1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 22 /* All Rights Reserved */ 23 24 25 /* 26 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 27 * Use is subject to license terms. 28 */ 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #include <sys/types.h> 33 #include <sys/sysmacros.h> 34 #include <sys/param.h> 35 #include <sys/errno.h> 36 #include <sys/signal.h> 37 #include <sys/stat.h> 38 #include <sys/proc.h> 39 #include <sys/cred.h> 40 #include <sys/user.h> 41 #include <sys/vnode.h> 42 #include <sys/file.h> 43 #include <sys/stream.h> 44 #include <sys/strsubr.h> 45 #include <sys/stropts.h> 46 #include <sys/tihdr.h> 47 #include <sys/var.h> 48 #include <sys/poll.h> 49 #include <sys/termio.h> 50 #include <sys/ttold.h> 51 #include <sys/systm.h> 52 #include <sys/uio.h> 53 #include <sys/cmn_err.h> 54 #include <sys/sad.h> 55 #include <sys/netstack.h> 56 #include <sys/priocntl.h> 57 #include <sys/jioctl.h> 58 #include <sys/procset.h> 59 #include <sys/session.h> 60 #include <sys/kmem.h> 61 #include <sys/filio.h> 62 #include <sys/vtrace.h> 63 #include <sys/debug.h> 64 #include <sys/strredir.h> 65 #include <sys/fs/fifonode.h> 66 #include <sys/fs/snode.h> 67 #include <sys/strlog.h> 68 #include <sys/strsun.h> 69 #include <sys/project.h> 70 #include <sys/kbio.h> 71 #include <sys/msio.h> 72 #include <sys/tty.h> 73 #include <sys/ptyvar.h> 74 #include <sys/vuid_event.h> 75 #include <sys/modctl.h> 76 #include <sys/sunddi.h> 77 #include <sys/sunldi_impl.h> 78 #include <sys/autoconf.h> 79 #include <sys/policy.h> 80 #include <sys/zone.h> 81 82 83 /* 84 * This define helps improve the readability of streams code while 85 * still maintaining a very old streams performance enhancement. The 86 * performance enhancement basically involved having all callers 87 * of straccess() perform the first check that straccess() will do 88 * locally before actually calling straccess(). (There by reducing 89 * the number of unnecessary calls to straccess().) 90 */ 91 #define i_straccess(x, y) ((stp->sd_sidp == NULL) ? 0 : \ 92 (stp->sd_vnode->v_type == VFIFO) ? 0 : \ 93 straccess((x), (y))) 94 95 /* 96 * what is mblk_pull_len? 97 * 98 * If a streams message consists of many short messages, 99 * a performance degradation occurs from copyout overhead. 100 * To decrease the per mblk overhead, messages that are 101 * likely to consist of many small mblks are pulled up into 102 * one continuous chunk of memory. 103 * 104 * To avoid the processing overhead of examining every 105 * mblk, a quick heuristic is used. If the first mblk in 106 * the message is shorter than mblk_pull_len, it is likely 107 * that the rest of the mblk will be short. 108 * 109 * This heuristic was decided upon after performance tests 110 * indicated that anything more complex slowed down the main 111 * code path. 112 */ 113 #define MBLK_PULL_LEN 64 114 uint32_t mblk_pull_len = MBLK_PULL_LEN; 115 116 /* 117 * The sgttyb_handling flag controls the handling of the old BSD 118 * TIOCGETP, TIOCSETP, and TIOCSETN ioctls as follows: 119 * 120 * 0 - Emit no warnings at all and retain old, broken behavior. 121 * 1 - Emit no warnings and silently handle new semantics. 122 * 2 - Send cmn_err(CE_NOTE) when either TIOCSETP or TIOCSETN is used 123 * (once per system invocation). Handle with new semantics. 124 * 3 - Send SIGSYS when any TIOCGETP, TIOCSETP, or TIOCSETN call is 125 * made (so that offenders drop core and are easy to debug). 126 * 127 * The "new semantics" are that TIOCGETP returns B38400 for 128 * sg_[io]speed if the corresponding value is over B38400, and that 129 * TIOCSET[PN] accept B38400 in these cases to mean "retain current 130 * bit rate." 131 */ 132 int sgttyb_handling = 1; 133 static boolean_t sgttyb_complaint; 134 135 /* don't push drcompat module by default on Style-2 streams */ 136 static int push_drcompat = 0; 137 138 /* 139 * id value used to distinguish between different ioctl messages 140 */ 141 static uint32_t ioc_id; 142 143 static void putback(struct stdata *, queue_t *, mblk_t *, int); 144 static void strcleanall(struct vnode *); 145 static int strwsrv(queue_t *); 146 147 /* 148 * qinit and module_info structures for stream head read and write queues 149 */ 150 struct module_info strm_info = { 0, "strrhead", 0, INFPSZ, STRHIGH, STRLOW }; 151 struct module_info stwm_info = { 0, "strwhead", 0, 0, 0, 0 }; 152 struct qinit strdata = { strrput, NULL, NULL, NULL, NULL, &strm_info }; 153 struct qinit stwdata = { NULL, strwsrv, NULL, NULL, NULL, &stwm_info }; 154 struct module_info fiform_info = { 0, "fifostrrhead", 0, PIPE_BUF, FIFOHIWAT, 155 FIFOLOWAT }; 156 struct module_info fifowm_info = { 0, "fifostrwhead", 0, 0, 0, 0 }; 157 struct qinit fifo_strdata = { strrput, NULL, NULL, NULL, NULL, &fiform_info }; 158 struct qinit fifo_stwdata = { NULL, strwsrv, NULL, NULL, NULL, &fifowm_info }; 159 160 extern kmutex_t strresources; /* protects global resources */ 161 extern kmutex_t muxifier; /* single-threads multiplexor creation */ 162 163 static boolean_t msghasdata(mblk_t *bp); 164 #define msgnodata(bp) (!msghasdata(bp)) 165 166 /* 167 * Stream head locking notes: 168 * There are four monitors associated with the stream head: 169 * 1. v_stream monitor: in stropen() and strclose() v_lock 170 * is held while the association of vnode and stream 171 * head is established or tested for. 172 * 2. open/close/push/pop monitor: sd_lock is held while each 173 * thread bids for exclusive access to this monitor 174 * for opening or closing a stream. In addition, this 175 * monitor is entered during pushes and pops. This 176 * guarantees that during plumbing operations there 177 * is only one thread trying to change the plumbing. 178 * Any other threads present in the stream are only 179 * using the plumbing. 180 * 3. read/write monitor: in the case of read, a thread holds 181 * sd_lock while trying to get data from the stream 182 * head queue. if there is none to fulfill a read 183 * request, it sets RSLEEP and calls cv_wait_sig() down 184 * in strwaitq() to await the arrival of new data. 185 * when new data arrives in strrput(), sd_lock is acquired 186 * before testing for RSLEEP and calling cv_broadcast(). 187 * the behavior of strwrite(), strwsrv(), and WSLEEP 188 * mirror this. 189 * 4. ioctl monitor: sd_lock is gotten to ensure that only one 190 * thread is doing an ioctl at a time. 191 */ 192 193 static int 194 push_mod(queue_t *qp, dev_t *devp, struct stdata *stp, const char *name, 195 int anchor, cred_t *crp, uint_t anchor_zoneid) 196 { 197 int error; 198 fmodsw_impl_t *fp; 199 200 if (stp->sd_flag & (STRHUP|STRDERR|STWRERR)) { 201 error = (stp->sd_flag & STRHUP) ? ENXIO : EIO; 202 return (error); 203 } 204 if (stp->sd_pushcnt >= nstrpush) { 205 return (EINVAL); 206 } 207 208 if ((fp = fmodsw_find(name, FMODSW_HOLD | FMODSW_LOAD)) == NULL) { 209 stp->sd_flag |= STREOPENFAIL; 210 return (EINVAL); 211 } 212 213 /* 214 * push new module and call its open routine via qattach 215 */ 216 if ((error = qattach(qp, devp, 0, crp, fp, B_FALSE)) != 0) 217 return (error); 218 219 /* 220 * Check to see if caller wants a STREAMS anchor 221 * put at this place in the stream, and add if so. 222 */ 223 mutex_enter(&stp->sd_lock); 224 if (anchor == stp->sd_pushcnt) { 225 stp->sd_anchor = stp->sd_pushcnt; 226 stp->sd_anchorzone = anchor_zoneid; 227 } 228 mutex_exit(&stp->sd_lock); 229 230 return (0); 231 } 232 233 /* 234 * Open a stream device. 235 */ 236 int 237 stropen(vnode_t *vp, dev_t *devp, int flag, cred_t *crp) 238 { 239 struct stdata *stp; 240 queue_t *qp; 241 int s; 242 dev_t dummydev; 243 struct autopush *ap; 244 int error = 0; 245 ssize_t rmin, rmax; 246 int cloneopen; 247 queue_t *brq; 248 major_t major; 249 str_stack_t *ss; 250 zoneid_t zoneid; 251 uint_t anchor; 252 253 #ifdef C2_AUDIT 254 if (audit_active) 255 audit_stropen(vp, devp, flag, crp); 256 #endif 257 258 /* 259 * If the stream already exists, wait for any open in progress 260 * to complete, then call the open function of each module and 261 * driver in the stream. Otherwise create the stream. 262 */ 263 TRACE_1(TR_FAC_STREAMS_FR, TR_STROPEN, "stropen:%p", vp); 264 retry: 265 mutex_enter(&vp->v_lock); 266 if ((stp = vp->v_stream) != NULL) { 267 268 /* 269 * Waiting for stream to be created to device 270 * due to another open. 271 */ 272 mutex_exit(&vp->v_lock); 273 274 if (STRMATED(stp)) { 275 struct stdata *strmatep = stp->sd_mate; 276 277 STRLOCKMATES(stp); 278 if (strmatep->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 279 if (flag & (FNDELAY|FNONBLOCK)) { 280 error = EAGAIN; 281 mutex_exit(&strmatep->sd_lock); 282 goto ckreturn; 283 } 284 mutex_exit(&stp->sd_lock); 285 if (!cv_wait_sig(&strmatep->sd_monitor, 286 &strmatep->sd_lock)) { 287 error = EINTR; 288 mutex_exit(&strmatep->sd_lock); 289 mutex_enter(&stp->sd_lock); 290 goto ckreturn; 291 } 292 mutex_exit(&strmatep->sd_lock); 293 goto retry; 294 } 295 if (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 296 if (flag & (FNDELAY|FNONBLOCK)) { 297 error = EAGAIN; 298 mutex_exit(&strmatep->sd_lock); 299 goto ckreturn; 300 } 301 mutex_exit(&strmatep->sd_lock); 302 if (!cv_wait_sig(&stp->sd_monitor, &stp->sd_lock)) { 303 error = EINTR; 304 goto ckreturn; 305 } 306 mutex_exit(&stp->sd_lock); 307 goto retry; 308 } 309 310 if (stp->sd_flag & (STRDERR|STWRERR)) { 311 error = EIO; 312 mutex_exit(&strmatep->sd_lock); 313 goto ckreturn; 314 } 315 316 stp->sd_flag |= STWOPEN; 317 STRUNLOCKMATES(stp); 318 } else { 319 mutex_enter(&stp->sd_lock); 320 if (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 321 if (flag & (FNDELAY|FNONBLOCK)) { 322 error = EAGAIN; 323 goto ckreturn; 324 } 325 if (!cv_wait_sig(&stp->sd_monitor, &stp->sd_lock)) { 326 error = EINTR; 327 goto ckreturn; 328 } 329 mutex_exit(&stp->sd_lock); 330 goto retry; /* could be clone! */ 331 } 332 333 if (stp->sd_flag & (STRDERR|STWRERR)) { 334 error = EIO; 335 goto ckreturn; 336 } 337 338 stp->sd_flag |= STWOPEN; 339 mutex_exit(&stp->sd_lock); 340 } 341 342 /* 343 * Open all modules and devices down stream to notify 344 * that another user is streaming. For modules, set the 345 * last argument to MODOPEN and do not pass any open flags. 346 * Ignore dummydev since this is not the first open. 347 */ 348 claimstr(stp->sd_wrq); 349 qp = stp->sd_wrq; 350 while (_SAMESTR(qp)) { 351 qp = qp->q_next; 352 if ((error = qreopen(_RD(qp), devp, flag, crp)) != 0) 353 break; 354 } 355 releasestr(stp->sd_wrq); 356 mutex_enter(&stp->sd_lock); 357 stp->sd_flag &= ~(STRHUP|STWOPEN|STRDERR|STWRERR); 358 stp->sd_rerror = 0; 359 stp->sd_werror = 0; 360 ckreturn: 361 cv_broadcast(&stp->sd_monitor); 362 mutex_exit(&stp->sd_lock); 363 return (error); 364 } 365 366 /* 367 * This vnode isn't streaming. SPECFS already 368 * checked for multiple vnodes pointing to the 369 * same stream, so create a stream to the driver. 370 */ 371 qp = allocq(); 372 stp = shalloc(qp); 373 374 /* 375 * Initialize stream head. shalloc() has given us 376 * exclusive access, and we have the vnode locked; 377 * we can do whatever we want with stp. 378 */ 379 stp->sd_flag = STWOPEN; 380 stp->sd_siglist = NULL; 381 stp->sd_pollist.ph_list = NULL; 382 stp->sd_sigflags = 0; 383 stp->sd_mark = NULL; 384 stp->sd_closetime = STRTIMOUT; 385 stp->sd_sidp = NULL; 386 stp->sd_pgidp = NULL; 387 stp->sd_vnode = vp; 388 stp->sd_rerror = 0; 389 stp->sd_werror = 0; 390 stp->sd_wroff = 0; 391 stp->sd_tail = 0; 392 stp->sd_iocblk = NULL; 393 stp->sd_pushcnt = 0; 394 stp->sd_qn_minpsz = 0; 395 stp->sd_qn_maxpsz = INFPSZ - 1; /* used to check for initialization */ 396 stp->sd_maxblk = INFPSZ; 397 qp->q_ptr = _WR(qp)->q_ptr = stp; 398 STREAM(qp) = STREAM(_WR(qp)) = stp; 399 vp->v_stream = stp; 400 mutex_exit(&vp->v_lock); 401 if (vp->v_type == VFIFO) { 402 stp->sd_flag |= OLDNDELAY; 403 /* 404 * This means, both for pipes and fifos 405 * strwrite will send SIGPIPE if the other 406 * end is closed. For putmsg it depends 407 * on whether it is a XPG4_2 application 408 * or not 409 */ 410 stp->sd_wput_opt = SW_SIGPIPE; 411 412 /* setq might sleep in kmem_alloc - avoid holding locks. */ 413 setq(qp, &fifo_strdata, &fifo_stwdata, NULL, QMTSAFE, 414 SQ_CI|SQ_CO, B_FALSE); 415 416 set_qend(qp); 417 stp->sd_strtab = fifo_getinfo(); 418 _WR(qp)->q_nfsrv = _WR(qp); 419 qp->q_nfsrv = qp; 420 /* 421 * Wake up others that are waiting for stream to be created. 422 */ 423 mutex_enter(&stp->sd_lock); 424 /* 425 * nothing is be pushed on stream yet, so 426 * optimized stream head packetsizes are just that 427 * of the read queue 428 */ 429 stp->sd_qn_minpsz = qp->q_minpsz; 430 stp->sd_qn_maxpsz = qp->q_maxpsz; 431 stp->sd_flag &= ~STWOPEN; 432 goto fifo_opendone; 433 } 434 /* setq might sleep in kmem_alloc - avoid holding locks. */ 435 setq(qp, &strdata, &stwdata, NULL, QMTSAFE, SQ_CI|SQ_CO, B_FALSE); 436 437 set_qend(qp); 438 439 /* 440 * Open driver and create stream to it (via qattach). 441 */ 442 cloneopen = (getmajor(*devp) == clone_major); 443 if ((error = qattach(qp, devp, flag, crp, NULL, B_FALSE)) != 0) { 444 mutex_enter(&vp->v_lock); 445 vp->v_stream = NULL; 446 mutex_exit(&vp->v_lock); 447 mutex_enter(&stp->sd_lock); 448 cv_broadcast(&stp->sd_monitor); 449 mutex_exit(&stp->sd_lock); 450 freeq(_RD(qp)); 451 shfree(stp); 452 return (error); 453 } 454 /* 455 * Set sd_strtab after open in order to handle clonable drivers 456 */ 457 stp->sd_strtab = STREAMSTAB(getmajor(*devp)); 458 459 /* 460 * Historical note: dummydev used to be be prior to the initial 461 * open (via qattach above), which made the value seen 462 * inconsistent between an I_PUSH and an autopush of a module. 463 */ 464 dummydev = *devp; 465 466 /* 467 * For clone open of old style (Q not associated) network driver, 468 * push DRMODNAME module to handle DL_ATTACH/DL_DETACH 469 */ 470 brq = _RD(_WR(qp)->q_next); 471 major = getmajor(*devp); 472 if (push_drcompat && cloneopen && NETWORK_DRV(major) && 473 ((brq->q_flag & _QASSOCIATED) == 0)) { 474 if (push_mod(qp, &dummydev, stp, DRMODNAME, 0, crp, 0) != 0) 475 cmn_err(CE_WARN, "cannot push " DRMODNAME 476 " streams module"); 477 } 478 479 /* 480 * Check for autopush. Start with the global zone. If not found 481 * check in the local zone. 482 */ 483 zoneid = GLOBAL_ZONEID; 484 retryap: 485 ss = netstack_find_by_stackid(zoneid_to_netstackid(zoneid))-> 486 netstack_str; 487 if ((ap = sad_ap_find_by_dev(*devp, ss)) == NULL) { 488 netstack_rele(ss->ss_netstack); 489 if (zoneid == GLOBAL_ZONEID) { 490 /* 491 * None found. Also look in the zone's autopush table. 492 */ 493 zoneid = crgetzoneid(crp); 494 if (zoneid != GLOBAL_ZONEID) 495 goto retryap; 496 } 497 goto opendone; 498 } 499 anchor = ap->ap_anchor; 500 zoneid = crgetzoneid(crp); 501 for (s = 0; s < ap->ap_npush; s++) { 502 error = push_mod(qp, &dummydev, stp, ap->ap_list[s], 503 anchor, crp, zoneid); 504 if (error != 0) 505 break; 506 } 507 sad_ap_rele(ap, ss); 508 netstack_rele(ss->ss_netstack); 509 510 /* 511 * let specfs know that open failed part way through 512 */ 513 if (error) { 514 mutex_enter(&stp->sd_lock); 515 stp->sd_flag |= STREOPENFAIL; 516 mutex_exit(&stp->sd_lock); 517 } 518 519 opendone: 520 521 /* 522 * Wake up others that are waiting for stream to be created. 523 */ 524 mutex_enter(&stp->sd_lock); 525 stp->sd_flag &= ~STWOPEN; 526 527 /* 528 * As a performance concern we are caching the values of 529 * q_minpsz and q_maxpsz of the module below the stream 530 * head in the stream head. 531 */ 532 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 533 rmin = stp->sd_wrq->q_next->q_minpsz; 534 rmax = stp->sd_wrq->q_next->q_maxpsz; 535 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 536 537 /* do this processing here as a performance concern */ 538 if (strmsgsz != 0) { 539 if (rmax == INFPSZ) 540 rmax = strmsgsz; 541 else 542 rmax = MIN(strmsgsz, rmax); 543 } 544 545 mutex_enter(QLOCK(stp->sd_wrq)); 546 stp->sd_qn_minpsz = rmin; 547 stp->sd_qn_maxpsz = rmax; 548 mutex_exit(QLOCK(stp->sd_wrq)); 549 550 fifo_opendone: 551 cv_broadcast(&stp->sd_monitor); 552 mutex_exit(&stp->sd_lock); 553 return (error); 554 } 555 556 static int strsink(queue_t *, mblk_t *); 557 static struct qinit deadrend = { 558 strsink, NULL, NULL, NULL, NULL, &strm_info, NULL 559 }; 560 static struct qinit deadwend = { 561 NULL, NULL, NULL, NULL, NULL, &stwm_info, NULL 562 }; 563 564 /* 565 * Close a stream. 566 * This is called from closef() on the last close of an open stream. 567 * Strclean() will already have removed the siglist and pollist 568 * information, so all that remains is to remove all multiplexor links 569 * for the stream, pop all the modules (and the driver), and free the 570 * stream structure. 571 */ 572 573 int 574 strclose(struct vnode *vp, int flag, cred_t *crp) 575 { 576 struct stdata *stp; 577 queue_t *qp; 578 int rval; 579 int freestp = 1; 580 queue_t *rmq; 581 582 #ifdef C2_AUDIT 583 if (audit_active) 584 audit_strclose(vp, flag, crp); 585 #endif 586 587 TRACE_1(TR_FAC_STREAMS_FR, 588 TR_STRCLOSE, "strclose:%p", vp); 589 ASSERT(vp->v_stream); 590 591 stp = vp->v_stream; 592 ASSERT(!(stp->sd_flag & STPLEX)); 593 qp = stp->sd_wrq; 594 595 /* 596 * Needed so that strpoll will return non-zero for this fd. 597 * Note that with POLLNOERR STRHUP does still cause POLLHUP. 598 */ 599 mutex_enter(&stp->sd_lock); 600 stp->sd_flag |= STRHUP; 601 mutex_exit(&stp->sd_lock); 602 603 /* 604 * If the registered process or process group did not have an 605 * open instance of this stream then strclean would not be 606 * called. Thus at the time of closing all remaining siglist entries 607 * are removed. 608 */ 609 if (stp->sd_siglist != NULL) 610 strcleanall(vp); 611 612 ASSERT(stp->sd_siglist == NULL); 613 ASSERT(stp->sd_sigflags == 0); 614 615 if (STRMATED(stp)) { 616 struct stdata *strmatep = stp->sd_mate; 617 int waited = 1; 618 619 STRLOCKMATES(stp); 620 while (waited) { 621 waited = 0; 622 while (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 623 mutex_exit(&strmatep->sd_lock); 624 cv_wait(&stp->sd_monitor, &stp->sd_lock); 625 mutex_exit(&stp->sd_lock); 626 STRLOCKMATES(stp); 627 waited = 1; 628 } 629 while (strmatep->sd_flag & 630 (STWOPEN|STRCLOSE|STRPLUMB)) { 631 mutex_exit(&stp->sd_lock); 632 cv_wait(&strmatep->sd_monitor, 633 &strmatep->sd_lock); 634 mutex_exit(&strmatep->sd_lock); 635 STRLOCKMATES(stp); 636 waited = 1; 637 } 638 } 639 stp->sd_flag |= STRCLOSE; 640 STRUNLOCKMATES(stp); 641 } else { 642 mutex_enter(&stp->sd_lock); 643 stp->sd_flag |= STRCLOSE; 644 mutex_exit(&stp->sd_lock); 645 } 646 647 ASSERT(qp->q_first == NULL); /* No more delayed write */ 648 649 /* Check if an I_LINK was ever done on this stream */ 650 if (stp->sd_flag & STRHASLINKS) { 651 netstack_t *ns; 652 str_stack_t *ss; 653 654 ns = netstack_find_by_cred(crp); 655 ASSERT(ns != NULL); 656 ss = ns->netstack_str; 657 ASSERT(ss != NULL); 658 659 (void) munlinkall(stp, LINKCLOSE|LINKNORMAL, crp, &rval, ss); 660 netstack_rele(ss->ss_netstack); 661 } 662 663 while (_SAMESTR(qp)) { 664 /* 665 * Holding sd_lock prevents q_next from changing in 666 * this stream. 667 */ 668 mutex_enter(&stp->sd_lock); 669 if (!(flag & (FNDELAY|FNONBLOCK)) && (stp->sd_closetime > 0)) { 670 671 /* 672 * sleep until awakened by strwsrv() or timeout 673 */ 674 for (;;) { 675 mutex_enter(QLOCK(qp->q_next)); 676 if (!(qp->q_next->q_mblkcnt)) { 677 mutex_exit(QLOCK(qp->q_next)); 678 break; 679 } 680 stp->sd_flag |= WSLEEP; 681 682 /* ensure strwsrv gets enabled */ 683 qp->q_next->q_flag |= QWANTW; 684 mutex_exit(QLOCK(qp->q_next)); 685 /* get out if we timed out or recv'd a signal */ 686 if (str_cv_wait(&qp->q_wait, &stp->sd_lock, 687 stp->sd_closetime, 0) <= 0) { 688 break; 689 } 690 } 691 stp->sd_flag &= ~WSLEEP; 692 } 693 mutex_exit(&stp->sd_lock); 694 695 rmq = qp->q_next; 696 if (rmq->q_flag & QISDRV) { 697 ASSERT(!_SAMESTR(rmq)); 698 wait_sq_svc(_RD(qp)->q_syncq); 699 } 700 701 qdetach(_RD(rmq), 1, flag, crp, B_FALSE); 702 } 703 704 /* 705 * Since we call pollwakeup in close() now, the poll list should 706 * be empty in most cases. The only exception is the layered devices 707 * (e.g. the console drivers with redirection modules pushed on top 708 * of it). We have to do this after calling qdetach() because 709 * the redirection module won't have torn down the console 710 * redirection until after qdetach() has been invoked. 711 */ 712 if (stp->sd_pollist.ph_list != NULL) { 713 pollwakeup(&stp->sd_pollist, POLLERR); 714 pollhead_clean(&stp->sd_pollist); 715 } 716 ASSERT(stp->sd_pollist.ph_list == NULL); 717 ASSERT(stp->sd_sidp == NULL); 718 ASSERT(stp->sd_pgidp == NULL); 719 720 /* Prevent qenable from re-enabling the stream head queue */ 721 disable_svc(_RD(qp)); 722 723 /* 724 * Wait until service procedure of each queue is 725 * run, if QINSERVICE is set. 726 */ 727 wait_svc(_RD(qp)); 728 729 /* 730 * Now, flush both queues. 731 */ 732 flushq(_RD(qp), FLUSHALL); 733 flushq(qp, FLUSHALL); 734 735 /* 736 * If the write queue of the stream head is pointing to a 737 * read queue, we have a twisted stream. If the read queue 738 * is alive, convert the stream head queues into a dead end. 739 * If the read queue is dead, free the dead pair. 740 */ 741 if (qp->q_next && !_SAMESTR(qp)) { 742 if (qp->q_next->q_qinfo == &deadrend) { /* half-closed pipe */ 743 flushq(qp->q_next, FLUSHALL); /* ensure no message */ 744 shfree(qp->q_next->q_stream); 745 freeq(qp->q_next); 746 freeq(_RD(qp)); 747 } else if (qp->q_next == _RD(qp)) { /* fifo */ 748 freeq(_RD(qp)); 749 } else { /* pipe */ 750 freestp = 0; 751 /* 752 * The q_info pointers are never accessed when 753 * SQLOCK is held. 754 */ 755 ASSERT(qp->q_syncq == _RD(qp)->q_syncq); 756 mutex_enter(SQLOCK(qp->q_syncq)); 757 qp->q_qinfo = &deadwend; 758 _RD(qp)->q_qinfo = &deadrend; 759 mutex_exit(SQLOCK(qp->q_syncq)); 760 } 761 } else { 762 freeq(_RD(qp)); /* free stream head queue pair */ 763 } 764 765 mutex_enter(&vp->v_lock); 766 if (stp->sd_iocblk) { 767 if (stp->sd_iocblk != (mblk_t *)-1) { 768 freemsg(stp->sd_iocblk); 769 } 770 stp->sd_iocblk = NULL; 771 } 772 stp->sd_vnode = NULL; 773 vp->v_stream = NULL; 774 mutex_exit(&vp->v_lock); 775 mutex_enter(&stp->sd_lock); 776 stp->sd_flag &= ~STRCLOSE; 777 cv_broadcast(&stp->sd_monitor); 778 mutex_exit(&stp->sd_lock); 779 780 if (freestp) 781 shfree(stp); 782 return (0); 783 } 784 785 static int 786 strsink(queue_t *q, mblk_t *bp) 787 { 788 struct copyresp *resp; 789 790 switch (bp->b_datap->db_type) { 791 case M_FLUSH: 792 if ((*bp->b_rptr & FLUSHW) && !(bp->b_flag & MSGNOLOOP)) { 793 *bp->b_rptr &= ~FLUSHR; 794 bp->b_flag |= MSGNOLOOP; 795 /* 796 * Protect against the driver passing up 797 * messages after it has done a qprocsoff. 798 */ 799 if (_OTHERQ(q)->q_next == NULL) 800 freemsg(bp); 801 else 802 qreply(q, bp); 803 } else { 804 freemsg(bp); 805 } 806 break; 807 808 case M_COPYIN: 809 case M_COPYOUT: 810 if (bp->b_cont) { 811 freemsg(bp->b_cont); 812 bp->b_cont = NULL; 813 } 814 bp->b_datap->db_type = M_IOCDATA; 815 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 816 resp = (struct copyresp *)bp->b_rptr; 817 resp->cp_rval = (caddr_t)1; /* failure */ 818 /* 819 * Protect against the driver passing up 820 * messages after it has done a qprocsoff. 821 */ 822 if (_OTHERQ(q)->q_next == NULL) 823 freemsg(bp); 824 else 825 qreply(q, bp); 826 break; 827 828 case M_IOCTL: 829 if (bp->b_cont) { 830 freemsg(bp->b_cont); 831 bp->b_cont = NULL; 832 } 833 bp->b_datap->db_type = M_IOCNAK; 834 /* 835 * Protect against the driver passing up 836 * messages after it has done a qprocsoff. 837 */ 838 if (_OTHERQ(q)->q_next == NULL) 839 freemsg(bp); 840 else 841 qreply(q, bp); 842 break; 843 844 default: 845 freemsg(bp); 846 break; 847 } 848 849 return (0); 850 } 851 852 /* 853 * Clean up after a process when it closes a stream. This is called 854 * from closef for all closes, whereas strclose is called only for the 855 * last close on a stream. The siglist is scanned for entries for the 856 * current process, and these are removed. 857 */ 858 void 859 strclean(struct vnode *vp) 860 { 861 strsig_t *ssp, *pssp, *tssp; 862 stdata_t *stp; 863 int update = 0; 864 865 TRACE_1(TR_FAC_STREAMS_FR, 866 TR_STRCLEAN, "strclean:%p", vp); 867 stp = vp->v_stream; 868 pssp = NULL; 869 mutex_enter(&stp->sd_lock); 870 ssp = stp->sd_siglist; 871 while (ssp) { 872 if (ssp->ss_pidp == curproc->p_pidp) { 873 tssp = ssp->ss_next; 874 if (pssp) 875 pssp->ss_next = tssp; 876 else 877 stp->sd_siglist = tssp; 878 mutex_enter(&pidlock); 879 PID_RELE(ssp->ss_pidp); 880 mutex_exit(&pidlock); 881 kmem_free(ssp, sizeof (strsig_t)); 882 update = 1; 883 ssp = tssp; 884 } else { 885 pssp = ssp; 886 ssp = ssp->ss_next; 887 } 888 } 889 if (update) { 890 stp->sd_sigflags = 0; 891 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 892 stp->sd_sigflags |= ssp->ss_events; 893 } 894 mutex_exit(&stp->sd_lock); 895 } 896 897 /* 898 * Used on the last close to remove any remaining items on the siglist. 899 * These could be present on the siglist due to I_ESETSIG calls that 900 * use process groups or processed that do not have an open file descriptor 901 * for this stream (Such entries would not be removed by strclean). 902 */ 903 static void 904 strcleanall(struct vnode *vp) 905 { 906 strsig_t *ssp, *nssp; 907 stdata_t *stp; 908 909 stp = vp->v_stream; 910 mutex_enter(&stp->sd_lock); 911 ssp = stp->sd_siglist; 912 stp->sd_siglist = NULL; 913 while (ssp) { 914 nssp = ssp->ss_next; 915 mutex_enter(&pidlock); 916 PID_RELE(ssp->ss_pidp); 917 mutex_exit(&pidlock); 918 kmem_free(ssp, sizeof (strsig_t)); 919 ssp = nssp; 920 } 921 stp->sd_sigflags = 0; 922 mutex_exit(&stp->sd_lock); 923 } 924 925 /* 926 * Retrieve the next message from the logical stream head read queue 927 * using either rwnext (if sync stream) or getq_noenab. 928 * It is the callers responsibility to call qbackenable after 929 * it is finished with the message. The caller should not call 930 * qbackenable until after any putback calls to avoid spurious backenabling. 931 */ 932 mblk_t * 933 strget(struct stdata *stp, queue_t *q, struct uio *uiop, int first, 934 int *errorp) 935 { 936 mblk_t *bp; 937 int error; 938 939 ASSERT(MUTEX_HELD(&stp->sd_lock)); 940 /* Holding sd_lock prevents the read queue from changing */ 941 942 if (uiop != NULL && stp->sd_struiordq != NULL && 943 q->q_first == NULL && 944 (!first || (stp->sd_wakeq & RSLEEP))) { 945 /* 946 * Stream supports rwnext() for the read side. 947 * If this is the first time we're called by e.g. strread 948 * only do the downcall if there is a deferred wakeup 949 * (registered in sd_wakeq). 950 */ 951 struiod_t uiod; 952 953 if (first) 954 stp->sd_wakeq &= ~RSLEEP; 955 956 (void) uiodup(uiop, &uiod.d_uio, uiod.d_iov, 957 sizeof (uiod.d_iov) / sizeof (*uiod.d_iov)); 958 uiod.d_mp = 0; 959 /* 960 * Mark that a thread is in rwnext on the read side 961 * to prevent strrput from nacking ioctls immediately. 962 * When the last concurrent rwnext returns 963 * the ioctls are nack'ed. 964 */ 965 ASSERT(MUTEX_HELD(&stp->sd_lock)); 966 stp->sd_struiodnak++; 967 /* 968 * Note: rwnext will drop sd_lock. 969 */ 970 error = rwnext(q, &uiod); 971 ASSERT(MUTEX_NOT_HELD(&stp->sd_lock)); 972 mutex_enter(&stp->sd_lock); 973 stp->sd_struiodnak--; 974 while (stp->sd_struiodnak == 0 && 975 ((bp = stp->sd_struionak) != NULL)) { 976 stp->sd_struionak = bp->b_next; 977 bp->b_next = NULL; 978 bp->b_datap->db_type = M_IOCNAK; 979 /* 980 * Protect against the driver passing up 981 * messages after it has done a qprocsoff. 982 */ 983 if (_OTHERQ(q)->q_next == NULL) 984 freemsg(bp); 985 else { 986 mutex_exit(&stp->sd_lock); 987 qreply(q, bp); 988 mutex_enter(&stp->sd_lock); 989 } 990 } 991 ASSERT(MUTEX_HELD(&stp->sd_lock)); 992 if (error == 0 || error == EWOULDBLOCK) { 993 if ((bp = uiod.d_mp) != NULL) { 994 *errorp = 0; 995 ASSERT(MUTEX_HELD(&stp->sd_lock)); 996 return (bp); 997 } 998 error = 0; 999 } else if (error == EINVAL) { 1000 /* 1001 * The stream plumbing must have 1002 * changed while we were away, so 1003 * just turn off rwnext()s. 1004 */ 1005 error = 0; 1006 } else if (error == EBUSY) { 1007 /* 1008 * The module might have data in transit using putnext 1009 * Fall back on waiting + getq. 1010 */ 1011 error = 0; 1012 } else { 1013 *errorp = error; 1014 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1015 return (NULL); 1016 } 1017 /* 1018 * Try a getq in case a rwnext() generated mblk 1019 * has bubbled up via strrput(). 1020 */ 1021 } 1022 *errorp = 0; 1023 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1024 return (getq_noenab(q)); 1025 } 1026 1027 /* 1028 * Copy out the message pointed to by `bp' into the uio pointed to by `uiop'. 