1 /* 2 * (MPSAFE) 3 * 4 * Copyright (c) 1982, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)tty_pty.c 8.4 (Berkeley) 2/20/95 32 * $FreeBSD: src/sys/kern/tty_pty.c,v 1.74.2.4 2002/02/20 19:58:13 dillon Exp $ 33 */ 34 35 /* 36 * MPSAFE NOTE: 37 * Most functions here could use a separate lock to deal with concurrent 38 * access to the 'pt's. 39 * 40 * Right now the tty_token must be held for all this. 41 */ 42 43 /* 44 * Pseudo-teletype Driver 45 * (Actually two drivers, requiring two dev_ops structures) 46 */ 47 48 #include "opt_compat.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #if defined(COMPAT_43) 53 #include <sys/ioctl_compat.h> 54 #endif 55 #include <sys/proc.h> 56 #include <sys/priv.h> 57 #include <sys/tty.h> 58 #include <sys/conf.h> 59 #include <sys/fcntl.h> 60 #include <sys/kernel.h> 61 #include <sys/vnode.h> 62 #include <sys/signalvar.h> 63 #include <sys/malloc.h> 64 #include <sys/device.h> 65 #include <sys/thread2.h> 66 #include <sys/devfs.h> 67 #include <sys/stat.h> 68 #include <sys/sysctl.h> 69 70 MALLOC_DEFINE(M_PTY, "ptys", "pty data structures"); 71 72 static void ptsstart (struct tty *tp); 73 static void ptsstop (struct tty *tp, int rw); 74 static void ptsunhold (struct tty *tp); 75 static void ptcwakeup (struct tty *tp, int flag); 76 static void ptyinit (int n); 77 static int filt_ptcread (struct knote *kn, long hint); 78 static void filt_ptcrdetach (struct knote *kn); 79 static int filt_ptcwrite (struct knote *kn, long hint); 80 static void filt_ptcwdetach (struct knote *kn); 81 82 static d_open_t ptsopen; 83 static d_close_t ptsclose; 84 static d_read_t ptsread; 85 static d_write_t ptswrite; 86 static d_ioctl_t ptyioctl; 87 static d_open_t ptcopen; 88 static d_close_t ptcclose; 89 static d_read_t ptcread; 90 static d_write_t ptcwrite; 91 static d_kqfilter_t ptckqfilter; 92 93 DEVFS_DECLARE_CLONE_BITMAP(pty); 94 95 static d_clone_t ptyclone; 96 97 static int pty_debug_level = 0; 98 99 static struct dev_ops pts98_ops = { 100 { "pts98", 0, D_TTY | D_MPSAFE }, 101 .d_open = ptsopen, 102 .d_close = ptsclose, 103 .d_read = ptsread, 104 .d_write = ptswrite, 105 .d_ioctl = ptyioctl, 106 .d_kqfilter = ttykqfilter, 107 .d_revoke = ttyrevoke 108 }; 109 110 static struct dev_ops ptc98_ops = { 111 { "ptc98", 0, D_TTY | D_MASTER | D_MPSAFE }, 112 .d_open = ptcopen, 113 .d_close = ptcclose, 114 .d_read = ptcread, 115 .d_write = ptcwrite, 116 .d_ioctl = ptyioctl, 117 .d_kqfilter = ptckqfilter, 118 .d_revoke = ttyrevoke 119 }; 120 121 static struct dev_ops pts_ops = { 122 { "pts", 0, D_TTY | D_MPSAFE }, 123 .d_open = ptsopen, 124 .d_close = ptsclose, 125 .d_read = ptsread, 126 .d_write = ptswrite, 127 .d_ioctl = ptyioctl, 128 .d_kqfilter = ttykqfilter, 129 .d_revoke = ttyrevoke 130 }; 131 132 #define CDEV_MAJOR_C 6 133 static struct dev_ops ptc_ops = { 134 { "ptc", 0, D_TTY | D_MASTER | D_MPSAFE }, 135 .d_open = ptcopen, 136 .d_close = ptcclose, 137 .d_read = ptcread, 138 .d_write = ptcwrite, 139 .d_ioctl = ptyioctl, 140 .d_kqfilter = ptckqfilter, 141 .d_revoke = ttyrevoke 142 }; 143 144 #define BUFSIZ 100 /* Chunk size iomoved to/from user */ 145 146 struct pt_ioctl { 147 int pt_flags; 148 int pt_refs; /* Structural references interlock S/MOPEN */ 149 int pt_uminor; 150 struct kqinfo pt_kqr, pt_kqw; 151 u_char pt_send; 152 u_char pt_ucntl; 153 struct tty pt_tty; 154 cdev_t devs, devc; 155 struct prison *pt_prison; 156 }; 157 158 /* 159 * pt_flags ptc state 160 */ 161 #define PF_PKT 0x0008 /* packet mode */ 162 #define PF_STOPPED 0x0010 /* user told stopped */ 163 #define PF_REMOTE 0x0020 /* remote and flow controlled input */ 164 #define PF_NOSTOP 0x0040 165 #define PF_UCNTL 0x0080 /* user control mode */ 166 167 #define PF_PTCSTATEMASK 0x00FF 168 169 /* 170 * pt_flags open state. Note that PF_SCLOSED is used to activate 171 * read EOF on the ptc so it is only set after the slave has been 172 * opened and then closed, and cleared again if the slave is opened 173 * again. 