1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2017 Joyent, Inc.
25 */
26
27 /*
28 * modctl system call for loadable module support.
29 */
30
31 #include <sys/param.h>
32 #include <sys/user.h>
33 #include <sys/systm.h>
34 #include <sys/exec.h>
35 #include <sys/file.h>
36 #include <sys/stat.h>
37 #include <sys/conf.h>
38 #include <sys/time.h>
39 #include <sys/reboot.h>
40 #include <sys/fs/ufs_fsdir.h>
41 #include <sys/kmem.h>
42 #include <sys/sysconf.h>
43 #include <sys/cmn_err.h>
44 #include <sys/ddi.h>
45 #include <sys/sunddi.h>
46 #include <sys/sunndi.h>
47 #include <sys/ndi_impldefs.h>
48 #include <sys/ddi_impldefs.h>
49 #include <sys/ddi_implfuncs.h>
50 #include <sys/bootconf.h>
51 #include <sys/dc_ki.h>
52 #include <sys/cladm.h>
53 #include <sys/dtrace.h>
54 #include <sys/kdi.h>
55
56 #include <sys/devpolicy.h>
57 #include <sys/modctl.h>
58 #include <sys/kobj.h>
59 #include <sys/devops.h>
60 #include <sys/autoconf.h>
61 #include <sys/hwconf.h>
62 #include <sys/callb.h>
63 #include <sys/debug.h>
64 #include <sys/cpuvar.h>
65 #include <sys/sysmacros.h>
66 #include <sys/sysevent.h>
67 #include <sys/sysevent_impl.h>
68 #include <sys/instance.h>
69 #include <sys/modhash.h>
70 #include <sys/modhash_impl.h>
71 #include <sys/dacf_impl.h>
72 #include <sys/vfs.h>
73 #include <sys/pathname.h>
74 #include <sys/console.h>
75 #include <sys/policy.h>
76 #include <ipp/ipp_impl.h>
77 #include <sys/fs/dv_node.h>
78 #include <sys/strsubr.h>
79 #include <sys/fs/sdev_impl.h>
80
81 static int mod_circdep(struct modctl *);
82 static int modinfo(modid_t, struct modinfo *);
83
84 static void mod_uninstall_all(void);
85 static int mod_getinfo(struct modctl *, struct modinfo *);
86 static struct modctl *allocate_modp(const char *, const char *);
87
88 static int mod_load(struct modctl *, int);
89 static void mod_unload(struct modctl *);
90 static int modinstall(struct modctl *);
91 static int moduninstall(struct modctl *);
92
93 static struct modctl *mod_hold_by_name_common(struct modctl *, const char *);
94 static struct modctl *mod_hold_next_by_id(modid_t);
95 static struct modctl *mod_hold_loaded_mod(struct modctl *, char *, int *);
96 static struct modctl *mod_hold_installed_mod(char *, int, int, int *);
97
98 static void mod_release(struct modctl *);
99 static void mod_make_requisite(struct modctl *, struct modctl *);
100 static int mod_install_requisites(struct modctl *);
101 static void check_esc_sequences(char *, char *);
102 static struct modctl *mod_hold_by_name_requisite(struct modctl *, char *);
103
104 /*
105 * module loading thread control structure. Calls to kobj_load_module()() are
106 * handled off to a separate thead using this structure.
107 */
108 struct loadmt {
109 ksema_t sema;
110 struct modctl *mp;
111 int usepath;
112 kthread_t *owner;
113 int retval;
114 };
115
116 static void modload_thread(struct loadmt *);
117
118 kcondvar_t mod_cv;
119 kcondvar_t mod_uninstall_cv; /* Communication between swapper */
120 /* and the uninstall daemon. */
121 kmutex_t mod_lock; /* protects &modules insert linkage, */
122 /* mod_busy, mod_want, and mod_ref. */
123 /* blocking operations while holding */
124 /* mod_lock should be avoided */
125 kmutex_t mod_uninstall_lock; /* protects mod_uninstall_cv */
126 kthread_id_t mod_aul_thread;
127
128 int modunload_wait;
129 kmutex_t modunload_wait_mutex;
130 kcondvar_t modunload_wait_cv;
131 int modunload_active_count;
132 int modunload_disable_count;
133
134 int isminiroot; /* set if running as miniroot */
135 int modrootloaded; /* set after root driver and fs are loaded */
136 int moddebug = 0x0; /* debug flags for module writers */
137 int swaploaded; /* set after swap driver and fs are loaded */
138 int bop_io_quiesced = 0; /* set when BOP I/O can no longer be used */
139 int last_module_id;
140 clock_t mod_uninstall_interval = 0;
141 int mod_uninstall_pass_max = 6;
142 int mod_uninstall_ref_zero; /* # modules that went mod_ref == 0 */
143 int mod_uninstall_pass_exc; /* mod_uninstall_all left new stuff */
144
145 int ddi_modclose_unload = 1; /* 0 -> just decrement reference */
146
147 int devcnt_incr = 256; /* allow for additional drivers */
148 int devcnt_min = 512; /* and always at least this number */
149
150 struct devnames *devnamesp;
151 struct devnames orphanlist;
152
153 krwlock_t devinfo_tree_lock; /* obsolete, to be removed */
154
155 #define MAJBINDFILE "/etc/name_to_major"
156 #define SYSBINDFILE "/etc/name_to_sysnum"
157
158 static char majbind[] = MAJBINDFILE;
159 static char sysbind[] = SYSBINDFILE;
160 static uint_t mod_autounload_key; /* for module autounload detection */
161
162 extern int obpdebug;
163
164 #define DEBUGGER_PRESENT ((boothowto & RB_DEBUG) || (obpdebug != 0))
165
166 static int minorperm_loaded = 0;
167
168 void
169 mod_setup(void)
170 {
171 struct sysent *callp;
172 int callnum, exectype;
173 int num_devs;
174 int i;
175
176 /*
177 * Initialize the list of loaded driver dev_ops.
178 * XXX - This must be done before reading the system file so that
179 * forceloads of drivers will work.
180 */
181 num_devs = read_binding_file(majbind, mb_hashtab, make_mbind);
182 /*
183 * Since read_binding_file is common code, it doesn't enforce that all
184 * of the binding file entries have major numbers <= MAXMAJ32. Thus,
185 * ensure that we don't allocate some massive amount of space due to a
186 * bad entry. We can't have major numbers bigger than MAXMAJ32
187 * until file system support for larger major numbers exists.
188 */
189
190 /*
191 * Leave space for expansion, but not more than L_MAXMAJ32
192 */
193 devcnt = MIN(num_devs + devcnt_incr, L_MAXMAJ32);
194 devcnt = MAX(devcnt, devcnt_min);
195 devopsp = kmem_alloc(devcnt * sizeof (struct dev_ops *), KM_SLEEP);
196 for (i = 0; i < devcnt; i++)
197 devopsp[i] = &mod_nodev_ops;
198
199 init_devnamesp(devcnt);
200
201 /*
202 * Sync up with the work that the stand-alone linker has already done.
203 */
204 (void) kobj_sync();
205
206 if (boothowto & RB_DEBUG)
207 kdi_dvec_modavail();
208
209 make_aliases(mb_hashtab);
210
211 /*
212 * Initialize streams device implementation structures.
213 */
214 devimpl = kmem_zalloc(devcnt * sizeof (cdevsw_impl_t), KM_SLEEP);
215
216 /*
217 * If the cl_bootstrap module is present,
218 * we should be configured as a cluster. Loading this module
219 * will set "cluster_bootflags" to non-zero.
220 */
221 (void) modload("misc", "cl_bootstrap");
222
223 (void) read_binding_file(sysbind, sb_hashtab, make_mbind);
224 init_syscallnames(NSYSCALL);
225
226 /*
227 * Start up dynamic autoconfiguration framework (dacf).
228 */
229 mod_hash_init();
230 dacf_init();
231
232 /*
233 * Start up IP policy framework (ipp).
234 */
235 ipp_init();
236
237 /*
238 * Allocate loadable native system call locks.
239 */
240 for (callnum = 0, callp = sysent; callnum < NSYSCALL;
241 callnum++, callp++) {
242 if (LOADABLE_SYSCALL(callp)) {
243 if (mod_getsysname(callnum) != NULL) {
244 callp->sy_lock =
245 kobj_zalloc(sizeof (krwlock_t), KM_SLEEP);
246 rw_init(callp->sy_lock, NULL, RW_DEFAULT, NULL);
247 } else {
248 callp->sy_flags &= ~SE_LOADABLE;
249 callp->sy_callc = nosys;
250 }
251 #ifdef DEBUG
252 } else {
253 /*
254 * Do some sanity checks on the sysent table
255 */
256 switch (callp->sy_flags & SE_RVAL_MASK) {
257 case SE_32RVAL1:
258 /* only r_val1 returned */
259 case SE_32RVAL1 | SE_32RVAL2:
260 /* r_val1 and r_val2 returned */
261 case SE_64RVAL:
262 /* 64-bit rval returned */
263 break;
264 default:
265 cmn_err(CE_WARN, "sysent[%d]: bad flags %x",
266 callnum, callp->sy_flags);
267 }
268 #endif
269 }
270 }
271
272 #ifdef _SYSCALL32_IMPL
273 /*
274 * Allocate loadable system call locks for 32-bit compat syscalls
275 */
276 for (callnum = 0, callp = sysent32; callnum < NSYSCALL;
277 callnum++, callp++) {
278 if (LOADABLE_SYSCALL(callp)) {
279 if (mod_getsysname(callnum) != NULL) {
280 callp->sy_lock =
281 kobj_zalloc(sizeof (krwlock_t), KM_SLEEP);
282 rw_init(callp->sy_lock, NULL, RW_DEFAULT, NULL);
283 } else {
284 callp->sy_flags &= ~SE_LOADABLE;
285 callp->sy_callc = nosys;
286 }
287 #ifdef DEBUG
288 } else {
289 /*
290 * Do some sanity checks on the sysent table
291 */
292 switch (callp->sy_flags & SE_RVAL_MASK) {
293 case SE_32RVAL1:
294 /* only r_val1 returned */
295 case SE_32RVAL1 | SE_32RVAL2:
296 /* r_val1 and r_val2 returned */
297 case SE_64RVAL:
298 /* 64-bit rval returned */
299 break;
300 default:
301 cmn_err(CE_WARN, "sysent32[%d]: bad flags %x",
302 callnum, callp->sy_flags);
303 goto skip;
304 }
305
306 /*
307 * Cross-check the native and compatibility tables.
308 */
309 if (callp->sy_callc == nosys ||
310 sysent[callnum].sy_callc == nosys)
311 continue;
312 /*
313 * If only one or the other slot is loadable, then
314 * there's an error -- they should match!
315 */
316 if ((callp->sy_callc == loadable_syscall) ^
317 (sysent[callnum].sy_callc == loadable_syscall)) {
318 cmn_err(CE_WARN, "sysent[%d] loadable?",
319 callnum);
320 }
321 /*
322 * This is more of a heuristic test -- if the
323 * system call returns two values in the 32-bit
324 * world, it should probably return two 32-bit
325 * values in the 64-bit world too.
326 */
327 if (((callp->sy_flags & SE_32RVAL2) == 0) ^
328 ((sysent[callnum].sy_flags & SE_32RVAL2) == 0)) {
329 cmn_err(CE_WARN, "sysent[%d] rval2 mismatch!",
330 callnum);
331 }
332 skip:;
333 #endif /* DEBUG */
334 }
335 }
336 #endif /* _SYSCALL32_IMPL */
337
338 /*
339 * Allocate loadable exec locks. (Assumes all execs are loadable)
340 */
341 for (exectype = 0; exectype < nexectype; exectype++) {
342 execsw[exectype].exec_lock =
343 kobj_zalloc(sizeof (krwlock_t), KM_SLEEP);
344 rw_init(execsw[exectype].exec_lock, NULL, RW_DEFAULT, NULL);
345 }
346
347 read_class_file();
348
349 /* init thread specific structure for mod_uninstall_all */
350 tsd_create(&mod_autounload_key, NULL);
351 }
352
353 static int
354 modctl_modload(int use_path, char *filename, int *rvp)
355 {
356 struct modctl *modp;
357 int retval = 0;
358 char *filenamep;
359 int modid;
360
361 filenamep = kmem_zalloc(MOD_MAXPATH, KM_SLEEP);
362
363 if (copyinstr(filename, filenamep, MOD_MAXPATH, 0)) {
364 retval = EFAULT;
365 goto out;
366 }
367
368 filenamep[MOD_MAXPATH - 1] = 0;
369 modp = mod_hold_installed_mod(filenamep, use_path, 0, &retval);
370
371 if (modp == NULL)
372 goto out;
373
374 modp->mod_loadflags |= MOD_NOAUTOUNLOAD;
375 modid = modp->mod_id;
376 mod_release_mod(modp);
377 CPU_STATS_ADDQ(CPU, sys, modload, 1);
378 if (rvp != NULL && copyout(&modid, rvp, sizeof (modid)) != 0)
379 retval = EFAULT;
380 out:
381 kmem_free(filenamep, MOD_MAXPATH);
382
383 return (retval);
384 }
385
386 static int
387 modctl_modunload(modid_t id)
388 {
389 int rval = 0;
390
391 if (id == 0) {
392 #ifdef DEBUG
393 /*
394 * Turn on mod_uninstall_daemon
395 */
396 if (mod_uninstall_interval == 0) {
397 mod_uninstall_interval = 60;
398 modreap();
399 return (rval);
400 }
401 #endif
402 mod_uninstall_all();
403 } else {
404 rval = modunload(id);
405 }
406 return (rval);
407 }
408
409 static int
410 modctl_modinfo(modid_t id, struct modinfo *umodi)
411 {
412 int retval;
413 struct modinfo modi;
414 #if defined(_SYSCALL32_IMPL)
415 int nobase;
416 struct modinfo32 modi32;
417 #endif
418
419 nobase = 0;
420 if (get_udatamodel() == DATAMODEL_NATIVE) {
421 if (copyin(umodi, &modi, sizeof (struct modinfo)) != 0)
422 return (EFAULT);
423 }
424 #ifdef _SYSCALL32_IMPL
425 else {
426 bzero(&modi, sizeof (modi));
427 if (copyin(umodi, &modi32, sizeof (struct modinfo32)) != 0)
428 return (EFAULT);
429 modi.mi_info = modi32.mi_info;
430 modi.mi_id = modi32.mi_id;
431 modi.mi_nextid = modi32.mi_nextid;
432 nobase = modi.mi_info & MI_INFO_NOBASE;
433 }
434 #endif
435 /*
436 * This flag is -only- for the kernels use.
437 */
438 modi.mi_info &= ~MI_INFO_LINKAGE;
439
440 retval = modinfo(id, &modi);
441 if (retval)
442 return (retval);
443
444 if (get_udatamodel() == DATAMODEL_NATIVE) {
445 if (copyout(&modi, umodi, sizeof (struct modinfo)) != 0)
446 retval = EFAULT;
447 #ifdef _SYSCALL32_IMPL
448 } else {
449 int i;
450
451 if (!nobase && (uintptr_t)modi.mi_base > UINT32_MAX)
452 return (EOVERFLOW);
453
454 modi32.mi_info = modi.mi_info;
455 modi32.mi_state = modi.mi_state;
456 modi32.mi_id = modi.mi_id;
457 modi32.mi_nextid = modi.mi_nextid;
458 modi32.mi_base = (caddr32_t)(uintptr_t)modi.mi_base;
459 modi32.mi_size = modi.mi_size;
460 modi32.mi_rev = modi.mi_rev;
461 modi32.mi_loadcnt = modi.mi_loadcnt;
462 bcopy(modi.mi_name, modi32.mi_name, sizeof (modi32.mi_name));
463 for (i = 0; i < MODMAXLINK32; i++) {
464 modi32.mi_msinfo[i].msi_p0 = modi.mi_msinfo[i].msi_p0;
465 bcopy(modi.mi_msinfo[i].msi_linkinfo,
466 modi32.mi_msinfo[i].msi_linkinfo,
467 sizeof (modi32.mi_msinfo[0].msi_linkinfo));
468 }
469 if (copyout(&modi32, umodi, sizeof (struct modinfo32)) != 0)
470 retval = EFAULT;
471 #endif
472 }
473
474 return (retval);
475 }
476
477 /*
478 * Return the last major number in the range of permissible major numbers.
479 */
480 /*ARGSUSED*/
481 static int
482 modctl_modreserve(modid_t id, int *data)
483 {
484 if (copyout(&devcnt, data, sizeof (devcnt)) != 0)
485 return (EFAULT);
486 return (0);
487 }
488
489 /* Add/Remove driver and binding aliases */
490 static int
491 modctl_update_driver_aliases(int add, int *data)
492 {
493 struct modconfig mc;
494 int i, n, rv = 0;
495 struct aliases alias;
496 struct aliases *ap;
497 char name[MAXMODCONFNAME];
498 char cname[MAXMODCONFNAME];
499 char *drvname;
500 int resid;
501 struct alias_info {
502 char *alias_name;
503 int alias_resid;
504 } *aliases, *aip;
505
506 aliases = NULL;
507 bzero(&mc, sizeof (struct modconfig));
508 if (get_udatamodel() == DATAMODEL_NATIVE) {
509 if (copyin(data, &mc, sizeof (struct modconfig)) != 0)
510 return (EFAULT);
511 }
512 #ifdef _SYSCALL32_IMPL
513 else {
514 struct modconfig32 modc32;
515 if (copyin(data, &modc32, sizeof (struct modconfig32)) != 0)
516 return (EFAULT);
517 else {
518 bcopy(modc32.drvname, mc.drvname,
519 sizeof (modc32.drvname));
520 bcopy(modc32.drvclass, mc.drvclass,
521 sizeof (modc32.drvclass));
522 mc.major = modc32.major;
523 mc.flags = modc32.flags;
524 mc.num_aliases = modc32.num_aliases;
525 mc.ap = (struct aliases *)(uintptr_t)modc32.ap;
526 }
527 }
528 #endif
529
530 /*
531 * If the driver is already in the mb_hashtab, and the name given
532 * doesn't match that driver's name, fail. Otherwise, pass, since
533 * we may be adding aliases.
534 */
535 drvname = mod_major_to_name(mc.major);
536 if ((drvname != NULL) && strcmp(drvname, mc.drvname) != 0)
537 return (EINVAL);
538
539 /*
540 * Precede alias removal by unbinding as many devices as possible.
541 */
542 if (add == 0) {
543 (void) i_ddi_unload_drvconf(mc.major);
544 i_ddi_unbind_devs(mc.major);
545 }
546
547 /*
548 * Add/remove each supplied driver alias to/from mb_hashtab
549 */
550 ap = mc.ap;
551 if (mc.num_aliases > 0)
552 aliases = kmem_zalloc(
553 mc.num_aliases * sizeof (struct alias_info), KM_SLEEP);
554 aip = aliases;
555 for (i = 0; i < mc.num_aliases; i++) {
556 bzero(&alias, sizeof (struct aliases));
557 if (get_udatamodel() == DATAMODEL_NATIVE) {
558 if (copyin(ap, &alias, sizeof (struct aliases)) != 0) {
559 rv = EFAULT;
560 goto error;
561 }
562 if (alias.a_len > MAXMODCONFNAME) {
563 rv = EINVAL;
564 goto error;
565 }
566 if (copyin(alias.a_name, name, alias.a_len) != 0) {
567 rv = EFAULT;
568 goto error;
569 }
570 if (name[alias.a_len - 1] != '\0') {
571 rv = EINVAL;
572 goto error;
573 }
574 }
575 #ifdef _SYSCALL32_IMPL
576 else {
577 struct aliases32 al32;
578 bzero(&al32, sizeof (struct aliases32));
579 if (copyin(ap, &al32, sizeof (struct aliases32)) != 0) {
580 rv = EFAULT;
581 goto error;
582 }
583 if (al32.a_len > MAXMODCONFNAME) {
584 rv = EINVAL;
585 goto error;
586 }
587 if (copyin((void *)(uintptr_t)al32.a_name,
588 name, al32.a_len) != 0) {
589 rv = EFAULT;
590 goto error;
591 }
592 if (name[al32.a_len - 1] != '\0') {
593 rv = EINVAL;
594 goto error;
595 }
596 alias.a_next = (void *)(uintptr_t)al32.a_next;
597 }
598 #endif
599 check_esc_sequences(name, cname);
600 aip->alias_name = strdup(cname);
601 ap = alias.a_next;
602 aip++;
603 }
604
605 if (add == 0) {
606 ap = mc.ap;
607 resid = 0;
608 aip = aliases;
609 /* attempt to unbind all devices bound to each alias */
610 for (i = 0; i < mc.num_aliases; i++) {
611 n = i_ddi_unbind_devs_by_alias(
612 mc.major, aip->alias_name);
613 resid += n;
614 aip->alias_resid = n;
615 }
616
617 /*
618 * If some device bound to an alias remains in use,
619 * and override wasn't specified, no change is made to
620 * the binding state and we fail the operation.
