1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 /* 30 * rc_node.c - object management primitives 31 * 32 * This layer manages entities, their data structure, its locking, iterators, 33 * transactions, and change notification requests. Entities (scopes, 34 * services, instances, snapshots, snaplevels, property groups, "composed" 35 * property groups (see composition below), and properties) are represented by 36 * rc_node_t's and are kept in the cache_hash hash table. (Property values 37 * are kept in the rn_values member of the respective property -- not as 38 * separate objects.) Iterators are represented by rc_node_iter_t's. 39 * Transactions are represented by rc_node_tx_t's and are only allocated as 40 * part of repcache_tx_t's in the client layer (client.c). Change 41 * notification requests are represented by rc_notify_t structures and are 42 * described below. 43 * 44 * The entity tree is rooted at rc_scope, which rc_node_init() initializes to 45 * the "localhost" scope. The tree is filled in from the database on-demand 46 * by rc_node_fill_children(), usually from rc_iter_create() since iterators 47 * are the only way to find the children of an entity. 48 * 49 * Each rc_node_t is protected by its rn_lock member. Operations which can 50 * take too long, however, should serialize on an RC_NODE_WAITING_FLAGS bit in 51 * rn_flags with the rc_node_{hold,rele}_flag() functions. And since pointers 52 * to rc_node_t's are allowed, rn_refs is a reference count maintained by 53 * rc_node_{hold,rele}(). See configd.h for locking order information. 54 * 55 * When a node (property group or snapshot) is updated, a new node takes the 56 * place of the old node in the global hash, and the old node is hung off of 57 * the rn_former list of the new node. At the same time, all of its children 58 * have their rn_parent_ref pointer set, and any holds they have are reflected 59 * in the old node's rn_other_refs count. This is automatically kept up 60 * to date, until the final reference to the subgraph is dropped, at which 61 * point the node is unrefed and destroyed, along with all of its children. 62 * 63 * Locking rules: To dereference an rc_node_t * (usually to lock it), you must 64 * have a hold (rc_node_hold()) on it or otherwise be sure that it hasn't been 65 * rc_node_destroy()ed (hold a lock on its parent or child, hold a flag, 66 * etc.). Once you have locked an rc_node_t you must check its rn_flags for 67 * RC_NODE_DEAD before you can use it. This is usually done with the 68 * rc_node_{wait,hold}_flag() functions (often via the rc_node_check_*() 69 * functions & RC_NODE_*() macros), which fail if the object has died. 70 * 71 * Because name service lookups may take a long time and, more importantly 72 * may trigger additional accesses to the repository, perm_granted() must be 73 * called without holding any locks. 74 * 75 * An ITER_START for a non-ENTITY_VALUE induces an rc_node_fill_children() 76 * call via rc_node_setup_iter() to populate the rn_children uu_list of the 77 * rc_node_t * in question and a call to uu_list_walk_start() on that list. For 78 * ITER_READ, rc_iter_next() uses uu_list_walk_next() to find the next 79 * apropriate child. 80 * 81 * An ITER_START for an ENTITY_VALUE makes sure the node has its values 82 * filled, and sets up the iterator. An ITER_READ_VALUE just copies out 83 * the proper values and updates the offset information. 84 * 85 * When a property group gets changed by a transaction, it sticks around as 86 * a child of its replacement property group, but is removed from the parent. 87 * 88 * To allow aliases, snapshots are implemented with a level of indirection. 89 * A snapshot rc_node_t has a snapid which refers to an rc_snapshot_t in 90 * snapshot.c which contains the authoritative snaplevel information. The 91 * snapid is "assigned" by rc_attach_snapshot(). 92 * 93 * We provide the client layer with rc_node_ptr_t's to reference objects. 94 * Objects referred to by them are automatically held & released by 95 * rc_node_assign() & rc_node_clear(). The RC_NODE_PTR_*() macros are used at 96 * client.c entry points to read the pointers. They fetch the pointer to the 97 * object, return (from the function) if it is dead, and lock, hold, or hold 98 * a flag of the object. 99 */ 100 101 /* 102 * Permission checking is authorization-based: some operations may only 103 * proceed if the user has been assigned at least one of a set of 104 * authorization strings. The set of enabling authorizations depends on the 105 * operation and the target object. The set of authorizations assigned to 106 * a user is determined by reading /etc/security/policy.conf, querying the 107 * user_attr database, and possibly querying the prof_attr database, as per 108 * chkauthattr() in libsecdb. 109 * 110 * The fastest way to decide whether the two sets intersect is by entering the 111 * strings into a hash table and detecting collisions, which takes linear time 112 * in the total size of the sets. Except for the authorization patterns which 113 * may be assigned to users, which without advanced pattern-matching 114 * algorithms will take O(n) in the number of enabling authorizations, per 115 * pattern. 116 * 117 * We can achieve some practical speed-ups by noting that if we enter all of 118 * the authorizations from one of the sets into the hash table we can merely 119 * check the elements of the second set for existence without adding them. 120 * This reduces memory requirements and hash table clutter. The enabling set 121 * is well suited for this because it is internal to configd (for now, at 122 * least). Combine this with short-circuiting and we can even minimize the 123 * number of queries to the security databases (user_attr & prof_attr). 124 * 125 * To force this usage onto clients we provide functions for adding 126 * authorizations to the enabling set of a permission context structure 127 * (perm_add_*()) and one to decide whether the the user associated with the 128 * current door call client possesses any of them (perm_granted()). 129 * 130 * At some point, a generic version of this should move to libsecdb. 131 */ 132 133 /* 134 * Composition is the combination of sets of properties. The sets are ordered 135 * and properties in higher sets obscure properties of the same name in lower 136 * sets. Here we present a composed view of an instance's properties as the 137 * union of its properties and its service's properties. Similarly the 138 * properties of snaplevels are combined to form a composed view of the 139 * properties of a snapshot (which should match the composed view of the 140 * properties of the instance when the snapshot was taken). 141 * 142 * In terms of the client interface, the client may request that a property 143 * group iterator for an instance or snapshot be composed. Property groups 144 * traversed by such an iterator may not have the target entity as a parent. 145 * Similarly, the properties traversed by a property iterator for those 146 * property groups may not have the property groups iterated as parents. 147 * 148 * Implementation requires that iterators for instances and snapshots be 149 * composition-savvy, and that we have a "composed property group" entity 150 * which represents the composition of a number of property groups. Iteration 151 * over "composed property groups" yields properties which may have different 152 * parents, but for all other operations a composed property group behaves 153 * like the top-most property group it represents. 154 * 155 * The implementation is based on the rn_cchain[] array of rc_node_t pointers 156 * in rc_node_t. For instances, the pointers point to the instance and its 157 * parent service. For snapshots they point to the child snaplevels, and for 158 * composed property groups they point to property groups. A composed 159 * iterator carries an index into rn_cchain[]. Thus most of the magic ends up 160 * int the rc_iter_*() code. 161 */ 162 163 #include <assert.h> 164 #include <atomic.h> 165 #include <errno.h> 166 #include <libuutil.h> 167 #include <libscf.h> 168 #include <libscf_priv.h> 169 #include <prof_attr.h> 170 #include <pthread.h> 171 #include <stdio.h> 172 #include <stdlib.h> 173 #include <strings.h> 174 #include <sys/types.h> 175 #include <unistd.h> 176 #include <user_attr.h> 177 178 #include "configd.h" 179 180 #define AUTH_PREFIX "solaris.smf." 181 #define AUTH_MANAGE AUTH_PREFIX "manage" 182 #define AUTH_MODIFY AUTH_PREFIX "modify" 183 #define AUTH_MODIFY_PREFIX AUTH_MODIFY "." 184 #define AUTH_PG_ACTIONS SCF_PG_RESTARTER_ACTIONS 185 #define AUTH_PG_ACTIONS_TYPE SCF_PG_RESTARTER_ACTIONS_TYPE 186 #define AUTH_PG_GENERAL SCF_PG_GENERAL 187 #define AUTH_PG_GENERAL_TYPE SCF_PG_GENERAL_TYPE 188 #define AUTH_PG_GENERAL_OVR SCF_PG_GENERAL_OVR 189 #define AUTH_PG_GENERAL_OVR_TYPE SCF_PG_GENERAL_OVR_TYPE 190 #define AUTH_PROP_ACTION "action_authorization" 191 #define AUTH_PROP_ENABLED "enabled" 192 #define AUTH_PROP_MODIFY "modify_authorization" 193 #define AUTH_PROP_VALUE "value_authorization" 194 #define AUTH_PROP_READ "read_authorization" 195 /* libsecdb should take care of this. */ 196 #define RBAC_AUTH_SEP "," 197 198 #define MAX_VALID_CHILDREN 3 199 200 typedef struct rc_type_info { 201 uint32_t rt_type; /* matches array index */ 202 uint32_t rt_num_ids; 203 uint32_t rt_name_flags; 204 uint32_t rt_valid_children[MAX_VALID_CHILDREN]; 205 } rc_type_info_t; 206 207 #define RT_NO_NAME -1U 208 209 static rc_type_info_t rc_types[] = { 210 {REP_PROTOCOL_ENTITY_NONE, 0, RT_NO_NAME}, 211 {REP_PROTOCOL_ENTITY_SCOPE, 0, 0, 212 {REP_PROTOCOL_ENTITY_SERVICE, REP_PROTOCOL_ENTITY_SCOPE}}, 213 {REP_PROTOCOL_ENTITY_SERVICE, 0, UU_NAME_DOMAIN | UU_NAME_PATH, 214 {REP_PROTOCOL_ENTITY_INSTANCE, REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 215 {REP_PROTOCOL_ENTITY_INSTANCE, 1, UU_NAME_DOMAIN, 216 {REP_PROTOCOL_ENTITY_SNAPSHOT, REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 217 {REP_PROTOCOL_ENTITY_SNAPSHOT, 2, UU_NAME_DOMAIN, 218 {REP_PROTOCOL_ENTITY_SNAPLEVEL, REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 219 {REP_PROTOCOL_ENTITY_SNAPLEVEL, 4, RT_NO_NAME, 220 {REP_PROTOCOL_ENTITY_PROPERTYGRP}}, 221 {REP_PROTOCOL_ENTITY_PROPERTYGRP, 5, UU_NAME_DOMAIN, 222 {REP_PROTOCOL_ENTITY_PROPERTY}}, 223 {REP_PROTOCOL_ENTITY_CPROPERTYGRP, 0, UU_NAME_DOMAIN, 224 {REP_PROTOCOL_ENTITY_PROPERTY}}, 225 {REP_PROTOCOL_ENTITY_PROPERTY, 7, UU_NAME_DOMAIN}, 226 {-1UL} 227 }; 228 #define NUM_TYPES ((sizeof (rc_types) / sizeof (*rc_types))) 229 230 /* Element of a permcheck_t hash table. */ 231 struct pc_elt { 232 struct pc_elt *pce_next; 233 char pce_auth[1]; 234 }; 235 236 /* An authorization set hash table. */ 237 typedef struct { 238 struct pc_elt **pc_buckets; 239 uint_t pc_bnum; /* number of buckets */ 240 uint_t pc_enum; /* number of elements */ 241 } permcheck_t; 242 243 static uu_list_pool_t *rc_children_pool; 244 static uu_list_pool_t *rc_pg_notify_pool; 245 static uu_list_pool_t *rc_notify_pool; 246 static uu_list_pool_t *rc_notify_info_pool; 247 248 static rc_node_t *rc_scope; 249 250 static pthread_mutex_t rc_pg_notify_lock = PTHREAD_MUTEX_INITIALIZER; 251 static pthread_cond_t rc_pg_notify_cv = PTHREAD_COND_INITIALIZER; 252 static uint_t rc_notify_in_use; /* blocks removals */ 253 254 static pthread_mutex_t perm_lock = PTHREAD_MUTEX_INITIALIZER; 255 256 static void rc_node_unrefed(rc_node_t *np); 257 258 /* 259 * We support an arbitrary number of clients interested in events for certain 260 * types of changes. Each client is represented by an rc_notify_info_t, and 261 * all clients are chained onto the rc_notify_info_list. 262 * 263 * The rc_notify_list is the global notification list. Each entry is of 264 * type rc_notify_t, which is embedded in one of three other structures: 265 * 266 * rc_node_t property group update notification 267 * rc_notify_delete_t object deletion notification 268 * rc_notify_info_t notification clients 269 * 270 * Which type of object is determined by which pointer in the rc_notify_t is 271 * non-NULL. 272 * 273 * New notifications and clients are added to the end of the list. 274 * Notifications no-one is interested in are never added to the list. 275 * 276 * Clients use their position in the list to track which notifications they 277 * have not yet reported. As they process notifications, they move forward 278 * in the list past them. There is always a client at the beginning of the 279 * list -- as he moves past notifications, he removes them from the list and 280 * cleans them up. 281 * 282 * The rc_pg_notify_lock protects all notification state. The rc_pg_notify_cv 283 * is used for global signalling, and each client has a cv which he waits for 284 * events of interest on. 285 */ 286 static uu_list_t *rc_notify_info_list; 287 static uu_list_t *rc_notify_list; 288 289 #define HASH_SIZE 512 290 #define HASH_MASK (HASH_SIZE - 1) 291 292 #pragma align 64(cache_hash) 293 static cache_bucket_t cache_hash[HASH_SIZE]; 294 295 #define CACHE_BUCKET(h) (&cache_hash[(h) & HASH_MASK]) 296 297 static uint32_t 298 rc_node_hash(rc_node_lookup_t *lp) 299 { 300 uint32_t type = lp->rl_type; 301 uint32_t backend = lp->rl_backend; 302 uint32_t mainid = lp->rl_main_id; 303 uint32_t *ids = lp->rl_ids; 304 305 rc_type_info_t *tp = &rc_types[type]; 306 uint32_t num_ids; 307 uint32_t left; 308 uint32_t hash; 309 310 assert(backend == BACKEND_TYPE_NORMAL || 311 backend == BACKEND_TYPE_NONPERSIST); 312 313 assert(type > 0 && type < NUM_TYPES); 314 num_ids = tp->rt_num_ids; 315 316 left = MAX_IDS - num_ids; 317 assert(num_ids <= MAX_IDS); 318 319 hash = type * 7 + mainid * 5 + backend; 320 321 while (num_ids-- > 0) 322 hash = hash * 11 + *ids++ * 7; 323 324 /* 325 * the rest should be zeroed 326 */ 327 while (left-- > 0) 328 assert(*ids++ == 0); 329 330 return (hash); 331 } 332 333 static int 334 rc_node_match(rc_node_t *np, rc_node_lookup_t *l) 335 { 336 rc_node_lookup_t *r = &np->rn_id; 337 rc_type_info_t *tp; 338 uint32_t type; 339 uint32_t num_ids; 340 341 if (r->rl_main_id != l->rl_main_id) 342 return (0); 343 344 type = r->rl_type; 345 if (type != l->rl_type) 346 return (0); 347 348 assert(type > 0 && type < NUM_TYPES); 349 350 tp = &rc_types[r->rl_type]; 351 num_ids = tp->rt_num_ids; 352 353 assert(num_ids <= MAX_IDS); 354 while (num_ids-- > 0) 355 if (r->rl_ids[num_ids] != l->rl_ids[num_ids]) 356 return (0); 357 358 return (1); 359 } 360 361 /* 362 * the "other" references on a node are maintained in an atomically 363 * updated refcount, rn_other_refs. This can be bumped from arbitrary 364 * context, and tracks references to a possibly out-of-date node's children. 365 * 366 * To prevent the node from disappearing between the final drop of 367 * rn_other_refs and the unref handling, rn_other_refs_held is bumped on 368 * 0->1 transitions and decremented (with the node lock held) on 1->0 369 * transitions. 370 */ 371 static void 372 rc_node_hold_other(rc_node_t *np) 373 { 374 if (atomic_add_32_nv(&np->rn_other_refs, 1) == 1) { 375 atomic_add_32(&np->rn_other_refs_held, 1); 376 assert(np->rn_other_refs_held > 0); 377 } 378 assert(np->rn_other_refs > 0); 379 } 380 381 /* 382 * No node locks may be held 383 */ 384 static void 385 rc_node_rele_other(rc_node_t *np) 386 { 387 assert(np->rn_other_refs > 0); 388 if (atomic_add_32_nv(&np->rn_other_refs, -1) == 0) { 389 (void) pthread_mutex_lock(&np->rn_lock); 390 assert(np->rn_other_refs_held > 0); 391 if (atomic_add_32_nv(&np->rn_other_refs_held, -1) == 0 && 392 np->rn_refs == 0 && (np->rn_flags & RC_NODE_OLD)) 393 rc_node_unrefed(np); 394 else 395 (void) pthread_mutex_unlock(&np->rn_lock); 396 } 397 } 398 399 static void 400 rc_node_hold_locked(rc_node_t *np) 401 { 402 assert(MUTEX_HELD(&np->rn_lock)); 403 404 if (np->rn_refs == 0 && (np->rn_flags & RC_NODE_PARENT_REF)) 405 rc_node_hold_other(np->rn_parent_ref); 406 np->rn_refs++; 407 assert(np->rn_refs > 0); 408 } 409 410 static void 411 rc_node_hold(rc_node_t *np) 412 { 413 (void) pthread_mutex_lock(&np->rn_lock); 414 rc_node_hold_locked(np); 415 (void) pthread_mutex_unlock(&np->rn_lock); 416 } 417 418 static void 419 rc_node_rele_locked(rc_node_t *np) 420 { 421 int unref = 0; 422 rc_node_t *par_ref = NULL; 423 424 assert(MUTEX_HELD(&np->rn_lock)); 425 assert(np->rn_refs > 0); 426 427 if (--np->rn_refs == 0) { 428 if (np->rn_flags & RC_NODE_PARENT_REF) 429 par_ref = np->rn_parent_ref; 430 431 /* 432 * Composed property groups are only as good as their 433 * references. 434 */ 435 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) 436 np->rn_flags |= RC_NODE_DEAD; 437 438 if ((np->rn_flags & (RC_NODE_DEAD|RC_NODE_OLD)) && 439 np->rn_other_refs == 0 && np->rn_other_refs_held == 0) 440 unref = 1; 441 } 442 443 if (unref) 444 rc_node_unrefed(np); 445 else 446 (void) pthread_mutex_unlock(&np->rn_lock); 447 448 if (par_ref != NULL) 449 rc_node_rele_other(par_ref); 450 } 451 452 void 453 rc_node_rele(rc_node_t *np) 454 { 455 (void) pthread_mutex_lock(&np->rn_lock); 456 rc_node_rele_locked(np); 457 } 458 459 static cache_bucket_t * 460 cache_hold(uint32_t h) 461 { 462 cache_bucket_t *bp = CACHE_BUCKET(h); 463 (void) pthread_mutex_lock(&bp->cb_lock); 464 return (bp); 465 } 466 467 static void 468 cache_release(cache_bucket_t *bp) 469 { 470 (void) pthread_mutex_unlock(&bp->cb_lock); 471 } 472 473 static rc_node_t * 474 cache_lookup_unlocked(cache_bucket_t *bp, rc_node_lookup_t *lp) 475 { 476 uint32_t h = rc_node_hash(lp); 477 rc_node_t *np; 478 479 assert(MUTEX_HELD(&bp->cb_lock)); 480 assert(bp == CACHE_BUCKET(h)); 481 482 for (np = bp->cb_head; np != NULL; np = np->rn_hash_next) { 483 if (np->rn_hash == h && rc_node_match(np, lp)) { 484 rc_node_hold(np); 485 return (np); 486 } 487 } 488 489 return (NULL); 490 } 491 492 static rc_node_t * 493 cache_lookup(rc_node_lookup_t *lp) 494 { 495 uint32_t h; 496 cache_bucket_t *bp; 497 rc_node_t *np; 498 499 h = rc_node_hash(lp); 500 bp = cache_hold(h); 501 502 np = cache_lookup_unlocked(bp, lp); 503 504 cache_release(bp); 505 506 return (np); 507 } 508 509 static void 510 cache_insert_unlocked(cache_bucket_t *bp, rc_node_t *np) 511 { 512 assert(MUTEX_HELD(&bp->cb_lock)); 513 assert(np->rn_hash == rc_node_hash(&np->rn_id)); 514 assert(bp == CACHE_BUCKET(np->rn_hash)); 515 516 assert(np->rn_hash_next == NULL); 517 518 np->rn_hash_next = bp->cb_head; 519 bp->cb_head = np; 520 } 521 522 static void 523 cache_remove_unlocked(cache_bucket_t *bp, rc_node_t *np) 524 { 525 rc_node_t **npp; 526 527 assert(MUTEX_HELD(&bp->cb_lock)); 528 assert(np->rn_hash == rc_node_hash(&np->rn_id)); 529 assert(bp == CACHE_BUCKET(np->rn_hash)); 530 531 for (npp = &bp->cb_head; *npp != NULL; npp = &(*npp)->rn_hash_next) 532 if (*npp == np) 533 break; 534 535 assert(*npp == np); 536 *npp = np->rn_hash_next; 537 np->rn_hash_next = NULL; 538 } 539 540 /* 541 * verify that the 'parent' type can have a child typed 'child' 542 * Fails with 543 * _INVALID_TYPE - argument is invalid 544 * _TYPE_MISMATCH - parent type cannot have children of type child 545 */ 546 static int 547 rc_check_parent_child(uint32_t parent, uint32_t child) 548 { 549 int idx; 550 uint32_t type; 551 552 if (parent == 0 || parent >= NUM_TYPES || 553 child == 0 || child >= NUM_TYPES) 554 return (REP_PROTOCOL_FAIL_INVALID_TYPE); /* invalid types */ 555 556 for (idx = 0; idx < MAX_VALID_CHILDREN; idx++) { 557 type = rc_types[parent].rt_valid_children[idx]; 558 if (type == child) 559 return (REP_PROTOCOL_SUCCESS); 560 } 561 562 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 563 } 564 565 /* 566 * Fails with 567 * _INVALID_TYPE - type is invalid 568 * _BAD_REQUEST - name is an invalid name for a node of type type 569 */ 570 int 571 rc_check_type_name(uint32_t type, const char *name) 572 { 573 if (type == 0 || type >= NUM_TYPES) 574 return (REP_PROTOCOL_FAIL_INVALID_TYPE); /* invalid types */ 575 576 if (uu_check_name(name, rc_types[type].rt_name_flags) == -1) 577 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 578 579 return (REP_PROTOCOL_SUCCESS); 580 } 581 582 static int 583 rc_check_pgtype_name(const char *name) 584 { 585 if (uu_check_name(name, UU_NAME_DOMAIN) == -1) 586 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 587 588 return (REP_PROTOCOL_SUCCESS); 589 } 590 591 static int 592 rc_notify_info_interested(rc_notify_info_t *rnip, rc_notify_t *np) 593 { 594 rc_node_t *nnp = np->rcn_node; 595 int i; 596 597 assert(MUTEX_HELD(&rc_pg_notify_lock)); 598 599 if (np->rcn_delete != NULL) { 600 assert(np->rcn_info == NULL && np->rcn_node == NULL); 601 return (1); /* everyone likes deletes */ 602 } 603 if (np->rcn_node == NULL) { 604 assert(np->rcn_info != NULL || np->rcn_delete != NULL); 605 return (0); 606 } 607 