xref: /illumos-gate/usr/src/cmd/modload/update_drv.c (revision f9e4eebb)
17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * CDDL HEADER START
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
57c478bd9Sstevel@tonic-gate  * Common Development and Distribution License, Version 1.0 only
67c478bd9Sstevel@tonic-gate  * (the "License").  You may not use this file except in compliance
77c478bd9Sstevel@tonic-gate  * with the License.
87c478bd9Sstevel@tonic-gate  *
97c478bd9Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
107c478bd9Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
117c478bd9Sstevel@tonic-gate  * See the License for the specific language governing permissions
127c478bd9Sstevel@tonic-gate  * and limitations under the License.
137c478bd9Sstevel@tonic-gate  *
147c478bd9Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
157c478bd9Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
167c478bd9Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
177c478bd9Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
187c478bd9Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
197c478bd9Sstevel@tonic-gate  *
207c478bd9Sstevel@tonic-gate  * CDDL HEADER END
217c478bd9Sstevel@tonic-gate  */
227c478bd9Sstevel@tonic-gate /*
23*f9e4eebbScth  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
247c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
257c478bd9Sstevel@tonic-gate  */
267c478bd9Sstevel@tonic-gate 
277c478bd9Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
287c478bd9Sstevel@tonic-gate 
297c478bd9Sstevel@tonic-gate #include <stdio.h>
307c478bd9Sstevel@tonic-gate #include <locale.h>
317c478bd9Sstevel@tonic-gate #include <stdlib.h>
327c478bd9Sstevel@tonic-gate #include <unistd.h>
337c478bd9Sstevel@tonic-gate #include <sys/types.h>
347c478bd9Sstevel@tonic-gate #include <string.h>
357c478bd9Sstevel@tonic-gate #include "addrem.h"
367c478bd9Sstevel@tonic-gate #include "errmsg.h"
377c478bd9Sstevel@tonic-gate #include "plcysubr.h"
387c478bd9Sstevel@tonic-gate 
397c478bd9Sstevel@tonic-gate /* function prototypes */
407c478bd9Sstevel@tonic-gate static void	usage();
417c478bd9Sstevel@tonic-gate static int	unload_drv(char *, int, int);
427c478bd9Sstevel@tonic-gate 
437c478bd9Sstevel@tonic-gate 
447c478bd9Sstevel@tonic-gate /*
457c478bd9Sstevel@tonic-gate  * try to modunload driver.
467c478bd9Sstevel@tonic-gate  * return -1 on failure and 0 on success
477c478bd9Sstevel@tonic-gate  */
487c478bd9Sstevel@tonic-gate static int
497c478bd9Sstevel@tonic-gate unload_drv(char *driver_name, int force_flag, int verbose_flag)
507c478bd9Sstevel@tonic-gate {
517c478bd9Sstevel@tonic-gate 	int modid;
527c478bd9Sstevel@tonic-gate 
537c478bd9Sstevel@tonic-gate 	get_modid(driver_name, &modid);
547c478bd9Sstevel@tonic-gate 	if (modid != -1) {
557c478bd9Sstevel@tonic-gate 		if (modctl(MODUNLOAD, modid) < 0) {
567c478bd9Sstevel@tonic-gate 			(void) fprintf(stderr, gettext(ERR_MODUN), driver_name);
