1 /*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "make_ext4fs.h"
18 #include "ext4_utils.h"
19 #include "allocate.h"
20 #include "contents.h"
21 #include "uuid.h"
22 #include "wipe.h"
23
24 #include <sparse/sparse.h>
25
26 #include <assert.h>
27 #include <dirent.h>
28 #include <fcntl.h>
29 #include <inttypes.h>
30 #include <libgen.h>
31 #include <stdio.h>
32 #include <stdlib.h>
33 #include <string.h>
34 #include <unistd.h>
35 #include <sys/stat.h>
36 #include <sys/types.h>
37
38 #ifdef USE_MINGW
39
40 #include <winsock2.h>
41
42 /* These match the Linux definitions of these flags.
43 L_xx is defined to avoid conflicting with the win32 versions.
44 */
45 #define L_S_IRUSR 00400
46 #define L_S_IWUSR 00200
47 #define L_S_IXUSR 00100
48 #define S_IRWXU (L_S_IRUSR | L_S_IWUSR | L_S_IXUSR)
49 #define S_IRGRP 00040
50 #define S_IWGRP 00020
51 #define S_IXGRP 00010
52 #define S_IRWXG (S_IRGRP | S_IWGRP | S_IXGRP)
53 #define S_IROTH 00004
54 #define S_IWOTH 00002
55 #define S_IXOTH 00001
56 #define S_IRWXO (S_IROTH | S_IWOTH | S_IXOTH)
57 #define S_ISUID 0004000
58 #define S_ISGID 0002000
59 #define S_ISVTX 0001000
60
61 #else
62
63 #include <selinux/selinux.h>
64 #include <selinux/label.h>
65 #include <selinux/android.h>
66
67 #define O_BINARY 0
68
69 #endif
70
71 /* TODO: Not implemented:
72 Allocating blocks in the same block group as the file inode
73 Hash or binary tree directories
74 Special files: sockets, devices, fifos
75 */
76
filter_dot(const struct dirent * d)77 static int filter_dot(const struct dirent *d)
78 {
79 return (strcmp(d->d_name, "..") && strcmp(d->d_name, "."));
80 }
81
build_default_directory_structure(const char * dir_path,struct selabel_handle * sehnd)82 static u32 build_default_directory_structure(const char *dir_path,
83 struct selabel_handle *sehnd)
84 {
85 u32 inode;
86 u32 root_inode;
87 struct dentry dentries = {
88 .filename = "lost+found",
89 .file_type = EXT4_FT_DIR,
90 .mode = S_IRWXU,
91 .uid = 0,
92 .gid = 0,
93 .mtime = 0,
94 };
95 root_inode = make_directory(0, 1, &dentries, 1);
96 inode = make_directory(root_inode, 0, NULL, 0);
97 *dentries.inode = inode;
98 inode_set_permissions(inode, dentries.mode,
99 dentries.uid, dentries.gid, dentries.mtime);
100
101 #ifndef USE_MINGW
102 if (sehnd) {
103 char *path = NULL;
104 char *secontext = NULL;
105
106 asprintf(&path, "%slost+found", dir_path);
107 if (selabel_lookup(sehnd, &secontext, path, S_IFDIR) < 0) {
108 error("cannot lookup security context for %s", path);
109 } else {
110 inode_set_selinux(inode, secontext);
111 freecon(secontext);
112 }
113 free(path);
114 }
115 #endif
116
117 return root_inode;
118 }
119
120 #ifndef USE_MINGW
121 /* Read a local directory and create the same tree in the generated filesystem.
122 Calls itself recursively with each directory in the given directory.
123 full_path is an absolute or relative path, with a trailing slash, to the
124 directory on disk that should be copied, or NULL if this is a directory
125 that does not exist on disk (e.g. lost+found).
