search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libc/citrus: Catch a NULL pointer earlier, check for empty string later.
[dragonfly.git] / sys / kern / tty_pty.c
blob6ac4341d37706688796a71cb512468bbeeab6dc9
1 /*
2 * (MPSAFE)
3 *
4 * Copyright (c) 1982, 1986, 1989, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * @(#)tty_pty.c 8.4 (Berkeley) 2/20/95
32 * $FreeBSD: src/sys/kern/tty_pty.c,v 1.74.2.4 2002/02/20 19:58:13 dillon Exp $
33 */
34
35 /*
36 * MPSAFE NOTE:
37 * Most functions here could use a separate lock to deal with concurrent
38 * access to the 'pt's.
39 *
40 * Right now the tty_token must be held for all this.
41 */
42
43 /*
44 * Pseudo-teletype Driver
45 * (Actually two drivers, requiring two dev_ops structures)
46 */
47
48 #include <sys/param.h>
49 #include <sys/systm.h>
50 #include <sys/proc.h>
51 #include <sys/priv.h>
52 #include <sys/tty.h>
53 #include <sys/conf.h>
54 #include <sys/fcntl.h>
55 #include <sys/kernel.h>
56 #include <sys/vnode.h>
57 #include <sys/signalvar.h>
58 #include <sys/malloc.h>
59 #include <sys/device.h>
60 #include <sys/thread2.h>
61 #include <sys/devfs.h>
62 #include <sys/stat.h>
63 #include <sys/sysctl.h>
64
65 MALLOC_DEFINE(M_PTY, "ptys", "pty data structures");
66
67 static void ptsstart (struct tty *tp);
68 static void ptsstop (struct tty *tp, int rw);
69 static void ptsunhold (struct tty *tp);
70 static void ptcwakeup (struct tty *tp, int flag);
71 static void ptyinit (int n);
72 static int filt_ptcread (struct knote *kn, long hint);
73 static void filt_ptcrdetach (struct knote *kn);
74 static int filt_ptcwrite (struct knote *kn, long hint);
75 static void filt_ptcwdetach (struct knote *kn);
76
77 static d_open_t ptsopen;
78 static d_close_t ptsclose;
79 static d_read_t ptsread;
80 static d_write_t ptswrite;
81 static d_ioctl_t ptyioctl;
82 static d_open_t ptcopen;
83 static d_close_t ptcclose;
84 static d_read_t ptcread;
85 static d_write_t ptcwrite;
86 static d_kqfilter_t ptckqfilter;
87
88 DEVFS_DEFINE_CLONE_BITMAP(pty);
89
90 static d_clone_t ptyclone;
91
92 static int pty_debug_level = 0;
93
94 static struct dev_ops pts98_ops = {
95 { "pts98", 0, D_TTY | D_MPSAFE },
96 .d_open = ptsopen,
97 .d_close = ptsclose,
98 .d_read = ptsread,
99 .d_write = ptswrite,
100 .d_ioctl = ptyioctl,
101 .d_kqfilter = ttykqfilter,
102 .d_revoke = ttyrevoke
103 };
104
105 static struct dev_ops ptc98_ops = {
106 { "ptc98", 0, D_TTY | D_MASTER | D_MPSAFE },
107 .d_open = ptcopen,
108 .d_close = ptcclose,
109 .d_read = ptcread,
110 .d_write = ptcwrite,
111 .d_ioctl = ptyioctl,
112 .d_kqfilter = ptckqfilter,
113 .d_revoke = ttyrevoke
114 };
115
116 static struct dev_ops pts_ops = {
117 { "pts", 0, D_TTY | D_MPSAFE },
118 .d_open = ptsopen,
119 .d_close = ptsclose,
120 .d_read = ptsread,
121 .d_write = ptswrite,
122 .d_ioctl = ptyioctl,
123 .d_kqfilter = ttykqfilter,
124 .d_revoke = ttyrevoke
125 };
126
127 #define CDEV_MAJOR_C 6
128 static struct dev_ops ptc_ops = {
129 { "ptc", 0, D_TTY | D_MASTER | D_MPSAFE },
130 .d_open = ptcopen,
131 .d_close = ptcclose,
132 .d_read = ptcread,
133 .d_write = ptcwrite,
134 .d_ioctl = ptyioctl,
135 .d_kqfilter = ptckqfilter,
136 .d_revoke = ttyrevoke
137 };
138
139 #define BUFSIZ 100 /* Chunk size iomoved to/from user */
140
141 struct pt_ioctl {
142 int pt_flags;
143 int pt_refs; /* Structural references interlock S/MOPEN */
144 int pt_uminor;
145 struct kqinfo pt_kqr, pt_kqw;
146 u_char pt_send;
147 u_char pt_ucntl;
148 struct tty pt_tty;
149 cdev_t devs, devc;
150 struct prison *pt_prison;
151 };
152
153 /*
154 * pt_flags ptc state
155 */
156 #define PF_PKT 0x0008 /* packet mode */
157 #define PF_STOPPED 0x0010 /* user told stopped */
158 #define PF_REMOTE 0x0020 /* remote and flow controlled input */
159 #define PF_NOSTOP 0x0040
160 #define PF_UCNTL 0x0080 /* user control mode */
161
162 #define PF_PTCSTATEMASK 0x00FF
163
164 /*
165 * pt_flags open state. Note that PF_SCLOSED is used to activate
166 * read EOF on the ptc so it is only set after the slave has been
167 * opened and then closed, and cleared again if the slave is opened
168 * again.
