4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
24 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
25 /* All Rights Reserved */
30 * Pseudo Terminal Master Driver.
32 * The pseudo-tty subsystem simulates a terminal connection, where the master
33 * side represents the terminal and the slave represents the user process's
34 * special device end point. The master device is set up as a cloned device
35 * where its major device number is the major for the clone device and its minor
36 * device number is the major for the ptm driver. There are no nodes in the file
37 * system for master devices. The master pseudo driver is opened using the
38 * open(2) system call with /dev/ptmx as the device parameter. The clone open
39 * finds the next available minor device for the ptm major device.
41 * A master device is available only if it and its corresponding slave device
42 * are not already open. When the master device is opened, the corresponding
43 * slave device is automatically locked out. Only one open is allowed on a
44 * master device. Multiple opens are allowed on the slave device. After both
45 * the master and slave have been opened, the user has two file descriptors
46 * which are the end points of a full duplex connection composed of two streams
47 * which are automatically connected at the master and slave drivers. The user
48 * may then push modules onto either side of the stream pair.
50 * The master and slave drivers pass all messages to their adjacent queues.
51 * Only the M_FLUSH needs some processing. Because the read queue of one side
52 * is connected to the write queue of the other, the FLUSHR flag is changed to
53 * the FLUSHW flag and vice versa. When the master device is closed an M_HANGUP
54 * message is sent to the slave device which will render the device
55 * unusable. The process on the slave side gets the EIO when attempting to write
56 * on that stream but it will be able to read any data remaining on the stream
57 * head read queue. When all the data has been read, read() returns 0
58 * indicating that the stream can no longer be used. On the last close of the
59 * slave device, a 0-length message is sent to the master device. When the
60 * application on the master side issues a read() or getmsg() and 0 is returned,
61 * the user of the master device decides whether to issue a close() that
62 * dismantles the pseudo-terminal subsystem. If the master device is not closed,
63 * the pseudo-tty subsystem will be available to another user to open the slave
66 * If O_NONBLOCK or O_NDELAY is set, read on the master side returns -1 with
67 * errno set to EAGAIN if no data is available, and write returns -1 with errno
68 * set to EAGAIN if there is internal flow control.
72 * ISPTM: determines whether the file descriptor is that of an open master
73 * device. Return code of zero indicates that the file descriptor
74 * represents master device.
76 * UNLKPT: unlocks the master and slave devices. It returns 0 on success. On
77 * failure, the errno is set to EINVAL indicating that the master
80 * ZONEPT: sets the zone membership of the associated pts device.
82 * GRPPT: sets the group owner of the associated pts device.
86 * All global data synchronization between ptm/pts is done via global
87 * ptms_lock mutex which is initialized at system boot time from
88 * ptms_initspace (called from space.c).
90 * Individual fields of pt_ttys structure (except ptm_rdq, pts_rdq and
91 * pt_nullmsg) are protected by pt_ttys.pt_lock mutex.
93 * PT_ENTER_READ/PT_ENTER_WRITE are reference counter based read-write locks
94 * which allow reader locks to be reacquired by the same thread (usual
95 * reader/writer locks can't be used for that purpose since it is illegal for
96 * a thread to acquire a lock it already holds, even as a reader). The sole
97 * purpose of these macros is to guarantee that the peer queue will not
98 * disappear (due to closing peer) while it is used. It is safe to use
99 * PT_ENTER_READ/PT_EXIT_READ brackets across calls like putq/putnext (since
100 * they are not real locks but reference counts).
102 * PT_ENTER_WRITE/PT_EXIT_WRITE brackets are used ONLY in master/slave
103 * open/close paths to modify ptm_rdq and pts_rdq fields. These fields should
104 * be set to appropriate queues *after* qprocson() is called during open (to
105 * prevent peer from accessing the queue with incomplete plumbing) and set to
106 * NULL before qprocsoff() is called during close.
108 * The pt_nullmsg field is only used in open/close routines and it is also
109 * protected by PT_ENTER_WRITE/PT_EXIT_WRITE brackets to avoid extra mutex
114 * If both ptms_lock and per-pty lock should be held, ptms_lock should always
115 * be entered first, followed by per-pty lock.
117 * See ptms.h, pts.c and ptms_conf.c for more information.
