Compare commits

...

17 Commits

Author SHA1 Message Date
Alexey Sheplyakov
a300f01d08 20211007-alt1
- HTTP boot improvements (closes: #41072)
2021-10-07 16:46:06 +04:00
Alexey Sheplyakov
24db85c5ab http: fixed Content-Length header validation
Content-Length is not necesserily the last header, more headers
can follow it.

Closes: #41072
2021-10-07 16:43:36 +04:00
Alexey Sheplyakov
43a9d78fdd 20210922-alt1
- Support booting complete ISOs via HTTP

Closes: #40710
2021-09-22 14:25:24 +04:00
Alexey Sheplyakov
36b688d17a network boot: support loading complete ISOs via HTTP
Now I don't have to unpack (or loop mount) ISO to boot via HTTP.
Also I can boot directly from any ALT mirror, like this:

automatic=method:http,network:dhcp,server:mirror.yandex.ru,directory=/altlinux/images/p9/simply/aarch64/slinux-live-9.1.1-aarch64.iso

Closes: #40710
2021-09-17 17:26:33 +04:00
Alexey Sheplyakov
736c89620f http_download_file: fixed download of files >= 2GB size
* Use `unsigned long` to store the file size
* Return an error if the file size can not be found
* Avoid loading files >= 4GB on 32-bit systems

Related: #40710
2021-09-17 17:26:33 +04:00
Alexey Sheplyakov
e34da5300d 20210908-alt1
- Find out stage2 size at the run time instead of relying on
  the `ramdisk_size` parameter. As a result `ramdisk_size`
  parameter is not required any more.

Closes: #40629
2021-09-08 12:07:24 +04:00
Alexey Sheplyakov
77181411cd load_ramdisk_fd: load ramdisk to a tmpfs file
- No need to compute `ramdisk_size` in advance
- No need to pass `ramdisk_size` to the kernel => simpler ISO
  remastering (and network boot setup)
- If the swap is enabled rarely used parts of the loaded image
  can be paged out

Closes: #40629
2021-09-08 12:00:57 +04:00
Alexey Sheplyakov
08ec5c3a78 tools.c: added do_losetup_fd helper function
Useful to setup a loopback device backed by an anonymous file
(created by memfd_create, open(O_TMPFILE), and similar).
2021-09-08 12:00:49 +04:00
Alexey Sheplyakov
f6a430fd36 ftp_prepare: check if the image fits into (1/2 of) RAM
Related: #40710
2021-09-08 12:00:41 +04:00
Alexey Sheplyakov
0a972b5b86 http_prepare: check if the image fits into (1/2 of) RAM 2021-09-08 12:00:32 +04:00
Alexey Sheplyakov
7f778d1e30 20210907-alt1
- Improved IO errors handling when loading stage2 (closes: #40803)
- Support loading stage2 images >= 2GB (related: #40710)
2021-09-07 12:52:18 +04:00
Alexey Sheplyakov
63008e11b2 load_ramdisk_fd: improved IO error handling
- while loop terminates on read error **without** resetting
  `seems_ok` to 0, thus read errors won't be noticed
- no check if bytes_read matches the expected image size
- ram_fd is leaked on write error
- short writes are treated as errors (when in fact they are
  perfectly fine)

Therefore:

- Handle *all* read errors, not just the very first one
- If the image size is known in advance verify if we actually
  read the whole image
- close `ram_fd` in error code paths
- Handle short writes properly

Closes: #40803
2021-09-07 12:44:07 +04:00
Alexey Sheplyakov
dc87263d47 load_ramdisk_fd: support loading files >= 2GB
Related: #40710
2021-09-07 12:28:06 +04:00
Alexey Sheplyakov
fa6c5ef78f 20210902-alt1
- Try older SMB/CIFS protocol versions if mounting a CIFS share failed
- Redirect propagator logs to ttyprintk (kernel log buffer) so they
  can be easily inspected with dmesg.
2021-09-06 17:57:38 +04:00
Alexey Sheplyakov
d1d376a30f cifsmount: retry with older protocol versions on failure
* An old server might not support the (cifs.ko) default protocol version
* Crypto modules required for new(er) protocol versions might be missing
  in initramfs

Related: #40554
2021-09-06 17:57:38 +04:00
Alexey Sheplyakov
08639c8faf open_log: print logs to /dev/ttyprintk
- A complete boot log (both early userspace and kernel) is preserved
  and can be obtained via `dmesg`
- Messages are ordered and timestamped, so the log is more clear

Example:

