Print this page
7267 SMF is fast and loose with optional dependencies
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Albert Lee <trisk@omniti.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/svc/startd/graph.c
+++ new/usr/src/cmd/svc/startd/graph.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Copyright (c) 2015, Syneto S.R.L. All rights reserved.
25 + * Copyright 2016 RackTop Systems.
25 26 */
26 27
27 28 /*
28 29 * graph.c - master restarter graph engine
29 30 *
30 31 * The graph engine keeps a dependency graph of all service instances on the
31 32 * system, as recorded in the repository. It decides when services should
32 33 * be brought up or down based on service states and dependencies and sends
33 34 * commands to restarters to effect any changes. It also executes
34 35 * administrator commands sent by svcadm via the repository.
35 36 *
36 37 * The graph is stored in uu_list_t *dgraph and its vertices are
37 38 * graph_vertex_t's, each of which has a name and an integer id unique to
38 39 * its name (see dict.c). A vertex's type attribute designates the type
39 40 * of object it represents: GVT_INST for service instances, GVT_SVC for
40 41 * service objects (since service instances may depend on another service,
41 42 * rather than service instance), GVT_FILE for files (which services may
42 43 * depend on), and GVT_GROUP for dependencies on multiple objects. GVT_GROUP
43 44 * vertices are necessary because dependency lists may have particular
44 45 * grouping types (require any, require all, optional, or exclude) and
45 46 * event-propagation characteristics.
46 47 *
47 48 * The initial graph is built by libscf_populate_graph() invoking
48 49 * dgraph_add_instance() for each instance in the repository. The function
49 50 * adds a GVT_SVC vertex for the service if one does not already exist, adds
50 51 * a GVT_INST vertex named by the FMRI of the instance, and sets up the edges.
51 52 * The resulting web of vertices & edges associated with an instance's vertex
52 53 * includes
53 54 *
54 55 * - an edge from the GVT_SVC vertex for the instance's service
55 56 *
56 57 * - an edge to the GVT_INST vertex of the instance's resarter, if its
57 58 * restarter is not svc.startd
58 59 *
59 60 * - edges from other GVT_INST vertices if the instance is a restarter
60 61 *
61 62 * - for each dependency property group in the instance's "running"
62 63 * snapshot, an edge to a GVT_GROUP vertex named by the FMRI of the
63 64 * instance and the name of the property group
64 65 *
65 66 * - for each value of the "entities" property in each dependency property
66 67 * group, an edge from the corresponding GVT_GROUP vertex to a
67 68 * GVT_INST, GVT_SVC, or GVT_FILE vertex
68 69 *
69 70 * - edges from GVT_GROUP vertices for each dependent instance
70 71 *
71 72 * After the edges are set up the vertex's GV_CONFIGURED flag is set. If
72 73 * there are problems, or if a service is mentioned in a dependency but does
73 74 * not exist in the repository, the GV_CONFIGURED flag will be clear.
74 75 *
75 76 * The graph and all of its vertices are protected by the dgraph_lock mutex.
76 77 * See restarter.c for more information.
77 78 *
78 79 * The properties of an instance fall into two classes: immediate and
79 80 * snapshotted. Immediate properties should have an immediate effect when
80 81 * changed. Snapshotted properties should be read from a snapshot, so they
81 82 * only change when the snapshot changes. The immediate properties used by
82 83 * the graph engine are general/enabled, general/restarter, and the properties
83 84 * in the restarter_actions property group. Since they are immediate, they
84 85 * are not read out of a snapshot. The snapshotted properties used by the
85 86 * graph engine are those in the property groups with type "dependency" and
86 87 * are read out of the "running" snapshot. The "running" snapshot is created
87 88 * by the the graph engine as soon as possible, and it is updated, along with
88 89 * in-core copies of the data (dependency information for the graph engine) on
89 90 * receipt of the refresh command from svcadm. In addition, the graph engine
90 91 * updates the "start" snapshot from the "running" snapshot whenever a service
91 92 * comes online.
92 93 *
93 94 * When a DISABLE event is requested by the administrator, svc.startd shutdown
94 95 * the dependents first before shutting down the requested service.
95 96 * In graph_enable_by_vertex, we create a subtree that contains the dependent
96 97 * vertices by marking those vertices with the GV_TOOFFLINE flag. And we mark
97 98 * the vertex to disable with the GV_TODISABLE flag. Once the tree is created,
98 99 * we send the _ADMIN_DISABLE event to the leaves. The leaves will then
99 100 * transition from STATE_ONLINE/STATE_DEGRADED to STATE_OFFLINE/STATE_MAINT.
100 101 * In gt_enter_offline and gt_enter_maint if the vertex was in a subtree then
101 102 * we clear the GV_TOOFFLINE flag and walk the dependencies to offline the new
102 103 * exposed leaves. We do the same until we reach the last leaf (the one with
103 104 * the GV_TODISABLE flag). If the vertex to disable is also part of a larger
104 105 * subtree (eg. multiple DISABLE events on vertices in the same subtree) then
105 106 * once the first vertex is disabled (GV_TODISABLE flag is removed), we
106 107 * continue to propagate the offline event to the vertex's dependencies.
107 108 *
108 109 *
109 110 * SMF state transition notifications
110 111 *
111 112 * When an instance of a service managed by SMF changes state, svc.startd may
112 113 * publish a GPEC sysevent. All transitions to or from maintenance, a
113 114 * transition cause by a hardware error will generate an event.
114 115 * Other transitions will generate an event if there exist notification
115 116 * parameter for that transition. Notification parameters are stored in the
116 117 * SMF repository for the service/instance they refer to. System-wide
117 118 * notification parameters are stored in the global instance.
118 119 * svc.startd can be told to send events for all SMF state transitions despite
119 120 * of notification parameters by setting options/info_events_all to true in
120 121 * restarter:default
121 122 *
122 123 * The set of transitions that generate events is cached in the
123 124 * dgraph_vertex_t gv_stn_tset for service/instance and in the global
124 125 * stn_global for the system-wide set. They are re-read when instances are
125 126 * refreshed.
126 127 *
127 128 * The GPEC events published by svc.startd are consumed by fmd(1M). After
128 129 * processing these events, fmd(1M) publishes the processed events to
129 130 * notification agents. The notification agents read the notification
130 131 * parameters from the SMF repository through libscf(3LIB) interfaces and send
131 132 * the notification, or not, based on those parameters.
132 133 *
133 134 * Subscription and publishing to the GPEC channels is done with the
134 135 * libfmevent(3LIB) wrappers fmev_[r]publish_*() and
135 136 * fmev_shdl_(un)subscribe().
136 137 *
137 138 */
138 139
139 140 #include <sys/uadmin.h>
140 141 #include <sys/wait.h>
141 142
142 143 #include <assert.h>
143 144 #include <errno.h>
144 145 #include <fcntl.h>
145 146 #include <fm/libfmevent.h>
146 147 #include <libscf.h>
147 148 #include <libscf_priv.h>
148 149 #include <librestart.h>
149 150 #include <libuutil.h>
150 151 #include <locale.h>
151 152 #include <poll.h>
152 153 #include <pthread.h>
153 154 #include <signal.h>
154 155 #include <stddef.h>
155 156 #include <stdio.h>
156 157 #include <stdlib.h>
157 158 #include <string.h>
158 159 #include <strings.h>
159 160 #include <sys/statvfs.h>
160 161 #include <sys/uadmin.h>
161 162 #include <zone.h>
162 163 #if defined(__i386)
163 164 #include <libgrubmgmt.h>
164 165 #endif /* __i386 */
165 166
166 167 #include "startd.h"
167 168 #include "protocol.h"
168 169
169 170
170 171 #define MILESTONE_NONE ((graph_vertex_t *)1)
171 172
172 173 #define CONSOLE_LOGIN_FMRI "svc:/system/console-login:default"
173 174 #define FS_MINIMAL_FMRI "svc:/system/filesystem/minimal:default"
174 175
175 176 #define VERTEX_REMOVED 0 /* vertex has been freed */
176 177 #define VERTEX_INUSE 1 /* vertex is still in use */
177 178
178 179 #define IS_ENABLED(v) ((v)->gv_flags & (GV_ENABLED | GV_ENBLD_NOOVR))
179 180
180 181 /*
181 182 * stn_global holds the tset for the system wide notification parameters.
182 183 * It is updated on refresh of svc:/system/svc/global:default
183 184 *
184 185 * There are two assumptions that relax the need for a mutex:
185 186 * 1. 32-bit value assignments are atomic
186 187 * 2. Its value is consumed only in one point at
187 188 * dgraph_state_transition_notify(). There are no test and set races.
188 189 *
189 190 * If either assumption is broken, we'll need a mutex to synchronize
190 191 * access to stn_global
191 192 */
192 193 int32_t stn_global;
193 194 /*
194 195 * info_events_all holds a flag to override notification parameters and send
195 196 * Information events for all state transitions.
196 197 * same about the need of a mutex here.
197 198 */
198 199 int info_events_all;
199 200
|
↓ open down ↓ |
165 lines elided |
↑ open up ↑ |
200 201 /*
201 202 * Services in these states are not considered 'down' by the
202 203 * milestone/shutdown code.
203 204 */
204 205 #define up_state(state) ((state) == RESTARTER_STATE_ONLINE || \
205 206 (state) == RESTARTER_STATE_DEGRADED || \
206 207 (state) == RESTARTER_STATE_OFFLINE)
207 208
208 209 #define is_depgrp_bypassed(v) ((v->gv_type == GVT_GROUP) && \
209 210 ((v->gv_depgroup == DEPGRP_EXCLUDE_ALL) || \
210 - (v->gv_depgroup == DEPGRP_OPTIONAL_ALL) || \
211 211 (v->gv_restart < RERR_RESTART)))
212 212
213 213 static uu_list_pool_t *graph_edge_pool, *graph_vertex_pool;
214 214 static uu_list_t *dgraph;
215 215 static pthread_mutex_t dgraph_lock;
216 216
217 217 /*
218 218 * milestone indicates the current subgraph. When NULL, it is the entire
219 219 * graph. When MILESTONE_NONE, it is the empty graph. Otherwise, it is all
220 220 * services on which the target vertex depends.
221 221 */
222 222 static graph_vertex_t *milestone = NULL;
223 223 static boolean_t initial_milestone_set = B_FALSE;
224 224 static pthread_cond_t initial_milestone_cv = PTHREAD_COND_INITIALIZER;
225 225
226 226 /* protected by dgraph_lock */
227 227 static boolean_t sulogin_thread_running = B_FALSE;
228 228 static boolean_t sulogin_running = B_FALSE;
229 229 static boolean_t console_login_ready = B_FALSE;
230 230
231 231 /* Number of services to come down to complete milestone transition. */
232 232 static uint_t non_subgraph_svcs;
233 233
234 234 /*
235 235 * These variables indicate what should be done when we reach the milestone
236 236 * target milestone, i.e., when non_subgraph_svcs == 0. They are acted upon in
237 237 * dgraph_set_instance_state().
238 238 */
239 239 static int halting = -1;
240 240 static boolean_t go_single_user_mode = B_FALSE;
241 241 static boolean_t go_to_level1 = B_FALSE;
242 242
243 243 /*
244 244 * Tracks when we started halting.
245 245 */
246 246 static time_t halting_time = 0;
247 247
248 248 /*
249 249 * This tracks the legacy runlevel to ensure we signal init and manage
250 250 * utmpx entries correctly.
251 251 */
252 252 static char current_runlevel = '\0';
253 253
254 254 /* Number of single user threads currently running */
255 255 static pthread_mutex_t single_user_thread_lock;
256 256 static int single_user_thread_count = 0;
257 257
258 258 /* Statistics for dependency cycle-checking */
259 259 static u_longlong_t dep_inserts = 0;
260 260 static u_longlong_t dep_cycle_ns = 0;
261 261 static u_longlong_t dep_insert_ns = 0;
262 262
263 263
264 264 static const char * const emsg_invalid_restarter =
265 265 "Transitioning %s to maintenance, restarter FMRI %s is invalid "
266 266 "(see 'svcs -xv' for details).\n";
267 267 static const char * const console_login_fmri = CONSOLE_LOGIN_FMRI;
268 268 static const char * const single_user_fmri = SCF_MILESTONE_SINGLE_USER;
269 269 static const char * const multi_user_fmri = SCF_MILESTONE_MULTI_USER;
270 270 static const char * const multi_user_svr_fmri = SCF_MILESTONE_MULTI_USER_SERVER;
271 271
272 272
273 273 /*
274 274 * These services define the system being "up". If none of them can come
275 275 * online, then we will run sulogin on the console. Note that the install ones
276 276 * are for the miniroot and when installing CDs after the first. can_come_up()
277 277 * does the decision making, and an sulogin_thread() runs sulogin, which can be
278 278 * started by dgraph_set_instance_state() or single_user_thread().
279 279 *
280 280 * NOTE: can_come_up() relies on SCF_MILESTONE_SINGLE_USER being the first
281 281 * entry, which is only used when booting_to_single_user (boot -s) is set.
282 282 * This is because when doing a "boot -s", sulogin is started from specials.c
283 283 * after milestone/single-user comes online, for backwards compatibility.
284 284 * In this case, SCF_MILESTONE_SINGLE_USER needs to be part of up_svcs
285 285 * to ensure sulogin will be spawned if milestone/single-user cannot be reached.
286 286 */
287 287 static const char * const up_svcs[] = {
288 288 SCF_MILESTONE_SINGLE_USER,
289 289 CONSOLE_LOGIN_FMRI,
290 290 "svc:/system/install-setup:default",
291 291 "svc:/system/install:default",
292 292 NULL
293 293 };
294 294
295 295 /* This array must have an element for each non-NULL element of up_svcs[]. */
296 296 static graph_vertex_t *up_svcs_p[] = { NULL, NULL, NULL, NULL };
297 297
298 298 /* These are for seed repository magic. See can_come_up(). */
299 299 static const char * const manifest_import = SCF_INSTANCE_MI;
300 300 static graph_vertex_t *manifest_import_p = NULL;
301 301
302 302
303 303 static char target_milestone_as_runlevel(void);
304 304 static void graph_runlevel_changed(char rl, int online);
305 305 static int dgraph_set_milestone(const char *, scf_handle_t *, boolean_t);
306 306 static boolean_t should_be_in_subgraph(graph_vertex_t *v);
307 307 static int mark_subtree(graph_edge_t *, void *);
308 308 static boolean_t insubtree_dependents_down(graph_vertex_t *);
309 309
310 310 /*
311 311 * graph_vertex_compare()
312 312 * This function can compare either int *id or * graph_vertex_t *gv
313 313 * values, as the vertex id is always the first element of a
314 314 * graph_vertex structure.
315 315 */
316 316 /* ARGSUSED */
317 317 static int
318 318 graph_vertex_compare(const void *lc_arg, const void *rc_arg, void *private)
319 319 {
320 320 int lc_id = ((const graph_vertex_t *)lc_arg)->gv_id;
321 321 int rc_id = *(int *)rc_arg;
322 322
323 323 if (lc_id > rc_id)
324 324 return (1);
325 325 if (lc_id < rc_id)
326 326 return (-1);
327 327 return (0);
328 328 }
329 329
330 330 void
331 331 graph_init()
332 332 {
333 333 graph_edge_pool = startd_list_pool_create("graph_edges",
334 334 sizeof (graph_edge_t), offsetof(graph_edge_t, ge_link), NULL,
335 335 UU_LIST_POOL_DEBUG);
336 336 assert(graph_edge_pool != NULL);
337 337
338 338 graph_vertex_pool = startd_list_pool_create("graph_vertices",
339 339 sizeof (graph_vertex_t), offsetof(graph_vertex_t, gv_link),
340 340 graph_vertex_compare, UU_LIST_POOL_DEBUG);
341 341 assert(graph_vertex_pool != NULL);
342 342
343 343 (void) pthread_mutex_init(&dgraph_lock, &mutex_attrs);
344 344 (void) pthread_mutex_init(&single_user_thread_lock, &mutex_attrs);
345 345 dgraph = startd_list_create(graph_vertex_pool, NULL, UU_LIST_SORTED);
346 346 assert(dgraph != NULL);
347 347
348 348 if (!st->st_initial)
349 349 current_runlevel = utmpx_get_runlevel();
350 350
351 351 log_framework(LOG_DEBUG, "Initialized graph\n");
352 352 }
353 353
354 354 static graph_vertex_t *
355 355 vertex_get_by_name(const char *name)
356 356 {
357 357 int id;
358 358
359 359 assert(MUTEX_HELD(&dgraph_lock));
360 360
361 361 id = dict_lookup_byname(name);
362 362 if (id == -1)
363 363 return (NULL);
364 364
365 365 return (uu_list_find(dgraph, &id, NULL, NULL));
366 366 }
367 367
368 368 static graph_vertex_t *
369 369 vertex_get_by_id(int id)
370 370 {
371 371 assert(MUTEX_HELD(&dgraph_lock));
372 372
373 373 if (id == -1)
374 374 return (NULL);
375 375
376 376 return (uu_list_find(dgraph, &id, NULL, NULL));
377 377 }
378 378
379 379 /*
380 380 * Creates a new vertex with the given name, adds it to the graph, and returns
381 381 * a pointer to it. The graph lock must be held by this thread on entry.
382 382 */
383 383 static graph_vertex_t *
384 384 graph_add_vertex(const char *name)
385 385 {
386 386 int id;
387 387 graph_vertex_t *v;
388 388 void *p;
389 389 uu_list_index_t idx;
390 390
391 391 assert(MUTEX_HELD(&dgraph_lock));
392 392
393 393 id = dict_insert(name);
394 394
395 395 v = startd_zalloc(sizeof (*v));
396 396
397 397 v->gv_id = id;
398 398
399 399 v->gv_name = startd_alloc(strlen(name) + 1);
400 400 (void) strcpy(v->gv_name, name);
401 401
402 402 v->gv_dependencies = startd_list_create(graph_edge_pool, v, 0);
403 403 v->gv_dependents = startd_list_create(graph_edge_pool, v, 0);
404 404
405 405 p = uu_list_find(dgraph, &id, NULL, &idx);
406 406 assert(p == NULL);
407 407
408 408 uu_list_node_init(v, &v->gv_link, graph_vertex_pool);
409 409 uu_list_insert(dgraph, v, idx);
410 410
411 411 return (v);
412 412 }
413 413
414 414 /*
415 415 * Removes v from the graph and frees it. The graph should be locked by this
416 416 * thread, and v should have no edges associated with it.
417 417 */
418 418 static void
419 419 graph_remove_vertex(graph_vertex_t *v)
420 420 {
421 421 assert(MUTEX_HELD(&dgraph_lock));
422 422
423 423 assert(uu_list_numnodes(v->gv_dependencies) == 0);
424 424 assert(uu_list_numnodes(v->gv_dependents) == 0);
425 425 assert(v->gv_refs == 0);
426 426
427 427 startd_free(v->gv_name, strlen(v->gv_name) + 1);
428 428 uu_list_destroy(v->gv_dependencies);
429 429 uu_list_destroy(v->gv_dependents);
430 430 uu_list_remove(dgraph, v);
431 431
432 432 startd_free(v, sizeof (graph_vertex_t));
433 433 }
434 434
435 435 static void
436 436 graph_add_edge(graph_vertex_t *fv, graph_vertex_t *tv)
437 437 {
438 438 graph_edge_t *e, *re;
439 439 int r;
440 440
441 441 assert(MUTEX_HELD(&dgraph_lock));
442 442
443 443 e = startd_alloc(sizeof (graph_edge_t));
444 444 re = startd_alloc(sizeof (graph_edge_t));
445 445
446 446 e->ge_parent = fv;
447 447 e->ge_vertex = tv;
448 448
449 449 re->ge_parent = tv;
450 450 re->ge_vertex = fv;
451 451
452 452 uu_list_node_init(e, &e->ge_link, graph_edge_pool);
453 453 r = uu_list_insert_before(fv->gv_dependencies, NULL, e);
454 454 assert(r == 0);
455 455
456 456 uu_list_node_init(re, &re->ge_link, graph_edge_pool);
457 457 r = uu_list_insert_before(tv->gv_dependents, NULL, re);
458 458 assert(r == 0);
459 459 }
460 460
461 461 static void
462 462 graph_remove_edge(graph_vertex_t *v, graph_vertex_t *dv)
463 463 {
464 464 graph_edge_t *e;
465 465
466 466 for (e = uu_list_first(v->gv_dependencies);
467 467 e != NULL;
468 468 e = uu_list_next(v->gv_dependencies, e)) {
469 469 if (e->ge_vertex == dv) {
470 470 uu_list_remove(v->gv_dependencies, e);
471 471 startd_free(e, sizeof (graph_edge_t));
472 472 break;
473 473 }
474 474 }
475 475
476 476 for (e = uu_list_first(dv->gv_dependents);
477 477 e != NULL;
478 478 e = uu_list_next(dv->gv_dependents, e)) {
479 479 if (e->ge_vertex == v) {
480 480 uu_list_remove(dv->gv_dependents, e);
481 481 startd_free(e, sizeof (graph_edge_t));
482 482 break;
483 483 }
484 484 }
485 485 }
486 486
487 487 static void
488 488 remove_inst_vertex(graph_vertex_t *v)
489 489 {
490 490 graph_edge_t *e;
491 491 graph_vertex_t *sv;
492 492 int i;
493 493
494 494 assert(MUTEX_HELD(&dgraph_lock));
495 495 assert(uu_list_numnodes(v->gv_dependents) == 1);
496 496 assert(uu_list_numnodes(v->gv_dependencies) == 0);
497 497 assert(v->gv_refs == 0);
498 498 assert((v->gv_flags & GV_CONFIGURED) == 0);
499 499
500 500 e = uu_list_first(v->gv_dependents);
501 501 sv = e->ge_vertex;
502 502 graph_remove_edge(sv, v);
503 503
504 504 for (i = 0; up_svcs[i] != NULL; ++i) {
505 505 if (up_svcs_p[i] == v)
506 506 up_svcs_p[i] = NULL;
507 507 }
508 508
509 509 if (manifest_import_p == v)
510 510 manifest_import_p = NULL;
511 511
512 512 graph_remove_vertex(v);
513 513
514 514 if (uu_list_numnodes(sv->gv_dependencies) == 0 &&
515 515 uu_list_numnodes(sv->gv_dependents) == 0 &&
516 516 sv->gv_refs == 0)
517 517 graph_remove_vertex(sv);
518 518 }
519 519
520 520 static void
521 521 graph_walk_dependents(graph_vertex_t *v, void (*func)(graph_vertex_t *, void *),
522 522 void *arg)
523 523 {
524 524 graph_edge_t *e;
525 525
526 526 for (e = uu_list_first(v->gv_dependents);
527 527 e != NULL;
528 528 e = uu_list_next(v->gv_dependents, e))
529 529 func(e->ge_vertex, arg);
530 530 }
531 531
532 532 static void
533 533 graph_walk_dependencies(graph_vertex_t *v, void (*func)(graph_vertex_t *,
534 534 void *), void *arg)
535 535 {
536 536 graph_edge_t *e;
537 537
538 538 assert(MUTEX_HELD(&dgraph_lock));
539 539
540 540 for (e = uu_list_first(v->gv_dependencies);
541 541 e != NULL;
542 542 e = uu_list_next(v->gv_dependencies, e)) {
543 543
544 544 func(e->ge_vertex, arg);
545 545 }
546 546 }
547 547
548 548 /*
549 549 * Generic graph walking function.
550 550 *
551 551 * Given a vertex, this function will walk either dependencies
552 552 * (WALK_DEPENDENCIES) or dependents (WALK_DEPENDENTS) of a vertex recursively
553 553 * for the entire graph. It will avoid cycles and never visit the same vertex
554 554 * twice.
555 555 *
556 556 * We avoid traversing exclusion dependencies, because they are allowed to
557 557 * create cycles in the graph. When propagating satisfiability, there is no
558 558 * need to walk exclusion dependencies because exclude_all_satisfied() doesn't
559 559 * test for satisfiability.
560 560 *
561 561 * The walker takes two callbacks. The first is called before examining the
562 562 * dependents of each vertex. The second is called on each vertex after
563 563 * examining its dependents. This allows is_path_to() to construct a path only
564 564 * after the target vertex has been found.
565 565 */
566 566 typedef enum {
567 567 WALK_DEPENDENTS,
568 568 WALK_DEPENDENCIES
569 569 } graph_walk_dir_t;
570 570
571 571 typedef int (*graph_walk_cb_t)(graph_vertex_t *, void *);
572 572
573 573 typedef struct graph_walk_info {
574 574 graph_walk_dir_t gi_dir;
575 575 uchar_t *gi_visited; /* vertex bitmap */
576 576 int (*gi_pre)(graph_vertex_t *, void *);
577 577 void (*gi_post)(graph_vertex_t *, void *);
578 578 void *gi_arg; /* callback arg */
579 579 int gi_ret; /* return value */
580 580 } graph_walk_info_t;
581 581
582 582 static int
583 583 graph_walk_recurse(graph_edge_t *e, graph_walk_info_t *gip)
584 584 {
585 585 uu_list_t *list;
586 586 int r;
587 587 graph_vertex_t *v = e->ge_vertex;
588 588 int i;
589 589 uint_t b;
590 590
591 591 i = v->gv_id / 8;
592 592 b = 1 << (v->gv_id % 8);
593 593
594 594 /*
595 595 * Check to see if we've visited this vertex already.
596 596 */
597 597 if (gip->gi_visited[i] & b)
598 598 return (UU_WALK_NEXT);
599 599
600 600 gip->gi_visited[i] |= b;
601 601
602 602 /*
603 603 * Don't follow exclusions.
604 604 */
605 605 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
606 606 return (UU_WALK_NEXT);
607 607
608 608 /*
609 609 * Call pre-visit callback. If this doesn't terminate the walk,
610 610 * continue search.
611 611 */
612 612 if ((gip->gi_ret = gip->gi_pre(v, gip->gi_arg)) == UU_WALK_NEXT) {
613 613 /*
614 614 * Recurse using appropriate list.
615 615 */
616 616 if (gip->gi_dir == WALK_DEPENDENTS)
617 617 list = v->gv_dependents;
618 618 else
619 619 list = v->gv_dependencies;
620 620
621 621 r = uu_list_walk(list, (uu_walk_fn_t *)graph_walk_recurse,
622 622 gip, 0);
623 623 assert(r == 0);
624 624 }
625 625
626 626 /*
627 627 * Callbacks must return either UU_WALK_NEXT or UU_WALK_DONE.
628 628 */
629 629 assert(gip->gi_ret == UU_WALK_NEXT || gip->gi_ret == UU_WALK_DONE);
630 630
631 631 /*
632 632 * If given a post-callback, call the function for every vertex.
633 633 */
634 634 if (gip->gi_post != NULL)
635 635 (void) gip->gi_post(v, gip->gi_arg);
636 636
637 637 /*
638 638 * Preserve the callback's return value. If the callback returns
639 639 * UU_WALK_DONE, then we propagate that to the caller in order to
640 640 * terminate the walk.
641 641 */
642 642 return (gip->gi_ret);
643 643 }
644 644
645 645 static void
646 646 graph_walk(graph_vertex_t *v, graph_walk_dir_t dir,
647 647 int (*pre)(graph_vertex_t *, void *),
648 648 void (*post)(graph_vertex_t *, void *), void *arg)
649 649 {
650 650 graph_walk_info_t gi;
651 651 graph_edge_t fake;
652 652 size_t sz = dictionary->dict_new_id / 8 + 1;
653 653
654 654 gi.gi_visited = startd_zalloc(sz);
655 655 gi.gi_pre = pre;
656 656 gi.gi_post = post;
657 657 gi.gi_arg = arg;
658 658 gi.gi_dir = dir;
659 659 gi.gi_ret = 0;
660 660
661 661 /*
662 662 * Fake up an edge for the first iteration
663 663 */
664 664 fake.ge_vertex = v;
665 665 (void) graph_walk_recurse(&fake, &gi);
666 666
667 667 startd_free(gi.gi_visited, sz);
668 668 }
669 669
670 670 typedef struct child_search {
671 671 int id; /* id of vertex to look for */
672 672 uint_t depth; /* recursion depth */
673 673 /*
674 674 * While the vertex is not found, path is NULL. After the search, if
675 675 * the vertex was found then path should point to a -1-terminated
676 676 * array of vertex id's which constitute the path to the vertex.
677 677 */
678 678 int *path;
679 679 } child_search_t;
680 680
681 681 static int
682 682 child_pre(graph_vertex_t *v, void *arg)
683 683 {
684 684 child_search_t *cs = arg;
685 685
686 686 cs->depth++;
687 687
688 688 if (v->gv_id == cs->id) {
689 689 cs->path = startd_alloc((cs->depth + 1) * sizeof (int));
690 690 cs->path[cs->depth] = -1;
691 691 return (UU_WALK_DONE);
692 692 }
693 693
694 694 return (UU_WALK_NEXT);
695 695 }
696 696
697 697 static void
698 698 child_post(graph_vertex_t *v, void *arg)
699 699 {
700 700 child_search_t *cs = arg;
701 701
702 702 cs->depth--;
703 703
704 704 if (cs->path != NULL)
705 705 cs->path[cs->depth] = v->gv_id;
706 706 }
707 707
708 708 /*
709 709 * Look for a path from from to to. If one exists, returns a pointer to
710 710 * a NULL-terminated array of pointers to the vertices along the path. If
711 711 * there is no path, returns NULL.
712 712 */
713 713 static int *
714 714 is_path_to(graph_vertex_t *from, graph_vertex_t *to)
715 715 {
716 716 child_search_t cs;
717 717
718 718 cs.id = to->gv_id;
719 719 cs.depth = 0;
720 720 cs.path = NULL;
721 721
722 722 graph_walk(from, WALK_DEPENDENCIES, child_pre, child_post, &cs);
723 723
724 724 return (cs.path);
725 725 }
726 726
727 727 /*
728 728 * Given an array of int's as returned by is_path_to, allocates a string of
729 729 * their names joined by newlines. Returns the size of the allocated buffer
730 730 * in *sz and frees path.
731 731 */
732 732 static void
733 733 path_to_str(int *path, char **cpp, size_t *sz)
734 734 {
735 735 int i;
736 736 graph_vertex_t *v;
737 737 size_t allocd, new_allocd;
738 738 char *new, *name;
739 739
740 740 assert(MUTEX_HELD(&dgraph_lock));
741 741 assert(path[0] != -1);
742 742
743 743 allocd = 1;
744 744 *cpp = startd_alloc(1);
745 745 (*cpp)[0] = '\0';
746 746
747 747 for (i = 0; path[i] != -1; ++i) {
748 748 name = NULL;
749 749
750 750 v = vertex_get_by_id(path[i]);
751 751
752 752 if (v == NULL)
753 753 name = "<deleted>";
754 754 else if (v->gv_type == GVT_INST || v->gv_type == GVT_SVC)
755 755 name = v->gv_name;
756 756
757 757 if (name != NULL) {
758 758 new_allocd = allocd + strlen(name) + 1;
759 759 new = startd_alloc(new_allocd);
760 760 (void) strcpy(new, *cpp);
761 761 (void) strcat(new, name);
762 762 (void) strcat(new, "\n");
763 763
764 764 startd_free(*cpp, allocd);
765 765
766 766 *cpp = new;
767 767 allocd = new_allocd;
768 768 }
769 769 }
770 770
771 771 startd_free(path, sizeof (int) * (i + 1));
772 772
773 773 *sz = allocd;
774 774 }
775 775
776 776
777 777 /*
778 778 * This function along with run_sulogin() implements an exclusion relationship
779 779 * between system/console-login and sulogin. run_sulogin() will fail if
780 780 * system/console-login is online, and the graph engine should call
781 781 * graph_clogin_start() to bring system/console-login online, which defers the
782 782 * start if sulogin is running.
783 783 */
784 784 static void
785 785 graph_clogin_start(graph_vertex_t *v)
786 786 {
787 787 assert(MUTEX_HELD(&dgraph_lock));
788 788
789 789 if (sulogin_running)
790 790 console_login_ready = B_TRUE;
791 791 else
792 792 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
793 793 }
794 794
795 795 static void
796 796 graph_su_start(graph_vertex_t *v)
797 797 {
798 798 /*
799 799 * /etc/inittab used to have the initial /sbin/rcS as a 'sysinit'
800 800 * entry with a runlevel of 'S', before jumping to the final
801 801 * target runlevel (as set in initdefault). We mimic that legacy
802 802 * behavior here.
803 803 */
804 804 utmpx_set_runlevel('S', '0', B_FALSE);
805 805 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
806 806 }
807 807
808 808 static void
809 809 graph_post_su_online(void)
810 810 {
811 811 graph_runlevel_changed('S', 1);
812 812 }
813 813
814 814 static void
815 815 graph_post_su_disable(void)
816 816 {
817 817 graph_runlevel_changed('S', 0);
818 818 }
819 819
820 820 static void
821 821 graph_post_mu_online(void)
822 822 {
823 823 graph_runlevel_changed('2', 1);
824 824 }
825 825
826 826 static void
827 827 graph_post_mu_disable(void)
828 828 {
829 829 graph_runlevel_changed('2', 0);
830 830 }
831 831
832 832 static void
833 833 graph_post_mus_online(void)
834 834 {
835 835 graph_runlevel_changed('3', 1);
836 836 }
837 837
838 838 static void
839 839 graph_post_mus_disable(void)
840 840 {
841 841 graph_runlevel_changed('3', 0);
842 842 }
843 843
844 844 static struct special_vertex_info {
845 845 const char *name;
846 846 void (*start_f)(graph_vertex_t *);
847 847 void (*post_online_f)(void);
848 848 void (*post_disable_f)(void);
849 849 } special_vertices[] = {
850 850 { CONSOLE_LOGIN_FMRI, graph_clogin_start, NULL, NULL },
851 851 { SCF_MILESTONE_SINGLE_USER, graph_su_start,
852 852 graph_post_su_online, graph_post_su_disable },
853 853 { SCF_MILESTONE_MULTI_USER, NULL,
854 854 graph_post_mu_online, graph_post_mu_disable },
855 855 { SCF_MILESTONE_MULTI_USER_SERVER, NULL,
856 856 graph_post_mus_online, graph_post_mus_disable },
857 857 { NULL },
858 858 };
859 859
860 860
861 861 void
862 862 vertex_send_event(graph_vertex_t *v, restarter_event_type_t e)
863 863 {
864 864 switch (e) {
865 865 case RESTARTER_EVENT_TYPE_ADD_INSTANCE:
866 866 assert(v->gv_state == RESTARTER_STATE_UNINIT);
867 867
868 868 MUTEX_LOCK(&st->st_load_lock);
869 869 st->st_load_instances++;
870 870 MUTEX_UNLOCK(&st->st_load_lock);
871 871 break;
872 872
873 873 case RESTARTER_EVENT_TYPE_ENABLE:
874 874 log_framework(LOG_DEBUG, "Enabling %s.\n", v->gv_name);
875 875 assert(v->gv_state == RESTARTER_STATE_UNINIT ||
876 876 v->gv_state == RESTARTER_STATE_DISABLED ||
877 877 v->gv_state == RESTARTER_STATE_MAINT);
878 878 break;
879 879
880 880 case RESTARTER_EVENT_TYPE_DISABLE:
881 881 case RESTARTER_EVENT_TYPE_ADMIN_DISABLE:
882 882 log_framework(LOG_DEBUG, "Disabling %s.\n", v->gv_name);
883 883 assert(v->gv_state != RESTARTER_STATE_DISABLED);
884 884 break;
885 885
886 886 case RESTARTER_EVENT_TYPE_STOP_RESET:
887 887 case RESTARTER_EVENT_TYPE_STOP:
888 888 log_framework(LOG_DEBUG, "Stopping %s.\n", v->gv_name);
889 889 assert(v->gv_state == RESTARTER_STATE_DEGRADED ||
890 890 v->gv_state == RESTARTER_STATE_ONLINE);
891 891 break;
892 892
893 893 case RESTARTER_EVENT_TYPE_START:
894 894 log_framework(LOG_DEBUG, "Starting %s.\n", v->gv_name);
895 895 assert(v->gv_state == RESTARTER_STATE_OFFLINE);
896 896 break;
897 897
898 898 case RESTARTER_EVENT_TYPE_REMOVE_INSTANCE:
899 899 case RESTARTER_EVENT_TYPE_ADMIN_DEGRADED:
900 900 case RESTARTER_EVENT_TYPE_ADMIN_REFRESH:
901 901 case RESTARTER_EVENT_TYPE_ADMIN_RESTART:
902 902 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_OFF:
903 903 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON:
904 904 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON_IMMEDIATE:
905 905 case RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE:
906 906 case RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY:
907 907 break;
908 908
909 909 default:
910 910 #ifndef NDEBUG
911 911 uu_warn("%s:%d: Bad event %d.\n", __FILE__, __LINE__, e);
912 912 #endif
913 913 abort();
914 914 }
915 915
916 916 restarter_protocol_send_event(v->gv_name, v->gv_restarter_channel, e,
917 917 v->gv_reason);
918 918 }
919 919
920 920 static void
921 921 graph_unset_restarter(graph_vertex_t *v)
922 922 {
923 923 assert(MUTEX_HELD(&dgraph_lock));
924 924 assert(v->gv_flags & GV_CONFIGURED);
925 925
926 926 vertex_send_event(v, RESTARTER_EVENT_TYPE_REMOVE_INSTANCE);
927 927
928 928 if (v->gv_restarter_id != -1) {
929 929 graph_vertex_t *rv;
930 930
931 931 rv = vertex_get_by_id(v->gv_restarter_id);
932 932 graph_remove_edge(v, rv);
933 933 }
934 934
935 935 v->gv_restarter_id = -1;
936 936 v->gv_restarter_channel = NULL;
937 937 }
938 938
939 939 /*
940 940 * Return VERTEX_REMOVED when the vertex passed in argument is deleted from the
941 941 * dgraph otherwise return VERTEX_INUSE.
