1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2008 Ed Schouten <ed@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Portions of this software were developed under sponsorship from Snow 8 * B.V., the Netherlands. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #include "opt_capsicum.h" 34 #include "opt_printf.h" 35 36 #include <sys/param.h> 37 #include <sys/capsicum.h> 38 #include <sys/conf.h> 39 #include <sys/cons.h> 40 #include <sys/fcntl.h> 41 #include <sys/file.h> 42 #include <sys/filedesc.h> 43 #include <sys/filio.h> 44 #ifdef COMPAT_43TTY 45 #include <sys/ioctl_compat.h> 46 #endif /* COMPAT_43TTY */ 47 #include <sys/jail.h> 48 #include <sys/kernel.h> 49 #include <sys/limits.h> 50 #include <sys/malloc.h> 51 #include <sys/mount.h> 52 #include <sys/poll.h> 53 #include <sys/priv.h> 54 #include <sys/proc.h> 55 #include <sys/serial.h> 56 #include <sys/signal.h> 57 #include <sys/stat.h> 58 #include <sys/sx.h> 59 #include <sys/sysctl.h> 60 #include <sys/systm.h> 61 #include <sys/tty.h> 62 #include <sys/ttycom.h> 63 #define TTYDEFCHARS 64 #include <sys/ttydefaults.h> 65 #undef TTYDEFCHARS 66 #include <sys/ucred.h> 67 #include <sys/vnode.h> 68 69 #include <fs/devfs/devfs.h> 70 71 #include <machine/stdarg.h> 72 73 static MALLOC_DEFINE(M_TTY, "tty", "tty device"); 74 75 static void tty_rel_free(struct tty *tp); 76 77 static TAILQ_HEAD(, tty) tty_list = TAILQ_HEAD_INITIALIZER(tty_list); 78 static struct sx tty_list_sx; 79 SX_SYSINIT(tty_list, &tty_list_sx, "tty list"); 80 static unsigned int tty_list_count = 0; 81 82 /* Character device of /dev/console. */ 83 static struct cdev *dev_console; 84 static const char *dev_console_filename; 85 86 /* 87 * Flags that are supported and stored by this implementation. 88 */ 89 #define TTYSUP_IFLAG (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK|ISTRIP|INLCR|\ 90 IGNCR|ICRNL|IXON|IXOFF|IXANY|IMAXBEL|IUTF8) 91 #define TTYSUP_OFLAG (OPOST|ONLCR|TAB3|ONOEOT|OCRNL|ONOCR|ONLRET) 92 #define TTYSUP_LFLAG (ECHOKE|ECHOE|ECHOK|ECHO|ECHONL|ECHOPRT|\ 93 ECHOCTL|ISIG|ICANON|ALTWERASE|IEXTEN|TOSTOP|\ 94 FLUSHO|NOKERNINFO|NOFLSH) 95 #define TTYSUP_CFLAG (CIGNORE|CSIZE|CSTOPB|CREAD|PARENB|PARODD|\ 96 HUPCL|CLOCAL|CCTS_OFLOW|CRTS_IFLOW|CDTR_IFLOW|\ 97 CDSR_OFLOW|CCAR_OFLOW|CNO_RTSDTR) 98 99 #define TTY_CALLOUT(tp,d) (dev2unit(d) & TTYUNIT_CALLOUT) 100 101 static int tty_drainwait = 5 * 60; 102 SYSCTL_INT(_kern, OID_AUTO, tty_drainwait, CTLFLAG_RWTUN, 103 &tty_drainwait, 0, "Default output drain timeout in seconds"); 104 105 /* 106 * Set TTY buffer sizes. 107 */ 108 109 #define TTYBUF_MAX 65536 110 111 #ifdef PRINTF_BUFR_SIZE 112 #define TTY_PRBUF_SIZE PRINTF_BUFR_SIZE 113 #else 114 #define TTY_PRBUF_SIZE 256 115 #endif 116 117 /* 118 * Allocate buffer space if necessary, and set low watermarks, based on speed. 119 * Note that the ttyxxxq_setsize() functions may drop and then reacquire the tty 120 * lock during memory allocation. They will return ENXIO if the tty disappears 121 * while unlocked. 122 */ 123 static int 124 tty_watermarks(struct tty *tp) 125 { 126 size_t bs = 0; 127 int error; 128 129 /* Provide an input buffer for 2 seconds of data. */ 130 if (tp->t_termios.c_cflag & CREAD) 131 bs = MIN(tp->t_termios.c_ispeed / 5, TTYBUF_MAX); 132 error = ttyinq_setsize(&tp->t_inq, tp, bs); 133 if (error != 0) 134 return (error); 135 136 /* Set low watermark at 10% (when 90% is available). */ 137 tp->t_inlow = (ttyinq_getallocatedsize(&tp->t_inq) * 9) / 10; 138 139 /* Provide an output buffer for 2 seconds of data. */ 140 bs = MIN(tp->t_termios.c_ospeed / 5, TTYBUF_MAX); 141 error = ttyoutq_setsize(&tp->t_outq, tp, bs); 142 if (error != 0) 143 return (error); 144 145 /* Set low watermark at 10% (when 90% is available). */ 146 tp->t_outlow = (ttyoutq_getallocatedsize(&tp->t_outq) * 9) / 10; 147 148 return (0); 149 } 150 151 static int 152 tty_drain(struct tty *tp, int leaving) 153 { 154 sbintime_t timeout_at; 155 size_t bytes; 156 int error; 157 158 if (ttyhook_hashook(tp, getc_inject)) 159 /* buffer is inaccessible */ 160 return (0); 161 162 /* 163 * For close(), use the recent historic timeout of "1 second without 164 * making progress". For tcdrain(), use t_drainwait as the timeout, 165 * with zero meaning "no timeout" which gives POSIX behavior. 166 */ 167 if (leaving) 168 timeout_at = getsbinuptime() + SBT_1S; 169 else if (tp->t_drainwait != 0) 170 timeout_at = getsbinuptime() + SBT_1S * tp->t_drainwait; 171 else 172 timeout_at = 0; 173 174 /* 175 * Poll the output buffer and the hardware for completion, at 10 Hz. 176 * Polling is required for devices which are not able to signal an 177 * interrupt when the transmitter becomes idle (most USB serial devs). 178 * The unusual structure of this loop ensures we check for busy one more 179 * time after tty_timedwait() returns EWOULDBLOCK, so that success has 180 * higher priority than timeout if the IO completed in the last 100mS. 181 */ 182 error = 0; 183 bytes = ttyoutq_bytesused(&tp->t_outq); 184 for (;;) { 185 if (ttyoutq_bytesused(&tp->t_outq) == 0 && !ttydevsw_busy(tp)) 186 return (0); 187 if (error != 0) 188 return (error); 189 ttydevsw_outwakeup(tp); 190 error = tty_timedwait(tp, &tp->t_outwait, hz / 10); 191 if (error != 0 && error != EWOULDBLOCK) 192 return (error); 193 else if (timeout_at == 0 || getsbinuptime() < timeout_at) 194 error = 0; 195 else if (leaving && ttyoutq_bytesused(&tp->t_outq) < bytes) { 196 /* In close, making progress, grant an extra second. */ 197 error = 0; 198 timeout_at += SBT_1S; 199 bytes = ttyoutq_bytesused(&tp->t_outq); 200 } 201 } 202 } 203 204 /* 205 * Though ttydev_enter() and ttydev_leave() seem to be related, they 206 * don't have to be used together. ttydev_enter() is used by the cdev 207 * operations to prevent an actual operation from being processed when 208 * the TTY has been abandoned. ttydev_leave() is used by ttydev_open() 209 * and ttydev_close() to determine whether per-TTY data should be 210 * deallocated. 211 */ 212 213 static __inline int 214 ttydev_enter(struct tty *tp) 215 { 216 217 tty_lock(tp); 218 219 if (tty_gone(tp) || !tty_opened(tp)) { 220 /* Device is already gone. */ 221 tty_unlock(tp); 222 return (ENXIO); 223 } 224 225 return (0); 226 } 227 228 static void 229 ttydev_leave(struct tty *tp) 230 { 231 232 tty_assert_locked(tp); 233 234 if (tty_opened(tp) || tp->t_flags & TF_OPENCLOSE) { 235 /* Device is still opened somewhere. */ 236 tty_unlock(tp); 237 return; 238 } 239 240 tp->t_flags |= TF_OPENCLOSE; 241 242 /* Remove console TTY. */ 243 constty_clear(tp); 244 245 /* Drain any output. */ 246 if (!tty_gone(tp)) 247 tty_drain(tp, 1); 248 249 ttydisc_close(tp); 250 251 /* Free i/o queues now since they might be large. */ 252 ttyinq_free(&tp->t_inq); 253 tp->t_inlow = 0; 254 ttyoutq_free(&tp->t_outq); 255 tp->t_outlow = 0; 256 257 if (!tty_gone(tp)) 258 ttydevsw_close(tp); 259 260 tp->t_flags &= ~TF_OPENCLOSE; 261 cv_broadcast(&tp->t_dcdwait); 262 tty_rel_free(tp); 263 } 264 265 /* 266 * Operations that are exposed through the character device in /dev. 267 */ 268 static int 269 ttydev_open(struct cdev *dev, int oflags, int devtype __unused, 270 struct thread *td) 271 { 272 struct tty *tp; 273 int error; 274 275 tp = dev->si_drv1; 276 error = 0; 277 tty_lock(tp); 278 if (tty_gone(tp)) { 279 /* Device is already gone. */ 280 tty_unlock(tp); 281 return (ENXIO); 282 } 283 284 /* 285 * Block when other processes are currently opening or closing 286 * the TTY. 287 */ 288 while (tp->t_flags & TF_OPENCLOSE) { 289 error = tty_wait(tp, &tp->t_dcdwait); 290 if (error != 0) { 291 tty_unlock(tp); 292 return (error); 293 } 294 } 295 tp->t_flags |= TF_OPENCLOSE; 296 297 /* 298 * Make sure the "tty" and "cua" device cannot be opened at the 299 * same time. The console is a "tty" device. 