1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 22 /* All Rights Reserved */ 23 24 25 /* 26 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 27 * Use is subject to license terms. 28 */ 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #include <sys/types.h> 33 #include <sys/sysmacros.h> 34 #include <sys/param.h> 35 #include <sys/errno.h> 36 #include <sys/signal.h> 37 #include <sys/stat.h> 38 #include <sys/proc.h> 39 #include <sys/cred.h> 40 #include <sys/user.h> 41 #include <sys/vnode.h> 42 #include <sys/file.h> 43 #include <sys/stream.h> 44 #include <sys/strsubr.h> 45 #include <sys/stropts.h> 46 #include <sys/tihdr.h> 47 #include <sys/var.h> 48 #include <sys/poll.h> 49 #include <sys/termio.h> 50 #include <sys/ttold.h> 51 #include <sys/systm.h> 52 #include <sys/uio.h> 53 #include <sys/cmn_err.h> 54 #include <sys/sad.h> 55 #include <sys/priocntl.h> 56 #include <sys/jioctl.h> 57 #include <sys/procset.h> 58 #include <sys/session.h> 59 #include <sys/kmem.h> 60 #include <sys/filio.h> 61 #include <sys/vtrace.h> 62 #include <sys/debug.h> 63 #include <sys/strredir.h> 64 #include <sys/fs/fifonode.h> 65 #include <sys/fs/snode.h> 66 #include <sys/strlog.h> 67 #include <sys/strsun.h> 68 #include <sys/project.h> 69 #include <sys/kbio.h> 70 #include <sys/msio.h> 71 #include <sys/tty.h> 72 #include <sys/ptyvar.h> 73 #include <sys/vuid_event.h> 74 #include <sys/modctl.h> 75 #include <sys/sunddi.h> 76 #include <sys/sunldi_impl.h> 77 #include <sys/autoconf.h> 78 #include <sys/policy.h> 79 80 81 /* 82 * This define helps improve the readability of streams code while 83 * still maintaining a very old streams performance enhancement. The 84 * performance enhancement basically involved having all callers 85 * of straccess() perform the first check that straccess() will do 86 * locally before actually calling straccess(). (There by reducing 87 * the number of unnecessary calls to straccess().) 88 */ 89 #define i_straccess(x, y) ((stp->sd_sidp == NULL) ? 0 : \ 90 (stp->sd_vnode->v_type == VFIFO) ? 0 : \ 91 straccess((x), (y))) 92 93 /* 94 * what is mblk_pull_len? 95 * 96 * If a streams message consists of many short messages, 97 * a performance degradation occurs from copyout overhead. 98 * To decrease the per mblk overhead, messages that are 99 * likely to consist of many small mblks are pulled up into 100 * one continuous chunk of memory. 101 * 102 * To avoid the processing overhead of examining every 103 * mblk, a quick heuristic is used. If the first mblk in 104 * the message is shorter than mblk_pull_len, it is likely 105 * that the rest of the mblk will be short. 106 * 107 * This heuristic was decided upon after performance tests 108 * indicated that anything more complex slowed down the main 109 * code path. 110 */ 111 #define MBLK_PULL_LEN 64 112 uint32_t mblk_pull_len = MBLK_PULL_LEN; 113 114 /* 115 * The sgttyb_handling flag controls the handling of the old BSD 116 * TIOCGETP, TIOCSETP, and TIOCSETN ioctls as follows: 117 * 118 * 0 - Emit no warnings at all and retain old, broken behavior. 119 * 1 - Emit no warnings and silently handle new semantics. 120 * 2 - Send cmn_err(CE_NOTE) when either TIOCSETP or TIOCSETN is used 121 * (once per system invocation). Handle with new semantics. 122 * 3 - Send SIGSYS when any TIOCGETP, TIOCSETP, or TIOCSETN call is 123 * made (so that offenders drop core and are easy to debug). 124 * 125 * The "new semantics" are that TIOCGETP returns B38400 for 126 * sg_[io]speed if the corresponding value is over B38400, and that 127 * TIOCSET[PN] accept B38400 in these cases to mean "retain current 128 * bit rate." 129 */ 130 int sgttyb_handling = 1; 131 static boolean_t sgttyb_complaint; 132 133 /* don't push drcompat module by default on Style-2 streams */ 134 static int push_drcompat = 0; 135 136 /* 137 * id value used to distinguish between different ioctl messages 138 */ 139 static uint32_t ioc_id; 140 141 static void putback(struct stdata *, queue_t *, mblk_t *, int); 142 static void strcleanall(struct vnode *); 143 static int strwsrv(queue_t *); 144 145 /* 146 * qinit and module_info structures for stream head read and write queues 147 */ 148 struct module_info strm_info = { 0, "strrhead", 0, INFPSZ, STRHIGH, STRLOW }; 149 struct module_info stwm_info = { 0, "strwhead", 0, 0, 0, 0 }; 150 struct qinit strdata = { strrput, NULL, NULL, NULL, NULL, &strm_info }; 151 struct qinit stwdata = { NULL, strwsrv, NULL, NULL, NULL, &stwm_info }; 152 struct module_info fiform_info = { 0, "fifostrrhead", 0, PIPE_BUF, FIFOHIWAT, 153 FIFOLOWAT }; 154 struct module_info fifowm_info = { 0, "fifostrwhead", 0, 0, 0, 0 }; 155 struct qinit fifo_strdata = { strrput, NULL, NULL, NULL, NULL, &fiform_info }; 156 struct qinit fifo_stwdata = { NULL, strwsrv, NULL, NULL, NULL, &fifowm_info }; 157 158 extern kmutex_t strresources; /* protects global resources */ 159 extern kmutex_t muxifier; /* single-threads multiplexor creation */ 160 161 static boolean_t msghasdata(mblk_t *bp); 162 #define msgnodata(bp) (!msghasdata(bp)) 163 164 /* 165 * Stream head locking notes: 166 * There are four monitors associated with the stream head: 167 * 1. v_stream monitor: in stropen() and strclose() v_lock 168 * is held while the association of vnode and stream 169 * head is established or tested for. 170 * 2. open/close/push/pop monitor: sd_lock is held while each 171 * thread bids for exclusive access to this monitor 172 * for opening or closing a stream. In addition, this 173 * monitor is entered during pushes and pops. This 174 * guarantees that during plumbing operations there 175 * is only one thread trying to change the plumbing. 176 * Any other threads present in the stream are only 177 * using the plumbing. 178 * 3. read/write monitor: in the case of read, a thread holds 179 * sd_lock while trying to get data from the stream 180 * head queue. if there is none to fulfill a read 181 * request, it sets RSLEEP and calls cv_wait_sig() down 182 * in strwaitq() to await the arrival of new data. 183 * when new data arrives in strrput(), sd_lock is acquired 184 * before testing for RSLEEP and calling cv_broadcast(). 185 * the behavior of strwrite(), strwsrv(), and WSLEEP 186 * mirror this. 187 * 4. ioctl monitor: sd_lock is gotten to ensure that only one 188 * thread is doing an ioctl at a time. 189 */ 190 191 static int 192 push_mod(queue_t *qp, dev_t *devp, struct stdata *stp, const char *name, 193 int anchor, cred_t *crp) 194 { 195 int error; 196 fmodsw_impl_t *fp; 197 198 if (stp->sd_flag & (STRHUP|STRDERR|STWRERR)) { 199 error = (stp->sd_flag & STRHUP) ? ENXIO : EIO; 200 return (error); 201 } 202 if (stp->sd_pushcnt >= nstrpush) { 203 return (EINVAL); 204 } 205 206 if ((fp = fmodsw_find(name, FMODSW_HOLD | FMODSW_LOAD)) == NULL) { 207 stp->sd_flag |= STREOPENFAIL; 208 return (EINVAL); 209 } 210 211 /* 212 * push new module and call its open routine via qattach 213 */ 214 if ((error = qattach(qp, devp, 0, crp, fp, B_FALSE)) != 0) 215 return (error); 216 217 /* 218 * Check to see if caller wants a STREAMS anchor 219 * put at this place in the stream, and add if so. 220 */ 221 mutex_enter(&stp->sd_lock); 222 if (anchor == stp->sd_pushcnt) 223 stp->sd_anchor = stp->sd_pushcnt; 224 mutex_exit(&stp->sd_lock); 225 226 return (0); 227 } 228 229 /* 230 * Open a stream device. 231 */ 232 int 233 stropen(vnode_t *vp, dev_t *devp, int flag, cred_t *crp) 234 { 235 struct stdata *stp; 236 queue_t *qp; 237 int s; 238 dev_t dummydev; 239 struct autopush *ap; 240 int error = 0; 241 ssize_t rmin, rmax; 242 int cloneopen; 243 queue_t *brq; 244 major_t major; 245 246 #ifdef C2_AUDIT 247 if (audit_active) 248 audit_stropen(vp, devp, flag, crp); 249 #endif 250 251 /* 252 * If the stream already exists, wait for any open in progress 253 * to complete, then call the open function of each module and 254 * driver in the stream. Otherwise create the stream. 255 */ 256 TRACE_1(TR_FAC_STREAMS_FR, TR_STROPEN, "stropen:%p", vp); 257 retry: 258 mutex_enter(&vp->v_lock); 259 if ((stp = vp->v_stream) != NULL) { 260 261 /* 262 * Waiting for stream to be created to device 263 * due to another open. 264 */ 265 mutex_exit(&vp->v_lock); 266 267 if (STRMATED(stp)) { 268 struct stdata *strmatep = stp->sd_mate; 269 270 STRLOCKMATES(stp); 271 if (strmatep->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 272 if (flag & (FNDELAY|FNONBLOCK)) { 273 error = EAGAIN; 274 mutex_exit(&strmatep->sd_lock); 275 goto ckreturn; 276 } 277 mutex_exit(&stp->sd_lock); 278 if (!cv_wait_sig(&strmatep->sd_monitor, 279 &strmatep->sd_lock)) { 280 error = EINTR; 281 mutex_exit(&strmatep->sd_lock); 282 mutex_enter(&stp->sd_lock); 283 goto ckreturn; 284 } 285 mutex_exit(&strmatep->sd_lock); 286 goto retry; 287 } 288 if (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 289 if (flag & (FNDELAY|FNONBLOCK)) { 290 error = EAGAIN; 291 mutex_exit(&strmatep->sd_lock); 292 goto ckreturn; 293 } 294 mutex_exit(&strmatep->sd_lock); 295 if (!cv_wait_sig(&stp->sd_monitor, &stp->sd_lock)) { 296 error = EINTR; 297 goto ckreturn; 298 } 299 mutex_exit(&stp->sd_lock); 300 goto retry; 301 } 302 303 if (stp->sd_flag & (STRDERR|STWRERR)) { 304 error = EIO; 305 mutex_exit(&strmatep->sd_lock); 306 goto ckreturn; 307 } 308 309 stp->sd_flag |= STWOPEN; 310 STRUNLOCKMATES(stp); 311 } else { 312 mutex_enter(&stp->sd_lock); 313 if (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 314 if (flag & (FNDELAY|FNONBLOCK)) { 315 error = EAGAIN; 316 goto ckreturn; 317 } 318 if (!cv_wait_sig(&stp->sd_monitor, &stp->sd_lock)) { 319 error = EINTR; 320 goto ckreturn; 321 } 322 mutex_exit(&stp->sd_lock); 323 goto retry; /* could be clone! */ 324 } 325 326 if (stp->sd_flag & (STRDERR|STWRERR)) { 327 error = EIO; 328 goto ckreturn; 329 } 330 331 stp->sd_flag |= STWOPEN; 332 mutex_exit(&stp->sd_lock); 333 } 334 335 /* 336 * Open all modules and devices down stream to notify 337 * that another user is streaming. For modules, set the 338 * last argument to MODOPEN and do not pass any open flags. 339 * Ignore dummydev since this is not the first open. 340 */ 341 claimstr(stp->sd_wrq); 342 qp = stp->sd_wrq; 343 while (_SAMESTR(qp)) { 344 qp = qp->q_next; 345 if ((error = qreopen(_RD(qp), devp, flag, crp)) != 0) 346 break; 347 } 348 releasestr(stp->sd_wrq); 349 mutex_enter(&stp->sd_lock); 350 stp->sd_flag &= ~(STRHUP|STWOPEN|STRDERR|STWRERR); 351 stp->sd_rerror = 0; 352 stp->sd_werror = 0; 353 ckreturn: 354 cv_broadcast(&stp->sd_monitor); 355 mutex_exit(&stp->sd_lock); 356 return (error); 357 } 358 359 /* 360 * This vnode isn't streaming. SPECFS already 361 * checked for multiple vnodes pointing to the 362 * same stream, so create a stream to the driver. 363 */ 364 qp = allocq(); 365 stp = shalloc(qp); 366 367 /* 368 * Initialize stream head. shalloc() has given us 369 * exclusive access, and we have the vnode locked; 370 * we can do whatever we want with stp. 371 */ 372 stp->sd_flag = STWOPEN; 373 stp->sd_siglist = NULL; 374 stp->sd_pollist.ph_list = NULL; 375 stp->sd_sigflags = 0; 376 stp->sd_mark = NULL; 377 stp->sd_closetime = STRTIMOUT; 378 stp->sd_sidp = NULL; 379 stp->sd_pgidp = NULL; 380 stp->sd_vnode = vp; 381 stp->sd_rerror = 0; 382 stp->sd_werror = 0; 383 stp->sd_wroff = 0; 384 stp->sd_tail = 0; 385 stp->sd_iocblk = NULL; 386 stp->sd_pushcnt = 0; 387 stp->sd_qn_minpsz = 0; 388 stp->sd_qn_maxpsz = INFPSZ - 1; /* used to check for initialization */ 389 stp->sd_maxblk = INFPSZ; 390 qp->q_ptr = _WR(qp)->q_ptr = stp; 391 STREAM(qp) = STREAM(_WR(qp)) = stp; 392 vp->v_stream = stp; 393 mutex_exit(&vp->v_lock); 394 if (vp->v_type == VFIFO) { 395 stp->sd_flag |= OLDNDELAY; 396 /* 397 * This means, both for pipes and fifos 398 * strwrite will send SIGPIPE if the other 399 * end is closed. For putmsg it depends 400 * on whether it is a XPG4_2 application 401 * or not 402 */ 403 stp->sd_wput_opt = SW_SIGPIPE; 404 405 /* setq might sleep in kmem_alloc - avoid holding locks. */ 406 setq(qp, &fifo_strdata, &fifo_stwdata, NULL, QMTSAFE, 407 SQ_CI|SQ_CO, B_FALSE); 408 409 set_qend(qp); 410 stp->sd_strtab = fifo_getinfo(); 411 _WR(qp)->q_nfsrv = _WR(qp); 412 qp->q_nfsrv = qp; 413 /* 414 * Wake up others that are waiting for stream to be created. 415 */ 416 mutex_enter(&stp->sd_lock); 417 /* 418 * nothing is be pushed on stream yet, so 419 * optimized stream head packetsizes are just that 420 * of the read queue 421 */ 422 stp->sd_qn_minpsz = qp->q_minpsz; 423 stp->sd_qn_maxpsz = qp->q_maxpsz; 424 stp->sd_flag &= ~STWOPEN; 425 goto fifo_opendone; 426 } 427 /* setq might sleep in kmem_alloc - avoid holding locks. */ 428 setq(qp, &strdata, &stwdata, NULL, QMTSAFE, SQ_CI|SQ_CO, B_FALSE); 429 430 set_qend(qp); 431 432 /* 433 * Open driver and create stream to it (via qattach). 434 */ 435 cloneopen = (getmajor(*devp) == clone_major); 436 if ((error = qattach(qp, devp, flag, crp, NULL, B_FALSE)) != 0) { 437 mutex_enter(&vp->v_lock); 438 vp->v_stream = NULL; 439 mutex_exit(&vp->v_lock); 440 mutex_enter(&stp->sd_lock); 441 cv_broadcast(&stp->sd_monitor); 442 mutex_exit(&stp->sd_lock); 443 freeq(_RD(qp)); 444 shfree(stp); 445 return (error); 446 } 447 /* 448 * Set sd_strtab after open in order to handle clonable drivers 449 */ 450 stp->sd_strtab = STREAMSTAB(getmajor(*devp)); 451 452 /* 453 * Historical note: dummydev used to be be prior to the initial 454 * open (via qattach above), which made the value seen 455 * inconsistent between an I_PUSH and an autopush of a module. 456 */ 457 dummydev = *devp; 458 459 /* 460 * For clone open of old style (Q not associated) network driver, 461 * push DRMODNAME module to handle DL_ATTACH/DL_DETACH 462 */ 463 brq = _RD(_WR(qp)->q_next); 464 major = getmajor(*devp); 465 if (push_drcompat && cloneopen && NETWORK_DRV(major) && 466 ((brq->q_flag & _QASSOCIATED) == 0)) { 467 if (push_mod(qp, &dummydev, stp, DRMODNAME, 0, crp) != 0) 468 cmn_err(CE_WARN, "cannot push " DRMODNAME 469 " streams module"); 470 } 471 472 /* 473 * check for modules that need to be autopushed 474 */ 475 if ((ap = sad_ap_find_by_dev(*devp)) == NULL) 476 goto opendone; 477 for (s = 0; s < ap->ap_npush; s++) { 478 error = push_mod(qp, &dummydev, stp, ap->ap_list[s], 479 ap->ap_anchor, crp); 480 if (error != 0) 481 break; 482 } 483 sad_ap_rele(ap); 484 485 /* 486 * let specfs know that open failed part way through 487 */ 488 if (error) { 489 mutex_enter(&stp->sd_lock); 490 stp->sd_flag |= STREOPENFAIL; 491 mutex_exit(&stp->sd_lock); 492 } 493 494 opendone: 495 496 /* 497 * Wake up others that are waiting for stream to be created. 498 */ 499 mutex_enter(&stp->sd_lock); 500 stp->sd_flag &= ~STWOPEN; 501 502 /* 503 * As a performance concern we are caching the values of 504 * q_minpsz and q_maxpsz of the module below the stream 505 * head in the stream head. 506 */ 507 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 508 rmin = stp->sd_wrq->q_next->q_minpsz; 509 rmax = stp->sd_wrq->q_next->q_maxpsz; 510 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 511 512 /* do this processing here as a performance concern */ 513 if (strmsgsz != 0) { 514 if (rmax == INFPSZ) 515 rmax = strmsgsz; 516 else 517 rmax = MIN(strmsgsz, rmax); 518 } 519 520 mutex_enter(QLOCK(stp->sd_wrq)); 521 stp->sd_qn_minpsz = rmin; 522 stp->sd_qn_maxpsz = rmax; 523 mutex_exit(QLOCK(stp->sd_wrq)); 524 525 fifo_opendone: 526 cv_broadcast(&stp->sd_monitor); 527 mutex_exit(&stp->sd_lock); 528 return (error); 529 } 530 531 static int strsink(queue_t *, mblk_t *); 532 static struct qinit deadrend = { 533 strsink, NULL, NULL, NULL, NULL, &strm_info, NULL 534 }; 535 static struct qinit deadwend = { 536 NULL, NULL, NULL, NULL, NULL, &stwm_info, NULL 537 }; 538 539 /* 540 * Close a stream. 541 * This is called from closef() on the last close of an open stream. 542 * Strclean() will already have removed the siglist and pollist 543 * information, so all that remains is to remove all multiplexor links 544 * for the stream, pop all the modules (and the driver), and free the 545 * stream structure. 546 */ 547 548 int 549 strclose(struct vnode *vp, int flag, cred_t *crp) 550 { 551 struct stdata *stp; 552 queue_t *qp; 553 int rval; 554 int freestp = 1; 555 queue_t *rmq; 556 557 #ifdef C2_AUDIT 558 if (audit_active) 559 audit_strclose(vp, flag, crp); 560 #endif 561 562 TRACE_1(TR_FAC_STREAMS_FR, 563 TR_STRCLOSE, "strclose:%p", vp); 564 ASSERT(vp->v_stream); 565 566 stp = vp->v_stream; 567 ASSERT(!(stp->sd_flag & STPLEX)); 568 qp = stp->sd_wrq; 569 570 /* 571 * Needed so that strpoll will return non-zero for this fd. 572 * Note that with POLLNOERR STRHUP does still cause POLLHUP. 573 */ 574 mutex_enter(&stp->sd_lock); 575 stp->sd_flag |= STRHUP; 576 mutex_exit(&stp->sd_lock); 577 578 /* 579 * If the registered process or process group did not have an 580 * open instance of this stream then strclean would not be 581 * called. Thus at the time of closing all remaining siglist entries 582 * are removed. 583 */ 584 if (stp->sd_siglist != NULL) 585 strcleanall(vp); 586 587 ASSERT(stp->sd_siglist == NULL); 588 ASSERT(stp->sd_sigflags == 0); 589 590 if (STRMATED(stp)) { 591 struct stdata *strmatep = stp->sd_mate; 592 int waited = 1; 593 594 STRLOCKMATES(stp); 595 while (waited) { 596 waited = 0; 597 while (stp->sd_flag & (STWOPEN|STRCLOSE|STRPLUMB)) { 598 mutex_exit(&strmatep->sd_lock); 599 cv_wait(&stp->sd_monitor, &stp->sd_lock); 600 mutex_exit(&stp->sd_lock); 601 STRLOCKMATES(stp); 602 waited = 1; 603 } 604 while (strmatep->sd_flag & 605 (STWOPEN|STRCLOSE|STRPLUMB)) { 606 mutex_exit(&stp->sd_lock); 607 cv_wait(&strmatep->sd_monitor, 608 &strmatep->sd_lock); 609 mutex_exit(&strmatep->sd_lock); 610 STRLOCKMATES(stp); 611 waited = 1; 612 } 613 } 614 stp->sd_flag |= STRCLOSE; 615 STRUNLOCKMATES(stp); 616 } else { 617 mutex_enter(&stp->sd_lock); 618 stp->sd_flag |= STRCLOSE; 619 mutex_exit(&stp->sd_lock); 620 } 621 622 ASSERT(qp->q_first == NULL); /* No more delayed write */ 623 624 /* Check if an I_LINK was ever done on this stream */ 625 if (stp->sd_flag & STRHASLINKS) { 626 (void) munlinkall(stp, LINKCLOSE|LINKNORMAL, crp, &rval); 627 } 628 629 while (_SAMESTR(qp)) { 630 /* 631 * Holding sd_lock prevents q_next from changing in 632 * this stream. 633 */ 634 mutex_enter(&stp->sd_lock); 635 if (!(flag & (FNDELAY|FNONBLOCK)) && (stp->sd_closetime > 0)) { 636 637 /* 638 * sleep until awakened by strwsrv() or timeout 639 */ 640 for (;;) { 641 mutex_enter(QLOCK(qp->q_next)); 642 if (!(qp->q_next->q_mblkcnt)) { 643 mutex_exit(QLOCK(qp->q_next)); 644 break; 645 } 646 stp->sd_flag |= WSLEEP; 647 648 /* ensure strwsrv gets enabled */ 649 qp->q_next->q_flag |= QWANTW; 650 mutex_exit(QLOCK(qp->q_next)); 651 /* get out if we timed out or recv'd a signal */ 652 if (str_cv_wait(&qp->q_wait, &stp->sd_lock, 653 stp->sd_closetime, 0) <= 0) { 654 break; 655 } 656 } 657 stp->sd_flag &= ~WSLEEP; 658 } 659 mutex_exit(&stp->sd_lock); 660 661 rmq = qp->q_next; 662 if (rmq->q_flag & QISDRV) { 663 ASSERT(!_SAMESTR(rmq)); 664 wait_sq_svc(_RD(qp)->q_syncq); 665 } 666 667 qdetach(_RD(rmq), 1, flag, crp, B_FALSE); 668 } 669 670 /* 671 * Since we call pollwakeup in close() now, the poll list should 672 * be empty in most cases. The only exception is the layered devices 673 * (e.g. the console drivers with redirection modules pushed on top 674 * of it). We have to do this after calling qdetach() because 675 * the redirection module won't have torn down the console 676 * redirection until after qdetach() has been invoked. 677 */ 678 if (stp->sd_pollist.ph_list != NULL) { 679 pollwakeup(&stp->sd_pollist, POLLERR); 680 pollhead_clean(&stp->sd_pollist); 681 } 682 ASSERT(stp->sd_pollist.ph_list == NULL); 683 ASSERT(stp->sd_sidp == NULL); 684 ASSERT(stp->sd_pgidp == NULL); 685 686 /* Prevent qenable from re-enabling the stream head queue */ 687 disable_svc(_RD(qp)); 688 689 /* 690 * Wait until service procedure of each queue is 691 * run, if QINSERVICE is set. 692 */ 693 wait_svc(_RD(qp)); 694 695 /* 696 * Now, flush both queues. 697 */ 698 flushq(_RD(qp), FLUSHALL); 699 flushq(qp, FLUSHALL); 700 701 /* 702 * If the write queue of the stream head is pointing to a 703 * read queue, we have a twisted stream. If the read queue 704 * is alive, convert the stream head queues into a dead end. 705 * If the read queue is dead, free the dead pair. 706 */ 707 if (qp->q_next && !_SAMESTR(qp)) { 708 if (qp->q_next->q_qinfo == &deadrend) { /* half-closed pipe */ 709 flushq(qp->q_next, FLUSHALL); /* ensure no message */ 710 shfree(qp->q_next->q_stream); 711 freeq(qp->q_next); 712 freeq(_RD(qp)); 713 } else if (qp->q_next == _RD(qp)) { /* fifo */ 714 freeq(_RD(qp)); 715 } else { /* pipe */ 716 freestp = 0; 717 /* 718 * The q_info pointers are never accessed when 719 * SQLOCK is held. 720 */ 721 ASSERT(qp->q_syncq == _RD(qp)->q_syncq); 722 mutex_enter(SQLOCK(qp->q_syncq)); 723 qp->q_qinfo = &deadwend; 724 _RD(qp)->q_qinfo = &deadrend; 725 mutex_exit(SQLOCK(qp->q_syncq)); 726 } 727 } else { 728 freeq(_RD(qp)); /* free stream head queue pair */ 729 } 730 731 mutex_enter(&vp->v_lock); 732 if (stp->sd_iocblk) { 733 if (stp->sd_iocblk != (mblk_t *)-1) { 734 freemsg(stp->sd_iocblk); 735 } 736 stp->sd_iocblk = NULL; 737 } 738 stp->sd_vnode = NULL; 739 vp->v_stream = NULL; 740 mutex_exit(&vp->v_lock); 741 mutex_enter(&stp->sd_lock); 742 stp->sd_flag &= ~STRCLOSE; 743 cv_broadcast(&stp->sd_monitor); 744 mutex_exit(&stp->sd_lock); 745 746 if (freestp) 747 shfree(stp); 748 return (0); 749 } 750 751 static int 752 strsink(queue_t *q, mblk_t *bp) 753 { 754 struct copyresp *resp; 755 756 switch (bp->b_datap->db_type) { 757 case M_FLUSH: 758 if ((*bp->b_rptr & FLUSHW) && !(bp->b_flag & MSGNOLOOP)) { 759 *bp->b_rptr &= ~FLUSHR; 760 bp->b_flag |= MSGNOLOOP; 761 /* 762 * Protect against the driver passing up 763 * messages after it has done a qprocsoff. 764 */ 765 if (_OTHERQ(q)->q_next == NULL) 766 freemsg(bp); 767 else 768 qreply(q, bp); 769 } else { 770 freemsg(bp); 771 } 772 break; 773 774 case M_COPYIN: 775 case M_COPYOUT: 776 if (bp->b_cont) { 777 freemsg(bp->b_cont); 778 bp->b_cont = NULL; 779 } 780 bp->b_datap->db_type = M_IOCDATA; 781 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 782 resp = (struct copyresp *)bp->b_rptr; 783 resp->cp_rval = (caddr_t)1; /* failure */ 784 /* 785 * Protect against the driver passing up 786 * messages after it has done a qprocsoff. 787 */ 788 if (_OTHERQ(q)->q_next == NULL) 789 freemsg(bp); 790 else 791 qreply(q, bp); 792 break; 793 794 case M_IOCTL: 795 if (bp->b_cont) { 796 freemsg(bp->b_cont); 797 bp->b_cont = NULL; 798 } 799 bp->b_datap->db_type = M_IOCNAK; 800 /* 801 * Protect against the driver passing up 802 * messages after it has done a qprocsoff. 803 */ 804 if (_OTHERQ(q)->q_next == NULL) 805 freemsg(bp); 806 else 807 qreply(q, bp); 808 break; 809 810 default: 811 freemsg(bp); 812 break; 813 } 814 815 return (0); 816 } 817 818 /* 819 * Clean up after a process when it closes a stream. This is called 820 * from closef for all closes, whereas strclose is called only for the 821 * last close on a stream. The siglist is scanned for entries for the 822 * current process, and these are removed. 823 */ 824 void 825 strclean(struct vnode *vp) 826 { 827 strsig_t *ssp, *pssp, *tssp; 828 stdata_t *stp; 829 int update = 0; 830 831 TRACE_1(TR_FAC_STREAMS_FR, 832 TR_STRCLEAN, "strclean:%p", vp); 833 stp = vp->v_stream; 834 pssp = NULL; 835 mutex_enter(&stp->sd_lock); 836 ssp = stp->sd_siglist; 837 while (ssp) { 838 if (ssp->ss_pidp == curproc->p_pidp) { 839 tssp = ssp->ss_next; 840 if (pssp) 841 pssp->ss_next = tssp; 842 else 843 stp->sd_siglist = tssp; 844 mutex_enter(&pidlock); 845 PID_RELE(ssp->ss_pidp); 846 mutex_exit(&pidlock); 847 kmem_free(ssp, sizeof (strsig_t)); 848 update = 1; 849 ssp = tssp; 850 } else { 851 pssp = ssp; 852 ssp = ssp->ss_next; 853 } 854 } 855 if (update) { 856 stp->sd_sigflags = 0; 857 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 858 stp->sd_sigflags |= ssp->ss_events; 859 } 860 mutex_exit(&stp->sd_lock); 861 } 862 863 /* 864 * Used on the last close to remove any remaining items on the siglist. 865 * These could be present on the siglist due to I_ESETSIG calls that 866 * use process groups or processed that do not have an open file descriptor 867 * for this stream (Such entries would not be removed by strclean). 868 */ 869 static void 870 strcleanall(struct vnode *vp) 871 { 872 strsig_t *ssp, *nssp; 873 stdata_t *stp; 874 875 stp = vp->v_stream; 876 mutex_enter(&stp->sd_lock); 877 ssp = stp->sd_siglist; 878 stp->sd_siglist = NULL; 879 while (ssp) { 880 nssp = ssp->ss_next; 881 mutex_enter(&pidlock); 882 PID_RELE(ssp->ss_pidp); 883 mutex_exit(&pidlock); 884 kmem_free(ssp, sizeof (strsig_t)); 885 ssp = nssp; 886 } 887 stp->sd_sigflags = 0; 888 mutex_exit(&stp->sd_lock); 889 } 890 891 /* 892 * Retrieve the next message from the logical stream head read queue 893 * using either rwnext (if sync stream) or getq_noenab. 894 * It is the callers responsibility to call qbackenable after 895 * it is finished with the message. The caller should not call 896 * qbackenable until after any putback calls to avoid spurious backenabling. 897 */ 898 mblk_t * 899 strget(struct stdata *stp, queue_t *q, struct uio *uiop, int first, 900 int *errorp) 901 { 902 mblk_t *bp; 903 int error; 904 905 ASSERT(MUTEX_HELD(&stp->sd_lock)); 906 /* Holding sd_lock prevents the read queue from changing */ 907 908 if (uiop != NULL && stp->sd_struiordq != NULL && 909 q->q_first == NULL && 910 (!first || (stp->sd_wakeq & RSLEEP))) { 911 /* 912 * Stream supports rwnext() for the read side. 913 * If this is the first time we're called by e.g. strread 914 * only do the downcall if there is a deferred wakeup 915 * (registered in sd_wakeq). 916 */ 917 struiod_t uiod; 918 919 if (first) 920 stp->sd_wakeq &= ~RSLEEP; 921 922 (void) uiodup(uiop, &uiod.d_uio, uiod.d_iov, 923 sizeof (uiod.d_iov) / sizeof (*uiod.d_iov)); 924 uiod.d_mp = 0; 925 /* 926 * Mark that a thread is in rwnext on the read side 927 * to prevent strrput from nacking ioctls immediately. 928 * When the last concurrent rwnext returns 929 * the ioctls are nack'ed. 930 */ 931 ASSERT(MUTEX_HELD(&stp->sd_lock)); 932 stp->sd_struiodnak++; 933 /* 934 * Note: rwnext will drop sd_lock. 935 */ 936 error = rwnext(q, &uiod); 937 ASSERT(MUTEX_NOT_HELD(&stp->sd_lock)); 938 mutex_enter(&stp->sd_lock); 939 stp->sd_struiodnak--; 940 while (stp->sd_struiodnak == 0 && 941 ((bp = stp->sd_struionak) != NULL)) { 942 stp->sd_struionak = bp->b_next; 943 bp->b_next = NULL; 944 bp->b_datap->db_type = M_IOCNAK; 945 /* 946 * Protect against the driver passing up 947 * messages after it has done a qprocsoff. 948 */ 949 if (_OTHERQ(q)->q_next == NULL) 950 freemsg(bp); 951 else { 952 mutex_exit(&stp->sd_lock); 953 qreply(q, bp); 954 mutex_enter(&stp->sd_lock); 955 } 956 } 957 ASSERT(MUTEX_HELD(&stp->sd_lock)); 958 if (error == 0 || error == EWOULDBLOCK) { 959 if ((bp = uiod.d_mp) != NULL) { 960 *errorp = 0; 961 ASSERT(MUTEX_HELD(&stp->sd_lock)); 962 return (bp); 963 } 964 error = 0; 965 } else if (error == EINVAL) { 966 /* 967 * The stream plumbing must have 968 * changed while we were away, so 969 * just turn off rwnext()s. 970 */ 971 error = 0; 972 } else if (error == EBUSY) { 973 /* 974 * The module might have data in transit using putnext 975 * Fall back on waiting + getq. 976 */ 977 error = 0; 978 } else { 979 *errorp = error; 980 ASSERT(MUTEX_HELD(&stp->sd_lock)); 981 return (NULL); 982 } 983 /* 984 * Try a getq in case a rwnext() generated mblk 985 * has bubbled up via strrput(). 986 */ 987 } 988 *errorp = 0; 989 ASSERT(MUTEX_HELD(&stp->sd_lock)); 990 return (getq_noenab(q)); 991 } 992 993 /* 994 * Copy out the message pointed to by `bp' into the uio pointed to by `uiop'. 995 * If the message does not fit in the uio the remainder of it is returned; 996 * otherwise NULL is returned. Any embedded zero-length mblk_t's are 997 * consumed, even if uio_resid reaches zero. On error, `*errorp' is set to 998 * the error code, the message is consumed, and NULL is returned. 