Print this page
7267 SMF is fast and loose with optional dependencies (fixes)
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Albert Lee <trisk@omniti.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/svc/startd/graph.c
+++ new/usr/src/cmd/svc/startd/graph.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Copyright (c) 2015, Syneto S.R.L. All rights reserved.
25 25 * Copyright 2016 Toomas Soome <tsoome@me.com>
26 26 * Copyright 2016 RackTop Systems.
27 27 */
28 28
29 29 /*
30 30 * graph.c - master restarter graph engine
31 31 *
32 32 * The graph engine keeps a dependency graph of all service instances on the
33 33 * system, as recorded in the repository. It decides when services should
34 34 * be brought up or down based on service states and dependencies and sends
35 35 * commands to restarters to effect any changes. It also executes
36 36 * administrator commands sent by svcadm via the repository.
37 37 *
38 38 * The graph is stored in uu_list_t *dgraph and its vertices are
39 39 * graph_vertex_t's, each of which has a name and an integer id unique to
40 40 * its name (see dict.c). A vertex's type attribute designates the type
41 41 * of object it represents: GVT_INST for service instances, GVT_SVC for
42 42 * service objects (since service instances may depend on another service,
43 43 * rather than service instance), GVT_FILE for files (which services may
44 44 * depend on), and GVT_GROUP for dependencies on multiple objects. GVT_GROUP
45 45 * vertices are necessary because dependency lists may have particular
46 46 * grouping types (require any, require all, optional, or exclude) and
47 47 * event-propagation characteristics.
48 48 *
49 49 * The initial graph is built by libscf_populate_graph() invoking
50 50 * dgraph_add_instance() for each instance in the repository. The function
51 51 * adds a GVT_SVC vertex for the service if one does not already exist, adds
52 52 * a GVT_INST vertex named by the FMRI of the instance, and sets up the edges.
53 53 * The resulting web of vertices & edges associated with an instance's vertex
54 54 * includes
55 55 *
56 56 * - an edge from the GVT_SVC vertex for the instance's service
57 57 *
58 58 * - an edge to the GVT_INST vertex of the instance's resarter, if its
59 59 * restarter is not svc.startd
60 60 *
61 61 * - edges from other GVT_INST vertices if the instance is a restarter
62 62 *
63 63 * - for each dependency property group in the instance's "running"
64 64 * snapshot, an edge to a GVT_GROUP vertex named by the FMRI of the
65 65 * instance and the name of the property group
66 66 *
67 67 * - for each value of the "entities" property in each dependency property
68 68 * group, an edge from the corresponding GVT_GROUP vertex to a
69 69 * GVT_INST, GVT_SVC, or GVT_FILE vertex
70 70 *
71 71 * - edges from GVT_GROUP vertices for each dependent instance
72 72 *
73 73 * After the edges are set up the vertex's GV_CONFIGURED flag is set. If
74 74 * there are problems, or if a service is mentioned in a dependency but does
75 75 * not exist in the repository, the GV_CONFIGURED flag will be clear.
76 76 *
77 77 * The graph and all of its vertices are protected by the dgraph_lock mutex.
78 78 * See restarter.c for more information.
79 79 *
80 80 * The properties of an instance fall into two classes: immediate and
81 81 * snapshotted. Immediate properties should have an immediate effect when
82 82 * changed. Snapshotted properties should be read from a snapshot, so they
83 83 * only change when the snapshot changes. The immediate properties used by
84 84 * the graph engine are general/enabled, general/restarter, and the properties
85 85 * in the restarter_actions property group. Since they are immediate, they
86 86 * are not read out of a snapshot. The snapshotted properties used by the
87 87 * graph engine are those in the property groups with type "dependency" and
88 88 * are read out of the "running" snapshot. The "running" snapshot is created
89 89 * by the the graph engine as soon as possible, and it is updated, along with
90 90 * in-core copies of the data (dependency information for the graph engine) on
91 91 * receipt of the refresh command from svcadm. In addition, the graph engine
92 92 * updates the "start" snapshot from the "running" snapshot whenever a service
93 93 * comes online.
94 94 *
95 95 * When a DISABLE event is requested by the administrator, svc.startd shutdown
96 96 * the dependents first before shutting down the requested service.
97 97 * In graph_enable_by_vertex, we create a subtree that contains the dependent
98 98 * vertices by marking those vertices with the GV_TOOFFLINE flag. And we mark
99 99 * the vertex to disable with the GV_TODISABLE flag. Once the tree is created,
100 100 * we send the _ADMIN_DISABLE event to the leaves. The leaves will then
101 101 * transition from STATE_ONLINE/STATE_DEGRADED to STATE_OFFLINE/STATE_MAINT.
102 102 * In gt_enter_offline and gt_enter_maint if the vertex was in a subtree then
103 103 * we clear the GV_TOOFFLINE flag and walk the dependencies to offline the new
104 104 * exposed leaves. We do the same until we reach the last leaf (the one with
105 105 * the GV_TODISABLE flag). If the vertex to disable is also part of a larger
106 106 * subtree (eg. multiple DISABLE events on vertices in the same subtree) then
107 107 * once the first vertex is disabled (GV_TODISABLE flag is removed), we
108 108 * continue to propagate the offline event to the vertex's dependencies.
109 109 *
110 110 *
111 111 * SMF state transition notifications
112 112 *
113 113 * When an instance of a service managed by SMF changes state, svc.startd may
114 114 * publish a GPEC sysevent. All transitions to or from maintenance, a
115 115 * transition cause by a hardware error will generate an event.
116 116 * Other transitions will generate an event if there exist notification
117 117 * parameter for that transition. Notification parameters are stored in the
118 118 * SMF repository for the service/instance they refer to. System-wide
119 119 * notification parameters are stored in the global instance.
120 120 * svc.startd can be told to send events for all SMF state transitions despite
121 121 * of notification parameters by setting options/info_events_all to true in
122 122 * restarter:default
123 123 *
124 124 * The set of transitions that generate events is cached in the
125 125 * dgraph_vertex_t gv_stn_tset for service/instance and in the global
126 126 * stn_global for the system-wide set. They are re-read when instances are
127 127 * refreshed.
128 128 *
129 129 * The GPEC events published by svc.startd are consumed by fmd(1M). After
130 130 * processing these events, fmd(1M) publishes the processed events to
131 131 * notification agents. The notification agents read the notification
132 132 * parameters from the SMF repository through libscf(3LIB) interfaces and send
133 133 * the notification, or not, based on those parameters.
134 134 *
135 135 * Subscription and publishing to the GPEC channels is done with the
136 136 * libfmevent(3LIB) wrappers fmev_[r]publish_*() and
137 137 * fmev_shdl_(un)subscribe().
138 138 *
139 139 */
140 140
141 141 #include <sys/uadmin.h>
142 142 #include <sys/wait.h>
143 143
144 144 #include <assert.h>
145 145 #include <errno.h>
146 146 #include <fcntl.h>
147 147 #include <fm/libfmevent.h>
148 148 #include <libscf.h>
149 149 #include <libscf_priv.h>
150 150 #include <librestart.h>
151 151 #include <libuutil.h>
152 152 #include <locale.h>
153 153 #include <poll.h>
154 154 #include <pthread.h>
155 155 #include <signal.h>
156 156 #include <stddef.h>
157 157 #include <stdio.h>
158 158 #include <stdlib.h>
159 159 #include <string.h>
160 160 #include <strings.h>
161 161 #include <sys/statvfs.h>
162 162 #include <sys/uadmin.h>
163 163 #include <zone.h>
164 164 #if defined(__x86)
165 165 #include <libbe.h>
166 166 #endif /* __x86 */
167 167
168 168 #include "startd.h"
169 169 #include "protocol.h"
170 170
171 171
172 172 #define MILESTONE_NONE ((graph_vertex_t *)1)
173 173
174 174 #define CONSOLE_LOGIN_FMRI "svc:/system/console-login:default"
175 175 #define FS_MINIMAL_FMRI "svc:/system/filesystem/minimal:default"
176 176
177 177 #define VERTEX_REMOVED 0 /* vertex has been freed */
178 178 #define VERTEX_INUSE 1 /* vertex is still in use */
179 179
180 180 #define IS_ENABLED(v) ((v)->gv_flags & (GV_ENABLED | GV_ENBLD_NOOVR))
181 181
182 182 /*
183 183 * stn_global holds the tset for the system wide notification parameters.
184 184 * It is updated on refresh of svc:/system/svc/global:default
185 185 *
186 186 * There are two assumptions that relax the need for a mutex:
187 187 * 1. 32-bit value assignments are atomic
188 188 * 2. Its value is consumed only in one point at
189 189 * dgraph_state_transition_notify(). There are no test and set races.
190 190 *
191 191 * If either assumption is broken, we'll need a mutex to synchronize
192 192 * access to stn_global
193 193 */
194 194 int32_t stn_global;
195 195 /*
196 196 * info_events_all holds a flag to override notification parameters and send
197 197 * Information events for all state transitions.
198 198 * same about the need of a mutex here.
199 199 */
200 200 int info_events_all;
201 201
202 202 /*
203 203 * Services in these states are not considered 'down' by the
|
↓ open down ↓ |
203 lines elided |
↑ open up ↑ |
204 204 * milestone/shutdown code.
205 205 */
206 206 #define up_state(state) ((state) == RESTARTER_STATE_ONLINE || \
207 207 (state) == RESTARTER_STATE_DEGRADED || \
208 208 (state) == RESTARTER_STATE_OFFLINE)
209 209
210 210 #define is_depgrp_bypassed(v) ((v->gv_type == GVT_GROUP) && \
211 211 ((v->gv_depgroup == DEPGRP_EXCLUDE_ALL) || \
212 212 (v->gv_restart < RERR_RESTART)))
213 213
214 +#define is_inst_bypassed(v) ((v->gv_type == GVT_INST) && \
215 + ((v->gv_flags & GV_TODISABLE) || \
216 + (v->gv_flags & GV_TOOFFLINE)))
217 +
214 218 static uu_list_pool_t *graph_edge_pool, *graph_vertex_pool;
215 219 static uu_list_t *dgraph;
216 220 static pthread_mutex_t dgraph_lock;
217 221
218 222 /*
219 223 * milestone indicates the current subgraph. When NULL, it is the entire
220 224 * graph. When MILESTONE_NONE, it is the empty graph. Otherwise, it is all
221 225 * services on which the target vertex depends.
222 226 */
223 227 static graph_vertex_t *milestone = NULL;
224 228 static boolean_t initial_milestone_set = B_FALSE;
225 229 static pthread_cond_t initial_milestone_cv = PTHREAD_COND_INITIALIZER;
226 230
227 231 /* protected by dgraph_lock */
228 232 static boolean_t sulogin_thread_running = B_FALSE;
229 233 static boolean_t sulogin_running = B_FALSE;
230 234 static boolean_t console_login_ready = B_FALSE;
231 235
232 236 /* Number of services to come down to complete milestone transition. */
233 237 static uint_t non_subgraph_svcs;
234 238
235 239 /*
236 240 * These variables indicate what should be done when we reach the milestone
237 241 * target milestone, i.e., when non_subgraph_svcs == 0. They are acted upon in
238 242 * dgraph_set_instance_state().
239 243 */
240 244 static int halting = -1;
241 245 static boolean_t go_single_user_mode = B_FALSE;
242 246 static boolean_t go_to_level1 = B_FALSE;
243 247
244 248 /*
245 249 * Tracks when we started halting.
246 250 */
247 251 static time_t halting_time = 0;
248 252
249 253 /*
250 254 * This tracks the legacy runlevel to ensure we signal init and manage
251 255 * utmpx entries correctly.
252 256 */
253 257 static char current_runlevel = '\0';
254 258
255 259 /* Number of single user threads currently running */
256 260 static pthread_mutex_t single_user_thread_lock;
257 261 static int single_user_thread_count = 0;
258 262
259 263 /* Statistics for dependency cycle-checking */
260 264 static u_longlong_t dep_inserts = 0;
261 265 static u_longlong_t dep_cycle_ns = 0;
262 266 static u_longlong_t dep_insert_ns = 0;
263 267
264 268
265 269 static const char * const emsg_invalid_restarter =
266 270 "Transitioning %s to maintenance, restarter FMRI %s is invalid "
267 271 "(see 'svcs -xv' for details).\n";
268 272 static const char * const console_login_fmri = CONSOLE_LOGIN_FMRI;
269 273 static const char * const single_user_fmri = SCF_MILESTONE_SINGLE_USER;
270 274 static const char * const multi_user_fmri = SCF_MILESTONE_MULTI_USER;
271 275 static const char * const multi_user_svr_fmri = SCF_MILESTONE_MULTI_USER_SERVER;
272 276
273 277
274 278 /*
275 279 * These services define the system being "up". If none of them can come
276 280 * online, then we will run sulogin on the console. Note that the install ones
277 281 * are for the miniroot and when installing CDs after the first. can_come_up()
278 282 * does the decision making, and an sulogin_thread() runs sulogin, which can be
279 283 * started by dgraph_set_instance_state() or single_user_thread().
280 284 *
281 285 * NOTE: can_come_up() relies on SCF_MILESTONE_SINGLE_USER being the first
282 286 * entry, which is only used when booting_to_single_user (boot -s) is set.
283 287 * This is because when doing a "boot -s", sulogin is started from specials.c
284 288 * after milestone/single-user comes online, for backwards compatibility.
285 289 * In this case, SCF_MILESTONE_SINGLE_USER needs to be part of up_svcs
286 290 * to ensure sulogin will be spawned if milestone/single-user cannot be reached.
287 291 */
288 292 static const char * const up_svcs[] = {
289 293 SCF_MILESTONE_SINGLE_USER,
290 294 CONSOLE_LOGIN_FMRI,
291 295 "svc:/system/install-setup:default",
292 296 "svc:/system/install:default",
293 297 NULL
294 298 };
295 299
296 300 /* This array must have an element for each non-NULL element of up_svcs[]. */
297 301 static graph_vertex_t *up_svcs_p[] = { NULL, NULL, NULL, NULL };
298 302
299 303 /* These are for seed repository magic. See can_come_up(). */
300 304 static const char * const manifest_import = SCF_INSTANCE_MI;
301 305 static graph_vertex_t *manifest_import_p = NULL;
302 306
303 307
304 308 static char target_milestone_as_runlevel(void);
305 309 static void graph_runlevel_changed(char rl, int online);
306 310 static int dgraph_set_milestone(const char *, scf_handle_t *, boolean_t);
307 311 static boolean_t should_be_in_subgraph(graph_vertex_t *v);
308 312 static int mark_subtree(graph_edge_t *, void *);
309 313 static boolean_t insubtree_dependents_down(graph_vertex_t *);
310 314
311 315 /*
312 316 * graph_vertex_compare()
313 317 * This function can compare either int *id or * graph_vertex_t *gv
314 318 * values, as the vertex id is always the first element of a
315 319 * graph_vertex structure.
316 320 */
317 321 /* ARGSUSED */
318 322 static int
319 323 graph_vertex_compare(const void *lc_arg, const void *rc_arg, void *private)
320 324 {
321 325 int lc_id = ((const graph_vertex_t *)lc_arg)->gv_id;
322 326 int rc_id = *(int *)rc_arg;
323 327
324 328 if (lc_id > rc_id)
325 329 return (1);
326 330 if (lc_id < rc_id)
327 331 return (-1);
328 332 return (0);
329 333 }
330 334
331 335 void
332 336 graph_init()
333 337 {
334 338 graph_edge_pool = startd_list_pool_create("graph_edges",
335 339 sizeof (graph_edge_t), offsetof(graph_edge_t, ge_link), NULL,
336 340 UU_LIST_POOL_DEBUG);
337 341 assert(graph_edge_pool != NULL);
338 342
339 343 graph_vertex_pool = startd_list_pool_create("graph_vertices",
340 344 sizeof (graph_vertex_t), offsetof(graph_vertex_t, gv_link),
341 345 graph_vertex_compare, UU_LIST_POOL_DEBUG);
342 346 assert(graph_vertex_pool != NULL);
343 347
344 348 (void) pthread_mutex_init(&dgraph_lock, &mutex_attrs);
345 349 (void) pthread_mutex_init(&single_user_thread_lock, &mutex_attrs);
346 350 dgraph = startd_list_create(graph_vertex_pool, NULL, UU_LIST_SORTED);
347 351 assert(dgraph != NULL);
348 352
349 353 if (!st->st_initial)
350 354 current_runlevel = utmpx_get_runlevel();
351 355
352 356 log_framework(LOG_DEBUG, "Initialized graph\n");
353 357 }
354 358
355 359 static graph_vertex_t *
356 360 vertex_get_by_name(const char *name)
357 361 {
358 362 int id;
359 363
360 364 assert(MUTEX_HELD(&dgraph_lock));
361 365
362 366 id = dict_lookup_byname(name);
363 367 if (id == -1)
364 368 return (NULL);
365 369
366 370 return (uu_list_find(dgraph, &id, NULL, NULL));
367 371 }
368 372
369 373 static graph_vertex_t *
370 374 vertex_get_by_id(int id)
371 375 {
372 376 assert(MUTEX_HELD(&dgraph_lock));
373 377
374 378 if (id == -1)
375 379 return (NULL);
376 380
377 381 return (uu_list_find(dgraph, &id, NULL, NULL));
378 382 }
379 383
380 384 /*
381 385 * Creates a new vertex with the given name, adds it to the graph, and returns
382 386 * a pointer to it. The graph lock must be held by this thread on entry.
383 387 */
384 388 static graph_vertex_t *
385 389 graph_add_vertex(const char *name)
386 390 {
387 391 int id;
388 392 graph_vertex_t *v;
389 393 void *p;
390 394 uu_list_index_t idx;
391 395
392 396 assert(MUTEX_HELD(&dgraph_lock));
393 397
394 398 id = dict_insert(name);
395 399
396 400 v = startd_zalloc(sizeof (*v));
397 401
398 402 v->gv_id = id;
399 403
400 404 v->gv_name = startd_alloc(strlen(name) + 1);
401 405 (void) strcpy(v->gv_name, name);
402 406
403 407 v->gv_dependencies = startd_list_create(graph_edge_pool, v, 0);
404 408 v->gv_dependents = startd_list_create(graph_edge_pool, v, 0);
405 409
406 410 p = uu_list_find(dgraph, &id, NULL, &idx);
407 411 assert(p == NULL);
408 412
409 413 uu_list_node_init(v, &v->gv_link, graph_vertex_pool);
410 414 uu_list_insert(dgraph, v, idx);
411 415
412 416 return (v);
413 417 }
414 418
415 419 /*
416 420 * Removes v from the graph and frees it. The graph should be locked by this
417 421 * thread, and v should have no edges associated with it.
418 422 */
419 423 static void
420 424 graph_remove_vertex(graph_vertex_t *v)
421 425 {
422 426 assert(MUTEX_HELD(&dgraph_lock));
423 427
424 428 assert(uu_list_numnodes(v->gv_dependencies) == 0);
425 429 assert(uu_list_numnodes(v->gv_dependents) == 0);
426 430 assert(v->gv_refs == 0);
427 431
428 432 startd_free(v->gv_name, strlen(v->gv_name) + 1);
429 433 uu_list_destroy(v->gv_dependencies);
430 434 uu_list_destroy(v->gv_dependents);
431 435 uu_list_remove(dgraph, v);
432 436
433 437 startd_free(v, sizeof (graph_vertex_t));
434 438 }
435 439
436 440 static void
437 441 graph_add_edge(graph_vertex_t *fv, graph_vertex_t *tv)
438 442 {
439 443 graph_edge_t *e, *re;
440 444 int r;
441 445
442 446 assert(MUTEX_HELD(&dgraph_lock));
443 447
444 448 e = startd_alloc(sizeof (graph_edge_t));
445 449 re = startd_alloc(sizeof (graph_edge_t));
446 450
447 451 e->ge_parent = fv;
448 452 e->ge_vertex = tv;
449 453
450 454 re->ge_parent = tv;
451 455 re->ge_vertex = fv;
452 456
453 457 uu_list_node_init(e, &e->ge_link, graph_edge_pool);
454 458 r = uu_list_insert_before(fv->gv_dependencies, NULL, e);
455 459 assert(r == 0);
456 460
457 461 uu_list_node_init(re, &re->ge_link, graph_edge_pool);
458 462 r = uu_list_insert_before(tv->gv_dependents, NULL, re);
459 463 assert(r == 0);
460 464 }
461 465
462 466 static void
463 467 graph_remove_edge(graph_vertex_t *v, graph_vertex_t *dv)
464 468 {
465 469 graph_edge_t *e;
466 470
467 471 for (e = uu_list_first(v->gv_dependencies);
468 472 e != NULL;
469 473 e = uu_list_next(v->gv_dependencies, e)) {
470 474 if (e->ge_vertex == dv) {
471 475 uu_list_remove(v->gv_dependencies, e);
472 476 startd_free(e, sizeof (graph_edge_t));
473 477 break;
474 478 }
475 479 }
476 480
477 481 for (e = uu_list_first(dv->gv_dependents);
478 482 e != NULL;
479 483 e = uu_list_next(dv->gv_dependents, e)) {
480 484 if (e->ge_vertex == v) {
481 485 uu_list_remove(dv->gv_dependents, e);
482 486 startd_free(e, sizeof (graph_edge_t));
483 487 break;
484 488 }
485 489 }
486 490 }
487 491
488 492 static void
489 493 remove_inst_vertex(graph_vertex_t *v)
490 494 {
491 495 graph_edge_t *e;
492 496 graph_vertex_t *sv;
493 497 int i;
494 498
495 499 assert(MUTEX_HELD(&dgraph_lock));
496 500 assert(uu_list_numnodes(v->gv_dependents) == 1);
497 501 assert(uu_list_numnodes(v->gv_dependencies) == 0);
498 502 assert(v->gv_refs == 0);
499 503 assert((v->gv_flags & GV_CONFIGURED) == 0);
500 504
501 505 e = uu_list_first(v->gv_dependents);
502 506 sv = e->ge_vertex;
503 507 graph_remove_edge(sv, v);
504 508
505 509 for (i = 0; up_svcs[i] != NULL; ++i) {
506 510 if (up_svcs_p[i] == v)
507 511 up_svcs_p[i] = NULL;
508 512 }
509 513
510 514 if (manifest_import_p == v)
511 515 manifest_import_p = NULL;
512 516
513 517 graph_remove_vertex(v);
514 518
515 519 if (uu_list_numnodes(sv->gv_dependencies) == 0 &&
516 520 uu_list_numnodes(sv->gv_dependents) == 0 &&
517 521 sv->gv_refs == 0)
518 522 graph_remove_vertex(sv);
519 523 }
520 524
521 525 static void
522 526 graph_walk_dependents(graph_vertex_t *v, void (*func)(graph_vertex_t *, void *),
523 527 void *arg)
524 528 {
525 529 graph_edge_t *e;
526 530
527 531 for (e = uu_list_first(v->gv_dependents);
528 532 e != NULL;
529 533 e = uu_list_next(v->gv_dependents, e))
530 534 func(e->ge_vertex, arg);
531 535 }
532 536
533 537 static void
534 538 graph_walk_dependencies(graph_vertex_t *v,
535 539 void (*func)(graph_vertex_t *, void *), void *arg)
536 540 {
537 541 graph_edge_t *e;
538 542
539 543 assert(MUTEX_HELD(&dgraph_lock));
540 544
541 545 for (e = uu_list_first(v->gv_dependencies);
542 546 e != NULL;
543 547 e = uu_list_next(v->gv_dependencies, e)) {
544 548
545 549 func(e->ge_vertex, arg);
546 550 }
547 551 }
548 552
549 553 /*
550 554 * Generic graph walking function.
551 555 *
552 556 * Given a vertex, this function will walk either dependencies
553 557 * (WALK_DEPENDENCIES) or dependents (WALK_DEPENDENTS) of a vertex recursively
554 558 * for the entire graph. It will avoid cycles and never visit the same vertex
555 559 * twice.
556 560 *
557 561 * We avoid traversing exclusion dependencies, because they are allowed to
558 562 * create cycles in the graph. When propagating satisfiability, there is no
559 563 * need to walk exclusion dependencies because exclude_all_satisfied() doesn't
560 564 * test for satisfiability.
561 565 *
562 566 * The walker takes two callbacks. The first is called before examining the
563 567 * dependents of each vertex. The second is called on each vertex after
564 568 * examining its dependents. This allows is_path_to() to construct a path only
565 569 * after the target vertex has been found.
566 570 */
567 571 typedef enum {
568 572 WALK_DEPENDENTS,
569 573 WALK_DEPENDENCIES
570 574 } graph_walk_dir_t;
571 575
572 576 typedef int (*graph_walk_cb_t)(graph_vertex_t *, void *);
573 577
574 578 typedef struct graph_walk_info {
575 579 graph_walk_dir_t gi_dir;
576 580 uchar_t *gi_visited; /* vertex bitmap */
577 581 int (*gi_pre)(graph_vertex_t *, void *);
578 582 void (*gi_post)(graph_vertex_t *, void *);
579 583 void *gi_arg; /* callback arg */
580 584 int gi_ret; /* return value */
581 585 } graph_walk_info_t;
582 586
583 587 static int
584 588 graph_walk_recurse(graph_edge_t *e, graph_walk_info_t *gip)
585 589 {
586 590 uu_list_t *list;
587 591 int r;
588 592 graph_vertex_t *v = e->ge_vertex;
589 593 int i;
590 594 uint_t b;
591 595
592 596 i = v->gv_id / 8;
593 597 b = 1 << (v->gv_id % 8);
594 598
595 599 /*
596 600 * Check to see if we've visited this vertex already.
597 601 */
598 602 if (gip->gi_visited[i] & b)
599 603 return (UU_WALK_NEXT);
600 604
601 605 gip->gi_visited[i] |= b;
602 606
603 607 /*
604 608 * Don't follow exclusions.
605 609 */
606 610 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
607 611 return (UU_WALK_NEXT);
608 612
609 613 /*
610 614 * Call pre-visit callback. If this doesn't terminate the walk,
611 615 * continue search.
612 616 */
613 617 if ((gip->gi_ret = gip->gi_pre(v, gip->gi_arg)) == UU_WALK_NEXT) {
614 618 /*
615 619 * Recurse using appropriate list.
616 620 */
617 621 if (gip->gi_dir == WALK_DEPENDENTS)
618 622 list = v->gv_dependents;
619 623 else
620 624 list = v->gv_dependencies;
621 625
622 626 r = uu_list_walk(list, (uu_walk_fn_t *)graph_walk_recurse,
623 627 gip, 0);
624 628 assert(r == 0);
625 629 }
626 630
627 631 /*
628 632 * Callbacks must return either UU_WALK_NEXT or UU_WALK_DONE.
629 633 */
630 634 assert(gip->gi_ret == UU_WALK_NEXT || gip->gi_ret == UU_WALK_DONE);
631 635
632 636 /*
633 637 * If given a post-callback, call the function for every vertex.
634 638 */
635 639 if (gip->gi_post != NULL)
636 640 (void) gip->gi_post(v, gip->gi_arg);
637 641
638 642 /*
639 643 * Preserve the callback's return value. If the callback returns
640 644 * UU_WALK_DONE, then we propagate that to the caller in order to
641 645 * terminate the walk.
642 646 */
643 647 return (gip->gi_ret);
644 648 }
645 649
646 650 static void
647 651 graph_walk(graph_vertex_t *v, graph_walk_dir_t dir,
648 652 int (*pre)(graph_vertex_t *, void *),
649 653 void (*post)(graph_vertex_t *, void *), void *arg)
650 654 {
651 655 graph_walk_info_t gi;
652 656 graph_edge_t fake;
653 657 size_t sz = dictionary->dict_new_id / 8 + 1;
654 658
655 659 gi.gi_visited = startd_zalloc(sz);
656 660 gi.gi_pre = pre;
657 661 gi.gi_post = post;
658 662 gi.gi_arg = arg;
659 663 gi.gi_dir = dir;
660 664 gi.gi_ret = 0;
661 665
662 666 /*
663 667 * Fake up an edge for the first iteration
664 668 */
665 669 fake.ge_vertex = v;
666 670 (void) graph_walk_recurse(&fake, &gi);
667 671
668 672 startd_free(gi.gi_visited, sz);
669 673 }
670 674
671 675 typedef struct child_search {
672 676 int id; /* id of vertex to look for */
673 677 uint_t depth; /* recursion depth */
674 678 /*
675 679 * While the vertex is not found, path is NULL. After the search, if
676 680 * the vertex was found then path should point to a -1-terminated
677 681 * array of vertex id's which constitute the path to the vertex.
678 682 */
679 683 int *path;
680 684 } child_search_t;
681 685
682 686 static int
683 687 child_pre(graph_vertex_t *v, void *arg)
684 688 {
685 689 child_search_t *cs = arg;
686 690
687 691 cs->depth++;
688 692
689 693 if (v->gv_id == cs->id) {
690 694 cs->path = startd_alloc((cs->depth + 1) * sizeof (int));
691 695 cs->path[cs->depth] = -1;
692 696 return (UU_WALK_DONE);
693 697 }
694 698
695 699 return (UU_WALK_NEXT);
696 700 }
697 701
698 702 static void
699 703 child_post(graph_vertex_t *v, void *arg)
700 704 {
701 705 child_search_t *cs = arg;
702 706
703 707 cs->depth--;
704 708
705 709 if (cs->path != NULL)
706 710 cs->path[cs->depth] = v->gv_id;
707 711 }
708 712
709 713 /*
710 714 * Look for a path from from to to. If one exists, returns a pointer to
711 715 * a NULL-terminated array of pointers to the vertices along the path. If
712 716 * there is no path, returns NULL.
713 717 */
714 718 static int *
715 719 is_path_to(graph_vertex_t *from, graph_vertex_t *to)
716 720 {
717 721 child_search_t cs;
718 722
719 723 cs.id = to->gv_id;
720 724 cs.depth = 0;
721 725 cs.path = NULL;
722 726
723 727 graph_walk(from, WALK_DEPENDENCIES, child_pre, child_post, &cs);
724 728
725 729 return (cs.path);
726 730 }
727 731
728 732 /*
729 733 * Given an array of int's as returned by is_path_to, allocates a string of
730 734 * their names joined by newlines. Returns the size of the allocated buffer
731 735 * in *sz and frees path.
732 736 */
733 737 static void
734 738 path_to_str(int *path, char **cpp, size_t *sz)
735 739 {
736 740 int i;
737 741 graph_vertex_t *v;
738 742 size_t allocd, new_allocd;
739 743 char *new, *name;
740 744
741 745 assert(MUTEX_HELD(&dgraph_lock));
742 746 assert(path[0] != -1);
743 747
744 748 allocd = 1;
745 749 *cpp = startd_alloc(1);
746 750 (*cpp)[0] = '\0';
747 751
748 752 for (i = 0; path[i] != -1; ++i) {
749 753 name = NULL;
750 754
751 755 v = vertex_get_by_id(path[i]);
752 756
753 757 if (v == NULL)
754 758 name = "<deleted>";
755 759 else if (v->gv_type == GVT_INST || v->gv_type == GVT_SVC)
756 760 name = v->gv_name;
757 761
758 762 if (name != NULL) {
759 763 new_allocd = allocd + strlen(name) + 1;
760 764 new = startd_alloc(new_allocd);
761 765 (void) strcpy(new, *cpp);
762 766 (void) strcat(new, name);
763 767 (void) strcat(new, "\n");
764 768
765 769 startd_free(*cpp, allocd);
766 770
767 771 *cpp = new;
768 772 allocd = new_allocd;
769 773 }
770 774 }
771 775
772 776 startd_free(path, sizeof (int) * (i + 1));
773 777
774 778 *sz = allocd;
775 779 }
776 780
777 781
778 782 /*
779 783 * This function along with run_sulogin() implements an exclusion relationship
780 784 * between system/console-login and sulogin. run_sulogin() will fail if
781 785 * system/console-login is online, and the graph engine should call
782 786 * graph_clogin_start() to bring system/console-login online, which defers the
783 787 * start if sulogin is running.
784 788 */
785 789 static void
786 790 graph_clogin_start(graph_vertex_t *v)
787 791 {
788 792 assert(MUTEX_HELD(&dgraph_lock));
789 793
790 794 if (sulogin_running)
791 795 console_login_ready = B_TRUE;
792 796 else
793 797 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
794 798 }
795 799
796 800 static void
797 801 graph_su_start(graph_vertex_t *v)
798 802 {
799 803 /*
800 804 * /etc/inittab used to have the initial /sbin/rcS as a 'sysinit'
801 805 * entry with a runlevel of 'S', before jumping to the final
802 806 * target runlevel (as set in initdefault). We mimic that legacy
803 807 * behavior here.