126 dir_path is an absolute path, with trailing slash, to the same directory
127 if the image were mounted at the specified mount point */
build_directory_structure(const char * full_path,const char * dir_path,u32 dir_inode,fs_config_func_t fs_config_func,struct selabel_handle * sehnd,int verbose,time_t fixed_time)128 static u32 build_directory_structure(const char *full_path, const char *dir_path,
129 u32 dir_inode, fs_config_func_t fs_config_func,
130 struct selabel_handle *sehnd, int verbose, time_t fixed_time)
131 {
132 int entries = 0;
133 struct dentry *dentries;
134 struct dirent **namelist = NULL;
135 struct stat stat;
136 int ret;
137 int i;
138 u32 inode;
139 u32 entry_inode;
140 u32 dirs = 0;
141 bool needs_lost_and_found = false;
142
143 if (full_path) {
144 entries = scandir(full_path, &namelist, filter_dot, (void*)alphasort);
145 if (entries < 0) {
146 error_errno("scandir");
147 return EXT4_ALLOCATE_FAILED;
148 }
149 }
150
151 if (dir_inode == 0) {
152 /* root directory, check if lost+found already exists */
153 for (i = 0; i < entries; i++)
154 if (strcmp(namelist[i]->d_name, "lost+found") == 0)
155 break;
156 if (i == entries)
157 needs_lost_and_found = true;
158 }
159
160 dentries = calloc(entries, sizeof(struct dentry));
161 if (dentries == NULL)
162 critical_error_errno("malloc");
163
164 for (i = 0; i < entries; i++) {
165 dentries[i].filename = strdup(namelist[i]->d_name);
166 if (dentries[i].filename == NULL)
167 critical_error_errno("strdup");
168
169 asprintf(&dentries[i].path, "%s%s", dir_path, namelist[i]->d_name);
170 asprintf(&dentries[i].full_path, "%s%s", full_path, namelist[i]->d_name);
171
172 free(namelist[i]);
173
174 ret = lstat(dentries[i].full_path, &stat);
175 if (ret < 0) {
176 error_errno("lstat");
177 i--;
178 entries--;
179 continue;
180 }
181
182 dentries[i].size = stat.st_size;
183 dentries[i].mode = stat.st_mode & (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO);
184 if (fixed_time == -1) {
185 dentries[i].mtime = stat.st_mtime;
186 } else {
187 dentries[i].mtime = fixed_time;
188 }
189 uint64_t capabilities;
190 if (fs_config_func != NULL) {
191 #ifdef ANDROID
192 unsigned int mode = 0;
193 unsigned int uid = 0;
194 unsigned int gid = 0;
195 int dir = S_ISDIR(stat.st_mode);
196 fs_config_func(dentries[i].path, dir, &uid, &gid, &mode, &capabilities);
197 dentries[i].mode = mode;
198 dentries[i].uid = uid;
199 dentries[i].gid = gid;
200 dentries[i].capabilities = capabilities;
201 #else
202 error("can't set android permissions - built without android support");
203 #endif
204 }
205 #ifndef USE_MINGW
206 if (sehnd) {
207 if (selabel_lookup(sehnd, &dentries[i].secon, dentries[i].path, stat.st_mode) < 0) {
208 error("cannot lookup security context for %s", dentries[i].path);
209 }
210
211 if (dentries[i].secon && verbose)
212 printf("Labeling %s as %s\n", dentries[i].path, dentries[i].secon);
213 }
214 #endif
215
216 if (S_ISREG(stat.st_mode)) {
217 dentries[i].file_type = EXT4_FT_REG_FILE;
218 } else if (S_ISDIR(stat.st_mode)) {