999 */ 1000 static mblk_t * 1001 struiocopyout(mblk_t *bp, struct uio *uiop, int *errorp) 1002 { 1003 int error; 1004 ptrdiff_t n; 1005 mblk_t *nbp; 1006 1007 ASSERT(bp->b_wptr >= bp->b_rptr); 1008 1009 do { 1010 if ((n = MIN(uiop->uio_resid, MBLKL(bp))) != 0) { 1011 ASSERT(n > 0); 1012 1013 error = uiomove(bp->b_rptr, n, UIO_READ, uiop); 1014 if (error != 0) { 1015 freemsg(bp); 1016 *errorp = error; 1017 return (NULL); 1018 } 1019 } 1020 1021 bp->b_rptr += n; 1022 while (bp != NULL && (bp->b_rptr >= bp->b_wptr)) { 1023 nbp = bp; 1024 bp = bp->b_cont; 1025 freeb(nbp); 1026 } 1027 } while (bp != NULL && uiop->uio_resid > 0); 1028 1029 *errorp = 0; 1030 return (bp); 1031 } 1032 1033 /* 1034 * Read a stream according to the mode flags in sd_flag: 1035 * 1036 * (default mode) - Byte stream, msg boundaries are ignored 1037 * RD_MSGDIS (msg discard) - Read on msg boundaries and throw away 1038 * any data remaining in msg 1039 * RD_MSGNODIS (msg non-discard) - Read on msg boundaries and put back 1040 * any remaining data on head of read queue 1041 * 1042 * Consume readable messages on the front of the queue until 1043 * ttolwp(curthread)->lwp_count 1044 * is satisfied, the readable messages are exhausted, or a message 1045 * boundary is reached in a message mode. If no data was read and 1046 * the stream was not opened with the NDELAY flag, block until data arrives. 1047 * Otherwise return the data read and update the count. 1048 * 1049 * In default mode a 0 length message signifies end-of-file and terminates 1050 * a read in progress. The 0 length message is removed from the queue 1051 * only if it is the only message read (no data is read). 1052 * 1053 * An attempt to read an M_PROTO or M_PCPROTO message results in an 1054 * EBADMSG error return, unless either RD_PROTDAT or RD_PROTDIS are set. 1055 * If RD_PROTDAT is set, M_PROTO and M_PCPROTO messages are read as data. 1056 * If RD_PROTDIS is set, the M_PROTO and M_PCPROTO parts of the message 1057 * are unlinked from and M_DATA blocks in the message, the protos are 1058 * thrown away, and the data is read. 1059 */ 1060 /* ARGSUSED */ 1061 int 1062 strread(struct vnode *vp, struct uio *uiop, cred_t *crp) 1063 { 1064 struct stdata *stp; 1065 mblk_t *bp, *nbp; 1066 queue_t *q; 1067 int error = 0; 1068 uint_t old_sd_flag; 1069 int first; 1070 char rflg; 1071 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 1072 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 1073 short delim; 1074 unsigned char pri = 0; 1075 char waitflag; 1076 unsigned char type; 1077 1078 TRACE_1(TR_FAC_STREAMS_FR, 1079 TR_STRREAD_ENTER, "strread:%p", vp); 1080 ASSERT(vp->v_stream); 1081 stp = vp->v_stream; 1082 1083 mutex_enter(&stp->sd_lock); 1084 1085 if ((error = i_straccess(stp, JCREAD)) != 0) { 1086 mutex_exit(&stp->sd_lock); 1087 return (error); 1088 } 1089 1090 if (stp->sd_flag & (STRDERR|STPLEX)) { 1091 error = strgeterr(stp, STRDERR|STPLEX, 0); 1092 if (error != 0) { 1093 mutex_exit(&stp->sd_lock); 1094 return (error); 1095 } 1096 } 1097 1098 /* 1099 * Loop terminates when uiop->uio_resid == 0. 1100 */ 1101 rflg = 0; 1102 waitflag = READWAIT; 1103 q = _RD(stp->sd_wrq); 1104 for (;;) { 1105 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1106 old_sd_flag = stp->sd_flag; 1107 mark = 0; 1108 delim = 0; 1109 first = 1; 1110 while ((bp = strget(stp, q, uiop, first, &error)) == NULL) { 1111 int done = 0; 1112 1113 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1114 1115 if (error != 0) 1116 goto oops; 1117 1118 if (stp->sd_flag & (STRHUP|STREOF)) { 1119 goto oops; 1120 } 1121 if (rflg && !(stp->sd_flag & STRDELIM)) { 1122 goto oops; 1123 } 1124 /* 1125 * If a read(fd,buf,0) has been done, there is no 1126 * need to sleep. We always have zero bytes to 1127 * return. 1128 */ 1129 if (uiop->uio_resid == 0) { 1130 goto oops; 1131 } 1132 1133 qbackenable(q, 0); 1134 1135 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_WAIT, 1136 "strread calls strwaitq:%p, %p, %p", 1137 vp, uiop, crp); 1138 if ((error = strwaitq(stp, waitflag, uiop->uio_resid, 1139 uiop->uio_fmode, -1, &done)) != 0 || done) { 1140 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_DONE, 1141 "strread error or done:%p, %p, %p", 1142 vp, uiop, crp); 1143 if ((uiop->uio_fmode & FNDELAY) && 1144 (stp->sd_flag & OLDNDELAY) && 1145 (error == EAGAIN)) 1146 error = 0; 1147 goto oops; 1148 } 1149 TRACE_3(TR_FAC_STREAMS_FR, TR_STRREAD_AWAKE, 1150 "strread awakes:%p, %p, %p", vp, uiop, crp); 1151 if ((error = i_straccess(stp, JCREAD)) != 0) { 1152 goto oops; 1153 } 1154 first = 0; 1155 } 1156 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1157 ASSERT(bp); 1158 pri = bp->b_band; 1159 /* 1160 * Extract any mark information. If the message is not 1161 * completely consumed this information will be put in the mblk 1162 * that is putback. 1163 * If MSGMARKNEXT is set and the message is completely consumed 1164 * the STRATMARK flag will be set below. Likewise, if 1165 * MSGNOTMARKNEXT is set and the message is 1166 * completely consumed STRNOTATMARK will be set. 1167 * 1168 * For some unknown reason strread only breaks the read at the 1169 * last mark. 1170 */ 1171 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 1172 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 1173 (MSGMARKNEXT|MSGNOTMARKNEXT)); 1174 if (mark != 0 && bp == stp->sd_mark) { 1175 if (rflg) { 1176 putback(stp, q, bp, pri); 1177 goto oops; 1178 } 1179 mark |= _LASTMARK; 1180 stp->sd_mark = NULL; 1181 } 1182 if ((stp->sd_flag & STRDELIM) && (bp->b_flag & MSGDELIM)) 1183 delim = 1; 1184 mutex_exit(&stp->sd_lock); 1185 1186 if (STREAM_NEEDSERVICE(stp)) 1187 stream_runservice(stp); 1188 1189 type = bp->b_datap->db_type; 1190 1191 switch (type) { 1192 1193 case M_DATA: 1194 ismdata: 1195 if (msgnodata(bp)) { 1196 if (mark || delim) { 1197 freemsg(bp); 1198 } else if (rflg) { 1199 1200 /* 1201 * If already read data put zero 1202 * length message back on queue else 1203 * free msg and return 0. 1204 */ 1205 bp->b_band = pri; 1206 mutex_enter(&stp->sd_lock); 1207 putback(stp, q, bp, pri); 1208 mutex_exit(&stp->sd_lock); 1209 } else { 1210 freemsg(bp); 1211 } 1212 error = 0; 1213 goto oops1; 1214 } 1215 1216 rflg = 1; 1217 waitflag |= NOINTR; 1218 bp = struiocopyout(bp, uiop, &error); 1219 if (error != 0) 1220 goto oops1; 1221 1222 mutex_enter(&stp->sd_lock); 1223 if (bp) { 1224 /* 1225 * Have remaining data in message. 1226 * Free msg if in discard mode. 1227 */ 1228 if (stp->sd_read_opt & RD_MSGDIS) { 1229 freemsg(bp); 1230 } else { 1231 bp->b_band = pri; 1232 if ((mark & _LASTMARK) && 1233 (stp->sd_mark == NULL)) 1234 stp->sd_mark = bp; 1235 bp->b_flag |= mark & ~_LASTMARK; 1236 if (delim) 1237 bp->b_flag |= MSGDELIM; 1238 if (msgnodata(bp)) 1239 freemsg(bp); 1240 else 1241 putback(stp, q, bp, pri); 1242 } 1243 } else { 1244 /* 1245 * Consumed the complete message. 1246 * Move the MSG*MARKNEXT information 1247 * to the stream head just in case 1248 * the read queue becomes empty. 1249 * 1250 * If the stream head was at the mark 1251 * (STRATMARK) before we dropped sd_lock above 1252 * and some data was consumed then we have 1253 * moved past the mark thus STRATMARK is 1254 * cleared. However, if a message arrived in 1255 * strrput during the copyout above causing 1256 * STRATMARK to be set we can not clear that 1257 * flag. 1258 */ 1259 if (mark & 1260 (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 1261 if (mark & MSGMARKNEXT) { 1262 stp->sd_flag &= ~STRNOTATMARK; 1263 stp->sd_flag |= STRATMARK; 1264 } else if (mark & MSGNOTMARKNEXT) { 1265 stp->sd_flag &= ~STRATMARK; 1266 stp->sd_flag |= STRNOTATMARK; 1267 } else { 1268 stp->sd_flag &= 1269 ~(STRATMARK|STRNOTATMARK); 1270 } 1271 } else if (rflg && (old_sd_flag & STRATMARK)) { 1272 stp->sd_flag &= ~STRATMARK; 1273 } 1274 } 1275 1276 /* 1277 * Check for signal messages at the front of the read 1278 * queue and generate the signal(s) if appropriate. 1279 * The only signal that can be on queue is M_SIG at 1280 * this point. 1281 */ 1282 while ((((bp = q->q_first)) != NULL) && 1283 (bp->b_datap->db_type == M_SIG)) { 1284 bp = getq_noenab(q); 1285 /* 1286 * sd_lock is held so the content of the 1287 * read queue can not change. 1288 */ 1289 ASSERT(bp != NULL && 1290 bp->b_datap->db_type == M_SIG); 1291 strsignal_nolock(stp, *bp->b_rptr, 1292 (int32_t)bp->b_band); 1293 mutex_exit(&stp->sd_lock); 1294 freemsg(bp); 1295 if (STREAM_NEEDSERVICE(stp)) 1296 stream_runservice(stp); 1297 mutex_enter(&stp->sd_lock); 1298 } 1299 1300 if ((uiop->uio_resid == 0) || (mark & _LASTMARK) || 1301 delim || 1302 (stp->sd_read_opt & (RD_MSGDIS|RD_MSGNODIS))) { 1303 goto oops; 1304 } 1305 continue; 1306 1307 case M_SIG: 1308 strsignal(stp, *bp->b_rptr, (int32_t)bp->b_band); 1309 freemsg(bp); 1310 mutex_enter(&stp->sd_lock); 1311 continue; 1312 1313 case M_PROTO: 1314 case M_PCPROTO: 1315 /* 1316 * Only data messages are readable. 1317 * Any others generate an error, unless 1318 * RD_PROTDIS or RD_PROTDAT is set. 1319 */ 1320 if (stp->sd_read_opt & RD_PROTDAT) { 1321 for (nbp = bp; nbp; nbp = nbp->b_next) { 1322 if ((nbp->b_datap->db_type == M_PROTO) || 1323 (nbp->b_datap->db_type == M_PCPROTO)) 1324 nbp->b_datap->db_type = M_DATA; 1325 else 1326 break; 1327 } 1328 /* 1329 * clear stream head hi pri flag based on 1330 * first message 1331 */ 1332 if (type == M_PCPROTO) { 1333 mutex_enter(&stp->sd_lock); 1334 stp->sd_flag &= ~STRPRI; 1335 mutex_exit(&stp->sd_lock); 1336 } 1337 goto ismdata; 1338 } else if (stp->sd_read_opt & RD_PROTDIS) { 1339 /* 1340 * discard non-data messages 1341 */ 1342 while (bp && 1343 ((bp->b_datap->db_type == M_PROTO) || 1344 (bp->b_datap->db_type == M_PCPROTO))) { 1345 nbp = unlinkb(bp); 1346 freeb(bp); 1347 bp = nbp; 1348 } 1349 /* 1350 * clear stream head hi pri flag based on 1351 * first message 1352 */ 1353 if (type == M_PCPROTO) { 1354 mutex_enter(&stp->sd_lock); 1355 stp->sd_flag &= ~STRPRI; 1356 mutex_exit(&stp->sd_lock); 1357 } 1358 if (bp) { 1359 bp->b_band = pri; 1360 goto ismdata; 1361 } else { 1362 break; 1363 } 1364 } 1365 /* FALLTHRU */ 1366 case M_PASSFP: 1367 if ((bp->b_datap->db_type == M_PASSFP) && 1368 (stp->sd_read_opt & RD_PROTDIS)) { 1369 freemsg(bp); 1370 break; 1371 } 1372 mutex_enter(&stp->sd_lock); 1373 putback(stp, q, bp, pri); 1374 mutex_exit(&stp->sd_lock); 1375 if (rflg == 0) 1376 error = EBADMSG; 1377 goto oops1; 1378 1379 default: 1380 /* 1381 * Garbage on stream head read queue. 1382 */ 1383 cmn_err(CE_WARN, "bad %x found at stream head\n", 1384 bp->b_datap->db_type); 1385 freemsg(bp); 1386 goto oops1; 1387 } 1388 mutex_enter(&stp->sd_lock); 1389 } 1390 oops: 1391 mutex_exit(&stp->sd_lock); 1392 oops1: 1393 qbackenable(q, pri); 1394 return (error); 1395 #undef _LASTMARK 1396 } 1397 1398 /* 1399 * Default processing of M_PROTO/M_PCPROTO messages. 1400 * Determine which wakeups and signals are needed. 1401 * This can be replaced by a user-specified procedure for kernel users 1402 * of STREAMS. 1403 */ 1404 /* ARGSUSED */ 1405 mblk_t * 1406 strrput_proto(vnode_t *vp, mblk_t *mp, 1407 strwakeup_t *wakeups, strsigset_t *firstmsgsigs, 1408 strsigset_t *allmsgsigs, strpollset_t *pollwakeups) 1409 { 1410 *wakeups = RSLEEP; 1411 *allmsgsigs = 0; 1412 1413 switch (mp->b_datap->db_type) { 1414 case M_PROTO: 1415 if (mp->b_band == 0) { 1416 *firstmsgsigs = S_INPUT | S_RDNORM; 1417 *pollwakeups = POLLIN | POLLRDNORM; 1418 } else { 1419 *firstmsgsigs = S_INPUT | S_RDBAND; 1420 *pollwakeups = POLLIN | POLLRDBAND; 1421 } 1422 break; 1423 case M_PCPROTO: 1424 *firstmsgsigs = S_HIPRI; 1425 *pollwakeups = POLLPRI; 1426 break; 1427 } 1428 return (mp); 1429 } 1430 1431 /* 1432 * Default processing of everything but M_DATA, M_PROTO, M_PCPROTO and 1433 * M_PASSFP messages. 1434 * Determine which wakeups and signals are needed. 1435 * This can be replaced by a user-specified procedure for kernel users 1436 * of STREAMS. 1437 */ 1438 /* ARGSUSED */ 1439 mblk_t * 1440 strrput_misc(vnode_t *vp, mblk_t *mp, 1441 strwakeup_t *wakeups, strsigset_t *firstmsgsigs, 1442 strsigset_t *allmsgsigs, strpollset_t *pollwakeups) 1443 { 1444 *wakeups = 0; 1445 *firstmsgsigs = 0; 1446 *allmsgsigs = 0; 1447 *pollwakeups = 0; 1448 return (mp); 1449 } 1450 1451 /* 1452 * Stream read put procedure. Called from downstream driver/module 1453 * with messages for the stream head. Data, protocol, and in-stream 1454 * signal messages are placed on the queue, others are handled directly. 1455 */ 1456 int 1457 strrput(queue_t *q, mblk_t *bp) 1458 { 1459 struct stdata *stp; 1460 ulong_t rput_opt; 1461 strwakeup_t wakeups; 1462 strsigset_t firstmsgsigs; /* Signals if first message on queue */ 1463 strsigset_t allmsgsigs; /* Signals for all messages */ 1464 strsigset_t signals; /* Signals events to generate */ 1465 strpollset_t pollwakeups; 1466 mblk_t *nextbp; 1467 uchar_t band = 0; 1468 int hipri_sig; 1469 1470 stp = (struct stdata *)q->q_ptr; 1471 /* 1472 * Use rput_opt for optimized access to the SR_ flags except 1473 * SR_POLLIN. That flag has to be checked under sd_lock since it 1474 * is modified by strpoll(). 1475 */ 1476 rput_opt = stp->sd_rput_opt; 1477 1478 ASSERT(qclaimed(q)); 1479 TRACE_2(TR_FAC_STREAMS_FR, TR_STRRPUT_ENTER, 1480 "strrput called with message type:q %p bp %p", q, bp); 1481 1482 /* 1483 * Perform initial processing and pass to the parameterized functions. 1484 */ 1485 ASSERT(bp->b_next == NULL); 1486 1487 switch (bp->b_datap->db_type) { 1488 case M_DATA: 1489 /* 1490 * sockfs is the only consumer of STREOF and when it is set, 1491 * it implies that the receiver is not interested in receiving 1492 * any more data, hence the mblk is freed to prevent unnecessary 1493 * message queueing at the stream head. 1494 */ 1495 if (stp->sd_flag == STREOF) { 1496 freemsg(bp); 1497 return (0); 1498 } 1499 if ((rput_opt & SR_IGN_ZEROLEN) && 1500 bp->b_rptr == bp->b_wptr && msgnodata(bp)) { 1501 /* 1502 * Ignore zero-length M_DATA messages. These might be 1503 * generated by some transports. 1504 * The zero-length M_DATA messages, even if they 1505 * are ignored, should effect the atmark tracking and 1506 * should wake up a thread sleeping in strwaitmark. 1507 */ 1508 mutex_enter(&stp->sd_lock); 1509 if (bp->b_flag & MSGMARKNEXT) { 1510 /* 1511 * Record the position of the mark either 1512 * in q_last or in STRATMARK. 1513 */ 1514 if (q->q_last != NULL) { 1515 q->q_last->b_flag &= ~MSGNOTMARKNEXT; 1516 q->q_last->b_flag |= MSGMARKNEXT; 1517 } else { 1518 stp->sd_flag &= ~STRNOTATMARK; 1519 stp->sd_flag |= STRATMARK; 1520 } 1521 } else if (bp->b_flag & MSGNOTMARKNEXT) { 1522 /* 1523 * Record that this is not the position of 1524 * the mark either in q_last or in 1525 * STRNOTATMARK. 1526 */ 1527 if (q->q_last != NULL) { 1528 q->q_last->b_flag &= ~MSGMARKNEXT; 1529 q->q_last->b_flag |= MSGNOTMARKNEXT; 1530 } else { 1531 stp->sd_flag &= ~STRATMARK; 1532 stp->sd_flag |= STRNOTATMARK; 1533 } 1534 } 1535 if (stp->sd_flag & RSLEEP) { 1536 stp->sd_flag &= ~RSLEEP; 1537 cv_broadcast(&q->q_wait); 1538 } 1539 mutex_exit(&stp->sd_lock); 1540 freemsg(bp); 1541 return (0); 1542 } 1543 wakeups = RSLEEP; 1544 if (bp->b_band == 0) { 1545 firstmsgsigs = S_INPUT | S_RDNORM; 1546 pollwakeups = POLLIN | POLLRDNORM; 1547 } else { 1548 firstmsgsigs = S_INPUT | S_RDBAND; 1549 pollwakeups = POLLIN | POLLRDBAND; 1550 } 1551 if (rput_opt & SR_SIGALLDATA) 1552 allmsgsigs = firstmsgsigs; 1553 else 1554 allmsgsigs = 0; 1555 1556 mutex_enter(&stp->sd_lock); 1557 if ((rput_opt & SR_CONSOL_DATA) && 1558 (bp->b_flag & (MSGMARK|MSGDELIM)) == 0) { 1559 /* 1560 * Consolidate on M_DATA message onto an M_DATA, 1561 * M_PROTO, or M_PCPROTO by merging it with q_last. 1562 * The consolidation does not take place if 1563 * the old message is marked with either of the 1564 * marks or the delim flag or if the new 1565 * message is marked with MSGMARK. The MSGMARK 1566 * check is needed to handle the odd semantics of 1567 * MSGMARK where essentially the whole message 1568 * is to be treated as marked. 1569 * Carry any MSGMARKNEXT and MSGNOTMARKNEXT from the 1570 * new message to the front of the b_cont chain. 1571 */ 1572 mblk_t *lbp; 1573 1574 lbp = q->q_last; 1575 if (lbp != NULL && 1576 (lbp->b_datap->db_type == M_DATA || 1577 lbp->b_datap->db_type == M_PROTO || 1578 lbp->b_datap->db_type == M_PCPROTO) && 1579 !(lbp->b_flag & (MSGDELIM|MSGMARK| 1580 MSGMARKNEXT))) { 1581 rmvq_noenab(q, lbp); 1582 /* 1583 * The first message in the b_cont list 1584 * tracks MSGMARKNEXT and MSGNOTMARKNEXT. 1585 * We need to handle the case where we 1586 * are appending 1587 * 1588 * 1) a MSGMARKNEXT to a MSGNOTMARKNEXT. 1589 * 2) a MSGMARKNEXT to a plain message. 1590 * 3) a MSGNOTMARKNEXT to a plain message 1591 * 4) a MSGNOTMARKNEXT to a MSGNOTMARKNEXT 1592 * message. 1593 * 1594 * Thus we never append a MSGMARKNEXT or 1595 * MSGNOTMARKNEXT to a MSGMARKNEXT message. 1596 */ 1597 if (bp->b_flag & MSGMARKNEXT) { 1598 lbp->b_flag |= MSGMARKNEXT; 1599 lbp->b_flag &= ~MSGNOTMARKNEXT; 1600 bp->b_flag &= ~MSGMARKNEXT; 1601 } else if (bp->b_flag & MSGNOTMARKNEXT) { 1602 lbp->b_flag |= MSGNOTMARKNEXT; 1603 bp->b_flag &= ~MSGNOTMARKNEXT; 1604 } 1605 1606 linkb(lbp, bp); 1607 bp = lbp; 1608 /* 1609 * The new message logically isn't the first 1610 * even though the q_first check below thinks 1611 * it is. Clear the firstmsgsigs to make it 1612 * not appear to be first. 1613 */ 1614 firstmsgsigs = 0; 1615 } 1616 } 1617 break; 1618 1619 case M_PASSFP: 1620 wakeups = RSLEEP; 1621 allmsgsigs = 0; 1622 if (bp->b_band == 0) { 1623 firstmsgsigs = S_INPUT | S_RDNORM; 1624 pollwakeups = POLLIN | POLLRDNORM; 1625 } else { 1626 firstmsgsigs = S_INPUT | S_RDBAND; 1627 pollwakeups = POLLIN | POLLRDBAND; 1628 } 1629 mutex_enter(&stp->sd_lock); 1630 break; 1631 1632 case M_PROTO: 1633 case M_PCPROTO: 1634 ASSERT(stp->sd_rprotofunc != NULL); 1635 bp = (stp->sd_rprotofunc)(stp->sd_vnode, bp, 1636 &wakeups, &firstmsgsigs, &allmsgsigs, &pollwakeups); 1637 #define ALLSIG (S_INPUT|S_HIPRI|S_OUTPUT|S_MSG|S_ERROR|S_HANGUP|S_RDNORM|\ 1638 S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG) 1639 #define ALLPOLL (POLLIN|POLLPRI|POLLOUT|POLLRDNORM|POLLWRNORM|POLLRDBAND|\ 1640 POLLWRBAND) 1641 1642 ASSERT((wakeups & ~(RSLEEP|WSLEEP)) == 0); 1643 ASSERT((firstmsgsigs & ~ALLSIG) == 0); 1644 ASSERT((allmsgsigs & ~ALLSIG) == 0); 1645 ASSERT((pollwakeups & ~ALLPOLL) == 0); 1646 1647 mutex_enter(&stp->sd_lock); 1648 break; 1649 1650 default: 1651 ASSERT(stp->sd_rmiscfunc != NULL); 1652 bp = (stp->sd_rmiscfunc)(stp->sd_vnode, bp, 1653 &wakeups, &firstmsgsigs, &allmsgsigs, &pollwakeups); 1654 ASSERT((wakeups & ~(RSLEEP|WSLEEP)) == 0); 1655 ASSERT((firstmsgsigs & ~ALLSIG) == 0); 1656 ASSERT((allmsgsigs & ~ALLSIG) == 0); 1657 ASSERT((pollwakeups & ~ALLPOLL) == 0); 1658 #undef ALLSIG 1659 #undef ALLPOLL 1660 mutex_enter(&stp->sd_lock); 1661 break; 1662 } 1663 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1664 1665 /* By default generate superset of signals */ 1666 signals = (firstmsgsigs | allmsgsigs); 1667 1668 /* 1669 * The proto and misc functions can return multiple messages 1670 * as a b_next chain. Such messages are processed separately. 1671 */ 1672 one_more: 1673 hipri_sig = 0; 1674 if (bp == NULL) { 1675 nextbp = NULL; 1676 } else { 1677 nextbp = bp->b_next; 1678 bp->b_next = NULL; 1679 1680 switch (bp->b_datap->db_type) { 1681 case M_PCPROTO: 1682 /* 1683 * Only one priority protocol message is allowed at the 1684 * stream head at a time. 1685 */ 1686 if (stp->sd_flag & STRPRI) { 1687 TRACE_0(TR_FAC_STREAMS_FR, TR_STRRPUT_PROTERR, 1688 "M_PCPROTO already at head"); 1689 freemsg(bp); 1690 mutex_exit(&stp->sd_lock); 1691 goto done; 1692 } 1693 stp->sd_flag |= STRPRI; 1694 hipri_sig = 1; 1695 /* FALLTHRU */ 1696 case M_DATA: 1697 case M_PROTO: 1698 case M_PASSFP: 1699 band = bp->b_band; 1700 /* 1701 * Marking doesn't work well when messages 1702 * are marked in more than one band. We only 1703 * remember the last message received, even if 1704 * it is placed on the queue ahead of other 1705 * marked messages. 1706 */ 1707 if (bp->b_flag & MSGMARK) 1708 stp->sd_mark = bp; 1709 (void) putq(q, bp); 1710 1711 /* 1712 * If message is a PCPROTO message, always use 1713 * firstmsgsigs to determine if a signal should be 1714 * sent as strrput is the only place to send 1715 * signals for PCPROTO. Other messages are based on 1716 * the STRGETINPROG flag. The flag determines if 1717 * strrput or (k)strgetmsg will be responsible for 1718 * sending the signals, in the firstmsgsigs case. 1719 */ 1720 if ((hipri_sig == 1) || 1721 (((stp->sd_flag & STRGETINPROG) == 0) && 1722 (q->q_first == bp))) 1723 signals = (firstmsgsigs | allmsgsigs); 1724 else 1725 signals = allmsgsigs; 1726 break; 1727 1728 default: 1729 mutex_exit(&stp->sd_lock); 1730 (void) strrput_nondata(q, bp); 1731 mutex_enter(&stp->sd_lock); 1732 break; 1733 } 1734 } 1735 ASSERT(MUTEX_HELD(&stp->sd_lock)); 1736 /* 1737 * Wake sleeping read/getmsg and cancel deferred wakeup 1738 */ 1739 if (wakeups & RSLEEP) 1740 stp->sd_wakeq &= ~RSLEEP; 1741 1742 wakeups &= stp->sd_flag; 1743 if (wakeups & RSLEEP) { 1744 stp->sd_flag &= ~RSLEEP; 1745 cv_broadcast(&q->q_wait); 1746 } 1747 if (wakeups & WSLEEP) { 1748 stp->sd_flag &= ~WSLEEP; 1749 cv_broadcast(&_WR(q)->q_wait); 1750 } 1751 1752 if (pollwakeups != 0) { 1753 if (pollwakeups == (POLLIN | POLLRDNORM)) { 1754 /* 1755 * Can't use rput_opt since it was not 1756 * read when sd_lock was held and SR_POLLIN is changed 1757 * by strpoll() under sd_lock. 1758 */ 1759 if (!(stp->sd_rput_opt & SR_POLLIN)) 1760 goto no_pollwake; 1761 stp->sd_rput_opt &= ~SR_POLLIN; 1762 } 1763 mutex_exit(&stp->sd_lock); 1764 pollwakeup(&stp->sd_pollist, pollwakeups); 1765 mutex_enter(&stp->sd_lock); 1766 } 1767 no_pollwake: 1768 1769 /* 1770 * strsendsig can handle multiple signals with a 1771 * single call. 1772 */ 1773 if (stp->sd_sigflags & signals) 1774 strsendsig(stp->sd_siglist, signals, band, 0); 1775 mutex_exit(&stp->sd_lock); 1776 1777 1778 done: 1779 if (nextbp == NULL) 1780 return (0); 1781 1782 /* 1783 * Any signals were handled the first time. 1784 * Wakeups and pollwakeups are redone to avoid any race 1785 * conditions - all the messages are not queued until the 1786 * last message has been processed by strrput. 1787 */ 1788 bp = nextbp; 1789 signals = firstmsgsigs = allmsgsigs = 0; 1790 mutex_enter(&stp->sd_lock); 1791 goto one_more; 1792 } 1793 1794 static void 1795 log_dupioc(queue_t *rq, mblk_t *bp) 1796 { 1797 queue_t *wq, *qp; 1798 char *modnames, *mnp, *dname; 1799 size_t maxmodstr; 1800 boolean_t islast; 1801 1802 /* 1803 * Allocate a buffer large enough to hold the names of nstrpush modules 1804 * and one driver, with spaces between and NUL terminator. If we can't 1805 * get memory, then we'll just log the driver name. 1806 */ 1807 maxmodstr = nstrpush * (FMNAMESZ + 1); 1808 mnp = modnames = kmem_alloc(maxmodstr, KM_NOSLEEP); 1809 1810 /* march down write side to print log message down to the driver */ 1811 wq = WR(rq); 1812 1813 /* make sure q_next doesn't shift around while we're grabbing data */ 1814 claimstr(wq); 1815 qp = wq->q_next; 1816 do { 1817 if ((dname = qp->q_qinfo->qi_minfo->mi_idname) == NULL) 1818 dname = "?"; 1819 islast = !SAMESTR(qp) || qp->q_next == NULL; 1820 if (modnames == NULL) { 1821 /* 1822 * If we don't have memory, then get the driver name in 1823 * the log where we can see it. Note that memory 1824 * pressure is a possible cause of these sorts of bugs. 1825 */ 1826 if (islast) { 1827 modnames = dname; 1828 maxmodstr = 0; 1829 } 1830 } else { 1831 mnp += snprintf(mnp, FMNAMESZ + 1, "%s", dname); 1832 if (!islast) 1833 *mnp++ = ' '; 1834 } 1835 qp = qp->q_next; 1836 } while (!islast); 1837 releasestr(wq); 1838 /* Cannot happen unless stream head is corrupt. */ 1839 ASSERT(modnames != NULL); 1840 (void) strlog(rq->q_qinfo->qi_minfo->mi_idnum, 0, 1, 1841 SL_CONSOLE|SL_TRACE|SL_ERROR, 1842 "Warning: stream %p received duplicate %X M_IOC%s; module list: %s", 1843 rq->q_ptr, ((struct iocblk *)bp->b_rptr)->ioc_cmd, 1844 (DB_TYPE(bp) == M_IOCACK ? "ACK" : "NAK"), modnames); 1845 if (maxmodstr != 0) 1846 kmem_free(modnames, maxmodstr); 1847 } 1848 1849 int 1850 strrput_nondata(queue_t *q, mblk_t *bp) 1851 { 1852 struct stdata *stp; 1853 struct iocblk *iocbp; 1854 struct stroptions *sop; 1855 struct copyreq *reqp; 1856 struct copyresp *resp; 1857 unsigned char bpri; 1858 unsigned char flushed_already = 0; 1859 1860 stp = (struct stdata *)q->q_ptr; 1861 1862 ASSERT(!(stp->sd_flag & STPLEX)); 1863 ASSERT(qclaimed(q)); 1864 1865 switch (bp->b_datap->db_type) { 1866 case M_ERROR: 1867 /* 1868 * An error has occurred downstream, the errno is in the first 1869 * bytes of the message. 1870 */ 1871 if ((bp->b_wptr - bp->b_rptr) == 2) { /* New flavor */ 1872 unsigned char rw = 0; 1873 1874 mutex_enter(&stp->sd_lock); 1875 if (*bp->b_rptr != NOERROR) { /* read error */ 1876 if (*bp->b_rptr != 0) { 1877 if (stp->sd_flag & STRDERR) 1878 flushed_already |= FLUSHR; 1879 stp->sd_flag |= STRDERR; 1880 rw |= FLUSHR; 1881 } else { 1882 stp->sd_flag &= ~STRDERR; 1883 } 1884 stp->sd_rerror = *bp->b_rptr; 1885 } 1886 bp->b_rptr++; 1887 if (*bp->b_rptr != NOERROR) { /* write error */ 1888 if (*bp->b_rptr != 0) { 1889 if (stp->sd_flag & STWRERR) 1890 flushed_already |= FLUSHW; 1891 stp->sd_flag |= STWRERR; 1892 rw |= FLUSHW; 1893 } else { 1894 stp->sd_flag &= ~STWRERR; 1895 } 1896 stp->sd_werror = *bp->b_rptr; 1897 } 1898 if (rw) { 1899 TRACE_2(TR_FAC_STREAMS_FR, TR_STRRPUT_WAKE, 1900 "strrput cv_broadcast:q %p, bp %p", 1901 q, bp); 1902 cv_broadcast(&q->q_wait); /* readers */ 1903 cv_broadcast(&_WR(q)->q_wait); /* writers */ 1904 cv_broadcast(&stp->sd_monitor); /* ioctllers */ 1905 1906 mutex_exit(&stp->sd_lock); 1907 pollwakeup(&stp->sd_pollist, POLLERR); 1908 mutex_enter(&stp->sd_lock); 1909 1910 if (stp->sd_sigflags & S_ERROR) 1911 strsendsig(stp->sd_siglist, S_ERROR, 0, 1912 ((rw & FLUSHR) ? stp->sd_rerror : 1913 stp->sd_werror)); 1914 mutex_exit(&stp->sd_lock); 1915 /* 1916 * Send the M_FLUSH only 1917 * for the first M_ERROR 1918 * message on the stream 1919 */ 1920 if (flushed_already == rw) { 1921 freemsg(bp); 1922 return (0); 1923 } 1924 1925 bp->b_datap->db_type = M_FLUSH; 1926 *bp->b_rptr = rw; 1927 bp->b_wptr = bp->b_rptr + 1; 1928 /* 1929 * Protect against the driver 1930 * passing up messages after 1931 * it has done a qprocsoff 1932 */ 1933 if (_OTHERQ(q)->q_next == NULL) 1934 freemsg(bp); 1935 else 1936 qreply(q, bp); 1937 return (0); 1938 } else 1939 mutex_exit(&stp->sd_lock); 1940 } else if (*bp->b_rptr != 0) { /* Old flavor */ 1941 if (stp->sd_flag & (STRDERR|STWRERR)) 1942 flushed_already = FLUSHRW; 1943 mutex_enter(&stp->sd_lock); 1944 stp->sd_flag |= (STRDERR|STWRERR); 1945 stp->sd_rerror = *bp->b_rptr; 1946 stp->sd_werror = *bp->b_rptr; 1947 TRACE_2(TR_FAC_STREAMS_FR, 1948 TR_STRRPUT_WAKE2, 1949 "strrput wakeup #2:q %p, bp %p", q, bp); 1950 cv_broadcast(&q->q_wait); /* the readers */ 1951 cv_broadcast(&_WR(q)->q_wait); /* the writers */ 1952 cv_broadcast(&stp->sd_monitor); /* ioctllers */ 1953 1954 mutex_exit(&stp->sd_lock); 1955 pollwakeup(&stp->sd_pollist, POLLERR); 1956 mutex_enter(&stp->sd_lock); 1957 1958 if (stp->sd_sigflags & S_ERROR) 1959 strsendsig(stp->sd_siglist, S_ERROR, 0, 1960 (stp->sd_werror ? stp->sd_werror : 1961 stp->sd_rerror)); 1962 mutex_exit(&stp->sd_lock); 1963 1964 /* 1965 * Send the M_FLUSH only 1966 * for the first M_ERROR 1967 * message on the stream 1968 */ 1969 if (flushed_already != FLUSHRW) { 1970 bp->b_datap->db_type = M_FLUSH; 1971 *bp->b_rptr = FLUSHRW; 1972 /* 1973 * Protect against the driver passing up 1974 * messages after it has done a 1975 * qprocsoff. 1976 */ 1977 if (_OTHERQ(q)->q_next == NULL) 1978 freemsg(bp); 1979 else 1980 qreply(q, bp); 1981 return (0); 1982 } 1983 } 1984 freemsg(bp); 1985 return (0); 1986 1987 case M_HANGUP: 1988 1989 freemsg(bp); 1990 mutex_enter(&stp->sd_lock); 1991 stp->sd_werror = ENXIO; 1992 stp->sd_flag |= STRHUP; 1993 stp->sd_flag &= ~(WSLEEP|RSLEEP); 1994 1995 /* 1996 * send signal if controlling tty 1997 */ 1998 1999 if (stp->sd_sidp) { 2000 prsignal(stp->sd_sidp, SIGHUP); 2001 if (stp->sd_sidp != stp->sd_pgidp) 2002 pgsignal(stp->sd_pgidp, SIGTSTP); 2003 } 2004 2005 /* 2006 * wake up read, write, and exception pollers and 2007 * reset wakeup mechanism. 