assert(np->rcn_info == NULL); 608 609 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) { 610 if (rnip->rni_namelist[i] != NULL) { 611 if (strcmp(nnp->rn_name, rnip->rni_namelist[i]) == 0) 612 return (1); 613 } 614 if (rnip->rni_typelist[i] != NULL) { 615 if (strcmp(nnp->rn_type, rnip->rni_typelist[i]) == 0) 616 return (1); 617 } 618 } 619 return (0); 620 } 621 622 static void 623 rc_notify_insert_node(rc_node_t *nnp) 624 { 625 rc_notify_t *np = &nnp->rn_notify; 626 rc_notify_info_t *nip; 627 int found = 0; 628 629 assert(np->rcn_info == NULL); 630 631 if (nnp->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 632 return; 633 634 (void) pthread_mutex_lock(&rc_pg_notify_lock); 635 np->rcn_node = nnp; 636 for (nip = uu_list_first(rc_notify_info_list); nip != NULL; 637 nip = uu_list_next(rc_notify_info_list, nip)) { 638 if (rc_notify_info_interested(nip, np)) { 639 (void) pthread_cond_broadcast(&nip->rni_cv); 640 found++; 641 } 642 } 643 if (found) 644 (void) uu_list_insert_before(rc_notify_list, NULL, np); 645 else 646 np->rcn_node = NULL; 647 648 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 649 } 650 651 static void 652 rc_notify_deletion(rc_notify_delete_t *ndp, const char *service, 653 const char *instance, const char *pg) 654 { 655 rc_notify_info_t *nip; 656 657 uu_list_node_init(&ndp->rnd_notify, &ndp->rnd_notify.rcn_list_node, 658 rc_notify_pool); 659 ndp->rnd_notify.rcn_delete = ndp; 660 661 (void) snprintf(ndp->rnd_fmri, sizeof (ndp->rnd_fmri), 662 "svc:/%s%s%s%s%s", service, 663 (instance != NULL)? ":" : "", (instance != NULL)? instance : "", 664 (pg != NULL)? "/:properties/" : "", (pg != NULL)? pg : ""); 665 666 /* 667 * add to notification list, notify watchers 668 */ 669 (void) pthread_mutex_lock(&rc_pg_notify_lock); 670 for (nip = uu_list_first(rc_notify_info_list); nip != NULL; 671 nip = uu_list_next(rc_notify_info_list, nip)) 672 (void) pthread_cond_broadcast(&nip->rni_cv); 673 (void) uu_list_insert_before(rc_notify_list, NULL, ndp); 674 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 675 } 676 677 static void 678 rc_notify_remove_node(rc_node_t *nnp) 679 { 680 rc_notify_t *np = &nnp->rn_notify; 681 682 assert(np->rcn_info == NULL); 683 assert(!MUTEX_HELD(&nnp->rn_lock)); 684 685 (void) pthread_mutex_lock(&rc_pg_notify_lock); 686 while (np->rcn_node != NULL) { 687 if (rc_notify_in_use) { 688 (void) pthread_cond_wait(&rc_pg_notify_cv, 689 &rc_pg_notify_lock); 690 continue; 691 } 692 (void) uu_list_remove(rc_notify_list, np); 693 np->rcn_node = NULL; 694 break; 695 } 696 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 697 } 698 699 static void 700 rc_notify_remove_locked(rc_notify_t *np) 701 { 702 assert(MUTEX_HELD(&rc_pg_notify_lock)); 703 assert(rc_notify_in_use == 0); 704 705 (void) uu_list_remove(rc_notify_list, np); 706 if (np->rcn_node) { 707 np->rcn_node = NULL; 708 } else if (np->rcn_delete) { 709 uu_free(np->rcn_delete); 710 } else { 711 assert(0); /* CAN'T HAPPEN */ 712 } 713 } 714 715 /* 716 * Permission checking functions. See comment atop this file. 717 */ 718 #ifndef NATIVE_BUILD 719 static permcheck_t * 720 pc_create() 721 { 722 permcheck_t *p; 723 724 p = uu_zalloc(sizeof (*p)); 725 if (p == NULL) 726 return (NULL); 727 p->pc_bnum = 8; /* Normal case will only have 2 elts. */ 728 p->pc_buckets = uu_zalloc(sizeof (*p->pc_buckets) * p->pc_bnum); 729 if (p->pc_buckets == NULL) { 730 uu_free(p); 731 return (NULL); 732 } 733 734 p->pc_enum = 0; 735 return (p); 736 } 737 738 static void 739 pc_free(permcheck_t *pcp) 740 { 741 uint_t i; 742 struct pc_elt *ep, *next; 743 744 for (i = 0; i < pcp->pc_bnum; ++i) { 745 for (ep = pcp->pc_buckets[i]; ep != NULL; ep = next) { 746 next = ep->pce_next; 747 free(ep); 748 } 749 } 750 751 free(pcp->pc_buckets); 752 free(pcp); 753 } 754 755 static uint32_t 756 pc_hash(const char *auth) 757 { 758 uint32_t h = 0, g; 759 const char *p; 760 761 /* 762 * Generic hash function from uts/common/os/modhash.c. 763 */ 764 for (p = auth; *p != '\0'; ++p) { 765 h = (h << 4) + *p; 766 g = (h & 0xf0000000); 767 if (g != 0) { 768 h ^= (g >> 24); 769 h ^= g; 770 } 771 } 772 773 return (h); 774 } 775 776 static int 777 pc_exists(const permcheck_t *pcp, const char *auth) 778 { 779 uint32_t h; 780 struct pc_elt *ep; 781 782 h = pc_hash(auth); 783 for (ep = pcp->pc_buckets[h & (pcp->pc_bnum - 1)]; 784 ep != NULL; 785 ep = ep->pce_next) { 786 if (strcmp(auth, ep->pce_auth) == 0) 787 return (1); 788 } 789 790 return (0); 791 } 792 793 static int 794 pc_match(const permcheck_t *pcp, const char *pattern) 795 { 796 uint_t i; 797 struct pc_elt *ep; 798 799 for (i = 0; i < pcp->pc_bnum; ++i) { 800 for (ep = pcp->pc_buckets[i]; ep != NULL; ep = ep->pce_next) { 801 if (_auth_match(pattern, ep->pce_auth)) 802 return (1); 803 } 804 } 805 806 return (0); 807 } 808 809 static int 810 pc_grow(permcheck_t *pcp) 811 { 812 uint_t new_bnum, i, j; 813 struct pc_elt **new_buckets; 814 struct pc_elt *ep, *next; 815 816 new_bnum = pcp->pc_bnum * 2; 817 if (new_bnum < pcp->pc_bnum) 818 /* Homey don't play that. */ 819 return (-1); 820 821 new_buckets = uu_zalloc(sizeof (*new_buckets) * new_bnum); 822 if (new_buckets == NULL) 823 return (-1); 824 825 for (i = 0; i < pcp->pc_bnum; ++i) { 826 for (ep = pcp->pc_buckets[i]; ep != NULL; ep = next) { 827 next = ep->pce_next; 828 j = pc_hash(ep->pce_auth) & (new_bnum - 1); 829 ep->pce_next = new_buckets[j]; 830 new_buckets[j] = ep; 831 } 832 } 833 834 uu_free(pcp->pc_buckets); 835 pcp->pc_buckets = new_buckets; 836 pcp->pc_bnum = new_bnum; 837 838 return (0); 839 } 840 841 static int 842 pc_add(permcheck_t *pcp, const char *auth) 843 { 844 struct pc_elt *ep; 845 uint_t i; 846 847 ep = uu_zalloc(offsetof(struct pc_elt, pce_auth) + strlen(auth) + 1); 848 if (ep == NULL) 849 return (-1); 850 851 /* Grow if pc_enum / pc_bnum > 3/4. */ 852 if (pcp->pc_enum * 4 > 3 * pcp->pc_bnum) 853 /* Failure is not a stopper; we'll try again next time. */ 854 (void) pc_grow(pcp); 855 856 (void) strcpy(ep->pce_auth, auth); 857 858 i = pc_hash(auth) & (pcp->pc_bnum - 1); 859 ep->pce_next = pcp->pc_buckets[i]; 860 pcp->pc_buckets[i] = ep; 861 862 ++pcp->pc_enum; 863 864 return (0); 865 } 866 867 /* 868 * For the type of a property group, return the authorization which may be 869 * used to modify it. 870 */ 871 static const char * 872 perm_auth_for_pgtype(const char *pgtype) 873 { 874 if (strcmp(pgtype, SCF_GROUP_METHOD) == 0) 875 return (AUTH_MODIFY_PREFIX "method"); 876 else if (strcmp(pgtype, SCF_GROUP_DEPENDENCY) == 0) 877 return (AUTH_MODIFY_PREFIX "dependency"); 878 else if (strcmp(pgtype, SCF_GROUP_APPLICATION) == 0) 879 return (AUTH_MODIFY_PREFIX "application"); 880 else if (strcmp(pgtype, SCF_GROUP_FRAMEWORK) == 0) 881 return (AUTH_MODIFY_PREFIX "framework"); 882 else 883 return (NULL); 884 } 885 886 /* 887 * Fails with 888 * _NO_RESOURCES - out of memory 889 */ 890 static int 891 perm_add_enabling(permcheck_t *pcp, const char *auth) 892 { 893 return (pc_add(pcp, auth) == 0 ? REP_PROTOCOL_SUCCESS : 894 REP_PROTOCOL_FAIL_NO_RESOURCES); 895 } 896 897 /* Note that perm_add_enabling_values() is defined below. */ 898 899 /* 900 * perm_granted() returns 1 if the current door caller has one of the enabling 901 * authorizations in pcp, 0 if it doesn't, and -1 if an error (usually lack of 902 * memory) occurs. check_auth_list() checks an RBAC_AUTH_SEP-separated list 903 * of authorizations for existence in pcp, and check_prof_list() checks the 904 * authorizations granted to an RBAC_AUTH_SEP-separated list of profiles. 905 */ 906 static int 907 check_auth_list(const permcheck_t *pcp, char *authlist) 908 { 909 char *auth, *lasts; 910 int ret; 911 912 for (auth = (char *)strtok_r(authlist, RBAC_AUTH_SEP, &lasts); 913 auth != NULL; 914 auth = (char *)strtok_r(NULL, RBAC_AUTH_SEP, &lasts)) { 915 if (strchr(auth, KV_WILDCHAR) == NULL) 916 ret = pc_exists(pcp, auth); 917 else 918 ret = pc_match(pcp, auth); 919 920 if (ret) 921 return (ret); 922 } 923 924 return (0); 925 } 926 927 static int 928 check_prof_list(const permcheck_t *pcp, char *proflist) 929 { 930 char *prof, *lasts, *authlist, *subproflist; 931 profattr_t *pap; 932 int ret = 0; 933 934 for (prof = strtok_r(proflist, RBAC_AUTH_SEP, &lasts); 935 prof != NULL; 936 prof = strtok_r(NULL, RBAC_AUTH_SEP, &lasts)) { 937 pap = getprofnam(prof); 938 if (pap == NULL) 939 continue; 940 941 authlist = kva_match(pap->attr, PROFATTR_AUTHS_KW); 942 if (authlist != NULL) 943 ret = check_auth_list(pcp, authlist); 944 945 if (!ret) { 946 subproflist = kva_match(pap->attr, PROFATTR_PROFS_KW); 947 if (subproflist != NULL) 948 /* depth check to avoid invinite recursion? */ 949 ret = check_prof_list(pcp, subproflist); 950 } 951 952 free_profattr(pap); 953 if (ret) 954 return (ret); 955 } 956 957 return (ret); 958 } 959 960 static int 961 perm_granted(const permcheck_t *pcp) 962 { 963 ucred_t *uc; 964 965 int ret = 0; 966 uid_t uid; 967 userattr_t *uap; 968 char *authlist, *userattr_authlist, *proflist, *def_prof = NULL; 969 970 /* 971 * Get generic authorizations from policy.conf 972 * 973 * Note that _get_auth_policy is not threadsafe, so we single-thread 974 * access to it. 975 */ 976 (void) pthread_mutex_lock(&perm_lock); 977 ret = _get_auth_policy(&authlist, &def_prof); 978 (void) pthread_mutex_unlock(&perm_lock); 979 980 if (ret != 0) 981 return (-1); 982 983 if (authlist != NULL) { 984 ret = check_auth_list(pcp, authlist); 985 986 if (ret) { 987 _free_auth_policy(authlist, def_prof); 988 return (ret); 989 } 990 } 991 992 /* 993 * Put off checking def_prof for later in an attempt to consolidate 994 * prof_attr accesses. 995 */ 996 997 /* Get the uid */ 998 if ((uc = get_ucred()) == NULL) { 999 _free_auth_policy(authlist, def_prof); 1000 1001 if (errno == EINVAL) { 1002 /* 1003 * Client is no longer waiting for our response (e.g., 1004 * it received a signal & resumed with EINTR). 1005 * Punting with door_return() would be nice but we 1006 * need to release all of the locks & references we 1007 * hold. And we must report failure to the client 1008 * layer to keep it from ignoring retries as 1009 * already-done (idempotency & all that). None of the 1010 * error codes fit very well, so we might as well 1011 * force the return of _PERMISSION_DENIED since we 1012 * couldn't determine the user. 1013 */ 1014 return (0); 1015 } 1016 assert(0); 1017 abort(); 1018 } 1019 1020 uid = ucred_geteuid(uc); 1021 assert(uid != (uid_t)-1); 1022 1023 uap = getuseruid(uid); 1024 if (uap != NULL) { 1025 /* Get the authorizations from user_attr. */ 1026 userattr_authlist = kva_match(uap->attr, USERATTR_AUTHS_KW); 1027 if (userattr_authlist != NULL) 1028 ret = check_auth_list(pcp, userattr_authlist); 1029 } 1030 1031 if (!ret && def_prof != NULL) { 1032 /* Check generic profiles. */ 1033 ret = check_prof_list(pcp, def_prof); 1034 } 1035 1036 if (!ret && uap != NULL) { 1037 proflist = kva_match(uap->attr, USERATTR_PROFILES_KW); 1038 if (proflist != NULL) 1039 ret = check_prof_list(pcp, proflist); 1040 } 1041 1042 _free_auth_policy(authlist, def_prof); 1043 if (uap != NULL) 1044 free_userattr(uap); 1045 1046 return (ret); 1047 } 1048 #endif /* NATIVE_BUILD */ 1049 1050 /* 1051 * flags in RC_NODE_WAITING_FLAGS are broadcast when unset, and are used to 1052 * serialize certain actions, and to wait for certain operations to complete 1053 * 1054 * The waiting flags are: 1055 * RC_NODE_CHILDREN_CHANGING 1056 * The child list is being built or changed (due to creation 1057 * or deletion). All iterators pause. 1058 * 1059 * RC_NODE_USING_PARENT 1060 * Someone is actively using the parent pointer, so we can't 1061 * be removed from the parent list. 1062 * 1063 * RC_NODE_CREATING_CHILD 1064 * A child is being created -- locks out other creations, to 1065 * prevent insert-insert races. 1066 * 1067 * RC_NODE_IN_TX 1068 * This object is running a transaction. 1069 * 1070 * RC_NODE_DYING 1071 * This node might be dying. Always set as a set, using 1072 * RC_NODE_DYING_FLAGS (which is everything but 1073 * RC_NODE_USING_PARENT) 1074 */ 1075 static int 1076 rc_node_hold_flag(rc_node_t *np, uint32_t flag) 1077 { 1078 assert(MUTEX_HELD(&np->rn_lock)); 1079 assert((flag & ~RC_NODE_WAITING_FLAGS) == 0); 1080 1081 while (!(np->rn_flags & RC_NODE_DEAD) && (np->rn_flags & flag)) { 1082 (void) pthread_cond_wait(&np->rn_cv, &np->rn_lock); 1083 } 1084 if (np->rn_flags & RC_NODE_DEAD) 1085 return (0); 1086 1087 np->rn_flags |= flag; 1088 return (1); 1089 } 1090 1091 static void 1092 rc_node_rele_flag(rc_node_t *np, uint32_t flag) 1093 { 1094 assert((flag & ~RC_NODE_WAITING_FLAGS) == 0); 1095 assert(MUTEX_HELD(&np->rn_lock)); 1096 assert((np->rn_flags & flag) == flag); 1097 np->rn_flags &= ~flag; 1098 (void) pthread_cond_broadcast(&np->rn_cv); 1099 } 1100 1101 /* 1102 * wait until a particular flag has cleared. Fails if the object dies. 1103 */ 1104 static int 1105 rc_node_wait_flag(rc_node_t *np, uint32_t flag) 1106 { 1107 assert(MUTEX_HELD(&np->rn_lock)); 1108 while (!(np->rn_flags & RC_NODE_DEAD) && (np->rn_flags & flag)) 1109 (void) pthread_cond_wait(&np->rn_cv, &np->rn_lock); 1110 1111 return (!(np->rn_flags & RC_NODE_DEAD)); 1112 } 1113 1114 /* 1115 * On entry, np's lock must be held, and this thread must be holding 1116 * RC_NODE_USING_PARENT. On return, both of them are released. 1117 * 1118 * If the return value is NULL, np either does not have a parent, or 1119 * the parent has been marked DEAD. 1120 * 1121 * If the return value is non-NULL, it is the parent of np, and both 1122 * its lock and the requested flags are held. 1123 */ 1124 static rc_node_t * 1125 rc_node_hold_parent_flag(rc_node_t *np, uint32_t flag) 1126 { 1127 rc_node_t *pp; 1128 1129 assert(MUTEX_HELD(&np->rn_lock)); 1130 assert(np->rn_flags & RC_NODE_USING_PARENT); 1131 1132 if ((pp = np->rn_parent) == NULL) { 1133 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1134 (void) pthread_mutex_unlock(&np->rn_lock); 1135 return (NULL); 1136 } 1137 (void) pthread_mutex_unlock(&np->rn_lock); 1138 1139 (void) pthread_mutex_lock(&pp->rn_lock); 1140 (void) pthread_mutex_lock(&np->rn_lock); 1141 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1142 (void) pthread_mutex_unlock(&np->rn_lock); 1143 1144 if (!rc_node_hold_flag(pp, flag)) { 1145 (void) pthread_mutex_unlock(&pp->rn_lock); 1146 return (NULL); 1147 } 1148 return (pp); 1149 } 1150 1151 rc_node_t * 1152 rc_node_alloc(void) 1153 { 1154 rc_node_t *np = uu_zalloc(sizeof (*np)); 1155 1156 if (np == NULL) 1157 return (NULL); 1158 1159 (void) pthread_mutex_init(&np->rn_lock, NULL); 1160 (void) pthread_cond_init(&np->rn_cv, NULL); 1161 1162 np->rn_children = uu_list_create(rc_children_pool, np, 0); 1163 np->rn_pg_notify_list = uu_list_create(rc_pg_notify_pool, np, 0); 1164 1165 uu_list_node_init(np, &np->rn_sibling_node, rc_children_pool); 1166 1167 uu_list_node_init(&np->rn_notify, &np->rn_notify.rcn_list_node, 1168 rc_notify_pool); 1169 1170 return (np); 1171 } 1172 1173 void 1174 rc_node_destroy(rc_node_t *np) 1175 { 1176 int i; 1177 1178 if (np->rn_flags & RC_NODE_UNREFED) 1179 return; /* being handled elsewhere */ 1180 1181 assert(np->rn_refs == 0 && np->rn_other_refs == 0); 1182 assert(np->rn_former == NULL); 1183 1184 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 1185 /* Release the holds from rc_iter_next(). */ 1186 for (i = 0; i < COMPOSITION_DEPTH; ++i) { 1187 /* rn_cchain[i] may be NULL for empty snapshots. */ 1188 if (np->rn_cchain[i] != NULL) 1189 rc_node_rele(np->rn_cchain[i]); 1190 } 1191 } 1192 1193 if (np->rn_name != NULL) 1194 free((void *)np->rn_name); 1195 np->rn_name = NULL; 1196 if (np->rn_type != NULL) 1197 free((void *)np->rn_type); 1198 np->rn_type = NULL; 1199 if (np->rn_values != NULL) 1200 object_free_values(np->rn_values, np->rn_valtype, 1201 np->rn_values_count, np->rn_values_size); 1202 np->rn_values = NULL; 1203 1204 if (np->rn_snaplevel != NULL) 1205 rc_snaplevel_rele(np->rn_snaplevel); 1206 np->rn_snaplevel = NULL; 1207 1208 uu_list_node_fini(np, &np->rn_sibling_node, rc_children_pool); 1209 1210 uu_list_node_fini(&np->rn_notify, &np->rn_notify.rcn_list_node, 1211 rc_notify_pool); 1212 1213 assert(uu_list_first(np->rn_children) == NULL); 1214 uu_list_destroy(np->rn_children); 1215 uu_list_destroy(np->rn_pg_notify_list); 1216 1217 (void) pthread_mutex_destroy(&np->rn_lock); 1218 (void) pthread_cond_destroy(&np->rn_cv); 1219 1220 uu_free(np); 1221 } 1222 1223 /* 1224 * Link in a child node. 1225 * 1226 * Because of the lock ordering, cp has to already be in the hash table with 1227 * its lock dropped before we get it. To prevent anyone from noticing that 1228 * it is parentless, the creation code sets the RC_NODE_USING_PARENT. Once 1229 * we've linked it in, we release the flag. 1230 */ 1231 static void 1232 rc_node_link_child(rc_node_t *np, rc_node_t *cp) 1233 { 1234 assert(!MUTEX_HELD(&np->rn_lock)); 1235 assert(!MUTEX_HELD(&cp->rn_lock)); 1236 1237 (void) pthread_mutex_lock(&np->rn_lock); 1238 (void) pthread_mutex_lock(&cp->rn_lock); 1239 assert(!(cp->rn_flags & RC_NODE_IN_PARENT) && 1240 (cp->rn_flags & RC_NODE_USING_PARENT)); 1241 1242 assert(rc_check_parent_child(np->rn_id.rl_type, cp->rn_id.rl_type) == 1243 REP_PROTOCOL_SUCCESS); 1244 1245 cp->rn_parent = np; 1246 cp->rn_flags |= RC_NODE_IN_PARENT; 1247 (void) uu_list_insert_before(np->rn_children, NULL, cp); 1248 1249 (void) pthread_mutex_unlock(&np->rn_lock); 1250 1251 rc_node_rele_flag(cp, RC_NODE_USING_PARENT); 1252 (void) pthread_mutex_unlock(&cp->rn_lock); 1253 } 1254 1255 /* 1256 * Sets the rn_parent_ref field of all the children of np to pp -- always 1257 * initially invoked as rc_node_setup_parent_ref(np, np), we then recurse. 1258 * 1259 * This is used when we mark a node RC_NODE_OLD, so that when the object and 1260 * its children are no longer referenced, they will all be deleted as a unit. 1261 */ 1262 static void 1263 rc_node_setup_parent_ref(rc_node_t *np, rc_node_t *pp) 1264 { 1265 rc_node_t *cp; 1266 1267 assert(MUTEX_HELD(&np->rn_lock)); 1268 1269 for (cp = uu_list_first(np->rn_children); cp != NULL; 1270 cp = uu_list_next(np->rn_children, cp)) { 1271 (void) pthread_mutex_lock(&cp->rn_lock); 1272 if (cp->rn_flags & RC_NODE_PARENT_REF) { 1273 assert(cp->rn_parent_ref == pp); 1274 } else { 1275 assert(cp->rn_parent_ref == NULL); 1276 1277 cp->rn_flags |= RC_NODE_PARENT_REF; 1278 cp->rn_parent_ref = pp; 1279 if (cp->rn_refs != 0) 1280 rc_node_hold_other(pp); 1281 } 1282 rc_node_setup_parent_ref(cp, pp); /* recurse */ 1283 (void) pthread_mutex_unlock(&cp->rn_lock); 1284 } 1285 } 1286 1287 /* 1288 * Atomically replace 'np' with 'newp', with a parent of 'pp'. 1289 * 1290 * Requirements: 1291 * *no* node locks may be held. 1292 * pp must be held with RC_NODE_CHILDREN_CHANGING 1293 * newp and np must be held with RC_NODE_IN_TX 1294 * np must be marked RC_NODE_IN_PARENT, newp must not be 1295 * np must be marked RC_NODE_OLD 1296 * 1297 * Afterwards: 1298 * pp's RC_NODE_CHILDREN_CHANGING is dropped 1299 * newp and np's RC_NODE_IN_TX is dropped 1300 * newp->rn_former = np; 1301 * newp is RC_NODE_IN_PARENT, np is not. 1302 * interested notify subscribers have been notified of newp's new status. 1303 */ 1304 static void 1305 rc_node_relink_child(rc_node_t *pp, rc_node_t *np, rc_node_t *newp) 1306 { 1307 cache_bucket_t *bp; 1308 /* 1309 * First, swap np and nnp in the cache. newp's RC_NODE_IN_TX flag 1310 * keeps rc_node_update() from seeing it until we are done. 1311 */ 1312 bp = cache_hold(newp->rn_hash); 1313 cache_remove_unlocked(bp, np); 1314 cache_insert_unlocked(bp, newp); 1315 cache_release(bp); 1316 1317 /* 1318 * replace np with newp in pp's list, and attach it to newp's rn_former 1319 * link. 1320 */ 1321 (void) pthread_mutex_lock(&pp->rn_lock); 1322 assert(pp->rn_flags & RC_NODE_CHILDREN_CHANGING); 1323 1324 (void) pthread_mutex_lock(&newp->rn_lock); 1325 assert(!(newp->rn_flags & RC_NODE_IN_PARENT)); 1326 assert(newp->rn_flags & RC_NODE_IN_TX); 1327 1328 (void) pthread_mutex_lock(&np->rn_lock); 1329 assert(np->rn_flags & RC_NODE_IN_PARENT); 1330 assert(np->rn_flags & RC_NODE_OLD); 1331 assert(np->rn_flags & RC_NODE_IN_TX); 1332 1333 newp->rn_parent = pp; 1334 newp->rn_flags |= RC_NODE_IN_PARENT; 1335 1336 /* 1337 * Note that we carefully add newp before removing np -- this 1338 * keeps iterators on the list from missing us. 1339 */ 1340 (void) uu_list_insert_after(pp->rn_children, np, newp); 1341 (void) uu_list_remove(pp->rn_children, np); 1342 1343 /* 1344 * re-set np 1345 */ 1346 newp->rn_former = np; 1347 np->rn_parent = NULL; 1348 np->rn_flags &= ~RC_NODE_IN_PARENT; 1349 np->rn_flags |= RC_NODE_ON_FORMER; 1350 1351 rc_notify_insert_node(newp); 1352 1353 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 1354 (void) pthread_mutex_unlock(&pp->rn_lock); 1355 rc_node_rele_flag(newp, RC_NODE_USING_PARENT | RC_NODE_IN_TX); 1356 (void) pthread_mutex_unlock(&newp->rn_lock); 1357 rc_node_setup_parent_ref(np, np); 1358 rc_node_rele_flag(np, RC_NODE_IN_TX); 1359 (void) pthread_mutex_unlock(&np->rn_lock); 1360 } 1361 1362 /* 1363 * makes sure a node with lookup 'nip', name 'name', and parent 'pp' exists. 