942 942 */
943 943 static int
944 944 free_if_unrefed(graph_vertex_t *v)
945 945 {
946 946 assert(MUTEX_HELD(&dgraph_lock));
947 947
948 948 if (v->gv_refs > 0)
949 949 return (VERTEX_INUSE);
950 950
951 951 if (v->gv_type == GVT_SVC &&
952 952 uu_list_numnodes(v->gv_dependents) == 0 &&
953 953 uu_list_numnodes(v->gv_dependencies) == 0) {
954 954 graph_remove_vertex(v);
955 955 return (VERTEX_REMOVED);
956 956 } else if (v->gv_type == GVT_INST &&
957 957 (v->gv_flags & GV_CONFIGURED) == 0 &&
958 958 uu_list_numnodes(v->gv_dependents) == 1 &&
959 959 uu_list_numnodes(v->gv_dependencies) == 0) {
960 960 remove_inst_vertex(v);
961 961 return (VERTEX_REMOVED);
962 962 }
963 963
964 964 return (VERTEX_INUSE);
965 965 }
966 966
967 967 static void
968 968 delete_depgroup(graph_vertex_t *v)
969 969 {
970 970 graph_edge_t *e;
971 971 graph_vertex_t *dv;
972 972
973 973 assert(MUTEX_HELD(&dgraph_lock));
974 974 assert(v->gv_type == GVT_GROUP);
975 975 assert(uu_list_numnodes(v->gv_dependents) == 0);
976 976
977 977 while ((e = uu_list_first(v->gv_dependencies)) != NULL) {
978 978 dv = e->ge_vertex;
979 979
980 980 graph_remove_edge(v, dv);
981 981
982 982 switch (dv->gv_type) {
983 983 case GVT_INST: /* instance dependency */
984 984 case GVT_SVC: /* service dependency */
985 985 (void) free_if_unrefed(dv);
986 986 break;
987 987
988 988 case GVT_FILE: /* file dependency */
989 989 assert(uu_list_numnodes(dv->gv_dependencies) == 0);
990 990 if (uu_list_numnodes(dv->gv_dependents) == 0)
991 991 graph_remove_vertex(dv);
992 992 break;
993 993
994 994 default:
995 995 #ifndef NDEBUG
996 996 uu_warn("%s:%d: Unexpected node type %d", __FILE__,
997 997 __LINE__, dv->gv_type);
998 998 #endif
999 999 abort();
1000 1000 }
1001 1001 }
1002 1002
1003 1003 graph_remove_vertex(v);
1004 1004 }
1005 1005
1006 1006 static int
1007 1007 delete_instance_deps_cb(graph_edge_t *e, void **ptrs)
1008 1008 {
1009 1009 graph_vertex_t *v = ptrs[0];
1010 1010 boolean_t delete_restarter_dep = (boolean_t)ptrs[1];
1011 1011 graph_vertex_t *dv;
1012 1012
1013 1013 dv = e->ge_vertex;
1014 1014
1015 1015 /*
1016 1016 * We have four possibilities here:
1017 1017 * - GVT_INST: restarter
1018 1018 * - GVT_GROUP - GVT_INST: instance dependency
1019 1019 * - GVT_GROUP - GVT_SVC - GV_INST: service dependency
1020 1020 * - GVT_GROUP - GVT_FILE: file dependency
1021 1021 */
1022 1022 switch (dv->gv_type) {
1023 1023 case GVT_INST: /* restarter */
1024 1024 assert(dv->gv_id == v->gv_restarter_id);
1025 1025 if (delete_restarter_dep)
1026 1026 graph_remove_edge(v, dv);
1027 1027 break;
1028 1028
1029 1029 case GVT_GROUP: /* pg dependency */
1030 1030 graph_remove_edge(v, dv);
1031 1031 delete_depgroup(dv);
1032 1032 break;
1033 1033
1034 1034 case GVT_FILE:
1035 1035 /* These are currently not direct dependencies */
1036 1036
1037 1037 default:
1038 1038 #ifndef NDEBUG
1039 1039 uu_warn("%s:%d: Bad vertex type %d.\n", __FILE__, __LINE__,
1040 1040 dv->gv_type);
1041 1041 #endif
1042 1042 abort();
1043 1043 }
1044 1044
1045 1045 return (UU_WALK_NEXT);
1046 1046 }
1047 1047
1048 1048 static void
1049 1049 delete_instance_dependencies(graph_vertex_t *v, boolean_t delete_restarter_dep)
1050 1050 {
1051 1051 void *ptrs[2];
1052 1052 int r;
1053 1053
1054 1054 assert(MUTEX_HELD(&dgraph_lock));
1055 1055 assert(v->gv_type == GVT_INST);
1056 1056
1057 1057 ptrs[0] = v;
1058 1058 ptrs[1] = (void *)delete_restarter_dep;
1059 1059
1060 1060 r = uu_list_walk(v->gv_dependencies,
1061 1061 (uu_walk_fn_t *)delete_instance_deps_cb, &ptrs, UU_WALK_ROBUST);
1062 1062 assert(r == 0);
1063 1063 }
1064 1064
1065 1065 /*
1066 1066 * int graph_insert_vertex_unconfigured()
1067 1067 * Insert a vertex without sending any restarter events. If the vertex
1068 1068 * already exists or creation is successful, return a pointer to it in *vp.
1069 1069 *
1070 1070 * If type is not GVT_GROUP, dt can remain unset.
1071 1071 *
1072 1072 * Returns 0, EEXIST, or EINVAL if the arguments are invalid (i.e., fmri
1073 1073 * doesn't agree with type, or type doesn't agree with dt).
1074 1074 */
1075 1075 static int
1076 1076 graph_insert_vertex_unconfigured(const char *fmri, gv_type_t type,
1077 1077 depgroup_type_t dt, restarter_error_t rt, graph_vertex_t **vp)
1078 1078 {
1079 1079 int r;
1080 1080 int i;
1081 1081
1082 1082 assert(MUTEX_HELD(&dgraph_lock));
1083 1083
1084 1084 switch (type) {
1085 1085 case GVT_SVC:
1086 1086 case GVT_INST:
1087 1087 if (strncmp(fmri, "svc:", sizeof ("svc:") - 1) != 0)
1088 1088 return (EINVAL);
1089 1089 break;
1090 1090
1091 1091 case GVT_FILE:
1092 1092 if (strncmp(fmri, "file:", sizeof ("file:") - 1) != 0)
1093 1093 return (EINVAL);
1094 1094 break;
1095 1095
1096 1096 case GVT_GROUP:
1097 1097 if (dt <= 0 || rt < 0)
1098 1098 return (EINVAL);
1099 1099 break;
1100 1100
1101 1101 default:
1102 1102 #ifndef NDEBUG
1103 1103 uu_warn("%s:%d: Unknown type %d.\n", __FILE__, __LINE__, type);
1104 1104 #endif
1105 1105 abort();
1106 1106 }
1107 1107
1108 1108 *vp = vertex_get_by_name(fmri);
1109 1109 if (*vp != NULL)
1110 1110 return (EEXIST);
1111 1111
1112 1112 *vp = graph_add_vertex(fmri);
1113 1113
1114 1114 (*vp)->gv_type = type;
1115 1115 (*vp)->gv_depgroup = dt;
1116 1116 (*vp)->gv_restart = rt;
1117 1117
1118 1118 (*vp)->gv_flags = 0;
1119 1119 (*vp)->gv_state = RESTARTER_STATE_NONE;
1120 1120
1121 1121 for (i = 0; special_vertices[i].name != NULL; ++i) {
1122 1122 if (strcmp(fmri, special_vertices[i].name) == 0) {
1123 1123 (*vp)->gv_start_f = special_vertices[i].start_f;
1124 1124 (*vp)->gv_post_online_f =
1125 1125 special_vertices[i].post_online_f;
1126 1126 (*vp)->gv_post_disable_f =
1127 1127 special_vertices[i].post_disable_f;
1128 1128 break;
1129 1129 }
1130 1130 }
1131 1131
1132 1132 (*vp)->gv_restarter_id = -1;
1133 1133 (*vp)->gv_restarter_channel = 0;
1134 1134
1135 1135 if (type == GVT_INST) {
1136 1136 char *sfmri;
1137 1137 graph_vertex_t *sv;
1138 1138
1139 1139 sfmri = inst_fmri_to_svc_fmri(fmri);
1140 1140 sv = vertex_get_by_name(sfmri);
1141 1141 if (sv == NULL) {
1142 1142 r = graph_insert_vertex_unconfigured(sfmri, GVT_SVC, 0,
1143 1143 0, &sv);
1144 1144 assert(r == 0);
1145 1145 }
1146 1146 startd_free(sfmri, max_scf_fmri_size);
1147 1147
1148 1148 graph_add_edge(sv, *vp);
1149 1149 }
1150 1150
1151 1151 /*
1152 1152 * If this vertex is in the subgraph, mark it as so, for both
1153 1153 * GVT_INST and GVT_SERVICE verteces.
1154 1154 * A GVT_SERVICE vertex can only be in the subgraph if another instance
1155 1155 * depends on it, in which case it's already been added to the graph
1156 1156 * and marked as in the subgraph (by refresh_vertex()). If a
1157 1157 * GVT_SERVICE vertex was freshly added (by the code above), it means
1158 1158 * that it has no dependents, and cannot be in the subgraph.
1159 1159 * Regardless of this, we still check that gv_flags includes
1160 1160 * GV_INSUBGRAPH in the event that future behavior causes the above
1161 1161 * code to add a GVT_SERVICE vertex which should be in the subgraph.
1162 1162 */
1163 1163
1164 1164 (*vp)->gv_flags |= (should_be_in_subgraph(*vp)? GV_INSUBGRAPH : 0);
1165 1165
1166 1166 return (0);
1167 1167 }
1168 1168
1169 1169 /*
1170 1170 * Returns 0 on success or ELOOP if the dependency would create a cycle.
1171 1171 */
1172 1172 static int
1173 1173 graph_insert_dependency(graph_vertex_t *fv, graph_vertex_t *tv, int **pathp)
1174 1174 {
1175 1175 hrtime_t now;
1176 1176
1177 1177 assert(MUTEX_HELD(&dgraph_lock));
1178 1178
1179 1179 /* cycle detection */
1180 1180 now = gethrtime();
1181 1181
1182 1182 /* Don't follow exclusions. */
1183 1183 if (!(fv->gv_type == GVT_GROUP &&
1184 1184 fv->gv_depgroup == DEPGRP_EXCLUDE_ALL)) {
1185 1185 *pathp = is_path_to(tv, fv);
1186 1186 if (*pathp)
1187 1187 return (ELOOP);
1188 1188 }
1189 1189
1190 1190 dep_cycle_ns += gethrtime() - now;
1191 1191 ++dep_inserts;
1192 1192 now = gethrtime();
1193 1193
1194 1194 graph_add_edge(fv, tv);
1195 1195
1196 1196 dep_insert_ns += gethrtime() - now;
1197 1197
1198 1198 /* Check if the dependency adds the "to" vertex to the subgraph */
1199 1199 tv->gv_flags |= (should_be_in_subgraph(tv) ? GV_INSUBGRAPH : 0);
1200 1200
1201 1201 return (0);
1202 1202 }
1203 1203
1204 1204 static int
1205 1205 inst_running(graph_vertex_t *v)
1206 1206 {
1207 1207 assert(v->gv_type == GVT_INST);
1208 1208
1209 1209 if (v->gv_state == RESTARTER_STATE_ONLINE ||
1210 1210 v->gv_state == RESTARTER_STATE_DEGRADED)
1211 1211 return (1);
1212 1212
1213 1213 return (0);
1214 1214 }
1215 1215
1216 1216 /*
1217 1217 * The dependency evaluation functions return
1218 1218 * 1 - dependency satisfied
1219 1219 * 0 - dependency unsatisfied
1220 1220 * -1 - dependency unsatisfiable (without administrator intervention)
1221 1221 *
1222 1222 * The functions also take a boolean satbility argument. When true, the
1223 1223 * functions may recurse in order to determine satisfiability.
1224 1224 */
1225 1225 static int require_any_satisfied(graph_vertex_t *, boolean_t);
1226 1226 static int dependency_satisfied(graph_vertex_t *, boolean_t);
1227 1227
1228 1228 /*
1229 1229 * A require_all dependency is unsatisfied if any elements are unsatisfied. It
1230 1230 * is unsatisfiable if any elements are unsatisfiable.
1231 1231 */
1232 1232 static int
1233 1233 require_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1234 1234 {
1235 1235 graph_edge_t *edge;
1236 1236 int i;
1237 1237 boolean_t any_unsatisfied;
1238 1238
1239 1239 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1240 1240 return (1);
1241 1241
1242 1242 any_unsatisfied = B_FALSE;
1243 1243
1244 1244 for (edge = uu_list_first(groupv->gv_dependencies);
1245 1245 edge != NULL;
1246 1246 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1247 1247 i = dependency_satisfied(edge->ge_vertex, satbility);
1248 1248 if (i == 1)
1249 1249 continue;
1250 1250
1251 1251 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1252 1252 "require_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1253 1253 edge->ge_vertex->gv_name, i == 0 ? "ed" : "able");
1254 1254
1255 1255 if (!satbility)
1256 1256 return (0);
1257 1257
1258 1258 if (i == -1)
1259 1259 return (-1);
1260 1260
1261 1261 any_unsatisfied = B_TRUE;
1262 1262 }
1263 1263
1264 1264 return (any_unsatisfied ? 0 : 1);
1265 1265 }
1266 1266
1267 1267 /*
1268 1268 * A require_any dependency is satisfied if any element is satisfied. It is
1269 1269 * satisfiable if any element is satisfiable.
1270 1270 */
1271 1271 static int
1272 1272 require_any_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1273 1273 {
1274 1274 graph_edge_t *edge;
1275 1275 int s;
1276 1276 boolean_t satisfiable;
1277 1277
1278 1278 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1279 1279 return (1);
1280 1280
1281 1281 satisfiable = B_FALSE;
1282 1282
1283 1283 for (edge = uu_list_first(groupv->gv_dependencies);
1284 1284 edge != NULL;
1285 1285 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1286 1286 s = dependency_satisfied(edge->ge_vertex, satbility);
1287 1287
1288 1288 if (s == 1)
1289 1289 return (1);
1290 1290
1291 1291 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1292 1292 "require_any(%s): %s is unsatisfi%s.\n",
1293 1293 groupv->gv_name, edge->ge_vertex->gv_name,
1294 1294 s == 0 ? "ed" : "able");
1295 1295
1296 1296 if (satbility && s == 0)
1297 1297 satisfiable = B_TRUE;
1298 1298 }
1299 1299
1300 1300 return (!satbility || satisfiable ? 0 : -1);
1301 1301 }
1302 1302
1303 1303 /*
1304 1304 * An optional_all dependency only considers elements which are configured,
1305 1305 * enabled, and not in maintenance. If any are unsatisfied, then the dependency
1306 1306 * is unsatisfied.
1307 1307 *
1308 1308 * Offline dependencies which are waiting for a dependency to come online are
1309 1309 * unsatisfied. Offline dependences which cannot possibly come online
1310 1310 * (unsatisfiable) are always considered satisfied.
1311 1311 */
1312 1312 static int
1313 1313 optional_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1314 1314 {
1315 1315 graph_edge_t *edge;
1316 1316 graph_vertex_t *v;
1317 1317 boolean_t any_qualified;
1318 1318 boolean_t any_unsatisfied;
1319 1319 int i;
1320 1320
|
↓ open down ↓ |
1100 lines elided |
↑ open up ↑ |
1321 1321 any_qualified = B_FALSE;
1322 1322 any_unsatisfied = B_FALSE;
1323 1323
1324 1324 for (edge = uu_list_first(groupv->gv_dependencies);
1325 1325 edge != NULL;
1326 1326 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1327 1327 v = edge->ge_vertex;
1328 1328
1329 1329 switch (v->gv_type) {
1330 1330 case GVT_INST:
1331 - /* Skip missing or disabled instances */
1332 - if ((v->gv_flags & (GV_CONFIGURED | GV_ENABLED)) !=
1333 - (GV_CONFIGURED | GV_ENABLED))
1331 + /* Skip missing instances */
1332 + if ((v->gv_flags & GV_CONFIGURED) == 0)
1334 1333 continue;
1335 1334
1336 1335 if (v->gv_state == RESTARTER_STATE_MAINT)
1337 1336 continue;
1338 1337
1339 - if (v->gv_flags & GV_TOOFFLINE)
1340 - continue;
1341 -
1342 1338 any_qualified = B_TRUE;
1343 1339 if (v->gv_state == RESTARTER_STATE_OFFLINE) {
1344 1340 /*
1345 1341 * For offline dependencies, treat unsatisfiable
1346 1342 * as satisfied.
1347 1343 */
1348 1344 i = dependency_satisfied(v, B_TRUE);
1349 1345 if (i == -1)
1350 1346 i = 1;
1351 1347 } else if (v->gv_state == RESTARTER_STATE_DISABLED) {
1352 1348 /*
1353 - * The service is enabled, but hasn't
1354 - * transitioned out of disabled yet. Treat it
1355 - * as unsatisfied (not unsatisfiable).
1349 + * If the instance is transitioning out of
1350 + * disabled the dependency is temporarily
1351 + * unsatisfied (not unsatisfiable).
1356 1352 */
1357 - i = 0;
1353 + i = v->gv_flags & GV_ENABLED ? 0 : 1;
1358 1354 } else {
1359 1355 i = dependency_satisfied(v, satbility);
1360 1356 }
1361 1357 break;
1362 1358
1363 1359 case GVT_FILE:
1364 1360 any_qualified = B_TRUE;
1365 1361 i = dependency_satisfied(v, satbility);
1366 1362
1367 1363 break;
1368 1364
1369 1365 case GVT_SVC: {
1370 - boolean_t svc_any_qualified;
1371 - boolean_t svc_satisfied;
1372 - boolean_t svc_satisfiable;
1373 - graph_vertex_t *v2;
1374 - graph_edge_t *e2;
1375 -
1376 - svc_any_qualified = B_FALSE;
1377 - svc_satisfied = B_FALSE;
1378 - svc_satisfiable = B_FALSE;
1379 -
1380 - for (e2 = uu_list_first(v->gv_dependencies);
1381 - e2 != NULL;
1382 - e2 = uu_list_next(v->gv_dependencies, e2)) {
1383 - v2 = e2->ge_vertex;
1384 - assert(v2->gv_type == GVT_INST);
1385 -
1386 - if ((v2->gv_flags &
1387 - (GV_CONFIGURED | GV_ENABLED)) !=
1388 - (GV_CONFIGURED | GV_ENABLED))
1389 - continue;
1390 -
1391 - if (v2->gv_state == RESTARTER_STATE_MAINT)
1392 - continue;
1393 -
1394 - if (v2->gv_flags & GV_TOOFFLINE)
1395 - continue;
1396 -
1397 - svc_any_qualified = B_TRUE;
1398 -
1399 - if (v2->gv_state == RESTARTER_STATE_OFFLINE) {
1400 - /*
1401 - * For offline dependencies, treat
1402 - * unsatisfiable as satisfied.
1403 - */
1404 - i = dependency_satisfied(v2, B_TRUE);
1405 - if (i == -1)
1406 - i = 1;
1407 - } else if (v2->gv_state ==
1408 - RESTARTER_STATE_DISABLED) {
1409 - i = 0;
1410 - } else {
1411 - i = dependency_satisfied(v2, satbility);
1412 - }
1413 -
1414 - if (i == 1) {
1415 - svc_satisfied = B_TRUE;
1416 - break;
1417 - }
1418 - if (i == 0)
1419 - svc_satisfiable = B_TRUE;
1420 - }
1421 -
1422 - if (!svc_any_qualified)
1423 - continue;
1424 1366 any_qualified = B_TRUE;
1425 - if (svc_satisfied) {
1426 - i = 1;
1427 - } else if (svc_satisfiable) {
1428 - i = 0;
1429 - } else {
1430 - i = -1;
1431 - }
1367 + i = optional_all_satisfied(v, satbility);
1368 +
1432 1369 break;
1433 1370 }
1434 1371
1435 1372 case GVT_GROUP:
1436 1373 default:
1437 1374 #ifndef NDEBUG
1438 1375 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1439 1376 __LINE__, v->gv_type);
1440 1377 #endif
1441 1378 abort();
1442 1379 }
1443 1380
1444 1381 if (i == 1)
1445 1382 continue;
1446 1383
1447 1384 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1448 1385 "optional_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1449 1386 v->gv_name, i == 0 ? "ed" : "able");
1450 1387
1451 1388 if (!satbility)
1452 1389 return (0);
1453 1390 if (i == -1)
1454 1391 return (-1);
1455 1392 any_unsatisfied = B_TRUE;
1456 1393 }
1457 1394
1458 1395 if (!any_qualified)
1459 1396 return (1);
1460 1397
1461 1398 return (any_unsatisfied ? 0 : 1);
1462 1399 }
1463 1400
1464 1401 /*
1465 1402 * An exclude_all dependency is unsatisfied if any non-service element is
1466 1403 * satisfied or any service instance which is configured, enabled, and not in
1467 1404 * maintenance is satisfied. Usually when unsatisfied, it is also
1468 1405 * unsatisfiable.
1469 1406 */
1470 1407 #define LOG_EXCLUDE(u, v) \
1471 1408 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES, \
1472 1409 "exclude_all(%s): %s is satisfied.\n", \
1473 1410 (u)->gv_name, (v)->gv_name)
1474 1411
1475 1412 /* ARGSUSED */
1476 1413 static int
1477 1414 exclude_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1478 1415 {
1479 1416 graph_edge_t *edge, *e2;
1480 1417 graph_vertex_t *v, *v2;
1481 1418
1482 1419 for (edge = uu_list_first(groupv->gv_dependencies);
1483 1420 edge != NULL;
1484 1421 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1485 1422 v = edge->ge_vertex;
1486 1423
1487 1424 switch (v->gv_type) {
1488 1425 case GVT_INST:
1489 1426 if ((v->gv_flags & GV_CONFIGURED) == 0)
1490 1427 continue;
1491 1428
1492 1429 switch (v->gv_state) {
1493 1430 case RESTARTER_STATE_ONLINE:
1494 1431 case RESTARTER_STATE_DEGRADED:
1495 1432 LOG_EXCLUDE(groupv, v);
1496 1433 return (v->gv_flags & GV_ENABLED ? -1 : 0);
1497 1434
1498 1435 case RESTARTER_STATE_OFFLINE:
1499 1436 case RESTARTER_STATE_UNINIT:
1500 1437 LOG_EXCLUDE(groupv, v);
1501 1438 return (0);
1502 1439
1503 1440 case RESTARTER_STATE_DISABLED:
1504 1441 case RESTARTER_STATE_MAINT:
1505 1442 continue;
1506 1443
1507 1444 default:
1508 1445 #ifndef NDEBUG
1509 1446 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1510 1447 __FILE__, __LINE__, v->gv_state);
1511 1448 #endif
1512 1449 abort();
1513 1450 }
1514 1451 /* NOTREACHED */
1515 1452
1516 1453 case GVT_SVC:
1517 1454 break;
1518 1455
1519 1456 case GVT_FILE:
1520 1457 if (!file_ready(v))
1521 1458 continue;
1522 1459 LOG_EXCLUDE(groupv, v);
1523 1460 return (-1);
1524 1461
1525 1462 case GVT_GROUP:
1526 1463 default:
1527 1464 #ifndef NDEBUG
1528 1465 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1529 1466 __LINE__, v->gv_type);
1530 1467 #endif
1531 1468 abort();
1532 1469 }
1533 1470
1534 1471 /* v represents a service */
1535 1472 if (uu_list_numnodes(v->gv_dependencies) == 0)
1536 1473 continue;
1537 1474
1538 1475 for (e2 = uu_list_first(v->gv_dependencies);
1539 1476 e2 != NULL;
1540 1477 e2 = uu_list_next(v->gv_dependencies, e2)) {
1541 1478 v2 = e2->ge_vertex;
1542 1479 assert(v2->gv_type == GVT_INST);
1543 1480
1544 1481 if ((v2->gv_flags & GV_CONFIGURED) == 0)
1545 1482 continue;
1546 1483
1547 1484 switch (v2->gv_state) {
1548 1485 case RESTARTER_STATE_ONLINE:
1549 1486 case RESTARTER_STATE_DEGRADED:
1550 1487 LOG_EXCLUDE(groupv, v2);
1551 1488 return (v2->gv_flags & GV_ENABLED ? -1 : 0);
1552 1489
1553 1490 case RESTARTER_STATE_OFFLINE:
1554 1491 case RESTARTER_STATE_UNINIT:
1555 1492 LOG_EXCLUDE(groupv, v2);
1556 1493 return (0);
1557 1494
1558 1495 case RESTARTER_STATE_DISABLED:
1559 1496 case RESTARTER_STATE_MAINT:
1560 1497 continue;
1561 1498
1562 1499 default:
1563 1500 #ifndef NDEBUG
1564 1501 uu_warn("%s:%d: Unexpected vertex type %d.\n",
1565 1502 __FILE__, __LINE__, v2->gv_type);
1566 1503 #endif
1567 1504 abort();
1568 1505 }
1569 1506 }
1570 1507 }
1571 1508
1572 1509 return (1);
1573 1510 }
1574 1511
1575 1512 /*
1576 1513 * int instance_satisfied()
1577 1514 * Determine if all the dependencies are satisfied for the supplied instance
1578 1515 * vertex. Return 1 if they are, 0 if they aren't, and -1 if they won't be
1579 1516 * without administrator intervention.
1580 1517 */
1581 1518 static int
1582 1519 instance_satisfied(graph_vertex_t *v, boolean_t satbility)
1583 1520 {
1584 1521 assert(v->gv_type == GVT_INST);
1585 1522 assert(!inst_running(v));
1586 1523
1587 1524 return (require_all_satisfied(v, satbility));
1588 1525 }
1589 1526
1590 1527 /*
1591 1528 * Decide whether v can satisfy a dependency. v can either be a child of
1592 1529 * a group vertex, or of an instance vertex.
1593 1530 */
1594 1531 static int
1595 1532 dependency_satisfied(graph_vertex_t *v, boolean_t satbility)
1596 1533 {
1597 1534 switch (v->gv_type) {
1598 1535 case GVT_INST:
1599 1536 if ((v->gv_flags & GV_CONFIGURED) == 0) {
1600 1537 if (v->gv_flags & GV_DEATHROW) {
|
↓ open down ↓ |
159 lines elided |
↑ open up ↑ |
1601 1538 /*
1602 1539 * A dependency on an instance with GV_DEATHROW
1603 1540 * flag is always considered as satisfied.
1604 1541 */
1605 1542 return (1);
1606 1543 }
1607 1544 return (-1);
1608 1545 }
1609 1546
1610 1547 /*
1611 - * Any vertex with the GV_TOOFFLINE flag set is guaranteed
1612 - * to have its dependencies unsatisfiable.
1548 + * Any vertex with the GV_TODISABLE flag set is guaranteed
1549 + * to have its dependencies unsatisfiable. Any vertex with
1550 + * GV_TOOFFLINE may be satisfied after it transitions.
1613 1551 */
1614 - if (v->gv_flags & GV_TOOFFLINE)
1552 + if (v->gv_flags & GV_TODISABLE)
1615 1553 return (-1);
1554 + if (v->gv_flags & GV_TOOFFLINE)
1555 + return (0);
1616 1556
1617 1557 switch (v->gv_state) {
1618 1558 case RESTARTER_STATE_ONLINE:
1619 1559 case RESTARTER_STATE_DEGRADED:
1620 1560 return (1);
1621 1561
1622 1562 case RESTARTER_STATE_OFFLINE:
1623 1563 if (!satbility)
1624 1564 return (0);
1625 1565 return (instance_satisfied(v, satbility) != -1 ?
1626 1566 0 : -1);
1627 1567
1628 1568 case RESTARTER_STATE_DISABLED:
1629 1569 case RESTARTER_STATE_MAINT:
1630 1570 return (-1);
1631 1571
1632 1572 case RESTARTER_STATE_UNINIT:
1633 1573 return (0);
1634 1574
1635 1575 default:
1636 1576 #ifndef NDEBUG
1637 1577 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1638 1578 __FILE__, __LINE__, v->gv_state);
1639 1579 #endif
1640 1580 abort();
1641 1581 /* NOTREACHED */
1642 1582 }
1643 1583
1644 1584 case GVT_SVC:
1645 1585 if (uu_list_numnodes(v->gv_dependencies) == 0)
1646 1586 return (-1);
1647 1587 return (require_any_satisfied(v, satbility));
1648 1588
1649 1589 case GVT_FILE:
1650 1590 /* i.e., we assume files will not be automatically generated */
1651 1591 return (file_ready(v) ? 1 : -1);
1652 1592
1653 1593 case GVT_GROUP:
1654 1594 break;
1655 1595
1656 1596 default:
1657 1597 #ifndef NDEBUG
1658 1598 uu_warn("%s:%d: Unexpected node type %d.\n", __FILE__, __LINE__,
1659 1599 v->gv_type);
1660 1600 #endif
1661 1601 abort();
1662 1602 /* NOTREACHED */
1663 1603 }
1664 1604
1665 1605 switch (v->gv_depgroup) {
1666 1606 case DEPGRP_REQUIRE_ANY:
1667 1607 return (require_any_satisfied(v, satbility));
1668 1608
1669 1609 case DEPGRP_REQUIRE_ALL:
1670 1610 return (require_all_satisfied(v, satbility));
1671 1611
1672 1612 case DEPGRP_OPTIONAL_ALL:
1673 1613 return (optional_all_satisfied(v, satbility));
1674 1614
1675 1615 case DEPGRP_EXCLUDE_ALL:
1676 1616 return (exclude_all_satisfied(v, satbility));
1677 1617
1678 1618 default:
1679 1619 #ifndef NDEBUG
1680 1620 uu_warn("%s:%d: Unknown dependency grouping %d.\n", __FILE__,
1681 1621 __LINE__, v->gv_depgroup);
1682 1622 #endif
1683 1623 abort();
1684 1624 }
1685 1625 }
1686 1626
1687 1627 void
1688 1628 graph_start_if_satisfied(graph_vertex_t *v)
1689 1629 {
1690 1630 if (v->gv_state == RESTARTER_STATE_OFFLINE &&
1691 1631 instance_satisfied(v, B_FALSE) == 1) {
1692 1632 if (v->gv_start_f == NULL)
1693 1633 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
1694 1634 else
1695 1635 v->gv_start_f(v);
1696 1636 }
1697 1637 }
1698 1638
1699 1639 /*
1700 1640 * propagate_satbility()
1701 1641 *
1702 1642 * This function is used when the given vertex changes state in such a way that
1703 1643 * one of its dependents may become unsatisfiable. This happens when an
1704 1644 * instance transitions between offline -> online, or from !running ->
1705 1645 * maintenance, as well as when an instance is removed from the graph.
1706 1646 *
1707 1647 * We have to walk all the dependents, since optional_all dependencies several
1708 1648 * levels up could become (un)satisfied, instead of unsatisfiable. For example,
1709 1649 *
1710 1650 * +-----+ optional_all +-----+ require_all +-----+
1711 1651 * | A |--------------->| B |-------------->| C |
1712 1652 * +-----+ +-----+ +-----+
1713 1653 *
1714 1654 * offline -> maintenance
1715 1655 *
1716 1656 * If C goes into maintenance, it's not enough simply to check B. Because A has
1717 1657 * an optional dependency, what was previously an unsatisfiable situation is now
1718 1658 * satisfied (B will never come online, even though its state hasn't changed).
1719 1659 *
1720 1660 * Note that it's not necessary to continue examining dependents after reaching
|
↓ open down ↓ |
95 lines elided |
↑ open up ↑ |
1721 1661 * an optional_all dependency. It's not possible for an optional_all dependency
1722 1662 * to change satisfiability without also coming online, in which case we get a
1723 1663 * start event and propagation continues naturally. However, it does no harm to
1724 1664 * continue propagating satisfiability (as it is a relatively rare event), and
1725 1665 * keeps the walker code simple and generic.
1726 1666 */
1727 1667 /*ARGSUSED*/
1728 1668 static int
1729 1669 satbility_cb(graph_vertex_t *v, void *arg)
1730 1670 {
1671 + if (v->gv_flags & GV_TOOFFLINE)
1672 + return (UU_WALK_NEXT);
1673 +
1731 1674 if (v->gv_type == GVT_INST)
1732 1675 graph_start_if_satisfied(v);
1733 1676
1734 1677 return (UU_WALK_NEXT);
1735 1678 }
1736 1679
1737 1680 static void
1738 1681 propagate_satbility(graph_vertex_t *v)
1739 1682 {
1740 1683 graph_walk(v, WALK_DEPENDENTS, satbility_cb, NULL, NULL);
1741 1684 }
1742 1685
1743 1686 static void propagate_stop(graph_vertex_t *, void *);
1744 1687
1745 -/* ARGSUSED */
1688 +/*
1689 + * propagate_start()
1690 + *
1691 + * This function is used to propagate a start event to the dependents of the
1692 + * given vertex. Any dependents that are offline but have their dependencies
1693 + * satisfied are started. Any dependents that are online and have restart_on
1694 + * set to "restart" or "refresh" are restarted because their dependencies have
1695 + * just changed. This only happens with optional_all dependencies.
