1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2008 Ed Schouten <ed@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Portions of this software were developed under sponsorship from Snow 8 * B.V., the Netherlands. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #include "opt_capsicum.h" 34 #include "opt_printf.h" 35 36 #include <sys/param.h> 37 #include <sys/capsicum.h> 38 #include <sys/conf.h> 39 #include <sys/cons.h> 40 #include <sys/fcntl.h> 41 #include <sys/file.h> 42 #include <sys/filedesc.h> 43 #include <sys/filio.h> 44 #ifdef COMPAT_43TTY 45 #include <sys/ioctl_compat.h> 46 #endif /* COMPAT_43TTY */ 47 #include <sys/jail.h> 48 #include <sys/kernel.h> 49 #include <sys/limits.h> 50 #include <sys/malloc.h> 51 #include <sys/mount.h> 52 #include <sys/poll.h> 53 #include <sys/priv.h> 54 #include <sys/proc.h> 55 #include <sys/serial.h> 56 #include <sys/signal.h> 57 #include <sys/stat.h> 58 #include <sys/sx.h> 59 #include <sys/sysctl.h> 60 #include <sys/systm.h> 61 #include <sys/tty.h> 62 #include <sys/ttycom.h> 63 #define TTYDEFCHARS 64 #include <sys/ttydefaults.h> 65 #undef TTYDEFCHARS 66 #include <sys/ucred.h> 67 #include <sys/vnode.h> 68 69 #include <fs/devfs/devfs.h> 70 71 #include <machine/stdarg.h> 72 73 static MALLOC_DEFINE(M_TTY, "tty", "tty device"); 74 75 static void tty_rel_free(struct tty *tp); 76 77 static TAILQ_HEAD(, tty) tty_list = TAILQ_HEAD_INITIALIZER(tty_list); 78 static struct sx tty_list_sx; 79 SX_SYSINIT(tty_list, &tty_list_sx, "tty list"); 80 static unsigned int tty_list_count = 0; 81 82 /* Character device of /dev/console. */ 83 static struct cdev *dev_console; 84 static const char *dev_console_filename; 85 86 /* 87 * Flags that are supported and stored by this implementation. 88 */ 89 #define TTYSUP_IFLAG (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK|ISTRIP|INLCR|\ 90 IGNCR|ICRNL|IXON|IXOFF|IXANY|IMAXBEL|IUTF8) 91 #define TTYSUP_OFLAG (OPOST|ONLCR|TAB3|ONOEOT|OCRNL|ONOCR|ONLRET) 92 #define TTYSUP_LFLAG (ECHOKE|ECHOE|ECHOK|ECHO|ECHONL|ECHOPRT|\ 93 ECHOCTL|ISIG|ICANON|ALTWERASE|IEXTEN|TOSTOP|\ 94 FLUSHO|NOKERNINFO|NOFLSH) 95 #define TTYSUP_CFLAG (CIGNORE|CSIZE|CSTOPB|CREAD|PARENB|PARODD|\ 96 HUPCL|CLOCAL|CCTS_OFLOW|CRTS_IFLOW|CDTR_IFLOW|\ 97 CDSR_OFLOW|CCAR_OFLOW|CNO_RTSDTR) 98 99 #define TTY_CALLOUT(tp,d) (dev2unit(d) & TTYUNIT_CALLOUT) 100 101 static int tty_drainwait = 5 * 60; 102 SYSCTL_INT(_kern, OID_AUTO, tty_drainwait, CTLFLAG_RWTUN, 103 &tty_drainwait, 0, "Default output drain timeout in seconds"); 104 105 /* 106 * Set TTY buffer sizes. 107 */ 108 109 #define TTYBUF_MAX 65536 110 111 #ifdef PRINTF_BUFR_SIZE 112 #define TTY_PRBUF_SIZE PRINTF_BUFR_SIZE 113 #else 114 #define TTY_PRBUF_SIZE 256 115 #endif 116 117 /* 118 * Allocate buffer space if necessary, and set low watermarks, based on speed. 119 * Note that the ttyxxxq_setsize() functions may drop and then reacquire the tty 120 * lock during memory allocation. They will return ENXIO if the tty disappears 121 * while unlocked. 122 */ 123 static int 124 tty_watermarks(struct tty *tp) 125 { 126 size_t bs = 0; 127 int error; 128 129 /* Provide an input buffer for 2 seconds of data. */ 130 if (tp->t_termios.c_cflag & CREAD) 131 bs = MIN(tp->t_termios.c_ispeed / 5, TTYBUF_MAX); 132 error = ttyinq_setsize(&tp->t_inq, tp, bs); 133 if (error != 0) 134 return (error); 135 136 /* Set low watermark at 10% (when 90% is available). */ 137 tp->t_inlow = (ttyinq_getallocatedsize(&tp->t_inq) * 9) / 10; 138 139 /* Provide an output buffer for 2 seconds of data. */ 140 bs = MIN(tp->t_termios.c_ospeed / 5, TTYBUF_MAX); 141 error = ttyoutq_setsize(&tp->t_outq, tp, bs); 142 if (error != 0) 143 return (error); 144 145 /* Set low watermark at 10% (when 90% is available). */ 146 tp->t_outlow = (ttyoutq_getallocatedsize(&tp->t_outq) * 9) / 10; 147 148 return (0); 149 } 150 151 static int 152 tty_drain(struct tty *tp, int leaving) 153 { 154 sbintime_t timeout_at; 155 size_t bytes; 156 int error; 157 158 if (ttyhook_hashook(tp, getc_inject)) 159 /* buffer is inaccessible */ 160 return (0); 161 162 /* 163 * For close(), use the recent historic timeout of "1 second without 164 * making progress". For tcdrain(), use t_drainwait as the timeout, 165 * with zero meaning "no timeout" which gives POSIX behavior. 