/* Ensure that a pathname component @name does not contain the special Unix
* entries `.` or `..`, and does not contain `/`.
*/
gboolean
ot_util_filename_validate (const char *name,
GError **error)
{
if (strcmp (name, ".") == 0)
return glnx_throw (error, "Invalid self-referential filename '.'");
if (strcmp (name, "..") == 0)
return glnx_throw (error, "Invalid path uplink filename '..'");
if (strchr (name, '/') != NULL)
return glnx_throw (error, "Invalid / in filename %s", name);
if (!g_utf8_validate (name, -1, NULL))
return glnx_throw (error, "Invalid UTF-8 in filename %s", name);
return TRUE;
}
/**
* ostree_repo_resolve_partial_checksum:
* @self: Repo
* @refspec: A refspec
* @full_checksum (out) (transfer full): A full checksum corresponding to the truncated ref given
* @error: Error
*
* Look up the existing refspec checksums. If the given ref is a unique truncated beginning
* of a valid checksum it will return that checksum in the parameter @full_checksum
*/
static gboolean
ostree_repo_resolve_partial_checksum (OstreeRepo *self,
const char *refspec,
char **full_checksum,
GError **error)
{
static const char hexchars[] = "0123456789abcdef";
g_autofree char *ret_rev = NULL;
g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
/* If the input is longer than OSTREE_SHA256_STRING_LEN chars or contains non-hex chars,
don't bother looking for it as an object */
const gsize off = strspn (refspec, hexchars);
if (off > OSTREE_SHA256_STRING_LEN || refspec[off] != '\0')
return TRUE;
/* this looks through all objects and adds them to the ref_list if:
a) they are a commit object AND
b) the obj checksum starts with the partual checksum defined by "refspec" */
g_autoptr(GHashTable) ref_list = NULL;
if (!ostree_repo_list_commit_objects_starting_with (self, refspec, &ref_list, NULL, error))
return FALSE;
guint length = g_hash_table_size (ref_list);
GHashTableIter hashiter;
gpointer key, value;
GVariant *first_commit = NULL;
g_hash_table_iter_init (&hashiter, ref_list);
if (g_hash_table_iter_next (&hashiter, &key, &value))
first_commit = (GVariant*) key;
OstreeObjectType objtype;
const char *checksum = NULL;
if (first_commit)
ostree_object_name_deserialize (first_commit, &checksum, &objtype);
/* length more than one - multiple commits match partial refspec: is not unique */
if (length > 1)
return glnx_throw (error, "Refspec %s not unique", refspec);
/* length is 1 - a single matching commit gives us our revision */
else if (length == 1)
ret_rev = g_strdup (checksum);
/* Note: if length is 0, then code will return TRUE
because there is no error, but it will return full_checksum = NULL
to signal to continue parsing */
ot_transfer_out_value (full_checksum, &ret_rev);
return TRUE;
}
static gboolean
read_varuint64 (StaticDeltaExecutionState *state,
guint64 *out_value,
GError **error)
{
gsize bytes_read;
if (!_ostree_read_varuint64 (state->opdata, state->oplen, out_value, &bytes_read))
{
return glnx_throw (error, "%s", "Unexpected EOF reading varint");
}
state->opdata += bytes_read;
state->oplen -= bytes_read;
return TRUE;
}
/* Given a pathname @path, split it into individual entries in @out_components,
* validating that it does not have backreferences (`..`) etc.
*/
gboolean
ot_util_path_split_validate (const char *path,
GPtrArray **out_components,
GError **error)
{
if (strlen (path) > PATH_MAX)
return glnx_throw (error, "Path '%s' is too long", path);
g_autoptr(GPtrArray) ret_components = ot_split_string_ptrarray (path, '/');
/* Canonicalize by removing '.' and '', throw an error on .. */
for (int i = ret_components->len-1; i >= 0; i--)
{
const char *name = ret_components->pdata[i];
if (strcmp (name, "..") == 0)
return glnx_throw (error, "Invalid uplink '..' in path %s", path);
if (strcmp (name, ".") == 0 || name[0] == '\0')
g_ptr_array_remove_index (ret_components, i);
}
ot_transfer_out_value(out_components, &ret_components);
return TRUE;
}
static gboolean
append_config_from_loader_entries (OstreeBootloaderSyslinux *self,
gboolean regenerate_default,
int bootversion,
GPtrArray *new_lines,
GCancellable *cancellable,
GError **error)
{
g_autoptr(GPtrArray) loader_configs = NULL;
if (!_ostree_sysroot_read_boot_loader_configs (self->sysroot, bootversion, &loader_configs,
cancellable, error))
return FALSE;
for (guint i = 0; i < loader_configs->len; i++)
{
OstreeBootconfigParser *config = loader_configs->pdata[i];
const char *val = ostree_bootconfig_parser_get (config, "title");
if (!val)
val = "(Untitled)";
if (regenerate_default && i == 0)
g_ptr_array_add (new_lines, g_strdup_printf ("DEFAULT %s", val));
g_ptr_array_add (new_lines, g_strdup_printf ("LABEL %s", val));
val = ostree_bootconfig_parser_get (config, "linux");
if (!val)
return glnx_throw (error, "No \"linux\" key in bootloader config");
g_ptr_array_add (new_lines, g_strdup_printf ("\tKERNEL %s", val));
val = ostree_bootconfig_parser_get (config, "initrd");
if (val)
g_ptr_array_add (new_lines, g_strdup_printf ("\tINITRD %s", val));
val = ostree_bootconfig_parser_get (config, "devicetree");
if (val)
g_ptr_array_add (new_lines, g_strdup_printf ("\tDEVICETREE %s", val));
val = ostree_bootconfig_parser_get (config, "options");
if (val)
g_ptr_array_add (new_lines, g_strdup_printf ("\tAPPEND %s", val));