577c478bd9Sstevel@tonic-gate 			if (force_flag == 0) { /* no force flag */
587c478bd9Sstevel@tonic-gate 				if (verbose_flag) {
597c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr,
607c478bd9Sstevel@tonic-gate 					    gettext(NOUPDATE), driver_name);
617c478bd9Sstevel@tonic-gate 				}
627c478bd9Sstevel@tonic-gate 				/* clean up and exit. remove lock file */
637c478bd9Sstevel@tonic-gate 				err_exit();
647c478bd9Sstevel@tonic-gate 			}
657c478bd9Sstevel@tonic-gate 			(void) fprintf(stderr, gettext(FORCE_UPDATE),
667c478bd9Sstevel@tonic-gate 			    driver_name);
677c478bd9Sstevel@tonic-gate 
687c478bd9Sstevel@tonic-gate 			return (-1);
697c478bd9Sstevel@tonic-gate 		}
707c478bd9Sstevel@tonic-gate 	}
717c478bd9Sstevel@tonic-gate 
727c478bd9Sstevel@tonic-gate 	return (0);
737c478bd9Sstevel@tonic-gate }
747c478bd9Sstevel@tonic-gate 
757c478bd9Sstevel@tonic-gate 
767c478bd9Sstevel@tonic-gate static void
777c478bd9Sstevel@tonic-gate usage()
787c478bd9Sstevel@tonic-gate {
797c478bd9Sstevel@tonic-gate 	(void) fprintf(stderr, gettext(UPD_DRV_USAGE));
807c478bd9Sstevel@tonic-gate 	exit(1);
817c478bd9Sstevel@tonic-gate }
827c478bd9Sstevel@tonic-gate 
837c478bd9Sstevel@tonic-gate 
847c478bd9Sstevel@tonic-gate int
857c478bd9Sstevel@tonic-gate main(int argc, char *argv[])
867c478bd9Sstevel@tonic-gate {
877c478bd9Sstevel@tonic-gate 	int	error, opt, major;
887c478bd9Sstevel@tonic-gate 	int	cleanup_flag = 0;
897c478bd9Sstevel@tonic-gate 	int	update_conf = 1;	/* reload driver.conf by default */
907c478bd9Sstevel@tonic-gate 	int	verbose_flag = 0;	/* -v option */
917c478bd9Sstevel@tonic-gate 	int	force_flag = 0;		/* -f option */
927c478bd9Sstevel@tonic-gate 	int	a_flag = 0;		/* -a option */
937c478bd9Sstevel@tonic-gate 	int	d_flag = 0;		/* -d option */
947c478bd9Sstevel@tonic-gate 	int	i_flag = 0;		/* -i option */
957c478bd9Sstevel@tonic-gate 	int	l_flag = 0;		/* -l option */
967c478bd9Sstevel@tonic-gate 	int	m_flag = 0;		/* -m option */
977c478bd9Sstevel@tonic-gate 	char	*perms = NULL;
987c478bd9Sstevel@tonic-gate 	char	*aliases = 0;
997c478bd9Sstevel@tonic-gate 	char	*basedir = NULL;
1007c478bd9Sstevel@tonic-gate 	char	*policy = NULL;
1017c478bd9Sstevel@tonic-gate 	char	*priv = NULL;
1027c478bd9Sstevel@tonic-gate 	char	*driver_name;
1037c478bd9Sstevel@tonic-gate 	int	found;
1047c478bd9Sstevel@tonic-gate 	major_t major_num;
1057c478bd9Sstevel@tonic-gate 	int	rval;
1067c478bd9Sstevel@tonic-gate 
1077c478bd9Sstevel@tonic-gate 	(void) setlocale(LC_ALL, "");
1087c478bd9Sstevel@tonic-gate #if	!defined(TEXT_DOMAIN)	/* Should be defined by cc -D */
1097c478bd9Sstevel@tonic-gate #define	TEXT_DOMAIN "SYS_TEST"	/* Use this only if it weren't */
1107c478bd9Sstevel@tonic-gate #endif
1117c478bd9Sstevel@tonic-gate 	(void) textdomain(TEXT_DOMAIN);
1127c478bd9Sstevel@tonic-gate 
1137c478bd9Sstevel@tonic-gate 	/*  must be run by root */
1147c478bd9Sstevel@tonic-gate 	if (getuid() != 0) {