[    5.616453] [U] * /sbin/mount.cifs //10.42.0.4/dist/slinux-9.1-x86_64.iso /image -oguest,vers=1.0
[    5.616932] CIFS: Attempting to mount //10.42.0.4/dist/slinux-9.1-x86_64.iso
[    5.616940] CIFS: VFS: Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers
[    5.621647] CIFS: VFS: Could not allocate crypto cmac(aes)
[    5.623263] CIFS: VFS: Could not allocate crypto cmac(aes)
[    5.626645] [U] mount error(20): Not a directory
[    5.626649] [U] Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
[    5.626747] [U] * assuming ISO image, Samba path://10.42.0.4/dist
[    5.626749] [U] * mounting //10.42.0.4/dist on /image as type cifs
[    5.626753] [U] * cifsmount: attempting to mount //10.42.0.4/dist with default protocol version
[    5.626758] [U] * /sbin/mount.cifs //10.42.0.4/dist /image -oguest
[    5.627299] CIFS: Attempting to mount //10.42.0.4/dist
[    5.629106] CIFS: VFS: Could not allocate crypto cmac(aes)
[    5.631290] CIFS: VFS: Could not allocate crypto cmac(aes)
[    5.638261] CIFS: VFS: \\10.42.0.4 generate_key: crypto alloc failed
[    5.638264] CIFS: VFS: \\10.42.0.4 Send error in SessSetup = -2
[    5.638275] CIFS: VFS: cifs_mount failed w/return code = -2
[    5.638294] [U] mount error(2): No such file or directory
[    5.638296] [U] Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
[    5.638376] [U] * cifsmount: failed, retrying with vers=1.0
[    5.638383] [U] * /sbin/mount.cifs //10.42.0.4/dist /image -oguest,vers=1.0
[    5.639582] CIFS: Attempting to mount //10.42.0.4/dist
[    5.639590] CIFS: VFS: Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers
[    5.649559] [U] * assuming ISO image, path:/image/slinux-9.1-x86_64.iso

Related: #40554
2021-09-06 17:57:38 +04:00
Alexey Sheplyakov
a8fa5f19bf cifsmount: capture std{err,out} of mount.cifs to log
So it's easier to debug a failed boot.
While at it avoid closing stdin, since a printf might inject
unexpected input into a wrong place (a socket with FD 0).
Redirect stdin from /dev/null instead.

While at it improved error handling a bit (fork, waitpid can fail)

nfsmount: same here

Related: #40554
2021-09-06 17:57:38 +04:00
14 changed files with 567 additions and 116 deletions

View File

@ -126,6 +126,15 @@ clean:
.depend: version.h
$(CPP) $(CFLAGS) -M $(ALLSRC) > .depend
ALL_TESTS := test_parse_content_length
test: $(ALL_TESTS)
@set -e; \
for tst in $(ALL_TESTS); do echo "$$tst"; ./$$tst; done
test_parse_content_length: test_parse_content_length.c url.c
$(CC) $(CFLAGS) -flto $(INIT_DEFS) -o $@ $<
ifeq (.depend,$(wildcard .depend))
include .depend
endif

View File

@ -23,6 +23,7 @@
#define IMAGE_LOCATION "/image"
#define STAGE2_LOCATION "/root"
#define LIVE_DEVICE "/dev/loop0"
#define LOMOUNT_DEVICE "/dev/loop3"
#define STAGE2FS "squashfs"
#define LIVEFS "squashfs"
#ifndef STAGE2_BINNAME

39
log.c
View File

@ -71,8 +71,8 @@ void log_perror(char *msg)
void open_log(void)
{
if (!IS_TESTING) {
mknod("/dev/tty3", S_IFCHR, MKDEV(4, 3));
logfile = fopen("/dev/tty3", "w");
mknod("/dev/ttyprintk", S_IFCHR, MKDEV(5, 3));
logfile = fopen("/dev/ttyprintk", "w");
if (!logfile)
logfile = fopen("/tmp/install.log", "a");
}
@ -87,3 +87,38 @@ void close_log(void)
fclose(logfile);
}
}
int redirect2log(int fd)
{
int rc;
if (!logfile) {
fprintf(stderr, "%s: log file is not open", __func__);
return -1;
}
rc = dup2(fileno(logfile), fd);
if (rc < 0) {
log_message("%s: dup2 %d: error: %s", __func__, fd, strerror(errno));
}
return rc;
}
int redirect2null(int fd)
{
int nullfd = -1, newfd = -1;
nullfd = open("/dev/null", O_RDONLY);
if (nullfd < 0) {
log_message("%s: open /dev/null: %s", __func__, strerror(errno));
goto out;
}
newfd = dup2(nullfd, fd);
if (newfd < 0) {
log_message("%s: dup2: %s", __func__, strerror(errno));
goto out;
}
out:
if (nullfd >= 0) {
close(nullfd);
}
return newfd;
}

7
log.h
View File

@ -30,5 +30,12 @@ void vlog_message(const char * s, va_list args);
void log_perror(char *msg);
void open_log(void);
void close_log(void);
/* @brief Redirect given fd to log
*
* Useful to capture the output of external utilities
*/
int redirect2log(int fd);
/* @brief Redirect given fd to /dev/null */
int redirect2null(int fd);
#endif

View File

@ -133,7 +133,7 @@ set_loop (const char *device, const char *file)
}
char * loopdev = "/dev/loop3"; /* Ugly. But do I care? */
char * loopdev = LOMOUNT_DEVICE; /* Ugly. But do I care? */
void del_loop(char *device)
{

