repart: respect SOURCE_DATE_EPOCH on mkdir_p_root

This let's systemd-repart respect the `SOURCE_DATE_EPOCH` environment variable when creating directories in the local tree through `CopyFiles` or `MakeDirectories`. To do this, we pass a timestamp `ts` to `mkdir_p_root`, which it will use to fix up `mtime` and `atime` of the directory it creates as well as the `mtime` of the directory it creates the other directory *in*, as the `mtime` of the latter is modified when creating a directory in it. For the same reason, it also needs to fixup the `mtime` of the upper directory when copying a file into it through `CopyFiles`. If `SOURCE_DATE_EPOCH`, times are left as is. (`UTIME_OMIT`)
systemd · Apr 26, 2024 · 3abe5a8 · 3abe5a8
1 parent 469fdfb
commit 3abe5a8
Show file tree

Hide file tree

Showing 4 changed files with 64 additions and 9 deletions.
diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
@@ -5,6 +5,7 @@
 #include <string.h>
 
 #include "alloc-util.h"
+#include "bits/time.h"
 #include "btrfs.h"
 #include "chase.h"
 #include "fd-util.h"
@@ -205,6 +206,10 @@ int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, g
 }
 
 int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m, char **subvolumes) {
+       return mkdir_p_root_full(root, p, uid, gid, m, subvolumes, now(CLOCK_REALTIME));
+}
+
+int mkdir_p_root_full(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m, char **subvolumes, usec_t ts) {
         _cleanup_free_ char *pp = NULL, *bn = NULL;
         _cleanup_close_ int dfd = -EBADF;
         int r;
@@ -222,7 +227,7 @@ int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m
                 return r;
         else {
                 /* Extracting the parent dir worked, hence we aren't top-level? Recurse up first. */
-                r = mkdir_p_root(root, pp, uid, gid, m, subvolumes);
+                r = mkdir_p_root_full(root, pp, uid, gid, m, subvolumes, ts);
                 if (r < 0)
                         return r;
 
@@ -248,13 +253,19 @@ int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m
                 return r;
         }
 
-        if (uid_is_valid(uid) || gid_is_valid(gid)) {
-                _cleanup_close_ int nfd = -EBADF;
+        _cleanup_close_ int nfd = -EBADF;
 
-                nfd = openat(dfd, bn, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
-                if (nfd < 0)
-                        return -errno;
+        if (futimens(dfd, (const struct timespec[2]){ { .tv_nsec = UTIME_OMIT }, { .tv_nsec = ts } }) < 0)
+                return -errno;
 
+        nfd = openat(dfd, bn, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
+        if (nfd < 0)
+                return -errno;
+
+        if (futimens(nfd, (const struct timespec[2]){ { .tv_nsec = ts }, { .tv_nsec = ts } }) < 0)
+                return -errno;
+
+        if (uid_is_valid(uid) || gid_is_valid(gid)) {
                 if (fchown(nfd, uid, gid) < 0)
                         return -errno;
         }

diff --git a/src/basic/mkdir.h b/src/basic/mkdir.h
@@ -4,6 +4,8 @@
 #include <fcntl.h>
 #include <sys/types.h>
 
+#include "time-util.h"
+
 typedef enum MkdirFlags {
         MKDIR_FOLLOW_SYMLINK  = 1 << 0,
         MKDIR_IGNORE_EXISTING = 1 << 1,  /* Quietly accept a preexisting directory (or file) */
@@ -24,6 +26,7 @@ int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t
 int mkdir_p(const char *path, mode_t mode);
 int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags);
 int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m, char **subvolumes);
+int mkdir_p_root_full(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m, char **subvolumes, usec_t ts);
 
 /* The following are used to implement the mkdir_xyz_label() calls, don't use otherwise. */
 typedef int (*mkdirat_func_t)(int dir_fd, const char *pathname, mode_t mode);

diff --git a/src/partition/repart.c b/src/partition/repart.c
@@ -4775,6 +4775,18 @@ static int make_subvolumes_set(
         return 0;
 }
 
