PSARC/2005/471 BrandZ: Support for non-native zones

6374606 ::nm -D without an object may not work on processes in zones
6409350 BrandZ project integration into Solaris
6455289 pthread_setschedparam() should return EPERM rather than panic libc
6455591 setpriority(3C) gets errno wrong for deficient privileges failure
6458178 fifofs doesn't support lofs mounts of fifos
6460380 Attempted open() of a symlink with the O_NOFOLLOW flag set returns EINVAL, not ELOOP
6463857 renice(1) errors erroneously

--HG--
rename : usr/src/lib/libzonecfg/zones/SUNWblank.xml => usr/src/lib/brand/native/zone/SUNWblank.xml
rename : usr/src/lib/libzonecfg/zones/SUNWdefault.xml => usr/src/lib/brand/native/zone/SUNWdefault.xml

18 files changed, 423 insertions, 107 deletions

diff --git a/usr/src/uts/common/sys/Makefile b/usr/src/uts/common/sys/Makefile
index f6bcef9c5c..2754405b01 100644
--- a/usr/src/uts/common/sys/Makefile
+++ b/usr/src/uts/common/sys/Makefile
@@ -102,6 +102,7 @@ CHKHDRS=			\
 	bofi_impl.h		\
 	bpp_io.h		\
 	bootstat.h		\
+	brand.h			\
 	buf.h			\
 	bufmod.h		\
 	bustypes.h		\
diff --git a/usr/src/uts/common/sys/audioio.h b/usr/src/uts/common/sys/audioio.h
index 5b8152cfc5..2814eb7040 100644
--- a/usr/src/uts/common/sys/audioio.h
+++ b/usr/src/uts/common/sys/audioio.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,8 +19,8 @@
  * CDDL HEADER END
  */
 /*
- * Copyright (c) 1995-2001 by Sun Microsystems, Inc.
- * All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
  */
 
 #ifndef	_SYS_AUDIOIO_H
@@ -209,10 +208,10 @@ typedef struct audio_info audio_info_t;
  * a signed int.
  */
 #define	AUDIO_INITINFO(i)	{					\
-	uint_t	*__x__;						\
-	for (__x__ = (uint_t *)(i);				\
+	uint_t	*__x__;							\
+	for (__x__ = (uint_t *)(i);					\
 	    (char *)__x__ < (((char *)(i)) + sizeof (audio_info_t));	\
-	    *__x__++ = ~0);						\
+	    *__x__++ = (uint_t)~0);					\
 }
 
 
diff --git a/usr/src/uts/common/sys/auxv.h b/usr/src/uts/common/sys/auxv.h
index 025d7a18e9..b9cf07f269 100644
--- a/usr/src/uts/common/sys/auxv.h
+++ b/usr/src/uts/common/sys/auxv.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -24,7 +23,7 @@
 
 
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -171,6 +170,15 @@ extern uint_t getisax(uint32_t *, uint_t);
 #define	AT_SUN_AUXFLAGS	2017	/* AF_SUN_ flags passed from the kernel */
 
 /*
+ * Used to indicate to the runtime linker the name of the emulation binary,
+ * if one is being used. For brands, this is the name of the brand library.
+ */
+#define	AT_SUN_EMULATOR		2018
+
+#define	AT_SUN_BRANDNAME	2019
+#define	AT_SUN_BRAND_PHDR	2020	/* Brand executable's phdr */
+
+/*
  * The kernel is in a better position to determine whether a process needs to
  * ignore dangerous LD environment variables.  If set, this flags tells
  * ld.so.1 to run "secure" and ignore the the environment.
@@ -183,7 +191,6 @@ extern uint_t getisax(uint32_t *, uint_t);
  */
 #define	AF_SUN_HWCAPVERIFY	0x00000002
 
-
 #ifdef	__cplusplus
 }
 #endif
diff --git a/usr/src/uts/common/sys/bitmap.h b/usr/src/uts/common/sys/bitmap.h
index 8476ba9563..d0dd12b683 100644
--- a/usr/src/uts/common/sys/bitmap.h
+++ b/usr/src/uts/common/sys/bitmap.h
@@ -20,7 +20,7 @@
  */
 
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -124,6 +124,14 @@ extern "C" {
 #endif /* _LP64 */
 