1696 + */
1746 1697 static void
1747 1698 propagate_start(graph_vertex_t *v, void *arg)
1748 1699 {
1700 + restarter_error_t err = (restarter_error_t)arg;
1701 +
1702 + if (v->gv_flags & GV_TOOFFLINE)
1703 + return;
1704 +
1749 1705 switch (v->gv_type) {
1750 1706 case GVT_INST:
1751 - graph_start_if_satisfied(v);
1707 + /* Restarter */
1708 + if (inst_running(v)) {
1709 + if (err == RERR_RESTART || err == RERR_REFRESH) {
1710 + vertex_send_event(v,
1711 + RESTARTER_EVENT_TYPE_STOP_RESET);
1712 + }
1713 + } else {
1714 + graph_start_if_satisfied(v);
1715 + }
1752 1716 break;
1753 1717
1754 1718 case GVT_GROUP:
1755 1719 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1756 1720 graph_walk_dependents(v, propagate_stop,
1757 1721 (void *)RERR_RESTART);
1758 1722 break;
1759 1723 }
1724 + err = v->gv_restart;
1760 1725 /* FALLTHROUGH */
1761 1726
1762 1727 case GVT_SVC:
1763 - graph_walk_dependents(v, propagate_start, NULL);
1728 + graph_walk_dependents(v, propagate_start, (void *)err);
1764 1729 break;
1765 1730
1766 1731 case GVT_FILE:
1767 1732 #ifndef NDEBUG
1768 1733 uu_warn("%s:%d: propagate_start() encountered GVT_FILE.\n",
1769 1734 __FILE__, __LINE__);
1770 1735 #endif
1771 1736 abort();
1772 1737 /* NOTREACHED */
1773 1738
1774 1739 default:
1775 1740 #ifndef NDEBUG
1776 1741 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1777 1742 v->gv_type);
1778 1743 #endif
1779 1744 abort();
1780 1745 }
1781 1746 }
1782 1747
1748 +/*
1749 + * propagate_stop()
1750 + *
1751 + * This function is used to propagate a stop event to the dependents of the
1752 + * given vertex. Any dependents that are online (or in degraded state) with
1753 + * the restart_on property set to "restart" or "refresh" will be stopped as
1754 + * their dependencies have just changed, propagate_start() will start them
1755 + * again once their dependencies have been re-satisfied.
1756 + */
1783 1757 static void
1784 1758 propagate_stop(graph_vertex_t *v, void *arg)
1785 1759 {
1786 - graph_edge_t *e;
1787 - graph_vertex_t *svc;
1788 1760 restarter_error_t err = (restarter_error_t)arg;
1789 1761
1762 + if (v->gv_flags & GV_TOOFFLINE)
1763 + return;
1764 +
1790 1765 switch (v->gv_type) {
1791 1766 case GVT_INST:
1792 1767 /* Restarter */
1793 1768 if (err > RERR_NONE && inst_running(v)) {
1794 1769 if (err == RERR_RESTART || err == RERR_REFRESH) {
1795 1770 vertex_send_event(v,
1796 1771 RESTARTER_EVENT_TYPE_STOP_RESET);
1797 1772 } else {
1798 1773 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP);
1799 1774 }
1800 1775 }
1801 1776 break;
1802 1777
1803 1778 case GVT_SVC:
1804 1779 graph_walk_dependents(v, propagate_stop, arg);
1805 1780 break;
1806 1781
1807 1782 case GVT_FILE:
1808 1783 #ifndef NDEBUG
1809 1784 uu_warn("%s:%d: propagate_stop() encountered GVT_FILE.\n",
1810 1785 __FILE__, __LINE__);
1811 1786 #endif
1812 1787 abort();
1813 1788 /* NOTREACHED */
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
1814 1789
1815 1790 case GVT_GROUP:
1816 1791 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1817 1792 graph_walk_dependents(v, propagate_start, NULL);
1818 1793 break;
1819 1794 }
1820 1795
1821 1796 if (err == RERR_NONE || err > v->gv_restart)
1822 1797 break;
1823 1798
1824 - assert(uu_list_numnodes(v->gv_dependents) == 1);
1825 - e = uu_list_first(v->gv_dependents);
1826 - svc = e->ge_vertex;
1827 -
1828 - if (inst_running(svc)) {
1829 - if (err == RERR_RESTART || err == RERR_REFRESH) {
1830 - vertex_send_event(svc,
1831 - RESTARTER_EVENT_TYPE_STOP_RESET);
1832 - } else {
1833 - vertex_send_event(svc,
1834 - RESTARTER_EVENT_TYPE_STOP);
1835 - }
1836 - }
1799 + graph_walk_dependents(v, propagate_stop, arg);
1837 1800 break;
1838 1801
1839 1802 default:
1840 1803 #ifndef NDEBUG
1841 1804 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1842 1805 v->gv_type);
1843 1806 #endif
1844 1807 abort();
1845 1808 }
1846 1809 }
1847 1810
1848 1811 void
1849 1812 offline_vertex(graph_vertex_t *v)
1850 1813 {
1851 1814 scf_handle_t *h = libscf_handle_create_bound_loop();
1852 1815 scf_instance_t *scf_inst = safe_scf_instance_create(h);
1853 1816 scf_propertygroup_t *pg = safe_scf_pg_create(h);
1854 1817 restarter_instance_state_t state, next_state;
1855 1818 int r;
1856 1819
1857 1820 assert(v->gv_type == GVT_INST);
1858 1821
1859 1822 if (scf_inst == NULL)
1860 1823 bad_error("safe_scf_instance_create", scf_error());
1861 1824 if (pg == NULL)
1862 1825 bad_error("safe_scf_pg_create", scf_error());
1863 1826
1864 1827 /* if the vertex is already going offline, return */
1865 1828 rep_retry:
1866 1829 if (scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, scf_inst, NULL,
1867 1830 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
1868 1831 switch (scf_error()) {
1869 1832 case SCF_ERROR_CONNECTION_BROKEN:
1870 1833 libscf_handle_rebind(h);
1871 1834 goto rep_retry;
1872 1835
1873 1836 case SCF_ERROR_NOT_FOUND:
1874 1837 scf_pg_destroy(pg);
1875 1838 scf_instance_destroy(scf_inst);
1876 1839 (void) scf_handle_unbind(h);
1877 1840 scf_handle_destroy(h);
1878 1841 return;
1879 1842 }
1880 1843 uu_die("Can't decode FMRI %s: %s\n", v->gv_name,
1881 1844 scf_strerror(scf_error()));
1882 1845 }
1883 1846
1884 1847 r = scf_instance_get_pg(scf_inst, SCF_PG_RESTARTER, pg);
1885 1848 if (r != 0) {
1886 1849 switch (scf_error()) {
1887 1850 case SCF_ERROR_CONNECTION_BROKEN:
1888 1851 libscf_handle_rebind(h);
1889 1852 goto rep_retry;
1890 1853
1891 1854 case SCF_ERROR_NOT_SET:
1892 1855 case SCF_ERROR_NOT_FOUND:
1893 1856 scf_pg_destroy(pg);
1894 1857 scf_instance_destroy(scf_inst);
1895 1858 (void) scf_handle_unbind(h);
1896 1859 scf_handle_destroy(h);
1897 1860 return;
1898 1861
1899 1862 default:
1900 1863 bad_error("scf_instance_get_pg", scf_error());
1901 1864 }
1902 1865 } else {
1903 1866 r = libscf_read_states(pg, &state, &next_state);
1904 1867 if (r == 0 && (next_state == RESTARTER_STATE_OFFLINE ||
1905 1868 next_state == RESTARTER_STATE_DISABLED)) {
1906 1869 log_framework(LOG_DEBUG,
1907 1870 "%s: instance is already going down.\n",
1908 1871 v->gv_name);
1909 1872 scf_pg_destroy(pg);
1910 1873 scf_instance_destroy(scf_inst);
1911 1874 (void) scf_handle_unbind(h);
1912 1875 scf_handle_destroy(h);
1913 1876 return;
1914 1877 }
1915 1878 }
1916 1879
1917 1880 scf_pg_destroy(pg);
1918 1881 scf_instance_destroy(scf_inst);
1919 1882 (void) scf_handle_unbind(h);
1920 1883 scf_handle_destroy(h);
1921 1884
1922 1885 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP_RESET);
1923 1886 }
1924 1887
1925 1888 /*
1926 1889 * void graph_enable_by_vertex()
1927 1890 * If admin is non-zero, this is an administrative request for change
1928 1891 * of the enabled property. Thus, send the ADMIN_DISABLE rather than
1929 1892 * a plain DISABLE restarter event.
1930 1893 */
1931 1894 void
1932 1895 graph_enable_by_vertex(graph_vertex_t *vertex, int enable, int admin)
1933 1896 {
1934 1897 graph_vertex_t *v;
1935 1898 int r;
1936 1899
1937 1900 assert(MUTEX_HELD(&dgraph_lock));
1938 1901 assert((vertex->gv_flags & GV_CONFIGURED));
1939 1902
1940 1903 vertex->gv_flags = (vertex->gv_flags & ~GV_ENABLED) |
1941 1904 (enable ? GV_ENABLED : 0);
1942 1905
1943 1906 if (enable) {
1944 1907 if (vertex->gv_state != RESTARTER_STATE_OFFLINE &&
1945 1908 vertex->gv_state != RESTARTER_STATE_DEGRADED &&
1946 1909 vertex->gv_state != RESTARTER_STATE_ONLINE) {
1947 1910 /*
1948 1911 * In case the vertex was notified to go down,
1949 1912 * but now can return online, clear the _TOOFFLINE
1950 1913 * and _TODISABLE flags.
1951 1914 */
1952 1915 vertex->gv_flags &= ~GV_TOOFFLINE;
1953 1916 vertex->gv_flags &= ~GV_TODISABLE;
1954 1917
1955 1918 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ENABLE);
1956 1919 }
1957 1920
1958 1921 /*
1959 1922 * Wait for state update from restarter before sending _START or
1960 1923 * _STOP.
1961 1924 */
1962 1925
1963 1926 return;
1964 1927 }
1965 1928
1966 1929 if (vertex->gv_state == RESTARTER_STATE_DISABLED)
1967 1930 return;
1968 1931
1969 1932 if (!admin) {
1970 1933 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_DISABLE);
1971 1934
1972 1935 /*
1973 1936 * Wait for state update from restarter before sending _START or
1974 1937 * _STOP.
1975 1938 */
1976 1939
1977 1940 return;
1978 1941 }
1979 1942
1980 1943 /*
1981 1944 * If it is a DISABLE event requested by the administrator then we are
1982 1945 * offlining the dependents first.
1983 1946 */
1984 1947
1985 1948 /*
1986 1949 * Set GV_TOOFFLINE for the services we are offlining. We cannot
1987 1950 * clear the GV_TOOFFLINE bits from all the services because
1988 1951 * other DISABLE events might be handled at the same time.
1989 1952 */
1990 1953 vertex->gv_flags |= GV_TOOFFLINE;
1991 1954
1992 1955 /* remember which vertex to disable... */
1993 1956 vertex->gv_flags |= GV_TODISABLE;
1994 1957
1995 1958 log_framework(LOG_DEBUG, "Marking in-subtree vertices before "
1996 1959 "disabling %s.\n", vertex->gv_name);
1997 1960
1998 1961 /* set GV_TOOFFLINE for its dependents */
1999 1962 r = uu_list_walk(vertex->gv_dependents, (uu_walk_fn_t *)mark_subtree,
2000 1963 NULL, 0);
2001 1964 assert(r == 0);
2002 1965
2003 1966 /* disable the instance now if there is nothing else to offline */
2004 1967 if (insubtree_dependents_down(vertex) == B_TRUE) {
2005 1968 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
2006 1969 return;
2007 1970 }
2008 1971
2009 1972 /*
2010 1973 * This loop is similar to the one used for the graph reversal shutdown
2011 1974 * and could be improved in term of performance for the subtree reversal
2012 1975 * disable case.
2013 1976 */
2014 1977 for (v = uu_list_first(dgraph); v != NULL;
2015 1978 v = uu_list_next(dgraph, v)) {
2016 1979 /* skip the vertex we are disabling for now */
2017 1980 if (v == vertex)
2018 1981 continue;
2019 1982
2020 1983 if (v->gv_type != GVT_INST ||
2021 1984 (v->gv_flags & GV_CONFIGURED) == 0 ||
2022 1985 (v->gv_flags & GV_ENABLED) == 0 ||
2023 1986 (v->gv_flags & GV_TOOFFLINE) == 0)
2024 1987 continue;
2025 1988
2026 1989 if ((v->gv_state != RESTARTER_STATE_ONLINE) &&
2027 1990 (v->gv_state != RESTARTER_STATE_DEGRADED)) {
2028 1991 /* continue if there is nothing to offline */
2029 1992 continue;
2030 1993 }
2031 1994
2032 1995 /*
2033 1996 * Instances which are up need to come down before we're
2034 1997 * done, but we can only offline the leaves here. An
2035 1998 * instance is a leaf when all its dependents are down.
2036 1999 */
2037 2000 if (insubtree_dependents_down(v) == B_TRUE) {
2038 2001 log_framework(LOG_DEBUG, "Offlining in-subtree "
2039 2002 "instance %s for %s.\n",
2040 2003 v->gv_name, vertex->gv_name);
2041 2004 offline_vertex(v);
2042 2005 }
2043 2006 }
2044 2007 }
2045 2008
2046 2009 static int configure_vertex(graph_vertex_t *, scf_instance_t *);
2047 2010
2048 2011 /*
2049 2012 * Set the restarter for v to fmri_arg. That is, make sure a vertex for
2050 2013 * fmri_arg exists, make v depend on it, and send _ADD_INSTANCE for v. If
2051 2014 * v is already configured and fmri_arg indicates the current restarter, do
2052 2015 * nothing. If v is configured and fmri_arg is a new restarter, delete v's
2053 2016 * dependency on the restarter, send _REMOVE_INSTANCE for v, and set the new
2054 2017 * restarter. Returns 0 on success, EINVAL if the FMRI is invalid,
2055 2018 * ECONNABORTED if the repository connection is broken, and ELOOP
2056 2019 * if the dependency would create a cycle. In the last case, *pathp will
2057 2020 * point to a -1-terminated array of ids which compose the path from v to
2058 2021 * restarter_fmri.
2059 2022 */
2060 2023 int
2061 2024 graph_change_restarter(graph_vertex_t *v, const char *fmri_arg, scf_handle_t *h,
2062 2025 int **pathp)
2063 2026 {
2064 2027 char *restarter_fmri = NULL;
2065 2028 graph_vertex_t *rv;
2066 2029 int err;
2067 2030 int id;
2068 2031
2069 2032 assert(MUTEX_HELD(&dgraph_lock));
2070 2033
2071 2034 if (fmri_arg[0] != '\0') {
2072 2035 err = fmri_canonify(fmri_arg, &restarter_fmri, B_TRUE);
2073 2036 if (err != 0) {
2074 2037 assert(err == EINVAL);
2075 2038 return (err);
2076 2039 }
2077 2040 }
2078 2041
2079 2042 if (restarter_fmri == NULL ||
2080 2043 strcmp(restarter_fmri, SCF_SERVICE_STARTD) == 0) {
2081 2044 if (v->gv_flags & GV_CONFIGURED) {
2082 2045 if (v->gv_restarter_id == -1) {
2083 2046 if (restarter_fmri != NULL)
2084 2047 startd_free(restarter_fmri,
2085 2048 max_scf_fmri_size);
2086 2049 return (0);
2087 2050 }
2088 2051
2089 2052 graph_unset_restarter(v);
2090 2053 }
2091 2054
2092 2055 /* Master restarter, nothing to do. */
2093 2056 v->gv_restarter_id = -1;
2094 2057 v->gv_restarter_channel = NULL;
2095 2058 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2096 2059 return (0);
2097 2060 }
2098 2061
2099 2062 if (v->gv_flags & GV_CONFIGURED) {
2100 2063 id = dict_lookup_byname(restarter_fmri);
2101 2064 if (id != -1 && v->gv_restarter_id == id) {
2102 2065 startd_free(restarter_fmri, max_scf_fmri_size);
2103 2066 return (0);
2104 2067 }
2105 2068
2106 2069 graph_unset_restarter(v);
2107 2070 }
2108 2071
2109 2072 err = graph_insert_vertex_unconfigured(restarter_fmri, GVT_INST, 0,
2110 2073 RERR_NONE, &rv);
2111 2074 startd_free(restarter_fmri, max_scf_fmri_size);
2112 2075 assert(err == 0 || err == EEXIST);
2113 2076
2114 2077 if (rv->gv_delegate_initialized == 0) {
2115 2078 if ((rv->gv_delegate_channel = restarter_protocol_init_delegate(
2116 2079 rv->gv_name)) == NULL)
2117 2080 return (EINVAL);
2118 2081 rv->gv_delegate_initialized = 1;
2119 2082 }
2120 2083 v->gv_restarter_id = rv->gv_id;
2121 2084 v->gv_restarter_channel = rv->gv_delegate_channel;
2122 2085
2123 2086 err = graph_insert_dependency(v, rv, pathp);
2124 2087 if (err != 0) {
2125 2088 assert(err == ELOOP);
2126 2089 return (ELOOP);
2127 2090 }
2128 2091
2129 2092 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2130 2093
2131 2094 if (!(rv->gv_flags & GV_CONFIGURED)) {
2132 2095 scf_instance_t *inst;
2133 2096
2134 2097 err = libscf_fmri_get_instance(h, rv->gv_name, &inst);
2135 2098 switch (err) {
2136 2099 case 0:
2137 2100 err = configure_vertex(rv, inst);
2138 2101 scf_instance_destroy(inst);
2139 2102 switch (err) {
2140 2103 case 0:
2141 2104 case ECANCELED:
2142 2105 break;
2143 2106
2144 2107 case ECONNABORTED:
2145 2108 return (ECONNABORTED);
2146 2109
2147 2110 default:
2148 2111 bad_error("configure_vertex", err);
2149 2112 }
2150 2113 break;
2151 2114
2152 2115 case ECONNABORTED:
2153 2116 return (ECONNABORTED);
2154 2117
2155 2118 case ENOENT:
2156 2119 break;
2157 2120
2158 2121 case ENOTSUP:
2159 2122 /*
2160 2123 * The fmri doesn't specify an instance - translate
2161 2124 * to EINVAL.
2162 2125 */
2163 2126 return (EINVAL);
2164 2127
2165 2128 case EINVAL:
2166 2129 default:
2167 2130 bad_error("libscf_fmri_get_instance", err);
2168 2131 }
2169 2132 }
2170 2133
2171 2134 return (0);
2172 2135 }
2173 2136
2174 2137
2175 2138 /*
2176 2139 * Add all of the instances of the service named by fmri to the graph.
2177 2140 * Returns
2178 2141 * 0 - success
2179 2142 * ENOENT - service indicated by fmri does not exist
2180 2143 *
2181 2144 * In both cases *reboundp will be B_TRUE if the handle was rebound, or B_FALSE
2182 2145 * otherwise.
2183 2146 */
2184 2147 static int
2185 2148 add_service(const char *fmri, scf_handle_t *h, boolean_t *reboundp)
2186 2149 {
2187 2150 scf_service_t *svc;
2188 2151 scf_instance_t *inst;
2189 2152 scf_iter_t *iter;
2190 2153 char *inst_fmri;
2191 2154 int ret, r;
2192 2155
2193 2156 *reboundp = B_FALSE;
2194 2157
2195 2158 svc = safe_scf_service_create(h);
2196 2159 inst = safe_scf_instance_create(h);
2197 2160 iter = safe_scf_iter_create(h);
2198 2161 inst_fmri = startd_alloc(max_scf_fmri_size);
2199 2162
2200 2163 rebound:
2201 2164 if (scf_handle_decode_fmri(h, fmri, NULL, svc, NULL, NULL, NULL,
2202 2165 SCF_DECODE_FMRI_EXACT) != 0) {
2203 2166 switch (scf_error()) {
2204 2167 case SCF_ERROR_CONNECTION_BROKEN:
2205 2168 default:
2206 2169 libscf_handle_rebind(h);
2207 2170 *reboundp = B_TRUE;
2208 2171 goto rebound;
2209 2172
2210 2173 case SCF_ERROR_NOT_FOUND:
2211 2174 ret = ENOENT;
2212 2175 goto out;
2213 2176
2214 2177 case SCF_ERROR_INVALID_ARGUMENT:
2215 2178 case SCF_ERROR_CONSTRAINT_VIOLATED:
2216 2179 case SCF_ERROR_NOT_BOUND:
2217 2180 case SCF_ERROR_HANDLE_MISMATCH:
2218 2181 bad_error("scf_handle_decode_fmri", scf_error());
2219 2182 }
2220 2183 }
2221 2184
2222 2185 if (scf_iter_service_instances(iter, svc) != 0) {
2223 2186 switch (scf_error()) {
2224 2187 case SCF_ERROR_CONNECTION_BROKEN:
2225 2188 default:
2226 2189 libscf_handle_rebind(h);
2227 2190 *reboundp = B_TRUE;
2228 2191 goto rebound;
2229 2192
2230 2193 case SCF_ERROR_DELETED:
2231 2194 ret = ENOENT;
2232 2195 goto out;
2233 2196
2234 2197 case SCF_ERROR_HANDLE_MISMATCH:
2235 2198 case SCF_ERROR_NOT_BOUND:
2236 2199 case SCF_ERROR_NOT_SET:
2237 2200 bad_error("scf_iter_service_instances", scf_error());
2238 2201 }
2239 2202 }
2240 2203
2241 2204 for (;;) {
2242 2205 r = scf_iter_next_instance(iter, inst);
2243 2206 if (r == 0)
2244 2207 break;
2245 2208 if (r != 1) {
2246 2209 switch (scf_error()) {
2247 2210 case SCF_ERROR_CONNECTION_BROKEN:
2248 2211 default:
2249 2212 libscf_handle_rebind(h);
2250 2213 *reboundp = B_TRUE;
2251 2214 goto rebound;
2252 2215
2253 2216 case SCF_ERROR_DELETED:
2254 2217 ret = ENOENT;
2255 2218 goto out;
2256 2219
2257 2220 case SCF_ERROR_HANDLE_MISMATCH:
2258 2221 case SCF_ERROR_NOT_BOUND:
2259 2222 case SCF_ERROR_NOT_SET:
2260 2223 case SCF_ERROR_INVALID_ARGUMENT:
2261 2224 bad_error("scf_iter_next_instance",
2262 2225 scf_error());
2263 2226 }
2264 2227 }
2265 2228
2266 2229 if (scf_instance_to_fmri(inst, inst_fmri, max_scf_fmri_size) <
2267 2230 0) {
2268 2231 switch (scf_error()) {
2269 2232 case SCF_ERROR_CONNECTION_BROKEN:
2270 2233 libscf_handle_rebind(h);
2271 2234 *reboundp = B_TRUE;
2272 2235 goto rebound;
2273 2236
2274 2237 case SCF_ERROR_DELETED:
2275 2238 continue;
2276 2239
2277 2240 case SCF_ERROR_NOT_BOUND:
2278 2241 case SCF_ERROR_NOT_SET:
2279 2242 bad_error("scf_instance_to_fmri", scf_error());
2280 2243 }
2281 2244 }
2282 2245
2283 2246 r = dgraph_add_instance(inst_fmri, inst, B_FALSE);
2284 2247 switch (r) {
2285 2248 case 0:
2286 2249 case ECANCELED:
2287 2250 break;
2288 2251
2289 2252 case EEXIST:
2290 2253 continue;
2291 2254
2292 2255 case ECONNABORTED:
2293 2256 libscf_handle_rebind(h);
2294 2257 *reboundp = B_TRUE;
2295 2258 goto rebound;
2296 2259
2297 2260 case EINVAL:
2298 2261 default:
2299 2262 bad_error("dgraph_add_instance", r);
2300 2263 }
2301 2264 }
2302 2265
2303 2266 ret = 0;
2304 2267
2305 2268 out:
2306 2269 startd_free(inst_fmri, max_scf_fmri_size);
2307 2270 scf_iter_destroy(iter);
2308 2271 scf_instance_destroy(inst);
2309 2272 scf_service_destroy(svc);
2310 2273 return (ret);
2311 2274 }
2312 2275
2313 2276 struct depfmri_info {
2314 2277 graph_vertex_t *v; /* GVT_GROUP vertex */
2315 2278 gv_type_t type; /* type of dependency */
2316 2279 const char *inst_fmri; /* FMRI of parental GVT_INST vert. */
2317 2280 const char *pg_name; /* Name of dependency pg */
2318 2281 scf_handle_t *h;
2319 2282 int err; /* return error code */
2320 2283 int **pathp; /* return circular dependency path */
2321 2284 };
2322 2285
2323 2286 /*
2324 2287 * Find or create a vertex for fmri and make info->v depend on it.
2325 2288 * Returns
2326 2289 * 0 - success
2327 2290 * nonzero - failure
2328 2291 *
2329 2292 * On failure, sets info->err to
2330 2293 * EINVAL - fmri is invalid
2331 2294 * fmri does not match info->type
2332 2295 * ELOOP - Adding the dependency creates a circular dependency. *info->pathp
2333 2296 * will point to an array of the ids of the members of the cycle.
2334 2297 * ECONNABORTED - repository connection was broken
2335 2298 * ECONNRESET - succeeded, but repository connection was reset
2336 2299 */
2337 2300 static int
2338 2301 process_dependency_fmri(const char *fmri, struct depfmri_info *info)
2339 2302 {
2340 2303 int err;
2341 2304 graph_vertex_t *depgroup_v, *v;
2342 2305 char *fmri_copy, *cfmri;
2343 2306 size_t fmri_copy_sz;
2344 2307 const char *scope, *service, *instance, *pg;
2345 2308 scf_instance_t *inst;
2346 2309 boolean_t rebound;
2347 2310
2348 2311 assert(MUTEX_HELD(&dgraph_lock));
2349 2312
2350 2313 /* Get or create vertex for FMRI */
2351 2314 depgroup_v = info->v;
2352 2315
2353 2316 if (strncmp(fmri, "file:", sizeof ("file:") - 1) == 0) {
2354 2317 if (info->type != GVT_FILE) {
2355 2318 log_framework(LOG_NOTICE,
2356 2319 "FMRI \"%s\" is not allowed for the \"%s\" "
2357 2320 "dependency's type of instance %s.\n", fmri,
2358 2321 info->pg_name, info->inst_fmri);
2359 2322 return (info->err = EINVAL);
2360 2323 }
2361 2324
2362 2325 err = graph_insert_vertex_unconfigured(fmri, info->type, 0,
2363 2326 RERR_NONE, &v);
2364 2327 switch (err) {
2365 2328 case 0:
2366 2329 break;
2367 2330
2368 2331 case EEXIST:
2369 2332 assert(v->gv_type == GVT_FILE);
2370 2333 break;
2371 2334
2372 2335 case EINVAL: /* prevented above */
2373 2336 default:
2374 2337 bad_error("graph_insert_vertex_unconfigured", err);
2375 2338 }
2376 2339 } else {
2377 2340 if (info->type != GVT_INST) {
2378 2341 log_framework(LOG_NOTICE,
2379 2342 "FMRI \"%s\" is not allowed for the \"%s\" "
2380 2343 "dependency's type of instance %s.\n", fmri,
2381 2344 info->pg_name, info->inst_fmri);
2382 2345 return (info->err = EINVAL);
2383 2346 }
2384 2347
2385 2348 /*
2386 2349 * We must canonify fmri & add a vertex for it.
2387 2350 */
2388 2351 fmri_copy_sz = strlen(fmri) + 1;
2389 2352 fmri_copy = startd_alloc(fmri_copy_sz);
2390 2353 (void) strcpy(fmri_copy, fmri);
2391 2354
2392 2355 /* Determine if the FMRI is a property group or instance */
2393 2356 if (scf_parse_svc_fmri(fmri_copy, &scope, &service,
2394 2357 &instance, &pg, NULL) != 0) {
2395 2358 startd_free(fmri_copy, fmri_copy_sz);
2396 2359 log_framework(LOG_NOTICE,
2397 2360 "Dependency \"%s\" of %s has invalid FMRI "
2398 2361 "\"%s\".\n", info->pg_name, info->inst_fmri,
2399 2362 fmri);
2400 2363 return (info->err = EINVAL);
2401 2364 }
2402 2365
2403 2366 if (service == NULL || pg != NULL) {
2404 2367 startd_free(fmri_copy, fmri_copy_sz);
2405 2368 log_framework(LOG_NOTICE,
2406 2369 "Dependency \"%s\" of %s does not designate a "
2407 2370 "service or instance.\n", info->pg_name,
2408 2371 info->inst_fmri);
2409 2372 return (info->err = EINVAL);
2410 2373 }
2411 2374
2412 2375 if (scope == NULL || strcmp(scope, SCF_SCOPE_LOCAL) == 0) {
2413 2376 cfmri = uu_msprintf("svc:/%s%s%s",
2414 2377 service, instance ? ":" : "", instance ? instance :
2415 2378 "");
2416 2379 } else {
2417 2380 cfmri = uu_msprintf("svc://%s/%s%s%s",
2418 2381 scope, service, instance ? ":" : "", instance ?
2419 2382 instance : "");
2420 2383 }
2421 2384
2422 2385 startd_free(fmri_copy, fmri_copy_sz);
2423 2386
2424 2387 err = graph_insert_vertex_unconfigured(cfmri, instance ?
2425 2388 GVT_INST : GVT_SVC, instance ? 0 : DEPGRP_REQUIRE_ANY,
2426 2389 RERR_NONE, &v);
2427 2390 uu_free(cfmri);
2428 2391 switch (err) {
2429 2392 case 0:
2430 2393 break;
2431 2394
2432 2395 case EEXIST:
2433 2396 /* Verify v. */
2434 2397 if (instance != NULL)
2435 2398 assert(v->gv_type == GVT_INST);
2436 2399 else
2437 2400 assert(v->gv_type == GVT_SVC);
2438 2401 break;
2439 2402
2440 2403 default:
2441 2404 bad_error("graph_insert_vertex_unconfigured", err);
2442 2405 }
2443 2406 }
2444 2407
2445 2408 /* Add dependency from depgroup_v to new vertex */
2446 2409 info->err = graph_insert_dependency(depgroup_v, v, info->pathp);
2447 2410 switch (info->err) {
2448 2411 case 0:
2449 2412 break;
2450 2413
2451 2414 case ELOOP:
2452 2415 return (ELOOP);
2453 2416
2454 2417 default:
2455 2418 bad_error("graph_insert_dependency", info->err);
2456 2419 }
2457 2420
2458 2421 /* This must be after we insert the dependency, to avoid looping. */
2459 2422 switch (v->gv_type) {
2460 2423 case GVT_INST:
2461 2424 if ((v->gv_flags & GV_CONFIGURED) != 0)
2462 2425 break;
2463 2426
2464 2427 inst = safe_scf_instance_create(info->h);
2465 2428
2466 2429 rebound = B_FALSE;
2467 2430
2468 2431 rebound:
2469 2432 err = libscf_lookup_instance(v->gv_name, inst);
2470 2433 switch (err) {
2471 2434 case 0:
2472 2435 err = configure_vertex(v, inst);
2473 2436 switch (err) {
2474 2437 case 0:
2475 2438 case ECANCELED:
2476 2439 break;
2477 2440
2478 2441 case ECONNABORTED:
2479 2442 libscf_handle_rebind(info->h);
2480 2443 rebound = B_TRUE;
2481 2444 goto rebound;
2482 2445
2483 2446 default:
2484 2447 bad_error("configure_vertex", err);
2485 2448 }
2486 2449 break;
2487 2450
2488 2451 case ENOENT:
2489 2452 break;
2490 2453
2491 2454 case ECONNABORTED:
2492 2455 libscf_handle_rebind(info->h);
2493 2456 rebound = B_TRUE;
2494 2457 goto rebound;
2495 2458
2496 2459 case EINVAL:
2497 2460 case ENOTSUP:
2498 2461 default:
2499 2462 bad_error("libscf_fmri_get_instance", err);
2500 2463 }
2501 2464
2502 2465 scf_instance_destroy(inst);
2503 2466
2504 2467 if (rebound)
2505 2468 return (info->err = ECONNRESET);
2506 2469 break;
2507 2470
2508 2471 case GVT_SVC:
2509 2472 (void) add_service(v->gv_name, info->h, &rebound);
2510 2473 if (rebound)
2511 2474 return (info->err = ECONNRESET);
2512 2475 }
2513 2476
2514 2477 return (0);
2515 2478 }
2516 2479
2517 2480 struct deppg_info {
2518 2481 graph_vertex_t *v; /* GVT_INST vertex */
2519 2482 int err; /* return error */
2520 2483 int **pathp; /* return circular dependency path */
2521 2484 };
2522 2485
2523 2486 /*
2524 2487 * Make info->v depend on a new GVT_GROUP node for this property group,
2525 2488 * and then call process_dependency_fmri() for the values of the entity
2526 2489 * property. Return 0 on success, or if something goes wrong return nonzero
2527 2490 * and set info->err to ECONNABORTED, EINVAL, or the error code returned by
2528 2491 * process_dependency_fmri().
2529 2492 */
2530 2493 static int
2531 2494 process_dependency_pg(scf_propertygroup_t *pg, struct deppg_info *info)
2532 2495 {
2533 2496 scf_handle_t *h;
2534 2497 depgroup_type_t deptype;
2535 2498 restarter_error_t rerr;
2536 2499 struct depfmri_info linfo;
2537 2500 char *fmri, *pg_name;
2538 2501 size_t fmri_sz;
2539 2502 graph_vertex_t *depgrp;
2540 2503 scf_property_t *prop;
2541 2504 int err;
2542 2505 int empty;
2543 2506 scf_error_t scferr;
2544 2507 ssize_t len;
2545 2508
2546 2509 assert(MUTEX_HELD(&dgraph_lock));
2547 2510
2548 2511 h = scf_pg_handle(pg);
2549 2512
2550 2513 pg_name = startd_alloc(max_scf_name_size);
2551 2514
2552 2515 len = scf_pg_get_name(pg, pg_name, max_scf_name_size);
2553 2516 if (len < 0) {
2554 2517 startd_free(pg_name, max_scf_name_size);
2555 2518 switch (scf_error()) {
2556 2519 case SCF_ERROR_CONNECTION_BROKEN:
2557 2520 default:
2558 2521 return (info->err = ECONNABORTED);
2559 2522
2560 2523 case SCF_ERROR_DELETED:
2561 2524 return (info->err = 0);
2562 2525
2563 2526 case SCF_ERROR_NOT_SET:
2564 2527 bad_error("scf_pg_get_name", scf_error());
2565 2528 }
2566 2529 }
2567 2530
2568 2531 /*
2569 2532 * Skip over empty dependency groups. Since dependency property
2570 2533 * groups are updated atomically, they are either empty or
2571 2534 * fully populated.