}
return TRUE;
}
static gboolean
split_key_string (const char *k,
char **out_section,
char **out_value,
GError **error)
{
const char *dot = strchr (k, '.');
if (!dot)
{
return glnx_throw (error,
"Key must be of the form \"sectionname.keyname\"");
}
*out_section = g_strndup (k, dot - k);
*out_value = g_strdup (dot + 1);
return TRUE;
}
static gboolean
handle_statoverride_line (const char *line,
void *data,
GError **error)
{
GHashTable *files = data;
const char *spc;
guint mode_add;
spc = strchr (line, ' ');
if (spc == NULL)
{
return glnx_throw (error, "Malformed statoverride file (no space found)");
}
mode_add = (guint32)(gint32)g_ascii_strtod (line, NULL);
g_hash_table_insert (files, g_strdup (spc + 1),
GUINT_TO_POINTER((gint32)mode_add));
return TRUE;
}
gboolean
_ostree_static_delta_parse_checksum_array (GVariant *array,
guint8 **out_checksums_array,
guint *out_n_checksums,
GError **error)
{
gsize n = g_variant_n_children (array);
guint n_checksums;
n_checksums = n / OSTREE_STATIC_DELTA_OBJTYPE_CSUM_LEN;
if (G_UNLIKELY(n > (G_MAXUINT32/OSTREE_STATIC_DELTA_OBJTYPE_CSUM_LEN) ||
(n_checksums * OSTREE_STATIC_DELTA_OBJTYPE_CSUM_LEN) != n))
{
return glnx_throw (error,
"Invalid checksum array length %" G_GSIZE_FORMAT, n);
}
*out_checksums_array = (gpointer)g_variant_get_data (array);
*out_n_checksums = n_checksums;
return TRUE;
}
gboolean
ostree_builtin_fsck (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{
g_autoptr(OstreeRepo) repo = NULL;
gboolean found_corruption = FALSE;
g_autoptr(GOptionContext) context = g_option_context_new ("");
if (!ostree_option_context_parse (context, options, &argc, &argv, invocation, &repo, cancellable, error))
return FALSE;
if (!opt_quiet)
g_print ("Validating refs...\n");
/* Validate that the commit for each ref is available */
g_autoptr(GHashTable) all_refs = NULL;
if (!ostree_repo_list_refs (repo, NULL, &all_refs,
cancellable, error))
return FALSE;
GHashTableIter hash_iter;
gpointer key, value;
g_hash_table_iter_init (&hash_iter, all_refs);
while (g_hash_table_iter_next (&hash_iter, &key, &value))
{
const char *refspec = key;
const char *checksum = value;
g_autofree char *ref_name = NULL;
if (!ostree_parse_refspec (refspec, NULL, &ref_name, error))
return FALSE;
if (!fsck_commit_for_ref (repo, checksum, NULL, ref_name,
&found_corruption, cancellable, error))
return FALSE;
}
if (!opt_quiet)
g_print ("Validating refs in collections...\n");
g_autoptr(GHashTable) all_collection_refs = NULL; /* (element-type OstreeCollectionRef utf8) */
if (!ostree_repo_list_collection_refs (repo, NULL, &all_collection_refs,
OSTREE_REPO_LIST_REFS_EXT_EXCLUDE_REMOTES,
cancellable, error))
return FALSE;
g_hash_table_iter_init (&hash_iter, all_collection_refs);
while (g_hash_table_iter_next (&hash_iter, &key, &value))
{
const OstreeCollectionRef *ref = key;
if (!fsck_commit_for_ref (repo, value, ref->collection_id, ref->ref_name,
&found_corruption, cancellable, error))
return FALSE;
}
if (!opt_quiet)
g_print ("Enumerating objects...\n");
g_autoptr(GHashTable) objects = NULL;
if (!ostree_repo_list_objects (repo, OSTREE_REPO_LIST_OBJECTS_ALL,
&objects, cancellable, error))
return FALSE;
g_autoptr(GHashTable) commits = g_hash_table_new_full (ostree_hash_object_name, g_variant_equal,
(GDestroyNotify)g_variant_unref, NULL);
g_autoptr(GPtrArray) tombstones = NULL;
if (opt_add_tombstones)
tombstones = g_ptr_array_new_with_free_func (g_free);
if (opt_verify_back_refs)
opt_verify_bindings = TRUE;
guint n_partial = 0;
g_hash_table_iter_init (&hash_iter, objects);
while (g_hash_table_iter_next (&hash_iter, &key, &value))
{
GVariant *serialized_key = key;
const char *checksum;
OstreeObjectType objtype;
OstreeRepoCommitState commitstate = 0;
g_autoptr(GVariant) commit = NULL;
ostree_object_name_deserialize (serialized_key, &checksum, &objtype);
if (objtype == OSTREE_OBJECT_TYPE_COMMIT)
{
if (!ostree_repo_load_commit (repo, checksum, &commit, &commitstate, error))
return FALSE;
/* If requested, check that all the refs listed in the ref-bindings
* for this commit resolve back to this commit. */
if (opt_verify_back_refs)
{
g_autoptr(GVariant) metadata = g_variant_get_child_value (commit, 0);
const char *collection_id = NULL;
if (!g_variant_lookup (metadata,
OSTREE_COMMIT_META_KEY_COLLECTION_BINDING,
"&s",
&collection_id))
collection_id = NULL;
g_autofree const char **refs = NULL;
if (g_variant_lookup (metadata,
OSTREE_COMMIT_META_KEY_REF_BINDING,
"^a&s",
&refs))
{
for (const char **iter = refs; *iter != NULL; ++iter)
{
g_autofree char *checksum_for_ref = NULL;
if (collection_id != NULL)
{
const OstreeCollectionRef collection_ref = { (char *) collection_id, (char *) *iter };
if (!ostree_repo_resolve_collection_ref (repo, &collection_ref,
TRUE,
OSTREE_REPO_RESOLVE_REV_EXT_NONE,
&checksum_for_ref,
cancellable,
error))
return FALSE;
}
else
{
if (!ostree_repo_resolve_rev (repo, *iter, TRUE,
&checksum_for_ref, error))
return FALSE;
}
if (checksum_for_ref == NULL)
{
if (collection_id != NULL)
return glnx_throw (error,
"Collection–ref (%s, %s) in bindings for commit %s does not exist",
collection_id, *iter, checksum);
else
return glnx_throw (error,
"Ref ‘%s’ in bindings for commit %s does not exist",
*iter, checksum);
}