166 */ 167 if (leaving) 168 timeout_at = getsbinuptime() + SBT_1S; 169 else if (tp->t_drainwait != 0) 170 timeout_at = getsbinuptime() + SBT_1S * tp->t_drainwait; 171 else 172 timeout_at = 0; 173 174 /* 175 * Poll the output buffer and the hardware for completion, at 10 Hz. 176 * Polling is required for devices which are not able to signal an 177 * interrupt when the transmitter becomes idle (most USB serial devs). 178 * The unusual structure of this loop ensures we check for busy one more 179 * time after tty_timedwait() returns EWOULDBLOCK, so that success has 180 * higher priority than timeout if the IO completed in the last 100mS. 181 */ 182 error = 0; 183 bytes = ttyoutq_bytesused(&tp->t_outq); 184 for (;;) { 185 if (ttyoutq_bytesused(&tp->t_outq) == 0 && !ttydevsw_busy(tp)) 186 return (0); 187 if (error != 0) 188 return (error); 189 ttydevsw_outwakeup(tp); 190 error = tty_timedwait(tp, &tp->t_outwait, hz / 10); 191 if (error != 0 && error != EWOULDBLOCK) 192 return (error); 193 else if (timeout_at == 0 || getsbinuptime() < timeout_at) 194 error = 0; 195 else if (leaving && ttyoutq_bytesused(&tp->t_outq) < bytes) { 196 /* In close, making progress, grant an extra second. */ 197 error = 0; 198 timeout_at += SBT_1S; 199 bytes = ttyoutq_bytesused(&tp->t_outq); 200 } 201 } 202 } 203 204 /* 205 * Though ttydev_enter() and ttydev_leave() seem to be related, they 206 * don't have to be used together. ttydev_enter() is used by the cdev 207 * operations to prevent an actual operation from being processed when 208 * the TTY has been abandoned. ttydev_leave() is used by ttydev_open() 209 * and ttydev_close() to determine whether per-TTY data should be 210 * deallocated. 211 */ 212 213 static __inline int 214 ttydev_enter(struct tty *tp) 215 { 216 217 tty_lock(tp); 218 219 if (tty_gone(tp) || !tty_opened(tp)) { 220 /* Device is already gone. */ 221 tty_unlock(tp); 222 return (ENXIO); 223 } 224 225 return (0); 226 } 227 228 static void 229 ttydev_leave(struct tty *tp) 230 { 231 232 tty_assert_locked(tp); 233 234 if (tty_opened(tp) || tp->t_flags & TF_OPENCLOSE) { 235 /* Device is still opened somewhere. */ 236 tty_unlock(tp); 237 return; 238 } 239 240 tp->t_flags |= TF_OPENCLOSE; 241 242 /* Remove console TTY. */ 243 constty_clear(tp); 244 245 /* Drain any output. */ 246 if (!tty_gone(tp)) 247 tty_drain(tp, 1); 248 249 ttydisc_close(tp); 250 251 /* Free i/o queues now since they might be large. */ 252 ttyinq_free(&tp->t_inq); 253 tp->t_inlow = 0; 254 ttyoutq_free(&tp->t_outq); 255 tp->t_outlow = 0; 256 257 if (!tty_gone(tp)) 258 ttydevsw_close(tp); 259 260 tp->t_flags &= ~TF_OPENCLOSE; 261 cv_broadcast(&tp->t_dcdwait); 262 tty_rel_free(tp); 263 } 264 265 /* 266 * Operations that are exposed through the character device in /dev. 267 */ 268 static int 269 ttydev_open(struct cdev *dev, int oflags, int devtype __unused, 270 struct thread *td) 271 { 272 struct tty *tp; 273 int error; 274 275 tp = dev->si_drv1; 276 error = 0; 277 tty_lock(tp); 278 if (tty_gone(tp)) { 279 /* Device is already gone. */ 280 tty_unlock(tp); 281 return (ENXIO); 282 } 283 284 /* 285 * Block when other processes are currently opening or closing 286 * the TTY. 287 */ 288 while (tp->t_flags & TF_OPENCLOSE) { 289 error = tty_wait(tp, &tp->t_dcdwait); 290 if (error != 0) { 291 tty_unlock(tp); 292 return (error); 293 } 294 } 295 tp->t_flags |= TF_OPENCLOSE; 296 297 /* 298 * Make sure the "tty" and "cua" device cannot be opened at the 299 * same time. The console is a "tty" device. 