xref: /illumos-gate/usr/src/cmd/halt/halt.c (revision 6e6545bfaed3bab9ce836ee82d1abd8f2edba89a)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 /*
26  * Copyright (c) 2013, Joyent, Inc. All rights reserved.
27  * Copyright (c) 2015 by Delphix. All rights reserved.
28  * Copyright 2016 Toomas Soome <tsoome@me.com>
29  * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
30  */
31 
32 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
33 /*	  All Rights Reserved	*/
34 
35 /*
36  * University Copyright- Copyright (c) 1982, 1986, 1988
37  * The Regents of the University of California
38  * All Rights Reserved
39  *
40  * University Acknowledgment- Portions of this document are derived from
41  * software developed by the University of California, Berkeley, and its
42  * contributors.
43  * Portions contributed by Juergen Keil, <jk@tools.de>.
44  */
45 
46 
47 /*
48  * Common code for halt(1M), poweroff(1M), and reboot(1M).  We use
49  * argv[0] to determine which behavior to exhibit.
50  */
51 
52 #include <stdio.h>
53 #include <procfs.h>
54 #include <sys/types.h>
55 #include <sys/elf.h>
56 #include <sys/systeminfo.h>
57 #include <sys/stat.h>
58 #include <sys/uadmin.h>
59 #include <sys/mntent.h>
60 #include <sys/mnttab.h>
61 #include <sys/mount.h>
62 #include <sys/fs/ufs_mount.h>
63 #include <alloca.h>
64 #include <assert.h>
65 #include <errno.h>
66 #include <fcntl.h>
67 #include <libgen.h>
68 #include <libscf.h>
69 #include <libscf_priv.h>
70 #include <limits.h>
71 #include <locale.h>
72 #include <libintl.h>
73 #include <syslog.h>
74 #include <signal.h>
75 #include <strings.h>
76 #include <unistd.h>
77 #include <stdlib.h>
78 #include <stdio.h>
79 #include <strings.h>
80 #include <time.h>
81 #include <wait.h>
82 #include <ctype.h>
83 #include <utmpx.h>
84 #include <pwd.h>
85 #include <zone.h>
86 #include <spawn.h>
87 
88 #include <libzfs.h>
89 #if defined(__x86)
90 #include <libbe.h>
91 #endif
92 
93 #if !defined(TEXT_DOMAIN)
94 #define	TEXT_DOMAIN	"SYS_TEST"
95 #endif
96 
97 #if defined(__sparc)
98 #define	CUR_ELFDATA	ELFDATA2MSB
99 #elif defined(__x86)
100 #define	CUR_ELFDATA	ELFDATA2LSB
101 #endif
102 
103 static libzfs_handle_t *g_zfs;
104 
105 extern int audit_halt_setup(int, char **);
106 extern int audit_halt_success(void);
107 extern int audit_halt_fail(void);
108 
109 extern int audit_reboot_setup(void);
110 extern int audit_reboot_success(void);
111 extern int audit_reboot_fail(void);
112 
113 static char *cmdname;	/* basename(argv[0]), the name of the command */
114 
115 typedef struct ctidlist_struct {
116 	ctid_t ctid;
117 	struct ctidlist_struct *next;
118 } ctidlist_t;
119 
120 static ctidlist_t *ctidlist = NULL;
121 static ctid_t startdct = -1;
122 
123 #define	FMRI_STARTD_CONTRACT \
124 	"svc:/system/svc/restarter:default/:properties/restarter/contract"
125 
126 #define	BEADM_PROG	"/usr/sbin/beadm"
127 #define	BOOTADM_PROG	"/sbin/bootadm"
128 #define	ZONEADM_PROG	"/usr/sbin/zoneadm"
129 
130 /*
131  * The length of FASTBOOT_MOUNTPOINT must be less than MAXPATHLEN.
132  */
133 #define	FASTBOOT_MOUNTPOINT	"/tmp/.fastboot.root"
134 
135 /*
136  * Fast Reboot related variables
137  */
138 static char	fastboot_mounted[MAXPATHLEN];
139 
140 #if defined(__x86)
141 static char *fbarg;
142 static char *fbarg_used;
143 static int fbarg_entnum = BE_ENTRY_DEFAULT;
144 #endif	/* __x86 */
145 
146 static int validate_ufs_disk(char *, char *);
147 static int validate_zfs_pool(char *, char *);
148 
149 static pid_t
150 get_initpid()
151 {
152 	static int init_pid = -1;
153 
154 	if (init_pid == -1) {
155 		if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid,
156 		    sizeof (init_pid)) != sizeof (init_pid)) {
157 			assert(errno == ESRCH);
158 			init_pid = -1;
159 		}
160 	}
161 	return (init_pid);
162 }
163 
164 /*
165  * Quiesce or resume init using /proc.  When stopping init, we can't send
166  * SIGTSTP (since init ignores it) or SIGSTOP (since the kernel won't permit
167  * it).
168  */
169 static int
170 direct_init(long command)
171 {
172 	char ctlfile[MAXPATHLEN];
173 	pid_t pid;
174 	int ctlfd;
175 
176 	assert(command == PCDSTOP || command == PCRUN);
177 	if ((pid = get_initpid()) == -1) {
178 		return (-1);
179 	}
180 
181 	(void) snprintf(ctlfile, sizeof (ctlfile), "/proc/%d/ctl", pid);
182 	if ((ctlfd = open(ctlfile, O_WRONLY)) == -1)
183 		return (-1);
184 
185 	if (command == PCDSTOP) {
186 		if (write(ctlfd, &command, sizeof (long)) == -1) {
187 			(void) close(ctlfd);
188 			return (-1);
189 		}
190 	} else {	/* command == PCRUN */
191 		long cmds[2];
192 		cmds[0] = command;
193 		cmds[1] = 0;
194 		if (write(ctlfd, cmds, sizeof (cmds)) == -1) {
195 			(void) close(ctlfd);
196 			return (-1);
197 		}
198 	}
199 	(void) close(ctlfd);
200 	return (0);
201 }
202 
203 static void
204 stop_startd()
205 {
206 	scf_handle_t *h;
207 	scf_property_t *prop = NULL;
208 	scf_value_t *val = NULL;
209 	uint64_t uint64;
210 
211 	if ((h = scf_handle_create(SCF_VERSION)) == NULL)
212 		return;
213 
214 	if ((scf_handle_bind(h) != 0) ||
215 	    ((prop = scf_property_create(h)) == NULL) ||
216 	    ((val = scf_value_create(h)) == NULL))
217 		goto out;
218 
219 	if (scf_handle_decode_fmri(h, FMRI_STARTD_CONTRACT,
220 	    NULL, NULL, NULL, NULL, prop, SCF_DECODE_FMRI_EXACT) != 0)
221 		goto out;
222 
223 	if (scf_property_is_type(prop, SCF_TYPE_COUNT) != 0 ||
224 	    scf_property_get_value(prop, val) != 0 ||
225 	    scf_value_get_count(val, &uint64) != 0)
226 		goto out;
227 
228 	startdct = (ctid_t)uint64;
229 	(void) sigsend(P_CTID, startdct, SIGSTOP);
230 
231 out:
232 	scf_property_destroy(prop);
233 	scf_value_destroy(val);
234 	scf_handle_destroy(h);
235 }
236 
237 static void
238 continue_startd()
239 {
240 	if (startdct != -1)
241 		(void) sigsend(P_CTID, startdct, SIGCONT);
242 }
243 
244 #define	FMRI_RESTARTER_PROP "/:properties/general/restarter"