1157c478bd9Sstevel@tonic-gate 		(void) fprintf(stderr, gettext(ERR_NOT_ROOT));
1167c478bd9Sstevel@tonic-gate 		exit(1);
1177c478bd9Sstevel@tonic-gate 	}
1187c478bd9Sstevel@tonic-gate 
1197c478bd9Sstevel@tonic-gate 	while ((opt = getopt(argc, argv, "m:i:b:p:adlfuvP:")) != EOF) {
1207c478bd9Sstevel@tonic-gate 		switch (opt) {
1217c478bd9Sstevel@tonic-gate 		case 'a':
1227c478bd9Sstevel@tonic-gate 			a_flag++;
1237c478bd9Sstevel@tonic-gate 			break;
1247c478bd9Sstevel@tonic-gate 		case 'b':
1257c478bd9Sstevel@tonic-gate 			update_conf = 0;	/* don't update .conf file */
1267c478bd9Sstevel@tonic-gate 			basedir = optarg;
1277c478bd9Sstevel@tonic-gate 			break;
1287c478bd9Sstevel@tonic-gate 		case 'd':
1297c478bd9Sstevel@tonic-gate 			d_flag++;
1307c478bd9Sstevel@tonic-gate 			break;
1317c478bd9Sstevel@tonic-gate 		case 'f':
1327c478bd9Sstevel@tonic-gate 			force_flag++;
1337c478bd9Sstevel@tonic-gate 			break;
1347c478bd9Sstevel@tonic-gate 		case 'i':
1357c478bd9Sstevel@tonic-gate 			i_flag++;
1367c478bd9Sstevel@tonic-gate 			aliases = optarg;
1377c478bd9Sstevel@tonic-gate 			if (check_space_within_quote(aliases) == ERROR) {
1387c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext(ERR_NO_SPACE),
1397c478bd9Sstevel@tonic-gate 					aliases);
1407c478bd9Sstevel@tonic-gate 				exit(1);
1417c478bd9Sstevel@tonic-gate 			}
1427c478bd9Sstevel@tonic-gate 			break;
1437c478bd9Sstevel@tonic-gate 		case 'l':	/* private option */
1447c478bd9Sstevel@tonic-gate 			l_flag++;
1457c478bd9Sstevel@tonic-gate 			break;
1467c478bd9Sstevel@tonic-gate 		case 'm':
1477c478bd9Sstevel@tonic-gate 			m_flag++;
1487c478bd9Sstevel@tonic-gate 			perms = optarg;
1497c478bd9Sstevel@tonic-gate 			break;
1507c478bd9Sstevel@tonic-gate 		case 'p':
1517c478bd9Sstevel@tonic-gate 			policy = optarg;
1527c478bd9Sstevel@tonic-gate 			break;
1537c478bd9Sstevel@tonic-gate 		case 'v':
1547c478bd9Sstevel@tonic-gate 			verbose_flag++;
1557c478bd9Sstevel@tonic-gate 			break;
1567c478bd9Sstevel@tonic-gate 		case 'P':
1577c478bd9Sstevel@tonic-gate 			priv = optarg;
1587c478bd9Sstevel@tonic-gate 			break;
1597c478bd9Sstevel@tonic-gate 		case '?' :
1607c478bd9Sstevel@tonic-gate 		default:
1617c478bd9Sstevel@tonic-gate 			usage();
1627c478bd9Sstevel@tonic-gate 		}
1637c478bd9Sstevel@tonic-gate 	}
1647c478bd9Sstevel@tonic-gate 
1657c478bd9Sstevel@tonic-gate 	/*
1667c478bd9Sstevel@tonic-gate 	 * check for flags and extra args
1677c478bd9Sstevel@tonic-gate 	 */
1687c478bd9Sstevel@tonic-gate 	if ((argv[optind] == NULL) || (optind + 1 != argc)) {
1697c478bd9Sstevel@tonic-gate 		usage();
1707c478bd9Sstevel@tonic-gate 	}
1717c478bd9Sstevel@tonic-gate 
1727c478bd9Sstevel@tonic-gate 	/*
1737c478bd9Sstevel@tonic-gate 	 * - cannot be adding and removing at the same time
1747c478bd9Sstevel@tonic-gate 	 * - if -a or -d is specified, it's an error if none of
1757c478bd9Sstevel@tonic-gate 	 *   -i/-m/-p/-P is specified.