804 808 */
805 809 utmpx_set_runlevel('S', '0', B_FALSE);
806 810 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
807 811 }
808 812
809 813 static void
810 814 graph_post_su_online(void)
811 815 {
812 816 graph_runlevel_changed('S', 1);
813 817 }
814 818
815 819 static void
816 820 graph_post_su_disable(void)
817 821 {
818 822 graph_runlevel_changed('S', 0);
819 823 }
820 824
821 825 static void
822 826 graph_post_mu_online(void)
823 827 {
824 828 graph_runlevel_changed('2', 1);
825 829 }
826 830
827 831 static void
828 832 graph_post_mu_disable(void)
829 833 {
830 834 graph_runlevel_changed('2', 0);
831 835 }
832 836
833 837 static void
834 838 graph_post_mus_online(void)
835 839 {
836 840 graph_runlevel_changed('3', 1);
837 841 }
838 842
839 843 static void
840 844 graph_post_mus_disable(void)
841 845 {
842 846 graph_runlevel_changed('3', 0);
843 847 }
844 848
845 849 static struct special_vertex_info {
846 850 const char *name;
847 851 void (*start_f)(graph_vertex_t *);
848 852 void (*post_online_f)(void);
849 853 void (*post_disable_f)(void);
850 854 } special_vertices[] = {
851 855 { CONSOLE_LOGIN_FMRI, graph_clogin_start, NULL, NULL },
852 856 { SCF_MILESTONE_SINGLE_USER, graph_su_start,
853 857 graph_post_su_online, graph_post_su_disable },
854 858 { SCF_MILESTONE_MULTI_USER, NULL,
855 859 graph_post_mu_online, graph_post_mu_disable },
856 860 { SCF_MILESTONE_MULTI_USER_SERVER, NULL,
857 861 graph_post_mus_online, graph_post_mus_disable },
858 862 { NULL },
859 863 };
860 864
861 865
862 866 void
863 867 vertex_send_event(graph_vertex_t *v, restarter_event_type_t e)
864 868 {
865 869 switch (e) {
866 870 case RESTARTER_EVENT_TYPE_ADD_INSTANCE:
867 871 assert(v->gv_state == RESTARTER_STATE_UNINIT);
868 872
869 873 MUTEX_LOCK(&st->st_load_lock);
870 874 st->st_load_instances++;
871 875 MUTEX_UNLOCK(&st->st_load_lock);
872 876 break;
873 877
874 878 case RESTARTER_EVENT_TYPE_ENABLE:
875 879 log_framework(LOG_DEBUG, "Enabling %s.\n", v->gv_name);
876 880 assert(v->gv_state == RESTARTER_STATE_UNINIT ||
877 881 v->gv_state == RESTARTER_STATE_DISABLED ||
878 882 v->gv_state == RESTARTER_STATE_MAINT);
879 883 break;
880 884
881 885 case RESTARTER_EVENT_TYPE_DISABLE:
882 886 case RESTARTER_EVENT_TYPE_ADMIN_DISABLE:
883 887 log_framework(LOG_DEBUG, "Disabling %s.\n", v->gv_name);
884 888 assert(v->gv_state != RESTARTER_STATE_DISABLED);
885 889 break;
886 890
887 891 case RESTARTER_EVENT_TYPE_STOP_RESET:
888 892 case RESTARTER_EVENT_TYPE_STOP:
889 893 log_framework(LOG_DEBUG, "Stopping %s.\n", v->gv_name);
890 894 assert(v->gv_state == RESTARTER_STATE_DEGRADED ||
891 895 v->gv_state == RESTARTER_STATE_ONLINE);
892 896 break;
893 897
894 898 case RESTARTER_EVENT_TYPE_START:
895 899 log_framework(LOG_DEBUG, "Starting %s.\n", v->gv_name);
896 900 assert(v->gv_state == RESTARTER_STATE_OFFLINE);
897 901 break;
898 902
899 903 case RESTARTER_EVENT_TYPE_REMOVE_INSTANCE:
900 904 case RESTARTER_EVENT_TYPE_ADMIN_DEGRADED:
901 905 case RESTARTER_EVENT_TYPE_ADMIN_REFRESH:
902 906 case RESTARTER_EVENT_TYPE_ADMIN_RESTART:
903 907 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_OFF:
904 908 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON:
905 909 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON_IMMEDIATE:
906 910 case RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE:
907 911 case RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY:
908 912 break;
909 913
910 914 default:
911 915 #ifndef NDEBUG
912 916 uu_warn("%s:%d: Bad event %d.\n", __FILE__, __LINE__, e);
913 917 #endif
914 918 abort();
915 919 }
916 920
917 921 restarter_protocol_send_event(v->gv_name, v->gv_restarter_channel, e,
918 922 v->gv_reason);
919 923 }
920 924
921 925 static void
922 926 graph_unset_restarter(graph_vertex_t *v)
923 927 {
924 928 assert(MUTEX_HELD(&dgraph_lock));
925 929 assert(v->gv_flags & GV_CONFIGURED);
926 930
927 931 vertex_send_event(v, RESTARTER_EVENT_TYPE_REMOVE_INSTANCE);
928 932
929 933 if (v->gv_restarter_id != -1) {
930 934 graph_vertex_t *rv;
931 935
932 936 rv = vertex_get_by_id(v->gv_restarter_id);
933 937 graph_remove_edge(v, rv);
934 938 }
935 939
936 940 v->gv_restarter_id = -1;
937 941 v->gv_restarter_channel = NULL;
938 942 }
939 943
940 944 /*
941 945 * Return VERTEX_REMOVED when the vertex passed in argument is deleted from the
942 946 * dgraph otherwise return VERTEX_INUSE.
943 947 */
944 948 static int
945 949 free_if_unrefed(graph_vertex_t *v)
946 950 {
947 951 assert(MUTEX_HELD(&dgraph_lock));
948 952
949 953 if (v->gv_refs > 0)
950 954 return (VERTEX_INUSE);
951 955
952 956 if (v->gv_type == GVT_SVC &&
953 957 uu_list_numnodes(v->gv_dependents) == 0 &&
954 958 uu_list_numnodes(v->gv_dependencies) == 0) {
955 959 graph_remove_vertex(v);
956 960 return (VERTEX_REMOVED);
957 961 } else if (v->gv_type == GVT_INST &&
958 962 (v->gv_flags & GV_CONFIGURED) == 0 &&
959 963 uu_list_numnodes(v->gv_dependents) == 1 &&
960 964 uu_list_numnodes(v->gv_dependencies) == 0) {
961 965 remove_inst_vertex(v);
962 966 return (VERTEX_REMOVED);
963 967 }
964 968
965 969 return (VERTEX_INUSE);
966 970 }
967 971
968 972 static void
969 973 delete_depgroup(graph_vertex_t *v)
970 974 {
971 975 graph_edge_t *e;
972 976 graph_vertex_t *dv;
973 977
974 978 assert(MUTEX_HELD(&dgraph_lock));
975 979 assert(v->gv_type == GVT_GROUP);
976 980 assert(uu_list_numnodes(v->gv_dependents) == 0);
977 981
978 982 while ((e = uu_list_first(v->gv_dependencies)) != NULL) {
979 983 dv = e->ge_vertex;
980 984
981 985 graph_remove_edge(v, dv);
982 986
983 987 switch (dv->gv_type) {
984 988 case GVT_INST: /* instance dependency */
985 989 case GVT_SVC: /* service dependency */
986 990 (void) free_if_unrefed(dv);
987 991 break;
988 992
989 993 case GVT_FILE: /* file dependency */
990 994 assert(uu_list_numnodes(dv->gv_dependencies) == 0);
991 995 if (uu_list_numnodes(dv->gv_dependents) == 0)
992 996 graph_remove_vertex(dv);
993 997 break;
994 998
995 999 default:
996 1000 #ifndef NDEBUG
997 1001 uu_warn("%s:%d: Unexpected node type %d", __FILE__,
998 1002 __LINE__, dv->gv_type);
999 1003 #endif
1000 1004 abort();
1001 1005 }
1002 1006 }
1003 1007
1004 1008 graph_remove_vertex(v);
1005 1009 }
1006 1010
1007 1011 static int
1008 1012 delete_instance_deps_cb(graph_edge_t *e, void **ptrs)
1009 1013 {
1010 1014 graph_vertex_t *v = ptrs[0];
1011 1015 boolean_t delete_restarter_dep = (boolean_t)ptrs[1];
1012 1016 graph_vertex_t *dv;
1013 1017
1014 1018 dv = e->ge_vertex;
1015 1019
1016 1020 /*
1017 1021 * We have four possibilities here:
1018 1022 * - GVT_INST: restarter
1019 1023 * - GVT_GROUP - GVT_INST: instance dependency
1020 1024 * - GVT_GROUP - GVT_SVC - GV_INST: service dependency
1021 1025 * - GVT_GROUP - GVT_FILE: file dependency
1022 1026 */
1023 1027 switch (dv->gv_type) {
1024 1028 case GVT_INST: /* restarter */
1025 1029 assert(dv->gv_id == v->gv_restarter_id);
1026 1030 if (delete_restarter_dep)
1027 1031 graph_remove_edge(v, dv);
1028 1032 break;
1029 1033
1030 1034 case GVT_GROUP: /* pg dependency */
1031 1035 graph_remove_edge(v, dv);
1032 1036 delete_depgroup(dv);
1033 1037 break;
1034 1038
1035 1039 case GVT_FILE:
1036 1040 /* These are currently not direct dependencies */
1037 1041
1038 1042 default:
1039 1043 #ifndef NDEBUG
1040 1044 uu_warn("%s:%d: Bad vertex type %d.\n", __FILE__, __LINE__,
1041 1045 dv->gv_type);
1042 1046 #endif
1043 1047 abort();
1044 1048 }
1045 1049
1046 1050 return (UU_WALK_NEXT);
1047 1051 }
1048 1052
1049 1053 static void
1050 1054 delete_instance_dependencies(graph_vertex_t *v, boolean_t delete_restarter_dep)
1051 1055 {
1052 1056 void *ptrs[2];
1053 1057 int r;
1054 1058
1055 1059 assert(MUTEX_HELD(&dgraph_lock));
1056 1060 assert(v->gv_type == GVT_INST);
1057 1061
1058 1062 ptrs[0] = v;
1059 1063 ptrs[1] = (void *)delete_restarter_dep;
1060 1064
1061 1065 r = uu_list_walk(v->gv_dependencies,
1062 1066 (uu_walk_fn_t *)delete_instance_deps_cb, &ptrs, UU_WALK_ROBUST);
1063 1067 assert(r == 0);
1064 1068 }
1065 1069
1066 1070 /*
1067 1071 * int graph_insert_vertex_unconfigured()
1068 1072 * Insert a vertex without sending any restarter events. If the vertex
1069 1073 * already exists or creation is successful, return a pointer to it in *vp.
1070 1074 *
1071 1075 * If type is not GVT_GROUP, dt can remain unset.
1072 1076 *
1073 1077 * Returns 0, EEXIST, or EINVAL if the arguments are invalid (i.e., fmri
1074 1078 * doesn't agree with type, or type doesn't agree with dt).
1075 1079 */
1076 1080 static int
1077 1081 graph_insert_vertex_unconfigured(const char *fmri, gv_type_t type,
1078 1082 depgroup_type_t dt, restarter_error_t rt, graph_vertex_t **vp)
1079 1083 {
1080 1084 int r;
1081 1085 int i;
1082 1086
1083 1087 assert(MUTEX_HELD(&dgraph_lock));
1084 1088
1085 1089 switch (type) {
1086 1090 case GVT_SVC:
1087 1091 case GVT_INST:
1088 1092 if (strncmp(fmri, "svc:", sizeof ("svc:") - 1) != 0)
1089 1093 return (EINVAL);
1090 1094 break;
1091 1095
1092 1096 case GVT_FILE:
1093 1097 if (strncmp(fmri, "file:", sizeof ("file:") - 1) != 0)
1094 1098 return (EINVAL);
1095 1099 break;
1096 1100
1097 1101 case GVT_GROUP:
1098 1102 if (dt <= 0 || rt < 0)
1099 1103 return (EINVAL);
1100 1104 break;
1101 1105
1102 1106 default:
1103 1107 #ifndef NDEBUG
1104 1108 uu_warn("%s:%d: Unknown type %d.\n", __FILE__, __LINE__, type);
1105 1109 #endif
1106 1110 abort();
1107 1111 }
1108 1112
1109 1113 *vp = vertex_get_by_name(fmri);
1110 1114 if (*vp != NULL)
1111 1115 return (EEXIST);
1112 1116
1113 1117 *vp = graph_add_vertex(fmri);
1114 1118
1115 1119 (*vp)->gv_type = type;
1116 1120 (*vp)->gv_depgroup = dt;
1117 1121 (*vp)->gv_restart = rt;
1118 1122
1119 1123 (*vp)->gv_flags = 0;
1120 1124 (*vp)->gv_state = RESTARTER_STATE_NONE;
1121 1125
1122 1126 for (i = 0; special_vertices[i].name != NULL; ++i) {
1123 1127 if (strcmp(fmri, special_vertices[i].name) == 0) {
1124 1128 (*vp)->gv_start_f = special_vertices[i].start_f;
1125 1129 (*vp)->gv_post_online_f =
1126 1130 special_vertices[i].post_online_f;
1127 1131 (*vp)->gv_post_disable_f =
1128 1132 special_vertices[i].post_disable_f;
1129 1133 break;
1130 1134 }
1131 1135 }
1132 1136
1133 1137 (*vp)->gv_restarter_id = -1;
1134 1138 (*vp)->gv_restarter_channel = 0;
1135 1139
1136 1140 if (type == GVT_INST) {
1137 1141 char *sfmri;
1138 1142 graph_vertex_t *sv;
1139 1143
1140 1144 sfmri = inst_fmri_to_svc_fmri(fmri);
1141 1145 sv = vertex_get_by_name(sfmri);
1142 1146 if (sv == NULL) {
1143 1147 r = graph_insert_vertex_unconfigured(sfmri, GVT_SVC, 0,
1144 1148 0, &sv);
1145 1149 assert(r == 0);
1146 1150 }
1147 1151 startd_free(sfmri, max_scf_fmri_size);
1148 1152
1149 1153 graph_add_edge(sv, *vp);
1150 1154 }
1151 1155
1152 1156 /*
1153 1157 * If this vertex is in the subgraph, mark it as so, for both
1154 1158 * GVT_INST and GVT_SERVICE verteces.
1155 1159 * A GVT_SERVICE vertex can only be in the subgraph if another instance
1156 1160 * depends on it, in which case it's already been added to the graph
1157 1161 * and marked as in the subgraph (by refresh_vertex()). If a
1158 1162 * GVT_SERVICE vertex was freshly added (by the code above), it means
1159 1163 * that it has no dependents, and cannot be in the subgraph.
1160 1164 * Regardless of this, we still check that gv_flags includes
1161 1165 * GV_INSUBGRAPH in the event that future behavior causes the above
1162 1166 * code to add a GVT_SERVICE vertex which should be in the subgraph.
1163 1167 */
1164 1168
1165 1169 (*vp)->gv_flags |= (should_be_in_subgraph(*vp)? GV_INSUBGRAPH : 0);
1166 1170
1167 1171 return (0);
1168 1172 }
1169 1173
1170 1174 /*
1171 1175 * Returns 0 on success or ELOOP if the dependency would create a cycle.
1172 1176 */
1173 1177 static int
1174 1178 graph_insert_dependency(graph_vertex_t *fv, graph_vertex_t *tv, int **pathp)
1175 1179 {
1176 1180 hrtime_t now;
1177 1181
1178 1182 assert(MUTEX_HELD(&dgraph_lock));
1179 1183
1180 1184 /* cycle detection */
1181 1185 now = gethrtime();
1182 1186
1183 1187 /* Don't follow exclusions. */
1184 1188 if (!(fv->gv_type == GVT_GROUP &&
1185 1189 fv->gv_depgroup == DEPGRP_EXCLUDE_ALL)) {
1186 1190 *pathp = is_path_to(tv, fv);
1187 1191 if (*pathp)
1188 1192 return (ELOOP);
1189 1193 }
1190 1194
1191 1195 dep_cycle_ns += gethrtime() - now;
1192 1196 ++dep_inserts;
1193 1197 now = gethrtime();
1194 1198
1195 1199 graph_add_edge(fv, tv);
1196 1200
1197 1201 dep_insert_ns += gethrtime() - now;
1198 1202
1199 1203 /* Check if the dependency adds the "to" vertex to the subgraph */
1200 1204 tv->gv_flags |= (should_be_in_subgraph(tv) ? GV_INSUBGRAPH : 0);
1201 1205
1202 1206 return (0);
1203 1207 }
1204 1208
1205 1209 static int
1206 1210 inst_running(graph_vertex_t *v)
1207 1211 {
1208 1212 assert(v->gv_type == GVT_INST);
1209 1213
1210 1214 if (v->gv_state == RESTARTER_STATE_ONLINE ||
1211 1215 v->gv_state == RESTARTER_STATE_DEGRADED)
1212 1216 return (1);
1213 1217
1214 1218 return (0);
1215 1219 }
1216 1220
1217 1221 /*
1218 1222 * The dependency evaluation functions return
1219 1223 * 1 - dependency satisfied
1220 1224 * 0 - dependency unsatisfied
1221 1225 * -1 - dependency unsatisfiable (without administrator intervention)
1222 1226 *
1223 1227 * The functions also take a boolean satbility argument. When true, the
1224 1228 * functions may recurse in order to determine satisfiability.
1225 1229 */
1226 1230 static int require_any_satisfied(graph_vertex_t *, boolean_t);
1227 1231 static int dependency_satisfied(graph_vertex_t *, boolean_t);
1228 1232
1229 1233 /*
1230 1234 * A require_all dependency is unsatisfied if any elements are unsatisfied. It
1231 1235 * is unsatisfiable if any elements are unsatisfiable.
1232 1236 */
1233 1237 static int
1234 1238 require_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1235 1239 {
1236 1240 graph_edge_t *edge;
1237 1241 int i;
1238 1242 boolean_t any_unsatisfied;
1239 1243
1240 1244 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1241 1245 return (1);
1242 1246
1243 1247 any_unsatisfied = B_FALSE;
1244 1248
1245 1249 for (edge = uu_list_first(groupv->gv_dependencies);
1246 1250 edge != NULL;
1247 1251 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1248 1252 i = dependency_satisfied(edge->ge_vertex, satbility);
1249 1253 if (i == 1)
1250 1254 continue;
1251 1255
1252 1256 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1253 1257 "require_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1254 1258 edge->ge_vertex->gv_name, i == 0 ? "ed" : "able");
1255 1259
1256 1260 if (!satbility)
1257 1261 return (0);
1258 1262
1259 1263 if (i == -1)
1260 1264 return (-1);
1261 1265
1262 1266 any_unsatisfied = B_TRUE;
1263 1267 }
1264 1268
1265 1269 return (any_unsatisfied ? 0 : 1);
1266 1270 }
1267 1271
1268 1272 /*
1269 1273 * A require_any dependency is satisfied if any element is satisfied. It is
1270 1274 * satisfiable if any element is satisfiable.
1271 1275 */
1272 1276 static int
1273 1277 require_any_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1274 1278 {
1275 1279 graph_edge_t *edge;
1276 1280 int s;
1277 1281 boolean_t satisfiable;
1278 1282
1279 1283 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1280 1284 return (1);
1281 1285
1282 1286 satisfiable = B_FALSE;
1283 1287
1284 1288 for (edge = uu_list_first(groupv->gv_dependencies);
1285 1289 edge != NULL;
1286 1290 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1287 1291 s = dependency_satisfied(edge->ge_vertex, satbility);
1288 1292
1289 1293 if (s == 1)
1290 1294 return (1);
|
↓ open down ↓ |
1067 lines elided |
↑ open up ↑ |
1291 1295
1292 1296 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1293 1297 "require_any(%s): %s is unsatisfi%s.\n",
1294 1298 groupv->gv_name, edge->ge_vertex->gv_name,
1295 1299 s == 0 ? "ed" : "able");
1296 1300
1297 1301 if (satbility && s == 0)
1298 1302 satisfiable = B_TRUE;
1299 1303 }
1300 1304
1301 - return (!satbility || satisfiable ? 0 : -1);
1305 + return ((!satbility || satisfiable) ? 0 : -1);
1302 1306 }
1303 1307
1304 1308 /*
1305 1309 * An optional_all dependency only considers elements which are configured,
1306 1310 * enabled, and not in maintenance. If any are unsatisfied, then the dependency
1307 1311 * is unsatisfied.
1308 1312 *
1309 1313 * Offline dependencies which are waiting for a dependency to come online are
1310 1314 * unsatisfied. Offline dependences which cannot possibly come online
1311 1315 * (unsatisfiable) are always considered satisfied.
1312 1316 */
1313 1317 static int
1314 1318 optional_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1315 1319 {
1316 1320 graph_edge_t *edge;
1317 1321 graph_vertex_t *v;
1318 1322 boolean_t any_qualified;
1319 1323 boolean_t any_unsatisfied;
1320 1324 int i;
1321 1325
1322 1326 any_qualified = B_FALSE;
1323 1327 any_unsatisfied = B_FALSE;
1324 1328
1325 1329 for (edge = uu_list_first(groupv->gv_dependencies);
1326 1330 edge != NULL;
1327 1331 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1328 1332 v = edge->ge_vertex;
1329 1333
|
↓ open down ↓ |
18 lines elided |
↑ open up ↑ |
1330 1334 switch (v->gv_type) {
1331 1335 case GVT_INST:
1332 1336 /* Skip missing instances */
1333 1337 if ((v->gv_flags & GV_CONFIGURED) == 0)
1334 1338 continue;
1335 1339
1336 1340 if (v->gv_state == RESTARTER_STATE_MAINT)
1337 1341 continue;
1338 1342
1339 1343 any_qualified = B_TRUE;
1340 - if (v->gv_state == RESTARTER_STATE_OFFLINE) {
1344 + if (v->gv_state == RESTARTER_STATE_OFFLINE ||
1345 + v->gv_state == RESTARTER_STATE_DISABLED) {
1341 1346 /*
1342 - * For offline dependencies, treat unsatisfiable
1343 - * as satisfied.
1347 + * For offline/disabled dependencies,
1348 + * treat unsatisfiable as satisfied.
1344 1349 */
1345 1350 i = dependency_satisfied(v, B_TRUE);
1346 1351 if (i == -1)
1347 1352 i = 1;
1348 - } else if (v->gv_state == RESTARTER_STATE_DISABLED) {
1349 - /*
1350 - * If the instance is transitioning out of
1351 - * disabled the dependency is temporarily
1352 - * unsatisfied (not unsatisfiable).
1353 - */
1354 - i = v->gv_flags & GV_ENABLED ? 0 : 1;
1355 1353 } else {
1356 1354 i = dependency_satisfied(v, satbility);
1357 1355 }
1358 1356 break;
1359 1357
1360 1358 case GVT_FILE:
1361 1359 any_qualified = B_TRUE;
1362 1360 i = dependency_satisfied(v, satbility);
1363 1361
1364 1362 break;
1365 1363
1366 1364 case GVT_SVC: {
1367 1365 any_qualified = B_TRUE;
1368 1366 i = optional_all_satisfied(v, satbility);
1369 1367
1370 1368 break;
1371 1369 }
1372 1370
1373 1371 case GVT_GROUP:
1374 1372 default:
1375 1373 #ifndef NDEBUG
1376 1374 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1377 1375 __LINE__, v->gv_type);
1378 1376 #endif
1379 1377 abort();
1380 1378 }
1381 1379
1382 1380 if (i == 1)
1383 1381 continue;
1384 1382
1385 1383 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1386 1384 "optional_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1387 1385 v->gv_name, i == 0 ? "ed" : "able");
1388 1386
1389 1387 if (!satbility)
1390 1388 return (0);
1391 1389 if (i == -1)
1392 1390 return (-1);
1393 1391 any_unsatisfied = B_TRUE;
1394 1392 }
1395 1393
1396 1394 if (!any_qualified)
1397 1395 return (1);
1398 1396
1399 1397 return (any_unsatisfied ? 0 : 1);
1400 1398 }
1401 1399
1402 1400 /*
1403 1401 * An exclude_all dependency is unsatisfied if any non-service element is
1404 1402 * satisfied or any service instance which is configured, enabled, and not in
1405 1403 * maintenance is satisfied. Usually when unsatisfied, it is also
1406 1404 * unsatisfiable.
1407 1405 */
1408 1406 #define LOG_EXCLUDE(u, v) \
1409 1407 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES, \
1410 1408 "exclude_all(%s): %s is satisfied.\n", \
1411 1409 (u)->gv_name, (v)->gv_name)
1412 1410
1413 1411 /* ARGSUSED */
1414 1412 static int
1415 1413 exclude_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1416 1414 {
1417 1415 graph_edge_t *edge, *e2;
1418 1416 graph_vertex_t *v, *v2;
1419 1417
1420 1418 for (edge = uu_list_first(groupv->gv_dependencies);
1421 1419 edge != NULL;
1422 1420 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1423 1421 v = edge->ge_vertex;
1424 1422
1425 1423 switch (v->gv_type) {
1426 1424 case GVT_INST:
1427 1425 if ((v->gv_flags & GV_CONFIGURED) == 0)
1428 1426 continue;
1429 1427
1430 1428 switch (v->gv_state) {
1431 1429 case RESTARTER_STATE_ONLINE:
1432 1430 case RESTARTER_STATE_DEGRADED:
1433 1431 LOG_EXCLUDE(groupv, v);
1434 1432 return (v->gv_flags & GV_ENABLED ? -1 : 0);
1435 1433
1436 1434 case RESTARTER_STATE_OFFLINE:
1437 1435 case RESTARTER_STATE_UNINIT:
1438 1436 LOG_EXCLUDE(groupv, v);
1439 1437 return (0);
1440 1438
1441 1439 case RESTARTER_STATE_DISABLED:
1442 1440 case RESTARTER_STATE_MAINT:
1443 1441 continue;
1444 1442
1445 1443 default:
1446 1444 #ifndef NDEBUG
1447 1445 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1448 1446 __FILE__, __LINE__, v->gv_state);
1449 1447 #endif
1450 1448 abort();
1451 1449 }
1452 1450 /* NOTREACHED */
1453 1451
1454 1452 case GVT_SVC:
1455 1453 break;
1456 1454
1457 1455 case GVT_FILE:
1458 1456 if (!file_ready(v))
1459 1457 continue;
1460 1458 LOG_EXCLUDE(groupv, v);
1461 1459 return (-1);
1462 1460
1463 1461 case GVT_GROUP:
1464 1462 default:
1465 1463 #ifndef NDEBUG
1466 1464 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1467 1465 __LINE__, v->gv_type);
1468 1466 #endif
1469 1467 abort();
1470 1468 }
1471 1469
1472 1470 /* v represents a service */
1473 1471 if (uu_list_numnodes(v->gv_dependencies) == 0)
1474 1472 continue;
1475 1473
1476 1474 for (e2 = uu_list_first(v->gv_dependencies);
1477 1475 e2 != NULL;
1478 1476 e2 = uu_list_next(v->gv_dependencies, e2)) {
1479 1477 v2 = e2->ge_vertex;
1480 1478 assert(v2->gv_type == GVT_INST);
1481 1479
1482 1480 if ((v2->gv_flags & GV_CONFIGURED) == 0)
1483 1481 continue;
1484 1482
1485 1483 switch (v2->gv_state) {
1486 1484 case RESTARTER_STATE_ONLINE:
1487 1485 case RESTARTER_STATE_DEGRADED:
1488 1486 LOG_EXCLUDE(groupv, v2);
1489 1487 return (v2->gv_flags & GV_ENABLED ? -1 : 0);
1490 1488
1491 1489 case RESTARTER_STATE_OFFLINE:
1492 1490 case RESTARTER_STATE_UNINIT:
1493 1491 LOG_EXCLUDE(groupv, v2);
1494 1492 return (0);
1495 1493
1496 1494 case RESTARTER_STATE_DISABLED:
1497 1495 case RESTARTER_STATE_MAINT:
1498 1496 continue;
1499 1497
1500 1498 default:
1501 1499 #ifndef NDEBUG
1502 1500 uu_warn("%s:%d: Unexpected vertex type %d.\n",
1503 1501 __FILE__, __LINE__, v2->gv_type);
1504 1502 #endif
1505 1503 abort();
1506 1504 }
1507 1505 }
1508 1506 }
1509 1507
1510 1508 return (1);
1511 1509 }
1512 1510
1513 1511 /*
1514 1512 * int instance_satisfied()
1515 1513 * Determine if all the dependencies are satisfied for the supplied instance
1516 1514 * vertex. Return 1 if they are, 0 if they aren't, and -1 if they won't be
1517 1515 * without administrator intervention.
1518 1516 */
1519 1517 static int
1520 1518 instance_satisfied(graph_vertex_t *v, boolean_t satbility)
1521 1519 {
1522 1520 assert(v->gv_type == GVT_INST);
1523 1521 assert(!inst_running(v));
1524 1522
1525 1523 return (require_all_satisfied(v, satbility));
1526 1524 }
1527 1525
1528 1526 /*
1529 1527 * Decide whether v can satisfy a dependency. v can either be a child of
1530 1528 * a group vertex, or of an instance vertex.
1531 1529 */
1532 1530 static int
1533 1531 dependency_satisfied(graph_vertex_t *v, boolean_t satbility)
1534 1532 {
1535 1533 switch (v->gv_type) {
1536 1534 case GVT_INST:
1537 1535 if ((v->gv_flags & GV_CONFIGURED) == 0) {
1538 1536 if (v->gv_flags & GV_DEATHROW) {
|
↓ open down ↓ |
174 lines elided |
↑ open up ↑ |
1539 1537 /*
1540 1538 * A dependency on an instance with GV_DEATHROW
1541 1539 * flag is always considered as satisfied.
1542 1540 */
1543 1541 return (1);
1544 1542 }
1545 1543 return (-1);
1546 1544 }
1547 1545
1548 1546 /*
1549 - * Any vertex with the GV_TODISABLE flag set is guaranteed
1550 - * to have its dependencies unsatisfiable. Any vertex with
1551 - * GV_TOOFFLINE may be satisfied after it transitions.
1547 + * Vertices may be transitioning so we try to figure out if
1548 + * the end state is likely to satisfy the dependency instead
1549 + * of assuming the dependency is unsatisfied/unsatisfiable.
1550 + *
1551 + * Support for optional_all dependencies depends on us getting
1552 + * this right because unsatisfiable dependencies are treated
1553 + * as being satisfied.
1552 1554 */
1553 - if (v->gv_flags & GV_TODISABLE)
1554 - return (-1);
1555 - if (v->gv_flags & GV_TOOFFLINE)
1556 - return (0);
1557 -
1558 1555 switch (v->gv_state) {
1559 1556 case RESTARTER_STATE_ONLINE:
1560 1557 case RESTARTER_STATE_DEGRADED:
1558 + if (v->gv_flags & GV_TODISABLE)
1559 + return (-1);
1560 + if (v->gv_flags & GV_TOOFFLINE)
1561 + return (0);
1561 1562 return (1);
1562 1563
1563 1564 case RESTARTER_STATE_OFFLINE:
1564 - if (!satbility)
1565 - return (0);
1565 + if (!satbility || v->gv_flags & GV_TODISABLE)
1566 + return (satbility ? -1 : 0);
1566 1567 return (instance_satisfied(v, satbility) != -1 ?
1567 1568 0 : -1);
1568 1569
1569 1570 case RESTARTER_STATE_DISABLED:
1571 + if (!satbility || !(v->gv_flags & GV_ENABLED))
1572 + return (satbility ? -1 : 0);
1573 + return (instance_satisfied(v, satbility) != -1 ?
1574 + 0 : -1);
1575 +
1570 1576 case RESTARTER_STATE_MAINT:
1571 1577 return (-1);
1572 1578
1573 1579 case RESTARTER_STATE_UNINIT:
1574 1580 return (0);
1575 1581
1576 1582 default:
1577 1583 #ifndef NDEBUG
1578 1584 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1579 1585 __FILE__, __LINE__, v->gv_state);
1580 1586 #endif
1581 1587 abort();
1582 1588 /* NOTREACHED */
1583 1589 }
1584 1590
1585 1591 case GVT_SVC:
1586 1592 if (uu_list_numnodes(v->gv_dependencies) == 0)
1587 1593 return (-1);
1588 1594 return (require_any_satisfied(v, satbility));
1589 1595
1590 1596 case GVT_FILE:
1591 1597 /* i.e., we assume files will not be automatically generated */
1592 1598 return (file_ready(v) ? 1 : -1);
1593 1599
1594 1600 case GVT_GROUP:
1595 1601 break;
1596 1602
1597 1603 default:
1598 1604 #ifndef NDEBUG
1599 1605 uu_warn("%s:%d: Unexpected node type %d.\n", __FILE__, __LINE__,
1600 1606 v->gv_type);
1601 1607 #endif
1602 1608 abort();
1603 1609 /* NOTREACHED */
1604 1610 }
1605 1611
1606 1612 switch (v->gv_depgroup) {
1607 1613 case DEPGRP_REQUIRE_ANY:
1608 1614 return (require_any_satisfied(v, satbility));
1609 1615
1610 1616 case DEPGRP_REQUIRE_ALL:
1611 1617 return (require_all_satisfied(v, satbility));
1612 1618
1613 1619 case DEPGRP_OPTIONAL_ALL:
1614 1620 return (optional_all_satisfied(v, satbility));
1615 1621
1616 1622 case DEPGRP_EXCLUDE_ALL:
1617 1623 return (exclude_all_satisfied(v, satbility));
1618 1624
1619 1625 default:
1620 1626 #ifndef NDEBUG
1621 1627 uu_warn("%s:%d: Unknown dependency grouping %d.\n", __FILE__,
1622 1628 __LINE__, v->gv_depgroup);
1623 1629 #endif
1624 1630 abort();
1625 1631 }
1626 1632 }
1627 1633
1628 1634 void
1629 1635 graph_start_if_satisfied(graph_vertex_t *v)
1630 1636 {
1631 1637 if (v->gv_state == RESTARTER_STATE_OFFLINE &&
1632 1638 instance_satisfied(v, B_FALSE) == 1) {
1633 1639 if (v->gv_start_f == NULL)
1634 1640 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
1635 1641 else
1636 1642 v->gv_start_f(v);
1637 1643 }
1638 1644 }
1639 1645
1640 1646 /*
1641 1647 * propagate_satbility()
1642 1648 *
1643 1649 * This function is used when the given vertex changes state in such a way that
1644 1650 * one of its dependents may become unsatisfiable. This happens when an
1645 1651 * instance transitions between offline -> online, or from !running ->
1646 1652 * maintenance, as well as when an instance is removed from the graph.
1647 1653 *
1648 1654 * We have to walk all the dependents, since optional_all dependencies several
1649 1655 * levels up could become (un)satisfied, instead of unsatisfiable. For example,
1650 1656 *
1651 1657 * +-----+ optional_all +-----+ require_all +-----+
1652 1658 * | A |--------------->| B |-------------->| C |
1653 1659 * +-----+ +-----+ +-----+
1654 1660 *
1655 1661 * offline -> maintenance
1656 1662 *
1657 1663 * If C goes into maintenance, it's not enough simply to check B. Because A has
1658 1664 * an optional dependency, what was previously an unsatisfiable situation is now
1659 1665 * satisfied (B will never come online, even though its state hasn't changed).
1660 1666 *
1661 1667 * Note that it's not necessary to continue examining dependents after reaching
|
↓ open down ↓ |
82 lines elided |
↑ open up ↑ |
1662 1668 * an optional_all dependency. It's not possible for an optional_all dependency
1663 1669 * to change satisfiability without also coming online, in which case we get a
1664 1670 * start event and propagation continues naturally. However, it does no harm to
1665 1671 * continue propagating satisfiability (as it is a relatively rare event), and
1666 1672 * keeps the walker code simple and generic.
1667 1673 */
1668 1674 /*ARGSUSED*/
1669 1675 static int
1670 1676 satbility_cb(graph_vertex_t *v, void *arg)
1671 1677 {
1672 - if (v->gv_flags & GV_TOOFFLINE)
1678 + if (is_inst_bypassed(v))
1673 1679 return (UU_WALK_NEXT);
1674 1680
1675 1681 if (v->gv_type == GVT_INST)
1676 1682 graph_start_if_satisfied(v);
1677 1683
1678 1684 return (UU_WALK_NEXT);
1679 1685 }
1680 1686
1681 1687 static void
1682 1688 propagate_satbility(graph_vertex_t *v)
1683 1689 {
1684 1690 graph_walk(v, WALK_DEPENDENTS, satbility_cb, NULL, NULL);
1685 1691 }
1686 1692
1687 1693 static void propagate_stop(graph_vertex_t *, void *);
1688 1694
1689 1695 /*
1690 1696 * propagate_start()
1691 1697 *
1692 1698 * This function is used to propagate a start event to the dependents of the
|
↓ open down ↓ |
10 lines elided |
↑ open up ↑ |
1693 1699 * given vertex. Any dependents that are offline but have their dependencies
1694 1700 * satisfied are started. Any dependents that are online and have restart_on
1695 1701 * set to "restart" or "refresh" are restarted because their dependencies have
1696 1702 * just changed. This only happens with optional_all dependencies.
