replace tar (cli) with code-only packing

Signed-off-by: Aleksandr Stefurishin <[email protected]>

go.mod

@@ -96,6 +96,7 @@ require (
 	go.uber.org/zap v1.19.0 // indirect
 	golang.org/x/crypto v0.30.0 // indirect
 	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
+	golang.org/x/mod v0.22.0
 	golang.org/x/oauth2 v0.23.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect

go.sum

@@ -451,6 +451,8 @@ golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
+golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=

pkg/nfs/controllerserver.go

@@ -404,10 +404,11 @@ func (cs *ControllerServer) CreateSnapshot(ctx context.Context, req *csi.CreateS
 
 	srcPath := getInternalVolumePath(cs.Driver.workingMountDir, srcVol)
 	dstPath := filepath.Join(snapInternalVolPath, snapshot.archiveName())
+
 	klog.V(2).Infof("tar %v -> %v", srcPath, dstPath)
-	out, err := exec.Command("tar", "-C", srcPath, "-czvf", dstPath, ".").CombinedOutput()
+	err = TarPack(srcPath, dstPath, true)
 	if err != nil {
-		return nil, status.Errorf(codes.Internal, "failed to create archive for snapshot: %v: %v", err, string(out))
+		return nil, status.Errorf(codes.Internal, "failed to create archive for snapshot: %v", err)
 	}
 	klog.V(2).Infof("tar %s -> %s complete", srcPath, dstPath)
 
@@ -571,9 +572,10 @@ func (cs *ControllerServer) copyFromSnapshot(ctx context.Context, req *csi.Creat
 	snapPath := filepath.Join(getInternalVolumePath(cs.Driver.workingMountDir, snapVol), snap.archiveName())
 	dstPath := getInternalVolumePath(cs.Driver.workingMountDir, dstVol)
 	klog.V(2).Infof("copy volume from snapshot %v -> %v", snapPath, dstPath)
-	out, err := exec.Command("tar", "-xzvf", snapPath, "-C", dstPath).CombinedOutput()
+
+	err = TarUnpack(snapPath, dstPath, true)
 	if err != nil {
-		return status.Errorf(codes.Internal, "failed to copy volume for snapshot: %v: %v", err, string(out))
+		return status.Errorf(codes.Internal, "failed to copy volume for snapshot: %v", err)
 	}
 	klog.V(2).Infof("volume copied from snapshot %v -> %v", snapPath, dstPath)
 	return nil