2572 2535 */
2573 2536 empty = depgroup_empty(h, pg);
2574 2537 if (empty < 0) {
2575 2538 log_error(LOG_INFO,
2576 2539 "Error reading dependency group \"%s\" of %s: %s\n",
2577 2540 pg_name, info->v->gv_name, scf_strerror(scf_error()));
2578 2541 startd_free(pg_name, max_scf_name_size);
2579 2542 return (info->err = EINVAL);
2580 2543
2581 2544 } else if (empty == 1) {
2582 2545 log_framework(LOG_DEBUG,
2583 2546 "Ignoring empty dependency group \"%s\" of %s\n",
2584 2547 pg_name, info->v->gv_name);
2585 2548 startd_free(pg_name, max_scf_name_size);
2586 2549 return (info->err = 0);
2587 2550 }
2588 2551
2589 2552 fmri_sz = strlen(info->v->gv_name) + 1 + len + 1;
2590 2553 fmri = startd_alloc(fmri_sz);
2591 2554
2592 2555 (void) snprintf(fmri, fmri_sz, "%s>%s", info->v->gv_name,
2593 2556 pg_name);
2594 2557
2595 2558 /* Validate the pg before modifying the graph */
2596 2559 deptype = depgroup_read_grouping(h, pg);
2597 2560 if (deptype == DEPGRP_UNSUPPORTED) {
2598 2561 log_error(LOG_INFO,
2599 2562 "Dependency \"%s\" of %s has an unknown grouping value.\n",
2600 2563 pg_name, info->v->gv_name);
2601 2564 startd_free(fmri, fmri_sz);
2602 2565 startd_free(pg_name, max_scf_name_size);
2603 2566 return (info->err = EINVAL);
2604 2567 }
2605 2568
2606 2569 rerr = depgroup_read_restart(h, pg);
2607 2570 if (rerr == RERR_UNSUPPORTED) {
2608 2571 log_error(LOG_INFO,
2609 2572 "Dependency \"%s\" of %s has an unknown restart_on value."
2610 2573 "\n", pg_name, info->v->gv_name);
2611 2574 startd_free(fmri, fmri_sz);
2612 2575 startd_free(pg_name, max_scf_name_size);
2613 2576 return (info->err = EINVAL);
2614 2577 }
2615 2578
2616 2579 prop = safe_scf_property_create(h);
2617 2580
2618 2581 if (scf_pg_get_property(pg, SCF_PROPERTY_ENTITIES, prop) != 0) {
2619 2582 scferr = scf_error();
2620 2583 scf_property_destroy(prop);
2621 2584 if (scferr == SCF_ERROR_DELETED) {
2622 2585 startd_free(fmri, fmri_sz);
2623 2586 startd_free(pg_name, max_scf_name_size);
2624 2587 return (info->err = 0);
2625 2588 } else if (scferr != SCF_ERROR_NOT_FOUND) {
2626 2589 startd_free(fmri, fmri_sz);
2627 2590 startd_free(pg_name, max_scf_name_size);
2628 2591 return (info->err = ECONNABORTED);
2629 2592 }
2630 2593
2631 2594 log_error(LOG_INFO,
2632 2595 "Dependency \"%s\" of %s is missing a \"%s\" property.\n",
2633 2596 pg_name, info->v->gv_name, SCF_PROPERTY_ENTITIES);
2634 2597
2635 2598 startd_free(fmri, fmri_sz);
2636 2599 startd_free(pg_name, max_scf_name_size);
2637 2600
2638 2601 return (info->err = EINVAL);
2639 2602 }
2640 2603
2641 2604 /* Create depgroup vertex for pg */
2642 2605 err = graph_insert_vertex_unconfigured(fmri, GVT_GROUP, deptype,
2643 2606 rerr, &depgrp);
2644 2607 assert(err == 0);
2645 2608 startd_free(fmri, fmri_sz);
2646 2609
2647 2610 /* Add dependency from inst vertex to new vertex */
2648 2611 err = graph_insert_dependency(info->v, depgrp, info->pathp);
2649 2612 /* ELOOP can't happen because this should be a new vertex */
2650 2613 assert(err == 0);
2651 2614
2652 2615 linfo.v = depgrp;
2653 2616 linfo.type = depgroup_read_scheme(h, pg);
2654 2617 linfo.inst_fmri = info->v->gv_name;
2655 2618 linfo.pg_name = pg_name;
2656 2619 linfo.h = h;
2657 2620 linfo.err = 0;
2658 2621 linfo.pathp = info->pathp;
2659 2622 err = walk_property_astrings(prop, (callback_t)process_dependency_fmri,
2660 2623 &linfo);
2661 2624
2662 2625 scf_property_destroy(prop);
2663 2626 startd_free(pg_name, max_scf_name_size);
2664 2627
2665 2628 switch (err) {
2666 2629 case 0:
2667 2630 case EINTR:
2668 2631 return (info->err = linfo.err);
2669 2632
2670 2633 case ECONNABORTED:
2671 2634 case EINVAL:
2672 2635 return (info->err = err);
2673 2636
2674 2637 case ECANCELED:
2675 2638 return (info->err = 0);
2676 2639
2677 2640 case ECONNRESET:
2678 2641 return (info->err = ECONNABORTED);
2679 2642
2680 2643 default:
2681 2644 bad_error("walk_property_astrings", err);
2682 2645 /* NOTREACHED */
2683 2646 }
2684 2647 }
2685 2648
2686 2649 /*
2687 2650 * Build the dependency info for v from the repository. Returns 0 on success,
2688 2651 * ECONNABORTED on repository disconnection, EINVAL if the repository
2689 2652 * configuration is invalid, and ELOOP if a dependency would cause a cycle.
2690 2653 * In the last case, *pathp will point to a -1-terminated array of ids which
2691 2654 * constitute the rest of the dependency cycle.
2692 2655 */
2693 2656 static int
2694 2657 set_dependencies(graph_vertex_t *v, scf_instance_t *inst, int **pathp)
2695 2658 {
2696 2659 struct deppg_info info;
2697 2660 int err;
2698 2661 uint_t old_configured;
2699 2662
2700 2663 assert(MUTEX_HELD(&dgraph_lock));
2701 2664
2702 2665 /*
2703 2666 * Mark the vertex as configured during dependency insertion to avoid
2704 2667 * dependency cycles (which can appear in the graph if one of the
2705 2668 * vertices is an exclusion-group).
2706 2669 */
2707 2670 old_configured = v->gv_flags & GV_CONFIGURED;
2708 2671 v->gv_flags |= GV_CONFIGURED;
2709 2672
2710 2673 info.err = 0;
2711 2674 info.v = v;
2712 2675 info.pathp = pathp;
2713 2676
2714 2677 err = walk_dependency_pgs(inst, (callback_t)process_dependency_pg,
2715 2678 &info);
2716 2679
2717 2680 if (!old_configured)
2718 2681 v->gv_flags &= ~GV_CONFIGURED;
2719 2682
2720 2683 switch (err) {
2721 2684 case 0:
2722 2685 case EINTR:
2723 2686 return (info.err);
2724 2687
2725 2688 case ECONNABORTED:
2726 2689 return (ECONNABORTED);
2727 2690
2728 2691 case ECANCELED:
2729 2692 /* Should get delete event, so return 0. */
2730 2693 return (0);
2731 2694
2732 2695 default:
2733 2696 bad_error("walk_dependency_pgs", err);
2734 2697 /* NOTREACHED */
2735 2698 }
2736 2699 }
2737 2700
2738 2701
2739 2702 static void
2740 2703 handle_cycle(const char *fmri, int *path)
2741 2704 {
2742 2705 const char *cp;
2743 2706 size_t sz;
2744 2707
2745 2708 assert(MUTEX_HELD(&dgraph_lock));
2746 2709
2747 2710 path_to_str(path, (char **)&cp, &sz);
2748 2711
2749 2712 log_error(LOG_ERR, "Transitioning %s to maintenance "
2750 2713 "because it completes a dependency cycle (see svcs -xv for "
2751 2714 "details):\n%s", fmri ? fmri : "?", cp);
2752 2715
2753 2716 startd_free((void *)cp, sz);
2754 2717 }
2755 2718
2756 2719 /*
2757 2720 * Increment the vertex's reference count to prevent the vertex removal
2758 2721 * from the dgraph.
2759 2722 */
2760 2723 static void
2761 2724 vertex_ref(graph_vertex_t *v)
2762 2725 {
2763 2726 assert(MUTEX_HELD(&dgraph_lock));
2764 2727
2765 2728 v->gv_refs++;
2766 2729 }
2767 2730
2768 2731 /*
2769 2732 * Decrement the vertex's reference count and remove the vertex from
2770 2733 * the dgraph when possible.
2771 2734 *
2772 2735 * Return VERTEX_REMOVED when the vertex has been removed otherwise
2773 2736 * return VERTEX_INUSE.
2774 2737 */
2775 2738 static int
2776 2739 vertex_unref(graph_vertex_t *v)
2777 2740 {
2778 2741 assert(MUTEX_HELD(&dgraph_lock));
2779 2742 assert(v->gv_refs > 0);
2780 2743
2781 2744 v->gv_refs--;
2782 2745
2783 2746 return (free_if_unrefed(v));
2784 2747 }
2785 2748
2786 2749 /*
2787 2750 * When run on the dependencies of a vertex, populates list with
2788 2751 * graph_edge_t's which point to the service vertices or the instance
2789 2752 * vertices (no GVT_GROUP nodes) on which the vertex depends.
2790 2753 *
2791 2754 * Increment the vertex's reference count once the vertex is inserted
2792 2755 * in the list. The vertex won't be able to be deleted from the dgraph
2793 2756 * while it is referenced.
2794 2757 */
2795 2758 static int
2796 2759 append_svcs_or_insts(graph_edge_t *e, uu_list_t *list)
2797 2760 {
2798 2761 graph_vertex_t *v = e->ge_vertex;
2799 2762 graph_edge_t *new;
2800 2763 int r;
2801 2764
2802 2765 switch (v->gv_type) {
2803 2766 case GVT_INST:
2804 2767 case GVT_SVC:
2805 2768 break;
2806 2769
2807 2770 case GVT_GROUP:
2808 2771 r = uu_list_walk(v->gv_dependencies,
2809 2772 (uu_walk_fn_t *)append_svcs_or_insts, list, 0);
2810 2773 assert(r == 0);
2811 2774 return (UU_WALK_NEXT);
2812 2775
2813 2776 case GVT_FILE:
2814 2777 return (UU_WALK_NEXT);
2815 2778
2816 2779 default:
2817 2780 #ifndef NDEBUG
2818 2781 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
2819 2782 __LINE__, v->gv_type);
2820 2783 #endif
2821 2784 abort();
2822 2785 }
2823 2786
2824 2787 new = startd_alloc(sizeof (*new));
2825 2788 new->ge_vertex = v;
2826 2789 uu_list_node_init(new, &new->ge_link, graph_edge_pool);
2827 2790 r = uu_list_insert_before(list, NULL, new);
2828 2791 assert(r == 0);
2829 2792
2830 2793 /*
2831 2794 * Because we are inserting the vertex in a list, we don't want
2832 2795 * the vertex to be freed while the list is in use. In order to
2833 2796 * achieve that, increment the vertex's reference count.
2834 2797 */
2835 2798 vertex_ref(v);
2836 2799
2837 2800 return (UU_WALK_NEXT);
2838 2801 }
2839 2802
2840 2803 static boolean_t
2841 2804 should_be_in_subgraph(graph_vertex_t *v)
2842 2805 {
2843 2806 graph_edge_t *e;
2844 2807
2845 2808 if (v == milestone)
2846 2809 return (B_TRUE);
2847 2810
2848 2811 /*
2849 2812 * v is in the subgraph if any of its dependents are in the subgraph.
2850 2813 * Except for EXCLUDE_ALL dependents. And OPTIONAL dependents only
2851 2814 * count if we're enabled.
2852 2815 */
2853 2816 for (e = uu_list_first(v->gv_dependents);
2854 2817 e != NULL;
2855 2818 e = uu_list_next(v->gv_dependents, e)) {
2856 2819 graph_vertex_t *dv = e->ge_vertex;
2857 2820
2858 2821 if (!(dv->gv_flags & GV_INSUBGRAPH))
2859 2822 continue;
2860 2823
2861 2824 /*
2862 2825 * Don't include instances that are optional and disabled.
2863 2826 */
2864 2827 if (v->gv_type == GVT_INST && dv->gv_type == GVT_SVC) {
2865 2828
2866 2829 int in = 0;
2867 2830 graph_edge_t *ee;
2868 2831
2869 2832 for (ee = uu_list_first(dv->gv_dependents);
2870 2833 ee != NULL;
2871 2834 ee = uu_list_next(dv->gv_dependents, ee)) {
2872 2835
2873 2836 graph_vertex_t *ddv = e->ge_vertex;
2874 2837
2875 2838 if (ddv->gv_type == GVT_GROUP &&
2876 2839 ddv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2877 2840 continue;
2878 2841
2879 2842 if (ddv->gv_type == GVT_GROUP &&
2880 2843 ddv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2881 2844 !(v->gv_flags & GV_ENBLD_NOOVR))
2882 2845 continue;
2883 2846
2884 2847 in = 1;
2885 2848 }
2886 2849 if (!in)
2887 2850 continue;
2888 2851 }
2889 2852 if (v->gv_type == GVT_INST &&
2890 2853 dv->gv_type == GVT_GROUP &&
2891 2854 dv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2892 2855 !(v->gv_flags & GV_ENBLD_NOOVR))
2893 2856 continue;
2894 2857
2895 2858 /* Don't include excluded services and instances */
2896 2859 if (dv->gv_type == GVT_GROUP &&
2897 2860 dv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2898 2861 continue;
2899 2862
2900 2863 return (B_TRUE);
2901 2864 }
2902 2865
2903 2866 return (B_FALSE);
2904 2867 }
2905 2868
2906 2869 /*
2907 2870 * Ensures that GV_INSUBGRAPH is set properly for v and its descendents. If
2908 2871 * any bits change, manipulate the repository appropriately. Returns 0 or
2909 2872 * ECONNABORTED.
2910 2873 */
2911 2874 static int
2912 2875 eval_subgraph(graph_vertex_t *v, scf_handle_t *h)
2913 2876 {
2914 2877 boolean_t old = (v->gv_flags & GV_INSUBGRAPH) != 0;
2915 2878 boolean_t new;
2916 2879 graph_edge_t *e;
2917 2880 scf_instance_t *inst;
2918 2881 int ret = 0, r;
2919 2882
2920 2883 assert(milestone != NULL && milestone != MILESTONE_NONE);
2921 2884
2922 2885 new = should_be_in_subgraph(v);
2923 2886
2924 2887 if (new == old)
2925 2888 return (0);
2926 2889
2927 2890 log_framework(LOG_DEBUG, new ? "Adding %s to the subgraph.\n" :
2928 2891 "Removing %s from the subgraph.\n", v->gv_name);
2929 2892
2930 2893 v->gv_flags = (v->gv_flags & ~GV_INSUBGRAPH) |
2931 2894 (new ? GV_INSUBGRAPH : 0);
2932 2895
2933 2896 if (v->gv_type == GVT_INST && (v->gv_flags & GV_CONFIGURED)) {
2934 2897 int err;
2935 2898
2936 2899 get_inst:
2937 2900 err = libscf_fmri_get_instance(h, v->gv_name, &inst);
2938 2901 if (err != 0) {
2939 2902 switch (err) {
2940 2903 case ECONNABORTED:
2941 2904 libscf_handle_rebind(h);
2942 2905 ret = ECONNABORTED;
2943 2906 goto get_inst;
2944 2907
2945 2908 case ENOENT:
2946 2909 break;
2947 2910
2948 2911 case EINVAL:
2949 2912 case ENOTSUP:
2950 2913 default:
2951 2914 bad_error("libscf_fmri_get_instance", err);
2952 2915 }
2953 2916 } else {
2954 2917 const char *f;
2955 2918
2956 2919 if (new) {
2957 2920 err = libscf_delete_enable_ovr(inst);
2958 2921 f = "libscf_delete_enable_ovr";
2959 2922 } else {
2960 2923 err = libscf_set_enable_ovr(inst, 0);
2961 2924 f = "libscf_set_enable_ovr";
2962 2925 }
2963 2926 scf_instance_destroy(inst);
2964 2927 switch (err) {
2965 2928 case 0:
2966 2929 case ECANCELED:
2967 2930 break;
2968 2931
2969 2932 case ECONNABORTED:
2970 2933 libscf_handle_rebind(h);
2971 2934 /*
2972 2935 * We must continue so the graph is updated,
2973 2936 * but we must return ECONNABORTED so any
2974 2937 * libscf state held by any callers is reset.
2975 2938 */
2976 2939 ret = ECONNABORTED;
2977 2940 goto get_inst;
2978 2941
2979 2942 case EROFS:
2980 2943 case EPERM:
2981 2944 log_error(LOG_WARNING,
2982 2945 "Could not set %s/%s for %s: %s.\n",
2983 2946 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
2984 2947 v->gv_name, strerror(err));
2985 2948 break;
2986 2949
2987 2950 default:
2988 2951 bad_error(f, err);
2989 2952 }
2990 2953 }
2991 2954 }
2992 2955
2993 2956 for (e = uu_list_first(v->gv_dependencies);
2994 2957 e != NULL;
2995 2958 e = uu_list_next(v->gv_dependencies, e)) {
2996 2959 r = eval_subgraph(e->ge_vertex, h);
2997 2960 if (r != 0) {
2998 2961 assert(r == ECONNABORTED);
2999 2962 ret = ECONNABORTED;
3000 2963 }
3001 2964 }
3002 2965
3003 2966 return (ret);
3004 2967 }
3005 2968
3006 2969 /*
3007 2970 * Delete the (property group) dependencies of v & create new ones based on
3008 2971 * inst. If doing so would create a cycle, log a message and put the instance
3009 2972 * into maintenance. Update GV_INSUBGRAPH flags as necessary. Returns 0 or
3010 2973 * ECONNABORTED.
3011 2974 */
3012 2975 int
3013 2976 refresh_vertex(graph_vertex_t *v, scf_instance_t *inst)
3014 2977 {
3015 2978 int err;
3016 2979 int *path;
3017 2980 char *fmri;
3018 2981 int r;
3019 2982 scf_handle_t *h = scf_instance_handle(inst);
3020 2983 uu_list_t *old_deps;
3021 2984 int ret = 0;
3022 2985 graph_edge_t *e;
3023 2986 graph_vertex_t *vv;
3024 2987
3025 2988 assert(MUTEX_HELD(&dgraph_lock));
3026 2989 assert(v->gv_type == GVT_INST);
3027 2990
3028 2991 log_framework(LOG_DEBUG, "Graph engine: Refreshing %s.\n", v->gv_name);
3029 2992
3030 2993 if (milestone > MILESTONE_NONE) {
3031 2994 /*
3032 2995 * In case some of v's dependencies are being deleted we must
3033 2996 * make a list of them now for GV_INSUBGRAPH-flag evaluation
3034 2997 * after the new dependencies are in place.
3035 2998 */
3036 2999 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
3037 3000
3038 3001 err = uu_list_walk(v->gv_dependencies,
3039 3002 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
3040 3003 assert(err == 0);
3041 3004 }
3042 3005
3043 3006 delete_instance_dependencies(v, B_FALSE);
3044 3007
3045 3008 err = set_dependencies(v, inst, &path);
3046 3009 switch (err) {
3047 3010 case 0:
3048 3011 break;
3049 3012
3050 3013 case ECONNABORTED:
3051 3014 ret = err;
3052 3015 goto out;
3053 3016
3054 3017 case EINVAL:
3055 3018 case ELOOP:
3056 3019 r = libscf_instance_get_fmri(inst, &fmri);
3057 3020 switch (r) {
3058 3021 case 0:
3059 3022 break;
3060 3023
3061 3024 case ECONNABORTED:
3062 3025 ret = ECONNABORTED;
3063 3026 goto out;
3064 3027
3065 3028 case ECANCELED:
3066 3029 ret = 0;
3067 3030 goto out;
3068 3031
3069 3032 default:
3070 3033 bad_error("libscf_instance_get_fmri", r);
3071 3034 }
3072 3035
3073 3036 if (err == EINVAL) {
3074 3037 log_error(LOG_ERR, "Transitioning %s "
3075 3038 "to maintenance due to misconfiguration.\n",
3076 3039 fmri ? fmri : "?");
3077 3040 vertex_send_event(v,
3078 3041 RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY);
3079 3042 } else {
3080 3043 handle_cycle(fmri, path);
3081 3044 vertex_send_event(v,
3082 3045 RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE);
3083 3046 }
3084 3047 startd_free(fmri, max_scf_fmri_size);
3085 3048 ret = 0;
3086 3049 goto out;
3087 3050
3088 3051 default:
3089 3052 bad_error("set_dependencies", err);
3090 3053 }
3091 3054
3092 3055 if (milestone > MILESTONE_NONE) {
3093 3056 boolean_t aborted = B_FALSE;
3094 3057
3095 3058 for (e = uu_list_first(old_deps);
3096 3059 e != NULL;
3097 3060 e = uu_list_next(old_deps, e)) {
3098 3061 vv = e->ge_vertex;
3099 3062
3100 3063 if (vertex_unref(vv) == VERTEX_INUSE &&
3101 3064 eval_subgraph(vv, h) == ECONNABORTED)
3102 3065 aborted = B_TRUE;
3103 3066 }
3104 3067
3105 3068 for (e = uu_list_first(v->gv_dependencies);
3106 3069 e != NULL;
3107 3070 e = uu_list_next(v->gv_dependencies, e)) {
3108 3071 if (eval_subgraph(e->ge_vertex, h) ==
3109 3072 ECONNABORTED)
3110 3073 aborted = B_TRUE;
3111 3074 }
3112 3075
3113 3076 if (aborted) {
3114 3077 ret = ECONNABORTED;
3115 3078 goto out;
3116 3079 }
3117 3080 }
3118 3081
3119 3082 graph_start_if_satisfied(v);
3120 3083
3121 3084 ret = 0;
3122 3085
3123 3086 out:
3124 3087 if (milestone > MILESTONE_NONE) {
3125 3088 void *cookie = NULL;
3126 3089
3127 3090 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL)
3128 3091 startd_free(e, sizeof (*e));
3129 3092
3130 3093 uu_list_destroy(old_deps);
3131 3094 }
3132 3095
3133 3096 return (ret);
3134 3097 }
3135 3098
3136 3099 /*
3137 3100 * Set up v according to inst. That is, make sure it depends on its
3138 3101 * restarter and set up its dependencies. Send the ADD_INSTANCE command to
3139 3102 * the restarter, and send ENABLE or DISABLE as appropriate.
3140 3103 *
3141 3104 * Returns 0 on success, ECONNABORTED on repository disconnection, or
3142 3105 * ECANCELED if inst is deleted.
3143 3106 */
3144 3107 static int
3145 3108 configure_vertex(graph_vertex_t *v, scf_instance_t *inst)
3146 3109 {
3147 3110 scf_handle_t *h;
3148 3111 scf_propertygroup_t *pg;
3149 3112 scf_snapshot_t *snap;
3150 3113 char *restarter_fmri = startd_alloc(max_scf_value_size);
3151 3114 int enabled, enabled_ovr;
3152 3115 int err;
3153 3116 int *path;
3154 3117 int deathrow;
3155 3118 int32_t tset;
3156 3119
3157 3120 restarter_fmri[0] = '\0';
3158 3121
3159 3122 assert(MUTEX_HELD(&dgraph_lock));
3160 3123 assert(v->gv_type == GVT_INST);
3161 3124 assert((v->gv_flags & GV_CONFIGURED) == 0);
3162 3125
3163 3126 /* GV_INSUBGRAPH should already be set properly. */
3164 3127 assert(should_be_in_subgraph(v) ==
3165 3128 ((v->gv_flags & GV_INSUBGRAPH) != 0));
3166 3129
3167 3130 /*
3168 3131 * If the instance fmri is in the deathrow list then set the
3169 3132 * GV_DEATHROW flag on the vertex and create and set to true the
3170 3133 * SCF_PROPERTY_DEATHROW boolean property in the non-persistent
3171 3134 * repository for this instance fmri.
3172 3135 */
3173 3136 if ((v->gv_flags & GV_DEATHROW) ||
3174 3137 (is_fmri_in_deathrow(v->gv_name) == B_TRUE)) {
3175 3138 if ((v->gv_flags & GV_DEATHROW) == 0) {
3176 3139 /*
3177 3140 * Set flag GV_DEATHROW, create and set to true
3178 3141 * the SCF_PROPERTY_DEATHROW property in the
3179 3142 * non-persistent repository for this instance fmri.
3180 3143 */
3181 3144 v->gv_flags |= GV_DEATHROW;
3182 3145
3183 3146 switch (err = libscf_set_deathrow(inst, 1)) {
3184 3147 case 0:
3185 3148 break;
3186 3149
3187 3150 case ECONNABORTED:
3188 3151 case ECANCELED:
3189 3152 startd_free(restarter_fmri, max_scf_value_size);
3190 3153 return (err);
3191 3154
3192 3155 case EROFS:
3193 3156 log_error(LOG_WARNING, "Could not set %s/%s "
3194 3157 "for deathrow %s: %s.\n",
3195 3158 SCF_PG_DEATHROW, SCF_PROPERTY_DEATHROW,
3196 3159 v->gv_name, strerror(err));
3197 3160 break;
3198 3161
3199 3162 case EPERM:
3200 3163 uu_die("Permission denied.\n");
3201 3164 /* NOTREACHED */
3202 3165
3203 3166 default:
3204 3167 bad_error("libscf_set_deathrow", err);
3205 3168 }
3206 3169 log_framework(LOG_DEBUG, "Deathrow, graph set %s.\n",
3207 3170 v->gv_name);
3208 3171 }
3209 3172 startd_free(restarter_fmri, max_scf_value_size);
3210 3173 return (0);
3211 3174 }
3212 3175
3213 3176 h = scf_instance_handle(inst);
3214 3177
3215 3178 /*
3216 3179 * Using a temporary deathrow boolean property, set through
3217 3180 * libscf_set_deathrow(), only for fmris on deathrow, is necessary
3218 3181 * because deathrow_fini() may already have been called, and in case
3219 3182 * of a refresh, GV_DEATHROW may need to be set again.
3220 3183 * libscf_get_deathrow() sets deathrow to 1 only if this instance
3221 3184 * has a temporary boolean property named 'deathrow' valued true
3222 3185 * in a property group 'deathrow', -1 or 0 in all other cases.
3223 3186 */
3224 3187 err = libscf_get_deathrow(h, inst, &deathrow);
3225 3188 switch (err) {
3226 3189 case 0:
3227 3190 break;
3228 3191
3229 3192 case ECONNABORTED:
3230 3193 case ECANCELED:
3231 3194 startd_free(restarter_fmri, max_scf_value_size);
3232 3195 return (err);
3233 3196
3234 3197 default:
3235 3198 bad_error("libscf_get_deathrow", err);
3236 3199 }
3237 3200
3238 3201 if (deathrow == 1) {
3239 3202 v->gv_flags |= GV_DEATHROW;
3240 3203 startd_free(restarter_fmri, max_scf_value_size);
3241 3204 return (0);
3242 3205 }
3243 3206
3244 3207 log_framework(LOG_DEBUG, "Graph adding %s.\n", v->gv_name);
3245 3208
3246 3209 /*
3247 3210 * If the instance does not have a restarter property group,
3248 3211 * initialize its state to uninitialized/none, in case the restarter
3249 3212 * is not enabled.
3250 3213 */
3251 3214 pg = safe_scf_pg_create(h);
3252 3215
3253 3216 if (scf_instance_get_pg(inst, SCF_PG_RESTARTER, pg) != 0) {
3254 3217 instance_data_t idata;
3255 3218 uint_t count = 0, msecs = ALLOC_DELAY;
3256 3219
3257 3220 switch (scf_error()) {
3258 3221 case SCF_ERROR_NOT_FOUND:
3259 3222 break;
3260 3223
3261 3224 case SCF_ERROR_CONNECTION_BROKEN:
3262 3225 default:
3263 3226 scf_pg_destroy(pg);
3264 3227 startd_free(restarter_fmri, max_scf_value_size);
3265 3228 return (ECONNABORTED);
3266 3229
3267 3230 case SCF_ERROR_DELETED:
3268 3231 scf_pg_destroy(pg);
3269 3232 startd_free(restarter_fmri, max_scf_value_size);
3270 3233 return (ECANCELED);
3271 3234
3272 3235 case SCF_ERROR_NOT_SET:
3273 3236 bad_error("scf_instance_get_pg", scf_error());
3274 3237 }
3275 3238
3276 3239 switch (err = libscf_instance_get_fmri(inst,
3277 3240 (char **)&idata.i_fmri)) {
3278 3241 case 0:
3279 3242 break;
3280 3243
3281 3244 case ECONNABORTED:
3282 3245 case ECANCELED:
3283 3246 scf_pg_destroy(pg);
3284 3247 startd_free(restarter_fmri, max_scf_value_size);
3285 3248 return (err);
3286 3249
3287 3250 default:
3288 3251 bad_error("libscf_instance_get_fmri", err);
3289 3252 }
3290 3253
3291 3254 idata.i_state = RESTARTER_STATE_NONE;
3292 3255 idata.i_next_state = RESTARTER_STATE_NONE;
3293 3256
3294 3257 init_state:
3295 3258 switch (err = _restarter_commit_states(h, &idata,
3296 3259 RESTARTER_STATE_UNINIT, RESTARTER_STATE_NONE,
3297 3260 restarter_get_str_short(restarter_str_insert_in_graph))) {
3298 3261 case 0:
3299 3262 break;
3300 3263
3301 3264 case ENOMEM:
3302 3265 ++count;
3303 3266 if (count < ALLOC_RETRY) {
3304 3267 (void) poll(NULL, 0, msecs);
3305 3268 msecs *= ALLOC_DELAY_MULT;
3306 3269 goto init_state;
3307 3270 }
3308 3271
3309 3272 uu_die("Insufficient memory.\n");
3310 3273 /* NOTREACHED */
3311 3274
3312 3275 case ECONNABORTED:
3313 3276 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3314 3277 scf_pg_destroy(pg);
3315 3278 startd_free(restarter_fmri, max_scf_value_size);
3316 3279 return (ECONNABORTED);
3317 3280
3318 3281 case ENOENT:
3319 3282 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3320 3283 scf_pg_destroy(pg);
3321 3284 startd_free(restarter_fmri, max_scf_value_size);
3322 3285 return (ECANCELED);
3323 3286
3324 3287 case EPERM:
3325 3288 case EACCES:
3326 3289 case EROFS:
3327 3290 log_error(LOG_NOTICE, "Could not initialize state for "
3328 3291 "%s: %s.\n", idata.i_fmri, strerror(err));
3329 3292 break;
3330 3293
3331 3294 case EINVAL:
3332 3295 default:
3333 3296 bad_error("_restarter_commit_states", err);
3334 3297 }
3335 3298
3336 3299 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3337 3300 }
3338 3301
3339 3302 scf_pg_destroy(pg);
3340 3303
3341 3304 if (milestone != NULL) {
3342 3305 /*
3343 3306 * Make sure the enable-override is set properly before we
3344 3307 * read whether we should be enabled.
3345 3308 */
3346 3309 if (milestone == MILESTONE_NONE ||
3347 3310 !(v->gv_flags & GV_INSUBGRAPH)) {
3348 3311 /*
3349 3312 * This might seem unjustified after the milestone
3350 3313 * transition has completed (non_subgraph_svcs == 0),
3351 3314 * but it's important because when we boot to
3352 3315 * a milestone, we set the milestone before populating
3353 3316 * the graph, and all of the new non-subgraph services
3354 3317 * need to be disabled here.
3355 3318 */
3356 3319 switch (err = libscf_set_enable_ovr(inst, 0)) {
3357 3320 case 0:
3358 3321 break;
3359 3322
3360 3323 case ECONNABORTED:
3361 3324 case ECANCELED:
3362 3325 startd_free(restarter_fmri, max_scf_value_size);
3363 3326 return (err);
3364 3327
3365 3328 case EROFS:
3366 3329 log_error(LOG_WARNING,
3367 3330 "Could not set %s/%s for %s: %s.\n",
3368 3331 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
3369 3332 v->gv_name, strerror(err));
3370 3333 break;
3371 3334
3372 3335 case EPERM:
3373 3336 uu_die("Permission denied.\n");
3374 3337 /* NOTREACHED */
3375 3338
3376 3339 default:
3377 3340 bad_error("libscf_set_enable_ovr", err);
3378 3341 }
3379 3342 } else {
3380 3343 assert(v->gv_flags & GV_INSUBGRAPH);
3381 3344 switch (err = libscf_delete_enable_ovr(inst)) {
3382 3345 case 0:
3383 3346 break;
3384 3347
3385 3348 case ECONNABORTED:
3386 3349 case ECANCELED:
3387 3350 startd_free(restarter_fmri, max_scf_value_size);
3388 3351 return (err);
3389 3352
3390 3353 case EPERM:
3391 3354 uu_die("Permission denied.\n");
3392 3355 /* NOTREACHED */
3393 3356
3394 3357 default:
3395 3358 bad_error("libscf_delete_enable_ovr", err);
3396 3359 }
3397 3360 }
3398 3361 }
3399 3362
3400 3363 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
3401 3364 &enabled_ovr, &restarter_fmri);
3402 3365 switch (err) {
3403 3366 case 0:
3404 3367 break;
3405 3368
3406 3369 case ECONNABORTED:
3407 3370 case ECANCELED:
3408 3371 startd_free(restarter_fmri, max_scf_value_size);
3409 3372 return (err);
3410 3373
3411 3374 case ENOENT:
3412 3375 log_framework(LOG_DEBUG,
3413 3376 "Ignoring %s because it has no general property group.\n",
3414 3377 v->gv_name);
3415 3378 startd_free(restarter_fmri, max_scf_value_size);
3416 3379 return (0);
3417 3380
3418 3381 default:
3419 3382 bad_error("libscf_get_basic_instance_data", err);
3420 3383 }
3421 3384
3422 3385 if ((tset = libscf_get_stn_tset(inst)) == -1) {
3423 3386 log_framework(LOG_WARNING,
3424 3387 "Failed to get notification parameters for %s: %s\n",
3425 3388 v->gv_name, scf_strerror(scf_error()));
3426 3389 v->gv_stn_tset = 0;
3427 3390 } else {
3428 3391 v->gv_stn_tset = tset;
3429 3392 }
3430 3393 if (strcmp(v->gv_name, SCF_INSTANCE_GLOBAL) == 0)
3431 3394 stn_global = v->gv_stn_tset;
3432 3395
3433 3396 if (enabled == -1) {
3434 3397 startd_free(restarter_fmri, max_scf_value_size);
3435 3398 return (0);
3436 3399 }
3437 3400
3438 3401 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
3439 3402 (enabled ? GV_ENBLD_NOOVR : 0);
3440 3403
3441 3404 if (enabled_ovr != -1)
3442 3405 enabled = enabled_ovr;
3443 3406
3444 3407 v->gv_state = RESTARTER_STATE_UNINIT;
3445 3408
3446 3409 snap = libscf_get_or_make_running_snapshot(inst, v->gv_name, B_TRUE);
3447 3410 scf_snapshot_destroy(snap);
3448 3411
3449 3412 /* Set up the restarter. (Sends _ADD_INSTANCE on success.) */
3450 3413 err = graph_change_restarter(v, restarter_fmri, h, &path);
3451 3414 if (err != 0) {
3452 3415 instance_data_t idata;
3453 3416 uint_t count = 0, msecs = ALLOC_DELAY;
3454 3417 restarter_str_t reason;
3455 3418
3456 3419 if (err == ECONNABORTED) {
3457 3420 startd_free(restarter_fmri, max_scf_value_size);
3458 3421 return (err);
3459 3422 }
3460 3423
3461 3424 assert(err == EINVAL || err == ELOOP);
3462 3425
3463 3426 if (err == EINVAL) {
3464 3427 log_framework(LOG_ERR, emsg_invalid_restarter,
3465 3428 v->gv_name, restarter_fmri);
3466 3429 reason = restarter_str_invalid_restarter;
3467 3430 } else {
3468 3431 handle_cycle(v->gv_name, path);
3469 3432 reason = restarter_str_dependency_cycle;
3470 3433 }
3471 3434
3472 3435 startd_free(restarter_fmri, max_scf_value_size);
3473 3436
3474 3437 /*
3475 3438 * We didn't register the instance with the restarter, so we
3476 3439 * must set maintenance mode ourselves.