120 #include <sys/types.h>
121 #include <sys/param.h>
122 #include <sys/file.h>
123 #include <sys/sysmacros.h>
124 #include <sys/stream.h>
125 #include <sys/stropts.h>
126 #include <sys/proc.h>
127 #include <sys/errno.h>
128 #include <sys/debug.h>
129 #include <sys/cmn_err.h>
130 #include <sys/ptms.h>
131 #include <sys/stat.h>
132 #include <sys/strsun.h>
133 #include <sys/systm.h>
134 #include <sys/modctl.h>
135 #include <sys/conf.h>
137 #include <sys/sunddi.h>
138 #include <sys/zone.h>
142 #define DBG(a) if (ptm_debug) cmn_err(CE_NOTE, a)
147 static int ptmopen(queue_t
*, dev_t
*, int, int, cred_t
*);
148 static int ptmclose(queue_t
*, int, cred_t
*);
149 static void ptmwput(queue_t
*, mblk_t
*);
150 static void ptmrsrv(queue_t
*);
151 static void ptmwsrv(queue_t
*);
154 * Master Stream Pseudo Terminal Module: stream data structure definitions
157 static struct module_info ptm_info
= {
166 static struct qinit ptmrint
= {
176 static struct qinit ptmwint
= {
186 static struct streamtab ptminfo
= {
193 static int ptm_attach(dev_info_t
*, ddi_attach_cmd_t
);
194 static int ptm_detach(dev_info_t
*, ddi_detach_cmd_t
);
195 static int ptm_devinfo(dev_info_t
*, ddi_info_cmd_t
, void *, void **);
197 static dev_info_t
*ptm_dip
; /* private devinfo pointer */
200 * this will define (struct cb_ops cb_ptm_ops) and (struct dev_ops ptm_ops)
202 DDI_DEFINE_STREAM_OPS(ptm_ops
, nulldev
, nulldev
, ptm_attach
, ptm_detach
,
203 nodev
, ptm_devinfo
, D_MP
, &ptminfo
, ddi_quiesce_not_supported
);
206 * Module linkage information for the kernel.
209 static struct modldrv modldrv
= {
210 &mod_driverops
, /* Type of module. This one is a pseudo driver */
211 "Master streams driver 'ptm'",
212 &ptm_ops
, /* driver ops */
215 static struct modlinkage modlinkage
= {
226 if ((rc
= mod_install(&modlinkage
)) == 0)
234 return (mod_remove(&modlinkage
));
238 _info(struct modinfo
*modinfop
)
240 return (mod_info(&modlinkage
, modinfop
));
244 ptm_attach(dev_info_t
*devi
, ddi_attach_cmd_t cmd
)
246 if (cmd
!= DDI_ATTACH
)
247 return (DDI_FAILURE
);
249 if (ddi_create_minor_node(devi
, "ptmajor", S_IFCHR
,
250 0, DDI_PSEUDO
, NULL
) == DDI_FAILURE
) {
251 ddi_remove_minor_node(devi
, NULL
);
252 return (DDI_FAILURE
);
254 if (ddi_create_minor_node(devi
, "ptmx", S_IFCHR
,
255 0, DDI_PSEUDO
, CLONE_DEV
) == DDI_FAILURE
) {
256 ddi_remove_minor_node(devi
, NULL
);
257 return (DDI_FAILURE
);
261 return (DDI_SUCCESS
);
265 ptm_detach(dev_info_t
*devi
, ddi_detach_cmd_t cmd
)
267 if (cmd
!= DDI_DETACH
)
268 return (DDI_FAILURE
);
270 ddi_remove_minor_node(devi
, NULL
);
271 return (DDI_SUCCESS
);
276 ptm_devinfo(dev_info_t
*dip
, ddi_info_cmd_t infocmd
, void *arg
,
282 case DDI_INFO_DEVT2DEVINFO
:
283 if (ptm_dip
== NULL
) {
286 *result
= (void *)ptm_dip
;
290 case DDI_INFO_DEVT2INSTANCE
:
303 * Open a minor of the master device. Store the write queue pointer and set the
304 * pt_state field to (PTMOPEN | PTLOCK).
305 * This code will work properly with both clone opens and direct opens of the
310 queue_t
*rqp
, /* pointer to the read side queue */
311 dev_t
*devp
, /* pointer to stream tail's dev */
312 int oflag
, /* the user open(2) supplied flags */
313 int sflag
, /* open state flag */
314 cred_t
*credp
) /* credentials */
316 struct pt_ttys
*ptmp
;
317 mblk_t
*mop
; /* ptr to a setopts message block */
318 struct stroptions
*sop
;
319 minor_t dminor
= getminor(*devp
);
322 if (rqp
->q_ptr
!= NULL
)
328 if (!(sflag
& CLONEOPEN
) && dminor
!= 0) {
330 * This is a direct open to specific master device through an
331 * artificially created entry with specific minor in
332 * /dev/directory. Such behavior is not supported.