103
mount.c
View File

@ -19,6 +19,7 @@
*
*/
#include <errno.h>
#include <stdlib.h>
#include <limits.h>
#include <unistd.h>
@ -133,13 +134,14 @@ static int nfsmount(char *dev, char *location)
{
char spec[PATH_MAX + 17], *sep;
struct sockaddr_in saddr;
int n, pid, status;
pid_t pid;
int n, status, ret = -1;
if ((sep = strchr(dev, ':'))) {
*sep = '\0';
} else {
log_message("nfsmount: directory to mount not in host:dir format");
return -1;
goto out;
}
saddr.sin_family = AF_INET;
@ -147,7 +149,7 @@ static int nfsmount(char *dev, char *location)
mygethostbyname(dev, &saddr.sin_addr)) {
log_message("nfsmount: can't get address for %s", dev);
*sep = ':';
return -1;
goto out;
}
*sep = ':';
@ -156,25 +158,49 @@ static int nfsmount(char *dev, char *location)
strncpy(spec + n, sep, sizeof(spec) - n);
log_message("nfsmount %s %s", spec, location);
if (!(pid = fork())) {
pid = fork();
if (pid < 0) {
log_message("%s: error: fork: %s", __func__, strerror(errno));
goto out;
} else if (pid == 0) {
char * argv[] = {"/bin/nfsmount", spec, location, NULL};
close(0);
close(1);
close(2);
redirect2log(STDOUT_FILENO);
redirect2log(STDERR_FILENO);
redirect2null(STDIN_FILENO);
execve(argv[0], argv, NULL);
exit(1);
} else {
if (waitpid(pid, &status, 0) < 0) {
log_message("%s: error: waitpid: %s", __func__, strerror(errno));
goto out;
}
ret = (WIFEXITED(status) && !WEXITSTATUS(status)) ? 0 : -1;
}
waitpid(pid, &status, 0);
return (WIFEXITED(status) && !WEXITSTATUS(status)) ? 0 : -1;
out:
return ret;
}
#ifdef ENABLE_CIFS
static int cifsmount(char *dev, char *location)
static int cifsmount3(char *dev, char *location, const char *extra_opts)
{
char spec[PATH_MAX + 19], *sep, *ptr = dev;
struct sockaddr_in saddr;
int n, pid, status;
pid_t pid;
int n, status, ret = -1;
const char *default_opts = "guest";
char *opts = NULL;
if (extra_opts) {
if (asprintf(&opts, "%s,%s", default_opts, extra_opts) < 0) {
log_message("%s: error: asprintf", __func__);
return -1;
}
} else {
opts = strdup(default_opts);
if (!opts) {
log_message("%s: error: strdup", __func__);
return -1;
}
}
while (*ptr == '/') ptr++;
@ -182,7 +208,7 @@ static int cifsmount(char *dev, char *location)
*sep = '\0';
} else {
log_message("cifsmount: directory to mount not in //host/dir format");
return -1;
goto out;
}
saddr.sin_family = AF_INET;
@ -190,7 +216,7 @@ static int cifsmount(char *dev, char *location)
mygethostbyname(ptr, &saddr.sin_addr)) {
log_message("cifsmount: can't get address for %s", ptr);
*sep = '/';
return -1;
goto out;
}
*sep = '/';
@ -199,19 +225,52 @@ static int cifsmount(char *dev, char *location)
strcat(spec, inet_ntoa(saddr.sin_addr));
n = strlen(spec);
strncpy(spec + n, sep, sizeof(spec) - n);
log_message("cifsmount %s %s", spec, location);
if (!(pid = fork())) {
char * argv[] = {"/sbin/mount.cifs", spec, location, "-oguest", NULL};
close(0);
close(1);
close(2);
log_message("/sbin/mount.cifs %s %s --verbose -o %s", spec, location, opts);
pid = fork();
if (pid < 0) {
log_message("%s: error: fork: %s", __func__, strerror(errno));
goto out;
} else if (pid == 0) {
char * argv[] = {"/sbin/mount.cifs", spec, location, "--verbose", "-o", opts, NULL};
redirect2log(STDOUT_FILENO);
redirect2log(STDERR_FILENO);
redirect2null(STDIN_FILENO);
execve(argv[0], argv, NULL);
exit(1);
} else {
if (waitpid(pid, &status, 0) < 0) {
log_message("%s: error: waitpid: %s", __func__, strerror(errno));
goto out;
}
ret = (WIFEXITED(status) && !WEXITSTATUS(status)) ? 0 : -1;
}
out:
free(opts);
return ret;
}
waitpid(pid, &status, 0);
return (WIFEXITED(status) && !WEXITSTATUS(status)) ? 0 : -1;
static int cifsmount(char *dev, char *location)
{
int rc = 0;
static const char *fallbacks[] = {
"vers=2.1,sec=none",
"vers=2.0,sec=none",
"vers=1.0,sec=none",
NULL
};
const char **opts = NULL;
log_message("%s: attempting to mount %s with default protocol version", __func__, dev);
rc = cifsmount3(dev, location, NULL);
for (opts = fallbacks; rc < 0 && *opts; opts++) {
log_message("%s: failed, retrying with %s", __func__, *opts);
rc = cifsmount3(dev, location, *opts);
}
if (rc < 0) {
log_message("%s: sorry, nothing worked", __func__);
}
return rc;
}
#endif