174 */ 175 #define PF_UNIX98 0x0100 176 #define PF_SOPEN 0x0200 177 #define PF_MOPEN 0x0400 178 #define PF_SCLOSED 0x0800 179 #define PF_TERMINATED 0x8000 180 181 /* 182 * This function creates and initializes a pts/ptc pair 183 * 184 * pts == /dev/tty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv] 185 * ptc == /dev/pty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv] 186 * 187 * XXX: define and add mapping of upper minor bits to allow more 188 * than 256 ptys. 189 */ 190 static void 191 ptyinit(int n) 192 { 193 cdev_t devs, devc; 194 char *names = "pqrsPQRS"; 195 struct pt_ioctl *pt; 196 197 /* For now we only map the lower 8 bits of the minor */ 198 if (n & ~0xff) 199 return; 200 201 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO); 202 pt->devs = devs = make_dev(&pts_ops, n, 203 0, 0, 0666, "tty%c%r", names[n / 32], n % 32); 204 pt->devc = devc = make_dev(&ptc_ops, n, 205 0, 0, 0666, "pty%c%r", names[n / 32], n % 32); 206 207 pt->pt_tty.t_dev = devs; 208 pt->pt_uminor = n; 209 devs->si_drv1 = devc->si_drv1 = pt; 210 devs->si_tty = devc->si_tty = &pt->pt_tty; 211 devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 212 devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 213 ttyregister(&pt->pt_tty); 214 } 215 216 static int 217 ptyclone(struct dev_clone_args *ap) 218 { 219 int unit; 220 struct pt_ioctl *pt; 221 222 /* 223 * Limit the number of unix98 pty (slave) devices to 1000, as 224 * the utmp(5) format only allows for 8 bytes for the tty, 225 * "pts/XXX". 226 * If this limit is reached, we don't clone and return error 227 * to devfs. 228 */ 229 unit = devfs_clone_bitmap_get(&DEVFS_CLONE_BITMAP(pty), 1000); 230 231 if (unit < 0) { 232 ap->a_dev = NULL; 233 return 1; 234 } 235 236 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO); 237 238 pt->devc = make_only_dev(&ptc98_ops, unit, 239 ap->a_cred->cr_ruid, 240 0, 0600, "ptm/%d", unit); 241 pt->devs = make_dev(&pts98_ops, unit, 242 ap->a_cred->cr_ruid, 243 GID_TTY, 0620, "pts/%d", unit); 244 ap->a_dev = pt->devc; 245 246 pt->devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 247 pt->devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */ 248 249 pt->pt_tty.t_dev = pt->devs; 250 pt->pt_flags |= PF_UNIX98; 251 pt->pt_uminor = unit; 252 pt->devs->si_drv1 = pt->devc->si_drv1 = pt; 253 pt->devs->si_tty = pt->devc->si_tty = &pt->pt_tty; 254 255 ttyregister(&pt->pt_tty); 256 257 return 0; 258 } 259 260 /* 261 * pti_hold() prevents the pti from being destroyed due to a termination 262 * while a pt*open() is blocked. 263 * 264 * This function returns non-zero if we cannot hold due to a termination 265 * interlock. 266 * 267 * NOTE: Must be called with tty_token held 268 */ 269 static int 270 pti_hold(struct pt_ioctl *pti) 271 { 272 if (pti->pt_flags & PF_TERMINATED) 273 return(ENXIO); 274 ++pti->pt_refs; 275 return(0); 276 } 277 278 /* 279 * pti_done() releases the reference and checks to see if both sides have 280 * been closed on a unix98 pty, allowing us to destroy the device and 281 * release resources. 282 * 283 * We do not release resources on non-unix98 ptys. Those are left 284 * statically allocated. 285 */ 286 static void 287 pti_done(struct pt_ioctl *pti) 288 { 289 lwkt_gettoken(&tty_token); 290 if (--pti->pt_refs == 0) { 291 cdev_t dev; 292 int uminor_no; 293 294 /* 295 * Only unix09 ptys are freed up 296 */ 297 if ((pti->pt_flags & PF_UNIX98) == 0) { 298 lwkt_reltoken(&tty_token); 299 return; 300 } 301 302 /* 303 * Interlock open attempts against termination by setting 304 * PF_TERMINATED. This allows us to block while cleaning 305 * out the device infrastructure. 306 * 307 * Do not terminate the tty if it still has a session 308 * association (t_refs). 