projects / project / fstools.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
mount: apply SELinux labels before overlayfs mount
[project/fstools.git] / libfstools / overlay.c
1 /*
2 * Copyright (C) 2014 John Crispin <blogic@openwrt.org>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Lesser General Public License version 2.1
6 * as published by the Free Software Foundation
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14 #include <sys/stat.h>
15 #include <sys/types.h>
16 #include <sys/mount.h>
17
18 #include <asm/byteorder.h>
19
20 #include <errno.h>
21 #include <string.h>
22 #include <stdio.h>
23 #include <unistd.h>
24 #include <stdlib.h>
25 #include <glob.h>
26 #include <errno.h>
27 #include <dirent.h>
28 #include <fcntl.h>
29
30 #include "libfstools.h"
31 #include "volume.h"
32
33 #ifndef GLOB_ONLYDIR
34 #define GLOB_ONLYDIR 0x100
35 #endif
36
37 #define SWITCH_JFFS2 "/tmp/.switch_jffs2"
38 #define OVERLAYDIR "/rom/overlay"
39
40 static bool keep_sysupgrade;
41
42 static int
43 handle_rmdir(const char *dir)
44 {
45 struct dirent *dt;
46 struct stat st;
47 DIR *d;
48 int fd;
49
50 d = opendir(dir);
51 if (!d)
52 return -1;
53
54 fd = dirfd(d);
55
56 while ((dt = readdir(d)) != NULL) {
57 if (fstatat(fd, dt->d_name, &st, AT_SYMLINK_NOFOLLOW) || S_ISDIR(st.st_mode))
58 continue;
59
60 if (keep_sysupgrade && !strcmp(dt->d_name, "sysupgrade.tgz"))
61 continue;
62
63 unlinkat(fd, dt->d_name, 0);
64 }
65
66 closedir(d);
67 rmdir(dir);
68
69 return 0;
70 }
71
72 void
73 foreachdir(const char *dir, int (*cb)(const char*))
74 {
75 static char *globdir = NULL;
76 static size_t globdirlen = 0;
77 struct stat s = { 0 };
78 size_t dirlen = strlen(dir);
79 glob_t gl;
80 int j;
81
82 if (dirlen + sizeof("/*") > globdirlen) {
83 /* Alloc extra 256 B to avoid too many reallocs */
84 size_t len = dirlen + sizeof("/*") + 256;
85 char *tmp;
86
87 tmp = realloc(globdir, len);
88 if (!tmp)
89 return;
90 globdir = tmp;
91 globdirlen = len;
92 }
93
94 sprintf(globdir, "%s/*", dir);
95
96 /* Include GLOB_MARK as callbacks expect a trailing slash */
97 if (!glob(globdir, GLOB_NOESCAPE | GLOB_MARK | GLOB_ONLYDIR, NULL, &gl))
98 for (j = 0; j < gl.gl_pathc; j++) {
99 char *dir = gl.gl_pathv[j];
100 int len = strlen(gl.gl_pathv[j]);
101 int err;
102
103 /* Quick way of skipping files */
104 if (dir[len - 1] != '/')
105 continue;
106
107 /* lstat needs path without a trailing slash */
108 if (len > 1)
109 dir[len - 1] = '\0';
110 err = lstat(gl.gl_pathv[j], &s);
111 if (len > 1)
112 dir[len - 1] = '/';
113
114 if (!err && !S_ISLNK(s.st_mode))
115 foreachdir(gl.gl_pathv[j], cb);
116 }
117 cb(dir);
118 }
119
120 static void foreach_mount(int (*cb)(const char *, const char *))
121 {
122 FILE *fp = fopen("/proc/mounts", "r");
123 static char line[256];
124
125 if (!fp)
126 return;
127
128 while (fgets(line, sizeof(line), fp)) {
129 char device[32], mount_point[32];
130
131 if (sscanf(line, "%31s %31s %*s %*s %*u %*u", device, mount_point) == 2)
132 cb(device, mount_point);
133 }
134
135 fclose(fp);
136 }
137
138 void
139 overlay_delete(const char *dir, bool _keep_sysupgrade)
140 {
141 keep_sysupgrade = _keep_sysupgrade;
142 foreachdir(dir, handle_rmdir);
143 }
144
145 static int
146 overlay_mount(struct volume *v, char *fs)
147 {
148 if (mkdir("/tmp/overlay", 0755)) {
149 ULOG_ERR("failed to mkdir /tmp/overlay: %m\n");
150 return -1;
151 }
152
153 if (mount(v->blk, "/tmp/overlay", fs, MS_NOATIME, NULL)) {
