1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (C) 1997 John D. Polstra. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY JOHN D. POLSTRA AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL JOHN D. POLSTRA OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28 #include <sys/types.h>
29 #include <sys/wait.h>
30
31 #include <assert.h>
32 #include <err.h>
33 #include <errno.h>
34 #include <fcntl.h>
35 #include <limits.h>
36 #include <signal.h>
37 #include <stdio.h>
38 #include <stdlib.h>
39 #include <string.h>
40 #include <sysexits.h>
41 #include <unistd.h>
42
43 #define FDLOCK_PREFIX "/dev/fd/"
44
45 union lock_subject {
46 long subj_fd;
47 const char *subj_name;
48 };
49
50 static int acquire_lock(union lock_subject *subj, int flags, int silent);
51 static void cleanup(void);
52 static void killed(int sig);
53 static void timeout(int sig);
54 static void usage(void) __dead2;
55 static void wait_for_lock(const char *name);
56
57 static const char *lockname;
58 static int lockfd = -1;
59 static int keep;
60 static int fdlock;
61 static volatile sig_atomic_t timed_out;
62
63 /*
64 * Check if fdlock is implied by the given `lockname`. We'll write the fd that
65 * is represented by it out to ofd, and the caller is expected to do any
66 * necessary validation on it.
67 */
68 static int
fdlock_implied(const char * name,long * ofd)69 fdlock_implied(const char *name, long *ofd)
70 {
71 char *endp;
72 long fd;
73
74 if (strncmp(name, FDLOCK_PREFIX, sizeof(FDLOCK_PREFIX) - 1) != 0)
75 return (0);
76
77 /* Skip past the prefix. */
78 name += sizeof(FDLOCK_PREFIX) - 1;
79 errno = 0;
80 fd = strtol(name, &endp, 10);
81 if (errno != 0 || *endp != '\0')
82 return (0);
83
84 *ofd = fd;
85 return (1);
86 }
87
88 /*
89 * Execute an arbitrary command while holding a file lock.
90 */
91 int
main(int argc,char ** argv)92 main(int argc, char **argv)
93 {
94 int ch, flags, silent, status;
95 long long waitsec;
96 pid_t child;
97 union lock_subject subj;
98
99 silent = keep = 0;
100 flags = O_CREAT | O_RDONLY;
101 waitsec = -1; /* Infinite. */
102 while ((ch = getopt(argc, argv, "knst:w")) != -1) {
103 switch (ch) {
104 case 'k':
105 keep = 1;
106 break;
107 case 'n':
108 flags &= ~O_CREAT;
109 break;
110 case 's':
111 silent = 1;
112 break;
113 case 't':
114 {
115 const char *errstr;
116
117 waitsec = strtonum(optarg, 0, UINT_MAX, &errstr);
118 if (errstr != NULL)
119 errx(EX_USAGE,
120 "invalid timeout \"%s\"", optarg);
121 }
122 break;
123 case 'w':
124 flags = (flags & ~O_RDONLY) | O_WRONLY;
125 break;
126 default:
127 usage();
128 }
129 }
130
131 argc -= optind;
132 argv += optind;
133
134 if (argc == 0)
135 usage();
136
137 lockname = argv[0];
138
139 argc--;
140 argv++;
141
142 /*
143 * If there aren't any arguments left, then we must be in fdlock mode.
144 */
145 if (argc == 0 && *lockname != '/') {
146 fdlock = 1;
147 subj.subj_fd = -1;
148 } else {
149 fdlock = fdlock_implied(lockname, &subj.subj_fd);
150 if (argc == 0 && !fdlock) {
151 fprintf(stderr, "Expected fd, got '%s'\n", lockname);
152 usage();
153 }
154 }
155
156 if (fdlock) {
157 if (subj.subj_fd < 0) {
158 char *endp;
159
160 errno = 0;
161 subj.subj_fd = strtol(lockname, &endp, 10);
162 if (errno != 0 || *endp != '\0') {
163 fprintf(stderr, "Expected fd, got '%s'\n",
164 lockname);
165 usage();
166 }
167 }
168
169 if (subj.subj_fd < 0 || subj.subj_fd > INT_MAX) {
170 fprintf(stderr, "fd '%ld' out of range\n",
171 subj.subj_fd);
172 usage();
173 }
174 } else {
175 subj.subj_name = lockname;
176 }
177
178 if (waitsec > 0) { /* Set up a timeout. */
179 struct sigaction act;
180
181 act.sa_handler = timeout;
182 sigemptyset(&act.sa_mask);
183 act.sa_flags = 0; /* Note that we do not set SA_RESTART. */
184 sigaction(SIGALRM, &act, NULL);
185 alarm((unsigned int)waitsec);
186 }
187 /*
188 * If the "-k" option is not given, then we must not block when
189 * acquiring the lock. If we did, then the lock holder would
190 * unlink the file upon releasing the lock, and we would acquire
191 * a lock on a file with no directory entry. Then another
192 * process could come along and acquire the same lock. To avoid
193 * this problem, we separate out the actions of waiting for the
194 * lock to be available and of actually acquiring the lock.
