Print this page
7281 mdnsd needs to try harder to send goodbye requests
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/svc/startd/graph.c
+++ new/usr/src/cmd/svc/startd/graph.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Copyright (c) 2015, Syneto S.R.L. All rights reserved.
25 + * Copyright 2016 RackTop Systems.
25 26 */
26 27
27 28 /*
28 29 * graph.c - master restarter graph engine
29 30 *
30 31 * The graph engine keeps a dependency graph of all service instances on the
31 32 * system, as recorded in the repository. It decides when services should
32 33 * be brought up or down based on service states and dependencies and sends
33 34 * commands to restarters to effect any changes. It also executes
34 35 * administrator commands sent by svcadm via the repository.
35 36 *
36 37 * The graph is stored in uu_list_t *dgraph and its vertices are
37 38 * graph_vertex_t's, each of which has a name and an integer id unique to
38 39 * its name (see dict.c). A vertex's type attribute designates the type
39 40 * of object it represents: GVT_INST for service instances, GVT_SVC for
40 41 * service objects (since service instances may depend on another service,
41 42 * rather than service instance), GVT_FILE for files (which services may
42 43 * depend on), and GVT_GROUP for dependencies on multiple objects. GVT_GROUP
43 44 * vertices are necessary because dependency lists may have particular
44 45 * grouping types (require any, require all, optional, or exclude) and
45 46 * event-propagation characteristics.
46 47 *
47 48 * The initial graph is built by libscf_populate_graph() invoking
48 49 * dgraph_add_instance() for each instance in the repository. The function
49 50 * adds a GVT_SVC vertex for the service if one does not already exist, adds
50 51 * a GVT_INST vertex named by the FMRI of the instance, and sets up the edges.
51 52 * The resulting web of vertices & edges associated with an instance's vertex
52 53 * includes
53 54 *
54 55 * - an edge from the GVT_SVC vertex for the instance's service
55 56 *
56 57 * - an edge to the GVT_INST vertex of the instance's resarter, if its
57 58 * restarter is not svc.startd
58 59 *
59 60 * - edges from other GVT_INST vertices if the instance is a restarter
60 61 *
61 62 * - for each dependency property group in the instance's "running"
62 63 * snapshot, an edge to a GVT_GROUP vertex named by the FMRI of the
63 64 * instance and the name of the property group
64 65 *
65 66 * - for each value of the "entities" property in each dependency property
66 67 * group, an edge from the corresponding GVT_GROUP vertex to a
67 68 * GVT_INST, GVT_SVC, or GVT_FILE vertex
68 69 *
69 70 * - edges from GVT_GROUP vertices for each dependent instance
70 71 *
71 72 * After the edges are set up the vertex's GV_CONFIGURED flag is set. If
72 73 * there are problems, or if a service is mentioned in a dependency but does
73 74 * not exist in the repository, the GV_CONFIGURED flag will be clear.
74 75 *
75 76 * The graph and all of its vertices are protected by the dgraph_lock mutex.
76 77 * See restarter.c for more information.
77 78 *
78 79 * The properties of an instance fall into two classes: immediate and
79 80 * snapshotted. Immediate properties should have an immediate effect when
80 81 * changed. Snapshotted properties should be read from a snapshot, so they
81 82 * only change when the snapshot changes. The immediate properties used by
82 83 * the graph engine are general/enabled, general/restarter, and the properties
83 84 * in the restarter_actions property group. Since they are immediate, they
84 85 * are not read out of a snapshot. The snapshotted properties used by the
85 86 * graph engine are those in the property groups with type "dependency" and
86 87 * are read out of the "running" snapshot. The "running" snapshot is created
87 88 * by the the graph engine as soon as possible, and it is updated, along with
88 89 * in-core copies of the data (dependency information for the graph engine) on
89 90 * receipt of the refresh command from svcadm. In addition, the graph engine
90 91 * updates the "start" snapshot from the "running" snapshot whenever a service
91 92 * comes online.
92 93 *
93 94 * When a DISABLE event is requested by the administrator, svc.startd shutdown
94 95 * the dependents first before shutting down the requested service.
95 96 * In graph_enable_by_vertex, we create a subtree that contains the dependent
96 97 * vertices by marking those vertices with the GV_TOOFFLINE flag. And we mark
97 98 * the vertex to disable with the GV_TODISABLE flag. Once the tree is created,
98 99 * we send the _ADMIN_DISABLE event to the leaves. The leaves will then
99 100 * transition from STATE_ONLINE/STATE_DEGRADED to STATE_OFFLINE/STATE_MAINT.
100 101 * In gt_enter_offline and gt_enter_maint if the vertex was in a subtree then
101 102 * we clear the GV_TOOFFLINE flag and walk the dependencies to offline the new
102 103 * exposed leaves. We do the same until we reach the last leaf (the one with
103 104 * the GV_TODISABLE flag). If the vertex to disable is also part of a larger
104 105 * subtree (eg. multiple DISABLE events on vertices in the same subtree) then
105 106 * once the first vertex is disabled (GV_TODISABLE flag is removed), we
106 107 * continue to propagate the offline event to the vertex's dependencies.
107 108 *
108 109 *
109 110 * SMF state transition notifications
110 111 *
111 112 * When an instance of a service managed by SMF changes state, svc.startd may
112 113 * publish a GPEC sysevent. All transitions to or from maintenance, a
113 114 * transition cause by a hardware error will generate an event.
114 115 * Other transitions will generate an event if there exist notification
115 116 * parameter for that transition. Notification parameters are stored in the
116 117 * SMF repository for the service/instance they refer to. System-wide
117 118 * notification parameters are stored in the global instance.
118 119 * svc.startd can be told to send events for all SMF state transitions despite
119 120 * of notification parameters by setting options/info_events_all to true in
120 121 * restarter:default
121 122 *
122 123 * The set of transitions that generate events is cached in the
123 124 * dgraph_vertex_t gv_stn_tset for service/instance and in the global
124 125 * stn_global for the system-wide set. They are re-read when instances are
125 126 * refreshed.
126 127 *
127 128 * The GPEC events published by svc.startd are consumed by fmd(1M). After
128 129 * processing these events, fmd(1M) publishes the processed events to
129 130 * notification agents. The notification agents read the notification
130 131 * parameters from the SMF repository through libscf(3LIB) interfaces and send
131 132 * the notification, or not, based on those parameters.
132 133 *
133 134 * Subscription and publishing to the GPEC channels is done with the
134 135 * libfmevent(3LIB) wrappers fmev_[r]publish_*() and
135 136 * fmev_shdl_(un)subscribe().
136 137 *
137 138 */
138 139
139 140 #include <sys/uadmin.h>
140 141 #include <sys/wait.h>
141 142
142 143 #include <assert.h>
143 144 #include <errno.h>
144 145 #include <fcntl.h>
145 146 #include <fm/libfmevent.h>
146 147 #include <libscf.h>
147 148 #include <libscf_priv.h>
148 149 #include <librestart.h>
149 150 #include <libuutil.h>
150 151 #include <locale.h>
151 152 #include <poll.h>
152 153 #include <pthread.h>
153 154 #include <signal.h>
154 155 #include <stddef.h>
155 156 #include <stdio.h>
156 157 #include <stdlib.h>
157 158 #include <string.h>
158 159 #include <strings.h>
159 160 #include <sys/statvfs.h>
160 161 #include <sys/uadmin.h>
161 162 #include <zone.h>
162 163 #if defined(__i386)
163 164 #include <libgrubmgmt.h>
164 165 #endif /* __i386 */
165 166
166 167 #include "startd.h"
167 168 #include "protocol.h"
168 169
169 170
170 171 #define MILESTONE_NONE ((graph_vertex_t *)1)
171 172
172 173 #define CONSOLE_LOGIN_FMRI "svc:/system/console-login:default"
173 174 #define FS_MINIMAL_FMRI "svc:/system/filesystem/minimal:default"
174 175
175 176 #define VERTEX_REMOVED 0 /* vertex has been freed */
176 177 #define VERTEX_INUSE 1 /* vertex is still in use */
177 178
178 179 #define IS_ENABLED(v) ((v)->gv_flags & (GV_ENABLED | GV_ENBLD_NOOVR))
179 180
180 181 /*
181 182 * stn_global holds the tset for the system wide notification parameters.
182 183 * It is updated on refresh of svc:/system/svc/global:default
183 184 *
184 185 * There are two assumptions that relax the need for a mutex:
185 186 * 1. 32-bit value assignments are atomic
186 187 * 2. Its value is consumed only in one point at
187 188 * dgraph_state_transition_notify(). There are no test and set races.
188 189 *
189 190 * If either assumption is broken, we'll need a mutex to synchronize
190 191 * access to stn_global
191 192 */
192 193 int32_t stn_global;
193 194 /*
194 195 * info_events_all holds a flag to override notification parameters and send
195 196 * Information events for all state transitions.
196 197 * same about the need of a mutex here.
197 198 */
198 199 int info_events_all;
199 200
|
↓ open down ↓ |
165 lines elided |
↑ open up ↑ |
200 201 /*
201 202 * Services in these states are not considered 'down' by the
202 203 * milestone/shutdown code.
203 204 */
204 205 #define up_state(state) ((state) == RESTARTER_STATE_ONLINE || \
205 206 (state) == RESTARTER_STATE_DEGRADED || \
206 207 (state) == RESTARTER_STATE_OFFLINE)
207 208
208 209 #define is_depgrp_bypassed(v) ((v->gv_type == GVT_GROUP) && \
209 210 ((v->gv_depgroup == DEPGRP_EXCLUDE_ALL) || \
210 - (v->gv_depgroup == DEPGRP_OPTIONAL_ALL) || \
211 211 (v->gv_restart < RERR_RESTART)))
212 212
213 213 static uu_list_pool_t *graph_edge_pool, *graph_vertex_pool;
214 214 static uu_list_t *dgraph;
215 215 static pthread_mutex_t dgraph_lock;
216 216
217 217 /*
218 218 * milestone indicates the current subgraph. When NULL, it is the entire
219 219 * graph. When MILESTONE_NONE, it is the empty graph. Otherwise, it is all
220 220 * services on which the target vertex depends.
221 221 */
222 222 static graph_vertex_t *milestone = NULL;
223 223 static boolean_t initial_milestone_set = B_FALSE;
224 224 static pthread_cond_t initial_milestone_cv = PTHREAD_COND_INITIALIZER;
225 225
226 226 /* protected by dgraph_lock */
227 227 static boolean_t sulogin_thread_running = B_FALSE;
228 228 static boolean_t sulogin_running = B_FALSE;
229 229 static boolean_t console_login_ready = B_FALSE;
230 230
231 231 /* Number of services to come down to complete milestone transition. */
232 232 static uint_t non_subgraph_svcs;
233 233
234 234 /*
235 235 * These variables indicate what should be done when we reach the milestone
236 236 * target milestone, i.e., when non_subgraph_svcs == 0. They are acted upon in
237 237 * dgraph_set_instance_state().
238 238 */
239 239 static int halting = -1;
240 240 static boolean_t go_single_user_mode = B_FALSE;
241 241 static boolean_t go_to_level1 = B_FALSE;
242 242
243 243 /*
244 244 * Tracks when we started halting.
245 245 */
246 246 static time_t halting_time = 0;
247 247
248 248 /*
249 249 * This tracks the legacy runlevel to ensure we signal init and manage
250 250 * utmpx entries correctly.
251 251 */
252 252 static char current_runlevel = '\0';
253 253
254 254 /* Number of single user threads currently running */
255 255 static pthread_mutex_t single_user_thread_lock;
256 256 static int single_user_thread_count = 0;
257 257
258 258 /* Statistics for dependency cycle-checking */
259 259 static u_longlong_t dep_inserts = 0;
260 260 static u_longlong_t dep_cycle_ns = 0;
261 261 static u_longlong_t dep_insert_ns = 0;
262 262
263 263
264 264 static const char * const emsg_invalid_restarter =
265 265 "Transitioning %s to maintenance, restarter FMRI %s is invalid "
266 266 "(see 'svcs -xv' for details).\n";
267 267 static const char * const console_login_fmri = CONSOLE_LOGIN_FMRI;
268 268 static const char * const single_user_fmri = SCF_MILESTONE_SINGLE_USER;
269 269 static const char * const multi_user_fmri = SCF_MILESTONE_MULTI_USER;
270 270 static const char * const multi_user_svr_fmri = SCF_MILESTONE_MULTI_USER_SERVER;
271 271
272 272
273 273 /*
274 274 * These services define the system being "up". If none of them can come
275 275 * online, then we will run sulogin on the console. Note that the install ones
276 276 * are for the miniroot and when installing CDs after the first. can_come_up()
277 277 * does the decision making, and an sulogin_thread() runs sulogin, which can be
278 278 * started by dgraph_set_instance_state() or single_user_thread().
279 279 *
280 280 * NOTE: can_come_up() relies on SCF_MILESTONE_SINGLE_USER being the first
281 281 * entry, which is only used when booting_to_single_user (boot -s) is set.
282 282 * This is because when doing a "boot -s", sulogin is started from specials.c
283 283 * after milestone/single-user comes online, for backwards compatibility.
284 284 * In this case, SCF_MILESTONE_SINGLE_USER needs to be part of up_svcs
285 285 * to ensure sulogin will be spawned if milestone/single-user cannot be reached.
286 286 */
287 287 static const char * const up_svcs[] = {
288 288 SCF_MILESTONE_SINGLE_USER,
289 289 CONSOLE_LOGIN_FMRI,
290 290 "svc:/system/install-setup:default",
291 291 "svc:/system/install:default",
292 292 NULL
293 293 };
294 294
295 295 /* This array must have an element for each non-NULL element of up_svcs[]. */
296 296 static graph_vertex_t *up_svcs_p[] = { NULL, NULL, NULL, NULL };
297 297
298 298 /* These are for seed repository magic. See can_come_up(). */
299 299 static const char * const manifest_import = SCF_INSTANCE_MI;
300 300 static graph_vertex_t *manifest_import_p = NULL;
301 301
302 302
303 303 static char target_milestone_as_runlevel(void);
304 304 static void graph_runlevel_changed(char rl, int online);
305 305 static int dgraph_set_milestone(const char *, scf_handle_t *, boolean_t);
306 306 static boolean_t should_be_in_subgraph(graph_vertex_t *v);
307 307 static int mark_subtree(graph_edge_t *, void *);
308 308 static boolean_t insubtree_dependents_down(graph_vertex_t *);
309 309
310 310 /*
311 311 * graph_vertex_compare()
312 312 * This function can compare either int *id or * graph_vertex_t *gv
313 313 * values, as the vertex id is always the first element of a
314 314 * graph_vertex structure.
315 315 */
316 316 /* ARGSUSED */
317 317 static int
318 318 graph_vertex_compare(const void *lc_arg, const void *rc_arg, void *private)
319 319 {
320 320 int lc_id = ((const graph_vertex_t *)lc_arg)->gv_id;
321 321 int rc_id = *(int *)rc_arg;
322 322
323 323 if (lc_id > rc_id)
324 324 return (1);
325 325 if (lc_id < rc_id)
326 326 return (-1);
327 327 return (0);
328 328 }
329 329
330 330 void
331 331 graph_init()
332 332 {
333 333 graph_edge_pool = startd_list_pool_create("graph_edges",
334 334 sizeof (graph_edge_t), offsetof(graph_edge_t, ge_link), NULL,
335 335 UU_LIST_POOL_DEBUG);
336 336 assert(graph_edge_pool != NULL);
337 337
338 338 graph_vertex_pool = startd_list_pool_create("graph_vertices",
339 339 sizeof (graph_vertex_t), offsetof(graph_vertex_t, gv_link),
340 340 graph_vertex_compare, UU_LIST_POOL_DEBUG);
341 341 assert(graph_vertex_pool != NULL);
342 342
343 343 (void) pthread_mutex_init(&dgraph_lock, &mutex_attrs);
344 344 (void) pthread_mutex_init(&single_user_thread_lock, &mutex_attrs);
345 345 dgraph = startd_list_create(graph_vertex_pool, NULL, UU_LIST_SORTED);
346 346 assert(dgraph != NULL);
347 347
348 348 if (!st->st_initial)
349 349 current_runlevel = utmpx_get_runlevel();
350 350
351 351 log_framework(LOG_DEBUG, "Initialized graph\n");
352 352 }
353 353
354 354 static graph_vertex_t *
355 355 vertex_get_by_name(const char *name)
356 356 {
357 357 int id;
358 358
359 359 assert(MUTEX_HELD(&dgraph_lock));
360 360
361 361 id = dict_lookup_byname(name);
362 362 if (id == -1)
363 363 return (NULL);
364 364
365 365 return (uu_list_find(dgraph, &id, NULL, NULL));
366 366 }
367 367
368 368 static graph_vertex_t *
369 369 vertex_get_by_id(int id)
370 370 {
371 371 assert(MUTEX_HELD(&dgraph_lock));
372 372
373 373 if (id == -1)
374 374 return (NULL);
375 375
376 376 return (uu_list_find(dgraph, &id, NULL, NULL));
377 377 }
378 378
379 379 /*
380 380 * Creates a new vertex with the given name, adds it to the graph, and returns
381 381 * a pointer to it. The graph lock must be held by this thread on entry.
382 382 */
383 383 static graph_vertex_t *
384 384 graph_add_vertex(const char *name)
385 385 {
386 386 int id;
387 387 graph_vertex_t *v;
388 388 void *p;
389 389 uu_list_index_t idx;
390 390
391 391 assert(MUTEX_HELD(&dgraph_lock));
392 392
393 393 id = dict_insert(name);
394 394
395 395 v = startd_zalloc(sizeof (*v));
396 396
397 397 v->gv_id = id;
398 398
399 399 v->gv_name = startd_alloc(strlen(name) + 1);
400 400 (void) strcpy(v->gv_name, name);
401 401
402 402 v->gv_dependencies = startd_list_create(graph_edge_pool, v, 0);
403 403 v->gv_dependents = startd_list_create(graph_edge_pool, v, 0);
404 404
405 405 p = uu_list_find(dgraph, &id, NULL, &idx);
406 406 assert(p == NULL);
407 407
408 408 uu_list_node_init(v, &v->gv_link, graph_vertex_pool);
409 409 uu_list_insert(dgraph, v, idx);
410 410
411 411 return (v);
412 412 }
413 413
414 414 /*
415 415 * Removes v from the graph and frees it. The graph should be locked by this
416 416 * thread, and v should have no edges associated with it.
417 417 */
418 418 static void
419 419 graph_remove_vertex(graph_vertex_t *v)
420 420 {
421 421 assert(MUTEX_HELD(&dgraph_lock));
422 422
423 423 assert(uu_list_numnodes(v->gv_dependencies) == 0);
424 424 assert(uu_list_numnodes(v->gv_dependents) == 0);
425 425 assert(v->gv_refs == 0);
426 426
427 427 startd_free(v->gv_name, strlen(v->gv_name) + 1);
428 428 uu_list_destroy(v->gv_dependencies);
429 429 uu_list_destroy(v->gv_dependents);
430 430 uu_list_remove(dgraph, v);
431 431
432 432 startd_free(v, sizeof (graph_vertex_t));
433 433 }
434 434
435 435 static void
436 436 graph_add_edge(graph_vertex_t *fv, graph_vertex_t *tv)
437 437 {
438 438 graph_edge_t *e, *re;
439 439 int r;
440 440
441 441 assert(MUTEX_HELD(&dgraph_lock));
442 442
443 443 e = startd_alloc(sizeof (graph_edge_t));
444 444 re = startd_alloc(sizeof (graph_edge_t));
445 445
446 446 e->ge_parent = fv;
447 447 e->ge_vertex = tv;
448 448
449 449 re->ge_parent = tv;
450 450 re->ge_vertex = fv;
451 451
452 452 uu_list_node_init(e, &e->ge_link, graph_edge_pool);
453 453 r = uu_list_insert_before(fv->gv_dependencies, NULL, e);
454 454 assert(r == 0);
455 455
456 456 uu_list_node_init(re, &re->ge_link, graph_edge_pool);
457 457 r = uu_list_insert_before(tv->gv_dependents, NULL, re);
458 458 assert(r == 0);
459 459 }
460 460
461 461 static void
462 462 graph_remove_edge(graph_vertex_t *v, graph_vertex_t *dv)
463 463 {
464 464 graph_edge_t *e;
465 465
466 466 for (e = uu_list_first(v->gv_dependencies);
467 467 e != NULL;
468 468 e = uu_list_next(v->gv_dependencies, e)) {
469 469 if (e->ge_vertex == dv) {
470 470 uu_list_remove(v->gv_dependencies, e);
471 471 startd_free(e, sizeof (graph_edge_t));
472 472 break;
473 473 }
474 474 }
475 475
476 476 for (e = uu_list_first(dv->gv_dependents);
477 477 e != NULL;
478 478 e = uu_list_next(dv->gv_dependents, e)) {
479 479 if (e->ge_vertex == v) {
480 480 uu_list_remove(dv->gv_dependents, e);
481 481 startd_free(e, sizeof (graph_edge_t));
482 482 break;
483 483 }
484 484 }
485 485 }
486 486
487 487 static void
488 488 remove_inst_vertex(graph_vertex_t *v)
489 489 {
490 490 graph_edge_t *e;
491 491 graph_vertex_t *sv;
492 492 int i;
493 493
494 494 assert(MUTEX_HELD(&dgraph_lock));
495 495 assert(uu_list_numnodes(v->gv_dependents) == 1);
496 496 assert(uu_list_numnodes(v->gv_dependencies) == 0);
497 497 assert(v->gv_refs == 0);
498 498 assert((v->gv_flags & GV_CONFIGURED) == 0);
499 499
500 500 e = uu_list_first(v->gv_dependents);
501 501 sv = e->ge_vertex;
502 502 graph_remove_edge(sv, v);
503 503
504 504 for (i = 0; up_svcs[i] != NULL; ++i) {
505 505 if (up_svcs_p[i] == v)
506 506 up_svcs_p[i] = NULL;
507 507 }
508 508
509 509 if (manifest_import_p == v)
510 510 manifest_import_p = NULL;
511 511
512 512 graph_remove_vertex(v);
513 513
514 514 if (uu_list_numnodes(sv->gv_dependencies) == 0 &&
515 515 uu_list_numnodes(sv->gv_dependents) == 0 &&
516 516 sv->gv_refs == 0)
517 517 graph_remove_vertex(sv);
518 518 }
519 519
520 520 static void
521 521 graph_walk_dependents(graph_vertex_t *v, void (*func)(graph_vertex_t *, void *),
522 522 void *arg)
523 523 {
524 524 graph_edge_t *e;
525 525
526 526 for (e = uu_list_first(v->gv_dependents);
527 527 e != NULL;
528 528 e = uu_list_next(v->gv_dependents, e))
529 529 func(e->ge_vertex, arg);
530 530 }
531 531
532 532 static void
533 533 graph_walk_dependencies(graph_vertex_t *v, void (*func)(graph_vertex_t *,
534 534 void *), void *arg)
535 535 {
536 536 graph_edge_t *e;
537 537
538 538 assert(MUTEX_HELD(&dgraph_lock));
539 539
540 540 for (e = uu_list_first(v->gv_dependencies);
541 541 e != NULL;
542 542 e = uu_list_next(v->gv_dependencies, e)) {
543 543
544 544 func(e->ge_vertex, arg);
545 545 }
546 546 }
547 547
548 548 /*
549 549 * Generic graph walking function.
550 550 *
551 551 * Given a vertex, this function will walk either dependencies
552 552 * (WALK_DEPENDENCIES) or dependents (WALK_DEPENDENTS) of a vertex recursively
553 553 * for the entire graph. It will avoid cycles and never visit the same vertex
554 554 * twice.
555 555 *
556 556 * We avoid traversing exclusion dependencies, because they are allowed to
557 557 * create cycles in the graph. When propagating satisfiability, there is no
558 558 * need to walk exclusion dependencies because exclude_all_satisfied() doesn't
559 559 * test for satisfiability.
560 560 *
561 561 * The walker takes two callbacks. The first is called before examining the
562 562 * dependents of each vertex. The second is called on each vertex after
563 563 * examining its dependents. This allows is_path_to() to construct a path only
564 564 * after the target vertex has been found.
565 565 */
566 566 typedef enum {
567 567 WALK_DEPENDENTS,
568 568 WALK_DEPENDENCIES
569 569 } graph_walk_dir_t;
570 570
571 571 typedef int (*graph_walk_cb_t)(graph_vertex_t *, void *);
572 572
573 573 typedef struct graph_walk_info {
574 574 graph_walk_dir_t gi_dir;
575 575 uchar_t *gi_visited; /* vertex bitmap */
576 576 int (*gi_pre)(graph_vertex_t *, void *);
577 577 void (*gi_post)(graph_vertex_t *, void *);
578 578 void *gi_arg; /* callback arg */
579 579 int gi_ret; /* return value */
580 580 } graph_walk_info_t;
581 581
582 582 static int
583 583 graph_walk_recurse(graph_edge_t *e, graph_walk_info_t *gip)
584 584 {
585 585 uu_list_t *list;
586 586 int r;
587 587 graph_vertex_t *v = e->ge_vertex;
588 588 int i;
589 589 uint_t b;
590 590
591 591 i = v->gv_id / 8;
592 592 b = 1 << (v->gv_id % 8);
593 593
594 594 /*
595 595 * Check to see if we've visited this vertex already.
596 596 */
597 597 if (gip->gi_visited[i] & b)
598 598 return (UU_WALK_NEXT);
599 599
600 600 gip->gi_visited[i] |= b;
601 601
602 602 /*
603 603 * Don't follow exclusions.
604 604 */
605 605 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
606 606 return (UU_WALK_NEXT);
607 607
608 608 /*
609 609 * Call pre-visit callback. If this doesn't terminate the walk,
610 610 * continue search.
611 611 */
612 612 if ((gip->gi_ret = gip->gi_pre(v, gip->gi_arg)) == UU_WALK_NEXT) {
613 613 /*
614 614 * Recurse using appropriate list.
615 615 */
616 616 if (gip->gi_dir == WALK_DEPENDENTS)
617 617 list = v->gv_dependents;
618 618 else
619 619 list = v->gv_dependencies;
620 620
621 621 r = uu_list_walk(list, (uu_walk_fn_t *)graph_walk_recurse,
622 622 gip, 0);
623 623 assert(r == 0);
624 624 }
625 625
626 626 /*
627 627 * Callbacks must return either UU_WALK_NEXT or UU_WALK_DONE.
628 628 */
629 629 assert(gip->gi_ret == UU_WALK_NEXT || gip->gi_ret == UU_WALK_DONE);
630 630
631 631 /*
632 632 * If given a post-callback, call the function for every vertex.
633 633 */
634 634 if (gip->gi_post != NULL)
635 635 (void) gip->gi_post(v, gip->gi_arg);
636 636
637 637 /*
638 638 * Preserve the callback's return value. If the callback returns
639 639 * UU_WALK_DONE, then we propagate that to the caller in order to
640 640 * terminate the walk.
641 641 */
642 642 return (gip->gi_ret);
643 643 }
644 644
645 645 static void
646 646 graph_walk(graph_vertex_t *v, graph_walk_dir_t dir,
647 647 int (*pre)(graph_vertex_t *, void *),
648 648 void (*post)(graph_vertex_t *, void *), void *arg)
649 649 {
650 650 graph_walk_info_t gi;
651 651 graph_edge_t fake;
652 652 size_t sz = dictionary->dict_new_id / 8 + 1;
653 653
654 654 gi.gi_visited = startd_zalloc(sz);
655 655 gi.gi_pre = pre;
656 656 gi.gi_post = post;
657 657 gi.gi_arg = arg;
658 658 gi.gi_dir = dir;
659 659 gi.gi_ret = 0;
660 660
661 661 /*
662 662 * Fake up an edge for the first iteration
663 663 */
664 664 fake.ge_vertex = v;
665 665 (void) graph_walk_recurse(&fake, &gi);
666 666
667 667 startd_free(gi.gi_visited, sz);
668 668 }
669 669
670 670 typedef struct child_search {
671 671 int id; /* id of vertex to look for */
672 672 uint_t depth; /* recursion depth */
673 673 /*
674 674 * While the vertex is not found, path is NULL. After the search, if
675 675 * the vertex was found then path should point to a -1-terminated
676 676 * array of vertex id's which constitute the path to the vertex.
677 677 */
678 678 int *path;
679 679 } child_search_t;
680 680
681 681 static int
682 682 child_pre(graph_vertex_t *v, void *arg)
683 683 {
684 684 child_search_t *cs = arg;
685 685
686 686 cs->depth++;
687 687
688 688 if (v->gv_id == cs->id) {
689 689 cs->path = startd_alloc((cs->depth + 1) * sizeof (int));
690 690 cs->path[cs->depth] = -1;
691 691 return (UU_WALK_DONE);
692 692 }
693 693
694 694 return (UU_WALK_NEXT);
695 695 }
696 696
697 697 static void
698 698 child_post(graph_vertex_t *v, void *arg)
699 699 {
700 700 child_search_t *cs = arg;
701 701
702 702 cs->depth--;
703 703
704 704 if (cs->path != NULL)
705 705 cs->path[cs->depth] = v->gv_id;
706 706 }
707 707
708 708 /*
709 709 * Look for a path from from to to. If one exists, returns a pointer to
710 710 * a NULL-terminated array of pointers to the vertices along the path. If
711 711 * there is no path, returns NULL.
712 712 */
713 713 static int *
714 714 is_path_to(graph_vertex_t *from, graph_vertex_t *to)
715 715 {
716 716 child_search_t cs;
717 717
718 718 cs.id = to->gv_id;
719 719 cs.depth = 0;
720 720 cs.path = NULL;
721 721
722 722 graph_walk(from, WALK_DEPENDENCIES, child_pre, child_post, &cs);
723 723
724 724 return (cs.path);
725 725 }
726 726
727 727 /*
728 728 * Given an array of int's as returned by is_path_to, allocates a string of
729 729 * their names joined by newlines. Returns the size of the allocated buffer
730 730 * in *sz and frees path.
731 731 */
732 732 static void
733 733 path_to_str(int *path, char **cpp, size_t *sz)
734 734 {
735 735 int i;
736 736 graph_vertex_t *v;
737 737 size_t allocd, new_allocd;
738 738 char *new, *name;
739 739
740 740 assert(MUTEX_HELD(&dgraph_lock));
741 741 assert(path[0] != -1);
742 742
743 743 allocd = 1;
744 744 *cpp = startd_alloc(1);
745 745 (*cpp)[0] = '\0';
746 746
747 747 for (i = 0; path[i] != -1; ++i) {
748 748 name = NULL;
749 749
750 750 v = vertex_get_by_id(path[i]);
751 751
752 752 if (v == NULL)
753 753 name = "<deleted>";
754 754 else if (v->gv_type == GVT_INST || v->gv_type == GVT_SVC)
755 755 name = v->gv_name;
756 756
757 757 if (name != NULL) {
758 758 new_allocd = allocd + strlen(name) + 1;
759 759 new = startd_alloc(new_allocd);
760 760 (void) strcpy(new, *cpp);
761 761 (void) strcat(new, name);
762 762 (void) strcat(new, "\n");
763 763
764 764 startd_free(*cpp, allocd);
765 765
766 766 *cpp = new;
767 767 allocd = new_allocd;
768 768 }
769 769 }
770 770
771 771 startd_free(path, sizeof (int) * (i + 1));
772 772
773 773 *sz = allocd;
774 774 }
775 775
776 776
777 777 /*
778 778 * This function along with run_sulogin() implements an exclusion relationship
779 779 * between system/console-login and sulogin. run_sulogin() will fail if
780 780 * system/console-login is online, and the graph engine should call
781 781 * graph_clogin_start() to bring system/console-login online, which defers the
782 782 * start if sulogin is running.
783 783 */
784 784 static void
785 785 graph_clogin_start(graph_vertex_t *v)
786 786 {
787 787 assert(MUTEX_HELD(&dgraph_lock));
788 788
789 789 if (sulogin_running)
790 790 console_login_ready = B_TRUE;
791 791 else
792 792 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
793 793 }
794 794
795 795 static void
796 796 graph_su_start(graph_vertex_t *v)
797 797 {
798 798 /*
799 799 * /etc/inittab used to have the initial /sbin/rcS as a 'sysinit'
800 800 * entry with a runlevel of 'S', before jumping to the final
801 801 * target runlevel (as set in initdefault). We mimic that legacy
802 802 * behavior here.
803 803 */
804 804 utmpx_set_runlevel('S', '0', B_FALSE);
805 805 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
806 806 }
807 807
808 808 static void
809 809 graph_post_su_online(void)
810 810 {
811 811 graph_runlevel_changed('S', 1);
812 812 }
813 813
814 814 static void
815 815 graph_post_su_disable(void)
816 816 {
817 817 graph_runlevel_changed('S', 0);
818 818 }
819 819
820 820 static void
821 821 graph_post_mu_online(void)
822 822 {
823 823 graph_runlevel_changed('2', 1);
824 824 }
825 825
826 826 static void
827 827 graph_post_mu_disable(void)
828 828 {
829 829 graph_runlevel_changed('2', 0);
830 830 }
831 831
832 832 static void
833 833 graph_post_mus_online(void)
834 834 {
835 835 graph_runlevel_changed('3', 1);
836 836 }
837 837
838 838 static void
839 839 graph_post_mus_disable(void)
840 840 {
841 841 graph_runlevel_changed('3', 0);
842 842 }
843 843
844 844 static struct special_vertex_info {
845 845 const char *name;
846 846 void (*start_f)(graph_vertex_t *);
847 847 void (*post_online_f)(void);
848 848 void (*post_disable_f)(void);
849 849 } special_vertices[] = {
850 850 { CONSOLE_LOGIN_FMRI, graph_clogin_start, NULL, NULL },
851 851 { SCF_MILESTONE_SINGLE_USER, graph_su_start,
852 852 graph_post_su_online, graph_post_su_disable },
853 853 { SCF_MILESTONE_MULTI_USER, NULL,
854 854 graph_post_mu_online, graph_post_mu_disable },
855 855 { SCF_MILESTONE_MULTI_USER_SERVER, NULL,
856 856 graph_post_mus_online, graph_post_mus_disable },
857 857 { NULL },
858 858 };
859 859
860 860
861 861 void
862 862 vertex_send_event(graph_vertex_t *v, restarter_event_type_t e)
863 863 {
864 864 switch (e) {
865 865 case RESTARTER_EVENT_TYPE_ADD_INSTANCE:
866 866 assert(v->gv_state == RESTARTER_STATE_UNINIT);
867 867
868 868 MUTEX_LOCK(&st->st_load_lock);
869 869 st->st_load_instances++;
870 870 MUTEX_UNLOCK(&st->st_load_lock);
871 871 break;
872 872
873 873 case RESTARTER_EVENT_TYPE_ENABLE:
874 874 log_framework(LOG_DEBUG, "Enabling %s.\n", v->gv_name);
875 875 assert(v->gv_state == RESTARTER_STATE_UNINIT ||
876 876 v->gv_state == RESTARTER_STATE_DISABLED ||
877 877 v->gv_state == RESTARTER_STATE_MAINT);
878 878 break;
879 879
880 880 case RESTARTER_EVENT_TYPE_DISABLE:
881 881 case RESTARTER_EVENT_TYPE_ADMIN_DISABLE:
882 882 log_framework(LOG_DEBUG, "Disabling %s.\n", v->gv_name);
883 883 assert(v->gv_state != RESTARTER_STATE_DISABLED);
884 884 break;
885 885
886 886 case RESTARTER_EVENT_TYPE_STOP_RESET:
887 887 case RESTARTER_EVENT_TYPE_STOP:
888 888 log_framework(LOG_DEBUG, "Stopping %s.\n", v->gv_name);
889 889 assert(v->gv_state == RESTARTER_STATE_DEGRADED ||
890 890 v->gv_state == RESTARTER_STATE_ONLINE);
891 891 break;
892 892
893 893 case RESTARTER_EVENT_TYPE_START:
894 894 log_framework(LOG_DEBUG, "Starting %s.\n", v->gv_name);
895 895 assert(v->gv_state == RESTARTER_STATE_OFFLINE);
896 896 break;
897 897
898 898 case RESTARTER_EVENT_TYPE_REMOVE_INSTANCE:
899 899 case RESTARTER_EVENT_TYPE_ADMIN_DEGRADED:
900 900 case RESTARTER_EVENT_TYPE_ADMIN_REFRESH:
901 901 case RESTARTER_EVENT_TYPE_ADMIN_RESTART:
902 902 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_OFF:
903 903 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON:
904 904 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON_IMMEDIATE:
905 905 case RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE:
906 906 case RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY:
907 907 break;
908 908
909 909 default:
910 910 #ifndef NDEBUG
911 911 uu_warn("%s:%d: Bad event %d.\n", __FILE__, __LINE__, e);
912 912 #endif
913 913 abort();
914 914 }
915 915
916 916 restarter_protocol_send_event(v->gv_name, v->gv_restarter_channel, e,
917 917 v->gv_reason);
918 918 }
919 919
920 920 static void
921 921 graph_unset_restarter(graph_vertex_t *v)
922 922 {
923 923 assert(MUTEX_HELD(&dgraph_lock));
924 924 assert(v->gv_flags & GV_CONFIGURED);
925 925
926 926 vertex_send_event(v, RESTARTER_EVENT_TYPE_REMOVE_INSTANCE);
927 927
928 928 if (v->gv_restarter_id != -1) {
929 929 graph_vertex_t *rv;
930 930
931 931 rv = vertex_get_by_id(v->gv_restarter_id);
932 932 graph_remove_edge(v, rv);
933 933 }
934 934
935 935 v->gv_restarter_id = -1;
936 936 v->gv_restarter_channel = NULL;
937 937 }
938 938
939 939 /*
940 940 * Return VERTEX_REMOVED when the vertex passed in argument is deleted from the
941 941 * dgraph otherwise return VERTEX_INUSE.
