forked from jacobsa/fuse
-
Notifications
You must be signed in to change notification settings - Fork 0
/
mount_linux.go
204 lines (177 loc) · 5.37 KB
/
mount_linux.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
package fuse
import (
"bytes"
"errors"
"fmt"
"net"
"os"
"os/exec"
"syscall"
"golang.org/x/sys/unix"
)
func findFusermount() (string, error) {
path, err := exec.LookPath("fusermount3")
if err != nil {
path, err = exec.LookPath("fusermount")
}
if err != nil {
return "", err
}
return path, nil
}
func fusermount(dir string, cfg *MountConfig) (*os.File, error) {
// Create a socket pair.
fds, err := syscall.Socketpair(syscall.AF_FILE, syscall.SOCK_STREAM, 0)
if err != nil {
return nil, fmt.Errorf("Socketpair: %v", err)
}
// Wrap the sockets into os.File objects that we will pass off to fusermount.
writeFile := os.NewFile(uintptr(fds[0]), "fusermount-child-writes")
defer writeFile.Close()
readFile := os.NewFile(uintptr(fds[1]), "fusermount-parent-reads")
defer readFile.Close()
// Start fusermount, passing it a buffer in which to write stderr.
var stderr bytes.Buffer
fusermount, err := findFusermount()
if err != nil {
return nil, err
}
cmd := exec.Command(
fusermount,
"-o", cfg.toOptionsString(),
"--",
dir,
)
cmd.Env = append(os.Environ(), "_FUSE_COMMFD=3")
cmd.ExtraFiles = []*os.File{writeFile}
cmd.Stderr = &stderr
// Run the command.
err = cmd.Run()
if err != nil {
return nil, fmt.Errorf("running fusermount: %v\n\nstderr:\n%s", err, stderr.Bytes())
}
// Wrap the socket file in a connection.
c, err := net.FileConn(readFile)
if err != nil {
return nil, fmt.Errorf("FileConn: %v", err)
}
defer c.Close()
// We expect to have a Unix domain socket.
uc, ok := c.(*net.UnixConn)
if !ok {
return nil, fmt.Errorf("Expected UnixConn, got %T", c)
}
// Read a message.
buf := make([]byte, 32) // expect 1 byte
oob := make([]byte, 32) // expect 24 bytes
_, oobn, _, _, err := uc.ReadMsgUnix(buf, oob)
if err != nil {
return nil, fmt.Errorf("ReadMsgUnix: %v", err)
}
// Parse the message.
scms, err := syscall.ParseSocketControlMessage(oob[:oobn])
if err != nil {
return nil, fmt.Errorf("ParseSocketControlMessage: %v", err)
}
// We expect one message.
if len(scms) != 1 {
return nil, fmt.Errorf("expected 1 SocketControlMessage; got scms = %#v", scms)
}
scm := scms[0]
// Pull out the FD returned by fusermount
gotFds, err := syscall.ParseUnixRights(&scm)
if err != nil {
return nil, fmt.Errorf("syscall.ParseUnixRights: %v", err)
}
if len(gotFds) != 1 {
return nil, fmt.Errorf("wanted 1 fd; got %#v", gotFds)
}
// Turn the FD into an os.File.
return os.NewFile(uintptr(gotFds[0]), "/dev/fuse"), nil
}
func enableFunc(flag uintptr) func(uintptr) uintptr {
return func(v uintptr) uintptr {
return v | flag
}
}
func disableFunc(flag uintptr) func(uintptr) uintptr {
return func(v uintptr) uintptr {
return v &^ flag
}
}
// As per libfuse/fusermount.c:602: https://bit.ly/2SgtWYM#L602
var mountflagopts = map[string]func(uintptr) uintptr{
"rw": disableFunc(unix.MS_RDONLY),
"ro": enableFunc(unix.MS_RDONLY),
"suid": disableFunc(unix.MS_NOSUID),
"nosuid": enableFunc(unix.MS_NOSUID),
"dev": disableFunc(unix.MS_NODEV),
"nodev": enableFunc(unix.MS_NODEV),
"exec": disableFunc(unix.MS_NOEXEC),
"noexec": enableFunc(unix.MS_NOEXEC),
"async": disableFunc(unix.MS_SYNCHRONOUS),
"sync": enableFunc(unix.MS_SYNCHRONOUS),
"atime": disableFunc(unix.MS_NOATIME),
"noatime": enableFunc(unix.MS_NOATIME),
"dirsync": enableFunc(unix.MS_DIRSYNC),
}
var errFallback = errors.New("sentinel: fallback to fusermount(1)")
func directmount(dir string, cfg *MountConfig) (*os.File, error) {
// We use syscall.Open + os.NewFile instead of os.OpenFile so that the file
// is opened in blocking mode. When opened in non-blocking mode, the Go
// runtime tries to use poll(2), which does not work with /dev/fuse.
fd, err := syscall.Open("/dev/fuse", syscall.O_RDWR, 0644)
if err != nil {
return nil, errFallback
}
dev := os.NewFile(uintptr(fd), "/dev/fuse")
// As per libfuse/fusermount.c:847: https://bit.ly/2SgtWYM#L847
data := fmt.Sprintf("fd=%d,rootmode=40000,user_id=%d,group_id=%d",
dev.Fd(), os.Getuid(), os.Getgid())
// As per libfuse/fusermount.c:749: https://bit.ly/2SgtWYM#L749
mountflag := uintptr(unix.MS_NODEV | unix.MS_NOSUID)
opts := cfg.toMap()
for k := range opts {
fn, ok := mountflagopts[k]
if !ok {
continue
}
mountflag = fn(mountflag)
delete(opts, k)
}
delete(opts, "fsname") // handled via fstype mount(2) parameter
fstype := "fuse"
if subtype, ok := opts["subtype"]; ok {
fstype += "." + subtype
}
delete(opts, "subtype")
data += "," + mapToOptionsString(opts)
if err := unix.Mount(
cfg.FSName, // source
dir, // target
fstype, // fstype
mountflag, // mountflag
data, // data
); err != nil {
if err == syscall.EPERM {
return nil, errFallback
}
return nil, err
}
return dev, nil
}
// Begin the process of mounting at the given directory, returning a connection
// to the kernel. Mounting continues in the background, and is complete when an
// error is written to the supplied channel. The file system may need to
// service the connection in order for mounting to complete.
func mount(dir string, cfg *MountConfig, ready chan<- error) (*os.File, error) {
// On linux, mounting is never delayed.
ready <- nil
// Try mounting without fusermount(1) first: we might be running as root or
// have the CAP_SYS_ADMIN capability.
dev, err := directmount(dir, cfg)
if err == errFallback {
return fusermount(dir, cfg)
}
return dev, err
}