xref: /titanic_52/usr/src/cmd/halt/halt.c (revision f7477fcef68c32ae48626ba7dcca2c06f21d62d9)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2016 Toomas Soome <tsoome@me.com>
23  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 /*
27  * Copyright (c) 2013, Joyent, Inc. All rights reserved.
28  * Copyright (c) 2015 by Delphix. All rights reserved.
29  */
30 
31 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
32 /*	  All Rights Reserved	*/
33 
34 /*
35  * University Copyright- Copyright (c) 1982, 1986, 1988
36  * The Regents of the University of California
37  * All Rights Reserved
38  *
39  * University Acknowledgment- Portions of this document are derived from
40  * software developed by the University of California, Berkeley, and its
41  * contributors.
42  * Portions contributed by Juergen Keil, <jk@tools.de>.
43  */
44 
45 
46 /*
47  * Common code for halt(1M), poweroff(1M), and reboot(1M).  We use
48  * argv[0] to determine which behavior to exhibit.
49  */
50 
51 #include <stdio.h>
52 #include <procfs.h>
53 #include <sys/types.h>
54 #include <sys/elf.h>
55 #include <sys/systeminfo.h>
56 #include <sys/stat.h>
57 #include <sys/uadmin.h>
58 #include <sys/mntent.h>
59 #include <sys/mnttab.h>
60 #include <sys/mount.h>
61 #include <sys/fs/ufs_mount.h>
62 #include <alloca.h>
63 #include <assert.h>
64 #include <errno.h>
65 #include <fcntl.h>
66 #include <libgen.h>
67 #include <libscf.h>
68 #include <libscf_priv.h>
69 #include <limits.h>
70 #include <locale.h>
71 #include <libintl.h>
72 #include <syslog.h>
73 #include <signal.h>
74 #include <strings.h>
75 #include <unistd.h>
76 #include <stdlib.h>
77 #include <stdio.h>
78 #include <strings.h>
79 #include <time.h>
80 #include <wait.h>
81 #include <ctype.h>
82 #include <utmpx.h>
83 #include <pwd.h>
84 #include <zone.h>
85 #include <spawn.h>
86 
87 #include <libzfs.h>
88 #if defined(__x86)
89 #include <libbe.h>
90 #endif
91 
92 #if !defined(TEXT_DOMAIN)
93 #define	TEXT_DOMAIN	"SYS_TEST"
94 #endif
95 
96 #if defined(__sparc)
97 #define	CUR_ELFDATA	ELFDATA2MSB
98 #elif defined(__x86)
99 #define	CUR_ELFDATA	ELFDATA2LSB
100 #endif
101 
102 static libzfs_handle_t *g_zfs;
103 
104 extern int audit_halt_setup(int, char **);
105 extern int audit_halt_success(void);
106 extern int audit_halt_fail(void);
107 
108 extern int audit_reboot_setup(void);
109 extern int audit_reboot_success(void);
110 extern int audit_reboot_fail(void);
111 
112 static char *cmdname;	/* basename(argv[0]), the name of the command */
113 
114 typedef struct ctidlist_struct {
115 	ctid_t ctid;
116 	struct ctidlist_struct *next;
117 } ctidlist_t;
118 
119 static ctidlist_t *ctidlist = NULL;
120 static ctid_t startdct = -1;
121 
122 #define	FMRI_STARTD_CONTRACT \
123 	"svc:/system/svc/restarter:default/:properties/restarter/contract"
124 
125 #define	BEADM_PROG	"/usr/sbin/beadm"
126 #define	BOOTADM_PROG	"/sbin/bootadm"
127 #define	ZONEADM_PROG	"/usr/sbin/zoneadm"
128 
129 /*
130  * The length of FASTBOOT_MOUNTPOINT must be less than MAXPATHLEN.
131  */
132 #define	FASTBOOT_MOUNTPOINT	"/tmp/.fastboot.root"
133 
134 /*
135  * Fast Reboot related variables
136  */
137 static char	fastboot_mounted[MAXPATHLEN];
138 
139 #if defined(__x86)
140 static char *fbarg;
141 static char *fbarg_used;
142 static int fbarg_entnum = BE_ENTRY_DEFAULT;
143 #endif	/* __x86 */
144 
145 static int validate_ufs_disk(char *, char *);
146 static int validate_zfs_pool(char *, char *);
147 
148 static pid_t
149 get_initpid()
150 {
151 	static int init_pid = -1;
152 
153 	if (init_pid == -1) {
154 		if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid,
155 		    sizeof (init_pid)) != sizeof (init_pid)) {
156 			assert(errno == ESRCH);
157 			init_pid = -1;
158 		}
159 	}
160 	return (init_pid);
161 }
162 
163 /*
164  * Quiesce or resume init using /proc.  When stopping init, we can't send
165  * SIGTSTP (since init ignores it) or SIGSTOP (since the kernel won't permit
166  * it).
167  */
168 static int
169 direct_init(long command)
170 {
171 	char ctlfile[MAXPATHLEN];
172 	pid_t pid;
173 	int ctlfd;
174 
175 	assert(command == PCDSTOP || command == PCRUN);
176 	if ((pid = get_initpid()) == -1) {
177 		return (-1);
178 	}
179 
180 	(void) snprintf(ctlfile, sizeof (ctlfile), "/proc/%d/ctl", pid);
181 	if ((ctlfd = open(ctlfile, O_WRONLY)) == -1)
182 		return (-1);
183 
184 	if (command == PCDSTOP) {
185 		if (write(ctlfd, &command, sizeof (long)) == -1) {
186 			(void) close(ctlfd);
187 			return (-1);
188 		}
189 	} else {	/* command == PCRUN */
190 		long cmds[2];
191 		cmds[0] = command;
192 		cmds[1] = 0;
193 		if (write(ctlfd, cmds, sizeof (cmds)) == -1) {
194 			(void) close(ctlfd);
195 			return (-1);
196 		}
197 	}
198 	(void) close(ctlfd);
199 	return (0);
200 }
201 
202 static void
203 stop_startd()
204 {
205 	scf_handle_t *h;
206 	scf_property_t *prop = NULL;
207 	scf_value_t *val = NULL;
208 	uint64_t uint64;
209 
210 	if ((h = scf_handle_create(SCF_VERSION)) == NULL)
211 		return;
212 
213 	if ((scf_handle_bind(h) != 0) ||
214 	    ((prop = scf_property_create(h)) == NULL) ||
215 	    ((val = scf_value_create(h)) == NULL))
216 		goto out;
217 
218 	if (scf_handle_decode_fmri(h, FMRI_STARTD_CONTRACT,
219 	    NULL, NULL, NULL, NULL, prop, SCF_DECODE_FMRI_EXACT) != 0)
220 		goto out;
221 
222 	if (scf_property_is_type(prop, SCF_TYPE_COUNT) != 0 ||
223 	    scf_property_get_value(prop, val) != 0 ||
224 	    scf_value_get_count(val, &uint64) != 0)
225 		goto out;
226 
227 	startdct = (ctid_t)uint64;
228 	(void) sigsend(P_CTID, startdct, SIGSTOP);
229 
230 out:
231 	scf_property_destroy(prop);
232 	scf_value_destroy(val);
233 	scf_handle_destroy(h);
234 }
235 
236 static void
237 continue_startd()
238 {
239 	if (startdct != -1)
240 		(void) sigsend(P_CTID, startdct, SIGCONT);
241 }
242 
243 #define	FMRI_RESTARTER_PROP "/:properties/general/restarter"
244 #define	FMRI_CONTRACT_PROP "/:properties/restarter/contract"
245 
246 static int
247 save_ctid(ctid_t ctid)
248 {
249 	ctidlist_t *next;
250 
251 	for (next = ctidlist; next != NULL; next = next->next)
252 		if (next->ctid == ctid)
253 			return (-1);
254 
255 	next = (ctidlist_t *)malloc(sizeof (ctidlist_t));
256 	if (next == NULL)
257 		return (-1);
258 
259 	next->ctid = ctid;
260 	next->next = ctidlist;
261 	ctidlist = next;
262 	return (0);
263 }
264 
265 static void
266 stop_delegates()
267 {
268 	ctid_t ctid;
269 	scf_handle_t *h;
270 	scf_scope_t *sc = NULL;
271 	scf_service_t *svc = NULL;
272 	scf_instance_t *inst = NULL;
273 	scf_snapshot_t *snap = NULL;
274 	scf_snapshot_t *isnap = NULL;
275 	scf_propertygroup_t *pg = NULL;
276 	scf_property_t *prop = NULL;
277 	scf_value_t *val = NULL;
278 	scf_iter_t *siter = NULL;
279 	scf_iter_t *iiter = NULL;
280 	char *fmri;
281 	ssize_t length;
282 
283 	uint64_t uint64;
284 	ssize_t bytes;
285 
286 	length = scf_limit(SCF_LIMIT_MAX_FMRI_LENGTH);
287 	if (length <= 0)
288 		return;
289 
290 	length++;
291 	fmri = alloca(length * sizeof (char));
292 
293 	if ((h = scf_handle_create(SCF_VERSION)) == NULL)
294 		return;
295 
296 	if (scf_handle_bind(h) != 0) {
297 		scf_handle_destroy(h);
298 		return;
299 	}
300 
301 	if ((sc = scf_scope_create(h)) == NULL ||
302 	    (svc = scf_service_create(h)) == NULL ||
303 	    (inst = scf_instance_create(h)) == NULL ||
304 	    (snap = scf_snapshot_create(h)) == NULL ||
305 	    (pg = scf_pg_create(h)) == NULL ||
306 	    (prop = scf_property_create(h)) == NULL ||
307 	    (val = scf_value_create(h)) == NULL ||
308 	    (siter = scf_iter_create(h)) == NULL ||
309 	    (iiter = scf_iter_create(h)) == NULL)
310 		goto out;
311 
312 	if (scf_handle_get_scope(h, SCF_SCOPE_LOCAL, sc) != 0)
313 		goto out;
314 
315 	if (scf_iter_scope_services(siter, sc) != 0)
316 		goto out;
317 
318 	while (scf_iter_next_service(siter, svc) == 1) {
319 
320 		if (scf_iter_service_instances(iiter, svc) != 0)
321 			continue;
322 
323 		while (scf_iter_next_instance(iiter, inst) == 1) {
324 
325 			if ((scf_instance_get_snapshot(inst, "running",
326 			    snap)) != 0)
327 				isnap = NULL;
328 			else
329 				isnap = snap;
330 
331 			if (scf_instance_get_pg_composed(inst, isnap,
332 			    SCF_PG_GENERAL, pg) != 0)
333 				continue;
334 
335 			if (scf_pg_get_property(pg, SCF_PROPERTY_RESTARTER,
336 			    prop) != 0 ||
337 			    scf_property_get_value(prop, val) != 0)
338 				continue;
339 
340 			bytes = scf_value_get_astring(val, fmri, length);
341 			if (bytes <= 0 || bytes >= length)
342 				continue;
343 
344 			if (strlcat(fmri, FMRI_CONTRACT_PROP, length) >=
345 			    length)
346 				continue;
347 
348 			if (scf_handle_decode_fmri(h, fmri, NULL, NULL,
349 			    NULL, NULL, prop, SCF_DECODE_FMRI_EXACT) != 0)
350 				continue;
351 
352 			if (scf_property_is_type(prop, SCF_TYPE_COUNT) != 0 ||
353 			    scf_property_get_value(prop, val) != 0 ||
354 			    scf_value_get_count(val, &uint64) != 0)
355 				continue;
356 
357 			ctid = (ctid_t)uint64;
358 			if (save_ctid(ctid) == 0) {
359 				(void) sigsend(P_CTID, ctid, SIGSTOP);
360 			}
361 		}
362 	}
363 out:
364 	scf_scope_destroy(sc);
365 	scf_service_destroy(svc);
366 	scf_instance_destroy(inst);
367 	scf_snapshot_destroy(snap);
368 	scf_pg_destroy(pg);
369 	scf_property_destroy(prop);
370 	scf_value_destroy(val);
371 	scf_iter_destroy(siter);
372 	scf_iter_destroy(iiter);
373 
374 	(void) scf_handle_unbind(h);
375 	scf_handle_destroy(h);
376 }
377 
378 static void
379 continue_delegates()
380 {
381 	ctidlist_t *next;
382 	for (next = ctidlist; next != NULL; next = next->next)
383 		(void) sigsend(P_CTID, next->ctid, SIGCONT);
384 }
385 
386 #define	FMRI_GDM "svc:/application/graphical-login/gdm:default"
387 #define	GDM_STOP_TIMEOUT	10	/* Give gdm 10 seconds to shut down */
388 
389 /*
390  * If gdm is running, try to stop gdm.
391  * Returns  0 on success, -1 on failure.
392  */
393 static int
394 stop_gdm()
395 {
396 	char *gdm_state = NULL;
397 	int retry = 0;
398 
399 	/*
400 	 * If gdm is running, try to stop gdm.
401 	 */
402 	while ((gdm_state = smf_get_state(FMRI_GDM)) != NULL &&
403 	    strcmp(gdm_state, SCF_STATE_STRING_ONLINE) == 0 &&
404 	    retry++ < GDM_STOP_TIMEOUT) {
405 
406 		free(gdm_state);
407 
408 		/*
409 		 * Only need to disable once.
410 		 */
411 		if (retry == 1 &&
412 		    smf_disable_instance(FMRI_GDM, SMF_TEMPORARY) != 0) {
413 			(void) fprintf(stderr,
414 			    gettext("%s: Failed to stop %s: %s.\n"),
415 			    cmdname, FMRI_GDM, scf_strerror(scf_error()));
416 			return (-1);
417 		}
418 		(void) sleep(1);
419 	}
420 
421 	if (retry >= GDM_STOP_TIMEOUT) {
422 		(void) fprintf(stderr, gettext("%s: Failed to stop %s.\n"),
423 		    cmdname, FMRI_GDM);
424 		return (-1);
425 	}
426 
427 	return (0);
428 }
429 
430 
431 static void
432 stop_restarters()
433 {
434 	stop_startd();
435 	stop_delegates();
436 }
437 
438 static void
439 continue_restarters()
440 {
441 	continue_startd();
442 	continue_delegates();
443 }
444 
445 /*
446  * Copy an array of strings into buf, separated by spaces.  Returns 0 on
447  * success.
448  */
449 static int
450 gather_args(char **args, char *buf, size_t buf_sz)
451 {
452 	if (strlcpy(buf, *args, buf_sz) >= buf_sz)
453 		return (-1);
454 
455 	for (++args; *args != NULL; ++args) {
456 		if (strlcat(buf, " ", buf_sz) >= buf_sz)
457 			return (-1);
458 		if (strlcat(buf, *args, buf_sz) >= buf_sz)
459 			return (-1);
460 	}
461 
462 	return (0);
463 }
464 
465 /*
466  * Halt every zone on the system.  We are committed to doing a shutdown
467  * even if something goes wrong here. If something goes wrong, we just
468  * continue with the shutdown.  Return non-zero if we need to wait for zones to
469  * halt later on.
470  */
471 static int
472 halt_zones()
473 {
474 	pid_t pid;
475 	zoneid_t *zones;
476 	size_t nz = 0, old_nz;
477 	int i;
478 	char zname[ZONENAME_MAX];
479 
480 	/*
481 	 * Get a list of zones. If the number of zones changes in between the
482 	 * two zone_list calls, try again.
483 	 */
484 
485 	for (;;) {
486 		(void) zone_list(NULL, &nz);
487 		if (nz == 1)
488 			return (0);
489 		old_nz = nz;
490 		zones = calloc(sizeof (zoneid_t), nz);
491 		if (zones == NULL) {
492 			(void) fprintf(stderr,
493 			    gettext("%s: Could not halt zones"
494 			    " (out of memory).\n"), cmdname);
495 			return (0);
496 		}
497 
498 		(void) zone_list(zones, &nz);
499 		if (old_nz == nz)
500 			break;
501 		free(zones);
502 	}
503 
504 	if (nz == 2) {
505 		(void) fprintf(stderr, gettext("%s: Halting 1 zone.\n"),
506 		    cmdname);
507 	} else {
508 		(void) fprintf(stderr, gettext("%s: Halting %i zones.\n"),
509 		    cmdname, nz - 1);
510 	}
511 
512 	for (i = 0; i < nz; i++) {
513 		if (zones[i] == GLOBAL_ZONEID)
514 			continue;
515 		if (getzonenamebyid(zones[i], zname, sizeof (zname)) < 0) {
516 			/*
517 			 * getzonenamebyid should only fail if we raced with
518 			 * another process trying to shut down the zone.
519 			 * We assume this happened and ignore the error.
520 			 */
521 			if (errno != EINVAL) {
522 				(void) fprintf(stderr,
523 				    gettext("%s: Unexpected error while "
524 				    "looking up zone %ul: %s.\n"),
525 				    cmdname, zones[i], strerror(errno));
526 			}
527 
528 			continue;
529 		}
530 		pid = fork();
531 		if (pid < 0) {
532 			(void) fprintf(stderr,
533 			    gettext("%s: Zone \"%s\" could not be"
534 			    " halted (could not fork(): %s).\n"),
535 			    cmdname, zname, strerror(errno));
536 			continue;
537 		}
538 		if (pid == 0) {
539 			(void) execl(ZONEADM_PROG, ZONEADM_PROG,
540 			    "-z", zname, "halt", NULL);
541 			(void) fprintf(stderr,
542 			    gettext("%s: Zone \"%s\" could not be halted"
543 			    " (cannot exec(" ZONEADM_PROG "): %s).\n"),
544 			    cmdname, zname, strerror(errno));
545 			exit(0);
546 		}
547 	}
548 
549 	return (1);
550 }
551 
552 /*
553  * This function tries to wait for all non-global zones to go away.
554  * It will timeout if no progress is made for 5 seconds, or a total of
555  * 30 seconds elapses.
556  */
557 
558 static void
559 check_zones_haltedness()
560 {
561 	int t = 0, t_prog = 0;
562 	size_t nz = 0, last_nz;
563 
564 	do {
565 		last_nz = nz;
566 		(void) zone_list(NULL, &nz);
567 		if (nz == 1)
568 			return;
569 
570 		(void) sleep(1);
571 
572 		if (last_nz > nz)
573 			t_prog = 0;
574 
575 		t++;
576 		t_prog++;
577 
578 		if (t == 10) {
579 			if (nz == 2) {
580 				(void) fprintf(stderr,
581 				    gettext("%s: Still waiting for 1 zone to "
582 				    "halt. Will wait up to 20 seconds.\n"),
583 				    cmdname);
584 			} else {
585 				(void) fprintf(stderr,
586 				    gettext("%s: Still waiting for %i zones "
587 				    "to halt. Will wait up to 20 seconds.\n"),
588 				    cmdname, nz - 1);
589 			}
590 		}
591 
592 	} while ((t < 30) && (t_prog < 5));
593 }
594 
595 
596 /*
597  * Validate that this is a root disk or dataset
598  * Returns 0 if it is a root disk or dataset;
599  * returns 1 if it is a disk argument or dataset, but not valid or not root;
600  * returns -1 if it is not a valid argument or a disk argument.
601  */
602 static int
603 validate_disk(char *arg, char *mountpoint)
604 {
605 	static char root_dev_path[] = "/dev/dsk";
606 	char kernpath[MAXPATHLEN];
607 	struct stat64 statbuf;
608 	int rc = 0;
609 
610 	if (strlen(arg) > MAXPATHLEN) {
611 		(void) fprintf(stderr,
612 		    gettext("%s: Argument is too long\n"), cmdname);
613 		return (-1);
614 	}
615 
616 	bcopy(FASTBOOT_MOUNTPOINT, mountpoint, sizeof (FASTBOOT_MOUNTPOINT));
617 
618 	if (strstr(arg, mountpoint) == NULL) {
619 		/*
620 		 * Do a force umount just in case some other filesystem has
621 		 * been mounted there.
622 		 */
623 		(void) umount2(mountpoint, MS_FORCE);
624 	}
625 
626 	/* Create the directory if it doesn't already exist */
627 	if (lstat64(mountpoint, &statbuf) != 0) {
628 		if (mkdirp(mountpoint, 0755) != 0) {
629 			(void) fprintf(stderr,
630 			    gettext("Failed to create mountpoint %s\n"),
631 			    mountpoint);
632 			return (-1);
633 		}
634 	}
635 
636 	if (strncmp(arg, root_dev_path, strlen(root_dev_path)) == 0) {
637 		/* ufs root disk argument */
638 		rc = validate_ufs_disk(arg, mountpoint);
639 	} else {
640 		/* zfs root pool argument */
641 		rc = validate_zfs_pool(arg, mountpoint);
642 	}
643 
644 	if (rc != 0)
645 		return (rc);
646 
647 	/*
648 	 * Check for the usual case: 64-bit kernel
649 	 */
650 	(void) snprintf(kernpath, MAXPATHLEN,
651 	    "%s/platform/i86pc/kernel/amd64/unix", mountpoint);
652 	if (stat64(kernpath, &statbuf) == 0)
653 		return (0);
654 
655 	/*
656 	 * We no longer build 32-bit kernel but in a case we are trying to boot
657 	 * some ancient filesystem with 32-bit only kernel we should be able to
658 	 * proceed too
659 	 */
660 	(void) snprintf(kernpath, MAXPATHLEN, "%s/platform/i86pc/kernel/unix",
661 	    mountpoint);
662 
663 	if (stat64(kernpath, &statbuf) != 0) {
664 		(void) fprintf(stderr,
665 		    gettext("%s: %s is not a root disk or dataset\n"),
666 		    cmdname, arg);
667 		return (1);
668 	}
669 
670 	return (0);
671 }
672 
673 
674 static int
675 validate_ufs_disk(char *arg, char *mountpoint)
676 {
677 	struct ufs_args	ufs_args = { 0 };
678 	char mntopts[MNT_LINE_MAX] = MNTOPT_LARGEFILES;
679 
680 	/* perform the mount */
681 	ufs_args.flags = UFSMNT_LARGEFILES;
682 	if (mount(arg, mountpoint, MS_DATA|MS_OPTIONSTR,
683 	    MNTTYPE_UFS, &ufs_args, sizeof (ufs_args),
684 	    mntopts, sizeof (mntopts)) != 0) {
685 		perror(cmdname);
686 		(void) fprintf(stderr,
687 		    gettext("%s: Failed to mount %s\n"), cmdname, arg);
688 		return (-1);
689 	}
690 
691 	return (0);
692 }
693 
694 static int
695 validate_zfs_pool(char *arg, char *mountpoint)
696 {
697 	zfs_handle_t *zhp = NULL;
698 	char mntopts[MNT_LINE_MAX] = { '\0' };
699 	int rc = 0;
700 
701 	if ((g_zfs = libzfs_init()) == NULL) {
702 		(void) fprintf(stderr, gettext("Internal error: failed to "
703 		    "initialize ZFS library\n"));
704 		return (-1);
705 	}
706 
707 	/* Try to open the dataset */
708 	if ((zhp = zfs_open(g_zfs, arg,
709 	    ZFS_TYPE_FILESYSTEM | ZFS_TYPE_DATASET)) == NULL)
710 		return (-1);
711 
712 	/* perform the mount */
713 	if (mount(zfs_get_name(zhp), mountpoint, MS_DATA|MS_OPTIONSTR|MS_RDONLY,
714 	    MNTTYPE_ZFS, NULL, 0, mntopts, sizeof (mntopts)) != 0) {
715 		perror(cmdname);
716 		(void) fprintf(stderr,
717 		    gettext("%s: Failed to mount %s\n"), cmdname, arg);
718 		rc = -1;
719 	}
720 
721 validate_zfs_err_out:
722 	if (zhp != NULL)
723 		zfs_close(zhp);
724 
725 	libzfs_fini(g_zfs);
726 	return (rc);
727 }
728 
729 /*
730  * Return 0 if not zfs, or is zfs and have successfully constructed the
731  * boot argument; returns non-zero otherwise.
