1 // SPDX-License-Identifier: CDDL-1.0
2 /*
3 * CDDL HEADER START
4 *
5 * The contents of this file are subject to the terms of the
6 * Common Development and Distribution License (the "License").
7 * You may not use this file except in compliance with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or https://opensource.org/licenses/CDDL-1.0.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22
23 /*
24 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
25 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
26 * Copyright (c) 2014, 2021 by Delphix. All rights reserved.
27 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
28 * Copyright 2017 RackTop Systems.
29 * Copyright (c) 2018 Datto Inc.
30 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
31 */
32
33 #include <dirent.h>
34 #include <dlfcn.h>
35 #include <errno.h>
36 #include <fcntl.h>
37 #include <libgen.h>
38 #include <libintl.h>
39 #include <stdio.h>
40 #include <stdlib.h>
41 #include <string.h>
42 #include <unistd.h>
43 #include <zone.h>
44 #include <sys/mntent.h>
45 #include <sys/mount.h>
46 #include <sys/stat.h>
47 #include <sys/vfs.h>
48 #include <sys/dsl_crypt.h>
49 #include <libzfs.h>
50
51 #include "../../libzfs_impl.h"
52 #include <thread_pool.h>
53
54 #define ZS_COMMENT 0x00000000 /* comment */
55 #define ZS_ZFSUTIL 0x00000001 /* caller is zfs(8) */
56
57 typedef struct option_map {
58 const char *name;
59 unsigned long mntmask;
60 unsigned long zfsmask;
61 } option_map_t;
62
63 static const option_map_t option_map[] = {
64 /* Canonicalized filesystem independent options from mount(8) */
65 { MNTOPT_NOAUTO, MS_COMMENT, ZS_COMMENT },
66 { MNTOPT_DEFAULTS, MS_COMMENT, ZS_COMMENT },
67 { MNTOPT_NODEVICES, MS_NODEV, ZS_COMMENT },
68 { MNTOPT_DEVICES, MS_COMMENT, ZS_COMMENT },
69 { MNTOPT_DIRSYNC, MS_DIRSYNC, ZS_COMMENT },
70 { MNTOPT_NOEXEC, MS_NOEXEC, ZS_COMMENT },
71 { MNTOPT_EXEC, MS_COMMENT, ZS_COMMENT },
72 { MNTOPT_GROUP, MS_GROUP, ZS_COMMENT },
73 { MNTOPT_NETDEV, MS_COMMENT, ZS_COMMENT },
74 { MNTOPT_NOFAIL, MS_COMMENT, ZS_COMMENT },
75 { MNTOPT_NOSUID, MS_NOSUID, ZS_COMMENT },
76 { MNTOPT_SUID, MS_COMMENT, ZS_COMMENT },
77 { MNTOPT_OWNER, MS_OWNER, ZS_COMMENT },
78 { MNTOPT_REMOUNT, MS_REMOUNT, ZS_COMMENT },
79 { MNTOPT_RO, MS_RDONLY, ZS_COMMENT },
80 { MNTOPT_RW, MS_COMMENT, ZS_COMMENT },
81 { MNTOPT_SYNC, MS_SYNCHRONOUS, ZS_COMMENT },
82 { MNTOPT_USER, MS_USERS, ZS_COMMENT },
83 { MNTOPT_USERS, MS_USERS, ZS_COMMENT },
84 /* acl flags passed with util-linux-2.24 mount command */
85 { MNTOPT_ACL, MS_POSIXACL, ZS_COMMENT },
86 { MNTOPT_NOACL, MS_COMMENT, ZS_COMMENT },
87 { MNTOPT_POSIXACL, MS_POSIXACL, ZS_COMMENT },
88 /*
89 * Case sensitive options are just listed here to silently
90 * ignore the error if passed with zfs mount command.
91 */
92 { MNTOPT_CASESENSITIVE, MS_COMMENT, ZS_COMMENT },
93 { MNTOPT_CASEINSENSITIVE, MS_COMMENT, ZS_COMMENT },
94 { MNTOPT_CASEMIXED, MS_COMMENT, ZS_COMMENT },
95 #ifdef MS_NOATIME
96 { MNTOPT_NOATIME, MS_NOATIME, ZS_COMMENT },
97 { MNTOPT_ATIME, MS_COMMENT, ZS_COMMENT },
98 #endif
99 #ifdef MS_NODIRATIME
100 { MNTOPT_NODIRATIME, MS_NODIRATIME, ZS_COMMENT },
101 { MNTOPT_DIRATIME, MS_COMMENT, ZS_COMMENT },
102 #endif
103 #ifdef MS_RELATIME
104 { MNTOPT_RELATIME, MS_RELATIME, ZS_COMMENT },
105 { MNTOPT_NORELATIME, MS_COMMENT, ZS_COMMENT },
106 #endif
107 #ifdef MS_STRICTATIME
108 { MNTOPT_STRICTATIME, MS_STRICTATIME, ZS_COMMENT },
109 { MNTOPT_NOSTRICTATIME, MS_COMMENT, ZS_COMMENT },
110 #endif
111 #ifdef MS_LAZYTIME
112 { MNTOPT_LAZYTIME, MS_LAZYTIME, ZS_COMMENT },
113 #endif
114 { MNTOPT_CONTEXT, MS_COMMENT, ZS_COMMENT },
115 { MNTOPT_FSCONTEXT, MS_COMMENT, ZS_COMMENT },
116 { MNTOPT_DEFCONTEXT, MS_COMMENT, ZS_COMMENT },
117 { MNTOPT_ROOTCONTEXT, MS_COMMENT, ZS_COMMENT },
118 #ifdef MS_I_VERSION
119 { MNTOPT_IVERSION, MS_I_VERSION, ZS_COMMENT },
120 #endif
121 #ifdef MS_MANDLOCK
122 { MNTOPT_NBMAND, MS_MANDLOCK, ZS_COMMENT },
123 { MNTOPT_NONBMAND, MS_COMMENT, ZS_COMMENT },
124 #endif
125 /* Valid options not found in mount(8) */
126 { MNTOPT_BIND, MS_BIND, ZS_COMMENT },
127 #ifdef MS_REC
128 { MNTOPT_RBIND, MS_BIND|MS_REC, ZS_COMMENT },
129 #endif
130 { MNTOPT_COMMENT, MS_COMMENT, ZS_COMMENT },
131 #ifdef MS_NOSUB
132 { MNTOPT_NOSUB, MS_NOSUB, ZS_COMMENT },
133 #endif
134 #ifdef MS_SILENT
135 { MNTOPT_QUIET, MS_SILENT, ZS_COMMENT },
136 #endif
137 /* Custom zfs options */
138 { MNTOPT_XATTR, MS_COMMENT, ZS_COMMENT },
139 { MNTOPT_NOXATTR, MS_COMMENT, ZS_COMMENT },
140 { MNTOPT_ZFSUTIL, MS_COMMENT, ZS_ZFSUTIL },
141 { NULL, 0, 0 } };
142
143 /*
144 * Break the mount option in to a name/value pair. The name is
145 * validated against the option map and mount flags set accordingly.
146 */
147 static int
parse_option(char * mntopt,unsigned long * mntflags,unsigned long * zfsflags,int sloppy)148 parse_option(char *mntopt, unsigned long *mntflags,
149 unsigned long *zfsflags, int sloppy)
150 {
151 const option_map_t *opt;
152 char *ptr, *name, *value = NULL;
153 int error = 0;
154
155 name = strdup(mntopt);
156 if (name == NULL)
157 return (ENOMEM);
158
159 for (ptr = name; ptr && *ptr; ptr++) {
160 if (*ptr == '=') {
161 *ptr = '\0';
162 value = ptr+1;
163 VERIFY3P(value, !=, NULL);
164 break;
165 }
166 }
167
168 for (opt = option_map; opt->name != NULL; opt++) {
169 if (strncmp(name, opt->name, strlen(name)) == 0) {
170 *mntflags |= opt->mntmask;
171 *zfsflags |= opt->zfsmask;
172 error = 0;
173 goto out;
174 }
175 }
176
177 if (!sloppy)
178 error = ENOENT;
179 out:
180 /* If required further process on the value may be done here */
181 free(name);
182 return (error);
183 }
184
185 /*
186 * Translate the mount option string in to MS_* mount flags for the
187 * kernel vfs. When sloppy is non-zero unknown options will be ignored
188 * otherwise they are considered fatal are copied in to badopt.
189 */
190 int
zfs_parse_mount_options(const char * mntopts,unsigned long * mntflags,unsigned long * zfsflags,int sloppy,char * badopt,char * mtabopt)191 zfs_parse_mount_options(const char *mntopts, unsigned long *mntflags,
192 unsigned long *zfsflags, int sloppy, char *badopt, char *mtabopt)
193 {
194 int error = 0, quote = 0, flag = 0, count = 0;
195 char *ptr, *opt, *opts;
196
197 opts = strdup(mntopts);
198 if (opts == NULL)
199 return (ENOMEM);
200
201 *mntflags = 0;
202 opt = NULL;
203
204 /*
205 * Scan through all mount options which must be comma delimited.
206 * We must be careful to notice regions which are double quoted
207 * and skip commas in these regions. Each option is then checked
208 * to determine if it is a known option.
209 */
210 for (ptr = opts; ptr && !flag; ptr++) {
211 if (opt == NULL)
212 opt = ptr;
213
214 if (*ptr == '"')
215 quote = !quote;
216
217 if (quote)
218 continue;
219
220 if (*ptr == '\0')
221 flag = 1;
222
223 if ((*ptr == ',') || (*ptr == '\0')) {
224 *ptr = '\0';
225
226 error = parse_option(opt, mntflags, zfsflags, sloppy);
227 if (error) {
228 strcpy(badopt, opt);
229 goto out;
230
231 }
232
233 if (!(*mntflags & MS_REMOUNT) &&
234 !(*zfsflags & ZS_ZFSUTIL) &&
235 mtabopt != NULL) {
236 if (count > 0)
237 strlcat(mtabopt, ",", MNT_LINE_MAX);
238
239 strlcat(mtabopt, opt, MNT_LINE_MAX);
240 count++;
241 }
242
243 opt = NULL;
244 }
245 }
246
247 out:
248 free(opts);
249 return (error);
250 }
251
252 static void
append_mntopt(const char * name,const char * val,char * mntopts,char * mtabopt,boolean_t quote)253 append_mntopt(const char *name, const char *val, char *mntopts,
254 char *mtabopt, boolean_t quote)
255 {
256 char tmp[MNT_LINE_MAX];
257
258 snprintf(tmp, MNT_LINE_MAX, quote ? ",%s=\"%s\"" : ",%s=%s", name, val);
259
260 if (mntopts)
261 strlcat(mntopts, tmp, MNT_LINE_MAX);
262
263 if (mtabopt)
264 strlcat(mtabopt, tmp, MNT_LINE_MAX);
265 }
266
267 static void
zfs_selinux_setcontext(zfs_handle_t * zhp,zfs_prop_t zpt,const char * name,char * mntopts,char * mtabopt)268 zfs_selinux_setcontext(zfs_handle_t *zhp, zfs_prop_t zpt, const char *name,
269 char *mntopts, char *mtabopt)
270 {
271 char context[ZFS_MAXPROPLEN];
272
273 if (zfs_prop_get(zhp, zpt, context, sizeof (context),
274 NULL, NULL, 0, B_FALSE) == 0) {
275 if (strcmp(context, "none") != 0)
276 append_mntopt(name, context, mntopts, mtabopt, B_TRUE);
277 }
278 }
279
280 void
zfs_adjust_mount_options(zfs_handle_t * zhp,const char * mntpoint,char * mntopts,char * mtabopt)281 zfs_adjust_mount_options(zfs_handle_t *zhp, const char *mntpoint,
282 char *mntopts, char *mtabopt)
283 {
284 char prop[ZFS_MAXPROPLEN];
285
286 /*
287 * Checks to see if the ZFS_PROP_SELINUX_CONTEXT exists
288 * if it does, create a tmp variable in case it's needed
289 * checks to see if the selinux context is set to the default
290 * if it is, allow the setting of the other context properties
291 * this is needed because the 'context' property overrides others
292 * if it is not the default, set the 'context' property
293 */
294 if (zfs_prop_get(zhp, ZFS_PROP_SELINUX_CONTEXT, prop, sizeof (prop),
295 NULL, NULL, 0, B_FALSE) == 0) {
296 if (strcmp(prop, "none") == 0) {
297 zfs_selinux_setcontext(zhp, ZFS_PROP_SELINUX_FSCONTEXT,
298 MNTOPT_FSCONTEXT, mntopts, mtabopt);
299 zfs_selinux_setcontext(zhp, ZFS_PROP_SELINUX_DEFCONTEXT,
300 MNTOPT_DEFCONTEXT, mntopts, mtabopt);
301 zfs_selinux_setcontext(zhp,
302 ZFS_PROP_SELINUX_ROOTCONTEXT, MNTOPT_ROOTCONTEXT,
303 mntopts, mtabopt);
304 } else {
305 append_mntopt(MNTOPT_CONTEXT, prop,
306 mntopts, mtabopt, B_TRUE);
307 }
308 }
309
310 /* A hint used to determine an auto-mounted snapshot mount point */
311 append_mntopt(MNTOPT_MNTPOINT, mntpoint, mntopts, NULL, B_FALSE);
312 }
313
314 /*
315 * By default the filesystem by preparing the mount options (i.e. parsing
316 * some flags from the "opts" parameter into the "flags" parameter) and then
317 * directly calling the system call mount(2). We don't need the mount utility
318 * or update /etc/mtab, because this is a symlink on all modern systems.