3477 3440 */
3478 3441 err = libscf_instance_get_fmri(inst, (char **)&idata.i_fmri);
3479 3442 if (err != 0) {
3480 3443 assert(err == ECONNABORTED || err == ECANCELED);
3481 3444 return (err);
3482 3445 }
3483 3446
3484 3447 idata.i_state = RESTARTER_STATE_NONE;
3485 3448 idata.i_next_state = RESTARTER_STATE_NONE;
3486 3449
3487 3450 set_maint:
3488 3451 switch (err = _restarter_commit_states(h, &idata,
3489 3452 RESTARTER_STATE_MAINT, RESTARTER_STATE_NONE,
3490 3453 restarter_get_str_short(reason))) {
3491 3454 case 0:
3492 3455 break;
3493 3456
3494 3457 case ENOMEM:
3495 3458 ++count;
3496 3459 if (count < ALLOC_RETRY) {
3497 3460 (void) poll(NULL, 0, msecs);
3498 3461 msecs *= ALLOC_DELAY_MULT;
3499 3462 goto set_maint;
3500 3463 }
3501 3464
3502 3465 uu_die("Insufficient memory.\n");
3503 3466 /* NOTREACHED */
3504 3467
3505 3468 case ECONNABORTED:
3506 3469 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3507 3470 return (ECONNABORTED);
3508 3471
3509 3472 case ENOENT:
3510 3473 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3511 3474 return (ECANCELED);
3512 3475
3513 3476 case EPERM:
3514 3477 case EACCES:
3515 3478 case EROFS:
3516 3479 log_error(LOG_NOTICE, "Could not initialize state for "
3517 3480 "%s: %s.\n", idata.i_fmri, strerror(err));
3518 3481 break;
3519 3482
3520 3483 case EINVAL:
3521 3484 default:
3522 3485 bad_error("_restarter_commit_states", err);
3523 3486 }
3524 3487
3525 3488 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3526 3489
3527 3490 v->gv_state = RESTARTER_STATE_MAINT;
3528 3491
3529 3492 goto out;
3530 3493 }
3531 3494 startd_free(restarter_fmri, max_scf_value_size);
3532 3495
3533 3496 /* Add all the other dependencies. */
3534 3497 err = refresh_vertex(v, inst);
3535 3498 if (err != 0) {
3536 3499 assert(err == ECONNABORTED);
3537 3500 return (err);
3538 3501 }
3539 3502
3540 3503 out:
3541 3504 v->gv_flags |= GV_CONFIGURED;
3542 3505
3543 3506 graph_enable_by_vertex(v, enabled, 0);
3544 3507
3545 3508 return (0);
3546 3509 }
3547 3510
3548 3511
3549 3512 static void
3550 3513 kill_user_procs(void)
3551 3514 {
3552 3515 (void) fputs("svc.startd: Killing user processes.\n", stdout);
3553 3516
3554 3517 /*
3555 3518 * Despite its name, killall's role is to get select user processes--
3556 3519 * basically those representing terminal-based logins-- to die. Victims
3557 3520 * are located by killall in the utmp database. Since these are most
3558 3521 * often shell based logins, and many shells mask SIGTERM (but are
3559 3522 * responsive to SIGHUP) we first HUP and then shortly thereafter
3560 3523 * kill -9.
3561 3524 */
3562 3525 (void) fork_with_timeout("/usr/sbin/killall HUP", 1, 5);
3563 3526 (void) fork_with_timeout("/usr/sbin/killall KILL", 1, 5);
3564 3527
3565 3528 /*
3566 3529 * Note the selection of user id's 0, 1 and 15, subsequently
3567 3530 * inverted by -v. 15 is reserved for dladmd. Yes, this is a
3568 3531 * kludge-- a better policy is needed.
3569 3532 *
3570 3533 * Note that fork_with_timeout will only wait out the 1 second
3571 3534 * "grace time" if pkill actually returns 0. So if there are
3572 3535 * no matches, this will run to completion much more quickly.
3573 3536 */
3574 3537 (void) fork_with_timeout("/usr/bin/pkill -TERM -v -u 0,1,15", 1, 5);
3575 3538 (void) fork_with_timeout("/usr/bin/pkill -KILL -v -u 0,1,15", 1, 5);
3576 3539 }
3577 3540
3578 3541 static void
3579 3542 do_uadmin(void)
3580 3543 {
3581 3544 const char * const resetting = "/etc/svc/volatile/resetting";
3582 3545 int fd;
3583 3546 struct statvfs vfs;
3584 3547 time_t now;
3585 3548 struct tm nowtm;
3586 3549 char down_buf[256], time_buf[256];
3587 3550 uintptr_t mdep;
3588 3551 #if defined(__i386)
3589 3552 grub_boot_args_t fbarg;
3590 3553 #endif /* __i386 */
3591 3554
3592 3555 mdep = NULL;
3593 3556 fd = creat(resetting, 0777);
3594 3557 if (fd >= 0)
3595 3558 startd_close(fd);
3596 3559 else
3597 3560 uu_warn("Could not create \"%s\"", resetting);
3598 3561
3599 3562 /* Kill dhcpagent if we're not using nfs for root */
3600 3563 if ((statvfs("/", &vfs) == 0) &&
3601 3564 (strncmp(vfs.f_basetype, "nfs", sizeof ("nfs") - 1) != 0))
3602 3565 fork_with_timeout("/usr/bin/pkill -x -u 0 dhcpagent", 0, 5);
3603 3566
3604 3567 /*
3605 3568 * Call sync(2) now, before we kill off user processes. This takes
3606 3569 * advantage of the several seconds of pause we have before the
3607 3570 * killalls are done. Time we can make good use of to get pages
3608 3571 * moving out to disk.
3609 3572 *
3610 3573 * Inside non-global zones, we don't bother, and it's better not to
3611 3574 * anyway, since sync(2) can have system-wide impact.
3612 3575 */
3613 3576 if (getzoneid() == 0)
3614 3577 sync();
3615 3578
3616 3579 kill_user_procs();
3617 3580
3618 3581 /*
3619 3582 * Note that this must come after the killing of user procs, since
3620 3583 * killall relies on utmpx, and this command affects the contents of
3621 3584 * said file.
3622 3585 */
3623 3586 if (access("/usr/lib/acct/closewtmp", X_OK) == 0)
3624 3587 fork_with_timeout("/usr/lib/acct/closewtmp", 0, 5);
3625 3588
3626 3589 /*
3627 3590 * For patches which may be installed as the system is shutting
3628 3591 * down, we need to ensure, one more time, that the boot archive
3629 3592 * really is up to date.
3630 3593 */
3631 3594 if (getzoneid() == 0 && access("/usr/sbin/bootadm", X_OK) == 0)
3632 3595 fork_with_timeout("/usr/sbin/bootadm -ea update_all", 0, 3600);
3633 3596
3634 3597 /*
3635 3598 * Right now, fast reboot is supported only on i386.
3636 3599 * scf_is_fastboot_default() should take care of it.
3637 3600 * If somehow we got there on unsupported platform -
3638 3601 * print warning and fall back to regular reboot.
3639 3602 */
3640 3603 if (halting == AD_FASTREBOOT) {
3641 3604 #if defined(__i386)
3642 3605 int rc;
3643 3606
3644 3607 if ((rc = grub_get_boot_args(&fbarg, NULL,
3645 3608 GRUB_ENTRY_DEFAULT)) == 0) {
3646 3609 mdep = (uintptr_t)&fbarg.gba_bootargs;
3647 3610 } else {
3648 3611 /*
3649 3612 * Failed to read GRUB menu, fall back to normal reboot
3650 3613 */
3651 3614 halting = AD_BOOT;
3652 3615 uu_warn("Failed to process GRUB menu entry "
3653 3616 "for fast reboot.\n\t%s\n"
3654 3617 "Falling back to regular reboot.\n",
3655 3618 grub_strerror(rc));
3656 3619 }
3657 3620 #else /* __i386 */
3658 3621 halting = AD_BOOT;
3659 3622 uu_warn("Fast reboot configured, but not supported by "
3660 3623 "this ISA\n");
3661 3624 #endif /* __i386 */
3662 3625 }
3663 3626
3664 3627 fork_with_timeout("/sbin/umountall -l", 0, 5);
3665 3628 fork_with_timeout("/sbin/umount /tmp /var/adm /var/run /var "
3666 3629 ">/dev/null 2>&1", 0, 5);
3667 3630
3668 3631 /*
3669 3632 * Try to get to consistency for whatever UFS filesystems are left.
3670 3633 * This is pretty expensive, so we save it for the end in the hopes of
3671 3634 * minimizing what it must do. The other option would be to start in
3672 3635 * parallel with the killall's, but lockfs tends to throw out much more
3673 3636 * than is needed, and so subsequent commands (like umountall) take a
3674 3637 * long time to get going again.
3675 3638 *
3676 3639 * Inside of zones, we don't bother, since we're not about to terminate
3677 3640 * the whole OS instance.
3678 3641 *
3679 3642 * On systems using only ZFS, this call to lockfs -fa is a no-op.
3680 3643 */
3681 3644 if (getzoneid() == 0) {
3682 3645 if (access("/usr/sbin/lockfs", X_OK) == 0)
3683 3646 fork_with_timeout("/usr/sbin/lockfs -fa", 0, 30);
3684 3647
3685 3648 sync(); /* once more, with feeling */
3686 3649 }
3687 3650
3688 3651 fork_with_timeout("/sbin/umount /usr >/dev/null 2>&1", 0, 5);
3689 3652
3690 3653 /*
3691 3654 * Construct and emit the last words from userland:
3692 3655 * "<timestamp> The system is down. Shutdown took <N> seconds."
3693 3656 *
3694 3657 * Normally we'd use syslog, but with /var and other things
3695 3658 * potentially gone, try to minimize the external dependencies.
3696 3659 */
3697 3660 now = time(NULL);
3698 3661 (void) localtime_r(&now, &nowtm);
3699 3662
3700 3663 if (strftime(down_buf, sizeof (down_buf),
3701 3664 "%b %e %T The system is down.", &nowtm) == 0) {
3702 3665 (void) strlcpy(down_buf, "The system is down.",
3703 3666 sizeof (down_buf));
3704 3667 }
3705 3668
3706 3669 if (halting_time != 0 && halting_time <= now) {
3707 3670 (void) snprintf(time_buf, sizeof (time_buf),
3708 3671 " Shutdown took %lu seconds.", now - halting_time);
3709 3672 } else {
3710 3673 time_buf[0] = '\0';
3711 3674 }
3712 3675 (void) printf("%s%s\n", down_buf, time_buf);
3713 3676
3714 3677 (void) uadmin(A_SHUTDOWN, halting, mdep);
3715 3678 uu_warn("uadmin() failed");
3716 3679
3717 3680 #if defined(__i386)
3718 3681 /* uadmin fail, cleanup grub_boot_args */
3719 3682 if (halting == AD_FASTREBOOT)
3720 3683 grub_cleanup_boot_args(&fbarg);
3721 3684 #endif /* __i386 */
3722 3685
3723 3686 if (remove(resetting) != 0 && errno != ENOENT)
3724 3687 uu_warn("Could not remove \"%s\"", resetting);
3725 3688 }
3726 3689
3727 3690 /*
3728 3691 * If any of the up_svcs[] are online or satisfiable, return true. If they are
3729 3692 * all missing, disabled, in maintenance, or unsatisfiable, return false.
3730 3693 */
3731 3694 boolean_t
3732 3695 can_come_up(void)
3733 3696 {
3734 3697 int i;
3735 3698
3736 3699 assert(MUTEX_HELD(&dgraph_lock));
3737 3700
3738 3701 /*
3739 3702 * If we are booting to single user (boot -s),
3740 3703 * SCF_MILESTONE_SINGLE_USER is needed to come up because startd
3741 3704 * spawns sulogin after single-user is online (see specials.c).
3742 3705 */
3743 3706 i = (booting_to_single_user ? 0 : 1);
3744 3707
3745 3708 for (; up_svcs[i] != NULL; ++i) {
3746 3709 if (up_svcs_p[i] == NULL) {
3747 3710 up_svcs_p[i] = vertex_get_by_name(up_svcs[i]);
3748 3711
3749 3712 if (up_svcs_p[i] == NULL)
3750 3713 continue;
3751 3714 }
3752 3715
3753 3716 /*
3754 3717 * Ignore unconfigured services (the ones that have been
3755 3718 * mentioned in a dependency from other services, but do
3756 3719 * not exist in the repository). Services which exist
3757 3720 * in the repository but don't have general/enabled
3758 3721 * property will be also ignored.
3759 3722 */
3760 3723 if (!(up_svcs_p[i]->gv_flags & GV_CONFIGURED))
3761 3724 continue;
3762 3725
3763 3726 switch (up_svcs_p[i]->gv_state) {
3764 3727 case RESTARTER_STATE_ONLINE:
3765 3728 case RESTARTER_STATE_DEGRADED:
3766 3729 /*
3767 3730 * Deactivate verbose boot once a login service has been
3768 3731 * reached.
3769 3732 */
3770 3733 st->st_log_login_reached = 1;
3771 3734 /*FALLTHROUGH*/
3772 3735 case RESTARTER_STATE_UNINIT:
3773 3736 return (B_TRUE);
3774 3737
3775 3738 case RESTARTER_STATE_OFFLINE:
3776 3739 if (instance_satisfied(up_svcs_p[i], B_TRUE) != -1)
3777 3740 return (B_TRUE);
3778 3741 log_framework(LOG_DEBUG,
3779 3742 "can_come_up(): %s is unsatisfiable.\n",
3780 3743 up_svcs_p[i]->gv_name);
3781 3744 continue;
3782 3745
3783 3746 case RESTARTER_STATE_DISABLED:
3784 3747 case RESTARTER_STATE_MAINT:
3785 3748 log_framework(LOG_DEBUG,
3786 3749 "can_come_up(): %s is in state %s.\n",
3787 3750 up_svcs_p[i]->gv_name,
3788 3751 instance_state_str[up_svcs_p[i]->gv_state]);
3789 3752 continue;
3790 3753
3791 3754 default:
3792 3755 #ifndef NDEBUG
3793 3756 uu_warn("%s:%d: Unexpected vertex state %d.\n",
3794 3757 __FILE__, __LINE__, up_svcs_p[i]->gv_state);
3795 3758 #endif
3796 3759 abort();
3797 3760 }
3798 3761 }
3799 3762
3800 3763 /*
3801 3764 * In the seed repository, console-login is unsatisfiable because
3802 3765 * services are missing. To behave correctly in that case we don't want
3803 3766 * to return false until manifest-import is online.
3804 3767 */
3805 3768
3806 3769 if (manifest_import_p == NULL) {
3807 3770 manifest_import_p = vertex_get_by_name(manifest_import);
3808 3771
3809 3772 if (manifest_import_p == NULL)
3810 3773 return (B_FALSE);
3811 3774 }
3812 3775
3813 3776 switch (manifest_import_p->gv_state) {
3814 3777 case RESTARTER_STATE_ONLINE:
3815 3778 case RESTARTER_STATE_DEGRADED:
3816 3779 case RESTARTER_STATE_DISABLED:
3817 3780 case RESTARTER_STATE_MAINT:
3818 3781 break;
3819 3782
3820 3783 case RESTARTER_STATE_OFFLINE:
3821 3784 if (instance_satisfied(manifest_import_p, B_TRUE) == -1)
3822 3785 break;
3823 3786 /* FALLTHROUGH */
3824 3787
3825 3788 case RESTARTER_STATE_UNINIT:
3826 3789 return (B_TRUE);
3827 3790 }
3828 3791
3829 3792 return (B_FALSE);
3830 3793 }
3831 3794
3832 3795 /*
3833 3796 * Runs sulogin. Returns
3834 3797 * 0 - success
3835 3798 * EALREADY - sulogin is already running
3836 3799 * EBUSY - console-login is running
3837 3800 */
3838 3801 static int
3839 3802 run_sulogin(const char *msg)
3840 3803 {
3841 3804 graph_vertex_t *v;
3842 3805
3843 3806 assert(MUTEX_HELD(&dgraph_lock));
3844 3807
3845 3808 if (sulogin_running)
3846 3809 return (EALREADY);
3847 3810
3848 3811 v = vertex_get_by_name(console_login_fmri);
3849 3812 if (v != NULL && inst_running(v))
3850 3813 return (EBUSY);
3851 3814
3852 3815 sulogin_running = B_TRUE;
3853 3816
3854 3817 MUTEX_UNLOCK(&dgraph_lock);
3855 3818
3856 3819 fork_sulogin(B_FALSE, msg);
3857 3820
3858 3821 MUTEX_LOCK(&dgraph_lock);
3859 3822
3860 3823 sulogin_running = B_FALSE;
3861 3824
3862 3825 if (console_login_ready) {
3863 3826 v = vertex_get_by_name(console_login_fmri);
3864 3827
3865 3828 if (v != NULL && v->gv_state == RESTARTER_STATE_OFFLINE) {
3866 3829 if (v->gv_start_f == NULL)
3867 3830 vertex_send_event(v,
3868 3831 RESTARTER_EVENT_TYPE_START);
3869 3832 else
3870 3833 v->gv_start_f(v);
3871 3834 }
3872 3835
3873 3836 console_login_ready = B_FALSE;
3874 3837 }
3875 3838
3876 3839 return (0);
3877 3840 }
3878 3841
3879 3842 /*
3880 3843 * The sulogin thread runs sulogin while can_come_up() is false. run_sulogin()
3881 3844 * keeps sulogin from stepping on console-login's toes.
3882 3845 */
3883 3846 /* ARGSUSED */
3884 3847 static void *
3885 3848 sulogin_thread(void *unused)
3886 3849 {
3887 3850 MUTEX_LOCK(&dgraph_lock);
3888 3851
3889 3852 assert(sulogin_thread_running);
3890 3853
3891 3854 do {
3892 3855 (void) run_sulogin("Console login service(s) cannot run\n");
3893 3856 } while (!can_come_up());
3894 3857
3895 3858 sulogin_thread_running = B_FALSE;
3896 3859 MUTEX_UNLOCK(&dgraph_lock);
3897 3860
3898 3861 return (NULL);
3899 3862 }
3900 3863
3901 3864 /* ARGSUSED */
3902 3865 void *
3903 3866 single_user_thread(void *unused)
3904 3867 {
3905 3868 uint_t left;
3906 3869 scf_handle_t *h;
3907 3870 scf_instance_t *inst;
3908 3871 scf_property_t *prop;
3909 3872 scf_value_t *val;
3910 3873 const char *msg;
3911 3874 char *buf;
3912 3875 int r;
3913 3876
3914 3877 MUTEX_LOCK(&single_user_thread_lock);
3915 3878 single_user_thread_count++;
3916 3879
3917 3880 if (!booting_to_single_user)
3918 3881 kill_user_procs();
3919 3882
3920 3883 if (go_single_user_mode || booting_to_single_user) {
3921 3884 msg = "SINGLE USER MODE\n";
3922 3885 } else {
3923 3886 assert(go_to_level1);
3924 3887
3925 3888 fork_rc_script('1', "start", B_TRUE);
3926 3889
3927 3890 uu_warn("The system is ready for administration.\n");
3928 3891
3929 3892 msg = "";
3930 3893 }
3931 3894
3932 3895 MUTEX_UNLOCK(&single_user_thread_lock);
3933 3896
3934 3897 for (;;) {
3935 3898 MUTEX_LOCK(&dgraph_lock);
3936 3899 r = run_sulogin(msg);
3937 3900 MUTEX_UNLOCK(&dgraph_lock);
3938 3901 if (r == 0)
3939 3902 break;
3940 3903
3941 3904 assert(r == EALREADY || r == EBUSY);
3942 3905
3943 3906 left = 3;
3944 3907 while (left > 0)
3945 3908 left = sleep(left);
3946 3909 }
3947 3910
3948 3911 MUTEX_LOCK(&single_user_thread_lock);
3949 3912
3950 3913 /*
3951 3914 * If another single user thread has started, let it finish changing
3952 3915 * the run level.
3953 3916 */
3954 3917 if (single_user_thread_count > 1) {
3955 3918 single_user_thread_count--;
3956 3919 MUTEX_UNLOCK(&single_user_thread_lock);
3957 3920 return (NULL);
3958 3921 }
3959 3922
3960 3923 h = libscf_handle_create_bound_loop();
3961 3924 inst = scf_instance_create(h);
3962 3925 prop = safe_scf_property_create(h);
3963 3926 val = safe_scf_value_create(h);
3964 3927 buf = startd_alloc(max_scf_fmri_size);
3965 3928
3966 3929 lookup:
3967 3930 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
3968 3931 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
3969 3932 switch (scf_error()) {
3970 3933 case SCF_ERROR_NOT_FOUND:
3971 3934 r = libscf_create_self(h);
3972 3935 if (r == 0)
3973 3936 goto lookup;
3974 3937 assert(r == ECONNABORTED);
3975 3938 /* FALLTHROUGH */
3976 3939
3977 3940 case SCF_ERROR_CONNECTION_BROKEN:
3978 3941 libscf_handle_rebind(h);
3979 3942 goto lookup;
3980 3943
3981 3944 case SCF_ERROR_INVALID_ARGUMENT:
3982 3945 case SCF_ERROR_CONSTRAINT_VIOLATED:
3983 3946 case SCF_ERROR_NOT_BOUND:
3984 3947 case SCF_ERROR_HANDLE_MISMATCH:
3985 3948 default:
3986 3949 bad_error("scf_handle_decode_fmri", scf_error());
3987 3950 }
3988 3951 }
3989 3952
3990 3953 MUTEX_LOCK(&dgraph_lock);
3991 3954
3992 3955 r = scf_instance_delete_prop(inst, SCF_PG_OPTIONS_OVR,
3993 3956 SCF_PROPERTY_MILESTONE);
3994 3957 switch (r) {
3995 3958 case 0:
3996 3959 case ECANCELED:
3997 3960 break;
3998 3961
3999 3962 case ECONNABORTED:
4000 3963 MUTEX_UNLOCK(&dgraph_lock);
4001 3964 libscf_handle_rebind(h);
4002 3965 goto lookup;
4003 3966
4004 3967 case EPERM:
4005 3968 case EACCES:
4006 3969 case EROFS:
4007 3970 log_error(LOG_WARNING, "Could not clear temporary milestone: "
4008 3971 "%s.\n", strerror(r));
4009 3972 break;
4010 3973
4011 3974 default:
4012 3975 bad_error("scf_instance_delete_prop", r);
4013 3976 }
4014 3977
4015 3978 MUTEX_UNLOCK(&dgraph_lock);
4016 3979
4017 3980 r = libscf_get_milestone(inst, prop, val, buf, max_scf_fmri_size);
4018 3981 switch (r) {
4019 3982 case ECANCELED:
4020 3983 case ENOENT:
4021 3984 case EINVAL:
4022 3985 (void) strcpy(buf, "all");
4023 3986 /* FALLTHROUGH */
4024 3987
4025 3988 case 0:
4026 3989 uu_warn("Returning to milestone %s.\n", buf);
4027 3990 break;
4028 3991
4029 3992 case ECONNABORTED:
4030 3993 libscf_handle_rebind(h);
4031 3994 goto lookup;
4032 3995
4033 3996 default:
4034 3997 bad_error("libscf_get_milestone", r);
4035 3998 }
4036 3999
4037 4000 r = dgraph_set_milestone(buf, h, B_FALSE);
4038 4001 switch (r) {
4039 4002 case 0:
4040 4003 case ECONNRESET:
4041 4004 case EALREADY:
4042 4005 case EINVAL:
4043 4006 case ENOENT:
4044 4007 break;
4045 4008
4046 4009 default:
4047 4010 bad_error("dgraph_set_milestone", r);
4048 4011 }
4049 4012
4050 4013 /*
4051 4014 * See graph_runlevel_changed().
4052 4015 */
4053 4016 MUTEX_LOCK(&dgraph_lock);
4054 4017 utmpx_set_runlevel(target_milestone_as_runlevel(), 'S', B_TRUE);
4055 4018 MUTEX_UNLOCK(&dgraph_lock);
4056 4019
4057 4020 startd_free(buf, max_scf_fmri_size);
4058 4021 scf_value_destroy(val);
4059 4022 scf_property_destroy(prop);
4060 4023 scf_instance_destroy(inst);
4061 4024 scf_handle_destroy(h);
4062 4025
4063 4026 /*
4064 4027 * We'll give ourselves 3 seconds to respond to all of the enablings
4065 4028 * that setting the milestone should have created before checking
4066 4029 * whether to run sulogin.
4067 4030 */
4068 4031 left = 3;
4069 4032 while (left > 0)
4070 4033 left = sleep(left);
4071 4034
4072 4035 MUTEX_LOCK(&dgraph_lock);
4073 4036 /*
4074 4037 * Clearing these variables will allow the sulogin thread to run. We
4075 4038 * check here in case there aren't any more state updates anytime soon.
4076 4039 */
4077 4040 go_to_level1 = go_single_user_mode = booting_to_single_user = B_FALSE;
4078 4041 if (!sulogin_thread_running && !can_come_up()) {
4079 4042 (void) startd_thread_create(sulogin_thread, NULL);
4080 4043 sulogin_thread_running = B_TRUE;
4081 4044 }
4082 4045 MUTEX_UNLOCK(&dgraph_lock);
4083 4046 single_user_thread_count--;
4084 4047 MUTEX_UNLOCK(&single_user_thread_lock);
4085 4048 return (NULL);
4086 4049 }
4087 4050
4088 4051
4089 4052 /*
4090 4053 * Dependency graph operations API. These are handle-independent thread-safe
4091 4054 * graph manipulation functions which are the entry points for the event
4092 4055 * threads below.
4093 4056 */
4094 4057
4095 4058 /*
4096 4059 * If a configured vertex exists for inst_fmri, return EEXIST. If no vertex
4097 4060 * exists for inst_fmri, add one. Then fetch the restarter from inst, make
4098 4061 * this vertex dependent on it, and send _ADD_INSTANCE to the restarter.
4099 4062 * Fetch whether the instance should be enabled from inst and send _ENABLE or
4100 4063 * _DISABLE as appropriate. Finally rummage through inst's dependency
4101 4064 * property groups and add vertices and edges as appropriate. If anything
4102 4065 * goes wrong after sending _ADD_INSTANCE, send _ADMIN_MAINT_ON to put the
4103 4066 * instance in maintenance. Don't send _START or _STOP until we get a state
4104 4067 * update in case we're being restarted and the service is already running.
4105 4068 *
4106 4069 * To support booting to a milestone, we must also make sure all dependencies
4107 4070 * encountered are configured, if they exist in the repository.
4108 4071 *
4109 4072 * Returns 0 on success, ECONNABORTED on repository disconnection, EINVAL if
4110 4073 * inst_fmri is an invalid (or not canonical) FMRI, ECANCELED if inst is
4111 4074 * deleted, or EEXIST if a configured vertex for inst_fmri already exists.
4112 4075 */
4113 4076 int
4114 4077 dgraph_add_instance(const char *inst_fmri, scf_instance_t *inst,
4115 4078 boolean_t lock_graph)
4116 4079 {
4117 4080 graph_vertex_t *v;
4118 4081 int err;
4119 4082
4120 4083 if (strcmp(inst_fmri, SCF_SERVICE_STARTD) == 0)
4121 4084 return (0);
4122 4085
4123 4086 /* Check for a vertex for inst_fmri. */
4124 4087 if (lock_graph) {
4125 4088 MUTEX_LOCK(&dgraph_lock);
4126 4089 } else {
4127 4090 assert(MUTEX_HELD(&dgraph_lock));
4128 4091 }
4129 4092
4130 4093 v = vertex_get_by_name(inst_fmri);
4131 4094
4132 4095 if (v != NULL) {
4133 4096 assert(v->gv_type == GVT_INST);
4134 4097
4135 4098 if (v->gv_flags & GV_CONFIGURED) {
4136 4099 if (lock_graph)
4137 4100 MUTEX_UNLOCK(&dgraph_lock);
4138 4101 return (EEXIST);
4139 4102 }
4140 4103 } else {
4141 4104 /* Add the vertex. */
4142 4105 err = graph_insert_vertex_unconfigured(inst_fmri, GVT_INST, 0,
4143 4106 RERR_NONE, &v);
4144 4107 if (err != 0) {
4145 4108 assert(err == EINVAL);
4146 4109 if (lock_graph)
4147 4110 MUTEX_UNLOCK(&dgraph_lock);
4148 4111 return (EINVAL);
4149 4112 }
4150 4113 }
4151 4114
4152 4115 err = configure_vertex(v, inst);
4153 4116
4154 4117 if (lock_graph)
4155 4118 MUTEX_UNLOCK(&dgraph_lock);
4156 4119
4157 4120 return (err);
4158 4121 }
4159 4122
4160 4123 /*
4161 4124 * Locate the vertex for this property group's instance. If it doesn't exist
4162 4125 * or is unconfigured, call dgraph_add_instance() & return. Otherwise fetch
4163 4126 * the restarter for the instance, and if it has changed, send
4164 4127 * _REMOVE_INSTANCE to the old restarter, remove the dependency, make sure the
4165 4128 * new restarter has a vertex, add a new dependency, and send _ADD_INSTANCE to
4166 4129 * the new restarter. Then fetch whether the instance should be enabled, and
4167 4130 * if it is different from what we had, or if we changed the restarter, send
4168 4131 * the appropriate _ENABLE or _DISABLE command.
4169 4132 *
4170 4133 * Returns 0 on success, ENOTSUP if the pg's parent is not an instance,
4171 4134 * ECONNABORTED on repository disconnection, ECANCELED if the instance is
4172 4135 * deleted, or -1 if the instance's general property group is deleted or if
4173 4136 * its enabled property is misconfigured.
4174 4137 */
4175 4138 static int
4176 4139 dgraph_update_general(scf_propertygroup_t *pg)
4177 4140 {
4178 4141 scf_handle_t *h;
4179 4142 scf_instance_t *inst;
4180 4143 char *fmri;
4181 4144 char *restarter_fmri;
4182 4145 graph_vertex_t *v;
4183 4146 int err;
4184 4147 int enabled, enabled_ovr;
4185 4148 int oldflags;
4186 4149
4187 4150 /* Find the vertex for this service */
4188 4151 h = scf_pg_handle(pg);
4189 4152
4190 4153 inst = safe_scf_instance_create(h);
4191 4154
4192 4155 if (scf_pg_get_parent_instance(pg, inst) != 0) {
4193 4156 switch (scf_error()) {
4194 4157 case SCF_ERROR_CONSTRAINT_VIOLATED:
4195 4158 return (ENOTSUP);
4196 4159
4197 4160 case SCF_ERROR_CONNECTION_BROKEN:
4198 4161 default:
4199 4162 return (ECONNABORTED);
4200 4163
4201 4164 case SCF_ERROR_DELETED:
4202 4165 return (0);
4203 4166
4204 4167 case SCF_ERROR_NOT_SET:
4205 4168 bad_error("scf_pg_get_parent_instance", scf_error());
4206 4169 }
4207 4170 }
4208 4171
4209 4172 err = libscf_instance_get_fmri(inst, &fmri);
4210 4173 switch (err) {
4211 4174 case 0:
4212 4175 break;
4213 4176
4214 4177 case ECONNABORTED:
4215 4178 scf_instance_destroy(inst);
4216 4179 return (ECONNABORTED);
4217 4180
4218 4181 case ECANCELED:
4219 4182 scf_instance_destroy(inst);
4220 4183 return (0);
4221 4184
4222 4185 default:
4223 4186 bad_error("libscf_instance_get_fmri", err);
4224 4187 }
4225 4188
4226 4189 log_framework(LOG_DEBUG,
4227 4190 "Graph engine: Reloading general properties for %s.\n", fmri);
4228 4191
4229 4192 MUTEX_LOCK(&dgraph_lock);
4230 4193
4231 4194 v = vertex_get_by_name(fmri);
4232 4195 if (v == NULL || !(v->gv_flags & GV_CONFIGURED)) {
4233 4196 /* Will get the up-to-date properties. */
4234 4197 MUTEX_UNLOCK(&dgraph_lock);
4235 4198 err = dgraph_add_instance(fmri, inst, B_TRUE);
4236 4199 startd_free(fmri, max_scf_fmri_size);
4237 4200 scf_instance_destroy(inst);
4238 4201 return (err == ECANCELED ? 0 : err);
4239 4202 }
4240 4203
4241 4204 /* Read enabled & restarter from repository. */
4242 4205 restarter_fmri = startd_alloc(max_scf_value_size);
4243 4206 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
4244 4207 &enabled_ovr, &restarter_fmri);
4245 4208 if (err != 0 || enabled == -1) {
4246 4209 MUTEX_UNLOCK(&dgraph_lock);
4247 4210 scf_instance_destroy(inst);
4248 4211 startd_free(fmri, max_scf_fmri_size);
4249 4212
4250 4213 switch (err) {
4251 4214 case ENOENT:
4252 4215 case 0:
4253 4216 startd_free(restarter_fmri, max_scf_value_size);
4254 4217 return (-1);
4255 4218
4256 4219 case ECONNABORTED:
4257 4220 case ECANCELED:
4258 4221 startd_free(restarter_fmri, max_scf_value_size);
4259 4222 return (err);
4260 4223
4261 4224 default:
4262 4225 bad_error("libscf_get_basic_instance_data", err);
4263 4226 }
4264 4227 }
4265 4228
4266 4229 oldflags = v->gv_flags;
4267 4230 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
4268 4231 (enabled ? GV_ENBLD_NOOVR : 0);
4269 4232
4270 4233 if (enabled_ovr != -1)
4271 4234 enabled = enabled_ovr;
4272 4235
4273 4236 /*
4274 4237 * If GV_ENBLD_NOOVR has changed, then we need to re-evaluate the
4275 4238 * subgraph.
4276 4239 */
4277 4240 if (milestone > MILESTONE_NONE && v->gv_flags != oldflags)
4278 4241 (void) eval_subgraph(v, h);
4279 4242
4280 4243 scf_instance_destroy(inst);
4281 4244
4282 4245 /* Ignore restarter change for now. */
4283 4246
4284 4247 startd_free(restarter_fmri, max_scf_value_size);
4285 4248 startd_free(fmri, max_scf_fmri_size);
4286 4249
4287 4250 /*
4288 4251 * Always send _ENABLE or _DISABLE. We could avoid this if the
4289 4252 * restarter didn't change and the enabled value didn't change, but
4290 4253 * that's not easy to check and improbable anyway, so we'll just do
4291 4254 * this.
4292 4255 */
4293 4256 graph_enable_by_vertex(v, enabled, 1);
4294 4257
4295 4258 MUTEX_UNLOCK(&dgraph_lock);
4296 4259
4297 4260 return (0);
4298 4261 }
4299 4262
4300 4263 /*
4301 4264 * Delete all of the property group dependencies of v, update inst's running
4302 4265 * snapshot, and add the dependencies in the new snapshot. If any of the new
4303 4266 * dependencies would create a cycle, send _ADMIN_MAINT_ON. Otherwise
4304 4267 * reevaluate v's dependencies, send _START or _STOP as appropriate, and do
4305 4268 * the same for v's dependents.