1364 * 'cp' is used (and returned) if the node does not yet exist. If it does 1365 * exist, 'cp' is freed, and the existent node is returned instead. 1366 */ 1367 rc_node_t * 1368 rc_node_setup(rc_node_t *cp, rc_node_lookup_t *nip, const char *name, 1369 rc_node_t *pp) 1370 { 1371 rc_node_t *np; 1372 cache_bucket_t *bp; 1373 uint32_t h = rc_node_hash(nip); 1374 1375 assert(cp->rn_refs == 0); 1376 1377 bp = cache_hold(h); 1378 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1379 cache_release(bp); 1380 1381 /* 1382 * make sure it matches our expectations 1383 */ 1384 (void) pthread_mutex_lock(&np->rn_lock); 1385 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1386 assert(np->rn_parent == pp); 1387 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1388 assert(strcmp(np->rn_name, name) == 0); 1389 assert(np->rn_type == NULL); 1390 assert(np->rn_flags & RC_NODE_IN_PARENT); 1391 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1392 } 1393 (void) pthread_mutex_unlock(&np->rn_lock); 1394 1395 rc_node_destroy(cp); 1396 return (np); 1397 } 1398 1399 /* 1400 * No one is there -- create a new node. 1401 */ 1402 np = cp; 1403 rc_node_hold(np); 1404 np->rn_id = *nip; 1405 np->rn_hash = h; 1406 np->rn_name = strdup(name); 1407 1408 np->rn_flags |= RC_NODE_USING_PARENT; 1409 1410 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE) { 1411 #if COMPOSITION_DEPTH == 2 1412 np->rn_cchain[0] = np; 1413 np->rn_cchain[1] = pp; 1414 #else 1415 #error This code must be updated. 1416 #endif 1417 } 1418 1419 cache_insert_unlocked(bp, np); 1420 cache_release(bp); /* we are now visible */ 1421 1422 rc_node_link_child(pp, np); 1423 1424 return (np); 1425 } 1426 1427 /* 1428 * makes sure a snapshot with lookup 'nip', name 'name', and parent 'pp' exists. 1429 * 'cp' is used (and returned) if the node does not yet exist. If it does 1430 * exist, 'cp' is freed, and the existent node is returned instead. 1431 */ 1432 rc_node_t * 1433 rc_node_setup_snapshot(rc_node_t *cp, rc_node_lookup_t *nip, const char *name, 1434 uint32_t snap_id, rc_node_t *pp) 1435 { 1436 rc_node_t *np; 1437 cache_bucket_t *bp; 1438 uint32_t h = rc_node_hash(nip); 1439 1440 assert(cp->rn_refs == 0); 1441 1442 bp = cache_hold(h); 1443 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1444 cache_release(bp); 1445 1446 /* 1447 * make sure it matches our expectations 1448 */ 1449 (void) pthread_mutex_lock(&np->rn_lock); 1450 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1451 assert(np->rn_parent == pp); 1452 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1453 assert(strcmp(np->rn_name, name) == 0); 1454 assert(np->rn_type == NULL); 1455 assert(np->rn_flags & RC_NODE_IN_PARENT); 1456 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1457 } 1458 (void) pthread_mutex_unlock(&np->rn_lock); 1459 1460 rc_node_destroy(cp); 1461 return (np); 1462 } 1463 1464 /* 1465 * No one is there -- create a new node. 1466 */ 1467 np = cp; 1468 rc_node_hold(np); 1469 np->rn_id = *nip; 1470 np->rn_hash = h; 1471 np->rn_name = strdup(name); 1472 np->rn_snapshot_id = snap_id; 1473 1474 np->rn_flags |= RC_NODE_USING_PARENT; 1475 1476 cache_insert_unlocked(bp, np); 1477 cache_release(bp); /* we are now visible */ 1478 1479 rc_node_link_child(pp, np); 1480 1481 return (np); 1482 } 1483 1484 /* 1485 * makes sure a snaplevel with lookup 'nip' and parent 'pp' exists. 'cp' is 1486 * used (and returned) if the node does not yet exist. If it does exist, 'cp' 1487 * is freed, and the existent node is returned instead. 1488 */ 1489 rc_node_t * 1490 rc_node_setup_snaplevel(rc_node_t *cp, rc_node_lookup_t *nip, 1491 rc_snaplevel_t *lvl, rc_node_t *pp) 1492 { 1493 rc_node_t *np; 1494 cache_bucket_t *bp; 1495 uint32_t h = rc_node_hash(nip); 1496 1497 assert(cp->rn_refs == 0); 1498 1499 bp = cache_hold(h); 1500 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1501 cache_release(bp); 1502 1503 /* 1504 * make sure it matches our expectations 1505 */ 1506 (void) pthread_mutex_lock(&np->rn_lock); 1507 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1508 assert(np->rn_parent == pp); 1509 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1510 assert(np->rn_name == NULL); 1511 assert(np->rn_type == NULL); 1512 assert(np->rn_flags & RC_NODE_IN_PARENT); 1513 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1514 } 1515 (void) pthread_mutex_unlock(&np->rn_lock); 1516 1517 rc_node_destroy(cp); 1518 return (np); 1519 } 1520 1521 /* 1522 * No one is there -- create a new node. 1523 */ 1524 np = cp; 1525 rc_node_hold(np); /* released in snapshot_fill_children() */ 1526 np->rn_id = *nip; 1527 np->rn_hash = h; 1528 1529 rc_snaplevel_hold(lvl); 1530 np->rn_snaplevel = lvl; 1531 1532 np->rn_flags |= RC_NODE_USING_PARENT; 1533 1534 cache_insert_unlocked(bp, np); 1535 cache_release(bp); /* we are now visible */ 1536 1537 /* Add this snaplevel to the snapshot's composition chain. */ 1538 assert(pp->rn_cchain[lvl->rsl_level_num - 1] == NULL); 1539 pp->rn_cchain[lvl->rsl_level_num - 1] = np; 1540 1541 rc_node_link_child(pp, np); 1542 1543 return (np); 1544 } 1545 1546 /* 1547 * Returns NULL if strdup() fails. 1548 */ 1549 rc_node_t * 1550 rc_node_setup_pg(rc_node_t *cp, rc_node_lookup_t *nip, const char *name, 1551 const char *type, uint32_t flags, uint32_t gen_id, rc_node_t *pp) 1552 { 1553 rc_node_t *np; 1554 cache_bucket_t *bp; 1555 1556 uint32_t h = rc_node_hash(nip); 1557 bp = cache_hold(h); 1558 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1559 cache_release(bp); 1560 1561 /* 1562 * make sure it matches our expectations (don't check 1563 * the generation number or parent, since someone could 1564 * have gotten a transaction through while we weren't 1565 * looking) 1566 */ 1567 (void) pthread_mutex_lock(&np->rn_lock); 1568 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1569 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1570 assert(strcmp(np->rn_name, name) == 0); 1571 assert(strcmp(np->rn_type, type) == 0); 1572 assert(np->rn_pgflags == flags); 1573 assert(np->rn_flags & RC_NODE_IN_PARENT); 1574 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1575 } 1576 (void) pthread_mutex_unlock(&np->rn_lock); 1577 1578 rc_node_destroy(cp); 1579 return (np); 1580 } 1581 1582 np = cp; 1583 rc_node_hold(np); /* released in fill_pg_callback() */ 1584 np->rn_id = *nip; 1585 np->rn_hash = h; 1586 np->rn_name = strdup(name); 1587 if (np->rn_name == NULL) { 1588 rc_node_rele(np); 1589 return (NULL); 1590 } 1591 np->rn_type = strdup(type); 1592 if (np->rn_type == NULL) { 1593 free((void *)np->rn_name); 1594 rc_node_rele(np); 1595 return (NULL); 1596 } 1597 np->rn_pgflags = flags; 1598 np->rn_gen_id = gen_id; 1599 1600 np->rn_flags |= RC_NODE_USING_PARENT; 1601 1602 cache_insert_unlocked(bp, np); 1603 cache_release(bp); /* we are now visible */ 1604 1605 rc_node_link_child(pp, np); 1606 1607 return (np); 1608 } 1609 1610 #if COMPOSITION_DEPTH == 2 1611 /* 1612 * Initialize a "composed property group" which represents the composition of 1613 * property groups pg1 & pg2. It is ephemeral: once created & returned for an 1614 * ITER_READ request, keeping it out of cache_hash and any child lists 1615 * prevents it from being looked up. Operations besides iteration are passed 1616 * through to pg1. 1617 * 1618 * pg1 & pg2 should be held before entering this function. They will be 1619 * released in rc_node_destroy(). 1620 */ 1621 static int 1622 rc_node_setup_cpg(rc_node_t *cpg, rc_node_t *pg1, rc_node_t *pg2) 1623 { 1624 if (strcmp(pg1->rn_type, pg2->rn_type) != 0) 1625 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 1626 1627 cpg->rn_id.rl_type = REP_PROTOCOL_ENTITY_CPROPERTYGRP; 1628 cpg->rn_name = strdup(pg1->rn_name); 1629 if (cpg->rn_name == NULL) 1630 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 1631 1632 cpg->rn_cchain[0] = pg1; 1633 cpg->rn_cchain[1] = pg2; 1634 1635 return (REP_PROTOCOL_SUCCESS); 1636 } 1637 #else 1638 #error This code must be updated. 1639 #endif 1640 1641 /* 1642 * Fails with _NO_RESOURCES. 1643 */ 1644 int 1645 rc_node_create_property(rc_node_t *pp, rc_node_lookup_t *nip, 1646 const char *name, rep_protocol_value_type_t type, 1647 const char *vals, size_t count, size_t size) 1648 { 1649 rc_node_t *np; 1650 cache_bucket_t *bp; 1651 1652 uint32_t h = rc_node_hash(nip); 1653 bp = cache_hold(h); 1654 if ((np = cache_lookup_unlocked(bp, nip)) != NULL) { 1655 cache_release(bp); 1656 /* 1657 * make sure it matches our expectations 1658 */ 1659 (void) pthread_mutex_lock(&np->rn_lock); 1660 if (rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 1661 assert(np->rn_parent == pp); 1662 assert(memcmp(&np->rn_id, nip, sizeof (*nip)) == 0); 1663 assert(strcmp(np->rn_name, name) == 0); 1664 assert(np->rn_valtype == type); 1665 assert(np->rn_values_count == count); 1666 assert(np->rn_values_size == size); 1667 assert(vals == NULL || 1668 memcmp(np->rn_values, vals, size) == 0); 1669 assert(np->rn_flags & RC_NODE_IN_PARENT); 1670 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 1671 } 1672 rc_node_rele_locked(np); 1673 object_free_values(vals, type, count, size); 1674 return (REP_PROTOCOL_SUCCESS); 1675 } 1676 1677 /* 1678 * No one is there -- create a new node. 1679 */ 1680 np = rc_node_alloc(); 1681 if (np == NULL) { 1682 cache_release(bp); 1683 object_free_values(vals, type, count, size); 1684 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 1685 } 1686 np->rn_id = *nip; 1687 np->rn_hash = h; 1688 np->rn_name = strdup(name); 1689 if (np->rn_name == NULL) { 1690 cache_release(bp); 1691 object_free_values(vals, type, count, size); 1692 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 1693 } 1694 1695 np->rn_valtype = type; 1696 np->rn_values = vals; 1697 np->rn_values_count = count; 1698 np->rn_values_size = size; 1699 1700 np->rn_flags |= RC_NODE_USING_PARENT; 1701 1702 cache_insert_unlocked(bp, np); 1703 cache_release(bp); /* we are now visible */ 1704 1705 rc_node_link_child(pp, np); 1706 1707 return (REP_PROTOCOL_SUCCESS); 1708 } 1709 1710 int 1711 rc_node_init(void) 1712 { 1713 rc_node_t *np; 1714 cache_bucket_t *bp; 1715 1716 rc_children_pool = uu_list_pool_create("rc_children_pool", 1717 sizeof (rc_node_t), offsetof(rc_node_t, rn_sibling_node), 1718 NULL, UU_LIST_POOL_DEBUG); 1719 1720 rc_pg_notify_pool = uu_list_pool_create("rc_pg_notify_pool", 1721 sizeof (rc_node_pg_notify_t), 1722 offsetof(rc_node_pg_notify_t, rnpn_node), 1723 NULL, UU_LIST_POOL_DEBUG); 1724 1725 rc_notify_pool = uu_list_pool_create("rc_notify_pool", 1726 sizeof (rc_notify_t), offsetof(rc_notify_t, rcn_list_node), 1727 NULL, UU_LIST_POOL_DEBUG); 1728 1729 rc_notify_info_pool = uu_list_pool_create("rc_notify_info_pool", 1730 sizeof (rc_notify_info_t), 1731 offsetof(rc_notify_info_t, rni_list_node), 1732 NULL, UU_LIST_POOL_DEBUG); 1733 1734 if (rc_children_pool == NULL || rc_pg_notify_pool == NULL || 1735 rc_notify_pool == NULL || rc_notify_info_pool == NULL) 1736 uu_die("out of memory"); 1737 1738 rc_notify_list = uu_list_create(rc_notify_pool, 1739 &rc_notify_list, 0); 1740 1741 rc_notify_info_list = uu_list_create(rc_notify_info_pool, 1742 &rc_notify_info_list, 0); 1743 1744 if (rc_notify_list == NULL || rc_notify_info_list == NULL) 1745 uu_die("out of memory"); 1746 1747 if ((np = rc_node_alloc()) == NULL) 1748 uu_die("out of memory"); 1749 1750 rc_node_hold(np); 1751 np->rn_id.rl_type = REP_PROTOCOL_ENTITY_SCOPE; 1752 np->rn_id.rl_backend = BACKEND_TYPE_NORMAL; 1753 np->rn_hash = rc_node_hash(&np->rn_id); 1754 np->rn_name = "localhost"; 1755 1756 bp = cache_hold(np->rn_hash); 1757 cache_insert_unlocked(bp, np); 1758 cache_release(bp); 1759 1760 rc_scope = np; 1761 return (1); 1762 } 1763 1764 /* 1765 * Fails with 1766 * _INVALID_TYPE - type is invalid 1767 * _TYPE_MISMATCH - np doesn't carry children of type type 1768 * _DELETED - np has been deleted 1769 * _NO_RESOURCES 1770 */ 1771 static int 1772 rc_node_fill_children(rc_node_t *np, uint32_t type) 1773 { 1774 int rc; 1775 1776 assert(MUTEX_HELD(&np->rn_lock)); 1777 1778 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 1779 REP_PROTOCOL_SUCCESS) 1780 return (rc); 1781 1782 if (!rc_node_hold_flag(np, RC_NODE_CHILDREN_CHANGING)) 1783 return (REP_PROTOCOL_FAIL_DELETED); 1784 1785 if (np->rn_flags & RC_NODE_HAS_CHILDREN) { 1786 rc_node_rele_flag(np, RC_NODE_CHILDREN_CHANGING); 1787 return (REP_PROTOCOL_SUCCESS); 1788 } 1789 1790 (void) pthread_mutex_unlock(&np->rn_lock); 1791 rc = object_fill_children(np); 1792 (void) pthread_mutex_lock(&np->rn_lock); 1793 1794 if (rc == REP_PROTOCOL_SUCCESS) { 1795 np->rn_flags |= RC_NODE_HAS_CHILDREN; 1796 } 1797 rc_node_rele_flag(np, RC_NODE_CHILDREN_CHANGING); 1798 1799 return (rc); 1800 } 1801 1802 /* 1803 * Returns 1804 * _INVALID_TYPE - type is invalid 1805 * _TYPE_MISMATCH - np doesn't carry children of type type 1806 * _DELETED - np has been deleted 1807 * _NO_RESOURCES 1808 * _SUCCESS - if *cpp is not NULL, it is held 1809 */ 1810 static int 1811 rc_node_find_named_child(rc_node_t *np, const char *name, uint32_t type, 1812 rc_node_t **cpp) 1813 { 1814 int ret; 1815 rc_node_t *cp; 1816 1817 assert(MUTEX_HELD(&np->rn_lock)); 1818 assert(np->rn_id.rl_type != REP_PROTOCOL_ENTITY_CPROPERTYGRP); 1819 1820 ret = rc_node_fill_children(np, type); 1821 if (ret != REP_PROTOCOL_SUCCESS) 1822 return (ret); 1823 1824 for (cp = uu_list_first(np->rn_children); 1825 cp != NULL; 1826 cp = uu_list_next(np->rn_children, cp)) { 1827 if (cp->rn_id.rl_type == type && strcmp(cp->rn_name, name) == 0) 1828 break; 1829 } 1830 1831 if (cp != NULL) 1832 rc_node_hold(cp); 1833 *cpp = cp; 1834 1835 return (REP_PROTOCOL_SUCCESS); 1836 } 1837 1838 static int rc_node_parent(rc_node_t *, rc_node_t **); 1839 1840 /* 1841 * Returns 1842 * _INVALID_TYPE - type is invalid 1843 * _DELETED - np or an ancestor has been deleted 1844 * _NOT_FOUND - no ancestor of specified type exists 1845 * _SUCCESS - *app is held 1846 */ 1847 static int 1848 rc_node_find_ancestor(rc_node_t *np, uint32_t type, rc_node_t **app) 1849 { 1850 int ret; 1851 rc_node_t *parent, *np_orig; 1852 1853 if (type >= REP_PROTOCOL_ENTITY_MAX) 1854 return (REP_PROTOCOL_FAIL_INVALID_TYPE); 1855 1856 np_orig = np; 1857 1858 while (np->rn_id.rl_type > type) { 1859 ret = rc_node_parent(np, &parent); 1860 if (np != np_orig) 1861 rc_node_rele(np); 1862 if (ret != REP_PROTOCOL_SUCCESS) 1863 return (ret); 1864 np = parent; 1865 } 1866 1867 if (np->rn_id.rl_type == type) { 1868 *app = parent; 1869 return (REP_PROTOCOL_SUCCESS); 1870 } 1871 1872 return (REP_PROTOCOL_FAIL_NOT_FOUND); 1873 } 1874 1875 #ifndef NATIVE_BUILD 1876 /* 1877 * If the propname property exists in pg, and it is of type string, add its 1878 * values as authorizations to pcp. pg must not be locked on entry, and it is 1879 * returned unlocked. Returns 1880 * _DELETED - pg was deleted 1881 * _NO_RESOURCES 1882 * _NOT_FOUND - pg has no property named propname 1883 * _SUCCESS 1884 */ 1885 static int 1886 perm_add_pg_prop_values(permcheck_t *pcp, rc_node_t *pg, const char *propname) 1887 { 1888 rc_node_t *prop; 1889 int result; 1890 1891 uint_t count; 1892 const char *cp; 1893 1894 assert(!MUTEX_HELD(&pg->rn_lock)); 1895 assert(pg->rn_id.rl_type == REP_PROTOCOL_ENTITY_PROPERTYGRP); 1896 1897 (void) pthread_mutex_lock(&pg->rn_lock); 1898 result = rc_node_find_named_child(pg, propname, 1899 REP_PROTOCOL_ENTITY_PROPERTY, &prop); 1900 (void) pthread_mutex_unlock(&pg->rn_lock); 1901 if (result != REP_PROTOCOL_SUCCESS) { 1902 switch (result) { 1903 case REP_PROTOCOL_FAIL_DELETED: 1904 case REP_PROTOCOL_FAIL_NO_RESOURCES: 1905 return (result); 1906 1907 case REP_PROTOCOL_FAIL_INVALID_TYPE: 1908 case REP_PROTOCOL_FAIL_TYPE_MISMATCH: 1909 default: 1910 bad_error("rc_node_find_named_child", result); 1911 } 1912 } 1913 1914 if (prop == NULL) 1915 return (REP_PROTOCOL_FAIL_NOT_FOUND); 1916 1917 /* rn_valtype is immutable, so no locking. */ 1918 if (prop->rn_valtype != REP_PROTOCOL_TYPE_STRING) { 1919 rc_node_rele(prop); 1920 return (REP_PROTOCOL_SUCCESS); 1921 } 1922 1923 (void) pthread_mutex_lock(&prop->rn_lock); 1924 for (count = prop->rn_values_count, cp = prop->rn_values; 1925 count > 0; 1926 --count) { 1927 result = perm_add_enabling(pcp, cp); 1928 if (result != REP_PROTOCOL_SUCCESS) 1929 break; 1930 1931 cp = strchr(cp, '\0') + 1; 1932 } 1933 1934 rc_node_rele_locked(prop); 1935 1936 return (result); 1937 } 1938 1939 /* 1940 * Assuming that ent is a service or instance node, if the pgname property 1941 * group has type pgtype, and it has a propname property with string type, add 1942 * its values as authorizations to pcp. If pgtype is NULL, it is not checked. 1943 * Returns 1944 * _SUCCESS 1945 * _DELETED - ent was deleted 1946 * _NO_RESOURCES - no resources 1947 * _NOT_FOUND - ent does not have pgname pg or propname property 1948 */ 1949 static int 1950 perm_add_ent_prop_values(permcheck_t *pcp, rc_node_t *ent, const char *pgname, 1951 const char *pgtype, const char *propname) 1952 { 1953 int r; 1954 rc_node_t *pg; 1955 1956 assert(!MUTEX_HELD(&ent->rn_lock)); 1957 1958 (void) pthread_mutex_lock(&ent->rn_lock); 1959 r = rc_node_find_named_child(ent, pgname, 1960 REP_PROTOCOL_ENTITY_PROPERTYGRP, &pg); 1961 (void) pthread_mutex_unlock(&ent->rn_lock); 1962 1963 switch (r) { 1964 case REP_PROTOCOL_SUCCESS: 1965 break; 1966 1967 case REP_PROTOCOL_FAIL_DELETED: 1968 case REP_PROTOCOL_FAIL_NO_RESOURCES: 1969 return (r); 1970 1971 default: 1972 bad_error("rc_node_find_named_child", r); 1973 } 1974 1975 if (pg == NULL) 1976 return (REP_PROTOCOL_FAIL_NOT_FOUND); 1977 1978 if (pgtype == NULL || strcmp(pg->rn_type, pgtype) == 0) { 1979 r = perm_add_pg_prop_values(pcp, pg, propname); 1980 switch (r) { 1981 case REP_PROTOCOL_FAIL_DELETED: 1982 r = REP_PROTOCOL_FAIL_NOT_FOUND; 1983 break; 1984 1985 case REP_PROTOCOL_FAIL_NO_RESOURCES: 1986 case REP_PROTOCOL_SUCCESS: 1987 case REP_PROTOCOL_FAIL_NOT_FOUND: 1988 break; 1989 1990 default: 1991 bad_error("perm_add_pg_prop_values", r); 1992 } 1993 } 1994 1995 rc_node_rele(pg); 1996 1997 return (r); 1998 } 1999 2000 /* 2001 * If pg has a property named propname, and is string typed, add its values as 2002 * authorizations to pcp. If pg has no such property, and its parent is an 2003 * instance, walk up to the service and try doing the same with the property 2004 * of the same name from the property group of the same name. Returns 2005 * _SUCCESS 2006 * _NO_RESOURCES 2007 * _DELETED - pg (or an ancestor) was deleted 2008 */ 2009 static int 2010 perm_add_enabling_values(permcheck_t *pcp, rc_node_t *pg, const char *propname) 2011 { 2012 int r; 2013 char pgname[REP_PROTOCOL_NAME_LEN + 1]; 2014 rc_node_t *svc; 2015 size_t sz; 2016 2017 r = perm_add_pg_prop_values(pcp, pg, propname); 2018 2019 if (r != REP_PROTOCOL_FAIL_NOT_FOUND) 2020 return (r); 2021 2022 assert(!MUTEX_HELD(&pg->rn_lock)); 2023 2024 if (pg->rn_id.rl_ids[ID_INSTANCE] == 0) 2025 return (REP_PROTOCOL_SUCCESS); 2026 2027 sz = strlcpy(pgname, pg->rn_name, sizeof (pgname)); 2028 assert(sz < sizeof (pgname)); 2029 2030 /* 2031 * If pg is a child of an instance or snapshot, we want to compose the 2032 * authorization property with the service's (if it exists). The 2033 * snapshot case applies only to read_authorization. In all other 2034 * cases, the pg's parent will be the instance. 