 
+/*
+ * BIT_ONLYONESET is a private macro not designed for bitmaps of
+ * arbitrary size.  u must be an unsigned integer/long.  It returns
+ * true if one and only one bit is set in u.
+ */
+#define	BIT_ONLYONESET(u) \
+	((((u) == 0) ? 0 : ((u) & ((u) - 1)) == 0))
+
 #if defined(_KERNEL) && !defined(_ASM)
 #include <sys/atomic.h>
 
diff --git a/usr/src/uts/common/sys/brand.h b/usr/src/uts/common/sys/brand.h
new file mode 100644
index 0000000000..c4595e9641
--- /dev/null
+++ b/usr/src/uts/common/sys/brand.h
@@ -0,0 +1,134 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef _SYS_BRAND_H
+#define	_SYS_BRAND_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#include <sys/proc.h>
+#include <sys/exec.h>
+
+/*
+ * All Brands supported by this kernel must use BRAND_VER_1.
+ */
+#define	BRAND_VER_1	1
+
+/*
+ * sub-commands to brandsys.
+ * 1 - 128 are for common commands
+ * 128+ are available for brand-specific commands.
+ */
+#define	B_REGISTER		1
+#define	B_TTYMODES		2
+#define	B_ELFDATA		3
+#define	B_EXEC_NATIVE		4
+#define	B_EXEC_BRAND		5
+
+/*
+ * Structure used by zoneadmd to communicate the name of a brand and the
+ * supporting brand module into the kernel.
+ */
+struct brand_attr {
+	char	ba_brandname[MAXNAMELEN];
+	char	ba_modname[MAXPATHLEN];
+};
+
+/* What we call the native brand. */
+#define	NATIVE_BRAND_NAME	"native"
+
+#ifdef	_KERNEL
+
+/* Root for branded zone's native binaries */
+#define	NATIVE_ROOT	"/native/"
+
+struct proc;
+struct uarg;
+struct brand_mach_ops;
+struct intpdata;
+struct execa;
+
+struct brand_ops {
+	int	(*b_brandsys)(int, int64_t *, uintptr_t, uintptr_t, uintptr_t,
+		uintptr_t, uintptr_t, uintptr_t);
+	void	(*b_setbrand)(struct proc *);
+	int	(*b_getattr)(zone_t *, int, void *, size_t *);
+	int	(*b_setattr)(zone_t *, int, void *, size_t);
+	void	(*b_copy_procdata)(struct proc *, struct proc *);
+	void	(*b_proc_exit)(struct proc *, klwp_t *);
+	void	(*b_exec)();
+	void	(*b_lwp_setrval)(klwp_t *, int, int);
+	int	(*b_initlwp)(klwp_t *);
+	void	(*b_forklwp)(klwp_t *, klwp_t *);
+	void	(*b_freelwp)(klwp_t *);
+	void	(*b_lwpexit)(klwp_t *);
+	int	(*b_elfexec)(struct vnode *vp, struct execa *uap,
+	    struct uarg *args, struct intpdata *idata, int level,
+	    long *execsz, int setid, caddr_t exec_file,
+	    struct cred *cred, int brand_action);
+};
+
+/*
+ * The b_version field must always be the first entry in this struct.
+ */
+typedef struct brand {
+	int			b_version;
+	char    		*b_name;
+	struct brand_ops	*b_ops;
+	struct brand_mach_ops	*b_machops;
+} brand_t;
+
+extern brand_t native_brand;
+
+/*
+ * Convenience macros
+ */
+#define	lwptolwpbrand(l)	((l)->lwp_brand)
+#define	ttolwpbrand(t)		(lwptolwpbrand(ttolwp(t)))
+#define	PROC_IS_BRANDED(p)	((p)->p_brand != &native_brand)
+#define	ZONE_IS_BRANDED(z)	((z)->zone_brand != &native_brand)
+#define	BROP(p)			((p)->p_brand->b_ops)
+#define	ZBROP(z)		((z)->zone_brand->b_ops)
+#define	BRMOP(p)		((p)->p_brand->b_machops)
+
+extern void	brand_init();
+extern int	brand_register(brand_t *);
+extern int	brand_unregister(brand_t *);
+extern brand_t	*brand_register_zone(struct brand_attr *);
+extern brand_t	*brand_find_name(char *);
+extern void	brand_unregister_zone(brand_t *);
+extern int	brand_zone_count(brand_t *);
+extern void	brand_setbrand(proc_t *);
+#endif	/* _KERNEL */
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _SYS_BRAND_H */
diff --git a/usr/src/uts/common/sys/class.h b/usr/src/uts/common/sys/class.h
index fbfbcc6080..9988ca3190 100644
--- a/usr/src/uts/common/sys/class.h
+++ b/usr/src/uts/common/sys/class.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -38,6 +37,7 @@
 #include <sys/thread.h>
 #include <sys/priocntl.h>
 #include <sys/mutex.h>
+#include <sys/uio.h>
 
 #ifdef	__cplusplus
 extern "C" {
@@ -128,15 +128,15 @@ extern pri_t	minclsyspri;
 extern id_t	syscid;		/* system scheduling class ID */
 extern id_t	defaultcid;	/* "default" class id; see dispadmin(1M) */
 
