xref: /titanic_41/usr/src/uts/common/io/zcons.c (revision 6a1b30f3171ff1867501ed5f85f64f65448299a4)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 
27 /*
28  * Zone Console Driver.
29  *
30  * This driver, derived from the pts/ptm drivers, is the pseudo console driver
31  * for system zones.  Its implementation is straightforward.  Each instance
32  * of the driver represents a global-zone/local-zone pair (this maps in a
33  * straightforward way to the commonly used terminal notion of "master side"
34  * and "slave side", and we use that terminology throughout).
35  *
36  * Instances of zcons are onlined as children of /pseudo/zconsnex@1/
37  * by zoneadmd in userland, using the devctl framework; thus the driver
38  * does not need to maintain any sort of "admin" node.
39  *
40  * The driver shuttles I/O from master side to slave side and back.  In a break
41  * from the pts/ptm semantics, if one side is not open, I/O directed towards
42  * it will simply be discarded.  This is so that if zoneadmd is not holding
43  * the master side console open (i.e. it has died somehow), processes in
44  * the zone do not experience any errors and I/O to the console does not
45  * hang.
46  *
47  * TODO: we may want to revisit the other direction; i.e. we may want
48  * zoneadmd to be able to detect whether no zone processes are holding the
49  * console open, an unusual situation.
50  *
51  *
52  *
53  * MASTER SIDE IOCTLS
54  *
55  * The ZC_HOLDSLAVE and ZC_RELEASESLAVE ioctls instruct the master side of the
56  * console to hold and release a reference to the slave side's vnode.  They are
57  * meant to be issued by zoneadmd after the console device node is created and
58  * before it is destroyed so that the slave's STREAMS anchor, ptem, is
59  * preserved when ttymon starts popping STREAMS modules from within the
60  * associated zone.  This guarantees that the zone console will always have
61  * terminal semantics while the zone is running.
62  *
63  * Here is the issue: the ptem module is anchored in the zone console
64  * (slave side) so that processes within the associated non-global zone will
65  * fail to pop it off, thus ensuring that the slave will retain terminal
66  * semantics.  When a process attempts to pop the anchor off of a stream, the
67  * STREAMS subsystem checks whether the calling process' zone is the same as
68  * that of the process that pushed the anchor onto the stream and cancels the
69  * pop if they differ.  zoneadmd used to hold an open file descriptor for the
70  * slave while the associated non-global zone ran, thus ensuring that the
71  * slave's STREAMS anchor would never be popped from within the non-global zone
72  * (because zoneadmd runs in the global zone).  However, this file descriptor
73  * was removed to make zone console management more robust.  sad(7D) is now
74  * used to automatically set up the slave's STREAMS modules when the zone
75  * console is freshly opened within the associated non-global zone.  However,
76  * when a process within the non-global zone freshly opens the zone console, the
77  * anchor is pushed from within the non-global zone, making it possible for
78  * processes within the non-global zone (e.g., ttymon) to pop the anchor and
79  * destroy the zone console's terminal semantics.
80  *
81  * One solution is to make the zcons device hold the slave open while the
82  * associated non-global zone runs so that the STREAMS anchor will always be
83  * associated with the global zone.  Unfortunately, the slave cannot be opened
84  * from within the zcons driver because the driver is not reentrant: it has
85  * an outer STREAMS perimeter.  Therefore, the next best option is for zcons to
86  * provide an ioctl interface to zoneadmd to manage holding and releasing
87  * the slave side of the console.  It is sufficient to hold the slave side's
88  * vnode and bump the associated snode's reference count to preserve the slave's
89  * STREAMS configuration while the associated zone runs, so that's what the
90  * ioctls do.
91  *
92  *
93  * ZC_HOLDSLAVE
94  *
95  * This ioctl takes a file descriptor as an argument.  It effectively gets a
96  * reference to the slave side's minor node's vnode and bumps the associated
97  * snode's reference count.  The vnode reference is stored in the zcons device
98  * node's soft state.  This ioctl succeeds if the given file descriptor refers
99  * to the slave side's minor node or if there is already a reference to the
100  * slave side's minor node's vnode in the device's soft state.
101  *
102  *
103  * ZC_RELEASESLAVE
104  *
105  * This ioctl takes a file descriptor as an argument.  It effectively releases
106  * the vnode reference stored in the zcons device node's soft state (which was
107  * previously acquired via ZC_HOLDSLAVE) and decrements the reference count of
108  * the snode associated with the vnode.  This ioctl succeeds if the given file
109  * descriptor refers to the slave side's minor node or if no reference to the
110  * slave side's minor node's vnode is stored in the device's soft state.
111  *
112  *
113  * Note that the file descriptor arguments for both ioctls must be cast to
114  * integers of pointer width.
115  *
116  * Here's how the dance between zcons and zoneadmd works:
117  *
118  *     Zone boot:
119  *     1.  While booting the zone, zoneadmd creates an instance of zcons.