300 */ 301 if (TTY_CALLOUT(tp, dev)) { 302 if (tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) { 303 error = EBUSY; 304 goto done; 305 } 306 } else { 307 if (tp->t_flags & TF_OPENED_OUT) { 308 error = EBUSY; 309 goto done; 310 } 311 } 312 313 if (tp->t_flags & TF_EXCLUDE && priv_check(td, PRIV_TTY_EXCLUSIVE)) { 314 error = EBUSY; 315 goto done; 316 } 317 318 if (!tty_opened(tp)) { 319 /* Set proper termios flags. */ 320 if (TTY_CALLOUT(tp, dev)) 321 tp->t_termios = tp->t_termios_init_out; 322 else 323 tp->t_termios = tp->t_termios_init_in; 324 ttydevsw_param(tp, &tp->t_termios); 325 /* Prevent modem control on callout devices and /dev/console. */ 326 if (TTY_CALLOUT(tp, dev) || dev == dev_console) 327 tp->t_termios.c_cflag |= CLOCAL; 328 329 if ((tp->t_termios.c_cflag & CNO_RTSDTR) == 0) 330 ttydevsw_modem(tp, SER_DTR|SER_RTS, 0); 331 332 error = ttydevsw_open(tp); 333 if (error != 0) 334 goto done; 335 336 ttydisc_open(tp); 337 error = tty_watermarks(tp); 338 if (error != 0) 339 goto done; 340 } 341 342 /* Wait for Carrier Detect. */ 343 if ((oflags & O_NONBLOCK) == 0 && 344 (tp->t_termios.c_cflag & CLOCAL) == 0) { 345 while ((ttydevsw_modem(tp, 0, 0) & SER_DCD) == 0) { 346 error = tty_wait(tp, &tp->t_dcdwait); 347 if (error != 0) 348 goto done; 349 } 350 } 351 352 if (dev == dev_console) 353 tp->t_flags |= TF_OPENED_CONS; 354 else if (TTY_CALLOUT(tp, dev)) 355 tp->t_flags |= TF_OPENED_OUT; 356 else 357 tp->t_flags |= TF_OPENED_IN; 358 MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 || 359 (tp->t_flags & TF_OPENED_OUT) == 0); 360 361 done: tp->t_flags &= ~TF_OPENCLOSE; 362 cv_broadcast(&tp->t_dcdwait); 363 ttydev_leave(tp); 364 365 return (error); 366 } 367 368 static int 369 ttydev_close(struct cdev *dev, int fflag, int devtype __unused, 370 struct thread *td) 371 { 372 struct tty *tp = dev->si_drv1; 373 374 tty_lock(tp); 375 376 /* 377 * Don't actually close the device if it is being used as the 378 * console. 379 */ 380 MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 || 381 (tp->t_flags & TF_OPENED_OUT) == 0); 382 if (dev == dev_console) 383 tp->t_flags &= ~TF_OPENED_CONS; 384 else 385 tp->t_flags &= ~(TF_OPENED_IN|TF_OPENED_OUT); 386 387 if (tp->t_flags & TF_OPENED) { 388 tty_unlock(tp); 389 return (0); 390 } 391 392 /* If revoking, flush output now to avoid draining it later. */ 393 if ((fflag & FREVOKE) != 0) { 394 tty_flush(tp, FWRITE); 395 knlist_delete(&tp->t_inpoll.si_note, td, 1); 396 knlist_delete(&tp->t_outpoll.si_note, td, 1); 397 } 398 399 tp->t_flags &= ~TF_EXCLUDE; 400 401 /* Properly wake up threads that are stuck - revoke(). */ 402 tp->t_revokecnt++; 403 tty_wakeup(tp, FREAD|FWRITE); 404 cv_broadcast(&tp->t_bgwait); 405 cv_broadcast(&tp->t_dcdwait); 406 407 ttydev_leave(tp); 408 409 return (0); 410 } 411 412 static __inline int 413 tty_is_ctty(struct tty *tp, struct proc *p) 414 { 415 416 tty_assert_locked(tp); 417 418 return (p->p_session == tp->t_session && p->p_flag & P_CONTROLT); 419 } 420 421 int 422 tty_wait_background(struct tty *tp, struct thread *td, int sig) 423 { 424 struct proc *p; 425 struct pgrp *pg; 426 ksiginfo_t ksi; 427 int error; 428 429 MPASS(sig == SIGTTIN || sig == SIGTTOU); 430 tty_assert_locked(tp); 431 432 p = td->td_proc; 433 for (;;) { 434 pg = p->p_pgrp; 435 PGRP_LOCK(pg); 436 PROC_LOCK(p); 437 438 /* 439 * pg may no longer be our process group. 440 * Re-check after locking. 441 */ 442 if (p->p_pgrp != pg) { 443 PROC_UNLOCK(p); 444 PGRP_UNLOCK(pg); 445 continue; 446 } 447 448 /* 449 * The process should only sleep, when: 450 * - This terminal is the controlling terminal 451 * - Its process group is not the foreground process 452 * group 453 * - The parent process isn't waiting for the child to 454 * exit 455 * - the signal to send to the process isn't masked 456 */ 457 if (!tty_is_ctty(tp, p) || p->p_pgrp == tp->t_pgrp) { 458 /* Allow the action to happen. */ 459 PROC_UNLOCK(p); 460 PGRP_UNLOCK(pg); 461 return (0); 462 } 463 464 if (SIGISMEMBER(p->p_sigacts->ps_sigignore, sig) || 465 SIGISMEMBER(td->td_sigmask, sig)) { 466 /* Only allow them in write()/ioctl(). */ 467 PROC_UNLOCK(p); 468 PGRP_UNLOCK(pg); 469 return (sig == SIGTTOU ? 0 : EIO); 470 } 471 472 if ((p->p_flag & P_PPWAIT) != 0 || 473 (pg->pg_flags & PGRP_ORPHANED) != 0) { 474 /* Don't allow the action to happen. */ 475 PROC_UNLOCK(p); 476 PGRP_UNLOCK(pg); 477 return (EIO); 478 } 479 PROC_UNLOCK(p); 480 481 /* 482 * Send the signal and sleep until we're the new 483 * foreground process group. 484 */ 485 if (sig != 0) { 486 ksiginfo_init(&ksi); 487 ksi.ksi_code = SI_KERNEL; 488 ksi.ksi_signo = sig; 489 sig = 0; 490 } 491 492 pgsignal(pg, ksi.ksi_signo, 1, &ksi); 493 PGRP_UNLOCK(pg); 494 495 error = tty_wait(tp, &tp->t_bgwait); 496 if (error) 497 return (error); 498 } 499 } 500 501 static int 502 ttydev_read(struct cdev *dev, struct uio *uio, int ioflag) 503 { 504 struct tty *tp = dev->si_drv1; 505 int error; 506 507 error = ttydev_enter(tp); 508 if (error) 509 goto done; 510 error = ttydisc_read(tp, uio, ioflag); 511 tty_unlock(tp); 512 513 /* 514 * The read() call should not throw an error when the device is 515 * being destroyed. Silently convert it to an EOF. 516 */ 517 done: if (error == ENXIO) 518 error = 0; 519 return (error); 520 } 521 522 static int 523 ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) 524 { 525 struct tty *tp = dev->si_drv1; 526 int defer, error; 527 528 error = ttydev_enter(tp); 529 if (error) 530 return (error); 531 532 if (tp->t_termios.c_lflag & TOSTOP) { 533 error = tty_wait_background(tp, curthread, SIGTTOU); 534 if (error) 535 goto done; 536 } 537 538 if (ioflag & IO_NDELAY && tp->t_flags & TF_BUSY_OUT) { 539 /* Allow non-blocking writes to bypass serialization. */ 540 error = ttydisc_write(tp, uio, ioflag); 541 } else { 542 /* Serialize write() calls. */ 543 while (tp->t_flags & TF_BUSY_OUT) { 544 error = tty_wait(tp, &tp->t_outserwait); 545 if (error) 546 goto done; 547 } 548 549 tp->t_flags |= TF_BUSY_OUT; 550 defer = sigdeferstop(SIGDEFERSTOP_ERESTART); 551 error = ttydisc_write(tp, uio, ioflag); 552 sigallowstop(defer); 553 tp->t_flags &= ~TF_BUSY_OUT; 554 cv_signal(&tp->t_outserwait); 555 } 556 557 done: tty_unlock(tp); 558 return (error); 559 } 560 561 static int 562 ttydev_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, 563 struct thread *td) 564 { 565 struct tty *tp = dev->si_drv1; 566 int error; 567 568 error = ttydev_enter(tp); 569 if (error) 570 return (error); 571 572 switch (cmd) { 573 case TIOCCBRK: 574 case TIOCCONS: 575 case TIOCDRAIN: 576 case TIOCEXCL: 577 case TIOCFLUSH: 578 case TIOCNXCL: 579 case TIOCSBRK: 580 case TIOCSCTTY: 581 case TIOCSETA: 582 case TIOCSETAF: 583 case TIOCSETAW: 584 case TIOCSPGRP: 585 case TIOCSTART: 586 case TIOCSTAT: 587 case TIOCSTI: 588 case TIOCSTOP: 589 case TIOCSWINSZ: 590 #if 0 591 case TIOCSDRAINWAIT: 592 case TIOCSETD: 593 #endif 594 #ifdef COMPAT_43TTY 595 case TIOCLBIC: 596 case TIOCLBIS: 597 case TIOCLSET: 598 case TIOCSETC: 599 case OTIOCSETD: 600 case TIOCSETN: 601 case TIOCSETP: 602 case TIOCSLTC: 603 #endif /* COMPAT_43TTY */ 604 /* 605 * If the ioctl() causes the TTY to be modified, let it 606 * wait in the background. 607 */ 608 error = tty_wait_background(tp, curthread, SIGTTOU); 609 if (error) 610 goto done; 611 } 612 613 if (cmd == TIOCSETA || cmd == TIOCSETAW || cmd == TIOCSETAF) { 614 struct termios *old = &tp->t_termios; 615 struct termios *new = (struct termios *)data; 616 struct termios *lock = TTY_CALLOUT(tp, dev) ? 