else if (g_strcmp0 (checksum_for_ref, checksum) != 0)
{
if (collection_id != NULL)
return glnx_throw (error,
"Collection–ref (%s, %s) in bindings for commit %s does not resolve to that commit",
collection_id, *iter, checksum);
else
return glnx_throw (error,
"Ref ‘%s’ in bindings for commit %s does not resolve to that commit",
*iter, checksum);
}
}
}
}
if (opt_add_tombstones)
{
GError *local_error = NULL;
g_autofree char *parent = ostree_commit_get_parent (commit);
if (parent)
{
g_autoptr(GVariant) parent_commit = NULL;
if (!ostree_repo_load_variant (repo, OSTREE_OBJECT_TYPE_COMMIT, parent,
&parent_commit, &local_error))
{
if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
{
g_ptr_array_add (tombstones, g_strdup (checksum));
g_clear_error (&local_error);
}
else
{
g_propagate_error (error, local_error);
return FALSE;
}
}
}
}
if (commitstate & OSTREE_REPO_COMMIT_STATE_PARTIAL)
n_partial++;
else
g_hash_table_add (commits, g_variant_ref (serialized_key));
}
}
g_clear_pointer (&objects, (GDestroyNotify) g_hash_table_unref);
if (!opt_quiet)
g_print ("Verifying content integrity of %u commit objects...\n",
(guint)g_hash_table_size (commits));
if (!fsck_reachable_objects_from_commits (repo, commits, &found_corruption,
cancellable, error))
return FALSE;
if (opt_add_tombstones)
{
guint i;
if (tombstones->len)
{
if (!ot_enable_tombstone_commits (repo, error))
return FALSE;
}
for (i = 0; i < tombstones->len; i++)
{
const char *checksum = tombstones->pdata[i];
g_print ("Adding tombstone for commit %s\n", checksum);
if (!ostree_repo_delete_object (repo, OSTREE_OBJECT_TYPE_COMMIT, checksum, cancellable, error))
return FALSE;
}
}
else if (n_partial > 0)
{
g_print ("%u partial commits not verified\n", n_partial);
}
if (found_corruption)
return glnx_throw (error, "Repository corruption encountered");
return TRUE;
}
static gboolean
write_checksum_file_at (OstreeRepo *self,
int dfd,
const char *name,
const char *sha256,
GCancellable *cancellable,
GError **error)
{
if (!ostree_validate_checksum_string (sha256, error))
return FALSE;
if (ostree_validate_checksum_string (name, NULL))
return glnx_throw (error, "Rev name '%s' looks like a checksum", name);
if (!*name)
return glnx_throw (error, "Invalid empty ref name");
const char *lastslash = strrchr (name, '/');
if (lastslash)
{
char *parent = strdupa (name);
parent[lastslash - name] = '\0';
if (!glnx_shutil_mkdir_p_at (dfd, parent, 0777, cancellable, error))
return FALSE;
}
{
size_t l = strlen (sha256);
char *bufnl = alloca (l + 2);
g_autoptr(GError) temp_error = NULL;
memcpy (bufnl, sha256, l);
bufnl[l] = '\n';
bufnl[l+1] = '\0';
if (!_ostree_repo_file_replace_contents (self, dfd, name, (guint8*)bufnl, l + 1,
cancellable, &temp_error))
{
if (g_error_matches (temp_error, G_IO_ERROR, G_IO_ERROR_IS_DIRECTORY))
{
g_autoptr(GHashTable) refs = NULL;
GHashTableIter hashiter;
gpointer hashkey, hashvalue;
g_clear_error (&temp_error);
if (!ostree_repo_list_refs (self, name, &refs, cancellable, error))
return FALSE;
g_hash_table_iter_init (&hashiter, refs);
while ((g_hash_table_iter_next (&hashiter, &hashkey, &hashvalue)))
{
if (strcmp (name, (char *)hashkey) != 0)
return glnx_throw (error, "Conflict: %s exists under %s when attempting write", (char*)hashkey, name);
}
if (!glnx_shutil_rm_rf_at (dfd, name, cancellable, error))
return FALSE;
if (!_ostree_repo_file_replace_contents (self, dfd, name, (guint8*)bufnl, l + 1,
cancellable, error))
return FALSE;
}
else
{
g_propagate_error (error, g_steal_pointer (&temp_error));
return FALSE;
}
}
}
return TRUE;
}
static gboolean
_ostree_bootloader_syslinux_write_config (OstreeBootloader *bootloader,
int bootversion,
GCancellable *cancellable,
GError **error)
{
OstreeBootloaderSyslinux *self = OSTREE_BOOTLOADER_SYSLINUX (bootloader);
g_autofree char *new_config_path =
g_strdup_printf ("boot/loader.%d/syslinux.cfg", bootversion);
/* This should follow the symbolic link to the current bootversion. */
g_autofree char *config_contents =
glnx_file_get_contents_utf8_at (self->sysroot->sysroot_fd, syslinux_config_path, NULL,
cancellable, error);
if (!config_contents)
return FALSE;
g_auto(GStrv) lines = g_strsplit (config_contents, "\n", -1);
g_autoptr(GPtrArray) new_lines = g_ptr_array_new_with_free_func (g_free);
g_autoptr(GPtrArray) tmp_lines = g_ptr_array_new_with_free_func (g_free);
g_autofree char *kernel_arg = NULL;
gboolean saw_default = FALSE;
gboolean regenerate_default = FALSE;
gboolean parsing_label = FALSE;
/* Note special iteration condition here; we want to also loop one
* more time at the end where line = NULL to ensure we finish off
* processing the last LABEL.
*/
for (char **iter = lines; iter; iter++)
{
const char *line = *iter;
gboolean skip = FALSE;
if (parsing_label &&
(line == NULL || !g_str_has_prefix (line, "\t")))
{
parsing_label = FALSE;
if (kernel_arg == NULL)
return glnx_throw (error, "No KERNEL argument found after LABEL");
/* If this is a non-ostree kernel, just emit the lines
* we saw.
*/
if (!g_str_has_prefix (kernel_arg, "/ostree/"))
{
for (guint i = 0; i < tmp_lines->len; i++)
{
g_ptr_array_add (new_lines, tmp_lines->pdata[i]);
tmp_lines->pdata[i] = NULL; /* Transfer ownership */
}
}
else
{
/* Otherwise, we drop the config on the floor - it
* will be regenerated.