300 */ 301 if (TTY_CALLOUT(tp, dev)) { 302 if (tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) { 303 error = EBUSY; 304 goto done; 305 } 306 } else { 307 if (tp->t_flags & TF_OPENED_OUT) { 308 error = EBUSY; 309 goto done; 310 } 311 } 312 313 if (tp->t_flags & TF_EXCLUDE && priv_check(td, PRIV_TTY_EXCLUSIVE)) { 314 error = EBUSY; 315 goto done; 316 } 317 318 if (!tty_opened(tp)) { 319 /* Set proper termios flags. */ 320 if (TTY_CALLOUT(tp, dev)) 321 tp->t_termios = tp->t_termios_init_out; 322 else 323 tp->t_termios = tp->t_termios_init_in; 324 ttydevsw_param(tp, &tp->t_termios); 325 /* Prevent modem control on callout devices and /dev/console. */ 326 if (TTY_CALLOUT(tp, dev) || dev == dev_console) 327 tp->t_termios.c_cflag |= CLOCAL; 328 329 if ((tp->t_termios.c_cflag & CNO_RTSDTR) == 0) 330 ttydevsw_modem(tp, SER_DTR|SER_RTS, 0); 331 332 error = ttydevsw_open(tp); 333 if (error != 0) 334 goto done; 335 336 ttydisc_open(tp); 337 error = tty_watermarks(tp); 338 if (error != 0) 339 goto done; 340 } 341 342 /* Wait for Carrier Detect. */ 343 if ((oflags & O_NONBLOCK) == 0 && 344 (tp->t_termios.c_cflag & CLOCAL) == 0) { 345 while ((ttydevsw_modem(tp, 0, 0) & SER_DCD) == 0) { 346 error = tty_wait(tp, &tp->t_dcdwait); 347 if (error != 0) 348 goto done; 349 } 350 } 351 352 if (dev == dev_console) 353 tp->t_flags |= TF_OPENED_CONS; 354 else if (TTY_CALLOUT(tp, dev)) 355 tp->t_flags |= TF_OPENED_OUT; 356 else 357 tp->t_flags |= TF_OPENED_IN; 358 MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 || 359 (tp->t_flags & TF_OPENED_OUT) == 0); 360 361 done: tp->t_flags &= ~TF_OPENCLOSE; 362 cv_broadcast(&tp->t_dcdwait); 363 ttydev_leave(tp); 364 365 return (error); 366 } 367 368 static int 369 ttydev_close(struct cdev *dev, int fflag, int devtype __unused, 370 struct thread *td) 371 { 372 struct tty *tp = dev->si_drv1; 373 374 tty_lock(tp); 375 376 /* 377 * Don't actually close the device if it is being used as the 378 * console. 379 */ 380 MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 || 381 (tp->t_flags & TF_OPENED_OUT) == 0); 382 if (dev == dev_console) 383 tp->t_flags &= ~TF_OPENED_CONS; 384 else 385 tp->t_flags &= ~(TF_OPENED_IN|TF_OPENED_OUT); 386 387 if (tp->t_flags & TF_OPENED) { 388 tty_unlock(tp); 389 return (0); 390 } 391 392 /* If revoking, flush output now to avoid draining it later. */ 393 if ((fflag & FREVOKE) != 0) { 394 tty_flush(tp, FWRITE); 395 knlist_delete(&tp->t_inpoll.si_note, td, 1); 396 knlist_delete(&tp->t_outpoll.si_note, td, 1); 397 } 398 399 tp->t_flags &= ~TF_EXCLUDE; 400 401 /* Properly wake up threads that are stuck - revoke(). */ 402 tp->t_revokecnt++; 403 tty_wakeup(tp, FREAD|FWRITE); 404 cv_broadcast(&tp->t_bgwait); 405 cv_broadcast(&tp->t_dcdwait); 406 407 ttydev_leave(tp); 408 409 return (0); 410 } 411 412 static __inline int 413 tty_is_ctty(struct tty *tp, struct proc *p) 414 { 415 416 tty_assert_locked(tp); 417 418 return (p->p_session == tp->t_session && p->p_flag & P_CONTROLT); 419 } 420 421 int 422 tty_wait_background(struct tty *tp, struct thread *td, int sig) 423 { 424 struct proc *p; 425 struct pgrp *pg; 426 ksiginfo_t ksi; 427 int error; 428 429 MPASS(sig == SIGTTIN || sig == SIGTTOU); 430 tty_assert_locked(tp); 431 432 p = td->td_proc; 433 for (;;) { 434 pg = p->p_pgrp; 435 PGRP_LOCK(pg); 436 PROC_LOCK(p); 437 438 /* 439 * pg may no longer be our process group. 440 * Re-check after locking. 441 */ 442 if (p->p_pgrp != pg) { 443 PROC_UNLOCK(p); 444 PGRP_UNLOCK(pg); 445 continue; 446 } 447 448 /* 449 * The process should only sleep, when: 450 * - This terminal is the controlling terminal 451 * - Its process group is not the foreground process 452 * group 453 * - The parent process isn't waiting for the child to 454 * exit 455 * - the signal to send to the process isn't masked 456 */ 457 if (!tty_is_ctty(tp, p) || p->p_pgrp == tp->t_pgrp) { 458 /* Allow the action to happen. */ 459 PROC_UNLOCK(p); 460 PGRP_UNLOCK(pg); 461 return (0); 462 } 463 464 if (SIGISMEMBER(p->p_sigacts->ps_sigignore, sig) || 465 SIGISMEMBER(td->td_sigmask, sig)) { 466 /* Only allow them in write()/ioctl(). */ 467 PROC_UNLOCK(p); 468 PGRP_UNLOCK(pg); 469 return (sig == SIGTTOU ? 