1 /* 2 * (MPSAFE) 3 * 4 * Copyright (c) 1982, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)tty_pty.c 8.4 (Berkeley) 2/20/95 32 * $FreeBSD: src/sys/kern/tty_pty.c,v 1.74.2.4 2002/02/20 19:58:13 dillon Exp $ 33 */ 34 35 /* 36 * MPSAFE NOTE: 37 * Most functions here could use a separate lock to deal with concurrent 38 * access to the 'pt's. 39 * 40 * Right now the tty_token must be held for all this. 41 */ 42 43 /* 44 * Pseudo-teletype Driver 45 * (Actually two drivers, requiring two dev_ops structures) 46 */ 47 48 #include "opt_compat.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #if defined(COMPAT_43) 53 #include <sys/ioctl_compat.h> 54 #endif 55 #include <sys/proc.h> 56 #include <sys/priv.h> 57 #include <sys/tty.h> 58 #include <sys/conf.h> 59 #include <sys/fcntl.h> 60 #include <sys/kernel.h> 61 #include <sys/vnode.h> 62 #include <sys/signalvar.h> 63 #include <sys/malloc.h> 64 #include <sys/device.h> 65 #include <sys/thread2.h> 66 #include <sys/devfs.h> 67 #include <sys/stat.h> 68 #include <sys/sysctl.h> 69 70 MALLOC_DEFINE(M_PTY, "ptys", "pty data structures"); 71 72 static void ptsstart (struct tty *tp); 73 static void ptsstop (struct tty *tp, int rw); 74 static void ptsunhold (struct tty *tp); 75 static void ptcwakeup (struct tty *tp, int flag); 76 static void ptyinit (int n); 77 static int filt_ptcread (struct knote *kn, long hint); 78 static void filt_ptcrdetach (struct knote *kn); 79 static int filt_ptcwrite (struct knote *kn, long hint); 80 static void filt_ptcwdetach (struct knote *kn); 81 82 static d_open_t ptsopen; 83 static d_close_t ptsclose; 84 static d_read_t ptsread; 85 static d_write_t ptswrite; 86 static d_ioctl_t ptyioctl; 87 static d_open_t ptcopen; 88 static d_close_t ptcclose; 89 static d_read_t ptcread; 90 static d_write_t ptcwrite; 91 static d_kqfilter_t ptckqfilter; 92 93 DEVFS_DEFINE_CLONE_BITMAP(pty); 94 95 static d_clone_t ptyclone; 96 97 static int pty_debug_level = 0; 98 99 static struct dev_ops pts98_ops = { 100 { "pts98", 0, D_TTY | D_MPSAFE }, 101 .d_open = ptsopen, 102 .d_close = ptsclose, 103 .d_read = ptsread, 104 .d_write = ptswrite, 105 .d_ioctl = ptyioctl, 106 .d_kqfilter = ttykqfilter, 107 .d_revoke = ttyrevoke 108 }; 109 110 static struct dev_ops ptc98_ops = { 111 { "ptc98", 0, D_TTY | D_MASTER | D_MPSAFE }, 112 .d_open = ptcopen, 113 .d_close = ptcclose, 114 .d_read = ptcread, 115 .d_write = ptcwrite, 116 .d_ioctl = ptyioctl, 117 .d_kqfilter = ptckqfilter, 118 .d_revoke = ttyrevoke 119 }; 120 121 static struct dev_ops pts_ops = { 122 { "pts", 0, D_TTY | D_MPSAFE }, 123 .d_open = ptsopen, 124 .d_close = ptsclose, 125 .d_read = ptsread, 126 .d_write = ptswrite, 127 .d_ioctl = ptyioctl, 128 .d_kqfilter = ttykqfilter, 129 .d_revoke = ttyrevoke 130 }; 131 132 #define CDEV_MAJOR_C 6 133 static struct dev_ops ptc_ops = { 134 { "ptc", 0, D_TTY | D_MASTER | D_MPSAFE }, 135 .d_open = ptcopen, 136 .d_close = ptcclose, 137 .d_read = ptcread, 138 .d_write = ptcwrite, 139 .d_ioctl = ptyioctl, 140 .d_kqfilter = ptckqfilter, 141 .d_revoke = ttyrevoke 142 }; 143 144 #define BUFSIZ 100 /* Chunk size iomoved to/from user */ 145 146 struct pt_ioctl { 147 int pt_flags; 148 int pt_refs; /* Structural references interlock S/MOPEN */ 149 int pt_uminor; 150 struct kqinfo pt_kqr, pt_kqw; 151 u_char pt_send; 152 u_char pt_ucntl; 153 struct tty pt_tty; 154 cdev_t devs, devc; 155 struct prison *pt_prison; 156 }; 157 158 /* 159 * pt_flags ptc state 160 */ 161 #define PF_PKT 0x0008 /* packet mode */ 162 #define PF_STOPPED 0x0010 /* user told stopped */ 163 #define PF_REMOTE 0x0020 /* remote and flow controlled input */ 164 #define PF_NOSTOP 0x0040 165 #define PF_UCNTL 0x0080 /* user control mode */ 166 167 #define PF_PTCSTATEMASK 0x00FF 168 169 /* 170 * pt_flags open state. Note that PF_SCLOSED is used to activate 171 * read EOF on the ptc so it is only set after the slave has been 172 * opened and then closed, and cleared again if the slave is opened 173 * again. 