*/
g_ptr_array_set_size (tmp_lines, 0);
}
}
if (line == NULL)
break;
if (!parsing_label &&
(g_str_has_prefix (line, "LABEL ")))
{
parsing_label = TRUE;
g_ptr_array_set_size (tmp_lines, 0);
}
else if (parsing_label && g_str_has_prefix (line, "\tKERNEL "))
{
g_free (kernel_arg);
kernel_arg = g_strdup (line + strlen ("\tKERNEL "));
}
else if (!parsing_label &&
(g_str_has_prefix (line, "DEFAULT ")))
{
saw_default = TRUE;
/* XXX Searching for patterns in the title is rather brittle,
* but this hack is at least noted in the code that builds
* the title to hopefully avoid regressions. */
if (g_str_has_prefix (line, "DEFAULT ostree:") || /* old format */
strstr (line, "(ostree") != NULL) /* new format */
regenerate_default = TRUE;
skip = TRUE;
}
if (!skip)
{
if (parsing_label)
g_ptr_array_add (tmp_lines, g_strdup (line));
else
g_ptr_array_add (new_lines, g_strdup (line));
}
}
if (!saw_default)
regenerate_default = TRUE;
if (!append_config_from_loader_entries (self, regenerate_default,
bootversion, new_lines,
cancellable, error))
return FALSE;
g_autofree char *new_config_contents = _ostree_sysroot_join_lines (new_lines);
if (!glnx_file_replace_contents_at (self->sysroot->sysroot_fd, new_config_path,
(guint8*)new_config_contents, strlen (new_config_contents),
GLNX_FILE_REPLACE_DATASYNC_NEW,
cancellable, error))
return FALSE;
return TRUE;
}
gboolean
_ostree_static_delta_part_open (GInputStream *part_in,
GBytes *inline_part_bytes,
OstreeStaticDeltaOpenFlags flags,
const char *expected_checksum,
GVariant **out_part,
GCancellable *cancellable,
GError **error)
{
const gboolean trusted = (flags & OSTREE_STATIC_DELTA_OPEN_FLAGS_VARIANT_TRUSTED) > 0;
const gboolean skip_checksum = (flags & OSTREE_STATIC_DELTA_OPEN_FLAGS_SKIP_CHECKSUM) > 0;
gsize bytes_read;
guint8 comptype;
g_autoptr(GChecksum) checksum = NULL;
g_autoptr(GInputStream) checksum_in = NULL;
GInputStream *source_in;
/* We either take a fd or a GBytes reference */
g_return_val_if_fail (G_IS_FILE_DESCRIPTOR_BASED (part_in) || inline_part_bytes != NULL, FALSE);
g_return_val_if_fail (skip_checksum || expected_checksum != NULL, FALSE);
if (!skip_checksum)
{
checksum = g_checksum_new (G_CHECKSUM_SHA256);
checksum_in = (GInputStream*)ostree_checksum_input_stream_new (part_in, checksum);
source_in = checksum_in;
}
else
{
source_in = part_in;
}
{ guint8 buf[1];
/* First byte is compression type */
if (!g_input_stream_read_all (source_in, buf, sizeof(buf), &bytes_read,
cancellable, error))
return glnx_prefix_error (error, "Reading initial compression flag byte");
comptype = buf[0];
}
g_autoptr(GVariant) ret_part = NULL;
switch (comptype)
{
case 0:
if (!inline_part_bytes)
{
int part_fd = g_file_descriptor_based_get_fd ((GFileDescriptorBased*)part_in);
/* No compression, no checksums - a fast path */
if (!ot_util_variant_map_fd (part_fd, 1, G_VARIANT_TYPE (OSTREE_STATIC_DELTA_PART_PAYLOAD_FORMAT_V0),
trusted, &ret_part, error))
return FALSE;
}
else
{
g_autoptr(GBytes) content_bytes = g_bytes_new_from_bytes (inline_part_bytes, 1,
g_bytes_get_size (inline_part_bytes) - 1);
ret_part = g_variant_new_from_bytes (G_VARIANT_TYPE (OSTREE_STATIC_DELTA_PART_PAYLOAD_FORMAT_V0),
content_bytes, trusted);
g_variant_ref_sink (ret_part);
}
if (!skip_checksum)
g_checksum_update (checksum, g_variant_get_data (ret_part),
g_variant_get_size (ret_part));
break;
case 'x':
{
g_autoptr(GConverter) decomp = (GConverter*) _ostree_lzma_decompressor_new ();
g_autoptr(GInputStream) convin = g_converter_input_stream_new (source_in, decomp);
g_autoptr(GBytes) buf = ot_map_anonymous_tmpfile_from_content (convin, cancellable, error);
if (!buf)
return FALSE;
ret_part = g_variant_new_from_bytes (G_VARIANT_TYPE (OSTREE_STATIC_DELTA_PART_PAYLOAD_FORMAT_V0),
buf, FALSE);
}
break;
default:
return glnx_throw (error, "Invalid compression type '%u'", comptype);
}
if (checksum)
{
const char *actual_checksum = g_checksum_get_string (checksum);
g_assert (expected_checksum != NULL);
if (strcmp (actual_checksum, expected_checksum) != 0)
return glnx_throw (error, "Checksum mismatch in static delta part; expected=%s actual=%s",
expected_checksum, actual_checksum);
}
*out_part = g_steal_pointer (&ret_part);
return TRUE;
}
/**
* ostree_repo_static_delta_execute_offline:
* @self: Repo
* @dir_or_file: Path to a directory containing static delta data, or directly to the superblock
* @skip_validation: If %TRUE, assume data integrity
* @cancellable: Cancellable
* @error: Error
*
* Given a directory representing an already-downloaded static delta
* on disk, apply it, generating a new commit. The directory must be
* named with the form "FROM-TO", where both are checksums, and it
* must contain a file named "superblock", along with at least one part.
*/
gboolean
ostree_repo_static_delta_execute_offline (OstreeRepo *self,
GFile *dir_or_file,
gboolean skip_validation,
GCancellable *cancellable,
GError **error)
{
g_autofree char *basename = NULL;
const char *dir_or_file_path = gs_file_get_path_cached (dir_or_file);
/* First, try opening it as a directory */
glnx_fd_close int dfd = glnx_opendirat_with_errno (AT_FDCWD, dir_or_file_path, TRUE);
if (dfd < 0)
{
if (errno != ENOTDIR)
return glnx_throw_errno_prefix (error, "openat(O_DIRECTORY)");
else
{
g_autofree char *dir = dirname (g_strdup (dir_or_file_path));
basename = g_path_get_basename (dir_or_file_path);
if (!glnx_opendirat (AT_FDCWD, dir, TRUE, &dfd, error))
return FALSE;
}
}
else
basename = g_strdup ("superblock");
glnx_fd_close int meta_fd = openat (dfd, basename, O_RDONLY | O_CLOEXEC);
if (meta_fd < 0)
return glnx_throw_errno_prefix (error, "openat(%s)", basename);
g_autoptr(GVariant) meta = NULL;
if (!ot_util_variant_map_fd (meta_fd, 0, G_VARIANT_TYPE (OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT),
FALSE, &meta, error))
return FALSE;
/* Parsing OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT */
g_autoptr(GVariant) metadata = g_variant_get_child_value (meta, 0);
g_autofree char *to_checksum = NULL;
g_autofree char *from_checksum = NULL;
/* Write the to-commit object */
{
g_autoptr(GVariant) to_csum_v = NULL;
g_autoptr(GVariant) from_csum_v = NULL;
g_autoptr(GVariant) to_commit = NULL;
gboolean have_to_commit;
gboolean have_from_commit;
to_csum_v = g_variant_get_child_value (meta, 3);
if (!ostree_validate_structureof_csum_v (to_csum_v, error))
return FALSE;
to_checksum = ostree_checksum_from_bytes_v (to_csum_v);
from_csum_v = g_variant_get_child_value (meta, 2);
if (g_variant_n_children (from_csum_v) > 0)
{
if (!ostree_validate_structureof_csum_v (from_csum_v, error))
return FALSE;
from_checksum = ostree_checksum_from_bytes_v (from_csum_v);
if (!ostree_repo_has_object (self, OSTREE_OBJECT_TYPE_COMMIT, from_checksum,
&have_from_commit, cancellable, error))
return FALSE;
if (!have_from_commit)
return glnx_throw (error, "Commit %s, which is the delta source, is not in repository", from_checksum);
}
if (!ostree_repo_has_object (self, OSTREE_OBJECT_TYPE_COMMIT, to_checksum,
&have_to_commit, cancellable, error))
return FALSE;
if (!have_to_commit)
{
g_autofree char *detached_path = _ostree_get_relative_static_delta_path (from_checksum, to_checksum, "commitmeta");
g_autoptr(GVariant) detached_data = NULL;
detached_data = g_variant_lookup_value (metadata, detached_path, G_VARIANT_TYPE("a{sv}"));
if (detached_data && !ostree_repo_write_commit_detached_metadata (self,
to_checksum,
detached_data,
cancellable,
error))
return FALSE;
to_commit = g_variant_get_child_value (meta, 4);
if (!ostree_repo_write_metadata (self, OSTREE_OBJECT_TYPE_COMMIT,
to_checksum, to_commit, NULL,
cancellable, error))
return FALSE;
}
}
g_autoptr(GVariant) fallback = g_variant_get_child_value (meta, 7);
if (g_variant_n_children (fallback) > 0)
return glnx_throw (error, "Cannot execute delta offline: contains nonempty http fallback entries");
g_autoptr(GVariant) headers = g_variant_get_child_value (meta, 6);
const guint n = g_variant_n_children (headers);
for (guint i = 0; i < n; i++)
{
guint32 version;
guint64 size;
guint64 usize;
const guchar *csum;
char checksum[OSTREE_SHA256_STRING_LEN+1];
gboolean have_all;
g_autoptr(GVariant) csum_v = NULL;
g_autoptr(GVariant) objects = NULL;
g_autoptr(GVariant) part = NULL;
g_autofree char *deltapart_path = NULL;
OstreeStaticDeltaOpenFlags delta_open_flags =
skip_validation ? OSTREE_STATIC_DELTA_OPEN_FLAGS_SKIP_CHECKSUM : 0;
g_autoptr(GVariant) header = g_variant_get_child_value (headers, i);
g_variant_get (header, "(u@aytt@ay)", &version, &csum_v, &size, &usize, &objects);
if (version > OSTREE_DELTAPART_VERSION)
return glnx_throw (error, "Delta part has too new version %u", version);
if (!_ostree_repo_static_delta_part_have_all_objects (self, objects, &have_all,
cancellable, error))
return FALSE;
/* If we already have these objects, don't bother executing the
* static delta.
*/
if (have_all)
continue;
csum = ostree_checksum_bytes_peek_validate (csum_v, error);
if (!csum)
return FALSE;
ostree_checksum_inplace_from_bytes (csum, checksum);
deltapart_path =
_ostree_get_relative_static_delta_part_path (from_checksum, to_checksum, i);
g_autoptr(GInputStream) part_in = NULL;
g_autoptr(GVariant) inline_part_data = g_variant_lookup_value (metadata, deltapart_path, G_VARIANT_TYPE("(yay)"));
if (inline_part_data)
{
g_autoptr(GBytes) inline_part_bytes = g_variant_get_data_as_bytes (inline_part_data);
part_in = g_memory_input_stream_new_from_bytes (inline_part_bytes);
/* For inline parts, we don't checksum, because it's
* included with the metadata, so we're not trying to
* protect against MITM or such. Non-security related
* checksums should be done at the underlying storage layer.