+static usec_t epoch_or_utime_omit(void) {
+        uint64_t epoch;
+
+        if (secure_getenv_uint64("SOURCE_DATE_EPOCH", &epoch) >= 0) {
+                if (epoch > UINT64_MAX / USEC_PER_SEC) /* Overflow check */
+                        return USEC_INFINITY;
+                return (usec_t) epoch * USEC_PER_SEC;
+        }
+
+        return (usec_t) UTIME_OMIT;
+}
+
 static int do_copy_files(Context *context, Partition *p, const char *root) {
         int r;
 
@@ -4848,7 +4860,7 @@ static int do_copy_files(Context *context, Partition *p, const char *root) {
                                 if (r < 0)
                                         return log_error_errno(r, "Failed to extract directory from '%s': %m", *target);
 
-                                r = mkdir_p_root(root, dn, UID_INVALID, GID_INVALID, 0755, p->subvolumes);
+                                r = mkdir_p_root_full(root, dn, UID_INVALID, GID_INVALID, 0755, p->subvolumes, epoch_or_utime_omit());
                                 if (r < 0)
                                         return log_error_errno(r, "Failed to create parent directory '%s': %m", dn);
 
@@ -4888,7 +4900,7 @@ static int do_copy_files(Context *context, Partition *p, const char *root) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to extract directory from '%s': %m", *target);
 
-                        r = mkdir_p_root(root, dn, UID_INVALID, GID_INVALID, 0755, p->subvolumes);
+                        r = mkdir_p_root_full(root, dn, UID_INVALID, GID_INVALID, 0755, p->subvolumes, epoch_or_utime_omit());
                         if (r < 0)
                                 return log_error_errno(r, "Failed to create parent directory: %m");
 
@@ -4907,6 +4919,10 @@ static int do_copy_files(Context *context, Partition *p, const char *root) {
                         (void) copy_xattr(sfd, NULL, tfd, NULL, COPY_ALL_XATTRS);
                         (void) copy_access(sfd, tfd);
                         (void) copy_times(sfd, tfd, 0);
+
+                        usec_t ts = epoch_or_utime_omit();
+                        if (futimens(pfd, (const struct timespec[2]){ { .tv_nsec = UTIME_OMIT }, { .tv_nsec = ts } }) <0)
+                                return -errno;
                 }
         }
 
@@ -4920,7 +4936,7 @@ static int do_make_directories(Partition *p, const char *root) {
         assert(root);
 
         STRV_FOREACH(d, p->make_directories) {
-                r = mkdir_p_root(root, *d, UID_INVALID, GID_INVALID, 0755, p->subvolumes);
+                r = mkdir_p_root_full(root, *d, UID_INVALID, GID_INVALID, 0755, p->subvolumes, epoch_or_utime_omit());
                 if (r < 0)
                         return log_error_errno(r, "Failed to create directory '%s' in file system: %m", *d);
         }

diff --git a/src/test/test-mkdir.c b/src/test/test-mkdir.c
@@ -138,4 +138,29 @@ TEST(mkdir_p_root) {
         */
 }
 
+TEST(mkdir_p_root_full) {
+        _cleanup_(rm_rf_physical_and_freep) char *tmp = NULL;
+        _cleanup_free_ char *p = NULL;
+        struct stat st;
+
+        p = mfree(p);
+        assert_se(p = path_join(tmp, "foo"));
+        assert_se(mkdir_p_root_full(tmp, "/foo", UID_INVALID, GID_INVALID, 0755, NULL, 1234) >= 0);
+        assert_se(is_dir(p, false) > 0);
+        assert_se(is_dir(p, true) > 0);
+        assert_se(stat(p, &st) >= 0);
+        assert_se(st.st_mtim.tv_nsec == 1234);
+        assert_se(st.st_atim.tv_nsec == 1234);
+
+        p = mfree(p);
+        assert_se(p = path_join(tmp, "dir-not-exists/foo"));
+        assert_se(mkdir_p_root_full(tmp, "/dir-not-exists/foo", UID_INVALID, GID_INVALID, 0755, NULL, 5678) >= 0);
+        assert_se(is_dir(p, false) > 0);
+        assert_se(is_dir(p, true) > 0);
+        assert_se(p = path_join(tmp, "dir-not-exists"));
+        assert_se(stat(p, &st) >= 0);
+        assert_se(st.st_mtim.tv_nsec == 5678);
+        assert_se(st.st_atim.tv_nsec == 5678);
+}
+
 DEFINE_TEST_MAIN(LOG_DEBUG);