1 /* 2 * (MPSAFE) 3 * 4 * Copyright (c) 1982, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 4. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)tty_pty.c 8.4 (Berkeley) 2/20/95 32 * $FreeBSD: src/sys/kern/tty_pty.c,v 1.74.2.4 2002/02/20 19:58:13 dillon Exp $ 33 */ 34 35 /* 36 * MPSAFE NOTE: 37 * Most functions here could use a separate lock to deal with concurrent 38 * access to the 'pt's. 39 * 40 * Right now the tty_token must be held for all this. 41 */ 42 43 /* 44 * Pseudo-teletype Driver 45 * (Actually two drivers, requiring two dev_ops structures) 46 */ 47 48 #include "opt_compat.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #if defined(COMPAT_43) 53 #include <sys/ioctl_compat.h> 54 #endif 55 #include <sys/proc.h> 56 #include <sys/priv.h> 57 #include <sys/tty.h> 58 #include <sys/conf.h> 59 #include <sys/fcntl.h> 60 #include <sys/kernel.h> 61 #include <sys/vnode.h> 62 #include <sys/signalvar.h> 63 #include <sys/malloc.h> 64 #include <sys/device.h> 65 #include <sys/thread2.h> 66 #include <sys/devfs.h> 67 #include <sys/stat.h> 68 #include <sys/sysctl.h> 69 70 #define UNIX98_PTYS 1 71 72 MALLOC_DEFINE(M_PTY, "ptys", "pty data structures"); 73 74 static void ptsstart (struct tty *tp); 75 static void ptsstop (struct tty *tp, int rw); 76 static void ptsunhold (struct tty *tp); 77 static void ptcwakeup (struct tty *tp, int flag); 78 static void ptyinit (int n); 79 static int filt_ptcread (struct knote *kn, long hint); 80 static void filt_ptcrdetach (struct knote *kn); 81 static int filt_ptcwrite (struct knote *kn, long hint); 82 static void filt_ptcwdetach (struct knote *kn); 83 84 static d_open_t ptsopen; 85 static d_close_t ptsclose; 86 static d_read_t ptsread; 87 static d_write_t ptswrite; 88 static d_ioctl_t ptyioctl; 89 static d_open_t ptcopen; 90 static d_close_t ptcclose; 91 static d_read_t ptcread; 92 static d_write_t ptcwrite; 93 static d_kqfilter_t ptckqfilter; 94 95 #ifdef UNIX98_PTYS 96 DEVFS_DECLARE_CLONE_BITMAP(pty); 97 98 static d_clone_t ptyclone; 99 100 static int pty_debug_level = 0; 101 102 static struct dev_ops pts98_ops = { 103 { "pts98", 0, D_TTY | D_MPSAFE }, 104 .d_open = ptsopen, 105 .d_close = ptsclose, 106 .d_read = ptsread, 107 .d_write = ptswrite, 108 .d_ioctl = ptyioctl, 109 .d_kqfilter = ttykqfilter, 110 .d_revoke = ttyrevoke 111 }; 112 113 static struct dev_ops ptc98_ops = { 114 { "ptc98", 0, D_TTY | D_MASTER | D_MPSAFE }, 115 .d_open = ptcopen, 116 .d_close = ptcclose, 117 .d_read = ptcread, 118 .d_write = ptcwrite, 119 .d_ioctl = ptyioctl, 120 .d_kqfilter = ptckqfilter, 121 .d_revoke = ttyrevoke 122 }; 123 #endif 124 125 static struct dev_ops pts_ops = { 126 { "pts", 0, D_TTY | D_MPSAFE }, 127 .d_open = ptsopen, 128 .d_close = ptsclose, 129 .d_read = ptsread, 130 .d_write = ptswrite, 131 .d_ioctl = ptyioctl, 132 .d_kqfilter = ttykqfilter, 133 .d_revoke = ttyrevoke 134 }; 135 136 #define CDEV_MAJOR_C 6 137 static struct dev_ops ptc_ops = { 138 { "ptc", 0, D_TTY | D_MASTER | D_MPSAFE }, 139 .d_open = ptcopen, 140 .d_close = ptcclose, 141 .d_read = ptcread, 142 .d_write = ptcwrite, 143 .d_ioctl = ptyioctl, 144 .d_kqfilter = ptckqfilter, 145 .d_revoke = ttyrevoke 146 }; 147 148 #define BUFSIZ 100 /* Chunk size iomoved to/from user */ 149 150 struct pt_ioctl { 151 int pt_flags; 152 int pt_refs; /* Structural references interlock S/MOPEN */ 153 int pt_uminor; 154 struct kqinfo pt_kqr, pt_kqw; 155 u_char pt_send; 156 u_char pt_ucntl; 157 struct tty pt_tty; 158 cdev_t devs, devc; 159 struct prison *pt_prison; 160 }; 161 162 /* 163 * pt_flags ptc state 164 */ 165 #define PF_PKT 0x0008 /* packet mode */ 166 #define PF_STOPPED 0x0010 /* user told stopped */ 167 #define PF_REMOTE 0x0020 /* remote and flow controlled input */ 168 #define PF_NOSTOP 0x0040 169 #define PF_UCNTL 0x0080 /* user control mode */ 170 171 #define PF_PTCSTATEMASK 0x00FF 172 173 /* 174 * pt_flags open state. Note that PF_SCLOSED is used to activate 175 * read EOF on the ptc so it is only set after the slave has been 176 * opened and then closed, and cleared again if the slave is opened 177 * again. 