942 942 */
943 943 static int
944 944 free_if_unrefed(graph_vertex_t *v)
945 945 {
946 946 assert(MUTEX_HELD(&dgraph_lock));
947 947
948 948 if (v->gv_refs > 0)
949 949 return (VERTEX_INUSE);
950 950
951 951 if (v->gv_type == GVT_SVC &&
952 952 uu_list_numnodes(v->gv_dependents) == 0 &&
953 953 uu_list_numnodes(v->gv_dependencies) == 0) {
954 954 graph_remove_vertex(v);
955 955 return (VERTEX_REMOVED);
956 956 } else if (v->gv_type == GVT_INST &&
957 957 (v->gv_flags & GV_CONFIGURED) == 0 &&
958 958 uu_list_numnodes(v->gv_dependents) == 1 &&
959 959 uu_list_numnodes(v->gv_dependencies) == 0) {
960 960 remove_inst_vertex(v);
961 961 return (VERTEX_REMOVED);
962 962 }
963 963
964 964 return (VERTEX_INUSE);
965 965 }
966 966
967 967 static void
968 968 delete_depgroup(graph_vertex_t *v)
969 969 {
970 970 graph_edge_t *e;
971 971 graph_vertex_t *dv;
972 972
973 973 assert(MUTEX_HELD(&dgraph_lock));
974 974 assert(v->gv_type == GVT_GROUP);
975 975 assert(uu_list_numnodes(v->gv_dependents) == 0);
976 976
977 977 while ((e = uu_list_first(v->gv_dependencies)) != NULL) {
978 978 dv = e->ge_vertex;
979 979
980 980 graph_remove_edge(v, dv);
981 981
982 982 switch (dv->gv_type) {
983 983 case GVT_INST: /* instance dependency */
984 984 case GVT_SVC: /* service dependency */
985 985 (void) free_if_unrefed(dv);
986 986 break;
987 987
988 988 case GVT_FILE: /* file dependency */
989 989 assert(uu_list_numnodes(dv->gv_dependencies) == 0);
990 990 if (uu_list_numnodes(dv->gv_dependents) == 0)
991 991 graph_remove_vertex(dv);
992 992 break;
993 993
994 994 default:
995 995 #ifndef NDEBUG
996 996 uu_warn("%s:%d: Unexpected node type %d", __FILE__,
997 997 __LINE__, dv->gv_type);
998 998 #endif
999 999 abort();
1000 1000 }
1001 1001 }
1002 1002
1003 1003 graph_remove_vertex(v);
1004 1004 }
1005 1005
1006 1006 static int
1007 1007 delete_instance_deps_cb(graph_edge_t *e, void **ptrs)
1008 1008 {
1009 1009 graph_vertex_t *v = ptrs[0];
1010 1010 boolean_t delete_restarter_dep = (boolean_t)ptrs[1];
1011 1011 graph_vertex_t *dv;
1012 1012
1013 1013 dv = e->ge_vertex;
1014 1014
1015 1015 /*
1016 1016 * We have four possibilities here:
1017 1017 * - GVT_INST: restarter
1018 1018 * - GVT_GROUP - GVT_INST: instance dependency
1019 1019 * - GVT_GROUP - GVT_SVC - GV_INST: service dependency
1020 1020 * - GVT_GROUP - GVT_FILE: file dependency
1021 1021 */
1022 1022 switch (dv->gv_type) {
1023 1023 case GVT_INST: /* restarter */
1024 1024 assert(dv->gv_id == v->gv_restarter_id);
1025 1025 if (delete_restarter_dep)
1026 1026 graph_remove_edge(v, dv);
1027 1027 break;
1028 1028
1029 1029 case GVT_GROUP: /* pg dependency */
1030 1030 graph_remove_edge(v, dv);
1031 1031 delete_depgroup(dv);
1032 1032 break;
1033 1033
1034 1034 case GVT_FILE:
1035 1035 /* These are currently not direct dependencies */
1036 1036
1037 1037 default:
1038 1038 #ifndef NDEBUG
1039 1039 uu_warn("%s:%d: Bad vertex type %d.\n", __FILE__, __LINE__,
1040 1040 dv->gv_type);
1041 1041 #endif
1042 1042 abort();
1043 1043 }
1044 1044
1045 1045 return (UU_WALK_NEXT);
1046 1046 }
1047 1047
1048 1048 static void
1049 1049 delete_instance_dependencies(graph_vertex_t *v, boolean_t delete_restarter_dep)
1050 1050 {
1051 1051 void *ptrs[2];
1052 1052 int r;
1053 1053
1054 1054 assert(MUTEX_HELD(&dgraph_lock));
1055 1055 assert(v->gv_type == GVT_INST);
1056 1056
1057 1057 ptrs[0] = v;
1058 1058 ptrs[1] = (void *)delete_restarter_dep;
1059 1059
1060 1060 r = uu_list_walk(v->gv_dependencies,
1061 1061 (uu_walk_fn_t *)delete_instance_deps_cb, &ptrs, UU_WALK_ROBUST);
1062 1062 assert(r == 0);
1063 1063 }
1064 1064
1065 1065 /*
1066 1066 * int graph_insert_vertex_unconfigured()
1067 1067 * Insert a vertex without sending any restarter events. If the vertex
1068 1068 * already exists or creation is successful, return a pointer to it in *vp.
1069 1069 *
1070 1070 * If type is not GVT_GROUP, dt can remain unset.
1071 1071 *
1072 1072 * Returns 0, EEXIST, or EINVAL if the arguments are invalid (i.e., fmri
1073 1073 * doesn't agree with type, or type doesn't agree with dt).
1074 1074 */
1075 1075 static int
1076 1076 graph_insert_vertex_unconfigured(const char *fmri, gv_type_t type,
1077 1077 depgroup_type_t dt, restarter_error_t rt, graph_vertex_t **vp)
1078 1078 {
1079 1079 int r;
1080 1080 int i;
1081 1081
1082 1082 assert(MUTEX_HELD(&dgraph_lock));
1083 1083
1084 1084 switch (type) {
1085 1085 case GVT_SVC:
1086 1086 case GVT_INST:
1087 1087 if (strncmp(fmri, "svc:", sizeof ("svc:") - 1) != 0)
1088 1088 return (EINVAL);
1089 1089 break;
1090 1090
1091 1091 case GVT_FILE:
1092 1092 if (strncmp(fmri, "file:", sizeof ("file:") - 1) != 0)
1093 1093 return (EINVAL);
1094 1094 break;
1095 1095
1096 1096 case GVT_GROUP:
1097 1097 if (dt <= 0 || rt < 0)
1098 1098 return (EINVAL);
1099 1099 break;
1100 1100
1101 1101 default:
1102 1102 #ifndef NDEBUG
1103 1103 uu_warn("%s:%d: Unknown type %d.\n", __FILE__, __LINE__, type);
1104 1104 #endif
1105 1105 abort();
1106 1106 }
1107 1107
1108 1108 *vp = vertex_get_by_name(fmri);
1109 1109 if (*vp != NULL)
1110 1110 return (EEXIST);
1111 1111
1112 1112 *vp = graph_add_vertex(fmri);
1113 1113
1114 1114 (*vp)->gv_type = type;
1115 1115 (*vp)->gv_depgroup = dt;
1116 1116 (*vp)->gv_restart = rt;
1117 1117
1118 1118 (*vp)->gv_flags = 0;
1119 1119 (*vp)->gv_state = RESTARTER_STATE_NONE;
1120 1120
1121 1121 for (i = 0; special_vertices[i].name != NULL; ++i) {
1122 1122 if (strcmp(fmri, special_vertices[i].name) == 0) {
1123 1123 (*vp)->gv_start_f = special_vertices[i].start_f;
1124 1124 (*vp)->gv_post_online_f =
1125 1125 special_vertices[i].post_online_f;
1126 1126 (*vp)->gv_post_disable_f =
1127 1127 special_vertices[i].post_disable_f;
1128 1128 break;
1129 1129 }
1130 1130 }
1131 1131
1132 1132 (*vp)->gv_restarter_id = -1;
1133 1133 (*vp)->gv_restarter_channel = 0;
1134 1134
1135 1135 if (type == GVT_INST) {
1136 1136 char *sfmri;
1137 1137 graph_vertex_t *sv;
1138 1138
1139 1139 sfmri = inst_fmri_to_svc_fmri(fmri);
1140 1140 sv = vertex_get_by_name(sfmri);
1141 1141 if (sv == NULL) {
1142 1142 r = graph_insert_vertex_unconfigured(sfmri, GVT_SVC, 0,
1143 1143 0, &sv);
1144 1144 assert(r == 0);
1145 1145 }
1146 1146 startd_free(sfmri, max_scf_fmri_size);
1147 1147
1148 1148 graph_add_edge(sv, *vp);
1149 1149 }
1150 1150
1151 1151 /*
1152 1152 * If this vertex is in the subgraph, mark it as so, for both
1153 1153 * GVT_INST and GVT_SERVICE verteces.
1154 1154 * A GVT_SERVICE vertex can only be in the subgraph if another instance
1155 1155 * depends on it, in which case it's already been added to the graph
1156 1156 * and marked as in the subgraph (by refresh_vertex()). If a
1157 1157 * GVT_SERVICE vertex was freshly added (by the code above), it means
1158 1158 * that it has no dependents, and cannot be in the subgraph.
1159 1159 * Regardless of this, we still check that gv_flags includes
1160 1160 * GV_INSUBGRAPH in the event that future behavior causes the above
1161 1161 * code to add a GVT_SERVICE vertex which should be in the subgraph.
1162 1162 */
1163 1163
1164 1164 (*vp)->gv_flags |= (should_be_in_subgraph(*vp)? GV_INSUBGRAPH : 0);
1165 1165
1166 1166 return (0);
1167 1167 }
1168 1168
1169 1169 /*
1170 1170 * Returns 0 on success or ELOOP if the dependency would create a cycle.
1171 1171 */
1172 1172 static int
1173 1173 graph_insert_dependency(graph_vertex_t *fv, graph_vertex_t *tv, int **pathp)
1174 1174 {
1175 1175 hrtime_t now;
1176 1176
1177 1177 assert(MUTEX_HELD(&dgraph_lock));
1178 1178
1179 1179 /* cycle detection */
1180 1180 now = gethrtime();
1181 1181
1182 1182 /* Don't follow exclusions. */
1183 1183 if (!(fv->gv_type == GVT_GROUP &&
1184 1184 fv->gv_depgroup == DEPGRP_EXCLUDE_ALL)) {
1185 1185 *pathp = is_path_to(tv, fv);
1186 1186 if (*pathp)
1187 1187 return (ELOOP);
1188 1188 }
1189 1189
1190 1190 dep_cycle_ns += gethrtime() - now;
1191 1191 ++dep_inserts;
1192 1192 now = gethrtime();
1193 1193
1194 1194 graph_add_edge(fv, tv);
1195 1195
1196 1196 dep_insert_ns += gethrtime() - now;
1197 1197
1198 1198 /* Check if the dependency adds the "to" vertex to the subgraph */
1199 1199 tv->gv_flags |= (should_be_in_subgraph(tv) ? GV_INSUBGRAPH : 0);
1200 1200
1201 1201 return (0);
1202 1202 }
1203 1203
1204 1204 static int
1205 1205 inst_running(graph_vertex_t *v)
1206 1206 {
1207 1207 assert(v->gv_type == GVT_INST);
1208 1208
1209 1209 if (v->gv_state == RESTARTER_STATE_ONLINE ||
1210 1210 v->gv_state == RESTARTER_STATE_DEGRADED)
1211 1211 return (1);
1212 1212
1213 1213 return (0);
1214 1214 }
1215 1215
1216 1216 /*
1217 1217 * The dependency evaluation functions return
1218 1218 * 1 - dependency satisfied
1219 1219 * 0 - dependency unsatisfied
1220 1220 * -1 - dependency unsatisfiable (without administrator intervention)
1221 1221 *
1222 1222 * The functions also take a boolean satbility argument. When true, the
1223 1223 * functions may recurse in order to determine satisfiability.
1224 1224 */
1225 1225 static int require_any_satisfied(graph_vertex_t *, boolean_t);
1226 1226 static int dependency_satisfied(graph_vertex_t *, boolean_t);
1227 1227
1228 1228 /*
1229 1229 * A require_all dependency is unsatisfied if any elements are unsatisfied. It
1230 1230 * is unsatisfiable if any elements are unsatisfiable.
1231 1231 */
1232 1232 static int
1233 1233 require_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1234 1234 {
1235 1235 graph_edge_t *edge;
1236 1236 int i;
1237 1237 boolean_t any_unsatisfied;
1238 1238
1239 1239 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1240 1240 return (1);
1241 1241
1242 1242 any_unsatisfied = B_FALSE;
1243 1243
1244 1244 for (edge = uu_list_first(groupv->gv_dependencies);
1245 1245 edge != NULL;
1246 1246 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1247 1247 i = dependency_satisfied(edge->ge_vertex, satbility);
1248 1248 if (i == 1)
1249 1249 continue;
1250 1250
1251 1251 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1252 1252 "require_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1253 1253 edge->ge_vertex->gv_name, i == 0 ? "ed" : "able");
1254 1254
1255 1255 if (!satbility)
1256 1256 return (0);
1257 1257
1258 1258 if (i == -1)
1259 1259 return (-1);
1260 1260
1261 1261 any_unsatisfied = B_TRUE;
1262 1262 }
1263 1263
1264 1264 return (any_unsatisfied ? 0 : 1);
1265 1265 }
1266 1266
1267 1267 /*
1268 1268 * A require_any dependency is satisfied if any element is satisfied. It is
1269 1269 * satisfiable if any element is satisfiable.
1270 1270 */
1271 1271 static int
1272 1272 require_any_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1273 1273 {
1274 1274 graph_edge_t *edge;
1275 1275 int s;
1276 1276 boolean_t satisfiable;
1277 1277
1278 1278 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1279 1279 return (1);
1280 1280
1281 1281 satisfiable = B_FALSE;
1282 1282
1283 1283 for (edge = uu_list_first(groupv->gv_dependencies);
1284 1284 edge != NULL;
1285 1285 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1286 1286 s = dependency_satisfied(edge->ge_vertex, satbility);
1287 1287
1288 1288 if (s == 1)
1289 1289 return (1);
1290 1290
1291 1291 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1292 1292 "require_any(%s): %s is unsatisfi%s.\n",
1293 1293 groupv->gv_name, edge->ge_vertex->gv_name,
1294 1294 s == 0 ? "ed" : "able");
1295 1295
1296 1296 if (satbility && s == 0)
1297 1297 satisfiable = B_TRUE;
1298 1298 }
1299 1299
1300 1300 return (!satbility || satisfiable ? 0 : -1);
1301 1301 }
1302 1302
1303 1303 /*
1304 1304 * An optional_all dependency only considers elements which are configured,
1305 1305 * enabled, and not in maintenance. If any are unsatisfied, then the dependency
1306 1306 * is unsatisfied.
1307 1307 *
1308 1308 * Offline dependencies which are waiting for a dependency to come online are
1309 1309 * unsatisfied. Offline dependences which cannot possibly come online
1310 1310 * (unsatisfiable) are always considered satisfied.
1311 1311 */
1312 1312 static int
1313 1313 optional_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1314 1314 {
1315 1315 graph_edge_t *edge;
1316 1316 graph_vertex_t *v;
1317 1317 boolean_t any_qualified;
1318 1318 boolean_t any_unsatisfied;
1319 1319 int i;
1320 1320
|
↓ open down ↓ |
1100 lines elided |
↑ open up ↑ |
1321 1321 any_qualified = B_FALSE;
1322 1322 any_unsatisfied = B_FALSE;
1323 1323
1324 1324 for (edge = uu_list_first(groupv->gv_dependencies);
1325 1325 edge != NULL;
1326 1326 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1327 1327 v = edge->ge_vertex;
1328 1328
1329 1329 switch (v->gv_type) {
1330 1330 case GVT_INST:
1331 - /* Skip missing or disabled instances */
1332 - if ((v->gv_flags & (GV_CONFIGURED | GV_ENABLED)) !=
1333 - (GV_CONFIGURED | GV_ENABLED))
1331 + /* Skip missing instances */
1332 + if ((v->gv_flags & GV_CONFIGURED) == 0)
1334 1333 continue;
1335 1334
1336 1335 if (v->gv_state == RESTARTER_STATE_MAINT)
1337 1336 continue;
1338 1337
1339 - if (v->gv_flags & GV_TOOFFLINE)
1340 - continue;
1341 -
1342 1338 any_qualified = B_TRUE;
1343 1339 if (v->gv_state == RESTARTER_STATE_OFFLINE) {
1344 1340 /*
1345 1341 * For offline dependencies, treat unsatisfiable
1346 1342 * as satisfied.
1347 1343 */
1348 1344 i = dependency_satisfied(v, B_TRUE);
1349 1345 if (i == -1)
1350 1346 i = 1;
1351 1347 } else if (v->gv_state == RESTARTER_STATE_DISABLED) {
1352 1348 /*
1353 1349 * The service is enabled, but hasn't
1354 1350 * transitioned out of disabled yet. Treat it
1355 1351 * as unsatisfied (not unsatisfiable).
1356 1352 */
1357 - i = 0;
1353 + i = v->gv_flags & GV_ENABLED ? 0 : 1;
1358 1354 } else {
1359 1355 i = dependency_satisfied(v, satbility);
1360 1356 }
1361 1357 break;
1362 1358
1363 1359 case GVT_FILE:
1364 1360 any_qualified = B_TRUE;
1365 1361 i = dependency_satisfied(v, satbility);
1366 1362
1367 1363 break;
1368 1364
1369 1365 case GVT_SVC: {
1370 1366 boolean_t svc_any_qualified;
1371 1367 boolean_t svc_satisfied;
1372 1368 boolean_t svc_satisfiable;
1373 1369 graph_vertex_t *v2;
1374 1370 graph_edge_t *e2;
1375 1371
|
↓ open down ↓ |
8 lines elided |
↑ open up ↑ |
1376 1372 svc_any_qualified = B_FALSE;
1377 1373 svc_satisfied = B_FALSE;
1378 1374 svc_satisfiable = B_FALSE;
1379 1375
1380 1376 for (e2 = uu_list_first(v->gv_dependencies);
1381 1377 e2 != NULL;
1382 1378 e2 = uu_list_next(v->gv_dependencies, e2)) {
1383 1379 v2 = e2->ge_vertex;
1384 1380 assert(v2->gv_type == GVT_INST);
1385 1381
1386 - if ((v2->gv_flags &
1387 - (GV_CONFIGURED | GV_ENABLED)) !=
1388 - (GV_CONFIGURED | GV_ENABLED))
1382 + if ((v2->gv_flags & GV_CONFIGURED) == 0)
1389 1383 continue;
1390 1384
1391 1385 if (v2->gv_state == RESTARTER_STATE_MAINT)
1392 1386 continue;
1393 1387
1394 - if (v2->gv_flags & GV_TOOFFLINE)
1395 - continue;
1396 -
1397 1388 svc_any_qualified = B_TRUE;
1398 1389
1399 1390 if (v2->gv_state == RESTARTER_STATE_OFFLINE) {
1400 1391 /*
1401 1392 * For offline dependencies, treat
1402 1393 * unsatisfiable as satisfied.
1403 1394 */
1404 1395 i = dependency_satisfied(v2, B_TRUE);
1405 1396 if (i == -1)
1406 1397 i = 1;
1407 1398 } else if (v2->gv_state ==
1408 1399 RESTARTER_STATE_DISABLED) {
1409 - i = 0;
1400 + i = v2->gv_flags & GV_ENABLED ? 0 : 1;
1410 1401 } else {
1411 1402 i = dependency_satisfied(v2, satbility);
1412 1403 }
1413 1404
1414 1405 if (i == 1) {
1415 1406 svc_satisfied = B_TRUE;
1416 1407 break;
1417 1408 }
1418 1409 if (i == 0)
1419 1410 svc_satisfiable = B_TRUE;
1420 1411 }
1421 1412
1422 1413 if (!svc_any_qualified)
1423 1414 continue;
1424 1415 any_qualified = B_TRUE;
1425 1416 if (svc_satisfied) {
1426 1417 i = 1;
1427 1418 } else if (svc_satisfiable) {
1428 1419 i = 0;
1429 1420 } else {
1430 1421 i = -1;
1431 1422 }
1432 1423 break;
1433 1424 }
1434 1425
1435 1426 case GVT_GROUP:
1436 1427 default:
1437 1428 #ifndef NDEBUG
1438 1429 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1439 1430 __LINE__, v->gv_type);
1440 1431 #endif
1441 1432 abort();
1442 1433 }
1443 1434
1444 1435 if (i == 1)
1445 1436 continue;
1446 1437
1447 1438 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1448 1439 "optional_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1449 1440 v->gv_name, i == 0 ? "ed" : "able");
1450 1441
1451 1442 if (!satbility)
1452 1443 return (0);
1453 1444 if (i == -1)
1454 1445 return (-1);
1455 1446 any_unsatisfied = B_TRUE;
1456 1447 }
1457 1448
1458 1449 if (!any_qualified)
1459 1450 return (1);
1460 1451
1461 1452 return (any_unsatisfied ? 0 : 1);
1462 1453 }
1463 1454
1464 1455 /*
1465 1456 * An exclude_all dependency is unsatisfied if any non-service element is
1466 1457 * satisfied or any service instance which is configured, enabled, and not in
1467 1458 * maintenance is satisfied. Usually when unsatisfied, it is also
1468 1459 * unsatisfiable.
1469 1460 */
1470 1461 #define LOG_EXCLUDE(u, v) \
1471 1462 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES, \
1472 1463 "exclude_all(%s): %s is satisfied.\n", \
1473 1464 (u)->gv_name, (v)->gv_name)
1474 1465
1475 1466 /* ARGSUSED */
1476 1467 static int
1477 1468 exclude_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1478 1469 {
1479 1470 graph_edge_t *edge, *e2;
1480 1471 graph_vertex_t *v, *v2;
1481 1472
1482 1473 for (edge = uu_list_first(groupv->gv_dependencies);
1483 1474 edge != NULL;
1484 1475 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1485 1476 v = edge->ge_vertex;
1486 1477
1487 1478 switch (v->gv_type) {
1488 1479 case GVT_INST:
1489 1480 if ((v->gv_flags & GV_CONFIGURED) == 0)
1490 1481 continue;
1491 1482
1492 1483 switch (v->gv_state) {
1493 1484 case RESTARTER_STATE_ONLINE:
1494 1485 case RESTARTER_STATE_DEGRADED:
1495 1486 LOG_EXCLUDE(groupv, v);
1496 1487 return (v->gv_flags & GV_ENABLED ? -1 : 0);
1497 1488
1498 1489 case RESTARTER_STATE_OFFLINE:
1499 1490 case RESTARTER_STATE_UNINIT:
1500 1491 LOG_EXCLUDE(groupv, v);
1501 1492 return (0);
1502 1493
1503 1494 case RESTARTER_STATE_DISABLED:
1504 1495 case RESTARTER_STATE_MAINT:
1505 1496 continue;
1506 1497
1507 1498 default:
1508 1499 #ifndef NDEBUG
1509 1500 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1510 1501 __FILE__, __LINE__, v->gv_state);
1511 1502 #endif
1512 1503 abort();
1513 1504 }
1514 1505 /* NOTREACHED */
1515 1506
1516 1507 case GVT_SVC:
1517 1508 break;
1518 1509
1519 1510 case GVT_FILE:
1520 1511 if (!file_ready(v))
1521 1512 continue;
1522 1513 LOG_EXCLUDE(groupv, v);
1523 1514 return (-1);
1524 1515
1525 1516 case GVT_GROUP:
1526 1517 default:
1527 1518 #ifndef NDEBUG
1528 1519 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1529 1520 __LINE__, v->gv_type);
1530 1521 #endif
1531 1522 abort();
1532 1523 }
1533 1524
1534 1525 /* v represents a service */
1535 1526 if (uu_list_numnodes(v->gv_dependencies) == 0)
1536 1527 continue;
1537 1528
1538 1529 for (e2 = uu_list_first(v->gv_dependencies);
1539 1530 e2 != NULL;
1540 1531 e2 = uu_list_next(v->gv_dependencies, e2)) {
1541 1532 v2 = e2->ge_vertex;
1542 1533 assert(v2->gv_type == GVT_INST);
1543 1534
1544 1535 if ((v2->gv_flags & GV_CONFIGURED) == 0)
1545 1536 continue;
1546 1537
1547 1538 switch (v2->gv_state) {
1548 1539 case RESTARTER_STATE_ONLINE:
1549 1540 case RESTARTER_STATE_DEGRADED:
1550 1541 LOG_EXCLUDE(groupv, v2);
1551 1542 return (v2->gv_flags & GV_ENABLED ? -1 : 0);
1552 1543
1553 1544 case RESTARTER_STATE_OFFLINE:
1554 1545 case RESTARTER_STATE_UNINIT:
1555 1546 LOG_EXCLUDE(groupv, v2);
1556 1547 return (0);
1557 1548
1558 1549 case RESTARTER_STATE_DISABLED:
1559 1550 case RESTARTER_STATE_MAINT:
1560 1551 continue;
1561 1552
1562 1553 default:
1563 1554 #ifndef NDEBUG
1564 1555 uu_warn("%s:%d: Unexpected vertex type %d.\n",
1565 1556 __FILE__, __LINE__, v2->gv_type);
1566 1557 #endif
1567 1558 abort();
1568 1559 }
1569 1560 }
1570 1561 }
1571 1562
1572 1563 return (1);
1573 1564 }
1574 1565
1575 1566 /*
1576 1567 * int instance_satisfied()
1577 1568 * Determine if all the dependencies are satisfied for the supplied instance
1578 1569 * vertex. Return 1 if they are, 0 if they aren't, and -1 if they won't be
1579 1570 * without administrator intervention.
1580 1571 */
1581 1572 static int
1582 1573 instance_satisfied(graph_vertex_t *v, boolean_t satbility)
1583 1574 {
1584 1575 assert(v->gv_type == GVT_INST);
1585 1576 assert(!inst_running(v));
1586 1577
1587 1578 return (require_all_satisfied(v, satbility));
1588 1579 }
1589 1580
1590 1581 /*
1591 1582 * Decide whether v can satisfy a dependency. v can either be a child of
1592 1583 * a group vertex, or of an instance vertex.
1593 1584 */
1594 1585 static int
1595 1586 dependency_satisfied(graph_vertex_t *v, boolean_t satbility)
1596 1587 {
1597 1588 switch (v->gv_type) {
1598 1589 case GVT_INST:
1599 1590 if ((v->gv_flags & GV_CONFIGURED) == 0) {
1600 1591 if (v->gv_flags & GV_DEATHROW) {
|
↓ open down ↓ |
181 lines elided |
↑ open up ↑ |
1601 1592 /*
1602 1593 * A dependency on an instance with GV_DEATHROW
1603 1594 * flag is always considered as satisfied.
1604 1595 */
1605 1596 return (1);
1606 1597 }
1607 1598 return (-1);
1608 1599 }
1609 1600
1610 1601 /*
1611 - * Any vertex with the GV_TOOFFLINE flag set is guaranteed
1612 - * to have its dependencies unsatisfiable.
1602 + * Any vertex with the GV_TODISABLE flag set is guaranteed
1603 + * to have its dependencies unsatisfiable. Any vertex with
1604 + * GV_TOOFFLINE may be satisfied after it transitions.
1613 1605 */
1614 - if (v->gv_flags & GV_TOOFFLINE)
1606 + if (v->gv_flags & GV_TODISABLE)
1615 1607 return (-1);
1608 + if (v->gv_flags & GV_TOOFFLINE)
1609 + return (0);
1616 1610
1617 1611 switch (v->gv_state) {
1618 1612 case RESTARTER_STATE_ONLINE:
1619 1613 case RESTARTER_STATE_DEGRADED:
1620 1614 return (1);
1621 1615
1622 1616 case RESTARTER_STATE_OFFLINE:
1623 1617 if (!satbility)
1624 1618 return (0);
1625 1619 return (instance_satisfied(v, satbility) != -1 ?
1626 1620 0 : -1);
1627 1621
1628 1622 case RESTARTER_STATE_DISABLED:
1629 1623 case RESTARTER_STATE_MAINT:
1630 1624 return (-1);
1631 1625
1632 1626 case RESTARTER_STATE_UNINIT:
1633 1627 return (0);
1634 1628
1635 1629 default:
1636 1630 #ifndef NDEBUG
1637 1631 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1638 1632 __FILE__, __LINE__, v->gv_state);
1639 1633 #endif
1640 1634 abort();
1641 1635 /* NOTREACHED */
1642 1636 }
1643 1637
1644 1638 case GVT_SVC:
1645 1639 if (uu_list_numnodes(v->gv_dependencies) == 0)
1646 1640 return (-1);
1647 1641 return (require_any_satisfied(v, satbility));
1648 1642
1649 1643 case GVT_FILE:
1650 1644 /* i.e., we assume files will not be automatically generated */
1651 1645 return (file_ready(v) ? 1 : -1);
1652 1646
1653 1647 case GVT_GROUP:
1654 1648 break;
1655 1649
1656 1650 default:
1657 1651 #ifndef NDEBUG
1658 1652 uu_warn("%s:%d: Unexpected node type %d.\n", __FILE__, __LINE__,
1659 1653 v->gv_type);
1660 1654 #endif
1661 1655 abort();
1662 1656 /* NOTREACHED */
1663 1657 }
1664 1658
1665 1659 switch (v->gv_depgroup) {
1666 1660 case DEPGRP_REQUIRE_ANY:
1667 1661 return (require_any_satisfied(v, satbility));
1668 1662
1669 1663 case DEPGRP_REQUIRE_ALL:
1670 1664 return (require_all_satisfied(v, satbility));
1671 1665
1672 1666 case DEPGRP_OPTIONAL_ALL:
1673 1667 return (optional_all_satisfied(v, satbility));
1674 1668
1675 1669 case DEPGRP_EXCLUDE_ALL:
1676 1670 return (exclude_all_satisfied(v, satbility));
1677 1671
1678 1672 default:
1679 1673 #ifndef NDEBUG
1680 1674 uu_warn("%s:%d: Unknown dependency grouping %d.\n", __FILE__,
1681 1675 __LINE__, v->gv_depgroup);
1682 1676 #endif
1683 1677 abort();
1684 1678 }
1685 1679 }
1686 1680
1687 1681 void
1688 1682 graph_start_if_satisfied(graph_vertex_t *v)
1689 1683 {
1690 1684 if (v->gv_state == RESTARTER_STATE_OFFLINE &&
1691 1685 instance_satisfied(v, B_FALSE) == 1) {
1692 1686 if (v->gv_start_f == NULL)
1693 1687 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
1694 1688 else
1695 1689 v->gv_start_f(v);
1696 1690 }
1697 1691 }
1698 1692
1699 1693 /*
1700 1694 * propagate_satbility()
1701 1695 *
1702 1696 * This function is used when the given vertex changes state in such a way that
1703 1697 * one of its dependents may become unsatisfiable. This happens when an
1704 1698 * instance transitions between offline -> online, or from !running ->
1705 1699 * maintenance, as well as when an instance is removed from the graph.
1706 1700 *
1707 1701 * We have to walk all the dependents, since optional_all dependencies several
1708 1702 * levels up could become (un)satisfied, instead of unsatisfiable. For example,
1709 1703 *
1710 1704 * +-----+ optional_all +-----+ require_all +-----+
1711 1705 * | A |--------------->| B |-------------->| C |
1712 1706 * +-----+ +-----+ +-----+
1713 1707 *
1714 1708 * offline -> maintenance
1715 1709 *
1716 1710 * If C goes into maintenance, it's not enough simply to check B. Because A has
1717 1711 * an optional dependency, what was previously an unsatisfiable situation is now
1718 1712 * satisfied (B will never come online, even though its state hasn't changed).
1719 1713 *
1720 1714 * Note that it's not necessary to continue examining dependents after reaching
|
↓ open down ↓ |
95 lines elided |
↑ open up ↑ |
1721 1715 * an optional_all dependency. It's not possible for an optional_all dependency
1722 1716 * to change satisfiability without also coming online, in which case we get a
1723 1717 * start event and propagation continues naturally. However, it does no harm to
1724 1718 * continue propagating satisfiability (as it is a relatively rare event), and
1725 1719 * keeps the walker code simple and generic.
1726 1720 */
1727 1721 /*ARGSUSED*/
1728 1722 static int
1729 1723 satbility_cb(graph_vertex_t *v, void *arg)
1730 1724 {
1725 + if (v->gv_flags & GV_TOOFFLINE)
1726 + return (UU_WALK_NEXT);
1727 +
1731 1728 if (v->gv_type == GVT_INST)
1732 1729 graph_start_if_satisfied(v);
1733 1730
1734 1731 return (UU_WALK_NEXT);
1735 1732 }
1736 1733
1737 1734 static void
1738 1735 propagate_satbility(graph_vertex_t *v)
1739 1736 {
1740 1737 graph_walk(v, WALK_DEPENDENTS, satbility_cb, NULL, NULL);
1741 1738 }
1742 1739
1743 1740 static void propagate_stop(graph_vertex_t *, void *);
1744 1741
1745 -/* ARGSUSED */
1742 +/*
1743 + * propagate_start()
1744 + *
1745 + * This function is used to propagate a start event to the dependents of the
1746 + * given vertex. Any dependents that are offline but have their dependencies
1747 + * satisfied are started. Any dependents that are online and have restart_on
1748 + * set to "restart" or "refresh" are restarted because their dependencies have
1749 + * just changed. This only happens with optional_all dependencies.