2008 */ 2009 cv_broadcast(&q->q_wait); /* the readers */ 2010 cv_broadcast(&_WR(q)->q_wait); /* the writers */ 2011 cv_broadcast(&stp->sd_monitor); /* the ioctllers */ 2012 strhup(stp); 2013 mutex_exit(&stp->sd_lock); 2014 return (0); 2015 2016 case M_UNHANGUP: 2017 freemsg(bp); 2018 mutex_enter(&stp->sd_lock); 2019 stp->sd_werror = 0; 2020 stp->sd_flag &= ~STRHUP; 2021 mutex_exit(&stp->sd_lock); 2022 return (0); 2023 2024 case M_SIG: 2025 /* 2026 * Someone downstream wants to post a signal. The 2027 * signal to post is contained in the first byte of the 2028 * message. If the message would go on the front of 2029 * the queue, send a signal to the process group 2030 * (if not SIGPOLL) or to the siglist processes 2031 * (SIGPOLL). If something is already on the queue, 2032 * OR if we are delivering a delayed suspend (*sigh* 2033 * another "tty" hack) and there's no one sleeping already, 2034 * just enqueue the message. 2035 */ 2036 mutex_enter(&stp->sd_lock); 2037 if (q->q_first || (*bp->b_rptr == SIGTSTP && 2038 !(stp->sd_flag & RSLEEP))) { 2039 (void) putq(q, bp); 2040 mutex_exit(&stp->sd_lock); 2041 return (0); 2042 } 2043 mutex_exit(&stp->sd_lock); 2044 /* FALLTHRU */ 2045 2046 case M_PCSIG: 2047 /* 2048 * Don't enqueue, just post the signal. 2049 */ 2050 strsignal(stp, *bp->b_rptr, 0L); 2051 freemsg(bp); 2052 return (0); 2053 2054 case M_FLUSH: 2055 /* 2056 * Flush queues. The indication of which queues to flush 2057 * is in the first byte of the message. If the read queue 2058 * is specified, then flush it. If FLUSHBAND is set, just 2059 * flush the band specified by the second byte of the message. 2060 * 2061 * If a module has issued a M_SETOPT to not flush hi 2062 * priority messages off of the stream head, then pass this 2063 * flag into the flushq code to preserve such messages. 2064 */ 2065 2066 if (*bp->b_rptr & FLUSHR) { 2067 mutex_enter(&stp->sd_lock); 2068 if (*bp->b_rptr & FLUSHBAND) { 2069 ASSERT((bp->b_wptr - bp->b_rptr) >= 2); 2070 flushband(q, *(bp->b_rptr + 1), FLUSHALL); 2071 } else 2072 flushq_common(q, FLUSHALL, 2073 stp->sd_read_opt & RFLUSHPCPROT); 2074 if ((q->q_first == NULL) || 2075 (q->q_first->b_datap->db_type < QPCTL)) 2076 stp->sd_flag &= ~STRPRI; 2077 else { 2078 ASSERT(stp->sd_flag & STRPRI); 2079 } 2080 mutex_exit(&stp->sd_lock); 2081 } 2082 if ((*bp->b_rptr & FLUSHW) && !(bp->b_flag & MSGNOLOOP)) { 2083 *bp->b_rptr &= ~FLUSHR; 2084 bp->b_flag |= MSGNOLOOP; 2085 /* 2086 * Protect against the driver passing up 2087 * messages after it has done a qprocsoff. 2088 */ 2089 if (_OTHERQ(q)->q_next == NULL) 2090 freemsg(bp); 2091 else 2092 qreply(q, bp); 2093 return (0); 2094 } 2095 freemsg(bp); 2096 return (0); 2097 2098 case M_IOCACK: 2099 case M_IOCNAK: 2100 iocbp = (struct iocblk *)bp->b_rptr; 2101 /* 2102 * If not waiting for ACK or NAK then just free msg. 2103 * If incorrect id sequence number then just free msg. 2104 * If already have ACK or NAK for user then this is a 2105 * duplicate, display a warning and free the msg. 2106 */ 2107 mutex_enter(&stp->sd_lock); 2108 if ((stp->sd_flag & IOCWAIT) == 0 || stp->sd_iocblk || 2109 (stp->sd_iocid != iocbp->ioc_id)) { 2110 /* 2111 * If the ACK/NAK is a dup, display a message 2112 * Dup is when sd_iocid == ioc_id, and 2113 * sd_iocblk == <valid ptr> or -1 (the former 2114 * is when an ioctl has been put on the stream 2115 * head, but has not yet been consumed, the 2116 * later is when it has been consumed). 2117 */ 2118 if ((stp->sd_iocid == iocbp->ioc_id) && 2119 (stp->sd_iocblk != NULL)) { 2120 log_dupioc(q, bp); 2121 } 2122 freemsg(bp); 2123 mutex_exit(&stp->sd_lock); 2124 return (0); 2125 } 2126 2127 /* 2128 * Assign ACK or NAK to user and wake up. 2129 */ 2130 stp->sd_iocblk = bp; 2131 cv_broadcast(&stp->sd_monitor); 2132 mutex_exit(&stp->sd_lock); 2133 return (0); 2134 2135 case M_COPYIN: 2136 case M_COPYOUT: 2137 reqp = (struct copyreq *)bp->b_rptr; 2138 2139 /* 2140 * If not waiting for ACK or NAK then just fail request. 2141 * If already have ACK, NAK, or copy request, then just 2142 * fail request. 2143 * If incorrect id sequence number then just fail request. 2144 */ 2145 mutex_enter(&stp->sd_lock); 2146 if ((stp->sd_flag & IOCWAIT) == 0 || stp->sd_iocblk || 2147 (stp->sd_iocid != reqp->cq_id)) { 2148 if (bp->b_cont) { 2149 freemsg(bp->b_cont); 2150 bp->b_cont = NULL; 2151 } 2152 bp->b_datap->db_type = M_IOCDATA; 2153 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 2154 resp = (struct copyresp *)bp->b_rptr; 2155 resp->cp_rval = (caddr_t)1; /* failure */ 2156 mutex_exit(&stp->sd_lock); 2157 putnext(stp->sd_wrq, bp); 2158 return (0); 2159 } 2160 2161 /* 2162 * Assign copy request to user and wake up. 2163 */ 2164 stp->sd_iocblk = bp; 2165 cv_broadcast(&stp->sd_monitor); 2166 mutex_exit(&stp->sd_lock); 2167 return (0); 2168 2169 case M_SETOPTS: 2170 /* 2171 * Set stream head options (read option, write offset, 2172 * min/max packet size, and/or high/low water marks for 2173 * the read side only). 2174 */ 2175 2176 bpri = 0; 2177 sop = (struct stroptions *)bp->b_rptr; 2178 mutex_enter(&stp->sd_lock); 2179 if (sop->so_flags & SO_READOPT) { 2180 switch (sop->so_readopt & RMODEMASK) { 2181 case RNORM: 2182 stp->sd_read_opt &= ~(RD_MSGDIS | RD_MSGNODIS); 2183 break; 2184 2185 case RMSGD: 2186 stp->sd_read_opt = 2187 ((stp->sd_read_opt & ~RD_MSGNODIS) | 2188 RD_MSGDIS); 2189 break; 2190 2191 case RMSGN: 2192 stp->sd_read_opt = 2193 ((stp->sd_read_opt & ~RD_MSGDIS) | 2194 RD_MSGNODIS); 2195 break; 2196 } 2197 switch (sop->so_readopt & RPROTMASK) { 2198 case RPROTNORM: 2199 stp->sd_read_opt &= ~(RD_PROTDAT | RD_PROTDIS); 2200 break; 2201 2202 case RPROTDAT: 2203 stp->sd_read_opt = 2204 ((stp->sd_read_opt & ~RD_PROTDIS) | 2205 RD_PROTDAT); 2206 break; 2207 2208 case RPROTDIS: 2209 stp->sd_read_opt = 2210 ((stp->sd_read_opt & ~RD_PROTDAT) | 2211 RD_PROTDIS); 2212 break; 2213 } 2214 switch (sop->so_readopt & RFLUSHMASK) { 2215 case RFLUSHPCPROT: 2216 /* 2217 * This sets the stream head to NOT flush 2218 * M_PCPROTO messages. 2219 */ 2220 stp->sd_read_opt |= RFLUSHPCPROT; 2221 break; 2222 } 2223 } 2224 if (sop->so_flags & SO_ERROPT) { 2225 switch (sop->so_erropt & RERRMASK) { 2226 case RERRNORM: 2227 stp->sd_flag &= ~STRDERRNONPERSIST; 2228 break; 2229 case RERRNONPERSIST: 2230 stp->sd_flag |= STRDERRNONPERSIST; 2231 break; 2232 } 2233 switch (sop->so_erropt & WERRMASK) { 2234 case WERRNORM: 2235 stp->sd_flag &= ~STWRERRNONPERSIST; 2236 break; 2237 case WERRNONPERSIST: 2238 stp->sd_flag |= STWRERRNONPERSIST; 2239 break; 2240 } 2241 } 2242 if (sop->so_flags & SO_COPYOPT) { 2243 if (sop->so_copyopt & ZCVMSAFE) { 2244 stp->sd_copyflag |= STZCVMSAFE; 2245 stp->sd_copyflag &= ~STZCVMUNSAFE; 2246 } else if (sop->so_copyopt & ZCVMUNSAFE) { 2247 stp->sd_copyflag |= STZCVMUNSAFE; 2248 stp->sd_copyflag &= ~STZCVMSAFE; 2249 } 2250 2251 if (sop->so_copyopt & COPYCACHED) { 2252 stp->sd_copyflag |= STRCOPYCACHED; 2253 } 2254 } 2255 if (sop->so_flags & SO_WROFF) 2256 stp->sd_wroff = sop->so_wroff; 2257 if (sop->so_flags & SO_TAIL) 2258 stp->sd_tail = sop->so_tail; 2259 if (sop->so_flags & SO_MINPSZ) 2260 q->q_minpsz = sop->so_minpsz; 2261 if (sop->so_flags & SO_MAXPSZ) 2262 q->q_maxpsz = sop->so_maxpsz; 2263 if (sop->so_flags & SO_MAXBLK) 2264 stp->sd_maxblk = sop->so_maxblk; 2265 if (sop->so_flags & SO_HIWAT) { 2266 if (sop->so_flags & SO_BAND) { 2267 if (strqset(q, QHIWAT, sop->so_band, sop->so_hiwat)) 2268 cmn_err(CE_WARN, 2269 "strrput: could not allocate qband\n"); 2270 else 2271 bpri = sop->so_band; 2272 } else { 2273 q->q_hiwat = sop->so_hiwat; 2274 } 2275 } 2276 if (sop->so_flags & SO_LOWAT) { 2277 if (sop->so_flags & SO_BAND) { 2278 if (strqset(q, QLOWAT, sop->so_band, sop->so_lowat)) 2279 cmn_err(CE_WARN, 2280 "strrput: could not allocate qband\n"); 2281 else 2282 bpri = sop->so_band; 2283 } else { 2284 q->q_lowat = sop->so_lowat; 2285 } 2286 } 2287 if (sop->so_flags & SO_MREADON) 2288 stp->sd_flag |= SNDMREAD; 2289 if (sop->so_flags & SO_MREADOFF) 2290 stp->sd_flag &= ~SNDMREAD; 2291 if (sop->so_flags & SO_NDELON) 2292 stp->sd_flag |= OLDNDELAY; 2293 if (sop->so_flags & SO_NDELOFF) 2294 stp->sd_flag &= ~OLDNDELAY; 2295 if (sop->so_flags & SO_ISTTY) 2296 stp->sd_flag |= STRISTTY; 2297 if (sop->so_flags & SO_ISNTTY) 2298 stp->sd_flag &= ~STRISTTY; 2299 if (sop->so_flags & SO_TOSTOP) 2300 stp->sd_flag |= STRTOSTOP; 2301 if (sop->so_flags & SO_TONSTOP) 2302 stp->sd_flag &= ~STRTOSTOP; 2303 if (sop->so_flags & SO_DELIM) 2304 stp->sd_flag |= STRDELIM; 2305 if (sop->so_flags & SO_NODELIM) 2306 stp->sd_flag &= ~STRDELIM; 2307 2308 mutex_exit(&stp->sd_lock); 2309 freemsg(bp); 2310 2311 /* Check backenable in case the water marks changed */ 2312 qbackenable(q, bpri); 2313 return (0); 2314 2315 /* 2316 * The following set of cases deal with situations where two stream 2317 * heads are connected to each other (twisted streams). These messages 2318 * have no meaning at the stream head. 2319 */ 2320 case M_BREAK: 2321 case M_CTL: 2322 case M_DELAY: 2323 case M_START: 2324 case M_STOP: 2325 case M_IOCDATA: 2326 case M_STARTI: 2327 case M_STOPI: 2328 freemsg(bp); 2329 return (0); 2330 2331 case M_IOCTL: 2332 /* 2333 * Always NAK this condition 2334 * (makes no sense) 2335 * If there is one or more threads in the read side 2336 * rwnext we have to defer the nacking until that thread 2337 * returns (in strget). 2338 */ 2339 mutex_enter(&stp->sd_lock); 2340 if (stp->sd_struiodnak != 0) { 2341 /* 2342 * Defer NAK to the streamhead. Queue at the end 2343 * the list. 2344 */ 2345 mblk_t *mp = stp->sd_struionak; 2346 2347 while (mp && mp->b_next) 2348 mp = mp->b_next; 2349 if (mp) 2350 mp->b_next = bp; 2351 else 2352 stp->sd_struionak = bp; 2353 bp->b_next = NULL; 2354 mutex_exit(&stp->sd_lock); 2355 return (0); 2356 } 2357 mutex_exit(&stp->sd_lock); 2358 2359 bp->b_datap->db_type = M_IOCNAK; 2360 /* 2361 * Protect against the driver passing up 2362 * messages after it has done a qprocsoff. 2363 */ 2364 if (_OTHERQ(q)->q_next == NULL) 2365 freemsg(bp); 2366 else 2367 qreply(q, bp); 2368 return (0); 2369 2370 default: 2371 #ifdef DEBUG 2372 cmn_err(CE_WARN, 2373 "bad message type %x received at stream head\n", 2374 bp->b_datap->db_type); 2375 #endif 2376 freemsg(bp); 2377 return (0); 2378 } 2379 2380 /* NOTREACHED */ 2381 } 2382 2383 /* 2384 * Check if the stream pointed to by `stp' can be written to, and return an 2385 * error code if not. If `eiohup' is set, then return EIO if STRHUP is set. 2386 * If `sigpipeok' is set and the SW_SIGPIPE option is enabled on the stream, 2387 * then always return EPIPE and send a SIGPIPE to the invoking thread. 2388 */ 2389 static int 2390 strwriteable(struct stdata *stp, boolean_t eiohup, boolean_t sigpipeok) 2391 { 2392 int error; 2393 2394 ASSERT(MUTEX_HELD(&stp->sd_lock)); 2395 2396 /* 2397 * For modem support, POSIX states that on writes, EIO should 2398 * be returned if the stream has been hung up. 2399 */ 2400 if (eiohup && (stp->sd_flag & (STPLEX|STRHUP)) == STRHUP) 2401 error = EIO; 2402 else 2403 error = strgeterr(stp, STRHUP|STPLEX|STWRERR, 0); 2404 2405 if (error != 0) { 2406 if (!(stp->sd_flag & STPLEX) && 2407 (stp->sd_wput_opt & SW_SIGPIPE) && sigpipeok) { 2408 tsignal(curthread, SIGPIPE); 2409 error = EPIPE; 2410 } 2411 } 2412 2413 return (error); 2414 } 2415 2416 /* 2417 * Copyin and send data down a stream. 2418 * The caller will allocate and copyin any control part that precedes the 2419 * message and pass than in as mctl. 2420 * 2421 * Caller should *not* hold sd_lock. 2422 * When EWOULDBLOCK is returned the caller has to redo the canputnext 2423 * under sd_lock in order to avoid missing a backenabling wakeup. 2424 * 2425 * Use iosize = -1 to not send any M_DATA. iosize = 0 sends zero-length M_DATA. 2426 * 2427 * Set MSG_IGNFLOW in flags to ignore flow control for hipri messages. 2428 * For sync streams we can only ignore flow control by reverting to using 2429 * putnext. 2430 * 2431 * If sd_maxblk is less than *iosize this routine might return without 2432 * transferring all of *iosize. In all cases, on return *iosize will contain 2433 * the amount of data that was transferred. 2434 */ 2435 static int 2436 strput(struct stdata *stp, mblk_t *mctl, struct uio *uiop, ssize_t *iosize, 2437 int b_flag, int pri, int flags) 2438 { 2439 struiod_t uiod; 2440 mblk_t *mp; 2441 queue_t *wqp = stp->sd_wrq; 2442 int error = 0; 2443 ssize_t count = *iosize; 2444 cred_t *cr; 2445 2446 ASSERT(MUTEX_NOT_HELD(&stp->sd_lock)); 2447 2448 if (uiop != NULL && count >= 0) 2449 flags |= stp->sd_struiowrq ? STRUIO_POSTPONE : 0; 2450 2451 if (!(flags & STRUIO_POSTPONE)) { 2452 /* 2453 * Use regular canputnext, strmakedata, putnext sequence. 2454 */ 2455 if (pri == 0) { 2456 if (!canputnext(wqp) && !(flags & MSG_IGNFLOW)) { 2457 freemsg(mctl); 2458 return (EWOULDBLOCK); 2459 } 2460 } else { 2461 if (!(flags & MSG_IGNFLOW) && !bcanputnext(wqp, pri)) { 2462 freemsg(mctl); 2463 return (EWOULDBLOCK); 2464 } 2465 } 2466 2467 if ((error = strmakedata(iosize, uiop, stp, flags, 2468 &mp)) != 0) { 2469 freemsg(mctl); 2470 /* 2471 * need to change return code to ENOMEM 2472 * so that this is not confused with 2473 * flow control, EAGAIN. 2474 */ 2475 2476 if (error == EAGAIN) 2477 return (ENOMEM); 2478 else 2479 return (error); 2480 } 2481 if (mctl != NULL) { 2482 if (mctl->b_cont == NULL) 2483 mctl->b_cont = mp; 2484 else if (mp != NULL) 2485 linkb(mctl, mp); 2486 mp = mctl; 2487 /* 2488 * Note that for interrupt thread, the CRED() is 2489 * NULL. Don't bother with the pid either. 2490 */ 2491 if ((cr = CRED()) != NULL) { 2492 mblk_setcred(mp, cr); 2493 DB_CPID(mp) = curproc->p_pid; 2494 } 2495 } else if (mp == NULL) 2496 return (0); 2497 2498 mp->b_flag |= b_flag; 2499 mp->b_band = (uchar_t)pri; 2500 2501 if (flags & MSG_IGNFLOW) { 2502 /* 2503 * XXX Hack: Don't get stuck running service 2504 * procedures. This is needed for sockfs when 2505 * sending the unbind message out of the rput 2506 * procedure - we don't want a put procedure 2507 * to run service procedures. 2508 */ 2509 putnext(wqp, mp); 2510 } else { 2511 stream_willservice(stp); 2512 putnext(wqp, mp); 2513 stream_runservice(stp); 2514 } 2515 return (0); 2516 } 2517 /* 2518 * Stream supports rwnext() for the write side. 2519 */ 2520 if ((error = strmakedata(iosize, uiop, stp, flags, &mp)) != 0) { 2521 freemsg(mctl); 2522 /* 2523 * map EAGAIN to ENOMEM since EAGAIN means "flow controlled". 2524 */ 2525 return (error == EAGAIN ? ENOMEM : error); 2526 } 2527 if (mctl != NULL) { 2528 if (mctl->b_cont == NULL) 2529 mctl->b_cont = mp; 2530 else if (mp != NULL) 2531 linkb(mctl, mp); 2532 mp = mctl; 2533 /* 2534 * Note that for interrupt thread, the CRED() is 2535 * NULL. Don't bother with the pid either. 2536 */ 2537 if ((cr = CRED()) != NULL) { 2538 mblk_setcred(mp, cr); 2539 DB_CPID(mp) = curproc->p_pid; 2540 } 2541 } else if (mp == NULL) { 2542 return (0); 2543 } 2544 2545 mp->b_flag |= b_flag; 2546 mp->b_band = (uchar_t)pri; 2547 2548 (void) uiodup(uiop, &uiod.d_uio, uiod.d_iov, 2549 sizeof (uiod.d_iov) / sizeof (*uiod.d_iov)); 2550 uiod.d_uio.uio_offset = 0; 2551 uiod.d_mp = mp; 2552 error = rwnext(wqp, &uiod); 2553 if (! uiod.d_mp) { 2554 uioskip(uiop, *iosize); 2555 return (error); 2556 } 2557 ASSERT(mp == uiod.d_mp); 2558 if (error == EINVAL) { 2559 /* 2560 * The stream plumbing must have changed while 2561 * we were away, so just turn off rwnext()s. 2562 */ 2563 error = 0; 2564 } else if (error == EBUSY || error == EWOULDBLOCK) { 2565 /* 2566 * Couldn't enter a perimeter or took a page fault, 2567 * so fall-back to putnext(). 2568 */ 2569 error = 0; 2570 } else { 2571 freemsg(mp); 2572 return (error); 2573 } 2574 /* Have to check canput before consuming data from the uio */ 2575 if (pri == 0) { 2576 if (!canputnext(wqp) && !(flags & MSG_IGNFLOW)) { 2577 freemsg(mp); 2578 return (EWOULDBLOCK); 2579 } 2580 } else { 2581 if (!bcanputnext(wqp, pri) && !(flags & MSG_IGNFLOW)) { 2582 freemsg(mp); 2583 return (EWOULDBLOCK); 2584 } 2585 } 2586 ASSERT(mp == uiod.d_mp); 2587 /* Copyin data from the uio */ 2588 if ((error = struioget(wqp, mp, &uiod, 0)) != 0) { 2589 freemsg(mp); 2590 return (error); 2591 } 2592 uioskip(uiop, *iosize); 2593 if (flags & MSG_IGNFLOW) { 2594 /* 2595 * XXX Hack: Don't get stuck running service procedures. 2596 * This is needed for sockfs when sending the unbind message 2597 * out of the rput procedure - we don't want a put procedure 2598 * to run service procedures. 2599 */ 2600 putnext(wqp, mp); 2601 } else { 2602 stream_willservice(stp); 2603 putnext(wqp, mp); 2604 stream_runservice(stp); 2605 } 2606 return (0); 2607 } 2608 2609 /* 2610 * Write attempts to break the write request into messages conforming 2611 * with the minimum and maximum packet sizes set downstream. 2612 * 2613 * Write will not block if downstream queue is full and 2614 * O_NDELAY is set, otherwise it will block waiting for the queue to get room. 2615 * 2616 * A write of zero bytes gets packaged into a zero length message and sent 2617 * downstream like any other message. 2618 * 2619 * If buffers of the requested sizes are not available, the write will 2620 * sleep until the buffers become available. 2621 * 2622 * Write (if specified) will supply a write offset in a message if it 2623 * makes sense. This can be specified by downstream modules as part of 2624 * a M_SETOPTS message. Write will not supply the write offset if it 2625 * cannot supply any data in a buffer. In other words, write will never 2626 * send down an empty packet due to a write offset. 2627 */ 2628 /* ARGSUSED2 */ 2629 int 2630 strwrite(struct vnode *vp, struct uio *uiop, cred_t *crp) 2631 { 2632 return (strwrite_common(vp, uiop, crp, 0)); 2633 } 2634 2635 /* ARGSUSED2 */ 2636 int 2637 strwrite_common(struct vnode *vp, struct uio *uiop, cred_t *crp, int wflag) 2638 { 2639 struct stdata *stp; 2640 struct queue *wqp; 2641 ssize_t rmin, rmax; 2642 ssize_t iosize; 2643 int waitflag; 2644 int tempmode; 2645 int error = 0; 2646 int b_flag; 2647 2648 ASSERT(vp->v_stream); 2649 stp = vp->v_stream; 2650 2651 mutex_enter(&stp->sd_lock); 2652 2653 if ((error = i_straccess(stp, JCWRITE)) != 0) { 2654 mutex_exit(&stp->sd_lock); 2655 return (error); 2656 } 2657 2658 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 2659 error = strwriteable(stp, B_TRUE, B_TRUE); 2660 if (error != 0) { 2661 mutex_exit(&stp->sd_lock); 2662 return (error); 2663 } 2664 } 2665 2666 mutex_exit(&stp->sd_lock); 2667 2668 wqp = stp->sd_wrq; 2669 2670 /* get these values from them cached in the stream head */ 2671 rmin = stp->sd_qn_minpsz; 2672 rmax = stp->sd_qn_maxpsz; 2673 2674 /* 2675 * Check the min/max packet size constraints. If min packet size 2676 * is non-zero, the write cannot be split into multiple messages 2677 * and still guarantee the size constraints. 2678 */ 2679 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_IN, "strwrite in:q %p", wqp); 2680 2681 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 2682 if (rmax == 0) { 2683 return (0); 2684 } 2685 if (rmin > 0) { 2686 if (uiop->uio_resid < rmin) { 2687 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2688 "strwrite out:q %p out %d error %d", 2689 wqp, 0, ERANGE); 2690 return (ERANGE); 2691 } 2692 if ((rmax != INFPSZ) && (uiop->uio_resid > rmax)) { 2693 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2694 "strwrite out:q %p out %d error %d", 2695 wqp, 1, ERANGE); 2696 return (ERANGE); 2697 } 2698 } 2699 2700 /* 2701 * Do until count satisfied or error. 2702 */ 2703 waitflag = WRITEWAIT | wflag; 2704 if (stp->sd_flag & OLDNDELAY) 2705 tempmode = uiop->uio_fmode & ~FNDELAY; 2706 else 2707 tempmode = uiop->uio_fmode; 2708 2709 if (rmax == INFPSZ) 2710 rmax = uiop->uio_resid; 2711 2712 /* 2713 * Note that tempmode does not get used in strput/strmakedata 2714 * but only in strwaitq. The other routines use uio_fmode 2715 * unmodified. 2716 */ 2717 2718 /* LINTED: constant in conditional context */ 2719 while (1) { /* breaks when uio_resid reaches zero */ 2720 /* 2721 * Determine the size of the next message to be 2722 * packaged. May have to break write into several 2723 * messages based on max packet size. 2724 */ 2725 iosize = MIN(uiop->uio_resid, rmax); 2726 2727 /* 2728 * Put block downstream when flow control allows it. 2729 */ 2730 if ((stp->sd_flag & STRDELIM) && (uiop->uio_resid == iosize)) 2731 b_flag = MSGDELIM; 2732 else 2733 b_flag = 0; 2734 2735 for (;;) { 2736 int done = 0; 2737 2738 error = strput(stp, NULL, uiop, &iosize, b_flag, 2739 0, 0); 2740 if (error == 0) 2741 break; 2742 if (error != EWOULDBLOCK) 2743 goto out; 2744 2745 mutex_enter(&stp->sd_lock); 2746 /* 2747 * Check for a missed wakeup. 2748 * Needed since strput did not hold sd_lock across 2749 * the canputnext. 2750 */ 2751 if (canputnext(wqp)) { 2752 /* Try again */ 2753 mutex_exit(&stp->sd_lock); 2754 continue; 2755 } 2756 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_WAIT, 2757 "strwrite wait:q %p wait", wqp); 2758 if ((error = strwaitq(stp, waitflag, (ssize_t)0, 2759 tempmode, -1, &done)) != 0 || done) { 2760 mutex_exit(&stp->sd_lock); 2761 if ((vp->v_type == VFIFO) && 2762 (uiop->uio_fmode & FNDELAY) && 2763 (error == EAGAIN)) 2764 error = 0; 2765 goto out; 2766 } 2767 TRACE_1(TR_FAC_STREAMS_FR, TR_STRWRITE_WAKE, 2768 "strwrite wake:q %p awakes", wqp); 2769 if ((error = i_straccess(stp, JCWRITE)) != 0) { 2770 mutex_exit(&stp->sd_lock); 2771 goto out; 2772 } 2773 mutex_exit(&stp->sd_lock); 2774 } 2775 waitflag |= NOINTR; 2776 TRACE_2(TR_FAC_STREAMS_FR, TR_STRWRITE_RESID, 2777 "strwrite resid:q %p uiop %p", wqp, uiop); 2778 if (uiop->uio_resid) { 2779 /* Recheck for errors - needed for sockets */ 2780 if ((stp->sd_wput_opt & SW_RECHECK_ERR) && 2781 (stp->sd_flag & (STWRERR|STRHUP|STPLEX))) { 2782 mutex_enter(&stp->sd_lock); 2783 error = strwriteable(stp, B_FALSE, B_TRUE); 2784 mutex_exit(&stp->sd_lock); 2785 if (error != 0) 2786 return (error); 2787 } 2788 continue; 2789 } 2790 break; 2791 } 2792 out: 2793 /* 2794 * For historical reasons, applications expect EAGAIN when a data 2795 * mblk_t cannot be allocated, so change ENOMEM back to EAGAIN. 2796 */ 2797 if (error == ENOMEM) 2798 error = EAGAIN; 2799 TRACE_3(TR_FAC_STREAMS_FR, TR_STRWRITE_OUT, 2800 "strwrite out:q %p out %d error %d", wqp, 2, error); 2801 return (error); 2802 } 2803 2804 /* 2805 * Stream head write service routine. 2806 * Its job is to wake up any sleeping writers when a queue 2807 * downstream needs data (part of the flow control in putq and getq). 2808 * It also must wake anyone sleeping on a poll(). 2809 * For stream head right below mux module, it must also invoke put procedure 2810 * of next downstream module. 2811 */ 2812 int 2813 strwsrv(queue_t *q) 2814 { 2815 struct stdata *stp; 2816 queue_t *tq; 2817 qband_t *qbp; 2818 int i; 2819 qband_t *myqbp; 2820 int isevent; 2821 unsigned char qbf[NBAND]; /* band flushing backenable flags */ 2822 2823 TRACE_1(TR_FAC_STREAMS_FR, 2824 TR_STRWSRV, "strwsrv:q %p", q); 2825 stp = (struct stdata *)q->q_ptr; 2826 ASSERT(qclaimed(q)); 2827 mutex_enter(&stp->sd_lock); 2828 ASSERT(!(stp->sd_flag & STPLEX)); 2829 2830 if (stp->sd_flag & WSLEEP) { 2831 stp->sd_flag &= ~WSLEEP; 2832 cv_broadcast(&q->q_wait); 2833 } 2834 mutex_exit(&stp->sd_lock); 2835 2836 /* The other end of a stream pipe went away. */ 2837 if ((tq = q->q_next) == NULL) { 2838 return (0); 2839 } 2840 2841 /* Find the next module forward that has a service procedure */ 2842 claimstr(q); 2843 tq = q->q_nfsrv; 2844 ASSERT(tq != NULL); 2845 2846 if ((q->q_flag & QBACK)) { 2847 if ((tq->q_flag & QFULL)) { 2848 mutex_enter(QLOCK(tq)); 2849 if (!(tq->q_flag & QFULL)) { 2850 mutex_exit(QLOCK(tq)); 2851 goto wakeup; 2852 } 2853 /* 2854 * The queue must have become full again. Set QWANTW 2855 * again so strwsrv will be back enabled when 2856 * the queue becomes non-full next time. 2857 */ 2858 tq->q_flag |= QWANTW; 2859 mutex_exit(QLOCK(tq)); 2860 } else { 2861 wakeup: 2862 pollwakeup(&stp->sd_pollist, POLLWRNORM); 2863 mutex_enter(&stp->sd_lock); 2864 if (stp->sd_sigflags & S_WRNORM) 2865 strsendsig(stp->sd_siglist, S_WRNORM, 0, 0); 2866 mutex_exit(&stp->sd_lock); 2867 } 2868 } 2869 2870 isevent = 0; 2871 i = 1; 2872 bzero((caddr_t)qbf, NBAND); 2873 mutex_enter(QLOCK(tq)); 2874 if ((myqbp = q->q_bandp) != NULL) 2875 for (qbp = tq->q_bandp; qbp && myqbp; qbp = qbp->qb_next) { 2876 ASSERT(myqbp); 2877 if ((myqbp->qb_flag & QB_BACK)) { 2878 if (qbp->qb_flag & QB_FULL) { 2879 /* 2880 * The band must have become full again. 2881 * Set QB_WANTW again so strwsrv will 2882 * be back enabled when the band becomes 2883 * non-full next time. 2884 */ 2885 qbp->qb_flag |= QB_WANTW; 2886 } else { 2887 isevent = 1; 2888 qbf[i] = 1; 2889 } 2890 } 2891 myqbp = myqbp->qb_next; 2892 i++; 2893 } 2894 mutex_exit(QLOCK(tq)); 2895 2896 if (isevent) { 2897 for (i = tq->q_nband; i; i--) { 2898 if (qbf[i]) { 2899 pollwakeup(&stp->sd_pollist, POLLWRBAND); 2900 mutex_enter(&stp->sd_lock); 2901 if (stp->sd_sigflags & S_WRBAND) 2902 strsendsig(stp->sd_siglist, S_WRBAND, 2903 (uchar_t)i, 0); 2904 mutex_exit(&stp->sd_lock); 2905 } 2906 } 2907 } 2908 2909 releasestr(q); 2910 return (0); 2911 } 2912 2913 /* 2914 * Special case of strcopyin/strcopyout for copying 2915 * struct strioctl that can deal with both data 2916 * models. 2917 */ 2918 2919 #ifdef _LP64 2920 2921 static int 2922 strcopyin_strioctl(void *from, void *to, int flag, int copyflag) 2923 { 2924 struct strioctl32 strioc32; 2925 struct strioctl *striocp; 2926 2927 if (copyflag & U_TO_K) { 2928 ASSERT((copyflag & K_TO_K) == 0); 2929 2930 if ((flag & FMODELS) == DATAMODEL_ILP32) { 2931 if (copyin(from, &strioc32, sizeof (strioc32))) 2932 return (EFAULT); 2933 2934 striocp = (struct strioctl *)to; 2935 striocp->ic_cmd = strioc32.ic_cmd; 2936 striocp->ic_timout = strioc32.ic_timout; 2937 striocp->ic_len = strioc32.ic_len; 2938 striocp->ic_dp = (char *)(uintptr_t)strioc32.ic_dp; 2939 2940 } else { /* NATIVE data model */ 2941 if (copyin(from, to, sizeof (struct strioctl))) { 2942 return (EFAULT); 2943 } else { 2944 return (0); 2945 } 2946 } 2947 } else { 2948 ASSERT(copyflag & K_TO_K); 2949 bcopy(from, to, sizeof (struct strioctl)); 2950 } 2951 return (0); 2952 } 2953 2954 static int 2955 strcopyout_strioctl(void *from, void *to, int flag, int copyflag) 2956 { 2957 struct strioctl32 strioc32; 2958 struct strioctl *striocp; 2959 2960 if (copyflag & U_TO_K) { 2961 ASSERT((copyflag & K_TO_K) == 0); 2962 2963 if ((flag & FMODELS) == DATAMODEL_ILP32) { 2964 striocp = (struct strioctl *)from; 2965 strioc32.ic_cmd = striocp->ic_cmd; 2966 strioc32.ic_timout = striocp->ic_timout; 2967 strioc32.ic_len = striocp->ic_len; 2968 strioc32.ic_dp = (caddr32_t)(uintptr_t)striocp->ic_dp; 2969 ASSERT((char *)(uintptr_t)strioc32.ic_dp == 2970 striocp->ic_dp); 2971 2972 if (copyout(&strioc32, to, sizeof (strioc32))) 2973 return (EFAULT); 2974 2975 } else { /* NATIVE data model */ 2976 if (copyout(from, to, sizeof (struct strioctl))) { 2977 return (EFAULT); 2978 } else { 2979 return (0); 2980 } 2981 } 2982 } else { 2983 ASSERT(copyflag & K_TO_K); 2984 bcopy(from, to, sizeof (struct strioctl)); 2985 } 2986 return (0); 2987 } 2988 2989 #else /* ! _LP64 */ 2990 2991 /* ARGSUSED2 */ 2992 static int 2993 strcopyin_strioctl(void *from, void *to, int flag, int copyflag) 2994 { 2995 return (strcopyin(from, to, sizeof (struct strioctl), copyflag)); 2996 } 2997 2998 /* ARGSUSED2 */ 2999 static int 3000 strcopyout_strioctl(void *from, void *to, int flag, int copyflag) 3001 { 3002 return (strcopyout(from, to, sizeof (struct strioctl), copyflag)); 3003 } 3004 3005 #endif /* _LP64 */ 3006 3007 /* 3008 * Determine type of job control semantics expected by user. The 3009 * possibilities are: 3010 * JCREAD - Behaves like read() on fd; send SIGTTIN 3011 * JCWRITE - Behaves like write() on fd; send SIGTTOU if TOSTOP set 3012 * JCSETP - Sets a value in the stream; send SIGTTOU, ignore TOSTOP 3013 * JCGETP - Gets a value in the stream; no signals. 3014 * See straccess in strsubr.c for usage of these values. 3015 * 3016 * This routine also returns -1 for I_STR as a special case; the 3017 * caller must call again with the real ioctl number for 3018 * classification. 