617 &tp->t_termios_lock_out : &tp->t_termios_lock_in; 618 int cc; 619 620 /* 621 * Lock state devices. Just overwrite the values of the 622 * commands that are currently in use. 623 */ 624 new->c_iflag = (old->c_iflag & lock->c_iflag) | 625 (new->c_iflag & ~lock->c_iflag); 626 new->c_oflag = (old->c_oflag & lock->c_oflag) | 627 (new->c_oflag & ~lock->c_oflag); 628 new->c_cflag = (old->c_cflag & lock->c_cflag) | 629 (new->c_cflag & ~lock->c_cflag); 630 new->c_lflag = (old->c_lflag & lock->c_lflag) | 631 (new->c_lflag & ~lock->c_lflag); 632 for (cc = 0; cc < NCCS; ++cc) 633 if (lock->c_cc[cc]) 634 new->c_cc[cc] = old->c_cc[cc]; 635 if (lock->c_ispeed) 636 new->c_ispeed = old->c_ispeed; 637 if (lock->c_ospeed) 638 new->c_ospeed = old->c_ospeed; 639 } 640 641 error = tty_ioctl(tp, cmd, data, fflag, td); 642 done: tty_unlock(tp); 643 644 return (error); 645 } 646 647 static int 648 ttydev_poll(struct cdev *dev, int events, struct thread *td) 649 { 650 struct tty *tp = dev->si_drv1; 651 int error, revents = 0; 652 653 error = ttydev_enter(tp); 654 if (error) 655 return ((events & (POLLIN|POLLRDNORM)) | POLLHUP); 656 657 if (events & (POLLIN|POLLRDNORM)) { 658 /* See if we can read something. */ 659 if (ttydisc_read_poll(tp) > 0) 660 revents |= events & (POLLIN|POLLRDNORM); 661 } 662 663 if (tp->t_flags & TF_ZOMBIE) { 664 /* Hangup flag on zombie state. */ 665 revents |= POLLHUP; 666 } else if (events & (POLLOUT|POLLWRNORM)) { 667 /* See if we can write something. */ 668 if (ttydisc_write_poll(tp) > 0) 669 revents |= events & (POLLOUT|POLLWRNORM); 670 } 671 672 if (revents == 0) { 673 if (events & (POLLIN|POLLRDNORM)) 674 selrecord(td, &tp->t_inpoll); 675 if (events & (POLLOUT|POLLWRNORM)) 676 selrecord(td, &tp->t_outpoll); 677 } 678 679 tty_unlock(tp); 680 681 return (revents); 682 } 683 684 static int 685 ttydev_mmap(struct cdev *dev, vm_ooffset_t offset, vm_paddr_t *paddr, 686 int nprot, vm_memattr_t *memattr) 687 { 688 struct tty *tp = dev->si_drv1; 689 int error; 690 691 /* Handle mmap() through the driver. */ 692 693 error = ttydev_enter(tp); 694 if (error) 695 return (-1); 696 error = ttydevsw_mmap(tp, offset, paddr, nprot, memattr); 697 tty_unlock(tp); 698 699 return (error); 700 } 701 702 /* 703 * kqueue support. 704 */ 705 706 static void 707 tty_kqops_read_detach(struct knote *kn) 708 { 709 struct tty *tp = kn->kn_hook; 710 711 knlist_remove(&tp->t_inpoll.si_note, kn, 0); 712 } 713 714 static int 715 tty_kqops_read_event(struct knote *kn, long hint __unused) 716 { 717 struct tty *tp = kn->kn_hook; 718 719 tty_assert_locked(tp); 720 721 if (tty_gone(tp) || tp->t_flags & TF_ZOMBIE) { 722 kn->kn_flags |= EV_EOF; 723 return (1); 724 } else { 725 kn->kn_data = ttydisc_read_poll(tp); 726 return (kn->kn_data > 0); 727 } 728 } 729 730 static void 731 tty_kqops_write_detach(struct knote *kn) 732 { 733 struct tty *tp = kn->kn_hook; 734 735 knlist_remove(&tp->t_outpoll.si_note, kn, 0); 736 } 737 738 static int 739 tty_kqops_write_event(struct knote *kn, long hint __unused) 740 { 741 struct tty *tp = kn->kn_hook; 742 743 tty_assert_locked(tp); 744 745 if (tty_gone(tp)) { 746 kn->kn_flags |= EV_EOF; 747 return (1); 748 } else { 749 kn->kn_data = ttydisc_write_poll(tp); 750 return (kn->kn_data > 0); 751 } 752 } 753 754 static const struct filterops tty_kqops_read = { 755 .f_isfd = 1, 756 .f_detach = tty_kqops_read_detach, 757 .f_event = tty_kqops_read_event, 758 }; 759 760 static const struct filterops tty_kqops_write = { 761 .f_isfd = 1, 762 .f_detach = tty_kqops_write_detach, 763 .f_event = tty_kqops_write_event, 764 }; 765 766 static int 767 ttydev_kqfilter(struct cdev *dev, struct knote *kn) 768 { 769 struct tty *tp = dev->si_drv1; 770 int error; 771 772 error = ttydev_enter(tp); 773 if (error) 774 return (error); 775 776 switch (kn->kn_filter) { 777 case EVFILT_READ: 778 kn->kn_hook = tp; 779 kn->kn_fop = &tty_kqops_read; 780 knlist_add(&tp->t_inpoll.si_note, kn, 1); 781 break; 782 case EVFILT_WRITE: 783 kn->kn_hook = tp; 784 kn->kn_fop = &tty_kqops_write; 785 knlist_add(&tp->t_outpoll.si_note, kn, 1); 786 break; 787 default: 788 error = EINVAL; 789 break; 790 } 791 792 tty_unlock(tp); 793 return (error); 794 } 795 796 static struct cdevsw ttydev_cdevsw = { 797 .d_version = D_VERSION, 798 .d_open = ttydev_open, 799 .d_close = ttydev_close, 800 .d_read = ttydev_read, 801 .d_write = ttydev_write, 802 .d_ioctl = ttydev_ioctl, 803 .d_kqfilter = ttydev_kqfilter, 804 .d_poll = ttydev_poll, 805 .d_mmap = ttydev_mmap, 806 .d_name = "ttydev", 807 .d_flags = D_TTY, 808 }; 809 810 /* 811 * Init/lock-state devices 812 */ 813 814 static int 815 ttyil_open(struct cdev *dev, int oflags __unused, int devtype __unused, 816 struct thread *td) 817 { 818 struct tty *tp; 819 int error; 820 821 tp = dev->si_drv1; 822 error = 0; 823 tty_lock(tp); 824 if (tty_gone(tp)) 825 error = ENODEV; 826 tty_unlock(tp); 827 828 return (error); 829 } 830 831 static int 832 ttyil_close(struct cdev *dev __unused, int flag __unused, int mode __unused, 833 struct thread *td __unused) 834 { 835 836 return (0); 837 } 838 839 static int 840 ttyil_rdwr(struct cdev *dev __unused, struct uio *uio __unused, 841 int ioflag __unused) 842 { 843 844 return (ENODEV); 845 } 846 847 static int 848 ttyil_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, 849 struct thread *td) 850 { 851 struct tty *tp = dev->si_drv1; 852 int error; 853 854 tty_lock(tp); 855 if (tty_gone(tp)) { 856 error = ENODEV; 857 goto done; 858 } 859 860 error = ttydevsw_cioctl(tp, dev2unit(dev), cmd, data, td); 861 if (error != ENOIOCTL) 862 goto done; 863 error = 0; 864 865 switch (cmd) { 866 case TIOCGETA: 867 /* Obtain terminal flags through tcgetattr(). */ 868 *(struct termios*)data = *(struct termios*)dev->si_drv2; 869 break; 870 case TIOCSETA: 871 /* Set terminal flags through tcsetattr(). */ 872 error = priv_check(td, PRIV_TTY_SETA); 873 if (error) 874 break; 875 *(struct termios*)dev->si_drv2 = *(struct termios*)data; 876 break; 877 case TIOCGETD: 878 *(int *)data = TTYDISC; 879 break; 880 case TIOCGWINSZ: 881 bzero(data, sizeof(struct winsize)); 882 break; 883 default: 884 error = ENOTTY; 885 } 886 887 done: tty_unlock(tp); 888 return (error); 889 } 890 891 static struct cdevsw ttyil_cdevsw = { 892 .d_version = D_VERSION, 893 .d_open = ttyil_open, 894 .d_close = ttyil_close, 895 .d_read = ttyil_rdwr, 896 .d_write = ttyil_rdwr, 897 .d_ioctl = ttyil_ioctl, 898 .d_name = "ttyil", 899 .d_flags = D_TTY, 900 }; 901 902 static void 903 tty_init_termios(struct tty *tp) 904 { 905 struct termios *t = &tp->t_termios_init_in; 906 907 t->c_cflag = TTYDEF_CFLAG; 908 t->c_iflag = TTYDEF_IFLAG; 909 t->c_lflag = TTYDEF_LFLAG; 910 t->c_oflag = TTYDEF_OFLAG; 911 t->c_ispeed = TTYDEF_SPEED; 912 t->c_ospeed = TTYDEF_SPEED; 913 memcpy(&t->c_cc, ttydefchars, sizeof ttydefchars); 914 915 tp->t_termios_init_out = *t; 916 } 917 918 void 919 tty_init_console(struct tty *tp, speed_t s) 920 { 921 struct termios *ti = &tp->t_termios_init_in; 922 struct termios *to = &tp->t_termios_init_out; 923 924 if (s != 0) { 925 ti->c_ispeed = ti->c_ospeed = s; 926 to->c_ispeed = to->c_ospeed = s; 927 } 928 929 ti->c_cflag |= CLOCAL; 930 to->c_cflag |= CLOCAL; 931 } 932 933 /* 934 * Standard device routine implementations, mostly meant for 935 * pseudo-terminal device drivers. When a driver creates a new terminal 936 * device class, missing routines are patched. 937 */ 938 939 static int 940 ttydevsw_defopen(struct tty *tp __unused) 941 { 942 943 return (0); 944 } 945 946 static void 947 ttydevsw_defclose(struct tty *tp __unused) 948 { 949 950 } 951 952 static void 953 ttydevsw_defoutwakeup(struct tty *tp __unused) 954 { 955 956 panic("Terminal device has output, while not implemented"); 957 } 958 959 static void 960 ttydevsw_definwakeup(struct tty *tp __unused) 961 { 962 963 } 964 965 static int 966 ttydevsw_defioctl(struct tty *tp __unused, u_long cmd __unused, 967 caddr_t data __unused, struct thread *td __unused) 968 { 969 970 return (ENOIOCTL); 971 } 972 973 static int 974 ttydevsw_defcioctl(struct tty *tp __unused, int unit __unused, 975 u_long cmd __unused, caddr_t data __unused, struct thread *td __unused) 976 { 977 978 return (ENOIOCTL); 979 } 980 981 static int 982 ttydevsw_defparam(struct tty *tp __unused, struct termios *t) 983 { 984 985 /* 986 * Allow the baud rate to be adjusted for pseudo-devices, but at 987 * least restrict it to 115200 to prevent excessive buffer 988 * usage. Also disallow 0, to prevent foot shooting. 