1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 22 /* All Rights Reserved */ 23 24 25 /* 26 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 27 * Use is subject to license terms. 28 */ 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #include <sys/types.h> 33 #include <sys/sysmacros.h> 34 #include <sys/param.h> 35 #include <sys/errno.h> 36 #include <sys/signal.h> 37 #include <sys/stat.h> 38 #include <sys/proc.h> 39 #include <sys/cred.h> 40 #include <sys/user.h> 41 #include <sys/vnode.h> 42 #include <sys/file.h> 43 #include <sys/stream.h> 44 #include <sys/strsubr.h> 45 #include <sys/stropts.h> 46 #include <sys/tihdr.h> 47 #include <sys/var.h> 48 #include <sys/poll.h> 49 #include <sys/termio.h> 50 #include <sys/ttold.h> 51 #include <sys/systm.h> 52 #include <sys/uio.h> 53 #include <sys/cmn_err.h> 54 #include <sys/sad.h> 55 #include <sys/netstack.h> 56 #include <sys/priocntl.h> 57 #include <sys/jioctl.h> 58 #include <sys/procset.h> 59 #include <sys/session.h> 60 #include <sys/kmem.h> 61 #include <sys/filio.h> 62 #include <sys/vtrace.h> 63 #include <sys/debug.h> 64 #include <sys/strredir.h> 65 #include <sys/fs/fifonode.h> 66 #include <sys/fs/snode.h> 67 #include <sys/strlog.h> 68 #include <sys/strsun.h> 69 #include <sys/project.h> 70 #include <sys/kbio.h> 71 #include <sys/msio.h> 72 #include <sys/tty.h> 73 #include <sys/ptyvar.h> 74 #include <sys/vuid_event.h> 75 #include <sys/modctl.h> 76 #include <sys/sunddi.h> 77 #include <sys/sunldi_impl.h> 78 #include <sys/autoconf.h> 79 #include <sys/policy.h> 80 #include <sys/dld.h> 81 #include <sys/zone.h> 82 83 /* 84 * This define helps improve the readability of streams code while 85 * still maintaining a very old streams performance enhancement. The 86 * performance enhancement basically involved having all callers 87 * of straccess() perform the first check that straccess() will do 88 * locally before actually calling straccess(). (There by reducing 89 * the number of unnecessary calls to straccess().) 90 */ 91 #define i_straccess(x, y) ((stp->sd_sidp == NULL) ? 0 : \ 92 (stp->sd_vnode->v_type == VFIFO) ? 0 : \ 93 straccess((x), (y))) 94 95 /* 96 * what is mblk_pull_len? 97 * 98 * If a streams message consists of many short messages, 99 * a performance degradation occurs from copyout overhead. 100 * To decrease the per mblk overhead, messages that are 101 * likely to consist of many small mblks are pulled up into 102 * one continuous chunk of memory. 103 * 104 * To avoid the processing overhead of examining every 105 * mblk, a quick heuristic is used. If the first mblk in 106 * the message is shorter than mblk_pull_len, it is likely 107 * that the rest of the mblk will be short. 108 * 109 * This heuristic was decided upon after performance tests 110 * indicated that anything more complex slowed down the main 111 * code path. 112 */ 113 #define MBLK_PULL_LEN 64 114 uint32_t mblk_pull_len = MBLK_PULL_LEN; 115 116 /* 117 * The sgttyb_handling flag controls the handling of the old BSD 118 * TIOCGETP, TIOCSETP, and TIOCSETN ioctls as follows: 119 * 120 * 0 - Emit no warnings at all and retain old, broken behavior. 121 * 1 - Emit no warnings and silently handle new semantics. 122 * 2 - Send cmn_err(CE_NOTE) when either TIOCSETP or TIOCSETN is used 123 * (once per system invocation). Handle with new semantics. 124 * 3 - Send SIGSYS when any TIOCGETP, TIOCSETP, or TIOCSETN call is 125 * made (so that offenders drop core and are easy to debug). 126 * 127 * The "new semantics" are that TIOCGETP returns B38400 for 128 * sg_[io]speed if the corresponding value is over B38400, and that 129 * TIOCSET[PN] accept B38400 in these cases to mean "retain current 130 * bit rate." 131 */ 132 int sgttyb_handling = 1; 133 static boolean_t sgttyb_complaint; 134 135 /* don't push drcompat module by default on Style-2 streams */ 136 static int push_drcompat = 0; 137 138 /* 139 * id value used to distinguish between different ioctl messages 140 */ 141 static uint32_t ioc_id; 142 143 static void putback(struct stdata *, queue_t *, mblk_t *, int); 144 static void strcleanall(struct vnode *); 145 static int strwsrv(queue_t *); 146 static int strdocmd(struct stdata *, struct strcmd *, cred_t *); 147 static void struioainit(queue_t *, sodirect_t *, uio_t *); 148 149 /* 150 * qinit and module_info structures for stream head read and write queues 151 */ 152 struct module_info strm_info = { 0, "strrhead", 0, INFPSZ, STRHIGH, STRLOW }; 153 struct module_info stwm_info = { 0, "strwhead", 0, 0, 0, 0 }; 154 struct qinit strdata = { strrput, NULL, NULL, NULL, NULL, &strm_info }; 155 struct qinit stwdata = { NULL, strwsrv, NULL, NULL, NULL, &stwm_info }; 156 struct module_info fiform_info = { 0, "fifostrrhead", 0, PIPE_BUF, FIFOHIWAT, 157 FIFOLOWAT }; 158 struct module_info fifowm_info = { 0, "fifostrwhead", 0, 0, 0, 0 }; 159 struct qinit fifo_strdata = { strrput, NULL, NULL, NULL, NULL, &fiform_info }; 160 struct qinit fifo_stwdata = { NULL, strwsrv, NULL, NULL, NULL, &fifowm_info }; 161 162 extern kmutex_t strresources; /* protects global resources */ 163 extern kmutex_t muxifier; /* single-threads multiplexor creation */ 164 165 static boolean_t msghasdata(mblk_t *bp); 166 #define msgnodata(bp) (!msghasdata(bp)) 167 168 /* 169 * Stream head locking notes: 170 * There are four monitors associated with the stream head: 171 * 1. v_stream monitor: in stropen() and strclose() v_lock 172 * is held while the association of vnode and stream 173 * head is established or tested for. 174 * 2. open/close/push/pop monitor: sd_lock is held while each 175 * thread bids for exclusive access to this monitor 176 * for opening or closing a stream. In addition, this 177 * monitor is entered during pushes and pops. This 178 * guarantees that during plumbing operations there 179 * is only one thread trying to change the plumbing. 180 * Any other threads present in the stream are only 181 * using the plumbing. 182 * 3. read/write monitor: in the case of read, a thread holds 183 * sd_lock while trying to get data from the stream 184 * head queue. if there is none to fulfill a read 185 * request, it sets RSLEEP and calls cv_wait_sig() down 186 * in strwaitq() to await the arrival of new data. 187 * when new data arrives in strrput(), sd_lock is acquired 188 * before testing for RSLEEP and calling cv_broadcast(). 189 * the behavior of strwrite(), strwsrv(), and WSLEEP 190 * mirror this. 191 * 4. ioctl monitor: sd_lock is gotten to ensure that only one 192 * thread is doing an ioctl at a time. 193 * 194 * Note, for sodirect case 3. is extended to (*sodirect_t.sod_enqueue)() 195 * call-back from below, further the sodirect support is for code paths 196 * called via kstgetmsg(), all other code paths ASSERT() that sodirect 197 * uioa generated mblk_t's (i.e. DBLK_UIOA) aren't processed. 198 */ 199 200 static int 201 push_mod(queue_t *qp, dev_t *devp, struct stdata *stp, const char *name, 202 int anchor, cred_t *crp, uint_t anchor_zoneid) 203 { 204 int error; 205 fmodsw_impl_t *fp; 206 207 if (stp->sd_flag & (STRHUP|STRDERR|STWRERR)) { 208 error = (stp->sd_flag & STRHUP) ? ENXIO : EIO; 209 return (error); 210 } 211 if (stp->sd_pushcnt >= nstrpush) { 212 return (EINVAL); 213 } 214 215 if ((fp = fmodsw_find(name, FMODSW_HOLD | FMODSW_LOAD)) == NULL) { 216 stp->sd_flag |= STREOPENFAIL; 217 return (EINVAL); 218 } 219 220 /* 221 * push new module and call its open routine via qattach 222 */ 223 if ((error = qattach(qp, devp, 0, crp, fp, B_FALSE)) != 0) 224 return (error); 225 226 /* 227 * Check to see if caller wants a STREAMS anchor 228 * put at this place in the stream, and add if so. 229 */ 230 mutex_enter(&stp->sd_lock); 231 if (anchor == stp->sd_pushcnt) { 232 stp->sd_anchor = stp->sd_pushcnt; 233 stp->sd_anchorzone = anchor_zoneid; 234 } 235 mutex_exit(&stp->sd_lock); 236 237 return (0); 238 } 239 240 /* 241 * Open a stream device. 242 */ 243 int 244 stropen(vnode_t *vp, dev_t *devp, int flag, cred_t *crp) 245 { 246 struct stdata *stp; 247 queue_t *qp; 248 int s; 249 dev_t dummydev, savedev; 250 struct autopush *ap; 251 struct dlautopush dlap; 252 int error = 0; 253 ssize_t rmin, rmax; 254 int cloneopen; 255 queue_t *brq; 256 major_t major; 257 str_stack_t *ss; 258 zoneid_t zoneid; 259 uint_t anchor; 260 261 if (audit_active) 262 audit_stropen(vp, devp, flag, crp); 263 264 /* 265 * If the stream already exists, wait for any open in progress 266 * to complete, then call the open function of each module and 267 * driver in the stream. Otherwise create the stream. 268 */ 269 TRACE_1(TR_FAC_STREAMS_FR, TR_STROPEN, "stropen:%p", vp); 270 retry: 271 mutex_enter(&vp->v_lock); 272 if ((stp = vp->v_stream) != NULL) { 273 274 /* 275 * Waiting for stream to be created to device 276 * due to another open. 277 */ 278 mutex_exit(&vp->v_lock); 279 280 if (STRMATED(stp)) { 281 struct stdata *strmatep = stp->sd_mate; 282 283 STRLOCKMATES(stp); 284 if (strmatep->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 285 if (flag & (FNDELAY|FNONBLOCK)) { 286 error = EAGAIN; 287 mutex_exit(&strmatep->sd_lock); 288 goto ckreturn; 289 } 290 mutex_exit(&stp->sd_lock); 291 if (!cv_wait_sig(&strmatep->sd_monitor, 292 &strmatep->sd_lock)) { 293 error = EINTR; 294 mutex_exit(&strmatep->sd_lock); 295 mutex_enter(&stp->sd_lock); 296 goto ckreturn; 297 } 298 mutex_exit(&strmatep->sd_lock); 299 goto retry; 300 } 301 if (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 302 if (flag & (FNDELAY|FNONBLOCK)) { 303 error = EAGAIN; 304 mutex_exit(&strmatep->sd_lock); 305 goto ckreturn; 306 } 307 mutex_exit(&strmatep->sd_lock); 308 if (!cv_wait_sig(&stp->sd_monitor, 309 &stp->sd_lock)) { 310 error = EINTR; 311 goto ckreturn; 312 } 313 mutex_exit(&stp->sd_lock); 314 goto retry; 315 } 316 317 if (stp->sd_flag & (STRDERR|STWRERR)) { 318 error = EIO; 319 mutex_exit(&strmatep->sd_lock); 320 goto ckreturn; 321 } 322 323 stp->sd_flag |= STWOPEN; 324 STRUNLOCKMATES(stp); 325 } else { 326 mutex_enter(&stp->sd_lock); 327 if (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 328 if (flag & (FNDELAY|FNONBLOCK)) { 329 error = EAGAIN; 330 goto ckreturn; 331 } 332 if (!cv_wait_sig(&stp->sd_monitor, 333 &stp->sd_lock)) { 334 error = EINTR; 335 goto ckreturn; 336 } 337 mutex_exit(&stp->sd_lock); 338 goto retry; /* could be clone! */ 339 } 340 341 if (stp->sd_flag & (STRDERR|STWRERR)) { 342 error = EIO; 343 goto ckreturn; 344 } 345 346 stp->sd_flag |= STWOPEN; 347 mutex_exit(&stp->sd_lock); 348 } 349 350 /* 351 * Open all modules and devices down stream to notify 352 * that another user is streaming. For modules, set the 353 * last argument to MODOPEN and do not pass any open flags. 354 * Ignore dummydev since this is not the first open. 355 */ 356 claimstr(stp->sd_wrq); 357 qp = stp->sd_wrq; 358 while (_SAMESTR(qp)) { 359 qp = qp->q_next; 360 if ((error = qreopen(_RD(qp), devp, flag, crp)) != 0) 361 break; 362 } 363 releasestr(stp->sd_wrq); 364 mutex_enter(&stp->sd_lock); 365 stp->sd_flag &= ~(STRHUP|STWOPEN|STRDERR|STWRERR); 366 stp->sd_rerror = 0; 367 stp->sd_werror = 0; 368 ckreturn: 369 cv_broadcast(&stp->sd_monitor); 370 mutex_exit(&stp->sd_lock); 371 return (error); 372 } 373 374 /* 375 * This vnode isn't streaming. SPECFS already 376 * checked for multiple vnodes pointing to the 377 * same stream, so create a stream to the driver. 378 */ 379 qp = allocq(); 380 stp = shalloc(qp); 381 382 /* 383 * Initialize stream head. shalloc() has given us 384 * exclusive access, and we have the vnode locked; 385 * we can do whatever we want with stp. 386 */ 387 stp->sd_flag = STWOPEN; 388 stp->sd_siglist = NULL; 389 stp->sd_pollist.ph_list = NULL; 390 stp->sd_sigflags = 0; 391 stp->sd_mark = NULL; 392 stp->sd_closetime = STRTIMOUT; 393 stp->sd_sidp = NULL; 394 stp->sd_pgidp = NULL; 395 stp->sd_vnode = vp; 396 stp->sd_rerror = 0; 397 stp->sd_werror = 0; 398 stp->sd_wroff = 0; 399 stp->sd_tail = 0; 400 stp->sd_iocblk = NULL; 401 stp->sd_cmdblk = NULL; 402 stp->sd_pushcnt = 0; 403 stp->sd_qn_minpsz = 0; 404 stp->sd_qn_maxpsz = INFPSZ - 1; /* used to check for initialization */ 405 stp->sd_maxblk = INFPSZ; 406 stp->sd_sodirect = NULL; 407 qp->q_ptr = _WR(qp)->q_ptr = stp; 408 STREAM(qp) = STREAM(_WR(qp)) = stp; 409 vp->v_stream = stp; 410 mutex_exit(&vp->v_lock); 411 if (vp->v_type == VFIFO) { 412 stp->sd_flag |= OLDNDELAY; 413 /* 414 * This means, both for pipes and fifos 415 * strwrite will send SIGPIPE if the other 416 * end is closed. For putmsg it depends 417 * on whether it is a XPG4_2 application 418 * or not 419 */ 420 stp->sd_wput_opt = SW_SIGPIPE; 421 422 /* setq might sleep in kmem_alloc - avoid holding locks. */ 423 setq(qp, &fifo_strdata, &fifo_stwdata, NULL, QMTSAFE, 424 SQ_CI|SQ_CO, B_FALSE); 425 426 set_qend(qp); 427 stp->sd_strtab = fifo_getinfo(); 428 _WR(qp)->q_nfsrv = _WR(qp); 429 qp->q_nfsrv = qp; 430 /* 431 * Wake up others that are waiting for stream to be created. 432 */ 433 mutex_enter(&stp->sd_lock); 434 /* 435 * nothing is be pushed on stream yet, so 436 * optimized stream head packetsizes are just that 437 * of the read queue 438 */ 439 stp->sd_qn_minpsz = qp->q_minpsz; 440 stp->sd_qn_maxpsz = qp->q_maxpsz; 441 stp->sd_flag &= ~STWOPEN; 442 goto fifo_opendone; 443 } 444 /* setq might sleep in kmem_alloc - avoid holding locks. */ 445 setq(qp, &strdata, &stwdata, NULL, QMTSAFE, SQ_CI|SQ_CO, B_FALSE); 446 447 set_qend(qp); 448 449 /* 450 * Open driver and create stream to it (via qattach). 451 */ 452 savedev = *devp; 453 cloneopen = (getmajor(*devp) == clone_major); 454 if ((error = qattach(qp, devp, flag, crp, NULL, B_FALSE)) != 0) { 455 mutex_enter(&vp->v_lock); 456 vp->v_stream = NULL; 457 mutex_exit(&vp->v_lock); 458 mutex_enter(&stp->sd_lock); 459 cv_broadcast(&stp->sd_monitor); 460 mutex_exit(&stp->sd_lock); 461 freeq(_RD(qp)); 462 shfree(stp); 463 return (error); 464 } 465 /* 466 * Set sd_strtab after open in order to handle clonable drivers 467 */ 468 stp->sd_strtab = STREAMSTAB(getmajor(*devp)); 469 470 /* 471 * Historical note: dummydev used to be be prior to the initial 472 * open (via qattach above), which made the value seen 473 * inconsistent between an I_PUSH and an autopush of a module. 474 */ 475 dummydev = *devp; 476 477 /* 478 * For clone open of old style (Q not associated) network driver, 479 * push DRMODNAME module to handle DL_ATTACH/DL_DETACH 480 */ 481 brq = _RD(_WR(qp)->q_next); 482 major = getmajor(*devp); 483 if (push_drcompat && cloneopen && NETWORK_DRV(major) && 484 ((brq->q_flag & _QASSOCIATED) == 0)) { 485 if (push_mod(qp, &dummydev, stp, DRMODNAME, 0, crp, 0) != 0) 486 cmn_err(CE_WARN, "cannot push " DRMODNAME 487 " streams module"); 488 } 489 490 if (!NETWORK_DRV(major)) { 491 savedev = *devp; 492 } else { 493 /* 494 * For network devices, process differently based on the 495 * return value from dld_autopush(): 496 * 497 * 0: the passed-in device points to a GLDv3 datalink with 498 * per-link autopush configuration; use that configuration 499 * and ignore any per-driver autopush configuration. 500 * 501 * 1: the passed-in device points to a physical GLDv3 502 * datalink without per-link autopush configuration. The 503 * passed in device was changed to refer to the actual 504 * physical device (if it's not already); we use that new 505 * device to look up any per-driver autopush configuration. 506 * 507 * -1: neither of the above cases applied; use the initial 508 * device to look up any per-driver autopush configuration. 509 */ 510 switch (dld_autopush(&savedev, &dlap)) { 511 case 0: 512 zoneid = crgetzoneid(crp); 513 for (s = 0; s < dlap.dap_npush; s++) { 514 error = push_mod(qp, &dummydev, stp, 515 dlap.dap_aplist[s], dlap.dap_anchor, crp, 516 zoneid); 517 if (error != 0) 518 break; 519 } 520 goto opendone; 521 case 1: 522 break; 523 case -1: 524 savedev = *devp; 525 break; 526 } 527 } 528 /* 529 * Find the autopush configuration based on "savedev". Start with the 530 * global zone. If not found check in the local zone. 531 */ 532 zoneid = GLOBAL_ZONEID; 533 retryap: 534 ss = netstack_find_by_stackid(zoneid_to_netstackid(zoneid))-> 535 netstack_str; 536 if ((ap = sad_ap_find_by_dev(savedev, ss)) == NULL) { 537 netstack_rele(ss->ss_netstack); 538 if (zoneid == GLOBAL_ZONEID) { 539 /* 540 * None found. Also look in the zone's autopush table. 541 */ 542 zoneid = crgetzoneid(crp); 543 if (zoneid != GLOBAL_ZONEID) 544 goto retryap; 545 } 546 goto opendone; 547 } 548 anchor = ap->ap_anchor; 549 zoneid = crgetzoneid(crp); 550 for (s = 0; s < ap->ap_npush; s++) { 551 error = push_mod(qp, &dummydev, stp, ap->ap_list[s], 552 anchor, crp, zoneid); 553 if (error != 0) 554 break; 555 } 556 sad_ap_rele(ap, ss); 557 netstack_rele(ss->ss_netstack); 558 559 opendone: 560 561 /* 562 * let specfs know that open failed part way through 563 */ 564 if (error) { 565 mutex_enter(&stp->sd_lock); 566 stp->sd_flag |= STREOPENFAIL; 567 mutex_exit(&stp->sd_lock); 568 } 569 570 /* 571 * Wake up others that are waiting for stream to be created. 572 */ 573 mutex_enter(&stp->sd_lock); 574 stp->sd_flag &= ~STWOPEN; 575 576 /* 577 * As a performance concern we are caching the values of 578 * q_minpsz and q_maxpsz of the module below the stream 579 * head in the stream head. 580 */ 581 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 582 rmin = stp->sd_wrq->q_next->q_minpsz; 583 rmax = stp->sd_wrq->q_next->q_maxpsz; 584 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 585 586 /* do this processing here as a performance concern */ 587 if (strmsgsz != 0) { 588 if (rmax == INFPSZ) 589 rmax = strmsgsz; 590 else 591 rmax = MIN(strmsgsz, rmax); 592 } 593 594 mutex_enter(QLOCK(stp->sd_wrq)); 595 stp->sd_qn_minpsz = rmin; 596 stp->sd_qn_maxpsz = rmax; 597 mutex_exit(QLOCK(stp->sd_wrq)); 598 599 fifo_opendone: 600 cv_broadcast(&stp->sd_monitor); 601 mutex_exit(&stp->sd_lock); 602 return (error); 603 } 604 605 static int strsink(queue_t *, mblk_t *); 606 static struct qinit deadrend = { 607 strsink, NULL, NULL, NULL, NULL, &strm_info, NULL 608 }; 609 static struct qinit deadwend = { 610 NULL, NULL, NULL, NULL, NULL, &stwm_info, NULL 611 }; 612 613 /* 614 * Close a stream. 615 * This is called from closef() on the last close of an open stream. 616 * Strclean() will already have removed the siglist and pollist 617 * information, so all that remains is to remove all multiplexor links 618 * for the stream, pop all the modules (and the driver), and free the 619 * stream structure. 620 */ 621 622 int 623 strclose(struct vnode *vp, int flag, cred_t *crp) 624 { 625 struct stdata *stp; 626 queue_t *qp; 627 int rval; 628 int freestp = 1; 629 queue_t *rmq; 630 631 if (audit_active) 632 audit_strclose(vp, flag, crp); 633 634 TRACE_1(TR_FAC_STREAMS_FR, 635 TR_STRCLOSE, "strclose:%p", vp); 636 ASSERT(vp->v_stream); 637 638 stp = vp->v_stream; 639 ASSERT(!(stp->sd_flag & STPLEX)); 640 qp = stp->sd_wrq; 641 642 /* 643 * Needed so that strpoll will return non-zero for this fd. 644 * Note that with POLLNOERR STRHUP does still cause POLLHUP. 645 */ 646 mutex_enter(&stp->sd_lock); 647 stp->sd_flag |= STRHUP; 648 mutex_exit(&stp->sd_lock); 649 650 /* 651 * If the registered process or process group did not have an 652 * open instance of this stream then strclean would not be 653 * called. Thus at the time of closing all remaining siglist entries 654 * are removed. 655 */ 656 if (stp->sd_siglist != NULL) 657 strcleanall(vp); 658 659 ASSERT(stp->sd_siglist == NULL); 660 ASSERT(stp->sd_sigflags == 0); 661 662 if (STRMATED(stp)) { 663 struct stdata *strmatep = stp->sd_mate; 664 int waited = 1; 665 666 STRLOCKMATES(stp); 667 while (waited) { 668 waited = 0; 669 while (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 670 mutex_exit(&strmatep->sd_lock); 671 cv_wait(&stp->sd_monitor, &stp->sd_lock); 672 mutex_exit(&stp->sd_lock); 673 STRLOCKMATES(stp); 674 waited = 1; 675 } 676 while (strmatep->sd_flag & 677 (STWOPEN|STRCLOSE|STRPLUMB)) { 678 mutex_exit(&stp->sd_lock); 679 cv_wait(&strmatep->sd_monitor, 680 &strmatep->sd_lock); 681 mutex_exit(&strmatep->sd_lock); 682 STRLOCKMATES(stp); 683 waited = 1; 684 } 685 } 686 stp->sd_flag |= STRCLOSE; 687 STRUNLOCKMATES(stp); 688 } else { 689 mutex_enter(&stp->sd_lock); 690 stp->sd_flag |= STRCLOSE; 691 mutex_exit(&stp->sd_lock); 692 } 693 694 ASSERT(qp->q_first == NULL); /* No more delayed write */ 695 696 /* Check if an I_LINK was ever done on this stream */ 697 if (stp->sd_flag & STRHASLINKS) { 698 netstack_t *ns; 699 str_stack_t *ss; 700 701 ns = netstack_find_by_cred(crp); 702 ASSERT(ns != NULL); 703 ss = ns->netstack_str; 704 ASSERT(ss != NULL); 705 706 (void) munlinkall(stp, LINKCLOSE|LINKNORMAL, crp, &rval, ss); 707 netstack_rele(ss->ss_netstack); 708 } 709 710 while (_SAMESTR(qp)) { 711 /* 712 * Holding sd_lock prevents q_next from changing in 713 * this stream. 714 */ 715 mutex_enter(&stp->sd_lock); 716 if (!(flag & (FNDELAY|FNONBLOCK)) && (stp->sd_closetime > 0)) { 717 718 /* 719 * sleep until awakened by strwsrv() or timeout 720 */ 721 for (;;) { 722 mutex_enter(QLOCK(qp->q_next)); 723 if (!(qp->q_next->q_mblkcnt)) { 724 mutex_exit(QLOCK(qp->q_next)); 725 break; 726 } 727 stp->sd_flag |= WSLEEP; 728 729 /* ensure strwsrv gets enabled */ 730 qp->q_next->q_flag |= QWANTW; 731 mutex_exit(QLOCK(qp->q_next)); 732 /* get out if we timed out or recv'd a signal */ 733 if (str_cv_wait(&qp->q_wait, &stp->sd_lock, 734 stp->sd_closetime, 0) <= 0) { 735 break; 736 } 737 } 738 stp->sd_flag &= ~WSLEEP; 739 } 740 mutex_exit(&stp->sd_lock); 741 742 rmq = qp->q_next; 743 if (rmq->q_flag & QISDRV) { 744 ASSERT(!_SAMESTR(rmq)); 745 wait_sq_svc(_RD(qp)->q_syncq); 746 } 747 748 qdetach(_RD(rmq), 1, flag, crp, B_FALSE); 749 } 750 751 /* 752 * Since we call pollwakeup in close() now, the poll list should 753 * be empty in most cases. The only exception is the layered devices 754 * (e.g. the console drivers with redirection modules pushed on top 755 * of it). We have to do this after calling qdetach() because 756 * the redirection module won't have torn down the console 757 * redirection until after qdetach() has been invoked. 758 */ 759 if (stp->sd_pollist.ph_list != NULL) { 760 pollwakeup(&stp->sd_pollist, POLLERR); 761 pollhead_clean(&stp->sd_pollist); 762 } 763 ASSERT(stp->sd_pollist.ph_list == NULL); 764 ASSERT(stp->sd_sidp == NULL); 765 ASSERT(stp->sd_pgidp == NULL); 766 767 /* Prevent qenable from re-enabling the stream head queue */ 768 disable_svc(_RD(qp)); 769 770 /* 771 * Wait until service procedure of each queue is 772 * run, if QINSERVICE is set. 773 */ 774 wait_svc(_RD(qp)); 775 776 /* 777 * Now, flush both queues. 778 */ 779 flushq(_RD(qp), FLUSHALL); 780 flushq(qp, FLUSHALL); 781 782 /* 783 * If the write queue of the stream head is pointing to a 784 * read queue, we have a twisted stream. If the read queue 785 * is alive, convert the stream head queues into a dead end. 786 * If the read queue is dead, free the dead pair. 787 */ 788 if (qp->q_next && !_SAMESTR(qp)) { 789 if (qp->q_next->q_qinfo == &deadrend) { /* half-closed pipe */ 790 flushq(qp->q_next, FLUSHALL); /* ensure no message */ 791 shfree(qp->q_next->q_stream); 792 freeq(qp->q_next); 793 freeq(_RD(qp)); 794 } else if (qp->q_next == _RD(qp)) { /* fifo */ 795 freeq(_RD(qp)); 796 } else { /* pipe */ 797 freestp = 0; 798 /* 799 * The q_info pointers are never accessed when 800 * SQLOCK is held. 801 */ 802 ASSERT(qp->q_syncq == _RD(qp)->q_syncq); 803 mutex_enter(SQLOCK(qp->q_syncq)); 804 qp->q_qinfo = &deadwend; 805 _RD(qp)->q_qinfo = &deadrend; 806 mutex_exit(SQLOCK(qp->q_syncq)); 807 } 808 } else { 809 freeq(_RD(qp)); /* free stream head queue pair */ 810 } 811 812 mutex_enter(&vp->v_lock); 813 if (stp->sd_iocblk) { 814 if (stp->sd_iocblk != (mblk_t *)-1) { 815 freemsg(stp->sd_iocblk); 816 } 817 stp->sd_iocblk = NULL; 818 } 819 stp->sd_vnode = NULL; 820 vp->v_stream = NULL; 821 mutex_exit(&vp->v_lock); 822 mutex_enter(&stp->sd_lock); 823 freemsg(stp->sd_cmdblk); 824 stp->sd_cmdblk = NULL; 825 stp->sd_flag &= ~STRCLOSE; 826 cv_broadcast(&stp->sd_monitor); 827 mutex_exit(&stp->sd_lock); 828 829 if (freestp) 830 shfree(stp); 831 return (0); 832 } 833 834 static int 835 strsink(queue_t *q, mblk_t *bp) 836 { 837 struct copyresp *resp; 838 839 switch (bp->b_datap->db_type) { 840 case M_FLUSH: 841 if ((*bp->b_rptr & FLUSHW) && !(bp->b_flag & MSGNOLOOP)) { 842 *bp->b_rptr &= ~FLUSHR; 843 bp->b_flag |= MSGNOLOOP; 844 /* 845 * Protect against the driver passing up 846 * messages after it has done a qprocsoff. 847 */ 848 if (_OTHERQ(q)->q_next == NULL) 849 freemsg(bp); 850 else 851 qreply(q, bp); 852 } else { 853 freemsg(bp); 854 } 855 break; 856 857 case M_COPYIN: 858 case M_COPYOUT: 859 if (bp->b_cont) { 860 freemsg(bp->b_cont); 861 bp->b_cont = NULL; 862 } 863 bp->b_datap->db_type = M_IOCDATA; 864 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 865 resp = (struct copyresp *)bp->b_rptr; 866 resp->cp_rval = (caddr_t)1; /* failure */ 867 /* 868 * Protect against the driver passing up 869 * messages after it has done a qprocsoff. 870 */ 871 if (_OTHERQ(q)->q_next == NULL) 872 freemsg(bp); 873 else 874 qreply(q, bp); 875 break; 876 877 case M_IOCTL: 878 if (bp->b_cont) { 879 freemsg(bp->b_cont); 880 bp->b_cont = NULL; 881 } 882 bp->b_datap->db_type = M_IOCNAK; 883 /* 884 * Protect against the driver passing up 885 * messages after it has done a qprocsoff. 886 */ 887 if (_OTHERQ(q)->q_next == NULL) 888 freemsg(bp); 889 else 890 qreply(q, bp); 891 break; 892 893 default: 894 freemsg(bp); 895 break; 896 } 897 898 return (0); 899 } 900 901 /* 902 * Clean up after a process when it closes a stream. This is called 903 * from closef for all closes, whereas strclose is called only for the 904 * last close on a stream. The siglist is scanned for entries for the 905 * current process, and these are removed. 906 */ 907 void 908 strclean(struct vnode *vp) 909 { 910 strsig_t *ssp, *pssp, *tssp; 911 stdata_t *stp; 912 int update = 0; 913 914 TRACE_1(TR_FAC_STREAMS_FR, 915 TR_STRCLEAN, "strclean:%p", vp); 916 stp = vp->v_stream; 917 pssp = NULL; 918 mutex_enter(&stp->sd_lock); 919 ssp = stp->sd_siglist; 920 while (ssp) { 921 if (ssp->ss_pidp == curproc->p_pidp) { 922 tssp = ssp->ss_next; 923 if (pssp) 924 pssp->ss_next = tssp; 925 else 926 stp->sd_siglist = tssp; 927 mutex_enter(&pidlock); 928 PID_RELE(ssp->ss_pidp); 929 mutex_exit(&pidlock); 930 kmem_free(ssp, sizeof (strsig_t)); 931 update = 1; 932 ssp = tssp; 933 } else { 934 pssp = ssp; 935 ssp = ssp->ss_next; 936 } 937 } 938 if (update) { 939 stp->sd_sigflags = 0; 940 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 941 stp->sd_sigflags |= ssp->ss_events; 942 } 943 mutex_exit(&stp->sd_lock); 944 } 945 946 /* 947 * Used on the last close to remove any remaining items on the siglist. 948 * These could be present on the siglist due to I_ESETSIG calls that 949 * use process groups or processed that do not have an open file descriptor 950 * for this stream (Such entries would not be removed by strclean). 951 */ 952 static void 953 strcleanall(struct vnode *vp) 954 { 955 strsig_t *ssp, *nssp; 956 stdata_t *stp; 957 958 stp = vp->v_stream; 959 mutex_enter(&stp->sd_lock); 960 ssp = stp->sd_siglist; 961 stp->sd_siglist = NULL; 962 while (ssp) { 963 nssp = ssp->ss_next; 964 mutex_enter(&pidlock); 965 PID_RELE(ssp->ss_pidp); 966 mutex_exit(&pidlock); 967 kmem_free(ssp, sizeof (strsig_t)); 968 ssp = nssp; 969 } 970 stp->sd_sigflags = 0; 971 mutex_exit(&stp->sd_lock); 972 } 973 974 /* 975 * Retrieve the next message from the logical stream head read queue 976 * using either rwnext (if sync stream) or getq_noenab. 977 * It is the callers responsibility to call qbackenable after 978 * it is finished with the message. The caller should not call 979 * qbackenable until after any putback calls to avoid spurious backenabling. 980 * 981 * Also, handle uioa initialization and process any DBLK_UIOA flaged messages. 982 */ 983 mblk_t * 984 strget(struct stdata *stp, queue_t *q, struct uio *uiop, int first, 985 int *errorp) 986 { 987 sodirect_t *sodp = stp->sd_sodirect; 988 mblk_t *bp; 989 int error; 990 991 ASSERT(MUTEX_HELD(&stp->sd_lock)); 992 /* Holding sd_lock prevents the read queue from changing */ 993 994 if (uiop != NULL && stp->sd_struiordq != NULL && 995 q->q_first == NULL && 996 (!first || (stp->sd_wakeq & RSLEEP))) { 997 /* 998 * Stream supports rwnext() for the read side. 999 * If this is the first time we're called by e.g. strread 1000 * only do the downcall if there is a deferred wakeup 1001 * (registered in sd_wakeq). 1002 */ 1003 struiod_t uiod; 1004 1005 if (first) 1006 stp->sd_wakeq &= ~RSLEEP; 1007 1008 (void) uiodup(uiop, &uiod.d_uio, uiod.d_iov, 1009 sizeof (uiod.d_iov) / sizeof (*uiod.d_iov)); 1010 uiod.d_mp = 0; 1011 /* 1012 * Mark that a thread is in rwnext on the read side 1013 * to prevent strrput from nacking ioctls immediately. 1014 * When the last concurrent rwnext returns 1015 * the ioctls are nack'ed. 1016 */ 1017 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1018 stp->sd_struiodnak++; 1019 /* 1020 * Note: rwnext will drop sd_lock. 1021 */ 1022 error = rwnext(q, &uiod); 1023 ASSERT(MUTEX_NOT_HELD(&stp->sd_lock)); 1024 mutex_enter(&stp->sd_lock); 1025 stp->sd_struiodnak--; 1026 while (stp->sd_struiodnak == 0 && 1027 ((bp = stp->sd_struionak) != NULL)) { 1028 stp->sd_struionak = bp->b_next; 1029 bp->b_next = NULL; 1030 bp->b_datap->db_type = M_IOCNAK; 1031 /* 1032 * Protect against the driver passing up 1033 * messages after it has done a qprocsoff. 1034 */ 1035 if (_OTHERQ(q)->q_next == NULL) 1036 freemsg(bp); 1037 else { 1038 mutex_exit(&stp->sd_lock); 1039 qreply(q, bp); 1040 mutex_enter(&stp->sd_lock); 1041 } 1042 } 1043 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1044 if (error == 0 || error == EWOULDBLOCK) { 1045 if ((bp = uiod.d_mp) != NULL) { 1046 *errorp = 0; 1047 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1048 return (bp); 1049 } 1050 error = 0; 1051 } else if (error == EINVAL) { 1052 /* 1053 * The stream plumbing must have 1054 * changed while we were away, so 1055 * just turn off rwnext()s. 1056 */ 1057 error = 0; 1058 } else if (error == EBUSY) { 1059 /* 1060 * The module might have data in transit using putnext 1061 * Fall back on waiting + getq. 1062 */ 1063 error = 0; 1064 } else { 1065 *errorp = error; 1066 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1067 return (NULL); 1068 } 1069 /* 1070 * Try a getq in case a rwnext() generated mblk 1071 * has bubbled up via strrput(). 