1029 * If the message does not fit in the uio the remainder of it is returned; 1030 * otherwise NULL is returned. Any embedded zero-length mblk_t's are 1031 * consumed, even if uio_resid reaches zero. On error, `*errorp' is set to 1032 * the error code, the message is consumed, and NULL is returned. 1033 */ 1034 static mblk_t * 1035 struiocopyout(mblk_t *bp, struct uio *uiop, int *errorp) 1036 { 1037 int error; 1038 ptrdiff_t n; 1039 mblk_t *nbp; 1040 1041 ASSERT(bp->b_wptr >= bp->b_rptr); 1042 1043 do { 1044 if ((n = MIN(uiop->uio_resid, MBLKL(bp))) != 0) { 1045 ASSERT(n > 0); 1046 1047 error = uiomove(bp->b_rptr, n, UIO_READ, uiop); 1048 if (error != 0) { 1049 freemsg(bp); 1050 *errorp = error; 1051 return (NULL); 1052 } 1053 } 1054 1055 bp->b_rptr += n; 1056 while (bp != NULL && (bp->b_rptr >= bp->b_wptr)) { 1057 nbp = bp; 1058 bp = bp->b_cont; 1059 freeb(nbp); 1060 } 1061 } while (bp != NULL && uiop->uio_resid > 0); 1062 1063 *errorp = 0; 1064 return (bp); 1065 } 1066 1067 /* 1068 * Read a stream according to the mode flags in sd_flag: 1069 * 1070 * (default mode) - Byte stream, msg boundaries are ignored 1071 * RD_MSGDIS (msg discard) - Read on msg boundaries and throw away 1072 * any data remaining in msg 1073 * RD_MSGNODIS (msg non-discard) - Read on msg boundaries and put back 1074 * any remaining data on head of read queue 1075 * 1076 * Consume readable messages on the front of the queue until 1077 * ttolwp(curthread)->lwp_count 1078 * is satisfied, the readable messages are exhausted, or a message 1079 * boundary is reached in a message mode. If no data was read and 1080 * the stream was not opened with the NDELAY flag, block until data arrives. 1081 * Otherwise return the data read and update the count. 1082 * 1083 * In default mode a 0 length message signifies end-of-file and terminates 1084 * a read in progress. The 0 length message is removed from the queue 1085 * only if it is the only message read (no data is read). 1086 * 1087 * An attempt to read an M_PROTO or M_PCPROTO message results in an 1088 * EBADMSG error return, unless either RD_PROTDAT or RD_PROTDIS are set. 1089 * If RD_PROTDAT is set, M_PROTO and M_PCPROTO messages are read as data. 1090 * If RD_PROTDIS is set, the M_PROTO and M_PCPROTO parts of the message 1091 * are unlinked from and M_DATA blocks in the message, the protos are 1092 * thrown away, and the data is read. 1093 */ 1094 /* ARGSUSED */ 1095 int 1096 strread(struct vnode *vp, struct uio *uiop, cred_t *crp) 1097 { 1098 struct stdata *stp; 1099 mblk_t *bp, *nbp; 1100 queue_t *q; 1101 int error = 0; 1102 uint_t old_sd_flag; 1103 int first; 1104 char rflg; 1105 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 1106 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 1107 short delim; 1108 unsigned char pri = 0; 1109 char waitflag; 1110 unsigned char type; 1111 1112 TRACE_1(TR_FAC_STREAMS_FR, 1113 TR_STRREAD_ENTER, "strread:%p", vp); 1114 ASSERT(vp->v_stream); 1115 stp = vp->v_stream; 1116 1117 mutex_enter(&stp->sd_lock); 1118 1119 if ((error = i_straccess(stp, JCREAD)) != 0) { 1120 mutex_exit(&stp->sd_lock); 1121 return (error); 1122 } 1123 1124 if (stp->sd_flag & (STRDERR|STPLEX)) { 1125 error = strgeterr(stp, STRDERR|STPLEX, 0); 1126 if (error != 0) { 1127 mutex_exit(&stp->sd_lock); 1128 return (error); 1129 } 1130 } 1131 1132 /* 1133 * Loop terminates when uiop->uio_resid == 0. 1134 */ 1135 rflg = 0; 1136 waitflag = READWAIT; 1137 q = _RD(stp->sd_wrq); 1138 for (;;) { 1139 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1140 old_sd_flag = stp->sd_flag; 1141 mark = 0; 1142 delim = 0; 1143 first = 1; 1144 while ((bp = strget(stp, q, uiop, first, &error)) == NULL) { 1145 int done = 0; 1146 1147 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1148 1149 if (error != 0) 1150 goto oops; 1151 1152 if (stp->sd_flag & (STRHUP|STREOF)) { 1153 goto oops; 1154 } 1155 if (rflg && !(stp->sd_flag & STRDELIM)) { 1156 goto oops; 1157 } 1158 /* 1159 * If a read(fd,buf,0) has been done, there is no 1160 * need to sleep. We always have zero bytes to 1161 * return. 1162 */ 1163 if (uiop->uio_resid == 0) { 1164 goto oops; 1165 } 1166 1167 qbackenable(q, 0); 1168 1169 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_WAIT, 1170 "strread calls strwaitq:%p, %p, %p", 1171 vp, uiop, crp); 1172 if ((error = strwaitq(stp, waitflag, uiop->uio_resid, 1173 uiop->uio_fmode, -1, &done)) != 0 || done) { 1174 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_DONE, 1175 "strread error or done:%p, %p, %p", 1176 vp, uiop, crp); 1177 if ((uiop->uio_fmode & FNDELAY) && 1178 (stp->sd_flag & OLDNDELAY) && 1179 (error == EAGAIN)) 1180 error = 0; 1181 goto oops; 1182 } 1183 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_AWAKE, 1184 "strread awakes:%p, %p, %p", vp, uiop, crp); 1185 if ((error = i_straccess(stp, JCREAD)) != 0) { 1186 goto oops; 1187 } 1188 first = 0; 1189 } 1190 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1191 ASSERT(bp); 1192 pri = bp->b_band; 1193 /* 1194 * Extract any mark information. If the message is not 1195 * completely consumed this information will be put in the mblk 1196 * that is putback. 1197 * If MSGMARKNEXT is set and the message is completely consumed 1198 * the STRATMARK flag will be set below. Likewise, if 1199 * MSGNOTMARKNEXT is set and the message is 1200 * completely consumed STRNOTATMARK will be set. 1201 * 1202 * For some unknown reason strread only breaks the read at the 1203 * last mark. 1204 */ 1205 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 1206 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 1207 (MSGMARKNEXT|MSGNOTMARKNEXT)); 1208 if (mark != 0 && bp == stp->sd_mark) { 1209 if (rflg) { 1210 putback(stp, q, bp, pri); 1211 goto oops; 1212 } 1213 mark |= _LASTMARK; 1214 stp->sd_mark = NULL; 1215 } 1216 if ((stp->sd_flag & STRDELIM) && (bp->b_flag & MSGDELIM)) 1217 delim = 1; 1218 mutex_exit(&stp->sd_lock); 1219 1220 if (STREAM_NEEDSERVICE(stp)) 1221 stream_runservice(stp); 1222 1223 type = bp->b_datap->db_type; 1224 1225 switch (type) { 1226 1227 case M_DATA: 1228 ismdata: 1229 if (msgnodata(bp)) { 1230 if (mark || delim) { 1231 freemsg(bp); 1232 } else if (rflg) { 1233 1234 /* 1235 * If already read data put zero 1236 * length message back on queue else 1237 * free msg and return 0. 1238 */ 1239 bp->b_band = pri; 1240 mutex_enter(&stp->sd_lock); 1241 putback(stp, q, bp, pri); 1242 mutex_exit(&stp->sd_lock); 1243 } else { 1244 freemsg(bp); 1245 } 1246 error = 0; 1247 goto oops1; 1248 } 1249 1250 rflg = 1; 1251 waitflag |= NOINTR; 1252 bp = struiocopyout(bp, uiop, &error); 1253 if (error != 0) 1254 goto oops1; 1255 1256 mutex_enter(&stp->sd_lock); 1257 if (bp) { 1258 /* 1259 * Have remaining data in message. 1260 * Free msg if in discard mode. 1261 */ 1262 if (stp->sd_read_opt & RD_MSGDIS) { 1263 freemsg(bp); 1264 } else { 1265 bp->b_band = pri; 1266 if ((mark & _LASTMARK) && 1267 (stp->sd_mark == NULL)) 1268 stp->sd_mark = bp; 1269 bp->b_flag |= mark & ~_LASTMARK; 1270 if (delim) 1271 bp->b_flag |= MSGDELIM; 1272 if (msgnodata(bp)) 1273 freemsg(bp); 1274 else 1275 putback(stp, q, bp, pri); 1276 } 1277 } else { 1278 /* 1279 * Consumed the complete message. 1280 * Move the MSG*MARKNEXT information 1281 * to the stream head just in case 1282 * the read queue becomes empty. 1283 * 1284 * If the stream head was at the mark 1285 * (STRATMARK) before we dropped sd_lock above 1286 * and some data was consumed then we have 1287 * moved past the mark thus STRATMARK is 1288 * cleared. However, if a message arrived in 1289 * strrput during the copyout above causing 1290 * STRATMARK to be set we can not clear that 1291 * flag. 1292 */ 1293 if (mark & 1294 (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 1295 if (mark & MSGMARKNEXT) { 1296 stp->sd_flag &= ~STRNOTATMARK; 1297 stp->sd_flag |= STRATMARK; 1298 } else if (mark & MSGNOTMARKNEXT) { 1299 stp->sd_flag &= ~STRATMARK; 1300 stp->sd_flag |= STRNOTATMARK; 1301 } else { 1302 stp->sd_flag &= 1303 ~(STRATMARK|STRNOTATMARK); 1304 } 1305 } else if (rflg && (old_sd_flag & STRATMARK)) { 1306 stp->sd_flag &= ~STRATMARK; 1307 } 1308 } 1309 1310 /* 1311 * Check for signal messages at the front of the read 1312 * queue and generate the signal(s) if appropriate. 1313 * The only signal that can be on queue is M_SIG at 1314 * this point. 1315 */ 1316 while ((((bp = q->q_first)) != NULL) && 1317 (bp->b_datap->db_type == M_SIG)) { 1318 bp = getq_noenab(q); 1319 /* 1320 * sd_lock is held so the content of the 1321 * read queue can not change. 1322 */ 1323 ASSERT(bp != NULL && 1324 bp->b_datap->db_type == M_SIG); 1325 strsignal_nolock(stp, *bp->b_rptr, 1326 (int32_t)bp->b_band); 1327 mutex_exit(&stp->sd_lock); 1328 freemsg(bp); 1329 if (STREAM_NEEDSERVICE(stp)) 1330 stream_runservice(stp); 1331 mutex_enter(&stp->sd_lock); 1332 } 1333 1334 if ((uiop->uio_resid == 0) || (mark & _LASTMARK) || 1335 delim || 1336 (stp->sd_read_opt & (RD_MSGDIS|RD_MSGNODIS))) { 1337 goto oops; 1338 } 1339 continue; 1340 1341 case M_SIG: 1342 strsignal(stp, *bp->b_rptr, (int32_t)bp->b_band); 1343 freemsg(bp); 1344 mutex_enter(&stp->sd_lock); 1345 continue; 1346 1347 case M_PROTO: 1348 case M_PCPROTO: 1349 /* 1350 * Only data messages are readable. 1351 * Any others generate an error, unless 1352 * RD_PROTDIS or RD_PROTDAT is set. 1353 */ 1354 if (stp->sd_read_opt & RD_PROTDAT) { 1355 for (nbp = bp; nbp; nbp = nbp->b_next) { 1356 if ((nbp->b_datap->db_type == M_PROTO) || 1357 (nbp->b_datap->db_type == M_PCPROTO)) 1358 nbp->b_datap->db_type = M_DATA; 1359 else 1360 break; 1361 } 1362 /* 1363 * clear stream head hi pri flag based on 1364 * first message 1365 */ 1366 if (type == M_PCPROTO) { 1367 mutex_enter(&stp->sd_lock); 1368 stp->sd_flag &= ~STRPRI; 1369 mutex_exit(&stp->sd_lock); 1370 } 1371 goto ismdata; 1372 } else if (stp->sd_read_opt & RD_PROTDIS) { 1373 /* 1374 * discard non-data messages 1375 */ 1376 while (bp && 1377 ((bp->b_datap->db_type == M_PROTO) || 1378 (bp->b_datap->db_type == M_PCPROTO))) { 1379 nbp = unlinkb(bp); 1380 freeb(bp); 1381 bp = nbp; 1382 } 1383 /* 1384 * clear stream head hi pri flag based on 1385 * first message 1386 */ 1387 if (type == M_PCPROTO) { 1388 mutex_enter(&stp->sd_lock); 1389 stp->sd_flag &= ~STRPRI; 1390 mutex_exit(&stp->sd_lock); 1391 } 1392 if (bp) { 1393 bp->b_band = pri; 1394 goto ismdata; 1395 } else { 1396 break; 1397 } 1398 } 1399 /* FALLTHRU */ 1400 case M_PASSFP: 1401 if ((bp->b_datap->db_type == M_PASSFP) && 1402 (stp->sd_read_opt & RD_PROTDIS)) { 1403 freemsg(bp); 1404 break; 1405 } 1406 mutex_enter(&stp->sd_lock); 1407 putback(stp, q, bp, pri); 1408 mutex_exit(&stp->sd_lock); 1409 if (rflg == 0) 1410 error = EBADMSG; 1411 goto oops1; 1412 1413 default: 1414 /* 1415 * Garbage on stream head read queue. 1416 */ 1417 cmn_err(CE_WARN, "bad %x found at stream head\n", 1418 bp->b_datap->db_type); 1419 freemsg(bp); 1420 goto oops1; 1421 } 1422 mutex_enter(&stp->sd_lock); 1423 } 1424 oops: 1425 mutex_exit(&stp->sd_lock); 1426 oops1: 1427 qbackenable(q, pri); 1428 return (error); 1429 #undef _LASTMARK 1430 } 1431 1432 /* 1433 * Default processing of M_PROTO/M_PCPROTO messages. 1434 * Determine which wakeups and signals are needed. 1435 * This can be replaced by a user-specified procedure for kernel users 1436 * of STREAMS. 1437 */ 1438 /* ARGSUSED */ 1439 mblk_t * 1440 strrput_proto(vnode_t *vp, mblk_t *mp, 1441 strwakeup_t *wakeups, strsigset_t *firstmsgsigs, 1442 strsigset_t *allmsgsigs, strpollset_t *pollwakeups) 1443 { 1444 *wakeups = RSLEEP; 1445 *allmsgsigs = 0; 1446 1447 switch (mp->b_datap->db_type) { 1448 case M_PROTO: 1449 if (mp->b_band == 0) { 1450 *firstmsgsigs = S_INPUT | S_RDNORM; 1451 *pollwakeups = POLLIN | POLLRDNORM; 1452 } else { 1453 *firstmsgsigs = S_INPUT | S_RDBAND; 1454 *pollwakeups = POLLIN | POLLRDBAND; 1455 } 1456 break; 1457 case M_PCPROTO: 1458 *firstmsgsigs = S_HIPRI; 1459 *pollwakeups = POLLPRI; 1460 break; 1461 } 1462 return (mp); 1463 } 1464 1465 /* 1466 * Default processing of everything but M_DATA, M_PROTO, M_PCPROTO and 1467 * M_PASSFP messages. 1468 * Determine which wakeups and signals are needed. 1469 * This can be replaced by a user-specified procedure for kernel users 1470 * of STREAMS. 1471 */ 1472 /* ARGSUSED */ 1473 mblk_t * 1474 strrput_misc(vnode_t *vp, mblk_t *mp, 1475 strwakeup_t *wakeups, strsigset_t *firstmsgsigs, 1476 strsigset_t *allmsgsigs, strpollset_t *pollwakeups) 1477 { 1478 *wakeups = 0; 1479 *firstmsgsigs = 0; 1480 *allmsgsigs = 0; 1481 *pollwakeups = 0; 1482 return (mp); 1483 } 1484 1485 /* 1486 * Stream read put procedure. Called from downstream driver/module 1487 * with messages for the stream head. Data, protocol, and in-stream 1488 * signal messages are placed on the queue, others are handled directly. 1489 */ 1490 int 1491 strrput(queue_t *q, mblk_t *bp) 1492 { 1493 struct stdata *stp; 1494 ulong_t rput_opt; 1495 strwakeup_t wakeups; 1496 strsigset_t firstmsgsigs; /* Signals if first message on queue */ 1497 strsigset_t allmsgsigs; /* Signals for all messages */ 1498 strsigset_t signals; /* Signals events to generate */ 1499 strpollset_t pollwakeups; 1500 mblk_t *nextbp; 1501 uchar_t band = 0; 1502 int hipri_sig; 1503 1504 stp = (struct stdata *)q->q_ptr; 1505 /* 1506 * Use rput_opt for optimized access to the SR_ flags except 1507 * SR_POLLIN. That flag has to be checked under sd_lock since it 1508 * is modified by strpoll(). 1509 */ 1510 rput_opt = stp->sd_rput_opt; 1511 1512 ASSERT(qclaimed(q)); 1513 TRACE_2(TR_FAC_STREAMS_FR, TR_STRRPUT_ENTER, 1514 "strrput called with message type:q %p bp %p", q, bp); 1515 1516 /* 1517 * Perform initial processing and pass to the parameterized functions. 1518 */ 1519 ASSERT(bp->b_next == NULL); 1520 1521 switch (bp->b_datap->db_type) { 1522 case M_DATA: 1523 /* 1524 * sockfs is the only consumer of STREOF and when it is set, 1525 * it implies that the receiver is not interested in receiving 1526 * any more data, hence the mblk is freed to prevent unnecessary 1527 * message queueing at the stream head. 1528 */ 1529 if (stp->sd_flag == STREOF) { 1530 freemsg(bp); 1531 return (0); 1532 } 1533 if ((rput_opt & SR_IGN_ZEROLEN) && 1534 bp->b_rptr == bp->b_wptr && msgnodata(bp)) { 1535 /* 1536 * Ignore zero-length M_DATA messages. These might be 1537 * generated by some transports. 1538 * The zero-length M_DATA messages, even if they 1539 * are ignored, should effect the atmark tracking and 1540 * should wake up a thread sleeping in strwaitmark. 1541 */ 1542 mutex_enter(&stp->sd_lock); 1543 if (bp->b_flag & MSGMARKNEXT) { 1544 /* 1545 * Record the position of the mark either 1546 * in q_last or in STRATMARK. 1547 */ 1548 if (q->q_last != NULL) { 1549 q->q_last->b_flag &= ~MSGNOTMARKNEXT; 1550 q->q_last->b_flag |= MSGMARKNEXT; 1551 } else { 1552 stp->sd_flag &= ~STRNOTATMARK; 1553 stp->sd_flag |= STRATMARK; 1554 } 1555 } else if (bp->b_flag & MSGNOTMARKNEXT) { 1556 /* 1557 * Record that this is not the position of 1558 * the mark either in q_last or in 1559 * STRNOTATMARK. 1560 */ 1561 if (q->q_last != NULL) { 1562 q->q_last->b_flag &= ~MSGMARKNEXT; 1563 q->q_last->b_flag |= MSGNOTMARKNEXT; 1564 } else { 1565 stp->sd_flag &= ~STRATMARK; 1566 stp->sd_flag |= STRNOTATMARK; 1567 } 1568 } 1569 if (stp->sd_flag & RSLEEP) { 1570 stp->sd_flag &= ~RSLEEP; 1571 cv_broadcast(&q->q_wait); 1572 } 1573 mutex_exit(&stp->sd_lock); 1574 freemsg(bp); 1575 return (0); 1576 } 1577 wakeups = RSLEEP; 1578 if (bp->b_band == 0) { 1579 firstmsgsigs = S_INPUT | S_RDNORM; 1580 pollwakeups = POLLIN | POLLRDNORM; 1581 } else { 1582 firstmsgsigs = S_INPUT | S_RDBAND; 1583 pollwakeups = POLLIN | POLLRDBAND; 1584 } 1585 if (rput_opt & SR_SIGALLDATA) 1586 allmsgsigs = firstmsgsigs; 1587 else 1588 allmsgsigs = 0; 1589 1590 mutex_enter(&stp->sd_lock); 1591 if ((rput_opt & SR_CONSOL_DATA) && 1592 (bp->b_flag & (MSGMARK|MSGDELIM)) == 0) { 1593 /* 1594 * Consolidate on M_DATA message onto an M_DATA, 1595 * M_PROTO, or M_PCPROTO by merging it with q_last. 1596 * The consolidation does not take place if 1597 * the old message is marked with either of the 1598 * marks or the delim flag or if the new 1599 * message is marked with MSGMARK. The MSGMARK 1600 * check is needed to handle the odd semantics of 1601 * MSGMARK where essentially the whole message 1602 * is to be treated as marked. 1603 * Carry any MSGMARKNEXT and MSGNOTMARKNEXT from the 1604 * new message to the front of the b_cont chain. 1605 */ 1606 mblk_t *lbp; 1607 1608 lbp = q->q_last; 1609 if (lbp != NULL && 1610 (lbp->b_datap->db_type == M_DATA || 1611 lbp->b_datap->db_type == M_PROTO || 1612 lbp->b_datap->db_type == M_PCPROTO) && 1613 !(lbp->b_flag & (MSGDELIM|MSGMARK| 1614 MSGMARKNEXT))) { 1615 rmvq_noenab(q, lbp); 1616 /* 1617 * The first message in the b_cont list 1618 * tracks MSGMARKNEXT and MSGNOTMARKNEXT. 1619 * We need to handle the case where we 1620 * are appending 1621 * 1622 * 1) a MSGMARKNEXT to a MSGNOTMARKNEXT. 1623 * 2) a MSGMARKNEXT to a plain message. 1624 * 3) a MSGNOTMARKNEXT to a plain message 1625 * 4) a MSGNOTMARKNEXT to a MSGNOTMARKNEXT 1626 * message. 1627 * 1628 * Thus we never append a MSGMARKNEXT or 1629 * MSGNOTMARKNEXT to a MSGMARKNEXT message. 1630 */ 1631 if (bp->b_flag & MSGMARKNEXT) { 1632 lbp->b_flag |= MSGMARKNEXT; 1633 lbp->b_flag &= ~MSGNOTMARKNEXT; 1634 bp->b_flag &= ~MSGMARKNEXT; 1635 } else if (bp->b_flag & MSGNOTMARKNEXT) { 1636 lbp->b_flag |= MSGNOTMARKNEXT; 1637 bp->b_flag &= ~MSGNOTMARKNEXT; 1638 } 1639 1640 linkb(lbp, bp); 1641 bp = lbp; 1642 /* 1643 * The new message logically isn't the first 1644 * even though the q_first check below thinks 1645 * it is. Clear the firstmsgsigs to make it 1646 * not appear to be first. 1647 */ 1648 firstmsgsigs = 0; 1649 } 1650 } 1651 break; 1652 1653 case M_PASSFP: 1654 wakeups = RSLEEP; 1655 allmsgsigs = 0; 1656 if (bp->b_band == 0) { 1657 firstmsgsigs = S_INPUT | S_RDNORM; 1658 pollwakeups = POLLIN | POLLRDNORM; 1659 } else { 1660 firstmsgsigs = S_INPUT | S_RDBAND; 1661 pollwakeups = POLLIN | POLLRDBAND; 1662 } 1663 mutex_enter(&stp->sd_lock); 1664 break; 1665 1666 case M_PROTO: 1667 case M_PCPROTO: 1668 ASSERT(stp->sd_rprotofunc != NULL); 1669 bp = (stp->sd_rprotofunc)(stp->sd_vnode, bp, 1670 &wakeups, &firstmsgsigs, &allmsgsigs, &pollwakeups); 1671 #define ALLSIG (S_INPUT|S_HIPRI|S_OUTPUT|S_MSG|S_ERROR|S_HANGUP|S_RDNORM|\ 1672 S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG) 1673 #define ALLPOLL (POLLIN|POLLPRI|POLLOUT|POLLRDNORM|POLLWRNORM|POLLRDBAND|\ 1674 POLLWRBAND) 1675 1676 ASSERT((wakeups & ~(RSLEEP|WSLEEP)) == 0); 1677 ASSERT((firstmsgsigs & ~ALLSIG) == 0); 1678 ASSERT((allmsgsigs & ~ALLSIG) == 0); 1679 ASSERT((pollwakeups & ~ALLPOLL) == 0); 1680 1681 mutex_enter(&stp->sd_lock); 1682 break; 1683 1684 default: 1685 ASSERT(stp->sd_rmiscfunc != NULL); 1686 bp = (stp->sd_rmiscfunc)(stp->sd_vnode, bp, 1687 &wakeups, &firstmsgsigs, &allmsgsigs, &pollwakeups); 1688 ASSERT((wakeups & ~(RSLEEP|WSLEEP)) == 0); 1689 ASSERT((firstmsgsigs & ~ALLSIG) == 0); 1690 ASSERT((allmsgsigs & ~ALLSIG) == 0); 1691 ASSERT((pollwakeups & ~ALLPOLL) == 0); 1692 #undef ALLSIG 1693 #undef ALLPOLL 1694 mutex_enter(&stp->sd_lock); 1695 break; 1696 } 1697 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1698 1699 /* By default generate superset of signals */ 1700 signals = (firstmsgsigs | allmsgsigs); 1701 1702 /* 1703 * The proto and misc functions can return multiple messages 1704 * as a b_next chain. Such messages are processed separately. 1705 */ 1706 one_more: 1707 hipri_sig = 0; 1708 if (bp == NULL) { 1709 nextbp = NULL; 1710 } else { 1711 nextbp = bp->b_next; 1712 bp->b_next = NULL; 1713 1714 switch (bp->b_datap->db_type) { 1715 case M_PCPROTO: 1716 /* 1717 * Only one priority protocol message is allowed at the 1718 * stream head at a time. 1719 */ 1720 if (stp->sd_flag & STRPRI) { 1721 TRACE_0(TR_FAC_STREAMS_FR, TR_STRRPUT_PROTERR, 1722 "M_PCPROTO already at head"); 1723 freemsg(bp); 1724 mutex_exit(&stp->sd_lock); 1725 goto done; 1726 } 1727 stp->sd_flag |= STRPRI; 1728 hipri_sig = 1; 1729 /* FALLTHRU */ 1730 case M_DATA: 1731 case M_PROTO: 1732 case M_PASSFP: 1733 band = bp->b_band; 1734 /* 1735 * Marking doesn't work well when messages 1736 * are marked in more than one band. We only 1737 * remember the last message received, even if 1738 * it is placed on the queue ahead of other 1739 * marked messages. 1740 */ 1741 if (bp->b_flag & MSGMARK) 1742 stp->sd_mark = bp; 1743 (void) putq(q, bp); 1744 1745 /* 1746 * If message is a PCPROTO message, always use 1747 * firstmsgsigs to determine if a signal should be 1748 * sent as strrput is the only place to send 1749 * signals for PCPROTO. Other messages are based on 1750 * the STRGETINPROG flag. The flag determines if 1751 * strrput or (k)strgetmsg will be responsible for 1752 * sending the signals, in the firstmsgsigs case. 1753 */ 1754 if ((hipri_sig == 1) || 1755 (((stp->sd_flag & STRGETINPROG) == 0) && 1756 (q->q_first == bp))) 1757 signals = (firstmsgsigs | allmsgsigs); 1758 else 1759 signals = allmsgsigs; 1760 break; 1761 1762 default: 1763 mutex_exit(&stp->sd_lock); 1764 (void) strrput_nondata(q, bp); 1765 mutex_enter(&stp->sd_lock); 1766 break; 1767 } 1768 } 1769 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1770 /* 1771 * Wake sleeping read/getmsg and cancel deferred wakeup 1772 */ 1773 if (wakeups & RSLEEP) 1774 stp->sd_wakeq &= ~RSLEEP; 1775 1776 wakeups &= stp->sd_flag; 1777 if (wakeups & RSLEEP) { 1778 stp->sd_flag &= ~RSLEEP; 1779 cv_broadcast(&q->q_wait); 1780 } 1781 if (wakeups & WSLEEP) { 1782 stp->sd_flag &= ~WSLEEP; 1783 cv_broadcast(&_WR(q)->q_wait); 1784 } 1785 1786 if (pollwakeups != 0) { 1787 if (pollwakeups == (POLLIN | POLLRDNORM)) { 1788 /* 1789 * Can't use rput_opt since it was not 1790 * read when sd_lock was held and SR_POLLIN is changed 1791 * by strpoll() under sd_lock. 1792 */ 1793 if (!(stp->sd_rput_opt & SR_POLLIN)) 1794 goto no_pollwake; 1795 stp->sd_rput_opt &= ~SR_POLLIN; 1796 } 1797 mutex_exit(&stp->sd_lock); 1798 pollwakeup(&stp->sd_pollist, pollwakeups); 1799 mutex_enter(&stp->sd_lock); 1800 } 1801 no_pollwake: 1802 1803 /* 1804 * strsendsig can handle multiple signals with a 1805 * single call. 1806 */ 1807 if (stp->sd_sigflags & signals) 1808 strsendsig(stp->sd_siglist, signals, band, 0); 1809 mutex_exit(&stp->sd_lock); 1810 1811 1812 done: 1813 if (nextbp == NULL) 1814 return (0); 1815 1816 /* 1817 * Any signals were handled the first time. 1818 * Wakeups and pollwakeups are redone to avoid any race 1819 * conditions - all the messages are not queued until the 1820 * last message has been processed by strrput. 1821 */ 1822 bp = nextbp; 1823 signals = firstmsgsigs = allmsgsigs = 0; 1824 mutex_enter(&stp->sd_lock); 1825 goto one_more; 1826 } 1827 1828 static void 1829 log_dupioc(queue_t *rq, mblk_t *bp) 1830 { 1831 queue_t *wq, *qp; 1832 char *modnames, *mnp, *dname; 1833 size_t maxmodstr; 1834 boolean_t islast; 1835 1836 /* 1837 * Allocate a buffer large enough to hold the names of nstrpush modules 1838 * and one driver, with spaces between and NUL terminator. If we can't 1839 * get memory, then we'll just log the driver name. 1840 */ 1841 maxmodstr = nstrpush * (FMNAMESZ + 1); 1842 mnp = modnames = kmem_alloc(maxmodstr, KM_NOSLEEP); 1843 1844 /* march down write side to print log message down to the driver */ 1845 wq = WR(rq); 1846 1847 /* make sure q_next doesn't shift around while we're grabbing data */ 1848 claimstr(wq); 1849 qp = wq->q_next; 1850 do { 1851 if ((dname = qp->q_qinfo->qi_minfo->mi_idname) == NULL) 1852 dname = "?"; 1853 islast = !SAMESTR(qp) || qp->q_next == NULL; 1854 if (modnames == NULL) { 1855 /* 1856 * If we don't have memory, then get the driver name in 1857 * the log where we can see it. Note that memory 1858 * pressure is a possible cause of these sorts of bugs. 1859 */ 1860 if (islast) { 1861 modnames = dname; 1862 maxmodstr = 0; 1863 } 1864 } else { 1865 mnp += snprintf(mnp, FMNAMESZ + 1, "%s", dname); 1866 if (!islast) 1867 *mnp++ = ' '; 1868 } 1869 qp = qp->q_next; 1870 } while (!islast); 1871 releasestr(wq); 1872 /* Cannot happen unless stream head is corrupt. */ 1873 ASSERT(modnames != NULL); 1874 (void) strlog(rq->q_qinfo->qi_minfo->mi_idnum, 0, 1, 1875 SL_CONSOLE|SL_TRACE|SL_ERROR, 1876 "Warning: stream %p received duplicate %X M_IOC%s; module list: %s", 1877 rq->q_ptr, ((struct iocblk *)bp->b_rptr)->ioc_cmd, 1878 (DB_TYPE(bp) == M_IOCACK ? "ACK" : "NAK"), modnames); 1879 if (maxmodstr != 0) 1880 kmem_free(modnames, maxmodstr); 1881 } 1882 1883 int 1884 strrput_nondata(queue_t *q, mblk_t *bp) 1885 { 1886 struct stdata *stp; 1887 struct iocblk *iocbp; 1888 struct stroptions *sop; 1889 struct copyreq *reqp; 1890 struct copyresp *resp; 1891 unsigned char bpri; 1892 unsigned char flushed_already = 0; 1893 1894 stp = (struct stdata *)q->q_ptr; 1895 1896 ASSERT(!(stp->sd_flag & STPLEX)); 1897 ASSERT(qclaimed(q)); 1898 1899 switch (bp->b_datap->db_type) { 1900 case M_ERROR: 1901 /* 1902 * An error has occurred downstream, the errno is in the first 1903 * bytes of the message. 1904 */ 1905 if ((bp->b_wptr - bp->b_rptr) == 2) { /* New flavor */ 1906 unsigned char rw = 0; 1907 1908 mutex_enter(&stp->sd_lock); 1909 if (*bp->b_rptr != NOERROR) { /* read error */ 1910 if (*bp->b_rptr != 0) { 1911 if (stp->sd_flag & STRDERR) 1912 flushed_already |= FLUSHR; 1913 stp->sd_flag |= STRDERR; 1914 rw |= FLUSHR; 1915 } else { 1916 stp->sd_flag &= ~STRDERR; 1917 } 1918 stp->sd_rerror = *bp->b_rptr; 1919 } 1920 bp->b_rptr++; 1921 if (*bp->b_rptr != NOERROR) { /* write error */ 1922 if (*bp->b_rptr != 0) { 1923 if (stp->sd_flag & STWRERR) 1924 flushed_already |= FLUSHW; 1925 stp->sd_flag |= STWRERR; 1926 rw |= FLUSHW; 1927 } else { 1928 stp->sd_flag &= ~STWRERR; 1929 } 1930 stp->sd_werror = *bp->b_rptr; 1931 } 1932 if (rw) { 1933 TRACE_2(TR_FAC_STREAMS_FR, TR_STRRPUT_WAKE, 1934 "strrput cv_broadcast:q %p, bp %p", 1935 q, bp); 1936 cv_broadcast(&q->q_wait); /* readers */ 1937 cv_broadcast(&_WR(q)->q_wait); /* writers */ 1938 cv_broadcast(&stp->sd_monitor); /* ioctllers */ 1939 1940 mutex_exit(&stp->sd_lock); 1941 pollwakeup(&stp->sd_pollist, POLLERR); 1942 mutex_enter(&stp->sd_lock); 1943 1944 if (stp->sd_sigflags & S_ERROR) 1945 strsendsig(stp->sd_siglist, S_ERROR, 0, 1946 ((rw & FLUSHR) ? stp->sd_rerror : 1947 stp->sd_werror)); 1948 mutex_exit(&stp->sd_lock); 1949 /* 1950 * Send the M_FLUSH only 1951 * for the first M_ERROR 1952 * message on the stream 1953 */ 1954 if (flushed_already == rw) { 1955 freemsg(bp); 1956 return (0); 1957 } 1958 1959 bp->b_datap->db_type = M_FLUSH; 1960 *bp->b_rptr = rw; 1961 bp->b_wptr = bp->b_rptr + 1; 1962 /* 1963 * Protect against the driver 1964 * passing up messages after 1965 * it has done a qprocsoff 1966 */ 1967 if (_OTHERQ(q)->q_next == NULL) 1968 freemsg(bp); 1969 else 1970 qreply(q, bp); 1971 return (0); 1972 } else 1973 mutex_exit(&stp->sd_lock); 1974 } else if (*bp->b_rptr != 0) { /* Old flavor */ 1975 if (stp->sd_flag & (STRDERR|STWRERR)) 1976 flushed_already = FLUSHRW; 1977 mutex_enter(&stp->sd_lock); 1978 stp->sd_flag |= (STRDERR|STWRERR); 1979 stp->sd_rerror = *bp->b_rptr; 1980 stp->sd_werror = *bp->b_rptr; 1981 TRACE_2(TR_FAC_STREAMS_FR, 1982 TR_STRRPUT_WAKE2, 1983 "strrput wakeup #2:q %p, bp %p", q, bp); 1984 cv_broadcast(&q->q_wait); /* the readers */ 1985 cv_broadcast(&_WR(q)->q_wait); /* the writers */ 1986 cv_broadcast(&stp->sd_monitor); /* ioctllers */ 1987 1988 mutex_exit(&stp->sd_lock); 1989 pollwakeup(&stp->sd_pollist, POLLERR); 1990 mutex_enter(&stp->sd_lock); 1991 1992 if (stp->sd_sigflags & S_ERROR) 1993 strsendsig(stp->sd_siglist, S_ERROR, 0, 1994 (stp->sd_werror ? stp->sd_werror : 1995 stp->sd_rerror)); 1996 mutex_exit(&stp->sd_lock); 1997 1998 /* 1999 * Send the M_FLUSH only 2000 * for the first M_ERROR 2001 * message on the stream 2002 */ 2003 if (flushed_already != FLUSHRW) { 2004 bp->b_datap->db_type = M_FLUSH; 2005 *bp->b_rptr = FLUSHRW; 2006 /* 2007 * Protect against the driver passing up 2008 * messages after it has done a 2009 * qprocsoff. 2010 */ 2011 if (_OTHERQ(q)->q_next == NULL) 2012 freemsg(bp); 2013 else 2014 qreply(q, bp); 2015 return (0); 2016 } 2017 } 2018 freemsg(bp); 2019 return (0); 2020 2021 case M_HANGUP: 2022 2023 freemsg(bp); 2024 mutex_enter(&stp->sd_lock); 2025 stp->sd_werror = ENXIO; 2026 stp->sd_flag |= STRHUP; 2027 stp->sd_flag &= ~(WSLEEP|RSLEEP); 2028 2029 /* 2030 * send signal if controlling tty 2031 */ 2032 2033 if (stp->sd_sidp) { 2034 prsignal(stp->sd_sidp, SIGHUP); 2035 if (stp->sd_sidp != stp->sd_pgidp) 2036 pgsignal(stp->sd_pgidp, SIGTSTP); 2037 } 2038 2039 /* 2040 * wake up read, write, and exception pollers and 2041 * reset wakeup mechanism. 