0 : EIO); 470 } 471 472 if ((p->p_flag & P_PPWAIT) != 0 || 473 (pg->pg_flags & PGRP_ORPHANED) != 0) { 474 /* Don't allow the action to happen. */ 475 PROC_UNLOCK(p); 476 PGRP_UNLOCK(pg); 477 return (EIO); 478 } 479 PROC_UNLOCK(p); 480 481 /* 482 * Send the signal and sleep until we're the new 483 * foreground process group. 484 */ 485 if (sig != 0) { 486 ksiginfo_init(&ksi); 487 ksi.ksi_code = SI_KERNEL; 488 ksi.ksi_signo = sig; 489 sig = 0; 490 } 491 492 pgsignal(pg, ksi.ksi_signo, 1, &ksi); 493 PGRP_UNLOCK(pg); 494 495 error = tty_wait(tp, &tp->t_bgwait); 496 if (error) 497 return (error); 498 } 499 } 500 501 static int 502 ttydev_read(struct cdev *dev, struct uio *uio, int ioflag) 503 { 504 struct tty *tp = dev->si_drv1; 505 int error; 506 507 error = ttydev_enter(tp); 508 if (error) 509 goto done; 510 error = ttydisc_read(tp, uio, ioflag); 511 tty_unlock(tp); 512 513 /* 514 * The read() call should not throw an error when the device is 515 * being destroyed. Silently convert it to an EOF. 516 */ 517 done: if (error == ENXIO) 518 error = 0; 519 return (error); 520 } 521 522 static int 523 ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) 524 { 525 struct tty *tp = dev->si_drv1; 526 int defer, error; 527 528 error = ttydev_enter(tp); 529 if (error) 530 return (error); 531 532 if (tp->t_termios.c_lflag & TOSTOP) { 533 error = tty_wait_background(tp, curthread, SIGTTOU); 534 if (error) 535 goto done; 536 } 537 538 if (ioflag & IO_NDELAY && tp->t_flags & TF_BUSY_OUT) { 539 /* Allow non-blocking writes to bypass serialization. */ 540 error = ttydisc_write(tp, uio, ioflag); 541 } else { 542 /* Serialize write() calls. */ 543 while (tp->t_flags & TF_BUSY_OUT) { 544 error = tty_wait(tp, &tp->t_outserwait); 545 if (error) 546 goto done; 547 } 548 549 tp->t_flags |= TF_BUSY_OUT; 550 defer = sigdeferstop(SIGDEFERSTOP_ERESTART); 551 error = ttydisc_write(tp, uio, ioflag); 552 sigallowstop(defer); 553 tp->t_flags &= ~TF_BUSY_OUT; 554 cv_signal(&tp->t_outserwait); 555 } 556 557 done: tty_unlock(tp); 558 return (error); 559 } 560 561 static int 562 ttydev_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, 563 struct thread *td) 564 { 565 struct tty *tp = dev->si_drv1; 566 int error; 567 568 error = ttydev_enter(tp); 569 if (error) 570 return (error); 571 572 switch (cmd) { 573 case TIOCCBRK: 574 case TIOCCONS: 575 case TIOCDRAIN: 576 case TIOCEXCL: 577 case TIOCFLUSH: 578 case TIOCNXCL: 579 case TIOCSBRK: 580 case TIOCSCTTY: 581 case TIOCSETA: 582 case TIOCSETAF: 583 case TIOCSETAW: 584 case TIOCSPGRP: 585 case TIOCSTART: 586 case TIOCSTAT: 587 case TIOCSTI: 588 case TIOCSTOP: 589 case TIOCSWINSZ: 590 #if 0 591 case TIOCSDRAINWAIT: 592 case TIOCSETD: 593 #endif 594 #ifdef COMPAT_43TTY 595 case TIOCLBIC: 596 case TIOCLBIS: 597 case TIOCLSET: 598 case TIOCSETC: 599 case OTIOCSETD: 600 case TIOCSETN: 601 case TIOCSETP: 602 case TIOCSLTC: 603 #endif /* COMPAT_43TTY */ 604 /* 605 * If the ioctl() causes the TTY to be modified, let it 606 * wait in the background. 607 */ 608 error = tty_wait_background(tp, curthread, SIGTTOU); 609 if (error) 610 goto done; 611 } 612 613 if (cmd == TIOCSETA || cmd == TIOCSETAW || cmd == TIOCSETAF) { 614 struct termios *old = &tp->t_termios; 615 struct termios *new = (struct termios *)data; 616 struct termios *lock = TTY_CALLOUT(tp, dev) ? 617 &tp->t_termios_lock_out : &tp->t_termios_lock_in; 618 int cc; 619 620 /* 621 * Lock state devices. Just overwrite the values of the 622 * commands that are currently in use. 623 */ 624 new->c_iflag = (old->c_iflag & lock->c_iflag) | 625 (new->c_iflag & ~lock->c_iflag); 626 new->c_oflag = (old->c_oflag & lock->c_oflag) | 627 (new->c_oflag & ~lock->c_oflag); 628 new->c_cflag = (old->c_cflag & lock->c_cflag) | 629 (new->c_cflag & ~lock->c_cflag); 630 new->c_lflag = (old->c_lflag & lock->c_lflag) | 631 (new->c_lflag & ~lock->c_lflag); 632 for (cc = 0; cc < NCCS; ++cc) 633 if (lock->c_cc[cc]) 634 new->c_cc[cc] = old->c_cc[cc]; 635 if (lock->c_ispeed) 636 new->c_ispeed = old->c_ispeed; 637 if (lock->c_ospeed) 638 new->c_ospeed = old->c_ospeed; 639 } 640 641 error = tty_ioctl(tp, cmd, data, fflag, td); 642 done: tty_unlock(tp); 643 644 return (error); 645 } 646 647 static int 648 ttydev_poll(struct cdev *dev, int events, struct thread *td) 649 { 650 struct tty *tp = dev->si_drv1; 651 int error, revents = 0; 652 653 error = ttydev_enter(tp); 654 if (error) 655 return ((events & (POLLIN|POLLRDNORM)) | POLLHUP); 656 657 if (events & (POLLIN|POLLRDNORM)) { 658 /* See if we can read something. */ 659 if (ttydisc_read_poll(tp) > 0) 660 revents |= events & (POLLIN|POLLRDNORM); 661 } 662 663 if (tp->t_flags & TF_ZOMBIE) { 664 /* Hangup flag on zombie state. */ 665 revents |= POLLHUP; 666 } else if (events & (POLLOUT|POLLWRNORM)) { 667 /* See if we can write something. */ 668 if (ttydisc_write_poll(tp) > 0) 669 revents |= events & (POLLOUT|POLLWRNORM); 670 } 671 672 if (revents == 0) { 673 if (events & (POLLIN|POLLRDNORM)) 674 selrecord(td, &tp->t_inpoll); 675 if (events & (POLLOUT|POLLWRNORM)) 676 selrecord(td, &tp->t_outpoll); 677 } 678 679 tty_unlock(tp); 680 681 return (revents); 682 } 683 684 static int 685 ttydev_mmap(struct cdev *dev, vm_ooffset_t offset, vm_paddr_t *paddr, 686 int nprot, vm_memattr_t *memattr) 687 { 688 struct tty *tp = dev->si_drv1; 689 int error; 690 691 /* Handle mmap() through the driver. */ 692 693 error = ttydev_enter(tp); 694 if (error) 695 return (-1); 696 error = ttydevsw_mmap(tp, offset, paddr, nprot, memattr); 697 tty_unlock(tp); 698 699 return (error); 700 } 701 702 /* 703 * kqueue support. 704 */ 705 706 static void 707 tty_kqops_read_detach(struct knote *kn) 708 { 709 struct tty *tp = kn->kn_hook; 710 711 knlist_remove(&tp->t_inpoll.si_note, kn, 0); 712 } 713 714 static int 715 tty_kqops_read_event(struct knote *kn, long hint __unused) 716 { 717 struct tty *tp = kn->kn_hook; 718 719 tty_assert_locked(tp); 720 721 if (tty_gone(tp) || tp->t_flags & TF_ZOMBIE) { 722 kn->kn_flags |= EV_EOF; 723 return (1); 724 } else { 725 kn->kn_data = ttydisc_read_poll(tp); 726 return (kn->kn_data > 0); 727 } 728 } 729 730 static void 731 tty_kqops_write_detach(struct knote *kn) 732 { 733 struct tty *tp = kn->kn_hook; 734 735 knlist_remove(&tp->t_outpoll.si_note, kn, 0); 736 } 737 738 static int 739 tty_kqops_write_event(struct knote *kn, long hint __unused) 740 { 741 struct tty *tp = kn->kn_hook; 742 743 tty_assert_locked(tp); 744 745 if (tty_gone(tp)) { 746 kn->kn_flags |= EV_EOF; 747 return (1); 748 } else { 749 kn->kn_data = ttydisc_write_poll(tp); 750 return (kn->kn_data > 0); 751 } 752 } 753 754 static struct filterops tty_kqops_read = { 755 .f_isfd = 1, 756 .f_detach = tty_kqops_read_detach, 757 .f_event = tty_kqops_read_event, 758 }; 759 760 static struct filterops tty_kqops_write = { 761 .f_isfd = 1, 762 .f_detach = tty_kqops_write_detach, 763 .f_event = tty_kqops_write_event, 764 }; 765 766 static int 767 ttydev_kqfilter(struct cdev *dev, struct knote *kn) 768 { 769 struct tty *tp = dev->si_drv1; 770 int error; 771 772 error = ttydev_enter(tp); 773 if (error) 774 return (error); 775 776 switch (kn->kn_filter) { 777 case EVFILT_READ: 778 kn->kn_hook = tp; 779 kn->kn_fop = &tty_kqops_read; 780 knlist_add(&tp->t_inpoll.si_note, kn, 1); 781 break; 782 case EVFILT_WRITE: 783 kn->kn_hook = tp; 784 kn->kn_fop = &tty_kqops_write; 785 knlist_add(&tp->t_outpoll.si_note, kn, 1); 786 break; 787 default: 788 error = EINVAL; 789 break; 790 } 791 792 tty_unlock(tp); 793 return (error); 794 } 795 796 static struct cdevsw ttydev_cdevsw = { 797 .d_version = D_VERSION, 798 .d_open = ttydev_open, 799 .d_close = ttydev_close, 800 .d_read = ttydev_read, 801 .d_write = ttydev_write, 802 .d_ioctl = ttydev_ioctl, 803 .d_kqfilter = ttydev_kqfilter, 804 .d_poll = ttydev_poll, 805 .d_mmap = ttydev_mmap, 806 .d_name = "ttydev", 807 .d_flags = D_TTY, 808 }; 809 810 /* 811 * Init/lock-state devices 812 */ 813 814 static int 815 ttyil_open(struct cdev *dev, int oflags __unused, int devtype __unused, 816 struct thread *td) 817 { 818 struct tty *tp; 819 int error; 820 821 tp = dev->si_drv1; 822 error = 0; 823 tty_lock(tp); 824 if (tty_gone(tp)) 825 error = ENODEV; 826 tty_unlock(tp); 827 828 return (error); 829 } 830 831 static int 832 ttyil_close(struct cdev *dev __unused, int flag __unused, int mode __unused, 833 struct thread *td __unused) 834 { 835 836 return (0); 837 } 838 839 static int 840 ttyil_rdwr(struct cdev *dev __unused, struct uio *uio __unused, 841 int ioflag __unused) 842 { 843 844 return (ENODEV); 845 } 846 847 static int 848 ttyil_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, 849 struct thread *td) 850 { 851 struct tty *tp = dev->si_drv1; 852 int error; 853 854 tty_lock(tp); 855 if (tty_gone(tp)) { 856 error = ENODEV; 857 goto done; 858 } 859 860 error = ttydevsw_cioctl(tp, dev2unit(dev), cmd, data, td); 861 if (error != ENOIOCTL) 862 goto done; 863 error = 0; 864 865 switch (cmd) { 866 case TIOCGETA: 867 /* Obtain terminal flags through tcgetattr(). */ 868 *(struct termios*)data = *(struct termios*)dev->si_drv2; 869 break; 870 case TIOCSETA: 871 /* Set terminal flags through tcsetattr(). */ 872 error = priv_check(td, PRIV_TTY_SETA); 873 if (error) 874 break; 875 *(struct termios*)dev->si_drv2 = *(struct termios*)data; 876 break; 877 case TIOCGETD: 878 *(int *)data = TTYDISC; 879 break; 880 case TIOCGWINSZ: 881 bzero(data, sizeof(struct winsize)); 882 break; 883 default: 884 error = ENOTTY; 885 } 886 887 done: tty_unlock(tp); 888 return (error); 889 } 890 891 static struct cdevsw ttyil_cdevsw = { 892 .d_version = D_VERSION, 893 .d_open = ttyil_open, 894 .d_close = ttyil_close, 895 .d_read = ttyil_rdwr, 896 .d_write = ttyil_rdwr, 897 .d_ioctl = ttyil_ioctl, 898 .d_name = "ttyil", 899 .d_flags = D_TTY, 900 }; 901 902 static void 903 tty_init_termios(struct tty *tp) 904 { 905 struct termios *t = &tp->t_termios_init_in; 906 907 t->c_cflag = TTYDEF_CFLAG; 908 t->c_iflag = TTYDEF_IFLAG; 909 t->c_lflag = TTYDEF_LFLAG; 910 t->c_oflag = TTYDEF_OFLAG; 911 t->c_ispeed = TTYDEF_SPEED; 912 t->c_ospeed = TTYDEF_SPEED; 913 memcpy(&t->c_cc, ttydefchars, sizeof ttydefchars); 914 915 tp->t_termios_init_out = *t; 916 } 917 918 void 919 tty_init_console(struct tty *tp, speed_t s) 920 { 921 struct termios *ti = &tp->t_termios_init_in; 922 struct termios *to = &tp->t_termios_init_out; 923 924 if (s != 0) { 925 ti->c_ispeed = ti->c_ospeed = s; 926 to->c_ispeed = to->c_ospeed = s; 927 } 928 929 ti->c_cflag |= CLOCAL; 930 to->c_cflag |= CLOCAL; 931 } 932 933 /* 934 * Standard device routine implementations, mostly meant for 935 * pseudo-terminal device drivers. When a driver creates a new terminal 936 * device class, missing routines are patched. 937 */ 938 939 static int 940 ttydevsw_defopen(struct tty *tp __unused) 941 { 942 943 return (0); 944 } 945 946 static void 947 ttydevsw_defclose(struct tty *tp __unused) 948 { 949 950 } 951 952 static void 953 ttydevsw_defoutwakeup(struct tty *tp __unused) 954 { 955 956 panic("Terminal device has output, while not implemented"); 957 } 958 959 static void 960 ttydevsw_definwakeup(struct tty *tp __unused) 961 { 962 963 } 964 965 static int 966 ttydevsw_defioctl(struct tty *tp __unused, u_long cmd __unused, 967 caddr_t data __unused, struct thread *td __unused) 968 { 969 970 return (ENOIOCTL); 971 } 972 973 static int 974 ttydevsw_defcioctl(struct tty *tp __unused, int unit __unused, 975 u_long cmd __unused, caddr_t data __unused, struct thread *td __unused) 976 { 977 978 return (ENOIOCTL); 979 } 980 981 static int 982 ttydevsw_defparam(struct tty *tp __unused, struct termios *t) 983 { 984 985 /* 986 * Allow the baud rate to be adjusted for pseudo-devices, but at 987 * least restrict it to 115200 to prevent excessive buffer 988 * usage. Also disallow 0, to prevent foot shooting. 989 */ 990 if (t->c_ispeed < B50) 991 t->c_ispeed = B50; 992 else if (t->c_ispeed > B115200) 993 t->c_ispeed = B115200; 994 if (t->c_ospeed < B50) 995 t->c_ospeed = B50; 996 else if (t->c_ospeed > B115200) 997 t->c_ospeed = B115200; 998 t->c_cflag |= CREAD; 999 1000 return (0); 1001 } 1002 1003 static int 1004 ttydevsw_defmodem(struct tty *tp __unused, int sigon __unused, 1005 int sigoff __unused) 1006 { 1007 1008 /* Simulate a carrier to make the TTY layer happy. */ 1009 return (SER_DCD); 1010 } 1011 1012 static int 1013 ttydevsw_defmmap(struct tty *tp __unused, vm_ooffset_t offset __unused, 1014 vm_paddr_t *paddr __unused, int nprot __unused, 1015 vm_memattr_t *memattr __unused) 1016 { 1017 1018 return (-1); 1019 } 1020 1021 static void 1022 ttydevsw_defpktnotify(struct tty *tp __unused, char event __unused) 1023 { 1024 1025 } 1026 1027 static void 1028 ttydevsw_deffree(void *softc __unused) 1029 { 1030 1031 panic("Terminal device freed without a free-handler"); 1032 } 1033 1034 static bool 1035 ttydevsw_defbusy(struct tty *tp __unused) 1036 { 1037 1038 return (FALSE); 1039 } 1040 1041 /* 1042 * TTY allocation and deallocation. TTY devices can be deallocated when 1043 * the driver doesn't use it anymore, when the TTY isn't a session's 1044 * controlling TTY and when the device node isn't opened through devfs. 1045 */ 1046 1047 struct tty * 1048 tty_alloc(struct ttydevsw *tsw, void *sc) 1049 { 1050 1051 return (tty_alloc_mutex(tsw, sc, NULL)); 1052 } 1053 1054 struct tty * 1055 tty_alloc_mutex(struct ttydevsw *tsw, void *sc, struct mtx *mutex) 1056 { 1057 struct tty *tp; 1058 1059 /* Make sure the driver defines all routines. */ 1060 #define PATCH_FUNC(x) do { \ 1061 if (tsw->tsw_ ## x == NULL) \ 1062 tsw->tsw_ ## x = ttydevsw_def ## x; \ 1063 } while (0) 1064 PATCH_FUNC(open); 1065 PATCH_FUNC(close); 1066 PATCH_FUNC(outwakeup); 1067 PATCH_FUNC(inwakeup); 1068 PATCH_FUNC(ioctl); 1069 PATCH_FUNC(cioctl); 1070 PATCH_FUNC(param); 1071 PATCH_FUNC(modem); 1072 PATCH_FUNC(mmap); 1073 PATCH_FUNC(pktnotify); 1074 PATCH_FUNC(free); 1075 PATCH_FUNC(busy); 1076 #undef PATCH_FUNC 1077 1078 tp = malloc(sizeof(struct tty) + TTY_PRBUF_SIZE, M_TTY, 1079 M_WAITOK | M_ZERO); 1080 tp->t_prbufsz = TTY_PRBUF_SIZE; 1081 tp->t_devsw = tsw; 1082 tp->t_devswsoftc = sc; 1083 tp->t_flags = tsw->tsw_flags; 1084 tp->t_drainwait = tty_drainwait; 1085 1086 tty_init_termios(tp); 1087 1088 cv_init(&tp->t_inwait, "ttyin"); 1089 cv_init(&tp->t_outwait, "ttyout"); 1090 cv_init(&tp->t_outserwait, "ttyosr"); 1091 cv_init(&tp->t_bgwait, "ttybg"); 1092 cv_init(&tp->t_dcdwait, "ttydcd"); 1093 1094 /* Allow drivers to use a custom mutex to lock the TTY. */ 1095 if (mutex != NULL) { 1096 tp->t_mtx = mutex; 1097 } else { 1098 tp->t_mtx = &tp->t_mtxobj; 1099 mtx_init(&tp->t_mtxobj, "ttymtx", NULL, MTX_DEF); 1100 } 1101 1102 knlist_init_mtx(&tp->t_inpoll.si_note, tp->t_mtx); 1103 knlist_init_mtx(&tp->t_outpoll.si_note, tp->t_mtx); 1104 1105 return (tp); 1106 } 1107 1108 static void 1109 tty_dealloc(void *arg) 1110 { 1111 struct tty *tp = arg; 1112 1113 /* 1114 * ttyydev_leave() usually frees the i/o queues earlier, but it is 1115 * not always called between queue allocation and here. The queues 1116 * may be allocated by ioctls on a pty control device without the 1117 * corresponding pty slave device ever being open, or after it is 1118 * closed. 