178 */ 179 #define PF_UNIX98 0x0100 180 #define PF_SOPEN 0x0200 181 #define PF_MOPEN 0x0400 182 #define PF_SCLOSED 0x0800 183 #define PF_TERMINATED 0x8000 184 185 /* 186 * This function creates and initializes a pts/ptc pair 187 * 188 * pts == /dev/tty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv] 189 * ptc == /dev/pty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv] 190 * 191 * XXX: define and add mapping of upper minor bits to allow more 192 * than 256 ptys. 193 */ 194 static void 195 ptyinit(int n) 196 { 197 cdev_t devs, devc; 198 char *names = "pqrsPQRS"; 199 struct pt_ioctl *pt; 200 201 /* For now we only map the lower 8 bits of the minor */ 202 if (n & ~0xff) 203 return; 204 205 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO); 206 pt->devs = devs = make_dev(&pts_ops, n, 207 0, 0, 0666, "tty%c%r", names[n / 32], n % 32); 208 pt->devc = devc = make_dev(&ptc_ops, n, 209 0, 0, 0666, "pty%c%r", names[n / 32], n % 32); 210 211 pt->pt_tty.t_dev = devs; 212 pt->pt_uminor = n; 213 devs->si_drv1 = devc->si_drv1 = pt; 214 devs->si_tty = devc->si_tty = &pt->pt_tty; 215 devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 216 devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 217 ttyregister(&pt->pt_tty); 218 } 219 220 #ifdef UNIX98_PTYS 221 static int 222 ptyclone(struct dev_clone_args *ap) 223 { 224 int unit; 225 struct pt_ioctl *pt; 226 227 /* 228 * Limit the number of unix98 pty (slave) devices to 1000, as 229 * the utmp(5) format only allows for 8 bytes for the tty, 230 * "pts/XXX". 231 * If this limit is reached, we don't clone and return error 232 * to devfs. 233 */ 234 unit = devfs_clone_bitmap_get(&DEVFS_CLONE_BITMAP(pty), 1000); 235 236 if (unit < 0) { 237 ap->a_dev = NULL; 238 return 1; 239 } 240 241 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO); 242 243 pt->devc = make_only_dev(&ptc98_ops, unit, 244 ap->a_cred->cr_ruid, 245 0, 0600, "ptm/%d", unit); 246 pt->devs = make_dev(&pts98_ops, unit, 247 ap->a_cred->cr_ruid, 248 GID_TTY, 0620, "pts/%d", unit); 249 ap->a_dev = pt->devc; 250 251 pt->devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 252 pt->devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 253 254 pt->pt_tty.t_dev = pt->devs; 255 pt->pt_flags |= PF_UNIX98; 256 pt->pt_uminor = unit; 257 pt->devs->si_drv1 = pt->devc->si_drv1 = pt; 258 pt->devs->si_tty = pt->devc->si_tty = &pt->pt_tty; 259 260 ttyregister(&pt->pt_tty); 261 262 return 0; 263 } 264 #endif 265 266 /* 267 * pti_hold() prevents the pti from being destroyed due to a termination 268 * while a pt*open() is blocked. 269 * 270 * This function returns non-zero if we cannot hold due to a termination 271 * interlock. 272 * 273 * NOTE: Must be called with tty_token held 274 */ 275 static int 276 pti_hold(struct pt_ioctl *pti) 277 { 278 if (pti->pt_flags & PF_TERMINATED) 279 return(ENXIO); 280 ++pti->pt_refs; 281 return(0); 282 } 283 284 /* 285 * pti_done() releases the reference and checks to see if both sides have 286 * been closed on a unix98 pty, allowing us to destroy the device and 287 * release resources. 288 * 289 * We do not release resources on non-unix98 ptys. Those are left 290 * statically allocated. 291 */ 292 static void 293 pti_done(struct pt_ioctl *pti) 294 { 295 lwkt_gettoken(&tty_token); 296 if (--pti->pt_refs == 0) { 297 #ifdef UNIX98_PTYS 298 cdev_t dev; 299 int uminor_no; 300 301 /* 302 * Only unix09 ptys are freed up 303 */ 304 if ((pti->pt_flags & PF_UNIX98) == 0) { 305 lwkt_reltoken(&tty_token); 306 return; 307 } 308 309 /* 310 * Interlock open attempts against termination by setting 311 * PF_TERMINATED. This allows us to block while cleaning 312 * out the device infrastructure. 313 * 314 * Do not terminate the tty if it still has a session 315 * association (t_refs). 