| blob | 7dc7126a510735e242fbab87cf215da8cefd764f |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
22 /*
23 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
27 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
28 /* All Rights Reserved */
30 /*
31 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
32 * Copyright 2015 Joyent, Inc.
33 */
35 #include <sys/flock_impl.h>
36 #include <sys/vfs.h>
38 #include <sys/callb.h>
39 #include <sys/nbmlock.h>
40 #include <sys/cred.h>
41 #include <sys/policy.h>
43 /*
44 * The following four variables are for statistics purposes and they are
45 * not protected by locks. They may not be accurate but will at least be
46 * close to the actual value.
47 */
60 #ifdef DEBUG
62 #define CHECK_ACTIVE_LOCKS(gp) if (check_debug) \
63 check_active_locks(gp);
64 #define CHECK_SLEEPING_LOCKS(gp) if (check_debug) \
65 check_sleeping_locks(gp);
66 #define CHECK_OWNER_LOCKS(gp, pid, sysid, vp) \
67 if (check_debug) \
68 check_owner_locks(gp, pid, sysid, vp);
69 #define CHECK_LOCK_TRANSITION(old_state, new_state) \
70 { \
71 if (check_lock_transition(old_state, new_state)) { \
74 } \
75 }
76 #else
78 #define CHECK_ACTIVE_LOCKS(gp)
79 #define CHECK_SLEEPING_LOCKS(gp)
80 #define CHECK_OWNER_LOCKS(gp, pid, sysid, vp)
81 #define CHECK_LOCK_TRANSITION(old_state, new_state)
88 proc_graph_t pgraph;
90 /*
91 * Clustering.
92 *
93 * NLM REGISTRY TYPE IMPLEMENTATION
94 *
95 * Assumptions:
96 * 1. Nodes in a cluster are numbered starting at 1; always non-negative
97 * integers.
98 * 2. We use this node id to identify the node an NLM server runs on.
99 */
101 /*
102 * NLM registry object keeps track of NLM servers via their
103 * nlmids (which are the node ids of the node in the cluster they run on)
104 * that have requested locks at this LLM with which this registry is
105 * associated.
106 *
107 * Representation of abstraction:
108 * rep = record[ states: array[nlm_state],
109 * lock: mutex]
110 *
111 * Representation invariants:
112 * 1. index i of rep.states is between 0 and n - 1 where n is number
113 * of elements in the array, which happen to be the maximum number
114 * of nodes in the cluster configuration + 1.
115 * 2. map nlmid to index i of rep.states
116 * 0 -> 0
117 * 1 -> 1
118 * 2 -> 2
119 * 3. This 1-1 mapping is quite convenient and it avoids errors resulting
120 * from forgetting to subtract 1 from the index.
121 * 4. The reason we keep the 0th index is the following. A legitimate
122 * cluster configuration includes making a UFS file system NFS
123 * exportable. The code is structured so that if you're in a cluster
124 * you do one thing; otherwise, you do something else. The problem
125 * is what to do if you think you're in a cluster with PXFS loaded,
126 * but you're using UFS not PXFS? The upper two bytes of the sysid
127 * encode the node id of the node where NLM server runs; these bytes
128 * are zero for UFS. Since the nodeid is used to index into the
129 * registry, we can record the NLM server state information at index
130 * 0 using the same mechanism used for PXFS file locks!
131 */
136 /*
137 * Although we need a global lock dependency graph (and associated data
138 * structures), we also need a per-zone notion of whether the lock manager is
139 * running, and so whether to allow lock manager requests or not.
140 *
141 * Thus, on a per-zone basis we maintain a ``global'' variable
142 * (flk_lockmgr_status), protected by flock_lock, and set when the lock
143 * manager is determined to be changing state (starting or stopping).
144 *
145 * Each graph/zone pair also has a copy of this variable, which is protected by
146 * the graph's mutex.
147 *
148 * The per-graph copies are used to synchronize lock requests with shutdown
149 * requests. The global copy is used to initialize the per-graph field when a
150 * new graph is created.
151 */
153 flk_lockmgr_status_t flk_lockmgr_status;
155 };
157 zone_key_t flock_zone_key;
186 #ifdef DEBUG
195 #endif
197 /* proc_graph function definitions */
206 /* Non-blocking mandatory locking */
208 uoff_t);
212 {
213 /*
214 * The KLM module had better be loaded if we're attempting to handle
215 * lockmgr requests.
216 */
219 }
221 static flk_lockmgr_status_t
223 {
229 /*
230 * KLM module not loaded; lock manager definitely not running.
231 */
233 }
236 }
238 /*
239 * This implements Open File Description (not descriptor) style record locking.
240 * These locks can also be thought of as pid-less since they are not tied to a
241 * specific process, thus they're preserved across fork.
242 *
243 * Called directly from fcntl.
244 *
245 * See reclock() for the implementation of the traditional POSIX style record
246 * locking scheme (pid-ful). This function is derived from reclock() but
247 * simplified and modified to work for OFD style locking.
248 *
249 * The two primary advantages of OFD style of locking are:
250 * 1) It is per-file description, so closing a file descriptor that refers to a
251 * different file description for the same file will not drop the lock (i.e.
252 * two open's of the same file get different descriptions but a dup or fork
253 * will refer to the same description).