-extern int		alloc_cid(char *, id_t *);
-extern int		scheduler_load(char *, sclass_t *);
-extern int		getcid(char *, id_t *);
-extern int		getcidbyname(char *, id_t *);
-extern int		parmsin(pcparms_t *, pc_vaparms_t *);
-extern int		parmsout(pcparms_t *, pc_vaparms_t *);
-extern int		parmsset(pcparms_t *, kthread_id_t);
-extern void		parmsget(kthread_id_t, pcparms_t *);
-extern int		vaparmsout(char *, pcparms_t *, pc_vaparms_t *);
+extern int	alloc_cid(char *, id_t *);
+extern int	scheduler_load(char *, sclass_t *);
+extern int	getcid(char *, id_t *);
+extern int	getcidbyname(char *, id_t *);
+extern int	parmsin(pcparms_t *, pc_vaparms_t *);
+extern int	parmsout(pcparms_t *, pc_vaparms_t *);
+extern int	parmsset(pcparms_t *, kthread_id_t);
+extern void	parmsget(kthread_id_t, pcparms_t *);
+extern int	vaparmsout(char *, pcparms_t *, pc_vaparms_t *, uio_seg_t);
 
 #endif
 
diff --git a/usr/src/uts/common/sys/exec.h b/usr/src/uts/common/sys/exec.h
index e9a34eacfe..a5eaf18edd 100644
--- a/usr/src/uts/common/sys/exec.h
+++ b/usr/src/uts/common/sys/exec.h
@@ -105,9 +105,19 @@ typedef struct uarg {
 	uint_t	brkpageszc;
 	uintptr_t entry;
 	uintptr_t thrptr;
+	char	*emulator;
+	char	*brandname;
+	auxv32_t *brand_auxp;	/* starting user addr of brand auxvs on stack */
 } uarg_t;
 
 /*
+ * Possible brand actions for exec.
+ */
+#define	EBA_NONE	0
+#define	EBA_NATIVE	1
+#define	EBA_BRAND	2
+
+/*
  * The following macro is a machine dependent encapsulation of
  * postfix processing to hide the stack direction from elf.c
  * thereby making the elf.c code machine independent.
@@ -166,7 +176,7 @@ struct execsw {
 	int	(*exec_func)(struct vnode *vp, struct execa *uap,
 		    struct uarg *args, struct intpdata *idata, int level,
 		    long *execsz, int setid, caddr_t exec_file,
-		    struct cred *cred);
+		    struct cred *cred, int brand_action);
 	int	(*exec_core)(struct vnode *vp, struct proc *p,
 		    struct cred *cred, rlim64_t rlimit, int sig,
 		    core_content_t content);
@@ -198,10 +208,10 @@ extern int exec_args(execa_t *, uarg_t *, intpdata_t *, void **);
 extern int exec(const char *fname, const char **argp);
 extern int exece(const char *fname, const char **argp, const char **envp);
 extern int exec_common(const char *fname, const char **argp,
-    const char **envp);
+    const char **envp, int brand_action);
 extern int gexec(vnode_t **vp, struct execa *uap, struct uarg *args,
     struct intpdata *idata, int level, long *execsz, caddr_t exec_file,
-    struct cred *cred);
+    struct cred *cred, int brand_action);
 extern struct execsw *allocate_execsw(char *name, char *magic,
     size_t magic_size);
 extern struct execsw *findexecsw(char *magic);
diff --git a/usr/src/uts/common/sys/klwp.h b/usr/src/uts/common/sys/klwp.h
index ade26b4f82..7dea5b4941 100644
--- a/usr/src/uts/common/sys/klwp.h
+++ b/usr/src/uts/common/sys/klwp.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -211,6 +210,8 @@ typedef struct _klwp {
 	 */
 	struct ct_template *lwp_ct_active[CTT_MAXTYPE]; /* active templates */
 	struct contract	*lwp_ct_latest[CTT_MAXTYPE]; /* last created contract */
+
+	void	*lwp_brand;		/* per-lwp brand data */
 } klwp_t;
 
 /* lwp states */
diff --git a/usr/src/uts/common/sys/modctl.h b/usr/src/uts/common/sys/modctl.h
index 1093eddef6..5e9450dde5 100644
--- a/usr/src/uts/common/sys/modctl.h
+++ b/usr/src/uts/common/sys/modctl.h
@@ -61,6 +61,7 @@ struct mod_ops {
  * The defined set of mod_ops structures for each loadable module type
  * Defined in modctl.c
  */
+extern struct mod_ops mod_brandops;
 #if defined(__i386) || defined(__amd64)
 extern struct mod_ops mod_cpuops;
 #endif
@@ -175,6 +176,13 @@ struct modlpcbe {
 	struct __pcbe_ops	*pcbe_ops;
 };
 