120  *     2.  zoneadmd opens the master and slave sides of the new zone console
121  *         and issues the ZC_HOLDSLAVE ioctl on the master side, passing its
122  *         file descriptor for the slave side as the ioctl argument.
123  *     3.  zcons holds the slave side's vnode, bumps the snode's reference
124  *         count, and stores a pointer to the vnode in the device's soft
125  *         state.
126  *     4.  zoneadmd closes the master and slave sides and continues to boot
127  *         the zone.
128  *
129  *     Zone halt:
130  *     1.  While halting the zone, zoneadmd opens the master and slave sides
131  *         of the zone's console and issues the ZC_RELEASESLAVE ioctl on the
132  *         master side, passing its file descriptor for the slave side as the
133  *         ioctl argument.
134  *     2.  zcons decrements the slave side's snode's reference count, releases
135  *         the slave's vnode, and eliminates its reference to the vnode in the
136  *         device's soft state.
137  *     3.  zoneadmd closes the master and slave sides.
138  *     4.  zoneadmd destroys the zcons device and continues to halt the zone.
139  *
140  * It is necessary for zoneadmd to hold the slave open while issuing
141  * ZC_RELEASESLAVE because zcons might otherwise release the last reference to
142  * the slave's vnode.  If it does, then specfs will panic because it will expect
143  * that the STREAMS configuration for the vnode was destroyed, which VN_RELE
144  * doesn't do.  Forcing zoneadmd to hold the slave open guarantees that zcons
145  * won't release the vnode's last reference.  zoneadmd will properly destroy the
146  * vnode and the snode when it closes the file descriptor.
147  *
148  * Technically, any process that can access the master side can issue these
149  * ioctls, but they should be treated as private interfaces for zoneadmd.
150  */
151 
152 #include <sys/types.h>
153 #include <sys/cmn_err.h>
154 #include <sys/conf.h>
155 #include <sys/cred.h>
156 #include <sys/ddi.h>
157 #include <sys/debug.h>
158 #include <sys/devops.h>
159 #include <sys/errno.h>
160 #include <sys/file.h>
161 #include <sys/kstr.h>
162 #include <sys/modctl.h>
163 #include <sys/param.h>
164 #include <sys/stat.h>
165 #include <sys/stream.h>
166 #include <sys/stropts.h>
167 #include <sys/strsun.h>
168 #include <sys/sunddi.h>
169 #include <sys/sysmacros.h>
170 #include <sys/systm.h>
171 #include <sys/types.h>
172 #include <sys/zcons.h>
173 #include <sys/vnode.h>
174 #include <sys/fs/snode.h>
175 #include <sys/zone.h>
176 
177 static int zc_getinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
178 static int zc_attach(dev_info_t *, ddi_attach_cmd_t);
179 static int zc_detach(dev_info_t *, ddi_detach_cmd_t);
180 
181 static int zc_open(queue_t *, dev_t *, int, int, cred_t *);
182 static int zc_close(queue_t *, int, cred_t *);
183 static void zc_wput(queue_t *, mblk_t *);
184 static void zc_rsrv(queue_t *);
185 static void zc_wsrv(queue_t *);
186 
187 /*
188  * The instance number is encoded in the dev_t in the minor number; the lowest
189  * bit of the minor number is used to track the master vs. slave side of the
190  * virtual console.  The rest of the bits in the minor number are the instance.
191  */
192 #define	ZC_MASTER_MINOR		0
193 #define	ZC_SLAVE_MINOR		1
194 
195 #define	ZC_INSTANCE(x)		(getminor((x)) >> 1)
196 #define	ZC_NODE(x)		(getminor((x)) & 0x01)
197 
198 /*
199  * This macro converts a zc_state_t pointer to the associated slave minor node's
200  * dev_t.
201  */
202 #define	ZC_STATE_TO_SLAVEDEV(x)	(makedevice(ddi_driver_major((x)->zc_devinfo), \
203 	(minor_t)(ddi_get_instance((x)->zc_devinfo) << 1 | ZC_SLAVE_MINOR)))
204 
205 int zcons_debug = 0;
206 #define	DBG(a)   if (zcons_debug) cmn_err(CE_NOTE, a)
207 #define	DBG1(a, b)   if (zcons_debug) cmn_err(CE_NOTE, a, b)
208 
209 
210 /*
211  * Zone Console Pseudo Terminal Module: stream data structure definitions
212  */
213 static struct module_info zc_info = {
214 	31337,	/* c0z we r hAx0rs */
215 	"zcons",
216 	0,
217 	INFPSZ,
218 	2048,
219 	128
220 };
221 
222 static struct qinit zc_rinit = {
223 	NULL,
224 	(int (*)()) zc_rsrv,
225 	zc_open,
226 	zc_close,
227 	NULL,
228 	&zc_info,
229 	NULL
230 };
231 
232 static struct qinit zc_winit = {
233 	(int (*)()) zc_wput,
234 	(int (*)()) zc_wsrv,
235 	NULL,
236 	NULL,
237 	NULL,
238 	&zc_info,
239 	NULL
240 };
241 
242 static struct streamtab zc_tab_info = {
243 	&zc_rinit,
244 	&zc_winit,
245 	NULL,
246 	NULL
247 };
248 
249 #define	ZC_CONF_FLAG	(D_MP | D_MTQPAIR | D_MTOUTPERIM | D_MTOCEXCL)
250 
251 /*
252  * this will define (struct cb_ops cb_zc_ops) and (struct dev_ops zc_ops)
253  */
254 DDI_DEFINE_STREAM_OPS(zc_ops, nulldev, nulldev,	zc_attach, zc_detach, nodev, \
255 	zc_getinfo, ZC_CONF_FLAG, &zc_tab_info, ddi_quiesce_not_needed);
256 
257 /*
258  * Module linkage information for the kernel.
