2005-10-12 17:07:38 +02:00
|
|
|
/* Reincarnation Server. This servers starts new system services and detects
|
|
|
|
* they are exiting. In case of errors, system services can be restarted.
|
|
|
|
* The RS server periodically checks the status of all registered services
|
|
|
|
* services to see whether they are still alive. The system services are
|
|
|
|
* expected to periodically send a heartbeat message.
|
|
|
|
*
|
|
|
|
* Created:
|
|
|
|
* Jul 22, 2005 by Jorrit N. Herder
|
|
|
|
*/
|
2005-10-20 22:31:18 +02:00
|
|
|
#include "inc.h"
|
2007-04-23 16:43:25 +02:00
|
|
|
#include <fcntl.h>
|
endpoint-aware conversion of servers.
'who', indicating caller number in pm and fs and some other servers, has
been removed in favour of 'who_e' (endpoint) and 'who_p' (proc nr.).
In both PM and FS, isokendpt() convert endpoints to process slot
numbers, returning OK if it was a valid and consistent endpoint number.
okendpt() does the same but panic()s if it doesn't succeed. (In PM,
this is pm_isok..)
pm and fs keep their own records of process endpoints in their proc tables,
which are needed to make kernel calls about those processes.
message field names have changed.
fs drivers are endpoints.
fs now doesn't try to get out of driver deadlock, as the protocol isn't
supposed to let that happen any more. (A warning is printed if ELOCKED
is detected though.)
fproc[].fp_task (indicating which driver the process is suspended on)
became an int.
PM and FS now get endpoint numbers of initial boot processes from the
kernel. These happen to be the same as the old proc numbers, to let
user processes reach them with the old numbers, but FS and PM don't know
that. All new processes after INIT, even after the generation number
wraps around, get endpoint numbers with generation 1 and higher, so
the first instances of the boot processes are the only processes ever
to have endpoint numbers in the old proc number range.
More return code checks of sys_* functions have been added.
IS has become endpoint-aware. Ditched the 'text' and 'data' fields
in the kernel dump (which show locations, not sizes, so aren't terribly
useful) in favour of the endpoint number. Proc number is still visible.
Some other dumps (e.g. dmap, rs) show endpoint numbers now too which got
the formatting changed.
PM reading segments using rw_seg() has changed - it uses other fields
in the message now instead of encoding the segment and process number and
fd in the fd field. For that it uses _read_pm() and _write_pm() which to
_taskcall()s directly in pm/misc.c.
PM now sys_exit()s itself on panic(), instead of sys_abort().
RS also talks in endpoints instead of process numbers.
2006-03-03 11:20:58 +01:00
|
|
|
#include <minix/endpoint.h>
|
2005-10-12 17:07:38 +02:00
|
|
|
#include "../../kernel/const.h"
|
|
|
|
#include "../../kernel/type.h"
|
|
|
|
|
|
|
|
/* Declare some local functions. */
|
|
|
|
FORWARD _PROTOTYPE(void init_server, (void) );
|
2006-03-10 17:10:05 +01:00
|
|
|
FORWARD _PROTOTYPE(void sig_handler, (void) );
|
2005-10-12 17:07:38 +02:00
|
|
|
FORWARD _PROTOTYPE(void get_work, (message *m) );
|
2006-10-25 15:40:36 +02:00
|
|
|
FORWARD _PROTOTYPE(void reply, (int whom, message *m_out) );
|
2005-10-12 17:07:38 +02:00
|
|
|
|
|
|
|
/* Data buffers to retrieve info during initialization. */
|
|
|
|
PRIVATE struct boot_image image[NR_BOOT_PROCS];
|
|
|
|
|
2007-04-02 16:45:56 +02:00
|
|
|
long rs_verbose = 0;
|
2007-02-16 16:50:30 +01:00
|
|
|
|
2005-10-12 17:07:38 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* main *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC int main(void)
|
|
|
|
{
|
|
|
|
/* This is the main routine of this service. The main loop consists of
|
|
|
|
* three major activities: getting new work, processing the work, and
|
|
|
|
* sending the reply. The loop never terminates, unless a panic occurs.
|
|
|
|
*/
|
|
|
|
message m; /* request message */
|
endpoint-aware conversion of servers.
