR: open %s failed. %s\n", - r->cur_subvol->path, strerror(-ret)); + error("cannot open %s: %s\n", + r->cur_subvol_path, strerror(-ret)); goto out; } memset(&rs_args, 0, sizeof(rs_args)); - memcpy(rs_args.uuid, r->cur_subvol->received_uuid, BTRFS_UUID_SIZE); - rs_args.stransid = r->cur_subvol->stransid; + memcpy(rs_args.uuid, r->cur_subvol.received_uuid, BTRFS_UUID_SIZE); + rs_args.stransid = r->cur_subvol.stransid; if (g_verbose >= 1) { uuid_unparse((u8*)rs_args.uuid, uuid_str); @@ -107,16 +119,16 @@ static int finish_subvol(struct btrfs_receive *r) ret = ioctl(subvol_fd, BTRFS_IOC_SET_RECEIVED_SUBVOL, &rs_args); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: BTRFS_IOC_SET_RECEIVED_SUBVOL failed. %s\n", + error("ioctl BTRFS_IOC_SET_RECEIVED_SUBVOL failed: %s", strerror(-ret)); goto out; } - r->cur_subvol->rtransid = rs_args.rtransid; + r->cur_subvol.rtransid = rs_args.rtransid; ret = ioctl(subvol_fd, BTRFS_IOC_SUBVOL_GETFLAGS, &flags); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: BTRFS_IOC_SUBVOL_GETFLAGS failed. %s\n", + error("ioctl BTRFS_IOC_SUBVOL_GETFLAGS failed: %s", strerror(-ret)); goto out; } @@ -126,18 +138,16 @@ static int finish_subvol(struct btrfs_receive *r) ret = ioctl(subvol_fd, BTRFS_IOC_SUBVOL_SETFLAGS, &flags); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: failed to make subvolume read only. " - "%s\n", strerror(-ret)); + error("failed to make subvolume read only: %s", + strerror(-ret)); goto out; } ret = 0; out: - if (r->cur_subvol) { - free(r->cur_subvol->path); - free(r->cur_subvol); - r->cur_subvol = NULL; + if (r->cur_subvol_path[0]) { + r->cur_subvol_path[0] = 0; } if (subvol_fd != -1) close(subvol_fd); @@ -156,25 +166,45 @@ static int process_subvol(const char *path, const u8 *uuid, u64 ctransid, if (ret < 0) goto out; - r->cur_subvol = calloc(1, sizeof(*r->cur_subvol)); + if (r->cur_subvol.path) { + error("subvol: another one already started, path ptr: %s", + r->cur_subvol.path); + ret = -EINVAL; + goto out; + } + if (r->cur_subvol_path[0]) { + error("subvol: another one already started, path buf: %s", + r->cur_subvol.path); + ret = -EINVAL; + goto out; + } - if (strlen(r->dest_dir_path) == 0) - r->cur_subvol->path = strdup(path); - else - r->cur_subvol->path = path_cat(r->dest_dir_path, path); - free(r->full_subvol_path); - r->full_subvol_path = path_cat3(r->root_path, r->dest_dir_path, path); + if (*r->dest_dir_path == 0) { + strncpy_null(r->cur_subvol_path, path); + } else { + ret = path_cat_out(r->cur_subvol_path, r->dest_dir_path, path); + if (ret < 0) { + error("subvol: path invalid: %s\n", path); + goto out; + } + } + ret = path_cat3_out(r->full_subvol_path, r->root_path, + r->dest_dir_path, path); + if (ret < 0) { + error("subvol: path invalid: %s", path); + goto out; + } fprintf(stderr, "At subvol %s\n", path); - memcpy(r->cur_subvol->received_uuid, uuid, BTRFS_UUID_SIZE); - r->cur_subvol->stransid = ctransid; + memcpy(r->cur_subvol.received_uuid, uuid, BTRFS_UUID_SIZE); + r->cur_subvol.stransid = ctransid; if (g_verbose) { - uuid_unparse((u8*)r->cur_subvol->received_uuid, uuid_str); + uuid_unparse((u8*)r->cur_subvol.received_uuid, uuid_str); fprintf(stderr, "receiving subvol %s uuid=%s, stransid=%llu\n", path, uuid_str, - r->cur_subvol->stransid); + r->cur_subvol.stransid); } memset(&args_v1, 0, sizeof(args_v1)); @@ -182,8 +212,7 @@ static int process_subvol(const char *path, const u8 *uuid, u64 ctransid, ret = ioctl(r->dest_dir_fd, BTRFS_IOC_SUBVOL_CREATE, &args_v1); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: creating subvolume %s failed. " - "%s\n", path, strerror(-ret)); + error("creating subvolume %s failed: %s", path, strerror(-ret)); goto out; } @@ -205,25 +234,45 @@ static int process_snapshot(const