219 dentries[i].file_type = EXT4_FT_DIR;
220 dirs++;
221 } else if (S_ISCHR(stat.st_mode)) {
222 dentries[i].file_type = EXT4_FT_CHRDEV;
223 } else if (S_ISBLK(stat.st_mode)) {
224 dentries[i].file_type = EXT4_FT_BLKDEV;
225 } else if (S_ISFIFO(stat.st_mode)) {
226 dentries[i].file_type = EXT4_FT_FIFO;
227 } else if (S_ISSOCK(stat.st_mode)) {
228 dentries[i].file_type = EXT4_FT_SOCK;
229 } else if (S_ISLNK(stat.st_mode)) {
230 dentries[i].file_type = EXT4_FT_SYMLINK;
231 dentries[i].link = calloc(info.block_size, 1);
232 readlink(dentries[i].full_path, dentries[i].link, info.block_size - 1);
233 } else {
234 error("unknown file type on %s", dentries[i].path);
235 i--;
236 entries--;
237 }
238 }
239 free(namelist);
240
241 if (needs_lost_and_found) {
242 /* insert a lost+found directory at the beginning of the dentries */
243 struct dentry *tmp = calloc(entries + 1, sizeof(struct dentry));
244 memset(tmp, 0, sizeof(struct dentry));
245 memcpy(tmp + 1, dentries, entries * sizeof(struct dentry));
246 dentries = tmp;
247
248 dentries[0].filename = strdup("lost+found");
249 asprintf(&dentries[0].path, "%slost+found", dir_path);
250 dentries[0].full_path = NULL;
251 dentries[0].size = 0;
252 dentries[0].mode = S_IRWXU;
253 dentries[0].file_type = EXT4_FT_DIR;
254 dentries[0].uid = 0;
255 dentries[0].gid = 0;
256 if (sehnd) {
257 if (selabel_lookup(sehnd, &dentries[0].secon, dentries[0].path, dentries[0].mode) < 0)
258 error("cannot lookup security context for %s", dentries[0].path);
259 }
260 entries++;
261 dirs++;
262 }
263
264 inode = make_directory(dir_inode, entries, dentries, dirs);
265
266 for (i = 0; i < entries; i++) {
267 if (dentries[i].file_type == EXT4_FT_REG_FILE) {
268 entry_inode = make_file(dentries[i].full_path, dentries[i].size);
269 } else if (dentries[i].file_type == EXT4_FT_DIR) {
270 char *subdir_full_path = NULL;
271 char *subdir_dir_path;
272 if (dentries[i].full_path) {
273 ret = asprintf(&subdir_full_path, "%s/", dentries[i].full_path);
274 if (ret < 0)
275 critical_error_errno("asprintf");
276 }
277 ret = asprintf(&subdir_dir_path, "%s/", dentries[i].path);
278 if (ret < 0)
279 critical_error_errno("asprintf");
280 entry_inode = build_directory_structure(subdir_full_path,
281 subdir_dir_path, inode, fs_config_func, sehnd, verbose, fixed_time);
282 free(subdir_full_path);
283 free(subdir_dir_path);
284 } else if (dentries[i].file_type == EXT4_FT_SYMLINK) {
285 entry_inode = make_link(dentries[i].link);
286 } else {
287 error("unknown file type on %s", dentries[i].path);
288 entry_inode = 0;
289 }
290 *dentries[i].inode = entry_inode;
291
292 ret = inode_set_permissions(entry_inode, dentries[i].mode,
293 dentries[i].uid, dentries[i].gid,
294 dentries[i].mtime);
295 if (ret)
296 error("failed to set permissions on %s\n", dentries[i].path);
297
298 /*
299 * It's important to call inode_set_selinux() before
300 * inode_set_capabilities(). Extended attributes need to
301 * be stored sorted order, and we guarantee this by making
302 * the calls in the proper order.