*/
delta_open_flags |= OSTREE_STATIC_DELTA_OPEN_FLAGS_SKIP_CHECKSUM;
if (!_ostree_static_delta_part_open (part_in, inline_part_bytes,
delta_open_flags,
NULL,
&part,
cancellable, error))
return FALSE;
}
else
{
g_autofree char *relpath = g_strdup_printf ("%u", i); /* TODO avoid malloc here */
glnx_fd_close int part_fd = openat (dfd, relpath, O_RDONLY | O_CLOEXEC);
if (part_fd < 0)
return glnx_throw_errno_prefix (error, "Opening deltapart '%s'", relpath);
part_in = g_unix_input_stream_new (part_fd, FALSE);
if (!_ostree_static_delta_part_open (part_in, NULL,
delta_open_flags,
checksum,
&part,
cancellable, error))
return FALSE;
}
if (!_ostree_static_delta_part_execute (self, objects, part, skip_validation,
NULL, cancellable, error))
return glnx_prefix_error (error, "Executing delta part %i", i);
}
return TRUE;
}
static gboolean
_ostree_repo_resolve_rev_internal (OstreeRepo *self,
const char *refspec,
gboolean allow_noent,
gboolean fallback_remote,
char **out_rev,
GError **error)
{
g_autofree char *ret_rev = NULL;
g_return_val_if_fail (refspec != NULL, FALSE);
if (ostree_validate_checksum_string (refspec, NULL))
{
ret_rev = g_strdup (refspec);
}
else if (!ostree_repo_resolve_partial_checksum (self, refspec, &ret_rev, error))
return FALSE;
if (!ret_rev)
{
if (error != NULL && *error != NULL)
return FALSE;
if (g_str_has_suffix (refspec, "^"))
{
g_autofree char *parent_refspec = NULL;
g_autofree char *parent_rev = NULL;
g_autoptr(GVariant) commit = NULL;
parent_refspec = g_strdup (refspec);
parent_refspec[strlen(parent_refspec) - 1] = '\0';
if (!ostree_repo_resolve_rev (self, parent_refspec, allow_noent, &parent_rev, error))
return FALSE;
if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, parent_rev,
&commit, error))
return FALSE;
if (!(ret_rev = ostree_commit_get_parent (commit)))
return glnx_throw (error, "Commit %s has no parent", parent_rev);
}
else
{
g_autofree char *remote = NULL;
g_autofree char *ref = NULL;
if (!ostree_parse_refspec (refspec, &remote, &ref, error))
return FALSE;
if (!resolve_refspec (self, remote, ref, allow_noent,
fallback_remote, &ret_rev, error))
return FALSE;
}
}
ot_transfer_out_value (out_rev, &ret_rev);
return TRUE;
}
gboolean
ostree_admin_option_context_parse (GOptionContext *context,
const GOptionEntry *main_entries,
int *argc,
char ***argv,
OstreeAdminBuiltinFlags flags,
OstreeSysroot **out_sysroot,
GCancellable *cancellable,
GError **error)
{
/* Entries are listed in --help output in the order added. We add the
* main entries ourselves so that we can add the --sysroot entry first. */
g_option_context_add_main_entries (context, global_admin_entries, NULL);
if (!ostree_option_context_parse (context, main_entries, argc, argv, OSTREE_BUILTIN_FLAG_NO_REPO, NULL, cancellable, error))
return FALSE;
g_autoptr(GFile) sysroot_path = NULL;
if (opt_sysroot != NULL)
sysroot_path = g_file_new_for_path (opt_sysroot);
g_autoptr(OstreeSysroot) sysroot = ostree_sysroot_new (sysroot_path);
if (flags & OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER)
{
GFile *path = ostree_sysroot_get_path (sysroot);
/* If sysroot path is "/" then user must be root. */
if (!g_file_has_parent (path, NULL) && getuid () != 0)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_PERMISSION_DENIED,
"You must be root to perform this command");
return FALSE;
}
}
if (opt_print_current_dir)
{
g_autoptr(GPtrArray) deployments = NULL;
OstreeDeployment *first_deployment;
g_autoptr(GFile) deployment_file = NULL;
g_autofree char *deployment_path = NULL;
if (!ostree_sysroot_load (sysroot, cancellable, error))
return FALSE;
deployments = ostree_sysroot_get_deployments (sysroot);
if (deployments->len == 0)
return glnx_throw (error, "Unable to find a deployment in sysroot");
first_deployment = deployments->pdata[0];
deployment_file = ostree_sysroot_get_deployment_directory (sysroot, first_deployment);
deployment_path = g_file_get_path (deployment_file);
g_print ("%s\n", deployment_path);
/* The g_autoptr, g_autofree etc. don't happen when we explicitly
* exit, making valgrind complain about leaks */
g_clear_object (&sysroot);
g_clear_object (&sysroot_path);
g_clear_object (&deployment_file);
g_clear_pointer (&deployments, g_ptr_array_unref);
g_clear_pointer (&deployment_path, g_free);
exit (EXIT_SUCCESS);
}
if ((flags & OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED) == 0)
{
/* Released when sysroot is finalized, or on process exit */
if (!ot_admin_sysroot_lock (sysroot, error))
return FALSE;
}
if (out_sysroot)
*out_sysroot = g_steal_pointer (&sysroot);
return TRUE;
}
static gboolean
maybe_prune_loose_object (OtPruneData *data,
OstreeRepoPruneFlags flags,
const char *checksum,
OstreeObjectType objtype,
GCancellable *cancellable,
GError **error)
{
gboolean reachable = FALSE;
g_autoptr(GVariant) key = NULL;
key = ostree_object_name_serialize (checksum, objtype);
if (g_hash_table_lookup_extended (data->reachable, key, NULL, NULL))
reachable = TRUE;
else
{
guint64 storage_size = 0;
g_debug ("Pruning unneeded object %s.%s", checksum,
ostree_object_type_to_string (objtype));
if (!ostree_repo_query_object_storage_size (data->repo, objtype, checksum,
&storage_size, cancellable, error))
return FALSE;
data->freed_bytes += storage_size;
if (!(flags & OSTREE_REPO_PRUNE_FLAGS_NO_PRUNE))
{
if (objtype == OSTREE_OBJECT_TYPE_PAYLOAD_LINK)
{
ssize_t size;
char loose_path_buf[_OSTREE_LOOSE_PATH_MAX];