154 ULOG_ERR("failed to mount -t %s %s /tmp/overlay: %m\n", fs, v->blk);
155 return -1;
156 }
157
158 return 0;
159 }
160
161 /**
162 * move_mount - move mount point to the new root
163 */
164 static int move_mount(const char *device, const char *mount_point)
165 {
166 static const char *prefix = "/tmp/root/";
167
168 if (strncmp(mount_point, prefix, strlen(prefix)))
169 return 0;
170
171 return mount_move(prefix, "/", mount_point + strlen(prefix));
172 }
173
174 static int
175 switch2jffs(struct volume *v)
176 {
177 struct stat s;
178 int ret;
179
180 if (!stat(SWITCH_JFFS2, &s)) {
181 ULOG_ERR("jffs2 switch already running\n");
182 return -1;
183 }
184
185 creat(SWITCH_JFFS2, 0600);
186 ret = mount(v->blk, OVERLAYDIR, "jffs2", MS_NOATIME, NULL);
187 unlink(SWITCH_JFFS2);
188 if (ret) {
189 ULOG_ERR("failed - mount -t jffs2 %s %s: %m\n", v->blk, OVERLAYDIR);
190 return -1;
191 }
192 selinux_restorecon(OVERLAYDIR);
193
194 if (mount("none", "/", NULL, MS_NOATIME | MS_REMOUNT, 0)) {
195 ULOG_ERR("failed - mount -o remount,ro none: %m\n");
196 return -1;
197 }
198
199 if (system("cp -a /tmp/root/* /rom/overlay")) {
200 ULOG_ERR("failed - cp -a /tmp/root/* /rom/overlay: %m\n");
201 return -1;
202 }
203
204 if (pivot("/rom", "/mnt")) {
205 ULOG_ERR("failed - pivot /rom /mnt: %m\n");
206 return -1;
207 }
208
209 if (mount_move("/mnt", "/tmp/root", "")) {
210 ULOG_ERR("failed - mount -o move /mnt /tmp/root %m\n");
211 return -1;
212 }
213
214 ret = fopivot("/overlay", "/rom");
215
216 /*
217 * Besides copying overlay data from "tmpfs" to "jffs2" we should also
218 * move mount points that user could create during JFFS2 formatting.
219 * This has to happen after fopivot call because:
220 * 1) It's trivial to find mount points to move then (/tmp/root/...).
221 * 2) We can't do that earlier using /rom/overlay/upper/ as overlay(fs)
222 * doesn't support mounts. Mounting to upper dir don't make overlay
223 * /propagate/ files to the target dir.
224 */
225 foreach_mount(move_mount);
226
227 return ret;
228 }
229
230 int
231 handle_whiteout(const char *dir)
232 {
233 struct stat s;
234 char link[256];
235 ssize_t sz;
236 struct dirent **namelist;
237 int n;
238
239 n = scandir(dir, &namelist, NULL, NULL);
240
241 if (n < 1)
242 return -1;
243
244 while (n--) {
245 char file[256];
246
247 snprintf(file, sizeof(file), "%s%s", dir, namelist[n]->d_name);
248 if (!lstat(file, &s) && S_ISLNK(s.st_mode)) {
249 sz = readlink(file, link, sizeof(link) - 1);
250 if (sz > 0) {
251 char *orig;
252
253 link[sz] = '\0';
254 orig = strstr(&file[1], "/");
255 if (orig && !strcmp(link, "(overlay-whiteout)"))
256 unlink(orig);
257 }
258 }
259 free(namelist[n]);
260 }
261 free(namelist);
262
263 return 0;
264 }
265
266 static char *overlay_fs_name(int type)
267 {
268 switch (type) {
269 case FS_EXT4:
270 return "ext4";
271 case FS_F2FS:
272 return "f2fs";
273 case FS_UBIFS:
274 return "ubifs";
275 case FS_JFFS2:
276 default:
277 return "jffs2";
278 }
279 }
280
281 int
282 jffs2_switch(struct volume *v)
283 {
284 char *mp, *fs_name;
285 int type;
286
287 if (find_overlay_mount("overlayfs:/tmp/root"))
288 return -1;
289
290 if (find_filesystem("overlay")) {
291 ULOG_ERR("overlayfs not supported by kernel\n");
292 return -1;
293 }
294
295 volume_init(v);
296 mp = find_mount_point(v->blk, 0);
297 if (mp) {
298 ULOG_ERR("rootfs_data:%s is already mounted as %s\n", v->blk, mp);
299 return -1;
300 }
301
302 type = volume_identify(v);
303 fs_name = overlay_fs_name(type);
304
305 switch (type) {