'who', indicating caller number in pm and fs and some other servers, has
been removed in favour of 'who_e' (endpoint) and 'who_p' (proc nr.).
In both PM and FS, isokendpt() convert endpoints to process slot
numbers, returning OK if it was a valid and consistent endpoint number.
okendpt() does the same but panic()s if it doesn't succeed. (In PM,
this is pm_isok..)
pm and fs keep their own records of process endpoints in their proc tables,
which are needed to make kernel calls about those processes.
message field names have changed.
fs drivers are endpoints.
fs now doesn't try to get out of driver deadlock, as the protocol isn't
supposed to let that happen any more. (A warning is printed if ELOCKED
is detected though.)
fproc[].fp_task (indicating which driver the process is suspended on)
became an int.
PM and FS now get endpoint numbers of initial boot processes from the
kernel. These happen to be the same as the old proc numbers, to let
user processes reach them with the old numbers, but FS and PM don't know
that. All new processes after INIT, even after the generation number
wraps around, get endpoint numbers with generation 1 and higher, so
the first instances of the boot processes are the only processes ever
to have endpoint numbers in the old proc number range.
More return code checks of sys_* functions have been added.
IS has become endpoint-aware. Ditched the 'text' and 'data' fields
in the kernel dump (which show locations, not sizes, so aren't terribly
useful) in favour of the endpoint number. Proc number is still visible.
Some other dumps (e.g. dmap, rs) show endpoint numbers now too which got
the formatting changed.
PM reading segments using rw_seg() has changed - it uses other fields
in the message now instead of encoding the segment and process number and
fd in the fd field. For that it uses _read_pm() and _write_pm() which to
_taskcall()s directly in pm/misc.c.
PM now sys_exit()s itself on panic(), instead of sys_abort().
RS also talks in endpoints instead of process numbers.
2006-03-03 11:20:58 +01:00
|
|
|
int call_nr, who_e,who_p; /* call number and caller */
|
2005-10-12 17:07:38 +02:00
|
|
|
int result; /* result to return */
|
|
|
|
sigset_t sigset; /* system signal set */
|
|
|
|
int s;
|
2007-04-27 14:27:40 +02:00
|
|
|
uid_t euid;
|
2005-10-12 17:07:38 +02:00
|
|
|
|
|
|
|
/* Initialize the server, then go to work. */
|
|
|
|
init_server();
|
|
|
|
|
|
|
|
/* Main loop - get work and do it, forever. */
|
|
|
|
while (TRUE) {
|
|
|
|
|
|
|
|
/* Wait for request message. */
|
|
|
|
get_work(&m);
|
endpoint-aware conversion of servers.
'who', indicating caller number in pm and fs and some other servers, has
been removed in favour of 'who_e' (endpoint) and 'who_p' (proc nr.).
In both PM and FS, isokendpt() convert endpoints to process slot
numbers, returning OK if it was a valid and consistent endpoint number.
okendpt() does the same but panic()s if it doesn't succeed. (In PM,
this is pm_isok..)
pm and fs keep their own records of process endpoints in their proc tables,
which are needed to make kernel calls about those processes.
message field names have changed.
fs drivers are endpoints.
fs now doesn't try to get out of driver deadlock, as the protocol isn't
supposed to let that happen any more. (A warning is printed if ELOCKED
is detected though.)
fproc[].fp_task (indicating which driver the process is suspended on)
became an int.
PM and FS now get endpoint numbers of initial boot processes from the
kernel. These happen to be the same as the old proc numbers, to let
user processes reach them with the old numbers, but FS and PM don't know
that. All new processes after INIT, even after the generation number
wraps around, get endpoint numbers with generation 1 and higher, so
the first instances of the boot processes are the only processes ever
to have endpoint numbers in the old proc number range.
More return code checks of sys_* functions have been added.