316 */ 317 if ((pti->pt_flags & (PF_SOPEN|PF_MOPEN)) == 0 && 318 pti->pt_tty.t_refs == 0) { 319 pti->pt_flags |= PF_TERMINATED; 320 uminor_no = pti->pt_uminor; 321 322 if ((dev = pti->devs) != NULL) { 323 dev->si_drv1 = NULL; 324 pti->devs = NULL; 325 destroy_dev(dev); 326 } 327 if ((dev = pti->devc) != NULL) { 328 dev->si_drv1 = NULL; 329 pti->devc = NULL; 330 destroy_dev(dev); 331 } 332 ttyunregister(&pti->pt_tty); 333 devfs_clone_bitmap_put(&DEVFS_CLONE_BITMAP(pty), 334 uminor_no); 335 kfree(pti, M_PTY); 336 } 337 #endif 338 } 339 lwkt_reltoken(&tty_token); 340 } 341 342 /*ARGSUSED*/ 343 static int 344 ptsopen(struct dev_open_args *ap) 345 { 346 cdev_t dev = ap->a_head.a_dev; 347 struct tty *tp; 348 int error; 349 struct pt_ioctl *pti; 350 351 /* 352 * The pti will already be assigned by the clone code or 353 * pre-created if a non-unix 98 pty. If si_drv1 is NULL 354 * we are somehow racing a unix98 termination. 355 */ 356 if (dev->si_drv1 == NULL) 357 return(ENXIO); 358 pti = dev->si_drv1; 359 360 lwkt_gettoken(&tty_token); 361 if (pti_hold(pti)) { 362 lwkt_reltoken(&tty_token); 363 return(ENXIO); 364 } 365 366 tp = dev->si_tty; 367 368 /* 369 * Reinit most of the tty state if it isn't open. Handle 370 * exclusive access. 371 */ 372 if ((tp->t_state & TS_ISOPEN) == 0) { 373 ttychars(tp); /* Set up default chars */ 374 tp->t_iflag = TTYDEF_IFLAG; 375 tp->t_oflag = TTYDEF_OFLAG; 376 tp->t_lflag = TTYDEF_LFLAG; 377 tp->t_cflag = TTYDEF_CFLAG; 378 tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED; 379 } else if ((tp->t_state & TS_XCLUDE) && 380 priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) { 381 pti_done(pti); 382 lwkt_reltoken(&tty_token); 383 return (EBUSY); 384 } else if (pti->pt_prison != ap->a_cred->cr_prison) { 385 pti_done(pti); 386 lwkt_reltoken(&tty_token); 387 return (EBUSY); 388 } 389 390 /* 391 * If the ptc is already present this will connect us up. It 392 * is unclear if this is actually needed. 393 * 394 * If neither side is open be sure to clear any left over 395 * ZOMBIE state before continuing. 396 */ 397 if (tp->t_oproc) 398 (void)(*linesw[tp->t_line].l_modem)(tp, 1); 399 else if ((pti->pt_flags & PF_SOPEN) == 0) 400 tp->t_state &= ~TS_ZOMBIE; 401 402 /* 403 * Wait for the carrier (ptc side) 404 */ 405 while ((tp->t_state & TS_CARR_ON) == 0) { 406 if (ap->a_oflags & FNONBLOCK) 407 break; 408 error = ttysleep(tp, TSA_CARR_ON(tp), PCATCH, "ptsopn", 0); 409 if (error) { 410 pti_done(pti); 411 lwkt_reltoken(&tty_token); 412 return (error); 413 } 414 } 415 416 /* 417 * Mark the tty open and mark the slave side as being open. 418 */ 419 error = (*linesw[tp->t_line].l_open)(dev, tp); 420 421 if (error == 0) { 422 pti->pt_flags |= PF_SOPEN; 423 pti->pt_flags &= ~PF_SCLOSED; 424 ptcwakeup(tp, FREAD|FWRITE); 425 } 426 pti_done(pti); 427 428 lwkt_reltoken(&tty_token); 429 return (error); 430 } 431 432 static int 433 ptsclose(struct dev_close_args *ap) 434 { 435 cdev_t dev = ap->a_head.a_dev; 436 struct tty *tp; 437 struct pt_ioctl *pti = dev->si_drv1; 438 int err; 439 440 lwkt_gettoken(&tty_token); 441 if (pti_hold(pti)) 442 panic("ptsclose on terminated pti"); 443 444 /* 445 * Disconnect the slave side 446 */ 447 tp = dev->si_tty; 448 err = (*linesw[tp->t_line].l_close)(tp, ap->a_fflag); 449 ptsstop(tp, FREAD|FWRITE); 450 ttyclose(tp); /* clears t_state */ 451 452 /* 453 * Mark the pts side closed and signal the ptc. Do not mark the 454 * tty a zombie... that is, allow the tty to be re-opened as long 455 * as the ptc is still open. The ptc will read() EOFs until the 456 * pts side is reopened or the ptc is closed. 457 * 458 * xterm() depends on this behavior as it will revoke() the pts 459 * and then reopen it after the (unnecessary old code) chmod. 460 */ 461 pti->pt_flags &= ~PF_SOPEN; 462 pti->pt_flags |= PF_SCLOSED; 463 if (tp->t_oproc) 464 ptcwakeup(tp, FREAD); 465 pti_done(pti); 466 lwkt_reltoken(&tty_token); 467 return (err); 468 } 469 470 static int 471 ptsread(struct dev_read_args *ap) 472 { 473 cdev_t dev = ap->a_head.a_dev; 474 struct proc *p = curproc; 475 struct tty *tp = dev->si_tty; 476 struct pt_ioctl *pti = dev->si_drv1; 477 struct lwp *lp; 478 479 int error = 0; 480 481 lp = curthread->td_lwp; 482 483 lwkt_gettoken(&tty_token); 484 again: 485 if (pti->pt_flags & PF_REMOTE) { 486 while (isbackground(p, tp)) { 487 if (SIGISMEMBER(p->p_sigignore, SIGTTIN) || 488 