char *path, const u8 *uuid, u64 ctransid, if (ret < 0) goto out; - r->cur_subvol = calloc(1, sizeof(*r->cur_subvol)); + if (r->cur_subvol.path) { + error("snapshot: another one already started, path ptr: %s", + r->cur_subvol.path); + ret = -EINVAL; + goto out; + } + if (r->cur_subvol_path[0]) { + error("snapshot: another one already started, path buf: %s", + r->cur_subvol.path); + ret = -EINVAL; + goto out; + } - if (strlen(r->dest_dir_path) == 0) - r->cur_subvol->path = strdup(path); - else - r->cur_subvol->path = path_cat(r->dest_dir_path, path); - free(r->full_subvol_path); - r->full_subvol_path = path_cat3(r->root_path, r->dest_dir_path, path); + if (*r->dest_dir_path == 0) { + strncpy_null(r->cur_subvol_path, path); + } else { + ret = path_cat_out(r->cur_subvol_path, r->dest_dir_path, path); + if (ret < 0) { + error("snapshot: path invalid: %s", path); + goto out; + } + } + ret = path_cat3_out(r->full_subvol_path, r->root_path, + r->dest_dir_path, path); + if (ret < 0) { + error("snapshot: path invalid: %s", path); + goto out; + } fprintf(stdout, "At snapshot %s\n", path); - memcpy(r->cur_subvol->received_uuid, uuid, BTRFS_UUID_SIZE); - r->cur_subvol->stransid = ctransid; + memcpy(r->cur_subvol.received_uuid, uuid, BTRFS_UUID_SIZE); + r->cur_subvol.stransid = ctransid; if (g_verbose) { - uuid_unparse((u8*)r->cur_subvol->received_uuid, uuid_str); + uuid_unparse((u8*)r->cur_subvol.received_uuid, uuid_str); fprintf(stderr, "receiving snapshot %s uuid=%s, " "ctransid=%llu ", path, uuid_str, - r->cur_subvol->stransid); + r->cur_subvol.stransid); uuid_unparse(parent_uuid, uuid_str); fprintf(stderr, "parent_uuid=%s, parent_ctransid=%llu\n", uuid_str, parent_ctransid); @@ -240,10 +289,50 @@ static int process_snapshot(const char *path, const u8 *uuid, u64 ctransid, } if (!parent_subvol) { ret = -ENOENT; - fprintf(stderr, "ERROR: could not find parent subvolume\n"); + error("cannot find parent subvolume"); goto out; } + /* + * The path is resolved from the root subvol, but we could be in some + * subvolume under the root subvolume, so try and adjust the path to be + * relative to our root path. + */ + if (r->full_root_path) { + size_t root_len; + size_t sub_len; + + root_len = strlen(r->full_root_path); + sub_len = strlen(parent_subvol->path); + + /* First make sure the parent subvol is actually in our path */ + if (sub_len < root_len || + strstr(parent_subvol->path, r->full_root_path) == NULL) { + error( + "parent subvol is not reachable from inside the root subvol"); + ret = -ENOENT; + goto out; + } + + if (sub_len == root_len) { + parent_subvol->path[0] = '/'; + parent_subvol->path[1] = '\0'; + } else { + /* + * root path is foo/bar + * subvol path is foo/bar/baz + * + * we need to have baz be the path, so we need to move + * the bit after foo/bar/, so path + root_len + 1, and + * move the part we care about, so sub_len - root_len - + * 1. + */ + memmove(parent_subvol->path, + parent_subvol->path + root_len + 1, + sub_len - root_len - 1); + parent_subvol->path[sub_len - root_len - 1] = '\0'; + } + } /*if (rs_args.ctransid > rs_args.rtransid) { if (!r->force) { ret = -EINVAL; @@ -254,12 +343,15 @@ static int process_snapshot(const char *path, const u8 *uuid, u64 ctransid, } }*/ - args_v2.fd = openat(r->mnt_fd, parent_subvol->path, - O_RDONLY | O_NOATIME); + if (*parent_subvol->path == 0) + args_v2.fd = dup(r->mnt_fd); + else + args_v2.fd = openat(r->mnt_fd, parent_subvol->path, + O_RDONLY | O_NOATIME); if (args_v2.fd < 0) { ret = -errno; if (errno != ENOENT) - fprintf(stderr, "ERROR: open %s failed. %s\n", + error("cannot open %s: %s", parent_subvol->path, strerror(-ret)); else fprintf(stderr, @@ -274,9 +366,8 @@ static int process_snapshot(const char *path, const u8 *uuid, u64 