195 *
196 * That approach produces behavior that is technically correct;
197 * however, it causes some performance & ordering problems for
198 * locks that have a lot of contention. First, it is unfair in
199 * the sense that a released lock isn't necessarily granted to
200 * the process that has been waiting the longest. A waiter may
201 * be starved out indefinitely. Second, it creates a thundering
202 * herd situation each time the lock is released.
203 *
204 * When the "-k" option is used, the unlink race no longer
205 * exists. In that case we can block while acquiring the lock,
206 * avoiding the separate step of waiting for the lock. This
207 * yields fairness and improved performance.
208 */
209 lockfd = acquire_lock(&subj, flags | O_NONBLOCK, silent);
210 while (lockfd == -1 && !timed_out && waitsec != 0) {
211 if (keep || fdlock)
212 lockfd = acquire_lock(&subj, flags, silent);
213 else {
214 wait_for_lock(lockname);
215 lockfd = acquire_lock(&subj, flags | O_NONBLOCK,
216 silent);
217 }
218 }
219 if (waitsec > 0)
220 alarm(0);
221 if (lockfd == -1) { /* We failed to acquire the lock. */
222 if (silent)
223 exit(EX_TEMPFAIL);
224 errx(EX_TEMPFAIL, "%s: already locked", lockname);
225 }
226
227 /* At this point, we own the lock. */
228
229 /* Nothing else to do for FD lock, just exit */
230 if (argc == 0) {
231 assert(fdlock);
232 return 0;
233 }
234
235 if (atexit(cleanup) == -1)
236 err(EX_OSERR, "atexit failed");
237 if ((child = fork()) == -1)
238 err(EX_OSERR, "cannot fork");
239 if (child == 0) { /* The child process. */
240 close(lockfd);
241 execvp(argv[0], argv);
242 warn("%s", argv[0]);
243 _exit(1);
244 }
245 /* This is the parent process. */
246 signal(SIGINT, SIG_IGN);
247 signal(SIGQUIT, SIG_IGN);
248 signal(SIGTERM, killed);
249 fclose(stdin);
250 fclose(stdout);
251 fclose(stderr);
252 if (waitpid(child, &status, 0) == -1)
253 exit(EX_OSERR);
254 return (WIFEXITED(status) ? WEXITSTATUS(status) : EX_SOFTWARE);
255 }
256
257 /*
258 * Try to acquire a lock on the given file/fd, creating the file if
259 * necessary. The flags argument is O_NONBLOCK or 0, depending on
260 * whether we should wait for the lock. Returns an open file descriptor
261 * on success, or -1 on failure.
262 */
263 static int
acquire_lock(union lock_subject * subj,int flags,int silent)264 acquire_lock(union lock_subject *subj, int flags, int silent)
265 {
266 int fd;
267
268 if (fdlock) {
269 assert(subj->subj_fd >= 0 && subj->subj_fd <= INT_MAX);
270 fd = (int)subj->subj_fd;
271
272 if (flock(fd, LOCK_EX | LOCK_NB) == -1) {
273 if (errno == EAGAIN || errno == EINTR)
274 return (-1);
275 err(EX_CANTCREAT, "cannot lock fd %d", fd);
276 }
277 } else if ((fd = open(subj->subj_name, O_EXLOCK|flags, 0666)) == -1) {
278 if (errno == EAGAIN || errno == EINTR)
279 return (-1);
280 else if (errno == ENOENT && (flags & O_CREAT) == 0) {
281 if (!silent)
282 warn("%s", subj->subj_name);
283 exit(EX_UNAVAILABLE);
284 }
285 err(EX_CANTCREAT, "cannot open %s", subj->subj_name);
286 }
287 return (fd);
288 }
289
290 /*
291 * Remove the lock file.
292 */
293 static void
cleanup(void)294 cleanup(void)
295 {
296
297 if (keep || fdlock)
298 flock(lockfd, LOCK_UN);
299 else
300 unlink(lockname);
301 }
302
303 /*
304 * Signal handler for SIGTERM. Cleans up the lock file, then re-raises
305 * the signal.
306 */
307 static void
killed(int sig)308 killed(int sig)
309 {
310
311 cleanup();
312 signal(sig, SIG_DFL);
313 if (kill(getpid(), sig) == -1)
314 _Exit(EX_OSERR);
315 }
316
317 /*
318 * Signal handler for SIGALRM.
319 */
320 static void
timeout(int sig __unused)321 timeout(int sig __unused)
322 {
323
324 timed_out = 1;
325 }
326
327 static void
usage(void)328 usage(void)
329 {
330
331 fprintf(stderr,
332 "usage: lockf [-knsw] [-t seconds] file command [arguments]\n"
333 " lockf [-s] [-t seconds] fd\n");
334 exit(EX_USAGE);
335 }
336
337 /*
338 * Wait until it might be possible to acquire a lock on the given file.
339 * If the file does not exist, return immediately without creating it.
340 */
341 static void
wait_for_lock(const char * name)342 wait_for_lock(const char *name)
343 {
344 int fd;
345
346 if ((fd = open(name, O_RDONLY|O_EXLOCK, 0666)) == -1) {
347 if (errno == ENOENT || errno == EINTR)
348 return;
349 err(EX_CANTCREAT, "cannot open %s", name);
350 }
351 close(fd);
352 }
353