1697 1703 */
1698 1704 static void
1699 1705 propagate_start(graph_vertex_t *v, void *arg)
1700 1706 {
1701 1707 restarter_error_t err = (restarter_error_t)arg;
1702 1708
1703 - if (v->gv_flags & GV_TOOFFLINE)
1709 + if (is_inst_bypassed(v))
1704 1710 return;
1705 1711
1706 1712 switch (v->gv_type) {
1707 1713 case GVT_INST:
1708 1714 /* Restarter */
1709 1715 if (inst_running(v)) {
1710 1716 if (err == RERR_RESTART || err == RERR_REFRESH) {
1711 1717 vertex_send_event(v,
1712 1718 RESTARTER_EVENT_TYPE_STOP_RESET);
1713 1719 }
1714 1720 } else {
1715 1721 graph_start_if_satisfied(v);
1716 1722 }
1717 1723 break;
1718 1724
1719 1725 case GVT_GROUP:
1720 1726 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1721 1727 graph_walk_dependents(v, propagate_stop,
1722 1728 (void *)RERR_RESTART);
1723 1729 break;
1724 1730 }
1725 1731 err = v->gv_restart;
1726 1732 /* FALLTHROUGH */
1727 1733
1728 1734 case GVT_SVC:
1729 1735 graph_walk_dependents(v, propagate_start, (void *)err);
1730 1736 break;
1731 1737
1732 1738 case GVT_FILE:
1733 1739 #ifndef NDEBUG
1734 1740 uu_warn("%s:%d: propagate_start() encountered GVT_FILE.\n",
1735 1741 __FILE__, __LINE__);
1736 1742 #endif
1737 1743 abort();
1738 1744 /* NOTREACHED */
1739 1745
1740 1746 default:
1741 1747 #ifndef NDEBUG
1742 1748 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1743 1749 v->gv_type);
1744 1750 #endif
1745 1751 abort();
1746 1752 }
1747 1753 }
1748 1754
1749 1755 /*
1750 1756 * propagate_stop()
1751 1757 *
1752 1758 * This function is used to propagate a stop event to the dependents of the
|
↓ open down ↓ |
39 lines elided |
↑ open up ↑ |
1753 1759 * given vertex. Any dependents that are online (or in degraded state) with
1754 1760 * the restart_on property set to "restart" or "refresh" will be stopped as
1755 1761 * their dependencies have just changed, propagate_start() will start them
1756 1762 * again once their dependencies have been re-satisfied.
1757 1763 */
1758 1764 static void
1759 1765 propagate_stop(graph_vertex_t *v, void *arg)
1760 1766 {
1761 1767 restarter_error_t err = (restarter_error_t)arg;
1762 1768
1763 - if (v->gv_flags & GV_TOOFFLINE)
1769 + if (is_inst_bypassed(v))
1764 1770 return;
1765 1771
1766 1772 switch (v->gv_type) {
1767 1773 case GVT_INST:
1768 1774 /* Restarter */
1769 1775 if (err > RERR_NONE && inst_running(v)) {
1770 1776 if (err == RERR_RESTART || err == RERR_REFRESH) {
1771 1777 vertex_send_event(v,
1772 1778 RESTARTER_EVENT_TYPE_STOP_RESET);
1773 1779 } else {
1774 1780 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP);
1775 1781 }
1776 1782 }
1777 1783 break;
1778 1784
1779 1785 case GVT_SVC:
1780 1786 graph_walk_dependents(v, propagate_stop, arg);
1781 1787 break;
1782 1788
|
↓ open down ↓ |
9 lines elided |
↑ open up ↑ |
1783 1789 case GVT_FILE:
1784 1790 #ifndef NDEBUG
1785 1791 uu_warn("%s:%d: propagate_stop() encountered GVT_FILE.\n",
1786 1792 __FILE__, __LINE__);
1787 1793 #endif
1788 1794 abort();
1789 1795 /* NOTREACHED */
1790 1796
1791 1797 case GVT_GROUP:
1792 1798 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1793 - graph_walk_dependents(v, propagate_start, NULL);
1799 + graph_walk_dependents(v, propagate_start,
1800 + (void *)RERR_NONE);
1794 1801 break;
1795 1802 }
1796 1803
1797 1804 if (err == RERR_NONE || err > v->gv_restart)
1798 1805 break;
1799 1806
1800 1807 graph_walk_dependents(v, propagate_stop, arg);
1801 1808 break;
1802 1809
1803 1810 default:
1804 1811 #ifndef NDEBUG
1805 1812 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1806 1813 v->gv_type);
1807 1814 #endif
1808 1815 abort();
1809 1816 }
1810 1817 }
1811 1818
1812 1819 void
1813 1820 offline_vertex(graph_vertex_t *v)
1814 1821 {
1815 1822 scf_handle_t *h = libscf_handle_create_bound_loop();
1816 1823 scf_instance_t *scf_inst = safe_scf_instance_create(h);
1817 1824 scf_propertygroup_t *pg = safe_scf_pg_create(h);
1818 1825 restarter_instance_state_t state, next_state;
1819 1826 int r;
1820 1827
1821 1828 assert(v->gv_type == GVT_INST);
1822 1829
1823 1830 if (scf_inst == NULL)
1824 1831 bad_error("safe_scf_instance_create", scf_error());
1825 1832 if (pg == NULL)
1826 1833 bad_error("safe_scf_pg_create", scf_error());
1827 1834
1828 1835 /* if the vertex is already going offline, return */
1829 1836 rep_retry:
1830 1837 if (scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, scf_inst, NULL,
1831 1838 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
1832 1839 switch (scf_error()) {
1833 1840 case SCF_ERROR_CONNECTION_BROKEN:
1834 1841 libscf_handle_rebind(h);
1835 1842 goto rep_retry;
1836 1843
1837 1844 case SCF_ERROR_NOT_FOUND:
1838 1845 scf_pg_destroy(pg);
1839 1846 scf_instance_destroy(scf_inst);
1840 1847 (void) scf_handle_unbind(h);
1841 1848 scf_handle_destroy(h);
1842 1849 return;
1843 1850 }
1844 1851 uu_die("Can't decode FMRI %s: %s\n", v->gv_name,
1845 1852 scf_strerror(scf_error()));
1846 1853 }
1847 1854
1848 1855 r = scf_instance_get_pg(scf_inst, SCF_PG_RESTARTER, pg);
1849 1856 if (r != 0) {
1850 1857 switch (scf_error()) {
1851 1858 case SCF_ERROR_CONNECTION_BROKEN:
1852 1859 libscf_handle_rebind(h);
1853 1860 goto rep_retry;
1854 1861
1855 1862 case SCF_ERROR_NOT_SET:
1856 1863 case SCF_ERROR_NOT_FOUND:
1857 1864 scf_pg_destroy(pg);
1858 1865 scf_instance_destroy(scf_inst);
1859 1866 (void) scf_handle_unbind(h);
1860 1867 scf_handle_destroy(h);
1861 1868 return;
1862 1869
1863 1870 default:
1864 1871 bad_error("scf_instance_get_pg", scf_error());
1865 1872 }
1866 1873 } else {
1867 1874 r = libscf_read_states(pg, &state, &next_state);
1868 1875 if (r == 0 && (next_state == RESTARTER_STATE_OFFLINE ||
1869 1876 next_state == RESTARTER_STATE_DISABLED)) {
1870 1877 log_framework(LOG_DEBUG,
1871 1878 "%s: instance is already going down.\n",
1872 1879 v->gv_name);
1873 1880 scf_pg_destroy(pg);
1874 1881 scf_instance_destroy(scf_inst);
1875 1882 (void) scf_handle_unbind(h);
1876 1883 scf_handle_destroy(h);
1877 1884 return;
1878 1885 }
1879 1886 }
1880 1887
1881 1888 scf_pg_destroy(pg);
1882 1889 scf_instance_destroy(scf_inst);
1883 1890 (void) scf_handle_unbind(h);
1884 1891 scf_handle_destroy(h);
1885 1892
1886 1893 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP_RESET);
1887 1894 }
1888 1895
1889 1896 /*
1890 1897 * void graph_enable_by_vertex()
1891 1898 * If admin is non-zero, this is an administrative request for change
1892 1899 * of the enabled property. Thus, send the ADMIN_DISABLE rather than
1893 1900 * a plain DISABLE restarter event.
1894 1901 */
1895 1902 void
1896 1903 graph_enable_by_vertex(graph_vertex_t *vertex, int enable, int admin)
1897 1904 {
1898 1905 graph_vertex_t *v;
1899 1906 int r;
1900 1907
1901 1908 assert(MUTEX_HELD(&dgraph_lock));
1902 1909 assert((vertex->gv_flags & GV_CONFIGURED));
1903 1910
1904 1911 vertex->gv_flags = (vertex->gv_flags & ~GV_ENABLED) |
1905 1912 (enable ? GV_ENABLED : 0);
1906 1913
1907 1914 if (enable) {
1908 1915 if (vertex->gv_state != RESTARTER_STATE_OFFLINE &&
1909 1916 vertex->gv_state != RESTARTER_STATE_DEGRADED &&
1910 1917 vertex->gv_state != RESTARTER_STATE_ONLINE) {
1911 1918 /*
1912 1919 * In case the vertex was notified to go down,
1913 1920 * but now can return online, clear the _TOOFFLINE
1914 1921 * and _TODISABLE flags.
1915 1922 */
1916 1923 vertex->gv_flags &= ~GV_TOOFFLINE;
1917 1924 vertex->gv_flags &= ~GV_TODISABLE;
1918 1925
1919 1926 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ENABLE);
1920 1927 }
1921 1928
1922 1929 /*
1923 1930 * Wait for state update from restarter before sending _START or
1924 1931 * _STOP.
1925 1932 */
1926 1933
1927 1934 return;
1928 1935 }
1929 1936
1930 1937 if (vertex->gv_state == RESTARTER_STATE_DISABLED)
1931 1938 return;
1932 1939
1933 1940 if (!admin) {
1934 1941 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_DISABLE);
1935 1942
1936 1943 /*
1937 1944 * Wait for state update from restarter before sending _START or
1938 1945 * _STOP.
1939 1946 */
1940 1947
1941 1948 return;
1942 1949 }
1943 1950
1944 1951 /*
1945 1952 * If it is a DISABLE event requested by the administrator then we are
1946 1953 * offlining the dependents first.
1947 1954 */
1948 1955
1949 1956 /*
1950 1957 * Set GV_TOOFFLINE for the services we are offlining. We cannot
1951 1958 * clear the GV_TOOFFLINE bits from all the services because
1952 1959 * other DISABLE events might be handled at the same time.
1953 1960 */
1954 1961 vertex->gv_flags |= GV_TOOFFLINE;
1955 1962
1956 1963 /* remember which vertex to disable... */
1957 1964 vertex->gv_flags |= GV_TODISABLE;
1958 1965
1959 1966 log_framework(LOG_DEBUG, "Marking in-subtree vertices before "
1960 1967 "disabling %s.\n", vertex->gv_name);
1961 1968
1962 1969 /* set GV_TOOFFLINE for its dependents */
1963 1970 r = uu_list_walk(vertex->gv_dependents, (uu_walk_fn_t *)mark_subtree,
1964 1971 NULL, 0);
1965 1972 assert(r == 0);
1966 1973
1967 1974 /* disable the instance now if there is nothing else to offline */
1968 1975 if (insubtree_dependents_down(vertex) == B_TRUE) {
1969 1976 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
1970 1977 return;
1971 1978 }
1972 1979
1973 1980 /*
1974 1981 * This loop is similar to the one used for the graph reversal shutdown
1975 1982 * and could be improved in term of performance for the subtree reversal
1976 1983 * disable case.
1977 1984 */
1978 1985 for (v = uu_list_first(dgraph); v != NULL;
1979 1986 v = uu_list_next(dgraph, v)) {
1980 1987 /* skip the vertex we are disabling for now */
1981 1988 if (v == vertex)
1982 1989 continue;
1983 1990
1984 1991 if (v->gv_type != GVT_INST ||
1985 1992 (v->gv_flags & GV_CONFIGURED) == 0 ||
1986 1993 (v->gv_flags & GV_ENABLED) == 0 ||
1987 1994 (v->gv_flags & GV_TOOFFLINE) == 0)
1988 1995 continue;
1989 1996
1990 1997 if ((v->gv_state != RESTARTER_STATE_ONLINE) &&
1991 1998 (v->gv_state != RESTARTER_STATE_DEGRADED)) {
1992 1999 /* continue if there is nothing to offline */
1993 2000 continue;
1994 2001 }
1995 2002
1996 2003 /*
1997 2004 * Instances which are up need to come down before we're
1998 2005 * done, but we can only offline the leaves here. An
1999 2006 * instance is a leaf when all its dependents are down.
2000 2007 */
2001 2008 if (insubtree_dependents_down(v) == B_TRUE) {
2002 2009 log_framework(LOG_DEBUG, "Offlining in-subtree "
2003 2010 "instance %s for %s.\n",
2004 2011 v->gv_name, vertex->gv_name);
2005 2012 offline_vertex(v);
2006 2013 }
2007 2014 }
2008 2015 }
2009 2016
2010 2017 static int configure_vertex(graph_vertex_t *, scf_instance_t *);
2011 2018
2012 2019 /*
2013 2020 * Set the restarter for v to fmri_arg. That is, make sure a vertex for
2014 2021 * fmri_arg exists, make v depend on it, and send _ADD_INSTANCE for v. If
2015 2022 * v is already configured and fmri_arg indicates the current restarter, do
2016 2023 * nothing. If v is configured and fmri_arg is a new restarter, delete v's
2017 2024 * dependency on the restarter, send _REMOVE_INSTANCE for v, and set the new
2018 2025 * restarter. Returns 0 on success, EINVAL if the FMRI is invalid,
2019 2026 * ECONNABORTED if the repository connection is broken, and ELOOP
2020 2027 * if the dependency would create a cycle. In the last case, *pathp will
2021 2028 * point to a -1-terminated array of ids which compose the path from v to
2022 2029 * restarter_fmri.
2023 2030 */
2024 2031 int
2025 2032 graph_change_restarter(graph_vertex_t *v, const char *fmri_arg, scf_handle_t *h,
2026 2033 int **pathp)
2027 2034 {
2028 2035 char *restarter_fmri = NULL;
2029 2036 graph_vertex_t *rv;
2030 2037 int err;
2031 2038 int id;
2032 2039
2033 2040 assert(MUTEX_HELD(&dgraph_lock));
2034 2041
2035 2042 if (fmri_arg[0] != '\0') {
2036 2043 err = fmri_canonify(fmri_arg, &restarter_fmri, B_TRUE);
2037 2044 if (err != 0) {
2038 2045 assert(err == EINVAL);
2039 2046 return (err);
2040 2047 }
2041 2048 }
2042 2049
2043 2050 if (restarter_fmri == NULL ||
2044 2051 strcmp(restarter_fmri, SCF_SERVICE_STARTD) == 0) {
2045 2052 if (v->gv_flags & GV_CONFIGURED) {
2046 2053 if (v->gv_restarter_id == -1) {
2047 2054 if (restarter_fmri != NULL)
2048 2055 startd_free(restarter_fmri,
2049 2056 max_scf_fmri_size);
2050 2057 return (0);
2051 2058 }
2052 2059
2053 2060 graph_unset_restarter(v);
2054 2061 }
2055 2062
2056 2063 /* Master restarter, nothing to do. */
2057 2064 v->gv_restarter_id = -1;
2058 2065 v->gv_restarter_channel = NULL;
2059 2066 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2060 2067 return (0);
2061 2068 }
2062 2069
2063 2070 if (v->gv_flags & GV_CONFIGURED) {
2064 2071 id = dict_lookup_byname(restarter_fmri);
2065 2072 if (id != -1 && v->gv_restarter_id == id) {
2066 2073 startd_free(restarter_fmri, max_scf_fmri_size);
2067 2074 return (0);
2068 2075 }
2069 2076
2070 2077 graph_unset_restarter(v);
2071 2078 }
2072 2079
2073 2080 err = graph_insert_vertex_unconfigured(restarter_fmri, GVT_INST, 0,
2074 2081 RERR_NONE, &rv);
2075 2082 startd_free(restarter_fmri, max_scf_fmri_size);
2076 2083 assert(err == 0 || err == EEXIST);
2077 2084
2078 2085 if (rv->gv_delegate_initialized == 0) {
2079 2086 if ((rv->gv_delegate_channel = restarter_protocol_init_delegate(
2080 2087 rv->gv_name)) == NULL)
2081 2088 return (EINVAL);
2082 2089 rv->gv_delegate_initialized = 1;
2083 2090 }
2084 2091 v->gv_restarter_id = rv->gv_id;
2085 2092 v->gv_restarter_channel = rv->gv_delegate_channel;
2086 2093
2087 2094 err = graph_insert_dependency(v, rv, pathp);
2088 2095 if (err != 0) {
2089 2096 assert(err == ELOOP);
2090 2097 return (ELOOP);
2091 2098 }
2092 2099
2093 2100 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2094 2101
2095 2102 if (!(rv->gv_flags & GV_CONFIGURED)) {
2096 2103 scf_instance_t *inst;
2097 2104
2098 2105 err = libscf_fmri_get_instance(h, rv->gv_name, &inst);
2099 2106 switch (err) {
2100 2107 case 0:
2101 2108 err = configure_vertex(rv, inst);
2102 2109 scf_instance_destroy(inst);
2103 2110 switch (err) {
2104 2111 case 0:
2105 2112 case ECANCELED:
2106 2113 break;
2107 2114
2108 2115 case ECONNABORTED:
2109 2116 return (ECONNABORTED);
2110 2117
2111 2118 default:
2112 2119 bad_error("configure_vertex", err);
2113 2120 }
2114 2121 break;
2115 2122
2116 2123 case ECONNABORTED:
2117 2124 return (ECONNABORTED);
2118 2125
2119 2126 case ENOENT:
2120 2127 break;
2121 2128
2122 2129 case ENOTSUP:
2123 2130 /*
2124 2131 * The fmri doesn't specify an instance - translate
2125 2132 * to EINVAL.
2126 2133 */
2127 2134 return (EINVAL);
2128 2135
2129 2136 case EINVAL:
2130 2137 default:
2131 2138 bad_error("libscf_fmri_get_instance", err);
2132 2139 }
2133 2140 }
2134 2141
2135 2142 return (0);
2136 2143 }
2137 2144
2138 2145
2139 2146 /*
2140 2147 * Add all of the instances of the service named by fmri to the graph.
2141 2148 * Returns
2142 2149 * 0 - success
2143 2150 * ENOENT - service indicated by fmri does not exist
2144 2151 *
2145 2152 * In both cases *reboundp will be B_TRUE if the handle was rebound, or B_FALSE
2146 2153 * otherwise.
2147 2154 */
2148 2155 static int
2149 2156 add_service(const char *fmri, scf_handle_t *h, boolean_t *reboundp)
2150 2157 {
2151 2158 scf_service_t *svc;
2152 2159 scf_instance_t *inst;
2153 2160 scf_iter_t *iter;
2154 2161 char *inst_fmri;
2155 2162 int ret, r;
2156 2163
2157 2164 *reboundp = B_FALSE;
2158 2165
2159 2166 svc = safe_scf_service_create(h);
2160 2167 inst = safe_scf_instance_create(h);
2161 2168 iter = safe_scf_iter_create(h);
2162 2169 inst_fmri = startd_alloc(max_scf_fmri_size);
2163 2170
2164 2171 rebound:
2165 2172 if (scf_handle_decode_fmri(h, fmri, NULL, svc, NULL, NULL, NULL,
2166 2173 SCF_DECODE_FMRI_EXACT) != 0) {
2167 2174 switch (scf_error()) {
2168 2175 case SCF_ERROR_CONNECTION_BROKEN:
2169 2176 default:
2170 2177 libscf_handle_rebind(h);
2171 2178 *reboundp = B_TRUE;
2172 2179 goto rebound;
2173 2180
2174 2181 case SCF_ERROR_NOT_FOUND:
2175 2182 ret = ENOENT;
2176 2183 goto out;
2177 2184
2178 2185 case SCF_ERROR_INVALID_ARGUMENT:
2179 2186 case SCF_ERROR_CONSTRAINT_VIOLATED:
2180 2187 case SCF_ERROR_NOT_BOUND:
2181 2188 case SCF_ERROR_HANDLE_MISMATCH:
2182 2189 bad_error("scf_handle_decode_fmri", scf_error());
2183 2190 }
2184 2191 }
2185 2192
2186 2193 if (scf_iter_service_instances(iter, svc) != 0) {
2187 2194 switch (scf_error()) {
2188 2195 case SCF_ERROR_CONNECTION_BROKEN:
2189 2196 default:
2190 2197 libscf_handle_rebind(h);
2191 2198 *reboundp = B_TRUE;
2192 2199 goto rebound;
2193 2200
2194 2201 case SCF_ERROR_DELETED:
2195 2202 ret = ENOENT;
2196 2203 goto out;
2197 2204
2198 2205 case SCF_ERROR_HANDLE_MISMATCH:
2199 2206 case SCF_ERROR_NOT_BOUND:
2200 2207 case SCF_ERROR_NOT_SET:
2201 2208 bad_error("scf_iter_service_instances", scf_error());
2202 2209 }
2203 2210 }
2204 2211
2205 2212 for (;;) {
2206 2213 r = scf_iter_next_instance(iter, inst);
2207 2214 if (r == 0)
2208 2215 break;
2209 2216 if (r != 1) {
2210 2217 switch (scf_error()) {
2211 2218 case SCF_ERROR_CONNECTION_BROKEN:
2212 2219 default:
2213 2220 libscf_handle_rebind(h);
2214 2221 *reboundp = B_TRUE;
2215 2222 goto rebound;
2216 2223
2217 2224 case SCF_ERROR_DELETED:
2218 2225 ret = ENOENT;
2219 2226 goto out;
2220 2227
2221 2228 case SCF_ERROR_HANDLE_MISMATCH:
2222 2229 case SCF_ERROR_NOT_BOUND:
2223 2230 case SCF_ERROR_NOT_SET:
2224 2231 case SCF_ERROR_INVALID_ARGUMENT:
2225 2232 bad_error("scf_iter_next_instance",
2226 2233 scf_error());
2227 2234 }
2228 2235 }
2229 2236
2230 2237 if (scf_instance_to_fmri(inst, inst_fmri, max_scf_fmri_size) <
2231 2238 0) {
2232 2239 switch (scf_error()) {
2233 2240 case SCF_ERROR_CONNECTION_BROKEN:
2234 2241 libscf_handle_rebind(h);
2235 2242 *reboundp = B_TRUE;
2236 2243 goto rebound;
2237 2244
2238 2245 case SCF_ERROR_DELETED:
2239 2246 continue;
2240 2247
2241 2248 case SCF_ERROR_NOT_BOUND:
2242 2249 case SCF_ERROR_NOT_SET:
2243 2250 bad_error("scf_instance_to_fmri", scf_error());
2244 2251 }
2245 2252 }
2246 2253
2247 2254 r = dgraph_add_instance(inst_fmri, inst, B_FALSE);
2248 2255 switch (r) {
2249 2256 case 0:
2250 2257 case ECANCELED:
2251 2258 break;
2252 2259
2253 2260 case EEXIST:
2254 2261 continue;
2255 2262
2256 2263 case ECONNABORTED:
2257 2264 libscf_handle_rebind(h);
2258 2265 *reboundp = B_TRUE;
2259 2266 goto rebound;
2260 2267
2261 2268 case EINVAL:
2262 2269 default:
2263 2270 bad_error("dgraph_add_instance", r);
2264 2271 }
2265 2272 }
2266 2273
2267 2274 ret = 0;
2268 2275
2269 2276 out:
2270 2277 startd_free(inst_fmri, max_scf_fmri_size);
2271 2278 scf_iter_destroy(iter);
2272 2279 scf_instance_destroy(inst);
2273 2280 scf_service_destroy(svc);
2274 2281 return (ret);
2275 2282 }
2276 2283
2277 2284 struct depfmri_info {
2278 2285 graph_vertex_t *v; /* GVT_GROUP vertex */
2279 2286 gv_type_t type; /* type of dependency */
2280 2287 const char *inst_fmri; /* FMRI of parental GVT_INST vert. */
2281 2288 const char *pg_name; /* Name of dependency pg */
2282 2289 scf_handle_t *h;
2283 2290 int err; /* return error code */
2284 2291 int **pathp; /* return circular dependency path */
2285 2292 };
2286 2293
2287 2294 /*
2288 2295 * Find or create a vertex for fmri and make info->v depend on it.
2289 2296 * Returns
2290 2297 * 0 - success
2291 2298 * nonzero - failure
2292 2299 *
2293 2300 * On failure, sets info->err to
2294 2301 * EINVAL - fmri is invalid
2295 2302 * fmri does not match info->type
2296 2303 * ELOOP - Adding the dependency creates a circular dependency. *info->pathp
2297 2304 * will point to an array of the ids of the members of the cycle.
2298 2305 * ECONNABORTED - repository connection was broken
2299 2306 * ECONNRESET - succeeded, but repository connection was reset
2300 2307 */
2301 2308 static int
2302 2309 process_dependency_fmri(const char *fmri, struct depfmri_info *info)
2303 2310 {
2304 2311 int err;
2305 2312 graph_vertex_t *depgroup_v, *v;
2306 2313 char *fmri_copy, *cfmri;
2307 2314 size_t fmri_copy_sz;
2308 2315 const char *scope, *service, *instance, *pg;
2309 2316 scf_instance_t *inst;
2310 2317 boolean_t rebound;
2311 2318
2312 2319 assert(MUTEX_HELD(&dgraph_lock));
2313 2320
2314 2321 /* Get or create vertex for FMRI */
2315 2322 depgroup_v = info->v;
2316 2323
2317 2324 if (strncmp(fmri, "file:", sizeof ("file:") - 1) == 0) {
2318 2325 if (info->type != GVT_FILE) {
2319 2326 log_framework(LOG_NOTICE,
2320 2327 "FMRI \"%s\" is not allowed for the \"%s\" "
2321 2328 "dependency's type of instance %s.\n", fmri,
2322 2329 info->pg_name, info->inst_fmri);
2323 2330 return (info->err = EINVAL);
2324 2331 }
2325 2332
2326 2333 err = graph_insert_vertex_unconfigured(fmri, info->type, 0,
2327 2334 RERR_NONE, &v);
2328 2335 switch (err) {
2329 2336 case 0:
2330 2337 break;
2331 2338
2332 2339 case EEXIST:
2333 2340 assert(v->gv_type == GVT_FILE);
2334 2341 break;
2335 2342
2336 2343 case EINVAL: /* prevented above */
2337 2344 default:
2338 2345 bad_error("graph_insert_vertex_unconfigured", err);
2339 2346 }
2340 2347 } else {
2341 2348 if (info->type != GVT_INST) {
2342 2349 log_framework(LOG_NOTICE,
2343 2350 "FMRI \"%s\" is not allowed for the \"%s\" "
2344 2351 "dependency's type of instance %s.\n", fmri,
2345 2352 info->pg_name, info->inst_fmri);
2346 2353 return (info->err = EINVAL);
2347 2354 }
2348 2355
2349 2356 /*
2350 2357 * We must canonify fmri & add a vertex for it.
2351 2358 */
2352 2359 fmri_copy_sz = strlen(fmri) + 1;
2353 2360 fmri_copy = startd_alloc(fmri_copy_sz);
2354 2361 (void) strcpy(fmri_copy, fmri);
2355 2362
2356 2363 /* Determine if the FMRI is a property group or instance */
2357 2364 if (scf_parse_svc_fmri(fmri_copy, &scope, &service,
2358 2365 &instance, &pg, NULL) != 0) {
2359 2366 startd_free(fmri_copy, fmri_copy_sz);
2360 2367 log_framework(LOG_NOTICE,
2361 2368 "Dependency \"%s\" of %s has invalid FMRI "
2362 2369 "\"%s\".\n", info->pg_name, info->inst_fmri,
2363 2370 fmri);
2364 2371 return (info->err = EINVAL);
2365 2372 }
2366 2373
2367 2374 if (service == NULL || pg != NULL) {
2368 2375 startd_free(fmri_copy, fmri_copy_sz);
2369 2376 log_framework(LOG_NOTICE,
2370 2377 "Dependency \"%s\" of %s does not designate a "
2371 2378 "service or instance.\n", info->pg_name,
2372 2379 info->inst_fmri);
2373 2380 return (info->err = EINVAL);
2374 2381 }
2375 2382
2376 2383 if (scope == NULL || strcmp(scope, SCF_SCOPE_LOCAL) == 0) {
2377 2384 cfmri = uu_msprintf("svc:/%s%s%s",
2378 2385 service, instance ? ":" : "", instance ? instance :
2379 2386 "");
2380 2387 } else {
2381 2388 cfmri = uu_msprintf("svc://%s/%s%s%s",
2382 2389 scope, service, instance ? ":" : "", instance ?
2383 2390 instance : "");
2384 2391 }
2385 2392
2386 2393 startd_free(fmri_copy, fmri_copy_sz);
2387 2394
2388 2395 err = graph_insert_vertex_unconfigured(cfmri, instance ?
2389 2396 GVT_INST : GVT_SVC, instance ? 0 : DEPGRP_REQUIRE_ANY,
2390 2397 RERR_NONE, &v);
2391 2398 uu_free(cfmri);
2392 2399 switch (err) {
2393 2400 case 0:
2394 2401 break;
2395 2402
2396 2403 case EEXIST:
2397 2404 /* Verify v. */
2398 2405 if (instance != NULL)
2399 2406 assert(v->gv_type == GVT_INST);
2400 2407 else
2401 2408 assert(v->gv_type == GVT_SVC);
2402 2409 break;
2403 2410
2404 2411 default:
2405 2412 bad_error("graph_insert_vertex_unconfigured", err);
2406 2413 }
2407 2414 }
2408 2415
2409 2416 /* Add dependency from depgroup_v to new vertex */
2410 2417 info->err = graph_insert_dependency(depgroup_v, v, info->pathp);
2411 2418 switch (info->err) {
2412 2419 case 0:
2413 2420 break;
2414 2421
2415 2422 case ELOOP:
2416 2423 return (ELOOP);
2417 2424
2418 2425 default:
2419 2426 bad_error("graph_insert_dependency", info->err);
2420 2427 }
2421 2428
2422 2429 /* This must be after we insert the dependency, to avoid looping. */
2423 2430 switch (v->gv_type) {
2424 2431 case GVT_INST:
2425 2432 if ((v->gv_flags & GV_CONFIGURED) != 0)
2426 2433 break;
2427 2434
2428 2435 inst = safe_scf_instance_create(info->h);
2429 2436
2430 2437 rebound = B_FALSE;
2431 2438
2432 2439 rebound:
2433 2440 err = libscf_lookup_instance(v->gv_name, inst);
2434 2441 switch (err) {
2435 2442 case 0:
2436 2443 err = configure_vertex(v, inst);
2437 2444 switch (err) {
2438 2445 case 0:
2439 2446 case ECANCELED:
2440 2447 break;
2441 2448
2442 2449 case ECONNABORTED:
2443 2450 libscf_handle_rebind(info->h);
2444 2451 rebound = B_TRUE;
2445 2452 goto rebound;
2446 2453
2447 2454 default:
2448 2455 bad_error("configure_vertex", err);
2449 2456 }
2450 2457 break;
2451 2458
2452 2459 case ENOENT:
2453 2460 break;
2454 2461
2455 2462 case ECONNABORTED:
2456 2463 libscf_handle_rebind(info->h);
2457 2464 rebound = B_TRUE;
2458 2465 goto rebound;
2459 2466
2460 2467 case EINVAL:
2461 2468 case ENOTSUP:
2462 2469 default:
2463 2470 bad_error("libscf_fmri_get_instance", err);
2464 2471 }
2465 2472
2466 2473 scf_instance_destroy(inst);
2467 2474
2468 2475 if (rebound)
2469 2476 return (info->err = ECONNRESET);
2470 2477 break;
2471 2478
2472 2479 case GVT_SVC:
2473 2480 (void) add_service(v->gv_name, info->h, &rebound);
2474 2481 if (rebound)
2475 2482 return (info->err = ECONNRESET);
2476 2483 }
2477 2484
2478 2485 return (0);
2479 2486 }
2480 2487
2481 2488 struct deppg_info {
2482 2489 graph_vertex_t *v; /* GVT_INST vertex */
2483 2490 int err; /* return error */
2484 2491 int **pathp; /* return circular dependency path */
2485 2492 };
2486 2493
2487 2494 /*
2488 2495 * Make info->v depend on a new GVT_GROUP node for this property group,
2489 2496 * and then call process_dependency_fmri() for the values of the entity
2490 2497 * property. Return 0 on success, or if something goes wrong return nonzero
2491 2498 * and set info->err to ECONNABORTED, EINVAL, or the error code returned by
2492 2499 * process_dependency_fmri().
2493 2500 */
2494 2501 static int
2495 2502 process_dependency_pg(scf_propertygroup_t *pg, struct deppg_info *info)
2496 2503 {
2497 2504 scf_handle_t *h;
2498 2505 depgroup_type_t deptype;
2499 2506 restarter_error_t rerr;
2500 2507 struct depfmri_info linfo;
2501 2508 char *fmri, *pg_name;
2502 2509 size_t fmri_sz;
2503 2510 graph_vertex_t *depgrp;
2504 2511 scf_property_t *prop;
2505 2512 int err;
2506 2513 int empty;
2507 2514 scf_error_t scferr;
2508 2515 ssize_t len;
2509 2516
2510 2517 assert(MUTEX_HELD(&dgraph_lock));
2511 2518
2512 2519 h = scf_pg_handle(pg);
2513 2520
2514 2521 pg_name = startd_alloc(max_scf_name_size);
2515 2522
2516 2523 len = scf_pg_get_name(pg, pg_name, max_scf_name_size);
2517 2524 if (len < 0) {
2518 2525 startd_free(pg_name, max_scf_name_size);
2519 2526 switch (scf_error()) {
2520 2527 case SCF_ERROR_CONNECTION_BROKEN:
2521 2528 default:
2522 2529 return (info->err = ECONNABORTED);
2523 2530
2524 2531 case SCF_ERROR_DELETED:
2525 2532 return (info->err = 0);
2526 2533
2527 2534 case SCF_ERROR_NOT_SET:
2528 2535 bad_error("scf_pg_get_name", scf_error());
2529 2536 }
2530 2537 }
2531 2538
2532 2539 /*
2533 2540 * Skip over empty dependency groups. Since dependency property
2534 2541 * groups are updated atomically, they are either empty or
2535 2542 * fully populated.
2536 2543 */
2537 2544 empty = depgroup_empty(h, pg);
2538 2545 if (empty < 0) {
2539 2546 log_error(LOG_INFO,
2540 2547 "Error reading dependency group \"%s\" of %s: %s\n",
2541 2548 pg_name, info->v->gv_name, scf_strerror(scf_error()));
2542 2549 startd_free(pg_name, max_scf_name_size);
2543 2550 return (info->err = EINVAL);
2544 2551
2545 2552 } else if (empty == 1) {
2546 2553 log_framework(LOG_DEBUG,
2547 2554 "Ignoring empty dependency group \"%s\" of %s\n",
2548 2555 pg_name, info->v->gv_name);
2549 2556 startd_free(pg_name, max_scf_name_size);
2550 2557 return (info->err = 0);
2551 2558 }
2552 2559
2553 2560 fmri_sz = strlen(info->v->gv_name) + 1 + len + 1;
2554 2561 fmri = startd_alloc(fmri_sz);
2555 2562
2556 2563 (void) snprintf(fmri, fmri_sz, "%s>%s", info->v->gv_name,
2557 2564 pg_name);
2558 2565
2559 2566 /* Validate the pg before modifying the graph */
2560 2567 deptype = depgroup_read_grouping(h, pg);
2561 2568 if (deptype == DEPGRP_UNSUPPORTED) {
2562 2569 log_error(LOG_INFO,
2563 2570 "Dependency \"%s\" of %s has an unknown grouping value.\n",
2564 2571 pg_name, info->v->gv_name);
2565 2572 startd_free(fmri, fmri_sz);
2566 2573 startd_free(pg_name, max_scf_name_size);
2567 2574 return (info->err = EINVAL);
2568 2575 }
2569 2576
2570 2577 rerr = depgroup_read_restart(h, pg);
2571 2578 if (rerr == RERR_UNSUPPORTED) {
2572 2579 log_error(LOG_INFO,
2573 2580 "Dependency \"%s\" of %s has an unknown restart_on value."
