1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved. 24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 25 * Copyright (c) 2014, 2021 by Delphix. All rights reserved. 26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com> 27 * Copyright 2017 RackTop Systems. 28 * Copyright (c) 2018 Datto Inc. 29 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association. 30 */ 31 32 #include <dirent.h> 33 #include <dlfcn.h> 34 #include <errno.h> 35 #include <fcntl.h> 36 #include <libgen.h> 37 #include <libintl.h> 38 #include <stdio.h> 39 #include <stdlib.h> 40 #include <string.h> 41 #include <unistd.h> 42 #include <zone.h> 43 #include <sys/mntent.h> 44 #include <sys/mount.h> 45 #include <sys/stat.h> 46 #include <sys/vfs.h> 47 #include <sys/dsl_crypt.h> 48 #include <libzfs.h> 49 50 #include "../../libzfs_impl.h" 51 #include <thread_pool.h> 52 53 #define ZS_COMMENT 0x00000000 /* comment */ 54 #define ZS_ZFSUTIL 0x00000001 /* caller is zfs(8) */ 55 56 typedef struct option_map { 57 const char *name; 58 unsigned long mntmask; 59 unsigned long zfsmask; 60 } option_map_t; 61 62 static const option_map_t option_map[] = { 63 /* Canonicalized filesystem independent options from mount(8) */ 64 { MNTOPT_NOAUTO, MS_COMMENT, ZS_COMMENT }, 65 { MNTOPT_DEFAULTS, MS_COMMENT, ZS_COMMENT }, 66 { MNTOPT_NODEVICES, MS_NODEV, ZS_COMMENT }, 67 { MNTOPT_DEVICES, MS_COMMENT, ZS_COMMENT }, 68 { MNTOPT_DIRSYNC, MS_DIRSYNC, ZS_COMMENT }, 69 { MNTOPT_NOEXEC, MS_NOEXEC, ZS_COMMENT }, 70 { MNTOPT_EXEC, MS_COMMENT, ZS_COMMENT }, 71 { MNTOPT_GROUP, MS_GROUP, ZS_COMMENT }, 72 { MNTOPT_NETDEV, MS_COMMENT, ZS_COMMENT }, 73 { MNTOPT_NOFAIL, MS_COMMENT, ZS_COMMENT }, 74 { MNTOPT_NOSUID, MS_NOSUID, ZS_COMMENT }, 75 { MNTOPT_SUID, MS_COMMENT, ZS_COMMENT }, 76 { MNTOPT_OWNER, MS_OWNER, ZS_COMMENT }, 77 { MNTOPT_REMOUNT, MS_REMOUNT, ZS_COMMENT }, 78 { MNTOPT_RO, MS_RDONLY, ZS_COMMENT }, 79 { MNTOPT_RW, MS_COMMENT, ZS_COMMENT }, 80 { MNTOPT_SYNC, MS_SYNCHRONOUS, ZS_COMMENT }, 81 { MNTOPT_USER, MS_USERS, ZS_COMMENT }, 82 { MNTOPT_USERS, MS_USERS, ZS_COMMENT }, 83 /* acl flags passed with util-linux-2.24 mount command */ 84 { MNTOPT_ACL, MS_POSIXACL, ZS_COMMENT }, 85 { MNTOPT_NOACL, MS_COMMENT, ZS_COMMENT }, 86 { MNTOPT_POSIXACL, MS_POSIXACL, ZS_COMMENT }, 87 #ifdef MS_NOATIME 88 { MNTOPT_NOATIME, MS_NOATIME, ZS_COMMENT }, 89 { MNTOPT_ATIME, MS_COMMENT, ZS_COMMENT }, 90 #endif 91 #ifdef MS_NODIRATIME 92 { MNTOPT_NODIRATIME, MS_NODIRATIME, ZS_COMMENT }, 93 { MNTOPT_DIRATIME, MS_COMMENT, ZS_COMMENT }, 94 #endif 95 #ifdef MS_RELATIME 96 { MNTOPT_RELATIME, MS_RELATIME, ZS_COMMENT }, 97 { MNTOPT_NORELATIME, MS_COMMENT, ZS_COMMENT }, 98 #endif 99 #ifdef MS_STRICTATIME 100 { MNTOPT_STRICTATIME, MS_STRICTATIME, ZS_COMMENT }, 101 { MNTOPT_NOSTRICTATIME, MS_COMMENT, ZS_COMMENT }, 102 #endif 103 #ifdef MS_LAZYTIME 104 { MNTOPT_LAZYTIME, MS_LAZYTIME, ZS_COMMENT }, 105 #endif 106 { MNTOPT_CONTEXT, MS_COMMENT, ZS_COMMENT }, 107 { MNTOPT_FSCONTEXT, MS_COMMENT, ZS_COMMENT }, 108 { MNTOPT_DEFCONTEXT, MS_COMMENT, ZS_COMMENT }, 109 { MNTOPT_ROOTCONTEXT, MS_COMMENT, ZS_COMMENT }, 110 #ifdef MS_I_VERSION 111 { MNTOPT_IVERSION, MS_I_VERSION, ZS_COMMENT }, 112 #endif 113 #ifdef MS_MANDLOCK 114 { MNTOPT_NBMAND, MS_MANDLOCK, ZS_COMMENT }, 115 { MNTOPT_NONBMAND, MS_COMMENT, ZS_COMMENT }, 116 #endif 117 /* Valid options not found in mount(8) */ 118 { MNTOPT_BIND, MS_BIND, ZS_COMMENT }, 119 #ifdef MS_REC 120 { MNTOPT_RBIND, MS_BIND|MS_REC, ZS_COMMENT }, 121 #endif 122 { MNTOPT_COMMENT, MS_COMMENT, ZS_COMMENT }, 123 #ifdef MS_NOSUB 124 { MNTOPT_NOSUB, MS_NOSUB, ZS_COMMENT }, 125 #endif 126 #ifdef MS_SILENT 127 { MNTOPT_QUIET, MS_SILENT, ZS_COMMENT }, 128 #endif 129 /* Custom zfs options */ 130 { MNTOPT_XATTR, MS_COMMENT, ZS_COMMENT }, 131 { MNTOPT_NOXATTR, MS_COMMENT, ZS_COMMENT }, 132 { MNTOPT_ZFSUTIL, MS_COMMENT, ZS_ZFSUTIL }, 133 { NULL, 0, 0 } }; 134 135 /* 136 * Break the mount option in to a name/value pair. The name is 137 * validated against the option map and mount flags set accordingly. 138 */ 139 static int 140 parse_option(char *mntopt, unsigned long *mntflags, 141 unsigned long *zfsflags, int sloppy) 142 { 143 const option_map_t *opt; 144 char *ptr, *name, *value = NULL; 145 int error = 0; 146 147 name = strdup(mntopt); 148 if (name == NULL) 149 return (ENOMEM); 150 151 for (ptr = name; ptr && *ptr; ptr++) { 152 if (*ptr == '=') { 153 *ptr = '\0'; 154 value = ptr+1; 155 VERIFY3P(value, !=, NULL); 156 break; 157 } 158 } 159 160 for (opt = option_map; opt->name != NULL; opt++) { 161 if (strncmp(name, opt->name, strlen(name)) == 0) { 162 *mntflags |= opt->mntmask; 163 *zfsflags |= opt->zfsmask; 164 error = 0; 165 goto out; 166 } 167 } 168 169 if (!sloppy) 170 error = ENOENT; 171 out: 172 /* If required further process on the value may be done here */ 173 free(name); 174 return (error); 175 } 176 177 /* 178 * Translate the mount option string in to MS_* mount flags for the 179 * kernel vfs. When sloppy is non-zero unknown options will be ignored 180 * otherwise they are considered fatal are copied in to badopt. 181 */ 182 int 183 zfs_parse_mount_options(char *mntopts, unsigned long *mntflags, 184 unsigned long *zfsflags, int sloppy, char *badopt, char *mtabopt) 185 { 186 int error = 0, quote = 0, flag = 0, count = 0; 187 char *ptr, *opt, *opts; 188 189 opts = strdup(mntopts); 190 if (opts == NULL) 191 return (ENOMEM); 192 193 *mntflags = 0; 194 opt = NULL; 195 196 /* 197 * Scan through all mount options which must be comma delimited. 198 * We must be careful to notice regions which are double quoted 199 * and skip commas in these regions. Each option is then checked 200 * to determine if it is a known option. 201 */ 202 for (ptr = opts; ptr && !flag; ptr++) { 203 if (opt == NULL) 204 opt = ptr; 205 206 if (*ptr == '"') 207 quote = !quote; 208 209 if (quote) 210 continue; 211 212 if (*ptr == '\0') 213 flag = 1; 214 215 if ((*ptr == ',') || (*ptr == '\0')) { 216 *ptr = '\0'; 217 218 error = parse_option(opt, mntflags, zfsflags, sloppy); 219 if (error) { 220 strcpy(badopt, opt); 221 goto out; 222 223 } 224 225 if (!