2035 */ 2036 r = rc_node_find_ancestor(pg, REP_PROTOCOL_ENTITY_SERVICE, &svc); 2037 if (r != REP_PROTOCOL_SUCCESS) { 2038 assert(r == REP_PROTOCOL_FAIL_DELETED); 2039 return (r); 2040 } 2041 assert(svc->rn_id.rl_type == REP_PROTOCOL_ENTITY_SERVICE); 2042 2043 r = perm_add_ent_prop_values(pcp, svc, pgname, NULL, propname); 2044 2045 rc_node_rele(svc); 2046 2047 if (r == REP_PROTOCOL_FAIL_NOT_FOUND) 2048 r = REP_PROTOCOL_SUCCESS; 2049 2050 return (r); 2051 } 2052 2053 /* 2054 * Call perm_add_enabling_values() for the "action_authorization" property of 2055 * the "general" property group of inst. Returns 2056 * _DELETED - inst (or an ancestor) was deleted 2057 * _NO_RESOURCES 2058 * _SUCCESS 2059 */ 2060 static int 2061 perm_add_inst_action_auth(permcheck_t *pcp, rc_node_t *inst) 2062 { 2063 int r; 2064 rc_node_t *svc; 2065 2066 assert(inst->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE); 2067 2068 r = perm_add_ent_prop_values(pcp, inst, AUTH_PG_GENERAL, 2069 AUTH_PG_GENERAL_TYPE, AUTH_PROP_ACTION); 2070 2071 if (r != REP_PROTOCOL_FAIL_NOT_FOUND) 2072 return (r); 2073 2074 r = rc_node_parent(inst, &svc); 2075 if (r != REP_PROTOCOL_SUCCESS) { 2076 assert(r == REP_PROTOCOL_FAIL_DELETED); 2077 return (r); 2078 } 2079 2080 r = perm_add_ent_prop_values(pcp, svc, AUTH_PG_GENERAL, 2081 AUTH_PG_GENERAL_TYPE, AUTH_PROP_ACTION); 2082 2083 return (r == REP_PROTOCOL_FAIL_NOT_FOUND ? REP_PROTOCOL_SUCCESS : r); 2084 } 2085 #endif /* NATIVE_BUILD */ 2086 2087 void 2088 rc_node_ptr_init(rc_node_ptr_t *out) 2089 { 2090 out->rnp_node = NULL; 2091 out->rnp_authorized = 0; 2092 out->rnp_deleted = 0; 2093 } 2094 2095 static void 2096 rc_node_assign(rc_node_ptr_t *out, rc_node_t *val) 2097 { 2098 rc_node_t *cur = out->rnp_node; 2099 if (val != NULL) 2100 rc_node_hold(val); 2101 out->rnp_node = val; 2102 if (cur != NULL) 2103 rc_node_rele(cur); 2104 out->rnp_authorized = 0; 2105 out->rnp_deleted = 0; 2106 } 2107 2108 void 2109 rc_node_clear(rc_node_ptr_t *out, int deleted) 2110 { 2111 rc_node_assign(out, NULL); 2112 out->rnp_deleted = deleted; 2113 } 2114 2115 void 2116 rc_node_ptr_assign(rc_node_ptr_t *out, const rc_node_ptr_t *val) 2117 { 2118 rc_node_assign(out, val->rnp_node); 2119 } 2120 2121 /* 2122 * rc_node_check()/RC_NODE_CHECK() 2123 * generic "entry" checks, run before the use of an rc_node pointer. 2124 * 2125 * Fails with 2126 * _NOT_SET 2127 * _DELETED 2128 */ 2129 static int 2130 rc_node_check_and_lock(rc_node_t *np) 2131 { 2132 int result = REP_PROTOCOL_SUCCESS; 2133 if (np == NULL) 2134 return (REP_PROTOCOL_FAIL_NOT_SET); 2135 2136 (void) pthread_mutex_lock(&np->rn_lock); 2137 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 2138 result = REP_PROTOCOL_FAIL_DELETED; 2139 (void) pthread_mutex_unlock(&np->rn_lock); 2140 } 2141 2142 return (result); 2143 } 2144 2145 /* 2146 * Fails with 2147 * _NOT_SET - ptr is reset 2148 * _DELETED - node has been deleted 2149 */ 2150 static rc_node_t * 2151 rc_node_ptr_check_and_lock(rc_node_ptr_t *npp, int *res) 2152 { 2153 rc_node_t *np = npp->rnp_node; 2154 if (np == NULL) { 2155 if (npp->rnp_deleted) 2156 *res = REP_PROTOCOL_FAIL_DELETED; 2157 else 2158 *res = REP_PROTOCOL_FAIL_NOT_SET; 2159 return (NULL); 2160 } 2161 2162 (void) pthread_mutex_lock(&np->rn_lock); 2163 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 2164 (void) pthread_mutex_unlock(&np->rn_lock); 2165 rc_node_clear(npp, 1); 2166 *res = REP_PROTOCOL_FAIL_DELETED; 2167 return (NULL); 2168 } 2169 return (np); 2170 } 2171 2172 #define RC_NODE_CHECK_AND_LOCK(n) { \ 2173 int rc__res; \ 2174 if ((rc__res = rc_node_check_and_lock(n)) != REP_PROTOCOL_SUCCESS) \ 2175 return (rc__res); \ 2176 } 2177 2178 #define RC_NODE_CHECK(n) { \ 2179 RC_NODE_CHECK_AND_LOCK(n); \ 2180 (void) pthread_mutex_unlock(&(n)->rn_lock); \ 2181 } 2182 2183 #define RC_NODE_CHECK_AND_HOLD(n) { \ 2184 RC_NODE_CHECK_AND_LOCK(n); \ 2185 rc_node_hold_locked(n); \ 2186 (void) pthread_mutex_unlock(&(n)->rn_lock); \ 2187 } 2188 2189 #define RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp) { \ 2190 int rc__res; \ 2191 if (((np) = rc_node_ptr_check_and_lock(npp, &rc__res)) == NULL) \ 2192 return (rc__res); \ 2193 } 2194 2195 #define RC_NODE_PTR_GET_CHECK(np, npp) { \ 2196 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); \ 2197 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2198 } 2199 2200 #define RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp) { \ 2201 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); \ 2202 rc_node_hold_locked(np); \ 2203 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2204 } 2205 2206 #define HOLD_FLAG_OR_RETURN(np, flag) { \ 2207 assert(MUTEX_HELD(&(np)->rn_lock)); \ 2208 assert(!((np)->rn_flags & RC_NODE_DEAD)); \ 2209 if (!rc_node_hold_flag((np), flag)) { \ 2210 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2211 return (REP_PROTOCOL_FAIL_DELETED); \ 2212 } \ 2213 } 2214 2215 #define HOLD_PTR_FLAG_OR_RETURN(np, npp, flag) { \ 2216 assert(MUTEX_HELD(&(np)->rn_lock)); \ 2217 assert(!((np)->rn_flags & RC_NODE_DEAD)); \ 2218 if (!rc_node_hold_flag((np), flag)) { \ 2219 (void) pthread_mutex_unlock(&(np)->rn_lock); \ 2220 assert((np) == (npp)->rnp_node); \ 2221 rc_node_clear(npp, 1); \ 2222 return (REP_PROTOCOL_FAIL_DELETED); \ 2223 } \ 2224 } 2225 2226 int 2227 rc_local_scope(uint32_t type, rc_node_ptr_t *out) 2228 { 2229 if (type != REP_PROTOCOL_ENTITY_SCOPE) { 2230 rc_node_clear(out, 0); 2231 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2232 } 2233 2234 /* 2235 * the main scope never gets destroyed 2236 */ 2237 rc_node_assign(out, rc_scope); 2238 2239 return (REP_PROTOCOL_SUCCESS); 2240 } 2241 2242 /* 2243 * Fails with 2244 * _NOT_SET - npp is not set 2245 * _DELETED - the node npp pointed at has been deleted 2246 * _TYPE_MISMATCH - type is not _SCOPE 2247 * _NOT_FOUND - scope has no parent 2248 */ 2249 static int 2250 rc_scope_parent_scope(rc_node_ptr_t *npp, uint32_t type, rc_node_ptr_t *out) 2251 { 2252 rc_node_t *np; 2253 2254 rc_node_clear(out, 0); 2255 2256 RC_NODE_PTR_GET_CHECK(np, npp); 2257 2258 if (type != REP_PROTOCOL_ENTITY_SCOPE) 2259 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2260 2261 return (REP_PROTOCOL_FAIL_NOT_FOUND); 2262 } 2263 2264 static int rc_node_pg_check_read_protect(rc_node_t *); 2265 2266 /* 2267 * Fails with 2268 * _NOT_SET 2269 * _DELETED 2270 * _NOT_APPLICABLE 2271 * _NOT_FOUND 2272 * _BAD_REQUEST 2273 * _TRUNCATED 2274 * _NO_RESOURCES 2275 */ 2276 int 2277 rc_node_name(rc_node_ptr_t *npp, char *buf, size_t sz, uint32_t answertype, 2278 size_t *sz_out) 2279 { 2280 size_t actual; 2281 rc_node_t *np; 2282 2283 assert(sz == *sz_out); 2284 2285 RC_NODE_PTR_GET_CHECK(np, npp); 2286 2287 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2288 np = np->rn_cchain[0]; 2289 RC_NODE_CHECK(np); 2290 } 2291 2292 switch (answertype) { 2293 case RP_ENTITY_NAME_NAME: 2294 if (np->rn_name == NULL) 2295 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2296 actual = strlcpy(buf, np->rn_name, sz); 2297 break; 2298 case RP_ENTITY_NAME_PGTYPE: 2299 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 2300 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2301 actual = strlcpy(buf, np->rn_type, sz); 2302 break; 2303 case RP_ENTITY_NAME_PGFLAGS: 2304 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 2305 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2306 actual = snprintf(buf, sz, "%d", np->rn_pgflags); 2307 break; 2308 case RP_ENTITY_NAME_SNAPLEVEL_SCOPE: 2309 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 2310 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2311 actual = strlcpy(buf, np->rn_snaplevel->rsl_scope, sz); 2312 break; 2313 case RP_ENTITY_NAME_SNAPLEVEL_SERVICE: 2314 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 2315 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2316 actual = strlcpy(buf, np->rn_snaplevel->rsl_service, sz); 2317 break; 2318 case RP_ENTITY_NAME_SNAPLEVEL_INSTANCE: 2319 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 2320 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2321 if (np->rn_snaplevel->rsl_instance == NULL) 2322 return (REP_PROTOCOL_FAIL_NOT_FOUND); 2323 actual = strlcpy(buf, np->rn_snaplevel->rsl_instance, sz); 2324 break; 2325 case RP_ENTITY_NAME_PGREADPROT: 2326 { 2327 int ret; 2328 2329 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 2330 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2331 ret = rc_node_pg_check_read_protect(np); 2332 assert(ret != REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2333 switch (ret) { 2334 case REP_PROTOCOL_FAIL_PERMISSION_DENIED: 2335 actual = snprintf(buf, sz, "1"); 2336 break; 2337 case REP_PROTOCOL_SUCCESS: 2338 actual = snprintf(buf, sz, "0"); 2339 break; 2340 default: 2341 return (ret); 2342 } 2343 break; 2344 } 2345 default: 2346 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 2347 } 2348 if (actual >= sz) 2349 return (REP_PROTOCOL_FAIL_TRUNCATED); 2350 2351 *sz_out = actual; 2352 return (REP_PROTOCOL_SUCCESS); 2353 } 2354 2355 int 2356 rc_node_get_property_type(rc_node_ptr_t *npp, rep_protocol_value_type_t *out) 2357 { 2358 rc_node_t *np; 2359 2360 RC_NODE_PTR_GET_CHECK(np, npp); 2361 2362 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) 2363 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2364 2365 *out = np->rn_valtype; 2366 2367 return (REP_PROTOCOL_SUCCESS); 2368 } 2369 2370 /* 2371 * Get np's parent. If np is deleted, returns _DELETED. Otherwise puts a hold 2372 * on the parent, returns a pointer to it in *out, and returns _SUCCESS. 2373 */ 2374 static int 2375 rc_node_parent(rc_node_t *np, rc_node_t **out) 2376 { 2377 rc_node_t *pnp; 2378 rc_node_t *np_orig; 2379 2380 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2381 RC_NODE_CHECK_AND_LOCK(np); 2382 } else { 2383 np = np->rn_cchain[0]; 2384 RC_NODE_CHECK_AND_LOCK(np); 2385 } 2386 2387 np_orig = np; 2388 rc_node_hold_locked(np); /* simplifies the remainder */ 2389 2390 for (;;) { 2391 if (!rc_node_wait_flag(np, 2392 RC_NODE_IN_TX | RC_NODE_USING_PARENT)) { 2393 rc_node_rele_locked(np); 2394 return (REP_PROTOCOL_FAIL_DELETED); 2395 } 2396 2397 if (!(np->rn_flags & RC_NODE_OLD)) 2398 break; 2399 2400 rc_node_rele_locked(np); 2401 np = cache_lookup(&np_orig->rn_id); 2402 assert(np != np_orig); 2403 2404 if (np == NULL) 2405 goto deleted; 2406 (void) pthread_mutex_lock(&np->rn_lock); 2407 } 2408 2409 /* guaranteed to succeed without dropping the lock */ 2410 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 2411 (void) pthread_mutex_unlock(&np->rn_lock); 2412 *out = NULL; 2413 rc_node_rele(np); 2414 return (REP_PROTOCOL_FAIL_DELETED); 2415 } 2416 2417 assert(np->rn_parent != NULL); 2418 pnp = np->rn_parent; 2419 (void) pthread_mutex_unlock(&np->rn_lock); 2420 2421 (void) pthread_mutex_lock(&pnp->rn_lock); 2422 (void) pthread_mutex_lock(&np->rn_lock); 2423 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 2424 (void) pthread_mutex_unlock(&np->rn_lock); 2425 2426 rc_node_hold_locked(pnp); 2427 2428 (void) pthread_mutex_unlock(&pnp->rn_lock); 2429 2430 rc_node_rele(np); 2431 *out = pnp; 2432 return (REP_PROTOCOL_SUCCESS); 2433 2434 deleted: 2435 rc_node_rele(np); 2436 return (REP_PROTOCOL_FAIL_DELETED); 2437 } 2438 2439 /* 2440 * Fails with 2441 * _NOT_SET 2442 * _DELETED 2443 */ 2444 static int 2445 rc_node_ptr_parent(rc_node_ptr_t *npp, rc_node_t **out) 2446 { 2447 rc_node_t *np; 2448 2449 RC_NODE_PTR_GET_CHECK(np, npp); 2450 2451 return (rc_node_parent(np, out)); 2452 } 2453 2454 /* 2455 * Fails with 2456 * _NOT_SET - npp is not set 2457 * _DELETED - the node npp pointed at has been deleted 2458 * _TYPE_MISMATCH - npp's node's parent is not of type type 2459 * 2460 * If npp points to a scope, can also fail with 2461 * _NOT_FOUND - scope has no parent 2462 */ 2463 int 2464 rc_node_get_parent(rc_node_ptr_t *npp, uint32_t type, rc_node_ptr_t *out) 2465 { 2466 rc_node_t *pnp; 2467 int rc; 2468 2469 if (npp->rnp_node != NULL && 2470 npp->rnp_node->rn_id.rl_type == REP_PROTOCOL_ENTITY_SCOPE) 2471 return (rc_scope_parent_scope(npp, type, out)); 2472 2473 if ((rc = rc_node_ptr_parent(npp, &pnp)) != REP_PROTOCOL_SUCCESS) { 2474 rc_node_clear(out, 0); 2475 return (rc); 2476 } 2477 2478 if (type != pnp->rn_id.rl_type) { 2479 rc_node_rele(pnp); 2480 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 2481 } 2482 2483 rc_node_assign(out, pnp); 2484 rc_node_rele(pnp); 2485 2486 return (REP_PROTOCOL_SUCCESS); 2487 } 2488 2489 int 2490 rc_node_parent_type(rc_node_ptr_t *npp, uint32_t *type_out) 2491 { 2492 rc_node_t *pnp; 2493 int rc; 2494 2495 if (npp->rnp_node != NULL && 2496 npp->rnp_node->rn_id.rl_type == REP_PROTOCOL_ENTITY_SCOPE) { 2497 *type_out = REP_PROTOCOL_ENTITY_SCOPE; 2498 return (REP_PROTOCOL_SUCCESS); 2499 } 2500 2501 if ((rc = rc_node_ptr_parent(npp, &pnp)) != REP_PROTOCOL_SUCCESS) 2502 return (rc); 2503 2504 *type_out = pnp->rn_id.rl_type; 2505 2506 rc_node_rele(pnp); 2507 2508 return (REP_PROTOCOL_SUCCESS); 2509 } 2510 2511 /* 2512 * Fails with 2513 * _INVALID_TYPE - type is invalid 2514 * _TYPE_MISMATCH - np doesn't carry children of type type 2515 * _DELETED - np has been deleted 2516 * _NOT_FOUND - no child with that name/type combo found 2517 * _NO_RESOURCES 2518 * _BACKEND_ACCESS 2519 */ 2520 int 2521 rc_node_get_child(rc_node_ptr_t *npp, const char *name, uint32_t type, 2522 rc_node_ptr_t *outp) 2523 { 2524 rc_node_t *np, *cp; 2525 rc_node_t *child = NULL; 2526 int ret, idx; 2527 2528 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 2529 if ((ret = rc_check_type_name(type, name)) == REP_PROTOCOL_SUCCESS) { 2530 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2531 ret = rc_node_find_named_child(np, name, type, &child); 2532 } else { 2533 (void) pthread_mutex_unlock(&np->rn_lock); 2534 ret = REP_PROTOCOL_SUCCESS; 2535 for (idx = 0; idx < COMPOSITION_DEPTH; idx++) { 2536 cp = np->rn_cchain[idx]; 2537 if (cp == NULL) 2538 break; 2539 RC_NODE_CHECK_AND_LOCK(cp); 2540 ret = rc_node_find_named_child(cp, name, type, 2541 &child); 2542 (void) pthread_mutex_unlock(&cp->rn_lock); 2543 /* 2544 * loop only if we succeeded, but no child of 2545 * the correct name was found. 2546 */ 2547 if (ret != REP_PROTOCOL_SUCCESS || 2548 child != NULL) 2549 break; 2550 } 2551 (void) pthread_mutex_lock(&np->rn_lock); 2552 } 2553 } 2554 (void) pthread_mutex_unlock(&np->rn_lock); 2555 2556 if (ret == REP_PROTOCOL_SUCCESS) { 2557 rc_node_assign(outp, child); 2558 if (child != NULL) 2559 rc_node_rele(child); 2560 else 2561 ret = REP_PROTOCOL_FAIL_NOT_FOUND; 2562 } else { 2563 rc_node_assign(outp, NULL); 2564 } 2565 return (ret); 2566 } 2567 2568 int 2569 rc_node_update(rc_node_ptr_t *npp) 2570 { 2571 cache_bucket_t *bp; 2572 rc_node_t *np = npp->rnp_node; 2573 rc_node_t *nnp; 2574 rc_node_t *cpg = NULL; 2575 2576 if (np != NULL && 2577 np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2578 /* 2579 * If we're updating a composed property group, actually 2580 * update the top-level property group & return the 2581 * appropriate value. But leave *nnp pointing at us. 2582 */ 2583 cpg = np; 2584 np = np->rn_cchain[0]; 2585 } 2586 2587 RC_NODE_CHECK(np); 2588 2589 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP && 2590 np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) 2591 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 2592 2593 for (;;) { 2594 bp = cache_hold(np->rn_hash); 2595 nnp = cache_lookup_unlocked(bp, &np->rn_id); 2596 if (nnp == NULL) { 2597 cache_release(bp); 2598 rc_node_clear(npp, 1); 2599 return (REP_PROTOCOL_FAIL_DELETED); 2600 } 2601 /* 2602 * grab the lock before dropping the cache bucket, so 2603 * that no one else can sneak in 2604 */ 2605 (void) pthread_mutex_lock(&nnp->rn_lock); 2606 cache_release(bp); 2607 2608 if (!(nnp->rn_flags & RC_NODE_IN_TX) || 2609 !rc_node_wait_flag(nnp, RC_NODE_IN_TX)) 2610 break; 2611 2612 rc_node_rele_locked(nnp); 2613 } 2614 2615 /* 2616 * If it is dead, we want to update it so that it will continue to 2617 * report being dead. 2618 */ 2619 if (nnp->rn_flags & RC_NODE_DEAD) { 2620 (void) pthread_mutex_unlock(&nnp->rn_lock); 2621 if (nnp != np && cpg == NULL) 2622 rc_node_assign(npp, nnp); /* updated */ 2623 rc_node_rele(nnp); 2624 return (REP_PROTOCOL_FAIL_DELETED); 2625 } 2626 2627 assert(!(nnp->rn_flags & RC_NODE_OLD)); 2628 (void) pthread_mutex_unlock(&nnp->rn_lock); 2629 2630 if (nnp != np && cpg == NULL) 2631 rc_node_assign(npp, nnp); /* updated */ 2632 2633 rc_node_rele(nnp); 2634 2635 return ((nnp == np)? REP_PROTOCOL_SUCCESS : REP_PROTOCOL_DONE); 2636 } 2637 2638 /* 2639 * does a generic modification check, for creation, deletion, and snapshot 2640 * management only. Property group transactions have different checks. 2641 */ 2642 int 2643 rc_node_modify_permission_check(void) 2644 { 2645 int rc = REP_PROTOCOL_SUCCESS; 2646 permcheck_t *pcp; 2647 int granted; 2648 2649 if (!client_is_privileged()) { 2650 #ifdef NATIVE_BUILD 2651 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2652 #else 2653 pcp = pc_create(); 2654 if (pcp != NULL) { 2655 rc = perm_add_enabling(pcp, AUTH_MODIFY); 2656 2657 if (rc == REP_PROTOCOL_SUCCESS) { 2658 granted = perm_granted(pcp); 2659 2660 if (granted < 0) 2661 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2662 } 2663 2664 pc_free(pcp); 2665 } else { 2666 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2667 } 2668 2669 if (rc == REP_PROTOCOL_SUCCESS && !granted) 2670 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2671 #endif /* NATIVE_BUILD */ 2672 } 2673 return (rc); 2674 } 2675 2676 /* 2677 * Fails with 2678 * _DELETED - node has been deleted 2679 * _NOT_SET - npp is reset 2680 * _NOT_APPLICABLE - type is _PROPERTYGRP 2681 * _INVALID_TYPE - node is corrupt or type is invalid 2682 * _TYPE_MISMATCH - node cannot have children of type type 2683 * _BAD_REQUEST - name is invalid 2684 * cannot create children for this type of node 2685 * _NO_RESOURCES - out of memory, or could not allocate new id 2686 * _PERMISSION_DENIED 2687 * _BACKEND_ACCESS 2688 * _BACKEND_READONLY 2689 * _EXISTS - child already exists 2690 */ 2691 int 2692 rc_node_create_child(rc_node_ptr_t *npp, uint32_t type, const char *name, 2693 rc_node_ptr_t *cpp) 2694 { 2695 rc_node_t *np; 2696 rc_node_t *cp = NULL; 2697 int rc, perm_rc; 2698 2699 rc_node_clear(cpp, 0); 2700 2701 perm_rc = rc_node_modify_permission_check(); 2702 2703 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 2704 2705 /* 2706 * there is a separate interface for creating property groups 2707 */ 2708 if (type == REP_PROTOCOL_ENTITY_PROPERTYGRP) { 2709 (void) pthread_mutex_unlock(&np->rn_lock); 2710 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2711 } 2712 2713 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 2714 (void) pthread_mutex_unlock(&np->rn_lock); 2715 np = np->rn_cchain[0]; 2716 RC_NODE_CHECK_AND_LOCK(np); 2717 } 2718 2719 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 2720 REP_PROTOCOL_SUCCESS) { 2721 (void) pthread_mutex_unlock(&np->rn_lock); 2722 return (rc); 2723 } 2724 if ((rc = rc_check_type_name(type, name)) != REP_PROTOCOL_SUCCESS) { 2725 (void) pthread_mutex_unlock(&np->rn_lock); 2726 return (rc); 2727 } 2728 2729 if (perm_rc != REP_PROTOCOL_SUCCESS) { 2730 (void) pthread_mutex_unlock(&np->rn_lock); 2731 return (perm_rc); 2732 } 2733 2734 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); 2735 (void) pthread_mutex_unlock(&np->rn_lock); 2736 2737 rc = object_create(np, type, name, &cp); 2738 assert(rc != REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2739 2740 if (rc == REP_PROTOCOL_SUCCESS) { 2741 rc_node_assign(cpp, cp); 2742 rc_node_rele(cp); 2743 } 2744 2745 (void) pthread_mutex_lock(&np->rn_lock); 2746 rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); 2747 (void) pthread_mutex_unlock(&np->rn_lock); 2748 2749 return (rc); 2750 } 2751 2752 int 2753 rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, 2754 const char *pgtype, uint32_t flags, rc_node_ptr_t *cpp) 2755 { 2756 rc_node_t *np; 2757 rc_node_t *cp; 2758 int rc; 2759 permcheck_t *pcp; 2760 int granted; 2761 2762 rc_node_clear(cpp, 0); 2763 2764 /* verify flags is valid */ 2765 if (flags & ~SCF_PG_FLAG_NONPERSISTENT) 2766 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 2767 2768 RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp); 2769 2770 if (type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 2771 rc_node_rele(np); 2772 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 2773 } 2774 2775 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 2776 REP_PROTOCOL_SUCCESS) { 2777 rc_node_rele(np); 2778 return (rc); 2779 } 2780 if ((rc = rc_check_type_name(type, name)) != REP_PROTOCOL_SUCCESS || 2781 (rc = rc_check_pgtype_name(pgtype)) != REP_PROTOCOL_SUCCESS) { 2782 rc_node_rele(np); 2783 return (rc); 2784 } 2785 2786 if (!client_is_privileged()) { 2787 #ifdef NATIVE_BUILD 2788 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2789 #else 2790 /* Must have .smf.modify or smf.modify.