338 * The master open requires that the slave be attached
339 * before it returns so that attempts to open the slave will
342 if (ptms_attach_slave() != 0) {
346 mop
= allocb(sizeof (struct stroptions
), BPRI_MED
);
348 DDBG("ptmopen(): mop allocation failed\n", 0);
352 if ((ptmp
= pt_ttys_alloc()) == NULL
) {
353 DDBG("ptmopen(): pty allocation failed\n", 0);
358 dminor
= ptmp
->pt_minor
;
360 DDBGP("ptmopen(): allocated ptmp %p\n", (uintptr_t)ptmp
);
361 DDBG("ptmopen(): allocated minor %d\n", dminor
);
363 WR(rqp
)->q_ptr
= rqp
->q_ptr
= ptmp
;
367 /* Allow slave to send messages to master */
368 PT_ENTER_WRITE(ptmp
);
373 * set up hi/lo water marks on stream head read queue
374 * and add controlling tty if not set
376 mop
->b_datap
->db_type
= M_SETOPTS
;
377 mop
->b_wptr
+= sizeof (struct stroptions
);
378 sop
= (struct stroptions
*)mop
->b_rptr
;
380 sop
->so_flags
= SO_HIWAT
| SO_LOWAT
;
382 sop
->so_flags
= SO_HIWAT
| SO_LOWAT
| SO_ISTTY
;
388 * The input, devp, is a major device number, the output is put
389 * into the same parm as a major,minor pair.
391 *devp
= makedevice(getmajor(*devp
), dminor
);
398 * Find the address to private data identifying the slave's write queue.
399 * Send a hang-up message up the slave's read queue to designate the
400 * master/slave pair is tearing down. Uattach the master and slave by
401 * nulling out the write queue fields in the private data structure.
402 * Finally, unlock the master/slave pair and mark the master as closed.
406 ptmclose(queue_t
*rqp
, int flag
, cred_t
*credp
)
408 struct pt_ttys
*ptmp
;
413 ptmp
= (struct pt_ttys
*)rqp
->q_ptr
;
416 pts_rdq
= ptmp
->pts_rdq
;
417 if (pts_rdq
->q_next
) {
418 DBG(("send hangup message to slave\n"));
419 (void) putnextctl(pts_rdq
, M_HANGUP
);
424 * ptm_rdq should be cleared before call to qprocsoff() to prevent pts
425 * write procedure to attempt using ptm_rdq after qprocsoff.
427 PT_ENTER_WRITE(ptmp
);
428 ptmp
->ptm_rdq
= NULL
;
429 freemsg(ptmp
->pt_nullmsg
);
430 ptmp
->pt_nullmsg
= NULL
;
432 * qenable slave side write queue so that it can flush
433 * its messages as master's read queue is going away
436 qenable(WR(ptmp
->pts_rdq
));
441 /* Finish the close */
443 WR(rqp
)->q_ptr
= NULL
;
445 ptms_close(ptmp
, PTMOPEN
| PTLOCK
);
451 * The wput procedure will only handle ioctl and flush messages.
454 ptmwput(queue_t
*qp
, mblk_t
*mp
)
456 struct pt_ttys
*ptmp
;
459 DBG(("entering ptmwput\n"));
462 ptmp
= (struct pt_ttys
*)qp
->q_ptr
;
465 switch (mp
->b_datap
->db_type
) {
467 * if write queue request, flush master's write
468 * queue and send FLUSHR up slave side. If read
469 * queue request, convert to FLUSHW and putnext().
473 unsigned char flush_flg
= 0;
475 DBG(("ptm got flush request\n"));
476 if (*mp
->b_rptr
& FLUSHW
) {
477 DBG(("got FLUSHW, flush ptm write Q\n"));
478 if (*mp
->b_rptr
& FLUSHBAND
)
480 * if it is a FLUSHBAND, do flushband.
482 flushband(qp
, *(mp
->b_rptr
+ 1),
485 flushq(qp
, FLUSHDATA
);
486 flush_flg
= (*mp
->b_rptr
& ~FLUSHW
) | FLUSHR
;
488 if (*mp
->b_rptr
& FLUSHR
) {
489 DBG(("got FLUSHR, set FLUSHW\n"));
490 flush_flg
|= (*mp
->b_rptr
& ~FLUSHR
) | FLUSHW
;
492 if (flush_flg
!= 0 && ptmp
->pts_rdq
&&
493 !(ptmp
->pt_state
& PTLOCK
)) {
494 DBG(("putnext to pts\n"));
495 *mp
->b_rptr
= flush_flg
;
496 putnext(ptmp
->pts_rdq
, mp
);
503 iocp
= (struct iocblk
*)mp
->b_rptr
;
504 switch (iocp
->ioc_cmd
) {
506 if ((ptmp
->pt_state
& PTLOCK
) ||
507 (ptmp
->pts_rdq
== NULL
)) {
508 DBG(("got M_IOCTL but no slave\n"));
509 miocnak(qp
, mp
, 0, EINVAL
);
516 mutex_enter(&ptmp
->pt_lock
);
517 ptmp
->pt_state
&= ~PTLOCK
;
518 mutex_exit(&ptmp
->pt_lock
);
521 DBG(("ack the UNLKPT/ISPTM\n"));
522 miocack(qp
, mp
, 0, 0);
529 if ((error
= drv_priv(iocp
->ioc_cr
)) != 0) {
530 miocnak(qp
, mp
, 0, error
);
533 if ((error
= miocpullup(mp
, sizeof (zoneid_t
))) != 0) {
534 miocnak(qp
, mp
, 0, error
);
537 z
= *((zoneid_t
*)mp
->b_cont
->b_rptr
);
538 if (z
< MIN_ZONEID
|| z
> MAX_ZONEID
) {
539 miocnak(qp
, mp
, 0, EINVAL
);
543 mutex_enter(&ptmp
->pt_lock
);
545 mutex_exit(&ptmp
->pt_lock
);
546 miocack(qp
, mp
, 0, 0);
555 if ((error
= miocpullup(mp
, sizeof (pt_own_t
))) != 0) {
556 miocnak(qp
, mp
, 0, error
);
560 zone
= zone_find_by_id(ptmp
->pt_zoneid
);
561 ptop
= (pt_own_t
*)mp
->b_cont
->b_rptr
;
563 if (!VALID_UID(ptop
->pto_ruid
, zone
) ||
564 !VALID_GID(ptop
->pto_rgid
, zone
)) {
566 miocnak(qp
, mp
, 0, EINVAL
);
570 mutex_enter(&ptmp
->pt_lock
);
571 ptmp
->pt_ruid
= ptop
->pto_ruid
;
572 ptmp
->pt_rgid
= ptop
->pto_rgid
;
573 mutex_exit(&ptmp
->pt_lock
);
574 miocack(qp
, mp
, 0, 0);
581 /* Caused by ldterm - can not pass to slave */
586 * send other messages to slave
589 if ((ptmp
->pt_state
& PTLOCK
) || (ptmp
->pts_rdq
== NULL
)) {
590 DBG(("got msg. but no slave\n"));
591 mp
= mexchange(NULL
, mp
, 2, M_ERROR
, -1);
593 mp
->b_rptr
[0] = NOERROR
;
594 mp
->b_rptr
[1] = EINVAL
;
600 DBG(("put msg on master's write queue\n"));
604 DBG(("return from ptmwput()\n"));
610 * enable the write side of the slave. This triggers the
611 * slave to send any messages queued on its write side to
612 * the read side of this master.
617 struct pt_ttys
*ptmp
;
619 DBG(("entering ptmrsrv\n"));
622 ptmp
= (struct pt_ttys
*)qp
->q_ptr
;
625 qenable(WR(ptmp
->pts_rdq
));
628 DBG(("leaving ptmrsrv\n"));
633 * If there are messages on this queue that can be sent to
634 * slave, send them via putnext(). Else, if queued messages
635 * cannot be sent, leave them on this queue. If priority
636 * messages on this queue, send them to slave no matter what.
641 struct pt_ttys
*ptmp
;
644 DBG(("entering ptmwsrv\n"));
647 ptmp
= (struct pt_ttys
*)qp
->q_ptr
;
649 if ((mp
= getq(qp
)) == NULL
) {
650 /* If there are no messages there's nothing to do. */
651 DBG(("leaving ptmwsrv (no messages)\n"));
656 if ((ptmp
->pt_state
& PTLOCK
) || (ptmp
->pts_rdq
== NULL
)) {
657 DBG(("in master write srv proc but no slave\n"));
659 * Free messages on the write queue and send
660 * NAK for any M_IOCTL type messages to wakeup
661 * the user process waiting for ACK/NAK from
662 * the ioctl invocation
665 if (mp
->b_datap
->db_type
== M_IOCTL
)
666 miocnak(qp
, mp
, 0, EINVAL
);
669 } while ((mp
= getq(qp
)) != NULL
);
670 flushq(qp
, FLUSHALL
);
672 mp
= mexchange(NULL
, NULL
, 2, M_ERROR
, -1);
674 mp
->b_rptr
[0] = NOERROR
;
675 mp
->b_rptr
[1] = EINVAL
;
682 * while there are messages on this write queue...
686 * if don't have control message and cannot put
687 * msg. on slave's read queue, put it back on
690 if (mp
->b_datap
->db_type
<= QPCTL
&&
691 !bcanputnext(ptmp
->pts_rdq
, mp
->b_band
)) {
692 DBG(("put msg. back on queue\n"));
693 (void) putbq(qp
, mp
);
697 * else send the message up slave's stream
699 DBG(("send message to slave\n"));
700 putnext(ptmp
->pts_rdq
, mp
);
701 } while ((mp
= getq(qp
)) != NULL
);
702 DBG(("leaving ptmwsrv\n"));