303 * Please see xattr_assert_sane() in contents.c
304 */
305 ret = inode_set_selinux(entry_inode, dentries[i].secon);
306 if (ret)
307 error("failed to set SELinux context on %s\n", dentries[i].path);
308 ret = inode_set_capabilities(entry_inode, dentries[i].capabilities);
309 if (ret)
310 error("failed to set capability on %s\n", dentries[i].path);
311
312 free(dentries[i].path);
313 free(dentries[i].full_path);
314 free(dentries[i].link);
315 free((void *)dentries[i].filename);
316 free(dentries[i].secon);
317 }
318
319 free(dentries);
320 return inode;
321 }
322 #endif
323
compute_block_size()324 static u32 compute_block_size()
325 {
326 return 4096;
327 }
328
compute_journal_blocks()329 static u32 compute_journal_blocks()
330 {
331 u32 journal_blocks = DIV_ROUND_UP(info.len, info.block_size) / 64;
332 if (journal_blocks < 1024)
333 journal_blocks = 1024;
334 if (journal_blocks > 32768)
335 journal_blocks = 32768;
336 return journal_blocks;
337 }
338
compute_blocks_per_group()339 static u32 compute_blocks_per_group()
340 {
341 return info.block_size * 8;
342 }
343
compute_inodes()344 static u32 compute_inodes()
345 {
346 return DIV_ROUND_UP(info.len, info.block_size) / 4;
347 }
348
compute_inodes_per_group()349 static u32 compute_inodes_per_group()
350 {
351 u32 blocks = DIV_ROUND_UP(info.len, info.block_size);
352 u32 block_groups = DIV_ROUND_UP(blocks, info.blocks_per_group);
353 u32 inodes = DIV_ROUND_UP(info.inodes, block_groups);
354 inodes = EXT4_ALIGN(inodes, (info.block_size / info.inode_size));
355
356 /* After properly rounding up the number of inodes/group,
357 * make sure to update the total inodes field in the info struct.
358 */
359 info.inodes = inodes * block_groups;
360
361 return inodes;
362 }
363
compute_bg_desc_reserve_blocks()364 static u32 compute_bg_desc_reserve_blocks()
365 {
366 u32 blocks = DIV_ROUND_UP(info.len, info.block_size);
367 u32 block_groups = DIV_ROUND_UP(blocks, info.blocks_per_group);
368 u32 bg_desc_blocks = DIV_ROUND_UP(block_groups * sizeof(struct ext2_group_desc),
369 info.block_size);
370
371 u32 bg_desc_reserve_blocks =
372 DIV_ROUND_UP(block_groups * 1024 * sizeof(struct ext2_group_desc),
373 info.block_size) - bg_desc_blocks;
374
375 if (bg_desc_reserve_blocks > info.block_size / sizeof(u32))
376 bg_desc_reserve_blocks = info.block_size / sizeof(u32);
377
378 return bg_desc_reserve_blocks;
379 }
380
reset_ext4fs_info()381 void reset_ext4fs_info() {
382 // Reset all the global data structures used by make_ext4fs so it
383 // can be called again.
384 memset(&info, 0, sizeof(info));
385 memset(&aux_info, 0, sizeof(aux_info));
386
387 if (ext4_sparse_file) {
388 sparse_file_destroy(ext4_sparse_file);
389 ext4_sparse_file = NULL;
390 }
391 }
392
make_ext4fs_sparse_fd(int fd,long long len,const char * mountpoint,struct selabel_handle * sehnd)393 int make_ext4fs_sparse_fd(int fd, long long len,
394 const char *mountpoint, struct selabel_handle *sehnd)
395 {
396 reset_ext4fs_info();
397 info.len = len;
398
399 return make_ext4fs_internal(fd, NULL, mountpoint, NULL, 0, 1, 0, 0, sehnd, 0, -1, NULL);
400 }
401
make_ext4fs(const char * filename,long long len,const char * mountpoint,struct selabel_handle * sehnd)402 int make_ext4fs(const char *filename, long long len,
403 const char *mountpoint, struct selabel_handle *sehnd)
404 {
405 int fd;
406 int status;
407
408 reset_ext4fs_info();
409 info.len = len;
410
411 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
412 if (fd < 0) {
413 error_errno("open");
414 return EXIT_FAILURE;
415 }
416
417 status = make_ext4fs_internal(fd, NULL, mountpoint, NULL, 0, 0, 0, 1, sehnd, 0, -1, NULL);
418 close(fd);
419
420 return status;
421 }
422
423 /* return a newly-malloc'd string that is a copy of str. The new string
424 is guaranteed to have a trailing slash. If absolute is true, the new string
425 is also guaranteed to have a leading slash.