2574 2581 "\n", pg_name, info->v->gv_name);
2575 2582 startd_free(fmri, fmri_sz);
2576 2583 startd_free(pg_name, max_scf_name_size);
2577 2584 return (info->err = EINVAL);
2578 2585 }
2579 2586
2580 2587 prop = safe_scf_property_create(h);
2581 2588
2582 2589 if (scf_pg_get_property(pg, SCF_PROPERTY_ENTITIES, prop) != 0) {
2583 2590 scferr = scf_error();
2584 2591 scf_property_destroy(prop);
2585 2592 if (scferr == SCF_ERROR_DELETED) {
2586 2593 startd_free(fmri, fmri_sz);
2587 2594 startd_free(pg_name, max_scf_name_size);
2588 2595 return (info->err = 0);
2589 2596 } else if (scferr != SCF_ERROR_NOT_FOUND) {
2590 2597 startd_free(fmri, fmri_sz);
2591 2598 startd_free(pg_name, max_scf_name_size);
2592 2599 return (info->err = ECONNABORTED);
2593 2600 }
2594 2601
2595 2602 log_error(LOG_INFO,
2596 2603 "Dependency \"%s\" of %s is missing a \"%s\" property.\n",
2597 2604 pg_name, info->v->gv_name, SCF_PROPERTY_ENTITIES);
2598 2605
2599 2606 startd_free(fmri, fmri_sz);
2600 2607 startd_free(pg_name, max_scf_name_size);
2601 2608
2602 2609 return (info->err = EINVAL);
2603 2610 }
2604 2611
2605 2612 /* Create depgroup vertex for pg */
2606 2613 err = graph_insert_vertex_unconfigured(fmri, GVT_GROUP, deptype,
2607 2614 rerr, &depgrp);
2608 2615 assert(err == 0);
2609 2616 startd_free(fmri, fmri_sz);
2610 2617
2611 2618 /* Add dependency from inst vertex to new vertex */
2612 2619 err = graph_insert_dependency(info->v, depgrp, info->pathp);
2613 2620 /* ELOOP can't happen because this should be a new vertex */
2614 2621 assert(err == 0);
2615 2622
2616 2623 linfo.v = depgrp;
2617 2624 linfo.type = depgroup_read_scheme(h, pg);
2618 2625 linfo.inst_fmri = info->v->gv_name;
2619 2626 linfo.pg_name = pg_name;
2620 2627 linfo.h = h;
2621 2628 linfo.err = 0;
2622 2629 linfo.pathp = info->pathp;
2623 2630 err = walk_property_astrings(prop, (callback_t)process_dependency_fmri,
2624 2631 &linfo);
2625 2632
2626 2633 scf_property_destroy(prop);
2627 2634 startd_free(pg_name, max_scf_name_size);
2628 2635
2629 2636 switch (err) {
2630 2637 case 0:
2631 2638 case EINTR:
2632 2639 return (info->err = linfo.err);
2633 2640
2634 2641 case ECONNABORTED:
2635 2642 case EINVAL:
2636 2643 return (info->err = err);
2637 2644
2638 2645 case ECANCELED:
2639 2646 return (info->err = 0);
2640 2647
2641 2648 case ECONNRESET:
2642 2649 return (info->err = ECONNABORTED);
2643 2650
2644 2651 default:
2645 2652 bad_error("walk_property_astrings", err);
2646 2653 /* NOTREACHED */
2647 2654 }
2648 2655 }
2649 2656
2650 2657 /*
2651 2658 * Build the dependency info for v from the repository. Returns 0 on success,
2652 2659 * ECONNABORTED on repository disconnection, EINVAL if the repository
2653 2660 * configuration is invalid, and ELOOP if a dependency would cause a cycle.
2654 2661 * In the last case, *pathp will point to a -1-terminated array of ids which
2655 2662 * constitute the rest of the dependency cycle.
2656 2663 */
2657 2664 static int
2658 2665 set_dependencies(graph_vertex_t *v, scf_instance_t *inst, int **pathp)
2659 2666 {
2660 2667 struct deppg_info info;
2661 2668 int err;
2662 2669 uint_t old_configured;
2663 2670
2664 2671 assert(MUTEX_HELD(&dgraph_lock));
2665 2672
2666 2673 /*
2667 2674 * Mark the vertex as configured during dependency insertion to avoid
2668 2675 * dependency cycles (which can appear in the graph if one of the
2669 2676 * vertices is an exclusion-group).
2670 2677 */
2671 2678 old_configured = v->gv_flags & GV_CONFIGURED;
2672 2679 v->gv_flags |= GV_CONFIGURED;
2673 2680
2674 2681 info.err = 0;
2675 2682 info.v = v;
2676 2683 info.pathp = pathp;
2677 2684
2678 2685 err = walk_dependency_pgs(inst, (callback_t)process_dependency_pg,
2679 2686 &info);
2680 2687
2681 2688 if (!old_configured)
2682 2689 v->gv_flags &= ~GV_CONFIGURED;
2683 2690
2684 2691 switch (err) {
2685 2692 case 0:
2686 2693 case EINTR:
2687 2694 return (info.err);
2688 2695
2689 2696 case ECONNABORTED:
2690 2697 return (ECONNABORTED);
2691 2698
2692 2699 case ECANCELED:
2693 2700 /* Should get delete event, so return 0. */
2694 2701 return (0);
2695 2702
2696 2703 default:
2697 2704 bad_error("walk_dependency_pgs", err);
2698 2705 /* NOTREACHED */
2699 2706 }
2700 2707 }
2701 2708
2702 2709
2703 2710 static void
2704 2711 handle_cycle(const char *fmri, int *path)
2705 2712 {
2706 2713 const char *cp;
2707 2714 size_t sz;
2708 2715
2709 2716 assert(MUTEX_HELD(&dgraph_lock));
2710 2717
2711 2718 path_to_str(path, (char **)&cp, &sz);
2712 2719
2713 2720 log_error(LOG_ERR, "Transitioning %s to maintenance "
2714 2721 "because it completes a dependency cycle (see svcs -xv for "
2715 2722 "details):\n%s", fmri ? fmri : "?", cp);
2716 2723
2717 2724 startd_free((void *)cp, sz);
2718 2725 }
2719 2726
2720 2727 /*
2721 2728 * Increment the vertex's reference count to prevent the vertex removal
2722 2729 * from the dgraph.
2723 2730 */
2724 2731 static void
2725 2732 vertex_ref(graph_vertex_t *v)
2726 2733 {
2727 2734 assert(MUTEX_HELD(&dgraph_lock));
2728 2735
2729 2736 v->gv_refs++;
2730 2737 }
2731 2738
2732 2739 /*
2733 2740 * Decrement the vertex's reference count and remove the vertex from
2734 2741 * the dgraph when possible.
2735 2742 *
2736 2743 * Return VERTEX_REMOVED when the vertex has been removed otherwise
2737 2744 * return VERTEX_INUSE.
2738 2745 */
2739 2746 static int
2740 2747 vertex_unref(graph_vertex_t *v)
2741 2748 {
2742 2749 assert(MUTEX_HELD(&dgraph_lock));
2743 2750 assert(v->gv_refs > 0);
2744 2751
2745 2752 v->gv_refs--;
2746 2753
2747 2754 return (free_if_unrefed(v));
2748 2755 }
2749 2756
2750 2757 /*
2751 2758 * When run on the dependencies of a vertex, populates list with
2752 2759 * graph_edge_t's which point to the service vertices or the instance
2753 2760 * vertices (no GVT_GROUP nodes) on which the vertex depends.
2754 2761 *
2755 2762 * Increment the vertex's reference count once the vertex is inserted
2756 2763 * in the list. The vertex won't be able to be deleted from the dgraph
2757 2764 * while it is referenced.
2758 2765 */
2759 2766 static int
2760 2767 append_svcs_or_insts(graph_edge_t *e, uu_list_t *list)
2761 2768 {
2762 2769 graph_vertex_t *v = e->ge_vertex;
2763 2770 graph_edge_t *new;
2764 2771 int r;
2765 2772
2766 2773 switch (v->gv_type) {
2767 2774 case GVT_INST:
2768 2775 case GVT_SVC:
2769 2776 break;
2770 2777
2771 2778 case GVT_GROUP:
2772 2779 r = uu_list_walk(v->gv_dependencies,
2773 2780 (uu_walk_fn_t *)append_svcs_or_insts, list, 0);
2774 2781 assert(r == 0);
2775 2782 return (UU_WALK_NEXT);
2776 2783
2777 2784 case GVT_FILE:
2778 2785 return (UU_WALK_NEXT);
2779 2786
2780 2787 default:
2781 2788 #ifndef NDEBUG
2782 2789 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
2783 2790 __LINE__, v->gv_type);
2784 2791 #endif
2785 2792 abort();
2786 2793 }
2787 2794
2788 2795 new = startd_alloc(sizeof (*new));
2789 2796 new->ge_vertex = v;
2790 2797 uu_list_node_init(new, &new->ge_link, graph_edge_pool);
2791 2798 r = uu_list_insert_before(list, NULL, new);
2792 2799 assert(r == 0);
2793 2800
2794 2801 /*
2795 2802 * Because we are inserting the vertex in a list, we don't want
2796 2803 * the vertex to be freed while the list is in use. In order to
2797 2804 * achieve that, increment the vertex's reference count.
2798 2805 */
2799 2806 vertex_ref(v);
2800 2807
2801 2808 return (UU_WALK_NEXT);
2802 2809 }
2803 2810
2804 2811 static boolean_t
2805 2812 should_be_in_subgraph(graph_vertex_t *v)
2806 2813 {
2807 2814 graph_edge_t *e;
2808 2815
2809 2816 if (v == milestone)
2810 2817 return (B_TRUE);
2811 2818
2812 2819 /*
2813 2820 * v is in the subgraph if any of its dependents are in the subgraph.
2814 2821 * Except for EXCLUDE_ALL dependents. And OPTIONAL dependents only
2815 2822 * count if we're enabled.
2816 2823 */
2817 2824 for (e = uu_list_first(v->gv_dependents);
2818 2825 e != NULL;
2819 2826 e = uu_list_next(v->gv_dependents, e)) {
2820 2827 graph_vertex_t *dv = e->ge_vertex;
2821 2828
2822 2829 if (!(dv->gv_flags & GV_INSUBGRAPH))
2823 2830 continue;
2824 2831
2825 2832 /*
2826 2833 * Don't include instances that are optional and disabled.
2827 2834 */
2828 2835 if (v->gv_type == GVT_INST && dv->gv_type == GVT_SVC) {
2829 2836
2830 2837 int in = 0;
2831 2838 graph_edge_t *ee;
2832 2839
2833 2840 for (ee = uu_list_first(dv->gv_dependents);
2834 2841 ee != NULL;
2835 2842 ee = uu_list_next(dv->gv_dependents, ee)) {
2836 2843
2837 2844 graph_vertex_t *ddv = e->ge_vertex;
2838 2845
2839 2846 if (ddv->gv_type == GVT_GROUP &&
2840 2847 ddv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2841 2848 continue;
2842 2849
2843 2850 if (ddv->gv_type == GVT_GROUP &&
2844 2851 ddv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2845 2852 !(v->gv_flags & GV_ENBLD_NOOVR))
2846 2853 continue;
2847 2854
2848 2855 in = 1;
2849 2856 }
2850 2857 if (!in)
2851 2858 continue;
2852 2859 }
2853 2860 if (v->gv_type == GVT_INST &&
2854 2861 dv->gv_type == GVT_GROUP &&
2855 2862 dv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2856 2863 !(v->gv_flags & GV_ENBLD_NOOVR))
2857 2864 continue;
2858 2865
2859 2866 /* Don't include excluded services and instances */
2860 2867 if (dv->gv_type == GVT_GROUP &&
2861 2868 dv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2862 2869 continue;
2863 2870
2864 2871 return (B_TRUE);
2865 2872 }
2866 2873
2867 2874 return (B_FALSE);
2868 2875 }
2869 2876
2870 2877 /*
2871 2878 * Ensures that GV_INSUBGRAPH is set properly for v and its descendents. If
2872 2879 * any bits change, manipulate the repository appropriately. Returns 0 or
2873 2880 * ECONNABORTED.
2874 2881 */
2875 2882 static int
2876 2883 eval_subgraph(graph_vertex_t *v, scf_handle_t *h)
2877 2884 {
2878 2885 boolean_t old = (v->gv_flags & GV_INSUBGRAPH) != 0;
2879 2886 boolean_t new;
2880 2887 graph_edge_t *e;
2881 2888 scf_instance_t *inst;
2882 2889 int ret = 0, r;
2883 2890
2884 2891 assert(milestone != NULL && milestone != MILESTONE_NONE);
2885 2892
2886 2893 new = should_be_in_subgraph(v);
2887 2894
2888 2895 if (new == old)
2889 2896 return (0);
2890 2897
2891 2898 log_framework(LOG_DEBUG, new ? "Adding %s to the subgraph.\n" :
2892 2899 "Removing %s from the subgraph.\n", v->gv_name);
2893 2900
2894 2901 v->gv_flags = (v->gv_flags & ~GV_INSUBGRAPH) |
2895 2902 (new ? GV_INSUBGRAPH : 0);
2896 2903
2897 2904 if (v->gv_type == GVT_INST && (v->gv_flags & GV_CONFIGURED)) {
2898 2905 int err;
2899 2906
2900 2907 get_inst:
2901 2908 err = libscf_fmri_get_instance(h, v->gv_name, &inst);
2902 2909 if (err != 0) {
2903 2910 switch (err) {
2904 2911 case ECONNABORTED:
2905 2912 libscf_handle_rebind(h);
2906 2913 ret = ECONNABORTED;
2907 2914 goto get_inst;
2908 2915
2909 2916 case ENOENT:
2910 2917 break;
2911 2918
2912 2919 case EINVAL:
2913 2920 case ENOTSUP:
2914 2921 default:
2915 2922 bad_error("libscf_fmri_get_instance", err);
2916 2923 }
2917 2924 } else {
2918 2925 const char *f;
2919 2926
2920 2927 if (new) {
2921 2928 err = libscf_delete_enable_ovr(inst);
2922 2929 f = "libscf_delete_enable_ovr";
2923 2930 } else {
2924 2931 err = libscf_set_enable_ovr(inst, 0);
2925 2932 f = "libscf_set_enable_ovr";
2926 2933 }
2927 2934 scf_instance_destroy(inst);
2928 2935 switch (err) {
2929 2936 case 0:
2930 2937 case ECANCELED:
2931 2938 break;
2932 2939
2933 2940 case ECONNABORTED:
2934 2941 libscf_handle_rebind(h);
2935 2942 /*
2936 2943 * We must continue so the graph is updated,
2937 2944 * but we must return ECONNABORTED so any
2938 2945 * libscf state held by any callers is reset.
2939 2946 */
2940 2947 ret = ECONNABORTED;
2941 2948 goto get_inst;
2942 2949
2943 2950 case EROFS:
2944 2951 case EPERM:
2945 2952 log_error(LOG_WARNING,
2946 2953 "Could not set %s/%s for %s: %s.\n",
2947 2954 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
2948 2955 v->gv_name, strerror(err));
2949 2956 break;
2950 2957
2951 2958 default:
2952 2959 bad_error(f, err);
2953 2960 }
2954 2961 }
2955 2962 }
2956 2963
2957 2964 for (e = uu_list_first(v->gv_dependencies);
2958 2965 e != NULL;
2959 2966 e = uu_list_next(v->gv_dependencies, e)) {
2960 2967 r = eval_subgraph(e->ge_vertex, h);
2961 2968 if (r != 0) {
2962 2969 assert(r == ECONNABORTED);
2963 2970 ret = ECONNABORTED;
2964 2971 }
2965 2972 }
2966 2973
2967 2974 return (ret);
2968 2975 }
2969 2976
2970 2977 /*
2971 2978 * Delete the (property group) dependencies of v & create new ones based on
2972 2979 * inst. If doing so would create a cycle, log a message and put the instance
2973 2980 * into maintenance. Update GV_INSUBGRAPH flags as necessary. Returns 0 or
2974 2981 * ECONNABORTED.
2975 2982 */
2976 2983 int
2977 2984 refresh_vertex(graph_vertex_t *v, scf_instance_t *inst)
2978 2985 {
2979 2986 int err;
2980 2987 int *path;
2981 2988 char *fmri;
2982 2989 int r;
2983 2990 scf_handle_t *h = scf_instance_handle(inst);
2984 2991 uu_list_t *old_deps;
2985 2992 int ret = 0;
2986 2993 graph_edge_t *e;
2987 2994 graph_vertex_t *vv;
2988 2995
2989 2996 assert(MUTEX_HELD(&dgraph_lock));
2990 2997 assert(v->gv_type == GVT_INST);
2991 2998
2992 2999 log_framework(LOG_DEBUG, "Graph engine: Refreshing %s.\n", v->gv_name);
2993 3000
2994 3001 if (milestone > MILESTONE_NONE) {
2995 3002 /*
2996 3003 * In case some of v's dependencies are being deleted we must
2997 3004 * make a list of them now for GV_INSUBGRAPH-flag evaluation
2998 3005 * after the new dependencies are in place.
2999 3006 */
3000 3007 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
3001 3008
3002 3009 err = uu_list_walk(v->gv_dependencies,
3003 3010 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
3004 3011 assert(err == 0);
3005 3012 }
3006 3013
3007 3014 delete_instance_dependencies(v, B_FALSE);
3008 3015
3009 3016 err = set_dependencies(v, inst, &path);
3010 3017 switch (err) {
3011 3018 case 0:
3012 3019 break;
3013 3020
3014 3021 case ECONNABORTED:
3015 3022 ret = err;
3016 3023 goto out;
3017 3024
3018 3025 case EINVAL:
3019 3026 case ELOOP:
3020 3027 r = libscf_instance_get_fmri(inst, &fmri);
3021 3028 switch (r) {
3022 3029 case 0:
3023 3030 break;
3024 3031
3025 3032 case ECONNABORTED:
3026 3033 ret = ECONNABORTED;
3027 3034 goto out;
3028 3035
3029 3036 case ECANCELED:
3030 3037 ret = 0;
3031 3038 goto out;
3032 3039
3033 3040 default:
3034 3041 bad_error("libscf_instance_get_fmri", r);
3035 3042 }
3036 3043
3037 3044 if (err == EINVAL) {
3038 3045 log_error(LOG_ERR, "Transitioning %s "
3039 3046 "to maintenance due to misconfiguration.\n",
3040 3047 fmri ? fmri : "?");
3041 3048 vertex_send_event(v,
3042 3049 RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY);
3043 3050 } else {
3044 3051 handle_cycle(fmri, path);
3045 3052 vertex_send_event(v,
3046 3053 RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE);
3047 3054 }
3048 3055 startd_free(fmri, max_scf_fmri_size);
3049 3056 ret = 0;
3050 3057 goto out;
3051 3058
3052 3059 default:
3053 3060 bad_error("set_dependencies", err);
3054 3061 }
3055 3062
3056 3063 if (milestone > MILESTONE_NONE) {
3057 3064 boolean_t aborted = B_FALSE;
3058 3065
3059 3066 for (e = uu_list_first(old_deps);
3060 3067 e != NULL;
3061 3068 e = uu_list_next(old_deps, e)) {
3062 3069 vv = e->ge_vertex;
3063 3070
3064 3071 if (vertex_unref(vv) == VERTEX_INUSE &&
3065 3072 eval_subgraph(vv, h) == ECONNABORTED)
3066 3073 aborted = B_TRUE;
3067 3074 }
3068 3075
3069 3076 for (e = uu_list_first(v->gv_dependencies);
3070 3077 e != NULL;
3071 3078 e = uu_list_next(v->gv_dependencies, e)) {
3072 3079 if (eval_subgraph(e->ge_vertex, h) ==
3073 3080 ECONNABORTED)
3074 3081 aborted = B_TRUE;
3075 3082 }
3076 3083
3077 3084 if (aborted) {
3078 3085 ret = ECONNABORTED;
3079 3086 goto out;
3080 3087 }
3081 3088 }
3082 3089
3083 3090 graph_start_if_satisfied(v);
3084 3091
3085 3092 ret = 0;
3086 3093
3087 3094 out:
3088 3095 if (milestone > MILESTONE_NONE) {
3089 3096 void *cookie = NULL;
3090 3097
3091 3098 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL)
3092 3099 startd_free(e, sizeof (*e));
3093 3100
3094 3101 uu_list_destroy(old_deps);
3095 3102 }
3096 3103
3097 3104 return (ret);
3098 3105 }
3099 3106
3100 3107 /*
3101 3108 * Set up v according to inst. That is, make sure it depends on its
3102 3109 * restarter and set up its dependencies. Send the ADD_INSTANCE command to
3103 3110 * the restarter, and send ENABLE or DISABLE as appropriate.
3104 3111 *
3105 3112 * Returns 0 on success, ECONNABORTED on repository disconnection, or
3106 3113 * ECANCELED if inst is deleted.
3107 3114 */
3108 3115 static int
3109 3116 configure_vertex(graph_vertex_t *v, scf_instance_t *inst)
3110 3117 {
3111 3118 scf_handle_t *h;
3112 3119 scf_propertygroup_t *pg;
3113 3120 scf_snapshot_t *snap;
3114 3121 char *restarter_fmri = startd_alloc(max_scf_value_size);
3115 3122 int enabled, enabled_ovr;
3116 3123 int err;
3117 3124 int *path;
3118 3125 int deathrow;
3119 3126 int32_t tset;
3120 3127
3121 3128 restarter_fmri[0] = '\0';
3122 3129
3123 3130 assert(MUTEX_HELD(&dgraph_lock));
3124 3131 assert(v->gv_type == GVT_INST);
3125 3132 assert((v->gv_flags & GV_CONFIGURED) == 0);
3126 3133
3127 3134 /* GV_INSUBGRAPH should already be set properly. */
3128 3135 assert(should_be_in_subgraph(v) ==
3129 3136 ((v->gv_flags & GV_INSUBGRAPH) != 0));
3130 3137
3131 3138 /*
3132 3139 * If the instance fmri is in the deathrow list then set the
3133 3140 * GV_DEATHROW flag on the vertex and create and set to true the
3134 3141 * SCF_PROPERTY_DEATHROW boolean property in the non-persistent
3135 3142 * repository for this instance fmri.
3136 3143 */
3137 3144 if ((v->gv_flags & GV_DEATHROW) ||
3138 3145 (is_fmri_in_deathrow(v->gv_name) == B_TRUE)) {
3139 3146 if ((v->gv_flags & GV_DEATHROW) == 0) {
3140 3147 /*
3141 3148 * Set flag GV_DEATHROW, create and set to true
3142 3149 * the SCF_PROPERTY_DEATHROW property in the
3143 3150 * non-persistent repository for this instance fmri.
3144 3151 */
3145 3152 v->gv_flags |= GV_DEATHROW;
3146 3153
3147 3154 switch (err = libscf_set_deathrow(inst, 1)) {
3148 3155 case 0:
3149 3156 break;
3150 3157
3151 3158 case ECONNABORTED:
3152 3159 case ECANCELED:
3153 3160 startd_free(restarter_fmri, max_scf_value_size);
3154 3161 return (err);
3155 3162
3156 3163 case EROFS:
3157 3164 log_error(LOG_WARNING, "Could not set %s/%s "
3158 3165 "for deathrow %s: %s.\n",
3159 3166 SCF_PG_DEATHROW, SCF_PROPERTY_DEATHROW,
3160 3167 v->gv_name, strerror(err));
3161 3168 break;
3162 3169
3163 3170 case EPERM:
3164 3171 uu_die("Permission denied.\n");
3165 3172 /* NOTREACHED */
3166 3173
3167 3174 default:
3168 3175 bad_error("libscf_set_deathrow", err);
3169 3176 }
3170 3177 log_framework(LOG_DEBUG, "Deathrow, graph set %s.\n",
3171 3178 v->gv_name);
3172 3179 }
3173 3180 startd_free(restarter_fmri, max_scf_value_size);
3174 3181 return (0);
3175 3182 }
3176 3183
3177 3184 h = scf_instance_handle(inst);
3178 3185
3179 3186 /*
3180 3187 * Using a temporary deathrow boolean property, set through
3181 3188 * libscf_set_deathrow(), only for fmris on deathrow, is necessary
3182 3189 * because deathrow_fini() may already have been called, and in case
3183 3190 * of a refresh, GV_DEATHROW may need to be set again.
3184 3191 * libscf_get_deathrow() sets deathrow to 1 only if this instance
3185 3192 * has a temporary boolean property named 'deathrow' valued true
3186 3193 * in a property group 'deathrow', -1 or 0 in all other cases.
3187 3194 */
3188 3195 err = libscf_get_deathrow(h, inst, &deathrow);
3189 3196 switch (err) {
3190 3197 case 0:
3191 3198 break;
3192 3199
3193 3200 case ECONNABORTED:
3194 3201 case ECANCELED:
3195 3202 startd_free(restarter_fmri, max_scf_value_size);
3196 3203 return (err);
3197 3204
3198 3205 default:
3199 3206 bad_error("libscf_get_deathrow", err);
3200 3207 }
3201 3208
3202 3209 if (deathrow == 1) {
3203 3210 v->gv_flags |= GV_DEATHROW;
3204 3211 startd_free(restarter_fmri, max_scf_value_size);
3205 3212 return (0);
3206 3213 }
3207 3214
3208 3215 log_framework(LOG_DEBUG, "Graph adding %s.\n", v->gv_name);
3209 3216
3210 3217 /*
3211 3218 * If the instance does not have a restarter property group,
3212 3219 * initialize its state to uninitialized/none, in case the restarter
3213 3220 * is not enabled.
3214 3221 */
3215 3222 pg = safe_scf_pg_create(h);
3216 3223
3217 3224 if (scf_instance_get_pg(inst, SCF_PG_RESTARTER, pg) != 0) {
3218 3225 instance_data_t idata;
3219 3226 uint_t count = 0, msecs = ALLOC_DELAY;
3220 3227
3221 3228 switch (scf_error()) {
3222 3229 case SCF_ERROR_NOT_FOUND:
3223 3230 break;
3224 3231
3225 3232 case SCF_ERROR_CONNECTION_BROKEN:
3226 3233 default:
3227 3234 scf_pg_destroy(pg);
3228 3235 startd_free(restarter_fmri, max_scf_value_size);
3229 3236 return (ECONNABORTED);
3230 3237
3231 3238 case SCF_ERROR_DELETED:
3232 3239 scf_pg_destroy(pg);
3233 3240 startd_free(restarter_fmri, max_scf_value_size);
3234 3241 return (ECANCELED);
3235 3242
3236 3243 case SCF_ERROR_NOT_SET:
3237 3244 bad_error("scf_instance_get_pg", scf_error());
3238 3245 }
3239 3246
3240 3247 switch (err = libscf_instance_get_fmri(inst,
3241 3248 (char **)&idata.i_fmri)) {
3242 3249 case 0:
3243 3250 break;
3244 3251
3245 3252 case ECONNABORTED:
3246 3253 case ECANCELED:
3247 3254 scf_pg_destroy(pg);
3248 3255 startd_free(restarter_fmri, max_scf_value_size);
3249 3256 return (err);
3250 3257
3251 3258 default:
3252 3259 bad_error("libscf_instance_get_fmri", err);
3253 3260 }
3254 3261
3255 3262 idata.i_state = RESTARTER_STATE_NONE;
3256 3263 idata.i_next_state = RESTARTER_STATE_NONE;
3257 3264
3258 3265 init_state:
3259 3266 switch (err = _restarter_commit_states(h, &idata,
3260 3267 RESTARTER_STATE_UNINIT, RESTARTER_STATE_NONE,
3261 3268 restarter_get_str_short(restarter_str_insert_in_graph))) {
3262 3269 case 0:
3263 3270 break;
3264 3271
3265 3272 case ENOMEM:
3266 3273 ++count;
3267 3274 if (count < ALLOC_RETRY) {
3268 3275 (void) poll(NULL, 0, msecs);
3269 3276 msecs *= ALLOC_DELAY_MULT;
3270 3277 goto init_state;
3271 3278 }
3272 3279
3273 3280 uu_die("Insufficient memory.\n");
3274 3281 /* NOTREACHED */
3275 3282
3276 3283 case ECONNABORTED:
3277 3284 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3278 3285 scf_pg_destroy(pg);
3279 3286 startd_free(restarter_fmri, max_scf_value_size);
3280 3287 return (ECONNABORTED);
3281 3288
3282 3289 case ENOENT:
3283 3290 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3284 3291 scf_pg_destroy(pg);
3285 3292 startd_free(restarter_fmri, max_scf_value_size);
3286 3293 return (ECANCELED);
3287 3294
3288 3295 case EPERM:
3289 3296 case EACCES:
3290 3297 case EROFS:
3291 3298 log_error(LOG_NOTICE, "Could not initialize state for "
3292 3299 "%s: %s.\n", idata.i_fmri, strerror(err));
3293 3300 break;
3294 3301
3295 3302 case EINVAL:
3296 3303 default:
3297 3304 bad_error("_restarter_commit_states", err);
3298 3305 }
3299 3306
3300 3307 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3301 3308 }
3302 3309
3303 3310 scf_pg_destroy(pg);
3304 3311
3305 3312 if (milestone != NULL) {
3306 3313 /*
3307 3314 * Make sure the enable-override is set properly before we
3308 3315 * read whether we should be enabled.
3309 3316 */
3310 3317 if (milestone == MILESTONE_NONE ||
3311 3318 !(v->gv_flags & GV_INSUBGRAPH)) {
3312 3319 /*
3313 3320 * This might seem unjustified after the milestone
3314 3321 * transition has completed (non_subgraph_svcs == 0),
3315 3322 * but it's important because when we boot to
3316 3323 * a milestone, we set the milestone before populating
3317 3324 * the graph, and all of the new non-subgraph services
3318 3325 * need to be disabled here.
3319 3326 */
3320 3327 switch (err = libscf_set_enable_ovr(inst, 0)) {
3321 3328 case 0:
3322 3329 break;
3323 3330
3324 3331 case ECONNABORTED:
3325 3332 case ECANCELED:
3326 3333 startd_free(restarter_fmri, max_scf_value_size);
3327 3334 return (err);
3328 3335
3329 3336 case EROFS:
3330 3337 log_error(LOG_WARNING,
3331 3338 "Could not set %s/%s for %s: %s.\n",
3332 3339 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
3333 3340 v->gv_name, strerror(err));
3334 3341 break;
3335 3342
3336 3343 case EPERM:
3337 3344 uu_die("Permission denied.\n");
3338 3345 /* NOTREACHED */
3339 3346
3340 3347 default:
3341 3348 bad_error("libscf_set_enable_ovr", err);
3342 3349 }
3343 3350 } else {
3344 3351 assert(v->gv_flags & GV_INSUBGRAPH);
3345 3352 switch (err = libscf_delete_enable_ovr(inst)) {
3346 3353 case 0:
3347 3354 break;
3348 3355
3349 3356 case ECONNABORTED:
3350 3357 case ECANCELED:
3351 3358 startd_free(restarter_fmri, max_scf_value_size);
3352 3359 return (err);
3353 3360
3354 3361 case EPERM:
3355 3362 uu_die("Permission denied.\n");
3356 3363 /* NOTREACHED */
3357 3364
3358 3365 default:
3359 3366 bad_error("libscf_delete_enable_ovr", err);
3360 3367 }
3361 3368 }
3362 3369 }
3363 3370
3364 3371 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
3365 3372 &enabled_ovr, &restarter_fmri);
3366 3373 switch (err) {
3367 3374 case 0:
3368 3375 break;
3369 3376
3370 3377 case ECONNABORTED:
3371 3378 case ECANCELED:
3372 3379 startd_free(restarter_fmri, max_scf_value_size);
3373 3380 return (err);
3374 3381
3375 3382 case ENOENT:
3376 3383 log_framework(LOG_DEBUG,
3377 3384 "Ignoring %s because it has no general property group.\n",
3378 3385 v->gv_name);
3379 3386 startd_free(restarter_fmri, max_scf_value_size);
3380 3387 return (0);
3381 3388
3382 3389 default:
3383 3390 bad_error("libscf_get_basic_instance_data", err);
3384 3391 }
3385 3392
3386 3393 if ((tset = libscf_get_stn_tset(inst)) == -1) {
3387 3394 log_framework(LOG_WARNING,
3388 3395 "Failed to get notification parameters for %s: %s\n",
3389 3396 v->gv_name, scf_strerror(scf_error()));
3390 3397 v->gv_stn_tset = 0;
3391 3398 } else {
3392 3399 v->gv_stn_tset = tset;
3393 3400 }
3394 3401 if (strcmp(v->gv_name, SCF_INSTANCE_GLOBAL) == 0)
3395 3402 stn_global = v->gv_stn_tset;
3396 3403
3397 3404 if (enabled == -1) {
3398 3405 startd_free(restarter_fmri, max_scf_value_size);
3399 3406 return (0);
3400 3407 }
3401 3408
3402 3409 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
3403 3410 (enabled ? GV_ENBLD_NOOVR : 0);
3404 3411
3405 3412 if (enabled_ovr != -1)
3406 3413 enabled = enabled_ovr;
3407 3414
3408 3415 v->gv_state = RESTARTER_STATE_UNINIT;
3409 3416
3410 3417 snap = libscf_get_or_make_running_snapshot(inst, v->gv_name, B_TRUE);
3411 3418 scf_snapshot_destroy(snap);
3412 3419
3413 3420 /* Set up the restarter. (Sends _ADD_INSTANCE on success.) */
3414 3421 err = graph_change_restarter(v, restarter_fmri, h, &path);
3415 3422 if (err != 0) {
3416 3423 instance_data_t idata;
3417 3424 uint_t count = 0, msecs = ALLOC_DELAY;
3418 3425 restarter_str_t reason;
3419 3426
3420 3427 if (err == ECONNABORTED) {
3421 3428 startd_free(restarter_fmri, max_scf_value_size);
3422 3429 return (err);
3423 3430 }
3424 3431
3425 3432 assert(err == EINVAL || err == ELOOP);
3426 3433
3427 3434 if (err == EINVAL) {
3428 3435 log_framework(LOG_ERR, emsg_invalid_restarter,
3429 3436 v->gv_name, restarter_fmri);
3430 3437 reason = restarter_str_invalid_restarter;
3431 3438 } else {
3432 3439 handle_cycle(v->gv_name, path);
3433 3440 reason = restarter_str_dependency_cycle;
3434 3441 }
3435 3442
3436 3443 startd_free(restarter_fmri, max_scf_value_size);
3437 3444
3438 3445 /*
3439 3446 * We didn't register the instance with the restarter, so we
3440 3447 * must set maintenance mode ourselves.