View File

@ -890,16 +890,8 @@ enum return_type ftp_prepare(void)
char * questions_auto[] = { "server", "directory", "user", "pass", NULL };
static char ** answers = NULL;
enum return_type results;
unsigned long ramdisk_size;
update_splash("prepare");
ramdisk_size = get_ramdisk_size(NULL);
if (!ramdisk_possible(ramdisk_size)) {
stg1_error_message("FTP install needs more than %d Mbytes of memory (detected %u Mbytes).",
BYTES2MB(ramdisk_size), BYTES2MB(total_memory()));
return RETURN_ERROR;
}
results = intf_select_and_up();
if (results != RETURN_OK)
@ -957,6 +949,13 @@ enum return_type ftp_prepare(void)
continue;
}
if (!ramdisk_possible(size)) {
close(fd);
close(ftp_serv_response);
stg1_error_message("FTP install needs more than %u Mbytes of memory (detected %u Mbytes).",
BYTES2MB(size)*2, BYTES2MB(total_memory()));
return RETURN_ERROR;
}
log_message("FTP: size of download %d bytes", size);
results = load_ramdisk_fd(fd, size);
@ -986,17 +985,9 @@ enum return_type http_prepare(void)
char * questions_auto[] = { "server", "directory", NULL };
static char ** answers = NULL;
enum return_type results;
unsigned long ramdisk_size;
update_splash("prepare");
ramdisk_size = get_ramdisk_size(NULL);
if (!ramdisk_possible(ramdisk_size)) {
stg1_error_message("HTTP install needs more than %d Mbytes of memory (detected %u Mbytes).",
BYTES2MB(ramdisk_size), BYTES2MB(total_memory()));
return RETURN_ERROR;
}
results = intf_select_and_up();
if (results != RETURN_OK)
@ -1005,7 +996,9 @@ enum return_type http_prepare(void)
do {
char location_full[500];
char *tmp;
int fd, size;
int fd;
unsigned long size;
int is_iso = 0;
snprintf(location_full, sizeof(location_full),
"Please enter the name or IP address of the HTTP server, "
@ -1017,6 +1010,13 @@ enum return_type http_prepare(void)
}
strcpy(location_full, answers[1]);
log_message("HTTP: trying to retrieve %s", location_full);
fd = http_download_file(answers[0], location_full, &size);
if (fd >= 0) {
is_iso = 1;
goto download;
}
tmp = get_ramdisk_realname();
strcat(location_full, tmp);
free(tmp);
@ -1034,9 +1034,17 @@ enum return_type http_prepare(void)
continue;
}
log_message("HTTP: size of download %d bytes", size);
download:
if (!ramdisk_possible(size)) {
close(fd);
stg1_error_message("HTTP install needs more than %u Mbytes of memory (detected %u Mbytes).",
BYTES2MB(size)*2, BYTES2MB(total_memory()));
return RETURN_ERROR;
}
results = load_ramdisk_fd(fd, size);
log_message("HTTP: size of download %lu bytes", size);
results = load_ramdisk_or_iso(fd, size, is_iso);
close(fd);
if (results != RETURN_OK)
return RETURN_ERROR;

View File

@ -45,7 +45,7 @@ void init_frontend(char * welcome_msg)
newtDrawRootText(0, 0, welcome_msg);
newtPushHelpLine(" <Alt-F1> for here, <Alt-F3> to see the logs, <Alt-F4> for kernel msg");
newtPushHelpLine(" <Alt-F1> for here, <Alt-F4> to see the logs");
newtRefresh();
}
@ -152,7 +152,7 @@ void update_progression(int current_size)
time = t.tv_sec*3 + t.tv_usec/300000;
if (time != last_time) {
char msg_prog_final[500];
sprintf(msg_prog_final, "%s (%d bytes read) ", msg_progress, current_size);
sprintf(msg_prog_final, "%s (%d MB read) ", msg_progress, current_size);
remove_wait_message();
wait_message(msg_prog_final);
}

View File

@ -3,7 +3,7 @@
%def_with splash
Name: propagator
Version: 20210831
Version: 20211007
Release: alt1
Summary: 'Early userspace' set of binaries
@ -33,12 +33,40 @@ including init and various helpers for hw probing and bootstrapping.
%install
%makeinstall_std libdir=%_libdir
%check
%make_build \
%{?_with_cifs:WITH_CIFS=t} \
%{?_with_shell:WITH_SHELL=t} \
%{?_with_splash:WITH_SPLASH=t} \
version=%version-%release \
libdir=%_libdir \
test
%files
%_bindir/gencpio
%_bindir/mkmodpack
%_sbindir/propagator
%changelog
* Thu Oct 07 2021 Alexey Sheplyakov <asheplyakov@altlinux.org> 20211007-alt1
- Fixed HTTP boot when server sent more headers after Content-Length (closes: #41072)
* Thu Sep 22 2021 Alexey Sheplyakov <asheplyakov@altlinux.org> 20210922-alt1
- Support booting complete ISOs via HTTP (closes: #40710)
* Wed Sep 08 2021 Alexey Sheplyakov <asheplyakov@altlinux.org> 20210908-alt1
- Figure out stage2 size at the run time instead of relying on
ramdisk_size kernel command line parameter. As a result `ramdisk_size`
parameter is not required any more (closes: #40629)
* Tue Sep 07 2021 Alexey Sheplyakov <asheplyakov@altlinux.org> 20210907-alt1
- Improved IO errors handling when loading stage2 (closes: #40803)
- Support loading stage2 images >= 2GB (related: #40710)
* Thu Sep 02 2021 Alexey Sheplyakov <asheplyakov@altlinux.org> 20210902-alt1
- When mounting a cifs share try older protocol versions (related: #40554)
- Log messages to ttyprintk for easier debugging
* Tue Aug 31 2021 Alexey Sheplyakov <asheplyakov@altlinux.org> 20210831-alt1
- Network boot: automatically select interface with a carrier (closes: #40616)