989 */ 990 if (t->c_ispeed < B50) 991 t->c_ispeed = B50; 992 else if (t->c_ispeed > B115200) 993 t->c_ispeed = B115200; 994 if (t->c_ospeed < B50) 995 t->c_ospeed = B50; 996 else if (t->c_ospeed > B115200) 997 t->c_ospeed = B115200; 998 t->c_cflag |= CREAD; 999 1000 return (0); 1001 } 1002 1003 static int 1004 ttydevsw_defmodem(struct tty *tp __unused, int sigon __unused, 1005 int sigoff __unused) 1006 { 1007 1008 /* Simulate a carrier to make the TTY layer happy. */ 1009 return (SER_DCD); 1010 } 1011 1012 static int 1013 ttydevsw_defmmap(struct tty *tp __unused, vm_ooffset_t offset __unused, 1014 vm_paddr_t *paddr __unused, int nprot __unused, 1015 vm_memattr_t *memattr __unused) 1016 { 1017 1018 return (-1); 1019 } 1020 1021 static void 1022 ttydevsw_defpktnotify(struct tty *tp __unused, char event __unused) 1023 { 1024 1025 } 1026 1027 static void 1028 ttydevsw_deffree(void *softc __unused) 1029 { 1030 1031 panic("Terminal device freed without a free-handler"); 1032 } 1033 1034 static bool 1035 ttydevsw_defbusy(struct tty *tp __unused) 1036 { 1037 1038 return (FALSE); 1039 } 1040 1041 /* 1042 * TTY allocation and deallocation. TTY devices can be deallocated when 1043 * the driver doesn't use it anymore, when the TTY isn't a session's 1044 * controlling TTY and when the device node isn't opened through devfs. 1045 */ 1046 1047 struct tty * 1048 tty_alloc(struct ttydevsw *tsw, void *sc) 1049 { 1050 1051 return (tty_alloc_mutex(tsw, sc, NULL)); 1052 } 1053 1054 struct tty * 1055 tty_alloc_mutex(struct ttydevsw *tsw, void *sc, struct mtx *mutex) 1056 { 1057 struct tty *tp; 1058 1059 /* Make sure the driver defines all routines. */ 1060 #define PATCH_FUNC(x) do { \ 1061 if (tsw->tsw_ ## x == NULL) \ 1062 tsw->tsw_ ## x = ttydevsw_def ## x; \ 1063 } while (0) 1064 PATCH_FUNC(open); 1065 PATCH_FUNC(close); 1066 PATCH_FUNC(outwakeup); 1067 PATCH_FUNC(inwakeup); 1068 PATCH_FUNC(ioctl); 1069 PATCH_FUNC(cioctl); 1070 PATCH_FUNC(param); 1071 PATCH_FUNC(modem); 1072 PATCH_FUNC(mmap); 1073 PATCH_FUNC(pktnotify); 1074 PATCH_FUNC(free); 1075 PATCH_FUNC(busy); 1076 #undef PATCH_FUNC 1077 1078 tp = malloc(sizeof(struct tty) + TTY_PRBUF_SIZE, M_TTY, 1079 M_WAITOK | M_ZERO); 1080 tp->t_prbufsz = TTY_PRBUF_SIZE; 1081 tp->t_devsw = tsw; 1082 tp->t_devswsoftc = sc; 1083 tp->t_flags = tsw->tsw_flags; 1084 tp->t_drainwait = tty_drainwait; 1085 1086 tty_init_termios(tp); 1087 1088 cv_init(&tp->t_inwait, "ttyin"); 1089 cv_init(&tp->t_outwait, "ttyout"); 1090 cv_init(&tp->t_outserwait, "ttyosr"); 1091 cv_init(&tp->t_bgwait, "ttybg"); 1092 cv_init(&tp->t_dcdwait, "ttydcd"); 1093 1094 /* Allow drivers to use a custom mutex to lock the TTY. */ 1095 if (mutex != NULL) { 1096 tp->t_mtx = mutex; 1097 } else { 1098 tp->t_mtx = &tp->t_mtxobj; 1099 mtx_init(&tp->t_mtxobj, "ttymtx", NULL, MTX_DEF); 1100 } 1101 1102 knlist_init_mtx(&tp->t_inpoll.si_note, tp->t_mtx); 1103 knlist_init_mtx(&tp->t_outpoll.si_note, tp->t_mtx); 1104 1105 return (tp); 1106 } 1107 1108 static void 1109 tty_dealloc(void *arg) 1110 { 1111 struct tty *tp = arg; 1112 1113 /* 1114 * ttyydev_leave() usually frees the i/o queues earlier, but it is 1115 * not always called between queue allocation and here. The queues 1116 * may be allocated by ioctls on a pty control device without the 1117 * corresponding pty slave device ever being open, or after it is 1118 * closed. 1119 */ 1120 ttyinq_free(&tp->t_inq); 1121 ttyoutq_free(&tp->t_outq); 1122 seldrain(&tp->t_inpoll); 1123 seldrain(&tp->t_outpoll); 1124 knlist_clear(&tp->t_inpoll.si_note, 0); 1125 knlist_clear(&tp->t_outpoll.si_note, 0); 1126 knlist_destroy(&tp->t_inpoll.si_note); 1127 knlist_destroy(&tp->t_outpoll.si_note); 1128 1129 cv_destroy(&tp->t_inwait); 1130 cv_destroy(&tp->t_outwait); 1131 cv_destroy(&tp->t_bgwait); 1132 cv_destroy(&tp->t_dcdwait); 1133 cv_destroy(&tp->t_outserwait); 1134 1135 if (tp->t_mtx == &tp->t_mtxobj) 1136 mtx_destroy(&tp->t_mtxobj); 1137 ttydevsw_free(tp); 1138 free(tp, M_TTY); 1139 } 1140 1141 static void 1142 tty_rel_free(struct tty *tp) 1143 { 1144 struct cdev *dev; 1145 1146 tty_assert_locked(tp); 1147 1148 #define TF_ACTIVITY (TF_GONE|TF_OPENED|TF_HOOK|TF_OPENCLOSE) 1149 if (tp->t_sessioncnt != 0 || (tp->t_flags & TF_ACTIVITY) != TF_GONE) { 1150 /* TTY is still in use. */ 1151 tty_unlock(tp); 1152 return; 1153 } 1154 1155 /* Stop asynchronous I/O. */ 1156 funsetown(&tp->t_sigio); 1157 1158 /* TTY can be deallocated. */ 1159 dev = tp->t_dev; 1160 tp->t_dev = NULL; 1161 tty_unlock(tp); 1162 1163 if (dev != NULL) { 1164 sx_xlock(&tty_list_sx); 1165 TAILQ_REMOVE(&tty_list, tp, t_list); 1166 tty_list_count--; 1167 sx_xunlock(&tty_list_sx); 1168 destroy_dev_sched_cb(dev, tty_dealloc, tp); 1169 } 1170 } 1171 1172 void 1173 tty_rel_pgrp(struct tty *tp, struct pgrp *pg) 1174 { 1175 1176 MPASS(tp->t_sessioncnt > 0); 1177 tty_assert_locked(tp); 1178 1179 if (tp->t_pgrp == pg) 1180 tp->t_pgrp = NULL; 1181 1182 tty_unlock(tp); 1183 } 1184 1185 void 1186 tty_rel_sess(struct tty *tp, struct session *sess) 1187 { 1188 1189 MPASS(tp->t_sessioncnt > 0); 1190 1191 /* Current session has left. */ 1192 if (tp->t_session == sess) { 1193 tp->t_session = NULL; 1194 MPASS(tp->t_pgrp == NULL); 1195 } 1196 tp->t_sessioncnt--; 1197 tty_rel_free(tp); 1198 } 1199 1200 void 1201 tty_rel_gone(struct tty *tp) 1202 { 1203 1204 tty_assert_locked(tp); 1205 MPASS(!tty_gone(tp)); 1206 1207 /* Simulate carrier removal. */ 1208 ttydisc_modem(tp, 0); 1209 1210 /* Wake up all blocked threads. */ 1211 tty_wakeup(tp, FREAD|FWRITE); 1212 cv_broadcast(&tp->t_bgwait); 1213 cv_broadcast(&tp->t_dcdwait); 1214 1215 tp->t_flags |= TF_GONE; 1216 tty_rel_free(tp); 1217 } 1218 1219 static int 1220 tty_drop_ctty(struct tty *tp, struct proc *p) 1221 { 1222 struct session *session; 1223 struct vnode *vp; 1224 1225 /* 1226 * This looks terrible, but it's generally safe as long as the tty 1227 * hasn't gone away while we had the lock dropped. All of our sanity 1228 * checking that this operation is OK happens after we've picked it back 1229 * up, so other state changes are generally not fatal and the potential 1230 * for this particular operation to happen out-of-order in a 1231 * multithreaded scenario is likely a non-issue. 1232 */ 1233 tty_unlock(tp); 1234 sx_xlock(&proctree_lock); 1235 tty_lock(tp); 1236 if (tty_gone(tp)) { 1237 sx_xunlock(&proctree_lock); 1238 return (ENODEV); 1239 } 1240 1241 /* 1242 * If the session doesn't have a controlling TTY, or if we weren't 1243 * invoked on the controlling TTY, we'll return ENOIOCTL as we've 1244 * historically done. 1245 */ 1246 session = p->p_session; 1247 if (session->s_ttyp == NULL || session->s_ttyp != tp) { 1248 sx_xunlock(&proctree_lock); 1249 return (ENOTTY); 1250 } 1251 1252 if (!SESS_LEADER(p)) { 1253 sx_xunlock(&proctree_lock); 1254 return (EPERM); 1255 } 1256 1257 PROC_LOCK(p); 1258 SESS_LOCK(session); 1259 vp = session->s_ttyvp; 1260 session->s_ttyp = NULL; 1261 session->s_ttyvp = NULL; 1262 session->s_ttydp = NULL; 1263 SESS_UNLOCK(session); 1264 1265 tp->t_sessioncnt--; 1266 p->p_flag &= ~P_CONTROLT; 1267 PROC_UNLOCK(p); 1268 sx_xunlock(&proctree_lock); 1269 1270 /* 1271 * If we did have a vnode, release our reference. Ordinarily we manage 1272 * these at the devfs layer, but we can't necessarily know that we were 1273 * invoked on the vnode referenced in the session (i.e. the vnode we 1274 * hold a reference to). We explicitly don't check VBAD/VIRF_DOOMED here 1275 * to avoid a vnode leak -- in circumstances elsewhere where we'd hit a 1276 * VIRF_DOOMED vnode, release has been deferred until the controlling TTY 1277 * is either changed or released. 1278 */ 1279 if (vp != NULL) 1280 devfs_ctty_unref(vp); 1281 return (0); 1282 } 1283 1284 /* 1285 * Exposing information about current TTY's through sysctl 1286 */ 1287 1288 static void 1289 tty_to_xtty(struct tty *tp, struct xtty *xt) 1290 { 1291 1292 tty_assert_locked(tp); 1293 1294 memset(xt, 0, sizeof(*xt)); 1295 xt->xt_size = sizeof(struct xtty); 1296 xt->xt_insize = ttyinq_getsize(&tp->t_inq); 1297 xt->xt_incc = ttyinq_bytescanonicalized(&tp->t_inq); 1298 xt->xt_inlc = ttyinq_bytesline(&tp->t_inq); 1299 xt->xt_inlow = tp->t_inlow; 1300 xt->xt_outsize = ttyoutq_getsize(&tp->t_outq); 1301 xt->xt_outcc = ttyoutq_bytesused(&tp->t_outq); 1302 xt->xt_outlow = tp->t_outlow; 1303 xt->xt_column = tp->t_column; 1304 xt->xt_pgid = tp->t_pgrp ? tp->t_pgrp->pg_id : 0; 1305 xt->xt_sid = tp->t_session ? tp->t_session->s_sid : 0; 1306 xt->xt_flags = tp->t_flags; 1307 xt->xt_dev = tp->t_dev ? dev2udev(tp->t_dev) : (uint32_t)NODEV; 1308 } 1309 1310 static int 1311 sysctl_kern_ttys(SYSCTL_HANDLER_ARGS) 1312 { 1313 unsigned long lsize; 1314 struct thread *td = curthread; 1315 struct xtty *xtlist, *xt; 1316 struct tty *tp; 1317 struct proc *p; 1318 int error; 1319 bool cansee; 1320 1321 sx_slock(&tty_list_sx); 1322 lsize = tty_list_count * sizeof(struct xtty); 1323 if (lsize == 0) { 1324 sx_sunlock(&tty_list_sx); 1325 return (0); 1326 } 1327 1328 xtlist = xt = malloc(lsize, M_TTY, M_WAITOK); 1329 1330 TAILQ_FOREACH(tp, &tty_list, t_list) { 1331 tty_lock(tp); 1332 if (tp->t_session != NULL && 1333 (p = atomic_load_ptr(&tp->t_session->s_leader)) != NULL) { 1334 PROC_LOCK(p); 1335 cansee = (p_cansee(td, p) == 0); 1336 PROC_UNLOCK(p); 1337 } else { 1338 cansee = !jailed(td->td_ucred); 1339 } 1340 if (cansee) { 1341 tty_to_xtty(tp, xt); 1342 xt++; 1343 } 1344 tty_unlock(tp); 1345 } 1346 sx_sunlock(&tty_list_sx); 1347 1348 lsize = (xt - xtlist) * sizeof(struct xtty); 1349 if (lsize > 0) { 1350 error = SYSCTL_OUT(req, xtlist, lsize); 1351 } else { 1352 error = 0; 1353 } 1354 free(xtlist, M_TTY); 1355 return (error); 1356 } 1357 1358 SYSCTL_PROC(_kern, OID_AUTO, ttys, CTLTYPE_OPAQUE|CTLFLAG_RD|CTLFLAG_MPSAFE, 1359 0, 0, sysctl_kern_ttys, "S,xtty", "List of TTYs"); 1360 1361 /* 1362 * Device node creation. Device has been set up, now we can expose it to 1363 * the user. 1364 */ 1365 1366 int 1367 tty_makedevf(struct tty *tp, struct ucred *cred, int flags, 1368 const char *fmt, ...) 1369 { 1370 va_list ap; 1371 struct make_dev_args args; 1372 struct cdev *dev, *init, *lock, *cua, *cinit, *clock; 1373 const char *prefix = "tty"; 1374 char name[SPECNAMELEN - 3]; /* for "tty" and "cua". */ 1375 uid_t uid; 1376 gid_t gid; 1377 mode_t mode; 1378 int error; 1379 1380 /* Remove "tty" prefix from devices like PTY's. */ 1381 if (tp->t_flags & TF_NOPREFIX) 1382 prefix = ""; 1383 1384 va_start(ap, fmt); 1385 vsnrprintf(name, sizeof name, 32, fmt, ap); 1386 va_end(ap); 1387 1388 if (cred == NULL) { 1389 /* System device. */ 1390 uid = UID_ROOT; 1391 gid = GID_WHEEL; 1392 mode = S_IRUSR|S_IWUSR; 1393 } else { 1394 /* User device. */ 1395 uid = cred->cr_ruid; 1396 gid = GID_TTY; 1397 mode = S_IRUSR|S_IWUSR|S_IWGRP; 1398 } 1399 1400 flags = flags & TTYMK_CLONING ? MAKEDEV_REF : 0; 1401 flags |= MAKEDEV_CHECKNAME; 1402 1403 /* Master call-in device. */ 1404 make_dev_args_init(&args); 1405 args.mda_flags = flags; 1406 args.mda_devsw = &ttydev_cdevsw; 1407 args.mda_cr = cred; 1408 args.mda_uid = uid; 1409 args.mda_gid = gid; 1410 args.mda_mode = mode; 1411 args.mda_si_drv1 = tp; 1412 error = make_dev_s(&args, &dev, "%s%s", prefix, name); 1413 if (error != 0) 1414 return (error); 1415 tp->t_dev = dev; 1416 1417 init = lock = cua = cinit = clock = NULL; 1418 1419 /* Slave call-in devices. */ 1420 if (tp->t_flags & TF_INITLOCK) { 1421 args.mda_devsw = &ttyil_cdevsw; 1422 args.mda_unit = TTYUNIT_INIT; 1423 args.mda_si_drv1 = tp; 1424 args.mda_si_drv2 = &tp->t_termios_init_in; 1425 error = make_dev_s(&args, &init, "%s%s.init", prefix, name); 1426 if (error != 0) 1427 goto fail; 1428 dev_depends(dev, init); 1429 1430 args.mda_unit = TTYUNIT_LOCK; 1431 args.mda_si_drv2 = &tp->t_termios_lock_in; 1432 error = make_dev_s(&args, &lock, "%s%s.lock", prefix, name); 1433 if (error != 0) 1434 goto fail; 1435 dev_depends(dev, lock); 1436 } 1437 1438 /* Call-out devices. */ 1439 if (tp->t_flags & TF_CALLOUT) { 1440 make_dev_args_init(&args); 1441 args.mda_flags = flags; 1442 args.mda_devsw = &ttydev_cdevsw; 1443 args.mda_cr = cred; 1444 args.mda_uid = UID_UUCP; 1445 args.mda_gid = GID_DIALER; 1446 args.mda_mode = 0660; 1447 args.mda_unit = TTYUNIT_CALLOUT; 1448 args.mda_si_drv1 = tp; 1449 error = make_dev_s(&args, &cua, "cua%s", name); 1450 if (error != 0) 1451 goto fail; 1452 dev_depends(dev, cua); 1453 1454 /* Slave call-out devices. */ 1455 if (tp->t_flags & TF_INITLOCK) { 1456 args.mda_devsw = &ttyil_cdevsw; 1457 args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_INIT; 1458 args.mda_si_drv2 = &tp->t_termios_init_out; 1459 error = make_dev_s(&args, &cinit, "cua%s.init", name); 1460 if (error != 0) 1461 goto fail; 1462 dev_depends(dev, cinit); 1463 1464 args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_LOCK; 1465 args.mda_si_drv2 = &tp->t_termios_lock_out; 1466 error = make_dev_s(&args, &clock, "cua%s.lock", name); 1467 if (error != 0) 1468 goto fail; 1469 dev_depends(dev, clock); 1470 } 1471 } 1472 1473 sx_xlock(&tty_list_sx); 1474 TAILQ_INSERT_TAIL(&tty_list, tp, t_list); 1475 tty_list_count++; 1476 sx_xunlock(&tty_list_sx); 1477 1478 return (0); 1479 1480 fail: 1481 destroy_dev(dev); 1482 if (init) 1483 destroy_dev(init); 1484 if (lock) 1485 destroy_dev(lock); 1486 if (cinit) 1487 destroy_dev(cinit); 1488 if (clock) 1489 destroy_dev(clock); 1490 1491 return (error); 1492 } 1493 1494 /* 1495 * Signalling processes. 1496 */ 1497 1498 void 1499 tty_signal_sessleader(struct tty *tp, int sig) 1500 { 1501 struct proc *p; 1502 struct session *s; 1503 1504 tty_assert_locked(tp); 1505 MPASS(sig >= 1 && sig < NSIG); 1506 1507 /* Make signals start output again. */ 1508 tp->t_flags &= ~TF_STOPPED; 1509 tp->t_termios.c_lflag &= ~FLUSHO; 1510 1511 /* 1512 * Load s_leader exactly once to avoid race where s_leader is 1513 * set to NULL by a concurrent invocation of killjobc() by the 1514 * session leader. Note that we are not holding t_session's 1515 * lock for the read. 1516 */ 1517 if ((s = tp->t_session) != NULL && 1518 (p = atomic_load_ptr(&s->s_leader)) != NULL) { 1519 PROC_LOCK(p); 1520 kern_psignal(p, sig); 1521 PROC_UNLOCK(p); 1522 } 1523 } 1524 1525 void 1526 tty_signal_pgrp(struct tty *tp, int sig) 1527 { 1528 ksiginfo_t ksi; 1529 1530 tty_assert_locked(tp); 1531 MPASS(sig >= 1 && sig < NSIG); 1532 1533 /* Make signals start output again. */ 1534 tp->t_flags &= ~TF_STOPPED; 1535 tp->t_termios.c_lflag &= ~FLUSHO; 1536 1537 if (sig == SIGINFO && !(tp->t_termios.c_lflag & NOKERNINFO)) 1538 tty_info(tp); 1539 if (tp->t_pgrp != NULL) { 1540 ksiginfo_init(&ksi); 1541 ksi.ksi_signo = sig; 1542 ksi.ksi_code = SI_KERNEL; 1543 PGRP_LOCK(tp->t_pgrp); 1544 pgsignal(tp->t_pgrp, sig, 1, &ksi); 1545 PGRP_UNLOCK(tp->t_pgrp); 1546 } 1547 } 1548 1549 void 1550 tty_wakeup(struct tty *tp, int flags) 1551 { 1552 1553 if (tp->t_flags & TF_ASYNC && tp->t_sigio != NULL) 1554 pgsigio(&tp->t_sigio, SIGIO, (tp->t_session != NULL)); 1555 1556 if (flags & FWRITE) { 1557 cv_broadcast(&tp->t_outwait); 1558 selwakeup(&tp->t_outpoll); 1559 KNOTE_LOCKED(&tp->t_outpoll.si_note, 0); 1560 } 1561 if (flags & FREAD) { 1562 cv_broadcast(&tp->t_inwait); 1563 selwakeup(&tp->t_inpoll); 1564 KNOTE_LOCKED(&tp->t_inpoll.si_note, 0); 1565 } 1566 } 1567 1568 int 1569 tty_wait(struct tty *tp, struct cv *cv) 1570 { 1571 int error; 1572 int revokecnt = tp->t_revokecnt; 1573 1574 tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED); 1575 MPASS(!tty_gone(tp)); 1576 1577 error = cv_wait_sig(cv, tp->t_mtx); 1578 1579 /* Bail out when the device slipped away. */ 1580 if (tty_gone(tp)) 1581 return (ENXIO); 1582 1583 /* Restart the system call when we may have been revoked. */ 1584 if (tp->t_revokecnt != revokecnt) 1585 return (ERESTART); 1586 1587 return (error); 1588 } 1589 1590 int 1591 tty_timedwait(struct tty *tp, struct cv *cv, int hz) 1592 { 1593 int error; 1594 int revokecnt = tp->t_revokecnt; 1595 1596 tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED); 1597 MPASS(!tty_gone(tp)); 1598 1599 error = cv_timedwait_sig(cv, tp->t_mtx, hz); 1600 1601 /* Bail out when the device slipped away. */ 1602 if (tty_gone(tp)) 1603 return (ENXIO); 1604 1605 /* Restart the system call when we may have been revoked. */ 1606 if (tp->t_revokecnt != revokecnt) 1607 return (ERESTART); 1608 1609 return (error); 1610 } 1611 1612 void 1613 tty_flush(struct tty *tp, int flags) 1614 { 1615 1616 if (flags & FWRITE) { 1617 tp->t_flags &= ~TF_HIWAT_OUT; 1618 ttyoutq_flush(&tp->t_outq); 1619 tty_wakeup(tp, FWRITE); 1620 if (!tty_gone(tp)) { 1621 ttydevsw_outwakeup(tp); 1622 ttydevsw_pktnotify(tp, TIOCPKT_FLUSHWRITE); 1623 } 1624 } 1625 if (flags & FREAD) { 1626 tty_hiwat_in_unblock(tp); 1627 ttyinq_flush(&tp->t_inq); 1628 tty_wakeup(tp, FREAD); 1629 if (!tty_gone(tp)) { 1630 ttydevsw_inwakeup(tp); 1631 ttydevsw_pktnotify(tp, TIOCPKT_FLUSHREAD); 1632 } 1633 } 1634 } 1635 1636 void 1637 tty_set_winsize(struct tty *tp, const struct winsize *wsz) 1638 { 1639 1640 if (memcmp(&tp->t_winsize, wsz, sizeof(*wsz)) == 0) 1641 return; 1642 tp->t_winsize = *wsz; 1643 tty_signal_pgrp(tp, SIGWINCH); 1644 } 1645 1646 static int 1647 tty_sti_check(struct tty *tp, int fflag, struct thread *td) 1648 { 1649 /* Root can bypass all of our constraints. */ 1650 if (priv_check(td, PRIV_TTY_STI) == 0) 1651 return (0); 1652 1653 /* Unprivileged users must have it opened for read. */ 1654 if ((fflag & FREAD) == 0) 1655 return (EPERM); 1656 1657 /* It must also be their controlling tty. */ 1658 if (!tty_is_ctty(tp, td->td_proc)) 1659 return (EACCES); 1660 1661 return (0); 1662 } 1663 1664 static int 1665 tty_generic_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, 1666 struct thread *td) 1667 { 1668 int error; 1669 1670 switch (cmd) { 1671 /* 1672 * Modem commands. 1673 * The SER_* and TIOCM_* flags are the same, but one bit 1674 * shifted. I don't know why. 1675 */ 1676 case TIOCSDTR: 1677 ttydevsw_modem(tp, SER_DTR, 0); 1678 return (0); 1679 case TIOCCDTR: 1680 ttydevsw_modem(tp, 0, SER_DTR); 1681 return (0); 1682 case TIOCMSET: { 1683 int bits = *(int *)data; 1684 ttydevsw_modem(tp, 1685 (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 1686 ((~bits) & (TIOCM_DTR | TIOCM_RTS)) >> 1); 1687 return (0); 1688 } 1689 case TIOCMBIS: { 1690 int bits = *(int *)data; 1691 ttydevsw_modem(tp, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 0); 1692 return (0); 1693 } 1694 case TIOCMBIC: { 1695 int bits = *(int *)data; 1696 ttydevsw_modem(tp, 0, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1); 1697 return (0); 1698 } 1699 case TIOCMGET: 1700 *(int *)data = TIOCM_LE + (ttydevsw_modem(tp, 0, 0) << 1); 1701 return (0); 1702 1703 case FIOASYNC: 1704 if (*(int *)data) 1705 tp->t_flags |= TF_ASYNC; 1706 else 1707 tp->t_flags &= ~TF_ASYNC; 1708 return (0); 1709 case FIONBIO: 1710 /* This device supports non-blocking operation. */ 1711 return (0); 1712 case FIONREAD: 1713 *(int *)data = ttydisc_bytesavail(tp); 1714 return (0); 1715 case FIONWRITE: 1716 case TIOCOUTQ: 1717 *(int *)data = ttyoutq_bytesused(&tp->t_outq); 1718 return (0); 1719 case FIOSETOWN: 1720 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc)) 1721 /* Not allowed to set ownership. */ 1722 return (ENOTTY); 1723 1724 /* Temporarily unlock the TTY to set ownership. */ 1725 tty_unlock(tp); 1726 error = fsetown(*(int *)data, &tp->t_sigio); 1727 tty_lock(tp); 1728 return (error); 1729 case FIOGETOWN: 1730 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc)) 1731 /* Not allowed to set ownership. */ 1732 return (ENOTTY); 1733 1734 /* Get ownership. */ 1735 *(int *)data = fgetown(&tp->t_sigio); 1736 return (0); 1737 case TIOCGETA: 1738 /* Obtain terminal flags through tcgetattr(). */ 1739 *(struct termios*)data = tp->t_termios; 1740 return (0); 1741 case TIOCSETA: 1742 case TIOCSETAW: 1743 case TIOCSETAF: { 1744 struct termios *t = data; 1745 bool canonicalize = false; 1746 1747 /* 1748 * Who makes up these funny rules? According to POSIX, 1749 * input baud rate is set equal to the output baud rate 1750 * when zero. 1751 */ 1752 if (t->c_ispeed == 0) 1753 t->c_ispeed = t->c_ospeed; 1754 1755 /* Discard any unsupported bits. */ 1756 t->c_iflag &= TTYSUP_IFLAG; 1757 t->c_oflag &= TTYSUP_OFLAG; 1758 t->c_lflag &= TTYSUP_LFLAG; 1759 t->c_cflag &= TTYSUP_CFLAG; 1760 1761 /* Set terminal flags through tcsetattr(). */ 1762 if (cmd == TIOCSETAW || cmd == TIOCSETAF) { 1763 error = tty_drain(tp, 0); 1764 if (error) 1765 return (error); 1766 if (cmd == TIOCSETAF) 1767 tty_flush(tp, FREAD); 1768 } 1769 1770 /* 1771 * Only call param() when the flags really change. 1772 */ 1773 if ((t->c_cflag & CIGNORE) == 0 && 1774 (tp->t_termios.c_cflag != t->c_cflag || 1775 ((tp->t_termios.c_iflag ^ t->c_iflag) & 1776 (IXON|IXOFF|IXANY)) || 1777 tp->t_termios.c_ispeed != t->c_ispeed || 1778 tp->t_termios.c_ospeed != t->c_ospeed)) { 1779 error = ttydevsw_param(tp, t); 1780 if (error) 1781 return (error); 1782 1783 /* XXX: CLOCAL? */ 1784 1785 tp->t_termios.c_cflag = t->c_cflag & ~CIGNORE; 1786 tp->t_termios.c_ispeed = t->c_ispeed; 1787 tp->t_termios.c_ospeed = t->c_ospeed; 1788 1789 /* Baud rate has changed - update watermarks. */ 1790 error = tty_watermarks(tp); 1791 if (error) 1792 return (error); 1793 } 1794 1795 /* 1796 * We'll canonicalize any partial input if we're transitioning 1797 * ICANON one way or the other. If we're going from -ICANON -> 1798 * ICANON, then in the worst case scenario we're in the middle 1799 * of a line but both ttydisc_read() and FIONREAD will search 1800 * for one of our line terminals. 1801 */ 1802 if ((t->c_lflag & ICANON) != (tp->t_termios.c_lflag & ICANON)) 1803 canonicalize = true; 1804 else if (tp->t_termios.c_cc[VEOF] != t->c_cc[VEOF] || 1805 tp->t_termios.c_cc[VEOL] != t->c_cc[VEOL]) 1806 canonicalize = true; 1807 1808 /* Copy new non-device driver parameters. */ 1809 tp->t_termios.c_iflag = t->c_iflag; 1810 tp->t_termios.c_oflag = t->c_oflag; 1811 tp->t_termios.c_lflag = t->c_lflag; 1812 memcpy(&tp->t_termios.c_cc, t->c_cc, sizeof t->c_cc); 1813 1814 ttydisc_optimize(tp); 1815 1816 if (canonicalize) 1817 ttydisc_canonicalize(tp); 1818 if ((t->c_lflag & ICANON) == 0) { 1819 /* 1820 * When in non-canonical mode, wake up all 1821 * readers. Any partial input has already been 1822 * canonicalized above if we were in canonical mode. 1823 * VMIN and VTIME could also be adjusted. 1824 */ 1825 tty_wakeup(tp, FREAD); 1826 } 1827 1828 /* 1829 * For packet mode: notify the PTY consumer that VSTOP 1830 * and VSTART may have been changed. 1831 */ 1832 if (tp->t_termios.c_iflag & IXON && 1833 tp->t_termios.c_cc[VSTOP] == CTRL('S') && 1834 tp->t_termios.c_cc[VSTART] == CTRL('Q')) 1835 ttydevsw_pktnotify(tp, TIOCPKT_DOSTOP); 1836 else 1837 ttydevsw_pktnotify(tp, TIOCPKT_NOSTOP); 1838 return (0); 1839 } 1840 case TIOCGETD: 1841 /* For compatibility - we only support TTYDISC. */ 1842 *(int *)data = TTYDISC; 1843 return (0); 1844 case TIOCGPGRP: 1845 if (!tty_is_ctty(tp, td->td_proc)) 1846 return (ENOTTY); 1847 1848 if (tp->t_pgrp != NULL) 1849 *(int *)data = tp->t_pgrp->pg_id; 1850 else 1851 *(int *)data = NO_PID; 1852 return (0); 1853 case TIOCGSID: 1854 if (!tty_is_ctty(tp, td->td_proc)) 1855 return (ENOTTY); 1856 1857 MPASS(tp->t_session); 1858 *(int *)data = tp->t_session->s_sid; 1859 return (0); 1860 case TIOCNOTTY: 1861 return (tty_drop_ctty(tp, td->td_proc)); 1862 case TIOCSCTTY: { 1863 struct proc *p = td->td_proc; 1864 1865 /* XXX: This looks awful. */ 1866 tty_unlock(tp); 1867 sx_xlock(&proctree_lock); 1868 tty_lock(tp); 1869 1870 if (!SESS_LEADER(p)) { 1871 /* Only the session leader may do this. */ 1872 sx_xunlock(&proctree_lock); 1873 return (EPERM); 1874 } 1875 1876 if (tp->t_session != NULL && tp->t_session == p->p_session) { 1877 /* This is already our controlling TTY. */ 1878 sx_xunlock(&proctree_lock); 1879 return (0); 1880 } 1881 1882 if (p->p_session->s_ttyp != NULL || 1883 (tp->t_session != NULL && tp->t_session->s_ttyvp != NULL && 1884 tp->t_session->s_ttyvp->v_type != VBAD)) { 1885 /* 1886 * There is already a relation between a TTY and 1887 * a session, or the caller is not the session 1888 * leader. 1889 * 1890 * Allow the TTY to be stolen when the vnode is 1891 * invalid, but the reference to the TTY is 1892 * still active. This allows immediate reuse of 1893 * TTYs of which the session leader has been 1894 * killed or the TTY revoked. 1895 */ 1896 sx_xunlock(&proctree_lock); 1897 return (EPERM); 1898 } 1899 1900 /* Connect the session to the TTY. */ 1901 tp->t_session = p->p_session; 1902 tp->t_session->s_ttyp = tp; 1903 tp->t_sessioncnt++; 1904 1905 /* Assign foreground process group. */ 1906 tp->t_pgrp = p->p_pgrp; 1907 PROC_LOCK(p); 1908 p->p_flag |= P_CONTROLT; 1909 PROC_UNLOCK(p); 1910 1911 sx_xunlock(&proctree_lock); 1912 return (0); 1913 } 1914 case TIOCSPGRP: { 1915 struct pgrp *pg; 1916 1917 /* 1918 * XXX: Temporarily unlock the TTY to locate the process 1919 * group. This code would be lot nicer if we would ever 1920 * decompose proctree_lock. 1921 */ 1922 tty_unlock(tp); 1923 sx_slock(&proctree_lock); 1924 pg = pgfind(*(int *)data); 1925 if (pg != NULL) 1926 PGRP_UNLOCK(pg); 1927 if (pg == NULL || pg->pg_session != td->td_proc->p_session) { 1928 sx_sunlock(&proctree_lock); 1929 tty_lock(tp); 1930 return (EPERM); 1931 } 1932 tty_lock(tp); 1933 1934 /* 1935 * Determine if this TTY is the controlling TTY after 1936 * relocking the TTY. 1937 */ 1938 if (!tty_is_ctty(tp, td->td_proc)) { 1939 sx_sunlock(&proctree_lock); 1940 return (ENOTTY); 1941 } 1942 tp->t_pgrp = pg; 1943 sx_sunlock(&proctree_lock); 1944 1945 /* Wake up the background process groups. */ 1946 cv_broadcast(&tp->t_bgwait); 1947 return (0); 1948 } 1949 case TIOCFLUSH: { 1950 int flags = *(int *)data; 1951 1952 if (flags == 0) 1953 flags = (FREAD|FWRITE); 1954 else 1955 flags &= (FREAD|FWRITE); 1956 tty_flush(tp, flags); 1957 return (0); 1958 } 1959 case TIOCDRAIN: 1960 /* Drain TTY output. */ 1961 return tty_drain(tp, 0); 1962 case TIOCGDRAINWAIT: 1963 *(int *)data = tp->t_drainwait; 1964 return (0); 1965 case TIOCSDRAINWAIT: 1966 error = priv_check(td, PRIV_TTY_DRAINWAIT); 1967 if (error == 0) 1968 tp->t_drainwait = *(int *)data; 1969 return (error); 1970 case TIOCCONS: 1971 /* Set terminal as console TTY. */ 1972 if (*(int *)data) { 1973 error = priv_check(td, PRIV_TTY_CONSOLE); 1974 if (error) 1975 return (error); 1976 error = constty_set(tp); 1977 } else { 1978 error = constty_clear(tp); 1979 } 1980 return (error); 1981 case TIOCGWINSZ: 1982 /* Obtain window size. */ 1983 *(struct winsize*)data = tp->t_winsize; 1984 return (0); 1985 case TIOCSWINSZ: 1986 /* Set window size. */ 1987 tty_set_winsize(tp, data); 1988 return (0); 1989 case TIOCEXCL: 1990 tp->t_flags |= TF_EXCLUDE; 1991 return (0); 1992 case TIOCNXCL: 1993 tp->t_flags &= ~TF_EXCLUDE; 1994 return (0); 1995 case TIOCSTOP: 1996 tp->t_flags |= TF_STOPPED; 1997 ttydevsw_pktnotify(tp, TIOCPKT_STOP); 1998 return (0); 1999 case TIOCSTART: 2000 tp->t_flags &= ~TF_STOPPED; 2001 tp->t_termios.c_lflag &= ~FLUSHO; 2002 ttydevsw_outwakeup(tp); 2003 ttydevsw_pktnotify(tp, TIOCPKT_START); 2004 return (0); 2005 case TIOCSTAT: 2006 tty_info(tp); 2007 return (0); 2008 case TIOCSTI: 2009 error = tty_sti_check(tp, fflag, td); 2010 if (error != 0) 2011 return (error); 2012 ttydisc_rint(tp, *(char *)data, 0); 2013 ttydisc_rint_done(tp); 2014 return (0); 2015 } 2016 2017 #ifdef COMPAT_43TTY 2018 return tty_ioctl_compat(tp, cmd, data, fflag, td); 2019 #else /* !COMPAT_43TTY */ 2020 return (ENOIOCTL); 2021 #endif /* COMPAT_43TTY */ 2022 } 2023 2024 int 2025 tty_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, struct thread *td) 2026 { 2027 int error; 2028 2029 tty_assert_locked(tp); 2030 2031 if (tty_gone(tp)) 2032 return (ENXIO); 2033 2034 error = ttydevsw_ioctl(tp, cmd, data, td); 2035 if (error == ENOIOCTL) 2036 error = tty_generic_ioctl(tp, cmd, data, fflag, td); 2037 2038 return (error); 2039 } 2040 2041 dev_t 2042 tty_udev(struct tty *tp) 2043 { 2044 2045 if (tp->t_dev) 2046 return (dev2udev(tp->t_dev)); 2047 else 2048 return (NODEV); 2049 } 2050 2051 int 2052 tty_checkoutq(struct tty *tp) 2053 { 2054 2055 /* 256 bytes should be enough to print a log message. */ 2056 return (ttyoutq_bytesleft(&tp->t_outq) >= 256); 2057 } 2058 2059 void 2060 tty_hiwat_in_block(struct tty *tp) 2061 { 2062 2063 if ((tp->t_flags & TF_HIWAT_IN) == 0 && 2064 tp->t_termios.c_iflag & IXOFF && 2065 tp->t_termios.c_cc[VSTOP] != _POSIX_VDISABLE) { 2066 /* 2067 * Input flow control. Only enter the high watermark when we 2068 * can successfully store the VSTOP character. 2069 */ 2070 if (ttyoutq_write_nofrag(&tp->t_outq, 2071 &tp->t_termios.c_cc[VSTOP], 1) == 0) 2072 tp->t_flags |= TF_HIWAT_IN; 2073 } else { 2074 /* No input flow control. */ 2075 tp->t_flags |= TF_HIWAT_IN; 2076 } 2077 } 2078 2079 void 2080 tty_hiwat_in_unblock(struct tty *tp) 2081 { 2082 2083 if (tp->t_flags & TF_HIWAT_IN && 2084 tp->t_termios.c_iflag & IXOFF && 2085 tp->t_termios.c_cc[VSTART] != _POSIX_VDISABLE) { 2086 /* 2087 * Input flow control. Only leave the high watermark when we 2088 * can successfully store the VSTART character. 2089 */ 2090 if (ttyoutq_write_nofrag(&tp->t_outq, 2091 &tp->t_termios.c_cc[VSTART], 1) == 0) 2092 tp->t_flags &= ~TF_HIWAT_IN; 2093 } else { 2094 /* No input flow control. */ 2095 tp->t_flags &= ~TF_HIWAT_IN; 2096 } 2097 2098 if (!tty_gone(tp)) 2099 ttydevsw_inwakeup(tp); 2100 } 2101 2102 /* 2103 * TTY hooks interface. 2104 */ 2105 2106 static int 2107 ttyhook_defrint(struct tty *tp, char c, int flags) 2108 { 2109 2110 if (ttyhook_rint_bypass(tp, &c, 1) != 1) 2111 return (-1); 2112 2113 return (0); 2114 } 2115 2116 int 2117 ttyhook_register(struct tty **rtp, struct proc *p, int fd, struct ttyhook *th, 2118 void *softc) 2119 { 2120 struct tty *tp; 2121 struct file *fp; 2122 struct cdev *dev; 2123 struct cdevsw *cdp; 2124 struct filedesc *fdp; 2125 cap_rights_t rights; 2126 int error, ref; 2127 2128 /* Validate the file descriptor. */ 2129 /* 2130 * XXX this code inspects a file descriptor from a different process, 2131 * but there is no dedicated routine to do it in fd code, making the 2132 * ordeal highly questionable. 2133 */ 2134 fdp = p->p_fd; 2135 FILEDESC_SLOCK(fdp); 2136 error = fget_cap_noref(fdp, fd, cap_rights_init_one(&rights, CAP_TTYHOOK), 2137 &fp, NULL); 2138 if (error == 0 && !fhold(fp)) 2139 error = EBADF; 2140 FILEDESC_SUNLOCK(fdp); 2141 if (error != 0) 2142 return (error); 2143 if (fp->f_ops == &badfileops) { 2144 error = EBADF; 2145 goto done1; 2146 } 2147 2148 /* 2149 * Make sure the vnode is bound to a character device. 2150 * Unlocked check for the vnode type is ok there, because we 2151 * only shall prevent calling devvn_refthread on the file that 2152 * never has been opened over a character device. 2153 */ 2154 if (fp->f_type != DTYPE_VNODE || fp->f_vnode->v_type != VCHR) { 2155 error = EINVAL; 2156 goto done1; 2157 } 2158 2159 /* Make sure it is a TTY. */ 2160 cdp = devvn_refthread(fp->f_vnode, &dev, &ref); 2161 if (cdp == NULL) { 2162 error = ENXIO; 2163 goto done1; 2164 } 2165 if (dev != fp->f_data) { 2166 error = ENXIO; 2167 goto done2; 2168 } 2169 if (cdp != &ttydev_cdevsw) { 2170 error = ENOTTY; 2171 goto done2; 2172 } 2173 tp = dev->si_drv1; 2174 2175 /* Try to attach the hook to the TTY. */ 2176 error = EBUSY; 2177 tty_lock(tp); 2178 MPASS((tp->t_hook == NULL) == ((tp->t_flags & TF_HOOK) == 0)); 2179 if (tp->t_flags & TF_HOOK) 2180 goto done3; 2181 2182 tp->t_flags |= TF_HOOK; 2183 tp->t_hook = th; 2184 tp->t_hooksoftc = softc; 2185 *rtp = tp; 2186 error = 0; 2187 2188 /* Maybe we can switch into bypass mode now. */ 2189 ttydisc_optimize(tp); 2190 2191 /* Silently convert rint() calls to rint_bypass() when possible. */ 2192 if (!ttyhook_hashook(tp, rint) && ttyhook_hashook(tp, rint_bypass)) 2193 th->th_rint = ttyhook_defrint; 2194 2195 done3: tty_unlock(tp); 2196 done2: dev_relthread(dev, ref); 2197 done1: fdrop(fp, curthread); 2198 return (error); 2199 } 2200 2201 void 2202 ttyhook_unregister(struct tty *tp) 2203 { 2204 2205 tty_assert_locked(tp); 2206 MPASS(tp->t_flags & TF_HOOK); 2207 2208 /* Disconnect the hook. */ 2209 tp->t_flags &= ~TF_HOOK; 2210 tp->t_hook = NULL; 2211 2212 /* Maybe we need to leave bypass mode. */ 2213 ttydisc_optimize(tp); 2214 2215 /* Maybe deallocate the TTY as well. */ 2216 tty_rel_free(tp); 2217 } 2218 2219 /* 2220 * /dev/console handling. 2221 */ 2222 2223 static int 2224 ttyconsdev_open(struct cdev *dev, int oflags, int devtype, struct thread *td) 2225 { 2226 struct tty *tp; 2227 2228 /* System has no console device. */ 2229 if (dev_console_filename == NULL) 2230 return (ENXIO); 2231 2232 /* Look up corresponding TTY by device name. */ 2233 sx_slock(&tty_list_sx); 2234 TAILQ_FOREACH(tp, &tty_list, t_list) { 2235 if (strcmp(dev_console_filename, tty_devname(tp)) == 0) { 2236 dev_console->si_drv1 = tp; 2237 break; 2238 } 2239 } 2240 sx_sunlock(&tty_list_sx); 2241 2242 /* System console has no TTY associated. */ 2243 if (dev_console->si_drv1 == NULL) 2244 return (ENXIO); 2245 2246 return (ttydev_open(dev, oflags, devtype, td)); 2247 } 2248 2249 static int 2250 ttyconsdev_write(struct cdev *dev, struct uio *uio, int ioflag) 2251 { 2252 2253 log_console(uio); 2254 2255 return (ttydev_write(dev, uio, ioflag)); 2256 } 2257 2258 /* 2259 * /dev/console is a little different than normal TTY's. When opened, 2260 * it determines which TTY to use. When data gets written to it, it 2261 * will be logged in the kernel message buffer. 2262 */ 2263 static struct cdevsw ttyconsdev_cdevsw = { 2264 .d_version = D_VERSION, 2265 .d_open = ttyconsdev_open, 2266 .d_close = ttydev_close, 2267 .d_read = ttydev_read, 2268 .d_write = ttyconsdev_write, 2269 .d_ioctl = ttydev_ioctl, 2270 .d_kqfilter = ttydev_kqfilter, 2271 .d_poll = ttydev_poll, 2272 .d_mmap = ttydev_mmap, 2273 .d_name = "ttyconsdev", 2274 .d_flags = D_TTY, 2275 }; 2276 2277 static void 2278 ttyconsdev_init(void *unused __unused) 2279 { 2280 2281 dev_console = make_dev_credf(MAKEDEV_ETERNAL, &ttyconsdev_cdevsw, 0, 2282 NULL, UID_ROOT, GID_WHEEL, 0600, "console"); 2283 } 2284 2285 SYSINIT(tty, SI_SUB_DRIVERS, SI_ORDER_FIRST, ttyconsdev_init, NULL); 2286 2287 void 2288 ttyconsdev_select(const char *name) 2289 { 2290 2291 dev_console_filename = name; 2292 } 2293 2294 /* 2295 * Debugging routines. 2296 */ 2297 2298 #include "opt_ddb.h" 2299 #ifdef DDB 2300 #include <ddb/ddb.h> 2301 #include <ddb/db_sym.h> 2302 2303 static const struct { 2304 int flag; 2305 char val; 2306 } ttystates[] = { 2307 #if 0 2308 { TF_NOPREFIX, 'N' }, 2309 #endif 2310 { TF_INITLOCK, 'I' }, 2311 { TF_CALLOUT, 'C' }, 2312 2313 /* Keep these together -> 'Oi' and 'Oo'. */ 2314 { TF_OPENED, 'O' }, 2315 { TF_OPENED_IN, 'i' }, 2316 { TF_OPENED_OUT, 'o' }, 2317 { TF_OPENED_CONS, 'c' }, 2318 2319 { TF_GONE, 'G' }, 2320 { TF_OPENCLOSE, 'B' }, 2321 { TF_ASYNC, 'Y' }, 2322 { TF_LITERAL, 'L' }, 2323 2324 /* Keep these together -> 'Hi' and 'Ho'. */ 2325 { TF_HIWAT, 'H' }, 2326 { TF_HIWAT_IN, 'i' }, 2327 { TF_HIWAT_OUT, 'o' }, 2328 2329 { TF_STOPPED, 'S' }, 2330 { TF_EXCLUDE, 'X' }, 2331 { TF_BYPASS, 'l' }, 2332 { TF_ZOMBIE, 'Z' }, 2333 { TF_HOOK, 's' }, 2334 2335 /* Keep these together -> 'bi' and 'bo'. */ 2336 { TF_BUSY, 'b' }, 2337 { TF_BUSY_IN, 'i' }, 2338 { TF_BUSY_OUT, 'o' }, 2339 2340 { 0, '\0'}, 2341 }; 2342 2343 #define TTY_FLAG_BITS \ 2344 "\20\1NOPREFIX\2INITLOCK\3CALLOUT\4OPENED_IN" \ 2345 "\5OPENED_OUT\6OPENED_CONS\7GONE\10OPENCLOSE" \ 2346 "\11ASYNC\12LITERAL\13HIWAT_IN\14HIWAT_OUT" \ 2347 "\15STOPPED\16EXCLUDE\17BYPASS\20ZOMBIE" \ 2348 "\21HOOK\22BUSY_IN\23BUSY_OUT" 2349 2350 #define DB_PRINTSYM(name, addr) \ 2351 db_printf("%s " #name ": ", sep); \ 2352 db_printsym((db_addr_t) addr, DB_STGY_ANY); \ 2353 db_printf("\n"); 2354 2355 static void 2356 _db_show_devsw(const char *sep, const struct ttydevsw *tsw) 2357 { 2358 2359 db_printf("%sdevsw: ", sep); 2360 db_printsym((db_addr_t)tsw, DB_STGY_ANY); 2361 db_printf(" (%p)\n", tsw); 2362 DB_PRINTSYM(open, tsw->tsw_open); 2363 DB_PRINTSYM(close, tsw->tsw_close); 2364 DB_PRINTSYM(outwakeup, tsw->tsw_outwakeup); 2365 DB_PRINTSYM(inwakeup, tsw->tsw_inwakeup); 2366 DB_PRINTSYM(ioctl, tsw->tsw_ioctl); 2367 DB_PRINTSYM(param, tsw->tsw_param); 2368 DB_PRINTSYM(modem, tsw->tsw_modem); 2369 DB_PRINTSYM(mmap, tsw->tsw_mmap); 2370 DB_PRINTSYM(pktnotify, tsw->tsw_pktnotify); 2371 DB_PRINTSYM(free, tsw->tsw_free); 2372 } 2373 2374 static void 2375 _db_show_hooks(const char *sep, const struct ttyhook *th) 2376 { 2377 2378 db_printf("%shook: ", sep); 2379 db_printsym((db_addr_t)th, DB_STGY_ANY); 2380 db_printf(" (%p)\n", th); 2381 if (th == NULL) 2382 return; 2383 DB_PRINTSYM(rint, th->th_rint); 2384 DB_PRINTSYM(rint_bypass, th->th_rint_bypass); 2385 DB_PRINTSYM(rint_done, th->th_rint_done); 2386 DB_PRINTSYM(rint_poll, th->th_rint_poll); 2387 DB_PRINTSYM(getc_inject, th->th_getc_inject); 2388 DB_PRINTSYM(getc_capture, th->th_getc_capture); 2389 DB_PRINTSYM(getc_poll, th->th_getc_poll); 2390 DB_PRINTSYM(close, th->th_close); 2391 } 2392 2393 static void 2394 _db_show_termios(const char *name, const struct termios *t) 2395 { 2396 2397 db_printf("%s: iflag 0x%x oflag 0x%x cflag 0x%x " 2398 "lflag 0x%x ispeed %u ospeed %u\n", name, 2399 t->c_iflag, t->c_oflag, t->c_cflag, t->c_lflag, 2400 t->c_ispeed, t->c_ospeed); 2401 } 2402 2403 /* DDB command to show TTY statistics. */ 2404 DB_SHOW_COMMAND(tty, db_show_tty) 2405 { 2406 struct tty *tp; 2407 2408 if (!have_addr) { 2409 db_printf("usage: show tty <addr>\n"); 2410 return; 2411 } 2412 tp = (struct tty *)addr; 2413 2414 db_printf("%p: %s\n", tp, tty_devname(tp)); 2415 db_printf("\tmtx: %p\n", tp->t_mtx); 2416 db_printf("\tflags: 0x%b\n", tp->t_flags, TTY_FLAG_BITS); 2417 db_printf("\trevokecnt: %u\n", tp->t_revokecnt); 2418 2419 /* Buffering mechanisms. */ 2420 db_printf("\tinq: %p begin %u linestart %u reprint %u end %u " 2421 "nblocks %u quota %u\n", &tp->t_inq, tp->t_inq.ti_begin, 2422 tp->t_inq.ti_linestart, tp->t_inq.ti_reprint, tp->t_inq.ti_end, 2423 tp->t_inq.ti_nblocks, tp->t_inq.ti_quota); 2424 db_printf("\toutq: %p begin %u end %u nblocks %u quota %u\n", 2425 &tp->t_outq, tp->t_outq.to_begin, tp->t_outq.to_end, 2426 tp->t_outq.to_nblocks, tp->t_outq.to_quota); 2427 db_printf("\tinlow: %zu\n", tp->t_inlow); 2428 db_printf("\toutlow: %zu\n", tp->t_outlow); 2429 _db_show_termios("\ttermios", &tp->t_termios); 2430 db_printf("\twinsize: row %u col %u xpixel %u ypixel %u\n", 2431 tp->t_winsize.ws_row, tp->t_winsize.ws_col, 2432 tp->t_winsize.ws_xpixel, tp->t_winsize.ws_ypixel); 2433 db_printf("\tcolumn: %u\n", tp->t_column); 2434 db_printf("\twritepos: %u\n", tp->t_writepos); 2435 db_printf("\tcompatflags: 0x%x\n", tp->t_compatflags); 2436 2437 /* Init/lock-state devices. */ 2438 _db_show_termios("\ttermios_init_in", &tp->t_termios_init_in); 2439 _db_show_termios("\ttermios_init_out", &tp->t_termios_init_out); 2440 _db_show_termios("\ttermios_lock_in", &tp->t_termios_lock_in); 2441 _db_show_termios("\ttermios_lock_out", &tp->t_termios_lock_out); 2442 2443 /* Hooks */ 2444 _db_show_devsw("\t", tp->t_devsw); 2445 _db_show_hooks("\t", tp->t_hook); 2446 2447 /* Process info. */ 2448 db_printf("\tpgrp: %p gid %d\n", tp->t_pgrp, 2449 tp->t_pgrp ? tp->t_pgrp->pg_id : 0); 2450 db_printf("\tsession: %p", tp->t_session); 2451 if (tp->t_session != NULL) 2452 db_printf(" count %u leader %p tty %p sid %d login %s", 2453 tp->t_session->s_count, tp->t_session->s_leader, 2454 tp->t_session->s_ttyp, tp->t_session->s_sid, 2455 tp->t_session->s_login); 2456 db_printf("\n"); 2457 db_printf("\tsessioncnt: %u\n", tp->t_sessioncnt); 2458 db_printf("\tdevswsoftc: %p\n", tp->t_devswsoftc); 2459 db_printf("\thooksoftc: %p\n", tp->t_hooksoftc); 2460 db_printf("\tdev: %p\n", tp->t_dev); 2461 } 2462 2463 /* DDB command to list TTYs. */ 2464 DB_SHOW_ALL_COMMAND(ttys, db_show_all_ttys) 2465 { 2466 struct tty *tp; 2467 size_t isiz, osiz; 2468 int i, j; 2469 2470 /* Make the output look like `pstat -t'. */ 2471 db_printf("PTR "); 2472 #if defined(__LP64__) 2473 db_printf(" "); 2474 #endif 2475 db_printf(" LINE INQ CAN LIN LOW OUTQ USE LOW " 2476 "COL SESS PGID STATE\n"); 2477 2478 TAILQ_FOREACH(tp, &tty_list, t_list) { 2479 isiz = tp->t_inq.ti_nblocks * TTYINQ_DATASIZE; 2480 osiz = tp->t_outq.to_nblocks * TTYOUTQ_DATASIZE; 2481 2482 db_printf("%p %10s %5zu %4u %4u %4zu %5zu %4u %4zu %5u %5d " 2483 "%5d ", tp, tty_devname(tp), isiz, 2484 tp->t_inq.ti_linestart - tp->t_inq.ti_begin, 2485 tp->t_inq.ti_end - tp->t_inq.ti_linestart, 2486 isiz - tp->t_inlow, osiz, 2487 tp->t_outq.to_end - tp->t_outq.to_begin, 2488 osiz - tp->t_outlow, MIN(tp->t_column, 99999), 2489 tp->t_session ? tp->t_session->s_sid : 0, 2490 tp->t_pgrp ? tp->t_pgrp->pg_id : 0); 2491 2492 /* Flag bits. */ 2493 for (i = j = 0; ttystates[i].flag; i++) 2494 if (tp->t_flags & ttystates[i].flag) { 2495 db_printf("%c", ttystates[i].val); 2496 j++; 2497 } 2498 if (j == 0) 2499 db_printf("-"); 2500 db_printf("\n"); 2501 } 2502 } 2503 #endif /* DDB */ 2504