pkg/nfs/tar.go

@@ -0,0 +1,240 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package nfs
+
+import (
+	"archive/tar"
+	"compress/gzip"
+	"errors"
+	"fmt"
+	"io"
+	"io/fs"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+func TarPack(srcDirPath string, dstPath string, enableCompression bool) error {
+	// normalize all paths to be absolute and clean
+	dstPath, err := filepath.Abs(dstPath)
+	if err != nil {
+		return fmt.Errorf("normalizing destination path: %w", err)
+	}
+
+	srcDirPath, err = filepath.Abs(srcDirPath)
+	if err != nil {
+		return fmt.Errorf("normalizing source path: %w", err)
+	}
+
+	if strings.HasPrefix(filepath.Dir(dstPath), srcDirPath) {
+		return fmt.Errorf("destination file %s cannot be under source directory %s", dstPath, srcDirPath)
+	}
+
+	tarFile, err := os.Create(dstPath)
+	if err != nil {
+		return fmt.Errorf("creating destination file: %w", err)
+	}
+	defer func() {
+		err = errors.Join(err, closeAndWrapErr(tarFile, "closing destination file %s: %w", dstPath))
+	}()
+
+	var tarDst io.Writer = tarFile
+	if enableCompression {
+		gzipWriter := gzip.NewWriter(tarFile)
+		defer func() {
+			err = errors.Join(err, closeAndWrapErr(gzipWriter, "closing gzip writer"))
+		}()
+		tarDst = gzipWriter
+	}
+
+	tarWriter := tar.NewWriter(tarDst)
+	defer func() {
+		err = errors.Join(err, closeAndWrapErr(tarWriter, "closing tar writer"))
+	}()
+
+	// recursively visit every file and write it
+	if err = filepath.Walk(
+		srcDirPath,
+		func(srcSubPath string, fileInfo fs.FileInfo, walkErr error) error {
+			return tarVisitFileToPack(tarWriter, srcDirPath, srcSubPath, fileInfo, walkErr)
+		},
+	); err != nil {
+		return fmt.Errorf("walking source directory: %w", err)
+	}
+
+	return nil
+}
+
+func tarVisitFileToPack(
+	tarWriter *tar.Writer,
+	srcPath string,
+	srcSubPath string,
+	fileInfo os.FileInfo,
+	walkErr error,
+) (err error) {
+	if walkErr != nil {
+		return walkErr
+	}
+
+	linkTarget := ""
+	if fileInfo.Mode()&fs.ModeSymlink != 0 {
+		linkTarget, err = os.Readlink(srcSubPath)
+		if err != nil {
+			return fmt.Errorf("reading link %s: %w", srcSubPath, err)
+		}
+	}
+
+	tarHeader, err := tar.FileInfoHeader(fileInfo, linkTarget)
+	if err != nil {
+		return fmt.Errorf("creating tar header for %s: %w", srcSubPath, err)
+	}
+
+	// srcSubPath always starts with srcPath and both are absolute
+	tarHeader.Name, err = filepath.Rel(srcPath, srcSubPath)
+	if err != nil {
+		return fmt.Errorf("making tar header name for file %s: %w", srcSubPath, err)
+	}
+
+	if err = tarWriter.WriteHeader(tarHeader); err != nil {
+		return fmt.Errorf("writing tar header for file %s: %w", srcSubPath, err)
+	}
+
+	if !fileInfo.Mode().IsRegular() {
+		return nil
+	}
+
+	srcFile, err := os.Open(srcSubPath)
+	if err != nil {
+		return fmt.Errorf("opening file being packed %s: %w", srcSubPath, err)
+	}
+	defer func() {
+		err = errors.Join(err, closeAndWrapErr(srcFile, "closing file being packed %s: %w", srcSubPath))
+	}()
+	_, err = io.Copy(tarWriter, srcFile)
+	if err != nil {
+		return fmt.Errorf("packing file %s: %w", srcSubPath, err)
+	}
+	return nil
+}
+
+func TarUnpack(srcPath, dstDirPath string, enableCompression bool) (err error) {
+	// normalize all paths to be absolute and clean
+	srcPath, err = filepath.Abs(srcPath)
+	if err != nil {
+		return fmt.Errorf("normalizing archive path: %w", err)
+	}
+
+	dstDirPath, err = filepath.Abs(dstDirPath)
+	if err != nil {
+		return fmt.Errorf("normalizing archive destination path: %w", err)
+	}
+
+	tarFile, err := os.Open(srcPath)
+	if err != nil {
+		return fmt.Errorf("opening archive %s: %w", srcPath, err)
+	}
+	defer func() {
+		err = errors.Join(err, closeAndWrapErr(tarFile, "closing archive %s: %w", srcPath))
+	}()
+
+	var tarDst io.Reader = tarFile
+	if enableCompression {
+		var gzipReader *gzip.Reader
+		gzipReader, err = gzip.NewReader(tarFile)
+		if err != nil {
+			return fmt.Errorf("creating gzip reader: %w", err)
+		}
+		defer func() {
+			err = errors.Join(err, closeAndWrapErr(gzipReader, "closing gzip reader: %w"))
+		}()
+
+		tarDst = gzipReader
+	}
+
+	tarReader := tar.NewReader(tarDst)
+
+	for {
+		var tarHeader *tar.Header
+		tarHeader, err = tarReader.Next()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			return fmt.Errorf("reading tar header of %s: %w", srcPath, err)
+		}
+
+		fileInfo := tarHeader.FileInfo()
+
+		filePath := filepath.Join(dstDirPath, tarHeader.Name)
+
+		// protect against "Zip Slip"
+		if !strings.HasPrefix(filePath, dstDirPath) {
+			// mimic standard error, which will be returned in future versions of Go by default
+			// more info can be found by "tarinsecurepath" variable name
+			return tar.ErrInsecurePath
+		}
+
+		fileDirPath := filePath
+		if !fileInfo.Mode().IsDir() {
+			fileDirPath = filepath.Dir(fileDirPath)
+		}
+
+		if err = os.MkdirAll(fileDirPath, 0755); err != nil {
+			return fmt.Errorf("making dirs for path %s: %w", fileDirPath, err)
+		}
+
+		if fileInfo.Mode().IsDir() {
+			continue
+		}
+
+		err = tarUnpackFile(filePath, tarReader, fileInfo)
+		if err != nil {
+			return fmt.Errorf("unpacking archive %s: %w", filePath, err)
+		}
+	}
+	return nil
+}
+
+func tarUnpackFile(dstFileName string, src io.Reader, srcFileInfo fs.FileInfo) (err error) {
+	var dstFile *os.File
+	dstFile, err = os.OpenFile(dstFileName, os.O_RDWR|os.O_CREATE|os.O_TRUNC, srcFileInfo.Mode().Perm())
+	if err != nil {
+		return fmt.Errorf("opening destination file %s: %w", dstFileName, err)
+	}
+	defer func() {
+		err = errors.Join(err, closeAndWrapErr(dstFile, "closing destination file %s: %w", dstFile))
+	}()
+
+	n, err := io.Copy(dstFile, src)
+	if err != nil {
+		return fmt.Errorf("copying to destination file %s: %w", dstFileName, err)
+	}
+
+	if srcFileInfo.Mode().IsRegular() && n != srcFileInfo.Size() {
+		return fmt.Errorf("written size check failed for %s: wrote %d, want %d", dstFileName, n, srcFileInfo.Size())
+	}
+
+	return nil
+}
+
+func closeAndWrapErr(closer io.Closer, errFormat string, a ...any) error {
+	if err := closer.Close(); err != nil {
+		a = append(a, err)
+		return fmt.Errorf(errFormat, a...)
+	}
+	return nil
+}