IS has become endpoint-aware. Ditched the 'text' and 'data' fields
in the kernel dump (which show locations, not sizes, so aren't terribly
useful) in favour of the endpoint number. Proc number is still visible.
Some other dumps (e.g. dmap, rs) show endpoint numbers now too which got
the formatting changed.
PM reading segments using rw_seg() has changed - it uses other fields
in the message now instead of encoding the segment and process number and
fd in the fd field. For that it uses _read_pm() and _write_pm() which to
_taskcall()s directly in pm/misc.c.
PM now sys_exit()s itself on panic(), instead of sys_abort().
RS also talks in endpoints instead of process numbers.
2006-03-03 11:20:58 +01:00
|
|
|
who_e = m.m_source;
|
|
|
|
who_p = _ENDPOINT_P(who_e);
|
|
|
|
if(who_p < -NR_TASKS || who_p >= NR_PROCS)
|
|
|
|
panic("RS","message from bogus source", who_e);
|
|
|
|
|
2005-10-12 17:07:38 +02:00
|
|
|
call_nr = m.m_type;
|
|
|
|
|
|
|
|
/* Now determine what to do. Three types of requests are expected:
|
|
|
|
* - Heartbeat messages (notifications from registered system services)
|
|
|
|
* - System notifications (POSIX signals or synchronous alarm)
|
|
|
|
* - User requests (control messages to manage system services)
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Notification messages are control messages and do not need a reply.
|
|
|
|
* These include heartbeat messages and system notifications.
|
|
|
|
*/
|
|
|
|
if (m.m_type & NOTIFY_MESSAGE) {
|
|
|
|
switch (call_nr) {
|
|
|
|
case SYN_ALARM:
|
|
|
|
do_period(&m); /* check drivers status */
|
2005-10-21 15:28:26 +02:00
|
|
|
continue;
|
2006-03-10 17:10:05 +01:00
|
|
|
case PROC_EVENT:
|
|
|
|
sig_handler();
|
2005-10-21 15:28:26 +02:00
|
|
|
continue;
|
2005-10-12 17:07:38 +02:00
|
|
|
default: /* heartbeat notification */
|
endpoint-aware conversion of servers.
'who', indicating caller number in pm and fs and some other servers, has
been removed in favour of 'who_e' (endpoint) and 'who_p' (proc nr.).
In both PM and FS, isokendpt() convert endpoints to process slot
numbers, returning OK if it was a valid and consistent endpoint number.
okendpt() does the same but panic()s if it doesn't succeed. (In PM,
this is pm_isok..)
pm and fs keep their own records of process endpoints in their proc tables,
which are needed to make kernel calls about those processes.
message field names have changed.
fs drivers are endpoints.
fs now doesn't try to get out of driver deadlock, as the protocol isn't
supposed to let that happen any more. (A warning is printed if ELOCKED
is detected though.)
fproc[].fp_task (indicating which driver the process is suspended on)
became an int.
PM and FS now get endpoint numbers of initial boot processes from the
kernel. These happen to be the same as the old proc numbers, to let
user processes reach them with the old numbers, but FS and PM don't know
that. All new processes after INIT, even after the generation number
wraps around, get endpoint numbers with generation 1 and higher, so
the first instances of the boot processes are the only processes ever
to have endpoint numbers in the old proc number range.
More return code checks of sys_* functions have been added.
IS has become endpoint-aware. Ditched the 'text' and 'data' fields
in the kernel dump (which show locations, not sizes, so aren't terribly
useful) in favour of the endpoint number. Proc number is still visible.
Some other dumps (e.g. dmap, rs) show endpoint numbers now too which got
the formatting changed.
PM reading segments using rw_seg() has changed - it uses other fields
in the message now instead of encoding the segment and process number and
fd in the fd field. For that it uses _read_pm() and _write_pm() which to
_taskcall()s directly in pm/misc.c.
PM now sys_exit()s itself on panic(), instead of sys_abort().
RS also talks in endpoints instead of process numbers.
2006-03-03 11:20:58 +01:00
|
|
|
if (rproc_ptr[who_p] != NULL) /* mark heartbeat time */
|
|
|
|
rproc_ptr[who_p]->r_alive_tm = m.NOTIFY_TIMESTAMP;
|
2005-10-12 17:07:38 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If this is not a notification message, it is a normal request.
|
|
|
|
* Handle the request and send a reply to the caller.
|
|
|
|
*/
|
2008-02-21 17:20:22 +01:00
|
|
|
else {
|
2009-05-08 14:38:14 +02:00
|
|
|
if (call_nr != GETSYSINFO &&
|
|
|
|
(call_nr < RS_RQ_BASE || call_nr >= RS_RQ_BASE+0x100))
|
2008-02-21 17:20:22 +01:00
|
|
|
{
|
|
|
|
/* Ignore invalid requests. Do not try to reply. */
|
|
|
|
printf("RS: got invalid request %d from endpoint %d\n",
|
|
|
|
call_nr, m.m_source);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2007-04-27 14:27:40 +02:00
|
|
|
/* Only root can make calls to rs */
|
|
|
|
euid= getpeuid(m.m_source);
|
|
|
|
if (euid != 0)
|
|
|
|
{
|
2008-02-21 17:20:22 +01:00
|
|
|
printf("RS: got unauthorized request %d from endpoint %d\n",
|
|
|
|
call_nr, m.m_source);
|
2007-04-27 14:27:40 +02:00
|
|
|
m.m_type = EPERM;
|
|
|
|
reply(who_e, &m);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2005-10-12 17:07:38 +02:00
|
|
|
switch(call_nr) {
|
2006-08-15 17:54:51 +02:00
|
|
|
case RS_UP: result = do_up(&m, FALSE, 0); break;
|
|
|
|
case RS_UP_COPY: result = do_up(&m, TRUE, 0); break;
|
2006-10-20 17:01:32 +02:00
|
|
|
case RS_START: result = do_start(&m); break;
|
2005-10-21 15:28:26 +02:00
|
|
|
case RS_DOWN: result = do_down(&m); break;
|
|
|
|
case RS_REFRESH: result = do_refresh(&m); break;
|
2006-10-20 17:01:32 +02:00
|
|
|
case RS_RESTART: result = do_restart(&m); break;
|
2005-10-21 15:28:26 +02:00
|
|
|
case RS_SHUTDOWN: result = do_shutdown(&m); break;
|
|
|
|
case GETSYSINFO: result = do_getsysinfo(&m); break;
|
2005-10-12 17:07:38 +02:00
|
|
|
default:
|
|
|
|
printf("Warning, RS got unexpected request %d from %d\n",
|
|
|
|
m.m_type, m.m_source);
|
|
|
|
result = EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Finally send reply message, unless disabled. */
|
|
|
|
if (result != EDONTREPLY) {
|
2006-10-25 15:40:36 +02:00
|
|
|
m.m_type = result;
|
|
|
|
reply(who_e, &m);
|
2005-10-12 17:07:38 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* init_server *
|
|
|
|
*===========================================================================*/
|
|
|
|
PRIVATE void init_server(void)
|
|
|
|
{
|
|
|
|
/* Initialize the reincarnation server. */
|
|
|
|
struct sigaction sa;
|
|
|
|
struct boot_image *ip;
|
|
|
|
int s,t;
|
|
|
|
|
|
|
|
/* Install signal handlers. Ask PM to transform signal into message. */
|
|
|
|
sa.sa_handler = SIG_MESS;
|
|
|
|
sigemptyset(&sa.sa_mask);
|
|
|
|
sa.sa_flags = 0;
|
|
|
|
if (sigaction(SIGCHLD,&sa,NULL)<0) panic("RS","sigaction failed", errno);
|
|
|
|
if (sigaction(SIGTERM,&sa,NULL)<0) panic("RS","sigaction failed", errno);
|
|
|
|
|
|
|
|
/* Initialize the system process table. Use the boot image from the kernel
|
|
|
|
* and the device map from the FS to gather all needed information.
|
|
|
|
*/
|
|
|
|
if ((s = sys_getimage(image)) != OK)
|
|
|
|
panic("RS","warning: couldn't get copy of image table", s);
|
|
|
|
|
|
|
|
/* Set alarm to periodically check driver status. */
|
2005-10-20 22:31:18 +02:00
|
|
|
if (OK != (s=sys_setalarm(RS_DELTA_T, 0)))
|
2005-10-12 17:07:38 +02:00
|
|
|
panic("RS", "couldn't set alarm", s);
|
|
|
|
|
2007-02-16 16:50:30 +01:00
|
|
|
/* See if we run in verbose mode. */
|
|
|
|
env_parse("rs_verbose", "d", 0, &rs_verbose, 0, 1);
|
2007-04-23 16:43:25 +02:00
|
|
|
|
|
|
|
/* Initialize the exec pipe. */
|
|
|
|
if (pipe(exec_pipe) == -1)
|
|
|
|
panic("RS", "pipe failed", errno);
|
|
|
|
if (fcntl(exec_pipe[0], F_SETFD,
|
|
|
|
fcntl(exec_pipe[0], F_GETFD) | FD_CLOEXEC) == -1)
|
|
|
|
{
|
|
|
|
panic("RS", "fcntl set FD_CLOEXEC on pipe input failed", errno);
|
|
|
|
}
|
|
|
|
if (fcntl(exec_pipe[1], F_SETFD,
|
|
|
|
fcntl(exec_pipe[1], F_GETFD) | FD_CLOEXEC) == -1)
|
|
|
|
{
|
|
|
|
panic("RS", "fcntl set FD_CLOEXEC on pipe output failed", errno);
|
|
|
|
}
|
|
|
|
if (fcntl(exec_pipe[0], F_SETFL,
|
|
|
|
fcntl(exec_pipe[0], F_GETFL) | O_NONBLOCK) == -1)
|
|
|
|
{
|
|
|
|
panic("RS", "fcntl set O_NONBLOCK on pipe input failed", errno);
|
|
|
|
}
|
2005-10-12 17:07:38 +02:00
|
|
|
}
|
|
|
|
|
2006-03-10 17:10:05 +01:00
|
|
|
/*===========================================================================*
|
|
|
|
* sig_handler *
|
|
|
|
*===========================================================================*/
|
|
|
|
PRIVATE void sig_handler()
|
|
|
|
{
|
|
|
|
sigset_t sigset;
|
|
|
|
int sig;
|
|
|
|
|
|
|
|
/* Try to obtain signal set from PM. */
|
|
|
|
if (getsigset(&sigset) != 0) return;
|
|
|
|
|
|
|
|
/* Check for known signals. */
|
|
|
|
if (sigismember(&sigset, SIGCHLD)) do_exit(NULL);
|
|
|
|
if (sigismember(&sigset, SIGTERM)) do_shutdown(NULL);
|
|
|
|
}
|
2005-10-12 17:07:38 +02:00
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* get_work *
|
|
|
|
*===========================================================================*/
|
|
|
|
PRIVATE void get_work(m_in)
|
|
|
|
message *m_in; /* pointer to message */
|
|
|
|
{
|
|
|
|
int s; /* receive status */
|
|
|
|
if (OK != (s=receive(ANY, m_in))) /* wait for message */
|
|
|
|
panic("RS","receive failed", s);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* reply *
|
|
|
|
*===========================================================================*/
|
2006-10-25 15:40:36 +02:00
|
|
|
PRIVATE void reply(who, m_out)
|
2005-10-12 17:07:38 +02:00
|
|
|
int who; /* replyee */
|
2006-10-25 15:40:36 +02:00
|
|
|
message *m_out; /* reply message */
|
2005-10-12 17:07:38 +02:00
|
|
|
{
|
|
|
|
int s; /* send status */
|
|
|
|
|
2008-02-21 17:20:22 +01:00
|
|
|
s = sendnb(who, m_out); /* send the message */
|
|
|
|
if (s != OK)
|
|
|
|
printf("RS: unable to send reply to %d: %d\n", who, s);
|
2005-10-12 17:07:38 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2006-10-25 15:40:36 +02:00
|
|
|
|