621 */
622 if (resid > 0 && ((mc.flags & MOD_UNBIND_OVERRIDE) == 0)) {
623 rv = EBUSY;
624 goto error;
625 }
626
627 /*
628 * No device remains bound of any of the aliases,
629 * or force was requested. Mark each alias as
630 * inactive via delete_mbind so no future binds
631 * to this alias take place and that a new
632 * binding can be established.
633 */
634 aip = aliases;
635 for (i = 0; i < mc.num_aliases; i++) {
636 if (moddebug & MODDEBUG_BINDING)
637 cmn_err(CE_CONT, "Removing binding for %s "
638 "(%d active references)\n",
639 aip->alias_name, aip->alias_resid);
640 delete_mbind(aip->alias_name, mb_hashtab);
641 aip++;
642 }
643 rv = 0;
644 } else {
645 aip = aliases;
646 for (i = 0; i < mc.num_aliases; i++) {
647 if (moddebug & MODDEBUG_BINDING)
648 cmn_err(CE_NOTE, "Adding binding for '%s'\n",
649 aip->alias_name);
650 (void) make_mbind(aip->alias_name,
651 mc.major, NULL, mb_hashtab);
652 aip++;
653 }
654 /*
655 * Try to establish an mbinding for mc.drvname, and add it to
656 * devnames. Add class if any after establishing the major
657 * number.
658 */
659 (void) make_mbind(mc.drvname, mc.major, NULL, mb_hashtab);
660 if ((rv = make_devname(mc.drvname, mc.major,
661 (mc.flags & MOD_ADDMAJBIND_UPDATE) ?
662 DN_DRIVER_INACTIVE : 0)) != 0) {
663 goto error;
664 }
665
666 if (mc.drvclass[0] != '\0')
667 add_class(mc.drvname, mc.drvclass);
668 if ((mc.flags & MOD_ADDMAJBIND_UPDATE) == 0) {
669 (void) i_ddi_load_drvconf(mc.major);
670 }
671 }
672
673 /*
674 * Ensure that all nodes are bound to the most appropriate driver
675 * possible, attempting demotion and rebind when a more appropriate
676 * driver now exists. But not when adding a driver update-only.
677 */
678 if ((add == 0) || ((mc.flags & MOD_ADDMAJBIND_UPDATE) == 0)) {
679 i_ddi_bind_devs();
680 i_ddi_di_cache_invalidate();
681 }
682
683 error:
684 if (mc.num_aliases > 0) {
685 aip = aliases;
686 for (i = 0; i < mc.num_aliases; i++) {
687 if (aip->alias_name != NULL)
688 strfree(aip->alias_name);
689 aip++;
690 }
691 kmem_free(aliases, mc.num_aliases * sizeof (struct alias_info));
692 }
693 return (rv);
694 }
695
696 static int
697 modctl_add_driver_aliases(int *data)
698 {
699 return (modctl_update_driver_aliases(1, data));
700 }
701
702 static int
703 modctl_remove_driver_aliases(int *data)
704 {
705 return (modctl_update_driver_aliases(0, data));
706 }
707
708 static int
709 modctl_rem_major(major_t major)
710 {
711 struct devnames *dnp;
712
713 if (major >= devcnt)
714 return (EINVAL);
715
716 /* mark devnames as removed */
717 dnp = &devnamesp[major];
718 LOCK_DEV_OPS(&dnp->dn_lock);
719 if (dnp->dn_name == NULL ||
720 (dnp->dn_flags & (DN_DRIVER_REMOVED | DN_TAKEN_GETUDEV))) {
721 UNLOCK_DEV_OPS(&dnp->dn_lock);
722 return (EINVAL);
723 }
724 dnp->dn_flags |= DN_DRIVER_REMOVED;
725 pm_driver_removed(major);
726 UNLOCK_DEV_OPS(&dnp->dn_lock);
727
728 (void) i_ddi_unload_drvconf(major);
729 i_ddi_unbind_devs(major);
730 i_ddi_bind_devs();
731 i_ddi_di_cache_invalidate();
732
733 /* purge all the bindings to this driver */
734 purge_mbind(major, mb_hashtab);
735 return (0);
736 }
737
738 static struct vfs *
739 path_to_vfs(char *name)
740 {
741 vnode_t *vp;
742 struct vfs *vfsp;
743
744 if (lookupname(name, UIO_SYSSPACE, FOLLOW, NULLVPP, &vp))
745 return (NULL);
746
747 vfsp = vp->v_vfsp;
748 VN_RELE(vp);
749 return (vfsp);
750 }
751
752 static int
753 new_vfs_in_modpath()
754 {
755 static int n_modpath = 0;
756 static char *modpath_copy;
757 static struct pathvfs {
758 char *path;
759 struct vfs *vfsp;
760 } *pathvfs;
761
762 int i, new_vfs = 0;
763 char *tmp, *tmp1;
764 struct vfs *vfsp;
765
766 if (n_modpath != 0) {
767 for (i = 0; i < n_modpath; i++) {
768 vfsp = path_to_vfs(pathvfs[i].path);
769 if (vfsp != pathvfs[i].vfsp) {
770 pathvfs[i].vfsp = vfsp;
771 if (vfsp)
772 new_vfs = 1;
773 }
774 }
775 return (new_vfs);
776 }
777
778 /*
779 * First call, initialize the pathvfs structure
780 */
781 modpath_copy = i_ddi_strdup(default_path, KM_SLEEP);
782 tmp = modpath_copy;
783 n_modpath = 1;
784 tmp1 = strchr(tmp, ' ');
785 while (tmp1) {
786 *tmp1 = '\0';
787 n_modpath++;
788 tmp = tmp1 + 1;
789 tmp1 = strchr(tmp, ' ');
790 }
791
792 pathvfs = kmem_zalloc(n_modpath * sizeof (struct pathvfs), KM_SLEEP);
793 tmp = modpath_copy;
794 for (i = 0; i < n_modpath; i++) {
795 pathvfs[i].path = tmp;
796 vfsp = path_to_vfs(tmp);
797 pathvfs[i].vfsp = vfsp;
798 tmp += strlen(tmp) + 1;
799 }
800 return (1); /* always reread driver.conf the first time */
801 }
802
803 static int
804 modctl_load_drvconf(major_t major, int flags)
805 {
806 int ret;
807
808 /*
809 * devfsadm -u - read all new driver.conf files
810 * and bind and configure devices for new drivers.
811 */
812 if (flags & MOD_LOADDRVCONF_RECONF) {
813 (void) i_ddi_load_drvconf(DDI_MAJOR_T_NONE);
814 i_ddi_bind_devs();
815 i_ddi_di_cache_invalidate();
816 return (0);
817 }
818
819 /*
820 * update_drv <drv> - reload driver.conf for the specified driver
821 */
822 if (major != DDI_MAJOR_T_NONE) {
823 ret = i_ddi_load_drvconf(major);
824 if (ret == 0)
825 i_ddi_bind_devs();
826 return (ret);
827 }
828
829 /*
830 * We are invoked to rescan new driver.conf files. It is
831 * only necessary if a new file system was mounted in the
832 * module_path. Because rescanning driver.conf files can
833 * take some time on older platforms (sun4m), the following
834 * code skips unnecessary driver.conf rescans to optimize
835 * boot performance.
836 */
837 if (new_vfs_in_modpath()) {
838 (void) i_ddi_load_drvconf(DDI_MAJOR_T_NONE);
839 /*
840 * If we are still initializing io subsystem,
841 * load drivers with ddi-forceattach property
842 */
843 if (!i_ddi_io_initialized())
844 i_ddi_forceattach_drivers();
845 }
846 return (0);
847 }
848
849 /*
850 * Unload driver.conf file and follow up by attempting
851 * to rebind devices to more appropriate driver.
852 */
853 static int
854 modctl_unload_drvconf(major_t major)
855 {
856 int ret;
857
858 if (major >= devcnt)
859 return (EINVAL);
860
861 ret = i_ddi_unload_drvconf(major);
862 if (ret != 0)
863 return (ret);
864 (void) i_ddi_unbind_devs(major);
865 i_ddi_bind_devs();
866
867 return (0);
868 }
869
870 static void
871 check_esc_sequences(char *str, char *cstr)
872 {
873 int i;
874 size_t len;
875 char *p;
876
877 len = strlen(str);
878 for (i = 0; i < len; i++, str++, cstr++) {
879 if (*str != '\\') {
880 *cstr = *str;
881 } else {
882 p = str + 1;
883 /*
884 * we only handle octal escape sequences for SPACE
885 */
886 if (*p++ == '0' && *p++ == '4' && *p == '0') {
887 *cstr = ' ';
888 str += 3;
889 } else {
890 *cstr = *str;
891 }
892 }
893 }
894 *cstr = 0;
895 }
896
897 static int
898 modctl_getmodpathlen(int *data)
899 {
900 int len;
901 len = strlen(default_path);
902 if (copyout(&len, data, sizeof (len)) != 0)
903 return (EFAULT);
904 return (0);
905 }
906
907 static int
908 modctl_getmodpath(char *data)
909 {
910 if (copyout(default_path, data, strlen(default_path) + 1) != 0)
911 return (EFAULT);
912 return (0);
913 }
914
915 static int
916 modctl_read_sysbinding_file(void)
917 {
918 (void) read_binding_file(sysbind, sb_hashtab, make_mbind);
919 return (0);
920 }
921
922 static int
923 modctl_getmaj(char *uname, uint_t ulen, int *umajorp)
924 {
925 char name[256];
926 int retval;
927 major_t major;
928
929 if (ulen == 0)
930 return (EINVAL);
931 if ((retval = copyinstr(uname, name,
932 (ulen < 256) ? ulen : 256, 0)) != 0)
933 return (retval);
934 if ((major = mod_name_to_major(name)) == DDI_MAJOR_T_NONE)
935 return (ENODEV);
936 if (copyout(&major, umajorp, sizeof (major_t)) != 0)
937 return (EFAULT);
938 return (0);
939 }
940
941 static char **
942 convert_constraint_string(char *constraints, size_t len)
943 {
944 int i;
945 int n;
946 char *p;
947 char **array;
948
949 ASSERT(constraints != NULL);
950 ASSERT(len > 0);
951
952 for (i = 0, p = constraints; strlen(p) > 0; i++, p += strlen(p) + 1)
953 ;
954
955 n = i;
956
957 if (n == 0) {
958 kmem_free(constraints, len);
959 return (NULL);
960 }
961
962 array = kmem_alloc((n + 1) * sizeof (char *), KM_SLEEP);
963
964 for (i = 0, p = constraints; i < n; i++, p += strlen(p) + 1) {
965 array[i] = i_ddi_strdup(p, KM_SLEEP);
966 }
967 array[n] = NULL;
968
969 kmem_free(constraints, len);
970
971 return (array);
972 }
973 /*ARGSUSED*/
974 static int
975 modctl_retire(char *path, char *uconstraints, size_t ulen)
976 {
977 char *pathbuf;
978 char *devpath;
979 size_t pathsz;
980 int retval;
981 char *constraints;
982 char **cons_array;
983
984 if (path == NULL)
985 return (EINVAL);
986
987 if ((uconstraints == NULL) ^ (ulen == 0))
988 return (EINVAL);
989
990 pathbuf = kmem_alloc(MAXPATHLEN, KM_SLEEP);
991 retval = copyinstr(path, pathbuf, MAXPATHLEN, &pathsz);
992 if (retval != 0) {
993 kmem_free(pathbuf, MAXPATHLEN);
994 return (retval);
995 }
996 devpath = i_ddi_strdup(pathbuf, KM_SLEEP);
997 kmem_free(pathbuf, MAXPATHLEN);
998
999 /*
1000 * First check if the device is already retired.
1001 * If it is, then persist the retire anyway, just in case the retire
1002 * store has got out of sync with the boot archive.
1003 */
1004 if (e_ddi_device_retired(devpath)) {
1005 cmn_err(CE_NOTE, "Device: already retired: %s", devpath);
1006 (void) e_ddi_retire_persist(devpath);
1007 kmem_free(devpath, strlen(devpath) + 1);
1008 return (0);
1009 }
1010
1011 cons_array = NULL;
1012 if (uconstraints) {
1013 constraints = kmem_alloc(ulen, KM_SLEEP);
1014 if (copyin(uconstraints, constraints, ulen)) {
1015 kmem_free(constraints, ulen);
1016 kmem_free(devpath, strlen(devpath) + 1);
1017 return (EFAULT);
1018 }
1019 cons_array = convert_constraint_string(constraints, ulen);
1020 }
1021
1022 /*
1023 * Try to retire the device first. The following
1024 * routine will return an error only if the device
1025 * is not retireable i.e. retire constraints forbid
1026 * a retire. A return of success from this routine
1027 * indicates that device is retireable.
1028 */
1029 retval = e_ddi_retire_device(devpath, cons_array);
1030 if (retval != DDI_SUCCESS) {
1031 cmn_err(CE_WARN, "constraints forbid retire: %s", devpath);
1032 kmem_free(devpath, strlen(devpath) + 1);
1033 return (ENOTSUP);
1034 }
1035
1036 /*
1037 * Ok, the retire succeeded. Persist the retire.
1038 * If retiring a nexus, we need to only persist the
1039 * nexus retire. Any children of a retired nexus
1040 * are automatically covered by the retire store
1041 * code.
1042 */
1043 retval = e_ddi_retire_persist(devpath);
1044 if (retval != 0) {
1045 cmn_err(CE_WARN, "Failed to persist device retire: error %d: "
1046 "%s", retval, devpath);
1047 kmem_free(devpath, strlen(devpath) + 1);
1048 return (retval);
1049 }
1050 if (moddebug & MODDEBUG_RETIRE)
1051 cmn_err(CE_NOTE, "Persisted retire of device: %s", devpath);
1052
1053 kmem_free(devpath, strlen(devpath) + 1);
1054 return (0);
1055 }
1056
1057 static int
1058 modctl_is_retired(char *path, int *statep)
1059 {
1060 char *pathbuf;
1061 char *devpath;
1062 size_t pathsz;
1063 int error;
1064 int status;
1065
1066 if (path == NULL || statep == NULL)
1067 return (EINVAL);
1068
1069 pathbuf = kmem_alloc(MAXPATHLEN, KM_SLEEP);
1070 error = copyinstr(path, pathbuf, MAXPATHLEN, &pathsz);
1071 if (error != 0) {
1072 kmem_free(pathbuf, MAXPATHLEN);
1073 return (error);
1074 }
1075 devpath = i_ddi_strdup(pathbuf, KM_SLEEP);
1076 kmem_free(pathbuf, MAXPATHLEN);
1077
1078 if (e_ddi_device_retired(devpath))
1079 status = 1;
1080 else
1081 status = 0;
1082 kmem_free(devpath, strlen(devpath) + 1);
1083
1084 return (copyout(&status, statep, sizeof (status)) ? EFAULT : 0);
1085 }
1086
1087 static int
1088 modctl_unretire(char *path)
1089 {
1090 char *pathbuf;
1091 char *devpath;
1092 size_t pathsz;
1093 int retired;
1094 int retval;
1095
1096 if (path == NULL)
1097 return (EINVAL);
1098
1099 pathbuf = kmem_alloc(MAXPATHLEN, KM_SLEEP);
1100 retval = copyinstr(path, pathbuf, MAXPATHLEN, &pathsz);
1101 if (retval != 0) {
1102 kmem_free(pathbuf, MAXPATHLEN);
1103 return (retval);
1104 }
1105 devpath = i_ddi_strdup(pathbuf, KM_SLEEP);
1106 kmem_free(pathbuf, MAXPATHLEN);
1107
1108 /*
1109 * We check if a device is retired (first) before
1110 * unpersisting the retire, because we use the
1111 * retire store to determine if a device is retired.
1112 * If we unpersist first, the device will always appear
1113 * to be unretired. For the rationale behind unpersisting
1114 * a device that is not retired, see the next comment.
1115 */
1116 retired = e_ddi_device_retired(devpath);
1117
1118 /*
1119 * We call unpersist unconditionally because the lookup
1120 * for retired devices (e_ddi_device_retired()), skips "bypassed"
1121 * devices. We still want to be able remove "bypassed" entries
1122 * from the persistent store, so we unpersist unconditionally
1123 * i.e. whether or not the entry is found on a lookup.
1124 *
1125 * e_ddi_retire_unpersist() returns 1 if it found and cleared
1126 * an entry from the retire store or 0 otherwise.
1127 */
1128 if (e_ddi_retire_unpersist(devpath))
1129 if (moddebug & MODDEBUG_RETIRE) {
1130 cmn_err(CE_NOTE, "Unpersisted retire of device: %s",
1131 devpath);
1132 }
1133
1134 /*
1135 * Check if the device is already unretired. If so,
1136 * the unretire becomes a NOP
1137 */
1138 if (!retired) {
1139 cmn_err(CE_NOTE, "Not retired: %s", devpath);
1140 kmem_free(devpath, strlen(devpath) + 1);
1141 return (0);
1142 }
1143
1144 retval = e_ddi_unretire_device(devpath);
1145 if (retval != 0) {
1146 cmn_err(CE_WARN, "cannot unretire device: error %d, path %s\n",
1147 retval, devpath);
1148 }
1149
1150 kmem_free(devpath, strlen(devpath) + 1);
1151
1152 return (retval);
1153 }
1154
1155 static int
1156 modctl_getname(char *uname, uint_t ulen, int *umajorp)
1157 {
1158 char *name;
1159 major_t major;
1160
1161 if (copyin(umajorp, &major, sizeof (major)) != 0)
1162 return (EFAULT);
1163 if ((name = mod_major_to_name(major)) == NULL)
1164 return (ENODEV);
1165 if ((strlen(name) + 1) > ulen)
1166 return (ENOSPC);
1167 return (copyoutstr(name, uname, ulen, NULL));
1168 }
1169
1170 static int
1171 modctl_devt2instance(dev_t dev, int *uinstancep)
1172 {
1173 int instance;
1174
1175 if ((instance = dev_to_instance(dev)) == -1)
1176 return (EINVAL);
1177
1178 return (copyout(&instance, uinstancep, sizeof (int)));
1179 }
1180
1181 /*
1182 * Return the sizeof of the device id.
1183 */
1184 static int
1185 modctl_sizeof_devid(dev_t dev, uint_t *len)
1186 {
1187 uint_t sz;
1188 ddi_devid_t devid;
1189
1190 /* get device id */
1191 if (ddi_lyr_get_devid(dev, &devid) == DDI_FAILURE)
1192 return (EINVAL);
1193
1194 sz = ddi_devid_sizeof(devid);
1195 ddi_devid_free(devid);
1196
1197 /* copyout device id size */
1198 if (copyout(&sz, len, sizeof (sz)) != 0)
1199 return (EFAULT);
1200
1201 return (0);
1202 }
1203
1204 /*
1205 * Return a copy of the device id.
1206 */
1207 static int
1208 modctl_get_devid(dev_t dev, uint_t len, ddi_devid_t udevid)
1209 {
1210 uint_t sz;
1211 ddi_devid_t devid;
1212 int err = 0;
1213
1214 /* get device id */
1215 if (ddi_lyr_get_devid(dev, &devid) == DDI_FAILURE)
1216 return (EINVAL);
1217
1218 sz = ddi_devid_sizeof(devid);
1219
1220 /* Error if device id is larger than space allocated */
1221 if (sz > len) {
1222 ddi_devid_free(devid);
1223 return (ENOSPC);
1224 }
1225
1226 /* copy out device id */
1227 if (copyout(devid, udevid, sz) != 0)
1228 err = EFAULT;
1229 ddi_devid_free(devid);
1230 return (err);
1231 }
1232
1233 /*
1234 * return the /devices paths associated with the specified devid and
1235 * minor name.
1236 */
1237 /*ARGSUSED*/
1238 static int
1239 modctl_devid2paths(ddi_devid_t udevid, char *uminor_name, uint_t flag,
1240 size_t *ulensp, char *upaths)
1241 {
1242 ddi_devid_t devid = NULL;
1243 int devid_len;
1244 char *minor_name = NULL;
1245 dev_info_t *dip = NULL;
1246 int circ;
1247 struct ddi_minor_data *dmdp;
1248 char *path = NULL;
1249 int ulens;
1250 int lens;
1251 int len;
1252 dev_t *devlist = NULL;
1253 int ndevs;
1254 int i;
1255 int ret = 0;
1256
1257 /*
1258 * If upaths is NULL then we are only computing the amount of space
1259 * needed to hold the paths and returning the value in *ulensp. If we
1260 * are copying out paths then we get the amount of space allocated by
1261 * the caller. If the actual space needed for paths is larger, or
1262 * things are changing out from under us, then we return EAGAIN.
1263 */
1264 if (upaths) {
1265 if (ulensp == NULL)
1266 return (EINVAL);
1267 if (copyin(ulensp, &ulens, sizeof (ulens)) != 0)
1268 return (EFAULT);
1269 }
1270
1271 /*
1272 * copyin enough of the devid to determine the length then
1273 * reallocate and copy in the entire devid.