(*mntflags & MS_REMOUNT) && 226 !(*zfsflags & ZS_ZFSUTIL) && 227 mtabopt != NULL) { 228 if (count > 0) 229 strlcat(mtabopt, ",", MNT_LINE_MAX); 230 231 strlcat(mtabopt, opt, MNT_LINE_MAX); 232 count++; 233 } 234 235 opt = NULL; 236 } 237 } 238 239 out: 240 free(opts); 241 return (error); 242 } 243 244 static void 245 append_mntopt(const char *name, const char *val, char *mntopts, 246 char *mtabopt, boolean_t quote) 247 { 248 char tmp[MNT_LINE_MAX]; 249 250 snprintf(tmp, MNT_LINE_MAX, quote ? ",%s=\"%s\"" : ",%s=%s", name, val); 251 252 if (mntopts) 253 strlcat(mntopts, tmp, MNT_LINE_MAX); 254 255 if (mtabopt) 256 strlcat(mtabopt, tmp, MNT_LINE_MAX); 257 } 258 259 static void 260 zfs_selinux_setcontext(zfs_handle_t *zhp, zfs_prop_t zpt, const char *name, 261 char *mntopts, char *mtabopt) 262 { 263 char context[ZFS_MAXPROPLEN]; 264 265 if (zfs_prop_get(zhp, zpt, context, sizeof (context), 266 NULL, NULL, 0, B_FALSE) == 0) { 267 if (strcmp(context, "none") != 0) 268 append_mntopt(name, context, mntopts, mtabopt, B_TRUE); 269 } 270 } 271 272 void 273 zfs_adjust_mount_options(zfs_handle_t *zhp, const char *mntpoint, 274 char *mntopts, char *mtabopt) 275 { 276 char prop[ZFS_MAXPROPLEN]; 277 278 /* 279 * Checks to see if the ZFS_PROP_SELINUX_CONTEXT exists 280 * if it does, create a tmp variable in case it's needed 281 * checks to see if the selinux context is set to the default 282 * if it is, allow the setting of the other context properties 283 * this is needed because the 'context' property overrides others 284 * if it is not the default, set the 'context' property 285 */ 286 if (zfs_prop_get(zhp, ZFS_PROP_SELINUX_CONTEXT, prop, sizeof (prop), 287 NULL, NULL, 0, B_FALSE) == 0) { 288 if (strcmp(prop, "none") == 0) { 289 zfs_selinux_setcontext(zhp, ZFS_PROP_SELINUX_FSCONTEXT, 290 MNTOPT_FSCONTEXT, mntopts, mtabopt); 291 zfs_selinux_setcontext(zhp, ZFS_PROP_SELINUX_DEFCONTEXT, 292 MNTOPT_DEFCONTEXT, mntopts, mtabopt); 293 zfs_selinux_setcontext(zhp, 294 ZFS_PROP_SELINUX_ROOTCONTEXT, MNTOPT_ROOTCONTEXT, 295 mntopts, mtabopt); 296 } else { 297 append_mntopt(MNTOPT_CONTEXT, prop, 298 mntopts, mtabopt, B_TRUE); 299 } 300 } 301 302 /* A hint used to determine an auto-mounted snapshot mount point */ 303 append_mntopt(MNTOPT_MNTPOINT, mntpoint, mntopts, NULL, B_FALSE); 304 } 305 306 /* 307 * By default the filesystem by preparing the mount options (i.e. parsing 308 * some flags from the "opts" parameter into the "flags" parameter) and then 309 * directly calling the system call mount(2). We don't need the mount utility 310 * or update /etc/mtab, because this is a symlink on all modern systems. 