1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2015, Joyent Inc.
24 * Copyright (c) 2017, Joyent, Inc.
25 */
26
27 /*
28 * Data-Link Driver
29 */
30
31 #include <sys/conf.h>
32 #include <sys/mkdev.h>
33 #include <sys/modctl.h>
34 #include <sys/stat.h>
35 #include <sys/dld_impl.h>
36 #include <sys/dld_ioc.h>
37 #include <sys/dls_impl.h>
38 #include <sys/softmac.h>
39 #include <sys/mac.h>
40 #include <sys/mac_ether.h>
41 #include <sys/mac_client.h>
42 #include <sys/mac_client_impl.h>
43 #include <sys/mac_client_priv.h>
44 #include <inet/common.h>
45 #include <sys/policy.h>
46 #include <sys/priv_names.h>
47 #include <sys/zone.h>
48 #include <sys/sysmacros.h>
49
50 static void drv_init(void);
51 static int drv_fini(void);
52
53 static int drv_getinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
54 static int drv_attach(dev_info_t *, ddi_attach_cmd_t);
55 static int drv_detach(dev_info_t *, ddi_detach_cmd_t);
56
57 /*
58 * Secure objects declarations
59 */
60 #define SECOBJ_WEP_HASHSZ 67
61 static krwlock_t drv_secobj_lock;
62 static kmem_cache_t *drv_secobj_cachep;
63 static mod_hash_t *drv_secobj_hash;
64 static void drv_secobj_init(void);
65 static void drv_secobj_fini(void);
66 static int drv_ioc_setap(datalink_id_t, struct dlautopush *);
67 static int drv_ioc_getap(datalink_id_t, struct dlautopush *);
68 static int drv_ioc_clrap(datalink_id_t);
69
70
71 /*
72 * The following entry points are private to dld and are used for control
73 * operations only. The entry points exported to mac drivers are defined
74 * in dld_str.c. Refer to the comment on top of dld_str.c for details.
75 */
76 static int drv_open(dev_t *, int, int, cred_t *);
77 static int drv_ioctl(dev_t, int, intptr_t, int, cred_t *, int *);
78
79 static dev_info_t *dld_dip; /* dev_info_t for the driver */
80 uint32_t dld_opt = 0; /* Global options */
81
82 #define NAUTOPUSH 32
83 static mod_hash_t *dld_ap_hashp;
84 static krwlock_t dld_ap_hash_lock;
85
86 static struct cb_ops drv_cb_ops = {
87 drv_open, /* open */
88 nulldev, /* close */
89 nulldev, /* strategy */
90 nulldev, /* print */
91 nodev, /* dump */
92 nodev, /* read */
93 nodev, /* write */
94 drv_ioctl, /* ioctl */
95 nodev, /* devmap */
96 nodev, /* mmap */
97 nodev, /* segmap */
98 nochpoll, /* poll */
99 ddi_prop_op, /* cb_prop_op */
100 0, /* streamtab */
101 D_MP /* Driver compatibility flag */
102 };
103
104 static struct dev_ops drv_ops = {
105 DEVO_REV, /* devo_rev */
106 0, /* refcnt */
107 drv_getinfo, /* get_dev_info */
108 nulldev, /* identify */
109 nulldev, /* probe */
110 drv_attach, /* attach */
111 drv_detach, /* detach */
112 nodev, /* reset */
113 &drv_cb_ops, /* driver operations */
114 NULL, /* bus operations */
115 nodev, /* dev power */
116 ddi_quiesce_not_supported, /* dev quiesce */
117 };
118
119 /*
120 * Module linkage information for the kernel.
121 */
122 static struct modldrv drv_modldrv = {
123 &mod_driverops,
124 DLD_INFO,
125 &drv_ops
126 };
127
128 static struct modlinkage drv_modlinkage = {
129 MODREV_1,
130 &drv_modldrv,
131 NULL
132 };
133
134 int
_init(void)135 _init(void)
136 {
137 return (mod_install(&drv_modlinkage));
138 }
139
140 int
_fini(void)141 _fini(void)
142 {
143 return (mod_remove(&drv_modlinkage));
144 }
145
146 int
_info(struct modinfo * modinfop)147 _info(struct modinfo *modinfop)
148 {
149 return (mod_info(&drv_modlinkage, modinfop));
150 }
151
152 /*
153 * Initialize component modules.
154 */
155 static void
drv_init(void)156 drv_init(void)
157 {
158 drv_secobj_init();
159 dld_str_init();
160
161 /*
162 * Create a hash table for autopush configuration.
163 */
164 dld_ap_hashp = mod_hash_create_idhash("dld_autopush_hash",
165 NAUTOPUSH, mod_hash_null_valdtor);
166
167 ASSERT(dld_ap_hashp != NULL);
168 rw_init(&dld_ap_hash_lock, NULL, RW_DRIVER, NULL);
169 }
170
171 /* ARGSUSED */
172 static uint_t
drv_ap_exist(mod_hash_key_t key,mod_hash_val_t * val,void * arg)173 drv_ap_exist(mod_hash_key_t key, mod_hash_val_t *val, void *arg)
174 {
175 boolean_t *pexist = arg;
176
177 *pexist = B_TRUE;
178 return (MH_WALK_TERMINATE);
179 }
180
181 static int
drv_fini(void)182 drv_fini(void)
183 {
184 int err;
185 boolean_t exist = B_FALSE;
186
187 rw_enter(&dld_ap_hash_lock, RW_READER);
188 mod_hash_walk(dld_ap_hashp, drv_ap_exist, &exist);
189 rw_exit(&dld_ap_hash_lock);
190 if (exist)
191 return (EBUSY);
192
193 if ((err = dld_str_fini()) != 0)
194 return (err);
195
196 drv_secobj_fini();
197 mod_hash_destroy_idhash(dld_ap_hashp);
198 rw_destroy(&dld_ap_hash_lock);
199 return (0);
200 }
201
202 /*
203 * devo_getinfo: getinfo(9e)
204 */
205 /*ARGSUSED*/
206 static int
drv_getinfo(dev_info_t * dip,ddi_info_cmd_t cmd,void * arg,void ** resp)207 drv_getinfo(dev_info_t *dip, ddi_info_cmd_t cmd, void *arg, void **resp)
208 {
209 if (dld_dip == NULL)
210 return (DDI_FAILURE);
211
212 switch (cmd) {
213 case DDI_INFO_DEVT2INSTANCE:
214 *resp = 0;
215 break;
216 case DDI_INFO_DEVT2DEVINFO:
217 *resp = dld_dip;
218 break;
219 default:
220 return (DDI_FAILURE);
221 }
222
223 return (DDI_SUCCESS);
224 }
225
226 /*
227 * Check properties to set options. (See dld.h for property definitions).
228 */
229 static void
drv_set_opt(dev_info_t * dip)230 drv_set_opt(dev_info_t *dip)
231 {
232 if (ddi_prop_get_int(DDI_DEV_T_ANY, dip, DDI_PROP_DONTPASS,
233 DLD_PROP_NO_FASTPATH, 0) != 0) {
234 dld_opt |= DLD_OPT_NO_FASTPATH;
235 }
236
237 if (ddi_prop_get_int(DDI_DEV_T_ANY, dip, DDI_PROP_DONTPASS,
238 DLD_PROP_NO_POLL, 0) != 0) {
239 dld_opt |= DLD_OPT_NO_POLL;
240 }
241
242 if (ddi_prop_get_int(DDI_DEV_T_ANY, dip, DDI_PROP_DONTPASS,
243 DLD_PROP_NO_ZEROCOPY, 0) != 0) {
244 dld_opt |= DLD_OPT_NO_ZEROCOPY;
245 }
246
247 if (ddi_prop_get_int(DDI_DEV_T_ANY, dip, DDI_PROP_DONTPASS,
248 DLD_PROP_NO_SOFTRING, 0) != 0) {
249 dld_opt |= DLD_OPT_NO_SOFTRING;
250 }
251 }
252
253 /*
254 * devo_attach: attach(9e)
255 */
256 static int
drv_attach(dev_info_t * dip,ddi_attach_cmd_t cmd)257 drv_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
258 {
259 if (cmd != DDI_ATTACH)
260 return (DDI_FAILURE);
261
262 ASSERT(ddi_get_instance(dip) == 0);
263 drv_init();
264 drv_set_opt(dip);
265
266 /*
267 * Create control node. DLPI provider nodes will be created on demand.
