2024-09-22 00:29:36 +09:00
|
|
|
package state
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/gob"
|
|
|
|
"errors"
|
2024-12-19 21:36:17 +09:00
|
|
|
"fmt"
|
2024-09-22 00:29:36 +09:00
|
|
|
"io/fs"
|
|
|
|
"os"
|
|
|
|
"path"
|
|
|
|
"strconv"
|
|
|
|
"sync"
|
|
|
|
"syscall"
|
2024-12-19 21:36:17 +09:00
|
|
|
|
2024-12-20 00:20:02 +09:00
|
|
|
"git.gensokyo.uk/security/fortify/fst"
|
|
|
|
"git.gensokyo.uk/security/fortify/internal/fmsg"
|
2024-09-22 00:29:36 +09:00
|
|
|
)
|
|
|
|
|
2024-12-19 11:48:48 +09:00
|
|
|
// fine-grained locking and access
|
|
|
|
type multiStore struct {
|
2024-12-19 21:36:17 +09:00
|
|
|
base string
|
2024-09-22 00:29:36 +09:00
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
// initialised backends
|
|
|
|
backends *sync.Map
|
2024-09-22 00:29:36 +09:00
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
lock sync.RWMutex
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (s *multiStore) Do(aid int, f func(c Cursor)) (bool, error) {
|
|
|
|
s.lock.RLock()
|
|
|
|
defer s.lock.RUnlock()
|
2024-09-22 00:29:36 +09:00
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
// load or initialise new backend
|
|
|
|
b := new(multiBackend)
|
|
|
|
if v, ok := s.backends.LoadOrStore(aid, b); ok {
|
|
|
|
b = v.(*multiBackend)
|
|
|
|
} else {
|
|
|
|
b.lock.Lock()
|
|
|
|
b.path = path.Join(s.base, strconv.Itoa(aid))
|
|
|
|
|
|
|
|
// ensure directory
|
|
|
|
if err := os.MkdirAll(b.path, 0700); err != nil && !errors.Is(err, fs.ErrExist) {
|
|
|
|
s.backends.CompareAndDelete(aid, b)
|
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// open locker file
|
|
|
|
if l, err := os.OpenFile(b.path+".lock", os.O_RDWR|os.O_CREATE, 0600); err != nil {
|
|
|
|
s.backends.CompareAndDelete(aid, b)
|
|
|
|
return false, err
|
|
|
|
} else {
|
|
|
|
b.lockfile = l
|
|
|
|
}
|
|
|
|
b.lock.Unlock()
|
|
|
|
}
|
2024-09-22 00:29:36 +09:00
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
// lock backend
|
|
|
|
if err := b.lockFile(); err != nil {
|
2024-09-22 00:29:36 +09:00
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
// expose backend methods without exporting the pointer
|
|
|
|
c := new(struct{ *multiBackend })
|
|
|
|
c.multiBackend = b
|
2024-09-22 00:29:36 +09:00
|
|
|
f(b)
|
2024-12-19 21:36:17 +09:00
|
|
|
// disable access to the backend on a best-effort basis
|
|
|
|
c.multiBackend = nil
|
|
|
|
|
|
|
|
// unlock backend
|
|
|
|
return true, b.unlockFile()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *multiStore) List() ([]int, error) {
|
|
|
|
var entries []os.DirEntry
|
|
|
|
|
|
|
|
// read base directory to get all aids
|
|
|
|
if v, err := os.ReadDir(s.base); err != nil && !errors.Is(err, os.ErrNotExist) {
|
|
|
|
return nil, err
|
|
|
|
} else {
|
|
|
|
entries = v
|
|
|
|
}
|
|
|
|
|
|
|
|
aidsBuf := make([]int, 0, len(entries))
|
|
|
|
for _, e := range entries {
|
|
|
|
// skip non-directories
|
|
|
|
if !e.IsDir() {
|
|
|
|
fmsg.VPrintf("skipped non-directory entry %q", e.Name())
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
// skip non-numerical names
|
|
|
|
if v, err := strconv.Atoi(e.Name()); err != nil {
|
|
|
|
fmsg.VPrintf("skipped non-aid entry %q", e.Name())
|
|
|
|
continue
|
|
|
|
} else {
|
|
|
|
if v < 0 || v > 9999 {
|
|
|
|
fmsg.VPrintf("skipped out of bounds entry %q", e.Name())
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
aidsBuf = append(aidsBuf, v)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return append([]int(nil), aidsBuf...), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *multiStore) Close() error {
|
|
|
|
s.lock.Lock()
|
|
|
|
defer s.lock.Unlock()
|
|
|
|
|
|
|
|
var errs []error
|
|
|
|
s.backends.Range(func(_, value any) bool {
|
|
|
|
b := value.(*multiBackend)
|
|
|
|
errs = append(errs, b.close())
|
|
|
|
return true
|
|
|
|
})
|
|
|
|
|
|
|
|
return errors.Join(errs...)