1274 */
1275 devid_len = ddi_devid_sizeof(NULL);
1276 devid = kmem_alloc(devid_len, KM_SLEEP);
1277 if (copyin(udevid, devid, devid_len)) {
1278 ret = EFAULT;
1279 goto out;
1280 }
1281 len = devid_len;
1282 devid_len = ddi_devid_sizeof(devid);
1283 kmem_free(devid, len);
1284 devid = kmem_alloc(devid_len, KM_SLEEP);
1285 if (copyin(udevid, devid, devid_len)) {
1286 ret = EFAULT;
1287 goto out;
1288 }
1289
1290 /* copyin the minor name if specified. */
1291 minor_name = uminor_name;
1292 if ((minor_name != DEVID_MINOR_NAME_ALL) &&
1293 (minor_name != DEVID_MINOR_NAME_ALL_CHR) &&
1294 (minor_name != DEVID_MINOR_NAME_ALL_BLK)) {
1295 minor_name = kmem_alloc(MAXPATHLEN, KM_SLEEP);
1296 if (copyinstr(uminor_name, minor_name, MAXPATHLEN, 0)) {
1297 ret = EFAULT;
1298 goto out;
1299 }
1300 }
1301
1302 /*
1303 * Use existing function to resolve the devid into a devlist.
1304 *
1305 * NOTE: there is a loss of spectype information in the current
1306 * ddi_lyr_devid_to_devlist implementation. We work around this by not
1307 * passing down DEVID_MINOR_NAME_ALL here, but reproducing all minor
1308 * node forms in the loop processing the devlist below. It would be
1309 * best if at some point the use of this interface here was replaced
1310 * with a path oriented call.
1311 */
1312 if (ddi_lyr_devid_to_devlist(devid,
1313 (minor_name == DEVID_MINOR_NAME_ALL) ?
1314 DEVID_MINOR_NAME_ALL_CHR : minor_name,
1315 &ndevs, &devlist) != DDI_SUCCESS) {
1316 ret = EINVAL;
1317 goto out;
1318 }
1319
1320 /*
1321 * loop over the devlist, converting each devt to a path and doing
1322 * a copyout of the path and computation of the amount of space
1323 * needed to hold all the paths
1324 */
1325 path = kmem_alloc(MAXPATHLEN, KM_SLEEP);
1326 for (i = 0, lens = 0; i < ndevs; i++) {
1327
1328 /* find the dip associated with the dev_t */
1329 if ((dip = e_ddi_hold_devi_by_dev(devlist[i], 0)) == NULL)
1330 continue;
1331
1332 /* loop over all the minor nodes, skipping ones we don't want */
1333 ndi_devi_enter(dip, &circ);
1334 for (dmdp = DEVI(dip)->devi_minor; dmdp; dmdp = dmdp->next) {
1335 if ((dmdp->ddm_dev != devlist[i]) ||
1336 (dmdp->type != DDM_MINOR))
1337 continue;
1338
1339 if ((minor_name != DEVID_MINOR_NAME_ALL) &&
1340 (minor_name != DEVID_MINOR_NAME_ALL_CHR) &&
1341 (minor_name != DEVID_MINOR_NAME_ALL_BLK) &&
1342 strcmp(minor_name, dmdp->ddm_name))
1343 continue;
1344 else {
1345 if ((minor_name == DEVID_MINOR_NAME_ALL_CHR) &&
1346 (dmdp->ddm_spec_type != S_IFCHR))
1347 continue;
1348 if ((minor_name == DEVID_MINOR_NAME_ALL_BLK) &&
1349 (dmdp->ddm_spec_type != S_IFBLK))
1350 continue;
1351 }
1352
1353 (void) ddi_pathname_minor(dmdp, path);
1354 len = strlen(path) + 1;
1355 *(path + len) = '\0'; /* set double termination */
1356 lens += len;
1357
1358 /* copyout the path with double terminations */
1359 if (upaths) {
1360 if (lens > ulens) {
1361 ret = EAGAIN;
1362 goto out;
1363 }
1364 if (copyout(path, upaths, len + 1)) {
1365 ret = EFAULT;
1366 goto out;
1367 }
1368 upaths += len;
1369 }
1370 }
1371 ndi_devi_exit(dip, circ);
1372 ddi_release_devi(dip);
1373 dip = NULL;
1374 }
1375 lens++; /* add one for double termination */
1376
1377 /* copy out the amount of space needed to hold the paths */
1378 if (ulensp && copyout(&lens, ulensp, sizeof (lens))) {
1379 ret = EFAULT;
1380 goto out;
1381 }
1382 ret = 0;
1383
1384 out: if (dip) {
1385 ndi_devi_exit(dip, circ);
1386 ddi_release_devi(dip);
1387 }
1388 if (path)
1389 kmem_free(path, MAXPATHLEN);
1390 if (devlist)
1391 ddi_lyr_free_devlist(devlist, ndevs);
1392 if (minor_name &&
1393 (minor_name != DEVID_MINOR_NAME_ALL) &&
1394 (minor_name != DEVID_MINOR_NAME_ALL_CHR) &&
1395 (minor_name != DEVID_MINOR_NAME_ALL_BLK))
1396 kmem_free(minor_name, MAXPATHLEN);
1397 if (devid)
1398 kmem_free(devid, devid_len);
1399 return (ret);
1400 }
1401
1402 /*
1403 * Return the size of the minor name.
1404 */
1405 static int
1406 modctl_sizeof_minorname(dev_t dev, int spectype, uint_t *len)
1407 {
1408 uint_t sz;
1409 char *name;
1410
1411 /* get the minor name */
1412 if (ddi_lyr_get_minor_name(dev, spectype, &name) == DDI_FAILURE)
1413 return (EINVAL);
1414
1415 sz = strlen(name) + 1;
1416 kmem_free(name, sz);
1417
1418 /* copy out the size of the minor name */
1419 if (copyout(&sz, len, sizeof (sz)) != 0)
1420 return (EFAULT);
1421
1422 return (0);
1423 }
1424
1425 /*
1426 * Return the minor name.
1427 */
1428 static int
1429 modctl_get_minorname(dev_t dev, int spectype, uint_t len, char *uname)
1430 {
1431 uint_t sz;
1432 char *name;
1433 int err = 0;
1434
1435 /* get the minor name */
1436 if (ddi_lyr_get_minor_name(dev, spectype, &name) == DDI_FAILURE)
1437 return (EINVAL);
1438
1439 sz = strlen(name) + 1;
1440
1441 /* Error if the minor name is larger than the space allocated */
1442 if (sz > len) {
1443 kmem_free(name, sz);
1444 return (ENOSPC);
1445 }
1446
1447 /* copy out the minor name */
1448 if (copyout(name, uname, sz) != 0)
1449 err = EFAULT;
1450 kmem_free(name, sz);
1451 return (err);
1452 }
1453
1454 /*
1455 * Return the size of the (dev_t,spectype) devfspath name.
1456 */
1457 static int
1458 modctl_devfspath_len(dev_t dev, int spectype, uint_t *len)
1459 {
1460 uint_t sz;
1461 char *name;
1462
1463 /* get the path name */
1464 name = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
1465 if (ddi_dev_pathname(dev, spectype, name) == DDI_FAILURE) {
1466 kmem_free(name, MAXPATHLEN);
1467 return (EINVAL);
1468 }
1469
1470 sz = strlen(name) + 1;
1471 kmem_free(name, MAXPATHLEN);
1472
1473 /* copy out the size of the path name */
1474 if (copyout(&sz, len, sizeof (sz)) != 0)
1475 return (EFAULT);
1476
1477 return (0);
1478 }
1479
1480 /*
1481 * Return the (dev_t,spectype) devfspath name.
1482 */
1483 static int
1484 modctl_devfspath(dev_t dev, int spectype, uint_t len, char *uname)
1485 {
1486 uint_t sz;
1487 char *name;
1488 int err = 0;
1489
1490 /* get the path name */
1491 name = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
1492 if (ddi_dev_pathname(dev, spectype, name) == DDI_FAILURE) {
1493 kmem_free(name, MAXPATHLEN);
1494 return (EINVAL);
1495 }
1496
1497 sz = strlen(name) + 1;
1498
1499 /* Error if the path name is larger than the space allocated */
1500 if (sz > len) {
1501 kmem_free(name, MAXPATHLEN);
1502 return (ENOSPC);
1503 }
1504
1505 /* copy out the path name */
1506 if (copyout(name, uname, sz) != 0)
1507 err = EFAULT;
1508 kmem_free(name, MAXPATHLEN);
1509 return (err);
1510 }
1511
1512 /*
1513 * Return the size of the (major,instance) devfspath name.
1514 */
1515 static int
1516 modctl_devfspath_mi_len(major_t major, int instance, uint_t *len)
1517 {
1518 uint_t sz;
1519 char *name;
1520
1521 /* get the path name */
1522 name = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
1523 if (e_ddi_majorinstance_to_path(major, instance, name) != DDI_SUCCESS) {
1524 kmem_free(name, MAXPATHLEN);
1525 return (EINVAL);
1526 }
1527
1528 sz = strlen(name) + 1;
1529 kmem_free(name, MAXPATHLEN);
1530
1531 /* copy out the size of the path name */
1532 if (copyout(&sz, len, sizeof (sz)) != 0)
1533 return (EFAULT);
1534
1535 return (0);
1536 }
1537
1538 /*
1539 * Return the (major_instance) devfspath name.
1540 * NOTE: e_ddi_majorinstance_to_path does not require the device to attach to
1541 * return a path - it uses the instance tree.
1542 */
1543 static int
1544 modctl_devfspath_mi(major_t major, int instance, uint_t len, char *uname)
1545 {
1546 uint_t sz;
1547 char *name;
1548 int err = 0;
1549
1550 /* get the path name */
1551 name = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
1552 if (e_ddi_majorinstance_to_path(major, instance, name) != DDI_SUCCESS) {
1553 kmem_free(name, MAXPATHLEN);
1554 return (EINVAL);
1555 }
1556
1557 sz = strlen(name) + 1;
1558
1559 /* Error if the path name is larger than the space allocated */
1560 if (sz > len) {
1561 kmem_free(name, MAXPATHLEN);
1562 return (ENOSPC);
1563 }
1564
1565 /* copy out the path name */
1566 if (copyout(name, uname, sz) != 0)
1567 err = EFAULT;
1568 kmem_free(name, MAXPATHLEN);
1569 return (err);
1570 }
1571
1572 static int
1573 modctl_get_fbname(char *path)
1574 {
1575 extern dev_t fbdev;
1576 char *pathname = NULL;
1577 int rval = 0;
1578
1579 /* make sure fbdev is set before we plunge in */
1580 if (fbdev == NODEV)
1581 return (ENODEV);
1582
1583 pathname = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
1584 if ((rval = ddi_dev_pathname(fbdev, S_IFCHR,
1585 pathname)) == DDI_SUCCESS) {
1586 if (copyout(pathname, path, strlen(pathname)+1) != 0) {
1587 rval = EFAULT;
1588 }
1589 }
1590 kmem_free(pathname, MAXPATHLEN);
1591 return (rval);
1592 }
1593
1594 /*
1595 * modctl_reread_dacf()
1596 * Reread the dacf rules database from the named binding file.
1597 * If NULL is specified, pass along the NULL, it means 'use the default'.
1598 */
1599 static int
1600 modctl_reread_dacf(char *path)
1601 {
1602 int rval = 0;
1603 char *filename, *filenamep;
1604
1605 filename = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
1606
1607 if (path == NULL) {
1608 filenamep = NULL;
1609 } else {
1610 if (copyinstr(path, filename, MAXPATHLEN, 0) != 0) {
1611 rval = EFAULT;
1612 goto out;
1613 }
1614 filenamep = filename;
1615 filenamep[MAXPATHLEN - 1] = '\0';
1616 }
1617
1618 rval = read_dacf_binding_file(filenamep);
1619 out:
1620 kmem_free(filename, MAXPATHLEN);
1621 return (rval);
1622 }
1623
1624 /*ARGSUSED*/
1625 static int
1626 modctl_modevents(int subcmd, uintptr_t a2, uintptr_t a3, uintptr_t a4,
1627 uint_t flag)
1628 {
1629 int error = 0;
1630 char *filenamep;
1631
1632 switch (subcmd) {
1633
1634 case MODEVENTS_FLUSH:
1635 /* flush all currently queued events */
1636 log_sysevent_flushq(subcmd, flag);
1637 break;
1638
1639 case MODEVENTS_SET_DOOR_UPCALL_FILENAME:
1640 /*
1641 * bind door_upcall to filename
1642 * this should only be done once per invocation
1643 * of the event daemon.
1644 */
1645
1646 filenamep = kmem_zalloc(MOD_MAXPATH, KM_SLEEP);
1647
1648 if (copyinstr((char *)a2, filenamep, MOD_MAXPATH, 0)) {
1649 error = EFAULT;
1650 } else {
1651 error = log_sysevent_filename(filenamep);
1652 }
1653 kmem_free(filenamep, MOD_MAXPATH);
1654 break;
1655
1656 case MODEVENTS_GETDATA:
1657 error = log_sysevent_copyout_data((sysevent_id_t *)a2,
1658 (size_t)a3, (caddr_t)a4);
1659 break;
1660
1661 case MODEVENTS_FREEDATA:
1662 error = log_sysevent_free_data((sysevent_id_t *)a2);
1663 break;
1664 case MODEVENTS_POST_EVENT:
1665 error = log_usr_sysevent((sysevent_t *)a2, (uint32_t)a3,
1666 (sysevent_id_t *)a4);
1667 break;
1668 case MODEVENTS_REGISTER_EVENT:
1669 error = log_sysevent_register((char *)a2, (char *)a3,
1670 (se_pubsub_t *)a4);
1671 break;
1672 default:
1673 error = EINVAL;
1674 }
1675
1676 return (error);
1677 }
1678
1679 static void
1680 free_mperm(mperm_t *mp)
1681 {
1682 int len;
1683
1684 if (mp->mp_minorname) {
1685 len = strlen(mp->mp_minorname) + 1;
1686 kmem_free(mp->mp_minorname, len);
1687 }
1688 kmem_free(mp, sizeof (mperm_t));
1689 }
1690
1691 #define MP_NO_DRV_ERR \
1692 "/etc/minor_perm: no driver for %s\n"
1693
1694 #define MP_EMPTY_MINOR \
1695 "/etc/minor_perm: empty minor name for driver %s\n"
1696
1697 #define MP_NO_MINOR \
1698 "/etc/minor_perm: no minor matching %s for driver %s\n"
1699
1700 /*
1701 * Remove mperm entry with matching minorname
1702 */
1703 static void
1704 rem_minorperm(major_t major, char *drvname, mperm_t *mp, int is_clone)
1705 {
1706 mperm_t **mp_head;
1707 mperm_t *freemp = NULL;
1708 struct devnames *dnp = &devnamesp[major];
1709 mperm_t **wildmp;
1710
1711 ASSERT(mp->mp_minorname && strlen(mp->mp_minorname) > 0);
1712
1713 LOCK_DEV_OPS(&dnp->dn_lock);
1714 if (strcmp(mp->mp_minorname, "*") == 0) {
1715 wildmp = ((is_clone == 0) ?
1716 &dnp->dn_mperm_wild : &dnp->dn_mperm_clone);
1717 if (*wildmp)
1718 freemp = *wildmp;
1719 *wildmp = NULL;
1720 } else {
1721 mp_head = &dnp->dn_mperm;
1722 while (*mp_head) {
1723 if (strcmp((*mp_head)->mp_minorname,
1724 mp->mp_minorname) != 0) {
1725 mp_head = &(*mp_head)->mp_next;
1726 continue;
1727 }
1728 /* remove the entry */
1729 freemp = *mp_head;
1730 *mp_head = freemp->mp_next;
1731 break;
1732 }
1733 }
1734 if (freemp) {
1735 if (moddebug & MODDEBUG_MINORPERM) {
1736 cmn_err(CE_CONT, "< %s %s 0%o %d %d\n",
1737 drvname, freemp->mp_minorname,
1738 freemp->mp_mode & 0777,
1739 freemp->mp_uid, freemp->mp_gid);
1740 }
1741 free_mperm(freemp);
1742 } else {
1743 if (moddebug & MODDEBUG_MINORPERM) {
1744 cmn_err(CE_CONT, MP_NO_MINOR,
1745 drvname, mp->mp_minorname);
1746 }
1747 }
1748
1749 UNLOCK_DEV_OPS(&dnp->dn_lock);
1750 }
1751
1752 /*
1753 * Add minor perm entry
1754 */
1755 static void
1756 add_minorperm(major_t major, char *drvname, mperm_t *mp, int is_clone)
1757 {
1758 mperm_t **mp_head;
1759 mperm_t *freemp = NULL;
1760 struct devnames *dnp = &devnamesp[major];
1761 mperm_t **wildmp;
1762
1763 ASSERT(mp->mp_minorname && strlen(mp->mp_minorname) > 0);
1764
1765 /*
1766 * Note that update_drv replace semantics require
1767 * replacing matching entries with the new permissions.
1768 */
1769 LOCK_DEV_OPS(&dnp->dn_lock);
1770 if (strcmp(mp->mp_minorname, "*") == 0) {
1771 wildmp = ((is_clone == 0) ?
1772 &dnp->dn_mperm_wild : &dnp->dn_mperm_clone);
1773 if (*wildmp)
1774 freemp = *wildmp;
1775 *wildmp = mp;
1776 } else {
1777 mperm_t *p, *v = NULL;
1778 for (p = dnp->dn_mperm; p; v = p, p = p->mp_next) {
1779 if (strcmp(p->mp_minorname, mp->mp_minorname) == 0) {
1780 if (v == NULL)
1781 dnp->dn_mperm = mp;
1782 else
1783 v->mp_next = mp;
1784 mp->mp_next = p->mp_next;
1785 freemp = p;
1786 goto replaced;
1787 }
1788 }
1789 if (p == NULL) {
1790 mp_head = &dnp->dn_mperm;
1791 if (*mp_head == NULL) {
1792 *mp_head = mp;
1793 } else {
1794 mp->mp_next = *mp_head;
1795 *mp_head = mp;
1796 }
1797 }
1798 }
1799 replaced:
1800 if (freemp) {
1801 if (moddebug & MODDEBUG_MINORPERM) {
1802 cmn_err(CE_CONT, "< %s %s 0%o %d %d\n",
1803 drvname, freemp->mp_minorname,
1804 freemp->mp_mode & 0777,
1805 freemp->mp_uid, freemp->mp_gid);
1806 }
1807 free_mperm(freemp);
1808 }
1809 if (moddebug & MODDEBUG_MINORPERM) {
1810 cmn_err(CE_CONT, "> %s %s 0%o %d %d\n",
1811 drvname, mp->mp_minorname, mp->mp_mode & 0777,
1812 mp->mp_uid, mp->mp_gid);
1813 }
1814 UNLOCK_DEV_OPS(&dnp->dn_lock);
1815 }
1816
1817
1818 static int
1819 process_minorperm(int cmd, nvlist_t *nvl)
1820 {
1821 char *minor;
1822 major_t major;
1823 mperm_t *mp;
1824 nvpair_t *nvp;
1825 char *name;
1826 int is_clone;
1827 major_t minmaj;
1828
1829 ASSERT(cmd == MODLOADMINORPERM ||
1830 cmd == MODADDMINORPERM || cmd == MODREMMINORPERM);
1831
1832 nvp = NULL;
1833 while ((nvp = nvlist_next_nvpair(nvl, nvp)) != NULL) {
1834 name = nvpair_name(nvp);
1835
1836 is_clone = 0;
1837 (void) nvpair_value_string(nvp, &minor);
1838 major = ddi_name_to_major(name);
1839 if (major != DDI_MAJOR_T_NONE) {
1840 mp = kmem_zalloc(sizeof (*mp), KM_SLEEP);
1841 if (minor == NULL || strlen(minor) == 0) {
1842 if (moddebug & MODDEBUG_MINORPERM) {
1843 cmn_err(CE_CONT, MP_EMPTY_MINOR, name);
1844 }
1845 minor = "*";
1846 }
1847
1848 /*
1849 * The minor name of a node using the clone
1850 * driver must be the driver name. To avoid
1851 * multiple searches, we map entries in the form
1852 * clone:<driver> to <driver>:*. This also allows us
1853 * to filter out some of the litter in /etc/minor_perm.
1854 * Minor perm alias entries where the name is not
1855 * the driver kept on the clone list itself.
1856 * This all seems very fragile as a driver could
1857 * be introduced with an existing alias name.