+/* For Brand modules */
+struct modlbrand {
+	struct mod_ops		*brand_modops;
+	char			*brand_linkinfo;
+	struct brand		*brand_branddef;
+};
+
 /* for devname fs */
 struct modldev {
 	struct mod_ops		*dev_modops;
diff --git a/usr/src/uts/common/sys/proc.h b/usr/src/uts/common/sys/proc.h
index fadcbf4a6d..13a3605e66 100644
--- a/usr/src/uts/common/sys/proc.h
+++ b/usr/src/uts/common/sys/proc.h
@@ -115,6 +115,7 @@ typedef struct lwpdir {
 struct pool;
 struct task;
 struct zone;
+struct brand;
 struct corectl_path;
 struct corectl_content;
 
@@ -336,6 +337,11 @@ typedef struct	proc {
 	uintptr_t	p_portcnt;	/* event ports counter */
 	struct zone	*p_zone;	/* zone in which process lives */
 	struct vnode	*p_execdir;	/* directory that p_exec came from */
+	struct brand	*p_brand;	/* process's brand  */
+	void		*p_brand_data;	/* per-process brand state */
+
+	/* additional lock to protect p_sessp (but not its contents) */
+	kmutex_t p_splock;
 } proc_t;
 
 #define	PROC_T				/* headers relying on proc_t are OK */
@@ -408,6 +414,10 @@ struct plock {
 extern proc_t p0;		/* process 0 */
 extern struct plock p0lock;	/* p0's plock */
 extern struct pid pid0;		/* p0's pid */
+
+/* pid_allocate() flags */
+#define	PID_ALLOC_PROC	0x0001	/* assign a /proc slot as well */
+
 #endif /* _KERNEL */
 
 /* stat codes */
@@ -588,7 +598,8 @@ extern int sigcheck(proc_t *, kthread_t *);
 extern void sigdefault(proc_t *);
 
 extern void pid_setmin(void);
-extern pid_t pid_assign(proc_t *);
+extern pid_t pid_allocate(proc_t *, int);
+extern struct pid *pid_find(pid_t);
 extern int pid_rele(struct pid *);
 extern void pid_exit(proc_t *);
 extern void proc_entry_free(struct pid *);
@@ -724,6 +735,7 @@ extern	void	lwp_rtt(void);
 extern	void	lwp_rtt_initial(void);
 extern	int	lwp_setprivate(klwp_t *, int, uintptr_t);
 extern	void	lwp_stat_update(lwp_stat_id_t, long);
+extern	void	lwp_attach_brand_hdlrs(klwp_t *);
 
 /*
  * Signal queue function prototypes. Must be here due to header ordering
diff --git a/usr/src/uts/common/sys/ptms.h b/usr/src/uts/common/sys/ptms.h
index 9aa6493956..120503539b 100644
--- a/usr/src/uts/common/sys/ptms.h
+++ b/usr/src/uts/common/sys/ptms.h
@@ -35,6 +35,8 @@
 extern "C" {
 #endif
 
+#ifdef _KERNEL
+
 /*
  * Structures and definitions supporting the pseudo terminal
  * drivers. This structure is private and should not be used by any
@@ -63,8 +65,6 @@ struct pt_ttys {
 #define	PTSOPEN 	0x04	/* slave side is open */
 #define	PTSTTY		0x08	/* slave side is tty */
 
-#ifdef _KERNEL
-
 /*
  * Multi-threading primitives.
  * Values of pt_refcnt: -1 if a writer is accessing the struct
@@ -129,18 +129,29 @@ extern void ptms_logp(char *, uintptr_t);
 #define	DDBGP(a, b)
 #endif
 
+typedef struct __ptmptsopencb_arg *ptmptsopencb_arg_t;
+typedef struct ptmptsopencb {
+	boolean_t		(*ppocb_func)(ptmptsopencb_arg_t);
+	ptmptsopencb_arg_t	ppocb_arg;
+} ptmptsopencb_t;
+
 #endif /* _KERNEL */
 
