apio
dc766e1da7
Some checks failed
Build and test / build (push) Has been cancelled
VFS functions now accept a single Process* pointer instead of credentials and groups. There is now a distinction between processes and threads Now to fix all the bugs... waitpid crashes the process with an NX error...
389 lines
12 KiB
C++
389 lines
12 KiB
C++
#include "fs/VFS.h"
|
|
#include "Log.h"
|
|
#include "fs/Mount.h"
|
|
#include "thread/Thread.h"
|
|
#include <bits/modes.h>
|
|
#include <luna/PathParser.h>
|
|
#include <luna/Utf8.h>
|
|
|
|
namespace VFS
|
|
{
|
|
SharedPtr<VFS::Inode> g_root_inode = {};
|
|
|
|
Inode& root_inode()
|
|
{
|
|
return *g_root_inode;
|
|
}
|
|
|
|
static constexpr int MAX_SYMLINKS = 8;
|
|
|
|
Result<SharedPtr<Inode>> resolve_path_impl(const char* path, Process* process, SharedPtr<Inode> current_inode,
|
|
bool follow_last_symlink, int& symlinks_followed)
|
|
{
|
|
if (symlinks_followed >= MAX_SYMLINKS) return err(ELOOP);
|
|
|
|
if (*path == '\0') return err(ENOENT);
|
|
|
|
auto parser = TRY(PathParser::create(path));
|
|
|
|
SharedPtr<Inode> parent_inode = current_inode;
|
|
|
|
const char* section;
|
|
while (parser.next().try_set_value(section))
|
|
{
|
|
if (!can_execute(current_inode, process)) return err(EACCES);
|
|
current_inode = TRY(current_inode->find(section));
|
|
|
|
if (current_inode->type() == VFS::InodeType::Symlink && (follow_last_symlink || parser.has_next()))
|
|
{
|
|
auto link = TRY(current_inode->readlink());
|
|
|
|
SharedPtr<VFS::Inode> symlink_root;
|
|
|
|
if (PathParser::is_absolute(link.chars())) symlink_root = g_root_inode;
|
|
else
|
|
symlink_root = parent_inode;
|
|
|
|
symlinks_followed++;
|
|
current_inode = TRY(resolve_path_impl(link.chars(), process, symlink_root, true, symlinks_followed));
|
|
symlinks_followed--;
|
|
}
|
|
|
|
parent_inode = current_inode;
|
|
}
|
|
|
|
return current_inode;
|
|
}
|
|
|
|
Result<SharedPtr<Inode>> resolve_path(const char* path, Process* process, SharedPtr<VFS::Inode> working_directory,
|
|
bool follow_last_symlink)
|
|
{
|
|
SharedPtr<Inode> current_inode;
|
|
|
|
if (PathParser::is_absolute(path) || !working_directory) current_inode = g_root_inode;
|
|
else
|
|
current_inode = working_directory;
|
|
|
|
int symlinks_followed = 0;
|
|
|
|
return resolve_path_impl(path, process, current_inode, follow_last_symlink, symlinks_followed);
|
|
}
|
|
|
|
Result<SharedPtr<Inode>> create_directory(const char* path, mode_t mode, Process* process,
|
|
SharedPtr<Inode> working_directory)
|
|
{
|
|
auto parent_path = TRY(PathParser::dirname(path));
|
|
|
|
auto parent_inode = TRY(resolve_path(parent_path.chars(), process, working_directory));
|
|
|
|
if (!can_write(parent_inode, process)) return err(EACCES);
|
|
|
|
auto child_name = TRY(PathParser::basename(path));
|
|
|
|
TRY(validate_filename(child_name.view()));
|
|
|
|
return parent_inode->create_subdirectory(child_name.chars(), mode);
|
|
}
|
|
|
|
Result<SharedPtr<Inode>> create_file(const char* path, mode_t mode, Process* process,
|
|
SharedPtr<Inode> working_directory)
|
|
{
|
|
auto parent_path = TRY(PathParser::dirname(path));
|
|
|
|
auto parent_inode = TRY(resolve_path(parent_path.chars(), process, working_directory));
|
|
|
|
if (!can_write(parent_inode, process)) return err(EACCES);
|
|
|
|
auto child_name = TRY(PathParser::basename(path));
|
|
|
|
TRY(validate_filename(child_name.view()));
|
|
|
|
return parent_inode->create_file(child_name.chars(), mode);
|
|
}
|
|
|
|
Result<void> validate_filename(StringView name)
|
|
{
|
|
#ifdef MOON_DISABLE_FILENAME_RESTRICTIONS
|
|
(void)name;
|
|
return {};
|
|
#endif
|
|
|
|
// Forbid problematic characters that could cause trouble in shell scripts and the like.