View File

@ -0,0 +1,75 @@
#include <stdio.h>
#include <stdarg.h>
void log_message(const char *msg, ...) {
va_list args;
va_start(args, msg);
vfprintf(stderr, msg, args);
fprintf(stderr, "\n");
fflush(stderr);
}
#include "url.c" /* yes, include the source file */
static int test_parse_content_length(const char *headers, unsigned long expected, int shouldfail) {
int err;
unsigned long val;
err = parse_content_length(headers, &val);
if (err < 0 && !shouldfail) {
log_message("%s: unexpectedly failed on input '%s'", __func__, headers);
return 2;
}
if (err == 0 && shouldfail) {
log_message("%s: unexpectedly passed on invalid input '%s'", __func__, headers);
return 3;
}
if (!shouldfail && val != expected) {
log_message("%s: expected %lu, got %lu on input '%s'",
__func__, expected, val, headers);
return 5;
}
if (!shouldfail && val == expected) {
log_message("%s: OK: '%s'", __func__, headers);
}
return 0;
}
#define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
int main(int argc, char **argv) {
int i, err = 0;
const char *invalid_inputs[] = {
"", /* empty */
"Abyrvalg: foobar", /* no Content-Length: */
"Content-Length: xyz", /* no digits */
"Content-Length: 12xyz", /* invalid characters */
"Content-Length: 12 34", /* stray symbols */
"Content-Length: 123456789012345678901234567890", /* too big */
};
const char *valid_inputs[] = {
"Content-Length: 1234",
"Content-Length: 1234",
"Content-Length: 1234 ",
"Content-Length: 1234 ",
"Content-Length: 1234 \r\n\r\n",
"Content-Length: 1234\r\n"
"Last-Modified: Sun, 12 Sep 2021 22:31:46 GMT\r\n"
"Connection: close\r\n"
"Etag: \"613e7fd2-3849a800\"\r\n"
"Accept-Ranges: bytes\r\n\r\n"
};
for (i = 0; i < ARRAY_SIZE(invalid_inputs); i++) {
err += test_parse_content_length(invalid_inputs[i], 0,
/* shouldfail = */ 1);
}
for (i = 0; i < ARRAY_SIZE(valid_inputs); i++) {
err += test_parse_content_length(valid_inputs[i], 1234,
/* shouldfail = */ 0);
}
return err;
}
/* compile command:
gcc -O2 -g -flto -o test_parse_content_length.c test_parse_content_length.c
*/