254 * 2) Locks are preserved across fork(2).
255 *
256 * Because these locks are per-description a lock ptr lives at the f_filocks
257 * member of the file_t and the lock_descriptor includes a file_t pointer
258 * to enable unique lock identification and management.
259 *
260 * Since these locks are pid-less we cannot do deadlock detection with the
261 * current process-oriented implementation. This is consistent with OFD locking
262 * behavior on other operating systems such as Linux. Since we don't do
263 * deadlock detection we never interact with the process graph that is
264 * maintained for deadlock detection on the traditional POSIX-style locks.
265 *
266 * Future Work:
267 *
268 * The current implementation does not support record locks. That is,
269 * currently the single lock must cover the entire file. This is validated in
270 * fcntl. To support record locks the f_filock pointer in the file_t needs to
271 * be changed to a list of pointers to the locks. That list needs to be
272 * managed independently of the lock list on the vnode itself and it needs to
273 * be maintained as record locks are created, split, coalesced and deleted.
274 *
275 * The current implementation does not support remote file systems (e.g.
276 * NFS or CIFS). This is handled in fs_frlock(). The design of how OFD locks
277 * interact with the NLM is not clear since the NLM protocol/implementation
278 * appears to be oriented around locks associated with a process. A further
279 * problem is that a design is needed for what nlm_send_siglost() should do and
280 * where it will send SIGLOST. More recent versions of Linux apparently try to
281 * emulate OFD locks on NFS by converting them to traditional POSIX style locks
282 * that work with the NLM. It is not clear that this provides the correct
283 * semantics in all cases.
284 */
285 int
287 {
290 lock_descriptor_t stack_lock_request;
302 /* see block comment */
309 /*
310 * For reclock fs_frlock() would normally have set these in a few
311 * places but for us it's cleaner to centralize it here. Note that
312 * IGN_PID is -1. We use 0 for our pid-less locks.
313 */
317 /*
318 * Check access permissions
319 */
325 /*
326 * for query and unlock we use the stack_lock_request
327 */
333 /*
334 * following is added to make the assertions in
335 * flk_execute_request() pass
336 */
345 }
351 /*
352 * Convert the request range into the canonical start and end
353 * values then check the validity of the lock range.
354 */
361 MAXEND);
375 }
378 /*
379 * We are ready for processing the request
380 */
386 }
388 /* Get the lock graph for a particular vnode */
405 /* process the request now */
407 }
411 /* unlock request will not block so execute it immediately */
418 }
427 }
428 }
436 done:
441 }
443 /*
444 * Remove any lock on the vnode belonging to the given file_t.
445 * Called from closef on last close, file_t is locked.
446 *
447 * This is modeled on the cleanlocks() function but only removes the single
448 * lock associated with fp.
449 */
450 void
452 {
482 }
485 }
497 }
500 }
505 }
507 /*
508 * Routine called from fs_frlock in fs/fs_subr.c
509 *
510 * This implements traditional POSIX style record locking. The two primary
511 * drawbacks to this style of locking are:
512 * 1) It is per-process, so any close of a file descriptor that refers to the
513 * file will drop the lock (e.g. lock /etc/passwd, call a library function
514 * which opens /etc/passwd to read the file, when the library closes it's
515 * file descriptor the application loses its lock and does not know).
516 * 2) Locks are not preserved across fork(2).
517 *
518 * Because these locks are only associated with a PID, they are per-process.
519 * This is why any close will drop the lock and is also why, once the process
520 * forks, the lock is no longer related to the new process. These locks can
521 * be considered as PID-ful.
522 *
523 * See ofdlock() for the implementation of a similar but improved locking
524 * scheme.
525 */
526 int
529 {
530 lock_descriptor_t stack_lock_request;
536 /*
537 * Check access permissions
538 */
544 /*
545 * for query and unlock we use the stack_lock_request
546 */
554 /*
555 * following is added to make the assertions in
556 * flk_execute_request() to pass through
557 */
566 }
571 /*
572 * Convert the request range into the canonical start and end
573 * values. The NLM protocol supports locking over the entire
574 * 32-bit range, so there's no range checking for remote requests,
575 * but we still need to verify that local requests obey the rules.
576 */
583 /* check the validity of the lock range */
586 offset);
589 }
594 }
595 }
613 }
617 /*
618 * We are ready for processing the request
619 */
621 /*
622 * If the lock request is an NLM server request ....
623 */
626 /*
627 * Bail out if this is a lock manager request and the
628 * lock manager is not supposed to be running.
629 */
634 }
641 /*
642 * If the NLM registry does not know about this
643 * NLM server making the request, add its nlmid
644 * to the registry.
645 */
647 nlmid)) {
650 nlmid)) {
651 /*
652 * If the NLM server is already known (has made
653 * previous lock requests) and its state is
654 * not NLM_UP (means that NLM server is
655 * shutting down), then bail out with an
656 * error to deny the lock request.
657 */
661 }
663 }
664 }
666 /* Now get the lock graph for a particular vnode */
669 /*
670 * We drop rwlock here otherwise this might end up causing a
671 * deadlock if this IOLOCK sleeps. (bugid # 1183392).
672 */
678 }
693 }
695 /* process the request now */
701 /* unlock request will not block so execute it immediately */
708 }
712 /*
713 * Recovery mechanism to release lock manager locks when
714 * NFS client crashes and restart. NFS server will clear
715 * old locks and grant new locks.
716 */
721 }
725 }
736 }
738 /*
739 * Now that we have seen the status of locks in the system for
740 * this vnode we acquire the rwlock if it is an IO_LOCK.
741 */
750 /*
751 * This wake up is needed otherwise
752 * if IO_LOCK has slept the dependents on this
753 * will not be woken up at all. (bugid # 1185482).
754 */
759 }
760 /*
761 * else if error had occurred either flk_process_request()
762 * has returned EDEADLK in which case there will be no
763 * dependents for this lock or EINTR from flk_wait_execute_
764 * request() in which case flk_cancel_sleeping_lock()
765 * would have been done. same is true with EBADF.
766 */
767 }
776 }
777 }
782 done:
787 }
789 /*
790 * Invoke the callbacks in the given list. If before sleeping, invoke in
791 * list order. If after sleeping, invoke in reverse order.
792 *
793 * CPR (suspend/resume) support: if one of the callbacks returns a
794 * callb_cpr_t, return it. This will be used to make the thread CPR-safe
795 * while it is sleeping. There should be at most one callb_cpr_t for the
796 * thread.
797 * XXX This is unnecessarily complicated. The CPR information should just
798 * get passed in directly through fop_frlock and reclock, rather than
799 * sneaking it in via a callback.
800 */
802 callb_cpr_t *
804 {
819 }
828 }
831 }
834 }
836 /*
837 * Initialize a flk_callback_t to hold the given callback.
838 */
840 void
843 {
848 }
850 /*
851 * Initialize an flk_callback_t and then link it into the head of an
852 * existing list (which may be NULL).
853 */
855 void
859 {
869 }
871 /*
872 * Remove the callback from a list.
873 */
875 void
877 {
883 }
885 /*
886 * Initialize the flk_edge_cache data structure and create the
887 * nlm_reg_status array.
888 */
890 void
892 {
893 uint_t i;
899 }
900 /*
901 * Create the NLM registry object.
902 */
905 }
907 /*
908 * Zone constructor/destructor callbacks to be executed when a zone is
909 * created/destroyed.
910 */
911 /* ARGSUSED */
914 {
916 uint_t i;
923 }
925 /* ARGSUSED */
926 void
928 {
932 }
934 /*
935 * Get a lock_descriptor structure with initialization of edge lists.
936 */
940 {
952 flk_lock_allocs++;
954 }
956 /*
957 * Free a lock_descriptor structure. Just sets the DELETED_LOCK flag
958 * when some thread has a reference to it as in reclock().
959 */
961 void
963 {
974 }
975 flk_lock_frees++;
977 }
979 void
981 {
982 /*
983 * Locks in the sleeping list may be woken up in a number of ways,
984 * and more than once. If a sleeping lock is signaled awake more
985 * than once, then it may or may not change state depending on its
986 * current state.
987 * Also note that NLM locks that are sleeping could be moved to an
988 * interrupted state more than once if the unlock request is
989 * retransmitted by the NLM client - the second time around, this is
990 * just a nop.
991 * The ordering of being signaled awake is:
992 * INTERRUPTED_STATE > CANCELLED_STATE > GRANTED_STATE.
993 * The checks below implement this ordering.
994 */
1000 }
1001 }
1006 }
1007 }
1010 }
1012 /*
1013 * Routine that checks whether there are any blocking locks in the system.
1014 *
1015 * The policy followed is if a write lock is sleeping we don't allow read
1016 * locks before this write lock even though there may not be any active
1017 * locks corresponding to the read locks' region.
1018 *
1019 * flk_add_edge() function adds an edge between l1 and l2 iff there
1020 * is no path between l1 and l2. This is done to have a "minimum
1021 * storage representation" of the dependency graph.
1022 *
1023 * Another property of the graph is since only the new request throws
1024 * edges to the existing locks in the graph, the graph is always topologically
1025 * ordered.
1026 */
1028 static int
1030 {
1045 /*
1046 * check active locks
1047 */
1059 }
1060 /*
1061 * Grant lock if it is for the same owner holding active
1062 * lock that covers the request.
1063 */
1071 }
1076 /*
1077 * Shall we grant this?! NO!!
1078 * What about those locks that were just granted and still
1079 * in sleep queue. Those threads are woken up and so locks
1080 * are almost active.
1081 */
1090 }
1091 }
1097 }
1103 /*
1104 * If the request isn't going to be blocked by a
1105 * sleeping request, we know that it isn't going to
1106 * be blocked; we can just execute the request --
1107 * without performing costly deadlock detection.
1108 */
1112 /*
1113 * If we have a sleeping writer in the requested
1114 * lock's range, block.
1115 */
1117 }
1127 }
1133 }
1136 }
1141 }
1143 block:
1147 /* check sleeping locks */
1151 /*
1152 * If we find a sleeping write lock that is a superset of the
1153 * region wanted by request we can be assured that by adding an
1154 * edge to this write lock we have paths to all locks in the
1155 * graph that blocks the request except in one case and that is why
1156 * another check for SAME_OWNER in the loop below. The exception
1157 * case is when this process that owns the sleeping write lock 'l1'
1158 * has other locks l2, l3, l4 that are in the system and arrived
1159 * before l1. l1 does not have path to these locks as they are from
1160 * same process. We break when we find a second covering sleeping
1161 * lock l5 owned by a process different from that owning l1, because
1162 * there cannot be any of l2, l3, l4, etc., arrived before l5, and if
1163 * it has l1 would have produced a deadlock already.
1164 */
1175 found_covering_lock++;
1177 }
1180 }
1185 }
1189 }
1192 }
1194 /*
1195 * found_covering_lock == 2 iff at this point 'request' has paths
1196 * to all locks that blocks 'request'. found_covering_lock == 1 iff at this
1197 * point 'request' has paths to all locks that blocks 'request' whose owners
1198 * are not same as the one that covers 'request' (covered_by above) and
1199 * we can have locks whose owner is same as covered_by in the active list.
1200 */
1211 }
1215 }
1218 }
1221 /*
1222 * request not dependent on any other locks
1223 * so execute this request
1224 */
1227 /*
1228 * check for deadlock
1229 */
1232 /*
1233 * this thread has to sleep
1234 */
1236 }
1237 }
1239 /*
1240 * The actual execution of the request in the simple case is only to
1241 * insert the 'request' in the list of active locks if it is not an
1242 * UNLOCK.
1243 * We have to consider the existing active locks' relation to
1244 * this 'request' if they are owned by same process. flk_relation() does
1245 * this job and sees to that the dependency graph information is maintained
1246 * properly.
1247 */
1249 int
1251 {
1266 /* IO_LOCK requests are only to check status */
1278 }
1284 }
1288 /*
1289 * insert in active queue
1290 */
1296 }
1298 /*
1299 * 'request' is blocked by some one therefore we put it into sleep queue.
1300 */
1301 static int
1303 {
1322 }
1324 /*
1325 * If the request is an NLM server lock request,
1326 * and the NLM state of the lock request is not
1327 * NLM_UP (because the NLM server is shutting
1328 * down), then cancel the sleeping lock and
1329 * return error ENOLCK that will encourage the
1330 * client to retransmit.
1331 */
1335 }
1336 }
1337 }
1340 /*
1341 * To make sure the shutdown code works correctly, either
1342 * the callback must happen after putting the lock on the
1343 * sleep list, or we must check the shutdown status after
1344 * returning from the callback (and before sleeping). At
1345 * least for now, we'll use the first option. If a
1346 * shutdown or signal or whatever happened while the graph
1347 * mutex was dropped, that will be detected by
1348 * wait_for_lock().
1349 */
1353 FLK_BEFORE_SLEEP);
1367 }
1371 FLK_AFTER_SLEEP);
1375 }
1378 /*
1379 * If the lock manager is shutting down, return an
1380 * error that will encourage the client to retransmit.
1381 */
1386 }
1387 }
1390 /* we got a signal, or act like we did */
1393 }
1395 /* Cancelled if some other thread has closed the file */
1400 }
1405 }
1407 /*
1408 * This routine adds an edge between from and to because from depends
1409 * to. If asked to check for deadlock it checks whether there are any
1410 * reachable locks from "from_lock" that is owned by the same process
1411 * as "from_lock".
1412 * NOTE: It is the caller's responsibility to make sure that the color
1413 * of the graph is consistent between the calls to flk_add_edge as done
1414 * in flk_process_request. This routine does not color and check for
1415 * deadlock explicitly.
1416 */
1418 static int
1421 {
1429 /*
1430 * if to vertex already has mark_color just return
1431 * don't add an edge as it is reachable from from vertex
1432 * before itself.
1433 */
1440 /*
1441 * set the from and to vertex
1442 */
1447 /*
1448 * put in adjacency list of from vertex
1449 */
1456 /*
1457 * put in list of to vertex
1458 */
1469 }
1472 }
1489 }
1490 }
1493 dead_lock:
1495 /*
1496 * remove all edges
1497 */
1507 }
1509 }
1511 /*
1512 * Get an edge structure for representing the dependency between two locks.
1513 */
1517 {
1523 edge_allocs++;
1525 }
1527 /*
1528 * Free the edge structure.
1529 */
1531 static void
1533 {
1534 edge_frees++;
1536 }
1538 /*
1539 * Check the relationship of request with lock and perform the
1540 * recomputation of dependencies, break lock if required, and return
1541 * 1 if request cannot have any more relationship with the next
1542 * active locks.
1543 * The 'lock' and 'request' are compared and in case of overlap we
1544 * delete the 'lock' and form new locks to represent the non-overlapped
1545 * portion of original 'lock'. This function has side effects such as
1546 * 'lock' will be freed, new locks will be added to the active list.
1547 */
1549 static int
1551 {
1576 else
1588 }
1589 }
1600 }
1601 }
1623 }
1636 }
1650 }
1651 }
1665 }
1672 }
1686 }
1701 }
1702 }
1703 }
1705 recompute:
1707 /*
1708 * For unlock we don't send the 'request' to for recomputing
1709 * dependencies because no lock will add an edge to this.
1710 */
1714 nvertex--;
1715 }
1719 }
1723 /*
1724 * we remove the adjacent edges for all vertices' to this vertex
1725 * 'lock'.
1726 */
1732 }
1736 /* We are ready for recomputing the dependencies now */
1743 }
1747 nvertex++;
1748 }
1751 }
1764 }
1765 }
1771 }
1773 /*
1774 * Insert a lock into the active queue.
1775 */
1777 static void
1779 {
1792 ;
1795 }
1804 }
1810 }
1812 /*
1813 * Delete the active lock : Performs two functions depending on the
1814 * value of second parameter. One is to remove from the active lists
1815 * only and other is to both remove and free the lock.
1816 */
1818 static void
1820 {
1835 NULL);
1836 }
1847 }
1849 /*
1850 * Insert into the sleep queue.
1851 */
1853 static void
1855 {
1865 ;
1873 }
1875 /*
1876 * Cancelling a sleeping lock implies removing a vertex from the
1877 * dependency graph and therefore we should recompute the dependencies
1878 * of all vertices that have a path to this vertex, w.r.t. all
1879 * vertices reachable from this vertex.
1880 */
1882 void
1884 {
1897 /*
1898 * count number of vertex pointers that has to be allocated
1899 * All vertices that are reachable from request.
1900 */
1912 nvertex++;
1913 }
1914 }
1916 /*
1917 * allocate memory for holding the vertex pointers
1918 */
1922 KM_SLEEP);
1923 }
1925 /*
1926 * one more pass to actually store the vertices in the
1927 * allocated array.
1928 * We first check sleeping locks and then active locks
1929 * so that topology array will be in a topological
1930 * order.
1931 */
1941 }
1945 }
1954 }
1958 }
1960 /*
1961 * remove in and out edges of request
1962 * They are freed after updating proc_graph below.
1963 */
1967 }
1973 /* we are ready to recompute */
1985 }
1988 /*
1989 * unset the RECOMPUTE flag in those vertices
1990 */
1994 }
1996 /*
1997 * free the topology
1998 */
2002 /*
2003 * Possibility of some locks unblocked now
2004 */
2008 /*
2009 * we expect to have a correctly recomputed graph now.
2010 */
2016 }
2018 /*
2019 * Uncoloring the graph is simply to increment the mark value of the graph
2020 * And only when wrap round takes place will we color all vertices in
2021 * the graph explicitly.
2022 */
2024 static void
2026 {
2040 }
2041 }
2043 /*
2044 * Wake up locks that are blocked on the given lock.
2045 */
2047 static void
2049 {
2059 /*
2060 * delete the edge from the adjacency list
2061 * of from vertex. if no more adjacent edges
2062 * for this vertex wake this process.
2063 */
2070 }
2077 }
2079 /*
2080 * The dependents of request, is checked for its dependency against the
2081 * locks in topology (called topology because the array is and should be in
2082 * topological order for this algorithm, if not in topological order the
2083 * inner loop below might add more edges than necessary. Topological ordering
2084 * of vertices satisfies the property that all edges will be from left to
2085 * right i.e., topology[i] can have an edge to topology[j], iff i<j)
2086 * If lock l1 in the dependent set of request is dependent (blocked by)
2087 * on lock l2 in topology but does not have a path to it, we add an edge
2088 * in the inner loop below.
2089 *
2090 * We don't want to add an edge between l1 and l2 if there exists
2091 * already a path from l1 to l2, so care has to be taken for those vertices
2092 * that have two paths to 'request'. These vertices are referred to here
2093 * as barrier locks.
2094 *
2095 * The barriers has to be found (those vertex that originally had two paths
2096 * to request) because otherwise we may end up adding edges unnecessarily
2097 * to vertices in topology, and thus barrier vertices can have an edge
2098 * to a vertex in topology as well a path to it.
2099 */
2101 static void
2104 {
2129 }
2131 /* decrement the barrier count */
2134 /* this guy will be pushed again anyway ? */
2137 /*
2138 * barrier is over we can recompute
2139 * dependencies for this lock in the
2140 * next stack pop
2141 */
2143 }
2145 }
2146 }
2158 count++;
2160 }
2162 }
2164 next_in_edge:
2167 /* prune the tree below this */
2170 /* update the barrier locks below this! */
2174 }
2176 }
2183 }
2185 }
2187 /*
2188 * Color all reachable vertices from vertex that belongs to topology (here
2189 * those that have RECOMPUTE_LOCK set in their state) and yet uncolored.
2190 *
2191 * Note: we need to use a different stack_link l_stack1 because this is
2192 * called from flk_recompute_dependencies() that already uses a stack with
2193 * l_stack as stack_link.
2194 */
2196 static int
2198 {
2218 count++;
2220 }
2222 }
2224 }
2226 /*
2227 * Called from flk_recompute_dependencies() this routine decrements
2228 * the barrier count of barrier vertices that are reachable from lock.
2229 */
2231 static void
2233 {
2253 }
2255 }
2262 }
2264 }
2265 }
2266 }
2268 /*
2269 * Finds all vertices that are reachable from 'lock' more than once and
2270 * mark them as barrier vertices and increment their barrier count.
2271 * The barrier count is one minus the total number of paths from lock
2272 * to that vertex.
2273 */
2275 static int
2277 {
2293 /* this is a barrier */
2295 /* index will have barrier count */
2300 }
2304 }
2305 }
2307 }
2309 /*
2310 * Finds the first lock that is mainly responsible for blocking this
2311 * request. If there is no such lock, request->l_flock.l_type is set to
2312 * F_UNLCK. Otherwise, request->l_flock is filled in with the particulars
2313 * of the blocking lock.
2314 *
2315 * Note: It is possible a request is blocked by a sleeping lock because
2316 * of the fairness policy used in flk_process_request() to construct the
2317 * dependencies. (see comments before flk_process_request()).
2318 */
2320 static void
2322 {
2336 }
2339 }
2342 /*
2343 * No active lock is blocking this request, but if a read
2344 * lock is requested, it may also get blocked by a waiting
2345 * writer. So search all sleeping locks and see if there is
2346 * a writer waiting.
2347 */
2354 }
2357 }
2358 }
2364 }
2366 /*
2367 * Get the graph_t structure associated with a vnode.
2368 * If 'initialize' is non-zero, and the graph_t structure for this vnode has
2369 * not yet been initialized, then a new element is allocated and returned.
2370 */
2371 graph_t *
2373 {
2383 }
2391 /* Initialize the graph */
2401 }
2407 /* Recheck the value within flock_lock */
2411 /* We must have previously allocated the graph_t structure */
2414 /*
2415 * The lockmgr status is only needed if KLM is loaded.
2416 */
2420 }
2421 }
2426 /* There was a race to allocate the graph_t and we lost */
2429 }
2432 }
2434 /*
2435 * Determine whether there are any locks for the given vnode with a remote
2436 * sysid. Returns zero if not, non-zero if there are.
2437 *
2438 * Note that the return value from this function is potentially invalid
2439 * once it has been returned. The caller is responsible for providing its
2440 * own synchronization mechanism to ensure that the return value is useful
2441 * (e.g., see nfs_lockcompletion()).
2442 */
2443 int
2445 {
2453 }
2464 }
2466 }
2467 }
2476 }
2478 }
2479 }
2481 done:
2484 }
2486 /*
2487 * Determine whether there are any locks for the given vnode with a remote
2488 * sysid matching given sysid.
2489 * Used by the new (open source) NFS Lock Manager (NLM)
2490 */
2491 int
2493 {
2504 }
2515 }
2517 }
2518 }
2527 }
2529 }
2530 }
2532 done:
2535 }
2537 /*
2538 * Determine if there are any locks owned by the given sysid.
2539 * Returns zero if not, non-zero if there are. Note that this return code
2540 * could be derived from flk_get_{sleeping,active}_locks, but this routine
2541 * avoids all the memory allocations of those routines.
2542 *
2543 * This routine has the same synchronization issues as
2544 * flk_has_remote_locks.
2545 */
2547 int
2549 {
2561 }
2571 }
2572 }
2580 }
2581 }
2583 }
2586 }
2589 /*
2590 * Delete all locks in the system that belongs to the sysid of the request.
2591 */
2593 static void
2595 {
2616 /* signal sleeping requests so that they bail out */
2622 }
2624 }
2626 /* delete active locks */
2634 }
2636 }
2638 }
2641 }
2643 /*
2644 * Search for a sleeping lock manager lock which matches exactly this lock
2645 * request; if one is found, fake a signal to cancel it.
2646 *
2647 * Return 1 if a matching lock was found, 0 otherwise.
2648 */
2650 static int
2652 {
2669 }
2671 }
2672 }
2674 }
2676 /*
2677 * Remove all non-OFD locks for the vnode belonging to the given pid and sysid.
2678 * That is, since OFD locks are pid-less we'll never match on the incoming
2679 * pid. OFD locks are removed earlier in the close() path via closef() and
2680 * ofdcleanlock().
2681 */
2682 void
2684 {
2709 }
2712 }
2724 }
2727 }
2733 }
2739 }
2742 /*
2743 * Called from 'fs' read and write routines for files that have mandatory
2744 * locking enabled.
2745 */
2747 int
2750 {
2765 }
2771 }
2773 /*
2774 * convoff - converts the given data (start, whence) to the
2775 * given whence.
2776 */
2777 int
2779 {
2787 }
2795 /* FALLTHRU */
2800 }
2811 /* FALLTHRU */
2816 }
2820 }
2823 /* proc_graph function definitions */
2825 /*
2826 * Function checks for deadlock due to the new 'lock'. If deadlock found
2827 * edges of this lock are freed and returned.
2828 */
2830 static int
2832 {
2839 /*
2840 * OFD style locks are not associated with any process so there is
2841 * no proc graph for these. Thus we cannot, and do not, do deadlock
2842 * detection.
2843 */
2853 /* construct the edges from this process to other processes */
2865 }
2866 }
2874 }
2876 }
2890 }
2891 }
2899 }
2901 }
2906 }
2923 }
2926 }
2930 }
2931 }
2935 deadlock:
2937 /* we remove all lock edges and proc edges */
2957 }
2961 }
2963 }
2964 }
2966 }
2985 }
2989 }
2991 }
2992 }
2994 }
2998 }
3000 /*
3001 * Get a proc vertex. If lock's pvertex value gets a correct proc vertex
3002 * from the list we return that, otherwise we allocate one. If necessary,
3003 * we grow the list of vertices also.
3004 */
3008 {
3019 }
3020 }
3026 }
3027 }
3031 flk_proc_vertex_allocs++;
3039 }
3040 }
3041 }
3051 }
3058 }
3060 /*
3061 * Allocate a proc edge.
3062 */
3066 {
3070 flk_proc_edge_allocs++;
3072 }
3074 /*
3075 * Free the proc edge. Called whenever its reference count goes to zero.
3076 */
3078 static void
3080 {
3083 flk_proc_edge_frees++;
3084 }
3086 /*
3087 * Color the graph explicitly done only when the mark value hits max value.
3088 */
3090 static void
3092 {
3100 }
3104 }
3105 }
3107 /*
3108 * Release the proc vertex iff both there are no in edges and out edges
3109 */
3111 static void
3113 {
3119 flk_proc_vertex_frees++;
3120 }
3121 }
3123 /*
3124 * Updates process graph to reflect change in a lock_graph.
3125 * Note: We should call this function only after we have a correctly
3126 * recomputed lock graph. Otherwise we might miss a deadlock detection.
3127 * eg: in function flk_relation() we call this function after flk_recompute_
3128 * dependencies() otherwise if a process tries to lock a vnode hashed
3129 * into another graph it might sleep for ever.
3130 */
3132 static void
3134 {
3140 /*
3141 * OFD style locks are not associated with any process so there is
3142 * no proc graph for these.
3143 */
3147 }
3166 }
3170 }
3172 }
3175 }
3179 add:
3188 }
3190 }
3198 }
3200 }
3202 /*
3203 * Set the control status for lock manager requests.
3204 *
3205 * Note that when this routine is called with FLK_WAKEUP_SLEEPERS, there
3206 * may be locks requests that have gotten started but not finished. In
3207 * particular, there may be blocking requests that are in the callback code
3208 * before sleeping (so they're not holding the lock for the graph). If
3209 * such a thread reacquires the graph's lock (to go to sleep) after
3210 * flk_lockmgr_status is set to a non-up value, it will notice the status
3211 * and bail out. If the request gets granted before the thread can check
3212 * flk_lockmgr_status, let it continue normally. It will get flushed when
3213 * we are called with FLK_LOCKMGR_DOWN.
3214 */
3216 void
3218 {
3230 /*
3231 * If the lock manager is coming back up, all that's needed is to
3232 * propagate this information to the graphs. If the lock manager
3233 * is going down, additional action is required, and each graph's
3234 * copy of the state is updated atomically with this other action.
3235 */
3247 }
3258 }
3259 }
3261 /*
3262 * This routine returns all the locks that are active or sleeping and are
3263 * associated with a particular set of identifiers. If lock_state != 0, then
3264 * only locks that match the lock_state are returned. If lock_state == 0, then
3265 * all locks are returned. If pid == NOPID, the pid is ignored. If
3266 * use_sysid is FALSE, then the sysid is ignored. If vp is NULL, then the
3267 * vnode pointer is ignored.
3268 *
3269 * A list containing the vnode pointer and an flock structure
3270 * describing the lock is returned. Each element in the list is
3271 * dynamically allocated and must be freed by the caller. The
3272 * last item in the list is denoted by a NULL value in the ll_next
3273 * field.
3274 *
3275 * The vnode pointers returned are held. The caller is responsible
3276 * for releasing these. Note that the returned list is only a snapshot of
3277 * the current lock information, and that it is a snapshot of a moving
3278 * target (only one graph is locked at a time).
3279 */
3281 locklist_t *
3284 {
3287 locklist_t listhead;
3299 /*
3300 * Get a pointer to something to use as a list head while building
3301 * the rest of the list.
3302 */
3307 /* Figure out which graphs we want to look at. */
3314 }
3322 }
3340 /*
3341 * A matching lock was found. Allocate
3342 * space for a new locklist entry and fill
3343 * it in.
3344 */
3352 }
3354 }
3358 }
3360 /*
3361 * These two functions are simply interfaces to get_lock_list. They return
3362 * a list of sleeping or active locks for the given sysid and pid. See
3363 * get_lock_list for details.
3364 *
3365 * In either case we don't particularly care to specify the zone of interest;
3366 * the sysid-space is global across zones, so the sysid will map to exactly one
3367 * zone, and we'll return information for that zone.
3368 */
3370 locklist_t *
3372 {
3374 ALL_ZONES));
3375 }
3377 locklist_t *
3379 {
3381 ALL_ZONES));
3382 }
3384 /*
3385 * Another interface to get_lock_list. This one returns all the active
3386 * locks for a given vnode. Again, see get_lock_list for details.
3387 *
3388 * We don't need to specify which zone's locks we're interested in. The matter
3389 * would only be interesting if the vnode belonged to NFS, and NFS vnodes can't
3390 * be used by multiple zones, so the list of locks will all be from the right
3391 * zone.
3392 */
3394 locklist_t *
3396 {
3398 ALL_ZONES));
3399 }
3401 /*
3402 * Another interface to get_lock_list. This one returns all the active
3403 * nbmand locks for a given vnode. Again, see get_lock_list for details.
3404 *
3405 * See the comment for flk_active_locks_for_vp() for why we don't care to
3406 * specify the particular zone of interest.
3407 */
3408 locklist_t *
3410 {
3413 }
3415 /*
3416 * Another interface to get_lock_list. This one returns all the active
3417 * nbmand locks for a given pid. Again, see get_lock_list for details.
3418 *
3419 * The zone doesn't need to be specified here; the locks held by a
3420 * particular process will either be local (ie, non-NFS) or from the zone
3421 * the process is executing in. This is because other parts of the system
3422 * ensure that an NFS vnode can't be used in a zone other than that in
3423 * which it was opened.
3424 */
3425 locklist_t *
3427 {
3430 }
3432 /*
3433 * Free up all entries in the locklist.
3434 */
3435 void
3437 {
3445 }
3446 }
3448 /*
3449 * Find all sleeping lock manager requests and poke them.
3450 */
3451 static void
3453 {
3466 }
3476 }
3477 }
3479 }
3480 }
3483 /*
3484 * Find all active (granted) lock manager locks and release them.
3485 */
3486 static void
3488 {
3501 }
3514 }
3515 }
3517 }
3518 }
3521 /*
3522 * Wait until a lock is granted, cancelled, or interrupted.
3523 */
3525 static void
3527 {
3537 }
3538 }
3539 }
3541 /*
3542 * Create an flock structure from the existing lock information
3543 *
3544 * This routine is used to create flock structures for the lock manager
3545 * to use in a reclaim request. Since the lock was originated on this
3546 * host, it must be conforming to UNIX semantics, so no checking is
3547 * done to make sure it falls within the lower half of the 32-bit range.
3548 */
3550 static void
3552 {
3563 }
3565 /*
3566 * Convert flock_t data describing a lock range into unsigned long starting
3567 * and ending points, which are put into lock_request. Returns 0 or an
3568 * errno value.
3569 */
3571 int
3574 {
3578 /*
3579 * Determine the starting point of the request
3580 */
3596 }
3598 /*
3599 * Determine the range covered by the request.
3600 */
3606 /*
3607 * Negative length; why do we even allow this ?
3608 * Because this allows easy specification of
3609 * the last n bytes of the file.
3610 */
3614 }
3616 }
3618 /*
3619 * Check the validity of lock data. This can used by the NFS
3620 * frlock routines to check data before contacting the server. The
3621 * server must support semantics that aren't as restrictive as
3622 * the UNIX API, so the NFS client is required to check.
3623 * The maximum is now passed in by the caller.
3624 */
3626 int
3628 {
3629 /*
3630 * The end (length) for local locking should never be greater
3631 * than MAXEND. However, the representation for
3632 * the entire file is MAX_U_OFFSET_T.
3633 */
3637 }
3640 }
3642 }
3644 /*
3645 * Fill in request->l_flock with information about the lock blocking the
3646 * request. The complexity here is that lock manager requests are allowed
3647 * to see into the upper part of the 32-bit address range, whereas local
3648 * requests are only allowed to see signed values.
3649 *
3650 * What should be done when "blocker" is a lock manager lock that uses the
3651 * upper portion of the 32-bit range, but "request" is local? Since the
3652 * request has already been determined to have been blocked by the blocker,
3653 * at least some portion of "blocker" must be in the range of the request,
3654 * or the request extends to the end of file. For the first case, the
3655 * portion in the lower range is returned with the indication that it goes
3656 * "to EOF." For the second case, the last byte of the lower range is
3657 * returned with the indication that it goes "to EOF."
3658 */
3660 static void
3662 {
3678 else
3688 else
3691 }
3692 }
3693 }
3695 /*
3696 * Return non-zero if the given I/O request conflicts with an active NBMAND
3697 * lock.
3698 * If svmand is non-zero, it means look at all active locks, not just NBMAND
3699 * locks.
3700 */
3702 int
3705 {
3709 pid_t pid;
3718 }
3737 }
3738 }
3742 }
3744 /*
3745 * Return non-zero if the given I/O request conflicts with the given lock.
3746 */
3748 static int
3751 {
3764 }
3766 #ifdef DEBUG
3767 static void
3769 {
3785 }
3798 }
3799 }
3800 }
3801 }
3802 }
3804 /*
3805 * Effect: This functions checks to see if the transition from 'old_state' to
3806 * 'new_state' is a valid one. It returns 0 if the transition is valid
3807 * and 1 if it is not.
3808 * For a map of valid transitions, see sys/flock_impl.h
3809 */
3810 static int
3812 {
3822 }
3829 }
3835 }
3843 }
3851 }
3858 }
3864 }
3866 /* May be set more than once */
3871 }
3874 }
3875 }
3877 static void
3879 {
3892 }
3893 }
3894 }
3904 }
3905 }
3906 }
3911 }
3912 }
3913 }
3915 static int
3917 {
3933 }
3946 }
3947 }
3949 }
3951 static void
3953 {
3956 /* Ignore OFD style locks since they're not process-wide. */
3970 }
3971 }
3982 }
3983 }
3984 }
3986 static int
3988 {
3994 else
3996 }
3998 }
4000 static int
4002 {
4004 }
4006 static void
4008 {
4014 }
4019 }
4020 }