3441 3448 */
3442 3449 err = libscf_instance_get_fmri(inst, (char **)&idata.i_fmri);
3443 3450 if (err != 0) {
3444 3451 assert(err == ECONNABORTED || err == ECANCELED);
3445 3452 return (err);
3446 3453 }
3447 3454
3448 3455 idata.i_state = RESTARTER_STATE_NONE;
3449 3456 idata.i_next_state = RESTARTER_STATE_NONE;
3450 3457
3451 3458 set_maint:
3452 3459 switch (err = _restarter_commit_states(h, &idata,
3453 3460 RESTARTER_STATE_MAINT, RESTARTER_STATE_NONE,
3454 3461 restarter_get_str_short(reason))) {
3455 3462 case 0:
3456 3463 break;
3457 3464
3458 3465 case ENOMEM:
3459 3466 ++count;
3460 3467 if (count < ALLOC_RETRY) {
3461 3468 (void) poll(NULL, 0, msecs);
3462 3469 msecs *= ALLOC_DELAY_MULT;
3463 3470 goto set_maint;
3464 3471 }
3465 3472
3466 3473 uu_die("Insufficient memory.\n");
3467 3474 /* NOTREACHED */
3468 3475
3469 3476 case ECONNABORTED:
3470 3477 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3471 3478 return (ECONNABORTED);
3472 3479
3473 3480 case ENOENT:
3474 3481 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3475 3482 return (ECANCELED);
3476 3483
3477 3484 case EPERM:
3478 3485 case EACCES:
3479 3486 case EROFS:
3480 3487 log_error(LOG_NOTICE, "Could not initialize state for "
3481 3488 "%s: %s.\n", idata.i_fmri, strerror(err));
3482 3489 break;
3483 3490
3484 3491 case EINVAL:
3485 3492 default:
3486 3493 bad_error("_restarter_commit_states", err);
3487 3494 }
3488 3495
3489 3496 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3490 3497
3491 3498 v->gv_state = RESTARTER_STATE_MAINT;
3492 3499
3493 3500 goto out;
3494 3501 }
3495 3502 startd_free(restarter_fmri, max_scf_value_size);
3496 3503
3497 3504 /* Add all the other dependencies. */
3498 3505 err = refresh_vertex(v, inst);
3499 3506 if (err != 0) {
3500 3507 assert(err == ECONNABORTED);
3501 3508 return (err);
3502 3509 }
3503 3510
3504 3511 out:
3505 3512 v->gv_flags |= GV_CONFIGURED;
3506 3513
3507 3514 graph_enable_by_vertex(v, enabled, 0);
3508 3515
3509 3516 return (0);
3510 3517 }
3511 3518
3512 3519
3513 3520 static void
3514 3521 kill_user_procs(void)
3515 3522 {
3516 3523 (void) fputs("svc.startd: Killing user processes.\n", stdout);
3517 3524
3518 3525 /*
3519 3526 * Despite its name, killall's role is to get select user processes--
3520 3527 * basically those representing terminal-based logins-- to die. Victims
3521 3528 * are located by killall in the utmp database. Since these are most
3522 3529 * often shell based logins, and many shells mask SIGTERM (but are
3523 3530 * responsive to SIGHUP) we first HUP and then shortly thereafter
3524 3531 * kill -9.
3525 3532 */
3526 3533 (void) fork_with_timeout("/usr/sbin/killall HUP", 1, 5);
3527 3534 (void) fork_with_timeout("/usr/sbin/killall KILL", 1, 5);
3528 3535
3529 3536 /*
3530 3537 * Note the selection of user id's 0, 1 and 15, subsequently
3531 3538 * inverted by -v. 15 is reserved for dladmd. Yes, this is a
3532 3539 * kludge-- a better policy is needed.
3533 3540 *
3534 3541 * Note that fork_with_timeout will only wait out the 1 second
3535 3542 * "grace time" if pkill actually returns 0. So if there are
3536 3543 * no matches, this will run to completion much more quickly.
3537 3544 */
3538 3545 (void) fork_with_timeout("/usr/bin/pkill -TERM -v -u 0,1,15", 1, 5);
3539 3546 (void) fork_with_timeout("/usr/bin/pkill -KILL -v -u 0,1,15", 1, 5);
3540 3547 }
3541 3548
3542 3549 static void
3543 3550 do_uadmin(void)
3544 3551 {
3545 3552 const char * const resetting = "/etc/svc/volatile/resetting";
3546 3553 int fd;
3547 3554 struct statvfs vfs;
3548 3555 time_t now;
3549 3556 struct tm nowtm;
3550 3557 char down_buf[256], time_buf[256];
3551 3558 uintptr_t mdep;
3552 3559 #if defined(__x86)
3553 3560 char *fbarg = NULL;
3554 3561 #endif /* __x86 */
3555 3562
3556 3563 mdep = NULL;
3557 3564 fd = creat(resetting, 0777);
3558 3565 if (fd >= 0)
3559 3566 startd_close(fd);
3560 3567 else
3561 3568 uu_warn("Could not create \"%s\"", resetting);
3562 3569
3563 3570 /* Kill dhcpagent if we're not using nfs for root */
3564 3571 if ((statvfs("/", &vfs) == 0) &&
3565 3572 (strncmp(vfs.f_basetype, "nfs", sizeof ("nfs") - 1) != 0))
3566 3573 fork_with_timeout("/usr/bin/pkill -x -u 0 dhcpagent", 0, 5);
3567 3574
3568 3575 /*
3569 3576 * Call sync(2) now, before we kill off user processes. This takes
3570 3577 * advantage of the several seconds of pause we have before the
3571 3578 * killalls are done. Time we can make good use of to get pages
3572 3579 * moving out to disk.
3573 3580 *
3574 3581 * Inside non-global zones, we don't bother, and it's better not to
3575 3582 * anyway, since sync(2) can have system-wide impact.
3576 3583 */
3577 3584 if (getzoneid() == 0)
3578 3585 sync();
3579 3586
3580 3587 kill_user_procs();
3581 3588
3582 3589 /*
3583 3590 * Note that this must come after the killing of user procs, since
3584 3591 * killall relies on utmpx, and this command affects the contents of
3585 3592 * said file.
3586 3593 */
3587 3594 if (access("/usr/lib/acct/closewtmp", X_OK) == 0)
3588 3595 fork_with_timeout("/usr/lib/acct/closewtmp", 0, 5);
3589 3596
3590 3597 /*
3591 3598 * For patches which may be installed as the system is shutting
3592 3599 * down, we need to ensure, one more time, that the boot archive
3593 3600 * really is up to date.
3594 3601 */
3595 3602 if (getzoneid() == 0 && access("/usr/sbin/bootadm", X_OK) == 0)
3596 3603 fork_with_timeout("/usr/sbin/bootadm -ea update_all", 0, 3600);
3597 3604
3598 3605 /*
3599 3606 * Right now, fast reboot is supported only on i386.
3600 3607 * scf_is_fastboot_default() should take care of it.
3601 3608 * If somehow we got there on unsupported platform -
3602 3609 * print warning and fall back to regular reboot.
3603 3610 */
3604 3611 if (halting == AD_FASTREBOOT) {
3605 3612 #if defined(__x86)
3606 3613 if (be_get_boot_args(&fbarg, BE_ENTRY_DEFAULT) == 0) {
3607 3614 mdep = (uintptr_t)fbarg;
3608 3615 } else {
3609 3616 /*
3610 3617 * Failed to read BE info, fall back to normal reboot
3611 3618 */
3612 3619 halting = AD_BOOT;
3613 3620 uu_warn("Failed to get fast reboot arguments.\n"
3614 3621 "Falling back to regular reboot.\n");
3615 3622 }
3616 3623 #else /* __x86 */
3617 3624 halting = AD_BOOT;
3618 3625 uu_warn("Fast reboot configured, but not supported by "
3619 3626 "this ISA\n");
3620 3627 #endif /* __x86 */
3621 3628 }
3622 3629
3623 3630 fork_with_timeout("/sbin/umountall -l", 0, 5);
3624 3631 fork_with_timeout("/sbin/umount /tmp /var/adm /var/run /var "
3625 3632 ">/dev/null 2>&1", 0, 5);
3626 3633
3627 3634 /*
3628 3635 * Try to get to consistency for whatever UFS filesystems are left.
3629 3636 * This is pretty expensive, so we save it for the end in the hopes of
3630 3637 * minimizing what it must do. The other option would be to start in
3631 3638 * parallel with the killall's, but lockfs tends to throw out much more
3632 3639 * than is needed, and so subsequent commands (like umountall) take a
3633 3640 * long time to get going again.
3634 3641 *
3635 3642 * Inside of zones, we don't bother, since we're not about to terminate
3636 3643 * the whole OS instance.
3637 3644 *
3638 3645 * On systems using only ZFS, this call to lockfs -fa is a no-op.
3639 3646 */
3640 3647 if (getzoneid() == 0) {
3641 3648 if (access("/usr/sbin/lockfs", X_OK) == 0)
3642 3649 fork_with_timeout("/usr/sbin/lockfs -fa", 0, 30);
3643 3650
3644 3651 sync(); /* once more, with feeling */
3645 3652 }
3646 3653
3647 3654 fork_with_timeout("/sbin/umount /usr >/dev/null 2>&1", 0, 5);
3648 3655
3649 3656 /*
3650 3657 * Construct and emit the last words from userland:
3651 3658 * "<timestamp> The system is down. Shutdown took <N> seconds."
3652 3659 *
3653 3660 * Normally we'd use syslog, but with /var and other things
3654 3661 * potentially gone, try to minimize the external dependencies.
3655 3662 */
3656 3663 now = time(NULL);
3657 3664 (void) localtime_r(&now, &nowtm);
3658 3665
3659 3666 if (strftime(down_buf, sizeof (down_buf),
3660 3667 "%b %e %T The system is down.", &nowtm) == 0) {
3661 3668 (void) strlcpy(down_buf, "The system is down.",
3662 3669 sizeof (down_buf));
3663 3670 }
3664 3671
3665 3672 if (halting_time != 0 && halting_time <= now) {
3666 3673 (void) snprintf(time_buf, sizeof (time_buf),
3667 3674 " Shutdown took %lu seconds.", now - halting_time);
3668 3675 } else {
3669 3676 time_buf[0] = '\0';
3670 3677 }
3671 3678 (void) printf("%s%s\n", down_buf, time_buf);
3672 3679
3673 3680 (void) uadmin(A_SHUTDOWN, halting, mdep);
3674 3681 uu_warn("uadmin() failed");
3675 3682
3676 3683 #if defined(__x86)
3677 3684 if (halting == AD_FASTREBOOT)
3678 3685 free(fbarg);
3679 3686 #endif /* __x86 */
3680 3687
3681 3688 if (remove(resetting) != 0 && errno != ENOENT)
3682 3689 uu_warn("Could not remove \"%s\"", resetting);
3683 3690 }
3684 3691
3685 3692 /*
3686 3693 * If any of the up_svcs[] are online or satisfiable, return true. If they are
3687 3694 * all missing, disabled, in maintenance, or unsatisfiable, return false.
3688 3695 */
3689 3696 boolean_t
3690 3697 can_come_up(void)
3691 3698 {
3692 3699 int i;
3693 3700
3694 3701 assert(MUTEX_HELD(&dgraph_lock));
3695 3702
3696 3703 /*
3697 3704 * If we are booting to single user (boot -s),
3698 3705 * SCF_MILESTONE_SINGLE_USER is needed to come up because startd
3699 3706 * spawns sulogin after single-user is online (see specials.c).
3700 3707 */
3701 3708 i = (booting_to_single_user ? 0 : 1);
3702 3709
3703 3710 for (; up_svcs[i] != NULL; ++i) {
3704 3711 if (up_svcs_p[i] == NULL) {
3705 3712 up_svcs_p[i] = vertex_get_by_name(up_svcs[i]);
3706 3713
3707 3714 if (up_svcs_p[i] == NULL)
3708 3715 continue;
3709 3716 }
3710 3717
3711 3718 /*
3712 3719 * Ignore unconfigured services (the ones that have been
3713 3720 * mentioned in a dependency from other services, but do
3714 3721 * not exist in the repository). Services which exist
3715 3722 * in the repository but don't have general/enabled
3716 3723 * property will be also ignored.
3717 3724 */
3718 3725 if (!(up_svcs_p[i]->gv_flags & GV_CONFIGURED))
3719 3726 continue;
3720 3727
3721 3728 switch (up_svcs_p[i]->gv_state) {
3722 3729 case RESTARTER_STATE_ONLINE:
3723 3730 case RESTARTER_STATE_DEGRADED:
3724 3731 /*
3725 3732 * Deactivate verbose boot once a login service has been
3726 3733 * reached.
3727 3734 */
3728 3735 st->st_log_login_reached = 1;
3729 3736 /*FALLTHROUGH*/
3730 3737 case RESTARTER_STATE_UNINIT:
3731 3738 return (B_TRUE);
3732 3739
3733 3740 case RESTARTER_STATE_OFFLINE:
3734 3741 if (instance_satisfied(up_svcs_p[i], B_TRUE) != -1)
3735 3742 return (B_TRUE);
3736 3743 log_framework(LOG_DEBUG,
3737 3744 "can_come_up(): %s is unsatisfiable.\n",
3738 3745 up_svcs_p[i]->gv_name);
3739 3746 continue;
3740 3747
3741 3748 case RESTARTER_STATE_DISABLED:
3742 3749 case RESTARTER_STATE_MAINT:
3743 3750 log_framework(LOG_DEBUG,
3744 3751 "can_come_up(): %s is in state %s.\n",
3745 3752 up_svcs_p[i]->gv_name,
3746 3753 instance_state_str[up_svcs_p[i]->gv_state]);
3747 3754 continue;
3748 3755
3749 3756 default:
3750 3757 #ifndef NDEBUG
3751 3758 uu_warn("%s:%d: Unexpected vertex state %d.\n",
3752 3759 __FILE__, __LINE__, up_svcs_p[i]->gv_state);
3753 3760 #endif
3754 3761 abort();
3755 3762 }
3756 3763 }
3757 3764
3758 3765 /*
3759 3766 * In the seed repository, console-login is unsatisfiable because
3760 3767 * services are missing. To behave correctly in that case we don't want
3761 3768 * to return false until manifest-import is online.
3762 3769 */
3763 3770
3764 3771 if (manifest_import_p == NULL) {
3765 3772 manifest_import_p = vertex_get_by_name(manifest_import);
3766 3773
3767 3774 if (manifest_import_p == NULL)
3768 3775 return (B_FALSE);
3769 3776 }
3770 3777
3771 3778 switch (manifest_import_p->gv_state) {
3772 3779 case RESTARTER_STATE_ONLINE:
3773 3780 case RESTARTER_STATE_DEGRADED:
3774 3781 case RESTARTER_STATE_DISABLED:
3775 3782 case RESTARTER_STATE_MAINT:
3776 3783 break;
3777 3784
3778 3785 case RESTARTER_STATE_OFFLINE:
3779 3786 if (instance_satisfied(manifest_import_p, B_TRUE) == -1)
3780 3787 break;
3781 3788 /* FALLTHROUGH */
3782 3789
3783 3790 case RESTARTER_STATE_UNINIT:
3784 3791 return (B_TRUE);
3785 3792 }
3786 3793
3787 3794 return (B_FALSE);
3788 3795 }
3789 3796
3790 3797 /*
3791 3798 * Runs sulogin. Returns
3792 3799 * 0 - success
3793 3800 * EALREADY - sulogin is already running
3794 3801 * EBUSY - console-login is running
3795 3802 */
3796 3803 static int
3797 3804 run_sulogin(const char *msg)
3798 3805 {
3799 3806 graph_vertex_t *v;
3800 3807
3801 3808 assert(MUTEX_HELD(&dgraph_lock));
3802 3809
3803 3810 if (sulogin_running)
3804 3811 return (EALREADY);
3805 3812
3806 3813 v = vertex_get_by_name(console_login_fmri);
3807 3814 if (v != NULL && inst_running(v))
3808 3815 return (EBUSY);
3809 3816
3810 3817 sulogin_running = B_TRUE;
3811 3818
3812 3819 MUTEX_UNLOCK(&dgraph_lock);
3813 3820
3814 3821 fork_sulogin(B_FALSE, msg);
3815 3822
3816 3823 MUTEX_LOCK(&dgraph_lock);
3817 3824
3818 3825 sulogin_running = B_FALSE;
3819 3826
3820 3827 if (console_login_ready) {
3821 3828 v = vertex_get_by_name(console_login_fmri);
3822 3829
3823 3830 if (v != NULL && v->gv_state == RESTARTER_STATE_OFFLINE) {
3824 3831 if (v->gv_start_f == NULL)
3825 3832 vertex_send_event(v,
3826 3833 RESTARTER_EVENT_TYPE_START);
3827 3834 else
3828 3835 v->gv_start_f(v);
3829 3836 }
3830 3837
3831 3838 console_login_ready = B_FALSE;
3832 3839 }
3833 3840
3834 3841 return (0);
3835 3842 }
3836 3843
3837 3844 /*
3838 3845 * The sulogin thread runs sulogin while can_come_up() is false. run_sulogin()
3839 3846 * keeps sulogin from stepping on console-login's toes.
3840 3847 */
3841 3848 /* ARGSUSED */
3842 3849 static void *
3843 3850 sulogin_thread(void *unused)
3844 3851 {
3845 3852 MUTEX_LOCK(&dgraph_lock);
3846 3853
3847 3854 assert(sulogin_thread_running);
3848 3855
3849 3856 do {
3850 3857 (void) run_sulogin("Console login service(s) cannot run\n");
3851 3858 } while (!can_come_up());
3852 3859
3853 3860 sulogin_thread_running = B_FALSE;
3854 3861 MUTEX_UNLOCK(&dgraph_lock);
3855 3862
3856 3863 return (NULL);
3857 3864 }
3858 3865
3859 3866 /* ARGSUSED */
3860 3867 void *
3861 3868 single_user_thread(void *unused)
3862 3869 {
3863 3870 uint_t left;
3864 3871 scf_handle_t *h;
3865 3872 scf_instance_t *inst;
3866 3873 scf_property_t *prop;
3867 3874 scf_value_t *val;
3868 3875 const char *msg;
3869 3876 char *buf;
3870 3877 int r;
3871 3878
3872 3879 MUTEX_LOCK(&single_user_thread_lock);
3873 3880 single_user_thread_count++;
3874 3881
3875 3882 if (!booting_to_single_user)
3876 3883 kill_user_procs();
3877 3884
3878 3885 if (go_single_user_mode || booting_to_single_user) {
3879 3886 msg = "SINGLE USER MODE\n";
3880 3887 } else {
3881 3888 assert(go_to_level1);
3882 3889
3883 3890 fork_rc_script('1', "start", B_TRUE);
3884 3891
3885 3892 uu_warn("The system is ready for administration.\n");
3886 3893
3887 3894 msg = "";
3888 3895 }
3889 3896
3890 3897 MUTEX_UNLOCK(&single_user_thread_lock);
3891 3898
3892 3899 for (;;) {
3893 3900 MUTEX_LOCK(&dgraph_lock);
3894 3901 r = run_sulogin(msg);
3895 3902 MUTEX_UNLOCK(&dgraph_lock);
3896 3903 if (r == 0)
3897 3904 break;
3898 3905
3899 3906 assert(r == EALREADY || r == EBUSY);
3900 3907
3901 3908 left = 3;
3902 3909 while (left > 0)
3903 3910 left = sleep(left);
3904 3911 }
3905 3912
3906 3913 MUTEX_LOCK(&single_user_thread_lock);
3907 3914
3908 3915 /*
3909 3916 * If another single user thread has started, let it finish changing
3910 3917 * the run level.
3911 3918 */
3912 3919 if (single_user_thread_count > 1) {
3913 3920 single_user_thread_count--;
3914 3921 MUTEX_UNLOCK(&single_user_thread_lock);
3915 3922 return (NULL);
3916 3923 }
3917 3924
3918 3925 h = libscf_handle_create_bound_loop();
3919 3926 inst = scf_instance_create(h);
3920 3927 prop = safe_scf_property_create(h);
3921 3928 val = safe_scf_value_create(h);
3922 3929 buf = startd_alloc(max_scf_fmri_size);
3923 3930
3924 3931 lookup:
3925 3932 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
3926 3933 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
3927 3934 switch (scf_error()) {
3928 3935 case SCF_ERROR_NOT_FOUND:
3929 3936 r = libscf_create_self(h);
3930 3937 if (r == 0)
3931 3938 goto lookup;
3932 3939 assert(r == ECONNABORTED);
3933 3940 /* FALLTHROUGH */
3934 3941
3935 3942 case SCF_ERROR_CONNECTION_BROKEN:
3936 3943 libscf_handle_rebind(h);
3937 3944 goto lookup;
3938 3945
3939 3946 case SCF_ERROR_INVALID_ARGUMENT:
3940 3947 case SCF_ERROR_CONSTRAINT_VIOLATED:
3941 3948 case SCF_ERROR_NOT_BOUND:
3942 3949 case SCF_ERROR_HANDLE_MISMATCH:
3943 3950 default:
3944 3951 bad_error("scf_handle_decode_fmri", scf_error());
3945 3952 }
3946 3953 }
3947 3954
3948 3955 MUTEX_LOCK(&dgraph_lock);
3949 3956
3950 3957 r = scf_instance_delete_prop(inst, SCF_PG_OPTIONS_OVR,
3951 3958 SCF_PROPERTY_MILESTONE);
3952 3959 switch (r) {
3953 3960 case 0:
3954 3961 case ECANCELED:
3955 3962 break;
3956 3963
3957 3964 case ECONNABORTED:
3958 3965 MUTEX_UNLOCK(&dgraph_lock);
3959 3966 libscf_handle_rebind(h);
3960 3967 goto lookup;
3961 3968
3962 3969 case EPERM:
3963 3970 case EACCES:
3964 3971 case EROFS:
3965 3972 log_error(LOG_WARNING, "Could not clear temporary milestone: "
3966 3973 "%s.\n", strerror(r));
3967 3974 break;
3968 3975
3969 3976 default:
3970 3977 bad_error("scf_instance_delete_prop", r);
3971 3978 }
3972 3979
3973 3980 MUTEX_UNLOCK(&dgraph_lock);
3974 3981
3975 3982 r = libscf_get_milestone(inst, prop, val, buf, max_scf_fmri_size);
3976 3983 switch (r) {
3977 3984 case ECANCELED:
3978 3985 case ENOENT:
3979 3986 case EINVAL:
3980 3987 (void) strcpy(buf, "all");
3981 3988 /* FALLTHROUGH */
3982 3989
3983 3990 case 0:
3984 3991 uu_warn("Returning to milestone %s.\n", buf);
3985 3992 break;
3986 3993
3987 3994 case ECONNABORTED:
3988 3995 libscf_handle_rebind(h);
3989 3996 goto lookup;
3990 3997
3991 3998 default:
3992 3999 bad_error("libscf_get_milestone", r);
3993 4000 }
3994 4001
3995 4002 r = dgraph_set_milestone(buf, h, B_FALSE);
3996 4003 switch (r) {
3997 4004 case 0:
3998 4005 case ECONNRESET:
3999 4006 case EALREADY:
4000 4007 case EINVAL:
4001 4008 case ENOENT:
4002 4009 break;
4003 4010
4004 4011 default:
4005 4012 bad_error("dgraph_set_milestone", r);
4006 4013 }
4007 4014
4008 4015 /*
4009 4016 * See graph_runlevel_changed().
4010 4017 */
4011 4018 MUTEX_LOCK(&dgraph_lock);
4012 4019 utmpx_set_runlevel(target_milestone_as_runlevel(), 'S', B_TRUE);
4013 4020 MUTEX_UNLOCK(&dgraph_lock);
4014 4021
4015 4022 startd_free(buf, max_scf_fmri_size);
4016 4023 scf_value_destroy(val);
4017 4024 scf_property_destroy(prop);
4018 4025 scf_instance_destroy(inst);
4019 4026 scf_handle_destroy(h);
4020 4027
4021 4028 /*
4022 4029 * We'll give ourselves 3 seconds to respond to all of the enablings
4023 4030 * that setting the milestone should have created before checking
4024 4031 * whether to run sulogin.
4025 4032 */
4026 4033 left = 3;
4027 4034 while (left > 0)
4028 4035 left = sleep(left);
4029 4036
4030 4037 MUTEX_LOCK(&dgraph_lock);
4031 4038 /*
4032 4039 * Clearing these variables will allow the sulogin thread to run. We
4033 4040 * check here in case there aren't any more state updates anytime soon.
4034 4041 */
4035 4042 go_to_level1 = go_single_user_mode = booting_to_single_user = B_FALSE;
4036 4043 if (!sulogin_thread_running && !can_come_up()) {
4037 4044 (void) startd_thread_create(sulogin_thread, NULL);
4038 4045 sulogin_thread_running = B_TRUE;
4039 4046 }
4040 4047 MUTEX_UNLOCK(&dgraph_lock);
4041 4048 single_user_thread_count--;
4042 4049 MUTEX_UNLOCK(&single_user_thread_lock);
4043 4050 return (NULL);
4044 4051 }
4045 4052
4046 4053
4047 4054 /*
4048 4055 * Dependency graph operations API. These are handle-independent thread-safe
4049 4056 * graph manipulation functions which are the entry points for the event
4050 4057 * threads below.
4051 4058 */
4052 4059
4053 4060 /*
4054 4061 * If a configured vertex exists for inst_fmri, return EEXIST. If no vertex
4055 4062 * exists for inst_fmri, add one. Then fetch the restarter from inst, make
4056 4063 * this vertex dependent on it, and send _ADD_INSTANCE to the restarter.
4057 4064 * Fetch whether the instance should be enabled from inst and send _ENABLE or
4058 4065 * _DISABLE as appropriate. Finally rummage through inst's dependency
4059 4066 * property groups and add vertices and edges as appropriate. If anything
4060 4067 * goes wrong after sending _ADD_INSTANCE, send _ADMIN_MAINT_ON to put the
4061 4068 * instance in maintenance. Don't send _START or _STOP until we get a state
4062 4069 * update in case we're being restarted and the service is already running.
4063 4070 *
4064 4071 * To support booting to a milestone, we must also make sure all dependencies
4065 4072 * encountered are configured, if they exist in the repository.
4066 4073 *
4067 4074 * Returns 0 on success, ECONNABORTED on repository disconnection, EINVAL if
4068 4075 * inst_fmri is an invalid (or not canonical) FMRI, ECANCELED if inst is
4069 4076 * deleted, or EEXIST if a configured vertex for inst_fmri already exists.
4070 4077 */
4071 4078 int
4072 4079 dgraph_add_instance(const char *inst_fmri, scf_instance_t *inst,
4073 4080 boolean_t lock_graph)
4074 4081 {
4075 4082 graph_vertex_t *v;
4076 4083 int err;
4077 4084
4078 4085 if (strcmp(inst_fmri, SCF_SERVICE_STARTD) == 0)
4079 4086 return (0);
4080 4087
4081 4088 /* Check for a vertex for inst_fmri. */
4082 4089 if (lock_graph) {
4083 4090 MUTEX_LOCK(&dgraph_lock);
4084 4091 } else {
4085 4092 assert(MUTEX_HELD(&dgraph_lock));
4086 4093 }
4087 4094
4088 4095 v = vertex_get_by_name(inst_fmri);
4089 4096
4090 4097 if (v != NULL) {
4091 4098 assert(v->gv_type == GVT_INST);
4092 4099
4093 4100 if (v->gv_flags & GV_CONFIGURED) {
4094 4101 if (lock_graph)
4095 4102 MUTEX_UNLOCK(&dgraph_lock);
4096 4103 return (EEXIST);
4097 4104 }
4098 4105 } else {
4099 4106 /* Add the vertex. */
4100 4107 err = graph_insert_vertex_unconfigured(inst_fmri, GVT_INST, 0,
4101 4108 RERR_NONE, &v);
4102 4109 if (err != 0) {
4103 4110 assert(err == EINVAL);
4104 4111 if (lock_graph)
4105 4112 MUTEX_UNLOCK(&dgraph_lock);
4106 4113 return (EINVAL);
4107 4114 }
4108 4115 }
4109 4116
4110 4117 err = configure_vertex(v, inst);
4111 4118
4112 4119 if (lock_graph)
4113 4120 MUTEX_UNLOCK(&dgraph_lock);
4114 4121
4115 4122 return (err);
4116 4123 }
4117 4124
4118 4125 /*
4119 4126 * Locate the vertex for this property group's instance. If it doesn't exist
4120 4127 * or is unconfigured, call dgraph_add_instance() & return. Otherwise fetch
4121 4128 * the restarter for the instance, and if it has changed, send
4122 4129 * _REMOVE_INSTANCE to the old restarter, remove the dependency, make sure the
4123 4130 * new restarter has a vertex, add a new dependency, and send _ADD_INSTANCE to
4124 4131 * the new restarter. Then fetch whether the instance should be enabled, and
4125 4132 * if it is different from what we had, or if we changed the restarter, send
4126 4133 * the appropriate _ENABLE or _DISABLE command.
4127 4134 *
4128 4135 * Returns 0 on success, ENOTSUP if the pg's parent is not an instance,
4129 4136 * ECONNABORTED on repository disconnection, ECANCELED if the instance is
4130 4137 * deleted, or -1 if the instance's general property group is deleted or if
4131 4138 * its enabled property is misconfigured.
4132 4139 */
4133 4140 static int
4134 4141 dgraph_update_general(scf_propertygroup_t *pg)
4135 4142 {
4136 4143 scf_handle_t *h;
4137 4144 scf_instance_t *inst;
4138 4145 char *fmri;
4139 4146 char *restarter_fmri;
4140 4147 graph_vertex_t *v;
4141 4148 int err;
4142 4149 int enabled, enabled_ovr;
4143 4150 int oldflags;
4144 4151
4145 4152 /* Find the vertex for this service */
4146 4153 h = scf_pg_handle(pg);
4147 4154
4148 4155 inst = safe_scf_instance_create(h);
4149 4156
4150 4157 if (scf_pg_get_parent_instance(pg, inst) != 0) {
4151 4158 switch (scf_error()) {
4152 4159 case SCF_ERROR_CONSTRAINT_VIOLATED:
4153 4160 return (ENOTSUP);
4154 4161
4155 4162 case SCF_ERROR_CONNECTION_BROKEN:
4156 4163 default:
4157 4164 return (ECONNABORTED);
4158 4165
4159 4166 case SCF_ERROR_DELETED:
4160 4167 return (0);
4161 4168
4162 4169 case SCF_ERROR_NOT_SET:
4163 4170 bad_error("scf_pg_get_parent_instance", scf_error());
4164 4171 }
4165 4172 }
4166 4173
4167 4174 err = libscf_instance_get_fmri(inst, &fmri);
4168 4175 switch (err) {
4169 4176 case 0:
4170 4177 break;
4171 4178
4172 4179 case ECONNABORTED:
4173 4180 scf_instance_destroy(inst);
4174 4181 return (ECONNABORTED);
4175 4182
4176 4183 case ECANCELED:
4177 4184 scf_instance_destroy(inst);
4178 4185 return (0);
4179 4186
4180 4187 default:
4181 4188 bad_error("libscf_instance_get_fmri", err);
4182 4189 }
4183 4190
4184 4191 log_framework(LOG_DEBUG,
4185 4192 "Graph engine: Reloading general properties for %s.\n", fmri);
4186 4193
4187 4194 MUTEX_LOCK(&dgraph_lock);
4188 4195
4189 4196 v = vertex_get_by_name(fmri);
4190 4197 if (v == NULL || !(v->gv_flags & GV_CONFIGURED)) {
4191 4198 /* Will get the up-to-date properties. */
4192 4199 MUTEX_UNLOCK(&dgraph_lock);
4193 4200 err = dgraph_add_instance(fmri, inst, B_TRUE);
4194 4201 startd_free(fmri, max_scf_fmri_size);
4195 4202 scf_instance_destroy(inst);
4196 4203 return (err == ECANCELED ? 0 : err);
4197 4204 }
4198 4205
4199 4206 /* Read enabled & restarter from repository. */
4200 4207 restarter_fmri = startd_alloc(max_scf_value_size);
4201 4208 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
4202 4209 &enabled_ovr, &restarter_fmri);
4203 4210 if (err != 0 || enabled == -1) {
4204 4211 MUTEX_UNLOCK(&dgraph_lock);
4205 4212 scf_instance_destroy(inst);
4206 4213 startd_free(fmri, max_scf_fmri_size);
4207 4214
4208 4215 switch (err) {
4209 4216 case ENOENT:
4210 4217 case 0:
4211 4218 startd_free(restarter_fmri, max_scf_value_size);
4212 4219 return (-1);
4213 4220
4214 4221 case ECONNABORTED:
4215 4222 case ECANCELED:
4216 4223 startd_free(restarter_fmri, max_scf_value_size);
4217 4224 return (err);
4218 4225
4219 4226 default:
4220 4227 bad_error("libscf_get_basic_instance_data", err);
4221 4228 }
4222 4229 }
4223 4230
4224 4231 oldflags = v->gv_flags;
4225 4232 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
4226 4233 (enabled ? GV_ENBLD_NOOVR : 0);
4227 4234
4228 4235 if (enabled_ovr != -1)
4229 4236 enabled = enabled_ovr;
4230 4237
4231 4238 /*
4232 4239 * If GV_ENBLD_NOOVR has changed, then we need to re-evaluate the
4233 4240 * subgraph.
4234 4241 */
4235 4242 if (milestone > MILESTONE_NONE && v->gv_flags != oldflags)
4236 4243 (void) eval_subgraph(v, h);
4237 4244
4238 4245 scf_instance_destroy(inst);
4239 4246
4240 4247 /* Ignore restarter change for now. */
4241 4248
4242 4249 startd_free(restarter_fmri, max_scf_value_size);
4243 4250 startd_free(fmri, max_scf_fmri_size);
4244 4251
4245 4252 /*
4246 4253 * Always send _ENABLE or _DISABLE. We could avoid this if the
4247 4254 * restarter didn't change and the enabled value didn't change, but
4248 4255 * that's not easy to check and improbable anyway, so we'll just do
4249 4256 * this.
4250 4257 */
4251 4258 graph_enable_by_vertex(v, enabled, 1);
4252 4259
4253 4260 MUTEX_UNLOCK(&dgraph_lock);
4254 4261
4255 4262 return (0);
4256 4263 }
4257 4264
4258 4265 /*
4259 4266 * Delete all of the property group dependencies of v, update inst's running
4260 4267 * snapshot, and add the dependencies in the new snapshot. If any of the new
4261 4268 * dependencies would create a cycle, send _ADMIN_MAINT_ON. Otherwise
4262 4269 * reevaluate v's dependencies, send _START or _STOP as appropriate, and do
4263 4270 * the same for v's dependents.