268 */
269 if (ddi_create_minor_node(dip, DLD_CONTROL_MINOR_NAME, S_IFCHR,
270 DLD_CONTROL_MINOR, DDI_PSEUDO, 0) != DDI_SUCCESS)
271 return (DDI_FAILURE);
272
273 dld_dip = dip;
274
275 /*
276 * Log the fact that the driver is now attached.
277 */
278 ddi_report_dev(dip);
279 return (DDI_SUCCESS);
280 }
281
282 /*
283 * devo_detach: detach(9e)
284 */
285 static int
drv_detach(dev_info_t * dip,ddi_detach_cmd_t cmd)286 drv_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
287 {
288 if (cmd != DDI_DETACH)
289 return (DDI_FAILURE);
290
291 ASSERT(dld_dip == dip);
292 if (drv_fini() != 0)
293 return (DDI_FAILURE);
294
295 /*
296 * Remove the control node.
297 */
298 ddi_remove_minor_node(dip, DLD_CONTROL_MINOR_NAME);
299 dld_dip = NULL;
300
301 return (DDI_SUCCESS);
302 }
303
304 /*
305 * dld control node open procedure.
306 */
307 /*ARGSUSED*/
308 static int
drv_open(dev_t * devp,int flag,int sflag,cred_t * credp)309 drv_open(dev_t *devp, int flag, int sflag, cred_t *credp)
310 {
311 /*
312 * Only the control node can be opened.
313 */
314 if (getminor(*devp) != DLD_CONTROL_MINOR)
315 return (ENODEV);
316 return (0);
317 }
318
319 /*
320 * Verify if the caller is allowed to modify a link of the given class.
321 */
322 static int
drv_ioc_checkprivs(datalink_class_t class,cred_t * cred)323 drv_ioc_checkprivs(datalink_class_t class, cred_t *cred)
324 {
325 if (class == DATALINK_CLASS_IPTUN)
326 return (secpolicy_iptun_config(cred));
327 return (secpolicy_dl_config(cred));
328 }
329
330 /*
331 * DLDIOC_ATTR
332 */
333 /* ARGSUSED */
334 static int
drv_ioc_attr(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)335 drv_ioc_attr(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
336 {
337 dld_ioc_attr_t *diap = karg;
338 dls_dl_handle_t dlh;
339 dls_link_t *dlp;
340 zoneid_t zoneid = crgetzoneid(cred);
341 int err;
342 mac_perim_handle_t mph;
343
344 if (zoneid != GLOBAL_ZONEID &&
345 zone_check_datalink(&zoneid, diap->dia_linkid) != 0)
346 return (ENOENT);
347
348 if ((err = dls_devnet_hold_tmp(diap->dia_linkid, &dlh)) != 0)
349 return (err);
350
351 if ((err = mac_perim_enter_by_macname(dls_devnet_mac(dlh),
352 &mph)) != 0) {
353 dls_devnet_rele_tmp(dlh);
354 return (err);
355 }
356
357 if ((err = dls_link_hold(dls_devnet_mac(dlh), &dlp)) != 0) {
358 mac_perim_exit(mph);
359 dls_devnet_rele_tmp(dlh);
360 return (err);
361 }
362
363 mac_sdu_get(dlp->dl_mh, NULL, &diap->dia_max_sdu);
364 dls_link_rele(dlp);
365 mac_perim_exit(mph);
366 dls_devnet_rele_tmp(dlh);
367
368 return (0);
369 }
370
371 /*
372 * DLDIOC_PHYS_ATTR
373 */
374 /* ARGSUSED */
375 static int
drv_ioc_phys_attr(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)376 drv_ioc_phys_attr(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
377 {
378 dld_ioc_phys_attr_t *dipp = karg;
379 int err;
380 dls_dl_handle_t dlh;
381 dls_dev_handle_t ddh;
382 dev_t phydev;
383 zoneid_t zoneid = crgetzoneid(cred);
384
385 if (zoneid != GLOBAL_ZONEID &&
386 zone_check_datalink(&zoneid, dipp->dip_linkid) != 0)
387 return (ENOENT);
388
389 /*
390 * Every physical link should have its physical dev_t kept in the
391 * daemon. If not, it is not a valid physical link.
392 */
393 if (dls_mgmt_get_phydev(dipp->dip_linkid, &phydev) != 0)
394 return (EINVAL);
395
396 /*
397 * Although this is a valid physical link, it might already be removed
398 * by DR or during system shutdown. softmac_hold_device() would return
399 * ENOENT in this case.
400 */
401 if ((err = softmac_hold_device(phydev, &ddh)) != 0)
402 return (err);
403
404 if (dls_devnet_hold_tmp(dipp->dip_linkid, &dlh) != 0) {
405 /*
406 * Although this is an active physical link, its link type is
407 * not supported by GLDv3, and therefore it does not have
408 * vanity naming support.
409 */
410 dipp->dip_novanity = B_TRUE;
411 } else {
412 dipp->dip_novanity = B_FALSE;
413 dls_devnet_rele_tmp(dlh);
414 }
415 /*
416 * Get the physical device name from the major number and the instance
417 * number derived from phydev.
418 */
419 (void) snprintf(dipp->dip_dev, MAXLINKNAMELEN, "%s%d",
420 ddi_major_to_name(getmajor(phydev)), getminor(phydev) - 1);
421
422 softmac_rele_device(ddh);
423 return (0);
424 }
425
426 /* ARGSUSED */
427 static int
drv_ioc_hwgrpget(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)428 drv_ioc_hwgrpget(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
429 {
430 dld_ioc_hwgrpget_t *hwgrpp = karg;
431 dld_hwgrpinfo_t hwgrp, *hip;
432 mac_handle_t mh = NULL;
433 int i, err, rgrpnum, tgrpnum;
434 uint_t bytes_left;
435 int totgrps = 0;
436 zoneid_t zoneid = crgetzoneid(cred);
437
438 if (zoneid != GLOBAL_ZONEID &&
439 zone_check_datalink(&zoneid, hwgrpp->dih_linkid) != 0)
440 return (ENOENT);
441
442 hwgrpp->dih_n_groups = 0;
443 err = mac_open_by_linkid(hwgrpp->dih_linkid, &mh);
444 if (err != 0)
445 goto done;
446
447 hip = (dld_hwgrpinfo_t *)
448 ((uchar_t *)arg + sizeof (dld_ioc_hwgrpget_t));
449 bytes_left = hwgrpp->dih_size;
450
451 rgrpnum = mac_hwgrp_num(mh, MAC_RING_TYPE_RX);
452 /* display the default group information first */
453 if (rgrpnum > 0) {
454 if (sizeof (dld_hwgrpinfo_t) > bytes_left) {
455 err = ENOSPC;
456 goto done;
457 }
458
459 bzero(&hwgrp, sizeof (hwgrp));
460 bcopy(mac_name(mh), hwgrp.dhi_link_name,
461 sizeof (hwgrp.dhi_link_name));
462 mac_get_hwrxgrp_info(mh, 0, &hwgrp.dhi_grp_num,
463 &hwgrp.dhi_n_rings, hwgrp.dhi_rings, &hwgrp.dhi_grp_type,
464 &hwgrp.dhi_n_clnts, hwgrp.dhi_clnts);
465 if (hwgrp.dhi_n_rings != 0) {
466 if (copyout(&hwgrp, hip, sizeof (hwgrp)) != 0) {
467 err = EFAULT;
468 goto done;
469 }
470 }
471 hip++;
472 totgrps++;
473 bytes_left -= sizeof (dld_hwgrpinfo_t);
474 }
475
476 tgrpnum = mac_hwgrp_num(mh, MAC_RING_TYPE_TX);
477 /* display the default group information first */
478 if (tgrpnum > 0) {
479 if (sizeof (dld_hwgrpinfo_t) > bytes_left) {
480 err = ENOSPC;
481 goto done;
482 }
483
484 bzero(&hwgrp, sizeof (hwgrp));
485 bcopy(mac_name(mh), hwgrp.dhi_link_name,
486 sizeof (hwgrp.dhi_link_name));
487 mac_get_hwtxgrp_info(mh, tgrpnum - 1, &hwgrp.dhi_grp_num,
488 &hwgrp.dhi_n_rings, hwgrp.dhi_rings, &hwgrp.dhi_grp_type,
489 &hwgrp.dhi_n_clnts, hwgrp.dhi_clnts);
490 if (hwgrp.dhi_n_rings != 0) {
491 if (copyout(&hwgrp, hip, sizeof (hwgrp)) != 0) {
492 err = EFAULT;
493 goto done;