426 */
canonicalize_slashes(const char * str,bool absolute)427 static char *canonicalize_slashes(const char *str, bool absolute)
428 {
429 char *ret;
430 int len = strlen(str);
431 int newlen = len;
432 char *ptr;
433
434 if (len == 0) {
435 if (absolute)
436 return strdup("/");
437 else
438 return strdup("");
439 }
440
441 if (str[0] != '/' && absolute) {
442 newlen++;
443 }
444 if (str[len - 1] != '/') {
445 newlen++;
446 }
447 ret = malloc(newlen + 1);
448 if (!ret) {
449 critical_error("malloc");
450 }
451
452 ptr = ret;
453 if (str[0] != '/' && absolute) {
454 *ptr++ = '/';
455 }
456
457 strcpy(ptr, str);
458 ptr += len;
459
460 if (str[len - 1] != '/') {
461 *ptr++ = '/';
462 }
463
464 if (ptr != ret + newlen) {
465 critical_error("assertion failed\n");
466 }
467
468 *ptr = '\0';
469
470 return ret;
471 }
472
canonicalize_abs_slashes(const char * str)473 static char *canonicalize_abs_slashes(const char *str)
474 {
475 return canonicalize_slashes(str, true);
476 }
477
canonicalize_rel_slashes(const char * str)478 static char *canonicalize_rel_slashes(const char *str)
479 {
480 return canonicalize_slashes(str, false);
481 }
482
make_ext4fs_internal(int fd,const char * _directory,const char * _mountpoint,fs_config_func_t fs_config_func,int gzip,int sparse,int crc,int wipe,struct selabel_handle * sehnd,int verbose,time_t fixed_time,FILE * block_list_file)483 int make_ext4fs_internal(int fd, const char *_directory,
484 const char *_mountpoint, fs_config_func_t fs_config_func, int gzip,
485 int sparse, int crc, int wipe,
486 struct selabel_handle *sehnd, int verbose, time_t fixed_time,
487 FILE* block_list_file)
488 {
489 u32 root_inode_num;
490 u16 root_mode;
491 char *mountpoint;
492 char *directory = NULL;
493
494 if (setjmp(setjmp_env))
495 return EXIT_FAILURE; /* Handle a call to longjmp() */
496
497 if (_mountpoint == NULL) {
498 mountpoint = strdup("");
499 } else {
500 mountpoint = canonicalize_abs_slashes(_mountpoint);
501 }
502
503 if (_directory) {
504 directory = canonicalize_rel_slashes(_directory);
505 }
506
507 if (info.len <= 0)
508 info.len = get_file_size(fd);
509
510 if (info.len <= 0) {
511 fprintf(stderr, "Need size of filesystem\n");
512 return EXIT_FAILURE;
513 }
514
515 if (info.block_size <= 0)
516 info.block_size = compute_block_size();
517
518 /* Round down the filesystem length to be a multiple of the block size */
519 info.len &= ~((u64)info.block_size - 1);
520
521 if (info.journal_blocks == 0)
522 info.journal_blocks = compute_journal_blocks();
523
524 if (info.no_journal == 0)
525 info.feat_compat = EXT4_FEATURE_COMPAT_HAS_JOURNAL;
526 else
527 info.journal_blocks = 0;
528
529 if (info.blocks_per_group <= 0)
530 info.blocks_per_group = compute_blocks_per_group();
531
532 if (info.inodes <= 0)
533 info.inodes = compute_inodes();
534
535 if (info.inode_size <= 0)
536 info.inode_size = 256;
537
538 if (info.label == NULL)
539 info.label = "";
540
541 info.inodes_per_group = compute_inodes_per_group();
542
543 info.feat_compat |=
544 EXT4_FEATURE_COMPAT_RESIZE_INODE |
545 EXT4_FEATURE_COMPAT_EXT_ATTR;
546
547 info.feat_ro_compat |=
548 EXT4_FEATURE_RO_COMPAT_SPARSE_SUPER |
549 EXT4_FEATURE_RO_COMPAT_LARGE_FILE |
550 EXT4_FEATURE_RO_COMPAT_GDT_CSUM;
551
552 info.feat_incompat |=
553 EXT4_FEATURE_INCOMPAT_EXTENTS |
554 EXT4_FEATURE_INCOMPAT_FILETYPE;
555
556