4306 4269 *
4307 4270 * Returns
4308 4271 * 0 - success
4309 4272 * ECONNABORTED - repository connection broken
4310 4273 * ECANCELED - inst was deleted
4311 4274 * EINVAL - inst is invalid (e.g., missing general/enabled)
4312 4275 * -1 - libscf_snapshots_refresh() failed
4313 4276 */
4314 4277 static int
4315 4278 dgraph_refresh_instance(graph_vertex_t *v, scf_instance_t *inst)
4316 4279 {
4317 4280 int r;
4318 4281 int enabled;
4319 4282 int32_t tset;
4320 4283
4321 4284 assert(MUTEX_HELD(&dgraph_lock));
4322 4285 assert(v->gv_type == GVT_INST);
4323 4286
4324 4287 /* Only refresh services with valid general/enabled properties. */
4325 4288 r = libscf_get_basic_instance_data(scf_instance_handle(inst), inst,
4326 4289 v->gv_name, &enabled, NULL, NULL);
4327 4290 switch (r) {
4328 4291 case 0:
4329 4292 break;
4330 4293
4331 4294 case ECONNABORTED:
4332 4295 case ECANCELED:
4333 4296 return (r);
4334 4297
4335 4298 case ENOENT:
4336 4299 log_framework(LOG_DEBUG,
4337 4300 "Ignoring %s because it has no general property group.\n",
4338 4301 v->gv_name);
4339 4302 return (EINVAL);
4340 4303
4341 4304 default:
4342 4305 bad_error("libscf_get_basic_instance_data", r);
4343 4306 }
4344 4307
4345 4308 if ((tset = libscf_get_stn_tset(inst)) == -1) {
4346 4309 log_framework(LOG_WARNING,
4347 4310 "Failed to get notification parameters for %s: %s\n",
4348 4311 v->gv_name, scf_strerror(scf_error()));
4349 4312 tset = 0;
4350 4313 }
4351 4314 v->gv_stn_tset = tset;
4352 4315 if (strcmp(v->gv_name, SCF_INSTANCE_GLOBAL) == 0)
4353 4316 stn_global = tset;
4354 4317
4355 4318 if (enabled == -1)
4356 4319 return (EINVAL);
4357 4320
4358 4321 r = libscf_snapshots_refresh(inst, v->gv_name);
4359 4322 if (r != 0) {
4360 4323 if (r != -1)
4361 4324 bad_error("libscf_snapshots_refresh", r);
4362 4325
4363 4326 /* error logged */
4364 4327 return (r);
4365 4328 }
4366 4329
4367 4330 r = refresh_vertex(v, inst);
4368 4331 if (r != 0 && r != ECONNABORTED)
4369 4332 bad_error("refresh_vertex", r);
4370 4333 return (r);
4371 4334 }
4372 4335
4373 4336 /*
4374 4337 * Returns true only if none of this service's dependents are 'up' -- online
4375 4338 * or degraded (offline is considered down in this situation). This function
4376 4339 * is somehow similar to is_nonsubgraph_leaf() but works on subtrees.
4377 4340 */
4378 4341 static boolean_t
4379 4342 insubtree_dependents_down(graph_vertex_t *v)
4380 4343 {
4381 4344 graph_vertex_t *vv;
4382 4345 graph_edge_t *e;
4383 4346
4384 4347 assert(MUTEX_HELD(&dgraph_lock));
4385 4348
4386 4349 for (e = uu_list_first(v->gv_dependents); e != NULL;
4387 4350 e = uu_list_next(v->gv_dependents, e)) {
4388 4351 vv = e->ge_vertex;
4389 4352 if (vv->gv_type == GVT_INST) {
4390 4353 if ((vv->gv_flags & GV_CONFIGURED) == 0)
|
↓ open down ↓ |
2544 lines elided |
↑ open up ↑ |
4391 4354 continue;
4392 4355
4393 4356 if ((vv->gv_flags & GV_TOOFFLINE) == 0)
4394 4357 continue;
4395 4358
4396 4359 if ((vv->gv_state == RESTARTER_STATE_ONLINE) ||
4397 4360 (vv->gv_state == RESTARTER_STATE_DEGRADED))
4398 4361 return (B_FALSE);
4399 4362 } else {
4400 4363 /*
4401 - * Skip all excluded and optional_all dependencies
4402 - * and decide whether to offline the service based
4403 - * on restart_on attribute.
4364 + * Skip all excluded dependents and decide whether
4365 + * to offline the service based on the restart_on
4366 + * on attribute.
4404 4367 */
4405 4368 if (is_depgrp_bypassed(vv))
4406 4369 continue;
4407 4370
4408 4371 /*
4409 4372 * For dependency groups or service vertices, keep
4410 4373 * traversing to see if instances are running.
4411 4374 */
4412 4375 if (insubtree_dependents_down(vv) == B_FALSE)
4413 4376 return (B_FALSE);
4414 4377 }
4415 4378 }
4416 4379
4417 4380 return (B_TRUE);
4418 4381 }
4419 4382
4420 4383 /*
4421 4384 * Returns true only if none of this service's dependents are 'up' -- online,
4422 4385 * degraded, or offline.
4423 4386 */
4424 4387 static int
4425 4388 is_nonsubgraph_leaf(graph_vertex_t *v)
4426 4389 {
4427 4390 graph_vertex_t *vv;
4428 4391 graph_edge_t *e;
4429 4392
4430 4393 assert(MUTEX_HELD(&dgraph_lock));
4431 4394
4432 4395 for (e = uu_list_first(v->gv_dependents);
4433 4396 e != NULL;
4434 4397 e = uu_list_next(v->gv_dependents, e)) {
4435 4398
4436 4399 vv = e->ge_vertex;
4437 4400 if (vv->gv_type == GVT_INST) {
4438 4401 if ((vv->gv_flags & GV_CONFIGURED) == 0)
4439 4402 continue;
4440 4403
4441 4404 if (vv->gv_flags & GV_INSUBGRAPH)
4442 4405 continue;
4443 4406
4444 4407 if (up_state(vv->gv_state))
4445 4408 return (0);
4446 4409 } else {
4447 4410 /*
4448 4411 * For dependency group or service vertices, keep
4449 4412 * traversing to see if instances are running.
4450 4413 *
4451 4414 * We should skip exclude_all dependencies otherwise
4452 4415 * the vertex will never be considered as a leaf
4453 4416 * if the dependent is offline. The main reason for
4454 4417 * this is that disable_nonsubgraph_leaves() skips
4455 4418 * exclusion dependencies.
4456 4419 */
4457 4420 if (vv->gv_type == GVT_GROUP &&
4458 4421 vv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4459 4422 continue;
4460 4423
4461 4424 if (!is_nonsubgraph_leaf(vv))
4462 4425 return (0);
4463 4426 }
4464 4427 }
4465 4428
4466 4429 return (1);
4467 4430 }
4468 4431
4469 4432 /*
4470 4433 * Disable v temporarily. Attempt to do this by setting its enabled override
4471 4434 * property in the repository. If that fails, send a _DISABLE command.
4472 4435 * Returns 0 on success and ECONNABORTED if the repository connection is
4473 4436 * broken.
4474 4437 */
4475 4438 static int
4476 4439 disable_service_temporarily(graph_vertex_t *v, scf_handle_t *h)
4477 4440 {
4478 4441 const char * const emsg = "Could not temporarily disable %s because "
4479 4442 "%s. Will stop service anyways. Repository status for the "
4480 4443 "service may be inaccurate.\n";
4481 4444 const char * const emsg_cbroken =
4482 4445 "the repository connection was broken";
4483 4446
4484 4447 scf_instance_t *inst;
4485 4448 int r;
4486 4449
4487 4450 inst = scf_instance_create(h);
4488 4451 if (inst == NULL) {
4489 4452 char buf[100];
4490 4453
4491 4454 (void) snprintf(buf, sizeof (buf),
4492 4455 "scf_instance_create() failed (%s)",
4493 4456 scf_strerror(scf_error()));
4494 4457 log_error(LOG_WARNING, emsg, v->gv_name, buf);
4495 4458
4496 4459 graph_enable_by_vertex(v, 0, 0);
4497 4460 return (0);
4498 4461 }
4499 4462
4500 4463 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
4501 4464 NULL, NULL, SCF_DECODE_FMRI_EXACT);
4502 4465 if (r != 0) {
4503 4466 switch (scf_error()) {
4504 4467 case SCF_ERROR_CONNECTION_BROKEN:
4505 4468 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4506 4469 graph_enable_by_vertex(v, 0, 0);
4507 4470 return (ECONNABORTED);
4508 4471
4509 4472 case SCF_ERROR_NOT_FOUND:
4510 4473 return (0);
4511 4474
4512 4475 case SCF_ERROR_HANDLE_MISMATCH:
4513 4476 case SCF_ERROR_INVALID_ARGUMENT:
4514 4477 case SCF_ERROR_CONSTRAINT_VIOLATED:
4515 4478 case SCF_ERROR_NOT_BOUND:
4516 4479 default:
4517 4480 bad_error("scf_handle_decode_fmri",
4518 4481 scf_error());
4519 4482 }
4520 4483 }
4521 4484
4522 4485 r = libscf_set_enable_ovr(inst, 0);
4523 4486 switch (r) {
4524 4487 case 0:
4525 4488 scf_instance_destroy(inst);
4526 4489 return (0);
4527 4490
4528 4491 case ECANCELED:
4529 4492 scf_instance_destroy(inst);
4530 4493 return (0);
4531 4494
4532 4495 case ECONNABORTED:
4533 4496 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4534 4497 graph_enable_by_vertex(v, 0, 0);
4535 4498 return (ECONNABORTED);
4536 4499
4537 4500 case EPERM:
4538 4501 log_error(LOG_WARNING, emsg, v->gv_name,
4539 4502 "the repository denied permission");
4540 4503 graph_enable_by_vertex(v, 0, 0);
4541 4504 return (0);
4542 4505
4543 4506 case EROFS:
4544 4507 log_error(LOG_WARNING, emsg, v->gv_name,
4545 4508 "the repository is read-only");
4546 4509 graph_enable_by_vertex(v, 0, 0);
4547 4510 return (0);
4548 4511
4549 4512 default:
4550 4513 bad_error("libscf_set_enable_ovr", r);
4551 4514 /* NOTREACHED */
4552 4515 }
4553 4516 }
4554 4517
4555 4518 /*
4556 4519 * Of the transitive instance dependencies of v, offline those which are
4557 4520 * in the subtree and which are leaves (i.e., have no dependents which are
4558 4521 * "up").
4559 4522 */
4560 4523 void
4561 4524 offline_subtree_leaves(graph_vertex_t *v, void *arg)
4562 4525 {
4563 4526 assert(MUTEX_HELD(&dgraph_lock));
4564 4527
4565 4528 /* If v isn't an instance, recurse on its dependencies. */
4566 4529 if (v->gv_type != GVT_INST) {
4567 4530 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4568 4531 return;
4569 4532 }
4570 4533
4571 4534 /*
4572 4535 * If v is not in the subtree, so should all of its dependencies,
4573 4536 * so do nothing.
4574 4537 */
4575 4538 if ((v->gv_flags & GV_TOOFFLINE) == 0)
4576 4539 return;
4577 4540
4578 4541 /* If v isn't a leaf because it's already down, recurse. */
4579 4542 if (!up_state(v->gv_state)) {
4580 4543 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4581 4544 return;
4582 4545 }
4583 4546
4584 4547 /* if v is a leaf, offline it or disable it if it's the last one */
4585 4548 if (insubtree_dependents_down(v) == B_TRUE) {
4586 4549 if (v->gv_flags & GV_TODISABLE)
4587 4550 vertex_send_event(v,
4588 4551 RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
4589 4552 else
4590 4553 offline_vertex(v);
4591 4554 }
4592 4555 }
4593 4556
4594 4557 void
4595 4558 graph_offline_subtree_leaves(graph_vertex_t *v, void *h)
4596 4559 {
4597 4560 graph_walk_dependencies(v, offline_subtree_leaves, (void *)h);
4598 4561 }
4599 4562
4600 4563
4601 4564 /*
4602 4565 * Of the transitive instance dependencies of v, disable those which are not
4603 4566 * in the subgraph and which are leaves (i.e., have no dependents which are
4604 4567 * "up").
4605 4568 */
4606 4569 static void
4607 4570 disable_nonsubgraph_leaves(graph_vertex_t *v, void *arg)
4608 4571 {
4609 4572 assert(MUTEX_HELD(&dgraph_lock));
4610 4573
4611 4574 /*
4612 4575 * We must skip exclusion dependencies because they are allowed to
4613 4576 * complete dependency cycles. This is correct because A's exclusion
4614 4577 * dependency on B doesn't bear on the order in which they should be
4615 4578 * stopped. Indeed, the exclusion dependency should guarantee that
4616 4579 * they are never online at the same time.
4617 4580 */
4618 4581 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4619 4582 return;
4620 4583
4621 4584 /* If v isn't an instance, recurse on its dependencies. */
4622 4585 if (v->gv_type != GVT_INST)
4623 4586 goto recurse;
4624 4587
4625 4588 if ((v->gv_flags & GV_CONFIGURED) == 0)
4626 4589 /*
4627 4590 * Unconfigured instances should have no dependencies, but in
4628 4591 * case they ever get them,
4629 4592 */
4630 4593 goto recurse;
4631 4594
4632 4595 /*
4633 4596 * If v is in the subgraph, so should all of its dependencies, so do
4634 4597 * nothing.
4635 4598 */
4636 4599 if (v->gv_flags & GV_INSUBGRAPH)
4637 4600 return;
4638 4601
4639 4602 /* If v isn't a leaf because it's already down, recurse. */
4640 4603 if (!up_state(v->gv_state))
4641 4604 goto recurse;
4642 4605
4643 4606 /* If v is disabled but not down yet, be patient. */
4644 4607 if ((v->gv_flags & GV_ENABLED) == 0)
4645 4608 return;
4646 4609
4647 4610 /* If v is a leaf, disable it. */
4648 4611 if (is_nonsubgraph_leaf(v))
4649 4612 (void) disable_service_temporarily(v, (scf_handle_t *)arg);
4650 4613
4651 4614 return;
4652 4615
4653 4616 recurse:
4654 4617 graph_walk_dependencies(v, disable_nonsubgraph_leaves, arg);
4655 4618 }
4656 4619
4657 4620 static int
4658 4621 stn_restarter_state(restarter_instance_state_t rstate)
4659 4622 {
4660 4623 static const struct statemap {
4661 4624 restarter_instance_state_t restarter_state;
4662 4625 int scf_state;
4663 4626 } map[] = {
4664 4627 { RESTARTER_STATE_UNINIT, SCF_STATE_UNINIT },
4665 4628 { RESTARTER_STATE_MAINT, SCF_STATE_MAINT },
4666 4629 { RESTARTER_STATE_OFFLINE, SCF_STATE_OFFLINE },
4667 4630 { RESTARTER_STATE_DISABLED, SCF_STATE_DISABLED },
4668 4631 { RESTARTER_STATE_ONLINE, SCF_STATE_ONLINE },
4669 4632 { RESTARTER_STATE_DEGRADED, SCF_STATE_DEGRADED }
4670 4633 };
4671 4634
4672 4635 int i;
4673 4636
4674 4637 for (i = 0; i < sizeof (map) / sizeof (map[0]); i++) {
4675 4638 if (rstate == map[i].restarter_state)
4676 4639 return (map[i].scf_state);
4677 4640 }
4678 4641
4679 4642 return (-1);
4680 4643 }
4681 4644
4682 4645 /*
4683 4646 * State transition counters
4684 4647 * Not incremented atomically - indicative only
4685 4648 */
4686 4649 static uint64_t stev_ct_maint;
4687 4650 static uint64_t stev_ct_hwerr;
4688 4651 static uint64_t stev_ct_service;
4689 4652 static uint64_t stev_ct_global;
4690 4653 static uint64_t stev_ct_noprefs;
4691 4654 static uint64_t stev_ct_from_uninit;
4692 4655 static uint64_t stev_ct_bad_state;
4693 4656 static uint64_t stev_ct_ovr_prefs;
4694 4657
4695 4658 static void
4696 4659 dgraph_state_transition_notify(graph_vertex_t *v,
4697 4660 restarter_instance_state_t old_state, restarter_str_t reason)
4698 4661 {
4699 4662 restarter_instance_state_t new_state = v->gv_state;
4700 4663 int stn_transition, maint;
4701 4664 int from, to;
4702 4665 nvlist_t *attr;
4703 4666 fmev_pri_t pri = FMEV_LOPRI;
4704 4667 int raise = 0;
4705 4668
4706 4669 if ((from = stn_restarter_state(old_state)) == -1 ||
4707 4670 (to = stn_restarter_state(new_state)) == -1) {
4708 4671 stev_ct_bad_state++;
4709 4672 return;
4710 4673 }
4711 4674
4712 4675 stn_transition = from << 16 | to;
4713 4676
4714 4677 maint = (to == SCF_STATE_MAINT || from == SCF_STATE_MAINT);
4715 4678
4716 4679 if (maint) {
4717 4680 /*
4718 4681 * All transitions to/from maintenance state must raise
4719 4682 * an event.
4720 4683 */
4721 4684 raise++;
4722 4685 pri = FMEV_HIPRI;
4723 4686 stev_ct_maint++;
4724 4687 } else if (reason == restarter_str_ct_ev_hwerr) {
4725 4688 /*
4726 4689 * All transitions caused by hardware fault must raise
4727 4690 * an event
4728 4691 */
4729 4692 raise++;
4730 4693 pri = FMEV_HIPRI;
4731 4694 stev_ct_hwerr++;
4732 4695 } else if (stn_transition & v->gv_stn_tset) {
4733 4696 /*
4734 4697 * Specifically enabled event.
4735 4698 */
4736 4699 raise++;
4737 4700 stev_ct_service++;
4738 4701 } else if (from == SCF_STATE_UNINIT) {
4739 4702 /*
4740 4703 * Only raise these if specifically selected above.
4741 4704 */
4742 4705 stev_ct_from_uninit++;
4743 4706 } else if (stn_transition & stn_global &&
4744 4707 (IS_ENABLED(v) == 1 || to == SCF_STATE_DISABLED)) {
4745 4708 raise++;
4746 4709 stev_ct_global++;
4747 4710 } else {
4748 4711 stev_ct_noprefs++;
4749 4712 }
4750 4713
4751 4714 if (info_events_all) {
4752 4715 stev_ct_ovr_prefs++;
4753 4716 raise++;
4754 4717 }
4755 4718 if (!raise)
4756 4719 return;
4757 4720
4758 4721 if (nvlist_alloc(&attr, NV_UNIQUE_NAME, 0) != 0 ||
4759 4722 nvlist_add_string(attr, "fmri", v->gv_name) != 0 ||
4760 4723 nvlist_add_uint32(attr, "reason-version",
4761 4724 restarter_str_version()) || nvlist_add_string(attr, "reason-short",
4762 4725 restarter_get_str_short(reason)) != 0 ||
4763 4726 nvlist_add_string(attr, "reason-long",
4764 4727 restarter_get_str_long(reason)) != 0 ||
4765 4728 nvlist_add_int32(attr, "transition", stn_transition) != 0) {
4766 4729 log_framework(LOG_WARNING,
4767 4730 "FMEV: %s could not create nvlist for transition "
4768 4731 "event: %s\n", v->gv_name, strerror(errno));
4769 4732 nvlist_free(attr);
4770 4733 return;
4771 4734 }
4772 4735
4773 4736 if (fmev_rspublish_nvl(FMEV_RULESET_SMF, "state-transition",
4774 4737 instance_state_str[new_state], pri, attr) != FMEV_SUCCESS) {
4775 4738 log_framework(LOG_DEBUG,
4776 4739 "FMEV: %s failed to publish transition event: %s\n",
4777 4740 v->gv_name, fmev_strerror(fmev_errno));
4778 4741 nvlist_free(attr);
4779 4742 }
4780 4743 }
4781 4744
4782 4745 /*
4783 4746 * Find the vertex for inst_name. If it doesn't exist, return ENOENT.
4784 4747 * Otherwise set its state to state. If the instance has entered a state
4785 4748 * which requires automatic action, take it (Uninitialized: do
4786 4749 * dgraph_refresh_instance() without the snapshot update. Disabled: if the
4787 4750 * instance should be enabled, send _ENABLE. Offline: if the instance should
4788 4751 * be disabled, send _DISABLE, and if its dependencies are satisfied, send
4789 4752 * _START. Online, Degraded: if the instance wasn't running, update its start
4790 4753 * snapshot. Maintenance: no action.)
4791 4754 *
4792 4755 * Also fails with ECONNABORTED, or EINVAL if state is invalid.
4793 4756 */
4794 4757 static int
4795 4758 dgraph_set_instance_state(scf_handle_t *h, const char *inst_name,
4796 4759 protocol_states_t *states)
4797 4760 {
4798 4761 graph_vertex_t *v;
4799 4762 int err = 0;
4800 4763 restarter_instance_state_t old_state;
4801 4764 restarter_instance_state_t state = states->ps_state;
4802 4765 restarter_error_t serr = states->ps_err;
4803 4766
4804 4767 MUTEX_LOCK(&dgraph_lock);
4805 4768
4806 4769 v = vertex_get_by_name(inst_name);
4807 4770 if (v == NULL) {
4808 4771 MUTEX_UNLOCK(&dgraph_lock);
4809 4772 return (ENOENT);
4810 4773 }
4811 4774
4812 4775 assert(v->gv_type == GVT_INST);
4813 4776
4814 4777 switch (state) {
4815 4778 case RESTARTER_STATE_UNINIT:
4816 4779 case RESTARTER_STATE_DISABLED:
4817 4780 case RESTARTER_STATE_OFFLINE:
4818 4781 case RESTARTER_STATE_ONLINE:
4819 4782 case RESTARTER_STATE_DEGRADED:
4820 4783 case RESTARTER_STATE_MAINT:
4821 4784 break;
4822 4785
4823 4786 default:
4824 4787 MUTEX_UNLOCK(&dgraph_lock);
4825 4788 return (EINVAL);
4826 4789 }
4827 4790
4828 4791 log_framework(LOG_DEBUG, "Graph noting %s %s -> %s.\n", v->gv_name,
4829 4792 instance_state_str[v->gv_state], instance_state_str[state]);
4830 4793
4831 4794 old_state = v->gv_state;
4832 4795 v->gv_state = state;
4833 4796
4834 4797 v->gv_reason = states->ps_reason;
4835 4798 err = gt_transition(h, v, serr, old_state);
4836 4799 if (err == 0 && v->gv_state != old_state) {
4837 4800 dgraph_state_transition_notify(v, old_state, states->ps_reason);
4838 4801 }
4839 4802
4840 4803 MUTEX_UNLOCK(&dgraph_lock);
4841 4804 return (err);
4842 4805 }
4843 4806
4844 4807 /*
4845 4808 * Handle state changes during milestone shutdown. See
4846 4809 * dgraph_set_milestone(). If the repository connection is broken,
4847 4810 * ECONNABORTED will be returned, though a _DISABLE command will be sent for
4848 4811 * the vertex anyway.
4849 4812 */
4850 4813 int
4851 4814 vertex_subgraph_dependencies_shutdown(scf_handle_t *h, graph_vertex_t *v,
4852 4815 restarter_instance_state_t old_state)
4853 4816 {
4854 4817 int was_up, now_up;
4855 4818 int ret = 0;
4856 4819
4857 4820 assert(v->gv_type == GVT_INST);
4858 4821
4859 4822 /* Don't care if we're not going to a milestone. */
4860 4823 if (milestone == NULL)
4861 4824 return (0);
4862 4825
4863 4826 /* Don't care if we already finished coming down. */
4864 4827 if (non_subgraph_svcs == 0)
4865 4828 return (0);
4866 4829
4867 4830 /* Don't care if the service is in the subgraph. */
4868 4831 if (v->gv_flags & GV_INSUBGRAPH)
4869 4832 return (0);
4870 4833
4871 4834 /*
4872 4835 * Update non_subgraph_svcs. It is the number of non-subgraph
4873 4836 * services which are in online, degraded, or offline.
4874 4837 */
4875 4838
4876 4839 was_up = up_state(old_state);
4877 4840 now_up = up_state(v->gv_state);
4878 4841
4879 4842 if (!was_up && now_up) {
4880 4843 ++non_subgraph_svcs;
4881 4844 } else if (was_up && !now_up) {
4882 4845 --non_subgraph_svcs;
4883 4846
4884 4847 if (non_subgraph_svcs == 0) {
4885 4848 if (halting != -1) {
4886 4849 do_uadmin();
4887 4850 } else if (go_single_user_mode || go_to_level1) {
4888 4851 (void) startd_thread_create(single_user_thread,
4889 4852 NULL);
4890 4853 }
4891 4854 return (0);
4892 4855 }
4893 4856 }
4894 4857
4895 4858 /* If this service is a leaf, it should be disabled. */
4896 4859 if ((v->gv_flags & GV_ENABLED) && is_nonsubgraph_leaf(v)) {
4897 4860 int r;
4898 4861
4899 4862 r = disable_service_temporarily(v, h);
4900 4863 switch (r) {
4901 4864 case 0:
4902 4865 break;
4903 4866
4904 4867 case ECONNABORTED:
4905 4868 ret = ECONNABORTED;
4906 4869 break;
4907 4870
4908 4871 default:
4909 4872 bad_error("disable_service_temporarily", r);
4910 4873 }
4911 4874 }
4912 4875
4913 4876 /*
4914 4877 * If the service just came down, propagate the disable to the newly
4915 4878 * exposed leaves.
4916 4879 */
4917 4880 if (was_up && !now_up)
4918 4881 graph_walk_dependencies(v, disable_nonsubgraph_leaves,
4919 4882 (void *)h);
4920 4883
4921 4884 return (ret);
4922 4885 }
4923 4886
4924 4887 /*
4925 4888 * Decide whether to start up an sulogin thread after a service is
4926 4889 * finished changing state. Only need to do the full can_come_up()
4927 4890 * evaluation if an instance is changing state, we're not halfway through
4928 4891 * loading the thread, and we aren't shutting down or going to the single
4929 4892 * user milestone.
4930 4893 */
4931 4894 void
4932 4895 graph_transition_sulogin(restarter_instance_state_t state,
4933 4896 restarter_instance_state_t old_state)
4934 4897 {
4935 4898 assert(MUTEX_HELD(&dgraph_lock));
4936 4899
4937 4900 if (state != old_state && st->st_load_complete &&
4938 4901 !go_single_user_mode && !go_to_level1 &&
4939 4902 halting == -1) {
4940 4903 if (!sulogin_thread_running && !can_come_up()) {
4941 4904 (void) startd_thread_create(sulogin_thread, NULL);
4942 4905 sulogin_thread_running = B_TRUE;
4943 4906 }
4944 4907 }
4945 4908 }
4946 4909
4947 4910 /*
4948 4911 * Propagate a start, stop event, or a satisfiability event.
4949 4912 *
4950 4913 * PROPAGATE_START and PROPAGATE_STOP simply propagate the transition event
4951 4914 * to direct dependents. PROPAGATE_SAT propagates a start then walks the
4952 4915 * full dependent graph to check for newly satisfied nodes. This is
4953 4916 * necessary for cases when non-direct dependents may be effected but direct
4954 4917 * dependents may not (e.g. for optional_all evaluations, see the
4955 4918 * propagate_satbility() comments).
4956 4919 *
4957 4920 * PROPAGATE_SAT should be used whenever a non-running service moves into
|
↓ open down ↓ |
544 lines elided |
↑ open up ↑ |
4958 4921 * a state which can satisfy optional dependencies, like disabled or
4959 4922 * maintenance.
4960 4923 */
4961 4924 void
4962 4925 graph_transition_propagate(graph_vertex_t *v, propagate_event_t type,
4963 4926 restarter_error_t rerr)
4964 4927 {
4965 4928 if (type == PROPAGATE_STOP) {
4966 4929 graph_walk_dependents(v, propagate_stop, (void *)rerr);
4967 4930 } else if (type == PROPAGATE_START || type == PROPAGATE_SAT) {
4968 - graph_walk_dependents(v, propagate_start, NULL);
4931 + graph_walk_dependents(v, propagate_start, (void *)RERR_NONE);
4969 4932
4970 4933 if (type == PROPAGATE_SAT)
4971 4934 propagate_satbility(v);
4972 4935 } else {
4973 4936 #ifndef NDEBUG
4974 4937 uu_warn("%s:%d: Unexpected type value %d.\n", __FILE__,
4975 4938 __LINE__, type);
4976 4939 #endif
4977 4940 abort();
4978 4941 }
4979 4942 }
4980 4943
4981 4944 /*
4982 4945 * If a vertex for fmri exists and it is enabled, send _DISABLE to the
4983 4946 * restarter. If it is running, send _STOP. Send _REMOVE_INSTANCE. Delete
4984 4947 * all property group dependencies, and the dependency on the restarter,
4985 4948 * disposing of vertices as appropriate. If other vertices depend on this
4986 4949 * one, mark it unconfigured and return. Otherwise remove the vertex. Always
4987 4950 * returns 0.
4988 4951 */
4989 4952 static int
4990 4953 dgraph_remove_instance(const char *fmri, scf_handle_t *h)
4991 4954 {
4992 4955 graph_vertex_t *v;
4993 4956 graph_edge_t *e;
4994 4957 uu_list_t *old_deps;
4995 4958 int err;
4996 4959
4997 4960 log_framework(LOG_DEBUG, "Graph engine: Removing %s.\n", fmri);
4998 4961
4999 4962 MUTEX_LOCK(&dgraph_lock);
5000 4963
5001 4964 v = vertex_get_by_name(fmri);
5002 4965 if (v == NULL) {
5003 4966 MUTEX_UNLOCK(&dgraph_lock);
5004 4967 return (0);
5005 4968 }
5006 4969
5007 4970 /* Send restarter delete event. */
5008 4971 if (v->gv_flags & GV_CONFIGURED)
5009 4972 graph_unset_restarter(v);
5010 4973
5011 4974 if (milestone > MILESTONE_NONE) {
5012 4975 /*
5013 4976 * Make a list of v's current dependencies so we can
5014 4977 * reevaluate their GV_INSUBGRAPH flags after the dependencies
5015 4978 * are removed.
5016 4979 */
5017 4980 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
5018 4981
5019 4982 err = uu_list_walk(v->gv_dependencies,
5020 4983 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
5021 4984 assert(err == 0);
5022 4985 }
5023 4986
5024 4987 delete_instance_dependencies(v, B_TRUE);
5025 4988
5026 4989 /*
5027 4990 * Deleting an instance can both satisfy and unsatisfy dependencies,
5028 4991 * depending on their type. First propagate the stop as a RERR_RESTART
|
↓ open down ↓ |
50 lines elided |
↑ open up ↑ |
5029 4992 * event -- deletion isn't a fault, just a normal stop. This gives
5030 4993 * dependent services the chance to do a clean shutdown. Then, mark
5031 4994 * the service as unconfigured and propagate the start event for the
5032 4995 * optional_all dependencies that might have become satisfied.
5033 4996 */
5034 4997 graph_walk_dependents(v, propagate_stop, (void *)RERR_RESTART);
5035 4998
5036 4999 v->gv_flags &= ~GV_CONFIGURED;
5037 5000 v->gv_flags &= ~GV_DEATHROW;
5038 5001
5039 - graph_walk_dependents(v, propagate_start, NULL);
5002 + graph_walk_dependents(v, propagate_start, (void *)RERR_NONE);
5040 5003 propagate_satbility(v);
5041 5004
5042 5005 /*
5043 5006 * If there are no (non-service) dependents, the vertex can be
5044 5007 * completely removed.
5045 5008 */
5046 5009 if (v != milestone && v->gv_refs == 0 &&
5047 5010 uu_list_numnodes(v->gv_dependents) == 1)
5048 5011 remove_inst_vertex(v);
5049 5012
5050 5013 if (milestone > MILESTONE_NONE) {
5051 5014 void *cookie = NULL;
5052 5015
5053 5016 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL) {
5054 5017 v = e->ge_vertex;
5055 5018
5056 5019 if (vertex_unref(v) == VERTEX_INUSE)
5057 5020 while (eval_subgraph(v, h) == ECONNABORTED)
5058 5021 libscf_handle_rebind(h);
5059 5022
5060 5023 startd_free(e, sizeof (*e));
5061 5024 }
5062 5025
5063 5026 uu_list_destroy(old_deps);
5064 5027 }
5065 5028
5066 5029 MUTEX_UNLOCK(&dgraph_lock);
5067 5030
5068 5031 return (0);
5069 5032 }
5070 5033
5071 5034 /*
5072 5035 * Return the eventual (maybe current) milestone in the form of a
5073 5036 * legacy runlevel.
5074 5037 */
5075 5038 static char
5076 5039 target_milestone_as_runlevel()
5077 5040 {
5078 5041 assert(MUTEX_HELD(&dgraph_lock));
5079 5042
5080 5043 if (milestone == NULL)
5081 5044 return ('3');
5082 5045 else if (milestone == MILESTONE_NONE)
5083 5046 return ('0');
5084 5047
5085 5048 if (strcmp(milestone->gv_name, multi_user_fmri) == 0)
5086 5049 return ('2');
5087 5050 else if (strcmp(milestone->gv_name, single_user_fmri) == 0)
5088 5051 return ('S');
5089 5052 else if (strcmp(milestone->gv_name, multi_user_svr_fmri) == 0)
5090 5053 return ('3');
5091 5054
5092 5055 #ifndef NDEBUG
5093 5056 (void) fprintf(stderr, "%s:%d: Unknown milestone name \"%s\".\n",
5094 5057 __FILE__, __LINE__, milestone->gv_name);
5095 5058 #endif
5096 5059 abort();
5097 5060 /* NOTREACHED */
5098 5061 }
5099 5062
5100 5063 static struct {
5101 5064 char rl;
5102 5065 int sig;
5103 5066 } init_sigs[] = {
5104 5067 { 'S', SIGBUS },
5105 5068 { '0', SIGINT },
5106 5069 { '1', SIGQUIT },
5107 5070 { '2', SIGILL },
5108 5071 { '3', SIGTRAP },
5109 5072 { '4', SIGIOT },
5110 5073 { '5', SIGEMT },
5111 5074 { '6', SIGFPE },
5112 5075 { 0, 0 }
5113 5076 };
5114 5077
5115 5078 static void
5116 5079 signal_init(char rl)
5117 5080 {
5118 5081 pid_t init_pid;
5119 5082 int i;
5120 5083
5121 5084 assert(MUTEX_HELD(&dgraph_lock));
5122 5085
5123 5086 if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid,
5124 5087 sizeof (init_pid)) != sizeof (init_pid)) {
5125 5088 log_error(LOG_NOTICE, "Could not get pid to signal init.\n");
5126 5089 return;
5127 5090 }
5128 5091
5129 5092 for (i = 0; init_sigs[i].rl != 0; ++i)
5130 5093 if (init_sigs[i].rl == rl)
5131 5094 break;
5132 5095
5133 5096 if (init_sigs[i].rl != 0) {
5134 5097 if (kill(init_pid, init_sigs[i].sig) != 0) {
5135 5098 switch (errno) {
5136 5099 case EPERM:
5137 5100 case ESRCH:
5138 5101 log_error(LOG_NOTICE, "Could not signal init: "
5139 5102 "%s.\n", strerror(errno));
5140 5103 break;
5141 5104
5142 5105 case EINVAL:
5143 5106 default:
5144 5107 bad_error("kill", errno);
5145 5108 }
5146 5109 }
5147 5110 }
5148 5111 }
5149 5112
5150 5113 /*
5151 5114 * This is called when one of the major milestones changes state, or when
5152 5115 * init is signalled and tells us it was told to change runlevel. We wait
5153 5116 * to reach the milestone because this allows /etc/inittab entries to retain
5154 5117 * some boot ordering: historically, entries could place themselves before/after
5155 5118 * the running of /sbin/rcX scripts but we can no longer make the
5156 5119 * distinction because the /sbin/rcX scripts no longer exist as punctuation
5157 5120 * marks in /etc/inittab.