1858 */
1859 if (strcmp(name, "clone") == 0) {
1860 minmaj = ddi_name_to_major(minor);
1861 if (minmaj != DDI_MAJOR_T_NONE) {
1862 if (moddebug & MODDEBUG_MINORPERM) {
1863 cmn_err(CE_CONT,
1864 "mapping %s:%s to %s:*\n",
1865 name, minor, minor);
1866 }
1867 major = minmaj;
1868 name = minor;
1869 minor = "*";
1870 is_clone = 1;
1871 }
1872 }
1873
1874 if (mp) {
1875 mp->mp_minorname =
1876 i_ddi_strdup(minor, KM_SLEEP);
1877 }
1878 } else {
1879 mp = NULL;
1880 if (moddebug & MODDEBUG_MINORPERM) {
1881 cmn_err(CE_CONT, MP_NO_DRV_ERR, name);
1882 }
1883 }
1884
1885 /* mode */
1886 nvp = nvlist_next_nvpair(nvl, nvp);
1887 ASSERT(strcmp(nvpair_name(nvp), "mode") == 0);
1888 if (mp)
1889 (void) nvpair_value_int32(nvp, (int *)&mp->mp_mode);
1890 /* uid */
1891 nvp = nvlist_next_nvpair(nvl, nvp);
1892 ASSERT(strcmp(nvpair_name(nvp), "uid") == 0);
1893 if (mp)
1894 (void) nvpair_value_uint32(nvp, &mp->mp_uid);
1895 /* gid */
1896 nvp = nvlist_next_nvpair(nvl, nvp);
1897 ASSERT(strcmp(nvpair_name(nvp), "gid") == 0);
1898 if (mp) {
1899 (void) nvpair_value_uint32(nvp, &mp->mp_gid);
1900
1901 if (cmd == MODREMMINORPERM) {
1902 rem_minorperm(major, name, mp, is_clone);
1903 free_mperm(mp);
1904 } else {
1905 add_minorperm(major, name, mp, is_clone);
1906 }
1907 }
1908 }
1909
1910 if (cmd == MODLOADMINORPERM)
1911 minorperm_loaded = 1;
1912
1913 /*
1914 * Reset permissions of cached dv_nodes
1915 */
1916 (void) devfs_reset_perm(DV_RESET_PERM);
1917
1918 return (0);
1919 }
1920
1921 static int
1922 modctl_minorperm(int cmd, char *usrbuf, size_t buflen)
1923 {
1924 int error;
1925 nvlist_t *nvl;
1926 char *buf = kmem_alloc(buflen, KM_SLEEP);
1927
1928 if ((error = ddi_copyin(usrbuf, buf, buflen, 0)) != 0) {
1929 kmem_free(buf, buflen);
1930 return (error);
1931 }
1932
1933 error = nvlist_unpack(buf, buflen, &nvl, KM_SLEEP);
1934 kmem_free(buf, buflen);
1935 if (error)
1936 return (error);
1937
1938 error = process_minorperm(cmd, nvl);
1939 nvlist_free(nvl);
1940 return (error);
1941 }
1942
1943 struct walk_args {
1944 char *wa_drvname;
1945 list_t wa_pathlist;
1946 };
1947
1948 struct path_elem {
1949 char *pe_dir;
1950 char *pe_nodename;
1951 list_node_t pe_node;
1952 int pe_dirlen;
1953 };
1954
1955 /*ARGSUSED*/
1956 static int
1957 modctl_inst_walker(const char *path, in_node_t *np, in_drv_t *dp, void *arg)
1958 {
1959 struct walk_args *wargs = (struct walk_args *)arg;
1960 struct path_elem *pe;
1961 char *nodename;
1962
1963 /*
1964 * Search may be restricted to a single driver in the case of rem_drv
1965 */
1966 if (wargs->wa_drvname &&
1967 strcmp(dp->ind_driver_name, wargs->wa_drvname) != 0)
1968 return (INST_WALK_CONTINUE);
1969
1970 pe = kmem_zalloc(sizeof (*pe), KM_SLEEP);
1971 pe->pe_dir = i_ddi_strdup((char *)path, KM_SLEEP);
1972 pe->pe_dirlen = strlen(pe->pe_dir) + 1;
1973 ASSERT(strrchr(pe->pe_dir, '/') != NULL);
1974 nodename = strrchr(pe->pe_dir, '/');
1975 *nodename++ = 0;
1976 pe->pe_nodename = nodename;
1977 list_insert_tail(&wargs->wa_pathlist, pe);
1978
1979 return (INST_WALK_CONTINUE);
1980 }
1981
1982 /*
1983 * /devices attribute nodes clean-up optionally performed
1984 * when removing a driver (rem_drv -C).
1985 *
1986 * Removing attribute nodes allows a machine to be reprovisioned
1987 * without the side-effect of inadvertently picking up stale
1988 * device node ownership or permissions.
1989 *
1990 * Preserving attributes (not performing cleanup) allows devices
1991 * attribute changes to be preserved across upgrades, as
1992 * upgrade rather heavy-handedly does a rem_drv/add_drv cycle.
1993 */
1994 static int
1995 modctl_remdrv_cleanup(const char *u_drvname)
1996 {
1997 struct walk_args *wargs;
1998 struct path_elem *pe;
1999 char *drvname;
2000 int err, rval = 0;
2001
2002 drvname = kmem_alloc(MAXMODCONFNAME, KM_SLEEP);
2003 if ((err = copyinstr(u_drvname, drvname, MAXMODCONFNAME, 0))) {
2004 kmem_free(drvname, MAXMODCONFNAME);
2005 return (err);
2006 }
2007
2008 /*
2009 * First go through the instance database. For each
2010 * instance of a device bound to the driver being
2011 * removed, remove any underlying devfs attribute nodes.
2012 *
2013 * This is a two-step process. First we go through
2014 * the instance data itself, constructing a list of
2015 * the nodes discovered. The second step is then
2016 * to find and remove any devfs attribute nodes
2017 * for the instances discovered in the first step.
2018 * The two-step process avoids any difficulties
2019 * which could arise by holding the instance data
2020 * lock with simultaneous devfs operations.
2021 */
2022 wargs = kmem_zalloc(sizeof (*wargs), KM_SLEEP);
2023
2024 wargs->wa_drvname = drvname;
2025 list_create(&wargs->wa_pathlist,
2026 sizeof (struct path_elem), offsetof(struct path_elem, pe_node));
2027
2028 (void) e_ddi_walk_instances(modctl_inst_walker, (void *)wargs);
2029
2030 for (pe = list_head(&wargs->wa_pathlist); pe != NULL;
2031 pe = list_next(&wargs->wa_pathlist, pe)) {
2032 err = devfs_remdrv_cleanup((const char *)pe->pe_dir,
2033 (const char *)pe->pe_nodename);
2034 if (rval == 0)
2035 rval = err;
2036 }
2037
2038 while ((pe = list_head(&wargs->wa_pathlist)) != NULL) {
2039 list_remove(&wargs->wa_pathlist, pe);
2040 kmem_free(pe->pe_dir, pe->pe_dirlen);
2041 kmem_free(pe, sizeof (*pe));
2042 }
2043 kmem_free(wargs, sizeof (*wargs));
2044
2045 /*
2046 * Pseudo nodes aren't recorded in the instance database
2047 * so any such nodes need to be handled separately.
2048 */
2049 err = devfs_remdrv_cleanup("pseudo", (const char *)drvname);
2050 if (rval == 0)
2051 rval = err;
2052
2053 kmem_free(drvname, MAXMODCONFNAME);
2054 return (rval);
2055 }
2056
2057 /*
2058 * Perform a cleanup of non-existent /devices attribute nodes,
2059 * similar to rem_drv -C, but for all drivers/devices.
2060 * This is also optional, performed as part of devfsadm -C.
2061 */
2062 void
2063 dev_devices_cleanup()
2064 {
2065 struct walk_args *wargs;
2066 struct path_elem *pe;
2067 dev_info_t *devi;
2068 char *path;
2069 int err;
2070
2071 /*
2072 * It's expected that all drivers have been loaded and
2073 * module unloading disabled while performing cleanup.
2074 */
2075 ASSERT(modunload_disable_count > 0);
2076
2077 wargs = kmem_zalloc(sizeof (*wargs), KM_SLEEP);
2078 wargs->wa_drvname = NULL;
2079 list_create(&wargs->wa_pathlist,
2080 sizeof (struct path_elem), offsetof(struct path_elem, pe_node));
2081
2082 (void) e_ddi_walk_instances(modctl_inst_walker, (void *)wargs);
2083
2084 path = kmem_alloc(MAXPATHLEN, KM_SLEEP);
2085
2086 for (pe = list_head(&wargs->wa_pathlist); pe != NULL;
2087 pe = list_next(&wargs->wa_pathlist, pe)) {
2088 (void) snprintf(path, MAXPATHLEN, "%s/%s",
2089 pe->pe_dir, pe->pe_nodename);
2090 devi = e_ddi_hold_devi_by_path(path, 0);
2091 if (devi != NULL) {
2092 ddi_release_devi(devi);
2093 } else {
2094 err = devfs_remdrv_cleanup((const char *)pe->pe_dir,
2095 (const char *)pe->pe_nodename);
2096 if (err) {
2097 cmn_err(CE_CONT,
2098 "devfs: %s: clean-up error %d\n",
2099 path, err);
2100 }
2101 }
2102 }
2103
2104 while ((pe = list_head(&wargs->wa_pathlist)) != NULL) {
2105 list_remove(&wargs->wa_pathlist, pe);
2106 kmem_free(pe->pe_dir, pe->pe_dirlen);
2107 kmem_free(pe, sizeof (*pe));
2108 }
2109 kmem_free(wargs, sizeof (*wargs));
2110 kmem_free(path, MAXPATHLEN);
2111 }
2112
2113 static int
2114 modctl_allocpriv(const char *name)
2115 {
2116 char *pstr = kmem_alloc(PRIVNAME_MAX, KM_SLEEP);
2117 int error;
2118
2119 if ((error = copyinstr(name, pstr, PRIVNAME_MAX, 0))) {
2120 kmem_free(pstr, PRIVNAME_MAX);
2121 return (error);
2122 }
2123 error = priv_getbyname(pstr, PRIV_ALLOC);
2124 if (error < 0)
2125 error = -error;
2126 else
2127 error = 0;
2128 kmem_free(pstr, PRIVNAME_MAX);
2129 return (error);
2130 }
2131
2132 static int
2133 modctl_devexists(const char *upath, int pathlen)
2134 {
2135 char *path;
2136 int ret;
2137
2138 /*
2139 * copy in the path, including the terminating null
2140 */
2141 pathlen++;
2142 if (pathlen <= 1 || pathlen > MAXPATHLEN)
2143 return (EINVAL);
2144 path = kmem_zalloc(pathlen + 1, KM_SLEEP);
2145 if ((ret = copyinstr(upath, path, pathlen, NULL)) == 0) {
2146 ret = sdev_modctl_devexists(path);
2147 }
2148
2149 kmem_free(path, pathlen + 1);
2150 return (ret);
2151 }
2152
2153 static int
2154 modctl_devreaddir(const char *udir, int udirlen,
2155 char *upaths, int64_t *ulensp)
2156 {
2157 char *paths = NULL;
2158 char **dirlist = NULL;
2159 char *dir;
2160 int64_t ulens;
2161 int64_t lens;
2162 int i, n;
2163 int ret = 0;
2164 char *p;
2165 int npaths;
2166 int npaths_alloc;
2167
2168 /*
2169 * If upaths is NULL then we are only computing the amount of space
2170 * needed to return the paths, with the value returned in *ulensp. If we
2171 * are copying out paths then we get the amount of space allocated by
2172 * the caller. If the actual space needed for paths is larger, or
2173 * things are changing out from under us, then we return EAGAIN.
2174 */
2175 if (upaths) {
2176 if (ulensp == NULL)
2177 return (EINVAL);
2178 if (copyin(ulensp, &ulens, sizeof (ulens)) != 0)
2179 return (EFAULT);
2180 }
2181
2182 /*
2183 * copyin the /dev path including terminating null
2184 */
2185 udirlen++;
2186 if (udirlen <= 1 || udirlen > MAXPATHLEN)
2187 return (EINVAL);
2188 dir = kmem_zalloc(udirlen + 1, KM_SLEEP);
2189 if ((ret = copyinstr(udir, dir, udirlen, NULL)) != 0)
2190 goto err;
2191
2192 if ((ret = sdev_modctl_readdir(dir, &dirlist,
2193 &npaths, &npaths_alloc, 0)) != 0) {
2194 ASSERT(dirlist == NULL);
2195 goto err;
2196 }
2197
2198 lens = 0;
2199 for (i = 0; i < npaths; i++) {
2200 lens += strlen(dirlist[i]) + 1;
2201 }
2202 lens++; /* add one for double termination */
2203
2204 if (upaths) {
2205 if (lens > ulens) {
2206 ret = EAGAIN;
2207 goto out;
2208 }
2209
2210 paths = kmem_alloc(lens, KM_SLEEP);
2211
2212 p = paths;
2213 for (i = 0; i < npaths; i++) {
2214 n = strlen(dirlist[i]) + 1;
2215 bcopy(dirlist[i], p, n);
2216 p += n;
2217 }
2218 *p = 0;
2219
2220 if (copyout(paths, upaths, lens)) {
2221 ret = EFAULT;
2222 goto err;
2223 }
2224 }
2225
2226 out:
2227 /* copy out the amount of space needed to hold the paths */
2228 if (copyout(&lens, ulensp, sizeof (lens)))
2229 ret = EFAULT;
2230
2231 err:
2232 if (dirlist)
2233 sdev_modctl_readdir_free(dirlist, npaths, npaths_alloc);
2234 if (paths)
2235 kmem_free(paths, lens);
2236 kmem_free(dir, udirlen + 1);
2237 return (ret);
2238 }
2239
2240 static int
2241 modctl_devemptydir(const char *udir, int udirlen, int *uempty)
2242 {
2243 char *dir;
2244 int ret;
2245 char **dirlist = NULL;
2246 int npaths;
2247 int npaths_alloc;
2248 int empty;
2249
2250 /*
2251 * copyin the /dev path including terminating null
2252 */
2253 udirlen++;
2254 if (udirlen <= 1 || udirlen > MAXPATHLEN)
2255 return (EINVAL);
2256 dir = kmem_zalloc(udirlen + 1, KM_SLEEP);
2257 if ((ret = copyinstr(udir, dir, udirlen, NULL)) != 0)
2258 goto err;
2259
2260 if ((ret = sdev_modctl_readdir(dir, &dirlist,
2261 &npaths, &npaths_alloc, 1)) != 0) {
2262 goto err;
2263 }
2264
2265 empty = npaths ? 0 : 1;
2266 if (copyout(&empty, uempty, sizeof (empty)))
2267 ret = EFAULT;
2268
2269 err:
2270 if (dirlist)
2271 sdev_modctl_readdir_free(dirlist, npaths, npaths_alloc);
2272 kmem_free(dir, udirlen + 1);
2273 return (ret);
2274 }
2275
2276 static int
2277 modctl_hp(int subcmd, const char *path, char *cn_name, uintptr_t arg,
2278 uintptr_t rval)
2279 {
2280 int error = 0;
2281 size_t pathsz, namesz;
2282 char *devpath, *cn_name_str;
2283
2284 if (path == NULL)
2285 return (EINVAL);
2286
2287 devpath = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
2288 error = copyinstr(path, devpath, MAXPATHLEN, &pathsz);
2289 if (error != 0) {
2290 kmem_free(devpath, MAXPATHLEN);
2291 return (EFAULT);
2292 }
2293
2294 cn_name_str = kmem_zalloc(MAXNAMELEN, KM_SLEEP);
2295 error = copyinstr(cn_name, cn_name_str, MAXNAMELEN, &namesz);
2296 if (error != 0) {
2297 kmem_free(devpath, MAXPATHLEN);
2298 kmem_free(cn_name_str, MAXNAMELEN);
2299
2300 return (EFAULT);
2301 }
2302
2303 switch (subcmd) {
2304 case MODHPOPS_CHANGE_STATE:
2305 error = ddihp_modctl(DDI_HPOP_CN_CHANGE_STATE, devpath,
2306 cn_name_str, arg, 0);
2307 break;
2308 case MODHPOPS_CREATE_PORT:
2309 /* Create an empty PORT */
2310 error = ddihp_modctl(DDI_HPOP_CN_CREATE_PORT, devpath,
2311 cn_name_str, 0, 0);
2312 break;
2313 case MODHPOPS_REMOVE_PORT:
2314 /* Remove an empty PORT */
2315 error = ddihp_modctl(DDI_HPOP_CN_REMOVE_PORT, devpath,
2316 cn_name_str, 0, 0);
2317 break;
2318 case MODHPOPS_BUS_GET:
2319 error = ddihp_modctl(DDI_HPOP_CN_GET_PROPERTY, devpath,
2320 cn_name_str, arg, rval);
2321 break;
2322 case MODHPOPS_BUS_SET:
2323 error = ddihp_modctl(DDI_HPOP_CN_SET_PROPERTY, devpath,
2324 cn_name_str, arg, rval);
2325 break;
2326 default:
2327 error = ENOTSUP;
2328 break;
2329 }
2330
2331 kmem_free(devpath, MAXPATHLEN);
2332 kmem_free(cn_name_str, MAXNAMELEN);
2333
2334 return (error);
2335 }
2336
2337 int
2338 modctl_moddevname(int subcmd, uintptr_t a1, uintptr_t a2)
2339 {
2340 int error = 0;
2341
2342 switch (subcmd) {
2343 case MODDEVNAME_LOOKUPDOOR:
2344 error = devname_filename_register((char *)a1);
2345 break;
2346 case MODDEVNAME_PROFILE:
2347 error = devname_profile_update((char *)a1, (size_t)a2);
2348 break;
2349 case MODDEVNAME_RECONFIG:
2350 i_ddi_set_reconfig();
2351 break;
2352 case MODDEVNAME_SYSAVAIL:
2353 i_ddi_set_sysavail();
2354 break;
2355 default:
2356 error = EINVAL;
2357 break;
2358 }
2359
2360 return (error);
2361 }
2362
2363 /*ARGSUSED5*/
2364 int
2365 modctl(int cmd, uintptr_t a1, uintptr_t a2, uintptr_t a3, uintptr_t a4,
2366 uintptr_t a5)
2367 {
2368 int error = EINVAL;
2369 dev_t dev;
2370
2371 if (secpolicy_modctl(CRED(), cmd) != 0)
2372 return (set_errno(EPERM));
2373
2374 switch (cmd) {
2375 case MODLOAD: /* load a module */
2376 error = modctl_modload((int)a1, (char *)a2, (int *)a3);
2377 break;
2378
2379 case MODUNLOAD: /* unload a module */
2380 error = modctl_modunload((modid_t)a1);
2381 break;
2382
2383 case MODINFO: /* get module status */
2384 error = modctl_modinfo((modid_t)a1, (struct modinfo *)a2);
2385 break;
2386
2387 case MODRESERVED: /* get last major number in range */
2388 error = modctl_modreserve((modid_t)a1, (int *)a2);
2389 break;
2390
2391 case MODSETMINIROOT: /* we are running in miniroot */
2392 isminiroot = 1;
2393 error = 0;
2394 break;
2395
2396 case MODADDMAJBIND: /* add major / driver alias bindings */
2397 error = modctl_add_driver_aliases((int *)a2);
2398 break;
2399
2400 case MODGETPATHLEN: /* get modpath length */
2401 error = modctl_getmodpathlen((int *)a2);
2402 break;
2403
2404 case MODGETPATH: /* get modpath */
2405 error = modctl_getmodpath((char *)a2);
2406 break;
2407
2408 case MODREADSYSBIND: /* read system call binding file */
2409 error = modctl_read_sysbinding_file();
2410 break;
2411
2412 case MODGETMAJBIND: /* get major number for named device */
2413 error = modctl_getmaj((char *)a1, (uint_t)a2, (int *)a3);
2414 break;
2415
2416 case MODGETNAME: /* get name of device given major number */
2417 error = modctl_getname((char *)a1, (uint_t)a2, (int *)a3);
2418 break;
2419
2420 case MODDEVT2INSTANCE:
2421 if (get_udatamodel() == DATAMODEL_NATIVE) {
2422 dev = (dev_t)a1;
2423 }
2424 #ifdef _SYSCALL32_IMPL
2425 else {
2426 dev = expldev(a1);
2427 }
2428 #endif
2429 error = modctl_devt2instance(dev, (int *)a2);
2430 break;
2431
2432 case MODSIZEOF_DEVID: /* sizeof device id of device given dev_t */
2433 if (get_udatamodel() == DATAMODEL_NATIVE) {
2434 dev = (dev_t)a1;
2435 }
2436 #ifdef _SYSCALL32_IMPL
2437 else {
2438 dev = expldev(a1);
2439 }
2440 #endif
2441 error = modctl_sizeof_devid(dev, (uint_t *)a2);
2442 break;
2443
2444 case MODGETDEVID: /* get device id of device given dev_t */
2445 if (get_udatamodel() == DATAMODEL_NATIVE) {
2446 dev = (dev_t)a1;
2447 }
2448 #ifdef _SYSCALL32_IMPL
2449 else {
2450 dev = expldev(a1);
2451 }
2452 #endif
2453 error = modctl_get_devid(dev, (uint_t)a2, (ddi_devid_t)a3);
2454 break;
2455
2456 case MODSIZEOF_MINORNAME: /* sizeof minor nm (dev_t,spectype) */