1750 + */
1746 1751 static void
1747 1752 propagate_start(graph_vertex_t *v, void *arg)
1748 1753 {
1754 + restarter_error_t err = (restarter_error_t)arg;
1755 +
1756 + if (v->gv_flags & GV_TOOFFLINE)
1757 + return;
1758 +
1749 1759 switch (v->gv_type) {
1750 1760 case GVT_INST:
1751 - graph_start_if_satisfied(v);
1761 + /* Restarter */
1762 + if (inst_running(v)) {
1763 + if (err == RERR_RESTART || err == RERR_REFRESH) {
1764 + vertex_send_event(v,
1765 + RESTARTER_EVENT_TYPE_STOP_RESET);
1766 + }
1767 + } else {
1768 + graph_start_if_satisfied(v);
1769 + }
1752 1770 break;
1753 1771
1754 1772 case GVT_GROUP:
1755 1773 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1756 1774 graph_walk_dependents(v, propagate_stop,
1757 1775 (void *)RERR_RESTART);
1758 1776 break;
1759 1777 }
1778 + err = v->gv_restart;
1760 1779 /* FALLTHROUGH */
1761 1780
1762 1781 case GVT_SVC:
1763 - graph_walk_dependents(v, propagate_start, NULL);
1782 + graph_walk_dependents(v, propagate_start, (void *)err);
1764 1783 break;
1765 1784
1766 1785 case GVT_FILE:
1767 1786 #ifndef NDEBUG
1768 1787 uu_warn("%s:%d: propagate_start() encountered GVT_FILE.\n",
1769 1788 __FILE__, __LINE__);
1770 1789 #endif
1771 1790 abort();
1772 1791 /* NOTREACHED */
1773 1792
1774 1793 default:
1775 1794 #ifndef NDEBUG
1776 1795 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1777 1796 v->gv_type);
1778 1797 #endif
1779 1798 abort();
1780 1799 }
1781 1800 }
1782 1801
1802 +/*
1803 + * propagate_stop()
1804 + *
1805 + * This function is used to propagate a stop event to the dependencies of the
1806 + * given vertex. Any dependencies that are online (or in degraded state) with
1807 + * the restart_on property set to "restart" or "refresh" will be restarted as
1808 + * their dependencies have just changed. This only happens for optional_all
1809 + * dependencies.
1810 + */
1783 1811 static void
1784 1812 propagate_stop(graph_vertex_t *v, void *arg)
1785 1813 {
1786 - graph_edge_t *e;
1787 - graph_vertex_t *svc;
1788 1814 restarter_error_t err = (restarter_error_t)arg;
1789 1815
1816 + if (v->gv_flags & GV_TOOFFLINE)
1817 + return;
1818 +
1790 1819 switch (v->gv_type) {
1791 1820 case GVT_INST:
1792 1821 /* Restarter */
1793 1822 if (err > RERR_NONE && inst_running(v)) {
1794 1823 if (err == RERR_RESTART || err == RERR_REFRESH) {
1795 1824 vertex_send_event(v,
1796 1825 RESTARTER_EVENT_TYPE_STOP_RESET);
1797 1826 } else {
1798 1827 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP);
1799 1828 }
1800 1829 }
1801 1830 break;
1802 1831
1803 1832 case GVT_SVC:
1804 1833 graph_walk_dependents(v, propagate_stop, arg);
1805 1834 break;
1806 1835
1807 1836 case GVT_FILE:
1808 1837 #ifndef NDEBUG
1809 1838 uu_warn("%s:%d: propagate_stop() encountered GVT_FILE.\n",
1810 1839 __FILE__, __LINE__);
1811 1840 #endif
1812 1841 abort();
1813 1842 /* NOTREACHED */
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
1814 1843
1815 1844 case GVT_GROUP:
1816 1845 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1817 1846 graph_walk_dependents(v, propagate_start, NULL);
1818 1847 break;
1819 1848 }
1820 1849
1821 1850 if (err == RERR_NONE || err > v->gv_restart)
1822 1851 break;
1823 1852
1824 - assert(uu_list_numnodes(v->gv_dependents) == 1);
1825 - e = uu_list_first(v->gv_dependents);
1826 - svc = e->ge_vertex;
1827 -
1828 - if (inst_running(svc)) {
1829 - if (err == RERR_RESTART || err == RERR_REFRESH) {
1830 - vertex_send_event(svc,
1831 - RESTARTER_EVENT_TYPE_STOP_RESET);
1832 - } else {
1833 - vertex_send_event(svc,
1834 - RESTARTER_EVENT_TYPE_STOP);
1835 - }
1836 - }
1853 + graph_walk_dependents(v, propagate_stop, arg);
1837 1854 break;
1838 1855
1839 1856 default:
1840 1857 #ifndef NDEBUG
1841 1858 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1842 1859 v->gv_type);
1843 1860 #endif
1844 1861 abort();
1845 1862 }
1846 1863 }
1847 1864
1848 1865 void
1849 1866 offline_vertex(graph_vertex_t *v)
1850 1867 {
1851 1868 scf_handle_t *h = libscf_handle_create_bound_loop();
1852 1869 scf_instance_t *scf_inst = safe_scf_instance_create(h);
1853 1870 scf_propertygroup_t *pg = safe_scf_pg_create(h);
1854 1871 restarter_instance_state_t state, next_state;
1855 1872 int r;
1856 1873
1857 1874 assert(v->gv_type == GVT_INST);
1858 1875
1859 1876 if (scf_inst == NULL)
1860 1877 bad_error("safe_scf_instance_create", scf_error());
1861 1878 if (pg == NULL)
1862 1879 bad_error("safe_scf_pg_create", scf_error());
1863 1880
1864 1881 /* if the vertex is already going offline, return */
1865 1882 rep_retry:
1866 1883 if (scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, scf_inst, NULL,
1867 1884 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
1868 1885 switch (scf_error()) {
1869 1886 case SCF_ERROR_CONNECTION_BROKEN:
1870 1887 libscf_handle_rebind(h);
1871 1888 goto rep_retry;
1872 1889
1873 1890 case SCF_ERROR_NOT_FOUND:
1874 1891 scf_pg_destroy(pg);
1875 1892 scf_instance_destroy(scf_inst);
1876 1893 (void) scf_handle_unbind(h);
1877 1894 scf_handle_destroy(h);
1878 1895 return;
1879 1896 }
1880 1897 uu_die("Can't decode FMRI %s: %s\n", v->gv_name,
1881 1898 scf_strerror(scf_error()));
1882 1899 }
1883 1900
1884 1901 r = scf_instance_get_pg(scf_inst, SCF_PG_RESTARTER, pg);
1885 1902 if (r != 0) {
1886 1903 switch (scf_error()) {
1887 1904 case SCF_ERROR_CONNECTION_BROKEN:
1888 1905 libscf_handle_rebind(h);
1889 1906 goto rep_retry;
1890 1907
1891 1908 case SCF_ERROR_NOT_SET:
1892 1909 case SCF_ERROR_NOT_FOUND:
1893 1910 scf_pg_destroy(pg);
1894 1911 scf_instance_destroy(scf_inst);
1895 1912 (void) scf_handle_unbind(h);
1896 1913 scf_handle_destroy(h);
1897 1914 return;
1898 1915
1899 1916 default:
1900 1917 bad_error("scf_instance_get_pg", scf_error());
1901 1918 }
1902 1919 } else {
1903 1920 r = libscf_read_states(pg, &state, &next_state);
1904 1921 if (r == 0 && (next_state == RESTARTER_STATE_OFFLINE ||
1905 1922 next_state == RESTARTER_STATE_DISABLED)) {
1906 1923 log_framework(LOG_DEBUG,
1907 1924 "%s: instance is already going down.\n",
1908 1925 v->gv_name);
1909 1926 scf_pg_destroy(pg);
1910 1927 scf_instance_destroy(scf_inst);
1911 1928 (void) scf_handle_unbind(h);
1912 1929 scf_handle_destroy(h);
1913 1930 return;
1914 1931 }
1915 1932 }
1916 1933
1917 1934 scf_pg_destroy(pg);
1918 1935 scf_instance_destroy(scf_inst);
1919 1936 (void) scf_handle_unbind(h);
1920 1937 scf_handle_destroy(h);
1921 1938
1922 1939 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP_RESET);
1923 1940 }
1924 1941
1925 1942 /*
1926 1943 * void graph_enable_by_vertex()
1927 1944 * If admin is non-zero, this is an administrative request for change
1928 1945 * of the enabled property. Thus, send the ADMIN_DISABLE rather than
1929 1946 * a plain DISABLE restarter event.
1930 1947 */
1931 1948 void
1932 1949 graph_enable_by_vertex(graph_vertex_t *vertex, int enable, int admin)
1933 1950 {
1934 1951 graph_vertex_t *v;
1935 1952 int r;
1936 1953
1937 1954 assert(MUTEX_HELD(&dgraph_lock));
1938 1955 assert((vertex->gv_flags & GV_CONFIGURED));
1939 1956
1940 1957 vertex->gv_flags = (vertex->gv_flags & ~GV_ENABLED) |
1941 1958 (enable ? GV_ENABLED : 0);
1942 1959
1943 1960 if (enable) {
1944 1961 if (vertex->gv_state != RESTARTER_STATE_OFFLINE &&
1945 1962 vertex->gv_state != RESTARTER_STATE_DEGRADED &&
1946 1963 vertex->gv_state != RESTARTER_STATE_ONLINE) {
1947 1964 /*
1948 1965 * In case the vertex was notified to go down,
1949 1966 * but now can return online, clear the _TOOFFLINE
1950 1967 * and _TODISABLE flags.
1951 1968 */
1952 1969 vertex->gv_flags &= ~GV_TOOFFLINE;
1953 1970 vertex->gv_flags &= ~GV_TODISABLE;
1954 1971
1955 1972 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ENABLE);
1956 1973 }
1957 1974
1958 1975 /*
1959 1976 * Wait for state update from restarter before sending _START or
1960 1977 * _STOP.
1961 1978 */
1962 1979
1963 1980 return;
1964 1981 }
1965 1982
1966 1983 if (vertex->gv_state == RESTARTER_STATE_DISABLED)
1967 1984 return;
1968 1985
1969 1986 if (!admin) {
1970 1987 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_DISABLE);
1971 1988
1972 1989 /*
1973 1990 * Wait for state update from restarter before sending _START or
1974 1991 * _STOP.
1975 1992 */
1976 1993
1977 1994 return;
1978 1995 }
1979 1996
1980 1997 /*
1981 1998 * If it is a DISABLE event requested by the administrator then we are
1982 1999 * offlining the dependents first.
1983 2000 */
1984 2001
1985 2002 /*
1986 2003 * Set GV_TOOFFLINE for the services we are offlining. We cannot
1987 2004 * clear the GV_TOOFFLINE bits from all the services because
1988 2005 * other DISABLE events might be handled at the same time.
1989 2006 */
1990 2007 vertex->gv_flags |= GV_TOOFFLINE;
1991 2008
1992 2009 /* remember which vertex to disable... */
1993 2010 vertex->gv_flags |= GV_TODISABLE;
1994 2011
1995 2012 log_framework(LOG_DEBUG, "Marking in-subtree vertices before "
1996 2013 "disabling %s.\n", vertex->gv_name);
1997 2014
1998 2015 /* set GV_TOOFFLINE for its dependents */
1999 2016 r = uu_list_walk(vertex->gv_dependents, (uu_walk_fn_t *)mark_subtree,
2000 2017 NULL, 0);
2001 2018 assert(r == 0);
2002 2019
2003 2020 /* disable the instance now if there is nothing else to offline */
2004 2021 if (insubtree_dependents_down(vertex) == B_TRUE) {
2005 2022 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
2006 2023 return;
2007 2024 }
2008 2025
2009 2026 /*
2010 2027 * This loop is similar to the one used for the graph reversal shutdown
2011 2028 * and could be improved in term of performance for the subtree reversal
2012 2029 * disable case.
2013 2030 */
2014 2031 for (v = uu_list_first(dgraph); v != NULL;
2015 2032 v = uu_list_next(dgraph, v)) {
2016 2033 /* skip the vertex we are disabling for now */
2017 2034 if (v == vertex)
2018 2035 continue;
2019 2036
2020 2037 if (v->gv_type != GVT_INST ||
2021 2038 (v->gv_flags & GV_CONFIGURED) == 0 ||
2022 2039 (v->gv_flags & GV_ENABLED) == 0 ||
2023 2040 (v->gv_flags & GV_TOOFFLINE) == 0)
2024 2041 continue;
2025 2042
2026 2043 if ((v->gv_state != RESTARTER_STATE_ONLINE) &&
2027 2044 (v->gv_state != RESTARTER_STATE_DEGRADED)) {
2028 2045 /* continue if there is nothing to offline */
2029 2046 continue;
2030 2047 }
2031 2048
2032 2049 /*
2033 2050 * Instances which are up need to come down before we're
2034 2051 * done, but we can only offline the leaves here. An
2035 2052 * instance is a leaf when all its dependents are down.
2036 2053 */
2037 2054 if (insubtree_dependents_down(v) == B_TRUE) {
2038 2055 log_framework(LOG_DEBUG, "Offlining in-subtree "
2039 2056 "instance %s for %s.\n",
2040 2057 v->gv_name, vertex->gv_name);
2041 2058 offline_vertex(v);
2042 2059 }
2043 2060 }
2044 2061 }
2045 2062
2046 2063 static int configure_vertex(graph_vertex_t *, scf_instance_t *);
2047 2064
2048 2065 /*
2049 2066 * Set the restarter for v to fmri_arg. That is, make sure a vertex for
2050 2067 * fmri_arg exists, make v depend on it, and send _ADD_INSTANCE for v. If
2051 2068 * v is already configured and fmri_arg indicates the current restarter, do
2052 2069 * nothing. If v is configured and fmri_arg is a new restarter, delete v's
2053 2070 * dependency on the restarter, send _REMOVE_INSTANCE for v, and set the new
2054 2071 * restarter. Returns 0 on success, EINVAL if the FMRI is invalid,
2055 2072 * ECONNABORTED if the repository connection is broken, and ELOOP
2056 2073 * if the dependency would create a cycle. In the last case, *pathp will
2057 2074 * point to a -1-terminated array of ids which compose the path from v to
2058 2075 * restarter_fmri.
2059 2076 */
2060 2077 int
2061 2078 graph_change_restarter(graph_vertex_t *v, const char *fmri_arg, scf_handle_t *h,
2062 2079 int **pathp)
2063 2080 {
2064 2081 char *restarter_fmri = NULL;
2065 2082 graph_vertex_t *rv;
2066 2083 int err;
2067 2084 int id;
2068 2085
2069 2086 assert(MUTEX_HELD(&dgraph_lock));
2070 2087
2071 2088 if (fmri_arg[0] != '\0') {
2072 2089 err = fmri_canonify(fmri_arg, &restarter_fmri, B_TRUE);
2073 2090 if (err != 0) {
2074 2091 assert(err == EINVAL);
2075 2092 return (err);
2076 2093 }
2077 2094 }
2078 2095
2079 2096 if (restarter_fmri == NULL ||
2080 2097 strcmp(restarter_fmri, SCF_SERVICE_STARTD) == 0) {
2081 2098 if (v->gv_flags & GV_CONFIGURED) {
2082 2099 if (v->gv_restarter_id == -1) {
2083 2100 if (restarter_fmri != NULL)
2084 2101 startd_free(restarter_fmri,
2085 2102 max_scf_fmri_size);
2086 2103 return (0);
2087 2104 }
2088 2105
2089 2106 graph_unset_restarter(v);
2090 2107 }
2091 2108
2092 2109 /* Master restarter, nothing to do. */
2093 2110 v->gv_restarter_id = -1;
2094 2111 v->gv_restarter_channel = NULL;
2095 2112 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2096 2113 return (0);
2097 2114 }
2098 2115
2099 2116 if (v->gv_flags & GV_CONFIGURED) {
2100 2117 id = dict_lookup_byname(restarter_fmri);
2101 2118 if (id != -1 && v->gv_restarter_id == id) {
2102 2119 startd_free(restarter_fmri, max_scf_fmri_size);
2103 2120 return (0);
2104 2121 }
2105 2122
2106 2123 graph_unset_restarter(v);
2107 2124 }
2108 2125
2109 2126 err = graph_insert_vertex_unconfigured(restarter_fmri, GVT_INST, 0,
2110 2127 RERR_NONE, &rv);
2111 2128 startd_free(restarter_fmri, max_scf_fmri_size);
2112 2129 assert(err == 0 || err == EEXIST);
2113 2130
2114 2131 if (rv->gv_delegate_initialized == 0) {
2115 2132 if ((rv->gv_delegate_channel = restarter_protocol_init_delegate(
2116 2133 rv->gv_name)) == NULL)
2117 2134 return (EINVAL);
2118 2135 rv->gv_delegate_initialized = 1;
2119 2136 }
2120 2137 v->gv_restarter_id = rv->gv_id;
2121 2138 v->gv_restarter_channel = rv->gv_delegate_channel;
2122 2139
2123 2140 err = graph_insert_dependency(v, rv, pathp);
2124 2141 if (err != 0) {
2125 2142 assert(err == ELOOP);
2126 2143 return (ELOOP);
2127 2144 }
2128 2145
2129 2146 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2130 2147
2131 2148 if (!(rv->gv_flags & GV_CONFIGURED)) {
2132 2149 scf_instance_t *inst;
2133 2150
2134 2151 err = libscf_fmri_get_instance(h, rv->gv_name, &inst);
2135 2152 switch (err) {
2136 2153 case 0:
2137 2154 err = configure_vertex(rv, inst);
2138 2155 scf_instance_destroy(inst);
2139 2156 switch (err) {
2140 2157 case 0:
2141 2158 case ECANCELED:
2142 2159 break;
2143 2160
2144 2161 case ECONNABORTED:
2145 2162 return (ECONNABORTED);
2146 2163
2147 2164 default:
2148 2165 bad_error("configure_vertex", err);
2149 2166 }
2150 2167 break;
2151 2168
2152 2169 case ECONNABORTED:
2153 2170 return (ECONNABORTED);
2154 2171
2155 2172 case ENOENT:
2156 2173 break;
2157 2174
2158 2175 case ENOTSUP:
2159 2176 /*
2160 2177 * The fmri doesn't specify an instance - translate
2161 2178 * to EINVAL.
2162 2179 */
2163 2180 return (EINVAL);
2164 2181
2165 2182 case EINVAL:
2166 2183 default:
2167 2184 bad_error("libscf_fmri_get_instance", err);
2168 2185 }
2169 2186 }
2170 2187
2171 2188 return (0);
2172 2189 }
2173 2190
2174 2191
2175 2192 /*
2176 2193 * Add all of the instances of the service named by fmri to the graph.
2177 2194 * Returns
2178 2195 * 0 - success
2179 2196 * ENOENT - service indicated by fmri does not exist
2180 2197 *
2181 2198 * In both cases *reboundp will be B_TRUE if the handle was rebound, or B_FALSE
2182 2199 * otherwise.
2183 2200 */
2184 2201 static int
2185 2202 add_service(const char *fmri, scf_handle_t *h, boolean_t *reboundp)
2186 2203 {
2187 2204 scf_service_t *svc;
2188 2205 scf_instance_t *inst;
2189 2206 scf_iter_t *iter;
2190 2207 char *inst_fmri;
2191 2208 int ret, r;
2192 2209
2193 2210 *reboundp = B_FALSE;
2194 2211
2195 2212 svc = safe_scf_service_create(h);
2196 2213 inst = safe_scf_instance_create(h);
2197 2214 iter = safe_scf_iter_create(h);
2198 2215 inst_fmri = startd_alloc(max_scf_fmri_size);
2199 2216
2200 2217 rebound:
2201 2218 if (scf_handle_decode_fmri(h, fmri, NULL, svc, NULL, NULL, NULL,
2202 2219 SCF_DECODE_FMRI_EXACT) != 0) {
2203 2220 switch (scf_error()) {
2204 2221 case SCF_ERROR_CONNECTION_BROKEN:
2205 2222 default:
2206 2223 libscf_handle_rebind(h);
2207 2224 *reboundp = B_TRUE;
2208 2225 goto rebound;
2209 2226
2210 2227 case SCF_ERROR_NOT_FOUND:
2211 2228 ret = ENOENT;
2212 2229 goto out;
2213 2230
2214 2231 case SCF_ERROR_INVALID_ARGUMENT:
2215 2232 case SCF_ERROR_CONSTRAINT_VIOLATED:
2216 2233 case SCF_ERROR_NOT_BOUND:
2217 2234 case SCF_ERROR_HANDLE_MISMATCH:
2218 2235 bad_error("scf_handle_decode_fmri", scf_error());
2219 2236 }
2220 2237 }
2221 2238
2222 2239 if (scf_iter_service_instances(iter, svc) != 0) {
2223 2240 switch (scf_error()) {
2224 2241 case SCF_ERROR_CONNECTION_BROKEN:
2225 2242 default:
2226 2243 libscf_handle_rebind(h);
2227 2244 *reboundp = B_TRUE;
2228 2245 goto rebound;
2229 2246
2230 2247 case SCF_ERROR_DELETED:
2231 2248 ret = ENOENT;
2232 2249 goto out;
2233 2250
2234 2251 case SCF_ERROR_HANDLE_MISMATCH:
2235 2252 case SCF_ERROR_NOT_BOUND:
2236 2253 case SCF_ERROR_NOT_SET:
2237 2254 bad_error("scf_iter_service_instances", scf_error());
2238 2255 }
2239 2256 }
2240 2257
2241 2258 for (;;) {
2242 2259 r = scf_iter_next_instance(iter, inst);
2243 2260 if (r == 0)
2244 2261 break;
2245 2262 if (r != 1) {
2246 2263 switch (scf_error()) {
2247 2264 case SCF_ERROR_CONNECTION_BROKEN:
2248 2265 default:
2249 2266 libscf_handle_rebind(h);
2250 2267 *reboundp = B_TRUE;
2251 2268 goto rebound;
2252 2269
2253 2270 case SCF_ERROR_DELETED:
2254 2271 ret = ENOENT;
2255 2272 goto out;
2256 2273
2257 2274 case SCF_ERROR_HANDLE_MISMATCH:
2258 2275 case SCF_ERROR_NOT_BOUND:
2259 2276 case SCF_ERROR_NOT_SET:
2260 2277 case SCF_ERROR_INVALID_ARGUMENT:
2261 2278 bad_error("scf_iter_next_instance",
2262 2279 scf_error());
2263 2280 }
2264 2281 }
2265 2282
2266 2283 if (scf_instance_to_fmri(inst, inst_fmri, max_scf_fmri_size) <
2267 2284 0) {
2268 2285 switch (scf_error()) {
2269 2286 case SCF_ERROR_CONNECTION_BROKEN:
2270 2287 libscf_handle_rebind(h);
2271 2288 *reboundp = B_TRUE;
2272 2289 goto rebound;
2273 2290
2274 2291 case SCF_ERROR_DELETED:
2275 2292 continue;
2276 2293
2277 2294 case SCF_ERROR_NOT_BOUND:
2278 2295 case SCF_ERROR_NOT_SET:
2279 2296 bad_error("scf_instance_to_fmri", scf_error());
2280 2297 }
2281 2298 }
2282 2299
2283 2300 r = dgraph_add_instance(inst_fmri, inst, B_FALSE);
2284 2301 switch (r) {
2285 2302 case 0:
2286 2303 case ECANCELED:
2287 2304 break;
2288 2305
2289 2306 case EEXIST:
2290 2307 continue;
2291 2308
2292 2309 case ECONNABORTED:
2293 2310 libscf_handle_rebind(h);
2294 2311 *reboundp = B_TRUE;
2295 2312 goto rebound;
2296 2313
2297 2314 case EINVAL:
2298 2315 default:
2299 2316 bad_error("dgraph_add_instance", r);
2300 2317 }
2301 2318 }
2302 2319
2303 2320 ret = 0;
2304 2321
2305 2322 out:
2306 2323 startd_free(inst_fmri, max_scf_fmri_size);
2307 2324 scf_iter_destroy(iter);
2308 2325 scf_instance_destroy(inst);
2309 2326 scf_service_destroy(svc);
2310 2327 return (ret);
2311 2328 }
2312 2329
2313 2330 struct depfmri_info {
2314 2331 graph_vertex_t *v; /* GVT_GROUP vertex */
2315 2332 gv_type_t type; /* type of dependency */
2316 2333 const char *inst_fmri; /* FMRI of parental GVT_INST vert. */
2317 2334 const char *pg_name; /* Name of dependency pg */
2318 2335 scf_handle_t *h;
2319 2336 int err; /* return error code */
2320 2337 int **pathp; /* return circular dependency path */
2321 2338 };
2322 2339
2323 2340 /*
2324 2341 * Find or create a vertex for fmri and make info->v depend on it.
2325 2342 * Returns
2326 2343 * 0 - success
2327 2344 * nonzero - failure
2328 2345 *
2329 2346 * On failure, sets info->err to
2330 2347 * EINVAL - fmri is invalid
2331 2348 * fmri does not match info->type
2332 2349 * ELOOP - Adding the dependency creates a circular dependency. *info->pathp
2333 2350 * will point to an array of the ids of the members of the cycle.
2334 2351 * ECONNABORTED - repository connection was broken
2335 2352 * ECONNRESET - succeeded, but repository connection was reset
2336 2353 */
2337 2354 static int
2338 2355 process_dependency_fmri(const char *fmri, struct depfmri_info *info)
2339 2356 {
2340 2357 int err;
2341 2358 graph_vertex_t *depgroup_v, *v;
2342 2359 char *fmri_copy, *cfmri;
2343 2360 size_t fmri_copy_sz;
2344 2361 const char *scope, *service, *instance, *pg;
2345 2362 scf_instance_t *inst;
2346 2363 boolean_t rebound;
2347 2364
2348 2365 assert(MUTEX_HELD(&dgraph_lock));
2349 2366
2350 2367 /* Get or create vertex for FMRI */
2351 2368 depgroup_v = info->v;
2352 2369
2353 2370 if (strncmp(fmri, "file:", sizeof ("file:") - 1) == 0) {
2354 2371 if (info->type != GVT_FILE) {
2355 2372 log_framework(LOG_NOTICE,
2356 2373 "FMRI \"%s\" is not allowed for the \"%s\" "
2357 2374 "dependency's type of instance %s.\n", fmri,
2358 2375 info->pg_name, info->inst_fmri);
2359 2376 return (info->err = EINVAL);
2360 2377 }
2361 2378
2362 2379 err = graph_insert_vertex_unconfigured(fmri, info->type, 0,
2363 2380 RERR_NONE, &v);
2364 2381 switch (err) {
2365 2382 case 0:
2366 2383 break;
2367 2384
2368 2385 case EEXIST:
2369 2386 assert(v->gv_type == GVT_FILE);
2370 2387 break;
2371 2388
2372 2389 case EINVAL: /* prevented above */
2373 2390 default:
2374 2391 bad_error("graph_insert_vertex_unconfigured", err);
2375 2392 }
2376 2393 } else {
2377 2394 if (info->type != GVT_INST) {
2378 2395 log_framework(LOG_NOTICE,
2379 2396 "FMRI \"%s\" is not allowed for the \"%s\" "
2380 2397 "dependency's type of instance %s.\n", fmri,
2381 2398 info->pg_name, info->inst_fmri);
2382 2399 return (info->err = EINVAL);
2383 2400 }
2384 2401
2385 2402 /*
2386 2403 * We must canonify fmri & add a vertex for it.
2387 2404 */
2388 2405 fmri_copy_sz = strlen(fmri) + 1;
2389 2406 fmri_copy = startd_alloc(fmri_copy_sz);
2390 2407 (void) strcpy(fmri_copy, fmri);
2391 2408
2392 2409 /* Determine if the FMRI is a property group or instance */
2393 2410 if (scf_parse_svc_fmri(fmri_copy, &scope, &service,
2394 2411 &instance, &pg, NULL) != 0) {
2395 2412 startd_free(fmri_copy, fmri_copy_sz);
2396 2413 log_framework(LOG_NOTICE,
2397 2414 "Dependency \"%s\" of %s has invalid FMRI "
2398 2415 "\"%s\".\n", info->pg_name, info->inst_fmri,
2399 2416 fmri);
2400 2417 return (info->err = EINVAL);
2401 2418 }
2402 2419
2403 2420 if (service == NULL || pg != NULL) {
2404 2421 startd_free(fmri_copy, fmri_copy_sz);
2405 2422 log_framework(LOG_NOTICE,
2406 2423 "Dependency \"%s\" of %s does not designate a "
2407 2424 "service or instance.\n", info->pg_name,
2408 2425 info->inst_fmri);
2409 2426 return (info->err = EINVAL);
2410 2427 }
2411 2428
2412 2429 if (scope == NULL || strcmp(scope, SCF_SCOPE_LOCAL) == 0) {
2413 2430 cfmri = uu_msprintf("svc:/%s%s%s",
2414 2431 service, instance ? ":" : "", instance ? instance :
2415 2432 "");
2416 2433 } else {
2417 2434 cfmri = uu_msprintf("svc://%s/%s%s%s",
2418 2435 scope, service, instance ? ":" : "", instance ?
2419 2436 instance : "");
2420 2437 }
2421 2438
2422 2439 startd_free(fmri_copy, fmri_copy_sz);
2423 2440
2424 2441 err = graph_insert_vertex_unconfigured(cfmri, instance ?
2425 2442 GVT_INST : GVT_SVC, instance ? 0 : DEPGRP_REQUIRE_ANY,
2426 2443 RERR_NONE, &v);
2427 2444 uu_free(cfmri);
2428 2445 switch (err) {
2429 2446 case 0:
2430 2447 break;
2431 2448
2432 2449 case EEXIST:
2433 2450 /* Verify v. */
2434 2451 if (instance != NULL)
2435 2452 assert(v->gv_type == GVT_INST);
2436 2453 else
2437 2454 assert(v->gv_type == GVT_SVC);
2438 2455 break;
2439 2456
2440 2457 default:
2441 2458 bad_error("graph_insert_vertex_unconfigured", err);
2442 2459 }
2443 2460 }
2444 2461
2445 2462 /* Add dependency from depgroup_v to new vertex */
2446 2463 info->err = graph_insert_dependency(depgroup_v, v, info->pathp);
2447 2464 switch (info->err) {
2448 2465 case 0:
2449 2466 break;
2450 2467
2451 2468 case ELOOP:
2452 2469 return (ELOOP);
2453 2470
2454 2471 default:
2455 2472 bad_error("graph_insert_dependency", info->err);
2456 2473 }
2457 2474
2458 2475 /* This must be after we insert the dependency, to avoid looping. */
2459 2476 switch (v->gv_type) {
2460 2477 case GVT_INST:
2461 2478 if ((v->gv_flags & GV_CONFIGURED) != 0)
2462 2479 break;
2463 2480
2464 2481 inst = safe_scf_instance_create(info->h);
2465 2482
2466 2483 rebound = B_FALSE;
2467 2484
2468 2485 rebound:
2469 2486 err = libscf_lookup_instance(v->gv_name, inst);
2470 2487 switch (err) {
2471 2488 case 0:
2472 2489 err = configure_vertex(v, inst);
2473 2490 switch (err) {
2474 2491 case 0:
2475 2492 case ECANCELED:
2476 2493 break;
2477 2494
2478 2495 case ECONNABORTED:
2479 2496 libscf_handle_rebind(info->h);
2480 2497 rebound = B_TRUE;
2481 2498 goto rebound;
2482 2499
2483 2500 default:
2484 2501 bad_error("configure_vertex", err);
2485 2502 }
2486 2503 break;
2487 2504
2488 2505 case ENOENT:
2489 2506 break;
2490 2507
2491 2508 case ECONNABORTED:
2492 2509 libscf_handle_rebind(info->h);
2493 2510 rebound = B_TRUE;
2494 2511 goto rebound;
2495 2512
2496 2513 case EINVAL:
2497 2514 case ENOTSUP:
2498 2515 default:
2499 2516 bad_error("libscf_fmri_get_instance", err);
2500 2517 }
2501 2518
2502 2519 scf_instance_destroy(inst);
2503 2520
2504 2521 if (rebound)
2505 2522 return (info->err = ECONNRESET);
2506 2523 break;
2507 2524
2508 2525 case GVT_SVC:
2509 2526 (void) add_service(v->gv_name, info->h, &rebound);
2510 2527 if (rebound)
2511 2528 return (info->err = ECONNRESET);
2512 2529 }
2513 2530
2514 2531 return (0);
2515 2532 }
2516 2533
2517 2534 struct deppg_info {
2518 2535 graph_vertex_t *v; /* GVT_INST vertex */
2519 2536 int err; /* return error */
2520 2537 int **pathp; /* return circular dependency path */
2521 2538 };
2522 2539
2523 2540 /*
2524 2541 * Make info->v depend on a new GVT_GROUP node for this property group,
2525 2542 * and then call process_dependency_fmri() for the values of the entity
2526 2543 * property. Return 0 on success, or if something goes wrong return nonzero
2527 2544 * and set info->err to ECONNABORTED, EINVAL, or the error code returned by
2528 2545 * process_dependency_fmri().
2529 2546 */
2530 2547 static int
2531 2548 process_dependency_pg(scf_propertygroup_t *pg, struct deppg_info *info)
2532 2549 {
2533 2550 scf_handle_t *h;
2534 2551 depgroup_type_t deptype;
2535 2552 restarter_error_t rerr;
2536 2553 struct depfmri_info linfo;
2537 2554 char *fmri, *pg_name;
2538 2555 size_t fmri_sz;
2539 2556 graph_vertex_t *depgrp;
2540 2557 scf_property_t *prop;
2541 2558 int err;
2542 2559 int empty;
2543 2560 scf_error_t scferr;
2544 2561 ssize_t len;
2545 2562
2546 2563 assert(MUTEX_HELD(&dgraph_lock));
2547 2564
2548 2565 h = scf_pg_handle(pg);
2549 2566
2550 2567 pg_name = startd_alloc(max_scf_name_size);
2551 2568
2552 2569 len = scf_pg_get_name(pg, pg_name, max_scf_name_size);
2553 2570 if (len < 0) {
2554 2571 startd_free(pg_name, max_scf_name_size);
2555 2572 switch (scf_error()) {
2556 2573 case SCF_ERROR_CONNECTION_BROKEN:
2557 2574 default:
2558 2575 return (info->err = ECONNABORTED);
2559 2576
2560 2577 case SCF_ERROR_DELETED:
2561 2578 return (info->err = 0);
2562 2579
2563 2580 case SCF_ERROR_NOT_SET:
2564 2581 bad_error("scf_pg_get_name", scf_error());
2565 2582 }
2566 2583 }
2567 2584
2568 2585 /*
2569 2586 * Skip over empty dependency groups. Since dependency property
2570 2587 * groups are updated atomically, they are either empty or
2571 2588 * fully populated.
