1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 /* 29 * rc_node.c - object management primitives 30 * 31 * This layer manages entities, their data structure, its locking, iterators, 32 * transactions, and change notification requests. Entities (scopes, 33 * services, instances, snapshots, snaplevels, property groups, "composed" 34 * property groups (see composition below), and properties) are represented by 35 * rc_node_t's and are kept in the cache_hash hash table. (Property values 36 * are kept in the rn_values member of the respective property -- not as 37 * separate objects.) Iterators are represented by rc_node_iter_t's. 38 * Transactions are represented by rc_node_tx_t's and are only allocated as 39 * part of repcache_tx_t's in the client layer (client.c). Change 40 * notification requests are represented by rc_notify_t structures and are 41 * described below. 42 * 43 * The entity tree is rooted at rc_scope, which rc_node_init() initializes to 44 * the "localhost" scope. The tree is filled in from the database on-demand 45 * by rc_node_fill_children(), usually from rc_iter_create() since iterators 46 * are the only way to find the children of an entity. 47 * 48 * Each rc_node_t is protected by its rn_lock member. Operations which can 49 * take too long, however, should serialize on an RC_NODE_WAITING_FLAGS bit in 50 * rn_flags with the rc_node_{hold,rele}_flag() functions. And since pointers 51 * to rc_node_t's are allowed, rn_refs is a reference count maintained by 52 * rc_node_{hold,rele}(). See configd.h for locking order information. 53 * 54 * When a node (property group or snapshot) is updated, a new node takes the 55 * place of the old node in the global hash, and the old node is hung off of 56 * the rn_former list of the new node. At the same time, all of its children 57 * have their rn_parent_ref pointer set, and any holds they have are reflected 58 * in the old node's rn_other_refs count. This is automatically kept up 59 * to date, until the final reference to the subgraph is dropped, at which 60 * point the node is unrefed and destroyed, along with all of its children. 61 * 62 * Locking rules: To dereference an rc_node_t * (usually to lock it), you must 63 * have a hold (rc_node_hold()) on it or otherwise be sure that it hasn't been 64 * rc_node_destroy()ed (hold a lock on its parent or child, hold a flag, 65 * etc.). Once you have locked an rc_node_t you must check its rn_flags for 66 * RC_NODE_DEAD before you can use it. This is usually done with the 67 * rc_node_{wait,hold}_flag() functions (often via the rc_node_check_*() 68 * functions & RC_NODE_*() macros), which fail if the object has died. 69 * 70 * An ITER_START for a non-ENTITY_VALUE induces an rc_node_fill_children() 71 * call via rc_node_setup_iter() to populate the rn_children uu_list of the 72 * rc_node_t * in question and a call to uu_list_walk_start() on that list. For 73 * ITER_READ, rc_iter_next() uses uu_list_walk_next() to find the next 74 * apropriate child. 75 * 76 * An ITER_START for an ENTITY_VALUE makes sure the node has its values 77 * filled, and sets up the iterator. An ITER_READ_VALUE just copies out 78 * the proper values and updates the offset information. 79 * 80 * When a property group gets changed by a transaction, it sticks around as 81 * a child of its replacement property group, but is removed from the parent. 82 * 83 * To allow aliases, snapshots are implemented with a level of indirection. 84 * A snapshot rc_node_t has a snapid which refers to an rc_snapshot_t in 85 * snapshot.c which contains the authoritative snaplevel information. The 86 * snapid is "assigned" by rc_attach_snapshot(). 87 * 88 * We provide the client layer with rc_node_ptr_t's to reference objects. 89 * Objects referred to by them are automatically held & released by 90 * rc_node_assign() & rc_node_clear(). The RC_NODE_PTR_*() macros are used at 91 * client.c entry points to read the pointers. They fetch the pointer to the 92 * object, return (from the function) if it is dead, and lock, hold, or hold 93 * a flag of the object. 94 */ 95 96 /* 97 * Permission checking is authorization-based: some operations may only 98 * proceed if the user has been assigned at least one of a set of 99 * authorization strings. The set of enabling authorizations depends on the 100 * operation and the target object. The set of authorizations assigned to 101 * a user is determined by reading /etc/security/policy.conf, querying the 102 * user_attr database, and possibly querying the prof_attr database, as per 103 * chkauthattr() in libsecdb. 104 * 105 * The fastest way to decide whether the two sets intersect is by entering the 106 * strings into a hash table and detecting collisions, which takes linear time 107 * in the total size of the sets. Except for the authorization patterns which 108 * may be assigned to users, which without advanced pattern-matching 109 * algorithms will take O(n) in the number of enabling authorizations, per 110 * pattern. 111 * 112 * We can achieve some practical speed-ups by noting that if we enter all of 113 * the authorizations from one of the sets into the hash table we can merely 114 * check the elements of the second set for existence without adding them. 115 * This reduces memory requirements and hash table clutter. The enabling set 116 * is well suited for this because it is internal to configd (for now, at 117 * least). Combine this with short-circuiting and we can even minimize the 118 * number of queries to the security databases (user_attr & prof_attr). 119 * 120 * To force this usage onto clients we provide functions for adding 121 * authorizations to the enabling set of a permission context structure 122 * (perm_add_*()) and one to decide whether the the user associated with the 123 * current door call client possesses any of them (perm_granted()). 124 * 125 * At some point, a generic version of this should move to libsecdb. 126 */ 127 128 /* 129 * Composition is the combination of sets of properties. The sets are ordered 130 * and properties in higher sets obscure properties of the same name in lower 131 * sets. Here we present a composed view of an instance's properties as the 132 * union of its properties and its service's properties. Similarly the 133 * properties of snaplevels are combined to form a composed view of the 134 * properties of a snapshot (which should match the composed view of the 135 * properties of the instance when the snapshot was taken). 136 * 137 * In terms of the client interface, the client may request that a property 138 * group iterator for an instance or snapshot be composed. Property groups 139 * traversed by such an iterator may not have the target entity as a parent. 140 * Similarly, the properties traversed by a property iterator for those 141 * property groups may not have the property groups iterated as parents. 142 * 143 * Implementation requires that iterators for instances and snapshots be 144 * composition-savvy, and that we have a "composed property group" entity 145 * which represents the composition of a number of property groups. Iteration 146 * over "composed property groups" yields properties which may have different 147 * parents, but for all other operations a composed property group behaves 148 * like the top-most property group it represents. 149 * 150 * The implementation is based on the rn_cchain[] array of rc_node_t pointers 151 * in rc_node_t. For instances, the pointers point to the instance and its 152 * parent service. For snapshots they point to the child snaplevels, and for 153 * composed property groups they point to property groups. A composed 154 * iterator carries an index into rn_cchain[]. Thus most of the magic ends up 155 * int the rc_iter_*() code. 156 */ 157 158 #include <assert.h> 159 #include <atomic.h> 160 #include <errno.h> 161 #include <libuutil.h> 162 #include <libscf.h> 163 #include <libscf_priv.h> 164 #include <prof_attr.h> 165 #include <pthread.h> 166 #include <stdio.h> 167 #include <stdlib.h> 168 #include <strings.h> 169 #include <sys/types.h> 170 #include <unistd.h> 171 #include <user_attr.h> 172 173 #include "configd.h" 174 175 #define AUTH_PREFIX "solaris.smf." 176 #define AUTH_MANAGE AUTH_PREFIX "manage" 177 #define AUTH_MODIFY AUTH_PREFIX "modify" 178 #define AUTH_MODIFY_PREFIX AUTH_MODIFY "." 179 #define AUTH_PG_ACTIONS SCF_PG_RESTARTER_ACTIONS 180 #define AUTH_PG_ACTIONS_TYPE SCF_PG_RESTARTER_ACTIONS_TYPE 181 #define AUTH_PG_GENERAL SCF_PG_GENERAL 182 #define AUTH_PG_GENERAL_TYPE SCF_PG_GENERAL_TYPE 183 #define AUTH_PG_GENERAL_OVR SCF_PG_GENERAL_OVR 184 #define AUTH_PG_GENERAL_OVR_TYPE SCF_PG_GENERAL_OVR_TYPE 185 #define AUTH_PROP_ACTION "action_authorization" 186 #define AUTH_PROP_ENABLED "enabled" 187 #define AUTH_PROP_MODIFY "modify_authorization" 188 #define AUTH_PROP_VALUE "value_authorization" 189 /* libsecdb should take care of this. */ 190 #define RBAC_AUTH_SEP "," 191 192 #define MAX_VALID_CHILDREN 3 193 194 typedef struct rc_type_info { 195 uint32_t rt_type; /* matches array index */ 196 uint32_t rt_num_ids; 197 uint32_t rt_name_flags; 198 uint32_t rt_valid_children[MAX_VALID_CHILDREN]; 199 } rc_type_info_t; 200 201 #define RT_NO_NAME -1U 202 203 static rc_type_info_t rc_types[] = { 204 {REP_PROTOCOL_ENTITY_NONE, 0, RT_NO_NAME}, 205 {REP_PROTOCOL_ENTITY_SCOPE, 0, 0, 206 {REP_PROTOCOL_ENTITY_SERVICE, REP_PROTOCOL_ENTITY_SCOPE}}, 207 {REP_PROTOCOL_ENTITY_SERVICE, 0, UU_NAME_DOMAIN | UU_NAME_PATH, 208 {REP_PROTOCOL_ENTITY_INSTANCE, REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 209 {REP_PROTOCOL_ENTITY_INSTANCE, 1, UU_NAME_DOMAIN, 210 {REP_PROTOCOL_ENTITY_SNAPSHOT, REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 211 {REP_PROTOCOL_ENTITY_SNAPSHOT, 2, UU_NAME_DOMAIN, 212 {REP_PROTOCOL_ENTITY_SNAPLEVEL, REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 213 {REP_PROTOCOL_ENTITY_SNAPLEVEL, 4, RT_NO_NAME, 214 {REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 215 {REP_PROTOCOL_ENTITY_PROPERTYGRP, 5, UU_NAME_DOMAIN, 216 {REP_PROTOCOL_ENTITY_PROPERTY}}, 217 {REP_PROTOCOL_ENTITY_CPROPERTYGRP, 0, UU_NAME_DOMAIN, 218 {REP_PROTOCOL_ENTITY_PROPERTY}}, 219 {REP_PROTOCOL_ENTITY_PROPERTY, 7, UU_NAME_DOMAIN}, 220 {-1UL} 221 }; 222 #define NUM_TYPES ((sizeof (rc_types) / sizeof (*rc_types))) 223 224 /* Element of a permcheck_t hash table. */ 225 struct pc_elt { 226 struct pc_elt *pce_next; 227 char pce_auth[1]; 228 }; 229 230 /* An authorization set hash table. */ 231 typedef struct { 232 struct pc_elt **pc_buckets; 233 uint_t pc_bnum; /* number of buckets */ 234 uint_t pc_enum; /* number of elements */ 235 } permcheck_t; 236 237 static uu_list_pool_t *rc_children_pool; 238 static uu_list_pool_t *rc_pg_notify_pool; 239 static uu_list_pool_t *rc_notify_pool; 240 static uu_list_pool_t *rc_notify_info_pool; 241 242 static rc_node_t *rc_scope; 243 244 static pthread_mutex_t rc_pg_notify_lock = PTHREAD_MUTEX_INITIALIZER; 245 static pthread_cond_t rc_pg_notify_cv = PTHREAD_COND_INITIALIZER; 246 static uint_t rc_notify_in_use; /* blocks removals */ 247 248 static pthread_mutex_t perm_lock = PTHREAD_MUTEX_INITIALIZER; 249 250 static void rc_node_unrefed(rc_node_t *np); 251 252 /* 253 * We support an arbitrary number of clients interested in events for certain 254 * types of changes. Each client is represented by an rc_notify_info_t, and 255 * all clients are chained onto the rc_notify_info_list. 256 * 257 * The rc_notify_list is the global notification list. Each entry is of 258 * type rc_notify_t, which is embedded in one of three other structures: 259 * 260 * rc_node_t property group update notification 261 * rc_notify_delete_t object deletion notification 262 * rc_notify_info_t notification clients 263 * 264 * Which type of object is determined by which pointer in the rc_notify_t is 265 * non-NULL. 266 * 267 * New notifications and clients are added to the end of the list. 268 * Notifications no-one is interested in are never added to the list. 269 * 270 * Clients use their position in the list to track which notifications they 271 * have not yet reported. As they process notifications, they move forward 272 * in the list past them. There is always a client at the beginning of the 273 * list -- as he moves past notifications, he removes them from the list and 274 * cleans them up. 275 * 276 * The rc_pg_notify_lock protects all notification state. The rc_pg_notify_cv 277 * is used for global signalling, and each client has a cv which he waits for 278 * events of interest on. 279 */ 280 static uu_list_t *rc_notify_info_list; 281 static uu_list_t *rc_notify_list; 282 283 #define HASH_SIZE 512 284 #define HASH_MASK (HASH_SIZE - 1) 285 286 #pragma align 64(cache_hash) 287 static cache_bucket_t cache_hash[HASH_SIZE]; 288 289 #define CACHE_BUCKET(h) (&cache_hash[(h) & HASH_MASK]) 290 291 static uint32_t 292 rc_node_hash(rc_node_lookup_t *lp) 293 { 294 uint32_t type = lp->rl_type; 295 uint32_t backend = lp->rl_backend; 296 uint32_t mainid = lp->rl_main_id; 297 uint32_t *ids = lp->rl_ids; 298 299 rc_type_info_t *tp = &rc_types[type]; 300 uint32_t num_ids; 301 uint32_t left; 302 uint32_t hash; 303 304 assert(backend == BACKEND_TYPE_NORMAL || 305 backend == BACKEND_TYPE_NONPERSIST); 306 307 assert(type > 0 && type < NUM_TYPES); 308 num_ids = tp->rt_num_ids; 309 310 left = MAX_IDS - num_ids; 311 assert(num_ids <= MAX_IDS); 312 313 hash = type * 7 + mainid * 5 + backend; 314 315 while (num_ids-- > 0) 316 hash = hash * 11 + *ids++ * 7; 317 318 /* 319 * the rest should be zeroed 320 */ 321 while (left-- > 0) 322 assert(*ids++ == 0); 323 324 return (hash); 325 } 326 327 static int 328 rc_node_match(rc_node_t *np, rc_node_lookup_t *l) 329 { 330 rc_node_lookup_t *r = &np->rn_id; 331 rc_type_info_t *tp; 332 uint32_t type; 333 uint32_t num_ids; 334 335 if (r->rl_main_id != l->rl_main_id) 336 return (0); 337 338 type = r->rl_type; 339 if (type != l->rl_type) 340 return (0); 341 342 assert(type > 0 && type < NUM_TYPES); 343 344 tp = &rc_types[r->rl_type]; 345 num_ids = tp->rt_num_ids; 346 347 assert(num_ids <= MAX_IDS); 348 while (num_ids-- > 0) 349 if (r->rl_ids[num_ids] != l->rl_ids[num_ids]) 350 return (0); 351 352 return (1); 353 } 354 355 /* 356 * the "other" references on a node are maintained in an atomically 357 * updated refcount, rn_other_refs. This can be bumped from arbitrary 358 * context, and tracks references to a possibly out-of-date node's children. 359 * 360 * To prevent the node from disappearing between the final drop of 361 * rn_other_refs and the unref handling, rn_other_refs_held is bumped on 362 * 0->1 transitions and decremented (with the node lock held) on 1->0 363 * transitions. 364 */ 365 static void 366 rc_node_hold_other(rc_node_t *np) 367 { 368 if (atomic_add_32_nv(&np->rn_other_refs, 1) == 1) { 369 atomic_add_32(&np->rn_other_refs_held, 1); 370 assert(np->rn_other_refs_held > 0); 371 } 372 assert(np->rn_other_refs > 0); 373 } 374 375 /* 376 * No node locks may be held 377 */ 378 static void 379 rc_node_rele_other(rc_node_t *np) 380 { 381 assert(np->rn_other_refs > 0); 382 if (atomic_add_32_nv(&np->rn_other_refs, -1) == 0) { 383 (void) pthread_mutex_lock(&np->rn_lock); 384 assert(np->rn_other_refs_held > 0); 385 if (atomic_add_32_nv(&np->rn_other_refs_held, -1) == 0 && 386 np->rn_refs == 0 && (np->rn_flags & RC_NODE_OLD)) 387 rc_node_unrefed(np); 388 else 389 (void) pthread_mutex_unlock(&np->rn_lock); 390 } 391 } 392 393 static void 394 rc_node_hold_locked(rc_node_t *np) 395 { 396 assert(MUTEX_HELD(&np->rn_lock)); 397 398 if (np->rn_refs == 0 && (np->rn_flags & RC_NODE_PARENT_REF)) 399 rc_node_hold_other(np->rn_parent_ref); 400 np->rn_refs++; 401 assert(np->rn_refs > 0); 402 } 403 404 static void 405 rc_node_hold(rc_node_t *np) 406 { 407 (void) pthread_mutex_lock(&np->rn_lock); 408 rc_node_hold_locked(np); 409 (void) pthread_mutex_unlock(&np->rn_lock); 410 } 411 412 static void 413 rc_node_rele_locked(rc_node_t *np) 414 { 415 int unref = 0; 416 rc_node_t *par_ref = NULL; 417 418 assert(MUTEX_HELD(&np->rn_lock)); 419 assert(np->rn_refs > 0); 420 421 if (--np->rn_refs == 0) { 422 if (np->rn_flags & RC_NODE_PARENT_REF) 423 par_ref = np->rn_parent_ref; 424 425 /* 426 * Composed property groups are only as good as their 427 * references. 428 */ 429 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) 430 np->rn_flags |= RC_NODE_DEAD; 431 432 if ((np->rn_flags & (RC_NODE_DEAD|RC_NODE_OLD)) && 433 np->rn_other_refs == 0 && np->rn_other_refs_held == 0) 434 unref = 1; 435 } 436 437 if (unref) 438 rc_node_unrefed(np); 439 else 440 (void) pthread_mutex_unlock(&np->rn_lock); 441 442 if (par_ref != NULL) 443 rc_node_rele_other(par_ref); 444 } 445 446 void 447 rc_node_rele(rc_node_t *np) 448 { 449 (void) pthread_mutex_lock(&np->rn_lock); 450 rc_node_rele_locked(np); 451 } 452 453 static cache_bucket_t * 454 cache_hold(uint32_t h) 455 { 456 cache_bucket_t *bp = CACHE_BUCKET(h); 457 (void) pthread_mutex_lock(&bp->cb_lock); 458 return (bp); 459 } 460 461 static void 462 cache_release(cache_bucket_t *bp) 463 { 464 (void) pthread_mutex_unlock(&bp->cb_lock); 465 } 466 467 static rc_node_t * 468 cache_lookup_unlocked(cache_bucket_t *bp, rc_node_lookup_t *lp) 469 { 470 uint32_t h = rc_node_hash(lp); 471 rc_node_t *np; 472 473 assert(MUTEX_HELD(&bp->cb_lock)); 474 assert(bp == CACHE_BUCKET(h)); 475 476 for (np = bp->cb_head; np != NULL; np = np->rn_hash_next) { 477 if (np->rn_hash == h && rc_node_match(np, lp)) { 478 rc_node_hold(np); 479 return (np); 480 } 481 } 482 483 return (NULL); 484 } 485 486 static rc_node_t * 487 cache_lookup(rc_node_lookup_t *lp) 488 { 489 uint32_t h; 490 cache_bucket_t *bp; 491 rc_node_t *np; 492 493 h = rc_node_hash(lp); 494 bp = cache_hold(h); 495 496 np = cache_lookup_unlocked(bp, lp); 497 498 cache_release(bp); 499 500 return (np); 501 } 502 503 static void 504 cache_insert_unlocked(cache_bucket_t *bp, rc_node_t *np) 505 { 506 assert(MUTEX_HELD(&bp->cb_lock)); 507 assert(np->rn_hash == rc_node_hash(&np->rn_id)); 508 assert(bp == CACHE_BUCKET(np->rn_hash)); 509 510 assert(np->rn_hash_next == NULL); 511 512 np->rn_hash_next = bp->cb_head; 513 bp->cb_head = np; 514 } 515 516 static void 517 cache_remove_unlocked(cache_bucket_t *bp, rc_node_t *np) 518 { 519 rc_node_t **npp; 520 521 assert(MUTEX_HELD(&bp->cb_lock)); 522 assert(np->rn_hash == rc_node_hash(&np->rn_id)); 523 assert(bp == CACHE_BUCKET(np->rn_hash)); 524 525 for (npp = &bp->cb_head; *npp != NULL; npp = &(*npp)->rn_hash_next) 526 if (*npp == np) 527 break; 528 529 assert(*npp == np); 530 *npp = np->rn_hash_next; 531 np->rn_hash_next = NULL; 532 } 533 534 /* 535 * verify that the 'parent' type can have a child typed 'child' 536 * Fails with 537 * _INVALID_TYPE - argument is invalid 538 * _TYPE_MISMATCH - parent type cannot have children of type child 539 */ 540 static int 541 rc_check_parent_child(uint32_t parent, uint32_t child) 542 { 543 int idx; 544 uint32_t type; 545 546 if (parent == 0 || parent >= NUM_TYPES || 547 child == 0 || child >= NUM_TYPES) 548 return (REP_PROTOCOL_FAIL_INVALID_TYPE); /* invalid types */ 549 550 for (idx = 0; idx < MAX_VALID_CHILDREN; idx++) { 551 type = rc_types[parent].rt_valid_children[idx]; 552 if (type == child) 553 return (REP_PROTOCOL_SUCCESS); 554 } 555 556 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 557 } 558 559 /* 560 * Fails with 561 * _INVALID_TYPE - type