<type> authorization */ 2791 pcp = pc_create(); 2792 if (pcp != NULL) { 2793 rc = perm_add_enabling(pcp, AUTH_MODIFY); 2794 2795 if (rc == REP_PROTOCOL_SUCCESS) { 2796 const char * const auth = 2797 perm_auth_for_pgtype(pgtype); 2798 2799 if (auth != NULL) 2800 rc = perm_add_enabling(pcp, auth); 2801 } 2802 2803 /* 2804 * .manage or $action_authorization can be used to 2805 * create the actions pg and the general_ovr pg. 2806 */ 2807 if (rc == REP_PROTOCOL_SUCCESS && 2808 (flags & SCF_PG_FLAG_NONPERSISTENT) != 0 && 2809 np->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE && 2810 ((strcmp(name, AUTH_PG_ACTIONS) == 0 && 2811 strcmp(pgtype, AUTH_PG_ACTIONS_TYPE) == 0) || 2812 (strcmp(name, AUTH_PG_GENERAL_OVR) == 0 && 2813 strcmp(pgtype, AUTH_PG_GENERAL_OVR_TYPE) == 0))) { 2814 rc = perm_add_enabling(pcp, AUTH_MANAGE); 2815 2816 if (rc == REP_PROTOCOL_SUCCESS) 2817 rc = perm_add_inst_action_auth(pcp, np); 2818 } 2819 2820 if (rc == REP_PROTOCOL_SUCCESS) { 2821 granted = perm_granted(pcp); 2822 2823 if (granted < 0) 2824 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2825 } 2826 2827 pc_free(pcp); 2828 } else { 2829 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 2830 } 2831 2832 if (rc == REP_PROTOCOL_SUCCESS && !granted) 2833 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 2834 #endif /* NATIVE_BUILD */ 2835 2836 if (rc != REP_PROTOCOL_SUCCESS) { 2837 rc_node_rele(np); 2838 return (rc); 2839 } 2840 } 2841 2842 (void) pthread_mutex_lock(&np->rn_lock); 2843 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); 2844 (void) pthread_mutex_unlock(&np->rn_lock); 2845 2846 rc = object_create_pg(np, type, name, pgtype, flags, &cp); 2847 2848 if (rc == REP_PROTOCOL_SUCCESS) { 2849 rc_node_assign(cpp, cp); 2850 rc_node_rele(cp); 2851 } 2852 2853 (void) pthread_mutex_lock(&np->rn_lock); 2854 rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); 2855 (void) pthread_mutex_unlock(&np->rn_lock); 2856 2857 return (rc); 2858 } 2859 2860 static void 2861 rc_pg_notify_fire(rc_node_pg_notify_t *pnp) 2862 { 2863 assert(MUTEX_HELD(&rc_pg_notify_lock)); 2864 2865 if (pnp->rnpn_pg != NULL) { 2866 uu_list_remove(pnp->rnpn_pg->rn_pg_notify_list, pnp); 2867 (void) close(pnp->rnpn_fd); 2868 2869 pnp->rnpn_pg = NULL; 2870 pnp->rnpn_fd = -1; 2871 } else { 2872 assert(pnp->rnpn_fd == -1); 2873 } 2874 } 2875 2876 static void 2877 rc_notify_node_delete(rc_notify_delete_t *ndp, rc_node_t *np_arg) 2878 { 2879 rc_node_t *svc = NULL; 2880 rc_node_t *inst = NULL; 2881 rc_node_t *pg = NULL; 2882 rc_node_t *np = np_arg; 2883 rc_node_t *nnp; 2884 2885 while (svc == NULL) { 2886 (void) pthread_mutex_lock(&np->rn_lock); 2887 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 2888 (void) pthread_mutex_unlock(&np->rn_lock); 2889 goto cleanup; 2890 } 2891 nnp = np->rn_parent; 2892 rc_node_hold_locked(np); /* hold it in place */ 2893 2894 switch (np->rn_id.rl_type) { 2895 case REP_PROTOCOL_ENTITY_PROPERTYGRP: 2896 assert(pg == NULL); 2897 pg = np; 2898 break; 2899 case REP_PROTOCOL_ENTITY_INSTANCE: 2900 assert(inst == NULL); 2901 inst = np; 2902 break; 2903 case REP_PROTOCOL_ENTITY_SERVICE: 2904 assert(svc == NULL); 2905 svc = np; 2906 break; 2907 default: 2908 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 2909 rc_node_rele_locked(np); 2910 goto cleanup; 2911 } 2912 2913 (void) pthread_mutex_unlock(&np->rn_lock); 2914 2915 np = nnp; 2916 if (np == NULL) 2917 goto cleanup; 2918 } 2919 2920 rc_notify_deletion(ndp, 2921 svc->rn_name, 2922 inst != NULL ? inst->rn_name : NULL, 2923 pg != NULL ? pg->rn_name : NULL); 2924 2925 ndp = NULL; 2926 2927 cleanup: 2928 if (ndp != NULL) 2929 uu_free(ndp); 2930 2931 for (;;) { 2932 if (svc != NULL) { 2933 np = svc; 2934 svc = NULL; 2935 } else if (inst != NULL) { 2936 np = inst; 2937 inst = NULL; 2938 } else if (pg != NULL) { 2939 np = pg; 2940 pg = NULL; 2941 } else 2942 break; 2943 2944 (void) pthread_mutex_lock(&np->rn_lock); 2945 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 2946 rc_node_rele_locked(np); 2947 } 2948 } 2949 2950 /* 2951 * N.B.: this function drops np->rn_lock on the way out. 2952 */ 2953 static void 2954 rc_node_delete_hold(rc_node_t *np, int andformer) 2955 { 2956 rc_node_t *cp; 2957 2958 again: 2959 assert(MUTEX_HELD(&np->rn_lock)); 2960 assert((np->rn_flags & RC_NODE_DYING_FLAGS) == RC_NODE_DYING_FLAGS); 2961 2962 for (cp = uu_list_first(np->rn_children); cp != NULL; 2963 cp = uu_list_next(np->rn_children, cp)) { 2964 (void) pthread_mutex_lock(&cp->rn_lock); 2965 (void) pthread_mutex_unlock(&np->rn_lock); 2966 if (!rc_node_hold_flag(cp, RC_NODE_DYING_FLAGS)) { 2967 /* 2968 * already marked as dead -- can't happen, since that 2969 * would require setting RC_NODE_CHILDREN_CHANGING 2970 * in np, and we're holding that... 2971 */ 2972 abort(); 2973 } 2974 rc_node_delete_hold(cp, andformer); /* recurse, drop lock */ 2975 2976 (void) pthread_mutex_lock(&np->rn_lock); 2977 } 2978 if (andformer && (cp = np->rn_former) != NULL) { 2979 (void) pthread_mutex_lock(&cp->rn_lock); 2980 (void) pthread_mutex_unlock(&np->rn_lock); 2981 if (!rc_node_hold_flag(cp, RC_NODE_DYING_FLAGS)) 2982 abort(); /* can't happen, see above */ 2983 np = cp; 2984 goto again; /* tail-recurse down rn_former */ 2985 } 2986 (void) pthread_mutex_unlock(&np->rn_lock); 2987 } 2988 2989 /* 2990 * N.B.: this function drops np->rn_lock on the way out. 2991 */ 2992 static void 2993 rc_node_delete_rele(rc_node_t *np, int andformer) 2994 { 2995 rc_node_t *cp; 2996 2997 again: 2998 assert(MUTEX_HELD(&np->rn_lock)); 2999 assert((np->rn_flags & RC_NODE_DYING_FLAGS) == RC_NODE_DYING_FLAGS); 3000 3001 for (cp = uu_list_first(np->rn_children); cp != NULL; 3002 cp = uu_list_next(np->rn_children, cp)) { 3003 (void) pthread_mutex_lock(&cp->rn_lock); 3004 (void) pthread_mutex_unlock(&np->rn_lock); 3005 rc_node_delete_rele(cp, andformer); /* recurse, drop lock */ 3006 (void) pthread_mutex_lock(&np->rn_lock); 3007 } 3008 if (andformer && (cp = np->rn_former) != NULL) { 3009 (void) pthread_mutex_lock(&cp->rn_lock); 3010 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3011 (void) pthread_mutex_unlock(&np->rn_lock); 3012 3013 np = cp; 3014 goto again; /* tail-recurse down rn_former */ 3015 } 3016 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3017 (void) pthread_mutex_unlock(&np->rn_lock); 3018 } 3019 3020 static void 3021 rc_node_finish_delete(rc_node_t *cp) 3022 { 3023 cache_bucket_t *bp; 3024 rc_node_pg_notify_t *pnp; 3025 3026 assert(MUTEX_HELD(&cp->rn_lock)); 3027 3028 if (!(cp->rn_flags & RC_NODE_OLD)) { 3029 assert(cp->rn_flags & RC_NODE_IN_PARENT); 3030 if (!rc_node_wait_flag(cp, RC_NODE_USING_PARENT)) { 3031 abort(); /* can't happen, see above */ 3032 } 3033 cp->rn_flags &= ~RC_NODE_IN_PARENT; 3034 cp->rn_parent = NULL; 3035 } 3036 3037 cp->rn_flags |= RC_NODE_DEAD; 3038 3039 /* 3040 * If this node is not out-dated, we need to remove it from 3041 * the notify list and cache hash table. 3042 */ 3043 if (!(cp->rn_flags & RC_NODE_OLD)) { 3044 assert(cp->rn_refs > 0); /* can't go away yet */ 3045 (void) pthread_mutex_unlock(&cp->rn_lock); 3046 3047 (void) pthread_mutex_lock(&rc_pg_notify_lock); 3048 while ((pnp = uu_list_first(cp->rn_pg_notify_list)) != NULL) 3049 rc_pg_notify_fire(pnp); 3050 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 3051 rc_notify_remove_node(cp); 3052 3053 bp = cache_hold(cp->rn_hash); 3054 (void) pthread_mutex_lock(&cp->rn_lock); 3055 cache_remove_unlocked(bp, cp); 3056 cache_release(bp); 3057 } 3058 } 3059 3060 /* 3061 * N.B.: this function drops np->rn_lock and a reference on the way out. 3062 */ 3063 static void 3064 rc_node_delete_children(rc_node_t *np, int andformer) 3065 { 3066 rc_node_t *cp; 3067 3068 again: 3069 assert(np->rn_refs > 0); 3070 assert(MUTEX_HELD(&np->rn_lock)); 3071 assert(np->rn_flags & RC_NODE_DEAD); 3072 3073 while ((cp = uu_list_first(np->rn_children)) != NULL) { 3074 uu_list_remove(np->rn_children, cp); 3075 (void) pthread_mutex_lock(&cp->rn_lock); 3076 (void) pthread_mutex_unlock(&np->rn_lock); 3077 rc_node_hold_locked(cp); /* hold while we recurse */ 3078 rc_node_finish_delete(cp); 3079 rc_node_delete_children(cp, andformer); /* drops lock + ref */ 3080 (void) pthread_mutex_lock(&np->rn_lock); 3081 } 3082 3083 /* 3084 * when we drop cp's lock, all the children will be gone, so we 3085 * can release DYING_FLAGS. 3086 */ 3087 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3088 if (andformer && (cp = np->rn_former) != NULL) { 3089 np->rn_former = NULL; /* unlink */ 3090 (void) pthread_mutex_lock(&cp->rn_lock); 3091 (void) pthread_mutex_unlock(&np->rn_lock); 3092 np->rn_flags &= ~RC_NODE_ON_FORMER; 3093 3094 rc_node_hold_locked(cp); /* hold while we loop */ 3095 3096 rc_node_finish_delete(cp); 3097 3098 rc_node_rele(np); /* drop the old reference */ 3099 3100 np = cp; 3101 goto again; /* tail-recurse down rn_former */ 3102 } 3103 rc_node_rele_locked(np); 3104 } 3105 3106 static void 3107 rc_node_unrefed(rc_node_t *np) 3108 { 3109 int unrefed; 3110 rc_node_t *pp, *cur; 3111 3112 assert(MUTEX_HELD(&np->rn_lock)); 3113 assert(np->rn_refs == 0); 3114 assert(np->rn_other_refs == 0); 3115 assert(np->rn_other_refs_held == 0); 3116 3117 if (np->rn_flags & RC_NODE_DEAD) { 3118 (void) pthread_mutex_unlock(&np->rn_lock); 3119 rc_node_destroy(np); 3120 return; 3121 } 3122 3123 assert(np->rn_flags & RC_NODE_OLD); 3124 if (np->rn_flags & RC_NODE_UNREFED) { 3125 (void) pthread_mutex_unlock(&np->rn_lock); 3126 return; 3127 } 3128 np->rn_flags |= RC_NODE_UNREFED; 3129 3130 (void) pthread_mutex_unlock(&np->rn_lock); 3131 3132 /* 3133 * find the current in-hash object, and grab it's RC_NODE_IN_TX 3134 * flag. That protects the entire rn_former chain. 3135 */ 3136 for (;;) { 3137 pp = cache_lookup(&np->rn_id); 3138 if (pp == NULL) { 3139 (void) pthread_mutex_lock(&np->rn_lock); 3140 if (np->rn_flags & RC_NODE_DEAD) 3141 goto died; 3142 /* 3143 * We are trying to unreference this node, but the 3144 * owner of the former list does not exist. It must 3145 * be the case that another thread is deleting this 3146 * entire sub-branch, but has not yet reached us. 3147 * We will in short order be deleted. 3148 */ 3149 np->rn_flags &= ~RC_NODE_UNREFED; 3150 (void) pthread_mutex_unlock(&np->rn_lock); 3151 return; 3152 } 3153 if (pp == np) { 3154 /* 3155 * no longer unreferenced 3156 */ 3157 (void) pthread_mutex_lock(&np->rn_lock); 3158 np->rn_flags &= ~RC_NODE_UNREFED; 3159 rc_node_rele_locked(np); 3160 return; 3161 } 3162 (void) pthread_mutex_lock(&pp->rn_lock); 3163 if ((pp->rn_flags & RC_NODE_OLD) || 3164 !rc_node_hold_flag(pp, RC_NODE_IN_TX)) { 3165 rc_node_rele_locked(pp); 3166 continue; 3167 } 3168 if (!(pp->rn_flags & RC_NODE_OLD)) { 3169 (void) pthread_mutex_unlock(&pp->rn_lock); 3170 break; 3171 } 3172 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3173 rc_node_rele_locked(pp); 3174 } 3175 3176 (void) pthread_mutex_lock(&np->rn_lock); 3177 if (!(np->rn_flags & (RC_NODE_OLD | RC_NODE_DEAD)) || 3178 np->rn_refs != 0 || np->rn_other_refs != 0 || 3179 np->rn_other_refs_held != 0) { 3180 np->rn_flags &= ~RC_NODE_UNREFED; 3181 (void) pthread_mutex_lock(&pp->rn_lock); 3182 3183 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3184 rc_node_rele_locked(pp); 3185 return; 3186 } 3187 3188 if (!rc_node_hold_flag(np, RC_NODE_DYING_FLAGS)) { 3189 (void) pthread_mutex_unlock(&np->rn_lock); 3190 3191 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3192 rc_node_rele_locked(pp); 3193 3194 (void) pthread_mutex_lock(&np->rn_lock); 3195 goto died; 3196 } 3197 3198 rc_node_delete_hold(np, 0); 3199 3200 (void) pthread_mutex_lock(&np->rn_lock); 3201 if (!(np->rn_flags & RC_NODE_OLD) || 3202 np->rn_refs != 0 || np->rn_other_refs != 0 || 3203 np->rn_other_refs_held != 0) { 3204 np->rn_flags &= ~RC_NODE_UNREFED; 3205 rc_node_delete_rele(np, 0); 3206 3207 (void) pthread_mutex_lock(&pp->rn_lock); 3208 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3209 rc_node_rele_locked(pp); 3210 return; 3211 } 3212 3213 np->rn_flags |= RC_NODE_DEAD; 3214 rc_node_hold_locked(np); 3215 rc_node_delete_children(np, 0); 3216 3217 /* 3218 * It's gone -- remove it from the former chain and destroy it. 3219 */ 3220 (void) pthread_mutex_lock(&pp->rn_lock); 3221 for (cur = pp; cur != NULL && cur->rn_former != np; 3222 cur = cur->rn_former) 3223 ; 3224 assert(cur != NULL && cur != np); 3225 3226 cur->rn_former = np->rn_former; 3227 np->rn_former = NULL; 3228 3229 rc_node_rele_flag(pp, RC_NODE_IN_TX); 3230 rc_node_rele_locked(pp); 3231 3232 (void) pthread_mutex_lock(&np->rn_lock); 3233 assert(np->rn_flags & RC_NODE_ON_FORMER); 3234 np->rn_flags &= ~(RC_NODE_UNREFED | RC_NODE_ON_FORMER); 3235 (void) pthread_mutex_unlock(&np->rn_lock); 3236 rc_node_destroy(np); 3237 return; 3238 3239 died: 3240 np->rn_flags &= ~RC_NODE_UNREFED; 3241 unrefed = (np->rn_refs == 0 && np->rn_other_refs == 0 && 3242 np->rn_other_refs_held == 0); 3243 (void) pthread_mutex_unlock(&np->rn_lock); 3244 if (unrefed) 3245 rc_node_destroy(np); 3246 } 3247 3248 /* 3249 * Fails with 3250 * _NOT_SET 3251 * _DELETED 3252 * _BAD_REQUEST 3253 * _PERMISSION_DENIED 3254 * _NO_RESOURCES 3255 * and whatever object_delete() fails with. 3256 */ 3257 int 3258 rc_node_delete(rc_node_ptr_t *npp) 3259 { 3260 rc_node_t *np, *np_orig; 3261 rc_node_t *pp = NULL; 3262 int rc; 3263 rc_node_pg_notify_t *pnp; 3264 cache_bucket_t *bp; 3265 rc_notify_delete_t *ndp; 3266 permcheck_t *pcp; 3267 int granted; 3268 3269 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3270 3271 switch (np->rn_id.rl_type) { 3272 case REP_PROTOCOL_ENTITY_SERVICE: 3273 case REP_PROTOCOL_ENTITY_INSTANCE: 3274 case REP_PROTOCOL_ENTITY_SNAPSHOT: 3275 break; /* deletable */ 3276 3277 case REP_PROTOCOL_ENTITY_SCOPE: 3278 case REP_PROTOCOL_ENTITY_SNAPLEVEL: 3279 /* Scopes and snaplevels are indelible. */ 3280 (void) pthread_mutex_unlock(&np->rn_lock); 3281 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3282 3283 case REP_PROTOCOL_ENTITY_CPROPERTYGRP: 3284 (void) pthread_mutex_unlock(&np->rn_lock); 3285 np = np->rn_cchain[0]; 3286 RC_NODE_CHECK_AND_LOCK(np); 3287 break; 3288 3289 case REP_PROTOCOL_ENTITY_PROPERTYGRP: 3290 if (np->rn_id.rl_ids[ID_SNAPSHOT] == 0) 3291 break; 3292 3293 /* Snapshot property groups are indelible. */ 3294 (void) pthread_mutex_unlock(&np->rn_lock); 3295 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 3296 3297 case REP_PROTOCOL_ENTITY_PROPERTY: 3298 (void) pthread_mutex_unlock(&np->rn_lock); 3299 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3300 3301 default: 3302 assert(0); 3303 abort(); 3304 break; 3305 } 3306 3307 np_orig = np; 3308 rc_node_hold_locked(np); /* simplifies rest of the code */ 3309 3310 again: 3311 /* 3312 * The following loop is to deal with the fact that snapshots and 3313 * property groups are moving targets -- changes to them result 3314 * in a new "child" node. Since we can only delete from the top node, 3315 * we have to loop until we have a non-RC_NODE_OLD version. 3316 */ 3317 for (;;) { 3318 if (!rc_node_wait_flag(np, 3319 RC_NODE_IN_TX | RC_NODE_USING_PARENT)) { 3320 rc_node_rele_locked(np); 3321 return (REP_PROTOCOL_FAIL_DELETED); 3322 } 3323 3324 if (np->rn_flags & RC_NODE_OLD) { 3325 rc_node_rele_locked(np); 3326 np = cache_lookup(&np_orig->rn_id); 3327 assert(np != np_orig); 3328 3329 if (np == NULL) { 3330 rc = REP_PROTOCOL_FAIL_DELETED; 3331 goto fail; 3332 } 3333 (void) pthread_mutex_lock(&np->rn_lock); 3334 continue; 3335 } 3336 3337 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 3338 rc_node_rele_locked(np); 3339 rc_node_clear(npp, 1); 3340 return (REP_PROTOCOL_FAIL_DELETED); 3341 } 3342 3343 /* 3344 * Mark our parent as children changing. this call drops our 3345 * lock and the RC_NODE_USING_PARENT flag, and returns with 3346 * pp's lock held 3347 */ 3348 pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); 3349 if (pp == NULL) { 3350 /* our parent is gone, we're going next... */ 3351 rc_node_rele(np); 3352 3353 rc_node_clear(npp, 1); 3354 return (REP_PROTOCOL_FAIL_DELETED); 3355 } 3356 3357 rc_node_hold_locked(pp); /* hold for later */ 3358 (void) pthread_mutex_unlock(&pp->rn_lock); 3359 3360 (void) pthread_mutex_lock(&np->rn_lock); 3361 if (!(np->rn_flags & RC_NODE_OLD)) 3362 break; /* not old -- we're done */ 3363 3364 (void) pthread_mutex_unlock(&np->rn_lock); 3365 (void) pthread_mutex_lock(&pp->rn_lock); 3366 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3367 rc_node_rele_locked(pp); 3368 (void) pthread_mutex_lock(&np->rn_lock); 3369 continue; /* loop around and try again */ 3370 } 3371 /* 3372 * Everyone out of the pool -- we grab everything but 3373 * RC_NODE_USING_PARENT (including RC_NODE_DYING) to keep 3374 * any changes from occurring while we are attempting to 3375 * delete the node. 3376 */ 3377 if (!rc_node_hold_flag(np, RC_NODE_DYING_FLAGS)) { 3378 (void) pthread_mutex_unlock(&np->rn_lock); 3379 rc = REP_PROTOCOL_FAIL_DELETED; 3380 goto fail; 3381 } 3382 3383 assert(!(np->rn_flags & RC_NODE_OLD)); 3384 3385 if (!client_is_privileged()) { 3386 /* permission check */ 3387 (void) pthread_mutex_unlock(&np->rn_lock); 3388 3389 #ifdef NATIVE_BUILD 3390 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 3391 #else 3392 pcp = pc_create(); 3393 if (pcp != NULL) { 3394 rc = perm_add_enabling(pcp, AUTH_MODIFY); 3395 3396 /* add .smf.modify.<type> for pgs. */ 3397 if (rc == REP_PROTOCOL_SUCCESS && np->rn_id.rl_type == 3398 REP_PROTOCOL_ENTITY_PROPERTYGRP) { 3399 const char * const auth = 3400 perm_auth_for_pgtype(np->rn_type); 3401 3402 if (auth != NULL) 3403 rc = perm_add_enabling(pcp, auth); 3404 } 3405 3406 if (rc == REP_PROTOCOL_SUCCESS) { 3407 granted = perm_granted(pcp); 3408 3409 if (granted < 0) 3410 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3411 } 3412 3413 pc_free(pcp); 3414 } else { 3415 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3416 } 3417 3418 if (rc == REP_PROTOCOL_SUCCESS && !granted) 3419 rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 3420 #endif /* NATIVE_BUILD */ 3421 3422 if (rc != REP_PROTOCOL_SUCCESS) { 3423 (void) pthread_mutex_lock(&np->rn_lock); 3424 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3425 (void) pthread_mutex_unlock(&np->rn_lock); 3426 goto fail; 3427 } 3428 3429 (void) pthread_mutex_lock(&np->rn_lock); 3430 } 3431 3432 ndp = uu_zalloc(sizeof (*ndp)); 3433 if (ndp == NULL) { 3434 rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); 3435 (void) pthread_mutex_unlock(&np->rn_lock); 3436 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3437 goto fail; 3438 } 3439 3440 rc_node_delete_hold(np, 1); /* hold entire subgraph, drop lock */ 3441 3442 rc = object_delete(np); 3443 3444 if (rc != REP_PROTOCOL_SUCCESS) { 3445 (void) pthread_mutex_lock(&np->rn_lock); 3446 rc_node_delete_rele(np, 1); /* drops lock */ 3447 uu_free(ndp); 3448 goto fail; 3449 } 3450 3451 /* 3452 * Now, delicately unlink and delete the object. 3453 * 3454 * Create the delete notification, atomically remove 3455 * from the hash table and set the NODE_DEAD flag, and 3456 * remove from the parent's children list. 3457 */ 3458 rc_notify_node_delete(ndp, np); /* frees or uses ndp */ 3459 3460 bp = cache_hold(np->rn_hash); 3461 3462 (void) pthread_mutex_lock(&np->rn_lock); 3463 cache_remove_unlocked(bp, np); 3464 cache_release(bp); 3465 3466 np->rn_flags |= RC_NODE_DEAD; 3467 if (pp != NULL) { 3468 (void) pthread_mutex_unlock(&np->rn_lock); 3469 3470 (void) pthread_mutex_lock(&pp->rn_lock); 3471 (void) pthread_mutex_lock(&np->rn_lock); 3472 uu_list_remove(pp->rn_children, np); 3473 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3474 (void) pthread_mutex_unlock(&pp->rn_lock); 3475 np->rn_flags &= ~RC_NODE_IN_PARENT; 3476 } 3477 /* 3478 * finally, propagate death to our children, handle notifications, 3479 * and release our hold. 3480 */ 3481 rc_node_hold_locked(np); /* hold for delete */ 3482 rc_node_delete_children(np, 1); /* drops DYING_FLAGS, lock, ref */ 3483 3484 rc_node_clear(npp, 1); 3485 3486 (void) pthread_mutex_lock(&rc_pg_notify_lock); 3487 while ((pnp = uu_list_first(np->rn_pg_notify_list)) != NULL) 3488 rc_pg_notify_fire(pnp); 3489 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 3490 rc_notify_remove_node(np); 3491 3492 rc_node_rele(np); 3493 3494 return (rc); 3495 3496 fail: 3497 rc_node_rele(np); 3498 if (rc == REP_PROTOCOL_FAIL_DELETED) 3499 rc_node_clear(npp, 1); 3500 if (pp != NULL) { 3501 (void) pthread_mutex_lock(&pp->rn_lock); 3502 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3503 rc_node_rele_locked(pp); /* drop ref and lock */ 3504 } 3505 return (rc); 3506 } 3507 3508 int 3509 rc_node_next_snaplevel(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) 3510 { 3511 rc_node_t *np; 3512 rc_node_t *cp, *pp; 3513 int res; 3514 3515 rc_node_clear(cpp, 0); 3516 3517 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3518 3519 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT && 3520 np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) { 3521 (void) pthread_mutex_unlock(&np->rn_lock); 3522 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 3523 } 3524 3525 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_SNAPSHOT) { 3526 if ((res = rc_node_fill_children(np, 3527 REP_PROTOCOL_ENTITY_SNAPLEVEL)) != REP_PROTOCOL_SUCCESS) { 3528 (void) pthread_mutex_unlock(&np->rn_lock); 3529 return (res); 3530 } 3531 3532 for (cp = uu_list_first(np->rn_children); 3533 cp != NULL; 3534 cp = uu_list_next(np->rn_children, cp)) { 3535 if (cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 3536 continue; 3537 rc_node_hold(cp); 3538 break; 3539 } 3540 3541 (void) pthread_mutex_unlock(&np->rn_lock); 3542 } else { 3543 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_USING_PARENT); 3544 /* 3545 * mark our parent as children changing. This call drops our 3546 * lock and the RC_NODE_USING_PARENT flag, and returns with 3547 * pp's lock held 3548 */ 3549 pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); 3550 if (pp == NULL) { 3551 /* our parent is gone, we're going next... */ 3552 3553 rc_node_clear(npp, 1); 3554 return (REP_PROTOCOL_FAIL_DELETED); 3555 } 3556 3557 /* 3558 * find the next snaplevel 3559 */ 3560 cp = np; 3561 while ((cp = uu_list_next(pp->rn_children, cp)) != NULL && 3562 cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPLEVEL) 3563 ; 3564 3565 /* it must match the snaplevel list */ 3566 assert((cp == NULL && np->rn_snaplevel->rsl_next == NULL) || 3567 (cp != NULL && np->rn_snaplevel->rsl_next == 3568 cp->rn_snaplevel)); 3569 3570 if (cp != NULL) 3571 rc_node_hold(cp); 3572 3573 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3574 3575 (void) pthread_mutex_unlock(&pp->rn_lock); 3576 } 3577 3578 rc_node_assign(cpp, cp); 3579 if (cp != NULL) { 3580 rc_node_rele(cp); 3581 3582 return (REP_PROTOCOL_SUCCESS); 3583 } 3584 return (REP_PROTOCOL_FAIL_NOT_FOUND); 3585 } 3586 3587 /* 3588 * This call takes a snapshot (np) and either: 3589 * an existing snapid (to be associated with np), or 3590 * a non-NULL parentp (from which a new snapshot is taken, and associated 3591 * with np) 3592 * 3593 * To do the association, np is duplicated, the duplicate is made to 3594 * represent the new snapid, and np is replaced with the new rc_node_t on 3595 * np's parent's child list. np is placed on the new node's rn_former list, 3596 * and replaces np in cache_hash (so rc_node_update() will find the new one). 