259  */
260 
261 static struct modldrv modldrv = {
262 	&mod_driverops, 	/* Type of module (this is a pseudo driver) */
263 	"Zone console driver",	/* description of module */
264 	&zc_ops			/* driver ops */
265 };
266 
267 static struct modlinkage modlinkage = {
268 	MODREV_1,
269 	&modldrv,
270 	NULL
271 };
272 
273 typedef struct zc_state {
274 	dev_info_t *zc_devinfo;
275 	queue_t *zc_master_rdq;
276 	queue_t *zc_slave_rdq;
277 	vnode_t *zc_slave_vnode;
278 	int zc_state;
279 } zc_state_t;
280 
281 #define	ZC_STATE_MOPEN	0x01
282 #define	ZC_STATE_SOPEN	0x02
283 
284 static void *zc_soft_state;
285 
286 /*
287  * List of STREAMS modules that should be pushed onto every slave instance.
288  */
289 static char *zcons_mods[] = {
290 	"ptem",
291 	"ldterm",
292 	"ttcompat",
293 	NULL
294 };
295 
296 int
_init(void)297 _init(void)
298 {
299 	int err;
300 
301 	if ((err = ddi_soft_state_init(&zc_soft_state,
302 	    sizeof (zc_state_t), 0)) != 0) {
303 		return (err);
304 	}
305 
306 	if ((err = mod_install(&modlinkage)) != 0)
307 		ddi_soft_state_fini(zc_soft_state);
308 
309 	return (err);
310 }
311 
312 
313 int
_fini(void)314 _fini(void)
315 {
316 	int err;
317 
318 	if ((err = mod_remove(&modlinkage)) != 0) {
319 		return (err);
320 	}
321 
322 	ddi_soft_state_fini(&zc_soft_state);
323 	return (0);
324 }
325 
326 int
_info(struct modinfo * modinfop)327 _info(struct modinfo *modinfop)
328 {
329 	return (mod_info(&modlinkage, modinfop));
330 }
331 
332 static int
zc_attach(dev_info_t * dip,ddi_attach_cmd_t cmd)333 zc_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
334 {
335 	zc_state_t *zcs;
336 	int instance;
337 
338 	if (cmd != DDI_ATTACH)
339 		return (DDI_FAILURE);
340 
341 	instance = ddi_get_instance(dip);
342 	if (ddi_soft_state_zalloc(zc_soft_state, instance) != DDI_SUCCESS)
343 		return (DDI_FAILURE);
344 
345 	/*
346 	 * Create the master and slave minor nodes.
347 	 */
348 	if ((ddi_create_minor_node(dip, ZCONS_SLAVE_NAME, S_IFCHR,
349 	    instance << 1 | ZC_SLAVE_MINOR, DDI_PSEUDO, 0) == DDI_FAILURE) ||
350 	    (ddi_create_minor_node(dip, ZCONS_MASTER_NAME, S_IFCHR,
351 	    instance << 1 | ZC_MASTER_MINOR, DDI_PSEUDO, 0) == DDI_FAILURE)) {
352 		ddi_remove_minor_node(dip, NULL);
353 		ddi_soft_state_free(zc_soft_state, instance);
354 		return (DDI_FAILURE);
355 	}
356 
357 	VERIFY((zcs = ddi_get_soft_state(zc_soft_state, instance)) != NULL);
358 	zcs->zc_devinfo = dip;
359 	return (DDI_SUCCESS);
360 }
361 
362 static int
zc_detach(dev_info_t * dip,ddi_detach_cmd_t cmd)363 zc_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
364 {
365 	zc_state_t *zcs;
366 	int instance;
367 
368 	if (cmd != DDI_DETACH)
369 		return (DDI_FAILURE);
370 
371 	instance = ddi_get_instance(dip);
372 	if ((zcs = ddi_get_soft_state(zc_soft_state, instance)) == NULL)
373 		return (DDI_FAILURE);
374 
375 	if ((zcs->zc_state & ZC_STATE_MOPEN) ||
376 	    (zcs->zc_state & ZC_STATE_SOPEN)) {
377 		DBG1("zc_detach: device (dip=%p) still open\n", (void *)dip);
378 		return (DDI_FAILURE);
379 	}
380 
381 	ddi_remove_minor_node(dip, NULL);
382 	ddi_soft_state_free(zc_soft_state, instance);
383 
384 	return (DDI_SUCCESS);
385 }
386 
387 /*
388  * zc_getinfo()
389  *	getinfo(9e) entrypoint.