4264 4271 *
4265 4272 * Returns
4266 4273 * 0 - success
4267 4274 * ECONNABORTED - repository connection broken
4268 4275 * ECANCELED - inst was deleted
4269 4276 * EINVAL - inst is invalid (e.g., missing general/enabled)
4270 4277 * -1 - libscf_snapshots_refresh() failed
4271 4278 */
4272 4279 static int
4273 4280 dgraph_refresh_instance(graph_vertex_t *v, scf_instance_t *inst)
4274 4281 {
4275 4282 int r;
4276 4283 int enabled;
4277 4284 int32_t tset;
4278 4285
4279 4286 assert(MUTEX_HELD(&dgraph_lock));
4280 4287 assert(v->gv_type == GVT_INST);
4281 4288
4282 4289 /* Only refresh services with valid general/enabled properties. */
4283 4290 r = libscf_get_basic_instance_data(scf_instance_handle(inst), inst,
4284 4291 v->gv_name, &enabled, NULL, NULL);
4285 4292 switch (r) {
4286 4293 case 0:
4287 4294 break;
4288 4295
4289 4296 case ECONNABORTED:
4290 4297 case ECANCELED:
4291 4298 return (r);
4292 4299
4293 4300 case ENOENT:
4294 4301 log_framework(LOG_DEBUG,
4295 4302 "Ignoring %s because it has no general property group.\n",
4296 4303 v->gv_name);
4297 4304 return (EINVAL);
4298 4305
4299 4306 default:
4300 4307 bad_error("libscf_get_basic_instance_data", r);
4301 4308 }
4302 4309
4303 4310 if ((tset = libscf_get_stn_tset(inst)) == -1) {
4304 4311 log_framework(LOG_WARNING,
4305 4312 "Failed to get notification parameters for %s: %s\n",
4306 4313 v->gv_name, scf_strerror(scf_error()));
4307 4314 tset = 0;
4308 4315 }
4309 4316 v->gv_stn_tset = tset;
4310 4317 if (strcmp(v->gv_name, SCF_INSTANCE_GLOBAL) == 0)
4311 4318 stn_global = tset;
4312 4319
4313 4320 if (enabled == -1)
4314 4321 return (EINVAL);
4315 4322
4316 4323 r = libscf_snapshots_refresh(inst, v->gv_name);
4317 4324 if (r != 0) {
4318 4325 if (r != -1)
4319 4326 bad_error("libscf_snapshots_refresh", r);
4320 4327
4321 4328 /* error logged */
4322 4329 return (r);
4323 4330 }
4324 4331
4325 4332 r = refresh_vertex(v, inst);
4326 4333 if (r != 0 && r != ECONNABORTED)
4327 4334 bad_error("refresh_vertex", r);
4328 4335 return (r);
4329 4336 }
4330 4337
4331 4338 /*
4332 4339 * Returns true only if none of this service's dependents are 'up' -- online
4333 4340 * or degraded (offline is considered down in this situation). This function
4334 4341 * is somehow similar to is_nonsubgraph_leaf() but works on subtrees.
4335 4342 */
4336 4343 static boolean_t
4337 4344 insubtree_dependents_down(graph_vertex_t *v)
4338 4345 {
4339 4346 graph_vertex_t *vv;
4340 4347 graph_edge_t *e;
4341 4348
4342 4349 assert(MUTEX_HELD(&dgraph_lock));
4343 4350
4344 4351 for (e = uu_list_first(v->gv_dependents); e != NULL;
4345 4352 e = uu_list_next(v->gv_dependents, e)) {
4346 4353 vv = e->ge_vertex;
4347 4354 if (vv->gv_type == GVT_INST) {
4348 4355 if ((vv->gv_flags & GV_CONFIGURED) == 0)
4349 4356 continue;
4350 4357
|
↓ open down ↓ |
2547 lines elided |
↑ open up ↑ |
4351 4358 if ((vv->gv_flags & GV_TOOFFLINE) == 0)
4352 4359 continue;
4353 4360
4354 4361 if ((vv->gv_state == RESTARTER_STATE_ONLINE) ||
4355 4362 (vv->gv_state == RESTARTER_STATE_DEGRADED))
4356 4363 return (B_FALSE);
4357 4364 } else {
4358 4365 /*
4359 4366 * Skip all excluded dependents and decide whether
4360 4367 * to offline the service based on the restart_on
4361 - * on attribute.
4368 + * attribute.
4362 4369 */
4363 4370 if (is_depgrp_bypassed(vv))
4364 4371 continue;
4365 4372
4366 4373 /*
4367 4374 * For dependency groups or service vertices, keep
4368 4375 * traversing to see if instances are running.
4369 4376 */
4370 4377 if (insubtree_dependents_down(vv) == B_FALSE)
4371 4378 return (B_FALSE);
4372 4379 }
4373 4380 }
4374 4381
4375 4382 return (B_TRUE);
4376 4383 }
4377 4384
4378 4385 /*
4379 4386 * Returns true only if none of this service's dependents are 'up' -- online,
4380 4387 * degraded, or offline.
4381 4388 */
4382 4389 static int
4383 4390 is_nonsubgraph_leaf(graph_vertex_t *v)
4384 4391 {
4385 4392 graph_vertex_t *vv;
4386 4393 graph_edge_t *e;
4387 4394
4388 4395 assert(MUTEX_HELD(&dgraph_lock));
4389 4396
4390 4397 for (e = uu_list_first(v->gv_dependents);
4391 4398 e != NULL;
4392 4399 e = uu_list_next(v->gv_dependents, e)) {
4393 4400
4394 4401 vv = e->ge_vertex;
4395 4402 if (vv->gv_type == GVT_INST) {
4396 4403 if ((vv->gv_flags & GV_CONFIGURED) == 0)
4397 4404 continue;
4398 4405
4399 4406 if (vv->gv_flags & GV_INSUBGRAPH)
4400 4407 continue;
4401 4408
4402 4409 if (up_state(vv->gv_state))
4403 4410 return (0);
4404 4411 } else {
4405 4412 /*
4406 4413 * For dependency group or service vertices, keep
4407 4414 * traversing to see if instances are running.
4408 4415 *
4409 4416 * We should skip exclude_all dependencies otherwise
4410 4417 * the vertex will never be considered as a leaf
4411 4418 * if the dependent is offline. The main reason for
4412 4419 * this is that disable_nonsubgraph_leaves() skips
4413 4420 * exclusion dependencies.
4414 4421 */
4415 4422 if (vv->gv_type == GVT_GROUP &&
4416 4423 vv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4417 4424 continue;
4418 4425
4419 4426 if (!is_nonsubgraph_leaf(vv))
4420 4427 return (0);
4421 4428 }
4422 4429 }
4423 4430
4424 4431 return (1);
4425 4432 }
4426 4433
4427 4434 /*
4428 4435 * Disable v temporarily. Attempt to do this by setting its enabled override
4429 4436 * property in the repository. If that fails, send a _DISABLE command.
4430 4437 * Returns 0 on success and ECONNABORTED if the repository connection is
4431 4438 * broken.
4432 4439 */
4433 4440 static int
4434 4441 disable_service_temporarily(graph_vertex_t *v, scf_handle_t *h)
4435 4442 {
4436 4443 const char * const emsg = "Could not temporarily disable %s because "
4437 4444 "%s. Will stop service anyways. Repository status for the "
4438 4445 "service may be inaccurate.\n";
4439 4446 const char * const emsg_cbroken =
4440 4447 "the repository connection was broken";
4441 4448
4442 4449 scf_instance_t *inst;
4443 4450 int r;
4444 4451
4445 4452 inst = scf_instance_create(h);
4446 4453 if (inst == NULL) {
4447 4454 char buf[100];
4448 4455
4449 4456 (void) snprintf(buf, sizeof (buf),
4450 4457 "scf_instance_create() failed (%s)",
4451 4458 scf_strerror(scf_error()));
4452 4459 log_error(LOG_WARNING, emsg, v->gv_name, buf);
4453 4460
4454 4461 graph_enable_by_vertex(v, 0, 0);
4455 4462 return (0);
4456 4463 }
4457 4464
4458 4465 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
4459 4466 NULL, NULL, SCF_DECODE_FMRI_EXACT);
4460 4467 if (r != 0) {
4461 4468 switch (scf_error()) {
4462 4469 case SCF_ERROR_CONNECTION_BROKEN:
4463 4470 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4464 4471 graph_enable_by_vertex(v, 0, 0);
4465 4472 return (ECONNABORTED);
4466 4473
4467 4474 case SCF_ERROR_NOT_FOUND:
4468 4475 return (0);
4469 4476
4470 4477 case SCF_ERROR_HANDLE_MISMATCH:
4471 4478 case SCF_ERROR_INVALID_ARGUMENT:
4472 4479 case SCF_ERROR_CONSTRAINT_VIOLATED:
4473 4480 case SCF_ERROR_NOT_BOUND:
4474 4481 default:
4475 4482 bad_error("scf_handle_decode_fmri",
4476 4483 scf_error());
4477 4484 }
4478 4485 }
4479 4486
4480 4487 r = libscf_set_enable_ovr(inst, 0);
4481 4488 switch (r) {
4482 4489 case 0:
4483 4490 scf_instance_destroy(inst);
4484 4491 return (0);
4485 4492
4486 4493 case ECANCELED:
4487 4494 scf_instance_destroy(inst);
4488 4495 return (0);
4489 4496
4490 4497 case ECONNABORTED:
4491 4498 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4492 4499 graph_enable_by_vertex(v, 0, 0);
4493 4500 return (ECONNABORTED);
4494 4501
4495 4502 case EPERM:
4496 4503 log_error(LOG_WARNING, emsg, v->gv_name,
4497 4504 "the repository denied permission");
4498 4505 graph_enable_by_vertex(v, 0, 0);
4499 4506 return (0);
4500 4507
4501 4508 case EROFS:
4502 4509 log_error(LOG_WARNING, emsg, v->gv_name,
4503 4510 "the repository is read-only");
4504 4511 graph_enable_by_vertex(v, 0, 0);
4505 4512 return (0);
4506 4513
4507 4514 default:
4508 4515 bad_error("libscf_set_enable_ovr", r);
4509 4516 /* NOTREACHED */
4510 4517 }
4511 4518 }
4512 4519
4513 4520 /*
4514 4521 * Of the transitive instance dependencies of v, offline those which are
4515 4522 * in the subtree and which are leaves (i.e., have no dependents which are
4516 4523 * "up").
4517 4524 */
4518 4525 void
4519 4526 offline_subtree_leaves(graph_vertex_t *v, void *arg)
4520 4527 {
4521 4528 assert(MUTEX_HELD(&dgraph_lock));
4522 4529
4523 4530 /* If v isn't an instance, recurse on its dependencies. */
4524 4531 if (v->gv_type != GVT_INST) {
4525 4532 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4526 4533 return;
4527 4534 }
4528 4535
4529 4536 /*
4530 4537 * If v is not in the subtree, so should all of its dependencies,
4531 4538 * so do nothing.
4532 4539 */
4533 4540 if ((v->gv_flags & GV_TOOFFLINE) == 0)
4534 4541 return;
4535 4542
4536 4543 /* If v isn't a leaf because it's already down, recurse. */
4537 4544 if (!up_state(v->gv_state)) {
4538 4545 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4539 4546 return;
4540 4547 }
4541 4548
4542 4549 /* if v is a leaf, offline it or disable it if it's the last one */
4543 4550 if (insubtree_dependents_down(v) == B_TRUE) {
4544 4551 if (v->gv_flags & GV_TODISABLE)
4545 4552 vertex_send_event(v,
4546 4553 RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
4547 4554 else
4548 4555 offline_vertex(v);
4549 4556 }
4550 4557 }
4551 4558
4552 4559 void
4553 4560 graph_offline_subtree_leaves(graph_vertex_t *v, void *h)
4554 4561 {
4555 4562 graph_walk_dependencies(v, offline_subtree_leaves, (void *)h);
4556 4563 }
4557 4564
4558 4565
4559 4566 /*
4560 4567 * Of the transitive instance dependencies of v, disable those which are not
4561 4568 * in the subgraph and which are leaves (i.e., have no dependents which are
4562 4569 * "up").
4563 4570 */
4564 4571 static void
4565 4572 disable_nonsubgraph_leaves(graph_vertex_t *v, void *arg)
4566 4573 {
4567 4574 assert(MUTEX_HELD(&dgraph_lock));
4568 4575
4569 4576 /*
4570 4577 * We must skip exclusion dependencies because they are allowed to
4571 4578 * complete dependency cycles. This is correct because A's exclusion
4572 4579 * dependency on B doesn't bear on the order in which they should be
4573 4580 * stopped. Indeed, the exclusion dependency should guarantee that
4574 4581 * they are never online at the same time.
4575 4582 */
4576 4583 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4577 4584 return;
4578 4585
4579 4586 /* If v isn't an instance, recurse on its dependencies. */
4580 4587 if (v->gv_type != GVT_INST)
4581 4588 goto recurse;
4582 4589
4583 4590 if ((v->gv_flags & GV_CONFIGURED) == 0)
4584 4591 /*
4585 4592 * Unconfigured instances should have no dependencies, but in
4586 4593 * case they ever get them,
4587 4594 */
4588 4595 goto recurse;
4589 4596
4590 4597 /*
4591 4598 * If v is in the subgraph, so should all of its dependencies, so do
4592 4599 * nothing.
4593 4600 */
4594 4601 if (v->gv_flags & GV_INSUBGRAPH)
4595 4602 return;
4596 4603
4597 4604 /* If v isn't a leaf because it's already down, recurse. */
4598 4605 if (!up_state(v->gv_state))
4599 4606 goto recurse;
4600 4607
4601 4608 /* If v is disabled but not down yet, be patient. */
4602 4609 if ((v->gv_flags & GV_ENABLED) == 0)
4603 4610 return;
4604 4611
4605 4612 /* If v is a leaf, disable it. */
4606 4613 if (is_nonsubgraph_leaf(v))
4607 4614 (void) disable_service_temporarily(v, (scf_handle_t *)arg);
4608 4615
4609 4616 return;
4610 4617
4611 4618 recurse:
4612 4619 graph_walk_dependencies(v, disable_nonsubgraph_leaves, arg);
4613 4620 }
4614 4621
4615 4622 static int
4616 4623 stn_restarter_state(restarter_instance_state_t rstate)
4617 4624 {
4618 4625 static const struct statemap {
4619 4626 restarter_instance_state_t restarter_state;
4620 4627 int scf_state;
4621 4628 } map[] = {
4622 4629 { RESTARTER_STATE_UNINIT, SCF_STATE_UNINIT },
4623 4630 { RESTARTER_STATE_MAINT, SCF_STATE_MAINT },
4624 4631 { RESTARTER_STATE_OFFLINE, SCF_STATE_OFFLINE },
4625 4632 { RESTARTER_STATE_DISABLED, SCF_STATE_DISABLED },
4626 4633 { RESTARTER_STATE_ONLINE, SCF_STATE_ONLINE },
4627 4634 { RESTARTER_STATE_DEGRADED, SCF_STATE_DEGRADED }
4628 4635 };
4629 4636
4630 4637 int i;
4631 4638
4632 4639 for (i = 0; i < sizeof (map) / sizeof (map[0]); i++) {
4633 4640 if (rstate == map[i].restarter_state)
4634 4641 return (map[i].scf_state);
4635 4642 }
4636 4643
4637 4644 return (-1);
4638 4645 }
4639 4646
4640 4647 /*
4641 4648 * State transition counters
4642 4649 * Not incremented atomically - indicative only
4643 4650 */
4644 4651 static uint64_t stev_ct_maint;
4645 4652 static uint64_t stev_ct_hwerr;
4646 4653 static uint64_t stev_ct_service;
4647 4654 static uint64_t stev_ct_global;
4648 4655 static uint64_t stev_ct_noprefs;
4649 4656 static uint64_t stev_ct_from_uninit;
4650 4657 static uint64_t stev_ct_bad_state;
4651 4658 static uint64_t stev_ct_ovr_prefs;
4652 4659
4653 4660 static void
4654 4661 dgraph_state_transition_notify(graph_vertex_t *v,
4655 4662 restarter_instance_state_t old_state, restarter_str_t reason)
4656 4663 {
4657 4664 restarter_instance_state_t new_state = v->gv_state;
4658 4665 int stn_transition, maint;
4659 4666 int from, to;
4660 4667 nvlist_t *attr;
4661 4668 fmev_pri_t pri = FMEV_LOPRI;
4662 4669 int raise = 0;
4663 4670
4664 4671 if ((from = stn_restarter_state(old_state)) == -1 ||
4665 4672 (to = stn_restarter_state(new_state)) == -1) {
4666 4673 stev_ct_bad_state++;
4667 4674 return;
4668 4675 }
4669 4676
4670 4677 stn_transition = from << 16 | to;
4671 4678
4672 4679 maint = (to == SCF_STATE_MAINT || from == SCF_STATE_MAINT);
4673 4680
4674 4681 if (maint) {
4675 4682 /*
4676 4683 * All transitions to/from maintenance state must raise
4677 4684 * an event.
4678 4685 */
4679 4686 raise++;
4680 4687 pri = FMEV_HIPRI;
4681 4688 stev_ct_maint++;
4682 4689 } else if (reason == restarter_str_ct_ev_hwerr) {
4683 4690 /*
4684 4691 * All transitions caused by hardware fault must raise
4685 4692 * an event
4686 4693 */
4687 4694 raise++;
4688 4695 pri = FMEV_HIPRI;
4689 4696 stev_ct_hwerr++;
4690 4697 } else if (stn_transition & v->gv_stn_tset) {
4691 4698 /*
4692 4699 * Specifically enabled event.
4693 4700 */
4694 4701 raise++;
4695 4702 stev_ct_service++;
4696 4703 } else if (from == SCF_STATE_UNINIT) {
4697 4704 /*
4698 4705 * Only raise these if specifically selected above.
4699 4706 */
4700 4707 stev_ct_from_uninit++;
4701 4708 } else if (stn_transition & stn_global &&
4702 4709 (IS_ENABLED(v) == 1 || to == SCF_STATE_DISABLED)) {
4703 4710 raise++;
4704 4711 stev_ct_global++;
4705 4712 } else {
4706 4713 stev_ct_noprefs++;
4707 4714 }
4708 4715
4709 4716 if (info_events_all) {
4710 4717 stev_ct_ovr_prefs++;
4711 4718 raise++;
4712 4719 }
4713 4720 if (!raise)
4714 4721 return;
4715 4722
4716 4723 if (nvlist_alloc(&attr, NV_UNIQUE_NAME, 0) != 0 ||
4717 4724 nvlist_add_string(attr, "fmri", v->gv_name) != 0 ||
4718 4725 nvlist_add_uint32(attr, "reason-version",
4719 4726 restarter_str_version()) || nvlist_add_string(attr, "reason-short",
4720 4727 restarter_get_str_short(reason)) != 0 ||
4721 4728 nvlist_add_string(attr, "reason-long",
4722 4729 restarter_get_str_long(reason)) != 0 ||
4723 4730 nvlist_add_int32(attr, "transition", stn_transition) != 0) {
4724 4731 log_framework(LOG_WARNING,
4725 4732 "FMEV: %s could not create nvlist for transition "
4726 4733 "event: %s\n", v->gv_name, strerror(errno));
4727 4734 nvlist_free(attr);
4728 4735 return;
4729 4736 }
4730 4737
4731 4738 if (fmev_rspublish_nvl(FMEV_RULESET_SMF, "state-transition",
4732 4739 instance_state_str[new_state], pri, attr) != FMEV_SUCCESS) {
4733 4740 log_framework(LOG_DEBUG,
4734 4741 "FMEV: %s failed to publish transition event: %s\n",
4735 4742 v->gv_name, fmev_strerror(fmev_errno));
4736 4743 nvlist_free(attr);
4737 4744 }
4738 4745 }
4739 4746
4740 4747 /*
4741 4748 * Find the vertex for inst_name. If it doesn't exist, return ENOENT.
4742 4749 * Otherwise set its state to state. If the instance has entered a state
4743 4750 * which requires automatic action, take it (Uninitialized: do
4744 4751 * dgraph_refresh_instance() without the snapshot update. Disabled: if the
4745 4752 * instance should be enabled, send _ENABLE. Offline: if the instance should
4746 4753 * be disabled, send _DISABLE, and if its dependencies are satisfied, send
4747 4754 * _START. Online, Degraded: if the instance wasn't running, update its start
4748 4755 * snapshot. Maintenance: no action.)
4749 4756 *
4750 4757 * Also fails with ECONNABORTED, or EINVAL if state is invalid.
4751 4758 */
4752 4759 static int
4753 4760 dgraph_set_instance_state(scf_handle_t *h, const char *inst_name,
4754 4761 protocol_states_t *states)
4755 4762 {
4756 4763 graph_vertex_t *v;
4757 4764 int err = 0;
4758 4765 restarter_instance_state_t old_state;
4759 4766 restarter_instance_state_t state = states->ps_state;
4760 4767 restarter_error_t serr = states->ps_err;
4761 4768
4762 4769 MUTEX_LOCK(&dgraph_lock);
4763 4770
4764 4771 v = vertex_get_by_name(inst_name);
4765 4772 if (v == NULL) {
4766 4773 MUTEX_UNLOCK(&dgraph_lock);
4767 4774 return (ENOENT);
4768 4775 }
4769 4776
4770 4777 assert(v->gv_type == GVT_INST);
4771 4778
4772 4779 switch (state) {
4773 4780 case RESTARTER_STATE_UNINIT:
4774 4781 case RESTARTER_STATE_DISABLED:
4775 4782 case RESTARTER_STATE_OFFLINE:
4776 4783 case RESTARTER_STATE_ONLINE:
4777 4784 case RESTARTER_STATE_DEGRADED:
4778 4785 case RESTARTER_STATE_MAINT:
4779 4786 break;
4780 4787
4781 4788 default:
4782 4789 MUTEX_UNLOCK(&dgraph_lock);
4783 4790 return (EINVAL);
4784 4791 }
4785 4792
4786 4793 log_framework(LOG_DEBUG, "Graph noting %s %s -> %s.\n", v->gv_name,
4787 4794 instance_state_str[v->gv_state], instance_state_str[state]);
4788 4795
4789 4796 old_state = v->gv_state;
4790 4797 v->gv_state = state;
4791 4798
4792 4799 v->gv_reason = states->ps_reason;
4793 4800 err = gt_transition(h, v, serr, old_state);
4794 4801 if (err == 0 && v->gv_state != old_state) {
4795 4802 dgraph_state_transition_notify(v, old_state, states->ps_reason);
4796 4803 }
4797 4804
4798 4805 MUTEX_UNLOCK(&dgraph_lock);
4799 4806 return (err);
4800 4807 }
4801 4808
4802 4809 /*
4803 4810 * Handle state changes during milestone shutdown. See
4804 4811 * dgraph_set_milestone(). If the repository connection is broken,
4805 4812 * ECONNABORTED will be returned, though a _DISABLE command will be sent for
4806 4813 * the vertex anyway.
4807 4814 */
4808 4815 int
4809 4816 vertex_subgraph_dependencies_shutdown(scf_handle_t *h, graph_vertex_t *v,
4810 4817 restarter_instance_state_t old_state)
4811 4818 {
4812 4819 int was_up, now_up;
4813 4820 int ret = 0;
4814 4821
4815 4822 assert(v->gv_type == GVT_INST);
4816 4823
4817 4824 /* Don't care if we're not going to a milestone. */
4818 4825 if (milestone == NULL)
4819 4826 return (0);
4820 4827
4821 4828 /* Don't care if we already finished coming down. */
4822 4829 if (non_subgraph_svcs == 0)
4823 4830 return (0);
4824 4831
4825 4832 /* Don't care if the service is in the subgraph. */
4826 4833 if (v->gv_flags & GV_INSUBGRAPH)
4827 4834 return (0);
4828 4835
4829 4836 /*
4830 4837 * Update non_subgraph_svcs. It is the number of non-subgraph
4831 4838 * services which are in online, degraded, or offline.
4832 4839 */
4833 4840
4834 4841 was_up = up_state(old_state);
4835 4842 now_up = up_state(v->gv_state);
4836 4843
4837 4844 if (!was_up && now_up) {
4838 4845 ++non_subgraph_svcs;
4839 4846 } else if (was_up && !now_up) {
4840 4847 --non_subgraph_svcs;
4841 4848
4842 4849 if (non_subgraph_svcs == 0) {
4843 4850 if (halting != -1) {
4844 4851 do_uadmin();
4845 4852 } else if (go_single_user_mode || go_to_level1) {
4846 4853 (void) startd_thread_create(single_user_thread,
4847 4854 NULL);
4848 4855 }
4849 4856 return (0);
4850 4857 }
4851 4858 }
4852 4859
4853 4860 /* If this service is a leaf, it should be disabled. */
4854 4861 if ((v->gv_flags & GV_ENABLED) && is_nonsubgraph_leaf(v)) {
4855 4862 int r;
4856 4863
4857 4864 r = disable_service_temporarily(v, h);
4858 4865 switch (r) {
4859 4866 case 0:
4860 4867 break;
4861 4868
4862 4869 case ECONNABORTED:
4863 4870 ret = ECONNABORTED;
4864 4871 break;
4865 4872
4866 4873 default:
4867 4874 bad_error("disable_service_temporarily", r);
4868 4875 }
4869 4876 }
4870 4877
4871 4878 /*
4872 4879 * If the service just came down, propagate the disable to the newly
4873 4880 * exposed leaves.
4874 4881 */
4875 4882 if (was_up && !now_up)
4876 4883 graph_walk_dependencies(v, disable_nonsubgraph_leaves,
4877 4884 (void *)h);
4878 4885
4879 4886 return (ret);
4880 4887 }
4881 4888
4882 4889 /*
4883 4890 * Decide whether to start up an sulogin thread after a service is
4884 4891 * finished changing state. Only need to do the full can_come_up()
4885 4892 * evaluation if an instance is changing state, we're not halfway through
4886 4893 * loading the thread, and we aren't shutting down or going to the single
4887 4894 * user milestone.
4888 4895 */
4889 4896 void
4890 4897 graph_transition_sulogin(restarter_instance_state_t state,
4891 4898 restarter_instance_state_t old_state)
4892 4899 {
4893 4900 assert(MUTEX_HELD(&dgraph_lock));
4894 4901
4895 4902 if (state != old_state && st->st_load_complete &&
4896 4903 !go_single_user_mode && !go_to_level1 &&
4897 4904 halting == -1) {
4898 4905 if (!sulogin_thread_running && !can_come_up()) {
4899 4906 (void) startd_thread_create(sulogin_thread, NULL);
4900 4907 sulogin_thread_running = B_TRUE;
4901 4908 }
4902 4909 }
4903 4910 }
4904 4911
4905 4912 /*
4906 4913 * Propagate a start, stop event, or a satisfiability event.
4907 4914 *
4908 4915 * PROPAGATE_START and PROPAGATE_STOP simply propagate the transition event
4909 4916 * to direct dependents. PROPAGATE_SAT propagates a start then walks the
4910 4917 * full dependent graph to check for newly satisfied nodes. This is
4911 4918 * necessary for cases when non-direct dependents may be effected but direct
4912 4919 * dependents may not (e.g. for optional_all evaluations, see the
4913 4920 * propagate_satbility() comments).
4914 4921 *
4915 4922 * PROPAGATE_SAT should be used whenever a non-running service moves into
4916 4923 * a state which can satisfy optional dependencies, like disabled or
4917 4924 * maintenance.
4918 4925 */
4919 4926 void
4920 4927 graph_transition_propagate(graph_vertex_t *v, propagate_event_t type,
4921 4928 restarter_error_t rerr)
4922 4929 {
4923 4930 if (type == PROPAGATE_STOP) {
4924 4931 graph_walk_dependents(v, propagate_stop, (void *)rerr);
4925 4932 } else if (type == PROPAGATE_START || type == PROPAGATE_SAT) {
4926 4933 graph_walk_dependents(v, propagate_start, (void *)RERR_NONE);
4927 4934
4928 4935 if (type == PROPAGATE_SAT)
4929 4936 propagate_satbility(v);
4930 4937 } else {
4931 4938 #ifndef NDEBUG
4932 4939 uu_warn("%s:%d: Unexpected type value %d.\n", __FILE__,
4933 4940 __LINE__, type);
4934 4941 #endif
4935 4942 abort();
4936 4943 }
4937 4944 }
4938 4945
4939 4946 /*
4940 4947 * If a vertex for fmri exists and it is enabled, send _DISABLE to the
4941 4948 * restarter. If it is running, send _STOP. Send _REMOVE_INSTANCE. Delete
4942 4949 * all property group dependencies, and the dependency on the restarter,
4943 4950 * disposing of vertices as appropriate. If other vertices depend on this
4944 4951 * one, mark it unconfigured and return. Otherwise remove the vertex. Always
4945 4952 * returns 0.
4946 4953 */
4947 4954 static int
4948 4955 dgraph_remove_instance(const char *fmri, scf_handle_t *h)
4949 4956 {
4950 4957 graph_vertex_t *v;
4951 4958 graph_edge_t *e;
4952 4959 uu_list_t *old_deps;
4953 4960 int err;
4954 4961
4955 4962 log_framework(LOG_DEBUG, "Graph engine: Removing %s.\n", fmri);
4956 4963
4957 4964 MUTEX_LOCK(&dgraph_lock);
4958 4965
4959 4966 v = vertex_get_by_name(fmri);
4960 4967 if (v == NULL) {
4961 4968 MUTEX_UNLOCK(&dgraph_lock);
4962 4969 return (0);
4963 4970 }
4964 4971
4965 4972 /* Send restarter delete event. */
4966 4973 if (v->gv_flags & GV_CONFIGURED)
4967 4974 graph_unset_restarter(v);
4968 4975
4969 4976 if (milestone > MILESTONE_NONE) {
4970 4977 /*
4971 4978 * Make a list of v's current dependencies so we can
4972 4979 * reevaluate their GV_INSUBGRAPH flags after the dependencies
4973 4980 * are removed.
4974 4981 */
4975 4982 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
4976 4983
4977 4984 err = uu_list_walk(v->gv_dependencies,
4978 4985 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
4979 4986 assert(err == 0);
4980 4987 }
4981 4988
4982 4989 delete_instance_dependencies(v, B_TRUE);
4983 4990
4984 4991 /*
4985 4992 * Deleting an instance can both satisfy and unsatisfy dependencies,
4986 4993 * depending on their type. First propagate the stop as a RERR_RESTART
4987 4994 * event -- deletion isn't a fault, just a normal stop. This gives
4988 4995 * dependent services the chance to do a clean shutdown. Then, mark
4989 4996 * the service as unconfigured and propagate the start event for the
4990 4997 * optional_all dependencies that might have become satisfied.
4991 4998 */
4992 4999 graph_walk_dependents(v, propagate_stop, (void *)RERR_RESTART);
4993 5000
4994 5001 v->gv_flags &= ~GV_CONFIGURED;
4995 5002 v->gv_flags &= ~GV_DEATHROW;
4996 5003
4997 5004 graph_walk_dependents(v, propagate_start, (void *)RERR_NONE);
4998 5005 propagate_satbility(v);
4999 5006
5000 5007 /*
5001 5008 * If there are no (non-service) dependents, the vertex can be
5002 5009 * completely removed.
5003 5010 */
5004 5011 if (v != milestone && v->gv_refs == 0 &&
5005 5012 uu_list_numnodes(v->gv_dependents) == 1)
5006 5013 remove_inst_vertex(v);
5007 5014
5008 5015 if (milestone > MILESTONE_NONE) {
5009 5016 void *cookie = NULL;
5010 5017
5011 5018 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL) {
5012 5019 v = e->ge_vertex;
5013 5020
5014 5021 if (vertex_unref(v) == VERTEX_INUSE)
5015 5022 while (eval_subgraph(v, h) == ECONNABORTED)
5016 5023 libscf_handle_rebind(h);
5017 5024
5018 5025 startd_free(e, sizeof (*e));
5019 5026 }
5020 5027
5021 5028 uu_list_destroy(old_deps);
5022 5029 }
5023 5030
5024 5031 MUTEX_UNLOCK(&dgraph_lock);
5025 5032
5026 5033 return (0);
5027 5034 }
5028 5035
5029 5036 /*
5030 5037 * Return the eventual (maybe current) milestone in the form of a
5031 5038 * legacy runlevel.
5032 5039 */
5033 5040 static char
5034 5041 target_milestone_as_runlevel()
5035 5042 {
5036 5043 assert(MUTEX_HELD(&dgraph_lock));
5037 5044
5038 5045 if (milestone == NULL)
5039 5046 return ('3');
5040 5047 else if (milestone == MILESTONE_NONE)
5041 5048 return ('0');
5042 5049
5043 5050 if (strcmp(milestone->gv_name, multi_user_fmri) == 0)
5044 5051 return ('2');
5045 5052 else if (strcmp(milestone->gv_name, single_user_fmri) == 0)
5046 5053 return ('S');
5047 5054 else if (strcmp(milestone->gv_name, multi_user_svr_fmri) == 0)
5048 5055 return ('3');
5049 5056
5050 5057 #ifndef NDEBUG
5051 5058 (void) fprintf(stderr, "%s:%d: Unknown milestone name \"%s\".\n",
5052 5059 __FILE__, __LINE__, milestone->gv_name);
5053 5060 #endif
5054 5061 abort();
5055 5062 /* NOTREACHED */
5056 5063 }
5057 5064
5058 5065 static struct {
5059 5066 char rl;
5060 5067 int sig;
5061 5068 } init_sigs[] = {
5062 5069 { 'S', SIGBUS },
5063 5070 { '0', SIGINT },
5064 5071 { '1', SIGQUIT },
5065 5072 { '2', SIGILL },
5066 5073 { '3', SIGTRAP },
5067 5074 { '4', SIGIOT },
5068 5075 { '5', SIGEMT },
5069 5076 { '6', SIGFPE },
5070 5077 { 0, 0 }
5071 5078 };
5072 5079
5073 5080 static void
5074 5081 signal_init(char rl)
5075 5082 {
5076 5083 pid_t init_pid;
5077 5084 int i;
5078 5085
5079 5086 assert(MUTEX_HELD(&dgraph_lock));
5080 5087
5081 5088 if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid,
5082 5089 sizeof (init_pid)) != sizeof (init_pid)) {
5083 5090 log_error(LOG_NOTICE, "Could not get pid to signal init.\n");
5084 5091 return;
5085 5092 }
5086 5093
5087 5094 for (i = 0; init_sigs[i].rl != 0; ++i)
5088 5095 if (init_sigs[i].rl == rl)
5089 5096 break;
5090 5097
5091 5098 if (init_sigs[i].rl != 0) {
5092 5099 if (kill(init_pid, init_sigs[i].sig) != 0) {
5093 5100 switch (errno) {
5094 5101 case EPERM:
5095 5102 case ESRCH:
5096 5103 log_error(LOG_NOTICE, "Could not signal init: "
5097 5104 "%s.\n", strerror(errno));
5098 5105 break;
5099 5106
5100 5107 case EINVAL:
5101 5108 default:
5102 5109 bad_error("kill", errno);
5103 5110 }
5104 5111 }
5105 5112 }
5106 5113 }
5107 5114
5108 5115 /*
5109 5116 * This is called when one of the major milestones changes state, or when
5110 5117 * init is signalled and tells us it was told to change runlevel. We wait
5111 5118 * to reach the milestone because this allows /etc/inittab entries to retain
5112 5119 * some boot ordering: historically, entries could place themselves before/after
5113 5120 * the running of /sbin/rcX scripts but we can no longer make the
5114 5121 * distinction because the /sbin/rcX scripts no longer exist as punctuation
5115 5122 * marks in /etc/inittab.