268
tools.c
View File

@ -19,6 +19,9 @@
*
*/
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
#endif
#include <stdlib.h>
#include <unistd.h>
#include <sys/time.h>
@ -33,6 +36,7 @@
#include <sys/mount.h>
#include <sys/poll.h>
#include <sys/sysinfo.h>
#include <sys/mman.h> /* memfd_create */
#include "stage1.h"
#include "log.h"
@ -41,6 +45,7 @@
#include "automatic.h"
#include <errno.h>
#include <linux/loop.h>
#include "lomount.h"
#include "tools.h"
#include "modules.h"
#include "sha256.h"
@ -293,40 +298,144 @@ static void save_stuff_for_rescue(void)
log_message("saved file %s for rescue (%d bytes)", file, i);
}
enum return_type load_ramdisk_fd(int source_fd, unsigned long size)
/**
* Loop mount ISO loaded to RAM, and open stage2
*
* @param ram_fd file descriptor of ISO image
* @return file descriptor of stage2 or -1 on error
*/
static int open_stage2_from_iso(int iso_fd)
{
char * ramdisk = "/dev/ram3"; /* warning, verify that this file exists in the initrd, and that root=/dev/ram3 is actually passed to the kernel at boot time */
int ram_fd;
char buffer[32768];
char * wait_msg = "Loading program into memory...";
int bytes_read = 0;
int actually;
int seems_ok = 0;
int stage2_fd = -1;
const char *stage2 = get_ramdisk_path(IMAGE_LOCATION); /* /image/live */
if (!stage2) {
log_message("%s: get_ramdisk_size: got NULL", __func__);
goto out;
}
if (do_losetup_fd(LOMOUNT_DEVICE, iso_fd, NULL) < 0) {
log_message("%s: could not setup loopback for iso_fd", __func__);
goto out_free;
}
if (my_mount(LOMOUNT_DEVICE, IMAGE_LOCATION, "iso9660", 0)) {
log_message("%s: failed to mount ISO loopback", __func__);
goto out_del_loop;
}
stage2_fd = open(stage2, O_RDONLY);
if (stage2_fd < 0) {
log_message("%s: failed to open %s", __func__, stage2);
goto out_umount;
}
free((char *)stage2);
return stage2_fd;
ram_fd = open(ramdisk, O_WRONLY);
if (ram_fd == -1) {
log_perror(ramdisk);
stg1_error_message("Could not open ramdisk device file.");
out_umount:
umount(IMAGE_LOCATION);
out_del_loop:
del_loop(LOMOUNT_DEVICE);
out_free:
free((char *)stage2);
out:
return -1;
}
/**
* @brief copy exactly len bytes from buffer to file descriptor
*/
static int write_exactly(int fd, const char *buf, size_t len)
{
ssize_t dl;
while (len > 0) {
dl = write(fd, buf, len);
if (dl < 0) {
log_message("%s: write: %s", __func__, strerror(errno));
return -1;
}
buf += (size_t)dl;
len -= (size_t)dl;
}
return 0;
}
/*
* @brief Copy size bytes from src_fd to dst_fd
* @param exact if non-zero check if exactly size bytes have been copied
* @return 0 on success, -1 on error
* @note if size == 0 keep copying until EOF on src_fd
*/
static int copy_loop(int dst_fd, int src_fd, unsigned long size)
{
char buf[32768];
unsigned long bytes_written = 0;
ssize_t dl;
for (;;) {
dl = read(src_fd, buf, sizeof(buf));
if (dl < 0) {
log_message("%s: read: %s", __func__, strerror(errno));
return -1;
} else if (dl == 0) {
break;
}
if (write_exactly(dst_fd, buf, (size_t)dl) < 0) {
return -1;
}
bytes_written += (size_t)dl;
update_progression((int)BYTES2MB(bytes_written));
}
if (size > 0 && bytes_written != size) {
log_message("%s: expected %lu bytes, copied %lu instead\n",
__func__, size, bytes_written);
errno = EIO;
return -1;
}
return 0;
}
int make_ramfd(unsigned long size)
{
int ramfd;
ramfd = memfd_create("image", MFD_ALLOW_SEALING);
if (ramfd < 0) {
log_perror("memfd_create");
return -1;
}
/* By default memfd has no size limit. Set it to avoid OOM */
if (!size) {
/* XXX: when downloading an image via FTP size can
* be 0/unknown (the protocol makes it extremely
* difficult to figure out the file size).
* Set the limit to of 1/2 RAM in this case.
*/
size = total_memory()/2;
}
if (ftruncate(ramfd, (off_t)size) < 0) {
log_perror("ftruncate ramfd");
goto out;
}
if (fcntl(ramfd, F_ADD_SEALS, F_SEAL_GROW) < 0) {
log_perror("fcntl ramfd F_SEAL_GROW");
goto out;
}
return ramfd;
out:
close(ramfd);
return -1;
}
enum return_type load_ramdisk_or_iso(int source_fd, unsigned long size, int is_iso)
{
int ram_fd;
char * wait_msg = "Loading program into memory...";
ram_fd = make_ramfd(size);
if (ram_fd < 0) {
stg1_error_message("Couldn't allocate memory for image.");
return RETURN_ERROR;
}
init_progression(wait_msg, (int)size);
while ((actually = read(source_fd, buffer, sizeof(buffer))) > 0) {
seems_ok = 1;
if (write(ram_fd, buffer, actually) != actually) {
log_perror("writing ramdisk");
remove_wait_message();
return RETURN_ERROR;
}
update_progression((int)(bytes_read += actually));
if (bytes_read == size)
break;
}
if (!seems_ok) {
log_message("reading compressed ramdisk: %s", strerror(errno));
init_progression(wait_msg, (int)BYTES2MB(size));
if (copy_loop(ram_fd, source_fd, size) < 0) {
log_message("%s: failed to load image to RAM", __func__);
close(ram_fd);
remove_wait_message();
stg1_error_message("Could not load second stage ramdisk. "