1072 */ 1073 } 1074 *errorp = 0; 1075 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1076 if (sodp != NULL && (sodp->sod_state & SOD_ENABLED) && 1077 (sodp->sod_uioa.uioa_state & UIOA_INIT)) { 1078 /* 1079 * First kstrgetmsg() call for an uioa_t so if any 1080 * queued mblk_t's need to consume them before uioa 1081 * from below can occur. 1082 */ 1083 sodp->sod_uioa.uioa_state &= UIOA_CLR; 1084 sodp->sod_uioa.uioa_state |= UIOA_ENABLED; 1085 if (q->q_first != NULL) { 1086 struioainit(q, sodp, uiop); 1087 } 1088 } 1089 1090 bp = getq_noenab(q); 1091 1092 if (bp != NULL && (bp->b_datap->db_flags & DBLK_UIOA)) { 1093 /* 1094 * A uioa flaged mblk_t chain, already uio processed, 1095 * add it to the sodirect uioa pending free list. 1096 * 1097 * Note, a b_cont chain headed by a DBLK_UIOA enable 1098 * mblk_t must have all mblk_t(s) DBLK_UIOA enabled. 1099 */ 1100 mblk_t *bpt = sodp->sod_uioaft; 1101 1102 ASSERT(sodp != NULL); 1103 1104 /* 1105 * Add first mblk_t of "bp" chain to current sodirect uioa 1106 * free list tail mblk_t, if any, else empty list so new head. 1107 */ 1108 if (bpt == NULL) 1109 sodp->sod_uioafh = bp; 1110 else 1111 bpt->b_cont = bp; 1112 1113 /* 1114 * Walk mblk_t "bp" chain to find tail and adjust rptr of 1115 * each to reflect that uioamove() has consumed all data. 1116 */ 1117 bpt = bp; 1118 for (;;) { 1119 bpt->b_rptr = bpt->b_wptr; 1120 if (bpt->b_cont == NULL) 1121 break; 1122 bpt = bpt->b_cont; 1123 1124 ASSERT(bpt->b_datap->db_flags & DBLK_UIOA); 1125 } 1126 /* New sodirect uioa free list tail */ 1127 sodp->sod_uioaft = bpt; 1128 1129 /* Only 1 strget() with data returned per uioa_t */ 1130 if (sodp->sod_uioa.uioa_state & UIOA_ENABLED) { 1131 sodp->sod_uioa.uioa_state &= UIOA_CLR; 1132 sodp->sod_uioa.uioa_state |= UIOA_FINI; 1133 } 1134 } 1135 1136 return (bp); 1137 } 1138 1139 /* 1140 * Copy out the message pointed to by `bp' into the uio pointed to by `uiop'. 1141 * If the message does not fit in the uio the remainder of it is returned; 1142 * otherwise NULL is returned. Any embedded zero-length mblk_t's are 1143 * consumed, even if uio_resid reaches zero. On error, `*errorp' is set to 1144 * the error code, the message is consumed, and NULL is returned. 1145 */ 1146 static mblk_t * 1147 struiocopyout(mblk_t *bp, struct uio *uiop, int *errorp) 1148 { 1149 int error; 1150 ptrdiff_t n; 1151 mblk_t *nbp; 1152 1153 ASSERT(bp->b_wptr >= bp->b_rptr); 1154 1155 do { 1156 ASSERT(!(bp->b_datap->db_flags & DBLK_UIOA)); 1157 1158 if ((n = MIN(uiop->uio_resid, MBLKL(bp))) != 0) { 1159 ASSERT(n > 0); 1160 1161 error = uiomove(bp->b_rptr, n, UIO_READ, uiop); 1162 if (error != 0) { 1163 freemsg(bp); 1164 *errorp = error; 1165 return (NULL); 1166 } 1167 } 1168 1169 bp->b_rptr += n; 1170 while (bp != NULL && (bp->b_rptr >= bp->b_wptr)) { 1171 nbp = bp; 1172 bp = bp->b_cont; 1173 freeb(nbp); 1174 } 1175 } while (bp != NULL && uiop->uio_resid > 0); 1176 1177 *errorp = 0; 1178 return (bp); 1179 } 1180 1181 /* 1182 * Read a stream according to the mode flags in sd_flag: 1183 * 1184 * (default mode) - Byte stream, msg boundaries are ignored 1185 * RD_MSGDIS (msg discard) - Read on msg boundaries and throw away 1186 * any data remaining in msg 1187 * RD_MSGNODIS (msg non-discard) - Read on msg boundaries and put back 1188 * any remaining data on head of read queue 1189 * 1190 * Consume readable messages on the front of the queue until 1191 * ttolwp(curthread)->lwp_count 1192 * is satisfied, the readable messages are exhausted, or a message 1193 * boundary is reached in a message mode. If no data was read and 1194 * the stream was not opened with the NDELAY flag, block until data arrives. 1195 * Otherwise return the data read and update the count. 1196 * 1197 * In default mode a 0 length message signifies end-of-file and terminates 1198 * a read in progress. The 0 length message is removed from the queue 1199 * only if it is the only message read (no data is read). 1200 * 1201 * An attempt to read an M_PROTO or M_PCPROTO message results in an 1202 * EBADMSG error return, unless either RD_PROTDAT or RD_PROTDIS are set. 1203 * If RD_PROTDAT is set, M_PROTO and M_PCPROTO messages are read as data. 1204 * If RD_PROTDIS is set, the M_PROTO and M_PCPROTO parts of the message 1205 * are unlinked from and M_DATA blocks in the message, the protos are 1206 * thrown away, and the data is read. 1207 */ 1208 /* ARGSUSED */ 1209 int 1210 strread(struct vnode *vp, struct uio *uiop, cred_t *crp) 1211 { 1212 struct stdata *stp; 1213 mblk_t *bp, *nbp; 1214 queue_t *q; 1215 int error = 0; 1216 uint_t old_sd_flag; 1217 int first; 1218 char rflg; 1219 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 1220 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 1221 short delim; 1222 unsigned char pri = 0; 1223 char waitflag; 1224 unsigned char type; 1225 1226 TRACE_1(TR_FAC_STREAMS_FR, 1227 TR_STRREAD_ENTER, "strread:%p", vp); 1228 ASSERT(vp->v_stream); 1229 stp = vp->v_stream; 1230 1231 mutex_enter(&stp->sd_lock); 1232 1233 if ((error = i_straccess(stp, JCREAD)) != 0) { 1234 mutex_exit(&stp->sd_lock); 1235 return (error); 1236 } 1237 1238 if (stp->sd_flag & (STRDERR|STPLEX)) { 1239 error = strgeterr(stp, STRDERR|STPLEX, 0); 1240 if (error != 0) { 1241 mutex_exit(&stp->sd_lock); 1242 return (error); 1243 } 1244 } 1245 1246 /* 1247 * Loop terminates when uiop->uio_resid == 0. 1248 */ 1249 rflg = 0; 1250 waitflag = READWAIT; 1251 q = _RD(stp->sd_wrq); 1252 for (;;) { 1253 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1254 old_sd_flag = stp->sd_flag; 1255 mark = 0; 1256 delim = 0; 1257 first = 1; 1258 while ((bp = strget(stp, q, uiop, first, &error)) == NULL) { 1259 int done = 0; 1260 1261 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1262 1263 if (error != 0) 1264 goto oops; 1265 1266 if (stp->sd_flag & (STRHUP|STREOF)) { 1267 goto oops; 1268 } 1269 if (rflg && !(stp->sd_flag & STRDELIM)) { 1270 goto oops; 1271 } 1272 /* 1273 * If a read(fd,buf,0) has been done, there is no 1274 * need to sleep. We always have zero bytes to 1275 * return. 1276 */ 1277 if (uiop->uio_resid == 0) { 1278 goto oops; 1279 } 1280 1281 qbackenable(q, 0); 1282 1283 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_WAIT, 1284 "strread calls strwaitq:%p, %p, %p", 1285 vp, uiop, crp); 1286 if ((error = strwaitq(stp, waitflag, uiop->uio_resid, 1287 uiop->uio_fmode, -1, &done)) != 0 || done) { 1288 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_DONE, 1289 "strread error or done:%p, %p, %p", 1290 vp, uiop, crp); 1291 if ((uiop->uio_fmode & FNDELAY) && 1292 (stp->sd_flag & OLDNDELAY) && 1293 (error == EAGAIN)) 1294 error = 0; 1295 goto oops; 1296 } 1297 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_AWAKE, 1298 "strread awakes:%p, %p, %p", vp, uiop, crp); 1299 if ((error = i_straccess(stp, JCREAD)) != 0) { 1300 goto oops; 1301 } 1302 first = 0; 1303 } 1304 1305 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1306 ASSERT(bp); 1307 ASSERT(!(bp->b_datap->db_flags & DBLK_UIOA)); 1308 pri = bp->b_band; 1309 /* 1310 * Extract any mark information. If the message is not 1311 * completely consumed this information will be put in the mblk 1312 * that is putback. 1313 * If MSGMARKNEXT is set and the message is completely consumed 1314 * the STRATMARK flag will be set below. Likewise, if 1315 * MSGNOTMARKNEXT is set and the message is 1316 * completely consumed STRNOTATMARK will be set. 1317 * 1318 * For some unknown reason strread only breaks the read at the 1319 * last mark. 1320 */ 1321 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 1322 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 1323 (MSGMARKNEXT|MSGNOTMARKNEXT)); 1324 if (mark != 0 && bp == stp->sd_mark) { 1325 if (rflg) { 1326 putback(stp, q, bp, pri); 1327 goto oops; 1328 } 1329 mark |= _LASTMARK; 1330 stp->sd_mark = NULL; 1331 } 1332 if ((stp->sd_flag & STRDELIM) && (bp->b_flag & MSGDELIM)) 1333 delim = 1; 1334 mutex_exit(&stp->sd_lock); 1335 1336 if (STREAM_NEEDSERVICE(stp)) 1337 stream_runservice(stp); 1338 1339 type = bp->b_datap->db_type; 1340 1341 switch (type) { 1342 1343 case M_DATA: 1344 ismdata: 1345 if (msgnodata(bp)) { 1346 if (mark || delim) { 1347 freemsg(bp); 1348 } else if (rflg) { 1349 1350 /* 1351 * If already read data put zero 1352 * length message back on queue else 1353 * free msg and return 0. 1354 */ 1355 bp->b_band = pri; 1356 mutex_enter(&stp->sd_lock); 1357 putback(stp, q, bp, pri); 1358 mutex_exit(&stp->sd_lock); 1359 } else { 1360 freemsg(bp); 1361 } 1362 error = 0; 1363 goto oops1; 1364 } 1365 1366 rflg = 1; 1367 waitflag |= NOINTR; 1368 bp = struiocopyout(bp, uiop, &error); 1369 if (error != 0) 1370 goto oops1; 1371 1372 mutex_enter(&stp->sd_lock); 1373 if (bp) { 1374 /* 1375 * Have remaining data in message. 1376 * Free msg if in discard mode. 1377 */ 1378 if (stp->sd_read_opt & RD_MSGDIS) { 1379 freemsg(bp); 1380 } else { 1381 bp->b_band = pri; 1382 if ((mark & _LASTMARK) && 1383 (stp->sd_mark == NULL)) 1384 stp->sd_mark = bp; 1385 bp->b_flag |= mark & ~_LASTMARK; 1386 if (delim) 1387 bp->b_flag |= MSGDELIM; 1388 if (msgnodata(bp)) 1389 freemsg(bp); 1390 else 1391 putback(stp, q, bp, pri); 1392 } 1393 } else { 1394 /* 1395 * Consumed the complete message. 1396 * Move the MSG*MARKNEXT information 1397 * to the stream head just in case 1398 * the read queue becomes empty. 1399 * 1400 * If the stream head was at the mark 1401 * (STRATMARK) before we dropped sd_lock above 1402 * and some data was consumed then we have 1403 * moved past the mark thus STRATMARK is 1404 * cleared. However, if a message arrived in 1405 * strrput during the copyout above causing 1406 * STRATMARK to be set we can not clear that 1407 * flag. 1408 */ 1409 if (mark & 1410 (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 1411 if (mark & MSGMARKNEXT) { 1412 stp->sd_flag &= ~STRNOTATMARK; 1413 stp->sd_flag |= STRATMARK; 1414 } else if (mark & MSGNOTMARKNEXT) { 1415 stp->sd_flag &= ~STRATMARK; 1416 stp->sd_flag |= STRNOTATMARK; 1417 } else { 1418 stp->sd_flag &= 1419 ~(STRATMARK|STRNOTATMARK); 1420 } 1421 } else if (rflg && (old_sd_flag & STRATMARK)) { 1422 stp->sd_flag &= ~STRATMARK; 1423 } 1424 } 1425 1426 /* 1427 * Check for signal messages at the front of the read 1428 * queue and generate the signal(s) if appropriate. 1429 * The only signal that can be on queue is M_SIG at 1430 * this point. 1431 */ 1432 while ((((bp = q->q_first)) != NULL) && 1433 (bp->b_datap->db_type == M_SIG)) { 1434 bp = getq_noenab(q); 1435 /* 1436 * sd_lock is held so the content of the 1437 * read queue can not change. 1438 */ 1439 ASSERT(bp != NULL && 1440 bp->b_datap->db_type == M_SIG); 1441 strsignal_nolock(stp, *bp->b_rptr, 1442 (int32_t)bp->b_band); 1443 mutex_exit(&stp->sd_lock); 1444 freemsg(bp); 1445 if (STREAM_NEEDSERVICE(stp)) 1446 stream_runservice(stp); 1447 mutex_enter(&stp->sd_lock); 1448 } 1449 1450 if ((uiop->uio_resid == 0) || (mark & _LASTMARK) || 1451 delim || 1452 (stp->sd_read_opt & (RD_MSGDIS|RD_MSGNODIS))) { 1453 goto oops; 1454 } 1455 continue; 1456 1457 case M_SIG: 1458 strsignal(stp, *bp->b_rptr, (int32_t)bp->b_band); 1459 freemsg(bp); 1460 mutex_enter(&stp->sd_lock); 1461 continue; 1462 1463 case M_PROTO: 1464 case M_PCPROTO: 1465 /* 1466 * Only data messages are readable. 1467 * Any others generate an error, unless 1468 * RD_PROTDIS or RD_PROTDAT is set. 1469 */ 1470 if (stp->sd_read_opt & RD_PROTDAT) { 1471 for (nbp = bp; nbp; nbp = nbp->b_next) { 1472 if ((nbp->b_datap->db_type == 1473 M_PROTO) || 1474 (nbp->b_datap->db_type == 1475 M_PCPROTO)) { 1476 nbp->b_datap->db_type = M_DATA; 1477 } else { 1478 break; 1479 } 1480 } 1481 /* 1482 * clear stream head hi pri flag based on 1483 * first message 1484 */ 1485 if (type == M_PCPROTO) { 1486 mutex_enter(&stp->sd_lock); 1487 stp->sd_flag &= ~STRPRI; 1488 mutex_exit(&stp->sd_lock); 1489 } 1490 goto ismdata; 1491 } else if (stp->sd_read_opt & RD_PROTDIS) { 1492 /* 1493 * discard non-data messages 1494 */ 1495 while (bp && 1496 ((bp->b_datap->db_type == M_PROTO) || 1497 (bp->b_datap->db_type == M_PCPROTO))) { 1498 nbp = unlinkb(bp); 1499 freeb(bp); 1500 bp = nbp; 1501 } 1502 /* 1503 * clear stream head hi pri flag based on 1504 * first message 1505 */ 1506 if (type == M_PCPROTO) { 1507 mutex_enter(&stp->sd_lock); 1508 stp->sd_flag &= ~STRPRI; 1509 mutex_exit(&stp->sd_lock); 1510 } 1511 if (bp) { 1512 bp->b_band = pri; 1513 goto ismdata; 1514 } else { 1515 break; 1516 } 1517 } 1518 /* FALLTHRU */ 1519 case M_PASSFP: 1520 if ((bp->b_datap->db_type == M_PASSFP) && 1521 (stp->sd_read_opt & RD_PROTDIS)) { 1522 freemsg(bp); 1523 break; 1524 } 1525 mutex_enter(&stp->sd_lock); 1526 putback(stp, q, bp, pri); 1527 mutex_exit(&stp->sd_lock); 1528 if (rflg == 0) 1529 error = EBADMSG; 1530 goto oops1; 1531 1532 default: 1533 /* 1534 * Garbage on stream head read queue. 1535 */ 1536 cmn_err(CE_WARN, "bad %x found at stream head\n", 1537 bp->b_datap->db_type); 1538 freemsg(bp); 1539 goto oops1; 1540 } 1541 mutex_enter(&stp->sd_lock); 1542 } 1543 oops: 1544 mutex_exit(&stp->sd_lock); 1545 oops1: 1546 qbackenable(q, pri); 1547 return (error); 1548 #undef _LASTMARK 1549 } 1550 1551 /* 1552 * Default processing of M_PROTO/M_PCPROTO messages. 1553 * Determine which wakeups and signals are needed. 1554 * This can be replaced by a user-specified procedure for kernel users 1555 * of STREAMS. 1556 */ 1557 /* ARGSUSED */ 1558 mblk_t * 1559 strrput_proto(vnode_t *vp, mblk_t *mp, 1560 strwakeup_t *wakeups, strsigset_t *firstmsgsigs, 1561 strsigset_t *allmsgsigs, strpollset_t *pollwakeups) 1562 { 1563 *wakeups = RSLEEP; 1564 *allmsgsigs = 0; 1565 1566 switch (mp->b_datap->db_type) { 1567 case M_PROTO: 1568 if (mp->b_band == 0) { 1569 *firstmsgsigs = S_INPUT | S_RDNORM; 1570 *pollwakeups = POLLIN | POLLRDNORM; 1571 } else { 1572 *firstmsgsigs = S_INPUT | S_RDBAND; 1573 *pollwakeups = POLLIN | POLLRDBAND; 1574 } 1575 break; 1576 case M_PCPROTO: 1577 *firstmsgsigs = S_HIPRI; 1578 *pollwakeups = POLLPRI; 1579 break; 1580 } 1581 return (mp); 1582 } 1583 1584 /* 1585 * Default processing of everything but M_DATA, M_PROTO, M_PCPROTO and 1586 * M_PASSFP messages. 1587 * Determine which wakeups and signals are needed. 1588 * This can be replaced by a user-specified procedure for kernel users 1589 * of STREAMS. 1590 */ 1591 /* ARGSUSED */ 1592 mblk_t * 1593 strrput_misc(vnode_t *vp, mblk_t *mp, 1594 strwakeup_t *wakeups, strsigset_t *firstmsgsigs, 1595 strsigset_t *allmsgsigs, strpollset_t *pollwakeups) 1596 { 1597 *wakeups = 0; 1598 *firstmsgsigs = 0; 1599 *allmsgsigs = 0; 1600 *pollwakeups = 0; 1601 return (mp); 1602 } 1603 1604 /* 1605 * Stream read put procedure. Called from downstream driver/module 1606 * with messages for the stream head. Data, protocol, and in-stream 1607 * signal messages are placed on the queue, others are handled directly. 1608 */ 1609 int 1610 strrput(queue_t *q, mblk_t *bp) 1611 { 1612 struct stdata *stp; 1613 ulong_t rput_opt; 1614 strwakeup_t wakeups; 1615 strsigset_t firstmsgsigs; /* Signals if first message on queue */ 1616 strsigset_t allmsgsigs; /* Signals for all messages */ 1617 strsigset_t signals; /* Signals events to generate */ 1618 strpollset_t pollwakeups; 1619 mblk_t *nextbp; 1620 uchar_t band = 0; 1621 int hipri_sig; 1622 1623 stp = (struct stdata *)q->q_ptr; 1624 /* 1625 * Use rput_opt for optimized access to the SR_ flags except 1626 * SR_POLLIN. That flag has to be checked under sd_lock since it 1627 * is modified by strpoll(). 1628 */ 1629 rput_opt = stp->sd_rput_opt; 1630 1631 ASSERT(qclaimed(q)); 1632 TRACE_2(TR_FAC_STREAMS_FR, TR_STRRPUT_ENTER, 1633 "strrput called with message type:q %p bp %p", q, bp); 1634 1635 /* 1636 * Perform initial processing and pass to the parameterized functions. 1637 */ 1638 ASSERT(bp->b_next == NULL); 1639 1640 switch (bp->b_datap->db_type) { 1641 case M_DATA: 1642 /* 1643 * sockfs is the only consumer of STREOF and when it is set, 1644 * it implies that the receiver is not interested in receiving 1645 * any more data, hence the mblk is freed to prevent unnecessary 1646 * message queueing at the stream head. 1647 */ 1648 if (stp->sd_flag == STREOF) { 1649 freemsg(bp); 1650 return (0); 1651 } 1652 if ((rput_opt & SR_IGN_ZEROLEN) && 1653 bp->b_rptr == bp->b_wptr && msgnodata(bp)) { 1654 /* 1655 * Ignore zero-length M_DATA messages. These might be 1656 * generated by some transports. 1657 * The zero-length M_DATA messages, even if they 1658 * are ignored, should effect the atmark tracking and 1659 * should wake up a thread sleeping in strwaitmark. 1660 */ 1661 mutex_enter(&stp->sd_lock); 1662 if (bp->b_flag & MSGMARKNEXT) { 1663 /* 1664 * Record the position of the mark either 1665 * in q_last or in STRATMARK. 1666 */ 1667 if (q->q_last != NULL) { 1668 q->q_last->b_flag &= ~MSGNOTMARKNEXT; 1669 q->q_last->b_flag |= MSGMARKNEXT; 1670 } else { 1671 stp->sd_flag &= ~STRNOTATMARK; 1672 stp->sd_flag |= STRATMARK; 1673 } 1674 } else if (bp->b_flag & MSGNOTMARKNEXT) { 1675 /* 1676 * Record that this is not the position of 1677 * the mark either in q_last or in 1678 * STRNOTATMARK. 1679 */ 1680 if (q->q_last != NULL) { 1681 q->q_last->b_flag &= ~MSGMARKNEXT; 1682 q->q_last->b_flag |= MSGNOTMARKNEXT; 1683 } else { 1684 stp->sd_flag &= ~STRATMARK; 1685 stp->sd_flag |= STRNOTATMARK; 1686 } 1687 } 1688 if (stp->sd_flag & RSLEEP) { 1689 stp->sd_flag &= ~RSLEEP; 1690 cv_broadcast(&q->q_wait); 1691 } 1692 mutex_exit(&stp->sd_lock); 1693 freemsg(bp); 1694 return (0); 1695 } 1696 wakeups = RSLEEP; 1697 if (bp->b_band == 0) { 1698 firstmsgsigs = S_INPUT | S_RDNORM; 1699 pollwakeups = POLLIN | POLLRDNORM; 1700 } else { 1701 firstmsgsigs = S_INPUT | S_RDBAND; 1702 pollwakeups = POLLIN | POLLRDBAND; 1703 } 1704 if (rput_opt & SR_SIGALLDATA) 1705 allmsgsigs = firstmsgsigs; 1706 else 1707 allmsgsigs = 0; 1708 1709 mutex_enter(&stp->sd_lock); 1710 if ((rput_opt & SR_CONSOL_DATA) && 1711 (q->q_last != NULL) && 1712 (bp->b_flag & (MSGMARK|MSGDELIM)) == 0) { 1713 /* 1714 * Consolidate an M_DATA message onto an M_DATA, 1715 * M_PROTO, or M_PCPROTO by merging it with q_last. 1716 * The consolidation does not take place if 1717 * the old message is marked with either of the 1718 * marks or the delim flag or if the new 1719 * message is marked with MSGMARK. The MSGMARK 1720 * check is needed to handle the odd semantics of 1721 * MSGMARK where essentially the whole message 1722 * is to be treated as marked. 1723 * Carry any MSGMARKNEXT and MSGNOTMARKNEXT from the 1724 * new message to the front of the b_cont chain. 1725 */ 1726 mblk_t *lbp = q->q_last; 1727 unsigned char db_type = lbp->b_datap->db_type; 1728 1729 if ((db_type == M_DATA || db_type == M_PROTO || 1730 db_type == M_PCPROTO) && 1731 !(lbp->b_flag & (MSGDELIM|MSGMARK|MSGMARKNEXT))) { 1732 rmvq_noenab(q, lbp); 1733 /* 1734 * The first message in the b_cont list 1735 * tracks MSGMARKNEXT and MSGNOTMARKNEXT. 1736 * We need to handle the case where we 1737 * are appending: 1738 * 1739 * 1) a MSGMARKNEXT to a MSGNOTMARKNEXT. 1740 * 2) a MSGMARKNEXT to a plain message. 1741 * 3) a MSGNOTMARKNEXT to a plain message 1742 * 4) a MSGNOTMARKNEXT to a MSGNOTMARKNEXT 1743 * message. 1744 * 1745 * Thus we never append a MSGMARKNEXT or 1746 * MSGNOTMARKNEXT to a MSGMARKNEXT message. 1747 */ 1748 if (bp->b_flag & MSGMARKNEXT) { 1749 lbp->b_flag |= MSGMARKNEXT; 1750 lbp->b_flag &= ~MSGNOTMARKNEXT; 1751 bp->b_flag &= ~MSGMARKNEXT; 1752 } else if (bp->b_flag & MSGNOTMARKNEXT) { 1753 lbp->b_flag |= MSGNOTMARKNEXT; 1754 bp->b_flag &= ~MSGNOTMARKNEXT; 1755 } 1756 1757 linkb(lbp, bp); 1758 bp = lbp; 1759 /* 1760 * The new message logically isn't the first 1761 * even though the q_first check below thinks 1762 * it is. Clear the firstmsgsigs to make it 1763 * not appear to be first. 1764 */ 1765 firstmsgsigs = 0; 1766 } 1767 } 1768 break; 1769 1770 case M_PASSFP: 1771 wakeups = RSLEEP; 1772 allmsgsigs = 0; 1773 if (bp->b_band == 0) { 1774 firstmsgsigs = S_INPUT | S_RDNORM; 1775 pollwakeups = POLLIN | POLLRDNORM; 1776 } else { 1777 firstmsgsigs = S_INPUT | S_RDBAND; 1778 pollwakeups = POLLIN | POLLRDBAND; 1779 } 1780 mutex_enter(&stp->sd_lock); 1781 break; 1782 1783 case M_PROTO: 1784 case M_PCPROTO: 1785 ASSERT(stp->sd_rprotofunc != NULL); 1786 bp = (stp->sd_rprotofunc)(stp->sd_vnode, bp, 1787 &wakeups, &firstmsgsigs, &allmsgsigs, &pollwakeups); 1788 #define ALLSIG (S_INPUT|S_HIPRI|S_OUTPUT|S_MSG|S_ERROR|S_HANGUP|S_RDNORM|\ 1789 S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG) 1790 #define ALLPOLL (POLLIN|POLLPRI|POLLOUT|POLLRDNORM|POLLWRNORM|POLLRDBAND|\ 1791 POLLWRBAND) 1792 1793 ASSERT((wakeups & ~(RSLEEP|WSLEEP)) == 0); 1794 ASSERT((firstmsgsigs & ~ALLSIG) == 0); 1795 ASSERT((allmsgsigs & ~ALLSIG) == 0); 1796 ASSERT((pollwakeups & ~ALLPOLL) == 0); 1797 1798 mutex_enter(&stp->sd_lock); 1799 break; 1800 1801 default: 1802 ASSERT(stp->sd_rmiscfunc != NULL); 1803 bp = (stp->sd_rmiscfunc)(stp->sd_vnode, bp, 1804 &wakeups, &firstmsgsigs, &allmsgsigs, &pollwakeups); 1805 ASSERT((wakeups & ~(RSLEEP|WSLEEP)) == 0); 1806 ASSERT((firstmsgsigs & ~ALLSIG) == 0); 1807 ASSERT((allmsgsigs & ~ALLSIG) == 0); 1808 ASSERT((pollwakeups & ~ALLPOLL) == 0); 1809 #undef ALLSIG 1810 #undef ALLPOLL 1811 mutex_enter(&stp->sd_lock); 1812 break; 1813 } 1814 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1815 1816 /* By default generate superset of signals */ 1817 signals = (firstmsgsigs | allmsgsigs); 1818 1819 /* 1820 * The proto and misc functions can return multiple messages 1821 * as a b_next chain. Such messages are processed separately. 1822 */ 1823 one_more: 1824 hipri_sig = 0; 1825 if (bp == NULL) { 1826 nextbp = NULL; 1827 } else { 1828 nextbp = bp->b_next; 1829 bp->b_next = NULL; 1830 1831 switch (bp->b_datap->db_type) { 1832 case M_PCPROTO: 1833 /* 1834 * Only one priority protocol message is allowed at the 1835 * stream head at a time. 1836 */ 1837 if (stp->sd_flag & STRPRI) { 1838 TRACE_0(TR_FAC_STREAMS_FR, TR_STRRPUT_PROTERR, 1839 "M_PCPROTO already at head"); 1840 freemsg(bp); 1841 mutex_exit(&stp->sd_lock); 1842 goto done; 1843 } 1844 stp->sd_flag |= STRPRI; 1845 hipri_sig = 1; 1846 /* FALLTHRU */ 1847 case M_DATA: 1848 case M_PROTO: 1849 case M_PASSFP: 1850 band = bp->b_band; 1851 /* 1852 * Marking doesn't work well when messages 1853 * are marked in more than one band. We only 1854 * remember the last message received, even if 1855 * it is placed on the queue ahead of other 1856 * marked messages. 1857 */ 1858 if (bp->b_flag & MSGMARK) 1859 stp->sd_mark = bp; 1860 (void) putq(q, bp); 1861 1862 /* 1863 * If message is a PCPROTO message, always use 1864 * firstmsgsigs to determine if a signal should be 1865 * sent as strrput is the only place to send 1866 * signals for PCPROTO. Other messages are based on 1867 * the STRGETINPROG flag. The flag determines if 1868 * strrput or (k)strgetmsg will be responsible for 1869 * sending the signals, in the firstmsgsigs case. 1870 */ 1871 if ((hipri_sig == 1) || 1872 (((stp->sd_flag & STRGETINPROG) == 0) && 1873 (q->q_first == bp))) 1874 signals = (firstmsgsigs | allmsgsigs); 1875 else 1876 signals = allmsgsigs; 1877 break; 1878 1879 default: 1880 mutex_exit(&stp->sd_lock); 1881 (void) strrput_nondata(q, bp); 1882 mutex_enter(&stp->sd_lock); 1883 break; 1884 } 1885 } 1886 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1887 /* 1888 * Wake sleeping read/getmsg and cancel deferred wakeup 1889 */ 1890 if (wakeups & RSLEEP) 1891 stp->sd_wakeq &= ~RSLEEP; 1892 1893 wakeups &= stp->sd_flag; 1894 if (wakeups & RSLEEP) { 1895 stp->sd_flag &= ~RSLEEP; 1896 cv_broadcast(&q->q_wait); 1897 } 1898 if (wakeups & WSLEEP) { 1899 stp->sd_flag &= ~WSLEEP; 1900 cv_broadcast(&_WR(q)->q_wait); 1901 } 1902 1903 if (pollwakeups != 0) { 1904 if (pollwakeups == (POLLIN | POLLRDNORM)) { 1905 /* 1906 * Can't use rput_opt since it was not 1907 * read when sd_lock was held and SR_POLLIN is changed 1908 * by strpoll() under sd_lock. 1909 */ 1910 if (!(stp->sd_rput_opt & SR_POLLIN)) 1911 goto no_pollwake; 1912 stp->sd_rput_opt &= ~SR_POLLIN; 1913 } 1914 mutex_exit(&stp->sd_lock); 1915 pollwakeup(&stp->sd_pollist, pollwakeups); 1916 mutex_enter(&stp->sd_lock); 1917 } 1918 no_pollwake: 1919 1920 /* 1921 * strsendsig can handle multiple signals with a 1922 * single call. 1923 */ 1924 if (stp->sd_sigflags & signals) 1925 strsendsig(stp->sd_siglist, signals, band, 0); 1926 mutex_exit(&stp->sd_lock); 1927 1928 1929 done: 1930 if (nextbp == NULL) 1931 return (0); 1932 1933 /* 1934 * Any signals were handled the first time. 1935 * Wakeups and pollwakeups are redone to avoid any race 1936 * conditions - all the messages are not queued until the 1937 * last message has been processed by strrput. 1938 */ 1939 bp = nextbp; 1940 signals = firstmsgsigs = allmsgsigs = 0; 1941 mutex_enter(&stp->sd_lock); 1942 goto one_more; 1943 } 1944 1945 static void 1946 log_dupioc(queue_t *rq, mblk_t *bp) 1947 { 1948 queue_t *wq, *qp; 1949 char *modnames, *mnp, *dname; 1950 size_t maxmodstr; 1951 boolean_t islast; 1952 1953 /* 1954 * Allocate a buffer large enough to hold the names of nstrpush modules 1955 * and one driver, with spaces between and NUL terminator. If we can't 1956 * get memory, then we'll just log the driver name. 1957 */ 1958 maxmodstr = nstrpush * (FMNAMESZ + 1); 1959 mnp = modnames = kmem_alloc(maxmodstr, KM_NOSLEEP); 1960 1961 /* march down write side to print log message down to the driver */ 1962 wq = WR(rq); 1963 1964 /* make sure q_next doesn't shift around while we're grabbing data */ 1965 claimstr(wq); 1966 qp = wq->q_next; 1967 do { 1968 if ((dname = qp->q_qinfo->qi_minfo->mi_idname) == NULL) 1969 dname = "?"; 1970 islast = !SAMESTR(qp) || qp->q_next == NULL; 1971 if (modnames == NULL) { 1972 /* 1973 * If we don't have memory, then get the driver name in 1974 * the log where we can see it. Note that memory 1975 * pressure is a possible cause of these sorts of bugs. 1976 */ 1977 if (islast) { 1978 modnames = dname; 1979 maxmodstr = 0; 1980 } 1981 } else { 1982 mnp += snprintf(mnp, FMNAMESZ + 1, "%s", dname); 1983 if (!islast) 1984 *mnp++ = ' '; 1985 } 1986 qp = qp->q_next; 1987 } while (!islast); 1988 releasestr(wq); 1989 /* Cannot happen unless stream head is corrupt. */ 1990 ASSERT(modnames != NULL); 1991 (void) strlog(rq->q_qinfo->qi_minfo->mi_idnum, 0, 1, 1992 SL_CONSOLE|SL_TRACE|SL_ERROR, 1993 "Warning: stream %p received duplicate %X M_IOC%s; module list: %s", 1994 rq->q_ptr, ((struct iocblk *)bp->b_rptr)->ioc_cmd, 1995 (DB_TYPE(bp) == M_IOCACK ? "ACK" : "NAK"), modnames); 1996 if (maxmodstr != 0) 1997 kmem_free(modnames, maxmodstr); 1998 } 1999 2000 int 2001 strrput_nondata(queue_t *q, mblk_t *bp) 2002 { 2003 struct stdata *stp; 2004 struct iocblk *iocbp; 2005 struct stroptions *sop; 2006 struct copyreq *reqp; 2007 struct copyresp *resp; 2008 unsigned char bpri; 2009 unsigned char flushed_already = 0; 2010 2011 stp = (struct stdata *)q->q_ptr; 2012 2013 ASSERT(!(stp->sd_flag & STPLEX)); 2014 ASSERT(qclaimed(q)); 2015 2016 switch (bp->b_datap->db_type) { 2017 case M_ERROR: 2018 /* 2019 * An error has occurred downstream, the errno is in the first 2020 * bytes of the message. 2021 */ 2022 if ((bp->b_wptr - bp->b_rptr) == 2) { /* New flavor */ 2023 unsigned char rw = 0; 2024 2025 mutex_enter(&stp->sd_lock); 2026 if (*bp->b_rptr != NOERROR) { /* read error */ 2027 if (*bp->b_rptr != 0) { 2028 if (stp->sd_flag & STRDERR) 2029 flushed_already |= FLUSHR; 2030 stp->sd_flag |= STRDERR; 2031 rw |= FLUSHR; 2032 } else { 2033 stp->sd_flag &= ~STRDERR; 2034 } 2035 stp->sd_rerror = *bp->b_rptr; 2036 } 2037 bp->b_rptr++; 2038 if (*bp->b_rptr != NOERROR) { /* write error */ 2039 if (*bp->b_rptr != 0) { 2040 if (stp->sd_flag & STWRERR) 2041 flushed_already |= FLUSHW; 2042 stp->sd_flag |= STWRERR; 2043 rw |= FLUSHW; 2044 } else { 2045 stp->sd_flag &= ~STWRERR; 2046 } 2047 stp->sd_werror = *bp->b_rptr; 2048 } 2049 if (rw) { 2050 TRACE_2(TR_FAC_STREAMS_FR, TR_STRRPUT_WAKE, 2051 "strrput cv_broadcast:q %p, bp %p", 2052 q, bp); 2053 cv_broadcast(&q->q_wait); /* readers */ 2054 cv_broadcast(&_WR(q)->q_wait); /* writers */ 2055 cv_broadcast(&stp->sd_monitor); /* ioctllers */ 2056 2057 mutex_exit(&stp->sd_lock); 2058 pollwakeup(&stp->sd_pollist, POLLERR); 2059 mutex_enter(&stp->sd_lock); 2060 2061 if (stp->sd_sigflags & S_ERROR) 2062 strsendsig(stp->sd_siglist, S_ERROR, 0, 2063 ((rw & FLUSHR) ? stp->sd_rerror : 2064 stp->sd_werror)); 2065 mutex_exit(&stp->sd_lock); 2066 /* 2067 * Send the M_FLUSH only 2068 * for the first M_ERROR 2069 * message on the stream 2070 */ 2071 if (flushed_already == rw) { 2072 freemsg(bp); 2073 return (0); 2074 } 2075 2076 bp->b_datap->db_type = M_FLUSH; 2077 *bp->b_rptr = rw; 2078 bp->b_wptr = bp->b_rptr + 1; 2079 /* 2080 * Protect against the driver 2081 * passing up messages after 2082 * it has done a qprocsoff 2083 */ 2084 if (_OTHERQ(q)->q_next == NULL) 2085 freemsg(bp); 2086 else 2087 qreply(q, bp); 2088 return (0); 2089 } else 2090 mutex_exit(&stp->sd_lock); 2091 } else if (*bp->b_rptr != 0) { /* Old flavor */ 2092 if (stp->sd_flag & (STRDERR|STWRERR)) 2093 flushed_already = FLUSHRW; 2094 mutex_enter(&stp->sd_lock); 2095 stp->sd_flag |= (STRDERR|STWRERR); 2096 stp->sd_rerror = *bp->b_rptr; 2097 stp->sd_werror = *bp->b_rptr; 2098 TRACE_2(TR_FAC_STREAMS_FR, 2099 TR_STRRPUT_WAKE2, 2100 "strrput wakeup #2:q %p, bp %p", q, bp); 2101 cv_broadcast(&q->q_wait); /* the readers */ 2102 cv_broadcast(&_WR(q)->q_wait); /* the writers */ 2103 cv_broadcast(&stp->sd_monitor); /* ioctllers */ 2104 2105 mutex_exit(&stp->sd_lock); 2106 pollwakeup(&stp->sd_pollist, POLLERR); 2107 mutex_enter(&stp->sd_lock); 2108 2109 if (stp->sd_sigflags & S_ERROR) 2110 strsendsig(stp->sd_siglist, S_ERROR, 0, 2111 (stp->sd_werror ? stp->sd_werror : 2112 stp->sd_rerror)); 2113 mutex_exit(&stp->sd_lock); 2114 2115 /* 2116 * Send the M_FLUSH only 2117 * for the first M_ERROR 2118 * message on the stream 2119 */ 2120 if (flushed_already != FLUSHRW) { 2121 bp->b_datap->db_type = M_FLUSH; 2122 *bp->b_rptr = FLUSHRW; 2123 /* 2124 * Protect against the driver passing up 2125 * messages after it has done a 2126 * qprocsoff. 2127 */ 2128 if (_OTHERQ(q)->q_next == NULL) 2129 freemsg(bp); 2130 else 2131 qreply(q, bp); 2132 return (0); 2133 } 2134 } 2135 freemsg(bp); 2136 return (0); 2137 2138 case M_HANGUP: 2139 2140 freemsg(bp); 2141 mutex_enter(&stp->sd_lock); 2142 stp->sd_werror = ENXIO; 2143 stp->sd_flag |= STRHUP; 2144 stp->sd_flag &= ~(WSLEEP|RSLEEP); 2145 2146 /* 2147 * send signal if controlling tty 2148 */ 2149 2150 if (stp->sd_sidp) { 2151 prsignal(stp->sd_sidp, SIGHUP); 2152 if (stp->sd_sidp != stp->sd_pgidp) 2153 pgsignal(stp->sd_pgidp, SIGTSTP); 2154 } 2155 2156 /* 2157 * wake up read, write, and exception pollers and 2158 * reset wakeup mechanism. 