2457 if (get_udatamodel() == DATAMODEL_NATIVE) {
2458 error = modctl_sizeof_minorname((dev_t)a1, (int)a2,
2459 (uint_t *)a3);
2460 }
2461 #ifdef _SYSCALL32_IMPL
2462 else {
2463 error = modctl_sizeof_minorname(expldev(a1), (int)a2,
2464 (uint_t *)a3);
2465 }
2466
2467 #endif
2468 break;
2469
2470 case MODGETMINORNAME: /* get minor name of (dev_t,spectype) */
2471 if (get_udatamodel() == DATAMODEL_NATIVE) {
2472 error = modctl_get_minorname((dev_t)a1, (int)a2,
2473 (uint_t)a3, (char *)a4);
2474 }
2475 #ifdef _SYSCALL32_IMPL
2476 else {
2477 error = modctl_get_minorname(expldev(a1), (int)a2,
2478 (uint_t)a3, (char *)a4);
2479 }
2480 #endif
2481 break;
2482
2483 case MODGETDEVFSPATH_LEN: /* sizeof path nm of (dev_t,spectype) */
2484 if (get_udatamodel() == DATAMODEL_NATIVE) {
2485 error = modctl_devfspath_len((dev_t)a1, (int)a2,
2486 (uint_t *)a3);
2487 }
2488 #ifdef _SYSCALL32_IMPL
2489 else {
2490 error = modctl_devfspath_len(expldev(a1), (int)a2,
2491 (uint_t *)a3);
2492 }
2493
2494 #endif
2495 break;
2496
2497 case MODGETDEVFSPATH: /* get path name of (dev_t,spec) type */
2498 if (get_udatamodel() == DATAMODEL_NATIVE) {
2499 error = modctl_devfspath((dev_t)a1, (int)a2,
2500 (uint_t)a3, (char *)a4);
2501 }
2502 #ifdef _SYSCALL32_IMPL
2503 else {
2504 error = modctl_devfspath(expldev(a1), (int)a2,
2505 (uint_t)a3, (char *)a4);
2506 }
2507 #endif
2508 break;
2509
2510 case MODGETDEVFSPATH_MI_LEN: /* sizeof path nm of (major,instance) */
2511 error = modctl_devfspath_mi_len((major_t)a1, (int)a2,
2512 (uint_t *)a3);
2513 break;
2514
2515 case MODGETDEVFSPATH_MI: /* get path name of (major,instance) */
2516 error = modctl_devfspath_mi((major_t)a1, (int)a2,
2517 (uint_t)a3, (char *)a4);
2518 break;
2519
2520
2521 case MODEVENTS:
2522 error = modctl_modevents((int)a1, a2, a3, a4, (uint_t)a5);
2523 break;
2524
2525 case MODGETFBNAME: /* get the framebuffer name */
2526 error = modctl_get_fbname((char *)a1);
2527 break;
2528
2529 case MODREREADDACF: /* reread dacf rule database from given file */
2530 error = modctl_reread_dacf((char *)a1);
2531 break;
2532
2533 case MODLOADDRVCONF: /* load driver.conf file for major */
2534 error = modctl_load_drvconf((major_t)a1, (int)a2);
2535 break;
2536
2537 case MODUNLOADDRVCONF: /* unload driver.conf file for major */
2538 error = modctl_unload_drvconf((major_t)a1);
2539 break;
2540
2541 case MODREMMAJBIND: /* remove a major binding */
2542 error = modctl_rem_major((major_t)a1);
2543 break;
2544
2545 case MODREMDRVALIAS: /* remove a major/alias binding */
2546 error = modctl_remove_driver_aliases((int *)a2);
2547 break;
2548
2549 case MODDEVID2PATHS: /* get paths given devid */
2550 error = modctl_devid2paths((ddi_devid_t)a1, (char *)a2,
2551 (uint_t)a3, (size_t *)a4, (char *)a5);
2552 break;
2553
2554 case MODSETDEVPOLICY: /* establish device policy */
2555 error = devpolicy_load((int)a1, (size_t)a2, (devplcysys_t *)a3);
2556 break;
2557
2558 case MODGETDEVPOLICY: /* get device policy */
2559 error = devpolicy_get((int *)a1, (size_t)a2,
2560 (devplcysys_t *)a3);
2561 break;
2562
2563 case MODALLOCPRIV:
2564 error = modctl_allocpriv((const char *)a1);
2565 break;
2566
2567 case MODGETDEVPOLICYBYNAME:
2568 error = devpolicy_getbyname((size_t)a1,
2569 (devplcysys_t *)a2, (char *)a3);
2570 break;
2571
2572 case MODLOADMINORPERM:
2573 case MODADDMINORPERM:
2574 case MODREMMINORPERM:
2575 error = modctl_minorperm(cmd, (char *)a1, (size_t)a2);
2576 break;
2577
2578 case MODREMDRVCLEANUP:
2579 error = modctl_remdrv_cleanup((const char *)a1);
2580 break;
2581
2582 case MODDEVEXISTS: /* non-reconfiguring /dev lookup */
2583 error = modctl_devexists((const char *)a1, (size_t)a2);
2584 break;
2585
2586 case MODDEVREADDIR: /* non-reconfiguring /dev readdir */
2587 error = modctl_devreaddir((const char *)a1, (size_t)a2,
2588 (char *)a3, (int64_t *)a4);
2589 break;
2590
2591 case MODDEVEMPTYDIR: /* non-reconfiguring /dev emptydir */
2592 error = modctl_devemptydir((const char *)a1, (size_t)a2,
2593 (int *)a3);
2594 break;
2595
2596 case MODDEVNAME:
2597 error = modctl_moddevname((int)a1, a2, a3);
2598 break;
2599
2600 case MODRETIRE: /* retire device named by physpath a1 */
2601 error = modctl_retire((char *)a1, (char *)a2, (size_t)a3);
2602 break;
2603
2604 case MODISRETIRED: /* check if a device is retired. */
2605 error = modctl_is_retired((char *)a1, (int *)a2);
2606 break;
2607
2608 case MODUNRETIRE: /* unretire device named by physpath a1 */
2609 error = modctl_unretire((char *)a1);
2610 break;
2611
2612 case MODHPOPS: /* hotplug operations */
2613 /* device named by physpath a2 and Connection name a3 */
2614 error = modctl_hp((int)a1, (char *)a2, (char *)a3, a4, a5);
2615 break;
2616
2617 default:
2618 error = EINVAL;
2619 break;
2620 }
2621
2622 return (error ? set_errno(error) : 0);
2623 }
2624
2625 /*
2626 * Calls to kobj_load_module()() are handled off to this routine in a
2627 * separate thread.
2628 */
2629 static void
2630 modload_thread(struct loadmt *ltp)
2631 {
2632 /* load the module and signal the creator of this thread */
2633 kmutex_t cpr_lk;
2634 callb_cpr_t cpr_i;
2635
2636 mutex_init(&cpr_lk, NULL, MUTEX_DEFAULT, NULL);
2637 CALLB_CPR_INIT(&cpr_i, &cpr_lk, callb_generic_cpr, "modload");
2638 /* borrow the devi lock from thread which invoked us */
2639 pm_borrow_lock(ltp->owner);
2640 ltp->retval = kobj_load_module(ltp->mp, ltp->usepath);
2641 pm_return_lock();
2642 sema_v(<p->sema);
2643 mutex_enter(&cpr_lk);
2644 CALLB_CPR_EXIT(&cpr_i);
2645 mutex_destroy(&cpr_lk);
2646 thread_exit();
2647 }
2648
2649 /*
2650 * load a module, adding a reference if caller specifies rmodp. If rmodp
2651 * is specified then an errno is returned, otherwise a module index is
2652 * returned (-1 on error).
2653 */
2654 static int
2655 modrload(const char *subdir, const char *filename, struct modctl **rmodp)
2656 {
2657 struct modctl *modp;
2658 size_t size;
2659 char *fullname;
2660 int retval = EINVAL;
2661 int id = -1;
2662
2663 if (rmodp)
2664 *rmodp = NULL; /* avoid garbage */
2665
2666 if (subdir != NULL) {
2667 /*
2668 * refuse / in filename to prevent "../" escapes.
2669 */
2670 if (strchr(filename, '/') != NULL)
2671 return (rmodp ? retval : id);
2672
2673 /*
2674 * allocate enough space for <subdir>/<filename><NULL>
2675 */
2676 size = strlen(subdir) + strlen(filename) + 2;
2677 fullname = kmem_zalloc(size, KM_SLEEP);
2678 (void) sprintf(fullname, "%s/%s", subdir, filename);
2679 } else {
2680 fullname = (char *)filename;
2681 }
2682
2683 modp = mod_hold_installed_mod(fullname, 1, 0, &retval);
2684 if (modp != NULL) {
2685 id = modp->mod_id;
2686 if (rmodp) {
2687 /* add mod_ref and return *rmodp */
2688 mutex_enter(&mod_lock);
2689 modp->mod_ref++;
2690 mutex_exit(&mod_lock);
2691 *rmodp = modp;
2692 }
2693 mod_release_mod(modp);
2694 CPU_STATS_ADDQ(CPU, sys, modload, 1);
2695 }
2696
2697 done: if (subdir != NULL)
2698 kmem_free(fullname, size);
2699 return (rmodp ? retval : id);
2700 }
2701
2702 /*
2703 * This is the primary kernel interface to load a module. It loads and
2704 * installs the named module. It does not hold mod_ref of the module, so
2705 * a module unload attempt can occur at any time - it is up to the
2706 * _fini/mod_remove implementation to determine if unload will succeed.
2707 */
2708 int
2709 modload(const char *subdir, const char *filename)
2710 {
2711 return (modrload(subdir, filename, NULL));
2712 }
2713
2714 /*
2715 * Load a module using a series of qualified names from most specific to least
2716 * specific, e.g. for subdir "foo", p1 "bar", p2 "baz", we might try:
2717 * Value returned in *chosen
2718 * foo/bar.baz.1.2.3 3
2719 * foo/bar.baz.1.2 2
2720 * foo/bar.baz.1 1
2721 * foo/bar.baz 0
2722 *
2723 * Return the module ID on success; -1 if no module was loaded. On success
2724 * and if 'chosen' is not NULL we also return the number of suffices that
2725 * were in the module we chose to load.
2726 */
2727 int
2728 modload_qualified(const char *subdir, const char *p1,
2729 const char *p2, const char *delim, uint_t suffv[], int suffc, int *chosen)
2730 {
2731 char path[MOD_MAXPATH];
2732 size_t n, resid = sizeof (path);
2733 char *p = path;
2734
2735 char **dotv;
2736 int i, rc, id;
2737 modctl_t *mp;
2738
2739 if (p2 != NULL)
2740 n = snprintf(p, resid, "%s/%s%s%s", subdir, p1, delim, p2);
2741 else
2742 n = snprintf(p, resid, "%s/%s", subdir, p1);
2743
2744 if (n >= resid)
2745 return (-1);
2746
2747 p += n;
2748 resid -= n;
2749 dotv = kmem_alloc(sizeof (char *) * (suffc + 1), KM_SLEEP);
2750
2751 for (i = 0; i < suffc; i++) {
2752 dotv[i] = p;
2753 n = snprintf(p, resid, "%s%u", delim, suffv[i]);
2754
2755 if (n >= resid) {
2756 kmem_free(dotv, sizeof (char *) * (suffc + 1));
2757 return (-1);
2758 }
2759
2760 p += n;
2761 resid -= n;
2762 }
2763
2764 dotv[suffc] = p;
2765
2766 for (i = suffc; i >= 0; i--) {
2767 dotv[i][0] = '\0';
2768 mp = mod_hold_installed_mod(path, 1, 1, &rc);
2769
2770 if (mp != NULL) {
2771 kmem_free(dotv, sizeof (char *) * (suffc + 1));
2772 id = mp->mod_id;
2773 mod_release_mod(mp);
2774 if (chosen != NULL)
2775 *chosen = i;
2776 return (id);
2777 }
2778 }
2779
2780 kmem_free(dotv, sizeof (char *) * (suffc + 1));
2781 return (-1);
2782 }
2783
2784 /*
2785 * Load a module.
2786 */
2787 int
2788 modloadonly(const char *subdir, const char *filename)
2789 {
2790 struct modctl *modp;
2791 char *fullname;
2792 size_t size;
2793 int id, retval;
2794
2795 if (subdir != NULL) {
2796 /*
2797 * allocate enough space for <subdir>/<filename><NULL>
2798 */
2799 size = strlen(subdir) + strlen(filename) + 2;
2800 fullname = kmem_zalloc(size, KM_SLEEP);
2801 (void) sprintf(fullname, "%s/%s", subdir, filename);
2802 } else {
2803 fullname = (char *)filename;
2804 }
2805
2806 id = -1;
2807 modp = mod_hold_loaded_mod(NULL, fullname, &retval);
2808 if (modp) {
2809 id = modp->mod_id;
2810 mod_release_mod(modp);
2811 }
2812
2813 if (subdir != NULL)
2814 kmem_free(fullname, size);
2815
2816 if (retval == 0)
2817 return (id);
2818 return (-1);
2819 }
2820
2821 /*
2822 * Try to uninstall and unload a module, removing a reference if caller
2823 * specifies rmodp.
2824 */
2825 static int
2826 modunrload(modid_t id, struct modctl **rmodp, int unload)
2827 {
2828 struct modctl *modp;
2829 int retval;
2830
2831 if (rmodp)
2832 *rmodp = NULL; /* avoid garbage */
2833
2834 if ((modp = mod_hold_by_id((modid_t)id)) == NULL)
2835 return (EINVAL);
2836
2837 if (rmodp) {
2838 mutex_enter(&mod_lock);
2839 modp->mod_ref--;
2840 if (modp->mod_ref == 0)
2841 mod_uninstall_ref_zero++;
2842 mutex_exit(&mod_lock);
2843 *rmodp = modp;
2844 }
2845
2846 if (unload) {
2847 retval = moduninstall(modp);
2848 if (retval == 0) {
2849 mod_unload(modp);
2850 CPU_STATS_ADDQ(CPU, sys, modunload, 1);
2851 } else if (retval == EALREADY)
2852 retval = 0; /* already unloaded, not an error */
2853 } else
2854 retval = 0;
2855
2856 mod_release_mod(modp);
2857 return (retval);
2858 }
2859
2860 /*
2861 * Uninstall and unload a module.
2862 */
2863 int
2864 modunload(modid_t id)
2865 {
2866 int retval;
2867
2868 /* synchronize with any active modunload_disable() */
2869 modunload_begin();
2870 if (ddi_root_node())
2871 (void) devfs_clean(ddi_root_node(), NULL, 0);
2872 retval = modunrload(id, NULL, 1);
2873 modunload_end();
2874 return (retval);
2875 }
2876
2877 /*
2878 * Return status of a loaded module.
2879 */
2880 static int
2881 modinfo(modid_t id, struct modinfo *modinfop)
2882 {
2883 struct modctl *modp;
2884 modid_t mid;
2885 int i;
2886
2887 mid = modinfop->mi_id;
2888 if (modinfop->mi_info & MI_INFO_ALL) {
2889 while ((modp = mod_hold_next_by_id(mid++)) != NULL) {
2890 if ((modinfop->mi_info & MI_INFO_CNT) ||
2891 modp->mod_installed)
2892 break;
2893 mod_release_mod(modp);
2894 }
2895 if (modp == NULL)
2896 return (EINVAL);
2897 } else {
2898 modp = mod_hold_by_id(id);
2899 if (modp == NULL)
2900 return (EINVAL);
2901 if (!(modinfop->mi_info & MI_INFO_CNT) &&
2902 (modp->mod_installed == 0)) {
2903 mod_release_mod(modp);
2904 return (EINVAL);
2905 }
2906 }
2907
2908 modinfop->mi_rev = 0;
2909 modinfop->mi_state = 0;
2910 for (i = 0; i < MODMAXLINK; i++) {
2911 modinfop->mi_msinfo[i].msi_p0 = -1;
2912 modinfop->mi_msinfo[i].msi_linkinfo[0] = 0;
2913 }
2914 if (modp->mod_loaded) {
2915 modinfop->mi_state = MI_LOADED;
2916 kobj_getmodinfo(modp->mod_mp, modinfop);
2917 }
2918 if (modp->mod_installed) {
2919 modinfop->mi_state |= MI_INSTALLED;
2920
2921 (void) mod_getinfo(modp, modinfop);
2922 }
2923
2924 modinfop->mi_id = modp->mod_id;
2925 modinfop->mi_loadcnt = modp->mod_loadcnt;
2926 (void) strcpy(modinfop->mi_name, modp->mod_modname);
2927
2928 mod_release_mod(modp);
2929 return (0);
2930 }
2931
2932 static char mod_stub_err[] = "mod_hold_stub: Couldn't load stub module %s";
2933 static char no_err[] = "No error function for weak stub %s";
2934
2935 /*
2936 * used by the stubs themselves to load and hold a module.
2937 * Returns 0 if the module is successfully held;
2938 * the stub needs to call mod_release_stub().
2939 * -1 if the stub should just call the err_fcn.
2940 * Note that this code is stretched out so that we avoid subroutine calls
2941 * and optimize for the most likely case. That is, the case where the
2942 * module is loaded and installed and not held. In that case we just inc
2943 * the mod_ref count and continue.
2944 */
2945 int
2946 mod_hold_stub(struct mod_stub_info *stub)
2947 {
2948 struct modctl *mp;
2949 struct mod_modinfo *mip;
2950
2951 mip = stub->mods_modinfo;
2952
2953 mutex_enter(&mod_lock);
2954
2955 /* we do mod_hold_by_modctl inline for speed */
2956
2957 mod_check_again:
2958 if ((mp = mip->mp) != NULL) {
2959 if (mp->mod_busy == 0) {
2960 if (mp->mod_installed) {
2961 /* increment the reference count */
2962 mp->mod_ref++;
2963 ASSERT(mp->mod_ref && mp->mod_installed);
2964 mutex_exit(&mod_lock);
2965 return (0);
2966 } else {
2967 mp->mod_busy = 1;
2968 mp->mod_inprogress_thread =
2969 (curthread == NULL ?
2970 (kthread_id_t)-1 : curthread);
2971 }
2972 } else {
2973 /*
2974 * wait one time and then go see if someone
2975 * else has resolved the stub (set mip->mp).
2976 */
2977 if (mod_hold_by_modctl(mp,
2978 MOD_WAIT_ONCE | MOD_LOCK_HELD))
2979 goto mod_check_again;
2980
2981 /*
2982 * what we have now may have been unloaded!, in
2983 * that case, mip->mp will be NULL, we'll hit this
2984 * module and load again..
2985 */
2986 cmn_err(CE_PANIC, "mod_hold_stub should have blocked");
2987 }
2988 mutex_exit(&mod_lock);
2989 } else {
2990 /* first time we've hit this module */
2991 mutex_exit(&mod_lock);
2992 mp = mod_hold_by_name(mip->modm_module_name);
2993 mip->mp = mp;
2994 }
2995
2996 /*
2997 * If we are here, it means that the following conditions
2998 * are satisfied.
2999 *
3000 * mip->mp != NULL
3001 * this thread has set the mp->mod_busy = 1
3002 * mp->mod_installed = 0
3003 *
3004 */
3005 ASSERT(mp != NULL);
3006 ASSERT(mp->mod_busy == 1);
3007
3008 if (mp->mod_installed == 0) {
3009 /* Module not loaded, if weak stub don't load it */
3010 if (stub->mods_flag & MODS_WEAK) {
3011 if (stub->mods_errfcn == NULL) {
3012 mod_release_mod(mp);
3013 cmn_err(CE_PANIC, no_err,
3014 mip->modm_module_name);
3015 }
3016 } else {
3017 /* Not a weak stub so load the module */
3018
3019 if (mod_load(mp, 1) != 0 || modinstall(mp) != 0) {
3020 /*
3021 * If mod_load() was successful
3022 * and modinstall() failed, then
3023 * unload the module.
3024 */
3025 if (mp->mod_loaded)
3026 mod_unload(mp);
3027
3028 mod_release_mod(mp);
3029 if (stub->mods_errfcn == NULL) {
3030 cmn_err(CE_PANIC, mod_stub_err,
3031 mip->modm_module_name);
3032 } else {
3033 return (-1);
3034 }
3035 }
3036 }
3037 }
3038
3039 /*
3040 * At this point module is held and loaded. Release
3041 * the mod_busy and mod_inprogress_thread before
3042 * returning. We actually call mod_release() here so
3043 * that if another stub wants to access this module,
3044 * it can do so. mod_ref is incremented before mod_release()
3045 * is called to prevent someone else from snatching the
3046 * module from this thread.
