upstream/oracle/onnv-gate-zfscrypto: comparison usr/src/lib/brand/solaris10/s10_support/s10

equal deleted inserted replaced

-:222dd376dd6c
+:a15cace5f27d
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
 /*
-* Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
+* Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
-* Use is subject to license terms.
 */
 /*
 * s10_support is a small cli utility used to perform some brand-specific
 * tasks when verifying a zone.  This utility is not intended to be called
 */
 static boolean_t override = B_FALSE;
 static char *bname = NULL;
+/*
+* DELETE_LIST_PATH represents the path to a solaris10-branded zone's "delete
+* list", which is generated by patchrm when it needs to remove files after
+* the zone reboots.  See set_zone_emul_bitmap() below for additional details.
+*/
+#define	DELETE_LIST_PATH	"/var/sadm/patch/.delete_list"
 #define	PKGINFO_RD_LEN	128
 #define	PATCHLIST	"PATCHLIST="
 #if !defined(TEXT_DOMAIN)		/* should be defined by cc -D */
 #define	TEXT_DOMAIN	"SYS_TEST"	/* Use this only if it wasn't */
 	return (B_FALSE);
 }
 /*
+* Convert the specified file basename into an unsigned integer.  If the
+* basename contains characters that cannot be converted into digits or the
+* basename isn't NULL or newline-terminated, then this function returns
+* the unsigned equivalent of -1.
+*/
+static unsigned int
+basename_to_uint(const char *basenamep)
+{
+	char *filename_endptr;
+	unsigned int bit_index;
+	errno = 0;
+	bit_index = (unsigned int)strtoul(basenamep, &filename_endptr, 10);
+	if (errno != 0 || (*filename_endptr != '\n' &&
+	    *filename_endptr != '\0') || filename_endptr == basenamep)
+		return ((unsigned int)-1);
+	return (bit_index);
+}
+/*
 * Determine which features/behaviors should be emulated and construct a bitmap
 * representing the results.  Associate the bitmap with the zone so that
 * the brand's emulation library will be able to retrieve the bitmap and
 * determine how the zone's process' behaviors should be emulated.
 *
 * This function does not return if an error occurs.
 */
 static void
 set_zone_emul_bitmap(char *zonename)
 {
-	char			req_emulation_dir_path[MAXPATHLEN];
+	char			zoneroot[MAXPATHLEN];
+	char			path[MAXPATHLEN];
 	DIR			*req_emulation_dirp;
 	struct dirent		*emul_feature_filep;
-	char			*filename_endptr;
 	s10_emul_bitmap_t	bitmap;
 	unsigned int		bit_index;
 	zoneid_t		zoneid;
+	FILE			*delete_listp;
 	/*
 	 * If the Solaris 10 directory containing emulation feature files
 	 * doesn't exist in the zone, then assume that it only needs the
 	 * most basic emulation and, therefore, doesn't need a bitmap.
 	 */
-	if (zone_get_rootpath(zonename, req_emulation_dir_path,
+	if (zone_get_rootpath(zonename, zoneroot, sizeof (zoneroot)) != Z_OK)
-	    sizeof (req_emulation_dir_path)) != Z_OK)
 		s10_err(gettext("error getting zone's path"));
-	if (strlcat(req_emulation_dir_path, S10_REQ_EMULATION_DIR,
+	if (snprintf(path, sizeof (path), "%s" S10_REQ_EMULATION_DIR,
-	    sizeof (req_emulation_dir_path)) >= sizeof (req_emulation_dir_path))
+	    zoneroot) >= sizeof (path))
-		s10_err(gettext("error formatting version path"));
+		s10_err(gettext("zone's emulation versioning directory's path "
-	if ((req_emulation_dirp = opendir(req_emulation_dir_path)) == NULL)
+		    "%s" S10_REQ_EMULATION_DIR " is too long"), zoneroot);
+	if ((req_emulation_dirp = opendir(path)) == NULL)
 		return;
 	bzero(bitmap, sizeof (bitmap));
 	/*
 	 * Iterate over the contents of the directory and determine which
 		/*
 		 * Convert the file's name to an unsigned integer.  Ignore
 		 * files whose names aren't unsigned integers.
 		 */
-		errno = 0;
+		bit_index = basename_to_uint(emul_feature_filep->d_name);
-		bit_index = (unsigned int)strtoul(emul_feature_filep->d_name,
+		if (bit_index == (unsigned int)-1)
-		    &filename_endptr, 10);
-		if (errno != 0 || *filename_endptr != '\0' ||
-		    filename_endptr == emul_feature_filep->d_name)
 			continue;
 		/*
 		 * Determine if the brand can emulate the feature specified
 		 * by bit_index.
 			 * Set the feature's flag in the bitmap.
 			 */
 			bitmap[(bit_index >> 3)] |= (1 << (bit_index & 0x7));
 		}
 	}
+	(void) closedir(req_emulation_dirp);
+	/*
+	 * The zone's administrator might have removed a patch that delivered
+	 * an emulation feature file the last time the zone ran.  If so, then
+	 * the zone's patch utilities won't delete the file until the zone's
+	 * svc:/system/patch-finish:delete SMF service runs.  This is
+	 * problematic because the zone will be using system libraries whose
+	 * ioctl structures and syscall invocations will differ from those
+	 * expected by the emulation library.  For example, if an administrator
+	 * removes a patch that affects the formats of MNTFS ioctls, then the
+	 * administrator's zone will use a version of libc.so.1 that issues
+	 * MNTFS ioctls that use older structure versions than the zone's
+	 * emulation library will expect.
+	 *
+	 * Fortunately, the patchrm utility creates a hidden file,
+	 * /var/sadm/patch/.delete_list, which lists all files that
+	 * svc:/system/patch-finish:delete will delete.  We'll determine whether
+	 * this file exists in the zone and disable the emulation bits
+	 * associated with the emulation feature files that will be deleted.
+	 *
+	 * NOTE: The patch tools lofs mount backup copies of critical system
+	 * libraries, such as /lib/libc.so.1, over their replacements whenever
+	 * administrators add or remove DAP patches.  Consequently, there isn't
+	 * a window of vulnerability between patch addition or removal and
+	 * zone reboot.  The aforementioned problem only occurs after a zone
+	 * reboots.
+	 */
+	if (snprintf(path, sizeof (path), "%s" DELETE_LIST_PATH, zoneroot) >=
+	    sizeof (path))
+		s10_err(gettext("zone's delete list's path %s" DELETE_LIST_PATH
+		    " is too long"), zoneroot);
+	if ((delete_listp = fopen(path, "r")) != NULL) {
+		while (fgets(path, sizeof (path), delete_listp) != NULL) {
+			char *const basenamep = path +
+			    sizeof (S10_REQ_EMULATION_DIR);
+			/*
+			 * Make sure that the file is in the directory
+			 * containing emulation feature files.  If it is,
+			 * then basenamep should refer to the basename of
+			 * the file.
+			 */
+			if (strncmp(path, S10_REQ_EMULATION_DIR,
+			    sizeof (S10_REQ_EMULATION_DIR) - 1) != 0)
+				continue;
+			if (*(basenamep - 1) != '/')
+				continue;
+			/*
+			 * Convert the file's basename into a bit index in
+			 * the emulation bitmap.  If the file's basename isn't
+			 * integral, then skip the file.  Otherwise, clear the
+			 * corresponding bit in the bitmap.
+			 */
+			bit_index = basename_to_uint(basenamep);
+			if (bit_index == (unsigned int)-1)
+				continue;
+			if (bit_index < S10_NUM_EMUL_FEATURES)
+				bitmap[(bit_index >> 3)] &=
+				    ~(1 << (bit_index & 0x7));
+		}
+		if (ferror(delete_listp) != 0 || feof(delete_listp) == 0)
+			s10_err(gettext("The program encountered an error while"
+			    " reading from %s" DELETE_LIST_PATH "."), zoneroot);
+		(void) fclose(delete_listp);
+	} else if (errno != ENOENT) {
+		/*
+		 * The delete list exists but couldn't be opened.  Warn the
+		 * administrator.
+		 */
+		s10_err(gettext("Unable to open %s" DELETE_LIST_PATH ": %s"),
+		    zoneroot, strerror(errno));
+	}
 	/*
 	 * We're done scanning files.  Set the zone's emulation bitmap.
 	 */
-	(void) closedir(req_emulation_dirp);
 	if ((zoneid = getzoneidbyname(zonename)) < 0)
 		s10_err(gettext("unable to get zoneid"));
 	if (zone_setattr(zoneid, S10_EMUL_BITMAP, bitmap, sizeof (bitmap)) != 0)
 		s10_err(gettext("error setting zone's emulation bitmap"));
 }

changeset 12433	a15cace5f27d
parent 11771	5d55cb57dff3
child 12463	5259ac7d9677