169 */
170 #define PF_UNIX98 0x0100
171 #define PF_SOPEN 0x0200
172 #define PF_MOPEN 0x0400
173 #define PF_SCLOSED 0x0800
174 #define PF_TERMINATED 0x8000
175
176 /*
177 * This function creates and initializes a pts/ptc pair
178 *
179 * pts == /dev/tty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv]
180 * ptc == /dev/pty[pqrsPQRS][0123456789abcdefghijklmnopqrstuv]
181 *
182 * XXX: define and add mapping of upper minor bits to allow more
183 * than 256 ptys.
184 */
185 static void
186 ptyinit(int n)
187 {
188 cdev_t devs, devc;
189 char *names = "pqrsPQRS";
190 struct pt_ioctl *pt;
191
192 /* For now we only map the lower 8 bits of the minor */
193 if (n & ~0xff)
194 return;
195
196 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO);
197 pt->devs = devs = make_dev(&pts_ops, n,
198 0, 0, 0666, "tty%c%r", names[n / 32], n % 32);
199 pt->devc = devc = make_dev(&ptc_ops, n,
200 0, 0, 0666, "pty%c%r", names[n / 32], n % 32);
201
202 pt->pt_tty.t_dev = devs;
203 pt->pt_uminor = n;
204 devs->si_drv1 = devc->si_drv1 = pt;
205 devs->si_tty = devc->si_tty = &pt->pt_tty;
206 devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */
207 devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */
208 ttyregister(&pt->pt_tty);
209 }
210
211 static int
212 ptyclone(struct dev_clone_args *ap)
213 {
214 int unit;
215 struct pt_ioctl *pt;
216
217 /*
218 * Limit the number of unix98 pty (slave) devices to 1000, as
219 * the utmp(5) format only allows for 8 bytes for the tty,
220 * "pts/XXX".
221 * If this limit is reached, we don't clone and return error
222 * to devfs.
223 */
224 unit = devfs_clone_bitmap_get(&DEVFS_CLONE_BITMAP(pty), 1000);
225
226 if (unit < 0) {
227 ap->a_dev = NULL;
228 return 1;
229 }
230
231 pt = kmalloc(sizeof(*pt), M_PTY, M_WAITOK | M_ZERO);
232
233 pt->devc = make_only_dev(&ptc98_ops, unit,
234 ap->a_cred->cr_ruid,
235 0, 0600, "ptm/%d", unit);
236 pt->devs = make_dev(&pts98_ops, unit,
237 ap->a_cred->cr_ruid,
238 GID_TTY, 0620, "pts/%d", unit);
239 ap->a_dev = pt->devc;
240
241 pt->devs->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */
242 pt->devc->si_flags |= SI_OVERRIDE; /* uid, gid, perms from dev */
243
244 pt->pt_tty.t_dev = pt->devs;
245 pt->pt_flags |= PF_UNIX98;
246 pt->pt_uminor = unit;
247 pt->devs->si_drv1 = pt->devc->si_drv1 = pt;
248 pt->devs->si_tty = pt->devc->si_tty = &pt->pt_tty;
249
250 ttyregister(&pt->pt_tty);
251
252 return 0;
253 }
254
255 /*
256 * pti_hold() prevents the pti from being destroyed due to a termination
257 * while a pt*open() is blocked.
258 *
259 * This function returns non-zero if we cannot hold due to a termination
260 * interlock.
261 *
262 * NOTE: Must be called with tty_token held
263 */
264 static int
265 pti_hold(struct pt_ioctl *pti)
266 {
267 if (pti->pt_flags & PF_TERMINATED)
268 return(ENXIO);
269 ++pti->pt_refs;
270 return(0);
271 }
272
273 /*
274 * pti_done() releases the reference and checks to see if both sides have
275 * been closed on a unix98 pty, allowing us to destroy the device and
276 * release resources.
277 *
278 * We do not release resources on non-unix98 ptys. Those are left
279 * statically allocated.
280 */
281 static void
282 pti_done(struct pt_ioctl *pti)
283 {
284 lwkt_gettoken(&tty_token);
285 if (--pti->pt_refs == 0) {
286 cdev_t dev;
287 int uminor_no;
288
289 /*
290 * Only unix09 ptys are freed up
291 */
292 if ((pti->pt_flags & PF_UNIX98) == 0) {
293 lwkt_reltoken(&tty_token);
294 return;
295 }
296
297 /*
298 * Interlock open attempts against termination by setting
299 * PF_TERMINATED. This allows us to block while cleaning
300 * out the device infrastructure.
301 *
302 * Do not terminate the tty if it still has a session
303 * association (t_refs).
304 */
305 if ((pti->pt_flags & (PF_SOPEN|PF_MOPEN)) == 0 &&
306 pti->pt_tty.t_refs == 0) {
307 pti->pt_flags |= PF_TERMINATED;
308 uminor_no = pti->pt_uminor;
309
310 if ((dev = pti->devs) != NULL) {
311 dev->si_drv1 = NULL;
312 pti->devs = NULL;
313 destroy_dev(dev);
314 }
315 if ((dev = pti->devc) != NULL) {
316 dev->si_drv1 = NULL;
317 pti->devc = NULL;
318 destroy_dev(dev);
319 }
320 ttyunregister(&pti->pt_tty);
321 devfs_clone_bitmap_put(&DEVFS_CLONE_BITMAP(pty),
322 uminor_no);
323 kfree(pti, M_PTY);
324 }
325 }
326 lwkt_reltoken(&tty_token);
327 }
328
329 /*ARGSUSED*/
330 static int
331 ptsopen(struct dev_open_args *ap)
332 {
333 cdev_t dev = ap->a_head.a_dev;
334 struct tty *tp;
335 int error;
336 struct pt_ioctl *pti;
337
338 /*
339 * The pti will already be assigned by the clone code or
340 * pre-created if a non-unix 98 pty. If si_drv1 is NULL
341 * we are somehow racing a unix98 termination.
342 */
343 if (dev->si_drv1 == NULL)
344 return(ENXIO);
345 pti = dev->si_drv1;
346
347 lwkt_gettoken(&tty_token);
348 if (pti_hold(pti)) {
349 lwkt_reltoken(&tty_token);
350 return(ENXIO);
351 }
352
353 tp = dev->si_tty;
354
355 /*
356 * Reinit most of the tty state if it isn't open. Handle
357 * exclusive access.
358 */
359 if ((tp->t_state & TS_ISOPEN) == 0) {
360 ttychars(tp); /* Set up default chars */
361 tp->t_iflag = TTYDEF_IFLAG;
362 tp->t_oflag = TTYDEF_OFLAG;
363 tp->t_lflag = TTYDEF_LFLAG;
364 tp->t_cflag = TTYDEF_CFLAG;
365 tp->t_ispeed = tp->t_ospeed = TTYDEF_SPEED;
366 } else if ((tp->t_state & TS_XCLUDE) &&
367 priv_check_cred(ap->a_cred, PRIV_ROOT, 0)) {
368 pti_done(pti);
369 lwkt_reltoken(&tty_token);
370 return (EBUSY);
371 } else if (pti->pt_prison != ap->a_cred->cr_prison) {
372 pti_done(pti);
373 lwkt_reltoken(&tty_token);
374 return (EBUSY);
375 }
376
377 /*
378 * If the ptc is already present this will connect us up. It
379 * is unclear if this is actually needed.
380 *
381 * If neither side is open be sure to clear any left over
382 * ZOMBIE state before continuing.
383 */
384 if (tp->t_oproc)
385 (void)(*linesw[tp->t_line].l_modem)(tp, 1);
386 else if ((pti->pt_flags & PF_SOPEN) == 0)
387 tp->t_state &= ~TS_ZOMBIE;
388
389 /*
390 * Wait for the carrier (ptc side)
391 */
392 while ((tp->t_state & TS_CARR_ON) == 0) {
393 if (ap->a_oflags & FNONBLOCK)
394 break;
395 error = ttysleep(tp, TSA_CARR_ON(tp), PCATCH, "ptsopn", 0);
396 if (error) {
397 pti_done(pti);
398 lwkt_reltoken(&tty_token);
399 return (error);
400 }
401 }
402
403 /*
404 * Mark the tty open and mark the slave side as being open.
405 */
406 error = (*linesw[tp->t_line].l_open)(dev, tp);
407
408 if (error == 0) {
409 pti->pt_flags |= PF_SOPEN;
410 pti->pt_flags &= ~PF_SCLOSED;
411 ptcwakeup(tp, FREAD|FWRITE);
412 }
413 pti_done(pti);
414
415 lwkt_reltoken(&tty_token);
416 return (error);
417 }
418
419 static int
420 ptsclose(struct dev_close_args *ap)
421 {
422 cdev_t dev = ap->a_head.a_dev;
423 struct tty *tp;
424 struct pt_ioctl *pti = dev->si_drv1;
425 int err;
426
427 lwkt_gettoken(&tty_token);
428 if (pti_hold(pti))
429 panic("ptsclose on terminated pti");
430
431 /*
432 * Disconnect the slave side
433 */
434 tp = dev->si_tty;
435 err = (*linesw[tp->t_line].l_close)(tp, ap->a_fflag);
436 ptsstop(tp, FREAD|FWRITE);
437 ttyclose(tp); /* clears t_state */
438
439 /*
440 * Mark the pts side closed and signal the ptc. Do not mark the
441 * tty a zombie... that is, allow the tty to be re-opened as long
442 * as the ptc is still open. The ptc will read() EOFs until the
443 * pts side is reopened or the ptc is closed.
444 *
445 * xterm() depends on this behavior as it will revoke() the pts
446 * and then reopen it after the (unnecessary old code) chmod.
447 */
448 pti->pt_flags &= ~PF_SOPEN;
449 pti->pt_flags |= PF_SCLOSED;
450 if (tp->t_oproc)
451 ptcwakeup(tp, FREAD);
452 pti_done(pti);
453 lwkt_reltoken(&tty_token);
454 return (err);
455 }
456
457 static int
458 ptsread(struct dev_read_args *ap)
459 {
460 cdev_t dev = ap->a_head.a_dev;
461 struct proc *p = curproc;
462 struct tty *tp = dev->si_tty;
463 struct pt_ioctl *pti = dev->si_drv1;
464 struct lwp *lp;
465
466 int error = 0;
467
468 lp = curthread->td_lwp;
469
470 lwkt_gettoken(&tty_token);
471 again:
472 if (pti->pt_flags & PF_REMOTE) {
473 while (isbackground(p, tp)) {
474 if (SIGISMEMBER(p->p_sigignore, SIGTTIN) ||
475 SIGISMEMBER(lp->lwp_sigmask, SIGTTIN) ||
476 p->p_pgrp->pg_jobc == 0 ||
477 (p->p_flags & P_PPWAIT)) {
478 lwkt_reltoken(&tty_token);
479 return (EIO);
480 }
481 pgsignal(p->p_pgrp, SIGTTIN, 1);
482 error = ttysleep(tp, &lbolt, PCATCH, "ptsbg", 0);
483 if (error) {
484 lwkt_reltoken(&tty_token);
485 return (error);
486 }
487 }
488 if (tp->t_canq.c_cc == 0) {
489 if (ap->a_ioflag & IO_NDELAY) {
490 lwkt_reltoken(&tty_token);
491 return (EWOULDBLOCK);
492 }
493 error = ttysleep(tp, TSA_PTS_READ(tp), PCATCH,
494 "ptsin", 0);
495 if (error) {
496 lwkt_reltoken(&tty_token);
497 return (error);
498 }
499 goto again;
500 }
501 while (tp->t_canq.c_cc > 1 && ap->a_uio->uio_resid > 0)
502 if (ureadc(clist_getc(&tp->t_canq), ap->a_uio) < 0) {
503 error = EFAULT;
504 break;
505 }
506 if (tp->t_canq.c_cc == 1)
507 clist_getc(&tp->t_canq);
508 if (tp->t_canq.c_cc) {
509 lwkt_reltoken(&tty_token);
510 return (error);
511 }
512 } else
513 if (tp->t_oproc)
514 error = (*linesw[tp->t_line].l_read)(tp, ap->a_uio, ap->a_ioflag);
515 ptcwakeup(tp, FWRITE);
516 lwkt_reltoken(&tty_token);
517 return (error);
518 }
519
520 /*
521 * Write to pseudo-tty.
522 * Wakeups of controlling tty will happen
523 * indirectly, when tty driver calls ptsstart.
524 */
525 static int
526 ptswrite(struct dev_write_args *ap)
527 {
528 cdev_t dev = ap->a_head.a_dev;
529 struct tty *tp;
530 int ret;
531
532 lwkt_gettoken(&tty_token);
533 tp = dev->si_tty;
534 if (tp->t_oproc == NULL) {
535 lwkt_reltoken(&tty_token);
536 return (EIO);
537 }
538 ret = ((*linesw[tp->t_line].l_write)(tp, ap->a_uio, ap->a_ioflag));
539 lwkt_reltoken(&tty_token);
540 return ret;
541 }
542
543 /*
544 * Start output on pseudo-tty.
545 * Wake up process selecting or sleeping for input from controlling tty.
546 */
547 static void
548 ptsstart(struct tty *tp)
549 {
550 lwkt_gettoken(&tty_token);
551 struct pt_ioctl *pti = tp->t_dev->si_drv1;
552
553 if (tp->t_state & TS_TTSTOP) {
554 lwkt_reltoken(&tty_token);
555 return;
556 }
557 if (pti) {
558 if (pti->pt_flags & PF_STOPPED) {
559 pti->pt_flags &= ~PF_STOPPED;
560 pti->pt_send = TIOCPKT_START;
561 }
562 }
563 ptcwakeup(tp, FREAD);
564 lwkt_reltoken(&tty_token);
565 }
566
567 /*
568 * NOTE: Must be called with tty_token held
569 */
570 static void
571 ptcwakeup(struct tty *tp, int flag)
572 {
573 ASSERT_LWKT_TOKEN_HELD(&tty_token);
574
575 if (flag & FREAD) {
576 wakeup(TSA_PTC_READ(tp));
577 KNOTE(&tp->t_rkq.ki_note, 0);
578 }
579 if (flag & FWRITE) {
580 wakeup(TSA_PTC_WRITE(tp));
581 KNOTE(&tp->t_wkq.ki_note, 0);
582 }
583 }
584
585 static int
586 ptcopen(struct dev_open_args *ap)
587 {
588 cdev_t dev = ap->a_head.a_dev;
589 struct tty *tp;
590 struct pt_ioctl *pti;
591
592 /*
593 * The pti will already be assigned by the clone code or
594 * pre-created if a non-unix 98 pty. If si_drv1 is NULL
595 * we are somehow racing a unix98 termination.
596 */
597 if (dev->si_drv1 == NULL)
598 return(ENXIO);
599
600 lwkt_gettoken(&tty_token);
601 pti = dev->si_drv1;
602 if (pti_hold(pti)) {
603 lwkt_reltoken(&tty_token);
604 return(ENXIO);
605 }
606 if (pti->pt_prison && pti->pt_prison != ap->a_cred->cr_prison) {
607 pti_done(pti);
608 lwkt_reltoken(&tty_token);
609 return(EBUSY);
610 }
611 tp = dev->si_tty;
612 if (tp->t_oproc) {
613 pti_done(pti);
614 lwkt_reltoken(&tty_token);
615 return (EIO);
616 }
617
618 /*
619 * If the slave side is not yet open clear any left over zombie
620 * state before doing our modem control.
621 */
622 if ((pti->pt_flags & PF_SOPEN) == 0)
623 tp->t_state &= ~TS_ZOMBIE;
624
625 tp->t_oproc = ptsstart;
626 tp->t_stop = ptsstop;
627 tp->t_unhold = ptsunhold;
628
629 /*
630 * Carrier on!
631 */
632 (void)(*linesw[tp->t_line].l_modem)(tp, 1);
633
634 tp->t_lflag &= ~EXTPROC;
635 pti->pt_prison = ap->a_cred->cr_prison;
636 pti->pt_flags &= ~PF_PTCSTATEMASK;
637 pti->pt_send = 0;
638 pti->pt_ucntl = 0;
639
640 pti->devs->si_uid = ap->a_cred->cr_uid;
641 pti->devs->si_gid = 0;
642 pti->devs->si_perms = 0600;
643 pti->devc->si_uid = ap->a_cred->cr_uid;
644 pti->devc->si_gid = 0;
645 pti->devc->si_perms = 0600;
646
647 /*
648 * Mark master side open. This does not cause any events
649 * on the slave side.
650 */
651 pti->pt_flags |= PF_MOPEN;
652 pti_done(pti);
653
654 lwkt_reltoken(&tty_token);
655 return (0);
656 }
657
658 static int
659 ptcclose(struct dev_close_args *ap)
660 {
661 cdev_t dev = ap->a_head.a_dev;
662 struct tty *tp;
663 struct pt_ioctl *pti = dev->si_drv1;
664
665 lwkt_gettoken(&tty_token);
666 if (pti_hold(pti))
667 panic("ptcclose on terminated pti");
668
669 tp = dev->si_tty;
670 (void)(*linesw[tp->t_line].l_modem)(tp, 0);
671
672 /*
673 * Mark the master side closed. If the slave is still open
674 * mark the tty ZOMBIE, preventing any new action until both
675 * sides have closed.
676 *
677 * NOTE: The ttyflush() will wake up the slave once we've
678 * set appropriate flags. The ZOMBIE flag will be
679 * cleared when the slave side is closed.
680 */
681 pti->pt_flags &= ~PF_MOPEN;
682 if (pti->pt_flags & PF_SOPEN)
683 tp->t_state |= TS_ZOMBIE;
684
685 /*
686 * Turn off the carrier and disconnect. This will notify the slave
687 * side.
688 */
689 if (tp->t_state & TS_ISOPEN) {
690 tp->t_state &= ~(TS_CARR_ON | TS_CONNECTED);
691 ttyflush(tp, FREAD | FWRITE);
692 }
693 tp->t_oproc = NULL; /* mark closed */
694
695 pti->pt_prison = NULL;
696 pti->devs->si_uid = 0;
697 pti->devs->si_gid = 0;
698 pti->devs->si_perms = 0666;
699 pti->devc->si_uid = 0;
700 pti->devc->si_gid = 0;
701 pti->devc->si_perms = 0666;
702
703 pti_done(pti);
704
705 lwkt_reltoken(&tty_token);
706 return (0);
707 }
708
709 static int
710 ptcread(struct dev_read_args *ap)
711 {
712 cdev_t dev = ap->a_head.a_dev;
713 struct tty *tp = dev->si_tty;
714 struct pt_ioctl *pti = dev->si_drv1;
715 char buf[BUFSIZ];
716 int error = 0, cc;
717
718 lwkt_gettoken(&tty_token);
719 /*
720 * We want to block until the slave
721 * is open, and there's something to read;
722 * but if we lost the slave or we're NBIO,
723 * then return the appropriate error instead.
724 */
725 for (;;) {
726 if (tp->t_state&TS_ISOPEN) {
727 if ((pti->pt_flags & PF_PKT) && pti->pt_send) {
728 error = ureadc((int)pti->pt_send, ap->a_uio);
729 if (error) {
730 lwkt_reltoken(&tty_token);
731 return (error);
732 }
733 if (pti->pt_send & TIOCPKT_IOCTL) {
734 cc = (int)szmin(ap->a_uio->uio_resid,
735 sizeof(tp->t_termios));
736 uiomove((caddr_t)&tp->t_termios, cc,
737 ap->a_uio);
738 }
739 pti->pt_send = 0;
740 lwkt_reltoken(&tty_token);
741 return (0);
742 }
743 if ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl) {
744 error = ureadc((int)pti->pt_ucntl, ap->a_uio);
745 if (error) {
746 lwkt_reltoken(&tty_token);
747 return (error);
748 }
749 pti->pt_ucntl = 0;
750 lwkt_reltoken(&tty_token);
751 return (0);
752 }
753 if (tp->t_outq.c_cc && (tp->t_state&TS_TTSTOP) == 0)
754 break;
755 }
756 if ((tp->t_state & TS_CONNECTED) == 0) {
757 lwkt_reltoken(&tty_token);
758 return (0); /* EOF */
759 }
760 if (ap->a_ioflag & IO_NDELAY) {
761 lwkt_reltoken(&tty_token);
762 return (EWOULDBLOCK);
763 }
764 error = tsleep(TSA_PTC_READ(tp), PCATCH, "ptcin", 0);
765 if (error) {
766 lwkt_reltoken(&tty_token);
767 return (error);
768 }
769 }
770 if (pti->pt_flags & (PF_PKT|PF_UCNTL))
771 error = ureadc(0, ap->a_uio);
772 while (ap->a_uio->uio_resid > 0 && error == 0) {
773 cc = q_to_b(&tp->t_outq, buf,
774 (int)szmin(ap->a_uio->uio_resid, BUFSIZ));
775 if (cc <= 0)
776 break;
777 error = uiomove(buf, (size_t)cc, ap->a_uio);
778 }
779 ttwwakeup(tp);
780 lwkt_reltoken(&tty_token);
781 return (error);
782 }
783
784 static void
785 ptsstop(struct tty *tp, int flush)
786 {
787 struct pt_ioctl *pti = tp->t_dev->si_drv1;
788 int flag;
789
790 lwkt_gettoken(&tty_token);
791 /* note: FLUSHREAD and FLUSHWRITE already ok */
792 if (pti) {
793 if (flush == 0) {
794 flush = TIOCPKT_STOP;
795 pti->pt_flags |= PF_STOPPED;
796 } else {
797 pti->pt_flags &= ~PF_STOPPED;
798 }
799 pti->pt_send |= flush;
800 /* change of perspective */
801 }
802 flag = 0;
803 if (flush & FREAD)
804 flag |= FWRITE;
805 if (flush & FWRITE)
806 flag |= FREAD;
807 ptcwakeup(tp, flag);
808
809 lwkt_reltoken(&tty_token);
810 }
811
812 /*
813 * ttyunhold() calls us instead of just decrementing tp->t_refs. This
814 * is needed because a session can hold onto a pts (half closed state)
815 * even if there are no live file descriptors. Without the callback
816 * we can't clean up.
817 */
818 static void
819 ptsunhold(struct tty *tp)
820 {
821 struct pt_ioctl *pti = tp->t_dev->si_drv1;
822
823 lwkt_gettoken(&tty_token);
824 pti_hold(pti);
825 --tp->t_refs;
826 pti_done(pti);
827 lwkt_reltoken(&tty_token);
828 }
829
830 /*
831 * kqueue ops for pseudo-terminals.
832 */
833 static struct filterops ptcread_filtops =
834 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcrdetach, filt_ptcread };
835 static struct filterops ptcwrite_filtops =
836 { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ptcwdetach, filt_ptcwrite };
837
838 static int
839 ptckqfilter(struct dev_kqfilter_args *ap)
840 {
841 cdev_t dev = ap->a_head.a_dev;
842 struct knote *kn = ap->a_kn;
843 struct tty *tp = dev->si_tty;
844 struct klist *klist;
845
846 ap->a_result = 0;
847 switch (kn->kn_filter) {
848 case EVFILT_READ:
849 klist = &tp->t_rkq.ki_note;
850 kn->kn_fop = &ptcread_filtops;
851 break;
852 case EVFILT_WRITE:
853 klist = &tp->t_wkq.ki_note;
854 kn->kn_fop = &ptcwrite_filtops;
855 break;
856 default:
857 ap->a_result = EOPNOTSUPP;
858 return (0);
859 }
860
861 kn->kn_hook = (caddr_t)dev;
862 knote_insert(klist, kn);
863 return (0);
864 }
865
866 static int
867 filt_ptcread (struct knote *kn, long hint)
868 {
869 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
870 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1;
871
872 lwkt_gettoken(&tty_token);
873 if ((tp->t_state & TS_ZOMBIE) || (pti->pt_flags & PF_SCLOSED)) {
874 lwkt_reltoken(&tty_token);
875 kn->kn_flags |= (EV_EOF | EV_NODATA);
876 return (1);
877 }
878
879 if ((tp->t_state & TS_ISOPEN) &&
880 ((tp->t_outq.c_cc && (tp->t_state & TS_TTSTOP) == 0) ||
881 ((pti->pt_flags & PF_PKT) && pti->pt_send) ||
882 ((pti->pt_flags & PF_UCNTL) && pti->pt_ucntl))) {
883 kn->kn_data = tp->t_outq.c_cc;
884 lwkt_reltoken(&tty_token);
885 return(1);
886 } else {
887 lwkt_reltoken(&tty_token);
888 return(0);
889 }
890 }
891
892 static int
893 filt_ptcwrite (struct knote *kn, long hint)
894 {
895 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
896 struct pt_ioctl *pti = ((cdev_t)kn->kn_hook)->si_drv1;
897
898 lwkt_gettoken(&tty_token);
899 if (tp->t_state & TS_ZOMBIE) {
900 lwkt_reltoken(&tty_token);
901 kn->kn_flags |= (EV_EOF | EV_NODATA);
902 return (1);
903 }
904
905 if (tp->t_state & TS_ISOPEN &&
906 ((pti->pt_flags & PF_REMOTE) ?
907 (tp->t_canq.c_cc == 0) :
908 ((tp->t_rawq.c_cc + tp->t_canq.c_cc < TTYHOG - 2) ||
909 (tp->t_canq.c_cc == 0 && (tp->t_lflag & ICANON))))) {
910 kn->kn_data = tp->t_canq.c_cc + tp->t_rawq.c_cc;
911 lwkt_reltoken(&tty_token);
912 return(1);
913 } else {
914 lwkt_reltoken(&tty_token);
915 return(0);
916 }
917 /* NOTREACHED */
918 }
919
920 static void
921 filt_ptcrdetach (struct knote *kn)
922 {
923 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
924
925 knote_remove(&tp->t_rkq.ki_note, kn);
926 }
927
928 static void
929 filt_ptcwdetach (struct knote *kn)
930 {
931 struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
932
933 knote_remove(&tp->t_wkq.ki_note, kn);
934 }
935
936 /*
937 * I/O ops
938 */
939 static int
940 ptcwrite(struct dev_write_args *ap)
941 {
942 cdev_t dev = ap->a_head.a_dev;
943 struct tty *tp = dev->si_tty;
944 u_char *cp = NULL;
945 int cc = 0;
946 u_char locbuf[BUFSIZ];
947 int cnt = 0;
948 struct pt_ioctl *pti = dev->si_drv1;
949 int error = 0;
950
951 lwkt_gettoken(&tty_token);
952 again:
953 if ((tp->t_state&TS_ISOPEN) == 0)
954 goto block;
955 if (pti->pt_flags & PF_REMOTE) {
956 if (tp->t_canq.c_cc)
957 goto block;
958 while ((ap->a_uio->uio_resid > 0 || cc > 0) &&
959 tp->t_canq.c_cc < TTYHOG - 1) {
960 if (cc == 0) {
961 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ);
962 cc = imin(cc, TTYHOG - 1 - tp->t_canq.c_cc);
963 cp = locbuf;
964 error = uiomove(cp, (size_t)cc, ap->a_uio);
965 if (error) {
966 lwkt_reltoken(&tty_token);
967 return (error);
968 }
969 /* check again for safety */
970 if ((tp->t_state & TS_ISOPEN) == 0) {
971 /* adjust as usual */
972 ap->a_uio->uio_resid += cc;
973 lwkt_reltoken(&tty_token);
974 return (EIO);
975 }
976 }
977 if (cc > 0) {
978 cc = b_to_q((char *)cp, cc, &tp->t_canq);
979 /*
980 * XXX we don't guarantee that the canq size
981 * is >= TTYHOG, so the above b_to_q() may
982 * leave some bytes uncopied. However, space
983 * is guaranteed for the null terminator if
984 * we don't fail here since (TTYHOG - 1) is
985 * not a multiple of CBSIZE.
986 */
987 if (cc > 0)
988 break;
989 }
990 }
991 /* adjust for data copied in but not written */
992 ap->a_uio->uio_resid += cc;
993 clist_putc(0, &tp->t_canq);
994 ttwakeup(tp);
995 wakeup(TSA_PTS_READ(tp));
996 lwkt_reltoken(&tty_token);
997 return (0);
998 }
999 while (ap->a_uio->uio_resid > 0 || cc > 0) {
1000 if (cc == 0) {
1001 cc = (int)szmin(ap->a_uio->uio_resid, BUFSIZ);
1002 cp = locbuf;
1003 error = uiomove(cp, (size_t)cc, ap->a_uio);
1004 if (error) {
1005 lwkt_reltoken(&tty_token);
1006 return (error);
1007 }
1008 /* check again for safety */
1009 if ((tp->t_state & TS_ISOPEN) == 0) {
1010 /* adjust for data copied in but not written */
1011 ap->a_uio->uio_resid += cc;
1012 lwkt_reltoken(&tty_token);
1013 return (EIO);
1014 }
1015 }
1016 while (cc > 0) {
1017 if ((tp->t_rawq.c_cc + tp->t_canq.c_cc) >= TTYHOG - 2 &&
1018 (tp->t_canq.c_cc > 0 || !(tp->t_lflag&ICANON))) {
1019 wakeup(TSA_HUP_OR_INPUT(tp));
1020 goto block;
1021 }
1022 (*linesw[tp->t_line].l_rint)(*cp++, tp);
1023 cnt++;
1024 cc--;
1025 }
1026 cc = 0;
1027 }
1028 lwkt_reltoken(&tty_token);
1029 return (0);
1030 block:
1031 /*
1032 * Come here to wait for slave to open, for space
1033 * in outq, or space in rawq, or an empty canq.
1034 */
1035 if ((tp->t_state & TS_CONNECTED) == 0) {
1036 /* adjust for data copied in but not written */
1037 ap->a_uio->uio_resid += cc;
1038 lwkt_reltoken(&tty_token);
1039 return (EIO);
1040 }
1041 if (ap->a_ioflag & IO_NDELAY) {
1042 /* adjust for data copied in but not written */
1043 ap->a_uio->uio_resid += cc;
1044 if (cnt == 0) {
1045 lwkt_reltoken(&tty_token);
1046 return (EWOULDBLOCK);
1047 }
1048 lwkt_reltoken(&tty_token);
1049 return (0);
1050 }
1051 error = tsleep(TSA_PTC_WRITE(tp), PCATCH, "ptcout", 0);
1052 if (error) {
1053 /* adjust for data copied in but not written */
1054 ap->a_uio->uio_resid += cc;
1055 lwkt_reltoken(&tty_token);
1056 return (error);
1057 }
1058 goto again;
1059 }
1060
1061 /*ARGSUSED*/
1062 static int
1063 ptyioctl(struct dev_ioctl_args *ap)
1064 {
1065 cdev_t dev = ap->a_head.a_dev;
1066 struct tty *tp = dev->si_tty;
1067 struct pt_ioctl *pti = dev->si_drv1;
1068 u_char *cc = tp->t_cc;
1069 int stop, error;
1070
1071 lwkt_gettoken(&tty_token);
1072 if (dev_dflags(dev) & D_MASTER) {
1073 switch (ap->a_cmd) {
1074
1075 case TIOCGPGRP:
1076 /*
1077 * We avoid calling ttioctl on the controller since,
1078 * in that case, tp must be the controlling terminal.
1079 */
1080 *(int *)ap->a_data = tp->t_pgrp ? tp->t_pgrp->pg_id : 0;
1081 lwkt_reltoken(&tty_token);
1082 return (0);
1083
1084 case TIOCPKT:
1085 if (*(int *)ap->a_data) {
1086 if (pti->pt_flags & PF_UCNTL) {
1087 lwkt_reltoken(&tty_token);
1088 return (EINVAL);
1089 }
1090 pti->pt_flags |= PF_PKT;
1091 } else {
1092 pti->pt_flags &= ~PF_PKT;
1093 }
1094 lwkt_reltoken(&tty_token);
1095 return (0);
1096
1097 case TIOCUCNTL:
1098 if (*(int *)ap->a_data) {
1099 if (pti->pt_flags & PF_PKT) {
1100 lwkt_reltoken(&tty_token);
1101 return (EINVAL);
1102 }
1103 pti->pt_flags |= PF_UCNTL;
1104 } else {
1105 pti->pt_flags &= ~PF_UCNTL;
1106 }
1107 lwkt_reltoken(&tty_token);
1108 return (0);
1109
1110 case TIOCREMOTE:
1111 if (*(int *)ap->a_data)
1112 pti->pt_flags |= PF_REMOTE;
1113 else
1114 pti->pt_flags &= ~PF_REMOTE;
1115 ttyflush(tp, FREAD|FWRITE);
1116 lwkt_reltoken(&tty_token);
1117 return (0);
1118
1119 case TIOCISPTMASTER:
1120 if ((pti->pt_flags & PF_UNIX98) &&
1121 (pti->devc == dev)) {
1122 lwkt_reltoken(&tty_token);
1123 return (0);
1124 } else {
1125 lwkt_reltoken(&tty_token);
1126 return (EINVAL);
1127 }
1128 }
1129
1130 /*
1131 * The rest of the ioctls shouldn't be called until
1132 * the slave is open.
1133 */
1134 if ((tp->t_state & TS_ISOPEN) == 0) {
1135 lwkt_reltoken(&tty_token);
1136 return (EAGAIN);
1137 }
1138
1139 switch (ap->a_cmd) {
1140 case TIOCSETD:
1141 case TIOCSETA:
1142 case TIOCSETAW:
1143 case TIOCSETAF:
1144 /*
1145 * IF CONTROLLER STTY THEN MUST FLUSH TO PREVENT A HANG.
1146 * ttywflush(tp) will hang if there are characters in
1147 * the outq.
1148 */
1149 ndflush(&tp->t_outq, tp->t_outq.c_cc);
1150 break;
1151
1152 case TIOCSIG:
1153 if (*(unsigned int *)ap->a_data >= NSIG ||
1154 *(unsigned int *)ap->a_data == 0) {
1155 lwkt_reltoken(&tty_token);
1156 return(EINVAL);
1157 }
1158 if ((tp->t_lflag&NOFLSH) == 0)
1159 ttyflush(tp, FREAD|FWRITE);
1160 pgsignal(tp->t_pgrp, *(unsigned int *)ap->a_data, 1);
1161 if ((*(unsigned int *)ap->a_data == SIGINFO) &&
1162 ((tp->t_lflag&NOKERNINFO) == 0))
1163 ttyinfo(tp);
1164 lwkt_reltoken(&tty_token);
1165 return(0);
1166 }
1167 }
1168 if (ap->a_cmd == TIOCEXT) {
1169 /*
1170 * When the EXTPROC bit is being toggled, we need
1171 * to send an TIOCPKT_IOCTL if the packet driver
1172 * is turned on.
1173 */
1174 if (*(int *)ap->a_data) {
1175 if (pti->pt_flags & PF_PKT) {
1176 pti->pt_send |= TIOCPKT_IOCTL;
1177 ptcwakeup(tp, FREAD);
1178 }
1179 tp->t_lflag |= EXTPROC;
1180 } else {
1181 if ((tp->t_lflag & EXTPROC) &&
1182 (pti->pt_flags & PF_PKT)) {
1183 pti->pt_send |= TIOCPKT_IOCTL;
1184 ptcwakeup(tp, FREAD);
1185 }
1186 tp->t_lflag &= ~EXTPROC;
1187 }
1188 lwkt_reltoken(&tty_token);
1189 return(0);
1190 }
1191 error = (*linesw[tp->t_line].l_ioctl)(tp, ap->a_cmd, ap->a_data,
1192 ap->a_fflag, ap->a_cred);
1193 if (error == ENOIOCTL)
1194 error = ttioctl(tp, ap->a_cmd, ap->a_data, ap->a_fflag);
1195 if (error == ENOIOCTL) {
1196 if (pti->pt_flags & PF_UCNTL &&
1197 (ap->a_cmd & ~0xff) == UIOCCMD(0)) {
1198 if (ap->a_cmd & 0xff) {
1199 pti->pt_ucntl = (u_char)ap->a_cmd;
1200 ptcwakeup(tp, FREAD);
1201 }
1202 lwkt_reltoken(&tty_token);
1203 return (0);
1204 }
1205 error = ENOTTY;
1206 }
1207 /*
1208 * If external processing and packet mode send ioctl packet.
1209 */
1210 if ((tp->t_lflag&EXTPROC) && (pti->pt_flags & PF_PKT)) {
1211 switch(ap->a_cmd) {
1212 case TIOCSETA:
1213 case TIOCSETAW:
1214 case TIOCSETAF:
1215 pti->pt_send |= TIOCPKT_IOCTL;
1216 ptcwakeup(tp, FREAD);
1217 default:
1218 break;
1219 }
1220 }
1221 stop = (tp->t_iflag & IXON) && CCEQ(cc[VSTOP], CTRL('s'))
1222 && CCEQ(cc[VSTART], CTRL('q'));
1223 if (pti->pt_flags & PF_NOSTOP) {
1224 if (stop) {
1225 pti->pt_send &= ~TIOCPKT_NOSTOP;
1226 pti->pt_send |= TIOCPKT_DOSTOP;
1227 pti->pt_flags &= ~PF_NOSTOP;
1228 ptcwakeup(tp, FREAD);
1229 }
1230 } else {
1231 if (!stop) {
1232 pti->pt_send &= ~TIOCPKT_DOSTOP;
1233 pti->pt_send |= TIOCPKT_NOSTOP;
1234 pti->pt_flags |= PF_NOSTOP;
1235 ptcwakeup(tp, FREAD);
1236 }
1237 }
1238 lwkt_reltoken(&tty_token);
1239 return (error);
1240 }
1241
1242
1243 static void ptc_drvinit (void *unused);
1244
1245 SYSCTL_INT(_kern, OID_AUTO, pty_debug, CTLFLAG_RW, &pty_debug_level,
1246 0, "Change pty debug level");
1247
1248 static void
1249 ptc_drvinit(void *unused)
1250 {
1251 int i;
1252
1253 /*
1254 * Unix98 pty stuff.
1255 * Create the clonable base device.
1256 */
1257 make_autoclone_dev(&ptc_ops, &DEVFS_CLONE_BITMAP(pty), ptyclone,
1258 0, 0, 0666, "ptmx");
1259
1260 for (i = 0; i < 256; i++) {
1261 ptyinit(i);
1262 }
1263 }
1264
1265 SYSINIT(ptcdev, SI_SUB_DRIVERS, SI_ORDER_MIDDLE + CDEV_MAJOR_C, ptc_drvinit,
1266 NULL);
DragonFly BSD