3597 */ 3598 static int 3599 rc_attach_snapshot(rc_node_t *np, uint32_t snapid, rc_node_t *parentp) 3600 { 3601 rc_node_t *np_orig; 3602 rc_node_t *nnp, *prev; 3603 rc_node_t *pp; 3604 int rc; 3605 3606 if (parentp != NULL) 3607 assert(snapid == 0); 3608 3609 assert(MUTEX_HELD(&np->rn_lock)); 3610 3611 np_orig = np; 3612 rc_node_hold_locked(np); /* simplifies the remainder */ 3613 3614 (void) pthread_mutex_unlock(&np->rn_lock); 3615 if ((rc = rc_node_modify_permission_check()) != REP_PROTOCOL_SUCCESS) 3616 return (rc); 3617 (void) pthread_mutex_lock(&np->rn_lock); 3618 3619 /* 3620 * get the latest node, holding RC_NODE_IN_TX to keep the rn_former 3621 * list from changing. 3622 */ 3623 for (;;) { 3624 if (!(np->rn_flags & RC_NODE_OLD)) { 3625 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 3626 goto again; 3627 } 3628 pp = rc_node_hold_parent_flag(np, 3629 RC_NODE_CHILDREN_CHANGING); 3630 3631 (void) pthread_mutex_lock(&np->rn_lock); 3632 if (pp == NULL) { 3633 goto again; 3634 } 3635 if (np->rn_flags & RC_NODE_OLD) { 3636 rc_node_rele_flag(pp, 3637 RC_NODE_CHILDREN_CHANGING); 3638 (void) pthread_mutex_unlock(&pp->rn_lock); 3639 goto again; 3640 } 3641 (void) pthread_mutex_unlock(&pp->rn_lock); 3642 3643 if (!rc_node_hold_flag(np, RC_NODE_IN_TX)) { 3644 /* 3645 * Can't happen, since we're holding our 3646 * parent's CHILDREN_CHANGING flag... 3647 */ 3648 abort(); 3649 } 3650 break; /* everything's ready */ 3651 } 3652 again: 3653 rc_node_rele_locked(np); 3654 np = cache_lookup(&np_orig->rn_id); 3655 3656 if (np == NULL) 3657 return (REP_PROTOCOL_FAIL_DELETED); 3658 3659 (void) pthread_mutex_lock(&np->rn_lock); 3660 } 3661 3662 if (parentp != NULL) { 3663 if (pp != parentp) { 3664 rc = REP_PROTOCOL_FAIL_BAD_REQUEST; 3665 goto fail; 3666 } 3667 nnp = NULL; 3668 } else { 3669 /* 3670 * look for a former node with the snapid we need. 3671 */ 3672 if (np->rn_snapshot_id == snapid) { 3673 rc_node_rele_flag(np, RC_NODE_IN_TX); 3674 rc_node_rele_locked(np); 3675 3676 (void) pthread_mutex_lock(&pp->rn_lock); 3677 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3678 (void) pthread_mutex_unlock(&pp->rn_lock); 3679 return (REP_PROTOCOL_SUCCESS); /* nothing to do */ 3680 } 3681 3682 prev = np; 3683 while ((nnp = prev->rn_former) != NULL) { 3684 if (nnp->rn_snapshot_id == snapid) { 3685 rc_node_hold(nnp); 3686 break; /* existing node with that id */ 3687 } 3688 prev = nnp; 3689 } 3690 } 3691 3692 if (nnp == NULL) { 3693 prev = NULL; 3694 nnp = rc_node_alloc(); 3695 if (nnp == NULL) { 3696 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3697 goto fail; 3698 } 3699 3700 nnp->rn_id = np->rn_id; /* structure assignment */ 3701 nnp->rn_hash = np->rn_hash; 3702 nnp->rn_name = strdup(np->rn_name); 3703 nnp->rn_snapshot_id = snapid; 3704 nnp->rn_flags = RC_NODE_IN_TX | RC_NODE_USING_PARENT; 3705 3706 if (nnp->rn_name == NULL) { 3707 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 3708 goto fail; 3709 } 3710 } 3711 3712 (void) pthread_mutex_unlock(&np->rn_lock); 3713 3714 rc = object_snapshot_attach(&np->rn_id, &snapid, (parentp != NULL)); 3715 3716 if (parentp != NULL) 3717 nnp->rn_snapshot_id = snapid; /* fill in new snapid */ 3718 else 3719 assert(nnp->rn_snapshot_id == snapid); 3720 3721 (void) pthread_mutex_lock(&np->rn_lock); 3722 if (rc != REP_PROTOCOL_SUCCESS) 3723 goto fail; 3724 3725 /* 3726 * fix up the former chain 3727 */ 3728 if (prev != NULL) { 3729 prev->rn_former = nnp->rn_former; 3730 (void) pthread_mutex_lock(&nnp->rn_lock); 3731 nnp->rn_flags &= ~RC_NODE_ON_FORMER; 3732 nnp->rn_former = NULL; 3733 (void) pthread_mutex_unlock(&nnp->rn_lock); 3734 } 3735 np->rn_flags |= RC_NODE_OLD; 3736 (void) pthread_mutex_unlock(&np->rn_lock); 3737 3738 /* 3739 * replace np with nnp 3740 */ 3741 rc_node_relink_child(pp, np, nnp); 3742 3743 rc_node_rele(np); 3744 3745 return (REP_PROTOCOL_SUCCESS); 3746 3747 fail: 3748 rc_node_rele_flag(np, RC_NODE_IN_TX); 3749 rc_node_rele_locked(np); 3750 (void) pthread_mutex_lock(&pp->rn_lock); 3751 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 3752 (void) pthread_mutex_unlock(&pp->rn_lock); 3753 3754 if (nnp != NULL) { 3755 if (prev == NULL) 3756 rc_node_destroy(nnp); 3757 else 3758 rc_node_rele(nnp); 3759 } 3760 3761 return (rc); 3762 } 3763 3764 int 3765 rc_snapshot_take_new(rc_node_ptr_t *npp, const char *svcname, 3766 const char *instname, const char *name, rc_node_ptr_t *outpp) 3767 { 3768 rc_node_t *np; 3769 rc_node_t *outp = NULL; 3770 int rc, perm_rc; 3771 3772 rc_node_clear(outpp, 0); 3773 3774 perm_rc = rc_node_modify_permission_check(); 3775 3776 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3777 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE) { 3778 (void) pthread_mutex_unlock(&np->rn_lock); 3779 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 3780 } 3781 3782 rc = rc_check_type_name(REP_PROTOCOL_ENTITY_SNAPSHOT, name); 3783 if (rc != REP_PROTOCOL_SUCCESS) { 3784 (void) pthread_mutex_unlock(&np->rn_lock); 3785 return (rc); 3786 } 3787 3788 if (svcname != NULL && (rc = 3789 rc_check_type_name(REP_PROTOCOL_ENTITY_SERVICE, svcname)) != 3790 REP_PROTOCOL_SUCCESS) { 3791 (void) pthread_mutex_unlock(&np->rn_lock); 3792 return (rc); 3793 } 3794 3795 if (instname != NULL && (rc = 3796 rc_check_type_name(REP_PROTOCOL_ENTITY_INSTANCE, instname)) != 3797 REP_PROTOCOL_SUCCESS) { 3798 (void) pthread_mutex_unlock(&np->rn_lock); 3799 return (rc); 3800 } 3801 3802 if (perm_rc != REP_PROTOCOL_SUCCESS) { 3803 (void) pthread_mutex_unlock(&np->rn_lock); 3804 return (perm_rc); 3805 } 3806 3807 HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); 3808 (void) pthread_mutex_unlock(&np->rn_lock); 3809 3810 rc = object_snapshot_take_new(np, svcname, instname, name, &outp); 3811 3812 if (rc == REP_PROTOCOL_SUCCESS) { 3813 rc_node_assign(outpp, outp); 3814 rc_node_rele(outp); 3815 } 3816 3817 (void) pthread_mutex_lock(&np->rn_lock); 3818 rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); 3819 (void) pthread_mutex_unlock(&np->rn_lock); 3820 3821 return (rc); 3822 } 3823 3824 int 3825 rc_snapshot_take_attach(rc_node_ptr_t *npp, rc_node_ptr_t *outpp) 3826 { 3827 rc_node_t *np, *outp; 3828 3829 RC_NODE_PTR_GET_CHECK(np, npp); 3830 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE) { 3831 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 3832 } 3833 3834 RC_NODE_PTR_GET_CHECK_AND_LOCK(outp, outpp); 3835 if (outp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { 3836 (void) pthread_mutex_unlock(&outp->rn_lock); 3837 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3838 } 3839 3840 return (rc_attach_snapshot(outp, 0, np)); /* drops outp's lock */ 3841 } 3842 3843 int 3844 rc_snapshot_attach(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) 3845 { 3846 rc_node_t *np; 3847 rc_node_t *cp; 3848 uint32_t snapid; 3849 3850 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 3851 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { 3852 (void) pthread_mutex_unlock(&np->rn_lock); 3853 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3854 } 3855 snapid = np->rn_snapshot_id; 3856 (void) pthread_mutex_unlock(&np->rn_lock); 3857 3858 RC_NODE_PTR_GET_CHECK_AND_LOCK(cp, cpp); 3859 if (cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { 3860 (void) pthread_mutex_unlock(&cp->rn_lock); 3861 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 3862 } 3863 3864 return (rc_attach_snapshot(cp, snapid, NULL)); /* drops cp's lock */ 3865 } 3866 3867 /* 3868 * If the pgname property group under ent has type pgtype, and it has a 3869 * propname property with type ptype, return _SUCCESS. If pgtype is NULL, 3870 * it is not checked. If ent is not a service node, we will return _SUCCESS if 3871 * a property meeting the requirements exists in either the instance or its 3872 * parent. 3873 * 3874 * Returns 3875 * _SUCCESS - see above 3876 * _DELETED - ent or one of its ancestors was deleted 3877 * _NO_RESOURCES - no resources 3878 * _NOT_FOUND - no matching property was found 3879 */ 3880 static int 3881 rc_svc_prop_exists(rc_node_t *ent, const char *pgname, const char *pgtype, 3882 const char *propname, rep_protocol_value_type_t ptype) 3883 { 3884 int ret; 3885 rc_node_t *pg = NULL, *spg = NULL, *svc, *prop; 3886 3887 assert(!MUTEX_HELD(&ent->rn_lock)); 3888 3889 (void) pthread_mutex_lock(&ent->rn_lock); 3890 ret = rc_node_find_named_child(ent, pgname, 3891 REP_PROTOCOL_ENTITY_PROPERTYGRP, &pg); 3892 (void) pthread_mutex_unlock(&ent->rn_lock); 3893 3894 switch (ret) { 3895 case REP_PROTOCOL_SUCCESS: 3896 break; 3897 3898 case REP_PROTOCOL_FAIL_DELETED: 3899 case REP_PROTOCOL_FAIL_NO_RESOURCES: 3900 return (ret); 3901 3902 default: 3903 bad_error("rc_node_find_named_child", ret); 3904 } 3905 3906 if (ent->rn_id.rl_type != REP_PROTOCOL_ENTITY_SERVICE) { 3907 ret = rc_node_find_ancestor(ent, REP_PROTOCOL_ENTITY_SERVICE, 3908 &svc); 3909 if (ret != REP_PROTOCOL_SUCCESS) { 3910 assert(ret == REP_PROTOCOL_FAIL_DELETED); 3911 if (pg != NULL) 3912 rc_node_rele(pg); 3913 return (ret); 3914 } 3915 assert(svc->rn_id.rl_type == REP_PROTOCOL_ENTITY_SERVICE); 3916 3917 (void) pthread_mutex_lock(&svc->rn_lock); 3918 ret = rc_node_find_named_child(svc, pgname, 3919 REP_PROTOCOL_ENTITY_PROPERTYGRP, &spg); 3920 (void) pthread_mutex_unlock(&svc->rn_lock); 3921 3922 rc_node_rele(svc); 3923 3924 switch (ret) { 3925 case REP_PROTOCOL_SUCCESS: 3926 break; 3927 3928 case REP_PROTOCOL_FAIL_DELETED: 3929 case REP_PROTOCOL_FAIL_NO_RESOURCES: 3930 if (pg != NULL) 3931 rc_node_rele(pg); 3932 return (ret); 3933 3934 default: 3935 bad_error("rc_node_find_named_child", ret); 3936 } 3937 } 3938 3939 if (pg != NULL && 3940 pgtype != NULL && strcmp(pg->rn_type, pgtype) != 0) { 3941 rc_node_rele(pg); 3942 pg = NULL; 3943 } 3944 3945 if (spg != NULL && 3946 pgtype != NULL && strcmp(spg->rn_type, pgtype) != 0) { 3947 rc_node_rele(spg); 3948 spg = NULL; 3949 } 3950 3951 if (pg == NULL) { 3952 if (spg == NULL) 3953 return (REP_PROTOCOL_FAIL_NOT_FOUND); 3954 pg = spg; 3955 spg = NULL; 3956 } 3957 3958 /* 3959 * At this point, pg is non-NULL, and is a property group node of the 3960 * correct type. spg, if non-NULL, is also a property group node of 3961 * the correct type. Check for the property in pg first, then spg 3962 * (if applicable). 3963 */ 3964 (void) pthread_mutex_lock(&pg->rn_lock); 3965 ret = rc_node_find_named_child(pg, propname, 3966 REP_PROTOCOL_ENTITY_PROPERTY, &prop); 3967 (void) pthread_mutex_unlock(&pg->rn_lock); 3968 rc_node_rele(pg); 3969 switch (ret) { 3970 case REP_PROTOCOL_SUCCESS: 3971 if (prop != NULL) { 3972 if (prop->rn_valtype == ptype) { 3973 rc_node_rele(prop); 3974 if (spg != NULL) 3975 rc_node_rele(spg); 3976 return (REP_PROTOCOL_SUCCESS); 3977 } 3978 rc_node_rele(prop); 3979 } 3980 break; 3981 3982 case REP_PROTOCOL_FAIL_NO_RESOURCES: 3983 if (spg != NULL) 3984 rc_node_rele(spg); 3985 return (ret); 3986 3987 case REP_PROTOCOL_FAIL_DELETED: 3988 break; 3989 3990 default: 3991 bad_error("rc_node_find_named_child", ret); 3992 } 3993 3994 if (spg == NULL) 3995 return (REP_PROTOCOL_FAIL_NOT_FOUND); 3996 3997 pg = spg; 3998 3999 (void) pthread_mutex_lock(&pg->rn_lock); 4000 ret = rc_node_find_named_child(pg, propname, 4001 REP_PROTOCOL_ENTITY_PROPERTY, &prop); 4002 (void) pthread_mutex_unlock(&pg->rn_lock); 4003 rc_node_rele(pg); 4004 switch (ret) { 4005 case REP_PROTOCOL_SUCCESS: 4006 if (prop != NULL) { 4007 if (prop->rn_valtype == ptype) { 4008 rc_node_rele(prop); 4009 return (REP_PROTOCOL_SUCCESS); 4010 } 4011 rc_node_rele(prop); 4012 } 4013 return (REP_PROTOCOL_FAIL_NOT_FOUND); 4014 4015 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4016 return (ret); 4017 4018 case REP_PROTOCOL_FAIL_DELETED: 4019 return (REP_PROTOCOL_FAIL_NOT_FOUND); 4020 4021 default: 4022 bad_error("rc_node_find_named_child", ret); 4023 } 4024 4025 return (REP_PROTOCOL_SUCCESS); 4026 } 4027 4028 /* 4029 * Given a property group node, returns _SUCCESS if the property group may 4030 * be read without any special authorization. 4031 * 4032 * Fails with: 4033 * _DELETED - np or an ancestor node was deleted 4034 * _TYPE_MISMATCH - np does not refer to a property group 4035 * _NO_RESOURCES - no resources 4036 * _PERMISSION_DENIED - authorization is required 4037 */ 4038 static int 4039 rc_node_pg_check_read_protect(rc_node_t *np) 4040 { 4041 int ret; 4042 rc_node_t *ent; 4043 4044 assert(!MUTEX_HELD(&np->rn_lock)); 4045 4046 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) 4047 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4048 4049 if (strcmp(np->rn_type, SCF_GROUP_FRAMEWORK) == 0 || 4050 strcmp(np->rn_type, SCF_GROUP_DEPENDENCY) == 0 || 4051 strcmp(np->rn_type, SCF_GROUP_METHOD) == 0) 4052 return (REP_PROTOCOL_SUCCESS); 4053 4054 ret = rc_node_parent(np, &ent); 4055 4056 if (ret != REP_PROTOCOL_SUCCESS) 4057 return (ret); 4058 4059 ret = rc_svc_prop_exists(ent, np->rn_name, np->rn_type, 4060 AUTH_PROP_READ, REP_PROTOCOL_TYPE_STRING); 4061 4062 rc_node_rele(ent); 4063 4064 switch (ret) { 4065 case REP_PROTOCOL_FAIL_NOT_FOUND: 4066 return (REP_PROTOCOL_SUCCESS); 4067 case REP_PROTOCOL_SUCCESS: 4068 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4069 case REP_PROTOCOL_FAIL_DELETED: 4070 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4071 return (ret); 4072 default: 4073 bad_error("rc_svc_prop_exists", ret); 4074 } 4075 4076 return (REP_PROTOCOL_SUCCESS); 4077 } 4078 4079 /* 4080 * Fails with 4081 * _DELETED - np's node or parent has been deleted 4082 * _TYPE_MISMATCH - np's node is not a property 4083 * _NO_RESOURCES - out of memory 4084 * _PERMISSION_DENIED - no authorization to read this property's value(s) 4085 * _BAD_REQUEST - np's parent is not a property group 4086 */ 4087 static int 4088 rc_node_property_may_read(rc_node_t *np) 4089 { 4090 int ret, granted = 0; 4091 rc_node_t *pgp; 4092 permcheck_t *pcp; 4093 4094 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) 4095 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4096 4097 if (client_is_privileged()) 4098 return (REP_PROTOCOL_SUCCESS); 4099 4100 #ifdef NATIVE_BUILD 4101 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4102 #else 4103 ret = rc_node_parent(np, &pgp); 4104 4105 if (ret != REP_PROTOCOL_SUCCESS) 4106 return (ret); 4107 4108 if (pgp->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 4109 rc_node_rele(pgp); 4110 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4111 } 4112 4113 ret = rc_node_pg_check_read_protect(pgp); 4114 4115 if (ret != REP_PROTOCOL_FAIL_PERMISSION_DENIED) { 4116 rc_node_rele(pgp); 4117 return (ret); 4118 } 4119 4120 pcp = pc_create(); 4121 4122 if (pcp == NULL) { 4123 rc_node_rele(pgp); 4124 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4125 } 4126 4127 ret = perm_add_enabling(pcp, AUTH_MODIFY); 4128 4129 if (ret == REP_PROTOCOL_SUCCESS) { 4130 const char * const auth = 4131 perm_auth_for_pgtype(pgp->rn_type); 4132 4133 if (auth != NULL) 4134 ret = perm_add_enabling(pcp, auth); 4135 } 4136 4137 /* 4138 * If you are permitted to modify the value, you may also 4139 * read it. This means that both the MODIFY and VALUE 4140 * authorizations are acceptable. We don't allow requests 4141 * for AUTH_PROP_MODIFY if all you have is $AUTH_PROP_VALUE, 4142 * however, to avoid leaking possibly valuable information 4143 * since such a user can't change the property anyway. 4144 */ 4145 if (ret == REP_PROTOCOL_SUCCESS) 4146 ret = perm_add_enabling_values(pcp, pgp, 4147 AUTH_PROP_MODIFY); 4148 4149 if (ret == REP_PROTOCOL_SUCCESS && 4150 strcmp(np->rn_name, AUTH_PROP_MODIFY) != 0) 4151 ret = perm_add_enabling_values(pcp, pgp, 4152 AUTH_PROP_VALUE); 4153 4154 if (ret == REP_PROTOCOL_SUCCESS) 4155 ret = perm_add_enabling_values(pcp, pgp, 4156 AUTH_PROP_READ); 4157 4158 rc_node_rele(pgp); 4159 4160 if (ret == REP_PROTOCOL_SUCCESS) { 4161 granted = perm_granted(pcp); 4162 if (granted < 0) 4163 ret = REP_PROTOCOL_FAIL_NO_RESOURCES; 4164 } 4165 4166 pc_free(pcp); 4167 4168 if (ret == REP_PROTOCOL_SUCCESS && !granted) 4169 ret = REP_PROTOCOL_FAIL_PERMISSION_DENIED; 4170 4171 return (ret); 4172 #endif /* NATIVE_BUILD */ 4173 } 4174 4175 /* 4176 * Iteration 4177 */ 4178 static int 4179 rc_iter_filter_name(rc_node_t *np, void *s) 4180 { 4181 const char *name = s; 4182 4183 return (strcmp(np->rn_name, name) == 0); 4184 } 4185 4186 static int 4187 rc_iter_filter_type(rc_node_t *np, void *s) 4188 { 4189 const char *type = s; 4190 4191 return (np->rn_type != NULL && strcmp(np->rn_type, type) == 0); 4192 } 4193 4194 /*ARGSUSED*/ 4195 static int 4196 rc_iter_null_filter(rc_node_t *np, void *s) 4197 { 4198 return (1); 4199 } 4200 4201 /* 4202 * Allocate & initialize an rc_node_iter_t structure. Essentially, ensure 4203 * np->rn_children is populated and call uu_list_walk_start(np->rn_children). 4204 * If successful, leaves a hold on np & increments np->rn_other_refs 4205 * 4206 * If composed is true, then set up for iteration across the top level of np's 4207 * composition chain. If successful, leaves a hold on np and increments 4208 * rn_other_refs for the top level of np's composition chain. 