309 */ 310 if ((pti->pt_flags & (PF_SOPEN|PF_MOPEN)) == 0 && 311 pti->pt_tty.t_refs == 0) { 312 pti->pt_flags |= PF_TERMINATED; 313 uminor_no = pti->pt_uminor; 314 315 if ((dev = pti->devs) != NULL) { 316 dev->si_drv1 = NULL; 317 pti->devs = NULL; 318 destroy_dev(dev); 319 } 320 if ((dev = pti->devc) != NULL) { 321 dev->si_drv1 = NULL; 322 pti->devc = NULL; 323 destroy_dev(dev); 324 } 325 ttyunregister(&pti->pt_tty); 326 devfs_clone_bitmap_put(&DEVFS_CLONE_BITMAP(pty), 327 uminor_no); 328 kfree(pti, M_PTY); 329 } 330 } 331 lwkt_reltoken(&tty_token); 332 } 333 334 /*ARGSUSED*/ 335 static int 336 ptsopen(struct dev_open_args *ap) 337 { 338 cdev_t dev = ap->a_head.a_dev; 339 struct tty *tp; 340 int error; 341 struct pt_ioctl *pti; 342 343 /* 344 * The pti will already be assigned by the clone code or 345 * pre-created if a non-unix 98 pty. If si_drv1 is NULL 346 * we are somehow racing a unix98 termination. 347 */ 348 if (dev->si_drv1 == NULL) 349 return(ENXIO); 350 pti = dev->si_drv1; 351 352 lwkt_gettoken(&tty_token); 353 if (pti_hold(pti)) { 354 lwkt_reltoken(&tty_token); 355 return(ENXIO); 356 } 357 358 tp = dev->si_tty; 359 360 /* 361 * Reinit most of the tty state if it isn't open. Handle 362 * exclusive access. 363 */ 364 if ((tp->t_state & TS_ISOPEN) == 0) { 365 ttychars(tp); /* Set up default chars */ 366 tp->t_iflag = TTYDEF_IFLAG; 367 tp->t_oflag = TTYDEF_OFLAG; 368 tp->t_lflag = TTYDEF_LFLAG; 369 tp->t_cflag = TTYDEF_CFLAG; 370 tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED; 371 } else if ((tp->t_state & TS_XCLUDE) && 372 priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) { 373 pti_done(pti); 374 lwkt_reltoken(&tty_token); 375 return (EBUSY); 376 } else if (pti->pt_prison != ap->a_cred->cr_prison) { 377 pti_done(pti); 378 lwkt_reltoken(&tty_token); 379 return (EBUSY); 380 } 381 382 /* 383 * If the ptc is already present this will connect us up. It 384 * is unclear if this is actually needed. 385 * 386 * If neither side is open be sure to clear any left over 387 * ZOMBIE state before continuing. 388 */ 389 if (tp->t_oproc) 390 (void)(*linesw[tp->t_line].l_modem)(tp, 1); 391 else if ((pti->pt_flags & PF_SOPEN) == 0) 392 tp->t_state &= ~TS_ZOMBIE; 393 394 /* 395 * Wait for the carrier (ptc side) 396 */ 397 while ((tp->t_state & TS_CARR_ON) == 0) { 398 if (ap->a_oflags & FNONBLOCK) 399 break; 400 error = ttysleep(tp, TSA_CARR_ON(tp), PCATCH, "ptsopn", 0); 401 if (error) { 402 pti_done(pti); 403 lwkt_reltoken(&tty_token); 404 return (error); 405 } 406 } 407 408 /* 409 * Mark the tty open and mark the slave side as being open. 410 */ 411 error = (*linesw[tp->t_line].l_open)(dev, tp); 412 413 if (error == 0) { 414 pti->pt_flags |= PF_SOPEN; 415 pti->pt_flags &= ~PF_SCLOSED; 416 ptcwakeup(tp, FREAD|FWRITE); 417 } 418 pti_done(pti); 419 420 lwkt_reltoken(&tty_token); 421 return (error); 422 } 423 424 static int 425 ptsclose(struct dev_close_args *ap) 426 { 427 cdev_t dev = ap->a_head.a_dev; 428 struct tty *tp; 429 struct pt_ioctl *pti = dev->si_drv1; 430 int err; 431 432 lwkt_gettoken(&tty_token); 433 if (pti_hold(pti)) 434 panic("ptsclose on terminated pti"); 435 436 /* 437 * Disconnect the slave side 438 */ 439 tp = dev->si_tty; 440 err = (*linesw[tp->t_line].l_close)(tp, ap->a_fflag); 441 ptsstop(tp, FREAD|FWRITE); 442 ttyclose(tp); /* clears t_state */ 443 444 /* 445 * Mark the pts side closed and signal the ptc. Do not mark the 446 * tty a zombie... that is, allow the tty to be re-opened as long 447 * as the ptc is still open. The ptc will read() EOFs until the 448 * pts side is reopened or the ptc is closed. 449 * 450 * xterm() depends on this behavior as it will revoke() the pts 451 * and then reopen it after the (unnecessary old code) chmod. 452 */ 453 pti->pt_flags &= ~PF_SOPEN; 454 pti->pt_flags |= PF_SCLOSED; 455 if (tp->t_oproc) 456 ptcwakeup(tp, FREAD); 457 pti_done(pti); 458 lwkt_reltoken(&tty_token); 459 return (err); 460 } 461 462 static int 463 ptsread(struct dev_read_args *ap) 464 { 465 cdev_t dev = ap->a_head.a_dev; 466 struct proc *p = curproc; 467 struct tty *tp = dev->si_tty; 468 struct pt_ioctl *pti = dev->si_drv1; 469 struct lwp *lp; 470 471 int error = 0; 472 473 lp = curthread->td_lwp; 474 475 lwkt_gettoken(&tty_token); 476 again: 477 if (pti->pt_flags & PF_REMOTE) { 478 while (isbackground(p, tp)) { 479 if (SIGISMEMBER(p->p_sigignore, SIGTTIN) || 480 SIGISMEMBER(lp->lwp_sigmask, SIGTTIN) || 481 p->p_pgrp->pg_jobc == 0 || 482 (p->p_flags & P_PPWAIT)) { 483 lwkt_reltoken(&tty_token); 484 return (EIO); 485 } 486 pgsignal(p->p_pgrp, SIGTTIN, 1); 487 error = ttysleep(tp, &lbolt, PCATCH, "ptsbg", 0); 488 if (error) { 489 lwkt_reltoken(&tty_token); 490 return (error); 491 } 492 } 493 if (tp->t_canq.c_cc == 0) { 494 if (ap->a_ioflag & IO_NDELAY) { 495 lwkt_reltoken(&tty_token); 496 return (EWOULDBLOCK); 497 } 498 error = ttysleep(tp, TSA_PTS_READ(tp), PCATCH, 499 "ptsin", 0); 500 if (error) { 501 lwkt_reltoken(&tty_token); 502 return (error); 503 } 504 goto again; 505 } 506 while (tp->t_canq.c_cc > 1 && ap->a_uio->uio_resid > 0) 507 if (ureadc(clist_getc(&tp->t_canq), ap->a_uio) < 0) { 508 error = EFAULT; 509 break; 510 } 511 if (tp->t_canq.c_cc == 1) 512 clist_getc(&tp->t_canq); 513 if (tp->t_canq.c_cc) { 514 lwkt_reltoken(&tty_token); 515 return (error); 516 } 517 } else 518 if (tp->t_oproc) 519 error = (*linesw[tp->t_line].l_read)(tp, ap->a_uio, ap->a_ioflag); 520 ptcwakeup(tp, FWRITE); 521 lwkt_reltoken(&tty_token); 522 return (error); 523 } 524 525 /* 526 * Write to pseudo-tty. 527 * Wakeups of controlling tty will happen 528 * indirectly, when tty driver calls ptsstart. 529 */ 530 static int 531 ptswrite(struct dev_write_args *ap) 532 { 533 cdev_t dev = ap->a_head.a_dev; 534 struct tty *tp; 535 int ret; 536 537 lwkt_gettoken(&tty_token); 538 tp = dev->si_tty; 539 if (tp->t_oproc == NULL) { 540 lwkt_reltoken(&tty_token); 541 return (EIO); 542 } 543 ret = ((*linesw[tp->t_line].l_write)(tp, ap->a_uio, ap->a_ioflag)); 544 lwkt_reltoken(&tty_token); 545 return ret; 546 } 547 548 /* 549 * Start output on pseudo-tty. 550 * Wake up process selecting or sleeping for input from controlling tty. 551 */ 552 static void 553 ptsstart(struct tty *tp) 554 { 555 lwkt_gettoken(&tty_token); 556 struct pt_ioctl *pti = tp->t_dev->si_drv1; 557 558 if (tp->t_state & TS_TTSTOP) { 559 lwkt_reltoken(&tty_token); 560 return; 561 } 562 if (pti) { 563 if (pti->pt_flags & PF_STOPPED) { 564 pti->pt_flags &= ~PF_STOPPED; 565 pti->pt_send = TIOCPKT_START; 566 } 567 } 568 ptcwakeup(tp, FREAD); 569 lwkt_reltoken(&tty_token); 570 } 571 572 /* 573 * NOTE: Must be called with tty_token held 574 */ 575 static void 576 ptcwakeup(struct tty *tp, int flag) 577 { 578 ASSERT_LWKT_TOKEN_HELD(&tty_token); 579 580 if (flag & FREAD) { 581 wakeup(TSA_PTC_READ(tp)); 582 KNOTE(&tp->t_rkq.ki_note, 0); 583 } 584 if (flag & FWRITE) { 585 wakeup(TSA_PTC_WRITE(tp)); 586 KNOTE(&tp->t_wkq.ki_note, 0); 587 } 588 } 589 590 static int 591 ptcopen(struct dev_open_args *ap) 592 { 593 cdev_t dev = ap->a_head.a_dev; 594 struct tty *tp; 595 struct pt_ioctl *pti; 596 597 /* 598 * The pti will already be assigned by the clone code or 599 * pre-created if a non-unix 98 pty. If si_drv1 is NULL 600 * we are somehow racing a unix98 termination. 601 */ 602 if (dev->si_drv1 == NULL) 603 return(ENXIO); 604 605 lwkt_gettoken(&tty_token); 606 pti = dev->si_drv1; 607 if (pti_hold(pti)) { 608 lwkt_reltoken(&tty_token); 609 return(ENXIO); 610 } 611 if (pti->pt_prison && pti->pt_prison != ap->a_cred->cr_prison) { 612 pti_done(pti); 613 lwkt_reltoken(&tty_token); 614 return(EBUSY); 615 } 616 tp = dev->si_tty; 617 if (tp->t_oproc) { 618 pti_done(pti); 619 lwkt_reltoken(&tty_token); 620 return (EIO); 621 } 622 623 /* 624 * If the slave side is not yet open clear any left over zombie 625 * state before doing our modem control. 626 */ 627 if ((pti->pt_flags & PF_SOPEN) == 0) 628 tp->t_state &= ~TS_ZOMBIE; 629 630 tp->t_oproc = ptsstart; 631 tp->t_stop = ptsstop; 632 tp->t_unhold = ptsunhold; 633 634 /* 635 * Carrier on! 636 */ 637 (void)(*linesw[tp->t_line].l_modem)(tp, 1); 638 639 tp->t_lflag &= ~EXTPROC; 640 pti->pt_prison = ap->a_cred->cr_prison; 641 pti->pt_flags &= ~PF_PTCSTATEMASK; 642 pti->pt_send = 0; 643 pti->pt_ucntl = 0; 644 645 pti->devs->si_uid = ap->a_cred->cr_uid; 646 pti->devs->si_gid = 0; 647 pti->devs->si_perms = 0600; 648 pti->devc->si_uid = ap->a_cred->cr_uid; 649 pti->devc->si_gid = 0; 650 pti->devc->si_perms = 0600; 651 652 /* 653 * Mark master side open. This