2019-07-11 22:04:23 +00:00
|
|
|
// Copyright 2019 The gVisor Authors.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
|
|
// Package ext implements readonly ext(2/3/4) filesystems.
|
|
|
|
|
package ext
|
|
|
|
|
|
|
|
|
|
import (
|
2019-07-24 23:02:07 +00:00
|
|
|
"errors"
|
|
|
|
|
"fmt"
|
2019-07-11 22:04:23 +00:00
|
|
|
"io"
|
|
|
|
|
|
2019-07-17 21:46:57 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/abi/linux"
|
2019-07-30 03:11:24 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/fd"
|
2019-08-07 21:22:19 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/log"
|
2019-07-24 23:02:07 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/sentry/context"
|
2019-08-09 20:07:06 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/sentry/fsimpl/ext/disklayout"
|
2019-07-24 23:02:07 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/sentry/kernel/auth"
|
|
|
|
|
"gvisor.dev/gvisor/pkg/sentry/vfs"
|
2019-07-17 21:46:57 +00:00
|
|
|
"gvisor.dev/gvisor/pkg/syserror"
|
2019-07-11 22:04:23 +00:00
|
|
|
)
|
|
|
|
|
|
2019-08-09 01:44:28 +00:00
|
|
|
// FilesystemType implements vfs.FilesystemType.
|
|
|
|
|
type FilesystemType struct{}
|
2019-07-24 23:02:07 +00:00
|
|
|
|
2019-08-09 01:44:28 +00:00
|
|
|
// Compiles only if FilesystemType implements vfs.FilesystemType.
|
|
|
|
|
var _ vfs.FilesystemType = (*FilesystemType)(nil)
|
2019-07-24 23:02:07 +00:00
|
|
|
|
2019-07-30 03:11:24 +00:00
|
|
|
// getDeviceFd returns an io.ReaderAt to the underlying device.
|
2019-07-24 23:02:07 +00:00
|
|
|
// Currently there are two ways of mounting an ext(2/3/4) fs:
|
|
|
|
|
// 1. Specify a mount with our internal special MountType in the OCI spec.
|
|
|
|
|
// 2. Expose the device to the container and mount it from application layer.
|
Minor VFS2 interface changes.
- Remove the Filesystem argument from DentryImpl.*Ref(); in general DentryImpls
that need the Filesystem for reference counting will probably also need it
for other interface methods that don't plumb Filesystem, so it's easier to
just store a pointer to the filesystem in the DentryImpl.
- Add a pointer to the VirtualFilesystem to Filesystem, which is needed by the
gofer client to disown dentries for cache eviction triggered by dentry
reference count changes.
- Rename FilesystemType.NewFilesystem to GetFilesystem; in some cases (e.g.
sysfs, cgroupfs) it's much cleaner for there to be only one Filesystem that
is used by all mounts, and in at least one case (devtmpfs) it's visibly
incorrect not to do so, so NewFilesystem doesn't always actually create and
return a *new* Filesystem.
- Require callers of FileDescription.Init() to increment Mount/Dentry
references. This is because the gofer client may, in the OpenAt() path, take
a reference on a dentry with 0 references, which is safe due to
synchronization that is outside the scope of this CL, and it would be safer
to still have its implementation of DentryImpl.IncRef() check for an
increment for 0 references in other cases.
- Add FileDescription.TryIncRef. This is used by the gofer client to take
references on "special file descriptions" (FDs for files such as pipes,
sockets, and devices), which use per-FD handles (fids) instead of
dentry-shared handles, for sync() and syncfs().
PiperOrigin-RevId: 282473364
2019-11-26 02:09:15 +00:00
|
|
|
func getDeviceFd(source string, opts vfs.GetFilesystemOptions) (io.ReaderAt, error) {
|
2019-07-24 23:02:07 +00:00
|
|
|
if opts.InternalData == nil {
|
|
|
|
|
// User mount call.
|
|
|
|
|
// TODO(b/134676337): Open the device specified by `source` and return that.
|
|
|
|
|
panic("unimplemented")
|
|
|
|
|
}
|
|
|
|
|
|
Minor VFS2 interface changes.
- Remove the Filesystem argument from DentryImpl.*Ref(); in general DentryImpls
that need the Filesystem for reference counting will probably also need it
for other interface methods that don't plumb Filesystem, so it's easier to
just store a pointer to the filesystem in the DentryImpl.
- Add a pointer to the VirtualFilesystem to Filesystem, which is needed by the
gofer client to disown dentries for cache eviction triggered by dentry
reference count changes.