2572 2589 */
2573 2590 empty = depgroup_empty(h, pg);
2574 2591 if (empty < 0) {
2575 2592 log_error(LOG_INFO,
2576 2593 "Error reading dependency group \"%s\" of %s: %s\n",
2577 2594 pg_name, info->v->gv_name, scf_strerror(scf_error()));
2578 2595 startd_free(pg_name, max_scf_name_size);
2579 2596 return (info->err = EINVAL);
2580 2597
2581 2598 } else if (empty == 1) {
2582 2599 log_framework(LOG_DEBUG,
2583 2600 "Ignoring empty dependency group \"%s\" of %s\n",
2584 2601 pg_name, info->v->gv_name);
2585 2602 startd_free(pg_name, max_scf_name_size);
2586 2603 return (info->err = 0);
2587 2604 }
2588 2605
2589 2606 fmri_sz = strlen(info->v->gv_name) + 1 + len + 1;
2590 2607 fmri = startd_alloc(fmri_sz);
2591 2608
2592 2609 (void) snprintf(fmri, fmri_sz, "%s>%s", info->v->gv_name,
2593 2610 pg_name);
2594 2611
2595 2612 /* Validate the pg before modifying the graph */
2596 2613 deptype = depgroup_read_grouping(h, pg);
2597 2614 if (deptype == DEPGRP_UNSUPPORTED) {
2598 2615 log_error(LOG_INFO,
2599 2616 "Dependency \"%s\" of %s has an unknown grouping value.\n",
2600 2617 pg_name, info->v->gv_name);
2601 2618 startd_free(fmri, fmri_sz);
2602 2619 startd_free(pg_name, max_scf_name_size);
2603 2620 return (info->err = EINVAL);
2604 2621 }
2605 2622
2606 2623 rerr = depgroup_read_restart(h, pg);
2607 2624 if (rerr == RERR_UNSUPPORTED) {
2608 2625 log_error(LOG_INFO,
2609 2626 "Dependency \"%s\" of %s has an unknown restart_on value."
2610 2627 "\n", pg_name, info->v->gv_name);
2611 2628 startd_free(fmri, fmri_sz);
2612 2629 startd_free(pg_name, max_scf_name_size);
2613 2630 return (info->err = EINVAL);
2614 2631 }
2615 2632
2616 2633 prop = safe_scf_property_create(h);
2617 2634
2618 2635 if (scf_pg_get_property(pg, SCF_PROPERTY_ENTITIES, prop) != 0) {
2619 2636 scferr = scf_error();
2620 2637 scf_property_destroy(prop);
2621 2638 if (scferr == SCF_ERROR_DELETED) {
2622 2639 startd_free(fmri, fmri_sz);
2623 2640 startd_free(pg_name, max_scf_name_size);
2624 2641 return (info->err = 0);
2625 2642 } else if (scferr != SCF_ERROR_NOT_FOUND) {
2626 2643 startd_free(fmri, fmri_sz);
2627 2644 startd_free(pg_name, max_scf_name_size);
2628 2645 return (info->err = ECONNABORTED);
2629 2646 }
2630 2647
2631 2648 log_error(LOG_INFO,
2632 2649 "Dependency \"%s\" of %s is missing a \"%s\" property.\n",
2633 2650 pg_name, info->v->gv_name, SCF_PROPERTY_ENTITIES);
2634 2651
2635 2652 startd_free(fmri, fmri_sz);
2636 2653 startd_free(pg_name, max_scf_name_size);
2637 2654
2638 2655 return (info->err = EINVAL);
2639 2656 }
2640 2657
2641 2658 /* Create depgroup vertex for pg */
2642 2659 err = graph_insert_vertex_unconfigured(fmri, GVT_GROUP, deptype,
2643 2660 rerr, &depgrp);
2644 2661 assert(err == 0);
2645 2662 startd_free(fmri, fmri_sz);
2646 2663
2647 2664 /* Add dependency from inst vertex to new vertex */
2648 2665 err = graph_insert_dependency(info->v, depgrp, info->pathp);
2649 2666 /* ELOOP can't happen because this should be a new vertex */
2650 2667 assert(err == 0);
2651 2668
2652 2669 linfo.v = depgrp;
2653 2670 linfo.type = depgroup_read_scheme(h, pg);
2654 2671 linfo.inst_fmri = info->v->gv_name;
2655 2672 linfo.pg_name = pg_name;
2656 2673 linfo.h = h;
2657 2674 linfo.err = 0;
2658 2675 linfo.pathp = info->pathp;
2659 2676 err = walk_property_astrings(prop, (callback_t)process_dependency_fmri,
2660 2677 &linfo);
2661 2678
2662 2679 scf_property_destroy(prop);
2663 2680 startd_free(pg_name, max_scf_name_size);
2664 2681
2665 2682 switch (err) {
2666 2683 case 0:
2667 2684 case EINTR:
2668 2685 return (info->err = linfo.err);
2669 2686
2670 2687 case ECONNABORTED:
2671 2688 case EINVAL:
2672 2689 return (info->err = err);
2673 2690
2674 2691 case ECANCELED:
2675 2692 return (info->err = 0);
2676 2693
2677 2694 case ECONNRESET:
2678 2695 return (info->err = ECONNABORTED);
2679 2696
2680 2697 default:
2681 2698 bad_error("walk_property_astrings", err);
2682 2699 /* NOTREACHED */
2683 2700 }
2684 2701 }
2685 2702
2686 2703 /*
2687 2704 * Build the dependency info for v from the repository. Returns 0 on success,
2688 2705 * ECONNABORTED on repository disconnection, EINVAL if the repository
2689 2706 * configuration is invalid, and ELOOP if a dependency would cause a cycle.
2690 2707 * In the last case, *pathp will point to a -1-terminated array of ids which
2691 2708 * constitute the rest of the dependency cycle.
2692 2709 */
2693 2710 static int
2694 2711 set_dependencies(graph_vertex_t *v, scf_instance_t *inst, int **pathp)
2695 2712 {
2696 2713 struct deppg_info info;
2697 2714 int err;
2698 2715 uint_t old_configured;
2699 2716
2700 2717 assert(MUTEX_HELD(&dgraph_lock));
2701 2718
2702 2719 /*
2703 2720 * Mark the vertex as configured during dependency insertion to avoid
2704 2721 * dependency cycles (which can appear in the graph if one of the
2705 2722 * vertices is an exclusion-group).
2706 2723 */
2707 2724 old_configured = v->gv_flags & GV_CONFIGURED;
2708 2725 v->gv_flags |= GV_CONFIGURED;
2709 2726
2710 2727 info.err = 0;
2711 2728 info.v = v;
2712 2729 info.pathp = pathp;
2713 2730
2714 2731 err = walk_dependency_pgs(inst, (callback_t)process_dependency_pg,
2715 2732 &info);
2716 2733
2717 2734 if (!old_configured)
2718 2735 v->gv_flags &= ~GV_CONFIGURED;
2719 2736
2720 2737 switch (err) {
2721 2738 case 0:
2722 2739 case EINTR:
2723 2740 return (info.err);
2724 2741
2725 2742 case ECONNABORTED:
2726 2743 return (ECONNABORTED);
2727 2744
2728 2745 case ECANCELED:
2729 2746 /* Should get delete event, so return 0. */
2730 2747 return (0);
2731 2748
2732 2749 default:
2733 2750 bad_error("walk_dependency_pgs", err);
2734 2751 /* NOTREACHED */
2735 2752 }
2736 2753 }
2737 2754
2738 2755
2739 2756 static void
2740 2757 handle_cycle(const char *fmri, int *path)
2741 2758 {
2742 2759 const char *cp;
2743 2760 size_t sz;
2744 2761
2745 2762 assert(MUTEX_HELD(&dgraph_lock));
2746 2763
2747 2764 path_to_str(path, (char **)&cp, &sz);
2748 2765
2749 2766 log_error(LOG_ERR, "Transitioning %s to maintenance "
2750 2767 "because it completes a dependency cycle (see svcs -xv for "
2751 2768 "details):\n%s", fmri ? fmri : "?", cp);
2752 2769
2753 2770 startd_free((void *)cp, sz);
2754 2771 }
2755 2772
2756 2773 /*
2757 2774 * Increment the vertex's reference count to prevent the vertex removal
2758 2775 * from the dgraph.
2759 2776 */
2760 2777 static void
2761 2778 vertex_ref(graph_vertex_t *v)
2762 2779 {
2763 2780 assert(MUTEX_HELD(&dgraph_lock));
2764 2781
2765 2782 v->gv_refs++;
2766 2783 }
2767 2784
2768 2785 /*
2769 2786 * Decrement the vertex's reference count and remove the vertex from
2770 2787 * the dgraph when possible.
2771 2788 *
2772 2789 * Return VERTEX_REMOVED when the vertex has been removed otherwise
2773 2790 * return VERTEX_INUSE.
2774 2791 */
2775 2792 static int
2776 2793 vertex_unref(graph_vertex_t *v)
2777 2794 {
2778 2795 assert(MUTEX_HELD(&dgraph_lock));
2779 2796 assert(v->gv_refs > 0);
2780 2797
2781 2798 v->gv_refs--;
2782 2799
2783 2800 return (free_if_unrefed(v));
2784 2801 }
2785 2802
2786 2803 /*
2787 2804 * When run on the dependencies of a vertex, populates list with
2788 2805 * graph_edge_t's which point to the service vertices or the instance
2789 2806 * vertices (no GVT_GROUP nodes) on which the vertex depends.
2790 2807 *
2791 2808 * Increment the vertex's reference count once the vertex is inserted
2792 2809 * in the list. The vertex won't be able to be deleted from the dgraph
2793 2810 * while it is referenced.
2794 2811 */
2795 2812 static int
2796 2813 append_svcs_or_insts(graph_edge_t *e, uu_list_t *list)
2797 2814 {
2798 2815 graph_vertex_t *v = e->ge_vertex;
2799 2816 graph_edge_t *new;
2800 2817 int r;
2801 2818
2802 2819 switch (v->gv_type) {
2803 2820 case GVT_INST:
2804 2821 case GVT_SVC:
2805 2822 break;
2806 2823
2807 2824 case GVT_GROUP:
2808 2825 r = uu_list_walk(v->gv_dependencies,
2809 2826 (uu_walk_fn_t *)append_svcs_or_insts, list, 0);
2810 2827 assert(r == 0);
2811 2828 return (UU_WALK_NEXT);
2812 2829
2813 2830 case GVT_FILE:
2814 2831 return (UU_WALK_NEXT);
2815 2832
2816 2833 default:
2817 2834 #ifndef NDEBUG
2818 2835 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
2819 2836 __LINE__, v->gv_type);
2820 2837 #endif
2821 2838 abort();
2822 2839 }
2823 2840
2824 2841 new = startd_alloc(sizeof (*new));
2825 2842 new->ge_vertex = v;
2826 2843 uu_list_node_init(new, &new->ge_link, graph_edge_pool);
2827 2844 r = uu_list_insert_before(list, NULL, new);
2828 2845 assert(r == 0);
2829 2846
2830 2847 /*
2831 2848 * Because we are inserting the vertex in a list, we don't want
2832 2849 * the vertex to be freed while the list is in use. In order to
2833 2850 * achieve that, increment the vertex's reference count.
2834 2851 */
2835 2852 vertex_ref(v);
2836 2853
2837 2854 return (UU_WALK_NEXT);
2838 2855 }
2839 2856
2840 2857 static boolean_t
2841 2858 should_be_in_subgraph(graph_vertex_t *v)
2842 2859 {
2843 2860 graph_edge_t *e;
2844 2861
2845 2862 if (v == milestone)
2846 2863 return (B_TRUE);
2847 2864
2848 2865 /*
2849 2866 * v is in the subgraph if any of its dependents are in the subgraph.
2850 2867 * Except for EXCLUDE_ALL dependents. And OPTIONAL dependents only
2851 2868 * count if we're enabled.
2852 2869 */
2853 2870 for (e = uu_list_first(v->gv_dependents);
2854 2871 e != NULL;
2855 2872 e = uu_list_next(v->gv_dependents, e)) {
2856 2873 graph_vertex_t *dv = e->ge_vertex;
2857 2874
2858 2875 if (!(dv->gv_flags & GV_INSUBGRAPH))
2859 2876 continue;
2860 2877
2861 2878 /*
2862 2879 * Don't include instances that are optional and disabled.
2863 2880 */
2864 2881 if (v->gv_type == GVT_INST && dv->gv_type == GVT_SVC) {
2865 2882
2866 2883 int in = 0;
2867 2884 graph_edge_t *ee;
2868 2885
2869 2886 for (ee = uu_list_first(dv->gv_dependents);
2870 2887 ee != NULL;
2871 2888 ee = uu_list_next(dv->gv_dependents, ee)) {
2872 2889
2873 2890 graph_vertex_t *ddv = e->ge_vertex;
2874 2891
2875 2892 if (ddv->gv_type == GVT_GROUP &&
2876 2893 ddv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2877 2894 continue;
2878 2895
2879 2896 if (ddv->gv_type == GVT_GROUP &&
2880 2897 ddv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2881 2898 !(v->gv_flags & GV_ENBLD_NOOVR))
2882 2899 continue;
2883 2900
2884 2901 in = 1;
2885 2902 }
2886 2903 if (!in)
2887 2904 continue;
2888 2905 }
2889 2906 if (v->gv_type == GVT_INST &&
2890 2907 dv->gv_type == GVT_GROUP &&
2891 2908 dv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2892 2909 !(v->gv_flags & GV_ENBLD_NOOVR))
2893 2910 continue;
2894 2911
2895 2912 /* Don't include excluded services and instances */
2896 2913 if (dv->gv_type == GVT_GROUP &&
2897 2914 dv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2898 2915 continue;
2899 2916
2900 2917 return (B_TRUE);
2901 2918 }
2902 2919
2903 2920 return (B_FALSE);
2904 2921 }
2905 2922
2906 2923 /*
2907 2924 * Ensures that GV_INSUBGRAPH is set properly for v and its descendents. If
2908 2925 * any bits change, manipulate the repository appropriately. Returns 0 or
2909 2926 * ECONNABORTED.
2910 2927 */
2911 2928 static int
2912 2929 eval_subgraph(graph_vertex_t *v, scf_handle_t *h)
2913 2930 {
2914 2931 boolean_t old = (v->gv_flags & GV_INSUBGRAPH) != 0;
2915 2932 boolean_t new;
2916 2933 graph_edge_t *e;
2917 2934 scf_instance_t *inst;
2918 2935 int ret = 0, r;
2919 2936
2920 2937 assert(milestone != NULL && milestone != MILESTONE_NONE);
2921 2938
2922 2939 new = should_be_in_subgraph(v);
2923 2940
2924 2941 if (new == old)
2925 2942 return (0);
2926 2943
2927 2944 log_framework(LOG_DEBUG, new ? "Adding %s to the subgraph.\n" :
2928 2945 "Removing %s from the subgraph.\n", v->gv_name);
2929 2946
2930 2947 v->gv_flags = (v->gv_flags & ~GV_INSUBGRAPH) |
2931 2948 (new ? GV_INSUBGRAPH : 0);
2932 2949
2933 2950 if (v->gv_type == GVT_INST && (v->gv_flags & GV_CONFIGURED)) {
2934 2951 int err;
2935 2952
2936 2953 get_inst:
2937 2954 err = libscf_fmri_get_instance(h, v->gv_name, &inst);
2938 2955 if (err != 0) {
2939 2956 switch (err) {
2940 2957 case ECONNABORTED:
2941 2958 libscf_handle_rebind(h);
2942 2959 ret = ECONNABORTED;
2943 2960 goto get_inst;
2944 2961
2945 2962 case ENOENT:
2946 2963 break;
2947 2964
2948 2965 case EINVAL:
2949 2966 case ENOTSUP:
2950 2967 default:
2951 2968 bad_error("libscf_fmri_get_instance", err);
2952 2969 }
2953 2970 } else {
2954 2971 const char *f;
2955 2972
2956 2973 if (new) {
2957 2974 err = libscf_delete_enable_ovr(inst);
2958 2975 f = "libscf_delete_enable_ovr";
2959 2976 } else {
2960 2977 err = libscf_set_enable_ovr(inst, 0);
2961 2978 f = "libscf_set_enable_ovr";
2962 2979 }
2963 2980 scf_instance_destroy(inst);
2964 2981 switch (err) {
2965 2982 case 0:
2966 2983 case ECANCELED:
2967 2984 break;
2968 2985
2969 2986 case ECONNABORTED:
2970 2987 libscf_handle_rebind(h);
2971 2988 /*
2972 2989 * We must continue so the graph is updated,
2973 2990 * but we must return ECONNABORTED so any
2974 2991 * libscf state held by any callers is reset.
2975 2992 */
2976 2993 ret = ECONNABORTED;
2977 2994 goto get_inst;
2978 2995
2979 2996 case EROFS:
2980 2997 case EPERM:
2981 2998 log_error(LOG_WARNING,
2982 2999 "Could not set %s/%s for %s: %s.\n",
2983 3000 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
2984 3001 v->gv_name, strerror(err));
2985 3002 break;
2986 3003
2987 3004 default:
2988 3005 bad_error(f, err);
2989 3006 }
2990 3007 }
2991 3008 }
2992 3009
2993 3010 for (e = uu_list_first(v->gv_dependencies);
2994 3011 e != NULL;
2995 3012 e = uu_list_next(v->gv_dependencies, e)) {
2996 3013 r = eval_subgraph(e->ge_vertex, h);
2997 3014 if (r != 0) {
2998 3015 assert(r == ECONNABORTED);
2999 3016 ret = ECONNABORTED;
3000 3017 }
3001 3018 }
3002 3019
3003 3020 return (ret);
3004 3021 }
3005 3022
3006 3023 /*
3007 3024 * Delete the (property group) dependencies of v & create new ones based on
3008 3025 * inst. If doing so would create a cycle, log a message and put the instance
3009 3026 * into maintenance. Update GV_INSUBGRAPH flags as necessary. Returns 0 or
3010 3027 * ECONNABORTED.
3011 3028 */
3012 3029 int
3013 3030 refresh_vertex(graph_vertex_t *v, scf_instance_t *inst)
3014 3031 {
3015 3032 int err;
3016 3033 int *path;
3017 3034 char *fmri;
3018 3035 int r;
3019 3036 scf_handle_t *h = scf_instance_handle(inst);
3020 3037 uu_list_t *old_deps;
3021 3038 int ret = 0;
3022 3039 graph_edge_t *e;
3023 3040 graph_vertex_t *vv;
3024 3041
3025 3042 assert(MUTEX_HELD(&dgraph_lock));
3026 3043 assert(v->gv_type == GVT_INST);
3027 3044
3028 3045 log_framework(LOG_DEBUG, "Graph engine: Refreshing %s.\n", v->gv_name);
3029 3046
3030 3047 if (milestone > MILESTONE_NONE) {
3031 3048 /*
3032 3049 * In case some of v's dependencies are being deleted we must
3033 3050 * make a list of them now for GV_INSUBGRAPH-flag evaluation
3034 3051 * after the new dependencies are in place.
3035 3052 */
3036 3053 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
3037 3054
3038 3055 err = uu_list_walk(v->gv_dependencies,
3039 3056 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
3040 3057 assert(err == 0);
3041 3058 }
3042 3059
3043 3060 delete_instance_dependencies(v, B_FALSE);
3044 3061
3045 3062 err = set_dependencies(v, inst, &path);
3046 3063 switch (err) {
3047 3064 case 0:
3048 3065 break;
3049 3066
3050 3067 case ECONNABORTED:
3051 3068 ret = err;
3052 3069 goto out;
3053 3070
3054 3071 case EINVAL:
3055 3072 case ELOOP:
3056 3073 r = libscf_instance_get_fmri(inst, &fmri);
3057 3074 switch (r) {
3058 3075 case 0:
3059 3076 break;
3060 3077
3061 3078 case ECONNABORTED:
3062 3079 ret = ECONNABORTED;
3063 3080 goto out;
3064 3081
3065 3082 case ECANCELED:
3066 3083 ret = 0;
3067 3084 goto out;
3068 3085
3069 3086 default:
3070 3087 bad_error("libscf_instance_get_fmri", r);
3071 3088 }
3072 3089
3073 3090 if (err == EINVAL) {
3074 3091 log_error(LOG_ERR, "Transitioning %s "
3075 3092 "to maintenance due to misconfiguration.\n",
3076 3093 fmri ? fmri : "?");
3077 3094 vertex_send_event(v,
3078 3095 RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY);
3079 3096 } else {
3080 3097 handle_cycle(fmri, path);
3081 3098 vertex_send_event(v,
3082 3099 RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE);
3083 3100 }
3084 3101 startd_free(fmri, max_scf_fmri_size);
3085 3102 ret = 0;
3086 3103 goto out;
3087 3104
3088 3105 default:
3089 3106 bad_error("set_dependencies", err);
3090 3107 }
3091 3108
3092 3109 if (milestone > MILESTONE_NONE) {
3093 3110 boolean_t aborted = B_FALSE;
3094 3111
3095 3112 for (e = uu_list_first(old_deps);
3096 3113 e != NULL;
3097 3114 e = uu_list_next(old_deps, e)) {
3098 3115 vv = e->ge_vertex;
3099 3116
3100 3117 if (vertex_unref(vv) == VERTEX_INUSE &&
3101 3118 eval_subgraph(vv, h) == ECONNABORTED)
3102 3119 aborted = B_TRUE;
3103 3120 }
3104 3121
3105 3122 for (e = uu_list_first(v->gv_dependencies);
3106 3123 e != NULL;
3107 3124 e = uu_list_next(v->gv_dependencies, e)) {
3108 3125 if (eval_subgraph(e->ge_vertex, h) ==
3109 3126 ECONNABORTED)
3110 3127 aborted = B_TRUE;
3111 3128 }
3112 3129
3113 3130 if (aborted) {
3114 3131 ret = ECONNABORTED;
3115 3132 goto out;
3116 3133 }
3117 3134 }
3118 3135
3119 3136 graph_start_if_satisfied(v);
3120 3137
3121 3138 ret = 0;
3122 3139
3123 3140 out:
3124 3141 if (milestone > MILESTONE_NONE) {
3125 3142 void *cookie = NULL;
3126 3143
3127 3144 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL)
3128 3145 startd_free(e, sizeof (*e));
3129 3146
3130 3147 uu_list_destroy(old_deps);
3131 3148 }
3132 3149
3133 3150 return (ret);
3134 3151 }
3135 3152
3136 3153 /*
3137 3154 * Set up v according to inst. That is, make sure it depends on its
3138 3155 * restarter and set up its dependencies. Send the ADD_INSTANCE command to
3139 3156 * the restarter, and send ENABLE or DISABLE as appropriate.
3140 3157 *
3141 3158 * Returns 0 on success, ECONNABORTED on repository disconnection, or
3142 3159 * ECANCELED if inst is deleted.
3143 3160 */
3144 3161 static int
3145 3162 configure_vertex(graph_vertex_t *v, scf_instance_t *inst)
3146 3163 {
3147 3164 scf_handle_t *h;
3148 3165 scf_propertygroup_t *pg;
3149 3166 scf_snapshot_t *snap;
3150 3167 char *restarter_fmri = startd_alloc(max_scf_value_size);
3151 3168 int enabled, enabled_ovr;
3152 3169 int err;
3153 3170 int *path;
3154 3171 int deathrow;
3155 3172 int32_t tset;
3156 3173
3157 3174 restarter_fmri[0] = '\0';
3158 3175
3159 3176 assert(MUTEX_HELD(&dgraph_lock));
3160 3177 assert(v->gv_type == GVT_INST);
3161 3178 assert((v->gv_flags & GV_CONFIGURED) == 0);
3162 3179
3163 3180 /* GV_INSUBGRAPH should already be set properly. */
3164 3181 assert(should_be_in_subgraph(v) ==
3165 3182 ((v->gv_flags & GV_INSUBGRAPH) != 0));
3166 3183
3167 3184 /*
3168 3185 * If the instance fmri is in the deathrow list then set the
3169 3186 * GV_DEATHROW flag on the vertex and create and set to true the
3170 3187 * SCF_PROPERTY_DEATHROW boolean property in the non-persistent
3171 3188 * repository for this instance fmri.
3172 3189 */
3173 3190 if ((v->gv_flags & GV_DEATHROW) ||
3174 3191 (is_fmri_in_deathrow(v->gv_name) == B_TRUE)) {
3175 3192 if ((v->gv_flags & GV_DEATHROW) == 0) {
3176 3193 /*
3177 3194 * Set flag GV_DEATHROW, create and set to true
3178 3195 * the SCF_PROPERTY_DEATHROW property in the
3179 3196 * non-persistent repository for this instance fmri.
3180 3197 */
3181 3198 v->gv_flags |= GV_DEATHROW;
3182 3199
3183 3200 switch (err = libscf_set_deathrow(inst, 1)) {
3184 3201 case 0:
3185 3202 break;
3186 3203
3187 3204 case ECONNABORTED:
3188 3205 case ECANCELED:
3189 3206 startd_free(restarter_fmri, max_scf_value_size);
3190 3207 return (err);
3191 3208
3192 3209 case EROFS:
3193 3210 log_error(LOG_WARNING, "Could not set %s/%s "
3194 3211 "for deathrow %s: %s.\n",
3195 3212 SCF_PG_DEATHROW, SCF_PROPERTY_DEATHROW,
3196 3213 v->gv_name, strerror(err));
3197 3214 break;
3198 3215
3199 3216 case EPERM:
3200 3217 uu_die("Permission denied.\n");
3201 3218 /* NOTREACHED */
3202 3219
3203 3220 default:
3204 3221 bad_error("libscf_set_deathrow", err);
3205 3222 }
3206 3223 log_framework(LOG_DEBUG, "Deathrow, graph set %s.\n",
3207 3224 v->gv_name);
3208 3225 }
3209 3226 startd_free(restarter_fmri, max_scf_value_size);
3210 3227 return (0);
3211 3228 }
3212 3229
3213 3230 h = scf_instance_handle(inst);
3214 3231
3215 3232 /*
3216 3233 * Using a temporary deathrow boolean property, set through
3217 3234 * libscf_set_deathrow(), only for fmris on deathrow, is necessary
3218 3235 * because deathrow_fini() may already have been called, and in case
3219 3236 * of a refresh, GV_DEATHROW may need to be set again.
3220 3237 * libscf_get_deathrow() sets deathrow to 1 only if this instance
3221 3238 * has a temporary boolean property named 'deathrow' valued true
3222 3239 * in a property group 'deathrow', -1 or 0 in all other cases.
3223 3240 */
3224 3241 err = libscf_get_deathrow(h, inst, &deathrow);
3225 3242 switch (err) {
3226 3243 case 0:
3227 3244 break;
3228 3245
3229 3246 case ECONNABORTED:
3230 3247 case ECANCELED:
3231 3248 startd_free(restarter_fmri, max_scf_value_size);
3232 3249 return (err);
3233 3250
3234 3251 default:
3235 3252 bad_error("libscf_get_deathrow", err);
3236 3253 }
3237 3254
3238 3255 if (deathrow == 1) {
3239 3256 v->gv_flags |= GV_DEATHROW;
3240 3257 startd_free(restarter_fmri, max_scf_value_size);
3241 3258 return (0);
3242 3259 }
3243 3260
3244 3261 log_framework(LOG_DEBUG, "Graph adding %s.\n", v->gv_name);
3245 3262
3246 3263 /*
3247 3264 * If the instance does not have a restarter property group,
3248 3265 * initialize its state to uninitialized/none, in case the restarter
3249 3266 * is not enabled.
3250 3267 */
3251 3268 pg = safe_scf_pg_create(h);
3252 3269
3253 3270 if (scf_instance_get_pg(inst, SCF_PG_RESTARTER, pg) != 0) {
3254 3271 instance_data_t idata;
3255 3272 uint_t count = 0, msecs = ALLOC_DELAY;
3256 3273
3257 3274 switch (scf_error()) {
3258 3275 case SCF_ERROR_NOT_FOUND:
3259 3276 break;
3260 3277
3261 3278 case SCF_ERROR_CONNECTION_BROKEN:
3262 3279 default:
3263 3280 scf_pg_destroy(pg);
3264 3281 startd_free(restarter_fmri, max_scf_value_size);
3265 3282 return (ECONNABORTED);
3266 3283
3267 3284 case SCF_ERROR_DELETED:
3268 3285 scf_pg_destroy(pg);
3269 3286 startd_free(restarter_fmri, max_scf_value_size);
3270 3287 return (ECANCELED);
3271 3288
3272 3289 case SCF_ERROR_NOT_SET:
3273 3290 bad_error("scf_instance_get_pg", scf_error());
3274 3291 }
3275 3292
3276 3293 switch (err = libscf_instance_get_fmri(inst,
3277 3294 (char **)&idata.i_fmri)) {
3278 3295 case 0:
3279 3296 break;
3280 3297
3281 3298 case ECONNABORTED:
3282 3299 case ECANCELED:
3283 3300 scf_pg_destroy(pg);
3284 3301 startd_free(restarter_fmri, max_scf_value_size);
3285 3302 return (err);
3286 3303
3287 3304 default:
3288 3305 bad_error("libscf_instance_get_fmri", err);
3289 3306 }
3290 3307
3291 3308 idata.i_state = RESTARTER_STATE_NONE;
3292 3309 idata.i_next_state = RESTARTER_STATE_NONE;
3293 3310
3294 3311 init_state:
3295 3312 switch (err = _restarter_commit_states(h, &idata,
3296 3313 RESTARTER_STATE_UNINIT, RESTARTER_STATE_NONE,
3297 3314 restarter_get_str_short(restarter_str_insert_in_graph))) {
3298 3315 case 0:
3299 3316 break;
3300 3317
3301 3318 case ENOMEM:
3302 3319 ++count;
3303 3320 if (count < ALLOC_RETRY) {
3304 3321 (void) poll(NULL, 0, msecs);
3305 3322 msecs *= ALLOC_DELAY_MULT;
3306 3323 goto init_state;
3307 3324 }
3308 3325
3309 3326 uu_die("Insufficient memory.\n");
3310 3327 /* NOTREACHED */
3311 3328
3312 3329 case ECONNABORTED:
3313 3330 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3314 3331 scf_pg_destroy(pg);
3315 3332 startd_free(restarter_fmri, max_scf_value_size);
3316 3333 return (ECONNABORTED);
3317 3334
3318 3335 case ENOENT:
3319 3336 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3320 3337 scf_pg_destroy(pg);
3321 3338 startd_free(restarter_fmri, max_scf_value_size);
3322 3339 return (ECANCELED);
3323 3340
3324 3341 case EPERM:
3325 3342 case EACCES:
3326 3343 case EROFS:
3327 3344 log_error(LOG_NOTICE, "Could not initialize state for "
3328 3345 "%s: %s.\n", idata.i_fmri, strerror(err));
3329 3346 break;
3330 3347
3331 3348 case EINVAL:
3332 3349 default:
3333 3350 bad_error("_restarter_commit_states", err);
3334 3351 }
3335 3352
3336 3353 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3337 3354 }
3338 3355
3339 3356 scf_pg_destroy(pg);
3340 3357
3341 3358 if (milestone != NULL) {
3342 3359 /*
3343 3360 * Make sure the enable-override is set properly before we
3344 3361 * read whether we should be enabled.
3345 3362 */
3346 3363 if (milestone == MILESTONE_NONE ||
3347 3364 !(v->gv_flags & GV_INSUBGRAPH)) {
3348 3365 /*
3349 3366 * This might seem unjustified after the milestone
3350 3367 * transition has completed (non_subgraph_svcs == 0),
3351 3368 * but it's important because when we boot to
3352 3369 * a milestone, we set the milestone before populating
3353 3370 * the graph, and all of the new non-subgraph services
3354 3371 * need to be disabled here.
3355 3372 */
3356 3373 switch (err = libscf_set_enable_ovr(inst, 0)) {
3357 3374 case 0:
3358 3375 break;
3359 3376
3360 3377 case ECONNABORTED:
3361 3378 case ECANCELED:
3362 3379 startd_free(restarter_fmri, max_scf_value_size);
3363 3380 return (err);
3364 3381
3365 3382 case EROFS:
3366 3383 log_error(LOG_WARNING,
3367 3384 "Could not set %s/%s for %s: %s.\n",
3368 3385 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
3369 3386 v->gv_name, strerror(err));
3370 3387 break;
3371 3388
3372 3389 case EPERM:
3373 3390 uu_die("Permission denied.\n");
3374 3391 /* NOTREACHED */
3375 3392
3376 3393 default:
3377 3394 bad_error("libscf_set_enable_ovr", err);
3378 3395 }
3379 3396 } else {
3380 3397 assert(v->gv_flags & GV_INSUBGRAPH);
3381 3398 switch (err = libscf_delete_enable_ovr(inst)) {
3382 3399 case 0:
3383 3400 break;
3384 3401
3385 3402 case ECONNABORTED:
3386 3403 case ECANCELED:
3387 3404 startd_free(restarter_fmri, max_scf_value_size);
3388 3405 return (err);
3389 3406
3390 3407 case EPERM:
3391 3408 uu_die("Permission denied.\n");
3392 3409 /* NOTREACHED */
3393 3410
3394 3411 default:
3395 3412 bad_error("libscf_delete_enable_ovr", err);
3396 3413 }
3397 3414 }
3398 3415 }
3399 3416
3400 3417 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
3401 3418 &enabled_ovr, &restarter_fmri);
3402 3419 switch (err) {
3403 3420 case 0:
3404 3421 break;
3405 3422
3406 3423 case ECONNABORTED:
3407 3424 case ECANCELED:
3408 3425 startd_free(restarter_fmri, max_scf_value_size);
3409 3426 return (err);
3410 3427
3411 3428 case ENOENT:
3412 3429 log_framework(LOG_DEBUG,
3413 3430 "Ignoring %s because it has no general property group.\n",
3414 3431 v->gv_name);
3415 3432 startd_free(restarter_fmri, max_scf_value_size);
3416 3433 return (0);
3417 3434
3418 3435 default:
3419 3436 bad_error("libscf_get_basic_instance_data", err);
3420 3437 }
3421 3438
3422 3439 if ((tset = libscf_get_stn_tset(inst)) == -1) {
3423 3440 log_framework(LOG_WARNING,
3424 3441 "Failed to get notification parameters for %s: %s\n",
3425 3442 v->gv_name, scf_strerror(scf_error()));
3426 3443 v->gv_stn_tset = 0;
3427 3444 } else {
3428 3445 v->gv_stn_tset = tset;
3429 3446 }
3430 3447 if (strcmp(v->gv_name, SCF_INSTANCE_GLOBAL) == 0)
3431 3448 stn_global = v->gv_stn_tset;
3432 3449
3433 3450 if (enabled == -1) {
3434 3451 startd_free(restarter_fmri, max_scf_value_size);
3435 3452 return (0);
3436 3453 }
3437 3454
3438 3455 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
3439 3456 (enabled ? GV_ENBLD_NOOVR : 0);
3440 3457
3441 3458 if (enabled_ovr != -1)
3442 3459 enabled = enabled_ovr;
3443 3460
3444 3461 v->gv_state = RESTARTER_STATE_UNINIT;
3445 3462
3446 3463 snap = libscf_get_or_make_running_snapshot(inst, v->gv_name, B_TRUE);
3447 3464 scf_snapshot_destroy(snap);
3448 3465
3449 3466 /* Set up the restarter. (Sends _ADD_INSTANCE on success.) */
3450 3467 err = graph_change_restarter(v, restarter_fmri, h, &path);
3451 3468 if (err != 0) {
3452 3469 instance_data_t idata;
3453 3470 uint_t count = 0, msecs = ALLOC_DELAY;
3454 3471 restarter_str_t reason;
3455 3472
3456 3473 if (err == ECONNABORTED) {
3457 3474 startd_free(restarter_fmri, max_scf_value_size);
3458 3475 return (err);
3459 3476 }
3460 3477
3461 3478 assert(err == EINVAL || err == ELOOP);
3462 3479
3463 3480 if (err == EINVAL) {
3464 3481 log_framework(LOG_ERR, emsg_invalid_restarter,
3465 3482 v->gv_name, restarter_fmri);
3466 3483 reason = restarter_str_invalid_restarter;
3467 3484 } else {
3468 3485 handle_cycle(v->gv_name, path);
3469 3486 reason = restarter_str_dependency_cycle;
3470 3487 }
3471 3488
3472 3489 startd_free(restarter_fmri, max_scf_value_size);
3473 3490
3474 3491 /*
3475 3492 * We didn't register the instance with the restarter, so we
3476 3493 * must set maintenance mode ourselves.