ctransid, close(args_v2.fd); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: creating snapshot %s -> %s " - "failed. %s\n", parent_subvol->path, - path, strerror(-ret)); + error("creating snapshot %s -> %s failed: %s", + parent_subvol->path, path, strerror(-ret)); goto out; } @@ -292,7 +383,13 @@ static int process_mkfile(const char *path, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("mkfile: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "mkfile %s\n", path); @@ -300,15 +397,13 @@ static int process_mkfile(const char *path, void *user) ret = creat(full_path, 0600); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: mkfile %s failed. %s\n", path, - strerror(-ret)); + error("mkfile %s failed: %s", path, strerror(-ret)); goto out; } close(ret); ret = 0; out: - free(full_path); return ret; } @@ -316,7 +411,13 @@ static int process_mkdir(const char *path, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("mkdir: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "mkdir %s\n", path); @@ -324,11 +425,10 @@ static int process_mkdir(const char *path, void *user) ret = mkdir(full_path, 0700); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: mkdir %s failed. %s\n", path, - strerror(-ret)); + error("mkdir %s failed: %s", path, strerror(-ret)); } - free(full_path); +out: return ret; } @@ -336,7 +436,13 @@ static int process_mknod(const char *path, u64 mode, u64 dev, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("mknod: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "mknod %s mode=%llu, dev=%llu\n", @@ -345,11 +451,10 @@ static int process_mknod(const char *path, u64 mode, u64 dev, void *user) ret = mknod(full_path, mode & S_IFMT, dev); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: mknod %s failed. %s\n", path, - strerror(-ret)); + error("mknod %s failed: %s", path, strerror(-ret)); } - free(full_path); +out: return ret; } @@ -357,7 +462,13 @@ static int process_mkfifo(const char *path, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("mkfifo: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "mkfifo %s\n", path); @@ -365,11 +476,10 @@ static int process_mkfifo(const char *path, void *user) ret = mkfifo(full_path, 0600); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: mkfifo %s failed. %s\n", path, - strerror(-ret)); + error("mkfifo %s failed: %s", path, strerror(-ret)); } - free(full_path); +out: return ret; } @@ -377,7 +487,13 @@ static int process_mksock(const char *path, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("mksock: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "mksock %s\n", path); @@ -385,11 +501,10 @@ static int process_mksock(const char *path, void *user) ret = mknod(full_path, 0600 | S_IFSOCK, 0); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: mknod %s failed. %s\n", path, - strerror(-ret)); + error("mknod %s failed: %s", path, strerror(-ret)); } - free(full_path); +out: return ret; } @@ -397,7 +512,13 @@ static int process_symlink(const char *path, const char *lnk, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("symlink: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "symlink %s -> %s\n", path, lnk); @@ -405,11 +526,11 @@ static int process_symlink(const char *path, const char *lnk, void *user) ret = symlink(lnk, full_path); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: symlink %s -> %s failed. %s\n", path, + error("symlink %s -> %s failed: %s", path, lnk, strerror(-ret)); } - free(full_path); +out: return ret; } @@ -417,8 +538,20 @@ static int process_rename(const char *from, const char *to, void *user) { int ret; struct btrfs_receive *r = user; - char *full_from = path_cat(r->full_subvol_path, from); - char *full_to = path_cat(r->full_subvol_path, to); + char full_from[PATH_MAX]; + char