/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */

/*
 * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
 * Copyright 2012 Nexenta Systems, Inc.  All rights reserved.
 */

/*
 * SMBFS I/O Daemon (Per-user IOD)
 */

#include <sys/types.h>
#include <sys/stat.h>
#include <sys/note.h>

#include <errno.h>
#include <fcntl.h>
#include <signal.h>
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
#include <strings.h>
#include <stdlib.h>
#include <synch.h>
#include <time.h>
#include <unistd.h>
#include <ucred.h>
#include <err.h>
#include <door.h>
#include <libscf.h>
#include <locale.h>
#include <thread.h>

#include <netsmb/smb_lib.h>

#define	DPRINT(...)	do \
{ \
	if (smb_debug) \
		fprintf(stderr, __VA_ARGS__); \
	_NOTE(CONSTCOND) \
} while (0)

mutex_t	iod_mutex = DEFAULTMUTEX;
int iod_thr_count;	/* threads, excluding main */
int iod_terminating;
int iod_alarm_time = 30; /* sec. */

void iod_dispatch(void *cookie, char *argp, size_t argsz,
    door_desc_t *dp, uint_t n_desc);
int iod_newvc(smb_iod_ssn_t *clnt_ssn);
void * iod_work(void *arg);

int
main(int argc, char **argv)
{
	sigset_t oldmask, tmpmask;
	char *env, *door_path = NULL;
	int door_fd = -1;
	int err, sig;
	int rc = SMF_EXIT_ERR_FATAL;
	boolean_t attached = B_FALSE;

	/* set locale and text domain for i18n */
	(void) setlocale(LC_ALL, "");
	(void) textdomain(TEXT_DOMAIN);

	/* Debugging support. */
	if ((env = getenv("SMBFS_DEBUG")) != NULL) {
		smb_debug = atoi(env);
		if (smb_debug < 1)
			smb_debug = 1;
		iod_alarm_time = 300;
	}

	/*
	 * If a user runs this command (i.e. by accident)
	 * don't interfere with any already running IOD.
	 */
	err = smb_iod_open_door(&door_fd);
	if (err == 0) {
		close(door_fd);
		door_fd = -1;
		DPRINT("%s: already running\n", argv[0]);
		exit(SMF_EXIT_OK);
	}

	/*
	 * Want all signals blocked, as we're doing
	 * synchronous delivery via sigwait below.
	 */
	sigfillset(&tmpmask);
	sigprocmask(SIG_BLOCK, &tmpmask, &oldmask);

	/* Setup the door service. */
	door_path = smb_iod_door_path();
	door_fd = door_create(iod_dispatch, NULL,
	    DOOR_REFUSE_DESC | DOOR_NO_CANCEL);
	if (door_fd == -1) {
		perror("iod door_create");
		goto out;
	}
	fdetach(door_path);
	if (fattach(door_fd, door_path) < 0) {
		fprintf(stderr, "%s: fattach failed, %s\n",
		    door_path, strerror(errno));
		goto out;
	}
	attached = B_TRUE;

	/* Initializations done. */
	rc = SMF_EXIT_OK;

	/*
	 * Post the initial alarm, and then just
	 * wait for signals.
	 */
	alarm(iod_alarm_time);
again:
	sig = sigwait(&tmpmask);
	DPRINT("main: sig=%d\n", sig);
	switch (sig) {
	case SIGCONT:
		goto again;

	case SIGALRM:
		/* No threads active for a while. */
		mutex_lock(&iod_mutex);
		if (iod_thr_count > 0) {
			/*
			 * Door call thread creation raced with
			 * the alarm.  Ignore this alaram.
			 */
			mutex_unlock(&iod_mutex);
			goto again;
		}
		/* Prevent a race with iod_thr_count */
		iod_terminating = 1;
		mutex_unlock(&iod_mutex);
		break;

	case SIGINT:
	case SIGTERM:
		break;	/* normal termination */

	default:
		/* Unexpected signal. */
		fprintf(stderr, "iod_main: unexpected sig=%d\n", sig);
		break;
	}

out:
	iod_terminating = 1;
	if (attached)
		fdetach(door_path);
	if (door_fd != -1)
		door_revoke(door_fd);

	/*
	 * We need a reference in -lumem to satisfy check_rtime,
	 * else we get build hoise.  This is sufficient.
	 */
	free(NULL);

	return (rc);
}

/*ARGSUSED*/
void
iod_dispatch(void *cookie, char *argp, size_t argsz,
    door_desc_t *dp, uint_t n_desc)
{
	smb_iod_ssn_t *ssn;
	ucred_t *ucred;
	uid_t cl_uid;
	int rc;

	/*
	 * Verify that the calling process has the same UID.
	 * Paranoia:  The door we created has mode 0600, so
	 * this check is probably redundant.
	 */
	ucred = NULL;
	if (door_ucred(&ucred) != 0) {
		rc = EACCES;
		goto out;
	}
	cl_uid = ucred_getruid(ucred);
	ucred_free(ucred);
	ucred = NULL;
	if (cl_uid != getuid()) {
		DPRINT("iod_dispatch: wrong UID\n");
		rc = EACCES;
		goto out;
	}

	/*
	 * The library uses a NULL arg call to check if
	 * the daemon is running.  Just return zero.
	 */
	if (argp == NULL) {
		rc = 0;
		goto out;
	}

	/*
	 * Otherwise, the arg must be the (fixed size)
	 * smb_iod_ssn_t
	 */
	if (argsz != sizeof (*ssn)) {
		rc = EINVAL;
		goto out;
	}

	mutex_lock(&iod_mutex);
	if (iod_terminating) {
		mutex_unlock(&iod_mutex);
		DPRINT("iod_dispatch: terminating\n");
		rc = EINTR;
		goto out;
	}
	if (iod_thr_count++ == 0) {
		alarm(0);
		DPRINT("iod_dispatch: cancelled alarm\n");
	}
	mutex_unlock(&iod_mutex);

	ssn = (void *) argp;
	rc = iod_newvc(ssn);

	mutex_lock(&iod_mutex);
	if (--iod_thr_count == 0) {
		DPRINT("iod_dispatch: schedule alarm\n");
		alarm(iod_alarm_time);
	}
	mutex_unlock(&iod_mutex);

out:
	door_return((void *)&rc, sizeof (rc), NULL, 0);
}

/*
 * Try making a connection with the server described by
 * the info in the smb_iod_ssn_t arg.  If successful,
 * start an IOD thread to service it, then return to
 * the client side of the door.
 */
int
iod_newvc(smb_iod_ssn_t *clnt_ssn)
{
	smb_ctx_t *ctx;
	thread_t tid;
	int err;


	/*
	 * This needs to essentially "clone" the smb_ctx_t
	 * from the client side of the door, or at least
	 * as much of it as we need while creating a VC.
	 */
	err = smb_ctx_alloc(&ctx);
	if (err)
		return (err);
	bcopy(clnt_ssn, &ctx->ct_iod_ssn, sizeof (ctx->ct_iod_ssn));

	/*
	 * Create the driver session first, so that any subsequent
	 * requests for the same session will find this one and
	 * wait, the same as when a reconnect is triggered.
	 *
	 * There is still an inherent race here, where two callers
	 * both find no VC in the driver, and both come here trying
	 * to create the VC.  In this case, we want the first one
	 * to actually do the VC setup, and the second to proceed
	 * as if the VC had been found in the driver.  The second
	 * caller gets an EEXIST error from the ioctl in this case,
	 * which we therefore ignore here so that the caller will
	 * go ahead and look again in the driver for the new VC.
	 */
	if ((err = smb_ctx_gethandle(ctx)) != 0)
		goto out;
	if (ioctl(ctx->ct_dev_fd, SMBIOC_SSN_CREATE, &ctx->ct_ssn) < 0) {
		err = errno;
		if (err == EEXIST)
			err = 0; /* see above */
		goto out;
	}

	/*
	 * Do the initial connection setup here, so we can
	 * report the outcome to the door client.
	 */
	err = smb_iod_connect(ctx);
	if (err != 0)
		goto out;

	/* The rest happens in the iod_work thread. */
	err = thr_create(NULL, 0, iod_work, ctx, THR_DETACHED, &tid);
	if (err == 0) {
		/*
		 * Given to the new thread.
		 * free at end of iod_work
		 */
		ctx = NULL;
	}

out:
	if (ctx)
		smb_ctx_free(ctx);

	return (err);
}

/*
 * Be the reader thread for some VC.
 *
 * This is started by a door call thread, which means
 * this is always at least the 2nd thread, therefore
 * it should never see thr_count==0 or terminating.
 */
void *
iod_work(void *arg)
{
	smb_ctx_t *ctx = arg;

	mutex_lock(&iod_mutex);
	if (iod_thr_count++ == 0) {
		alarm(0);
		DPRINT("iod_work: cancelled alarm\n");
	}
	mutex_unlock(&iod_mutex);

	(void) smb_iod_work(ctx);

	mutex_lock(&iod_mutex);
	if (--iod_thr_count == 0) {
		DPRINT("iod_work: schedule alarm\n");
		alarm(iod_alarm_time);
	}
	mutex_unlock(&iod_mutex);

	smb_ctx_free(ctx);
	return (NULL);
}