3477 3494 */
3478 3495 err = libscf_instance_get_fmri(inst, (char **)&idata.i_fmri);
3479 3496 if (err != 0) {
3480 3497 assert(err == ECONNABORTED || err == ECANCELED);
3481 3498 return (err);
3482 3499 }
3483 3500
3484 3501 idata.i_state = RESTARTER_STATE_NONE;
3485 3502 idata.i_next_state = RESTARTER_STATE_NONE;
3486 3503
3487 3504 set_maint:
3488 3505 switch (err = _restarter_commit_states(h, &idata,
3489 3506 RESTARTER_STATE_MAINT, RESTARTER_STATE_NONE,
3490 3507 restarter_get_str_short(reason))) {
3491 3508 case 0:
3492 3509 break;
3493 3510
3494 3511 case ENOMEM:
3495 3512 ++count;
3496 3513 if (count < ALLOC_RETRY) {
3497 3514 (void) poll(NULL, 0, msecs);
3498 3515 msecs *= ALLOC_DELAY_MULT;
3499 3516 goto set_maint;
3500 3517 }
3501 3518
3502 3519 uu_die("Insufficient memory.\n");
3503 3520 /* NOTREACHED */
3504 3521
3505 3522 case ECONNABORTED:
3506 3523 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3507 3524 return (ECONNABORTED);
3508 3525
3509 3526 case ENOENT:
3510 3527 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3511 3528 return (ECANCELED);
3512 3529
3513 3530 case EPERM:
3514 3531 case EACCES:
3515 3532 case EROFS:
3516 3533 log_error(LOG_NOTICE, "Could not initialize state for "
3517 3534 "%s: %s.\n", idata.i_fmri, strerror(err));
3518 3535 break;
3519 3536
3520 3537 case EINVAL:
3521 3538 default:
3522 3539 bad_error("_restarter_commit_states", err);
3523 3540 }
3524 3541
3525 3542 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3526 3543
3527 3544 v->gv_state = RESTARTER_STATE_MAINT;
3528 3545
3529 3546 goto out;
3530 3547 }
3531 3548 startd_free(restarter_fmri, max_scf_value_size);
3532 3549
3533 3550 /* Add all the other dependencies. */
3534 3551 err = refresh_vertex(v, inst);
3535 3552 if (err != 0) {
3536 3553 assert(err == ECONNABORTED);
3537 3554 return (err);
3538 3555 }
3539 3556
3540 3557 out:
3541 3558 v->gv_flags |= GV_CONFIGURED;
3542 3559
3543 3560 graph_enable_by_vertex(v, enabled, 0);
3544 3561
3545 3562 return (0);
3546 3563 }
3547 3564
3548 3565
3549 3566 static void
3550 3567 kill_user_procs(void)
3551 3568 {
3552 3569 (void) fputs("svc.startd: Killing user processes.\n", stdout);
3553 3570
3554 3571 /*
3555 3572 * Despite its name, killall's role is to get select user processes--
3556 3573 * basically those representing terminal-based logins-- to die. Victims
3557 3574 * are located by killall in the utmp database. Since these are most
3558 3575 * often shell based logins, and many shells mask SIGTERM (but are
3559 3576 * responsive to SIGHUP) we first HUP and then shortly thereafter
3560 3577 * kill -9.
3561 3578 */
3562 3579 (void) fork_with_timeout("/usr/sbin/killall HUP", 1, 5);
3563 3580 (void) fork_with_timeout("/usr/sbin/killall KILL", 1, 5);
3564 3581
3565 3582 /*
3566 3583 * Note the selection of user id's 0, 1 and 15, subsequently
3567 3584 * inverted by -v. 15 is reserved for dladmd. Yes, this is a
3568 3585 * kludge-- a better policy is needed.
3569 3586 *
3570 3587 * Note that fork_with_timeout will only wait out the 1 second
3571 3588 * "grace time" if pkill actually returns 0. So if there are
3572 3589 * no matches, this will run to completion much more quickly.
3573 3590 */
3574 3591 (void) fork_with_timeout("/usr/bin/pkill -TERM -v -u 0,1,15", 1, 5);
3575 3592 (void) fork_with_timeout("/usr/bin/pkill -KILL -v -u 0,1,15", 1, 5);
3576 3593 }
3577 3594
3578 3595 static void
3579 3596 do_uadmin(void)
3580 3597 {
3581 3598 const char * const resetting = "/etc/svc/volatile/resetting";
3582 3599 int fd;
3583 3600 struct statvfs vfs;
3584 3601 time_t now;
3585 3602 struct tm nowtm;
3586 3603 char down_buf[256], time_buf[256];
3587 3604 uintptr_t mdep;
3588 3605 #if defined(__i386)
3589 3606 grub_boot_args_t fbarg;
3590 3607 #endif /* __i386 */
3591 3608
3592 3609 mdep = NULL;
3593 3610 fd = creat(resetting, 0777);
3594 3611 if (fd >= 0)
3595 3612 startd_close(fd);
3596 3613 else
3597 3614 uu_warn("Could not create \"%s\"", resetting);
3598 3615
3599 3616 /* Kill dhcpagent if we're not using nfs for root */
3600 3617 if ((statvfs("/", &vfs) == 0) &&
3601 3618 (strncmp(vfs.f_basetype, "nfs", sizeof ("nfs") - 1) != 0))
3602 3619 fork_with_timeout("/usr/bin/pkill -x -u 0 dhcpagent", 0, 5);
3603 3620
3604 3621 /*
3605 3622 * Call sync(2) now, before we kill off user processes. This takes
3606 3623 * advantage of the several seconds of pause we have before the
3607 3624 * killalls are done. Time we can make good use of to get pages
3608 3625 * moving out to disk.
3609 3626 *
3610 3627 * Inside non-global zones, we don't bother, and it's better not to
3611 3628 * anyway, since sync(2) can have system-wide impact.
3612 3629 */
3613 3630 if (getzoneid() == 0)
3614 3631 sync();
3615 3632
3616 3633 kill_user_procs();
3617 3634
3618 3635 /*
3619 3636 * Note that this must come after the killing of user procs, since
3620 3637 * killall relies on utmpx, and this command affects the contents of
3621 3638 * said file.
3622 3639 */
3623 3640 if (access("/usr/lib/acct/closewtmp", X_OK) == 0)
3624 3641 fork_with_timeout("/usr/lib/acct/closewtmp", 0, 5);
3625 3642
3626 3643 /*
3627 3644 * For patches which may be installed as the system is shutting
3628 3645 * down, we need to ensure, one more time, that the boot archive
3629 3646 * really is up to date.
3630 3647 */
3631 3648 if (getzoneid() == 0 && access("/usr/sbin/bootadm", X_OK) == 0)
3632 3649 fork_with_timeout("/usr/sbin/bootadm -ea update_all", 0, 3600);
3633 3650
3634 3651 /*
3635 3652 * Right now, fast reboot is supported only on i386.
3636 3653 * scf_is_fastboot_default() should take care of it.
3637 3654 * If somehow we got there on unsupported platform -
3638 3655 * print warning and fall back to regular reboot.
3639 3656 */
3640 3657 if (halting == AD_FASTREBOOT) {
3641 3658 #if defined(__i386)
3642 3659 int rc;
3643 3660
3644 3661 if ((rc = grub_get_boot_args(&fbarg, NULL,
3645 3662 GRUB_ENTRY_DEFAULT)) == 0) {
3646 3663 mdep = (uintptr_t)&fbarg.gba_bootargs;
3647 3664 } else {
3648 3665 /*
3649 3666 * Failed to read GRUB menu, fall back to normal reboot
3650 3667 */
3651 3668 halting = AD_BOOT;
3652 3669 uu_warn("Failed to process GRUB menu entry "
3653 3670 "for fast reboot.\n\t%s\n"
3654 3671 "Falling back to regular reboot.\n",
3655 3672 grub_strerror(rc));
3656 3673 }
3657 3674 #else /* __i386 */
3658 3675 halting = AD_BOOT;
3659 3676 uu_warn("Fast reboot configured, but not supported by "
3660 3677 "this ISA\n");
3661 3678 #endif /* __i386 */
3662 3679 }
3663 3680
3664 3681 fork_with_timeout("/sbin/umountall -l", 0, 5);
3665 3682 fork_with_timeout("/sbin/umount /tmp /var/adm /var/run /var "
3666 3683 ">/dev/null 2>&1", 0, 5);
3667 3684
3668 3685 /*
3669 3686 * Try to get to consistency for whatever UFS filesystems are left.
3670 3687 * This is pretty expensive, so we save it for the end in the hopes of
3671 3688 * minimizing what it must do. The other option would be to start in
3672 3689 * parallel with the killall's, but lockfs tends to throw out much more
3673 3690 * than is needed, and so subsequent commands (like umountall) take a
3674 3691 * long time to get going again.
3675 3692 *
3676 3693 * Inside of zones, we don't bother, since we're not about to terminate
3677 3694 * the whole OS instance.
3678 3695 *
3679 3696 * On systems using only ZFS, this call to lockfs -fa is a no-op.
3680 3697 */
3681 3698 if (getzoneid() == 0) {
3682 3699 if (access("/usr/sbin/lockfs", X_OK) == 0)
3683 3700 fork_with_timeout("/usr/sbin/lockfs -fa", 0, 30);
3684 3701
3685 3702 sync(); /* once more, with feeling */
3686 3703 }
3687 3704
3688 3705 fork_with_timeout("/sbin/umount /usr >/dev/null 2>&1", 0, 5);
3689 3706
3690 3707 /*
3691 3708 * Construct and emit the last words from userland:
3692 3709 * "<timestamp> The system is down. Shutdown took <N> seconds."
3693 3710 *
3694 3711 * Normally we'd use syslog, but with /var and other things
3695 3712 * potentially gone, try to minimize the external dependencies.
3696 3713 */
3697 3714 now = time(NULL);
3698 3715 (void) localtime_r(&now, &nowtm);
3699 3716
3700 3717 if (strftime(down_buf, sizeof (down_buf),
3701 3718 "%b %e %T The system is down.", &nowtm) == 0) {
3702 3719 (void) strlcpy(down_buf, "The system is down.",
3703 3720 sizeof (down_buf));
3704 3721 }
3705 3722
3706 3723 if (halting_time != 0 && halting_time <= now) {
3707 3724 (void) snprintf(time_buf, sizeof (time_buf),
3708 3725 " Shutdown took %lu seconds.", now - halting_time);
3709 3726 } else {
3710 3727 time_buf[0] = '\0';
3711 3728 }
3712 3729 (void) printf("%s%s\n", down_buf, time_buf);
3713 3730
3714 3731 (void) uadmin(A_SHUTDOWN, halting, mdep);
3715 3732 uu_warn("uadmin() failed");
3716 3733
3717 3734 #if defined(__i386)
3718 3735 /* uadmin fail, cleanup grub_boot_args */
3719 3736 if (halting == AD_FASTREBOOT)
3720 3737 grub_cleanup_boot_args(&fbarg);
3721 3738 #endif /* __i386 */
3722 3739
3723 3740 if (remove(resetting) != 0 && errno != ENOENT)
3724 3741 uu_warn("Could not remove \"%s\"", resetting);
3725 3742 }
3726 3743
3727 3744 /*
3728 3745 * If any of the up_svcs[] are online or satisfiable, return true. If they are
3729 3746 * all missing, disabled, in maintenance, or unsatisfiable, return false.
3730 3747 */
3731 3748 boolean_t
3732 3749 can_come_up(void)
3733 3750 {
3734 3751 int i;
3735 3752
3736 3753 assert(MUTEX_HELD(&dgraph_lock));
3737 3754
3738 3755 /*
3739 3756 * If we are booting to single user (boot -s),
3740 3757 * SCF_MILESTONE_SINGLE_USER is needed to come up because startd
3741 3758 * spawns sulogin after single-user is online (see specials.c).
3742 3759 */
3743 3760 i = (booting_to_single_user ? 0 : 1);
3744 3761
3745 3762 for (; up_svcs[i] != NULL; ++i) {
3746 3763 if (up_svcs_p[i] == NULL) {
3747 3764 up_svcs_p[i] = vertex_get_by_name(up_svcs[i]);
3748 3765
3749 3766 if (up_svcs_p[i] == NULL)
3750 3767 continue;
3751 3768 }
3752 3769
3753 3770 /*
3754 3771 * Ignore unconfigured services (the ones that have been
3755 3772 * mentioned in a dependency from other services, but do
3756 3773 * not exist in the repository). Services which exist
3757 3774 * in the repository but don't have general/enabled
3758 3775 * property will be also ignored.
3759 3776 */
3760 3777 if (!(up_svcs_p[i]->gv_flags & GV_CONFIGURED))
3761 3778 continue;
3762 3779
3763 3780 switch (up_svcs_p[i]->gv_state) {
3764 3781 case RESTARTER_STATE_ONLINE:
3765 3782 case RESTARTER_STATE_DEGRADED:
3766 3783 /*
3767 3784 * Deactivate verbose boot once a login service has been
3768 3785 * reached.
3769 3786 */
3770 3787 st->st_log_login_reached = 1;
3771 3788 /*FALLTHROUGH*/
3772 3789 case RESTARTER_STATE_UNINIT:
3773 3790 return (B_TRUE);
3774 3791
3775 3792 case RESTARTER_STATE_OFFLINE:
3776 3793 if (instance_satisfied(up_svcs_p[i], B_TRUE) != -1)
3777 3794 return (B_TRUE);
3778 3795 log_framework(LOG_DEBUG,
3779 3796 "can_come_up(): %s is unsatisfiable.\n",
3780 3797 up_svcs_p[i]->gv_name);
3781 3798 continue;
3782 3799
3783 3800 case RESTARTER_STATE_DISABLED:
3784 3801 case RESTARTER_STATE_MAINT:
3785 3802 log_framework(LOG_DEBUG,
3786 3803 "can_come_up(): %s is in state %s.\n",
3787 3804 up_svcs_p[i]->gv_name,
3788 3805 instance_state_str[up_svcs_p[i]->gv_state]);
3789 3806 continue;
3790 3807
3791 3808 default:
3792 3809 #ifndef NDEBUG
3793 3810 uu_warn("%s:%d: Unexpected vertex state %d.\n",
3794 3811 __FILE__, __LINE__, up_svcs_p[i]->gv_state);
3795 3812 #endif
3796 3813 abort();
3797 3814 }
3798 3815 }
3799 3816
3800 3817 /*
3801 3818 * In the seed repository, console-login is unsatisfiable because
3802 3819 * services are missing. To behave correctly in that case we don't want
3803 3820 * to return false until manifest-import is online.
3804 3821 */
3805 3822
3806 3823 if (manifest_import_p == NULL) {
3807 3824 manifest_import_p = vertex_get_by_name(manifest_import);
3808 3825
3809 3826 if (manifest_import_p == NULL)
3810 3827 return (B_FALSE);
3811 3828 }
3812 3829
3813 3830 switch (manifest_import_p->gv_state) {
3814 3831 case RESTARTER_STATE_ONLINE:
3815 3832 case RESTARTER_STATE_DEGRADED:
3816 3833 case RESTARTER_STATE_DISABLED:
3817 3834 case RESTARTER_STATE_MAINT:
3818 3835 break;
3819 3836
3820 3837 case RESTARTER_STATE_OFFLINE:
3821 3838 if (instance_satisfied(manifest_import_p, B_TRUE) == -1)
3822 3839 break;
3823 3840 /* FALLTHROUGH */
3824 3841
3825 3842 case RESTARTER_STATE_UNINIT:
3826 3843 return (B_TRUE);
3827 3844 }
3828 3845
3829 3846 return (B_FALSE);
3830 3847 }
3831 3848
3832 3849 /*
3833 3850 * Runs sulogin. Returns
3834 3851 * 0 - success
3835 3852 * EALREADY - sulogin is already running
3836 3853 * EBUSY - console-login is running
3837 3854 */
3838 3855 static int
3839 3856 run_sulogin(const char *msg)
3840 3857 {
3841 3858 graph_vertex_t *v;
3842 3859
3843 3860 assert(MUTEX_HELD(&dgraph_lock));
3844 3861
3845 3862 if (sulogin_running)
3846 3863 return (EALREADY);
3847 3864
3848 3865 v = vertex_get_by_name(console_login_fmri);
3849 3866 if (v != NULL && inst_running(v))
3850 3867 return (EBUSY);
3851 3868
3852 3869 sulogin_running = B_TRUE;
3853 3870
3854 3871 MUTEX_UNLOCK(&dgraph_lock);
3855 3872
3856 3873 fork_sulogin(B_FALSE, msg);
3857 3874
3858 3875 MUTEX_LOCK(&dgraph_lock);
3859 3876
3860 3877 sulogin_running = B_FALSE;
3861 3878
3862 3879 if (console_login_ready) {
3863 3880 v = vertex_get_by_name(console_login_fmri);
3864 3881
3865 3882 if (v != NULL && v->gv_state == RESTARTER_STATE_OFFLINE) {
3866 3883 if (v->gv_start_f == NULL)
3867 3884 vertex_send_event(v,
3868 3885 RESTARTER_EVENT_TYPE_START);
3869 3886 else
3870 3887 v->gv_start_f(v);
3871 3888 }
3872 3889
3873 3890 console_login_ready = B_FALSE;
3874 3891 }
3875 3892
3876 3893 return (0);
3877 3894 }
3878 3895
3879 3896 /*
3880 3897 * The sulogin thread runs sulogin while can_come_up() is false. run_sulogin()
3881 3898 * keeps sulogin from stepping on console-login's toes.
3882 3899 */
3883 3900 /* ARGSUSED */
3884 3901 static void *
3885 3902 sulogin_thread(void *unused)
3886 3903 {
3887 3904 MUTEX_LOCK(&dgraph_lock);
3888 3905
3889 3906 assert(sulogin_thread_running);
3890 3907
3891 3908 do {
3892 3909 (void) run_sulogin("Console login service(s) cannot run\n");
3893 3910 } while (!can_come_up());
3894 3911
3895 3912 sulogin_thread_running = B_FALSE;
3896 3913 MUTEX_UNLOCK(&dgraph_lock);
3897 3914
3898 3915 return (NULL);
3899 3916 }
3900 3917
3901 3918 /* ARGSUSED */
3902 3919 void *
3903 3920 single_user_thread(void *unused)
3904 3921 {
3905 3922 uint_t left;
3906 3923 scf_handle_t *h;
3907 3924 scf_instance_t *inst;
3908 3925 scf_property_t *prop;
3909 3926 scf_value_t *val;
3910 3927 const char *msg;
3911 3928 char *buf;
3912 3929 int r;
3913 3930
3914 3931 MUTEX_LOCK(&single_user_thread_lock);
3915 3932 single_user_thread_count++;
3916 3933
3917 3934 if (!booting_to_single_user)
3918 3935 kill_user_procs();
3919 3936
3920 3937 if (go_single_user_mode || booting_to_single_user) {
3921 3938 msg = "SINGLE USER MODE\n";
3922 3939 } else {
3923 3940 assert(go_to_level1);
3924 3941
3925 3942 fork_rc_script('1', "start", B_TRUE);
3926 3943
3927 3944 uu_warn("The system is ready for administration.\n");
3928 3945
3929 3946 msg = "";
3930 3947 }
3931 3948
3932 3949 MUTEX_UNLOCK(&single_user_thread_lock);
3933 3950
3934 3951 for (;;) {
3935 3952 MUTEX_LOCK(&dgraph_lock);
3936 3953 r = run_sulogin(msg);
3937 3954 MUTEX_UNLOCK(&dgraph_lock);
3938 3955 if (r == 0)
3939 3956 break;
3940 3957
3941 3958 assert(r == EALREADY || r == EBUSY);
3942 3959
3943 3960 left = 3;
3944 3961 while (left > 0)
3945 3962 left = sleep(left);
3946 3963 }
3947 3964
3948 3965 MUTEX_LOCK(&single_user_thread_lock);
3949 3966
3950 3967 /*
3951 3968 * If another single user thread has started, let it finish changing
3952 3969 * the run level.
3953 3970 */
3954 3971 if (single_user_thread_count > 1) {
3955 3972 single_user_thread_count--;
3956 3973 MUTEX_UNLOCK(&single_user_thread_lock);
3957 3974 return (NULL);
3958 3975 }
3959 3976
3960 3977 h = libscf_handle_create_bound_loop();
3961 3978 inst = scf_instance_create(h);
3962 3979 prop = safe_scf_property_create(h);
3963 3980 val = safe_scf_value_create(h);
3964 3981 buf = startd_alloc(max_scf_fmri_size);
3965 3982
3966 3983 lookup:
3967 3984 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
3968 3985 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
3969 3986 switch (scf_error()) {
3970 3987 case SCF_ERROR_NOT_FOUND:
3971 3988 r = libscf_create_self(h);
3972 3989 if (r == 0)
3973 3990 goto lookup;
3974 3991 assert(r == ECONNABORTED);
3975 3992 /* FALLTHROUGH */
3976 3993
3977 3994 case SCF_ERROR_CONNECTION_BROKEN:
3978 3995 libscf_handle_rebind(h);
3979 3996 goto lookup;
3980 3997
3981 3998 case SCF_ERROR_INVALID_ARGUMENT:
3982 3999 case SCF_ERROR_CONSTRAINT_VIOLATED:
3983 4000 case SCF_ERROR_NOT_BOUND:
3984 4001 case SCF_ERROR_HANDLE_MISMATCH:
3985 4002 default:
3986 4003 bad_error("scf_handle_decode_fmri", scf_error());
3987 4004 }
3988 4005 }
3989 4006
3990 4007 MUTEX_LOCK(&dgraph_lock);
3991 4008
3992 4009 r = scf_instance_delete_prop(inst, SCF_PG_OPTIONS_OVR,
3993 4010 SCF_PROPERTY_MILESTONE);
3994 4011 switch (r) {
3995 4012 case 0:
3996 4013 case ECANCELED:
3997 4014 break;
3998 4015
3999 4016 case ECONNABORTED:
4000 4017 MUTEX_UNLOCK(&dgraph_lock);
4001 4018 libscf_handle_rebind(h);
4002 4019 goto lookup;
4003 4020
4004 4021 case EPERM:
4005 4022 case EACCES:
4006 4023 case EROFS:
4007 4024 log_error(LOG_WARNING, "Could not clear temporary milestone: "
4008 4025 "%s.\n", strerror(r));
4009 4026 break;
4010 4027
4011 4028 default:
4012 4029 bad_error("scf_instance_delete_prop", r);
4013 4030 }
4014 4031
4015 4032 MUTEX_UNLOCK(&dgraph_lock);
4016 4033
4017 4034 r = libscf_get_milestone(inst, prop, val, buf, max_scf_fmri_size);
4018 4035 switch (r) {
4019 4036 case ECANCELED:
4020 4037 case ENOENT:
4021 4038 case EINVAL:
4022 4039 (void) strcpy(buf, "all");
4023 4040 /* FALLTHROUGH */
4024 4041
4025 4042 case 0:
4026 4043 uu_warn("Returning to milestone %s.\n", buf);
4027 4044 break;
4028 4045
4029 4046 case ECONNABORTED:
4030 4047 libscf_handle_rebind(h);
4031 4048 goto lookup;
4032 4049
4033 4050 default:
4034 4051 bad_error("libscf_get_milestone", r);
4035 4052 }
4036 4053
4037 4054 r = dgraph_set_milestone(buf, h, B_FALSE);
4038 4055 switch (r) {
4039 4056 case 0:
4040 4057 case ECONNRESET:
4041 4058 case EALREADY:
4042 4059 case EINVAL:
4043 4060 case ENOENT:
4044 4061 break;
4045 4062
4046 4063 default:
4047 4064 bad_error("dgraph_set_milestone", r);
4048 4065 }
4049 4066
4050 4067 /*
4051 4068 * See graph_runlevel_changed().
4052 4069 */
4053 4070 MUTEX_LOCK(&dgraph_lock);
4054 4071 utmpx_set_runlevel(target_milestone_as_runlevel(), 'S', B_TRUE);
4055 4072 MUTEX_UNLOCK(&dgraph_lock);
4056 4073
4057 4074 startd_free(buf, max_scf_fmri_size);
4058 4075 scf_value_destroy(val);
4059 4076 scf_property_destroy(prop);
4060 4077 scf_instance_destroy(inst);
4061 4078 scf_handle_destroy(h);
4062 4079
4063 4080 /*
4064 4081 * We'll give ourselves 3 seconds to respond to all of the enablings
4065 4082 * that setting the milestone should have created before checking
4066 4083 * whether to run sulogin.
4067 4084 */
4068 4085 left = 3;
4069 4086 while (left > 0)
4070 4087 left = sleep(left);
4071 4088
4072 4089 MUTEX_LOCK(&dgraph_lock);
4073 4090 /*
4074 4091 * Clearing these variables will allow the sulogin thread to run. We
4075 4092 * check here in case there aren't any more state updates anytime soon.
4076 4093 */
4077 4094 go_to_level1 = go_single_user_mode = booting_to_single_user = B_FALSE;
4078 4095 if (!sulogin_thread_running && !can_come_up()) {
4079 4096 (void) startd_thread_create(sulogin_thread, NULL);
4080 4097 sulogin_thread_running = B_TRUE;
4081 4098 }
4082 4099 MUTEX_UNLOCK(&dgraph_lock);
4083 4100 single_user_thread_count--;
4084 4101 MUTEX_UNLOCK(&single_user_thread_lock);
4085 4102 return (NULL);
4086 4103 }
4087 4104
4088 4105
4089 4106 /*
4090 4107 * Dependency graph operations API. These are handle-independent thread-safe
4091 4108 * graph manipulation functions which are the entry points for the event
4092 4109 * threads below.
4093 4110 */
4094 4111
4095 4112 /*
4096 4113 * If a configured vertex exists for inst_fmri, return EEXIST. If no vertex
4097 4114 * exists for inst_fmri, add one. Then fetch the restarter from inst, make
4098 4115 * this vertex dependent on it, and send _ADD_INSTANCE to the restarter.
4099 4116 * Fetch whether the instance should be enabled from inst and send _ENABLE or
4100 4117 * _DISABLE as appropriate. Finally rummage through inst's dependency
4101 4118 * property groups and add vertices and edges as appropriate. If anything
4102 4119 * goes wrong after sending _ADD_INSTANCE, send _ADMIN_MAINT_ON to put the
4103 4120 * instance in maintenance. Don't send _START or _STOP until we get a state
4104 4121 * update in case we're being restarted and the service is already running.
4105 4122 *
4106 4123 * To support booting to a milestone, we must also make sure all dependencies
4107 4124 * encountered are configured, if they exist in the repository.
4108 4125 *
4109 4126 * Returns 0 on success, ECONNABORTED on repository disconnection, EINVAL if
4110 4127 * inst_fmri is an invalid (or not canonical) FMRI, ECANCELED if inst is
4111 4128 * deleted, or EEXIST if a configured vertex for inst_fmri already exists.
4112 4129 */
4113 4130 int
4114 4131 dgraph_add_instance(const char *inst_fmri, scf_instance_t *inst,
4115 4132 boolean_t lock_graph)
4116 4133 {
4117 4134 graph_vertex_t *v;
4118 4135 int err;
4119 4136
4120 4137 if (strcmp(inst_fmri, SCF_SERVICE_STARTD) == 0)
4121 4138 return (0);
4122 4139
4123 4140 /* Check for a vertex for inst_fmri. */
4124 4141 if (lock_graph) {
4125 4142 MUTEX_LOCK(&dgraph_lock);
4126 4143 } else {
4127 4144 assert(MUTEX_HELD(&dgraph_lock));
4128 4145 }
4129 4146
4130 4147 v = vertex_get_by_name(inst_fmri);
4131 4148
4132 4149 if (v != NULL) {
4133 4150 assert(v->gv_type == GVT_INST);
4134 4151
4135 4152 if (v->gv_flags & GV_CONFIGURED) {
4136 4153 if (lock_graph)
4137 4154 MUTEX_UNLOCK(&dgraph_lock);
4138 4155 return (EEXIST);
4139 4156 }
4140 4157 } else {
4141 4158 /* Add the vertex. */
4142 4159 err = graph_insert_vertex_unconfigured(inst_fmri, GVT_INST, 0,
4143 4160 RERR_NONE, &v);
4144 4161 if (err != 0) {
4145 4162 assert(err == EINVAL);
4146 4163 if (lock_graph)
4147 4164 MUTEX_UNLOCK(&dgraph_lock);
4148 4165 return (EINVAL);
4149 4166 }
4150 4167 }
4151 4168
4152 4169 err = configure_vertex(v, inst);
4153 4170
4154 4171 if (lock_graph)
4155 4172 MUTEX_UNLOCK(&dgraph_lock);
4156 4173
4157 4174 return (err);
4158 4175 }
4159 4176
4160 4177 /*
4161 4178 * Locate the vertex for this property group's instance. If it doesn't exist
4162 4179 * or is unconfigured, call dgraph_add_instance() & return. Otherwise fetch
4163 4180 * the restarter for the instance, and if it has changed, send
4164 4181 * _REMOVE_INSTANCE to the old restarter, remove the dependency, make sure the
4165 4182 * new restarter has a vertex, add a new dependency, and send _ADD_INSTANCE to
4166 4183 * the new restarter. Then fetch whether the instance should be enabled, and
4167 4184 * if it is different from what we had, or if we changed the restarter, send
4168 4185 * the appropriate _ENABLE or _DISABLE command.
4169 4186 *
4170 4187 * Returns 0 on success, ENOTSUP if the pg's parent is not an instance,
4171 4188 * ECONNABORTED on repository disconnection, ECANCELED if the instance is
4172 4189 * deleted, or -1 if the instance's general property group is deleted or if
4173 4190 * its enabled property is misconfigured.
4174 4191 */
4175 4192 static int
4176 4193 dgraph_update_general(scf_propertygroup_t *pg)
4177 4194 {
4178 4195 scf_handle_t *h;
4179 4196 scf_instance_t *inst;
4180 4197 char *fmri;
4181 4198 char *restarter_fmri;
4182 4199 graph_vertex_t *v;
4183 4200 int err;
4184 4201 int enabled, enabled_ovr;
4185 4202 int oldflags;
4186 4203
4187 4204 /* Find the vertex for this service */
4188 4205 h = scf_pg_handle(pg);
4189 4206
4190 4207 inst = safe_scf_instance_create(h);
4191 4208
4192 4209 if (scf_pg_get_parent_instance(pg, inst) != 0) {
4193 4210 switch (scf_error()) {
4194 4211 case SCF_ERROR_CONSTRAINT_VIOLATED:
4195 4212 return (ENOTSUP);
4196 4213
4197 4214 case SCF_ERROR_CONNECTION_BROKEN:
4198 4215 default:
4199 4216 return (ECONNABORTED);
4200 4217
4201 4218 case SCF_ERROR_DELETED:
4202 4219 return (0);
4203 4220
4204 4221 case SCF_ERROR_NOT_SET:
4205 4222 bad_error("scf_pg_get_parent_instance", scf_error());
4206 4223 }
4207 4224 }
4208 4225
4209 4226 err = libscf_instance_get_fmri(inst, &fmri);
4210 4227 switch (err) {
4211 4228 case 0:
4212 4229 break;
4213 4230
4214 4231 case ECONNABORTED:
4215 4232 scf_instance_destroy(inst);
4216 4233 return (ECONNABORTED);
4217 4234
4218 4235 case ECANCELED:
4219 4236 scf_instance_destroy(inst);
4220 4237 return (0);
4221 4238
4222 4239 default:
4223 4240 bad_error("libscf_instance_get_fmri", err);
4224 4241 }
4225 4242
4226 4243 log_framework(LOG_DEBUG,
4227 4244 "Graph engine: Reloading general properties for %s.\n", fmri);
4228 4245
4229 4246 MUTEX_LOCK(&dgraph_lock);
4230 4247
4231 4248 v = vertex_get_by_name(fmri);
4232 4249 if (v == NULL || !(v->gv_flags & GV_CONFIGURED)) {
4233 4250 /* Will get the up-to-date properties. */
4234 4251 MUTEX_UNLOCK(&dgraph_lock);
4235 4252 err = dgraph_add_instance(fmri, inst, B_TRUE);
4236 4253 startd_free(fmri, max_scf_fmri_size);
4237 4254 scf_instance_destroy(inst);
4238 4255 return (err == ECANCELED ? 0 : err);
4239 4256 }
4240 4257
4241 4258 /* Read enabled & restarter from repository. */
4242 4259 restarter_fmri = startd_alloc(max_scf_value_size);
4243 4260 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
4244 4261 &enabled_ovr, &restarter_fmri);
4245 4262 if (err != 0 || enabled == -1) {
4246 4263 MUTEX_UNLOCK(&dgraph_lock);
4247 4264 scf_instance_destroy(inst);
4248 4265 startd_free(fmri, max_scf_fmri_size);
4249 4266
4250 4267 switch (err) {
4251 4268 case ENOENT:
4252 4269 case 0:
4253 4270 startd_free(restarter_fmri, max_scf_value_size);
4254 4271 return (-1);
4255 4272
4256 4273 case ECONNABORTED:
4257 4274 case ECANCELED:
4258 4275 startd_free(restarter_fmri, max_scf_value_size);
4259 4276 return (err);
4260 4277
4261 4278 default:
4262 4279 bad_error("libscf_get_basic_instance_data", err);
4263 4280 }
4264 4281 }
4265 4282
4266 4283 oldflags = v->gv_flags;
4267 4284 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
4268 4285 (enabled ? GV_ENBLD_NOOVR : 0);
4269 4286
4270 4287 if (enabled_ovr != -1)
4271 4288 enabled = enabled_ovr;
4272 4289
4273 4290 /*
4274 4291 * If GV_ENBLD_NOOVR has changed, then we need to re-evaluate the
4275 4292 * subgraph.
4276 4293 */
4277 4294 if (milestone > MILESTONE_NONE && v->gv_flags != oldflags)
4278 4295 (void) eval_subgraph(v, h);
4279 4296
4280 4297 scf_instance_destroy(inst);
4281 4298
4282 4299 /* Ignore restarter change for now. */
4283 4300
4284 4301 startd_free(restarter_fmri, max_scf_value_size);
4285 4302 startd_free(fmri, max_scf_fmri_size);
4286 4303
4287 4304 /*
4288 4305 * Always send _ENABLE or _DISABLE. We could avoid this if the
4289 4306 * restarter didn't change and the enabled value didn't change, but
4290 4307 * that's not easy to check and improbable anyway, so we'll just do
4291 4308 * this.
4292 4309 */
4293 4310 graph_enable_by_vertex(v, enabled, 1);
4294 4311
4295 4312 MUTEX_UNLOCK(&dgraph_lock);
4296 4313
4297 4314 return (0);
4298 4315 }
4299 4316
4300 4317 /*
4301 4318 * Delete all of the property group dependencies of v, update inst's running
4302 4319 * snapshot, and add the dependencies in the new snapshot. If any of the new
4303 4320 * dependencies would create a cycle, send _ADMIN_MAINT_ON. Otherwise
4304 4321 * reevaluate v's dependencies, send _START or _STOP as appropriate, and do
4305 4322 * the same for v's dependents.