+typedef struct pt_own {
+	uid_t	pto_ruid;
+	gid_t	pto_rgid;
+} pt_own_t;
+
 /*
  * ioctl commands
  *
- *   ISPTM: Determines whether the file descriptor is that of an open master
- *	    device. Return code of zero indicates that the file descriptor
- *	    represents master device.
+ *  ISPTM: Determines whether the file descriptor is that of an open master
+ *	   device. Return code of zero indicates that the file descriptor
+ *	   represents master device.
  *
- *  UNLKPT: Unlocks the master and slave devices.  It returns 0 on success. On
- *	    failure, the errno is set to EINVAL indicating that the master
- *	    device is not open.
+ * UNLKPT: Unlocks the master and slave devices.  It returns 0 on success. On
+ *	   failure, the errno is set to EINVAL indicating that the master
+ *	   device is not open.
  *
  *  ZONEPT: Sets the zoneid of the pair of master and slave devices.  It
  *	    returns 0 upon success.  Used to force a pty 'into' a zone upon
@@ -149,16 +160,24 @@ extern void ptms_logp(char *, uintptr_t);
  * PT_OWNER: Sets uid and gid for slave device.  It returns 0 on success.
  *
  */
-#define	ISPTM	(('P'<<8)|1)	/* query for master */
-#define	UNLKPT	(('P'<<8)|2)	/* unlock master/slave pair */
-#define	PTSSTTY	(('P'<<8)|3)	/* set tty flag */
-#define	ZONEPT	(('P'<<8)|4)	/* set zone of master/slave pair */
-#define	PT_OWNER (('P'<<8)|5)	/* set owner and group for slave device */
+#define	ISPTM		(('P'<<8)|1)	/* query for master */
+#define	UNLKPT		(('P'<<8)|2)	/* unlock master/slave pair */
+#define	PTSSTTY		(('P'<<8)|3)	/* set tty flag */
+#define	ZONEPT		(('P'<<8)|4)	/* set zone of master/slave pair */
+#define	PT_OWNER	(('P'<<8)|5)	/* set owner/group for slave device */
 
-typedef struct pt_own {
-	uid_t	pto_ruid;
-	gid_t	pto_rgid;
-} pt_own_t;
+#ifdef _KERNEL
+/*
+ * kernel ioctl commands
+ *
+ * PTMPTSOPENCB: Returns a callback function pointer and opaque argument.
+ *	      The return value of the callback function when it's invoked
+ *	      with the opaque argument passed to it will indicate if the
+ *	      pts slave device is currently open.
+ */
+#define	PTMPTSOPENCB	(('P'<<8)|6)	/* check if the slave is open */
+
+#endif /* _KERNEL */
 
 #ifdef	__cplusplus
 }
diff --git a/usr/src/uts/common/sys/session.h b/usr/src/uts/common/sys/session.h
index 639d6bf69d..8db8a8a5bb 100644
--- a/usr/src/uts/common/sys/session.h
+++ b/usr/src/uts/common/sys/session.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -37,54 +36,96 @@
 extern "C" {
 #endif
 
+/*
+ * Session structure overview.
+ *
+ * Currently, the only structure in the kernel which has a pointer to a
+ * session structures is the proc_t via the p_sessp pointer.  To
+ * access a session proc_t->p_sessp pointer a caller must hold either
+ * pidlock or p_splock.  These locks only protect the p_sessp pointer
+ * itself and do not protect any of the contents of the session structure.
+ * To prevent the contents of a the session structure from changing the
+ * caller must grab s_lock.
+ *
+ * No callers should ever update the contents of the session structure
+ * directly.  Only the session management code should ever modify the
+ * contents of the session structure.  When the session code attempts
+ * to modify the contents of a session structure it must hold multiple
+ * locks.  The locking order for all the locks that may need to be
+ * acquired is:
+ * 	sd_lock -> pidlock -> p_splock -> s_lock
+ *
+ * If a caller requires access to a session structure for long
+ * periods of time or across operations that may block it should
+ * use the tty_hold() and sess_hold() interfaces.
+ *
+ * sess_hold() returns a pointer to a session structure associated
+ * with the proc_t that was passed in.  It also increments the reference
+ * count associated with that session structure to ensure that it
+ * can't be freed until after the caller is done with it and calls
+ * sess_rele().  This hold doesn't actually protect any of the
+ * contents of the session structure.
+ *
+ * tty_hold() returns a pointer to a session structure associated
+ * with the curproc.  It also "locks" the contents of the session
+ * structure.  This hold should be used when the caller will be
+ * doing operations on a controlling tty associated with the session.
+ * This operation doesn an implicit sess_hold() so that the session
+ * structure can't be free'd until after the caller is done with it
+ * and invokes tty_rele().
+ *
+ * NOTE: Neither of these functions (sess_hold() or tty_hold())
+ * prevent a process from changing its session.  Once these functions
+ * return a session pointer, that session pointer may no longer be
+ * associated with the current process.  If a caller wants to prevent
+ * a process from changing its session then it must hold pidlock or
+ * p_splock.
+ */
+
 typedef struct sess {
-	uint_t		s_ref; 		/* reference count */
-	dev_t		s_dev;		/* tty's device number */
-	struct vnode	*s_vp;		/* tty's vnode */
-	struct pid	*s_sidp;	/* session ID info */
-	struct cred	*s_cred;	/* allocation credentials */
-	kmutex_t	s_lock;		/* sync s_vp use with freectty */
-	kcondvar_t	s_wait_cv;	/* Condvar for sleeping */
-	int		s_cnt;		/* # of active users of this session */
-	int		s_flag;		/* session state flag see below */
-} sess_t;
+	struct pid *s_sidp;		/* session ID info, never changes */
 