732  * At successful completion fpth contains pointer where mount point ends.
733  * NOTE: arg is supposed to be the resolved path
734  */
735 static int
736 get_zfs_bootfs_arg(const char *arg, const char ** fpth, int *is_zfs,
737     char *bootfs_arg)
738 {
739 	zfs_handle_t *zhp = NULL;
740 	zpool_handle_t *zpoolp = NULL;
741 	FILE *mtabp = NULL;
742 	struct mnttab mnt;
743 	char *poolname = NULL;
744 	char physpath[MAXPATHLEN];
745 	char mntsp[ZFS_MAX_DATASET_NAME_LEN];
746 	char bootfs[ZFS_MAX_DATASET_NAME_LEN];
747 	int rc = 0;
748 	size_t mntlen = 0;
749 	size_t msz;
750 	static char fmt[] = "-B zfs-bootfs=%s,bootpath=\"%s\"";
751 
752 	*fpth = arg;
753 	*is_zfs = 0;
754 
755 	bzero(physpath, sizeof (physpath));
756 	bzero(bootfs, sizeof (bootfs));
757 
758 	if ((mtabp = fopen(MNTTAB, "r")) == NULL) {
759 		return (-1);
760 	}
761 
762 	while (getmntent(mtabp, &mnt) == 0) {
763 		if (strstr(arg, mnt.mnt_mountp) == arg &&
764 		    (msz = strlen(mnt.mnt_mountp)) > mntlen) {
765 			mntlen = msz;
766 			*is_zfs = strcmp(MNTTYPE_ZFS, mnt.mnt_fstype) == 0;
767 			(void) strlcpy(mntsp, mnt.mnt_special, sizeof (mntsp));
768 		}
769 	}
770 
771 	(void) fclose(mtabp);
772 
773 	if (mntlen > 1)
774 		*fpth += mntlen;
775 
776 	if (!*is_zfs)
777 		return (0);
778 
779 	if ((g_zfs = libzfs_init()) == NULL)
780 		return (-1);
781 
782 	/* Try to open the dataset */
783 	if ((zhp = zfs_open(g_zfs, mntsp,
784 	    ZFS_TYPE_FILESYSTEM | ZFS_TYPE_DATASET)) == NULL) {
785 		(void) fprintf(stderr, gettext("Cannot open %s\n"), mntsp);
786 		rc = -1;
787 		goto validate_zfs_err_out;
788 	}
789 
790 	(void) strlcpy(bootfs, mntsp, sizeof (bootfs));
791 
792 	if ((poolname = strtok(mntsp, "/")) == NULL) {
793 		rc = -1;
794 		goto validate_zfs_err_out;
795 	}
796 
797 	if ((zpoolp = zpool_open(g_zfs, poolname)) == NULL) {
798 		(void) fprintf(stderr, gettext("Cannot open %s\n"), poolname);
799 		rc = -1;
800 		goto validate_zfs_err_out;
801 	}
802 
803 	if (zpool_get_physpath(zpoolp, physpath, sizeof (physpath)) != 0) {
804 		(void) fprintf(stderr, gettext("Cannot find phys_path\n"));
805 		rc = -1;
806 		goto validate_zfs_err_out;
807 	}
808 
809 	/*
810 	 * For the mirror physpath would contain the list of all
811 	 * bootable devices, pick up the first one.
812 	 */
813 	(void) strtok(physpath, " ");
814 	if (snprintf(bootfs_arg, BOOTARGS_MAX, fmt, bootfs, physpath) >=
815 	    BOOTARGS_MAX) {
816 		rc = E2BIG;
817 		(void) fprintf(stderr,
818 		    gettext("Boot arguments are too long\n"));
819 	}
820 
821 validate_zfs_err_out:
822 	if (zhp != NULL)
823 		zfs_close(zhp);
824 
825 	if (zpoolp != NULL)
826 		zpool_close(zpoolp);
827 
828 	libzfs_fini(g_zfs);
829 	return (rc);
830 }
831 
832 /*
833  * Validate that the file exists, and is an ELF file.
834  * Returns 0 on success, -1 on failure.
835  */
836 static int
837 validate_unix(char *arg, int *mplen, int *is_zfs, char *bootfs_arg)
838 {
839 	const char *location;
840 	int class, format;
841 	unsigned char ident[EI_NIDENT];
842 	char physpath[MAXPATHLEN];
843 	int elffd = -1;
844 	size_t	sz;
845 
846 	if ((sz = resolvepath(arg, physpath, sizeof (physpath) - 1)) ==
847 	    (size_t)-1) {
848 		(void) fprintf(stderr,
849 		    gettext("Cannot resolve path for %s: %s\n"),
850 		    arg, strerror(errno));
851 		return (-1);
852 	}
853 	(void) strlcpy(arg, physpath, sz + 1);
854 
855 	if (strlen(arg) > MAXPATHLEN) {
856 		(void) fprintf(stderr,
857 		    gettext("%s: New kernel name is too long\n"), cmdname);
858 		return (-1);
859 	}
860 
861 	if (strncmp(basename(arg), "unix", 4) != 0) {
862 		(void) fprintf(stderr,
863 		    gettext("%s: %s: Kernel name must be unix\n"),
864 		    cmdname, arg);
865 		return (-1);
866 	}
867 
868 	if (get_zfs_bootfs_arg(arg, &location, is_zfs, bootfs_arg) != 0)
869 		goto err_out;
870 
871 	*mplen = location - arg;
872 
873 	if (strstr(location, "/boot/platform") == location) {
874 		/*
875 		 * Rebooting to failsafe.
876 		 * Clear bootfs_arg and is_zfs flag.
877 		 */
878 		bootfs_arg[0] = 0;
879 		*is_zfs = 0;
880 	} else if (strstr(location, "/platform") != location) {
881 		(void) fprintf(stderr,
882 		    gettext("%s: %s: No /platform in file name\n"),
883 		    cmdname, arg);
884 		goto err_out;
885 	}
886 
887 	if ((elffd = open64(arg, O_RDONLY)) < 0 ||
888 	    (pread64(elffd, ident, EI_NIDENT, 0) != EI_NIDENT)) {
889 		(void) fprintf(stderr, "%s: %s: %s\n",
890 		    cmdname, arg, strerror(errno));
891 		goto err_out;
892 	}
893 
894 	class = ident[EI_CLASS];
895 
896 	if ((class != ELFCLASS32 && class != ELFCLASS64) ||
897 	    memcmp(&ident[EI_MAG0], ELFMAG, 4) != 0) {
898 		(void) fprintf(stderr,
899 		    gettext("%s: %s: Not a valid ELF file\n"), cmdname, arg);
900 		goto err_out;
901 	}
902 
903 	format = ident[EI_DATA];
904 
905 	if (format != CUR_ELFDATA) {
906 		(void) fprintf(stderr, gettext("%s: %s: Invalid data format\n"),
907 		    cmdname, arg);
908 		goto err_out;
909 	}
910 
911 	return (0);
912 
913 err_out:
914 	if (elffd >= 0) {
915 		(void) close(elffd);
916 		elffd = -1;
917 	}
918 	return (-1);
919 }
920 
921 static int
922 halt_exec(const char *path, ...)
923 {
924 	pid_t		pid;
925 	int		i;
926 	int		st;
927 	const char	*arg;
928 	va_list	vp;
929 	const char	*argv[256];
930 
931 	if ((pid = fork()) == -1) {
932 		return (errno);
933 	} else if (pid == 0) {
934 		(void) fclose(stdout);
935 		(void) fclose(stderr);
936 
937 		argv[0] = path;
938 		i = 1;
939 
940 		va_start(vp, path);
941 
942 		do {
943 			arg = va_arg(vp, const char *);
944 			argv[i] = arg;
945 		} while (arg != NULL &&
946 		    ++i != sizeof (argv) / sizeof (argv[0]));
947 
948 		va_end(vp);
949 
950 		(void) execve(path, (char * const *)argv, NULL);
951 		(void) fprintf(stderr, gettext("Cannot execute %s: %s\n"),
952 		    path, strerror(errno));
953 		exit(-1);
954 	} else {
955 		if (waitpid(pid, &st, 0) == pid &&
956 		    !WIFSIGNALED(st) && WIFEXITED(st))
957 			st = WEXITSTATUS(st);
958 		else
959 			st = -1;
960 	}
961 	return (st);
962 }
963 
964 /*
965  * Mount the specified BE.
966  *
967  * Upon success returns zero and copies bename string to mountpoint[]
968  */
969 static int
970 fastboot_bename(const char *bename, char *mountpoint, size_t mpsz)
971 {
972 	int rc;
973 
974 	/*
975 	 * Attempt to unmount the BE first in case it's already mounted
976 	 * elsewhere.
977 	 */
978 	(void) halt_exec(BEADM_PROG, "umount", bename, NULL);
979 
980 	if ((rc = halt_exec(BEADM_PROG, "mount", bename, FASTBOOT_MOUNTPOINT,
981 	    NULL)) != 0)
982 		(void) fprintf(stderr,
983 		    gettext("%s: Unable to mount BE \"%s\" at %s\n"),
984 		    cmdname, bename, FASTBOOT_MOUNTPOINT);
985 	else
986 		(void) strlcpy(mountpoint, FASTBOOT_MOUNTPOINT, mpsz);
987 
988 	return (rc);
989 }
990 
991 /*
992  * Returns 0 on successful parsing of the arguments;
993  * returns EINVAL on parsing failures that should abort the reboot attempt;
994  * returns other error code to fall back to regular reboot.
995  */
996 static int
997 parse_fastboot_args(char *bootargs_buf, size_t buf_size,
998     int *is_dryrun, const char *bename)
999 {
1000 	char mountpoint[MAXPATHLEN];
1001 	char bootargs_saved[BOOTARGS_MAX];
1002 	char bootargs_scratch[BOOTARGS_MAX];
1003 	char bootfs_arg[BOOTARGS_MAX];
1004 	char unixfile[BOOTARGS_MAX];
1005 	char *head, *newarg;
1006 	int buflen;		/* length of the bootargs_buf */
1007 	int mplen;		/* length of the mount point */
1008 	int rootlen = 0;	/* length of the root argument */
1009 	int unixlen = 0;	/* length of the unix argument */
1010 	int off = 0;		/* offset into the new boot argument */
1011 	int is_zfs = 0;
1012 	int rc = 0;
1013 
1014 	bzero(mountpoint, sizeof (mountpoint));
1015 
1016 	/*
1017 	 * If argc is not 0, buflen is length of the argument being passed in;
1018 	 * else it is 0 as bootargs_buf has been initialized to all 0's.
1019 	 */
1020 	buflen = strlen(bootargs_buf);
1021 
1022 	/* Save a copy of the original argument */
1023 	bcopy(bootargs_buf, bootargs_saved, buflen);
1024 	bzero(&bootargs_saved[buflen], sizeof (bootargs_saved) - buflen);
1025 
1026 	/* Save another copy to be used by strtok */
1027 	bcopy(bootargs_buf, bootargs_scratch, buflen);
1028 	bzero(&bootargs_scratch[buflen], sizeof (bootargs_scratch) - buflen);
1029 	head = &bootargs_scratch[0];
1030 
1031 	/* Get the first argument */
1032 	newarg = strtok(bootargs_scratch, " ");
1033 
1034 	/*
1035 	 * If this is a dry run request, verify that the drivers can handle
1036 	 * fast reboot.
1037 	 */
1038 	if (newarg && strncasecmp(newarg, "dryrun", strlen("dryrun")) == 0) {
1039 		*is_dryrun = 1;
1040 		(void) system("/usr/sbin/devfsadm");
1041 	}
1042 
1043 	/*
1044 	 * Always perform a dry run to identify all the drivers that
1045 	 * need to implement devo_reset().
1046 	 */
1047 	if (uadmin(A_SHUTDOWN, AD_FASTREBOOT_DRYRUN,
1048 	    (uintptr_t)bootargs_saved) != 0) {
1049 		(void) fprintf(stderr, gettext("%s: Not all drivers "
1050 		    "have implemented quiesce(9E)\n"
1051 		    "\tPlease see /var/adm/messages for drivers that haven't\n"
1052 		    "\timplemented quiesce(9E).\n"), cmdname);
1053 	} else if (*is_dryrun) {
1054 		(void) fprintf(stderr, gettext("%s: All drivers have "
1055 		    "implemented quiesce(9E)\n"), cmdname);
1056 	}
1057 
1058 	/* Return if it is a true dry run. */
1059 	if (*is_dryrun)
1060 		return (rc);
1061 
1062 #if defined(__x86)
1063 	/* Read boot args from Boot Environment */
1064 	if ((bootargs_buf[0] == 0 || isdigit(bootargs_buf[0])) &&
1065 	    bename == NULL) {
1066 		/*
1067 		 * If no boot arguments are given, or a BE entry
1068 		 * number is provided, process the boot arguments from BE.
1069 		 */
1070 		int entnum;
1071 		if (bootargs_buf[0] == 0)
1072 			entnum = BE_ENTRY_DEFAULT;
1073 		else {
1074 			errno = 0;
1075 			entnum = strtoul(bootargs_buf, NULL, 10);
1076 			rc = errno;
1077 		}
1078 
1079 		if (rc == 0 && (rc = be_get_boot_args(&fbarg, entnum)) == 0) {
1080 			if (strlcpy(bootargs_buf, fbarg,
1081 			    buf_size) >= buf_size) {
1082 				free(fbarg);
1083 				bcopy(bootargs_saved, bootargs_buf, buf_size);
1084 				rc = E2BIG;
1085 			}
1086 		}
1087 		/* Failed to read FB args, fall back to normal reboot */
1088 		if (rc != 0) {
1089 			(void) fprintf(stderr,
1090 			    gettext("%s: Failed to process boot "
1091 			    "arguments from Boot Environment.\n"), cmdname);
1092 			(void) fprintf(stderr,
1093 			    gettext("%s: Falling back to regular reboot.\n"),
1094 			    cmdname);
1095 			return (-1);
1096 		}
1097 		/* No need to process further */
1098 		fbarg_used = fbarg;
1099 		fbarg_entnum = entnum;
1100 		return (0);
1101 	}
1102 #endif	/* __x86 */
1103 
1104 	/* Zero out the boot argument buffer as we will reconstruct it */
1105 	bzero(bootargs_buf, buf_size);
1106 	bzero(bootfs_arg, sizeof (bootfs_arg));
1107 	bzero(unixfile, sizeof (unixfile));
1108 
1109 	if (bename && (rc = fastboot_bename(bename, mountpoint,
1110 	    sizeof (mountpoint))) != 0)
1111 		return (EINVAL);
1112 
1113 
1114 	/*
1115 	 * If BE is not specified, look for disk argument to construct
1116 	 * mountpoint; if BE has been specified, mountpoint has already been
1117 	 * constructed.
1118 	 */
1119 	if (newarg && newarg[0] != '-' && !bename) {
1120 		int tmprc;
1121 
1122 		if ((tmprc = validate_disk(newarg, mountpoint)) == 0) {
1123 			/*
1124 			 * The first argument is a valid root argument.
1125 			 * Get the next argument.
1126 			 */
1127 			newarg = strtok(NULL, " ");
1128 			rootlen = (newarg) ? (newarg - head) : buflen;
1129 			(void) strlcpy(fastboot_mounted, mountpoint,
1130 			    sizeof (fastboot_mounted));
1131 
1132 		} else if (tmprc == -1) {
1133 			/*
1134 			 * Not a disk argument.  Use / as default root.
1135 			 */
1136 			bcopy("/", mountpoint, 1);
1137 			bzero(&mountpoint[1], sizeof (mountpoint) - 1);
1138 		} else {
1139 			/*
1140 			 * Disk argument, but not valid or not root.
1141 			 * Return failure.
1142 			 */
1143 			return (EINVAL);
1144 		}
1145 	}
1146 
1147 	/*
1148 	 * Make mountpoint the first part of unixfile.
1149 	 * If there is not disk argument, and BE has not been specified,
1150 	 * mountpoint could be empty.
1151 	 */
1152 	mplen = strlen(mountpoint);
1153 	bcopy(mountpoint, unixfile, mplen);
1154 
1155 	/*
1156 	 * Look for unix argument
1157 	 */
1158 	if (newarg && newarg[0] != '-') {
1159 		bcopy(newarg, &unixfile[mplen], strlen(newarg));
1160 		newarg = strtok(NULL, " ");
1161 		rootlen = (newarg) ? (newarg - head) : buflen;
1162 	} else if (mplen != 0) {
1163 		/*
1164 		 * No unix argument, but mountpoint is not empty, use
1165 		 * /platform/i86pc/kernel/$ISADIR/unix as default.
1166 		 */
1167 		char isa[20];
1168 
1169 		if (sysinfo(SI_ARCHITECTURE_64, isa, sizeof (isa)) != -1)
1170 			(void) snprintf(&unixfile[mplen],
1171 			    sizeof (unixfile) - mplen,
1172 			    "/platform/i86pc/kernel/%s/unix", isa);
1173 		else if (sysinfo(SI_ARCHITECTURE_32, isa, sizeof (isa)) != -1) {
1174 			(void) snprintf(&unixfile[mplen],
1175 			    sizeof (unixfile) - mplen,
1176 			    "/platform/i86pc/kernel/unix");
1177 		} else {
1178 			(void) fprintf(stderr,
1179 			    gettext("%s: Unknown architecture"), cmdname);
1180 			return (EINVAL);
1181 		}
1182 	}
1183 
1184 	/*
1185 	 * We now have the complete unix argument.  Verify that it exists and
1186 	 * is an ELF file.  Split the argument up into mountpoint and unix
1187 	 * portions again.  This is necessary to handle cases where mountpoint
1188 	 * is specified on the command line as part of the unix argument,
1189 	 * such as this:
1190 	 *	# reboot -f /.alt/platform/i86pc/kernel/amd64/unix
1191 	 */
1192 	unixlen = strlen(unixfile);
1193 	if (unixlen > 0) {
1194 		if (validate_unix(unixfile, &mplen, &is_zfs,
1195 		    bootfs_arg) != 0) {
1196 			/* Not a valid unix file */
1197 			return (EINVAL);
1198 		} else {
1199 			int space = 0;
1200 			/*
1201 			 * Construct boot argument.
1202 			 */
1203 			unixlen = strlen(unixfile);
1204 
1205 			/*
1206 			 * mdep cannot start with space because bootadm
1207 			 * creates bogus menu entries if it does.
1208 			 */
1209 			if (mplen > 0) {
1210 				bcopy(unixfile, bootargs_buf, mplen);
1211 				(void) strcat(bootargs_buf, " ");
1212 				space = 1;
1213 			}
1214 			bcopy(&unixfile[mplen], &bootargs_buf[mplen + space],
1215 			    unixlen - mplen);
1216 			(void) strcat(bootargs_buf, " ");
1217 			off += unixlen + space + 1;
1218 		}
1219 	} else {
1220 		/* Check to see if root is zfs */
1221 		const char	*dp;
1222 		(void) get_zfs_bootfs_arg("/", &dp, &is_zfs, bootfs_arg);
1223 	}
1224 
1225 	if (is_zfs && (buflen != 0 || bename != NULL))	{
1226 		/* do not copy existing zfs boot args */
1227 		if (strstr(&bootargs_saved[rootlen], "-B") == NULL ||
1228 		    strstr(&bootargs_saved[rootlen], "zfs-bootfs=") == NULL ||
1229 		    (strstr(&bootargs_saved[rootlen], "bootpath=") == NULL &&
1230 		    strstr(&bootargs_saved[rootlen], "diskdevid=") == NULL))
1231 			/* LINTED E_SEC_SPRINTF_UNBOUNDED_COPY */
1232 			off += sprintf(bootargs_buf + off, "%s ", bootfs_arg);
1233 	}
1234 
1235 	/*
1236 	 * Copy the rest of the arguments
1237 	 */
1238 	bcopy(&bootargs_saved[rootlen], &bootargs_buf[off], buflen - rootlen);
1239 
1240 	return (rc);
1241 }
1242 
1243 #define	MAXARGS		5
1244 
1245 static void
1246 do_archives_update(int do_fast_reboot)
1247 {
1248 	int	r, i = 0;
1249 	pid_t	pid;
1250 	char	*cmd_argv[MAXARGS];
1251 
1252 
1253 	cmd_argv[i++] = "/sbin/bootadm";
1254 	cmd_argv[i++] = "-ea";
1255 	cmd_argv[i++] = "update_all";
1256 	if (do_fast_reboot)
1257 		cmd_argv[i++] = "fastboot";
1258 	cmd_argv[i] = NULL;
1259 
1260 	r = posix_spawn(&pid, cmd_argv[0], NULL, NULL, cmd_argv, NULL);
1261 
1262 	/* if posix_spawn fails we emit a warning and continue */
1263 
1264 	if (r != 0)
1265 		(void) fprintf(stderr, gettext("%s: WARNING, unable to start "
1266 		    "boot archive update\n"), cmdname);
1267 	else
1268 		while (waitpid(pid, NULL, 0) == -1 && errno == EINTR)
1269 			;
1270 }
1271 
1272 int
1273 main(int argc, char *argv[])
1274 {
1275 	int qflag = 0, needlog = 1, nosync = 0;
1276 	int fast_reboot = 0;
1277 	int prom_reboot = 0;
1278 	uintptr_t mdep = NULL;
1279 	int cmd, fcn, c, aval, r;
1280 	const char *usage;
1281 	const char *optstring;
1282 	zoneid_t zoneid = getzoneid();
1283 	int need_check_zones = 0;
1284 	char bootargs_buf[BOOTARGS_MAX];
1285 	char *bootargs_orig = NULL;
1286 	char *bename = NULL;
1287 
1288 	const char * const resetting = "/etc/svc/volatile/resetting";
1289 
1290 	(void) setlocale(LC_ALL, "");
1291 	(void) textdomain(TEXT_DOMAIN);
1292 
1293 	cmdname = basename(argv[0]);
1294 
1295 	if (strcmp(cmdname, "halt") == 0) {
1296 		(void) audit_halt_setup(argc, argv);
1297 		optstring = "dlnqy";
1298 		usage = gettext("usage: %s [ -dlnqy ]\n");
1299 		cmd = A_SHUTDOWN;
1300 		fcn = AD_HALT;
1301 	} else if (strcmp(cmdname, "poweroff") == 0) {
1302 		(void) audit_halt_setup(argc, argv);
1303 		optstring = "dlnqy";
1304 		usage = gettext("usage: %s [ -dlnqy ]\n");
1305 		cmd = A_SHUTDOWN;
1306 		fcn = AD_POWEROFF;
1307 	} else if (strcmp(cmdname, "reboot") == 0) {
1308 		(void) audit_reboot_setup();
1309 #if defined(__x86)
1310 		optstring = "dlnqpfe:";
1311 		usage = gettext("usage: %s [ -dlnq(p|fe:) ] [ boot args ]\n");
1312 #else
1313 		optstring = "dlnqfp";
1314 		usage = gettext("usage: %s [ -dlnq(p|f) ] [ boot args ]\n");
1315 #endif
1316 		cmd = A_SHUTDOWN;
1317 		fcn = AD_BOOT;
1318 	} else {
1319 		(void) fprintf(stderr,
1320 		    gettext("%s: not installed properly\n"), cmdname);
1321 		return (1);
1322 	}
1323 
1324 	while ((c = getopt(argc, argv, optstring)) != EOF) {
1325 		switch (c) {
1326 		case 'd':
1327 			if (zoneid == GLOBAL_ZONEID)
1328 				cmd = A_DUMP;
1329 			else {
1330 				(void) fprintf(stderr,
1331 				    gettext("%s: -d only valid from global"
1332 				    " zone\n"), cmdname);
1333 				return (1);
1334 			}
1335 			break;
1336 		case 'l':
1337 			needlog = 0;
1338 			break;
1339 		case 'n':
1340 			nosync = 1;
1341 			break;
1342 		case 'q':
1343 			qflag = 1;
1344 			break;
1345 		case 'y':
1346 			/*
1347 			 * Option ignored for backwards compatibility.
1348 			 */
1349 			break;
1350 		case 'f':
1351 			fast_reboot = 1;
1352 			break;
1353 		case 'p':
1354 			prom_reboot = 1;
1355 			break;
1356 #if defined(__x86)
1357 		case 'e':
1358 			bename = optarg;
1359 			break;
1360 #endif
1361 		default:
1362 			/*
1363 			 * TRANSLATION_NOTE
1364 			 * Don't translate the words "halt" or "reboot"
1365 			 */
1366 			(void) fprintf(stderr, usage, cmdname);
1367 			return (1);
1368 		}
1369 	}
1370 
1371 	argc -= optind;
1372 	argv += optind;
1373 
1374 	if (argc != 0) {
1375 		if (fcn != AD_BOOT) {
1376 			(void) fprintf(stderr, usage, cmdname);
1377 			return (1);
1378 		}
1379 
1380 		/* Gather the arguments into bootargs_buf. */
1381 		if (gather_args(argv, bootargs_buf, sizeof (bootargs_buf)) !=
1382 		    0) {
1383 			(void) fprintf(stderr,
1384 			    gettext("%s: Boot arguments too long.\n"), cmdname);
1385 			return (1);
1386 		}
1387 
1388 		bootargs_orig = strdup(bootargs_buf);
1389 		mdep = (uintptr_t)bootargs_buf;
1390 	} else {
1391 		/*
1392 		 * Initialize it to 0 in case of fastboot, the buffer
1393 		 * will be used.
1394 		 */
1395 		bzero(bootargs_buf, sizeof (bootargs_buf));
1396 	}
1397 
1398 	if (geteuid() != 0) {
1399 		(void) fprintf(stderr,
1400 		    gettext("%s: permission denied\n"), cmdname);
1401 		goto fail;
1402 	}
1403 
1404 	if (fast_reboot && prom_reboot) {
1405 		(void) fprintf(stderr,
1406 		    gettext("%s: -p and -f are mutually exclusive\n"),
1407 		    cmdname);
1408 		return (EINVAL);
1409 	}
1410 	/*
1411 	 * Check whether fast reboot is the default operating mode
1412 	 */
1413 	if (fcn == AD_BOOT && !fast_reboot && !prom_reboot &&
1414 	    zoneid == GLOBAL_ZONEID) {
1415 		fast_reboot = scf_is_fastboot_default();
1416 
1417 	}
1418 
1419 	if (bename && !fast_reboot)	{
1420 		(void) fprintf(stderr, gettext("%s: -e only valid with -f\n"),
1421 		    cmdname);
1422 		return (EINVAL);
1423 	}
1424 
1425 #if defined(__sparc)
1426 	if (fast_reboot) {
1427 		fast_reboot = 2;	/* need to distinguish each case */
1428 	}
1429 #endif
1430 
1431 	/*
1432 	 * If fast reboot, do some sanity check on the argument
1433 	 */
1434 	if (fast_reboot == 1) {
1435 		int rc;
1436 		int is_dryrun = 0;
1437 
1438 		if (zoneid != GLOBAL_ZONEID)	{
1439 			(void) fprintf(stderr,
1440 			    gettext("%s: Fast reboot only valid from global"
1441 			    " zone\n"), cmdname);
1442 			return (EINVAL);
1443 		}
1444 
1445 		rc = parse_fastboot_args(bootargs_buf, sizeof (bootargs_buf),
1446 		    &is_dryrun, bename);
1447 
1448 		/*
1449 		 * If dry run, or if arguments are invalid, return.
1450 		 */
1451 		if (is_dryrun)
1452 			return (rc);
1453 		else if (rc == EINVAL)
1454 			goto fail;
1455 		else if (rc != 0)
1456 			fast_reboot = 0;
1457 
1458 		/*
1459 		 * For all the other errors, we continue on in case user
1460 		 * user want to force fast reboot, or fall back to regular
1461 		 * reboot.
1462 		 */
1463 		if (strlen(bootargs_buf) != 0)
1464 			mdep = (uintptr_t)bootargs_buf;
1465 	}
1466 
1467 #if 0	/* For debugging */
1468 	if (mdep != NULL)
1469 		(void) fprintf(stderr, "mdep = %s\n", (char *)mdep);
1470 #endif
1471 
1472 	if (needlog) {
1473 		char *user = getlogin();
1474 		struct passwd *pw;
1475 		char *tty;
1476 
1477 		openlog(cmdname, 0, LOG_AUTH);
1478 		if (user == NULL && (pw = getpwuid(getuid())) != NULL)
1479 			user = pw->pw_name;
1480 		if (user == NULL)
1481 			user = "root";
1482 
1483 		tty = ttyname(1);
1484 
1485 		if (tty == NULL)
1486 			syslog(LOG_CRIT, "initiated by %s", user);
1487 		else
1488 			syslog(LOG_CRIT, "initiated by %s on %s", user, tty);
1489 	}
1490 
1491 	/*
1492 	 * We must assume success and log it before auditd is terminated.
1493 	 */
1494 	if (fcn == AD_BOOT)
1495 		aval = audit_reboot_success();
1496 	else
1497 		aval = audit_halt_success();
1498 
1499 	if (aval == -1) {
1500 		(void) fprintf(stderr,
1501 		    gettext("%s: can't turn off auditd\n"), cmdname);
1502 		if (needlog)
1503 			(void) sleep(5); /* Give syslogd time to record this */
1504 	}
1505 
1506 	(void) signal(SIGHUP, SIG_IGN);	/* for remote connections */
1507 
1508 	/*
1509 	 * We start to fork a bunch of zoneadms to halt any active zones.
1510 	 * This will proceed with halt in parallel until we call
1511 	 * check_zone_haltedness later on.
1512 	 */
1513 	if (zoneid == GLOBAL_ZONEID && cmd != A_DUMP) {
1514 		need_check_zones = halt_zones();
1515 	}
1516 
1517 #if defined(__x86)
1518 	/* set new default entry in the GRUB entry */
1519 	if (fbarg_entnum != BE_ENTRY_DEFAULT) {
1520 		char buf[32];
1521 		(void) snprintf(buf, sizeof (buf), "default=%u", fbarg_entnum);
1522 		(void) halt_exec(BOOTADM_PROG, "set-menu", buf, NULL);
1523 	}
1524 #endif	/* __x86 */
1525 
1526 	/* if we're dumping, do the archive update here and don't defer it */
1527 	if (cmd == A_DUMP && zoneid == GLOBAL_ZONEID && !nosync)
1528 		do_archives_update(fast_reboot);
1529 
1530 	/*
1531 	 * If we're not forcing a crash dump, mark the system as quiescing for
1532 	 * smf(5)'s benefit, and idle the init process.
1533 	 */
1534 	if (cmd != A_DUMP) {
1535 		if (direct_init(PCDSTOP) == -1) {
1536 			/*
1537 			 * TRANSLATION_NOTE
1538 			 * Don't translate the word "init"
1539 			 */
1540 			(void) fprintf(stderr,
1541 			    gettext("%s: can't idle init\n"), cmdname);
1542 			goto fail;
1543 		}
1544 
1545 		if (creat(resetting, 0755) == -1)
1546 			(void) fprintf(stderr,
1547 			    gettext("%s: could not create %s.\n"),
1548 			    cmdname, resetting);
1549 	}
1550 
1551 	/*
1552 	 * Make sure we don't get stopped by a jobcontrol shell
1553 	 * once we start killing everybody.
1554 	 */
1555 	(void) signal(SIGTSTP, SIG_IGN);
1556 	(void) signal(SIGTTIN, SIG_IGN);
1557 	(void) signal(SIGTTOU, SIG_IGN);
1558 	(void) signal(SIGPIPE, SIG_IGN);
1559 	(void) signal(SIGTERM, SIG_IGN);
1560 
1561 	/*
1562 	 * Try to stop gdm so X has a chance to return the screen and
1563 	 * keyboard to a sane state.
1564 	 */
1565 	if (fast_reboot == 1 && stop_gdm() != 0) {
1566 		(void) fprintf(stderr,
1567 		    gettext("%s: Falling back to regular reboot.\n"), cmdname);
1568 		fast_reboot = 0;
1569 		mdep = (uintptr_t)bootargs_orig;
1570 	} else if (bootargs_orig) {
1571 		free(bootargs_orig);
1572 	}
1573 
1574 	if (cmd != A_DUMP) {
1575 		/*
1576 		 * Stop all restarters so they do not try to restart services
1577 		 * that are terminated.
1578 		 */
1579 		stop_restarters();
1580 
1581 		/*
1582 		 * Wait a little while for zones to shutdown.
1583 		 */
1584 		if (need_check_zones) {
1585 			check_zones_haltedness();
1586 
1587 			(void) fprintf(stderr,
1588 			    gettext("%s: Completing system halt.\n"),
1589 			    cmdname);
1590 		}
1591 	}
1592 
1593 	/*
1594 	 * If we're not forcing a crash dump, give everyone 5 seconds to
1595 	 * handle a SIGTERM and clean up properly.
1596 	 */
1597 	if (cmd != A_DUMP) {
1598 		int	start, end, delta;
1599 
1600 		(void) kill(-1, SIGTERM);
1601 		start = time(NULL);
1602 
1603 		if (zoneid == GLOBAL_ZONEID && !nosync)
1604 			do_archives_update(fast_reboot);
1605 
1606 		end = time(NULL);
1607 		delta = end - start;
1608 		if (delta < 5)
1609 			(void) sleep(5 - delta);
1610 	}
1611 
1612 	(void) signal(SIGINT, SIG_IGN);
1613 
1614 	if (!qflag && !nosync) {
1615 		struct utmpx wtmpx;
1616 
1617 		bzero(&wtmpx, sizeof (struct utmpx));
1618 		(void) strcpy(wtmpx.ut_line, "~");
1619 		(void) time(&wtmpx.ut_tv.tv_sec);
1620 
1621 		if (cmd == A_DUMP)
1622 			(void) strcpy(wtmpx.ut_name, "crash dump");
1623 		else
1624 			(void) strcpy(wtmpx.ut_name, "shutdown");
1625 
1626 		(void) updwtmpx(WTMPX_FILE, &wtmpx);
1627 		sync();
1628 	}
1629 
1630 	if (cmd == A_DUMP && nosync != 0)
1631 		(void) uadmin(A_DUMP, AD_NOSYNC, NULL);
1632 
1633 	if (fast_reboot)
1634 		fcn = AD_FASTREBOOT;
1635 
1636 	if (uadmin(cmd, fcn, mdep) == -1)
1637 		(void) fprintf(stderr, "%s: uadmin failed: %s\n",
1638 		    cmdname, strerror(errno));
1639 	else
1640 		(void) fprintf(stderr, "%s: uadmin unexpectedly returned 0\n",
1641 		    cmdname);
1642 
1643 	do {
1644 		r = remove(resetting);
1645 	} while (r != 0 && errno == EINTR);
1646 
1647 	if (r != 0 && errno != ENOENT)
1648 		(void) fprintf(stderr, gettext("%s: could not remove %s.\n"),
1649 		    cmdname, resetting);
1650 
1651 	if (direct_init(PCRUN) == -1) {
1652 		/*
1653 		 * TRANSLATION_NOTE
1654 		 * Don't translate the word "init"
1655 		 */
1656 		(void) fprintf(stderr,
1657 		    gettext("%s: can't resume init\n"), cmdname);
1658 	}
1659 
1660 	continue_restarters();
1661 
1662 	if (get_initpid() != -1)
1663 		/* tell init to restate current level */
1664 		(void) kill(get_initpid(), SIGHUP);
1665 
1666 fail:
1667 	if (fcn == AD_BOOT)
1668 		(void) audit_reboot_fail();
1669 	else
1670 		(void) audit_halt_fail();
1671 
1672 	if (fast_reboot == 1) {
1673 		if (bename) {
1674 			(void) halt_exec(BEADM_PROG, "umount", bename, NULL);
1675 
1676 		} else if (strlen(fastboot_mounted) != 0) {
1677 			(void) umount(fastboot_mounted);
1678 #if defined(__x86)
1679 		} else {
1680 			free(fbarg_used);
1681 #endif	/* __x86 */
1682 		}
1683 	}
1684 
1685 	return (1);
1686 }
1687