4306 4323 *
4307 4324 * Returns
4308 4325 * 0 - success
4309 4326 * ECONNABORTED - repository connection broken
4310 4327 * ECANCELED - inst was deleted
4311 4328 * EINVAL - inst is invalid (e.g., missing general/enabled)
4312 4329 * -1 - libscf_snapshots_refresh() failed
4313 4330 */
4314 4331 static int
4315 4332 dgraph_refresh_instance(graph_vertex_t *v, scf_instance_t *inst)
4316 4333 {
4317 4334 int r;
4318 4335 int enabled;
4319 4336 int32_t tset;
4320 4337
4321 4338 assert(MUTEX_HELD(&dgraph_lock));
4322 4339 assert(v->gv_type == GVT_INST);
4323 4340
4324 4341 /* Only refresh services with valid general/enabled properties. */
4325 4342 r = libscf_get_basic_instance_data(scf_instance_handle(inst), inst,
4326 4343 v->gv_name, &enabled, NULL, NULL);
4327 4344 switch (r) {
4328 4345 case 0:
4329 4346 break;
4330 4347
4331 4348 case ECONNABORTED:
4332 4349 case ECANCELED:
4333 4350 return (r);
4334 4351
4335 4352 case ENOENT:
4336 4353 log_framework(LOG_DEBUG,
4337 4354 "Ignoring %s because it has no general property group.\n",
4338 4355 v->gv_name);
4339 4356 return (EINVAL);
4340 4357
4341 4358 default:
4342 4359 bad_error("libscf_get_basic_instance_data", r);
4343 4360 }
4344 4361
4345 4362 if ((tset = libscf_get_stn_tset(inst)) == -1) {
4346 4363 log_framework(LOG_WARNING,
4347 4364 "Failed to get notification parameters for %s: %s\n",
4348 4365 v->gv_name, scf_strerror(scf_error()));
4349 4366 tset = 0;
4350 4367 }
4351 4368 v->gv_stn_tset = tset;
4352 4369 if (strcmp(v->gv_name, SCF_INSTANCE_GLOBAL) == 0)
4353 4370 stn_global = tset;
4354 4371
4355 4372 if (enabled == -1)
4356 4373 return (EINVAL);
4357 4374
4358 4375 r = libscf_snapshots_refresh(inst, v->gv_name);
4359 4376 if (r != 0) {
4360 4377 if (r != -1)
4361 4378 bad_error("libscf_snapshots_refresh", r);
4362 4379
4363 4380 /* error logged */
4364 4381 return (r);
4365 4382 }
4366 4383
4367 4384 r = refresh_vertex(v, inst);
4368 4385 if (r != 0 && r != ECONNABORTED)
4369 4386 bad_error("refresh_vertex", r);
4370 4387 return (r);
4371 4388 }
4372 4389
4373 4390 /*
4374 4391 * Returns true only if none of this service's dependents are 'up' -- online
4375 4392 * or degraded (offline is considered down in this situation). This function
4376 4393 * is somehow similar to is_nonsubgraph_leaf() but works on subtrees.
4377 4394 */
4378 4395 static boolean_t
4379 4396 insubtree_dependents_down(graph_vertex_t *v)
4380 4397 {
4381 4398 graph_vertex_t *vv;
4382 4399 graph_edge_t *e;
4383 4400
4384 4401 assert(MUTEX_HELD(&dgraph_lock));
4385 4402
4386 4403 for (e = uu_list_first(v->gv_dependents); e != NULL;
4387 4404 e = uu_list_next(v->gv_dependents, e)) {
4388 4405 vv = e->ge_vertex;
4389 4406 if (vv->gv_type == GVT_INST) {
4390 4407 if ((vv->gv_flags & GV_CONFIGURED) == 0)
|
↓ open down ↓ |
2544 lines elided |
↑ open up ↑ |
4391 4408 continue;
4392 4409
4393 4410 if ((vv->gv_flags & GV_TOOFFLINE) == 0)
4394 4411 continue;
4395 4412
4396 4413 if ((vv->gv_state == RESTARTER_STATE_ONLINE) ||
4397 4414 (vv->gv_state == RESTARTER_STATE_DEGRADED))
4398 4415 return (B_FALSE);
4399 4416 } else {
4400 4417 /*
4401 - * Skip all excluded and optional_all dependencies
4402 - * and decide whether to offline the service based
4403 - * on restart_on attribute.
4418 + * Skip all excluded dependents and decide whether
4419 + * to offline the service based on the restart_on
4420 + * on attribute.
4404 4421 */
4405 4422 if (is_depgrp_bypassed(vv))
4406 4423 continue;
4407 4424
4408 4425 /*
4409 4426 * For dependency groups or service vertices, keep
4410 4427 * traversing to see if instances are running.
4411 4428 */
4412 4429 if (insubtree_dependents_down(vv) == B_FALSE)
4413 4430 return (B_FALSE);
4414 4431 }
4415 4432 }
4416 4433
4417 4434 return (B_TRUE);
4418 4435 }
4419 4436
4420 4437 /*
4421 4438 * Returns true only if none of this service's dependents are 'up' -- online,
4422 4439 * degraded, or offline.
4423 4440 */
4424 4441 static int
4425 4442 is_nonsubgraph_leaf(graph_vertex_t *v)
4426 4443 {
4427 4444 graph_vertex_t *vv;
4428 4445 graph_edge_t *e;
4429 4446
4430 4447 assert(MUTEX_HELD(&dgraph_lock));
4431 4448
4432 4449 for (e = uu_list_first(v->gv_dependents);
4433 4450 e != NULL;
4434 4451 e = uu_list_next(v->gv_dependents, e)) {
4435 4452
4436 4453 vv = e->ge_vertex;
4437 4454 if (vv->gv_type == GVT_INST) {
4438 4455 if ((vv->gv_flags & GV_CONFIGURED) == 0)
4439 4456 continue;
4440 4457
4441 4458 if (vv->gv_flags & GV_INSUBGRAPH)
4442 4459 continue;
4443 4460
4444 4461 if (up_state(vv->gv_state))
4445 4462 return (0);
4446 4463 } else {
4447 4464 /*
4448 4465 * For dependency group or service vertices, keep
4449 4466 * traversing to see if instances are running.
4450 4467 *
4451 4468 * We should skip exclude_all dependencies otherwise
4452 4469 * the vertex will never be considered as a leaf
4453 4470 * if the dependent is offline. The main reason for
4454 4471 * this is that disable_nonsubgraph_leaves() skips
4455 4472 * exclusion dependencies.
4456 4473 */
4457 4474 if (vv->gv_type == GVT_GROUP &&
4458 4475 vv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4459 4476 continue;
4460 4477
4461 4478 if (!is_nonsubgraph_leaf(vv))
4462 4479 return (0);
4463 4480 }
4464 4481 }
4465 4482
4466 4483 return (1);
4467 4484 }
4468 4485
4469 4486 /*
4470 4487 * Disable v temporarily. Attempt to do this by setting its enabled override
4471 4488 * property in the repository. If that fails, send a _DISABLE command.
4472 4489 * Returns 0 on success and ECONNABORTED if the repository connection is
4473 4490 * broken.
4474 4491 */
4475 4492 static int
4476 4493 disable_service_temporarily(graph_vertex_t *v, scf_handle_t *h)
4477 4494 {
4478 4495 const char * const emsg = "Could not temporarily disable %s because "
4479 4496 "%s. Will stop service anyways. Repository status for the "
4480 4497 "service may be inaccurate.\n";
4481 4498 const char * const emsg_cbroken =
4482 4499 "the repository connection was broken";
4483 4500
4484 4501 scf_instance_t *inst;
4485 4502 int r;
4486 4503
4487 4504 inst = scf_instance_create(h);
4488 4505 if (inst == NULL) {
4489 4506 char buf[100];
4490 4507
4491 4508 (void) snprintf(buf, sizeof (buf),
4492 4509 "scf_instance_create() failed (%s)",
4493 4510 scf_strerror(scf_error()));
4494 4511 log_error(LOG_WARNING, emsg, v->gv_name, buf);
4495 4512
4496 4513 graph_enable_by_vertex(v, 0, 0);
4497 4514 return (0);
4498 4515 }
4499 4516
4500 4517 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
4501 4518 NULL, NULL, SCF_DECODE_FMRI_EXACT);
4502 4519 if (r != 0) {
4503 4520 switch (scf_error()) {
4504 4521 case SCF_ERROR_CONNECTION_BROKEN:
4505 4522 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4506 4523 graph_enable_by_vertex(v, 0, 0);
4507 4524 return (ECONNABORTED);
4508 4525
4509 4526 case SCF_ERROR_NOT_FOUND:
4510 4527 return (0);
4511 4528
4512 4529 case SCF_ERROR_HANDLE_MISMATCH:
4513 4530 case SCF_ERROR_INVALID_ARGUMENT:
4514 4531 case SCF_ERROR_CONSTRAINT_VIOLATED:
4515 4532 case SCF_ERROR_NOT_BOUND:
4516 4533 default:
4517 4534 bad_error("scf_handle_decode_fmri",
4518 4535 scf_error());
4519 4536 }
4520 4537 }
4521 4538
4522 4539 r = libscf_set_enable_ovr(inst, 0);
4523 4540 switch (r) {
4524 4541 case 0:
4525 4542 scf_instance_destroy(inst);
4526 4543 return (0);
4527 4544
4528 4545 case ECANCELED:
4529 4546 scf_instance_destroy(inst);
4530 4547 return (0);
4531 4548
4532 4549 case ECONNABORTED:
4533 4550 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4534 4551 graph_enable_by_vertex(v, 0, 0);
4535 4552 return (ECONNABORTED);
4536 4553
4537 4554 case EPERM:
4538 4555 log_error(LOG_WARNING, emsg, v->gv_name,
4539 4556 "the repository denied permission");
4540 4557 graph_enable_by_vertex(v, 0, 0);
4541 4558 return (0);
4542 4559
4543 4560 case EROFS:
4544 4561 log_error(LOG_WARNING, emsg, v->gv_name,
4545 4562 "the repository is read-only");
4546 4563 graph_enable_by_vertex(v, 0, 0);
4547 4564 return (0);
4548 4565
4549 4566 default:
4550 4567 bad_error("libscf_set_enable_ovr", r);
4551 4568 /* NOTREACHED */
4552 4569 }
4553 4570 }
4554 4571
4555 4572 /*
4556 4573 * Of the transitive instance dependencies of v, offline those which are
4557 4574 * in the subtree and which are leaves (i.e., have no dependents which are
4558 4575 * "up").
4559 4576 */
4560 4577 void
4561 4578 offline_subtree_leaves(graph_vertex_t *v, void *arg)
4562 4579 {
4563 4580 assert(MUTEX_HELD(&dgraph_lock));
4564 4581
4565 4582 /* If v isn't an instance, recurse on its dependencies. */
4566 4583 if (v->gv_type != GVT_INST) {
4567 4584 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4568 4585 return;
4569 4586 }
4570 4587
4571 4588 /*
4572 4589 * If v is not in the subtree, so should all of its dependencies,
4573 4590 * so do nothing.
4574 4591 */
4575 4592 if ((v->gv_flags & GV_TOOFFLINE) == 0)
4576 4593 return;
4577 4594
4578 4595 /* If v isn't a leaf because it's already down, recurse. */
4579 4596 if (!up_state(v->gv_state)) {
4580 4597 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4581 4598 return;
4582 4599 }
4583 4600
4584 4601 /* if v is a leaf, offline it or disable it if it's the last one */
4585 4602 if (insubtree_dependents_down(v) == B_TRUE) {
4586 4603 if (v->gv_flags & GV_TODISABLE)
4587 4604 vertex_send_event(v,
4588 4605 RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
4589 4606 else
4590 4607 offline_vertex(v);
4591 4608 }
4592 4609 }
4593 4610
4594 4611 void
4595 4612 graph_offline_subtree_leaves(graph_vertex_t *v, void *h)
4596 4613 {
4597 4614 graph_walk_dependencies(v, offline_subtree_leaves, (void *)h);
4598 4615 }
4599 4616
4600 4617
4601 4618 /*
4602 4619 * Of the transitive instance dependencies of v, disable those which are not
4603 4620 * in the subgraph and which are leaves (i.e., have no dependents which are
4604 4621 * "up").
4605 4622 */
4606 4623 static void
4607 4624 disable_nonsubgraph_leaves(graph_vertex_t *v, void *arg)
4608 4625 {
4609 4626 assert(MUTEX_HELD(&dgraph_lock));
4610 4627
4611 4628 /*
4612 4629 * We must skip exclusion dependencies because they are allowed to
4613 4630 * complete dependency cycles. This is correct because A's exclusion
4614 4631 * dependency on B doesn't bear on the order in which they should be
4615 4632 * stopped. Indeed, the exclusion dependency should guarantee that
4616 4633 * they are never online at the same time.
4617 4634 */
4618 4635 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4619 4636 return;
4620 4637
4621 4638 /* If v isn't an instance, recurse on its dependencies. */
4622 4639 if (v->gv_type != GVT_INST)
4623 4640 goto recurse;
4624 4641
4625 4642 if ((v->gv_flags & GV_CONFIGURED) == 0)
4626 4643 /*
4627 4644 * Unconfigured instances should have no dependencies, but in
4628 4645 * case they ever get them,
4629 4646 */
4630 4647 goto recurse;
4631 4648
4632 4649 /*
4633 4650 * If v is in the subgraph, so should all of its dependencies, so do
4634 4651 * nothing.
4635 4652 */
4636 4653 if (v->gv_flags & GV_INSUBGRAPH)
4637 4654 return;
4638 4655
4639 4656 /* If v isn't a leaf because it's already down, recurse. */
4640 4657 if (!up_state(v->gv_state))
4641 4658 goto recurse;
4642 4659
4643 4660 /* If v is disabled but not down yet, be patient. */
4644 4661 if ((v->gv_flags & GV_ENABLED) == 0)
4645 4662 return;
4646 4663
4647 4664 /* If v is a leaf, disable it. */
4648 4665 if (is_nonsubgraph_leaf(v))
4649 4666 (void) disable_service_temporarily(v, (scf_handle_t *)arg);
4650 4667
4651 4668 return;
4652 4669
4653 4670 recurse:
4654 4671 graph_walk_dependencies(v, disable_nonsubgraph_leaves, arg);
4655 4672 }
4656 4673
4657 4674 static int
4658 4675 stn_restarter_state(restarter_instance_state_t rstate)
4659 4676 {
4660 4677 static const struct statemap {
4661 4678 restarter_instance_state_t restarter_state;
4662 4679 int scf_state;
4663 4680 } map[] = {
4664 4681 { RESTARTER_STATE_UNINIT, SCF_STATE_UNINIT },
4665 4682 { RESTARTER_STATE_MAINT, SCF_STATE_MAINT },
4666 4683 { RESTARTER_STATE_OFFLINE, SCF_STATE_OFFLINE },
4667 4684 { RESTARTER_STATE_DISABLED, SCF_STATE_DISABLED },
4668 4685 { RESTARTER_STATE_ONLINE, SCF_STATE_ONLINE },
4669 4686 { RESTARTER_STATE_DEGRADED, SCF_STATE_DEGRADED }
4670 4687 };
4671 4688
4672 4689 int i;
4673 4690
4674 4691 for (i = 0; i < sizeof (map) / sizeof (map[0]); i++) {
4675 4692 if (rstate == map[i].restarter_state)
4676 4693 return (map[i].scf_state);
4677 4694 }
4678 4695
4679 4696 return (-1);
4680 4697 }
4681 4698
4682 4699 /*
4683 4700 * State transition counters
4684 4701 * Not incremented atomically - indicative only
4685 4702 */
4686 4703 static uint64_t stev_ct_maint;
4687 4704 static uint64_t stev_ct_hwerr;
4688 4705 static uint64_t stev_ct_service;
4689 4706 static uint64_t stev_ct_global;
4690 4707 static uint64_t stev_ct_noprefs;
4691 4708 static uint64_t stev_ct_from_uninit;
4692 4709 static uint64_t stev_ct_bad_state;
4693 4710 static uint64_t stev_ct_ovr_prefs;
4694 4711
4695 4712 static void
4696 4713 dgraph_state_transition_notify(graph_vertex_t *v,
4697 4714 restarter_instance_state_t old_state, restarter_str_t reason)
4698 4715 {
4699 4716 restarter_instance_state_t new_state = v->gv_state;
4700 4717 int stn_transition, maint;
4701 4718 int from, to;
4702 4719 nvlist_t *attr;
4703 4720 fmev_pri_t pri = FMEV_LOPRI;
4704 4721 int raise = 0;
4705 4722
4706 4723 if ((from = stn_restarter_state(old_state)) == -1 ||
4707 4724 (to = stn_restarter_state(new_state)) == -1) {
4708 4725 stev_ct_bad_state++;
4709 4726 return;
4710 4727 }
4711 4728
4712 4729 stn_transition = from << 16 | to;
4713 4730
4714 4731 maint = (to == SCF_STATE_MAINT || from == SCF_STATE_MAINT);
4715 4732
4716 4733 if (maint) {
4717 4734 /*
4718 4735 * All transitions to/from maintenance state must raise
4719 4736 * an event.
4720 4737 */
4721 4738 raise++;
4722 4739 pri = FMEV_HIPRI;
4723 4740 stev_ct_maint++;
4724 4741 } else if (reason == restarter_str_ct_ev_hwerr) {
4725 4742 /*
4726 4743 * All transitions caused by hardware fault must raise
4727 4744 * an event
4728 4745 */
4729 4746 raise++;
4730 4747 pri = FMEV_HIPRI;
4731 4748 stev_ct_hwerr++;
4732 4749 } else if (stn_transition & v->gv_stn_tset) {
4733 4750 /*
4734 4751 * Specifically enabled event.
4735 4752 */
4736 4753 raise++;
4737 4754 stev_ct_service++;
4738 4755 } else if (from == SCF_STATE_UNINIT) {
4739 4756 /*
4740 4757 * Only raise these if specifically selected above.
4741 4758 */
4742 4759 stev_ct_from_uninit++;
4743 4760 } else if (stn_transition & stn_global &&
4744 4761 (IS_ENABLED(v) == 1 || to == SCF_STATE_DISABLED)) {
4745 4762 raise++;
4746 4763 stev_ct_global++;
4747 4764 } else {
4748 4765 stev_ct_noprefs++;
4749 4766 }
4750 4767
4751 4768 if (info_events_all) {
4752 4769 stev_ct_ovr_prefs++;
4753 4770 raise++;
4754 4771 }
4755 4772 if (!raise)
4756 4773 return;
4757 4774
4758 4775 if (nvlist_alloc(&attr, NV_UNIQUE_NAME, 0) != 0 ||
4759 4776 nvlist_add_string(attr, "fmri", v->gv_name) != 0 ||
4760 4777 nvlist_add_uint32(attr, "reason-version",
4761 4778 restarter_str_version()) || nvlist_add_string(attr, "reason-short",
4762 4779 restarter_get_str_short(reason)) != 0 ||
4763 4780 nvlist_add_string(attr, "reason-long",
4764 4781 restarter_get_str_long(reason)) != 0 ||
4765 4782 nvlist_add_int32(attr, "transition", stn_transition) != 0) {
4766 4783 log_framework(LOG_WARNING,
4767 4784 "FMEV: %s could not create nvlist for transition "
4768 4785 "event: %s\n", v->gv_name, strerror(errno));
4769 4786 nvlist_free(attr);
4770 4787 return;
4771 4788 }
4772 4789
4773 4790 if (fmev_rspublish_nvl(FMEV_RULESET_SMF, "state-transition",
4774 4791 instance_state_str[new_state], pri, attr) != FMEV_SUCCESS) {
4775 4792 log_framework(LOG_DEBUG,
4776 4793 "FMEV: %s failed to publish transition event: %s\n",
4777 4794 v->gv_name, fmev_strerror(fmev_errno));
4778 4795 nvlist_free(attr);
4779 4796 }
4780 4797 }
4781 4798
4782 4799 /*
4783 4800 * Find the vertex for inst_name. If it doesn't exist, return ENOENT.
4784 4801 * Otherwise set its state to state. If the instance has entered a state
4785 4802 * which requires automatic action, take it (Uninitialized: do
4786 4803 * dgraph_refresh_instance() without the snapshot update. Disabled: if the
4787 4804 * instance should be enabled, send _ENABLE. Offline: if the instance should
4788 4805 * be disabled, send _DISABLE, and if its dependencies are satisfied, send
4789 4806 * _START. Online, Degraded: if the instance wasn't running, update its start
4790 4807 * snapshot. Maintenance: no action.)
4791 4808 *
4792 4809 * Also fails with ECONNABORTED, or EINVAL if state is invalid.
4793 4810 */
4794 4811 static int
4795 4812 dgraph_set_instance_state(scf_handle_t *h, const char *inst_name,
4796 4813 protocol_states_t *states)
4797 4814 {
4798 4815 graph_vertex_t *v;
4799 4816 int err = 0;
4800 4817 restarter_instance_state_t old_state;
4801 4818 restarter_instance_state_t state = states->ps_state;
4802 4819 restarter_error_t serr = states->ps_err;
4803 4820
4804 4821 MUTEX_LOCK(&dgraph_lock);
4805 4822
4806 4823 v = vertex_get_by_name(inst_name);
4807 4824 if (v == NULL) {
4808 4825 MUTEX_UNLOCK(&dgraph_lock);
4809 4826 return (ENOENT);
4810 4827 }
4811 4828
4812 4829 assert(v->gv_type == GVT_INST);
4813 4830
4814 4831 switch (state) {
4815 4832 case RESTARTER_STATE_UNINIT:
4816 4833 case RESTARTER_STATE_DISABLED:
4817 4834 case RESTARTER_STATE_OFFLINE:
4818 4835 case RESTARTER_STATE_ONLINE:
4819 4836 case RESTARTER_STATE_DEGRADED:
4820 4837 case RESTARTER_STATE_MAINT:
4821 4838 break;
4822 4839
4823 4840 default:
4824 4841 MUTEX_UNLOCK(&dgraph_lock);
4825 4842 return (EINVAL);
4826 4843 }
4827 4844
4828 4845 log_framework(LOG_DEBUG, "Graph noting %s %s -> %s.\n", v->gv_name,
4829 4846 instance_state_str[v->gv_state], instance_state_str[state]);
4830 4847
4831 4848 old_state = v->gv_state;
4832 4849 v->gv_state = state;
4833 4850
4834 4851 v->gv_reason = states->ps_reason;
4835 4852 err = gt_transition(h, v, serr, old_state);
4836 4853 if (err == 0 && v->gv_state != old_state) {
4837 4854 dgraph_state_transition_notify(v, old_state, states->ps_reason);
4838 4855 }
4839 4856
4840 4857 MUTEX_UNLOCK(&dgraph_lock);
4841 4858 return (err);
4842 4859 }
4843 4860
4844 4861 /*
4845 4862 * Handle state changes during milestone shutdown. See
4846 4863 * dgraph_set_milestone(). If the repository connection is broken,
4847 4864 * ECONNABORTED will be returned, though a _DISABLE command will be sent for
4848 4865 * the vertex anyway.
4849 4866 */
4850 4867 int
4851 4868 vertex_subgraph_dependencies_shutdown(scf_handle_t *h, graph_vertex_t *v,
4852 4869 restarter_instance_state_t old_state)
4853 4870 {
4854 4871 int was_up, now_up;
4855 4872 int ret = 0;
4856 4873
4857 4874 assert(v->gv_type == GVT_INST);
4858 4875
4859 4876 /* Don't care if we're not going to a milestone. */
4860 4877 if (milestone == NULL)
4861 4878 return (0);
4862 4879
4863 4880 /* Don't care if we already finished coming down. */
4864 4881 if (non_subgraph_svcs == 0)
4865 4882 return (0);
4866 4883
4867 4884 /* Don't care if the service is in the subgraph. */
4868 4885 if (v->gv_flags & GV_INSUBGRAPH)
4869 4886 return (0);
4870 4887
4871 4888 /*
4872 4889 * Update non_subgraph_svcs. It is the number of non-subgraph
4873 4890 * services which are in online, degraded, or offline.
4874 4891 */
4875 4892
4876 4893 was_up = up_state(old_state);
4877 4894 now_up = up_state(v->gv_state);
4878 4895
4879 4896 if (!was_up && now_up) {
4880 4897 ++non_subgraph_svcs;
4881 4898 } else if (was_up && !now_up) {
4882 4899 --non_subgraph_svcs;
4883 4900
4884 4901 if (non_subgraph_svcs == 0) {
4885 4902 if (halting != -1) {
4886 4903 do_uadmin();
4887 4904 } else if (go_single_user_mode || go_to_level1) {
4888 4905 (void) startd_thread_create(single_user_thread,
4889 4906 NULL);
4890 4907 }
4891 4908 return (0);
4892 4909 }
4893 4910 }
4894 4911
4895 4912 /* If this service is a leaf, it should be disabled. */
4896 4913 if ((v->gv_flags & GV_ENABLED) && is_nonsubgraph_leaf(v)) {
4897 4914 int r;
4898 4915
4899 4916 r = disable_service_temporarily(v, h);
4900 4917 switch (r) {
4901 4918 case 0:
4902 4919 break;
4903 4920
4904 4921 case ECONNABORTED:
4905 4922 ret = ECONNABORTED;
4906 4923 break;
4907 4924
4908 4925 default:
4909 4926 bad_error("disable_service_temporarily", r);
4910 4927 }
4911 4928 }
4912 4929
4913 4930 /*
4914 4931 * If the service just came down, propagate the disable to the newly
4915 4932 * exposed leaves.
4916 4933 */
4917 4934 if (was_up && !now_up)
4918 4935 graph_walk_dependencies(v, disable_nonsubgraph_leaves,
4919 4936 (void *)h);
4920 4937
4921 4938 return (ret);
4922 4939 }
4923 4940
4924 4941 /*
4925 4942 * Decide whether to start up an sulogin thread after a service is
4926 4943 * finished changing state. Only need to do the full can_come_up()
4927 4944 * evaluation if an instance is changing state, we're not halfway through
4928 4945 * loading the thread, and we aren't shutting down or going to the single
4929 4946 * user milestone.
4930 4947 */
4931 4948 void
4932 4949 graph_transition_sulogin(restarter_instance_state_t state,
4933 4950 restarter_instance_state_t old_state)
4934 4951 {
4935 4952 assert(MUTEX_HELD(&dgraph_lock));
4936 4953
4937 4954 if (state != old_state && st->st_load_complete &&
4938 4955 !go_single_user_mode && !go_to_level1 &&
4939 4956 halting == -1) {
4940 4957 if (!sulogin_thread_running && !can_come_up()) {
4941 4958 (void) startd_thread_create(sulogin_thread, NULL);
4942 4959 sulogin_thread_running = B_TRUE;
4943 4960 }
4944 4961 }
4945 4962 }
4946 4963
4947 4964 /*
4948 4965 * Propagate a start, stop event, or a satisfiability event.
4949 4966 *
4950 4967 * PROPAGATE_START and PROPAGATE_STOP simply propagate the transition event
4951 4968 * to direct dependents. PROPAGATE_SAT propagates a start then walks the
4952 4969 * full dependent graph to check for newly satisfied nodes. This is
4953 4970 * necessary for cases when non-direct dependents may be effected but direct
4954 4971 * dependents may not (e.g. for optional_all evaluations, see the
4955 4972 * propagate_satbility() comments).
4956 4973 *
4957 4974 * PROPAGATE_SAT should be used whenever a non-running service moves into
|
↓ open down ↓ |
544 lines elided |
↑ open up ↑ |
4958 4975 * a state which can satisfy optional dependencies, like disabled or
4959 4976 * maintenance.
4960 4977 */
4961 4978 void
4962 4979 graph_transition_propagate(graph_vertex_t *v, propagate_event_t type,
4963 4980 restarter_error_t rerr)
4964 4981 {
4965 4982 if (type == PROPAGATE_STOP) {
4966 4983 graph_walk_dependents(v, propagate_stop, (void *)rerr);
4967 4984 } else if (type == PROPAGATE_START || type == PROPAGATE_SAT) {
4968 - graph_walk_dependents(v, propagate_start, NULL);
4985 + graph_walk_dependents(v, propagate_start, (void *)RERR_NONE);
4969 4986
4970 4987 if (type == PROPAGATE_SAT)
4971 4988 propagate_satbility(v);
4972 4989 } else {
4973 4990 #ifndef NDEBUG
4974 4991 uu_warn("%s:%d: Unexpected type value %d.\n", __FILE__,
4975 4992 __LINE__, type);
4976 4993 #endif
4977 4994 abort();
4978 4995 }
4979 4996 }
4980 4997
4981 4998 /*
4982 4999 * If a vertex for fmri exists and it is enabled, send _DISABLE to the
4983 5000 * restarter. If it is running, send _STOP. Send _REMOVE_INSTANCE. Delete
4984 5001 * all property group dependencies, and the dependency on the restarter,
4985 5002 * disposing of vertices as appropriate. If other vertices depend on this
4986 5003 * one, mark it unconfigured and return. Otherwise remove the vertex. Always
4987 5004 * returns 0.
4988 5005 */
4989 5006 static int
4990 5007 dgraph_remove_instance(const char *fmri, scf_handle_t *h)
4991 5008 {
4992 5009 graph_vertex_t *v;
4993 5010 graph_edge_t *e;
4994 5011 uu_list_t *old_deps;
4995 5012 int err;
4996 5013
4997 5014 log_framework(LOG_DEBUG, "Graph engine: Removing %s.\n", fmri);
4998 5015
4999 5016 MUTEX_LOCK(&dgraph_lock);
5000 5017
5001 5018 v = vertex_get_by_name(fmri);
5002 5019 if (v == NULL) {
5003 5020 MUTEX_UNLOCK(&dgraph_lock);
5004 5021 return (0);
5005 5022 }
5006 5023
5007 5024 /* Send restarter delete event. */
5008 5025 if (v->gv_flags & GV_CONFIGURED)
5009 5026 graph_unset_restarter(v);
5010 5027
5011 5028 if (milestone > MILESTONE_NONE) {
5012 5029 /*
5013 5030 * Make a list of v's current dependencies so we can
5014 5031 * reevaluate their GV_INSUBGRAPH flags after the dependencies
5015 5032 * are removed.
5016 5033 */
5017 5034 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
5018 5035
5019 5036 err = uu_list_walk(v->gv_dependencies,
5020 5037 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
5021 5038 assert(err == 0);
5022 5039 }
5023 5040
5024 5041 delete_instance_dependencies(v, B_TRUE);
5025 5042
5026 5043 /*
5027 5044 * Deleting an instance can both satisfy and unsatisfy dependencies,
5028 5045 * depending on their type. First propagate the stop as a RERR_RESTART
|
↓ open down ↓ |
50 lines elided |
↑ open up ↑ |
5029 5046 * event -- deletion isn't a fault, just a normal stop. This gives
5030 5047 * dependent services the chance to do a clean shutdown. Then, mark
5031 5048 * the service as unconfigured and propagate the start event for the
5032 5049 * optional_all dependencies that might have become satisfied.
5033 5050 */
5034 5051 graph_walk_dependents(v, propagate_stop, (void *)RERR_RESTART);
5035 5052
5036 5053 v->gv_flags &= ~GV_CONFIGURED;
5037 5054 v->gv_flags &= ~GV_DEATHROW;
5038 5055
5039 - graph_walk_dependents(v, propagate_start, NULL);
5056 + graph_walk_dependents(v, propagate_start, (void *)RERR_NONE);
5040 5057 propagate_satbility(v);
5041 5058
5042 5059 /*
5043 5060 * If there are no (non-service) dependents, the vertex can be
5044 5061 * completely removed.
5045 5062 */
5046 5063 if (v != milestone && v->gv_refs == 0 &&
5047 5064 uu_list_numnodes(v->gv_dependents) == 1)
5048 5065 remove_inst_vertex(v);
5049 5066
5050 5067 if (milestone > MILESTONE_NONE) {
5051 5068 void *cookie = NULL;
5052 5069
5053 5070 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL) {
5054 5071 v = e->ge_vertex;
5055 5072
5056 5073 if (vertex_unref(v) == VERTEX_INUSE)
5057 5074 while (eval_subgraph(v, h) == ECONNABORTED)
5058 5075 libscf_handle_rebind(h);
5059 5076
5060 5077 startd_free(e, sizeof (*e));
5061 5078 }
5062 5079
5063 5080 uu_list_destroy(old_deps);
5064 5081 }
5065 5082
5066 5083 MUTEX_UNLOCK(&dgraph_lock);
5067 5084
5068 5085 return (0);
5069 5086 }
5070 5087
5071 5088 /*
5072 5089 * Return the eventual (maybe current) milestone in the form of a
5073 5090 * legacy runlevel.
5074 5091 */
5075 5092 static char
5076 5093 target_milestone_as_runlevel()
5077 5094 {
5078 5095 assert(MUTEX_HELD(&dgraph_lock));
5079 5096
5080 5097 if (milestone == NULL)
5081 5098 return ('3');
5082 5099 else if (milestone == MILESTONE_NONE)
5083 5100 return ('0');
5084 5101
5085 5102 if (strcmp(milestone->gv_name, multi_user_fmri) == 0)
5086 5103 return ('2');
5087 5104 else if (strcmp(milestone->gv_name, single_user_fmri) == 0)
5088 5105 return ('S');
5089 5106 else if (strcmp(milestone->gv_name, multi_user_svr_fmri) == 0)
5090 5107 return ('3');
5091 5108
5092 5109 #ifndef NDEBUG
5093 5110 (void) fprintf(stderr, "%s:%d: Unknown milestone name \"%s\".\n",
5094 5111 __FILE__, __LINE__, milestone->gv_name);
5095 5112 #endif
5096 5113 abort();
5097 5114 /* NOTREACHED */
5098 5115 }
5099 5116
5100 5117 static struct {
5101 5118 char rl;
5102 5119 int sig;
5103 5120 } init_sigs[] = {
5104 5121 { 'S', SIGBUS },
5105 5122 { '0', SIGINT },
5106 5123 { '1', SIGQUIT },
5107 5124 { '2', SIGILL },
5108 5125 { '3', SIGTRAP },
5109 5126 { '4', SIGIOT },
5110 5127 { '5', SIGEMT },
5111 5128 { '6', SIGFPE },
5112 5129 { 0, 0 }
5113 5130 };
5114 5131
5115 5132 static void
5116 5133 signal_init(char rl)
5117 5134 {
5118 5135 pid_t init_pid;
5119 5136 int i;
5120 5137
5121 5138 assert(MUTEX_HELD(&dgraph_lock));
5122 5139
5123 5140 if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid,
5124 5141 sizeof (init_pid)) != sizeof (init_pid)) {
5125 5142 log_error(LOG_NOTICE, "Could not get pid to signal init.\n");
5126 5143 return;
5127 5144 }
5128 5145
5129 5146 for (i = 0; init_sigs[i].rl != 0; ++i)
5130 5147 if (init_sigs[i].rl == rl)
5131 5148 break;
5132 5149
5133 5150 if (init_sigs[i].rl != 0) {
5134 5151 if (kill(init_pid, init_sigs[i].sig) != 0) {
5135 5152 switch (errno) {
5136 5153 case EPERM:
5137 5154 case ESRCH:
5138 5155 log_error(LOG_NOTICE, "Could not signal init: "
5139 5156 "%s.\n", strerror(errno));
5140 5157 break;
5141 5158
5142 5159 case EINVAL:
5143 5160 default:
5144 5161 bad_error("kill", errno);
5145 5162 }
5146 5163 }
5147 5164 }
5148 5165 }
5149 5166
5150 5167 /*
5151 5168 * This is called when one of the major milestones changes state, or when
5152 5169 * init is signalled and tells us it was told to change runlevel. We wait
5153 5170 * to reach the milestone because this allows /etc/inittab entries to retain
5154 5171 * some boot ordering: historically, entries could place themselves before/after
5155 5172 * the running of /sbin/rcX scripts but we can no longer make the
5156 5173 * distinction because the /sbin/rcX scripts no longer exist as punctuation
5157 5174 * marks in /etc/inittab.