full_to[PATH_MAX]; + + ret = path_cat_out(full_from, r->full_subvol_path, from); + if (ret < 0) { + error("rename: source path invalid: %s", from); + goto out; + } + + ret = path_cat_out(full_to, r->full_subvol_path, to); + if (ret < 0) { + error("rename: target path invalid: %s", to); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "rename %s -> %s\n", from, to); @@ -426,12 +559,11 @@ static int process_rename(const char *from, const char *to, void *user) ret = rename(full_from, full_to); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: rename %s -> %s failed. %s\n", from, + error("rename %s -> %s failed: %s", from, to, strerror(-ret)); } - free(full_from); - free(full_to); +out: return ret; } @@ -439,8 +571,20 @@ static int process_link(const char *path, const char *lnk, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); - char *full_link_path = path_cat(r->full_subvol_path, lnk); + char full_path[PATH_MAX]; + char full_link_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("link: source path invalid: %s", full_path); + goto out; + } + + ret = path_cat_out(full_link_path, r->full_subvol_path, lnk); + if (ret < 0) { + error("link: target path invalid: %s", full_link_path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "link %s -> %s\n", path, lnk); @@ -448,12 +592,10 @@ static int process_link(const char *path, const char *lnk, void *user) ret = link(full_link_path, full_path); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: link %s -> %s failed. %s\n", path, - lnk, strerror(-ret)); + error("link %s -> %s failed: %s", path, lnk, strerror(-ret)); } - free(full_path); - free(full_link_path); +out: return ret; } @@ -462,7 +604,13 @@ static int process_unlink(const char *path, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("unlink: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "unlink %s\n", path); @@ -470,11 +618,10 @@ static int process_unlink(const char *path, void *user) ret = unlink(full_path); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: unlink %s failed. %s\n", path, - strerror(-ret)); + error("unlink %s failed. %s", path, strerror(-ret)); } - free(full_path); +out: return ret; } @@ -482,7 +629,13 @@ static int process_rmdir(const char *path, void *user) { int ret; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("rmdir: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "rmdir %s\n", path); @@ -490,15 +643,13 @@ static int process_rmdir(const char *path, void *user) ret = rmdir(full_path); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: rmdir %s failed. %s\n", path, - strerror(-ret)); + error("rmdir %s failed: %s", path, strerror(-ret)); } - free(full_path); +out: return ret; } - static int open_inode_for_write(struct btrfs_receive *r, const char *path) { int ret = 0; @@ -513,12 +664,10 @@ static int open_inode_for_write(struct btrfs_receive *r, const char *path) r->write_fd = open(path, O_RDWR); if (r->write_fd < 0) { ret = -errno; - fprintf(stderr, "ERROR: open %s failed. %s\n", path, - strerror(-ret)); + error("cannot open %s: %s", path, strerror(-ret)); goto out; } - free(r->write_path); - r->write_path = strdup(path); + strncpy_null(r->write_path, path); out: return ret; @@ -539,10 +688,16 @@ static int process_write(const char *path, const void *data, u64 offset, { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; u64 pos = 0; int w; + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("write: path invalid: %s", path); + goto out; + } + ret = open_inode_for_write(r, full_path); if (ret < 0) goto out; @@ -552,7 +707,7 @@ static int process_write(const char *path, const void *data, u64 offset, offset + pos); if (w < 0) { ret = -errno; - fprintf(stderr, "ERROR: writing to %s failed. %s\n", + error("writing