|
|
|
|
}
|
|
|
|
|
|
|
|
type multiBackend struct {
|
|
|
|
path string
|
|
|
|
|
|
|
|
// created/opened by prepare
|
|
|
|
lockfile *os.File
|
|
|
|
|
|
|
|
lock sync.RWMutex
|
|
|
|
}
|
2024-09-22 00:29:36 +09:00
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) filename(id *fst.ID) string {
|
|
|
|
return path.Join(b.path, id.String())
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) lockFileAct(lt int) (err error) {
|
2024-09-22 00:29:36 +09:00
|
|
|
op := "LockAct"
|
|
|
|
switch lt {
|
|
|
|
case syscall.LOCK_EX:
|
|
|
|
op = "Lock"
|
|
|
|
case syscall.LOCK_UN:
|
|
|
|
op = "Unlock"
|
|
|
|
}
|
|
|
|
|
|
|
|
for {
|
2024-12-19 21:36:17 +09:00
|
|
|
err = syscall.Flock(int(b.lockfile.Fd()), lt)
|
2024-09-22 00:29:36 +09:00
|
|
|
if !errors.Is(err, syscall.EINTR) {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
return &fs.PathError{
|
|
|
|
Op: op,
|
2024-12-19 21:36:17 +09:00
|
|
|
Path: b.lockfile.Name(),
|
2024-09-22 00:29:36 +09:00
|
|
|
Err: err,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) lockFile() error {
|
|
|
|
return b.lockFileAct(syscall.LOCK_EX)
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) unlockFile() error {
|
|
|
|
return b.lockFileAct(syscall.LOCK_UN)
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
// reads all launchers in simpleBackend
|
|
|
|
// file contents are ignored if decode is false
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) load(decode bool) (Entries, error) {
|
2024-09-22 00:29:36 +09:00
|
|
|
b.lock.RLock()
|
|
|
|
defer b.lock.RUnlock()
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
// read directory contents, should only contain files named after ids
|
|
|
|
var entries []os.DirEntry
|
2024-09-22 00:29:36 +09:00
|
|
|
if pl, err := os.ReadDir(b.path); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else {
|
2024-12-19 21:36:17 +09:00
|
|
|
entries = pl
|
|
|
|
}
|
|
|
|
|
|
|
|
// allocate as if every entry is valid
|
|
|
|
// since that should be the case assuming no external interference happens
|
|
|
|
r := make(Entries, len(entries))
|
|
|
|
|
|
|
|
for _, e := range entries {
|
|
|
|
if e.IsDir() {
|
|
|
|
return nil, fmt.Errorf("unexpected directory %q in store", e.Name())
|
|
|
|
}
|
|
|
|
|
|
|
|
id := new(fst.ID)
|
|
|
|
if err := fst.ParseAppID(id, e.Name()); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// run in a function to better handle file closing
|
|
|
|
if err := func() error {
|
|
|
|
// open state file for reading
|
|
|
|
if f, err := os.Open(path.Join(b.path, e.Name())); err != nil {
|
|
|
|
return err
|
|
|
|
} else {
|
|
|
|
defer func() {
|
|
|
|
if f.Close() != nil {
|
|
|
|
// unreachable
|
|
|
|
panic("foreign state file closed prematurely")
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
s := new(State)
|
|
|
|
r[*id] = s
|
|
|
|
|
|
|
|
// append regardless, but only parse if required, used to implement Len
|
|
|
|
if decode {
|
|
|
|
if err = gob.NewDecoder(f).Decode(s); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if s.ID != *id {
|
|
|
|
return fmt.Errorf("state entry %s has unexpected id %s", id, &s.ID)
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
}
|
2024-12-19 21:36:17 +09:00
|
|
|
|
|
|
|
return nil
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
2024-12-19 21:36:17 +09:00
|
|
|
}(); err != nil {
|
|
|
|
return nil, err
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return r, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Save writes process state to filesystem
|
2024-12-19 11:48:48 +09:00
|
|
|
func (b *multiBackend) Save(state *State) error {
|
2024-09-22 00:29:36 +09:00
|
|
|
b.lock.Lock()
|
|
|
|
defer b.lock.Unlock()
|
|
|
|
|
2024-12-18 13:45:55 +09:00
|
|
|
if state.Config == nil {
|
|
|
|
return errors.New("state does not contain config")
|
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
statePath := b.filename(&state.ID)
|
2024-09-22 00:29:36 +09:00
|
|
|
|
|
|
|
// create and open state data file
|
|
|
|
if f, err := os.OpenFile(statePath, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0600); err != nil {
|
|
|
|
return err
|
|
|
|
} else {
|
|
|
|
defer func() {
|
|
|
|
if f.Close() != nil {
|
|
|
|
// unreachable
|
|
|
|
panic("state file closed prematurely")
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
// encode into state file
|
|
|
|
return gob.NewEncoder(f).Encode(state)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) Destroy(id fst.ID) error {
|
2024-09-22 00:29:36 +09:00
|
|
|
b.lock.Lock()
|
|
|
|
defer b.lock.Unlock()
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
return os.Remove(b.filename(&id))
|
2024-09-22 00:29:36 +09:00
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) Load() (Entries, error) {
|
2024-09-22 00:29:36 +09:00
|
|
|
return b.load(true)
|
|
|
|
}
|
|
|
|
|
2024-12-19 11:48:48 +09:00
|
|
|
func (b *multiBackend) Len() (int, error) {
|
2024-09-22 00:29:36 +09:00
|
|
|
// rn consists of only nil entries but has the correct length
|
|
|
|
rn, err := b.load(false)
|
|
|
|
return len(rn), err
|
|
|
|
}
|
|
|
|
|
2024-12-19 21:36:17 +09:00
|
|
|
func (b *multiBackend) close() error {
|
|
|
|
b.lock.Lock()
|
|
|
|
defer b.lock.Unlock()
|
|
|
|
|
|
|
|
err := b.lockfile.Close()
|
|
|
|
if err == nil || errors.Is(err, os.ErrInvalid) || errors.Is(err, os.ErrClosed) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewMulti returns an instance of the multi-file store.
|
|
|
|
func NewMulti(runDir string) Store {
|
2024-12-19 11:48:48 +09:00
|
|
|
b := new(multiStore)
|
2024-12-19 21:36:17 +09:00
|
|
|
b.base = path.Join(runDir, "state")
|
|
|
|
b.backends = new(sync.Map)
|
2024-09-22 00:29:36 +09:00
|
|
|
return b
|
|
|
|
}
|