3019 */ 3020 static int 3021 job_control_type(int cmd) 3022 { 3023 switch (cmd) { 3024 case I_STR: 3025 return (-1); 3026 3027 case I_RECVFD: 3028 case I_E_RECVFD: 3029 return (JCREAD); 3030 3031 case I_FDINSERT: 3032 case I_SENDFD: 3033 return (JCWRITE); 3034 3035 case TCSETA: 3036 case TCSETAW: 3037 case TCSETAF: 3038 case TCSBRK: 3039 case TCXONC: 3040 case TCFLSH: 3041 case TCDSET: /* Obsolete */ 3042 case TIOCSWINSZ: 3043 case TCSETS: 3044 case TCSETSW: 3045 case TCSETSF: 3046 case TIOCSETD: 3047 case TIOCHPCL: 3048 case TIOCSETP: 3049 case TIOCSETN: 3050 case TIOCEXCL: 3051 case TIOCNXCL: 3052 case TIOCFLUSH: 3053 case TIOCSETC: 3054 case TIOCLBIS: 3055 case TIOCLBIC: 3056 case TIOCLSET: 3057 case TIOCSBRK: 3058 case TIOCCBRK: 3059 case TIOCSDTR: 3060 case TIOCCDTR: 3061 case TIOCSLTC: 3062 case TIOCSTOP: 3063 case TIOCSTART: 3064 case TIOCSTI: 3065 case TIOCSPGRP: 3066 case TIOCMSET: 3067 case TIOCMBIS: 3068 case TIOCMBIC: 3069 case TIOCREMOTE: 3070 case TIOCSIGNAL: 3071 case LDSETT: 3072 case LDSMAP: /* Obsolete */ 3073 case DIOCSETP: 3074 case I_FLUSH: 3075 case I_SRDOPT: 3076 case I_SETSIG: 3077 case I_SWROPT: 3078 case I_FLUSHBAND: 3079 case I_SETCLTIME: 3080 case I_SERROPT: 3081 case I_ESETSIG: 3082 case FIONBIO: 3083 case FIOASYNC: 3084 case FIOSETOWN: 3085 case JBOOT: /* Obsolete */ 3086 case JTERM: /* Obsolete */ 3087 case JTIMOM: /* Obsolete */ 3088 case JZOMBOOT: /* Obsolete */ 3089 case JAGENT: /* Obsolete */ 3090 case JTRUN: /* Obsolete */ 3091 case JXTPROTO: /* Obsolete */ 3092 case TIOCSETLD: 3093 return (JCSETP); 3094 } 3095 3096 return (JCGETP); 3097 } 3098 3099 /* 3100 * ioctl for streams 3101 */ 3102 int 3103 strioctl(struct vnode *vp, int cmd, intptr_t arg, int flag, int copyflag, 3104 cred_t *crp, int *rvalp) 3105 { 3106 struct stdata *stp; 3107 struct strioctl strioc; 3108 struct uio uio; 3109 struct iovec iov; 3110 int access; 3111 mblk_t *mp; 3112 int error = 0; 3113 int done = 0; 3114 ssize_t rmin, rmax; 3115 queue_t *wrq; 3116 queue_t *rdq; 3117 boolean_t kioctl = B_FALSE; 3118 3119 if (flag & FKIOCTL) { 3120 copyflag = K_TO_K; 3121 kioctl = B_TRUE; 3122 } 3123 ASSERT(vp->v_stream); 3124 ASSERT(copyflag == U_TO_K || copyflag == K_TO_K); 3125 stp = vp->v_stream; 3126 3127 TRACE_3(TR_FAC_STREAMS_FR, TR_IOCTL_ENTER, 3128 "strioctl:stp %p cmd %X arg %lX", stp, cmd, arg); 3129 3130 #ifdef C2_AUDIT 3131 if (audit_active) 3132 audit_strioctl(vp, cmd, arg, flag, copyflag, crp, rvalp); 3133 #endif 3134 3135 /* 3136 * If the copy is kernel to kernel, make sure that the FNATIVE 3137 * flag is set. After this it would be a serious error to have 3138 * no model flag. 3139 */ 3140 if (copyflag == K_TO_K) 3141 flag = (flag & ~FMODELS) | FNATIVE; 3142 3143 ASSERT((flag & FMODELS) != 0); 3144 3145 wrq = stp->sd_wrq; 3146 rdq = _RD(wrq); 3147 3148 access = job_control_type(cmd); 3149 3150 /* We should never see these here, should be handled by iwscn */ 3151 if (cmd == SRIOCSREDIR || cmd == SRIOCISREDIR) 3152 return (EINVAL); 3153 3154 mutex_enter(&stp->sd_lock); 3155 if ((access != -1) && ((error = i_straccess(stp, access)) != 0)) { 3156 mutex_exit(&stp->sd_lock); 3157 return (error); 3158 } 3159 mutex_exit(&stp->sd_lock); 3160 3161 /* 3162 * Check for sgttyb-related ioctls first, and complain as 3163 * necessary. 3164 */ 3165 switch (cmd) { 3166 case TIOCGETP: 3167 case TIOCSETP: 3168 case TIOCSETN: 3169 if (sgttyb_handling >= 2 && !sgttyb_complaint) { 3170 sgttyb_complaint = B_TRUE; 3171 cmn_err(CE_NOTE, 3172 "application used obsolete TIOC[GS]ET"); 3173 } 3174 if (sgttyb_handling >= 3) { 3175 tsignal(curthread, SIGSYS); 3176 return (EIO); 3177 } 3178 break; 3179 } 3180 3181 mutex_enter(&stp->sd_lock); 3182 3183 switch (cmd) { 3184 case I_RECVFD: 3185 case I_E_RECVFD: 3186 case I_PEEK: 3187 case I_NREAD: 3188 case FIONREAD: 3189 case FIORDCHK: 3190 case I_ATMARK: 3191 case FIONBIO: 3192 case FIOASYNC: 3193 if (stp->sd_flag & (STRDERR|STPLEX)) { 3194 error = strgeterr(stp, STRDERR|STPLEX, 0); 3195 if (error != 0) { 3196 mutex_exit(&stp->sd_lock); 3197 return (error); 3198 } 3199 } 3200 break; 3201 3202 default: 3203 if (stp->sd_flag & (STRDERR|STWRERR|STPLEX)) { 3204 error = strgeterr(stp, STRDERR|STWRERR|STPLEX, 0); 3205 if (error != 0) { 3206 mutex_exit(&stp->sd_lock); 3207 return (error); 3208 } 3209 } 3210 } 3211 3212 mutex_exit(&stp->sd_lock); 3213 3214 switch (cmd) { 3215 default: 3216 /* 3217 * The stream head has hardcoded knowledge of a 3218 * miscellaneous collection of terminal-, keyboard- and 3219 * mouse-related ioctls, enumerated below. This hardcoded 3220 * knowledge allows the stream head to automatically 3221 * convert transparent ioctl requests made by userland 3222 * programs into I_STR ioctls which many old STREAMS 3223 * modules and drivers require. 3224 * 3225 * No new ioctls should ever be added to this list. 3226 * Instead, the STREAMS module or driver should be written 3227 * to either handle transparent ioctls or require any 3228 * userland programs to use I_STR ioctls (by returning 3229 * EINVAL to any transparent ioctl requests). 3230 * 3231 * More importantly, removing ioctls from this list should 3232 * be done with the utmost care, since our STREAMS modules 3233 * and drivers *count* on the stream head performing this 3234 * conversion, and thus may panic while processing 3235 * transparent ioctl request for one of these ioctls (keep 3236 * in mind that third party modules and drivers may have 3237 * similar problems). 3238 */ 3239 if (((cmd & IOCTYPE) == LDIOC) || 3240 ((cmd & IOCTYPE) == tIOC) || 3241 ((cmd & IOCTYPE) == TIOC) || 3242 ((cmd & IOCTYPE) == KIOC) || 3243 ((cmd & IOCTYPE) == MSIOC) || 3244 ((cmd & IOCTYPE) == VUIOC)) { 3245 /* 3246 * The ioctl is a tty ioctl - set up strioc buffer 3247 * and call strdoioctl() to do the work. 3248 */ 3249 if (stp->sd_flag & STRHUP) 3250 return (ENXIO); 3251 strioc.ic_cmd = cmd; 3252 strioc.ic_timout = INFTIM; 3253 3254 switch (cmd) { 3255 3256 case TCXONC: 3257 case TCSBRK: 3258 case TCFLSH: 3259 case TCDSET: 3260 { 3261 int native_arg = (int)arg; 3262 strioc.ic_len = sizeof (int); 3263 strioc.ic_dp = (char *)&native_arg; 3264 return (strdoioctl(stp, &strioc, flag, 3265 K_TO_K, crp, rvalp)); 3266 } 3267 3268 case TCSETA: 3269 case TCSETAW: 3270 case TCSETAF: 3271 strioc.ic_len = sizeof (struct termio); 3272 strioc.ic_dp = (char *)arg; 3273 return (strdoioctl(stp, &strioc, flag, 3274 copyflag, crp, rvalp)); 3275 3276 case TCSETS: 3277 case TCSETSW: 3278 case TCSETSF: 3279 strioc.ic_len = sizeof (struct termios); 3280 strioc.ic_dp = (char *)arg; 3281 return (strdoioctl(stp, &strioc, flag, 3282 copyflag, crp, rvalp)); 3283 3284 case LDSETT: 3285 strioc.ic_len = sizeof (struct termcb); 3286 strioc.ic_dp = (char *)arg; 3287 return (strdoioctl(stp, &strioc, flag, 3288 copyflag, crp, rvalp)); 3289 3290 case TIOCSETP: 3291 strioc.ic_len = sizeof (struct sgttyb); 3292 strioc.ic_dp = (char *)arg; 3293 return (strdoioctl(stp, &strioc, flag, 3294 copyflag, crp, rvalp)); 3295 3296 case TIOCSTI: 3297 if ((flag & FREAD) == 0 && 3298 secpolicy_sti(crp) != 0) { 3299 return (EPERM); 3300 } 3301 mutex_enter(&stp->sd_lock); 3302 mutex_enter(&curproc->p_splock); 3303 if (stp->sd_sidp != curproc->p_sessp->s_sidp && 3304 secpolicy_sti(crp) != 0) { 3305 mutex_exit(&curproc->p_splock); 3306 mutex_exit(&stp->sd_lock); 3307 return (EACCES); 3308 } 3309 mutex_exit(&curproc->p_splock); 3310 mutex_exit(&stp->sd_lock); 3311 3312 strioc.ic_len = sizeof (char); 3313 strioc.ic_dp = (char *)arg; 3314 return (strdoioctl(stp, &strioc, flag, 3315 copyflag, crp, rvalp)); 3316 3317 case TIOCSWINSZ: 3318 strioc.ic_len = sizeof (struct winsize); 3319 strioc.ic_dp = (char *)arg; 3320 return (strdoioctl(stp, &strioc, flag, 3321 copyflag, crp, rvalp)); 3322 3323 case TIOCSSIZE: 3324 strioc.ic_len = sizeof (struct ttysize); 3325 strioc.ic_dp = (char *)arg; 3326 return (strdoioctl(stp, &strioc, flag, 3327 copyflag, crp, rvalp)); 3328 3329 case TIOCSSOFTCAR: 3330 case KIOCTRANS: 3331 case KIOCTRANSABLE: 3332 case KIOCCMD: 3333 case KIOCSDIRECT: 3334 case KIOCSCOMPAT: 3335 case KIOCSKABORTEN: 3336 case KIOCSRPTDELAY: 3337 case KIOCSRPTRATE: 3338 case VUIDSFORMAT: 3339 case TIOCSPPS: 3340 strioc.ic_len = sizeof (int); 3341 strioc.ic_dp = (char *)arg; 3342 return (strdoioctl(stp, &strioc, flag, 3343 copyflag, crp, rvalp)); 3344 3345 case KIOCSETKEY: 3346 case KIOCGETKEY: 3347 strioc.ic_len = sizeof (struct kiockey); 3348 strioc.ic_dp = (char *)arg; 3349 return (strdoioctl(stp, &strioc, flag, 3350 copyflag, crp, rvalp)); 3351 3352 case KIOCSKEY: 3353 case KIOCGKEY: 3354 strioc.ic_len = sizeof (struct kiockeymap); 3355 strioc.ic_dp = (char *)arg; 3356 return (strdoioctl(stp, &strioc, flag, 3357 copyflag, crp, rvalp)); 3358 3359 case KIOCSLED: 3360 /* arg is a pointer to char */ 3361 strioc.ic_len = sizeof (char); 3362 strioc.ic_dp = (char *)arg; 3363 return (strdoioctl(stp, &strioc, flag, 3364 copyflag, crp, rvalp)); 3365 3366 case MSIOSETPARMS: 3367 strioc.ic_len = sizeof (Ms_parms); 3368 strioc.ic_dp = (char *)arg; 3369 return (strdoioctl(stp, &strioc, flag, 3370 copyflag, crp, rvalp)); 3371 3372 case VUIDSADDR: 3373 case VUIDGADDR: 3374 strioc.ic_len = sizeof (struct vuid_addr_probe); 3375 strioc.ic_dp = (char *)arg; 3376 return (strdoioctl(stp, &strioc, flag, 3377 copyflag, crp, rvalp)); 3378 3379 /* 3380 * These M_IOCTL's don't require any data to be sent 3381 * downstream, and the driver will allocate and link 3382 * on its own mblk_t upon M_IOCACK -- thus we set 3383 * ic_len to zero and set ic_dp to arg so we know 3384 * where to copyout to later. 3385 */ 3386 case TIOCGSOFTCAR: 3387 case TIOCGWINSZ: 3388 case TIOCGSIZE: 3389 case KIOCGTRANS: 3390 case KIOCGTRANSABLE: 3391 case KIOCTYPE: 3392 case KIOCGDIRECT: 3393 case KIOCGCOMPAT: 3394 case KIOCLAYOUT: 3395 case KIOCGLED: 3396 case MSIOGETPARMS: 3397 case MSIOBUTTONS: 3398 case VUIDGFORMAT: 3399 case TIOCGPPS: 3400 case TIOCGPPSEV: 3401 case TCGETA: 3402 case TCGETS: 3403 case LDGETT: 3404 case TIOCGETP: 3405 case KIOCGRPTDELAY: 3406 case KIOCGRPTRATE: 3407 strioc.ic_len = 0; 3408 strioc.ic_dp = (char *)arg; 3409 return (strdoioctl(stp, &strioc, flag, 3410 copyflag, crp, rvalp)); 3411 } 3412 } 3413 3414 /* 3415 * Unknown cmd - send it down as a transparent ioctl. 3416 */ 3417 strioc.ic_cmd = cmd; 3418 strioc.ic_timout = INFTIM; 3419 strioc.ic_len = TRANSPARENT; 3420 strioc.ic_dp = (char *)&arg; 3421 3422 return (strdoioctl(stp, &strioc, flag, copyflag, crp, rvalp)); 3423 3424 case I_STR: 3425 /* 3426 * Stream ioctl. Read in an strioctl buffer from the user 3427 * along with any data specified and send it downstream. 3428 * Strdoioctl will wait allow only one ioctl message at 3429 * a time, and waits for the acknowledgement. 3430 */ 3431 3432 if (stp->sd_flag & STRHUP) 3433 return (ENXIO); 3434 3435 error = strcopyin_strioctl((void *)arg, &strioc, flag, 3436 copyflag); 3437 if (error != 0) 3438 return (error); 3439 3440 if ((strioc.ic_len < 0) || (strioc.ic_timout < -1)) 3441 return (EINVAL); 3442 3443 access = job_control_type(strioc.ic_cmd); 3444 mutex_enter(&stp->sd_lock); 3445 if ((access != -1) && 3446 ((error = i_straccess(stp, access)) != 0)) { 3447 mutex_exit(&stp->sd_lock); 3448 return (error); 3449 } 3450 mutex_exit(&stp->sd_lock); 3451 3452 /* 3453 * The I_STR facility provides a trap door for malicious 3454 * code to send down bogus streamio(7I) ioctl commands to 3455 * unsuspecting STREAMS modules and drivers which expect to 3456 * only get these messages from the stream head. 3457 * Explicitly prohibit any streamio ioctls which can be 3458 * passed downstream by the stream head. Note that we do 3459 * not block all streamio ioctls because the ioctl 3460 * numberspace is not well managed and thus it's possible 3461 * that a module or driver's ioctl numbers may accidentally 3462 * collide with them. 3463 */ 3464 switch (strioc.ic_cmd) { 3465 case I_LINK: 3466 case I_PLINK: 3467 case I_UNLINK: 3468 case I_PUNLINK: 3469 case _I_GETPEERCRED: 3470 case _I_PLINK_LH: 3471 return (EINVAL); 3472 } 3473 3474 error = strdoioctl(stp, &strioc, flag, copyflag, crp, rvalp); 3475 if (error == 0) { 3476 error = strcopyout_strioctl(&strioc, (void *)arg, 3477 flag, copyflag); 3478 } 3479 return (error); 3480 3481 case I_NREAD: 3482 /* 3483 * Return number of bytes of data in first message 3484 * in queue in "arg" and return the number of messages 3485 * in queue in return value. 3486 */ 3487 { 3488 size_t size; 3489 int retval; 3490 int count = 0; 3491 3492 mutex_enter(QLOCK(rdq)); 3493 3494 size = msgdsize(rdq->q_first); 3495 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3496 count++; 3497 3498 mutex_exit(QLOCK(rdq)); 3499 if (stp->sd_struiordq) { 3500 infod_t infod; 3501 3502 infod.d_cmd = INFOD_COUNT; 3503 infod.d_count = 0; 3504 if (count == 0) { 3505 infod.d_cmd |= INFOD_FIRSTBYTES; 3506 infod.d_bytes = 0; 3507 } 3508 infod.d_res = 0; 3509 (void) infonext(rdq, &infod); 3510 count += infod.d_count; 3511 if (infod.d_res & INFOD_FIRSTBYTES) 3512 size = infod.d_bytes; 3513 } 3514 3515 /* 3516 * Drop down from size_t to the "int" required by the 3517 * interface. Cap at INT_MAX. 3518 */ 3519 retval = MIN(size, INT_MAX); 3520 error = strcopyout(&retval, (void *)arg, sizeof (retval), 3521 copyflag); 3522 if (!error) 3523 *rvalp = count; 3524 return (error); 3525 } 3526 3527 case FIONREAD: 3528 /* 3529 * Return number of bytes of data in all data messages 3530 * in queue in "arg". 3531 */ 3532 { 3533 size_t size = 0; 3534 int retval; 3535 3536 mutex_enter(QLOCK(rdq)); 3537 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3538 size += msgdsize(mp); 3539 mutex_exit(QLOCK(rdq)); 3540 3541 if (stp->sd_struiordq) { 3542 infod_t infod; 3543 3544 infod.d_cmd = INFOD_BYTES; 3545 infod.d_res = 0; 3546 infod.d_bytes = 0; 3547 (void) infonext(rdq, &infod); 3548 size += infod.d_bytes; 3549 } 3550 3551 /* 3552 * Drop down from size_t to the "int" required by the 3553 * interface. Cap at INT_MAX. 3554 */ 3555 retval = MIN(size, INT_MAX); 3556 error = strcopyout(&retval, (void *)arg, sizeof (retval), 3557 copyflag); 3558 3559 *rvalp = 0; 3560 return (error); 3561 } 3562 case FIORDCHK: 3563 /* 3564 * FIORDCHK does not use arg value (like FIONREAD), 3565 * instead a count is returned. I_NREAD value may 3566 * not be accurate but safe. The real thing to do is 3567 * to add the msgdsizes of all data messages until 3568 * a non-data message. 3569 */ 3570 { 3571 size_t size = 0; 3572 3573 mutex_enter(QLOCK(rdq)); 3574 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 3575 size += msgdsize(mp); 3576 mutex_exit(QLOCK(rdq)); 3577 3578 if (stp->sd_struiordq) { 3579 infod_t infod; 3580 3581 infod.d_cmd = INFOD_BYTES; 3582 infod.d_res = 0; 3583 infod.d_bytes = 0; 3584 (void) infonext(rdq, &infod); 3585 size += infod.d_bytes; 3586 } 3587 3588 /* 3589 * Since ioctl returns an int, and memory sizes under 3590 * LP64 may not fit, we return INT_MAX if the count was 3591 * actually greater. 3592 */ 3593 *rvalp = MIN(size, INT_MAX); 3594 return (0); 3595 } 3596 3597 case I_FIND: 3598 /* 3599 * Get module name. 3600 */ 3601 { 3602 char mname[FMNAMESZ + 1]; 3603 queue_t *q; 3604 3605 error = (copyflag & U_TO_K ? copyinstr : copystr)((void *)arg, 3606 mname, FMNAMESZ + 1, NULL); 3607 if (error) 3608 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3609 3610 /* 3611 * Return EINVAL if we're handed a bogus module name. 3612 */ 3613 if (fmodsw_find(mname, FMODSW_LOAD) == NULL) { 3614 TRACE_0(TR_FAC_STREAMS_FR, 3615 TR_I_CANT_FIND, "couldn't I_FIND"); 3616 return (EINVAL); 3617 } 3618 3619 *rvalp = 0; 3620 3621 /* Look downstream to see if module is there. */ 3622 claimstr(stp->sd_wrq); 3623 for (q = stp->sd_wrq->q_next; q; q = q->q_next) { 3624 if (q->q_flag&QREADR) { 3625 q = NULL; 3626 break; 3627 } 3628 if (strcmp(mname, q->q_qinfo->qi_minfo->mi_idname) == 0) 3629 break; 3630 } 3631 releasestr(stp->sd_wrq); 3632 3633 *rvalp = (q ? 1 : 0); 3634 return (error); 3635 } 3636 3637 case I_PUSH: 3638 case __I_PUSH_NOCTTY: 3639 /* 3640 * Push a module. 3641 * For the case __I_PUSH_NOCTTY push a module but 3642 * do not allocate controlling tty. See bugid 4025044 3643 */ 3644 3645 { 3646 char mname[FMNAMESZ + 1]; 3647 fmodsw_impl_t *fp; 3648 dev_t dummydev; 3649 3650 if (stp->sd_flag & STRHUP) 3651 return (ENXIO); 3652 3653 /* 3654 * Get module name and look up in fmodsw. 3655 */ 3656 error = (copyflag & U_TO_K ? copyinstr : copystr)((void *)arg, 3657 mname, FMNAMESZ + 1, NULL); 3658 if (error) 3659 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3660 3661 if ((fp = fmodsw_find(mname, FMODSW_HOLD | FMODSW_LOAD)) == 3662 NULL) 3663 return (EINVAL); 3664 3665 TRACE_2(TR_FAC_STREAMS_FR, TR_I_PUSH, 3666 "I_PUSH:fp %p stp %p", fp, stp); 3667 3668 if (error = strstartplumb(stp, flag, cmd)) { 3669 fmodsw_rele(fp); 3670 return (error); 3671 } 3672 3673 /* 3674 * See if any more modules can be pushed on this stream. 3675 * Note that this check must be done after strstartplumb() 3676 * since otherwise multiple threads issuing I_PUSHes on 3677 * the same stream will be able to exceed nstrpush. 3678 */ 3679 mutex_enter(&stp->sd_lock); 3680 if (stp->sd_pushcnt >= nstrpush) { 3681 fmodsw_rele(fp); 3682 strendplumb(stp); 3683 mutex_exit(&stp->sd_lock); 3684 return (EINVAL); 3685 } 3686 mutex_exit(&stp->sd_lock); 3687 3688 /* 3689 * Push new module and call its open routine 3690 * via qattach(). Modules don't change device 3691 * numbers, so just ignore dummydev here. 3692 */ 3693 dummydev = vp->v_rdev; 3694 if ((error = qattach(rdq, &dummydev, 0, crp, fp, 3695 B_FALSE)) == 0) { 3696 if (vp->v_type == VCHR && /* sorry, no pipes allowed */ 3697 (cmd == I_PUSH) && (stp->sd_flag & STRISTTY)) { 3698 /* 3699 * try to allocate it as a controlling terminal 3700 */ 3701 (void) strctty(stp); 3702 } 3703 } 3704 3705 mutex_enter(&stp->sd_lock); 3706 3707 /* 3708 * As a performance concern we are caching the values of 3709 * q_minpsz and q_maxpsz of the module below the stream 3710 * head in the stream head. 3711 */ 3712 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 3713 rmin = stp->sd_wrq->q_next->q_minpsz; 3714 rmax = stp->sd_wrq->q_next->q_maxpsz; 3715 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 3716 3717 /* Do this processing here as a performance concern */ 3718 if (strmsgsz != 0) { 3719 if (rmax == INFPSZ) 3720 rmax = strmsgsz; 3721 else { 3722 if (vp->v_type == VFIFO) 3723 rmax = MIN(PIPE_BUF, rmax); 3724 else rmax = MIN(strmsgsz, rmax); 3725 } 3726 } 3727 3728 mutex_enter(QLOCK(wrq)); 3729 stp->sd_qn_minpsz = rmin; 3730 stp->sd_qn_maxpsz = rmax; 3731 mutex_exit(QLOCK(wrq)); 3732 3733 strendplumb(stp); 3734 mutex_exit(&stp->sd_lock); 3735 return (error); 3736 } 3737 3738 case I_POP: 3739 { 3740 queue_t *q; 3741 3742 if (stp->sd_flag & STRHUP) 3743 return (ENXIO); 3744 if (!wrq->q_next) /* for broken pipes */ 3745 return (EINVAL); 3746 3747 if (error = strstartplumb(stp, flag, cmd)) 3748 return (error); 3749 3750 /* 3751 * If there is an anchor on this stream and popping 3752 * the current module would attempt to pop through the 3753 * anchor, then disallow the pop unless we have sufficient 3754 * privileges; take the cheapest (non-locking) check 3755 * first. 3756 */ 3757 if (secpolicy_net_config(crp, B_TRUE) != 0) { 3758 mutex_enter(&stp->sd_lock); 3759 /* 3760 * Anchors only apply if there's at least one 3761 * module on the stream (sd_pushcnt > 0). 3762 */ 3763 if (stp->sd_pushcnt > 0 && 3764 stp->sd_pushcnt == stp->sd_anchor && 3765 stp->sd_vnode->v_type != VFIFO) { 3766 strendplumb(stp); 3767 mutex_exit(&stp->sd_lock); 3768 /* Audit and report error */ 3769 return (secpolicy_net_config(crp, B_FALSE)); 3770 } 3771 mutex_exit(&stp->sd_lock); 3772 } 3773 3774 q = wrq->q_next; 3775 TRACE_2(TR_FAC_STREAMS_FR, TR_I_POP, 3776 "I_POP:%p from %p", q, stp); 3777 if (q->q_next == NULL || (q->q_flag & (QREADR|QISDRV))) { 3778 error = EINVAL; 3779 } else { 3780 qdetach(_RD(q), 1, flag, crp, B_FALSE); 3781 error = 0; 3782 } 3783 mutex_enter(&stp->sd_lock); 3784 3785 /* 3786 * As a performance concern we are caching the values of 3787 * q_minpsz and q_maxpsz of the module below the stream 3788 * head in the stream head. 3789 */ 3790 mutex_enter(QLOCK(wrq->q_next)); 3791 rmin = wrq->q_next->q_minpsz; 3792 rmax = wrq->q_next->q_maxpsz; 3793 mutex_exit(QLOCK(wrq->q_next)); 3794 3795 /* Do this processing here as a performance concern */ 3796 if (strmsgsz != 0) { 3797 if (rmax == INFPSZ) 3798 rmax = strmsgsz; 3799 else { 3800 if (vp->v_type == VFIFO) 3801 rmax = MIN(PIPE_BUF, rmax); 3802 else rmax = MIN(strmsgsz, rmax); 3803 } 3804 } 3805 3806 mutex_enter(QLOCK(wrq)); 3807 stp->sd_qn_minpsz = rmin; 3808 stp->sd_qn_maxpsz = rmax; 3809 mutex_exit(QLOCK(wrq)); 3810 3811 /* If we popped through the anchor, then reset the anchor. */ 3812 if (stp->sd_pushcnt < stp->sd_anchor) 3813 stp->sd_anchor = 0; 3814 3815 strendplumb(stp); 3816 mutex_exit(&stp->sd_lock); 3817 return (error); 3818 } 3819 3820 case _I_MUXID2FD: 3821 { 3822 /* 3823 * Create a fd for a I_PLINK'ed lower stream with a given 3824 * muxid. With the fd, application can send down ioctls, 3825 * like I_LIST, to the previously I_PLINK'ed stream. Note 3826 * that after getting the fd, the application has to do an 3827 * I_PUNLINK on the muxid before it can do any operation 3828 * on the lower stream. This is required by spec1170. 3829 * 3830 * The fd used to do this ioctl should point to the same 3831 * controlling device used to do the I_PLINK. If it uses 3832 * a different stream or an invalid muxid, I_MUXID2FD will 3833 * fail. The error code is set to EINVAL. 3834 * 3835 * The intended use of this interface is the following. 3836 * An application I_PLINK'ed a stream and exits. The fd 3837 * to the lower stream is gone. Another application 3838 * wants to get a fd to the lower stream, it uses I_MUXID2FD. 3839 */ 3840 int muxid = (int)arg; 3841 int fd; 3842 linkinfo_t *linkp; 3843 struct file *fp; 3844 3845 /* 3846 * Do not allow the wildcard muxid. This ioctl is not 3847 * intended to find arbitrary link. 3848 */ 3849 if (muxid == 0) { 3850 return (EINVAL); 3851 } 3852 3853 mutex_enter(&muxifier); 3854 linkp = findlinks(vp->v_stream, muxid, LINKPERSIST); 3855 if (linkp == NULL) { 3856 mutex_exit(&muxifier); 3857 return (EINVAL); 3858 } 3859 3860 if ((fd = ufalloc(0)) == -1) { 3861 mutex_exit(&muxifier); 3862 return (EMFILE); 3863 } 3864 fp = linkp->li_fpdown; 3865 mutex_enter(&fp->f_tlock); 3866 fp->f_count++; 3867 mutex_exit(&fp->f_tlock); 3868 mutex_exit(&muxifier); 3869 setf(fd, fp); 3870 *rvalp = fd; 3871 return (0); 3872 } 3873 3874 case _I_INSERT: 3875 { 3876 /* 3877 * To insert a module to a given position in a stream. 3878 * In the first release, only allow privileged user 3879 * to use this ioctl. 3880 * 3881 * Note that we do not plan to support this ioctl 3882 * on pipes in the first release. We want to learn more 3883 * about the implications of these ioctls before extending 3884 * their support. And we do not think these features are 3885 * valuable for pipes. 3886 * 3887 * Neither do we support O/C hot stream. Note that only 3888 * the upper streams of TCP/IP stack are O/C hot streams. 3889 * The lower IP stream is not. 3890 * When there is a O/C cold barrier, we only allow inserts 3891 * above the barrier. 3892 */ 3893 STRUCT_DECL(strmodconf, strmodinsert); 3894 char mod_name[FMNAMESZ + 1]; 3895 fmodsw_impl_t *fp; 3896 dev_t dummydev; 3897 queue_t *tmp_wrq; 3898 int pos; 3899 boolean_t is_insert; 3900 3901 STRUCT_INIT(strmodinsert, flag); 3902 if (stp->sd_flag & STRHUP) 3903 return (ENXIO); 3904 if (STRMATED(stp)) 3905 return (EINVAL); 3906 if ((error = secpolicy_net_config(crp, B_FALSE)) != 0) 3907 return (error); 3908 3909 error = strcopyin((void *)arg, STRUCT_BUF(strmodinsert), 3910 STRUCT_SIZE(strmodinsert), copyflag); 3911 if (error) 3912 return (error); 3913 3914 /* 3915 * Get module name and look up in fmodsw. 3916 */ 3917 error = (copyflag & U_TO_K ? copyinstr : 3918 copystr)(STRUCT_FGETP(strmodinsert, mod_name), 3919 mod_name, FMNAMESZ + 1, NULL); 3920 if (error) 3921 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 3922 3923 if ((fp = fmodsw_find(mod_name, FMODSW_HOLD | FMODSW_LOAD)) == 3924 NULL) 3925 return (EINVAL); 3926 3927 if (error = strstartplumb(stp, flag, cmd)) { 3928 fmodsw_rele(fp); 3929 return (error); 3930 } 3931 3932 /* 3933 * Is this _I_INSERT just like an I_PUSH? We need to know 3934 * this because we do some optimizations if this is a 3935 * module being pushed. 3936 */ 3937 pos = STRUCT_FGET(strmodinsert, pos); 3938 is_insert = (pos != 0); 3939 3940 /* 3941 * Make sure pos is valid. Even though it is not an I_PUSH, 3942 * we impose the same limit on the number of modules in a 3943 * stream. 3944 */ 3945 mutex_enter(&stp->sd_lock); 3946 if (stp->sd_pushcnt >= nstrpush || pos < 0 || 3947 pos > stp->sd_pushcnt) { 3948 fmodsw_rele(fp); 3949 strendplumb(stp); 3950 mutex_exit(&stp->sd_lock); 3951 return (EINVAL); 3952 } 3953 mutex_exit(&stp->sd_lock); 3954 3955 /* 3956 * First find the correct position this module to 3957 * be inserted. We don't need to call claimstr() 3958 * as the stream should not be changing at this point. 3959 * 3960 * Insert new module and call its open routine 3961 * via qattach(). Modules don't change device 3962 * numbers, so just ignore dummydev here. 3963 */ 3964 for (tmp_wrq = stp->sd_wrq; pos > 0; 3965 tmp_wrq = tmp_wrq->q_next, pos--) { 3966 ASSERT(SAMESTR(tmp_wrq)); 3967 } 3968 dummydev = vp->v_rdev; 3969 if ((error = qattach(_RD(tmp_wrq), &dummydev, 0, crp, 3970 fp, is_insert)) != 0) { 3971 mutex_enter(&stp->sd_lock); 3972 strendplumb(stp); 3973 mutex_exit(&stp->sd_lock); 3974 return (error); 3975 } 3976 3977 mutex_enter(&stp->sd_lock); 3978 3979 /* 3980 * As a performance concern we are caching the values of 3981 * q_minpsz and q_maxpsz of the module below the stream 3982 * head in the stream head. 3983 */ 3984 if (!is_insert) { 3985 mutex_enter(QLOCK(stp->sd_wrq->q_next)); 3986 rmin = stp->sd_wrq->q_next->q_minpsz; 3987 rmax = stp->sd_wrq->q_next->q_maxpsz; 3988 mutex_exit(QLOCK(stp->sd_wrq->q_next)); 3989 3990 /* Do this processing here as a performance concern */ 3991 if (strmsgsz != 0) { 3992 if (rmax == INFPSZ) { 3993 rmax = strmsgsz; 3994 } else { 3995 rmax = MIN(strmsgsz, rmax); 3996 } 3997 } 3998 3999 mutex_enter(QLOCK(wrq)); 4000 stp->sd_qn_minpsz = rmin; 4001 stp->sd_qn_maxpsz = rmax; 4002 mutex_exit(QLOCK(wrq)); 4003 } 4004 4005 /* 4006 * Need to update the anchor value if this module is 4007 * inserted below the anchor point. 4008 */ 4009 if (stp->sd_anchor != 0) { 4010 pos = STRUCT_FGET(strmodinsert, pos); 4011 if (pos >= (stp->sd_pushcnt - stp->sd_anchor)) 4012 stp->sd_anchor++; 4013 } 4014 4015 strendplumb(stp); 4016 mutex_exit(&stp->sd_lock); 4017 return (0); 4018 } 4019 4020 case _I_REMOVE: 4021 { 4022 /* 4023 * To remove a module with a given name in a stream. The 4024 * caller of this ioctl needs to provide both the name and 4025 * the position of the module to be removed. This eliminates 4026 * the ambiguity of removal if a module is inserted/pushed 4027 * multiple times in a stream. In the first release, only 4028 * allow privileged user to use this ioctl. 4029 * 4030 * Note that we do not plan to support this ioctl 4031 * on pipes in the first release. We want to learn more 4032 * about the implications of these ioctls before extending 4033 * their support. And we do not think these features are 4034 * valuable for pipes. 4035 * 4036 * Neither do we support O/C hot stream. Note that only 4037 * the upper streams of TCP/IP stack are O/C hot streams. 4038 * The lower IP stream is not. 4039 * When there is a O/C cold barrier we do not allow removal 4040 * below the barrier. 4041 * 4042 * Also note that _I_REMOVE cannot be used to remove a 4043 * driver or the stream head. 4044 */ 4045 STRUCT_DECL(strmodconf, strmodremove); 4046 queue_t *q; 4047 int pos; 4048 char mod_name[FMNAMESZ + 1]; 4049 boolean_t is_remove; 4050 4051 STRUCT_INIT(strmodremove, flag); 4052 if (stp->sd_flag & STRHUP) 4053 return (ENXIO); 4054 if (STRMATED(stp)) 4055 return (EINVAL); 4056 if ((error = secpolicy_net_config(crp, B_FALSE)) != 0) 4057 return (error); 4058 4059 error = strcopyin((void *)arg, STRUCT_BUF(strmodremove), 4060 STRUCT_SIZE(strmodremove), copyflag); 4061 if (error) 4062 return (error); 4063 4064 error = (copyflag & U_TO_K ? copyinstr : 4065 copystr)(STRUCT_FGETP(strmodremove, mod_name), 4066 mod_name, FMNAMESZ + 1, NULL); 4067 if (error) 4068 return ((error == ENAMETOOLONG) ? EINVAL : EFAULT); 4069 4070 if ((error = strstartplumb(stp, flag, cmd)) != 0) 4071 return (error); 4072 4073 /* 4074 * Match the name of given module to the name of module at 4075 * the given position. 