is invalid 562 * _BAD_REQUEST - name is an invalid name for a node of type type 563 */ 564 int 565 rc_check_type_name(uint32_t type, const char *name) 566 { 567 if (type == 0 || type >= NUM_TYPES) 568 return (REP_PROTOCOL_FAIL_INVALID_TYPE); /* invalid types */ 569 570 if (uu_check_name(name, rc_types[type].rt_name_flags) == -1) 571 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 572 573 return (REP_PROTOCOL_SUCCESS); 574 } 575 576 static int 577 rc_check_pgtype_name(const char *name) 578 { 579 if (uu_check_name(name, UU_NAME_DOMAIN) == -1) 580 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 581 582 return (REP_PROTOCOL_SUCCESS); 583 } 584 585 static int 586 rc_notify_info_interested(rc_notify_info_t *rnip, rc_notify_t *np) 587 { 588 rc_node_t *nnp = np->rcn_node; 589 int i; 590 591 assert(MUTEX_HELD(&rc_pg_notify_lock)); 592 593 if (np->rcn_delete != NULL) { 594 assert(np->rcn_info == NULL && np->rcn_node == NULL); 595 return (1); /* everyone likes deletes */ 596 } 597 if (np->rcn_node == NULL) { 598 assert(np->rcn_info != NULL || np->rcn_delete != NULL); 599 return (0); 600 } 601 assert(np->rcn_info == NULL); 602 603 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) { 604 if (rnip->rni_namelist[i] != NULL) { 605 if (strcmp(nnp->rn_name, rnip->rni_namelist[i]) == 0) 606 return (1); 607 } 608 if (rnip->rni_typelist[i] != NULL) { 609 if (strcmp(nnp->rn_type, rnip->rni_typelist[i]) == 0) 610 return (1); 611 } 612 } 613 return (0); 614 } 615 616 static void 617 rc_notify_insert_node(rc_node_t *nnp) 618 { 619 rc_notify_t *np = &nnp->rn_notify; 620 rc_notify_info_t *nip; 621 int found = 0; 622 623 assert(np->rcn_info == NULL); 624 625 if (nnp->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 626 return; 627 628 (void) pthread_mutex_lock(&rc_pg_notify_lock); 629 np->rcn_node = nnp; 630 for (nip = uu_list_first(rc_notify_info_list); nip != NULL; 631 nip = uu_list_next(rc_notify_info_list, nip)) { 632 if (rc_notify_info_interested(nip, np)) { 633 (void) pthread_cond_broadcast(&nip->rni_cv); 634 found++; 635 } 636 } 637 if (found) 638 (void) uu_list_insert_before(rc_notify_list, NULL, np); 639 else 640 np->rcn_node = NULL; 641 642 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 643 } 644 645 static void 646 rc_notify_deletion(rc_notify_delete_t *ndp, const char *service, 647 const char *instance, const char *pg) 648 { 649 rc_notify_info_t *nip; 650 651 uu_list_node_init(&ndp->rnd_notify, &ndp->rnd_notify.rcn_list_node, 652 rc_notify_pool); 653 ndp->rnd_notify.rcn_delete = ndp; 654 655 (void) snprintf(ndp->rnd_fmri, sizeof (ndp->rnd_fmri), 656 "svc:/%s%s%s%s%s", service, 657 (instance != NULL)? ":" : "", (instance != NULL)? instance : "", 658 (pg != NULL)? "/:properties/" : "", (pg != NULL)? pg : ""); 659 660 /* 661 * add to notification list, notify watchers 662 */ 663 (void) pthread_mutex_lock(&rc_pg_notify_lock); 664 for (nip = uu_list_first(rc_notify_info_list); nip != NULL; 665 nip = uu_list_next(rc_notify_info_list, nip)) 666 (void) pthread_cond_broadcast(&nip->rni_cv); 667 (void) uu_list_insert_before(rc_notify_list, NULL, ndp); 668 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 669 } 670 671 static void 672 rc_notify_remove_node(rc_node_t *nnp) 673 { 674 rc_notify_t *np = &nnp->rn_notify; 675 676 assert(np->rcn_info == NULL); 677 assert(!MUTEX_HELD(&nnp->rn_lock)); 678 679 (void) pthread_mutex_lock(&rc_pg_notify_lock); 680 while (np->rcn_node != NULL) { 681 if (rc_notify_in_use) { 682 (void) pthread_cond_wait(&rc_pg_notify_cv, 683 &rc_pg_notify_lock); 684 continue; 685 } 686 (void) uu_list_remove(rc_notify_list, np); 687 np->rcn_node = NULL; 688 break; 689 } 690 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 691 } 692 693 static void 694 rc_notify_remove_locked(rc_notify_t *np) 695 { 696 assert(MUTEX_HELD(&rc_pg_notify_lock)); 697 assert(rc_notify_in_use == 0); 698 699 (void) uu_list_remove(rc_notify_list, np); 700 if (np->rcn_node) { 701 np->rcn_node = NULL; 702 } else if (np->rcn_delete) { 703 uu_free(np->rcn_delete); 704 } else { 705 assert(0); /* CAN'T HAPPEN */ 706 } 707 } 708 709 /* 710 * Permission checking functions. See comment atop this file. 711 */ 712 #ifndef NATIVE_BUILD 713 static permcheck_t * 714 pc_create() 715 { 716 permcheck_t *p; 717 718 p = uu_zalloc(sizeof (*p)); 719 if (p == NULL) 720 return (NULL); 721 p->pc_bnum = 8; /* Normal case will only have 2 elts. */ 722 p->pc_buckets = uu_zalloc(sizeof (*p->pc_buckets) * p->pc_bnum); 723 if (p->pc_buckets == NULL) { 724 uu_free(p); 725 return (NULL); 726 } 727 728 p->pc_enum = 0; 729 return (p); 730 } 731 732 static void 733 pc_free(permcheck_t *pcp) 734 { 735 uint_t i; 736 struct pc_elt *ep, *next; 737 738 for (i = 0; i < pcp->pc_bnum; ++i) { 739 for (ep = pcp->pc_buckets[i]; ep != NULL; ep = next) { 740 next = ep->pce_next; 741 free(ep); 742 } 743 } 744 745 free(pcp->pc_buckets); 746 free(pcp); 747 } 748 749 static uint32_t 750 pc_hash(const char *auth) 751 { 752 uint32_t h = 0, g; 753 const char *p; 754 755 /* 756 * Generic hash function from uts/common/os/modhash.c. 757 */ 758 for (p = auth; *p != '\0'; ++p) { 759 h = (h << 4) + *p; 760 g = (h & 0xf0000000); 761 if (g != 0) { 762 h ^= (g >> 24); 763 h ^= g; 764 } 765 } 766 767 return (h); 768 } 769 770 static int 771 pc_exists(const permcheck_t *pcp, const char *auth) 772 { 773 uint32_t h; 774 struct pc_elt *ep; 775 776 h = pc_hash(auth); 777 for (ep = pcp->pc_buckets[h & (pcp->pc_bnum - 1)]; 778 ep != NULL; 779 ep = ep->pce_next) { 780 if (strcmp(auth, ep->pce_auth) == 0) 781 return (1); 782 } 783 784 return (0); 785 } 786 787 static int 788 pc_match(const permcheck_t *pcp, const char *pattern) 789 { 790 uint_t i; 791 struct pc_elt *ep; 792 793 for (i = 0; i < pcp->pc_bnum; ++i) { 794 for (ep = pcp->pc_buckets[i]; ep != NULL; ep = ep->pce_next) { 795 if (_auth_match(pattern, ep->pce_auth)) 796 return (1); 797 } 798 } 799 800 return (0); 801 } 802 803 static int 804 pc_grow(permcheck_t *pcp) 805 { 806 uint_t new_bnum, i, j; 807 struct pc_elt **new_buckets; 808 struct pc_elt *ep, *next; 809 810 new_bnum = pcp->pc_bnum * 2; 811 if (new_bnum < pcp->pc_bnum) 812 /* Homey don't play that. */ 813 return (-1); 814 815 new_buckets = uu_zalloc(sizeof (*new_buckets) * new_bnum); 816 if (new_buckets == NULL) 817 return (-1); 818 819 for (i = 0; i < pcp->pc_bnum; ++i) { 820 for (ep = pcp->pc_buckets[i]; ep != NULL; ep = next) { 821 next = ep->pce_next; 822 j = pc_hash(ep->pce_auth) & (new_bnum - 1); 823 ep->pce_next = new_buckets[j]; 824 new_buckets[j] = ep; 825 } 826 } 827 828 uu_free(pcp->pc_buckets); 829 pcp->pc_buckets = new_buckets; 830 pcp->pc_bnum = new_bnum; 831 832 return (0); 833 } 834 835 static int 836 pc_add(permcheck_t *pcp, const char *auth) 837 { 838 struct pc_elt *ep; 839 uint_t i; 840 841 ep = uu_zalloc(offsetof(struct pc_elt, pce_auth) + strlen(auth) + 1); 842 if (ep == NULL) 843 return (-1); 844 845 /* Grow if pc_enum / pc_bnum > 3/4. */ 846 if (pcp->pc_enum * 4 > 3 * pcp->pc_bnum) 847 /* Failure is not a stopper; we'll try again next time. */ 848 (void) pc_grow(pcp); 849 850 (void) strcpy(ep->pce_auth, auth); 851 852 i = pc_hash(auth) & (pcp->pc_bnum - 1); 853 ep->pce_next = pcp->pc_buckets[i]; 854 pcp->pc_buckets[i] = ep; 855 856 ++pcp->pc_enum; 857 858 return (0); 859 } 860 861 /* 862 * For the type of a property group, return the authorization which may be 863 * used to modify it. 864 */ 865 static const char * 866 perm_auth_for_pgtype(const char *pgtype) 867 { 868 if (strcmp(pgtype, SCF_GROUP_METHOD) == 0) 869 return (AUTH_MODIFY_PREFIX "method"); 870 else if (strcmp(pgtype, SCF_GROUP_DEPENDENCY) == 0) 871 return (AUTH_MODIFY_PREFIX "dependency"); 872 else if (strcmp(pgtype, SCF_GROUP_APPLICATION) == 0) 873 return (AUTH_MODIFY_PREFIX "application"); 874 else if (strcmp(pgtype, SCF_GROUP_FRAMEWORK) == 0) 875 return (AUTH_MODIFY_PREFIX "framework"); 876 else 877 return (NULL); 878 } 879 880 /* 881 * Fails with 882 * _NO_RESOURCES - out of memory 883 */ 884 static int 885 perm_add_enabling(permcheck_t *pcp, const char *auth) 886 { 887 return (pc_add(pcp, auth) == 0 ? REP_PROTOCOL_SUCCESS : 888 REP_PROTOCOL_FAIL_NO_RESOURCES); 889 } 890 891 /* Note that perm_add_enabling_values() is defined below. */ 892 893 /* 894 * perm_granted() returns 1 if the current door caller has one of the enabling 895 * authorizations in pcp, 0 if it doesn't, and -1 if an error (usually lack of 896 * memory) occurs. check_auth_list() checks an RBAC_AUTH_SEP-separated list 897 * of authorizations for existance in pcp, and check_prof_list() checks the 898 * authorizations granted to an RBAC_AUTH_SEP-separated list of profiles. 899 */ 900 static int 901 check_auth_list(const permcheck_t *pcp, char *authlist) 902 { 903 char *auth, *lasts; 904 int ret; 905 906 for (auth = (char *)strtok_r(authlist, RBAC_AUTH_SEP, &lasts); 907 auth != NULL; 908 auth = (char *)strtok_r(NULL, RBAC_AUTH_SEP, &lasts)) { 909 if (strchr(auth, KV_WILDCHAR) == NULL) 910 ret = pc_exists(pcp, auth); 911 else 912 ret = pc_match(pcp, auth); 913 914 if (ret) 915 return (ret); 916 } 917 918 return (0); 919 } 920 921 static int 922 check_prof_list(const permcheck_t *pcp, char *proflist) 923 { 924 char *prof, *lasts, *authlist, *subproflist; 925 profattr_t *pap; 926 int ret = 0; 927 928 for (prof = strtok_r(proflist, RBAC_AUTH_SEP, &lasts); 929 prof != NULL; 930 prof = strtok_r(NULL, RBAC_AUTH_SEP, &lasts)) { 931 pap = getprofnam(prof); 932 if (pap == NULL) 933 continue; 934 935 authlist = kva_match(pap->attr, PROFATTR_AUTHS_KW); 936 if (authlist != NULL) 937 ret = check_auth_list(pcp, authlist); 938 939 if (!ret) { 940 subproflist = kva_match(pap->attr, PROFATTR_PROFS_KW); 941 if (subproflist != NULL) 942 /* depth check to avoid invinite recursion? */ 943 ret = check_prof_list(pcp, subproflist); 944 } 945 946 free_profattr(pap); 947 if (ret) 948 return (ret); 949 } 950 951 return (ret); 952 } 953 954 static int 955 perm_granted(const permcheck_t *pcp) 956 { 957 ucred_t *uc; 958 959 int ret = 0; 960 uid_t uid; 961 userattr_t *uap; 962 char *authlist, *userattr_authlist, *proflist, *def_prof = NULL; 963 964 /* 965 * Get generic authorizations from policy.conf 966 * 967 * Note that _get_auth_policy is not threadsafe, so we single-thread 968 * access to it. 969 */ 970 (void) pthread_mutex_lock(&perm_lock); 971 ret = _get_auth_policy(&authlist, &def_prof); 972 (void) pthread_mutex_unlock(&perm_lock); 973 974 if (ret != 0) 975 return (-1); 976 977 if (authlist != NULL) { 978 ret = check_auth_list(pcp, authlist); 979 980 if (ret) { 981 _free_auth_policy(authlist, def_prof); 982 return (ret); 983 } 984 } 985 986 /* 987 * Put off checking def_prof for later in an attempt to consolidate 988 * prof_attr accesses. 989 */ 990 991 /* Get the uid */ 992 if ((uc = get_ucred()) == NULL) { 993 _free_auth_policy(authlist, def_prof); 994 995 if (errno == EINVAL) { 996 /* 997 * Client is no longer waiting for our response (e.g., 998 * it received a signal & resumed with EINTR). 999 * Punting with door_return() would be nice but we 1000 * need to release all of the locks & references we 1001 * hold. And we must report failure to the client 1002 * layer to keep it from ignoring retries as 1003 * already-done (idempotency & all that). None of the 1004 * error codes fit very well, so we might as well 1005 * force the return of _PERMISSION_DENIED since we 1006 * couldn't determine the user. 1007 */ 1008 return (0); 1009 } 1010 assert(0); 1011 abort(); 1012 } 1013 1014 uid = ucred_geteuid(uc); 1015 assert(uid != -1); 1016 1017 uap = getuseruid(uid); 1018 if (uap != NULL) { 1019 /* Get the authorizations from user_attr. */ 1020 userattr_authlist = kva_match(uap->attr, USERATTR_AUTHS_KW); 1021 if (userattr_authlist != NULL) 1022 ret = check_auth_list(pcp, userattr_authlist); 1023 } 1024 1025 if (!ret && def_prof != NULL) { 1026 /* Check generic profiles. */ 1027 ret = check_prof_list(pcp, def_prof); 1028 } 1029 1030 if (!ret && uap != NULL) { 1031 proflist = kva_match(uap->attr, USERATTR_PROFILES_KW); 1032 if (proflist != NULL) 1033 ret = check_prof_list(pcp, proflist); 1034 } 1035 1036 _free_auth_policy(authlist, def_prof); 1037 if (uap != NULL) 1038 free_userattr(uap); 1039 1040 return (ret); 1041 } 1042 #endif /* NATIVE_BUILD */ 1043 1044 /* 1045 * flags in RC_NODE_WAITING_FLAGS are broadcast when unset, and are used to 1046 * serialize certain actions, and to wait for certain operations to complete 1047 * 1048 * The waiting flags are: 1049 * RC_NODE_CHILDREN_CHANGING 1050 * The child list is being built or changed (due to creation 1051 * or deletion). All iterators pause. 1052 * 1053 * RC_NODE_USING_PARENT 1054 * Someone is actively using the parent pointer, so we can't 1055 * be removed from the parent list. 1056 * 1057 * RC_NODE_CREATING_CHILD 1058 * A child is being created -- locks out other creations, to 1059 * prevent insert-insert races. 1060 * 1061 * RC_NODE_IN_TX 1062 * This object is running a transaction. 1063 * 1064 * RC_NODE_DYING 1065 * This node might be dying. Always set as a set, using 1066 * RC_NODE_DYING_FLAGS (which is everything but 1067 * RC_NODE_USING_PARENT) 1068 */ 1069 static int 1070 rc_node_hold_flag(rc_node_t *np, uint32_t flag) 1071 { 1072 assert(MUTEX_HELD(&np->rn_lock)); 1073 assert((flag & ~RC_NODE_WAITING_FLAGS) == 0); 1074 1075 while (!(np->rn_flags & RC_NODE_DEAD) && (np->rn_flags & flag)) { 1076 (void) pthread_cond_wait(&np->rn_cv, &np->rn_lock); 1077 } 1078 if (np->rn_flags & RC_NODE_DEAD) 1079 return (0); 1080 1081 np->rn_flags |= flag; 1082 return (1); 1083 } 1084 1085 static void 1086 rc_node_rele_flag(rc_node_t *np, uint32_t flag) 1087 { 1088 assert((flag & ~RC_NODE_WAITING_FLAGS) == 0); 1089 assert(MUTEX_HELD(&np->rn_lock)); 1090 assert((np->rn_flags & flag) == flag); 1091 np->rn_flags &= ~flag; 1092 (void) pthread_cond_broadcast(&np->rn_cv); 1093 } 1094 1095 /* 1096 * wait until a particular flag has cleared. Fails if the object dies. 1097 */ 1098 static int 1099 rc_node_wait_flag(rc_node_t *np, uint32_t flag) 1100 { 1101 assert(MUTEX_HELD(&np->rn_lock)); 1102 while (!(np->rn_flags & RC_NODE_DEAD) && (np->rn_flags & flag)) 1103 (void) pthread_cond_wait(&np->rn_cv, &np->rn_lock); 1104 1105 return (!(np->rn_flags & RC_NODE_DEAD)); 1106 } 1107 1108 /* 1109 * On entry, np's lock must be held, and this thread must be holding 1110 * RC_NODE_USING_PARENT. On return, both of them are released. 1111 * 1112 * If the return value is NULL, np either does not have a parent, or 1113 * the parent has been marked DEAD. 1114 * 1115 * If the return value is non-NULL, it is the parent of np, and both 1116 * its lock and the requested flags are held. 1117 */ 1118 static rc_node_t * 1119 rc_node_hold_parent_flag(rc_node_t *np, uint32_t flag) 1120 { 1121 rc_node_t *pp; 1122 1123 assert(MUTEX_HELD(&np->rn_lock)); 1124 assert(np->rn_flags & RC_NODE_USING_PARENT); 1125 1126 if ((pp = np->rn_parent) == NULL) { 1127 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1128 (void) pthread_mutex_unlock(&np->rn_lock); 1129 return (NULL); 1130 } 1131 (void) pthread_mutex_unlock(&np->rn_lock); 1132 1133 (void) pthread_mutex_lock(&pp->rn_lock); 1134 (void) pthread_mutex_lock(&np->rn_lock); 1135 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1136 (void) pthread_mutex_unlock(&np->rn_lock); 1137 1138 if (!rc_node_hold_flag(pp, flag)) { 1139 (void) pthread_mutex_unlock(&pp->rn_lock); 1140 return (NULL); 1141 } 1142 return (pp); 1143 } 1144 1145 rc_node_t * 1146 rc_node_alloc(void) 1147 { 1148 rc_node_t *np = uu_zalloc(sizeof (*np)); 1149 1150 if (np == NULL) 1151 return (NULL); 1152 1153 (void) pthread_mutex_init(&np->rn_lock, NULL); 1154 (void) pthread_cond_init(&np->rn_cv, NULL); 1155 1156 np->rn_children = uu_list_create(rc_children_pool, np, 0); 1157 np->rn_pg_notify_list = uu_list_create(rc_pg_notify_pool, np, 0); 1158 1159 uu_list_node_init(np, &np->rn_sibling_node, rc_children_pool); 1160 1161 uu_list_node_init(&np->rn_notify, &np->rn_notify.rcn_list_node, 1162 rc_notify_pool); 1163 1164 return (np); 1165 } 1166 1167 void 1168 rc_node_destroy(rc_node_t *np) 1169 { 1170 int i; 1171 1172 if (np->rn_flags & RC_NODE_UNREFED) 1173 return; /* being handled elsewhere */ 1174 1175 assert(np->rn_refs == 0 && np->rn_other_refs == 0); 1176 assert(np->rn_former == NULL); 1177 1178 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 1179 /* Release the holds from rc_iter_next(). */ 1180 for (i = 0; i < COMPOSITION_DEPTH; ++i) { 1181 /* rn_cchain[i] may be NULL for empty snapshots. */ 1182 if (np->rn_cchain[i] != NULL) 1183 rc_node_rele(np->rn_cchain[i]); 1184 } 1185 } 1186 1187 if (np->rn_name != NULL) 1188 free((void *)np->rn_name); 1189 np->rn_name = NULL; 1190 if (np->rn_type != NULL) 1191 free((void *)np->rn_type); 1192 np->rn_type = NULL; 1193 if (np->rn_values != NULL) 1194 object_free_values(np->rn_values, np->rn_valtype, 1195 np->rn_values_count, np->rn_values_size); 1196 np->rn_values = NULL; 1197 1198 if (np->rn_snaplevel != NULL) 1199 rc_snaplevel_rele(np->rn_snaplevel); 1200 np->rn_snaplevel = NULL; 1201 1202 uu_list_node_fini(np, &np->rn_sibling_node, rc_children_pool); 1203 1204 uu_list_node_fini(&np->rn_notify, &np->rn_notify.rcn_list_node, 1205 rc_notify_pool); 1206 1207 assert(uu_list_first(np->rn_children) == NULL); 1208 uu_list_destroy(np->rn_children); 1209 uu_list_destroy(np->rn_pg_notify_list); 1210 1211 (void) pthread_mutex_destroy(&np->rn_lock); 1212 (void) pthread_cond_destroy(&np->rn_cv); 1213 1214 uu_free(np); 1215 } 1216 1217 /* 1218 * Link in a child node. 1219 * 1220 * Because of the lock ordering, cp has to already be in the hash table with 1221 * its lock dropped before we get it. To prevent anyone from noticing that 1222 * it is parentless, the creation code sets the RC_NODE_USING_PARENT. Once 1223 * we've linked it in, we release the flag. 1224 */ 1225 static void 1226 rc_node_link_child(rc_node_t *np, rc_node_t *cp) 1227 { 1228 assert(!MUTEX_HELD(&np->rn_lock)); 1229 assert(!MUTEX_HELD(&cp->rn_lock)); 1230 1231 (void) pthread_mutex_lock(&np->rn_lock); 1232 (void) pthread_mutex_lock(&cp->rn_lock); 1233 assert(!(cp->rn_flags & RC_NODE_IN_PARENT) && 1234 (cp->rn_flags & RC_NODE_USING_PARENT)); 1235 1236 assert(rc_check_parent_child(np->rn_id.rl_type, cp->rn_id.rl_type) == 1237 REP_PROTOCOL_SUCCESS); 1238 1239 cp->rn_parent = np; 1240 cp->rn_flags |= RC_NODE_IN_PARENT; 1241 (void) uu_list_insert_before(np->rn_children, NULL, cp); 1242 1243 (void) pthread_mutex_unlock(&np->rn_lock); 1244 1245 rc_node_rele_flag(cp, RC_NODE_USING_PARENT); 1246 (void) pthread_mutex_unlock(&cp->rn_lock); 1247 } 1248 1249 /* 1250 * Sets the rn_parent_ref field of all the children of np to pp -- always 1251 * initially invoked as rc_node_setup_parent_ref(np, np), we then recurse. 1252 * 1253 * This is used when we mark a node RC_NODE_OLD, so that when the object and 1254 * its children are no longer referenced, they will all be deleted as a unit. 1255 */ 1256 static void 1257 rc_node_setup_parent_ref(rc_node_t *np, rc_node_t *pp) 1258 { 1259 rc_node_t *cp; 1260 1261 assert(MUTEX_HELD(&np->rn_lock)); 1262 1263 for (cp = uu_list_first(np->rn_children); cp != NULL; 1264 cp = uu_list_next(np->rn_children, cp)) { 1265 (void) pthread_mutex_lock(&cp->rn_lock); 1266 if (cp->rn_flags & RC_NODE_PARENT_REF) { 1267 assert(cp->rn_parent_ref == pp); 1268 } else { 1269 assert(cp->rn_parent_ref == NULL); 1270 1271 cp->rn_flags |= RC_NODE_PARENT_REF; 1272 cp->rn_parent_ref = pp; 1273 if (cp->rn_refs != 0) 1274 rc_node_hold_other(pp); 1275 } 1276 rc_node_setup_parent_ref(cp, pp); /* recurse */ 1277 (void) pthread_mutex_unlock(&cp->rn_lock); 1278 } 1279 } 1280 1281 /* 1282 * Atomically replace 'np' with 'newp', with a parent of 'pp'. 