- Rename FilesystemType.NewFilesystem to GetFilesystem; in some cases (e.g.
sysfs, cgroupfs) it's much cleaner for there to be only one Filesystem that
is used by all mounts, and in at least one case (devtmpfs) it's visibly
incorrect not to do so, so NewFilesystem doesn't always actually create and
return a *new* Filesystem.
- Require callers of FileDescription.Init() to increment Mount/Dentry
references. This is because the gofer client may, in the OpenAt() path, take
a reference on a dentry with 0 references, which is safe due to
synchronization that is outside the scope of this CL, and it would be safer
to still have its implementation of DentryImpl.IncRef() check for an
increment for 0 references in other cases.
- Add FileDescription.TryIncRef. This is used by the gofer client to take
references on "special file descriptions" (FDs for files such as pipes,
sockets, and devices), which use per-FD handles (fids) instead of
dentry-shared handles, for sync() and syncfs().
PiperOrigin-RevId: 282473364
2019-11-26 02:09:15 +00:00
|
|
|
// GetFilesystem call originated from within the sentry.
|
2019-07-30 03:11:24 +00:00
|
|
|
devFd, ok := opts.InternalData.(int)
|
2019-07-24 23:02:07 +00:00
|
|
|
if !ok {
|
2019-07-30 03:11:24 +00:00
|
|
|
return nil, errors.New("internal data for ext fs must be an int containing the file descriptor to device")
|
2019-07-24 23:02:07 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-30 03:11:24 +00:00
|
|
|
if devFd < 0 {
|
|
|
|
|
return nil, fmt.Errorf("ext device file descriptor is not valid: %d", devFd)
|
2019-07-24 23:02:07 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-30 03:11:24 +00:00
|
|
|
// The fd.ReadWriter returned from fd.NewReadWriter() does not take ownership
|
|
|
|
|
// of the file descriptor and hence will not close it when it is garbage
|
|
|
|
|
// collected.
|
|
|
|
|
return fd.NewReadWriter(devFd), nil
|
2019-07-24 23:02:07 +00:00
|
|
|
}
|
2019-07-17 21:46:57 +00:00
|
|
|
|
2019-08-07 21:22:19 +00:00
|
|
|
// isCompatible checks if the superblock has feature sets which are compatible.
|
|
|
|
|
// We only need to check the superblock incompatible feature set since we are
|
|
|
|
|
// mounting readonly. We will also need to check readonly compatible feature
|
|
|
|
|
// set when mounting for read/write.
|
|
|
|
|
func isCompatible(sb disklayout.SuperBlock) bool {
|
|
|
|
|
// Please note that what is being checked is limited based on the fact that we
|
|
|
|
|
// are mounting readonly and that we are not journaling. When mounting
|
|
|
|
|
// read/write or with a journal, this must be reevaluated.
|
|
|
|
|
incompatFeatures := sb.IncompatibleFeatures()
|
|
|
|
|
if incompatFeatures.MetaBG {
|
|
|
|
|
log.Warningf("ext fs: meta block groups are not supported")
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
if incompatFeatures.MMP {
|
|
|
|
|
log.Warningf("ext fs: multiple mount protection is not supported")
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
if incompatFeatures.Encrypted {
|
|
|
|
|
log.Warningf("ext fs: encrypted inodes not supported")
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
if incompatFeatures.InlineData {
|
|
|
|
|
log.Warningf("ext fs: inline files not supported")
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
Minor VFS2 interface changes.
- Remove the Filesystem argument from DentryImpl.*Ref(); in general DentryImpls
that need the Filesystem for reference counting will probably also need it
for other interface methods that don't plumb Filesystem, so it's easier to
just store a pointer to the filesystem in the DentryImpl.
- Add a pointer to the VirtualFilesystem to Filesystem, which is needed by the
gofer client to disown dentries for cache eviction triggered by dentry
reference count changes.
- Rename FilesystemType.NewFilesystem to GetFilesystem; in some cases (e.g.
sysfs, cgroupfs) it's much cleaner for there to be only one Filesystem that
is used by all mounts, and in at least one case (devtmpfs) it's visibly
incorrect not to do so, so NewFilesystem doesn't always actually create and
return a *new* Filesystem.
- Require callers of FileDescription.Init() to increment Mount/Dentry
references. This is because the gofer client may, in the OpenAt() path, take
a reference on a dentry with 0 references, which is safe due to
synchronization that is outside the scope of this CL, and it would be safer
to still have its implementation of DentryImpl.IncRef() check for an
increment for 0 references in other cases.