-#define	SESS_CLOSE	1		/* session about to close */
-#define	s_sid s_sidp->pid_id
+	kmutex_t s_lock;		/* protects everything below */
+	uint_t s_ref; 			/* reference count */
+	boolean_t s_sighuped;		/* ctty had sighup sent to it */
 
-#if defined(_KERNEL)
+	boolean_t s_exit;		/* sesion leader is exiting */
+	kcondvar_t s_exit_cv;		/* Condvar for s_exit */
 
-extern sess_t session0;
+	int s_cnt;			/* active users of this ctty */
+	kcondvar_t s_cnt_cv;		/* Condvar for s_cnt */
 
-#define	SESS_HOLD(sp)	(++(sp)->s_ref)
-#define	SESS_RELE(sp)	sess_rele(sp)
+	/*
+	 * The following fields can only be updated while s_lock is held
+	 * and s_cnt is 0.  (ie, no one has a tty_hold() on this session.)
+	 */
+	dev_t s_dev;			/* tty's device number */
+	struct vnode *s_vp;		/* tty's vnode */
+	struct cred *s_cred;		/* allocation credentials */
+} sess_t;
 
-/*
- * Used to synchronize session vnode users with freectty()
- */
+#define	s_sid s_sidp->pid_id
 
-#define	TTY_HOLD(sp)	{ \
-	mutex_enter(&(sp)->s_lock); \
-	(++(sp)->s_cnt); \
-	mutex_exit(&(sp)->s_lock); \
-}
+#if defined(_KERNEL)
 
-#define	TTY_RELE(sp)	{ \
-	mutex_enter(&(sp)->s_lock); \
-	if ((--(sp)->s_cnt) == 0) \
-		cv_signal(&(sp)->s_wait_cv); \
-	mutex_exit(&(sp)->s_lock); \
-}
+extern sess_t session0;
 
 /* forward referenced structure tags */
 struct vnode;
 struct proc;
+struct stdata;
+
+extern void sess_hold(proc_t *p);
+extern void sess_rele(sess_t *, boolean_t);
+extern sess_t *tty_hold(void);
+extern void tty_rele(sess_t *sp);
+
 
-extern void sess_rele(sess_t *);
 extern void sess_create(void);
-extern void freectty(sess_t *);
-extern void alloctty(struct proc *, struct vnode *);
+extern int strctty(struct stdata *);
+extern int freectty(boolean_t);
 extern dev_t cttydev(struct proc *);
+extern void ctty_clear_sighuped(void);
 
 #endif /* defined(_KERNEL) */
 
diff --git a/usr/src/uts/common/sys/socketvar.h b/usr/src/uts/common/sys/socketvar.h
index d00220f2a9..39112e6c97 100644
--- a/usr/src/uts/common/sys/socketvar.h
+++ b/usr/src/uts/common/sys/socketvar.h
@@ -544,11 +544,21 @@ struct sonodeops {
 	(((len) + _CMSG_HDR_ALIGNMENT - 1) & ~(_CMSG_HDR_ALIGNMENT - 1))
 
 /*
- * Used in parsing msg_control
+ * Macros that operate on struct cmsghdr.
+ * Used in parsing msg_control.
+ * The CMSG_VALID macro does not assume that the last option buffer is padded.
  */
 #define	CMSG_NEXT(cmsg)						\
 	(struct cmsghdr *)((uintptr_t)(cmsg) +			\
 	    ROUNDUP_cmsglen((cmsg)->cmsg_len))
+#define	CMSG_CONTENT(cmsg)	(&((cmsg)[1]))
+#define	CMSG_CONTENTLEN(cmsg)	((cmsg)->cmsg_len - sizeof (struct cmsghdr))
+#define	CMSG_VALID(cmsg, start, end)					\
+	(ISALIGNED_cmsghdr(cmsg) &&					\
+	((uintptr_t)(cmsg) >= (uintptr_t)(start)) &&			\
+	((uintptr_t)(cmsg) < (uintptr_t)(end)) &&			\
+	((ssize_t)(cmsg)->cmsg_len >= sizeof (struct cmsghdr)) &&	\
+	((uintptr_t)(cmsg) + (cmsg)->cmsg_len <= (uintptr_t)(end)))
 
 /*
  * Maximum size of any argument that is copied in (addresses, options,
diff --git a/usr/src/uts/common/sys/strsubr.h b/usr/src/uts/common/sys/strsubr.h
index 27403d72cc..4f424e96e1 100644
--- a/usr/src/uts/common/sys/strsubr.h
+++ b/usr/src/uts/common/sys/strsubr.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -24,7 +23,7 @@
 