4076 */ 4077 pos = STRUCT_FGET(strmodremove, pos); 4078 4079 is_remove = (pos != 0); 4080 for (q = stp->sd_wrq->q_next; SAMESTR(q) && pos > 0; 4081 q = q->q_next, pos--) 4082 ; 4083 if (pos > 0 || ! SAMESTR(q) || 4084 strncmp(q->q_qinfo->qi_minfo->mi_idname, mod_name, 4085 strlen(q->q_qinfo->qi_minfo->mi_idname)) != 0) { 4086 mutex_enter(&stp->sd_lock); 4087 strendplumb(stp); 4088 mutex_exit(&stp->sd_lock); 4089 return (EINVAL); 4090 } 4091 4092 ASSERT(!(q->q_flag & QREADR)); 4093 qdetach(_RD(q), 1, flag, crp, is_remove); 4094 4095 mutex_enter(&stp->sd_lock); 4096 4097 /* 4098 * As a performance concern we are caching the values of 4099 * q_minpsz and q_maxpsz of the module below the stream 4100 * head in the stream head. 4101 */ 4102 if (!is_remove) { 4103 mutex_enter(QLOCK(wrq->q_next)); 4104 rmin = wrq->q_next->q_minpsz; 4105 rmax = wrq->q_next->q_maxpsz; 4106 mutex_exit(QLOCK(wrq->q_next)); 4107 4108 /* Do this processing here as a performance concern */ 4109 if (strmsgsz != 0) { 4110 if (rmax == INFPSZ) 4111 rmax = strmsgsz; 4112 else { 4113 if (vp->v_type == VFIFO) 4114 rmax = MIN(PIPE_BUF, rmax); 4115 else rmax = MIN(strmsgsz, rmax); 4116 } 4117 } 4118 4119 mutex_enter(QLOCK(wrq)); 4120 stp->sd_qn_minpsz = rmin; 4121 stp->sd_qn_maxpsz = rmax; 4122 mutex_exit(QLOCK(wrq)); 4123 } 4124 4125 /* 4126 * Need to update the anchor value if this module is removed 4127 * at or below the anchor point. If the removed module is at 4128 * the anchor point, remove the anchor for this stream if 4129 * there is no module above the anchor point. Otherwise, if 4130 * the removed module is below the anchor point, decrement the 4131 * anchor point by 1. 4132 */ 4133 if (stp->sd_anchor != 0) { 4134 pos = STRUCT_FGET(strmodremove, pos); 4135 if (pos == 0) 4136 stp->sd_anchor = 0; 4137 else if (pos > (stp->sd_pushcnt - stp->sd_anchor + 1)) 4138 stp->sd_anchor--; 4139 } 4140 4141 strendplumb(stp); 4142 mutex_exit(&stp->sd_lock); 4143 return (0); 4144 } 4145 4146 case I_ANCHOR: 4147 /* 4148 * Set the anchor position on the stream to reside at 4149 * the top module (in other words, the top module 4150 * cannot be popped). Anchors with a FIFO make no 4151 * obvious sense, so they're not allowed. 4152 */ 4153 mutex_enter(&stp->sd_lock); 4154 4155 if (stp->sd_vnode->v_type == VFIFO) { 4156 mutex_exit(&stp->sd_lock); 4157 return (EINVAL); 4158 } 4159 4160 stp->sd_anchor = stp->sd_pushcnt; 4161 4162 mutex_exit(&stp->sd_lock); 4163 return (0); 4164 4165 case I_LOOK: 4166 /* 4167 * Get name of first module downstream. 4168 * If no module, return an error. 4169 */ 4170 { 4171 claimstr(wrq); 4172 if (_SAMESTR(wrq) && wrq->q_next->q_next) { 4173 char *name = wrq->q_next->q_qinfo->qi_minfo->mi_idname; 4174 error = strcopyout(name, (void *)arg, strlen(name) + 1, 4175 copyflag); 4176 releasestr(wrq); 4177 return (error); 4178 } 4179 releasestr(wrq); 4180 return (EINVAL); 4181 } 4182 4183 case I_LINK: 4184 case I_PLINK: 4185 /* 4186 * Link a multiplexor. 4187 */ 4188 return (mlink(vp, cmd, (int)arg, crp, rvalp, 0)); 4189 4190 case _I_PLINK_LH: 4191 /* 4192 * Link a multiplexor: Call must originate from kernel. 4193 */ 4194 if (kioctl) 4195 return (ldi_mlink_lh(vp, cmd, arg, crp, rvalp)); 4196 4197 return (EINVAL); 4198 case I_UNLINK: 4199 case I_PUNLINK: 4200 /* 4201 * Unlink a multiplexor. 4202 * If arg is -1, unlink all links for which this is the 4203 * controlling stream. Otherwise, arg is an index number 4204 * for a link to be removed. 4205 */ 4206 { 4207 struct linkinfo *linkp; 4208 int native_arg = (int)arg; 4209 int type; 4210 4211 TRACE_1(TR_FAC_STREAMS_FR, 4212 TR_I_UNLINK, "I_UNLINK/I_PUNLINK:%p", stp); 4213 if (vp->v_type == VFIFO) { 4214 return (EINVAL); 4215 } 4216 if (cmd == I_UNLINK) 4217 type = LINKNORMAL; 4218 else /* I_PUNLINK */ 4219 type = LINKPERSIST; 4220 if (native_arg == 0) { 4221 return (EINVAL); 4222 } 4223 if (native_arg == MUXID_ALL) 4224 error = munlinkall(stp, type, crp, rvalp); 4225 else { 4226 mutex_enter(&muxifier); 4227 if (!(linkp = findlinks(stp, (int)arg, type))) { 4228 /* invalid user supplied index number */ 4229 mutex_exit(&muxifier); 4230 return (EINVAL); 4231 } 4232 /* munlink drops the muxifier lock */ 4233 error = munlink(stp, linkp, type, crp, rvalp); 4234 } 4235 return (error); 4236 } 4237 4238 case I_FLUSH: 4239 /* 4240 * send a flush message downstream 4241 * flush message can indicate 4242 * FLUSHR - flush read queue 4243 * FLUSHW - flush write queue 4244 * FLUSHRW - flush read/write queue 4245 */ 4246 if (stp->sd_flag & STRHUP) 4247 return (ENXIO); 4248 if (arg & ~FLUSHRW) 4249 return (EINVAL); 4250 4251 for (;;) { 4252 if (putnextctl1(stp->sd_wrq, M_FLUSH, (int)arg)) { 4253 break; 4254 } 4255 if (error = strwaitbuf(1, BPRI_HI)) { 4256 return (error); 4257 } 4258 } 4259 4260 /* 4261 * Send down an unsupported ioctl and wait for the nack 4262 * in order to allow the M_FLUSH to propagate back 4263 * up to the stream head. 4264 * Replaces if (qready()) runqueues(); 4265 */ 4266 strioc.ic_cmd = -1; /* The unsupported ioctl */ 4267 strioc.ic_timout = 0; 4268 strioc.ic_len = 0; 4269 strioc.ic_dp = NULL; 4270 (void) strdoioctl(stp, &strioc, flag, K_TO_K, crp, rvalp); 4271 *rvalp = 0; 4272 return (0); 4273 4274 case I_FLUSHBAND: 4275 { 4276 struct bandinfo binfo; 4277 4278 error = strcopyin((void *)arg, &binfo, sizeof (binfo), 4279 copyflag); 4280 if (error) 4281 return (error); 4282 if (stp->sd_flag & STRHUP) 4283 return (ENXIO); 4284 if (binfo.bi_flag & ~FLUSHRW) 4285 return (EINVAL); 4286 while (!(mp = allocb(2, BPRI_HI))) { 4287 if (error = strwaitbuf(2, BPRI_HI)) 4288 return (error); 4289 } 4290 mp->b_datap->db_type = M_FLUSH; 4291 *mp->b_wptr++ = binfo.bi_flag | FLUSHBAND; 4292 *mp->b_wptr++ = binfo.bi_pri; 4293 putnext(stp->sd_wrq, mp); 4294 /* 4295 * Send down an unsupported ioctl and wait for the nack 4296 * in order to allow the M_FLUSH to propagate back 4297 * up to the stream head. 4298 * Replaces if (qready()) runqueues(); 4299 */ 4300 strioc.ic_cmd = -1; /* The unsupported ioctl */ 4301 strioc.ic_timout = 0; 4302 strioc.ic_len = 0; 4303 strioc.ic_dp = NULL; 4304 (void) strdoioctl(stp, &strioc, flag, K_TO_K, crp, rvalp); 4305 *rvalp = 0; 4306 return (0); 4307 } 4308 4309 case I_SRDOPT: 4310 /* 4311 * Set read options 4312 * 4313 * RNORM - default stream mode 4314 * RMSGN - message no discard 4315 * RMSGD - message discard 4316 * RPROTNORM - fail read with EBADMSG for M_[PC]PROTOs 4317 * RPROTDAT - convert M_[PC]PROTOs to M_DATAs 4318 * RPROTDIS - discard M_[PC]PROTOs and retain M_DATAs 4319 */ 4320 if (arg & ~(RMODEMASK | RPROTMASK)) 4321 return (EINVAL); 4322 4323 if ((arg & (RMSGD|RMSGN)) == (RMSGD|RMSGN)) 4324 return (EINVAL); 4325 4326 mutex_enter(&stp->sd_lock); 4327 switch (arg & RMODEMASK) { 4328 case RNORM: 4329 stp->sd_read_opt &= ~(RD_MSGDIS | RD_MSGNODIS); 4330 break; 4331 case RMSGD: 4332 stp->sd_read_opt = (stp->sd_read_opt & ~RD_MSGNODIS) | 4333 RD_MSGDIS; 4334 break; 4335 case RMSGN: 4336 stp->sd_read_opt = (stp->sd_read_opt & ~RD_MSGDIS) | 4337 RD_MSGNODIS; 4338 break; 4339 } 4340 4341 switch (arg & RPROTMASK) { 4342 case RPROTNORM: 4343 stp->sd_read_opt &= ~(RD_PROTDAT | RD_PROTDIS); 4344 break; 4345 4346 case RPROTDAT: 4347 stp->sd_read_opt = ((stp->sd_read_opt & ~RD_PROTDIS) | 4348 RD_PROTDAT); 4349 break; 4350 4351 case RPROTDIS: 4352 stp->sd_read_opt = ((stp->sd_read_opt & ~RD_PROTDAT) | 4353 RD_PROTDIS); 4354 break; 4355 } 4356 mutex_exit(&stp->sd_lock); 4357 return (0); 4358 4359 case I_GRDOPT: 4360 /* 4361 * Get read option and return the value 4362 * to spot pointed to by arg 4363 */ 4364 { 4365 int rdopt; 4366 4367 rdopt = ((stp->sd_read_opt & RD_MSGDIS) ? RMSGD : 4368 ((stp->sd_read_opt & RD_MSGNODIS) ? RMSGN : RNORM)); 4369 rdopt |= ((stp->sd_read_opt & RD_PROTDAT) ? RPROTDAT : 4370 ((stp->sd_read_opt & RD_PROTDIS) ? RPROTDIS : RPROTNORM)); 4371 4372 return (strcopyout(&rdopt, (void *)arg, sizeof (int), 4373 copyflag)); 4374 } 4375 4376 case I_SERROPT: 4377 /* 4378 * Set error options 4379 * 4380 * RERRNORM - persistent read errors 4381 * RERRNONPERSIST - non-persistent read errors 4382 * WERRNORM - persistent write errors 4383 * WERRNONPERSIST - non-persistent write errors 4384 */ 4385 if (arg & ~(RERRMASK | WERRMASK)) 4386 return (EINVAL); 4387 4388 mutex_enter(&stp->sd_lock); 4389 switch (arg & RERRMASK) { 4390 case RERRNORM: 4391 stp->sd_flag &= ~STRDERRNONPERSIST; 4392 break; 4393 case RERRNONPERSIST: 4394 stp->sd_flag |= STRDERRNONPERSIST; 4395 break; 4396 } 4397 switch (arg & WERRMASK) { 4398 case WERRNORM: 4399 stp->sd_flag &= ~STWRERRNONPERSIST; 4400 break; 4401 case WERRNONPERSIST: 4402 stp->sd_flag |= STWRERRNONPERSIST; 4403 break; 4404 } 4405 mutex_exit(&stp->sd_lock); 4406 return (0); 4407 4408 case I_GERROPT: 4409 /* 4410 * Get error option and return the value 4411 * to spot pointed to by arg 4412 */ 4413 { 4414 int erropt = 0; 4415 4416 erropt |= (stp->sd_flag & STRDERRNONPERSIST) ? RERRNONPERSIST : 4417 RERRNORM; 4418 erropt |= (stp->sd_flag & STWRERRNONPERSIST) ? WERRNONPERSIST : 4419 WERRNORM; 4420 return (strcopyout(&erropt, (void *)arg, sizeof (int), 4421 copyflag)); 4422 } 4423 4424 case I_SETSIG: 4425 /* 4426 * Register the calling proc to receive the SIGPOLL 4427 * signal based on the events given in arg. If 4428 * arg is zero, remove the proc from register list. 4429 */ 4430 { 4431 strsig_t *ssp, *pssp; 4432 struct pid *pidp; 4433 4434 pssp = NULL; 4435 pidp = curproc->p_pidp; 4436 /* 4437 * Hold sd_lock to prevent traversal of sd_siglist while 4438 * it is modified. 4439 */ 4440 mutex_enter(&stp->sd_lock); 4441 for (ssp = stp->sd_siglist; ssp && (ssp->ss_pidp != pidp); 4442 pssp = ssp, ssp = ssp->ss_next) 4443 ; 4444 4445 if (arg) { 4446 if (arg & ~(S_INPUT|S_HIPRI|S_MSG|S_HANGUP|S_ERROR| 4447 S_RDNORM|S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG)) { 4448 mutex_exit(&stp->sd_lock); 4449 return (EINVAL); 4450 } 4451 if ((arg & S_BANDURG) && !(arg & S_RDBAND)) { 4452 mutex_exit(&stp->sd_lock); 4453 return (EINVAL); 4454 } 4455 4456 /* 4457 * If proc not already registered, add it 4458 * to list. 4459 */ 4460 if (!ssp) { 4461 ssp = kmem_alloc(sizeof (strsig_t), KM_SLEEP); 4462 ssp->ss_pidp = pidp; 4463 ssp->ss_pid = pidp->pid_id; 4464 ssp->ss_next = NULL; 4465 if (pssp) 4466 pssp->ss_next = ssp; 4467 else 4468 stp->sd_siglist = ssp; 4469 mutex_enter(&pidlock); 4470 PID_HOLD(pidp); 4471 mutex_exit(&pidlock); 4472 } 4473 4474 /* 4475 * Set events. 4476 */ 4477 ssp->ss_events = (int)arg; 4478 } else { 4479 /* 4480 * Remove proc from register list. 4481 */ 4482 if (ssp) { 4483 mutex_enter(&pidlock); 4484 PID_RELE(pidp); 4485 mutex_exit(&pidlock); 4486 if (pssp) 4487 pssp->ss_next = ssp->ss_next; 4488 else 4489 stp->sd_siglist = ssp->ss_next; 4490 kmem_free(ssp, sizeof (strsig_t)); 4491 } else { 4492 mutex_exit(&stp->sd_lock); 4493 return (EINVAL); 4494 } 4495 } 4496 4497 /* 4498 * Recalculate OR of sig events. 4499 */ 4500 stp->sd_sigflags = 0; 4501 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4502 stp->sd_sigflags |= ssp->ss_events; 4503 mutex_exit(&stp->sd_lock); 4504 return (0); 4505 } 4506 4507 case I_GETSIG: 4508 /* 4509 * Return (in arg) the current registration of events 4510 * for which the calling proc is to be signaled. 4511 */ 4512 { 4513 struct strsig *ssp; 4514 struct pid *pidp; 4515 4516 pidp = curproc->p_pidp; 4517 mutex_enter(&stp->sd_lock); 4518 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4519 if (ssp->ss_pidp == pidp) { 4520 error = strcopyout(&ssp->ss_events, (void *)arg, 4521 sizeof (int), copyflag); 4522 mutex_exit(&stp->sd_lock); 4523 return (error); 4524 } 4525 mutex_exit(&stp->sd_lock); 4526 return (EINVAL); 4527 } 4528 4529 case I_ESETSIG: 4530 /* 4531 * Register the ss_pid to receive the SIGPOLL 4532 * signal based on the events is ss_events arg. If 4533 * ss_events is zero, remove the proc from register list. 4534 */ 4535 { 4536 struct strsig *ssp, *pssp; 4537 struct proc *proc; 4538 struct pid *pidp; 4539 pid_t pid; 4540 struct strsigset ss; 4541 4542 error = strcopyin((void *)arg, &ss, sizeof (ss), copyflag); 4543 if (error) 4544 return (error); 4545 4546 pid = ss.ss_pid; 4547 4548 if (ss.ss_events != 0) { 4549 /* 4550 * Permissions check by sending signal 0. 4551 * Note that when kill fails it does a set_errno 4552 * causing the system call to fail. 4553 */ 4554 error = kill(pid, 0); 4555 if (error) { 4556 return (error); 4557 } 4558 } 4559 mutex_enter(&pidlock); 4560 if (pid == 0) 4561 proc = curproc; 4562 else if (pid < 0) 4563 proc = pgfind(-pid); 4564 else 4565 proc = prfind(pid); 4566 if (proc == NULL) { 4567 mutex_exit(&pidlock); 4568 return (ESRCH); 4569 } 4570 if (pid < 0) 4571 pidp = proc->p_pgidp; 4572 else 4573 pidp = proc->p_pidp; 4574 ASSERT(pidp); 4575 /* 4576 * Get a hold on the pid structure while referencing it. 4577 * There is a separate PID_HOLD should it be inserted 4578 * in the list below. 4579 */ 4580 PID_HOLD(pidp); 4581 mutex_exit(&pidlock); 4582 4583 pssp = NULL; 4584 /* 4585 * Hold sd_lock to prevent traversal of sd_siglist while 4586 * it is modified. 4587 */ 4588 mutex_enter(&stp->sd_lock); 4589 for (ssp = stp->sd_siglist; ssp && (ssp->ss_pid != pid); 4590 pssp = ssp, ssp = ssp->ss_next) 4591 ; 4592 4593 if (ss.ss_events) { 4594 if (ss.ss_events & 4595 ~(S_INPUT|S_HIPRI|S_MSG|S_HANGUP|S_ERROR| 4596 S_RDNORM|S_WRNORM|S_RDBAND|S_WRBAND|S_BANDURG)) { 4597 mutex_exit(&stp->sd_lock); 4598 mutex_enter(&pidlock); 4599 PID_RELE(pidp); 4600 mutex_exit(&pidlock); 4601 return (EINVAL); 4602 } 4603 if ((ss.ss_events & S_BANDURG) && 4604 !(ss.ss_events & S_RDBAND)) { 4605 mutex_exit(&stp->sd_lock); 4606 mutex_enter(&pidlock); 4607 PID_RELE(pidp); 4608 mutex_exit(&pidlock); 4609 return (EINVAL); 4610 } 4611 4612 /* 4613 * If proc not already registered, add it 4614 * to list. 4615 */ 4616 if (!ssp) { 4617 ssp = kmem_alloc(sizeof (strsig_t), KM_SLEEP); 4618 ssp->ss_pidp = pidp; 4619 ssp->ss_pid = pid; 4620 ssp->ss_next = NULL; 4621 if (pssp) 4622 pssp->ss_next = ssp; 4623 else 4624 stp->sd_siglist = ssp; 4625 mutex_enter(&pidlock); 4626 PID_HOLD(pidp); 4627 mutex_exit(&pidlock); 4628 } 4629 4630 /* 4631 * Set events. 4632 */ 4633 ssp->ss_events = ss.ss_events; 4634 } else { 4635 /* 4636 * Remove proc from register list. 4637 */ 4638 if (ssp) { 4639 mutex_enter(&pidlock); 4640 PID_RELE(pidp); 4641 mutex_exit(&pidlock); 4642 if (pssp) 4643 pssp->ss_next = ssp->ss_next; 4644 else 4645 stp->sd_siglist = ssp->ss_next; 4646 kmem_free(ssp, sizeof (strsig_t)); 4647 } else { 4648 mutex_exit(&stp->sd_lock); 4649 mutex_enter(&pidlock); 4650 PID_RELE(pidp); 4651 mutex_exit(&pidlock); 4652 return (EINVAL); 4653 } 4654 } 4655 4656 /* 4657 * Recalculate OR of sig events. 4658 */ 4659 stp->sd_sigflags = 0; 4660 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4661 stp->sd_sigflags |= ssp->ss_events; 4662 mutex_exit(&stp->sd_lock); 4663 mutex_enter(&pidlock); 4664 PID_RELE(pidp); 4665 mutex_exit(&pidlock); 4666 return (0); 4667 } 4668 4669 case I_EGETSIG: 4670 /* 4671 * Return (in arg) the current registration of events 4672 * for which the calling proc is to be signaled. 4673 */ 4674 { 4675 struct strsig *ssp; 4676 struct proc *proc; 4677 pid_t pid; 4678 struct pid *pidp; 4679 struct strsigset ss; 4680 4681 error = strcopyin((void *)arg, &ss, sizeof (ss), copyflag); 4682 if (error) 4683 return (error); 4684 4685 pid = ss.ss_pid; 4686 mutex_enter(&pidlock); 4687 if (pid == 0) 4688 proc = curproc; 4689 else if (pid < 0) 4690 proc = pgfind(-pid); 4691 else 4692 proc = prfind(pid); 4693 if (proc == NULL) { 4694 mutex_exit(&pidlock); 4695 return (ESRCH); 4696 } 4697 if (pid < 0) 4698 pidp = proc->p_pgidp; 4699 else 4700 pidp = proc->p_pidp; 4701 4702 /* Prevent the pidp from being reassigned */ 4703 PID_HOLD(pidp); 4704 mutex_exit(&pidlock); 4705 4706 mutex_enter(&stp->sd_lock); 4707 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 4708 if (ssp->ss_pid == pid) { 4709 ss.ss_pid = ssp->ss_pid; 4710 ss.ss_events = ssp->ss_events; 4711 error = strcopyout(&ss, (void *)arg, 4712 sizeof (struct strsigset), copyflag); 4713 mutex_exit(&stp->sd_lock); 4714 mutex_enter(&pidlock); 4715 PID_RELE(pidp); 4716 mutex_exit(&pidlock); 4717 return (error); 4718 } 4719 mutex_exit(&stp->sd_lock); 4720 mutex_enter(&pidlock); 4721 PID_RELE(pidp); 4722 mutex_exit(&pidlock); 4723 return (EINVAL); 4724 } 4725 4726 case I_PEEK: 4727 { 4728 STRUCT_DECL(strpeek, strpeek); 4729 size_t n; 4730 mblk_t *fmp, *tmp_mp = NULL; 4731 4732 STRUCT_INIT(strpeek, flag); 4733 4734 error = strcopyin((void *)arg, STRUCT_BUF(strpeek), 4735 STRUCT_SIZE(strpeek), copyflag); 4736 if (error) 4737 return (error); 4738 4739 mutex_enter(QLOCK(rdq)); 4740 /* 4741 * Skip the invalid messages 4742 */ 4743 for (mp = rdq->q_first; mp != NULL; mp = mp->b_next) 4744 if (mp->b_datap->db_type != M_SIG) 4745 break; 4746 4747 /* 4748 * If user has requested to peek at a high priority message 4749 * and first message is not, return 0 4750 */ 4751 if (mp != NULL) { 4752 if ((STRUCT_FGET(strpeek, flags) & RS_HIPRI) && 4753 queclass(mp) == QNORM) { 4754 *rvalp = 0; 4755 mutex_exit(QLOCK(rdq)); 4756 return (0); 4757 } 4758 } else if (stp->sd_struiordq == NULL || 4759 (STRUCT_FGET(strpeek, flags) & RS_HIPRI)) { 4760 /* 4761 * No mblks to look at at the streamhead and 4762 * 1). This isn't a synch stream or 4763 * 2). This is a synch stream but caller wants high 4764 * priority messages which is not supported by 4765 * the synch stream. (it only supports QNORM) 4766 */ 4767 *rvalp = 0; 4768 mutex_exit(QLOCK(rdq)); 4769 return (0); 4770 } 4771 4772 fmp = mp; 4773 4774 if (mp && mp->b_datap->db_type == M_PASSFP) { 4775 mutex_exit(QLOCK(rdq)); 4776 return (EBADMSG); 4777 } 4778 4779 ASSERT(mp == NULL || mp->b_datap->db_type == M_PCPROTO || 4780 mp->b_datap->db_type == M_PROTO || 4781 mp->b_datap->db_type == M_DATA); 4782 4783 if (mp && mp->b_datap->db_type == M_PCPROTO) { 4784 STRUCT_FSET(strpeek, flags, RS_HIPRI); 4785 } else { 4786 STRUCT_FSET(strpeek, flags, 0); 4787 } 4788 4789 4790 if (mp && ((tmp_mp = dupmsg(mp)) == NULL)) { 4791 mutex_exit(QLOCK(rdq)); 4792 return (ENOSR); 4793 } 4794 mutex_exit(QLOCK(rdq)); 4795 4796 /* 4797 * set mp = tmp_mp, so that I_PEEK processing can continue. 4798 * tmp_mp is used to free the dup'd message. 4799 */ 4800 mp = tmp_mp; 4801 4802 uio.uio_fmode = 0; 4803 uio.uio_extflg = UIO_COPY_CACHED; 4804 uio.uio_segflg = (copyflag == U_TO_K) ? UIO_USERSPACE : 4805 UIO_SYSSPACE; 4806 uio.uio_limit = 0; 4807 /* 4808 * First process PROTO blocks, if any. 4809 * If user doesn't want to get ctl info by setting maxlen <= 0, 4810 * then set len to -1/0 and skip control blocks part. 4811 */ 4812 if (STRUCT_FGET(strpeek, ctlbuf.maxlen) < 0) 4813 STRUCT_FSET(strpeek, ctlbuf.len, -1); 4814 else if (STRUCT_FGET(strpeek, ctlbuf.maxlen) == 0) 4815 STRUCT_FSET(strpeek, ctlbuf.len, 0); 4816 else { 4817 int ctl_part = 0; 4818 4819 iov.iov_base = STRUCT_FGETP(strpeek, ctlbuf.buf); 4820 iov.iov_len = STRUCT_FGET(strpeek, ctlbuf.maxlen); 4821 uio.uio_iov = &iov; 4822 uio.uio_resid = iov.iov_len; 4823 uio.uio_loffset = 0; 4824 uio.uio_iovcnt = 1; 4825 while (mp && mp->b_datap->db_type != M_DATA && 4826 uio.uio_resid >= 0) { 4827 ASSERT(STRUCT_FGET(strpeek, flags) == 0 ? 4828 mp->b_datap->db_type == M_PROTO : 4829 mp->b_datap->db_type == M_PCPROTO); 4830 4831 if ((n = MIN(uio.uio_resid, 4832 mp->b_wptr - mp->b_rptr)) != 0 && 4833 (error = uiomove((char *)mp->b_rptr, n, 4834 UIO_READ, &uio)) != 0) { 4835 freemsg(tmp_mp); 4836 return (error); 4837 } 4838 ctl_part = 1; 4839 mp = mp->b_cont; 4840 } 4841 /* No ctl message */ 4842 if (ctl_part == 0) 4843 STRUCT_FSET(strpeek, ctlbuf.len, -1); 4844 else 4845 STRUCT_FSET(strpeek, ctlbuf.len, 4846 STRUCT_FGET(strpeek, ctlbuf.maxlen) - 4847 uio.uio_resid); 4848 } 4849 4850 /* 4851 * Now process DATA blocks, if any. 4852 * If user doesn't want to get data info by setting maxlen <= 0, 4853 * then set len to -1/0 and skip data blocks part. 4854 */ 4855 if (STRUCT_FGET(strpeek, databuf.maxlen) < 0) 4856 STRUCT_FSET(strpeek, databuf.len, -1); 4857 else if (STRUCT_FGET(strpeek, databuf.maxlen) == 0) 4858 STRUCT_FSET(strpeek, databuf.len, 0); 4859 else { 4860 int data_part = 0; 4861 4862 iov.iov_base = STRUCT_FGETP(strpeek, databuf.buf); 4863 iov.iov_len = STRUCT_FGET(strpeek, databuf.maxlen); 4864 uio.uio_iov = &iov; 4865 uio.uio_resid = iov.iov_len; 4866 uio.uio_loffset = 0; 4867 uio.uio_iovcnt = 1; 4868 while (mp && uio.uio_resid) { 4869 if (mp->b_datap->db_type == M_DATA) { 4870 if ((n = MIN(uio.uio_resid, 4871 mp->b_wptr - mp->b_rptr)) != 0 && 4872 (error = uiomove((char *)mp->b_rptr, 4873 n, UIO_READ, &uio)) != 0) { 4874 freemsg(tmp_mp); 4875 return (error); 4876 } 4877 data_part = 1; 4878 } 4879 ASSERT(data_part == 0 || 4880 mp->b_datap->db_type == M_DATA); 4881 mp = mp->b_cont; 4882 } 4883 /* No data message */ 4884 if (data_part == 0) 4885 STRUCT_FSET(strpeek, databuf.len, -1); 4886 else 4887 STRUCT_FSET(strpeek, databuf.len, 4888 STRUCT_FGET(strpeek, databuf.maxlen) - 4889 uio.uio_resid); 4890 } 4891 freemsg(tmp_mp); 4892 4893 /* 4894 * It is a synch stream and user wants to get 4895 * data (maxlen > 0). 4896 * uio setup is done by the codes that process DATA 4897 * blocks above. 4898 */ 4899 if ((fmp == NULL) && STRUCT_FGET(strpeek, databuf.maxlen) > 0) { 4900 infod_t infod; 4901 4902 infod.d_cmd = INFOD_COPYOUT; 4903 infod.d_res = 0; 4904 infod.d_uiop = &uio; 4905 error = infonext(rdq, &infod); 4906 if (error == EINVAL || error == EBUSY) 4907 error = 0; 4908 if (error) 4909 return (error); 4910 STRUCT_FSET(strpeek, databuf.len, STRUCT_FGET(strpeek, 4911 databuf.maxlen) - uio.uio_resid); 4912 if (STRUCT_FGET(strpeek, databuf.len) == 0) { 4913 /* 4914 * No data found by the infonext(). 4915 */ 4916 STRUCT_FSET(strpeek, databuf.len, -1); 4917 } 4918 } 4919 error = strcopyout(STRUCT_BUF(strpeek), (void *)arg, 4920 STRUCT_SIZE(strpeek), copyflag); 4921 if (error) { 4922 return (error); 4923 } 4924 /* 4925 * If there is no message retrieved, set return code to 0 4926 * otherwise, set it to 1. 4927 */ 4928 if (STRUCT_FGET(strpeek, ctlbuf.len) == -1 && 4929 STRUCT_FGET(strpeek, databuf.len) == -1) 4930 *rvalp = 0; 4931 else 4932 *rvalp = 1; 4933 return (0); 4934 } 4935 4936 case I_FDINSERT: 4937 { 4938 STRUCT_DECL(strfdinsert, strfdinsert); 4939 struct file *resftp; 4940 struct stdata *resstp; 4941 t_uscalar_t ival; 4942 ssize_t msgsize; 4943 struct strbuf mctl; 4944 4945 STRUCT_INIT(strfdinsert, flag); 4946 if (stp->sd_flag & STRHUP) 4947 return (ENXIO); 4948 /* 4949 * STRDERR, STWRERR and STPLEX tested above. 4950 */ 4951 error = strcopyin((void *)arg, STRUCT_BUF(strfdinsert), 4952 STRUCT_SIZE(strfdinsert), copyflag); 4953 if (error) 4954 return (error); 4955 4956 if (STRUCT_FGET(strfdinsert, offset) < 0 || 4957 (STRUCT_FGET(strfdinsert, offset) % 4958 sizeof (t_uscalar_t)) != 0) 4959 return (EINVAL); 4960 if ((resftp = getf(STRUCT_FGET(strfdinsert, fildes))) != NULL) { 4961 if ((resstp = resftp->f_vnode->v_stream) == NULL) { 4962 releasef(STRUCT_FGET(strfdinsert, fildes)); 4963 return (EINVAL); 4964 } 4965 } else 4966 return (EINVAL); 4967 4968 mutex_enter(&resstp->sd_lock); 4969 if (resstp->sd_flag & (STRDERR|STWRERR|STRHUP|STPLEX)) { 4970 error = strgeterr(resstp, 4971 STRDERR|STWRERR|STRHUP|STPLEX, 0); 4972 if (error != 0) { 4973 mutex_exit(&resstp->sd_lock); 4974 releasef(STRUCT_FGET(strfdinsert, fildes)); 4975 return (error); 4976 } 4977 } 4978 mutex_exit(&resstp->sd_lock); 4979 4980 #ifdef _ILP32 4981 { 4982 queue_t *q; 4983 queue_t *mate = NULL; 4984 4985 /* get read queue of stream terminus */ 4986 claimstr(resstp->sd_wrq); 4987 for (q = resstp->sd_wrq->q_next; q->q_next != NULL; 4988 q = q->q_next) 4989 if (!STRMATED(resstp) && STREAM(q) != resstp && 4990 mate == NULL) { 4991 ASSERT(q->q_qinfo->qi_srvp); 4992 ASSERT(_OTHERQ(q)->q_qinfo->qi_srvp); 4993 claimstr(q); 4994 mate = q; 4995 } 4996 q = _RD(q); 4997 if (mate) 4998 releasestr(mate); 4999 releasestr(resstp->sd_wrq); 5000 ival = (t_uscalar_t)q; 5001 } 5002 #else 5003 ival = (t_uscalar_t)getminor(resftp->f_vnode->v_rdev); 5004 #endif /* _ILP32 */ 5005 5006 if (STRUCT_FGET(strfdinsert, ctlbuf.len) < 5007 STRUCT_FGET(strfdinsert, offset) + sizeof (t_uscalar_t)) { 5008 releasef(STRUCT_FGET(strfdinsert, fildes)); 5009 return (EINVAL); 5010 } 5011 5012 /* 5013 * Check for legal flag value. 5014 */ 5015 if (STRUCT_FGET(strfdinsert, flags) & ~RS_HIPRI) { 5016 releasef(STRUCT_FGET(strfdinsert, fildes)); 5017 return (EINVAL); 5018 } 5019 5020 /* get these values from those cached in the stream head */ 5021 mutex_enter(QLOCK(stp->sd_wrq)); 5022 rmin = stp->sd_qn_minpsz; 5023 rmax = stp->sd_qn_maxpsz; 5024 mutex_exit(QLOCK(stp->sd_wrq)); 5025 5026 /* 5027 * Make sure ctl and data sizes together fall within 5028 * the limits of the max and min receive packet sizes 5029 * and do not exceed system limit. A negative data 5030 * length means that no data part is to be sent. 5031 */ 5032 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 5033 if (rmax == 0) { 5034 releasef(STRUCT_FGET(strfdinsert, fildes)); 5035 return (ERANGE); 5036 } 5037 if ((msgsize = STRUCT_FGET(strfdinsert, databuf.len)) < 0) 5038 msgsize = 0; 5039 if ((msgsize < rmin) || 5040 ((msgsize > rmax) && (rmax != INFPSZ)) || 5041 (STRUCT_FGET(strfdinsert, ctlbuf.len) > strctlsz)) { 5042 releasef(STRUCT_FGET(strfdinsert, fildes)); 5043 return (ERANGE); 5044 } 5045 5046 mutex_enter(&stp->sd_lock); 5047 while (!(STRUCT_FGET(strfdinsert, flags) & RS_HIPRI) && 5048 !canputnext(stp->sd_wrq)) { 5049 if ((error = strwaitq(stp, WRITEWAIT, (ssize_t)0, 5050 flag, -1, &done)) != 0 || done) { 5051 mutex_exit(&stp->sd_lock); 5052 releasef(STRUCT_FGET(strfdinsert, fildes)); 5053 return (error); 5054 } 5055 if ((error = i_straccess(stp, access)) != 0) { 5056 mutex_exit(&stp->sd_lock); 5057 releasef( 5058 STRUCT_FGET(strfdinsert, fildes)); 5059 return (error); 5060 } 5061 } 5062 mutex_exit(&stp->sd_lock); 5063 5064 /* 5065 * Copy strfdinsert.ctlbuf into native form of 5066 * ctlbuf to pass down into strmakemsg(). 5067 */ 5068 mctl.maxlen = STRUCT_FGET(strfdinsert, ctlbuf.maxlen); 5069 mctl.len = STRUCT_FGET(strfdinsert, ctlbuf.len); 5070 mctl.buf = STRUCT_FGETP(strfdinsert, ctlbuf.buf); 5071 5072 iov.iov_base = STRUCT_FGETP(strfdinsert, databuf.buf); 5073 iov.iov_len = STRUCT_FGET(strfdinsert, databuf.len); 5074 uio.uio_iov = &iov; 5075 uio.uio_iovcnt = 1; 5076 uio.uio_loffset = 0; 5077 uio.uio_segflg = (copyflag == U_TO_K) ? UIO_USERSPACE : 5078 UIO_SYSSPACE; 5079 uio.uio_fmode = 0; 5080 uio.uio_extflg = UIO_COPY_CACHED; 5081 uio.uio_resid = iov.iov_len; 5082 if ((error = strmakemsg(&mctl, 5083 &msgsize, &uio, stp, 5084 STRUCT_FGET(strfdinsert, flags), &mp)) != 0 || !mp) { 5085 STRUCT_FSET(strfdinsert, databuf.len, msgsize); 5086 releasef(STRUCT_FGET(strfdinsert, fildes)); 5087 return (error); 5088 } 5089 5090 STRUCT_FSET(strfdinsert, databuf.len, msgsize); 5091 5092 /* 5093 * Place the possibly reencoded queue pointer 'offset' bytes 5094 * from the start of the control portion of the message. 5095 */ 5096 *((t_uscalar_t *)(mp->b_rptr + 5097 STRUCT_FGET(strfdinsert, offset))) = ival; 5098 5099 /* 5100 * Put message downstream. 5101 */ 5102 stream_willservice(stp); 5103 putnext(stp->sd_wrq, mp); 5104 stream_runservice(stp); 5105 releasef(STRUCT_FGET(strfdinsert, fildes)); 5106 return (error); 5107 } 5108 5109 case I_SENDFD: 5110 { 5111 struct file *fp; 5112 5113 if ((fp = getf((int)arg)) == NULL) 5114 return (EBADF); 5115 error = do_sendfp(stp, fp, crp); 5116 #ifdef C2_AUDIT 5117 if (audit_active) { 5118 audit_fdsend((int)arg, fp, error); 5119 } 5120 #endif 5121 releasef((int)arg); 5122 return (error); 5123 } 5124 5125 case I_RECVFD: 5126 case I_E_RECVFD: 5127 { 5128 struct k_strrecvfd *srf; 5129 int i, fd; 5130 5131 mutex_enter(&stp->sd_lock); 5132 while (!