306 case FS_NONE:
307 ULOG_ERR("no jffs2 marker found\n");
308 /* fall through */
309
310 case FS_DEADCODE:
311 if (switch2jffs(v))
312 return -1;
313
314 ULOG_INFO("performing overlay whiteout\n");
315 umount2("/tmp/root", MNT_DETACH);
316 foreachdir("/overlay/", handle_whiteout);
317
318 /* try hard to be in sync */
319 ULOG_INFO("syncronizing overlay\n");
320 if (system("cp -a /tmp/root/upper/* / 2>/dev/null"))
321 ULOG_ERR("failed to sync jffs2 overlay\n");
322 break;
323
324 case FS_EXT4:
325 case FS_F2FS:
326 case FS_UBIFS:
327 if (overlay_mount(v, fs_name))
328 return -1;
329 if (mount_move("/tmp", "", "/overlay") || fopivot("/overlay", "/rom")) {
330 ULOG_ERR("switching to %s failed\n", fs_name);
331 return -1;
332 }
333 break;
334 }
335
336 sync();
337 fs_state_set("/overlay", FS_STATE_READY);
338 return 0;
339 }
340
341 static int overlay_mount_fs(struct volume *v)
342 {
343 char *fstype = overlay_fs_name(volume_identify(v));
344
345 if (mkdir("/tmp/overlay", 0755)) {
346 ULOG_ERR("failed to mkdir /tmp/overlay: %m\n");
347 return -1;
348 }
349
350 if (mount(v->blk, "/tmp/overlay", fstype,
351 #ifdef OVL_MOUNT_FULL_ACCESS_TIME
352 MS_RELATIME,
353 #else
354 MS_NOATIME,
355 #endif
356 #ifdef OVL_MOUNT_COMPRESS_ZLIB
357 "compr=zlib"
358 #else
359 NULL
360 #endif
361 )) {
362 ULOG_ERR("failed to mount -t %s %s /tmp/overlay: %m\n",
363 fstype, v->blk);
364 return -1;
365 }
366
367 return 0;
368 }
369
370 enum fs_state fs_state_get(const char *dir)
371 {
372 char *path;
373 char valstr[16];
374 uint32_t val;
375 ssize_t len;
376
377 path = alloca(strlen(dir) + 1 + sizeof("/.fs_state"));
378 sprintf(path, "%s/.fs_state", dir);
379 len = readlink(path, valstr, sizeof(valstr) - 1);
380 if (len < 0)
381 return FS_STATE_UNKNOWN;
382
383 valstr[len] = 0;
384 val = atoi(valstr);
385
386 if (val > __FS_STATE_LAST)
387 return FS_STATE_UNKNOWN;
388
389 return val;
390 }
391
392
393 int fs_state_set(const char *dir, enum fs_state state)
394 {
395 char valstr[16];
396 char *path;
397
398 if (fs_state_get(dir) == state)
399 return 0;
400
401 path = alloca(strlen(dir) + 1 + sizeof("/.fs_state"));
402 sprintf(path, "%s/.fs_state", dir);
403 unlink(path);
404 snprintf(valstr, sizeof(valstr), "%d", state);
405
406 return symlink(valstr, path);
407 }
408
409
410 int mount_overlay(struct volume *v)
411 {
412 char *mp, *fs_name;
413
414 if (!v)
415 return -1;
416
417 mp = find_mount_point(v->blk, 0);
418 if (mp) {
419 ULOG_ERR("rootfs_data:%s is already mounted as %s\n", v->blk, mp);
420 return -1;
421 }
422
423 overlay_mount_fs(v);
424
425 extroot_prefix = "/tmp/overlay";
426 if (!mount_extroot()) {
427 ULOG_INFO("switched to extroot\n");
428 return 0;
429 }
430
431 switch(fs_state_get("/tmp/overlay")) {
432 case FS_STATE_UNKNOWN:
433 fs_state_set("/tmp/overlay", FS_STATE_PENDING);
434 if (fs_state_get("/tmp/overlay") != FS_STATE_PENDING) {
435 ULOG_ERR("unable to set filesystem state\n");
436 break;
437 }
438 case FS_STATE_PENDING:
439 ULOG_INFO("overlay filesystem has not been fully initialized yet\n");
440 overlay_delete("/tmp/overlay", true);
441 break;
442 case FS_STATE_READY:
443 break;
444 }
445
446 fs_name = overlay_fs_name(volume_identify(v));
447 ULOG_INFO("switching to %s overlay\n", fs_name);
448 if (mount_move("/tmp", "", "/overlay") || fopivot("/overlay", "/rom")) {
449 ULOG_ERR("switching to %s failed - fallback to ramoverlay\n", fs_name);
450 return ramoverlay();
451 }
452
453 return -1;
454 }
OpenWrt filesystem utilities