2042 */ 2043 cv_broadcast(&q->q_wait); /* the readers */ 2044 cv_broadcast(&_WR(q)->q_wait); /* the writers */ 2045 cv_broadcast(&stp->sd_monitor); /* the ioctllers */ 2046 strhup(stp); 2047 mutex_exit(&stp->sd_lock); 2048 return (0); 2049 2050 case M_UNHANGUP: 2051 freemsg(bp); 2052 mutex_enter(&stp->sd_lock); 2053 stp->sd_werror = 0; 2054 stp->sd_flag &= ~STRHUP; 2055 mutex_exit(&stp->sd_lock); 2056 return (0); 2057 2058 case M_SIG: 2059 /* 2060 * Someone downstream wants to post a signal. The 2061 * signal to post is contained in the first byte of the 2062 * message. If the message would go on the front of 2063 * the queue, send a signal to the process group 2064 * (if not SIGPOLL) or to the siglist processes 2065 * (SIGPOLL). If something is already on the queue, 2066 * OR if we are delivering a delayed suspend (*sigh* 2067 * another "tty" hack) and there's no one sleeping already, 2068 * just enqueue the message. 2069 */ 2070 mutex_enter(&stp->sd_lock); 2071 if (q->q_first || (*bp->b_rptr == SIGTSTP && 2072 !(stp->sd_flag & RSLEEP))) { 2073 (void) putq(q, bp); 2074 mutex_exit(&stp->sd_lock); 2075 return (0); 2076 } 2077 mutex_exit(&stp->sd_lock); 2078 /* FALLTHRU */ 2079 2080 case M_PCSIG: 2081 /* 2082 * Don't enqueue, just post the signal. 2083 */ 2084 strsignal(stp, *bp->b_rptr, 0L); 2085 freemsg(bp); 2086 return (0); 2087 2088 case M_FLUSH: 2089 /* 2090 * Flush queues. The indication of which queues to flush 2091 * is in the first byte of the message. If the read queue 2092 * is specified, then flush it. If FLUSHBAND is set, just 2093 * flush the band specified by the second byte of the message. 2094 * 2095 * If a module has issued a M_SETOPT to not flush hi 2096 * priority messages off of the stream head, then pass this 2097 * flag into the flushq code to preserve such messages. 2098 */ 2099 2100 if (*bp->b_rptr & FLUSHR) { 2101 mutex_enter(&stp->sd_lock); 2102 if (*bp->b_rptr & FLUSHBAND) { 2103 ASSERT((bp->b_wptr - bp->b_rptr) >= 2); 2104 flushband(q, *(bp->b_rptr + 1), FLUSHALL); 2105 } else 2106 flushq_common(q, FLUSHALL, 2107 stp->sd_read_opt & RFLUSHPCPROT); 2108 if ((q->q_first == NULL) || 2109 (q->q_first->b_datap->db_type < QPCTL)) 2110 stp->sd_flag &= ~STRPRI; 2111 else { 2112 ASSERT(stp->sd_flag & STRPRI); 2113 } 2114 mutex_exit(&stp->sd_lock); 2115 } 2116 if ((*bp->b_rptr & FLUSHW) && !(bp->b_flag & MSGNOLOOP)) { 2117 *bp->b_rptr &= ~FLUSHR; 2118 bp->b_flag |= MSGNOLOOP; 2119 /* 2120 * Protect against the driver passing up 2121 * messages after it has done a qprocsoff. 2122 */ 2123 if (_OTHERQ(q)->q_next == NULL) 2124 freemsg(bp); 2125 else 2126 qreply(q, bp); 2127 return (0); 2128 } 2129 freemsg(bp); 2130 return (0); 2131 2132 case M_IOCACK: 2133 case M_IOCNAK: 2134 iocbp = (struct iocblk *)bp->b_rptr; 2135 /* 2136 * If not waiting for ACK or NAK then just free msg. 2137 * If incorrect id sequence number then just free msg. 2138 * If already have ACK or NAK for user then this is a 2139 * duplicate, display a warning and free the msg. 2140 */ 2141 mutex_enter(&stp->sd_lock); 2142 if ((stp->sd_flag & IOCWAIT) == 0 || stp->sd_iocblk || 2143 (stp->sd_iocid != iocbp->ioc_id)) { 2144 /* 2145 * If the ACK/NAK is a dup, display a message 2146 * Dup is when sd_iocid == ioc_id, and 2147 * sd_iocblk == <valid ptr> or -1 (the former 2148 * is when an ioctl has been put on the stream 2149 * head, but has not yet been consumed, the 2150 * later is when it has been consumed). 2151 */ 2152 if ((stp->sd_iocid == iocbp->ioc_id) && 2153 (stp->sd_iocblk != NULL)) { 2154 log_dupioc(q, bp); 2155 } 2156 freemsg(bp); 2157 mutex_exit(&stp->sd_lock); 2158 return (0); 2159 } 2160 2161 /* 2162 * Assign ACK or NAK to user and wake up. 2163 */ 2164 stp->sd_iocblk = bp; 2165 cv_broadcast(&stp->sd_monitor); 2166 mutex_exit(&stp->sd_lock); 2167 return (0); 2168 2169 case M_COPYIN: 2170 case M_COPYOUT: 2171 reqp = (struct copyreq *)bp->b_rptr; 2172 2173 /* 2174 * If not waiting for ACK or NAK then just fail request. 2175 * If already have ACK, NAK, or copy request, then just 2176 * fail request. 2177 * If incorrect id sequence number then just fail request. 2178 */ 2179 mutex_enter(&stp->sd_lock); 2180 if ((stp->sd_flag & IOCWAIT) == 0 || stp->sd_iocblk || 2181 (stp->sd_iocid != reqp->cq_id)) { 2182 if (bp->b_cont) { 2183 freemsg(bp->b_cont); 2184 bp->b_cont = NULL; 2185 } 2186 bp->b_datap->db_type = M_IOCDATA; 2187 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 2188 resp = (struct copyresp *)bp->b_rptr; 2189 resp->cp_rval = (caddr_t)1; /* failure */ 2190 mutex_exit(&stp->sd_lock); 2191 putnext(stp->sd_wrq, bp); 2192 return (0); 2193 } 2194 2195 /* 2196 * Assign copy request to user and wake up. 2197 */ 2198 stp->sd_iocblk = bp; 2199 cv_broadcast(&stp->sd_monitor); 2200 mutex_exit(&stp->sd_lock); 2201 return (0); 2202 2203 case M_SETOPTS: 2204 /* 2205 * Set stream head options (read option, write offset, 2206 * min/max packet size, and/or high/low water marks for 2207 * the read side only). 2208 */ 2209 2210 bpri = 0; 2211 sop = (struct stroptions *)bp->b_rptr; 2212 mutex_enter(&stp->sd_lock); 2213 if (sop->so_flags & SO_READOPT) { 2214 switch (sop->so_readopt & RMODEMASK) { 2215 case RNORM: 2216 stp->sd_read_opt &= ~(RD_MSGDIS | RD_MSGNODIS); 2217 break; 2218 2219 case RMSGD: 2220 stp->sd_read_opt = 2221 ((stp->sd_read_opt & ~RD_MSGNODIS) | 2222 RD_MSGDIS); 2223 break; 2224 2225 case RMSGN: 2226 stp->sd_read_opt = 2227 ((stp->sd_read_opt & ~RD_MSGDIS) | 2228 RD_MSGNODIS); 2229 break; 2230 } 2231 switch (sop->so_readopt & RPROTMASK) { 2232 case RPROTNORM: 2233 stp->sd_read_opt &= ~(RD_PROTDAT | RD_PROTDIS); 2234 break; 2235 2236 case RPROTDAT: 2237 stp->sd_read_opt = 2238 ((stp->sd_read_opt & ~RD_PROTDIS) | 2239 RD_PROTDAT); 2240 break; 2241 2242 case RPROTDIS: 2243 stp->sd_read_opt = 2244 ((stp->sd_read_opt & ~RD_PROTDAT) | 2245 RD_PROTDIS); 2246 break; 2247 } 2248 switch (sop->so_readopt & RFLUSHMASK) { 2249 case RFLUSHPCPROT: 2250 /* 2251 * This sets the stream head to NOT flush 2252 * M_PCPROTO messages. 2253 */ 2254 stp->sd_read_opt |= RFLUSHPCPROT; 2255 break; 2256 } 2257 } 2258 if (sop->so_flags & SO_ERROPT) { 2259 switch (sop->so_erropt & RERRMASK) { 2260 case RERRNORM: 2261 stp->sd_flag &= ~STRDERRNONPERSIST; 2262 break; 2263 case RERRNONPERSIST: 2264 stp->sd_flag |= STRDERRNONPERSIST; 2265 break; 2266 } 2267 switch (sop->so_erropt & WERRMASK) { 2268 case WERRNORM: 2269 stp->sd_flag &= ~STWRERRNONPERSIST; 2270 break; 2271 case WERRNONPERSIST: 2272 stp->sd_flag |= STWRERRNONPERSIST; 2273 break; 2274 } 2275 } 2276 if (sop->so_flags & SO_COPYOPT) { 2277 if (sop->so_copyopt & ZCVMSAFE) { 2278 stp->sd_copyflag |= STZCVMSAFE; 2279 stp->sd_copyflag &= ~STZCVMUNSAFE; 2280 } else if (sop->so_copyopt & ZCVMUNSAFE) { 2281 stp->sd_copyflag |= STZCVMUNSAFE; 2282 stp->sd_copyflag &= ~STZCVMSAFE; 2283 } 2284 2285 if (sop->so_copyopt & COPYCACHED) { 2286 stp->sd_copyflag |= STRCOPYCACHED; 2287 } 2288 } 2289 if (sop->so_flags & SO_WROFF) 2290 stp->sd_wroff = sop->so_wroff; 2291 if (sop->so_flags & SO_TAIL) 2292 stp->sd_tail = sop->so_tail; 2293 if (sop->so_flags & SO_MINPSZ) 2294 q->q_minpsz = sop->so_minpsz; 2295 if (sop->so_flags & SO_MAXPSZ) 2296 q->q_maxpsz = sop->so_maxpsz; 2297 if (sop->so_flags & SO_MAXBLK) 2298 stp->sd_maxblk = sop->so_maxblk; 2299 if (sop->so_flags & SO_HIWAT) { 2300 if (sop->so_flags & SO_BAND) { 2301 if (strqset(q, QHIWAT, sop->so_band, sop->so_hiwat)) 2302 cmn_err(CE_WARN, 2303 "strrput: could not allocate qband\n"); 2304 else 2305 bpri = sop->so_band; 2306 } else { 2307 q->q_hiwat = sop->so_hiwat; 2308 } 2309 } 2310 if (sop->so_flags & SO_LOWAT) { 2311 if (sop->so_flags & SO_BAND) { 2312 if (strqset(q, QLOWAT, sop->so_band, sop->so_lowat)) 2313 cmn_err(CE_WARN, 2314 "strrput: could not allocate qband\n"); 2315 else 2316 bpri = sop->so_band; 2317 } else { 2318 q->q_lowat = sop->so_lowat; 2319 } 2320 } 2321 if (sop->so_flags & SO_MREADON) 2322 stp->sd_flag |= SNDMREAD; 2323 if (sop->so_flags & SO_MREADOFF) 2324 stp->sd_flag &= ~SNDMREAD; 2325 if (sop->so_flags & SO_NDELON) 2326 stp->sd_flag |= OLDNDELAY; 2327 if (sop->so_flags & SO_NDELOFF) 2328 stp->sd_flag &= ~OLDNDELAY; 2329 if (sop->so_flags & SO_ISTTY) 2330 stp->sd_flag |= STRISTTY; 2331 if (sop->so_flags & SO_ISNTTY) 2332 stp->sd_flag &= ~STRISTTY; 2333 if (sop->so_flags & SO_TOSTOP) 2334 stp->sd_flag |= STRTOSTOP; 2335 if (sop->so_flags & SO_TONSTOP) 2336 stp->sd_flag &= ~STRTOSTOP; 2337 if (sop->so_flags & SO_DELIM) 2338 stp->sd_flag |= STRDELIM; 2339 if (sop->so_flags & SO_NODELIM) 2340 stp->sd_flag &= ~STRDELIM; 2341 2342 mutex_exit(&stp->sd_lock); 2343 freemsg(bp); 2344 2345 /* Check backenable in case the water marks changed */ 2346 qbackenable(q, bpri); 2347 return (0); 2348 2349 /* 2350 * The following set of cases deal with situations where two stream 2351 * heads are connected to each other (twisted streams). These messages 2352 * have no meaning at the stream head. 2353 */ 2354 case M_BREAK: 2355 case M_CTL: 2356 case M_DELAY: 2357 case M_START: 2358 case M_STOP: 2359 case M_IOCDATA: 2360 case M_STARTI: 2361 case M_STOPI: 2362 freemsg(bp); 2363 return (0); 2364 2365 case M_IOCTL: 2366 /* 2367 * Always NAK this condition 2368 * (makes no sense) 2369 * If there is one or more threads in the read side 2370 * rwnext we have to defer the nacking until that thread 2371 * returns (in strget). 2372 */ 2373 mutex_enter(&stp->sd_lock); 2374 if (stp->sd_struiodnak != 0) { 2375 /* 2376 * Defer NAK to the streamhead. Queue at the end 2377 * the list. 2378 */ 2379 mblk_t *mp = stp->sd_struionak; 2380 2381 while (mp && mp->b_next) 2382 mp = mp->b_next; 2383 if (mp) 2384 mp->b_next = bp; 2385 else 2386 stp->sd_struionak = bp; 2387 bp->b_next = NULL; 2388 mutex_exit(&stp->sd_lock); 2389 return (0); 2390 } 2391 mutex_exit(&stp->sd_lock); 2392 2393 bp->b_datap->db_type = M_IOCNAK; 2394 /* 2395 * Protect against the driver passing up 2396 * messages after it has done a qprocsoff. 2397 */ 2398 if (_OTHERQ(q)->q_next == NULL) 2399 freemsg(bp); 2400 else 2401 qreply(q, bp); 2402 return (0); 2403 2404 default: 2405 #ifdef DEBUG 2406 cmn_err(CE_WARN, 2407 "bad message type %x received at stream head\n", 2408 bp->b_datap->db_type); 2409 #endif 2410 freemsg(bp); 2411 return (0); 2412 } 2413 2414 /* NOTREACHED */ 2415 } 2416 2417 /* 2418 * Check if the stream pointed to by `stp' can be written to, and return an 2419 * error code if not. If `eiohup' is set, then return EIO if STRHUP is set. 2420 * If `sigpipeok' is set and the SW_SIGPIPE option is enabled on the stream, 2421 * then always return EPIPE and send a SIGPIPE to the invoking thread. 2422 */ 2423 static int 2424 strwriteable(struct stdata *stp, boolean_t eiohup, boolean_t sigpipeok) 2425 { 2426 int error; 2427 2428 ASSERT(MUTEX_HELD(&stp->sd_lock)); 2429 2430 /* 2431 * For modem support, POSIX states that on writes, EIO should 2432 * be returned if the stream has been hung up. 2433 */ 2434 if (eiohup && (stp->sd_flag & (STPLEX|STRHUP)) == STRHUP) 2435 error = EIO; 2436 else 2437 error = strgeterr(stp, STRHUP|STPLEX|STWRERR, 0); 2438 2439 if (error != 0) { 2440 if (!(stp->sd_flag & STPLEX) && 2441 (stp->sd_wput_opt & SW_SIGPIPE) && sigpipeok) { 2442 tsignal(curthread, SIGPIPE); 2443 error = EPIPE; 2444 } 2445 } 2446 2447 return (error); 2448 } 2449 2450 /* 2451 * Copyin and send data down a stream. 2452 * The caller will allocate and copyin any control part that precedes the 2453 * message and pass than in as mctl. 2454 * 2455 * Caller should *not* hold sd_lock. 2456 * When EWOULDBLOCK is returned the caller has to redo the canputnext 2457 * under sd_lock in order to avoid missing a backenabling wakeup. 2458 * 2459 * Use iosize = -1 to not send any M_DATA. iosize = 0 sends zero-length M_DATA. 2460 * 2461 * Set MSG_IGNFLOW in flags to ignore flow control for hipri messages. 2462 * For sync streams we can only ignore flow control by reverting to using 2463 * putnext. 2464 * 2465 * If sd_maxblk is less than *iosize this routine might return without 2466 * transferring all of *iosize. In all cases, on return *iosize will contain 2467 * the amount of data that was transferred. 2468 */ 2469 static int 2470 strput(struct stdata *stp, mblk_t *mctl, struct uio *uiop, ssize_t *iosize, 2471 int b_flag, int pri, int flags) 2472 { 2473 struiod_t uiod; 2474 mblk_t *mp; 2475 queue_t *wqp = stp->sd_wrq; 2476 int error = 0; 2477 ssize_t count = *iosize; 2478 cred_t *cr; 2479 2480 ASSERT(MUTEX_NOT_HELD(&stp->sd_lock)); 2481 2482 if (uiop != NULL && count >= 0) 2483 flags |= stp->sd_struiowrq ? STRUIO_POSTPONE : 0; 2484 2485 if (!(flags & STRUIO_POSTPONE)) { 2486 /* 2487 * Use regular canputnext, strmakedata, putnext sequence. 2488 */ 2489 if (pri == 0) { 2490 if (!canputnext(wqp) && !(flags & MSG_IGNFLOW)) { 2491 freemsg(mctl); 2492 return (EWOULDBLOCK); 2493 } 2494 } else { 2495 if (!(flags & MSG_IGNFLOW) && !bcanputnext(wqp, pri)) { 2496 freemsg(mctl); 2497 return (EWOULDBLOCK); 2498 } 2499 } 2500 2501 if ((error = strmakedata(iosize, uiop, stp, flags, 2502 &mp)) != 0) { 2503 freemsg(mctl); 2504 /* 2505 * need to change return code to ENOMEM 2506 * so that this is not confused with 2507 * flow control, EAGAIN. 2508 */ 2509 2510 if (error == EAGAIN) 2511 return (ENOMEM); 2512 else 2513 return (error); 2514 } 2515 if (mctl != NULL) { 2516 if (mctl->b_cont == NULL) 2517 mctl->b_cont = mp; 2518 else if (mp != NULL) 2519 linkb(mctl, mp); 2520 mp = mctl; 2521 /* 2522 * Note that for interrupt thread, the CRED() is 2523 * NULL. Don't bother with the pid either. 2524 */ 2525 if ((cr = CRED()) != NULL) { 2526 mblk_setcred(mp, cr); 2527 DB_CPID(mp) = curproc->p_pid; 2528 } 2529 } else if (mp == NULL) 2530 return (0); 2531 2532 mp->b_flag |= b_flag; 2533 mp->b_band = (uchar_t)pri; 2534 2535 if (flags & MSG_IGNFLOW) { 2536 /* 2537 * XXX Hack: Don't get stuck running service 2538 * procedures. This is needed for sockfs when 2539 * sending the unbind message out of the rput 2540 * procedure - we don't want a put procedure 2541 * to run service procedures. 2542 */ 2543 putnext(wqp, mp); 2544 } else { 2545 stream_willservice(stp); 2546 putnext(wqp, mp); 2547 stream_runservice(stp); 2548 } 2549 return (0); 2550 } 2551 /* 2552 * Stream supports rwnext() for the write side. 2553 */ 2554 if ((error = strmakedata(iosize, uiop, stp, flags, &mp)) != 0) { 2555 freemsg(mctl); 2556 /* 2557 * map EAGAIN to ENOMEM since EAGAIN means "flow controlled". 2558 */ 2559 return (error == EAGAIN ? ENOMEM : error); 2560 } 2561 if (mctl != NULL) { 2562 if (mctl->b_cont == NULL) 2563 mctl->b_cont = mp; 2564 else if (mp != NULL) 2565 linkb(mctl, mp); 2566 mp = mctl; 2567 /* 2568 * Note that for interrupt thread, the CRED() is 2569 * NULL. Don't bother with the pid either. 2570 */ 2571 if ((cr = CRED()) != NULL) { 2572 mblk_setcred(mp, cr); 2573 DB_CPID(mp) = curproc->p_pid; 2574 } 2575 } else if (mp == NULL) { 2576 return (0); 2577 } 2578 2579 mp->b_flag |= b_flag; 2580 mp->b_band = (uchar_t)pri; 2581 2582 (void) uiodup(uiop, &uiod.d_uio, uiod.d_iov, 2583 sizeof (uiod.d_iov) / sizeof (*uiod.d_iov)); 2584 uiod.d_uio.uio_offset = 0; 2585 uiod.d_mp = mp; 2586 error = rwnext(wqp, &uiod); 2587 if (! uiod.d_mp) { 2588 uioskip(uiop, *iosize); 2589 return (error); 2590 } 2591 ASSERT(mp == uiod.d_mp); 2592 if (error == EINVAL) { 2593 /* 2594 * The stream plumbing must have changed while 2595 * we were away, so just turn off rwnext()s. 2596 */ 2597 error = 0; 2598 } else if (error == EBUSY || error == EWOULDBLOCK) { 2599 /* 2600 * Couldn't enter a perimeter or took a page fault, 2601 * so fall-back to putnext(). 2602 */ 2603 error = 0; 2604 } else { 2605 freemsg(mp); 2606 return (error); 2607 } 2608 /* Have to check canput before consuming data from the uio */ 2609 if (pri == 0) { 2610 if (!canputnext(wqp) && !(flags & MSG_IGNFLOW)) { 2611 freemsg(mp); 2612 return (EWOULDBLOCK); 2613 } 2614 } else { 2615 if (!bcanputnext(wqp, pri) && !(flags & MSG_IGNFLOW)) { 2616 freemsg(mp); 2617 return (EWOULDBLOCK); 2618 } 2619 } 2620 ASSERT(mp == uiod.d_mp); 2621 /* Copyin data from the uio */ 2622 if ((error = struioget(wqp, mp, &uiod, 0)) != 0) { 2623 freemsg(mp); 2624 return (error); 2625 } 2626 uioskip(uiop, *iosize); 2627 if (flags & MSG_IGNFLOW) { 2628 /* 2629 * XXX Hack: Don't get stuck running service procedures. 2630 * This is needed for sockfs when sending the unbind message 2631 * out of the rput procedure - we don't want a put procedure 2632 * to run service procedures. 2633 */ 2634 putnext(wqp, mp); 2635 } else { 2636 stream_willservice(stp); 2637 putnext(wqp, mp); 2638 stream_runservice(stp); 2639 } 2640 return (0); 2641 } 2642 2643 /* 2644 * Write attempts to break the write request into messages conforming 2645 * with the minimum and maximum packet sizes set downstream. 2646 * 2647 * Write will not block if downstream queue is full and 2648 * O_NDELAY is set, otherwise it will block waiting for the queue to get room. 2649 * 2650 * A write of zero bytes gets packaged into a zero length message and sent 2651 * downstream like any other message. 2652 * 2653 * If buffers of the requested sizes are not available, the write will 2654 * sleep until the buffers become available. 2655 * 2656 * Write (if specified) will supply a write offset in a message if it 2657 * makes sense. This can be specified by downstream modules as part of 2658 * a M_SETOPTS message. Write will not supply the write offset if it 2659 * cannot supply any data in a buffer. In other words, write will never 2660 * send down an empty packet due to a write offset. 2661 */ 2662 /* ARGSUSED2 */ 2663 int 2664 strwrite(struct vnode *vp, struct uio *uiop, cred_t *crp) 2665 { 2666 return (strwrite_common(vp, uiop, crp, 0)); 2667 } 2668 2669 /* ARGSUSED2 */ 2670 int 2671 strwrite_common(struct vnode *vp, struct uio *uiop, cred_t *crp, int wflag) 2672 { 2673 struct stdata *stp; 2674 struct queue *wqp; 2675 ssize_t rmin, rmax; 2676 ssize_t iosize; 2677 int waitflag; 2678 int tempmode; 2679 int error = 0; 2680 int b_flag; 2681 2682 ASSERT(vp->v_stream); 2683 stp = vp->v_stream; 2684 2685 mutex_enter(&stp->sd_lock); 2686 2687 if ((error = i_straccess(stp, JCWRITE)) != 0) { 2688 mutex_exit(&stp->sd_lock); 2689 return (error); 2690 } 2691 2692 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 2693 error = strwriteable(stp, B_TRUE, B_TRUE); 2694 if (error != 0) { 2695 mutex_exit(&stp->sd_lock); 2696 return (error); 2697 } 2698 } 2699 2700 mutex_exit(&stp->sd_lock); 2701 2702 wqp = stp->sd_wrq; 2703 2704 /* get these values from them cached in the stream head */ 2705 rmin = stp->sd_qn_minpsz; 2706 rmax = stp->sd_qn_maxpsz; 2707 2708 /* 2709 * Check the min/max packet size constraints. If min packet size 2710 * is non-zero, the write cannot be split into multiple messages 2711 * and still guarantee the size constraints. 2712 */ 2713 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_IN, "strwrite in:q %p", wqp); 2714 2715 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 2716 if (rmax == 0) { 2717 return (0); 2718 } 2719 if (rmin > 0) { 2720 if (uiop->uio_resid < rmin) { 2721 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2722 "strwrite out:q %p out %d error %d", 2723 wqp, 0, ERANGE); 2724 return (ERANGE); 2725 } 2726 if ((rmax != INFPSZ) && (uiop->uio_resid > rmax)) { 2727 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2728 "strwrite out:q %p out %d error %d", 2729 wqp, 1, ERANGE); 2730 return (ERANGE); 2731 } 2732 } 2733 2734 /* 2735 * Do until count satisfied or error. 2736 */ 2737 waitflag = WRITEWAIT | wflag; 2738 if (stp->sd_flag & OLDNDELAY) 2739 tempmode = uiop->uio_fmode & ~FNDELAY; 2740 else 2741 tempmode = uiop->uio_fmode; 2742 2743 if (rmax == INFPSZ) 2744 rmax = uiop->uio_resid; 2745 2746 /* 2747 * Note that tempmode does not get used in strput/strmakedata 2748 * but only in strwaitq. The other routines use uio_fmode 2749 * unmodified. 2750 */ 2751 2752 /* LINTED: constant in conditional context */ 2753 while (1) { /* breaks when uio_resid reaches zero */ 2754 /* 2755 * Determine the size of the next message to be 2756 * packaged. May have to break write into several 2757 * messages based on max packet size. 2758 */ 2759 iosize = MIN(uiop->uio_resid, rmax); 2760 2761 /* 2762 * Put block downstream when flow control allows it. 2763 */ 2764 if ((stp->sd_flag & STRDELIM) && (uiop->uio_resid == iosize)) 2765 b_flag = MSGDELIM; 2766 else 2767 b_flag = 0; 2768 2769 for (;;) { 2770 int done = 0; 2771 2772 error = strput(stp, NULL, uiop, &iosize, b_flag, 2773 0, 0); 2774 if (error == 0) 2775 break; 2776 if (error != EWOULDBLOCK) 2777 goto out; 2778 2779 mutex_enter(&stp->sd_lock); 2780 /* 2781 * Check for a missed wakeup. 2782 * Needed since strput did not hold sd_lock across 2783 * the canputnext. 2784 */ 2785 if (canputnext(wqp)) { 2786 /* Try again */ 2787 mutex_exit(&stp->sd_lock); 2788 continue; 2789 } 2790 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_WAIT, 2791 "strwrite wait:q %p wait", wqp); 2792 if ((error = strwaitq(stp, waitflag, (ssize_t)0, 2793 tempmode, -1, &done)) != 0 || done) { 2794 mutex_exit(&stp->sd_lock); 2795 if ((vp->v_type == VFIFO) && 2796 (uiop->uio_fmode & FNDELAY) && 2797 (error == EAGAIN)) 2798 error = 0; 2799 goto out; 2800 } 2801 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_WAKE, 2802 "strwrite wake:q %p awakes", wqp); 2803 if ((error = i_straccess(stp, JCWRITE)) != 0) { 2804 mutex_exit(&stp->sd_lock); 2805 goto out; 2806 } 2807 mutex_exit(&stp->sd_lock); 2808 } 2809 waitflag |= NOINTR; 2810 TRACE_2(TR_FAC_STREAMS_FR, TR_STRWRITE_RESID, 2811 "strwrite resid:q %p uiop %p", wqp, uiop); 2812 if (uiop->uio_resid) { 2813 /* Recheck for errors - needed for sockets */ 2814 if ((stp->sd_wput_opt & SW_RECHECK_ERR) && 2815 (stp->sd_flag & (STWRERR|STRHUP|STPLEX))) { 2816 mutex_enter(&stp->sd_lock); 2817 error = strwriteable(stp, B_FALSE, B_TRUE); 2818 mutex_exit(&stp->sd_lock); 2819 if (error != 0) 2820 return (error); 2821 } 2822 continue; 2823 } 2824 break; 2825 } 2826 out: 2827 /* 2828 * For historical reasons, applications expect EAGAIN when a data 2829 * mblk_t cannot be allocated, so change ENOMEM back to EAGAIN. 2830 */ 2831 if (error == ENOMEM) 2832 error = EAGAIN; 2833 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2834 "strwrite out:q %p out %d error %d", wqp, 2, error); 2835 return (error); 2836 } 2837 2838 /* 2839 * Stream head write service routine. 2840 * Its job is to wake up any sleeping writers when a queue 2841 * downstream needs data (part of the flow control in putq and getq). 2842 * It also must wake anyone sleeping on a poll(). 2843 * For stream head right below mux module, it must also invoke put procedure 2844 * of next downstream module. 2845 */ 2846 int 2847 strwsrv(queue_t *q) 2848 { 2849 struct stdata *stp; 2850 queue_t *tq; 2851 qband_t *qbp; 2852 int i; 2853 qband_t *myqbp; 2854 int isevent; 2855 unsigned char qbf[NBAND]; /* band flushing backenable flags */ 2856 2857 TRACE_1(TR_FAC_STREAMS_FR, 2858 TR_STRWSRV, "strwsrv:q %p", q); 2859 stp = (struct stdata *)q->q_ptr; 2860 ASSERT(qclaimed(q)); 2861 mutex_enter(&stp->sd_lock); 2862 ASSERT(!(stp->sd_flag & STPLEX)); 2863 2864 if (stp->sd_flag & WSLEEP) { 2865 stp->sd_flag &= ~WSLEEP; 2866 cv_broadcast(&q->q_wait); 2867 } 2868 mutex_exit(&stp->sd_lock); 2869 2870 /* The other end of a stream pipe went away. */ 2871 if ((tq = q->q_next) == NULL) { 2872 return (0); 2873 } 2874 2875 /* Find the next module forward that has a service procedure */ 2876 claimstr(q); 2877 tq = q->q_nfsrv; 2878 ASSERT(tq != NULL); 2879 2880 if ((q->q_flag & QBACK)) { 2881 if ((tq->q_flag & QFULL)) { 2882 mutex_enter(QLOCK(tq)); 2883 if (!(tq->q_flag & QFULL)) { 2884 mutex_exit(QLOCK(tq)); 2885 goto wakeup; 2886 } 2887 /* 2888 * The queue must have become full again. Set QWANTW 2889 * again so strwsrv will be back enabled when 2890 * the queue becomes non-full next time. 2891 */ 2892 tq->q_flag |= QWANTW; 2893 mutex_exit(QLOCK(tq)); 2894 } else { 2895 wakeup: 2896 pollwakeup(&stp->sd_pollist, POLLWRNORM); 2897 mutex_enter(&stp->sd_lock); 2898 if (stp->sd_sigflags & S_WRNORM) 2899 strsendsig(stp->sd_siglist, S_WRNORM, 0, 0); 2900 mutex_exit(&stp->sd_lock); 2901 } 2902 } 2903 2904 isevent = 0; 2905 i = 1; 2906 bzero((caddr_t)qbf, NBAND); 2907 mutex_enter(QLOCK(tq)); 2908 if ((myqbp = q->q_bandp) != NULL) 2909 for (qbp = tq->q_bandp; qbp && myqbp; qbp = qbp->qb_next) { 2910 ASSERT(myqbp); 2911 if ((myqbp->qb_flag & QB_BACK)) { 2912 if (qbp->qb_flag & QB_FULL) { 2913 /* 2914 * The band must have become full again. 2915 * Set QB_WANTW again so strwsrv will 2916 * be back enabled when the band becomes 2917 * non-full next time. 2918 */ 2919 qbp->qb_flag |= QB_WANTW; 2920 } else { 2921 isevent = 1; 2922 qbf[i] = 1; 2923 } 2924 } 2925 myqbp = myqbp->qb_next; 2926 i++; 2927 } 2928 mutex_exit(QLOCK(tq)); 2929 2930 if (isevent) { 2931 for (i = tq->q_nband; i; i--) { 2932 if (qbf[i]) { 2933 pollwakeup(&stp->sd_pollist, POLLWRBAND); 2934 mutex_enter(&stp->sd_lock); 2935 if (stp->sd_sigflags & S_WRBAND) 2936 strsendsig(stp->sd_siglist, S_WRBAND, 2937 (uchar_t)i, 0); 2938 mutex_exit(&stp->sd_lock); 2939 } 2940 } 2941 } 2942 2943 releasestr(q); 2944 return (0); 2945 } 2946 2947 /* 2948 * Special case of strcopyin/strcopyout for copying 2949 * struct strioctl that can deal with both data 2950 * models. 2951 */ 2952 2953 #ifdef _LP64 2954 2955 static int 2956 strcopyin_strioctl(void *from, void *to, int flag, int copyflag) 2957 { 2958 struct strioctl32 strioc32; 2959 struct strioctl *striocp; 2960 2961 if (copyflag & U_TO_K) { 2962 ASSERT((copyflag & K_TO_K) == 0); 2963 2964 if ((flag & FMODELS) == DATAMODEL_ILP32) { 2965 if (copyin(from, &strioc32, sizeof (strioc32))) 2966 return (EFAULT); 2967 2968 striocp = (struct strioctl *)to; 2969 striocp->ic_cmd = strioc32.ic_cmd; 2970 striocp->ic_timout = strioc32.ic_timout; 2971 striocp->ic_len = strioc32.ic_len; 2972 striocp->ic_dp = (char *)(uintptr_t)strioc32.ic_dp; 2973 2974 } else { /* NATIVE data model */ 2975 if (copyin(from, to, sizeof (struct strioctl))) { 2976 return (EFAULT); 2977 } else { 2978 return (0); 2979 } 2980 } 2981 } else { 2982 ASSERT(copyflag & K_TO_K); 2983 bcopy(from, to, sizeof (struct strioctl)); 2984 } 2985 return (0); 2986 } 2987 2988 static int 2989 strcopyout_strioctl(void *from, void *to, int flag, int copyflag) 2990 { 2991 struct strioctl32 strioc32; 2992 struct strioctl *striocp; 2993 2994 if (copyflag & U_TO_K) { 2995 ASSERT((copyflag & K_TO_K) == 0); 2996 2997 if ((flag & FMODELS) == DATAMODEL_ILP32) { 2998 striocp = (struct strioctl *)from; 2999 strioc32.ic_cmd = striocp->ic_cmd; 3000 strioc32.ic_timout = striocp->ic_timout; 3001 strioc32.ic_len = striocp->ic_len; 3002 strioc32.ic_dp = (caddr32_t)(uintptr_t)striocp->ic_dp; 3003 ASSERT((char *)(uintptr_t)strioc32.ic_dp == 3004 striocp->ic_dp); 3005 3006 if (copyout(&strioc32, to, sizeof (strioc32))) 3007 return (EFAULT); 3008 3009 } else { /* NATIVE data model */ 3010 if (copyout(from, to, sizeof (struct strioctl))) { 3011 return (EFAULT); 3012 } else { 3013 return (0); 3014 } 3015 } 3016 } else { 3017 ASSERT(copyflag & K_TO_K); 3018 bcopy(from, to, sizeof (struct strioctl)); 3019 } 3020 return (0); 3021 } 3022 3023 #else /* ! _LP64 */ 3024 3025 /* ARGSUSED2 */ 3026 static int 3027 strcopyin_strioctl(void *from, void *to, int flag, int copyflag) 3028 { 3029 return (strcopyin(from, to, sizeof (struct strioctl), copyflag)); 3030 } 3031 3032 /* ARGSUSED2 */ 3033 static int 3034 strcopyout_strioctl(void *from, void *to, int flag, int copyflag) 3035 { 3036 return (strcopyout(from, to, sizeof (struct strioctl), copyflag)); 3037 } 3038 3039 #endif /* _LP64 */ 3040 3041 /* 3042 * Determine type of job control semantics expected by user. The 3043 * possibilities are: 3044 * JCREAD - Behaves like read() on fd; send SIGTTIN 3045 * JCWRITE - Behaves like write() on fd; send SIGTTOU if TOSTOP set 3046 * JCSETP - Sets a value in the stream; send SIGTTOU, ignore TOSTOP 3047 * JCGETP - Gets a value in the stream; no signals. 3048 * See straccess in strsubr.c for usage of these values. 3049 * 3050 * This routine also returns -1 for I_STR as a special case; the 3051 * caller must call again with the real ioctl number for 3052 * classification. 