(mp = getq(rdq))) { 5133 if (stp->sd_flag & (STRHUP|STREOF)) { 5134 mutex_exit(&stp->sd_lock); 5135 return (ENXIO); 5136 } 5137 if ((error = strwaitq(stp, GETWAIT, (ssize_t)0, 5138 flag, -1, &done)) != 0 || done) { 5139 mutex_exit(&stp->sd_lock); 5140 return (error); 5141 } 5142 if ((error = i_straccess(stp, access)) != 0) { 5143 mutex_exit(&stp->sd_lock); 5144 return (error); 5145 } 5146 } 5147 if (mp->b_datap->db_type != M_PASSFP) { 5148 putback(stp, rdq, mp, mp->b_band); 5149 mutex_exit(&stp->sd_lock); 5150 return (EBADMSG); 5151 } 5152 mutex_exit(&stp->sd_lock); 5153 5154 srf = (struct k_strrecvfd *)mp->b_rptr; 5155 if ((fd = ufalloc(0)) == -1) { 5156 mutex_enter(&stp->sd_lock); 5157 putback(stp, rdq, mp, mp->b_band); 5158 mutex_exit(&stp->sd_lock); 5159 return (EMFILE); 5160 } 5161 if (cmd == I_RECVFD) { 5162 struct o_strrecvfd ostrfd; 5163 5164 /* check to see if uid/gid values are too large. */ 5165 5166 if (srf->uid > (o_uid_t)USHRT_MAX || 5167 srf->gid > (o_gid_t)USHRT_MAX) { 5168 mutex_enter(&stp->sd_lock); 5169 putback(stp, rdq, mp, mp->b_band); 5170 mutex_exit(&stp->sd_lock); 5171 setf(fd, NULL); /* release fd entry */ 5172 return (EOVERFLOW); 5173 } 5174 5175 ostrfd.fd = fd; 5176 ostrfd.uid = (o_uid_t)srf->uid; 5177 ostrfd.gid = (o_gid_t)srf->gid; 5178 5179 /* Null the filler bits */ 5180 for (i = 0; i < 8; i++) 5181 ostrfd.fill[i] = 0; 5182 5183 error = strcopyout(&ostrfd, (void *)arg, 5184 sizeof (struct o_strrecvfd), copyflag); 5185 } else { /* I_E_RECVFD */ 5186 struct strrecvfd strfd; 5187 5188 strfd.fd = fd; 5189 strfd.uid = srf->uid; 5190 strfd.gid = srf->gid; 5191 5192 /* null the filler bits */ 5193 for (i = 0; i < 8; i++) 5194 strfd.fill[i] = 0; 5195 5196 error = strcopyout(&strfd, (void *)arg, 5197 sizeof (struct strrecvfd), copyflag); 5198 } 5199 5200 if (error) { 5201 setf(fd, NULL); /* release fd entry */ 5202 mutex_enter(&stp->sd_lock); 5203 putback(stp, rdq, mp, mp->b_band); 5204 mutex_exit(&stp->sd_lock); 5205 return (error); 5206 } 5207 #ifdef C2_AUDIT 5208 if (audit_active) { 5209 audit_fdrecv(fd, srf->fp); 5210 } 5211 #endif 5212 5213 /* 5214 * Always increment f_count since the freemsg() below will 5215 * always call free_passfp() which performs a closef(). 5216 */ 5217 mutex_enter(&srf->fp->f_tlock); 5218 srf->fp->f_count++; 5219 mutex_exit(&srf->fp->f_tlock); 5220 setf(fd, srf->fp); 5221 freemsg(mp); 5222 return (0); 5223 } 5224 5225 case I_SWROPT: 5226 /* 5227 * Set/clear the write options. arg is a bit 5228 * mask with any of the following bits set... 5229 * SNDZERO - send zero length message 5230 * SNDPIPE - send sigpipe to process if 5231 * sd_werror is set and process is 5232 * doing a write or putmsg. 5233 * The new stream head write options should reflect 5234 * what is in arg. 5235 */ 5236 if (arg & ~(SNDZERO|SNDPIPE)) 5237 return (EINVAL); 5238 5239 mutex_enter(&stp->sd_lock); 5240 stp->sd_wput_opt &= ~(SW_SIGPIPE|SW_SNDZERO); 5241 if (arg & SNDZERO) 5242 stp->sd_wput_opt |= SW_SNDZERO; 5243 if (arg & SNDPIPE) 5244 stp->sd_wput_opt |= SW_SIGPIPE; 5245 mutex_exit(&stp->sd_lock); 5246 return (0); 5247 5248 case I_GWROPT: 5249 { 5250 int wropt = 0; 5251 5252 if (stp->sd_wput_opt & SW_SNDZERO) 5253 wropt |= SNDZERO; 5254 if (stp->sd_wput_opt & SW_SIGPIPE) 5255 wropt |= SNDPIPE; 5256 return (strcopyout(&wropt, (void *)arg, sizeof (wropt), 5257 copyflag)); 5258 } 5259 5260 case I_LIST: 5261 /* 5262 * Returns all the modules found on this stream, 5263 * upto the driver. If argument is NULL, return the 5264 * number of modules (including driver). If argument 5265 * is not NULL, copy the names into the structure 5266 * provided. 5267 */ 5268 5269 { 5270 queue_t *q; 5271 int num_modules, space_allocated; 5272 STRUCT_DECL(str_list, strlist); 5273 struct str_mlist *mlist_ptr; 5274 5275 if (arg == NULL) { /* Return number of modules plus driver */ 5276 q = stp->sd_wrq; 5277 if (stp->sd_vnode->v_type == VFIFO) { 5278 *rvalp = stp->sd_pushcnt; 5279 } else { 5280 *rvalp = stp->sd_pushcnt + 1; 5281 } 5282 } else { 5283 STRUCT_INIT(strlist, flag); 5284 5285 error = strcopyin((void *)arg, STRUCT_BUF(strlist), 5286 STRUCT_SIZE(strlist), copyflag); 5287 if (error) 5288 return (error); 5289 5290 space_allocated = STRUCT_FGET(strlist, sl_nmods); 5291 if ((space_allocated) <= 0) 5292 return (EINVAL); 5293 claimstr(stp->sd_wrq); 5294 q = stp->sd_wrq; 5295 num_modules = 0; 5296 while (_SAMESTR(q) && (space_allocated != 0)) { 5297 char *name = 5298 q->q_next->q_qinfo->qi_minfo->mi_idname; 5299 5300 mlist_ptr = STRUCT_FGETP(strlist, sl_modlist); 5301 5302 error = strcopyout(name, mlist_ptr, 5303 strlen(name) + 1, copyflag); 5304 5305 if (error) { 5306 releasestr(stp->sd_wrq); 5307 return (error); 5308 } 5309 q = q->q_next; 5310 space_allocated--; 5311 num_modules++; 5312 mlist_ptr = 5313 (struct str_mlist *)((uintptr_t)mlist_ptr + 5314 sizeof (struct str_mlist)); 5315 STRUCT_FSETP(strlist, sl_modlist, mlist_ptr); 5316 } 5317 releasestr(stp->sd_wrq); 5318 error = strcopyout(&num_modules, (void *)arg, 5319 sizeof (int), copyflag); 5320 } 5321 return (error); 5322 } 5323 5324 case I_CKBAND: 5325 { 5326 queue_t *q; 5327 qband_t *qbp; 5328 5329 if ((arg < 0) || (arg >= NBAND)) 5330 return (EINVAL); 5331 q = _RD(stp->sd_wrq); 5332 mutex_enter(QLOCK(q)); 5333 if (arg > (int)q->q_nband) { 5334 *rvalp = 0; 5335 } else { 5336 if (arg == 0) { 5337 if (q->q_first) 5338 *rvalp = 1; 5339 else 5340 *rvalp = 0; 5341 } else { 5342 qbp = q->q_bandp; 5343 while (--arg > 0) 5344 qbp = qbp->qb_next; 5345 if (qbp->qb_first) 5346 *rvalp = 1; 5347 else 5348 *rvalp = 0; 5349 } 5350 } 5351 mutex_exit(QLOCK(q)); 5352 return (0); 5353 } 5354 5355 case I_GETBAND: 5356 { 5357 int intpri; 5358 queue_t *q; 5359 5360 q = _RD(stp->sd_wrq); 5361 mutex_enter(QLOCK(q)); 5362 mp = q->q_first; 5363 if (!mp) { 5364 mutex_exit(QLOCK(q)); 5365 return (ENODATA); 5366 } 5367 intpri = (int)mp->b_band; 5368 error = strcopyout(&intpri, (void *)arg, sizeof (int), 5369 copyflag); 5370 mutex_exit(QLOCK(q)); 5371 return (error); 5372 } 5373 5374 case I_ATMARK: 5375 { 5376 queue_t *q; 5377 5378 if (arg & ~(ANYMARK|LASTMARK)) 5379 return (EINVAL); 5380 q = _RD(stp->sd_wrq); 5381 mutex_enter(&stp->sd_lock); 5382 if ((stp->sd_flag & STRATMARK) && (arg == ANYMARK)) { 5383 *rvalp = 1; 5384 } else { 5385 mutex_enter(QLOCK(q)); 5386 mp = q->q_first; 5387 5388 if (mp == NULL) 5389 *rvalp = 0; 5390 else if ((arg == ANYMARK) && (mp->b_flag & MSGMARK)) 5391 *rvalp = 1; 5392 else if ((arg == LASTMARK) && (mp == stp->sd_mark)) 5393 *rvalp = 1; 5394 else 5395 *rvalp = 0; 5396 mutex_exit(QLOCK(q)); 5397 } 5398 mutex_exit(&stp->sd_lock); 5399 return (0); 5400 } 5401 5402 case I_CANPUT: 5403 { 5404 char band; 5405 5406 if ((arg < 0) || (arg >= NBAND)) 5407 return (EINVAL); 5408 band = (char)arg; 5409 *rvalp = bcanputnext(stp->sd_wrq, band); 5410 return (0); 5411 } 5412 5413 case I_SETCLTIME: 5414 { 5415 int closetime; 5416 5417 error = strcopyin((void *)arg, &closetime, sizeof (int), 5418 copyflag); 5419 if (error) 5420 return (error); 5421 if (closetime < 0) 5422 return (EINVAL); 5423 5424 stp->sd_closetime = closetime; 5425 return (0); 5426 } 5427 5428 case I_GETCLTIME: 5429 { 5430 int closetime; 5431 5432 closetime = stp->sd_closetime; 5433 return (strcopyout(&closetime, (void *)arg, sizeof (int), 5434 copyflag)); 5435 } 5436 5437 case TIOCGSID: 5438 { 5439 pid_t sid; 5440 5441 mutex_enter(&stp->sd_lock); 5442 if (stp->sd_sidp == NULL) { 5443 mutex_exit(&stp->sd_lock); 5444 return (ENOTTY); 5445 } 5446 sid = stp->sd_sidp->pid_id; 5447 mutex_exit(&stp->sd_lock); 5448 return (strcopyout(&sid, (void *)arg, sizeof (pid_t), 5449 copyflag)); 5450 } 5451 5452 case TIOCSPGRP: 5453 { 5454 pid_t pgrp; 5455 proc_t *q; 5456 pid_t sid, fg_pgid, bg_pgid; 5457 5458 if (error = strcopyin((void *)arg, &pgrp, sizeof (pid_t), 5459 copyflag)) 5460 return (error); 5461 mutex_enter(&stp->sd_lock); 5462 mutex_enter(&pidlock); 5463 if (stp->sd_sidp != ttoproc(curthread)->p_sessp->s_sidp) { 5464 mutex_exit(&pidlock); 5465 mutex_exit(&stp->sd_lock); 5466 return (ENOTTY); 5467 } 5468 if (pgrp == stp->sd_pgidp->pid_id) { 5469 mutex_exit(&pidlock); 5470 mutex_exit(&stp->sd_lock); 5471 return (0); 5472 } 5473 if (pgrp <= 0 || pgrp >= maxpid) { 5474 mutex_exit(&pidlock); 5475 mutex_exit(&stp->sd_lock); 5476 return (EINVAL); 5477 } 5478 if ((q = pgfind(pgrp)) == NULL || 5479 q->p_sessp != ttoproc(curthread)->p_sessp) { 5480 mutex_exit(&pidlock); 5481 mutex_exit(&stp->sd_lock); 5482 return (EPERM); 5483 } 5484 sid = stp->sd_sidp->pid_id; 5485 fg_pgid = q->p_pgrp; 5486 bg_pgid = stp->sd_pgidp->pid_id; 5487 CL_SET_PROCESS_GROUP(curthread, sid, bg_pgid, fg_pgid); 5488 PID_RELE(stp->sd_pgidp); 5489 ctty_clear_sighuped(); 5490 stp->sd_pgidp = q->p_pgidp; 5491 PID_HOLD(stp->sd_pgidp); 5492 mutex_exit(&pidlock); 5493 mutex_exit(&stp->sd_lock); 5494 return (0); 5495 } 5496 5497 case TIOCGPGRP: 5498 { 5499 pid_t pgrp; 5500 5501 mutex_enter(&stp->sd_lock); 5502 if (stp->sd_sidp == NULL) { 5503 mutex_exit(&stp->sd_lock); 5504 return (ENOTTY); 5505 } 5506 pgrp = stp->sd_pgidp->pid_id; 5507 mutex_exit(&stp->sd_lock); 5508 return (strcopyout(&pgrp, (void *)arg, sizeof (pid_t), 5509 copyflag)); 5510 } 5511 5512 case TIOCSCTTY: 5513 { 5514 return (strctty(stp)); 5515 } 5516 5517 case TIOCNOTTY: 5518 { 5519 /* freectty() always assumes curproc. */ 5520 if (freectty(B_FALSE) != 0) 5521 return (0); 5522 return (ENOTTY); 5523 } 5524 5525 case FIONBIO: 5526 case FIOASYNC: 5527 return (0); /* handled by the upper layer */ 5528 } 5529 } 5530 5531 /* 5532 * Custom free routine used for M_PASSFP messages. 5533 */ 5534 static void 5535 free_passfp(struct k_strrecvfd *srf) 5536 { 5537 (void) closef(srf->fp); 5538 kmem_free(srf, sizeof (struct k_strrecvfd) + sizeof (frtn_t)); 5539 } 5540 5541 /* ARGSUSED */ 5542 int 5543 do_sendfp(struct stdata *stp, struct file *fp, struct cred *cr) 5544 { 5545 queue_t *qp, *nextqp; 5546 struct k_strrecvfd *srf; 5547 mblk_t *mp; 5548 frtn_t *frtnp; 5549 size_t bufsize; 5550 queue_t *mate = NULL; 5551 syncq_t *sq = NULL; 5552 int retval = 0; 5553 5554 if (stp->sd_flag & STRHUP) 5555 return (ENXIO); 5556 5557 claimstr(stp->sd_wrq); 5558 5559 /* Fastpath, we have a pipe, and we are already mated, use it. */ 5560 if (STRMATED(stp)) { 5561 qp = _RD(stp->sd_mate->sd_wrq); 5562 claimstr(qp); 5563 mate = qp; 5564 } else { /* Not already mated. */ 5565 5566 /* 5567 * Walk the stream to the end of this one. 5568 * assumes that the claimstr() will prevent 5569 * plumbing between the stream head and the 5570 * driver from changing 5571 */ 5572 qp = stp->sd_wrq; 5573 5574 /* 5575 * Loop until we reach the end of this stream. 5576 * On completion, qp points to the write queue 5577 * at the end of the stream, or the read queue 5578 * at the stream head if this is a fifo. 5579 */ 5580 while (((qp = qp->q_next) != NULL) && _SAMESTR(qp)) 5581 ; 5582 5583 /* 5584 * Just in case we get a q_next which is NULL, but 5585 * not at the end of the stream. This is actually 5586 * broken, so we set an assert to catch it in 5587 * debug, and set an error and return if not debug. 5588 */ 5589 ASSERT(qp); 5590 if (qp == NULL) { 5591 releasestr(stp->sd_wrq); 5592 return (EINVAL); 5593 } 5594 5595 /* 5596 * Enter the syncq for the driver, so (hopefully) 5597 * the queue values will not change on us. 5598 * XXXX - This will only prevent the race IFF only 5599 * the write side modifies the q_next member, and 5600 * the put procedure is protected by at least 5601 * MT_PERQ. 5602 */ 5603 if ((sq = qp->q_syncq) != NULL) 5604 entersq(sq, SQ_PUT); 5605 5606 /* Now get the q_next value from this qp. */ 5607 nextqp = qp->q_next; 5608 5609 /* 5610 * If nextqp exists and the other stream is different 5611 * from this one claim the stream, set the mate, and 5612 * get the read queue at the stream head of the other 5613 * stream. Assumes that nextqp was at least valid when 5614 * we got it. Hopefully the entersq of the driver 5615 * will prevent it from changing on us. 5616 */ 5617 if ((nextqp != NULL) && (STREAM(nextqp) != stp)) { 5618 ASSERT(qp->q_qinfo->qi_srvp); 5619 ASSERT(_OTHERQ(qp)->q_qinfo->qi_srvp); 5620 ASSERT(_OTHERQ(qp->q_next)->q_qinfo->qi_srvp); 5621 claimstr(nextqp); 5622 5623 /* Make sure we still have a q_next */ 5624 if (nextqp != qp->q_next) { 5625 releasestr(stp->sd_wrq); 5626 releasestr(nextqp); 5627 return (EINVAL); 5628 } 5629 5630 qp = _RD(STREAM(nextqp)->sd_wrq); 5631 mate = qp; 5632 } 5633 /* If we entered the synq above, leave it. */ 5634 if (sq != NULL) 5635 leavesq(sq, SQ_PUT); 5636 } /* STRMATED(STP) */ 5637 5638 /* XXX prevents substitution of the ops vector */ 5639 if (qp->q_qinfo != &strdata && qp->q_qinfo != &fifo_strdata) { 5640 retval = EINVAL; 5641 goto out; 5642 } 5643 5644 if (qp->q_flag & QFULL) { 5645 retval = EAGAIN; 5646 goto out; 5647 } 5648 5649 /* 5650 * Since M_PASSFP messages include a file descriptor, we use 5651 * esballoc() and specify a custom free routine (free_passfp()) that 5652 * will close the descriptor as part of freeing the message. For 5653 * convenience, we stash the frtn_t right after the data block. 5654 */ 5655 bufsize = sizeof (struct k_strrecvfd) + sizeof (frtn_t); 5656 srf = kmem_alloc(bufsize, KM_NOSLEEP); 5657 if (srf == NULL) { 5658 retval = EAGAIN; 5659 goto out; 5660 } 5661 5662 frtnp = (frtn_t *)(srf + 1); 5663 frtnp->free_arg = (caddr_t)srf; 5664 frtnp->free_func = free_passfp; 5665 5666 mp = esballoc((uchar_t *)srf, bufsize, BPRI_MED, frtnp); 5667 if (mp == NULL) { 5668 kmem_free(srf, bufsize); 5669 retval = EAGAIN; 5670 goto out; 5671 } 5672 mp->b_wptr += sizeof (struct k_strrecvfd); 5673 mp->b_datap->db_type = M_PASSFP; 5674 5675 srf->fp = fp; 5676 srf->uid = crgetuid(curthread->t_cred); 5677 srf->gid = crgetgid(curthread->t_cred); 5678 mutex_enter(&fp->f_tlock); 5679 fp->f_count++; 5680 mutex_exit(&fp->f_tlock); 5681 5682 put(qp, mp); 5683 out: 5684 releasestr(stp->sd_wrq); 5685 if (mate) 5686 releasestr(mate); 5687 return (retval); 5688 } 5689 5690 /* 5691 * Send an ioctl message downstream and wait for acknowledgement. 5692 * flags may be set to either U_TO_K or K_TO_K and a combination 5693 * of STR_NOERROR or STR_NOSIG 5694 * STR_NOSIG: Signals are essentially ignored or held and have 5695 * no effect for the duration of the call. 5696 * STR_NOERROR: Ignores stream head read, write and hup errors. 5697 * Additionally, if an existing ioctl times out, it is assumed 5698 * lost and and this ioctl will continue as if the previous ioctl had 5699 * finished. ETIME may be returned if this ioctl times out (i.e. 5700 * ic_timout is not INFTIM). Non-stream head errors may be returned if 5701 * the ioc_error indicates that the driver/module had problems, 5702 * an EFAULT was found when accessing user data, a lack of 5703 * resources, etc. 5704 */ 5705 int 5706 strdoioctl( 5707 struct stdata *stp, 5708 struct strioctl *strioc, 5709 int fflags, /* file flags with model info */ 5710 int flag, 5711 cred_t *crp, 5712 int *rvalp) 5713 { 5714 mblk_t *bp; 5715 struct iocblk *iocbp; 5716 struct copyreq *reqp; 5717 struct copyresp *resp; 5718 int id; 5719 int transparent = 0; 5720 int error = 0; 5721 int len = 0; 5722 caddr_t taddr; 5723 int copyflag = (flag & (U_TO_K | K_TO_K)); 5724 int sigflag = (flag & STR_NOSIG); 5725 int errs; 5726 uint_t waitflags; 5727 5728 ASSERT(copyflag == U_TO_K || copyflag == K_TO_K); 5729 ASSERT((fflags & FMODELS) != 0); 5730 5731 TRACE_2(TR_FAC_STREAMS_FR, 5732 TR_STRDOIOCTL, 5733 "strdoioctl:stp %p strioc %p", stp, strioc); 5734 if (strioc->ic_len == TRANSPARENT) { /* send arg in M_DATA block */ 5735 transparent = 1; 5736 strioc->ic_len = sizeof (intptr_t); 5737 } 5738 5739 if (strioc->ic_len < 0 || (strmsgsz > 0 && strioc->ic_len > strmsgsz)) 5740 return (EINVAL); 5741 5742 if ((bp = allocb_cred_wait(sizeof (union ioctypes), sigflag, &error, 5743 crp)) == NULL) 5744 return (error); 5745 5746 bzero(bp->b_wptr, sizeof (union ioctypes)); 5747 5748 iocbp = (struct iocblk *)bp->b_wptr; 5749 iocbp->ioc_count = strioc->ic_len; 5750 iocbp->ioc_cmd = strioc->ic_cmd; 5751 iocbp->ioc_flag = (fflags & FMODELS); 5752 5753 crhold(crp); 5754 iocbp->ioc_cr = crp; 5755 DB_TYPE(bp) = M_IOCTL; 5756 DB_CPID(bp) = curproc->p_pid; 5757 bp->b_wptr += sizeof (struct iocblk); 5758 5759 if (flag & STR_NOERROR) 5760 errs = STPLEX; 5761 else 5762 errs = STRHUP|STRDERR|STWRERR|STPLEX; 5763 5764 /* 5765 * If there is data to copy into ioctl block, do so. 5766 */ 5767 if (iocbp->ioc_count > 0) { 5768 if (transparent) 5769 /* 5770 * Note: STR_NOERROR does not have an effect 5771 * in putiocd() 5772 */ 5773 id = K_TO_K | sigflag; 5774 else 5775 id = flag; 5776 if ((error = putiocd(bp, strioc->ic_dp, id, crp)) != 0) { 5777 freemsg(bp); 5778 crfree(crp); 5779 return (error); 5780 } 5781 5782 /* 5783 * We could have slept copying in user pages. 5784 * Recheck the stream head state (the other end 5785 * of a pipe could have gone away). 5786 */ 5787 if (stp->sd_flag & errs) { 5788 mutex_enter(&stp->sd_lock); 5789 error = strgeterr(stp, errs, 0); 5790 mutex_exit(&stp->sd_lock); 5791 if (error != 0) { 5792 freemsg(bp); 5793 crfree(crp); 5794 return (error); 5795 } 5796 } 5797 } 5798 if (transparent) 5799 iocbp->ioc_count = TRANSPARENT; 5800 5801 /* 5802 * Block for up to STRTIMOUT milliseconds if there is an outstanding 5803 * ioctl for this stream already running. All processes 5804 * sleeping here will be awakened as a result of an ACK 5805 * or NAK being received for the outstanding ioctl, or 5806 * as a result of the timer expiring on the outstanding 5807 * ioctl (a failure), or as a result of any waiting 5808 * process's timer expiring (also a failure). 5809 */ 5810 5811 error = 0; 5812 mutex_enter(&stp->sd_lock); 5813 while (stp->sd_flag & (IOCWAIT | IOCWAITNE)) { 5814 clock_t cv_rval; 5815 5816 TRACE_0(TR_FAC_STREAMS_FR, 5817 TR_STRDOIOCTL_WAIT, 5818 "strdoioctl sleeps - IOCWAIT"); 5819 cv_rval = str_cv_wait(&stp->sd_iocmonitor, &stp->sd_lock, 5820 STRTIMOUT, sigflag); 5821 if (cv_rval <= 0) { 5822 if (cv_rval == 0) { 5823 error = EINTR; 5824 } else { 5825 if (flag & STR_NOERROR) { 5826 /* 5827 * Terminating current ioctl in 5828 * progress -- assume it got lost and 5829 * wake up the other thread so that the 5830 * operation completes. 5831 */ 5832 if (!(stp->sd_flag & IOCWAITNE)) { 5833 stp->sd_flag |= IOCWAITNE; 5834 cv_broadcast(&stp->sd_monitor); 5835 } 5836 /* 5837 * Otherwise, there's a running 5838 * STR_NOERROR -- we have no choice 5839 * here but to wait forever (or until 5840 * interrupted). 5841 */ 5842 } else { 5843 /* 5844 * pending ioctl has caused 5845 * us to time out 5846 */ 5847 error = ETIME; 5848 } 5849 } 5850 } else if ((stp->sd_flag & errs)) { 5851 error = strgeterr(stp, errs, 0); 5852 } 5853 if (error) { 5854 mutex_exit(&stp->sd_lock); 5855 freemsg(bp); 5856 crfree(crp); 5857 return (error); 5858 } 5859 } 5860 5861 /* 5862 * Have control of ioctl mechanism. 5863 * Send down ioctl packet and wait for response. 5864 */ 5865 if (stp->sd_iocblk != (mblk_t *)-1) { 5866 freemsg(stp->sd_iocblk); 5867 } 5868 stp->sd_iocblk = NULL; 5869 5870 /* 5871 * If this is marked with 'noerror' (internal; mostly 5872 * I_{P,}{UN,}LINK), then make sure nobody else is able to get 5873 * in here by setting IOCWAITNE. 5874 */ 5875 waitflags = IOCWAIT; 5876 if (flag & STR_NOERROR) 5877 waitflags |= IOCWAITNE; 5878 5879 stp->sd_flag |= waitflags; 5880 5881 /* 5882 * Assign sequence number. 5883 */ 5884 iocbp->ioc_id = stp->sd_iocid = getiocseqno(); 5885 5886 mutex_exit(&stp->sd_lock); 5887 5888 TRACE_1(TR_FAC_STREAMS_FR, 5889 TR_STRDOIOCTL_PUT, "strdoioctl put: stp %p", stp); 5890 stream_willservice(stp); 5891 putnext(stp->sd_wrq, bp); 5892 stream_runservice(stp); 5893 5894 /* 5895 * Timed wait for acknowledgment. The wait time is limited by the 5896 * timeout value, which must be a positive integer (number of 5897 * milliseconds) to wait, or 0 (use default value of STRTIMOUT 5898 * milliseconds), or -1 (wait forever). This will be awakened 5899 * either by an ACK/NAK message arriving, the timer expiring, or 5900 * the timer expiring on another ioctl waiting for control of the 5901 * mechanism. 5902 */ 5903 waitioc: 5904 mutex_enter(&stp->sd_lock); 5905 5906 5907 /* 5908 * If the reply has already arrived, don't sleep. If awakened from 5909 * the sleep, fail only if the reply has not arrived by then. 5910 * Otherwise, process the reply. 5911 */ 5912 while (!stp->sd_iocblk) { 5913 clock_t cv_rval; 5914 5915 if (stp->sd_flag & errs) { 5916 error = strgeterr(stp, errs, 0); 5917 if (error != 0) { 5918 stp->sd_flag &= ~waitflags; 5919 cv_broadcast(&stp->sd_iocmonitor); 5920 mutex_exit(&stp->sd_lock); 5921 crfree(crp); 5922 return (error); 5923 } 5924 } 5925 5926 TRACE_0(TR_FAC_STREAMS_FR, 5927 TR_STRDOIOCTL_WAIT2, 5928 "strdoioctl sleeps awaiting reply"); 5929 ASSERT(error == 0); 5930 5931 cv_rval = str_cv_wait(&stp->sd_monitor, &stp->sd_lock, 5932 (strioc->ic_timout ? 5933 strioc->ic_timout * 1000 : STRTIMOUT), sigflag); 5934 5935 /* 5936 * There are four possible cases here: interrupt, timeout, 5937 * wakeup by IOCWAITNE (above), or wakeup by strrput_nondata (a 5938 * valid M_IOCTL reply). 5939 * 5940 * If we've been awakened by a STR_NOERROR ioctl on some other 5941 * thread, then sd_iocblk will still be NULL, and IOCWAITNE 5942 * will be set. Pretend as if we just timed out. Note that 5943 * this other thread waited at least STRTIMOUT before trying to 5944 * awaken our thread, so this is indistinguishable (even for 5945 * INFTIM) from the case where we failed with ETIME waiting on 5946 * IOCWAIT in the prior loop. 5947 */ 5948 if (cv_rval > 0 && !(flag & STR_NOERROR) && 5949 stp->sd_iocblk == NULL && (stp->sd_flag & IOCWAITNE)) { 5950 cv_rval = -1; 5951 } 5952 5953 /* 5954 * note: STR_NOERROR does not protect 5955 * us here.. use ic_timout < 0 5956 */ 5957 if (cv_rval <= 0) { 5958 if (cv_rval == 0) { 5959 error = EINTR; 5960 } else { 5961 error = ETIME; 5962 } 5963 /* 5964 * A message could have come in after we were scheduled 5965 * but before we were actually run. 5966 */ 5967 bp = stp->sd_iocblk; 5968 stp->sd_iocblk = NULL; 5969 if (bp != NULL) { 5970 if ((bp->b_datap->db_type == M_COPYIN) || 5971 (bp->b_datap->db_type == M_COPYOUT)) { 5972 mutex_exit(&stp->sd_lock); 5973 if (bp->b_cont) { 5974 freemsg(bp->b_cont); 5975 bp->b_cont = NULL; 5976 } 5977 bp->b_datap->db_type = M_IOCDATA; 5978 bp->b_wptr = bp->b_rptr + 5979 sizeof (struct copyresp); 5980 resp = (struct copyresp *)bp->b_rptr; 5981 resp->cp_rval = 5982 (caddr_t)1; /* failure */ 5983 stream_willservice(stp); 5984 putnext(stp->sd_wrq, bp); 5985 stream_runservice(stp); 5986 mutex_enter(&stp->sd_lock); 5987 } else { 5988 freemsg(bp); 5989 } 5990 } 5991 stp->sd_flag &= ~waitflags; 5992 cv_broadcast(&stp->sd_iocmonitor); 5993 mutex_exit(&stp->sd_lock); 5994 crfree(crp); 5995 return (error); 5996 } 5997 } 5998 bp = stp->sd_iocblk; 5999 /* 6000 * Note: it is strictly impossible to get here with sd_iocblk set to 6001 * -1. This is because the initial loop above doesn't allow any new 6002 * ioctls into the fray until all others have passed this point. 6003 */ 6004 ASSERT(bp != NULL && bp != (mblk_t *)-1); 6005 TRACE_1(TR_FAC_STREAMS_FR, 6006 TR_STRDOIOCTL_ACK, "strdoioctl got reply: bp %p", bp); 6007 if ((bp->b_datap->db_type == M_IOCACK) || 6008 (bp->b_datap->db_type == M_IOCNAK)) { 6009 /* for detection of duplicate ioctl replies */ 6010 stp->sd_iocblk = (mblk_t *)-1; 6011 stp->sd_flag &= ~waitflags; 6012 cv_broadcast(&stp->sd_iocmonitor); 6013 mutex_exit(&stp->sd_lock); 6014 } else { 6015 /* 6016 * flags not cleared here because we're still doing 6017 * copy in/out for ioctl. 6018 */ 6019 stp->sd_iocblk = NULL; 6020 mutex_exit(&stp->sd_lock); 6021 } 6022 6023 6024 /* 6025 * Have received acknowledgment. 6026 */ 6027 6028 switch (bp->b_datap->db_type) { 6029 case M_IOCACK: 6030 /* 6031 * Positive ack. 6032 */ 6033 iocbp = (struct iocblk *)bp->b_rptr; 6034 6035 /* 6036 * Set error if indicated. 6037 */ 6038 if (iocbp->ioc_error) { 6039 error = iocbp->ioc_error; 6040 break; 6041 } 6042 6043 /* 6044 * Set return value. 6045 */ 6046 *rvalp = iocbp->ioc_rval; 6047 6048 /* 6049 * Data may have been returned in ACK message (ioc_count > 0). 6050 * If so, copy it out to the user's buffer. 6051 */ 6052 if (iocbp->ioc_count && !transparent) { 6053 if (error = getiocd(bp, strioc->ic_dp, copyflag)) 6054 break; 6055 } 6056 if (!transparent) { 6057 if (len) /* an M_COPYOUT was used with I_STR */ 6058 strioc->ic_len = len; 6059 else 6060 strioc->ic_len = (int)iocbp->ioc_count; 6061 } 6062 break; 6063 6064 case M_IOCNAK: 6065 /* 6066 * Negative ack. 6067 * 6068 * The only thing to do is set error as specified 6069 * in neg ack packet. 6070 */ 6071 iocbp = (struct iocblk *)bp->b_rptr; 6072 6073 error = (iocbp->ioc_error ? iocbp->ioc_error : EINVAL); 6074 break; 6075 6076 case M_COPYIN: 6077 /* 6078 * Driver or module has requested user ioctl data. 6079 */ 6080 reqp = (struct copyreq *)bp->b_rptr; 6081 6082 /* 6083 * M_COPYIN should *never* have a message attached, though 6084 * it's harmless if it does -- thus, panic on a DEBUG 6085 * kernel and just free it on a non-DEBUG build. 6086 */ 6087 ASSERT(bp->b_cont == NULL); 6088 if (bp->b_cont != NULL) { 6089 freemsg(bp->b_cont); 6090 bp->b_cont = NULL; 6091 } 6092 6093 error = putiocd(bp, reqp->cq_addr, flag, crp); 6094 if (error && bp->b_cont) { 6095 freemsg(bp->b_cont); 6096 bp->b_cont = NULL; 6097 } 6098 6099 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 6100 bp->b_datap->db_type = M_IOCDATA; 6101 6102 mblk_setcred(bp, crp); 6103 DB_CPID(bp) = curproc->p_pid; 6104 resp = (struct copyresp *)bp->b_rptr; 6105 resp->cp_rval = (caddr_t)(uintptr_t)error; 6106 resp->cp_flag = (fflags & FMODELS); 6107 6108 stream_willservice(stp); 6109 putnext(stp->sd_wrq, bp); 6110 stream_runservice(stp); 6111 6112 if (error) { 6113 mutex_enter(&stp->sd_lock); 6114 stp->sd_flag &= ~waitflags; 6115 cv_broadcast(&stp->sd_iocmonitor); 6116 mutex_exit(&stp->sd_lock); 6117 crfree(crp); 6118 return (error); 6119 } 6120 6121 goto waitioc; 6122 6123 case M_COPYOUT: 6124 /* 6125 * Driver or module has ioctl data for a user. 6126 */ 6127 reqp = (struct copyreq *)bp->b_rptr; 6128 ASSERT(bp->b_cont != NULL); 6129 6130 /* 6131 * Always (transparent or non-transparent ) 6132 * use the address specified in the request 6133 */ 6134 taddr = reqp->cq_addr; 6135 if (!transparent) 6136 len = (int)reqp->cq_size; 6137 6138 /* copyout data to the provided address */ 6139 error = getiocd(bp, taddr, copyflag); 6140 6141 freemsg(bp->b_cont); 6142 bp->b_cont = NULL; 6143 6144 bp->b_wptr = bp->b_rptr + sizeof (struct copyresp); 6145 bp->b_datap->db_type = M_IOCDATA; 6146 6147 mblk_setcred(bp, crp); 6148 DB_CPID(bp) = curproc->p_pid; 6149 resp = (struct copyresp *)bp->b_rptr; 6150 resp->cp_rval = (caddr_t)(uintptr_t)error; 6151 resp->cp_flag = (fflags & FMODELS); 6152 6153 stream_willservice(stp); 6154 putnext(stp->sd_wrq, bp); 6155 stream_runservice(stp); 6156 6157 if (error) { 6158 mutex_enter(&stp->sd_lock); 6159 stp->sd_flag &= ~waitflags; 6160 cv_broadcast(&stp->sd_iocmonitor); 6161 mutex_exit(&stp->sd_lock); 6162 crfree(crp); 6163 return (error); 6164 } 6165 goto waitioc; 6166 6167 default: 6168 ASSERT(0); 6169 mutex_enter(&stp->sd_lock); 6170 stp->sd_flag &= ~waitflags; 6171 cv_broadcast(&stp->sd_iocmonitor); 6172 mutex_exit(&stp->sd_lock); 6173 break; 6174 } 6175 6176 freemsg(bp); 6177 crfree(crp); 6178 return (error); 6179 } 6180 6181 /* 6182 * For the SunOS keyboard driver. 6183 * Return the next available "ioctl" sequence number. 6184 * Exported, so that streams modules can send "ioctl" messages 6185 * downstream from their open routine. 6186 */ 6187 int 6188 getiocseqno(void) 6189 { 6190 int i; 6191 6192 mutex_enter(&strresources); 6193 i = ++ioc_id; 6194 mutex_exit(&strresources); 6195 return (i); 6196 } 6197 6198 /* 6199 * Get the next message from the read queue. If the message is 6200 * priority, STRPRI will have been set by strrput(). This flag 6201 * should be reset only when the entire message at the front of the 6202 * queue as been consumed. 6203 * 6204 * NOTE: strgetmsg and kstrgetmsg have much of the logic in common. 