3047 */
3048 mutex_enter(&mod_lock);
3049 mp->mod_ref++;
3050 ASSERT(mp->mod_ref &&
3051 (mp->mod_loaded || (stub->mods_flag & MODS_WEAK)));
3052 mod_release(mp);
3053 mutex_exit(&mod_lock);
3054 return (0);
3055 }
3056
3057 void
3058 mod_release_stub(struct mod_stub_info *stub)
3059 {
3060 struct modctl *mp = stub->mods_modinfo->mp;
3061
3062 /* inline mod_release_mod */
3063 mutex_enter(&mod_lock);
3064 ASSERT(mp->mod_ref &&
3065 (mp->mod_loaded || (stub->mods_flag & MODS_WEAK)));
3066 mp->mod_ref--;
3067 if (mp->mod_ref == 0)
3068 mod_uninstall_ref_zero++;
3069 if (mp->mod_want) {
3070 mp->mod_want = 0;
3071 cv_broadcast(&mod_cv);
3072 }
3073 mutex_exit(&mod_lock);
3074 }
3075
3076 static struct modctl *
3077 mod_hold_loaded_mod(struct modctl *dep, char *filename, int *status)
3078 {
3079 struct modctl *modp;
3080 int retval;
3081
3082 /*
3083 * Hold the module.
3084 */
3085 modp = mod_hold_by_name_requisite(dep, filename);
3086 if (modp) {
3087 retval = mod_load(modp, 1);
3088 if (retval != 0) {
3089 mod_release_mod(modp);
3090 modp = NULL;
3091 }
3092 *status = retval;
3093 } else {
3094 *status = ENOSPC;
3095 }
3096
3097 /*
3098 * if dep is not NULL, clear the module dependency information.
3099 * This information is set in mod_hold_by_name_common().
3100 */
3101 if (dep != NULL && dep->mod_requisite_loading != NULL) {
3102 ASSERT(dep->mod_busy);
3103 dep->mod_requisite_loading = NULL;
3104 }
3105
3106 return (modp);
3107 }
3108
3109 /*
3110 * hold, load, and install the named module
3111 */
3112 static struct modctl *
3113 mod_hold_installed_mod(char *name, int usepath, int forcecheck, int *r)
3114 {
3115 struct modctl *modp;
3116 int retval;
3117
3118 /*
3119 * Verify that that module in question actually exists on disk
3120 * before allocation of module structure by mod_hold_by_name.
3121 */
3122 if (modrootloaded && swaploaded || forcecheck) {
3123 if (!kobj_path_exists(name, usepath)) {
3124 *r = ENOENT;
3125 return (NULL);
3126 }
3127 }
3128
3129 /*
3130 * Hold the module.
3131 */
3132 modp = mod_hold_by_name(name);
3133 if (modp) {
3134 retval = mod_load(modp, usepath);
3135 if (retval != 0) {
3136 mod_release_mod(modp);
3137 modp = NULL;
3138 *r = retval;
3139 } else {
3140 if ((*r = modinstall(modp)) != 0) {
3141 /*
3142 * We loaded it, but failed to _init() it.
3143 * Be kind to developers -- force it
3144 * out of memory now so that the next
3145 * attempt to use the module will cause
3146 * a reload. See 1093793.
3147 */
3148 mod_unload(modp);
3149 mod_release_mod(modp);
3150 modp = NULL;
3151 }
3152 }
3153 } else {
3154 *r = ENOSPC;
3155 }
3156 return (modp);
3157 }
3158
3159 static char mod_excl_msg[] =
3160 "module %s(%s) is EXCLUDED and will not be loaded\n";
3161 static char mod_init_msg[] = "loadmodule:%s(%s): _init() error %d\n";
3162
3163 /*
3164 * This routine is needed for dependencies. Users specify dependencies
3165 * by declaring a character array initialized to filenames of dependents.
3166 * So the code that handles dependents deals with filenames (and not
3167 * module names) because that's all it has. We load by filename and once
3168 * we've loaded a file we can get the module name.
3169 * Unfortunately there isn't a single unified filename/modulename namespace.
3170 * C'est la vie.
3171 *
3172 * We allow the name being looked up to be prepended by an optional
3173 * subdirectory e.g. we can lookup (NULL, "fs/ufs") or ("fs", "ufs")
3174 */
3175 struct modctl *
3176 mod_find_by_filename(char *subdir, char *filename)
3177 {
3178 struct modctl *mp;
3179 size_t sublen;
3180
3181 ASSERT(!MUTEX_HELD(&mod_lock));
3182 if (subdir != NULL)
3183 sublen = strlen(subdir);
3184 else
3185 sublen = 0;
3186
3187 mutex_enter(&mod_lock);
3188 mp = &modules;
3189 do {
3190 if (sublen) {
3191 char *mod_filename = mp->mod_filename;
3192
3193 if (strncmp(subdir, mod_filename, sublen) == 0 &&
3194 mod_filename[sublen] == '/' &&
3195 strcmp(filename, &mod_filename[sublen + 1]) == 0) {
3196 mutex_exit(&mod_lock);
3197 return (mp);
3198 }
3199 } else if (strcmp(filename, mp->mod_filename) == 0) {
3200 mutex_exit(&mod_lock);
3201 return (mp);
3202 }
3203 } while ((mp = mp->mod_next) != &modules);
3204 mutex_exit(&mod_lock);
3205 return (NULL);
3206 }
3207
3208 /*
3209 * Check for circular dependencies. This is called from do_dependents()
3210 * in kobj.c. If we are the thread already loading this module, then
3211 * we're trying to load a dependent that we're already loading which
3212 * means the user specified circular dependencies.
3213 */
3214 static int
3215 mod_circdep(struct modctl *modp)
3216 {
3217 struct modctl *rmod;
3218
3219 ASSERT(MUTEX_HELD(&mod_lock));
3220
3221 /*
3222 * Check the mod_inprogress_thread first.
3223 * mod_inprogress_thread is used in mod_hold_stub()
3224 * directly to improve performance.
3225 */
3226 if (modp->mod_inprogress_thread == curthread)
3227 return (1);
3228
3229 /*
3230 * Check the module circular dependencies.
3231 */
3232 for (rmod = modp; rmod != NULL; rmod = rmod->mod_requisite_loading) {
3233 /*
3234 * Check if there is a module circular dependency.
3235 */
3236 if (rmod->mod_requisite_loading == modp)
3237 return (1);
3238 }
3239 return (0);
3240 }
3241
3242 static int
3243 mod_getinfo(struct modctl *modp, struct modinfo *modinfop)
3244 {
3245 int (*func)(struct modinfo *);
3246 int retval;
3247
3248 ASSERT(modp->mod_busy);
3249
3250 /* primary modules don't do getinfo */
3251 if (modp->mod_prim)
3252 return (0);
3253
3254 func = (int (*)(struct modinfo *))kobj_lookup(modp->mod_mp, "_info");
3255
3256 if (kobj_addrcheck(modp->mod_mp, (caddr_t)func)) {
3257 cmn_err(CE_WARN, "_info() not defined properly in %s",
3258 modp->mod_filename);
3259 /*
3260 * The semantics of mod_info(9F) are that 0 is failure
3261 * and non-zero is success.
3262 */
3263 retval = 0;
3264 } else
3265 retval = (*func)(modinfop); /* call _info() function */
3266
3267 if (moddebug & MODDEBUG_USERDEBUG)
3268 printf("Returned from _info, retval = %x\n", retval);
3269
3270 return (retval);
3271 }
3272
3273 static void
3274 modadd(struct modctl *mp)
3275 {
3276 ASSERT(MUTEX_HELD(&mod_lock));
3277
3278 mp->mod_id = last_module_id++;
3279 mp->mod_next = &modules;
3280 mp->mod_prev = modules.mod_prev;
3281 modules.mod_prev->mod_next = mp;
3282 modules.mod_prev = mp;
3283 }
3284
3285 /*ARGSUSED*/
3286 static struct modctl *
3287 allocate_modp(const char *filename, const char *modname)
3288 {
3289 struct modctl *mp;
3290
3291 mp = kobj_zalloc(sizeof (*mp), KM_SLEEP);
3292 mp->mod_modname = kobj_zalloc(strlen(modname) + 1, KM_SLEEP);
3293 (void) strcpy(mp->mod_modname, modname);
3294 return (mp);
3295 }
3296
3297 /*
3298 * Get the value of a symbol. This is a wrapper routine that
3299 * calls kobj_getsymvalue(). kobj_getsymvalue() may go away but this
3300 * wrapper will prevent callers from noticing.
3301 */
3302 uintptr_t
3303 modgetsymvalue(char *name, int kernelonly)
3304 {
3305 return (kobj_getsymvalue(name, kernelonly));
3306 }
3307
3308 /*
3309 * Get the symbol nearest an address. This is a wrapper routine that
3310 * calls kobj_getsymname(). kobj_getsymname() may go away but this
3311 * wrapper will prevent callers from noticing.
3312 */
3313 char *
3314 modgetsymname(uintptr_t value, ulong_t *offset)
3315 {
3316 return (kobj_getsymname(value, offset));
3317 }
3318
3319 /*
3320 * Lookup a symbol in a specified module. These are wrapper routines that
3321 * call kobj_lookup(). kobj_lookup() may go away but these wrappers will
3322 * prevent callers from noticing.
3323 */
3324 uintptr_t
3325 modlookup(const char *modname, const char *symname)
3326 {
3327 struct modctl *modp;
3328 uintptr_t val;
3329
3330 if ((modp = mod_hold_by_name(modname)) == NULL)
3331 return (0);
3332 val = kobj_lookup(modp->mod_mp, symname);
3333 mod_release_mod(modp);
3334 return (val);
3335 }
3336
3337 uintptr_t
3338 modlookup_by_modctl(modctl_t *modp, const char *symname)
3339 {
3340 ASSERT(modp->mod_ref > 0 || modp->mod_busy);
3341
3342 return (kobj_lookup(modp->mod_mp, symname));
3343 }
3344
3345 /*
3346 * Ask the user for the name of the system file and the default path
3347 * for modules.
3348 */
3349 void
3350 mod_askparams()
3351 {
3352 static char s0[64];
3353 intptr_t fd;
3354
3355 if ((fd = kobj_open(systemfile)) != -1L)
3356 kobj_close(fd);
3357 else
3358 systemfile = self_assembly = NULL;
3359
3360 /*CONSTANTCONDITION*/
3361 while (1) {
3362 printf("Name of system file [%s]: ",
3363 systemfile ? systemfile : "/dev/null");
3364
3365 console_gets(s0, sizeof (s0));
3366
3367 if (s0[0] == '\0')
3368 break;
3369 else if (strcmp(s0, "/dev/null") == 0) {
3370 systemfile = self_assembly = NULL;
3371 break;
3372 } else {
3373 if ((fd = kobj_open(s0)) != -1L) {
3374 kobj_close(fd);
3375 systemfile = s0;
3376 self_assembly = NULL;
3377 break;
3378 }
3379 }
3380 printf("can't find file %s\n", s0);
3381 }
3382 }
3383
3384 static char loading_msg[] = "loading '%s' id %d\n";
3385 static char load_msg[] = "load '%s' id %d loaded @ 0x%p/0x%p size %d/%d\n";
3386
3387 /*
3388 * Common code for loading a module (but not installing it).
3389 * Handoff the task of module loading to a separate thread
3390 * with a large stack if possible, since this code may recurse a few times.
3391 * Return zero if there are no errors or an errno value.
3392 */
3393 static int
3394 mod_load(struct modctl *mp, int usepath)
3395 {
3396 int retval;
3397 struct modinfo *modinfop = NULL;
3398 struct loadmt lt;
3399
3400 ASSERT(MUTEX_NOT_HELD(&mod_lock));
3401 ASSERT(mp->mod_busy);
3402
3403 if (mp->mod_loaded)
3404 return (0);
3405
3406 if (mod_sysctl(SYS_CHECK_EXCLUDE, mp->mod_modname) != 0 ||
3407 mod_sysctl(SYS_CHECK_EXCLUDE, mp->mod_filename) != 0) {
3408 if (moddebug & MODDEBUG_LOADMSG) {
3409 printf(mod_excl_msg, mp->mod_filename,
3410 mp->mod_modname);
3411 }
3412 return (ENXIO);
3413 }
3414 if (moddebug & MODDEBUG_LOADMSG2)
3415 printf(loading_msg, mp->mod_filename, mp->mod_id);
3416
3417 if (curthread != &t0) {
3418 lt.mp = mp;
3419 lt.usepath = usepath;
3420 lt.owner = curthread;
3421 sema_init(<.sema, 0, NULL, SEMA_DEFAULT, NULL);
3422
3423 /* create thread to hand of call to */
3424 (void) thread_create(NULL, DEFAULTSTKSZ * 2,
3425 modload_thread, <, 0, &p0, TS_RUN, maxclsyspri);
3426
3427 /* wait for thread to complete kobj_load_module */
3428 sema_p(<.sema);
3429
3430 sema_destroy(<.sema);
3431 retval = lt.retval;
3432 } else
3433 retval = kobj_load_module(mp, usepath);
3434
3435 if (mp->mod_mp) {
3436 ASSERT(retval == 0);
3437 mp->mod_loaded = 1;
3438 mp->mod_loadcnt++;
3439 if (moddebug & MODDEBUG_LOADMSG) {
3440 printf(load_msg, mp->mod_filename, mp->mod_id,
3441 (void *)((struct module *)mp->mod_mp)->text,
3442 (void *)((struct module *)mp->mod_mp)->data,
3443 ((struct module *)mp->mod_mp)->text_size,
3444 ((struct module *)mp->mod_mp)->data_size);
3445 }
3446
3447 /*
3448 * XXX - There should be a better way to get this.
3449 */
3450 modinfop = kmem_zalloc(sizeof (struct modinfo), KM_SLEEP);
3451 modinfop->mi_info = MI_INFO_LINKAGE;
3452 if (mod_getinfo(mp, modinfop) == 0)
3453 mp->mod_linkage = NULL;
3454 else {
3455 mp->mod_linkage = (void *)modinfop->mi_base;
3456 ASSERT(mp->mod_linkage->ml_rev == MODREV_1);
3457 }
3458
3459 /*
3460 * DCS: bootstrapping code. If the driver is loaded
3461 * before root mount, it is assumed that the driver
3462 * may be used before mounting root. In order to
3463 * access mappings of global to local minor no.'s
3464 * during installation/open of the driver, we load
3465 * them into memory here while the BOP_interfaces
3466 * are still up.
3467 */
3468 if ((cluster_bootflags & CLUSTER_BOOTED) && !modrootloaded) {
3469 retval = clboot_modload(mp);
3470 }
3471
3472 kmem_free(modinfop, sizeof (struct modinfo));
3473 (void) mod_sysctl(SYS_SET_MVAR, (void *)mp);
3474 retval = install_stubs_by_name(mp, mp->mod_modname);
3475
3476 /*
3477 * Perform hotinlines before module is started.
3478 */
3479 do_hotinlines(mp->mod_mp);
3480
3481 /*
3482 * Now that the module is loaded, we need to give DTrace
3483 * a chance to notify its providers. This is done via
3484 * the dtrace_modload function pointer.
3485 */
3486 if (strcmp(mp->mod_modname, "dtrace") != 0) {
3487 struct modctl *dmp = mod_hold_by_name("dtrace");
3488
3489 if (dmp != NULL && dtrace_modload != NULL)
3490 (*dtrace_modload)(mp);
3491
3492 mod_release_mod(dmp);
3493 }
3494
3495 } else {
3496 /*
3497 * If load failed then we need to release any requisites
3498 * that we had established.
3499 */
3500 ASSERT(retval);
3501 mod_release_requisites(mp);
3502
3503 if (moddebug & MODDEBUG_ERRMSG)
3504 printf("error loading '%s', error %d\n",
3505 mp->mod_filename, retval);
3506 }
3507 return (retval);
3508 }
3509
3510 static char unload_msg[] = "unloading %s, module id %d, loadcnt %d.\n";
3511
3512 static void
3513 mod_unload(struct modctl *mp)
3514 {
3515 ASSERT(MUTEX_NOT_HELD(&mod_lock));
3516 ASSERT(mp->mod_busy);
3517 ASSERT((mp->mod_loaded && (mp->mod_installed == 0)) &&
3518 ((mp->mod_prim == 0) && (mp->mod_ref >= 0)));
3519
3520 if (moddebug & MODDEBUG_LOADMSG)
3521 printf(unload_msg, mp->mod_modname,
3522 mp->mod_id, mp->mod_loadcnt);
3523
3524 /*
3525 * If mod_ref is not zero, it means some modules might still refer
3526 * to this module. Then you can't unload this module right now.
3527 * Instead, set 1 to mod_delay_unload to notify the system of
3528 * unloading this module later when it's not required any more.
3529 */
3530 if (mp->mod_ref > 0) {
3531 mp->mod_delay_unload = 1;
3532 if (moddebug & MODDEBUG_LOADMSG2) {
3533 printf("module %s not unloaded,"
3534 " non-zero reference count (%d)",
3535 mp->mod_modname, mp->mod_ref);
3536 }
3537 return;
3538 }
3539
3540 if (((mp->mod_loaded == 0) || mp->mod_installed) ||
3541 (mp->mod_ref || mp->mod_prim)) {
3542 /*
3543 * A DEBUG kernel would ASSERT panic above, the code is broken
3544 * if we get this warning.
3545 */
3546 cmn_err(CE_WARN, "mod_unload: %s in incorrect state: %d %d %d",
3547 mp->mod_filename, mp->mod_installed, mp->mod_loaded,
3548 mp->mod_ref);
3549 return;
3550 }
3551
3552 /* reset stub functions to call the binder again */
3553 reset_stubs(mp);
3554
3555 /*
3556 * mark module as unloaded before the modctl structure is freed.
3557 * This is required not to reuse the modctl structure before
3558 * the module is marked as unloaded.
3559 */
3560 mp->mod_loaded = 0;
3561 mp->mod_linkage = NULL;
3562
3563 /* free the memory */
3564 kobj_unload_module(mp);
3565
3566 if (mp->mod_delay_unload) {
3567 mp->mod_delay_unload = 0;
3568 if (moddebug & MODDEBUG_LOADMSG2) {
3569 printf("deferred unload of module %s"
3570 " (id %d) successful",
3571 mp->mod_modname, mp->mod_id);
3572 }
3573 }
3574
3575 /* release hold on requisites */
3576 mod_release_requisites(mp);
3577
3578 /*
3579 * Now that the module is gone, we need to give DTrace a chance to
3580 * remove any probes that it may have had in the module. This is
3581 * done via the dtrace_modunload function pointer.
3582 */
3583 if (strcmp(mp->mod_modname, "dtrace") != 0) {
3584 struct modctl *dmp = mod_hold_by_name("dtrace");
3585
3586 if (dmp != NULL && dtrace_modunload != NULL)
3587 (*dtrace_modunload)(mp);
3588
3589 mod_release_mod(dmp);
3590 }
3591 }
3592
3593 static int
3594 modinstall(struct modctl *mp)
3595 {
3596 int val;
3597 int (*func)(void);
3598
3599 ASSERT(MUTEX_NOT_HELD(&mod_lock));
3600 ASSERT(mp->mod_busy && mp->mod_loaded);
3601
3602 if (mp->mod_installed)
3603 return (0);
3604 /*
3605 * If mod_delay_unload is on, it means the system chose the deferred
3606 * unload for this module. Then you can't install this module until
3607 * it's unloaded from the system.
3608 */
3609 if (mp->mod_delay_unload)
3610 return (ENXIO);
3611
3612 if (moddebug & MODDEBUG_LOADMSG)
3613 printf("installing %s, module id %d.\n",
3614 mp->mod_modname, mp->mod_id);
3615
3616 ASSERT(mp->mod_mp != NULL);
3617 if (mod_install_requisites(mp) != 0) {
3618 /*
3619 * Note that we can't call mod_unload(mp) here since
3620 * if modinstall() was called by mod_install_requisites(),
3621 * we won't be able to hold the dependent modules
3622 * (otherwise there would be a deadlock).
3623 */
3624 return (ENXIO);
3625 }
3626
3627 if (moddebug & MODDEBUG_ERRMSG) {
3628 printf("init '%s' id %d loaded @ 0x%p/0x%p size %lu/%lu\n",
3629 mp->mod_filename, mp->mod_id,
3630 (void *)((struct module *)mp->mod_mp)->text,
3631 (void *)((struct module *)mp->mod_mp)->data,
3632 ((struct module *)mp->mod_mp)->text_size,
3633 ((struct module *)mp->mod_mp)->data_size);
3634 }
3635
3636 func = (int (*)())kobj_lookup(mp->mod_mp, "_init");
3637
3638 if (kobj_addrcheck(mp->mod_mp, (caddr_t)func)) {
3639 cmn_err(CE_WARN, "_init() not defined properly in %s",
3640 mp->mod_filename);
3641 return (EFAULT);
3642 }
3643
3644 if (moddebug & MODDEBUG_USERDEBUG) {
3645 printf("breakpoint before calling %s:_init()\n",
3646 mp->mod_modname);
3647 if (DEBUGGER_PRESENT)
3648 debug_enter("_init");
3649 }
3650
3651 ASSERT(MUTEX_NOT_HELD(&mod_lock));
3652 ASSERT(mp->mod_busy && mp->mod_loaded);
3653 val = (*func)(); /* call _init */
3654
3655 if (moddebug & MODDEBUG_USERDEBUG)
3656 printf("Returned from _init, val = %x\n", val);
3657
3658 if (val == 0) {
3659 /*
3660 * Set the MODS_INSTALLED flag to enable this module
3661 * being called now.
