[apple/xnu.git] / bsd / kern / kern_shutdown.c

/*
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_OSREFERENCE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code 
 * as defined in and that are subject to the Apple Public Source License 
 * Version 2.0 (the 'License'). You may not use this file except in 
 * compliance with the License.  The rights granted to you under the 
 * License may not be used to create, or enable the creation or 
 * redistribution of, unlawful or unlicensed copies of an Apple operating 
 * system, or to circumvent, violate, or enable the circumvention or 
 * violation of, any terms of an Apple operating system software license 
 * agreement.
 *
 * Please obtain a copy of the License at 
 * http://www.opensource.apple.com/apsl/ and read it before using this 
 * file.
 *
 * The Original Code and all software distributed under the License are 
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
 * Please see the License for the specific language governing rights and 
 * limitations under the License.
 *
 * @APPLE_LICENSE_OSREFERENCE_HEADER_END@
 */
/*
 *	File:	bsd/kern/kern_shutdown.c
 *
 *	Copyright (C) 1989, NeXT, Inc.
 *
 */

#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/vm.h>
#include <sys/proc_internal.h>
#include <sys/user.h>
#include <sys/reboot.h>
#include <sys/conf.h>
#include <sys/vnode_internal.h>
#include <sys/file_internal.h>
#include <sys/clist.h>
#include <sys/callout.h>
#include <sys/mbuf.h>
#include <sys/msgbuf.h>
#include <sys/ioctl.h>
#include <sys/signal.h>
#include <sys/tty.h>
#include <kern/task.h>
#include <sys/quota.h>
#include <ufs/ufs/inode.h>
#if	NCPUS > 1
#include <kern/processor.h>
#include <kern/thread.h>
#include <sys/lock.h>
#endif	/* NCPUS > 1 */
#include <vm/vm_kern.h>
#include <mach/vm_param.h>
#include <sys/filedesc.h>
#include <mach/host_priv.h>
#include <mach/host_reboot.h>

#include <bsm/audit_kernel.h>

int	waittime = -1;
static void proc_shutdown();

void
boot(paniced, howto, command)
	int paniced, howto;
	char *command;
{
	register int i;
	int s;
	struct proc *p = current_proc();	/* XXX */
	int hostboot_option=0;
	int funnel_state;
	struct proc  *launchd_proc;

    extern void md_prepare_for_shutdown(int paniced, int howto, char * command);

	funnel_state = thread_funnel_set(kernel_flock, TRUE);

	md_prepare_for_shutdown(paniced, howto, command);

	if ((howto&RB_NOSYNC)==0 && waittime < 0) {
		int iter, nbusy;

		waittime = 0;
		
		printf("syncing disks... ");

		/*
		 * Release vnodes held by texts before sync.
		 */

		/* handle live procs (deallocate their root and current directories). */		
		proc_shutdown();

		audit_shutdown();

		sync(p, (void *)NULL, (int *)NULL);

		/*
		 * Now that all processes have been  termianted and system is sync'ed up, 
		 * suspend launchd
		 */

		launchd_proc = pfind(1);
		if (launchd_proc && p != launchd_proc) {
			task_suspend(launchd_proc->task);
		}

		/*
		 * Unmount filesystems
		 */
		vfs_unmountall();

		/* Wait for the buffer cache to clean remaining dirty buffers */
		for (iter = 0; iter < 100; iter++) {
			nbusy = count_busy_buffers();
			if (nbusy == 0)
				break;
			printf("%d ", nbusy);
			IOSleep( 1 * nbusy );
		}
		if (nbusy)
			printf("giving up\n");
		else
			printf("done\n");
	}

	/*
	 * Can't just use an splnet() here to disable the network
	 * because that will lock out softints which the disk
	 * drivers depend on to finish DMAs.
	 */
	if_down_all();

	if (howto & RB_POWERDOWN)
		hostboot_option = HOST_REBOOT_HALT;
	if (howto & RB_HALT)
		hostboot_option = HOST_REBOOT_HALT;
	if (paniced == RB_PANIC)
		hostboot_option = HOST_REBOOT_HALT;

	/*
	 * if we're going to power down due to a halt,
	 * give the disks a chance to finish getting
	 * the track cache flushed to the media... 
	 * unfortunately, some of our earlier drives
	 * don't properly hold off on returning 
	 * from the track flush command (issued by
	 * the unmounts) until it's actully fully
	 * committed.
	 */
	if (hostboot_option == HOST_REBOOT_HALT)
	        IOSleep( 1 * 1000 );

	host_reboot(host_priv_self(), hostboot_option);

	thread_funnel_set(kernel_flock, FALSE);
}

/*
 * proc_shutdown()
 *
 *	Shutdown down proc system (release references to current and root
 *	dirs for each process).
 *
 * POSIX modifications:
 *
 *	For POSIX fcntl() file locking call vno_lockrelease() on 
 *	the file to release all of its record locks, if any.
 */

static void
proc_shutdown()
{
	struct proc	*p, *self;
	struct vnode	**cdirp, **rdirp, *vp;
	int		restart, i, TERM_catch;
	int delayterm = 0;

	/*
	 *	Kill as many procs as we can.  (Except ourself...)
	 */
	self = (struct proc *)current_proc();
	
	/*
	 * Signal the init with SIGTERM so that he does not launch
	 * new processes 
	 */
	p = pfind(1);
	if (p && p != self) {
		psignal(p, SIGTERM);
	}

	printf("Killing all processes ");

	/*
	 * send SIGTERM to those procs interested in catching one
	 */
sigterm_loop:
	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	        if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate == 0)) {

			if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
				continue;
			}
		        if (p->p_sigcatch & sigmask(SIGTERM)) {
					p->p_shutdownstate = 1;
					if (proc_refinternal(p, 1) == p) {
			        	psignal(p, SIGTERM);
						proc_dropinternal(p, 1);
					}
				goto sigterm_loop;
		}
	}
	}
	/*
	 * now wait for up to 30 seconds to allow those procs catching SIGTERM
	 * to digest it
	 * as soon as these procs have exited, we'll continue on to the next step
	 */
	for (i = 0; i < 300; i++) {
	        /*
		 * sleep for a tenth of a second
		 * and then check to see if the tasks that were sent a
		 * SIGTERM have exited
		 */
		IOSleep(100);   
		TERM_catch = 0;

		for (p = allproc.lh_first; p; p = p->p_list.le_next) {
			if (p->p_shutdownstate == 1) {
				TERM_catch++;
			}
		}
		if (TERM_catch == 0)
		        break;
	}
	if (TERM_catch) {
		/*
		 * log the names of the unresponsive tasks
		 */

	        for (p = allproc.lh_first; p; p = p->p_list.le_next) {
			if (p->p_shutdownstate == 1) {
				  printf("%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
			}
		}
		IOSleep(1000 * 5);
	}

	/*
	 * send a SIGKILL to all the procs still hanging around
	 */
sigkill_loop:
	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	        if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate != 2)) {

			if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
				continue;
			}
			if (proc_refinternal(p, 1) == p) {
				psignal(p, SIGKILL);
				proc_dropinternal(p, 1);
			}
			p->p_shutdownstate = 2;
			goto sigkill_loop;
		}
	}
	/*
	 * wait for up to 60 seconds to allow these procs to exit normally
	 */
	for (i = 0; i < 300; i++) {
		IOSleep(200);  /* double the time from 100 to 200 for NFS requests in particular */

	        for (p = allproc.lh_first; p; p = p->p_list.le_next) {
				if (p->p_shutdownstate == 2)
			        break;
		}
		if (!p)
		        break;
	}

	/*
	 * if we still have procs that haven't exited, then brute force 'em
	 */
	p = allproc.lh_first;
	while (p) {
	        if ((p->p_shutdownstate == 3) || (p->p_flag&P_SYSTEM) || (!delayterm && ((p->p_lflag& P_LDELAYTERM))) 
				|| (p->p_pptr->p_pid == 0) || (p == self)) {
		        p = p->p_list.le_next;
		}
		else {
			p->p_shutdownstate = 3;
		        /*
			 * NOTE: following code ignores sig_lock and plays
			 * with exit_thread correctly.  This is OK unless we
			 * are a multiprocessor, in which case I do not
			 * understand the sig_lock.  This needs to be fixed.
			 * XXX
			 */
			if (p->exit_thread) {	/* someone already doing it */
				/* give him a chance */
				thread_block(THREAD_CONTINUE_NULL);
			} else {
				p->exit_thread = current_thread();
				printf(".");
				if (proc_refinternal(p, 1) == p) {
					exit1(p, 1, (int *)NULL);
					proc_dropinternal(p, 1);
				}
			}
			p = allproc.lh_first;
		}
	}
	printf("\n");


	/* Now start the termination of processes that are marked for delayed termn */
	if (delayterm == 0) {
		delayterm = 1;
		goto  sigterm_loop;
	}
	printf("continuing\n");
}
Commit	Line	Data
1c79356b	1	/*
8ad349bb	2	* Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
1c79356b	3	*
8ad349bb	4	* @APPLE_LICENSE_OSREFERENCE_HEADER_START@
1c79356b	5	*
8ad349bb A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the
	10	* License may not be used to create, or enable the creation or
	11	* redistribution of, unlawful or unlicensed copies of an Apple operating
	12	* system, or to circumvent, violate, or enable the circumvention or
	13	* violation of, any terms of an Apple operating system software license
	14	* agreement.
	15	*
	16	* Please obtain a copy of the License at
	17	* http://www.opensource.apple.com/apsl/ and read it before using this
	18	* file.
	19	*
	20	* The Original Code and all software distributed under the License are
	21	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	22	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	23	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	24	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	25	* Please see the License for the specific language governing rights and
	26	* limitations under the License.
	27	*
	28	* @APPLE_LICENSE_OSREFERENCE_HEADER_END@
1c79356b A	29	*/
	30	/*
	31	* File: bsd/kern/kern_shutdown.c
	32	*
	33	* Copyright (C) 1989, NeXT, Inc.
	34	*
	35	*/
	36
	37	#include <sys/param.h>
	38	#include <sys/systm.h>
	39	#include <sys/kernel.h>
	40	#include <sys/vm.h>
91447636	41	#include <sys/proc_internal.h>
1c79356b	42	#include <sys/user.h>
1c79356b A	43	#include <sys/reboot.h>
1c79356b A	44	#include <sys/conf.h>
91447636 A	45	#include <sys/vnode_internal.h>
91447636 A	46	#include <sys/file_internal.h>
1c79356b A	47	#include <sys/clist.h>
	48	#include <sys/callout.h>
	49	#include <sys/mbuf.h>
	50	#include <sys/msgbuf.h>
	51	#include <sys/ioctl.h>
	52	#include <sys/signal.h>
	53	#include <sys/tty.h>
	54	#include <kern/task.h>
9bccf70c	55	#include <sys/quota.h>
1c79356b A	56	#include <ufs/ufs/inode.h>
	57	#if NCPUS > 1
	58	#include <kern/processor.h>
	59	#include <kern/thread.h>
	60	#include <sys/lock.h>
	61	#endif /* NCPUS > 1 */
	62	#include <vm/vm_kern.h>
	63	#include <mach/vm_param.h>
	64	#include <sys/filedesc.h>
91447636	65	#include <mach/host_priv.h>
1c79356b	66	#include <mach/host_reboot.h>
91447636	67
e5568f75	68	#include <bsm/audit_kernel.h>
1c79356b A	69
1c79356b A	70	int waittime = -1;
ff6e181a	71	static void proc_shutdown();
1c79356b A	72
	73	void
	74	boot(paniced, howto, command)
	75	int paniced, howto;
	76	char *command;
	77	{
	78	register int i;
	79	int s;
	80	struct proc p = current_proc(); / XXX */
	81	int hostboot_option=0;
	82	int funnel_state;
91447636	83	struct proc *launchd_proc;
1c79356b	84
0b4e3aa0	85	extern void md_prepare_for_shutdown(int paniced, int howto, char * command);
1c79356b A	86
	87	funnel_state = thread_funnel_set(kernel_flock, TRUE);
	88
0b4e3aa0	89	md_prepare_for_shutdown(paniced, howto, command);
1c79356b A	90
	91	if ((howto&RB_NOSYNC)==0 && waittime < 0) {
	92	int iter, nbusy;
	93
	94	waittime = 0;
	95
	96	printf("syncing disks... ");
	97
	98	/*
	99	* Release vnodes held by texts before sync.
	100	*/
	101
	102	/* handle live procs (deallocate their root and current directories). */
	103	proc_shutdown();
	104
55e303ae A	105	audit_shutdown();
55e303ae A	106
1c79356b A	107	sync(p, (void )NULL, (int )NULL);
1c79356b A	108
91447636 A	109	/*
	110	* Now that all processes have been termianted and system is sync'ed up,
	111	* suspend launchd
	112	*/
1c79356b	113
91447636 A	114	launchd_proc = pfind(1);
	115	if (launchd_proc && p != launchd_proc) {
	116	task_suspend(launchd_proc->task);
	117	}
1c79356b A	118
	119	/*
	120	* Unmount filesystems
	121	*/
91447636	122	vfs_unmountall();
1c79356b A	123
1c79356b A	124	/* Wait for the buffer cache to clean remaining dirty buffers */
91447636	125	for (iter = 0; iter < 100; iter++) {
1c79356b A	126	nbusy = count_busy_buffers();
	127	if (nbusy == 0)
	128	break;
	129	printf("%d ", nbusy);
91447636	130	IOSleep( 1 * nbusy );
1c79356b A	131	}
	132	if (nbusy)
	133	printf("giving up\n");
	134	else
	135	printf("done\n");
	136	}
	137
	138	/*
	139	* Can't just use an splnet() here to disable the network
	140	* because that will lock out softints which the disk
	141	* drivers depend on to finish DMAs.
	142	*/
	143	if_down_all();
	144
	145	if (howto & RB_POWERDOWN)
	146	hostboot_option = HOST_REBOOT_HALT;
	147	if (howto & RB_HALT)
	148	hostboot_option = HOST_REBOOT_HALT;
	149	if (paniced == RB_PANIC)
	150	hostboot_option = HOST_REBOOT_HALT;
	151
91447636 A	152	/*
	153	* if we're going to power down due to a halt,
	154	* give the disks a chance to finish getting
	155	* the track cache flushed to the media...
	156	* unfortunately, some of our earlier drives
	157	* don't properly hold off on returning
	158	* from the track flush command (issued by
	159	* the unmounts) until it's actully fully
	160	* committed.
	161	*/
1c79356b A	162	if (hostboot_option == HOST_REBOOT_HALT)
	163	IOSleep( 1 * 1000 );
	164
	165	host_reboot(host_priv_self(), hostboot_option);
	166
	167	thread_funnel_set(kernel_flock, FALSE);
	168	}
	169
	170	/*
	171	* proc_shutdown()
	172	*
	173	* Shutdown down proc system (release references to current and root
	174	* dirs for each process).
	175	*
	176	* POSIX modifications:
	177	*
	178	* For POSIX fcntl() file locking call vno_lockrelease() on
	179	* the file to release all of its record locks, if any.
	180	*/
	181
	182	static void
	183	proc_shutdown()
	184	{
	185	struct proc p, self;
	186	struct vnode cdirp, rdirp, *vp;
	187	int restart, i, TERM_catch;
91447636	188	int delayterm = 0;
1c79356b A	189
	190	/*
	191	* Kill as many procs as we can. (Except ourself...)
	192	*/
0b4e3aa0	193	self = (struct proc *)current_proc();
1c79356b A	194
1c79356b A	195	/*
91447636 A	196	* Signal the init with SIGTERM so that he does not launch
91447636 A	197	* new processes
1c79356b A	198	*/
1c79356b A	199	p = pfind(1);
91447636 A	200	if (p && p != self) {
	201	psignal(p, SIGTERM);
	202	}
1c79356b	203
1c79356b A	204	printf("Killing all processes ");
	205
	206	/*
	207	* send SIGTERM to those procs interested in catching one
	208	*/
4a249263	209	sigterm_loop:
1c79356b	210	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636 A	211	if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate == 0)) {
	212
	213	if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
	214	continue;
	215	}
4a249263	216	if (p->p_sigcatch & sigmask(SIGTERM)) {
91447636	217	p->p_shutdownstate = 1;
ff6e181a A	218	if (proc_refinternal(p, 1) == p) {
	219	psignal(p, SIGTERM);
	220	proc_dropinternal(p, 1);
	221	}
4a249263	222	goto sigterm_loop;
1c79356b A	223	}
1c79356b A	224	}
91447636	225	}
1c79356b A	226	/*
	227	* now wait for up to 30 seconds to allow those procs catching SIGTERM
	228	* to digest it
	229	* as soon as these procs have exited, we'll continue on to the next step
	230	*/
	231	for (i = 0; i < 300; i++) {
	232	/*
	233	* sleep for a tenth of a second
	234	* and then check to see if the tasks that were sent a
	235	* SIGTERM have exited
	236	*/
91447636	237	IOSleep(100);
1c79356b A	238	TERM_catch = 0;
1c79356b A	239
91447636 A	240	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	241	if (p->p_shutdownstate == 1) {
	242	TERM_catch++;
	243	}
1c79356b A	244	}
	245	if (TERM_catch == 0)
	246	break;
	247	}
55e303ae	248	if (TERM_catch) {
91447636	249	/*
55e303ae A	250	* log the names of the unresponsive tasks
55e303ae A	251	*/
91447636	252
55e303ae	253	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636	254	if (p->p_shutdownstate == 1) {
55e303ae	255	printf("%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
91447636	256	}
55e303ae A	257	}
	258	IOSleep(1000 * 5);
	259	}
1c79356b A	260
	261	/*
	262	* send a SIGKILL to all the procs still hanging around
	263	*/
4a249263	264	sigkill_loop:
1c79356b	265	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636 A	266	if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate != 2)) {
	267
	268	if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
	269	continue;
	270	}
ff6e181a A	271	if (proc_refinternal(p, 1) == p) {
	272	psignal(p, SIGKILL);
	273	proc_dropinternal(p, 1);
	274	}
4a249263	275	p->p_shutdownstate = 2;
4a249263 A	276	goto sigkill_loop;
4a249263 A	277	}
1c79356b A	278	}
	279	/*
	280	* wait for up to 60 seconds to allow these procs to exit normally
	281	*/
	282	for (i = 0; i < 300; i++) {
	283	IOSleep(200); /* double the time from 100 to 200 for NFS requests in particular */
	284
	285	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636	286	if (p->p_shutdownstate == 2)
1c79356b A	287	break;
	288	}
	289	if (!p)
	290	break;
	291	}
	292
	293	/*
	294	* if we still have procs that haven't exited, then brute force 'em
	295	*/
	296	p = allproc.lh_first;
	297	while (p) {
ff6e181a	298	if ((p->p_shutdownstate == 3) \|\| (p->p_flag&P_SYSTEM) \|\| (!delayterm && ((p->p_lflag& P_LDELAYTERM)))
91447636	299	\|\| (p->p_pptr->p_pid == 0) \|\| (p == self)) {
1c79356b A	300	p = p->p_list.le_next;
	301	}
	302	else {
ff6e181a	303	p->p_shutdownstate = 3;
1c79356b A	304	/*
	305	* NOTE: following code ignores sig_lock and plays
	306	* with exit_thread correctly. This is OK unless we
	307	* are a multiprocessor, in which case I do not
	308	* understand the sig_lock. This needs to be fixed.
	309	* XXX
	310	*/
91447636 A	311	if (p->exit_thread) { /* someone already doing it */
	312	/* give him a chance */
	313	thread_block(THREAD_CONTINUE_NULL);
	314	} else {
	315	p->exit_thread = current_thread();
1c79356b	316	printf(".");
ff6e181a A	317	if (proc_refinternal(p, 1) == p) {
	318	exit1(p, 1, (int *)NULL);
	319	proc_dropinternal(p, 1);
	320	}
1c79356b A	321	}
	322	p = allproc.lh_first;
	323	}
	324	}
	325	printf("\n");
4a249263	326
91447636 A	327
	328	/* Now start the termination of processes that are marked for delayed termn */
	329	if (delayterm == 0) {
	330	delayterm = 1;
	331	goto sigterm_loop;
1c79356b	332	}
1c79356b A	333	printf("continuing\n");
	334	}
	335