to %s failed: %s\n", path, strerror(-ret)); goto out; } @@ -560,7 +715,6 @@ static int process_write(const char *path, const void *data, u64 offset, } out: - free(full_path); return ret; } @@ -573,11 +727,17 @@ static int process_clone(const char *path, u64 offset, u64 len, struct btrfs_receive *r = user; struct btrfs_ioctl_clone_range_args clone_args; struct subvol_info *si = NULL; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; char *subvol_path = NULL; - char *full_clone_path = NULL; + char full_clone_path[PATH_MAX]; int clone_fd = -1; + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("clone: source path invalid: %s", path); + goto out; + } + ret = open_inode_for_write(r, full_path); if (ret < 0) goto out; @@ -585,13 +745,13 @@ static int process_clone(const char *path, u64 offset, u64 len, si = subvol_uuid_search(&r->sus, 0, clone_uuid, clone_ctransid, NULL, subvol_search_by_received_uuid); if (!si) { - if (memcmp(clone_uuid, r->cur_subvol->received_uuid, + if (memcmp(clone_uuid, r->cur_subvol.received_uuid, BTRFS_UUID_SIZE) == 0) { /* TODO check generation of extent */ - subvol_path = strdup(r->cur_subvol->path); + subvol_path = strdup(r->cur_subvol_path); } else { ret = -ENOENT; - fprintf(stderr, "ERROR: did not find source subvol.\n"); + error("clone: did not find source subvol"); goto out; } } else { @@ -613,13 +773,16 @@ static int process_clone(const char *path, u64 offset, u64 len, subvol_path = strdup(si->path); } - full_clone_path = path_cat3(r->root_path, subvol_path, clone_path); + ret = path_cat_out(full_clone_path, subvol_path, clone_path); + if (ret < 0) { + error("clone: target path invalid: %s", clone_path); + goto out; + } - clone_fd = open(full_clone_path, O_RDONLY | O_NOATIME); + clone_fd = openat(r->mnt_fd, full_clone_path, O_RDONLY | O_NOATIME); if (clone_fd < 0) { ret = -errno; - fprintf(stderr, "ERROR: failed to open %s. %s\n", - full_clone_path, strerror(-ret)); + error("cannot open %s: %s", full_clone_path, strerror(-ret)); goto out; } @@ -628,9 +791,9 @@ static int process_clone(const char *path, u64 offset, u64 len, clone_args.src_length = len; clone_args.dest_offset = offset; ret = ioctl(r->write_fd, BTRFS_IOC_CLONE_RANGE, &clone_args); - if (ret) { + if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: failed to clone extents to %s\n%s\n", + error("failed to clone extents to %s\n%s\n", path, strerror(-ret)); goto out; } @@ -640,8 +803,6 @@ out: free(si->path); free(si); } - free(full_path); - free(full_clone_path); free(subvol_path); if (clone_fd != -1) close(clone_fd); @@ -654,7 +815,29 @@ static int process_set_xattr(const char *path, const char *name, { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("set_xattr: path invalid: %s", path); + goto out; + } + + if (strcmp("security.capability", name) == 0) { + if (g_verbose >= 3) + fprintf(stderr, "set_xattr: cache capabilities\n"); + if (r->cached_capabilities_len) + warning("capabilities set multiple times per file: %s", + full_path); + if (len > sizeof(r->cached_capabilities)) { + error("capabilities encoded to %d bytes, buffer too small", + len); + ret = -E2BIG; + goto out; + } + r->cached_capabilities_len = len; + memcpy(r->cached_capabilities, data, len); + } if (g_verbose >= 2) { fprintf(stderr, "set_xattr %s - name=%s data_len=%d " @@ -665,13 +848,12 @@ static int process_set_xattr(const char *path, const char *name, ret = lsetxattr(full_path, name, data, len, 0); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: lsetxattr %s %s=%.*s failed. %s\n", + error("lsetxattr %s %s=%.