311 * 312 * If the environment variable ZFS_MOUNT_HELPER is set, we fall back to the 313 * previous behavior: 314 * The filesystem is mounted by invoking the system mount utility rather 315 * than by the system call mount(2). This ensures that the /etc/mtab 316 * file is correctly locked for the update. Performing our own locking 317 * and /etc/mtab update requires making an unsafe assumption about how 318 * the mount utility performs its locking. Unfortunately, this also means 319 * in the case of a mount failure we do not have the exact errno. We must 320 * make due with return value from the mount process. 321 */ 322 int 323 do_mount(zfs_handle_t *zhp, const char *mntpt, char *opts, int flags) 324 { 325 const char *src = zfs_get_name(zhp); 326 int error = 0; 327 328 if (!libzfs_envvar_is_set("ZFS_MOUNT_HELPER")) { 329 char badopt[MNT_LINE_MAX] = {0}; 330 unsigned long mntflags = flags, zfsflags = 0; 331 char myopts[MNT_LINE_MAX] = {0}; 332 333 if (zfs_parse_mount_options(opts, &mntflags, 334 &zfsflags, 0, badopt, NULL)) { 335 return (EINVAL); 336 } 337 strlcat(myopts, opts, MNT_LINE_MAX); 338 zfs_adjust_mount_options(zhp, mntpt, myopts, NULL); 339 if (mount(src, mntpt, MNTTYPE_ZFS, mntflags, myopts)) { 340 return (errno); 341 } 342 } else { 343 char *argv[9] = { 344 "/bin/mount", 345 "--no-canonicalize", 346 "-t", MNTTYPE_ZFS, 347 "-o", opts, 348 (char *)src, 349 (char *)mntpt, 350 (char *)NULL }; 351 352 /* Return only the most critical mount error */ 353 error = libzfs_run_process(argv[0], argv, 354 STDOUT_VERBOSE|STDERR_VERBOSE); 355 if (error) { 356 if (error & MOUNT_FILEIO) { 357 error = EIO; 358 } else if (error & MOUNT_USER) { 359 error = EINTR; 360 } else if (error & MOUNT_SOFTWARE) { 361 error = EPIPE; 362 } else if (error & MOUNT_BUSY) { 363 error = EBUSY; 364 } else if (error & MOUNT_SYSERR) { 365 error = EAGAIN; 366 } else if (error & MOUNT_USAGE) { 367 error = EINVAL; 368 } else 369 error = ENXIO; /* Generic error */ 370 } 371 } 372 373 return (error); 374 } 375 376 int 377 do_unmount(zfs_handle_t *zhp, const char *mntpt, int flags) 378 { 379 (void) zhp; 380 381 if (!libzfs_envvar_is_set("ZFS_MOUNT_HELPER")) { 382 int rv = umount2(mntpt, flags); 383 384 return (rv < 0 ? errno : 0); 385 } 386 387 char force_opt[] = "-f"; 388 char lazy_opt[] = "-l"; 389 char *argv[7] = { 390 "/bin/umount", 391 "-t", MNTTYPE_ZFS, 392 NULL, NULL, NULL, NULL }; 393 int rc, count = 3; 394 395 if (flags & MS_FORCE) { 396 argv[count] = force_opt; 397 count++; 398 } 399 400 if (flags & MS_DETACH) { 401 argv[count] = lazy_opt; 402 count++; 403 } 404 405 argv[count] = (char *)mntpt; 406 rc = libzfs_run_process(argv[0], argv, STDOUT_VERBOSE|STDERR_VERBOSE); 407 408 return (rc ? EINVAL : 0); 409 } 410 411 int 412 zfs_mount_delegation_check(void) 413 { 414 return ((geteuid() != 0) ? EACCES : 0); 415 } 416 417 /* Called from the tail end of zpool_disable_datasets() */ 418 void 419 zpool_disable_datasets_os(zpool_handle_t *zhp, boolean_t force) 420 { 421 (void) zhp, (void) force; 422 } 423 424 /* Called from the tail end of zfs_unmount() */ 425 void 426 zpool_disable_volume_os(const char *name) 427 { 428 (void) name; 429 } 430