does not cause any events 654 * on the slave side. 655 */ 656 pti->pt_flags |= PF_MOPEN; 657 pti_done(pti); 658 659 lwkt_reltoken(&tty_token); 660 return (0); 661 } 662 663 static int 664 ptcclose(struct dev_close_args *ap) 665 { 666 cdev_t dev = ap->a_head.a_dev; 667 struct tty *tp; 668 struct pt_ioctl *pti = dev->si_drv1; 669 670 lwkt_gettoken(&tty_token); 671 if (pti_hold(pti)) 672 panic("ptcclose on terminated pti"); 673 674 tp = dev->si_tty; 675 (void)(*linesw[tp->t_line].l_modem)(tp, 0); 676 677 /* 678 * Mark the master side closed. If the slave is still open 679 * mark the tty ZOMBIE, preventing any new action until both 680 * sides have closed. 681 * 682 * NOTE: The ttyflush() will wake up the slave once we've 683 * set appropriate flags. The ZOMBIE flag will be 684 * cleared when the slave side is closed. 685 */ 686 pti->pt_flags &= ~PF_MOPEN; 687 if (pti->pt_flags & PF_SOPEN) 688 tp->t_state |= TS_ZOMBIE; 689 690 /* 691 * Turn off the carrier and disconnect. This will notify the slave 692 * side. 693 */ 694 if (tp->t_state & TS_ISOPEN) { 695 tp->t_state &= ~(TS_CARR_ON | TS_CONNECTED); 696 ttyflush(tp, FREAD | FWRITE); 697 } 698 tp->t_oproc = NULL; /* mark closed */ 699 700 pti->pt_prison = NULL; 701 pti->devs->si_uid = 0; 702 pti->devs->si_gid = 0; 703 pti->devs->si_perms = 0666; 704 pti->devc->si_uid = 0; 705 pti->devc->si_gid = 0; 706 pti->devc->si_perms = 0666; 707 708 pti_done(pti); 709 710 lwkt_reltoken(&tty_token); 711 return (0); 712 } 713 714 static int 715 ptcread(struct dev_read_args *ap) 716 { 717 cdev_t dev = ap->a_head.a_dev; 718 struct tty *tp = dev->si_tty; 719 struct pt_ioctl *pti = dev->si_drv1; 720 char buf[BUFSIZ]; 721 int error = 0, cc; 722 723 lwkt_gettoken(&tty_token); 724 /* 725 * We want to block until the slave 726 * is open, and there's something to read; 727 * but if we lost the slave or we're NBIO, 728 * then return the appropriate error instead. 729 */ 730 for (;;) { 731 if (tp->t_state&TS_ISOPEN) { 732 if ((pti->pt_flags & PF_PKT) && pti->pt_send) { 733 error = ureadc((int)pti->pt_send, ap->a_uio); 734 if (error) { 735 lwkt_reltoken(&tty_token); 736 return (error); 737 } 738 if (pti->pt_send & TIOCPKT_IOCTL) { 739 cc = (int)szmin(ap->a_uio->uio_resid, 740 sizeof(tp->t_termios)); 741 uiomove((caddr_t)&tp->t_termios, cc, 742 ap->a_uio); 743 } 744 pti->pt_send = 0; 745 lwkt_reltoken(&tty_token); 746 return (0); 747 } 748 if ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl) { 749 error = ureadc((int)pti->pt_ucntl, ap->a_uio); 750 if (error) { 751 lwkt_reltoken(&tty_token); 752 return (error); 753 } 754 pti->pt_ucntl = 0; 755 lwkt_reltoken(&tty_token); 756 return (0); 757 } 758 if (tp->t_outq.c_cc && (tp->t_state&TS_TTSTOP) == 0) 759 break; 760 } 761 if ((tp->t_state & TS_CONNECTED) == 0) { 762 lwkt_reltoken(&tty_token); 763 return (0); /* EOF */ 764 } 765 if (ap->a_ioflag & IO_NDELAY) { 766 lwkt_reltoken(&tty_token); 767 return (EWOULDBLOCK); 768 } 769 error = tsleep(TSA_PTC_READ(tp), PCATCH, "ptcin", 0); 770 if (error) { 771 lwkt_reltoken(&tty_token); 772 return (error); 773 } 774 } 775 if (pti->pt_flags & (PF_PKT|PF_UCNTL)) 776 error = ureadc(0, ap->a_uio); 777 while (ap->a_uio->uio_resid > 0 && error == 0) { 778 cc = q_to_b(&tp->t_outq, buf, 779 (int)szmin(ap->a_uio->uio_resid, BUFSIZ)); 780 if (cc <= 0) 781 break; 782 error = uiomove(buf, (size_t)cc, ap->a_uio); 783 } 784 ttwwakeup(tp); 785 lwkt_reltoken(&tty_token); 786 return (error); 787 } 788 789 static void 790 ptsstop(struct tty *tp, int flush) 791 { 792 struct pt_ioctl *pti = tp->t_dev->si_drv1; 793 int flag; 794 795 lwkt_gettoken(&tty_token); 796 /* note: FLUSHREAD and FLUSHWRITE already ok */ 797 if (pti) { 798 if (flush == 0) { 799 flush = TIOCPKT_STOP; 800 pti->pt_flags |= PF_STOPPED; 801 } else { 802 pti->pt_flags &= ~PF_STOPPED; 803 } 804 pti->pt_send |= flush; 805 /* change of perspective */ 806 } 807 flag = 0; 808 if (flush & FREAD) 809 flag |= FWRITE; 810 if (flush & FWRITE) 811 flag |= FREAD; 812 ptcwakeup(tp, flag); 813 814 lwkt_reltoken(&tty_token); 815 } 816 817 /* 818 * ttyunhold() calls us instead of just decrementing tp->t_refs. This 819 * is needed because a session can hold onto a pts (half closed state) 820 * even if there are no live file descriptors. Without the callback 821 * we can't clean up. 822 */ 823 static void 824 ptsunhold(struct tty *tp) 825 { 826 struct pt_ioctl *pti = tp->t_dev->si_drv1; 827 828 lwkt_gettoken(&tty_token); 829 pti_hold(pti); 830 --tp->t_refs; 831 pti_done(pti); 832 lwkt_reltoken(&tty_token); 833 } 834 835 /* 836 * kqueue ops for pseudo-terminals. 837 */ 838 static struct filterops ptcread_filtops = 839 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcrdetach, filt_ptcread }; 840 static struct filterops ptcwrite_filtops = 841 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcwdetach, filt_ptcwrite }; 842 843 static int 844 ptckqfilter(struct dev_kqfilter_args *ap) 845 { 846 cdev_t dev = ap->a_head.a_dev; 847 struct knote *kn = ap->a_kn; 848 struct tty *tp = dev->si_tty; 849 struct klist *klist; 850 851 lwkt_gettoken(&tty_token); 852 ap->a_result = 0; 853 switch (kn->kn_filter) { 854 case EVFILT_READ: 855 klist = &tp->t_rkq.ki_note; 856 kn->kn_fop = &ptcread_filtops; 857 break; 858 case EVFILT_WRITE: 859 klist = &tp->t_wkq.ki_note; 860 kn->kn_fop = &ptcwrite_filtops; 861 break; 862 default: 863 ap->a_result = EOPNOTSUPP; 864 lwkt_reltoken(&tty_token); 865 return (0); 866 } 867 868 kn->kn_hook = (caddr_t)dev; 869 knote_insert(klist, kn); 870 lwkt_reltoken(&tty_token); 871 return (0); 872 } 873 874 static int 875 filt_ptcread (struct knote *kn, long hint) 876 { 877 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 878 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1; 879 880 lwkt_gettoken(&tty_token); 881 if ((tp->t_state & TS_ZOMBIE) || (pti->pt_flags & PF_SCLOSED)) { 882 kn->kn_flags |= (EV_EOF | EV_NODATA); 883 lwkt_reltoken(&tty_token); 884 return (1); 885 } 886 887 if ((tp->t_state & TS_ISOPEN) && 888 ((tp->t_outq.c_cc && (tp->t_state & TS_TTSTOP) == 0) || 889 ((pti->pt_flags & PF_PKT) && pti->pt_send) || 890 ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl))) { 891 kn->kn_data = tp->t_outq.c_cc; 892 lwkt_reltoken(&tty_token); 893 return(1); 894 } else { 895 lwkt_reltoken(&tty_token); 896 return(0); 897 } 898 } 899 900 static int 901 filt_ptcwrite (struct knote *kn, long hint) 902 { 903 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 904 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1; 905 906 lwkt_gettoken(&tty_token); 907 if (tp->t_state & TS_ZOMBIE) { 908 kn->kn_flags |= (EV_EOF | EV_NODATA); 909 lwkt_reltoken(&tty_token); 910 return (1); 911 } 912 913 if (tp->t_state & TS_ISOPEN && 914 ((pti->pt_flags & PF_REMOTE) ? 915 (tp->t_canq.c_cc == 0) : 916 ((tp->t_rawq.c_cc + tp->t_canq.c_cc < TTYHOG - 2) || 917 (tp->t_canq.c_cc == 0 && (tp->t_lflag & ICANON))))) { 918 kn->kn_data = tp->t_canq.c_cc + tp->t_rawq.c_cc; 919 lwkt_reltoken(&tty_token); 920 return(1); 921 } else { 922 lwkt_reltoken(&tty_token); 923 return(0); 924 } 925 /* NOTREACHED */ 926 } 927 928 static void 929 filt_ptcrdetach (struct knote *kn) 930 { 931 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 932 933 knote_remove(&tp->t_rkq.ki_note, kn); 934 } 935 936 static void 937 filt_ptcwdetach (struct knote *kn) 938 { 939 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty; 940 941 knote_remove(&tp->t_wkq.ki_note, kn); 942 } 943 944 /* 945 * I/O ops 946 */ 947 static int 948 ptcwrite(struct dev_write_args *ap) 949 { 950 cdev_t dev = ap->a_head.a_dev; 951 struct tty *tp = dev->si_tty; 952 u_char *cp = NULL; 953 int cc = 0; 954 u_char locbuf[BUFSIZ]; 955 int cnt = 0; 956 struct pt_ioctl *pti = dev->si_drv1; 957 int error = 0; 958 959 lwkt_gettoken(&tty_token); 960 again: 961 if ((tp->t_state&TS_ISOPEN) == 0) 962 goto block; 963 if (pti->pt_flags & PF_REMOTE) { 964 if (tp->t_canq.c_cc) 965 goto block; 966 while ((ap->a_uio->uio_resid > 0 || cc > 0) && 967 tp->t_canq.c_cc < TTYHOG - 1) { 968 if (cc == 0) { 969 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ); 970 cc = imin(cc, TTYHOG - 1 - tp->t_canq.c_cc); 971 cp = locbuf; 972 error = uiomove(cp, (size_t)cc, ap->a_uio); 973 if (error) { 974 lwkt_reltoken(&tty_token); 975 return (error); 976 } 977 /* check again for safety */ 978 if ((tp->t_state & TS_ISOPEN) == 0) { 979 /* adjust as usual */ 980 ap->a_uio->uio_resid += cc; 981 lwkt_reltoken(&tty_token); 982 return (EIO); 983 } 984 } 985 if (cc > 0) { 986 cc = b_to_q((char *)cp, cc, &tp->t_canq); 987 /* 988 * XXX we don't guarantee that the canq size 989 * is >= TTYHOG, so the above b_to_q() may 990 * leave some bytes uncopied. However, space 991 * is guaranteed for the null terminator if 992 * we don't fail here since (TTYHOG - 1) is 993 * not a multiple of CBSIZE. 994 */ 995 if (cc > 0) 996 break; 997 } 998 } 999 /* adjust for data copied in but not written */ 1000 ap->a_uio->uio_resid += cc; 1001 clist_putc(0, &tp->t_canq); 1002 ttwakeup(tp); 1003 wakeup(TSA_PTS_READ(tp)); 1004 lwkt_reltoken(&tty_token); 1005 return (0); 1006 } 1007 while (ap->a_uio->uio_resid > 0 || cc > 0) { 1008 if (cc == 0) { 1009 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ); 1010 cp = locbuf; 1011 error = uiomove(cp, (size_t)cc, ap->a_uio); 1012 if (error) { 1013 lwkt_reltoken(&tty_token); 1014 return (error); 1015 } 1016 /* check again for safety */ 1017 if ((tp->t_state & TS_ISOPEN) == 0) { 1018 /* adjust for data copied in but not written */ 1019 ap->a_uio->uio_resid += cc; 1020 lwkt_reltoken(&tty_token); 1021 return (EIO); 1022 } 1023 } 1024 while (cc > 0) { 1025 if ((tp->t_rawq.c_cc + tp->t_canq.c_cc) >= TTYHOG - 2 && 1026 (tp->t_canq.c_cc > 0 || !(tp->t_lflag&ICANON))) { 1027 wakeup(TSA_HUP_OR_INPUT(tp)); 1028 goto block; 1029 } 1030 (*linesw[tp->t_line].l_rint)(*cp++, tp); 1031 cnt++; 1032 cc--; 1033 } 1034 cc = 0; 1035 } 1036 lwkt_reltoken(&tty_token); 1037 return (0); 1038 block: 1039 /* 1040 * Come here to wait for slave to open, for space 1041 * in outq, or space in rawq, or an empty canq. 1042 */ 1043 if ((tp->t_state & TS_CONNECTED) == 0) { 1044 /* adjust for data copied in but not written */ 1045 ap->a_uio->uio_resid += cc; 1046 lwkt_reltoken(&tty_token); 1047 return (EIO); 1048 } 1049 if (ap->a_ioflag & IO_NDELAY) { 1050 /* adjust for data copied in but not written */ 1051 ap->a_uio->uio_resid += cc; 1052 if (cnt == 0) { 1053 lwkt_reltoken(&tty_token); 1054 return (EWOULDBLOCK); 1055 } 1056 lwkt_reltoken(&tty_token); 1057 return (0); 1058 } 1059 error = tsleep(TSA_PTC_WRITE(tp), PCATCH, "ptcout", 0); 1060 if (error) { 1061 /* adjust for data copied in but not written */ 1062 ap->a_uio->uio_resid += cc; 1063 lwkt_reltoken(&tty_token); 1064 return (error); 1065 } 1066 goto again; 1067 } 1068 1069 /*ARGSUSED*/ 1070 static int 1071 ptyioctl(struct dev_ioctl_args *ap) 1072 { 1073 cdev_t dev = ap->a_head.a_dev; 1074 struct tty *tp = dev->si_tty; 1075 struct pt_ioctl *pti = dev->si_drv1; 1076 u_char *cc = tp->t_cc; 1077 int stop, error; 1078 1079 lwkt_gettoken(&tty_token); 1080 if (dev_dflags(dev) & D_MASTER) { 1081 switch (ap->a_cmd) { 1082 1083 case TIOCGPGRP: 1084 /* 1085 * We avoid calling ttioctl on the controller since, 1086 * in that case, tp must be the controlling terminal. 1087 */ 1088 *(int *)ap->a_data = tp->t_pgrp ? tp->t_pgrp->pg_id : 0; 1089 lwkt_reltoken(&tty_token); 1090 return (0); 1091 1092 case TIOCPKT: 1093 if (*(int *)ap->a_data) { 1094 if (pti->pt_flags & PF_UCNTL) { 1095 lwkt_reltoken(&tty_token); 1096 return (EINVAL); 1097 } 1098 pti->pt_flags |= PF_PKT; 1099 } else { 1100 pti->pt_flags &= ~PF_PKT; 1101 } 1102 lwkt_reltoken(&tty_token); 1103 return (0); 1104 1105 case TIOCUCNTL: 1106 if (*(int *)ap->a_data) { 1107 if (pti->pt_flags & PF_PKT) { 1108 lwkt_reltoken(&tty_token); 1109 return (EINVAL); 1110 } 1111 pti->pt_flags |= PF_UCNTL; 1112 } else { 1113 pti->pt_flags &= ~PF_UCNTL; 1114 } 1115 lwkt_reltoken(&tty_token); 1116 return (0); 1117 1118 case TIOCREMOTE: 1119 if (*(int *)ap->a_data) 1120 pti->pt_flags |= PF_REMOTE; 1121 else 1122 pti->pt_flags &= ~PF_REMOTE; 1123 ttyflush(tp, FREAD|FWRITE); 1124 lwkt_reltoken(&tty_token); 1125 return (0); 1126 1127 case TIOCISPTMASTER: 1128 if ((pti->pt_flags & PF_UNIX98) && 1129 (pti->devc == dev)) { 1130 lwkt_reltoken(&tty_token); 1131 return (0); 1132 } else { 1133 lwkt_reltoken(&tty_token); 1134 return (EINVAL); 1135 } 1136 } 1137 1138 /* 1139 * The rest of the ioctls shouldn't be called until 1140 * the slave is open. 1141 */ 1142 if ((tp->t_state & TS_ISOPEN) == 0) { 1143 lwkt_reltoken(&tty_token); 1144 return (EAGAIN); 1145 } 1146 1147 switch (ap->a_cmd) { 1148 #ifdef COMPAT_43 1149 case TIOCSETP: 1150 case TIOCSETN: 1151 #endif 1152 case TIOCSETD: 1153 case TIOCSETA: 1154 case TIOCSETAW: 1155 case TIOCSETAF: 1156 /* 1157 * IF CONTROLLER STTY THEN MUST FLUSH TO PREVENT A HANG. 1158 * ttywflush(tp) will hang if there are characters in 1159 * the outq. 1160 */ 1161 ndflush(&tp->t_outq, tp->t_outq.c_cc); 1162 break; 1163 1164 case TIOCSIG: 1165 if (*(unsigned int *)ap->a_data >= NSIG || 1166 *(unsigned int *)ap->a_data == 0) { 1167 lwkt_reltoken(&tty_token); 1168 return(EINVAL); 1169 } 1170 if ((tp->t_lflag&NOFLSH) == 0) 1171 ttyflush(tp, FREAD|FWRITE); 1172 pgsignal(tp->t_pgrp, *(unsigned int *)ap->a_data, 1); 1173 if ((*(unsigned int *)ap->a_data == SIGINFO) && 1174 ((tp->t_lflag&NOKERNINFO) == 0)) 1175 ttyinfo(tp); 1176 lwkt_reltoken(&tty_token); 1177 return(0); 1178 } 1179 } 1180 if (ap->a_cmd == TIOCEXT) { 1181 /* 1182 * When the EXTPROC bit is being toggled, we need 1183 * to send an TIOCPKT_IOCTL if the packet driver 1184 * is turned on. 1185 */ 1186 if (*(int *)ap->a_data) { 1187 if (pti->pt_flags & PF_PKT) { 1188 pti->pt_send |= TIOCPKT_IOCTL; 1189 ptcwakeup(tp, FREAD); 1190 } 1191 tp->t_lflag |= EXTPROC; 1192 } else { 1193 if ((tp->t_lflag & EXTPROC) && 1194 (pti->pt_flags & PF_PKT)) { 1195 pti->pt_send |= TIOCPKT_IOCTL; 1196 ptcwakeup(tp, FREAD); 1197 } 1198 tp->t_lflag &= ~EXTPROC; 1199 } 1200 lwkt_reltoken(&tty_token); 1201 return(0); 1202 } 1203 error = (*linesw[tp->t_line].l_ioctl)(tp, ap->a_cmd, ap->a_data, 1204 ap->a_fflag, ap->a_cred); 1205 if (error == ENOIOCTL) 1206 error = ttioctl(tp, ap->a_cmd, ap->a_data, ap->a_fflag); 1207 if (error == ENOIOCTL) { 1208 if (pti->pt_flags & PF_UCNTL && 1209 (ap->a_cmd & ~0xff) == UIOCCMD(0)) { 1210 if (ap->a_cmd & 0xff) { 1211 pti->pt_ucntl = (u_char)ap->a_cmd; 1212 ptcwakeup(tp, FREAD); 1213 } 1214 lwkt_reltoken(&tty_token); 1215 return (0); 1216 } 1217 error = ENOTTY; 1218 } 1219 /* 1220 * If external processing and packet mode send ioctl packet. 1221 */ 1222 if ((tp->t_lflag&EXTPROC) && (pti->pt_flags & PF_PKT)) { 1223 switch(ap->a_cmd) { 1224 case TIOCSETA: 1225 case TIOCSETAW: 1226 case TIOCSETAF: 1227 #ifdef COMPAT_43 1228 case TIOCSETP: 1229 case TIOCSETN: 1230 case TIOCSETC: 1231 case TIOCSLTC: 1232 case TIOCLBIS: 1233 case TIOCLBIC: 1234 case TIOCLSET: 1235 #endif 1236 pti->pt_send |= TIOCPKT_IOCTL; 1237 ptcwakeup(tp, FREAD); 1238 default: 1239 break; 1240 } 1241 } 1242 stop = (tp->t_iflag & IXON) && CCEQ(cc[VSTOP], CTRL('s')) 1243 && CCEQ(cc[VSTART], CTRL('q')); 1244 if (pti->pt_flags & PF_NOSTOP) { 1245 if (stop) { 1246 pti->pt_send &= ~TIOCPKT_NOSTOP; 1247 pti->pt_send |= TIOCPKT_DOSTOP; 1248 pti->pt_flags &= ~PF_NOSTOP; 1249 ptcwakeup(tp, FREAD); 1250 } 1251 } else { 1252 if (!stop) { 1253 pti->pt_send &= ~TIOCPKT_DOSTOP; 1254 pti->pt_send |= TIOCPKT_NOSTOP; 1255 pti->pt_flags |= PF_NOSTOP; 1256 ptcwakeup(tp, FREAD); 1257 } 1258 } 1259 lwkt_reltoken(&tty_token); 1260 return (error); 1261 } 1262 1263 1264 static void ptc_drvinit (void *unused); 1265 1266 SYSCTL_INT(_kern, OID_AUTO, pty_debug, CTLFLAG_RW, &pty_debug_level, 1267 0, "Change pty debug level"); 1268 1269 static void 1270 ptc_drvinit(void *unused) 1271 { 1272 int i; 1273 1274 /* 1275 * Unix98 pty stuff. 1276 * Create the clonable base device. 1277 */ 1278 make_autoclone_dev(&ptc_ops, &DEVFS_CLONE_BITMAP(pty), ptyclone, 1279 0, 0, 0666, "ptmx"); 1280 1281 for (i = 0; i < 256; i++) { 1282 ptyinit(i); 1283 } 1284 } 1285 1286 SYSINIT(ptcdev, SI_SUB_DRIVERS, SI_ORDER_MIDDLE + CDEV_MAJOR_C, ptc_drvinit, 1287 NULL); 1288