@ -334,31 +443,64 @@ enum return_type load_ramdisk_fd(int source_fd, unsigned long size)
"(this may be caused by a hardware failure or a Linux kernel bug)");
return RETURN_ERROR;
}
end_progression();
if (is_iso) {
int stage2_fd = open_stage2_from_iso(ram_fd);
if (stage2_fd < 0) {
close(ram_fd);
stg1_error_message("Could not open stage2 from ISO in RAM");
return RETURN_ERROR;
}
/* got a (mounted) loopback device backed by ram_fd,
* ram_fd itself is not necessary any more */
close(ram_fd);
/* to setup loopback device from stage2_fd */
ram_fd = stage2_fd;
}
if (do_losetup_fd(LIVE_DEVICE, ram_fd, NULL) < 0) {
close(ram_fd);
if (is_iso) {
umount(IMAGE_LOCATION);
del_loop(LOMOUNT_DEVICE);
}
stg1_error_message("Could not setup loopback for 2nd stage");
return RETURN_ERROR;
}
/* got a loopback device, don't need ram_fd any more */
close(ram_fd);
if (do_losetup(LIVE_DEVICE, ramdisk) == -1)
fatal_error("could not setup loopback for loaded second stage");
if (my_mount(LIVE_DEVICE, STAGE2_LOCATION, STAGE2FS, 0))
if (my_mount(LIVE_DEVICE, STAGE2_LOCATION, STAGE2FS, 0)) {
stg1_error_message("Failed to mount stage2");
if (is_iso) {
umount(IMAGE_LOCATION);
del_loop(LOMOUNT_DEVICE);
}
return RETURN_ERROR;
}
set_param(MODE_RAMDISK);
if (IS_RESCUE) {
save_stuff_for_rescue();
if (umount(STAGE2_LOCATION)) {
log_perror(ramdisk);
log_message("rescue: failed to umount " STAGE2_LOCATION);
return RETURN_ERROR;
}
if (is_iso) {
/* XXX: should I do anything special here? */
}
return RETURN_OK; /* fucksike, I lost several hours wondering why the kernel won't see the rescue if it is alreay mounted */
}
return RETURN_OK;
}
enum return_type load_ramdisk_fd(int source_fd, unsigned long size) {
return load_ramdisk_or_iso(source_fd, size, 0);
}
int splash_verbose()
{
@ -443,7 +585,7 @@ enum return_type verify_ramdisk_digest(const char *filename, const char *sha256_
return RETURN_ERROR;
}
init_progression("Verifying stage2 authenticity...", st.st_size);
init_progression("Verifying stage2 authenticity...", (int)BYTES2MB(st.st_size));
sha256_context ctx;
sha256_starts(&ctx);
@ -462,7 +604,7 @@ enum return_type verify_ramdisk_digest(const char *filename, const char *sha256_
}
sha256_update(&ctx, buffer, bytes_read);
total_bytes_read += bytes_read;
update_progression(total_bytes_read);
update_progression((int)BYTES2MB(total_bytes_read));
}
close(fd);
@ -622,10 +764,12 @@ int string_array_length(char ** a)
return i;
}
int do_losetup(char * device, char * target)
/* setup loop device from file descriptor targfd */
int do_losetup_fd(char *device, int targfd, const char *name)
{
int i, loopfd, targfd;
int i, loopfd;
struct loop_info loopInfo;
memset(&loopInfo, 0, sizeof(loopInfo));
my_insmod("loop", NULL);
/* wait for udev's dust settles down */
@ -636,19 +780,10 @@ int do_losetup(char * device, char * target)
return -1;
}
targfd = open( target, O_RDONLY );
if ( targfd < 0 )
{
log_message( "losetup: error opening %s: %s", target, strerror(errno) );
close( loopfd );
return -1;
}
if ( ioctl(loopfd, LOOP_SET_FD, targfd) < 0 )
{
log_message( "losetup: error setting up loopback device: %s", strerror(errno) );
close( loopfd );
close( targfd );
return -1;
}
/* Note: LOOP_SET_FD triggers change event. While processing it
@ -659,18 +794,19 @@ int do_losetup(char * device, char * target)
*/
udev_settle();
memset(&loopInfo, 0, sizeof(loopInfo));
strcpy(loopInfo.lo_name, target);
if (name) {
strcpy(loopInfo.lo_name, name);
if ( ioctl(loopfd, LOOP_SET_STATUS, &loopInfo) < 0 )
log_message( "losetup: error setting up loopback device: %s", strerror(errno) );
if ( ioctl(loopfd, LOOP_SET_STATUS, &loopInfo) < 0 )
log_message( "losetup: error setting up loopback device: %s", strerror(errno) );
/* Same here: LOOP_SET_STATUS triggers change event, give udev
* a chance to process it without concurrent access to the loop
* device. In other words, prevent the caller of this function
* from mounting the device while udev still running blkid on it
*/
udev_settle();
/* Same here: LOOP_SET_STATUS triggers change event, give udev
* a chance to process it without concurrent access to the loop
* device. In other words, prevent the caller of this function
* from mounting the device while udev still running blkid on it
*/
udev_settle();
}
close( loopfd );
/* udev might be monitoring loopback device (with fanotify) and
@ -679,6 +815,20 @@ int do_losetup(char * device, char * target)
* (which is going to mount the newly configured loopback device)
*/
udev_settle();
close( targfd );
return 0;
}
int do_losetup(char * device, char * target)
{
int ret = 0, targfd;
targfd = open( target, O_RDONLY );
if ( targfd < 0 )
{
log_message( "losetup: error opening %s: %s", target, strerror(errno) );
return -1;
}
ret = do_losetup_fd(device, targfd, target);
close(targfd);
return ret;
}