4209 * 4210 * Fails with 4211 * _NO_RESOURCES 4212 * _INVALID_TYPE 4213 * _TYPE_MISMATCH - np cannot carry type children 4214 * _DELETED 4215 */ 4216 static int 4217 rc_iter_create(rc_node_iter_t **resp, rc_node_t *np, uint32_t type, 4218 rc_iter_filter_func *filter, void *arg, boolean_t composed) 4219 { 4220 rc_node_iter_t *nip; 4221 int res; 4222 4223 assert(*resp == NULL); 4224 4225 nip = uu_zalloc(sizeof (*nip)); 4226 if (nip == NULL) 4227 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4228 4229 /* np is held by the client's rc_node_ptr_t */ 4230 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) 4231 composed = 1; 4232 4233 if (!composed) { 4234 (void) pthread_mutex_lock(&np->rn_lock); 4235 4236 if ((res = rc_node_fill_children(np, type)) != 4237 REP_PROTOCOL_SUCCESS) { 4238 (void) pthread_mutex_unlock(&np->rn_lock); 4239 uu_free(nip); 4240 return (res); 4241 } 4242 4243 nip->rni_clevel = -1; 4244 4245 nip->rni_iter = uu_list_walk_start(np->rn_children, 4246 UU_WALK_ROBUST); 4247 if (nip->rni_iter != NULL) { 4248 nip->rni_iter_node = np; 4249 rc_node_hold_other(np); 4250 } else { 4251 (void) pthread_mutex_unlock(&np->rn_lock); 4252 uu_free(nip); 4253 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4254 } 4255 (void) pthread_mutex_unlock(&np->rn_lock); 4256 } else { 4257 rc_node_t *ent; 4258 4259 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_SNAPSHOT) { 4260 /* rn_cchain isn't valid until children are loaded. */ 4261 (void) pthread_mutex_lock(&np->rn_lock); 4262 res = rc_node_fill_children(np, 4263 REP_PROTOCOL_ENTITY_SNAPLEVEL); 4264 (void) pthread_mutex_unlock(&np->rn_lock); 4265 if (res != REP_PROTOCOL_SUCCESS) { 4266 uu_free(nip); 4267 return (res); 4268 } 4269 4270 /* Check for an empty snapshot. */ 4271 if (np->rn_cchain[0] == NULL) 4272 goto empty; 4273 } 4274 4275 /* Start at the top of the composition chain. */ 4276 for (nip->rni_clevel = 0; ; ++nip->rni_clevel) { 4277 if (nip->rni_clevel >= COMPOSITION_DEPTH) { 4278 /* Empty composition chain. */ 4279 empty: 4280 nip->rni_clevel = -1; 4281 nip->rni_iter = NULL; 4282 /* It's ok, iter_next() will return _DONE. */ 4283 goto out; 4284 } 4285 4286 ent = np->rn_cchain[nip->rni_clevel]; 4287 assert(ent != NULL); 4288 4289 if (rc_node_check_and_lock(ent) == REP_PROTOCOL_SUCCESS) 4290 break; 4291 4292 /* Someone deleted it, so try the next one. */ 4293 } 4294 4295 res = rc_node_fill_children(ent, type); 4296 4297 if (res == REP_PROTOCOL_SUCCESS) { 4298 nip->rni_iter = uu_list_walk_start(ent->rn_children, 4299 UU_WALK_ROBUST); 4300 4301 if (nip->rni_iter == NULL) 4302 res = REP_PROTOCOL_FAIL_NO_RESOURCES; 4303 else { 4304 nip->rni_iter_node = ent; 4305 rc_node_hold_other(ent); 4306 } 4307 } 4308 4309 if (res != REP_PROTOCOL_SUCCESS) { 4310 (void) pthread_mutex_unlock(&ent->rn_lock); 4311 uu_free(nip); 4312 return (res); 4313 } 4314 4315 (void) pthread_mutex_unlock(&ent->rn_lock); 4316 } 4317 4318 out: 4319 rc_node_hold(np); /* released by rc_iter_end() */ 4320 nip->rni_parent = np; 4321 nip->rni_type = type; 4322 nip->rni_filter = (filter != NULL)? filter : rc_iter_null_filter; 4323 nip->rni_filter_arg = arg; 4324 *resp = nip; 4325 return (REP_PROTOCOL_SUCCESS); 4326 } 4327 4328 static void 4329 rc_iter_end(rc_node_iter_t *iter) 4330 { 4331 rc_node_t *np = iter->rni_parent; 4332 4333 if (iter->rni_clevel >= 0) 4334 np = np->rn_cchain[iter->rni_clevel]; 4335 4336 assert(MUTEX_HELD(&np->rn_lock)); 4337 if (iter->rni_iter != NULL) 4338 uu_list_walk_end(iter->rni_iter); 4339 iter->rni_iter = NULL; 4340 4341 (void) pthread_mutex_unlock(&np->rn_lock); 4342 rc_node_rele(iter->rni_parent); 4343 if (iter->rni_iter_node != NULL) 4344 rc_node_rele_other(iter->rni_iter_node); 4345 } 4346 4347 /* 4348 * Fails with 4349 * _NOT_SET - npp is reset 4350 * _DELETED - npp's node has been deleted 4351 * _NOT_APPLICABLE - npp's node is not a property 4352 * _NO_RESOURCES - out of memory 4353 */ 4354 static int 4355 rc_node_setup_value_iter(rc_node_ptr_t *npp, rc_node_iter_t **iterp) 4356 { 4357 rc_node_t *np; 4358 4359 rc_node_iter_t *nip; 4360 4361 assert(*iterp == NULL); 4362 4363 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 4364 4365 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) { 4366 (void) pthread_mutex_unlock(&np->rn_lock); 4367 return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); 4368 } 4369 4370 nip = uu_zalloc(sizeof (*nip)); 4371 if (nip == NULL) { 4372 (void) pthread_mutex_unlock(&np->rn_lock); 4373 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4374 } 4375 4376 nip->rni_parent = np; 4377 nip->rni_iter = NULL; 4378 nip->rni_clevel = -1; 4379 nip->rni_type = REP_PROTOCOL_ENTITY_VALUE; 4380 nip->rni_offset = 0; 4381 nip->rni_last_offset = 0; 4382 4383 rc_node_hold_locked(np); 4384 4385 *iterp = nip; 4386 (void) pthread_mutex_unlock(&np->rn_lock); 4387 4388 return (REP_PROTOCOL_SUCCESS); 4389 } 4390 4391 /* 4392 * Returns: 4393 * _NO_RESOURCES - out of memory 4394 * _NOT_SET - npp is reset 4395 * _DELETED - npp's node has been deleted 4396 * _TYPE_MISMATCH - npp's node is not a property 4397 * _NOT_FOUND - property has no values 4398 * _TRUNCATED - property has >1 values (first is written into out) 4399 * _SUCCESS - property has 1 value (which is written into out) 4400 * _PERMISSION_DENIED - no authorization to read property value(s) 4401 * 4402 * We shorten *sz_out to not include anything after the final '\0'. 4403 */ 4404 int 4405 rc_node_get_property_value(rc_node_ptr_t *npp, 4406 struct rep_protocol_value_response *out, size_t *sz_out) 4407 { 4408 rc_node_t *np; 4409 size_t w; 4410 int ret; 4411 4412 assert(*sz_out == sizeof (*out)); 4413 4414 RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp); 4415 ret = rc_node_property_may_read(np); 4416 rc_node_rele(np); 4417 4418 if (ret != REP_PROTOCOL_SUCCESS) 4419 return (ret); 4420 4421 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 4422 4423 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) { 4424 (void) pthread_mutex_unlock(&np->rn_lock); 4425 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4426 } 4427 4428 if (np->rn_values_size == 0) { 4429 (void) pthread_mutex_unlock(&np->rn_lock); 4430 return (REP_PROTOCOL_FAIL_NOT_FOUND); 4431 } 4432 out->rpr_type = np->rn_valtype; 4433 w = strlcpy(out->rpr_value, &np->rn_values[0], 4434 sizeof (out->rpr_value)); 4435 4436 if (w >= sizeof (out->rpr_value)) 4437 backend_panic("value too large"); 4438 4439 *sz_out = offsetof(struct rep_protocol_value_response, 4440 rpr_value[w + 1]); 4441 4442 ret = (np->rn_values_count != 1)? REP_PROTOCOL_FAIL_TRUNCATED : 4443 REP_PROTOCOL_SUCCESS; 4444 (void) pthread_mutex_unlock(&np->rn_lock); 4445 return (ret); 4446 } 4447 4448 int 4449 rc_iter_next_value(rc_node_iter_t *iter, 4450 struct rep_protocol_value_response *out, size_t *sz_out, int repeat) 4451 { 4452 rc_node_t *np = iter->rni_parent; 4453 const char *vals; 4454 size_t len; 4455 4456 size_t start; 4457 size_t w; 4458 int ret; 4459 4460 rep_protocol_responseid_t result; 4461 4462 assert(*sz_out == sizeof (*out)); 4463 4464 (void) memset(out, '\0', *sz_out); 4465 4466 if (iter->rni_type != REP_PROTOCOL_ENTITY_VALUE) 4467 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4468 4469 RC_NODE_CHECK(np); 4470 ret = rc_node_property_may_read(np); 4471 4472 if (ret != REP_PROTOCOL_SUCCESS) 4473 return (ret); 4474 4475 RC_NODE_CHECK_AND_LOCK(np); 4476 4477 vals = np->rn_values; 4478 len = np->rn_values_size; 4479 4480 out->rpr_type = np->rn_valtype; 4481 4482 start = (repeat)? iter->rni_last_offset : iter->rni_offset; 4483 4484 if (len == 0 || start >= len) { 4485 result = REP_PROTOCOL_DONE; 4486 *sz_out -= sizeof (out->rpr_value); 4487 } else { 4488 w = strlcpy(out->rpr_value, &vals[start], 4489 sizeof (out->rpr_value)); 4490 4491 if (w >= sizeof (out->rpr_value)) 4492 backend_panic("value too large"); 4493 4494 *sz_out = offsetof(struct rep_protocol_value_response, 4495 rpr_value[w + 1]); 4496 4497 /* 4498 * update the offsets if we're not repeating 4499 */ 4500 if (!repeat) { 4501 iter->rni_last_offset = iter->rni_offset; 4502 iter->rni_offset += (w + 1); 4503 } 4504 4505 result = REP_PROTOCOL_SUCCESS; 4506 } 4507 4508 (void) pthread_mutex_unlock(&np->rn_lock); 4509 return (result); 4510 } 4511 4512 /* 4513 * Entry point for ITER_START from client.c. Validate the arguments & call 4514 * rc_iter_create(). 4515 * 4516 * Fails with 4517 * _NOT_SET 4518 * _DELETED 4519 * _TYPE_MISMATCH - np cannot carry type children 4520 * _BAD_REQUEST - flags is invalid 4521 * pattern is invalid 4522 * _NO_RESOURCES 4523 * _INVALID_TYPE 4524 * _TYPE_MISMATCH - *npp cannot have children of type 4525 * _BACKEND_ACCESS 4526 */ 4527 int 4528 rc_node_setup_iter(rc_node_ptr_t *npp, rc_node_iter_t **iterp, 4529 uint32_t type, uint32_t flags, const char *pattern) 4530 { 4531 rc_node_t *np; 4532 rc_iter_filter_func *f = NULL; 4533 int rc; 4534 4535 RC_NODE_PTR_GET_CHECK(np, npp); 4536 4537 if (pattern != NULL && pattern[0] == '\0') 4538 pattern = NULL; 4539 4540 if (type == REP_PROTOCOL_ENTITY_VALUE) { 4541 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) 4542 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4543 if (flags != RP_ITER_START_ALL || pattern != NULL) 4544 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4545 4546 rc = rc_node_setup_value_iter(npp, iterp); 4547 assert(rc != REP_PROTOCOL_FAIL_NOT_APPLICABLE); 4548 return (rc); 4549 } 4550 4551 if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != 4552 REP_PROTOCOL_SUCCESS) 4553 return (rc); 4554 4555 if (((flags & RP_ITER_START_FILT_MASK) == RP_ITER_START_ALL) ^ 4556 (pattern == NULL)) 4557 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4558 4559 /* Composition only works for instances & snapshots. */ 4560 if ((flags & RP_ITER_START_COMPOSED) && 4561 (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE && 4562 np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT)) 4563 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4564 4565 if (pattern != NULL) { 4566 if ((rc = rc_check_type_name(type, pattern)) != 4567 REP_PROTOCOL_SUCCESS) 4568 return (rc); 4569 pattern = strdup(pattern); 4570 if (pattern == NULL) 4571 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4572 } 4573 4574 switch (flags & RP_ITER_START_FILT_MASK) { 4575 case RP_ITER_START_ALL: 4576 f = NULL; 4577 break; 4578 case RP_ITER_START_EXACT: 4579 f = rc_iter_filter_name; 4580 break; 4581 case RP_ITER_START_PGTYPE: 4582 if (type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 4583 free((void *)pattern); 4584 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4585 } 4586 f = rc_iter_filter_type; 4587 break; 4588 default: 4589 free((void *)pattern); 4590 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4591 } 4592 4593 rc = rc_iter_create(iterp, np, type, f, (void *)pattern, 4594 flags & RP_ITER_START_COMPOSED); 4595 if (rc != REP_PROTOCOL_SUCCESS && pattern != NULL) 4596 free((void *)pattern); 4597 4598 return (rc); 4599 } 4600 4601 /* 4602 * Do uu_list_walk_next(iter->rni_iter) until we find a child which matches 4603 * the filter. 4604 * For composed iterators, then check to see if there's an overlapping entity 4605 * (see embedded comments). If we reach the end of the list, start over at 4606 * the next level. 4607 * 4608 * Returns 4609 * _BAD_REQUEST - iter walks values 4610 * _TYPE_MISMATCH - iter does not walk type entities 4611 * _DELETED - parent was deleted 4612 * _NO_RESOURCES 4613 * _INVALID_TYPE - type is invalid 4614 * _DONE 4615 * _SUCCESS 4616 * 4617 * For composed property group iterators, can also return 4618 * _TYPE_MISMATCH - parent cannot have type children 4619 */ 4620 int 4621 rc_iter_next(rc_node_iter_t *iter, rc_node_ptr_t *out, uint32_t type) 4622 { 4623 rc_node_t *np = iter->rni_parent; 4624 rc_node_t *res; 4625 int rc; 4626 4627 if (iter->rni_type == REP_PROTOCOL_ENTITY_VALUE) 4628 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 4629 4630 if (iter->rni_iter == NULL) { 4631 rc_node_clear(out, 0); 4632 return (REP_PROTOCOL_DONE); 4633 } 4634 4635 if (iter->rni_type != type) { 4636 rc_node_clear(out, 0); 4637 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4638 } 4639 4640 (void) pthread_mutex_lock(&np->rn_lock); /* held by _iter_create() */ 4641 4642 if (!rc_node_wait_flag(np, RC_NODE_CHILDREN_CHANGING)) { 4643 (void) pthread_mutex_unlock(&np->rn_lock); 4644 rc_node_clear(out, 1); 4645 return (REP_PROTOCOL_FAIL_DELETED); 4646 } 4647 4648 if (iter->rni_clevel >= 0) { 4649 /* Composed iterator. Iterate over appropriate level. */ 4650 (void) pthread_mutex_unlock(&np->rn_lock); 4651 np = np->rn_cchain[iter->rni_clevel]; 4652 /* 4653 * If iter->rni_parent is an instance or a snapshot, np must 4654 * be valid since iter holds iter->rni_parent & possible 4655 * levels (service, instance, snaplevel) cannot be destroyed 4656 * while rni_parent is held. If iter->rni_parent is 4657 * a composed property group then rc_node_setup_cpg() put 4658 * a hold on np. 4659 */ 4660 4661 (void) pthread_mutex_lock(&np->rn_lock); 4662 4663 if (!rc_node_wait_flag(np, RC_NODE_CHILDREN_CHANGING)) { 4664 (void) pthread_mutex_unlock(&np->rn_lock); 4665 rc_node_clear(out, 1); 4666 return (REP_PROTOCOL_FAIL_DELETED); 4667 } 4668 } 4669 4670 assert(np->rn_flags & RC_NODE_HAS_CHILDREN); 4671 4672 for (;;) { 4673 res = uu_list_walk_next(iter->rni_iter); 4674 if (res == NULL) { 4675 rc_node_t *parent = iter->rni_parent; 4676 4677 #if COMPOSITION_DEPTH == 2 4678 if (iter->rni_clevel < 0 || iter->rni_clevel == 1) { 4679 /* release walker and lock */ 4680 rc_iter_end(iter); 4681 break; 4682 } 4683 4684 /* Stop walking current level. */ 4685 uu_list_walk_end(iter->rni_iter); 4686 iter->rni_iter = NULL; 4687 (void) pthread_mutex_unlock(&np->rn_lock); 4688 rc_node_rele_other(iter->rni_iter_node); 4689 iter->rni_iter_node = NULL; 4690 4691 /* Start walking next level. */ 4692 ++iter->rni_clevel; 4693 np = parent->rn_cchain[iter->rni_clevel]; 4694 assert(np != NULL); 4695 #else 4696 #error This code must be updated. 4697 #endif 4698 4699 (void) pthread_mutex_lock(&np->rn_lock); 4700 4701 rc = rc_node_fill_children(np, iter->rni_type); 4702 4703 if (rc == REP_PROTOCOL_SUCCESS) { 4704 iter->rni_iter = 4705 uu_list_walk_start(np->rn_children, 4706 UU_WALK_ROBUST); 4707 4708 if (iter->rni_iter == NULL) 4709 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 4710 else { 4711 iter->rni_iter_node = np; 4712 rc_node_hold_other(np); 4713 } 4714 } 4715 4716 if (rc != REP_PROTOCOL_SUCCESS) { 4717 (void) pthread_mutex_unlock(&np->rn_lock); 4718 rc_node_clear(out, 0); 4719 return (rc); 4720 } 4721 4722 continue; 4723 } 4724 4725 if (res->rn_id.rl_type != type || 4726 !iter->rni_filter(res, iter->rni_filter_arg)) 4727 continue; 4728 4729 /* 4730 * If we're composed and not at the top level, check to see if 4731 * there's an entity at a higher level with the same name. If 4732 * so, skip this one. 4733 */ 4734 if (iter->rni_clevel > 0) { 4735 rc_node_t *ent = iter->rni_parent->rn_cchain[0]; 4736 rc_node_t *pg; 4737 4738 #if COMPOSITION_DEPTH == 2 4739 assert(iter->rni_clevel == 1); 4740 4741 (void) pthread_mutex_unlock(&np->rn_lock); 4742 (void) pthread_mutex_lock(&ent->rn_lock); 4743 rc = rc_node_find_named_child(ent, res->rn_name, type, 4744 &pg); 4745 if (rc == REP_PROTOCOL_SUCCESS && pg != NULL) 4746 rc_node_rele(pg); 4747 (void) pthread_mutex_unlock(&ent->rn_lock); 4748 if (rc != REP_PROTOCOL_SUCCESS) { 4749 rc_node_clear(out, 0); 4750 return (rc); 4751 } 4752 (void) pthread_mutex_lock(&np->rn_lock); 4753 4754 /* Make sure np isn't being deleted all of a sudden. */ 4755 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 4756 (void) pthread_mutex_unlock(&np->rn_lock); 4757 rc_node_clear(out, 1); 4758 return (REP_PROTOCOL_FAIL_DELETED); 4759 } 4760 4761 if (pg != NULL) 4762 /* Keep going. */ 4763 continue; 4764 #else 4765 #error This code must be updated. 4766 #endif 4767 } 4768 4769 /* 4770 * If we're composed, iterating over property groups, and not 4771 * at the bottom level, check to see if there's a pg at lower 4772 * level with the same name. If so, return a cpg. 4773 */ 4774 if (iter->rni_clevel >= 0 && 4775 type == REP_PROTOCOL_ENTITY_PROPERTYGRP && 4776 iter->rni_clevel < COMPOSITION_DEPTH - 1) { 4777 #if COMPOSITION_DEPTH == 2 4778 rc_node_t *pg; 4779 rc_node_t *ent = iter->rni_parent->rn_cchain[1]; 4780 4781 rc_node_hold(res); /* While we drop np->rn_lock */ 4782 4783 (void) pthread_mutex_unlock(&np->rn_lock); 4784 (void) pthread_mutex_lock(&ent->rn_lock); 4785 rc = rc_node_find_named_child(ent, res->rn_name, type, 4786 &pg); 4787 /* holds pg if not NULL */ 4788 (void) pthread_mutex_unlock(&ent->rn_lock); 4789 if (rc != REP_PROTOCOL_SUCCESS) { 4790 rc_node_rele(res); 4791 rc_node_clear(out, 0); 4792 return (rc); 4793 } 4794 4795 (void) pthread_mutex_lock(&np->rn_lock); 4796 if (!rc_node_wait_flag(np, RC_NODE_DYING)) { 4797 (void) pthread_mutex_unlock(&np->rn_lock); 4798 rc_node_rele(res); 4799 if (pg != NULL) 4800 rc_node_rele(pg); 4801 rc_node_clear(out, 1); 4802 return (REP_PROTOCOL_FAIL_DELETED); 4803 } 4804 4805 if (pg == NULL) { 4806 rc_node_rele(res); 4807 } else { 4808 rc_node_t *cpg; 4809 4810 /* Keep res held for rc_node_setup_cpg(). */ 4811 4812 cpg = rc_node_alloc(); 4813 if (cpg == NULL) { 4814 (void) pthread_mutex_unlock( 4815 &np->rn_lock); 4816 rc_node_rele(res); 4817 rc_node_rele(pg); 4818 rc_node_clear(out, 0); 4819 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4820 } 4821 4822 switch (rc_node_setup_cpg(cpg, res, pg)) { 4823 case REP_PROTOCOL_SUCCESS: 4824 res = cpg; 4825 break; 4826 4827 case REP_PROTOCOL_FAIL_TYPE_MISMATCH: 4828 /* Nevermind. */ 4829 rc_node_destroy(cpg); 4830 rc_node_rele(pg); 4831 rc_node_rele(res); 4832 break; 4833 4834 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4835 rc_node_destroy(cpg); 4836 (void) pthread_mutex_unlock( 4837 &np->rn_lock); 4838 rc_node_rele(res); 4839 rc_node_rele(pg); 4840 rc_node_clear(out, 0); 4841 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4842 4843 default: 4844 assert(0); 4845 abort(); 4846 } 4847 } 4848 #else 4849 #error This code must be updated. 4850 #endif 4851 } 4852 4853 rc_node_hold(res); 4854 (void) pthread_mutex_unlock(&np->rn_lock); 4855 break; 4856 } 4857 rc_node_assign(out, res); 4858 4859 if (res == NULL) 4860 return (REP_PROTOCOL_DONE); 4861 rc_node_rele(res); 4862 return (REP_PROTOCOL_SUCCESS); 4863 } 4864 4865 void 4866 rc_iter_destroy(rc_node_iter_t **nipp) 4867 { 4868 rc_node_iter_t *nip = *nipp; 4869 rc_node_t *np; 4870 4871 if (nip == NULL) 4872 return; /* already freed */ 4873 4874 np = nip->rni_parent; 4875 4876 if (nip->rni_filter_arg != NULL) 4877 free(nip->rni_filter_arg); 4878 nip->rni_filter_arg = NULL; 4879 4880 if (nip->rni_type == REP_PROTOCOL_ENTITY_VALUE || 4881 nip->rni_iter != NULL) { 4882 if (nip->rni_clevel < 0) 4883 (void) pthread_mutex_lock(&np->rn_lock); 4884 else 4885 (void) pthread_mutex_lock( 4886 &np->rn_cchain[nip->rni_clevel]->rn_lock); 4887 rc_iter_end(nip); /* release walker and lock */ 4888 } 4889 nip->rni_parent = NULL; 4890 4891 uu_free(nip); 4892 *nipp = NULL; 4893 } 4894 4895 int 4896 rc_node_setup_tx(rc_node_ptr_t *npp, rc_node_ptr_t *txp) 4897 { 4898 rc_node_t *np; 4899 permcheck_t *pcp; 4900 int ret; 4901 int authorized = 0; 4902 4903 RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp); 4904 4905 if (np->rn_id.rl_type == REP_PROTOCOL_ENTITY_CPROPERTYGRP) { 4906 rc_node_rele(np); 4907 np = np->rn_cchain[0]; 4908 RC_NODE_CHECK_AND_HOLD(np); 4909 } 4910 4911 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 4912 rc_node_rele(np); 4913 return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); 4914 } 4915 4916 if (np->rn_id.rl_ids[ID_SNAPSHOT] != 0) { 4917 rc_node_rele(np); 4918 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4919 } 4920 4921 if (client_is_privileged()) 4922 goto skip_checks; 4923 4924 #ifdef NATIVE_BUILD 4925 rc_node_rele(np); 4926 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 4927 #else 4928 /* permission check */ 4929 pcp = pc_create(); 4930 if (pcp == NULL) { 4931 rc_node_rele(np); 4932 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 4933 } 4934 4935 if (np->rn_id.rl_ids[ID_INSTANCE] != 0 && /* instance pg */ 4936 ((strcmp(np->rn_name, AUTH_PG_ACTIONS) == 0 && 4937 strcmp(np->rn_type, AUTH_PG_ACTIONS_TYPE) == 0) || 4938 (strcmp(np->rn_name, AUTH_PG_GENERAL_OVR) == 0 && 4939 strcmp(np->rn_type, AUTH_PG_GENERAL_OVR_TYPE) == 0))) { 4940 rc_node_t *instn; 4941 4942 /* solaris.smf.manage can be used. */ 4943 ret = perm_add_enabling(pcp, AUTH_MANAGE); 4944 4945 if (ret != REP_PROTOCOL_SUCCESS) { 4946 pc_free(pcp); 4947 rc_node_rele(np); 4948 return (ret); 4949 } 4950 4951 /* general/action_authorization values can be used. */ 4952 ret = rc_node_parent(np, &instn); 4953 if (ret != REP_PROTOCOL_SUCCESS) { 4954 assert(ret == REP_PROTOCOL_FAIL_DELETED); 4955 rc_node_rele(np); 4956 pc_free(pcp); 4957 return (REP_PROTOCOL_FAIL_DELETED); 4958 } 4959 4960 assert(instn->rn_id.rl_type == REP_PROTOCOL_ENTITY_INSTANCE); 4961 4962 ret = perm_add_inst_action_auth(pcp, instn); 4963 rc_node_rele(instn); 4964 switch (ret) { 4965 case REP_PROTOCOL_SUCCESS: 4966 break; 4967 4968 case REP_PROTOCOL_FAIL_DELETED: 4969 case REP_PROTOCOL_FAIL_NO_RESOURCES: 4970 rc_node_rele(np); 4971 pc_free(pcp); 4972 return (ret); 4973 4974 default: 4975 bad_error("perm_add_inst_action_auth", ret); 4976 } 4977 4978 if (strcmp(np->rn_name, AUTH_PG_ACTIONS) == 0) 4979 authorized = 1; /* Don't check on commit. */ 4980 } else { 4981 ret = perm_add_enabling(pcp, AUTH_MODIFY); 4982 4983 if (ret == REP_PROTOCOL_SUCCESS) { 4984 /* propertygroup-type-specific authorization */ 4985 /* no locking because rn_type won't change anyway */ 4986 const char * const auth = 4987 perm_auth_for_pgtype(np->rn_type); 4988 4989 if (auth != NULL) 4990 ret = perm_add_enabling(pcp, auth); 4991 } 4992 4993 if (ret == REP_PROTOCOL_SUCCESS) 4994 /* propertygroup/transaction-type-specific auths */ 4995 ret = 4996 perm_add_enabling_values(pcp, np, AUTH_PROP_VALUE); 4997 4998 if (ret == REP_PROTOCOL_SUCCESS) 4999 ret = 5000 perm_add_enabling_values(pcp, np, AUTH_PROP_MODIFY); 5001 5002 /* AUTH_MANAGE can manipulate general/AUTH_PROP_ACTION */ 5003 if (ret == REP_PROTOCOL_SUCCESS && 5004 strcmp(np->rn_name, AUTH_PG_GENERAL) == 0 && 5005 strcmp(np->rn_type, AUTH_PG_GENERAL_TYPE) == 0) 5006 ret = perm_add_enabling(pcp, AUTH_MANAGE); 5007 5008 if (ret != REP_PROTOCOL_SUCCESS) { 5009 pc_free(pcp); 5010 rc_node_rele(np); 5011 return (ret); 5012 } 5013 } 5014 5015 ret = perm_granted(pcp); 5016 if (ret != 1) { 5017 pc_free(pcp); 5018 rc_node_rele(np); 5019 return (ret == 0 ? REP_PROTOCOL_FAIL_PERMISSION_DENIED : 5020 REP_PROTOCOL_FAIL_NO_RESOURCES); 5021 } 5022 5023 pc_free(pcp); 5024 #endif /* NATIVE_BUILD */ 5025 5026 skip_checks: 5027 rc_node_assign(txp, np); 5028 txp->rnp_authorized = authorized; 5029 5030 rc_node_rele(np); 5031 return (REP_PROTOCOL_SUCCESS); 5032 } 5033 5034 /* 5035 * Return 1 if the given transaction commands only modify the values of 5036 * properties other than "modify_authorization". Return -1 if any of the 5037 * commands are invalid, and 0 otherwise. 