char target_checksum[OSTREE_SHA256_STRING_LEN+1];
char target_buf[_OSTREE_LOOSE_PATH_MAX + _OSTREE_PAYLOAD_LINK_PREFIX_LEN];
_ostree_loose_path (loose_path_buf, checksum, OSTREE_OBJECT_TYPE_PAYLOAD_LINK, data->repo->mode);
size = readlinkat (data->repo->objects_dir_fd, loose_path_buf, target_buf, sizeof (target_buf));
if (size < 0)
return glnx_throw_errno_prefix (error, "readlinkat");
if (size < OSTREE_SHA256_STRING_LEN + _OSTREE_PAYLOAD_LINK_PREFIX_LEN)
return glnx_throw (error, "invalid data size for %s", loose_path_buf);
sprintf (target_checksum, "%.2s%.62s", target_buf + _OSTREE_PAYLOAD_LINK_PREFIX_LEN, target_buf + _OSTREE_PAYLOAD_LINK_PREFIX_LEN + 3);
g_autoptr(GVariant) target_key = ostree_object_name_serialize (target_checksum, OSTREE_OBJECT_TYPE_FILE);
if (g_hash_table_lookup_extended (data->reachable, target_key, NULL, NULL))
{
guint64 target_storage_size = 0;
if (!ostree_repo_query_object_storage_size (data->repo, OSTREE_OBJECT_TYPE_FILE, target_checksum,
&target_storage_size, cancellable, error))
return FALSE;
reachable = target_storage_size >= data->repo->payload_link_threshold;
if (reachable)
goto exit;
}
}
else if (objtype == OSTREE_OBJECT_TYPE_COMMIT)
{
if (!ostree_repo_mark_commit_partial (data->repo, checksum, FALSE, error))
return FALSE;
}
if (!ostree_repo_delete_object (data->repo, objtype, checksum,
cancellable, error))
return FALSE;
}
if (OSTREE_OBJECT_TYPE_IS_META (objtype))
data->n_unreachable_meta++;
else
data->n_unreachable_content++;
}
exit:
if (reachable)
{
g_debug ("Keeping needed object %s.%s", checksum,
ostree_object_type_to_string (objtype));
if (OSTREE_OBJECT_TYPE_IS_META (objtype))
data->n_reachable_meta++;
else
data->n_reachable_content++;
}
return TRUE;
}
/* TODO: Add a man page. */
gboolean
ostree_builtin_create_usb (int argc,
char **argv,
OstreeCommandInvocation *invocation,
GCancellable *cancellable,
GError **error)
{
g_autoptr(GOptionContext) context = NULL;
g_autoptr(OstreeAsyncProgress) progress = NULL;
g_auto(GLnxConsoleRef) console = { 0, };
context = g_option_context_new ("MOUNT-PATH COLLECTION-ID REF [COLLECTION-ID REF...]");
/* Parse options. */
g_autoptr(OstreeRepo) src_repo = NULL;
if (!ostree_option_context_parse (context, options, &argc, &argv, invocation, &src_repo, cancellable, error))
return FALSE;
if (argc < 2)
{
ot_util_usage_error (context, "A MOUNT-PATH must be specified", error);
return FALSE;
}
if (argc < 4)
{
ot_util_usage_error (context, "At least one COLLECTION-ID REF pair must be specified", error);
return FALSE;
}
if (argc % 2 == 1)
{
ot_util_usage_error (context, "Only complete COLLECTION-ID REF pairs may be specified", error);
return FALSE;
}
/* Open the USB stick, which must exist. Allow automounting and following symlinks. */
const char *mount_root_path = argv[1];
struct stat mount_root_stbuf;
glnx_autofd int mount_root_dfd = -1;
if (!glnx_opendirat (AT_FDCWD, mount_root_path, TRUE, &mount_root_dfd, error))
return FALSE;
if (!glnx_fstat (mount_root_dfd, &mount_root_stbuf, error))
return FALSE;
/* Read in the refs to add to the USB stick. */
g_autoptr(GPtrArray) refs = g_ptr_array_new_full (argc, (GDestroyNotify) ostree_collection_ref_free);
for (gsize i = 2; i < argc; i += 2)
{
if (!ostree_validate_collection_id (argv[i], error) ||
!ostree_validate_rev (argv[i + 1], error))
return FALSE;
g_ptr_array_add (refs, ostree_collection_ref_new (argv[i], argv[i + 1]));
}
/* Open the destination repository on the USB stick or create it if it doesn’t exist.
* Check it’s below @mount_root_path, and that it’s not the same as the source
* repository.
*
* If the destination file system supports xattrs (for example, ext4), we use
* a BARE_USER repository; if it doesn’t (for example, FAT), we use ARCHIVE.
* In either case, we want a lossless repository. */
const char *dest_repo_path = (opt_destination_repo != NULL) ? opt_destination_repo : ".ostree/repo";
if (!glnx_shutil_mkdir_p_at (mount_root_dfd, dest_repo_path, 0755, cancellable, error))
return FALSE;
OstreeRepoMode mode = OSTREE_REPO_MODE_BARE_USER;
if (TEMP_FAILURE_RETRY (fgetxattr (mount_root_dfd, "user.test", NULL, 0)) < 0 &&
(errno == ENOTSUP || errno == EOPNOTSUPP))
mode = OSTREE_REPO_MODE_ARCHIVE;
g_debug ("%s: Creating repository in mode %u", G_STRFUNC, mode);
g_autoptr(OstreeRepo) dest_repo = ostree_repo_create_at (mount_root_dfd, dest_repo_path,
mode, NULL, cancellable, error);
if (dest_repo == NULL)
return FALSE;
struct stat dest_repo_stbuf;
if (!glnx_fstat (ostree_repo_get_dfd (dest_repo), &dest_repo_stbuf, error))
return FALSE;
if (dest_repo_stbuf.st_dev != mount_root_stbuf.st_dev)
{
ot_util_usage_error (context, "--destination-repo must be a descendent of MOUNT-PATH", error);
return FALSE;
}
if (ostree_repo_equal (src_repo, dest_repo))
{
ot_util_usage_error (context, "--destination-repo must not be the source repository", error);
return FALSE;
}
if (!ostree_ensure_repo_writable (dest_repo, error))
return FALSE;
if (opt_disable_fsync)
ostree_repo_set_disable_fsync (dest_repo, TRUE);
/* Copy across all of the collection–refs to the destination repo. */
GVariantBuilder refs_builder;
g_variant_builder_init (&refs_builder, G_VARIANT_TYPE ("a(sss)"));
for (gsize i = 0; i < refs->len; i++)
{
const OstreeCollectionRef *ref = g_ptr_array_index (refs, i);
g_variant_builder_add (&refs_builder, "(sss)",
ref->collection_id, ref->ref_name, "");
}
{
GVariantBuilder builder;
