usr/src/uts/common/fs/doorfs/door_vnops.c

root/usr/src/uts/common/fs/doorfs/door_vnops.c
/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */
/*
 * Copyright (c) 2017 by Delphix. All rights reserved.
 */

#include <sys/types.h>
#include <sys/vnode.h>
#include <sys/vfs_opreg.h>
#include <sys/door.h>
#include <sys/proc.h>
#include <sys/kmem.h>
#include <sys/debug.h>
#include <sys/cmn_err.h>
#include <fs/fs_subr.h>
#include <sys/zone.h>
#include <sys/tsol/label.h>

kmutex_t        door_knob;
static int      door_open(struct vnode **vpp, int flag, struct cred *cr,
                        caller_context_t *ct);
static int      door_close(struct vnode *vp, int flag, int count,
                        offset_t offset, struct cred *cr, caller_context_t *ct);
static int      door_getattr(struct vnode *vp, struct vattr *vap,
                        int flags, struct cred *cr, caller_context_t *ct);
static void     door_inactive(struct vnode *vp, struct cred *cr,
                        caller_context_t *ct);
static int      door_access(struct vnode *vp, int mode, int flags,
                        struct cred *cr, caller_context_t *ct);
static int      door_realvp(vnode_t *vp, vnode_t **vpp, caller_context_t *ct);

struct vfs door_vfs;

struct vnodeops *door_vnodeops;

const fs_operation_def_t door_vnodeops_template[] = {
        VOPNAME_OPEN,           { .vop_open = door_open },
        VOPNAME_CLOSE,          { .vop_close = door_close },
        VOPNAME_GETATTR,        { .vop_getattr = door_getattr },
        VOPNAME_ACCESS,         { .vop_access = door_access },
        VOPNAME_INACTIVE,       { .vop_inactive = door_inactive },
        VOPNAME_FRLOCK,         { .error = fs_error },
        VOPNAME_REALVP,         { .vop_realvp = door_realvp },
        VOPNAME_POLL,           { .error = fs_error },
        VOPNAME_PATHCONF,       { .error = fs_error },
        VOPNAME_DISPOSE,        { .error = fs_error },
        VOPNAME_GETSECATTR,     { .error = fs_error },
        VOPNAME_SHRLOCK,        { .error = fs_error },
        NULL,                   NULL
};

/* ARGSUSED */
static int
door_open(struct vnode **vpp, int flag, struct cred *cr, caller_context_t *ct)
{
        /*
         * MAC policy for doors.  Restrict cross-zone open()s so that only
         * door servers in the global zone can have clients from other zones.
         * For other zones, client must be within the same zone as server.
         */
        if (is_system_labeled()) {
                zone_t          *server_zone, *client_zone;
                door_node_t     *dp = VTOD((*vpp));

                mutex_enter(&door_knob);
                if (DOOR_INVALID(dp)) {
                        mutex_exit(&door_knob);
                        return (0);
                }
                client_zone = curproc->p_zone;
                server_zone = dp->door_target->p_zone;
                mutex_exit(&door_knob);
                if (server_zone != global_zone &&
                    server_zone != client_zone)
                        return (EACCES);
        }
        return (0);
}

/* ARGSUSED */
static int
door_close(struct vnode *vp, int flag, int count, offset_t offset,
    struct cred *cr, caller_context_t *ct)
{
        door_node_t     *dp = VTOD(vp);

        /*
         * If this is being called from closeall on exit, any doors created
         * by this process should have been revoked already in door_exit.
         */
        ASSERT(dp->door_target != curproc ||
            ((curthread->t_proc_flag & TP_LWPEXIT) == 0));

        /*
         * Deliver an unref if needed.
         *
         * If the count is equal to 2, it means that I'm doing a VOP_CLOSE
         * on the next to last reference for *this* file struct. There may
         * be multiple files pointing to this vnode in which case the v_count
         * will be > 1.
         *
         * The door_active count is bumped during each invocation.
         */
        if (count == 2 && vp->v_count == 1 &&
            (dp->door_flags & (DOOR_UNREF | DOOR_UNREF_MULTI))) {
                mutex_enter(&door_knob);
                if (dp->door_active == 0) {
                        /* o.k. to deliver unref now */
                        door_deliver_unref(dp);
                } else {
                        /* do the unref later */
                        dp->door_flags |= DOOR_DELAY;
                }
                mutex_exit(&door_knob);
        }
        return (0);
}