|
|
if (strpbrk(name.chars(), "*?:[]\"<>\\")) return err(EINVAL);
|
|
|
|
// Forbid filenames with leading spaces.
|
|
if (!name.is_empty() && name[0] == ' ') return err(EINVAL);
|
|
|
|
// Forbid filenames with trailing spaces.
|
|
if (!name.is_empty() && name[name.length() - 1] == ' ') return err(EINVAL);
|
|
|
|
for (const auto& c : name)
|
|
{
|
|
// Forbid filenames with control characters.
|
|
if (c < 32 || c == 127) return err(EINVAL);
|
|
}
|
|
|
|
// Forbid filenames that are not valid UTF-8.
|
|
|
|
Utf8StringDecoder decoder(name.chars());
|
|
|
|
// This will fail if the filename is invalid UTF-8.
|
|
TRY(decoder.code_points());
|
|
|
|
return {};
|
|
}
|
|
|
|
// FIXME: Check all three permissions even if the UID or GID match.
|
|
bool can_execute(SharedPtr<Inode> inode, Process* process)
|
|
{
|
|
const auto& metadata = inode->metadata();
|
|
|
|
Credentials auth { 0 };
|
|
if (process) auth = process->credentials();
|
|
|
|
if (auth.euid == 0) return true;
|
|
|
|
if (metadata.uid == auth.euid) { return metadata.mode & S_IXUSR; }
|
|
if (metadata.gid == auth.egid) { return metadata.mode & S_IXGRP; }
|
|
|
|
if (process)
|
|
{
|
|
auto groups = process->extra_groups.lock();
|
|
for (gid_t group : *groups)
|
|
{
|
|
if (metadata.gid == group) return metadata.mode & S_IXGRP;
|
|
}
|
|
}
|
|
|
|
return metadata.mode & S_IXOTH;
|
|
}
|
|
|
|
// FIXME: Check all three permissions even if the UID or GID match.
|
|
bool can_write(SharedPtr<Inode> inode, Process* process)
|
|
{
|
|
const auto& metadata = inode->metadata();
|
|
|
|
Credentials auth { 0 };
|
|
if (process) auth = process->credentials();
|
|
|
|
if (auth.euid == 0) return true;
|
|
|
|
if (metadata.uid == auth.euid) { return metadata.mode & S_IWUSR; }
|
|
if (metadata.gid == auth.egid) { return metadata.mode & S_IWGRP; }
|
|
|
|
if (process)
|
|
{
|
|
auto groups = process->extra_groups.lock();
|
|
for (gid_t group : *groups)
|
|
{
|
|
if (metadata.gid == group) return metadata.mode & S_IWGRP;
|
|
}
|
|
}
|
|
|
|
return metadata.mode & S_IWOTH;
|
|
}
|
|
|
|
// FIXME: Check all three permissions even if the UID or GID match.
|
|
bool can_read(SharedPtr<Inode> inode, Process* process)
|
|
{
|
|
const auto& metadata = inode->metadata();
|
|
|
|
Credentials auth { 0 };
|
|
if (process) auth = process->credentials();
|
|
|
|
if (auth.euid == 0) return true;
|
|
|
|
if (metadata.uid == auth.euid) { return metadata.mode & S_IRUSR; }
|
|
if (metadata.gid == auth.egid) { return metadata.mode & S_IRGRP; }
|
|
|
|
if (process)
|
|
{
|
|
auto groups = process->extra_groups.lock();
|
|
for (gid_t group : *groups)
|
|
{
|
|
if (metadata.gid == group) return metadata.mode & S_IRGRP;
|
|
}
|
|
}
|
|
|
|
return metadata.mode & S_IROTH;
|
|
}
|
|
|
|
// FIXME: Check all three permissions even if the UID or GID match.