5116 5123 *
5117 5124 * Also, we only trigger an update when we reach the eventual target
5118 5125 * milestone: without this, an /etc/inittab entry marked only for
5119 5126 * runlevel 2 would be executed for runlevel 3, which is not how
5120 5127 * /etc/inittab entries work.
5121 5128 *
5122 5129 * If we're single user coming online, then we set utmpx to the target
5123 5130 * runlevel so that legacy scripts can work as expected.
5124 5131 */
5125 5132 static void
5126 5133 graph_runlevel_changed(char rl, int online)
5127 5134 {
5128 5135 char trl;
5129 5136
5130 5137 assert(MUTEX_HELD(&dgraph_lock));
5131 5138
5132 5139 trl = target_milestone_as_runlevel();
5133 5140
5134 5141 if (online) {
5135 5142 if (rl == trl) {
5136 5143 current_runlevel = trl;
5137 5144 signal_init(trl);
5138 5145 } else if (rl == 'S') {
5139 5146 /*
5140 5147 * At boot, set the entry early for the benefit of the
5141 5148 * legacy init scripts.
5142 5149 */
5143 5150 utmpx_set_runlevel(trl, 'S', B_FALSE);
5144 5151 }
5145 5152 } else {
5146 5153 if (rl == '3' && trl == '2') {
5147 5154 current_runlevel = trl;
5148 5155 signal_init(trl);
5149 5156 } else if (rl == '2' && trl == 'S') {
5150 5157 current_runlevel = trl;
5151 5158 signal_init(trl);
5152 5159 }
5153 5160 }
5154 5161 }
5155 5162
5156 5163 /*
5157 5164 * Move to a backwards-compatible runlevel by executing the appropriate
5158 5165 * /etc/rc?.d/K* scripts and/or setting the milestone.
5159 5166 *
5160 5167 * Returns
5161 5168 * 0 - success
5162 5169 * ECONNRESET - success, but handle was reset
5163 5170 * ECONNABORTED - repository connection broken
5164 5171 * ECANCELED - pg was deleted
5165 5172 */
5166 5173 static int
5167 5174 dgraph_set_runlevel(scf_propertygroup_t *pg, scf_property_t *prop)
5168 5175 {
5169 5176 char rl;
5170 5177 scf_handle_t *h;
5171 5178 int r;
5172 5179 const char *ms = NULL; /* what to commit as options/milestone */
5173 5180 boolean_t rebound = B_FALSE;
5174 5181 int mark_rl = 0;
5175 5182
5176 5183 const char * const stop = "stop";
5177 5184
5178 5185 r = libscf_extract_runlevel(prop, &rl);
5179 5186 switch (r) {
5180 5187 case 0:
5181 5188 break;
5182 5189
5183 5190 case ECONNABORTED:
5184 5191 case ECANCELED:
5185 5192 return (r);
5186 5193
5187 5194 case EINVAL:
5188 5195 case ENOENT:
5189 5196 log_error(LOG_WARNING, "runlevel property is misconfigured; "
5190 5197 "ignoring.\n");
5191 5198 /* delete the bad property */
5192 5199 goto nolock_out;
5193 5200
5194 5201 default:
5195 5202 bad_error("libscf_extract_runlevel", r);
5196 5203 }
5197 5204
5198 5205 switch (rl) {
5199 5206 case 's':
5200 5207 rl = 'S';
5201 5208 /* FALLTHROUGH */
5202 5209
5203 5210 case 'S':
5204 5211 case '2':
5205 5212 case '3':
5206 5213 /*
5207 5214 * These cases cause a milestone change, so
5208 5215 * graph_runlevel_changed() will eventually deal with
5209 5216 * signalling init.
5210 5217 */
5211 5218 break;
5212 5219
5213 5220 case '0':
5214 5221 case '1':
5215 5222 case '4':
5216 5223 case '5':
5217 5224 case '6':
5218 5225 mark_rl = 1;
5219 5226 break;
5220 5227
5221 5228 default:
5222 5229 log_framework(LOG_NOTICE, "Unknown runlevel '%c'.\n", rl);
5223 5230 ms = NULL;
5224 5231 goto nolock_out;
5225 5232 }
5226 5233
5227 5234 h = scf_pg_handle(pg);
5228 5235
5229 5236 MUTEX_LOCK(&dgraph_lock);
5230 5237
5231 5238 /*
5232 5239 * Since this triggers no milestone changes, force it by hand.
5233 5240 */
5234 5241 if (current_runlevel == '4' && rl == '3')
5235 5242 mark_rl = 1;
5236 5243
5237 5244 /*
5238 5245 * 1. If we are here after an "init X":
5239 5246 *
5240 5247 * init X
5241 5248 * init/lscf_set_runlevel()
5242 5249 * process_pg_event()
5243 5250 * dgraph_set_runlevel()
5244 5251 *
5245 5252 * then we haven't passed through graph_runlevel_changed() yet,
5246 5253 * therefore 'current_runlevel' has not changed for sure but 'rl' has.
5247 5254 * In consequence, if 'rl' is lower than 'current_runlevel', we change
5248 5255 * the system runlevel and execute the appropriate /etc/rc?.d/K* scripts
5249 5256 * past this test.
5250 5257 *
5251 5258 * 2. On the other hand, if we are here after a "svcadm milestone":
5252 5259 *
5253 5260 * svcadm milestone X
5254 5261 * dgraph_set_milestone()
5255 5262 * handle_graph_update_event()
5256 5263 * dgraph_set_instance_state()
5257 5264 * graph_post_X_[online|offline]()
5258 5265 * graph_runlevel_changed()
5259 5266 * signal_init()
5260 5267 * init/lscf_set_runlevel()
5261 5268 * process_pg_event()
5262 5269 * dgraph_set_runlevel()
5263 5270 *
5264 5271 * then we already passed through graph_runlevel_changed() (by the way
5265 5272 * of dgraph_set_milestone()) and 'current_runlevel' may have changed
5266 5273 * and already be equal to 'rl' so we are going to return immediately
5267 5274 * from dgraph_set_runlevel() without changing the system runlevel and
5268 5275 * without executing the /etc/rc?.d/K* scripts.
5269 5276 */
5270 5277 if (rl == current_runlevel) {
5271 5278 ms = NULL;
5272 5279 goto out;
5273 5280 }
5274 5281
5275 5282 log_framework(LOG_DEBUG, "Changing to runlevel '%c'.\n", rl);
5276 5283
5277 5284 /*
5278 5285 * Make sure stop rc scripts see the new settings via who -r.
5279 5286 */
5280 5287 utmpx_set_runlevel(rl, current_runlevel, B_TRUE);
5281 5288
5282 5289 /*
5283 5290 * Some run levels don't have a direct correspondence to any
5284 5291 * milestones, so we have to signal init directly.
5285 5292 */
5286 5293 if (mark_rl) {
5287 5294 current_runlevel = rl;
5288 5295 signal_init(rl);
5289 5296 }
5290 5297
5291 5298 switch (rl) {
5292 5299 case 'S':
5293 5300 uu_warn("The system is coming down for administration. "
5294 5301 "Please wait.\n");
5295 5302 fork_rc_script(rl, stop, B_FALSE);
5296 5303 ms = single_user_fmri;
5297 5304 go_single_user_mode = B_TRUE;
5298 5305 break;
5299 5306
5300 5307 case '0':
5301 5308 halting_time = time(NULL);
5302 5309 fork_rc_script(rl, stop, B_TRUE);
5303 5310 halting = AD_HALT;
5304 5311 goto uadmin;
5305 5312
5306 5313 case '5':
5307 5314 halting_time = time(NULL);
5308 5315 fork_rc_script(rl, stop, B_TRUE);
5309 5316 halting = AD_POWEROFF;
5310 5317 goto uadmin;
5311 5318
5312 5319 case '6':
5313 5320 halting_time = time(NULL);
5314 5321 fork_rc_script(rl, stop, B_TRUE);
5315 5322 if (scf_is_fastboot_default() && getzoneid() == GLOBAL_ZONEID)
5316 5323 halting = AD_FASTREBOOT;
5317 5324 else
5318 5325 halting = AD_BOOT;
5319 5326
5320 5327 uadmin:
5321 5328 uu_warn("The system is coming down. Please wait.\n");
5322 5329 ms = "none";
5323 5330
5324 5331 /*
5325 5332 * We can't wait until all services are offline since this
5326 5333 * thread is responsible for taking them offline. Instead we
5327 5334 * set halting to the second argument for uadmin() and call
5328 5335 * do_uadmin() from dgraph_set_instance_state() when
5329 5336 * appropriate.
5330 5337 */
5331 5338 break;
5332 5339
5333 5340 case '1':
5334 5341 if (current_runlevel != 'S') {
5335 5342 uu_warn("Changing to state 1.\n");
5336 5343 fork_rc_script(rl, stop, B_FALSE);
5337 5344 } else {
5338 5345 uu_warn("The system is coming up for administration. "
5339 5346 "Please wait.\n");
5340 5347 }
5341 5348 ms = single_user_fmri;
5342 5349 go_to_level1 = B_TRUE;
5343 5350 break;
5344 5351
5345 5352 case '2':
5346 5353 if (current_runlevel == '3' || current_runlevel == '4')
5347 5354 fork_rc_script(rl, stop, B_FALSE);
5348 5355 ms = multi_user_fmri;
5349 5356 break;
5350 5357
5351 5358 case '3':
5352 5359 case '4':
5353 5360 ms = "all";
5354 5361 break;
5355 5362
5356 5363 default:
5357 5364 #ifndef NDEBUG
5358 5365 (void) fprintf(stderr, "%s:%d: Uncaught case %d ('%c').\n",
5359 5366 __FILE__, __LINE__, rl, rl);
5360 5367 #endif
5361 5368 abort();
5362 5369 }
5363 5370
5364 5371 out:
5365 5372 MUTEX_UNLOCK(&dgraph_lock);
5366 5373
5367 5374 nolock_out:
5368 5375 switch (r = libscf_clear_runlevel(pg, ms)) {
5369 5376 case 0:
5370 5377 break;
5371 5378
5372 5379 case ECONNABORTED:
5373 5380 libscf_handle_rebind(h);
5374 5381 rebound = B_TRUE;
5375 5382 goto nolock_out;
5376 5383
5377 5384 case ECANCELED:
5378 5385 break;
5379 5386
5380 5387 case EPERM:
5381 5388 case EACCES:
5382 5389 case EROFS:
5383 5390 log_error(LOG_NOTICE, "Could not delete \"%s/%s\" property: "
5384 5391 "%s.\n", SCF_PG_OPTIONS, "runlevel", strerror(r));
5385 5392 break;
5386 5393
5387 5394 default:
5388 5395 bad_error("libscf_clear_runlevel", r);
5389 5396 }
5390 5397
5391 5398 return (rebound ? ECONNRESET : 0);
5392 5399 }
5393 5400
5394 5401 /*
5395 5402 * mark_subtree walks the dependents and add the GV_TOOFFLINE flag
5396 5403 * to the instances that are supposed to go offline during an
5397 5404 * administrative disable operation.
5398 5405 */
5399 5406 static int
5400 5407 mark_subtree(graph_edge_t *e, void *arg)
5401 5408 {
5402 5409 graph_vertex_t *v;
|
↓ open down ↓ |
1031 lines elided |
↑ open up ↑ |
5403 5410 int r;
5404 5411
5405 5412 v = e->ge_vertex;
5406 5413
5407 5414 /* If it's already in the subgraph, skip. */
5408 5415 if (v->gv_flags & GV_TOOFFLINE)
5409 5416 return (UU_WALK_NEXT);
5410 5417
5411 5418 switch (v->gv_type) {
5412 5419 case GVT_INST:
5413 - /* If the instance is already disabled, skip it. */
5414 - if (!(v->gv_flags & GV_ENABLED))
5420 + /* If the instance is already offline, skip it. */
5421 + if (!inst_running(v))
5415 5422 return (UU_WALK_NEXT);
5416 5423
5417 5424 v->gv_flags |= GV_TOOFFLINE;
5418 5425 log_framework(LOG_DEBUG, "%s added to subtree\n", v->gv_name);
5419 5426 break;
5420 5427 case GVT_GROUP:
5421 5428 /*
5422 5429 * Skip all excluded dependents and decide whether to offline
5423 5430 * the service based on the restart_on attribute.
5424 5431 */
5425 5432 if (is_depgrp_bypassed(v))
5426 5433 return (UU_WALK_NEXT);
5427 5434 break;
5428 5435 }
5429 5436
5430 5437 r = uu_list_walk(v->gv_dependents, (uu_walk_fn_t *)mark_subtree, arg,
5431 5438 0);
5432 5439 assert(r == 0);
5433 5440 return (UU_WALK_NEXT);
5434 5441 }
5435 5442
5436 5443 static int
5437 5444 mark_subgraph(graph_edge_t *e, void *arg)
5438 5445 {
5439 5446 graph_vertex_t *v;
5440 5447 int r;
5441 5448 int optional = (int)arg;
5442 5449
5443 5450 v = e->ge_vertex;
5444 5451
5445 5452 /* If it's already in the subgraph, skip. */
5446 5453 if (v->gv_flags & GV_INSUBGRAPH)
5447 5454 return (UU_WALK_NEXT);
5448 5455
5449 5456 /*
5450 5457 * Keep track if walk has entered an optional dependency group
5451 5458 */
5452 5459 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_OPTIONAL_ALL) {
5453 5460 optional = 1;
5454 5461 }
5455 5462 /*
5456 5463 * Quit if we are in an optional dependency group and the instance
5457 5464 * is disabled
5458 5465 */
5459 5466 if (optional && (v->gv_type == GVT_INST) &&
5460 5467 (!(v->gv_flags & GV_ENBLD_NOOVR)))
5461 5468 return (UU_WALK_NEXT);
5462 5469
5463 5470 v->gv_flags |= GV_INSUBGRAPH;
5464 5471
5465 5472 /* Skip all excluded dependencies. */
5466 5473 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
5467 5474 return (UU_WALK_NEXT);
5468 5475
5469 5476 r = uu_list_walk(v->gv_dependencies, (uu_walk_fn_t *)mark_subgraph,
5470 5477 (void *)optional, 0);
5471 5478 assert(r == 0);
5472 5479 return (UU_WALK_NEXT);
5473 5480 }
5474 5481
5475 5482 /*
5476 5483 * Bring down all services which are not dependencies of fmri. The
5477 5484 * dependencies of fmri (direct & indirect) will constitute the "subgraph",
5478 5485 * and will have the GV_INSUBGRAPH flag set. The rest must be brought down,
5479 5486 * which means the state is "disabled", "maintenance", or "uninitialized". We
5480 5487 * could consider "offline" to be down, and refrain from sending start
5481 5488 * commands for such services, but that's not strictly necessary, so we'll
5482 5489 * decline to intrude on the state machine. It would probably confuse users
5483 5490 * anyway.
5484 5491 *
5485 5492 * The services should be brought down in reverse-dependency order, so we
5486 5493 * can't do it all at once here. We initiate by override-disabling the leaves
5487 5494 * of the dependency tree -- those services which are up but have no
5488 5495 * dependents which are up. When they come down,
5489 5496 * vertex_subgraph_dependencies_shutdown() will override-disable the newly
5490 5497 * exposed leaves. Perseverance will ensure completion.
5491 5498 *
5492 5499 * Sometimes we need to take action when the transition is complete, like
5493 5500 * start sulogin or halt the system. To tell when we're done, we initialize
5494 5501 * non_subgraph_svcs here to be the number of services which need to come
5495 5502 * down. As each does, we decrement the counter. When it hits zero, we take
5496 5503 * the appropriate action. See vertex_subgraph_dependencies_shutdown().
5497 5504 *
5498 5505 * In case we're coming up, we also remove any enable-overrides for the
5499 5506 * services which are dependencies of fmri.
5500 5507 *
5501 5508 * If norepository is true, the function will not change the repository.
5502 5509 *
5503 5510 * The decision to change the system run level in accordance with the milestone
5504 5511 * is taken in dgraph_set_runlevel().
5505 5512 *
5506 5513 * Returns
5507 5514 * 0 - success
5508 5515 * ECONNRESET - success, but handle was rebound
5509 5516 * EINVAL - fmri is invalid (error is logged)
5510 5517 * EALREADY - the milestone is already set to fmri
5511 5518 * ENOENT - a configured vertex does not exist for fmri (an error is logged)
5512 5519 */
5513 5520 static int
5514 5521 dgraph_set_milestone(const char *fmri, scf_handle_t *h, boolean_t norepository)
5515 5522 {
5516 5523 const char *cfmri, *fs;
5517 5524 graph_vertex_t *nm, *v;
5518 5525 int ret = 0, r;
5519 5526 scf_instance_t *inst;
5520 5527 boolean_t isall, isnone, rebound = B_FALSE;
5521 5528
5522 5529 /* Validate fmri */
5523 5530 isall = (strcmp(fmri, "all") == 0);
5524 5531 isnone = (strcmp(fmri, "none") == 0);
5525 5532
5526 5533 if (!isall && !isnone) {
5527 5534 if (fmri_canonify(fmri, (char **)&cfmri, B_FALSE) == EINVAL)
5528 5535 goto reject;
5529 5536
5530 5537 if (strcmp(cfmri, single_user_fmri) != 0 &&
5531 5538 strcmp(cfmri, multi_user_fmri) != 0 &&
5532 5539 strcmp(cfmri, multi_user_svr_fmri) != 0) {
5533 5540 startd_free((void *)cfmri, max_scf_fmri_size);
5534 5541 reject:
5535 5542 log_framework(LOG_WARNING,
5536 5543 "Rejecting request for invalid milestone \"%s\".\n",
5537 5544 fmri);
5538 5545 return (EINVAL);
5539 5546 }
5540 5547 }
5541 5548
5542 5549 inst = safe_scf_instance_create(h);
5543 5550
5544 5551 MUTEX_LOCK(&dgraph_lock);
5545 5552
5546 5553 if (milestone == NULL) {
5547 5554 if (isall) {
5548 5555 log_framework(LOG_DEBUG,
5549 5556 "Milestone already set to all.\n");
5550 5557 ret = EALREADY;
5551 5558 goto out;
5552 5559 }
5553 5560 } else if (milestone == MILESTONE_NONE) {
5554 5561 if (isnone) {
5555 5562 log_framework(LOG_DEBUG,
5556 5563 "Milestone already set to none.\n");
5557 5564 ret = EALREADY;
5558 5565 goto out;
5559 5566 }
5560 5567 } else {
5561 5568 if (!isall && !isnone &&
5562 5569 strcmp(cfmri, milestone->gv_name) == 0) {
5563 5570 log_framework(LOG_DEBUG,
5564 5571 "Milestone already set to %s.\n", cfmri);
5565 5572 ret = EALREADY;
5566 5573 goto out;
5567 5574 }
5568 5575 }
5569 5576
5570 5577 if (!isall && !isnone) {
5571 5578 nm = vertex_get_by_name(cfmri);
5572 5579 if (nm == NULL || !(nm->gv_flags & GV_CONFIGURED)) {
5573 5580 log_framework(LOG_WARNING, "Cannot set milestone to %s "
5574 5581 "because no such service exists.\n", cfmri);
5575 5582 ret = ENOENT;
5576 5583 goto out;
5577 5584 }
5578 5585 }
5579 5586
5580 5587 log_framework(LOG_DEBUG, "Changing milestone to %s.\n", fmri);
5581 5588
5582 5589 /*
5583 5590 * Set milestone, removing the old one if this was the last reference.
5584 5591 */
5585 5592 if (milestone > MILESTONE_NONE)
5586 5593 (void) vertex_unref(milestone);
5587 5594
5588 5595 if (isall)
5589 5596 milestone = NULL;
5590 5597 else if (isnone)
5591 5598 milestone = MILESTONE_NONE;
5592 5599 else {
5593 5600 milestone = nm;
5594 5601 /* milestone should count as a reference */
5595 5602 vertex_ref(milestone);
5596 5603 }
5597 5604
5598 5605 /* Clear all GV_INSUBGRAPH bits. */
5599 5606 for (v = uu_list_first(dgraph); v != NULL; v = uu_list_next(dgraph, v))
5600 5607 v->gv_flags &= ~GV_INSUBGRAPH;
5601 5608
5602 5609 if (!isall && !isnone) {
5603 5610 /* Set GV_INSUBGRAPH for milestone & descendents. */
5604 5611 milestone->gv_flags |= GV_INSUBGRAPH;
5605 5612
5606 5613 r = uu_list_walk(milestone->gv_dependencies,
5607 5614 (uu_walk_fn_t *)mark_subgraph, NULL, 0);
5608 5615 assert(r == 0);
5609 5616 }
5610 5617
5611 5618 /* Un-override services in the subgraph & override-disable the rest. */
5612 5619 if (norepository)
5613 5620 goto out;
5614 5621
5615 5622 non_subgraph_svcs = 0;
5616 5623 for (v = uu_list_first(dgraph);
5617 5624 v != NULL;
5618 5625 v = uu_list_next(dgraph, v)) {
5619 5626 if (v->gv_type != GVT_INST ||
5620 5627 (v->gv_flags & GV_CONFIGURED) == 0)
5621 5628 continue;
5622 5629
5623 5630 again:
5624 5631 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
5625 5632 NULL, NULL, SCF_DECODE_FMRI_EXACT);
5626 5633 if (r != 0) {
5627 5634 switch (scf_error()) {
5628 5635 case SCF_ERROR_CONNECTION_BROKEN:
5629 5636 default:
5630 5637 libscf_handle_rebind(h);
5631 5638 rebound = B_TRUE;
5632 5639 goto again;
5633 5640
5634 5641 case SCF_ERROR_NOT_FOUND:
5635 5642 continue;
5636 5643
5637 5644 case SCF_ERROR_HANDLE_MISMATCH:
5638 5645 case SCF_ERROR_INVALID_ARGUMENT:
5639 5646 case SCF_ERROR_CONSTRAINT_VIOLATED:
5640 5647 case SCF_ERROR_NOT_BOUND:
5641 5648 bad_error("scf_handle_decode_fmri",
5642 5649 scf_error());
5643 5650 }
5644 5651 }
5645 5652
5646 5653 if (isall || (v->gv_flags & GV_INSUBGRAPH)) {
5647 5654 r = libscf_delete_enable_ovr(inst);
5648 5655 fs = "libscf_delete_enable_ovr";
5649 5656 } else {
5650 5657 assert(isnone || (v->gv_flags & GV_INSUBGRAPH) == 0);
5651 5658
5652 5659 /*
5653 5660 * Services which are up need to come down before
5654 5661 * we're done, but we can only disable the leaves
5655 5662 * here.
5656 5663 */
5657 5664
5658 5665 if (up_state(v->gv_state))
5659 5666 ++non_subgraph_svcs;
5660 5667
5661 5668 /* If it's already disabled, don't bother. */
5662 5669 if ((v->gv_flags & GV_ENABLED) == 0)
5663 5670 continue;
5664 5671
5665 5672 if (!is_nonsubgraph_leaf(v))
5666 5673 continue;
5667 5674
5668 5675 r = libscf_set_enable_ovr(inst, 0);
5669 5676 fs = "libscf_set_enable_ovr";
5670 5677 }
5671 5678 switch (r) {
5672 5679 case 0:
5673 5680 case ECANCELED:
5674 5681 break;
5675 5682
5676 5683 case ECONNABORTED:
5677 5684 libscf_handle_rebind(h);
5678 5685 rebound = B_TRUE;
5679 5686 goto again;
5680 5687
5681 5688 case EPERM:
5682 5689 case EROFS:
5683 5690 log_error(LOG_WARNING,
5684 5691 "Could not set %s/%s for %s: %s.\n",
5685 5692 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
5686 5693 v->gv_name, strerror(r));
5687 5694 break;
5688 5695
5689 5696 default:
5690 5697 bad_error(fs, r);
5691 5698 }
5692 5699 }
5693 5700
5694 5701 if (halting != -1) {
5695 5702 if (non_subgraph_svcs > 1)
5696 5703 uu_warn("%d system services are now being stopped.\n",
5697 5704 non_subgraph_svcs);
5698 5705 else if (non_subgraph_svcs == 1)
5699 5706 uu_warn("One system service is now being stopped.\n");
5700 5707 else if (non_subgraph_svcs == 0)
5701 5708 do_uadmin();
5702 5709 }
5703 5710
5704 5711 ret = rebound ? ECONNRESET : 0;
5705 5712
5706 5713 out:
5707 5714 MUTEX_UNLOCK(&dgraph_lock);
5708 5715 if (!isall && !isnone)
5709 5716 startd_free((void *)cfmri, max_scf_fmri_size);
5710 5717 scf_instance_destroy(inst);
5711 5718 return (ret);
5712 5719 }
5713 5720
5714 5721
5715 5722 /*
5716 5723 * Returns 0, ECONNABORTED, or EINVAL.
5717 5724 */
5718 5725 static int
5719 5726 handle_graph_update_event(scf_handle_t *h, graph_protocol_event_t *e)
5720 5727 {
5721 5728 int r;
5722 5729
5723 5730 switch (e->gpe_type) {
5724 5731 case GRAPH_UPDATE_RELOAD_GRAPH:
5725 5732 log_error(LOG_WARNING,
5726 5733 "graph_event: reload graph unimplemented\n");
5727 5734 break;
5728 5735
5729 5736 case GRAPH_UPDATE_STATE_CHANGE: {
5730 5737 protocol_states_t *states = e->gpe_data;
5731 5738
5732 5739 switch (r = dgraph_set_instance_state(h, e->gpe_inst, states)) {
5733 5740 case 0:
5734 5741 case ENOENT:
5735 5742 break;
5736 5743
5737 5744 case ECONNABORTED:
5738 5745 return (ECONNABORTED);
5739 5746
5740 5747 case EINVAL:
5741 5748 default:
5742 5749 #ifndef NDEBUG
5743 5750 (void) fprintf(stderr, "dgraph_set_instance_state() "
5744 5751 "failed with unexpected error %d at %s:%d.\n", r,
5745 5752 __FILE__, __LINE__);
5746 5753 #endif
5747 5754 abort();
5748 5755 }
5749 5756
5750 5757 startd_free(states, sizeof (protocol_states_t));
5751 5758 break;
5752 5759 }
5753 5760
5754 5761 default:
5755 5762 log_error(LOG_WARNING,
5756 5763 "graph_event_loop received an unknown event: %d\n",
5757 5764 e->gpe_type);
5758 5765 break;
5759 5766 }
5760 5767
5761 5768 return (0);
5762 5769 }
5763 5770
5764 5771 /*
5765 5772 * graph_event_thread()
5766 5773 * Wait for state changes from the restarters.
5767 5774 */
5768 5775 /*ARGSUSED*/
5769 5776 void *
5770 5777 graph_event_thread(void *unused)
5771 5778 {
5772 5779 scf_handle_t *h;
5773 5780 int err;
5774 5781
5775 5782 h = libscf_handle_create_bound_loop();
5776 5783
5777 5784 /*CONSTCOND*/
5778 5785 while (1) {
5779 5786 graph_protocol_event_t *e;
5780 5787
5781 5788 MUTEX_LOCK(&gu->gu_lock);
5782 5789
5783 5790 while (gu->gu_wakeup == 0)
5784 5791 (void) pthread_cond_wait(&gu->gu_cv, &gu->gu_lock);
5785 5792
5786 5793 gu->gu_wakeup = 0;
5787 5794
5788 5795 while ((e = graph_event_dequeue()) != NULL) {
5789 5796 MUTEX_LOCK(&e->gpe_lock);
5790 5797 MUTEX_UNLOCK(&gu->gu_lock);
5791 5798
5792 5799 while ((err = handle_graph_update_event(h, e)) ==
5793 5800 ECONNABORTED)
5794 5801 libscf_handle_rebind(h);
5795 5802
5796 5803 if (err == 0)
5797 5804 graph_event_release(e);
5798 5805 else
5799 5806 graph_event_requeue(e);
5800 5807
5801 5808 MUTEX_LOCK(&gu->gu_lock);
5802 5809 }
5803 5810
5804 5811 MUTEX_UNLOCK(&gu->gu_lock);
5805 5812 }
5806 5813
5807 5814 /*
5808 5815 * Unreachable for now -- there's currently no graceful cleanup
5809 5816 * called on exit().
5810 5817 */
5811 5818 MUTEX_UNLOCK(&gu->gu_lock);
5812 5819 scf_handle_destroy(h);
5813 5820 return (NULL);
5814 5821 }
5815 5822
5816 5823 static void
5817 5824 set_initial_milestone(scf_handle_t *h)
5818 5825 {
5819 5826 scf_instance_t *inst;
5820 5827 char *fmri, *cfmri;
5821 5828 size_t sz;
5822 5829 int r;
5823 5830
5824 5831 inst = safe_scf_instance_create(h);
5825 5832 fmri = startd_alloc(max_scf_fmri_size);
5826 5833
5827 5834 /*
5828 5835 * If -m milestone= was specified, we want to set options_ovr/milestone
5829 5836 * to it. Otherwise we want to read what the milestone should be set
5830 5837 * to. Either way we need our inst.
5831 5838 */
5832 5839 get_self:
5833 5840 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
5834 5841 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5835 5842 switch (scf_error()) {
5836 5843 case SCF_ERROR_CONNECTION_BROKEN:
5837 5844 libscf_handle_rebind(h);
5838 5845 goto get_self;
5839 5846
5840 5847 case SCF_ERROR_NOT_FOUND:
5841 5848 if (st->st_subgraph != NULL &&
5842 5849 st->st_subgraph[0] != '\0') {
5843 5850 sz = strlcpy(fmri, st->st_subgraph,
5844 5851 max_scf_fmri_size);
5845 5852 assert(sz < max_scf_fmri_size);
5846 5853 } else {
5847 5854 fmri[0] = '\0';
5848 5855 }
5849 5856 break;
5850 5857
5851 5858 case SCF_ERROR_INVALID_ARGUMENT:
5852 5859 case SCF_ERROR_CONSTRAINT_VIOLATED:
5853 5860 case SCF_ERROR_HANDLE_MISMATCH:
5854 5861 default:
5855 5862 bad_error("scf_handle_decode_fmri", scf_error());
5856 5863 }
5857 5864 } else {
5858 5865 if (st->st_subgraph != NULL && st->st_subgraph[0] != '\0') {
5859 5866 scf_propertygroup_t *pg;
5860 5867
5861 5868 pg = safe_scf_pg_create(h);
5862 5869
5863 5870 sz = strlcpy(fmri, st->st_subgraph, max_scf_fmri_size);
5864 5871 assert(sz < max_scf_fmri_size);
5865 5872
5866 5873 r = libscf_inst_get_or_add_pg(inst, SCF_PG_OPTIONS_OVR,
5867 5874 SCF_PG_OPTIONS_OVR_TYPE, SCF_PG_OPTIONS_OVR_FLAGS,
5868 5875 pg);
5869 5876 switch (r) {
5870 5877 case 0:
5871 5878 break;
5872 5879
5873 5880 case ECONNABORTED:
5874 5881 libscf_handle_rebind(h);
5875 5882 goto get_self;
5876 5883
5877 5884 case EPERM:
5878 5885 case EACCES:
5879 5886 case EROFS:
5880 5887 log_error(LOG_WARNING, "Could not set %s/%s: "
5881 5888 "%s.\n", SCF_PG_OPTIONS_OVR,
5882 5889 SCF_PROPERTY_MILESTONE, strerror(r));
5883 5890 /* FALLTHROUGH */
5884 5891
5885 5892 case ECANCELED:
5886 5893 sz = strlcpy(fmri, st->st_subgraph,
5887 5894 max_scf_fmri_size);
5888 5895 assert(sz < max_scf_fmri_size);
5889 5896 break;
5890 5897
5891 5898 default:
5892 5899 bad_error("libscf_inst_get_or_add_pg", r);
5893 5900 }
5894 5901
5895 5902 r = libscf_clear_runlevel(pg, fmri);
5896 5903 switch (r) {
5897 5904 case 0:
5898 5905 break;
5899 5906
5900 5907 case ECONNABORTED:
5901 5908 libscf_handle_rebind(h);
5902 5909 goto get_self;
5903 5910
5904 5911 case EPERM:
5905 5912 case EACCES:
5906 5913 case EROFS:
5907 5914 log_error(LOG_WARNING, "Could not set %s/%s: "
5908 5915 "%s.\n", SCF_PG_OPTIONS_OVR,
5909 5916 SCF_PROPERTY_MILESTONE, strerror(r));
5910 5917 /* FALLTHROUGH */
5911 5918
5912 5919 case ECANCELED:
5913 5920 sz = strlcpy(fmri, st->st_subgraph,
5914 5921 max_scf_fmri_size);
5915 5922 assert(sz < max_scf_fmri_size);
5916 5923 break;
5917 5924
5918 5925 default:
5919 5926 bad_error("libscf_clear_runlevel", r);
5920 5927 }
5921 5928
5922 5929 scf_pg_destroy(pg);
5923 5930 } else {
5924 5931 scf_property_t *prop;
5925 5932 scf_value_t *val;
5926 5933
5927 5934 prop = safe_scf_property_create(h);
5928 5935 val = safe_scf_value_create(h);
5929 5936
5930 5937 r = libscf_get_milestone(inst, prop, val, fmri,
5931 5938 max_scf_fmri_size);
5932 5939 switch (r) {
5933 5940 case 0:
5934 5941 break;
5935 5942
5936 5943 case ECONNABORTED:
5937 5944 libscf_handle_rebind(h);
5938 5945 goto get_self;
5939 5946
5940 5947 case EINVAL:
5941 5948 log_error(LOG_WARNING, "Milestone property is "
5942 5949 "misconfigured. Defaulting to \"all\".\n");
5943 5950 /* FALLTHROUGH */
5944 5951
5945 5952 case ECANCELED:
5946 5953 case ENOENT:
5947 5954 fmri[0] = '\0';
5948 5955 break;
5949 5956
5950 5957 default:
5951 5958 bad_error("libscf_get_milestone", r);
5952 5959 }
5953 5960
5954 5961 scf_value_destroy(val);
5955 5962 scf_property_destroy(prop);
5956 5963 }
5957 5964 }
5958 5965
5959 5966 if (fmri[0] == '\0' || strcmp(fmri, "all") == 0)
5960 5967 goto out;
5961 5968
5962 5969 if (strcmp(fmri, "none") != 0) {
5963 5970 retry:
5964 5971 if (scf_handle_decode_fmri(h, fmri, NULL, NULL, inst, NULL,
5965 5972 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5966 5973 switch (scf_error()) {
5967 5974 case SCF_ERROR_INVALID_ARGUMENT:
5968 5975 log_error(LOG_WARNING,
5969 5976 "Requested milestone \"%s\" is invalid. "
5970 5977 "Reverting to \"all\".\n", fmri);
5971 5978 goto out;
5972 5979
5973 5980 case SCF_ERROR_CONSTRAINT_VIOLATED:
5974 5981 log_error(LOG_WARNING, "Requested milestone "
5975 5982 "\"%s\" does not specify an instance. "
5976 5983 "Reverting to \"all\".\n", fmri);
5977 5984 goto out;
5978 5985
5979 5986 case SCF_ERROR_CONNECTION_BROKEN:
5980 5987 libscf_handle_rebind(h);
5981 5988 goto retry;
5982 5989
5983 5990 case SCF_ERROR_NOT_FOUND:
5984 5991 log_error(LOG_WARNING, "Requested milestone "
5985 5992 "\"%s\" not in repository. Reverting to "
5986 5993 "\"all\".\n", fmri);
5987 5994 goto out;
5988 5995
5989 5996 case SCF_ERROR_HANDLE_MISMATCH:
5990 5997 default:
5991 5998 bad_error("scf_handle_decode_fmri",
5992 5999 scf_error());
5993 6000 }
5994 6001 }
5995 6002
5996 6003 r = fmri_canonify(fmri, &cfmri, B_FALSE);
5997 6004 assert(r == 0);
5998 6005
5999 6006 r = dgraph_add_instance(cfmri, inst, B_TRUE);
6000 6007 startd_free(cfmri, max_scf_fmri_size);
6001 6008 switch (r) {
6002 6009 case 0:
6003 6010 break;
6004 6011
6005 6012 case ECONNABORTED:
6006 6013 goto retry;
6007 6014
6008 6015 case EINVAL:
6009 6016 log_error(LOG_WARNING,
6010 6017 "Requested milestone \"%s\" is invalid. "
6011 6018 "Reverting to \"all\".\n", fmri);
6012 6019 goto out;
6013 6020
6014 6021 case ECANCELED:
6015 6022 log_error(LOG_WARNING,
6016 6023 "Requested milestone \"%s\" not "
6017 6024 "in repository. Reverting to \"all\".\n",
6018 6025 fmri);
6019 6026 goto out;
6020 6027
6021 6028 case EEXIST:
6022 6029 default:
6023 6030 bad_error("dgraph_add_instance", r);
6024 6031 }
6025 6032 }
6026 6033
6027 6034 log_console(LOG_INFO, "Booting to milestone \"%s\".\n", fmri);
6028 6035
6029 6036 r = dgraph_set_milestone(fmri, h, B_FALSE);
6030 6037 switch (r) {
6031 6038 case 0:
6032 6039 case ECONNRESET:
6033 6040 case EALREADY:
6034 6041 break;
6035 6042
6036 6043 case EINVAL:
6037 6044 case ENOENT:
6038 6045 default:
6039 6046 bad_error("dgraph_set_milestone", r);
6040 6047 }
6041 6048
6042 6049 out:
6043 6050 startd_free(fmri, max_scf_fmri_size);
6044 6051 scf_instance_destroy(inst);
6045 6052 }
6046 6053
6047 6054 void
6048 6055 set_restart_milestone(scf_handle_t *h)
6049 6056 {
6050 6057 scf_instance_t *inst;
6051 6058 scf_property_t *prop;
6052 6059 scf_value_t *val;
6053 6060 char *fmri;
6054 6061 int r;
6055 6062
6056 6063 inst = safe_scf_instance_create(h);
6057 6064
6058 6065 get_self:
6059 6066 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL,
6060 6067 inst, NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
6061 6068 switch (scf_error()) {
6062 6069 case SCF_ERROR_CONNECTION_BROKEN:
6063 6070 libscf_handle_rebind(h);
6064 6071 goto get_self;
6065 6072
6066 6073 case SCF_ERROR_NOT_FOUND:
6067 6074 break;
6068 6075
6069 6076 case SCF_ERROR_INVALID_ARGUMENT:
6070 6077 case SCF_ERROR_CONSTRAINT_VIOLATED:
6071 6078 case SCF_ERROR_HANDLE_MISMATCH:
6072 6079 default:
6073 6080 bad_error("scf_handle_decode_fmri", scf_error());
6074 6081 }
6075 6082
6076 6083 scf_instance_destroy(inst);
6077 6084 return;
6078 6085 }
6079 6086
6080 6087 prop = safe_scf_property_create(h);
6081 6088 val = safe_scf_value_create(h);
6082 6089 fmri = startd_alloc(max_scf_fmri_size);
6083 6090
6084 6091 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6085 6092 switch (r) {
6086 6093 case 0:
6087 6094 break;
6088 6095
6089 6096 case ECONNABORTED:
6090 6097 libscf_handle_rebind(h);
6091 6098 goto get_self;
6092 6099
6093 6100 case ECANCELED:
6094 6101 case ENOENT:
6095 6102 case EINVAL:
6096 6103 goto out;
6097 6104
6098 6105 default:
6099 6106 bad_error("libscf_get_milestone", r);
6100 6107 }
6101 6108
6102 6109 r = dgraph_set_milestone(fmri, h, B_TRUE);
6103 6110 switch (r) {
6104 6111 case 0:
6105 6112 case ECONNRESET:
6106 6113 case EALREADY:
6107 6114 case EINVAL:
6108 6115 case ENOENT:
6109 6116 break;
6110 6117
6111 6118 default:
6112 6119 bad_error("dgraph_set_milestone", r);
6113 6120 }
6114 6121
6115 6122 out:
6116 6123 startd_free(fmri, max_scf_fmri_size);
6117 6124 scf_value_destroy(val);
6118 6125 scf_property_destroy(prop);
6119 6126 scf_instance_destroy(inst);
6120 6127 }
6121 6128
6122 6129 /*
6123 6130 * void *graph_thread(void *)
6124 6131 *
6125 6132 * Graph management thread.