390  */
391 /*ARGSUSED*/
392 static int
zc_getinfo(dev_info_t * dip,ddi_info_cmd_t infocmd,void * arg,void ** result)393 zc_getinfo(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
394 {
395 	zc_state_t *zcs;
396 	int instance = ZC_INSTANCE((dev_t)arg);
397 
398 	switch (infocmd) {
399 	case DDI_INFO_DEVT2DEVINFO:
400 		if ((zcs = ddi_get_soft_state(zc_soft_state, instance)) == NULL)
401 			return (DDI_FAILURE);
402 		*result = zcs->zc_devinfo;
403 		return (DDI_SUCCESS);
404 	case DDI_INFO_DEVT2INSTANCE:
405 		*result = (void *)(uintptr_t)instance;
406 		return (DDI_SUCCESS);
407 	}
408 	return (DDI_FAILURE);
409 }
410 
411 /*
412  * Return the equivalent queue from the other side of the relationship.
413  * e.g.: given the slave's write queue, return the master's write queue.
414  */
415 static queue_t *
zc_switch(queue_t * qp)416 zc_switch(queue_t *qp)
417 {
418 	zc_state_t *zcs = qp->q_ptr;
419 	ASSERT(zcs != NULL);
420 
421 	if (qp == zcs->zc_master_rdq)
422 		return (zcs->zc_slave_rdq);
423 	else if (OTHERQ(qp) == zcs->zc_master_rdq && zcs->zc_slave_rdq != NULL)
424 		return (OTHERQ(zcs->zc_slave_rdq));
425 	else if (qp == zcs->zc_slave_rdq)
426 		return (zcs->zc_master_rdq);
427 	else if (OTHERQ(qp) == zcs->zc_slave_rdq && zcs->zc_master_rdq != NULL)
428 		return (OTHERQ(zcs->zc_master_rdq));
429 	else
430 		return (NULL);
431 }
432 
433 /*
434  * For debugging and outputting messages.  Returns the name of the side of
435  * the relationship associated with this queue.
436  */
437 static const char *
zc_side(queue_t * qp)438 zc_side(queue_t *qp)
439 {
440 	zc_state_t *zcs = qp->q_ptr;
441 	ASSERT(zcs != NULL);
442 
443 	if (qp == zcs->zc_master_rdq ||
444 	    OTHERQ(qp) == zcs->zc_master_rdq) {
445 		return ("master");
446 	}
447 	ASSERT(qp == zcs->zc_slave_rdq || OTHERQ(qp) == zcs->zc_slave_rdq);
448 	return ("slave");
449 }
450 
451 /*ARGSUSED*/
452 static int
zc_master_open(zc_state_t * zcs,queue_t * rqp,dev_t * devp,int oflag,int sflag,cred_t * credp)453 zc_master_open(zc_state_t *zcs,
454     queue_t	*rqp,	/* pointer to the read side queue */
455     dev_t	*devp,	/* pointer to stream tail's dev */
456     int		oflag,	/* the user open(2) supplied flags */
457     int		sflag,	/* open state flag */
458     cred_t	*credp)	/* credentials */
459 {
460 	mblk_t *mop;
461 	struct stroptions *sop;
462 
463 	/*
464 	 * Enforce exclusivity on the master side; the only consumer should
465 	 * be the zoneadmd for the zone.
466 	 */
467 	if ((zcs->zc_state & ZC_STATE_MOPEN) != 0)
468 		return (EBUSY);
469 
470 	if ((mop = allocb(sizeof (struct stroptions), BPRI_MED)) == NULL) {
471 		DBG("zc_master_open(): mop allocation failed\n");
472 		return (ENOMEM);
473 	}
474 
475 	zcs->zc_state |= ZC_STATE_MOPEN;
476 
477 	/*
478 	 * q_ptr stores driver private data; stash the soft state data on both
479 	 * read and write sides of the queue.
480 	 */
481 	WR(rqp)->q_ptr = rqp->q_ptr = zcs;
482 	qprocson(rqp);
483 
484 	/*
485 	 * Following qprocson(), the master side is fully plumbed into the
486 	 * STREAM and may send/receive messages.  Setting zcs->zc_master_rdq
487 	 * will allow the slave to send messages to us (the master).
488 	 * This cannot occur before qprocson() because the master is not
489 	 * ready to process them until that point.
490 	 */
491 	zcs->zc_master_rdq = rqp;
492 
493 	/*
494 	 * set up hi/lo water marks on stream head read queue and add
495 	 * controlling tty as needed.
496 	 */
497 	mop->b_datap->db_type = M_SETOPTS;
498 	mop->b_wptr += sizeof (struct stroptions);
499 	sop = (struct stroptions *)(void *)mop->b_rptr;
500 	if (oflag & FNOCTTY)
501 		sop->so_flags = SO_HIWAT | SO_LOWAT;
502 	else
503 		sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY;
504 	sop->so_hiwat = 512;
505 	sop->so_lowat = 256;
506 	putnext(rqp, mop);
507 
508 	return (0);
509 }
510 
511 /*ARGSUSED*/
512 static int
zc_slave_open(zc_state_t * zcs,queue_t * rqp,dev_t * devp,int oflag,int sflag,cred_t * credp)513 zc_slave_open(zc_state_t *zcs,
514     queue_t	*rqp,	/* pointer to the read side queue */
515     dev_t	*devp,	/* pointer to stream tail's dev */
516     int		oflag,	/* the user open(2) supplied flags */
517     int		sflag,	/* open state flag */
518     cred_t	*credp)	/* credentials */
519 {
520 	mblk_t *mop;
521 	struct stroptions *sop;
522 	major_t major;
523 	minor_t minor;
524 	minor_t lastminor;
525 	uint_t anchorindex;
526 
527 	/*
528 	 * The slave side can be opened as many times as needed.
529 	 */
530 	if ((zcs->zc_state & ZC_STATE_SOPEN) != 0) {
531 		ASSERT((rqp != NULL) && (WR(rqp)->q_ptr == zcs));
532 		return (0);
533 	}
534 
535 	/*
536 	 * Set up sad(7D) so that the necessary STREAMS modules will be in
537 	 * place.  A wrinkle is that 'ptem' must be anchored
538 	 * in place (see streamio(7i)) because we always want the console to
539 	 * have terminal semantics.
540 	 */
541 	minor = ddi_get_instance(zcs->zc_devinfo) << 1 | ZC_SLAVE_MINOR;
542 	major = ddi_driver_major(zcs->zc_devinfo);
543 	lastminor = 0;
544 	anchorindex = 1;
545 	if (kstr_autopush(SET_AUTOPUSH, &major, &minor, &lastminor,
546 	    &anchorindex, zcons_mods) != 0) {
547 		DBG("zc_slave_open(): kstr_autopush() failed\n");
548 		return (EIO);
549 	}
550 
551 	if ((mop = allocb(sizeof (struct stroptions), BPRI_MED)) == NULL) {
552 		DBG("zc_slave_open(): mop allocation failed\n");
553 		return (ENOMEM);
554 	}
555 
556 	zcs->zc_state |= ZC_STATE_SOPEN;
557 
558 	/*
559 	 * q_ptr stores driver private data; stash the soft state data on both
560 	 * read and write sides of the queue.
561 	 */
562 	WR(rqp)->q_ptr = rqp->q_ptr = zcs;
563 
564 	qprocson(rqp);
565 
566 	/*
567 	 * Must follow qprocson(), since we aren't ready to process until then.
568 	 */
569 	zcs->zc_slave_rdq = rqp;
570 
571 	/*
572 	 * set up hi/lo water marks on stream head read queue and add
573 	 * controlling tty as needed.
574 	 */
575 	mop->b_datap->db_type = M_SETOPTS;
576 	mop->b_wptr += sizeof (struct stroptions);
577 	sop = (struct stroptions *)(void *)mop->b_rptr;
578 	sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY;
579 	sop->so_hiwat = 512;
580 	sop->so_lowat = 256;
581 	putnext(rqp, mop);
582 
583 	return (0);
584 }
585 
586 /*
587  * open(9e) entrypoint; checks sflag, and rejects anything unordinary.
588  */
589 static int
zc_open(queue_t * rqp,dev_t * devp,int oflag,int sflag,cred_t * credp)590 zc_open(queue_t *rqp,		/* pointer to the read side queue */
591 	dev_t   *devp,		/* pointer to stream tail's dev */
592 	int	oflag,		/* the user open(2) supplied flags */
593 	int	sflag,		/* open state flag */
594 	cred_t  *credp)		/* credentials */
595 {
596 	int instance = ZC_INSTANCE(*devp);
597 	int ret;
598 	zc_state_t *zcs;
599 
600 	if (sflag != 0)
601 		return (EINVAL);
602 
603 	if ((zcs = ddi_get_soft_state(zc_soft_state, instance)) == NULL)
604 		return (ENXIO);
605 
606 	switch (ZC_NODE(*devp)) {
607 	case ZC_MASTER_MINOR:
608 		ret = zc_master_open(zcs, rqp, devp, oflag, sflag, credp);
609 		break;
610 	case ZC_SLAVE_MINOR:
611 		ret = zc_slave_open(zcs, rqp, devp, oflag, sflag, credp);
612 		break;
613 	default:
614 		ret = ENXIO;
615 		break;
616 	}
617 
618 	return (ret);
619 }
620 
621 /*
622  * close(9e) entrypoint.
623  */
624 /*ARGSUSED1*/
625 static int
zc_close(queue_t * rqp,int flag,cred_t * credp)626 zc_close(queue_t *rqp, int flag, cred_t *credp)
627 {
628 	queue_t *wqp;
629 	mblk_t	*bp;
630 	zc_state_t *zcs;
631 	major_t major;
632 	minor_t minor;
633 
634 	zcs = (zc_state_t *)rqp->q_ptr;
635 
636 	if (rqp == zcs->zc_master_rdq) {
637 		DBG("Closing master side");
638 
639 		zcs->zc_master_rdq = NULL;
640 		zcs->zc_state &= ~ZC_STATE_MOPEN;
641 
642 		/*
643 		 * qenable slave side write queue so that it can flush
644 		 * its messages as master's read queue is going away
645 		 */
646 		if (zcs->zc_slave_rdq != NULL) {
647 			qenable(WR(zcs->zc_slave_rdq));
648 		}
649 
650 		qprocsoff(rqp);
651 		WR(rqp)->q_ptr = rqp->q_ptr = NULL;
652 
653 	} else if (rqp == zcs->zc_slave_rdq) {
654 
655 		DBG("Closing slave side");
656 		zcs->zc_state &= ~ZC_STATE_SOPEN;
657 		zcs->zc_slave_rdq = NULL;
658 
659 		wqp = WR(rqp);
660 		while ((bp = getq(wqp)) != NULL) {
661 			if (zcs->zc_master_rdq != NULL)
662 				putnext(zcs->zc_master_rdq, bp);
663 			else if (bp->b_datap->db_type == M_IOCTL)
664 				miocnak(wqp, bp, 0, 0);
665 			else
666 				freemsg(bp);
667 		}
668 
669 		/*
670 		 * Qenable master side write queue so that it can flush its
671 		 * messages as slaves's read queue is going away.
672 		 */
673 		if (zcs->zc_master_rdq != NULL)
674 			qenable(WR(zcs->zc_master_rdq));
675 
676 		qprocsoff(rqp);
677 		WR(rqp)->q_ptr = rqp->q_ptr = NULL;
678 
679 		/*
680 		 * Clear the sad configuration so that reopening doesn't fail
681 		 * to set up sad configuration.
682 		 */
683 		major = ddi_driver_major(zcs->zc_devinfo);
684 		minor = ddi_get_instance(zcs->zc_devinfo) << 1 | ZC_SLAVE_MINOR;
685 		(void) kstr_autopush(CLR_AUTOPUSH, &major, &minor, NULL, NULL,
686 		    NULL);
687 	}
688 
689 	return (0);
690 }
691 
692 static void
handle_mflush(queue_t * qp,mblk_t * mp)693 handle_mflush(queue_t *qp, mblk_t *mp)
694 {
695 	mblk_t *nmp;
696 	DBG1("M_FLUSH on %s side", zc_side(qp));
697 
698 	if (*mp->b_rptr & FLUSHW) {
699 		DBG1("M_FLUSH, FLUSHW, %s side", zc_side(qp));
700 		flushq(qp, FLUSHDATA);
701 		*mp->b_rptr &= ~FLUSHW;
702 		if ((*mp->b_rptr & FLUSHR) == 0) {
703 			/*
704 			 * FLUSHW only. Change to FLUSHR and putnext other side,
705 			 * then we are done.
706 			 */
707 			*mp->b_rptr |= FLUSHR;
708 			if (zc_switch(RD(qp)) != NULL) {
709 				putnext(zc_switch(RD(qp)), mp);
710 				return;
711 			}
712 		} else if ((zc_switch(RD(qp)) != NULL) &&
713 		    (nmp = copyb(mp)) != NULL) {
714 			/*
715 			 * It is a FLUSHRW; we copy the mblk and send
716 			 * it to the other side, since we still need to use
717 			 * the mblk in FLUSHR processing, below.
718 			 */
719 			putnext(zc_switch(RD(qp)), nmp);
720 		}
721 	}
722 
723 	if (*mp->b_rptr & FLUSHR) {
724 		DBG("qreply(qp) turning FLUSHR around\n");
725 		qreply(qp, mp);
726 		return;
727 	}
728 	freemsg(mp);
729 }
730 
731 /*
732  * wput(9E) is symmetric for master and slave sides, so this handles both
733  * without splitting the codepath.  (The only exception to this is the
734  * processing of zcons ioctls, which is restricted to the master side.)
735  *
736  * zc_wput() looks at the other side; if there is no process holding that
737  * side open, it frees the message.  This prevents processes from hanging
738  * if no one is holding open the console.  Otherwise, it putnext's high
739  * priority messages, putnext's normal messages if possible, and otherwise
740  * enqueues the messages; in the case that something is enqueued, wsrv(9E)
741  * will take care of eventually shuttling I/O to the other side.
742  */
743 static void
zc_wput(queue_t * qp,mblk_t * mp)744 zc_wput(queue_t *qp, mblk_t *mp)
745 {
746 	unsigned char type = mp->b_datap->db_type;
747 	zc_state_t *zcs;
748 	struct iocblk *iocbp;
749 	file_t *slave_filep;
750 	struct snode *slave_snodep;
751 	int slave_fd;
752 
753 	ASSERT(qp->q_ptr);
754 
755 	DBG1("entering zc_wput, %s side", zc_side(qp));
756 
757 	/*
758 	 * Process zcons ioctl messages if qp is the master console's write
759 	 * queue.
760 	 */
761 	zcs = (zc_state_t *)qp->q_ptr;
762 	if (zcs->zc_master_rdq != NULL && qp == WR(zcs->zc_master_rdq) &&
763 	    type == M_IOCTL) {
764 		iocbp = (struct iocblk *)(void *)mp->b_rptr;
765 		switch (iocbp->ioc_cmd) {
766 		case ZC_HOLDSLAVE:
767 			/*
768 			 * Hold the slave's vnode and increment the refcount
769 			 * of the snode.  If the vnode is already held, then
770 			 * indicate success.
771 			 */
772 			if (iocbp->ioc_count != TRANSPARENT) {
773 				miocack(qp, mp, 0, EINVAL);
774 				return;
775 			}
776 			if (zcs->zc_slave_vnode != NULL) {
777 				miocack(qp, mp, 0, 0);
778 				return;
779 			}
780 
781 			/*
782 			 * The process that passed the ioctl must be running in
783 			 * the global zone.
784 			 */
785 			if (curzone != global_zone) {
786 				miocack(qp, mp, 0, EINVAL);
787 				return;
788 			}
789 
790 			/*
791 			 * The calling process must pass a file descriptor for
792 			 * the slave device.
793 			 */
794 			slave_fd =
795 			    (int)(intptr_t)*(caddr_t *)(void *)mp->b_cont->
796 			    b_rptr;
797 			slave_filep = getf(slave_fd);
798 			if (slave_filep == NULL) {
799 				miocack(qp, mp, 0, EINVAL);
800 				return;
801 			}
802 			if (ZC_STATE_TO_SLAVEDEV(zcs) !=
803 			    slave_filep->f_vnode->v_rdev) {
804 				releasef(slave_fd);
805 				miocack(qp, mp, 0, EINVAL);
806 				return;
807 			}
808 
809 			/*
810 			 * Get a reference to the slave's vnode.  Also bump the
811 			 * reference count on the associated snode.
812 			 */
813 			ASSERT(vn_matchops(slave_filep->f_vnode,
814 			    spec_getvnodeops()));
815 			zcs->zc_slave_vnode = slave_filep->f_vnode;
816 			VN_HOLD(zcs->zc_slave_vnode);
817 			slave_snodep = VTOCS(zcs->zc_slave_vnode);
818 			mutex_enter(&slave_snodep->s_lock);
819 			++slave_snodep->s_count;
820 			mutex_exit(&slave_snodep->s_lock);
821 			releasef(slave_fd);
822 			miocack(qp, mp, 0, 0);
823 			return;
824 		case ZC_RELEASESLAVE:
825 			/*
826 			 * Release the master's handle on the slave's vnode.
827 			 * If there isn't a handle for the vnode, then indicate
828 			 * success.
829 			 */
830 			if (iocbp->ioc_count != TRANSPARENT) {
831 				miocack(qp, mp, 0, EINVAL);
832 				return;
833 			}
834 			if (zcs->zc_slave_vnode == NULL) {
835 				miocack(qp, mp, 0, 0);
836 				return;
837 			}
838 
839 			/*
840 			 * The process that passed the ioctl must be running in
841 			 * the global zone.
842 			 */
843 			if (curzone != global_zone) {
844 				miocack(qp, mp, 0, EINVAL);
845 				return;
846 			}
847 
848 			/*
849 			 * The process that passed the ioctl must have provided
850 			 * a file descriptor for the slave device.  Make sure
851 			 * this is correct.
852 			 */
853 			slave_fd =
854 			    (int)(intptr_t)*(caddr_t *)(void *)mp->b_cont->
855 			    b_rptr;
856 			slave_filep = getf(slave_fd);
857 			if (slave_filep == NULL) {
858 				miocack(qp, mp, 0, EINVAL);
859 				return;
860 			}
861 			if (zcs->zc_slave_vnode->v_rdev !=
862 			    slave_filep->f_vnode->v_rdev) {
863 				releasef(slave_fd);
864 				miocack(qp, mp, 0, EINVAL);
865 				return;
866 			}
867 
868 			/*
869 			 * Decrement the snode's reference count and release the
870 			 * vnode.
871 			 */
872 			ASSERT(vn_matchops(slave_filep->f_vnode,
873 			    spec_getvnodeops()));
874 			slave_snodep = VTOCS(zcs->zc_slave_vnode);
875 			mutex_enter(&slave_snodep->s_lock);
876 			--slave_snodep->s_count;
877 			mutex_exit(&slave_snodep->s_lock);
878 			VN_RELE(zcs->zc_slave_vnode);
879 			zcs->zc_slave_vnode = NULL;
880 			releasef(slave_fd);
881 			miocack(qp, mp, 0, 0);
882 			return;
883 		default:
884 			break;
885 		}
886 	}
887 
888 	if (zc_switch(RD(qp)) == NULL) {
889 		DBG1("wput to %s side (no one listening)", zc_side(qp));
890 		switch (type) {
891 		case M_FLUSH:
892 			handle_mflush(qp, mp);
893 			break;
894 		case M_IOCTL:
895 			miocnak(qp, mp, 0, 0);
896 			break;
897 		default:
898 			freemsg(mp);
899 			break;
900 		}
901 		return;
902 	}
903 
904 	if (type >= QPCTL) {
905 		DBG1("(hipri) wput, %s side", zc_side(qp));
906 		switch (type) {
907 		case M_READ:		/* supposedly from ldterm? */
908 			DBG("zc_wput: tossing M_READ\n");
909 			freemsg(mp);
910 			break;
911 		case M_FLUSH:
912 			handle_mflush(qp, mp);
913 			break;
914 		default:
915 			/*
916 			 * Put this to the other side.
917 			 */
918 			ASSERT(zc_switch(RD(qp)) != NULL);
919 			putnext(zc_switch(RD(qp)), mp);
920 			break;
921 		}
922 		DBG1("done (hipri) wput, %s side", zc_side(qp));
923 		return;
924 	}
925 
926 	/*
927 	 * Only putnext if there isn't already something in the queue.
928 	 * otherwise things would wind up out of order.
929 	 */
930 	if (qp->q_first == NULL && bcanputnext(RD(zc_switch(qp)), mp->b_band)) {
931 		DBG("wput: putting message to other side\n");
932 		putnext(RD(zc_switch(qp)), mp);
933 	} else {
934 		DBG("wput: putting msg onto queue\n");
935 		(void) putq(qp, mp);
936 	}
937 	DBG1("done wput, %s side", zc_side(qp));
938 }
939 
940 /*
941  * rsrv(9E) is symmetric for master and slave, so zc_rsrv() handles both
942  * without splitting up the codepath.
943  *
944  * Enable the write side of the partner.  This triggers the partner to send
945  * messages queued on its write side to this queue's read side.
946  */
947 static void
zc_rsrv(queue_t * qp)948 zc_rsrv(queue_t *qp)
949 {
950 	zc_state_t *zcs;
951 	zcs = (zc_state_t *)qp->q_ptr;
952 
953 	/*
954 	 * Care must be taken here, as either of the master or slave side
955 	 * qptr could be NULL.
956 	 */
957 	ASSERT(qp == zcs->zc_master_rdq || qp == zcs->zc_slave_rdq);
958 	if (zc_switch(qp) == NULL) {
959 		DBG("zc_rsrv: other side isn't listening\n");
960 		return;
961 	}
962 	qenable(WR(zc_switch(qp)));
963 }
964 
965 /*
966  * This routine is symmetric for master and slave, so it handles both without
967  * splitting up the codepath.
968  *
969  * If there are messages on this queue that can be sent to the other, send
970  * them via putnext(). Else, if queued messages cannot be sent, leave them
971  * on this queue.
972  */
973 static void
zc_wsrv(queue_t * qp)974 zc_wsrv(queue_t *qp)
975 {
976 	mblk_t *mp;
977 
978 	DBG1("zc_wsrv master (%s) side", zc_side(qp));
979 
980 	/*
981 	 * Partner has no read queue, so take the data, and throw it away.
982 	 */
983 	if (zc_switch(RD(qp)) == NULL) {
984 		DBG("zc_wsrv: other side isn't listening");
985 		while ((mp = getq(qp)) != NULL) {
986 			if (mp->b_datap->db_type == M_IOCTL)
987 				miocnak(qp, mp, 0, 0);
988 			else
989 				freemsg(mp);
990 		}
991 		flushq(qp, FLUSHALL);
992 		return;
993 	}
994 
995 	/*
996 	 * while there are messages on this write queue...
997 	 */
998 	while ((mp = getq(qp)) != NULL) {
999 		/*
1000 		 * Due to the way zc_wput is implemented, we should never
1001 		 * see a control message here.
1002 		 */
1003 		ASSERT(mp->b_datap->db_type < QPCTL);
1004 
1005 		if (bcanputnext(RD(zc_switch(qp)), mp->b_band)) {
1006 			DBG("wsrv: send message to other side\n");
1007 			putnext(RD(zc_switch(qp)), mp);
1008 		} else {
1009 			DBG("wsrv: putting msg back on queue\n");
1010 			(void) putbq(qp, mp);
1011 			break;
1012 		}
1013 	}
1014 }
1015