|
|
bool can_execute(SharedPtr<Inode> inode, Credentials auth, const Vector<gid_t>* extra_groups)
|
|
{
|
|
if (auth.euid == 0) return true;
|
|
|
|
const auto& metadata = inode->metadata();
|
|
|
|
if (metadata.uid == auth.euid) { return metadata.mode & S_IXUSR; }
|
|
if (metadata.gid == auth.egid) { return metadata.mode & S_IXGRP; }
|
|
|
|
if (extra_groups)
|
|
{
|
|
for (gid_t group : *extra_groups)
|
|
{
|
|
if (metadata.gid == group) return metadata.mode & S_IXGRP;
|
|
}
|
|
}
|
|
|
|
return metadata.mode & S_IXOTH;
|
|
}
|
|
|
|
// FIXME: Check all three permissions even if the UID or GID match.
|
|
bool can_write(SharedPtr<Inode> inode, Credentials auth, const Vector<gid_t>* extra_groups)
|
|
{
|
|
if (auth.euid == 0) return true;
|
|
|
|
const auto& metadata = inode->metadata();
|
|
|
|
if (metadata.uid == auth.euid) { return metadata.mode & S_IWUSR; }
|
|
if (metadata.gid == auth.egid) { return metadata.mode & S_IWGRP; }
|
|
|
|
if (extra_groups)
|
|
{
|
|
for (gid_t group : *extra_groups)
|
|
{
|
|
if (metadata.gid == group) return metadata.mode & S_IWGRP;
|
|
}
|
|
}
|
|
|
|
return metadata.mode & S_IWOTH;
|
|
}
|
|
|
|
// FIXME: Check all three permissions even if the UID or GID match.
|
|
bool can_read(SharedPtr<Inode> inode, Credentials auth, const Vector<gid_t>* extra_groups)
|
|
{
|
|
if (auth.euid == 0) return true;
|
|
|
|
const auto& metadata = inode->metadata();
|
|
|
|
if (metadata.uid == auth.euid) { return metadata.mode & S_IRUSR; }
|
|
if (metadata.gid == auth.egid) { return metadata.mode & S_IRGRP; }
|
|
|
|
if (extra_groups)
|
|
{
|
|
for (gid_t group : *extra_groups)
|
|
{
|
|
if (metadata.gid == group) return metadata.mode & S_IRGRP;
|
|
}
|
|
}
|
|
|
|
return metadata.mode & S_IROTH;
|
|
}
|
|
|
|
bool is_setuid(SharedPtr<Inode> inode)
|
|
{
|
|
return inode->metadata().mode & S_ISUID;
|
|
}
|
|
|
|
bool is_setgid(SharedPtr<Inode> inode)
|
|
{
|
|
return inode->metadata().mode & S_ISGID;
|
|
}
|
|
|
|
bool is_sticky(SharedPtr<Inode> inode)
|
|
{
|
|
return inode->metadata().mode & S_ISVTX;
|
|
}
|
|
|
|
bool is_seekable(SharedPtr<Inode> inode)
|
|
{
|
|
return inode->type() != InodeType::FIFO && inode->type() != InodeType::CharacterDevice;
|
|
}
|
|
|
|
Result<void> mount_root(SharedPtr<VFS::FileSystem> fs)
|
|
{
|
|
check(!g_root_inode);
|
|
|
|
g_root_inode = TRY(MountInode::create({}, fs));
|
|
|
|
return {};
|
|
}
|
|
|
|
Result<void> pivot_root(const char* new_root, const char* put_old, SharedPtr<VFS::Inode> working_directory)
|
|
{
|
|
auto new_root_parent = TRY(PathParser::dirname(new_root));
|
|
auto new_root_path = TRY(PathParser::basename(new_root));
|
|
|
|
auto new_root_parent_inode = TRY(VFS::resolve_path(new_root_parent.chars(), nullptr, working_directory));
|
|
auto new_root_inode = TRY(new_root_parent_inode->find(new_root_path.chars()));
|
|
|
|