5158 5121 *
5159 5122 * Also, we only trigger an update when we reach the eventual target
5160 5123 * milestone: without this, an /etc/inittab entry marked only for
5161 5124 * runlevel 2 would be executed for runlevel 3, which is not how
5162 5125 * /etc/inittab entries work.
5163 5126 *
5164 5127 * If we're single user coming online, then we set utmpx to the target
5165 5128 * runlevel so that legacy scripts can work as expected.
5166 5129 */
5167 5130 static void
5168 5131 graph_runlevel_changed(char rl, int online)
5169 5132 {
5170 5133 char trl;
5171 5134
5172 5135 assert(MUTEX_HELD(&dgraph_lock));
5173 5136
5174 5137 trl = target_milestone_as_runlevel();
5175 5138
5176 5139 if (online) {
5177 5140 if (rl == trl) {
5178 5141 current_runlevel = trl;
5179 5142 signal_init(trl);
5180 5143 } else if (rl == 'S') {
5181 5144 /*
5182 5145 * At boot, set the entry early for the benefit of the
5183 5146 * legacy init scripts.
5184 5147 */
5185 5148 utmpx_set_runlevel(trl, 'S', B_FALSE);
5186 5149 }
5187 5150 } else {
5188 5151 if (rl == '3' && trl == '2') {
5189 5152 current_runlevel = trl;
5190 5153 signal_init(trl);
5191 5154 } else if (rl == '2' && trl == 'S') {
5192 5155 current_runlevel = trl;
5193 5156 signal_init(trl);
5194 5157 }
5195 5158 }
5196 5159 }
5197 5160
5198 5161 /*
5199 5162 * Move to a backwards-compatible runlevel by executing the appropriate
5200 5163 * /etc/rc?.d/K* scripts and/or setting the milestone.
5201 5164 *
5202 5165 * Returns
5203 5166 * 0 - success
5204 5167 * ECONNRESET - success, but handle was reset
5205 5168 * ECONNABORTED - repository connection broken
5206 5169 * ECANCELED - pg was deleted
5207 5170 */
5208 5171 static int
5209 5172 dgraph_set_runlevel(scf_propertygroup_t *pg, scf_property_t *prop)
5210 5173 {
5211 5174 char rl;
5212 5175 scf_handle_t *h;
5213 5176 int r;
5214 5177 const char *ms = NULL; /* what to commit as options/milestone */
5215 5178 boolean_t rebound = B_FALSE;
5216 5179 int mark_rl = 0;
5217 5180
5218 5181 const char * const stop = "stop";
5219 5182
5220 5183 r = libscf_extract_runlevel(prop, &rl);
5221 5184 switch (r) {
5222 5185 case 0:
5223 5186 break;
5224 5187
5225 5188 case ECONNABORTED:
5226 5189 case ECANCELED:
5227 5190 return (r);
5228 5191
5229 5192 case EINVAL:
5230 5193 case ENOENT:
5231 5194 log_error(LOG_WARNING, "runlevel property is misconfigured; "
5232 5195 "ignoring.\n");
5233 5196 /* delete the bad property */
5234 5197 goto nolock_out;
5235 5198
5236 5199 default:
5237 5200 bad_error("libscf_extract_runlevel", r);
5238 5201 }
5239 5202
5240 5203 switch (rl) {
5241 5204 case 's':
5242 5205 rl = 'S';
5243 5206 /* FALLTHROUGH */
5244 5207
5245 5208 case 'S':
5246 5209 case '2':
5247 5210 case '3':
5248 5211 /*
5249 5212 * These cases cause a milestone change, so
5250 5213 * graph_runlevel_changed() will eventually deal with
5251 5214 * signalling init.
5252 5215 */
5253 5216 break;
5254 5217
5255 5218 case '0':
5256 5219 case '1':
5257 5220 case '4':
5258 5221 case '5':
5259 5222 case '6':
5260 5223 mark_rl = 1;
5261 5224 break;
5262 5225
5263 5226 default:
5264 5227 log_framework(LOG_NOTICE, "Unknown runlevel '%c'.\n", rl);
5265 5228 ms = NULL;
5266 5229 goto nolock_out;
5267 5230 }
5268 5231
5269 5232 h = scf_pg_handle(pg);
5270 5233
5271 5234 MUTEX_LOCK(&dgraph_lock);
5272 5235
5273 5236 /*
5274 5237 * Since this triggers no milestone changes, force it by hand.
5275 5238 */
5276 5239 if (current_runlevel == '4' && rl == '3')
5277 5240 mark_rl = 1;
5278 5241
5279 5242 /*
5280 5243 * 1. If we are here after an "init X":
5281 5244 *
5282 5245 * init X
5283 5246 * init/lscf_set_runlevel()
5284 5247 * process_pg_event()
5285 5248 * dgraph_set_runlevel()
5286 5249 *
5287 5250 * then we haven't passed through graph_runlevel_changed() yet,
5288 5251 * therefore 'current_runlevel' has not changed for sure but 'rl' has.
5289 5252 * In consequence, if 'rl' is lower than 'current_runlevel', we change
5290 5253 * the system runlevel and execute the appropriate /etc/rc?.d/K* scripts
5291 5254 * past this test.
5292 5255 *
5293 5256 * 2. On the other hand, if we are here after a "svcadm milestone":
5294 5257 *
5295 5258 * svcadm milestone X
5296 5259 * dgraph_set_milestone()
5297 5260 * handle_graph_update_event()
5298 5261 * dgraph_set_instance_state()
5299 5262 * graph_post_X_[online|offline]()
5300 5263 * graph_runlevel_changed()
5301 5264 * signal_init()
5302 5265 * init/lscf_set_runlevel()
5303 5266 * process_pg_event()
5304 5267 * dgraph_set_runlevel()
5305 5268 *
5306 5269 * then we already passed through graph_runlevel_changed() (by the way
5307 5270 * of dgraph_set_milestone()) and 'current_runlevel' may have changed
5308 5271 * and already be equal to 'rl' so we are going to return immediately
5309 5272 * from dgraph_set_runlevel() without changing the system runlevel and
5310 5273 * without executing the /etc/rc?.d/K* scripts.
5311 5274 */
5312 5275 if (rl == current_runlevel) {
5313 5276 ms = NULL;
5314 5277 goto out;
5315 5278 }
5316 5279
5317 5280 log_framework(LOG_DEBUG, "Changing to runlevel '%c'.\n", rl);
5318 5281
5319 5282 /*
5320 5283 * Make sure stop rc scripts see the new settings via who -r.
5321 5284 */
5322 5285 utmpx_set_runlevel(rl, current_runlevel, B_TRUE);
5323 5286
5324 5287 /*
5325 5288 * Some run levels don't have a direct correspondence to any
5326 5289 * milestones, so we have to signal init directly.
5327 5290 */
5328 5291 if (mark_rl) {
5329 5292 current_runlevel = rl;
5330 5293 signal_init(rl);
5331 5294 }
5332 5295
5333 5296 switch (rl) {
5334 5297 case 'S':
5335 5298 uu_warn("The system is coming down for administration. "
5336 5299 "Please wait.\n");
5337 5300 fork_rc_script(rl, stop, B_FALSE);
5338 5301 ms = single_user_fmri;
5339 5302 go_single_user_mode = B_TRUE;
5340 5303 break;
5341 5304
5342 5305 case '0':
5343 5306 halting_time = time(NULL);
5344 5307 fork_rc_script(rl, stop, B_TRUE);
5345 5308 halting = AD_HALT;
5346 5309 goto uadmin;
5347 5310
5348 5311 case '5':
5349 5312 halting_time = time(NULL);
5350 5313 fork_rc_script(rl, stop, B_TRUE);
5351 5314 halting = AD_POWEROFF;
5352 5315 goto uadmin;
5353 5316
5354 5317 case '6':
5355 5318 halting_time = time(NULL);
5356 5319 fork_rc_script(rl, stop, B_TRUE);
5357 5320 if (scf_is_fastboot_default() && getzoneid() == GLOBAL_ZONEID)
5358 5321 halting = AD_FASTREBOOT;
5359 5322 else
5360 5323 halting = AD_BOOT;
5361 5324
5362 5325 uadmin:
5363 5326 uu_warn("The system is coming down. Please wait.\n");
5364 5327 ms = "none";
5365 5328
5366 5329 /*
5367 5330 * We can't wait until all services are offline since this
5368 5331 * thread is responsible for taking them offline. Instead we
5369 5332 * set halting to the second argument for uadmin() and call
5370 5333 * do_uadmin() from dgraph_set_instance_state() when
5371 5334 * appropriate.
5372 5335 */
5373 5336 break;
5374 5337
5375 5338 case '1':
5376 5339 if (current_runlevel != 'S') {
5377 5340 uu_warn("Changing to state 1.\n");
5378 5341 fork_rc_script(rl, stop, B_FALSE);
5379 5342 } else {
5380 5343 uu_warn("The system is coming up for administration. "
5381 5344 "Please wait.\n");
5382 5345 }
5383 5346 ms = single_user_fmri;
5384 5347 go_to_level1 = B_TRUE;
5385 5348 break;
5386 5349
5387 5350 case '2':
5388 5351 if (current_runlevel == '3' || current_runlevel == '4')
5389 5352 fork_rc_script(rl, stop, B_FALSE);
5390 5353 ms = multi_user_fmri;
5391 5354 break;
5392 5355
5393 5356 case '3':
5394 5357 case '4':
5395 5358 ms = "all";
5396 5359 break;
5397 5360
5398 5361 default:
5399 5362 #ifndef NDEBUG
5400 5363 (void) fprintf(stderr, "%s:%d: Uncaught case %d ('%c').\n",
5401 5364 __FILE__, __LINE__, rl, rl);
5402 5365 #endif
5403 5366 abort();
5404 5367 }
5405 5368
5406 5369 out:
5407 5370 MUTEX_UNLOCK(&dgraph_lock);
5408 5371
5409 5372 nolock_out:
5410 5373 switch (r = libscf_clear_runlevel(pg, ms)) {
5411 5374 case 0:
5412 5375 break;
5413 5376
5414 5377 case ECONNABORTED:
5415 5378 libscf_handle_rebind(h);
5416 5379 rebound = B_TRUE;
5417 5380 goto nolock_out;
5418 5381
5419 5382 case ECANCELED:
5420 5383 break;
5421 5384
5422 5385 case EPERM:
5423 5386 case EACCES:
5424 5387 case EROFS:
5425 5388 log_error(LOG_NOTICE, "Could not delete \"%s/%s\" property: "
5426 5389 "%s.\n", SCF_PG_OPTIONS, "runlevel", strerror(r));
5427 5390 break;
5428 5391
5429 5392 default:
5430 5393 bad_error("libscf_clear_runlevel", r);
5431 5394 }
5432 5395
5433 5396 return (rebound ? ECONNRESET : 0);
5434 5397 }
5435 5398
5436 5399 /*
5437 5400 * mark_subtree walks the dependents and add the GV_TOOFFLINE flag
5438 5401 * to the instances that are supposed to go offline during an
5439 5402 * administrative disable operation.
5440 5403 */
5441 5404 static int
5442 5405 mark_subtree(graph_edge_t *e, void *arg)
5443 5406 {
5444 5407 graph_vertex_t *v;
5445 5408 int r;
5446 5409
5447 5410 v = e->ge_vertex;
5448 5411
5449 5412 /* If it's already in the subgraph, skip. */
5450 5413 if (v->gv_flags & GV_TOOFFLINE)
5451 5414 return (UU_WALK_NEXT);
5452 5415
5453 5416 switch (v->gv_type) {
|
↓ open down ↓ |
404 lines elided |
↑ open up ↑ |
5454 5417 case GVT_INST:
5455 5418 /* If the instance is already disabled, skip it. */
5456 5419 if (!(v->gv_flags & GV_ENABLED))
5457 5420 return (UU_WALK_NEXT);
5458 5421
5459 5422 v->gv_flags |= GV_TOOFFLINE;
5460 5423 log_framework(LOG_DEBUG, "%s added to subtree\n", v->gv_name);
5461 5424 break;
5462 5425 case GVT_GROUP:
5463 5426 /*
5464 - * Skip all excluded and optional_all dependencies and decide
5465 - * whether to offline the service based on restart_on attribute.
5427 + * Skip all excluded dependents and decide whether to offline
5428 + * the service based on the restart_on attribute.
5466 5429 */
5467 5430 if (is_depgrp_bypassed(v))
5468 5431 return (UU_WALK_NEXT);
5469 5432 break;
5470 5433 }
5471 5434
5472 5435 r = uu_list_walk(v->gv_dependents, (uu_walk_fn_t *)mark_subtree, arg,
5473 5436 0);
5474 5437 assert(r == 0);
5475 5438 return (UU_WALK_NEXT);
5476 5439 }
5477 5440
5478 5441 static int
5479 5442 mark_subgraph(graph_edge_t *e, void *arg)
5480 5443 {
5481 5444 graph_vertex_t *v;
5482 5445 int r;
5483 5446 int optional = (int)arg;
5484 5447
5485 5448 v = e->ge_vertex;
5486 5449
5487 5450 /* If it's already in the subgraph, skip. */
5488 5451 if (v->gv_flags & GV_INSUBGRAPH)
5489 5452 return (UU_WALK_NEXT);
5490 5453
5491 5454 /*
5492 5455 * Keep track if walk has entered an optional dependency group
5493 5456 */
5494 5457 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_OPTIONAL_ALL) {
5495 5458 optional = 1;
5496 5459 }
5497 5460 /*
5498 5461 * Quit if we are in an optional dependency group and the instance
5499 5462 * is disabled
5500 5463 */
5501 5464 if (optional && (v->gv_type == GVT_INST) &&
5502 5465 (!(v->gv_flags & GV_ENBLD_NOOVR)))
5503 5466 return (UU_WALK_NEXT);
5504 5467
5505 5468 v->gv_flags |= GV_INSUBGRAPH;
5506 5469
5507 5470 /* Skip all excluded dependencies. */
5508 5471 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
5509 5472 return (UU_WALK_NEXT);
5510 5473
5511 5474 r = uu_list_walk(v->gv_dependencies, (uu_walk_fn_t *)mark_subgraph,
5512 5475 (void *)optional, 0);
5513 5476 assert(r == 0);
5514 5477 return (UU_WALK_NEXT);
5515 5478 }
5516 5479
5517 5480 /*
5518 5481 * Bring down all services which are not dependencies of fmri. The
5519 5482 * dependencies of fmri (direct & indirect) will constitute the "subgraph",
5520 5483 * and will have the GV_INSUBGRAPH flag set. The rest must be brought down,
5521 5484 * which means the state is "disabled", "maintenance", or "uninitialized". We
5522 5485 * could consider "offline" to be down, and refrain from sending start
5523 5486 * commands for such services, but that's not strictly necessary, so we'll
5524 5487 * decline to intrude on the state machine. It would probably confuse users
5525 5488 * anyway.
5526 5489 *
5527 5490 * The services should be brought down in reverse-dependency order, so we
5528 5491 * can't do it all at once here. We initiate by override-disabling the leaves
5529 5492 * of the dependency tree -- those services which are up but have no
5530 5493 * dependents which are up. When they come down,
5531 5494 * vertex_subgraph_dependencies_shutdown() will override-disable the newly
5532 5495 * exposed leaves. Perseverance will ensure completion.
5533 5496 *
5534 5497 * Sometimes we need to take action when the transition is complete, like
5535 5498 * start sulogin or halt the system. To tell when we're done, we initialize
5536 5499 * non_subgraph_svcs here to be the number of services which need to come
5537 5500 * down. As each does, we decrement the counter. When it hits zero, we take
5538 5501 * the appropriate action. See vertex_subgraph_dependencies_shutdown().
5539 5502 *
5540 5503 * In case we're coming up, we also remove any enable-overrides for the
5541 5504 * services which are dependencies of fmri.
5542 5505 *
5543 5506 * If norepository is true, the function will not change the repository.
5544 5507 *
5545 5508 * The decision to change the system run level in accordance with the milestone
5546 5509 * is taken in dgraph_set_runlevel().
5547 5510 *
5548 5511 * Returns
5549 5512 * 0 - success
5550 5513 * ECONNRESET - success, but handle was rebound
5551 5514 * EINVAL - fmri is invalid (error is logged)
5552 5515 * EALREADY - the milestone is already set to fmri
5553 5516 * ENOENT - a configured vertex does not exist for fmri (an error is logged)
5554 5517 */
5555 5518 static int
5556 5519 dgraph_set_milestone(const char *fmri, scf_handle_t *h, boolean_t norepository)
5557 5520 {
5558 5521 const char *cfmri, *fs;
5559 5522 graph_vertex_t *nm, *v;
5560 5523 int ret = 0, r;
5561 5524 scf_instance_t *inst;
5562 5525 boolean_t isall, isnone, rebound = B_FALSE;
5563 5526
5564 5527 /* Validate fmri */
5565 5528 isall = (strcmp(fmri, "all") == 0);
5566 5529 isnone = (strcmp(fmri, "none") == 0);
5567 5530
5568 5531 if (!isall && !isnone) {
5569 5532 if (fmri_canonify(fmri, (char **)&cfmri, B_FALSE) == EINVAL)
5570 5533 goto reject;
5571 5534
5572 5535 if (strcmp(cfmri, single_user_fmri) != 0 &&
5573 5536 strcmp(cfmri, multi_user_fmri) != 0 &&
5574 5537 strcmp(cfmri, multi_user_svr_fmri) != 0) {
5575 5538 startd_free((void *)cfmri, max_scf_fmri_size);
5576 5539 reject:
5577 5540 log_framework(LOG_WARNING,
5578 5541 "Rejecting request for invalid milestone \"%s\".\n",
5579 5542 fmri);
5580 5543 return (EINVAL);
5581 5544 }
5582 5545 }
5583 5546
5584 5547 inst = safe_scf_instance_create(h);
5585 5548
5586 5549 MUTEX_LOCK(&dgraph_lock);
5587 5550
5588 5551 if (milestone == NULL) {
5589 5552 if (isall) {
5590 5553 log_framework(LOG_DEBUG,
5591 5554 "Milestone already set to all.\n");
5592 5555 ret = EALREADY;
5593 5556 goto out;
5594 5557 }
5595 5558 } else if (milestone == MILESTONE_NONE) {
5596 5559 if (isnone) {
5597 5560 log_framework(LOG_DEBUG,
5598 5561 "Milestone already set to none.\n");
5599 5562 ret = EALREADY;
5600 5563 goto out;
5601 5564 }
5602 5565 } else {
5603 5566 if (!isall && !isnone &&
5604 5567 strcmp(cfmri, milestone->gv_name) == 0) {
5605 5568 log_framework(LOG_DEBUG,
5606 5569 "Milestone already set to %s.\n", cfmri);
5607 5570 ret = EALREADY;
5608 5571 goto out;
5609 5572 }
5610 5573 }
5611 5574
5612 5575 if (!isall && !isnone) {
5613 5576 nm = vertex_get_by_name(cfmri);
5614 5577 if (nm == NULL || !(nm->gv_flags & GV_CONFIGURED)) {
5615 5578 log_framework(LOG_WARNING, "Cannot set milestone to %s "
5616 5579 "because no such service exists.\n", cfmri);
5617 5580 ret = ENOENT;
5618 5581 goto out;
5619 5582 }
5620 5583 }
5621 5584
5622 5585 log_framework(LOG_DEBUG, "Changing milestone to %s.\n", fmri);
5623 5586
5624 5587 /*
5625 5588 * Set milestone, removing the old one if this was the last reference.
5626 5589 */
5627 5590 if (milestone > MILESTONE_NONE)
5628 5591 (void) vertex_unref(milestone);
5629 5592
5630 5593 if (isall)
5631 5594 milestone = NULL;
5632 5595 else if (isnone)
5633 5596 milestone = MILESTONE_NONE;
5634 5597 else {
5635 5598 milestone = nm;
5636 5599 /* milestone should count as a reference */
5637 5600 vertex_ref(milestone);
5638 5601 }
5639 5602
5640 5603 /* Clear all GV_INSUBGRAPH bits. */
5641 5604 for (v = uu_list_first(dgraph); v != NULL; v = uu_list_next(dgraph, v))
5642 5605 v->gv_flags &= ~GV_INSUBGRAPH;
5643 5606
5644 5607 if (!isall && !isnone) {
5645 5608 /* Set GV_INSUBGRAPH for milestone & descendents. */
5646 5609 milestone->gv_flags |= GV_INSUBGRAPH;
5647 5610
5648 5611 r = uu_list_walk(milestone->gv_dependencies,
5649 5612 (uu_walk_fn_t *)mark_subgraph, NULL, 0);
5650 5613 assert(r == 0);
5651 5614 }
5652 5615
5653 5616 /* Un-override services in the subgraph & override-disable the rest. */
5654 5617 if (norepository)
5655 5618 goto out;
5656 5619
5657 5620 non_subgraph_svcs = 0;
5658 5621 for (v = uu_list_first(dgraph);
5659 5622 v != NULL;
5660 5623 v = uu_list_next(dgraph, v)) {
5661 5624 if (v->gv_type != GVT_INST ||
5662 5625 (v->gv_flags & GV_CONFIGURED) == 0)
5663 5626 continue;
5664 5627
5665 5628 again:
5666 5629 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
5667 5630 NULL, NULL, SCF_DECODE_FMRI_EXACT);
5668 5631 if (r != 0) {
5669 5632 switch (scf_error()) {
5670 5633 case SCF_ERROR_CONNECTION_BROKEN:
5671 5634 default:
5672 5635 libscf_handle_rebind(h);
5673 5636 rebound = B_TRUE;
5674 5637 goto again;
5675 5638
5676 5639 case SCF_ERROR_NOT_FOUND:
5677 5640 continue;
5678 5641
5679 5642 case SCF_ERROR_HANDLE_MISMATCH:
5680 5643 case SCF_ERROR_INVALID_ARGUMENT:
5681 5644 case SCF_ERROR_CONSTRAINT_VIOLATED:
5682 5645 case SCF_ERROR_NOT_BOUND:
5683 5646 bad_error("scf_handle_decode_fmri",
5684 5647 scf_error());
5685 5648 }
5686 5649 }
5687 5650
5688 5651 if (isall || (v->gv_flags & GV_INSUBGRAPH)) {
5689 5652 r = libscf_delete_enable_ovr(inst);
5690 5653 fs = "libscf_delete_enable_ovr";
5691 5654 } else {
5692 5655 assert(isnone || (v->gv_flags & GV_INSUBGRAPH) == 0);
5693 5656
5694 5657 /*
5695 5658 * Services which are up need to come down before
5696 5659 * we're done, but we can only disable the leaves
5697 5660 * here.
5698 5661 */
5699 5662
5700 5663 if (up_state(v->gv_state))
5701 5664 ++non_subgraph_svcs;
5702 5665
5703 5666 /* If it's already disabled, don't bother. */
5704 5667 if ((v->gv_flags & GV_ENABLED) == 0)
5705 5668 continue;
5706 5669
5707 5670 if (!is_nonsubgraph_leaf(v))
5708 5671 continue;
5709 5672
5710 5673 r = libscf_set_enable_ovr(inst, 0);
5711 5674 fs = "libscf_set_enable_ovr";
5712 5675 }
5713 5676 switch (r) {
5714 5677 case 0:
5715 5678 case ECANCELED:
5716 5679 break;
5717 5680
5718 5681 case ECONNABORTED:
5719 5682 libscf_handle_rebind(h);
5720 5683 rebound = B_TRUE;
5721 5684 goto again;
5722 5685
5723 5686 case EPERM:
5724 5687 case EROFS:
5725 5688 log_error(LOG_WARNING,
5726 5689 "Could not set %s/%s for %s: %s.\n",
5727 5690 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
5728 5691 v->gv_name, strerror(r));
5729 5692 break;
5730 5693
5731 5694 default:
5732 5695 bad_error(fs, r);
5733 5696 }
5734 5697 }
5735 5698
5736 5699 if (halting != -1) {
5737 5700 if (non_subgraph_svcs > 1)
5738 5701 uu_warn("%d system services are now being stopped.\n",
5739 5702 non_subgraph_svcs);
5740 5703 else if (non_subgraph_svcs == 1)
5741 5704 uu_warn("One system service is now being stopped.\n");
5742 5705 else if (non_subgraph_svcs == 0)
5743 5706 do_uadmin();
5744 5707 }
5745 5708
5746 5709 ret = rebound ? ECONNRESET : 0;
5747 5710
5748 5711 out:
5749 5712 MUTEX_UNLOCK(&dgraph_lock);
5750 5713 if (!isall && !isnone)
5751 5714 startd_free((void *)cfmri, max_scf_fmri_size);
5752 5715 scf_instance_destroy(inst);
5753 5716 return (ret);
5754 5717 }
5755 5718
5756 5719
5757 5720 /*
5758 5721 * Returns 0, ECONNABORTED, or EINVAL.
5759 5722 */
5760 5723 static int
5761 5724 handle_graph_update_event(scf_handle_t *h, graph_protocol_event_t *e)
5762 5725 {
5763 5726 int r;
5764 5727
5765 5728 switch (e->gpe_type) {
5766 5729 case GRAPH_UPDATE_RELOAD_GRAPH:
5767 5730 log_error(LOG_WARNING,
5768 5731 "graph_event: reload graph unimplemented\n");
5769 5732 break;
5770 5733
5771 5734 case GRAPH_UPDATE_STATE_CHANGE: {
5772 5735 protocol_states_t *states = e->gpe_data;
5773 5736
5774 5737 switch (r = dgraph_set_instance_state(h, e->gpe_inst, states)) {
5775 5738 case 0:
5776 5739 case ENOENT:
5777 5740 break;
5778 5741
5779 5742 case ECONNABORTED:
5780 5743 return (ECONNABORTED);
5781 5744
5782 5745 case EINVAL:
5783 5746 default:
5784 5747 #ifndef NDEBUG
5785 5748 (void) fprintf(stderr, "dgraph_set_instance_state() "
5786 5749 "failed with unexpected error %d at %s:%d.\n", r,
5787 5750 __FILE__, __LINE__);
5788 5751 #endif
5789 5752 abort();
5790 5753 }
5791 5754
5792 5755 startd_free(states, sizeof (protocol_states_t));
5793 5756 break;
5794 5757 }
5795 5758
5796 5759 default:
5797 5760 log_error(LOG_WARNING,
5798 5761 "graph_event_loop received an unknown event: %d\n",
5799 5762 e->gpe_type);
5800 5763 break;
5801 5764 }
5802 5765
5803 5766 return (0);
5804 5767 }
5805 5768
5806 5769 /*
5807 5770 * graph_event_thread()
5808 5771 * Wait for state changes from the restarters.
5809 5772 */
5810 5773 /*ARGSUSED*/
5811 5774 void *
5812 5775 graph_event_thread(void *unused)
5813 5776 {
5814 5777 scf_handle_t *h;
5815 5778 int err;
5816 5779
5817 5780 h = libscf_handle_create_bound_loop();
5818 5781
5819 5782 /*CONSTCOND*/
5820 5783 while (1) {
5821 5784 graph_protocol_event_t *e;
5822 5785
5823 5786 MUTEX_LOCK(&gu->gu_lock);
5824 5787
5825 5788 while (gu->gu_wakeup == 0)
5826 5789 (void) pthread_cond_wait(&gu->gu_cv, &gu->gu_lock);
5827 5790
5828 5791 gu->gu_wakeup = 0;
5829 5792
5830 5793 while ((e = graph_event_dequeue()) != NULL) {
5831 5794 MUTEX_LOCK(&e->gpe_lock);
5832 5795 MUTEX_UNLOCK(&gu->gu_lock);
5833 5796
5834 5797 while ((err = handle_graph_update_event(h, e)) ==
5835 5798 ECONNABORTED)
5836 5799 libscf_handle_rebind(h);
5837 5800
5838 5801 if (err == 0)
5839 5802 graph_event_release(e);
5840 5803 else
5841 5804 graph_event_requeue(e);
5842 5805
5843 5806 MUTEX_LOCK(&gu->gu_lock);
5844 5807 }
5845 5808
5846 5809 MUTEX_UNLOCK(&gu->gu_lock);
5847 5810 }
5848 5811
5849 5812 /*
5850 5813 * Unreachable for now -- there's currently no graceful cleanup
5851 5814 * called on exit().
5852 5815 */
5853 5816 MUTEX_UNLOCK(&gu->gu_lock);
5854 5817 scf_handle_destroy(h);
5855 5818 return (NULL);
5856 5819 }
5857 5820
5858 5821 static void
5859 5822 set_initial_milestone(scf_handle_t *h)
5860 5823 {
5861 5824 scf_instance_t *inst;
5862 5825 char *fmri, *cfmri;
5863 5826 size_t sz;
5864 5827 int r;
5865 5828
5866 5829 inst = safe_scf_instance_create(h);
5867 5830 fmri = startd_alloc(max_scf_fmri_size);
5868 5831
5869 5832 /*
5870 5833 * If -m milestone= was specified, we want to set options_ovr/milestone
5871 5834 * to it. Otherwise we want to read what the milestone should be set
5872 5835 * to. Either way we need our inst.
5873 5836 */
5874 5837 get_self:
5875 5838 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
5876 5839 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5877 5840 switch (scf_error()) {
5878 5841 case SCF_ERROR_CONNECTION_BROKEN:
5879 5842 libscf_handle_rebind(h);
5880 5843 goto get_self;
5881 5844
5882 5845 case SCF_ERROR_NOT_FOUND:
5883 5846 if (st->st_subgraph != NULL &&
5884 5847 st->st_subgraph[0] != '\0') {
5885 5848 sz = strlcpy(fmri, st->st_subgraph,
5886 5849 max_scf_fmri_size);
5887 5850 assert(sz < max_scf_fmri_size);
5888 5851 } else {
5889 5852 fmri[0] = '\0';
5890 5853 }
5891 5854 break;
5892 5855
5893 5856 case SCF_ERROR_INVALID_ARGUMENT:
5894 5857 case SCF_ERROR_CONSTRAINT_VIOLATED:
5895 5858 case SCF_ERROR_HANDLE_MISMATCH:
5896 5859 default:
5897 5860 bad_error("scf_handle_decode_fmri", scf_error());
5898 5861 }
5899 5862 } else {
5900 5863 if (st->st_subgraph != NULL && st->st_subgraph[0] != '\0') {
5901 5864 scf_propertygroup_t *pg;
5902 5865
5903 5866 pg = safe_scf_pg_create(h);
5904 5867
5905 5868 sz = strlcpy(fmri, st->st_subgraph, max_scf_fmri_size);
5906 5869 assert(sz < max_scf_fmri_size);
5907 5870
5908 5871 r = libscf_inst_get_or_add_pg(inst, SCF_PG_OPTIONS_OVR,
5909 5872 SCF_PG_OPTIONS_OVR_TYPE, SCF_PG_OPTIONS_OVR_FLAGS,
5910 5873 pg);
5911 5874 switch (r) {
5912 5875 case 0:
5913 5876 break;
5914 5877
5915 5878 case ECONNABORTED:
5916 5879 libscf_handle_rebind(h);
5917 5880 goto get_self;
5918 5881
5919 5882 case EPERM:
5920 5883 case EACCES:
5921 5884 case EROFS:
5922 5885 log_error(LOG_WARNING, "Could not set %s/%s: "
5923 5886 "%s.\n", SCF_PG_OPTIONS_OVR,
5924 5887 SCF_PROPERTY_MILESTONE, strerror(r));
5925 5888 /* FALLTHROUGH */
5926 5889
5927 5890 case ECANCELED:
5928 5891 sz = strlcpy(fmri, st->st_subgraph,
5929 5892 max_scf_fmri_size);
5930 5893 assert(sz < max_scf_fmri_size);
5931 5894 break;
5932 5895
5933 5896 default:
5934 5897 bad_error("libscf_inst_get_or_add_pg", r);
5935 5898 }
5936 5899
5937 5900 r = libscf_clear_runlevel(pg, fmri);
5938 5901 switch (r) {
5939 5902 case 0:
5940 5903 break;
5941 5904
5942 5905 case ECONNABORTED:
5943 5906 libscf_handle_rebind(h);
5944 5907 goto get_self;
5945 5908
5946 5909 case EPERM:
5947 5910 case EACCES:
5948 5911 case EROFS:
5949 5912 log_error(LOG_WARNING, "Could not set %s/%s: "
5950 5913 "%s.\n", SCF_PG_OPTIONS_OVR,
5951 5914 SCF_PROPERTY_MILESTONE, strerror(r));
5952 5915 /* FALLTHROUGH */
5953 5916
5954 5917 case ECANCELED:
5955 5918 sz = strlcpy(fmri, st->st_subgraph,
5956 5919 max_scf_fmri_size);
5957 5920 assert(sz < max_scf_fmri_size);
5958 5921 break;
5959 5922
5960 5923 default:
5961 5924 bad_error("libscf_clear_runlevel", r);
5962 5925 }
5963 5926
5964 5927 scf_pg_destroy(pg);
5965 5928 } else {
5966 5929 scf_property_t *prop;
5967 5930 scf_value_t *val;
5968 5931
5969 5932 prop = safe_scf_property_create(h);
5970 5933 val = safe_scf_value_create(h);
5971 5934
5972 5935 r = libscf_get_milestone(inst, prop, val, fmri,
5973 5936 max_scf_fmri_size);
5974 5937 switch (r) {
5975 5938 case 0:
5976 5939 break;
5977 5940
5978 5941 case ECONNABORTED:
5979 5942 libscf_handle_rebind(h);
5980 5943 goto get_self;
5981 5944
5982 5945 case EINVAL:
5983 5946 log_error(LOG_WARNING, "Milestone property is "
5984 5947 "misconfigured. Defaulting to \"all\".\n");
5985 5948 /* FALLTHROUGH */
5986 5949
5987 5950 case ECANCELED:
5988 5951 case ENOENT:
5989 5952 fmri[0] = '\0';
5990 5953 break;
5991 5954
5992 5955 default:
5993 5956 bad_error("libscf_get_milestone", r);
5994 5957 }
5995 5958
5996 5959 scf_value_destroy(val);
5997 5960 scf_property_destroy(prop);
5998 5961 }
5999 5962 }
6000 5963
6001 5964 if (fmri[0] == '\0' || strcmp(fmri, "all") == 0)
6002 5965 goto out;
6003 5966
6004 5967 if (strcmp(fmri, "none") != 0) {
6005 5968 retry:
6006 5969 if (scf_handle_decode_fmri(h, fmri, NULL, NULL, inst, NULL,
6007 5970 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
6008 5971 switch (scf_error()) {
6009 5972 case SCF_ERROR_INVALID_ARGUMENT:
6010 5973 log_error(LOG_WARNING,
6011 5974 "Requested milestone \"%s\" is invalid. "
6012 5975 "Reverting to \"all\".\n", fmri);
6013 5976 goto out;
6014 5977
6015 5978 case SCF_ERROR_CONSTRAINT_VIOLATED:
6016 5979 log_error(LOG_WARNING, "Requested milestone "
6017 5980 "\"%s\" does not specify an instance. "
6018 5981 "Reverting to \"all\".\n", fmri);
6019 5982 goto out;
6020 5983
6021 5984 case SCF_ERROR_CONNECTION_BROKEN:
6022 5985 libscf_handle_rebind(h);
6023 5986 goto retry;
6024 5987
6025 5988 case SCF_ERROR_NOT_FOUND:
6026 5989 log_error(LOG_WARNING, "Requested milestone "
6027 5990 "\"%s\" not in repository. Reverting to "
6028 5991 "\"all\".\n", fmri);
6029 5992 goto out;
6030 5993
6031 5994 case SCF_ERROR_HANDLE_MISMATCH:
6032 5995 default:
6033 5996 bad_error("scf_handle_decode_fmri",
6034 5997 scf_error());
6035 5998 }
6036 5999 }
6037 6000
6038 6001 r = fmri_canonify(fmri, &cfmri, B_FALSE);
6039 6002 assert(r == 0);
6040 6003
6041 6004 r = dgraph_add_instance(cfmri, inst, B_TRUE);
6042 6005 startd_free(cfmri, max_scf_fmri_size);
6043 6006 switch (r) {
6044 6007 case 0:
6045 6008 break;
6046 6009
6047 6010 case ECONNABORTED:
6048 6011 goto retry;
6049 6012
6050 6013 case EINVAL:
6051 6014 log_error(LOG_WARNING,
6052 6015 "Requested milestone \"%s\" is invalid. "
6053 6016 "Reverting to \"all\".\n", fmri);
6054 6017 goto out;
6055 6018
6056 6019 case ECANCELED:
6057 6020 log_error(LOG_WARNING,
6058 6021 "Requested milestone \"%s\" not "
6059 6022 "in repository. Reverting to \"all\".\n",
6060 6023 fmri);
6061 6024 goto out;
6062 6025
6063 6026 case EEXIST:
6064 6027 default:
6065 6028 bad_error("dgraph_add_instance", r);
6066 6029 }
6067 6030 }
6068 6031
6069 6032 log_console(LOG_INFO, "Booting to milestone \"%s\".\n", fmri);
6070 6033
6071 6034 r = dgraph_set_milestone(fmri, h, B_FALSE);
6072 6035 switch (r) {
6073 6036 case 0:
6074 6037 case ECONNRESET:
6075 6038 case EALREADY:
6076 6039 break;
6077 6040
6078 6041 case EINVAL:
6079 6042 case ENOENT:
6080 6043 default:
6081 6044 bad_error("dgraph_set_milestone", r);
6082 6045 }
6083 6046
6084 6047 out:
6085 6048 startd_free(fmri, max_scf_fmri_size);
6086 6049 scf_instance_destroy(inst);
6087 6050 }
6088 6051
6089 6052 void
6090 6053 set_restart_milestone(scf_handle_t *h)
6091 6054 {
6092 6055 scf_instance_t *inst;
6093 6056 scf_property_t *prop;
6094 6057 scf_value_t *val;
6095 6058 char *fmri;
6096 6059 int r;
6097 6060
6098 6061 inst = safe_scf_instance_create(h);
6099 6062
6100 6063 get_self:
6101 6064 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL,
6102 6065 inst, NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
6103 6066 switch (scf_error()) {
6104 6067 case SCF_ERROR_CONNECTION_BROKEN:
6105 6068 libscf_handle_rebind(h);
6106 6069 goto get_self;
6107 6070
6108 6071 case SCF_ERROR_NOT_FOUND:
6109 6072 break;
6110 6073
6111 6074 case SCF_ERROR_INVALID_ARGUMENT:
6112 6075 case SCF_ERROR_CONSTRAINT_VIOLATED:
6113 6076 case SCF_ERROR_HANDLE_MISMATCH:
6114 6077 default:
6115 6078 bad_error("scf_handle_decode_fmri", scf_error());
6116 6079 }
6117 6080
6118 6081 scf_instance_destroy(inst);
6119 6082 return;
6120 6083 }
6121 6084
6122 6085 prop = safe_scf_property_create(h);
6123 6086 val = safe_scf_value_create(h);
6124 6087 fmri = startd_alloc(max_scf_fmri_size);
6125 6088
6126 6089 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6127 6090 switch (r) {
6128 6091 case 0:
6129 6092 break;
6130 6093
6131 6094 case ECONNABORTED:
6132 6095 libscf_handle_rebind(h);
6133 6096 goto get_self;
6134 6097
6135 6098 case ECANCELED:
6136 6099 case ENOENT:
6137 6100 case EINVAL:
6138 6101 goto out;
6139 6102
6140 6103 default:
6141 6104 bad_error("libscf_get_milestone", r);
6142 6105 }
6143 6106
6144 6107 r = dgraph_set_milestone(fmri, h, B_TRUE);
6145 6108 switch (r) {
6146 6109 case 0:
6147 6110 case ECONNRESET:
6148 6111 case EALREADY:
6149 6112 case EINVAL:
6150 6113 case ENOENT:
6151 6114 break;
6152 6115
6153 6116 default:
6154 6117 bad_error("dgraph_set_milestone", r);
6155 6118 }
6156 6119
6157 6120 out:
6158 6121 startd_free(fmri, max_scf_fmri_size);
6159 6122 scf_value_destroy(val);
6160 6123 scf_property_destroy(prop);
6161 6124 scf_instance_destroy(inst);
6162 6125 }
6163 6126
6164 6127 /*
6165 6128 * void *graph_thread(void *)
6166 6129 *
6167 6130 * Graph management thread.