5038 */ 5039 static int 5040 tx_allow_value(const void *cmds_arg, size_t cmds_sz, rc_node_t *pg) 5041 { 5042 const struct rep_protocol_transaction_cmd *cmds; 5043 uintptr_t loc; 5044 uint32_t sz; 5045 rc_node_t *prop; 5046 boolean_t ok; 5047 5048 assert(!MUTEX_HELD(&pg->rn_lock)); 5049 5050 loc = (uintptr_t)cmds_arg; 5051 5052 while (cmds_sz > 0) { 5053 cmds = (struct rep_protocol_transaction_cmd *)loc; 5054 5055 if (cmds_sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 5056 return (-1); 5057 5058 sz = cmds->rptc_size; 5059 if (sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 5060 return (-1); 5061 5062 sz = TX_SIZE(sz); 5063 if (sz > cmds_sz) 5064 return (-1); 5065 5066 switch (cmds[0].rptc_action) { 5067 case REP_PROTOCOL_TX_ENTRY_CLEAR: 5068 break; 5069 5070 case REP_PROTOCOL_TX_ENTRY_REPLACE: 5071 /* Check type */ 5072 (void) pthread_mutex_lock(&pg->rn_lock); 5073 if (rc_node_find_named_child(pg, 5074 (const char *)cmds[0].rptc_data, 5075 REP_PROTOCOL_ENTITY_PROPERTY, &prop) == 5076 REP_PROTOCOL_SUCCESS) { 5077 ok = (prop != NULL && 5078 prop->rn_valtype == cmds[0].rptc_type); 5079 } else { 5080 /* Return more particular error? */ 5081 ok = B_FALSE; 5082 } 5083 (void) pthread_mutex_unlock(&pg->rn_lock); 5084 if (ok) 5085 break; 5086 return (0); 5087 5088 default: 5089 return (0); 5090 } 5091 5092 if (strcmp((const char *)cmds[0].rptc_data, AUTH_PROP_MODIFY) 5093 == 0) 5094 return (0); 5095 5096 loc += sz; 5097 cmds_sz -= sz; 5098 } 5099 5100 return (1); 5101 } 5102 5103 /* 5104 * Return 1 if any of the given transaction commands affect 5105 * "action_authorization". Return -1 if any of the commands are invalid and 5106 * 0 in all other cases. 5107 */ 5108 static int 5109 tx_modifies_action(const void *cmds_arg, size_t cmds_sz) 5110 { 5111 const struct rep_protocol_transaction_cmd *cmds; 5112 uintptr_t loc; 5113 uint32_t sz; 5114 5115 loc = (uintptr_t)cmds_arg; 5116 5117 while (cmds_sz > 0) { 5118 cmds = (struct rep_protocol_transaction_cmd *)loc; 5119 5120 if (cmds_sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 5121 return (-1); 5122 5123 sz = cmds->rptc_size; 5124 if (sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 5125 return (-1); 5126 5127 sz = TX_SIZE(sz); 5128 if (sz > cmds_sz) 5129 return (-1); 5130 5131 if (strcmp((const char *)cmds[0].rptc_data, AUTH_PROP_ACTION) 5132 == 0) 5133 return (1); 5134 5135 loc += sz; 5136 cmds_sz -= sz; 5137 } 5138 5139 return (0); 5140 } 5141 5142 /* 5143 * Returns 1 if the transaction commands only modify properties named 5144 * 'enabled'. 5145 */ 5146 static int 5147 tx_only_enabled(const void *cmds_arg, size_t cmds_sz) 5148 { 5149 const struct rep_protocol_transaction_cmd *cmd; 5150 uintptr_t loc; 5151 uint32_t sz; 5152 5153 loc = (uintptr_t)cmds_arg; 5154 5155 while (cmds_sz > 0) { 5156 cmd = (struct rep_protocol_transaction_cmd *)loc; 5157 5158 if (cmds_sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 5159 return (-1); 5160 5161 sz = cmd->rptc_size; 5162 if (sz <= REP_PROTOCOL_TRANSACTION_CMD_MIN_SIZE) 5163 return (-1); 5164 5165 sz = TX_SIZE(sz); 5166 if (sz > cmds_sz) 5167 return (-1); 5168 5169 if (strcmp((const char *)cmd->rptc_data, AUTH_PROP_ENABLED) 5170 != 0) 5171 return (0); 5172 5173 loc += sz; 5174 cmds_sz -= sz; 5175 } 5176 5177 return (1); 5178 } 5179 5180 int 5181 rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) 5182 { 5183 rc_node_t *np = txp->rnp_node; 5184 rc_node_t *pp; 5185 rc_node_t *nnp; 5186 rc_node_pg_notify_t *pnp; 5187 int rc; 5188 permcheck_t *pcp; 5189 int granted, normal; 5190 5191 RC_NODE_CHECK(np); 5192 5193 if (!client_is_privileged() && !txp->rnp_authorized) { 5194 #ifdef NATIVE_BUILD 5195 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 5196 #else 5197 /* permission check: depends on contents of transaction */ 5198 pcp = pc_create(); 5199 if (pcp == NULL) 5200 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5201 5202 /* If normal is cleared, we won't do the normal checks. */ 5203 normal = 1; 5204 rc = REP_PROTOCOL_SUCCESS; 5205 5206 if (strcmp(np->rn_name, AUTH_PG_GENERAL) == 0 && 5207 strcmp(np->rn_type, AUTH_PG_GENERAL_TYPE) == 0) { 5208 /* Touching general[framework]/action_authorization? */ 5209 rc = tx_modifies_action(cmds, cmds_sz); 5210 if (rc == -1) { 5211 pc_free(pcp); 5212 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 5213 } 5214 5215 if (rc) { 5216 /* Yes: only AUTH_MANAGE can be used. */ 5217 rc = perm_add_enabling(pcp, AUTH_MANAGE); 5218 normal = 0; 5219 } else { 5220 rc = REP_PROTOCOL_SUCCESS; 5221 } 5222 } else if (np->rn_id.rl_ids[ID_INSTANCE] != 0 && 5223 strcmp(np->rn_name, AUTH_PG_GENERAL_OVR) == 0 && 5224 strcmp(np->rn_type, AUTH_PG_GENERAL_OVR_TYPE) == 0) { 5225 rc_node_t *instn; 5226 5227 rc = tx_only_enabled(cmds, cmds_sz); 5228 if (rc == -1) { 5229 pc_free(pcp); 5230 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 5231 } 5232 5233 if (rc) { 5234 rc = rc_node_parent(np, &instn); 5235 if (rc != REP_PROTOCOL_SUCCESS) { 5236 assert(rc == REP_PROTOCOL_FAIL_DELETED); 5237 pc_free(pcp); 5238 return (rc); 5239 } 5240 5241 assert(instn->rn_id.rl_type == 5242 REP_PROTOCOL_ENTITY_INSTANCE); 5243 5244 rc = perm_add_inst_action_auth(pcp, instn); 5245 rc_node_rele(instn); 5246 switch (rc) { 5247 case REP_PROTOCOL_SUCCESS: 5248 break; 5249 5250 case REP_PROTOCOL_FAIL_DELETED: 5251 case REP_PROTOCOL_FAIL_NO_RESOURCES: 5252 pc_free(pcp); 5253 return (rc); 5254 5255 default: 5256 bad_error("perm_add_inst_action_auth", 5257 rc); 5258 } 5259 } else { 5260 rc = REP_PROTOCOL_SUCCESS; 5261 } 5262 } 5263 5264 if (rc == REP_PROTOCOL_SUCCESS && normal) { 5265 rc = perm_add_enabling(pcp, AUTH_MODIFY); 5266 5267 if (rc == REP_PROTOCOL_SUCCESS) { 5268 /* Add pgtype-specific authorization. */ 5269 const char * const auth = 5270 perm_auth_for_pgtype(np->rn_type); 5271 5272 if (auth != NULL) 5273 rc = perm_add_enabling(pcp, auth); 5274 } 5275 5276 /* Add pg-specific modify_authorization auths. */ 5277 if (rc == REP_PROTOCOL_SUCCESS) 5278 rc = perm_add_enabling_values(pcp, np, 5279 AUTH_PROP_MODIFY); 5280 5281 /* If value_authorization values are ok, add them. */ 5282 if (rc == REP_PROTOCOL_SUCCESS) { 5283 rc = tx_allow_value(cmds, cmds_sz, np); 5284 if (rc == -1) 5285 rc = REP_PROTOCOL_FAIL_BAD_REQUEST; 5286 else if (rc) 5287 rc = perm_add_enabling_values(pcp, np, 5288 AUTH_PROP_VALUE); 5289 } 5290 } 5291 5292 if (rc == REP_PROTOCOL_SUCCESS) { 5293 granted = perm_granted(pcp); 5294 if (granted < 0) 5295 rc = REP_PROTOCOL_FAIL_NO_RESOURCES; 5296 } 5297 5298 pc_free(pcp); 5299 5300 if (rc != REP_PROTOCOL_SUCCESS) 5301 return (rc); 5302 5303 if (!granted) 5304 return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); 5305 #endif /* NATIVE_BUILD */ 5306 } 5307 5308 nnp = rc_node_alloc(); 5309 if (nnp == NULL) 5310 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5311 5312 nnp->rn_id = np->rn_id; /* structure assignment */ 5313 nnp->rn_hash = np->rn_hash; 5314 nnp->rn_name = strdup(np->rn_name); 5315 nnp->rn_type = strdup(np->rn_type); 5316 nnp->rn_pgflags = np->rn_pgflags; 5317 5318 nnp->rn_flags = RC_NODE_IN_TX | RC_NODE_USING_PARENT; 5319 5320 if (nnp->rn_name == NULL || nnp->rn_type == NULL) { 5321 rc_node_destroy(nnp); 5322 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5323 } 5324 5325 (void) pthread_mutex_lock(&np->rn_lock); 5326 /* 5327 * We must have all of the old properties in the cache, or the 5328 * database deletions could cause inconsistencies. 5329 */ 5330 if ((rc = rc_node_fill_children(np, REP_PROTOCOL_ENTITY_PROPERTY)) != 5331 REP_PROTOCOL_SUCCESS) { 5332 (void) pthread_mutex_unlock(&np->rn_lock); 5333 rc_node_destroy(nnp); 5334 return (rc); 5335 } 5336 5337 if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { 5338 (void) pthread_mutex_unlock(&np->rn_lock); 5339 rc_node_destroy(nnp); 5340 return (REP_PROTOCOL_FAIL_DELETED); 5341 } 5342 5343 if (np->rn_flags & RC_NODE_OLD) { 5344 rc_node_rele_flag(np, RC_NODE_USING_PARENT); 5345 (void) pthread_mutex_unlock(&np->rn_lock); 5346 rc_node_destroy(nnp); 5347 return (REP_PROTOCOL_FAIL_NOT_LATEST); 5348 } 5349 5350 pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); 5351 if (pp == NULL) { 5352 /* our parent is gone, we're going next... */ 5353 rc_node_destroy(nnp); 5354 (void) pthread_mutex_lock(&np->rn_lock); 5355 if (np->rn_flags & RC_NODE_OLD) { 5356 (void) pthread_mutex_unlock(&np->rn_lock); 5357 return (REP_PROTOCOL_FAIL_NOT_LATEST); 5358 } 5359 (void) pthread_mutex_unlock(&np->rn_lock); 5360 return (REP_PROTOCOL_FAIL_DELETED); 5361 } 5362 (void) pthread_mutex_unlock(&pp->rn_lock); 5363 5364 /* 5365 * prepare for the transaction 5366 */ 5367 (void) pthread_mutex_lock(&np->rn_lock); 5368 if (!rc_node_hold_flag(np, RC_NODE_IN_TX)) { 5369 (void) pthread_mutex_unlock(&np->rn_lock); 5370 (void) pthread_mutex_lock(&pp->rn_lock); 5371 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 5372 (void) pthread_mutex_unlock(&pp->rn_lock); 5373 rc_node_destroy(nnp); 5374 return (REP_PROTOCOL_FAIL_DELETED); 5375 } 5376 nnp->rn_gen_id = np->rn_gen_id; 5377 (void) pthread_mutex_unlock(&np->rn_lock); 5378 5379 /* Sets nnp->rn_gen_id on success. */ 5380 rc = object_tx_commit(&np->rn_id, cmds, cmds_sz, &nnp->rn_gen_id); 5381 5382 (void) pthread_mutex_lock(&np->rn_lock); 5383 if (rc != REP_PROTOCOL_SUCCESS) { 5384 rc_node_rele_flag(np, RC_NODE_IN_TX); 5385 (void) pthread_mutex_unlock(&np->rn_lock); 5386 (void) pthread_mutex_lock(&pp->rn_lock); 5387 rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); 5388 (void) pthread_mutex_unlock(&pp->rn_lock); 5389 rc_node_destroy(nnp); 5390 rc_node_clear(txp, 0); 5391 if (rc == REP_PROTOCOL_DONE) 5392 rc = REP_PROTOCOL_SUCCESS; /* successful empty tx */ 5393 return (rc); 5394 } 5395 5396 /* 5397 * Notify waiters 5398 */ 5399 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5400 while ((pnp = uu_list_first(np->rn_pg_notify_list)) != NULL) 5401 rc_pg_notify_fire(pnp); 5402 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5403 5404 np->rn_flags |= RC_NODE_OLD; 5405 (void) pthread_mutex_unlock(&np->rn_lock); 5406 5407 rc_notify_remove_node(np); 5408 5409 /* 5410 * replace np with nnp 5411 */ 5412 rc_node_relink_child(pp, np, nnp); 5413 5414 /* 5415 * all done -- clear the transaction. 5416 */ 5417 rc_node_clear(txp, 0); 5418 5419 return (REP_PROTOCOL_SUCCESS); 5420 } 5421 5422 void 5423 rc_pg_notify_init(rc_node_pg_notify_t *pnp) 5424 { 5425 uu_list_node_init(pnp, &pnp->rnpn_node, rc_pg_notify_pool); 5426 pnp->rnpn_pg = NULL; 5427 pnp->rnpn_fd = -1; 5428 } 5429 5430 int 5431 rc_pg_notify_setup(rc_node_pg_notify_t *pnp, rc_node_ptr_t *npp, int fd) 5432 { 5433 rc_node_t *np; 5434 5435 RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); 5436 5437 if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTYGRP) { 5438 (void) pthread_mutex_unlock(&np->rn_lock); 5439 return (REP_PROTOCOL_FAIL_BAD_REQUEST); 5440 } 5441 5442 /* 5443 * wait for any transaction in progress to complete 5444 */ 5445 if (!rc_node_wait_flag(np, RC_NODE_IN_TX)) { 5446 (void) pthread_mutex_unlock(&np->rn_lock); 5447 return (REP_PROTOCOL_FAIL_DELETED); 5448 } 5449 5450 if (np->rn_flags & RC_NODE_OLD) { 5451 (void) pthread_mutex_unlock(&np->rn_lock); 5452 return (REP_PROTOCOL_FAIL_NOT_LATEST); 5453 } 5454 5455 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5456 rc_pg_notify_fire(pnp); 5457 pnp->rnpn_pg = np; 5458 pnp->rnpn_fd = fd; 5459 (void) uu_list_insert_after(np->rn_pg_notify_list, NULL, pnp); 5460 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5461 5462 (void) pthread_mutex_unlock(&np->rn_lock); 5463 return (REP_PROTOCOL_SUCCESS); 5464 } 5465 5466 void 5467 rc_pg_notify_fini(rc_node_pg_notify_t *pnp) 5468 { 5469 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5470 rc_pg_notify_fire(pnp); 5471 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5472 5473 uu_list_node_fini(pnp, &pnp->rnpn_node, rc_pg_notify_pool); 5474 } 5475 5476 void 5477 rc_notify_info_init(rc_notify_info_t *rnip) 5478 { 5479 int i; 5480 5481 uu_list_node_init(rnip, &rnip->rni_list_node, rc_notify_info_pool); 5482 uu_list_node_init(&rnip->rni_notify, &rnip->rni_notify.rcn_list_node, 5483 rc_notify_pool); 5484 5485 rnip->rni_notify.rcn_node = NULL; 5486 rnip->rni_notify.rcn_info = rnip; 5487 5488 bzero(rnip->rni_namelist, sizeof (rnip->rni_namelist)); 5489 bzero(rnip->rni_typelist, sizeof (rnip->rni_typelist)); 5490 5491 (void) pthread_cond_init(&rnip->rni_cv, NULL); 5492 5493 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) { 5494 rnip->rni_namelist[i] = NULL; 5495 rnip->rni_typelist[i] = NULL; 5496 } 5497 } 5498 5499 static void 5500 rc_notify_info_insert_locked(rc_notify_info_t *rnip) 5501 { 5502 assert(MUTEX_HELD(&rc_pg_notify_lock)); 5503 5504 assert(!(rnip->rni_flags & RC_NOTIFY_ACTIVE)); 5505 5506 rnip->rni_flags |= RC_NOTIFY_ACTIVE; 5507 (void) uu_list_insert_after(rc_notify_info_list, NULL, rnip); 5508 (void) uu_list_insert_before(rc_notify_list, NULL, &rnip->rni_notify); 5509 } 5510 5511 static void 5512 rc_notify_info_remove_locked(rc_notify_info_t *rnip) 5513 { 5514 rc_notify_t *me = &rnip->rni_notify; 5515 rc_notify_t *np; 5516 5517 assert(MUTEX_HELD(&rc_pg_notify_lock)); 5518 5519 assert(rnip->rni_flags & RC_NOTIFY_ACTIVE); 5520 5521 assert(!(rnip->rni_flags & RC_NOTIFY_DRAIN)); 5522 rnip->rni_flags |= RC_NOTIFY_DRAIN; 5523 (void) pthread_cond_broadcast(&rnip->rni_cv); 5524 5525 (void) uu_list_remove(rc_notify_info_list, rnip); 5526 5527 /* 5528 * clean up any notifications at the beginning of the list 5529 */ 5530 if (uu_list_first(rc_notify_list) == me) { 5531 while ((np = uu_list_next(rc_notify_list, me)) != NULL && 5532 np->rcn_info == NULL) 5533 rc_notify_remove_locked(np); 5534 } 5535 (void) uu_list_remove(rc_notify_list, me); 5536 5537 while (rnip->rni_waiters) { 5538 (void) pthread_cond_broadcast(&rc_pg_notify_cv); 5539 (void) pthread_cond_broadcast(&rnip->rni_cv); 5540 (void) pthread_cond_wait(&rnip->rni_cv, &rc_pg_notify_lock); 5541 } 5542 5543 rnip->rni_flags &= ~(RC_NOTIFY_DRAIN | RC_NOTIFY_ACTIVE); 5544 } 5545 5546 static int 5547 rc_notify_info_add_watch(rc_notify_info_t *rnip, const char **arr, 5548 const char *name) 5549 { 5550 int i; 5551 int rc; 5552 char *f; 5553 5554 rc = rc_check_type_name(REP_PROTOCOL_ENTITY_PROPERTYGRP, name); 5555 if (rc != REP_PROTOCOL_SUCCESS) 5556 return (rc); 5557 5558 f = strdup(name); 5559 if (f == NULL) 5560 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5561 5562 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5563 5564 while (rnip->rni_flags & RC_NOTIFY_EMPTYING) 5565 (void) pthread_cond_wait(&rnip->rni_cv, &rc_pg_notify_lock); 5566 5567 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) 5568 if (arr[i] == NULL) 5569 break; 5570 5571 if (i == RC_NOTIFY_MAX_NAMES) { 5572 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5573 free(f); 5574 return (REP_PROTOCOL_FAIL_NO_RESOURCES); 5575 } 5576 5577 arr[i] = f; 5578 if (!(rnip->rni_flags & RC_NOTIFY_ACTIVE)) 5579 rc_notify_info_insert_locked(rnip); 5580 5581 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5582 return (REP_PROTOCOL_SUCCESS); 5583 } 5584 5585 int 5586 rc_notify_info_add_name(rc_notify_info_t *rnip, const char *name) 5587 { 5588 return (rc_notify_info_add_watch(rnip, rnip->rni_namelist, name)); 5589 } 5590 5591 int 5592 rc_notify_info_add_type(rc_notify_info_t *rnip, const char *type) 5593 { 5594 return (rc_notify_info_add_watch(rnip, rnip->rni_typelist, type)); 5595 } 5596 5597 /* 5598 * Wait for and report an event of interest to rnip, a notification client 5599 */ 5600 int 5601 rc_notify_info_wait(rc_notify_info_t *rnip, rc_node_ptr_t *out, 5602 char *outp, size_t sz) 5603 { 5604 rc_notify_t *np; 5605 rc_notify_t *me = &rnip->rni_notify; 5606 rc_node_t *nnp; 5607 rc_notify_delete_t *ndp; 5608 5609 int am_first_info; 5610 5611 if (sz > 0) 5612 outp[0] = 0; 5613 5614 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5615 5616 while ((rnip->rni_flags & (RC_NOTIFY_ACTIVE | RC_NOTIFY_DRAIN)) == 5617 RC_NOTIFY_ACTIVE) { 5618 /* 5619 * If I'm first on the notify list, it is my job to 5620 * clean up any notifications I pass by. I can't do that 5621 * if someone is blocking the list from removals, so I 5622 * have to wait until they have all drained. 5623 */ 5624 am_first_info = (uu_list_first(rc_notify_list) == me); 5625 if (am_first_info && rc_notify_in_use) { 5626 rnip->rni_waiters++; 5627 (void) pthread_cond_wait(&rc_pg_notify_cv, 5628 &rc_pg_notify_lock); 5629 rnip->rni_waiters--; 5630 continue; 5631 } 5632 5633 /* 5634 * Search the list for a node of interest. 5635 */ 5636 np = uu_list_next(rc_notify_list, me); 5637 while (np != NULL && !rc_notify_info_interested(rnip, np)) { 5638 rc_notify_t *next = uu_list_next(rc_notify_list, np); 5639 5640 if (am_first_info) { 5641 if (np->rcn_info) { 5642 /* 5643 * Passing another client -- stop 5644 * cleaning up notifications 5645 */ 5646 am_first_info = 0; 5647 } else { 5648 rc_notify_remove_locked(np); 5649 } 5650 } 5651 np = next; 5652 } 5653 5654 /* 5655 * Nothing of interest -- wait for notification 5656 */ 5657 if (np == NULL) { 5658 rnip->rni_waiters++; 5659 (void) pthread_cond_wait(&rnip->rni_cv, 5660 &rc_pg_notify_lock); 5661 rnip->rni_waiters--; 5662 continue; 5663 } 5664 5665 /* 5666 * found something to report -- move myself after the 5667 * notification and process it. 5668 */ 5669 (void) uu_list_remove(rc_notify_list, me); 5670 (void) uu_list_insert_after(rc_notify_list, np, me); 5671 5672 if ((ndp = np->rcn_delete) != NULL) { 5673 (void) strlcpy(outp, ndp->rnd_fmri, sz); 5674 if (am_first_info) 5675 rc_notify_remove_locked(np); 5676 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5677 rc_node_clear(out, 0); 5678 return (REP_PROTOCOL_SUCCESS); 5679 } 5680 5681 nnp = np->rcn_node; 5682 assert(nnp != NULL); 5683 5684 /* 5685 * We can't bump nnp's reference count without grabbing its 5686 * lock, and rc_pg_notify_lock is a leaf lock. So we 5687 * temporarily block all removals to keep nnp from 5688 * disappearing. 5689 */ 5690 rc_notify_in_use++; 5691 assert(rc_notify_in_use > 0); 5692 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5693 5694 rc_node_assign(out, nnp); 5695 5696 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5697 assert(rc_notify_in_use > 0); 5698 rc_notify_in_use--; 5699 if (am_first_info) 5700 rc_notify_remove_locked(np); 5701 if (rc_notify_in_use == 0) 5702 (void) pthread_cond_broadcast(&rc_pg_notify_cv); 5703 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5704 5705 return (REP_PROTOCOL_SUCCESS); 5706 } 5707 /* 5708 * If we're the last one out, let people know it's clear. 5709 */ 5710 if (rnip->rni_waiters == 0) 5711 (void) pthread_cond_broadcast(&rnip->rni_cv); 5712 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5713 return (REP_PROTOCOL_DONE); 5714 } 5715 5716 static void 5717 rc_notify_info_reset(rc_notify_info_t *rnip) 5718 { 5719 int i; 5720 5721 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5722 if (rnip->rni_flags & RC_NOTIFY_ACTIVE) 5723 rc_notify_info_remove_locked(rnip); 5724 assert(!(rnip->rni_flags & (RC_NOTIFY_DRAIN | RC_NOTIFY_EMPTYING))); 5725 rnip->rni_flags |= RC_NOTIFY_EMPTYING; 5726 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5727 5728 for (i = 0; i < RC_NOTIFY_MAX_NAMES; i++) { 5729 if (rnip->rni_namelist[i] != NULL) { 5730 free((void *)rnip->rni_namelist[i]); 5731 rnip->rni_namelist[i] = NULL; 5732 } 5733 if (rnip->rni_typelist[i] != NULL) { 5734 free((void *)rnip->rni_typelist[i]); 5735 rnip->rni_typelist[i] = NULL; 5736 } 5737 } 5738 5739 (void) pthread_mutex_lock(&rc_pg_notify_lock); 5740 rnip->rni_flags &= ~RC_NOTIFY_EMPTYING; 5741 (void) pthread_mutex_unlock(&rc_pg_notify_lock); 5742 } 5743 5744 void 5745 rc_notify_info_fini(rc_notify_info_t *rnip) 5746 { 5747 rc_notify_info_reset(rnip); 5748 5749 uu_list_node_fini(rnip, &rnip->rni_list_node, rc_notify_info_pool); 5750 uu_list_node_fini(&rnip->rni_notify, &rnip->rni_notify.rcn_list_node, 5751 rc_notify_pool); 5752 } 5753