5158 5175 *
5159 5176 * Also, we only trigger an update when we reach the eventual target
5160 5177 * milestone: without this, an /etc/inittab entry marked only for
5161 5178 * runlevel 2 would be executed for runlevel 3, which is not how
5162 5179 * /etc/inittab entries work.
5163 5180 *
5164 5181 * If we're single user coming online, then we set utmpx to the target
5165 5182 * runlevel so that legacy scripts can work as expected.
5166 5183 */
5167 5184 static void
5168 5185 graph_runlevel_changed(char rl, int online)
5169 5186 {
5170 5187 char trl;
5171 5188
5172 5189 assert(MUTEX_HELD(&dgraph_lock));
5173 5190
5174 5191 trl = target_milestone_as_runlevel();
5175 5192
5176 5193 if (online) {
5177 5194 if (rl == trl) {
5178 5195 current_runlevel = trl;
5179 5196 signal_init(trl);
5180 5197 } else if (rl == 'S') {
5181 5198 /*
5182 5199 * At boot, set the entry early for the benefit of the
5183 5200 * legacy init scripts.
5184 5201 */
5185 5202 utmpx_set_runlevel(trl, 'S', B_FALSE);
5186 5203 }
5187 5204 } else {
5188 5205 if (rl == '3' && trl == '2') {
5189 5206 current_runlevel = trl;
5190 5207 signal_init(trl);
5191 5208 } else if (rl == '2' && trl == 'S') {
5192 5209 current_runlevel = trl;
5193 5210 signal_init(trl);
5194 5211 }
5195 5212 }
5196 5213 }
5197 5214
5198 5215 /*
5199 5216 * Move to a backwards-compatible runlevel by executing the appropriate
5200 5217 * /etc/rc?.d/K* scripts and/or setting the milestone.
5201 5218 *
5202 5219 * Returns
5203 5220 * 0 - success
5204 5221 * ECONNRESET - success, but handle was reset
5205 5222 * ECONNABORTED - repository connection broken
5206 5223 * ECANCELED - pg was deleted
5207 5224 */
5208 5225 static int
5209 5226 dgraph_set_runlevel(scf_propertygroup_t *pg, scf_property_t *prop)
5210 5227 {
5211 5228 char rl;
5212 5229 scf_handle_t *h;
5213 5230 int r;
5214 5231 const char *ms = NULL; /* what to commit as options/milestone */
5215 5232 boolean_t rebound = B_FALSE;
5216 5233 int mark_rl = 0;
5217 5234
5218 5235 const char * const stop = "stop";
5219 5236
5220 5237 r = libscf_extract_runlevel(prop, &rl);
5221 5238 switch (r) {
5222 5239 case 0:
5223 5240 break;
5224 5241
5225 5242 case ECONNABORTED:
5226 5243 case ECANCELED:
5227 5244 return (r);
5228 5245
5229 5246 case EINVAL:
5230 5247 case ENOENT:
5231 5248 log_error(LOG_WARNING, "runlevel property is misconfigured; "
5232 5249 "ignoring.\n");
5233 5250 /* delete the bad property */
5234 5251 goto nolock_out;
5235 5252
5236 5253 default:
5237 5254 bad_error("libscf_extract_runlevel", r);
5238 5255 }
5239 5256
5240 5257 switch (rl) {
5241 5258 case 's':
5242 5259 rl = 'S';
5243 5260 /* FALLTHROUGH */
5244 5261
5245 5262 case 'S':
5246 5263 case '2':
5247 5264 case '3':
5248 5265 /*
5249 5266 * These cases cause a milestone change, so
5250 5267 * graph_runlevel_changed() will eventually deal with
5251 5268 * signalling init.
5252 5269 */
5253 5270 break;
5254 5271
5255 5272 case '0':
5256 5273 case '1':
5257 5274 case '4':
5258 5275 case '5':
5259 5276 case '6':
5260 5277 mark_rl = 1;
5261 5278 break;
5262 5279
5263 5280 default:
5264 5281 log_framework(LOG_NOTICE, "Unknown runlevel '%c'.\n", rl);
5265 5282 ms = NULL;
5266 5283 goto nolock_out;
5267 5284 }
5268 5285
5269 5286 h = scf_pg_handle(pg);
5270 5287
5271 5288 MUTEX_LOCK(&dgraph_lock);
5272 5289
5273 5290 /*
5274 5291 * Since this triggers no milestone changes, force it by hand.
5275 5292 */
5276 5293 if (current_runlevel == '4' && rl == '3')
5277 5294 mark_rl = 1;
5278 5295
5279 5296 /*
5280 5297 * 1. If we are here after an "init X":
5281 5298 *
5282 5299 * init X
5283 5300 * init/lscf_set_runlevel()
5284 5301 * process_pg_event()
5285 5302 * dgraph_set_runlevel()
5286 5303 *
5287 5304 * then we haven't passed through graph_runlevel_changed() yet,
5288 5305 * therefore 'current_runlevel' has not changed for sure but 'rl' has.
5289 5306 * In consequence, if 'rl' is lower than 'current_runlevel', we change
5290 5307 * the system runlevel and execute the appropriate /etc/rc?.d/K* scripts
5291 5308 * past this test.
5292 5309 *
5293 5310 * 2. On the other hand, if we are here after a "svcadm milestone":
5294 5311 *
5295 5312 * svcadm milestone X
5296 5313 * dgraph_set_milestone()
5297 5314 * handle_graph_update_event()
5298 5315 * dgraph_set_instance_state()
5299 5316 * graph_post_X_[online|offline]()
5300 5317 * graph_runlevel_changed()
5301 5318 * signal_init()
5302 5319 * init/lscf_set_runlevel()
5303 5320 * process_pg_event()
5304 5321 * dgraph_set_runlevel()
5305 5322 *
5306 5323 * then we already passed through graph_runlevel_changed() (by the way
5307 5324 * of dgraph_set_milestone()) and 'current_runlevel' may have changed
5308 5325 * and already be equal to 'rl' so we are going to return immediately
5309 5326 * from dgraph_set_runlevel() without changing the system runlevel and
5310 5327 * without executing the /etc/rc?.d/K* scripts.
5311 5328 */
5312 5329 if (rl == current_runlevel) {
5313 5330 ms = NULL;
5314 5331 goto out;
5315 5332 }
5316 5333
5317 5334 log_framework(LOG_DEBUG, "Changing to runlevel '%c'.\n", rl);
5318 5335
5319 5336 /*
5320 5337 * Make sure stop rc scripts see the new settings via who -r.
5321 5338 */
5322 5339 utmpx_set_runlevel(rl, current_runlevel, B_TRUE);
5323 5340
5324 5341 /*
5325 5342 * Some run levels don't have a direct correspondence to any
5326 5343 * milestones, so we have to signal init directly.
5327 5344 */
5328 5345 if (mark_rl) {
5329 5346 current_runlevel = rl;
5330 5347 signal_init(rl);
5331 5348 }
5332 5349
5333 5350 switch (rl) {
5334 5351 case 'S':
5335 5352 uu_warn("The system is coming down for administration. "
5336 5353 "Please wait.\n");
5337 5354 fork_rc_script(rl, stop, B_FALSE);
5338 5355 ms = single_user_fmri;
5339 5356 go_single_user_mode = B_TRUE;
5340 5357 break;
5341 5358
5342 5359 case '0':
5343 5360 halting_time = time(NULL);
5344 5361 fork_rc_script(rl, stop, B_TRUE);
5345 5362 halting = AD_HALT;
5346 5363 goto uadmin;
5347 5364
5348 5365 case '5':
5349 5366 halting_time = time(NULL);
5350 5367 fork_rc_script(rl, stop, B_TRUE);
5351 5368 halting = AD_POWEROFF;
5352 5369 goto uadmin;
5353 5370
5354 5371 case '6':
5355 5372 halting_time = time(NULL);
5356 5373 fork_rc_script(rl, stop, B_TRUE);
5357 5374 if (scf_is_fastboot_default() && getzoneid() == GLOBAL_ZONEID)
5358 5375 halting = AD_FASTREBOOT;
5359 5376 else
5360 5377 halting = AD_BOOT;
5361 5378
5362 5379 uadmin:
5363 5380 uu_warn("The system is coming down. Please wait.\n");
5364 5381 ms = "none";
5365 5382
5366 5383 /*
5367 5384 * We can't wait until all services are offline since this
5368 5385 * thread is responsible for taking them offline. Instead we
5369 5386 * set halting to the second argument for uadmin() and call
5370 5387 * do_uadmin() from dgraph_set_instance_state() when
5371 5388 * appropriate.
5372 5389 */
5373 5390 break;
5374 5391
5375 5392 case '1':
5376 5393 if (current_runlevel != 'S') {
5377 5394 uu_warn("Changing to state 1.\n");
5378 5395 fork_rc_script(rl, stop, B_FALSE);
5379 5396 } else {
5380 5397 uu_warn("The system is coming up for administration. "
5381 5398 "Please wait.\n");
5382 5399 }
5383 5400 ms = single_user_fmri;
5384 5401 go_to_level1 = B_TRUE;
5385 5402 break;
5386 5403
5387 5404 case '2':
5388 5405 if (current_runlevel == '3' || current_runlevel == '4')
5389 5406 fork_rc_script(rl, stop, B_FALSE);
5390 5407 ms = multi_user_fmri;
5391 5408 break;
5392 5409
5393 5410 case '3':
5394 5411 case '4':
5395 5412 ms = "all";
5396 5413 break;
5397 5414
5398 5415 default:
5399 5416 #ifndef NDEBUG
5400 5417 (void) fprintf(stderr, "%s:%d: Uncaught case %d ('%c').\n",
5401 5418 __FILE__, __LINE__, rl, rl);
5402 5419 #endif
5403 5420 abort();
5404 5421 }
5405 5422
5406 5423 out:
5407 5424 MUTEX_UNLOCK(&dgraph_lock);
5408 5425
5409 5426 nolock_out:
5410 5427 switch (r = libscf_clear_runlevel(pg, ms)) {
5411 5428 case 0:
5412 5429 break;
5413 5430
5414 5431 case ECONNABORTED:
5415 5432 libscf_handle_rebind(h);
5416 5433 rebound = B_TRUE;
5417 5434 goto nolock_out;
5418 5435
5419 5436 case ECANCELED:
5420 5437 break;
5421 5438
5422 5439 case EPERM:
5423 5440 case EACCES:
5424 5441 case EROFS:
5425 5442 log_error(LOG_NOTICE, "Could not delete \"%s/%s\" property: "
5426 5443 "%s.\n", SCF_PG_OPTIONS, "runlevel", strerror(r));
5427 5444 break;
5428 5445
5429 5446 default:
5430 5447 bad_error("libscf_clear_runlevel", r);
5431 5448 }
5432 5449
5433 5450 return (rebound ? ECONNRESET : 0);
5434 5451 }
5435 5452
5436 5453 /*
5437 5454 * mark_subtree walks the dependents and add the GV_TOOFFLINE flag
5438 5455 * to the instances that are supposed to go offline during an
5439 5456 * administrative disable operation.
5440 5457 */
5441 5458 static int
5442 5459 mark_subtree(graph_edge_t *e, void *arg)
5443 5460 {
5444 5461 graph_vertex_t *v;
5445 5462 int r;
5446 5463
5447 5464 v = e->ge_vertex;
5448 5465
5449 5466 /* If it's already in the subgraph, skip. */
5450 5467 if (v->gv_flags & GV_TOOFFLINE)
5451 5468 return (UU_WALK_NEXT);
5452 5469
5453 5470 switch (v->gv_type) {
|
↓ open down ↓ |
404 lines elided |
↑ open up ↑ |
5454 5471 case GVT_INST:
5455 5472 /* If the instance is already disabled, skip it. */
5456 5473 if (!(v->gv_flags & GV_ENABLED))
5457 5474 return (UU_WALK_NEXT);
5458 5475
5459 5476 v->gv_flags |= GV_TOOFFLINE;
5460 5477 log_framework(LOG_DEBUG, "%s added to subtree\n", v->gv_name);
5461 5478 break;
5462 5479 case GVT_GROUP:
5463 5480 /*
5464 - * Skip all excluded and optional_all dependencies and decide
5465 - * whether to offline the service based on restart_on attribute.
5481 + * Skip all excluded dependents and decide whether to offline
5482 + * the service based on the restart_on attribute.
5466 5483 */
5467 5484 if (is_depgrp_bypassed(v))
5468 5485 return (UU_WALK_NEXT);
5469 5486 break;
5470 5487 }
5471 5488
5472 5489 r = uu_list_walk(v->gv_dependents, (uu_walk_fn_t *)mark_subtree, arg,
5473 5490 0);
5474 5491 assert(r == 0);
5475 5492 return (UU_WALK_NEXT);
5476 5493 }
5477 5494
5478 5495 static int
5479 5496 mark_subgraph(graph_edge_t *e, void *arg)
5480 5497 {
5481 5498 graph_vertex_t *v;
5482 5499 int r;
5483 5500 int optional = (int)arg;
5484 5501
5485 5502 v = e->ge_vertex;
5486 5503
5487 5504 /* If it's already in the subgraph, skip. */
5488 5505 if (v->gv_flags & GV_INSUBGRAPH)
5489 5506 return (UU_WALK_NEXT);
5490 5507
5491 5508 /*
5492 5509 * Keep track if walk has entered an optional dependency group
5493 5510 */
5494 5511 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_OPTIONAL_ALL) {
5495 5512 optional = 1;
5496 5513 }
5497 5514 /*
5498 5515 * Quit if we are in an optional dependency group and the instance
5499 5516 * is disabled
5500 5517 */
5501 5518 if (optional && (v->gv_type == GVT_INST) &&
5502 5519 (!(v->gv_flags & GV_ENBLD_NOOVR)))
5503 5520 return (UU_WALK_NEXT);
5504 5521
5505 5522 v->gv_flags |= GV_INSUBGRAPH;
5506 5523
5507 5524 /* Skip all excluded dependencies. */
5508 5525 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
5509 5526 return (UU_WALK_NEXT);
5510 5527
5511 5528 r = uu_list_walk(v->gv_dependencies, (uu_walk_fn_t *)mark_subgraph,
5512 5529 (void *)optional, 0);
5513 5530 assert(r == 0);
5514 5531 return (UU_WALK_NEXT);
5515 5532 }
5516 5533
5517 5534 /*
5518 5535 * Bring down all services which are not dependencies of fmri. The
5519 5536 * dependencies of fmri (direct & indirect) will constitute the "subgraph",
5520 5537 * and will have the GV_INSUBGRAPH flag set. The rest must be brought down,
5521 5538 * which means the state is "disabled", "maintenance", or "uninitialized". We
5522 5539 * could consider "offline" to be down, and refrain from sending start
5523 5540 * commands for such services, but that's not strictly necessary, so we'll
5524 5541 * decline to intrude on the state machine. It would probably confuse users
5525 5542 * anyway.
5526 5543 *
5527 5544 * The services should be brought down in reverse-dependency order, so we
5528 5545 * can't do it all at once here. We initiate by override-disabling the leaves
5529 5546 * of the dependency tree -- those services which are up but have no
5530 5547 * dependents which are up. When they come down,
5531 5548 * vertex_subgraph_dependencies_shutdown() will override-disable the newly
5532 5549 * exposed leaves. Perseverance will ensure completion.
5533 5550 *
5534 5551 * Sometimes we need to take action when the transition is complete, like
5535 5552 * start sulogin or halt the system. To tell when we're done, we initialize
5536 5553 * non_subgraph_svcs here to be the number of services which need to come
5537 5554 * down. As each does, we decrement the counter. When it hits zero, we take
5538 5555 * the appropriate action. See vertex_subgraph_dependencies_shutdown().
5539 5556 *
5540 5557 * In case we're coming up, we also remove any enable-overrides for the
5541 5558 * services which are dependencies of fmri.
5542 5559 *
5543 5560 * If norepository is true, the function will not change the repository.
5544 5561 *
5545 5562 * The decision to change the system run level in accordance with the milestone
5546 5563 * is taken in dgraph_set_runlevel().
5547 5564 *
5548 5565 * Returns
5549 5566 * 0 - success
5550 5567 * ECONNRESET - success, but handle was rebound
5551 5568 * EINVAL - fmri is invalid (error is logged)
5552 5569 * EALREADY - the milestone is already set to fmri
5553 5570 * ENOENT - a configured vertex does not exist for fmri (an error is logged)
5554 5571 */
5555 5572 static int
5556 5573 dgraph_set_milestone(const char *fmri, scf_handle_t *h, boolean_t norepository)
5557 5574 {
5558 5575 const char *cfmri, *fs;
5559 5576 graph_vertex_t *nm, *v;
5560 5577 int ret = 0, r;
5561 5578 scf_instance_t *inst;
5562 5579 boolean_t isall, isnone, rebound = B_FALSE;
5563 5580
5564 5581 /* Validate fmri */
5565 5582 isall = (strcmp(fmri, "all") == 0);
5566 5583 isnone = (strcmp(fmri, "none") == 0);
5567 5584
5568 5585 if (!isall && !isnone) {
5569 5586 if (fmri_canonify(fmri, (char **)&cfmri, B_FALSE) == EINVAL)
5570 5587 goto reject;
5571 5588
5572 5589 if (strcmp(cfmri, single_user_fmri) != 0 &&
5573 5590 strcmp(cfmri, multi_user_fmri) != 0 &&
5574 5591 strcmp(cfmri, multi_user_svr_fmri) != 0) {
5575 5592 startd_free((void *)cfmri, max_scf_fmri_size);
5576 5593 reject:
5577 5594 log_framework(LOG_WARNING,
5578 5595 "Rejecting request for invalid milestone \"%s\".\n",
5579 5596 fmri);
5580 5597 return (EINVAL);
5581 5598 }
5582 5599 }
5583 5600
5584 5601 inst = safe_scf_instance_create(h);
5585 5602
5586 5603 MUTEX_LOCK(&dgraph_lock);
5587 5604
5588 5605 if (milestone == NULL) {
5589 5606 if (isall) {
5590 5607 log_framework(LOG_DEBUG,
5591 5608 "Milestone already set to all.\n");
5592 5609 ret = EALREADY;
5593 5610 goto out;
5594 5611 }
5595 5612 } else if (milestone == MILESTONE_NONE) {
5596 5613 if (isnone) {
5597 5614 log_framework(LOG_DEBUG,
5598 5615 "Milestone already set to none.\n");
5599 5616 ret = EALREADY;
5600 5617 goto out;
5601 5618 }
5602 5619 } else {
5603 5620 if (!isall && !isnone &&
5604 5621 strcmp(cfmri, milestone->gv_name) == 0) {
5605 5622 log_framework(LOG_DEBUG,
5606 5623 "Milestone already set to %s.\n", cfmri);
5607 5624 ret = EALREADY;
5608 5625 goto out;
5609 5626 }
5610 5627 }
5611 5628
5612 5629 if (!isall && !isnone) {
5613 5630 nm = vertex_get_by_name(cfmri);
5614 5631 if (nm == NULL || !(nm->gv_flags & GV_CONFIGURED)) {
5615 5632 log_framework(LOG_WARNING, "Cannot set milestone to %s "
5616 5633 "because no such service exists.\n", cfmri);
5617 5634 ret = ENOENT;
5618 5635 goto out;
5619 5636 }
5620 5637 }
5621 5638
5622 5639 log_framework(LOG_DEBUG, "Changing milestone to %s.\n", fmri);
5623 5640
5624 5641 /*
5625 5642 * Set milestone, removing the old one if this was the last reference.
5626 5643 */
5627 5644 if (milestone > MILESTONE_NONE)
5628 5645 (void) vertex_unref(milestone);
5629 5646
5630 5647 if (isall)
5631 5648 milestone = NULL;
5632 5649 else if (isnone)
5633 5650 milestone = MILESTONE_NONE;
5634 5651 else {
5635 5652 milestone = nm;
5636 5653 /* milestone should count as a reference */
5637 5654 vertex_ref(milestone);
5638 5655 }
5639 5656
5640 5657 /* Clear all GV_INSUBGRAPH bits. */
5641 5658 for (v = uu_list_first(dgraph); v != NULL; v = uu_list_next(dgraph, v))
5642 5659 v->gv_flags &= ~GV_INSUBGRAPH;
5643 5660
5644 5661 if (!isall && !isnone) {
5645 5662 /* Set GV_INSUBGRAPH for milestone & descendents. */
5646 5663 milestone->gv_flags |= GV_INSUBGRAPH;
5647 5664
5648 5665 r = uu_list_walk(milestone->gv_dependencies,
5649 5666 (uu_walk_fn_t *)mark_subgraph, NULL, 0);
5650 5667 assert(r == 0);
5651 5668 }
5652 5669
5653 5670 /* Un-override services in the subgraph & override-disable the rest. */
5654 5671 if (norepository)
5655 5672 goto out;
5656 5673
5657 5674 non_subgraph_svcs = 0;
5658 5675 for (v = uu_list_first(dgraph);
5659 5676 v != NULL;
5660 5677 v = uu_list_next(dgraph, v)) {
5661 5678 if (v->gv_type != GVT_INST ||
5662 5679 (v->gv_flags & GV_CONFIGURED) == 0)
5663 5680 continue;
5664 5681
5665 5682 again:
5666 5683 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
5667 5684 NULL, NULL, SCF_DECODE_FMRI_EXACT);
5668 5685 if (r != 0) {
5669 5686 switch (scf_error()) {
5670 5687 case SCF_ERROR_CONNECTION_BROKEN:
5671 5688 default:
5672 5689 libscf_handle_rebind(h);
5673 5690 rebound = B_TRUE;
5674 5691 goto again;
5675 5692
5676 5693 case SCF_ERROR_NOT_FOUND:
5677 5694 continue;
5678 5695
5679 5696 case SCF_ERROR_HANDLE_MISMATCH:
5680 5697 case SCF_ERROR_INVALID_ARGUMENT:
5681 5698 case SCF_ERROR_CONSTRAINT_VIOLATED:
5682 5699 case SCF_ERROR_NOT_BOUND:
5683 5700 bad_error("scf_handle_decode_fmri",
5684 5701 scf_error());
5685 5702 }
5686 5703 }
5687 5704
5688 5705 if (isall || (v->gv_flags & GV_INSUBGRAPH)) {
5689 5706 r = libscf_delete_enable_ovr(inst);
5690 5707 fs = "libscf_delete_enable_ovr";
5691 5708 } else {
5692 5709 assert(isnone || (v->gv_flags & GV_INSUBGRAPH) == 0);
5693 5710
5694 5711 /*
5695 5712 * Services which are up need to come down before
5696 5713 * we're done, but we can only disable the leaves
5697 5714 * here.
5698 5715 */
5699 5716
5700 5717 if (up_state(v->gv_state))
5701 5718 ++non_subgraph_svcs;
5702 5719
5703 5720 /* If it's already disabled, don't bother. */
5704 5721 if ((v->gv_flags & GV_ENABLED) == 0)
5705 5722 continue;
5706 5723
5707 5724 if (!is_nonsubgraph_leaf(v))
5708 5725 continue;
5709 5726
5710 5727 r = libscf_set_enable_ovr(inst, 0);
5711 5728 fs = "libscf_set_enable_ovr";
5712 5729 }
5713 5730 switch (r) {
5714 5731 case 0:
5715 5732 case ECANCELED:
5716 5733 break;
5717 5734
5718 5735 case ECONNABORTED:
5719 5736 libscf_handle_rebind(h);
5720 5737 rebound = B_TRUE;
5721 5738 goto again;
5722 5739
5723 5740 case EPERM:
5724 5741 case EROFS:
5725 5742 log_error(LOG_WARNING,
5726 5743 "Could not set %s/%s for %s: %s.\n",
5727 5744 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
5728 5745 v->gv_name, strerror(r));
5729 5746 break;
5730 5747
5731 5748 default:
5732 5749 bad_error(fs, r);
5733 5750 }
5734 5751 }
5735 5752
5736 5753 if (halting != -1) {
5737 5754 if (non_subgraph_svcs > 1)
5738 5755 uu_warn("%d system services are now being stopped.\n",
5739 5756 non_subgraph_svcs);
5740 5757 else if (non_subgraph_svcs == 1)
5741 5758 uu_warn("One system service is now being stopped.\n");
5742 5759 else if (non_subgraph_svcs == 0)
5743 5760 do_uadmin();
5744 5761 }
5745 5762
5746 5763 ret = rebound ? ECONNRESET : 0;
5747 5764
5748 5765 out:
5749 5766 MUTEX_UNLOCK(&dgraph_lock);
5750 5767 if (!isall && !isnone)
5751 5768 startd_free((void *)cfmri, max_scf_fmri_size);
5752 5769 scf_instance_destroy(inst);
5753 5770 return (ret);
5754 5771 }
5755 5772
5756 5773
5757 5774 /*
5758 5775 * Returns 0, ECONNABORTED, or EINVAL.
5759 5776 */
5760 5777 static int
5761 5778 handle_graph_update_event(scf_handle_t *h, graph_protocol_event_t *e)
5762 5779 {
5763 5780 int r;
5764 5781
5765 5782 switch (e->gpe_type) {
5766 5783 case GRAPH_UPDATE_RELOAD_GRAPH:
5767 5784 log_error(LOG_WARNING,
5768 5785 "graph_event: reload graph unimplemented\n");
5769 5786 break;
5770 5787
5771 5788 case GRAPH_UPDATE_STATE_CHANGE: {
5772 5789 protocol_states_t *states = e->gpe_data;
5773 5790
5774 5791 switch (r = dgraph_set_instance_state(h, e->gpe_inst, states)) {
5775 5792 case 0:
5776 5793 case ENOENT:
5777 5794 break;
5778 5795
5779 5796 case ECONNABORTED:
5780 5797 return (ECONNABORTED);
5781 5798
5782 5799 case EINVAL:
5783 5800 default:
5784 5801 #ifndef NDEBUG
5785 5802 (void) fprintf(stderr, "dgraph_set_instance_state() "
5786 5803 "failed with unexpected error %d at %s:%d.\n", r,
5787 5804 __FILE__, __LINE__);
5788 5805 #endif
5789 5806 abort();
5790 5807 }
5791 5808
5792 5809 startd_free(states, sizeof (protocol_states_t));
5793 5810 break;
5794 5811 }
5795 5812
5796 5813 default:
5797 5814 log_error(LOG_WARNING,
5798 5815 "graph_event_loop received an unknown event: %d\n",
5799 5816 e->gpe_type);
5800 5817 break;
5801 5818 }
5802 5819
5803 5820 return (0);
5804 5821 }
5805 5822
5806 5823 /*
5807 5824 * graph_event_thread()
5808 5825 * Wait for state changes from the restarters.
5809 5826 */
5810 5827 /*ARGSUSED*/
5811 5828 void *
5812 5829 graph_event_thread(void *unused)
5813 5830 {
5814 5831 scf_handle_t *h;
5815 5832 int err;
5816 5833
5817 5834 h = libscf_handle_create_bound_loop();
5818 5835
5819 5836 /*CONSTCOND*/
5820 5837 while (1) {
5821 5838 graph_protocol_event_t *e;
5822 5839
5823 5840 MUTEX_LOCK(&gu->gu_lock);
5824 5841
5825 5842 while (gu->gu_wakeup == 0)
5826 5843 (void) pthread_cond_wait(&gu->gu_cv, &gu->gu_lock);
5827 5844
5828 5845 gu->gu_wakeup = 0;
5829 5846
5830 5847 while ((e = graph_event_dequeue()) != NULL) {
5831 5848 MUTEX_LOCK(&e->gpe_lock);
5832 5849 MUTEX_UNLOCK(&gu->gu_lock);
5833 5850
5834 5851 while ((err = handle_graph_update_event(h, e)) ==
5835 5852 ECONNABORTED)
5836 5853 libscf_handle_rebind(h);
5837 5854
5838 5855 if (err == 0)
5839 5856 graph_event_release(e);
5840 5857 else
5841 5858 graph_event_requeue(e);
5842 5859
5843 5860 MUTEX_LOCK(&gu->gu_lock);
5844 5861 }
5845 5862
5846 5863 MUTEX_UNLOCK(&gu->gu_lock);
5847 5864 }
5848 5865
5849 5866 /*
5850 5867 * Unreachable for now -- there's currently no graceful cleanup
5851 5868 * called on exit().
5852 5869 */
5853 5870 MUTEX_UNLOCK(&gu->gu_lock);
5854 5871 scf_handle_destroy(h);
5855 5872 return (NULL);
5856 5873 }
5857 5874
5858 5875 static void
5859 5876 set_initial_milestone(scf_handle_t *h)
5860 5877 {
5861 5878 scf_instance_t *inst;
5862 5879 char *fmri, *cfmri;
5863 5880 size_t sz;
5864 5881 int r;
5865 5882
5866 5883 inst = safe_scf_instance_create(h);
5867 5884 fmri = startd_alloc(max_scf_fmri_size);
5868 5885
5869 5886 /*
5870 5887 * If -m milestone= was specified, we want to set options_ovr/milestone
5871 5888 * to it. Otherwise we want to read what the milestone should be set
5872 5889 * to. Either way we need our inst.
5873 5890 */
5874 5891 get_self:
5875 5892 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
5876 5893 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5877 5894 switch (scf_error()) {
5878 5895 case SCF_ERROR_CONNECTION_BROKEN:
5879 5896 libscf_handle_rebind(h);
5880 5897 goto get_self;
5881 5898
5882 5899 case SCF_ERROR_NOT_FOUND:
5883 5900 if (st->st_subgraph != NULL &&
5884 5901 st->st_subgraph[0] != '\0') {
5885 5902 sz = strlcpy(fmri, st->st_subgraph,
5886 5903 max_scf_fmri_size);
5887 5904 assert(sz < max_scf_fmri_size);
5888 5905 } else {
5889 5906 fmri[0] = '\0';
5890 5907 }
5891 5908 break;
5892 5909
5893 5910 case SCF_ERROR_INVALID_ARGUMENT:
5894 5911 case SCF_ERROR_CONSTRAINT_VIOLATED:
5895 5912 case SCF_ERROR_HANDLE_MISMATCH:
5896 5913 default:
5897 5914 bad_error("scf_handle_decode_fmri", scf_error());
5898 5915 }
5899 5916 } else {
5900 5917 if (st->st_subgraph != NULL && st->st_subgraph[0] != '\0') {
5901 5918 scf_propertygroup_t *pg;
5902 5919
5903 5920 pg = safe_scf_pg_create(h);
5904 5921
5905 5922 sz = strlcpy(fmri, st->st_subgraph, max_scf_fmri_size);
5906 5923 assert(sz < max_scf_fmri_size);
5907 5924
5908 5925 r = libscf_inst_get_or_add_pg(inst, SCF_PG_OPTIONS_OVR,
5909 5926 SCF_PG_OPTIONS_OVR_TYPE, SCF_PG_OPTIONS_OVR_FLAGS,
5910 5927 pg);
5911 5928 switch (r) {
5912 5929 case 0:
5913 5930 break;
5914 5931
5915 5932 case ECONNABORTED:
5916 5933 libscf_handle_rebind(h);
5917 5934 goto get_self;
5918 5935
5919 5936 case EPERM:
5920 5937 case EACCES:
5921 5938 case EROFS:
5922 5939 log_error(LOG_WARNING, "Could not set %s/%s: "
5923 5940 "%s.\n", SCF_PG_OPTIONS_OVR,
5924 5941 SCF_PROPERTY_MILESTONE, strerror(r));
5925 5942 /* FALLTHROUGH */
5926 5943
5927 5944 case ECANCELED:
5928 5945 sz = strlcpy(fmri, st->st_subgraph,
5929 5946 max_scf_fmri_size);
5930 5947 assert(sz < max_scf_fmri_size);
5931 5948 break;
5932 5949
5933 5950 default:
5934 5951 bad_error("libscf_inst_get_or_add_pg", r);
5935 5952 }
5936 5953
5937 5954 r = libscf_clear_runlevel(pg, fmri);
5938 5955 switch (r) {
5939 5956 case 0:
5940 5957 break;
5941 5958
5942 5959 case ECONNABORTED:
5943 5960 libscf_handle_rebind(h);
5944 5961 goto get_self;
5945 5962
5946 5963 case EPERM:
5947 5964 case EACCES:
5948 5965 case EROFS:
5949 5966 log_error(LOG_WARNING, "Could not set %s/%s: "
5950 5967 "%s.\n", SCF_PG_OPTIONS_OVR,
5951 5968 SCF_PROPERTY_MILESTONE, strerror(r));
5952 5969 /* FALLTHROUGH */
5953 5970
5954 5971 case ECANCELED:
5955 5972 sz = strlcpy(fmri, st->st_subgraph,
5956 5973 max_scf_fmri_size);
5957 5974 assert(sz < max_scf_fmri_size);
5958 5975 break;
5959 5976
5960 5977 default:
5961 5978 bad_error("libscf_clear_runlevel", r);
5962 5979 }
5963 5980
5964 5981 scf_pg_destroy(pg);
5965 5982 } else {
5966 5983 scf_property_t *prop;
5967 5984 scf_value_t *val;
5968 5985
5969 5986 prop = safe_scf_property_create(h);
5970 5987 val = safe_scf_value_create(h);
5971 5988
5972 5989 r = libscf_get_milestone(inst, prop, val, fmri,
5973 5990 max_scf_fmri_size);
5974 5991 switch (r) {
5975 5992 case 0:
5976 5993 break;
5977 5994
5978 5995 case ECONNABORTED:
5979 5996 libscf_handle_rebind(h);
5980 5997 goto get_self;
5981 5998
5982 5999 case EINVAL:
5983 6000 log_error(LOG_WARNING, "Milestone property is "
5984 6001 "misconfigured. Defaulting to \"all\".\n");
5985 6002 /* FALLTHROUGH */
5986 6003
5987 6004 case ECANCELED:
5988 6005 case ENOENT:
5989 6006 fmri[0] = '\0';
5990 6007 break;
5991 6008
5992 6009 default:
5993 6010 bad_error("libscf_get_milestone", r);
5994 6011 }
5995 6012
5996 6013 scf_value_destroy(val);
5997 6014 scf_property_destroy(prop);
5998 6015 }
5999 6016 }
6000 6017
6001 6018 if (fmri[0] == '\0' || strcmp(fmri, "all") == 0)
6002 6019 goto out;
6003 6020
6004 6021 if (strcmp(fmri, "none") != 0) {
6005 6022 retry:
6006 6023 if (scf_handle_decode_fmri(h, fmri, NULL, NULL, inst, NULL,
6007 6024 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
6008 6025 switch (scf_error()) {
6009 6026 case SCF_ERROR_INVALID_ARGUMENT:
6010 6027 log_error(LOG_WARNING,
6011 6028 "Requested milestone \"%s\" is invalid. "
6012 6029 "Reverting to \"all\".\n", fmri);
6013 6030 goto out;
6014 6031
6015 6032 case SCF_ERROR_CONSTRAINT_VIOLATED:
6016 6033 log_error(LOG_WARNING, "Requested milestone "
6017 6034 "\"%s\" does not specify an instance. "
6018 6035 "Reverting to \"all\".\n", fmri);
6019 6036 goto out;
6020 6037
6021 6038 case SCF_ERROR_CONNECTION_BROKEN:
6022 6039 libscf_handle_rebind(h);
6023 6040 goto retry;
6024 6041
6025 6042 case SCF_ERROR_NOT_FOUND:
6026 6043 log_error(LOG_WARNING, "Requested milestone "
6027 6044 "\"%s\" not in repository. Reverting to "
6028 6045 "\"all\".\n", fmri);
6029 6046 goto out;
6030 6047
6031 6048 case SCF_ERROR_HANDLE_MISMATCH:
6032 6049 default:
6033 6050 bad_error("scf_handle_decode_fmri",
6034 6051 scf_error());
6035 6052 }
6036 6053 }
6037 6054
6038 6055 r = fmri_canonify(fmri, &cfmri, B_FALSE);
6039 6056 assert(r == 0);
6040 6057
6041 6058 r = dgraph_add_instance(cfmri, inst, B_TRUE);
6042 6059 startd_free(cfmri, max_scf_fmri_size);
6043 6060 switch (r) {
6044 6061 case 0:
6045 6062 break;
6046 6063
6047 6064 case ECONNABORTED:
6048 6065 goto retry;
6049 6066
6050 6067 case EINVAL:
6051 6068 log_error(LOG_WARNING,
6052 6069 "Requested milestone \"%s\" is invalid. "
6053 6070 "Reverting to \"all\".\n", fmri);
6054 6071 goto out;
6055 6072
6056 6073 case ECANCELED:
6057 6074 log_error(LOG_WARNING,
6058 6075 "Requested milestone \"%s\" not "
6059 6076 "in repository. Reverting to \"all\".\n",
6060 6077 fmri);
6061 6078 goto out;
6062 6079
6063 6080 case EEXIST:
6064 6081 default:
6065 6082 bad_error("dgraph_add_instance", r);
6066 6083 }
6067 6084 }
6068 6085
6069 6086 log_console(LOG_INFO, "Booting to milestone \"%s\".\n", fmri);
6070 6087
6071 6088 r = dgraph_set_milestone(fmri, h, B_FALSE);
6072 6089 switch (r) {
6073 6090 case 0:
6074 6091 case ECONNRESET:
6075 6092 case EALREADY:
6076 6093 break;
6077 6094
6078 6095 case EINVAL:
6079 6096 case ENOENT:
6080 6097 default:
6081 6098 bad_error("dgraph_set_milestone", r);
6082 6099 }
6083 6100
6084 6101 out:
6085 6102 startd_free(fmri, max_scf_fmri_size);
6086 6103 scf_instance_destroy(inst);
6087 6104 }
6088 6105
6089 6106 void
6090 6107 set_restart_milestone(scf_handle_t *h)
6091 6108 {
6092 6109 scf_instance_t *inst;
6093 6110 scf_property_t *prop;
6094 6111 scf_value_t *val;
6095 6112 char *fmri;
6096 6113 int r;
6097 6114
6098 6115 inst = safe_scf_instance_create(h);
6099 6116
6100 6117 get_self:
6101 6118 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL,
6102 6119 inst, NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
6103 6120 switch (scf_error()) {
6104 6121 case SCF_ERROR_CONNECTION_BROKEN:
6105 6122 libscf_handle_rebind(h);
6106 6123 goto get_self;
6107 6124
6108 6125 case SCF_ERROR_NOT_FOUND:
6109 6126 break;
6110 6127
6111 6128 case SCF_ERROR_INVALID_ARGUMENT:
6112 6129 case SCF_ERROR_CONSTRAINT_VIOLATED:
6113 6130 case SCF_ERROR_HANDLE_MISMATCH:
6114 6131 default:
6115 6132 bad_error("scf_handle_decode_fmri", scf_error());
6116 6133 }
6117 6134
6118 6135 scf_instance_destroy(inst);
6119 6136 return;
6120 6137 }
6121 6138
6122 6139 prop = safe_scf_property_create(h);
6123 6140 val = safe_scf_value_create(h);
6124 6141 fmri = startd_alloc(max_scf_fmri_size);
6125 6142
6126 6143 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6127 6144 switch (r) {
6128 6145 case 0:
6129 6146 break;
6130 6147
6131 6148 case ECONNABORTED:
6132 6149 libscf_handle_rebind(h);
6133 6150 goto get_self;
6134 6151
6135 6152 case ECANCELED:
6136 6153 case ENOENT:
6137 6154 case EINVAL:
6138 6155 goto out;
6139 6156
6140 6157 default:
6141 6158 bad_error("libscf_get_milestone", r);
6142 6159 }
6143 6160
6144 6161 r = dgraph_set_milestone(fmri, h, B_TRUE);
6145 6162 switch (r) {
6146 6163 case 0:
6147 6164 case ECONNRESET:
6148 6165 case EALREADY:
6149 6166 case EINVAL:
6150 6167 case ENOENT:
6151 6168 break;
6152 6169
6153 6170 default:
6154 6171 bad_error("dgraph_set_milestone", r);
6155 6172 }
6156 6173
6157 6174 out:
6158 6175 startd_free(fmri, max_scf_fmri_size);
6159 6176 scf_value_destroy(val);
6160 6177 scf_property_destroy(prop);
6161 6178 scf_instance_destroy(inst);
6162 6179 }
6163 6180
6164 6181 /*
6165 6182 * void *graph_thread(void *)
6166 6183 *
6167 6184 * Graph management thread.
6168 6185 */
6169 6186 /*ARGSUSED*/
6170 6187 void *
6171 6188 graph_thread(void *arg)
6172 6189 {
6173 6190 scf_handle_t *h;
6174 6191 int err;
6175 6192
6176 6193 h = libscf_handle_create_bound_loop();
6177 6194
6178 6195 if (st->st_initial)
6179 6196 set_initial_milestone(h);
6180 6197
6181 6198 MUTEX_LOCK(&dgraph_lock);
6182 6199 initial_milestone_set = B_TRUE;
6183 6200 err = pthread_cond_broadcast(&initial_milestone_cv);
6184 6201 assert(err == 0);
6185 6202 MUTEX_UNLOCK(&dgraph_lock);
6186 6203
6187 6204 libscf_populate_graph(h);
6188 6205
6189 6206 if (!st->st_initial)
6190 6207 set_restart_milestone(h);
6191 6208
6192 6209 MUTEX_LOCK(&st->st_load_lock);
6193 6210 st->st_load_complete = 1;
6194 6211 (void) pthread_cond_broadcast(&st->st_load_cv);
6195 6212 MUTEX_UNLOCK(&st->st_load_lock);
6196 6213
6197 6214 MUTEX_LOCK(&dgraph_lock);
6198 6215 /*
6199 6216 * Now that we've set st_load_complete we need to check can_come_up()
6200 6217 * since if we booted to a milestone, then there won't be any more
6201 6218 * state updates.
6202 6219 */
6203 6220 if (!go_single_user_mode && !go_to_level1 &&
6204 6221 halting == -1) {
6205 6222 if (!sulogin_thread_running && !can_come_up()) {
6206 6223 (void) startd_thread_create(sulogin_thread, NULL);
6207 6224 sulogin_thread_running = B_TRUE;
6208 6225 }
6209 6226 }
6210 6227 MUTEX_UNLOCK(&dgraph_lock);
6211 6228
6212 6229 (void) pthread_mutex_lock(&gu->gu_freeze_lock);
6213 6230
6214 6231 /*CONSTCOND*/
6215 6232 while (1) {
6216 6233 (void) pthread_cond_wait(&gu->gu_freeze_cv,
6217 6234 &gu->gu_freeze_lock);
6218 6235 }
6219 6236
6220 6237 /*
6221 6238 * Unreachable for now -- there's currently no graceful cleanup
6222 6239 * called on exit().
6223 6240 */
6224 6241 (void) pthread_mutex_unlock(&gu->gu_freeze_lock);
6225 6242 scf_handle_destroy(h);
6226 6243
6227 6244 return (NULL);
6228 6245 }
6229 6246
6230 6247
6231 6248 /*
6232 6249 * int next_action()
6233 6250 * Given an array of timestamps 'a' with 'num' elements, find the
6234 6251 * lowest non-zero timestamp and return its index. If there are no
6235 6252 * non-zero elements, return -1.
6236 6253 */
6237 6254 static int
6238 6255 next_action(hrtime_t *a, int num)
6239 6256 {
6240 6257 hrtime_t t = 0;
6241 6258 int i = 0, smallest = -1;
6242 6259
6243 6260 for (i = 0; i < num; i++) {
6244 6261 if (t == 0) {
6245 6262 t = a[i];
6246 6263 smallest = i;
6247 6264 } else if (a[i] != 0 && a[i] < t) {
6248 6265 t = a[i];
6249 6266 smallest = i;
6250 6267 }
6251 6268 }
6252 6269
6253 6270 if (t == 0)
6254 6271 return (-1);
6255 6272 else
6256 6273 return (smallest);
6257 6274 }
6258 6275
6259 6276 /*
6260 6277 * void process_actions()
6261 6278 * Process actions requested by the administrator. Possibilities include:
6262 6279 * refresh, restart, maintenance mode off, maintenance mode on,
6263 6280 * maintenance mode immediate, and degraded.
6264 6281 *
6265 6282 * The set of pending actions is represented in the repository as a
6266 6283 * per-instance property group, with each action being a single property
6267 6284 * in that group. This property group is converted to an array, with each
6268 6285 * action type having an array slot. The actions in the array at the
6269 6286 * time process_actions() is called are acted on in the order of the
6270 6287 * timestamp (which is the value stored in the slot). A value of zero
6271 6288 * indicates that there is no pending action of the type associated with
6272 6289 * a particular slot.
6273 6290 *
6274 6291 * Sending an action event multiple times before the restarter has a
6275 6292 * chance to process that action will force it to be run at the last
6276 6293 * timestamp where it appears in the ordering.
6277 6294 *
6278 6295 * Turning maintenance mode on trumps all other actions.
6279 6296 *
6280 6297 * Returns 0 or ECONNABORTED.
6281 6298 */
6282 6299 static int
6283 6300 process_actions(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst)
6284 6301 {
6285 6302 scf_property_t *prop = NULL;
6286 6303 scf_value_t *val = NULL;
6287 6304 scf_type_t type;
6288 6305 graph_vertex_t *vertex;
6289 6306 admin_action_t a;
6290 6307 int i, ret = 0, r;
6291 6308 hrtime_t action_ts[NACTIONS];
6292 6309 char *inst_name;
6293 6310
6294 6311 r = libscf_instance_get_fmri(inst, &inst_name);
6295 6312 switch (r) {
6296 6313 case 0:
6297 6314 break;
6298 6315
6299 6316 case ECONNABORTED:
6300 6317 return (ECONNABORTED);
6301 6318
6302 6319 case ECANCELED:
6303 6320 return (0);
6304 6321
6305 6322 default:
6306 6323 bad_error("libscf_instance_get_fmri", r);
6307 6324 }
6308 6325
6309 6326 MUTEX_LOCK(&dgraph_lock);
6310 6327
6311 6328 vertex = vertex_get_by_name(inst_name);
6312 6329 if (vertex == NULL) {
6313 6330 MUTEX_UNLOCK(&dgraph_lock);
6314 6331 log_framework(LOG_DEBUG, "%s: Can't find graph vertex. "
6315 6332 "The instance must have been removed.\n", inst_name);
6316 6333 startd_free(inst_name, max_scf_fmri_size);
6317 6334 return (0);
6318 6335 }
6319 6336
6320 6337 prop = safe_scf_property_create(h);
6321 6338 val = safe_scf_value_create(h);
6322 6339
6323 6340 for (i = 0; i < NACTIONS; i++) {
6324 6341 if (scf_pg_get_property(pg, admin_actions[i], prop) != 0) {
6325 6342 switch (scf_error()) {
6326 6343 case SCF_ERROR_CONNECTION_BROKEN:
6327 6344 default:
6328 6345 ret = ECONNABORTED;
6329 6346 goto out;
6330 6347
6331 6348 case SCF_ERROR_DELETED:
6332 6349 goto out;
6333 6350
6334 6351 case SCF_ERROR_NOT_FOUND:
6335 6352 action_ts[i] = 0;
6336 6353 continue;
6337 6354
6338 6355 case SCF_ERROR_HANDLE_MISMATCH:
6339 6356 case SCF_ERROR_INVALID_ARGUMENT:
6340 6357 case SCF_ERROR_NOT_SET:
6341 6358 bad_error("scf_pg_get_property", scf_error());
6342 6359 }
6343 6360 }
6344 6361
6345 6362 if (scf_property_type(prop, &type) != 0) {
6346 6363 switch (scf_error()) {
6347 6364 case SCF_ERROR_CONNECTION_BROKEN:
6348 6365 default:
6349 6366 ret = ECONNABORTED;
6350 6367 goto out;
6351 6368
6352 6369 case SCF_ERROR_DELETED:
6353 6370 action_ts[i] = 0;
6354 6371 continue;
6355 6372
6356 6373 case SCF_ERROR_NOT_SET:
6357 6374 bad_error("scf_property_type", scf_error());
6358 6375 }
6359 6376 }
6360 6377
6361 6378 if (type != SCF_TYPE_INTEGER) {
6362 6379 action_ts[i] = 0;
6363 6380 continue;
6364 6381 }
6365 6382
6366 6383 if (scf_property_get_value(prop, val) != 0) {
6367 6384 switch (scf_error()) {
6368 6385 case SCF_ERROR_CONNECTION_BROKEN:
6369 6386 default:
6370 6387 ret = ECONNABORTED;
6371 6388 goto out;
6372 6389
6373 6390 case SCF_ERROR_DELETED:
6374 6391 goto out;
6375 6392
6376 6393 case SCF_ERROR_NOT_FOUND:
6377 6394 case SCF_ERROR_CONSTRAINT_VIOLATED:
6378 6395 action_ts[i] = 0;
6379 6396 continue;
6380 6397
6381 6398 case SCF_ERROR_NOT_SET:
6382 6399 case SCF_ERROR_PERMISSION_DENIED:
6383 6400 bad_error("scf_property_get_value",
6384 6401 scf_error());
6385 6402 }
6386 6403 }
6387 6404
6388 6405 r = scf_value_get_integer(val, &action_ts[i]);
6389 6406 assert(r == 0);
6390 6407 }
6391 6408
6392 6409 a = ADMIN_EVENT_MAINT_ON_IMMEDIATE;
6393 6410 if (action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ||
6394 6411 action_ts[ADMIN_EVENT_MAINT_ON]) {
6395 6412 a = action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ?
6396 6413 ADMIN_EVENT_MAINT_ON_IMMEDIATE : ADMIN_EVENT_MAINT_ON;
6397 6414
6398 6415 vertex_send_event(vertex, admin_events[a]);
6399 6416 r = libscf_unset_action(h, pg, a, action_ts[a]);
6400 6417 switch (r) {
6401 6418 case 0:
6402 6419 case EACCES:
6403 6420 break;
6404 6421
6405 6422 case ECONNABORTED:
6406 6423 ret = ECONNABORTED;
6407 6424 goto out;
6408 6425
6409 6426 case EPERM:
6410 6427 uu_die("Insufficient privilege.\n");
6411 6428 /* NOTREACHED */
6412 6429
6413 6430 default:
6414 6431 bad_error("libscf_unset_action", r);
6415 6432 }
6416 6433 }
6417 6434
6418 6435 while ((a = next_action(action_ts, NACTIONS)) != -1) {
6419 6436 log_framework(LOG_DEBUG,
6420 6437 "Graph: processing %s action for %s.\n", admin_actions[a],
6421 6438 inst_name);
6422 6439
6423 6440 if (a == ADMIN_EVENT_REFRESH) {
6424 6441 r = dgraph_refresh_instance(vertex, inst);
6425 6442 switch (r) {
6426 6443 case 0:
6427 6444 case ECANCELED:
6428 6445 case EINVAL:
6429 6446 case -1:
6430 6447 break;
6431 6448
6432 6449 case ECONNABORTED:
6433 6450 /* pg & inst are reset now, so just return. */
6434 6451 ret = ECONNABORTED;
6435 6452 goto out;
6436 6453
6437 6454 default:
6438 6455 bad_error("dgraph_refresh_instance", r);
6439 6456 }
6440 6457 }
6441 6458
6442 6459 vertex_send_event(vertex, admin_events[a]);
6443 6460
6444 6461 r = libscf_unset_action(h, pg, a, action_ts[a]);
6445 6462 switch (r) {
6446 6463 case 0:
6447 6464 case EACCES:
6448 6465 break;
6449 6466
6450 6467 case ECONNABORTED:
6451 6468 ret = ECONNABORTED;
6452 6469 goto out;
6453 6470
6454 6471 case EPERM:
6455 6472 uu_die("Insufficient privilege.\n");
6456 6473 /* NOTREACHED */
6457 6474
6458 6475 default:
6459 6476 bad_error("libscf_unset_action", r);
6460 6477 }
6461 6478
6462 6479 action_ts[a] = 0;
6463 6480 }
6464 6481
6465 6482 out:
6466 6483 MUTEX_UNLOCK(&dgraph_lock);
6467 6484
6468 6485 scf_property_destroy(prop);
6469 6486 scf_value_destroy(val);
6470 6487 startd_free(inst_name, max_scf_fmri_size);
6471 6488 return (ret);
6472 6489 }
6473 6490
6474 6491 /*
6475 6492 * inst and pg_name are scratch space, and are unset on entry.
6476 6493 * Returns
6477 6494 * 0 - success
6478 6495 * ECONNRESET - success, but repository handle rebound
6479 6496 * ECONNABORTED - repository connection broken
6480 6497 */
6481 6498 static int
6482 6499 process_pg_event(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst,
6483 6500 char *pg_name)
6484 6501 {
6485 6502 int r;
6486 6503 scf_property_t *prop;
6487 6504 scf_value_t *val;
6488 6505 char *fmri;
6489 6506 boolean_t rebound = B_FALSE, rebind_inst = B_FALSE;
6490 6507
6491 6508 if (scf_pg_get_name(pg, pg_name, max_scf_value_size) < 0) {
6492 6509 switch (scf_error()) {
6493 6510 case SCF_ERROR_CONNECTION_BROKEN:
6494 6511 default:
6495 6512 return (ECONNABORTED);
6496 6513
6497 6514 case SCF_ERROR_DELETED:
6498 6515 return (0);
6499 6516
6500 6517 case SCF_ERROR_NOT_SET:
6501 6518 bad_error("scf_pg_get_name", scf_error());
6502 6519 }
6503 6520 }
6504 6521
6505 6522 if (strcmp(pg_name, SCF_PG_GENERAL) == 0 ||
6506 6523 strcmp(pg_name, SCF_PG_GENERAL_OVR) == 0) {
6507 6524 r = dgraph_update_general(pg);
6508 6525 switch (r) {
6509 6526 case 0:
6510 6527 case ENOTSUP:
6511 6528 case ECANCELED:
6512 6529 return (0);
6513 6530
6514 6531 case ECONNABORTED:
6515 6532 return (ECONNABORTED);
6516 6533
6517 6534 case -1:
6518 6535 /* Error should have been logged. */
6519 6536 return (0);
6520 6537
6521 6538 default:
6522 6539 bad_error("dgraph_update_general", r);
6523 6540 }
6524 6541 } else if (strcmp(pg_name, SCF_PG_RESTARTER_ACTIONS) == 0) {
6525 6542 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6526 6543 switch (scf_error()) {
6527 6544 case SCF_ERROR_CONNECTION_BROKEN:
6528 6545 return (ECONNABORTED);
6529 6546
6530 6547 case SCF_ERROR_DELETED:
6531 6548 case SCF_ERROR_CONSTRAINT_VIOLATED:
6532 6549 /* Ignore commands on services. */
6533 6550 return (0);
6534 6551
6535 6552 case SCF_ERROR_NOT_BOUND:
6536 6553 case SCF_ERROR_HANDLE_MISMATCH:
6537 6554 case SCF_ERROR_NOT_SET:
6538 6555 default:
6539 6556 bad_error("scf_pg_get_parent_instance",
6540 6557 scf_error());
6541 6558 }
6542 6559 }
6543 6560
6544 6561 return (process_actions(h, pg, inst));
6545 6562 }
6546 6563
6547 6564 if (strcmp(pg_name, SCF_PG_OPTIONS) != 0 &&
6548 6565 strcmp(pg_name, SCF_PG_OPTIONS_OVR) != 0)
6549 6566 return (0);
6550 6567
6551 6568 /*
6552 6569 * We only care about the options[_ovr] property groups of our own
6553 6570 * instance, so get the fmri and compare. Plus, once we know it's
6554 6571 * correct, if the repository connection is broken we know exactly what
6555 6572 * property group we were operating on, and can look it up again.
6556 6573 */
6557 6574 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6558 6575 switch (scf_error()) {
6559 6576 case SCF_ERROR_CONNECTION_BROKEN:
6560 6577 return (ECONNABORTED);
6561 6578
6562 6579 case SCF_ERROR_DELETED:
6563 6580 case SCF_ERROR_CONSTRAINT_VIOLATED:
6564 6581 return (0);
6565 6582
6566 6583 case SCF_ERROR_HANDLE_MISMATCH:
6567 6584 case SCF_ERROR_NOT_BOUND:
6568 6585 case SCF_ERROR_NOT_SET:
6569 6586 default:
6570 6587 bad_error("scf_pg_get_parent_instance",
6571 6588 scf_error());
6572 6589 }
6573 6590 }
6574 6591
6575 6592 switch (r = libscf_instance_get_fmri(inst, &fmri)) {
6576 6593 case 0:
6577 6594 break;
6578 6595
6579 6596 case ECONNABORTED:
6580 6597 return (ECONNABORTED);
6581 6598
6582 6599 case ECANCELED:
6583 6600 return (0);
6584 6601
6585 6602 default:
6586 6603 bad_error("libscf_instance_get_fmri", r);
6587 6604 }
6588 6605
6589 6606 if (strcmp(fmri, SCF_SERVICE_STARTD) != 0) {
6590 6607 startd_free(fmri, max_scf_fmri_size);
6591 6608 return (0);
6592 6609 }
6593 6610
6594 6611 /*
6595 6612 * update the information events flag
6596 6613 */
6597 6614 if (strcmp(pg_name, SCF_PG_OPTIONS) == 0)
6598 6615 info_events_all = libscf_get_info_events_all(pg);
6599 6616
6600 6617 prop = safe_scf_property_create(h);
6601 6618 val = safe_scf_value_create(h);
6602 6619
6603 6620 if (strcmp(pg_name, SCF_PG_OPTIONS_OVR) == 0) {
6604 6621 /* See if we need to set the runlevel. */
6605 6622 /* CONSTCOND */
6606 6623 if (0) {
6607 6624 rebind_pg:
6608 6625 libscf_handle_rebind(h);
6609 6626 rebound = B_TRUE;
6610 6627
6611 6628 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6612 6629 switch (r) {
6613 6630 case 0:
6614 6631 break;
6615 6632
6616 6633 case ECONNABORTED:
6617 6634 goto rebind_pg;
6618 6635
6619 6636 case ENOENT:
6620 6637 goto out;
6621 6638
6622 6639 case EINVAL:
6623 6640 case ENOTSUP:
6624 6641 bad_error("libscf_lookup_instance", r);
6625 6642 }
6626 6643
6627 6644 if (scf_instance_get_pg(inst, pg_name, pg) != 0) {
6628 6645 switch (scf_error()) {
6629 6646 case SCF_ERROR_DELETED:
6630 6647 case SCF_ERROR_NOT_FOUND:
6631 6648 goto out;
6632 6649
6633 6650 case SCF_ERROR_CONNECTION_BROKEN:
6634 6651 goto rebind_pg;
6635 6652
6636 6653 case SCF_ERROR_HANDLE_MISMATCH:
6637 6654 case SCF_ERROR_NOT_BOUND:
6638 6655 case SCF_ERROR_NOT_SET:
6639 6656 case SCF_ERROR_INVALID_ARGUMENT:
6640 6657 default:
6641 6658 bad_error("scf_instance_get_pg",
6642 6659 scf_error());
6643 6660 }
6644 6661 }
6645 6662 }
6646 6663
6647 6664 if (scf_pg_get_property(pg, "runlevel", prop) == 0) {
6648 6665 r = dgraph_set_runlevel(pg, prop);
6649 6666 switch (r) {
6650 6667 case ECONNRESET:
6651 6668 rebound = B_TRUE;
6652 6669 rebind_inst = B_TRUE;
6653 6670 /* FALLTHROUGH */
6654 6671
6655 6672 case 0:
6656 6673 break;
6657 6674
6658 6675 case ECONNABORTED:
6659 6676 goto rebind_pg;
6660 6677
6661 6678 case ECANCELED:
6662 6679 goto out;
6663 6680
6664 6681 default:
6665 6682 bad_error("dgraph_set_runlevel", r);
6666 6683 }
6667 6684 } else {
6668 6685 switch (scf_error()) {
6669 6686 case SCF_ERROR_CONNECTION_BROKEN:
6670 6687 default:
6671 6688 goto rebind_pg;
6672 6689
6673 6690 case SCF_ERROR_DELETED:
6674 6691 goto out;
6675 6692
6676 6693 case SCF_ERROR_NOT_FOUND:
6677 6694 break;
6678 6695
6679 6696 case SCF_ERROR_INVALID_ARGUMENT:
6680 6697 case SCF_ERROR_HANDLE_MISMATCH:
6681 6698 case SCF_ERROR_NOT_BOUND:
6682 6699 case SCF_ERROR_NOT_SET:
6683 6700 bad_error("scf_pg_get_property", scf_error());
6684 6701 }
6685 6702 }
6686 6703 }
6687 6704
6688 6705 if (rebind_inst) {
6689 6706 lookup_inst:
6690 6707 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6691 6708 switch (r) {
6692 6709 case 0:
6693 6710 break;
6694 6711
6695 6712 case ECONNABORTED:
6696 6713 libscf_handle_rebind(h);
6697 6714 rebound = B_TRUE;
6698 6715 goto lookup_inst;
6699 6716
6700 6717 case ENOENT:
6701 6718 goto out;
6702 6719
6703 6720 case EINVAL:
6704 6721 case ENOTSUP:
6705 6722 bad_error("libscf_lookup_instance", r);
6706 6723 }
6707 6724 }
6708 6725
6709 6726 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6710 6727 switch (r) {
6711 6728 case 0:
6712 6729 break;
6713 6730
6714 6731 case ECONNABORTED:
6715 6732 libscf_handle_rebind(h);
6716 6733 rebound = B_TRUE;
6717 6734 goto lookup_inst;
6718 6735
6719 6736 case EINVAL:
6720 6737 log_error(LOG_NOTICE,
6721 6738 "%s/%s property of %s is misconfigured.\n", pg_name,
6722 6739 SCF_PROPERTY_MILESTONE, SCF_SERVICE_STARTD);
6723 6740 /* FALLTHROUGH */
6724 6741
6725 6742 case ECANCELED:
6726 6743 case ENOENT:
6727 6744 (void) strcpy(fmri, "all");
6728 6745 break;
6729 6746
6730 6747 default:
6731 6748 bad_error("libscf_get_milestone", r);
6732 6749 }
6733 6750
6734 6751 r = dgraph_set_milestone(fmri, h, B_FALSE);
6735 6752 switch (r) {
6736 6753 case 0:
6737 6754 case ECONNRESET:
6738 6755 case EALREADY:
6739 6756 break;
6740 6757
6741 6758 case EINVAL:
6742 6759 log_error(LOG_WARNING, "Milestone %s is invalid.\n", fmri);
6743 6760 break;
6744 6761
6745 6762 case ENOENT:
6746 6763 log_error(LOG_WARNING, "Milestone %s does not exist.\n", fmri);
6747 6764 break;
6748 6765
6749 6766 default:
6750 6767 bad_error("dgraph_set_milestone", r);
6751 6768 }
6752 6769
6753 6770 out:
6754 6771 startd_free(fmri, max_scf_fmri_size);
6755 6772 scf_value_destroy(val);
6756 6773 scf_property_destroy(prop);
6757 6774
6758 6775 return (rebound ? ECONNRESET : 0);
6759 6776 }
6760 6777
6761 6778 /*
6762 6779 * process_delete() deletes an instance from the dgraph if 'fmri' is an
6763 6780 * instance fmri or if 'fmri' matches the 'general' property group of an
6764 6781 * instance (or the 'general/enabled' property).
6765 6782 *
6766 6783 * 'fmri' may be overwritten and cannot be trusted on return by the caller.
6767 6784 */
6768 6785 static void
6769 6786 process_delete(char *fmri, scf_handle_t *h)
6770 6787 {
6771 6788 char *lfmri, *end_inst_fmri;
6772 6789 const char *inst_name = NULL;
6773 6790 const char *pg_name = NULL;
6774 6791 const char *prop_name = NULL;
6775 6792
6776 6793 lfmri = safe_strdup(fmri);
6777 6794
6778 6795 /* Determine if the FMRI is a property group or instance */
6779 6796 if (scf_parse_svc_fmri(lfmri, NULL, NULL, &inst_name, &pg_name,
6780 6797 &prop_name) != SCF_SUCCESS) {
6781 6798 log_error(LOG_WARNING,
6782 6799 "Received invalid FMRI \"%s\" from repository server.\n",
6783 6800 fmri);
6784 6801 } else if (inst_name != NULL && pg_name == NULL) {
6785 6802 (void) dgraph_remove_instance(fmri, h);
6786 6803 } else if (inst_name != NULL && pg_name != NULL) {
6787 6804 /*
6788 6805 * If we're deleting the 'general' property group or
6789 6806 * 'general/enabled' property then the whole instance
6790 6807 * must be removed from the dgraph.
6791 6808 */
6792 6809 if (strcmp(pg_name, SCF_PG_GENERAL) != 0) {
6793 6810 free(lfmri);
6794 6811 return;
6795 6812 }
6796 6813
6797 6814 if (prop_name != NULL &&
6798 6815 strcmp(prop_name, SCF_PROPERTY_ENABLED) != 0) {
6799 6816 free(lfmri);
6800 6817 return;
6801 6818 }
6802 6819
6803 6820 /*
6804 6821 * Because the instance has already been deleted from the
6805 6822 * repository, we cannot use any scf_ functions to retrieve
6806 6823 * the instance FMRI however we can easily reconstruct it
6807 6824 * manually.
6808 6825 */
6809 6826 end_inst_fmri = strstr(fmri, SCF_FMRI_PROPERTYGRP_PREFIX);
6810 6827 if (end_inst_fmri == NULL)
6811 6828 bad_error("process_delete", 0);
6812 6829
6813 6830 end_inst_fmri[0] = '\0';
6814 6831
6815 6832 (void) dgraph_remove_instance(fmri, h);
6816 6833 }
6817 6834
6818 6835 free(lfmri);
6819 6836 }
6820 6837
6821 6838 /*ARGSUSED*/
6822 6839 void *
6823 6840 repository_event_thread(void *unused)
6824 6841 {
6825 6842 scf_handle_t *h;
6826 6843 scf_propertygroup_t *pg;
6827 6844 scf_instance_t *inst;
6828 6845 char *fmri = startd_alloc(max_scf_fmri_size);
6829 6846 char *pg_name = startd_alloc(max_scf_value_size);
6830 6847 int r;
6831 6848
6832 6849 h = libscf_handle_create_bound_loop();
6833 6850
6834 6851 pg = safe_scf_pg_create(h);
6835 6852 inst = safe_scf_instance_create(h);
6836 6853
6837 6854 retry:
6838 6855 if (_scf_notify_add_pgtype(h, SCF_GROUP_FRAMEWORK) != SCF_SUCCESS) {
6839 6856 if (scf_error() == SCF_ERROR_CONNECTION_BROKEN) {
6840 6857 libscf_handle_rebind(h);
6841 6858 } else {
6842 6859 log_error(LOG_WARNING,
6843 6860 "Couldn't set up repository notification "
6844 6861 "for property group type %s: %s\n",
6845 6862 SCF_GROUP_FRAMEWORK, scf_strerror(scf_error()));
6846 6863
6847 6864 (void) sleep(1);
6848 6865 }
6849 6866
6850 6867 goto retry;
6851 6868 }
6852 6869
6853 6870 /*CONSTCOND*/
6854 6871 while (1) {
6855 6872 ssize_t res;
6856 6873
6857 6874 /* Note: fmri is only set on delete events. */
6858 6875 res = _scf_notify_wait(pg, fmri, max_scf_fmri_size);
6859 6876 if (res < 0) {
6860 6877 libscf_handle_rebind(h);
6861 6878 goto retry;
6862 6879 } else if (res == 0) {
6863 6880 /*
6864 6881 * property group modified. inst and pg_name are
6865 6882 * pre-allocated scratch space.
6866 6883 */
6867 6884 if (scf_pg_update(pg) < 0) {
6868 6885 switch (scf_error()) {
6869 6886 case SCF_ERROR_DELETED:
6870 6887 continue;
6871 6888
6872 6889 case SCF_ERROR_CONNECTION_BROKEN:
6873 6890 log_error(LOG_WARNING,
6874 6891 "Lost repository event due to "
6875 6892 "disconnection.\n");
6876 6893 libscf_handle_rebind(h);
6877 6894 goto retry;
6878 6895
6879 6896 case SCF_ERROR_NOT_BOUND:
6880 6897 case SCF_ERROR_NOT_SET:
6881 6898 default:
6882 6899 bad_error("scf_pg_update", scf_error());
6883 6900 }
6884 6901 }
6885 6902
6886 6903 r = process_pg_event(h, pg, inst, pg_name);
6887 6904 switch (r) {
6888 6905 case 0:
6889 6906 break;
6890 6907
6891 6908 case ECONNABORTED:
6892 6909 log_error(LOG_WARNING, "Lost repository event "
6893 6910 "due to disconnection.\n");
6894 6911 libscf_handle_rebind(h);
6895 6912 /* FALLTHROUGH */
6896 6913
6897 6914 case ECONNRESET:
6898 6915 goto retry;
6899 6916
6900 6917 default:
6901 6918 bad_error("process_pg_event", r);
6902 6919 }
6903 6920 } else {
6904 6921 /*
6905 6922 * Service, instance, or pg deleted.
6906 6923 * Don't trust fmri on return.
6907 6924 */
6908 6925 process_delete(fmri, h);
6909 6926 }
6910 6927 }
6911 6928
6912 6929 /*NOTREACHED*/
6913 6930 return (NULL);
6914 6931 }
6915 6932
6916 6933 void
6917 6934 graph_engine_start()
6918 6935 {
6919 6936 int err;
6920 6937
6921 6938 (void) startd_thread_create(graph_thread, NULL);
6922 6939
6923 6940 MUTEX_LOCK(&dgraph_lock);
6924 6941 while (!initial_milestone_set) {
6925 6942 err = pthread_cond_wait(&initial_milestone_cv, &dgraph_lock);
6926 6943 assert(err == 0);
6927 6944 }
6928 6945 MUTEX_UNLOCK(&dgraph_lock);
6929 6946
6930 6947 (void) startd_thread_create(repository_event_thread, NULL);
6931 6948 (void) startd_thread_create(graph_event_thread, NULL);
6932 6949 }
|
↓ open down ↓ |
1457 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX