1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2002-2020 M. Warner Losh <imp@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 #include <sys/cdefs.h> 29 #include "opt_bus.h" 30 #include "opt_ddb.h" 31 32 #include <sys/param.h> 33 #include <sys/conf.h> 34 #include <sys/eventhandler.h> 35 #include <sys/filio.h> 36 #include <sys/lock.h> 37 #include <sys/kernel.h> 38 #include <sys/malloc.h> 39 #include <sys/mutex.h> 40 #include <sys/poll.h> 41 #include <sys/priv.h> 42 #include <sys/proc.h> 43 #include <sys/condvar.h> 44 #include <sys/queue.h> 45 #include <machine/bus.h> 46 #include <sys/sbuf.h> 47 #include <sys/selinfo.h> 48 #include <sys/smp.h> 49 #include <sys/sysctl.h> 50 #include <sys/systm.h> 51 #include <sys/uio.h> 52 #include <sys/bus.h> 53 54 #include <machine/cpu.h> 55 #include <machine/stdarg.h> 56 57 #include <vm/uma.h> 58 #include <vm/vm.h> 59 60 #include <ddb/ddb.h> 61 62 STAILQ_HEAD(devq, dev_event_info); 63 64 static struct dev_softc { 65 int inuse; 66 int nonblock; 67 int queued; 68 int async; 69 struct mtx mtx; 70 struct cv cv; 71 struct selinfo sel; 72 struct devq devq; 73 struct sigio *sigio; 74 uma_zone_t zone; 75 } devsoftc; 76 77 /* 78 * This design allows only one reader for /dev/devctl. This is not desirable 79 * in the long run, but will get a lot of hair out of this implementation. 80 * Maybe we should make this device a clonable device. 81 * 82 * Also note: we specifically do not attach a device to the device_t tree 83 * to avoid potential chicken and egg problems. One could argue that all 84 * of this belongs to the root node. 85 */ 86 87 #define DEVCTL_DEFAULT_QUEUE_LEN 1000 88 static int sysctl_devctl_queue(SYSCTL_HANDLER_ARGS); 89 static int devctl_queue_length = DEVCTL_DEFAULT_QUEUE_LEN; 90 SYSCTL_PROC(_hw_bus, OID_AUTO, devctl_queue, CTLTYPE_INT | CTLFLAG_RWTUN | 91 CTLFLAG_MPSAFE, NULL, 0, sysctl_devctl_queue, "I", "devctl queue length"); 92 93 static void devctl_attach_handler(void *arg __unused, device_t dev); 94 static void devctl_detach_handler(void *arg __unused, device_t dev, 95 enum evhdev_detach state); 96 static void devctl_nomatch_handler(void *arg __unused, device_t dev); 97 98 static d_open_t devopen; 99 static d_close_t devclose; 100 static d_read_t devread; 101 static d_ioctl_t devioctl; 102 static d_poll_t devpoll; 103 static d_kqfilter_t devkqfilter; 104 105 #define DEVCTL_BUFFER (1024 - sizeof(void *)) 106 struct dev_event_info { 107 STAILQ_ENTRY(dev_event_info) dei_link; 108 char dei_data[DEVCTL_BUFFER]; 109 }; 110 111 112 static struct cdevsw dev_cdevsw = { 113 .d_version = D_VERSION, 114 .d_open = devopen, 115 .d_close = devclose, 116 .d_read = devread, 117 .d_ioctl = devioctl, 118 .d_poll = devpoll, 119 .d_kqfilter = devkqfilter, 120 .d_name = "devctl", 121 }; 122 123 static void filt_devctl_detach(struct knote *kn); 124 static int filt_devctl_read(struct knote *kn, long hint); 125 126 static struct filterops devctl_rfiltops = { 127 .f_isfd = 1, 128 .f_detach = filt_devctl_detach, 129 .f_event = filt_devctl_read, 130 }; 131 132 static struct cdev *devctl_dev; 133 static void devaddq(const char *type, const char *what, device_t dev); 134 135 static struct devctlbridge { 136 send_event_f *send_f; 137 } devctl_notify_hook = { .send_f = NULL }; 138 139 static void 140 devctl_init(void) 141 { 142 int reserve; 143 uma_zone_t z; 144 145 devctl_dev = make_dev_credf(MAKEDEV_ETERNAL, &dev_cdevsw, 0, NULL, 146 UID_ROOT, GID_WHEEL, 0600, "devctl"); 147 mtx_init(&devsoftc.mtx, "dev mtx", "devd", MTX_DEF); 148 cv_init(&devsoftc.cv, "dev cv"); 149 STAILQ_INIT(&devsoftc.devq); 150 knlist_init_mtx(&devsoftc.sel.si_note, &devsoftc.mtx); 151 if (devctl_queue_length > 0) { 152 /* 153 * Allocate a zone for the messages. Preallocate 2% of these for 154 * a reserve. Allow only devctl_queue_length slabs to cap memory 155 * usage. The reserve usually allows coverage of surges of 156 * events during memory shortages. Normally we won't have to 157 * re-use events from the queue, but will in extreme shortages. 158 */ 159 z = devsoftc.zone = uma_zcreate("DEVCTL", 160 sizeof(struct dev_event_info), NULL, NULL, NULL, NULL, 161 UMA_ALIGN_PTR, 0); 162 reserve = max(devctl_queue_length / 50, 100); /* 2% reserve */ 163 uma_zone_set_max(z, devctl_queue_length); 164 uma_zone_set_maxcache(z, 0); 165 uma_zone_reserve(z, reserve); 166 uma_prealloc(z, reserve); 167 } 168 EVENTHANDLER_REGISTER(device_attach, devctl_attach_handler, 169 NULL, EVENTHANDLER_PRI_LAST); 170 EVENTHANDLER_REGISTER(device_detach, devctl_detach_handler, 171 NULL, EVENTHANDLER_PRI_LAST); 172 EVENTHANDLER_REGISTER(device_nomatch, devctl_nomatch_handler, 173 NULL, EVENTHANDLER_PRI_LAST); 174 } 175 SYSINIT(devctl_init, SI_SUB_DRIVERS, SI_ORDER_SECOND, devctl_init, NULL); 176 177 /* 178 * A device was added to the tree. We are called just after it successfully 179 * attaches (that is, probe and attach success for this device). No call 180 * is made if a device is merely parented into the tree. See devnomatch 181 * if probe fails. If attach fails, no notification is sent (but maybe 182 * we should have a different message for this). 183 */ 184 static void 185 devctl_attach_handler(void *arg __unused, device_t dev) 186 { 187 devaddq("+", device_get_nameunit(dev), dev); 188 } 189 190 /* 191 * A device was removed from the tree. We are called just before this 192 * happens. 193 */ 194 static void 195 devctl_detach_handler(void *arg __unused, device_t dev, enum evhdev_detach state) 196 { 197 if (state == EVHDEV_DETACH_COMPLETE) 198 devaddq("-", device_get_nameunit(dev), dev); 199 } 200 201 /* 202 * Called when there's no match for this device. This is only called 203 * the first time that no match happens, so we don't keep getting this 204 * message. Should that prove to be undesirable, we can change it. 205 * This is called when all drivers that can attach to a given bus 206 * decline to accept this device. Other errors may not be detected. 207 */ 208 static void 209 devctl_nomatch_handler(void *arg __unused, device_t dev) 210 { 211 devaddq("?", "", dev); 212 } 213 214 static int 215 devopen(struct cdev *dev, int oflags, int devtype, struct thread *td) 216 { 217 mtx_lock(&devsoftc.mtx); 218 if (devsoftc.inuse) { 219 mtx_unlock(&devsoftc.mtx); 220 return (EBUSY); 221 } 222 /* move to init */ 223 devsoftc.inuse = 1; 224 mtx_unlock(&devsoftc.mtx); 225 return (0); 226 } 227 228 static int 229 devclose(struct cdev *dev, int fflag, int devtype, struct thread *td) 230 { 231 mtx_lock(&devsoftc.mtx); 232 devsoftc.inuse = 0; 233 devsoftc.nonblock = 0; 234 devsoftc.async = 0; 235 cv_broadcast(&devsoftc.cv); 236 funsetown(&devsoftc.sigio); 237 mtx_unlock(&devsoftc.mtx); 238 return (0); 239 } 240 241 /* 242 * The read channel for this device is used to report changes to 243 * userland in realtime. We are required to free the data as well as 244 * the n1 object because we allocate them separately. Also note that 245 * we return one record at a time. If you try to read this device a 246 * character at a time, you will lose the rest of the data. Listening 247 * programs are expected to cope. 248 */ 249 static int 250 devread(struct cdev *dev, struct uio *uio, int ioflag) 251 { 252 struct dev_event_info *n1; 253 int rv; 254 255 mtx_lock(&devsoftc.mtx); 256 while (STAILQ_EMPTY(&devsoftc.devq)) { 257 if (devsoftc.nonblock) { 258 mtx_unlock(&devsoftc.mtx); 259 return (EAGAIN); 260 } 261 rv = cv_wait_sig(&devsoftc.cv, &devsoftc.mtx); 262 if (rv) { 263 /* 264 * Need to translate ERESTART to EINTR here? -- jake 265 */ 266 mtx_unlock(&devsoftc.mtx); 267 return (rv); 268 } 269 } 270 n1 = STAILQ_FIRST(&devsoftc.devq); 271 STAILQ_REMOVE_HEAD(&devsoftc.devq, dei_link); 272 devsoftc.queued--; 273 mtx_unlock(&devsoftc.mtx); 274 rv = uiomove(n1->dei_data, strlen(n1->dei_data), uio); 275 uma_zfree(devsoftc.zone, n1); 276 return (rv); 277 } 278 279 static int 280 devioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, struct thread *td) 281 { 282 switch (cmd) { 283 case FIONBIO: 284 if (*(int*)data) 285 devsoftc.nonblock = 1; 286 else 287 devsoftc.nonblock = 0; 288 return (0); 289 case FIOASYNC: 290 if (*(int*)data) 291 devsoftc.async = 1; 292 else 293 devsoftc.async = 0; 294 return (0); 295 case FIOSETOWN: 296 return fsetown(*(int *)data, &devsoftc.sigio); 297 case FIOGETOWN: 298 *(int *)data = fgetown(&devsoftc.sigio); 299 return (0); 300 301 /* (un)Support for other fcntl() calls. */ 302 case FIOCLEX: 303 case FIONCLEX: 304 case FIONREAD: 305 default: 306 break; 307 } 308 return (ENOTTY); 309 } 310 311 static int 312 devpoll(struct cdev *dev, int events, struct thread *td) 313 { 314 int revents = 0; 315 316 mtx_lock(&devsoftc.mtx); 317 if (events & (POLLIN | POLLRDNORM)) { 318 if (!STAILQ_EMPTY(&devsoftc.devq)) 319 revents = events & (POLLIN | POLLRDNORM); 320 else 321 selrecord(td, &devsoftc.sel); 322 } 323 mtx_unlock(&devsoftc.mtx); 324 325 return (revents); 326 } 327 328 static int 329 devkqfilter(struct cdev *dev, struct knote *kn) 330 { 331 int error; 332 333 if (kn->kn_filter == EVFILT_READ) { 334 kn->kn_fop = &devctl_rfiltops; 335 knlist_add(&devsoftc.sel.si_note, kn, 0); 336 error = 0; 337 } else 338 error = EINVAL; 339 return (error); 340 } 341 342 static void 343 filt_devctl_detach(struct knote *kn) 344 { 345 knlist_remove(&devsoftc.sel.si_note, kn, 0); 346 } 347 348 static int 349 filt_devctl_read(struct knote *kn, long hint) 350 { 351 kn->kn_data = devsoftc.queued; 352 return (kn->kn_data != 0); 353 } 354 355 /** 356 * @brief Return whether the userland process is running 357 */ 358 bool 359 devctl_process_running(void) 360 { 361 return (devsoftc.inuse == 1); 362 } 363 364 static struct dev_event_info * 365 devctl_alloc_dei(void) 366 { 367 struct dev_event_info *dei = NULL; 368 369 mtx_lock(&devsoftc.mtx); 370 if (devctl_queue_length == 0) 371 goto out; 372 dei = uma_zalloc(devsoftc.zone, M_NOWAIT); 373 if (dei == NULL) 374 dei = uma_zalloc(devsoftc.zone, M_NOWAIT | M_USE_RESERVE); 375 if (dei == NULL) { 376 /* 377 * Guard against no items in the queue. Normally, this won't 378 * happen, but if lots of events happen all at once and there's 379 * a chance we're out of allocated space but none have yet been 380 * queued when we get here, leaving nothing to steal. This can 381 * also happen with error injection. Fail safe by returning 382 * NULL in that case.. 383 */ 384 if (devsoftc.queued == 0) 385 goto out; 386 dei = STAILQ_FIRST(&devsoftc.devq); 387 STAILQ_REMOVE_HEAD(&devsoftc.devq, dei_link); 388 devsoftc.queued--; 389 } 390 MPASS(dei != NULL); 391 *dei->dei_data = '\0'; 392 out: 393 mtx_unlock(&devsoftc.mtx); 394 return (dei); 395 } 396 397 static struct dev_event_info * 398 devctl_alloc_dei_sb(struct sbuf *sb) 399 { 400 struct dev_event_info *dei; 401 402 dei = devctl_alloc_dei(); 403 if (dei != NULL) 404 sbuf_new(sb, dei->dei_data, sizeof(dei->dei_data), SBUF_FIXEDLEN); 405 return (dei); 406 } 407 408 static void 409 devctl_free_dei(struct dev_event_info *dei) 410 { 411 uma_zfree(devsoftc.zone, dei); 412 } 413 414 static void 415 devctl_queue(struct dev_event_info *dei) 416 { 417 mtx_lock(&devsoftc.mtx); 418 STAILQ_INSERT_TAIL(&devsoftc.devq, dei, dei_link); 419 devsoftc.queued++; 420 cv_broadcast(&devsoftc.cv); 421 KNOTE_LOCKED(&devsoftc.sel.si_note, 0); 422 mtx_unlock(&devsoftc.mtx); 423 selwakeup(&devsoftc.sel); 424 if (devsoftc.async && devsoftc.sigio != NULL) 425 pgsigio(&devsoftc.sigio, SIGIO, 0); 426 } 427 428 /** 429 * @brief Send a 'notification' to userland, using standard ways 430 */ 431 void 432 devctl_notify(const char *system, const char *subsystem, const char *type, 433 const char *data) 434 { 435 struct dev_event_info *dei; 436 struct sbuf sb; 437 438 if (system == NULL || subsystem == NULL || type == NULL) 439 return; 440 if (devctl_notify_hook.send_f != NULL) 441 devctl_notify_hook.send_f(system, subsystem, type, data); 442 dei = devctl_alloc_dei_sb(&sb); 443 if (dei == NULL) 444 return; 445 sbuf_cpy(&sb, "!system="); 446 sbuf_cat(&sb, system); 447 sbuf_cat(&sb, " subsystem="); 448 sbuf_cat(&sb, subsystem); 449 sbuf_cat(&sb, " type="); 450 sbuf_cat(&sb, type); 451 if (data != NULL) { 452 sbuf_putc(&sb, ' '); 453 sbuf_cat(&sb, data); 454 } 455 sbuf_putc(&sb, '\n'); 456 if (sbuf_finish(&sb) != 0) 457 devctl_free_dei(dei); /* overflow -> drop it */ 458 else 459 devctl_queue(dei); 460 } 461 462 /* 463 * Common routine that tries to make sending messages as easy as possible. 464 * We allocate memory for the data, copy strings into that, but do not 465 * free it unless there's an error. The dequeue part of the driver should 466 * free the data. We don't send data when the device is disabled. We do 467 * send data, even when we have no listeners, because we wish to avoid 468 * races relating to startup and restart of listening applications. 469 * 470 * devaddq is designed to string together the type of event, with the 471 * object of that event, plus the plug and play info and location info 472 * for that event. This is likely most useful for devices, but less 473 * useful for other consumers of this interface. Those should use 474 * the devctl_notify() interface instead. 475 * 476 * Output: 477 * ${type}${what} at $(location dev) $(pnp-info dev) on $(parent dev) 478 */ 479 static void 480 devaddq(const char *type, const char *what, device_t dev) 481 { 482 struct dev_event_info *dei; 483 const char *parstr; 484 struct sbuf sb; 485 size_t beginlen; 486 487 dei = devctl_alloc_dei_sb(&sb); 488 if (dei == NULL) 489 return; 490 sbuf_cpy(&sb, type); 491 sbuf_cat(&sb, what); 492 sbuf_cat(&sb, " at "); 493 beginlen = sbuf_len(&sb); 494 495 /* Add in the location */ 496 bus_child_location(dev, &sb); 497 sbuf_putc(&sb, ' '); 498 499 /* Add in pnpinfo */ 500 bus_child_pnpinfo(dev, &sb); 501 502 /* Get the parent of this device, or / if high enough in the tree. */ 503 if (device_get_parent(dev) == NULL) 504 parstr = "."; /* Or '/' ? */ 505 else 506 parstr = device_get_nameunit(device_get_parent(dev)); 507 sbuf_cat(&sb, " on "); 508 sbuf_cat(&sb, parstr); 509 sbuf_putc(&sb, '\n'); 510 if (sbuf_finish(&sb) != 0) 511 goto bad; 512 if (devctl_notify_hook.send_f != NULL) { 513 const char *t; 514 515 switch (*type) { 516 case '+': 517 t = "ATTACH"; 518 break; 519 case '-': 520 t = "DETACH"; 521 break; 522 default: 523 t = "NOMATCH"; 524 break; 525 } 526 devctl_notify_hook.send_f("device", 527 what, t, sbuf_data(&sb) + beginlen); 528 } 529 devctl_queue(dei); 530 return; 531 bad: 532 devctl_free_dei(dei); 533 } 534 535 static int 536 sysctl_devctl_queue(SYSCTL_HANDLER_ARGS) 537 { 538 int q, error; 539 540 q = devctl_queue_length; 541 error = sysctl_handle_int(oidp, &q, 0, req); 542 if (error || !req->newptr) 543 return (error); 544 if (q < 0) 545 return (EINVAL); 546 547 /* 548 * When set as a tunable, we've not yet initialized the mutex. 549 * It is safe to just assign to devctl_queue_length and return 550 * as we're racing no one. We'll use whatever value set in 551 * devinit. 552 */ 553 if (!mtx_initialized(&devsoftc.mtx)) { 554 devctl_queue_length = q; 555 return (0); 556 } 557 558 /* 559 * XXX It's hard to grow or shrink the UMA zone. Only allow 560 * disabling the queue size for the moment until underlying 561 * UMA issues can be sorted out. 562 */ 563 if (q != 0) 564 return (EINVAL); 565 if (q == devctl_queue_length) 566 return (0); 567 mtx_lock(&devsoftc.mtx); 568 devctl_queue_length = 0; 569 uma_zdestroy(devsoftc.zone); 570 devsoftc.zone = 0; 571 mtx_unlock(&devsoftc.mtx); 572 return (0); 573 } 574 575 /** 576 * @brief safely quotes strings that might have double quotes in them. 577 * 578 * The devctl protocol relies on quoted strings having matching quotes. 579 * This routine quotes any internal quotes so the resulting string 580 * is safe to pass to snprintf to construct, for example pnp info strings. 581 * 582 * @param sb sbuf to place the characters into 583 * @param src Original buffer. 584 */ 585 void 586 devctl_safe_quote_sb(struct sbuf *sb, const char *src) 587 { 588 while (*src != '\0') { 589 if (*src == '"' || *src == '\\') 590 sbuf_putc(sb, '\\'); 591 sbuf_putc(sb, *src++); 592 } 593 } 594 595 void 596 devctl_set_notify_hook(send_event_f *hook) 597 { 598 devctl_notify_hook.send_f = hook; 599 } 600 601 void 602 devctl_unset_notify_hook(void) 603 { 604 devctl_notify_hook.send_f = NULL; 605 } 606 607