6205 */ 6206 int 6207 strgetmsg( 6208 struct vnode *vp, 6209 struct strbuf *mctl, 6210 struct strbuf *mdata, 6211 unsigned char *prip, 6212 int *flagsp, 6213 int fmode, 6214 rval_t *rvp) 6215 { 6216 struct stdata *stp; 6217 mblk_t *bp, *nbp; 6218 mblk_t *savemp = NULL; 6219 mblk_t *savemptail = NULL; 6220 uint_t old_sd_flag; 6221 int flg; 6222 int more = 0; 6223 int error = 0; 6224 char first = 1; 6225 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 6226 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 6227 unsigned char pri = 0; 6228 queue_t *q; 6229 int pr = 0; /* Partial read successful */ 6230 struct uio uios; 6231 struct uio *uiop = &uios; 6232 struct iovec iovs; 6233 unsigned char type; 6234 6235 TRACE_1(TR_FAC_STREAMS_FR, TR_STRGETMSG_ENTER, 6236 "strgetmsg:%p", vp); 6237 6238 ASSERT(vp->v_stream); 6239 stp = vp->v_stream; 6240 rvp->r_val1 = 0; 6241 6242 mutex_enter(&stp->sd_lock); 6243 6244 if ((error = i_straccess(stp, JCREAD)) != 0) { 6245 mutex_exit(&stp->sd_lock); 6246 return (error); 6247 } 6248 6249 if (stp->sd_flag & (STRDERR|STPLEX)) { 6250 error = strgeterr(stp, STRDERR|STPLEX, 0); 6251 if (error != 0) { 6252 mutex_exit(&stp->sd_lock); 6253 return (error); 6254 } 6255 } 6256 mutex_exit(&stp->sd_lock); 6257 6258 switch (*flagsp) { 6259 case MSG_HIPRI: 6260 if (*prip != 0) 6261 return (EINVAL); 6262 break; 6263 6264 case MSG_ANY: 6265 case MSG_BAND: 6266 break; 6267 6268 default: 6269 return (EINVAL); 6270 } 6271 /* 6272 * Setup uio and iov for data part 6273 */ 6274 iovs.iov_base = mdata->buf; 6275 iovs.iov_len = mdata->maxlen; 6276 uios.uio_iov = &iovs; 6277 uios.uio_iovcnt = 1; 6278 uios.uio_loffset = 0; 6279 uios.uio_segflg = UIO_USERSPACE; 6280 uios.uio_fmode = 0; 6281 uios.uio_extflg = UIO_COPY_CACHED; 6282 uios.uio_resid = mdata->maxlen; 6283 uios.uio_offset = 0; 6284 6285 q = _RD(stp->sd_wrq); 6286 mutex_enter(&stp->sd_lock); 6287 old_sd_flag = stp->sd_flag; 6288 mark = 0; 6289 for (;;) { 6290 int done = 0; 6291 mblk_t *q_first = q->q_first; 6292 6293 /* 6294 * Get the next message of appropriate priority 6295 * from the stream head. If the caller is interested 6296 * in band or hipri messages, then they should already 6297 * be enqueued at the stream head. On the other hand 6298 * if the caller wants normal (band 0) messages, they 6299 * might be deferred in a synchronous stream and they 6300 * will need to be pulled up. 6301 * 6302 * After we have dequeued a message, we might find that 6303 * it was a deferred M_SIG that was enqueued at the 6304 * stream head. It must now be posted as part of the 6305 * read by calling strsignal_nolock(). 6306 * 6307 * Also note that strrput does not enqueue an M_PCSIG, 6308 * and there cannot be more than one hipri message, 6309 * so there was no need to have the M_PCSIG case. 6310 * 6311 * At some time it might be nice to try and wrap the 6312 * functionality of kstrgetmsg() and strgetmsg() into 6313 * a common routine so to reduce the amount of replicated 6314 * code (since they are extremely similar). 6315 */ 6316 if (!(*flagsp & (MSG_HIPRI|MSG_BAND))) { 6317 /* Asking for normal, band0 data */ 6318 bp = strget(stp, q, uiop, first, &error); 6319 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6320 if (bp != NULL) { 6321 if (bp->b_datap->db_type == M_SIG) { 6322 strsignal_nolock(stp, *bp->b_rptr, 6323 (int32_t)bp->b_band); 6324 continue; 6325 } else { 6326 break; 6327 } 6328 } 6329 if (error != 0) { 6330 goto getmout; 6331 } 6332 6333 /* 6334 * We can't depend on the value of STRPRI here because 6335 * the stream head may be in transit. Therefore, we 6336 * must look at the type of the first message to 6337 * determine if a high priority messages is waiting 6338 */ 6339 } else if ((*flagsp & MSG_HIPRI) && q_first != NULL && 6340 q_first->b_datap->db_type >= QPCTL && 6341 (bp = getq_noenab(q)) != NULL) { 6342 /* Asked for HIPRI and got one */ 6343 ASSERT(bp->b_datap->db_type >= QPCTL); 6344 break; 6345 } else if ((*flagsp & MSG_BAND) && q_first != NULL && 6346 ((q_first->b_band >= *prip) || 6347 q_first->b_datap->db_type >= QPCTL) && 6348 (bp = getq_noenab(q)) != NULL) { 6349 /* 6350 * Asked for at least band "prip" and got either at 6351 * least that band or a hipri message. 6352 */ 6353 ASSERT(bp->b_band >= *prip || 6354 bp->b_datap->db_type >= QPCTL); 6355 if (bp->b_datap->db_type == M_SIG) { 6356 strsignal_nolock(stp, *bp->b_rptr, 6357 (int32_t)bp->b_band); 6358 continue; 6359 } else { 6360 break; 6361 } 6362 } 6363 6364 /* No data. Time to sleep? */ 6365 qbackenable(q, 0); 6366 6367 /* 6368 * If STRHUP or STREOF, return 0 length control and data. 6369 * If resid is 0, then a read(fd,buf,0) was done. Do not 6370 * sleep to satisfy this request because by default we have 6371 * zero bytes to return. 6372 */ 6373 if ((stp->sd_flag & (STRHUP|STREOF)) || (mctl->maxlen == 0 && 6374 mdata->maxlen == 0)) { 6375 mctl->len = mdata->len = 0; 6376 *flagsp = 0; 6377 mutex_exit(&stp->sd_lock); 6378 return (0); 6379 } 6380 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_WAIT, 6381 "strgetmsg calls strwaitq:%p, %p", 6382 vp, uiop); 6383 if (((error = strwaitq(stp, GETWAIT, (ssize_t)0, fmode, -1, 6384 &done)) != 0) || done) { 6385 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_DONE, 6386 "strgetmsg error or done:%p, %p", 6387 vp, uiop); 6388 mutex_exit(&stp->sd_lock); 6389 return (error); 6390 } 6391 TRACE_2(TR_FAC_STREAMS_FR, TR_STRGETMSG_AWAKE, 6392 "strgetmsg awakes:%p, %p", vp, uiop); 6393 if ((error = i_straccess(stp, JCREAD)) != 0) { 6394 mutex_exit(&stp->sd_lock); 6395 return (error); 6396 } 6397 first = 0; 6398 } 6399 ASSERT(bp != NULL); 6400 /* 6401 * Extract any mark information. If the message is not completely 6402 * consumed this information will be put in the mblk 6403 * that is putback. 6404 * If MSGMARKNEXT is set and the message is completely consumed 6405 * the STRATMARK flag will be set below. Likewise, if 6406 * MSGNOTMARKNEXT is set and the message is 6407 * completely consumed STRNOTATMARK will be set. 6408 */ 6409 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 6410 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 6411 (MSGMARKNEXT|MSGNOTMARKNEXT)); 6412 if (mark != 0 && bp == stp->sd_mark) { 6413 mark |= _LASTMARK; 6414 stp->sd_mark = NULL; 6415 } 6416 /* 6417 * keep track of the original message type and priority 6418 */ 6419 pri = bp->b_band; 6420 type = bp->b_datap->db_type; 6421 if (type == M_PASSFP) { 6422 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 6423 stp->sd_mark = bp; 6424 bp->b_flag |= mark & ~_LASTMARK; 6425 putback(stp, q, bp, pri); 6426 qbackenable(q, pri); 6427 mutex_exit(&stp->sd_lock); 6428 return (EBADMSG); 6429 } 6430 ASSERT(type != M_SIG); 6431 6432 /* 6433 * Set this flag so strrput will not generate signals. Need to 6434 * make sure this flag is cleared before leaving this routine 6435 * else signals will stop being sent. 6436 */ 6437 stp->sd_flag |= STRGETINPROG; 6438 mutex_exit(&stp->sd_lock); 6439 6440 if (STREAM_NEEDSERVICE(stp)) 6441 stream_runservice(stp); 6442 6443 /* 6444 * Set HIPRI flag if message is priority. 6445 */ 6446 if (type >= QPCTL) 6447 flg = MSG_HIPRI; 6448 else 6449 flg = MSG_BAND; 6450 6451 /* 6452 * First process PROTO or PCPROTO blocks, if any. 6453 */ 6454 if (mctl->maxlen >= 0 && type != M_DATA) { 6455 size_t n, bcnt; 6456 char *ubuf; 6457 6458 bcnt = mctl->maxlen; 6459 ubuf = mctl->buf; 6460 while (bp != NULL && bp->b_datap->db_type != M_DATA) { 6461 if ((n = MIN(bcnt, bp->b_wptr - bp->b_rptr)) != 0 && 6462 copyout(bp->b_rptr, ubuf, n)) { 6463 error = EFAULT; 6464 mutex_enter(&stp->sd_lock); 6465 /* 6466 * clear stream head pri flag based on 6467 * first message type 6468 */ 6469 if (type >= QPCTL) { 6470 ASSERT(type == M_PCPROTO); 6471 stp->sd_flag &= ~STRPRI; 6472 } 6473 more = 0; 6474 freemsg(bp); 6475 goto getmout; 6476 } 6477 ubuf += n; 6478 bp->b_rptr += n; 6479 if (bp->b_rptr >= bp->b_wptr) { 6480 nbp = bp; 6481 bp = bp->b_cont; 6482 freeb(nbp); 6483 } 6484 ASSERT(n <= bcnt); 6485 bcnt -= n; 6486 if (bcnt == 0) 6487 break; 6488 } 6489 mctl->len = mctl->maxlen - bcnt; 6490 } else 6491 mctl->len = -1; 6492 6493 if (bp && bp->b_datap->db_type != M_DATA) { 6494 /* 6495 * More PROTO blocks in msg. 6496 */ 6497 more |= MORECTL; 6498 savemp = bp; 6499 while (bp && bp->b_datap->db_type != M_DATA) { 6500 savemptail = bp; 6501 bp = bp->b_cont; 6502 } 6503 savemptail->b_cont = NULL; 6504 } 6505 6506 /* 6507 * Now process DATA blocks, if any. 6508 */ 6509 if (mdata->maxlen >= 0 && bp) { 6510 /* 6511 * struiocopyout will consume a potential zero-length 6512 * M_DATA even if uio_resid is zero. 6513 */ 6514 size_t oldresid = uiop->uio_resid; 6515 6516 bp = struiocopyout(bp, uiop, &error); 6517 if (error != 0) { 6518 mutex_enter(&stp->sd_lock); 6519 /* 6520 * clear stream head hi pri flag based on 6521 * first message 6522 */ 6523 if (type >= QPCTL) { 6524 ASSERT(type == M_PCPROTO); 6525 stp->sd_flag &= ~STRPRI; 6526 } 6527 more = 0; 6528 freemsg(savemp); 6529 goto getmout; 6530 } 6531 /* 6532 * (pr == 1) indicates a partial read. 6533 */ 6534 if (oldresid > uiop->uio_resid) 6535 pr = 1; 6536 mdata->len = mdata->maxlen - uiop->uio_resid; 6537 } else 6538 mdata->len = -1; 6539 6540 if (bp) { /* more data blocks in msg */ 6541 more |= MOREDATA; 6542 if (savemp) 6543 savemptail->b_cont = bp; 6544 else 6545 savemp = bp; 6546 } 6547 6548 mutex_enter(&stp->sd_lock); 6549 if (savemp) { 6550 if (pr && (savemp->b_datap->db_type == M_DATA) && 6551 msgnodata(savemp)) { 6552 /* 6553 * Avoid queuing a zero-length tail part of 6554 * a message. pr=1 indicates that we read some of 6555 * the message. 6556 */ 6557 freemsg(savemp); 6558 more &= ~MOREDATA; 6559 /* 6560 * clear stream head hi pri flag based on 6561 * first message 6562 */ 6563 if (type >= QPCTL) { 6564 ASSERT(type == M_PCPROTO); 6565 stp->sd_flag &= ~STRPRI; 6566 } 6567 } else { 6568 savemp->b_band = pri; 6569 /* 6570 * If the first message was HIPRI and the one we're 6571 * putting back isn't, then clear STRPRI, otherwise 6572 * set STRPRI again. Note that we must set STRPRI 6573 * again since the flush logic in strrput_nondata() 6574 * may have cleared it while we had sd_lock dropped. 6575 */ 6576 if (type >= QPCTL) { 6577 ASSERT(type == M_PCPROTO); 6578 if (queclass(savemp) < QPCTL) 6579 stp->sd_flag &= ~STRPRI; 6580 else 6581 stp->sd_flag |= STRPRI; 6582 } else if (queclass(savemp) >= QPCTL) { 6583 /* 6584 * The first message was not a HIPRI message, 6585 * but the one we are about to putback is. 6586 * For simplicitly, we do not allow for HIPRI 6587 * messages to be embedded in the message 6588 * body, so just force it to same type as 6589 * first message. 6590 */ 6591 ASSERT(type == M_DATA || type == M_PROTO); 6592 ASSERT(savemp->b_datap->db_type == M_PCPROTO); 6593 savemp->b_datap->db_type = type; 6594 } 6595 if (mark != 0) { 6596 savemp->b_flag |= mark & ~_LASTMARK; 6597 if ((mark & _LASTMARK) && 6598 (stp->sd_mark == NULL)) { 6599 /* 6600 * If another marked message arrived 6601 * while sd_lock was not held sd_mark 6602 * would be non-NULL. 6603 */ 6604 stp->sd_mark = savemp; 6605 } 6606 } 6607 putback(stp, q, savemp, pri); 6608 } 6609 } else { 6610 /* 6611 * The complete message was consumed. 6612 * 6613 * If another M_PCPROTO arrived while sd_lock was not held 6614 * it would have been discarded since STRPRI was still set. 6615 * 6616 * Move the MSG*MARKNEXT information 6617 * to the stream head just in case 6618 * the read queue becomes empty. 6619 * clear stream head hi pri flag based on 6620 * first message 6621 * 6622 * If the stream head was at the mark 6623 * (STRATMARK) before we dropped sd_lock above 6624 * and some data was consumed then we have 6625 * moved past the mark thus STRATMARK is 6626 * cleared. However, if a message arrived in 6627 * strrput during the copyout above causing 6628 * STRATMARK to be set we can not clear that 6629 * flag. 6630 */ 6631 if (type >= QPCTL) { 6632 ASSERT(type == M_PCPROTO); 6633 stp->sd_flag &= ~STRPRI; 6634 } 6635 if (mark & (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 6636 if (mark & MSGMARKNEXT) { 6637 stp->sd_flag &= ~STRNOTATMARK; 6638 stp->sd_flag |= STRATMARK; 6639 } else if (mark & MSGNOTMARKNEXT) { 6640 stp->sd_flag &= ~STRATMARK; 6641 stp->sd_flag |= STRNOTATMARK; 6642 } else { 6643 stp->sd_flag &= ~(STRATMARK|STRNOTATMARK); 6644 } 6645 } else if (pr && (old_sd_flag & STRATMARK)) { 6646 stp->sd_flag &= ~STRATMARK; 6647 } 6648 } 6649 6650 *flagsp = flg; 6651 *prip = pri; 6652 6653 /* 6654 * Getmsg cleanup processing - if the state of the queue has changed 6655 * some signals may need to be sent and/or poll awakened. 6656 */ 6657 getmout: 6658 qbackenable(q, pri); 6659 6660 /* 6661 * We dropped the stream head lock above. Send all M_SIG messages 6662 * before processing stream head for SIGPOLL messages. 6663 */ 6664 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6665 while ((bp = q->q_first) != NULL && 6666 (bp->b_datap->db_type == M_SIG)) { 6667 /* 6668 * sd_lock is held so the content of the read queue can not 6669 * change. 6670 */ 6671 bp = getq(q); 6672 ASSERT(bp != NULL && bp->b_datap->db_type == M_SIG); 6673 6674 strsignal_nolock(stp, *bp->b_rptr, (int32_t)bp->b_band); 6675 mutex_exit(&stp->sd_lock); 6676 freemsg(bp); 6677 if (STREAM_NEEDSERVICE(stp)) 6678 stream_runservice(stp); 6679 mutex_enter(&stp->sd_lock); 6680 } 6681 6682 /* 6683 * stream head cannot change while we make the determination 6684 * whether or not to send a signal. Drop the flag to allow strrput 6685 * to send firstmsgsigs again. 6686 */ 6687 stp->sd_flag &= ~STRGETINPROG; 6688 6689 /* 6690 * If the type of message at the front of the queue changed 6691 * due to the receive the appropriate signals and pollwakeup events 6692 * are generated. The type of changes are: 6693 * Processed a hipri message, q_first is not hipri. 6694 * Processed a band X message, and q_first is band Y. 6695 * The generated signals and pollwakeups are identical to what 6696 * strrput() generates should the message that is now on q_first 6697 * arrive to an empty read queue. 6698 * 6699 * Note: only strrput will send a signal for a hipri message. 6700 */ 6701 if ((bp = q->q_first) != NULL && !(stp->sd_flag & STRPRI)) { 6702 strsigset_t signals = 0; 6703 strpollset_t pollwakeups = 0; 6704 6705 if (flg & MSG_HIPRI) { 6706 /* 6707 * Removed a hipri message. Regular data at 6708 * the front of the queue. 6709 */ 6710 if (bp->b_band == 0) { 6711 signals = S_INPUT | S_RDNORM; 6712 pollwakeups = POLLIN | POLLRDNORM; 6713 } else { 6714 signals = S_INPUT | S_RDBAND; 6715 pollwakeups = POLLIN | POLLRDBAND; 6716 } 6717 } else if (pri != bp->b_band) { 6718 /* 6719 * The band is different for the new q_first. 6720 */ 6721 if (bp->b_band == 0) { 6722 signals = S_RDNORM; 6723 pollwakeups = POLLIN | POLLRDNORM; 6724 } else { 6725 signals = S_RDBAND; 6726 pollwakeups = POLLIN | POLLRDBAND; 6727 } 6728 } 6729 6730 if (pollwakeups != 0) { 6731 if (pollwakeups == (POLLIN | POLLRDNORM)) { 6732 if (!(stp->sd_rput_opt & SR_POLLIN)) 6733 goto no_pollwake; 6734 stp->sd_rput_opt &= ~SR_POLLIN; 6735 } 6736 mutex_exit(&stp->sd_lock); 6737 pollwakeup(&stp->sd_pollist, pollwakeups); 6738 mutex_enter(&stp->sd_lock); 6739 } 6740 no_pollwake: 6741 6742 if (stp->sd_sigflags & signals) 6743 strsendsig(stp->sd_siglist, signals, bp->b_band, 0); 6744 } 6745 mutex_exit(&stp->sd_lock); 6746 6747 rvp->r_val1 = more; 6748 return (error); 6749 #undef _LASTMARK 6750 } 6751 6752 /* 6753 * Get the next message from the read queue. If the message is 6754 * priority, STRPRI will have been set by strrput(). This flag 6755 * should be reset only when the entire message at the front of the 6756 * queue as been consumed. 6757 * 6758 * If uiop is NULL all data is returned in mctlp. 6759 * Note that a NULL uiop implies that FNDELAY and FNONBLOCK are assumed 6760 * not enabled. 6761 * The timeout parameter is in milliseconds; -1 for infinity. 6762 * This routine handles the consolidation private flags: 6763 * MSG_IGNERROR Ignore any stream head error except STPLEX. 6764 * MSG_DELAYERROR Defer the error check until the queue is empty. 6765 * MSG_HOLDSIG Hold signals while waiting for data. 6766 * MSG_IPEEK Only peek at messages. 6767 * MSG_DISCARDTAIL Discard the tail M_DATA part of the message 6768 * that doesn't fit. 6769 * MSG_NOMARK If the message is marked leave it on the queue. 6770 * 6771 * NOTE: strgetmsg and kstrgetmsg have much of the logic in common. 6772 */ 6773 int 6774 kstrgetmsg( 6775 struct vnode *vp, 6776 mblk_t **mctlp, 6777 struct uio *uiop, 6778 unsigned char *prip, 6779 int *flagsp, 6780 clock_t timout, 6781 rval_t *rvp) 6782 { 6783 struct stdata *stp; 6784 mblk_t *bp, *nbp; 6785 mblk_t *savemp = NULL; 6786 mblk_t *savemptail = NULL; 6787 int flags; 6788 uint_t old_sd_flag; 6789 int flg; 6790 int more = 0; 6791 int error = 0; 6792 char first = 1; 6793 uint_t mark; /* Contains MSG*MARK and _LASTMARK */ 6794 #define _LASTMARK 0x8000 /* Distinct from MSG*MARK */ 6795 unsigned char pri = 0; 6796 queue_t *q; 6797 int pr = 0; /* Partial read successful */ 6798 unsigned char type; 6799 6800 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_ENTER, 6801 "kstrgetmsg:%p", vp); 6802 6803 ASSERT(vp->v_stream); 6804 stp = vp->v_stream; 6805 rvp->r_val1 = 0; 6806 6807 mutex_enter(&stp->sd_lock); 6808 6809 if ((error = i_straccess(stp, JCREAD)) != 0) { 6810 mutex_exit(&stp->sd_lock); 6811 return (error); 6812 } 6813 6814 flags = *flagsp; 6815 if (stp->sd_flag & (STRDERR|STPLEX)) { 6816 if ((stp->sd_flag & STPLEX) || 6817 (flags & (MSG_IGNERROR|MSG_DELAYERROR)) == 0) { 6818 error = strgeterr(stp, STRDERR|STPLEX, 6819 (flags & MSG_IPEEK)); 6820 if (error != 0) { 6821 mutex_exit(&stp->sd_lock); 6822 return (error); 6823 } 6824 } 6825 } 6826 mutex_exit(&stp->sd_lock); 6827 6828 switch (flags & (MSG_HIPRI|MSG_ANY|MSG_BAND)) { 6829 case MSG_HIPRI: 6830 if (*prip != 0) 6831 return (EINVAL); 6832 break; 6833 6834 case MSG_ANY: 6835 case MSG_BAND: 6836 break; 6837 6838 default: 6839 return (EINVAL); 6840 } 6841 6842 retry: 6843 q = _RD(stp->sd_wrq); 6844 mutex_enter(&stp->sd_lock); 6845 old_sd_flag = stp->sd_flag; 6846 mark = 0; 6847 for (;;) { 6848 int done = 0; 6849 int waitflag; 6850 int fmode; 6851 mblk_t *q_first = q->q_first; 6852 6853 /* 6854 * This section of the code operates just like the code 6855 * in strgetmsg(). There is a comment there about what 6856 * is going on here. 6857 */ 6858 if (!(flags & (MSG_HIPRI|MSG_BAND))) { 6859 /* Asking for normal, band0 data */ 6860 bp = strget(stp, q, uiop, first, &error); 6861 ASSERT(MUTEX_HELD(&stp->sd_lock)); 6862 if (bp != NULL) { 6863 if (bp->b_datap->db_type == M_SIG) { 6864 strsignal_nolock(stp, *bp->b_rptr, 6865 (int32_t)bp->b_band); 6866 continue; 6867 } else { 6868 break; 6869 } 6870 } 6871 if (error != 0) { 6872 goto getmout; 6873 } 6874 /* 6875 * We can't depend on the value of STRPRI here because 6876 * the stream head may be in transit. Therefore, we 6877 * must look at the type of the first message to 6878 * determine if a high priority messages is waiting 6879 */ 6880 } else if ((flags & MSG_HIPRI) && q_first != NULL && 6881 q_first->b_datap->db_type >= QPCTL && 6882 (bp = getq_noenab(q)) != NULL) { 6883 ASSERT(bp->b_datap->db_type >= QPCTL); 6884 break; 6885 } else if ((flags & MSG_BAND) && q_first != NULL && 6886 ((q_first->b_band >= *prip) || 6887 q_first->b_datap->db_type >= QPCTL) && 6888 (bp = getq_noenab(q)) != NULL) { 6889 /* 6890 * Asked for at least band "prip" and got either at 6891 * least that band or a hipri message. 6892 */ 6893 ASSERT(bp->b_band >= *prip || 6894 bp->b_datap->db_type >= QPCTL); 6895 if (bp->b_datap->db_type == M_SIG) { 6896 strsignal_nolock(stp, *bp->b_rptr, 6897 (int32_t)bp->b_band); 6898 continue; 6899 } else { 6900 break; 6901 } 6902 } 6903 6904 /* No data. Time to sleep? */ 6905 qbackenable(q, 0); 6906 6907 /* 6908 * Delayed error notification? 6909 */ 6910 if ((stp->sd_flag & (STRDERR|STPLEX)) && 6911 (flags & (MSG_IGNERROR|MSG_DELAYERROR)) == MSG_DELAYERROR) { 6912 error = strgeterr(stp, STRDERR|STPLEX, 6913 (flags & MSG_IPEEK)); 6914 if (error != 0) { 6915 mutex_exit(&stp->sd_lock); 6916 return (error); 6917 } 6918 } 6919 6920 /* 6921 * If STRHUP or STREOF, return 0 length control and data. 6922 * If a read(fd,buf,0) has been done, do not sleep, just 6923 * return. 6924 * 6925 * If mctlp == NULL and uiop == NULL, then the code will 6926 * do the strwaitq. This is an understood way of saying 6927 * sleep "polling" until a message is received. 6928 */ 6929 if ((stp->sd_flag & (STRHUP|STREOF)) || 6930 (uiop != NULL && uiop->uio_resid == 0)) { 6931 if (mctlp != NULL) 6932 *mctlp = NULL; 6933 *flagsp = 0; 6934 mutex_exit(&stp->sd_lock); 6935 return (0); 6936 } 6937 6938 waitflag = GETWAIT; 6939 if (flags & 6940 (MSG_HOLDSIG|MSG_IGNERROR|MSG_IPEEK|MSG_DELAYERROR)) { 6941 if (flags & MSG_HOLDSIG) 6942 waitflag |= STR_NOSIG; 6943 if (flags & MSG_IGNERROR) 6944 waitflag |= STR_NOERROR; 6945 if (flags & MSG_IPEEK) 6946 waitflag |= STR_PEEK; 6947 if (flags & MSG_DELAYERROR) 6948 waitflag |= STR_DELAYERR; 6949 } 6950 if (uiop != NULL) 6951 fmode = uiop->uio_fmode; 6952 else 6953 fmode = 0; 6954 6955 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_WAIT, 6956 "kstrgetmsg calls strwaitq:%p, %p", 6957 vp, uiop); 6958 if (((error = strwaitq(stp, waitflag, (ssize_t)0, 6959 fmode, timout, &done)) != 0) || done) { 6960 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_DONE, 6961 "kstrgetmsg error or done:%p, %p", 6962 vp, uiop); 6963 mutex_exit(&stp->sd_lock); 6964 return (error); 6965 } 6966 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRGETMSG_AWAKE, 6967 "kstrgetmsg awakes:%p, %p", vp, uiop); 6968 if ((error = i_straccess(stp, JCREAD)) != 0) { 6969 mutex_exit(&stp->sd_lock); 6970 return (error); 6971 } 6972 first = 0; 6973 } 6974 ASSERT(bp != NULL); 6975 /* 6976 * Extract any mark information. If the message is not completely 6977 * consumed this information will be put in the mblk 6978 * that is putback. 6979 * If MSGMARKNEXT is set and the message is completely consumed 6980 * the STRATMARK flag will be set below. Likewise, if 6981 * MSGNOTMARKNEXT is set and the message is 6982 * completely consumed STRNOTATMARK will be set. 6983 */ 6984 mark = bp->b_flag & (MSGMARK | MSGMARKNEXT | MSGNOTMARKNEXT); 6985 ASSERT((mark & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 6986 (MSGMARKNEXT|MSGNOTMARKNEXT)); 6987 pri = bp->b_band; 6988 if (mark != 0) { 6989 /* 6990 * If the caller doesn't want the mark return. 6991 * Used to implement MSG_WAITALL in sockets. 6992 */ 6993 if (flags & MSG_NOMARK) { 6994 putback(stp, q, bp, pri); 6995 qbackenable(q, pri); 6996 mutex_exit(&stp->sd_lock); 6997 return (EWOULDBLOCK); 6998 } 6999 if (bp == stp->sd_mark) { 7000 mark |= _LASTMARK; 7001 stp->sd_mark = NULL; 7002 } 7003 } 7004 7005 /* 7006 * keep track of the first message type 7007 */ 7008 type = bp->b_datap->db_type; 7009 7010 if (bp->b_datap->db_type == M_PASSFP) { 7011 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7012 stp->sd_mark = bp; 7013 bp->b_flag |= mark & ~_LASTMARK; 7014 putback(stp, q, bp, pri); 7015 qbackenable(q, pri); 7016 mutex_exit(&stp->sd_lock); 7017 return (EBADMSG); 7018 } 7019 ASSERT(type != M_SIG); 7020 7021 if (flags & MSG_IPEEK) { 7022 /* 7023 * Clear any struioflag - we do the uiomove over again 7024 * when peeking since it simplifies the code. 7025 * 7026 * Dup the message and put the original back on the queue. 7027 * If dupmsg() fails, try again with copymsg() to see if 7028 * there is indeed a shortage of memory. dupmsg() may fail 7029 * if db_ref in any of the messages reaches its limit. 7030 */ 7031 if ((nbp = dupmsg(bp)) == NULL && (nbp = copymsg(bp)) == NULL) { 7032 /* 7033 * Restore the state of the stream head since we 7034 * need to drop sd_lock (strwaitbuf is sleeping). 7035 */ 7036 size_t size = msgdsize(bp); 7037 7038 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7039 stp->sd_mark = bp; 7040 bp->b_flag |= mark & ~_LASTMARK; 7041 putback(stp, q, bp, pri); 7042 mutex_exit(&stp->sd_lock); 7043 error = strwaitbuf(size, BPRI_HI); 7044 if (error) { 7045 /* 7046 * There is no net change to the queue thus 7047 * no need to qbackenable. 7048 */ 7049 return (error); 7050 } 7051 goto retry; 7052 } 7053 7054 if ((mark & _LASTMARK) && (stp->sd_mark == NULL)) 7055 stp->sd_mark = bp; 7056 bp->b_flag |= mark & ~_LASTMARK; 7057 putback(stp, q, bp, pri); 7058 bp = nbp; 7059 } 7060 7061 /* 7062 * Set this flag so strrput will not generate signals. Need to 7063 * make sure this flag is cleared before leaving this routine 7064 * else signals will stop being sent. 7065 */ 7066 stp->sd_flag |= STRGETINPROG; 7067 mutex_exit(&stp->sd_lock); 7068 7069 if ((stp->sd_rputdatafunc != NULL) && (DB_TYPE(bp) == M_DATA) && 7070 (!(DB_FLAGS(bp) & DBLK_COOKED))) { 7071 7072 bp = (stp->sd_rputdatafunc)( 7073 stp->sd_vnode, bp, NULL, 7074 NULL, NULL, NULL); 7075 7076 if (bp == NULL) 7077 goto retry; 7078 7079 DB_FLAGS(bp) |= DBLK_COOKED; 7080 } 7081 7082 if (STREAM_NEEDSERVICE(stp)) 7083 stream_runservice(stp); 7084 7085 /* 7086 * Set HIPRI flag if message is priority. 7087 */ 7088 if (type >= QPCTL) 7089 flg = MSG_HIPRI; 7090 else 7091 flg = MSG_BAND; 7092 7093 /* 7094 * First process PROTO or PCPROTO blocks, if any. 7095 */ 7096 if (mctlp != NULL && type != M_DATA) { 7097 mblk_t *nbp; 7098 7099 *mctlp = bp; 7100 while (bp->b_cont && bp->b_cont->b_datap->db_type != M_DATA) 7101 bp = bp->b_cont; 7102 nbp = bp->b_cont; 7103 bp->b_cont = NULL; 7104 bp = nbp; 7105 } 7106 7107 if (bp && bp->b_datap->db_type != M_DATA) { 7108 /* 7109 * More PROTO blocks in msg. Will only happen if mctlp is NULL. 7110 */ 7111 more |= MORECTL; 7112 savemp = bp; 7113 while (bp && bp->b_datap->db_type != M_DATA) { 7114 savemptail = bp; 7115 bp = bp->b_cont; 7116 } 7117 savemptail->b_cont = NULL; 7118 } 7119 7120 /* 7121 * Now process DATA blocks, if any. 7122 */ 7123 if (uiop == NULL) { 7124 /* Append data to tail of mctlp */ 7125 if (mctlp != NULL) { 7126 mblk_t **mpp = mctlp; 7127 7128 while (*mpp != NULL) 7129 mpp = &((*mpp)->b_cont); 7130 *mpp = bp; 7131 bp = NULL; 7132 } 7133 } else if (uiop->uio_resid >= 0 && bp) { 7134 size_t oldresid = uiop->uio_resid; 7135 7136 /* 7137 * If a streams message is likely to consist 7138 * of many small mblks, it is pulled up into 7139 * one continuous chunk of memory. 7140 * see longer comment at top of page 7141 * by mblk_pull_len declaration. 7142 */ 7143 7144 if (MBLKL(bp) < mblk_pull_len) { 7145 (void) pullupmsg(bp, -1); 7146 } 7147 7148 bp = struiocopyout(bp, uiop, &error); 7149 if (error != 0) { 7150 if (mctlp != NULL) { 7151 freemsg(*mctlp); 7152 *mctlp = NULL; 7153 } else 7154 freemsg(savemp); 7155 mutex_enter(&stp->sd_lock); 7156 /* 7157 * clear stream head hi pri flag based on 7158 * first message 7159 */ 7160 if (!(flags & MSG_IPEEK) && (type >= QPCTL)) { 7161 ASSERT(type == M_PCPROTO); 7162 stp->sd_flag &= ~STRPRI; 7163 } 7164 more = 0; 7165 goto getmout; 7166 } 7167 /* 7168 * (pr == 1) indicates a partial read. 7169 */ 7170 if (oldresid > uiop->uio_resid) 7171 pr = 1; 7172 } 7173 7174 if (bp) { /* more data blocks in msg */ 7175 more |= MOREDATA; 7176 if (savemp) 7177 savemptail->b_cont = bp; 7178 else 7179 savemp = bp; 7180 } 7181 7182 mutex_enter(&stp->sd_lock); 7183 if (savemp) { 7184 if (flags & (MSG_IPEEK|MSG_DISCARDTAIL)) { 7185 /* 7186 * When MSG_DISCARDTAIL is set or 7187 * when peeking discard any tail. When peeking this 7188 * is the tail of the dup that was copied out - the 7189 * message has already been putback on the queue. 7190 * Return MOREDATA to the caller even though the data 7191 * is discarded. This is used by sockets (to 7192 * set MSG_TRUNC). 7193 */ 7194 freemsg(savemp); 7195 if (!(flags & MSG_IPEEK) && (type >= QPCTL)) { 7196 ASSERT(type == M_PCPROTO); 7197 stp->sd_flag &= ~STRPRI; 7198 } 7199 } else if (pr && (savemp->b_datap->db_type == M_DATA) && 7200 msgnodata(savemp)) { 7201 /* 7202 * Avoid queuing a zero-length tail part of 7203 * a message. pr=1 indicates that we read some of 7204 * the message. 7205 */ 7206 freemsg(savemp); 7207 more &= ~MOREDATA; 7208 if (type >= QPCTL) { 7209 ASSERT(type == M_PCPROTO); 7210 stp->sd_flag &= ~STRPRI; 7211 } 7212 } else { 7213 savemp->b_band = pri; 7214 /* 7215 * If the first message was HIPRI and the one we're 7216 * putting back isn't, then clear STRPRI, otherwise 7217 * set STRPRI again. Note that we must set STRPRI 7218 * again since the flush logic in strrput_nondata() 7219 * may have cleared it while we had sd_lock dropped. 