+# uninterruptible readline
+# retries on EINTR
+sub readline_nointr {
+ my ($fh) = @_;
+ my $line;
+ while (1) {
+ $line = <$fh>;
+ last if defined($line) || ($! != EINTR);
+ }
+ return $line;
+}
+
+my $host_arch;
+sub get_host_arch {
+ $host_arch = (POSIX::uname())[4] if !$host_arch;
+ return $host_arch;
+}
+
+# Devices are: [ (12 bits minor) (12 bits major) (8 bits minor) ]
+sub dev_t_major($) {
+ my ($dev_t) = @_;
+ return (int($dev_t) & 0xfff00) >> 8;
+}
+
+sub dev_t_minor($) {
+ my ($dev_t) = @_;
+ $dev_t = int($dev_t);
+ return (($dev_t >> 12) & 0xfff00) | ($dev_t & 0xff);
+}
+
+# Given an array of array refs [ \[a b c], \[a b b], \[e b a] ]
+# Returns the intersection of elements as a single array [a b]
+sub array_intersect {
+ my ($arrays) = @_;
+
+ if (!ref($arrays->[0])) {
+ $arrays = [ grep { ref($_) eq 'ARRAY' } @_ ];
+ }
+
+ return [] if scalar(@$arrays) == 0;
+ return $arrays->[0] if scalar(@$arrays) == 1;
+
+ my $array_unique = sub {
+ my %seen = ();
+ return grep { ! $seen{ $_ }++ } @_;
+ };
+
+ # base idea is to get all unique members from the first array, then
+ # check the common elements with the next (uniquely made) one, only keep
+ # those. Repeat for every array and at the end we only have those left
+ # which exist in all arrays
+ my $return_arr = [ $array_unique->(@{$arrays->[0]}) ];
+ for my $i (1 .. $#$arrays) {
+ my %count = ();
+ # $return_arr is already unique, explicit at before the loop, implicit below.
+ foreach my $element (@$return_arr, $array_unique->(@{$arrays->[$i]})) {
+ $count{$element}++;
+ }
+ $return_arr = [];
+ foreach my $element (keys %count) {
+ push @$return_arr, $element if $count{$element} > 1;
+ }
+ last if scalar(@$return_arr) == 0; # empty intersection, early exit
+ }
+
+ return $return_arr;
+}
+
+sub open_tree($$$) {
+ my ($dfd, $pathname, $flags) = @_;
+ return PVE::Syscall::file_handle_result(syscall(
+ &PVE::Syscall::open_tree,
+ $dfd,
+ $pathname,
+ $flags,
+ ));
+}
+
+sub move_mount($$$$$) {
+ my ($from_dirfd, $from_pathname, $to_dirfd, $to_pathname, $flags) = @_;
+ return 0 == syscall(
+ &PVE::Syscall::move_mount,
+ $from_dirfd,
+ $from_pathname,
+ $to_dirfd,
+ $to_pathname,
+ $flags,
+ );
+}
+
+sub fsopen($$) {
+ my ($fsname, $flags) = @_;
+ return PVE::Syscall::file_handle_result(syscall(&PVE::Syscall::fsopen, $fsname, $flags));
+}
+
+sub fsmount($$$) {
+ my ($fd, $flags, $mount_attrs) = @_;
+ return PVE::Syscall::file_handle_result(syscall(
+ &PVE::Syscall::fsmount,
+ $fd,
+ $flags,
+ $mount_attrs,
+ ));
+}
+
+sub fspick($$$) {
+ my ($dirfd, $pathname, $flags) = @_;
+ return PVE::Syscall::file_handle_result(syscall(
+ &PVE::Syscall::fspick,
+ $dirfd,
+ $pathname,
+ $flags,
+ ));
+}
+
+sub fsconfig($$$$$) {
+ my ($fd, $command, $key, $value, $aux) = @_;
+ return 0 == syscall(&PVE::Syscall::fsconfig, $fd, $command, $key, $value, $aux);
+}
+
+# "raw" mount, old api, not for generic use (as it does not invoke any helpers).