1283 * 1284 * Requirements: 1285 * *no* node locks may be held. 1286 * pp must be held with RC_NODE_CHILDREN_CHANGING 1287 * newp and np must be held with RC_NODE_IN_TX 1288 * np must be marked RC_NODE_IN_PARENT, newp must not be 1289 * np must be marked RC_NODE_OLD 1290 * 1291 * Afterwards: 1292 * pp's RC_NODE_CHILDREN_CHANGING is dropped 1293 * newp and np's RC_NODE_IN_TX is dropped 1294 * newp->rn_former = np; 1295 * newp is RC_NODE_IN_PARENT, np is not. 1296 * interested notify subscribers have been notified of newp's new status. 1297 */ 1298 static void 1299 rc_node_relink_child(rc_node_t *pp, rc_node_t *np, rc_node_t *newp) 1300 { 1301 cache_bucket_t *bp; 1302 /* 1303 * First, swap np and nnp in the cache. newp's RC_NODE_IN_TX flag 1304 * keeps rc_node_update() from seeing it until we are done. 1305 */ 1306 bp = cache_hold(newp->rn_hash); 1307 cache_remove_unlocked(bp, np); 1308 cache_insert_unlocked(bp, newp); 1309 cache_release(bp); 1310 1311 /* 1312 * replace np with newp in pp's list, and attach it to newp's rn_former 1313 * link. 1314 */ 1315 (void) pthread_mutex_lock(&pp->rn_lock); 1316 assert(pp->rn_flags & RC_NODE_CHILDREN_CHANGING); 1317 1318 (void) pthread_mutex_lock(&newp->rn_lock); 1319 assert(!(newp->rn_flags & RC_NODE_IN_PARENT)); 1320 assert(newp->rn_flags & RC_NODE_IN_TX); 1321 1322 (void) pthread_mutex_lock(&np->rn_lock); 1323 assert(np->rn_flags & RC_NODE_IN_PARENT); 1324 assert(np->rn_flags & RC_NODE_OLD); 1325 assert(np->rn_flags & RC_NODE_IN_TX); 1326 1327 newp->rn_parent = pp; 1328 newp->rn_flags |= RC_NODE_IN_PARENT; 1329 1330 /* 1331 * Note that we carefully add newp before removing np -- this 1332 * keeps iterators on the list from missing us. 1333 */ 1334 (void) uu_list_insert_after(pp->rn_children, np, newp); 1335 (void) uu_list_remove(pp->rn_children, np); 1336 1337 /* 1338 * re-set np 1339 */ 1340 newp->rn_former = np; 1341 np->rn_parent = NULL; 1342 np->rn_flags &= ~RC_NODE_IN_PARENT; 1343 np->rn_flags |= RC_NODE_ON_FORMER; 1344 1345 rc_notify_insert_node(newp); 1346 1347 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 1348 (void) pthread_mutex_unlock(&pp->rn_lock); 1349 rc_node_rele_flag(newp, RC_NODE_USING_PARENT | RC_NODE_IN_TX); 1350 (void) pthread_mutex_unlock(&newp->rn_lock); 1351 rc_node_setup_parent_ref(np, np); 1352 rc_node_rele_flag(np, RC_NODE_IN_TX); 1353 (void) pthread_mutex_unlock(&np->rn_lock); 1354 } 1355 1356 /* 1357 * makes sure a node with lookup 'nip', name 'name', and parent 'pp' exists. 1358 * 'cp' is used (and returned) if the node does not yet exist. If it does 1359 * exist, 'cp' is freed, and the existent node is returned instead. 1360 */ 1361 rc_node_t * 1362 rc_node_setup(rc_node_t *cp, rc_node_lookup_t *nip, const char *name, 1363 rc_node_t *pp) 1364 { 1365 rc_node_t *np; 1366 cache_bucket_t *bp; 1367 uint32_t h = rc_node_hash(nip); 1368 1369 assert(cp->rn_refs == 0); 1370 1371 bp = cache_hold(h); 1372 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1373 cache_release(bp); 1374 1375 /* 1376 * make sure it matches our expectations 1377 */ 1378 (void) pthread_mutex_lock(&np->rn_lock); 1379 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1380 assert(np->rn_parent == pp); 1381 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1382 assert(strcmp(np->rn_name, name) == 0); 1383 assert(np->rn_type == NULL); 1384 assert(np->rn_flags & RC_NODE_IN_PARENT); 1385 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1386 } 1387 (void) pthread_mutex_unlock(&np->rn_lock); 1388 1389 rc_node_destroy(cp); 1390 return (np); 1391 } 1392 1393 /* 1394 * No one is there -- create a new node. 1395 */ 1396 np = cp; 1397 rc_node_hold(np); 1398 np->rn_id = *nip; 1399 np->rn_hash = h; 1400 np->rn_name = strdup(name); 1401 1402 np->rn_flags |= RC_NODE_USING_PARENT; 1403 1404 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE) { 1405 #if COMPOSITION_DEPTH == 2 1406 np->rn_cchain[0] = np; 1407 np->rn_cchain[1] = pp; 1408 #else 1409 #error This code must be updated. 1410 #endif 1411 } 1412 1413 cache_insert_unlocked(bp, np); 1414 cache_release(bp); /* we are now visible */ 1415 1416 rc_node_link_child(pp, np); 1417 1418 return (np); 1419 } 1420 1421 /* 1422 * makes sure a snapshot with lookup 'nip', name 'name', and parent 'pp' exists. 1423 * 'cp' is used (and returned) if the node does not yet exist. If it does 1424 * exist, 'cp' is freed, and the existent node is returned instead. 1425 */ 1426 rc_node_t * 1427 rc_node_setup_snapshot(rc_node_t *cp, rc_node_lookup_t *nip, const char *name, 1428 uint32_t snap_id, rc_node_t *pp) 1429 { 1430 rc_node_t *np; 1431 cache_bucket_t *bp; 1432 uint32_t h = rc_node_hash(nip); 1433 1434 assert(cp->rn_refs == 0); 1435 1436 bp = cache_hold(h); 1437 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1438 cache_release(bp); 1439 1440 /* 1441 * make sure it matches our expectations 1442 */ 1443 (void) pthread_mutex_lock(&np->rn_lock); 1444 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1445 assert(np->rn_parent == pp); 1446 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1447 assert(strcmp(np->rn_name, name) == 0); 1448 assert(np->rn_type == NULL); 1449 assert(np->rn_flags & RC_NODE_IN_PARENT); 1450 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1451 } 1452 (void) pthread_mutex_unlock(&np->rn_lock); 1453 1454 rc_node_destroy(cp); 1455 return (np); 1456 } 1457 1458 /* 1459 * No one is there -- create a new node. 1460 */ 1461 np = cp; 1462 rc_node_hold(np); 1463 np->rn_id = *nip; 1464 np->rn_hash = h; 1465 np->rn_name = strdup(name); 1466 np->rn_snapshot_id = snap_id; 1467 1468 np->rn_flags |= RC_NODE_USING_PARENT; 1469 1470 cache_insert_unlocked(bp, np); 1471 cache_release(bp); /* we are now visible */ 1472 1473 rc_node_link_child(pp, np); 1474 1475 return (np); 1476 } 1477 1478 /* 1479 * makes sure a snaplevel with lookup 'nip' and parent 'pp' exists. 'cp' is 1480 * used (and returned) if the node does not yet exist. If it does exist, 'cp' 1481 * is freed, and the existent node is returned instead. 1482 */ 1483 rc_node_t * 1484 rc_node_setup_snaplevel(rc_node_t *cp, rc_node_lookup_t *nip, 1485 rc_snaplevel_t *lvl, rc_node_t *pp) 1486 { 1487 rc_node_t *np; 1488 cache_bucket_t *bp; 1489 uint32_t h = rc_node_hash(nip); 1490 1491 assert(cp->rn_refs == 0); 1492 1493 bp = cache_hold(h); 1494 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1495 cache_release(bp); 1496 1497 /* 1498 * make sure it matches our expectations 1499 */ 1500 (void) pthread_mutex_lock(&np->rn_lock); 1501 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1502 assert(np->rn_parent == pp); 1503 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1504 assert(np->rn_name == NULL); 1505 assert(np->rn_type == NULL); 1506 assert(np->rn_flags & RC_NODE_IN_PARENT); 1507 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1508 } 1509 (void) pthread_mutex_unlock(&np->rn_lock); 1510 1511 rc_node_destroy(cp); 1512 return (np); 1513 } 1514 1515 /* 1516 * No one is there -- create a new node. 1517 */ 1518 np = cp; 1519 rc_node_hold(np); /* released in snapshot_fill_children() */ 1520 np->rn_id = *nip; 1521 np->rn_hash = h; 1522 1523 rc_snaplevel_hold(lvl); 1524 np->rn_snaplevel = lvl; 1525 1526 np->rn_flags |= RC_NODE_USING_PARENT; 1527 1528 cache_insert_unlocked(bp, np); 1529 cache_release(bp); /* we are now visible */ 1530 1531 /* Add this snaplevel to the snapshot's composition chain. */ 1532 assert(pp->rn_cchain[lvl->rsl_level_num - 1] == NULL); 1533 pp->rn_cchain[lvl->rsl_level_num - 1] = np; 1534 1535 rc_node_link_child(pp, np); 1536 1537 return (np); 1538 } 1539 1540 /* 1541 * Returns NULL if strdup() fails. 1542 */ 1543 rc_node_t * 1544 rc_node_setup_pg(rc_node_t *cp, rc_node_lookup_t *nip, const char *name, 1545 const char *type, uint32_t flags, uint32_t gen_id, rc_node_t *pp) 1546 { 1547 rc_node_t *np; 1548 cache_bucket_t *bp; 1549 1550 uint32_t h = rc_node_hash(nip); 1551 bp = cache_hold(h); 1552 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1553 cache_release(bp); 1554 1555 /* 1556 * make sure it matches our expectations (don't check 1557 * the generation number or parent, since someone could 1558 * have gotten a transaction through while we weren't 1559 * looking) 1560 */ 1561 (void) pthread_mutex_lock(&np->rn_lock); 1562 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1563 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1564 assert(strcmp(np->rn_name, name) == 0); 1565 assert(strcmp(np->rn_type, type) == 0); 1566 assert(np->rn_pgflags == flags); 1567 assert(np->rn_flags & RC_NODE_IN_PARENT); 1568 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1569 } 1570 (void) pthread_mutex_unlock(&np->rn_lock); 1571 1572 rc_node_destroy(cp); 1573 return (np); 1574 } 1575 1576 np = cp; 1577 rc_node_hold(np); /* released in fill_pg_callback() */ 1578 np->rn_id = *nip; 1579 np->rn_hash = h; 1580 np->rn_name = strdup(name); 1581 if (np->rn_name == NULL) { 1582 rc_node_rele(np); 1583 return (NULL); 1584 } 1585 np->rn_type = strdup(type); 1586 if (np->rn_type == NULL) { 1587 free((void *)np->rn_name); 1588 rc_node_rele(np); 1589 return (NULL); 1590 } 1591 np->rn_pgflags = flags; 1592 np->rn_gen_id = gen_id; 1593 1594 np->rn_flags |= RC_NODE_USING_PARENT; 1595 1596 cache_insert_unlocked(bp, np); 1597 cache_release(bp); /* we are now visible */ 1598 1599 rc_node_link_child(pp, np); 1600 1601 return (np); 1602 } 1603 1604 #if COMPOSITION_DEPTH == 2 1605 /* 1606 * Initialize a "composed property group" which represents the composition of 1607 * property groups pg1 & pg2. It is ephemeral: once created & returned for an 1608 * ITER_READ request, keeping it out of cache_hash and any child lists 1609 * prevents it from being looked up. Operations besides iteration are passed 1610 * through to pg1. 1611 * 1612 * pg1 & pg2 should be held before entering this function. They will be 1613 * released in rc_node_destroy(). 1614 */ 1615 static int 1616 rc_node_setup_cpg(rc_node_t *cpg, rc_node_t *pg1, rc_node_t *pg2) 1617 { 1618 if (strcmp(pg1->rn_type, pg2->rn_type) != 0) 1619 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 1620 1621 cpg->rn_id.rl_type = REP_PROTOCOL_ENTITY_CPROPERTYGRP; 1622 cpg->rn_name = strdup(pg1->rn_name); 1623 if (cpg->rn_name == NULL) 1624 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 1625 1626 cpg->rn_cchain[0] = pg1; 1627 cpg->rn_cchain[1] = pg2; 1628 1629 return (REP_PROTOCOL_SUCCESS); 1630 } 1631 #else 1632 #error This code must be updated. 1633 #endif 1634 1635 /* 1636 * Fails with _NO_RESOURCES. 1637 */ 1638 int 1639 rc_node_create_property(rc_node_t *pp, rc_node_lookup_t *nip, 1640 const char *name, rep_protocol_value_type_t type, 1641 const char *vals, size_t count, size_t size) 1642 { 1643 rc_node_t *np; 1644 cache_bucket_t *bp; 1645 1646 uint32_t h = rc_node_hash(nip); 1647 bp = cache_hold(h); 1648 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1649 cache_release(bp); 1650 /* 1651 * make sure it matches our expectations 1652 */ 1653 (void) pthread_mutex_lock(&np->rn_lock); 1654 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1655 assert(np->rn_parent == pp); 1656 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1657 assert(strcmp(np->rn_name, name) == 0); 1658 assert(np->rn_valtype == type); 1659 assert(np->rn_values_count == count); 1660 assert(np->rn_values_size == size); 1661 assert(vals == NULL || 1662 memcmp(np->rn_values, vals, size) == 0); 1663 assert(np->rn_flags & RC_NODE_IN_PARENT); 1664 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1665 } 1666 rc_node_rele_locked(np); 1667 object_free_values(vals, type, count, size); 1668 return (REP_PROTOCOL_SUCCESS); 1669 } 1670 1671 /* 1672 * No one is there -- create a new node. 1673 */ 1674 np = rc_node_alloc(); 1675 if (np == NULL) { 1676 cache_release(bp); 1677 object_free_values(vals, type, count, size); 1678 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 1679 } 1680 np->rn_id = *nip; 1681 np->rn_hash = h; 1682 np->rn_name = strdup(name); 1683 if (np->rn_name == NULL) { 1684 cache_release(bp); 1685 object_free_values(vals, type, count, size); 1686 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 1687 } 1688 1689 np->rn_valtype = type; 1690 np->rn_values = vals; 1691 np->rn_values_count = count; 1692 np->rn_values_size = size; 1693 1694 np->rn_flags |= RC_NODE_USING_PARENT; 1695 1696 cache_insert_unlocked(bp, np); 1697 cache_release(bp); /* we are now visible */ 1698 1699 rc_node_link_child(pp, np); 1700 1701 return (REP_PROTOCOL_SUCCESS); 1702 } 1703 1704 int 1705 rc_node_init(void) 1706 { 1707 rc_node_t *np; 1708 cache_bucket_t *bp; 1709 1710 rc_children_pool = uu_list_pool_create("rc_children_pool", 1711 sizeof (rc_node_t), offsetof(rc_node_t, rn_sibling_node), 1712 NULL, UU_LIST_POOL_DEBUG); 1713 1714 rc_pg_notify_pool = uu_list_pool_create("rc_pg_notify_pool", 1715 sizeof (rc_node_pg_notify_t), 1716 offsetof(rc_node_pg_notify_t, rnpn_node), 1717 NULL, UU_LIST_POOL_DEBUG); 1718 1719 rc_notify_pool = uu_list_pool_create("rc_notify_pool", 1720 sizeof (rc_notify_t), offsetof(rc_notify_t, rcn_list_node), 1721 NULL, UU_LIST_POOL_DEBUG); 1722 1723 rc_notify_info_pool = uu_list_pool_create("rc_notify_info_pool", 1724 sizeof (rc_notify_info_t), 1725 offsetof(rc_notify_info_t, rni_list_node), 1726 NULL, UU_LIST_POOL_DEBUG); 1727 1728 if (rc_children_pool == NULL || rc_pg_notify_pool == NULL || 1729 rc_notify_pool == NULL || rc_notify_info_pool == NULL) 1730 uu_die("out of memory"); 1731 1732 rc_notify_list = uu_list_create(rc_notify_pool, 1733 &rc_notify_list, 0); 1734 1735 rc_notify_info_list = uu_list_create(rc_notify_info_pool, 1736 &rc_notify_info_list, 0); 1737 1738 if (rc_notify_list == NULL || rc_notify_info_list == NULL) 1739 uu_die("out of memory"); 1740 1741 if ((np = rc_node_alloc()) == NULL) 1742 uu_die("out of memory"); 1743 1744 rc_node_hold(np); 1745 np->rn_id.rl_type = REP_PROTOCOL_ENTITY_SCOPE; 1746 np->rn_id.rl_backend = BACKEND_TYPE_NORMAL; 1747 np->rn_hash = rc_node_hash(&np->rn_id); 1748 np->rn_name = "localhost"; 1749 1750 bp = cache_hold(np->rn_hash); 1751 cache_insert_unlocked(bp, np); 1752 cache_release(bp); 1753 1754 rc_scope = np; 1755 return (1); 1756 } 1757 1758 /* 1759 * Fails with 1760 * _INVALID_TYPE - type is invalid 1761 * _TYPE_MISMATCH - np doesn't carry children of type type 1762 * _DELETED - np has been deleted 1763 * _NO_RESOURCES 1764 */ 1765 static int 1766 rc_node_fill_children(rc_node_t *np, uint32_t type) 1767 { 1768 int rc; 1769 1770 assert(MUTEX_HELD(&np->rn_lock)); 1771 1772 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 1773 REP_PROTOCOL_SUCCESS) 1774 return (rc); 1775 1776 if (!rc_node_hold_flag(np, RC_NODE_CHILDREN_CHANGING)) 1777 return (REP_PROTOCOL_FAIL_DELETED); 1778 1779 if (np->rn_flags & RC_NODE_HAS_CHILDREN) { 1780 rc_node_rele_flag(np, RC_NODE_CHILDREN_CHANGING); 1781 return (REP_PROTOCOL_SUCCESS); 1782 } 1783 1784 (void) pthread_mutex_unlock(&np->rn_lock); 1785 rc = object_fill_children(np); 1786 (void) pthread_mutex_lock(&np->rn_lock); 1787 1788 if (rc == REP_PROTOCOL_SUCCESS) { 1789 np->rn_flags |= RC_NODE_HAS_CHILDREN; 1790 } 1791 rc_node_rele_flag(np, RC_NODE_CHILDREN_CHANGING); 1792 1793 return (rc); 1794 } 1795 1796 /* 1797 * Returns 1798 * _INVALID_TYPE - type is invalid 1799 * _TYPE_MISMATCH - np doesn't carry children of type type 1800 * _DELETED - np has been deleted 1801 * _NO_RESOURCES 1802 * _SUCCESS - if *cpp is not NULL, it is held 1803 */ 1804 static int 1805 rc_node_find_named_child(rc_node_t *np, const char *name, uint32_t type, 1806 rc_node_t **cpp) 1807 { 1808 int ret; 1809 rc_node_t *cp; 1810 1811 assert(MUTEX_HELD(&np->rn_lock)); 1812 assert(np->rn_id.rl_type != REP_PROTOCOL_ENTITY_CPROPERTYGRP); 1813 1814 ret = rc_node_fill_children(np, type); 1815 if (ret != REP_PROTOCOL_SUCCESS) 1816 return (ret); 1817 1818 for (cp = uu_list_first(np->rn_children); 1819 cp != NULL; 1820 cp = uu_list_next(np->rn_children, cp)) { 1821 if (cp->rn_id.rl_type == type && strcmp(cp->rn_name, name) == 0) 1822 break; 1823 } 1824 1825 if (cp != NULL) 1826 rc_node_hold(cp); 1827 *cpp = cp; 1828 1829 return (REP_PROTOCOL_SUCCESS); 1830 } 1831 1832 #ifndef NATIVE_BUILD 1833 static int rc_node_parent(rc_node_t *, rc_node_t **); 1834 1835 /* 1836 * If the propname property exists in pg, and it is of type string, add its 1837 * values as authorizations to pcp. pg must not be locked on entry, and it is 1838 * returned unlocked. Returns 1839 * _DELETED - pg was deleted 1840 * _NO_RESOURCES 1841 * _NOT_FOUND - pg has no property named propname 1842 * _SUCCESS 1843 */ 1844 static int 1845 perm_add_pg_prop_values(permcheck_t *pcp, rc_node_t *pg, const char *propname) 1846 { 1847 rc_node_t *prop; 1848 int result; 1849 1850 uint_t count; 1851 const char *cp; 1852 1853 assert(!MUTEX_HELD(&pg->rn_lock)); 1854 assert(pg->rn_id.rl_type == REP_PROTOCOL_ENTITY_PROPERTYGRP); 1855 assert(pg->rn_id.rl_ids[ID_SNAPSHOT] == 0); 1856 1857 (void) pthread_mutex_lock(&pg->rn_lock); 1858 result = rc_node_find_named_child(pg, propname, 1859 REP_PROTOCOL_ENTITY_PROPERTY, &prop); 1860 (void) pthread_mutex_unlock(&pg->rn_lock); 1861 if (result != REP_PROTOCOL_SUCCESS) { 1862 switch (result) { 1863 case REP_PROTOCOL_FAIL_DELETED: 1864 case REP_PROTOCOL_FAIL_NO_RESOURCES: 1865 return (result); 1866 1867 case REP_PROTOCOL_FAIL_INVALID_TYPE: 1868 case REP_PROTOCOL_FAIL_TYPE_MISMATCH: 1869 default: 1870 bad_error("rc_node_find_named_child", result); 1871 } 1872 } 1873 1874 if (prop == NULL) 1875 return (REP_PROTOCOL_FAIL_NOT_FOUND); 1876 1877 /* rn_valtype is immutable, so no locking. */ 1878 if (prop->rn_valtype != REP_PROTOCOL_TYPE_STRING) { 1879 rc_node_rele(prop); 1880 return (REP_PROTOCOL_SUCCESS); 1881 } 1882 1883 (void) pthread_mutex_lock(&prop->rn_lock); 1884 for (count = prop->rn_values_count, cp = prop->rn_values; 1885 count > 0; 1886 --count) { 1887 result = perm_add_enabling(pcp, cp); 1888 if (result != REP_PROTOCOL_SUCCESS) 1889 break; 1890 1891 cp = strchr(cp, '\0') + 1; 1892 } 1893 1894 rc_node_rele_locked(prop); 1895 1896 return (result); 1897 } 1898 1899 /* 1900 * Assuming that ent is a service or instance node, if the pgname property 1901 * group has type pgtype, and it has a propname property with string type, add 1902 * its values as authorizations to pcp. If pgtype is NULL, it is not checked. 