2159 */ 2160 cv_broadcast(&q->q_wait); /* the readers */ 2161 cv_broadcast(&_WR(q)->q_wait); /* the writers */ 2162 cv_broadcast(&stp->sd_monitor); /* the ioctllers */ 2163 strhup(stp); 2164 mutex_exit(&stp->sd_lock); 2165 return (0); 2166 2167 case M_UNHANGUP: 2168 freemsg(bp); 2169 mutex_enter(&stp->sd_lock); 2170 stp->sd_werror = 0; 2171 stp->sd_flag &= ~STRHUP; 2172 mutex_exit(&stp->sd_lock); 2173 return (0); 2174 2175 case M_SIG: 2176 /* 2177 * Someone downstream wants to post a signal. The 2178 * signal to post is contained in the first byte of the 2179 * message. If the message would go on the front of 2180 * the queue, send a signal to the process group 2181 * (if not SIGPOLL) or to the siglist processes 2182 * (SIGPOLL). If something is already on the queue, 2183 * OR if we are delivering a delayed suspend (*sigh* 2184 * another "tty" hack) and there's no one sleeping already, 2185 * just enqueue the message. 2186 */ 2187 mutex_enter(&stp->sd_lock); 2188 if (q->q_first || (*bp->b_rptr == SIGTSTP && 2189 !(stp->sd_flag & RSLEEP))) { 2190 (void) putq(q, bp); 2191 mutex_exit(&stp->sd_lock); 2192 return (0); 2193 } 2194 mutex_exit(&stp->sd_lock); 2195 /* FALLTHRU */ 2196 2197 case M_PCSIG: 2198 /* 2199 * Don't enqueue, just post the signal. 2200 */ 2201 strsignal(stp, *bp->b_rptr, 0L); 2202 freemsg(bp); 2203 return (0); 2204 2205 case M_CMD: 2206 if (MBLKL(bp) != sizeof (cmdblk_t)) { 2207 freemsg(bp); 2208 return (0); 2209 } 2210 2211 mutex_enter(&stp->sd_lock); 2212 if (stp->sd_flag & STRCMDWAIT) { 2213 ASSERT(stp->sd_cmdblk == NULL); 2214 stp->sd_cmdblk = bp; 2215 cv_broadcast(&stp->sd_monitor); 2216 mutex_exit(&stp->sd_lock); 2217 } else { 2218 mutex_exit(&stp->sd_lock); 2219 freemsg(bp); 2220 } 2221 return (0); 2222 2223 case M_FLUSH: 2224 /* 2225 * Flush queues. The indication of which queues to flush 2226 * is in the first byte of the message. If the read queue 2227 * is specified, then flush it. If FLUSHBAND is set, just 2228 * flush the band specified by the second byte of the message. 2229 * 2230 * If a module has issued a M_SETOPT to not flush hi 2231 * priority messages off of the stream head, then pass this 2232 * flag into the flushq code to preserve such messages. 2233 */ 2234 2235 if (*bp->b_rptr & FLUSHR) { 2236 mutex_enter(&stp->sd_lock); 2237 if (*bp->b_rptr & FLUSHBAND) { 2238 ASSERT((bp->b_wptr - bp->b_rptr) >= 2); 2239 flushband(q, *(bp->b_rptr + 1), FLUSHALL); 2240 } else 2241 flushq_common(q, FLUSHALL, 2242 stp->sd_read_opt & RFLUSHPCPROT); 2243 if ((q->q_first == NULL) || 2244 (q->q_first->b_datap->db_type < QPCTL)) 2245 stp->sd_flag &= ~STRPRI; 2246 else { 2247 ASSERT(stp->sd_flag & STRPRI); 2248 } 2249 mutex_exit(&stp->sd_lock); 2250 } 2251 if ((*bp->b_rptr & FLUSHW) && !(bp->b_flag & MSGNOLOOP)) { 2252 *bp->b_rptr &= ~FLUSHR; 2253 bp->b_flag |= MSGNOLOOP; 2254 /* 2255 * Protect against the driver passing up 2256 * messages after it has done a qprocsoff. 2257 */ 2258 if (_OTHERQ(q)->q_next == NULL) 2259 freemsg(bp); 2260 else 2261 qreply(q, bp); 2262 return (0); 2263 } 2264 freemsg(bp); 2265 return (0); 2266 2267 case M_IOCACK: 2268 case M_IOCNAK: 2269 iocbp = (struct iocblk *)bp->b_rptr; 2270 /* 2271 * If not waiting for ACK or NAK then just free msg. 2272 * If incorrect id sequence number then just free msg. 2273 * If already have ACK or NAK for user then this is a 2274 * duplicate, display a warning and free the msg. 2275 */ 2276 mutex_enter(&stp->sd_lock); 2277 if ((stp->sd_flag & IOCWAIT) == 0 || stp->sd_iocblk || 2278 (stp->sd_iocid != iocbp->ioc_id)) { 2279 /* 2280 * If the ACK/NAK is a dup, display a message 2281 * Dup is when sd_iocid == ioc_id, and 2282 * sd_iocblk == <valid ptr> or -1 (the former 2283 * is when an ioctl has been put on the stream 2284 * head, but has not yet been consumed, the 2285 * later is when it has been consumed). 2286 */ 2287 if ((stp->sd_iocid == iocbp->ioc_id) && 2288 (stp->sd_iocblk != NULL)) { 2289 log_dupioc(q, bp); 2290 } 2291 freemsg(bp); 2292 mutex_exit(&stp->sd_lock); 2293 return (0); 2294 } 2295 2296 /* 2297 * Assign ACK or NAK to user and wake up. 2298 */ 2299 stp->sd_iocblk = bp; 2300 cv_broadcast(&stp->sd_monitor); 2301 mutex_exit(&stp->sd_lock); 2302 return (0); 2303 2304 case M_COPYIN: 2305 case M_COPYOUT: 2306 reqp = (struct copyreq *)bp->b_rptr; 2307 2308 /* 2309 * If not waiting for ACK or NAK then just fail request. 2310 * If already have ACK, NAK, or copy request, then just 2311 * fail request. 2312 * If incorrect id sequence number then just fail request. 2313 */ 2314 mutex_enter(&stp->sd_lock); 2315 if ((stp->sd_flag & IOCWAIT) == 0 || stp->sd_iocblk || 2316 (stp->sd_iocid != reqp->cq_id)) { 2317 if (bp->b_cont) { 2318 freemsg(bp->b_cont); 2319 bp->b_cont = NULL; 2320 } 2321 bp->b_datap->db_type = M_IOCDATA; 2322 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 2323 resp = (struct copyresp *)bp->b_rptr; 2324 resp->cp_rval = (caddr_t)1; /* failure */ 2325 mutex_exit(&stp->sd_lock); 2326 putnext(stp->sd_wrq, bp); 2327 return (0); 2328 } 2329 2330 /* 2331 * Assign copy request to user and wake up. 2332 */ 2333 stp->sd_iocblk = bp; 2334 cv_broadcast(&stp->sd_monitor); 2335 mutex_exit(&stp->sd_lock); 2336 return (0); 2337 2338 case M_SETOPTS: 2339 /* 2340 * Set stream head options (read option, write offset, 2341 * min/max packet size, and/or high/low water marks for 2342 * the read side only). 2343 */ 2344 2345 bpri = 0; 2346 sop = (struct stroptions *)bp->b_rptr; 2347 mutex_enter(&stp->sd_lock); 2348 if (sop->so_flags & SO_READOPT) { 2349 switch (sop->so_readopt & RMODEMASK) { 2350 case RNORM: 2351 stp->sd_read_opt &= ~(RD_MSGDIS | RD_MSGNODIS); 2352 break; 2353 2354 case RMSGD: 2355 stp->sd_read_opt = 2356 ((stp->sd_read_opt & ~RD_MSGNODIS) | 2357 RD_MSGDIS); 2358 break; 2359 2360 case RMSGN: 2361 stp->sd_read_opt = 2362 ((stp->sd_read_opt & ~RD_MSGDIS) | 2363 RD_MSGNODIS); 2364 break; 2365 } 2366 switch (sop->so_readopt & RPROTMASK) { 2367 case RPROTNORM: 2368 stp->sd_read_opt &= ~(RD_PROTDAT | RD_PROTDIS); 2369 break; 2370 2371 case RPROTDAT: 2372 stp->sd_read_opt = 2373 ((stp->sd_read_opt & ~RD_PROTDIS) | 2374 RD_PROTDAT); 2375 break; 2376 2377 case RPROTDIS: 2378 stp->sd_read_opt = 2379 ((stp->sd_read_opt & ~RD_PROTDAT) | 2380 RD_PROTDIS); 2381 break; 2382 } 2383 switch (sop->so_readopt & RFLUSHMASK) { 2384 case RFLUSHPCPROT: 2385 /* 2386 * This sets the stream head to NOT flush 2387 * M_PCPROTO messages. 2388 */ 2389 stp->sd_read_opt |= RFLUSHPCPROT; 2390 break; 2391 } 2392 } 2393 if (sop->so_flags & SO_ERROPT) { 2394 switch (sop->so_erropt & RERRMASK) { 2395 case RERRNORM: 2396 stp->sd_flag &= ~STRDERRNONPERSIST; 2397 break; 2398 case RERRNONPERSIST: 2399 stp->sd_flag |= STRDERRNONPERSIST; 2400 break; 2401 } 2402 switch (sop->so_erropt & WERRMASK) { 2403 case WERRNORM: 2404 stp->sd_flag &= ~STWRERRNONPERSIST; 2405 break; 2406 case WERRNONPERSIST: 2407 stp->sd_flag |= STWRERRNONPERSIST; 2408 break; 2409 } 2410 } 2411 if (sop->so_flags & SO_COPYOPT) { 2412 if (sop->so_copyopt & ZCVMSAFE) { 2413 stp->sd_copyflag |= STZCVMSAFE; 2414 stp->sd_copyflag &= ~STZCVMUNSAFE; 2415 } else if (sop->so_copyopt & ZCVMUNSAFE) { 2416 stp->sd_copyflag |= STZCVMUNSAFE; 2417 stp->sd_copyflag &= ~STZCVMSAFE; 2418 } 2419 2420 if (sop->so_copyopt & COPYCACHED) { 2421 stp->sd_copyflag |= STRCOPYCACHED; 2422 } 2423 } 2424 if (sop->so_flags & SO_WROFF) 2425 stp->sd_wroff = sop->so_wroff; 2426 if (sop->so_flags & SO_TAIL) 2427 stp->sd_tail = sop->so_tail; 2428 if (sop->so_flags & SO_MINPSZ) 2429 q->q_minpsz = sop->so_minpsz; 2430 if (sop->so_flags & SO_MAXPSZ) 2431 q->q_maxpsz = sop->so_maxpsz; 2432 if (sop->so_flags & SO_MAXBLK) 2433 stp->sd_maxblk = sop->so_maxblk; 2434 if (sop->so_flags & SO_HIWAT) { 2435 if (sop->so_flags & SO_BAND) { 2436 if (strqset(q, QHIWAT, 2437 sop->so_band, sop->so_hiwat)) { 2438 cmn_err(CE_WARN, "strrput: could not " 2439 "allocate qband\n"); 2440 } else { 2441 bpri = sop->so_band; 2442 } 2443 } else { 2444 q->q_hiwat = sop->so_hiwat; 2445 } 2446 } 2447 if (sop->so_flags & SO_LOWAT) { 2448 if (sop->so_flags & SO_BAND) { 2449 if (strqset(q, QLOWAT, 2450 sop->so_band, sop->so_lowat)) { 2451 cmn_err(CE_WARN, "strrput: could not " 2452 "allocate qband\n"); 2453 } else { 2454 bpri = sop->so_band; 2455 } 2456 } else { 2457 q->q_lowat = sop->so_lowat; 2458 } 2459 } 2460 if (sop->so_flags & SO_MREADON) 2461 stp->sd_flag |= SNDMREAD; 2462 if (sop->so_flags & SO_MREADOFF) 2463 stp->sd_flag &= ~SNDMREAD; 2464 if (sop->so_flags & SO_NDELON) 2465 stp->sd_flag |= OLDNDELAY; 2466 if (sop->so_flags & SO_NDELOFF) 2467 stp->sd_flag &= ~OLDNDELAY; 2468 if (sop->so_flags & SO_ISTTY) 2469 stp->sd_flag |= STRISTTY; 2470 if (sop->so_flags & SO_ISNTTY) 2471 stp->sd_flag &= ~STRISTTY; 2472 if (sop->so_flags & SO_TOSTOP) 2473 stp->sd_flag |= STRTOSTOP; 2474 if (sop->so_flags & SO_TONSTOP) 2475 stp->sd_flag &= ~STRTOSTOP; 2476 if (sop->so_flags & SO_DELIM) 2477 stp->sd_flag |= STRDELIM; 2478 if (sop->so_flags & SO_NODELIM) 2479 stp->sd_flag &= ~STRDELIM; 2480 2481 mutex_exit(&stp->sd_lock); 2482 freemsg(bp); 2483 2484 /* Check backenable in case the water marks changed */ 2485 qbackenable(q, bpri); 2486 return (0); 2487 2488 /* 2489 * The following set of cases deal with situations where two stream 2490 * heads are connected to each other (twisted streams). These messages 2491 * have no meaning at the stream head. 2492 */ 2493 case M_BREAK: 2494 case M_CTL: 2495 case M_DELAY: 2496 case M_START: 2497 case M_STOP: 2498 case M_IOCDATA: 2499 case M_STARTI: 2500 case M_STOPI: 2501 freemsg(bp); 2502 return (0); 2503 2504 case M_IOCTL: 2505 /* 2506 * Always NAK this condition 2507 * (makes no sense) 2508 * If there is one or more threads in the read side 2509 * rwnext we have to defer the nacking until that thread 2510 * returns (in strget). 2511 */ 2512 mutex_enter(&stp->sd_lock); 2513 if (stp->sd_struiodnak != 0) { 2514 /* 2515 * Defer NAK to the streamhead. Queue at the end 2516 * the list. 2517 */ 2518 mblk_t *mp = stp->sd_struionak; 2519 2520 while (mp && mp->b_next) 2521 mp = mp->b_next; 2522 if (mp) 2523 mp->b_next = bp; 2524 else 2525 stp->sd_struionak = bp; 2526 bp->b_next = NULL; 2527 mutex_exit(&stp->sd_lock); 2528 return (0); 2529 } 2530 mutex_exit(&stp->sd_lock); 2531 2532 bp->b_datap->db_type = M_IOCNAK; 2533 /* 2534 * Protect against the driver passing up 2535 * messages after it has done a qprocsoff. 2536 */ 2537 if (_OTHERQ(q)->q_next == NULL) 2538 freemsg(bp); 2539 else 2540 qreply(q, bp); 2541 return (0); 2542 2543 default: 2544 #ifdef DEBUG 2545 cmn_err(CE_WARN, 2546 "bad message type %x received at stream head\n", 2547 bp->b_datap->db_type); 2548 #endif 2549 freemsg(bp); 2550 return (0); 2551 } 2552 2553 /* NOTREACHED */ 2554 } 2555 2556 /* 2557 * Check if the stream pointed to by `stp' can be written to, and return an 2558 * error code if not. If `eiohup' is set, then return EIO if STRHUP is set. 2559 * If `sigpipeok' is set and the SW_SIGPIPE option is enabled on the stream, 2560 * then always return EPIPE and send a SIGPIPE to the invoking thread. 2561 */ 2562 static int 2563 strwriteable(struct stdata *stp, boolean_t eiohup, boolean_t sigpipeok) 2564 { 2565 int error; 2566 2567 ASSERT(MUTEX_HELD(&stp->sd_lock)); 2568 2569 /* 2570 * For modem support, POSIX states that on writes, EIO should 2571 * be returned if the stream has been hung up. 2572 */ 2573 if (eiohup && (stp->sd_flag & (STPLEX|STRHUP)) == STRHUP) 2574 error = EIO; 2575 else 2576 error = strgeterr(stp, STRHUP|STPLEX|STWRERR, 0); 2577 2578 if (error != 0) { 2579 if (!(stp->sd_flag & STPLEX) && 2580 (stp->sd_wput_opt & SW_SIGPIPE) && sigpipeok) { 2581 tsignal(curthread, SIGPIPE); 2582 error = EPIPE; 2583 } 2584 } 2585 2586 return (error); 2587 } 2588 2589 /* 2590 * Copyin and send data down a stream. 2591 * The caller will allocate and copyin any control part that precedes the 2592 * message and pass than in as mctl. 2593 * 2594 * Caller should *not* hold sd_lock. 2595 * When EWOULDBLOCK is returned the caller has to redo the canputnext 2596 * under sd_lock in order to avoid missing a backenabling wakeup. 2597 * 2598 * Use iosize = -1 to not send any M_DATA. iosize = 0 sends zero-length M_DATA. 2599 * 2600 * Set MSG_IGNFLOW in flags to ignore flow control for hipri messages. 2601 * For sync streams we can only ignore flow control by reverting to using 2602 * putnext. 2603 * 2604 * If sd_maxblk is less than *iosize this routine might return without 2605 * transferring all of *iosize. In all cases, on return *iosize will contain 2606 * the amount of data that was transferred. 2607 */ 2608 static int 2609 strput(struct stdata *stp, mblk_t *mctl, struct uio *uiop, ssize_t *iosize, 2610 int b_flag, int pri, int flags) 2611 { 2612 struiod_t uiod; 2613 mblk_t *mp; 2614 queue_t *wqp = stp->sd_wrq; 2615 int error = 0; 2616 ssize_t count = *iosize; 2617 cred_t *cr; 2618 2619 ASSERT(MUTEX_NOT_HELD(&stp->sd_lock)); 2620 2621 if (uiop != NULL && count >= 0) 2622 flags |= stp->sd_struiowrq ? STRUIO_POSTPONE : 0; 2623 2624 if (!(flags & STRUIO_POSTPONE)) { 2625 /* 2626 * Use regular canputnext, strmakedata, putnext sequence. 2627 */ 2628 if (pri == 0) { 2629 if (!canputnext(wqp) && !(flags & MSG_IGNFLOW)) { 2630 freemsg(mctl); 2631 return (EWOULDBLOCK); 2632 } 2633 } else { 2634 if (!(flags & MSG_IGNFLOW) && !bcanputnext(wqp, pri)) { 2635 freemsg(mctl); 2636 return (EWOULDBLOCK); 2637 } 2638 } 2639 2640 if ((error = strmakedata(iosize, uiop, stp, flags, 2641 &mp)) != 0) { 2642 freemsg(mctl); 2643 /* 2644 * need to change return code to ENOMEM 2645 * so that this is not confused with 2646 * flow control, EAGAIN. 2647 */ 2648 2649 if (error == EAGAIN) 2650 return (ENOMEM); 2651 else 2652 return (error); 2653 } 2654 if (mctl != NULL) { 2655 if (mctl->b_cont == NULL) 2656 mctl->b_cont = mp; 2657 else if (mp != NULL) 2658 linkb(mctl, mp); 2659 mp = mctl; 2660 /* 2661 * Note that for interrupt thread, the CRED() is 2662 * NULL. Don't bother with the pid either. 2663 */ 2664 if ((cr = CRED()) != NULL) { 2665 mblk_setcred(mp, cr); 2666 DB_CPID(mp) = curproc->p_pid; 2667 } 2668 } else if (mp == NULL) 2669 return (0); 2670 2671 mp->b_flag |= b_flag; 2672 mp->b_band = (uchar_t)pri; 2673 2674 if (flags & MSG_IGNFLOW) { 2675 /* 2676 * XXX Hack: Don't get stuck running service 2677 * procedures. This is needed for sockfs when 2678 * sending the unbind message out of the rput 2679 * procedure - we don't want a put procedure 2680 * to run service procedures. 2681 */ 2682 putnext(wqp, mp); 2683 } else { 2684 stream_willservice(stp); 2685 putnext(wqp, mp); 2686 stream_runservice(stp); 2687 } 2688 return (0); 2689 } 2690 /* 2691 * Stream supports rwnext() for the write side. 2692 */ 2693 if ((error = strmakedata(iosize, uiop, stp, flags, &mp)) != 0) { 2694 freemsg(mctl); 2695 /* 2696 * map EAGAIN to ENOMEM since EAGAIN means "flow controlled". 2697 */ 2698 return (error == EAGAIN ? ENOMEM : error); 2699 } 2700 if (mctl != NULL) { 2701 if (mctl->b_cont == NULL) 2702 mctl->b_cont = mp; 2703 else if (mp != NULL) 2704 linkb(mctl, mp); 2705 mp = mctl; 2706 /* 2707 * Note that for interrupt thread, the CRED() is 2708 * NULL. Don't bother with the pid either. 2709 */ 2710 if ((cr = CRED()) != NULL) { 2711 mblk_setcred(mp, cr); 2712 DB_CPID(mp) = curproc->p_pid; 2713 } 2714 } else if (mp == NULL) { 2715 return (0); 2716 } 2717 2718 mp->b_flag |= b_flag; 2719 mp->b_band = (uchar_t)pri; 2720 2721 (void) uiodup(uiop, &uiod.d_uio, uiod.d_iov, 2722 sizeof (uiod.d_iov) / sizeof (*uiod.d_iov)); 2723 uiod.d_uio.uio_offset = 0; 2724 uiod.d_mp = mp; 2725 error = rwnext(wqp, &uiod); 2726 if (! uiod.d_mp) { 2727 uioskip(uiop, *iosize); 2728 return (error); 2729 } 2730 ASSERT(mp == uiod.d_mp); 2731 if (error == EINVAL) { 2732 /* 2733 * The stream plumbing must have changed while 2734 * we were away, so just turn off rwnext()s. 2735 */ 2736 error = 0; 2737 } else if (error == EBUSY || error == EWOULDBLOCK) { 2738 /* 2739 * Couldn't enter a perimeter or took a page fault, 2740 * so fall-back to putnext(). 2741 */ 2742 error = 0; 2743 } else { 2744 freemsg(mp); 2745 return (error); 2746 } 2747 /* Have to check canput before consuming data from the uio */ 2748 if (pri == 0) { 2749 if (!canputnext(wqp) && !(flags & MSG_IGNFLOW)) { 2750 freemsg(mp); 2751 return (EWOULDBLOCK); 2752 } 2753 } else { 2754 if (!bcanputnext(wqp, pri) && !(flags & MSG_IGNFLOW)) { 2755 freemsg(mp); 2756 return (EWOULDBLOCK); 2757 } 2758 } 2759 ASSERT(mp == uiod.d_mp); 2760 /* Copyin data from the uio */ 2761 if ((error = struioget(wqp, mp, &uiod, 0)) != 0) { 2762 freemsg(mp); 2763 return (error); 2764 } 2765 uioskip(uiop, *iosize); 2766 if (flags & MSG_IGNFLOW) { 2767 /* 2768 * XXX Hack: Don't get stuck running service procedures. 2769 * This is needed for sockfs when sending the unbind message 2770 * out of the rput procedure - we don't want a put procedure 2771 * to run service procedures. 2772 */ 2773 putnext(wqp, mp); 2774 } else { 2775 stream_willservice(stp); 2776 putnext(wqp, mp); 2777 stream_runservice(stp); 2778 } 2779 return (0); 2780 } 2781 2782 /* 2783 * Write attempts to break the write request into messages conforming 2784 * with the minimum and maximum packet sizes set downstream. 2785 * 2786 * Write will not block if downstream queue is full and 2787 * O_NDELAY is set, otherwise it will block waiting for the queue to get room. 2788 * 2789 * A write of zero bytes gets packaged into a zero length message and sent 2790 * downstream like any other message. 2791 * 2792 * If buffers of the requested sizes are not available, the write will 2793 * sleep until the buffers become available. 2794 * 2795 * Write (if specified) will supply a write offset in a message if it 2796 * makes sense. This can be specified by downstream modules as part of 2797 * a M_SETOPTS message. Write will not supply the write offset if it 2798 * cannot supply any data in a buffer. In other words, write will never 2799 * send down an empty packet due to a write offset. 2800 */ 2801 /* ARGSUSED2 */ 2802 int 2803 strwrite(struct vnode *vp, struct uio *uiop, cred_t *crp) 2804 { 2805 return (strwrite_common(vp, uiop, crp, 0)); 2806 } 2807 2808 /* ARGSUSED2 */ 2809 int 2810 strwrite_common(struct vnode *vp, struct uio *uiop, cred_t *crp, int wflag) 2811 { 2812 struct stdata *stp; 2813 struct queue *wqp; 2814 ssize_t rmin, rmax; 2815 ssize_t iosize; 2816 int waitflag; 2817 int tempmode; 2818 int error = 0; 2819 int b_flag; 2820 2821 ASSERT(vp->v_stream); 2822 stp = vp->v_stream; 2823 2824 mutex_enter(&stp->sd_lock); 2825 2826 if ((error = i_straccess(stp, JCWRITE)) != 0) { 2827 mutex_exit(&stp->sd_lock); 2828 return (error); 2829 } 2830 2831 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 2832 error = strwriteable(stp, B_TRUE, B_TRUE); 2833 if (error != 0) { 2834 mutex_exit(&stp->sd_lock); 2835 return (error); 2836 } 2837 } 2838 2839 mutex_exit(&stp->sd_lock); 2840 2841 wqp = stp->sd_wrq; 2842 2843 /* get these values from them cached in the stream head */ 2844 rmin = stp->sd_qn_minpsz; 2845 rmax = stp->sd_qn_maxpsz; 2846 2847 /* 2848 * Check the min/max packet size constraints. If min packet size 2849 * is non-zero, the write cannot be split into multiple messages 2850 * and still guarantee the size constraints. 2851 */ 2852 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_IN, "strwrite in:q %p", wqp); 2853 2854 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 2855 if (rmax == 0) { 2856 return (0); 2857 } 2858 if (rmin > 0) { 2859 if (uiop->uio_resid < rmin) { 2860 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2861 "strwrite out:q %p out %d error %d", 2862 wqp, 0, ERANGE); 2863 return (ERANGE); 2864 } 2865 if ((rmax != INFPSZ) && (uiop->uio_resid > rmax)) { 2866 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2867 "strwrite out:q %p out %d error %d", 2868 wqp, 1, ERANGE); 2869 return (ERANGE); 2870 } 2871 } 2872 2873 /* 2874 * Do until count satisfied or error. 2875 */ 2876 waitflag = WRITEWAIT | wflag; 2877 if (stp->sd_flag & OLDNDELAY) 2878 tempmode = uiop->uio_fmode & ~FNDELAY; 2879 else 2880 tempmode = uiop->uio_fmode; 2881 2882 if (rmax == INFPSZ) 2883 rmax = uiop->uio_resid; 2884 2885 /* 2886 * Note that tempmode does not get used in strput/strmakedata 2887 * but only in strwaitq. The other routines use uio_fmode 2888 * unmodified. 2889 */ 2890 2891 /* LINTED: constant in conditional context */ 2892 while (1) { /* breaks when uio_resid reaches zero */ 2893 /* 2894 * Determine the size of the next message to be 2895 * packaged. May have to break write into several 2896 * messages based on max packet size. 2897 */ 2898 iosize = MIN(uiop->uio_resid, rmax); 2899 2900 /* 2901 * Put block downstream when flow control allows it. 2902 */ 2903 if ((stp->sd_flag & STRDELIM) && (uiop->uio_resid == iosize)) 2904 b_flag = MSGDELIM; 2905 else 2906 b_flag = 0; 2907 2908 for (;;) { 2909 int done = 0; 2910 2911 error = strput(stp, NULL, uiop, &iosize, b_flag, 0, 0); 2912 if (error == 0) 2913 break; 2914 if (error != EWOULDBLOCK) 2915 goto out; 2916 2917 mutex_enter(&stp->sd_lock); 2918 /* 2919 * Check for a missed wakeup. 2920 * Needed since strput did not hold sd_lock across 2921 * the canputnext. 2922 */ 2923 if (canputnext(wqp)) { 2924 /* Try again */ 2925 mutex_exit(&stp->sd_lock); 2926 continue; 2927 } 2928 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_WAIT, 2929 "strwrite wait:q %p wait", wqp); 2930 if ((error = strwaitq(stp, waitflag, (ssize_t)0, 2931 tempmode, -1, &done)) != 0 || done) { 2932 mutex_exit(&stp->sd_lock); 2933 if ((vp->v_type == VFIFO) && 2934 (uiop->uio_fmode & FNDELAY) && 2935 (error == EAGAIN)) 2936 error = 0; 2937 goto out; 2938 } 2939 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_WAKE, 2940 "strwrite wake:q %p awakes", wqp); 2941 if ((error = i_straccess(stp, JCWRITE)) != 0) { 2942 mutex_exit(&stp->sd_lock); 2943 goto out; 2944 } 2945 mutex_exit(&stp->sd_lock); 2946 } 2947 waitflag |= NOINTR; 2948 TRACE_2(TR_FAC_STREAMS_FR, TR_STRWRITE_RESID, 2949 "strwrite resid:q %p uiop %p", wqp, uiop); 2950 if (uiop->uio_resid) { 2951 /* Recheck for errors - needed for sockets */ 2952 if ((stp->sd_wput_opt & SW_RECHECK_ERR) && 2953 (stp->sd_flag & (STWRERR|STRHUP|STPLEX))) { 2954 mutex_enter(&stp->sd_lock); 2955 error = strwriteable(stp, B_FALSE, B_TRUE); 2956 mutex_exit(&stp->sd_lock); 2957 if (error != 0) 2958 return (error); 2959 } 2960 continue; 2961 } 2962 break; 2963 } 2964 out: 2965 /* 2966 * For historical reasons, applications expect EAGAIN when a data 2967 * mblk_t cannot be allocated, so change ENOMEM back to EAGAIN. 2968 */ 2969 if (error == ENOMEM) 2970 error = EAGAIN; 2971 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2972 "strwrite out:q %p out %d error %d", wqp, 2, error); 2973 return (error); 2974 } 2975 2976 /* 2977 * Stream head write service routine. 2978 * Its job is to wake up any sleeping writers when a queue 2979 * downstream needs data (part of the flow control in putq and getq). 2980 * It also must wake anyone sleeping on a poll(). 2981 * For stream head right below mux module, it must also invoke put procedure 2982 * of next downstream module. 2983 */ 2984 int 2985 strwsrv(queue_t *q) 2986 { 2987 struct stdata *stp; 2988 queue_t *tq; 2989 qband_t *qbp; 2990 int i; 2991 qband_t *myqbp; 2992 int isevent; 2993 unsigned char qbf[NBAND]; /* band flushing backenable flags */ 2994 2995 TRACE_1(TR_FAC_STREAMS_FR, 2996 TR_STRWSRV, "strwsrv:q %p", q); 2997 stp = (struct stdata *)q->q_ptr; 2998 ASSERT(qclaimed(q)); 2999 mutex_enter(&stp->sd_lock); 3000 ASSERT(!(stp->sd_flag & STPLEX)); 3001 3002 if (stp->sd_flag & WSLEEP) { 3003 stp->sd_flag &= ~WSLEEP; 3004 cv_broadcast(&q->q_wait); 3005 } 3006 mutex_exit(&stp->sd_lock); 3007 3008 /* The other end of a stream pipe went away. */ 3009 if ((tq = q->q_next) == NULL) { 3010 return (0); 3011 } 3012 3013 /* Find the next module forward that has a service procedure */ 3014 claimstr(q); 3015 tq = q->q_nfsrv; 3016 ASSERT(tq != NULL); 3017 3018 if ((q->q_flag & QBACK)) { 3019 if ((tq->q_flag & QFULL)) { 3020 mutex_enter(QLOCK(tq)); 3021 if (!(tq->q_flag & QFULL)) { 3022 mutex_exit(QLOCK(tq)); 3023 goto wakeup; 3024 } 3025 /* 3026 * The queue must have become full again. Set QWANTW 3027 * again so strwsrv will be back enabled when 3028 * the queue becomes non-full next time. 3029 */ 3030 tq->q_flag |= QWANTW; 3031 mutex_exit(QLOCK(tq)); 3032 } else { 3033 wakeup: 3034 pollwakeup(&stp->sd_pollist, POLLWRNORM); 3035 mutex_enter(&stp->sd_lock); 3036 if (stp->sd_sigflags & S_WRNORM) 3037 strsendsig(stp->sd_siglist, S_WRNORM, 0, 0); 3038 mutex_exit(&stp->sd_lock); 3039 } 3040 } 3041 3042 isevent = 0; 3043 i = 1; 3044 bzero((caddr_t)qbf, NBAND); 3045 mutex_enter(QLOCK(tq)); 3046 if ((myqbp = q->q_bandp) != NULL) 3047 for (qbp = tq->q_bandp; qbp && myqbp; qbp = qbp->qb_next) { 3048 ASSERT(myqbp); 3049 if ((myqbp->qb_flag & QB_BACK)) { 3050 if (qbp->qb_flag & QB_FULL) { 3051 /* 3052 * The band must have become full again. 3053 * Set QB_WANTW again so strwsrv will 3054 * be back enabled when the band becomes 3055 * non-full next time. 3056 */ 3057 qbp->qb_flag |= QB_WANTW; 3058 } else { 3059 isevent = 1; 3060 qbf[i] = 1; 3061 } 3062 } 3063 myqbp = myqbp->qb_next; 3064 i++; 3065 } 3066 mutex_exit(QLOCK(tq)); 3067 3068 if (isevent) { 3069 for (i = tq->q_nband; i; i--) { 3070 if (qbf[i]) { 3071 pollwakeup(&stp->sd_pollist, POLLWRBAND); 3072 mutex_enter(&stp->sd_lock); 3073 if (stp->sd_sigflags & S_WRBAND) 3074 strsendsig(stp->sd_siglist, S_WRBAND, 3075 (uchar_t)i, 0); 3076 mutex_exit(&stp->sd_lock); 3077 } 3078 } 3079 } 3080 3081 releasestr(q); 3082 return (0); 3083 } 3084 3085 /* 3086 * Special case of strcopyin/strcopyout for copying 3087 * struct strioctl that can deal with both data 3088 * models. 3089 */ 3090 3091 #ifdef _LP64 3092 3093 static int 3094 strcopyin_strioctl(void *from, void *to, int flag, int copyflag) 3095 { 3096 struct strioctl32 strioc32; 3097 struct strioctl *striocp; 3098 3099 if (copyflag & U_TO_K) { 3100 ASSERT((copyflag & K_TO_K) == 0); 3101 3102 if ((flag & FMODELS) == DATAMODEL_ILP32) { 3103 if (copyin(from, &strioc32, sizeof (strioc32))) 3104 return (EFAULT); 3105 3106 striocp = (struct strioctl *)to; 3107 striocp->ic_cmd = strioc32.ic_cmd; 3108 striocp->ic_timout = strioc32.ic_timout; 3109 striocp->ic_len = strioc32.ic_len; 3110 striocp->ic_dp = (char *)(uintptr_t)strioc32.ic_dp; 3111 3112 } else { /* NATIVE data model */ 3113 if (copyin(from, to, sizeof (struct strioctl))) { 3114 return (EFAULT); 3115 } else { 3116 return (0); 3117 } 3118 } 3119 } else { 3120 ASSERT(copyflag & K_TO_K); 3121 bcopy(from, to, sizeof (struct strioctl)); 3122 } 3123 return (0); 3124 } 3125 3126 static int 3127 strcopyout_strioctl(void *from, void *to, int flag, int copyflag) 3128 { 3129 struct strioctl32 strioc32; 3130 struct strioctl *striocp; 3131 3132 if (copyflag & U_TO_K) { 3133 ASSERT((copyflag & K_TO_K) == 0); 3134 3135 if ((flag & FMODELS) == DATAMODEL_ILP32) { 3136 striocp = (struct strioctl *)from; 3137 strioc32.ic_cmd = striocp->ic_cmd; 3138 strioc32.ic_timout = striocp->ic_timout; 3139 strioc32.ic_len = striocp->ic_len; 3140 strioc32.ic_dp = (caddr32_t)(uintptr_t)striocp->ic_dp; 3141 ASSERT((char *)(uintptr_t)strioc32.ic_dp == 3142 striocp->ic_dp); 3143 3144 if (copyout(&strioc32, to, sizeof (strioc32))) 3145 return (EFAULT); 3146 3147 } else { /* NATIVE data model */ 3148 if (copyout(from, to, sizeof (struct strioctl))) { 3149 return (EFAULT); 3150 } else { 3151 return (0); 3152 } 3153 } 3154 } else { 3155 ASSERT(copyflag & K_TO_K); 3156 bcopy(from, to, sizeof (struct strioctl)); 3157 } 3158 return (0); 3159 } 3160 3161 #else /* ! _LP64 */ 3162 3163 /* ARGSUSED2 */ 3164 static int 3165 strcopyin_strioctl(void *from, void *to, int flag, int copyflag) 3166 { 3167 return (strcopyin(from, to, sizeof (struct strioctl), copyflag)); 3168 } 3169 3170 /* ARGSUSED2 */ 3171 static int 3172 strcopyout_strioctl(void *from, void *to, int flag, int copyflag) 3173 { 3174 return (strcopyout(from, to, sizeof (struct strioctl), copyflag)); 3175 } 3176 3177 #endif /* _LP64 */ 3178 3179 /* 3180 * Determine type of job control semantics expected by user. The 3181 * possibilities are: 3182 * JCREAD - Behaves like read() on fd; send SIGTTIN 3183 * JCWRITE - Behaves like write() on fd; send SIGTTOU if TOSTOP set 3184 * JCSETP - Sets a value in the stream; send SIGTTOU, ignore TOSTOP 3185 * JCGETP - Gets a value in the stream; no signals. 3186 * See straccess in strsubr.c for usage of these values. 3187 * 3188 * This routine also returns -1 for I_STR as a special case; the 3189 * caller must call again with the real ioctl number for 3190 * classification. 3191 */ 3192 static int 3193 job_control_type(int cmd) 3194 { 3195 switch (cmd) { 3196 case I_STR: 3197 return (-1); 3198 3199 case I_RECVFD: 3200 case I_E_RECVFD: 3201 return (JCREAD); 3202 3203 case I_FDINSERT: 3204 case I_SENDFD: 3205 return (JCWRITE); 3206 3207 case TCSETA: 3208 case TCSETAW: 3209 case TCSETAF: 3210 case TCSBRK: 3211 case TCXONC: 3212 case TCFLSH: 3213 case TCDSET: /* Obsolete */ 3214 case TIOCSWINSZ: 3215 case TCSETS: 3216 case TCSETSW: 3217 case TCSETSF: 3218 case TIOCSETD: 3219 case TIOCHPCL: 3220 case TIOCSETP: 3221 case TIOCSETN: 3222 case TIOCEXCL: 3223 case TIOCNXCL: 3224 case TIOCFLUSH: 3225 case TIOCSETC: 3226 case TIOCLBIS: 3227 case TIOCLBIC: 3228 case TIOCLSET: 3229 case TIOCSBRK: 3230 case TIOCCBRK: 3231 case TIOCSDTR: 3232 case TIOCCDTR: 3233 case TIOCSLTC: 3234 case TIOCSTOP: 3235 case TIOCSTART: 3236 case TIOCSTI: 3237 case TIOCSPGRP: 3238 case TIOCMSET: 3239 case TIOCMBIS: 3240 case TIOCMBIC: 3241 case TIOCREMOTE: 3242 case TIOCSIGNAL: 3243 case LDSETT: 3244 case LDSMAP: /* Obsolete */ 3245 case DIOCSETP: 3246 case I_FLUSH: 3247 case I_SRDOPT: 3248 case I_SETSIG: 3249 case I_SWROPT: 3250 case I_FLUSHBAND: 3251 case I_SETCLTIME: 3252 case I_SERROPT: 3253 case I_ESETSIG: 3254 case FIONBIO: 3255 case FIOASYNC: 3256 case FIOSETOWN: 3257 case JBOOT: /* Obsolete */ 3258 case JTERM: /* Obsolete */ 3259 case JTIMOM: /* Obsolete */ 3260 case JZOMBOOT: /* Obsolete */ 3261 case JAGENT: /* Obsolete */ 3262 case JTRUN: /* Obsolete */ 3263 case JXTPROTO: /* Obsolete */ 3264 case TIOCSETLD: 3265 return (JCSETP); 3266 } 3267 3268 return (JCGETP); 3269 } 3270 3271 /* 3272 * ioctl for streams 3273 */ 3274 int 3275 strioctl(struct vnode *vp, int cmd, intptr_t arg, int flag, int copyflag, 3276 cred_t *crp, int *rvalp) 3277 { 3278 struct stdata *stp; 3279 struct strcmd *scp; 3280 struct strioctl strioc; 3281 struct uio uio; 3282 struct iovec iov; 3283 int access; 3284 mblk_t *mp; 3285 int error = 0; 3286 int done = 0; 3287 ssize_t rmin, rmax; 3288 queue_t *wrq; 3289 queue_t *rdq; 3290 boolean_t kioctl = B_FALSE; 3291 3292 if (flag & FKIOCTL) { 3293 copyflag = K_TO_K; 3294 kioctl = B_TRUE; 3295 } 3296 ASSERT(vp->v_stream); 3297 ASSERT(copyflag == U_TO_K || copyflag == K_TO_K); 3298 stp = vp->v_stream; 3299 3300 TRACE_3(TR_FAC_STREAMS_FR, TR_IOCTL_ENTER, 3301 "strioctl:stp %p cmd %X arg %lX", stp, cmd, arg); 3302 3303 if (audit_active) 3304 audit_strioctl(vp, cmd, arg, flag, copyflag, crp, rvalp); 3305 3306 /* 3307 * If the copy is kernel to kernel, make sure that the FNATIVE 3308 * flag is set. After this it would be a serious error to have 3309 * no model flag. 3310 */ 3311 if (copyflag == K_TO_K) 3312 flag = (flag & ~FMODELS) | FNATIVE; 3313 3314 ASSERT((flag & FMODELS) != 0); 3315 3316 wrq = stp->sd_wrq; 3317 rdq = _RD(wrq); 3318 3319 access = job_control_type(cmd); 3320 3321 /* We should never see these here, should be handled by iwscn */ 3322 if (cmd == SRIOCSREDIR || cmd == SRIOCISREDIR) 3323 return (EINVAL); 3324 3325 mutex_enter(&stp->sd_lock); 3326 if ((access != -1) && ((error = i_straccess(stp, access)) != 0)) { 3327 mutex_exit(&stp->sd_lock); 3328 return (error); 3329 } 3330 mutex_exit(&stp->sd_lock); 3331 3332 /* 3333 * Check for sgttyb-related ioctls first, and complain as 3334 * necessary. 3335 */ 3336 switch (cmd) { 3337 case TIOCGETP: 3338 case TIOCSETP: 3339 case TIOCSETN: 3340 if (sgttyb_handling >= 2 && !sgttyb_complaint) { 3341 sgttyb_complaint = B_TRUE; 3342 cmn_err(CE_NOTE, 3343 "application used obsolete TIOC[GS]ET"); 3344 } 3345 if (sgttyb_handling >= 3) { 3346 tsignal(curthread, SIGSYS); 3347 return (EIO); 3348 } 3349 break; 3350 } 3351 3352 mutex_enter(&stp->sd_lock); 3353 3354 switch (cmd) { 3355 case I_RECVFD: 3356 case I_E_RECVFD: 3357 case I_PEEK: 3358 case I_NREAD: 3359 case FIONREAD: 3360 case FIORDCHK: 3361 case I_ATMARK: 3362 case FIONBIO: 3363 case FIOASYNC: 3364 if (stp->sd_flag & (STRDERR|STPLEX)) { 3365 error = strgeterr(stp, STRDERR|STPLEX, 0); 3366 if (error != 0) { 3367 mutex_exit(&stp->sd_lock); 3368 return (error); 3369 } 3370 } 3371 break; 3372 3373 default: 3374 if (stp->sd_flag & (STRDERR|STWRERR|STPLEX)) { 3375 error = strgeterr(stp, STRDERR|STWRERR|STPLEX, 0); 3376 if (error != 0) { 3377 mutex_exit(&stp->sd_lock); 3378 return (error); 3379 } 3380 } 3381 } 3382 3383 mutex_exit(&stp->sd_lock); 3384 3385 switch (cmd) { 3386 default: 3387 /* 3388 * The stream head has hardcoded knowledge of a 3389 * miscellaneous collection of terminal-, keyboard- and 3390 * mouse-related ioctls, enumerated below. This hardcoded 3391 * knowledge allows the stream head to automatically 3392 * convert transparent ioctl requests made by userland 3393 * programs into I_STR ioctls which many old STREAMS 3394 * modules and drivers require. 3395 * 3396 * No new ioctls should ever be added to this list. 3397 * Instead, the STREAMS module or driver should be written 3398 * to either handle transparent ioctls or require any 3399 * userland programs to use I_STR ioctls (by returning 3400 * EINVAL to any transparent ioctl requests). 3401 * 3402 * More importantly, removing ioctls from this list should 3403 * be done with the utmost care, since our STREAMS modules 3404 * and drivers *count* on the stream head performing this 3405 * conversion, and thus may panic while processing 3406 * transparent ioctl request for one of these ioctls (keep 3407 * in mind that third party modules and drivers may have 3408 * similar problems). 3409 */ 3410 if (((cmd & IOCTYPE) == LDIOC) || 3411 ((cmd & IOCTYPE) == tIOC) || 3412 ((cmd & IOCTYPE) == TIOC) || 3413 ((cmd & IOCTYPE) == KIOC) || 3414 ((cmd & IOCTYPE) == MSIOC) || 3415 ((cmd & IOCTYPE) == VUIOC)) { 3416 /* 3417 * The ioctl is a tty ioctl - set up strioc buffer 3418 * and call strdoioctl() to do the work. 3419 */ 3420 if (stp->sd_flag & STRHUP) 3421 return (ENXIO); 3422 strioc.ic_cmd = cmd; 3423 strioc.ic_timout = INFTIM; 3424 3425 switch (cmd) { 3426 3427 case TCXONC: 3428 case TCSBRK: 3429 case TCFLSH: 3430 case TCDSET: 3431 { 3432 int native_arg = (int)arg; 3433 strioc.ic_len = sizeof (int); 3434 strioc.ic_dp = (char *)&native_arg; 3435 return (strdoioctl(stp, &strioc, flag, 3436 K_TO_K, crp, rvalp)); 3437 } 3438 3439 case TCSETA: 3440 case TCSETAW: 3441 case TCSETAF: 3442 strioc.ic_len = sizeof (struct termio); 3443 strioc.ic_dp = (char *)arg; 3444 return (strdoioctl(stp, &strioc, flag, 3445 copyflag, crp, rvalp)); 3446 3447 case TCSETS: 3448 case TCSETSW: 3449 case TCSETSF: 3450 strioc.ic_len = sizeof (struct termios); 3451 strioc.ic_dp = (char *)arg; 3452 return (strdoioctl(stp, &strioc, flag, 3453 copyflag, crp, rvalp)); 3454 3455 case LDSETT: 3456 strioc.ic_len = sizeof (struct termcb); 3457 strioc.ic_dp = (char *)arg; 3458 return (strdoioctl(stp, &strioc, flag, 3459 copyflag, crp, rvalp)); 3460 3461 case TIOCSETP: 3462 strioc.ic_len = sizeof (struct sgttyb); 3463 strioc.ic_dp = (char *)arg; 3464 return (strdoioctl(stp, &strioc, flag, 3465 copyflag, crp, rvalp)); 3466 3467 case TIOCSTI: 3468 if ((flag & FREAD) == 0 && 3469 secpolicy_sti(crp) != 0) { 3470 return (EPERM); 3471 } 3472 mutex_enter(&stp->sd_lock); 3473 mutex_enter(&curproc->p_splock); 3474 if (stp->sd_sidp != curproc->p_sessp->s_sidp && 3475 secpolicy_sti(crp) != 0) { 3476 mutex_exit(&curproc->p_splock); 3477 mutex_exit(&stp->sd_lock); 3478 return (EACCES); 3479 } 3480 mutex_exit(&curproc->p_splock); 3481 mutex_exit(&stp->sd_lock); 3482 3483 strioc.ic_len = sizeof (char); 3484 strioc.ic_dp = (char *)arg; 3485 return (strdoioctl(stp, &strioc, flag, 3486 copyflag, crp, rvalp)); 3487 3488 case TIOCSWINSZ: 3489 strioc.ic_len = sizeof (struct winsize); 3490 strioc.ic_dp = (char *)arg; 3491 return (strdoioctl(stp, &strioc, flag, 3492 copyflag, crp, rvalp)); 3493 3494 case TIOCSSIZE: 3495 strioc.ic_len = sizeof (struct ttysize); 3496 strioc.ic_dp = (char *)arg; 3497 return (strdoioctl(stp, &strioc, flag, 3498 copyflag, crp, rvalp)); 3499 3500 case TIOCSSOFTCAR: 3501 case KIOCTRANS: 3502 case KIOCTRANSABLE: 3503 case KIOCCMD: 3504 case KIOCSDIRECT: 3505 case KIOCSCOMPAT: 3506 case KIOCSKABORTEN: 3507 case KIOCSRPTDELAY: 3508 case KIOCSRPTRATE: 3509 case VUIDSFORMAT: 3510 case TIOCSPPS: 3511 strioc.ic_len = sizeof (int); 3512 strioc.ic_dp = (char *)arg; 3513 return (strdoioctl(stp, &strioc, flag, 3514 copyflag, crp, rvalp)); 3515 3516 case KIOCSETKEY: 3517 case KIOCGETKEY: 3518 strioc.ic_len = sizeof (struct kiockey); 3519 strioc.ic_dp = (char *)arg; 3520 return (strdoioctl(stp, &strioc, flag, 3521 copyflag, crp, rvalp)); 3522 3523 case KIOCSKEY: 3524 case KIOCGKEY: 3525 strioc.ic_len = sizeof (struct kiockeymap); 3526 strioc.ic_dp = (char *)arg; 3527 return (strdoioctl(stp, &strioc, flag, 3528 copyflag, crp, rvalp)); 3529 3530 case KIOCSLED: 3531 /* arg is a pointer to char */ 3532 strioc.ic_len = sizeof (char); 3533 strioc.ic_dp = (char *)arg; 3534 return (strdoioctl(stp, &strioc, flag, 3535 copyflag, crp, rvalp)); 3536 3537 case MSIOSETPARMS: 3538 strioc.ic_len = sizeof (Ms_parms); 3539 strioc.ic_dp = (char *)arg; 3540 return (strdoioctl(stp, &strioc, flag, 3541 copyflag, crp, rvalp)); 3542 3543 case VUIDSADDR: 3544 case VUIDGADDR: 3545 strioc.ic_len = sizeof (struct vuid_addr_probe); 3546 strioc.ic_dp = (char *)arg; 3547 return (strdoioctl(stp, &strioc, flag, 3548 copyflag, crp, rvalp)); 3549 3550 /* 3551 * These M_IOCTL's don't require any data to be sent 3552 * downstream, and the driver will allocate and link 3553 * on its own mblk_t upon M_IOCACK -- thus we set 3554 * ic_len to zero and set ic_dp to arg so we know 3555 * where to copyout to later. 3556 */ 3557 case TIOCGSOFTCAR: 3558 case TIOCGWINSZ: 3559 case TIOCGSIZE: 3560 case KIOCGTRANS: 3561 case KIOCGTRANSABLE: 3562 case KIOCTYPE: 3563 case KIOCGDIRECT: 3564 case KIOCGCOMPAT: 3565 case KIOCLAYOUT: 3566 case KIOCGLED: 3567 case MSIOGETPARMS: 3568 case MSIOBUTTONS: 3569 case VUIDGFORMAT: 3570 case TIOCGPPS: 3571 case TIOCGPPSEV: 3572 case TCGETA: 3573 case TCGETS: 3574 case LDGETT: 3575 case TIOCGETP: 3576 case KIOCGRPTDELAY: 3577 case KIOCGRPTRATE: 3578 strioc.ic_len = 0; 3579 strioc.ic_dp = (char *)arg; 3580 return (strdoioctl(stp, &strioc, flag, 3581 copyflag, crp, rvalp)); 3582 } 3583 } 3584 3585 /* 3586 * Unknown cmd - send it down as a transparent ioctl. 3587 */ 3588 strioc.ic_cmd = cmd; 3589 strioc.ic_timout = INFTIM; 3590 strioc.ic_len = TRANSPARENT; 3591 strioc.ic_dp = (char *)&arg; 3592 3593 return (strdoioctl(stp, &strioc, flag, copyflag, crp, rvalp)); 3594 3595 case I_STR: 3596 /* 3597 * Stream ioctl. Read in an strioctl buffer from the user 3598 * along with any data specified and send it downstream. 3599 * Strdoioctl will wait allow only one ioctl message at 3600 * a time, and waits for the acknowledgement. 3601 */ 3602 3603 if (stp->sd_flag & STRHUP) 3604 return (ENXIO); 3605 3606 error = strcopyin_strioctl((void *)arg, &strioc, flag, 3607 copyflag); 3608 if (error != 0) 3609 return (error); 3610 3611 if ((strioc.ic_len < 0) || (strioc.ic_timout < -1)) 3612 return (EINVAL); 3613 3614 access = job_control_type(strioc.ic_cmd); 3615 mutex_enter(&stp->sd_lock); 3616 if ((access != -1) && 3617 ((error = i_straccess(stp, access)) != 0)) { 3618 mutex_exit(&stp->sd_lock); 3619 return (error); 3620 } 3621 mutex_exit(&stp->sd_lock); 3622 3623 /* 3624 * The I_STR facility provides a trap door for malicious 3625 * code to send down bogus streamio(7I) ioctl commands to 3626 * unsuspecting STREAMS modules and drivers which expect to 3627 * only get these messages from the stream head. 3628 * Explicitly prohibit any streamio ioctls which can be 3629 * passed downstream by the stream head. Note that we do 3630 * not block all streamio ioctls because the ioctl 3631 * numberspace is not well managed and thus it's possible 3632 * that a module or driver's ioctl numbers may accidentally 3633 * collide with them. 3634 */ 3635 switch (strioc.ic_cmd) { 3636 case I_LINK: 3637 case I_PLINK: 3638 case I_UNLINK: 3639 case I_PUNLINK: 3640 case _I_GETPEERCRED: 3641 case _I_PLINK_LH: 3642 return (EINVAL); 3643 } 3644 3645 error = strdoioctl(stp, &strioc, flag, copyflag, crp, rvalp); 3646 if (error == 0) { 3647 error = strcopyout_strioctl(&strioc, (void *)arg, 3648 flag, copyflag); 3649 } 3650 return (error); 3651 3652 case _I_CMD: 3653 /* 3654 * Like I_STR, but without using M_IOC* messages and without 3655 * copyins/copyouts beyond the passed-in argument. 3656 */ 3657 if (stp->sd_flag & STRHUP) 3658 return (ENXIO); 3659 3660 if ((scp = kmem_alloc(sizeof (strcmd_t), KM_NOSLEEP)) == NULL) 3661 return (ENOMEM); 3662 3663 if (copyin((void *)arg, scp, sizeof (strcmd_t))) { 3664 kmem_free(scp, sizeof (strcmd_t)); 3665 return (EFAULT); 3666 } 3667 3668 access = job_control_type(scp->sc_cmd); 3669 mutex_enter(&stp->sd_lock); 3670 if (access != -1 && (error = i_straccess(stp, access)) != 0) { 3671 mutex_exit(&stp->sd_lock); 3672 kmem_free(scp, sizeof (strcmd_t)); 3673 return (error); 3674 } 3675 mutex_exit(&stp->sd_lock); 3676 3677 *rvalp = 0; 3678 if ((error = strdocmd(stp, scp, crp)) == 0) { 3679 if (copyout(scp, (void *)arg, sizeof (strcmd_t))) 3680 error = EFAULT; 3681 } 3682 kmem_free(scp, sizeof (strcmd_t)); 3683 return (error); 3684 3685 case I_NREAD: 3686 /* 3687 * Return number of bytes of data in first message 3688 * in queue in "arg" and return the number of messages 3689 * in queue in return value. 3690 */ 3691 { 3692 size_t size; 3693 int retval; 3694 int count = 0; 3695 3696 mutex_enter(QLOCK(rdq)); 3697 3698 size = msgdsize(rdq->q_first); 3699 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3700 count++; 3701 3702 mutex_exit(QLOCK(rdq)); 3703 if (stp->sd_struiordq) { 3704 infod_t infod; 3705 3706 infod.d_cmd = INFOD_COUNT; 3707 infod.d_count = 0; 3708 if (count == 0) { 3709 infod.d_cmd |= INFOD_FIRSTBYTES; 3710 infod.d_bytes = 0; 3711 } 3712 infod.d_res = 0; 3713 (void) infonext(rdq, &infod); 3714 count += infod.d_count; 3715 if (infod.d_res & INFOD_FIRSTBYTES) 3716 size = infod.d_bytes; 3717 } 3718 3719 /* 3720 * Drop down from size_t to the "int" required by the 3721 * interface. Cap at INT_MAX. 3722 */ 3723 retval = MIN(size, INT_MAX); 3724 error = strcopyout(&retval, (void *)arg, sizeof (retval), 3725 copyflag); 3726 if (!error) 3727 *rvalp = count; 3728 return (error); 3729 } 3730 3731 case FIONREAD: 3732 /* 3733 * Return number of bytes of data in all data messages 3734 * in queue in "arg". 3735 */ 3736 { 3737 size_t size = 0; 3738 int retval; 3739 3740 mutex_enter(QLOCK(rdq)); 3741 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3742 size += msgdsize(mp); 3743 mutex_exit(QLOCK(rdq)); 3744 3745 if (stp->sd_struiordq) { 3746 infod_t infod; 3747 3748 infod.d_cmd = INFOD_BYTES; 3749 infod.d_res = 0; 3750 infod.d_bytes = 0; 3751 (void) infonext(rdq, &infod); 3752 size += infod.d_bytes; 3753 } 3754 3755 /* 3756 * Drop down from size_t to the "int" required by the 3757 * interface. Cap at INT_MAX. 3758 */ 3759 retval = MIN(size, INT_MAX); 3760 error = strcopyout(&retval, (void *)arg, sizeof (retval), 3761 copyflag); 3762 3763 *rvalp = 0; 3764 return (error); 3765 } 3766 case FIORDCHK: 3767 /* 3768 * FIORDCHK does not use arg value (like FIONREAD), 3769 * instead a count is returned. I_NREAD value may 3770 * not be accurate but safe. The real thing to do is 3771 * to add the msgdsizes of all data messages until 3772 * a non-data message. 3773 */ 3774 { 3775 size_t size = 0; 3776 3777 mutex_enter(QLOCK(rdq)); 3778 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3779 size += msgdsize(mp); 3780 mutex_exit(QLOCK(rdq)); 3781 3782 if (stp->sd_struiordq) { 3783 infod_t infod; 3784 3785 infod.d_cmd = INFOD_BYTES; 3786 infod.d_res = 0; 3787 infod.d_bytes = 0; 3788 (void) infonext(rdq, &infod); 3789 size += infod.d_bytes; 3790 } 3791 3792 /* 3793 * Since ioctl returns an int, and memory sizes under 3794 * LP64 may not fit, we return INT_MAX if the count was 3795 * actually greater. 3796 */ 3797 *rvalp = MIN(size, INT_MAX); 3798 return (0); 3799 } 3800 3801 case I_FIND: 3802 /* 3803 * Get module name. 3804 */ 3805 { 3806 char mname[FMNAMESZ + 1]; 3807 queue_t *q; 3808 3809 error = (copyflag & U_TO_K ? copyinstr : copystr)((void *)arg, 3810 mname, FMNAMESZ + 1, NULL); 3811 if (error) 3812 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3813 3814 /* 3815 * Return EINVAL if we're handed a bogus module name. 3816 */ 3817 if (fmodsw_find(mname, FMODSW_LOAD) == NULL) { 3818 TRACE_0(TR_FAC_STREAMS_FR, 3819 TR_I_CANT_FIND, "couldn't I_FIND"); 3820 return (EINVAL); 3821 } 3822 3823 *rvalp = 0; 3824 3825 /* Look downstream to see if module is there. */ 3826 claimstr(stp->sd_wrq); 3827 for (q = stp->sd_wrq->q_next; q; q = q->q_next) { 3828 if (q->q_flag&QREADR) { 3829 q = NULL; 3830 break; 3831 } 3832 if (strcmp(mname, q->q_qinfo->qi_minfo->mi_idname) == 0) 3833 break; 3834 } 3835 releasestr(stp->sd_wrq); 3836 3837 *rvalp = (q ? 1 : 0); 3838 return (error); 3839 } 3840 3841 case I_PUSH: 3842 case __I_PUSH_NOCTTY: 3843 /* 3844 * Push a module. 3845 * For the case __I_PUSH_NOCTTY push a module but 3846 * do not allocate controlling tty. See bugid 4025044 3847 */ 3848 3849 { 3850 char mname[FMNAMESZ + 1]; 3851 fmodsw_impl_t *fp; 3852 dev_t dummydev; 3853 3854 if (stp->sd_flag & STRHUP) 3855 return (ENXIO); 3856 3857 /* 3858 * Get module name and look up in fmodsw. 3859 */ 3860 error = (copyflag & U_TO_K ? copyinstr : copystr)((void *)arg, 3861 mname, FMNAMESZ + 1, NULL); 3862 if (error) 3863 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3864 3865 if ((fp = fmodsw_find(mname, FMODSW_HOLD | FMODSW_LOAD)) == 3866 NULL) 3867 return (EINVAL); 3868 3869 TRACE_2(TR_FAC_STREAMS_FR, TR_I_PUSH, 3870 "I_PUSH:fp %p stp %p", fp, stp); 3871 3872 if (error = strstartplumb(stp, flag, cmd)) { 3873 fmodsw_rele(fp); 3874 return (error); 3875 } 3876 3877 /* 3878 * See if any more modules can be pushed on this stream. 3879 * Note that this check must be done after strstartplumb() 3880 * since otherwise multiple threads issuing I_PUSHes on 3881 * the same stream will be able to exceed nstrpush. 3882 */ 3883 mutex_enter(&stp->sd_lock); 3884 if (stp->sd_pushcnt >= nstrpush) { 3885 fmodsw_rele(fp); 3886 strendplumb(stp); 3887 mutex_exit(&stp->sd_lock); 3888 return (EINVAL); 3889 } 3890 mutex_exit(&stp->sd_lock); 3891 3892 /* 3893 * Push new module and call its open routine 3894 * via qattach(). Modules don't change device 3895 * numbers, so just ignore dummydev here. 3896 */ 3897 dummydev = vp->v_rdev; 3898 if ((error = qattach(rdq, &dummydev, 0, crp, fp, 3899 B_FALSE)) == 0) { 3900 if (vp->v_type == VCHR && /* sorry, no pipes allowed */ 3901 (cmd == I_PUSH) && (stp->sd_flag & STRISTTY)) { 3902 /* 3903 * try to allocate it as a controlling terminal 3904 */ 3905 (void) strctty(stp); 3906 } 3907 } 3908 3909 mutex_enter(&stp->sd_lock); 3910 3911 /* 3912 * As a performance concern we are caching the values of 3913 * q_minpsz and q_maxpsz of the module below the stream 3914 * head in the stream head. 3915 */ 3916 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 3917 rmin = stp->sd_wrq->q_next->q_minpsz; 3918 rmax = stp->sd_wrq->q_next->q_maxpsz; 3919 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 3920 3921 /* Do this processing here as a performance concern */ 3922 if (strmsgsz != 0) { 3923 if (rmax == INFPSZ) 3924 rmax = strmsgsz; 3925 else { 3926 if (vp->v_type == VFIFO) 3927 rmax = MIN(PIPE_BUF, rmax); 3928 else rmax = MIN(strmsgsz, rmax); 3929 } 3930 } 3931 3932 mutex_enter(QLOCK(wrq)); 3933 stp->sd_qn_minpsz = rmin; 3934 stp->sd_qn_maxpsz = rmax; 3935 mutex_exit(QLOCK(wrq)); 3936 3937 strendplumb(stp); 3938 mutex_exit(&stp->sd_lock); 3939 return (error); 3940 } 3941 3942 case I_POP: 3943 { 3944 queue_t *q; 3945 3946 if (stp->sd_flag & STRHUP) 3947 return (ENXIO); 3948 if (!wrq->q_next) /* for broken pipes */ 3949 return (EINVAL); 3950 3951 if (error = strstartplumb(stp, flag, cmd)) 3952 return (error); 3953 3954 /* 3955 * If there is an anchor on this stream and popping 3956 * the current module would attempt to pop through the 3957 * anchor, then disallow the pop unless we have sufficient 3958 * privileges; take the cheapest (non-locking) check 3959 * first. 3960 */ 3961 if (secpolicy_ip_config(crp, B_TRUE) != 0 || 3962 (stp->sd_anchorzone != crgetzoneid(crp))) { 3963 mutex_enter(&stp->sd_lock); 3964 /* 3965 * Anchors only apply if there's at least one 3966 * module on the stream (sd_pushcnt > 0). 3967 */ 3968 if (stp->sd_pushcnt > 0 && 3969 stp->sd_pushcnt == stp->sd_anchor && 3970 stp->sd_vnode->v_type != VFIFO) { 3971 strendplumb(stp); 3972 mutex_exit(&stp->sd_lock); 3973 if (stp->sd_anchorzone != crgetzoneid(crp)) 3974 return (EINVAL); 3975 /* Audit and report error */ 3976 return (secpolicy_ip_config(crp, B_FALSE)); 3977 } 3978 mutex_exit(&stp->sd_lock); 3979 } 3980 3981 q = wrq->q_next; 3982 TRACE_2(TR_FAC_STREAMS_FR, TR_I_POP, 3983 "I_POP:%p from %p", q, stp); 3984 if (q->q_next == NULL || (q->q_flag & (QREADR|QISDRV))) { 3985 error = EINVAL; 3986 } else { 3987 qdetach(_RD(q), 1, flag, crp, B_FALSE); 3988 error = 0; 3989 } 3990 mutex_enter(&stp->sd_lock); 3991 3992 /* 3993 * As a performance concern we are caching the values of 3994 * q_minpsz and q_maxpsz of the module below the stream 3995 * head in the stream head. 3996 */ 3997 mutex_enter(QLOCK(wrq->q_next)); 3998 rmin = wrq->q_next->q_minpsz; 3999 rmax = wrq->q_next->q_maxpsz; 4000 mutex_exit(QLOCK(wrq->q_next)); 4001 4002 /* Do this processing here as a performance concern */ 4003 if (strmsgsz != 0) { 4004 if (rmax == INFPSZ) 4005 rmax = strmsgsz; 4006 else { 4007 if (vp->v_type == VFIFO) 4008 rmax = MIN(PIPE_BUF, rmax); 4009 else rmax = MIN(strmsgsz, rmax); 4010 } 4011 } 4012 4013 mutex_enter(QLOCK(wrq)); 4014 stp->sd_qn_minpsz = rmin; 4015 stp->sd_qn_maxpsz = rmax; 4016 mutex_exit(QLOCK(wrq)); 4017 4018 /* If we popped through the anchor, then reset the anchor. */ 4019 if (stp->sd_pushcnt < stp->sd_anchor) { 4020 stp->sd_anchor = 0; 4021 stp->sd_anchorzone = 0; 4022 } 4023 strendplumb(stp); 4024 mutex_exit(&stp->sd_lock); 4025 return (error); 4026 } 4027 4028 case _I_MUXID2FD: 4029 { 4030 /* 4031 * Create a fd for a I_PLINK'ed lower stream with a given 4032 * muxid. With the fd, application can send down ioctls, 4033 * like I_LIST, to the previously I_PLINK'ed stream. Note 4034 * that after getting the fd, the application has to do an 4035 * I_PUNLINK on the muxid before it can do any operation 4036 * on the lower stream. This is required by spec1170. 4037 * 4038 * The fd used to do this ioctl should point to the same 4039 * controlling device used to do the I_PLINK. If it uses 4040 * a different stream or an invalid muxid, I_MUXID2FD will 4041 * fail. The error code is set to EINVAL. 4042 * 4043 * The intended use of this interface is the following. 4044 * An application I_PLINK'ed a stream and exits. The fd 4045 * to the lower stream is gone. Another application 4046 * wants to get a fd to the lower stream, it uses I_MUXID2FD. 4047 */ 4048 int muxid = (int)arg; 4049 int fd; 4050 linkinfo_t *linkp; 4051 struct file *fp; 4052 netstack_t *ns; 4053 str_stack_t *ss; 4054 4055 /* 4056 * Do not allow the wildcard muxid. This ioctl is not 4057 * intended to find arbitrary link. 4058 */ 4059 if (muxid == 0) { 4060 return (EINVAL); 4061 } 4062 4063 ns = netstack_find_by_cred(crp); 4064 ASSERT(ns != NULL); 4065 ss = ns->netstack_str; 4066 ASSERT(ss != NULL); 4067 4068 mutex_enter(&muxifier); 4069 linkp = findlinks(vp->v_stream, muxid, LINKPERSIST, ss); 4070 if (linkp == NULL) { 4071 mutex_exit(&muxifier); 4072 netstack_rele(ss->ss_netstack); 4073 return (EINVAL); 4074 } 4075 4076 if ((fd = ufalloc(0)) == -1) { 4077 mutex_exit(&muxifier); 4078 netstack_rele(ss->ss_netstack); 4079 return (EMFILE); 4080 } 4081 fp = linkp->li_fpdown; 4082 mutex_enter(&fp->f_tlock); 4083 fp->f_count++; 4084 mutex_exit(&fp->f_tlock); 4085 mutex_exit(&muxifier); 4086 setf(fd, fp); 4087 *rvalp = fd; 4088 netstack_rele(ss->ss_netstack); 4089 return (0); 4090 } 4091 4092 case _I_INSERT: 4093 { 4094 /* 4095 * To insert a module to a given position in a stream. 4096 * In the first release, only allow privileged user 4097 * to use this ioctl. Furthermore, the insert is only allowed 4098 * below an anchor if the zoneid is the same as the zoneid 4099 * which created the anchor. 4100 * 4101 * Note that we do not plan to support this ioctl 4102 * on pipes in the first release. We want to learn more 4103 * about the implications of these ioctls before extending 4104 * their support. And we do not think these features are 4105 * valuable for pipes. 4106 * 4107 * Neither do we support O/C hot stream. Note that only 4108 * the upper streams of TCP/IP stack are O/C hot streams. 4109 * The lower IP stream is not. 4110 * When there is a O/C cold barrier, we only allow inserts 4111 * above the barrier. 4112 */ 4113 STRUCT_DECL(strmodconf, strmodinsert); 4114 char mod_name[FMNAMESZ + 1]; 4115 fmodsw_impl_t *fp; 4116 dev_t dummydev; 4117 queue_t *tmp_wrq; 4118 int pos; 4119 boolean_t is_insert; 4120 4121 STRUCT_INIT(strmodinsert, flag); 4122 if (stp->sd_flag & STRHUP) 4123 return (ENXIO); 4124 if (STRMATED(stp)) 4125 return (EINVAL); 4126 if ((error = secpolicy_net_config(crp, B_FALSE)) != 0) 4127 return (error); 4128 if (stp->sd_anchor != 0 && 4129 stp->sd_anchorzone != crgetzoneid(crp)) 4130 return (EINVAL); 4131 4132 error = strcopyin((void *)arg, STRUCT_BUF(strmodinsert), 4133 STRUCT_SIZE(strmodinsert), copyflag); 4134 if (error) 4135 return (error); 4136 4137 /* 4138 * Get module name and look up in fmodsw. 4139 */ 4140 error = (copyflag & U_TO_K ? copyinstr : 4141 copystr)(STRUCT_FGETP(strmodinsert, mod_name), 4142 mod_name, FMNAMESZ + 1, NULL); 4143 if (error) 4144 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 4145 4146 if ((fp = fmodsw_find(mod_name, FMODSW_HOLD | FMODSW_LOAD)) == 4147 NULL) 4148 return (EINVAL); 4149 4150 if (error = strstartplumb(stp, flag, cmd)) { 4151 fmodsw_rele(fp); 4152 return (error); 4153 } 4154 4155 /* 4156 * Is this _I_INSERT just like an I_PUSH? We need to know 4157 * this because we do some optimizations if this is a 4158 * module being pushed. 4159 */ 4160 pos = STRUCT_FGET(strmodinsert, pos); 4161 is_insert = (pos != 0); 4162 4163 /* 4164 * Make sure pos is valid. Even though it is not an I_PUSH, 4165 * we impose the same limit on the number of modules in a 4166 * stream. 4167 */ 4168 mutex_enter(&stp->sd_lock); 4169 if (stp->sd_pushcnt >= nstrpush || pos < 0 || 4170 pos > stp->sd_pushcnt) { 4171 fmodsw_rele(fp); 4172 strendplumb(stp); 4173 mutex_exit(&stp->sd_lock); 4174 return (EINVAL); 4175 } 4176 if (stp->sd_anchor != 0) { 4177 /* 4178 * Is this insert below the anchor? 4179 * Pushcnt hasn't been increased yet hence 4180 * we test for greater than here, and greater or 4181 * equal after qattach. 4182 */ 4183 if (pos > (stp->sd_pushcnt - stp->sd_anchor) && 4184 stp->sd_anchorzone != crgetzoneid(crp)) { 4185 fmodsw_rele(fp); 4186 strendplumb(stp); 4187 mutex_exit(&stp->sd_lock); 4188 return (EPERM); 4189 } 4190 } 4191 4192 mutex_exit(&stp->sd_lock); 4193 4194 /* 4195 * First find the correct position this module to 4196 * be inserted. We don't need to call claimstr() 4197 * as the stream should not be changing at this point. 4198 * 4199 * Insert new module and call its open routine 4200 * via qattach(). Modules don't change device 4201 * numbers, so just ignore dummydev here. 4202 */ 4203 for (tmp_wrq = stp->sd_wrq; pos > 0; 4204 tmp_wrq = tmp_wrq->q_next, pos--) { 4205 ASSERT(SAMESTR(tmp_wrq)); 4206 } 4207 dummydev = vp->v_rdev; 4208 if ((error = qattach(_RD(tmp_wrq), &dummydev, 0, crp, 4209 fp, is_insert)) != 0) { 4210 mutex_enter(&stp->sd_lock); 4211 strendplumb(stp); 4212 mutex_exit(&stp->sd_lock); 4213 return (error); 4214 } 4215 4216 mutex_enter(&stp->sd_lock); 4217 4218 /* 4219 * As a performance concern we are caching the values of 4220 * q_minpsz and q_maxpsz of the module below the stream 4221 * head in the stream head. 4222 */ 4223 if (!is_insert) { 4224 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 4225 rmin = stp->sd_wrq->q_next->q_minpsz; 4226 rmax = stp->sd_wrq->q_next->q_maxpsz; 4227 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 4228 4229 /* Do this processing here as a performance concern */ 4230 if (strmsgsz != 0) { 4231 if (rmax == INFPSZ) { 4232 rmax = strmsgsz; 4233 } else { 4234 rmax = MIN(strmsgsz, rmax); 4235 } 4236 } 4237 4238 mutex_enter(QLOCK(wrq)); 4239 stp->sd_qn_minpsz = rmin; 4240 stp->sd_qn_maxpsz = rmax; 4241 mutex_exit(QLOCK(wrq)); 4242 } 4243 4244 /* 4245 * Need to update the anchor value if this module is 4246 * inserted below the anchor point. 4247 */ 4248 if (stp->sd_anchor != 0) { 4249 pos = STRUCT_FGET(strmodinsert, pos); 4250 if (pos >= (stp->sd_pushcnt - stp->sd_anchor)) 4251 stp->sd_anchor++; 4252 } 4253 4254 strendplumb(stp); 4255 mutex_exit(&stp->sd_lock); 4256 return (0); 4257 } 4258 4259 case _I_REMOVE: 4260 { 4261 /* 4262 * To remove a module with a given name in a stream. The 4263 * caller of this ioctl needs to provide both the name and 4264 * the position of the module to be removed. This eliminates 4265 * the ambiguity of removal if a module is inserted/pushed 4266 * multiple times in a stream. In the first release, only 4267 * allow privileged user to use this ioctl. 4268 * Furthermore, the remove is only allowed 4269 * below an anchor if the zoneid is the same as the zoneid 4270 * which created the anchor. 4271 * 4272 * Note that we do not plan to support this ioctl 4273 * on pipes in the first release. We want to learn more 4274 * about the implications of these ioctls before extending 4275 * their support. And we do not think these features are 4276 * valuable for pipes. 4277 * 4278 * Neither do we support O/C hot stream. Note that only 4279 * the upper streams of TCP/IP stack are O/C hot streams. 4280 * The lower IP stream is not. 4281 * When there is a O/C cold barrier we do not allow removal 4282 * below the barrier. 4283 * 4284 * Also note that _I_REMOVE cannot be used to remove a 4285 * driver or the stream head. 4286 */ 4287 STRUCT_DECL(strmodconf, strmodremove); 4288 queue_t *q; 4289 int pos; 4290 char mod_name[FMNAMESZ + 1]; 4291 boolean_t is_remove; 4292 4293 STRUCT_INIT(strmodremove, flag); 4294 if (stp->sd_flag & STRHUP) 4295 return (ENXIO); 4296 if (STRMATED(stp)) 4297 return (EINVAL); 4298 if ((error = secpolicy_net_config(crp, B_FALSE)) != 0) 4299 return (error); 4300 if (stp->sd_anchor != 0 && 4301 stp->sd_anchorzone != crgetzoneid(crp)) 4302 return (EINVAL); 4303 4304 error = strcopyin((void *)arg, STRUCT_BUF(strmodremove), 4305 STRUCT_SIZE(strmodremove), copyflag); 4306 if (error) 4307 return (error); 4308 4309 error = (copyflag & U_TO_K ? copyinstr : 4310 copystr)(STRUCT_FGETP(strmodremove, mod_name), 4311 mod_name, FMNAMESZ + 1, NULL); 4312 if (error) 4313 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 4314 4315 if ((error = strstartplumb(stp, flag, cmd)) != 0) 4316 return (error); 4317 4318 /* 4319 * Match the name of given module to the name of module at 4320 * the given position. 4321 */ 4322 pos = STRUCT_FGET(strmodremove, pos); 4323 4324 is_remove = (pos != 0); 4325 for (q = stp->sd_wrq->q_next; SAMESTR(q) && pos > 0; 4326 q = q->q_next, pos--) 4327 ; 4328 if (pos > 0 || ! SAMESTR(q) || 4329 strncmp(q->q_qinfo->qi_minfo->mi_idname, mod_name, 4330 strlen(q->q_qinfo->qi_minfo->mi_idname)) != 0) { 4331 mutex_enter(&stp->sd_lock); 4332 strendplumb(stp); 4333 mutex_exit(&stp->sd_lock); 4334 return (EINVAL); 4335 } 4336 4337 /* 4338 * If the position is at or below an anchor, then the zoneid 4339 * must match the zoneid that created the anchor. 4340 */ 4341 if (stp->sd_anchor != 0) { 4342 pos = STRUCT_FGET(strmodremove, pos); 4343 if (pos >= (stp->sd_pushcnt - stp->sd_anchor) && 4344 stp->sd_anchorzone != crgetzoneid(crp)) { 4345 mutex_enter(&stp->sd_lock); 4346 strendplumb(stp); 4347 mutex_exit(&stp->sd_lock); 4348 return (EPERM); 4349 } 4350 } 4351 4352 4353 ASSERT(!(q->q_flag & QREADR)); 4354 qdetach(_RD(q), 1, flag, crp, is_remove); 4355 4356 mutex_enter(&stp->sd_lock); 4357 4358 /* 4359 * As a performance concern we are caching the values of 4360 * q_minpsz and q_maxpsz of the module below the stream 4361 * head in the stream head. 4362 */ 4363 if (!is_remove) { 4364 mutex_enter(QLOCK(wrq->q_next)); 4365 rmin = wrq->q_next->q_minpsz; 4366 rmax = wrq->q_next->q_maxpsz; 4367 mutex_exit(QLOCK(wrq->q_next)); 4368 4369 /* Do this processing here as a performance concern */ 4370 if (strmsgsz != 0) { 4371 if (rmax == INFPSZ) 4372 rmax = strmsgsz; 4373 else { 4374 if (vp->v_type == VFIFO) 4375 rmax = MIN(PIPE_BUF, rmax); 4376 else rmax = MIN(strmsgsz, rmax); 4377 } 4378 } 4379 4380 mutex_enter(QLOCK(wrq)); 4381 stp->sd_qn_minpsz = rmin; 4382 stp->sd_qn_maxpsz = rmax; 4383 mutex_exit(QLOCK(wrq)); 4384 } 4385 4386 /* 4387 * Need to update the anchor value if this module is removed 4388 * at or below the anchor point. If the removed module is at 4389 * the anchor point, remove the anchor for this stream if 4390 * there is no module above the anchor point. Otherwise, if 4391 * the removed module is below the anchor point, decrement the 4392 * anchor point by 1. 4393 */ 4394 if (stp->sd_anchor != 0) { 4395 pos = STRUCT_FGET(strmodremove, pos); 4396 if (pos == stp->sd_pushcnt - stp->sd_anchor + 1) 4397 stp->sd_anchor = 0; 4398 else if (pos > (stp->sd_pushcnt - stp->sd_anchor + 1)) 4399 stp->sd_anchor--; 4400 } 4401 4402 strendplumb(stp); 4403 mutex_exit(&stp->sd_lock); 4404 return (0); 4405 } 4406 4407 case I_ANCHOR: 4408 /* 4409 * Set the anchor position on the stream to reside at 4410 * the top module (in other words, the top module 4411 * cannot be popped). Anchors with a FIFO make no 4412 * obvious sense, so they're not allowed. 4413 */ 4414 mutex_enter(&stp->sd_lock); 4415 4416 if (stp->sd_vnode->v_type == VFIFO) { 4417 mutex_exit(&stp->sd_lock); 4418 return (EINVAL); 4419 } 4420 /* Only allow the same zoneid to update the anchor */ 4421 if (stp->sd_anchor != 0 && 4422 stp->sd_anchorzone != crgetzoneid(crp)) { 4423 mutex_exit(&stp->sd_lock); 4424 return (EINVAL); 4425 } 4426 stp->sd_anchor = stp->sd_pushcnt; 4427 stp->sd_anchorzone = crgetzoneid(crp); 4428 mutex_exit(&stp->sd_lock); 4429 return (0); 4430 4431 case I_LOOK: 4432 /* 4433 * Get name of first module downstream. 4434 * If no module, return an error. 4435 */ 4436 { 4437 claimstr(wrq); 4438 if (_SAMESTR(wrq) && wrq->q_next->q_next) { 4439 char *name = wrq->q_next->q_qinfo->qi_minfo->mi_idname; 4440 error = strcopyout(name, (void *)arg, strlen(name) + 1, 4441 copyflag); 4442 releasestr(wrq); 4443 return (error); 4444 } 4445 releasestr(wrq); 4446 return (EINVAL); 4447 } 4448 4449 case I_LINK: 4450 case I_PLINK: 4451 /* 4452 * Link a multiplexor. 4453 */ 4454 error = mlink(vp, cmd, (int)arg, crp, rvalp, 0); 4455 return (error); 4456 4457 case _I_PLINK_LH: 4458 /* 4459 * Link a multiplexor: Call must originate from kernel. 4460 */ 4461 if (kioctl) 4462 return (ldi_mlink_lh(vp, cmd, arg, crp, rvalp)); 4463 4464 return (EINVAL); 4465 case I_UNLINK: 4466 case I_PUNLINK: 4467 /* 4468 * Unlink a multiplexor. 4469 * If arg is -1, unlink all links for which this is the 4470 * controlling stream. Otherwise, arg is an index number 4471 * for a link to be removed. 4472 */ 4473 { 4474 struct linkinfo *linkp; 4475 int native_arg = (int)arg; 4476 int type; 4477 netstack_t *ns; 4478 str_stack_t *ss; 4479 4480 TRACE_1(TR_FAC_STREAMS_FR, 4481 TR_I_UNLINK, "I_UNLINK/I_PUNLINK:%p", stp); 4482 if (vp->v_type == VFIFO) { 4483 return (EINVAL); 4484 } 4485 if (cmd == I_UNLINK) 4486 type = LINKNORMAL; 4487 else /* I_PUNLINK */ 4488 type = LINKPERSIST; 4489 if (native_arg == 0) { 4490 return (EINVAL); 4491 } 4492 ns = netstack_find_by_cred(crp); 4493 ASSERT(ns != NULL); 4494 ss = ns->netstack_str; 4495 ASSERT(ss != NULL); 4496 4497 if (native_arg == MUXID_ALL) 4498 error = munlinkall(stp, type, crp, rvalp, ss); 4499 else { 4500 mutex_enter(&muxifier); 4501 if (!(linkp = findlinks(stp, (int)arg, type, ss))) { 4502 /* invalid user supplied index number */ 4503 mutex_exit(&muxifier); 4504 netstack_rele(ss->ss_netstack); 4505 return (EINVAL); 4506 } 4507 /* munlink drops the muxifier lock */ 4508 error = munlink(stp, linkp, type, crp, rvalp, ss); 4509 } 4510 netstack_rele(ss->ss_netstack); 4511 return (error); 4512 } 4513 4514 case I_FLUSH: 4515 /* 4516 * send a flush message downstream 4517 * flush message can indicate 4518 * FLUSHR - flush read queue 4519 * FLUSHW - flush write queue 4520 * FLUSHRW - flush read/write queue 4521 */ 4522 if (stp->sd_flag & STRHUP) 4523 return (ENXIO); 4524 if (arg & ~FLUSHRW) 4525 return (EINVAL); 4526 4527 for (;;) { 4528 if (putnextctl1(stp->sd_wrq, M_FLUSH, (int)arg)) { 4529 break; 4530 } 4531 if (error = strwaitbuf(1, BPRI_HI)) { 4532 return (error); 4533 } 4534 } 4535 4536 /* 4537 * Send down an unsupported ioctl and wait for the nack 4538 * in order to allow the M_FLUSH to propagate back 4539 * up to the stream head. 4540 * Replaces if (qready()) runqueues(); 4541 */ 4542 strioc.ic_cmd = -1; /* The unsupported ioctl */ 4543 strioc.ic_timout = 0; 4544 strioc.ic_len = 0; 4545 strioc.ic_dp = NULL; 4546 (void) strdoioctl(stp, &strioc, flag, K_TO_K, crp, rvalp); 4547 *rvalp = 0; 4548 return (0); 4549 4550 case I_FLUSHBAND: 4551 { 4552 struct bandinfo binfo; 4553 4554 error = strcopyin((void *)arg, &binfo, sizeof (binfo), 4555 copyflag); 4556 if (error) 4557 return (error); 4558 if (stp->sd_flag & STRHUP) 4559 return (ENXIO); 4560 if (binfo.bi_flag & ~FLUSHRW) 4561 return (EINVAL); 4562 while (!(mp = allocb(2, BPRI_HI))) { 4563 if (error = strwaitbuf(2, BPRI_HI)) 4564 return (error); 4565 } 4566 mp->b_datap->db_type = M_FLUSH; 4567 *mp->b_wptr++ = binfo.bi_flag | FLUSHBAND; 4568 *mp->b_wptr++ = binfo.bi_pri; 4569 putnext(stp->sd_wrq, mp); 4570 /* 4571 * Send down an unsupported ioctl and wait for the nack 4572 * in order to allow the M_FLUSH to propagate back 4573 * up to the stream head. 4574 * Replaces if (qready()) runqueues(); 4575 */ 4576 strioc.ic_cmd = -1; /* The unsupported ioctl */ 4577 strioc.ic_timout = 0; 4578 strioc.ic_len = 0; 4579 strioc.ic_dp = NULL; 4580 (void) strdoioctl(stp, &strioc, flag, K_TO_K, crp, rvalp); 4581 *rvalp = 0; 4582 return (0); 4583 } 4584 4585 case I_SRDOPT: 4586 /* 4587 * Set read options 4588 * 4589 * RNORM - default stream mode 4590 * RMSGN - message no discard 4591 * RMSGD - message discard 4592 * RPROTNORM - fail read with EBADMSG for M_[PC]PROTOs 4593 * RPROTDAT - convert M_[PC]PROTOs to M_DATAs 4594 * RPROTDIS - discard M_[PC]PROTOs and retain M_DATAs 4595 */ 4596 if (arg & ~(RMODEMASK | RPROTMASK)) 4597 return (EINVAL); 4598 4599 if ((arg & (RMSGD|RMSGN)) == (RMSGD|RMSGN)) 4600 return (EINVAL); 4601 4602 mutex_enter(&stp->sd_lock); 4603 switch (arg & RMODEMASK) { 4604 case RNORM: 4605 stp->sd_read_opt &= ~(RD_MSGDIS | RD_MSGNODIS); 4606 break; 4607 case RMSGD: 4608 stp->sd_read_opt = (stp->sd_read_opt & ~RD_MSGNODIS) | 4609 RD_MSGDIS; 4610 break; 4611 case RMSGN: 4612 stp->sd_read_opt = (stp->sd_read_opt & ~RD_MSGDIS) | 4613 RD_MSGNODIS; 4614 break; 4615 } 4616 4617 switch (arg & RPROTMASK) { 4618 case RPROTNORM: 4619 stp->sd_read_opt &= ~(RD_PROTDAT | RD_PROTDIS); 4620 break; 4621 4622 case RPROTDAT: 4623 stp->sd_read_opt = ((stp->sd_read_opt & ~RD_PROTDIS) | 4624 RD_PROTDAT); 4625 break; 4626 4627 case RPROTDIS: 4628 stp->sd_read_opt = ((stp->sd_read_opt & ~RD_PROTDAT) | 4629 RD_PROTDIS); 4630 break; 4631 } 4632 mutex_exit(&stp->sd_lock); 4633 return (0); 4634 4635 case I_GRDOPT: 4636 /* 4637 * Get read option and return the value 4638 * to spot pointed to by arg 4639 */ 4640 { 4641 int rdopt; 4642 4643 rdopt = ((stp->sd_read_opt & RD_MSGDIS) ? RMSGD : 4644 ((stp->sd_read_opt & RD_MSGNODIS) ? RMSGN : RNORM)); 4645 rdopt |= ((stp->sd_read_opt & RD_PROTDAT) ? RPROTDAT : 4646 ((stp->sd_read_opt & RD_PROTDIS) ? RPROTDIS : RPROTNORM)); 4647 4648 return (strcopyout(&rdopt, (void *)arg, sizeof (int), 4649 copyflag)); 4650 } 4651 4652 case I_SERROPT: 4653 /* 4654 * Set error options 4655 * 4656 * RERRNORM - persistent read errors 4657 * RERRNONPERSIST - non-persistent read errors 4658 * WERRNORM - persistent write errors 4659 * WERRNONPERSIST - non-persistent write errors 4660 */ 4661 if (arg & ~(RERRMASK | WERRMASK)) 4662 return (EINVAL); 4663 4664 mutex_enter(&stp->sd_lock); 4665 switch (arg & RERRMASK) { 4666 case RERRNORM: 4667 stp->sd_flag &= ~STRDERRNONPERSIST; 4668 break; 4669 case RERRNONPERSIST: 4670 stp->sd_flag |= STRDERRNONPERSIST; 4671 break; 4672 } 4673 switch (arg & WERRMASK) { 4674 case WERRNORM: 4675 stp->sd_flag &= ~STWRERRNONPERSIST; 4676 break; 4677 case WERRNONPERSIST: 4678 stp->sd_flag |= STWRERRNONPERSIST; 4679 break; 4680 } 4681 mutex_exit(&stp->sd_lock); 4682 return (0); 4683 4684 case I_GERROPT: 4685 /* 4686 * Get error option and return the value 4687 * to spot pointed to by arg 4688 */ 4689 { 4690 int erropt = 0; 4691 4692 erropt |= (stp->sd_flag & STRDERRNONPERSIST) ? RERRNONPERSIST : 4693 RERRNORM; 4694 erropt |= (stp->sd_flag & STWRERRNONPERSIST) ? WERRNONPERSIST : 4695 WERRNORM; 4696 return (strcopyout(&erropt, (void *)arg, sizeof (int), 4697 copyflag)); 4698 } 4699 4700 case I_SETSIG: 4701 /* 4702 * Register the calling proc to receive the SIGPOLL 4703 * signal based on the events given in arg. If 4704 * arg is zero, remove the proc from register list. 4705 */ 4706 { 4707 strsig_t *ssp, *pssp; 4708 struct pid *pidp; 4709 4710 pssp = NULL; 4711 pidp = curproc->p_pidp; 4712 /* 4713 * Hold sd_lock to prevent traversal of sd_siglist while 4714 * it is modified. 4715 */ 4716 mutex_enter(&stp->sd_lock); 4717 for (ssp = stp->sd_siglist; ssp && (ssp->ss_pidp != pidp); 4718 pssp = ssp, ssp = ssp->ss_next) 4719 ; 4720 4721 if (arg) { 4722 if (arg & ~(S_INPUT|S_HIPRI|S_MSG|S_HANGUP|S_ERROR| 4723 S_RDNORM|S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG)) { 4724 mutex_exit(&stp->sd_lock); 4725 return (EINVAL); 4726 } 4727 if ((arg & S_BANDURG) && !(arg & S_RDBAND)) { 4728 mutex_exit(&stp->sd_lock); 4729 return (EINVAL); 4730 } 4731 4732 /* 4733 * If proc not already registered, add it 4734 * to list. 4735 */ 4736 if (!ssp) { 4737 ssp = kmem_alloc(sizeof (strsig_t), KM_SLEEP); 4738 ssp->ss_pidp = pidp; 4739 ssp->ss_pid = pidp->pid_id; 4740 ssp->ss_next = NULL; 4741 if (pssp) 4742 pssp->ss_next = ssp; 4743 else 4744 stp->sd_siglist = ssp; 4745 mutex_enter(&pidlock); 4746 PID_HOLD(pidp); 4747 mutex_exit(&pidlock); 4748 } 4749 4750 /* 4751 * Set events. 4752 */ 4753 ssp->ss_events = (int)arg; 4754 } else { 4755 /* 4756 * Remove proc from register list. 4757 */ 4758 if (ssp) { 4759 mutex_enter(&pidlock); 4760 PID_RELE(pidp); 4761 mutex_exit(&pidlock); 4762 if (pssp) 4763 pssp->ss_next = ssp->ss_next; 4764 else 4765 stp->sd_siglist = ssp->ss_next; 4766 kmem_free(ssp, sizeof (strsig_t)); 4767 } else { 4768 mutex_exit(&stp->sd_lock); 4769 return (EINVAL); 4770 } 4771 } 4772 4773 /* 4774 * Recalculate OR of sig events. 4775 */ 4776 stp->sd_sigflags = 0; 4777 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4778 stp->sd_sigflags |= ssp->ss_events; 4779 mutex_exit(&stp->sd_lock); 4780 return (0); 4781 } 4782 4783 case I_GETSIG: 4784 /* 4785 * Return (in arg) the current registration of events 4786 * for which the calling proc is to be signaled. 4787 */ 4788 { 4789 struct strsig *ssp; 4790 struct pid *pidp; 4791 4792 pidp = curproc->p_pidp; 4793 mutex_enter(&stp->sd_lock); 4794 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4795 if (ssp->ss_pidp == pidp) { 4796 error = strcopyout(&ssp->ss_events, (void *)arg, 4797 sizeof (int), copyflag); 4798 mutex_exit(&stp->sd_lock); 4799 return (error); 4800 } 4801 mutex_exit(&stp->sd_lock); 4802 return (EINVAL); 4803 } 4804 4805 case I_ESETSIG: 4806 /* 4807 * Register the ss_pid to receive the SIGPOLL 4808 * signal based on the events is ss_events arg. If 4809 * ss_events is zero, remove the proc from register list. 4810 */ 4811 { 4812 struct strsig *ssp, *pssp; 4813 struct proc *proc; 4814 struct pid *pidp; 4815 pid_t pid; 4816 struct strsigset ss; 4817 4818 error = strcopyin((void *)arg, &ss, sizeof (ss), copyflag); 4819 if (error) 4820 return (error); 4821 4822 pid = ss.ss_pid; 4823 4824 if (ss.ss_events != 0) { 4825 /* 4826 * Permissions check by sending signal 0. 4827 * Note that when kill fails it does a set_errno 4828 * causing the system call to fail. 4829 */ 4830 error = kill(pid, 0); 4831 if (error) { 4832 return (error); 4833 } 4834 } 4835 mutex_enter(&pidlock); 4836 if (pid == 0) 4837 proc = curproc; 4838 else if (pid < 0) 4839 proc = pgfind(-pid); 4840 else 4841 proc = prfind(pid); 4842 if (proc == NULL) { 4843 mutex_exit(&pidlock); 4844 return (ESRCH); 4845 } 4846 if (pid < 0) 4847 pidp = proc->p_pgidp; 4848 else 4849 pidp = proc->p_pidp; 4850 ASSERT(pidp); 4851 /* 4852 * Get a hold on the pid structure while referencing it. 4853 * There is a separate PID_HOLD should it be inserted 4854 * in the list below. 4855 */ 4856 PID_HOLD(pidp); 4857 mutex_exit(&pidlock); 4858 4859 pssp = NULL; 4860 /* 4861 * Hold sd_lock to prevent traversal of sd_siglist while 4862 * it is modified. 4863 */ 4864 mutex_enter(&stp->sd_lock); 4865 for (ssp = stp->sd_siglist; ssp && (ssp->ss_pid != pid); 4866 pssp = ssp, ssp = ssp->ss_next) 4867 ; 4868 4869 if (ss.ss_events) { 4870 if (ss.ss_events & 4871 ~(S_INPUT|S_HIPRI|S_MSG|S_HANGUP|S_ERROR| 4872 S_RDNORM|S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG)) { 4873 mutex_exit(&stp->sd_lock); 4874 mutex_enter(&pidlock); 4875 PID_RELE(pidp); 4876 mutex_exit(&pidlock); 4877 return (EINVAL); 4878 } 4879 if ((ss.ss_events & S_BANDURG) && 4880 !(ss.ss_events & S_RDBAND)) { 4881 mutex_exit(&stp->sd_lock); 4882 mutex_enter(&pidlock); 4883 PID_RELE(pidp); 4884 mutex_exit(&pidlock); 4885 return (EINVAL); 4886 } 4887 4888 /* 4889 * If proc not already registered, add it 4890 * to list. 4891 */ 4892 if (!ssp) { 4893 ssp = kmem_alloc(sizeof (strsig_t), KM_SLEEP); 4894 ssp->ss_pidp = pidp; 4895 ssp->ss_pid = pid; 4896 ssp->ss_next = NULL; 4897 if (pssp) 4898 pssp->ss_next = ssp; 4899 else 4900 stp->sd_siglist = ssp; 4901 mutex_enter(&pidlock); 4902 PID_HOLD(pidp); 4903 mutex_exit(&pidlock); 4904 } 4905 4906 /* 4907 * Set events. 4908 */ 4909 ssp->ss_events = ss.ss_events; 4910 } else { 4911 /* 4912 * Remove proc from register list. 4913 */ 4914 if (ssp) { 4915 mutex_enter(&pidlock); 4916 PID_RELE(pidp); 4917 mutex_exit(&pidlock); 4918 if (pssp) 4919 pssp->ss_next = ssp->ss_next; 4920 else 4921 stp->sd_siglist = ssp->ss_next; 4922 kmem_free(ssp, sizeof (strsig_t)); 4923 } else { 4924 mutex_exit(&stp->sd_lock); 4925 mutex_enter(&pidlock); 4926 PID_RELE(pidp); 4927 mutex_exit(&pidlock); 4928 return (EINVAL); 4929 } 4930 } 4931 4932 /* 4933 * Recalculate OR of sig events. 4934 */ 4935 stp->sd_sigflags = 0; 4936 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4937 stp->sd_sigflags |= ssp->ss_events; 4938 mutex_exit(&stp->sd_lock); 4939 mutex_enter(&pidlock); 4940 PID_RELE(pidp); 4941 mutex_exit(&pidlock); 4942 return (0); 4943 } 4944 4945 case I_EGETSIG: 4946 /* 4947 * Return (in arg) the current registration of events 4948 * for which the calling proc is to be signaled. 4949 */ 4950 { 4951 struct strsig *ssp; 4952 struct proc *proc; 4953 pid_t pid; 4954 struct pid *pidp; 4955 struct strsigset ss; 4956 4957 error = strcopyin((void *)arg, &ss, sizeof (ss), copyflag); 4958 if (error) 4959 return (error); 4960 4961 pid = ss.ss_pid; 4962 mutex_enter(&pidlock); 4963 if (pid == 0) 4964 proc = curproc; 4965 else if (pid < 0) 4966 proc = pgfind(-pid); 4967 else 4968 proc = prfind(pid); 4969 if (proc == NULL) { 4970 mutex_exit(&pidlock); 4971 return (ESRCH); 4972 } 4973 if (pid < 0) 4974 pidp = proc->p_pgidp; 4975 else 4976 pidp = proc->p_pidp; 4977 4978 /* Prevent the pidp from being reassigned */ 4979 PID_HOLD(pidp); 4980 mutex_exit(&pidlock); 4981 4982 mutex_enter(&stp->sd_lock); 4983 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4984 if (ssp->ss_pid == pid) { 4985 ss.ss_pid = ssp->ss_pid; 4986 ss.ss_events = ssp->ss_events; 4987 error = strcopyout(&ss, (void *)arg, 4988 sizeof (struct strsigset), copyflag); 4989 mutex_exit(&stp->sd_lock); 4990 mutex_enter(&pidlock); 4991 PID_RELE(pidp); 4992 mutex_exit(&pidlock); 4993 return (error); 4994 } 4995 mutex_exit(&stp->sd_lock); 4996 mutex_enter(&pidlock); 4997 PID_RELE(pidp); 4998 mutex_exit(&pidlock); 4999 return (EINVAL); 5000 } 5001 5002 case I_PEEK: 5003 { 5004 STRUCT_DECL(strpeek, strpeek); 5005 size_t n; 5006 mblk_t *fmp, *tmp_mp = NULL; 5007 5008 STRUCT_INIT(strpeek, flag); 5009 5010 error = strcopyin((void *)arg, STRUCT_BUF(strpeek), 5011 STRUCT_SIZE(strpeek), copyflag); 5012 if (error) 5013 return (error); 5014 5015 mutex_enter(QLOCK(rdq)); 5016 /* 5017 * Skip the invalid messages 5018 */ 5019 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 5020 if (mp->b_datap->db_type != M_SIG) 5021 break; 5022 5023 /* 5024 * If user has requested to peek at a high priority message 5025 * and first message is not, return 0 5026 */ 5027 if (mp != NULL) { 5028 if ((STRUCT_FGET(strpeek, flags) & RS_HIPRI) && 5029 queclass(mp) == QNORM) { 5030 *rvalp = 0; 5031 mutex_exit(QLOCK(rdq)); 5032 return (0); 5033 } 5034 } else if (stp->sd_struiordq == NULL || 5035 (STRUCT_FGET(strpeek, flags) & RS_HIPRI)) { 5036 /* 5037 * No mblks to look at at the streamhead and 5038 * 1). This isn't a synch stream or 5039 * 2). This is a synch stream but caller wants high 5040 * priority messages which is not supported by 5041 * the synch stream. (it only supports QNORM) 5042 */ 5043 *rvalp = 0; 5044 mutex_exit(QLOCK(rdq)); 5045 return (0); 5046 } 5047 5048 fmp = mp; 5049 5050 if (mp && mp->b_datap->db_type == M_PASSFP) { 5051 mutex_exit(QLOCK(rdq)); 5052 return (EBADMSG); 5053 } 5054 5055 ASSERT(mp == NULL || mp->b_datap->db_type == M_PCPROTO || 5056 mp->b_datap->db_type == M_PROTO || 5057 mp->b_datap->db_type == M_DATA); 5058 5059 if (mp && mp->b_datap->db_type == M_PCPROTO) { 5060 STRUCT_FSET(strpeek, flags, RS_HIPRI); 5061 } else { 5062 STRUCT_FSET(strpeek, flags, 0); 5063 } 5064 5065 5066 if (mp && ((tmp_mp = dupmsg(mp)) == NULL)) { 5067 mutex_exit(QLOCK(rdq)); 5068 return (ENOSR); 5069 } 5070 mutex_exit(QLOCK(rdq)); 5071 5072 /* 5073 * set mp = tmp_mp, so that I_PEEK processing can continue. 5074 * tmp_mp is used to free the dup'd message. 5075 */ 5076 mp = tmp_mp; 5077 5078 uio.uio_fmode = 0; 5079 uio.uio_extflg = UIO_COPY_CACHED; 5080 uio.uio_segflg = (copyflag == U_TO_K) ? UIO_USERSPACE : 5081 UIO_SYSSPACE; 5082 uio.uio_limit = 0; 5083 /* 5084 * First process PROTO blocks, if any. 5085 * If user doesn't want to get ctl info by setting maxlen <= 0, 5086 * then set len to -1/0 and skip control blocks part. 5087 */ 5088 if (STRUCT_FGET(strpeek, ctlbuf.maxlen) < 0) 5089 STRUCT_FSET(strpeek, ctlbuf.len, -1); 5090 else if (STRUCT_FGET(strpeek, ctlbuf.maxlen) == 0) 5091 STRUCT_FSET(strpeek, ctlbuf.len, 0); 5092 else { 5093 int ctl_part = 0; 5094 5095 iov.iov_base = STRUCT_FGETP(strpeek, ctlbuf.buf); 5096 iov.iov_len = STRUCT_FGET(strpeek, ctlbuf.maxlen); 5097 uio.uio_iov = &iov; 5098 uio.uio_resid = iov.iov_len; 5099 uio.uio_loffset = 0; 5100 uio.uio_iovcnt = 1; 5101 while (mp && mp->b_datap->db_type != M_DATA && 5102 uio.uio_resid >= 0) { 5103 ASSERT(STRUCT_FGET(strpeek, flags) == 0 ? 5104 mp->b_datap->db_type == M_PROTO : 5105 mp->b_datap->db_type == M_PCPROTO); 5106 5107 if ((n = MIN(uio.uio_resid, 5108 mp->b_wptr - mp->b_rptr)) != 0 && 5109 (error = uiomove((char *)mp->b_rptr, n, 5110 UIO_READ, &uio)) != 0) { 5111 freemsg(tmp_mp); 5112 return (error); 5113 } 5114 ctl_part = 1; 5115 mp = mp->b_cont; 5116 } 5117 /* No ctl message */ 5118 if (ctl_part == 0) 5119 STRUCT_FSET(strpeek, ctlbuf.len, -1); 5120 else 5121 STRUCT_FSET(strpeek, ctlbuf.len, 5122 STRUCT_FGET(strpeek, ctlbuf.maxlen) - 5123 uio.uio_resid); 5124 } 5125 5126 /* 5127 * Now process DATA blocks, if any. 5128 * If user doesn't want to get data info by setting maxlen <= 0, 5129 * then set len to -1/0 and skip data blocks part. 5130 */ 5131 if (STRUCT_FGET(strpeek, databuf.maxlen) < 0) 5132 STRUCT_FSET(strpeek, databuf.len, -1); 5133 else if (STRUCT_FGET(strpeek, databuf.maxlen) == 0) 5134 STRUCT_FSET(strpeek, databuf.len, 0); 5135 else { 5136 int data_part = 0; 5137 5138 iov.iov_base = STRUCT_FGETP(strpeek, databuf.buf); 5139 iov.iov_len = STRUCT_FGET(strpeek, databuf.maxlen); 5140 uio.uio_iov = &iov; 5141 uio.uio_resid = iov.iov_len; 5142 uio.uio_loffset = 0; 5143 uio.uio_iovcnt = 1; 5144 while (mp && uio.uio_resid) { 5145 if (mp->b_datap->db_type == M_DATA) { 5146 if ((n = MIN(uio.uio_resid, 5147 mp->b_wptr - mp->b_rptr)) != 0 && 5148 (error = uiomove((char *)mp->b_rptr, 5149 n, UIO_READ, &uio)) != 0) { 5150 freemsg(tmp_mp); 5151 return (error); 5152 } 5153 data_part = 1; 5154 } 5155 ASSERT(data_part == 0 || 5156 mp->b_datap->db_type == M_DATA); 5157 mp = mp->b_cont; 5158 } 5159 /* No data message */ 5160 if (data_part == 0) 5161 STRUCT_FSET(strpeek, databuf.len, -1); 5162 else 5163 STRUCT_FSET(strpeek, databuf.len, 5164 STRUCT_FGET(strpeek, databuf.maxlen) - 5165 uio.uio_resid); 5166 } 5167 freemsg(tmp_mp); 5168 5169 /* 5170 * It is a synch stream and user wants to get 5171 * data (maxlen > 0). 5172 * uio setup is done by the codes that process DATA 5173 * blocks above. 5174 */ 5175 if ((fmp == NULL) && STRUCT_FGET(strpeek, databuf.maxlen) > 0) { 5176 infod_t infod; 5177 5178 infod.d_cmd = INFOD_COPYOUT; 5179 infod.d_res = 0; 5180 infod.d_uiop = &uio; 5181 error = infonext(rdq, &infod); 5182 if (error == EINVAL || error == EBUSY) 5183 error = 0; 5184 if (error) 5185 return (error); 5186 STRUCT_FSET(strpeek, databuf.len, STRUCT_FGET(strpeek, 5187 databuf.maxlen) - uio.uio_resid); 5188 if (STRUCT_FGET(strpeek, databuf.len) == 0) { 5189 /* 5190 * No data found by the infonext(). 5191 */ 5192 STRUCT_FSET(strpeek, databuf.len, -1); 5193 } 5194 } 5195 error = strcopyout(STRUCT_BUF(strpeek), (void *)arg, 5196 STRUCT_SIZE(strpeek), copyflag); 5197 if (error) { 5198 return (error); 5199 } 5200 /* 5201 * If there is no message retrieved, set return code to 0 5202 * otherwise, set it to 1. 5203 */ 5204 if (STRUCT_FGET(strpeek, ctlbuf.len) == -1 && 5205 STRUCT_FGET(strpeek, databuf.len) == -1) 5206 *rvalp = 0; 5207 else 5208 *rvalp = 1; 5209 return (0); 5210 } 5211 5212 case I_FDINSERT: 5213 { 5214 STRUCT_DECL(strfdinsert, strfdinsert); 5215 struct file *resftp; 5216 struct stdata *resstp; 5217 t_uscalar_t ival; 5218 ssize_t msgsize; 5219 struct strbuf mctl; 5220 5221 STRUCT_INIT(strfdinsert, flag); 5222 if (stp->sd_flag & STRHUP) 5223 return (ENXIO); 5224 /* 5225 * STRDERR, STWRERR and STPLEX tested above. 5226 */ 5227 error = strcopyin((void *)arg, STRUCT_BUF(strfdinsert), 5228 STRUCT_SIZE(strfdinsert), copyflag); 5229 if (error) 5230 return (error); 5231 5232 if (STRUCT_FGET(strfdinsert, offset) < 0 || 5233 (STRUCT_FGET(strfdinsert, offset) % 5234 sizeof (t_uscalar_t)) != 0) 5235 return (EINVAL); 5236 if ((resftp = getf(STRUCT_FGET(strfdinsert, fildes))) != NULL) { 5237 if ((resstp = resftp->f_vnode->v_stream) == NULL) { 5238 releasef(STRUCT_FGET(strfdinsert, fildes)); 5239 return (EINVAL); 5240 } 5241 } else 5242 return (EINVAL); 5243 5244 mutex_enter(&resstp->sd_lock); 5245 if (resstp->sd_flag & (STRDERR|STWRERR|STRHUP|STPLEX)) { 5246 error = strgeterr(resstp, 5247 STRDERR|STWRERR|STRHUP|STPLEX, 0); 5248 if (error != 0) { 5249 mutex_exit(&resstp->sd_lock); 5250 releasef(STRUCT_FGET(strfdinsert, fildes)); 5251 return (error); 5252 } 5253 } 5254 mutex_exit(&resstp->sd_lock); 5255 5256 #ifdef _ILP32 5257 { 5258 queue_t *q; 5259 queue_t *mate = NULL; 5260 5261 /* get read queue of stream terminus */ 5262 claimstr(resstp->sd_wrq); 5263 for (q = resstp->sd_wrq->q_next; q->q_next != NULL; 5264 q = q->q_next) 5265 if (!STRMATED(resstp) && STREAM(q) != resstp && 5266 mate == NULL) { 5267 ASSERT(q->q_qinfo->qi_srvp); 5268 ASSERT(_OTHERQ(q)->q_qinfo->qi_srvp); 5269 claimstr(q); 5270 mate = q; 5271 } 5272 q = _RD(q); 5273 if (mate) 5274 releasestr(mate); 5275 releasestr(resstp->sd_wrq); 5276 ival = (t_uscalar_t)q; 5277 } 5278 #else 5279 ival = (t_uscalar_t)getminor(resftp->f_vnode->v_rdev); 5280 #endif /* _ILP32 */ 5281 5282 if (STRUCT_FGET(strfdinsert, ctlbuf.len) < 5283 STRUCT_FGET(strfdinsert, offset) + sizeof (t_uscalar_t)) { 5284 releasef(STRUCT_FGET(strfdinsert, fildes)); 5285 return (EINVAL); 5286 } 5287 5288 /* 5289 * Check for legal flag value. 5290 */ 5291 if (STRUCT_FGET(strfdinsert, flags) & ~RS_HIPRI) { 5292 releasef(STRUCT_FGET(strfdinsert, fildes)); 5293 return (EINVAL); 5294 } 5295 5296 /* get these values from those cached in the stream head */ 5297 mutex_enter(QLOCK(stp->sd_wrq)); 5298 rmin = stp->sd_qn_minpsz; 5299 rmax = stp->sd_qn_maxpsz; 5300 mutex_exit(QLOCK(stp->sd_wrq)); 5301 5302 /* 5303 * Make sure ctl and data sizes together fall within 5304 * the limits of the max and min receive packet sizes 5305 * and do not exceed system limit. A negative data 5306 * length means that no data part is to be sent. 5307 */ 5308 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 5309 if (rmax == 0) { 5310 releasef(STRUCT_FGET(strfdinsert, fildes)); 5311 return (ERANGE); 5312 } 5313 if ((msgsize = STRUCT_FGET(strfdinsert, databuf.len)) < 0) 5314 msgsize = 0; 5315 if ((msgsize < rmin) || 5316 ((msgsize > rmax) && (rmax != INFPSZ)) || 5317 (STRUCT_FGET(strfdinsert, ctlbuf.len) > strctlsz)) { 5318 releasef(STRUCT_FGET(strfdinsert, fildes)); 5319 return (ERANGE); 5320 } 5321 5322 mutex_enter(&stp->sd_lock); 5323 while (!(STRUCT_FGET(strfdinsert, flags) & RS_HIPRI) && 5324 !canputnext(stp->sd_wrq)) { 5325 if ((error = strwaitq(stp, WRITEWAIT, (ssize_t)0, 5326 flag, -1, &done)) != 0 || done) { 5327 mutex_exit(&stp->sd_lock); 5328 releasef(STRUCT_FGET(strfdinsert, fildes)); 5329 return (error); 5330 } 5331 if ((error = i_straccess(stp, access)) != 0) { 5332 mutex_exit(&stp->sd_lock); 5333 releasef( 5334 STRUCT_FGET(strfdinsert, fildes)); 5335 return (error); 5336 } 5337 } 5338 mutex_exit(&stp->sd_lock); 5339 5340 /* 5341 * Copy strfdinsert.ctlbuf into native form of 5342 * ctlbuf to pass down into strmakemsg(). 5343 */ 5344 mctl.maxlen = STRUCT_FGET(strfdinsert, ctlbuf.maxlen); 5345 mctl.len = STRUCT_FGET(strfdinsert, ctlbuf.len); 5346 mctl.buf = STRUCT_FGETP(strfdinsert, ctlbuf.buf); 5347 5348 iov.iov_base = STRUCT_FGETP(strfdinsert, databuf.buf); 5349 iov.iov_len = STRUCT_FGET(strfdinsert, databuf.len); 5350 uio.uio_iov = &iov; 5351 uio.uio_iovcnt = 1; 5352 uio.uio_loffset = 0; 5353 uio.uio_segflg = (copyflag == U_TO_K) ? UIO_USERSPACE : 5354 UIO_SYSSPACE; 5355 uio.uio_fmode = 0; 5356 uio.uio_extflg = UIO_COPY_CACHED; 5357 uio.uio_resid = iov.iov_len; 5358 if ((error = strmakemsg(&mctl, 5359 &msgsize, &uio, stp, 5360 STRUCT_FGET(strfdinsert, flags), &mp)) != 0 || !mp) { 5361 STRUCT_FSET(strfdinsert, databuf.len, msgsize); 5362 releasef(STRUCT_FGET(strfdinsert, fildes)); 5363 return (error); 5364 } 5365 5366 STRUCT_FSET(strfdinsert, databuf.len, msgsize); 5367 5368 /* 5369 * Place the possibly reencoded queue pointer 'offset' bytes 5370 * from the start of the control portion of the message. 5371 */ 5372 *((t_uscalar_t *)(mp->b_rptr + 5373 STRUCT_FGET(strfdinsert, offset))) = ival; 5374 5375 /* 5376 * Put message downstream. 5377 */ 5378 stream_willservice(stp); 5379 putnext(stp->sd_wrq, mp); 5380 stream_runservice(stp); 5381 releasef(STRUCT_FGET(strfdinsert, fildes)); 5382 return (error); 5383 } 5384 5385 case I_SENDFD: 5386 { 5387 struct file *fp; 5388 5389 if ((fp = getf((int)arg)) == NULL) 5390 return (EBADF); 5391 error = do_sendfp(stp, fp, crp); 5392 if (audit_active) { 5393 audit_fdsend((int)arg, fp, error); 5394 } 5395 releasef((int)arg); 5396 return (error); 5397 } 5398 5399 case I_RECVFD: 5400 case I_E_RECVFD: 5401 { 5402 struct k_strrecvfd *srf; 5403 int i, fd; 5404 5405 mutex_enter(&stp->sd_lock); 5406 while (!(mp = getq(rdq))) { 5407 if (stp->sd_flag & (STRHUP|STREOF)) { 5408 mutex_exit(&stp->sd_lock); 5409 return (ENXIO); 5410 } 5411 if ((error = strwaitq(stp, GETWAIT, (ssize_t)0, 5412 flag, -1, &done)) != 0 || done) { 5413 mutex_exit(&stp->sd_lock); 5414 return (error); 5415 } 5416 if ((error = i_straccess(stp, access)) != 0) { 5417 mutex_exit(&stp->sd_lock); 5418 return (error); 5419 } 5420 } 5421 if (mp->b_datap->db_type != M_PASSFP) { 5422 putback(stp, rdq, mp, mp->b_band); 5423 mutex_exit(&stp->sd_lock); 5424 return (EBADMSG); 5425 } 5426 mutex_exit(&stp->sd_lock); 5427 5428 srf = (struct k_strrecvfd *)mp->b_rptr; 5429 if ((fd = ufalloc(0)) == -1) { 5430 mutex_enter(&stp->sd_lock); 5431 putback(stp, rdq, mp, mp->b_band); 5432 mutex_exit(&stp->sd_lock); 5433 return (EMFILE); 5434 } 5435 if (cmd == I_RECVFD) { 5436 struct o_strrecvfd ostrfd; 5437 5438 /* check to see if uid/gid values are too large. */ 5439 5440 if (srf->uid > (o_uid_t)USHRT_MAX || 5441 srf->gid > (o_gid_t)USHRT_MAX) { 5442 mutex_enter(&stp->sd_lock); 5443 putback(stp, rdq, mp, mp->b_band); 5444 mutex_exit(&stp->sd_lock); 5445 setf(fd, NULL); /* release fd entry */ 5446 return (EOVERFLOW); 5447 } 5448 5449 ostrfd.fd = fd; 5450 ostrfd.uid = (o_uid_t)srf->uid; 5451 ostrfd.gid = (o_gid_t)srf->gid; 5452 5453 /* Null the filler bits */ 5454 for (i = 0; i < 8; i++) 5455 ostrfd.fill[i] = 0; 5456 5457 error = strcopyout(&ostrfd, (void *)arg, 5458 sizeof (struct o_strrecvfd), copyflag); 5459 } else { /* I_E_RECVFD */ 5460 struct strrecvfd strfd; 5461 5462 strfd.fd = fd; 5463 strfd.uid = srf->uid; 5464 strfd.gid = srf->gid; 5465 5466 /* null the filler bits */ 5467 for (i = 0; i < 8; i++) 5468 strfd.fill[i] = 0; 5469 5470 error = strcopyout(&strfd, (void *)arg, 5471 sizeof (struct strrecvfd), copyflag); 5472 } 5473 5474 if (error) { 5475 setf(fd, NULL); /* release fd entry */ 5476 mutex_enter(&stp->sd_lock); 5477 putback(stp, rdq, mp, mp->b_band); 5478 mutex_exit(&stp->sd_lock); 5479 return (error); 5480 } 5481 if (audit_active) { 5482 audit_fdrecv(fd, srf->fp); 5483 } 5484 5485 /* 5486 * Always increment f_count since the freemsg() below will 5487 * always call free_passfp() which performs a closef(). 5488 */ 5489 mutex_enter(&srf->fp->f_tlock); 5490 srf->fp->f_count++; 5491 mutex_exit(&srf->fp->f_tlock); 5492 setf(fd, srf->fp); 5493 freemsg(mp); 5494 return (0); 5495 } 5496 5497 case I_SWROPT: 5498 /* 5499 * Set/clear the write options. arg is a bit 5500 * mask with any of the following bits set... 5501 * SNDZERO - send zero length message 5502 * SNDPIPE - send sigpipe to process if 5503 * sd_werror is set and process is 5504 * doing a write or putmsg. 5505 * The new stream head write options should reflect 5506 * what is in arg. 5507 */ 5508 if (arg & ~(SNDZERO|SNDPIPE)) 5509 return (EINVAL); 5510 5511 mutex_enter(&stp->sd_lock); 5512 stp->sd_wput_opt &= ~(SW_SIGPIPE|SW_SNDZERO); 5513 if (arg & SNDZERO) 5514 stp->sd_wput_opt |= SW_SNDZERO; 5515 if (arg & SNDPIPE) 5516 stp->sd_wput_opt |= SW_SIGPIPE; 5517 mutex_exit(&stp->sd_lock); 5518 return (0); 5519 5520 case I_GWROPT: 5521 { 5522 int wropt = 0; 5523 5524 if (stp->sd_wput_opt & SW_SNDZERO) 5525 wropt |= SNDZERO; 5526 if (stp->sd_wput_opt & SW_SIGPIPE) 5527 wropt |= SNDPIPE; 5528 return (strcopyout(&wropt, (void *)arg, sizeof (wropt), 5529 copyflag)); 5530 } 5531 5532 case I_LIST: 5533 /* 5534 * Returns all the modules found on this stream, 5535 * upto the driver. If argument is NULL, return the 5536 * number of modules (including driver). If argument 5537 * is not NULL, copy the names into the structure 5538 * provided. 5539 */ 5540 5541 { 5542 queue_t *q; 5543 int num_modules, space_allocated; 5544 STRUCT_DECL(str_list, strlist); 5545 struct str_mlist *mlist_ptr; 5546 5547 if (arg == NULL) { /* Return number of modules plus driver */ 5548 q = stp->sd_wrq; 5549 if (stp->sd_vnode->v_type == VFIFO) { 5550 *rvalp = stp->sd_pushcnt; 5551 } else { 5552 *rvalp = stp->sd_pushcnt + 1; 5553 } 5554 } else { 5555 STRUCT_INIT(strlist, flag); 5556 5557 error = strcopyin((void *)arg, STRUCT_BUF(strlist), 5558 STRUCT_SIZE(strlist), copyflag); 5559 if (error) 5560 return (error); 5561 5562 space_allocated = STRUCT_FGET(strlist, sl_nmods); 5563 if ((space_allocated) <= 0) 5564 return (EINVAL); 5565 claimstr(stp->sd_wrq); 5566 q = stp->sd_wrq; 5567 num_modules = 0; 5568 while (_SAMESTR(q) && (space_allocated != 0)) { 5569 char *name = 5570 q->q_next->q_qinfo->qi_minfo->mi_idname; 5571 5572 mlist_ptr = STRUCT_FGETP(strlist, sl_modlist); 5573 5574 error = strcopyout(name, mlist_ptr, 5575 strlen(name) + 1, copyflag); 5576 5577 if (error) { 5578 releasestr(stp->sd_wrq); 5579 return (error); 5580 } 5581 q = q->q_next; 5582 space_allocated--; 5583 num_modules++; 5584 mlist_ptr = 5585 (struct str_mlist *)((uintptr_t)mlist_ptr + 5586 sizeof (struct str_mlist)); 5587 STRUCT_FSETP(strlist, sl_modlist, mlist_ptr); 5588 } 5589 releasestr(stp->sd_wrq); 5590 error = strcopyout(&num_modules, (void *)arg, 5591 sizeof (int), copyflag); 5592 } 5593 return (error); 5594 } 5595 5596 case I_CKBAND: 5597 { 5598 queue_t *q; 5599 qband_t *qbp; 5600 5601 if ((arg < 0) || (arg >= NBAND)) 5602 return (EINVAL); 5603 q = _RD(stp->sd_wrq); 5604 mutex_enter(QLOCK(q)); 5605 if (arg > (int)q->q_nband) { 5606 *rvalp = 0; 5607 } else { 5608 if (arg == 0) { 5609 if (q->q_first) 5610 *rvalp = 1; 5611 else 5612 *rvalp = 0; 5613 } else { 5614 qbp = q->q_bandp; 5615 while (--arg > 0) 5616 qbp = qbp->qb_next; 5617 if (qbp->qb_first) 5618 *rvalp = 1; 5619 else 5620 *rvalp = 0; 5621 } 5622 } 5623 mutex_exit(QLOCK(q)); 5624 return (0); 5625 } 5626 5627 case I_GETBAND: 5628 { 5629 int intpri; 5630 queue_t *q; 5631 5632 q = _RD(stp->sd_wrq); 5633 mutex_enter(QLOCK(q)); 5634 mp = q->q_first; 5635 if (!mp) { 5636 mutex_exit(QLOCK(q)); 5637 return (ENODATA); 5638 } 5639 intpri = (int)mp->b_band; 5640 error = strcopyout(&intpri, (void *)arg, sizeof (int), 5641 copyflag); 5642 mutex_exit(QLOCK(q)); 5643 return (error); 5644 } 5645 5646 case I_ATMARK: 5647 { 5648 queue_t *q; 5649 5650 if (arg & ~(ANYMARK|LASTMARK)) 5651 return (EINVAL); 5652 q = _RD(stp->sd_wrq); 5653 mutex_enter(&stp->sd_lock); 5654 if ((stp->sd_flag & STRATMARK) && (arg == ANYMARK)) { 5655 *rvalp = 1; 5656 } else { 5657 mutex_enter(QLOCK(q)); 5658 mp = q->q_first; 5659 5660 if (mp == NULL) 5661 *rvalp = 0; 5662 else if ((arg == ANYMARK) && (mp->b_flag & MSGMARK)) 5663 *rvalp = 1; 5664 else if ((arg == LASTMARK) && (mp == stp->sd_mark)) 5665 *rvalp = 1; 5666 else 5667 *rvalp = 0; 5668 mutex_exit(QLOCK(q)); 5669 } 5670 mutex_exit(&stp->sd_lock); 5671 return (0); 5672 } 5673 5674 case I_CANPUT: 5675 { 5676 char band; 5677 5678 if ((arg < 0) || (arg >= NBAND)) 5679 return (EINVAL); 5680 band = (char)arg; 5681 *rvalp = bcanputnext(stp->sd_wrq, band); 5682 return (0); 5683 } 5684 5685 case I_SETCLTIME: 5686 { 5687 int closetime; 5688 5689 error = strcopyin((void *)arg, &closetime, sizeof (int), 5690 copyflag); 5691 if (error) 5692 return (error); 5693 if (closetime < 0) 5694 return (EINVAL); 5695 5696 stp->sd_closetime = closetime; 5697 return (0); 5698 } 5699 5700 case I_GETCLTIME: 5701 { 5702 int closetime; 5703 5704 closetime = stp->sd_closetime; 5705 return (strcopyout(&closetime, (void *)arg, sizeof (int), 5706 copyflag)); 5707 } 5708 5709 case TIOCGSID: 5710 { 5711 pid_t sid; 5712 5713 mutex_enter(&stp->sd_lock); 5714 if (stp->sd_sidp == NULL) { 5715 mutex_exit(&stp->sd_lock); 5716 return (ENOTTY); 5717 } 5718 sid = stp->sd_sidp->pid_id; 5719 mutex_exit(&stp->sd_lock); 5720 return (strcopyout(&sid, (void *)arg, sizeof (pid_t), 5721 copyflag)); 5722 } 5723 5724 case TIOCSPGRP: 5725 { 5726 pid_t pgrp; 5727 proc_t *q; 5728 pid_t sid, fg_pgid, bg_pgid; 5729 5730 if (error = strcopyin((void *)arg, &pgrp, sizeof (pid_t), 5731 copyflag)) 5732 return (error); 5733 mutex_enter(&stp->sd_lock); 5734 mutex_enter(&pidlock); 5735 if (stp->sd_sidp != ttoproc(curthread)->p_sessp->s_sidp) { 5736 mutex_exit(&pidlock); 5737 mutex_exit(&stp->sd_lock); 5738 return (ENOTTY); 5739 } 5740 if (pgrp == stp->sd_pgidp->pid_id) { 5741 mutex_exit(&pidlock); 5742 mutex_exit(&stp->sd_lock); 5743 return (0); 5744 } 5745 if (pgrp <= 0 || pgrp >= maxpid) { 5746 mutex_exit(&pidlock); 5747 mutex_exit(&stp->sd_lock); 5748 return (EINVAL); 5749 } 5750 if ((q = pgfind(pgrp)) == NULL || 5751 q->p_sessp != ttoproc(curthread)->p_sessp) { 5752 mutex_exit(&pidlock); 5753 mutex_exit(&stp->sd_lock); 5754 return (EPERM); 5755 } 5756 sid = stp->sd_sidp->pid_id; 5757 fg_pgid = q->p_pgrp; 5758 bg_pgid = stp->sd_pgidp->pid_id; 5759 CL_SET_PROCESS_GROUP(curthread, sid, bg_pgid, fg_pgid); 5760 PID_RELE(stp->sd_pgidp); 5761 ctty_clear_sighuped(); 5762 stp->sd_pgidp = q->p_pgidp; 5763 PID_HOLD(stp->sd_pgidp); 5764 mutex_exit(&pidlock); 5765 mutex_exit(&stp->sd_lock); 5766 return (0); 5767 } 5768 5769 case TIOCGPGRP: 5770 { 5771 pid_t pgrp; 5772 5773 mutex_enter(&stp->sd_lock); 5774 if (stp->sd_sidp == NULL) { 5775 mutex_exit(&stp->sd_lock); 5776 return (ENOTTY); 5777 } 5778 pgrp = stp->sd_pgidp->pid_id; 5779 mutex_exit(&stp->sd_lock); 5780 return (strcopyout(&pgrp, (void *)arg, sizeof (pid_t), 5781 copyflag)); 5782 } 5783 5784 case TIOCSCTTY: 5785 { 5786 return (strctty(stp)); 5787 } 5788 5789 case TIOCNOTTY: 5790 { 5791 /* freectty() always assumes curproc. */ 5792 if (freectty(B_FALSE) != 0) 5793 return (0); 5794 return (ENOTTY); 5795 } 5796 5797 case FIONBIO: 5798 case FIOASYNC: 5799 return (0); /* handled by the upper layer */ 5800 } 5801 } 5802 5803 /* 5804 * Custom free routine used for M_PASSFP messages. 5805 */ 5806 static void 5807 free_passfp(struct k_strrecvfd *srf) 5808 { 5809 (void) closef(srf->fp); 5810 kmem_free(srf, sizeof (struct k_strrecvfd) + sizeof (frtn_t)); 5811 } 5812 5813 /* ARGSUSED */ 5814 int 5815 do_sendfp(struct stdata *stp, struct file *fp, struct cred *cr) 5816 { 5817 queue_t *qp, *nextqp; 5818 struct k_strrecvfd *srf; 5819 mblk_t *mp; 5820 frtn_t *frtnp; 5821 size_t bufsize; 5822 queue_t *mate = NULL; 5823 syncq_t *sq = NULL; 5824 int retval = 0; 5825 5826 if (stp->sd_flag & STRHUP) 5827 return (ENXIO); 5828 5829 claimstr(stp->sd_wrq); 5830 5831 /* Fastpath, we have a pipe, and we are already mated, use it. */ 5832 if (STRMATED(stp)) { 5833 qp = _RD(stp->sd_mate->sd_wrq); 5834 claimstr(qp); 5835 mate = qp; 5836 } else { /* Not already mated. */ 5837 5838 /* 5839 * Walk the stream to the end of this one. 5840 * assumes that the claimstr() will prevent 5841 * plumbing between the stream head and the 5842 * driver from changing 5843 */ 5844 qp = stp->sd_wrq; 5845 5846 /* 5847 * Loop until we reach the end of this stream. 5848 * On completion, qp points to the write queue 5849 * at the end of the stream, or the read queue 5850 * at the stream head if this is a fifo. 5851 */ 5852 while (((qp = qp->q_next) != NULL) && _SAMESTR(qp)) 5853 ; 5854 5855 /* 5856 * Just in case we get a q_next which is NULL, but 5857 * not at the end of the stream. This is actually 5858 * broken, so we set an assert to catch it in 5859 * debug, and set an error and return if not debug. 5860 */ 5861 ASSERT(qp); 5862 if (qp == NULL) { 5863 releasestr(stp->sd_wrq); 5864 return (EINVAL); 5865 } 5866 5867 /* 5868 * Enter the syncq for the driver, so (hopefully) 5869 * the queue values will not change on us. 5870 * XXXX - This will only prevent the race IFF only 5871 * the write side modifies the q_next member, and 5872 * the put procedure is protected by at least 5873 * MT_PERQ. 5874 */ 5875 if ((sq = qp->q_syncq) != NULL) 5876 entersq(sq, SQ_PUT); 5877 5878 /* Now get the q_next value from this qp. */ 5879 nextqp = qp->q_next; 5880 5881 /* 5882 * If nextqp exists and the other stream is different 5883 * from this one claim the stream, set the mate, and 5884 * get the read queue at the stream head of the other 5885 * stream. Assumes that nextqp was at least valid when 5886 * we got it. Hopefully the entersq of the driver 5887 * will prevent it from changing on us. 5888 */ 5889 if ((nextqp != NULL) && (STREAM(nextqp) != stp)) { 5890 ASSERT(qp->q_qinfo->qi_srvp); 5891 ASSERT(_OTHERQ(qp)->q_qinfo->qi_srvp); 5892 ASSERT(_OTHERQ(qp->q_next)->q_qinfo->qi_srvp); 5893 claimstr(nextqp); 5894 5895 /* Make sure we still have a q_next */ 5896 if (nextqp != qp->q_next) { 5897 releasestr(stp->sd_wrq); 5898 releasestr(nextqp); 5899 return (EINVAL); 5900 } 5901 5902 qp = _RD(STREAM(nextqp)->sd_wrq); 5903 mate = qp; 5904 } 5905 /* If we entered the synq above, leave it. */ 5906 if (sq != NULL) 5907 leavesq(sq, SQ_PUT); 5908 } /* STRMATED(STP) */ 5909 5910 /* XXX prevents substitution of the ops vector */ 5911 if (qp->q_qinfo != &strdata && qp->q_qinfo != &fifo_strdata) { 5912 retval = EINVAL; 5913 goto out; 5914 } 5915 5916 if (qp->q_flag & QFULL) { 5917 retval = EAGAIN; 5918 goto out; 5919 } 5920 5921 /* 5922 * Since M_PASSFP messages include a file descriptor, we use 5923 * esballoc() and specify a custom free routine (free_passfp()) that 5924 * will close the descriptor as part of freeing the message. For 5925 * convenience, we stash the frtn_t right after the data block. 5926 */ 5927 bufsize = sizeof (struct k_strrecvfd) + sizeof (frtn_t); 5928 srf = kmem_alloc(bufsize, KM_NOSLEEP); 5929 if (srf == NULL) { 5930 retval = EAGAIN; 5931 goto out; 5932 } 5933 5934 frtnp = (frtn_t *)(srf + 1); 5935 frtnp->free_arg = (caddr_t)srf; 5936 frtnp->free_func = free_passfp; 5937 5938 mp = esballoc((uchar_t *)srf, bufsize, BPRI_MED, frtnp); 5939 if (mp == NULL) { 5940 kmem_free(srf, bufsize); 5941 retval = EAGAIN; 5942 goto out; 5943 } 5944 mp->b_wptr += sizeof (struct k_strrecvfd); 5945 mp->b_datap->db_type = M_PASSFP; 5946 5947 srf->fp = fp; 5948 srf->uid = crgetuid(curthread->t_cred); 5949 srf->gid = crgetgid(curthread->t_cred); 5950 mutex_enter(&fp->f_tlock); 5951 fp->f_count++; 5952 mutex_exit(&fp->f_tlock); 5953 5954 put(qp, mp); 5955 out: 5956 releasestr(stp->sd_wrq); 5957 if (mate) 5958 releasestr(mate); 5959 return (retval); 5960 } 5961 5962 /* 5963 * Send an ioctl message downstream and wait for acknowledgement. 5964 * flags may be set to either U_TO_K or K_TO_K and a combination 5965 * of STR_NOERROR or STR_NOSIG 5966 * STR_NOSIG: Signals are essentially ignored or held and have 5967 * no effect for the duration of the call. 5968 * STR_NOERROR: Ignores stream head read, write and hup errors. 5969 * Additionally, if an existing ioctl times out, it is assumed 5970 * lost and and this ioctl will continue as if the previous ioctl had 5971 * finished. ETIME may be returned if this ioctl times out (i.e. 5972 * ic_timout is not INFTIM). Non-stream head errors may be returned if 5973 * the ioc_error indicates that the driver/module had problems, 5974 * an EFAULT was found when accessing user data, a lack of 5975 * resources, etc. 5976 */ 5977 int 5978 strdoioctl( 5979 struct stdata *stp, 5980 struct strioctl *strioc, 5981 int fflags, /* file flags with model info */ 5982 int flag, 5983 cred_t *crp, 5984 int *rvalp) 5985 { 5986 mblk_t *bp; 5987 struct iocblk *iocbp; 5988 struct copyreq *reqp; 5989 struct copyresp *resp; 5990 int id; 5991 int transparent = 0; 5992 int error = 0; 5993 int len = 0; 5994 caddr_t taddr; 5995 int copyflag = (flag & (U_TO_K | K_TO_K)); 5996 int sigflag = (flag & STR_NOSIG); 5997 int errs; 5998 uint_t waitflags; 5999 6000 ASSERT(copyflag == U_TO_K || copyflag == K_TO_K); 6001 ASSERT((fflags & FMODELS) != 0); 6002 6003 TRACE_2(TR_FAC_STREAMS_FR, 6004 TR_STRDOIOCTL, 6005 "strdoioctl:stp %p strioc %p", stp, strioc); 6006 if (strioc->ic_len == TRANSPARENT) { /* send arg in M_DATA block */ 6007 transparent = 1; 6008 strioc->ic_len = sizeof (intptr_t); 6009 } 6010 6011 if (strioc->ic_len < 0 || (strmsgsz > 0 && strioc->ic_len > strmsgsz)) 6012 return (EINVAL); 6013 6014 if ((bp = allocb_cred_wait(sizeof (union ioctypes), sigflag, &error, 6015 crp)) == NULL) 6016 return (error); 6017 6018 bzero(bp->b_wptr, sizeof (union ioctypes)); 6019 6020 iocbp = (struct iocblk *)bp->b_wptr; 6021 iocbp->ioc_count = strioc->ic_len; 6022 iocbp->ioc_cmd = strioc->ic_cmd; 6023 iocbp->ioc_flag = (fflags & FMODELS); 6024 6025 crhold(crp); 6026 iocbp->ioc_cr = crp; 6027 DB_TYPE(bp) = M_IOCTL; 6028 DB_CPID(bp) = curproc->p_pid; 6029 bp->b_wptr += sizeof (struct iocblk); 6030 6031 if (flag & STR_NOERROR) 6032 errs = STPLEX; 6033 else 6034 errs = STRHUP|STRDERR|STWRERR|STPLEX; 6035 6036 /* 6037 * If there is data to copy into ioctl block, do so. 6038 */ 6039 if (iocbp->ioc_count > 0) { 6040 if (transparent) 6041 /* 6042 * Note: STR_NOERROR does not have an effect 6043 * in putiocd() 6044 */ 6045 id = K_TO_K | sigflag; 6046 else 6047 id = flag; 6048 if ((error = putiocd(bp, strioc->ic_dp, id, crp)) != 0) { 6049 freemsg(bp); 6050 crfree(crp); 6051 return (error); 6052 } 6053 6054 /* 6055 * We could have slept copying in user pages. 6056 * Recheck the stream head state (the other end 6057 * of a pipe could have gone away). 6058 */ 6059 if (stp->sd_flag & errs) { 6060 mutex_enter(&stp->sd_lock); 6061 error = strgeterr(stp, errs, 0); 6062 mutex_exit(&stp->sd_lock); 6063 if (error != 0) { 6064 freemsg(bp); 6065 crfree(crp); 6066 return (error); 6067 } 6068 } 6069 } 6070 if (transparent) 6071 iocbp->ioc_count = TRANSPARENT; 6072 6073 /* 6074 * Block for up to STRTIMOUT milliseconds if there is an outstanding 6075 * ioctl for this stream already running. All processes 6076 * sleeping here will be awakened as a result of an ACK 6077 * or NAK being received for the outstanding ioctl, or 6078 * as a result of the timer expiring on the outstanding 6079 * ioctl (a failure), or as a result of any waiting 6080 * process's timer expiring (also a failure). 6081 */ 6082 6083 error = 0; 6084 mutex_enter(&stp->sd_lock); 6085 while (stp->sd_flag & (IOCWAIT | IOCWAITNE)) { 6086 clock_t cv_rval; 6087 6088 TRACE_0(TR_FAC_STREAMS_FR, 6089 TR_STRDOIOCTL_WAIT, 6090 "strdoioctl sleeps - IOCWAIT"); 6091 cv_rval = str_cv_wait(&stp->sd_iocmonitor, &stp->sd_lock, 6092 STRTIMOUT, sigflag); 6093 if (cv_rval <= 0) { 6094 if (cv_rval == 0) { 6095 error = EINTR; 6096 } else { 6097 if (flag & STR_NOERROR) { 6098 /* 6099 * Terminating current ioctl in 6100 * progress -- assume it got lost and 6101 * wake up the other thread so that the 6102 * operation completes. 6103 */ 6104 if (!(stp->sd_flag & IOCWAITNE)) { 6105 stp->sd_flag |= IOCWAITNE; 6106 cv_broadcast(&stp->sd_monitor); 6107 } 6108 /* 6109 * Otherwise, there's a running 6110 * STR_NOERROR -- we have no choice 6111 * here but to wait forever (or until 6112 * interrupted). 6113 */ 6114 } else { 6115 /* 6116 * pending ioctl has caused 6117 * us to time out 6118 */ 6119 error = ETIME; 6120 } 6121 } 6122 } else if ((stp->sd_flag & errs)) { 6123 error = strgeterr(stp, errs, 0); 6124 } 6125 if (error) { 6126 mutex_exit(&stp->sd_lock); 6127 freemsg(bp); 6128 crfree(crp); 6129 return (error); 6130 } 6131 } 6132 6133 /* 6134 * Have control of ioctl mechanism. 6135 * Send down ioctl packet and wait for response. 6136 */ 6137 if (stp->sd_iocblk != (mblk_t *)-1) { 6138 freemsg(stp->sd_iocblk); 6139 } 6140 stp->sd_iocblk = NULL; 6141 6142 /* 6143 * If this is marked with 'noerror' (internal; mostly 6144 * I_{P,}{UN,}LINK), then make sure nobody else is able to get 6145 * in here by setting IOCWAITNE. 6146 */ 6147 waitflags = IOCWAIT; 6148 if (flag & STR_NOERROR) 6149 waitflags |= IOCWAITNE; 6150 6151 stp->sd_flag |= waitflags; 6152 6153 /* 6154 * Assign sequence number. 6155 */ 6156 iocbp->ioc_id = stp->sd_iocid = getiocseqno(); 6157 6158 mutex_exit(&stp->sd_lock); 6159 6160 TRACE_1(TR_FAC_STREAMS_FR, 6161 TR_STRDOIOCTL_PUT, "strdoioctl put: stp %p", stp); 6162 stream_willservice(stp); 6163 putnext(stp->sd_wrq, bp); 6164 stream_runservice(stp); 6165 6166 /* 6167 * Timed wait for acknowledgment. The wait time is limited by the 6168 * timeout value, which must be a positive integer (number of 6169 * milliseconds) to wait, or 0 (use default value of STRTIMOUT 6170 * milliseconds), or -1 (wait forever). This will be awakened 6171 * either by an ACK/NAK message arriving, the timer expiring, or 6172 * the timer expiring on another ioctl waiting for control of the 6173 * mechanism. 6174 */ 6175 waitioc: 6176 mutex_enter(&stp->sd_lock); 6177 6178 6179 /* 6180 * If the reply has already arrived, don't sleep. If awakened from 6181 * the sleep, fail only if the reply has not arrived by then. 6182 * Otherwise, process the reply. 6183 */ 6184 while (!stp->sd_iocblk) { 6185 clock_t cv_rval; 6186 6187 if (stp->sd_flag & errs) { 6188 error = strgeterr(stp, errs, 0); 6189 if (error != 0) { 6190 stp->sd_flag &= ~waitflags; 6191 cv_broadcast(&stp->sd_iocmonitor); 6192 mutex_exit(&stp->sd_lock); 6193 crfree(crp); 6194 return (error); 6195 } 6196 } 6197 6198 TRACE_0(TR_FAC_STREAMS_FR, 6199 TR_STRDOIOCTL_WAIT2, 6200 "strdoioctl sleeps awaiting reply"); 6201 ASSERT(error == 0); 6202 6203 cv_rval = str_cv_wait(&stp->sd_monitor, &stp->sd_lock, 6204 (strioc->ic_timout ? 6205 strioc->ic_timout * 1000 : STRTIMOUT), sigflag); 6206 6207 /* 6208 * There are four possible cases here: interrupt, timeout, 6209 * wakeup by IOCWAITNE (above), or wakeup by strrput_nondata (a 6210 * valid M_IOCTL reply). 6211 * 6212 * If we've been awakened by a STR_NOERROR ioctl on some other 6213 * thread, then sd_iocblk will still be NULL, and IOCWAITNE 6214 * will be set. Pretend as if we just timed out. Note that 6215 * this other thread waited at least STRTIMOUT before trying to 6216 * awaken our thread, so this is indistinguishable (even for 6217 * INFTIM) from the case where we failed with ETIME waiting on 6218 * IOCWAIT in the prior loop. 6219 */ 6220 if (cv_rval > 0 && !(flag & STR_NOERROR) && 6221 stp->sd_iocblk == NULL && (stp->sd_flag & IOCWAITNE)) { 6222 cv_rval = -1; 6223 } 6224 6225 /* 6226 * note: STR_NOERROR does not protect 6227 * us here.. use ic_timout < 0 6228 */ 6229 if (cv_rval <= 0) { 6230 if (cv_rval == 0) { 6231 error = EINTR; 6232 } else { 6233 error = ETIME; 6234 } 6235 /* 6236 * A message could have come in after we were scheduled 6237 * but before we were actually run. 6238 */ 6239 bp = stp->sd_iocblk; 6240 stp->sd_iocblk = NULL; 6241 if (bp != NULL) { 6242 if ((bp->b_datap->db_type == M_COPYIN) || 6243 (bp->b_datap->db_type == M_COPYOUT)) { 6244 mutex_exit(&stp->sd_lock); 6245 if (bp->b_cont) { 6246 freemsg(bp->b_cont); 6247 bp->b_cont = NULL; 6248 } 6249 bp->b_datap->db_type = M_IOCDATA; 6250 bp->b_wptr = bp->b_rptr + 6251 sizeof (struct copyresp); 6252 resp = (struct copyresp *)bp->b_rptr; 6253 resp->cp_rval = 6254 (caddr_t)1; /* failure */ 6255 stream_willservice(stp); 6256 putnext(stp->sd_wrq, bp); 6257 stream_runservice(stp); 6258 mutex_enter(&stp->sd_lock); 6259 } else { 6260 freemsg(bp); 6261 } 6262 } 6263 stp->sd_flag &= ~waitflags; 6264 cv_broadcast(&stp->sd_iocmonitor); 6265 mutex_exit(&stp->sd_lock); 6266 crfree(crp); 6267 return (error); 6268 } 6269 } 6270 bp = stp->sd_iocblk; 6271 /* 6272 * Note: it is strictly impossible to get here with sd_iocblk set to 6273 * -1. This is because the initial loop above doesn't allow any new 6274 * ioctls into the fray until all others have passed this point. 6275 */ 6276 ASSERT(bp != NULL && bp != (mblk_t *)-1); 6277 TRACE_1(TR_FAC_STREAMS_FR, 6278 TR_STRDOIOCTL_ACK, "strdoioctl got reply: bp %p", bp); 6279 if ((bp->b_datap->db_type == M_IOCACK) || 6280 (bp->b_datap->db_type == M_IOCNAK)) { 6281 /* for detection of duplicate ioctl replies */ 6282 stp->sd_iocblk = (mblk_t *)-1; 6283 stp->sd_flag &= ~waitflags; 6284 cv_broadcast(&stp->sd_iocmonitor); 6285 mutex_exit(&stp->sd_lock); 6286 } else { 6287 /* 6288 * flags not cleared here because we're still doing 6289 * copy in/out for ioctl. 6290 */ 6291 stp->sd_iocblk = NULL; 6292 mutex_exit(&stp->sd_lock); 6293 } 6294 6295 6296 /* 6297 * Have received acknowledgment. 6298 */ 6299 6300 switch (bp->b_datap->db_type) { 6301 case M_IOCACK: 6302 /* 6303 * Positive ack. 6304 */ 6305 iocbp = (struct iocblk *)bp->b_rptr; 6306 6307 /* 6308 * Set error if indicated. 6309 */ 6310 if (iocbp->ioc_error) { 6311 error = iocbp->ioc_error; 6312 break; 6313 } 6314 6315 /* 6316 * Set return value. 6317 */ 6318 *rvalp = iocbp->ioc_rval; 6319 6320 /* 6321 * Data may have been returned in ACK message (ioc_count > 0). 6322 * If so, copy it out to the user's buffer. 6323 */ 6324 if (iocbp->ioc_count && !transparent) { 6325 if (error = getiocd(bp, strioc->ic_dp, copyflag)) 6326 break; 6327 } 6328 if (!transparent) { 6329 if (len) /* an M_COPYOUT was used with I_STR */ 6330 strioc->ic_len = len; 6331 else 6332 strioc->ic_len = (int)iocbp->ioc_count; 6333 } 6334 break; 6335 6336 case M_IOCNAK: 6337 /* 6338 * Negative ack. 6339 * 6340 * The only thing to do is set error as specified 6341 * in neg ack packet. 6342 */ 6343 iocbp = (struct iocblk *)bp->b_rptr; 6344 6345 error = (iocbp->ioc_error ? iocbp->ioc_error : EINVAL); 6346 break; 6347 6348 case M_COPYIN: 6349 /* 6350 * Driver or module has requested user ioctl data. 6351 */ 6352 reqp = (struct copyreq *)bp->b_rptr; 6353 6354 /* 6355 * M_COPYIN should *never* have a message attached, though 6356 * it's harmless if it does -- thus, panic on a DEBUG 6357 * kernel and just free it on a non-DEBUG build. 6358 */ 6359 ASSERT(bp->b_cont == NULL); 6360 if (bp->b_cont != NULL) { 6361 freemsg(bp->b_cont); 6362 bp->b_cont = NULL; 6363 } 6364 6365 error = putiocd(bp, reqp->cq_addr, flag, crp); 6366 if (error && bp->b_cont) { 6367 freemsg(bp->b_cont); 6368 bp->b_cont = NULL; 6369 } 6370 6371 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 6372 bp->b_datap->db_type = M_IOCDATA; 6373 6374 mblk_setcred(bp, crp); 6375 DB_CPID(bp) = curproc->p_pid; 6376 resp = (struct copyresp *)bp->b_rptr; 6377 resp->cp_rval = (caddr_t)(uintptr_t)error; 6378 resp->cp_flag = (fflags & FMODELS); 6379 6380 stream_willservice(stp); 6381 putnext(stp->sd_wrq, bp); 6382 stream_runservice(stp); 6383 6384 if (error) { 6385 mutex_enter(&stp->sd_lock); 6386 stp->sd_flag &= ~waitflags; 6387 cv_broadcast(&stp->sd_iocmonitor); 6388 mutex_exit(&stp->sd_lock); 6389 crfree(crp); 6390 return (error); 6391 } 6392 6393 goto waitioc; 6394 6395 case M_COPYOUT: 6396 /* 6397 * Driver or module has ioctl data for a user. 6398 */ 6399 reqp = (struct copyreq *)bp->b_rptr; 6400 ASSERT(bp->b_cont != NULL); 6401 6402 /* 6403 * Always (transparent or non-transparent ) 6404 * use the address specified in the request 6405 */ 6406 taddr = reqp->cq_addr; 6407 if (!transparent) 6408 len = (int)reqp->cq_size; 6409 6410 /* copyout data to the provided address */ 6411 error = getiocd(bp, taddr, copyflag); 6412 6413 freemsg(bp->b_cont); 6414 bp->b_cont = NULL; 6415 6416 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 6417 bp->b_datap->db_type = M_IOCDATA; 6418 6419 mblk_setcred(bp, crp); 6420 DB_CPID(bp) = curproc->p_pid; 6421 resp = (struct copyresp *)bp->b_rptr; 6422 resp->cp_rval = (caddr_t)(uintptr_t)error; 6423 resp->cp_flag = (fflags & FMODELS); 6424 6425 stream_willservice(stp); 6426 putnext(stp->sd_wrq, bp); 6427 stream_runservice(stp); 6428 6429 if (error) { 6430 mutex_enter(&stp->sd_lock); 6431 stp->sd_flag &= ~waitflags; 6432 cv_broadcast(&stp->sd_iocmonitor); 6433 mutex_exit(&stp->sd_lock); 6434 crfree(crp); 6435 return (error); 6436 } 6437 goto waitioc; 6438 6439 default: 6440 ASSERT(0); 6441 mutex_enter(&stp->sd_lock); 6442 stp->sd_flag &= ~waitflags; 6443 cv_broadcast(&stp->sd_iocmonitor); 6444 mutex_exit(&stp->sd_lock); 6445 break; 6446 } 6447 6448 freemsg(bp); 6449 crfree(crp); 6450 return (error); 6451 } 6452 6453 /* 6454 * Send an M_CMD message downstream and wait for a reply. This is a ptools 6455 * special used to retrieve information from modules/drivers a stream without 6456 * being subjected to flow control or interfering with pending messages on the 6457 * stream (e.g. an ioctl in flight). 6458 */ 6459 int 6460 strdocmd(struct stdata *stp, struct strcmd *scp, cred_t *crp) 6461 { 6462 mblk_t *mp; 6463 struct cmdblk *cmdp; 6464 int error = 0; 6465 int errs = STRHUP|STRDERR|STWRERR|STPLEX; 6466 clock_t rval, timeout = STRTIMOUT; 6467 6468 if (scp->sc_len < 0 || scp->sc_len > sizeof (scp->sc_buf) || 6469 scp->sc_timeout < -1) 6470 return (EINVAL); 6471 6472 if (scp->sc_timeout > 0) 6473 timeout = scp->sc_timeout * MILLISEC; 6474 6475 if ((mp = allocb_cred(sizeof (struct cmdblk), crp)) == NULL) 6476 return (ENOMEM); 6477 6478 crhold(crp); 6479 6480 cmdp = (struct cmdblk *)mp->b_wptr; 6481 cmdp->cb_cr = crp; 6482 cmdp->cb_cmd = scp->sc_cmd; 6483 cmdp->cb_len = scp->sc_len; 6484 cmdp->cb_error = 0; 6485 mp->b_wptr += sizeof (struct cmdblk); 6486 6487 DB_TYPE(mp) = M_CMD; 6488 DB_CPID(mp) = curproc->p_pid; 6489 6490 /* 6491 * Copy in the payload. 6492 */ 6493 if (cmdp->cb_len > 0) { 6494 mp->b_cont = allocb_cred(sizeof (scp->sc_buf), crp); 6495 if (mp->b_cont == NULL) { 6496 error = ENOMEM; 6497 goto out; 6498 } 6499 6500 /* cb_len comes from sc_len, which has already been checked */ 6501 ASSERT(cmdp->cb_len <= sizeof (scp->sc_buf)); 6502 (void) bcopy(scp->sc_buf, mp->b_cont->b_wptr, cmdp->cb_len); 6503 mp->b_cont->b_wptr += cmdp->cb_len; 6504 DB_CPID(mp->b_cont) = curproc->p_pid; 6505 } 6506 6507 /* 6508 * Since this mechanism is strictly for ptools, and since only one 6509 * process can be grabbed at a time, we simply fail if there's 6510 * currently an operation pending. 6511 */ 6512 mutex_enter(&stp->sd_lock); 6513 if (stp->sd_flag & STRCMDWAIT) { 6514 mutex_exit(&stp->sd_lock); 6515 error = EBUSY; 6516 goto out; 6517 } 6518 stp->sd_flag |= STRCMDWAIT; 6519 ASSERT(stp->sd_cmdblk == NULL); 6520 mutex_exit(&stp->sd_lock); 6521 6522 putnext(stp->sd_wrq, mp); 6523 mp = NULL; 6524 6525 /* 6526 * Timed wait for acknowledgment. If the reply has already arrived, 6527 * don't sleep. If awakened from the sleep, fail only if the reply 6528 * has not arrived by then. Otherwise, process the reply. 6529 */ 6530 mutex_enter(&stp->sd_lock); 6531 while (stp->sd_cmdblk == NULL) { 6532 if (stp->sd_flag & errs) { 6533 if ((error = strgeterr(stp, errs, 0)) != 0) 6534 goto waitout; 6535 } 6536 6537 rval = str_cv_wait(&stp->sd_monitor, &stp->sd_lock, timeout, 0); 6538 if (stp->sd_cmdblk != NULL) 6539 break; 6540 6541 if (rval <= 0) { 6542 error = (rval == 0) ? EINTR : ETIME; 6543 goto waitout; 6544 } 6545 } 6546 6547 /* 6548 * We received a reply. 6549 */ 6550 mp = stp->sd_cmdblk; 6551 stp->sd_cmdblk = NULL; 6552 ASSERT(mp != NULL && DB_TYPE(mp) == M_CMD); 6553 ASSERT(stp->sd_flag & STRCMDWAIT); 6554 stp->sd_flag &= ~STRCMDWAIT; 6555 mutex_exit(&stp->sd_lock); 6556 6557 cmdp = (struct cmdblk *)mp->b_rptr; 6558 if ((error = cmdp->cb_error) != 0) 6559 goto out; 6560 6561 /* 6562 * Data may have been returned in the reply (cb_len > 0). 6563 * If so, copy it out to the user's buffer. 6564 */ 6565 if (cmdp->cb_len > 0) { 6566 if (mp->b_cont == NULL || MBLKL(mp->b_cont) < cmdp->cb_len) { 6567 error = EPROTO; 6568 goto out; 6569 } 6570 6571 cmdp->cb_len = MIN(cmdp->cb_len, sizeof (scp->sc_buf)); 6572 (void) bcopy(mp->b_cont->b_rptr, scp->sc_buf, cmdp->cb_len); 6573 } 6574 scp->sc_len = cmdp->cb_len; 6575 out: 6576 freemsg(mp); 6577 crfree(crp); 6578 return (error); 6579 waitout: 6580 ASSERT(stp->sd_cmdblk == NULL); 6581 stp->sd_flag &= ~STRCMDWAIT; 6582 mutex_exit(&stp->sd_lock); 6583 crfree(crp); 6584 return (error); 6585 } 6586 6587 /* 6588 * For the SunOS keyboard driver. 6589 * Return the next available "ioctl" sequence number. 6590 * Exported, so that streams modules can send "ioctl" messages 6591 * downstream from their open routine. 6592 */ 6593 int 6594 getiocseqno(void) 6595 { 6596 int i; 6597 6598 mutex_enter(&strresources); 6599 i = ++ioc_id; 6600 mutex_exit(&strresources); 6601 return (i); 6602 } 6603 6604 /* 6605 * Get the next message from the read queue. If the message is 6606 * priority, STRPRI will have been set by strrput(). This flag 6607 * should be reset only when the entire message at the front of the 6608 * queue as been consumed. 6609 * 6610 * NOTE: strgetmsg and kstrgetmsg have much of the logic in common. 6611 */ 6612 int 6613 strgetmsg( 6614 struct vnode *vp, 6615 struct strbuf *mctl, 6616 struct strbuf *mdata, 6617 unsigned char *prip, 6618 int *flagsp, 6619 int fmode, 6620 rval_t *rvp) 6621 { 6622 struct stdata *stp; 6623 mblk_t *bp, *nbp; 6624 mblk_t *savemp = NULL; 6625 mblk_t *savemptail = NULL; 6626 uint_t old_sd_flag; 6627 int flg; 6628 int more = 0; 6629 int error = 0; 6630 char first = 1; 6631 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 6632 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 6633 unsigned char pri = 0; 6634 queue_t *q; 6635 int pr = 0; /* Partial read successful */ 6636 struct uio uios; 6637 struct uio *uiop = &uios; 6638 struct iovec iovs; 6639 unsigned char type; 6640 6641 TRACE_1(TR_FAC_STREAMS_FR, TR_STRGETMSG_ENTER, 6642 "strgetmsg:%p", vp); 6643 6644 ASSERT(vp->v_stream); 6645 stp = vp->v_stream; 6646 rvp->r_val1 = 0; 6647 6648 mutex_enter(&stp->sd_lock); 6649 6650 if ((error = i_straccess(stp, JCREAD)) != 0) { 6651 mutex_exit(&stp->sd_lock); 6652 return (error); 6653 } 6654 6655 if (stp->sd_flag & (STRDERR|STPLEX)) { 6656 error = strgeterr(stp, STRDERR|STPLEX, 0); 6657 if (error != 0) { 6658 mutex_exit(&stp->sd_lock); 6659 return (error); 6660 } 6661 } 6662 mutex_exit(&stp->sd_lock); 6663 6664 switch (*flagsp) { 6665 case MSG_HIPRI: 6666 if (*prip != 0) 6667 return (EINVAL); 6668 break; 6669 6670 case MSG_ANY: 6671 case MSG_BAND: 6672 break; 6673 6674 default: 6675 return (EINVAL); 6676 } 6677 /* 6678 * Setup uio and iov for data part 6679 */ 6680 iovs.iov_base = mdata->buf; 6681 iovs.iov_len = mdata->maxlen; 6682 uios.uio_iov = &iovs; 6683 uios.uio_iovcnt = 1; 6684 uios.uio_loffset = 0; 6685 uios.uio_segflg = UIO_USERSPACE; 6686 uios.uio_fmode = 0; 6687 uios.uio_extflg = UIO_COPY_CACHED; 6688 uios.uio_resid = mdata->maxlen; 6689 uios.uio_offset = 0; 6690 6691 q = _RD(stp->sd_wrq); 6692 mutex_enter(&stp->sd_lock); 6693 old_sd_flag = stp->sd_flag; 6694 mark = 0; 6695 for (;;) { 6696 int done = 0; 6697 mblk_t *q_first = q->q_first; 6698 6699 /* 6700 * Get the next message of appropriate priority 6701 * from the stream head. If the caller is interested 6702 * in band or hipri messages, then they should already 6703 * be enqueued at the stream head. On the other hand 6704 * if the caller wants normal (band 0) messages, they 6705 * might be deferred in a synchronous stream and they 6706 * will need to be pulled up. 6707 * 6708 * After we have dequeued a message, we might find that 6709 * it was a deferred M_SIG that was enqueued at the 6710 * stream head. It must now be posted as part of the 6711 * read by calling strsignal_nolock(). 6712 * 6713 * Also note that strrput does not enqueue an M_PCSIG, 6714 * and there cannot be more than one hipri message, 6715 * so there was no need to have the M_PCSIG case. 6716 * 6717 * At some time it might be nice to try and wrap the 6718 * functionality of kstrgetmsg() and strgetmsg() into 6719 * a common routine so to reduce the amount of replicated 6720 * code (since they are extremely similar). 6721 */ 6722 if (!(*flagsp & (MSG_HIPRI|MSG_BAND))) { 6723 /* Asking for normal, band0 data */ 6724 bp = strget(stp, q, uiop, first, &error); 6725 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6726 if (bp != NULL) { 6727 ASSERT(!(bp->b_datap->db_flags & DBLK_UIOA)); 6728 if (bp->b_datap->db_type == M_SIG) { 6729 strsignal_nolock(stp, *bp->b_rptr, 6730 (int32_t)bp->b_band); 6731 continue; 6732 } else { 6733 break; 6734 } 6735 } 6736 if (error != 0) { 6737 goto getmout; 6738 } 6739 6740 /* 6741 * We can't depend on the value of STRPRI here because 6742 * the stream head may be in transit. Therefore, we 6743 * must look at the type of the first message to 6744 * determine if a high priority messages is waiting 6745 */ 6746 } else if ((*flagsp & MSG_HIPRI) && q_first != NULL && 6747 q_first->b_datap->db_type >= QPCTL && 6748 (bp = getq_noenab(q)) != NULL) { 6749 /* Asked for HIPRI and got one */ 6750 ASSERT(bp->b_datap->db_type >= QPCTL); 6751 break; 6752 } else if ((*flagsp & MSG_BAND) && q_first != NULL && 6753 ((q_first->b_band >= *prip) || 6754 q_first->b_datap->db_type >= QPCTL) && 6755 (bp = getq_noenab(q)) != NULL) { 6756 /* 6757 * Asked for at least band "prip" and got either at 6758 * least that band or a hipri message. 6759 */ 6760 ASSERT(bp->b_band >= *prip || 6761 bp->b_datap->db_type >= QPCTL); 6762 if (bp->b_datap->db_type == M_SIG) { 6763 strsignal_nolock(stp, *bp->b_rptr, 6764 (int32_t)bp->b_band); 6765 continue; 6766 } else { 6767 break; 6768 } 6769 } 6770 6771 /* No data. Time to sleep? */ 6772 qbackenable(q, 0); 6773 6774 /* 6775 * If STRHUP or STREOF, return 0 length control and data. 6776 * If resid is 0, then a read(fd,buf,0) was done. Do not 6777 * sleep to satisfy this request because by default we have 6778 * zero bytes to return. 6779 */ 6780 if ((stp->sd_flag & (STRHUP|STREOF)) || (mctl->maxlen == 0 && 6781 mdata->maxlen == 0)) { 6782 mctl->len = mdata->len = 0; 6783 *flagsp = 0; 6784 mutex_exit(&stp->sd_lock); 6785 return (0); 6786 } 6787 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_WAIT, 6788 "strgetmsg calls strwaitq:%p, %p", 6789 vp, uiop); 6790 if (((error = strwaitq(stp, GETWAIT, (ssize_t)0, fmode, -1, 6791 &done)) != 0) || done) { 6792 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_DONE, 6793 "strgetmsg error or done:%p, %p", 6794 vp, uiop); 6795 mutex_exit(&stp->sd_lock); 6796 return (error); 6797 } 6798 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_AWAKE, 6799 "strgetmsg awakes:%p, %p", vp, uiop); 6800 if ((error = i_straccess(stp, JCREAD)) != 0) { 6801 mutex_exit(&stp->sd_lock); 6802 return (error); 6803 } 6804 first = 0; 6805 } 6806 ASSERT(bp != NULL); 6807 /* 6808 * Extract any mark information. If the message is not completely 6809 * consumed this information will be put in the mblk 6810 * that is putback. 6811 * If MSGMARKNEXT is set and the message is completely consumed 6812 * the STRATMARK flag will be set below. Likewise, if 6813 * MSGNOTMARKNEXT is set and the message is 6814 * completely consumed STRNOTATMARK will be set. 6815 */ 6816 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 6817 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 6818 (MSGMARKNEXT|MSGNOTMARKNEXT)); 6819 if (mark != 0 && bp == stp->sd_mark) { 6820 mark |= _LASTMARK; 6821 stp->sd_mark = NULL; 6822 } 6823 /* 6824 * keep track of the original message type and priority 6825 */ 6826 pri = bp->b_band; 6827 type = bp->b_datap->db_type; 6828 if (type == M_PASSFP) { 6829 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 6830 stp->sd_mark = bp; 6831 bp->b_flag |= mark & ~_LASTMARK; 6832 putback(stp, q, bp, pri); 6833 qbackenable(q, pri); 6834 mutex_exit(&stp->sd_lock); 6835 return (EBADMSG); 6836 } 6837 ASSERT(type != M_SIG); 6838 6839 /* 6840 * Set this flag so strrput will not generate signals. Need to 6841 * make sure this flag is cleared before leaving this routine 6842 * else signals will stop being sent. 6843 */ 6844 stp->sd_flag |= STRGETINPROG; 6845 mutex_exit(&stp->sd_lock); 6846 6847 if (STREAM_NEEDSERVICE(stp)) 6848 stream_runservice(stp); 6849 6850 /* 6851 * Set HIPRI flag if message is priority. 6852 */ 6853 if (type >= QPCTL) 6854 flg = MSG_HIPRI; 6855 else 6856 flg = MSG_BAND; 6857 6858 /* 6859 * First process PROTO or PCPROTO blocks, if any. 6860 */ 6861 if (mctl->maxlen >= 0 && type != M_DATA) { 6862 size_t n, bcnt; 6863 char *ubuf; 6864 6865 bcnt = mctl->maxlen; 6866 ubuf = mctl->buf; 6867 while (bp != NULL && bp->b_datap->db_type != M_DATA) { 6868 if ((n = MIN(bcnt, bp->b_wptr - bp->b_rptr)) != 0 && 6869 copyout(bp->b_rptr, ubuf, n)) { 6870 error = EFAULT; 6871 mutex_enter(&stp->sd_lock); 6872 /* 6873 * clear stream head pri flag based on 6874 * first message type 6875 */ 6876 if (type >= QPCTL) { 6877 ASSERT(type == M_PCPROTO); 6878 stp->sd_flag &= ~STRPRI; 6879 } 6880 more = 0; 6881 freemsg(bp); 6882 goto getmout; 6883 } 6884 ubuf += n; 6885 bp->b_rptr += n; 6886 if (bp->b_rptr >= bp->b_wptr) { 6887 nbp = bp; 6888 bp = bp->b_cont; 6889 freeb(nbp); 6890 } 6891 ASSERT(n <= bcnt); 6892 bcnt -= n; 6893 if (bcnt == 0) 6894 break; 6895 } 6896 mctl->len = mctl->maxlen - bcnt; 6897 } else 6898 mctl->len = -1; 6899 6900 if (bp && bp->b_datap->db_type != M_DATA) { 6901 /* 6902 * More PROTO blocks in msg. 6903 */ 6904 more |= MORECTL; 6905 savemp = bp; 6906 while (bp && bp->b_datap->db_type != M_DATA) { 6907 savemptail = bp; 6908 bp = bp->b_cont; 6909 } 6910 savemptail->b_cont = NULL; 6911 } 6912 6913 /* 6914 * Now process DATA blocks, if any. 6915 */ 6916 if (mdata->maxlen >= 0 && bp) { 6917 /* 6918 * struiocopyout will consume a potential zero-length 6919 * M_DATA even if uio_resid is zero. 6920 */ 6921 size_t oldresid = uiop->uio_resid; 6922 6923 bp = struiocopyout(bp, uiop, &error); 6924 if (error != 0) { 6925 mutex_enter(&stp->sd_lock); 6926 /* 6927 * clear stream head hi pri flag based on 6928 * first message 6929 */ 6930 if (type >= QPCTL) { 6931 ASSERT(type == M_PCPROTO); 6932 stp->sd_flag &= ~STRPRI; 6933 } 6934 more = 0; 6935 freemsg(savemp); 6936 goto getmout; 6937 } 6938 /* 6939 * (pr == 1) indicates a partial read. 6940 */ 6941 if (oldresid > uiop->uio_resid) 6942 pr = 1; 6943 mdata->len = mdata->maxlen - uiop->uio_resid; 6944 } else 6945 mdata->len = -1; 6946 6947 if (bp) { /* more data blocks in msg */ 6948 more |= MOREDATA; 6949 if (savemp) 6950 savemptail->b_cont = bp; 6951 else 6952 savemp = bp; 6953 } 6954 6955 mutex_enter(&stp->sd_lock); 6956 if (savemp) { 6957 if (pr && (savemp->b_datap->db_type == M_DATA) && 6958 msgnodata(savemp)) { 6959 /* 6960 * Avoid queuing a zero-length tail part of 6961 * a message. pr=1 indicates that we read some of 6962 * the message. 6963 */ 6964 freemsg(savemp); 6965 more &= ~MOREDATA; 6966 /* 6967 * clear stream head hi pri flag based on 6968 * first message 6969 */ 6970 if (type >= QPCTL) { 6971 ASSERT(type == M_PCPROTO); 6972 stp->sd_flag &= ~STRPRI; 6973 } 6974 } else { 6975 savemp->b_band = pri; 6976 /* 6977 * If the first message was HIPRI and the one we're 6978 * putting back isn't, then clear STRPRI, otherwise 6979 * set STRPRI again. Note that we must set STRPRI 6980 * again since the flush logic in strrput_nondata() 6981 * may have cleared it while we had sd_lock dropped. 6982 */ 6983 if (type >= QPCTL) { 6984 ASSERT(type == M_PCPROTO); 6985 if (queclass(savemp) < QPCTL) 6986 stp->sd_flag &= ~STRPRI; 6987 else 6988 stp->sd_flag |= STRPRI; 6989 } else if (queclass(savemp) >= QPCTL) { 6990 /* 6991 * The first message was not a HIPRI message, 6992 * but the one we are about to putback is. 6993 * For simplicitly, we do not allow for HIPRI 6994 * messages to be embedded in the message 6995 * body, so just force it to same type as 6996 * first message. 6997 */ 6998 ASSERT(type == M_DATA || type == M_PROTO); 6999 ASSERT(savemp->b_datap->db_type == M_PCPROTO); 7000 savemp->b_datap->db_type = type; 7001 } 7002 if (mark != 0) { 7003 savemp->b_flag |= mark & ~_LASTMARK; 7004 if ((mark & _LASTMARK) && 7005 (stp->sd_mark == NULL)) { 7006 /* 7007 * If another marked message arrived 7008 * while sd_lock was not held sd_mark 7009 * would be non-NULL. 7010 */ 7011 stp->sd_mark = savemp; 7012 } 7013 } 7014 putback(stp, q, savemp, pri); 7015 } 7016 } else { 7017 /* 7018 * The complete message was consumed. 7019 * 7020 * If another M_PCPROTO arrived while sd_lock was not held 7021 * it would have been discarded since STRPRI was still set. 7022 * 7023 * Move the MSG*MARKNEXT information 7024 * to the stream head just in case 7025 * the read queue becomes empty. 7026 * clear stream head hi pri flag based on 7027 * first message 7028 * 7029 * If the stream head was at the mark 7030 * (STRATMARK) before we dropped sd_lock above 7031 * and some data was consumed then we have 7032 * moved past the mark thus STRATMARK is 7033 * cleared. However, if a message arrived in 7034 * strrput during the copyout above causing 7035 * STRATMARK to be set we can not clear that 7036 * flag. 7037 */ 7038 if (type >= QPCTL) { 7039 ASSERT(type == M_PCPROTO); 7040 stp->sd_flag &= ~STRPRI; 7041 } 7042 if (mark & (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 7043 if (mark & MSGMARKNEXT) { 7044 stp->sd_flag &= ~STRNOTATMARK; 7045 stp->sd_flag |= STRATMARK; 7046 } else if (mark & MSGNOTMARKNEXT) { 7047 stp->sd_flag &= ~STRATMARK; 7048 stp->sd_flag |= STRNOTATMARK; 7049 } else { 7050 stp->sd_flag &= ~(STRATMARK|STRNOTATMARK); 7051 } 7052 } else if (pr && (old_sd_flag & STRATMARK)) { 7053 stp->sd_flag &= ~STRATMARK; 7054 } 7055 } 7056 7057 *flagsp = flg; 7058 *prip = pri; 7059 7060 /* 7061 * Getmsg cleanup processing - if the state of the queue has changed 7062 * some signals may need to be sent and/or poll awakened. 7063 */ 7064 getmout: 7065 qbackenable(q, pri); 7066 7067 /* 7068 * We dropped the stream head lock above. Send all M_SIG messages 7069 * before processing stream head for SIGPOLL messages. 7070 */ 7071 ASSERT(MUTEX_HELD(&stp->sd_lock)); 7072 while ((bp = q->q_first) != NULL && 7073 (bp->b_datap->db_type == M_SIG)) { 7074 /* 7075 * sd_lock is held so the content of the read queue can not 7076 * change. 7077 */ 7078 bp = getq(q); 7079 ASSERT(bp != NULL && bp->b_datap->db_type == M_SIG); 7080 7081 strsignal_nolock(stp, *bp->b_rptr, (int32_t)bp->b_band); 7082 mutex_exit(&stp->sd_lock); 7083 freemsg(bp); 7084 if (STREAM_NEEDSERVICE(stp)) 7085 stream_runservice(stp); 7086 mutex_enter(&stp->sd_lock); 7087 } 7088 7089 /* 7090 * stream head cannot change while we make the determination 7091 * whether or not to send a signal. Drop the flag to allow strrput 7092 * to send firstmsgsigs again. 7093 */ 7094 stp->sd_flag &= ~STRGETINPROG; 7095 7096 /* 7097 * If the type of message at the front of the queue changed 7098 * due to the receive the appropriate signals and pollwakeup events 7099 * are generated. The type of changes are: 7100 * Processed a hipri message, q_first is not hipri. 7101 * Processed a band X message, and q_first is band Y. 7102 * The generated signals and pollwakeups are identical to what 7103 * strrput() generates should the message that is now on q_first 7104 * arrive to an empty read queue. 7105 * 7106 * Note: only strrput will send a signal for a hipri message. 7107 */ 7108 if ((bp = q->q_first) != NULL && !(stp->sd_flag & STRPRI)) { 7109 strsigset_t signals = 0; 7110 strpollset_t pollwakeups = 0; 7111 7112 if (flg & MSG_HIPRI) { 7113 /* 7114 * Removed a hipri message. Regular data at 7115 * the front of the queue. 7116 */ 7117 if (bp->b_band == 0) { 7118 signals = S_INPUT | S_RDNORM; 7119 pollwakeups = POLLIN | POLLRDNORM; 7120 } else { 7121 signals = S_INPUT | S_RDBAND; 7122 pollwakeups = POLLIN | POLLRDBAND; 7123 } 7124 } else if (pri != bp->b_band) { 7125 /* 7126 * The band is different for the new q_first. 7127 */ 7128 if (bp->b_band == 0) { 7129 signals = S_RDNORM; 7130 pollwakeups = POLLIN | POLLRDNORM; 7131 } else { 7132 signals = S_RDBAND; 7133 pollwakeups = POLLIN | POLLRDBAND; 7134 } 7135 } 7136 7137 if (pollwakeups != 0) { 7138 if (pollwakeups == (POLLIN | POLLRDNORM)) { 7139 if (!(stp->sd_rput_opt & SR_POLLIN)) 7140 goto no_pollwake; 7141 stp->sd_rput_opt &= ~SR_POLLIN; 7142 } 7143 mutex_exit(&stp->sd_lock); 7144 pollwakeup(&stp->sd_pollist, pollwakeups); 7145 mutex_enter(&stp->sd_lock); 7146 } 7147 no_pollwake: 7148 7149 if (stp->sd_sigflags & signals) 7150 strsendsig(stp->sd_siglist, signals, bp->b_band, 0); 7151 } 7152 mutex_exit(&stp->sd_lock); 7153 7154 rvp->r_val1 = more; 7155 return (error); 7156 #undef _LASTMARK 7157 } 7158 7159 /* 7160 * Get the next message from the read queue. If the message is 7161 * priority, STRPRI will have been set by strrput(). This flag 7162 * should be reset only when the entire message at the front of the 7163 * queue as been consumed. 7164 * 7165 * If uiop is NULL all data is returned in mctlp. 7166 * Note that a NULL uiop implies that FNDELAY and FNONBLOCK are assumed 7167 * not enabled. 7168 * The timeout parameter is in milliseconds; -1 for infinity. 7169 * This routine handles the consolidation private flags: 7170 * MSG_IGNERROR Ignore any stream head error except STPLEX. 7171 * MSG_DELAYERROR Defer the error check until the queue is empty. 7172 * MSG_HOLDSIG Hold signals while waiting for data. 7173 * MSG_IPEEK Only peek at messages. 7174 * MSG_DISCARDTAIL Discard the tail M_DATA part of the message 7175 * that doesn't fit. 7176 * MSG_NOMARK If the message is marked leave it on the queue. 7177 * 7178 * NOTE: strgetmsg and kstrgetmsg have much of the logic in common. 7179 */ 7180 int 7181 kstrgetmsg( 7182 struct vnode *vp, 7183 mblk_t **mctlp, 7184 struct uio *uiop, 7185 unsigned char *prip, 7186 int *flagsp, 7187 clock_t timout, 7188 rval_t *rvp) 7189 { 7190 struct stdata *stp; 7191 mblk_t *bp, *nbp; 7192 mblk_t *savemp = NULL; 7193 mblk_t *savemptail = NULL; 7194 int flags; 7195 uint_t old_sd_flag; 7196 int flg; 7197 int more = 0; 7198 int error = 0; 7199 char first = 1; 7200 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 7201 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 7202 unsigned char pri = 0; 7203 queue_t *q; 7204 int pr = 0; /* Partial read successful */ 7205 unsigned char type; 7206 7207 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_ENTER, 7208 "kstrgetmsg:%p", vp); 7209 7210 ASSERT(vp->v_stream); 7211 stp = vp->v_stream; 7212 rvp->r_val1 = 0; 7213 7214 mutex_enter(&stp->sd_lock); 7215 7216 if ((error = i_straccess(stp, JCREAD)) != 0) { 7217 mutex_exit(&stp->sd_lock); 7218 return (error); 7219 } 7220 7221 flags = *flagsp; 7222 if (stp->sd_flag & (STRDERR|STPLEX)) { 7223 if ((stp->sd_flag & STPLEX) || 7224 (flags & (MSG_IGNERROR|MSG_DELAYERROR)) == 0) { 7225 error = strgeterr(stp, STRDERR|STPLEX, 7226 (flags & MSG_IPEEK)); 7227 if (error != 0) { 7228 mutex_exit(&stp->sd_lock); 7229 return (error); 7230 } 7231 } 7232 } 7233 mutex_exit(&stp->sd_lock); 7234 7235 switch (flags & (MSG_HIPRI|MSG_ANY|MSG_BAND)) { 7236 case MSG_HIPRI: 7237 if (*prip != 0) 7238 return (EINVAL); 7239 break; 7240 7241 case MSG_ANY: 7242 case MSG_BAND: 7243 break; 7244 7245 default: 7246 return (EINVAL); 7247 } 7248 7249 retry: 7250 q = _RD(stp->sd_wrq); 7251 mutex_enter(&stp->sd_lock); 7252 old_sd_flag = stp->sd_flag; 7253 mark = 0; 7254 for (;;) { 7255 int done = 0; 7256 int waitflag; 7257 int fmode; 7258 mblk_t *q_first = q->q_first; 7259 7260 /* 7261 * This section of the code operates just like the code 7262 * in strgetmsg(). There is a comment there about what 7263 * is going on here. 7264 */ 7265 if (!(flags & (MSG_HIPRI|MSG_BAND))) { 7266 /* Asking for normal, band0 data */ 7267 bp = strget(stp, q, uiop, first, &error); 7268 ASSERT(MUTEX_HELD(&stp->sd_lock)); 7269 if (bp != NULL) { 7270 if (bp->b_datap->db_type == M_SIG) { 7271 strsignal_nolock(stp, *bp->b_rptr, 7272 (int32_t)bp->b_band); 7273 continue; 7274 } else { 7275 break; 7276 } 7277 } 7278 if (error != 0) { 7279 goto getmout; 7280 } 7281 /* 7282 * We can't depend on the value of STRPRI here because 7283 * the stream head may be in transit. Therefore, we 7284 * must look at the type of the first message to 7285 * determine if a high priority messages is waiting 7286 */ 7287 } else if ((flags & MSG_HIPRI) && q_first != NULL && 7288 q_first->b_datap->db_type >= QPCTL && 7289 (bp = getq_noenab(q)) != NULL) { 7290 ASSERT(bp->b_datap->db_type >= QPCTL); 7291 break; 7292 } else if ((flags & MSG_BAND) && q_first != NULL && 7293 ((q_first->b_band >= *prip) || 7294 q_first->b_datap->db_type >= QPCTL) && 7295 (bp = getq_noenab(q)) != NULL) { 7296 /* 7297 * Asked for at least band "prip" and got either at 7298 * least that band or a hipri message. 7299 */ 7300 ASSERT(bp->b_band >= *prip || 7301 bp->b_datap->db_type >= QPCTL); 7302 if (bp->b_datap->db_type == M_SIG) { 7303 strsignal_nolock(stp, *bp->b_rptr, 7304 (int32_t)bp->b_band); 7305 continue; 7306 } else { 7307 break; 7308 } 7309 } 7310 7311 /* No data. Time to sleep? */ 7312 qbackenable(q, 0); 7313 7314 /* 7315 * Delayed error notification? 7316 */ 7317 if ((stp->sd_flag & (STRDERR|STPLEX)) && 7318 (flags & (MSG_IGNERROR|MSG_DELAYERROR)) == MSG_DELAYERROR) { 7319 error = strgeterr(stp, STRDERR|STPLEX, 7320 (flags & MSG_IPEEK)); 7321 if (error != 0) { 7322 mutex_exit(&stp->sd_lock); 7323 return (error); 7324 } 7325 } 7326 7327 /* 7328 * If STRHUP or STREOF, return 0 length control and data. 7329 * If a read(fd,buf,0) has been done, do not sleep, just 7330 * return. 7331 * 7332 * If mctlp == NULL and uiop == NULL, then the code will 7333 * do the strwaitq. This is an understood way of saying 7334 * sleep "polling" until a message is received. 7335 */ 7336 if ((stp->sd_flag & (STRHUP|STREOF)) || 7337 (uiop != NULL && uiop->uio_resid == 0)) { 7338 if (mctlp != NULL) 7339 *mctlp = NULL; 7340 *flagsp = 0; 7341 mutex_exit(&stp->sd_lock); 7342 return (0); 7343 } 7344 7345 waitflag = GETWAIT; 7346 if (flags & 7347 (MSG_HOLDSIG|MSG_IGNERROR|MSG_IPEEK|MSG_DELAYERROR)) { 7348 if (flags & MSG_HOLDSIG) 7349 waitflag |= STR_NOSIG; 7350 if (flags & MSG_IGNERROR) 7351 waitflag |= STR_NOERROR; 7352 if (flags & MSG_IPEEK) 7353 waitflag |= STR_PEEK; 7354 if (flags & MSG_DELAYERROR) 7355 waitflag |= STR_DELAYERR; 7356 } 7357 if (uiop != NULL) 7358 fmode = uiop->uio_fmode; 7359 else 7360 fmode = 0; 7361 7362 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_WAIT, 7363 "kstrgetmsg calls strwaitq:%p, %p", 7364 vp, uiop); 7365 if (((error = strwaitq(stp, waitflag, (ssize_t)0, 7366 fmode, timout, &done))) != 0 || done) { 7367 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_DONE, 7368 "kstrgetmsg error or done:%p, %p", 7369 vp, uiop); 7370 mutex_exit(&stp->sd_lock); 7371 return (error); 7372 } 7373 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_AWAKE, 7374 "kstrgetmsg awakes:%p, %p", vp, uiop); 7375 if ((error = i_straccess(stp, JCREAD)) != 0) { 7376 mutex_exit(&stp->sd_lock); 7377 return (error); 7378 } 7379 first = 0; 7380 } 7381 ASSERT(bp != NULL); 7382 /* 7383 * Extract any mark information. If the message is not completely 7384 * consumed this information will be put in the mblk 7385 * that is putback. 7386 * If MSGMARKNEXT is set and the message is completely consumed 7387 * the STRATMARK flag will be set below. Likewise, if 7388 * MSGNOTMARKNEXT is set and the message is 7389 * completely consumed STRNOTATMARK will be set. 7390 */ 7391 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 7392 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 7393 (MSGMARKNEXT|MSGNOTMARKNEXT)); 7394 pri = bp->b_band; 7395 if (mark != 0) { 7396 /* 7397 * If the caller doesn't want the mark return. 7398 * Used to implement MSG_WAITALL in sockets. 7399 */ 7400 if (flags & MSG_NOMARK) { 7401 putback(stp, q, bp, pri); 7402 qbackenable(q, pri); 7403 mutex_exit(&stp->sd_lock); 7404 return (EWOULDBLOCK); 7405 } 7406 if (bp == stp->sd_mark) { 7407 mark |= _LASTMARK; 7408 stp->sd_mark = NULL; 7409 } 7410 } 7411 7412 /* 7413 * keep track of the first message type 7414 */ 7415 type = bp->b_datap->db_type; 7416 7417 if (bp->b_datap->db_type == M_PASSFP) { 7418 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7419 stp->sd_mark = bp; 7420 bp->b_flag |= mark & ~_LASTMARK; 7421 putback(stp, q, bp, pri); 7422 qbackenable(q, pri); 7423 mutex_exit(&stp->sd_lock); 7424 return (EBADMSG); 7425 } 7426 ASSERT(type != M_SIG); 7427 7428 if (flags & MSG_IPEEK) { 7429 /* 7430 * Clear any struioflag - we do the uiomove over again 7431 * when peeking since it simplifies the code. 7432 * 7433 * Dup the message and put the original back on the queue. 7434 * If dupmsg() fails, try again with copymsg() to see if 7435 * there is indeed a shortage of memory. dupmsg() may fail 7436 * if db_ref in any of the messages reaches its limit. 7437 */ 7438 7439 ASSERT(!(bp->b_datap->db_flags & DBLK_UIOA)); 7440 if ((nbp = dupmsg(bp)) == NULL && (nbp = copymsg(bp)) == NULL) { 7441 /* 7442 * Restore the state of the stream head since we 7443 * need to drop sd_lock (strwaitbuf is sleeping). 7444 */ 7445 size_t size = msgdsize(bp); 7446 7447 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7448 stp->sd_mark = bp; 7449 bp->b_flag |= mark & ~_LASTMARK; 7450 putback(stp, q, bp, pri); 7451 mutex_exit(&stp->sd_lock); 7452 error = strwaitbuf(size, BPRI_HI); 7453 if (error) { 7454 /* 7455 * There is no net change to the queue thus 7456 * no need to qbackenable. 7457 */ 7458 return (error); 7459 } 7460 goto retry; 7461 } 7462 7463 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7464 stp->sd_mark = bp; 7465 bp->b_flag |= mark & ~_LASTMARK; 7466 putback(stp, q, bp, pri); 7467 bp = nbp; 7468 } 7469 7470 /* 7471 * Set this flag so strrput will not generate signals. Need to 7472 * make sure this flag is cleared before leaving this routine 7473 * else signals will stop being sent. 7474 */ 7475 stp->sd_flag |= STRGETINPROG; 7476 mutex_exit(&stp->sd_lock); 7477 7478 if ((stp->sd_rputdatafunc != NULL) && (DB_TYPE(bp) == M_DATA)) { 7479 mblk_t *tmp, *prevmp; 7480 7481 /* 7482 * Put first non-data mblk back to stream head and 7483 * cut the mblk chain so sd_rputdatafunc only sees 7484 * M_DATA mblks. We can skip the first mblk since it 7485 * is M_DATA according to the condition above. 7486 */ 7487 for (prevmp = bp, tmp = bp->b_cont; tmp != NULL; 7488 prevmp = tmp, tmp = tmp->b_cont) { 7489 if (DB_TYPE(tmp) != M_DATA) { 7490 prevmp->b_cont = NULL; 7491 mutex_enter(&stp->sd_lock); 7492 putback(stp, q, tmp, tmp->b_band); 7493 mutex_exit(&stp->sd_lock); 7494 break; 7495 } 7496 } 7497 7498 ASSERT(!(bp->b_datap->db_flags & DBLK_UIOA)); 7499 bp = (stp->sd_rputdatafunc)(stp->sd_vnode, bp, 7500 NULL, NULL, NULL, NULL); 7501 7502 if (bp == NULL) 7503 goto retry; 7504 } 7505 7506 if (STREAM_NEEDSERVICE(stp)) 7507 stream_runservice(stp); 7508 7509 /* 7510 * Set HIPRI flag if message is priority. 7511 */ 7512 if (type >= QPCTL) 7513 flg = MSG_HIPRI; 7514 else 7515 flg = MSG_BAND; 7516 7517 /* 7518 * First process PROTO or PCPROTO blocks, if any. 7519 */ 7520 if (mctlp != NULL && type != M_DATA) { 7521 mblk_t *nbp; 7522 7523 *mctlp = bp; 7524 while (bp->b_cont && bp->b_cont->b_datap->db_type != M_DATA) 7525 bp = bp->b_cont; 7526 nbp = bp->b_cont; 7527 bp->b_cont = NULL; 7528 bp = nbp; 7529 } 7530 7531 if (bp && bp->b_datap->db_type != M_DATA) { 7532 /* 7533 * More PROTO blocks in msg. Will only happen if mctlp is NULL. 7534 */ 7535 more |= MORECTL; 7536 savemp = bp; 7537 while (bp && bp->b_datap->db_type != M_DATA) { 7538 savemptail = bp; 7539 bp = bp->b_cont; 7540 } 7541 savemptail->b_cont = NULL; 7542 } 7543 7544 /* 7545 * Now process DATA blocks, if any. 7546 */ 7547 if (uiop == NULL) { 7548 /* Append data to tail of mctlp */ 7549 7550 ASSERT(bp == NULL || !(bp->b_datap->db_flags & DBLK_UIOA)); 7551 if (mctlp != NULL) { 7552 mblk_t **mpp = mctlp; 7553 7554 while (*mpp != NULL) 7555 mpp = &((*mpp)->b_cont); 7556 *mpp = bp; 7557 bp = NULL; 7558 } 7559 } else if (bp && (bp->b_datap->db_flags & DBLK_UIOA)) { 7560 /* 7561 * A uioa mblk_t chain, as uio processing has already 7562 * been done we simple skip over processing. 7563 */ 7564 bp = NULL; 7565 pr = 0; 7566 7567 } else if (uiop->uio_resid >= 0 && bp) { 7568 size_t oldresid = uiop->uio_resid; 7569 7570 /* 7571 * If a streams message is likely to consist 7572 * of many small mblks, it is pulled up into 7573 * one continuous chunk of memory. 7574 * see longer comment at top of page 7575 * by mblk_pull_len declaration. 7576 */ 7577 7578 if (MBLKL(bp) < mblk_pull_len) { 7579 (void) pullupmsg(bp, -1); 7580 } 7581 7582 bp = struiocopyout(bp, uiop, &error); 7583 if (error != 0) { 7584 if (mctlp != NULL) { 7585 freemsg(*mctlp); 7586 *mctlp = NULL; 7587 } else 7588 freemsg(savemp); 7589 mutex_enter(&stp->sd_lock); 7590 /* 7591 * clear stream head hi pri flag based on 7592 * first message 7593 */ 7594 if (!(flags & MSG_IPEEK) && (type >= QPCTL)) { 7595 ASSERT(type == M_PCPROTO); 7596 stp->sd_flag &= ~STRPRI; 7597 } 7598 more = 0; 7599 goto getmout; 7600 } 7601 /* 7602 * (pr == 1) indicates a partial read. 7603 */ 7604 if (oldresid > uiop->uio_resid) 7605 pr = 1; 7606 } 7607 7608 if (bp) { /* more data blocks in msg */ 7609 more |= MOREDATA; 7610 if (savemp) 7611 savemptail->b_cont = bp; 7612 else 7613 savemp = bp; 7614 } 7615 7616 mutex_enter(&stp->sd_lock); 7617 if (savemp) { 7618 if (flags & (MSG_IPEEK|MSG_DISCARDTAIL)) { 7619 /* 7620 * When MSG_DISCARDTAIL is set or 7621 * when peeking discard any tail. When peeking this 7622 * is the tail of the dup that was copied out - the 7623 * message has already been putback on the queue. 7624 * Return MOREDATA to the caller even though the data 7625 * is discarded. This is used by sockets (to 7626 * set MSG_TRUNC). 7627 */ 7628 freemsg(savemp); 7629 if (!(flags & MSG_IPEEK) && (type >= QPCTL)) { 7630 ASSERT(type == M_PCPROTO); 7631 stp->sd_flag &= ~STRPRI; 7632 } 7633 } else if (pr && (savemp->b_datap->db_type == M_DATA) && 7634 msgnodata(savemp)) { 7635 /* 7636 * Avoid queuing a zero-length tail part of 7637 * a message. pr=1 indicates that we read some of 7638 * the message. 7639 */ 7640 freemsg(savemp); 7641 more &= ~MOREDATA; 7642 if (type >= QPCTL) { 7643 ASSERT(type == M_PCPROTO); 7644 stp->sd_flag &= ~STRPRI; 7645 } 7646 } else { 7647 savemp->b_band = pri; 7648 /* 7649 * If the first message was HIPRI and the one we're 7650 * putting back isn't, then clear STRPRI, otherwise 7651 * set STRPRI again. Note that we must set STRPRI 7652 * again since the flush logic in strrput_nondata() 7653 * may have cleared it while we had sd_lock dropped. 7654 */ 7655 7656 ASSERT(!(savemp->b_datap->db_flags & DBLK_UIOA)); 7657 if (type >= QPCTL) { 7658 ASSERT(type == M_PCPROTO); 7659 if (queclass(savemp) < QPCTL) 7660 stp->sd_flag &= ~STRPRI; 7661 else 7662 stp->sd_flag |= STRPRI; 7663 } else if (queclass(savemp) >= QPCTL) { 7664 /* 7665 * The first message was not a HIPRI message, 7666 * but the one we are about to putback is. 7667 * For simplicitly, we do not allow for HIPRI 7668 * messages to be embedded in the message 7669 * body, so just force it to same type as 7670 * first message. 7671 */ 7672 ASSERT(type == M_DATA || type == M_PROTO); 7673 ASSERT(savemp->b_datap->db_type == M_PCPROTO); 7674 savemp->b_datap->db_type = type; 7675 } 7676 if (mark != 0) { 7677 if ((mark & _LASTMARK) && 7678 (stp->sd_mark == NULL)) { 7679 /* 7680 * If another marked message arrived 7681 * while sd_lock was not held sd_mark 7682 * would be non-NULL. 7683 */ 7684 stp->sd_mark = savemp; 7685 } 7686 savemp->b_flag |= mark & ~_LASTMARK; 7687 } 7688 putback(stp, q, savemp, pri); 7689 } 7690 } else if (!(flags & MSG_IPEEK)) { 7691 /* 7692 * The complete message was consumed. 7693 * 7694 * If another M_PCPROTO arrived while sd_lock was not held 7695 * it would have been discarded since STRPRI was still set. 7696 * 7697 * Move the MSG*MARKNEXT information 7698 * to the stream head just in case 7699 * the read queue becomes empty. 7700 * clear stream head hi pri flag based on 7701 * first message 7702 * 7703 * If the stream head was at the mark 7704 * (STRATMARK) before we dropped sd_lock above 7705 * and some data was consumed then we have 7706 * moved past the mark thus STRATMARK is 7707 * cleared. However, if a message arrived in 7708 * strrput during the copyout above causing 7709 * STRATMARK to be set we can not clear that 7710 * flag. 7711 * XXX A "perimeter" would help by single-threading strrput, 7712 * strread, strgetmsg and kstrgetmsg. 7713 */ 7714 if (type >= QPCTL) { 7715 ASSERT(type == M_PCPROTO); 7716 stp->sd_flag &= ~STRPRI; 7717 } 7718 if (mark & (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 7719 if (mark & MSGMARKNEXT) { 7720 stp->sd_flag &= ~STRNOTATMARK; 7721 stp->sd_flag |= STRATMARK; 7722 } else if (mark & MSGNOTMARKNEXT) { 7723 stp->sd_flag &= ~STRATMARK; 7724 stp->sd_flag |= STRNOTATMARK; 7725 } else { 7726 stp->sd_flag &= ~(STRATMARK|STRNOTATMARK); 7727 } 7728 } else if (pr && (old_sd_flag & STRATMARK)) { 7729 stp->sd_flag &= ~STRATMARK; 7730 } 7731 } 7732 7733 *flagsp = flg; 7734 *prip = pri; 7735 7736 /* 7737 * Getmsg cleanup processing - if the state of the queue has changed 7738 * some signals may need to be sent and/or poll awakened. 7739 */ 7740 getmout: 7741 qbackenable(q, pri); 7742 7743 /* 7744 * We dropped the stream head lock above. Send all M_SIG messages 7745 * before processing stream head for SIGPOLL messages. 7746 */ 7747 ASSERT(MUTEX_HELD(&stp->sd_lock)); 7748 while ((bp = q->q_first) != NULL && 7749 (bp->b_datap->db_type == M_SIG)) { 7750 /* 7751 * sd_lock is held so the content of the read queue can not 7752 * change. 7753 */ 7754 bp = getq(q); 7755 ASSERT(bp != NULL && bp->b_datap->db_type == M_SIG); 7756 7757 strsignal_nolock(stp, *bp->b_rptr, (int32_t)bp->b_band); 7758 mutex_exit(&stp->sd_lock); 7759 freemsg(bp); 7760 if (STREAM_NEEDSERVICE(stp)) 7761 stream_runservice(stp); 7762 mutex_enter(&stp->sd_lock); 7763 } 7764 7765 /* 7766 * stream head cannot change while we make the determination 7767 * whether or not to send a signal. Drop the flag to allow strrput 7768 * to send firstmsgsigs again. 7769 */ 7770 stp->sd_flag &= ~STRGETINPROG; 7771 7772 /* 7773 * If the type of message at the front of the queue changed 7774 * due to the receive the appropriate signals and pollwakeup events 7775 * are generated. The type of changes are: 7776 * Processed a hipri message, q_first is not hipri. 7777 * Processed a band X message, and q_first is band Y. 7778 * The generated signals and pollwakeups are identical to what 7779 * strrput() generates should the message that is now on q_first 7780 * arrive to an empty read queue. 7781 * 7782 * Note: only strrput will send a signal for a hipri message. 7783 */ 7784 if ((bp = q->q_first) != NULL && !(stp->sd_flag & STRPRI)) { 7785 strsigset_t signals = 0; 7786 strpollset_t pollwakeups = 0; 7787 7788 if (flg & MSG_HIPRI) { 7789 /* 7790 * Removed a hipri message. Regular data at 7791 * the front of the queue. 7792 */ 7793 if (bp->b_band == 0) { 7794 signals = S_INPUT | S_RDNORM; 7795 pollwakeups = POLLIN | POLLRDNORM; 7796 } else { 7797 signals = S_INPUT | S_RDBAND; 7798 pollwakeups = POLLIN | POLLRDBAND; 7799 } 7800 } else if (pri != bp->b_band) { 7801 /* 7802 * The band is different for the new q_first. 7803 */ 7804 if (bp->b_band == 0) { 7805 signals = S_RDNORM; 7806 pollwakeups = POLLIN | POLLRDNORM; 7807 } else { 7808 signals = S_RDBAND; 7809 pollwakeups = POLLIN | POLLRDBAND; 7810 } 7811 } 7812 7813 if (pollwakeups != 0) { 7814 if (pollwakeups == (POLLIN | POLLRDNORM)) { 7815 if (!(stp->sd_rput_opt & SR_POLLIN)) 7816 goto no_pollwake; 7817 stp->sd_rput_opt &= ~SR_POLLIN; 7818 } 7819 mutex_exit(&stp->sd_lock); 7820 pollwakeup(&stp->sd_pollist, pollwakeups); 7821 mutex_enter(&stp->sd_lock); 7822 } 7823 no_pollwake: 7824 7825 if (stp->sd_sigflags & signals) 7826 strsendsig(stp->sd_siglist, signals, bp->b_band, 0); 7827 } 7828 mutex_exit(&stp->sd_lock); 7829 7830 rvp->r_val1 = more; 7831 return (error); 7832 #undef _LASTMARK 7833 } 7834 7835 /* 7836 * Put a message downstream. 7837 * 7838 * NOTE: strputmsg and kstrputmsg have much of the logic in common. 7839 */ 7840 int 7841 strputmsg( 7842 struct vnode *vp, 7843 struct strbuf *mctl, 7844 struct strbuf *mdata, 7845 unsigned char pri, 7846 int flag, 7847 int fmode) 7848 { 7849 struct stdata *stp; 7850 queue_t *wqp; 7851 mblk_t *mp; 7852 ssize_t msgsize; 7853 ssize_t rmin, rmax; 7854 int error; 7855 struct uio uios; 7856 struct uio *uiop = &uios; 7857 struct iovec iovs; 7858 int xpg4 = 0; 7859 7860 ASSERT(vp->v_stream); 7861 stp = vp->v_stream; 7862 wqp = stp->sd_wrq; 7863 7864 /* 7865 * If it is an XPG4 application, we need to send 7866 * SIGPIPE below 7867 */ 7868 7869 xpg4 = (flag & MSG_XPG4) ? 1 : 0; 7870 flag &= ~MSG_XPG4; 7871 7872 if (audit_active) 7873 audit_strputmsg(vp, mctl, mdata, pri, flag, fmode); 7874 7875 mutex_enter(&stp->sd_lock); 7876 7877 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7878 mutex_exit(&stp->sd_lock); 7879 return (error); 7880 } 7881 7882 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 7883 error = strwriteable(stp, B_FALSE, xpg4); 7884 if (error != 0) { 7885 mutex_exit(&stp->sd_lock); 7886 return (error); 7887 } 7888 } 7889 7890 mutex_exit(&stp->sd_lock); 7891 7892 /* 7893 * Check for legal flag value. 7894 */ 7895 switch (flag) { 7896 case MSG_HIPRI: 7897 if ((mctl->len < 0) || (pri != 0)) 7898 return (EINVAL); 7899 break; 7900 case MSG_BAND: 7901 break; 7902 7903 default: 7904 return (EINVAL); 7905 } 7906 7907 TRACE_1(TR_FAC_STREAMS_FR, TR_STRPUTMSG_IN, 7908 "strputmsg in:stp %p", stp); 7909 7910 /* get these values from those cached in the stream head */ 7911 rmin = stp->sd_qn_minpsz; 7912 rmax = stp->sd_qn_maxpsz; 7913 7914 /* 7915 * Make sure ctl and data sizes together fall within the 7916 * limits of the max and min receive packet sizes and do 7917 * not exceed system limit. 7918 */ 7919 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 7920 if (rmax == 0) { 7921 return (ERANGE); 7922 } 7923 /* 7924 * Use the MAXIMUM of sd_maxblk and q_maxpsz. 7925 * Needed to prevent partial failures in the strmakedata loop. 7926 */ 7927 if (stp->sd_maxblk != INFPSZ && rmax != INFPSZ && rmax < stp->sd_maxblk) 7928 rmax = stp->sd_maxblk; 7929 7930 if ((msgsize = mdata->len) < 0) { 7931 msgsize = 0; 7932 rmin = 0; /* no range check for NULL data part */ 7933 } 7934 if ((msgsize < rmin) || 7935 ((msgsize > rmax) && (rmax != INFPSZ)) || 7936 (mctl->len > strctlsz)) { 7937 return (ERANGE); 7938 } 7939 7940 /* 7941 * Setup uio and iov for data part 7942 */ 7943 iovs.iov_base = mdata->buf; 7944 iovs.iov_len = msgsize; 7945 uios.uio_iov = &iovs; 7946 uios.uio_iovcnt = 1; 7947 uios.uio_loffset = 0; 7948 uios.uio_segflg = UIO_USERSPACE; 7949 uios.uio_fmode = fmode; 7950 uios.uio_extflg = UIO_COPY_DEFAULT; 7951 uios.uio_resid = msgsize; 7952 uios.uio_offset = 0; 7953 7954 /* Ignore flow control in strput for HIPRI */ 7955 if (flag & MSG_HIPRI) 7956 flag |= MSG_IGNFLOW; 7957 7958 for (;;) { 7959 int done = 0; 7960 7961 /* 7962 * strput will always free the ctl mblk - even when strput 7963 * fails. 7964 */ 7965 if ((error = strmakectl(mctl, flag, fmode, &mp)) != 0) { 7966 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7967 "strputmsg out:stp %p out %d error %d", 7968 stp, 1, error); 7969 return (error); 7970 } 7971 /* 7972 * Verify that the whole message can be transferred by 7973 * strput. 7974 */ 7975 ASSERT(stp->sd_maxblk == INFPSZ || 7976 stp->sd_maxblk >= mdata->len); 7977 7978 msgsize = mdata->len; 7979 error = strput(stp, mp, uiop, &msgsize, 0, pri, flag); 7980 mdata->len = msgsize; 7981 7982 if (error == 0) 7983 break; 7984 7985 if (error != EWOULDBLOCK) 7986 goto out; 7987 7988 mutex_enter(&stp->sd_lock); 7989 /* 7990 * Check for a missed wakeup. 7991 * Needed since strput did not hold sd_lock across 7992 * the canputnext. 7993 */ 7994 if (bcanputnext(wqp, pri)) { 7995 /* Try again */ 7996 mutex_exit(&stp->sd_lock); 7997 continue; 7998 } 7999 TRACE_2(TR_FAC_STREAMS_FR, TR_STRPUTMSG_WAIT, 8000 "strputmsg wait:stp %p waits pri %d", stp, pri); 8001 if (((error = strwaitq(stp, WRITEWAIT, (ssize_t)0, fmode, -1, 8002 &done)) != 0) || done) { 8003 mutex_exit(&stp->sd_lock); 8004 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 8005 "strputmsg out:q %p out %d error %d", 8006 stp, 0, error); 8007 return (error); 8008 } 8009 TRACE_1(TR_FAC_STREAMS_FR, TR_STRPUTMSG_WAKE, 8010 "strputmsg wake:stp %p wakes", stp); 8011 if ((error = i_straccess(stp, JCWRITE)) != 0) { 8012 mutex_exit(&stp->sd_lock); 8013 return (error); 8014 } 8015 mutex_exit(&stp->sd_lock); 8016 } 8017 out: 8018 /* 8019 * For historic reasons, applications expect EAGAIN 8020 * when data mblk could not be allocated. so change 8021 * ENOMEM back to EAGAIN 8022 */ 8023 if (error == ENOMEM) 8024 error = EAGAIN; 8025 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 8026 "strputmsg out:stp %p out %d error %d", stp, 2, error); 8027 return (error); 8028 } 8029 8030 /* 8031 * Put a message downstream. 8032 * Can send only an M_PROTO/M_PCPROTO by passing in a NULL uiop. 8033 * The fmode flag (NDELAY, NONBLOCK) is the or of the flags in the uio 8034 * and the fmode parameter. 8035 * 8036 * This routine handles the consolidation private flags: 8037 * MSG_IGNERROR Ignore any stream head error except STPLEX. 8038 * MSG_HOLDSIG Hold signals while waiting for data. 8039 * MSG_IGNFLOW Don't check streams flow control. 8040 * 8041 * NOTE: strputmsg and kstrputmsg have much of the logic in common. 8042 */ 8043 int 8044 kstrputmsg( 8045 struct vnode *vp, 8046 mblk_t *mctl, 8047 struct uio *uiop, 8048 ssize_t msgsize, 8049 unsigned char pri, 8050 int flag, 8051 int fmode) 8052 { 8053 struct stdata *stp; 8054 queue_t *wqp; 8055 ssize_t rmin, rmax; 8056 int error; 8057 8058 ASSERT(vp->v_stream); 8059 stp = vp->v_stream; 8060 wqp = stp->sd_wrq; 8061 if (audit_active) 8062 audit_strputmsg(vp, NULL, NULL, pri, flag, fmode); 8063 if (mctl == NULL) 8064 return (EINVAL); 8065 8066 mutex_enter(&stp->sd_lock); 8067 8068 if ((error = i_straccess(stp, JCWRITE)) != 0) { 8069 mutex_exit(&stp->sd_lock); 8070 freemsg(mctl); 8071 return (error); 8072 } 8073 8074 if ((stp->sd_flag & STPLEX) || !(flag & MSG_IGNERROR)) { 8075 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 8076 error = strwriteable(stp, B_FALSE, B_TRUE); 8077 if (error != 0) { 8078 mutex_exit(&stp->sd_lock); 8079 freemsg(mctl); 8080 return (error); 8081 } 8082 } 8083 } 8084 8085 mutex_exit(&stp->sd_lock); 8086 8087 /* 8088 * Check for legal flag value. 8089 */ 8090 switch (flag & (MSG_HIPRI|MSG_BAND|MSG_ANY)) { 8091 case MSG_HIPRI: 8092 if (pri != 0) { 8093 freemsg(mctl); 8094 return (EINVAL); 8095 } 8096 break; 8097 case MSG_BAND: 8098 break; 8099 default: 8100 freemsg(mctl); 8101 return (EINVAL); 8102 } 8103 8104 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_IN, 8105 "kstrputmsg in:stp %p", stp); 8106 8107 /* get these values from those cached in the stream head */ 8108 rmin = stp->sd_qn_minpsz; 8109 rmax = stp->sd_qn_maxpsz; 8110 8111 /* 8112 * Make sure ctl and data sizes together fall within the 8113 * limits of the max and min receive packet sizes and do 8114 * not exceed system limit. 8115 */ 8116 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 8117 if (rmax == 0) { 8118 freemsg(mctl); 8119 return (ERANGE); 8120 } 8121 /* 8122 * Use the MAXIMUM of sd_maxblk and q_maxpsz. 8123 * Needed to prevent partial failures in the strmakedata loop. 8124 */ 8125 if (stp->sd_maxblk != INFPSZ && rmax != INFPSZ && rmax < stp->sd_maxblk) 8126 rmax = stp->sd_maxblk; 8127 8128 if (uiop == NULL) { 8129 msgsize = -1; 8130 rmin = -1; /* no range check for NULL data part */ 8131 } else { 8132 /* Use uio flags as well as the fmode parameter flags */ 8133 fmode |= uiop->uio_fmode; 8134 8135 if ((msgsize < rmin) || 8136 ((msgsize > rmax) && (rmax != INFPSZ))) { 8137 freemsg(mctl); 8138 return (ERANGE); 8139 } 8140 } 8141 8142 /* Ignore flow control in strput for HIPRI */ 8143 if (flag & MSG_HIPRI) 8144 flag |= MSG_IGNFLOW; 8145 8146 for (;;) { 8147 int done = 0; 8148 int waitflag; 8149 mblk_t *mp; 8150 8151 /* 8152 * strput will always free the ctl mblk - even when strput 8153 * fails. If MSG_IGNFLOW is set then any error returned 8154 * will cause us to break the loop, so we don't need a copy 8155 * of the message. If MSG_IGNFLOW is not set, then we can 8156 * get hit by flow control and be forced to try again. In 8157 * this case we need to have a copy of the message. We 8158 * do this using copymsg since the message may get modified 8159 * by something below us. 8160 * 8161 * We've observed that many TPI providers do not check db_ref 8162 * on the control messages but blindly reuse them for the 8163 * T_OK_ACK/T_ERROR_ACK. Thus using copymsg is more 8164 * friendly to such providers than using dupmsg. Also, note 8165 * that sockfs uses MSG_IGNFLOW for all TPI control messages. 8166 * Only data messages are subject to flow control, hence 8167 * subject to this copymsg. 8168 */ 8169 if (flag & MSG_IGNFLOW) { 8170 mp = mctl; 8171 mctl = NULL; 8172 } else { 8173 do { 8174 /* 8175 * If a message has a free pointer, the message 8176 * must be dupmsg to maintain this pointer. 8177 * Code using this facility must be sure 8178 * that modules below will not change the 8179 * contents of the dblk without checking db_ref 8180 * first. If db_ref is > 1, then the module 8181 * needs to do a copymsg first. Otherwise, 8182 * the contents of the dblk may become 8183 * inconsistent because the freesmg/freeb below 8184 * may end up calling atomic_add_32_nv. 8185 * The atomic_add_32_nv in freeb (accessing 8186 * all of db_ref, db_type, db_flags, and 8187 * db_struioflag) does not prevent other threads 8188 * from concurrently trying to modify e.g. 8189 * db_type. 8190 */ 8191 if (mctl->b_datap->db_frtnp != NULL) 8192 mp = dupmsg(mctl); 8193 else 8194 mp = copymsg(mctl); 8195 8196 if (mp != NULL) 8197 break; 8198 8199 error = strwaitbuf(msgdsize(mctl), BPRI_MED); 8200 if (error) { 8201 freemsg(mctl); 8202 return (error); 8203 } 8204 } while (mp == NULL); 8205 } 8206 /* 8207 * Verify that all of msgsize can be transferred by 8208 * strput. 8209 */ 8210 ASSERT(stp->sd_maxblk == INFPSZ || stp->sd_maxblk >= msgsize); 8211 error = strput(stp, mp, uiop, &msgsize, 0, pri, flag); 8212 if (error == 0) 8213 break; 8214 8215 if (error != EWOULDBLOCK) 8216 goto out; 8217 8218 /* 8219 * IF MSG_IGNFLOW is set we should have broken out of loop 8220 * above. 8221 */ 8222 ASSERT(!(flag & MSG_IGNFLOW)); 8223 mutex_enter(&stp->sd_lock); 8224 /* 8225 * Check for a missed wakeup. 8226 * Needed since strput did not hold sd_lock across 8227 * the canputnext. 8228 */ 8229 if (bcanputnext(wqp, pri)) { 8230 /* Try again */ 8231 mutex_exit(&stp->sd_lock); 8232 continue; 8233 } 8234 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_WAIT, 8235 "kstrputmsg wait:stp %p waits pri %d", stp, pri); 8236 8237 waitflag = WRITEWAIT; 8238 if (flag & (MSG_HOLDSIG|MSG_IGNERROR)) { 8239 if (flag & MSG_HOLDSIG) 8240 waitflag |= STR_NOSIG; 8241 if (flag & MSG_IGNERROR) 8242 waitflag |= STR_NOERROR; 8243 } 8244 if (((error = strwaitq(stp, waitflag, 8245 (ssize_t)0, fmode, -1, &done)) != 0) || done) { 8246 mutex_exit(&stp->sd_lock); 8247 TRACE_3(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_OUT, 8248 "kstrputmsg out:stp %p out %d error %d", 8249 stp, 0, error); 8250 freemsg(mctl); 8251 return (error); 8252 } 8253 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_WAKE, 8254 "kstrputmsg wake:stp %p wakes", stp); 8255 if ((error = i_straccess(stp, JCWRITE)) != 0) { 8256 mutex_exit(&stp->sd_lock); 8257 freemsg(mctl); 8258 return (error); 8259 } 8260 mutex_exit(&stp->sd_lock); 8261 } 8262 out: 8263 freemsg(mctl); 8264 /* 8265 * For historic reasons, applications expect EAGAIN 8266 * when data mblk could not be allocated. so change 8267 * ENOMEM back to EAGAIN 8268 */ 8269 if (error == ENOMEM) 8270 error = EAGAIN; 8271 TRACE_3(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_OUT, 8272 "kstrputmsg out:stp %p out %d error %d", stp, 2, error); 8273 return (error); 8274 } 8275 8276 /* 8277 * Determines whether the necessary conditions are set on a stream 8278 * for it to be readable, writeable, or have exceptions. 8279 * 8280 * strpoll handles the consolidation private events: 8281 * POLLNOERR Do not return POLLERR even if there are stream 8282 * head errors. 8283 * Used by sockfs. 8284 * POLLRDDATA Do not return POLLIN unless at least one message on 8285 * the queue contains one or more M_DATA mblks. Thus 8286 * when this flag is set a queue with only 8287 * M_PROTO/M_PCPROTO mblks does not return POLLIN. 8288 * Used by sockfs to ignore T_EXDATA_IND messages. 8289 * 8290 * Note: POLLRDDATA assumes that synch streams only return messages with 8291 * an M_DATA attached (i.e. not messages consisting of only 8292 * an M_PROTO/M_PCPROTO part). 8293 */ 8294 int 8295 strpoll( 8296 struct stdata *stp, 8297 short events_arg, 8298 int anyyet, 8299 short *reventsp, 8300 struct pollhead **phpp) 8301 { 8302 int events = (ushort_t)events_arg; 8303 int retevents = 0; 8304 mblk_t *mp; 8305 qband_t *qbp; 8306 long sd_flags = stp->sd_flag; 8307 int headlocked = 0; 8308 8309 /* 8310 * For performance, a single 'if' tests for most possible edge 8311 * conditions in one shot 8312 */ 8313 if (sd_flags & (STPLEX | STRDERR | STWRERR)) { 8314 if (sd_flags & STPLEX) { 8315 *reventsp = POLLNVAL; 8316 return (EINVAL); 8317 } 8318 if (((events & (POLLIN | POLLRDNORM | POLLRDBAND | POLLPRI)) && 8319 (sd_flags & STRDERR)) || 8320 ((events & (POLLOUT | POLLWRNORM | POLLWRBAND)) && 8321 (sd_flags & STWRERR))) { 8322 if (!(events & POLLNOERR)) { 8323 *reventsp = POLLERR; 8324 return (0); 8325 } 8326 } 8327 } 8328 if (sd_flags & STRHUP) { 8329 retevents |= POLLHUP; 8330 } else if (events & (POLLWRNORM | POLLWRBAND)) { 8331 queue_t *tq; 8332 queue_t *qp = stp->sd_wrq; 8333 8334 claimstr(qp); 8335 /* Find next module forward that has a service procedure */ 8336 tq = qp->q_next->q_nfsrv; 8337 ASSERT(tq != NULL); 8338 8339 polllock(&stp->sd_pollist, QLOCK(tq)); 8340 if (events & POLLWRNORM) { 8341 queue_t *sqp; 8342 8343 if (tq->q_flag & QFULL) 8344 /* ensure backq svc procedure runs */ 8345 tq->q_flag |= QWANTW; 8346 else if ((sqp = stp->sd_struiowrq) != NULL) { 8347 /* Check sync stream barrier write q */ 8348 mutex_exit(QLOCK(tq)); 8349 polllock(&stp->sd_pollist, QLOCK(sqp)); 8350 if (sqp->q_flag & QFULL) 8351 /* ensure pollwakeup() is done */ 8352 sqp->q_flag |= QWANTWSYNC; 8353 else 8354 retevents |= POLLOUT; 8355 /* More write events to process ??? */ 8356 if (! (events & POLLWRBAND)) { 8357 mutex_exit(QLOCK(sqp)); 8358 releasestr(qp); 8359 goto chkrd; 8360 } 8361 mutex_exit(QLOCK(sqp)); 8362 polllock(&stp->sd_pollist, QLOCK(tq)); 8363 } else 8364 retevents |= POLLOUT; 8365 } 8366 if (events & POLLWRBAND) { 8367 qbp = tq->q_bandp; 8368 if (qbp) { 8369 while (qbp) { 8370 if (qbp->qb_flag & QB_FULL) 8371 qbp->qb_flag |= QB_WANTW; 8372 else 8373 retevents |= POLLWRBAND; 8374 qbp = qbp->qb_next; 8375 } 8376 } else { 8377 retevents |= POLLWRBAND; 8378 } 8379 } 8380 mutex_exit(QLOCK(tq)); 8381 releasestr(qp); 8382 } 8383 chkrd: 8384 if (sd_flags & STRPRI) { 8385 retevents |= (events & POLLPRI); 8386 } else if (events & (POLLRDNORM | POLLRDBAND | POLLIN)) { 8387 queue_t *qp = _RD(stp->sd_wrq); 8388 int normevents = (events & (POLLIN | POLLRDNORM)); 8389 8390 /* 8391 * Note: Need to do polllock() here since ps_lock may be 8392 * held. See bug 4191544. 8393 */ 8394 polllock(&stp->sd_pollist, &stp->sd_lock); 8395 headlocked = 1; 8396 mp = qp->q_first; 8397 while (mp) { 8398 /* 8399 * For POLLRDDATA we scan b_cont and b_next until we 8400 * find an M_DATA. 8401 */ 8402 if ((events & POLLRDDATA) && 8403 mp->b_datap->db_type != M_DATA) { 8404 mblk_t *nmp = mp->b_cont; 8405 8406 while (nmp != NULL && 8407 nmp->b_datap->db_type != M_DATA) 8408 nmp = nmp->b_cont; 8409 if (nmp == NULL) { 8410 mp = mp->b_next; 8411 continue; 8412 } 8413 } 8414 if (mp->b_band == 0) 8415 retevents |= normevents; 8416 else 8417 retevents |= (events & (POLLIN | POLLRDBAND)); 8418 break; 8419 } 8420 if (! (retevents & normevents) && 8421 (stp->sd_wakeq & RSLEEP)) { 8422 /* 8423 * Sync stream barrier read queue has data. 8424 */ 8425 retevents |= normevents; 8426 } 8427 /* Treat eof as normal data */ 8428 if (sd_flags & STREOF) 8429 retevents |= normevents; 8430 } 8431 8432 *reventsp = (short)retevents; 8433 if (retevents) { 8434 if (headlocked) 8435 mutex_exit(&stp->sd_lock); 8436 return (0); 8437 } 8438 8439 /* 8440 * If poll() has not found any events yet, set up event cell 8441 * to wake up the poll if a requested event occurs on this 8442 * stream. Check for collisions with outstanding poll requests. 8443 */ 8444 if (!anyyet) { 8445 *phpp = &stp->sd_pollist; 8446 if (headlocked == 0) { 8447 polllock(&stp->sd_pollist, &stp->sd_lock); 8448 headlocked = 1; 8449 } 8450 stp->sd_rput_opt |= SR_POLLIN; 8451 } 8452 if (headlocked) 8453 mutex_exit(&stp->sd_lock); 8454 return (0); 8455 } 8456 8457 /* 8458 * The purpose of putback() is to assure sleeping polls/reads 8459 * are awakened when there are no new messages arriving at the, 8460 * stream head, and a message is placed back on the read queue. 8461 * 8462 * sd_lock must be held when messages are placed back on stream 8463 * head. (getq() holds sd_lock when it removes messages from 8464 * the queue) 8465 */ 8466 8467 static void 8468 putback(struct stdata *stp, queue_t *q, mblk_t *bp, int band) 8469 { 8470 mblk_t *qfirst = q->q_first; 8471 ASSERT(MUTEX_HELD(&stp->sd_lock)); 8472 8473 if ((stp->sd_rput_opt & SR_CONSOL_DATA) && 8474 (qfirst != NULL) && 8475 (qfirst->b_datap->db_type == M_DATA) && 8476 ((qfirst->b_flag & (MSGMARK|MSGDELIM)) == 0)) { 8477 /* 8478 * We use the same logic as defined in strrput() 8479 * but in reverse as we are putting back onto the 8480 * queue and want to retain byte ordering. 8481 * Consolidate an M_DATA message onto an M_DATA, 8482 * M_PROTO, or M_PCPROTO by merging it with q_first. 8483 * The consolidation does not take place if the message 8484 * we are returning to the queue is marked with either 8485 * of the marks or the delim flag or if q_first 8486 * is marked with MSGMARK. The MSGMARK check is needed to 8487 * handle the odd semantics of MSGMARK where essentially 8488 * the whole message is to be treated as marked. 8489 * Carry any MSGMARKNEXT and MSGNOTMARKNEXT from q_first 8490 * to the front of the b_cont chain. 8491 */ 8492 unsigned char db_type = bp->b_datap->db_type; 8493 8494 if ((db_type == M_DATA || db_type == M_PROTO || 8495 db_type == M_PCPROTO) && 8496 !(bp->b_flag & (MSGMARK|MSGDELIM|MSGMARKNEXT))) { 8497 rmvq_noenab(q, qfirst); 8498 /* 8499 * The first message in the b_cont list 8500 * tracks MSGMARKNEXT and MSGNOTMARKNEXT. 8501 * We need to handle the case where we 8502 * are appending: 8503 * 8504 * 1) a MSGMARKNEXT to a MSGNOTMARKNEXT. 8505 * 2) a MSGMARKNEXT to a plain message. 8506 * 3) a MSGNOTMARKNEXT to a plain message 8507 * 4) a MSGNOTMARKNEXT to a MSGNOTMARKNEXT 8508 * message. 8509 * 8510 * Thus we never append a MSGMARKNEXT or 8511 * MSGNOTMARKNEXT to a MSGMARKNEXT message. 8512 */ 8513 if (qfirst->b_flag & MSGMARKNEXT) { 8514 bp->b_flag |= MSGMARKNEXT; 8515 bp->b_flag &= ~MSGNOTMARKNEXT; 8516 qfirst->b_flag &= ~MSGMARKNEXT; 8517 } else if (qfirst->b_flag & MSGNOTMARKNEXT) { 8518 bp->b_flag |= MSGNOTMARKNEXT; 8519 qfirst->b_flag &= ~MSGNOTMARKNEXT; 8520 } 8521 8522 linkb(bp, qfirst); 8523 } 8524 } 8525 (void) putbq(q, bp); 8526 8527 /* 8528 * A message may have come in when the sd_lock was dropped in the 8529 * calling routine. If this is the case and STR*ATMARK info was 8530 * received, need to move that from the stream head to the q_last 8531 * so that SIOCATMARK can return the proper value. 8532 */ 8533 if (stp->sd_flag & (STRATMARK | STRNOTATMARK)) { 8534 unsigned short *flagp = &q->q_last->b_flag; 8535 uint_t b_flag = (uint_t)*flagp; 8536 8537 if (stp->sd_flag & STRATMARK) { 8538 b_flag &= ~MSGNOTMARKNEXT; 8539 b_flag |= MSGMARKNEXT; 8540 stp->sd_flag &= ~STRATMARK; 8541 } else { 8542 b_flag &= ~MSGMARKNEXT; 8543 b_flag |= MSGNOTMARKNEXT; 8544 stp->sd_flag &= ~STRNOTATMARK; 8545 } 8546 *flagp = (unsigned short) b_flag; 8547 } 8548 8549 #ifdef DEBUG 8550 /* 8551 * Make sure that the flags are not messed up. 8552 */ 8553 { 8554 mblk_t *mp; 8555 mp = q->q_last; 8556 while (mp != NULL) { 8557 ASSERT((mp->b_flag & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 8558 (MSGMARKNEXT|MSGNOTMARKNEXT)); 8559 mp = mp->b_cont; 8560 } 8561 } 8562 #endif 8563 if (q->q_first == bp) { 8564 short pollevents; 8565 8566 if (stp->sd_flag & RSLEEP) { 8567 stp->sd_flag &= ~RSLEEP; 8568 cv_broadcast(&q->q_wait); 8569 } 8570 if (stp->sd_flag & STRPRI) { 8571 pollevents = POLLPRI; 8572 } else { 8573 if (band == 0) { 8574 if (!(stp->sd_rput_opt & SR_POLLIN)) 8575 return; 8576 stp->sd_rput_opt &= ~SR_POLLIN; 8577 pollevents = POLLIN | POLLRDNORM; 8578 } else { 8579 pollevents = POLLIN | POLLRDBAND; 8580 } 8581 } 8582 mutex_exit(&stp->sd_lock); 8583 pollwakeup(&stp->sd_pollist, pollevents); 8584 mutex_enter(&stp->sd_lock); 8585 } 8586 } 8587 8588 /* 8589 * Return the held vnode attached to the stream head of a 8590 * given queue 8591 * It is the responsibility of the calling routine to ensure 8592 * that the queue does not go away (e.g. pop). 8593 */ 8594 vnode_t * 8595 strq2vp(queue_t *qp) 8596 { 8597 vnode_t *vp; 8598 vp = STREAM(qp)->sd_vnode; 8599 ASSERT(vp != NULL); 8600 VN_HOLD(vp); 8601 return (vp); 8602 } 8603 8604 /* 8605 * return the stream head write queue for the given vp 8606 * It is the responsibility of the calling routine to ensure 8607 * that the stream or vnode do not close. 8608 */ 8609 queue_t * 8610 strvp2wq(vnode_t *vp) 8611 { 8612 ASSERT(vp->v_stream != NULL); 8613 return (vp->v_stream->sd_wrq); 8614 } 8615 8616 /* 8617 * pollwakeup stream head 8618 * It is the responsibility of the calling routine to ensure 8619 * that the stream or vnode do not close. 8620 */ 8621 void 8622 strpollwakeup(vnode_t *vp, short event) 8623 { 8624 ASSERT(vp->v_stream); 8625 pollwakeup(&vp->v_stream->sd_pollist, event); 8626 } 8627 8628 /* 8629 * Mate the stream heads of two vnodes together. If the two vnodes are the 8630 * same, we just make the write-side point at the read-side -- otherwise, 8631 * we do a full mate. Only works on vnodes associated with streams that are 8632 * still being built and thus have only a stream head. 8633 */ 8634 void 8635 strmate(vnode_t *vp1, vnode_t *vp2) 8636 { 8637 queue_t *wrq1 = strvp2wq(vp1); 8638 queue_t *wrq2 = strvp2wq(vp2); 8639 8640 /* 8641 * Verify that there are no modules on the stream yet. We also 8642 * rely on the stream head always having a service procedure to 8643 * avoid tweaking q_nfsrv. 8644 */ 8645 ASSERT(wrq1->q_next == NULL && wrq2->q_next == NULL); 8646 ASSERT(wrq1->q_qinfo->qi_srvp != NULL); 8647 ASSERT(wrq2->q_qinfo->qi_srvp != NULL); 8648 8649 /* 8650 * If the queues are the same, just twist; otherwise do a full mate. 8651 */ 8652 if (wrq1 == wrq2) { 8653 wrq1->q_next = _RD(wrq1); 8654 } else { 8655 wrq1->q_next = _RD(wrq2); 8656 wrq2->q_next = _RD(wrq1); 8657 STREAM(wrq1)->sd_mate = STREAM(wrq2); 8658 STREAM(wrq1)->sd_flag |= STRMATE; 8659 STREAM(wrq2)->sd_mate = STREAM(wrq1); 8660 STREAM(wrq2)->sd_flag |= STRMATE; 8661 } 8662 } 8663 8664 /* 8665 * XXX will go away when console is correctly fixed. 8666 * Clean up the console PIDS, from previous I_SETSIG, 8667 * called only for cnopen which never calls strclean(). 8668 */ 8669 void 8670 str_cn_clean(struct vnode *vp) 8671 { 8672 strsig_t *ssp, *pssp, *tssp; 8673 struct stdata *stp; 8674 struct pid *pidp; 8675 int update = 0; 8676 8677 ASSERT(vp->v_stream); 8678 stp = vp->v_stream; 8679 pssp = NULL; 8680 mutex_enter(&stp->sd_lock); 8681 ssp = stp->sd_siglist; 8682 while (ssp) { 8683 mutex_enter(&pidlock); 8684 pidp = ssp->ss_pidp; 8685 /* 8686 * Get rid of PID if the proc is gone. 8687 */ 8688 if (pidp->pid_prinactive) { 8689 tssp = ssp->ss_next; 8690 if (pssp) 8691 pssp->ss_next = tssp; 8692 else 8693 stp->sd_siglist = tssp; 8694 ASSERT(pidp->pid_ref <= 1); 8695 PID_RELE(ssp->ss_pidp); 8696 mutex_exit(&pidlock); 8697 kmem_free(ssp, sizeof (strsig_t)); 8698 update = 1; 8699 ssp = tssp; 8700 continue; 8701 } else 8702 mutex_exit(&pidlock); 8703 pssp = ssp; 8704 ssp = ssp->ss_next; 8705 } 8706 if (update) { 8707 stp->sd_sigflags = 0; 8708 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 8709 stp->sd_sigflags |= ssp->ss_events; 8710 } 8711 mutex_exit(&stp->sd_lock); 8712 } 8713 8714 /* 8715 * Return B_TRUE if there is data in the message, B_FALSE otherwise. 8716 */ 8717 static boolean_t 8718 msghasdata(mblk_t *bp) 8719 { 8720 for (; bp; bp = bp->b_cont) 8721 if (bp->b_datap->db_type == M_DATA) { 8722 ASSERT(bp->b_wptr >= bp->b_rptr); 8723 if (bp->b_wptr > bp->b_rptr) 8724 return (B_TRUE); 8725 } 8726 return (B_FALSE); 8727 } 8728 8729 /* 8730 * Called on the first strget() of a sodirect/uioa enabled streamhead, 8731 * if any mblk_t(s) enqueued they must first be uioamove()d before uioa 8732 * can be enabled for the underlying transport's use. 8733 */ 8734 void 8735 struioainit(queue_t *q, sodirect_t *sodp, uio_t *uiop) 8736 { 8737 uioa_t *uioap = (uioa_t *)uiop; 8738 mblk_t *bp = q->q_first; 8739 mblk_t *lbp = NULL; 8740 mblk_t *nbp, *wbp; 8741 int len; 8742 int error; 8743 8744 ASSERT(MUTEX_HELD(sodp->sod_lock)); 8745 ASSERT(&sodp->sod_uioa == uioap); 8746 8747 /* 8748 * Walk the b_next/b_prev doubly linked list of b_cont chain(s) 8749 * and schedule any M_DATA mblk_t's for uio asynchronous move. 8750 */ 8751 do { 8752 /* Next mblk_t chain */ 8753 nbp = bp->b_next; 8754 /* Walk the chain */ 8755 wbp = bp; 8756 do { 8757 if (wbp->b_datap->db_type != M_DATA) { 8758 /* Not M_DATA, no more uioa */ 8759 goto nouioa; 8760 } 8761 if ((len = wbp->b_wptr - wbp->b_rptr) > 0) { 8762 /* Have a M_DATA mblk_t with data */ 8763 if (len > uioap->uio_resid) { 8764 /* Not enough uio sapce */ 8765 goto nouioa; 8766 } 8767 error = uioamove(wbp->b_rptr, len, 8768 UIO_READ, uioap); 8769 if (!error) { 8770 /* Scheduled, mark dblk_t as such */ 8771 wbp->b_datap->db_flags |= DBLK_UIOA; 8772 } else { 8773 /* Error of some sort, no more uioa */ 8774 uioap->uioa_state &= UIOA_CLR; 8775 uioap->uioa_state |= UIOA_FINI; 8776 return; 8777 } 8778 } 8779 /* Save last wbp processed */ 8780 lbp = wbp; 8781 } while ((wbp = wbp->b_cont) != NULL); 8782 } while ((bp = nbp) != NULL); 8783 8784 return; 8785 8786 nouioa: 8787 /* No more uioa */ 8788 uioap->uioa_state &= UIOA_CLR; 8789 uioap->uioa_state |= UIOA_FINI; 8790 8791 /* 8792 * If we processed 1 or more mblk_t(s) then we need to split the 8793 * current mblk_t chain in 2 so that all the uioamove()ed mblk_t(s) 8794 * are in the current chain and the rest are in the following new 8795 * chain. 8796 */ 8797 if (lbp != NULL) { 8798 /* New end of current chain */ 8799 lbp->b_cont = NULL; 8800 8801 /* Insert new chain wbp after bp */ 8802 if ((wbp->b_next = nbp) != NULL) 8803 nbp->b_prev = wbp; 8804 else 8805 q->q_last = wbp; 8806 wbp->b_prev = bp; 8807 bp->b_next = wbp; 8808 } 8809 } 8810