174 */ 175 #define PF_UNIX98 0x0100 176 #define PF_SOPEN 0x0200 177 #define PF_MOPEN 0x0400 178 #define PF_SCLOSED 0x0800 179 #define PF_TERMINATED 0x8000 180 181 /* 182 * This function creates and initializes a pts/ptc pair 183 * 184 * pts == /dev/tty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv] 185 * ptc == /dev/pty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv] 186 * 187 * XXX: define and add mapping of upper minor bits to allow more 188 * than 256 ptys. 189 */ 190 static void 191 ptyinit(int n) 192 { 193 cdev_t devs, devc; 194 char *names = "pqrsPQRS"; 195 struct pt_ioctl *pt; 196 197 /* For now we only map the lower 8 bits of the minor */ 198 if (n & ~0xff) 199 return; 200 201 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO); 202 pt->devs = devs = make_dev(&pts_ops, n, 203 0, 0, 0666, "tty%c%r", names[n / 32], n % 32); 204 pt->devc = devc = make_dev(&ptc_ops, n, 205 0, 0, 0666, "pty%c%r", names[n / 32], n % 32); 206 207 pt->pt_tty.t_dev = devs; 208 pt->pt_uminor = n; 209 devs->si_drv1 = devc->si_drv1 = pt; 210 devs->si_tty = devc->si_tty = &pt->pt_tty; 211 devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 212 devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 213 ttyregister(&pt->pt_tty); 214 } 215 216 static int 217 ptyclone(struct dev_clone_args *ap) 218 { 219 int unit; 220 struct pt_ioctl *pt; 221 222 /* 223 * Limit the number of unix98 pty (slave) devices to 1000, as 224 * the utmp(5) format only allows for 8 bytes for the tty, 225 * "pts/XXX". 226 * If this limit is reached, we don't clone and return error 227 * to devfs. 228 */ 229 unit = devfs_clone_bitmap_get(&DEVFS_CLONE_BITMAP(pty), 1000); 230 231 if (unit < 0) { 232 ap->a_dev = NULL; 233 return 1; 234 } 235 236 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO); 237 238 pt->devc = make_only_dev(&ptc98_ops, unit, 239 ap->a_cred->cr_ruid, 240 0, 0600, "ptm/%d", unit); 241 pt->devs = make_dev(&pts98_ops, unit, 242 ap->a_cred->cr_ruid, 243 GID_TTY, 0620, "pts/%d", unit); 244 ap->a_dev = pt->devc; 245 246 pt->devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 247 pt->devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 248 249 pt->pt_tty.t_dev = pt->devs; 250 pt->pt_flags |= PF_UNIX98; 251 pt->pt_uminor = unit; 252 pt->devs->si_drv1 = pt->devc->si_drv1 = pt; 253 pt->devs->si_tty = pt->devc->si_tty = &pt->pt_tty; 254 255 ttyregister(&pt->pt_tty); 256 257 return 0; 258 } 259 260 /* 261 * pti_hold() prevents the pti from being destroyed due to a termination 262 * while a pt*open() is blocked. 263 * 264 * This function returns non-zero if we cannot hold due to a termination 265 * interlock. 266 * 267 * NOTE: Must be called with tty_token held 268 */ 269 static int 270 pti_hold(struct pt_ioctl *pti) 271 { 272 if (pti->pt_flags & PF_TERMINATED) 273 return(ENXIO); 274 ++pti->pt_refs; 275 return(0); 276 } 277 278 /* 279 * pti_done() releases the reference and checks to see if both sides have 280 * been closed on a unix98 pty, allowing us to destroy the device and 281 * release resources. 282 * 283 * We do not release resources on non-unix98 ptys. Those are left 284 * statically allocated. 285 */ 286 static void 287 pti_done(struct pt_ioctl *pti) 288 { 289 lwkt_gettoken(&tty_token); 290 if (--pti->pt_refs == 0) { 291 cdev_t dev; 292 int uminor_no; 293 294 /* 295 * Only unix09 ptys are freed up 296 */ 297 if ((pti->pt_flags & PF_UNIX98) == 0) { 298 lwkt_reltoken(&tty_token); 299 return; 300 } 301 302 /* 303 * Interlock open attempts against termination by setting 304 * PF_TERMINATED. This allows us to block while cleaning 305 * out the device infrastructure. 306 * 307 * Do not terminate the tty if it still has a session 308 * association (t_refs). 