6168 6131 */
6169 6132 /*ARGSUSED*/
6170 6133 void *
6171 6134 graph_thread(void *arg)
6172 6135 {
6173 6136 scf_handle_t *h;
6174 6137 int err;
6175 6138
6176 6139 h = libscf_handle_create_bound_loop();
6177 6140
6178 6141 if (st->st_initial)
6179 6142 set_initial_milestone(h);
6180 6143
6181 6144 MUTEX_LOCK(&dgraph_lock);
6182 6145 initial_milestone_set = B_TRUE;
6183 6146 err = pthread_cond_broadcast(&initial_milestone_cv);
6184 6147 assert(err == 0);
6185 6148 MUTEX_UNLOCK(&dgraph_lock);
6186 6149
6187 6150 libscf_populate_graph(h);
6188 6151
6189 6152 if (!st->st_initial)
6190 6153 set_restart_milestone(h);
6191 6154
6192 6155 MUTEX_LOCK(&st->st_load_lock);
6193 6156 st->st_load_complete = 1;
6194 6157 (void) pthread_cond_broadcast(&st->st_load_cv);
6195 6158 MUTEX_UNLOCK(&st->st_load_lock);
6196 6159
6197 6160 MUTEX_LOCK(&dgraph_lock);
6198 6161 /*
6199 6162 * Now that we've set st_load_complete we need to check can_come_up()
6200 6163 * since if we booted to a milestone, then there won't be any more
6201 6164 * state updates.
6202 6165 */
6203 6166 if (!go_single_user_mode && !go_to_level1 &&
6204 6167 halting == -1) {
6205 6168 if (!sulogin_thread_running && !can_come_up()) {
6206 6169 (void) startd_thread_create(sulogin_thread, NULL);
6207 6170 sulogin_thread_running = B_TRUE;
6208 6171 }
6209 6172 }
6210 6173 MUTEX_UNLOCK(&dgraph_lock);
6211 6174
6212 6175 (void) pthread_mutex_lock(&gu->gu_freeze_lock);
6213 6176
6214 6177 /*CONSTCOND*/
6215 6178 while (1) {
6216 6179 (void) pthread_cond_wait(&gu->gu_freeze_cv,
6217 6180 &gu->gu_freeze_lock);
6218 6181 }
6219 6182
6220 6183 /*
6221 6184 * Unreachable for now -- there's currently no graceful cleanup
6222 6185 * called on exit().
6223 6186 */
6224 6187 (void) pthread_mutex_unlock(&gu->gu_freeze_lock);
6225 6188 scf_handle_destroy(h);
6226 6189
6227 6190 return (NULL);
6228 6191 }
6229 6192
6230 6193
6231 6194 /*
6232 6195 * int next_action()
6233 6196 * Given an array of timestamps 'a' with 'num' elements, find the
6234 6197 * lowest non-zero timestamp and return its index. If there are no
6235 6198 * non-zero elements, return -1.
6236 6199 */
6237 6200 static int
6238 6201 next_action(hrtime_t *a, int num)
6239 6202 {
6240 6203 hrtime_t t = 0;
6241 6204 int i = 0, smallest = -1;
6242 6205
6243 6206 for (i = 0; i < num; i++) {
6244 6207 if (t == 0) {
6245 6208 t = a[i];
6246 6209 smallest = i;
6247 6210 } else if (a[i] != 0 && a[i] < t) {
6248 6211 t = a[i];
6249 6212 smallest = i;
6250 6213 }
6251 6214 }
6252 6215
6253 6216 if (t == 0)
6254 6217 return (-1);
6255 6218 else
6256 6219 return (smallest);
6257 6220 }
6258 6221
6259 6222 /*
6260 6223 * void process_actions()
6261 6224 * Process actions requested by the administrator. Possibilities include:
6262 6225 * refresh, restart, maintenance mode off, maintenance mode on,
6263 6226 * maintenance mode immediate, and degraded.
6264 6227 *
6265 6228 * The set of pending actions is represented in the repository as a
6266 6229 * per-instance property group, with each action being a single property
6267 6230 * in that group. This property group is converted to an array, with each
6268 6231 * action type having an array slot. The actions in the array at the
6269 6232 * time process_actions() is called are acted on in the order of the
6270 6233 * timestamp (which is the value stored in the slot). A value of zero
6271 6234 * indicates that there is no pending action of the type associated with
6272 6235 * a particular slot.
6273 6236 *
6274 6237 * Sending an action event multiple times before the restarter has a
6275 6238 * chance to process that action will force it to be run at the last
6276 6239 * timestamp where it appears in the ordering.
6277 6240 *
6278 6241 * Turning maintenance mode on trumps all other actions.
6279 6242 *
6280 6243 * Returns 0 or ECONNABORTED.
6281 6244 */
6282 6245 static int
6283 6246 process_actions(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst)
6284 6247 {
6285 6248 scf_property_t *prop = NULL;
6286 6249 scf_value_t *val = NULL;
6287 6250 scf_type_t type;
6288 6251 graph_vertex_t *vertex;
6289 6252 admin_action_t a;
6290 6253 int i, ret = 0, r;
6291 6254 hrtime_t action_ts[NACTIONS];
6292 6255 char *inst_name;
6293 6256
6294 6257 r = libscf_instance_get_fmri(inst, &inst_name);
6295 6258 switch (r) {
6296 6259 case 0:
6297 6260 break;
6298 6261
6299 6262 case ECONNABORTED:
6300 6263 return (ECONNABORTED);
6301 6264
6302 6265 case ECANCELED:
6303 6266 return (0);
6304 6267
6305 6268 default:
6306 6269 bad_error("libscf_instance_get_fmri", r);
6307 6270 }
6308 6271
6309 6272 MUTEX_LOCK(&dgraph_lock);
6310 6273
6311 6274 vertex = vertex_get_by_name(inst_name);
6312 6275 if (vertex == NULL) {
6313 6276 MUTEX_UNLOCK(&dgraph_lock);
6314 6277 log_framework(LOG_DEBUG, "%s: Can't find graph vertex. "
6315 6278 "The instance must have been removed.\n", inst_name);
6316 6279 startd_free(inst_name, max_scf_fmri_size);
6317 6280 return (0);
6318 6281 }
6319 6282
6320 6283 prop = safe_scf_property_create(h);
6321 6284 val = safe_scf_value_create(h);
6322 6285
6323 6286 for (i = 0; i < NACTIONS; i++) {
6324 6287 if (scf_pg_get_property(pg, admin_actions[i], prop) != 0) {
6325 6288 switch (scf_error()) {
6326 6289 case SCF_ERROR_CONNECTION_BROKEN:
6327 6290 default:
6328 6291 ret = ECONNABORTED;
6329 6292 goto out;
6330 6293
6331 6294 case SCF_ERROR_DELETED:
6332 6295 goto out;
6333 6296
6334 6297 case SCF_ERROR_NOT_FOUND:
6335 6298 action_ts[i] = 0;
6336 6299 continue;
6337 6300
6338 6301 case SCF_ERROR_HANDLE_MISMATCH:
6339 6302 case SCF_ERROR_INVALID_ARGUMENT:
6340 6303 case SCF_ERROR_NOT_SET:
6341 6304 bad_error("scf_pg_get_property", scf_error());
6342 6305 }
6343 6306 }
6344 6307
6345 6308 if (scf_property_type(prop, &type) != 0) {
6346 6309 switch (scf_error()) {
6347 6310 case SCF_ERROR_CONNECTION_BROKEN:
6348 6311 default:
6349 6312 ret = ECONNABORTED;
6350 6313 goto out;
6351 6314
6352 6315 case SCF_ERROR_DELETED:
6353 6316 action_ts[i] = 0;
6354 6317 continue;
6355 6318
6356 6319 case SCF_ERROR_NOT_SET:
6357 6320 bad_error("scf_property_type", scf_error());
6358 6321 }
6359 6322 }
6360 6323
6361 6324 if (type != SCF_TYPE_INTEGER) {
6362 6325 action_ts[i] = 0;
6363 6326 continue;
6364 6327 }
6365 6328
6366 6329 if (scf_property_get_value(prop, val) != 0) {
6367 6330 switch (scf_error()) {
6368 6331 case SCF_ERROR_CONNECTION_BROKEN:
6369 6332 default:
6370 6333 ret = ECONNABORTED;
6371 6334 goto out;
6372 6335
6373 6336 case SCF_ERROR_DELETED:
6374 6337 goto out;
6375 6338
6376 6339 case SCF_ERROR_NOT_FOUND:
6377 6340 case SCF_ERROR_CONSTRAINT_VIOLATED:
6378 6341 action_ts[i] = 0;
6379 6342 continue;
6380 6343
6381 6344 case SCF_ERROR_NOT_SET:
6382 6345 case SCF_ERROR_PERMISSION_DENIED:
6383 6346 bad_error("scf_property_get_value",
6384 6347 scf_error());
6385 6348 }
6386 6349 }
6387 6350
6388 6351 r = scf_value_get_integer(val, &action_ts[i]);
6389 6352 assert(r == 0);
6390 6353 }
6391 6354
6392 6355 a = ADMIN_EVENT_MAINT_ON_IMMEDIATE;
6393 6356 if (action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ||
6394 6357 action_ts[ADMIN_EVENT_MAINT_ON]) {
6395 6358 a = action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ?
6396 6359 ADMIN_EVENT_MAINT_ON_IMMEDIATE : ADMIN_EVENT_MAINT_ON;
6397 6360
6398 6361 vertex_send_event(vertex, admin_events[a]);
6399 6362 r = libscf_unset_action(h, pg, a, action_ts[a]);
6400 6363 switch (r) {
6401 6364 case 0:
6402 6365 case EACCES:
6403 6366 break;
6404 6367
6405 6368 case ECONNABORTED:
6406 6369 ret = ECONNABORTED;
6407 6370 goto out;
6408 6371
6409 6372 case EPERM:
6410 6373 uu_die("Insufficient privilege.\n");
6411 6374 /* NOTREACHED */
6412 6375
6413 6376 default:
6414 6377 bad_error("libscf_unset_action", r);
6415 6378 }
6416 6379 }
6417 6380
6418 6381 while ((a = next_action(action_ts, NACTIONS)) != -1) {
6419 6382 log_framework(LOG_DEBUG,
6420 6383 "Graph: processing %s action for %s.\n", admin_actions[a],
6421 6384 inst_name);
6422 6385
6423 6386 if (a == ADMIN_EVENT_REFRESH) {
6424 6387 r = dgraph_refresh_instance(vertex, inst);
6425 6388 switch (r) {
6426 6389 case 0:
6427 6390 case ECANCELED:
6428 6391 case EINVAL:
6429 6392 case -1:
6430 6393 break;
6431 6394
6432 6395 case ECONNABORTED:
6433 6396 /* pg & inst are reset now, so just return. */
6434 6397 ret = ECONNABORTED;
6435 6398 goto out;
6436 6399
6437 6400 default:
6438 6401 bad_error("dgraph_refresh_instance", r);
6439 6402 }
6440 6403 }
6441 6404
6442 6405 vertex_send_event(vertex, admin_events[a]);
6443 6406
6444 6407 r = libscf_unset_action(h, pg, a, action_ts[a]);
6445 6408 switch (r) {
6446 6409 case 0:
6447 6410 case EACCES:
6448 6411 break;
6449 6412
6450 6413 case ECONNABORTED:
6451 6414 ret = ECONNABORTED;
6452 6415 goto out;
6453 6416
6454 6417 case EPERM:
6455 6418 uu_die("Insufficient privilege.\n");
6456 6419 /* NOTREACHED */
6457 6420
6458 6421 default:
6459 6422 bad_error("libscf_unset_action", r);
6460 6423 }
6461 6424
6462 6425 action_ts[a] = 0;
6463 6426 }
6464 6427
6465 6428 out:
6466 6429 MUTEX_UNLOCK(&dgraph_lock);
6467 6430
6468 6431 scf_property_destroy(prop);
6469 6432 scf_value_destroy(val);
6470 6433 startd_free(inst_name, max_scf_fmri_size);
6471 6434 return (ret);
6472 6435 }
6473 6436
6474 6437 /*
6475 6438 * inst and pg_name are scratch space, and are unset on entry.
6476 6439 * Returns
6477 6440 * 0 - success
6478 6441 * ECONNRESET - success, but repository handle rebound
6479 6442 * ECONNABORTED - repository connection broken
6480 6443 */
6481 6444 static int
6482 6445 process_pg_event(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst,
6483 6446 char *pg_name)
6484 6447 {
6485 6448 int r;
6486 6449 scf_property_t *prop;
6487 6450 scf_value_t *val;
6488 6451 char *fmri;
6489 6452 boolean_t rebound = B_FALSE, rebind_inst = B_FALSE;
6490 6453
6491 6454 if (scf_pg_get_name(pg, pg_name, max_scf_value_size) < 0) {
6492 6455 switch (scf_error()) {
6493 6456 case SCF_ERROR_CONNECTION_BROKEN:
6494 6457 default:
6495 6458 return (ECONNABORTED);
6496 6459
6497 6460 case SCF_ERROR_DELETED:
6498 6461 return (0);
6499 6462
6500 6463 case SCF_ERROR_NOT_SET:
6501 6464 bad_error("scf_pg_get_name", scf_error());
6502 6465 }
6503 6466 }
6504 6467
6505 6468 if (strcmp(pg_name, SCF_PG_GENERAL) == 0 ||
6506 6469 strcmp(pg_name, SCF_PG_GENERAL_OVR) == 0) {
6507 6470 r = dgraph_update_general(pg);
6508 6471 switch (r) {
6509 6472 case 0:
6510 6473 case ENOTSUP:
6511 6474 case ECANCELED:
6512 6475 return (0);
6513 6476
6514 6477 case ECONNABORTED:
6515 6478 return (ECONNABORTED);
6516 6479
6517 6480 case -1:
6518 6481 /* Error should have been logged. */
6519 6482 return (0);
6520 6483
6521 6484 default:
6522 6485 bad_error("dgraph_update_general", r);
6523 6486 }
6524 6487 } else if (strcmp(pg_name, SCF_PG_RESTARTER_ACTIONS) == 0) {
6525 6488 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6526 6489 switch (scf_error()) {
6527 6490 case SCF_ERROR_CONNECTION_BROKEN:
6528 6491 return (ECONNABORTED);
6529 6492
6530 6493 case SCF_ERROR_DELETED:
6531 6494 case SCF_ERROR_CONSTRAINT_VIOLATED:
6532 6495 /* Ignore commands on services. */
6533 6496 return (0);
6534 6497
6535 6498 case SCF_ERROR_NOT_BOUND:
6536 6499 case SCF_ERROR_HANDLE_MISMATCH:
6537 6500 case SCF_ERROR_NOT_SET:
6538 6501 default:
6539 6502 bad_error("scf_pg_get_parent_instance",
6540 6503 scf_error());
6541 6504 }
6542 6505 }
6543 6506
6544 6507 return (process_actions(h, pg, inst));
6545 6508 }
6546 6509
6547 6510 if (strcmp(pg_name, SCF_PG_OPTIONS) != 0 &&
6548 6511 strcmp(pg_name, SCF_PG_OPTIONS_OVR) != 0)
6549 6512 return (0);
6550 6513
6551 6514 /*
6552 6515 * We only care about the options[_ovr] property groups of our own
6553 6516 * instance, so get the fmri and compare. Plus, once we know it's
6554 6517 * correct, if the repository connection is broken we know exactly what
6555 6518 * property group we were operating on, and can look it up again.
6556 6519 */
6557 6520 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6558 6521 switch (scf_error()) {
6559 6522 case SCF_ERROR_CONNECTION_BROKEN:
6560 6523 return (ECONNABORTED);
6561 6524
6562 6525 case SCF_ERROR_DELETED:
6563 6526 case SCF_ERROR_CONSTRAINT_VIOLATED:
6564 6527 return (0);
6565 6528
6566 6529 case SCF_ERROR_HANDLE_MISMATCH:
6567 6530 case SCF_ERROR_NOT_BOUND:
6568 6531 case SCF_ERROR_NOT_SET:
6569 6532 default:
6570 6533 bad_error("scf_pg_get_parent_instance",
6571 6534 scf_error());
6572 6535 }
6573 6536 }
6574 6537
6575 6538 switch (r = libscf_instance_get_fmri(inst, &fmri)) {
6576 6539 case 0:
6577 6540 break;
6578 6541
6579 6542 case ECONNABORTED:
6580 6543 return (ECONNABORTED);
6581 6544
6582 6545 case ECANCELED:
6583 6546 return (0);
6584 6547
6585 6548 default:
6586 6549 bad_error("libscf_instance_get_fmri", r);
6587 6550 }
6588 6551
6589 6552 if (strcmp(fmri, SCF_SERVICE_STARTD) != 0) {
6590 6553 startd_free(fmri, max_scf_fmri_size);
6591 6554 return (0);
6592 6555 }
6593 6556
6594 6557 /*
6595 6558 * update the information events flag
6596 6559 */
6597 6560 if (strcmp(pg_name, SCF_PG_OPTIONS) == 0)
6598 6561 info_events_all = libscf_get_info_events_all(pg);
6599 6562
6600 6563 prop = safe_scf_property_create(h);
6601 6564 val = safe_scf_value_create(h);
6602 6565
6603 6566 if (strcmp(pg_name, SCF_PG_OPTIONS_OVR) == 0) {
6604 6567 /* See if we need to set the runlevel. */
6605 6568 /* CONSTCOND */
6606 6569 if (0) {
6607 6570 rebind_pg:
6608 6571 libscf_handle_rebind(h);
6609 6572 rebound = B_TRUE;
6610 6573
6611 6574 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6612 6575 switch (r) {
6613 6576 case 0:
6614 6577 break;
6615 6578
6616 6579 case ECONNABORTED:
6617 6580 goto rebind_pg;
6618 6581
6619 6582 case ENOENT:
6620 6583 goto out;
6621 6584
6622 6585 case EINVAL:
6623 6586 case ENOTSUP:
6624 6587 bad_error("libscf_lookup_instance", r);
6625 6588 }
6626 6589
6627 6590 if (scf_instance_get_pg(inst, pg_name, pg) != 0) {
6628 6591 switch (scf_error()) {
6629 6592 case SCF_ERROR_DELETED:
6630 6593 case SCF_ERROR_NOT_FOUND:
6631 6594 goto out;
6632 6595
6633 6596 case SCF_ERROR_CONNECTION_BROKEN:
6634 6597 goto rebind_pg;
6635 6598
6636 6599 case SCF_ERROR_HANDLE_MISMATCH:
6637 6600 case SCF_ERROR_NOT_BOUND:
6638 6601 case SCF_ERROR_NOT_SET:
6639 6602 case SCF_ERROR_INVALID_ARGUMENT:
6640 6603 default:
6641 6604 bad_error("scf_instance_get_pg",
6642 6605 scf_error());
6643 6606 }
6644 6607 }
6645 6608 }
6646 6609
6647 6610 if (scf_pg_get_property(pg, "runlevel", prop) == 0) {
6648 6611 r = dgraph_set_runlevel(pg, prop);
6649 6612 switch (r) {
6650 6613 case ECONNRESET:
6651 6614 rebound = B_TRUE;
6652 6615 rebind_inst = B_TRUE;
6653 6616 /* FALLTHROUGH */
6654 6617
6655 6618 case 0:
6656 6619 break;
6657 6620
6658 6621 case ECONNABORTED:
6659 6622 goto rebind_pg;
6660 6623
6661 6624 case ECANCELED:
6662 6625 goto out;
6663 6626
6664 6627 default:
6665 6628 bad_error("dgraph_set_runlevel", r);
6666 6629 }
6667 6630 } else {
6668 6631 switch (scf_error()) {
6669 6632 case SCF_ERROR_CONNECTION_BROKEN:
6670 6633 default:
6671 6634 goto rebind_pg;
6672 6635
6673 6636 case SCF_ERROR_DELETED:
6674 6637 goto out;
6675 6638
6676 6639 case SCF_ERROR_NOT_FOUND:
6677 6640 break;
6678 6641
6679 6642 case SCF_ERROR_INVALID_ARGUMENT:
6680 6643 case SCF_ERROR_HANDLE_MISMATCH:
6681 6644 case SCF_ERROR_NOT_BOUND:
6682 6645 case SCF_ERROR_NOT_SET:
6683 6646 bad_error("scf_pg_get_property", scf_error());
6684 6647 }
6685 6648 }
6686 6649 }
6687 6650
6688 6651 if (rebind_inst) {
6689 6652 lookup_inst:
6690 6653 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6691 6654 switch (r) {
6692 6655 case 0:
6693 6656 break;
6694 6657
6695 6658 case ECONNABORTED:
6696 6659 libscf_handle_rebind(h);
6697 6660 rebound = B_TRUE;
6698 6661 goto lookup_inst;
6699 6662
6700 6663 case ENOENT:
6701 6664 goto out;
6702 6665
6703 6666 case EINVAL:
6704 6667 case ENOTSUP:
6705 6668 bad_error("libscf_lookup_instance", r);
6706 6669 }
6707 6670 }
6708 6671
6709 6672 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6710 6673 switch (r) {
6711 6674 case 0:
6712 6675 break;
6713 6676
6714 6677 case ECONNABORTED:
6715 6678 libscf_handle_rebind(h);
6716 6679 rebound = B_TRUE;
6717 6680 goto lookup_inst;
6718 6681
6719 6682 case EINVAL:
6720 6683 log_error(LOG_NOTICE,
6721 6684 "%s/%s property of %s is misconfigured.\n", pg_name,
6722 6685 SCF_PROPERTY_MILESTONE, SCF_SERVICE_STARTD);
6723 6686 /* FALLTHROUGH */
6724 6687
6725 6688 case ECANCELED:
6726 6689 case ENOENT:
6727 6690 (void) strcpy(fmri, "all");
6728 6691 break;
6729 6692
6730 6693 default:
6731 6694 bad_error("libscf_get_milestone", r);
6732 6695 }
6733 6696
6734 6697 r = dgraph_set_milestone(fmri, h, B_FALSE);
6735 6698 switch (r) {
6736 6699 case 0:
6737 6700 case ECONNRESET:
6738 6701 case EALREADY:
6739 6702 break;
6740 6703
6741 6704 case EINVAL:
6742 6705 log_error(LOG_WARNING, "Milestone %s is invalid.\n", fmri);
6743 6706 break;
6744 6707
6745 6708 case ENOENT:
6746 6709 log_error(LOG_WARNING, "Milestone %s does not exist.\n", fmri);
6747 6710 break;
6748 6711
6749 6712 default:
6750 6713 bad_error("dgraph_set_milestone", r);
6751 6714 }
6752 6715
6753 6716 out:
6754 6717 startd_free(fmri, max_scf_fmri_size);
6755 6718 scf_value_destroy(val);
6756 6719 scf_property_destroy(prop);
6757 6720
6758 6721 return (rebound ? ECONNRESET : 0);
6759 6722 }
6760 6723
6761 6724 /*
6762 6725 * process_delete() deletes an instance from the dgraph if 'fmri' is an
6763 6726 * instance fmri or if 'fmri' matches the 'general' property group of an
6764 6727 * instance (or the 'general/enabled' property).
6765 6728 *
6766 6729 * 'fmri' may be overwritten and cannot be trusted on return by the caller.
6767 6730 */
6768 6731 static void
6769 6732 process_delete(char *fmri, scf_handle_t *h)
6770 6733 {
6771 6734 char *lfmri, *end_inst_fmri;
6772 6735 const char *inst_name = NULL;
6773 6736 const char *pg_name = NULL;
6774 6737 const char *prop_name = NULL;
6775 6738
6776 6739 lfmri = safe_strdup(fmri);
6777 6740
6778 6741 /* Determine if the FMRI is a property group or instance */
6779 6742 if (scf_parse_svc_fmri(lfmri, NULL, NULL, &inst_name, &pg_name,
6780 6743 &prop_name) != SCF_SUCCESS) {
6781 6744 log_error(LOG_WARNING,
6782 6745 "Received invalid FMRI \"%s\" from repository server.\n",
6783 6746 fmri);
6784 6747 } else if (inst_name != NULL && pg_name == NULL) {
6785 6748 (void) dgraph_remove_instance(fmri, h);
6786 6749 } else if (inst_name != NULL && pg_name != NULL) {
6787 6750 /*
6788 6751 * If we're deleting the 'general' property group or
6789 6752 * 'general/enabled' property then the whole instance
6790 6753 * must be removed from the dgraph.
6791 6754 */
6792 6755 if (strcmp(pg_name, SCF_PG_GENERAL) != 0) {
6793 6756 free(lfmri);
6794 6757 return;
6795 6758 }
6796 6759
6797 6760 if (prop_name != NULL &&
6798 6761 strcmp(prop_name, SCF_PROPERTY_ENABLED) != 0) {
6799 6762 free(lfmri);
6800 6763 return;
6801 6764 }
6802 6765
6803 6766 /*
6804 6767 * Because the instance has already been deleted from the
6805 6768 * repository, we cannot use any scf_ functions to retrieve
6806 6769 * the instance FMRI however we can easily reconstruct it
6807 6770 * manually.
6808 6771 */
6809 6772 end_inst_fmri = strstr(fmri, SCF_FMRI_PROPERTYGRP_PREFIX);
6810 6773 if (end_inst_fmri == NULL)
6811 6774 bad_error("process_delete", 0);
6812 6775
6813 6776 end_inst_fmri[0] = '\0';
6814 6777
6815 6778 (void) dgraph_remove_instance(fmri, h);
6816 6779 }
6817 6780
6818 6781 free(lfmri);
6819 6782 }
6820 6783
6821 6784 /*ARGSUSED*/
6822 6785 void *
6823 6786 repository_event_thread(void *unused)
6824 6787 {
6825 6788 scf_handle_t *h;
6826 6789 scf_propertygroup_t *pg;
6827 6790 scf_instance_t *inst;
6828 6791 char *fmri = startd_alloc(max_scf_fmri_size);
6829 6792 char *pg_name = startd_alloc(max_scf_value_size);
6830 6793 int r;
6831 6794
6832 6795 h = libscf_handle_create_bound_loop();
6833 6796
6834 6797 pg = safe_scf_pg_create(h);
6835 6798 inst = safe_scf_instance_create(h);
6836 6799
6837 6800 retry:
6838 6801 if (_scf_notify_add_pgtype(h, SCF_GROUP_FRAMEWORK) != SCF_SUCCESS) {
6839 6802 if (scf_error() == SCF_ERROR_CONNECTION_BROKEN) {
6840 6803 libscf_handle_rebind(h);
6841 6804 } else {
6842 6805 log_error(LOG_WARNING,
6843 6806 "Couldn't set up repository notification "
6844 6807 "for property group type %s: %s\n",
6845 6808 SCF_GROUP_FRAMEWORK, scf_strerror(scf_error()));
6846 6809
6847 6810 (void) sleep(1);
6848 6811 }
6849 6812
6850 6813 goto retry;
6851 6814 }
6852 6815
6853 6816 /*CONSTCOND*/
6854 6817 while (1) {
6855 6818 ssize_t res;
6856 6819
6857 6820 /* Note: fmri is only set on delete events. */
6858 6821 res = _scf_notify_wait(pg, fmri, max_scf_fmri_size);
6859 6822 if (res < 0) {
6860 6823 libscf_handle_rebind(h);
6861 6824 goto retry;
6862 6825 } else if (res == 0) {
6863 6826 /*
6864 6827 * property group modified. inst and pg_name are
6865 6828 * pre-allocated scratch space.
6866 6829 */
6867 6830 if (scf_pg_update(pg) < 0) {
6868 6831 switch (scf_error()) {
6869 6832 case SCF_ERROR_DELETED:
6870 6833 continue;
6871 6834
6872 6835 case SCF_ERROR_CONNECTION_BROKEN:
6873 6836 log_error(LOG_WARNING,
6874 6837 "Lost repository event due to "
6875 6838 "disconnection.\n");
6876 6839 libscf_handle_rebind(h);
6877 6840 goto retry;
6878 6841
6879 6842 case SCF_ERROR_NOT_BOUND:
6880 6843 case SCF_ERROR_NOT_SET:
6881 6844 default:
6882 6845 bad_error("scf_pg_update", scf_error());
6883 6846 }
6884 6847 }
6885 6848
6886 6849 r = process_pg_event(h, pg, inst, pg_name);
6887 6850 switch (r) {
6888 6851 case 0:
6889 6852 break;
6890 6853
6891 6854 case ECONNABORTED:
6892 6855 log_error(LOG_WARNING, "Lost repository event "
6893 6856 "due to disconnection.\n");
6894 6857 libscf_handle_rebind(h);
6895 6858 /* FALLTHROUGH */
6896 6859
6897 6860 case ECONNRESET:
6898 6861 goto retry;
6899 6862
6900 6863 default:
6901 6864 bad_error("process_pg_event", r);
6902 6865 }
6903 6866 } else {
6904 6867 /*
6905 6868 * Service, instance, or pg deleted.
6906 6869 * Don't trust fmri on return.
6907 6870 */
6908 6871 process_delete(fmri, h);
6909 6872 }
6910 6873 }
6911 6874
6912 6875 /*NOTREACHED*/
6913 6876 return (NULL);
6914 6877 }
6915 6878
6916 6879 void
6917 6880 graph_engine_start()
6918 6881 {
6919 6882 int err;
6920 6883
6921 6884 (void) startd_thread_create(graph_thread, NULL);
6922 6885
6923 6886 MUTEX_LOCK(&dgraph_lock);
6924 6887 while (!initial_milestone_set) {
6925 6888 err = pthread_cond_wait(&initial_milestone_cv, &dgraph_lock);
6926 6889 assert(err == 0);
6927 6890 }
6928 6891 MUTEX_UNLOCK(&dgraph_lock);
6929 6892
6930 6893 (void) startd_thread_create(repository_event_thread, NULL);
6931 6894 (void) startd_thread_create(graph_event_thread, NULL);
6932 6895 }
|
↓ open down ↓ |
1457 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX