resolve_symlink(): use a strbuf for internal scratch space
[git/git.git] / lockfile.c
CommitLineData
021b6e45
JH
1/*
2 * Copyright (c) 2005, Junio C Hamano
3 */
021b6e45 4#include "cache.h"
4a16d072 5#include "sigchain.h"
021b6e45 6
0a06f148
MH
7/*
8 * File write-locks as used by Git.
9 *
10 * For an overview of how to use the lockfile API, please see
11 *
12 * Documentation/technical/api-lockfile.txt
13 *
14 * This module keeps track of all locked files in lock_file_list for
15 * use at cleanup. This list and the lock_file objects that comprise
16 * it must be kept in self-consistent states at all time, because the
17 * program can be interrupted any time by a signal, in which case the
18 * signal handler will walk through the list attempting to clean up
19 * any open lock files.
20 *
21 * A lockfile is owned by the process that created it. The lock_file
22 * object has an "owner" field that records its owner. This field is
23 * used to prevent a forked process from closing a lockfile created by
24 * its parent.
25 *
707103fd 26 * The possible states of a lock_file object are as follows:
0a06f148
MH
27 *
28 * - Uninitialized. In this state the object's on_list field must be
29 * zero but the rest of its contents need not be initialized. As
30 * soon as the object is used in any way, it is irrevocably
31 * registered in the lock_file_list, and on_list is set.
32 *
33 * - Locked, lockfile open (after hold_lock_file_for_update(),
34 * hold_lock_file_for_append(), or reopen_lock_file()). In this
707103fd
MH
35 * state:
36 * - the lockfile exists
37 * - active is set
38 * - filename holds the filename of the lockfile
39 * - fd holds a file descriptor open for writing to the lockfile
40 * - owner holds the PID of the process that locked the file
0a06f148 41 *
8e86c155
MH
42 * - Locked, lockfile closed (after successful close_lock_file()).
43 * Same as the previous state, except that the lockfile is closed
44 * and fd is -1.
0a06f148 45 *
8e86c155 46 * - Unlocked (after commit_lock_file(), rollback_lock_file(), a
707103fd
MH
47 * failed attempt to lock, or a failed close_lock_file()). In this
48 * state:
49 * - active is unset
cf6950d3
MH
50 * - filename is empty (usually, though there are transitory
51 * states in which this condition doesn't hold). Client code should
52 * *not* rely on the filename being empty in this state.
707103fd
MH
53 * - fd is -1
54 * - the object is left registered in the lock_file_list, and
55 * on_list is set.
0a06f148
MH
56 */
57
2091c506 58static struct lock_file *volatile lock_file_list;
021b6e45
JH
59
60static void remove_lock_file(void)
61{
5e635e39
JH
62 pid_t me = getpid();
63
021b6e45 64 while (lock_file_list) {
a1754bcc
MH
65 if (lock_file_list->owner == me)
66 rollback_lock_file(lock_file_list);
021b6e45
JH
67 lock_file_list = lock_file_list->next;
68 }
69}
70
71static void remove_lock_file_on_signal(int signo)
72{
73 remove_lock_file();
4a16d072 74 sigchain_pop(signo);
021b6e45
JH
75 raise(signo);
76}
77
5d5a7a67
BS
78/*
79 * p = absolute or relative path name
80 *
81 * Return a pointer into p showing the beginning of the last path name
82 * element. If p is empty or the root directory ("/"), just return p.
83 */
84static char *last_path_elm(char *p)
85{
86 /* r starts pointing to null at the end of the string */
87 char *r = strchr(p, '\0');
88
89 if (r == p)
90 return p; /* just return empty string */
91
92 r--; /* back up to last non-null character */
93
94 /* back up past trailing slashes, if any */
95 while (r > p && *r == '/')
96 r--;
97
98 /*
99 * then go backwards until I hit a slash, or the beginning of
100 * the string
101 */
102 while (r > p && *(r-1) != '/')
103 r--;
104 return r;
105}
106
107
108/* We allow "recursive" symbolic links. Only within reason, though */
109#define MAXDEPTH 5
110
111/*
112 * p = path that may be a symlink
113 * s = full size of p
114 *
115 * If p is a symlink, attempt to overwrite p with a path to the real
116 * file or directory (which may or may not exist), following a chain of
117 * symlinks if necessary. Otherwise, leave p unmodified.
118 *
119 * This is a best-effort routine. If an error occurs, p will either be
120 * left unmodified or will name a different symlink in a symlink chain
121 * that started with p's initial contents.
122 *
123 * Always returns p.
124 */
125
126static char *resolve_symlink(char *p, size_t s)
127{
128 int depth = MAXDEPTH;
5025d845 129 static struct strbuf link = STRBUF_INIT;
5d5a7a67
BS
130
131 while (depth--) {
5025d845
MH
132 if (strbuf_readlink(&link, p, strlen(p)) < 0)
133 break;
5d5a7a67 134
5025d845 135 if (is_absolute_path(link.buf)) {
5d5a7a67 136 /* absolute path simply replaces p */
5025d845
MH
137 if (link.len < s)
138 strcpy(p, link.buf);
5d5a7a67
BS
139 else {
140 warning("%s: symlink too long", p);
5025d845 141 break;
5d5a7a67
BS
142 }
143 } else {
144 /*
5025d845 145 * link is a relative path, so replace the
5d5a7a67
BS
146 * last element of p with it.
147 */
4b25d091 148 char *r = (char *)last_path_elm(p);
5025d845
MH
149 if (r - p + link.len < s)
150 strcpy(r, link.buf);
5d5a7a67
BS
151 else {
152 warning("%s: symlink too long", p);
5025d845 153 break;
5d5a7a67
BS
154 }
155 }
156 }
5025d845 157 strbuf_reset(&link);
5d5a7a67
BS
158 return p;
159}
160
447ff1bf 161/* Make sure errno contains a meaningful value on error */
acd3b9ec 162static int lock_file(struct lock_file *lk, const char *path, int flags)
021b6e45 163{
04e57d4d
MH
164 if (!lock_file_list) {
165 /* One-time initialization */
166 sigchain_push_common(remove_lock_file_on_signal);
167 atexit(remove_lock_file);
168 }
169
707103fd
MH
170 if (lk->active)
171 die("BUG: cannot lock_file(\"%s\") using active struct lock_file",
172 path);
04e57d4d
MH
173 if (!lk->on_list) {
174 /* Initialize *lk and add it to lock_file_list: */
175 lk->fd = -1;
707103fd 176 lk->active = 0;
04e57d4d 177 lk->owner = 0;
cf6950d3 178 strbuf_init(&lk->filename, PATH_MAX);
04e57d4d
MH
179 lk->next = lock_file_list;
180 lock_file_list = lk;
181 lk->on_list = 1;
cf6950d3
MH
182 } else if (lk->filename.len) {
183 /* This shouldn't happen, but better safe than sorry. */
184 die("BUG: lock_file(\"%s\") called with improperly-reset lock_file object",
185 path);
04e57d4d
MH
186 }
187
cf6950d3
MH
188 strbuf_addstr(&lk->filename, path);
189 if (!(flags & LOCK_NODEREF)) {
190 resolve_symlink(lk->filename.buf, lk->filename.alloc);
191 strbuf_setlen(&lk->filename, strlen(lk->filename.buf));
447ff1bf 192 }
cf6950d3
MH
193 strbuf_addstr(&lk->filename, LOCK_SUFFIX);
194 lk->fd = open(lk->filename.buf, O_RDWR | O_CREAT | O_EXCL, 0666);
e31e949b 195 if (lk->fd < 0) {
cf6950d3 196 strbuf_reset(&lk->filename);
e31e949b
MH
197 return -1;
198 }
199 lk->owner = getpid();
707103fd 200 lk->active = 1;
cf6950d3 201 if (adjust_shared_perm(lk->filename.buf)) {
e31e949b 202 int save_errno = errno;
cf6950d3 203 error("cannot fix permission bits on %s", lk->filename.buf);
e31e949b
MH
204 rollback_lock_file(lk);
205 errno = save_errno;
206 return -1;
207 }
4723ee99 208 return lk->fd;
021b6e45
JH
209}
210
6af926e8 211void unable_to_lock_message(const char *path, int err, struct strbuf *buf)
e43a6fd3 212{
bdfd739d 213 if (err == EEXIST) {
6af926e8 214 strbuf_addf(buf, "Unable to create '%s.lock': %s.\n\n"
e43a6fd3
MM
215 "If no other git process is currently running, this probably means a\n"
216 "git process crashed in this repository earlier. Make sure no other git\n"
217 "process is running and remove the file manually to continue.",
e2a57aac 218 absolute_path(path), strerror(err));
1b018fd9 219 } else
6af926e8 220 strbuf_addf(buf, "Unable to create '%s.lock': %s",
e2a57aac 221 absolute_path(path), strerror(err));
1b018fd9
MV
222}
223
224int unable_to_lock_error(const char *path, int err)
225{
6af926e8
RS
226 struct strbuf buf = STRBUF_INIT;
227
228 unable_to_lock_message(path, err, &buf);
229 error("%s", buf.buf);
230 strbuf_release(&buf);
1b018fd9
MV
231 return -1;
232}
233
e197c218 234NORETURN void unable_to_lock_die(const char *path, int err)
1b018fd9 235{
6af926e8
RS
236 struct strbuf buf = STRBUF_INIT;
237
238 unable_to_lock_message(path, err, &buf);
239 die("%s", buf.buf);
e43a6fd3
MM
240}
241
447ff1bf 242/* This should return a meaningful errno on failure */
acd3b9ec 243int hold_lock_file_for_update(struct lock_file *lk, const char *path, int flags)
40aaae88 244{
acd3b9ec
JH
245 int fd = lock_file(lk, path, flags);
246 if (fd < 0 && (flags & LOCK_DIE_ON_ERROR))
e197c218 247 unable_to_lock_die(path, errno);
40aaae88
JH
248 return fd;
249}
250
acd3b9ec 251int hold_lock_file_for_append(struct lock_file *lk, const char *path, int flags)
ea3cd5c7
DB
252{
253 int fd, orig_fd;
254
acd3b9ec 255 fd = lock_file(lk, path, flags);
ea3cd5c7 256 if (fd < 0) {
acd3b9ec 257 if (flags & LOCK_DIE_ON_ERROR)
e197c218 258 unable_to_lock_die(path, errno);
ea3cd5c7
DB
259 return fd;
260 }
261
262 orig_fd = open(path, O_RDONLY);
263 if (orig_fd < 0) {
264 if (errno != ENOENT) {
acd3b9ec 265 if (flags & LOCK_DIE_ON_ERROR)
ea3cd5c7 266 die("cannot open '%s' for copying", path);
ebb8e380 267 rollback_lock_file(lk);
ea3cd5c7
DB
268 return error("cannot open '%s' for copying", path);
269 }
270 } else if (copy_fd(orig_fd, fd)) {
acd3b9ec 271 if (flags & LOCK_DIE_ON_ERROR)
ea3cd5c7 272 exit(128);
ebb8e380 273 rollback_lock_file(lk);
ea3cd5c7
DB
274 return -1;
275 }
276 return fd;
277}
278
d6cf61bf
BC
279int close_lock_file(struct lock_file *lk)
280{
281 int fd = lk->fd;
419f0c0f
MH
282
283 if (fd < 0)
284 return 0;
285
d6cf61bf 286 lk->fd = -1;
8e86c155
MH
287 if (close(fd)) {
288 int save_errno = errno;
289 rollback_lock_file(lk);
290 errno = save_errno;
291 return -1;
292 }
293 return 0;
d6cf61bf
BC
294}
295
93dcaea2
JH
296int reopen_lock_file(struct lock_file *lk)
297{
298 if (0 <= lk->fd)
299 die(_("BUG: reopen a lockfile that is still open"));
707103fd 300 if (!lk->active)
93dcaea2 301 die(_("BUG: reopen a lockfile that has been committed"));
cf6950d3 302 lk->fd = open(lk->filename.buf, O_WRONLY);
93dcaea2
JH
303 return lk->fd;
304}
305
021b6e45
JH
306int commit_lock_file(struct lock_file *lk)
307{
3e88e8fc
MH
308 static struct strbuf result_file = STRBUF_INIT;
309 int err;
4f4713df 310
707103fd 311 if (!lk->active)
8a1c7533
MH
312 die("BUG: attempt to commit unlocked object");
313
419f0c0f 314 if (close_lock_file(lk))
d6cf61bf 315 return -1;
4f4713df 316
4f4713df 317 /* remove ".lock": */
cf6950d3
MH
318 strbuf_add(&result_file, lk->filename.buf,
319 lk->filename.len - LOCK_SUFFIX_LEN);
320 err = rename(lk->filename.buf, result_file.buf);
3e88e8fc
MH
321 strbuf_reset(&result_file);
322 if (err) {
1b1648f4
MH
323 int save_errno = errno;
324 rollback_lock_file(lk);
325 errno = save_errno;
d6cf61bf 326 return -1;
1b1648f4
MH
327 }
328
707103fd 329 lk->active = 0;
cf6950d3 330 strbuf_reset(&lk->filename);
d6cf61bf 331 return 0;
021b6e45
JH
332}
333
30ca07a2
JH
334int hold_locked_index(struct lock_file *lk, int die_on_error)
335{
acd3b9ec
JH
336 return hold_lock_file_for_update(lk, get_index_file(),
337 die_on_error
338 ? LOCK_DIE_ON_ERROR
339 : 0);
30ca07a2
JH
340}
341
021b6e45
JH
342void rollback_lock_file(struct lock_file *lk)
343{
707103fd 344 if (!lk->active)
9085f8e2
MH
345 return;
346
8e86c155 347 if (!close_lock_file(lk)) {
cf6950d3 348 unlink_or_warn(lk->filename.buf);
707103fd 349 lk->active = 0;
cf6950d3 350 strbuf_reset(&lk->filename);
8e86c155 351 }
021b6e45 352}