*s failed: %s", path, name, len, (char*)data, strerror(-ret)); goto out; } out: - free(full_path); return ret; } @@ -679,7 +861,13 @@ static int process_remove_xattr(const char *path, const char *name, void *user) { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("remove_xattr: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) { fprintf(stderr, "remove_xattr %s - name=%s\n", @@ -689,13 +877,12 @@ static int process_remove_xattr(const char *path, const char *name, void *user) ret = lremovexattr(full_path, name); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: lremovexattr %s %s failed. %s\n", + error("lremovexattr %s %s failed: %s", path, name, strerror(-ret)); goto out; } out: - free(full_path); return ret; } @@ -703,7 +890,13 @@ static int process_truncate(const char *path, u64 size, void *user) { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("truncate: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "truncate %s size=%llu\n", path, size); @@ -711,13 +904,11 @@ static int process_truncate(const char *path, u64 size, void *user) ret = truncate(full_path, size); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: truncate %s failed. %s\n", - path, strerror(-ret)); + error("truncate %s failed: %s", path, strerror(-ret)); goto out; } out: - free(full_path); return ret; } @@ -725,7 +916,13 @@ static int process_chmod(const char *path, u64 mode, void *user) { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("chmod: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "chmod %s - mode=0%o\n", path, (int)mode); @@ -733,13 +930,11 @@ static int process_chmod(const char *path, u64 mode, void *user) ret = chmod(full_path, mode); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: chmod %s failed. %s\n", - path, strerror(-ret)); + error("chmod %s failed: %s", path, strerror(-ret)); goto out; } out: - free(full_path); return ret; } @@ -747,7 +942,13 @@ static int process_chown(const char *path, u64 uid, u64 gid, void *user) { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; + + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("chown: path invalid: %s", path); + goto out; + } if (g_verbose >= 2) fprintf(stderr, "chown %s - uid=%llu, gid=%llu\n", path, @@ -756,13 +957,28 @@ static int process_chown(const char *path, u64 uid, u64 gid, void *user) ret = lchown(full_path, uid, gid); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: chown %s failed. %s\n", - path, strerror(-ret)); + error("chown %s failed: %s", path, strerror(-ret)); goto out; } + if (r->cached_capabilities_len) { + if (g_verbose >= 2) + fprintf(stderr, "chown: restore capabilities\n"); + ret = lsetxattr(full_path, "security.capability", + r->cached_capabilities, + r->cached_capabilities_len, 0); + memset(r->cached_capabilities, 0, + sizeof(r->cached_capabilities)); + r->cached_capabilities_len = 0; + if (ret < 0) { + ret = -errno; + error("restoring capabilities %s: %s", + path, strerror(-ret)); + goto out; + } + } + out: - free(full_path); return ret; } @@ -772,9 +988,15 @@ static int process_utimes(const char *path, struct timespec *at, { int ret = 0; struct btrfs_receive *r = user; - char *full_path = path_cat(r->full_subvol_path, path); + char full_path[PATH_MAX]; struct timespec tv[2]; + ret = path_cat_out(full_path, r->full_subvol_path, path); + if (ret < 0) { + error("utimes: path invalid: %s", path); + goto out; + } + if (g_verbose >= 2) fprintf(stderr, "utimes %s\n", path); @@ -783,16 +1005,29 @@ static int process_utimes(const char *path, struct timespec *at, ret = utimensat(AT_FDCWD, full_path, tv, AT_SYMLINK_NOFOLLOW); if (ret < 0) { ret = -errno; - fprintf(stderr, "ERROR: utimes %s failed. %s\n", + error("utimes %s failed: %s", path, strerror(-ret)); goto out; } out: - free(full_path); return ret; } +static int process_update_extent(const char *path, u64 offset, u64 len, + void *user) +{ + if (g_verbose >= 2) + fprintf(stderr, "update_extent %s: offset=%llu, len=%llu\n", + path, (unsigned long long)offset, + (unsigned long long)len); + + /* + * Sent with BTRFS_SEND_FLAG_NO_FILE_DATA, nothing to do. + */ + + return 0; +} static struct btrfs_send_ops send_ops = { .subvol = process_subvol, @@ -815,68 +1050,120 @@ static struct btrfs_send_ops send_ops = { .chmod = process_chmod, .chown = process_chown, .utimes = process_utimes, + .update_extent = process_update_extent, }; -static int do_receive(struct btrfs_receive *r, const char *tomnt, int r_fd, - u64 max_errors) +static int do_receive(struct btrfs_receive *r, const char *tomnt, + char *realmnt, int r_fd, u64 max_errors) { + u64 subvol_id; int ret; char *dest_dir_full_path; + char root_subvol_path[PATH_MAX]; int end = 0; dest_dir_full_path = realpath(tomnt, NULL); if (!dest_dir_full_path) { ret = -errno; - fprintf(stderr, "ERROR: realpath(%s) failed. %s\n", tomnt, - strerror(-ret)); + error("realpath(%s) failed: %s", tomnt, strerror(-ret)); goto out; } r->dest_dir_fd = open(dest_dir_full_path, O_RDONLY | O_NOATIME); if (r->dest_dir_fd < 0) { ret = -errno; - fprintf(stderr, - "ERROR: failed to open destination directory %s. %s\n", + error("cannot open destination directory %s: %s", dest_dir_full_path, strerror(-ret)); goto out; } - ret = find_mount_root(dest_dir_full_path, &r->root_path); - if (ret < 0) { - fprintf(stderr, - "ERROR: failed to determine mount point for %s: %s\n", - dest_dir_full_path, strerror(-ret)); - ret = -EINVAL; - goto out; - } - if (ret > 0) { - fprintf(stderr, - "ERROR: %s doesn't belong to btrfs mount point\n", - dest_dir_full_path); - ret = -EINVAL; - goto out; + if (realmnt[0]) { + r->root_path = realmnt; + } else { + ret = find_mount_root(dest_dir_full_path, &r->root_path); + if (ret < 0) { + error("failed to determine mount point for %s: %s", + dest_dir_full_path, strerror(-ret)); + ret = -EINVAL; + goto out; + } + if (ret > 0) { + error("%s doesn't belong to btrfs mount point", + dest_dir_full_path); + ret = -EINVAL; + goto out; + } } r->mnt_fd = open(r->root_path, O_RDONLY | O_NOATIME); if (r->mnt_fd < 0) { ret = -errno; - fprintf(stderr, "ERROR: failed to open %s. %s\n", r->root_path, - strerror(-ret)); + error("cannot open %s: %s", r->root_path, strerror(-ret)); + goto out; + } + + /* + * If we use -m or a default subvol we want to resolve the path to the + * subvolume we're sitting in so that we can adjust the paths of any + * subvols we want to receive in. + */ + ret = btrfs_list_get_path_rootid(r->mnt_fd, &subvol_id); + if (ret) + goto out; + + root_subvol_path[0] = 0; + ret = btrfs_subvolid_resolve(r->mnt_fd, root_subvol_path, + PATH_MAX, subvol_id); + if (ret) { + error("cannot resolve our subvol path"); goto out; } /* - * find_mount_root returns a root_path that is a subpath of - * dest_dir_full_path. Now get the other part of root_path, - * which is the destination dir relative to root_path. + * Ok we're inside of a subvol off of the root subvol, we need to + * actually set full_root_path. */ - r->dest_dir_path = dest_dir_full_path + strlen(r->root_path); - while (r->dest_dir_path[0] == '/') - r->dest_dir_path++; + if (*root_subvol_path) + r->full_root_path = root_subvol_path; + + if (r->dest_dir_chroot) { + if (chroot(dest_dir_full_path)) { + ret = -errno; + error("failed to chroot to %s: %s", + dest_dir_full_path, strerror(-ret)); + goto out; + } + if (chdir("/")) { + ret = -errno; + error("failed to chdir to / after chroot: %s", + strerror(-ret)); + goto out; + } + fprintf(stderr, "Chroot to %s\n", dest_dir_full_path); + r->root_path = strdup("/"); + r->dest_dir_path = r->root_path; + } else { + /* + * find_mount_root returns a root_path that is a subpath of + * dest_dir_full_path. Now get the other part of root_path, + * which is