- Add FileDescription.TryIncRef. This is used by the gofer client to take
references on "special file descriptions" (FDs for files such as pipes,
sockets, and devices), which use per-FD handles (fids) instead of
dentry-shared handles, for sync() and syncfs().
PiperOrigin-RevId: 282473364
2019-11-26 02:09:15 +00:00
|
|
|
// GetFilesystem implements vfs.FilesystemType.GetFilesystem.
|
|
|
|
|
func (FilesystemType) GetFilesystem(ctx context.Context, vfsObj *vfs.VirtualFilesystem, creds *auth.Credentials, source string, opts vfs.GetFilesystemOptions) (*vfs.Filesystem, *vfs.Dentry, error) {
|
2019-08-07 21:22:19 +00:00
|
|
|
// TODO(b/134676337): Ensure that the user is mounting readonly. If not,
|
|
|
|
|
// EACCESS should be returned according to mount(2). Filesystem independent
|
|
|
|
|
// flags (like readonly) are currently not available in pkg/sentry/vfs.
|
|
|
|
|
|
2019-07-24 23:02:07 +00:00
|
|
|
dev, err := getDeviceFd(source, opts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fs := filesystem{dev: dev, inodeCache: make(map[uint32]*inode)}
|
Minor VFS2 interface changes.
- Remove the Filesystem argument from DentryImpl.*Ref(); in general DentryImpls
that need the Filesystem for reference counting will probably also need it
for other interface methods that don't plumb Filesystem, so it's easier to
just store a pointer to the filesystem in the DentryImpl.
- Add a pointer to the VirtualFilesystem to Filesystem, which is needed by the
gofer client to disown dentries for cache eviction triggered by dentry
reference count changes.
- Rename FilesystemType.NewFilesystem to GetFilesystem; in some cases (e.g.
sysfs, cgroupfs) it's much cleaner for there to be only one Filesystem that
is used by all mounts, and in at least one case (devtmpfs) it's visibly
incorrect not to do so, so NewFilesystem doesn't always actually create and
return a *new* Filesystem.
- Require callers of FileDescription.Init() to increment Mount/Dentry
references. This is because the gofer client may, in the OpenAt() path, take
a reference on a dentry with 0 references, which is safe due to
synchronization that is outside the scope of this CL, and it would be safer
to still have its implementation of DentryImpl.IncRef() check for an
increment for 0 references in other cases.
- Add FileDescription.TryIncRef. This is used by the gofer client to take
references on "special file descriptions" (FDs for files such as pipes,
sockets, and devices), which use per-FD handles (fids) instead of
dentry-shared handles, for sync() and syncfs().
PiperOrigin-RevId: 282473364
2019-11-26 02:09:15 +00:00
|
|
|
fs.vfsfs.Init(vfsObj, &fs)
|
2019-07-17 21:46:57 +00:00
|
|
|
fs.sb, err = readSuperBlock(dev)
|
|
|
|
|
if err != nil {
|
2019-07-24 23:02:07 +00:00
|
|
|
return nil, nil, err
|
2019-07-17 21:46:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if fs.sb.Magic() != linux.EXT_SUPER_MAGIC {
|
|
|
|
|
// mount(2) specifies that EINVAL should be returned if the superblock is
|
|
|
|
|
// invalid.
|
2019-07-24 23:02:07 +00:00
|
|
|
return nil, nil, syserror.EINVAL
|
2019-07-17 21:46:57 +00:00
|
|
|
}
|
|
|
|
|
|
2019-08-07 21:22:19 +00:00
|
|
|
// Refuse to mount if the filesystem is incompatible.
|
|
|
|
|
if !isCompatible(fs.sb) {
|
|
|
|
|
return nil, nil, syserror.EINVAL
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-17 21:46:57 +00:00
|
|
|
fs.bgs, err = readBlockGroups(dev, fs.sb)
|
|
|
|
|
if err != nil {
|
2019-07-24 23:02:07 +00:00
|
|
|
return nil, nil, err
|
2019-07-17 21:46:57 +00:00
|
|
|
}
|
|
|
|
|
|
2019-08-07 21:22:19 +00:00
|
|
|
rootInode, err := fs.getOrCreateInodeLocked(disklayout.RootDirInode)
|
2019-07-25 00:58:28 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, nil, err
|
|
|
|
|
}
|
2019-08-07 21:22:19 +00:00
|
|
|
rootInode.incRef()
|
2019-07-25 00:58:28 +00:00
|
|
|
|
|
|
|
|
return &fs.vfsfs, &newDentry(rootInode).vfsd, nil
|
2019-07-17 21:46:57 +00:00
|
|
|
}
|