309 */ 310 if ((pti->pt_flags & (PF_SOPEN|PF_MOPEN)) == 0 && 311 pti->pt_tty.t_refs == 0) { 312 pti->pt_flags |= PF_TERMINATED; 313 uminor_no = pti->pt_uminor; 314 315 if ((dev = pti->devs) != NULL) { 316 dev->si_drv1 = NULL; 317 pti->devs = NULL; 318 destroy_dev(dev); 319 } 320 if ((dev = pti->devc) != NULL) { 321 dev->si_drv1 = NULL; 322 pti->devc = NULL; 323 destroy_dev(dev); 324 } 325 ttyunregister(&pti->pt_tty); 326 devfs_clone_bitmap_put(&DEVFS_CLONE_BITMAP(pty), 327 uminor_no); 328 kfree(pti, M_PTY); 329 } 330 } 331 lwkt_reltoken(&tty_token); 332 } 333 334 /*ARGSUSED*/ 335 static int 336 ptsopen(struct dev_open_args *ap) 337 { 338 cdev_t dev = ap->a_head.a_dev; 339 struct tty *tp; 340 int error; 341 struct pt_ioctl *pti; 342 343 /* 344 * The pti will already be assigned by the clone code or 345 * pre-created if a non-unix 98 pty. If si_drv1 is NULL 346 * we are somehow racing a unix98 termination. 347 */ 348 if (dev->si_drv1 == NULL) 349 return(ENXIO); 350 pti = dev->si_drv1; 351 352 lwkt_gettoken(&tty_token); 353 if (pti_hold(pti)) { 354 lwkt_reltoken(&tty_token); 355 return(ENXIO); 356 } 357 358 tp = dev->si_tty; 359 360 /* 361 * Reinit most of the tty state if it isn't open. Handle 362 * exclusive access. 363 */ 364 if ((tp->t_state & TS_ISOPEN) == 0) { 365 ttychars(tp); /* Set up default chars */ 366 tp->t_iflag = TTYDEF_IFLAG; 367 tp->t_oflag = TTYDEF_OFLAG; 368 tp->t_lflag = TTYDEF_LFLAG; 369 tp->t_cflag = TTYDEF_CFLAG; 370 tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED; 371 } else if ((tp->t_state & TS_XCLUDE) && 372 priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) { 373 pti_done(pti); 374 lwkt_reltoken(&tty_token); 375 return (EBUSY); 376 } else if (pti->pt_prison != ap->a_cred->cr_prison) { 377 pti_done(pti); 378 lwkt_reltoken(&tty_token); 379 return (EBUSY); 380 } 381 382 /* 383 * If the ptc is already present this will connect us up. It 384 * is unclear if this is actually needed. 385 * 386 * If neither side is open be sure to clear any left over 387 * ZOMBIE state before continuing. 388 */ 389 if (tp->t_oproc) 390 (void)(*linesw[tp->t_line].l_modem)(tp, 1); 391 else if ((pti->pt_flags & PF_SOPEN) == 0) 392 tp->t_state &= ~TS_ZOMBIE; 393 394 /* 395 * Wait for the carrier (ptc side) 396 */ 397 while ((tp->t_state & TS_CARR_ON) == 0) { 398 if (ap->a_oflags & FNONBLOCK) 399 break; 400 error = ttysleep(tp, TSA_CARR_ON(tp), PCATCH, "ptsopn", 0); 401 if (error) { 402 pti_done(pti); 403 lwkt_reltoken(&tty_token); 404 return (error); 405 } 406 } 407 408 /* 409 * Mark the tty open and mark the slave side as being open. 410 */ 411 error = (*linesw[tp->t_line].l_open)(dev, tp); 412 413 if (error == 0) { 414 pti->pt_flags |= PF_SOPEN; 415 pti->pt_flags &= ~PF_SCLOSED; 416 ptcwakeup(tp, FREAD|FWRITE); 417 } 418 pti_done(pti); 419 420 lwkt_reltoken(&tty_token); 421 return (error); 422 } 423 424 static int 425 ptsclose(struct dev_close_args *ap) 426 { 427 cdev_t dev = ap->a_head.a_dev; 428 struct tty *tp; 429 struct pt_ioctl *pti = dev->si_drv1; 430 int err; 431 432 lwkt_gettoken(&tty_token); 433 if (pti_hold(pti)) 434 panic("ptsclose on terminated pti"); 435 436 /* 437 * Disconnect the slave side 438 */ 439 tp = dev->si_tty; 440 err = (*linesw[tp->t_line].l_close)(tp, ap->a_fflag); 441 ptsstop(tp, FREAD|FWRITE); 442 ttyclose(tp); /* clears t_state */ 443 444 /* 445 * Mark the pts side closed and signal the ptc. Do not mark the 446 * tty a zombie... that is, allow the tty to be re-opened as long 447 * as the ptc is still open. The ptc will read() EOFs until the 448 * pts side is reopened or the ptc is closed. 449 * 450 * xterm() depends on this behavior as it will revoke() the pts 451 * and then reopen it after the (unnecessary old code) chmod. 452 */ 453 pti->pt_flags &= ~PF_SOPEN; 454 pti->pt_flags |= PF_SCLOSED; 455 if (tp->t_oproc) 456 ptcwakeup(tp, FREAD); 457 pti_done(pti); 458 lwkt_reltoken(&tty_token); 459 return (err); 460 } 461 462 static int 463 ptsread(struct dev_read_args *ap) 464 { 465 cdev_t dev = ap->a_head.a_dev; 466 struct proc *p = curproc; 467 struct tty *tp = dev->si_tty; 468 struct pt_ioctl *pti = dev->si_drv1; 469 struct lwp *lp; 470 471 int error = 0; 472 473 lp = curthread->td_lwp; 474 475 lwkt_gettoken(&tty_token); 476 again: 477 if (pti->pt_flags & PF_REMOTE) { 478 while (isbackground(p, tp)) { 479 if (SIGISMEMBER(p->p_sigignore, SIGTTIN) || 480 SIGISMEMBER(lp->lwp_sigmask, SIGTTIN) || 