SIGISMEMBER(lp->lwp_sigmask, SIGTTIN) || 489 p->p_pgrp->pg_jobc == 0 || 490 (p->p_flags & P_PPWAIT)) { 491 lwkt_reltoken(&tty_token); 492 return (EIO); 493 } 494 pgsignal(p->p_pgrp, SIGTTIN, 1); 495 error = ttysleep(tp, &lbolt, PCATCH, "ptsbg", 0); 496 if (error) { 497 lwkt_reltoken(&tty_token); 498 return (error); 499 } 500 } 501 if (tp->t_canq.c_cc == 0) { 502 if (ap->a_ioflag & IO_NDELAY) { 503 lwkt_reltoken(&tty_token); 504 return (EWOULDBLOCK); 505 } 506 error = ttysleep(tp, TSA_PTS_READ(tp), PCATCH, 507 "ptsin", 0); 508 if (error) { 509 lwkt_reltoken(&tty_token); 510 return (error); 511 } 512 goto again; 513 } 514 while (tp->t_canq.c_cc > 1 && ap->a_uio->uio_resid > 0) 515 if (ureadc(clist_getc(&tp->t_canq), ap->a_uio) < 0) { 516 error = EFAULT; 517 break; 518 } 519 if (tp->t_canq.c_cc == 1) 520 clist_getc(&tp->t_canq); 521 if (tp->t_canq.c_cc) { 522 lwkt_reltoken(&tty_token); 523 return (error); 524 } 525 } else 526 if (tp->t_oproc) 527 error = (*linesw[tp->t_line].l_read)(tp, ap->a_uio, ap->a_ioflag); 528 ptcwakeup(tp, FWRITE); 529 lwkt_reltoken(&tty_token); 530 return (error); 531 } 532 533 /* 534 * Write to pseudo-tty. 535 * Wakeups of controlling tty will happen 536 * indirectly, when tty driver calls ptsstart. 537 */ 538 static int 539 ptswrite(struct dev_write_args *ap) 540 { 541 cdev_t dev = ap->a_head.a_dev; 542 struct tty *tp; 543 int ret; 544 545 lwkt_gettoken(&tty_token); 546 tp = dev->si_tty; 547 if (tp->t_oproc == NULL) { 548 lwkt_reltoken(&tty_token); 549 return (EIO); 550 } 551 ret = ((*linesw[tp->t_line].l_write)(tp, ap->a_uio, ap->a_ioflag)); 552 lwkt_reltoken(&tty_token); 553 return ret; 554 } 555 556 /* 557 * Start output on pseudo-tty. 558 * Wake up process selecting or sleeping for input from controlling tty. 559 */ 560 static void 561 ptsstart(struct tty *tp) 562 { 563 lwkt_gettoken(&tty_token); 564 struct pt_ioctl *pti = tp->t_dev->si_drv1; 565 566 if (tp->t_state & TS_TTSTOP) { 567 lwkt_reltoken(&tty_token); 568 return; 569 } 570 if (pti) { 571 if (pti->pt_flags & PF_STOPPED) { 572 pti->pt_flags &= ~PF_STOPPED; 573 pti->pt_send = TIOCPKT_START; 574 } 575 } 576 ptcwakeup(tp, FREAD); 577 lwkt_reltoken(&tty_token); 578 } 579 580 /* 581 * NOTE: Must be called with tty_token held 582 */ 583 static void 584 ptcwakeup(struct tty *tp, int flag) 585 { 586 ASSERT_LWKT_TOKEN_HELD(&tty_token); 587 588 if (flag & FREAD) { 589 wakeup(TSA_PTC_READ(tp)); 590 KNOTE(&tp->t_rkq.ki_note, 0); 591 } 592 if (flag & FWRITE) { 593 wakeup(TSA_PTC_WRITE(tp)); 594 KNOTE(&tp->t_wkq.ki_note, 0); 595 } 596 } 597 598 static int 599 ptcopen(struct dev_open_args *ap) 600 { 601 cdev_t dev = ap->a_head.a_dev; 602 struct tty *tp; 603 struct pt_ioctl *pti; 604 605 /* 606 * The pti will already be assigned by the clone code or 607 * pre-created if a non-unix 98 pty. If si_drv1 is NULL 608 * we are somehow racing a unix98 termination. 609 */ 610 if (dev->si_drv1 == NULL) 611 return(ENXIO); 612 613 lwkt_gettoken(&tty_token); 614 pti = dev->si_drv1; 615 if (pti_hold(pti)) { 616 lwkt_reltoken(&tty_token); 617 return(ENXIO); 618 } 619 if (pti->pt_prison && pti->pt_prison != ap->a_cred->cr_prison) { 620 pti_done(pti); 621 lwkt_reltoken(&tty_token); 622 return(EBUSY); 623 } 624 tp = dev->si_tty; 625 if (tp->t_oproc) { 626 pti_done(pti); 627 lwkt_reltoken(&tty_token); 628 return (EIO); 629 } 630 631 /* 632 * If the slave side is not yet open clear any left over zombie 633 * state before doing our modem control. 634 */ 635 if ((pti->pt_flags & PF_SOPEN) == 0) 636 tp->t_state &= ~TS_ZOMBIE; 637 638 tp->t_oproc = ptsstart; 639 tp->t_stop = ptsstop; 640 tp->t_unhold = ptsunhold; 641 642 /* 643 * Carrier on! 644 */ 645 (void)(*linesw[tp->t_line].l_modem)(tp, 1); 646 647 tp->t_lflag &= ~EXTPROC; 648 pti->pt_prison = ap->a_cred->cr_prison; 649 pti->pt_flags &= ~PF_PTCSTATEMASK; 650 pti->pt_send = 0; 651 pti->pt_ucntl = 0; 652 653 pti->devs->si_uid = ap->a_cred->cr_uid; 654 pti->devs->si_gid = 0; 655 pti->devs->si_perms = 0600; 656 pti->devc->si_uid = ap->a_cred->cr_uid; 657 pti->devc->si_gid = 0; 658 pti->devc->si_perms = 0600; 659 