494 }
495 }
496 hip++;
497 totgrps++;
498 bytes_left -= sizeof (dld_hwgrpinfo_t);
499 }
500
501 /* Rest of the rx groups */
502 for (i = 1; i < rgrpnum; i++) {
503 if (sizeof (dld_hwgrpinfo_t) > bytes_left) {
504 err = ENOSPC;
505 goto done;
506 }
507
508 bzero(&hwgrp, sizeof (hwgrp));
509 bcopy(mac_name(mh), hwgrp.dhi_link_name,
510 sizeof (hwgrp.dhi_link_name));
511 mac_get_hwrxgrp_info(mh, i, &hwgrp.dhi_grp_num,
512 &hwgrp.dhi_n_rings, hwgrp.dhi_rings, &hwgrp.dhi_grp_type,
513 &hwgrp.dhi_n_clnts, hwgrp.dhi_clnts);
514 if (hwgrp.dhi_n_rings == 0)
515 continue;
516 if (copyout(&hwgrp, hip, sizeof (hwgrp)) != 0) {
517 err = EFAULT;
518 goto done;
519 }
520
521 hip++;
522 totgrps++;
523 bytes_left -= sizeof (dld_hwgrpinfo_t);
524 }
525
526 /* Rest of the tx group */
527 tgrpnum = mac_hwgrp_num(mh, MAC_RING_TYPE_TX);
528 for (i = 0; i < tgrpnum - 1; i++) {
529 if (sizeof (dld_hwgrpinfo_t) > bytes_left) {
530 err = ENOSPC;
531 goto done;
532 }
533
534 bzero(&hwgrp, sizeof (hwgrp));
535 bcopy(mac_name(mh), hwgrp.dhi_link_name,
536 sizeof (hwgrp.dhi_link_name));
537 mac_get_hwtxgrp_info(mh, i, &hwgrp.dhi_grp_num,
538 &hwgrp.dhi_n_rings, hwgrp.dhi_rings, &hwgrp.dhi_grp_type,
539 &hwgrp.dhi_n_clnts, hwgrp.dhi_clnts);
540 if (hwgrp.dhi_n_rings == 0)
541 continue;
542 if (copyout(&hwgrp, hip, sizeof (hwgrp)) != 0) {
543 err = EFAULT;
544 goto done;
545 }
546
547 hip++;
548 totgrps++;
549 bytes_left -= sizeof (dld_hwgrpinfo_t);
550 }
551
552 done:
553 if (mh != NULL)
554 dld_mac_close(mh);
555 if (err == 0)
556 hwgrpp->dih_n_groups = totgrps;
557 return (err);
558 }
559
560 /* ARGSUSED */
561 static int
drv_ioc_macaddrget(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)562 drv_ioc_macaddrget(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
563 {
564 dld_ioc_macaddrget_t *magp = karg;
565 dld_macaddrinfo_t mai, *maip;
566 mac_handle_t mh = NULL;
567 int i, err;
568 uint_t bytes_left;
569 boolean_t is_used;
570 zoneid_t zoneid = crgetzoneid(cred);
571
572 if (zoneid != GLOBAL_ZONEID &&
573 zone_check_datalink(&zoneid, magp->dig_linkid) != 0)
574 return (ENOENT);
575
576 magp->dig_count = 0;
577 err = mac_open_by_linkid(magp->dig_linkid, &mh);
578 if (err != 0)
579 goto done;
580
581 maip = (dld_macaddrinfo_t *)
582 ((uchar_t *)arg + sizeof (dld_ioc_macaddrget_t));
583 bytes_left = magp->dig_size;
584
585 for (i = 0; i < mac_addr_factory_num(mh) + 1; i++) {
586 if (sizeof (dld_macaddrinfo_t) > bytes_left) {
587 err = ENOSPC;
588 goto done;
589 }
590
591 bzero(&mai, sizeof (mai));
592
593 if (i == 0) {
594 /* primary MAC address */
595 mac_unicast_primary_get(mh, mai.dmi_addr);
596 mai.dmi_addrlen = mac_addr_len(mh);
597 mac_unicast_primary_info(mh, mai.dmi_client_name,
598 &is_used);
599 } else {
600 /* factory MAC address slot */
601 mac_addr_factory_value(mh, i, mai.dmi_addr,
602 &mai.dmi_addrlen, mai.dmi_client_name, &is_used);
603 }
604
605 mai.dmi_slot = i;
606 if (is_used)
607 mai.dmi_flags |= DLDIOCMACADDR_USED;
608
609 if (copyout(&mai, maip, sizeof (mai)) != 0) {
610 err = EFAULT;
611 goto done;
612 }
613
614 maip++;
615 bytes_left -= sizeof (dld_macaddrinfo_t);
616 }
617
618 done:
619 if (mh != NULL)
620 dld_mac_close(mh);
621 if (err == 0)
622 magp->dig_count = mac_addr_factory_num(mh) + 1;
623 return (err);
624 }
625
626 /*
627 * DLDIOC_SET/GETMACPROP
628 */
629 static int
drv_ioc_prop_common(dld_ioc_macprop_t * prop,intptr_t arg,boolean_t set,cred_t * cred,int mode)630 drv_ioc_prop_common(dld_ioc_macprop_t *prop, intptr_t arg, boolean_t set,
631 cred_t *cred, int mode)
632 {
633 int err = EINVAL;
634 dls_dl_handle_t dlh = NULL;
635 dls_link_t *dlp = NULL;
636 mac_perim_handle_t mph = NULL;
637 dld_ioc_macprop_t *kprop;
638 datalink_id_t linkid;
639 datalink_class_t class;
640 zoneid_t zoneid = crgetzoneid(cred);
641 uint_t dsize;
642
643 /*
644 * We only use pr_valsize from prop, as the caller only did a
645 * copyin() for sizeof (dld_ioc_prop_t), which doesn't cover
646 * the property data. We copyin the full dld_ioc_prop_t
647 * including the data into kprop down below.
648 */
649 dsize = sizeof (dld_ioc_macprop_t) + prop->pr_valsize - 1;
650 if (dsize < prop->pr_valsize)
651 return (EINVAL);
652
653 /*
654 * The property data is variable size, so we need to allocate
655 * a buffer for kernel use as this data was not part of the
656 * prop allocation and copyin() done by the framework.
657 */
658 if ((kprop = kmem_alloc(dsize, KM_NOSLEEP)) == NULL)
659 return (ENOMEM);
660
661 if (ddi_copyin((void *)arg, kprop, dsize, mode) != 0) {
662 err = EFAULT;
663 goto done;
664 }
665
666 linkid = kprop->pr_linkid;
667
668 if (set) {
669 if ((err = dls_mgmt_get_linkinfo(linkid, NULL, &class, NULL,
670 NULL)) != 0 || (err = drv_ioc_checkprivs(class, cred)) != 0)
671 goto done;
672 }
673
674 if ((err = dls_devnet_hold_tmp(linkid, &dlh)) != 0)
675 goto done;
676 if ((err = mac_perim_enter_by_macname(dls_devnet_mac(dlh), &mph)) != 0)
677 goto done;
678 if ((err = dls_link_hold(dls_devnet_mac(dlh), &dlp)) != 0)
679 goto done;
680
681 /*
682 * Don't allow a process to get or set properties of a link if that
683 * link doesn't belong to that zone.
684 */
685 if (zoneid != dls_devnet_getownerzid(dlh)) {
686 err = ENOENT;
687 goto done;
688 }
689
690 if (!mac_prop_check_size(kprop->pr_num, kprop->pr_valsize,
691 kprop->pr_flags & DLD_PROP_POSSIBLE)) {
692 err = ENOBUFS;
693 goto done;
694 }
695
696 switch (kprop->pr_num) {
697 case MAC_PROP_ZONE:
698 if (set) {
699 dld_ioc_zid_t *dzp = (dld_ioc_zid_t *)kprop->pr_val;
700
701 if (zoneid != GLOBAL_ZONEID) {
702 err = EACCES;
703 goto done;
704 }
705 err = dls_devnet_setzid(dlh, dzp->diz_zid);
706 } else {
707 kprop->pr_perm_flags = MAC_PROP_PERM_RW;
708 (*(zoneid_t *)kprop->pr_val) = dls_devnet_getzid(dlh);
709 }
710 break;
711 case MAC_PROP_AUTOPUSH: {
712 struct dlautopush *dlap = (struct dlautopush *)kprop->pr_val;
713
714 if (set) {
715 if (kprop->pr_valsize != 0)
716 err = drv_ioc_setap(linkid, dlap);
717 else
718 err = drv_ioc_clrap(linkid);
719 } else {
720 /*
721 * You might think that the earlier call to
722 * mac_prop_check_size() should catch this but
723 * it can't. The autopush prop uses 0 as a
724 * sentinel value to clear the prop. This
725 * check ensures we don't allow a get with a
726 * valsize of 0.
727 */
728 if (kprop->pr_valsize == 0) {
729 err = ENOBUFS;
730 goto done;
731 }
732
733 kprop->pr_perm_flags = MAC_PROP_PERM_RW;
734 err = drv_ioc_getap(linkid, dlap);
735 }
736 break;
737 }
738 case MAC_PROP_TAGMODE:
739 if (set) {
740 link_tagmode_t mode = *(link_tagmode_t *)kprop->pr_val;
741
742 if (mode != LINK_TAGMODE_VLANONLY &&
743 mode != LINK_TAGMODE_NORMAL) {
744 err = EINVAL;
745 } else {
746 dlp->dl_tagmode = mode;
747 err = 0;
748 }
749 } else {
750 *(link_tagmode_t *)kprop->pr_val = dlp->dl_tagmode;
751 kprop->pr_perm_flags = MAC_PROP_PERM_RW;
752 err = 0;
753 }
754 break;
755 default: {
756 mac_propval_range_t *rangep = NULL;
757 void *default_val = NULL;
758 uint_t default_size = 0;
759
760 /* set a property value */
761 if (set) {
762 err = mac_set_prop(dlp->dl_mh, kprop->pr_num,
763 kprop->pr_name, kprop->pr_val, kprop->pr_valsize);
764 break;
765 }
766
767 /*
768 * Get the property value, default, or possible value
769 * depending on flags passed from the user.
770 */
771
772 /* a property has RW permissions by default */
773 kprop->pr_perm_flags = MAC_PROP_PERM_RW;
774
775 if (kprop->pr_flags & DLD_PROP_POSSIBLE) {
776 rangep = (mac_propval_range_t *)kprop->pr_val;
777
778 /*
779 * fail if rangep is not aligned to first
780 * member of mac_propval_range_t.
781 */
782 ASSERT(IS_P2ALIGNED(rangep, sizeof (uint_t)));
783 } else if (kprop->pr_flags & DLD_PROP_DEFAULT) {
784 default_val = kprop->pr_val;
785 default_size = kprop->pr_valsize;
786 }
787
788 /*
789 * Always return the permissions, and optionally return
790 * the default value or possible values range.
791 */
792 err = mac_prop_info(dlp->dl_mh, kprop->pr_num, kprop->pr_name,
793 default_val, default_size, rangep, &kprop->pr_perm_flags);
794 if (err != 0)
795 goto done;
796
797 if (default_val == NULL && rangep == NULL) {
798 err = mac_get_prop(dlp->dl_mh, kprop->pr_num,
799 kprop->pr_name, kprop->pr_val, kprop->pr_valsize);
800 }
801 }
802 }
803
804 done:
805 if (!set && ddi_copyout(kprop, (void *)arg, dsize, mode) != 0)
806 err = EFAULT;
807
808 if (dlp != NULL)
809 dls_link_rele(dlp);
810
811 if (mph != NULL) {
812 int32_t cpuid;
813 void *mdip = NULL;
814
815 if (dlp != NULL && set && err == 0) {
816 cpuid = mac_client_intr_cpu(dlp->dl_mch);
817 mdip = mac_get_devinfo(dlp->dl_mh);
818 }
819
820 mac_perim_exit(mph);
821
822 if (mdip != NULL && cpuid != -1)
823 mac_client_set_intr_cpu(mdip, dlp->dl_mch, cpuid);
824 }
825
826 if (dlh != NULL)
827 dls_devnet_rele_tmp(dlh);
828
829 if (kprop != NULL)
830 kmem_free(kprop, dsize);
831 return (err);
832 }
833
834 /* ARGSUSED */
835 static int
drv_ioc_setprop(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)836 drv_ioc_setprop(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
837 {
838 return (drv_ioc_prop_common(karg, arg, B_TRUE, cred, mode));
839 }
840
841 /* ARGSUSED */
842 static int
drv_ioc_getprop(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)843 drv_ioc_getprop(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
844 {
845 return (drv_ioc_prop_common(karg, arg, B_FALSE, cred, mode));
846 }
847
848 /*
849 * DLDIOC_RENAME.
850 *
851 * This function handles two cases of link renaming. See more in comments above
852 * dls_datalink_rename().
853 */
854 /* ARGSUSED */
855 static int
drv_ioc_rename(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)856 drv_ioc_rename(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
857 {
858 dld_ioc_rename_t *dir = karg;
859 mod_hash_key_t key;
860 mod_hash_val_t val;
861 zoneid_t zoneid = crgetzoneid(cred);
862 datalink_class_t class;
863 int err;
864
865 if (zoneid != GLOBAL_ZONEID &&
866 (zone_check_datalink(&zoneid, dir->dir_linkid1) != 0 ||
867 dir->dir_linkid2 != DATALINK_INVALID_LINKID &&
868 zone_check_datalink(&zoneid, dir->dir_linkid2) != 0))
869 return (ENOENT);
870
871 if ((err = dls_mgmt_get_linkinfo(dir->dir_linkid1, NULL, &class, NULL,
872 NULL)) != 0)
873 return (err);
874
875 if ((err = drv_ioc_checkprivs(class, cred)) != 0)
876 return (err);
877
878 if ((err = dls_devnet_rename(dir->dir_linkid1, dir->dir_linkid2,
879 dir->dir_link)) != 0)
880 return (err);
881
882 if (dir->dir_linkid2 == DATALINK_INVALID_LINKID)
883 return (0);
884
885 /*
886 * if dir_linkid2 is not DATALINK_INVALID_LINKID, it means this
887 * renaming request is to rename a valid physical link (dir_linkid1)
888 * to a "removed" physical link (dir_linkid2, which is removed by DR
889 * or during system shutdown). In this case, the link (specified by
890 * dir_linkid1) would inherit all the configuration of dir_linkid2,
891 * and dir_linkid1 and its configuration would be lost.
892 *
893 * Remove per-link autopush configuration of dir_linkid1 in this case.
894 */
895 key = (mod_hash_key_t)(uintptr_t)dir->dir_linkid1;
896 rw_enter(&dld_ap_hash_lock, RW_WRITER);
897 if (mod_hash_find(dld_ap_hashp, key, &val) != 0) {
898 rw_exit(&dld_ap_hash_lock);
899 return (0);
900 }
901
902 VERIFY(mod_hash_remove(dld_ap_hashp, key, &val) == 0);
903 kmem_free(val, sizeof (dld_ap_t));
904 rw_exit(&dld_ap_hash_lock);
905 return (0);
906 }
907
908 static int
drv_ioc_setap(datalink_id_t linkid,struct dlautopush * dlap)909 drv_ioc_setap(datalink_id_t linkid, struct dlautopush *dlap)
910 {
911 dld_ap_t *dap;
912 int i;
913 mod_hash_key_t key;
914
915 if (dlap->dap_npush == 0 || dlap->dap_npush > MAXAPUSH)
916 return (EINVAL);
917
918 /*
919 * Validate that the specified list of modules exist.
920 */
921 for (i = 0; i < dlap->dap_npush; i++) {
922 if (fmodsw_find(dlap->dap_aplist[i], FMODSW_LOAD) == NULL)
923 return (EINVAL);
924 }
925
926
927 key = (mod_hash_key_t)(uintptr_t)linkid;
928
929 rw_enter(&dld_ap_hash_lock, RW_WRITER);
930 if (mod_hash_find(dld_ap_hashp, key, (mod_hash_val_t *)&dap) != 0) {
931 dap = kmem_zalloc(sizeof (dld_ap_t), KM_NOSLEEP);
932 if (dap == NULL) {
933 rw_exit(&dld_ap_hash_lock);
934 return (ENOMEM);
935 }
936
937 dap->da_linkid = linkid;
938 VERIFY(mod_hash_insert(dld_ap_hashp, key,
939 (mod_hash_val_t)dap) == 0);
940 }
941
942 /*
943 * Update the configuration.
944 */
945 dap->da_anchor = dlap->dap_anchor;
946 dap->da_npush = dlap->dap_npush;
947 for (i = 0; i < dlap->dap_npush; i++) {
948 (void) strlcpy(dap->da_aplist[i], dlap->dap_aplist[i],
949 FMNAMESZ + 1);
950 }
951 rw_exit(&dld_ap_hash_lock);
952
953 return (0);
954 }
955
956 static int
drv_ioc_getap(datalink_id_t linkid,struct dlautopush * dlap)957 drv_ioc_getap(datalink_id_t linkid, struct dlautopush *dlap)
958 {
959 dld_ap_t *dap;
960 int i;
961
962 rw_enter(&dld_ap_hash_lock, RW_READER);
963 if (mod_hash_find(dld_ap_hashp,
964 (mod_hash_key_t)(uintptr_t)linkid,
965 (mod_hash_val_t *)&dap) != 0) {
966 rw_exit(&dld_ap_hash_lock);
967 dlap->dap_npush = 0;
968 return (0);
969 }
970
971 /*
972 * Retrieve the configuration.
973 */
974 dlap->dap_anchor = dap->da_anchor;
975 dlap->dap_npush = dap->da_npush;
976 for (i = 0; i < dap->da_npush; i++) {
977 (void) strlcpy(dlap->dap_aplist[i], dap->da_aplist[i],
978 FMNAMESZ + 1);
979 }
980 rw_exit(&dld_ap_hash_lock);
981
982 return (0);
983 }
984
985 static int
drv_ioc_clrap(datalink_id_t linkid)986 drv_ioc_clrap(datalink_id_t linkid)
987 {
988 mod_hash_val_t val;
989 mod_hash_key_t key;
990
991 key = (mod_hash_key_t)(uintptr_t)linkid;
992
993 rw_enter(&dld_ap_hash_lock, RW_WRITER);
994 if (mod_hash_find(dld_ap_hashp, key, &val) != 0) {
995 rw_exit(&dld_ap_hash_lock);
996 return (0);
997 }
998
999 VERIFY(mod_hash_remove(dld_ap_hashp, key, &val) == 0);
1000 kmem_free(val, sizeof (dld_ap_t));
1001 rw_exit(&dld_ap_hash_lock);
1002 return (0);
1003 }
1004
1005 /*
1006 * DLDIOC_DOORSERVER
1007 */
1008 /* ARGSUSED */
1009 static int
drv_ioc_doorserver(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1010 drv_ioc_doorserver(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1011 {
1012 dld_ioc_door_t *did = karg;
1013
1014 return (dls_mgmt_door_set(did->did_start_door));
1015 }
1016
1017 /*
1018 * DLDIOC_USAGELOG
1019 */
1020 /* ARGSUSED */
1021 static int
drv_ioc_usagelog(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1022 drv_ioc_usagelog(void *karg, intptr_t arg, int mode, cred_t *cred,
1023 int *rvalp)
1024 {
1025 dld_ioc_usagelog_t *log_info = (dld_ioc_usagelog_t *)karg;
1026 int err = 0;
1027
1028 if (log_info->ul_type < MAC_LOGTYPE_LINK ||
1029 log_info->ul_type > MAC_LOGTYPE_FLOW)
1030 return (EINVAL);
1031
1032 if (log_info->ul_onoff) {
1033 err = mac_start_logusage(log_info->ul_type,
1034 log_info->ul_interval);
1035 } else {
1036 mac_stop_logusage(log_info->ul_type);
1037 }
1038 return (err);
1039 }
1040
1041 /*
1042 * Process a DLDIOC_ADDFLOW request.
1043 */
1044 /* ARGSUSED */
1045 static int
drv_ioc_addflow(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1046 drv_ioc_addflow(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1047 {
1048 dld_ioc_addflow_t *afp = karg;
1049
1050 return (dld_add_flow(afp->af_linkid, afp->af_name,
1051 &afp->af_flow_desc, &afp->af_resource_props));
1052 }
1053
1054 /*
1055 * Process a DLDIOC_REMOVEFLOW request.
1056 */
1057 /* ARGSUSED */
1058 static int
drv_ioc_removeflow(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1059 drv_ioc_removeflow(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1060 {
1061 dld_ioc_removeflow_t *rfp = karg;
1062
1063 return (dld_remove_flow(rfp->rf_name));
1064 }
1065
1066 /*
1067 * Process a DLDIOC_MODIFYFLOW request.
1068 */
1069 /* ARGSUSED */
1070 static int
drv_ioc_modifyflow(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1071 drv_ioc_modifyflow(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1072 {
1073 dld_ioc_modifyflow_t *mfp = karg;
1074
1075 return (dld_modify_flow(mfp->mf_name, &mfp->mf_resource_props));
1076 }
1077
1078 /*
1079 * Process a DLDIOC_WALKFLOW request.
1080 */
1081 /* ARGSUSED */
1082 static int
drv_ioc_walkflow(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1083 drv_ioc_walkflow(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1084 {
1085 dld_ioc_walkflow_t *wfp = karg;
1086
1087 return (dld_walk_flow(wfp, arg, cred));
1088 }
1089
1090 /*
1091 * Check for GLDv3 autopush information. There are three cases:
1092 *
1093 * 1. If devp points to a GLDv3 datalink and it has autopush configuration,
1094 * fill dlap in with that information and return 0.
1095 *
1096 * 2. If devp points to a GLDv3 datalink but it doesn't have autopush
1097 * configuration, then replace devp with the physical device (if one
1098 * exists) and return 1. This allows stropen() to find the old-school
1099 * per-driver autopush configuration. (For softmac, the result is that
1100 * the softmac dev_t is replaced with the legacy device's dev_t).
1101 *
1102 * 3. If neither of the above apply, don't touch the args and return -1.
1103 */
1104 int
dld_autopush(dev_t * devp,struct dlautopush * dlap)1105 dld_autopush(dev_t *devp, struct dlautopush *dlap)
1106 {
1107 dld_ap_t *dap;
1108 datalink_id_t linkid;
1109 dev_t phydev;
1110
1111 if (!GLDV3_DRV(getmajor(*devp)))
1112 return (-1);
1113
1114 /*
1115 * Find the linkid by the link's dev_t.
1116 */
1117 if (dls_devnet_dev2linkid(*devp, &linkid) != 0)
1118 return (-1);
1119
1120 /*
1121 * Find the autopush configuration associated with the linkid.
1122 */
1123 rw_enter(&dld_ap_hash_lock, RW_READER);
1124 if (mod_hash_find(dld_ap_hashp, (mod_hash_key_t)(uintptr_t)linkid,
1125 (mod_hash_val_t *)&dap) == 0) {
1126 *dlap = dap->da_ap;
1127 rw_exit(&dld_ap_hash_lock);
1128 return (0);
1129 }
1130 rw_exit(&dld_ap_hash_lock);
1131
1132 if (dls_devnet_phydev(linkid, &phydev) != 0)
1133 return (-1);
1134
1135 *devp = phydev;
1136 return (1);
1137 }
1138
1139 /*
1140 * Secure objects implementation
1141 */
1142
1143 /* ARGSUSED */
1144 static int
drv_secobj_ctor(void * buf,void * arg,int kmflag)1145 drv_secobj_ctor(void *buf, void *arg, int kmflag)
1146 {
1147 bzero(buf, sizeof (dld_secobj_t));
1148 return (0);
1149 }
1150
1151 static void
drv_secobj_init(void)1152 drv_secobj_init(void)
1153 {
1154 rw_init(&drv_secobj_lock, NULL, RW_DEFAULT, NULL);
1155 drv_secobj_cachep = kmem_cache_create("drv_secobj_cache",
1156 sizeof (dld_secobj_t), 0, drv_secobj_ctor, NULL,
1157 NULL, NULL, NULL, 0);
1158 drv_secobj_hash = mod_hash_create_extended("drv_secobj_hash",
1159 SECOBJ_WEP_HASHSZ, mod_hash_null_keydtor, mod_hash_null_valdtor,
1160 mod_hash_bystr, NULL, mod_hash_strkey_cmp, KM_SLEEP);
1161 }
1162
1163 static void
drv_secobj_fini(void)1164 drv_secobj_fini(void)
1165 {
1166 mod_hash_destroy_hash(drv_secobj_hash);
1167 kmem_cache_destroy(drv_secobj_cachep);
1168 rw_destroy(&drv_secobj_lock);
1169 }
1170
1171 /* ARGSUSED */
1172 static int
drv_ioc_secobj_set(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1173 drv_ioc_secobj_set(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1174 {
1175 dld_ioc_secobj_set_t *ssp = karg;
1176 dld_secobj_t *sobjp, *objp;
1177 int err;
1178
1179 sobjp = &ssp->ss_obj;
1180
1181 if (sobjp->so_class != DLD_SECOBJ_CLASS_WEP &&
1182 sobjp->so_class != DLD_SECOBJ_CLASS_WPA)
1183 return (EINVAL);
1184
1185 if (sobjp->so_name[DLD_SECOBJ_NAME_MAX - 1] != '\0' ||
1186 sobjp->so_len > DLD_SECOBJ_VAL_MAX)
1187 return (EINVAL);
1188
1189 rw_enter(&drv_secobj_lock, RW_WRITER);
1190 err = mod_hash_find(drv_secobj_hash, (mod_hash_key_t)sobjp->so_name,
1191 (mod_hash_val_t *)&objp);
1192 if (err == 0) {
1193 if ((ssp->ss_flags & DLD_SECOBJ_OPT_CREATE) != 0) {
1194 rw_exit(&drv_secobj_lock);
1195 return (EEXIST);
1196 }
1197 } else {
1198 ASSERT(err == MH_ERR_NOTFOUND);
1199 if ((ssp->ss_flags & DLD_SECOBJ_OPT_CREATE) == 0) {
1200 rw_exit(&drv_secobj_lock);
1201 return (ENOENT);
1202 }
1203 objp = kmem_cache_alloc(drv_secobj_cachep, KM_SLEEP);
1204 (void) strlcpy(objp->so_name, sobjp->so_name,
1205 DLD_SECOBJ_NAME_MAX);
1206
1207 VERIFY(mod_hash_insert(drv_secobj_hash,
1208 (mod_hash_key_t)objp->so_name, (mod_hash_val_t)objp) == 0);
1209 }
1210 bcopy(sobjp->so_val, objp->so_val, sobjp->so_len);
1211 objp->so_len = sobjp->so_len;
1212 objp->so_class = sobjp->so_class;
1213 rw_exit(&drv_secobj_lock);
1214 return (0);
1215 }
1216
1217 typedef struct dld_secobj_state {
1218 uint_t ss_free;
1219 uint_t ss_count;
1220 int ss_rc;
1221 int ss_mode;
1222 dld_secobj_t *ss_objp;
1223 } dld_secobj_state_t;
1224
1225 /* ARGSUSED */
1226 static uint_t
drv_secobj_walker(mod_hash_key_t key,mod_hash_val_t * val,void * arg)1227 drv_secobj_walker(mod_hash_key_t key, mod_hash_val_t *val, void *arg)
1228 {
1229 dld_secobj_state_t *statep = arg;
1230 dld_secobj_t *sobjp = (dld_secobj_t *)val;
1231
1232 if (statep->ss_free < sizeof (dld_secobj_t)) {
1233 statep->ss_rc = ENOSPC;
1234 return (MH_WALK_TERMINATE);
1235 }
1236 if (ddi_copyout(sobjp, statep->ss_objp, sizeof (*sobjp),
1237 statep->ss_mode) != 0) {
1238 statep->ss_rc = EFAULT;
1239 return (MH_WALK_TERMINATE);
1240 }
1241 statep->ss_objp++;
1242 statep->ss_free -= sizeof (dld_secobj_t);
1243 statep->ss_count++;
1244 return (MH_WALK_CONTINUE);
1245 }
1246
1247 /* ARGSUSED */
1248 static int
drv_ioc_secobj_get(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1249 drv_ioc_secobj_get(void *karg, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1250 {
1251 dld_ioc_secobj_get_t *sgp = karg;
1252 dld_secobj_t *sobjp, *objp;
1253 int err;
1254
1255 sobjp = &sgp->sg_obj;
1256 if (sobjp->so_name[DLD_SECOBJ_NAME_MAX - 1] != '\0')
1257 return (EINVAL);
1258
1259 rw_enter(&drv_secobj_lock, RW_READER);
1260 if (sobjp->so_name[0] != '\0') {
1261 err = mod_hash_find(drv_secobj_hash,
1262 (mod_hash_key_t)sobjp->so_name, (mod_hash_val_t *)&objp);
1263 if (err != 0) {
1264 ASSERT(err == MH_ERR_NOTFOUND);
1265 rw_exit(&drv_secobj_lock);
1266 return (ENOENT);
1267 }
1268 bcopy(objp->so_val, sobjp->so_val, objp->so_len);
1269 sobjp->so_len = objp->so_len;
1270 sobjp->so_class = objp->so_class;
1271 sgp->sg_count = 1;
1272 } else {
1273 dld_secobj_state_t state;
1274
1275 state.ss_free = sgp->sg_size - sizeof (dld_ioc_secobj_get_t);
1276 state.ss_count = 0;
1277 state.ss_rc = 0;
1278 state.ss_mode = mode;
1279 state.ss_objp = (dld_secobj_t *)((uchar_t *)arg +
1280 sizeof (dld_ioc_secobj_get_t));
1281
1282 mod_hash_walk(drv_secobj_hash, drv_secobj_walker, &state);
1283 if (state.ss_rc != 0) {
1284 rw_exit(&drv_secobj_lock);
1285 return (state.ss_rc);
1286 }
1287 sgp->sg_count = state.ss_count;
1288 }
1289 rw_exit(&drv_secobj_lock);
1290 return (0);
1291 }
1292
1293 /* ARGSUSED */
1294 static int
drv_ioc_secobj_unset(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1295 drv_ioc_secobj_unset(void *karg, intptr_t arg, int mode, cred_t *cred,
1296 int *rvalp)
1297 {
1298 dld_ioc_secobj_unset_t *sup = karg;
1299 dld_secobj_t *objp;
1300 mod_hash_val_t val;
1301 int err;
1302
1303 if (sup->su_name[DLD_SECOBJ_NAME_MAX - 1] != '\0')
1304 return (EINVAL);
1305
1306 rw_enter(&drv_secobj_lock, RW_WRITER);
1307 err = mod_hash_find(drv_secobj_hash, (mod_hash_key_t)sup->su_name,
1308 (mod_hash_val_t *)&objp);
1309 if (err != 0) {
1310 ASSERT(err == MH_ERR_NOTFOUND);
1311 rw_exit(&drv_secobj_lock);
1312 return (ENOENT);
1313 }
1314 VERIFY(mod_hash_remove(drv_secobj_hash, (mod_hash_key_t)sup->su_name,
1315 (mod_hash_val_t *)&val) == 0);
1316 ASSERT(objp == (dld_secobj_t *)val);
1317
1318 kmem_cache_free(drv_secobj_cachep, objp);
1319 rw_exit(&drv_secobj_lock);
1320 return (0);
1321 }
1322
1323 /* ARGSUSED */
1324 static int
drv_ioc_gettran(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1325 drv_ioc_gettran(void *karg, intptr_t arg, int mode, cred_t *cred,
1326 int *rvalp)
1327 {
1328 int ret = 0;
1329 mac_perim_handle_t mph = NULL;
1330 dls_dl_handle_t dlh = NULL;
1331 dls_link_t *dlp = NULL;
1332 dld_ioc_gettran_t *dgt = karg;
1333
1334 if ((ret = dls_devnet_hold_tmp(dgt->dgt_linkid, &dlh)) != 0)
1335 goto done;
1336
1337 if ((ret = mac_perim_enter_by_macname(dls_devnet_mac(dlh), &mph)) != 0)
1338 goto done;
1339
1340 if ((ret = dls_link_hold(dls_devnet_mac(dlh), &dlp)) != 0)
1341 goto done;
1342
1343 /*
1344 * Make sure that this link belongs to the zone.
1345 */
1346 if (crgetzoneid(cred) != dls_devnet_getownerzid(dlh)) {
1347 ret = ENOENT;
1348 goto done;
1349 }
1350
1351 if (dgt->dgt_tran_id == DLDIOC_GETTRAN_GETNTRAN) {
1352 ret = mac_transceiver_count(dlp->dl_mh, &dgt->dgt_tran_id);
1353 } else {
1354 ret = mac_transceiver_info(dlp->dl_mh, dgt->dgt_tran_id,
1355 &dgt->dgt_present, &dgt->dgt_usable);
1356 }
1357
1358 done:
1359 if (dlp != NULL)
1360 dls_link_rele(dlp);
1361
1362 if (mph != NULL)
1363 mac_perim_exit(mph);
1364
1365 if (dlh != NULL)
1366 dls_devnet_rele_tmp(dlh);
1367
1368 return (ret);
1369 }
1370
1371 /* ARGSUSED */
1372 static int
drv_ioc_readtran(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1373 drv_ioc_readtran(void *karg, intptr_t arg, int mode, cred_t *cred,
1374 int *rvalp)
1375 {
1376 int ret = 0;
1377 mac_perim_handle_t mph = NULL;
1378 dls_dl_handle_t dlh = NULL;
1379 dls_link_t *dlp = NULL;
1380 dld_ioc_tranio_t *dti = karg;
1381 uint8_t buf[256];
1382 size_t nr;
1383
1384 /*
1385 * Be strict for the moment
1386 */
1387 if (dti->dti_nbytes != 256 || dti->dti_off != 0)
1388 return (EINVAL);
1389
1390 if ((ret = dls_devnet_hold_tmp(dti->dti_linkid, &dlh)) != 0)
1391 goto done;
1392
1393 if ((ret = mac_perim_enter_by_macname(dls_devnet_mac(dlh), &mph)) != 0)
1394 goto done;
1395
1396 if ((ret = dls_link_hold(dls_devnet_mac(dlh), &dlp)) != 0)
1397 goto done;
1398
1399 /*
1400 * Make sure that this link belongs to the zone.
1401 */
1402 if (crgetzoneid(cred) != dls_devnet_getownerzid(dlh)) {
1403 ret = ENOENT;
1404 goto done;
1405 }
1406
1407 bzero(buf, sizeof (buf));
1408 if ((ret = mac_transceiver_read(dlp->dl_mh, dti->dti_tran_id,
1409 dti->dti_page, buf, dti->dti_nbytes, dti->dti_off, &nr)) == 0) {
1410 dti->dti_nbytes = nr;
1411 ret = ddi_copyout(buf, (void *)(uintptr_t)dti->dti_buf,
1412 sizeof (buf), mode);
1413 }
1414
1415 done:
1416 if (dlp != NULL)
1417 dls_link_rele(dlp);
1418
1419 if (mph != NULL)
1420 mac_perim_exit(mph);
1421
1422 if (dlh != NULL)
1423 dls_devnet_rele_tmp(dlh);
1424
1425 return (ret);
1426 }
1427
1428 /* ARGSUSED */
1429 static int
drv_ioc_getled(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1430 drv_ioc_getled(void *karg, intptr_t arg, int mode, cred_t *cred,
1431 int *rvalp)
1432 {
1433 int ret = 0;
1434 mac_perim_handle_t mph = NULL;
1435 dls_dl_handle_t dlh = NULL;
1436 dls_link_t *dlp = NULL;
1437 dld_ioc_led_t *dil = karg;
1438
1439 if ((mode & FREAD) == 0)
1440 return (EBADF);
1441
1442 if ((ret = dls_devnet_hold_tmp(dil->dil_linkid, &dlh)) != 0)
1443 goto done;
1444
1445 if ((ret = mac_perim_enter_by_macname(dls_devnet_mac(dlh), &mph)) != 0)
1446 goto done;
1447
1448 if ((ret = dls_link_hold(dls_devnet_mac(dlh), &dlp)) != 0)
1449 goto done;
1450
1451 /*
1452 * Make sure that this link belongs to the zone.
1453 */
1454 if (crgetzoneid(cred) != dls_devnet_getownerzid(dlh)) {
1455 ret = ENOENT;
1456 goto done;
1457 }
1458
1459 ret = mac_led_get(dlp->dl_mh, &dil->dil_supported, &dil->dil_active);
1460
1461 done:
1462 if (dlp != NULL)
1463 dls_link_rele(dlp);
1464
1465 if (mph != NULL)
1466 mac_perim_exit(mph);
1467
1468 if (dlh != NULL)
1469 dls_devnet_rele_tmp(dlh);
1470
1471 return (ret);
1472 }
1473
1474 /* ARGSUSED */
1475 static int
drv_ioc_setled(void * karg,intptr_t arg,int mode,cred_t * cred,int * rvalp)1476 drv_ioc_setled(void *karg, intptr_t arg, int mode, cred_t *cred,
1477 int *rvalp)
1478 {
1479 int ret = 0;
1480 mac_perim_handle_t mph = NULL;
1481 dls_dl_handle_t dlh = NULL;
1482 dls_link_t *dlp = NULL;
1483 dld_ioc_led_t *dil = karg;
1484
1485 if ((mode & FWRITE) == 0)
1486 return (EBADF);
1487
1488 if ((ret = dls_devnet_hold_tmp(dil->dil_linkid, &dlh)) != 0)
1489 goto done;
1490
1491 if ((ret = mac_perim_enter_by_macname(dls_devnet_mac(dlh), &mph)) != 0)
1492 goto done;
1493
1494 if ((ret = dls_link_hold(dls_devnet_mac(dlh), &dlp)) != 0)
1495 goto done;
1496
1497 /*
1498 * Make sure that this link belongs to the zone.
1499 */
1500 if (crgetzoneid(cred) != dls_devnet_getownerzid(dlh)) {
1501 ret = ENOENT;
1502 goto done;
1503 }
1504
1505 ret = mac_led_set(dlp->dl_mh, dil->dil_active);
1506
1507 done:
1508 if (dlp != NULL)
1509 dls_link_rele(dlp);
1510
1511 if (mph != NULL)
1512 mac_perim_exit(mph);
1513
1514 if (dlh != NULL)
1515 dls_devnet_rele_tmp(dlh);
1516
1517 return (ret);
1518 }
1519
1520
1521 /*
1522 * Note that ioctls that modify links have a NULL di_priv_func(), as
1523 * privileges can only be checked after we know the class of the link being
1524 * modified (due to class-specific fine-grained privileges such as
1525 * sys_iptun_config).
1526 */
1527 static dld_ioc_info_t drv_ioc_list[] = {
1528 {DLDIOC_ATTR, DLDCOPYINOUT, sizeof (dld_ioc_attr_t),
1529 drv_ioc_attr, NULL},
1530 {DLDIOC_PHYS_ATTR, DLDCOPYINOUT, sizeof (dld_ioc_phys_attr_t),
1531 drv_ioc_phys_attr, NULL},
1532 {DLDIOC_SECOBJ_SET, DLDCOPYIN, sizeof (dld_ioc_secobj_set_t),
1533 drv_ioc_secobj_set, secpolicy_dl_config},
1534 {DLDIOC_SECOBJ_GET, DLDCOPYINOUT, sizeof (dld_ioc_secobj_get_t),
1535 drv_ioc_secobj_get, secpolicy_dl_config},
1536 {DLDIOC_SECOBJ_UNSET, DLDCOPYIN, sizeof (dld_ioc_secobj_unset_t),
1537 drv_ioc_secobj_unset, secpolicy_dl_config},
1538 {DLDIOC_DOORSERVER, DLDCOPYIN, sizeof (dld_ioc_door_t),
1539 drv_ioc_doorserver, secpolicy_dl_config},
1540 {DLDIOC_RENAME, DLDCOPYIN, sizeof (dld_ioc_rename_t),
1541 drv_ioc_rename, NULL},
1542 {DLDIOC_MACADDRGET, DLDCOPYINOUT, sizeof (dld_ioc_macaddrget_t),
1543 drv_ioc_macaddrget, NULL},
1544 {DLDIOC_ADDFLOW, DLDCOPYIN, sizeof (dld_ioc_addflow_t),
1545 drv_ioc_addflow, secpolicy_dl_config},
1546 {DLDIOC_REMOVEFLOW, DLDCOPYIN, sizeof (dld_ioc_removeflow_t),
1547 drv_ioc_removeflow, secpolicy_dl_config},
1548 {DLDIOC_MODIFYFLOW, DLDCOPYIN, sizeof (dld_ioc_modifyflow_t),
1549 drv_ioc_modifyflow, secpolicy_dl_config},
1550 {DLDIOC_WALKFLOW, DLDCOPYINOUT, sizeof (dld_ioc_walkflow_t),
1551 drv_ioc_walkflow, NULL},
1552 {DLDIOC_USAGELOG, DLDCOPYIN, sizeof (dld_ioc_usagelog_t),
1553 drv_ioc_usagelog, secpolicy_dl_config},
1554 {DLDIOC_SETMACPROP, DLDCOPYIN, sizeof (dld_ioc_macprop_t),
1555 drv_ioc_setprop, NULL},
1556 {DLDIOC_GETMACPROP, DLDCOPYIN, sizeof (dld_ioc_macprop_t),
1557 drv_ioc_getprop, NULL},
1558 {DLDIOC_GETHWGRP, DLDCOPYINOUT, sizeof (dld_ioc_hwgrpget_t),
1559 drv_ioc_hwgrpget, NULL},
1560 {DLDIOC_GETTRAN, DLDCOPYINOUT, sizeof (dld_ioc_gettran_t),
1561 drv_ioc_gettran, NULL },
1562 {DLDIOC_READTRAN, DLDCOPYINOUT, sizeof (dld_ioc_tranio_t),
1563 drv_ioc_readtran, NULL },
1564 {DLDIOC_GETLED, DLDCOPYINOUT, sizeof (dld_ioc_led_t),
1565 drv_ioc_getled, NULL },
1566 {DLDIOC_SETLED, DLDCOPYIN, sizeof (dld_ioc_led_t),
1567 drv_ioc_setled, secpolicy_dl_config}
1568 };
1569
1570 typedef struct dld_ioc_modentry {
1571 uint16_t dim_modid; /* Top 16 bits of ioctl command */
1572 char *dim_modname; /* Module to be loaded */
1573 int ctrl_node_inst; /* Ctrl node instance */
1574 dld_ioc_info_t *dim_list; /* array of ioctl structures */
1575 uint_t dim_count; /* number of elements in dim_list */
1576 } dld_ioc_modentry_t;
1577
1578 /*
1579 * For all modules except for dld, dim_list and dim_count are assigned
1580 * when the modules register their ioctls in dld_ioc_register(). We
1581 * can statically initialize dld's ioctls in-line here; there's no
1582 * need for it to call dld_ioc_register() itself. ctrl_node_inst controls
1583 * whether an instance of the device will be held or the driver. If set to
1584 * a non-negative integer, device instance specified in ctrl_node_inst will
1585 * be held; so dld_ioc_register() _must_ be called in xxx_attach() routine of
1586 * the driver. If set to -1, driver will be held; so dld_ioc_register() _must_
1587 * be called in xxx_init() routine of the driver.
1588 */
1589 static dld_ioc_modentry_t dld_ioc_modtable[] = {
1590 {DLD_IOC, "dld", 0, drv_ioc_list, DLDIOCCNT(drv_ioc_list)},
1591 {AGGR_IOC, "aggr", 0, NULL, 0},
1592 {VNIC_IOC, "vnic", 0, NULL, 0},
1593 {SIMNET_IOC, "simnet", 0, NULL, 0},
1594 {BRIDGE_IOC, "bridge", 0, NULL, 0},
1595 {IPTUN_IOC, "iptun", 0, NULL, 0},
1596 {IBPART_IOC, "ibp", -1, NULL, 0},
1597 {OVERLAY_IOC, "overlay", 0, NULL, 0}
1598 };
1599 #define DLDIOC_CNT \
1600 (sizeof (dld_ioc_modtable) / sizeof (dld_ioc_modentry_t))
1601
1602 static dld_ioc_modentry_t *
dld_ioc_findmod(uint16_t modid)1603 dld_ioc_findmod(uint16_t modid)
1604 {
1605 int i;
1606
1607 for (i = 0; i < DLDIOC_CNT; i++) {
1608 if (modid == dld_ioc_modtable[i].dim_modid)
1609 return (&dld_ioc_modtable[i]);
1610 }
1611 return (NULL);
1612 }
1613
1614 int
dld_ioc_register(uint16_t modid,dld_ioc_info_t * list,uint_t count)1615 dld_ioc_register(uint16_t modid, dld_ioc_info_t *list, uint_t count)
1616 {
1617 dld_ioc_modentry_t *dim = dld_ioc_findmod(modid);
1618
1619 if (dim == NULL)
1620 return (ENOENT);
1621
1622 dim->dim_list = list;
1623 dim->dim_count = count;
1624 return (0);
1625 }
1626
1627 void
dld_ioc_unregister(uint16_t modid)1628 dld_ioc_unregister(uint16_t modid)
1629 {
1630 VERIFY(dld_ioc_register(modid, NULL, 0) == 0);
1631 }
1632
1633 /*
1634 * The general design with GLDv3 ioctls is that all ioctls issued
1635 * through /dev/dld go through this drv_ioctl() function. This
1636 * function handles all ioctls on behalf of modules listed in
1637 * dld_ioc_modtable.
1638 *
1639 * When an ioctl is received, this function looks for the associated
1640 * module-id-specific ioctl information using dld_ioc_findmod(). The
1641 * call to ddi_hold_driver() or ddi_hold_devi_by_instance() on the
1642 * associated device will cause the kernel module responsible for the
1643 * ioctl to be loaded if it's not already loaded, which should result
1644 * in that module calling dld_ioc_register(), thereby filling in the
1645 * dim_list containing the details for the ioctl being processed.
1646 *
1647 * This function can then perform operations such as copyin() data and
1648 * do credential checks based on the registered ioctl information,
1649 * then issue the callback function di_func() registered by the
1650 * responsible module. Upon return, the appropriate copyout()
1651 * operation can be performed and the operation completes.
1652 */
1653 /* ARGSUSED */
1654 static int
drv_ioctl(dev_t dev,int cmd,intptr_t arg,int mode,cred_t * cred,int * rvalp)1655 drv_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *cred, int *rvalp)
1656 {
1657 dld_ioc_modentry_t *dim;
1658 dld_ioc_info_t *info;
1659 dev_info_t *dip = NULL;
1660 struct dev_ops *dops = NULL;
1661 major_t major;
1662 void *buf = NULL;
1663 size_t sz;
1664 int i, err;
1665
1666 if ((dim = dld_ioc_findmod(DLD_IOC_MODID(cmd))) == NULL)
1667 return (ENOTSUP);
1668
1669 major = ddi_name_to_major(dim->dim_modname);
1670
1671 if (dim->ctrl_node_inst == -1) {
1672 /*
1673 * No dedicated instance to process ioctls.
1674 * dld_ioc_register() is called in xxx_init().
1675 */
1676 dops = ddi_hold_driver(major);
1677 } else {
1678 /*
1679 * Dedicated instance to handle ioctl.
1680 * dld_ioc_register() is called in xxx_attach().
1681 */
1682 dip = ddi_hold_devi_by_instance(major, dim->ctrl_node_inst, 0);
1683 }
1684
1685 if ((dip == NULL && dops == NULL) || dim->dim_list == NULL) {
1686 err = ENODEV;
1687 goto done;
1688 }
1689
1690 for (i = 0; i < dim->dim_count; i++) {
1691 if (cmd == dim->dim_list[i].di_cmd)
1692 break;
1693 }
1694 if (i == dim->dim_count) {
1695 err = ENOTSUP;
1696 goto done;
1697 }
1698
1699 info = &dim->dim_list[i];
1700
1701 if (info->di_priv_func != NULL &&
1702 (err = info->di_priv_func(cred)) != 0)
1703 goto done;
1704
1705 sz = info->di_argsize;
1706 if ((buf = kmem_zalloc(sz, KM_NOSLEEP)) == NULL) {
1707 err = ENOMEM;
1708 goto done;
1709 }
1710
1711 if ((info->di_flags & DLDCOPYIN) &&
1712 ddi_copyin((void *)arg, buf, sz, mode) != 0) {
1713 err = EFAULT;
1714 goto done;
1715 }
1716
1717 err = info->di_func(buf, arg, mode, cred, rvalp);
1718
1719 if ((info->di_flags & DLDCOPYOUT) &&
1720 ddi_copyout(buf, (void *)arg, sz, mode) != 0 && err == 0)
1721 err = EFAULT;
1722
1723 done:
1724 if (buf != NULL)
1725 kmem_free(buf, sz);
1726 if (dip != NULL)
1727 ddi_release_devi(dip);
1728 if (dops != NULL)
1729 ddi_rele_driver(major);
1730 return (err);
1731 }
1732