 
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -1113,8 +1112,6 @@ extern mblk_t *strrput_misc(vnode_t *, mblk_t *,
 extern int getiocseqno(void);
 extern int strwaitbuf(size_t, int);
 extern int strwaitq(stdata_t *, int, ssize_t, int, clock_t, int *);
-extern void stralloctty(struct stdata *);
-extern void strfreectty(struct stdata *);
 extern struct stdata *shalloc(queue_t *);
 extern void shfree(struct stdata *s);
 extern queue_t *allocq(void);
diff --git a/usr/src/uts/common/sys/syscall.h b/usr/src/uts/common/sys/syscall.h
index 43dee30f0b..1a6412b70b 100644
--- a/usr/src/uts/common/sys/syscall.h
+++ b/usr/src/uts/common/sys/syscall.h
@@ -99,7 +99,7 @@ extern "C" {
 	 *	getpgid(pid)	  :: syscall(39,4,pid)
 	 *	setpgid(pid,pgid) :: syscall(39,5,pid,pgid)
 	 */
-#define	SYS_reserved_40	40	/* 40 not used, was xenix */
+#define	SYS_uucopystr	40
 #define	SYS_dup		41
 #define	SYS_pipe	42
 #define	SYS_times	43
@@ -355,7 +355,7 @@ extern "C" {
 #define	SYS_pwrite		174
 #define	SYS_llseek		175
 #define	SYS_inst_sync		176
-#define	SYS_reserved_177	177	/* 177 reserved */
+#define	SYS_brand		177
 #define	SYS_kaio		178
 	/*
 	 * subcodes:
@@ -464,6 +464,8 @@ extern "C" {
 	 *	zone_list(...) :: zone(ZONE_LIST, ...)
 	 *	zone_shutdown(...) :: zone(ZONE_SHUTDOWN, ...)
 	 *	zone_lookup(...) :: zone(ZONE_LOOKUP, ...)
+	 *	zone_setattr(...) :: zone(ZONE_SETATTR, ...)
+	 *	zone_getattr(...) :: zone(ZONE_GETATTR, ...)
 	 */
 #define	SYS_autofssys		228
 #define	SYS_getcwd		229
@@ -494,7 +496,7 @@ extern "C" {
 #define	SYS_lwp_mutex_trylock	251
 #define	SYS_lwp_mutex_init	252
 #define	SYS_cladm		253
-#define	SYS_reserved_254	254	/* 254 reserved */
+#define	SYS_uucopy		254
 #define	SYS_umount2		255
 
 
diff --git a/usr/src/uts/common/sys/systm.h b/usr/src/uts/common/sys/systm.h
index c96ea5b4ac..ac465ad49f 100644
--- a/usr/src/uts/common/sys/systm.h
+++ b/usr/src/uts/common/sys/systm.h
@@ -246,6 +246,7 @@ int copyoutstr_noerr(const char *, char *, size_t, size_t *);
 int copystr(const char *, char *, size_t, size_t *);
 void bcopy(const void *, void *, size_t);
 void ucopy(const void *, void *, size_t);
+void ucopystr(const char *, char *, size_t, size_t *);
 void pgcopy(const void *, void *, size_t);
 void ovbcopy(const void *, void *, size_t);
 void bzero(void *, size_t);
diff --git a/usr/src/uts/common/sys/termios.h b/usr/src/uts/common/sys/termios.h
index 8bd020e5c1..2d99f70bc2 100644
--- a/usr/src/uts/common/sys/termios.h
+++ b/usr/src/uts/common/sys/termios.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -24,7 +23,7 @@
 
 
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -382,6 +381,24 @@ extern pid_t tcgetsid();
 #define	TCSETSF		(_TIOC|16)
 
 /*
+ * linux terminal ioctls we need to be aware of
+ */
+#define	TIOCSETLD	(_TIOC|123)	/* set line discipline parms */
+#define	TIOCGETLD	(_TIOC|124)	/* get line discipline parms */
+
+/*
+ * The VMIN and VTIME and solaris overlap with VEOF and VEOL - This is
+ * perfectly legal except, linux expects them to be separate. So we keep
+ * them separately.
+ */
+struct lx_cc {
+	unsigned char veof;	/* veof value */
+	unsigned char veol;	/* veol value */
+	unsigned char vmin;	/* vmin value */
+	unsigned char vtime;	/* vtime value */
+};
+
+/*
  * NTP PPS ioctls
  */
 #define	TIOCGPPS	(_TIOC|125)
@@ -457,6 +474,7 @@ struct ppsclockev32 {
 #define	TIOCGLTC	(tIOC|116)	/* get local special chars */
 #define	TIOCOUTQ	(tIOC|115)	/* driver output queue size */
 #define	TIOCNOTTY	(tIOC|113)	/* void tty association */
+#define	TIOCSCTTY	(tIOC|132)	/* get a ctty */
 #define	TIOCSTOP	(tIOC|111)	/* stop output, like ^S */
 #define	TIOCSTART	(tIOC|110)	/* start output, like ^Q */
 #define	TIOCSILOOP	(tIOC|109)	/* private to Sun; do not use */
diff --git a/usr/src/uts/common/sys/zone.h b/usr/src/uts/common/sys/zone.h
index 56c23d00ad..636b8acc0f 100644
--- a/usr/src/uts/common/sys/zone.h
+++ b/usr/src/uts/common/sys/zone.h
@@ -87,6 +87,10 @@ extern "C" {
 #define	ZONE_ATTR_SLBL		8
 #define	ZONE_ATTR_INITNAME	9
 #define	ZONE_ATTR_BOOTARGS	10
+#define	ZONE_ATTR_BRAND		11
+
+/* Start of the brand-specific attribute namespace */
+#define	ZONE_ATTR_BRAND_ATTRS	32768
 
 #define	ZONE_EVENT_CHANNEL	"com.sun:zones:status"
 #define	ZONE_EVENT_STATUS_CLASS	"status"
@@ -103,6 +107,49 @@ extern "C" {
 #define	ZONE_CB_TIMESTAMP	"when"
 #define	ZONE_CB_ZONEID		"zoneid"
 
+/*
+ * Exit values that may be returned by scripts or programs invoked by various
+ * zone commands.
+ *
+ * These are defined as:
+ *
+ *	ZONE_SUBPROC_OK
+ *	===============
+ *	The subprocess completed successfully.
+ *
+ *	ZONE_SUBPROC_USAGE
+ *	==================
+ *	The subprocess failed with a usage message, or a usage message should
+ *	be output in its behalf.
+ *
+ *	ZONE_SUBPROC_NOTCOMPLETE
+ *	========================
+ *	The subprocess did not complete, but the actions performed by the
+ *	subprocess require no recovery actions by the user.
+ *
+ *	For example, if the subprocess were called by "zoneadm install," the
+ *	installation of the zone did not succeed but the user need not perform
+ *	a "zoneadm uninstall" before attempting another install.
+ *
+ *	ZONE_SUBPROC_FATAL
+ *	==================
+ *	The subprocess failed in a fatal manner, usually one that will require
+ *	some type of recovery action by the user.
+ *
+ *	For example, if the subprocess were called by "zoneadm install," the
+ *	installation of the zone did not succeed and the user will need to
+ *	perform a "zoneadm uninstall" before another install attempt is
+ *	possible.
+ *
+ *	The non-success exit values are large to avoid accidental collision
+ *	with values used internally by some commands (e.g. "Z_ERR" and
+ *	"Z_USAGE" as used by zoneadm.)
+ */
+#define	ZONE_SUBPROC_OK			0
+#define	ZONE_SUBPROC_USAGE		253
+#define	ZONE_SUBPROC_NOTCOMPLETE	254
+#define	ZONE_SUBPROC_FATAL		255
+
 #ifdef _SYSCALL32
 typedef struct {
 	caddr32_t zone_name;
@@ -159,8 +206,8 @@ typedef enum {
  * communicates with zoneadmd, but only uses Z_REBOOT and Z_HALT.
  */
 typedef enum zone_cmd {
-	Z_READY, Z_BOOT, Z_REBOOT, Z_HALT, Z_NOTE_UNINSTALLING,
-	Z_MOUNT, Z_UNMOUNT
+	Z_READY, Z_BOOT, Z_FORCEBOOT, Z_REBOOT, Z_HALT, Z_NOTE_UNINSTALLING,
+	Z_MOUNT, Z_FORCEMOUNT, Z_UNMOUNT
 } zone_cmd_t;
 
 /*
@@ -223,6 +270,7 @@ typedef struct zone_cmd_rval {
 #define	ZF_IS_SCRATCH		0x4	/* scratch zone */
 
 struct pool;
+struct brand;
 
 /*
  * Structure to record list of ZFS datasets exported to a zone.
@@ -318,6 +366,8 @@ typedef struct zone {
 	int		zone_match;	/* require label match for packets */
 	tsol_mlp_list_t zone_mlps;	/* MLPs on zone-private addresses */
 
+	boolean_t	zone_restart_init;	/* Restart init if it dies? */
+	struct brand	*zone_brand;		/* zone's brand */
 } zone_t;
 
 /*
@@ -330,8 +380,6 @@ extern zone_t *global_zone;
 extern uint_t maxzones;
 extern rctl_hndl_t rc_zone_nlwps;
 
-extern const char * const zone_initname;
-
 extern long zone(int, void *, void *, void *, void *);
 extern void zone_zsd_init(void);
 extern void zone_init(void);