3662 */
3663 install_stubs(mp);
3664 mp->mod_installed = 1;
3665 } else if (moddebug & MODDEBUG_ERRMSG)
3666 printf(mod_init_msg, mp->mod_filename, mp->mod_modname, val);
3667
3668 return (val);
3669 }
3670
3671 int detach_driver_unconfig = 0;
3672
3673 static int
3674 detach_driver(char *name)
3675 {
3676 major_t major;
3677 int error;
3678
3679 /*
3680 * If being called from mod_uninstall_all() then the appropriate
3681 * driver detaches (leaf only) have already been done.
3682 */
3683 if (mod_in_autounload())
3684 return (0);
3685
3686 major = ddi_name_to_major(name);
3687 if (major == DDI_MAJOR_T_NONE)
3688 return (0);
3689
3690 error = ndi_devi_unconfig_driver(ddi_root_node(),
3691 NDI_DETACH_DRIVER | detach_driver_unconfig, major);
3692 return (error == NDI_SUCCESS ? 0 : -1);
3693 }
3694
3695 static char finiret_msg[] = "Returned from _fini for %s, status = %x\n";
3696
3697 static int
3698 moduninstall(struct modctl *mp)
3699 {
3700 int status = 0;
3701 int (*func)(void);
3702
3703 ASSERT(MUTEX_NOT_HELD(&mod_lock));
3704 ASSERT(mp->mod_busy);
3705
3706 /*
3707 * Verify that we need to do something and can uninstall the module.
3708 *
3709 * If we should not uninstall the module or if the module is not in
3710 * the correct state to start an uninstall we return EBUSY to prevent
3711 * us from progressing to mod_unload. If the module has already been
3712 * uninstalled and unloaded we return EALREADY.
3713 */
3714 if (mp->mod_prim || mp->mod_ref || mp->mod_nenabled != 0)
3715 return (EBUSY);
3716 if ((mp->mod_installed == 0) || (mp->mod_loaded == 0))
3717 return (EALREADY);
3718
3719 /*
3720 * To avoid devinfo / module deadlock we must release this module
3721 * prior to initiating the detach_driver, otherwise the detach_driver
3722 * might deadlock on a devinfo node held by another thread
3723 * coming top down and involving the module we have locked.
3724 *
3725 * When we regrab the module we must reverify that it is OK
3726 * to proceed with the uninstall operation.
3727 */
3728 mod_release_mod(mp);
3729 status = detach_driver(mp->mod_modname);
3730 (void) mod_hold_by_modctl(mp, MOD_WAIT_FOREVER | MOD_LOCK_NOT_HELD);
3731
3732 /* check detach status and reverify state with lock */
3733 mutex_enter(&mod_lock);
3734 if ((status != 0) || mp->mod_prim || mp->mod_ref) {
3735 mutex_exit(&mod_lock);
3736 return (EBUSY);
3737 }
3738 if ((mp->mod_installed == 0) || (mp->mod_loaded == 0)) {
3739 mutex_exit(&mod_lock);
3740 return (EALREADY);
3741 }
3742 mutex_exit(&mod_lock);
3743
3744 if (moddebug & MODDEBUG_LOADMSG2)
3745 printf("uninstalling %s\n", mp->mod_modname);
3746
3747 /*
3748 * lookup _fini, return EBUSY if not defined.
3749 *
3750 * The MODDEBUG_FINI_EBUSY is usefull in resolving leaks in
3751 * detach(9E) - it allows bufctl addresses to be resolved.
3752 */
3753 func = (int (*)())kobj_lookup(mp->mod_mp, "_fini");
3754 if ((func == NULL) || (mp->mod_loadflags & MOD_NOUNLOAD) ||
3755 (moddebug & MODDEBUG_FINI_EBUSY))
3756 return (EBUSY);
3757
3758 /* verify that _fini is in this module */
3759 if (kobj_addrcheck(mp->mod_mp, (caddr_t)func)) {
3760 cmn_err(CE_WARN, "_fini() not defined properly in %s",
3761 mp->mod_filename);
3762 return (EFAULT);
3763 }
3764
3765 /* call _fini() */
3766 ASSERT(MUTEX_NOT_HELD(&mod_lock));
3767 ASSERT(mp->mod_busy && mp->mod_loaded && mp->mod_installed);
3768
3769 status = (*func)();
3770
3771 if (status == 0) {
3772 /* _fini returned success, the module is no longer installed */
3773 if (moddebug & MODDEBUG_LOADMSG)
3774 printf("uninstalled %s\n", mp->mod_modname);
3775
3776 /*
3777 * Even though we only set mod_installed to zero here, a zero
3778 * return value means we are committed to a code path were
3779 * mod_loaded will also end up as zero - we have no other
3780 * way to get the module data and bss back to the pre _init
3781 * state except a reload. To ensure this, after return,
3782 * mod_busy must stay set until mod_loaded is cleared.
3783 */
3784 mp->mod_installed = 0;
3785
3786 /*
3787 * Clear the MODS_INSTALLED flag not to call functions
3788 * in the module directly from now on.
3789 */
3790 uninstall_stubs(mp);
3791 } else {
3792 if (moddebug & MODDEBUG_USERDEBUG)
3793 printf(finiret_msg, mp->mod_filename, status);
3794 /*
3795 * By definition _fini is only allowed to return EBUSY or the
3796 * result of mod_remove (EBUSY or EINVAL). In the off chance
3797 * that a driver returns EALREADY we convert this to EINVAL
3798 * since to our caller EALREADY means module was already
3799 * removed.
3800 */
3801 if (status == EALREADY)
3802 status = EINVAL;
3803 }
3804
3805 return (status);
3806 }
3807
3808 /*
3809 * Uninstall all modules.
3810 */
3811 static void
3812 mod_uninstall_all(void)
3813 {
3814 struct modctl *mp;
3815 int pass;
3816 modid_t modid;
3817
3818 /* synchronize with any active modunload_disable() */
3819 modunload_begin();
3820
3821 /* mark this thread as doing autounloading */
3822 (void) tsd_set(mod_autounload_key, (void *)1);
3823
3824 (void) devfs_clean(ddi_root_node(), NULL, 0);
3825 (void) ndi_devi_unconfig(ddi_root_node(), NDI_AUTODETACH);
3826
3827 /*
3828 * Loop up to max times if we keep producing unreferenced modules.
3829 * A new unreferenced module is an opportunity to unload.
3830 */
3831 for (pass = 0; pass < mod_uninstall_pass_max; pass++) {
3832
3833 /* zero count of modules that go unreferenced during pass */
3834 mod_uninstall_ref_zero = 0;
3835
3836 modid = 0;
3837 while ((mp = mod_hold_next_by_id(modid)) != NULL) {
3838 modid = mp->mod_id;
3839
3840 /*
3841 * Skip modules with the MOD_NOAUTOUNLOAD flag set
3842 */
3843 if (mp->mod_loadflags & MOD_NOAUTOUNLOAD) {
3844 mod_release_mod(mp);
3845 continue;
3846 }
3847
3848 if (moduninstall(mp) == 0) {
3849 mod_unload(mp);
3850 CPU_STATS_ADDQ(CPU, sys, modunload, 1);
3851 }
3852 mod_release_mod(mp);
3853 }
3854
3855 /* break if no modules went unreferenced during pass */
3856 if (mod_uninstall_ref_zero == 0)
3857 break;
3858 }
3859 if (pass >= mod_uninstall_pass_max)
3860 mod_uninstall_pass_exc++;
3861
3862 (void) tsd_set(mod_autounload_key, NULL);
3863 modunload_end();
3864 }
3865
3866 /* wait for unloads that have begun before registering disable */
3867 void
3868 modunload_disable(void)
3869 {
3870 mutex_enter(&modunload_wait_mutex);
3871 while (modunload_active_count) {
3872 modunload_wait++;
3873 cv_wait(&modunload_wait_cv, &modunload_wait_mutex);
3874 modunload_wait--;
3875 }
3876 modunload_disable_count++;
3877 mutex_exit(&modunload_wait_mutex);
3878 }
3879
3880 /* mark end of disable and signal waiters */
3881 void
3882 modunload_enable(void)
3883 {
3884 mutex_enter(&modunload_wait_mutex);
3885 modunload_disable_count--;
3886 if ((modunload_disable_count == 0) && modunload_wait)
3887 cv_broadcast(&modunload_wait_cv);
3888 mutex_exit(&modunload_wait_mutex);
3889 }
3890
3891 /* wait for disables to complete before begining unload */
3892 void
3893 modunload_begin()
3894 {
3895 mutex_enter(&modunload_wait_mutex);
3896 while (modunload_disable_count) {
3897 modunload_wait++;
3898 cv_wait(&modunload_wait_cv, &modunload_wait_mutex);
3899 modunload_wait--;
3900 }
3901 modunload_active_count++;
3902 mutex_exit(&modunload_wait_mutex);
3903 }
3904
3905 /* mark end of unload and signal waiters */
3906 void
3907 modunload_end()
3908 {
3909 mutex_enter(&modunload_wait_mutex);
3910 modunload_active_count--;
3911 if ((modunload_active_count == 0) && modunload_wait)
3912 cv_broadcast(&modunload_wait_cv);
3913 mutex_exit(&modunload_wait_mutex);
3914 }
3915
3916 void
3917 mod_uninstall_daemon(void)
3918 {
3919 callb_cpr_t cprinfo;
3920 clock_t ticks;
3921
3922 mod_aul_thread = curthread;
3923
3924 CALLB_CPR_INIT(&cprinfo, &mod_uninstall_lock, callb_generic_cpr, "mud");
3925 for (;;) {
3926 mutex_enter(&mod_uninstall_lock);
3927 CALLB_CPR_SAFE_BEGIN(&cprinfo);
3928 /*
3929 * In DEBUG kernels, unheld drivers are uninstalled periodically
3930 * every mod_uninstall_interval seconds. Periodic uninstall can
3931 * be disabled by setting mod_uninstall_interval to 0 which is
3932 * the default for a non-DEBUG kernel.
3933 */
3934 if (mod_uninstall_interval) {
3935 ticks = drv_usectohz(mod_uninstall_interval * 1000000);
3936 (void) cv_reltimedwait(&mod_uninstall_cv,
3937 &mod_uninstall_lock, ticks, TR_CLOCK_TICK);
3938 } else {
3939 cv_wait(&mod_uninstall_cv, &mod_uninstall_lock);
3940 }
3941 /*
3942 * The whole daemon is safe for CPR except we don't want
3943 * the daemon to run if FREEZE is issued and this daemon
3944 * wakes up from the cv_wait above. In this case, it'll be
3945 * blocked in CALLB_CPR_SAFE_END until THAW is issued.
3946 *
3947 * The reason of calling CALLB_CPR_SAFE_BEGIN twice is that
3948 * mod_uninstall_lock is used to protect cprinfo and
3949 * CALLB_CPR_SAFE_BEGIN assumes that this lock is held when
3950 * called.
3951 */
3952 CALLB_CPR_SAFE_END(&cprinfo, &mod_uninstall_lock);
3953 CALLB_CPR_SAFE_BEGIN(&cprinfo);
3954 mutex_exit(&mod_uninstall_lock);
3955 if ((modunload_disable_count == 0) &&
3956 ((moddebug & MODDEBUG_NOAUTOUNLOAD) == 0)) {
3957 mod_uninstall_all();
3958 }
3959 }
3960 }
3961
3962 /*
3963 * Unload all uninstalled modules.
3964 */
3965 void
3966 modreap(void)
3967 {
3968 mutex_enter(&mod_uninstall_lock);
3969 cv_broadcast(&mod_uninstall_cv);
3970 mutex_exit(&mod_uninstall_lock);
3971 }
3972
3973 /*
3974 * Hold the specified module. This is the module holding primitive.
3975 *
3976 * If MOD_LOCK_HELD then the caller already holds the mod_lock.
3977 *
3978 * Return values:
3979 * 0 ==> the module is held
3980 * 1 ==> the module is not held and the MOD_WAIT_ONCE caller needs
3981 * to determine how to retry.
3982 */
3983 int
3984 mod_hold_by_modctl(struct modctl *mp, int f)
3985 {
3986 ASSERT((f & (MOD_WAIT_ONCE | MOD_WAIT_FOREVER)) &&
3987 ((f & (MOD_WAIT_ONCE | MOD_WAIT_FOREVER)) !=
3988 (MOD_WAIT_ONCE | MOD_WAIT_FOREVER)));
3989 ASSERT((f & (MOD_LOCK_HELD | MOD_LOCK_NOT_HELD)) &&
3990 ((f & (MOD_LOCK_HELD | MOD_LOCK_NOT_HELD)) !=
3991 (MOD_LOCK_HELD | MOD_LOCK_NOT_HELD)));
3992 ASSERT((f & MOD_LOCK_NOT_HELD) || MUTEX_HELD(&mod_lock));
3993
3994 if (f & MOD_LOCK_NOT_HELD)
3995 mutex_enter(&mod_lock);
3996
3997 while (mp->mod_busy) {
3998 mp->mod_want = 1;
3999 cv_wait(&mod_cv, &mod_lock);
4000 /*
4001 * Module may be unloaded by daemon.
4002 * Nevertheless, modctl structure is still in linked list
4003 * (i.e., off &modules), not freed!
4004 * Caller is not supposed to assume "mp" is valid, but there
4005 * is no reasonable way to detect this but using
4006 * mp->mod_modinfo->mp == NULL check (follow the back pointer)
4007 * (or similar check depending on calling context)
4008 * DON'T free modctl structure, it will be very very
4009 * problematic.
4010 */
4011 if (f & MOD_WAIT_ONCE) {
4012 if (f & MOD_LOCK_NOT_HELD)
4013 mutex_exit(&mod_lock);
4014 return (1); /* caller decides how to retry */
4015 }
4016 }
4017
4018 mp->mod_busy = 1;
4019 mp->mod_inprogress_thread =
4020 (curthread == NULL ? (kthread_id_t)-1 : curthread);
4021
4022 if (f & MOD_LOCK_NOT_HELD)
4023 mutex_exit(&mod_lock);
4024 return (0);
4025 }
4026
4027 static struct modctl *
4028 mod_hold_by_name_common(struct modctl *dep, const char *filename)
4029 {
4030 const char *modname;
4031 struct modctl *mp;
4032 char *curname, *newname;
4033 int found = 0;
4034
4035 mutex_enter(&mod_lock);
4036
4037 if ((modname = strrchr(filename, '/')) == NULL)
4038 modname = filename;
4039 else
4040 modname++;
4041
4042 mp = &modules;
4043 do {
4044 if (strcmp(modname, mp->mod_modname) == 0) {
4045 found = 1;
4046 break;
4047 }
4048 } while ((mp = mp->mod_next) != &modules);
4049
4050 if (found == 0) {
4051 mp = allocate_modp(filename, modname);
4052 modadd(mp);
4053 }
4054
4055 /*
4056 * if dep is not NULL, set the mp in mod_requisite_loading for
4057 * the module circular dependency check. This field is used in
4058 * mod_circdep(), but it's cleard in mod_hold_loaded_mod().
4059 */
4060 if (dep != NULL) {
4061 ASSERT(dep->mod_busy && dep->mod_requisite_loading == NULL);
4062 dep->mod_requisite_loading = mp;
4063 }
4064
4065 /*
4066 * If the module was held, then it must be us who has it held.
4067 */
4068 if (mod_circdep(mp))
4069 mp = NULL;
4070 else {
4071 (void) mod_hold_by_modctl(mp, MOD_WAIT_FOREVER | MOD_LOCK_HELD);
4072
4073 /*
4074 * If the name hadn't been set or has changed, allocate
4075 * space and set it. Free space used by previous name.
4076 *
4077 * Do not change the name of primary modules, for primary
4078 * modules the mod_filename was allocated in standalone mode:
4079 * it is illegal to kobj_alloc in standalone mode and kobj_free
4080 * in non-standalone mode.
4081 */
4082 curname = mp->mod_filename;
4083 if (curname == NULL ||
4084 ((mp->mod_prim == 0) &&
4085 (curname != filename) &&
4086 (modname != filename) &&
4087 (strcmp(curname, filename) != 0))) {
4088 newname = kobj_zalloc(strlen(filename) + 1, KM_SLEEP);
4089 (void) strcpy(newname, filename);
4090 mp->mod_filename = newname;
4091 if (curname != NULL)
4092 kobj_free(curname, strlen(curname) + 1);
4093 }
4094 }
4095
4096 mutex_exit(&mod_lock);
4097 if (mp && moddebug & MODDEBUG_LOADMSG2)
4098 printf("Holding %s\n", mp->mod_filename);
4099 if (mp == NULL && moddebug & MODDEBUG_LOADMSG2)
4100 printf("circular dependency loading %s\n", filename);
4101 return (mp);
4102 }
4103
4104 static struct modctl *
4105 mod_hold_by_name_requisite(struct modctl *dep, char *filename)
4106 {
4107 return (mod_hold_by_name_common(dep, filename));
4108 }
4109
4110 struct modctl *
4111 mod_hold_by_name(const char *filename)
4112 {
4113 return (mod_hold_by_name_common(NULL, filename));
4114 }
4115
4116 struct modctl *
4117 mod_hold_by_id(modid_t modid)
4118 {
4119 struct modctl *mp;
4120 int found = 0;
4121
4122 mutex_enter(&mod_lock);
4123 mp = &modules;
4124 do {
4125 if (mp->mod_id == modid) {
4126 found = 1;
4127 break;
4128 }
4129 } while ((mp = mp->mod_next) != &modules);
4130
4131 if ((found == 0) || mod_circdep(mp))
4132 mp = NULL;
4133 else
4134 (void) mod_hold_by_modctl(mp, MOD_WAIT_FOREVER | MOD_LOCK_HELD);
4135
4136 mutex_exit(&mod_lock);
4137 return (mp);
4138 }
4139
4140 static struct modctl *
4141 mod_hold_next_by_id(modid_t modid)
4142 {
4143 struct modctl *mp;
4144 int found = 0;
4145
4146 if (modid < -1)
4147 return (NULL);
4148
4149 mutex_enter(&mod_lock);
4150
4151 mp = &modules;
4152 do {
4153 if (mp->mod_id > modid) {
4154 found = 1;
4155 break;
4156 }
4157 } while ((mp = mp->mod_next) != &modules);
4158
4159 if ((found == 0) || mod_circdep(mp))
4160 mp = NULL;
4161 else
4162 (void) mod_hold_by_modctl(mp, MOD_WAIT_FOREVER | MOD_LOCK_HELD);
4163
4164 mutex_exit(&mod_lock);
4165 return (mp);
4166 }
4167
4168 static void
4169 mod_release(struct modctl *mp)
4170 {
4171 ASSERT(MUTEX_HELD(&mod_lock));
4172 ASSERT(mp->mod_busy);
4173
4174 mp->mod_busy = 0;
4175 mp->mod_inprogress_thread = NULL;
4176 if (mp->mod_want) {
4177 mp->mod_want = 0;
4178 cv_broadcast(&mod_cv);
4179 }
4180 }
4181
4182 void
4183 mod_release_mod(struct modctl *mp)
4184 {
4185 if (moddebug & MODDEBUG_LOADMSG2)
4186 printf("Releasing %s\n", mp->mod_filename);
4187 mutex_enter(&mod_lock);
4188 mod_release(mp);
4189 mutex_exit(&mod_lock);
4190 }
4191
4192 modid_t
4193 mod_name_to_modid(char *filename)
4194 {
4195 char *modname;
4196 struct modctl *mp;
4197
4198 mutex_enter(&mod_lock);
4199
4200 if ((modname = strrchr(filename, '/')) == NULL)
4201 modname = filename;
4202 else
4203 modname++;
4204
4205 mp = &modules;
4206 do {
4207 if (strcmp(modname, mp->mod_modname) == 0) {
4208 mutex_exit(&mod_lock);
4209 return (mp->mod_id);
4210 }
4211 } while ((mp = mp->mod_next) != &modules);
4212
4213 mutex_exit(&mod_lock);
4214 return (-1);
4215 }
4216
4217
4218 int
4219 mod_remove_by_name(char *name)
4220 {
4221 struct modctl *mp;
4222 int retval;
4223
4224 mp = mod_hold_by_name(name);
4225
4226 if (mp == NULL)
4227 return (EINVAL);
4228
4229 if (mp->mod_loadflags & MOD_NOAUTOUNLOAD) {
4230 /*
4231 * Do not unload forceloaded modules
4232 */
4233 mod_release_mod(mp);
4234 return (0);
4235 }
4236
4237 if ((retval = moduninstall(mp)) == 0) {
4238 mod_unload(mp);
4239 CPU_STATS_ADDQ(CPU, sys, modunload, 1);
4240 } else if (retval == EALREADY)
4241 retval = 0; /* already unloaded, not an error */
4242 mod_release_mod(mp);
4243 return (retval);
4244 }
4245
4246 /*
4247 * Record that module "dep" is dependent on module "on_mod."
4248 */
4249 static void
4250 mod_make_requisite(struct modctl *dependent, struct modctl *on_mod)
4251 {
4252 struct modctl_list **pmlnp; /* previous next pointer */
4253 struct modctl_list *mlp;
4254 struct modctl_list *new;
4255
4256 ASSERT(dependent->mod_busy && on_mod->mod_busy);
4257 mutex_enter(&mod_lock);
4258
4259 /*
4260 * Search dependent's requisite list to see if on_mod is recorded.
4261 * List is ordered by id.
4262 */
4263 for (pmlnp = &dependent->mod_requisites, mlp = *pmlnp;
4264 mlp; pmlnp = &mlp->modl_next, mlp = *pmlnp)
4265 if (mlp->modl_modp->mod_id >= on_mod->mod_id)
4266 break;
4267
4268 /* Create and insert if not already recorded */
4269 if ((mlp == NULL) || (mlp->modl_modp->mod_id != on_mod->mod_id)) {
4270 new = kobj_zalloc(sizeof (*new), KM_SLEEP);
4271 new->modl_modp = on_mod;
4272 new->modl_next = mlp;
4273 *pmlnp = new;
4274
4275 /*
4276 * Increment the mod_ref count in our new requisite module.
4277 * This is what keeps a module that has other modules
4278 * which are dependent on it from being uninstalled and
4279 * unloaded. "on_mod"'s mod_ref count decremented in
4280 * mod_release_requisites when the "dependent" module
4281 * unload is complete. "on_mod" must be loaded, but may not
4282 * yet be installed.
4283 */
4284 on_mod->mod_ref++;
4285 ASSERT(on_mod->mod_ref && on_mod->mod_loaded);
4286 }
4287
4288 mutex_exit(&mod_lock);
4289 }
4290
4291 /*
4292 * release the hold associated with mod_make_requisite mod_ref++
4293 * as part of unload.
4294 */
4295 void
4296 mod_release_requisites(struct modctl *modp)
4297 {
4298 struct modctl_list *modl;
4299 struct modctl_list *next;
4300 struct modctl *req;
4301 struct modctl_list *start = NULL, *mod_garbage;
4302
4303 ASSERT(!quiesce_active);
4304 ASSERT(modp->mod_busy);
4305 ASSERT(MUTEX_NOT_HELD(&mod_lock));
4306
4307 mutex_enter(&mod_lock); /* needed for manipulation of req */
4308 for (modl = modp->mod_requisites; modl; modl = next) {
4309 next = modl->modl_next;
4310 req = modl->modl_modp;
4311 ASSERT(req->mod_ref >= 1 && req->mod_loaded);
4312 req->mod_ref--;
4313 if (req->mod_ref == 0)
4314 mod_uninstall_ref_zero++;
4315
4316 /*
4317 * Check if the module has to be unloaded or not.
4318 */
4319 if (req->mod_ref == 0 && req->mod_delay_unload) {
4320 struct modctl_list *new;
4321 /*
4322 * Allocate the modclt_list holding the garbage
4323 * module which should be unloaded later.
4324 */
4325 new = kobj_zalloc(sizeof (struct modctl_list),
4326 KM_SLEEP);
4327 new->modl_modp = req;
4328
4329 if (start == NULL)
4330 mod_garbage = start = new;
4331 else {
4332 mod_garbage->modl_next = new;
4333 mod_garbage = new;
4334 }
4335 }
4336
4337 /* free the list as we go */
4338 kobj_free(modl, sizeof (*modl));
4339 }
4340 modp->mod_requisites = NULL;
4341 mutex_exit(&mod_lock);
4342
4343 /*
4344 * Unload the garbage modules.
4345 */
4346 for (mod_garbage = start; mod_garbage != NULL; /* nothing */) {
4347 struct modctl_list *old = mod_garbage;
4348 struct modctl *mp = mod_garbage->modl_modp;
4349 ASSERT(mp != NULL);
4350
4351 /*
4352 * Hold this module until it's unloaded completely.
4353 */
4354 (void) mod_hold_by_modctl(mp,
4355 MOD_WAIT_FOREVER | MOD_LOCK_NOT_HELD);
4356 /*
4357 * Check if the module is not unloaded yet and nobody requires
4358 * the module. If it's unloaded already or somebody still
4359 * requires the module, don't unload it now.
4360 */
4361 if (mp->mod_loaded && mp->mod_ref == 0)
4362 mod_unload(mp);
4363 ASSERT((mp->mod_loaded == 0 && mp->mod_delay_unload == 0) ||
4364 (mp->mod_ref > 0));
4365 mod_release_mod(mp);
4366
4367 mod_garbage = mod_garbage->modl_next;
4368 kobj_free(old, sizeof (struct modctl_list));
4369 }
4370 }
4371
4372 /*
4373 * Process dependency of the module represented by "dep" on the
4374 * module named by "on."
4375 *
4376 * Called from kobj_do_dependents() to load a module "on" on which
4377 * "dep" depends.
4378 */
4379 struct modctl *
4380 mod_load_requisite(struct modctl *dep, char *on)
4381 {
4382 struct modctl *on_mod;
4383 int retval;
4384
4385 if ((on_mod = mod_hold_loaded_mod(dep, on, &retval)) != NULL) {
4386 mod_make_requisite(dep, on_mod);
4387 } else if (moddebug & MODDEBUG_ERRMSG) {
4388 printf("error processing %s on which module %s depends\n",
4389 on, dep->mod_modname);
4390 }
4391 return (on_mod);
4392 }
4393
4394 static int
4395 mod_install_requisites(struct modctl *modp)
4396 {
4397 struct modctl_list *modl;
4398 struct modctl *req;
4399 int status = 0;
4400
4401 ASSERT(MUTEX_NOT_HELD(&mod_lock));
4402 ASSERT(modp->mod_busy);
4403
4404 for (modl = modp->mod_requisites; modl; modl = modl->modl_next) {
4405 req = modl->modl_modp;
4406 (void) mod_hold_by_modctl(req,
4407 MOD_WAIT_FOREVER | MOD_LOCK_NOT_HELD);
4408 status = modinstall(req);
4409 mod_release_mod(req);
4410
4411 if (status != 0)
4412 break;
4413 }
4414 return (status);
4415 }
4416
4417 /*
4418 * returns 1 if this thread is doing autounload, 0 otherwise.
4419 * see mod_uninstall_all.
4420 */
4421 int
4422 mod_in_autounload()
4423 {
4424 return ((int)(uintptr_t)tsd_get(mod_autounload_key));
4425 }
4426
4427 /*
4428 * gmatch adapted from libc, stripping the wchar stuff
4429 */
4430 #define popchar(p, c) { \
4431 c = *p++; \
4432 if (c == 0) { \
4433 return (0); \
4434 } \
4435 }
4436
4437 int
4438 gmatch(const char *s, const char *p)
4439 {
4440 int c, sc;
4441 int ok, lc, notflag;
4442
4443 sc = *s++;
4444 c = *p++;
4445 if (c == 0)
4446 return (sc == c); /* nothing matches nothing */
4447
4448 switch (c) {
4449 case '\\':
4450 /* skip to quoted character */
4451 popchar(p, c);
4452 /*FALLTHRU*/
4453
4454 default:
4455 /* straight comparison */
4456 if (c != sc)
4457 return (0);
4458 /*FALLTHRU*/
4459
4460 case '?':
4461 /* first char matches, move to remainder */
4462 return (sc != '\0' ? gmatch(s, p) : 0);
4463
4464
4465 case '*':
4466 while (*p == '*')
4467 p++;
4468
4469 /* * matches everything */
4470 if (*p == 0)
4471 return (1);
4472
4473 /* undo skip at the beginning & iterate over substrings */
4474 --s;
4475 while (*s) {
4476 if (gmatch(s, p))
4477 return (1);
4478 s++;
4479 }
4480 return (0);
4481
4482 case '[':
4483 /* match any char within [] */
4484 if (sc == 0)
4485 return (0);
4486
4487 ok = lc = notflag = 0;
4488
4489 if (*p == '!') {
4490 notflag = 1;
4491 p++;
4492 }
4493 popchar(p, c);
4494
4495 do {
4496 if (c == '-' && lc && *p != ']') {
4497 /* test sc against range [c1-c2] */
4498 popchar(p, c);
4499 if (c == '\\') {
4500 popchar(p, c);
4501 }
4502
4503 if (notflag) {
4504 /* return 0 on mismatch */
4505 if (lc <= sc && sc <= c)
4506 return (0);
4507 ok++;
4508 } else if (lc <= sc && sc <= c) {
4509 ok++;
4510 }
4511 /* keep going, may get a match next */
4512 } else if (c == '\\') {
4513 /* skip to quoted character */
4514 popchar(p, c);
4515 }
4516 lc = c;
4517 if (notflag) {
4518 if (sc == lc)
4519 return (0);
4520 ok++;
4521 } else if (sc == lc) {
4522 ok++;
4523 }
4524 popchar(p, c);
4525 } while (c != ']');
4526
4527 /* recurse on remainder of string */
4528 return (ok ? gmatch(s, p) : 0);
4529 }
4530 /*NOTREACHED*/
4531 }
4532
4533
4534 /*
4535 * Get default perm for device from /etc/minor_perm. Return 0 if match found.
4536 *
4537 * Pure wild-carded patterns are handled separately so the ordering of
4538 * these patterns doesn't matter. We're still dependent on ordering
4539 * however as the first matching entry is the one returned.
4540 * Not ideal but all existing examples and usage do imply this
4541 * ordering implicitly.
4542 *
4543 * Drivers using the clone driver are always good for some entertainment.
4544 * Clone nodes under pseudo have the form clone@0:<driver>. Some minor
4545 * perm entries have the form clone:<driver>, others use <driver>:*
4546 * Examples are clone:llc1 vs. llc2:*, for example.
4547 *
4548 * Minor perms in the clone:<driver> form are mapped to the drivers's
4549 * mperm list, not the clone driver, as wildcard entries for clone
4550 * reference only. In other words, a clone wildcard will match
4551 * references for clone@0:<driver> but never <driver>@<minor>.
4552 *
4553 * Additional minor perms in the standard form are also supported,
4554 * for mixed usage, ie a node with an entry clone:<driver> could
4555 * provide further entries <driver>:<minor>.
4556 *
4557 * Finally, some uses of clone use an alias as the minor name rather
4558 * than the driver name, with the alias as the minor perm entry.
4559 * This case is handled by attaching the driver to bring its
4560 * minor list into existence, then discover the alias via DDI_ALIAS.
4561 * The clone device's minor perm list can then be searched for
4562 * that alias.
4563 */
4564
4565 static int
4566 dev_alias_minorperm(dev_info_t *dip, char *minor_name, mperm_t *rmp)
4567 {
4568 major_t major;
4569 struct devnames *dnp;
4570 mperm_t *mp;
4571 char *alias = NULL;
4572 dev_info_t *cdevi;
4573 int circ;
4574 struct ddi_minor_data *dmd;
4575
4576 major = ddi_name_to_major(minor_name);
4577
4578 ASSERT(dip == clone_dip);
4579 ASSERT(major != DDI_MAJOR_T_NONE);
4580
4581 /*
4582 * Attach the driver named by the minor node, then
4583 * search its first instance's minor list for an
4584 * alias node.
4585 */
4586 if (ddi_hold_installed_driver(major) == NULL)
4587 return (1);
4588
4589 dnp = &devnamesp[major];
4590 LOCK_DEV_OPS(&dnp->dn_lock);
4591
4592 if ((cdevi = dnp->dn_head) != NULL) {
4593 ndi_devi_enter(cdevi, &circ);
4594 for (dmd = DEVI(cdevi)->devi_minor; dmd; dmd = dmd->next) {
4595 if (dmd->type == DDM_ALIAS) {
4596 alias = i_ddi_strdup(dmd->ddm_name, KM_SLEEP);
4597 break;
4598 }
4599 }
4600 ndi_devi_exit(cdevi, circ);
4601 }
4602
4603 UNLOCK_DEV_OPS(&dnp->dn_lock);
4604 ddi_rele_driver(major);
4605
4606 if (alias == NULL) {
4607 if (moddebug & MODDEBUG_MINORPERM)
4608 cmn_err(CE_CONT, "dev_minorperm: "
4609 "no alias for %s\n", minor_name);
4610 return (1);
4611 }
4612
4613 major = ddi_driver_major(clone_dip);
4614 dnp = &devnamesp[major];
4615 LOCK_DEV_OPS(&dnp->dn_lock);
4616
4617 /*
4618 * Go through the clone driver's mperm list looking
4619 * for a match for the specified alias.
4620 */
4621 for (mp = dnp->dn_mperm; mp; mp = mp->mp_next) {
4622 if (strcmp(alias, mp->mp_minorname) == 0) {
4623 break;
4624 }
4625 }
4626
4627 if (mp) {
4628 if (moddebug & MODDEBUG_MP_MATCH) {
4629 cmn_err(CE_CONT,
4630 "minor perm defaults: %s %s 0%o %d %d (aliased)\n",
4631 minor_name, alias, mp->mp_mode,
4632 mp->mp_uid, mp->mp_gid);
4633 }
4634 rmp->mp_uid = mp->mp_uid;
4635 rmp->mp_gid = mp->mp_gid;
4636 rmp->mp_mode = mp->mp_mode;
4637 }
4638 UNLOCK_DEV_OPS(&dnp->dn_lock);
4639
4640 kmem_free(alias, strlen(alias)+1);
4641
4642 return (mp == NULL);
4643 }
4644
4645 int
4646 dev_minorperm(dev_info_t *dip, char *name, mperm_t *rmp)
4647 {
4648 major_t major;
4649 char *minor_name;
4650 struct devnames *dnp;
4651 mperm_t *mp;
4652 int is_clone = 0;
4653
4654 if (!minorperm_loaded) {
4655 if (moddebug & MODDEBUG_MINORPERM)
4656 cmn_err(CE_CONT,
4657 "%s: minor perm not yet loaded\n", name);
4658 return (1);
4659 }
4660
4661 minor_name = strchr(name, ':');
4662 if (minor_name == NULL)
4663 return (1);
4664 minor_name++;
4665
4666 /*
4667 * If it's the clone driver, search the driver as named
4668 * by the minor. All clone minor perm entries other than
4669 * alias nodes are actually installed on the real driver's list.
4670 */
4671 if (dip == clone_dip) {
4672 major = ddi_name_to_major(minor_name);
4673 if (major == DDI_MAJOR_T_NONE) {
4674 if (moddebug & MODDEBUG_MINORPERM)
4675 cmn_err(CE_CONT, "dev_minorperm: "
4676 "%s: no such driver\n", minor_name);
4677 return (1);
4678 }
4679 is_clone = 1;
4680 } else {
4681 major = ddi_driver_major(dip);
4682 ASSERT(major != DDI_MAJOR_T_NONE);
4683 }
4684
4685 dnp = &devnamesp[major];
4686 LOCK_DEV_OPS(&dnp->dn_lock);
4687
4688 /*
4689 * Go through the driver's mperm list looking for
4690 * a match for the specified minor. If there's
4691 * no matching pattern, use the wild card.
4692 * Defer to the clone wild for clone if specified,
4693 * otherwise fall back to the normal form.
4694 */
4695 for (mp = dnp->dn_mperm; mp; mp = mp->mp_next) {
4696 if (gmatch(minor_name, mp->mp_minorname) != 0) {
4697 break;
4698 }
4699 }
4700 if (mp == NULL) {
4701 if (is_clone)
4702 mp = dnp->dn_mperm_clone;
4703 if (mp == NULL)
4704 mp = dnp->dn_mperm_wild;
4705 }
4706
4707 if (mp) {
4708 if (moddebug & MODDEBUG_MP_MATCH) {
4709 cmn_err(CE_CONT,
4710 "minor perm defaults: %s %s 0%o %d %d\n",
4711 name, mp->mp_minorname, mp->mp_mode,
4712 mp->mp_uid, mp->mp_gid);
4713 }
4714 rmp->mp_uid = mp->mp_uid;
4715 rmp->mp_gid = mp->mp_gid;
4716 rmp->mp_mode = mp->mp_mode;
4717 }
4718 UNLOCK_DEV_OPS(&dnp->dn_lock);
4719
4720 /*
4721 * If no match can be found for a clone node,
4722 * search for a possible match for an alias.
4723 * One such example is /dev/ptmx -> /devices/pseudo/clone@0:ptm,
4724 * with minor perm entry clone:ptmx.
4725 */
4726 if (mp == NULL && is_clone) {
4727 return (dev_alias_minorperm(dip, minor_name, rmp));
4728 }
4729
4730 return (mp == NULL);
4731 }
4732
4733 /*
4734 * dynamicaly reference load a dl module/library, returning handle
4735 */
4736 /*ARGSUSED*/
4737 ddi_modhandle_t
4738 ddi_modopen(const char *modname, int mode, int *errnop)
4739 {
4740 char *subdir;
4741 char *mod;
4742 int subdirlen;
4743 struct modctl *hmodp = NULL;
4744 int retval = EINVAL;
4745
4746 ASSERT(modname && (mode == KRTLD_MODE_FIRST));
4747 if ((modname == NULL) || (mode != KRTLD_MODE_FIRST))
4748 goto out;
4749
4750 /* find last '/' in modname */
4751 mod = strrchr(modname, '/');
4752
4753 if (mod) {
4754 /* for subdir string without modification to argument */
4755 mod++;
4756 subdirlen = mod - modname;
4757 subdir = kmem_alloc(subdirlen, KM_SLEEP);
4758 (void) strlcpy(subdir, modname, subdirlen);
4759 } else {
4760 subdirlen = 0;
4761 subdir = "misc";
4762 mod = (char *)modname;
4763 }
4764
4765 /* reference load with errno return value */
4766 retval = modrload(subdir, mod, &hmodp);
4767
4768 if (subdirlen)
4769 kmem_free(subdir, subdirlen);
4770
4771 out: if (errnop)
4772 *errnop = retval;
4773
4774 if (moddebug & MODDEBUG_DDI_MOD)
4775 printf("ddi_modopen %s mode %x: %s %p %d\n",
4776 modname ? modname : "<unknown>", mode,
4777 hmodp ? hmodp->mod_filename : "<unknown>",
4778 (void *)hmodp, retval);
4779
4780 return ((ddi_modhandle_t)hmodp);
4781 }
4782
4783 /* lookup "name" in open dl module/library */
4784 void *
4785 ddi_modsym(ddi_modhandle_t h, const char *name, int *errnop)
4786 {
4787 struct modctl *hmodp = (struct modctl *)h;
4788 void *f;
4789 int retval;
4790
4791 ASSERT(hmodp && name && hmodp->mod_installed && (hmodp->mod_ref >= 1));
4792 if ((hmodp == NULL) || (name == NULL) ||
4793 (hmodp->mod_installed == 0) || (hmodp->mod_ref < 1)) {
4794 f = NULL;
4795 retval = EINVAL;
4796 } else {
4797 f = (void *)kobj_lookup(hmodp->mod_mp, (char *)name);
4798 if (f)
4799 retval = 0;
4800 else
4801 retval = ENOTSUP;
4802 }
4803
4804 if (moddebug & MODDEBUG_DDI_MOD)
4805 printf("ddi_modsym in %s of %s: %d %p\n",
4806 hmodp ? hmodp->mod_modname : "<unknown>",
4807 name ? name : "<unknown>", retval, f);
4808
4809 if (errnop)
4810 *errnop = retval;
4811 return (f);
4812 }
4813
4814 /* dynamic (un)reference unload of an open dl module/library */
4815 int
4816 ddi_modclose(ddi_modhandle_t h)
4817 {
4818 struct modctl *hmodp = (struct modctl *)h;
4819 struct modctl *modp = NULL;
4820 int retval;
4821
4822 ASSERT(hmodp && hmodp->mod_installed && (hmodp->mod_ref >= 1));
4823 if ((hmodp == NULL) ||
4824 (hmodp->mod_installed == 0) || (hmodp->mod_ref < 1)) {
4825 retval = EINVAL;
4826 goto out;
4827 }
4828
4829 retval = modunrload(hmodp->mod_id, &modp, ddi_modclose_unload);
4830 if (retval == EBUSY)
4831 retval = 0; /* EBUSY is not an error */
4832
4833 if (retval == 0) {
4834 ASSERT(hmodp == modp);
4835 if (hmodp != modp)
4836 retval = EINVAL;
4837 }
4838
4839 out: if (moddebug & MODDEBUG_DDI_MOD)
4840 printf("ddi_modclose %s: %d\n",
4841 hmodp ? hmodp->mod_modname : "<unknown>", retval);
4842
4843 return (retval);
4844 }