1903 * Returns 1904 * _SUCCESS 1905 * _DELETED - ent was deleted 1906 * _NO_RESOURCES - no resources 1907 * _NOT_FOUND - ent does not have pgname pg or propname property 1908 */ 1909 static int 1910 perm_add_ent_prop_values(permcheck_t *pcp, rc_node_t *ent, const char *pgname, 1911 const char *pgtype, const char *propname) 1912 { 1913 int r; 1914 rc_node_t *pg; 1915 1916 assert(!MUTEX_HELD(&ent->rn_lock)); 1917 1918 (void) pthread_mutex_lock(&ent->rn_lock); 1919 r = rc_node_find_named_child(ent, pgname, 1920 REP_PROTOCOL_ENTITY_PROPERTYGRP, &pg); 1921 (void) pthread_mutex_unlock(&ent->rn_lock); 1922 1923 switch (r) { 1924 case REP_PROTOCOL_SUCCESS: 1925 break; 1926 1927 case REP_PROTOCOL_FAIL_DELETED: 1928 case REP_PROTOCOL_FAIL_NO_RESOURCES: 1929 return (r); 1930 1931 default: 1932 bad_error("rc_node_find_named_child", r); 1933 } 1934 1935 if (pg == NULL) 1936 return (REP_PROTOCOL_FAIL_NOT_FOUND); 1937 1938 if (pgtype == NULL || strcmp(pg->rn_type, pgtype) == 0) { 1939 r = perm_add_pg_prop_values(pcp, pg, propname); 1940 switch (r) { 1941 case REP_PROTOCOL_FAIL_DELETED: 1942 r = REP_PROTOCOL_FAIL_NOT_FOUND; 1943 break; 1944 1945 case REP_PROTOCOL_FAIL_NO_RESOURCES: 1946 case REP_PROTOCOL_SUCCESS: 1947 case REP_PROTOCOL_FAIL_NOT_FOUND: 1948 break; 1949 1950 default: 1951 bad_error("perm_add_pg_prop_values", r); 1952 } 1953 } 1954 1955 rc_node_rele(pg); 1956 1957 return (r); 1958 } 1959 1960 /* 1961 * If pg has a property named propname, and it string typed, add its values as 1962 * authorizations to pcp. If pg has no such property, and its parent is an 1963 * instance, walk up to the service and try doing the same with the property 1964 * of the same name from the property group of the same name. Returns 1965 * _SUCCESS 1966 * _NO_RESOURCES 1967 * _DELETED - pg (or an ancestor) was deleted 1968 */ 1969 static int 1970 perm_add_enabling_values(permcheck_t *pcp, rc_node_t *pg, const char *propname) 1971 { 1972 int r; 1973 1974 r = perm_add_pg_prop_values(pcp, pg, propname); 1975 1976 if (r == REP_PROTOCOL_FAIL_NOT_FOUND) { 1977 char pgname[REP_PROTOCOL_NAME_LEN + 1]; 1978 rc_node_t *inst, *svc; 1979 size_t sz; 1980 1981 assert(!MUTEX_HELD(&pg->rn_lock)); 1982 1983 if (pg->rn_id.rl_ids[ID_INSTANCE] == 0) { 1984 /* not an instance pg */ 1985 return (REP_PROTOCOL_SUCCESS); 1986 } 1987 1988 sz = strlcpy(pgname, pg->rn_name, sizeof (pgname)); 1989 assert(sz < sizeof (pgname)); 1990 1991 /* get pg's parent */ 1992 r = rc_node_parent(pg, &inst); 1993 if (r != REP_PROTOCOL_SUCCESS) { 1994 assert(r == REP_PROTOCOL_FAIL_DELETED); 1995 return (r); 1996 } 1997 1998 assert(inst->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE); 1999 2000 /* get instance's parent */ 2001 r = rc_node_parent(inst, &svc); 2002 rc_node_rele(inst); 2003 if (r != REP_PROTOCOL_SUCCESS) { 2004 assert(r == REP_PROTOCOL_FAIL_DELETED); 2005 return (r); 2006 } 2007 2008 assert(svc->rn_id.rl_type == REP_PROTOCOL_ENTITY_SERVICE); 2009 2010 r = perm_add_ent_prop_values(pcp, svc, pgname, NULL, propname); 2011 2012 rc_node_rele(svc); 2013 2014 if (r == REP_PROTOCOL_FAIL_NOT_FOUND) 2015 r = REP_PROTOCOL_SUCCESS; 2016 } 2017 2018 return (r); 2019 } 2020 2021 /* 2022 * Call perm_add_enabling_values() for the "action_authorization" property of 2023 * the "general" property group of inst. Returns 2024 * _DELETED - inst (or an ancestor) was deleted 2025 * _NO_RESOURCES 2026 * _SUCCESS 2027 */ 2028 static int 2029 perm_add_inst_action_auth(permcheck_t *pcp, rc_node_t *inst) 2030 { 2031 int r; 2032 rc_node_t *svc; 2033 2034 assert(inst->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE); 2035 2036 r = perm_add_ent_prop_values(pcp, inst, AUTH_PG_GENERAL, 2037 AUTH_PG_GENERAL_TYPE, AUTH_PROP_ACTION); 2038 2039 if (r != REP_PROTOCOL_FAIL_NOT_FOUND) 2040 return (r); 2041 2042 r = rc_node_parent(inst, &svc); 2043 if (r != REP_PROTOCOL_SUCCESS) { 2044 assert(r == REP_PROTOCOL_FAIL_DELETED); 2045 return (r); 2046 } 2047 2048 r = perm_add_ent_prop_values(pcp, svc, AUTH_PG_GENERAL, 2049 AUTH_PG_GENERAL_TYPE, AUTH_PROP_ACTION); 2050 2051 return (r == REP_PROTOCOL_FAIL_NOT_FOUND ? REP_PROTOCOL_SUCCESS : r); 2052 } 2053 #endif /* NATIVE_BUILD */ 2054 2055 void 2056 rc_node_ptr_init(rc_node_ptr_t *out) 2057 { 2058 out->rnp_node = NULL; 2059 out->rnp_authorized = 0; 2060 out->rnp_deleted = 0; 2061 } 2062 2063 static void 2064 rc_node_assign(rc_node_ptr_t *out, rc_node_t *val) 2065 { 2066 rc_node_t *cur = out->rnp_node; 2067 if (val != NULL) 2068 rc_node_hold(val); 2069 out->rnp_node = val; 2070 if (cur != NULL) 2071 rc_node_rele(cur); 2072 out->rnp_authorized = 0; 2073 out->rnp_deleted = 0; 2074 } 2075 2076 void 2077 rc_node_clear(rc_node_ptr_t *out, int deleted) 2078 { 2079 rc_node_assign(out, NULL); 2080 out->rnp_deleted = deleted; 2081 } 2082 2083 void 2084 rc_node_ptr_assign(rc_node_ptr_t *out, const rc_node_ptr_t *val) 2085 { 2086 rc_node_assign(out, val->rnp_node); 2087 } 2088 2089 /* 2090 * rc_node_check()/RC_NODE_CHECK() 2091 * generic "entry" checks, run before the use of an rc_node pointer. 2092 * 2093 * Fails with 2094 * _NOT_SET 2095 * _DELETED 2096 */ 2097 static int 2098 rc_node_check_and_lock(rc_node_t *np) 2099 { 2100 int result = REP_PROTOCOL_SUCCESS; 2101 if (np == NULL) 2102 return (REP_PROTOCOL_FAIL_NOT_SET); 2103 2104 (void) pthread_mutex_lock(&np->rn_lock); 2105 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 2106 result = REP_PROTOCOL_FAIL_DELETED; 2107 (void) pthread_mutex_unlock(&np->rn_lock); 2108 } 2109 2110 return (result); 2111 } 2112 2113 /* 2114 * Fails with 2115 * _NOT_SET - ptr is reset 2116 * _DELETED - node has been deleted 2117 */ 2118 static rc_node_t * 2119 rc_node_ptr_check_and_lock(rc_node_ptr_t *npp, int *res) 2120 { 2121 rc_node_t *np = npp->rnp_node; 2122 if (np == NULL) { 2123 if (npp->rnp_deleted) 2124 *res = REP_PROTOCOL_FAIL_DELETED; 2125 else 2126 *res = REP_PROTOCOL_FAIL_NOT_SET; 2127 return (NULL); 2128 } 2129 2130 (void) pthread_mutex_lock(&np->rn_lock); 2131 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 2132 (void) pthread_mutex_unlock(&np->rn_lock); 2133 rc_node_clear(npp, 1); 2134 *res = REP_PROTOCOL_FAIL_DELETED; 2135 return (NULL); 2136 } 2137 return (np); 2138 } 2139 2140 #define RC_NODE_CHECK_AND_LOCK(n) { \ 2141 int rc__res; \ 2142 if ((rc__res = rc_node_check_and_lock(n)) != REP_PROTOCOL_SUCCESS) \ 2143 return (rc__res); \ 2144 } 2145 2146 #define RC_NODE_CHECK(n) { \ 2147 RC_NODE_CHECK_AND_LOCK(n); \ 2148 (void) pthread_mutex_unlock(&(n)->rn_lock); \ 2149 } 2150 2151 #define RC_NODE_CHECK_AND_HOLD(n) { \ 2152 RC_NODE_CHECK_AND_LOCK(n); \ 2153 rc_node_hold_locked(n); \ 2154 (void) pthread_mutex_unlock(&(n)->rn_lock); \ 2155 } 2156 2157 #define RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp) { \ 2158 int rc__res; \ 2159 if (((np) = rc_node_ptr_check_and_lock(npp, &rc__res)) == NULL) \ 2160 return (rc__res); \ 2161 } 2162 2163 #define RC_NODE_PTR_GET_CHECK(np, npp) { \ 2164 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); \ 2165 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2166 } 2167 2168 #define RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp) { \ 2169 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); \ 2170 rc_node_hold_locked(np); \ 2171 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2172 } 2173 2174 #define HOLD_FLAG_OR_RETURN(np, flag) { \ 2175 assert(MUTEX_HELD(&(np)->rn_lock)); \ 2176 assert(!((np)->rn_flags & RC_NODE_DEAD)); \ 2177 if (!rc_node_hold_flag((np), flag)) { \ 2178 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2179 return (REP_PROTOCOL_FAIL_DELETED); \ 2180 } \ 2181 } 2182 2183 #define HOLD_PTR_FLAG_OR_RETURN(np, npp, flag) { \ 2184 assert(MUTEX_HELD(&(np)->rn_lock)); \ 2185 assert(!((np)->rn_flags & RC_NODE_DEAD)); \ 2186 if (!rc_node_hold_flag((np), flag)) { \ 2187 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2188 assert((np) == (npp)->rnp_node); \ 2189 rc_node_clear(npp, 1); \ 2190 return (REP_PROTOCOL_FAIL_DELETED); \ 2191 } \ 2192 } 2193 2194 int 2195 rc_local_scope(uint32_t type, rc_node_ptr_t *out) 2196 { 2197 if (type != REP_PROTOCOL_ENTITY_SCOPE) { 2198 rc_node_clear(out, 0); 2199 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2200 } 2201 2202 /* 2203 * the main scope never gets destroyed 2204 */ 2205 rc_node_assign(out, rc_scope); 2206 2207 return (REP_PROTOCOL_SUCCESS); 2208 } 2209 2210 /* 2211 * Fails with 2212 * _NOT_SET - npp is not set 2213 * _DELETED - the node npp pointed at has been deleted 2214 * _TYPE_MISMATCH - type is not _SCOPE 2215 * _NOT_FOUND - scope has no parent 2216 */ 2217 static int 2218 rc_scope_parent_scope(rc_node_ptr_t *npp, uint32_t type, rc_node_ptr_t *out) 2219 { 2220 rc_node_t *np; 2221 2222 rc_node_clear(out, 0); 2223 2224 RC_NODE_PTR_GET_CHECK(np, npp); 2225 2226 if (type != REP_PROTOCOL_ENTITY_SCOPE) 2227 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2228 2229 return (REP_PROTOCOL_FAIL_NOT_FOUND); 2230 } 2231 2232 /* 2233 * Fails with 2234 * _NOT_SET 2235 * _DELETED 2236 * _NOT_APPLICABLE 2237 * _NOT_FOUND 2238 * _BAD_REQUEST 2239 * _TRUNCATED 2240 */ 2241 int 2242 rc_node_name(rc_node_ptr_t *npp, char *buf, size_t sz, uint32_t answertype, 2243 size_t *sz_out) 2244 { 2245 size_t actual; 2246 rc_node_t *np; 2247 2248 assert(sz == *sz_out); 2249 2250 RC_NODE_PTR_GET_CHECK(np, npp); 2251 2252 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2253 np = np->rn_cchain[0]; 2254 RC_NODE_CHECK(np); 2255 } 2256 2257 switch (answertype) { 2258 case RP_ENTITY_NAME_NAME: 2259 if (np->rn_name == NULL) 2260 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2261 actual = strlcpy(buf, np->rn_name, sz); 2262 break; 2263 case RP_ENTITY_NAME_PGTYPE: 2264 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 2265 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2266 actual = strlcpy(buf, np->rn_type, sz); 2267 break; 2268 case RP_ENTITY_NAME_PGFLAGS: 2269 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 2270 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2271 actual = snprintf(buf, sz, "%d", np->rn_pgflags); 2272 break; 2273 case RP_ENTITY_NAME_SNAPLEVEL_SCOPE: 2274 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 2275 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2276 actual = strlcpy(buf, np->rn_snaplevel->rsl_scope, sz); 2277 break; 2278 case RP_ENTITY_NAME_SNAPLEVEL_SERVICE: 2279 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 2280 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2281 actual = strlcpy(buf, np->rn_snaplevel->rsl_service, sz); 2282 break; 2283 case RP_ENTITY_NAME_SNAPLEVEL_INSTANCE: 2284 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 2285 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2286 if (np->rn_snaplevel->rsl_instance == NULL) 2287 return (REP_PROTOCOL_FAIL_NOT_FOUND); 2288 actual = strlcpy(buf, np->rn_snaplevel->rsl_instance, sz); 2289 break; 2290 default: 2291 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 2292 } 2293 if (actual >= sz) 2294 return (REP_PROTOCOL_FAIL_TRUNCATED); 2295 2296 *sz_out = actual; 2297 return (REP_PROTOCOL_SUCCESS); 2298 } 2299 2300 int 2301 rc_node_get_property_type(rc_node_ptr_t *npp, rep_protocol_value_type_t *out) 2302 { 2303 rc_node_t *np; 2304 2305 RC_NODE_PTR_GET_CHECK(np, npp); 2306 2307 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) 2308 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2309 2310 *out = np->rn_valtype; 2311 2312 return (REP_PROTOCOL_SUCCESS); 2313 } 2314 2315 /* 2316 * Get np's parent. If np is deleted, returns _DELETED. Otherwise puts a hold 2317 * on the parent, returns a pointer to it in *out, and returns _SUCCESS. 2318 */ 2319 static int 2320 rc_node_parent(rc_node_t *np, rc_node_t **out) 2321 { 2322 rc_node_t *pnp; 2323 rc_node_t *np_orig; 2324 2325 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2326 RC_NODE_CHECK_AND_LOCK(np); 2327 } else { 2328 np = np->rn_cchain[0]; 2329 RC_NODE_CHECK_AND_LOCK(np); 2330 } 2331 2332 np_orig = np; 2333 rc_node_hold_locked(np); /* simplifies the remainder */ 2334 2335 for (;;) { 2336 if (!rc_node_wait_flag(np, 2337 RC_NODE_IN_TX | RC_NODE_USING_PARENT)) { 2338 rc_node_rele_locked(np); 2339 return (REP_PROTOCOL_FAIL_DELETED); 2340 } 2341 2342 if (!(np->rn_flags & RC_NODE_OLD)) 2343 break; 2344 2345 rc_node_rele_locked(np); 2346 np = cache_lookup(&np_orig->rn_id); 2347 assert(np != np_orig); 2348 2349 if (np == NULL) 2350 goto deleted; 2351 (void) pthread_mutex_lock(&np->rn_lock); 2352 } 2353 2354 /* guaranteed to succeed without dropping the lock */ 2355 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 2356 (void) pthread_mutex_unlock(&np->rn_lock); 2357 *out = NULL; 2358 rc_node_rele(np); 2359 return (REP_PROTOCOL_FAIL_DELETED); 2360 } 2361 2362 assert(np->rn_parent != NULL); 2363 pnp = np->rn_parent; 2364 (void) pthread_mutex_unlock(&np->rn_lock); 2365 2366 (void) pthread_mutex_lock(&pnp->rn_lock); 2367 (void) pthread_mutex_lock(&np->rn_lock); 2368 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 2369 (void) pthread_mutex_unlock(&np->rn_lock); 2370 2371 rc_node_hold_locked(pnp); 2372 2373 (void) pthread_mutex_unlock(&pnp->rn_lock); 2374 2375 rc_node_rele(np); 2376 *out = pnp; 2377 return (REP_PROTOCOL_SUCCESS); 2378 2379 deleted: 2380 rc_node_rele(np); 2381 return (REP_PROTOCOL_FAIL_DELETED); 2382 } 2383 2384 /* 2385 * Fails with 2386 * _NOT_SET 2387 * _DELETED 2388 */ 2389 static int 2390 rc_node_ptr_parent(rc_node_ptr_t *npp, rc_node_t **out) 2391 { 2392 rc_node_t *np; 2393 2394 RC_NODE_PTR_GET_CHECK(np, npp); 2395 2396 return (rc_node_parent(np, out)); 2397 } 2398 2399 /* 2400 * Fails with 2401 * _NOT_SET - npp is not set 2402 * _DELETED - the node npp pointed at has been deleted 2403 * _TYPE_MISMATCH - npp's node's parent is not of type type 2404 * 2405 * If npp points to a scope, can also fail with 2406 * _NOT_FOUND - scope has no parent 2407 */ 2408 int 2409 rc_node_get_parent(rc_node_ptr_t *npp, uint32_t type, rc_node_ptr_t *out) 2410 { 2411 rc_node_t *pnp; 2412 int rc; 2413 2414 if (npp->rnp_node != NULL && 2415 npp->rnp_node->rn_id.rl_type == REP_PROTOCOL_ENTITY_SCOPE) 2416 return (rc_scope_parent_scope(npp, type, out)); 2417 2418 if ((rc = rc_node_ptr_parent(npp, &pnp)) != REP_PROTOCOL_SUCCESS) { 2419 rc_node_clear(out, 0); 2420 return (rc); 2421 } 2422 2423 if (type != pnp->rn_id.rl_type) { 2424 rc_node_rele(pnp); 2425 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2426 } 2427 2428 rc_node_assign(out, pnp); 2429 rc_node_rele(pnp); 2430 2431 return (REP_PROTOCOL_SUCCESS); 2432 } 2433 2434 int 2435 rc_node_parent_type(rc_node_ptr_t *npp, uint32_t *type_out) 2436 { 2437 rc_node_t *pnp; 2438 int rc; 2439 2440 if (npp->rnp_node != NULL && 2441 npp->rnp_node->rn_id.rl_type == REP_PROTOCOL_ENTITY_SCOPE) { 2442 *type_out = REP_PROTOCOL_ENTITY_SCOPE; 2443 return (REP_PROTOCOL_SUCCESS); 2444 } 2445 2446 if ((rc = rc_node_ptr_parent(npp, &pnp)) != REP_PROTOCOL_SUCCESS) 2447 return (rc); 2448 2449 *type_out = pnp->rn_id.rl_type; 2450 2451 rc_node_rele(pnp); 2452 2453 return (REP_PROTOCOL_SUCCESS); 2454 } 2455 2456 /* 2457 * Fails with 2458 * _INVALID_TYPE - type is invalid 2459 * _TYPE_MISMATCH - np doesn't carry children of type type 2460 * _DELETED - np has been deleted 2461 * _NOT_FOUND - no child with that name/type combo found 2462 * _NO_RESOURCES 2463 * _BACKEND_ACCESS 2464 */ 2465 int 2466 rc_node_get_child(rc_node_ptr_t *npp, const char *name, uint32_t type, 2467 rc_node_ptr_t *outp) 2468 { 2469 rc_node_t *np, *cp; 2470 rc_node_t *child = NULL; 2471 int ret, idx; 2472 2473 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 2474 if ((ret = rc_check_type_name(type, name)) == REP_PROTOCOL_SUCCESS) { 2475 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2476 ret = rc_node_find_named_child(np, name, type, &child); 2477 } else { 2478 (void) pthread_mutex_unlock(&np->rn_lock); 2479 ret = REP_PROTOCOL_SUCCESS; 2480 for (idx = 0; idx < COMPOSITION_DEPTH; idx++) { 2481 cp = np->rn_cchain[idx]; 2482 if (cp == NULL) 2483 break; 2484 RC_NODE_CHECK_AND_LOCK(cp); 2485 ret = rc_node_find_named_child(cp, name, type, 2486 &child); 2487 (void) pthread_mutex_unlock(&cp->rn_lock); 2488 /* 2489 * loop only if we succeeded, but no child of 2490 * the correct name was found. 2491 */ 2492 if (ret != REP_PROTOCOL_SUCCESS || 2493 child != NULL) 2494 break; 2495 } 2496 (void) pthread_mutex_lock(&np->rn_lock); 2497 } 2498 } 2499 (void) pthread_mutex_unlock(&np->rn_lock); 2500 2501 if (ret == REP_PROTOCOL_SUCCESS) { 2502 rc_node_assign(outp, child); 2503 if (child != NULL) 2504 rc_node_rele(child); 2505 else 2506 ret = REP_PROTOCOL_FAIL_NOT_FOUND; 2507 } else { 2508 rc_node_assign(outp, NULL); 2509 } 2510 return (ret); 2511 } 2512 2513 int 2514 rc_node_update(rc_node_ptr_t *npp) 2515 { 2516 cache_bucket_t *bp; 2517 rc_node_t *np = npp->rnp_node; 2518 rc_node_t *nnp; 2519 rc_node_t *cpg = NULL; 2520 2521 if (np != NULL && 2522 np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2523 /* 2524 * If we're updating a composed property group, actually 2525 * update the top-level property group & return the 2526 * appropriate value. But leave *nnp pointing at us. 2527 */ 2528 cpg = np; 2529 np = np->rn_cchain[0]; 2530 } 2531 2532 RC_NODE_CHECK(np); 2533 2534 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP && 2535 np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) 2536 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 2537 2538 for (;;) { 2539 bp = cache_hold(np->rn_hash); 2540 nnp = cache_lookup_unlocked(bp, &np->rn_id); 2541 if (nnp == NULL) { 2542 cache_release(bp); 2543 rc_node_clear(npp, 1); 2544 return (REP_PROTOCOL_FAIL_DELETED); 2545 } 2546 /* 2547 * grab the lock before dropping the cache bucket, so 2548 * that no one else can sneak in 2549 */ 2550 (void) pthread_mutex_lock(&nnp->rn_lock); 2551 cache_release(bp); 2552 2553 if (!(nnp->rn_flags & RC_NODE_IN_TX) || 2554 !rc_node_wait_flag(nnp, RC_NODE_IN_TX)) 2555 break; 2556 2557 rc_node_rele_locked(nnp); 2558 } 2559 2560 /* 2561 * If it is dead, we want to update it so that it will continue to 2562 * report being dead. 2563 */ 2564 if (nnp->rn_flags & RC_NODE_DEAD) { 2565 (void) pthread_mutex_unlock(&nnp->rn_lock); 2566 if (nnp != np && cpg == NULL) 2567 rc_node_assign(npp, nnp); /* updated */ 2568 rc_node_rele(nnp); 2569 return (REP_PROTOCOL_FAIL_DELETED); 2570 } 2571 2572 assert(!(nnp->rn_flags & RC_NODE_OLD)); 2573 (void) pthread_mutex_unlock(&nnp->rn_lock); 2574 2575 if (nnp != np && cpg == NULL) 2576 rc_node_assign(npp, nnp); /* updated */ 2577 2578 rc_node_rele(nnp); 2579 2580 return ((nnp == np)? REP_PROTOCOL_SUCCESS : REP_PROTOCOL_DONE); 2581 } 2582 2583 /* 2584 * does a generic modification check, for creation, deletion, and snapshot 2585 * management only. Property group transactions have different checks. 2586 */ 2587 int 2588 rc_node_modify_permission_check(void) 2589 { 2590 int rc = REP_PROTOCOL_SUCCESS; 2591 permcheck_t *pcp; 2592 int granted; 2593 2594 if (!client_is_privileged()) { 2595 #ifdef NATIVE_BUILD 2596 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2597 #else 2598 pcp = pc_create(); 2599 if (pcp != NULL) { 2600 rc = perm_add_enabling(pcp, AUTH_MODIFY); 2601 2602 if (rc == REP_PROTOCOL_SUCCESS) { 2603 granted = perm_granted(pcp); 2604 2605 if (granted < 0) 2606 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2607 } 2608 2609 pc_free(pcp); 2610 } else { 2611 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2612 } 2613 2614 if (rc == REP_PROTOCOL_SUCCESS && !granted) 2615 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2616 #endif /* NATIVE_BUILD */ 2617 } 2618 return (rc); 2619 } 2620 2621 /* 2622 * Fails with 2623 * _DELETED - node has been deleted 2624 * _NOT_SET - npp is reset 2625 * _NOT_APPLICABLE - type is _PROPERTYGRP 2626 * _INVALID_TYPE - node is corrupt or type is invalid 2627 * _TYPE_MISMATCH - node cannot have children of type type 2628 * _BAD_REQUEST - name is invalid 2629 * cannot create children for this type of node 2630 * _NO_RESOURCES - out of memory, or could not allocate new id 2631 * _PERMISSION_DENIED 2632 * _BACKEND_ACCESS 2633 * _BACKEND_READONLY 2634 * _EXISTS - child already exists 2635 */ 2636 int 2637 rc_node_create_child(rc_node_ptr_t *npp, uint32_t type, const char *name, 2638 rc_node_ptr_t *cpp) 2639 { 2640 rc_node_t *np; 2641 rc_node_t *cp = NULL; 2642 int rc; 2643 2644 rc_node_clear(cpp, 0); 2645 2646 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 2647 2648 /* 2649 * there is a separate interface for creating property groups 2650 */ 2651 if (type == REP_PROTOCOL_ENTITY_PROPERTYGRP) { 2652 (void) pthread_mutex_unlock(&np->rn_lock); 2653 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2654 } 2655 2656 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2657 (void) pthread_mutex_unlock(&np->rn_lock); 2658 np = np->rn_cchain[0]; 2659 RC_NODE_CHECK_AND_LOCK(np); 2660 } 2661 2662 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 2663 REP_PROTOCOL_SUCCESS) { 2664 (void) pthread_mutex_unlock(&np->rn_lock); 2665 return (rc); 2666 } 2667 if ((rc = rc_check_type_name(type, name)) != REP_PROTOCOL_SUCCESS) { 2668 (void) pthread_mutex_unlock(&np->rn_lock); 2669 return (rc); 2670 } 2671 2672 if ((rc = rc_node_modify_permission_check()) != REP_PROTOCOL_SUCCESS) { 2673 (void) pthread_mutex_unlock(&np->rn_lock); 2674 return (rc); 2675 } 2676 2677 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); 2678 (void) pthread_mutex_unlock(&np->rn_lock); 2679 2680 rc = object_create(np, type, name, &cp); 2681 assert(rc != REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2682 2683 if (rc == REP_PROTOCOL_SUCCESS) { 2684 rc_node_assign(cpp, cp); 2685 rc_node_rele(cp); 2686 } 2687 2688 (void) pthread_mutex_lock(&np->rn_lock); 2689 rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); 2690 (void) pthread_mutex_unlock(&np->rn_lock); 2691 2692 return (rc); 2693 } 2694 2695 int 2696 rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, 2697 const char *pgtype, uint32_t flags, rc_node_ptr_t *cpp) 2698 { 2699 rc_node_t *np; 2700 rc_node_t *cp; 2701 int rc; 2702 permcheck_t *pcp; 2703 int granted; 2704 2705 rc_node_clear(cpp, 0); 2706 2707 /* verify flags is valid */ 2708 if (flags & ~SCF_PG_FLAG_NONPERSISTENT) 2709 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 2710 2711 RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp); 2712 2713 if (type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 2714 rc_node_rele(np); 2715 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2716 } 2717 2718 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 2719 REP_PROTOCOL_SUCCESS) { 2720 rc_node_rele(np); 2721 return (rc); 2722 } 2723 if ((rc = rc_check_type_name(type, name)) != REP_PROTOCOL_SUCCESS || 2724 (rc = rc_check_pgtype_name(pgtype)) != REP_PROTOCOL_SUCCESS) { 2725 rc_node_rele(np); 2726 return (rc); 2727 } 2728 2729 if (!client_is_privileged()) { 2730 #ifdef NATIVE_BUILD 2731 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2732 #else 2733 /* Must have .smf.modify or smf.modify.<type> authorization */ 2734 pcp = pc_create(); 2735 if (pcp != NULL) { 2736 rc = perm_add_enabling(pcp, AUTH_MODIFY); 2737 2738 if (rc == REP_PROTOCOL_SUCCESS) { 2739 const char * const auth = 2740 perm_auth_for_pgtype(pgtype); 2741 2742 if (auth != NULL) 2743 rc = perm_add_enabling(pcp, auth); 2744 } 2745 2746 /* 2747 * .manage or $action_authorization can be used to 2748 * create the actions pg and the general_ovr pg. 2749 */ 2750 if (rc == REP_PROTOCOL_SUCCESS && 2751 (flags & SCF_PG_FLAG_NONPERSISTENT) != 0 && 2752 np->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE && 2753 ((strcmp(name, AUTH_PG_ACTIONS) == 0 && 2754 strcmp(pgtype, AUTH_PG_ACTIONS_TYPE) == 0) || 2755 (strcmp(name, AUTH_PG_GENERAL_OVR) == 0 && 2756 strcmp(pgtype, AUTH_PG_GENERAL_OVR_TYPE) == 0))) { 2757 rc = perm_add_enabling(pcp, AUTH_MANAGE); 2758 2759 if (rc == REP_PROTOCOL_SUCCESS) 2760 rc = perm_add_inst_action_auth(pcp, np); 2761 } 2762 2763 if (rc == REP_PROTOCOL_SUCCESS) { 2764 granted = perm_granted(pcp); 2765 2766 if (granted < 0) 2767 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2768 } 2769 2770 pc_free(pcp); 2771 } else { 2772 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2773 } 2774 2775 if (rc == REP_PROTOCOL_SUCCESS && !granted) 2776 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2777 #endif /* NATIVE_BUILD */ 2778 2779 if (rc != REP_PROTOCOL_SUCCESS) { 2780 rc_node_rele(np); 2781 return (rc); 2782 } 2783 } 2784 2785 (void) pthread_mutex_lock(&np->rn_lock); 2786 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); 2787 (void) pthread_mutex_unlock(&np->rn_lock); 2788 2789 rc = object_create_pg(np, type, name, pgtype, flags, &cp); 2790 2791 if (rc == REP_PROTOCOL_SUCCESS) { 2792 rc_node_assign(cpp, cp); 2793 rc_node_rele(cp); 2794 } 2795 2796 (void) pthread_mutex_lock(&np->rn_lock); 2797 rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); 2798 (void) pthread_mutex_unlock(&np->rn_lock); 2799 2800 return (rc); 2801 } 2802 2803 static void 2804 rc_pg_notify_fire(rc_node_pg_notify_t *pnp) 2805 { 2806 assert(MUTEX_HELD(&rc_pg_notify_lock)); 2807 2808 if (pnp->rnpn_pg != NULL) { 2809 uu_list_remove(pnp->rnpn_pg->rn_pg_notify_list, pnp); 2810 (void) close(pnp->rnpn_fd); 2811 2812 pnp->rnpn_pg = NULL; 2813 pnp->rnpn_fd = -1; 2814 } else { 2815 assert(pnp->rnpn_fd == -1); 2816 } 2817 } 2818 2819 static void 2820 rc_notify_node_delete(rc_notify_delete_t *ndp, rc_node_t *np_arg) 2821 { 2822 rc_node_t *svc = NULL; 2823 rc_node_t *inst = NULL; 2824 rc_node_t *pg = NULL; 2825 rc_node_t *np = np_arg; 2826 rc_node_t *nnp; 2827 2828 while (svc == NULL) { 2829 (void) pthread_mutex_lock(&np->rn_lock); 2830 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 2831 (void) pthread_mutex_unlock(&np->rn_lock); 2832 goto cleanup; 2833 } 2834 nnp = np->rn_parent; 2835 rc_node_hold_locked(np); /* hold it in place */ 2836 2837 switch (np->rn_id.rl_type) { 2838 case REP_PROTOCOL_ENTITY_PROPERTYGRP: 2839 assert(pg == NULL); 2840 pg = np; 2841 break; 2842 case REP_PROTOCOL_ENTITY_INSTANCE: 2843 assert(inst == NULL); 2844 inst = np; 2845 break; 2846 case REP_PROTOCOL_ENTITY_SERVICE: 2847 assert(svc == NULL); 2848 svc = np; 2849 break; 2850 default: 2851 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 2852 rc_node_rele_locked(np); 2853 goto cleanup; 2854 } 2855 2856 (void) pthread_mutex_unlock(&np->rn_lock); 2857 2858 np = nnp; 2859 if (np == NULL) 2860 goto cleanup; 2861 } 2862 2863 rc_notify_deletion(ndp, 2864 svc->rn_name, 2865 inst != NULL ? inst->rn_name : NULL, 2866 pg != NULL ? pg->rn_name : NULL); 2867 2868 ndp = NULL; 2869 2870 cleanup: 2871 if (ndp != NULL) 2872 uu_free(ndp); 2873 2874 for (;;) { 2875 if (svc != NULL) { 2876 np = svc; 2877 svc = NULL; 2878 } else if (inst != NULL) { 2879 np = inst; 2880 inst = NULL; 2881 } else if (pg != NULL) { 2882 np = pg; 2883 pg = NULL; 2884 } else 2885 break; 2886 2887 (void) pthread_mutex_lock(&np->rn_lock); 2888 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 2889 rc_node_rele_locked(np); 2890 } 2891 } 2892 2893 /* 2894 * N.B.: this function drops np->rn_lock on the way out. 2895 */ 2896 static void 2897 rc_node_delete_hold(rc_node_t *np, int andformer) 2898 { 2899 rc_node_t *cp; 2900 2901 again: 2902 assert(MUTEX_HELD(&np->rn_lock)); 2903 assert((np->rn_flags & RC_NODE_DYING_FLAGS) == RC_NODE_DYING_FLAGS); 2904 2905 for (cp = uu_list_first(np->rn_children); cp != NULL; 2906 cp = uu_list_next(np->rn_children, cp)) { 2907 (void) pthread_mutex_lock(&cp->rn_lock); 2908 (void) pthread_mutex_unlock(&np->rn_lock); 2909 if (!rc_node_hold_flag(cp, RC_NODE_DYING_FLAGS)) { 2910 /* 2911 * already marked as dead -- can't happen, since that 2912 * would require setting RC_NODE_CHILDREN_CHANGING 2913 * in np, and we're holding that... 2914 */ 2915 abort(); 2916 } 2917 rc_node_delete_hold(cp, andformer); /* recurse, drop lock */ 2918 2919 (void) pthread_mutex_lock(&np->rn_lock); 2920 } 2921 if (andformer && (cp = np->rn_former) != NULL) { 2922 (void) pthread_mutex_lock(&cp->rn_lock); 2923 (void) pthread_mutex_unlock(&np->rn_lock); 2924 if (!rc_node_hold_flag(cp, RC_NODE_DYING_FLAGS)) 2925 abort(); /* can't happen, see above */ 2926 np = cp; 2927 goto again; /* tail-recurse down rn_former */ 2928 } 2929 (void) pthread_mutex_unlock(&np->rn_lock); 2930 } 2931 2932 /* 2933 * N.B.: this function drops np->rn_lock on the way out. 2934 */ 2935 static void 2936 rc_node_delete_rele(rc_node_t *np, int andformer) 2937 { 2938 rc_node_t *cp; 2939 2940 again: 2941 assert(MUTEX_HELD(&np->rn_lock)); 2942 assert((np->rn_flags & RC_NODE_DYING_FLAGS) == RC_NODE_DYING_FLAGS); 2943 2944 for (cp = uu_list_first(np->rn_children); cp != NULL; 2945 cp = uu_list_next(np->rn_children, cp)) { 2946 (void) pthread_mutex_lock(&cp->rn_lock); 2947 (void) pthread_mutex_unlock(&np->rn_lock); 2948 rc_node_delete_rele(cp, andformer); /* recurse, drop lock */ 2949 (void) pthread_mutex_lock(&np->rn_lock); 2950 } 2951 if (andformer && (cp = np->rn_former) != NULL) { 2952 (void) pthread_mutex_lock(&cp->rn_lock); 2953 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 2954 (void) pthread_mutex_unlock(&np->rn_lock); 2955 2956 np = cp; 2957 goto again; /* tail-recurse down rn_former */ 2958 } 2959 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 2960 (void) pthread_mutex_unlock(&np->rn_lock); 2961 } 2962 2963 static void 2964 rc_node_finish_delete(rc_node_t *cp) 2965 { 2966 cache_bucket_t *bp; 2967 rc_node_pg_notify_t *pnp; 2968 2969 assert(MUTEX_HELD(&cp->rn_lock)); 2970 2971 if (!(cp->rn_flags & RC_NODE_OLD)) { 2972 assert(cp->rn_flags & RC_NODE_IN_PARENT); 2973 if (!rc_node_wait_flag(cp, RC_NODE_USING_PARENT)) { 2974 abort(); /* can't happen, see above */ 2975 } 2976 cp->rn_flags &= ~RC_NODE_IN_PARENT; 2977 cp->rn_parent = NULL; 2978 } 2979 2980 cp->rn_flags |= RC_NODE_DEAD; 2981 2982 /* 2983 * If this node is not out-dated, we need to remove it from 2984 * the notify list and cache hash table. 2985 */ 2986 if (!(cp->rn_flags & RC_NODE_OLD)) { 2987 assert(cp->rn_refs > 0); /* can't go away yet */ 2988 (void) pthread_mutex_unlock(&cp->rn_lock); 2989 2990 (void) pthread_mutex_lock(&rc_pg_notify_lock); 2991 while ((pnp = uu_list_first(cp->rn_pg_notify_list)) != NULL) 2992 rc_pg_notify_fire(pnp); 2993 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 2994 rc_notify_remove_node(cp); 2995 2996 bp = cache_hold(cp->rn_hash); 2997 (void) pthread_mutex_lock(&cp->rn_lock); 2998 cache_remove_unlocked(bp, cp); 2999 cache_release(bp); 3000 } 3001 } 3002 3003 /* 3004 * N.B.: this function drops np->rn_lock and a reference on the way out. 3005 */ 3006 static void 3007 rc_node_delete_children(rc_node_t *np, int andformer) 3008 { 3009 rc_node_t *cp; 3010 3011 again: 3012 assert(np->rn_refs > 0); 3013 assert(MUTEX_HELD(&np->rn_lock)); 3014 assert(np->rn_flags & RC_NODE_DEAD); 3015 3016 while ((cp = uu_list_first(np->rn_children)) != NULL) { 3017 uu_list_remove(np->rn_children, cp); 3018 (void) pthread_mutex_lock(&cp->rn_lock); 3019 (void) pthread_mutex_unlock(&np->rn_lock); 3020 rc_node_hold_locked(cp); /* hold while we recurse */ 3021 rc_node_finish_delete(cp); 3022 rc_node_delete_children(cp, andformer); /* drops lock + ref */ 3023 (void) pthread_mutex_lock(&np->rn_lock); 3024 } 3025 3026 /* 3027 * when we drop cp's lock, all the children will be gone, so we 3028 * can release DYING_FLAGS. 3029 */ 3030 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3031 if (andformer && (cp = np->rn_former) != NULL) { 3032 np->rn_former = NULL; /* unlink */ 3033 (void) pthread_mutex_lock(&cp->rn_lock); 3034 (void) pthread_mutex_unlock(&np->rn_lock); 3035 np->rn_flags &= ~RC_NODE_ON_FORMER; 3036 3037 rc_node_hold_locked(cp); /* hold while we loop */ 3038 3039 rc_node_finish_delete(cp); 3040 3041 rc_node_rele(np); /* drop the old reference */ 3042 3043 np = cp; 3044 goto again; /* tail-recurse down rn_former */ 3045 } 3046 rc_node_rele_locked(np); 3047 } 3048 3049 static void 3050 rc_node_unrefed(rc_node_t *np) 3051 { 3052 int unrefed; 3053 rc_node_t *pp, *cur; 3054 3055 assert(MUTEX_HELD(&np->rn_lock)); 3056 assert(np->rn_refs == 0); 3057 assert(np->rn_other_refs == 0); 3058 assert(np->rn_other_refs_held == 0); 3059 3060 if (np->rn_flags & RC_NODE_DEAD) { 3061 (void) pthread_mutex_unlock(&np->rn_lock); 3062 rc_node_destroy(np); 3063 return; 3064 } 3065 3066 assert(np->rn_flags & RC_NODE_OLD); 3067 if (np->rn_flags & RC_NODE_UNREFED) { 3068 (void) pthread_mutex_unlock(&np->rn_lock); 3069 return; 3070 } 3071 np->rn_flags |= RC_NODE_UNREFED; 3072 3073 (void) pthread_mutex_unlock(&np->rn_lock); 3074 3075 /* 3076 * find the current in-hash object, and grab it's RC_NODE_IN_TX 3077 * flag. That protects the entire rn_former chain. 3078 */ 3079 for (;;) { 3080 pp = cache_lookup(&np->rn_id); 3081 if (pp == NULL) { 3082 (void) pthread_mutex_lock(&np->rn_lock); 3083 if (np->rn_flags & RC_NODE_DEAD) 3084 goto died; 3085 /* 3086 * We are trying to unreference this node, but the 3087 * owner of the former list does not exist. It must 3088 * be the case that another thread is deleting this 3089 * entire sub-branch, but has not yet reached us. 3090 * We will in short order be deleted. 3091 */ 3092 np->rn_flags &= ~RC_NODE_UNREFED; 3093 (void) pthread_mutex_unlock(&np->rn_lock); 3094 return; 3095 } 3096 if (pp == np) { 3097 /* 3098 * no longer unreferenced 3099 */ 3100 (void) pthread_mutex_lock(&np->rn_lock); 3101 np->rn_flags &= ~RC_NODE_UNREFED; 3102 rc_node_rele_locked(np); 3103 return; 3104 } 3105 (void) pthread_mutex_lock(&pp->rn_lock); 3106 if ((pp->rn_flags & RC_NODE_OLD) || 3107 !rc_node_hold_flag(pp, RC_NODE_IN_TX)) { 3108 rc_node_rele_locked(pp); 3109 continue; 3110 } 3111 if (!(pp->rn_flags & RC_NODE_OLD)) { 3112 (void) pthread_mutex_unlock(&pp->rn_lock); 3113 break; 3114 } 3115 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3116 rc_node_rele_locked(pp); 3117 } 3118 3119 (void) pthread_mutex_lock(&np->rn_lock); 3120 if (!(np->rn_flags & (RC_NODE_OLD | RC_NODE_DEAD)) || 3121 np->rn_refs != 0 || np->rn_other_refs != 0 || 3122 np->rn_other_refs_held != 0) { 3123 np->rn_flags &= ~RC_NODE_UNREFED; 3124 (void) pthread_mutex_lock(&pp->rn_lock); 3125 3126 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3127 rc_node_rele_locked(pp); 3128 return; 3129 } 3130 3131 if (!rc_node_hold_flag(np, RC_NODE_DYING_FLAGS)) { 3132 (void) pthread_mutex_unlock(&np->rn_lock); 3133 3134 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3135 rc_node_rele_locked(pp); 3136 3137 (void) pthread_mutex_lock(&np->rn_lock); 3138 goto died; 3139 } 3140 3141 rc_node_delete_hold(np, 0); 3142 3143 (void) pthread_mutex_lock(&np->rn_lock); 3144 if (!(np->rn_flags & RC_NODE_OLD) || 3145 np->rn_refs != 0 || np->rn_other_refs != 0 || 3146 np->rn_other_refs_held != 0) { 3147 np->rn_flags &= ~RC_NODE_UNREFED; 3148 rc_node_delete_rele(np, 0); 3149 3150 (void) pthread_mutex_lock(&pp->rn_lock); 3151 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3152 rc_node_rele_locked(pp); 3153 return; 3154 } 3155 3156 np->rn_flags |= RC_NODE_DEAD; 3157 rc_node_hold_locked(np); 3158 rc_node_delete_children(np, 0); 3159 3160 /* 3161 * It's gone -- remove it from the former chain and destroy it. 3162 */ 3163 (void) pthread_mutex_lock(&pp->rn_lock); 3164 for (cur = pp; cur != NULL && cur->rn_former != np; 3165 cur = cur->rn_former) 3166 ; 3167 assert(cur != NULL && cur != np); 3168 3169 cur->rn_former = np->rn_former; 3170 np->rn_former = NULL; 3171 3172 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3173 rc_node_rele_locked(pp); 3174 3175 (void) pthread_mutex_lock(&np->rn_lock); 3176 assert(np->rn_flags & RC_NODE_ON_FORMER); 3177 np->rn_flags &= ~(RC_NODE_UNREFED | RC_NODE_ON_FORMER); 3178 (void) pthread_mutex_unlock(&np->rn_lock); 3179 rc_node_destroy(np); 3180 return; 3181 3182 died: 3183 np->rn_flags &= ~RC_NODE_UNREFED; 3184 unrefed = (np->rn_refs == 0 && np->rn_other_refs == 0 && 3185 np->rn_other_refs_held == 0); 3186 (void) pthread_mutex_unlock(&np->rn_lock); 3187 if (unrefed) 3188 rc_node_destroy(np); 3189 } 3190 3191 /* 3192 * Fails with 3193 * _NOT_SET 3194 * _DELETED 3195 * _BAD_REQUEST 3196 * _PERMISSION_DENIED 3197 * _NO_RESOURCES 3198 * and whatever object_delete() fails with. 3199 */ 3200 int 3201 rc_node_delete(rc_node_ptr_t *npp) 3202 { 3203 rc_node_t *np, *np_orig; 3204 rc_node_t *pp = NULL; 3205 int rc; 3206 rc_node_pg_notify_t *pnp; 3207 cache_bucket_t *bp; 3208 rc_notify_delete_t *ndp; 3209 permcheck_t *pcp; 3210 int granted; 3211 3212 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3213 3214 switch (np->rn_id.rl_type) { 3215 case REP_PROTOCOL_ENTITY_SERVICE: 3216 case REP_PROTOCOL_ENTITY_INSTANCE: 3217 case REP_PROTOCOL_ENTITY_SNAPSHOT: 3218 break; /* deletable */ 3219 3220 case REP_PROTOCOL_ENTITY_SCOPE: 3221 case REP_PROTOCOL_ENTITY_SNAPLEVEL: 3222 /* Scopes and snaplevels are indelible. */ 3223 (void) pthread_mutex_unlock(&np->rn_lock); 3224 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3225 3226 case REP_PROTOCOL_ENTITY_CPROPERTYGRP: 3227 (void) pthread_mutex_unlock(&np->rn_lock); 3228 np = np->rn_cchain[0]; 3229 RC_NODE_CHECK_AND_LOCK(np); 3230 break; 3231 3232 case REP_PROTOCOL_ENTITY_PROPERTYGRP: 3233 if (np->rn_id.rl_ids[ID_SNAPSHOT] == 0) 3234 break; 3235 3236 /* Snapshot property groups are indelible. */ 3237 (void) pthread_mutex_unlock(&np->rn_lock); 3238 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 3239 3240 case REP_PROTOCOL_ENTITY_PROPERTY: 3241 (void) pthread_mutex_unlock(&np->rn_lock); 3242 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3243 3244 default: 3245 assert(0); 3246 abort(); 3247 break; 3248 } 3249 3250 np_orig = np; 3251 rc_node_hold_locked(np); /* simplifies rest of the code */ 3252 3253 again: 3254 /* 3255 * The following loop is to deal with the fact that snapshots and 3256 * property groups are moving targets -- changes to them result 3257 * in a new "child" node. Since we can only delete from the top node, 3258 * we have to loop until we have a non-RC_NODE_OLD version. 3259 */ 3260 for (;;) { 3261 if (!rc_node_wait_flag(np, 3262 RC_NODE_IN_TX | RC_NODE_USING_PARENT)) { 3263 rc_node_rele_locked(np); 3264 return (REP_PROTOCOL_FAIL_DELETED); 3265 } 3266 3267 if (np->rn_flags & RC_NODE_OLD) { 3268 rc_node_rele_locked(np); 3269 np = cache_lookup(&np_orig->rn_id); 3270 assert(np != np_orig); 3271 3272 if (np == NULL) { 3273 rc = REP_PROTOCOL_FAIL_DELETED; 3274 goto fail; 3275 } 3276 (void) pthread_mutex_lock(&np->rn_lock); 3277 continue; 3278 } 3279 3280 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 3281 rc_node_rele_locked(np); 3282 rc_node_clear(npp, 1); 3283 return (REP_PROTOCOL_FAIL_DELETED); 3284 } 3285 3286 /* 3287 * Mark our parent as children changing. this call drops our 3288 * lock and the RC_NODE_USING_PARENT flag, and returns with 3289 * pp's lock held 3290 */ 3291 pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); 3292 if (pp == NULL) { 3293 /* our parent is gone, we're going next... */ 3294 rc_node_rele(np); 3295 3296 rc_node_clear(npp, 1); 3297 return (REP_PROTOCOL_FAIL_DELETED); 3298 } 3299 3300 rc_node_hold_locked(pp); /* hold for later */ 3301 (void) pthread_mutex_unlock(&pp->rn_lock); 3302 3303 (void) pthread_mutex_lock(&np->rn_lock); 3304 if (!(np->rn_flags & RC_NODE_OLD)) 3305 break; /* not old -- we're done */ 3306 3307 (void) pthread_mutex_unlock(&np->rn_lock); 3308 (void) pthread_mutex_lock(&pp->rn_lock); 3309 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3310 rc_node_rele_locked(pp); 3311 (void) pthread_mutex_lock(&np->rn_lock); 3312 continue; /* loop around and try again */ 3313 } 3314 /* 3315 * Everyone out of the pool -- we grab everything but 3316 * RC_NODE_USING_PARENT (including RC_NODE_DYING) to keep 3317 * any changes from occurring while we are attempting to 3318 * delete the node. 3319 */ 3320 if (!rc_node_hold_flag(np, RC_NODE_DYING_FLAGS)) { 3321 (void) pthread_mutex_unlock(&np->rn_lock); 3322 rc = REP_PROTOCOL_FAIL_DELETED; 3323 goto fail; 3324 } 3325 3326 assert(!(np->rn_flags & RC_NODE_OLD)); 3327 3328 if (!client_is_privileged()) { 3329 /* permission check */ 3330 (void) pthread_mutex_unlock(&np->rn_lock); 3331 3332 #ifdef NATIVE_BUILD 3333 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 3334 #else 3335 pcp = pc_create(); 3336 if (pcp != NULL) { 3337 rc = perm_add_enabling(pcp, AUTH_MODIFY); 3338 3339 /* add .smf.modify.<type> for pgs. */ 3340 if (rc == REP_PROTOCOL_SUCCESS && np->rn_id.rl_type == 3341 REP_PROTOCOL_ENTITY_PROPERTYGRP) { 3342 const char * const auth = 3343 perm_auth_for_pgtype(np->rn_type); 3344 3345 if (auth != NULL) 3346 rc = perm_add_enabling(pcp, auth); 3347 } 3348 3349 if (rc == REP_PROTOCOL_SUCCESS) { 3350 granted = perm_granted(pcp); 3351 3352 if (granted < 0) 3353 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3354 } 3355 3356 pc_free(pcp); 3357 } else { 3358 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3359 } 3360 3361 if (rc == REP_PROTOCOL_SUCCESS && !granted) 3362 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 3363 #endif /* NATIVE_BUILD */ 3364 3365 if (rc != REP_PROTOCOL_SUCCESS) { 3366 (void) pthread_mutex_lock(&np->rn_lock); 3367 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3368 (void) pthread_mutex_unlock(&np->rn_lock); 3369 goto fail; 3370 } 3371 3372 (void) pthread_mutex_lock(&np->rn_lock); 3373 } 3374 3375 ndp = uu_zalloc(sizeof (*ndp)); 3376 if (ndp == NULL) { 3377 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3378 (void) pthread_mutex_unlock(&np->rn_lock); 3379 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3380 goto fail; 3381 } 3382 3383 rc_node_delete_hold(np, 1); /* hold entire subgraph, drop lock */ 3384 3385 rc = object_delete(np); 3386 3387 if (rc != REP_PROTOCOL_SUCCESS) { 3388 (void) pthread_mutex_lock(&np->rn_lock); 3389 rc_node_delete_rele(np, 1); /* drops lock */ 3390 uu_free(ndp); 3391 goto fail; 3392 } 3393 3394 /* 3395 * Now, delicately unlink and delete the object. 3396 * 3397 * Create the delete notification, atomically remove 3398 * from the hash table and set the NODE_DEAD flag, and 3399 * remove from the parent's children list. 3400 */ 3401 rc_notify_node_delete(ndp, np); /* frees or uses ndp */ 3402 3403 bp = cache_hold(np->rn_hash); 3404 3405 (void) pthread_mutex_lock(&np->rn_lock); 3406 cache_remove_unlocked(bp, np); 3407 cache_release(bp); 3408 3409 np->rn_flags |= RC_NODE_DEAD; 3410 if (pp != NULL) { 3411 (void) pthread_mutex_unlock(&np->rn_lock); 3412 3413 (void) pthread_mutex_lock(&pp->rn_lock); 3414 (void) pthread_mutex_lock(&np->rn_lock); 3415 uu_list_remove(pp->rn_children, np); 3416 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3417 (void) pthread_mutex_unlock(&pp->rn_lock); 3418 np->rn_flags &= ~RC_NODE_IN_PARENT; 3419 } 3420 /* 3421 * finally, propagate death to our children, handle notifications, 3422 * and release our hold. 3423 */ 3424 rc_node_hold_locked(np); /* hold for delete */ 3425 rc_node_delete_children(np, 1); /* drops DYING_FLAGS, lock, ref */ 3426 3427 rc_node_clear(npp, 1); 3428 3429 (void) pthread_mutex_lock(&rc_pg_notify_lock); 3430 while ((pnp = uu_list_first(np->rn_pg_notify_list)) != NULL) 3431 rc_pg_notify_fire(pnp); 3432 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 3433 rc_notify_remove_node(np); 3434 3435 rc_node_rele(np); 3436 3437 return (rc); 3438 3439 fail: 3440 rc_node_rele(np); 3441 if (rc == REP_PROTOCOL_FAIL_DELETED) 3442 rc_node_clear(npp, 1); 3443 if (pp != NULL) { 3444 (void) pthread_mutex_lock(&pp->rn_lock); 3445 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3446 rc_node_rele_locked(pp); /* drop ref and lock */ 3447 } 3448 return (rc); 3449 } 3450 3451 int 3452 rc_node_next_snaplevel(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) 3453 { 3454 rc_node_t *np; 3455 rc_node_t *cp, *pp; 3456 int res; 3457 3458 rc_node_clear(cpp, 0); 3459 3460 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3461 3462 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT && 3463 np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) { 3464 (void) pthread_mutex_unlock(&np->rn_lock); 3465 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 3466 } 3467 3468 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_SNAPSHOT) { 3469 if ((res = rc_node_fill_children(np, 3470 REP_PROTOCOL_ENTITY_SNAPLEVEL)) != REP_PROTOCOL_SUCCESS) { 3471 (void) pthread_mutex_unlock(&np->rn_lock); 3472 return (res); 3473 } 3474 3475 for (cp = uu_list_first(np->rn_children); 3476 cp != NULL; 3477 cp = uu_list_next(np->rn_children, cp)) { 3478 if (cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 3479 continue; 3480 rc_node_hold(cp); 3481 break; 3482 } 3483 3484 (void) pthread_mutex_unlock(&np->rn_lock); 3485 } else { 3486 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_USING_PARENT); 3487 /* 3488 * mark our parent as children changing. This call drops our 3489 * lock and the RC_NODE_USING_PARENT flag, and returns with 3490 * pp's lock held 3491 */ 3492 pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); 3493 if (pp == NULL) { 3494 /* our parent is gone, we're going next... */ 3495 3496 rc_node_clear(npp, 1); 3497 return (REP_PROTOCOL_FAIL_DELETED); 3498 } 3499 3500 /* 3501 * find the next snaplevel 3502 */ 3503 cp = np; 3504 while ((cp = uu_list_next(pp->rn_children, cp)) != NULL && 3505 cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 3506 ; 3507 3508 /* it must match the snaplevel list */ 3509 assert((cp == NULL && np->rn_snaplevel->rsl_next == NULL) || 3510 (cp != NULL && np->rn_snaplevel->rsl_next == 3511 cp->rn_snaplevel)); 3512 3513 if (cp != NULL) 3514 rc_node_hold(cp); 3515 3516 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3517 3518 (void) pthread_mutex_unlock(&pp->rn_lock); 3519 } 3520 3521 rc_node_assign(cpp, cp); 3522 if (cp != NULL) { 3523 rc_node_rele(cp); 3524 3525 return (REP_PROTOCOL_SUCCESS); 3526 } 3527 return (REP_PROTOCOL_FAIL_NOT_FOUND); 3528 } 3529 3530 /* 3531 * This call takes a snapshot (np) and either: 3532 * an existing snapid (to be associated with np), or 3533 * a non-NULL parentp (from which a new snapshot is taken, and associated 3534 * with np) 3535 * 3536 * To do the association, np is duplicated, the duplicate is made to 3537 * represent the new snapid, and np is replaced with the new rc_node_t on 3538 * np's parent's child list. np is placed on the new node's rn_former list, 3539 * and replaces np in cache_hash (so rc_node_update() will find the new one). 3540 */ 3541 static int 3542 rc_attach_snapshot(rc_node_t *np, uint32_t snapid, rc_node_t *parentp) 3543 { 3544 rc_node_t *np_orig; 3545 rc_node_t *nnp, *prev; 3546 rc_node_t *pp; 3547 int rc; 3548 3549 if (parentp != NULL) 3550 assert(snapid == 0); 3551 3552 assert(MUTEX_HELD(&np->rn_lock)); 3553 3554 if ((rc = rc_node_modify_permission_check()) != REP_PROTOCOL_SUCCESS) { 3555 (void) pthread_mutex_unlock(&np->rn_lock); 3556 return (rc); 3557 } 3558 3559 np_orig = np; 3560 rc_node_hold_locked(np); /* simplifies the remainder */ 3561 3562 /* 3563 * get the latest node, holding RC_NODE_IN_TX to keep the rn_former 3564 * list from changing. 3565 */ 3566 for (;;) { 3567 if (!(np->rn_flags & RC_NODE_OLD)) { 3568 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 3569 goto again; 3570 } 3571 pp = rc_node_hold_parent_flag(np, 3572 RC_NODE_CHILDREN_CHANGING); 3573 3574 (void) pthread_mutex_lock(&np->rn_lock); 3575 if (pp == NULL) { 3576 goto again; 3577 } 3578 if (np->rn_flags & RC_NODE_OLD) { 3579 rc_node_rele_flag(pp, 3580 RC_NODE_CHILDREN_CHANGING); 3581 (void) pthread_mutex_unlock(&pp->rn_lock); 3582 goto again; 3583 } 3584 (void) pthread_mutex_unlock(&pp->rn_lock); 3585 3586 if (!rc_node_hold_flag(np, RC_NODE_IN_TX)) { 3587 /* 3588 * Can't happen, since we're holding our 3589 * parent's CHILDREN_CHANGING flag... 3590 */ 3591 abort(); 3592 } 3593 break; /* everything's ready */ 3594 } 3595 again: 3596 rc_node_rele_locked(np); 3597 np = cache_lookup(&np_orig->rn_id); 3598 3599 if (np == NULL) 3600 return (REP_PROTOCOL_FAIL_DELETED); 3601 3602 (void) pthread_mutex_lock(&np->rn_lock); 3603 } 3604 3605 if (parentp != NULL) { 3606 if (pp != parentp) { 3607 rc = REP_PROTOCOL_FAIL_BAD_REQUEST; 3608 goto fail; 3609 } 3610 nnp = NULL; 3611 } else { 3612 /* 3613 * look for a former node with the snapid we need. 3614 */ 3615 if (np->rn_snapshot_id == snapid) { 3616 rc_node_rele_flag(np, RC_NODE_IN_TX); 3617 rc_node_rele_locked(np); 3618 3619 (void) pthread_mutex_lock(&pp->rn_lock); 3620 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3621 (void) pthread_mutex_unlock(&pp->rn_lock); 3622 return (REP_PROTOCOL_SUCCESS); /* nothing to do */ 3623 } 3624 3625 prev = np; 3626 while ((nnp = prev->rn_former) != NULL) { 3627 if (nnp->rn_snapshot_id == snapid) { 3628 rc_node_hold(nnp); 3629 break; /* existing node with that id */ 3630 } 3631 prev = nnp; 3632 } 3633 } 3634 3635 if (nnp == NULL) { 3636 prev = NULL; 3637 nnp = rc_node_alloc(); 3638 if (nnp == NULL) { 3639 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3640 goto fail; 3641 } 3642 3643 nnp->rn_id = np->rn_id; /* structure assignment */ 3644 nnp->rn_hash = np->rn_hash; 3645 nnp->rn_name = strdup(np->rn_name); 3646 nnp->rn_snapshot_id = snapid; 3647 nnp->rn_flags = RC_NODE_IN_TX | RC_NODE_USING_PARENT; 3648 3649 if (nnp->rn_name == NULL) { 3650 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3651 goto fail; 3652 } 3653 } 3654 3655 (void) pthread_mutex_unlock(&np->rn_lock); 3656 3657 rc = object_snapshot_attach(&np->rn_id, &snapid, (parentp != NULL)); 3658 3659 if (parentp != NULL) 3660 nnp->rn_snapshot_id = snapid; /* fill in new snapid */ 3661 else 3662 assert(nnp->rn_snapshot_id == snapid); 3663 3664 (void) pthread_mutex_lock(&np->rn_lock); 3665 if (rc != REP_PROTOCOL_SUCCESS) 3666 goto fail; 3667 3668 /* 3669 * fix up the former chain 3670 */ 3671 if (prev != NULL) { 3672 prev->rn_former = nnp->rn_former; 3673 (void) pthread_mutex_lock(&nnp->rn_lock); 3674 nnp->rn_flags &= ~RC_NODE_ON_FORMER; 3675 nnp->rn_former = NULL; 3676 (void) pthread_mutex_unlock(&nnp->rn_lock); 3677 } 3678 np->rn_flags |= RC_NODE_OLD; 3679 (void) pthread_mutex_unlock(&np->rn_lock); 3680 3681 /* 3682 * replace np with nnp 3683 */ 3684 rc_node_relink_child(pp, np, nnp); 3685 3686 rc_node_rele(np); 3687 3688 return (REP_PROTOCOL_SUCCESS); 3689 3690 fail: 3691 rc_node_rele_flag(np, RC_NODE_IN_TX); 3692 rc_node_rele_locked(np); 3693 (void) pthread_mutex_lock(&pp->rn_lock); 3694 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3695 (void) pthread_mutex_unlock(&pp->rn_lock); 3696 3697 if (nnp != NULL) { 3698 if (prev == NULL) 3699 rc_node_destroy(nnp); 3700 else 3701 rc_node_rele(nnp); 3702 } 3703 3704 return (rc); 3705 } 3706 3707 int 3708 rc_snapshot_take_new(rc_node_ptr_t *npp, const char *svcname, 3709 const char *instname, const char *name, rc_node_ptr_t *outpp) 3710 { 3711 rc_node_t *np; 3712 rc_node_t *outp = NULL; 3713 int rc; 3714 3715 rc_node_clear(outpp, 0); 3716 3717 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3718 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE) { 3719 (void) pthread_mutex_unlock(&np->rn_lock); 3720 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 3721 } 3722 3723 rc = rc_check_type_name(REP_PROTOCOL_ENTITY_SNAPSHOT, name); 3724 if (rc != REP_PROTOCOL_SUCCESS) { 3725 (void) pthread_mutex_unlock(&np->rn_lock); 3726 return (rc); 3727 } 3728 3729 if (svcname != NULL && (rc = 3730 rc_check_type_name(REP_PROTOCOL_ENTITY_SERVICE, svcname)) != 3731 REP_PROTOCOL_SUCCESS) { 3732 (void) pthread_mutex_unlock(&np->rn_lock); 3733 return (rc); 3734 } 3735 3736 if (instname != NULL && (rc = 3737 rc_check_type_name(REP_PROTOCOL_ENTITY_INSTANCE, instname)) != 3738 REP_PROTOCOL_SUCCESS) { 3739 (void) pthread_mutex_unlock(&np->rn_lock); 3740 return (rc); 3741 } 3742 3743 if ((rc = rc_node_modify_permission_check()) != REP_PROTOCOL_SUCCESS) { 3744 (void) pthread_mutex_unlock(&np->rn_lock); 3745 return (rc); 3746 } 3747 3748 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); 3749 (void) pthread_mutex_unlock(&np->rn_lock); 3750 3751 rc = object_snapshot_take_new(np, svcname, instname, name, &outp); 3752 3753 if (rc == REP_PROTOCOL_SUCCESS) { 3754 rc_node_assign(outpp, outp); 3755 rc_node_rele(outp); 3756 } 3757 3758 (void) pthread_mutex_lock(&np->rn_lock); 3759 rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); 3760 (void) pthread_mutex_unlock(&np->rn_lock); 3761 3762 return (rc); 3763 } 3764 3765 int 3766 rc_snapshot_take_attach(rc_node_ptr_t *npp, rc_node_ptr_t *outpp) 3767 { 3768 rc_node_t *np, *outp; 3769 3770 RC_NODE_PTR_GET_CHECK(np, npp); 3771 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE) { 3772 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 3773 } 3774 3775 RC_NODE_PTR_GET_CHECK_AND_LOCK(outp, outpp); 3776 if (outp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { 3777 (void) pthread_mutex_unlock(&outp->rn_lock); 3778 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3779 } 3780 3781 return (rc_attach_snapshot(outp, 0, np)); /* drops outp's lock */ 3782 } 3783 3784 int 3785 rc_snapshot_attach(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) 3786 { 3787 rc_node_t *np; 3788 rc_node_t *cp; 3789 uint32_t snapid; 3790 3791 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3792 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { 3793 (void) pthread_mutex_unlock(&np->rn_lock); 3794 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3795 } 3796 snapid = np->rn_snapshot_id; 3797 (void) pthread_mutex_unlock(&np->rn_lock); 3798 3799 RC_NODE_PTR_GET_CHECK_AND_LOCK(cp, cpp); 3800 if (cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { 3801 (void) pthread_mutex_unlock(&cp->rn_lock); 3802 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3803 } 3804 3805 return (rc_attach_snapshot(cp, snapid, NULL)); /* drops cp's lock */ 3806 } 3807 3808 /* 3809 * Iteration 3810 */ 3811 static int 3812 rc_iter_filter_name(rc_node_t *np, void *s) 3813 { 3814 const char *name = s; 3815 3816 return (strcmp(np->rn_name, name) == 0); 3817 } 3818 3819 static int 3820 rc_iter_filter_type(rc_node_t *np, void *s) 3821 { 3822 const char *type = s; 3823 3824 return (np->rn_type != NULL && strcmp(np->rn_type, type) == 0); 3825 } 3826 3827 /*ARGSUSED*/ 3828 static int 3829 rc_iter_null_filter(rc_node_t *np, void *s) 3830 { 3831 return (1); 3832 } 3833 3834 /* 3835 * Allocate & initialize an rc_node_iter_t structure. Essentially, ensure 3836 * np->rn_children is populated and call uu_list_walk_start(np->rn_children). 3837 * If successful, leaves a hold on np & increments np->rn_other_refs 3838 * 3839 * If composed is true, then set up for iteration across the top level of np's 3840 * composition chain. If successful, leaves a hold on np and increments 3841 * rn_other_refs for the top level of np's composition chain. 3842 * 3843 * Fails with 3844 * _NO_RESOURCES 3845 * _INVALID_TYPE 3846 * _TYPE_MISMATCH - np cannot carry type children 3847 * _DELETED 3848 */ 3849 static int 3850 rc_iter_create(rc_node_iter_t **resp, rc_node_t *np, uint32_t type, 3851 rc_iter_filter_func *filter, void *arg, boolean_t composed) 3852 { 3853 rc_node_iter_t *nip; 3854 int res; 3855 3856 assert(*resp == NULL); 3857 3858 nip = uu_zalloc(sizeof (*nip)); 3859 if (nip == NULL) 3860 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 3861 3862 /* np is held by the client's rc_node_ptr_t */ 3863 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) 3864 composed = 1; 3865 3866 if (!composed) { 3867 (void) pthread_mutex_lock(&np->rn_lock); 3868 3869 if ((res = rc_node_fill_children(np, type)) != 3870 REP_PROTOCOL_SUCCESS) { 3871 (void) pthread_mutex_unlock(&np->rn_lock); 3872 uu_free(nip); 3873 return (res); 3874 } 3875 3876 nip->rni_clevel = -1; 3877 3878 nip->rni_iter = uu_list_walk_start(np->rn_children, 3879 UU_WALK_ROBUST); 3880 if (nip->rni_iter != NULL) { 3881 nip->rni_iter_node = np; 3882 rc_node_hold_other(np); 3883 } else { 3884 (void) pthread_mutex_unlock(&np->rn_lock); 3885 uu_free(nip); 3886 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 3887 } 3888 (void) pthread_mutex_unlock(&np->rn_lock); 3889 } else { 3890 rc_node_t *ent; 3891 3892 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_SNAPSHOT) { 3893 /* rn_cchain isn't valid until children are loaded. */ 3894 (void) pthread_mutex_lock(&np->rn_lock); 3895 res = rc_node_fill_children(np, 3896 REP_PROTOCOL_ENTITY_SNAPLEVEL); 3897 (void) pthread_mutex_unlock(&np->rn_lock); 3898 if (res != REP_PROTOCOL_SUCCESS) { 3899 uu_free(nip); 3900 return (res); 3901 } 3902 3903 /* Check for an empty snapshot. */ 3904 if (np->rn_cchain[0] == NULL) 3905 goto empty; 3906 } 3907 3908 /* Start at the top of the composition chain. */ 3909 for (nip->rni_clevel = 0; ; ++nip->rni_clevel) { 3910 if (nip->rni_clevel >= COMPOSITION_DEPTH) { 3911 /* Empty composition chain. */ 3912 empty: 3913 nip->rni_clevel = -1; 3914 nip->rni_iter = NULL; 3915 /* It's ok, iter_next() will return _DONE. */ 3916 goto out; 3917 } 3918 3919 ent = np->rn_cchain[nip->rni_clevel]; 3920 assert(ent != NULL); 3921 3922 if (rc_node_check_and_lock(ent) == REP_PROTOCOL_SUCCESS) 3923 break; 3924 3925 /* Someone deleted it, so try the next one. */ 3926 } 3927 3928 res = rc_node_fill_children(ent, type); 3929 3930 if (res == REP_PROTOCOL_SUCCESS) { 3931 nip->rni_iter = uu_list_walk_start(ent->rn_children, 3932 UU_WALK_ROBUST); 3933 3934 if (nip->rni_iter == NULL) 3935 res = REP_PROTOCOL_FAIL_NO_RESOURCES; 3936 else { 3937 nip->rni_iter_node = ent; 3938 rc_node_hold_other(ent); 3939 } 3940 } 3941 3942 if (res != REP_PROTOCOL_SUCCESS) { 3943 (void) pthread_mutex_unlock(&ent->rn_lock); 3944 uu_free(nip); 3945 return (res); 3946 } 3947 3948 (void) pthread_mutex_unlock(&ent->rn_lock); 3949 } 3950 3951 out: 3952 rc_node_hold(np); /* released by rc_iter_end() */ 3953 nip->rni_parent = np; 3954 nip->rni_type = type; 3955 nip->rni_filter = (filter != NULL)? filter : rc_iter_null_filter; 3956 nip->rni_filter_arg = arg; 3957 *resp = nip; 3958 return (REP_PROTOCOL_SUCCESS); 3959 } 3960 3961 static void 3962 rc_iter_end(rc_node_iter_t *iter) 3963 { 3964 rc_node_t *np = iter->rni_parent; 3965 3966 if (iter->rni_clevel >= 0) 3967 np = np->rn_cchain[iter->rni_clevel]; 3968 3969 assert(MUTEX_HELD(&np->rn_lock)); 3970 if (iter->rni_iter != NULL) 3971 uu_list_walk_end(iter->rni_iter); 3972 iter->rni_iter = NULL; 3973 3974 (void) pthread_mutex_unlock(&np->rn_lock); 3975 rc_node_rele(iter->rni_parent); 3976 if (iter->rni_iter_node != NULL) 3977 rc_node_rele_other(iter->rni_iter_node); 3978 } 3979 3980 /* 3981 * Fails with 3982 * _NOT_SET - npp is reset 3983 * _DELETED - npp's node has been deleted 3984 * _NOT_APPLICABLE - npp's node is not a property 3985 * _NO_RESOURCES - out of memory 3986 */ 3987 static int 3988 rc_node_setup_value_iter(rc_node_ptr_t *npp, rc_node_iter_t **iterp) 3989 { 3990 rc_node_t *np; 3991 3992 rc_node_iter_t *nip; 3993 3994 assert(*iterp == NULL); 3995 3996 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3997 3998 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) { 3999 (void) pthread_mutex_unlock(&np->rn_lock); 4000 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 4001 } 4002 4003 nip = uu_zalloc(sizeof (*nip)); 4004 if (nip == NULL) { 4005 (void) pthread_mutex_unlock(&np->rn_lock); 4006 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4007 } 4008 4009 nip->rni_parent = np; 4010 nip->rni_iter = NULL; 4011 nip->rni_clevel = -1; 4012 nip->rni_type = REP_PROTOCOL_ENTITY_VALUE; 4013 nip->rni_offset = 0; 4014 nip->rni_last_offset = 0; 4015 4016 rc_node_hold_locked(np); 4017 4018 *iterp = nip; 4019 (void) pthread_mutex_unlock(&np->rn_lock); 4020 4021 return (REP_PROTOCOL_SUCCESS); 4022 } 4023 4024 /* 4025 * Returns: 4026 * _NOT_SET - npp is reset 4027 * _DELETED - npp's node has been deleted 4028 * _TYPE_MISMATCH - npp's node is not a property 4029 * _NOT_FOUND - property has no values 4030 * _TRUNCATED - property has >1 values (first is written into out) 4031 * _SUCCESS - property has 1 value (which is written into out) 4032 * 4033 * We shorten *sz_out to not include anything after the final '\0'. 4034 */ 4035 int 4036 rc_node_get_property_value(rc_node_ptr_t *npp, 4037 struct rep_protocol_value_response *out, size_t *sz_out) 4038 { 4039 rc_node_t *np; 4040 size_t w; 4041 int ret; 4042 4043 assert(*sz_out == sizeof (*out)); 4044 4045 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 4046 4047 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) { 4048 (void) pthread_mutex_unlock(&np->rn_lock); 4049 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4050 } 4051 4052 if (np->rn_values_size == 0) { 4053 (void) pthread_mutex_unlock(&np->rn_lock); 4054 return (REP_PROTOCOL_FAIL_NOT_FOUND); 4055 } 4056 out->rpr_type = np->rn_valtype; 4057 w = strlcpy(out->rpr_value, &np->rn_values[0], 4058 sizeof (out->rpr_value)); 4059 4060 if (w >= sizeof (out->rpr_value)) 4061 backend_panic("value too large"); 4062 4063 *sz_out = offsetof(struct rep_protocol_value_response, 4064 rpr_value[w + 1]); 4065 4066 ret = (np->rn_values_count != 1)? REP_PROTOCOL_FAIL_TRUNCATED : 4067 REP_PROTOCOL_SUCCESS; 4068 (void) pthread_mutex_unlock(&np->rn_lock); 4069 return (ret); 4070 } 4071 4072 int 4073 rc_iter_next_value(rc_node_iter_t *iter, 4074 struct rep_protocol_value_response *out, size_t *sz_out, int repeat) 4075 { 4076 rc_node_t *np = iter->rni_parent; 4077 const char *vals; 4078 size_t len; 4079 4080 size_t start; 4081 size_t w; 4082 4083 rep_protocol_responseid_t result; 4084 4085 assert(*sz_out == sizeof (*out)); 4086 4087 (void) memset(out, '\0', *sz_out); 4088 4089 if (iter->rni_type != REP_PROTOCOL_ENTITY_VALUE) 4090 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4091 4092 RC_NODE_CHECK_AND_LOCK(np); 4093 4094 vals = np->rn_values; 4095 len = np->rn_values_size; 4096 4097 out->rpr_type = np->rn_valtype; 4098 4099 start = (repeat)? iter->rni_last_offset : iter->rni_offset; 4100 4101 if (len == 0 || start >= len) { 4102 result = REP_PROTOCOL_DONE; 4103 *sz_out -= sizeof (out->rpr_value); 4104 } else { 4105 w = strlcpy(out->rpr_value, &vals[start], 4106 sizeof (out->rpr_value)); 4107 4108 if (w >= sizeof (out->rpr_value)) 4109 backend_panic("value too large"); 4110 4111 *sz_out = offsetof(struct rep_protocol_value_response, 4112 rpr_value[w + 1]); 4113 4114 /* 4115 * update the offsets if we're not repeating 4116 */ 4117 if (!repeat) { 4118 iter->rni_last_offset = iter->rni_offset; 4119 iter->rni_offset += (w + 1); 4120 } 4121 4122 result = REP_PROTOCOL_SUCCESS; 4123 } 4124 4125 (void) pthread_mutex_unlock(&np->rn_lock); 4126 return (result); 4127 } 4128 4129 /* 4130 * Entry point for ITER_START from client.c. Validate the arguments & call 4131 * rc_iter_create(). 4132 * 4133 * Fails with 4134 * _NOT_SET 4135 * _DELETED 4136 * _TYPE_MISMATCH - np cannot carry type children 4137 * _BAD_REQUEST - flags is invalid 4138 * pattern is invalid 4139 * _NO_RESOURCES 4140 * _INVALID_TYPE 4141 * _TYPE_MISMATCH - *npp cannot have children of type 4142 * _BACKEND_ACCESS 4143 */ 4144 int 4145 rc_node_setup_iter(rc_node_ptr_t *npp, rc_node_iter_t **iterp, 4146 uint32_t type, uint32_t flags, const char *pattern) 4147 { 4148 rc_node_t *np; 4149 rc_iter_filter_func *f = NULL; 4150 int rc; 4151 4152 RC_NODE_PTR_GET_CHECK(np, npp); 4153 4154 if (pattern != NULL && pattern[0] == '\0') 4155 pattern = NULL; 4156 4157 if (type == REP_PROTOCOL_ENTITY_VALUE) { 4158 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) 4159 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4160 if (flags != RP_ITER_START_ALL || pattern != NULL) 4161 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4162 4163 rc = rc_node_setup_value_iter(npp, iterp); 4164 assert(rc != REP_PROTOCOL_FAIL_NOT_APPLICABLE); 4165 return (rc); 4166 } 4167 4168 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 4169 REP_PROTOCOL_SUCCESS) 4170 return (rc); 4171 4172 if (((flags & RP_ITER_START_FILT_MASK) == RP_ITER_START_ALL) ^ 4173 (pattern == NULL)) 4174 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4175 4176 /* Composition only works for instances & snapshots. */ 4177 if ((flags & RP_ITER_START_COMPOSED) && 4178 (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE && 4179 np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT)) 4180 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4181 4182 if (pattern != NULL) { 4183 if ((rc = rc_check_type_name(type, pattern)) != 4184 REP_PROTOCOL_SUCCESS) 4185 return (rc); 4186 pattern = strdup(pattern); 4187 if (pattern == NULL) 4188 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4189 } 4190 4191 switch (flags & RP_ITER_START_FILT_MASK) { 4192 case RP_ITER_START_ALL: 4193 f = NULL; 4194 break; 4195 case RP_ITER_START_EXACT: 4196 f = rc_iter_filter_name; 4197 break; 4198 case RP_ITER_START_PGTYPE: 4199 if (type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 4200 free((void *)pattern); 4201 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4202 } 4203 f = rc_iter_filter_type; 4204 break; 4205 default: 4206 free((void *)pattern); 4207 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4208 } 4209 4210 rc = rc_iter_create(iterp, np, type, f, (void *)pattern, 4211 flags & RP_ITER_START_COMPOSED); 4212 if (rc != REP_PROTOCOL_SUCCESS && pattern != NULL) 4213 free((void *)pattern); 4214 4215 return (rc); 4216 } 4217 4218 /* 4219 * Do uu_list_walk_next(iter->rni_iter) until we find a child which matches 4220 * the filter. 4221 * For composed iterators, then check to see if there's an overlapping entity 4222 * (see embedded comments). If we reach the end of the list, start over at 4223 * the next level. 4224 * 4225 * Returns 4226 * _BAD_REQUEST - iter walks values 4227 * _TYPE_MISMATCH - iter does not walk type entities 4228 * _DELETED - parent was deleted 4229 * _NO_RESOURCES 4230 * _INVALID_TYPE - type is invalid 4231 * _DONE 4232 * _SUCCESS 4233 * 4234 * For composed property group iterators, can also return 4235 * _TYPE_MISMATCH - parent cannot have type children 4236 */ 4237 int 4238 rc_iter_next(rc_node_iter_t *iter, rc_node_ptr_t *out, uint32_t type) 4239 { 4240 rc_node_t *np = iter->rni_parent; 4241 rc_node_t *res; 4242 int rc; 4243 4244 if (iter->rni_type == REP_PROTOCOL_ENTITY_VALUE) 4245 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4246 4247 if (iter->rni_iter == NULL) { 4248 rc_node_clear(out, 0); 4249 return (REP_PROTOCOL_DONE); 4250 } 4251 4252 if (iter->rni_type != type) { 4253 rc_node_clear(out, 0); 4254 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4255 } 4256 4257 (void) pthread_mutex_lock(&np->rn_lock); /* held by _iter_create() */ 4258 4259 if (!rc_node_wait_flag(np, RC_NODE_CHILDREN_CHANGING)) { 4260 (void) pthread_mutex_unlock(&np->rn_lock); 4261 rc_node_clear(out, 1); 4262 return (REP_PROTOCOL_FAIL_DELETED); 4263 } 4264 4265 if (iter->rni_clevel >= 0) { 4266 /* Composed iterator. Iterate over appropriate level. */ 4267 (void) pthread_mutex_unlock(&np->rn_lock); 4268 np = np->rn_cchain[iter->rni_clevel]; 4269 /* 4270 * If iter->rni_parent is an instance or a snapshot, np must 4271 * be valid since iter holds iter->rni_parent & possible 4272 * levels (service, instance, snaplevel) cannot be destroyed 4273 * while rni_parent is held. If iter->rni_parent is 4274 * a composed property group then rc_node_setup_cpg() put 4275 * a hold on np. 4276 */ 4277 4278 (void) pthread_mutex_lock(&np->rn_lock); 4279 4280 if (!rc_node_wait_flag(np, RC_NODE_CHILDREN_CHANGING)) { 4281 (void) pthread_mutex_unlock(&np->rn_lock); 4282 rc_node_clear(out, 1); 4283 return (REP_PROTOCOL_FAIL_DELETED); 4284 } 4285 } 4286 4287 assert(np->rn_flags & RC_NODE_HAS_CHILDREN); 4288 4289 for (;;) { 4290 res = uu_list_walk_next(iter->rni_iter); 4291 if (res == NULL) { 4292 rc_node_t *parent = iter->rni_parent; 4293 4294 #if COMPOSITION_DEPTH == 2 4295 if (iter->rni_clevel < 0 || iter->rni_clevel == 1) { 4296 /* release walker and lock */ 4297 rc_iter_end(iter); 4298 break; 4299 } 4300 4301 /* Stop walking current level. */ 4302 uu_list_walk_end(iter->rni_iter); 4303 iter->rni_iter = NULL; 4304 (void) pthread_mutex_unlock(&np->rn_lock); 4305 rc_node_rele_other(iter->rni_iter_node); 4306 iter->rni_iter_node = NULL; 4307 4308 /* Start walking next level. */ 4309 ++iter->rni_clevel; 4310 np = parent->rn_cchain[iter->rni_clevel]; 4311 assert(np != NULL); 4312 #else 4313 #error This code must be updated. 4314 #endif 4315 4316 (void) pthread_mutex_lock(&np->rn_lock); 4317 4318 rc = rc_node_fill_children(np, iter->rni_type); 4319 4320 if (rc == REP_PROTOCOL_SUCCESS) { 4321 iter->rni_iter = 4322 uu_list_walk_start(np->rn_children, 4323 UU_WALK_ROBUST); 4324 4325 if (iter->rni_iter == NULL) 4326 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 4327 else { 4328 iter->rni_iter_node = np; 4329 rc_node_hold_other(np); 4330 } 4331 } 4332 4333 if (rc != REP_PROTOCOL_SUCCESS) { 4334 (void) pthread_mutex_unlock(&np->rn_lock); 4335 rc_node_clear(out, 0); 4336 return (rc); 4337 } 4338 4339 continue; 4340 } 4341 4342 if (res->rn_id.rl_type != type || 4343 !iter->rni_filter(res, iter->rni_filter_arg)) 4344 continue; 4345 4346 /* 4347 * If we're composed and not at the top level, check to see if 4348 * there's an entity at a higher level with the same name. If 4349 * so, skip this one. 4350 */ 4351 if (iter->rni_clevel > 0) { 4352 rc_node_t *ent = iter->rni_parent->rn_cchain[0]; 4353 rc_node_t *pg; 4354 4355 #if COMPOSITION_DEPTH == 2 4356 assert(iter->rni_clevel == 1); 4357 4358 (void) pthread_mutex_unlock(&np->rn_lock); 4359 (void) pthread_mutex_lock(&ent->rn_lock); 4360 rc = rc_node_find_named_child(ent, res->rn_name, type, 4361 &pg); 4362 if (rc == REP_PROTOCOL_SUCCESS && pg != NULL) 4363 rc_node_rele(pg); 4364 (void) pthread_mutex_unlock(&ent->rn_lock); 4365 if (rc != REP_PROTOCOL_SUCCESS) { 4366 rc_node_clear(out, 0); 4367 return (rc); 4368 } 4369 (void) pthread_mutex_lock(&np->rn_lock); 4370 4371 /* Make sure np isn't being deleted all of a sudden. */ 4372 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 4373 (void) pthread_mutex_unlock(&np->rn_lock); 4374 rc_node_clear(out, 1); 4375 return (REP_PROTOCOL_FAIL_DELETED); 4376 } 4377 4378 if (pg != NULL) 4379 /* Keep going. */ 4380 continue; 4381 #else 4382 #error This code must be updated. 4383 #endif 4384 } 4385 4386 /* 4387 * If we're composed, iterating over property groups, and not 4388 * at the bottom level, check to see if there's a pg at lower 4389 * level with the same name. If so, return a cpg. 4390 */ 4391 if (iter->rni_clevel >= 0 && 4392 type == REP_PROTOCOL_ENTITY_PROPERTYGRP && 4393 iter->rni_clevel < COMPOSITION_DEPTH - 1) { 4394 #if COMPOSITION_DEPTH == 2 4395 rc_node_t *pg; 4396 rc_node_t *ent = iter->rni_parent->rn_cchain[1]; 4397 4398 rc_node_hold(res); /* While we drop np->rn_lock */ 4399 4400 (void) pthread_mutex_unlock(&np->rn_lock); 4401 (void) pthread_mutex_lock(&ent->rn_lock); 4402 rc = rc_node_find_named_child(ent, res->rn_name, type, 4403 &pg); 4404 /* holds pg if not NULL */ 4405 (void) pthread_mutex_unlock(&ent->rn_lock); 4406 if (rc != REP_PROTOCOL_SUCCESS) { 4407 rc_node_rele(res); 4408 rc_node_clear(out, 0); 4409 return (rc); 4410 } 4411 4412 (void) pthread_mutex_lock(&np->rn_lock); 4413 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 4414 (void) pthread_mutex_unlock(&np->rn_lock); 4415 rc_node_rele(res); 4416 if (pg != NULL) 4417 rc_node_rele(pg); 4418 rc_node_clear(out, 1); 4419 return (REP_PROTOCOL_FAIL_DELETED); 4420 } 4421 4422 if (pg == NULL) { 4423 rc_node_rele(res); 4424 } else { 4425 rc_node_t *cpg; 4426 4427 /* Keep res held for rc_node_setup_cpg(). */ 4428 4429 cpg = rc_node_alloc(); 4430 if (cpg == NULL) { 4431 (void) pthread_mutex_unlock( 4432 &np->rn_lock); 4433 rc_node_rele(res); 4434 rc_node_rele(pg); 4435 rc_node_clear(out, 0); 4436 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4437 } 4438 4439 switch (rc_node_setup_cpg(cpg, res, pg)) { 4440 case REP_PROTOCOL_SUCCESS: 4441 res = cpg; 4442 break; 4443 4444 case REP_PROTOCOL_FAIL_TYPE_MISMATCH: 4445 /* Nevermind. */ 4446 rc_node_destroy(cpg); 4447 rc_node_rele(pg); 4448 rc_node_rele(res); 4449 break; 4450 4451 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4452 rc_node_destroy(cpg); 4453 (void) pthread_mutex_unlock( 4454 &np->rn_lock); 4455 rc_node_rele(res); 4456 rc_node_rele(pg); 4457 rc_node_clear(out, 0); 4458 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4459 4460 default: 4461 assert(0); 4462 abort(); 4463 } 4464 } 4465 #else 4466 #error This code must be updated. 4467 #endif 4468 } 4469 4470 rc_node_hold(res); 4471 (void) pthread_mutex_unlock(&np->rn_lock); 4472 break; 4473 } 4474 rc_node_assign(out, res); 4475 4476 if (res == NULL) 4477 return (REP_PROTOCOL_DONE); 4478 rc_node_rele(res); 4479 return (REP_PROTOCOL_SUCCESS); 4480 } 4481 4482 void 4483 rc_iter_destroy(rc_node_iter_t **nipp) 4484 { 4485 rc_node_iter_t *nip = *nipp; 4486 rc_node_t *np; 4487 4488 if (nip == NULL) 4489 return; /* already freed */ 4490 4491 np = nip->rni_parent; 4492 4493 if (nip->rni_filter_arg != NULL) 4494 free(nip->rni_filter_arg); 4495 nip->rni_filter_arg = NULL; 4496 4497 if (nip->rni_type == REP_PROTOCOL_ENTITY_VALUE || 4498 nip->rni_iter != NULL) { 4499 if (nip->rni_clevel < 0) 4500 (void) pthread_mutex_lock(&np->rn_lock); 4501 else 4502 (void) pthread_mutex_lock( 4503 &np->rn_cchain[nip->rni_clevel]->rn_lock); 4504 rc_iter_end(nip); /* release walker and lock */ 4505 } 4506 nip->rni_parent = NULL; 4507 4508 uu_free(nip); 4509 *nipp = NULL; 4510 } 4511 4512 int 4513 rc_node_setup_tx(rc_node_ptr_t *npp, rc_node_ptr_t *txp) 4514 { 4515 rc_node_t *np; 4516 permcheck_t *pcp; 4517 int ret; 4518 int authorized = 0; 4519 4520 RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp); 4521 4522 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 4523 rc_node_rele(np); 4524 np = np->rn_cchain[0]; 4525 RC_NODE_CHECK_AND_HOLD(np); 4526 } 4527 4528 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 4529 rc_node_rele(np); 4530 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4531 } 4532 4533 if (np->rn_id.rl_ids[ID_SNAPSHOT] != 0) { 4534 rc_node_rele(np); 4535 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4536 } 4537 4538 if (client_is_privileged()) 4539 goto skip_checks; 4540 4541 #ifdef NATIVE_BUILD 4542 rc_node_rele(np); 4543 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4544 #else 4545 /* permission check */ 4546 pcp = pc_create(); 4547 if (pcp == NULL) { 4548 rc_node_rele(np); 4549 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4550 } 4551 4552 if (np->rn_id.rl_ids[ID_INSTANCE] != 0 && /* instance pg */ 4553 ((strcmp(np->rn_name, AUTH_PG_ACTIONS) == 0 && 4554 strcmp(np->rn_type, AUTH_PG_ACTIONS_TYPE) == 0) || 4555 (strcmp(np->rn_name, AUTH_PG_GENERAL_OVR) == 0 && 4556 strcmp(np->rn_type, AUTH_PG_GENERAL_OVR_TYPE) == 0))) { 4557 rc_node_t *instn; 4558 4559 /* solaris.smf.manage can be used. */ 4560 ret = perm_add_enabling(pcp, AUTH_MANAGE); 4561 4562 if (ret != REP_PROTOCOL_SUCCESS) { 4563 pc_free(pcp); 4564 rc_node_rele(np); 4565 return (ret); 4566 } 4567 4568 /* general/action_authorization values can be used. */ 4569 ret = rc_node_parent(np, &instn); 4570 if (ret != REP_PROTOCOL_SUCCESS) { 4571 assert(ret == REP_PROTOCOL_FAIL_DELETED); 4572 rc_node_rele(np); 4573 pc_free(pcp); 4574 return (REP_PROTOCOL_FAIL_DELETED); 4575 } 4576 4577 assert(instn->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE); 4578 4579 ret = perm_add_inst_action_auth(pcp, instn); 4580 rc_node_rele(instn); 4581 switch (ret) { 4582 case REP_PROTOCOL_SUCCESS: 4583 break; 4584 4585 case REP_PROTOCOL_FAIL_DELETED: 4586 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4587 rc_node_rele(np); 4588 pc_free(pcp); 4589 return (ret); 4590 4591 default: 4592 bad_error("perm_add_inst_action_auth", ret); 4593 } 4594 4595 if (strcmp(np->rn_name, AUTH_PG_ACTIONS) == 0) 4596 authorized = 1; /* Don't check on commit. */ 4597 } else { 4598 ret = perm_add_enabling(pcp, AUTH_MODIFY); 4599 4600 if (ret == REP_PROTOCOL_SUCCESS) { 4601 /* propertygroup-type-specific authorization */ 4602 /* no locking because rn_type won't change anyway */ 4603 const char * const auth = 4604 perm_auth_for_pgtype(np->rn_type); 4605 4606 if (auth != NULL) 4607 ret = perm_add_enabling(pcp, auth); 4608 } 4609 4610 if (ret == REP_PROTOCOL_SUCCESS) 4611 /* propertygroup/transaction-type-specific auths */ 4612 ret = 4613 perm_add_enabling_values(pcp, np, AUTH_PROP_VALUE); 4614 4615 if (ret == REP_PROTOCOL_SUCCESS) 4616 ret = 4617 perm_add_enabling_values(pcp, np, AUTH_PROP_MODIFY); 4618 4619 /* AUTH_MANAGE can manipulate general/AUTH_PROP_ACTION */ 4620 if (ret == REP_PROTOCOL_SUCCESS && 4621 strcmp(np->rn_name, AUTH_PG_GENERAL) == 0 && 4622 strcmp(np->rn_type, AUTH_PG_GENERAL_TYPE) == 0) 4623 ret = perm_add_enabling(pcp, AUTH_MANAGE); 4624 4625 if (ret != REP_PROTOCOL_SUCCESS) { 4626 pc_free(pcp); 4627 rc_node_rele(np); 4628 return (ret); 4629 } 4630 } 4631 4632 ret = perm_granted(pcp); 4633 if (ret != 1) { 4634 pc_free(pcp); 4635 rc_node_rele(np); 4636 return (ret == 0 ? REP_PROTOCOL_FAIL_PERMISSION_DENIED : 4637 REP_PROTOCOL_FAIL_NO_RESOURCES); 4638 } 4639 4640 pc_free(pcp); 4641 #endif /* NATIVE_BUILD */ 4642 4643 skip_checks: 4644 rc_node_assign(txp, np); 4645 txp->rnp_authorized = authorized; 4646 4647 rc_node_rele(np); 4648 return (REP_PROTOCOL_SUCCESS); 4649 } 4650 4651 /* 4652 * Return 1 if the given transaction commands only modify the values of 4653 * properties other than "modify_authorization". Return -1 if any of the 4654 * commands are invalid, and 0 otherwise. 