16
tools.h
View File

@ -36,6 +36,7 @@ int ramdisk_possible(unsigned long ramdisk_size);
char * get_ramdisk_realname(void);
enum return_type load_ramdisk(char *, unsigned long size);
enum return_type load_ramdisk_fd(int ramdisk_fd, unsigned long size);
enum return_type load_ramdisk_or_iso(int ramdisk_fd, unsigned long size, int is_iso);
void * memdup(void *src, size_t size);
void add_to_env(char * name, char * value);
void handle_env(char ** env);
@ -44,6 +45,19 @@ int pass_env(int);
char ** list_directory(char * direct);
int string_array_length(char ** a);
int do_losetup(char * device, char * target);
/**
* Setup a loopback device backed by fd.
*
* @param device path to loopback device
* @param fd backing file descriptor
* @param name for pretty output from losetup, typically name of the backing file.
* @return 0 on success, otherwise -1
*
* @note: should be used instead of do_losetup for anonymous files,
* i.e. ones created by memfd_create, open(O_TMPFILE), etc
*/
int do_losetup_fd(char *device, int fd, const char *name);
char * get_ramdisk_path(const char *);
char * get_uid_file_path(const char *, const char *);
enum return_type verify_ramdisk_digest(const char *filename, const char *sha256_hash);
@ -63,6 +77,6 @@ struct param_elem
#define ptr_begins_static_str(pointer,static_str) (!strncmp(pointer,static_str,sizeof(static_str)-1))
#define streq !strcmp
#define MKDEV(ma,mi) ((ma)<<8 | (mi))
#define BYTES2MB(b) ((unsigned int)(b)/1024/1024)
#define BYTES2MB(b) ((unsigned int)((b)/1024/1024))
#endif

81
url.c
View File

@ -24,6 +24,7 @@
#include <sys/types.h>
#include <netinet/in_systm.h>
#include <limits.h>
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
@ -394,11 +395,72 @@ int ftp_end_data_command(int sock)
return 0;
}
static int parse_content_length(const char *headers, unsigned long *size) {
const char *header_content_length = "Content-Length: ";
const char *hdr = NULL, *ptr = NULL, *start = NULL, *end = NULL;
const char *nexthdr = NULL;
int http_download_file(char * hostname, char * remotename, int * size)
hdr = strstr(headers, header_content_length);
if (!hdr) {
log_message("%s: error: Content-Length header not found", __func__);
return -1;
}
start = hdr + strlen(header_content_length);
nexthdr = strstr(start, "\r\n");
errno = 0;
*size = strtoul(start, (char **)&end, 10);
/* HTTP headers are pretty standard, hence reject a bogus header
* instead of trying to download file of unknown length.
* Also bail out if the file is too long (i.e. size can't be
* represented by unsigned long).
* As a side effect this prevents 32-bit platforms from
* loading large (>= 4GB) files into RAM
*/
if (errno != 0 && errno != ERANGE) {
log_message("%s: error: invalid Content-Length header '%s', parse error: %s", __func__, hdr, strerror(errno));
return -1;
}
if (ERANGE == errno || *size == ULONG_MAX) {
log_message("%s: error: length '%s' is too big (>= %lu)", __func__, start, ULONG_MAX);
return -1;
}
/* XXX: on non-numerical inputs strtoul returns 0 *without*
* setting errno. Therefore validate the header manually: only
* a sequence of decimal digits surrounded by whitspace is OK.
* Note: endptr points first non-digit/space character or
* end of the string
*/
for (ptr = end; nexthdr ? ptr < nexthdr : *ptr != '\0'; ptr++) {
if (!isspace(*ptr) && !isdigit(*ptr)) {
log_message("%s: error: invalid character %c in Content-Length header '%s'", __func__, *ptr, hdr);
return -1;
}
if (isdigit(*ptr)) {
/* Content-Length: 123 456
* *end = '4'
*/
log_message("%s: error: stray data '%s' in Content-Length header: '%s'", __func__, ptr, hdr);
return -1;
}
}
if (*size == 0) {
log_message("%s: length is zero", __func__);
return -1;
}
return 0;
}
int http_download_file(char * hostname, char * remotename, unsigned long * size)
{
char * buf;
char headers[4096];
char *headers_end = NULL; /* points to 1st \r in \r\n\r\n */
char * nextChar = headers;
int checkedCode;
struct in_addr serverAddress;
@ -406,7 +468,6 @@ int http_download_file(char * hostname, char * remotename, int * size)
int sock;
int rc;
struct sockaddr_in destPort;
char * header_content_length = "Content-Length: ";
if ((rc = get_host_address(hostname, &serverAddress))) return rc;
@ -435,7 +496,7 @@ int http_download_file(char * hostname, char * remotename, int * size)
*nextChar = '\0';
checkedCode = 0;
while (!strstr(headers, "\r\n\r\n")) {
while (!(headers_end = strstr(headers, "\r\n\r\n"))) {
polls.fd = sock;
polls.events = POLLIN;
rc = poll(&polls, 1, TIMEOUT_SECS*1000);
@ -493,10 +554,14 @@ int http_download_file(char * hostname, char * remotename, int * size)
}
}
if ((buf = strstr(headers, header_content_length)))
*size = charstar_to_int(buf + strlen(header_content_length));
else
*size = 0;
*headers_end = '\0'; /* skip \r\n\r\n */
if (parse_content_length(headers, size) < 0) {
goto out_err;
}
return sock;
out_err:
*size = 0; /* unknown/error */
close(sock);
return FTPERR_SERVER_IO_ERROR;
}

2
url.h
View File

@ -26,7 +26,7 @@ int ftp_open_connection(char * host, char * name, char * password, char * proxy)
int ftp_start_download(int sock, char * remotename, int * size);
int ftp_end_data_command(int sock);
int http_download_file(char * hostname, char * remotename, int * size);
int http_download_file(char * hostname, char * remotename, unsigned long * size);
#define FTPERR_BAD_SERVER_RESPONSE -1