3053 */ 3054 static int 3055 job_control_type(int cmd) 3056 { 3057 switch (cmd) { 3058 case I_STR: 3059 return (-1); 3060 3061 case I_RECVFD: 3062 case I_E_RECVFD: 3063 return (JCREAD); 3064 3065 case I_FDINSERT: 3066 case I_SENDFD: 3067 return (JCWRITE); 3068 3069 case TCSETA: 3070 case TCSETAW: 3071 case TCSETAF: 3072 case TCSBRK: 3073 case TCXONC: 3074 case TCFLSH: 3075 case TCDSET: /* Obsolete */ 3076 case TIOCSWINSZ: 3077 case TCSETS: 3078 case TCSETSW: 3079 case TCSETSF: 3080 case TIOCSETD: 3081 case TIOCHPCL: 3082 case TIOCSETP: 3083 case TIOCSETN: 3084 case TIOCEXCL: 3085 case TIOCNXCL: 3086 case TIOCFLUSH: 3087 case TIOCSETC: 3088 case TIOCLBIS: 3089 case TIOCLBIC: 3090 case TIOCLSET: 3091 case TIOCSBRK: 3092 case TIOCCBRK: 3093 case TIOCSDTR: 3094 case TIOCCDTR: 3095 case TIOCSLTC: 3096 case TIOCSTOP: 3097 case TIOCSTART: 3098 case TIOCSTI: 3099 case TIOCSPGRP: 3100 case TIOCMSET: 3101 case TIOCMBIS: 3102 case TIOCMBIC: 3103 case TIOCREMOTE: 3104 case TIOCSIGNAL: 3105 case LDSETT: 3106 case LDSMAP: /* Obsolete */ 3107 case DIOCSETP: 3108 case I_FLUSH: 3109 case I_SRDOPT: 3110 case I_SETSIG: 3111 case I_SWROPT: 3112 case I_FLUSHBAND: 3113 case I_SETCLTIME: 3114 case I_SERROPT: 3115 case I_ESETSIG: 3116 case FIONBIO: 3117 case FIOASYNC: 3118 case FIOSETOWN: 3119 case JBOOT: /* Obsolete */ 3120 case JTERM: /* Obsolete */ 3121 case JTIMOM: /* Obsolete */ 3122 case JZOMBOOT: /* Obsolete */ 3123 case JAGENT: /* Obsolete */ 3124 case JTRUN: /* Obsolete */ 3125 case JXTPROTO: /* Obsolete */ 3126 case TIOCSETLD: 3127 return (JCSETP); 3128 } 3129 3130 return (JCGETP); 3131 } 3132 3133 /* 3134 * ioctl for streams 3135 */ 3136 int 3137 strioctl(struct vnode *vp, int cmd, intptr_t arg, int flag, int copyflag, 3138 cred_t *crp, int *rvalp) 3139 { 3140 struct stdata *stp; 3141 struct strioctl strioc; 3142 struct uio uio; 3143 struct iovec iov; 3144 int access; 3145 mblk_t *mp; 3146 int error = 0; 3147 int done = 0; 3148 ssize_t rmin, rmax; 3149 queue_t *wrq; 3150 queue_t *rdq; 3151 boolean_t kioctl = B_FALSE; 3152 3153 if (flag & FKIOCTL) { 3154 copyflag = K_TO_K; 3155 kioctl = B_TRUE; 3156 } 3157 ASSERT(vp->v_stream); 3158 ASSERT(copyflag == U_TO_K || copyflag == K_TO_K); 3159 stp = vp->v_stream; 3160 3161 TRACE_3(TR_FAC_STREAMS_FR, TR_IOCTL_ENTER, 3162 "strioctl:stp %p cmd %X arg %lX", stp, cmd, arg); 3163 3164 #ifdef C2_AUDIT 3165 if (audit_active) 3166 audit_strioctl(vp, cmd, arg, flag, copyflag, crp, rvalp); 3167 #endif 3168 3169 /* 3170 * If the copy is kernel to kernel, make sure that the FNATIVE 3171 * flag is set. After this it would be a serious error to have 3172 * no model flag. 3173 */ 3174 if (copyflag == K_TO_K) 3175 flag = (flag & ~FMODELS) | FNATIVE; 3176 3177 ASSERT((flag & FMODELS) != 0); 3178 3179 wrq = stp->sd_wrq; 3180 rdq = _RD(wrq); 3181 3182 access = job_control_type(cmd); 3183 3184 /* We should never see these here, should be handled by iwscn */ 3185 if (cmd == SRIOCSREDIR || cmd == SRIOCISREDIR) 3186 return (EINVAL); 3187 3188 mutex_enter(&stp->sd_lock); 3189 if ((access != -1) && ((error = i_straccess(stp, access)) != 0)) { 3190 mutex_exit(&stp->sd_lock); 3191 return (error); 3192 } 3193 mutex_exit(&stp->sd_lock); 3194 3195 /* 3196 * Check for sgttyb-related ioctls first, and complain as 3197 * necessary. 3198 */ 3199 switch (cmd) { 3200 case TIOCGETP: 3201 case TIOCSETP: 3202 case TIOCSETN: 3203 if (sgttyb_handling >= 2 && !sgttyb_complaint) { 3204 sgttyb_complaint = B_TRUE; 3205 cmn_err(CE_NOTE, 3206 "application used obsolete TIOC[GS]ET"); 3207 } 3208 if (sgttyb_handling >= 3) { 3209 tsignal(curthread, SIGSYS); 3210 return (EIO); 3211 } 3212 break; 3213 } 3214 3215 mutex_enter(&stp->sd_lock); 3216 3217 switch (cmd) { 3218 case I_RECVFD: 3219 case I_E_RECVFD: 3220 case I_PEEK: 3221 case I_NREAD: 3222 case FIONREAD: 3223 case FIORDCHK: 3224 case I_ATMARK: 3225 case FIONBIO: 3226 case FIOASYNC: 3227 if (stp->sd_flag & (STRDERR|STPLEX)) { 3228 error = strgeterr(stp, STRDERR|STPLEX, 0); 3229 if (error != 0) { 3230 mutex_exit(&stp->sd_lock); 3231 return (error); 3232 } 3233 } 3234 break; 3235 3236 default: 3237 if (stp->sd_flag & (STRDERR|STWRERR|STPLEX)) { 3238 error = strgeterr(stp, STRDERR|STWRERR|STPLEX, 0); 3239 if (error != 0) { 3240 mutex_exit(&stp->sd_lock); 3241 return (error); 3242 } 3243 } 3244 } 3245 3246 mutex_exit(&stp->sd_lock); 3247 3248 switch (cmd) { 3249 default: 3250 /* 3251 * The stream head has hardcoded knowledge of a 3252 * miscellaneous collection of terminal-, keyboard- and 3253 * mouse-related ioctls, enumerated below. This hardcoded 3254 * knowledge allows the stream head to automatically 3255 * convert transparent ioctl requests made by userland 3256 * programs into I_STR ioctls which many old STREAMS 3257 * modules and drivers require. 3258 * 3259 * No new ioctls should ever be added to this list. 3260 * Instead, the STREAMS module or driver should be written 3261 * to either handle transparent ioctls or require any 3262 * userland programs to use I_STR ioctls (by returning 3263 * EINVAL to any transparent ioctl requests). 3264 * 3265 * More importantly, removing ioctls from this list should 3266 * be done with the utmost care, since our STREAMS modules 3267 * and drivers *count* on the stream head performing this 3268 * conversion, and thus may panic while processing 3269 * transparent ioctl request for one of these ioctls (keep 3270 * in mind that third party modules and drivers may have 3271 * similar problems). 3272 */ 3273 if (((cmd & IOCTYPE) == LDIOC) || 3274 ((cmd & IOCTYPE) == tIOC) || 3275 ((cmd & IOCTYPE) == TIOC) || 3276 ((cmd & IOCTYPE) == KIOC) || 3277 ((cmd & IOCTYPE) == MSIOC) || 3278 ((cmd & IOCTYPE) == VUIOC)) { 3279 /* 3280 * The ioctl is a tty ioctl - set up strioc buffer 3281 * and call strdoioctl() to do the work. 3282 */ 3283 if (stp->sd_flag & STRHUP) 3284 return (ENXIO); 3285 strioc.ic_cmd = cmd; 3286 strioc.ic_timout = INFTIM; 3287 3288 switch (cmd) { 3289 3290 case TCXONC: 3291 case TCSBRK: 3292 case TCFLSH: 3293 case TCDSET: 3294 { 3295 int native_arg = (int)arg; 3296 strioc.ic_len = sizeof (int); 3297 strioc.ic_dp = (char *)&native_arg; 3298 return (strdoioctl(stp, &strioc, flag, 3299 K_TO_K, crp, rvalp)); 3300 } 3301 3302 case TCSETA: 3303 case TCSETAW: 3304 case TCSETAF: 3305 strioc.ic_len = sizeof (struct termio); 3306 strioc.ic_dp = (char *)arg; 3307 return (strdoioctl(stp, &strioc, flag, 3308 copyflag, crp, rvalp)); 3309 3310 case TCSETS: 3311 case TCSETSW: 3312 case TCSETSF: 3313 strioc.ic_len = sizeof (struct termios); 3314 strioc.ic_dp = (char *)arg; 3315 return (strdoioctl(stp, &strioc, flag, 3316 copyflag, crp, rvalp)); 3317 3318 case LDSETT: 3319 strioc.ic_len = sizeof (struct termcb); 3320 strioc.ic_dp = (char *)arg; 3321 return (strdoioctl(stp, &strioc, flag, 3322 copyflag, crp, rvalp)); 3323 3324 case TIOCSETP: 3325 strioc.ic_len = sizeof (struct sgttyb); 3326 strioc.ic_dp = (char *)arg; 3327 return (strdoioctl(stp, &strioc, flag, 3328 copyflag, crp, rvalp)); 3329 3330 case TIOCSTI: 3331 if ((flag & FREAD) == 0 && 3332 secpolicy_sti(crp) != 0) { 3333 return (EPERM); 3334 } 3335 mutex_enter(&stp->sd_lock); 3336 mutex_enter(&curproc->p_splock); 3337 if (stp->sd_sidp != curproc->p_sessp->s_sidp && 3338 secpolicy_sti(crp) != 0) { 3339 mutex_exit(&curproc->p_splock); 3340 mutex_exit(&stp->sd_lock); 3341 return (EACCES); 3342 } 3343 mutex_exit(&curproc->p_splock); 3344 mutex_exit(&stp->sd_lock); 3345 3346 strioc.ic_len = sizeof (char); 3347 strioc.ic_dp = (char *)arg; 3348 return (strdoioctl(stp, &strioc, flag, 3349 copyflag, crp, rvalp)); 3350 3351 case TIOCSWINSZ: 3352 strioc.ic_len = sizeof (struct winsize); 3353 strioc.ic_dp = (char *)arg; 3354 return (strdoioctl(stp, &strioc, flag, 3355 copyflag, crp, rvalp)); 3356 3357 case TIOCSSIZE: 3358 strioc.ic_len = sizeof (struct ttysize); 3359 strioc.ic_dp = (char *)arg; 3360 return (strdoioctl(stp, &strioc, flag, 3361 copyflag, crp, rvalp)); 3362 3363 case TIOCSSOFTCAR: 3364 case KIOCTRANS: 3365 case KIOCTRANSABLE: 3366 case KIOCCMD: 3367 case KIOCSDIRECT: 3368 case KIOCSCOMPAT: 3369 case KIOCSKABORTEN: 3370 case KIOCSRPTDELAY: 3371 case KIOCSRPTRATE: 3372 case VUIDSFORMAT: 3373 case TIOCSPPS: 3374 strioc.ic_len = sizeof (int); 3375 strioc.ic_dp = (char *)arg; 3376 return (strdoioctl(stp, &strioc, flag, 3377 copyflag, crp, rvalp)); 3378 3379 case KIOCSETKEY: 3380 case KIOCGETKEY: 3381 strioc.ic_len = sizeof (struct kiockey); 3382 strioc.ic_dp = (char *)arg; 3383 return (strdoioctl(stp, &strioc, flag, 3384 copyflag, crp, rvalp)); 3385 3386 case KIOCSKEY: 3387 case KIOCGKEY: 3388 strioc.ic_len = sizeof (struct kiockeymap); 3389 strioc.ic_dp = (char *)arg; 3390 return (strdoioctl(stp, &strioc, flag, 3391 copyflag, crp, rvalp)); 3392 3393 case KIOCSLED: 3394 /* arg is a pointer to char */ 3395 strioc.ic_len = sizeof (char); 3396 strioc.ic_dp = (char *)arg; 3397 return (strdoioctl(stp, &strioc, flag, 3398 copyflag, crp, rvalp)); 3399 3400 case MSIOSETPARMS: 3401 strioc.ic_len = sizeof (Ms_parms); 3402 strioc.ic_dp = (char *)arg; 3403 return (strdoioctl(stp, &strioc, flag, 3404 copyflag, crp, rvalp)); 3405 3406 case VUIDSADDR: 3407 case VUIDGADDR: 3408 strioc.ic_len = sizeof (struct vuid_addr_probe); 3409 strioc.ic_dp = (char *)arg; 3410 return (strdoioctl(stp, &strioc, flag, 3411 copyflag, crp, rvalp)); 3412 3413 /* 3414 * These M_IOCTL's don't require any data to be sent 3415 * downstream, and the driver will allocate and link 3416 * on its own mblk_t upon M_IOCACK -- thus we set 3417 * ic_len to zero and set ic_dp to arg so we know 3418 * where to copyout to later. 3419 */ 3420 case TIOCGSOFTCAR: 3421 case TIOCGWINSZ: 3422 case TIOCGSIZE: 3423 case KIOCGTRANS: 3424 case KIOCGTRANSABLE: 3425 case KIOCTYPE: 3426 case KIOCGDIRECT: 3427 case KIOCGCOMPAT: 3428 case KIOCLAYOUT: 3429 case KIOCGLED: 3430 case MSIOGETPARMS: 3431 case MSIOBUTTONS: 3432 case VUIDGFORMAT: 3433 case TIOCGPPS: 3434 case TIOCGPPSEV: 3435 case TCGETA: 3436 case TCGETS: 3437 case LDGETT: 3438 case TIOCGETP: 3439 case KIOCGRPTDELAY: 3440 case KIOCGRPTRATE: 3441 strioc.ic_len = 0; 3442 strioc.ic_dp = (char *)arg; 3443 return (strdoioctl(stp, &strioc, flag, 3444 copyflag, crp, rvalp)); 3445 } 3446 } 3447 3448 /* 3449 * Unknown cmd - send it down as a transparent ioctl. 3450 */ 3451 strioc.ic_cmd = cmd; 3452 strioc.ic_timout = INFTIM; 3453 strioc.ic_len = TRANSPARENT; 3454 strioc.ic_dp = (char *)&arg; 3455 3456 return (strdoioctl(stp, &strioc, flag, copyflag, crp, rvalp)); 3457 3458 case I_STR: 3459 /* 3460 * Stream ioctl. Read in an strioctl buffer from the user 3461 * along with any data specified and send it downstream. 3462 * Strdoioctl will wait allow only one ioctl message at 3463 * a time, and waits for the acknowledgement. 3464 */ 3465 3466 if (stp->sd_flag & STRHUP) 3467 return (ENXIO); 3468 3469 error = strcopyin_strioctl((void *)arg, &strioc, flag, 3470 copyflag); 3471 if (error != 0) 3472 return (error); 3473 3474 if ((strioc.ic_len < 0) || (strioc.ic_timout < -1)) 3475 return (EINVAL); 3476 3477 access = job_control_type(strioc.ic_cmd); 3478 mutex_enter(&stp->sd_lock); 3479 if ((access != -1) && 3480 ((error = i_straccess(stp, access)) != 0)) { 3481 mutex_exit(&stp->sd_lock); 3482 return (error); 3483 } 3484 mutex_exit(&stp->sd_lock); 3485 3486 /* 3487 * The I_STR facility provides a trap door for malicious 3488 * code to send down bogus streamio(7I) ioctl commands to 3489 * unsuspecting STREAMS modules and drivers which expect to 3490 * only get these messages from the stream head. 3491 * Explicitly prohibit any streamio ioctls which can be 3492 * passed downstream by the stream head. Note that we do 3493 * not block all streamio ioctls because the ioctl 3494 * numberspace is not well managed and thus it's possible 3495 * that a module or driver's ioctl numbers may accidentally 3496 * collide with them. 3497 */ 3498 switch (strioc.ic_cmd) { 3499 case I_LINK: 3500 case I_PLINK: 3501 case I_UNLINK: 3502 case I_PUNLINK: 3503 case _I_GETPEERCRED: 3504 case _I_PLINK_LH: 3505 return (EINVAL); 3506 } 3507 3508 error = strdoioctl(stp, &strioc, flag, copyflag, crp, rvalp); 3509 if (error == 0) { 3510 error = strcopyout_strioctl(&strioc, (void *)arg, 3511 flag, copyflag); 3512 } 3513 return (error); 3514 3515 case I_NREAD: 3516 /* 3517 * Return number of bytes of data in first message 3518 * in queue in "arg" and return the number of messages 3519 * in queue in return value. 3520 */ 3521 { 3522 size_t size; 3523 int retval; 3524 int count = 0; 3525 3526 mutex_enter(QLOCK(rdq)); 3527 3528 size = msgdsize(rdq->q_first); 3529 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3530 count++; 3531 3532 mutex_exit(QLOCK(rdq)); 3533 if (stp->sd_struiordq) { 3534 infod_t infod; 3535 3536 infod.d_cmd = INFOD_COUNT; 3537 infod.d_count = 0; 3538 if (count == 0) { 3539 infod.d_cmd |= INFOD_FIRSTBYTES; 3540 infod.d_bytes = 0; 3541 } 3542 infod.d_res = 0; 3543 (void) infonext(rdq, &infod); 3544 count += infod.d_count; 3545 if (infod.d_res & INFOD_FIRSTBYTES) 3546 size = infod.d_bytes; 3547 } 3548 3549 /* 3550 * Drop down from size_t to the "int" required by the 3551 * interface. Cap at INT_MAX. 3552 */ 3553 retval = MIN(size, INT_MAX); 3554 error = strcopyout(&retval, (void *)arg, sizeof (retval), 3555 copyflag); 3556 if (!error) 3557 *rvalp = count; 3558 return (error); 3559 } 3560 3561 case FIONREAD: 3562 /* 3563 * Return number of bytes of data in all data messages 3564 * in queue in "arg". 3565 */ 3566 { 3567 size_t size = 0; 3568 int retval; 3569 3570 mutex_enter(QLOCK(rdq)); 3571 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3572 size += msgdsize(mp); 3573 mutex_exit(QLOCK(rdq)); 3574 3575 if (stp->sd_struiordq) { 3576 infod_t infod; 3577 3578 infod.d_cmd = INFOD_BYTES; 3579 infod.d_res = 0; 3580 infod.d_bytes = 0; 3581 (void) infonext(rdq, &infod); 3582 size += infod.d_bytes; 3583 } 3584 3585 /* 3586 * Drop down from size_t to the "int" required by the 3587 * interface. Cap at INT_MAX. 3588 */ 3589 retval = MIN(size, INT_MAX); 3590 error = strcopyout(&retval, (void *)arg, sizeof (retval), 3591 copyflag); 3592 3593 *rvalp = 0; 3594 return (error); 3595 } 3596 case FIORDCHK: 3597 /* 3598 * FIORDCHK does not use arg value (like FIONREAD), 3599 * instead a count is returned. I_NREAD value may 3600 * not be accurate but safe. The real thing to do is 3601 * to add the msgdsizes of all data messages until 3602 * a non-data message. 3603 */ 3604 { 3605 size_t size = 0; 3606 3607 mutex_enter(QLOCK(rdq)); 3608 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3609 size += msgdsize(mp); 3610 mutex_exit(QLOCK(rdq)); 3611 3612 if (stp->sd_struiordq) { 3613 infod_t infod; 3614 3615 infod.d_cmd = INFOD_BYTES; 3616 infod.d_res = 0; 3617 infod.d_bytes = 0; 3618 (void) infonext(rdq, &infod); 3619 size += infod.d_bytes; 3620 } 3621 3622 /* 3623 * Since ioctl returns an int, and memory sizes under 3624 * LP64 may not fit, we return INT_MAX if the count was 3625 * actually greater. 3626 */ 3627 *rvalp = MIN(size, INT_MAX); 3628 return (0); 3629 } 3630 3631 case I_FIND: 3632 /* 3633 * Get module name. 3634 */ 3635 { 3636 char mname[FMNAMESZ + 1]; 3637 queue_t *q; 3638 3639 error = (copyflag & U_TO_K ? copyinstr : copystr)((void *)arg, 3640 mname, FMNAMESZ + 1, NULL); 3641 if (error) 3642 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3643 3644 /* 3645 * Return EINVAL if we're handed a bogus module name. 3646 */ 3647 if (fmodsw_find(mname, FMODSW_LOAD) == NULL) { 3648 TRACE_0(TR_FAC_STREAMS_FR, 3649 TR_I_CANT_FIND, "couldn't I_FIND"); 3650 return (EINVAL); 3651 } 3652 3653 *rvalp = 0; 3654 3655 /* Look downstream to see if module is there. */ 3656 claimstr(stp->sd_wrq); 3657 for (q = stp->sd_wrq->q_next; q; q = q->q_next) { 3658 if (q->q_flag&QREADR) { 3659 q = NULL; 3660 break; 3661 } 3662 if (strcmp(mname, q->q_qinfo->qi_minfo->mi_idname) == 0) 3663 break; 3664 } 3665 releasestr(stp->sd_wrq); 3666 3667 *rvalp = (q ? 1 : 0); 3668 return (error); 3669 } 3670 3671 case I_PUSH: 3672 case __I_PUSH_NOCTTY: 3673 /* 3674 * Push a module. 3675 * For the case __I_PUSH_NOCTTY push a module but 3676 * do not allocate controlling tty. See bugid 4025044 3677 */ 3678 3679 { 3680 char mname[FMNAMESZ + 1]; 3681 fmodsw_impl_t *fp; 3682 dev_t dummydev; 3683 3684 if (stp->sd_flag & STRHUP) 3685 return (ENXIO); 3686 3687 /* 3688 * Get module name and look up in fmodsw. 3689 */ 3690 error = (copyflag & U_TO_K ? copyinstr : copystr)((void *)arg, 3691 mname, FMNAMESZ + 1, NULL); 3692 if (error) 3693 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3694 3695 if ((fp = fmodsw_find(mname, FMODSW_HOLD | FMODSW_LOAD)) == 3696 NULL) 3697 return (EINVAL); 3698 3699 TRACE_2(TR_FAC_STREAMS_FR, TR_I_PUSH, 3700 "I_PUSH:fp %p stp %p", fp, stp); 3701 3702 if (error = strstartplumb(stp, flag, cmd)) { 3703 fmodsw_rele(fp); 3704 return (error); 3705 } 3706 3707 /* 3708 * See if any more modules can be pushed on this stream. 3709 * Note that this check must be done after strstartplumb() 3710 * since otherwise multiple threads issuing I_PUSHes on 3711 * the same stream will be able to exceed nstrpush. 3712 */ 3713 mutex_enter(&stp->sd_lock); 3714 if (stp->sd_pushcnt >= nstrpush) { 3715 fmodsw_rele(fp); 3716 strendplumb(stp); 3717 mutex_exit(&stp->sd_lock); 3718 return (EINVAL); 3719 } 3720 mutex_exit(&stp->sd_lock); 3721 3722 /* 3723 * Push new module and call its open routine 3724 * via qattach(). Modules don't change device 3725 * numbers, so just ignore dummydev here. 3726 */ 3727 dummydev = vp->v_rdev; 3728 if ((error = qattach(rdq, &dummydev, 0, crp, fp, 3729 B_FALSE)) == 0) { 3730 if (vp->v_type == VCHR && /* sorry, no pipes allowed */ 3731 (cmd == I_PUSH) && (stp->sd_flag & STRISTTY)) { 3732 /* 3733 * try to allocate it as a controlling terminal 3734 */ 3735 (void) strctty(stp); 3736 } 3737 } 3738 3739 mutex_enter(&stp->sd_lock); 3740 3741 /* 3742 * As a performance concern we are caching the values of 3743 * q_minpsz and q_maxpsz of the module below the stream 3744 * head in the stream head. 3745 */ 3746 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 3747 rmin = stp->sd_wrq->q_next->q_minpsz; 3748 rmax = stp->sd_wrq->q_next->q_maxpsz; 3749 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 3750 3751 /* Do this processing here as a performance concern */ 3752 if (strmsgsz != 0) { 3753 if (rmax == INFPSZ) 3754 rmax = strmsgsz; 3755 else { 3756 if (vp->v_type == VFIFO) 3757 rmax = MIN(PIPE_BUF, rmax); 3758 else rmax = MIN(strmsgsz, rmax); 3759 } 3760 } 3761 3762 mutex_enter(QLOCK(wrq)); 3763 stp->sd_qn_minpsz = rmin; 3764 stp->sd_qn_maxpsz = rmax; 3765 mutex_exit(QLOCK(wrq)); 3766 3767 strendplumb(stp); 3768 mutex_exit(&stp->sd_lock); 3769 return (error); 3770 } 3771 3772 case I_POP: 3773 { 3774 queue_t *q; 3775 3776 if (stp->sd_flag & STRHUP) 3777 return (ENXIO); 3778 if (!wrq->q_next) /* for broken pipes */ 3779 return (EINVAL); 3780 3781 if (error = strstartplumb(stp, flag, cmd)) 3782 return (error); 3783 3784 /* 3785 * If there is an anchor on this stream and popping 3786 * the current module would attempt to pop through the 3787 * anchor, then disallow the pop unless we have sufficient 3788 * privileges; take the cheapest (non-locking) check 3789 * first. 3790 */ 3791 if (secpolicy_ip_config(crp, B_TRUE) != 0 || 3792 (stp->sd_anchorzone != crgetzoneid(crp))) { 3793 mutex_enter(&stp->sd_lock); 3794 /* 3795 * Anchors only apply if there's at least one 3796 * module on the stream (sd_pushcnt > 0). 3797 */ 3798 if (stp->sd_pushcnt > 0 && 3799 stp->sd_pushcnt == stp->sd_anchor && 3800 stp->sd_vnode->v_type != VFIFO) { 3801 strendplumb(stp); 3802 mutex_exit(&stp->sd_lock); 3803 if (stp->sd_anchorzone != crgetzoneid(crp)) 3804 return (EINVAL); 3805 /* Audit and report error */ 3806 return (secpolicy_ip_config(crp, B_FALSE)); 3807 } 3808 mutex_exit(&stp->sd_lock); 3809 } 3810 3811 q = wrq->q_next; 3812 TRACE_2(TR_FAC_STREAMS_FR, TR_I_POP, 3813 "I_POP:%p from %p", q, stp); 3814 if (q->q_next == NULL || (q->q_flag & (QREADR|QISDRV))) { 3815 error = EINVAL; 3816 } else { 3817 qdetach(_RD(q), 1, flag, crp, B_FALSE); 3818 error = 0; 3819 } 3820 mutex_enter(&stp->sd_lock); 3821 3822 /* 3823 * As a performance concern we are caching the values of 3824 * q_minpsz and q_maxpsz of the module below the stream 3825 * head in the stream head. 3826 */ 3827 mutex_enter(QLOCK(wrq->q_next)); 3828 rmin = wrq->q_next->q_minpsz; 3829 rmax = wrq->q_next->q_maxpsz; 3830 mutex_exit(QLOCK(wrq->q_next)); 3831 3832 /* Do this processing here as a performance concern */ 3833 if (strmsgsz != 0) { 3834 if (rmax == INFPSZ) 3835 rmax = strmsgsz; 3836 else { 3837 if (vp->v_type == VFIFO) 3838 rmax = MIN(PIPE_BUF, rmax); 3839 else rmax = MIN(strmsgsz, rmax); 3840 } 3841 } 3842 3843 mutex_enter(QLOCK(wrq)); 3844 stp->sd_qn_minpsz = rmin; 3845 stp->sd_qn_maxpsz = rmax; 3846 mutex_exit(QLOCK(wrq)); 3847 3848 /* If we popped through the anchor, then reset the anchor. */ 3849 if (stp->sd_pushcnt < stp->sd_anchor) { 3850 stp->sd_anchor = 0; 3851 stp->sd_anchorzone = 0; 3852 } 3853 strendplumb(stp); 3854 mutex_exit(&stp->sd_lock); 3855 return (error); 3856 } 3857 3858 case _I_MUXID2FD: 3859 { 3860 /* 3861 * Create a fd for a I_PLINK'ed lower stream with a given 3862 * muxid. With the fd, application can send down ioctls, 3863 * like I_LIST, to the previously I_PLINK'ed stream. Note 3864 * that after getting the fd, the application has to do an 3865 * I_PUNLINK on the muxid before it can do any operation 3866 * on the lower stream. This is required by spec1170. 3867 * 3868 * The fd used to do this ioctl should point to the same 3869 * controlling device used to do the I_PLINK. If it uses 3870 * a different stream or an invalid muxid, I_MUXID2FD will 3871 * fail. The error code is set to EINVAL. 3872 * 3873 * The intended use of this interface is the following. 3874 * An application I_PLINK'ed a stream and exits. The fd 3875 * to the lower stream is gone. Another application 3876 * wants to get a fd to the lower stream, it uses I_MUXID2FD. 3877 */ 3878 int muxid = (int)arg; 3879 int fd; 3880 linkinfo_t *linkp; 3881 struct file *fp; 3882 netstack_t *ns; 3883 str_stack_t *ss; 3884 3885 /* 3886 * Do not allow the wildcard muxid. This ioctl is not 3887 * intended to find arbitrary link. 3888 */ 3889 if (muxid == 0) { 3890 return (EINVAL); 3891 } 3892 3893 ns = netstack_find_by_cred(crp); 3894 ASSERT(ns != NULL); 3895 ss = ns->netstack_str; 3896 ASSERT(ss != NULL); 3897 3898 mutex_enter(&muxifier); 3899 linkp = findlinks(vp->v_stream, muxid, LINKPERSIST, ss); 3900 if (linkp == NULL) { 3901 mutex_exit(&muxifier); 3902 netstack_rele(ss->ss_netstack); 3903 return (EINVAL); 3904 } 3905 3906 if ((fd = ufalloc(0)) == -1) { 3907 mutex_exit(&muxifier); 3908 netstack_rele(ss->ss_netstack); 3909 return (EMFILE); 3910 } 3911 fp = linkp->li_fpdown; 3912 mutex_enter(&fp->f_tlock); 3913 fp->f_count++; 3914 mutex_exit(&fp->f_tlock); 3915 mutex_exit(&muxifier); 3916 setf(fd, fp); 3917 *rvalp = fd; 3918 netstack_rele(ss->ss_netstack); 3919 return (0); 3920 } 3921 3922 case _I_INSERT: 3923 { 3924 /* 3925 * To insert a module to a given position in a stream. 3926 * In the first release, only allow privileged user 3927 * to use this ioctl. Furthermore, the insert is only allowed 3928 * below an anchor if the zoneid is the same as the zoneid 3929 * which created the anchor. 3930 * 3931 * Note that we do not plan to support this ioctl 3932 * on pipes in the first release. We want to learn more 3933 * about the implications of these ioctls before extending 3934 * their support. And we do not think these features are 3935 * valuable for pipes. 3936 * 3937 * Neither do we support O/C hot stream. Note that only 3938 * the upper streams of TCP/IP stack are O/C hot streams. 3939 * The lower IP stream is not. 3940 * When there is a O/C cold barrier, we only allow inserts 3941 * above the barrier. 3942 */ 3943 STRUCT_DECL(strmodconf, strmodinsert); 3944 char mod_name[FMNAMESZ + 1]; 3945 fmodsw_impl_t *fp; 3946 dev_t dummydev; 3947 queue_t *tmp_wrq; 3948 int pos; 3949 boolean_t is_insert; 3950 3951 STRUCT_INIT(strmodinsert, flag); 3952 if (stp->sd_flag & STRHUP) 3953 return (ENXIO); 3954 if (STRMATED(stp)) 3955 return (EINVAL); 3956 if ((error = secpolicy_net_config(crp, B_FALSE)) != 0) 3957 return (error); 3958 if (stp->sd_anchor != 0 && 3959 stp->sd_anchorzone != crgetzoneid(crp)) 3960 return (EINVAL); 3961 3962 error = strcopyin((void *)arg, STRUCT_BUF(strmodinsert), 3963 STRUCT_SIZE(strmodinsert), copyflag); 3964 if (error) 3965 return (error); 3966 3967 /* 3968 * Get module name and look up in fmodsw. 3969 */ 3970 error = (copyflag & U_TO_K ? copyinstr : 3971 copystr)(STRUCT_FGETP(strmodinsert, mod_name), 3972 mod_name, FMNAMESZ + 1, NULL); 3973 if (error) 3974 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3975 3976 if ((fp = fmodsw_find(mod_name, FMODSW_HOLD | FMODSW_LOAD)) == 3977 NULL) 3978 return (EINVAL); 3979 3980 if (error = strstartplumb(stp, flag, cmd)) { 3981 fmodsw_rele(fp); 3982 return (error); 3983 } 3984 3985 /* 3986 * Is this _I_INSERT just like an I_PUSH? We need to know 3987 * this because we do some optimizations if this is a 3988 * module being pushed. 3989 */ 3990 pos = STRUCT_FGET(strmodinsert, pos); 3991 is_insert = (pos != 0); 3992 3993 /* 3994 * Make sure pos is valid. Even though it is not an I_PUSH, 3995 * we impose the same limit on the number of modules in a 3996 * stream. 3997 */ 3998 mutex_enter(&stp->sd_lock); 3999 if (stp->sd_pushcnt >= nstrpush || pos < 0 || 4000 pos > stp->sd_pushcnt) { 4001 fmodsw_rele(fp); 4002 strendplumb(stp); 4003 mutex_exit(&stp->sd_lock); 4004 return (EINVAL); 4005 } 4006 if (stp->sd_anchor != 0) { 4007 /* 4008 * Is this insert below the anchor? 4009 * Pushcnt hasn't been increased yet hence 4010 * we test for greater than here, and greater or 4011 * equal after qattach. 4012 */ 4013 if (pos > (stp->sd_pushcnt - stp->sd_anchor) && 4014 stp->sd_anchorzone != crgetzoneid(crp)) { 4015 fmodsw_rele(fp); 4016 strendplumb(stp); 4017 mutex_exit(&stp->sd_lock); 4018 return (EPERM); 4019 } 4020 } 4021 4022 mutex_exit(&stp->sd_lock); 4023 4024 /* 4025 * First find the correct position this module to 4026 * be inserted. We don't need to call claimstr() 4027 * as the stream should not be changing at this point. 4028 * 4029 * Insert new module and call its open routine 4030 * via qattach(). Modules don't change device 4031 * numbers, so just ignore dummydev here. 4032 */ 4033 for (tmp_wrq = stp->sd_wrq; pos > 0; 4034 tmp_wrq = tmp_wrq->q_next, pos--) { 4035 ASSERT(SAMESTR(tmp_wrq)); 4036 } 4037 dummydev = vp->v_rdev; 4038 if ((error = qattach(_RD(tmp_wrq), &dummydev, 0, crp, 4039 fp, is_insert)) != 0) { 4040 mutex_enter(&stp->sd_lock); 4041 strendplumb(stp); 4042 mutex_exit(&stp->sd_lock); 4043 return (error); 4044 } 4045 4046 mutex_enter(&stp->sd_lock); 4047 4048 /* 4049 * As a performance concern we are caching the values of 4050 * q_minpsz and q_maxpsz of the module below the stream 4051 * head in the stream head. 4052 */ 4053 if (!is_insert) { 4054 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 4055 rmin = stp->sd_wrq->q_next->q_minpsz; 4056 rmax = stp->sd_wrq->q_next->q_maxpsz; 4057 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 4058 4059 /* Do this processing here as a performance concern */ 4060 if (strmsgsz != 0) { 4061 if (rmax == INFPSZ) { 4062 rmax = strmsgsz; 4063 } else { 4064 rmax = MIN(strmsgsz, rmax); 4065 } 4066 } 4067 4068 mutex_enter(QLOCK(wrq)); 4069 stp->sd_qn_minpsz = rmin; 4070 stp->sd_qn_maxpsz = rmax; 4071 mutex_exit(QLOCK(wrq)); 4072 } 4073 4074 /* 4075 * Need to update the anchor value if this module is 4076 * inserted below the anchor point. 4077 */ 4078 if (stp->sd_anchor != 0) { 4079 pos = STRUCT_FGET(strmodinsert, pos); 4080 if (pos >= (stp->sd_pushcnt - stp->sd_anchor)) 4081 stp->sd_anchor++; 4082 } 4083 4084 strendplumb(stp); 4085 mutex_exit(&stp->sd_lock); 4086 return (0); 4087 } 4088 4089 case _I_REMOVE: 4090 { 4091 /* 4092 * To remove a module with a given name in a stream. The 4093 * caller of this ioctl needs to provide both the name and 4094 * the position of the module to be removed. This eliminates 4095 * the ambiguity of removal if a module is inserted/pushed 4096 * multiple times in a stream. In the first release, only 4097 * allow privileged user to use this ioctl. 4098 * Furthermore, the remove is only allowed 4099 * below an anchor if the zoneid is the same as the zoneid 4100 * which created the anchor. 4101 * 4102 * Note that we do not plan to support this ioctl 4103 * on pipes in the first release. We want to learn more 4104 * about the implications of these ioctls before extending 4105 * their support. And we do not think these features are 4106 * valuable for pipes. 4107 * 4108 * Neither do we support O/C hot stream. Note that only 4109 * the upper streams of TCP/IP stack are O/C hot streams. 4110 * The lower IP stream is not. 4111 * When there is a O/C cold barrier we do not allow removal 4112 * below the barrier. 