6126 6133 */
6127 6134 /*ARGSUSED*/
6128 6135 void *
6129 6136 graph_thread(void *arg)
6130 6137 {
6131 6138 scf_handle_t *h;
6132 6139 int err;
6133 6140
6134 6141 h = libscf_handle_create_bound_loop();
6135 6142
6136 6143 if (st->st_initial)
6137 6144 set_initial_milestone(h);
6138 6145
6139 6146 MUTEX_LOCK(&dgraph_lock);
6140 6147 initial_milestone_set = B_TRUE;
6141 6148 err = pthread_cond_broadcast(&initial_milestone_cv);
6142 6149 assert(err == 0);
6143 6150 MUTEX_UNLOCK(&dgraph_lock);
6144 6151
6145 6152 libscf_populate_graph(h);
6146 6153
6147 6154 if (!st->st_initial)
6148 6155 set_restart_milestone(h);
6149 6156
6150 6157 MUTEX_LOCK(&st->st_load_lock);
6151 6158 st->st_load_complete = 1;
6152 6159 (void) pthread_cond_broadcast(&st->st_load_cv);
6153 6160 MUTEX_UNLOCK(&st->st_load_lock);
6154 6161
6155 6162 MUTEX_LOCK(&dgraph_lock);
6156 6163 /*
6157 6164 * Now that we've set st_load_complete we need to check can_come_up()
6158 6165 * since if we booted to a milestone, then there won't be any more
6159 6166 * state updates.
6160 6167 */
6161 6168 if (!go_single_user_mode && !go_to_level1 &&
6162 6169 halting == -1) {
6163 6170 if (!sulogin_thread_running && !can_come_up()) {
6164 6171 (void) startd_thread_create(sulogin_thread, NULL);
6165 6172 sulogin_thread_running = B_TRUE;
6166 6173 }
6167 6174 }
6168 6175 MUTEX_UNLOCK(&dgraph_lock);
6169 6176
6170 6177 (void) pthread_mutex_lock(&gu->gu_freeze_lock);
6171 6178
6172 6179 /*CONSTCOND*/
6173 6180 while (1) {
6174 6181 (void) pthread_cond_wait(&gu->gu_freeze_cv,
6175 6182 &gu->gu_freeze_lock);
6176 6183 }
6177 6184
6178 6185 /*
6179 6186 * Unreachable for now -- there's currently no graceful cleanup
6180 6187 * called on exit().
6181 6188 */
6182 6189 (void) pthread_mutex_unlock(&gu->gu_freeze_lock);
6183 6190 scf_handle_destroy(h);
6184 6191
6185 6192 return (NULL);
6186 6193 }
6187 6194
6188 6195
6189 6196 /*
6190 6197 * int next_action()
6191 6198 * Given an array of timestamps 'a' with 'num' elements, find the
6192 6199 * lowest non-zero timestamp and return its index. If there are no
6193 6200 * non-zero elements, return -1.
6194 6201 */
6195 6202 static int
6196 6203 next_action(hrtime_t *a, int num)
6197 6204 {
6198 6205 hrtime_t t = 0;
6199 6206 int i = 0, smallest = -1;
6200 6207
6201 6208 for (i = 0; i < num; i++) {
6202 6209 if (t == 0) {
6203 6210 t = a[i];
6204 6211 smallest = i;
6205 6212 } else if (a[i] != 0 && a[i] < t) {
6206 6213 t = a[i];
6207 6214 smallest = i;
6208 6215 }
6209 6216 }
6210 6217
6211 6218 if (t == 0)
6212 6219 return (-1);
6213 6220 else
6214 6221 return (smallest);
6215 6222 }
6216 6223
6217 6224 /*
6218 6225 * void process_actions()
6219 6226 * Process actions requested by the administrator. Possibilities include:
6220 6227 * refresh, restart, maintenance mode off, maintenance mode on,
6221 6228 * maintenance mode immediate, and degraded.
6222 6229 *
6223 6230 * The set of pending actions is represented in the repository as a
6224 6231 * per-instance property group, with each action being a single property
6225 6232 * in that group. This property group is converted to an array, with each
6226 6233 * action type having an array slot. The actions in the array at the
6227 6234 * time process_actions() is called are acted on in the order of the
6228 6235 * timestamp (which is the value stored in the slot). A value of zero
6229 6236 * indicates that there is no pending action of the type associated with
6230 6237 * a particular slot.
6231 6238 *
6232 6239 * Sending an action event multiple times before the restarter has a
6233 6240 * chance to process that action will force it to be run at the last
6234 6241 * timestamp where it appears in the ordering.
6235 6242 *
6236 6243 * Turning maintenance mode on trumps all other actions.
6237 6244 *
6238 6245 * Returns 0 or ECONNABORTED.
6239 6246 */
6240 6247 static int
6241 6248 process_actions(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst)
6242 6249 {
6243 6250 scf_property_t *prop = NULL;
6244 6251 scf_value_t *val = NULL;
6245 6252 scf_type_t type;
6246 6253 graph_vertex_t *vertex;
6247 6254 admin_action_t a;
6248 6255 int i, ret = 0, r;
6249 6256 hrtime_t action_ts[NACTIONS];
6250 6257 char *inst_name;
6251 6258
6252 6259 r = libscf_instance_get_fmri(inst, &inst_name);
6253 6260 switch (r) {
6254 6261 case 0:
6255 6262 break;
6256 6263
6257 6264 case ECONNABORTED:
6258 6265 return (ECONNABORTED);
6259 6266
6260 6267 case ECANCELED:
6261 6268 return (0);
6262 6269
6263 6270 default:
6264 6271 bad_error("libscf_instance_get_fmri", r);
6265 6272 }
6266 6273
6267 6274 MUTEX_LOCK(&dgraph_lock);
6268 6275
6269 6276 vertex = vertex_get_by_name(inst_name);
6270 6277 if (vertex == NULL) {
6271 6278 MUTEX_UNLOCK(&dgraph_lock);
6272 6279 log_framework(LOG_DEBUG, "%s: Can't find graph vertex. "
6273 6280 "The instance must have been removed.\n", inst_name);
6274 6281 startd_free(inst_name, max_scf_fmri_size);
6275 6282 return (0);
6276 6283 }
6277 6284
6278 6285 prop = safe_scf_property_create(h);
6279 6286 val = safe_scf_value_create(h);
6280 6287
6281 6288 for (i = 0; i < NACTIONS; i++) {
6282 6289 if (scf_pg_get_property(pg, admin_actions[i], prop) != 0) {
6283 6290 switch (scf_error()) {
6284 6291 case SCF_ERROR_CONNECTION_BROKEN:
6285 6292 default:
6286 6293 ret = ECONNABORTED;
6287 6294 goto out;
6288 6295
6289 6296 case SCF_ERROR_DELETED:
6290 6297 goto out;
6291 6298
6292 6299 case SCF_ERROR_NOT_FOUND:
6293 6300 action_ts[i] = 0;
6294 6301 continue;
6295 6302
6296 6303 case SCF_ERROR_HANDLE_MISMATCH:
6297 6304 case SCF_ERROR_INVALID_ARGUMENT:
6298 6305 case SCF_ERROR_NOT_SET:
6299 6306 bad_error("scf_pg_get_property", scf_error());
6300 6307 }
6301 6308 }
6302 6309
6303 6310 if (scf_property_type(prop, &type) != 0) {
6304 6311 switch (scf_error()) {
6305 6312 case SCF_ERROR_CONNECTION_BROKEN:
6306 6313 default:
6307 6314 ret = ECONNABORTED;
6308 6315 goto out;
6309 6316
6310 6317 case SCF_ERROR_DELETED:
6311 6318 action_ts[i] = 0;
6312 6319 continue;
6313 6320
6314 6321 case SCF_ERROR_NOT_SET:
6315 6322 bad_error("scf_property_type", scf_error());
6316 6323 }
6317 6324 }
6318 6325
6319 6326 if (type != SCF_TYPE_INTEGER) {
6320 6327 action_ts[i] = 0;
6321 6328 continue;
6322 6329 }
6323 6330
6324 6331 if (scf_property_get_value(prop, val) != 0) {
6325 6332 switch (scf_error()) {
6326 6333 case SCF_ERROR_CONNECTION_BROKEN:
6327 6334 default:
6328 6335 ret = ECONNABORTED;
6329 6336 goto out;
6330 6337
6331 6338 case SCF_ERROR_DELETED:
6332 6339 goto out;
6333 6340
6334 6341 case SCF_ERROR_NOT_FOUND:
6335 6342 case SCF_ERROR_CONSTRAINT_VIOLATED:
6336 6343 action_ts[i] = 0;
6337 6344 continue;
6338 6345
6339 6346 case SCF_ERROR_NOT_SET:
6340 6347 case SCF_ERROR_PERMISSION_DENIED:
6341 6348 bad_error("scf_property_get_value",
6342 6349 scf_error());
6343 6350 }
6344 6351 }
6345 6352
6346 6353 r = scf_value_get_integer(val, &action_ts[i]);
6347 6354 assert(r == 0);
6348 6355 }
6349 6356
6350 6357 a = ADMIN_EVENT_MAINT_ON_IMMEDIATE;
6351 6358 if (action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ||
6352 6359 action_ts[ADMIN_EVENT_MAINT_ON]) {
6353 6360 a = action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ?
6354 6361 ADMIN_EVENT_MAINT_ON_IMMEDIATE : ADMIN_EVENT_MAINT_ON;
6355 6362
6356 6363 vertex_send_event(vertex, admin_events[a]);
6357 6364 r = libscf_unset_action(h, pg, a, action_ts[a]);
6358 6365 switch (r) {
6359 6366 case 0:
6360 6367 case EACCES:
6361 6368 break;
6362 6369
6363 6370 case ECONNABORTED:
6364 6371 ret = ECONNABORTED;
6365 6372 goto out;
6366 6373
6367 6374 case EPERM:
6368 6375 uu_die("Insufficient privilege.\n");
6369 6376 /* NOTREACHED */
6370 6377
6371 6378 default:
6372 6379 bad_error("libscf_unset_action", r);
6373 6380 }
6374 6381 }
6375 6382
6376 6383 while ((a = next_action(action_ts, NACTIONS)) != -1) {
6377 6384 log_framework(LOG_DEBUG,
6378 6385 "Graph: processing %s action for %s.\n", admin_actions[a],
6379 6386 inst_name);
6380 6387
6381 6388 if (a == ADMIN_EVENT_REFRESH) {
6382 6389 r = dgraph_refresh_instance(vertex, inst);
6383 6390 switch (r) {
6384 6391 case 0:
6385 6392 case ECANCELED:
6386 6393 case EINVAL:
6387 6394 case -1:
6388 6395 break;
6389 6396
6390 6397 case ECONNABORTED:
6391 6398 /* pg & inst are reset now, so just return. */
6392 6399 ret = ECONNABORTED;
6393 6400 goto out;
6394 6401
6395 6402 default:
6396 6403 bad_error("dgraph_refresh_instance", r);
6397 6404 }
6398 6405 }
6399 6406
6400 6407 vertex_send_event(vertex, admin_events[a]);
6401 6408
6402 6409 r = libscf_unset_action(h, pg, a, action_ts[a]);
6403 6410 switch (r) {
6404 6411 case 0:
6405 6412 case EACCES:
6406 6413 break;
6407 6414
6408 6415 case ECONNABORTED:
6409 6416 ret = ECONNABORTED;
6410 6417 goto out;
6411 6418
6412 6419 case EPERM:
6413 6420 uu_die("Insufficient privilege.\n");
6414 6421 /* NOTREACHED */
6415 6422
6416 6423 default:
6417 6424 bad_error("libscf_unset_action", r);
6418 6425 }
6419 6426
6420 6427 action_ts[a] = 0;
6421 6428 }
6422 6429
6423 6430 out:
6424 6431 MUTEX_UNLOCK(&dgraph_lock);
6425 6432
6426 6433 scf_property_destroy(prop);
6427 6434 scf_value_destroy(val);
6428 6435 startd_free(inst_name, max_scf_fmri_size);
6429 6436 return (ret);
6430 6437 }
6431 6438
6432 6439 /*
6433 6440 * inst and pg_name are scratch space, and are unset on entry.
6434 6441 * Returns
6435 6442 * 0 - success
6436 6443 * ECONNRESET - success, but repository handle rebound
6437 6444 * ECONNABORTED - repository connection broken
6438 6445 */
6439 6446 static int
6440 6447 process_pg_event(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst,
6441 6448 char *pg_name)
6442 6449 {
6443 6450 int r;
6444 6451 scf_property_t *prop;
6445 6452 scf_value_t *val;
6446 6453 char *fmri;
6447 6454 boolean_t rebound = B_FALSE, rebind_inst = B_FALSE;
6448 6455
6449 6456 if (scf_pg_get_name(pg, pg_name, max_scf_value_size) < 0) {
6450 6457 switch (scf_error()) {
6451 6458 case SCF_ERROR_CONNECTION_BROKEN:
6452 6459 default:
6453 6460 return (ECONNABORTED);
6454 6461
6455 6462 case SCF_ERROR_DELETED:
6456 6463 return (0);
6457 6464
6458 6465 case SCF_ERROR_NOT_SET:
6459 6466 bad_error("scf_pg_get_name", scf_error());
6460 6467 }
6461 6468 }
6462 6469
6463 6470 if (strcmp(pg_name, SCF_PG_GENERAL) == 0 ||
6464 6471 strcmp(pg_name, SCF_PG_GENERAL_OVR) == 0) {
6465 6472 r = dgraph_update_general(pg);
6466 6473 switch (r) {
6467 6474 case 0:
6468 6475 case ENOTSUP:
6469 6476 case ECANCELED:
6470 6477 return (0);
6471 6478
6472 6479 case ECONNABORTED:
6473 6480 return (ECONNABORTED);
6474 6481
6475 6482 case -1:
6476 6483 /* Error should have been logged. */
6477 6484 return (0);
6478 6485
6479 6486 default:
6480 6487 bad_error("dgraph_update_general", r);
6481 6488 }
6482 6489 } else if (strcmp(pg_name, SCF_PG_RESTARTER_ACTIONS) == 0) {
6483 6490 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6484 6491 switch (scf_error()) {
6485 6492 case SCF_ERROR_CONNECTION_BROKEN:
6486 6493 return (ECONNABORTED);
6487 6494
6488 6495 case SCF_ERROR_DELETED:
6489 6496 case SCF_ERROR_CONSTRAINT_VIOLATED:
6490 6497 /* Ignore commands on services. */
6491 6498 return (0);
6492 6499
6493 6500 case SCF_ERROR_NOT_BOUND:
6494 6501 case SCF_ERROR_HANDLE_MISMATCH:
6495 6502 case SCF_ERROR_NOT_SET:
6496 6503 default:
6497 6504 bad_error("scf_pg_get_parent_instance",
6498 6505 scf_error());
6499 6506 }
6500 6507 }
6501 6508
6502 6509 return (process_actions(h, pg, inst));
6503 6510 }
6504 6511
6505 6512 if (strcmp(pg_name, SCF_PG_OPTIONS) != 0 &&
6506 6513 strcmp(pg_name, SCF_PG_OPTIONS_OVR) != 0)
6507 6514 return (0);
6508 6515
6509 6516 /*
6510 6517 * We only care about the options[_ovr] property groups of our own
6511 6518 * instance, so get the fmri and compare. Plus, once we know it's
6512 6519 * correct, if the repository connection is broken we know exactly what
6513 6520 * property group we were operating on, and can look it up again.
6514 6521 */
6515 6522 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6516 6523 switch (scf_error()) {
6517 6524 case SCF_ERROR_CONNECTION_BROKEN:
6518 6525 return (ECONNABORTED);
6519 6526
6520 6527 case SCF_ERROR_DELETED:
6521 6528 case SCF_ERROR_CONSTRAINT_VIOLATED:
6522 6529 return (0);
6523 6530
6524 6531 case SCF_ERROR_HANDLE_MISMATCH:
6525 6532 case SCF_ERROR_NOT_BOUND:
6526 6533 case SCF_ERROR_NOT_SET:
6527 6534 default:
6528 6535 bad_error("scf_pg_get_parent_instance",
6529 6536 scf_error());
6530 6537 }
6531 6538 }
6532 6539
6533 6540 switch (r = libscf_instance_get_fmri(inst, &fmri)) {
6534 6541 case 0:
6535 6542 break;
6536 6543
6537 6544 case ECONNABORTED:
6538 6545 return (ECONNABORTED);
6539 6546
6540 6547 case ECANCELED:
6541 6548 return (0);
6542 6549
6543 6550 default:
6544 6551 bad_error("libscf_instance_get_fmri", r);
6545 6552 }
6546 6553
6547 6554 if (strcmp(fmri, SCF_SERVICE_STARTD) != 0) {
6548 6555 startd_free(fmri, max_scf_fmri_size);
6549 6556 return (0);
6550 6557 }
6551 6558
6552 6559 /*
6553 6560 * update the information events flag
6554 6561 */
6555 6562 if (strcmp(pg_name, SCF_PG_OPTIONS) == 0)
6556 6563 info_events_all = libscf_get_info_events_all(pg);
6557 6564
6558 6565 prop = safe_scf_property_create(h);
6559 6566 val = safe_scf_value_create(h);
6560 6567
6561 6568 if (strcmp(pg_name, SCF_PG_OPTIONS_OVR) == 0) {
6562 6569 /* See if we need to set the runlevel. */
6563 6570 /* CONSTCOND */
6564 6571 if (0) {
6565 6572 rebind_pg:
6566 6573 libscf_handle_rebind(h);
6567 6574 rebound = B_TRUE;
6568 6575
6569 6576 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6570 6577 switch (r) {
6571 6578 case 0:
6572 6579 break;
6573 6580
6574 6581 case ECONNABORTED:
6575 6582 goto rebind_pg;
6576 6583
6577 6584 case ENOENT:
6578 6585 goto out;
6579 6586
6580 6587 case EINVAL:
6581 6588 case ENOTSUP:
6582 6589 bad_error("libscf_lookup_instance", r);
6583 6590 }
6584 6591
6585 6592 if (scf_instance_get_pg(inst, pg_name, pg) != 0) {
6586 6593 switch (scf_error()) {
6587 6594 case SCF_ERROR_DELETED:
6588 6595 case SCF_ERROR_NOT_FOUND:
6589 6596 goto out;
6590 6597
6591 6598 case SCF_ERROR_CONNECTION_BROKEN:
6592 6599 goto rebind_pg;
6593 6600
6594 6601 case SCF_ERROR_HANDLE_MISMATCH:
6595 6602 case SCF_ERROR_NOT_BOUND:
6596 6603 case SCF_ERROR_NOT_SET:
6597 6604 case SCF_ERROR_INVALID_ARGUMENT:
6598 6605 default:
6599 6606 bad_error("scf_instance_get_pg",
6600 6607 scf_error());
6601 6608 }
6602 6609 }
6603 6610 }
6604 6611
6605 6612 if (scf_pg_get_property(pg, "runlevel", prop) == 0) {
6606 6613 r = dgraph_set_runlevel(pg, prop);
6607 6614 switch (r) {
6608 6615 case ECONNRESET:
6609 6616 rebound = B_TRUE;
6610 6617 rebind_inst = B_TRUE;
6611 6618 /* FALLTHROUGH */
6612 6619
6613 6620 case 0:
6614 6621 break;
6615 6622
6616 6623 case ECONNABORTED:
6617 6624 goto rebind_pg;
6618 6625
6619 6626 case ECANCELED:
6620 6627 goto out;
6621 6628
6622 6629 default:
6623 6630 bad_error("dgraph_set_runlevel", r);
6624 6631 }
6625 6632 } else {
6626 6633 switch (scf_error()) {
6627 6634 case SCF_ERROR_CONNECTION_BROKEN:
6628 6635 default:
6629 6636 goto rebind_pg;
6630 6637
6631 6638 case SCF_ERROR_DELETED:
6632 6639 goto out;
6633 6640
6634 6641 case SCF_ERROR_NOT_FOUND:
6635 6642 break;
6636 6643
6637 6644 case SCF_ERROR_INVALID_ARGUMENT:
6638 6645 case SCF_ERROR_HANDLE_MISMATCH:
6639 6646 case SCF_ERROR_NOT_BOUND:
6640 6647 case SCF_ERROR_NOT_SET:
6641 6648 bad_error("scf_pg_get_property", scf_error());
6642 6649 }
6643 6650 }
6644 6651 }
6645 6652
6646 6653 if (rebind_inst) {
6647 6654 lookup_inst:
6648 6655 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6649 6656 switch (r) {
6650 6657 case 0:
6651 6658 break;
6652 6659
6653 6660 case ECONNABORTED:
6654 6661 libscf_handle_rebind(h);
6655 6662 rebound = B_TRUE;
6656 6663 goto lookup_inst;
6657 6664
6658 6665 case ENOENT:
6659 6666 goto out;
6660 6667
6661 6668 case EINVAL:
6662 6669 case ENOTSUP:
6663 6670 bad_error("libscf_lookup_instance", r);
6664 6671 }
6665 6672 }
6666 6673
6667 6674 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6668 6675 switch (r) {
6669 6676 case 0:
6670 6677 break;
6671 6678
6672 6679 case ECONNABORTED:
6673 6680 libscf_handle_rebind(h);
6674 6681 rebound = B_TRUE;
6675 6682 goto lookup_inst;
6676 6683
6677 6684 case EINVAL:
6678 6685 log_error(LOG_NOTICE,
6679 6686 "%s/%s property of %s is misconfigured.\n", pg_name,
6680 6687 SCF_PROPERTY_MILESTONE, SCF_SERVICE_STARTD);
6681 6688 /* FALLTHROUGH */
6682 6689
6683 6690 case ECANCELED:
6684 6691 case ENOENT:
6685 6692 (void) strcpy(fmri, "all");
6686 6693 break;
6687 6694
6688 6695 default:
6689 6696 bad_error("libscf_get_milestone", r);
6690 6697 }
6691 6698
6692 6699 r = dgraph_set_milestone(fmri, h, B_FALSE);
6693 6700 switch (r) {
6694 6701 case 0:
6695 6702 case ECONNRESET:
6696 6703 case EALREADY:
6697 6704 break;
6698 6705
6699 6706 case EINVAL:
6700 6707 log_error(LOG_WARNING, "Milestone %s is invalid.\n", fmri);
6701 6708 break;
6702 6709
6703 6710 case ENOENT:
6704 6711 log_error(LOG_WARNING, "Milestone %s does not exist.\n", fmri);
6705 6712 break;
6706 6713
6707 6714 default:
6708 6715 bad_error("dgraph_set_milestone", r);
6709 6716 }
6710 6717
6711 6718 out:
6712 6719 startd_free(fmri, max_scf_fmri_size);
6713 6720 scf_value_destroy(val);
6714 6721 scf_property_destroy(prop);
6715 6722
6716 6723 return (rebound ? ECONNRESET : 0);
6717 6724 }
6718 6725
6719 6726 /*
6720 6727 * process_delete() deletes an instance from the dgraph if 'fmri' is an
6721 6728 * instance fmri or if 'fmri' matches the 'general' property group of an
6722 6729 * instance (or the 'general/enabled' property).
6723 6730 *
6724 6731 * 'fmri' may be overwritten and cannot be trusted on return by the caller.
6725 6732 */
6726 6733 static void
6727 6734 process_delete(char *fmri, scf_handle_t *h)
6728 6735 {
6729 6736 char *lfmri, *end_inst_fmri;
6730 6737 const char *inst_name = NULL;
6731 6738 const char *pg_name = NULL;
6732 6739 const char *prop_name = NULL;
6733 6740
6734 6741 lfmri = safe_strdup(fmri);
6735 6742
6736 6743 /* Determine if the FMRI is a property group or instance */
6737 6744 if (scf_parse_svc_fmri(lfmri, NULL, NULL, &inst_name, &pg_name,
6738 6745 &prop_name) != SCF_SUCCESS) {
6739 6746 log_error(LOG_WARNING,
6740 6747 "Received invalid FMRI \"%s\" from repository server.\n",
6741 6748 fmri);
6742 6749 } else if (inst_name != NULL && pg_name == NULL) {
6743 6750 (void) dgraph_remove_instance(fmri, h);
6744 6751 } else if (inst_name != NULL && pg_name != NULL) {
6745 6752 /*
6746 6753 * If we're deleting the 'general' property group or
6747 6754 * 'general/enabled' property then the whole instance
6748 6755 * must be removed from the dgraph.
6749 6756 */
6750 6757 if (strcmp(pg_name, SCF_PG_GENERAL) != 0) {
6751 6758 free(lfmri);
6752 6759 return;
6753 6760 }
6754 6761
6755 6762 if (prop_name != NULL &&
6756 6763 strcmp(prop_name, SCF_PROPERTY_ENABLED) != 0) {
6757 6764 free(lfmri);
6758 6765 return;
6759 6766 }
6760 6767
6761 6768 /*
6762 6769 * Because the instance has already been deleted from the
6763 6770 * repository, we cannot use any scf_ functions to retrieve
6764 6771 * the instance FMRI however we can easily reconstruct it
6765 6772 * manually.
6766 6773 */
6767 6774 end_inst_fmri = strstr(fmri, SCF_FMRI_PROPERTYGRP_PREFIX);
6768 6775 if (end_inst_fmri == NULL)
6769 6776 bad_error("process_delete", 0);
6770 6777
6771 6778 end_inst_fmri[0] = '\0';
6772 6779
6773 6780 (void) dgraph_remove_instance(fmri, h);
6774 6781 }
6775 6782
6776 6783 free(lfmri);
6777 6784 }
6778 6785
6779 6786 /*ARGSUSED*/
6780 6787 void *
6781 6788 repository_event_thread(void *unused)
6782 6789 {
6783 6790 scf_handle_t *h;
6784 6791 scf_propertygroup_t *pg;
6785 6792 scf_instance_t *inst;
6786 6793 char *fmri = startd_alloc(max_scf_fmri_size);
6787 6794 char *pg_name = startd_alloc(max_scf_value_size);
6788 6795 int r;
6789 6796
6790 6797 h = libscf_handle_create_bound_loop();
6791 6798
6792 6799 pg = safe_scf_pg_create(h);
6793 6800 inst = safe_scf_instance_create(h);
6794 6801
6795 6802 retry:
6796 6803 if (_scf_notify_add_pgtype(h, SCF_GROUP_FRAMEWORK) != SCF_SUCCESS) {
6797 6804 if (scf_error() == SCF_ERROR_CONNECTION_BROKEN) {
6798 6805 libscf_handle_rebind(h);
6799 6806 } else {
6800 6807 log_error(LOG_WARNING,
6801 6808 "Couldn't set up repository notification "
6802 6809 "for property group type %s: %s\n",
6803 6810 SCF_GROUP_FRAMEWORK, scf_strerror(scf_error()));
6804 6811
6805 6812 (void) sleep(1);
6806 6813 }
6807 6814
6808 6815 goto retry;
6809 6816 }
6810 6817
6811 6818 /*CONSTCOND*/
6812 6819 while (1) {
6813 6820 ssize_t res;
6814 6821
6815 6822 /* Note: fmri is only set on delete events. */
6816 6823 res = _scf_notify_wait(pg, fmri, max_scf_fmri_size);
6817 6824 if (res < 0) {
6818 6825 libscf_handle_rebind(h);
6819 6826 goto retry;
6820 6827 } else if (res == 0) {
6821 6828 /*
6822 6829 * property group modified. inst and pg_name are
6823 6830 * pre-allocated scratch space.
6824 6831 */
6825 6832 if (scf_pg_update(pg) < 0) {
6826 6833 switch (scf_error()) {
6827 6834 case SCF_ERROR_DELETED:
6828 6835 continue;
6829 6836
6830 6837 case SCF_ERROR_CONNECTION_BROKEN:
6831 6838 log_error(LOG_WARNING,
6832 6839 "Lost repository event due to "
6833 6840 "disconnection.\n");
6834 6841 libscf_handle_rebind(h);
6835 6842 goto retry;
6836 6843
6837 6844 case SCF_ERROR_NOT_BOUND:
6838 6845 case SCF_ERROR_NOT_SET:
6839 6846 default:
6840 6847 bad_error("scf_pg_update", scf_error());
6841 6848 }
6842 6849 }
6843 6850
6844 6851 r = process_pg_event(h, pg, inst, pg_name);
6845 6852 switch (r) {
6846 6853 case 0:
6847 6854 break;
6848 6855
6849 6856 case ECONNABORTED:
6850 6857 log_error(LOG_WARNING, "Lost repository event "
6851 6858 "due to disconnection.\n");
6852 6859 libscf_handle_rebind(h);
6853 6860 /* FALLTHROUGH */
6854 6861
6855 6862 case ECONNRESET:
6856 6863 goto retry;
6857 6864
6858 6865 default:
6859 6866 bad_error("process_pg_event", r);
6860 6867 }
6861 6868 } else {
6862 6869 /*
6863 6870 * Service, instance, or pg deleted.
6864 6871 * Don't trust fmri on return.
6865 6872 */
6866 6873 process_delete(fmri, h);
6867 6874 }
6868 6875 }
6869 6876
6870 6877 /*NOTREACHED*/
6871 6878 return (NULL);
6872 6879 }
6873 6880
6874 6881 void
6875 6882 graph_engine_start()
6876 6883 {
6877 6884 int err;
6878 6885
6879 6886 (void) startd_thread_create(graph_thread, NULL);
6880 6887
6881 6888 MUTEX_LOCK(&dgraph_lock);
6882 6889 while (!initial_milestone_set) {
6883 6890 err = pthread_cond_wait(&initial_milestone_cv, &dgraph_lock);
6884 6891 assert(err == 0);
6885 6892 }
6886 6893 MUTEX_UNLOCK(&dgraph_lock);
6887 6894
6888 6895 (void) startd_thread_create(repository_event_thread, NULL);
6889 6896 (void) startd_thread_create(graph_event_thread, NULL);
6890 6897 }
|
↓ open down ↓ |
1466 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX