[apple/xnu.git] / bsd / kern / kern_shutdown.c

/*
 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */
/*
 *	File:	bsd/kern/kern_shutdown.c
 *
 *	Copyright (C) 1989, NeXT, Inc.
 *
 */

#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/vm.h>
#include <sys/proc_internal.h>
#include <sys/user.h>
#include <sys/reboot.h>
#include <sys/conf.h>
#include <sys/vnode_internal.h>
#include <sys/file_internal.h>
#include <sys/clist.h>
#include <sys/callout.h>
#include <sys/mbuf.h>
#include <sys/msgbuf.h>
#include <sys/ioctl.h>
#include <sys/signal.h>
#include <sys/tty.h>
#include <kern/task.h>
#include <sys/quota.h>
#include <ufs/ufs/inode.h>
#if	NCPUS > 1
#include <kern/processor.h>
#include <kern/thread.h>
#include <sys/lock.h>
#endif	/* NCPUS > 1 */
#include <vm/vm_kern.h>
#include <mach/vm_param.h>
#include <sys/filedesc.h>
#include <mach/host_priv.h>
#include <mach/host_reboot.h>

#include <bsm/audit_kernel.h>

int	waittime = -1;
static void proc_shutdown();

void
boot(paniced, howto, command)
	int paniced, howto;
	char *command;
{
	register int i;
	int s;
	struct proc *p = current_proc();	/* XXX */
	int hostboot_option=0;
	int funnel_state;
	struct proc  *launchd_proc;

    extern void md_prepare_for_shutdown(int paniced, int howto, char * command);

	funnel_state = thread_funnel_set(kernel_flock, TRUE);

	md_prepare_for_shutdown(paniced, howto, command);

	if ((howto&RB_NOSYNC)==0 && waittime < 0) {
		int iter, nbusy;

		waittime = 0;
		
		printf("syncing disks... ");

		/*
		 * Release vnodes held by texts before sync.
		 */

		/* handle live procs (deallocate their root and current directories). */		
		proc_shutdown();

		audit_shutdown();

		sync(p, (void *)NULL, (int *)NULL);

		/*
		 * Now that all processes have been  termianted and system is sync'ed up, 
		 * suspend launchd
		 */

		launchd_proc = pfind(1);
		if (launchd_proc && p != launchd_proc) {
			task_suspend(launchd_proc->task);
		}

		/*
		 * Unmount filesystems
		 */
		vfs_unmountall();

		/* Wait for the buffer cache to clean remaining dirty buffers */
		for (iter = 0; iter < 100; iter++) {
			nbusy = count_busy_buffers();
			if (nbusy == 0)
				break;
			printf("%d ", nbusy);
			IOSleep( 1 * nbusy );
		}
		if (nbusy)
			printf("giving up\n");
		else
			printf("done\n");
	}

	/*
	 * Can't just use an splnet() here to disable the network
	 * because that will lock out softints which the disk
	 * drivers depend on to finish DMAs.
	 */
	if_down_all();

	if (howto & RB_POWERDOWN)
		hostboot_option = HOST_REBOOT_HALT;
	if (howto & RB_HALT)
		hostboot_option = HOST_REBOOT_HALT;
	if (paniced == RB_PANIC)
		hostboot_option = HOST_REBOOT_HALT;

	/*
	 * if we're going to power down due to a halt,
	 * give the disks a chance to finish getting
	 * the track cache flushed to the media... 
	 * unfortunately, some of our earlier drives
	 * don't properly hold off on returning 
	 * from the track flush command (issued by
	 * the unmounts) until it's actully fully
	 * committed.
	 */
	if (hostboot_option == HOST_REBOOT_HALT)
	        IOSleep( 1 * 1000 );

	host_reboot(host_priv_self(), hostboot_option);

	thread_funnel_set(kernel_flock, FALSE);
}

/*
 * proc_shutdown()
 *
 *	Shutdown down proc system (release references to current and root
 *	dirs for each process).
 *
 * POSIX modifications:
 *
 *	For POSIX fcntl() file locking call vno_lockrelease() on 
 *	the file to release all of its record locks, if any.
 */

static void
proc_shutdown()
{
	struct proc	*p, *self;
	struct vnode	**cdirp, **rdirp, *vp;
	int		restart, i, TERM_catch;
	int delayterm = 0;

	/*
	 *	Kill as many procs as we can.  (Except ourself...)
	 */
	self = (struct proc *)current_proc();
	
	/*
	 * Signal the init with SIGTERM so that he does not launch
	 * new processes 
	 */
	p = pfind(1);
	if (p && p != self) {
		psignal(p, SIGTERM);
	}

	printf("Killing all processes ");

	/*
	 * send SIGTERM to those procs interested in catching one
	 */
sigterm_loop:
	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	        if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate == 0)) {

			if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
				continue;
			}
		        if (p->p_sigcatch & sigmask(SIGTERM)) {
					p->p_shutdownstate = 1;
					if (proc_refinternal(p, 1) == p) {
			        	psignal(p, SIGTERM);
						proc_dropinternal(p, 1);
					}
				goto sigterm_loop;
		}
	}
	}
	/*
	 * now wait for up to 30 seconds to allow those procs catching SIGTERM
	 * to digest it
	 * as soon as these procs have exited, we'll continue on to the next step
	 */
	for (i = 0; i < 300; i++) {
	        /*
		 * sleep for a tenth of a second
		 * and then check to see if the tasks that were sent a
		 * SIGTERM have exited
		 */
		IOSleep(100);   
		TERM_catch = 0;

		for (p = allproc.lh_first; p; p = p->p_list.le_next) {
			if (p->p_shutdownstate == 1) {
				TERM_catch++;
			}
		}
		if (TERM_catch == 0)
		        break;
	}
	if (TERM_catch) {
		/*
		 * log the names of the unresponsive tasks
		 */

	        for (p = allproc.lh_first; p; p = p->p_list.le_next) {
			if (p->p_shutdownstate == 1) {
				  printf("%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
			}
		}
		IOSleep(1000 * 5);
	}

	/*
	 * send a SIGKILL to all the procs still hanging around
	 */
sigkill_loop:
	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	        if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate != 2)) {

			if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
				continue;
			}
			if (proc_refinternal(p, 1) == p) {
				psignal(p, SIGKILL);
				proc_dropinternal(p, 1);
			}
			p->p_shutdownstate = 2;
			goto sigkill_loop;
		}
	}
	/*
	 * wait for up to 60 seconds to allow these procs to exit normally
	 */
	for (i = 0; i < 300; i++) {
		IOSleep(200);  /* double the time from 100 to 200 for NFS requests in particular */

	        for (p = allproc.lh_first; p; p = p->p_list.le_next) {
				if (p->p_shutdownstate == 2)
			        break;
		}
		if (!p)
		        break;
	}

	/*
	 * if we still have procs that haven't exited, then brute force 'em
	 */
	p = allproc.lh_first;
	while (p) {
	        if ((p->p_shutdownstate == 3) || (p->p_flag&P_SYSTEM) || (!delayterm && ((p->p_lflag& P_LDELAYTERM))) 
				|| (p->p_pptr->p_pid == 0) || (p == self)) {
		        p = p->p_list.le_next;
		}
		else {
			p->p_shutdownstate = 3;
		        /*
			 * NOTE: following code ignores sig_lock and plays
			 * with exit_thread correctly.  This is OK unless we
			 * are a multiprocessor, in which case I do not
			 * understand the sig_lock.  This needs to be fixed.
			 * XXX
			 */
			if (p->exit_thread) {	/* someone already doing it */
				/* give him a chance */
				thread_block(THREAD_CONTINUE_NULL);
			} else {
				p->exit_thread = current_thread();
				printf(".");
				if (proc_refinternal(p, 1) == p) {
					exit1(p, 1, (int *)NULL);
					proc_dropinternal(p, 1);
				}
			}
			p = allproc.lh_first;
		}
	}
	printf("\n");


	/* Now start the termination of processes that are marked for delayed termn */
	if (delayterm == 0) {
		delayterm = 1;
		goto  sigterm_loop;
	}
	printf("continuing\n");
}
Commit	Line	Data
1c79356b	1	/*
5d5c5d0d A	2	* Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
5d5c5d0d A	3	*
8f6c56a5	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b	5	*
8f6c56a5 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
8ad349bb	24	* limitations under the License.
8f6c56a5 A	25	*
8f6c56a5 A	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b A	27	*/
	28	/*
	29	* File: bsd/kern/kern_shutdown.c
	30	*
	31	* Copyright (C) 1989, NeXT, Inc.
	32	*
	33	*/
	34
	35	#include <sys/param.h>
	36	#include <sys/systm.h>
	37	#include <sys/kernel.h>
	38	#include <sys/vm.h>
91447636	39	#include <sys/proc_internal.h>
1c79356b	40	#include <sys/user.h>
1c79356b A	41	#include <sys/reboot.h>
1c79356b A	42	#include <sys/conf.h>
91447636 A	43	#include <sys/vnode_internal.h>
91447636 A	44	#include <sys/file_internal.h>
1c79356b A	45	#include <sys/clist.h>
	46	#include <sys/callout.h>
	47	#include <sys/mbuf.h>
	48	#include <sys/msgbuf.h>
	49	#include <sys/ioctl.h>
	50	#include <sys/signal.h>
	51	#include <sys/tty.h>
	52	#include <kern/task.h>
9bccf70c	53	#include <sys/quota.h>
1c79356b A	54	#include <ufs/ufs/inode.h>
	55	#if NCPUS > 1
	56	#include <kern/processor.h>
	57	#include <kern/thread.h>
	58	#include <sys/lock.h>
	59	#endif /* NCPUS > 1 */
	60	#include <vm/vm_kern.h>
	61	#include <mach/vm_param.h>
	62	#include <sys/filedesc.h>
91447636	63	#include <mach/host_priv.h>
1c79356b	64	#include <mach/host_reboot.h>
91447636	65
e5568f75	66	#include <bsm/audit_kernel.h>
1c79356b A	67
1c79356b A	68	int waittime = -1;
ff6e181a	69	static void proc_shutdown();
1c79356b A	70
	71	void
	72	boot(paniced, howto, command)
	73	int paniced, howto;
	74	char *command;
	75	{
	76	register int i;
	77	int s;
	78	struct proc p = current_proc(); / XXX */
	79	int hostboot_option=0;
	80	int funnel_state;
91447636	81	struct proc *launchd_proc;
1c79356b	82
0b4e3aa0	83	extern void md_prepare_for_shutdown(int paniced, int howto, char * command);
1c79356b A	84
	85	funnel_state = thread_funnel_set(kernel_flock, TRUE);
	86
0b4e3aa0	87	md_prepare_for_shutdown(paniced, howto, command);
1c79356b A	88
	89	if ((howto&RB_NOSYNC)==0 && waittime < 0) {
	90	int iter, nbusy;
	91
	92	waittime = 0;
	93
	94	printf("syncing disks... ");
	95
	96	/*
	97	* Release vnodes held by texts before sync.
	98	*/
	99
	100	/* handle live procs (deallocate their root and current directories). */
	101	proc_shutdown();
	102
55e303ae A	103	audit_shutdown();
55e303ae A	104
1c79356b A	105	sync(p, (void )NULL, (int )NULL);
1c79356b A	106
91447636 A	107	/*
	108	* Now that all processes have been termianted and system is sync'ed up,
	109	* suspend launchd
	110	*/
1c79356b	111
91447636 A	112	launchd_proc = pfind(1);
	113	if (launchd_proc && p != launchd_proc) {
	114	task_suspend(launchd_proc->task);
	115	}
1c79356b A	116
	117	/*
	118	* Unmount filesystems
	119	*/
91447636	120	vfs_unmountall();
1c79356b A	121
1c79356b A	122	/* Wait for the buffer cache to clean remaining dirty buffers */
91447636	123	for (iter = 0; iter < 100; iter++) {
1c79356b A	124	nbusy = count_busy_buffers();
	125	if (nbusy == 0)
	126	break;
	127	printf("%d ", nbusy);
91447636	128	IOSleep( 1 * nbusy );
1c79356b A	129	}
	130	if (nbusy)
	131	printf("giving up\n");
	132	else
	133	printf("done\n");
	134	}
	135
	136	/*
	137	* Can't just use an splnet() here to disable the network
	138	* because that will lock out softints which the disk
	139	* drivers depend on to finish DMAs.
	140	*/
	141	if_down_all();
	142
	143	if (howto & RB_POWERDOWN)
	144	hostboot_option = HOST_REBOOT_HALT;
	145	if (howto & RB_HALT)
	146	hostboot_option = HOST_REBOOT_HALT;
	147	if (paniced == RB_PANIC)
	148	hostboot_option = HOST_REBOOT_HALT;
	149
91447636 A	150	/*
	151	* if we're going to power down due to a halt,
	152	* give the disks a chance to finish getting
	153	* the track cache flushed to the media...
	154	* unfortunately, some of our earlier drives
	155	* don't properly hold off on returning
	156	* from the track flush command (issued by
	157	* the unmounts) until it's actully fully
	158	* committed.
	159	*/
1c79356b A	160	if (hostboot_option == HOST_REBOOT_HALT)
	161	IOSleep( 1 * 1000 );
	162
	163	host_reboot(host_priv_self(), hostboot_option);
	164
	165	thread_funnel_set(kernel_flock, FALSE);
	166	}
	167
	168	/*
	169	* proc_shutdown()
	170	*
	171	* Shutdown down proc system (release references to current and root
	172	* dirs for each process).
	173	*
	174	* POSIX modifications:
	175	*
	176	* For POSIX fcntl() file locking call vno_lockrelease() on
	177	* the file to release all of its record locks, if any.
	178	*/
	179
	180	static void
	181	proc_shutdown()
	182	{
	183	struct proc p, self;
	184	struct vnode cdirp, rdirp, *vp;
	185	int restart, i, TERM_catch;
91447636	186	int delayterm = 0;
1c79356b A	187
	188	/*
	189	* Kill as many procs as we can. (Except ourself...)
	190	*/
0b4e3aa0	191	self = (struct proc *)current_proc();
1c79356b A	192
1c79356b A	193	/*
91447636 A	194	* Signal the init with SIGTERM so that he does not launch
91447636 A	195	* new processes
1c79356b A	196	*/
1c79356b A	197	p = pfind(1);
91447636 A	198	if (p && p != self) {
	199	psignal(p, SIGTERM);
	200	}
1c79356b	201
1c79356b A	202	printf("Killing all processes ");
	203
	204	/*
	205	* send SIGTERM to those procs interested in catching one
	206	*/
4a249263	207	sigterm_loop:
1c79356b	208	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636 A	209	if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate == 0)) {
	210
	211	if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
	212	continue;
	213	}
4a249263	214	if (p->p_sigcatch & sigmask(SIGTERM)) {
91447636	215	p->p_shutdownstate = 1;
ff6e181a A	216	if (proc_refinternal(p, 1) == p) {
	217	psignal(p, SIGTERM);
	218	proc_dropinternal(p, 1);
	219	}
4a249263	220	goto sigterm_loop;
1c79356b A	221	}
1c79356b A	222	}
91447636	223	}
1c79356b A	224	/*
	225	* now wait for up to 30 seconds to allow those procs catching SIGTERM
	226	* to digest it
	227	* as soon as these procs have exited, we'll continue on to the next step
	228	*/
	229	for (i = 0; i < 300; i++) {
	230	/*
	231	* sleep for a tenth of a second
	232	* and then check to see if the tasks that were sent a
	233	* SIGTERM have exited
	234	*/
91447636	235	IOSleep(100);
1c79356b A	236	TERM_catch = 0;
1c79356b A	237
91447636 A	238	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	239	if (p->p_shutdownstate == 1) {
	240	TERM_catch++;
	241	}
1c79356b A	242	}
	243	if (TERM_catch == 0)
	244	break;
	245	}
55e303ae	246	if (TERM_catch) {
91447636	247	/*
55e303ae A	248	* log the names of the unresponsive tasks
55e303ae A	249	*/
91447636	250
55e303ae	251	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636	252	if (p->p_shutdownstate == 1) {
55e303ae	253	printf("%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
91447636	254	}
55e303ae A	255	}
	256	IOSleep(1000 * 5);
	257	}
1c79356b A	258
	259	/*
	260	* send a SIGKILL to all the procs still hanging around
	261	*/
4a249263	262	sigkill_loop:
1c79356b	263	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636 A	264	if (((p->p_flag&P_SYSTEM) == 0) && (p->p_pptr->p_pid != 0) && (p != self) && (p->p_stat != SZOMB) && (p->p_shutdownstate != 2)) {
	265
	266	if ((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM)) {
	267	continue;
	268	}
ff6e181a A	269	if (proc_refinternal(p, 1) == p) {
	270	psignal(p, SIGKILL);
	271	proc_dropinternal(p, 1);
	272	}
4a249263	273	p->p_shutdownstate = 2;
4a249263 A	274	goto sigkill_loop;
4a249263 A	275	}
1c79356b A	276	}
	277	/*
	278	* wait for up to 60 seconds to allow these procs to exit normally
	279	*/
	280	for (i = 0; i < 300; i++) {
	281	IOSleep(200); /* double the time from 100 to 200 for NFS requests in particular */
	282
	283	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636	284	if (p->p_shutdownstate == 2)
1c79356b A	285	break;
	286	}
	287	if (!p)
	288	break;
	289	}
	290
	291	/*
	292	* if we still have procs that haven't exited, then brute force 'em
	293	*/
	294	p = allproc.lh_first;
	295	while (p) {
ff6e181a	296	if ((p->p_shutdownstate == 3) \|\| (p->p_flag&P_SYSTEM) \|\| (!delayterm && ((p->p_lflag& P_LDELAYTERM)))
91447636	297	\|\| (p->p_pptr->p_pid == 0) \|\| (p == self)) {
1c79356b A	298	p = p->p_list.le_next;
	299	}
	300	else {
ff6e181a	301	p->p_shutdownstate = 3;
1c79356b A	302	/*
	303	* NOTE: following code ignores sig_lock and plays
	304	* with exit_thread correctly. This is OK unless we
	305	* are a multiprocessor, in which case I do not
	306	* understand the sig_lock. This needs to be fixed.
	307	* XXX
	308	*/
91447636 A	309	if (p->exit_thread) { /* someone already doing it */
	310	/* give him a chance */
	311	thread_block(THREAD_CONTINUE_NULL);
	312	} else {
	313	p->exit_thread = current_thread();
1c79356b	314	printf(".");
ff6e181a A	315	if (proc_refinternal(p, 1) == p) {
	316	exit1(p, 1, (int *)NULL);
	317	proc_dropinternal(p, 1);
	318	}
1c79356b A	319	}
	320	p = allproc.lh_first;
	321	}
	322	}
	323	printf("\n");
4a249263	324
91447636 A	325
	326	/* Now start the termination of processes that are marked for delayed termn */
	327	if (delayterm == 0) {
	328	delayterm = 1;
	329	goto sigterm_loop;
1c79356b	330	}
1c79356b A	331	printf("continuing\n");
	332	}
	333