4113 * 4114 * Also note that _I_REMOVE cannot be used to remove a 4115 * driver or the stream head. 4116 */ 4117 STRUCT_DECL(strmodconf, strmodremove); 4118 queue_t *q; 4119 int pos; 4120 char mod_name[FMNAMESZ + 1]; 4121 boolean_t is_remove; 4122 4123 STRUCT_INIT(strmodremove, flag); 4124 if (stp->sd_flag & STRHUP) 4125 return (ENXIO); 4126 if (STRMATED(stp)) 4127 return (EINVAL); 4128 if ((error = secpolicy_net_config(crp, B_FALSE)) != 0) 4129 return (error); 4130 if (stp->sd_anchor != 0 && 4131 stp->sd_anchorzone != crgetzoneid(crp)) 4132 return (EINVAL); 4133 4134 error = strcopyin((void *)arg, STRUCT_BUF(strmodremove), 4135 STRUCT_SIZE(strmodremove), copyflag); 4136 if (error) 4137 return (error); 4138 4139 error = (copyflag & U_TO_K ? copyinstr : 4140 copystr)(STRUCT_FGETP(strmodremove, mod_name), 4141 mod_name, FMNAMESZ + 1, NULL); 4142 if (error) 4143 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 4144 4145 if ((error = strstartplumb(stp, flag, cmd)) != 0) 4146 return (error); 4147 4148 /* 4149 * Match the name of given module to the name of module at 4150 * the given position. 4151 */ 4152 pos = STRUCT_FGET(strmodremove, pos); 4153 4154 is_remove = (pos != 0); 4155 for (q = stp->sd_wrq->q_next; SAMESTR(q) && pos > 0; 4156 q = q->q_next, pos--) 4157 ; 4158 if (pos > 0 || ! SAMESTR(q) || 4159 strncmp(q->q_qinfo->qi_minfo->mi_idname, mod_name, 4160 strlen(q->q_qinfo->qi_minfo->mi_idname)) != 0) { 4161 mutex_enter(&stp->sd_lock); 4162 strendplumb(stp); 4163 mutex_exit(&stp->sd_lock); 4164 return (EINVAL); 4165 } 4166 4167 /* 4168 * If the position is at or below an anchor, then the zoneid 4169 * must match the zoneid that created the anchor. 4170 */ 4171 if (stp->sd_anchor != 0) { 4172 pos = STRUCT_FGET(strmodremove, pos); 4173 if (pos >= (stp->sd_pushcnt - stp->sd_anchor) && 4174 stp->sd_anchorzone != crgetzoneid(crp)) { 4175 mutex_enter(&stp->sd_lock); 4176 strendplumb(stp); 4177 mutex_exit(&stp->sd_lock); 4178 return (EPERM); 4179 } 4180 } 4181 4182 4183 ASSERT(!(q->q_flag & QREADR)); 4184 qdetach(_RD(q), 1, flag, crp, is_remove); 4185 4186 mutex_enter(&stp->sd_lock); 4187 4188 /* 4189 * As a performance concern we are caching the values of 4190 * q_minpsz and q_maxpsz of the module below the stream 4191 * head in the stream head. 4192 */ 4193 if (!is_remove) { 4194 mutex_enter(QLOCK(wrq->q_next)); 4195 rmin = wrq->q_next->q_minpsz; 4196 rmax = wrq->q_next->q_maxpsz; 4197 mutex_exit(QLOCK(wrq->q_next)); 4198 4199 /* Do this processing here as a performance concern */ 4200 if (strmsgsz != 0) { 4201 if (rmax == INFPSZ) 4202 rmax = strmsgsz; 4203 else { 4204 if (vp->v_type == VFIFO) 4205 rmax = MIN(PIPE_BUF, rmax); 4206 else rmax = MIN(strmsgsz, rmax); 4207 } 4208 } 4209 4210 mutex_enter(QLOCK(wrq)); 4211 stp->sd_qn_minpsz = rmin; 4212 stp->sd_qn_maxpsz = rmax; 4213 mutex_exit(QLOCK(wrq)); 4214 } 4215 4216 /* 4217 * Need to update the anchor value if this module is removed 4218 * at or below the anchor point. If the removed module is at 4219 * the anchor point, remove the anchor for this stream if 4220 * there is no module above the anchor point. Otherwise, if 4221 * the removed module is below the anchor point, decrement the 4222 * anchor point by 1. 4223 */ 4224 if (stp->sd_anchor != 0) { 4225 pos = STRUCT_FGET(strmodremove, pos); 4226 if (pos == stp->sd_pushcnt - stp->sd_anchor + 1) 4227 stp->sd_anchor = 0; 4228 else if (pos > (stp->sd_pushcnt - stp->sd_anchor + 1)) 4229 stp->sd_anchor--; 4230 } 4231 4232 strendplumb(stp); 4233 mutex_exit(&stp->sd_lock); 4234 return (0); 4235 } 4236 4237 case I_ANCHOR: 4238 /* 4239 * Set the anchor position on the stream to reside at 4240 * the top module (in other words, the top module 4241 * cannot be popped). Anchors with a FIFO make no 4242 * obvious sense, so they're not allowed. 4243 */ 4244 mutex_enter(&stp->sd_lock); 4245 4246 if (stp->sd_vnode->v_type == VFIFO) { 4247 mutex_exit(&stp->sd_lock); 4248 return (EINVAL); 4249 } 4250 /* Only allow the same zoneid to update the anchor */ 4251 if (stp->sd_anchor != 0 && 4252 stp->sd_anchorzone != crgetzoneid(crp)) { 4253 mutex_exit(&stp->sd_lock); 4254 return (EINVAL); 4255 } 4256 stp->sd_anchor = stp->sd_pushcnt; 4257 stp->sd_anchorzone = crgetzoneid(crp); 4258 mutex_exit(&stp->sd_lock); 4259 return (0); 4260 4261 case I_LOOK: 4262 /* 4263 * Get name of first module downstream. 4264 * If no module, return an error. 4265 */ 4266 { 4267 claimstr(wrq); 4268 if (_SAMESTR(wrq) && wrq->q_next->q_next) { 4269 char *name = wrq->q_next->q_qinfo->qi_minfo->mi_idname; 4270 error = strcopyout(name, (void *)arg, strlen(name) + 1, 4271 copyflag); 4272 releasestr(wrq); 4273 return (error); 4274 } 4275 releasestr(wrq); 4276 return (EINVAL); 4277 } 4278 4279 case I_LINK: 4280 case I_PLINK: 4281 /* 4282 * Link a multiplexor. 4283 */ 4284 error = mlink(vp, cmd, (int)arg, crp, rvalp, 0); 4285 return (error); 4286 4287 case _I_PLINK_LH: 4288 /* 4289 * Link a multiplexor: Call must originate from kernel. 4290 */ 4291 if (kioctl) 4292 return (ldi_mlink_lh(vp, cmd, arg, crp, rvalp)); 4293 4294 return (EINVAL); 4295 case I_UNLINK: 4296 case I_PUNLINK: 4297 /* 4298 * Unlink a multiplexor. 4299 * If arg is -1, unlink all links for which this is the 4300 * controlling stream. Otherwise, arg is an index number 4301 * for a link to be removed. 4302 */ 4303 { 4304 struct linkinfo *linkp; 4305 int native_arg = (int)arg; 4306 int type; 4307 netstack_t *ns; 4308 str_stack_t *ss; 4309 4310 TRACE_1(TR_FAC_STREAMS_FR, 4311 TR_I_UNLINK, "I_UNLINK/I_PUNLINK:%p", stp); 4312 if (vp->v_type == VFIFO) { 4313 return (EINVAL); 4314 } 4315 if (cmd == I_UNLINK) 4316 type = LINKNORMAL; 4317 else /* I_PUNLINK */ 4318 type = LINKPERSIST; 4319 if (native_arg == 0) { 4320 return (EINVAL); 4321 } 4322 ns = netstack_find_by_cred(crp); 4323 ASSERT(ns != NULL); 4324 ss = ns->netstack_str; 4325 ASSERT(ss != NULL); 4326 4327 if (native_arg == MUXID_ALL) 4328 error = munlinkall(stp, type, crp, rvalp, ss); 4329 else { 4330 mutex_enter(&muxifier); 4331 if (!(linkp = findlinks(stp, (int)arg, type, ss))) { 4332 /* invalid user supplied index number */ 4333 mutex_exit(&muxifier); 4334 netstack_rele(ss->ss_netstack); 4335 return (EINVAL); 4336 } 4337 /* munlink drops the muxifier lock */ 4338 error = munlink(stp, linkp, type, crp, rvalp, ss); 4339 } 4340 netstack_rele(ss->ss_netstack); 4341 return (error); 4342 } 4343 4344 case I_FLUSH: 4345 /* 4346 * send a flush message downstream 4347 * flush message can indicate 4348 * FLUSHR - flush read queue 4349 * FLUSHW - flush write queue 4350 * FLUSHRW - flush read/write queue 4351 */ 4352 if (stp->sd_flag & STRHUP) 4353 return (ENXIO); 4354 if (arg & ~FLUSHRW) 4355 return (EINVAL); 4356 4357 for (;;) { 4358 if (putnextctl1(stp->sd_wrq, M_FLUSH, (int)arg)) { 4359 break; 4360 } 4361 if (error = strwaitbuf(1, BPRI_HI)) { 4362 return (error); 4363 } 4364 } 4365 4366 /* 4367 * Send down an unsupported ioctl and wait for the nack 4368 * in order to allow the M_FLUSH to propagate back 4369 * up to the stream head. 4370 * Replaces if (qready()) runqueues(); 4371 */ 4372 strioc.ic_cmd = -1; /* The unsupported ioctl */ 4373 strioc.ic_timout = 0; 4374 strioc.ic_len = 0; 4375 strioc.ic_dp = NULL; 4376 (void) strdoioctl(stp, &strioc, flag, K_TO_K, crp, rvalp); 4377 *rvalp = 0; 4378 return (0); 4379 4380 case I_FLUSHBAND: 4381 { 4382 struct bandinfo binfo; 4383 4384 error = strcopyin((void *)arg, &binfo, sizeof (binfo), 4385 copyflag); 4386 if (error) 4387 return (error); 4388 if (stp->sd_flag & STRHUP) 4389 return (ENXIO); 4390 if (binfo.bi_flag & ~FLUSHRW) 4391 return (EINVAL); 4392 while (!(mp = allocb(2, BPRI_HI))) { 4393 if (error = strwaitbuf(2, BPRI_HI)) 4394 return (error); 4395 } 4396 mp->b_datap->db_type = M_FLUSH; 4397 *mp->b_wptr++ = binfo.bi_flag | FLUSHBAND; 4398 *mp->b_wptr++ = binfo.bi_pri; 4399 putnext(stp->sd_wrq, mp); 4400 /* 4401 * Send down an unsupported ioctl and wait for the nack 4402 * in order to allow the M_FLUSH to propagate back 4403 * up to the stream head. 4404 * Replaces if (qready()) runqueues(); 4405 */ 4406 strioc.ic_cmd = -1; /* The unsupported ioctl */ 4407 strioc.ic_timout = 0; 4408 strioc.ic_len = 0; 4409 strioc.ic_dp = NULL; 4410 (void) strdoioctl(stp, &strioc, flag, K_TO_K, crp, rvalp); 4411 *rvalp = 0; 4412 return (0); 4413 } 4414 4415 case I_SRDOPT: 4416 /* 4417 * Set read options 4418 * 4419 * RNORM - default stream mode 4420 * RMSGN - message no discard 4421 * RMSGD - message discard 4422 * RPROTNORM - fail read with EBADMSG for M_[PC]PROTOs 4423 * RPROTDAT - convert M_[PC]PROTOs to M_DATAs 4424 * RPROTDIS - discard M_[PC]PROTOs and retain M_DATAs 4425 */ 4426 if (arg & ~(RMODEMASK | RPROTMASK)) 4427 return (EINVAL); 4428 4429 if ((arg & (RMSGD|RMSGN)) == (RMSGD|RMSGN)) 4430 return (EINVAL); 4431 4432 mutex_enter(&stp->sd_lock); 4433 switch (arg & RMODEMASK) { 4434 case RNORM: 4435 stp->sd_read_opt &= ~(RD_MSGDIS | RD_MSGNODIS); 4436 break; 4437 case RMSGD: 4438 stp->sd_read_opt = (stp->sd_read_opt & ~RD_MSGNODIS) | 4439 RD_MSGDIS; 4440 break; 4441 case RMSGN: 4442 stp->sd_read_opt = (stp->sd_read_opt & ~RD_MSGDIS) | 4443 RD_MSGNODIS; 4444 break; 4445 } 4446 4447 switch (arg & RPROTMASK) { 4448 case RPROTNORM: 4449 stp->sd_read_opt &= ~(RD_PROTDAT | RD_PROTDIS); 4450 break; 4451 4452 case RPROTDAT: 4453 stp->sd_read_opt = ((stp->sd_read_opt & ~RD_PROTDIS) | 4454 RD_PROTDAT); 4455 break; 4456 4457 case RPROTDIS: 4458 stp->sd_read_opt = ((stp->sd_read_opt & ~RD_PROTDAT) | 4459 RD_PROTDIS); 4460 break; 4461 } 4462 mutex_exit(&stp->sd_lock); 4463 return (0); 4464 4465 case I_GRDOPT: 4466 /* 4467 * Get read option and return the value 4468 * to spot pointed to by arg 4469 */ 4470 { 4471 int rdopt; 4472 4473 rdopt = ((stp->sd_read_opt & RD_MSGDIS) ? RMSGD : 4474 ((stp->sd_read_opt & RD_MSGNODIS) ? RMSGN : RNORM)); 4475 rdopt |= ((stp->sd_read_opt & RD_PROTDAT) ? RPROTDAT : 4476 ((stp->sd_read_opt & RD_PROTDIS) ? RPROTDIS : RPROTNORM)); 4477 4478 return (strcopyout(&rdopt, (void *)arg, sizeof (int), 4479 copyflag)); 4480 } 4481 4482 case I_SERROPT: 4483 /* 4484 * Set error options 4485 * 4486 * RERRNORM - persistent read errors 4487 * RERRNONPERSIST - non-persistent read errors 4488 * WERRNORM - persistent write errors 4489 * WERRNONPERSIST - non-persistent write errors 4490 */ 4491 if (arg & ~(RERRMASK | WERRMASK)) 4492 return (EINVAL); 4493 4494 mutex_enter(&stp->sd_lock); 4495 switch (arg & RERRMASK) { 4496 case RERRNORM: 4497 stp->sd_flag &= ~STRDERRNONPERSIST; 4498 break; 4499 case RERRNONPERSIST: 4500 stp->sd_flag |= STRDERRNONPERSIST; 4501 break; 4502 } 4503 switch (arg & WERRMASK) { 4504 case WERRNORM: 4505 stp->sd_flag &= ~STWRERRNONPERSIST; 4506 break; 4507 case WERRNONPERSIST: 4508 stp->sd_flag |= STWRERRNONPERSIST; 4509 break; 4510 } 4511 mutex_exit(&stp->sd_lock); 4512 return (0); 4513 4514 case I_GERROPT: 4515 /* 4516 * Get error option and return the value 4517 * to spot pointed to by arg 4518 */ 4519 { 4520 int erropt = 0; 4521 4522 erropt |= (stp->sd_flag & STRDERRNONPERSIST) ? RERRNONPERSIST : 4523 RERRNORM; 4524 erropt |= (stp->sd_flag & STWRERRNONPERSIST) ? WERRNONPERSIST : 4525 WERRNORM; 4526 return (strcopyout(&erropt, (void *)arg, sizeof (int), 4527 copyflag)); 4528 } 4529 4530 case I_SETSIG: 4531 /* 4532 * Register the calling proc to receive the SIGPOLL 4533 * signal based on the events given in arg. If 4534 * arg is zero, remove the proc from register list. 4535 */ 4536 { 4537 strsig_t *ssp, *pssp; 4538 struct pid *pidp; 4539 4540 pssp = NULL; 4541 pidp = curproc->p_pidp; 4542 /* 4543 * Hold sd_lock to prevent traversal of sd_siglist while 4544 * it is modified. 4545 */ 4546 mutex_enter(&stp->sd_lock); 4547 for (ssp = stp->sd_siglist; ssp && (ssp->ss_pidp != pidp); 4548 pssp = ssp, ssp = ssp->ss_next) 4549 ; 4550 4551 if (arg) { 4552 if (arg & ~(S_INPUT|S_HIPRI|S_MSG|S_HANGUP|S_ERROR| 4553 S_RDNORM|S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG)) { 4554 mutex_exit(&stp->sd_lock); 4555 return (EINVAL); 4556 } 4557 if ((arg & S_BANDURG) && !(arg & S_RDBAND)) { 4558 mutex_exit(&stp->sd_lock); 4559 return (EINVAL); 4560 } 4561 4562 /* 4563 * If proc not already registered, add it 4564 * to list. 4565 */ 4566 if (!ssp) { 4567 ssp = kmem_alloc(sizeof (strsig_t), KM_SLEEP); 4568 ssp->ss_pidp = pidp; 4569 ssp->ss_pid = pidp->pid_id; 4570 ssp->ss_next = NULL; 4571 if (pssp) 4572 pssp->ss_next = ssp; 4573 else 4574 stp->sd_siglist = ssp; 4575 mutex_enter(&pidlock); 4576 PID_HOLD(pidp); 4577 mutex_exit(&pidlock); 4578 } 4579 4580 /* 4581 * Set events. 4582 */ 4583 ssp->ss_events = (int)arg; 4584 } else { 4585 /* 4586 * Remove proc from register list. 4587 */ 4588 if (ssp) { 4589 mutex_enter(&pidlock); 4590 PID_RELE(pidp); 4591 mutex_exit(&pidlock); 4592 if (pssp) 4593 pssp->ss_next = ssp->ss_next; 4594 else 4595 stp->sd_siglist = ssp->ss_next; 4596 kmem_free(ssp, sizeof (strsig_t)); 4597 } else { 4598 mutex_exit(&stp->sd_lock); 4599 return (EINVAL); 4600 } 4601 } 4602 4603 /* 4604 * Recalculate OR of sig events. 4605 */ 4606 stp->sd_sigflags = 0; 4607 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4608 stp->sd_sigflags |= ssp->ss_events; 4609 mutex_exit(&stp->sd_lock); 4610 return (0); 4611 } 4612 4613 case I_GETSIG: 4614 /* 4615 * Return (in arg) the current registration of events 4616 * for which the calling proc is to be signaled. 4617 */ 4618 { 4619 struct strsig *ssp; 4620 struct pid *pidp; 4621 4622 pidp = curproc->p_pidp; 4623 mutex_enter(&stp->sd_lock); 4624 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4625 if (ssp->ss_pidp == pidp) { 4626 error = strcopyout(&ssp->ss_events, (void *)arg, 4627 sizeof (int), copyflag); 4628 mutex_exit(&stp->sd_lock); 4629 return (error); 4630 } 4631 mutex_exit(&stp->sd_lock); 4632 return (EINVAL); 4633 } 4634 4635 case I_ESETSIG: 4636 /* 4637 * Register the ss_pid to receive the SIGPOLL 4638 * signal based on the events is ss_events arg. If 4639 * ss_events is zero, remove the proc from register list. 4640 */ 4641 { 4642 struct strsig *ssp, *pssp; 4643 struct proc *proc; 4644 struct pid *pidp; 4645 pid_t pid; 4646 struct strsigset ss; 4647 4648 error = strcopyin((void *)arg, &ss, sizeof (ss), copyflag); 4649 if (error) 4650 return (error); 4651 4652 pid = ss.ss_pid; 4653 4654 if (ss.ss_events != 0) { 4655 /* 4656 * Permissions check by sending signal 0. 4657 * Note that when kill fails it does a set_errno 4658 * causing the system call to fail. 4659 */ 4660 error = kill(pid, 0); 4661 if (error) { 4662 return (error); 4663 } 4664 } 4665 mutex_enter(&pidlock); 4666 if (pid == 0) 4667 proc = curproc; 4668 else if (pid < 0) 4669 proc = pgfind(-pid); 4670 else 4671 proc = prfind(pid); 4672 if (proc == NULL) { 4673 mutex_exit(&pidlock); 4674 return (ESRCH); 4675 } 4676 if (pid < 0) 4677 pidp = proc->p_pgidp; 4678 else 4679 pidp = proc->p_pidp; 4680 ASSERT(pidp); 4681 /* 4682 * Get a hold on the pid structure while referencing it. 4683 * There is a separate PID_HOLD should it be inserted 4684 * in the list below. 4685 */ 4686 PID_HOLD(pidp); 4687 mutex_exit(&pidlock); 4688 4689 pssp = NULL; 4690 /* 4691 * Hold sd_lock to prevent traversal of sd_siglist while 4692 * it is modified. 4693 */ 4694 mutex_enter(&stp->sd_lock); 4695 for (ssp = stp->sd_siglist; ssp && (ssp->ss_pid != pid); 4696 pssp = ssp, ssp = ssp->ss_next) 4697 ; 4698 4699 if (ss.ss_events) { 4700 if (ss.ss_events & 4701 ~(S_INPUT|S_HIPRI|S_MSG|S_HANGUP|S_ERROR| 4702 S_RDNORM|S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG)) { 4703 mutex_exit(&stp->sd_lock); 4704 mutex_enter(&pidlock); 4705 PID_RELE(pidp); 4706 mutex_exit(&pidlock); 4707 return (EINVAL); 4708 } 4709 if ((ss.ss_events & S_BANDURG) && 4710 !(ss.ss_events & S_RDBAND)) { 4711 mutex_exit(&stp->sd_lock); 4712 mutex_enter(&pidlock); 4713 PID_RELE(pidp); 4714 mutex_exit(&pidlock); 4715 return (EINVAL); 4716 } 4717 4718 /* 4719 * If proc not already registered, add it 4720 * to list. 4721 */ 4722 if (!ssp) { 4723 ssp = kmem_alloc(sizeof (strsig_t), KM_SLEEP); 4724 ssp->ss_pidp = pidp; 4725 ssp->ss_pid = pid; 4726 ssp->ss_next = NULL; 4727 if (pssp) 4728 pssp->ss_next = ssp; 4729 else 4730 stp->sd_siglist = ssp; 4731 mutex_enter(&pidlock); 4732 PID_HOLD(pidp); 4733 mutex_exit(&pidlock); 4734 } 4735 4736 /* 4737 * Set events. 4738 */ 4739 ssp->ss_events = ss.ss_events; 4740 } else { 4741 /* 4742 * Remove proc from register list. 4743 */ 4744 if (ssp) { 4745 mutex_enter(&pidlock); 4746 PID_RELE(pidp); 4747 mutex_exit(&pidlock); 4748 if (pssp) 4749 pssp->ss_next = ssp->ss_next; 4750 else 4751 stp->sd_siglist = ssp->ss_next; 4752 kmem_free(ssp, sizeof (strsig_t)); 4753 } else { 4754 mutex_exit(&stp->sd_lock); 4755 mutex_enter(&pidlock); 4756 PID_RELE(pidp); 4757 mutex_exit(&pidlock); 4758 return (EINVAL); 4759 } 4760 } 4761 4762 /* 4763 * Recalculate OR of sig events. 4764 */ 4765 stp->sd_sigflags = 0; 4766 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4767 stp->sd_sigflags |= ssp->ss_events; 4768 mutex_exit(&stp->sd_lock); 4769 mutex_enter(&pidlock); 4770 PID_RELE(pidp); 4771 mutex_exit(&pidlock); 4772 return (0); 4773 } 4774 4775 case I_EGETSIG: 4776 /* 4777 * Return (in arg) the current registration of events 4778 * for which the calling proc is to be signaled. 4779 */ 4780 { 4781 struct strsig *ssp; 4782 struct proc *proc; 4783 pid_t pid; 4784 struct pid *pidp; 4785 struct strsigset ss; 4786 4787 error = strcopyin((void *)arg, &ss, sizeof (ss), copyflag); 4788 if (error) 4789 return (error); 4790 4791 pid = ss.ss_pid; 4792 mutex_enter(&pidlock); 4793 if (pid == 0) 4794 proc = curproc; 4795 else if (pid < 0) 4796 proc = pgfind(-pid); 4797 else 4798 proc = prfind(pid); 4799 if (proc == NULL) { 4800 mutex_exit(&pidlock); 4801 return (ESRCH); 4802 } 4803 if (pid < 0) 4804 pidp = proc->p_pgidp; 4805 else 4806 pidp = proc->p_pidp; 4807 4808 /* Prevent the pidp from being reassigned */ 4809 PID_HOLD(pidp); 4810 mutex_exit(&pidlock); 4811 4812 mutex_enter(&stp->sd_lock); 4813 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4814 if (ssp->ss_pid == pid) { 4815 ss.ss_pid = ssp->ss_pid; 4816 ss.ss_events = ssp->ss_events; 4817 error = strcopyout(&ss, (void *)arg, 4818 sizeof (struct strsigset), copyflag); 4819 mutex_exit(&stp->sd_lock); 4820 mutex_enter(&pidlock); 4821 PID_RELE(pidp); 4822 mutex_exit(&pidlock); 4823 return (error); 4824 } 4825 mutex_exit(&stp->sd_lock); 4826 mutex_enter(&pidlock); 4827 PID_RELE(pidp); 4828 mutex_exit(&pidlock); 4829 return (EINVAL); 4830 } 4831 4832 case I_PEEK: 4833 { 4834 STRUCT_DECL(strpeek, strpeek); 4835 size_t n; 4836 mblk_t *fmp, *tmp_mp = NULL; 4837 4838 STRUCT_INIT(strpeek, flag); 4839 4840 error = strcopyin((void *)arg, STRUCT_BUF(strpeek), 4841 STRUCT_SIZE(strpeek), copyflag); 4842 if (error) 4843 return (error); 4844 4845 mutex_enter(QLOCK(rdq)); 4846 /* 4847 * Skip the invalid messages 4848 */ 4849 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 4850 if (mp->b_datap->db_type != M_SIG) 4851 break; 4852 4853 /* 4854 * If user has requested to peek at a high priority message 4855 * and first message is not, return 0 4856 */ 4857 if (mp != NULL) { 4858 if ((STRUCT_FGET(strpeek, flags) & RS_HIPRI) && 4859 queclass(mp) == QNORM) { 4860 *rvalp = 0; 4861 mutex_exit(QLOCK(rdq)); 4862 return (0); 4863 } 4864 } else if (stp->sd_struiordq == NULL || 4865 (STRUCT_FGET(strpeek, flags) & RS_HIPRI)) { 4866 /* 4867 * No mblks to look at at the streamhead and 4868 * 1). This isn't a synch stream or 4869 * 2). This is a synch stream but caller wants high 4870 * priority messages which is not supported by 4871 * the synch stream. (it only supports QNORM) 4872 */ 4873 *rvalp = 0; 4874 mutex_exit(QLOCK(rdq)); 4875 return (0); 4876 } 4877 4878 fmp = mp; 4879 4880 if (mp && mp->b_datap->db_type == M_PASSFP) { 4881 mutex_exit(QLOCK(rdq)); 4882 return (EBADMSG); 4883 } 4884 4885 ASSERT(mp == NULL || mp->b_datap->db_type == M_PCPROTO || 4886 mp->b_datap->db_type == M_PROTO || 4887 mp->b_datap->db_type == M_DATA); 4888 4889 if (mp && mp->b_datap->db_type == M_PCPROTO) { 4890 STRUCT_FSET(strpeek, flags, RS_HIPRI); 4891 } else { 4892 STRUCT_FSET(strpeek, flags, 0); 4893 } 4894 4895 4896 if (mp && ((tmp_mp = dupmsg(mp)) == NULL)) { 4897 mutex_exit(QLOCK(rdq)); 4898 return (ENOSR); 4899 } 4900 mutex_exit(QLOCK(rdq)); 4901 4902 /* 4903 * set mp = tmp_mp, so that I_PEEK processing can continue. 4904 * tmp_mp is used to free the dup'd message. 4905 */ 4906 mp = tmp_mp; 4907 4908 uio.uio_fmode = 0; 4909 uio.uio_extflg = UIO_COPY_CACHED; 4910 uio.uio_segflg = (copyflag == U_TO_K) ? UIO_USERSPACE : 4911 UIO_SYSSPACE; 4912 uio.uio_limit = 0; 4913 /* 4914 * First process PROTO blocks, if any. 4915 * If user doesn't want to get ctl info by setting maxlen <= 0, 4916 * then set len to -1/0 and skip control blocks part. 4917 */ 4918 if (STRUCT_FGET(strpeek, ctlbuf.maxlen) < 0) 4919 STRUCT_FSET(strpeek, ctlbuf.len, -1); 4920 else if (STRUCT_FGET(strpeek, ctlbuf.maxlen) == 0) 4921 STRUCT_FSET(strpeek, ctlbuf.len, 0); 4922 else { 4923 int ctl_part = 0; 4924 4925 iov.iov_base = STRUCT_FGETP(strpeek, ctlbuf.buf); 4926 iov.iov_len = STRUCT_FGET(strpeek, ctlbuf.maxlen); 4927 uio.uio_iov = &iov; 4928 uio.uio_resid = iov.iov_len; 4929 uio.uio_loffset = 0; 4930 uio.uio_iovcnt = 1; 4931 while (mp && mp->b_datap->db_type != M_DATA && 4932 uio.uio_resid >= 0) { 4933 ASSERT(STRUCT_FGET(strpeek, flags) == 0 ? 4934 mp->b_datap->db_type == M_PROTO : 4935 mp->b_datap->db_type == M_PCPROTO); 4936 4937 if ((n = MIN(uio.uio_resid, 4938 mp->b_wptr - mp->b_rptr)) != 0 && 4939 (error = uiomove((char *)mp->b_rptr, n, 4940 UIO_READ, &uio)) != 0) { 4941 freemsg(tmp_mp); 4942 return (error); 4943 } 4944 ctl_part = 1; 4945 mp = mp->b_cont; 4946 } 4947 /* No ctl message */ 4948 if (ctl_part == 0) 4949 STRUCT_FSET(strpeek, ctlbuf.len, -1); 4950 else 4951 STRUCT_FSET(strpeek, ctlbuf.len, 4952 STRUCT_FGET(strpeek, ctlbuf.maxlen) - 4953 uio.uio_resid); 4954 } 4955 4956 /* 4957 * Now process DATA blocks, if any. 4958 * If user doesn't want to get data info by setting maxlen <= 0, 4959 * then set len to -1/0 and skip data blocks part. 4960 */ 4961 if (STRUCT_FGET(strpeek, databuf.maxlen) < 0) 4962 STRUCT_FSET(strpeek, databuf.len, -1); 4963 else if (STRUCT_FGET(strpeek, databuf.maxlen) == 0) 4964 STRUCT_FSET(strpeek, databuf.len, 0); 4965 else { 4966 int data_part = 0; 4967 4968 iov.iov_base = STRUCT_FGETP(strpeek, databuf.buf); 4969 iov.iov_len = STRUCT_FGET(strpeek, databuf.maxlen); 4970 uio.uio_iov = &iov; 4971 uio.uio_resid = iov.iov_len; 4972 uio.uio_loffset = 0; 4973 uio.uio_iovcnt = 1; 4974 while (mp && uio.uio_resid) { 4975 if (mp->b_datap->db_type == M_DATA) { 4976 if ((n = MIN(uio.uio_resid, 4977 mp->b_wptr - mp->b_rptr)) != 0 && 4978 (error = uiomove((char *)mp->b_rptr, 4979 n, UIO_READ, &uio)) != 0) { 4980 freemsg(tmp_mp); 4981 return (error); 4982 } 4983 data_part = 1; 4984 } 4985 ASSERT(data_part == 0 || 4986 mp->b_datap->db_type == M_DATA); 4987 mp = mp->b_cont; 4988 } 4989 /* No data message */ 4990 if (data_part == 0) 4991 STRUCT_FSET(strpeek, databuf.len, -1); 4992 else 4993 STRUCT_FSET(strpeek, databuf.len, 4994 STRUCT_FGET(strpeek, databuf.maxlen) - 4995 uio.uio_resid); 4996 } 4997 freemsg(tmp_mp); 4998 4999 /* 5000 * It is a synch stream and user wants to get 5001 * data (maxlen > 0). 5002 * uio setup is done by the codes that process DATA 5003 * blocks above. 5004 */ 5005 if ((fmp == NULL) && STRUCT_FGET(strpeek, databuf.maxlen) > 0) { 5006 infod_t infod; 5007 5008 infod.d_cmd = INFOD_COPYOUT; 5009 infod.d_res = 0; 5010 infod.d_uiop = &uio; 5011 error = infonext(rdq, &infod); 5012 if (error == EINVAL || error == EBUSY) 5013 error = 0; 5014 if (error) 5015 return (error); 5016 STRUCT_FSET(strpeek, databuf.len, STRUCT_FGET(strpeek, 5017 databuf.maxlen) - uio.uio_resid); 5018 if (STRUCT_FGET(strpeek, databuf.len) == 0) { 5019 /* 5020 * No data found by the infonext(). 5021 */ 5022 STRUCT_FSET(strpeek, databuf.len, -1); 5023 } 5024 } 5025 error = strcopyout(STRUCT_BUF(strpeek), (void *)arg, 5026 STRUCT_SIZE(strpeek), copyflag); 5027 if (error) { 5028 return (error); 5029 } 5030 /* 5031 * If there is no message retrieved, set return code to 0 5032 * otherwise, set it to 1. 5033 */ 5034 if (STRUCT_FGET(strpeek, ctlbuf.len) == -1 && 5035 STRUCT_FGET(strpeek, databuf.len) == -1) 5036 *rvalp = 0; 5037 else 5038 *rvalp = 1; 5039 return (0); 5040 } 5041 5042 case I_FDINSERT: 5043 { 5044 STRUCT_DECL(strfdinsert, strfdinsert); 5045 struct file *resftp; 5046 struct stdata *resstp; 5047 t_uscalar_t ival; 5048 ssize_t msgsize; 5049 struct strbuf mctl; 5050 5051 STRUCT_INIT(strfdinsert, flag); 5052 if (stp->sd_flag & STRHUP) 5053 return (ENXIO); 5054 /* 5055 * STRDERR, STWRERR and STPLEX tested above. 5056 */ 5057 error = strcopyin((void *)arg, STRUCT_BUF(strfdinsert), 5058 STRUCT_SIZE(strfdinsert), copyflag); 5059 if (error) 5060 return (error); 5061 5062 if (STRUCT_FGET(strfdinsert, offset) < 0 || 5063 (STRUCT_FGET(strfdinsert, offset) % 5064 sizeof (t_uscalar_t)) != 0) 5065 return (EINVAL); 5066 if ((resftp = getf(STRUCT_FGET(strfdinsert, fildes))) != NULL) { 5067 if ((resstp = resftp->f_vnode->v_stream) == NULL) { 5068 releasef(STRUCT_FGET(strfdinsert, fildes)); 5069 return (EINVAL); 5070 } 5071 } else 5072 return (EINVAL); 5073 5074 mutex_enter(&resstp->sd_lock); 5075 if (resstp->sd_flag & (STRDERR|STWRERR|STRHUP|STPLEX)) { 5076 error = strgeterr(resstp, 5077 STRDERR|STWRERR|STRHUP|STPLEX, 0); 5078 if (error != 0) { 5079 mutex_exit(&resstp->sd_lock); 5080 releasef(STRUCT_FGET(strfdinsert, fildes)); 5081 return (error); 5082 } 5083 } 5084 mutex_exit(&resstp->sd_lock); 5085 5086 #ifdef _ILP32 5087 { 5088 queue_t *q; 5089 queue_t *mate = NULL; 5090 5091 /* get read queue of stream terminus */ 5092 claimstr(resstp->sd_wrq); 5093 for (q = resstp->sd_wrq->q_next; q->q_next != NULL; 5094 q = q->q_next) 5095 if (!STRMATED(resstp) && STREAM(q) != resstp && 5096 mate == NULL) { 5097 ASSERT(q->q_qinfo->qi_srvp); 5098 ASSERT(_OTHERQ(q)->q_qinfo->qi_srvp); 5099 claimstr(q); 5100 mate = q; 5101 } 5102 q = _RD(q); 5103 if (mate) 5104 releasestr(mate); 5105 releasestr(resstp->sd_wrq); 5106 ival = (t_uscalar_t)q; 5107 } 5108 #else 5109 ival = (t_uscalar_t)getminor(resftp->f_vnode->v_rdev); 5110 #endif /* _ILP32 */ 5111 5112 if (STRUCT_FGET(strfdinsert, ctlbuf.len) < 5113 STRUCT_FGET(strfdinsert, offset) + sizeof (t_uscalar_t)) { 5114 releasef(STRUCT_FGET(strfdinsert, fildes)); 5115 return (EINVAL); 5116 } 5117 5118 /* 5119 * Check for legal flag value. 5120 */ 5121 if (STRUCT_FGET(strfdinsert, flags) & ~RS_HIPRI) { 5122 releasef(STRUCT_FGET(strfdinsert, fildes)); 5123 return (EINVAL); 5124 } 5125 5126 /* get these values from those cached in the stream head */ 5127 mutex_enter(QLOCK(stp->sd_wrq)); 5128 rmin = stp->sd_qn_minpsz; 5129 rmax = stp->sd_qn_maxpsz; 5130 mutex_exit(QLOCK(stp->sd_wrq)); 5131 5132 /* 5133 * Make sure ctl and data sizes together fall within 5134 * the limits of the max and min receive packet sizes 5135 * and do not exceed system limit. A negative data 5136 * length means that no data part is to be sent. 5137 */ 5138 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 5139 if (rmax == 0) { 5140 releasef(STRUCT_FGET(strfdinsert, fildes)); 5141 return (ERANGE); 5142 } 5143 if ((msgsize = STRUCT_FGET(strfdinsert, databuf.len)) < 0) 5144 msgsize = 0; 5145 if ((msgsize < rmin) || 5146 ((msgsize > rmax) && (rmax != INFPSZ)) || 5147 (STRUCT_FGET(strfdinsert, ctlbuf.len) > strctlsz)) { 5148 releasef(STRUCT_FGET(strfdinsert, fildes)); 5149 return (ERANGE); 5150 } 5151 5152 mutex_enter(&stp->sd_lock); 5153 while (!(STRUCT_FGET(strfdinsert, flags) & RS_HIPRI) && 5154 !canputnext(stp->sd_wrq)) { 5155 if ((error = strwaitq(stp, WRITEWAIT, (ssize_t)0, 5156 flag, -1, &done)) != 0 || done) { 5157 mutex_exit(&stp->sd_lock); 5158 releasef(STRUCT_FGET(strfdinsert, fildes)); 5159 return (error); 5160 } 5161 if ((error = i_straccess(stp, access)) != 0) { 5162 mutex_exit(&stp->sd_lock); 5163 releasef( 5164 STRUCT_FGET(strfdinsert, fildes)); 5165 return (error); 5166 } 5167 } 5168 mutex_exit(&stp->sd_lock); 5169 5170 /* 5171 * Copy strfdinsert.ctlbuf into native form of 5172 * ctlbuf to pass down into strmakemsg(). 5173 */ 5174 mctl.maxlen = STRUCT_FGET(strfdinsert, ctlbuf.maxlen); 5175 mctl.len = STRUCT_FGET(strfdinsert, ctlbuf.len); 5176 mctl.buf = STRUCT_FGETP(strfdinsert, ctlbuf.buf); 5177 5178 iov.iov_base = STRUCT_FGETP(strfdinsert, databuf.buf); 5179 iov.iov_len = STRUCT_FGET(strfdinsert, databuf.len); 5180 uio.uio_iov = &iov; 5181 uio.uio_iovcnt = 1; 5182 uio.uio_loffset = 0; 5183 uio.uio_segflg = (copyflag == U_TO_K) ? UIO_USERSPACE : 5184 UIO_SYSSPACE; 5185 uio.uio_fmode = 0; 5186 uio.uio_extflg = UIO_COPY_CACHED; 5187 uio.uio_resid = iov.iov_len; 5188 if ((error = strmakemsg(&mctl, 5189 &msgsize, &uio, stp, 5190 STRUCT_FGET(strfdinsert, flags), &mp)) != 0 || !mp) { 5191 STRUCT_FSET(strfdinsert, databuf.len, msgsize); 5192 releasef(STRUCT_FGET(strfdinsert, fildes)); 5193 return (error); 5194 } 5195 5196 STRUCT_FSET(strfdinsert, databuf.len, msgsize); 5197 5198 /* 5199 * Place the possibly reencoded queue pointer 'offset' bytes 5200 * from the start of the control portion of the message. 