245 #define	FMRI_CONTRACT_PROP "/:properties/restarter/contract"
246 
247 static int
248 save_ctid(ctid_t ctid)
249 {
250 	ctidlist_t *next;
251 
252 	for (next = ctidlist; next != NULL; next = next->next)
253 		if (next->ctid == ctid)
254 			return (-1);
255 
256 	next = (ctidlist_t *)malloc(sizeof (ctidlist_t));
257 	if (next == NULL)
258 		return (-1);
259 
260 	next->ctid = ctid;
261 	next->next = ctidlist;
262 	ctidlist = next;
263 	return (0);
264 }
265 
266 static void
267 stop_delegates()
268 {
269 	ctid_t ctid;
270 	scf_handle_t *h;
271 	scf_scope_t *sc = NULL;
272 	scf_service_t *svc = NULL;
273 	scf_instance_t *inst = NULL;
274 	scf_snapshot_t *snap = NULL;
275 	scf_snapshot_t *isnap = NULL;
276 	scf_propertygroup_t *pg = NULL;
277 	scf_property_t *prop = NULL;
278 	scf_value_t *val = NULL;
279 	scf_iter_t *siter = NULL;
280 	scf_iter_t *iiter = NULL;
281 	char *fmri;
282 	ssize_t length;
283 
284 	uint64_t uint64;
285 	ssize_t bytes;
286 
287 	length = scf_limit(SCF_LIMIT_MAX_FMRI_LENGTH);
288 	if (length <= 0)
289 		return;
290 
291 	length++;
292 	fmri = alloca(length * sizeof (char));
293 
294 	if ((h = scf_handle_create(SCF_VERSION)) == NULL)
295 		return;
296 
297 	if (scf_handle_bind(h) != 0) {
298 		scf_handle_destroy(h);
299 		return;
300 	}
301 
302 	if ((sc = scf_scope_create(h)) == NULL ||
303 	    (svc = scf_service_create(h)) == NULL ||
304 	    (inst = scf_instance_create(h)) == NULL ||
305 	    (snap = scf_snapshot_create(h)) == NULL ||
306 	    (pg = scf_pg_create(h)) == NULL ||
307 	    (prop = scf_property_create(h)) == NULL ||
308 	    (val = scf_value_create(h)) == NULL ||
309 	    (siter = scf_iter_create(h)) == NULL ||
310 	    (iiter = scf_iter_create(h)) == NULL)
311 		goto out;
312 
313 	if (scf_handle_get_scope(h, SCF_SCOPE_LOCAL, sc) != 0)
314 		goto out;
315 
316 	if (scf_iter_scope_services(siter, sc) != 0)
317 		goto out;
318 
319 	while (scf_iter_next_service(siter, svc) == 1) {
320 
321 		if (scf_iter_service_instances(iiter, svc) != 0)
322 			continue;
323 
324 		while (scf_iter_next_instance(iiter, inst) == 1) {
325 
326 			if ((scf_instance_get_snapshot(inst, "running",
327 			    snap)) != 0)
328 				isnap = NULL;
329 			else
330 				isnap = snap;
331 
332 			if (scf_instance_get_pg_composed(inst, isnap,
333 			    SCF_PG_GENERAL, pg) != 0)
334 				continue;
335 
336 			if (scf_pg_get_property(pg, SCF_PROPERTY_RESTARTER,
337 			    prop) != 0 ||
338 			    scf_property_get_value(prop, val) != 0)
339 				continue;
340 
341 			bytes = scf_value_get_astring(val, fmri, length);
342 			if (bytes <= 0 || bytes >= length)
343 				continue;
344 
345 			if (strlcat(fmri, FMRI_CONTRACT_PROP, length) >=
346 			    length)
347 				continue;
348 
349 			if (scf_handle_decode_fmri(h, fmri, NULL, NULL,
350 			    NULL, NULL, prop, SCF_DECODE_FMRI_EXACT) != 0)
351 				continue;
352 
353 			if (scf_property_is_type(prop, SCF_TYPE_COUNT) != 0 ||
354 			    scf_property_get_value(prop, val) != 0 ||
355 			    scf_value_get_count(val, &uint64) != 0)
356 				continue;
357 
358 			ctid = (ctid_t)uint64;
359 			if (save_ctid(ctid) == 0) {
360 				(void) sigsend(P_CTID, ctid, SIGSTOP);
361 			}
362 		}
363 	}
364 out:
365 	scf_scope_destroy(sc);
366 	scf_service_destroy(svc);
367 	scf_instance_destroy(inst);
368 	scf_snapshot_destroy(snap);
369 	scf_pg_destroy(pg);
370 	scf_property_destroy(prop);
371 	scf_value_destroy(val);
372 	scf_iter_destroy(siter);
373 	scf_iter_destroy(iiter);
374 
375 	(void) scf_handle_unbind(h);
376 	scf_handle_destroy(h);
377 }
378 
379 static void
380 continue_delegates()
381 {
382 	ctidlist_t *next;
383 	for (next = ctidlist; next != NULL; next = next->next)
384 		(void) sigsend(P_CTID, next->ctid, SIGCONT);
385 }
386 
387 #define	FMRI_GDM "svc:/application/graphical-login/gdm:default"
388 #define	GDM_STOP_TIMEOUT	10	/* Give gdm 10 seconds to shut down */
389 
390 /*
391  * If gdm is running, try to stop gdm.
392  * Returns  0 on success, -1 on failure.
393  */
394 static int
395 stop_gdm()
396 {
397 	char *gdm_state = NULL;
398 	int retry = 0;
399 
400 	/*
401 	 * If gdm is running, try to stop gdm.
402 	 */
403 	while ((gdm_state = smf_get_state(FMRI_GDM)) != NULL &&
404 	    strcmp(gdm_state, SCF_STATE_STRING_ONLINE) == 0 &&
405 	    retry++ < GDM_STOP_TIMEOUT) {
406 
407 		free(gdm_state);
408 
409 		/*
410 		 * Only need to disable once.
411 		 */
412 		if (retry == 1 &&
413 		    smf_disable_instance(FMRI_GDM, SMF_TEMPORARY) != 0) {
414 			(void) fprintf(stderr,
415 			    gettext("%s: Failed to stop %s: %s.\n"),
416 			    cmdname, FMRI_GDM, scf_strerror(scf_error()));
417 			return (-1);
418 		}
419 		(void) sleep(1);
420 	}
421 
422 	if (retry >= GDM_STOP_TIMEOUT) {
423 		(void) fprintf(stderr, gettext("%s: Failed to stop %s.\n"),
424 		    cmdname, FMRI_GDM);
425 		return (-1);
426 	}
427 
428 	return (0);
429 }
430 
431 
432 static void
433 stop_restarters()
434 {
435 	stop_startd();
436 	stop_delegates();
437 }
438 
439 static void
440 continue_restarters()
441 {
442 	continue_startd();
443 	continue_delegates();
444 }
445 
446 /*
447  * Copy an array of strings into buf, separated by spaces.  Returns 0 on
448  * success.
449  */
450 static int
451 gather_args(char **args, char *buf, size_t buf_sz)
452 {
453 	if (strlcpy(buf, *args, buf_sz) >= buf_sz)
454 		return (-1);
455 
456 	for (++args; *args != NULL; ++args) {
457 		if (strlcat(buf, " ", buf_sz) >= buf_sz)
458 			return (-1);
459 		if (strlcat(buf, *args, buf_sz) >= buf_sz)
460 			return (-1);
461 	}
462 
463 	return (0);
464 }
465 
466 /*
467  * Halt every zone on the system.  We are committed to doing a shutdown
468  * even if something goes wrong here. If something goes wrong, we just
469  * continue with the shutdown.  Return non-zero if we need to wait for zones to
470  * halt later on.
471  */
472 static int
473 halt_zones()
474 {
475 	pid_t pid;
476 	zoneid_t *zones;
477 	size_t nz = 0, old_nz;
478 	int i;
479 	char zname[ZONENAME_MAX];
480 
481 	/*
482 	 * Get a list of zones. If the number of zones changes in between the
483 	 * two zone_list calls, try again.
484 	 */
485 
486 	for (;;) {
487 		(void) zone_list(NULL, &nz);
488 		if (nz == 1)
489 			return (0);
490 		old_nz = nz;
491 		zones = calloc(sizeof (zoneid_t), nz);
492 		if (zones == NULL) {
493 			(void) fprintf(stderr,
494 			    gettext("%s: Could not halt zones"
495 			    " (out of memory).\n"), cmdname);
496 			return (0);
497 		}
498 
499 		(void) zone_list(zones, &nz);
500 		if (old_nz == nz)
501 			break;
502 		free(zones);
503 	}
504 
505 	if (nz == 2) {
506 		(void) fprintf(stderr, gettext("%s: Halting 1 zone.\n"),
507 		    cmdname);
508 	} else {
509 		(void) fprintf(stderr, gettext("%s: Halting %i zones.\n"),
510 		    cmdname, nz - 1);
511 	}
512 
513 	for (i = 0; i < nz; i++) {
514 		if (zones[i] == GLOBAL_ZONEID)
515 			continue;
516 		if (getzonenamebyid(zones[i], zname, sizeof (zname)) < 0) {
517 			/*
518 			 * getzonenamebyid should only fail if we raced with
519 			 * another process trying to shut down the zone.
520 			 * We assume this happened and ignore the error.
521 			 */
522 			if (errno != EINVAL) {
523 				(void) fprintf(stderr,
524 				    gettext("%s: Unexpected error while "
525 				    "looking up zone %ul: %s.\n"),
526 				    cmdname, zones[i], strerror(errno));
527 			}
528 
529 			continue;
530 		}
531 		pid = fork();
532 		if (pid < 0) {
533 			(void) fprintf(stderr,
534 			    gettext("%s: Zone \"%s\" could not be"
535 			    " halted (could not fork(): %s).\n"),
536 			    cmdname, zname, strerror(errno));
537 			continue;
538 		}
539 		if (pid == 0) {
540 			(void) execl(ZONEADM_PROG, ZONEADM_PROG,
541 			    "-z", zname, "halt", NULL);
542 			(void) fprintf(stderr,
543 			    gettext("%s: Zone \"%s\" could not be halted"
544 			    " (cannot exec(" ZONEADM_PROG "): %s).\n"),
545 			    cmdname, zname, strerror(errno));
546 			exit(0);
547 		}
548 	}
549 
550 	return (1);
551 }
552 
553 /*
554  * This function tries to wait for all non-global zones to go away.
555  * It will timeout if no progress is made for 5 seconds, or a total of
556  * 30 seconds elapses.
557  */
558 
559 static void
560 check_zones_haltedness()
561 {
562 	int t = 0, t_prog = 0;
563 	size_t nz = 0, last_nz;
564 
565 	do {
566 		last_nz = nz;
567 		(void) zone_list(NULL, &nz);
568 		if (nz == 1)
569 			return;
570 
571 		(void) sleep(1);
572 
573 		if (last_nz > nz)
574 			t_prog = 0;
575 
576 		t++;
577 		t_prog++;
578 
579 		if (t == 10) {
580 			if (nz == 2) {
581 				(void) fprintf(stderr,
582 				    gettext("%s: Still waiting for 1 zone to "
583 				    "halt. Will wait up to 20 seconds.\n"),
584 				    cmdname);
585 			} else {
586 				(void) fprintf(stderr,
587 				    gettext("%s: Still waiting for %i zones "
588 				    "to halt. Will wait up to 20 seconds.\n"),
589 				    cmdname, nz - 1);
590 			}
591 		}
592 
593 	} while ((t < 30) && (t_prog < 5));
594 }
595 
596 
597 /*
598  * Validate that this is a root disk or dataset
599  * Returns 0 if it is a root disk or dataset;
600  * returns 1 if it is a disk argument or dataset, but not valid or not root;
601  * returns -1 if it is not a valid argument or a disk argument.
602  */
603 static int
604 validate_disk(char *arg, char *mountpoint)
605 {
606 	static char root_dev_path[] = "/dev/dsk";
607 	char kernpath[MAXPATHLEN];
608 	struct stat64 statbuf;
609 	int rc = 0;
610 
611 	if (strlen(arg) > MAXPATHLEN) {
612 		(void) fprintf(stderr,
613 		    gettext("%s: Argument is too long\n"), cmdname);
614 		return (-1);
615 	}
616 
617 	bcopy(FASTBOOT_MOUNTPOINT, mountpoint, sizeof (FASTBOOT_MOUNTPOINT));
618 
619 	if (strstr(arg, mountpoint) == NULL) {
620 		/*
621 		 * Do a force umount just in case some other filesystem has
622 		 * been mounted there.
623 		 */
624 		(void) umount2(mountpoint, MS_FORCE);
625 	}
626 
627 	/* Create the directory if it doesn't already exist */
628 	if (lstat64(mountpoint, &statbuf) != 0) {
629 		if (mkdirp(mountpoint, 0755) != 0) {
630 			(void) fprintf(stderr,
631 			    gettext("Failed to create mountpoint %s\n"),
632 			    mountpoint);
633 			return (-1);
634 		}
635 	}
636 
637 	if (strncmp(arg, root_dev_path, strlen(root_dev_path)) == 0) {
638 		/* ufs root disk argument */
639 		rc = validate_ufs_disk(arg, mountpoint);
640 	} else {
641 		/* zfs root pool argument */
642 		rc = validate_zfs_pool(arg, mountpoint);
643 	}
644 
645 	if (rc != 0)
646 		return (rc);
647 
648 	(void) snprintf(kernpath, MAXPATHLEN, "%s/platform/i86pc/kernel/unix",
649 	    mountpoint);
650 
651 	if (stat64(kernpath, &statbuf) != 0) {
652 		(void) fprintf(stderr,
653 		    gettext("%s: %s is not a root disk or dataset\n"),
654 		    cmdname, arg);
655 		return (1);
656 	}
657 
658 	return (0);
659 }
660 
661 
662 static int
663 validate_ufs_disk(char *arg, char *mountpoint)
664 {
665 	struct ufs_args	ufs_args = { 0 };
666 	char mntopts[MNT_LINE_MAX] = MNTOPT_LARGEFILES;
667 
668 	/* perform the mount */
669 	ufs_args.flags = UFSMNT_LARGEFILES;
670 	if (mount(arg, mountpoint, MS_DATA|MS_OPTIONSTR,
671 	    MNTTYPE_UFS, &ufs_args, sizeof (ufs_args),
672 	    mntopts, sizeof (mntopts)) != 0) {
673 		perror(cmdname);
674 		(void) fprintf(stderr,
675 		    gettext("%s: Failed to mount %s\n"), cmdname, arg);
676 		return (-1);
677 	}
678 
679 	return (0);
680 }
681 
682 static int
683 validate_zfs_pool(char *arg, char *mountpoint)
684 {
685 	zfs_handle_t *zhp = NULL;
686 	char mntopts[MNT_LINE_MAX] = { '\0' };
687 	int rc = 0;
688 
689 	if ((g_zfs = libzfs_init()) == NULL) {
690 		(void) fprintf(stderr, gettext("Internal error: failed to "
691 		    "initialize ZFS library\n"));
692 		return (-1);
693 	}
694 
695 	/* Try to open the dataset */
696 	if ((zhp = zfs_open(g_zfs, arg,
697 	    ZFS_TYPE_FILESYSTEM | ZFS_TYPE_DATASET)) == NULL)
698 		return (-1);
699 
700 	/* perform the mount */
701 	if (mount(zfs_get_name(zhp), mountpoint, MS_DATA|MS_OPTIONSTR|MS_RDONLY,
702 	    MNTTYPE_ZFS, NULL, 0, mntopts, sizeof (mntopts)) != 0) {
703 		perror(cmdname);
704 		(void) fprintf(stderr,
705 		    gettext("%s: Failed to mount %s\n"), cmdname, arg);
706 		rc = -1;
707 	}
708 
709 validate_zfs_err_out:
710 	if (zhp != NULL)
711 		zfs_close(zhp);
712 
713 	libzfs_fini(g_zfs);
714 	return (rc);
715 }
716 
717 /*
718  * Return 0 if not zfs, or is zfs and have successfully constructed the
719  * boot argument; returns non-zero otherwise.
720  * At successful completion fpth contains pointer where mount point ends.
721  * NOTE: arg is supposed to be the resolved path
722  */
723 static int
724 get_zfs_bootfs_arg(const char *arg, const char ** fpth, int *is_zfs,
725     char *bootfs_arg)
726 {
727 	zfs_handle_t *zhp = NULL;
728 	zpool_handle_t *zpoolp = NULL;
729 	FILE *mtabp = NULL;
730 	struct mnttab mnt;
731 	char *poolname = NULL;
732 	char physpath[MAXPATHLEN];
733 	char mntsp[ZFS_MAX_DATASET_NAME_LEN];
734 	char bootfs[ZFS_MAX_DATASET_NAME_LEN];
735 	int rc = 0;
736 	size_t mntlen = 0;
737 	size_t msz;
738 	static char fmt[] = "-B zfs-bootfs=%s,bootpath=\"%s\"";
739 
740 	*fpth = arg;
741 	*is_zfs = 0;
742 
743 	bzero(physpath, sizeof (physpath));
744 	bzero(bootfs, sizeof (bootfs));
745 
746 	if ((mtabp = fopen(MNTTAB, "r")) == NULL) {
747 		return (-1);
748 	}
749 
750 	while (getmntent(mtabp, &mnt) == 0) {
751 		if (strstr(arg, mnt.mnt_mountp) == arg &&
752 		    (msz = strlen(mnt.mnt_mountp)) > mntlen) {
753 			mntlen = msz;
754 			*is_zfs = strcmp(MNTTYPE_ZFS, mnt.mnt_fstype) == 0;
755 			(void) strlcpy(mntsp, mnt.mnt_special, sizeof (mntsp));
756 		}
757 	}
758 
759 	(void) fclose(mtabp);
760 
761 	if (mntlen > 1)
762 		*fpth += mntlen;
763 
764 	if (!*is_zfs)
765 		return (0);
766 
767 	if ((g_zfs = libzfs_init()) == NULL)
768 		return (-1);
769 
770 	/* Try to open the dataset */
771 	if ((zhp = zfs_open(g_zfs, mntsp,
772 	    ZFS_TYPE_FILESYSTEM | ZFS_TYPE_DATASET)) == NULL) {
773 		(void) fprintf(stderr, gettext("Cannot open %s\n"), mntsp);
774 		rc = -1;
775 		goto validate_zfs_err_out;
776 	}
777 
778 	(void) strlcpy(bootfs, mntsp, sizeof (bootfs));
779 
780 	if ((poolname = strtok(mntsp, "/")) == NULL) {
781 		rc = -1;
782 		goto validate_zfs_err_out;
783 	}
784 
785 	if ((zpoolp = zpool_open(g_zfs, poolname)) == NULL) {
786 		(void) fprintf(stderr, gettext("Cannot open %s\n"), poolname);
787 		rc = -1;
788 		goto validate_zfs_err_out;
789 	}
790 
791 	if (zpool_get_physpath(zpoolp, physpath, sizeof (physpath)) != 0) {
792 		(void) fprintf(stderr, gettext("Cannot find phys_path\n"));
793 		rc = -1;
794 		goto validate_zfs_err_out;
795 	}
796 
797 	/*
798 	 * For the mirror physpath would contain the list of all
799 	 * bootable devices, pick up the first one.
800 	 */
801 	(void) strtok(physpath, " ");
802 	if (snprintf(bootfs_arg, BOOTARGS_MAX, fmt, bootfs, physpath) >=
803 	    BOOTARGS_MAX) {
804 		rc = E2BIG;
805 		(void) fprintf(stderr,
806 		    gettext("Boot arguments are too long\n"));
807 	}
808 
809 validate_zfs_err_out:
810 	if (zhp != NULL)
811 		zfs_close(zhp);
812 
813 	if (zpoolp != NULL)
814 		zpool_close(zpoolp);
815 
816 	libzfs_fini(g_zfs);
817 	return (rc);
818 }
819 
820 /*
821  * Validate that the file exists, and is an ELF file.
822  * Returns 0 on success, -1 on failure.
823  */
824 static int
825 validate_unix(char *arg, int *mplen, int *is_zfs, char *bootfs_arg)
826 {
827 	const char *location;
828 	int class, format;
829 	unsigned char ident[EI_NIDENT];
830 	char physpath[MAXPATHLEN];
831 	int elffd = -1;
832 	size_t	sz;
833 
834 	if ((sz = resolvepath(arg, physpath, sizeof (physpath) - 1)) ==
835 	    (size_t)-1) {
836 		(void) fprintf(stderr,
837 		    gettext("Cannot resolve path for %s: %s\n"),
838 		    arg, strerror(errno));
839 		return (-1);
840 	}
841 	(void) strlcpy(arg, physpath, sz + 1);
842 
843 	if (strlen(arg) > MAXPATHLEN) {
844 		(void) fprintf(stderr,
845 		    gettext("%s: New kernel name is too long\n"), cmdname);
846 		return (-1);
847 	}
848 
849 	if (strncmp(basename(arg), "unix", 4) != 0) {
850 		(void) fprintf(stderr,
851 		    gettext("%s: %s: Kernel name must be unix\n"),
852 		    cmdname, arg);
853 		return (-1);
854 	}
855 
856 	if (get_zfs_bootfs_arg(arg, &location, is_zfs, bootfs_arg) != 0)
857 		goto err_out;
858 
859 	*mplen = location - arg;
860 
861 	if (strstr(location, "/boot/platform") == location) {
862 		/*
863 		 * Rebooting to failsafe.
864 		 * Clear bootfs_arg and is_zfs flag.
865 		 */
866 		bootfs_arg[0] = 0;
867 		*is_zfs = 0;
868 	} else if (strstr(location, "/platform") != location) {
869 		(void) fprintf(stderr,
870 		    gettext("%s: %s: No /platform in file name\n"),
871 		    cmdname, arg);
872 		goto err_out;
873 	}
874 
875 	if ((elffd = open64(arg, O_RDONLY)) < 0 ||
876 	    (pread64(elffd, ident, EI_NIDENT, 0) != EI_NIDENT)) {
877 		(void) fprintf(stderr, "%s: %s: %s\n",
878 		    cmdname, arg, strerror(errno));
879 		goto err_out;
880 	}
881 
882 	class = ident[EI_CLASS];
883 
884 	if ((class != ELFCLASS32 && class != ELFCLASS64) ||
885 	    memcmp(&ident[EI_MAG0], ELFMAG, 4) != 0) {
886 		(void) fprintf(stderr,
887 		    gettext("%s: %s: Not a valid ELF file\n"), cmdname, arg);
888 		goto err_out;
889 	}
890 
891 	format = ident[EI_DATA];
892 
893 	if (format != CUR_ELFDATA) {
894 		(void) fprintf(stderr, gettext("%s: %s: Invalid data format\n"),
895 		    cmdname, arg);
896 		goto err_out;
897 	}
898 
899 	return (0);
900 
901 err_out:
902 	if (elffd >= 0) {
903 		(void) close(elffd);
904 		elffd = -1;
905 	}
906 	return (-1);
907 }
908 
909 static int
910 halt_exec(const char *path, ...)
911 {
912 	pid_t		pid;
913 	int		i;
914 	int		st;
915 	const char	*arg;
916 	va_list	vp;
917 	const char	*argv[256];
918 
919 	if ((pid = fork()) == -1) {
920 		return (errno);
921 	} else if (pid == 0) {
922 		(void) fclose(stdout);
923 		(void) fclose(stderr);
924 
925 		argv[0] = path;
926 		i = 1;
927 
928 		va_start(vp, path);
929 
930 		do {
931 			arg = va_arg(vp, const char *);
932 			argv[i] = arg;
933 		} while (arg != NULL &&
934 		    ++i != sizeof (argv) / sizeof (argv[0]));
935 
936 		va_end(vp);
937 
938 		(void) execve(path, (char * const *)argv, NULL);
939 		(void) fprintf(stderr, gettext("Cannot execute %s: %s\n"),
940 		    path, strerror(errno));
941 		exit(-1);
942 	} else {
943 		if (waitpid(pid, &st, 0) == pid &&
944 		    !WIFSIGNALED(st) && WIFEXITED(st))
945 			st = WEXITSTATUS(st);
946 		else
947 			st = -1;
948 	}
949 	return (st);
950 }
951 
952 /*
953  * Mount the specified BE.
954  *
955  * Upon success returns zero and copies bename string to mountpoint[]
956  */
957 static int
958 fastboot_bename(const char *bename, char *mountpoint, size_t mpsz)
959 {
960 	int rc;
961 
962 	/*
963 	 * Attempt to unmount the BE first in case it's already mounted
964 	 * elsewhere.
965 	 */
966 	(void) halt_exec(BEADM_PROG, "umount", bename, NULL);
967 
968 	if ((rc = halt_exec(BEADM_PROG, "mount", bename, FASTBOOT_MOUNTPOINT,
969 	    NULL)) != 0)
970 		(void) fprintf(stderr,
971 		    gettext("%s: Unable to mount BE \"%s\" at %s\n"),
972 		    cmdname, bename, FASTBOOT_MOUNTPOINT);
973 	else
974 		(void) strlcpy(mountpoint, FASTBOOT_MOUNTPOINT, mpsz);
975 
976 	return (rc);
977 }
978 
979 /*
980  * Returns 0 on successful parsing of the arguments;
981  * returns EINVAL on parsing failures that should abort the reboot attempt;
982  * returns other error code to fall back to regular reboot.
983  */
984 static int
985 parse_fastboot_args(char *bootargs_buf, size_t buf_size,
986     int *is_dryrun, const char *bename)
987 {
988 	char mountpoint[MAXPATHLEN];
989 	char bootargs_saved[BOOTARGS_MAX];
990 	char bootargs_scratch[BOOTARGS_MAX];
991 	char bootfs_arg[BOOTARGS_MAX];
992 	char unixfile[BOOTARGS_MAX];
993 	char *head, *newarg;
994 	int buflen;		/* length of the bootargs_buf */
995 	int mplen;		/* length of the mount point */
996 	int rootlen = 0;	/* length of the root argument */
997 	int unixlen = 0;	/* length of the unix argument */
998 	int off = 0;		/* offset into the new boot argument */
999 	int is_zfs = 0;
1000 	int rc = 0;
1001 
1002 	bzero(mountpoint, sizeof (mountpoint));
1003 
1004 	/*
1005 	 * If argc is not 0, buflen is length of the argument being passed in;
1006 	 * else it is 0 as bootargs_buf has been initialized to all 0's.
1007 	 */
1008 	buflen = strlen(bootargs_buf);
1009 
1010 	/* Save a copy of the original argument */
1011 	bcopy(bootargs_buf, bootargs_saved, buflen);
1012 	bzero(&bootargs_saved[buflen], sizeof (bootargs_saved) - buflen);
1013 
1014 	/* Save another copy to be used by strtok */
1015 	bcopy(bootargs_buf, bootargs_scratch, buflen);
1016 	bzero(&bootargs_scratch[buflen], sizeof (bootargs_scratch) - buflen);
1017 	head = &bootargs_scratch[0];
1018 
1019 	/* Get the first argument */
1020 	newarg = strtok(bootargs_scratch, " ");
1021 
1022 	/*
1023 	 * If this is a dry run request, verify that the drivers can handle
1024 	 * fast reboot.
1025 	 */
1026 	if (newarg && strncasecmp(newarg, "dryrun", strlen("dryrun")) == 0) {
1027 		*is_dryrun = 1;
1028 		(void) system("/usr/sbin/devfsadm");
1029 	}
1030 
1031 	/*
1032 	 * Always perform a dry run to identify all the drivers that
1033 	 * need to implement devo_reset().
1034 	 */
1035 	if (uadmin(A_SHUTDOWN, AD_FASTREBOOT_DRYRUN,
1036 	    (uintptr_t)bootargs_saved) != 0) {
1037 		(void) fprintf(stderr, gettext("%s: Not all drivers "
1038 		    "have implemented quiesce(9E)\n"
1039 		    "\tPlease see /var/adm/messages for drivers that haven't\n"
1040 		    "\timplemented quiesce(9E).\n"), cmdname);
1041 	} else if (*is_dryrun) {
1042 		(void) fprintf(stderr, gettext("%s: All drivers have "
1043 		    "implemented quiesce(9E)\n"), cmdname);
1044 	}
1045 
1046 	/* Return if it is a true dry run. */
1047 	if (*is_dryrun)
1048 		return (rc);
1049 
1050 #if defined(__x86)
1051 	/* Read boot args from Boot Environment */
1052 	if ((bootargs_buf[0] == 0 || isdigit(bootargs_buf[0])) &&
1053 	    bename == NULL) {
1054 		/*
1055 		 * If no boot arguments are given, or a BE entry
1056 		 * number is provided, process the boot arguments from BE.
1057 		 */
1058 		int entnum;
1059 		if (bootargs_buf[0] == 0)
1060 			entnum = BE_ENTRY_DEFAULT;
1061 		else {
1062 			errno = 0;
1063 			entnum = strtoul(bootargs_buf, NULL, 10);
1064 			rc = errno;
1065 		}
1066 
1067 		if (rc == 0 && (rc = be_get_boot_args(&fbarg, entnum)) == 0) {
1068 			if (strlcpy(bootargs_buf, fbarg,
1069 			    buf_size) >= buf_size) {
1070 				free(fbarg);
1071 				bcopy(bootargs_saved, bootargs_buf, buf_size);
1072 				rc = E2BIG;
1073 			}
1074 		}
1075 		/* Failed to read FB args, fall back to normal reboot */
1076 		if (rc != 0) {
1077 			(void) fprintf(stderr,
1078 			    gettext("%s: Failed to process boot "
1079 			    "arguments from Boot Environment.\n"), cmdname);
1080 			(void) fprintf(stderr,
1081 			    gettext("%s: Falling back to regular reboot.\n"),
1082 			    cmdname);
1083 			return (-1);
1084 		}
1085 		/* No need to process further */
1086 		fbarg_used = fbarg;
1087 		fbarg_entnum = entnum;
1088 		return (0);
1089 	}
1090 #endif	/* __x86 */
1091 
1092 	/* Zero out the boot argument buffer as we will reconstruct it */
1093 	bzero(bootargs_buf, buf_size);
1094 	bzero(bootfs_arg, sizeof (bootfs_arg));
1095 	bzero(unixfile, sizeof (unixfile));
1096 
1097 	if (bename && (rc = fastboot_bename(bename, mountpoint,
1098 	    sizeof (mountpoint))) != 0)
1099 		return (EINVAL);
1100 
1101 
1102 	/*
1103 	 * If BE is not specified, look for disk argument to construct
1104 	 * mountpoint; if BE has been specified, mountpoint has already been
1105 	 * constructed.
1106 	 */
1107 	if (newarg && newarg[0] != '-' && !bename) {
1108 		int tmprc;
1109 
1110 		if ((tmprc = validate_disk(newarg, mountpoint)) == 0) {
1111 			/*
1112 			 * The first argument is a valid root argument.
1113 			 * Get the next argument.
1114 			 */
1115 			newarg = strtok(NULL, " ");
1116 			rootlen = (newarg) ? (newarg - head) : buflen;
1117 			(void) strlcpy(fastboot_mounted, mountpoint,
1118 			    sizeof (fastboot_mounted));
1119 
1120 		} else if (tmprc == -1) {
1121 			/*
1122 			 * Not a disk argument.  Use / as default root.
1123 			 */
1124 			bcopy("/", mountpoint, 1);
1125 			bzero(&mountpoint[1], sizeof (mountpoint) - 1);
1126 		} else {
1127 			/*
1128 			 * Disk argument, but not valid or not root.
1129 			 * Return failure.
1130 			 */
1131 			return (EINVAL);
1132 		}
1133 	}
1134 
1135 	/*
1136 	 * Make mountpoint the first part of unixfile.
1137 	 * If there is not disk argument, and BE has not been specified,
1138 	 * mountpoint could be empty.
1139 	 */
1140 	mplen = strlen(mountpoint);
1141 	bcopy(mountpoint, unixfile, mplen);
1142 
1143 	/*
1144 	 * Look for unix argument
1145 	 */
1146 	if (newarg && newarg[0] != '-') {
1147 		bcopy(newarg, &unixfile[mplen], strlen(newarg));
1148 		newarg = strtok(NULL, " ");
1149 		rootlen = (newarg) ? (newarg - head) : buflen;
1150 	} else if (mplen != 0) {
1151 		/*
1152 		 * No unix argument, but mountpoint is not empty, use
1153 		 * /platform/i86pc/$ISADIR/kernel/unix as default.
1154 		 */
1155 		char isa[20];
1156 
1157 		if (sysinfo(SI_ARCHITECTURE_64, isa, sizeof (isa)) != -1)
1158 			(void) snprintf(&unixfile[mplen],
1159 			    sizeof (unixfile) - mplen,
1160 			    "/platform/i86pc/kernel/%s/unix", isa);
1161 		else if (sysinfo(SI_ARCHITECTURE_32, isa, sizeof (isa)) != -1) {
1162 			(void) snprintf(&unixfile[mplen],
1163 			    sizeof (unixfile) - mplen,
1164 			    "/platform/i86pc/kernel/unix");
1165 		} else {
1166 			(void) fprintf(stderr,
1167 			    gettext("%s: Unknown architecture"), cmdname);
1168 			return (EINVAL);
1169 		}
1170 	}
1171 
1172 	/*
1173 	 * We now have the complete unix argument.  Verify that it exists and
1174 	 * is an ELF file.  Split the argument up into mountpoint and unix
1175 	 * portions again.  This is necessary to handle cases where mountpoint
1176 	 * is specified on the command line as part of the unix argument,
1177 	 * such as this:
1178 	 *	# reboot -f /.alt/platform/i86pc/kernel/amd64/unix
1179 	 */
1180 	unixlen = strlen(unixfile);
1181 	if (unixlen > 0) {
1182 		if (validate_unix(unixfile, &mplen, &is_zfs,
1183 		    bootfs_arg) != 0) {
1184 			/* Not a valid unix file */
1185 			return (EINVAL);
1186 		} else {
1187 			int space = 0;
1188 			/*
1189 			 * Construct boot argument.
1190 			 */
1191 			unixlen = strlen(unixfile);
1192 
1193 			/*
1194 			 * mdep cannot start with space because bootadm
1195 			 * creates bogus menu entries if it does.
1196 			 */
1197 			if (mplen > 0) {
1198 				bcopy(unixfile, bootargs_buf, mplen);
1199 				(void) strcat(bootargs_buf, " ");
1200 				space = 1;
1201 			}
1202 			bcopy(&unixfile[mplen], &bootargs_buf[mplen + space],
1203 			    unixlen - mplen);
1204 			(void) strcat(bootargs_buf, " ");
1205 			off += unixlen + space + 1;
1206 		}
1207 	} else {
1208 		/* Check to see if root is zfs */
1209 		const char	*dp;
1210 		(void) get_zfs_bootfs_arg("/", &dp, &is_zfs, bootfs_arg);
1211 	}
1212 
1213 	if (is_zfs && (buflen != 0 || bename != NULL))	{
1214 		/* do not copy existing zfs boot args */
1215 		if (strstr(&bootargs_saved[rootlen], "-B") == NULL ||
1216 		    strstr(&bootargs_saved[rootlen], "zfs-bootfs=") == NULL ||
1217 		    (strstr(&bootargs_saved[rootlen], "bootpath=") == NULL &&
1218 		    strstr(&bootargs_saved[rootlen], "diskdevid=") == NULL))
1219 			/* LINTED E_SEC_SPRINTF_UNBOUNDED_COPY */
1220 			off += sprintf(bootargs_buf + off, "%s ", bootfs_arg);
1221 	}
1222 
1223 	/*
1224 	 * Copy the rest of the arguments
1225 	 */
1226 	bcopy(&bootargs_saved[rootlen], &bootargs_buf[off], buflen - rootlen);
1227 
1228 	return (rc);
1229 }
1230 
1231 #define	MAXARGS		5
1232 
1233 static void
1234 do_archives_update(int do_fast_reboot)
1235 {
1236 	int	r, i = 0;
1237 	pid_t	pid;
1238 	char	*cmd_argv[MAXARGS];
1239 
1240 
1241 	cmd_argv[i++] = "/sbin/bootadm";
1242 	cmd_argv[i++] = "-ea";
1243 	cmd_argv[i++] = "update_all";
1244 	if (do_fast_reboot)
1245 		cmd_argv[i++] = "fastboot";
1246 	cmd_argv[i] = NULL;
1247 
1248 	r = posix_spawn(&pid, cmd_argv[0], NULL, NULL, cmd_argv, NULL);
1249 
1250 	/* if posix_spawn fails we emit a warning and continue */
1251 
1252 	if (r != 0)
1253 		(void) fprintf(stderr, gettext("%s: WARNING, unable to start "
1254 		    "boot archive update\n"), cmdname);
1255 	else
1256 		while (waitpid(pid, NULL, 0) == -1 && errno == EINTR)
1257 			;
1258 }
1259 
1260 int
1261 main(int argc, char *argv[])
1262 {
1263 	int qflag = 0, needlog = 1, nosync = 0;
1264 	int fast_reboot = 0;
1265 	int prom_reboot = 0;
1266 	uintptr_t mdep = NULL;
1267 	int cmd, fcn, c, aval, r;
1268 	const char *usage;
1269 	const char *optstring;
1270 	zoneid_t zoneid = getzoneid();
1271 	int need_check_zones = 0;
1272 	char bootargs_buf[BOOTARGS_MAX];
1273 	char *bootargs_orig = NULL;
1274 	char *bename = NULL;
1275 
1276 	const char * const resetting = "/etc/svc/volatile/resetting";
1277 
1278 	(void) setlocale(LC_ALL, "");
1279 	(void) textdomain(TEXT_DOMAIN);
1280 
1281 	cmdname = basename(argv[0]);
1282 
1283 	if (strcmp(cmdname, "halt") == 0) {
1284 		(void) audit_halt_setup(argc, argv);
1285 		optstring = "dlnqy";
1286 		usage = gettext("usage: %s [ -dlnqy ]\n");
1287 		cmd = A_SHUTDOWN;
1288 		fcn = AD_HALT;
1289 	} else if (strcmp(cmdname, "poweroff") == 0) {
1290 		(void) audit_halt_setup(argc, argv);
1291 		optstring = "dlnqy";
1292 		usage = gettext("usage: %s [ -dlnqy ]\n");
1293 		cmd = A_SHUTDOWN;
1294 		fcn = AD_POWEROFF;
1295 	} else if (strcmp(cmdname, "reboot") == 0) {
1296 		(void) audit_reboot_setup();
1297 #if defined(__x86)
1298 		optstring = "dlnqpfe:";
1299 		usage = gettext("usage: %s [ -dlnq(p|fe:) ] [ boot args ]\n");
1300 #else
1301 		optstring = "dlnqfp";
1302 		usage = gettext("usage: %s [ -dlnq(p|f) ] [ boot args ]\n");
1303 #endif
1304 		cmd = A_SHUTDOWN;
1305 		fcn = AD_BOOT;
1306 	} else {
1307 		(void) fprintf(stderr,
1308 		    gettext("%s: not installed properly\n"), cmdname);
1309 		return (1);
1310 	}
1311 
1312 	while ((c = getopt(argc, argv, optstring)) != EOF) {
1313 		switch (c) {
1314 		case 'd':
1315 			if (zoneid == GLOBAL_ZONEID)
1316 				cmd = A_DUMP;
1317 			else {
1318 				(void) fprintf(stderr,
1319 				    gettext("%s: -d only valid from global"
1320 				    " zone\n"), cmdname);
1321 				return (1);
1322 			}
1323 			break;
1324 		case 'l':
1325 			needlog = 0;
1326 			break;
1327 		case 'n':
1328 			nosync = 1;
1329 			break;
1330 		case 'q':
1331 			qflag = 1;
1332 			break;
1333 		case 'y':
1334 			/*
1335 			 * Option ignored for backwards compatibility.
1336 			 */
1337 			break;
1338 		case 'f':
1339 			fast_reboot = 1;
1340 			break;
1341 		case 'p':
1342 			prom_reboot = 1;
1343 			break;
1344 #if defined(__x86)
1345 		case 'e':
1346 			bename = optarg;
1347 			break;
1348 #endif
1349 		default:
1350 			/*
1351 			 * TRANSLATION_NOTE
1352 			 * Don't translate the words "halt" or "reboot"
1353 			 */
1354 			(void) fprintf(stderr, usage, cmdname);
1355 			return (1);
1356 		}
1357 	}
1358 
1359 	argc -= optind;
1360 	argv += optind;
1361 
1362 	if (argc != 0) {
1363 		if (fcn != AD_BOOT) {
1364 			(void) fprintf(stderr, usage, cmdname);
1365 			return (1);
1366 		}
1367 
1368 		/* Gather the arguments into bootargs_buf. */
1369 		if (gather_args(argv, bootargs_buf, sizeof (bootargs_buf)) !=
1370 		    0) {
1371 			(void) fprintf(stderr,
1372 			    gettext("%s: Boot arguments too long.\n"), cmdname);
1373 			return (1);
1374 		}
1375 
1376 		bootargs_orig = strdup(bootargs_buf);
1377 		mdep = (uintptr_t)bootargs_buf;
1378 	} else {
1379 		/*
1380 		 * Initialize it to 0 in case of fastboot, the buffer
1381 		 * will be used.
1382 		 */
1383 		bzero(bootargs_buf, sizeof (bootargs_buf));
1384 	}
1385 
1386 	if (geteuid() != 0) {
1387 		(void) fprintf(stderr,
1388 		    gettext("%s: permission denied\n"), cmdname);
1389 		goto fail;
1390 	}
1391 
1392 	if (fast_reboot && prom_reboot) {
1393 		(void) fprintf(stderr,
1394 		    gettext("%s: -p and -f are mutually exclusive\n"),
1395 		    cmdname);
1396 		return (EINVAL);
1397 	}
1398 	/*
1399 	 * Check whether fast reboot is the default operating mode
1400 	 */
1401 	if (fcn == AD_BOOT && !fast_reboot && !prom_reboot &&
1402 	    zoneid == GLOBAL_ZONEID) {
1403 		fast_reboot = scf_is_fastboot_default();
1404 
1405 	}
1406 
1407 	if (bename && !fast_reboot)	{
1408 		(void) fprintf(stderr, gettext("%s: -e only valid with -f\n"),
1409 		    cmdname);
1410 		return (EINVAL);
1411 	}
1412 
1413 #if defined(__sparc)
1414 	if (fast_reboot) {
1415 		fast_reboot = 2;	/* need to distinguish each case */
1416 	}
1417 #endif
1418 
1419 	/*
1420 	 * If fast reboot, do some sanity check on the argument
1421 	 */
1422 	if (fast_reboot == 1) {
1423 		int rc;
1424 		int is_dryrun = 0;
1425 
1426 		if (zoneid != GLOBAL_ZONEID)	{
1427 			(void) fprintf(stderr,
1428 			    gettext("%s: Fast reboot only valid from global"
1429 			    " zone\n"), cmdname);
1430 			return (EINVAL);
1431 		}
1432 
1433 		rc = parse_fastboot_args(bootargs_buf, sizeof (bootargs_buf),
1434 		    &is_dryrun, bename);
1435 
1436 		/*
1437 		 * If dry run, or if arguments are invalid, return.
1438 		 */
1439 		if (is_dryrun)
1440 			return (rc);
1441 		else if (rc == EINVAL)
1442 			goto fail;
1443 		else if (rc != 0)
1444 			fast_reboot = 0;
1445 
1446 		/*
1447 		 * For all the other errors, we continue on in case user
1448 		 * user want to force fast reboot, or fall back to regular
1449 		 * reboot.
1450 		 */
1451 		if (strlen(bootargs_buf) != 0)
1452 			mdep = (uintptr_t)bootargs_buf;
1453 	}
1454 
1455 #if 0	/* For debugging */
1456 	if (mdep != NULL)
1457 		(void) fprintf(stderr, "mdep = %s\n", (char *)mdep);
1458 #endif
1459 
1460 	if (needlog) {
1461 		char *user = getlogin();
1462 		struct passwd *pw;
1463 		char *tty;
1464 
1465 		openlog(cmdname, 0, LOG_AUTH);
1466 		if (user == NULL && (pw = getpwuid(getuid())) != NULL)
1467 			user = pw->pw_name;
1468 		if (user == NULL)
1469 			user = "root";
1470 
1471 		tty = ttyname(1);
1472 
1473 		if (tty == NULL)
1474 			syslog(LOG_CRIT, "initiated by %s", user);
1475 		else
1476 			syslog(LOG_CRIT, "initiated by %s on %s", user, tty);
1477 	}
1478 
1479 	/*
1480 	 * We must assume success and log it before auditd is terminated.
1481 	 */
1482 	if (fcn == AD_BOOT)
1483 		aval = audit_reboot_success();
1484 	else
1485 		aval = audit_halt_success();
1486 
1487 	if (aval == -1) {
1488 		(void) fprintf(stderr,
1489 		    gettext("%s: can't turn off auditd\n"), cmdname);
1490 		if (needlog)
1491 			(void) sleep(5); /* Give syslogd time to record this */
1492 	}
1493 
1494 	(void) signal(SIGHUP, SIG_IGN);	/* for remote connections */
1495 
1496 	/*
1497 	 * We start to fork a bunch of zoneadms to halt any active zones.
1498 	 * This will proceed with halt in parallel until we call
1499 	 * check_zone_haltedness later on.
1500 	 */
1501 	if (zoneid == GLOBAL_ZONEID && cmd != A_DUMP) {
1502 		need_check_zones = halt_zones();
1503 	}
1504 
1505 #if defined(__x86)
1506 	/* set new default entry in the GRUB entry */
1507 	if (fbarg_entnum != BE_ENTRY_DEFAULT) {
1508 		char buf[32];
1509 		(void) snprintf(buf, sizeof (buf), "default=%u", fbarg_entnum);
1510 		(void) halt_exec(BOOTADM_PROG, "set-menu", buf, NULL);
1511 	}
1512 #endif	/* __x86 */
1513 
1514 	/* if we're dumping, do the archive update here and don't defer it */
1515 	if (cmd == A_DUMP && zoneid == GLOBAL_ZONEID && !nosync)
1516 		do_archives_update(fast_reboot);
1517 
1518 	/*
1519 	 * If we're not forcing a crash dump, mark the system as quiescing for
1520 	 * smf(5)'s benefit, and idle the init process.
1521 	 */
1522 	if (cmd != A_DUMP) {
1523 		if (direct_init(PCDSTOP) == -1) {
1524 			/*
1525 			 * TRANSLATION_NOTE
1526 			 * Don't translate the word "init"
1527 			 */
1528 			(void) fprintf(stderr,
1529 			    gettext("%s: can't idle init\n"), cmdname);
1530 			goto fail;
1531 		}
1532 
1533 		if (creat(resetting, 0755) == -1)
1534 			(void) fprintf(stderr,
1535 			    gettext("%s: could not create %s.\n"),
1536 			    cmdname, resetting);
1537 	}
1538 
1539 	/*
1540 	 * Make sure we don't get stopped by a jobcontrol shell
1541 	 * once we start killing everybody.
1542 	 */
1543 	(void) signal(SIGTSTP, SIG_IGN);
1544 	(void) signal(SIGTTIN, SIG_IGN);
1545 	(void) signal(SIGTTOU, SIG_IGN);
1546 	(void) signal(SIGPIPE, SIG_IGN);
1547 	(void) signal(SIGTERM, SIG_IGN);
1548 
1549 	/*
1550 	 * Try to stop gdm so X has a chance to return the screen and
1551 	 * keyboard to a sane state.
1552 	 */
1553 	if (fast_reboot == 1 && stop_gdm() != 0) {
1554 		(void) fprintf(stderr,
1555 		    gettext("%s: Falling back to regular reboot.\n"), cmdname);
1556 		fast_reboot = 0;
1557 		mdep = (uintptr_t)bootargs_orig;
1558 	} else if (bootargs_orig) {
1559 		free(bootargs_orig);
1560 	}
1561 
1562 	if (cmd != A_DUMP) {
1563 		/*
1564 		 * Stop all restarters so they do not try to restart services
1565 		 * that are terminated.
1566 		 */
1567 		stop_restarters();
1568 
1569 		/*
1570 		 * Wait a little while for zones to shutdown.
1571 		 */
1572 		if (need_check_zones) {
1573 			check_zones_haltedness();
1574 
1575 			(void) fprintf(stderr,
1576 			    gettext("%s: Completing system halt.\n"),
1577 			    cmdname);
1578 		}
1579 	}
1580 
1581 	/*
1582 	 * If we're not forcing a crash dump, give everyone 5 seconds to
1583 	 * handle a SIGTERM and clean up properly.
1584 	 */
1585 	if (cmd != A_DUMP) {
1586 		if (zoneid == GLOBAL_ZONEID && !nosync)
1587 			do_archives_update(fast_reboot);
1588 		(void) kill(-1, SIGTERM);
1589 		(void) sleep(5);
1590 	}
1591 
1592 	(void) signal(SIGINT, SIG_IGN);
1593 
1594 	if (!qflag && !nosync) {
1595 		struct utmpx wtmpx;
1596 
1597 		bzero(&wtmpx, sizeof (struct utmpx));
1598 		(void) strcpy(wtmpx.ut_line, "~");
1599 		(void) time(&wtmpx.ut_tv.tv_sec);
1600 
1601 		if (cmd == A_DUMP)
1602 			(void) strcpy(wtmpx.ut_name, "crash dump");
1603 		else
1604 			(void) strcpy(wtmpx.ut_name, "shutdown");
1605 
1606 		(void) updwtmpx(WTMPX_FILE, &wtmpx);
1607 		sync();
1608 	}
1609 
1610 	if (cmd == A_DUMP && nosync != 0)
1611 		(void) uadmin(A_DUMP, AD_NOSYNC, NULL);
1612 
1613 	if (fast_reboot)
1614 		fcn = AD_FASTREBOOT;
1615 
1616 	if (uadmin(cmd, fcn, mdep) == -1)
1617 		(void) fprintf(stderr, "%s: uadmin failed: %s\n",
1618 		    cmdname, strerror(errno));
1619 	else
1620 		(void) fprintf(stderr, "%s: uadmin unexpectedly returned 0\n",
1621 		    cmdname);
1622 
1623 	do {
1624 		r = remove(resetting);
1625 	} while (r != 0 && errno == EINTR);
1626 
1627 	if (r != 0 && errno != ENOENT)
1628 		(void) fprintf(stderr, gettext("%s: could not remove %s.\n"),
1629 		    cmdname, resetting);
1630 
1631 	if (direct_init(PCRUN) == -1) {
1632 		/*
1633 		 * TRANSLATION_NOTE
1634 		 * Don't translate the word "init"
1635 		 */
1636 		(void) fprintf(stderr,
1637 		    gettext("%s: can't resume init\n"), cmdname);
1638 	}
1639 
1640 	continue_restarters();
1641 
1642 	if (get_initpid() != -1)
1643 		/* tell init to restate current level */
1644 		(void) kill(get_initpid(), SIGHUP);
1645 
1646 fail:
1647 	if (fcn == AD_BOOT)
1648 		(void) audit_reboot_fail();
1649 	else
1650 		(void) audit_halt_fail();
1651 
1652 	if (fast_reboot == 1) {
1653 		if (bename) {
1654 			(void) halt_exec(BEADM_PROG, "umount", bename, NULL);
1655 
1656 		} else if (strlen(fastboot_mounted) != 0) {
1657 			(void) umount(fastboot_mounted);
1658 #if defined(__x86)
1659 		} else {
1660 			free(fbarg_used);
1661 #endif	/* __x86 */
1662 		}
1663 	}
1664 
1665 	return (1);
1666 }
1667