/* ARGSUSED */
static int
door_getattr(struct vnode *vp, struct vattr *vap, int flags, struct cred *cr,
    caller_context_t *ct)
{
        static timestruc_t tzero = {0, 0};
        extern dev_t doordev;

        vap->va_mask = 0;               /* bit-mask of attributes */
        vap->va_type = vp->v_type;      /* vnode type (for create) */
        vap->va_mode = 0777;            /* file access mode */
        vap->va_uid = 0;                /* owner user id */
        vap->va_gid = 0;                /* owner group id */
        vap->va_fsid = doordev;         /* file system id (dev for now) */
        vap->va_nodeid = (ino64_t)0;            /* node id */
        vap->va_nlink = vp->v_count;    /* number of references to file */
        vap->va_size = (u_offset_t)0;           /* file size in bytes */
        vap->va_atime = tzero;          /* time of last access */
        vap->va_mtime = tzero;          /* time of last modification */
        vap->va_ctime = tzero;          /* time file ``created'' */
        vap->va_rdev = doordev;         /* device the file represents */
        vap->va_blksize = 0;            /* fundamental block size */
        vap->va_nblocks = (fsblkcnt64_t)0;      /* # of blocks allocated */
        vap->va_seq = 0;                /* sequence number */

        return (0);
}

/* ARGSUSED */
static void
door_inactive(struct vnode *vp, struct cred *cr, caller_context_t *ct)
{
        door_node_t *dp = VTOD(vp);

        mutex_enter(&vp->v_lock);
        /*
         * Once the door_node is unreferenced, it stays unreferenced,
         * so we can simply return if there are active thread bindings;
         * the final door_unbind_thread() will re-invoke us.
         */
        ASSERT(vp->v_count == 1);
        if (dp->door_bound_threads > 0) {
                VN_RELE_LOCKED(vp);
                mutex_exit(&vp->v_lock);
                return;
        }
        mutex_exit(&vp->v_lock);

        /* if not revoked, remove door from per-process list */
        if (dp->door_target) {
                mutex_enter(&door_knob);
                if (dp->door_target)    /* recheck door_target under lock */
                        door_list_delete(dp);
                mutex_exit(&door_knob);
        }
        vn_invalid(vp);
        vn_free(vp);
        kmem_free(dp, sizeof (door_node_t));
}

/*
 * To avoid having bound threads interfere with unref processing, we
 * don't use VN_HOLD/VN_RELE to track threads bound to our private
 * pool.  Instead, we keep a separate counter, also under v_lock.
 */
void
door_bind_thread(door_node_t *dp)
{
        vnode_t *vp = DTOV(dp);

        mutex_enter(&vp->v_lock);
        dp->door_bound_threads++;
        ASSERT(dp->door_bound_threads > 0 && vp->v_count > 0);
        mutex_exit(&vp->v_lock);
}

void
door_unbind_thread(door_node_t *dp)
{
        vnode_t *vp = DTOV(dp);
        int do_inactive = 0;

        mutex_enter(&vp->v_lock);
        ASSERT(dp->door_bound_threads > 0);
        if (--dp->door_bound_threads == 0 && vp->v_count == 0) {
                /* set up for inactive handling */
                VN_HOLD_LOCKED(vp);
                do_inactive = 1;
        }
        mutex_exit(&vp->v_lock);

        if (do_inactive)
                door_inactive(vp, NULL, NULL);
}

/* ARGSUSED */
static int
door_access(struct vnode *vp, int mode, int flags, struct cred *cr,
    caller_context_t *ct)
{
        return (0);
}

/* ARGSUSED */
static int
door_realvp(vnode_t *vp, vnode_t **vpp, caller_context_t *ct)
{
        *vpp = vp;
        return (0);
}
Illumos