7220 */ 7221 if (type >= QPCTL) { 7222 ASSERT(type == M_PCPROTO); 7223 if (queclass(savemp) < QPCTL) 7224 stp->sd_flag &= ~STRPRI; 7225 else 7226 stp->sd_flag |= STRPRI; 7227 } else if (queclass(savemp) >= QPCTL) { 7228 /* 7229 * The first message was not a HIPRI message, 7230 * but the one we are about to putback is. 7231 * For simplicitly, we do not allow for HIPRI 7232 * messages to be embedded in the message 7233 * body, so just force it to same type as 7234 * first message. 7235 */ 7236 ASSERT(type == M_DATA || type == M_PROTO); 7237 ASSERT(savemp->b_datap->db_type == M_PCPROTO); 7238 savemp->b_datap->db_type = type; 7239 } 7240 if (mark != 0) { 7241 if ((mark & _LASTMARK) && 7242 (stp->sd_mark == NULL)) { 7243 /* 7244 * If another marked message arrived 7245 * while sd_lock was not held sd_mark 7246 * would be non-NULL. 7247 */ 7248 stp->sd_mark = savemp; 7249 } 7250 savemp->b_flag |= mark & ~_LASTMARK; 7251 } 7252 putback(stp, q, savemp, pri); 7253 } 7254 } else if (!(flags & MSG_IPEEK)) { 7255 /* 7256 * The complete message was consumed. 7257 * 7258 * If another M_PCPROTO arrived while sd_lock was not held 7259 * it would have been discarded since STRPRI was still set. 7260 * 7261 * Move the MSG*MARKNEXT information 7262 * to the stream head just in case 7263 * the read queue becomes empty. 7264 * clear stream head hi pri flag based on 7265 * first message 7266 * 7267 * If the stream head was at the mark 7268 * (STRATMARK) before we dropped sd_lock above 7269 * and some data was consumed then we have 7270 * moved past the mark thus STRATMARK is 7271 * cleared. However, if a message arrived in 7272 * strrput during the copyout above causing 7273 * STRATMARK to be set we can not clear that 7274 * flag. 7275 * XXX A "perimeter" would help by single-threading strrput, 7276 * strread, strgetmsg and kstrgetmsg. 7277 */ 7278 if (type >= QPCTL) { 7279 ASSERT(type == M_PCPROTO); 7280 stp->sd_flag &= ~STRPRI; 7281 } 7282 if (mark & (MSGMARKNEXT|MSGNOTMARKNEXT|MSGMARK)) { 7283 if (mark & MSGMARKNEXT) { 7284 stp->sd_flag &= ~STRNOTATMARK; 7285 stp->sd_flag |= STRATMARK; 7286 } else if (mark & MSGNOTMARKNEXT) { 7287 stp->sd_flag &= ~STRATMARK; 7288 stp->sd_flag |= STRNOTATMARK; 7289 } else { 7290 stp->sd_flag &= ~(STRATMARK|STRNOTATMARK); 7291 } 7292 } else if (pr && (old_sd_flag & STRATMARK)) { 7293 stp->sd_flag &= ~STRATMARK; 7294 } 7295 } 7296 7297 *flagsp = flg; 7298 *prip = pri; 7299 7300 /* 7301 * Getmsg cleanup processing - if the state of the queue has changed 7302 * some signals may need to be sent and/or poll awakened. 7303 */ 7304 getmout: 7305 qbackenable(q, pri); 7306 7307 /* 7308 * We dropped the stream head lock above. Send all M_SIG messages 7309 * before processing stream head for SIGPOLL messages. 7310 */ 7311 ASSERT(MUTEX_HELD(&stp->sd_lock)); 7312 while ((bp = q->q_first) != NULL && 7313 (bp->b_datap->db_type == M_SIG)) { 7314 /* 7315 * sd_lock is held so the content of the read queue can not 7316 * change. 7317 */ 7318 bp = getq(q); 7319 ASSERT(bp != NULL && bp->b_datap->db_type == M_SIG); 7320 7321 strsignal_nolock(stp, *bp->b_rptr, (int32_t)bp->b_band); 7322 mutex_exit(&stp->sd_lock); 7323 freemsg(bp); 7324 if (STREAM_NEEDSERVICE(stp)) 7325 stream_runservice(stp); 7326 mutex_enter(&stp->sd_lock); 7327 } 7328 7329 /* 7330 * stream head cannot change while we make the determination 7331 * whether or not to send a signal. Drop the flag to allow strrput 7332 * to send firstmsgsigs again. 7333 */ 7334 stp->sd_flag &= ~STRGETINPROG; 7335 7336 /* 7337 * If the type of message at the front of the queue changed 7338 * due to the receive the appropriate signals and pollwakeup events 7339 * are generated. The type of changes are: 7340 * Processed a hipri message, q_first is not hipri. 7341 * Processed a band X message, and q_first is band Y. 7342 * The generated signals and pollwakeups are identical to what 7343 * strrput() generates should the message that is now on q_first 7344 * arrive to an empty read queue. 7345 * 7346 * Note: only strrput will send a signal for a hipri message. 7347 */ 7348 if ((bp = q->q_first) != NULL && !(stp->sd_flag & STRPRI)) { 7349 strsigset_t signals = 0; 7350 strpollset_t pollwakeups = 0; 7351 7352 if (flg & MSG_HIPRI) { 7353 /* 7354 * Removed a hipri message. Regular data at 7355 * the front of the queue. 7356 */ 7357 if (bp->b_band == 0) { 7358 signals = S_INPUT | S_RDNORM; 7359 pollwakeups = POLLIN | POLLRDNORM; 7360 } else { 7361 signals = S_INPUT | S_RDBAND; 7362 pollwakeups = POLLIN | POLLRDBAND; 7363 } 7364 } else if (pri != bp->b_band) { 7365 /* 7366 * The band is different for the new q_first. 7367 */ 7368 if (bp->b_band == 0) { 7369 signals = S_RDNORM; 7370 pollwakeups = POLLIN | POLLRDNORM; 7371 } else { 7372 signals = S_RDBAND; 7373 pollwakeups = POLLIN | POLLRDBAND; 7374 } 7375 } 7376 7377 if (pollwakeups != 0) { 7378 if (pollwakeups == (POLLIN | POLLRDNORM)) { 7379 if (!(stp->sd_rput_opt & SR_POLLIN)) 7380 goto no_pollwake; 7381 stp->sd_rput_opt &= ~SR_POLLIN; 7382 } 7383 mutex_exit(&stp->sd_lock); 7384 pollwakeup(&stp->sd_pollist, pollwakeups); 7385 mutex_enter(&stp->sd_lock); 7386 } 7387 no_pollwake: 7388 7389 if (stp->sd_sigflags & signals) 7390 strsendsig(stp->sd_siglist, signals, bp->b_band, 0); 7391 } 7392 mutex_exit(&stp->sd_lock); 7393 7394 rvp->r_val1 = more; 7395 return (error); 7396 #undef _LASTMARK 7397 } 7398 7399 /* 7400 * Put a message downstream. 7401 * 7402 * NOTE: strputmsg and kstrputmsg have much of the logic in common. 7403 */ 7404 int 7405 strputmsg( 7406 struct vnode *vp, 7407 struct strbuf *mctl, 7408 struct strbuf *mdata, 7409 unsigned char pri, 7410 int flag, 7411 int fmode) 7412 { 7413 struct stdata *stp; 7414 queue_t *wqp; 7415 mblk_t *mp; 7416 ssize_t msgsize; 7417 ssize_t rmin, rmax; 7418 int error; 7419 struct uio uios; 7420 struct uio *uiop = &uios; 7421 struct iovec iovs; 7422 int xpg4 = 0; 7423 7424 ASSERT(vp->v_stream); 7425 stp = vp->v_stream; 7426 wqp = stp->sd_wrq; 7427 7428 /* 7429 * If it is an XPG4 application, we need to send 7430 * SIGPIPE below 7431 */ 7432 7433 xpg4 = (flag & MSG_XPG4) ? 1 : 0; 7434 flag &= ~MSG_XPG4; 7435 7436 #ifdef C2_AUDIT 7437 if (audit_active) 7438 audit_strputmsg(vp, mctl, mdata, pri, flag, fmode); 7439 #endif 7440 7441 mutex_enter(&stp->sd_lock); 7442 7443 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7444 mutex_exit(&stp->sd_lock); 7445 return (error); 7446 } 7447 7448 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 7449 error = strwriteable(stp, B_FALSE, xpg4); 7450 if (error != 0) { 7451 mutex_exit(&stp->sd_lock); 7452 return (error); 7453 } 7454 } 7455 7456 mutex_exit(&stp->sd_lock); 7457 7458 /* 7459 * Check for legal flag value. 7460 */ 7461 switch (flag) { 7462 case MSG_HIPRI: 7463 if ((mctl->len < 0) || (pri != 0)) 7464 return (EINVAL); 7465 break; 7466 case MSG_BAND: 7467 break; 7468 7469 default: 7470 return (EINVAL); 7471 } 7472 7473 TRACE_1(TR_FAC_STREAMS_FR, TR_STRPUTMSG_IN, 7474 "strputmsg in:stp %p", stp); 7475 7476 /* get these values from those cached in the stream head */ 7477 rmin = stp->sd_qn_minpsz; 7478 rmax = stp->sd_qn_maxpsz; 7479 7480 /* 7481 * Make sure ctl and data sizes together fall within the 7482 * limits of the max and min receive packet sizes and do 7483 * not exceed system limit. 7484 */ 7485 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 7486 if (rmax == 0) { 7487 return (ERANGE); 7488 } 7489 /* 7490 * Use the MAXIMUM of sd_maxblk and q_maxpsz. 7491 * Needed to prevent partial failures in the strmakedata loop. 7492 */ 7493 if (stp->sd_maxblk != INFPSZ && rmax != INFPSZ && rmax < stp->sd_maxblk) 7494 rmax = stp->sd_maxblk; 7495 7496 if ((msgsize = mdata->len) < 0) { 7497 msgsize = 0; 7498 rmin = 0; /* no range check for NULL data part */ 7499 } 7500 if ((msgsize < rmin) || 7501 ((msgsize > rmax) && (rmax != INFPSZ)) || 7502 (mctl->len > strctlsz)) { 7503 return (ERANGE); 7504 } 7505 7506 /* 7507 * Setup uio and iov for data part 7508 */ 7509 iovs.iov_base = mdata->buf; 7510 iovs.iov_len = msgsize; 7511 uios.uio_iov = &iovs; 7512 uios.uio_iovcnt = 1; 7513 uios.uio_loffset = 0; 7514 uios.uio_segflg = UIO_USERSPACE; 7515 uios.uio_fmode = fmode; 7516 uios.uio_extflg = UIO_COPY_DEFAULT; 7517 uios.uio_resid = msgsize; 7518 uios.uio_offset = 0; 7519 7520 /* Ignore flow control in strput for HIPRI */ 7521 if (flag & MSG_HIPRI) 7522 flag |= MSG_IGNFLOW; 7523 7524 for (;;) { 7525 int done = 0; 7526 7527 /* 7528 * strput will always free the ctl mblk - even when strput 7529 * fails. 7530 */ 7531 if ((error = strmakectl(mctl, flag, fmode, &mp)) != 0) { 7532 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7533 "strputmsg out:stp %p out %d error %d", 7534 stp, 1, error); 7535 return (error); 7536 } 7537 /* 7538 * Verify that the whole message can be transferred by 7539 * strput. 7540 */ 7541 ASSERT(stp->sd_maxblk == INFPSZ || 7542 stp->sd_maxblk >= mdata->len); 7543 7544 msgsize = mdata->len; 7545 error = strput(stp, mp, uiop, &msgsize, 0, pri, flag); 7546 mdata->len = msgsize; 7547 7548 if (error == 0) 7549 break; 7550 7551 if (error != EWOULDBLOCK) 7552 goto out; 7553 7554 mutex_enter(&stp->sd_lock); 7555 /* 7556 * Check for a missed wakeup. 7557 * Needed since strput did not hold sd_lock across 7558 * the canputnext. 7559 */ 7560 if (bcanputnext(wqp, pri)) { 7561 /* Try again */ 7562 mutex_exit(&stp->sd_lock); 7563 continue; 7564 } 7565 TRACE_2(TR_FAC_STREAMS_FR, TR_STRPUTMSG_WAIT, 7566 "strputmsg wait:stp %p waits pri %d", stp, pri); 7567 if (((error = strwaitq(stp, WRITEWAIT, (ssize_t)0, fmode, -1, 7568 &done)) != 0) || done) { 7569 mutex_exit(&stp->sd_lock); 7570 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7571 "strputmsg out:q %p out %d error %d", 7572 stp, 0, error); 7573 return (error); 7574 } 7575 TRACE_1(TR_FAC_STREAMS_FR, TR_STRPUTMSG_WAKE, 7576 "strputmsg wake:stp %p wakes", stp); 7577 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7578 mutex_exit(&stp->sd_lock); 7579 return (error); 7580 } 7581 mutex_exit(&stp->sd_lock); 7582 } 7583 out: 7584 /* 7585 * For historic reasons, applications expect EAGAIN 7586 * when data mblk could not be allocated. so change 7587 * ENOMEM back to EAGAIN 7588 */ 7589 if (error == ENOMEM) 7590 error = EAGAIN; 7591 TRACE_3(TR_FAC_STREAMS_FR, TR_STRPUTMSG_OUT, 7592 "strputmsg out:stp %p out %d error %d", stp, 2, error); 7593 return (error); 7594 } 7595 7596 /* 7597 * Put a message downstream. 7598 * Can send only an M_PROTO/M_PCPROTO by passing in a NULL uiop. 7599 * The fmode flag (NDELAY, NONBLOCK) is the or of the flags in the uio 7600 * and the fmode parameter. 7601 * 7602 * This routine handles the consolidation private flags: 7603 * MSG_IGNERROR Ignore any stream head error except STPLEX. 7604 * MSG_HOLDSIG Hold signals while waiting for data. 7605 * MSG_IGNFLOW Don't check streams flow control. 7606 * 7607 * NOTE: strputmsg and kstrputmsg have much of the logic in common. 7608 */ 7609 int 7610 kstrputmsg( 7611 struct vnode *vp, 7612 mblk_t *mctl, 7613 struct uio *uiop, 7614 ssize_t msgsize, 7615 unsigned char pri, 7616 int flag, 7617 int fmode) 7618 { 7619 struct stdata *stp; 7620 queue_t *wqp; 7621 ssize_t rmin, rmax; 7622 int error; 7623 7624 ASSERT(vp->v_stream); 7625 stp = vp->v_stream; 7626 wqp = stp->sd_wrq; 7627 #ifdef C2_AUDIT 7628 if (audit_active) 7629 audit_strputmsg(vp, NULL, NULL, pri, flag, fmode); 7630 #endif 7631 if (mctl == NULL) 7632 return (EINVAL); 7633 7634 mutex_enter(&stp->sd_lock); 7635 7636 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7637 mutex_exit(&stp->sd_lock); 7638 freemsg(mctl); 7639 return (error); 7640 } 7641 7642 if ((stp->sd_flag & STPLEX) || !(flag & MSG_IGNERROR)) { 7643 if (stp->sd_flag & (STWRERR|STRHUP|STPLEX)) { 7644 error = strwriteable(stp, B_FALSE, B_TRUE); 7645 if (error != 0) { 7646 mutex_exit(&stp->sd_lock); 7647 freemsg(mctl); 7648 return (error); 7649 } 7650 } 7651 } 7652 7653 mutex_exit(&stp->sd_lock); 7654 7655 /* 7656 * Check for legal flag value. 7657 */ 7658 switch (flag & (MSG_HIPRI|MSG_BAND|MSG_ANY)) { 7659 case MSG_HIPRI: 7660 if (pri != 0) { 7661 freemsg(mctl); 7662 return (EINVAL); 7663 } 7664 break; 7665 case MSG_BAND: 7666 break; 7667 default: 7668 freemsg(mctl); 7669 return (EINVAL); 7670 } 7671 7672 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_IN, 7673 "kstrputmsg in:stp %p", stp); 7674 7675 /* get these values from those cached in the stream head */ 7676 rmin = stp->sd_qn_minpsz; 7677 rmax = stp->sd_qn_maxpsz; 7678 7679 /* 7680 * Make sure ctl and data sizes together fall within the 7681 * limits of the max and min receive packet sizes and do 7682 * not exceed system limit. 7683 */ 7684 ASSERT((rmax >= 0) || (rmax == INFPSZ)); 7685 if (rmax == 0) { 7686 freemsg(mctl); 7687 return (ERANGE); 7688 } 7689 /* 7690 * Use the MAXIMUM of sd_maxblk and q_maxpsz. 7691 * Needed to prevent partial failures in the strmakedata loop. 7692 */ 7693 if (stp->sd_maxblk != INFPSZ && rmax != INFPSZ && rmax < stp->sd_maxblk) 7694 rmax = stp->sd_maxblk; 7695 7696 if (uiop == NULL) { 7697 msgsize = -1; 7698 rmin = -1; /* no range check for NULL data part */ 7699 } else { 7700 /* Use uio flags as well as the fmode parameter flags */ 7701 fmode |= uiop->uio_fmode; 7702 7703 if ((msgsize < rmin) || 7704 ((msgsize > rmax) && (rmax != INFPSZ))) { 7705 freemsg(mctl); 7706 return (ERANGE); 7707 } 7708 } 7709 7710 /* Ignore flow control in strput for HIPRI */ 7711 if (flag & MSG_HIPRI) 7712 flag |= MSG_IGNFLOW; 7713 7714 for (;;) { 7715 int done = 0; 7716 int waitflag; 7717 mblk_t *mp; 7718 7719 /* 7720 * strput will always free the ctl mblk - even when strput 7721 * fails. If MSG_IGNFLOW is set then any error returned 7722 * will cause us to break the loop, so we don't need a copy 7723 * of the message. If MSG_IGNFLOW is not set, then we can 7724 * get hit by flow control and be forced to try again. In 7725 * this case we need to have a copy of the message. We 7726 * do this using copymsg since the message may get modified 7727 * by something below us. 7728 * 7729 * We've observed that many TPI providers do not check db_ref 7730 * on the control messages but blindly reuse them for the 7731 * T_OK_ACK/T_ERROR_ACK. Thus using copymsg is more 7732 * friendly to such providers than using dupmsg. Also, note 7733 * that sockfs uses MSG_IGNFLOW for all TPI control messages. 7734 * Only data messages are subject to flow control, hence 7735 * subject to this copymsg. 7736 */ 7737 if (flag & MSG_IGNFLOW) { 7738 mp = mctl; 7739 mctl = NULL; 7740 } else { 7741 do { 7742 /* 7743 * If a message has a free pointer, the message 7744 * must be dupmsg to maintain this pointer. 7745 * Code using this facility must be sure 7746 * that modules below will not change the 7747 * contents of the dblk without checking db_ref 7748 * first. If db_ref is > 1, then the module 7749 * needs to do a copymsg first. Otherwise, 7750 * the contents of the dblk may become 7751 * inconsistent because the freesmg/freeb below 7752 * may end up calling atomic_add_32_nv. 7753 * The atomic_add_32_nv in freeb (accessing 7754 * all of db_ref, db_type, db_flags, and 7755 * db_struioflag) does not prevent other threads 7756 * from concurrently trying to modify e.g. 7757 * db_type. 7758 */ 7759 if (mctl->b_datap->db_frtnp != NULL) 7760 mp = dupmsg(mctl); 7761 else 7762 mp = copymsg(mctl); 7763 7764 if (mp != NULL) 7765 break; 7766 7767 error = strwaitbuf(msgdsize(mctl), BPRI_MED); 7768 if (error) { 7769 freemsg(mctl); 7770 return (error); 7771 } 7772 } while (mp == NULL); 7773 } 7774 /* 7775 * Verify that all of msgsize can be transferred by 7776 * strput. 7777 */ 7778 ASSERT(stp->sd_maxblk == INFPSZ || stp->sd_maxblk >= msgsize); 7779 error = strput(stp, mp, uiop, &msgsize, 0, pri, flag); 7780 if (error == 0) 7781 break; 7782 7783 if (error != EWOULDBLOCK) 7784 goto out; 7785 7786 /* 7787 * IF MSG_IGNFLOW is set we should have broken out of loop 7788 * above. 7789 */ 7790 ASSERT(!(flag & MSG_IGNFLOW)); 7791 mutex_enter(&stp->sd_lock); 7792 /* 7793 * Check for a missed wakeup. 7794 * Needed since strput did not hold sd_lock across 7795 * the canputnext. 7796 */ 7797 if (bcanputnext(wqp, pri)) { 7798 /* Try again */ 7799 mutex_exit(&stp->sd_lock); 7800 continue; 7801 } 7802 TRACE_2(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_WAIT, 7803 "kstrputmsg wait:stp %p waits pri %d", stp, pri); 7804 7805 waitflag = WRITEWAIT; 7806 if (flag & (MSG_HOLDSIG|MSG_IGNERROR)) { 7807 if (flag & MSG_HOLDSIG) 7808 waitflag |= STR_NOSIG; 7809 if (flag & MSG_IGNERROR) 7810 waitflag |= STR_NOERROR; 7811 } 7812 if (((error = strwaitq(stp, waitflag, 7813 (ssize_t)0, fmode, -1, &done)) != 0) || done) { 7814 mutex_exit(&stp->sd_lock); 7815 TRACE_3(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_OUT, 7816 "kstrputmsg out:stp %p out %d error %d", 7817 stp, 0, error); 7818 freemsg(mctl); 7819 return (error); 7820 } 7821 TRACE_1(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_WAKE, 7822 "kstrputmsg wake:stp %p wakes", stp); 7823 if ((error = i_straccess(stp, JCWRITE)) != 0) { 7824 mutex_exit(&stp->sd_lock); 7825 freemsg(mctl); 7826 return (error); 7827 } 7828 mutex_exit(&stp->sd_lock); 7829 } 7830 out: 7831 freemsg(mctl); 7832 /* 7833 * For historic reasons, applications expect EAGAIN 7834 * when data mblk could not be allocated. so change 7835 * ENOMEM back to EAGAIN 7836 */ 7837 if (error == ENOMEM) 7838 error = EAGAIN; 7839 TRACE_3(TR_FAC_STREAMS_FR, TR_KSTRPUTMSG_OUT, 7840 "kstrputmsg out:stp %p out %d error %d", stp, 2, error); 7841 return (error); 7842 } 7843 7844 /* 7845 * Determines whether the necessary conditions are set on a stream 7846 * for it to be readable, writeable, or have exceptions. 7847 * 7848 * strpoll handles the consolidation private events: 7849 * POLLNOERR Do not return POLLERR even if there are stream 7850 * head errors. 7851 * Used by sockfs. 7852 * POLLRDDATA Do not return POLLIN unless at least one message on 7853 * the queue contains one or more M_DATA mblks. Thus 7854 * when this flag is set a queue with only 7855 * M_PROTO/M_PCPROTO mblks does not return POLLIN. 7856 * Used by sockfs to ignore T_EXDATA_IND messages. 7857 * 7858 * Note: POLLRDDATA assumes that synch streams only return messages with 7859 * an M_DATA attached (i.e. not messages consisting of only 7860 * an M_PROTO/M_PCPROTO part). 7861 */ 7862 int 7863 strpoll( 7864 struct stdata *stp, 7865 short events_arg, 7866 int anyyet, 7867 short *reventsp, 7868 struct pollhead **phpp) 7869 { 7870 int events = (ushort_t)events_arg; 7871 int retevents = 0; 7872 mblk_t *mp; 7873 qband_t *qbp; 7874 long sd_flags = stp->sd_flag; 7875 int headlocked = 0; 7876 7877 /* 7878 * For performance, a single 'if' tests for most possible edge 7879 * conditions in one shot 7880 */ 7881 if (sd_flags & (STPLEX | STRDERR | STWRERR)) { 7882 if (sd_flags & STPLEX) { 7883 *reventsp = POLLNVAL; 7884 return (EINVAL); 7885 } 7886 if (((events & (POLLIN | POLLRDNORM | POLLRDBAND | POLLPRI)) && 7887 (sd_flags & STRDERR)) || 7888 ((events & (POLLOUT | POLLWRNORM | POLLWRBAND)) && 7889 (sd_flags & STWRERR))) { 7890 if (!(events & POLLNOERR)) { 7891 *reventsp = POLLERR; 7892 return (0); 7893 } 7894 } 7895 } 7896 if (sd_flags & STRHUP) { 7897 retevents |= POLLHUP; 7898 } else if (events & (POLLWRNORM | POLLWRBAND)) { 7899 queue_t *tq; 7900 queue_t *qp = stp->sd_wrq; 7901 7902 claimstr(qp); 7903 /* Find next module forward that has a service procedure */ 7904 tq = qp->q_next->q_nfsrv; 7905 ASSERT(tq != NULL); 7906 7907 polllock(&stp->sd_pollist, QLOCK(tq)); 7908 if (events & POLLWRNORM) { 7909 queue_t *sqp; 7910 7911 if (tq->q_flag & QFULL) 7912 /* ensure backq svc procedure runs */ 7913 tq->q_flag |= QWANTW; 7914 else if ((sqp = stp->sd_struiowrq) != NULL) { 7915 /* Check sync stream barrier write q */ 7916 mutex_exit(QLOCK(tq)); 7917 polllock(&stp->sd_pollist, QLOCK(sqp)); 7918 if (sqp->q_flag & QFULL) 7919 /* ensure pollwakeup() is done */ 7920 sqp->q_flag |= QWANTWSYNC; 7921 else 7922 retevents |= POLLOUT; 7923 /* More write events to process ??? */ 7924 if (! (events & POLLWRBAND)) { 7925 mutex_exit(QLOCK(sqp)); 7926 releasestr(qp); 7927 goto chkrd; 7928 } 7929 mutex_exit(QLOCK(sqp)); 7930 polllock(&stp->sd_pollist, QLOCK(tq)); 7931 } else 7932 retevents |= POLLOUT; 7933 } 7934 if (events & POLLWRBAND) { 7935 qbp = tq->q_bandp; 7936 if (qbp) { 7937 while (qbp) { 7938 if (qbp->qb_flag & QB_FULL) 7939 qbp->qb_flag |= QB_WANTW; 7940 else 7941 retevents |= POLLWRBAND; 7942 qbp = qbp->qb_next; 7943 } 7944 } else { 7945 retevents |= POLLWRBAND; 7946 } 7947 } 7948 mutex_exit(QLOCK(tq)); 7949 releasestr(qp); 7950 } 7951 chkrd: 7952 if (sd_flags & STRPRI) { 7953 retevents |= (events & POLLPRI); 7954 } else if (events & (POLLRDNORM | POLLRDBAND | POLLIN)) { 7955 queue_t *qp = _RD(stp->sd_wrq); 7956 int normevents = (events & (POLLIN | POLLRDNORM)); 7957 7958 /* 7959 * Note: Need to do polllock() here since ps_lock may be 7960 * held. See bug 4191544. 7961 */ 7962 polllock(&stp->sd_pollist, &stp->sd_lock); 7963 headlocked = 1; 7964 mp = qp->q_first; 7965 while (mp) { 7966 /* 7967 * For POLLRDDATA we scan b_cont and b_next until we 7968 * find an M_DATA. 7969 */ 7970 if ((events & POLLRDDATA) && 7971 mp->b_datap->db_type != M_DATA) { 7972 mblk_t *nmp = mp->b_cont; 7973 7974 while (nmp != NULL && 7975 nmp->b_datap->db_type != M_DATA) 7976 nmp = nmp->b_cont; 7977 if (nmp == NULL) { 7978 mp = mp->b_next; 7979 continue; 7980 } 7981 } 7982 if (mp->b_band == 0) 7983 retevents |= normevents; 7984 else 7985 retevents |= (events & (POLLIN | POLLRDBAND)); 7986 break; 7987 } 7988 if (! (retevents & normevents) && 7989 (stp->sd_wakeq & RSLEEP)) { 7990 /* 7991 * Sync stream barrier read queue has data. 7992 */ 7993 retevents |= normevents; 7994 } 7995 /* Treat eof as normal data */ 7996 if (sd_flags & STREOF) 7997 retevents |= normevents; 7998 } 7999 8000 *reventsp = (short)retevents; 8001 if (retevents) { 8002 if (headlocked) 8003 mutex_exit(&stp->sd_lock); 8004 return (0); 8005 } 8006 8007 /* 8008 * If poll() has not found any events yet, set up event cell 8009 * to wake up the poll if a requested event occurs on this 8010 * stream. Check for collisions with outstanding poll requests. 8011 */ 8012 if (!anyyet) { 8013 *phpp = &stp->sd_pollist; 8014 if (headlocked == 0) { 8015 polllock(&stp->sd_pollist, &stp->sd_lock); 8016 headlocked = 1; 8017 } 8018 stp->sd_rput_opt |= SR_POLLIN; 8019 } 8020 if (headlocked) 8021 mutex_exit(&stp->sd_lock); 8022 return (0); 8023 } 8024 8025 /* 8026 * The purpose of putback() is to assure sleeping polls/reads 8027 * are awakened when there are no new messages arriving at the, 8028 * stream head, and a message is placed back on the read queue. 8029 * 8030 * sd_lock must be held when messages are placed back on stream 8031 * head. (getq() holds sd_lock when it removes messages from 8032 * the queue) 8033 */ 8034 8035 static void 8036 putback(struct stdata *stp, queue_t *q, mblk_t *bp, int band) 8037 { 8038 ASSERT(MUTEX_HELD(&stp->sd_lock)); 8039 (void) putbq(q, bp); 8040 /* 8041 * A message may have come in when the sd_lock was dropped in the 8042 * calling routine. If this is the case and STR*ATMARK info was 8043 * received, need to move that from the stream head to the q_last 8044 * so that SIOCATMARK can return the proper value. 8045 */ 8046 if (stp->sd_flag & (STRATMARK | STRNOTATMARK)) { 8047 unsigned short *flagp = &q->q_last->b_flag; 8048 uint_t b_flag = (uint_t)*flagp; 8049 8050 if (stp->sd_flag & STRATMARK) { 8051 b_flag &= ~MSGNOTMARKNEXT; 8052 b_flag |= MSGMARKNEXT; 8053 stp->sd_flag &= ~STRATMARK; 8054 } else { 8055 b_flag &= ~MSGMARKNEXT; 8056 b_flag |= MSGNOTMARKNEXT; 8057 stp->sd_flag &= ~STRNOTATMARK; 8058 } 8059 *flagp = (unsigned short) b_flag; 8060 } 8061 8062 #ifdef DEBUG 8063 /* 8064 * Make sure that the flags are not messed up. 8065 */ 8066 { 8067 mblk_t *mp; 8068 mp = q->q_last; 8069 while (mp != NULL) { 8070 ASSERT((mp->b_flag & (MSGMARKNEXT|MSGNOTMARKNEXT)) != 8071 (MSGMARKNEXT|MSGNOTMARKNEXT)); 8072 mp = mp->b_cont; 8073 } 8074 } 8075 #endif 8076 if (q->q_first == bp) { 8077 short pollevents; 8078 8079 if (stp->sd_flag & RSLEEP) { 8080 stp->sd_flag &= ~RSLEEP; 8081 cv_broadcast(&q->q_wait); 8082 } 8083 if (stp->sd_flag & STRPRI) { 8084 pollevents = POLLPRI; 8085 } else { 8086 if (band == 0) { 8087 if (!(stp->sd_rput_opt & SR_POLLIN)) 8088 return; 8089 stp->sd_rput_opt &= ~SR_POLLIN; 8090 pollevents = POLLIN | POLLRDNORM; 8091 } else { 8092 pollevents = POLLIN | POLLRDBAND; 8093 } 8094 } 8095 mutex_exit(&stp->sd_lock); 8096 pollwakeup(&stp->sd_pollist, pollevents); 8097 mutex_enter(&stp->sd_lock); 8098 } 8099 } 8100 8101 /* 8102 * Return the held vnode attached to the stream head of a 8103 * given queue 8104 * It is the responsibility of the calling routine to ensure 8105 * that the queue does not go away (e.g. pop). 8106 */ 8107 vnode_t * 8108 strq2vp(queue_t *qp) 8109 { 8110 vnode_t *vp; 8111 vp = STREAM(qp)->sd_vnode; 8112 ASSERT(vp != NULL); 8113 VN_HOLD(vp); 8114 return (vp); 8115 } 8116 8117 /* 8118 * return the stream head write queue for the given vp 8119 * It is the responsibility of the calling routine to ensure 8120 * that the stream or vnode do not close. 8121 */ 8122 queue_t * 8123 strvp2wq(vnode_t *vp) 8124 { 8125 ASSERT(vp->v_stream != NULL); 8126 return (vp->v_stream->sd_wrq); 8127 } 8128 8129 /* 8130 * pollwakeup stream head 8131 * It is the responsibility of the calling routine to ensure 8132 * that the stream or vnode do not close. 8133 */ 8134 void 8135 strpollwakeup(vnode_t *vp, short event) 8136 { 8137 ASSERT(vp->v_stream); 8138 pollwakeup(&vp->v_stream->sd_pollist, event); 8139 } 8140 8141 /* 8142 * Mate the stream heads of two vnodes together. If the two vnodes are the 8143 * same, we just make the write-side point at the read-side -- otherwise, 8144 * we do a full mate. Only works on vnodes associated with streams that are 8145 * still being built and thus have only a stream head. 8146 */ 8147 void 8148 strmate(vnode_t *vp1, vnode_t *vp2) 8149 { 8150 queue_t *wrq1 = strvp2wq(vp1); 8151 queue_t *wrq2 = strvp2wq(vp2); 8152 8153 /* 8154 * Verify that there are no modules on the stream yet. We also 8155 * rely on the stream head always having a service procedure to 8156 * avoid tweaking q_nfsrv. 8157 */ 8158 ASSERT(wrq1->q_next == NULL && wrq2->q_next == NULL); 8159 ASSERT(wrq1->q_qinfo->qi_srvp != NULL); 8160 ASSERT(wrq2->q_qinfo->qi_srvp != NULL); 8161 8162 /* 8163 * If the queues are the same, just twist; otherwise do a full mate. 8164 */ 8165 if (wrq1 == wrq2) { 8166 wrq1->q_next = _RD(wrq1); 8167 } else { 8168 wrq1->q_next = _RD(wrq2); 8169 wrq2->q_next = _RD(wrq1); 8170 STREAM(wrq1)->sd_mate = STREAM(wrq2); 8171 STREAM(wrq1)->sd_flag |= STRMATE; 8172 STREAM(wrq2)->sd_mate = STREAM(wrq1); 8173 STREAM(wrq2)->sd_flag |= STRMATE; 8174 } 8175 } 8176 8177 /* 8178 * XXX will go away when console is correctly fixed. 8179 * Clean up the console PIDS, from previous I_SETSIG, 8180 * called only for cnopen which never calls strclean(). 8181 */ 8182 void 8183 str_cn_clean(struct vnode *vp) 8184 { 8185 strsig_t *ssp, *pssp, *tssp; 8186 struct stdata *stp; 8187 struct pid *pidp; 8188 int update = 0; 8189 8190 ASSERT(vp->v_stream); 8191 stp = vp->v_stream; 8192 pssp = NULL; 8193 mutex_enter(&stp->sd_lock); 8194 ssp = stp->sd_siglist; 8195 while (ssp) { 8196 mutex_enter(&pidlock); 8197 pidp = ssp->ss_pidp; 8198 /* 8199 * Get rid of PID if the proc is gone. 8200 */ 8201 if (pidp->pid_prinactive) { 8202 tssp = ssp->ss_next; 8203 if (pssp) 8204 pssp->ss_next = tssp; 8205 else 8206 stp->sd_siglist = tssp; 8207 ASSERT(pidp->pid_ref <= 1); 8208 PID_RELE(ssp->ss_pidp); 8209 mutex_exit(&pidlock); 8210 kmem_free(ssp, sizeof (strsig_t)); 8211 update = 1; 8212 ssp = tssp; 8213 continue; 8214 } else 8215 mutex_exit(&pidlock); 8216 pssp = ssp; 8217 ssp = ssp->ss_next; 8218 } 8219 if (update) { 8220 stp->sd_sigflags = 0; 8221 for (ssp = stp->sd_siglist; ssp; ssp = ssp->ss_next) 8222 stp->sd_sigflags |= ssp->ss_events; 8223 } 8224 mutex_exit(&stp->sd_lock); 8225 } 8226 8227 /* 8228 * Return B_TRUE if there is data in the message, B_FALSE otherwise. 8229 */ 8230 static boolean_t 8231 msghasdata(mblk_t *bp) 8232 { 8233 for (; bp; bp = bp->b_cont) 8234 if (bp->b_datap->db_type == M_DATA) { 8235 ASSERT(bp->b_wptr >= bp->b_rptr); 8236 if (bp->b_wptr > bp->b_rptr) 8237 return (B_TRUE); 8238 } 8239 return (B_FALSE); 8240 } 8241