g_autoptr(GVariant) opts = NULL;
OstreeRepoPullFlags flags = OSTREE_REPO_PULL_FLAGS_MIRROR;
glnx_console_lock (&console);
if (console.is_tty)
progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console);
g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{sv}"));
g_variant_builder_add (&builder, "{s@v}", "collection-refs",
g_variant_new_variant (g_variant_builder_end (&refs_builder)));
g_variant_builder_add (&builder, "{s@v}", "flags",
g_variant_new_variant (g_variant_new_int32 (flags)));
g_variant_builder_add (&builder, "{s@v}", "depth",
g_variant_new_variant (g_variant_new_int32 (0)));
opts = g_variant_ref_sink (g_variant_builder_end (&builder));
g_autofree char *src_repo_uri = g_file_get_uri (ostree_repo_get_path (src_repo));
if (!ostree_repo_pull_with_options (dest_repo, src_repo_uri,
opts,
progress,
cancellable, error))
{
ostree_repo_abort_transaction (dest_repo, cancellable, NULL);
return FALSE;
}
if (progress != NULL)
ostree_async_progress_finish (progress);
}
/* Ensure a summary file is present to make it easier to look up commit checksums. */
/* FIXME: It should be possible to work without this, but find_remotes_cb() in
* ostree-repo-pull.c currently assumes a summary file (signed or unsigned) is
* present. */
struct stat stbuf;
if (!glnx_fstatat_allow_noent (ostree_repo_get_dfd (dest_repo), "summary", &stbuf, 0, error))
return FALSE;
if (errno == ENOENT &&
!ostree_repo_regenerate_summary (dest_repo, NULL, cancellable, error))
return FALSE;
/* Add the symlinks .ostree/repos.d/@symlink_name → @dest_repo_path, unless
* the @dest_repo_path is a well-known one like ostree/repo, in which case no
* symlink is necessary; #OstreeRepoFinderMount always looks there. */
if (!g_str_equal (dest_repo_path, "ostree/repo") &&
!g_str_equal (dest_repo_path, ".ostree/repo"))
{
if (!glnx_shutil_mkdir_p_at (mount_root_dfd, ".ostree/repos.d", 0755, cancellable, error))
return FALSE;
/* Find a unique name for the symlink. If a symlink already targets
* @dest_repo_path, use that and don’t create a new one. */
GLnxDirFdIterator repos_iter;
gboolean need_symlink = TRUE;
if (!glnx_dirfd_iterator_init_at (mount_root_dfd, ".ostree/repos.d", TRUE, &repos_iter, error))
return FALSE;
while (TRUE)
{
struct dirent *repo_dent;
if (!glnx_dirfd_iterator_next_dent (&repos_iter, &repo_dent, cancellable, error))
return FALSE;
if (repo_dent == NULL)
break;
/* Does the symlink already point to this repository? (Or is the
* repository itself present in repos.d?) We already guarantee that
* they’re on the same device. */
if (repo_dent->d_ino == dest_repo_stbuf.st_ino)
{
need_symlink = FALSE;
break;
}
}
/* If we need a symlink, find a unique name for it and create it. */
if (need_symlink)
{
/* Relative to .ostree/repos.d. */
g_autofree char *relative_dest_repo_path = g_build_filename ("..", "..", dest_repo_path, NULL);
guint i;
const guint max_attempts = 100;
for (i = 0; i < max_attempts; i++)
{
g_autofree char *symlink_path = g_strdup_printf (".ostree/repos.d/%02u-generated", i);
int ret = TEMP_FAILURE_RETRY (symlinkat (relative_dest_repo_path, mount_root_dfd, symlink_path));
if (ret < 0 && errno != EEXIST)
return glnx_throw_errno_prefix (error, "symlinkat(%s → %s)", symlink_path, relative_dest_repo_path);
else if (ret >= 0)
break;
}
if (i == max_attempts)
return glnx_throw (error, "Could not find an unused symlink name for the repository");
}
}
/* Report success to the user. */
g_autofree char *src_repo_path = g_file_get_path (ostree_repo_get_path (src_repo));
g_print ("Copied %u/%u refs successfully from ‘%s’ to ‘%s’ repository in ‘%s’.\n", refs->len, refs->len,
src_repo_path, dest_repo_path, mount_root_path);
return TRUE;
}
/**
* ostree_repo_remote_list_refs:
* @self: Repo
* @remote_name: Name of the remote.
* @out_all_refs: (out) (element-type utf8 utf8): Mapping from ref to checksum
* @cancellable: Cancellable
* @error: Error
*
*/
gboolean
ostree_repo_remote_list_refs (OstreeRepo *self,
const char *remote_name,
GHashTable **out_all_refs,
GCancellable *cancellable,
GError **error)
{
g_autoptr(GBytes) summary_bytes = NULL;
g_autoptr(GHashTable) ret_all_refs = NULL;
if (!ostree_repo_remote_fetch_summary (self, remote_name,
&summary_bytes, NULL,
cancellable, error))
return FALSE;
if (summary_bytes == NULL)
{
return glnx_throw (error, "Remote refs not available; server has no summary file");
}
else
{
g_autoptr(GVariant) summary = NULL;
g_autoptr(GVariant) ref_map = NULL;
GVariantIter iter;
GVariant *child;
ret_all_refs = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
summary = g_variant_new_from_bytes (OSTREE_SUMMARY_GVARIANT_FORMAT,
summary_bytes, FALSE);
ref_map = g_variant_get_child_value (summary, 0);
g_variant_iter_init (&iter, ref_map);
while ((child = g_variant_iter_next_value (&iter)) != NULL)
{
const char *ref_name = NULL;
g_autoptr(GVariant) csum_v = NULL;
char tmp_checksum[OSTREE_SHA256_STRING_LEN+1];
g_variant_get_child (child, 0, "&s", &ref_name);
if (ref_name != NULL)
{
g_variant_get_child (child, 1, "(t@aya{sv})", NULL, &csum_v, NULL);
const guchar *csum_bytes = ostree_checksum_bytes_peek_validate (csum_v, error);
if (csum_bytes == NULL)
return FALSE;
ostree_checksum_inplace_from_bytes (csum_bytes, tmp_checksum);
g_hash_table_insert (ret_all_refs,
g_strdup (ref_name),
g_strdup (tmp_checksum));
}
g_variant_unref (child);
}
}
ot_transfer_out_value (out_all_refs, &ret_all_refs);
return TRUE;
}