the destination dir relative to root_path. + */ + r->dest_dir_path = dest_dir_full_path + strlen(r->root_path); + while (r->dest_dir_path[0] == '/') + r->dest_dir_path++; + } ret = subvol_uuid_search_init(r->mnt_fd, &r->sus); if (ret < 0) goto out; while (!end) { + if (r->cached_capabilities_len) { + if (g_verbose >= 3) + fprintf(stderr, "clear cached capabilities\n"); + memset(r->cached_capabilities, 0, + sizeof(r->cached_capabilities)); + r->cached_capabilities_len = 0; + } + ret = btrfs_read_and_process_send_stream(r_fd, &send_ops, r, r->honor_end_cmd, max_errors); @@ -897,19 +1184,12 @@ out: close(r->write_fd); r->write_fd = -1; } - free(r->root_path); + + if (r->root_path != realmnt) + free(r->root_path); r->root_path = NULL; - free(r->write_path); - r->write_path = NULL; - free(r->full_subvol_path); - r->full_subvol_path = NULL; r->dest_dir_path = NULL; free(dest_dir_full_path); - if (r->cur_subvol) { - free(r->cur_subvol->path); - free(r->cur_subvol); - r->cur_subvol = NULL; - } subvol_uuid_search_finit(&r->sus); if (r->mnt_fd != -1) { close(r->mnt_fd); @@ -919,46 +1199,72 @@ out: close(r->dest_dir_fd); r->dest_dir_fd = -1; } + return ret; } -static const struct option long_opts[] = { - { "max-errors", 1, NULL, 'E' }, - { NULL, 0, NULL, 0 } -}; - int cmd_receive(int argc, char **argv) { - int c; char *tomnt = NULL; - char *fromfile = NULL; + char fromfile[PATH_MAX]; + char realmnt[PATH_MAX]; struct btrfs_receive r; int receive_fd = fileno(stdin); u64 max_errors = 1; - int ret; + int ret = 0; memset(&r, 0, sizeof(r)); r.mnt_fd = -1; r.write_fd = -1; r.dest_dir_fd = -1; + r.dest_dir_chroot = 0; + realmnt[0] = 0; + fromfile[0] = 0; + + while (1) { + int c; + static const struct option long_opts[] = { + { "max-errors", required_argument, NULL, 'E' }, + { "chroot", no_argument, NULL, 'C' }, + { NULL, 0, NULL, 0 } + }; + + c = getopt_long(argc, argv, "Cevf:m:", long_opts, NULL); + if (c < 0) + break; - while ((c = getopt_long(argc, argv, "evf:", long_opts, NULL)) != -1) { switch (c) { case 'v': g_verbose++; break; case 'f': - fromfile = optarg; + if (arg_copy_path(fromfile, optarg, sizeof(fromfile))) { + error("input file path too long (%zu)", + strlen(optarg)); + ret = 1; + goto out; + } break; case 'e': r.honor_end_cmd = 1; break; + case 'C': + r.dest_dir_chroot = 1; + break; case 'E': max_errors = arg_strtou64(optarg); break; + case 'm': + if (arg_copy_path(realmnt, optarg, sizeof(realmnt))) { + error("mount point path too long (%zu)", + strlen(optarg)); + ret = 1; + goto out; + } + break; case '?': default: - fprintf(stderr, "ERROR: receive args invalid.\n"); + error("receive args invalid"); return 1; } } @@ -968,15 +1274,19 @@ int cmd_receive(int argc, char **argv) tomnt = argv[optind]; - if (fromfile) { + if (fromfile[0]) { receive_fd = open(fromfile, O_RDONLY | O_NOATIME); if (receive_fd < 0) { - fprintf(stderr, "ERROR: failed to open %s\n", fromfile); - return 1; + error("cannot open %s: %s", fromfile, strerror(errno)); + goto out; } } - ret = do_receive(&r, tomnt, receive_fd, max_errors); + ret = do_receive(&r, tomnt, realmnt, receive_fd, max_errors); + if (receive_fd != fileno(stdin)) + close(receive_fd); + +out: return !!ret; } @@ -1002,8 +1312,12 @@ const char * const cmd_receive_usage[] = { " in the data stream. Without this option,", " the receiver terminates only if an error", " is recognized or on EOF.", + "-C|--chroot confine the process to using chroot", "--max-errors Terminate as soon as N errors happened while", " processing commands from the send stream.", " Default value is 1. A value of 0 means no limit.", + "-m The root mount point of the destination fs.", + " If you do not have /proc use this to tell us where ", + " this file system is mounted.", NULL };