1767c478bd9Sstevel@tonic-gate 	 */
1777c478bd9Sstevel@tonic-gate 	if ((a_flag && d_flag) ||
1787c478bd9Sstevel@tonic-gate 	    ((a_flag || d_flag) &&
1797c478bd9Sstevel@tonic-gate 	    !m_flag && !i_flag && priv == NULL && policy == NULL)) {
1807c478bd9Sstevel@tonic-gate 		usage();
1817c478bd9Sstevel@tonic-gate 	}
1827c478bd9Sstevel@tonic-gate 
1837c478bd9Sstevel@tonic-gate 	/*
1847c478bd9Sstevel@tonic-gate 	 * - with -d option or -a option either -i 'identify_name',
1857c478bd9Sstevel@tonic-gate 	 *	-m 'permission',  -p 'policy' or -P 'priv' should be specified
1867c478bd9Sstevel@tonic-gate 	 */
1877c478bd9Sstevel@tonic-gate 	if (m_flag || i_flag || policy != NULL || priv != NULL) {
1887c478bd9Sstevel@tonic-gate 		if (!(a_flag || d_flag))
1897c478bd9Sstevel@tonic-gate 			usage();
1907c478bd9Sstevel@tonic-gate 	}
1917c478bd9Sstevel@tonic-gate 
1927c478bd9Sstevel@tonic-gate 	driver_name = argv[optind];
1937c478bd9Sstevel@tonic-gate 
1947c478bd9Sstevel@tonic-gate 	/* set up update_drv filenames */
1957c478bd9Sstevel@tonic-gate 	if ((build_filenames(basedir)) == ERROR) {
1967c478bd9Sstevel@tonic-gate 		exit(1);
1977c478bd9Sstevel@tonic-gate 	}
1987c478bd9Sstevel@tonic-gate 
1997c478bd9Sstevel@tonic-gate 	/* no lock is needed for listing minor perm entry */
2007c478bd9Sstevel@tonic-gate 	if (l_flag) {
2017c478bd9Sstevel@tonic-gate 		list_entry(minor_perm, driver_name, ":");
2027c478bd9Sstevel@tonic-gate 
2037c478bd9Sstevel@tonic-gate 		return (NOERR);
2047c478bd9Sstevel@tonic-gate 	}
2057c478bd9Sstevel@tonic-gate 
2067c478bd9Sstevel@tonic-gate 	/* must be only running version of add_drv/update_drv/rem_drv */
2077c478bd9Sstevel@tonic-gate 	enter_lock();
2087c478bd9Sstevel@tonic-gate 
2097c478bd9Sstevel@tonic-gate 	if ((check_perms_aliases(m_flag, i_flag)) == ERROR) {
2107c478bd9Sstevel@tonic-gate 		err_exit();
2117c478bd9Sstevel@tonic-gate 	}
2127c478bd9Sstevel@tonic-gate 
2137c478bd9Sstevel@tonic-gate 	/* update_drv doesn't modify /etc/name_to_major file */
2147c478bd9Sstevel@tonic-gate 	if ((check_name_to_major(R_OK)) == ERROR)
2157c478bd9Sstevel@tonic-gate 		err_exit();
2167c478bd9Sstevel@tonic-gate 
2177c478bd9Sstevel@tonic-gate 	if (priv != NULL && check_priv_entry(priv, a_flag) != 0)
2187c478bd9Sstevel@tonic-gate 		err_exit();
2197c478bd9Sstevel@tonic-gate 
2207c478bd9Sstevel@tonic-gate 	if (policy != NULL && (policy = check_plcy_entry(policy, driver_name,
2217c478bd9Sstevel@tonic-gate 	    d_flag ? B_TRUE : B_FALSE)) == NULL)
2227c478bd9Sstevel@tonic-gate 		err_exit();
2237c478bd9Sstevel@tonic-gate 
2247c478bd9Sstevel@tonic-gate 	/*
2257c478bd9Sstevel@tonic-gate 	 * ADD: -a option
2267c478bd9Sstevel@tonic-gate 	 * i_flag: update /etc/driver_aliases
2277c478bd9Sstevel@tonic-gate 	 * m_flag: update /etc/minor_perm
2287c478bd9Sstevel@tonic-gate 	 * -p: update /etc/security/device_policy
2297c478bd9Sstevel@tonic-gate 	 * -P: update /etc/security/extra_privs
2307c478bd9Sstevel@tonic-gate 	 * if force_flag is specified continue w/ the next operation
2317c478bd9Sstevel@tonic-gate 	 */
2327c478bd9Sstevel@tonic-gate 	if (a_flag) {
2337c478bd9Sstevel@tonic-gate 		if (m_flag) {
2347c478bd9Sstevel@tonic-gate 			/* check if the permissions are valid */
2357c478bd9Sstevel@tonic-gate 			if ((error = check_perm_opts(perms)) == ERROR) {
2367c478bd9Sstevel@tonic-gate 				if (force_flag == 0) { /* no force flag */
2377c478bd9Sstevel@tonic-gate 					exit_unlock();
2387c478bd9Sstevel@tonic-gate 
2397c478bd9Sstevel@tonic-gate 					return (error);
2407c478bd9Sstevel@tonic-gate 				}
2417c478bd9Sstevel@tonic-gate 			}
2427c478bd9Sstevel@tonic-gate 
2437c478bd9Sstevel@tonic-gate 			/*
2447c478bd9Sstevel@tonic-gate 			 * update the file, if and only if
2457c478bd9Sstevel@tonic-gate 			 * we didn't run into error earlier.
2467c478bd9Sstevel@tonic-gate 			 */
2477c478bd9Sstevel@tonic-gate 			if ((error != ERROR) &&
2487c478bd9Sstevel@tonic-gate 			    (error = update_minor_entry(driver_name, perms))) {
2497c478bd9Sstevel@tonic-gate 				if (force_flag == 0) { /* no force flag */
2507c478bd9Sstevel@tonic-gate 					exit_unlock();
2517c478bd9Sstevel@tonic-gate 
2527c478bd9Sstevel@tonic-gate 					return (error);
2537c478bd9Sstevel@tonic-gate 				}
2547c478bd9Sstevel@tonic-gate 			}
2557c478bd9Sstevel@tonic-gate 			cleanup_flag |= CLEAN_NAM_MAJ;
2567c478bd9Sstevel@tonic-gate 
2577c478bd9Sstevel@tonic-gate 			/*
2587c478bd9Sstevel@tonic-gate 			 * Notify running system of minor perm change
2597c478bd9Sstevel@tonic-gate 			 */
2607c478bd9Sstevel@tonic-gate 			if (basedir == NULL || (strcmp(basedir, "/") == 0)) {
2617c478bd9Sstevel@tonic-gate 				rval = devfs_add_minor_perm(driver_name,
2627c478bd9Sstevel@tonic-gate 				    log_minorperm_error);
2637c478bd9Sstevel@tonic-gate 				if (rval) {
2647c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr,
2657c478bd9Sstevel@tonic-gate 					    gettext(ERR_UPDATE_PERM),
2667c478bd9Sstevel@tonic-gate 					    driver_name);
2677c478bd9Sstevel@tonic-gate 				}
2687c478bd9Sstevel@tonic-gate 			}
2697c478bd9Sstevel@tonic-gate 		}
2707c478bd9Sstevel@tonic-gate 
2717c478bd9Sstevel@tonic-gate 		if (priv != NULL) {
2727c478bd9Sstevel@tonic-gate 			(void) append_to_file(driver_name, priv, extra_privs,
2737c478bd9Sstevel@tonic-gate 					',', ":");
2747c478bd9Sstevel@tonic-gate 			cleanup_flag |= CLEAN_DRV_PRIV;
2757c478bd9Sstevel@tonic-gate 		}
2767c478bd9Sstevel@tonic-gate 
2777c478bd9Sstevel@tonic-gate 		if (policy != NULL) {
2787c478bd9Sstevel@tonic-gate 			if ((error = update_device_policy(device_policy,
2797c478bd9Sstevel@tonic-gate 			    policy, B_TRUE)) != 0) {
2807c478bd9Sstevel@tonic-gate 				exit_unlock();
2817c478bd9Sstevel@tonic-gate 				return (error);
2827c478bd9Sstevel@tonic-gate 			}
2837c478bd9Sstevel@tonic-gate 			cleanup_flag |= CLEAN_DEV_POLICY;
2847c478bd9Sstevel@tonic-gate 		}
2857c478bd9Sstevel@tonic-gate 
2867c478bd9Sstevel@tonic-gate 		if (i_flag) {
2877c478bd9Sstevel@tonic-gate 			found = get_major_no(driver_name, name_to_major);
2887c478bd9Sstevel@tonic-gate 			if (found == ERROR) {
2897c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext(ERR_MAX_MAJOR),
2907c478bd9Sstevel@tonic-gate 				    name_to_major);
2917c478bd9Sstevel@tonic-gate 				err_exit();
2927c478bd9Sstevel@tonic-gate 			}
2937c478bd9Sstevel@tonic-gate 
2947c478bd9Sstevel@tonic-gate 			if (found == UNIQUE) {
2957c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr,
2967c478bd9Sstevel@tonic-gate 				    gettext(ERR_NOT_INSTALLED), driver_name);
2977c478bd9Sstevel@tonic-gate 				err_exit();
2987c478bd9Sstevel@tonic-gate 			}
2997c478bd9Sstevel@tonic-gate 
3007c478bd9Sstevel@tonic-gate 			major_num = (major_t)found;
3017c478bd9Sstevel@tonic-gate 
302*f9e4eebbScth 			/* check if the alias is unique */
303*f9e4eebbScth 			if ((error = aliases_unique(aliases)) == ERROR) {
304*f9e4eebbScth 				exit_unlock();
305*f9e4eebbScth 
306*f9e4eebbScth 				return (error);
307*f9e4eebbScth 			}
308*f9e4eebbScth 
309*f9e4eebbScth 			/* update the file */
310*f9e4eebbScth 			if ((error = update_driver_aliases(driver_name,
311*f9e4eebbScth 			    aliases)) == ERROR) {
312*f9e4eebbScth 				exit_unlock();
313*f9e4eebbScth 
314*f9e4eebbScth 				return (error);
315*f9e4eebbScth 			}
316*f9e4eebbScth 
3177c478bd9Sstevel@tonic-gate 			/* paranoia - if we crash whilst configuring */
3187c478bd9Sstevel@tonic-gate 			sync();
3197c478bd9Sstevel@tonic-gate 
3207c478bd9Sstevel@tonic-gate 			cleanup_flag |= CLEAN_DRV_ALIAS;
3217c478bd9Sstevel@tonic-gate 			if (config_driver(driver_name, major_num, aliases, NULL,
3227c478bd9Sstevel@tonic-gate 			    cleanup_flag, verbose_flag) == ERROR) {
3237c478bd9Sstevel@tonic-gate 				err_exit();
3247c478bd9Sstevel@tonic-gate 			}
3257c478bd9Sstevel@tonic-gate 
3267c478bd9Sstevel@tonic-gate 		}
3277c478bd9Sstevel@tonic-gate 		if (update_conf && (i_flag || policy != NULL))
3287c478bd9Sstevel@tonic-gate 			/* load the driver */
3297c478bd9Sstevel@tonic-gate 			load_driver(driver_name, verbose_flag);
3307c478bd9Sstevel@tonic-gate 
3317c478bd9Sstevel@tonic-gate 		exit_unlock();
3327c478bd9Sstevel@tonic-gate 
3337c478bd9Sstevel@tonic-gate 		return (0);
3347c478bd9Sstevel@tonic-gate 	}
3357c478bd9Sstevel@tonic-gate 
3367c478bd9Sstevel@tonic-gate 
3377c478bd9Sstevel@tonic-gate 	/*
3387c478bd9Sstevel@tonic-gate 	 * DELETE: -d option
3397c478bd9Sstevel@tonic-gate 	 * i_flag: update /etc/driver_aliases
3407c478bd9Sstevel@tonic-gate 	 * m_flag: update /etc/minor_perm
3417c478bd9Sstevel@tonic-gate 	 * -p: update /etc/security/device_policy
3427c478bd9Sstevel@tonic-gate 	 * -P: update /etc/security/extra_privs
3437c478bd9Sstevel@tonic-gate 	 */
3447c478bd9Sstevel@tonic-gate 	if (d_flag) {
3457c478bd9Sstevel@tonic-gate 		int err = NOERR;
3467c478bd9Sstevel@tonic-gate 
3477c478bd9Sstevel@tonic-gate 		if (m_flag) {
3487c478bd9Sstevel@tonic-gate 			/*
3497c478bd9Sstevel@tonic-gate 			 * On a running system, we first need to
3507c478bd9Sstevel@tonic-gate 			 * remove devfs's idea of the minor perms.
3517c478bd9Sstevel@tonic-gate 			 * We don't have any ability to do this singly
3527c478bd9Sstevel@tonic-gate 			 * at this point.
3537c478bd9Sstevel@tonic-gate 			 */
3547c478bd9Sstevel@tonic-gate 			if (basedir == NULL || (strcmp(basedir, "/") == 0)) {
3557c478bd9Sstevel@tonic-gate 				rval = devfs_rm_minor_perm(driver_name,
3567c478bd9Sstevel@tonic-gate 				    log_minorperm_error);
3577c478bd9Sstevel@tonic-gate 				if (rval) {
3587c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr,
3597c478bd9Sstevel@tonic-gate 					    gettext(ERR_UPDATE_PERM),
3607c478bd9Sstevel@tonic-gate 					    driver_name);
3617c478bd9Sstevel@tonic-gate 				}
3627c478bd9Sstevel@tonic-gate 			}
3637c478bd9Sstevel@tonic-gate 
3647c478bd9Sstevel@tonic-gate 			if ((error = delete_entry(minor_perm,
3657c478bd9Sstevel@tonic-gate 			    driver_name, ":", perms)) != NOERR) {
3667c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext(ERR_NO_ENTRY),
3677c478bd9Sstevel@tonic-gate 				    driver_name, minor_perm);
3687c478bd9Sstevel@tonic-gate 				err = error;
3697c478bd9Sstevel@tonic-gate 			}
3707c478bd9Sstevel@tonic-gate 			/*
3717c478bd9Sstevel@tonic-gate 			 * Notify running system of new minor perm state
3727c478bd9Sstevel@tonic-gate 			 */
3737c478bd9Sstevel@tonic-gate 			if (basedir == NULL || (strcmp(basedir, "/") == 0)) {
3747c478bd9Sstevel@tonic-gate 				rval = devfs_add_minor_perm(driver_name,
3757c478bd9Sstevel@tonic-gate 				    log_minorperm_error);
3767c478bd9Sstevel@tonic-gate 				if (rval) {
3777c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr,
3787c478bd9Sstevel@tonic-gate 					    gettext(ERR_UPDATE_PERM),
3797c478bd9Sstevel@tonic-gate 					    driver_name);
3807c478bd9Sstevel@tonic-gate 				}
3817c478bd9Sstevel@tonic-gate 			}
3827c478bd9Sstevel@tonic-gate 		}
3837c478bd9Sstevel@tonic-gate 
3847c478bd9Sstevel@tonic-gate 		if (i_flag) {
3857c478bd9Sstevel@tonic-gate 			if ((error = delete_entry(driver_aliases,
3867c478bd9Sstevel@tonic-gate 			    driver_name, ":", aliases)) != NOERR) {
3877c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext(ERR_NO_ENTRY),
3887c478bd9Sstevel@tonic-gate 				    driver_name, driver_aliases);
3897c478bd9Sstevel@tonic-gate 				if (err != NOERR)
3907c478bd9Sstevel@tonic-gate 					err = error;
3917c478bd9Sstevel@tonic-gate 			}
3927c478bd9Sstevel@tonic-gate 		}
3937c478bd9Sstevel@tonic-gate 
3947c478bd9Sstevel@tonic-gate 		if (priv != NULL) {
3957c478bd9Sstevel@tonic-gate 			if ((error = delete_entry(extra_privs, driver_name, ":",
3967c478bd9Sstevel@tonic-gate 			    priv)) != NOERR) {
3977c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext(ERR_NO_ENTRY),
3987c478bd9Sstevel@tonic-gate 				    driver_name, extra_privs);
3997c478bd9Sstevel@tonic-gate 				if (err != NOERR)
4007c478bd9Sstevel@tonic-gate 					err = error;
4017c478bd9Sstevel@tonic-gate 			}
4027c478bd9Sstevel@tonic-gate 		}
4037c478bd9Sstevel@tonic-gate 
4047c478bd9Sstevel@tonic-gate 		if (policy != NULL) {
4057c478bd9Sstevel@tonic-gate 			if ((error = delete_plcy_entry(device_policy,
4067c478bd9Sstevel@tonic-gate 				policy)) != NOERR) {
4077c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext(ERR_NO_ENTRY),
4087c478bd9Sstevel@tonic-gate 				    driver_name, device_policy);
4097c478bd9Sstevel@tonic-gate 				if (err != NOERR)
4107c478bd9Sstevel@tonic-gate 					err = error;
4117c478bd9Sstevel@tonic-gate 			}
4127c478bd9Sstevel@tonic-gate 		}
4137c478bd9Sstevel@tonic-gate 
4147c478bd9Sstevel@tonic-gate 		if (err == NOERR && update_conf) {
4157c478bd9Sstevel@tonic-gate 			if (i_flag || m_flag) {
4167c478bd9Sstevel@tonic-gate 				/* try to unload the driver */
4177c478bd9Sstevel@tonic-gate 				(void) unload_drv(driver_name,
4187c478bd9Sstevel@tonic-gate 				    force_flag, verbose_flag);
4197c478bd9Sstevel@tonic-gate 			}
4207c478bd9Sstevel@tonic-gate 			/* reload the policy */
4217c478bd9Sstevel@tonic-gate 			if (policy != NULL)
4227c478bd9Sstevel@tonic-gate 				load_driver(driver_name, verbose_flag);
4237c478bd9Sstevel@tonic-gate 		}
4247c478bd9Sstevel@tonic-gate 		exit_unlock();
4257c478bd9Sstevel@tonic-gate 
4267c478bd9Sstevel@tonic-gate 		return (err);
4277c478bd9Sstevel@tonic-gate 	}
4287c478bd9Sstevel@tonic-gate 
4297c478bd9Sstevel@tonic-gate 	/* driver name must exist (for update_conf stuff) */
4307c478bd9Sstevel@tonic-gate 	major = get_major_no(driver_name, name_to_major);
4317c478bd9Sstevel@tonic-gate 	if (major == ERROR) {
4327c478bd9Sstevel@tonic-gate 		err_exit();
4337c478bd9Sstevel@tonic-gate 	}
4347c478bd9Sstevel@tonic-gate 
4357c478bd9Sstevel@tonic-gate 	/*
4367c478bd9Sstevel@tonic-gate 	 * Update driver.conf file:
4377c478bd9Sstevel@tonic-gate 	 *	First try to unload driver module. If it fails, there may
4387c478bd9Sstevel@tonic-gate 	 *	be attached devices using the old driver.conf properties,
4397c478bd9Sstevel@tonic-gate 	 *	so we cannot safely update driver.conf
4407c478bd9Sstevel@tonic-gate 	 *
4417c478bd9Sstevel@tonic-gate 	 *	The user may specify -f to force a driver.conf update.
4427c478bd9Sstevel@tonic-gate 	 *	In this case, we will update driver.conf cache. All attached
4437c478bd9Sstevel@tonic-gate 	 *	devices still reference old driver.conf properties, including
4447c478bd9Sstevel@tonic-gate 	 *	driver global properties. Devices attached in the future will
4457c478bd9Sstevel@tonic-gate 	 *	referent properties in the updated driver.conf file.
4467c478bd9Sstevel@tonic-gate 	 */
4477c478bd9Sstevel@tonic-gate 	if (update_conf) {
4487c478bd9Sstevel@tonic-gate 		(void) unload_drv(driver_name, force_flag, verbose_flag);
4497c478bd9Sstevel@tonic-gate 
4507c478bd9Sstevel@tonic-gate 		if ((modctl(MODUNLOADDRVCONF, major) != 0) ||
4517c478bd9Sstevel@tonic-gate 		    (modctl(MODLOADDRVCONF, major) != 0)) {
4527c478bd9Sstevel@tonic-gate 			(void) fprintf(stderr, gettext(ERR_DRVCONF),
4537c478bd9Sstevel@tonic-gate 			    driver_name);
4547c478bd9Sstevel@tonic-gate 			err_exit();
4557c478bd9Sstevel@tonic-gate 		}
4567c478bd9Sstevel@tonic-gate 
4577c478bd9Sstevel@tonic-gate 		if (verbose_flag) {
4587c478bd9Sstevel@tonic-gate 			(void) fprintf(stderr, gettext(DRVCONF_UPDATED),
4597c478bd9Sstevel@tonic-gate 			    driver_name);
4607c478bd9Sstevel@tonic-gate 		}
4617c478bd9Sstevel@tonic-gate 	}
4627c478bd9Sstevel@tonic-gate 
4637c478bd9Sstevel@tonic-gate 	/* rebuild /devices & /dev */
4647c478bd9Sstevel@tonic-gate 	load_driver(driver_name, verbose_flag);
4657c478bd9Sstevel@tonic-gate 
4667c478bd9Sstevel@tonic-gate 	exit_unlock();
4677c478bd9Sstevel@tonic-gate 
4687c478bd9Sstevel@tonic-gate 	return (NOERR);
4697c478bd9Sstevel@tonic-gate }
470