4655 */ 4656 static int 4657 tx_allow_value(const void *cmds_arg, size_t cmds_sz, rc_node_t *pg) 4658 { 4659 const struct rep_protocol_transaction_cmd *cmds; 4660 uintptr_t loc; 4661 uint32_t sz; 4662 rc_node_t *prop; 4663 boolean_t ok; 4664 4665 assert(!MUTEX_HELD(&pg->rn_lock)); 4666 4667 loc = (uintptr_t)cmds_arg; 4668 4669 while (cmds_sz > 0) { 4670 cmds = (struct rep_protocol_transaction_cmd *)loc; 4671 4672 if (cmds_sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 4673 return (-1); 4674 4675 sz = cmds->rptc_size; 4676 if (sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 4677 return (-1); 4678 4679 sz = TX_SIZE(sz); 4680 if (sz > cmds_sz) 4681 return (-1); 4682 4683 switch (cmds[0].rptc_action) { 4684 case REP_PROTOCOL_TX_ENTRY_CLEAR: 4685 break; 4686 4687 case REP_PROTOCOL_TX_ENTRY_REPLACE: 4688 /* Check type */ 4689 (void) pthread_mutex_lock(&pg->rn_lock); 4690 if (rc_node_find_named_child(pg, 4691 (const char *)cmds[0].rptc_data, 4692 REP_PROTOCOL_ENTITY_PROPERTY, &prop) == 4693 REP_PROTOCOL_SUCCESS) { 4694 ok = (prop != NULL && 4695 prop->rn_valtype == cmds[0].rptc_type); 4696 } else { 4697 /* Return more particular error? */ 4698 ok = B_FALSE; 4699 } 4700 (void) pthread_mutex_unlock(&pg->rn_lock); 4701 if (ok) 4702 break; 4703 return (0); 4704 4705 default: 4706 return (0); 4707 } 4708 4709 if (strcmp((const char *)cmds[0].rptc_data, AUTH_PROP_MODIFY) 4710 == 0) 4711 return (0); 4712 4713 loc += sz; 4714 cmds_sz -= sz; 4715 } 4716 4717 return (1); 4718 } 4719 4720 /* 4721 * Return 1 if any of the given transaction commands affect 4722 * "action_authorization". Return -1 if any of the commands are invalid and 4723 * 0 in all other cases. 4724 */ 4725 static int 4726 tx_modifies_action(const void *cmds_arg, size_t cmds_sz) 4727 { 4728 const struct rep_protocol_transaction_cmd *cmds; 4729 uintptr_t loc; 4730 uint32_t sz; 4731 4732 loc = (uintptr_t)cmds_arg; 4733 4734 while (cmds_sz > 0) { 4735 cmds = (struct rep_protocol_transaction_cmd *)loc; 4736 4737 if (cmds_sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 4738 return (-1); 4739 4740 sz = cmds->rptc_size; 4741 if (sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 4742 return (-1); 4743 4744 sz = TX_SIZE(sz); 4745 if (sz > cmds_sz) 4746 return (-1); 4747 4748 if (strcmp((const char *)cmds[0].rptc_data, AUTH_PROP_ACTION) 4749 == 0) 4750 return (1); 4751 4752 loc += sz; 4753 cmds_sz -= sz; 4754 } 4755 4756 return (0); 4757 } 4758 4759 /* 4760 * Returns 1 if the transaction commands only modify properties named 4761 * 'enabled'. 4762 */ 4763 static int 4764 tx_only_enabled(const void *cmds_arg, size_t cmds_sz) 4765 { 4766 const struct rep_protocol_transaction_cmd *cmd; 4767 uintptr_t loc; 4768 uint32_t sz; 4769 4770 loc = (uintptr_t)cmds_arg; 4771 4772 while (cmds_sz > 0) { 4773 cmd = (struct rep_protocol_transaction_cmd *)loc; 4774 4775 if (cmds_sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 4776 return (-1); 4777 4778 sz = cmd->rptc_size; 4779 if (sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 4780 return (-1); 4781 4782 sz = TX_SIZE(sz); 4783 if (sz > cmds_sz) 4784 return (-1); 4785 4786 if (strcmp((const char *)cmd->rptc_data, AUTH_PROP_ENABLED) 4787 != 0) 4788 return (0); 4789 4790 loc += sz; 4791 cmds_sz -= sz; 4792 } 4793 4794 return (1); 4795 } 4796 4797 int 4798 rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) 4799 { 4800 rc_node_t *np = txp->rnp_node; 4801 rc_node_t *pp; 4802 rc_node_t *nnp; 4803 rc_node_pg_notify_t *pnp; 4804 int rc; 4805 permcheck_t *pcp; 4806 int granted, normal; 4807 4808 RC_NODE_CHECK(np); 4809 4810 if (!client_is_privileged() && !txp->rnp_authorized) { 4811 #ifdef NATIVE_BUILD 4812 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4813 #else 4814 /* permission check: depends on contents of transaction */ 4815 pcp = pc_create(); 4816 if (pcp == NULL) 4817 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4818 4819 /* If normal is cleared, we won't do the normal checks. */ 4820 normal = 1; 4821 rc = REP_PROTOCOL_SUCCESS; 4822 4823 if (strcmp(np->rn_name, AUTH_PG_GENERAL) == 0 && 4824 strcmp(np->rn_type, AUTH_PG_GENERAL_TYPE) == 0) { 4825 /* Touching general[framework]/action_authorization? */ 4826 rc = tx_modifies_action(cmds, cmds_sz); 4827 if (rc == -1) { 4828 pc_free(pcp); 4829 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4830 } 4831 4832 if (rc) { 4833 /* Yes: only AUTH_MANAGE can be used. */ 4834 rc = perm_add_enabling(pcp, AUTH_MANAGE); 4835 normal = 0; 4836 } else { 4837 rc = REP_PROTOCOL_SUCCESS; 4838 } 4839 } else if (np->rn_id.rl_ids[ID_INSTANCE] != 0 && 4840 strcmp(np->rn_name, AUTH_PG_GENERAL_OVR) == 0 && 4841 strcmp(np->rn_type, AUTH_PG_GENERAL_OVR_TYPE) == 0) { 4842 rc_node_t *instn; 4843 4844 rc = tx_only_enabled(cmds, cmds_sz); 4845 if (rc == -1) { 4846 pc_free(pcp); 4847 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4848 } 4849 4850 if (rc) { 4851 rc = rc_node_parent(np, &instn); 4852 if (rc != REP_PROTOCOL_SUCCESS) { 4853 assert(rc == REP_PROTOCOL_FAIL_DELETED); 4854 pc_free(pcp); 4855 return (rc); 4856 } 4857 4858 assert(instn->rn_id.rl_type == 4859 REP_PROTOCOL_ENTITY_INSTANCE); 4860 4861 rc = perm_add_inst_action_auth(pcp, instn); 4862 rc_node_rele(instn); 4863 switch (rc) { 4864 case REP_PROTOCOL_SUCCESS: 4865 break; 4866 4867 case REP_PROTOCOL_FAIL_DELETED: 4868 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4869 pc_free(pcp); 4870 return (rc); 4871 4872 default: 4873 bad_error("perm_add_inst_action_auth", 4874 rc); 4875 } 4876 } else { 4877 rc = REP_PROTOCOL_SUCCESS; 4878 } 4879 } 4880 4881 if (rc == REP_PROTOCOL_SUCCESS && normal) { 4882 rc = perm_add_enabling(pcp, AUTH_MODIFY); 4883 4884 if (rc == REP_PROTOCOL_SUCCESS) { 4885 /* Add pgtype-specific authorization. */ 4886 const char * const auth = 4887 perm_auth_for_pgtype(np->rn_type); 4888 4889 if (auth != NULL) 4890 rc = perm_add_enabling(pcp, auth); 4891 } 4892 4893 /* Add pg-specific modify_authorization auths. */ 4894 if (rc == REP_PROTOCOL_SUCCESS) 4895 rc = perm_add_enabling_values(pcp, np, 4896 AUTH_PROP_MODIFY); 4897 4898 /* If value_authorization values are ok, add them. */ 4899 if (rc == REP_PROTOCOL_SUCCESS) { 4900 rc = tx_allow_value(cmds, cmds_sz, np); 4901 if (rc == -1) 4902 rc = REP_PROTOCOL_FAIL_BAD_REQUEST; 4903 else if (rc) 4904 rc = perm_add_enabling_values(pcp, np, 4905 AUTH_PROP_VALUE); 4906 } 4907 } 4908 4909 if (rc == REP_PROTOCOL_SUCCESS) { 4910 granted = perm_granted(pcp); 4911 if (granted < 0) 4912 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 4913 } 4914 4915 pc_free(pcp); 4916 4917 if (rc != REP_PROTOCOL_SUCCESS) 4918 return (rc); 4919 4920 if (!granted) 4921 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4922 #endif /* NATIVE_BUILD */ 4923 } 4924 4925 nnp = rc_node_alloc(); 4926 if (nnp == NULL) 4927 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4928 4929 nnp->rn_id = np->rn_id; /* structure assignment */ 4930 nnp->rn_hash = np->rn_hash; 4931 nnp->rn_name = strdup(np->rn_name); 4932 nnp->rn_type = strdup(np->rn_type); 4933 nnp->rn_pgflags = np->rn_pgflags; 4934 4935 nnp->rn_flags = RC_NODE_IN_TX | RC_NODE_USING_PARENT; 4936 4937 if (nnp->rn_name == NULL || nnp->rn_type == NULL) { 4938 rc_node_destroy(nnp); 4939 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4940 } 4941 4942 (void) pthread_mutex_lock(&np->rn_lock); 4943 /* 4944 * We must have all of the old properties in the cache, or the 4945 * database deletions could cause inconsistencies. 4946 */ 4947 if ((rc = rc_node_fill_children(np, REP_PROTOCOL_ENTITY_PROPERTY)) != 4948 REP_PROTOCOL_SUCCESS) { 4949 (void) pthread_mutex_unlock(&np->rn_lock); 4950 rc_node_destroy(nnp); 4951 return (rc); 4952 } 4953 4954 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 4955 (void) pthread_mutex_unlock(&np->rn_lock); 4956 rc_node_destroy(nnp); 4957 return (REP_PROTOCOL_FAIL_DELETED); 4958 } 4959 4960 if (np->rn_flags & RC_NODE_OLD) { 4961 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 4962 (void) pthread_mutex_unlock(&np->rn_lock); 4963 rc_node_destroy(nnp); 4964 return (REP_PROTOCOL_FAIL_NOT_LATEST); 4965 } 4966 4967 pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); 4968 if (pp == NULL) { 4969 /* our parent is gone, we're going next... */ 4970 rc_node_destroy(nnp); 4971 (void) pthread_mutex_lock(&np->rn_lock); 4972 if (np->rn_flags & RC_NODE_OLD) { 4973 (void) pthread_mutex_unlock(&np->rn_lock); 4974 return (REP_PROTOCOL_FAIL_NOT_LATEST); 4975 } 4976 (void) pthread_mutex_unlock(&np->rn_lock); 4977 return (REP_PROTOCOL_FAIL_DELETED); 4978 } 4979 (void) pthread_mutex_unlock(&pp->rn_lock); 4980 4981 /* 4982 * prepare for the transaction 4983 */ 4984 (void) pthread_mutex_lock(&np->rn_lock); 4985 if (!rc_node_hold_flag(np, RC_NODE_IN_TX)) { 4986 (void) pthread_mutex_unlock(&np->rn_lock); 4987 (void) pthread_mutex_lock(&pp->rn_lock); 4988 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 4989 (void) pthread_mutex_unlock(&pp->rn_lock); 4990 rc_node_destroy(nnp); 4991 return (REP_PROTOCOL_FAIL_DELETED); 4992 } 4993 nnp->rn_gen_id = np->rn_gen_id; 4994 (void) pthread_mutex_unlock(&np->rn_lock); 4995 4996 /* Sets nnp->rn_gen_id on success. */ 4997 rc = object_tx_commit(&np->rn_id, cmds, cmds_sz, &nnp->rn_gen_id); 4998 4999 (void) pthread_mutex_lock(&np->rn_lock); 5000 if (rc != REP_PROTOCOL_SUCCESS) { 5001 rc_node_rele_flag(np, RC_NODE_IN_TX); 5002 (void) pthread_mutex_unlock(&np->rn_lock); 5003 (void) pthread_mutex_lock(&pp->rn_lock); 5004 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 5005 (void) pthread_mutex_unlock(&pp->rn_lock); 5006 rc_node_destroy(nnp); 5007 rc_node_clear(txp, 0); 5008 if (rc == REP_PROTOCOL_DONE) 5009 rc = REP_PROTOCOL_SUCCESS; /* successful empty tx */ 5010 return (rc); 5011 } 5012 5013 /* 5014 * Notify waiters 5015 */ 5016 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5017 while ((pnp = uu_list_first(np->rn_pg_notify_list)) != NULL) 5018 rc_pg_notify_fire(pnp); 5019 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5020 5021 np->rn_flags |= RC_NODE_OLD; 5022 (void) pthread_mutex_unlock(&np->rn_lock); 5023 5024 rc_notify_remove_node(np); 5025 5026 /* 5027 * replace np with nnp 5028 */ 5029 rc_node_relink_child(pp, np, nnp); 5030 5031 /* 5032 * all done -- clear the transaction. 5033 */ 5034 rc_node_clear(txp, 0); 5035 5036 return (REP_PROTOCOL_SUCCESS); 5037 } 5038 5039 void 5040 rc_pg_notify_init(rc_node_pg_notify_t *pnp) 5041 { 5042 uu_list_node_init(pnp, &pnp->rnpn_node, rc_pg_notify_pool); 5043 pnp->rnpn_pg = NULL; 5044 pnp->rnpn_fd = -1; 5045 } 5046 5047 int 5048 rc_pg_notify_setup(rc_node_pg_notify_t *pnp, rc_node_ptr_t *npp, int fd) 5049 { 5050 rc_node_t *np; 5051 5052 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 5053 5054 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 5055 (void) pthread_mutex_unlock(&np->rn_lock); 5056 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 5057 } 5058 5059 /* 5060 * wait for any transaction in progress to complete 5061 */ 5062 if (!rc_node_wait_flag(np, RC_NODE_IN_TX)) { 5063 (void) pthread_mutex_unlock(&np->rn_lock); 5064 return (REP_PROTOCOL_FAIL_DELETED); 5065 } 5066 5067 if (np->rn_flags & RC_NODE_OLD) { 5068 (void) pthread_mutex_unlock(&np->rn_lock); 5069 return (REP_PROTOCOL_FAIL_NOT_LATEST); 5070 } 5071 5072 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5073 rc_pg_notify_fire(pnp); 5074 pnp->rnpn_pg = np; 5075 pnp->rnpn_fd = fd; 5076 (void) uu_list_insert_after(np->rn_pg_notify_list, NULL, pnp); 5077 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5078 5079 (void) pthread_mutex_unlock(&np->rn_lock); 5080 return (REP_PROTOCOL_SUCCESS); 5081 } 5082 5083 void 5084 rc_pg_notify_fini(rc_node_pg_notify_t *pnp) 5085 { 5086 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5087 rc_pg_notify_fire(pnp); 5088 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5089 5090 uu_list_node_fini(pnp, &pnp->rnpn_node, rc_pg_notify_pool); 5091 } 5092 5093 void 5094 rc_notify_info_init(rc_notify_info_t *rnip) 5095 { 5096 int i; 5097 5098 uu_list_node_init(rnip, &rnip->rni_list_node, rc_notify_info_pool); 5099 uu_list_node_init(&rnip->rni_notify, &rnip->rni_notify.rcn_list_node, 5100 rc_notify_pool); 5101 5102 rnip->rni_notify.rcn_node = NULL; 5103 rnip->rni_notify.rcn_info = rnip; 5104 5105 bzero(rnip->rni_namelist, sizeof (rnip->rni_namelist)); 5106 bzero(rnip->rni_typelist, sizeof (rnip->rni_typelist)); 5107 5108 (void) pthread_cond_init(&rnip->rni_cv, NULL); 5109 5110 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) { 5111 rnip->rni_namelist[i] = NULL; 5112 rnip->rni_typelist[i] = NULL; 5113 } 5114 } 5115 5116 static void 5117 rc_notify_info_insert_locked(rc_notify_info_t *rnip) 5118 { 5119 assert(MUTEX_HELD(&rc_pg_notify_lock)); 5120 5121 assert(!(rnip->rni_flags & RC_NOTIFY_ACTIVE)); 5122 5123 rnip->rni_flags |= RC_NOTIFY_ACTIVE; 5124 (void) uu_list_insert_after(rc_notify_info_list, NULL, rnip); 5125 (void) uu_list_insert_before(rc_notify_list, NULL, &rnip->rni_notify); 5126 } 5127 5128 static void 5129 rc_notify_info_remove_locked(rc_notify_info_t *rnip) 5130 { 5131 rc_notify_t *me = &rnip->rni_notify; 5132 rc_notify_t *np; 5133 5134 assert(MUTEX_HELD(&rc_pg_notify_lock)); 5135 5136 assert(rnip->rni_flags & RC_NOTIFY_ACTIVE); 5137 5138 assert(!(rnip->rni_flags & RC_NOTIFY_DRAIN)); 5139 rnip->rni_flags |= RC_NOTIFY_DRAIN; 5140 (void) pthread_cond_broadcast(&rnip->rni_cv); 5141 5142 (void) uu_list_remove(rc_notify_info_list, rnip); 5143 5144 /* 5145 * clean up any notifications at the beginning of the list 5146 */ 5147 if (uu_list_first(rc_notify_list) == me) { 5148 while ((np = uu_list_next(rc_notify_list, me)) != NULL && 5149 np->rcn_info == NULL) 5150 rc_notify_remove_locked(np); 5151 } 5152 (void) uu_list_remove(rc_notify_list, me); 5153 5154 while (rnip->rni_waiters) { 5155 (void) pthread_cond_broadcast(&rc_pg_notify_cv); 5156 (void) pthread_cond_broadcast(&rnip->rni_cv); 5157 (void) pthread_cond_wait(&rnip->rni_cv, &rc_pg_notify_lock); 5158 } 5159 5160 rnip->rni_flags &= ~(RC_NOTIFY_DRAIN | RC_NOTIFY_ACTIVE); 5161 } 5162 5163 static int 5164 rc_notify_info_add_watch(rc_notify_info_t *rnip, const char **arr, 5165 const char *name) 5166 { 5167 int i; 5168 int rc; 5169 char *f; 5170 5171 rc = rc_check_type_name(REP_PROTOCOL_ENTITY_PROPERTYGRP, name); 5172 if (rc != REP_PROTOCOL_SUCCESS) 5173 return (rc); 5174 5175 f = strdup(name); 5176 if (f == NULL) 5177 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5178 5179 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5180 5181 while (rnip->rni_flags & RC_NOTIFY_EMPTYING) 5182 (void) pthread_cond_wait(&rnip->rni_cv, &rc_pg_notify_lock); 5183 5184 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) 5185 if (arr[i] == NULL) 5186 break; 5187 5188 if (i == RC_NOTIFY_MAX_NAMES) { 5189 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5190 free(f); 5191 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5192 } 5193 5194 arr[i] = f; 5195 if (!(rnip->rni_flags & RC_NOTIFY_ACTIVE)) 5196 rc_notify_info_insert_locked(rnip); 5197 5198 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5199 return (REP_PROTOCOL_SUCCESS); 5200 } 5201 5202 int 5203 rc_notify_info_add_name(rc_notify_info_t *rnip, const char *name) 5204 { 5205 return (rc_notify_info_add_watch(rnip, rnip->rni_namelist, name)); 5206 } 5207 5208 int 5209 rc_notify_info_add_type(rc_notify_info_t *rnip, const char *type) 5210 { 5211 return (rc_notify_info_add_watch(rnip, rnip->rni_typelist, type)); 5212 } 5213 5214 /* 5215 * Wait for and report an event of interest to rnip, a notification client 5216 */ 5217 int 5218 rc_notify_info_wait(rc_notify_info_t *rnip, rc_node_ptr_t *out, 5219 char *outp, size_t sz) 5220 { 5221 rc_notify_t *np; 5222 rc_notify_t *me = &rnip->rni_notify; 5223 rc_node_t *nnp; 5224 rc_notify_delete_t *ndp; 5225 5226 int am_first_info; 5227 5228 if (sz > 0) 5229 outp[0] = 0; 5230 5231 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5232 5233 while ((rnip->rni_flags & (RC_NOTIFY_ACTIVE | RC_NOTIFY_DRAIN)) == 5234 RC_NOTIFY_ACTIVE) { 5235 /* 5236 * If I'm first on the notify list, it is my job to 5237 * clean up any notifications I pass by. I can't do that 5238 * if someone is blocking the list from removals, so I 5239 * have to wait until they have all drained. 5240 */ 5241 am_first_info = (uu_list_first(rc_notify_list) == me); 5242 if (am_first_info && rc_notify_in_use) { 5243 rnip->rni_waiters++; 5244 (void) pthread_cond_wait(&rc_pg_notify_cv, 5245 &rc_pg_notify_lock); 5246 rnip->rni_waiters--; 5247 continue; 5248 } 5249 5250 /* 5251 * Search the list for a node of interest. 5252 */ 5253 np = uu_list_next(rc_notify_list, me); 5254 while (np != NULL && !rc_notify_info_interested(rnip, np)) { 5255 rc_notify_t *next = uu_list_next(rc_notify_list, np); 5256 5257 if (am_first_info) { 5258 if (np->rcn_info) { 5259 /* 5260 * Passing another client -- stop 5261 * cleaning up notifications 5262 */ 5263 am_first_info = 0; 5264 } else { 5265 rc_notify_remove_locked(np); 5266 } 5267 } 5268 np = next; 5269 } 5270 5271 /* 5272 * Nothing of interest -- wait for notification 5273 */ 5274 if (np == NULL) { 5275 rnip->rni_waiters++; 5276 (void) pthread_cond_wait(&rnip->rni_cv, 5277 &rc_pg_notify_lock); 5278 rnip->rni_waiters--; 5279 continue; 5280 } 5281 5282 /* 5283 * found something to report -- move myself after the 5284 * notification and process it. 5285 */ 5286 (void) uu_list_remove(rc_notify_list, me); 5287 (void) uu_list_insert_after(rc_notify_list, np, me); 5288 5289 if ((ndp = np->rcn_delete) != NULL) { 5290 (void) strlcpy(outp, ndp->rnd_fmri, sz); 5291 if (am_first_info) 5292 rc_notify_remove_locked(np); 5293 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5294 rc_node_clear(out, 0); 5295 return (REP_PROTOCOL_SUCCESS); 5296 } 5297 5298 nnp = np->rcn_node; 5299 assert(nnp != NULL); 5300 5301 /* 5302 * We can't bump nnp's reference count without grabbing its 5303 * lock, and rc_pg_notify_lock is a leaf lock. So we 5304 * temporarily block all removals to keep nnp from 5305 * disappearing. 5306 */ 5307 rc_notify_in_use++; 5308 assert(rc_notify_in_use > 0); 5309 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5310 5311 rc_node_assign(out, nnp); 5312 5313 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5314 assert(rc_notify_in_use > 0); 5315 rc_notify_in_use--; 5316 if (am_first_info) 5317 rc_notify_remove_locked(np); 5318 if (rc_notify_in_use == 0) 5319 (void) pthread_cond_broadcast(&rc_pg_notify_cv); 5320 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5321 5322 return (REP_PROTOCOL_SUCCESS); 5323 } 5324 /* 5325 * If we're the last one out, let people know it's clear. 5326 */ 5327 if (rnip->rni_waiters == 0) 5328 (void) pthread_cond_broadcast(&rnip->rni_cv); 5329 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5330 return (REP_PROTOCOL_DONE); 5331 } 5332 5333 static void 5334 rc_notify_info_reset(rc_notify_info_t *rnip) 5335 { 5336 int i; 5337 5338 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5339 if (rnip->rni_flags & RC_NOTIFY_ACTIVE) 5340 rc_notify_info_remove_locked(rnip); 5341 assert(!(rnip->rni_flags & (RC_NOTIFY_DRAIN | RC_NOTIFY_EMPTYING))); 5342 rnip->rni_flags |= RC_NOTIFY_EMPTYING; 5343 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5344 5345 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) { 5346 if (rnip->rni_namelist[i] != NULL) { 5347 free((void *)rnip->rni_namelist[i]); 5348 rnip->rni_namelist[i] = NULL; 5349 } 5350 if (rnip->rni_typelist[i] != NULL) { 5351 free((void *)rnip->rni_typelist[i]); 5352 rnip->rni_typelist[i] = NULL; 5353 } 5354 } 5355 5356 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5357 rnip->rni_flags &= ~RC_NOTIFY_EMPTYING; 5358 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5359 } 5360 5361 void 5362 rc_notify_info_fini(rc_notify_info_t *rnip) 5363 { 5364 rc_notify_info_reset(rnip); 5365 5366 uu_list_node_fini(rnip, &rnip->rni_list_node, rc_notify_info_pool); 5367 uu_list_node_fini(&rnip->rni_notify, &rnip->rni_notify.rcn_list_node, 5368 rc_notify_pool); 5369 } 5370