319 *
320 * If the environment variable ZFS_MOUNT_HELPER is set, we fall back to the
321 * previous behavior:
322 * The filesystem is mounted by invoking the system mount utility rather
323 * than by the system call mount(2). This ensures that the /etc/mtab
324 * file is correctly locked for the update. Performing our own locking
325 * and /etc/mtab update requires making an unsafe assumption about how
326 * the mount utility performs its locking. Unfortunately, this also means
327 * in the case of a mount failure we do not have the exact errno. We must
328 * make due with return value from the mount process.
329 */
330 int
do_mount(zfs_handle_t * zhp,const char * mntpt,const char * opts,int flags)331 do_mount(zfs_handle_t *zhp, const char *mntpt, const char *opts, int flags)
332 {
333 const char *src = zfs_get_name(zhp);
334 int error = 0;
335
336 if (!libzfs_envvar_is_set("ZFS_MOUNT_HELPER")) {
337 char badopt[MNT_LINE_MAX] = {0};
338 unsigned long mntflags = flags, zfsflags = 0;
339 char myopts[MNT_LINE_MAX] = {0};
340
341 if (zfs_parse_mount_options(opts, &mntflags,
342 &zfsflags, 0, badopt, NULL)) {
343 return (EINVAL);
344 }
345 strlcat(myopts, opts, MNT_LINE_MAX);
346 zfs_adjust_mount_options(zhp, mntpt, myopts, NULL);
347 if (mount(src, mntpt, MNTTYPE_ZFS, mntflags, myopts)) {
348 return (errno);
349 }
350 } else {
351 char *argv[9] = {
352 (char *)"/bin/mount",
353 (char *)"--no-canonicalize",
354 (char *)"-t", (char *)MNTTYPE_ZFS,
355 (char *)"-o", (char *)opts,
356 (char *)src,
357 (char *)mntpt,
358 (char *)NULL };
359
360 /* Return only the most critical mount error */
361 error = libzfs_run_process(argv[0], argv,
362 STDOUT_VERBOSE|STDERR_VERBOSE);
363 if (error) {
364 if (error & MOUNT_FILEIO) {
365 error = EIO;
366 } else if (error & MOUNT_USER) {
367 error = EINTR;
368 } else if (error & MOUNT_SOFTWARE) {
369 error = EPIPE;
370 } else if (error & MOUNT_BUSY) {
371 error = EBUSY;
372 } else if (error & MOUNT_SYSERR) {
373 error = EAGAIN;
374 } else if (error & MOUNT_USAGE) {
375 error = EINVAL;
376 } else
377 error = ENXIO; /* Generic error */
378 }
379 }
380
381 return (error);
382 }
383
384 int
do_unmount(zfs_handle_t * zhp,const char * mntpt,int flags)385 do_unmount(zfs_handle_t *zhp, const char *mntpt, int flags)
386 {
387 (void) zhp;
388
389 if (!libzfs_envvar_is_set("ZFS_MOUNT_HELPER")) {
390 int rv = umount2(mntpt, flags);
391
392 return (rv < 0 ? errno : 0);
393 }
394
395 char *argv[7] = {
396 (char *)"/bin/umount",
397 (char *)"-t", (char *)MNTTYPE_ZFS,
398 NULL, NULL, NULL, NULL };
399 int rc, count = 3;
400
401 if (flags & MS_FORCE)
402 argv[count++] = (char *)"-f";
403
404 if (flags & MS_DETACH)
405 argv[count++] = (char *)"-l";
406
407 argv[count] = (char *)mntpt;
408 rc = libzfs_run_process(argv[0], argv, STDOUT_VERBOSE|STDERR_VERBOSE);
409
410 return (rc ? EINVAL : 0);
411 }
412
413 int
zfs_mount_delegation_check(void)414 zfs_mount_delegation_check(void)
415 {
416 return ((geteuid() != 0) ? EACCES : 0);
417 }
418
419 /* Called from the tail end of zpool_disable_datasets() */
420 void
zpool_disable_datasets_os(zpool_handle_t * zhp,boolean_t force)421 zpool_disable_datasets_os(zpool_handle_t *zhp, boolean_t force)
422 {
423 (void) zhp, (void) force;
424 }
425
426 /* Called from the tail end of zfs_unmount() */
427 void
zpool_disable_volume_os(const char * name)428 zpool_disable_volume_os(const char *name)
429 {
430 (void) name;
431 }
432