+# use for lower level stuff such as bind/remount/... or simple tmpfs mounts
+sub mount($$$$$) {
+ my ($source, $target, $filesystemtype, $mountflags, $data) = @_;
+ return 0 == syscall(
+ &PVE::Syscall::mount,
+ $source,
+ $target,
+ $filesystemtype,
+ $mountflags,
+ $data,
+ );
+}
+
+sub safe_compare {
+ my ($left, $right, $cmp) = @_;
+
+ return 0 if !defined($left) && !defined($right);
+ return -1 if !defined($left);
+ return 1 if !defined($right);
+ return $cmp->($left, $right);
+}
+
+
+# opts is a hash ref with the following known properties
+# hash_required - if 1, at least one checksum has to be specified otherwise an error will be thrown
+# http_proxy
+# https_proxy
+# verify_certificates - if 0 (false) we tell wget to ignore untrusted TLS certs. Default to true
+# md5sum|sha(1|224|256|384|512)sum - the respective expected checksum string
+sub download_file_from_url {
+ my ($dest, $url, $opts) = @_;
+
+ my ($checksum_algorithm, $checksum_expected);
+ for ('sha512', 'sha384', 'sha256', 'sha224', 'sha1', 'md5') {
+ if (defined($opts->{"${_}sum"})) {
+ $checksum_algorithm = $_;
+ $checksum_expected = $opts->{"${_}sum"};
+ last;
+ }
+ }
+ die "checksum required but not specified\n" if ($opts->{hash_required} && !$checksum_algorithm);
+
+ print "downloading $url to $dest\n";
+
+ my $tmpdest = "$dest.tmp.$$";
+ eval {
+ if (-f $dest && $checksum_algorithm) {
+ print "calculating checksum of existing file...";
+ my $checksum_got = get_file_hash($checksum_algorithm, $dest);
+
+ if (lc($checksum_got) eq lc($checksum_expected)) {
+ print "OK, got correct file already, no need to download\n";
+ return;
+ } else {
+ # we could re-download, but may not be safe so just abort for now..
+ die "mismatch (got '$checksum_got' != expect '$checksum_expected'), aborting\n";
+ }
+ }
+
+ local $SIG{INT} = sub {
+ unlink $tmpdest or warn "could not cleanup temporary file: $!";
+ die "got interrupted by signal\n";
+ };
+
+ { # limit the scope of the ENV change
+ local %ENV;
+ if ($opts->{http_proxy}) {
+ $ENV{http_proxy} = $opts->{http_proxy};
+ }
+ if ($opts->{https_proxy}) {
+ $ENV{https_proxy} = $opts->{https_proxy};
+ }
+
+ my $cmd = ['wget', '--progress=dot:giga', '-O', $tmpdest, $url];
+
+ if (!($opts->{verify_certificates} // 1)) { # default to true
+ push @$cmd, '--no-check-certificate';
+ }
+
+ run_command($cmd, errmsg => "download failed");
+ }
+
+ if ($checksum_algorithm) {
+ print "calculating checksum...";
+
+ my $checksum_got = get_file_hash($checksum_algorithm, $tmpdest);
+
+ if (lc($checksum_got) eq lc($checksum_expected)) {
+ print "OK, checksum verified\n";
+ } else {
+ die "ERROR, checksum mismatch: got '$checksum_got' != expect '$checksum_expected'\n";
+ }
+ }
+
+ rename($tmpdest, $dest) or die "unable to rename temporary file: $!\n";
+ };
+ if (my $err = $@) {
+ unlink $tmpdest or warn "could not cleanup temporary file: $!";
+ die $err;
+ }
+
+ print "download of '$url' to '$dest' finished\n";
+}
+
+sub get_file_hash {
+ my ($algorithm, $filename) = @_;
+
+ my $algorithm_map = {
+ 'md5' => sub { Digest::MD5->new },
+ 'sha1' => sub { Digest::SHA->new(1) },
+ 'sha224' => sub { Digest::SHA->new(224) },
+ 'sha256' => sub { Digest::SHA->new(256) },
+ 'sha384' => sub { Digest::SHA->new(384) },
+ 'sha512' => sub { Digest::SHA->new(512) },
+ };
+
+ my $digester = $algorithm_map->{$algorithm}->() or die "unknown algorithm '$algorithm'\n";
+
+ open(my $fh, '<', $filename) or die "unable to open '$filename': $!\n";
+ binmode($fh);
+
+ my $digest = $digester->addfile($fh)->hexdigest;
+
+ return lc($digest);
+}
+