if (new_root_inode->type() != VFS::InodeType::Directory) return err(ENOTDIR);
|
|
if (!new_root_inode->is_mountpoint()) return err(EINVAL);
|
|
if (new_root_inode->fs() == g_root_inode->fs()) return err(EBUSY);
|
|
|
|
auto parent_path = TRY(PathParser::dirname(put_old));
|
|
auto child = TRY(PathParser::basename(put_old));
|
|
|
|
kdbgln("vfs: Pivoting root from / to %s, using %s as new root", put_old, new_root);
|
|
|
|
auto parent_inode = TRY(resolve_path(parent_path.chars(), nullptr, working_directory));
|
|
|
|
auto inode = TRY(parent_inode->find(child.chars()));
|
|
if (inode->type() != VFS::InodeType::Directory) return err(ENOTDIR);
|
|
if (inode->is_mountpoint()) return err(EBUSY);
|
|
if (inode->fs() != new_root_inode->fs()) return err(EINVAL);
|
|
|
|
auto mount = g_root_inode;
|
|
|
|
TRY(parent_inode->replace_entry(mount, child.chars()));
|
|
((MountInode*)mount.ptr())->set_source(inode);
|
|
|
|
g_root_inode = new_root_inode;
|
|
TRY(new_root_parent_inode->replace_entry(((MountInode*)g_root_inode.ptr())->source(), new_root_path.chars()));
|
|
((MountInode*)g_root_inode.ptr())->set_source({});
|
|
g_root_inode->fs()->reset_mount_dir();
|
|
|
|
return {};
|
|
}
|
|
|
|
Result<void> mount(const char* path, SharedPtr<VFS::FileSystem> fs, Process* process,
|
|
SharedPtr<VFS::Inode> working_directory)
|
|
{
|
|
auto parent_path = TRY(PathParser::dirname(path));
|
|
auto child = TRY(PathParser::basename(path));
|
|
|
|
#ifdef MOUNT_DEBUG
|
|
kdbgln("vfs: Mounting filesystem on target %s", path);
|
|
#endif
|
|
|
|
auto parent_inode = TRY(resolve_path(parent_path.chars(), process, working_directory));
|
|
|
|
auto inode = TRY(parent_inode->find(child.chars()));
|
|
if (inode->type() != VFS::InodeType::Directory) return err(ENOTDIR);
|
|
if (inode->is_mountpoint()) return err(EBUSY);
|
|
|
|
auto mount = TRY(MountInode::create(inode, fs));
|
|
|
|
TRY(parent_inode->replace_entry(mount, child.chars()));
|
|
|
|
kinfoln("vfs: Successfully mounted filesystem on target %s", path);
|
|
|
|
return {};
|
|
}
|
|
|
|
Result<void> umount(const char* path, Process* process, SharedPtr<VFS::Inode> working_directory)
|
|
{
|
|
auto parent_path = TRY(PathParser::dirname(path));
|
|
auto child = TRY(PathParser::basename(path));
|
|
|
|
if (child.view() == "/") return err(EBUSY);
|
|
|
|
kinfoln("vfs: Unmounting filesystem on target %s", path);
|
|
|
|
auto parent_inode = TRY(resolve_path(parent_path.chars(), process, working_directory));
|
|
|
|
auto inode = TRY(parent_inode->find(child.chars()));
|
|
if (!inode->is_mountpoint()) return err(EINVAL);
|
|
|
|
// There are still open file descriptors referencing files within this file system.
|
|
if (inode->fs()->handles() != 0) return err(EBUSY);
|
|
|
|
auto mount = (MountInode*)inode.ptr();
|
|
TRY(parent_inode->replace_entry(mount->source(), child.chars()));
|
|
g_mounts.remove(mount);
|
|
|
|
return {};
|
|
}
|
|
}
|