5201 */ 5202 *((t_uscalar_t *)(mp->b_rptr + 5203 STRUCT_FGET(strfdinsert, offset))) = ival; 5204 5205 /* 5206 * Put message downstream. 5207 */ 5208 stream_willservice(stp); 5209 putnext(stp->sd_wrq, mp); 5210 stream_runservice(stp); 5211 releasef(STRUCT_FGET(strfdinsert, fildes)); 5212 return (error); 5213 } 5214 5215 case I_SENDFD: 5216 { 5217 struct file *fp; 5218 5219 if ((fp = getf((int)arg)) == NULL) 5220 return (EBADF); 5221 error = do_sendfp(stp, fp, crp); 5222 #ifdef C2_AUDIT 5223 if (audit_active) { 5224 audit_fdsend((int)arg, fp, error); 5225 } 5226 #endif 5227 releasef((int)arg); 5228 return (error); 5229 } 5230 5231 case I_RECVFD: 5232 case I_E_RECVFD: 5233 { 5234 struct k_strrecvfd *srf; 5235 int i, fd; 5236 5237 mutex_enter(&stp->sd_lock); 5238 while (!(mp = getq(rdq))) { 5239 if (stp->sd_flag & (STRHUP|STREOF)) { 5240 mutex_exit(&stp->sd_lock); 5241 return (ENXIO); 5242 } 5243 if ((error = strwaitq(stp, GETWAIT, (ssize_t)0, 5244 flag, -1, &done)) != 0 || done) { 5245 mutex_exit(&stp->sd_lock); 5246 return (error); 5247 } 5248 if ((error = i_straccess(stp, access)) != 0) { 5249 mutex_exit(&stp->sd_lock); 5250 return (error); 5251 } 5252 } 5253 if (mp->b_datap->db_type != M_PASSFP) { 5254 putback(stp, rdq, mp, mp->b_band); 5255 mutex_exit(&stp->sd_lock); 5256 return (EBADMSG); 5257 } 5258 mutex_exit(&stp->sd_lock); 5259 5260 srf = (struct k_strrecvfd *)mp->b_rptr; 5261 if ((fd = ufalloc(0)) == -1) { 5262 mutex_enter(&stp->sd_lock); 5263 putback(stp, rdq, mp, mp->b_band); 5264 mutex_exit(&stp->sd_lock); 5265 return (EMFILE); 5266 } 5267 if (cmd == I_RECVFD) { 5268 struct o_strrecvfd ostrfd; 5269 5270 /* check to see if uid/gid values are too large. */ 5271 5272 if (srf->uid > (o_uid_t)USHRT_MAX || 5273 srf->gid > (o_gid_t)USHRT_MAX) { 5274 mutex_enter(&stp->sd_lock); 5275 putback(stp, rdq, mp, mp->b_band); 5276 mutex_exit(&stp->sd_lock); 5277 setf(fd, NULL); /* release fd entry */ 5278 return (EOVERFLOW); 5279 } 5280 5281 ostrfd.fd = fd; 5282 ostrfd.uid = (o_uid_t)srf->uid; 5283 ostrfd.gid = (o_gid_t)srf->gid; 5284 5285 /* Null the filler bits */ 5286 for (i = 0; i < 8; i++) 5287 ostrfd.fill[i] = 0; 5288 5289 error = strcopyout(&ostrfd, (void *)arg, 5290 sizeof (struct o_strrecvfd), copyflag); 5291 } else { /* I_E_RECVFD */ 5292 struct strrecvfd strfd; 5293 5294 strfd.fd = fd; 5295 strfd.uid = srf->uid; 5296 strfd.gid = srf->gid; 5297 5298 /* null the filler bits */ 5299 for (i = 0; i < 8; i++) 5300 strfd.fill[i] = 0; 5301 5302 error = strcopyout(&strfd, (void *)arg, 5303 sizeof (struct strrecvfd), copyflag); 5304 } 5305 5306 if (error) { 5307 setf(fd, NULL); /* release fd entry */ 5308 mutex_enter(&stp->sd_lock); 5309 putback(stp, rdq, mp, mp->b_band); 5310 mutex_exit(&stp->sd_lock); 5311 return (error); 5312 } 5313 #ifdef C2_AUDIT 5314 if (audit_active) { 5315 audit_fdrecv(fd, srf->fp); 5316 } 5317 #endif 5318 5319 /* 5320 * Always increment f_count since the freemsg() below will 5321 * always call free_passfp() which performs a closef(). 5322 */ 5323 mutex_enter(&srf->fp->f_tlock); 5324 srf->fp->f_count++; 5325 mutex_exit(&srf->fp->f_tlock); 5326 setf(fd, srf->fp); 5327 freemsg(mp); 5328 return (0); 5329 } 5330 5331 case I_SWROPT: 5332 /* 5333 * Set/clear the write options. arg is a bit 5334 * mask with any of the following bits set... 5335 * SNDZERO - send zero length message 5336 * SNDPIPE - send sigpipe to process if 5337 * sd_werror is set and process is 5338 * doing a write or putmsg. 5339 * The new stream head write options should reflect 5340 * what is in arg. 5341 */ 5342 if (arg & ~(SNDZERO|SNDPIPE)) 5343 return (EINVAL); 5344 5345 mutex_enter(&stp->sd_lock); 5346 stp->sd_wput_opt &= ~(SW_SIGPIPE|SW_SNDZERO); 5347 if (arg & SNDZERO) 5348 stp->sd_wput_opt |= SW_SNDZERO; 5349 if (arg & SNDPIPE) 5350 stp->sd_wput_opt |= SW_SIGPIPE; 5351 mutex_exit(&stp->sd_lock); 5352 return (0); 5353 5354 case I_GWROPT: 5355 { 5356 int wropt = 0; 5357 5358 if (stp->sd_wput_opt & SW_SNDZERO) 5359 wropt |= SNDZERO; 5360 if (stp->sd_wput_opt & SW_SIGPIPE) 5361 wropt |= SNDPIPE; 5362 return (strcopyout(&wropt, (void *)arg, sizeof (wropt), 5363 copyflag)); 5364 } 5365 5366 case I_LIST: 5367 /* 5368 * Returns all the modules found on this stream, 5369 * upto the driver. If argument is NULL, return the 5370 * number of modules (including driver). If argument 5371 * is not NULL, copy the names into the structure 5372 * provided. 5373 */ 5374 5375 { 5376 queue_t *q; 5377 int num_modules, space_allocated; 5378 STRUCT_DECL(str_list, strlist); 5379 struct str_mlist *mlist_ptr; 5380 5381 if (arg == NULL) { /* Return number of modules plus driver */ 5382 q = stp->sd_wrq; 5383 if (stp->sd_vnode->v_type == VFIFO) { 5384 *rvalp = stp->sd_pushcnt; 5385 } else { 5386 *rvalp = stp->sd_pushcnt + 1; 5387 } 5388 } else { 5389 STRUCT_INIT(strlist, flag); 5390 5391 error = strcopyin((void *)arg, STRUCT_BUF(strlist), 5392 STRUCT_SIZE(strlist), copyflag); 5393 if (error) 5394 return (error); 5395 5396 space_allocated = STRUCT_FGET(strlist, sl_nmods); 5397 if ((space_allocated) <= 0) 5398 return (EINVAL); 5399 claimstr(stp->sd_wrq); 5400 q = stp->sd_wrq; 5401 num_modules = 0; 5402 while (_SAMESTR(q) && (space_allocated != 0)) { 5403 char *name = 5404 q->q_next->q_qinfo->qi_minfo->mi_idname; 5405 5406 mlist_ptr = STRUCT_FGETP(strlist, sl_modlist); 5407 5408 error = strcopyout(name, mlist_ptr, 5409 strlen(name) + 1, copyflag); 5410 5411 if (error) { 5412 releasestr(stp->sd_wrq); 5413 return (error); 5414 } 5415 q = q->q_next; 5416 space_allocated--; 5417 num_modules++; 5418 mlist_ptr = 5419 (struct str_mlist *)((uintptr_t)mlist_ptr + 5420 sizeof (struct str_mlist)); 5421 STRUCT_FSETP(strlist, sl_modlist, mlist_ptr); 5422 } 5423 releasestr(stp->sd_wrq); 5424 error = strcopyout(&num_modules, (void *)arg, 5425 sizeof (int), copyflag); 5426 } 5427 return (error); 5428 } 5429 5430 case I_CKBAND: 5431 { 5432 queue_t *q; 5433 qband_t *qbp; 5434 5435 if ((arg < 0) || (arg >= NBAND)) 5436 return (EINVAL); 5437 q = _RD(stp->sd_wrq); 5438 mutex_enter(QLOCK(q)); 5439 if (arg > (int)q->q_nband) { 5440 *rvalp = 0; 5441 } else { 5442 if (arg == 0) { 5443 if (q->q_first) 5444 *rvalp = 1; 5445 else 5446 *rvalp = 0; 5447 } else { 5448 qbp = q->q_bandp; 5449 while (--arg > 0) 5450 qbp = qbp->qb_next; 5451 if (qbp->qb_first) 5452 *rvalp = 1; 5453 else 5454 *rvalp = 0; 5455 } 5456 } 5457 mutex_exit(QLOCK(q)); 5458 return (0); 5459 } 5460 5461 case I_GETBAND: 5462 { 5463 int intpri; 5464 queue_t *q; 5465 5466 q = _RD(stp->sd_wrq); 5467 mutex_enter(QLOCK(q)); 5468 mp = q->q_first; 5469 if (!mp) { 5470 mutex_exit(QLOCK(q)); 5471 return (ENODATA); 5472 } 5473 intpri = (int)mp->b_band; 5474 error = strcopyout(&intpri, (void *)arg, sizeof (int), 5475 copyflag); 5476 mutex_exit(QLOCK(q)); 5477 return (error); 5478 } 5479 5480 case I_ATMARK: 5481 { 5482 queue_t *q; 5483 5484 if (arg & ~(ANYMARK|LASTMARK)) 5485 return (EINVAL); 5486 q = _RD(stp->sd_wrq); 5487 mutex_enter(&stp->sd_lock); 5488 if ((stp->sd_flag & STRATMARK) && (arg == ANYMARK)) { 5489 *rvalp = 1; 5490 } else { 5491 mutex_enter(QLOCK(q)); 5492 mp = q->q_first; 5493 5494 if (mp == NULL) 5495 *rvalp = 0; 5496 else if ((arg == ANYMARK) && (mp->b_flag & MSGMARK)) 5497 *rvalp = 1; 5498 else if ((arg == LASTMARK) && (mp == stp->sd_mark)) 5499 *rvalp = 1; 5500 else 5501 *rvalp = 0; 5502 mutex_exit(QLOCK(q)); 5503 } 5504 mutex_exit(&stp->sd_lock); 5505 return (0); 5506 } 5507 5508 case I_CANPUT: 5509 { 5510 char band; 5511 5512 if ((arg < 0) || (arg >= NBAND)) 5513 return (EINVAL); 5514 band = (char)arg; 5515 *rvalp = bcanputnext(stp->sd_wrq, band); 5516 return (0); 5517 } 5518 5519 case I_SETCLTIME: 5520 { 5521 int closetime; 5522 5523 error = strcopyin((void *)arg, &closetime, sizeof (int), 5524 copyflag); 5525 if (error) 5526 return (error); 5527 if (closetime < 0) 5528 return (EINVAL); 5529 5530 stp->sd_closetime = closetime; 5531 return (0); 5532 } 5533 5534 case I_GETCLTIME: 5535 { 5536 int closetime; 5537 5538 closetime = stp->sd_closetime; 5539 return (strcopyout(&closetime, (void *)arg, sizeof (int), 5540 copyflag)); 5541 } 5542 5543 case TIOCGSID: 5544 { 5545 pid_t sid; 5546 5547 mutex_enter(&stp->sd_lock); 5548 if (stp->sd_sidp == NULL) { 5549 mutex_exit(&stp->sd_lock); 5550 return (ENOTTY); 5551 } 5552 sid = stp->sd_sidp->pid_id; 5553 mutex_exit(&stp->sd_lock); 5554 return (strcopyout(&sid, (void *)arg, sizeof (pid_t), 5555 copyflag)); 5556 } 5557 5558 case TIOCSPGRP: 5559 { 5560 pid_t pgrp; 5561 proc_t *q; 5562 pid_t sid, fg_pgid, bg_pgid; 5563 5564 if (error = strcopyin((void *)arg, &pgrp, sizeof (pid_t), 5565 copyflag)) 5566 return (error); 5567 mutex_enter(&stp->sd_lock); 5568 mutex_enter(&pidlock); 5569 if (stp->sd_sidp != ttoproc(curthread)->p_sessp->s_sidp) { 5570 mutex_exit(&pidlock); 5571 mutex_exit(&stp->sd_lock); 5572 return (ENOTTY); 5573 } 5574 if (pgrp == stp->sd_pgidp->pid_id) { 5575 mutex_exit(&pidlock); 5576 mutex_exit(&stp->sd_lock); 5577 return (0); 5578 } 5579 if (pgrp <= 0 || pgrp >= maxpid) { 5580 mutex_exit(&pidlock); 5581 mutex_exit(&stp->sd_lock); 5582 return (EINVAL); 5583 } 5584 if ((q = pgfind(pgrp)) == NULL || 5585 q->p_sessp != ttoproc(curthread)->p_sessp) { 5586 mutex_exit(&pidlock); 5587 mutex_exit(&stp->sd_lock); 5588 return (EPERM); 5589 } 5590 sid = stp->sd_sidp->pid_id; 5591 fg_pgid = q->p_pgrp; 5592 bg_pgid = stp->sd_pgidp->pid_id; 5593 CL_SET_PROCESS_GROUP(curthread, sid, bg_pgid, fg_pgid); 5594 PID_RELE(stp->sd_pgidp); 5595 ctty_clear_sighuped(); 5596 stp->sd_pgidp = q->p_pgidp; 5597 PID_HOLD(stp->sd_pgidp); 5598 mutex_exit(&pidlock); 5599 mutex_exit(&stp->sd_lock); 5600 return (0); 5601 } 5602 5603 case TIOCGPGRP: 5604 { 5605 pid_t pgrp; 5606 5607 mutex_enter(&stp->sd_lock); 5608 if (stp->sd_sidp == NULL) { 5609 mutex_exit(&stp->sd_lock); 5610 return (ENOTTY); 5611 } 5612 pgrp = stp->sd_pgidp->pid_id; 5613 mutex_exit(&stp->sd_lock); 5614 return (strcopyout(&pgrp, (void *)arg, sizeof (pid_t), 5615 copyflag)); 5616 } 5617 5618 case TIOCSCTTY: 5619 { 5620 return (strctty(stp)); 5621 } 5622 5623 case TIOCNOTTY: 5624 { 5625 /* freectty() always assumes curproc. */ 5626 if (freectty(B_FALSE) != 0) 5627 return (0); 5628 return (ENOTTY); 5629 } 5630 5631 case FIONBIO: 5632 case FIOASYNC: 5633 return (0); /* handled by the upper layer */ 5634 } 5635 } 5636 5637 /* 5638 * Custom free routine used for M_PASSFP messages. 5639 */ 5640 static void 5641 free_passfp(struct k_strrecvfd *srf) 5642 { 5643 (void) closef(srf->fp); 5644 kmem_free(srf, sizeof (struct k_strrecvfd) + sizeof (frtn_t)); 5645 } 5646 5647 /* ARGSUSED */ 5648 int 5649 do_sendfp(struct stdata *stp, struct file *fp, struct cred *cr) 5650 { 5651 queue_t *qp, *nextqp; 5652 struct k_strrecvfd *srf; 5653 mblk_t *mp; 5654 frtn_t *frtnp; 5655 size_t bufsize; 5656 queue_t *mate = NULL; 5657 syncq_t *sq = NULL; 5658 int retval = 0; 5659 5660 if (stp->sd_flag & STRHUP) 5661 return (ENXIO); 5662 5663 claimstr(stp->sd_wrq); 5664 5665 /* Fastpath, we have a pipe, and we are already mated, use it. */ 5666 if (STRMATED(stp)) { 5667 qp = _RD(stp->sd_mate->sd_wrq); 5668 claimstr(qp); 5669 mate = qp; 5670 } else { /* Not already mated. */ 5671 5672 /* 5673 * Walk the stream to the end of this one. 5674 * assumes that the claimstr() will prevent 5675 * plumbing between the stream head and the 5676 * driver from changing 5677 */ 5678 qp = stp->sd_wrq; 5679 5680 /* 5681 * Loop until we reach the end of this stream. 5682 * On completion, qp points to the write queue 5683 * at the end of the stream, or the read queue 5684 * at the stream head if this is a fifo. 5685 */ 5686 while (((qp = qp->q_next) != NULL) && _SAMESTR(qp)) 5687 ; 5688 5689 /* 5690 * Just in case we get a q_next which is NULL, but 5691 * not at the end of the stream. This is actually 5692 * broken, so we set an assert to catch it in 5693 * debug, and set an error and return if not debug. 5694 */ 5695 ASSERT(qp); 5696 if (qp == NULL) { 5697 releasestr(stp->sd_wrq); 5698 return (EINVAL); 5699 } 5700 5701 /* 5702 * Enter the syncq for the driver, so (hopefully) 5703 * the queue values will not change on us. 5704 * XXXX - This will only prevent the race IFF only 5705 * the write side modifies the q_next member, and 5706 * the put procedure is protected by at least 5707 * MT_PERQ. 5708 */ 5709 if ((sq = qp->q_syncq) != NULL) 5710 entersq(sq, SQ_PUT); 5711 5712 /* Now get the q_next value from this qp. */ 5713 nextqp = qp->q_next; 5714 5715 /* 5716 * If nextqp exists and the other stream is different 5717 * from this one claim the stream, set the mate, and 5718 * get the read queue at the stream head of the other 5719 * stream. Assumes that nextqp was at least valid when 5720 * we got it. Hopefully the entersq of the driver 5721 * will prevent it from changing on us. 5722 */ 5723 if ((nextqp != NULL) && (STREAM(nextqp) != stp)) { 5724 ASSERT(qp->q_qinfo->qi_srvp); 5725 ASSERT(_OTHERQ(qp)->q_qinfo->qi_srvp); 5726 ASSERT(_OTHERQ(qp->q_next)->q_qinfo->qi_srvp); 5727 claimstr(nextqp); 5728 5729 /* Make sure we still have a q_next */ 5730 if (nextqp != qp->q_next) { 5731 releasestr(stp->sd_wrq); 5732 releasestr(nextqp); 5733 return (EINVAL); 5734 } 5735 5736 qp = _RD(STREAM(nextqp)->sd_wrq); 5737 mate = qp; 5738 } 5739 /* If we entered the synq above, leave it. */ 5740 if (sq != NULL) 5741 leavesq(sq, SQ_PUT); 5742 } /* STRMATED(STP) */ 5743 5744 /* XXX prevents substitution of the ops vector */ 5745 if (qp->q_qinfo != &strdata && qp->q_qinfo != &fifo_strdata) { 5746 retval = EINVAL; 5747 goto out; 5748 } 5749 5750 if (qp->q_flag & QFULL) { 5751 retval = EAGAIN; 5752 goto out; 5753 } 5754 5755 /* 5756 * Since M_PASSFP messages include a file descriptor, we use 5757 * esballoc() and specify a custom free routine (free_passfp()) that 5758 * will close the descriptor as part of freeing the message. For 5759 * convenience, we stash the frtn_t right after the data block. 5760 */ 5761 bufsize = sizeof (struct k_strrecvfd) + sizeof (frtn_t); 5762 srf = kmem_alloc(bufsize, KM_NOSLEEP); 5763 if (srf == NULL) { 5764 retval = EAGAIN; 5765 goto out; 5766 } 5767 5768 frtnp = (frtn_t *)(srf + 1); 5769 frtnp->free_arg = (caddr_t)srf; 5770 frtnp->free_func = free_passfp; 5771 5772 mp = esballoc((uchar_t *)srf, bufsize, BPRI_MED, frtnp); 5773 if (mp == NULL) { 5774 kmem_free(srf, bufsize); 5775 retval = EAGAIN; 5776 goto out; 5777 } 5778 mp->b_wptr += sizeof (struct k_strrecvfd); 5779 mp->b_datap->db_type = M_PASSFP; 5780 5781 srf->fp = fp; 5782 srf->uid = crgetuid(curthread->t_cred); 5783 srf->gid = crgetgid(curthread->t_cred); 5784 mutex_enter(&fp->f_tlock); 5785 fp->f_count++; 5786 mutex_exit(&fp->f_tlock); 5787 5788 put(qp, mp); 5789 out: 5790 releasestr(stp->sd_wrq); 5791 if (mate) 5792 releasestr(mate); 5793 return (retval); 5794 } 5795 5796 /* 5797 * Send an ioctl message downstream and wait for acknowledgement. 5798 * flags may be set to either U_TO_K or K_TO_K and a combination 5799 * of STR_NOERROR or STR_NOSIG 5800 * STR_NOSIG: Signals are essentially ignored or held and have 5801 * no effect for the duration of the call. 5802 * STR_NOERROR: Ignores stream head read, write and hup errors. 5803 * Additionally, if an existing ioctl times out, it is assumed 5804 * lost and and this ioctl will continue as if the previous ioctl had 5805 * finished. ETIME may be returned if this ioctl times out (i.e. 5806 * ic_timout is not INFTIM). Non-stream head errors may be returned if 5807 * the ioc_error indicates that the driver/module had problems, 5808 * an EFAULT was found when accessing user data, a lack of 5809 * resources, etc. 5810 */ 5811 int 5812 strdoioctl( 5813 struct stdata *stp, 5814 struct strioctl *strioc, 5815 int fflags, /* file flags with model info */ 5816 int flag, 5817 cred_t *crp, 5818 int *rvalp) 5819 { 5820 mblk_t *bp; 5821 struct iocblk *iocbp; 5822 struct copyreq *reqp; 5823 struct copyresp *resp; 5824 int id; 5825 int transparent = 0; 5826 int error = 0; 5827 int len = 0; 5828 caddr_t taddr; 5829 int copyflag = (flag & (U_TO_K | K_TO_K)); 5830 int sigflag = (flag & STR_NOSIG); 5831 int errs; 5832 uint_t waitflags; 5833 5834 ASSERT(copyflag == U_TO_K || copyflag == K_TO_K); 5835 ASSERT((fflags & FMODELS) != 0); 5836 5837 TRACE_2(TR_FAC_STREAMS_FR, 5838 TR_STRDOIOCTL, 5839 "strdoioctl:stp %p strioc %p", stp, strioc); 5840 if (strioc->ic_len == TRANSPARENT) { /* send arg in M_DATA block */ 5841 transparent = 1; 5842 strioc->ic_len = sizeof (intptr_t); 5843 } 5844 5845 if (strioc->ic_len < 0 || (strmsgsz > 0 && strioc->ic_len > strmsgsz)) 5846 return (EINVAL); 5847 5848 if ((bp = allocb_cred_wait(sizeof (union ioctypes), sigflag, &error, 5849 crp)) == NULL) 5850 return (error); 5851 5852 bzero(bp->b_wptr, sizeof (union ioctypes)); 5853 5854 iocbp = (struct iocblk *)bp->b_wptr; 5855 iocbp->ioc_count = strioc->ic_len; 5856 iocbp->ioc_cmd = strioc->ic_cmd; 5857 iocbp->ioc_flag = (fflags & FMODELS); 5858 5859 crhold(crp); 5860 iocbp->ioc_cr = crp; 5861 DB_TYPE(bp) = M_IOCTL; 5862 DB_CPID(bp) = curproc->p_pid; 5863 bp->b_wptr += sizeof (struct iocblk); 5864 5865 if (flag & STR_NOERROR) 5866 errs = STPLEX; 5867 else 5868 errs = STRHUP|STRDERR|STWRERR|STPLEX; 5869 5870 /* 5871 * If there is data to copy into ioctl block, do so. 5872 */ 5873 if (iocbp->ioc_count > 0) { 5874 if (transparent) 5875 /* 5876 * Note: STR_NOERROR does not have an effect 5877 * in putiocd() 5878 */ 5879 id = K_TO_K | sigflag; 5880 else 5881 id = flag; 5882 if ((error = putiocd(bp, strioc->ic_dp, id, crp)) != 0) { 5883 freemsg(bp); 5884 crfree(crp); 5885 return (error); 5886 } 5887 5888 /* 5889 * We could have slept copying in user pages. 5890 * Recheck the stream head state (the other end 5891 * of a pipe could have gone away). 5892 */ 5893 if (stp->sd_flag & errs) { 5894 mutex_enter(&stp->sd_lock); 5895 error = strgeterr(stp, errs, 0); 5896 mutex_exit(&stp->sd_lock); 5897 if (error != 0) { 5898 freemsg(bp); 5899 crfree(crp); 5900 return (error); 5901 } 5902 } 5903 } 5904 if (transparent) 5905 iocbp->ioc_count = TRANSPARENT; 5906 5907 /* 5908 * Block for up to STRTIMOUT milliseconds if there is an outstanding 5909 * ioctl for this stream already running. All processes 5910 * sleeping here will be awakened as a result of an ACK 5911 * or NAK being received for the outstanding ioctl, or 5912 * as a result of the timer expiring on the outstanding 5913 * ioctl (a failure), or as a result of any waiting 5914 * process's timer expiring (also a failure). 5915 */ 5916 5917 error = 0; 5918 mutex_enter(&stp->sd_lock); 5919 while (stp->sd_flag & (IOCWAIT | IOCWAITNE)) { 5920 clock_t cv_rval; 5921 5922 TRACE_0(TR_FAC_STREAMS_FR, 5923 TR_STRDOIOCTL_WAIT, 5924 "strdoioctl sleeps - IOCWAIT"); 5925 cv_rval = str_cv_wait(&stp->sd_iocmonitor, &stp->sd_lock, 5926 STRTIMOUT, sigflag); 5927 if (cv_rval <= 0) { 5928 if (cv_rval == 0) { 5929 error = EINTR; 5930 } else { 5931 if (flag & STR_NOERROR) { 5932 /* 5933 * Terminating current ioctl in 5934 * progress -- assume it got lost and 5935 * wake up the other thread so that the 5936 * operation completes. 5937 */ 5938 if (!(stp->sd_flag & IOCWAITNE)) { 5939 stp->sd_flag |= IOCWAITNE; 5940 cv_broadcast(&stp->sd_monitor); 5941 } 5942 /* 5943 * Otherwise, there's a running 5944 * STR_NOERROR -- we have no choice 5945 * here but to wait forever (or until 5946 * interrupted). 5947 */ 5948 } else { 5949 /* 5950 * pending ioctl has caused 5951 * us to time out 5952 */ 5953 error = ETIME; 5954 } 5955 } 5956 } else if ((stp->sd_flag & errs)) { 5957 error = strgeterr(stp, errs, 0); 5958 } 5959 if (error) { 5960 mutex_exit(&stp->sd_lock); 5961 freemsg(bp); 5962 crfree(crp); 5963 return (error); 5964 } 5965 } 5966 5967 /* 5968 * Have control of ioctl mechanism. 5969 * Send down ioctl packet and wait for response. 5970 */ 5971 if (stp->sd_iocblk != (mblk_t *)-1) { 5972 freemsg(stp->sd_iocblk); 5973 } 5974 stp->sd_iocblk = NULL; 5975 5976 /* 5977 * If this is marked with 'noerror' (internal; mostly 5978 * I_{P,}{UN,}LINK), then make sure nobody else is able to get 5979 * in here by setting IOCWAITNE. 5980 */ 5981 waitflags = IOCWAIT; 5982 if (flag & STR_NOERROR) 5983 waitflags |= IOCWAITNE; 5984 5985 stp->sd_flag |= waitflags; 5986 5987 /* 5988 * Assign sequence number. 5989 */ 5990 iocbp->ioc_id = stp->sd_iocid = getiocseqno(); 5991 5992 mutex_exit(&stp->sd_lock); 5993 5994 TRACE_1(TR_FAC_STREAMS_FR, 5995 TR_STRDOIOCTL_PUT, "strdoioctl put: stp %p", stp); 5996 stream_willservice(stp); 5997 putnext(stp->sd_wrq, bp); 5998 stream_runservice(stp); 5999 6000 /* 6001 * Timed wait for acknowledgment. The wait time is limited by the 6002 * timeout value, which must be a positive integer (number of 6003 * milliseconds) to wait, or 0 (use default value of STRTIMOUT 6004 * milliseconds), or -1 (wait forever). This will be awakened 6005 * either by an ACK/NAK message arriving, the timer expiring, or 6006 * the timer expiring on another ioctl waiting for control of the 6007 * mechanism. 6008 */ 6009 waitioc: 6010 mutex_enter(&stp->sd_lock); 6011 6012 6013 /* 6014 * If the reply has already arrived, don't sleep. If awakened from 6015 * the sleep, fail only if the reply has not arrived by then. 6016 * Otherwise, process the reply. 6017 */ 6018 while (!stp->sd_iocblk) { 6019 clock_t cv_rval; 6020 6021 if (stp->sd_flag & errs) { 6022 error = strgeterr(stp, errs, 0); 6023 if (error != 0) { 6024 stp->sd_flag &= ~waitflags; 6025 cv_broadcast(&stp->sd_iocmonitor); 6026 mutex_exit(&stp->sd_lock); 6027 crfree(crp); 6028 return (error); 6029 } 6030 } 6031 6032 TRACE_0(TR_FAC_STREAMS_FR, 6033 TR_STRDOIOCTL_WAIT2, 6034 "strdoioctl sleeps awaiting reply"); 6035 ASSERT(error == 0); 6036 6037 cv_rval = str_cv_wait(&stp->sd_monitor, &stp->sd_lock, 6038 (strioc->ic_timout ? 6039 strioc->ic_timout * 1000 : STRTIMOUT), sigflag); 6040 6041 /* 6042 * There are four possible cases here: interrupt, timeout, 6043 * wakeup by IOCWAITNE (above), or wakeup by strrput_nondata (a 6044 * valid M_IOCTL reply). 6045 * 6046 * If we've been awakened by a STR_NOERROR ioctl on some other 6047 * thread, then sd_iocblk will still be NULL, and IOCWAITNE 6048 * will be set. Pretend as if we just timed out. Note that 6049 * this other thread waited at least STRTIMOUT before trying to 6050 * awaken our thread, so this is indistinguishable (even for 6051 * INFTIM) from the case where we failed with ETIME waiting on 6052 * IOCWAIT in the prior loop. 6053 */ 6054 if (cv_rval > 0 && !(flag & STR_NOERROR) && 6055 stp->sd_iocblk == NULL && (stp->sd_flag & IOCWAITNE)) { 6056 cv_rval = -1; 6057 } 6058 6059 /* 6060 * note: STR_NOERROR does not protect 6061 * us here.. use ic_timout < 0 6062 */ 6063 if (cv_rval <= 0) { 6064 if (cv_rval == 0) { 6065 error = EINTR; 6066 } else { 6067 error = ETIME; 6068 } 6069 /* 6070 * A message could have come in after we were scheduled 6071 * but before we were actually run. 6072 */ 6073 bp = stp->sd_iocblk; 6074 stp->sd_iocblk = NULL; 6075 if (bp != NULL) { 6076 if ((bp->b_datap->db_type == M_COPYIN) || 6077 (bp->b_datap->db_type == M_COPYOUT)) { 6078 mutex_exit(&stp->sd_lock); 6079 if (bp->b_cont) { 6080 freemsg(bp->b_cont); 6081 bp->b_cont = NULL; 6082 } 6083 bp->b_datap->db_type = M_IOCDATA; 6084 bp->b_wptr = bp->b_rptr + 6085 sizeof (struct copyresp); 6086 resp = (struct copyresp *)bp->b_rptr; 6087 resp->cp_rval = 6088 (caddr_t)1; /* failure */ 6089 stream_willservice(stp); 6090 putnext(stp->sd_wrq, bp); 6091 stream_runservice(stp); 6092 mutex_enter(&stp->sd_lock); 6093 } else { 6094 freemsg(bp); 6095 } 6096 } 6097 stp->sd_flag &= ~waitflags; 6098 cv_broadcast(&stp->sd_iocmonitor); 6099 mutex_exit(&stp->sd_lock); 6100 crfree(crp); 6101 return (error); 6102 } 6103 } 6104 bp = stp->sd_iocblk; 6105 /* 6106 * Note: it is strictly impossible to get here with sd_iocblk set to 6107 * -1. This is because the initial loop above doesn't allow any new 6108 * ioctls into the fray until all others have passed this point. 6109 */ 6110 ASSERT(bp != NULL && bp != (mblk_t *)-1); 6111 TRACE_1(TR_FAC_STREAMS_FR, 6112 TR_STRDOIOCTL_ACK, "strdoioctl got reply: bp %p", bp); 6113 if ((bp->b_datap->db_type == M_IOCACK) || 6114 (bp->b_datap->db_type == M_IOCNAK)) { 6115 /* for detection of duplicate ioctl replies */ 6116 stp->sd_iocblk = (mblk_t *)-1; 6117 stp->sd_flag &= ~waitflags; 6118 cv_broadcast(&stp->sd_iocmonitor); 6119 mutex_exit(&stp->sd_lock); 6120 } else { 6121 /* 6122 * flags not cleared here because we're still doing 6123 * copy in/out for ioctl. 6124 */ 6125 stp->sd_iocblk = NULL; 6126 mutex_exit(&stp->sd_lock); 6127 } 6128 6129 6130 /* 6131 * Have received acknowledgment. 6132 */ 6133 6134 switch (bp->b_datap->db_type) { 6135 case M_IOCACK: 6136 /* 6137 * Positive ack. 6138 */ 6139 iocbp = (struct iocblk *)bp->b_rptr; 6140 6141 /* 6142 * Set error if indicated. 6143 */ 6144 if (iocbp->ioc_error) { 6145 error = iocbp->ioc_error; 6146 break; 6147 } 6148 6149 /* 6150 * Set return value. 6151 */ 6152 *rvalp = iocbp->ioc_rval; 6153 6154 /* 6155 * Data may have been returned in ACK message (ioc_count > 0). 6156 * If so, copy it out to the user's buffer. 6157 */ 6158 if (iocbp->ioc_count && !transparent) { 6159 if (error = getiocd(bp, strioc->ic_dp, copyflag)) 6160 break; 6161 } 6162 if (!transparent) { 6163 if (len) /* an M_COPYOUT was used with I_STR */ 6164 strioc->ic_len = len; 6165 else 6166 strioc->ic_len = (int)iocbp->ioc_count; 6167 } 6168 break; 6169 6170 case M_IOCNAK: 6171 /* 6172 * Negative ack. 6173 * 6174 * The only thing to do is set error as specified 6175 * in neg ack packet. 6176 */ 6177 iocbp = (struct iocblk *)bp->b_rptr; 6178 6179 error = (iocbp->ioc_error ? iocbp->ioc_error : EINVAL); 6180 break; 6181 6182 case M_COPYIN: 6183 /* 6184 * Driver or module has requested user ioctl data. 6185 */ 6186 reqp = (struct copyreq *)bp->b_rptr; 6187 6188 /* 6189 * M_COPYIN should *never* have a message attached, though 6190 * it's harmless if it does -- thus, panic on a DEBUG 6191 * kernel and just free it on a non-DEBUG build. 6192 */ 6193 ASSERT(bp->b_cont == NULL); 6194 if (bp->b_cont != NULL) { 6195 freemsg(bp->b_cont); 6196 bp->b_cont = NULL; 6197 } 6198 6199 error = putiocd(bp, reqp->cq_addr, flag, crp); 6200 if (error && bp->b_cont) { 6201 freemsg(bp->b_cont); 6202 bp->b_cont = NULL; 6203 } 6204 6205 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 6206 bp->b_datap->db_type = M_IOCDATA; 6207 6208 mblk_setcred(bp, crp); 6209 DB_CPID(bp) = curproc->p_pid; 6210 resp = (struct copyresp *)bp->b_rptr; 6211 resp->cp_rval = (caddr_t)(uintptr_t)error; 6212 resp->cp_flag = (fflags & FMODELS); 6213 6214 stream_willservice(stp); 6215 putnext(stp->sd_wrq, bp); 6216 stream_runservice(stp); 6217 6218 if (error) { 6219 mutex_enter(&stp->sd_lock); 6220 stp->sd_flag &= ~waitflags; 6221 cv_broadcast(&stp->sd_iocmonitor); 6222 mutex_exit(&stp->sd_lock); 6223 crfree(crp); 6224 return (error); 6225 } 6226 6227 goto waitioc; 6228 6229 case M_COPYOUT: 6230 /* 6231 * Driver or module has ioctl data for a user. 6232 */ 6233 reqp = (struct copyreq *)bp->b_rptr; 6234 ASSERT(bp->b_cont != NULL); 6235 6236 /* 6237 * Always (transparent or non-transparent ) 6238 * use the address specified in the request 6239 */ 6240 taddr = reqp->cq_addr; 6241 if (!transparent) 6242 len = (int)reqp->cq_size; 6243 6244 /* copyout data to the provided address */ 6245 error = getiocd(bp, taddr, copyflag); 6246 6247 freemsg(bp->b_cont); 6248 bp->b_cont = NULL; 6249 6250 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 6251 bp->b_datap->db_type = M_IOCDATA; 6252 6253 mblk_setcred(bp, crp); 6254 DB_CPID(bp) = curproc->p_pid; 6255 resp = (struct copyresp *)bp->b_rptr; 6256 resp->cp_rval = (caddr_t)(uintptr_t)error; 6257 resp->cp_flag = (fflags & FMODELS); 6258 6259 stream_willservice(stp); 6260 putnext(stp->sd_wrq, bp); 6261 stream_runservice(stp); 6262 6263 if (error) { 6264 mutex_enter(&stp->sd_lock); 6265 stp->sd_flag &= ~waitflags; 6266 cv_broadcast(&stp->sd_iocmonitor); 6267 mutex_exit(&stp->sd_lock); 6268 crfree(crp); 6269 return (error); 6270 } 6271 goto waitioc; 6272 6273 default: 6274 ASSERT(0); 6275 mutex_enter(&stp->sd_lock); 6276 stp->sd_flag &= ~waitflags; 6277 cv_broadcast(&stp->sd_iocmonitor); 6278 mutex_exit(&stp->sd_lock); 6279 break; 6280 } 6281 6282 freemsg(bp); 6283 crfree(crp); 6284 return (error); 6285 } 6286 6287 /* 6288 * For the SunOS keyboard driver. 6289 * Return the next available "ioctl" sequence number. 6290 * Exported, so that streams modules can send "ioctl" messages 6291 * downstream from their open routine. 6292 */ 6293 int 6294 getiocseqno(void) 6295 { 6296 int i; 6297 6298 mutex_enter(&strresources); 6299 i = ++ioc_id; 6300 mutex_exit(&strresources); 6301 return (i); 6302 } 6303 6304 /* 6305 * Get the next message from the read queue. If the message is 6306 * priority, STRPRI will have been set by strrput(). This flag 6307 * should be reset only when the entire message at the front of the 6308 * queue as been consumed. 6309 * 6310 * NOTE: strgetmsg and kstrgetmsg have much of the logic in common. 6311 */ 6312 int 6313 strgetmsg( 6314 struct vnode *vp, 6315 struct strbuf *mctl, 6316 struct strbuf *mdata, 6317 unsigned char *prip, 6318 int *flagsp, 6319 int fmode, 6320 rval_t *rvp) 6321 { 6322 struct stdata *stp; 6323 mblk_t *bp, *nbp; 6324 mblk_t *savemp = NULL; 6325 mblk_t *savemptail = NULL; 6326 uint_t old_sd_flag; 6327 int flg; 6328 int more = 0; 6329 int error = 0; 6330 char first = 1; 6331 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 6332 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 6333 unsigned char pri = 0; 6334 queue_t *q; 6335 int pr = 0; /* Partial read successful */ 6336 struct uio uios; 6337 struct uio *uiop = &uios; 6338 struct iovec iovs; 6339 unsigned char type; 6340 6341 TRACE_1(TR_FAC_STREAMS_FR, TR_STRGETMSG_ENTER, 6342 "strgetmsg:%p", vp); 6343 6344 ASSERT(vp->v_stream); 6345 stp = vp->v_stream; 6346 rvp->r_val1 = 0; 6347 6348 mutex_enter(&stp->sd_lock); 6349 6350 if ((error = i_straccess(stp, JCREAD)) != 0) { 6351 mutex_exit(&stp->sd_lock); 6352 return (error); 6353 } 6354 6355 if (stp->sd_flag & (STRDERR|STPLEX)) { 6356 error = strgeterr(stp, STRDERR|STPLEX, 0); 6357 if (error != 0) { 6358 mutex_exit(&stp->sd_lock); 6359 return (error); 6360 } 6361 } 6362 mutex_exit(&stp->sd_lock); 6363 6364 switch (*flagsp) { 6365 case MSG_HIPRI: 6366 if (*prip != 0) 6367 return (EINVAL); 6368 break; 6369 6370 case MSG_ANY: 6371 case MSG_BAND: 6372 break; 6373 6374 default: 6375 return (EINVAL); 6376 } 6377 /* 6378 * Setup uio and iov for data part 6379 */ 6380 iovs.iov_base = mdata->buf; 6381 iovs.iov_len = mdata->maxlen; 6382 uios.uio_iov = &iovs; 6383 uios.uio_iovcnt = 1; 6384 uios.uio_loffset = 0; 6385 uios.uio_segflg = UIO_USERSPACE; 6386 uios.uio_fmode = 0; 6387 uios.uio_extflg = UIO_COPY_CACHED; 6388 uios.uio_resid = mdata->maxlen; 6389 uios.uio_offset = 0; 6390 6391 q = _RD(stp->sd_wrq); 6392 mutex_enter(&stp->sd_lock); 6393 old_sd_flag = stp->sd_flag; 6394 mark = 0; 6395 for (;;) { 6396 int done = 0; 6397 mblk_t *q_first = q->q_first; 6398 6399 /* 6400 * Get the next message of appropriate priority 6401 * from the stream head. If the caller is interested 6402 * in band or hipri messages, then they should already 6403 * be enqueued at the stream head. On the other hand 6404 * if the caller wants normal (band 0) messages, they 6405 * might be deferred in a synchronous stream and they 6406 * will need to be pulled up. 6407 * 6408 * After we have dequeued a message, we might find that 6409 * it was a deferred M_SIG that was enqueued at the 6410 * stream head. It must now be posted as part of the 6411 * read by calling strsignal_nolock(). 6412 * 6413 * Also note that strrput does not enqueue an M_PCSIG, 6414 * and there cannot be more than one hipri message, 6415 * so there was no need to have the M_PCSIG case. 6416 * 6417 * At some time it might be nice to try and wrap the 6418 * functionality of kstrgetmsg() and strgetmsg() into 6419 * a common routine so to reduce the amount of replicated 6420 * code (since they are extremely similar). 6421 */ 6422 if (!(*flagsp & (MSG_HIPRI|MSG_BAND))) { 6423 /* Asking for normal, band0 data */ 6424 bp = strget(stp, q, uiop, first, &error); 6425 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6426 if (bp != NULL) { 6427 if (bp->b_datap->db_type == M_SIG) { 6428 strsignal_nolock(stp, *bp->b_rptr, 6429 (int32_t)bp->b_band); 6430 continue; 6431 } else { 6432 break; 6433 } 6434 } 6435 if (error != 0) { 6436 goto getmout; 6437 } 6438 6439 /* 6440 * We can't depend on the value of STRPRI here because 6441 * the stream head may be in transit. Therefore, we 6442 * must look at the type of the first message to 6443 * determine if a high priority messages is waiting 6444 */ 6445 } else if ((*flagsp & MSG_HIPRI) && q_first != NULL && 6446 q_first->b_datap->db_type >= QPCTL && 6447 (bp = getq_noenab(q)) != NULL) { 6448 /* Asked for HIPRI and got one */ 6449 ASSERT(bp->b_datap->db_type >= QPCTL); 6450 break; 6451 } else if ((*flagsp & MSG_BAND) && q_first != NULL && 6452 ((q_first->b_band >= *prip) || 6453 q_first->b_datap->db_type >= QPCTL) && 6454 (bp = getq_noenab(q)) != NULL) { 6455 /* 6456 * Asked for at least band "prip" and got either at 6457 * least that band or a hipri message. 6458 */ 6459 ASSERT(bp->b_band >= *prip || 6460 bp->b_datap->db_type >= QPCTL); 6461 if (bp->b_datap->db_type == M_SIG) { 6462 strsignal_nolock(stp, *bp->b_rptr, 6463 (int32_t)bp->b_band); 6464 continue; 6465 } else { 6466 break; 6467 } 6468 } 6469 6470 /* No data. Time to sleep? */ 6471 qbackenable(q, 0); 6472 6473 /* 6474 * If STRHUP or STREOF, return 0 length control and data. 6475 * If resid is 0, then a read(fd,buf,0) was done. Do not 6476 * sleep to satisfy this request because by default we have 6477 * zero bytes to return. 6478 */ 6479 if ((stp->sd_flag & (STRHUP|STREOF)) || (mctl->maxlen == 0 && 6480 mdata->maxlen == 0)) { 6481 mctl->len = mdata->len = 0; 6482 *flagsp = 0; 6483 mutex_exit(&stp->sd_lock); 6484 return (0); 6485 } 6486 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_WAIT, 6487 "strgetmsg calls strwaitq:%p, %p", 6488 vp, uiop); 6489 if (((error = strwaitq(stp, GETWAIT, (ssize_t)0, fmode, -1, 6490 &done)) != 0) || done) { 6491 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_DONE, 6492 "strgetmsg error or done:%p, %p", 6493 vp, uiop); 6494 mutex_exit(&stp->sd_lock); 6495 return (error); 6496 } 6497 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_AWAKE, 6498 "strgetmsg awakes:%p, %p", vp, uiop); 6499 if ((error = i_straccess(stp, JCREAD)) != 0) { 6500 mutex_exit(&stp->sd_lock); 6501 return (error); 6502 } 6503 first = 0; 6504 } 6505 ASSERT(bp != NULL); 6506 /* 6507 * Extract any mark information. If the message is not completely 6508 * consumed this information will be put in the mblk 6509 * that is putback. 6510 * If MSGMARKNEXT is set and the message is completely consumed 6511 * the STRATMARK flag will be set below. Likewise, if 6512 * MSGNOTMARKNEXT is set and the message is 6513 * completely consumed STRNOTATMARK will be set. 6514 */ 6515 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 6516 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 6517 (MSGMARKNEXT|MSGNOTMARKNEXT)); 6518 if (mark != 0 && bp == stp->sd_mark) { 6519 mark |= _LASTMARK; 6520 stp->sd_mark = NULL; 6521 } 6522 /* 6523 * keep track of the original message type and priority 6524 */ 6525 pri = bp->b_band; 6526 type = bp->b_datap->db_type; 6527 if (type == M_PASSFP) { 6528 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 6529 stp->sd_mark = bp; 6530 bp->b_flag |= mark & ~_LASTMARK; 6531 putback(stp, q, bp, pri); 6532 qbackenable(q, pri); 6533 mutex_exit(&stp->sd_lock); 6534 return (EBADMSG); 6535 } 6536 ASSERT(type != M_SIG); 6537 6538 /* 6539 * Set this flag so strrput will not generate signals. Need to 6540 * make sure this flag is cleared before leaving this routine 6541 * else signals will stop being sent. 6542 */ 6543 stp->sd_flag |= STRGETINPROG; 6544 mutex_exit(&stp->sd_lock); 6545 6546 if (STREAM_NEEDSERVICE(stp)) 6547 stream_runservice(stp); 6548 6549 /* 6550 * Set HIPRI flag if message is priority. 6551 */ 6552 if (type >= QPCTL) 6553 flg = MSG_HIPRI; 6554 else 6555 flg = MSG_BAND; 6556 6557 /* 6558 * First process PROTO or PCPROTO blocks, if any. 6559 */ 6560 if (mctl->maxlen >= 0 && type != M_DATA) { 6561 size_t n, bcnt; 6562 char *ubuf; 6563 6564 bcnt = mctl->maxlen; 6565 ubuf = mctl->buf; 6566 while (bp != NULL && bp->b_datap->db_type != M_DATA) { 6567 if ((n = MIN(bcnt, bp->b_wptr - bp->b_rptr)) != 0 && 6568 copyout(bp->b_rptr, ubuf, n)) { 6569 error = EFAULT; 6570 mutex_enter(&stp->sd_lock); 6571 /* 6572 * clear stream head pri flag based on 6573 * first message type 6574 */ 6575 if (type >= QPCTL) { 6576 ASSERT(type == M_PCPROTO); 6577 stp->sd_flag &= ~STRPRI; 6578 } 6579 more = 0; 6580 freemsg(bp); 6581 goto getmout; 6582 } 6583 ubuf += n; 6584 bp->b_rptr += n; 6585 if (bp->b_rptr >= bp->b_wptr) { 6586 nbp = bp; 6587 bp = bp->b_cont; 6588 freeb(nbp); 6589 } 6590 ASSERT(n <= bcnt); 6591 bcnt -= n; 6592 if (bcnt == 0) 6593 break; 6594 } 6595 mctl->len = mctl->maxlen - bcnt; 6596 } else 6597 mctl->len = -1; 6598 6599 if (bp && bp->b_datap->db_type != M_DATA) { 6600 /* 6601 * More PROTO blocks in msg. 6602 */ 6603 more |= MORECTL; 6604 savemp = bp; 6605 while (bp && bp->b_datap->db_type != M_DATA) { 6606 savemptail = bp; 6607 bp = bp->b_cont; 6608 } 6609 savemptail->b_cont = NULL; 6610 } 6611 6612 /* 6613 * Now process DATA blocks, if any. 6614 */ 6615 if (mdata->maxlen >= 0 && bp) { 6616 /* 6617 * struiocopyout will consume a potential zero-length 6618 * M_DATA even if uio_resid is zero. 6619 */ 6620 size_t oldresid = uiop->uio_resid; 6621 6622 bp = struiocopyout(bp, uiop, &error); 6623 if (error != 0) { 6624 mutex_enter(&stp->sd_lock); 6625 /* 6626 * clear stream head hi pri flag based on 6627 * first message 6628 */ 6629 if (type >= QPCTL) { 6630 ASSERT(type == M_PCPROTO); 6631 stp->sd_flag &= ~STRPRI; 6632 } 6633 more = 0; 6634 freemsg(savemp); 6635 goto getmout; 6636 } 6637 /* 6638 * (pr == 1) indicates a partial read. 6639 */ 6640 if (oldresid > uiop->uio_resid) 6641 pr = 1; 6642 mdata->len = mdata->maxlen - uiop->uio_resid; 6643 } else 6644 mdata->len = -1; 6645 6646 if (bp) { /* more data blocks in msg */ 6647 more |= MOREDATA; 6648 if (savemp) 6649 savemptail->b_cont = bp; 6650 else 6651 savemp = bp; 6652 } 6653 6654 mutex_enter(&stp->sd_lock); 6655 if (savemp) { 6656 if (pr && (savemp->b_datap->db_type == M_DATA) && 6657 msgnodata(savemp)) { 6658 /* 6659 * Avoid queuing a zero-length tail part of 6660 * a message. pr=1 indicates that we read some of 6661 * the message. 6662 */ 6663 freemsg(savemp); 6664 more &= ~MOREDATA; 6665 /* 6666 * clear stream head hi pri flag based on 6667 * first message 6668 */ 6669 if (type >= QPCTL) { 6670 ASSERT(type == M_PCPROTO); 6671 stp->sd_flag &= ~STRPRI; 6672 } 6673 } else { 6674 savemp->b_band = pri; 6675 /* 6676 * If the first message was HIPRI and the one we're 6677 * putting back isn't, then clear STRPRI, otherwise 6678 * set STRPRI again. Note that we must set STRPRI 6679 * again since the flush logic in strrput_nondata() 6680 * may have cleared it while we had sd_lock dropped. 6681 */ 6682 if (type >= QPCTL) { 6683 ASSERT(type == M_PCPROTO); 6684 if (queclass(savemp) < QPCTL) 6685 stp->sd_flag &= ~STRPRI; 6686 else 6687 stp->sd_flag |= STRPRI; 6688 } else if (queclass(savemp) >= QPCTL) { 6689 /* 6690 * The first message was not a HIPRI message, 6691 * but the one we are about to putback is. 6692 * For simplicitly, we do not allow for HIPRI 6693 * messages to be embedded in the message 6694 * body, so just force it to same type as 6695 * first message. 6696 */ 6697 ASSERT(type == M_DATA || type == M_PROTO); 6698 ASSERT(savemp->b_datap->db_type == M_PCPROTO); 6699 savemp->b_datap->db_type = type; 6700 } 6701 if (mark != 0) { 6702 savemp->b_flag |= mark & ~_LASTMARK; 6703 if ((mark & _LASTMARK) && 6704 (stp->sd_mark == NULL)) { 6705 /* 6706 * If another marked message arrived 6707 * while sd_lock was not held sd_mark 6708 * would be non-NULL. 6709 */ 6710 stp->sd_mark = savemp; 6711 } 6712 } 6713 putback(stp, q, savemp, pri); 6714 } 6715 } else { 6716 /* 6717 * The complete message was consumed. 6718 * 6719 * If another M_PCPROTO arrived while sd_lock was not held 6720 * it would have been discarded since STRPRI was still set. 6721 * 6722 * Move the MSG*MARKNEXT information 6723 * to the stream head just in case 6724 * the read queue becomes empty. 6725 * clear stream head hi pri flag based on 6726 * first message 6727 * 6728 * If the stream head was at the mark 6729 * (STRATMARK) before we dropped sd_lock above 6730 * and some data was consumed then we have 6731 * moved past the mark thus STRATMARK is 6732 * cleared. However, if a message arrived in 6733 * strrput during the copyout above causing 6734 * STRATMARK to be set we can not clear that 6735 * flag. 6736 */ 6737 if (type >= QPCTL) { 6738 ASSERT(type == M_PCPROTO); 6739 stp->sd_flag &= ~STRPRI; 6740 } 6741 if (mark & (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 6742 if (mark & MSGMARKNEXT) { 6743 stp->sd_flag &= ~STRNOTATMARK; 6744 stp->sd_flag |= STRATMARK; 6745 } else if (mark & MSGNOTMARKNEXT) { 6746 stp->sd_flag &= ~STRATMARK; 6747 stp->sd_flag |= STRNOTATMARK; 6748 } else { 6749 stp->sd_flag &= ~(STRATMARK|STRNOTATMARK); 6750 } 6751 } else if (pr && (old_sd_flag & STRATMARK)) { 6752 stp->sd_flag &= ~STRATMARK; 6753 } 6754 } 6755 6756 *flagsp = flg; 6757 *prip = pri; 6758 6759 /* 6760 * Getmsg cleanup processing - if the state of the queue has changed 6761 * some signals may need to be sent and/or poll awakened. 6762 */ 6763 getmout: 6764 qbackenable(q, pri); 6765 6766 /* 6767 * We dropped the stream head lock above. Send all M_SIG messages 6768 * before processing stream head for SIGPOLL messages. 6769 */ 6770 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6771 while ((bp = q->q_first) != NULL && 6772 (bp->b_datap->db_type == M_SIG)) { 6773 /* 6774 * sd_lock is held so the content of the read queue can not 6775 * change. 6776 */ 6777 bp = getq(q); 6778 ASSERT(bp != NULL && bp->b_datap->db_type == M_SIG); 6779 6780 strsignal_nolock(stp, *bp->b_rptr, (int32_t)bp->b_band); 6781 mutex_exit(&stp->sd_lock); 6782 freemsg(bp); 6783 if (STREAM_NEEDSERVICE(stp)) 6784 stream_runservice(stp); 6785 mutex_enter(&stp->sd_lock); 6786 } 6787 6788 /* 6789 * stream head cannot change while we make the determination 6790 * whether or not to send a signal. Drop the flag to allow strrput 6791 * to send firstmsgsigs again. 6792 */ 6793 stp->sd_flag &= ~STRGETINPROG; 6794 6795 /* 6796 * If the type of message at the front of the queue changed 6797 * due to the receive the appropriate signals and pollwakeup events 6798 * are generated. The type of changes are: 6799 * Processed a hipri message, q_first is not hipri. 6800 * Processed a band X message, and q_first is band Y. 6801 * The generated signals and pollwakeups are identical to what 6802 * strrput() generates should the message that is now on q_first 6803 * arrive to an empty read queue. 6804 * 6805 * Note: only strrput will send a signal for a hipri message. 6806 */ 6807 if ((bp = q->q_first) != NULL && !(stp->sd_flag & STRPRI)) { 6808 strsigset_t signals = 0; 6809 strpollset_t pollwakeups = 0; 6810 6811 if (flg & MSG_HIPRI) { 6812 /* 6813 * Removed a hipri message. Regular data at 6814 * the front of the queue. 6815 */ 6816 if (bp->b_band == 0) { 6817 signals = S_INPUT | S_RDNORM; 6818 pollwakeups = POLLIN | POLLRDNORM; 6819 } else { 6820 signals = S_INPUT | S_RDBAND; 6821 pollwakeups = POLLIN | POLLRDBAND; 6822 } 6823 } else if (pri != bp->b_band) { 6824 /* 6825 * The band is different for the new q_first. 6826 */ 6827 if (bp->b_band == 0) { 6828 signals = S_RDNORM; 6829 pollwakeups = POLLIN | POLLRDNORM; 6830 } else { 6831 signals = S_RDBAND; 6832 pollwakeups = POLLIN | POLLRDBAND; 6833 } 6834 } 6835 6836 if (pollwakeups != 0) { 6837 if (pollwakeups == (POLLIN | POLLRDNORM)) { 6838 if (!(stp->sd_rput_opt & SR_POLLIN)) 6839 goto no_pollwake; 6840 stp->sd_rput_opt &= ~SR_POLLIN; 6841 } 6842 mutex_exit(&stp->sd_lock); 6843 pollwakeup(&stp->sd_pollist, pollwakeups); 6844 mutex_enter(&stp->sd_lock); 6845 } 6846 no_pollwake: 6847 6848 if (stp->sd_sigflags & signals) 6849 strsendsig(stp->sd_siglist, signals, bp->b_band, 0); 6850 } 6851 mutex_exit(&stp->sd_lock); 6852 6853 rvp->r_val1 = more; 6854 return (error); 6855 #undef _LASTMARK 6856 } 6857 6858 /* 6859 * Get the next message from the read queue. If the message is 6860 * priority, STRPRI will have been set by strrput(). This flag 6861 * should be reset only when the entire message at the front of the 6862 * queue as been consumed. 6863 * 6864 * If uiop is NULL all data is returned in mctlp. 6865 * Note that a NULL uiop implies that FNDELAY and FNONBLOCK are assumed 6866 * not enabled. 6867 * The timeout parameter is in milliseconds; -1 for infinity. 6868 * This routine handles the consolidation private flags: 6869 * MSG_IGNERROR Ignore any stream head error except STPLEX. 6870 * MSG_DELAYERROR Defer the error check until the queue is empty. 6871 * MSG_HOLDSIG Hold signals while waiting for data. 6872 * MSG_IPEEK Only peek at messages. 6873 * MSG_DISCARDTAIL Discard the tail M_DATA part of the message 6874 * that doesn't fit. 6875 * MSG_NOMARK If the message is marked leave it on the queue. 6876 * 6877 * NOTE: strgetmsg and kstrgetmsg have much of the logic in common. 6878 */ 6879 int 6880 kstrgetmsg( 6881 struct vnode *vp, 6882 mblk_t **mctlp, 6883 struct uio *uiop, 6884 unsigned char *prip, 6885 int *flagsp, 6886 clock_t timout, 6887 rval_t *rvp) 6888 { 6889 struct stdata *stp; 6890 mblk_t *bp, *nbp; 6891 mblk_t *savemp = NULL; 6892 mblk_t *savemptail = NULL; 6893 int flags; 6894 uint_t old_sd_flag; 6895 int flg; 6896 int more = 0; 6897 int error = 0; 6898 char first = 1; 6899 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 6900 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 6901 unsigned char pri = 0; 6902 queue_t *q; 6903 int pr = 0; /* Partial read successful */ 6904 unsigned char type; 6905 6906 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_ENTER, 6907 "kstrgetmsg:%p", vp); 6908 6909 ASSERT(vp->v_stream); 6910 stp = vp->v_stream; 6911 rvp->r_val1 = 0; 6912 6913 mutex_enter(&stp->sd_lock); 6914 6915 if ((error = i_straccess(stp, JCREAD)) != 0) { 6916 mutex_exit(&stp->sd_lock); 6917 return (error); 6918 } 6919 6920 flags = *flagsp; 6921 if (stp->sd_flag & (STRDERR|STPLEX)) { 6922 if ((stp->sd_flag & STPLEX) || 6923 (flags & (MSG_IGNERROR|MSG_DELAYERROR)) == 0) { 6924 error = strgeterr(stp, STRDERR|STPLEX, 6925 (flags & MSG_IPEEK)); 6926 if (error != 0) { 6927 mutex_exit(&stp->sd_lock); 6928 return (error); 6929 } 6930 } 6931 } 6932 mutex_exit(&stp->sd_lock); 6933 6934 switch (flags & (MSG_HIPRI|MSG_ANY|MSG_BAND)) { 6935 case MSG_HIPRI: 6936 if (*prip != 0) 6937 return (EINVAL); 6938 break; 6939 6940 case MSG_ANY: 6941 case MSG_BAND: 6942 break; 6943 6944 default: 6945 return (EINVAL); 6946 } 6947 6948 retry: 6949 q = _RD(stp->sd_wrq); 6950 mutex_enter(&stp->sd_lock); 6951 old_sd_flag = stp->sd_flag; 6952 mark = 0; 6953 for (;;) { 6954 int done = 0; 6955 int waitflag; 6956 int fmode; 6957 mblk_t *q_first = q->q_first; 6958 6959 /* 6960 * This section of the code operates just like the code 6961 * in strgetmsg(). There is a comment there about what 6962 * is going on here. 6963 */ 6964 if (!(flags & (MSG_HIPRI|MSG_BAND))) { 6965 /* Asking for normal, band0 data */ 6966 bp = strget(stp, q, uiop, first, &error); 6967 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6968 if (bp != NULL) { 6969 if (bp->b_datap->db_type == M_SIG) { 6970 strsignal_nolock(stp, *bp->b_rptr, 6971 (int32_t)bp->b_band); 6972 continue; 6973 } else { 6974 break; 6975 } 6976 } 6977 if (error != 0) { 6978 goto getmout; 6979 } 6980 /* 6981 * We can't depend on the value of STRPRI here because 6982 * the stream head may be in transit. Therefore, we 6983 * must look at the type of the first message to 6984 * determine if a high priority messages is waiting 6985 */ 6986 } else if ((flags & MSG_HIPRI) && q_first != NULL && 6987 q_first->b_datap->db_type >= QPCTL && 6988 (bp = getq_noenab(q)) != NULL) { 6989 ASSERT(bp->b_datap->db_type >= QPCTL); 6990 break; 6991 } else if ((flags & MSG_BAND) && q_first != NULL && 6992 ((q_first->b_band >= *prip) || 6993 q_first->b_datap->db_type >= QPCTL) && 6994 (bp = getq_noenab(q)) != NULL) { 6995 /* 6996 * Asked for at least band "prip" and got either at 6997 * least that band or a hipri message. 6998 */ 6999 ASSERT(bp->b_band >= *prip || 7000 bp->b_datap->db_type >= QPCTL); 7001 if (bp->b_datap->db_type == M_SIG) { 7002 strsignal_nolock(stp, *bp->b_rptr, 7003 (int32_t)bp->b_band); 7004 continue; 7005 } else { 7006 break; 7007 } 7008 } 7009 7010 /* No data. Time to sleep? */ 7011 qbackenable(q, 0); 7012 7013 /* 7014 * Delayed error notification? 7015 */ 7016 if ((stp->sd_flag & (STRDERR|STPLEX)) && 7017 (flags & (MSG_IGNERROR|MSG_DELAYERROR)) == MSG_DELAYERROR) { 7018 error = strgeterr(stp, STRDERR|STPLEX, 7019 (flags & MSG_IPEEK)); 7020 if (error != 0) { 7021 mutex_exit(&stp->sd_lock); 7022 return (error); 7023 } 7024 } 7025 7026 /* 7027 * If STRHUP or STREOF, return 0 length control and data. 7028 * If a read(fd,buf,0) has been done, do not sleep, just 7029 * return. 7030 * 7031 * If mctlp == NULL and uiop == NULL, then the code will 7032 * do the strwaitq. This is an understood way of saying 7033 * sleep "polling" until a message is received. 7034 */ 7035 if ((stp->sd_flag & (STRHUP|STREOF)) || 7036 (uiop != NULL && uiop->uio_resid == 0)) { 7037 if (mctlp != NULL) 7038 *mctlp = NULL; 7039 *flagsp = 0; 7040 mutex_exit(&stp->sd_lock); 7041 return (0); 7042 } 7043 7044 waitflag = GETWAIT; 7045 if (flags & 7046 (MSG_HOLDSIG|MSG_IGNERROR|MSG_IPEEK|MSG_DELAYERROR)) { 7047 if (flags & MSG_HOLDSIG) 7048 waitflag |= STR_NOSIG; 7049 if (flags & MSG_IGNERROR) 7050 waitflag |= STR_NOERROR; 7051 if (flags & MSG_IPEEK) 7052 waitflag |= STR_PEEK; 7053 if (flags & MSG_DELAYERROR) 7054 waitflag |= STR_DELAYERR; 7055 } 7056 if (uiop != NULL) 7057 fmode = uiop->uio_fmode; 7058 else 7059 fmode = 0; 7060 7061 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_WAIT, 7062 "kstrgetmsg calls strwaitq:%p, %p", 7063 vp, uiop); 7064 if (((error = strwaitq(stp, waitflag, (ssize_t)0, 7065 fmode, timout, &done)) != 0) || done) { 7066 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_DONE, 7067 "kstrgetmsg error or done:%p, %p", 7068 vp, uiop); 7069 mutex_exit(&stp->sd_lock); 7070 return (error); 7071 } 7072 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_AWAKE, 7073 "kstrgetmsg awakes:%p, %p", vp, uiop); 7074 if ((error = i_straccess(stp, JCREAD)) != 0) { 7075 mutex_exit(&stp->sd_lock); 7076 return (error); 7077 } 7078 first = 0; 7079 } 7080 ASSERT(bp != NULL); 7081 /* 7082 * Extract any mark information. If the message is not completely 7083 * consumed this information will be put in the mblk 7084 * that is putback. 7085 * If MSGMARKNEXT is set and the message is completely consumed 7086 * the STRATMARK flag will be set below. Likewise, if 7087 * MSGNOTMARKNEXT is set and the message is 7088 * completely consumed STRNOTATMARK will be set. 7089 */ 7090 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 7091 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 7092 (MSGMARKNEXT|MSGNOTMARKNEXT)); 7093 pri = bp->b_band; 7094 if (mark != 0) { 7095 /* 7096 * If the caller doesn't want the mark return. 7097 * Used to implement MSG_WAITALL in sockets. 7098 */ 7099 if (flags & MSG_NOMARK) { 7100 putback(stp, q, bp, pri); 7101 qbackenable(q, pri); 7102 mutex_exit(&stp->sd_lock); 7103 return (EWOULDBLOCK); 7104 } 7105 if (bp == stp->sd_mark) { 7106 mark |= _LASTMARK; 7107 stp->sd_mark = NULL; 7108 } 7109 } 7110 7111 /* 7112 * keep track of the first message type 7113 */ 7114 type = bp->b_datap->db_type; 7115 7116 if (bp->b_datap->db_type == M_PASSFP) { 7117 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7118 stp->sd_mark = bp; 7119 bp->b_flag |= mark & ~_LASTMARK; 7120 putback(stp, q, bp, pri); 7121 qbackenable(q, pri); 7122 mutex_exit(&stp->sd_lock); 7123 return (EBADMSG); 7124 } 7125 ASSERT(type != M_SIG); 7126 7127 if (flags & MSG_IPEEK) { 7128 /* 7129 * Clear any struioflag - we do the uiomove over again 7130 * when peeking since it simplifies the code. 7131 * 7132 * Dup the message and put the original back on the queue. 7133 * If dupmsg() fails, try again with copymsg() to see if 7134 * there is indeed a shortage of memory. dupmsg() may fail 7135 * if db_ref in any of the messages reaches its limit. 7136 */ 7137 if ((nbp = dupmsg(bp)) == NULL && (nbp = copymsg(bp)) == NULL) { 7138 /* 7139 * Restore the state of the stream head since we 7140 * need to drop sd_lock (strwaitbuf is sleeping). 7141 */ 7142 size_t size = msgdsize(bp); 7143 7144 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7145 stp->sd_mark = bp; 7146 bp->b_flag |= mark & ~_LASTMARK; 7147 putback(stp, q, bp, pri); 7148 mutex_exit(&stp->sd_lock); 7149 error = strwaitbuf(size, BPRI_HI); 7150 if (error) { 7151 /* 7152 * There is no net change to the queue thus 7153 * no need to qbackenable. 7154 */ 7155 return (error); 7156 } 7157 goto retry; 7158 } 7159 7160 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7161 stp->sd_mark = bp; 7162 bp->b_flag |= mark & ~_LASTMARK; 7163 putback(stp, q, bp, pri); 7164 bp = nbp; 7165 } 7166 7167 /* 7168 * Set this flag so strrput will not generate signals. Need to 7169 * make sure this flag is cleared before leaving this routine 7170 * else signals will stop being sent. 7171 */ 7172 stp->sd_flag |= STRGETINPROG; 7173 mutex_exit(&stp->sd_lock); 7174 7175 if ((stp->sd_rputdatafunc != NULL) && (DB_TYPE(bp) == M_DATA) && 7176 (!(DB_FLAGS(bp) & DBLK_COOKED))) { 7177 7178 bp = (stp->sd_rputdatafunc)( 7179 stp->sd_vnode, bp, NULL, 7180 NULL, NULL, NULL); 7181 7182 if (bp == NULL) 7183 goto retry; 7184 7185 DB_FLAGS(bp) |= DBLK_COOKED; 7186 } 7187 7188 if (STREAM_NEEDSERVICE(stp)) 7189 stream_runservice(stp); 7190 7191 /* 7192 * Set HIPRI flag if message is priority. 7193 */ 7194 if (type >= QPCTL) 7195 flg = MSG_HIPRI; 7196 else 7197 flg = MSG_BAND; 7198 7199 /* 7200 * First process PROTO or PCPROTO blocks, if any. 7201 */ 7202 if (mctlp != NULL && type != M_DATA) { 7203 mblk_t *nbp; 7204 7205 *mctlp = bp; 7206 while (bp->b_cont && bp->b_cont->b_datap->db_type != M_DATA) 7207 bp = bp->b_cont; 7208 nbp = bp->b_cont; 7209 bp->b_cont = NULL; 7210 bp = nbp; 7211 } 7212 7213 if (bp && bp->b_datap->db_type != M_DATA) { 7214 /* 7215 * More PROTO blocks in msg. Will only happen if mctlp is NULL. 7216 */ 7217 more |= MORECTL; 7218 savemp = bp; 7219 while (bp && bp->b_datap->db_type != M_DATA) { 7220 savemptail = bp; 7221 bp = bp->b_cont; 7222 } 7223 savemptail->b_cont = NULL; 7224 } 7225 7226 /* 7227 * Now process DATA blocks, if any. 7228 */ 7229 if (uiop == NULL) { 7230 /* Append data to tail of mctlp */ 7231 if (mctlp != NULL) { 7232 mblk_t **mpp = mctlp; 7233 7234 while (*mpp != NULL) 7235 mpp = &((*mpp)->b_cont); 7236 *mpp = bp; 7237 bp = NULL; 7238 } 7239 } else if (uiop->uio_resid >= 0 && bp) { 7240 size_t oldresid = uiop->uio_resid; 7241 7242 /* 7243 * If a streams message is likely to consist 7244 * of many small mblks, it is pulled up into 7245 * one continuous chunk of memory. 7246 * see longer comment at top of page 7247 * by mblk_pull_len declaration. 7248 */ 7249 7250 if (MBLKL(bp) < mblk_pull_len) { 7251 (void) pullupmsg(bp, -1); 7252 } 7253 7254 bp = struiocopyout(bp, uiop, &error); 7255 if (error != 0) { 7256 if (mctlp != NULL) { 7257 freemsg(*mctlp); 7258 *mctlp = NULL; 7259 } else 7260 freemsg(savemp); 7261 mutex_enter(&stp->sd_lock); 7262 /* 7263 * clear stream head hi pri flag based on 7264 * first message 7265 */ 7266 if (!(flags & MSG_IPEEK) && (type >= QPCTL)) { 7267 ASSERT(type == M_PCPROTO); 7268 stp->sd_flag &= ~STRPRI; 7269 } 7270 more = 0; 7271 goto getmout; 7272 } 7273 /* 7274 * (pr == 1) indicates a partial read. 7275 */ 7276 if (oldresid > uiop->uio_resid) 7277 pr = 1; 7278 } 7279 7280 if (bp) { /* more data blocks in msg */ 7281 more |= MOREDATA; 7282 if (savemp) 7283 savemptail->b_cont = bp; 7284 else 7285 savemp = bp; 7286 } 7287 7288 mutex_enter(&stp->sd_lock); 7289 if (savemp) { 7290 if (flags & (MSG_IPEEK|MSG_DISCARDTAIL)) { 7291 /* 7292 * When MSG_DISCARDTAIL is set or 7293 * when peeking discard any tail. When peeking this 7294 * is the tail of the dup that was copied out - the 7295 * message has already been putback on the queue. 7296 * Return MOREDATA to the caller even though the data 7297 * is discarded. This is used by sockets (to 7298 * set MSG_TRUNC). 7299 */ 7300 freemsg(savemp); 7301 if (!(flags & MSG_IPEEK) && (type >= QPCTL)) { 7302 ASSERT(type == M_PCPROTO); 7303 stp->sd_flag &= ~STRPRI; 7304 } 7305 } else if (pr && (savemp->b_datap->db_type == M_DATA) && 7306 msgnodata(savemp)) { 7307 /* 7308 * Avoid queuing a zero-length tail part of 7309 * a message. pr=1 indicates that we read some of 7310 * the message. 7311 */ 7312 freemsg(savemp); 7313 more &= ~MOREDATA; 7314 if (type >= QPCTL) { 7315 ASSERT(type == M_PCPROTO); 7316 stp->sd_flag &= ~STRPRI; 7317 } 7318 } else { 7319 savemp->b_band = pri; 7320 /* 7321 * If the first message was HIPRI and the one we're 7322 * putting back isn't, then clear STRPRI, otherwise 7323 * set STRPRI again. Note that we must set STRPRI 7324 * again since the flush logic in strrput_nondata() 7325 * may have cleared it while we had sd_lock dropped. 7326 */ 7327 if (type >= QPCTL) { 7328 ASSERT(type == M_PCPROTO); 7329 if (queclass(savemp) < QPCTL) 7330 stp->sd_flag &= ~STRPRI; 7331 else 7332 stp->sd_flag |= STRPRI; 7333 } else if (queclass(savemp) >= QPCTL) { 7334 /* 7335 * The first message was not a HIPRI message, 7336 * but the one we are about to putback is. 7337 * For simplicitly, we do not allow for HIPRI 7338 * messages to be embedded in the message 7339 * body, so just force it to same type as 7340 * first message. 7341 */ 7342 ASSERT(type == M_DATA || type == M_PROTO); 7343 ASSERT(savemp->b_datap->db_type == M_PCPROTO); 7344 savemp->b_datap->db_type = type; 7345 } 7346 if (mark != 0) { 7347 if ((mark & _LASTMARK) && 7348 (stp->sd_mark == NULL)) { 7349 /* 7350 * If another marked message arrived 7351 * while sd_lock was not held sd_mark 7352 * would be non-NULL. 7353 */ 7354 stp->sd_mark = savemp; 7355 } 7356 savemp->b_flag |= mark & ~_LASTMARK; 7357 } 7358 putback(stp, q, savemp, pri); 7359 } 7360 } else if (!(flags & MSG_IPEEK)) { 7361 /* 7362 * The complete message was consumed. 7363 * 7364 * If another M_PCPROTO arrived while sd_lock was not held 7365 * it would have been discarded since STRPRI was still set. 7366 * 7367 * Move the MSG*MARKNEXT information 7368 * to the stream head just in case 7369 * the read queue becomes empty. 7370 * clear stream head hi pri flag based on 7371 * first message 7372 * 7373 * If the stream head was at the mark 7374 * (STRATMARK) before we dropped sd_lock above 7375 * and some data was consumed then we have 7376 * moved past the mark thus STRATMARK is 7377 * cleared. However, if a message arrived in 7378 * strrput during the copyout above causing 7379 * STRATMARK to be set we can not clear that 7380 * flag. 7381 * XXX A "perimeter" would help by single-threading strrput, 7382 * strread, strgetmsg and kstrgetmsg. 7383 */ 7384 if (type >= QPCTL) { 7385 ASSERT(type == M_PCPROTO); 7386 stp->sd_flag &= ~STRPRI; 7387 } 7388 if (mark & (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 7389 if (mark & MSGMARKNEXT) { 7390 stp->sd_flag &= ~STRNOTATMARK; 7391 stp->sd_flag |= STRATMARK; 7392 } else if (mark & MSGNOTMARKNEXT) { 7393 stp->sd_flag &= ~STRATMARK; 7394 stp->sd_flag |= STRNOTATMARK; 7395 } else { 7396 stp->sd_flag &= ~(STRATMARK|STRNOTATMARK); 7397 } 7398 } else if (pr && (old_sd_flag & STRATMARK)) { 7399 stp->sd_flag &= ~STRATMARK; 7400 } 7401 } 7402 7403 *flagsp = flg; 7404 *prip = pri; 7405 7406 /* 7407 * Getmsg cleanup processing - if the state of the queue has changed 7408 * some signals may need to be sent and/or poll awakened. 7409 */ 7410 getmout: 7411 qbackenable(q, pri); 7412 7413 /* 7414 * We dropped the stream head lock above. Send all M_SIG messages 7415 * before processing stream head for SIGPOLL messages. 7416 */ 7417 ASSERT(MUTEX_HELD(&stp->sd_lock)); 7418 while ((bp = q->q_first) != NULL && 7419 (bp->b_datap->db_type == M_SIG)) { 7420 /* 7421 * sd_lock is held so the content of the read queue can not 7422 * change. 7423 */ 7424 bp = getq(q); 7425 ASSERT(bp != NULL && bp->b_datap->db_type == M_SIG); 7426 7427 strsignal_nolock(stp, *bp->b_rptr, (int32_t)bp->b_band); 7428 mutex_exit(&stp->sd_lock); 7429 freemsg(bp); 7430 if (STREAM_NEEDSERVICE(stp)) 7431 stream_runservice(stp); 7432 mutex_enter(&stp->sd_lock); 7433 } 7434 7435 /* 7436 * stream head cannot change while we make the determination 7437 * whether or not to send a signal. Drop the flag to allow strrput 7438 * to send firstmsgsigs again. 7439 */ 7440 stp->sd_flag &= ~STRGETINPROG; 7441 7442 /* 7443 * If the type of message at the front of the queue changed 7444 * due to the receive the appropriate signals and pollwakeup events 7445 * are generated. The type of changes are: 7446 * Processed a hipri message, q_first is not hipri. 7447 * Processed a band X message, and q_first is band Y. 7448 * The generated signals and pollwakeups are identical to what 7449 * strrput() generates should the message that is now on q_first 7450 * arrive to an empty read queue. 7451 * 7452 * Note: only strrput will send a signal for a hipri message. 7453 */ 7454 if ((bp = q->q_first) != NULL && !(stp->sd_flag & STRPRI)) { 7455 strsigset_t signals = 0; 7456 strpollset_t pollwakeups = 0; 7457 7458 if (flg & MSG_HIPRI) { 7459 /* 7460 * Removed a hipri message. Regular data at 7461 * the front of the queue. 7462 */ 7463 if (bp->b_band == 0) { 7464 signals = S_INPUT | S_RDNORM; 7465 pollwakeups = POLLIN | POLLRDNORM; 7466 } else { 7467 signals = S_INPUT | S_RDBAND; 7468 pollwakeups = POLLIN | POLLRDBAND; 7469 } 7470 } else if (pri != bp->b_band) { 7471 /* 7472 * The band is different for the new q_first. 7473 */ 7474 if (bp->b_band == 0) { 7475 signals = S_RDNORM; 7476 pollwakeups = POLLIN | POLLRDNORM; 7477 } else { 7478 signals = S_RDBAND; 7479 pollwakeups = POLLIN | POLLRDBAND; 7480 } 7481 } 7482 7483 if (pollwakeups != 0) { 7484 if (pollwakeups == (POLLIN | POLLRDNORM)) { 7485 if (!(stp->sd_rput_opt & SR_POLLIN)) 7486 goto no_pollwake; 7487 stp->sd_rput_opt &= ~SR_POLLIN; 7488 } 7489 mutex_exit(&stp->sd_lock); 7490 pollwakeup(&stp->sd_pollist, pollwakeups); 7491 mutex_enter(&stp->sd_lock); 7492 } 7493 no_pollwake: 7494 7495 if (stp->sd_sigflags & signals) 7496 strsendsig(stp->sd_siglist, signals, bp->b_band, 0); 7497 } 7498 mutex_exit(&stp->sd_lock); 7499 7500 rvp->r_val1 = more; 7501 return (error); 7502 #undef _LASTMARK 7503 } 7504 7505 /* 7506 * Put a message downstream. 7507 * 7508 * NOTE: strputmsg and kstrputmsg have much of the logic in common. 7509 */ 7510 int 7511 strputmsg( 7512 struct vnode *vp, 7513 struct strbuf *mctl, 7514 struct strbuf *mdata, 7515 unsigned char pri, 7516 int flag, 7517 int fmode) 7518 { 7519 struct stdata *stp; 7520 queue_t *wqp; 7521 mblk_t *mp; 7522 ssize_t msgsize; 7523 ssize_t rmin, rmax; 7524 int error; 7525 struct uio uios; 7526 struct uio *uiop = &uios; 7527 struct iovec iovs; 7528 int xpg4 = 0; 7529 7530 ASSERT(vp->v_stream); 7531 stp = vp->v_stream; 7532 wqp = stp->sd_wrq; 7533 7534 /* 7535 * If it is an XPG4 application, we need to send 7536 * SIGPIPE below 7537 */ 7538 7539 xpg4 = (flag & MSG_XPG4) ? 1 : 0; 7540 flag &= ~MSG_XPG4; 7541 7542 #ifdef C2_AUDIT 7543 if (audit_active) 7544 audit_strputmsg(vp, mctl, mdata, pri, flag, fmode); 7545 #endif 7546 7547 mutex_enter(&stp->sd_lock); 7548 7549 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7550 mutex_exit(&stp->sd_lock); 7551 return (error); 7552 } 7553 7554 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 7555 error = strwriteable(stp, B_FALSE, xpg4); 7556 if (error != 0) { 7557 mutex_exit(&stp->sd_lock); 7558 return (error); 7559 } 7560 } 7561 7562 mutex_exit(&stp->sd_lock); 7563 7564 /* 7565 * Check for legal flag value. 7566 */ 7567 switch (flag) { 7568 case MSG_HIPRI: 7569 if ((mctl->len < 0) || (pri != 0)) 7570 return (EINVAL); 7571 break; 7572 case MSG_BAND: 7573 break; 7574 7575 default: 7576 return (EINVAL); 7577 } 7578 7579 TRACE_1(TR_FAC_STREAMS_FR, TR_STRPUTMSG_IN, 7580 "strputmsg in:stp %p", stp); 7581 7582 /* get these values from those cached in the stream head */ 7583 rmin = stp->sd_qn_minpsz; 7584 rmax = stp->sd_qn_maxpsz; 7585 7586 /* 7587 * Make sure ctl and data sizes together fall within the 7588 * limits of the max and min receive packet sizes and do 7589 * not exceed system limit. 7590 */ 7591 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 7592 if (rmax == 0) { 7593 return (ERANGE); 7594 } 7595 /* 7596 * Use the MAXIMUM of sd_maxblk and q_maxpsz. 7597 * Needed to prevent partial failures in the strmakedata loop. 7598 */ 7599 if (stp->sd_maxblk != INFPSZ && rmax != INFPSZ && rmax < stp->sd_maxblk) 7600 rmax = stp->sd_maxblk; 7601 7602 if ((msgsize = mdata->len) < 0) { 7603 msgsize = 0; 7604 rmin = 0; /* no range check for NULL data part */ 7605 } 7606 if ((msgsize < rmin) || 7607 ((msgsize > rmax) && (rmax != INFPSZ)) || 7608 (mctl->len > strctlsz)) { 7609 return (ERANGE); 7610 } 7611 7612 /* 7613 * Setup uio and iov for data part 7614 */ 7615 iovs.iov_base = mdata->buf; 7616 iovs.iov_len = msgsize; 7617 uios.uio_iov = &iovs; 7618 uios.uio_iovcnt = 1; 7619 uios.uio_loffset = 0; 7620 uios.uio_segflg = UIO_USERSPACE; 7621 uios.uio_fmode = fmode; 7622 uios.uio_extflg = UIO_COPY_DEFAULT; 7623 uios.uio_resid = msgsize; 7624 uios.uio_offset = 0; 7625 7626 /* Ignore flow control in strput for HIPRI */ 7627 if (flag & MSG_HIPRI) 7628 flag |= MSG_IGNFLOW; 7629 7630 for (;;) { 7631 int done = 0; 7632 7633 /* 7634 * strput will always free the ctl mblk - even when strput 7635 * fails. 7636 */ 7637 if ((error = strmakectl(mctl, flag, fmode, &mp)) != 0) { 7638 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7639 "strputmsg out:stp %p out %d error %d", 7640 stp, 1, error); 7641 return (error); 7642 } 7643 /* 7644 * Verify that the whole message can be transferred by 7645 * strput. 7646 */ 7647 ASSERT(stp->sd_maxblk == INFPSZ || 7648 stp->sd_maxblk >= mdata->len); 7649 7650 msgsize = mdata->len; 7651 error = strput(stp, mp, uiop, &msgsize, 0, pri, flag); 7652 mdata->len = msgsize; 7653 7654 if (error == 0) 7655 break; 7656 7657 if (error != EWOULDBLOCK) 7658 goto out; 7659 7660 mutex_enter(&stp->sd_lock); 7661 /* 7662 * Check for a missed wakeup. 7663 * Needed since strput did not hold sd_lock across 7664 * the canputnext. 7665 */ 7666 if (bcanputnext(wqp, pri)) { 7667 /* Try again */ 7668 mutex_exit(&stp->sd_lock); 7669 continue; 7670 } 7671 TRACE_2(TR_FAC_STREAMS_FR, TR_STRPUTMSG_WAIT, 7672 "strputmsg wait:stp %p waits pri %d", stp, pri); 7673 if (((error = strwaitq(stp, WRITEWAIT, (ssize_t)0, fmode, -1, 7674 &done)) != 0) || done) { 7675 mutex_exit(&stp->sd_lock); 7676 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7677 "strputmsg out:q %p out %d error %d", 7678 stp, 0, error); 7679 return (error); 7680 } 7681 TRACE_1(TR_FAC_STREAMS_FR, TR_STRPUTMSG_WAKE, 7682 "strputmsg wake:stp %p wakes", stp); 7683 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7684 mutex_exit(&stp->sd_lock); 7685 return (error); 7686 } 7687 mutex_exit(&stp->sd_lock); 7688 } 7689 out: 7690 /* 7691 * For historic reasons, applications expect EAGAIN 7692 * when data mblk could not be allocated. so change 7693 * ENOMEM back to EAGAIN 7694 */ 7695 if (error == ENOMEM) 7696 error = EAGAIN; 7697 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7698 "strputmsg out:stp %p out %d error %d", stp, 2, error); 7699 return (error); 7700 } 7701 7702 /* 7703 * Put a message downstream. 7704 * Can send only an M_PROTO/M_PCPROTO by passing in a NULL uiop. 7705 * The fmode flag (NDELAY, NONBLOCK) is the or of the flags in the uio 7706 * and the fmode parameter. 7707 * 7708 * This routine handles the consolidation private flags: 7709 * MSG_IGNERROR Ignore any stream head error except STPLEX. 7710 * MSG_HOLDSIG Hold signals while waiting for data. 7711 * MSG_IGNFLOW Don't check streams flow control. 7712 * 7713 * NOTE: strputmsg and kstrputmsg have much of the logic in common. 7714 */ 7715 int 7716 kstrputmsg( 7717 struct vnode *vp, 7718 mblk_t *mctl, 7719 struct uio *uiop, 7720 ssize_t msgsize, 7721 unsigned char pri, 7722 int flag, 7723 int fmode) 7724 { 7725 struct stdata *stp; 7726 queue_t *wqp; 7727 ssize_t rmin, rmax; 7728 int error; 7729 7730 ASSERT(vp->v_stream); 7731 stp = vp->v_stream; 7732 wqp = stp->sd_wrq; 7733 #ifdef C2_AUDIT 7734 if (audit_active) 7735 audit_strputmsg(vp, NULL, NULL, pri, flag, fmode); 7736 #endif 7737 if (mctl == NULL) 7738 return (EINVAL); 7739 7740 mutex_enter(&stp->sd_lock); 7741 7742 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7743 mutex_exit(&stp->sd_lock); 7744 freemsg(mctl); 7745 return (error); 7746 } 7747 7748 if ((stp->sd_flag & STPLEX) || !(flag & MSG_IGNERROR)) { 7749 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 7750 error = strwriteable(stp, B_FALSE, B_TRUE); 7751 if (error != 0) { 7752 mutex_exit(&stp->sd_lock); 7753 freemsg(mctl); 7754 return (error); 7755 } 7756 } 7757 } 7758 7759 mutex_exit(&stp->sd_lock); 7760 7761 /* 7762 * Check for legal flag value. 7763 */ 7764 switch (flag & (MSG_HIPRI|MSG_BAND|MSG_ANY)) { 7765 case MSG_HIPRI: 7766 if (pri != 0) { 7767 freemsg(mctl); 7768 return (EINVAL); 7769 } 7770 break; 7771 case MSG_BAND: 7772 break; 7773 default: 7774 freemsg(mctl); 7775 return (EINVAL); 7776 } 7777 7778 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_IN, 7779 "kstrputmsg in:stp %p", stp); 7780 7781 /* get these values from those cached in the stream head */ 7782 rmin = stp->sd_qn_minpsz; 7783 rmax = stp->sd_qn_maxpsz; 7784 7785 /* 7786 * Make sure ctl and data sizes together fall within the 7787 * limits of the max and min receive packet sizes and do 7788 * not exceed system limit. 7789 */ 7790 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 7791 if (rmax == 0) { 7792 freemsg(mctl); 7793 return (ERANGE); 7794 } 7795 /* 7796 * Use the MAXIMUM of sd_maxblk and q_maxpsz. 7797 * Needed to prevent partial failures in the strmakedata loop. 7798 */ 7799 if (stp->sd_maxblk != INFPSZ && rmax != INFPSZ && rmax < stp->sd_maxblk) 7800 rmax = stp->sd_maxblk; 7801 7802 if (uiop == NULL) { 7803 msgsize = -1; 7804 rmin = -1; /* no range check for NULL data part */ 7805 } else { 7806 /* Use uio flags as well as the fmode parameter flags */ 7807 fmode |= uiop->uio_fmode; 7808 7809 if ((msgsize < rmin) || 7810 ((msgsize > rmax) && (rmax != INFPSZ))) { 7811 freemsg(mctl); 7812 return (ERANGE); 7813 } 7814 } 7815 7816 /* Ignore flow control in strput for HIPRI */ 7817 if (flag & MSG_HIPRI) 7818 flag |= MSG_IGNFLOW; 7819 7820 for (;;) { 7821 int done = 0; 7822 int waitflag; 7823 mblk_t *mp; 7824 7825 /* 7826 * strput will always free the ctl mblk - even when strput 7827 * fails. If MSG_IGNFLOW is set then any error returned 7828 * will cause us to break the loop, so we don't need a copy 7829 * of the message. If MSG_IGNFLOW is not set, then we can 7830 * get hit by flow control and be forced to try again. In 7831 * this case we need to have a copy of the message. We 7832 * do this using copymsg since the message may get modified 7833 * by something below us. 7834 * 7835 * We've observed that many TPI providers do not check db_ref 7836 * on the control messages but blindly reuse them for the 7837 * T_OK_ACK/T_ERROR_ACK. Thus using copymsg is more 7838 * friendly to such providers than using dupmsg. Also, note 7839 * that sockfs uses MSG_IGNFLOW for all TPI control messages. 7840 * Only data messages are subject to flow control, hence 7841 * subject to this copymsg. 7842 */ 7843 if (flag & MSG_IGNFLOW) { 7844 mp = mctl; 7845 mctl = NULL; 7846 } else { 7847 do { 7848 /* 7849 * If a message has a free pointer, the message 7850 * must be dupmsg to maintain this pointer. 7851 * Code using this facility must be sure 7852 * that modules below will not change the 7853 * contents of the dblk without checking db_ref 7854 * first. If db_ref is > 1, then the module 7855 * needs to do a copymsg first. Otherwise, 7856 * the contents of the dblk may become 7857 * inconsistent because the freesmg/freeb below 7858 * may end up calling atomic_add_32_nv. 7859 * The atomic_add_32_nv in freeb (accessing 7860 * all of db_ref, db_type, db_flags, and 7861 * db_struioflag) does not prevent other threads 7862 * from concurrently trying to modify e.g. 7863 * db_type. 7864 */ 7865 if (mctl->b_datap->db_frtnp != NULL) 7866 mp = dupmsg(mctl); 7867 else 7868 mp = copymsg(mctl); 7869 7870 if (mp != NULL) 7871 break; 7872 7873 error = strwaitbuf(msgdsize(mctl), BPRI_MED); 7874 if (error) { 7875 freemsg(mctl); 7876 return (error); 7877 } 7878 } while (mp == NULL); 7879 } 7880 /* 7881 * Verify that all of msgsize can be transferred by 7882 * strput. 7883 */ 7884 ASSERT(stp->sd_maxblk == INFPSZ || stp->sd_maxblk >= msgsize); 7885 error = strput(stp, mp, uiop, &msgsize, 0, pri, flag); 7886 if (error == 0) 7887 break; 7888 7889 if (error != EWOULDBLOCK) 7890 goto out; 7891 7892 /* 7893 * IF MSG_IGNFLOW is set we should have broken out of loop 7894 * above. 7895 */ 7896 ASSERT(!(flag & MSG_IGNFLOW)); 7897 mutex_enter(&stp->sd_lock); 7898 /* 7899 * Check for a missed wakeup. 7900 * Needed since strput did not hold sd_lock across 7901 * the canputnext. 7902 */ 7903 if (bcanputnext(wqp, pri)) { 7904 /* Try again */ 7905 mutex_exit(&stp->sd_lock); 7906 continue; 7907 } 7908 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_WAIT, 7909 "kstrputmsg wait:stp %p waits pri %d", stp, pri); 7910 7911 waitflag = WRITEWAIT; 7912 if (flag & (MSG_HOLDSIG|MSG_IGNERROR)) { 7913 if (flag & MSG_HOLDSIG) 7914 waitflag |= STR_NOSIG; 7915 if (flag & MSG_IGNERROR) 7916 waitflag |= STR_NOERROR; 7917 } 7918 if (((error = strwaitq(stp, waitflag, 7919 (ssize_t)0, fmode, -1, &done)) != 0) || done) { 7920 mutex_exit(&stp->sd_lock); 7921 TRACE_3(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_OUT, 7922 "kstrputmsg out:stp %p out %d error %d", 7923 stp, 0, error); 7924 freemsg(mctl); 7925 return (error); 7926 } 7927 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_WAKE, 7928 "kstrputmsg wake:stp %p wakes", stp); 7929 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7930 mutex_exit(&stp->sd_lock); 7931 freemsg(mctl); 7932 return (error); 7933 } 7934 mutex_exit(&stp->sd_lock); 7935 } 7936 out: 7937 freemsg(mctl); 7938 /* 7939 * For historic reasons, applications expect EAGAIN 7940 * when data mblk could not be allocated. so change 7941 * ENOMEM back to EAGAIN 7942 */ 7943 if (error == ENOMEM) 7944 error = EAGAIN; 7945 TRACE_3(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_OUT, 7946 "kstrputmsg out:stp %p out %d error %d", stp, 2, error); 7947 return (error); 7948 } 7949 7950 /* 7951 * Determines whether the necessary conditions are set on a stream 7952 * for it to be readable, writeable, or have exceptions. 7953 * 7954 * strpoll handles the consolidation private events: 7955 * POLLNOERR Do not return POLLERR even if there are stream 7956 * head errors. 7957 * Used by sockfs. 7958 * POLLRDDATA Do not return POLLIN unless at least one message on 7959 * the queue contains one or more M_DATA mblks. Thus 7960 * when this flag is set a queue with only 7961 * M_PROTO/M_PCPROTO mblks does not return POLLIN. 7962 * Used by sockfs to ignore T_EXDATA_IND messages. 7963 * 7964 * Note: POLLRDDATA assumes that synch streams only return messages with 7965 * an M_DATA attached (i.e. not messages consisting of only 7966 * an M_PROTO/M_PCPROTO part). 7967 */ 7968 int 7969 strpoll( 7970 struct stdata *stp, 7971 short events_arg, 7972 int anyyet, 7973 short *reventsp, 7974 struct pollhead **phpp) 7975 { 7976 int events = (ushort_t)events_arg; 7977 int retevents = 0; 7978 mblk_t *mp; 7979 qband_t *qbp; 7980 long sd_flags = stp->sd_flag; 7981 int headlocked = 0; 7982 7983 /* 7984 * For performance, a single 'if' tests for most possible edge 7985 * conditions in one shot 7986 */ 7987 if (sd_flags & (STPLEX | STRDERR | STWRERR)) { 7988 if (sd_flags & STPLEX) { 7989 *reventsp = POLLNVAL; 7990 return (EINVAL); 7991 } 7992 if (((events & (POLLIN | POLLRDNORM | POLLRDBAND | POLLPRI)) && 7993 (sd_flags & STRDERR)) || 7994 ((events & (POLLOUT | POLLWRNORM | POLLWRBAND)) && 7995 (sd_flags & STWRERR))) { 7996 if (!(events & POLLNOERR)) { 7997 *reventsp = POLLERR; 7998 return (0); 7999 } 8000 } 8001 } 8002 if (sd_flags & STRHUP) { 8003 retevents |= POLLHUP; 8004 } else if (events & (POLLWRNORM | POLLWRBAND)) { 8005 queue_t *tq; 8006 queue_t *qp = stp->sd_wrq; 8007 8008 claimstr(qp); 8009 /* Find next module forward that has a service procedure */ 8010 tq = qp->q_next->q_nfsrv; 8011 ASSERT(tq != NULL); 8012 8013 polllock(&stp->sd_pollist, QLOCK(tq)); 8014 if (events & POLLWRNORM) { 8015 queue_t *sqp; 8016 8017 if (tq->q_flag & QFULL) 8018 /* ensure backq svc procedure runs */ 8019 tq->q_flag |= QWANTW; 8020 else if ((sqp = stp->sd_struiowrq) != NULL) { 8021 /* Check sync stream barrier write q */ 8022 mutex_exit(QLOCK(tq)); 8023 polllock(&stp->sd_pollist, QLOCK(sqp)); 8024 if (sqp->q_flag & QFULL) 8025 /* ensure pollwakeup() is done */ 8026 sqp->q_flag |= QWANTWSYNC; 8027 else 8028 retevents |= POLLOUT; 8029 /* More write events to process ??? */ 8030 if (! (events & POLLWRBAND)) { 8031 mutex_exit(QLOCK(sqp)); 8032 releasestr(qp); 8033 goto chkrd; 8034 } 8035 mutex_exit(QLOCK(sqp)); 8036 polllock(&stp->sd_pollist, QLOCK(tq)); 8037 } else 8038 retevents |= POLLOUT; 8039 } 8040 if (events & POLLWRBAND) { 8041 qbp = tq->q_bandp; 8042 if (qbp) { 8043 while (qbp) { 8044 if (qbp->qb_flag & QB_FULL) 8045 qbp->qb_flag |= QB_WANTW; 8046 else 8047 retevents |= POLLWRBAND; 8048 qbp = qbp->qb_next; 8049 } 8050 } else { 8051 retevents |= POLLWRBAND; 8052 } 8053 } 8054 mutex_exit(QLOCK(tq)); 8055 releasestr(qp); 8056 } 8057 chkrd: 8058 if (sd_flags & STRPRI) { 8059 retevents |= (events & POLLPRI); 8060 } else if (events & (POLLRDNORM | POLLRDBAND | POLLIN)) { 8061 queue_t *qp = _RD(stp->sd_wrq); 8062 int normevents = (events & (POLLIN | POLLRDNORM)); 8063 8064 /* 8065 * Note: Need to do polllock() here since ps_lock may be 8066 * held. See bug 4191544. 8067 */ 8068 polllock(&stp->sd_pollist, &stp->sd_lock); 8069 headlocked = 1; 8070 mp = qp->q_first; 8071 while (mp) { 8072 /* 8073 * For POLLRDDATA we scan b_cont and b_next until we 8074 * find an M_DATA. 8075 */ 8076 if ((events & POLLRDDATA) && 8077 mp->b_datap->db_type != M_DATA) { 8078 mblk_t *nmp = mp->b_cont; 8079 8080 while (nmp != NULL && 8081 nmp->b_datap->db_type != M_DATA) 8082 nmp = nmp->b_cont; 8083 if (nmp == NULL) { 8084 mp = mp->b_next; 8085 continue; 8086 } 8087 } 8088 if (mp->b_band == 0) 8089 retevents |= normevents; 8090 else 8091 retevents |= (events & (POLLIN | POLLRDBAND)); 8092 break; 8093 } 8094 if (! (retevents & normevents) && 8095 (stp->sd_wakeq & RSLEEP)) { 8096 /* 8097 * Sync stream barrier read queue has data. 8098 */ 8099 retevents |= normevents; 8100 } 8101 /* Treat eof as normal data */ 8102 if (sd_flags & STREOF) 8103 retevents |= normevents; 8104 } 8105 8106 *reventsp = (short)retevents; 8107 if (retevents) { 8108 if (headlocked) 8109 mutex_exit(&stp->sd_lock); 8110 return (0); 8111 } 8112 8113 /* 8114 * If poll() has not found any events yet, set up event cell 8115 * to wake up the poll if a requested event occurs on this 8116 * stream. Check for collisions with outstanding poll requests. 8117 */ 8118 if (!anyyet) { 8119 *phpp = &stp->sd_pollist; 8120 if (headlocked == 0) { 8121 polllock(&stp->sd_pollist, &stp->sd_lock); 8122 headlocked = 1; 8123 } 8124 stp->sd_rput_opt |= SR_POLLIN; 8125 } 8126 if (headlocked) 8127 mutex_exit(&stp->sd_lock); 8128 return (0); 8129 } 8130 8131 /* 8132 * The purpose of putback() is to assure sleeping polls/reads 8133 * are awakened when there are no new messages arriving at the, 8134 * stream head, and a message is placed back on the read queue. 8135 * 8136 * sd_lock must be held when messages are placed back on stream 8137 * head. (getq() holds sd_lock when it removes messages from 8138 * the queue) 8139 */ 8140 8141 static void 8142 putback(struct stdata *stp, queue_t *q, mblk_t *bp, int band) 8143 { 8144 ASSERT(MUTEX_HELD(&stp->sd_lock)); 8145 (void) putbq(q, bp); 8146 /* 8147 * A message may have come in when the sd_lock was dropped in the 8148 * calling routine. If this is the case and STR*ATMARK info was 8149 * received, need to move that from the stream head to the q_last 8150 * so that SIOCATMARK can return the proper value. 8151 */ 8152 if (stp->sd_flag & (STRATMARK | STRNOTATMARK)) { 8153 unsigned short *flagp = &q->q_last->b_flag; 8154 uint_t b_flag = (uint_t)*flagp; 8155 8156 if (stp->sd_flag & STRATMARK) { 8157 b_flag &= ~MSGNOTMARKNEXT; 8158 b_flag |= MSGMARKNEXT; 8159 stp->sd_flag &= ~STRATMARK; 8160 } else { 8161 b_flag &= ~MSGMARKNEXT; 8162 b_flag |= MSGNOTMARKNEXT; 8163 stp->sd_flag &= ~STRNOTATMARK; 8164 } 8165 *flagp = (unsigned short) b_flag; 8166 } 8167 8168 #ifdef DEBUG 8169 /* 8170 * Make sure that the flags are not messed up. 8171 */ 8172 { 8173 mblk_t *mp; 8174 mp = q->q_last; 8175 while (mp != NULL) { 8176 ASSERT((mp->b_flag & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 8177 (MSGMARKNEXT|MSGNOTMARKNEXT)); 8178 mp = mp->b_cont; 8179 } 8180 } 8181 #endif 8182 if (q->q_first == bp) { 8183 short pollevents; 8184 8185 if (stp->sd_flag & RSLEEP) { 8186 stp->sd_flag &= ~RSLEEP; 8187 cv_broadcast(&q->q_wait); 8188 } 8189 if (stp->sd_flag & STRPRI) { 8190 pollevents = POLLPRI; 8191 } else { 8192 if (band == 0) { 8193 if (!(stp->sd_rput_opt & SR_POLLIN)) 8194 return; 8195 stp->sd_rput_opt &= ~SR_POLLIN; 8196 pollevents = POLLIN | POLLRDNORM; 8197 } else { 8198 pollevents = POLLIN | POLLRDBAND; 8199 } 8200 } 8201 mutex_exit(&stp->sd_lock); 8202 pollwakeup(&stp->sd_pollist, pollevents); 8203 mutex_enter(&stp->sd_lock); 8204 } 8205 } 8206 8207 /* 8208 * Return the held vnode attached to the stream head of a 8209 * given queue 8210 * It is the responsibility of the calling routine to ensure 8211 * that the queue does not go away (e.g. pop). 8212 */ 8213 vnode_t * 8214 strq2vp(queue_t *qp) 8215 { 8216 vnode_t *vp; 8217 vp = STREAM(qp)->sd_vnode; 8218 ASSERT(vp != NULL); 8219 VN_HOLD(vp); 8220 return (vp); 8221 } 8222 8223 /* 8224 * return the stream head write queue for the given vp 8225 * It is the responsibility of the calling routine to ensure 8226 * that the stream or vnode do not close. 8227 */ 8228 queue_t * 8229 strvp2wq(vnode_t *vp) 8230 { 8231 ASSERT(vp->v_stream != NULL); 8232 return (vp->v_stream->sd_wrq); 8233 } 8234 8235 /* 8236 * pollwakeup stream head 8237 * It is the responsibility of the calling routine to ensure 8238 * that the stream or vnode do not close. 8239 */ 8240 void 8241 strpollwakeup(vnode_t *vp, short event) 8242 { 8243 ASSERT(vp->v_stream); 8244 pollwakeup(&vp->v_stream->sd_pollist, event); 8245 } 8246 8247 /* 8248 * Mate the stream heads of two vnodes together. If the two vnodes are the 8249 * same, we just make the write-side point at the read-side -- otherwise, 8250 * we do a full mate. Only works on vnodes associated with streams that are 8251 * still being built and thus have only a stream head. 8252 */ 8253 void 8254 strmate(vnode_t *vp1, vnode_t *vp2) 8255 { 8256 queue_t *wrq1 = strvp2wq(vp1); 8257 queue_t *wrq2 = strvp2wq(vp2); 8258 8259 /* 8260 * Verify that there are no modules on the stream yet. We also 8261 * rely on the stream head always having a service procedure to 8262 * avoid tweaking q_nfsrv. 8263 */ 8264 ASSERT(wrq1->q_next == NULL && wrq2->q_next == NULL); 8265 ASSERT(wrq1->q_qinfo->qi_srvp != NULL); 8266 ASSERT(wrq2->q_qinfo->qi_srvp != NULL); 8267 8268 /* 8269 * If the queues are the same, just twist; otherwise do a full mate. 8270 */ 8271 if (wrq1 == wrq2) { 8272 wrq1->q_next = _RD(wrq1); 8273 } else { 8274 wrq1->q_next = _RD(wrq2); 8275 wrq2->q_next = _RD(wrq1); 8276 STREAM(wrq1)->sd_mate = STREAM(wrq2); 8277 STREAM(wrq1)->sd_flag |= STRMATE; 8278 STREAM(wrq2)->sd_mate = STREAM(wrq1); 8279 STREAM(wrq2)->sd_flag |= STRMATE; 8280 } 8281 } 8282 8283 /* 8284 * XXX will go away when console is correctly fixed. 8285 * Clean up the console PIDS, from previous I_SETSIG, 8286 * called only for cnopen which never calls strclean(). 8287 */ 8288 void 8289 str_cn_clean(struct vnode *vp) 8290 { 8291 strsig_t *ssp, *pssp, *tssp; 8292 struct stdata *stp; 8293 struct pid *pidp; 8294 int update = 0; 8295 8296 ASSERT(vp->v_stream); 8297 stp = vp->v_stream; 8298 pssp = NULL; 8299 mutex_enter(&stp->sd_lock); 8300 ssp = stp->sd_siglist; 8301 while (ssp) { 8302 mutex_enter(&pidlock); 8303 pidp = ssp->ss_pidp; 8304 /* 8305 * Get rid of PID if the proc is gone. 8306 */ 8307 if (pidp->pid_prinactive) { 8308 tssp = ssp->ss_next; 8309 if (pssp) 8310 pssp->ss_next = tssp; 8311 else 8312 stp->sd_siglist = tssp; 8313 ASSERT(pidp->pid_ref <= 1); 8314 PID_RELE(ssp->ss_pidp); 8315 mutex_exit(&pidlock); 8316 kmem_free(ssp, sizeof (strsig_t)); 8317 update = 1; 8318 ssp = tssp; 8319 continue; 8320 } else 8321 mutex_exit(&pidlock); 8322 pssp = ssp; 8323 ssp = ssp->ss_next; 8324 } 8325 if (update) { 8326 stp->sd_sigflags = 0; 8327 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 8328 stp->sd_sigflags |= ssp->ss_events; 8329 } 8330 mutex_exit(&stp->sd_lock); 8331 } 8332 8333 /* 8334 * Return B_TRUE if there is data in the message, B_FALSE otherwise. 8335 */ 8336 static boolean_t 8337 msghasdata(mblk_t *bp) 8338 { 8339 for (; bp; bp = bp->b_cont) 8340 if (bp->b_datap->db_type == M_DATA) { 8341 ASSERT(bp->b_wptr >= bp->b_rptr); 8342 if (bp->b_wptr > bp->b_rptr) 8343 return (B_TRUE); 8344 } 8345 return (B_FALSE); 8346 } 8347