557 info.bg_desc_reserve_blocks = compute_bg_desc_reserve_blocks();
558
559 printf("Creating filesystem with parameters:\n");
560 printf(" Size: %"PRIu64"\n", info.len);
561 printf(" Block size: %d\n", info.block_size);
562 printf(" Blocks per group: %d\n", info.blocks_per_group);
563 printf(" Inodes per group: %d\n", info.inodes_per_group);
564 printf(" Inode size: %d\n", info.inode_size);
565 printf(" Journal blocks: %d\n", info.journal_blocks);
566 printf(" Label: %s\n", info.label);
567
568 ext4_create_fs_aux_info();
569
570 printf(" Blocks: %"PRIu64"\n", aux_info.len_blocks);
571 printf(" Block groups: %d\n", aux_info.groups);
572 printf(" Reserved block group size: %d\n", info.bg_desc_reserve_blocks);
573
574 ext4_sparse_file = sparse_file_new(info.block_size, info.len);
575
576 block_allocator_init();
577
578 ext4_fill_in_sb();
579
580 if (reserve_inodes(0, 10) == EXT4_ALLOCATE_FAILED)
581 error("failed to reserve first 10 inodes");
582
583 if (info.feat_compat & EXT4_FEATURE_COMPAT_HAS_JOURNAL)
584 ext4_create_journal_inode();
585
586 if (info.feat_compat & EXT4_FEATURE_COMPAT_RESIZE_INODE)
587 ext4_create_resize_inode();
588
589 #ifdef USE_MINGW
590 // Windows needs only 'create an empty fs image' functionality
591 assert(!directory);
592 root_inode_num = build_default_directory_structure(mountpoint, sehnd);
593 #else
594 if (directory)
595 root_inode_num = build_directory_structure(directory, mountpoint, 0,
596 fs_config_func, sehnd, verbose, fixed_time);
597 else
598 root_inode_num = build_default_directory_structure(mountpoint, sehnd);
599 #endif
600
601 root_mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
602 inode_set_permissions(root_inode_num, root_mode, 0, 0, 0);
603
604 #ifndef USE_MINGW
605 if (sehnd) {
606 char *secontext = NULL;
607
608 if (selabel_lookup(sehnd, &secontext, mountpoint, S_IFDIR) < 0) {
609 error("cannot lookup security context for %s", mountpoint);
610 }
611 if (secontext) {
612 if (verbose) {
613 printf("Labeling %s as %s\n", mountpoint, secontext);
614 }
615 inode_set_selinux(root_inode_num, secontext);
616 }
617 freecon(secontext);
618 }
619 #endif
620
621 ext4_update_free();
622
623 ext4_queue_sb();
624
625 if (block_list_file) {
626 size_t dirlen = directory ? strlen(directory) : 0;
627 struct block_allocation* p = get_saved_allocation_chain();
628 while (p) {
629 if (directory && strncmp(p->filename, directory, dirlen) == 0) {
630 // substitute mountpoint for the leading directory in the filename, in the output file
631 fprintf(block_list_file, "%s%s", mountpoint, p->filename + dirlen);
632 } else {
633 fprintf(block_list_file, "%s", p->filename);
634 }
635 print_blocks(block_list_file, p);
636 struct block_allocation* pn = p->next;
637 free_alloc(p);
638 p = pn;
639 }
640 }
641
642 printf("Created filesystem with %d/%d inodes and %d/%d blocks\n",
643 aux_info.sb->s_inodes_count - aux_info.sb->s_free_inodes_count,
644 aux_info.sb->s_inodes_count,
645 aux_info.sb->s_blocks_count_lo - aux_info.sb->s_free_blocks_count_lo,
646 aux_info.sb->s_blocks_count_lo);
647
648 if (wipe && WIPE_IS_SUPPORTED) {
649 wipe_block_device(fd, info.len);
650 }
651
652 write_ext4_image(fd, gzip, sparse, crc);
653
654 sparse_file_destroy(ext4_sparse_file);
655 ext4_sparse_file = NULL;
656
657 free(mountpoint);
658 free(directory);
659
660 return 0;
661 }
662