660 /* 661 * Mark master side open. This does not cause any events 662 * on the slave side. 663 */ 664 pti->pt_flags |= PF_MOPEN; 665 pti_done(pti); 666 667 lwkt_reltoken(&tty_token); 668 return (0); 669 } 670 671 static int 672 ptcclose(struct dev_close_args *ap) 673 { 674 cdev_t dev = ap->a_head.a_dev; 675 struct tty *tp; 676 struct pt_ioctl *pti = dev->si_drv1; 677 678 lwkt_gettoken(&tty_token); 679 if (pti_hold(pti)) 680 panic("ptcclose on terminated pti"); 681 682 tp = dev->si_tty; 683 (void)(*linesw[tp->t_line].l_modem)(tp, 0); 684 685 /* 686 * Mark the master side closed. If the slave is still open 687 * mark the tty ZOMBIE, preventing any new action until both 688 * sides have closed. 689 * 690 * NOTE: The ttyflush() will wake up the slave once we've 691 * set appropriate flags. The ZOMBIE flag will be 692 * cleared when the slave side is closed. 693 */ 694 pti->pt_flags &= ~PF_MOPEN; 695 if (pti->pt_flags & PF_SOPEN) 696 tp->t_state |= TS_ZOMBIE; 697 698 /* 699 * Turn off the carrier and disconnect. This will notify the slave 700 * side. 701 */ 702 if (tp->t_state & TS_ISOPEN) { 703 tp->t_state &= ~(TS_CARR_ON | TS_CONNECTED); 704 ttyflush(tp, FREAD | FWRITE); 705 } 706 tp->t_oproc = NULL; /* mark closed */ 707 708 pti->pt_prison = NULL; 709 pti->devs->si_uid = 0; 710 pti->devs->si_gid = 0; 711 pti->devs->si_perms = 0666; 712 pti->devc->si_uid = 0; 713 pti->devc->si_gid = 0; 714 pti->devc->si_perms = 0666; 715 716 pti_done(pti); 717 718 lwkt_reltoken(&tty_token); 719 return (0); 720 } 721 722 static int 723 ptcread(struct dev_read_args *ap) 724 { 725 cdev_t dev = ap->a_head.a_dev; 726 struct tty *tp = dev->si_tty; 727 struct pt_ioctl *pti = dev->si_drv1; 728 char buf[BUFSIZ]; 729 int error = 0, cc; 730 731 lwkt_gettoken(&tty_token); 732 /* 733 * We want to block until the slave 734 * is open, and there's something to read; 735 * but if we lost the slave or we're NBIO, 736 * then return the appropriate error instead. 737 */ 738 for (;;) { 739 if (tp->t_state&TS_ISOPEN) { 740 if ((pti->pt_flags & PF_PKT) && pti->pt_send) { 741 error = ureadc((int)pti->pt_send, ap->a_uio); 742 if (error) { 743 lwkt_reltoken(&tty_token); 744 return (error); 745 } 746 if (pti->pt_send & TIOCPKT_IOCTL) { 747 cc = (int)szmin(ap->a_uio->uio_resid, 748 sizeof(tp->t_termios)); 749 uiomove((caddr_t)&tp->t_termios, cc, 750 ap->a_uio); 751 } 752 pti->pt_send = 0; 753 lwkt_reltoken(&tty_token); 754 return (0); 755 } 756 if ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl) { 757 error = ureadc((int)pti->pt_ucntl, ap->a_uio); 758 if (error) { 759 lwkt_reltoken(&tty_token); 760 return (error); 761 } 762 pti->pt_ucntl = 0; 763 lwkt_reltoken(&tty_token); 764 return (0); 765 } 766 if (tp->t_outq.c_cc && (tp->t_state&TS_TTSTOP) == 0) 767 break; 768 } 769 if ((tp->t_state & TS_CONNECTED) == 0) { 770 lwkt_reltoken(&tty_token); 771 return (0); /* EOF */ 772 } 773 if (ap->a_ioflag & IO_NDELAY) { 774 lwkt_reltoken(&tty_token); 775 return (EWOULDBLOCK); 776 } 777 error = tsleep(TSA_PTC_READ(tp), PCATCH, "ptcin", 0); 778 if (error) { 779 lwkt_reltoken(&tty_token); 780 return (error); 781 } 782 } 783 if (pti->pt_flags & (PF_PKT|PF_UCNTL)) 784 error = ureadc(0, ap->a_uio); 785 while (ap->a_uio->uio_resid > 0 && error == 0) { 786 cc = q_to_b(&tp->t_outq, buf, 787 (int)szmin(ap->a_uio->uio_resid, BUFSIZ)); 788 if (cc <= 0) 789 break; 790 error = uiomove(buf, (size_t)cc, ap->a_uio); 791 } 792 ttwwakeup(tp); 793 lwkt_reltoken(&tty_token); 794 return (error); 795 } 796 797 static void 798 ptsstop(struct tty *tp, int flush) 799 { 800 struct pt_ioctl *pti = tp->t_dev->si_drv1; 801 int flag; 802 803 lwkt_gettoken(&tty_token); 804 /* note: FLUSHREAD and FLUSHWRITE already ok */ 805 if (pti) { 806 if (flush == 0) { 807 flush = TIOCPKT_STOP; 808 pti->pt_flags |= PF_STOPPED; 809 } else { 810 pti->pt_flags &= ~PF_STOPPED; 811 } 812 pti->pt_send |= flush; 813 /* change of perspective */ 814 } 815 flag = 0; 816 if (flush & FREAD) 817 flag |= FWRITE; 818 if (flush & FWRITE) 819 flag |= FREAD; 820 ptcwakeup(tp, flag); 821 822 lwkt_reltoken(&tty_token); 823 } 824 825 /* 826 * ttyunhold() calls us instead of just decrementing tp->t_refs. This 827 * is needed because a session can hold onto a pts (half closed state) 828 * even if there are no live file descriptors. Without the callback 829 * we can't clean up. 830 */ 831 static void 832 ptsunhold(struct tty *tp) 833 { 834 struct pt_ioctl *pti = tp->t_dev->si_drv1; 835 836 lwkt_gettoken(&tty_token); 837 pti_hold(pti); 838 --tp->t_refs; 839 pti_done(pti); 840 lwkt_reltoken(&tty_token); 841 } 842 843 /* 844 * kqueue ops for pseudo-terminals. 845 */ 846 static struct filterops ptcread_filtops = 847 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcrdetach, filt_ptcread }; 848 static struct filterops ptcwrite_filtops = 849 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcwdetach, filt_ptcwrite }; 850 851 static int 852 ptckqfilter(struct dev_kqfilter_args *ap) 853 { 854 cdev_t dev = ap->a_head.a_dev; 855 struct knote *kn = ap->a_kn; 856 struct tty *tp = dev->si_tty; 857 struct klist *klist; 858 859 lwkt_gettoken(&tty_token); 860 ap->a_result = 0; 861 switch (kn->kn_filter) { 862 case EVFILT_READ: 863 klist = &tp->t_rkq.ki_note; 864 kn->kn_fop = &ptcread_filtops; 865 break; 866 case EVFILT_WRITE: 867 klist = &tp->t_wkq.ki_note; 868 kn->kn_fop = &ptcwrite_filtops; 869 break; 870 default: 871 ap->a_result = EOPNOTSUPP; 872 lwkt_reltoken(&tty_token); 873 return (0); 874 } 875 876 kn->kn_hook = (caddr_t)dev; 877 knote_insert(klist, kn); 878 lwkt_reltoken(&tty_token); 879 return (0); 880 } 881 882 static int 883 filt_ptcread (struct knote *kn, long hint) 884 { 885 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 886 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1; 887 888 lwkt_gettoken(&tty_token); 889 if ((tp->t_state & TS_ZOMBIE) || (pti->pt_flags & PF_SCLOSED)) { 890 kn->kn_flags |= (EV_EOF | EV_NODATA); 891 lwkt_reltoken(&tty_token); 892 return (1); 893 } 894 895 if ((tp->t_state & TS_ISOPEN) && 896 ((tp->t_outq.c_cc && (tp->t_state & TS_TTSTOP) == 0) || 897 ((pti->pt_flags & PF_PKT) && pti->pt_send) || 898 ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl))) { 899 kn->kn_data = tp->t_outq.c_cc; 900 lwkt_reltoken(&tty_token); 901 return(1); 902 } else { 903 lwkt_reltoken(&tty_token); 904 return(0); 905 } 906 } 907 908 static int 909 filt_ptcwrite (struct knote *kn, long hint) 910 { 911 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 912 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1; 913 914 lwkt_gettoken(&tty_token); 915 if (tp->t_state & TS_ZOMBIE) { 916 kn->kn_flags |= (EV_EOF | EV_NODATA); 917 lwkt_reltoken(&tty_token); 918 return (1); 919 } 920 921 if (tp->t_state & TS_ISOPEN && 922 ((pti->pt_flags & PF_REMOTE) ? 923 (tp->t_canq.c_cc == 0) : 924 ((tp->t_rawq.c_cc + tp->t_canq.c_cc < TTYHOG - 2) || 925 (tp->t_canq.c_cc == 0 && (tp->t_lflag & ICANON))))) { 926 kn->kn_data = tp->t_canq.c_cc + tp->t_rawq.c_cc; 927 lwkt_reltoken(&tty_token); 928 return(1); 929 } else { 930 lwkt_reltoken(&tty_token); 931 return(0); 932 } 933 /* NOTREACHED */ 934 } 935 936 static void 937 filt_ptcrdetach (struct knote *kn) 938 { 939 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 940 941 knote_remove(&tp->t_rkq.ki_note, kn); 942 } 943 944 static void 945 filt_ptcwdetach (struct knote *kn) 946 { 947 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 948 949 knote_remove(&tp->t_wkq.ki_note, kn); 950 } 951 952 /* 953 * I/O ops 954 */ 955 static int 956 ptcwrite(struct dev_write_args *ap) 957 { 958 cdev_t dev = ap->a_head.a_dev; 959 struct tty *tp = dev->si_tty; 960 u_char *cp = NULL; 961 int cc = 0; 962 u_char locbuf[BUFSIZ]; 963 int cnt = 0; 964 struct pt_ioctl *pti = dev->si_drv1; 965 int error = 0; 966 967 lwkt_gettoken(&tty_token); 968 again: 969 if ((tp->t_state&TS_ISOPEN) == 0) 970 goto block; 971 if (pti->pt_flags & PF_REMOTE) { 972 if (tp->t_canq.c_cc) 973 goto block; 974 while ((ap->a_uio->uio_resid > 0 || cc > 0) && 975 tp->t_canq.c_cc < TTYHOG - 1) { 976 if (cc == 0) { 977 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ); 978 cc = imin(cc, TTYHOG - 1 - tp->t_canq.c_cc); 979 cp = locbuf; 980 error = uiomove(cp, (size_t)cc, ap->a_uio); 981 if (error) { 982 lwkt_reltoken(&tty_token); 983 return (error); 984 } 985 /* check again for safety */ 986 if ((tp->t_state & TS_ISOPEN) == 0) { 987 /* adjust as usual */ 988 ap->a_uio->uio_resid += cc; 989 lwkt_reltoken(&tty_token); 990 return (EIO); 991 } 992 } 993 if (cc > 0) { 994 cc = b_to_q((char *)cp, cc, &tp->t_canq); 995 /* 996 * XXX we don't guarantee that the canq size 997 * is >= TTYHOG, so the above b_to_q() may 998 * leave some bytes uncopied. However, space 999 * is guaranteed for the null terminator if 1000 * we don't fail here since (TTYHOG - 1) is 1001 * not a multiple of CBSIZE. 1002 */ 1003 if (cc > 0) 1004 break; 1005 } 1006 } 1007 /* adjust for data copied in but not written */ 1008 ap->a_uio->uio_resid += cc; 1009 clist_putc(0, &tp->t_canq); 1010 ttwakeup(tp); 1011 wakeup(TSA_PTS_READ(tp)); 1012 lwkt_reltoken(&tty_token); 1013 return (0); 1014 } 1015 while (ap->a_uio->uio_resid > 0 || cc > 0) { 1016 if (cc == 0) { 1017 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ); 1018 cp = locbuf; 1019 error = uiomove(cp, (size_t)cc, ap->a_uio); 1020 if (error) { 1021 lwkt_reltoken(&tty_token); 1022 return (error); 1023 } 1024 /* check again for safety */ 1025 if ((tp->t_state & TS_ISOPEN) == 0) { 1026 /* adjust for data copied in but not written */ 1027 ap->a_uio->uio_resid += cc; 1028 lwkt_reltoken(&tty_token); 1029 return (EIO); 1030 } 1031 } 1032 while (cc > 0) { 1033 if ((tp->t_rawq.c_cc + tp->t_canq.c_cc) >= TTYHOG - 2 && 1034 (tp->t_canq.c_cc > 0 || !(tp->t_lflag&ICANON))) { 1035 wakeup(TSA_HUP_OR_INPUT(tp)); 1036 goto block; 1037 } 1038 (*linesw[tp->t_line].l_rint)(*cp++, tp); 1039 cnt++; 1040 cc--; 1041 } 1042 cc = 0; 1043 } 1044 lwkt_reltoken(&tty_token); 1045 return (0); 1046 block: 1047 /* 1048 * Come here to wait for slave to open, for space 1049 * in outq, or space in rawq, or an empty canq. 1050 */ 1051 if ((tp->t_state & TS_CONNECTED) == 0) { 1052 /* adjust for data copied in but not written */ 1053 ap->a_uio->uio_resid += cc; 1054 lwkt_reltoken(&tty_token); 1055 return (EIO); 1056 } 1057 if (ap->a_ioflag & IO_NDELAY) { 1058 /* adjust for data copied in but not written */ 1059 ap->a_uio->uio_resid += cc; 1060 if (cnt == 0) { 1061 lwkt_reltoken(&tty_token); 1062 return (EWOULDBLOCK); 1063 } 1064 lwkt_reltoken(&tty_token); 1065 return (0); 1066 } 1067 error = tsleep(TSA_PTC_WRITE(tp), PCATCH, "ptcout", 0); 1068 if (error) { 1069 /* adjust for data copied in but not written */ 1070 ap->a_uio->uio_resid += cc; 1071 lwkt_reltoken(&tty_token); 1072 return (error); 1073 } 1074 goto again; 1075 } 1076 1077 /*ARGSUSED*/ 1078 static int 1079 ptyioctl(struct dev_ioctl_args *ap) 1080 { 1081 cdev_t dev = ap->a_head.a_dev; 1082 struct tty *tp = dev->si_tty; 1083 struct pt_ioctl *pti = dev->si_drv1; 1084 u_char *cc = tp->t_cc; 1085 int stop, error; 1086 1087 lwkt_gettoken(&tty_token); 1088 if (dev_dflags(dev) & D_MASTER) { 1089 switch (ap->a_cmd) { 1090 1091 case TIOCGPGRP: 1092 /* 1093 * We avoid calling ttioctl on the controller since, 1094 * in that case, tp must be the controlling terminal. 1095 */ 1096 *(int *)ap->a_data = tp->t_pgrp ? tp->t_pgrp->pg_id : 0; 1097 lwkt_reltoken(&tty_token); 1098 return (0); 1099 1100 case TIOCPKT: 1101 if (*(int *)ap->a_data) { 1102 if (pti->pt_flags & PF_UCNTL) { 1103 lwkt_reltoken(&tty_token); 1104 return (EINVAL); 1105 } 1106 pti->pt_flags |= PF_PKT; 1107 } else { 1108 pti->pt_flags &= ~PF_PKT; 1109 } 1110 lwkt_reltoken(&tty_token); 1111 return (0); 1112 1113 case TIOCUCNTL: 1114 if (*(int *)ap->a_data) { 1115 if (pti->pt_flags & PF_PKT) { 1116 lwkt_reltoken(&tty_token); 1117 return (EINVAL); 1118 } 1119 pti->pt_flags |= PF_UCNTL; 1120 } else { 1121 pti->pt_flags &= ~PF_UCNTL; 1122 } 1123 lwkt_reltoken(&tty_token); 1124 return (0); 1125 1126 case TIOCREMOTE: 1127 if (*(int *)ap->a_data) 1128 pti->pt_flags |= PF_REMOTE; 1129 else 1130 pti->pt_flags &= ~PF_REMOTE; 1131 ttyflush(tp, FREAD|FWRITE); 1132 lwkt_reltoken(&tty_token); 1133 return (0); 1134 1135 #ifdef UNIX98_PTYS 1136 case TIOCISPTMASTER: 1137 if ((pti->pt_flags & PF_UNIX98) && 1138 (pti->devc == dev)) { 1139 lwkt_reltoken(&tty_token); 1140 return (0); 1141 } else { 1142 lwkt_reltoken(&tty_token); 1143 return (EINVAL); 1144 } 1145 } 1146 #endif 1147 1148 /* 1149 * The rest of the ioctls shouldn't be called until 1150 * the slave is open. 1151 */ 1152 if ((tp->t_state & TS_ISOPEN) == 0) { 1153 lwkt_reltoken(&tty_token); 1154 return (EAGAIN); 1155 } 1156 1157 switch (ap->a_cmd) { 1158 #ifdef COMPAT_43 1159 case TIOCSETP: 1160 case TIOCSETN: 1161 #endif 1162 case TIOCSETD: 1163 case TIOCSETA: 1164 case TIOCSETAW: 1165 case TIOCSETAF: 1166 /* 1167 * IF CONTROLLER STTY THEN MUST FLUSH TO PREVENT A HANG. 1168 * ttywflush(tp) will hang if there are characters in 1169 * the outq. 1170 */ 1171 ndflush(&tp->t_outq, tp->t_outq.c_cc); 1172 break; 1173 1174 case TIOCSIG: 1175 if (*(unsigned int *)ap->a_data >= NSIG || 1176 *(unsigned int *)ap->a_data == 0) { 1177 lwkt_reltoken(&tty_token); 1178 return(EINVAL); 1179 } 1180 if ((tp->t_lflag&NOFLSH) == 0) 1181 ttyflush(tp, FREAD|FWRITE); 1182 pgsignal(tp->t_pgrp, *(unsigned int *)ap->a_data, 1); 1183 if ((*(unsigned int *)ap->a_data == SIGINFO) && 1184 ((tp->t_lflag&NOKERNINFO) == 0)) 1185 ttyinfo(tp); 1186 lwkt_reltoken(&tty_token); 1187 return(0); 1188 } 1189 } 1190 if (ap->a_cmd == TIOCEXT) { 1191 /* 1192 * When the EXTPROC bit is being toggled, we need 1193 * to send an TIOCPKT_IOCTL if the packet driver 1194 * is turned on. 1195 */ 1196 if (*(int *)ap->a_data) { 1197 if (pti->pt_flags & PF_PKT) { 1198 pti->pt_send |= TIOCPKT_IOCTL; 1199 ptcwakeup(tp, FREAD); 1200 } 1201 tp->t_lflag |= EXTPROC; 1202 } else { 1203 if ((tp->t_lflag & EXTPROC) && 1204 (pti->pt_flags & PF_PKT)) { 1205 pti->pt_send |= TIOCPKT_IOCTL; 1206 ptcwakeup(tp, FREAD); 1207 } 1208 tp->t_lflag &= ~EXTPROC; 1209 } 1210 lwkt_reltoken(&tty_token); 1211 return(0); 1212 } 1213 error = (*linesw[tp->t_line].l_ioctl)(tp, ap->a_cmd, ap->a_data, 1214 ap->a_fflag, ap->a_cred); 1215 if (error == ENOIOCTL) 1216 error = ttioctl(tp, ap->a_cmd, ap->a_data, ap->a_fflag); 1217 if (error == ENOIOCTL) { 1218 if (pti->pt_flags & PF_UCNTL && 1219 (ap->a_cmd & ~0xff) == UIOCCMD(0)) { 1220 if (ap->a_cmd & 0xff) { 1221 pti->pt_ucntl = (u_char)ap->a_cmd; 1222 ptcwakeup(tp, FREAD); 1223 } 1224 lwkt_reltoken(&tty_token); 1225 return (0); 1226 } 1227 error = ENOTTY; 1228 } 1229 /* 1230 * If external processing and packet mode send ioctl packet. 1231 */ 1232 if ((tp->t_lflag&EXTPROC) && (pti->pt_flags & PF_PKT)) { 1233 switch(ap->a_cmd) { 1234 case TIOCSETA: 1235 case TIOCSETAW: 1236 case TIOCSETAF: 1237 #ifdef COMPAT_43 1238 case TIOCSETP: 1239 case TIOCSETN: 1240 case TIOCSETC: 1241 case TIOCSLTC: 1242 case TIOCLBIS: 1243 case TIOCLBIC: 1244 case TIOCLSET: 1245 #endif 1246 pti->pt_send |= TIOCPKT_IOCTL; 1247 ptcwakeup(tp, FREAD); 1248 default: 1249 break; 1250 } 1251 } 1252 stop = (tp->t_iflag & IXON) && CCEQ(cc[VSTOP], CTRL('s')) 1253 && CCEQ(cc[VSTART], CTRL('q')); 1254 if (pti->pt_flags & PF_NOSTOP) { 1255 if (stop) { 1256 pti->pt_send &= ~TIOCPKT_NOSTOP; 1257 pti->pt_send |= TIOCPKT_DOSTOP; 1258 pti->pt_flags &= ~PF_NOSTOP; 1259 ptcwakeup(tp, FREAD); 1260 } 1261 } else { 1262 if (!stop) { 1263 pti->pt_send &= ~TIOCPKT_DOSTOP; 1264 pti->pt_send |= TIOCPKT_NOSTOP; 1265 pti->pt_flags |= PF_NOSTOP; 1266 ptcwakeup(tp, FREAD); 1267 } 1268 } 1269 lwkt_reltoken(&tty_token); 1270 return (error); 1271 } 1272 1273 1274 static void ptc_drvinit (void *unused); 1275 1276 #ifdef UNIX98_PTYS 1277 SYSCTL_INT(_kern, OID_AUTO, pty_debug, CTLFLAG_RW, &pty_debug_level, 1278 0, "Change pty debug level"); 1279 #endif 1280 1281 static void 1282 ptc_drvinit(void *unused) 1283 { 1284 int i; 1285 1286 #ifdef UNIX98_PTYS 1287 /* 1288 * Unix98 pty stuff. 1289 * Create the clonable base device. 1290 */ 1291 make_autoclone_dev(&ptc_ops, &DEVFS_CLONE_BITMAP(pty), ptyclone, 1292 0, 0, 0666, "ptmx"); 1293 #endif 1294 1295 for (i = 0; i < 256; i++) { 1296 ptyinit(i); 1297 } 1298 } 1299 1300 SYSINIT(ptcdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR_C,ptc_drvinit,NULL) 1301