481 p->p_pgrp->pg_jobc == 0 || 482 (p->p_flags & P_PPWAIT)) { 483 lwkt_reltoken(&tty_token); 484 return (EIO); 485 } 486 pgsignal(p->p_pgrp, SIGTTIN, 1); 487 error = ttysleep(tp, &lbolt, PCATCH, "ptsbg", 0); 488 if (error) { 489 lwkt_reltoken(&tty_token); 490 return (error); 491 } 492 } 493 if (tp->t_canq.c_cc == 0) { 494 if (ap->a_ioflag & IO_NDELAY) { 495 lwkt_reltoken(&tty_token); 496 return (EWOULDBLOCK); 497 } 498 error = ttysleep(tp, TSA_PTS_READ(tp), PCATCH, 499 "ptsin", 0); 500 if (error) { 501 lwkt_reltoken(&tty_token); 502 return (error); 503 } 504 goto again; 505 } 506 while (tp->t_canq.c_cc > 1 && ap->a_uio->uio_resid > 0) 507 if (ureadc(clist_getc(&tp->t_canq), ap->a_uio) < 0) { 508 error = EFAULT; 509 break; 510 } 511 if (tp->t_canq.c_cc == 1) 512 clist_getc(&tp->t_canq); 513 if (tp->t_canq.c_cc) { 514 lwkt_reltoken(&tty_token); 515 return (error); 516 } 517 } else 518 if (tp->t_oproc) 519 error = (*linesw[tp->t_line].l_read)(tp, ap->a_uio, ap->a_ioflag); 520 ptcwakeup(tp, FWRITE); 521 lwkt_reltoken(&tty_token); 522 return (error); 523 } 524 525 /* 526 * Write to pseudo-tty. 527 * Wakeups of controlling tty will happen 528 * indirectly, when tty driver calls ptsstart. 529 */ 530 static int 531 ptswrite(struct dev_write_args *ap) 532 { 533 cdev_t dev = ap->a_head.a_dev; 534 struct tty *tp; 535 int ret; 536 537 lwkt_gettoken(&tty_token); 538 tp = dev->si_tty; 539 if (tp->t_oproc == NULL) { 540 lwkt_reltoken(&tty_token); 541 return (EIO); 542 } 543 ret = ((*linesw[tp->t_line].l_write)(tp, ap->a_uio, ap->a_ioflag)); 544 lwkt_reltoken(&tty_token); 545 return ret; 546 } 547 548 /* 549 * Start output on pseudo-tty. 550 * Wake up process selecting or sleeping for input from controlling tty. 551 */ 552 static void 553 ptsstart(struct tty *tp) 554 { 555 lwkt_gettoken(&tty_token); 556 struct pt_ioctl *pti = tp->t_dev->si_drv1; 557 558 if (tp->t_state & TS_TTSTOP) { 559 lwkt_reltoken(&tty_token); 560 return; 561 } 562 if (pti) { 563 if (pti->pt_flags & PF_STOPPED) { 564 pti->pt_flags &= ~PF_STOPPED; 565 pti->pt_send = TIOCPKT_START; 566 } 567 } 568 ptcwakeup(tp, FREAD); 569 lwkt_reltoken(&tty_token); 570 } 571 572 /* 573 * NOTE: Must be called with tty_token held 574 */ 575 static void 576 ptcwakeup(struct tty *tp, int flag) 577 { 578 ASSERT_LWKT_TOKEN_HELD(&tty_token); 579 580 if (flag & FREAD) { 581 wakeup(TSA_PTC_READ(tp)); 582 KNOTE(&tp->t_rkq.ki_note, 0); 583 } 584 if (flag & FWRITE) { 585 wakeup(TSA_PTC_WRITE(tp)); 586 KNOTE(&tp->t_wkq.ki_note, 0); 587 } 588 } 589 590 static int 591 ptcopen(struct dev_open_args *ap) 592 { 593 cdev_t dev = ap->a_head.a_dev; 594 struct tty *tp; 595 struct pt_ioctl *pti; 596 597 /* 598 * The pti will already be assigned by the clone code or 599 * pre-created if a non-unix 98 pty. If si_drv1 is NULL 600 * we are somehow racing a unix98 termination. 601 */ 602 if (dev->si_drv1 == NULL) 603 return(ENXIO); 604 605 lwkt_gettoken(&tty_token); 606 pti = dev->si_drv1; 607 if (pti_hold(pti)) { 608 lwkt_reltoken(&tty_token); 609 return(ENXIO); 610 } 611 if (pti->pt_prison && pti->pt_prison != ap->a_cred->cr_prison) { 612 pti_done(pti); 613 lwkt_reltoken(&tty_token); 614 return(EBUSY); 615 } 616 tp = dev->si_tty; 617 if (tp->t_oproc) { 618 pti_done(pti); 619 lwkt_reltoken(&tty_token); 620 return (EIO); 621 } 622 623 /* 624 * If the slave side is not yet open clear any left over zombie 625 * state before doing our modem control. 626 */ 627 if ((pti->pt_flags & PF_SOPEN) == 0) 628 tp->t_state &= ~TS_ZOMBIE; 629 630 tp->t_oproc = ptsstart; 631 tp->t_stop = ptsstop; 632 tp->t_unhold = ptsunhold; 633 634 /* 635 * Carrier on! 636 */ 637 (void)(*linesw[tp->t_line].l_modem)(tp, 1); 638 639 tp->t_lflag &= ~EXTPROC; 640 pti->pt_prison = ap->a_cred->cr_prison; 641 pti->pt_flags &= ~PF_PTCSTATEMASK; 642 pti->pt_send = 0; 643 pti->pt_ucntl = 0; 644 645 pti->devs->si_uid = ap->a_cred->cr_uid; 646 pti->devs->si_gid = 0; 647 pti->devs->si_perms = 0600; 648 pti->devc->si_uid = ap->a_cred->cr_uid; 649 pti->devc->si_gid = 0; 650 pti->devc->si_perms = 0600; 651 652 /* 653 * Mark master side open. This does not cause any events 654 * on the slave side. 655 */ 656 pti->pt_flags |= PF_MOPEN; 657 pti_done(pti); 658 659 lwkt_reltoken(&tty_token); 660 return (0); 661 } 662 663 static int 664 ptcclose(struct dev_close_args *ap) 665 { 666 cdev_t dev = ap->a_head.a_dev; 667 struct tty *tp; 668 struct pt_ioctl *pti = dev->si_drv1; 669 670 lwkt_gettoken(&tty_token); 671 if (pti_hold(pti)) 672 panic("ptcclose on terminated pti"); 673 674 tp = dev->si_tty; 675 (void)(*linesw[tp->t_line].l_modem)(tp, 0); 676 677 /* 678 * Mark the master side closed. If the slave is still open 679 * mark the tty ZOMBIE, preventing any new action until both 680 * sides have closed. 681 * 682 * NOTE: The ttyflush() will wake up the slave once we've 683 * set appropriate flags. The ZOMBIE flag will be 684 * cleared when the slave side is closed. 685 */ 686 pti->pt_flags &= ~PF_MOPEN; 687 if (pti->pt_flags & PF_SOPEN) 688 tp->t_state |= TS_ZOMBIE; 689 690 /* 691 * Turn off the carrier and disconnect. This will notify the slave 692 * side. 693 */ 694 if (tp->t_state & TS_ISOPEN) { 695 tp->t_state &= ~(TS_CARR_ON | TS_CONNECTED); 696 ttyflush(tp, FREAD | FWRITE); 697 } 698 tp->t_oproc = NULL; /* mark closed */ 699 700 pti->pt_prison = NULL; 701 pti->devs->si_uid = 0; 702 pti->devs->si_gid = 0; 703 pti->devs->si_perms = 0666; 704 pti->devc->si_uid = 0; 705 pti->devc->si_gid = 0; 706 pti->devc->si_perms = 0666; 707 708 pti_done(pti); 709 710 lwkt_reltoken(&tty_token); 711 return (0); 712 } 713 714 static int 715 ptcread(struct dev_read_args *ap) 716 { 717 cdev_t dev = ap->a_head.a_dev; 718 struct tty *tp = dev->si_tty; 719 struct pt_ioctl *pti = dev->si_drv1; 720 char buf[BUFSIZ]; 721 int error = 0, cc; 722 723 lwkt_gettoken(&tty_token); 724 /* 725 * We want to block until the slave 726 * is open, and there's something to read; 727 * but if we lost the slave or we're NBIO, 728 * then return the appropriate error instead. 729 */ 730 for (;;) { 731 if (tp->t_state&TS_ISOPEN) { 732 if ((pti->pt_flags & PF_PKT) && pti->pt_send) { 733 error = ureadc((int)pti->pt_send, ap->a_uio); 734 if (error) { 735 lwkt_reltoken(&tty_token); 736 return (error); 737 } 738 if (pti->pt_send & TIOCPKT_IOCTL) { 739 cc = (int)szmin(ap->a_uio->uio_resid, 740 sizeof(tp->t_termios)); 741 uiomove((caddr_t)&tp->t_termios, cc, 742 ap->a_uio); 743 } 744 pti->pt_send = 0; 745 lwkt_reltoken(&tty_token); 746 return (0); 747 } 748 if ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl) { 749 error = ureadc((int)pti->pt_ucntl, ap->a_uio); 750 if (error) { 751 lwkt_reltoken(&tty_token); 752 return (error); 753 } 754 pti->pt_ucntl = 0; 755 lwkt_reltoken(&tty_token); 756 return (0); 757 } 758 if (tp->t_outq.c_cc && (tp->t_state&TS_TTSTOP) == 0) 759 break; 760 } 761 if ((tp->t_state & TS_CONNECTED) == 0) { 762 lwkt_reltoken(&tty_token); 763 return (0); /* EOF */ 764 } 765 if (ap->a_ioflag & IO_NDELAY) { 766 lwkt_reltoken(&tty_token); 767 return (EWOULDBLOCK); 768 } 769 error = tsleep(TSA_PTC_READ(tp), PCATCH, "ptcin", 0); 770 if (error) { 771 lwkt_reltoken(&tty_token); 772 return (error); 773 } 774 } 775 if (pti->pt_flags & (PF_PKT|PF_UCNTL)) 776 error = ureadc(0, ap->a_uio); 777 while (ap->a_uio->uio_resid > 0 && error == 0) { 778 cc = q_to_b(&tp->t_outq, buf, 779 (int)szmin(ap->a_uio->uio_resid, BUFSIZ)); 780 if (cc <= 0) 781 break; 782 error = uiomove(buf, (size_t)cc, ap->a_uio); 783 } 784 ttwwakeup(tp); 785 lwkt_reltoken(&tty_token); 786 return (error); 787 } 788 789 static void 790 ptsstop(struct tty *tp, int flush) 791 { 792 struct pt_ioctl *pti = tp->t_dev->si_drv1; 793 int flag; 794 795 lwkt_gettoken(&tty_token); 796 /* note: FLUSHREAD and FLUSHWRITE already ok */ 797 if (pti) { 798 if (flush == 0) { 799 flush = TIOCPKT_STOP; 800 pti->pt_flags |= PF_STOPPED; 801 } else { 802 pti->pt_flags &= ~PF_STOPPED; 803 } 804 pti->pt_send |= flush; 805 /* change of perspective */ 806 } 807 flag = 0; 808 if (flush & FREAD) 809 flag |= FWRITE; 810 if (flush & FWRITE) 811 flag |= FREAD; 812 ptcwakeup(tp, flag); 813 814 lwkt_reltoken(&tty_token); 815 } 816 817 /* 818 * ttyunhold() calls us instead of just decrementing tp->t_refs. This 819 * is needed because a session can hold onto a pts (half closed state) 820 * even if there are no live file descriptors. Without the callback 821 * we can't clean up. 822 */ 823 static void 824 ptsunhold(struct tty *tp) 825 { 826 struct pt_ioctl *pti = tp->t_dev->si_drv1; 827 828 lwkt_gettoken(&tty_token); 829 pti_hold(pti); 830 --tp->t_refs; 831 pti_done(pti); 832 lwkt_reltoken(&tty_token); 833 } 834 835 /* 836 * kqueue ops for pseudo-terminals. 837 */ 838 static struct filterops ptcread_filtops = 839 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcrdetach, filt_ptcread }; 840 static struct filterops ptcwrite_filtops = 841 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcwdetach, filt_ptcwrite }; 842 843 static int 844 ptckqfilter(struct dev_kqfilter_args *ap) 845 { 846 cdev_t dev = ap->a_head.a_dev; 847 struct knote *kn = ap->a_kn; 848 struct tty *tp = dev->si_tty; 849 struct klist *klist; 850 851 ap->a_result = 0; 852 switch (kn->kn_filter) { 853 case EVFILT_READ: 854 klist = &tp->t_rkq.ki_note; 855 kn->kn_fop = &ptcread_filtops; 856 break; 857 case EVFILT_WRITE: 858 klist = &tp->t_wkq.ki_note; 859 kn->kn_fop = &ptcwrite_filtops; 860 break; 861 default: 862 ap->a_result = EOPNOTSUPP; 863 return (0); 864 } 865 866 kn->kn_hook = (caddr_t)dev; 867 knote_insert(klist, kn); 868 return (0); 869 } 870 871 static int 872 filt_ptcread (struct knote *kn, long hint) 873 { 874 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 875 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1; 876 877 lwkt_gettoken(&tty_token); 878 if ((tp->t_state & TS_ZOMBIE) || (pti->pt_flags & PF_SCLOSED)) { 879 lwkt_reltoken(&tty_token); 880 kn->kn_flags |= (EV_EOF | EV_NODATA); 881 return (1); 882 } 883 884 if ((tp->t_state & TS_ISOPEN) && 885 ((tp->t_outq.c_cc && (tp->t_state & TS_TTSTOP) == 0) || 886 ((pti->pt_flags & PF_PKT) && pti->pt_send) || 887 ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl))) { 888 kn->kn_data = tp->t_outq.c_cc; 889 lwkt_reltoken(&tty_token); 890 return(1); 891 } else { 892 lwkt_reltoken(&tty_token); 893 return(0); 894 } 895 } 896 897 static int 898 filt_ptcwrite (struct knote *kn, long hint) 899 { 900 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 901 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1; 902 903 lwkt_gettoken(&tty_token); 904 if (tp->t_state & TS_ZOMBIE) { 905 lwkt_reltoken(&tty_token); 906 kn->kn_flags |= (EV_EOF | EV_NODATA); 907 return (1); 908 } 909 910 if (tp->t_state & TS_ISOPEN && 911 ((pti->pt_flags & PF_REMOTE) ? 912 (tp->t_canq.c_cc == 0) : 913 ((tp->t_rawq.c_cc + tp->t_canq.c_cc < TTYHOG - 2) || 914 (tp->t_canq.c_cc == 0 && (tp->t_lflag & ICANON))))) { 915 kn->kn_data = tp->t_canq.c_cc + tp->t_rawq.c_cc; 916 lwkt_reltoken(&tty_token); 917 return(1); 918 } else { 919 lwkt_reltoken(&tty_token); 920 return(0); 921 } 922 /* NOTREACHED */ 923 } 924 925 static void 926 filt_ptcrdetach (struct knote *kn) 927 { 928 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 929 930 knote_remove(&tp->t_rkq.ki_note, kn); 931 } 932 933 static void 934 filt_ptcwdetach (struct knote *kn) 935 { 936 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 937 938 knote_remove(&tp->t_wkq.ki_note, kn); 939 } 940 941 /* 942 * I/O ops 943 */ 944 static int 945 ptcwrite(struct dev_write_args *ap) 946 { 947 cdev_t dev = ap->a_head.a_dev; 948 struct tty *tp = dev->si_tty; 949 u_char *cp = NULL; 950 int cc = 0; 951 u_char locbuf[BUFSIZ]; 952 int cnt = 0; 953 struct pt_ioctl *pti = dev->si_drv1; 954 int error = 0; 955 956 lwkt_gettoken(&tty_token); 957 again: 958 if ((tp->t_state&TS_ISOPEN) == 0) 959 goto block; 960 if (pti->pt_flags & PF_REMOTE) { 961 if (tp->t_canq.c_cc) 962 goto block; 963 while ((ap->a_uio->uio_resid > 0 || cc > 0) && 964 tp->t_canq.c_cc < TTYHOG - 1) { 965 if (cc == 0) { 966 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ); 967 cc = imin(cc, TTYHOG - 1 - tp->t_canq.c_cc); 968 cp = locbuf; 969 error = uiomove(cp, (size_t)cc, ap->a_uio); 970 if (error) { 971 lwkt_reltoken(&tty_token); 972 return (error); 973 } 974 /* check again for safety */ 975 if ((tp->t_state & TS_ISOPEN) == 0) { 976 /* adjust as usual */ 977 ap->a_uio->uio_resid += cc; 978 lwkt_reltoken(&tty_token); 979 return (EIO); 980 } 981 } 982 if (cc > 0) { 983 cc = b_to_q((char *)cp, cc, &tp->t_canq); 984 /* 985 * XXX we don't guarantee that the canq size 986 * is >= TTYHOG, so the above b_to_q() may 987 * leave some bytes uncopied. However, space 988 * is guaranteed for the null terminator if 989 * we don't fail here since (TTYHOG - 1) is 990 * not a multiple of CBSIZE. 991 */ 992 if (cc > 0) 993 break; 994 } 995 } 996 /* adjust for data copied in but not written */ 997 ap->a_uio->uio_resid += cc; 998 clist_putc(0, &tp->t_canq); 999 ttwakeup(tp); 1000 wakeup(TSA_PTS_READ(tp)); 1001 lwkt_reltoken(&tty_token); 1002 return (0); 1003 } 1004 while (ap->a_uio->uio_resid > 0 || cc > 0) { 1005 if (cc == 0) { 1006 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ); 1007 cp = locbuf; 1008 error = uiomove(cp, (size_t)cc, ap->a_uio); 1009 if (error) { 1010 lwkt_reltoken(&tty_token); 1011 return (error); 1012 } 1013 /* check again for safety */ 1014 if ((tp->t_state & TS_ISOPEN) == 0) { 1015 /* adjust for data copied in but not written */ 1016 ap->a_uio->uio_resid += cc; 1017 lwkt_reltoken(&tty_token); 1018 return (EIO); 1019 } 1020 } 1021 while (cc > 0) { 1022 if ((tp->t_rawq.c_cc + tp->t_canq.c_cc) >= TTYHOG - 2 && 1023 (tp->t_canq.c_cc > 0 || !(tp->t_lflag&ICANON))) { 1024 wakeup(TSA_HUP_OR_INPUT(tp)); 1025 goto block; 1026 } 1027 (*linesw[tp->t_line].l_rint)(*cp++, tp); 1028 cnt++; 1029 cc--; 1030 } 1031 cc = 0; 1032 } 1033 lwkt_reltoken(&tty_token); 1034 return (0); 1035 block: 1036 /* 1037 * Come here to wait for slave to open, for space 1038 * in outq, or space in rawq, or an empty canq. 1039 */ 1040 if ((tp->t_state & TS_CONNECTED) == 0) { 1041 /* adjust for data copied in but not written */ 1042 ap->a_uio->uio_resid += cc; 1043 lwkt_reltoken(&tty_token); 1044 return (EIO); 1045 } 1046 if (ap->a_ioflag & IO_NDELAY) { 1047 /* adjust for data copied in but not written */ 1048 ap->a_uio->uio_resid += cc; 1049 if (cnt == 0) { 1050 lwkt_reltoken(&tty_token); 1051 return (EWOULDBLOCK); 1052 } 1053 lwkt_reltoken(&tty_token); 1054 return (0); 1055 } 1056 error = tsleep(TSA_PTC_WRITE(tp), PCATCH, "ptcout", 0); 1057 if (error) { 1058 /* adjust for data copied in but not written */ 1059 ap->a_uio->uio_resid += cc; 1060 lwkt_reltoken(&tty_token); 1061 return (error); 1062 } 1063 goto again; 1064 } 1065 1066 /*ARGSUSED*/ 1067 static int 1068 ptyioctl(struct dev_ioctl_args *ap) 1069 { 1070 cdev_t dev = ap->a_head.a_dev; 1071 struct tty *tp = dev->si_tty; 1072 struct pt_ioctl *pti = dev->si_drv1; 1073 u_char *cc = tp->t_cc; 1074 int stop, error; 1075 1076 lwkt_gettoken(&tty_token); 1077 if (dev_dflags(dev) & D_MASTER) { 1078 switch (ap->a_cmd) { 1079 1080 case TIOCGPGRP: 1081 /* 1082 * We avoid calling ttioctl on the controller since, 1083 * in that case, tp must be the controlling terminal. 1084 */ 1085 *(int *)ap->a_data = tp->t_pgrp ? tp->t_pgrp->pg_id : 0; 1086 lwkt_reltoken(&tty_token); 1087 return (0); 1088 1089 case TIOCPKT: 1090 if (*(int *)ap->a_data) { 1091 if (pti->pt_flags & PF_UCNTL) { 1092 lwkt_reltoken(&tty_token); 1093 return (EINVAL); 1094 } 1095 pti->pt_flags |= PF_PKT; 1096 } else { 1097 pti->pt_flags &= ~PF_PKT; 1098 } 1099 lwkt_reltoken(&tty_token); 1100 return (0); 1101 1102 case TIOCUCNTL: 1103 if (*(int *)ap->a_data) { 1104 if (pti->pt_flags & PF_PKT) { 1105 lwkt_reltoken(&tty_token); 1106 return (EINVAL); 1107 } 1108 pti->pt_flags |= PF_UCNTL; 1109 } else { 1110 pti->pt_flags &= ~PF_UCNTL; 1111 } 1112 lwkt_reltoken(&tty_token); 1113 return (0); 1114 1115 case TIOCREMOTE: 1116 if (*(int *)ap->a_data) 1117 pti->pt_flags |= PF_REMOTE; 1118 else 1119 pti->pt_flags &= ~PF_REMOTE; 1120 ttyflush(tp, FREAD|FWRITE); 1121 lwkt_reltoken(&tty_token); 1122 return (0); 1123 1124 case TIOCISPTMASTER: 1125 if ((pti->pt_flags & PF_UNIX98) && 1126 (pti->devc == dev)) { 1127 lwkt_reltoken(&tty_token); 1128 return (0); 1129 } else { 1130 lwkt_reltoken(&tty_token); 1131 return (EINVAL); 1132 } 1133 } 1134 1135 /* 1136 * The rest of the ioctls shouldn't be called until 1137 * the slave is open. 1138 */ 1139 if ((tp->t_state & TS_ISOPEN) == 0) { 1140 lwkt_reltoken(&tty_token); 1141 return (EAGAIN); 1142 } 1143 1144 switch (ap->a_cmd) { 1145 #ifdef COMPAT_43 1146 case TIOCSETP: 1147 case TIOCSETN: 1148 #endif 1149 case TIOCSETD: 1150 case TIOCSETA: 1151 case TIOCSETAW: 1152 case TIOCSETAF: 1153 /* 1154 * IF CONTROLLER STTY THEN MUST FLUSH TO PREVENT A HANG. 1155 * ttywflush(tp) will hang if there are characters in 1156 * the outq. 1157 */ 1158 ndflush(&tp->t_outq, tp->t_outq.c_cc); 1159 break; 1160 1161 case TIOCSIG: 1162 if (*(unsigned int *)ap->a_data >= NSIG || 1163 *(unsigned int *)ap->a_data == 0) { 1164 lwkt_reltoken(&tty_token); 1165 return(EINVAL); 1166 } 1167 if ((tp->t_lflag&NOFLSH) == 0) 1168 ttyflush(tp, FREAD|FWRITE); 1169 pgsignal(tp->t_pgrp, *(unsigned int *)ap->a_data, 1); 1170 if ((*(unsigned int *)ap->a_data == SIGINFO) && 1171 ((tp->t_lflag&NOKERNINFO) == 0)) 1172 ttyinfo(tp); 1173 lwkt_reltoken(&tty_token); 1174 return(0); 1175 } 1176 } 1177 if (ap->a_cmd == TIOCEXT) { 1178 /* 1179 * When the EXTPROC bit is being toggled, we need 1180 * to send an TIOCPKT_IOCTL if the packet driver 1181 * is turned on. 1182 */ 1183 if (*(int *)ap->a_data) { 1184 if (pti->pt_flags & PF_PKT) { 1185 pti->pt_send |= TIOCPKT_IOCTL; 1186 ptcwakeup(tp, FREAD); 1187 } 1188 tp->t_lflag |= EXTPROC; 1189 } else { 1190 if ((tp->t_lflag & EXTPROC) && 1191 (pti->pt_flags & PF_PKT)) { 1192 pti->pt_send |= TIOCPKT_IOCTL; 1193 ptcwakeup(tp, FREAD); 1194 } 1195 tp->t_lflag &= ~EXTPROC; 1196 } 1197 lwkt_reltoken(&tty_token); 1198 return(0); 1199 } 1200 error = (*linesw[tp->t_line].l_ioctl)(tp, ap->a_cmd, ap->a_data, 1201 ap->a_fflag, ap->a_cred); 1202 if (error == ENOIOCTL) 1203 error = ttioctl(tp, ap->a_cmd, ap->a_data, ap->a_fflag); 1204 if (error == ENOIOCTL) { 1205 if (pti->pt_flags & PF_UCNTL && 1206 (ap->a_cmd & ~0xff) == UIOCCMD(0)) { 1207 if (ap->a_cmd & 0xff) { 1208 pti->pt_ucntl = (u_char)ap->a_cmd; 1209 ptcwakeup(tp, FREAD); 1210 } 1211 lwkt_reltoken(&tty_token); 1212 return (0); 1213 } 1214 error = ENOTTY; 1215 } 1216 /* 1217 * If external processing and packet mode send ioctl packet. 1218 */ 1219 if ((tp->t_lflag&EXTPROC) && (pti->pt_flags & PF_PKT)) { 1220 switch(ap->a_cmd) { 1221 case TIOCSETA: 1222 case TIOCSETAW: 1223 case TIOCSETAF: 1224 #ifdef COMPAT_43 1225 case TIOCSETP: 1226 case TIOCSETN: 1227 case TIOCSETC: 1228 case TIOCSLTC: 1229 case TIOCLBIS: 1230 case TIOCLBIC: 1231 case TIOCLSET: 1232 #endif 1233 pti->pt_send |= TIOCPKT_IOCTL; 1234 ptcwakeup(tp, FREAD); 1235 default: 1236 break; 1237 } 1238 } 1239 stop = (tp->t_iflag & IXON) && CCEQ(cc[VSTOP], CTRL('s')) 1240 && CCEQ(cc[VSTART], CTRL('q')); 1241 if (pti->pt_flags & PF_NOSTOP) { 1242 if (stop) { 1243 pti->pt_send &= ~TIOCPKT_NOSTOP; 1244 pti->pt_send |= TIOCPKT_DOSTOP; 1245 pti->pt_flags &= ~PF_NOSTOP; 1246 ptcwakeup(tp, FREAD); 1247 } 1248 } else { 1249 if (!stop) { 1250 pti->pt_send &= ~TIOCPKT_DOSTOP; 1251 pti->pt_send |= TIOCPKT_NOSTOP; 1252 pti->pt_flags |= PF_NOSTOP; 1253 ptcwakeup(tp, FREAD); 1254 } 1255 } 1256 lwkt_reltoken(&tty_token); 1257 return (error); 1258 } 1259 1260 1261 static void ptc_drvinit (void *unused); 1262 1263 SYSCTL_INT(_kern, OID_AUTO, pty_debug, CTLFLAG_RW, &pty_debug_level, 1264 0, "Change pty debug level"); 1265 1266 static void 1267 ptc_drvinit(void *unused) 1268 { 1269 int i; 1270 1271 /* 1272 * Unix98 pty stuff. 1273 * Create the clonable base device. 1274 */ 1275 make_autoclone_dev(&ptc_ops, &DEVFS_CLONE_BITMAP(pty), ptyclone, 1276 0, 0, 0666, "ptmx"); 1277 1278 for (i = 0; i < 256; i++) { 1279 ptyinit(i); 1280 } 1281 } 1282 1283 SYSINIT(ptcdev, SI_SUB_DRIVERS, SI_ORDER_MIDDLE + CDEV_MAJOR_C, ptc_drvinit, 1284 NULL); 1285