1119 */ 1120 ttyinq_free(&tp->t_inq); 1121 ttyoutq_free(&tp->t_outq); 1122 seldrain(&tp->t_inpoll); 1123 seldrain(&tp->t_outpoll); 1124 knlist_clear(&tp->t_inpoll.si_note, 0); 1125 knlist_clear(&tp->t_outpoll.si_note, 0); 1126 knlist_destroy(&tp->t_inpoll.si_note); 1127 knlist_destroy(&tp->t_outpoll.si_note); 1128 1129 cv_destroy(&tp->t_inwait); 1130 cv_destroy(&tp->t_outwait); 1131 cv_destroy(&tp->t_bgwait); 1132 cv_destroy(&tp->t_dcdwait); 1133 cv_destroy(&tp->t_outserwait); 1134 1135 if (tp->t_mtx == &tp->t_mtxobj) 1136 mtx_destroy(&tp->t_mtxobj); 1137 ttydevsw_free(tp); 1138 free(tp, M_TTY); 1139 } 1140 1141 static void 1142 tty_rel_free(struct tty *tp) 1143 { 1144 struct cdev *dev; 1145 1146 tty_assert_locked(tp); 1147 1148 #define TF_ACTIVITY (TF_GONE|TF_OPENED|TF_HOOK|TF_OPENCLOSE) 1149 if (tp->t_sessioncnt != 0 || (tp->t_flags & TF_ACTIVITY) != TF_GONE) { 1150 /* TTY is still in use. */ 1151 tty_unlock(tp); 1152 return; 1153 } 1154 1155 /* Stop asynchronous I/O. */ 1156 funsetown(&tp->t_sigio); 1157 1158 /* TTY can be deallocated. */ 1159 dev = tp->t_dev; 1160 tp->t_dev = NULL; 1161 tty_unlock(tp); 1162 1163 if (dev != NULL) { 1164 sx_xlock(&tty_list_sx); 1165 TAILQ_REMOVE(&tty_list, tp, t_list); 1166 tty_list_count--; 1167 sx_xunlock(&tty_list_sx); 1168 destroy_dev_sched_cb(dev, tty_dealloc, tp); 1169 } 1170 } 1171 1172 void 1173 tty_rel_pgrp(struct tty *tp, struct pgrp *pg) 1174 { 1175 1176 MPASS(tp->t_sessioncnt > 0); 1177 tty_assert_locked(tp); 1178 1179 if (tp->t_pgrp == pg) 1180 tp->t_pgrp = NULL; 1181 1182 tty_unlock(tp); 1183 } 1184 1185 void 1186 tty_rel_sess(struct tty *tp, struct session *sess) 1187 { 1188 1189 MPASS(tp->t_sessioncnt > 0); 1190 1191 /* Current session has left. */ 1192 if (tp->t_session == sess) { 1193 tp->t_session = NULL; 1194 MPASS(tp->t_pgrp == NULL); 1195 } 1196 tp->t_sessioncnt--; 1197 tty_rel_free(tp); 1198 } 1199 1200 void 1201 tty_rel_gone(struct tty *tp) 1202 { 1203 1204 tty_assert_locked(tp); 1205 MPASS(!tty_gone(tp)); 1206 1207 /* Simulate carrier removal. */ 1208 ttydisc_modem(tp, 0); 1209 1210 /* Wake up all blocked threads. */ 1211 tty_wakeup(tp, FREAD|FWRITE); 1212 cv_broadcast(&tp->t_bgwait); 1213 cv_broadcast(&tp->t_dcdwait); 1214 1215 tp->t_flags |= TF_GONE; 1216 tty_rel_free(tp); 1217 } 1218 1219 static int 1220 tty_drop_ctty(struct tty *tp, struct proc *p) 1221 { 1222 struct session *session; 1223 struct vnode *vp; 1224 1225 /* 1226 * This looks terrible, but it's generally safe as long as the tty 1227 * hasn't gone away while we had the lock dropped. All of our sanity 1228 * checking that this operation is OK happens after we've picked it back 1229 * up, so other state changes are generally not fatal and the potential 1230 * for this particular operation to happen out-of-order in a 1231 * multithreaded scenario is likely a non-issue. 1232 */ 1233 tty_unlock(tp); 1234 sx_xlock(&proctree_lock); 1235 tty_lock(tp); 1236 if (tty_gone(tp)) { 1237 sx_xunlock(&proctree_lock); 1238 return (ENODEV); 1239 } 1240 1241 /* 1242 * If the session doesn't have a controlling TTY, or if we weren't 1243 * invoked on the controlling TTY, we'll return ENOIOCTL as we've 1244 * historically done. 1245 */ 1246 session = p->p_session; 1247 if (session->s_ttyp == NULL || session->s_ttyp != tp) { 1248 sx_xunlock(&proctree_lock); 1249 return (ENOTTY); 1250 } 1251 1252 if (!SESS_LEADER(p)) { 1253 sx_xunlock(&proctree_lock); 1254 return (EPERM); 1255 } 1256 1257 PROC_LOCK(p); 1258 SESS_LOCK(session); 1259 vp = session->s_ttyvp; 1260 session->s_ttyp = NULL; 1261 session->s_ttyvp = NULL; 1262 session->s_ttydp = NULL; 1263 SESS_UNLOCK(session); 1264 1265 tp->t_sessioncnt--; 1266 p->p_flag &= ~P_CONTROLT; 1267 PROC_UNLOCK(p); 1268 sx_xunlock(&proctree_lock); 1269 1270 /* 1271 * If we did have a vnode, release our reference. Ordinarily we manage 1272 * these at the devfs layer, but we can't necessarily know that we were 1273 * invoked on the vnode referenced in the session (i.e. the vnode we 1274 * hold a reference to). We explicitly don't check VBAD/VIRF_DOOMED here 1275 * to avoid a vnode leak -- in circumstances elsewhere where we'd hit a 1276 * VIRF_DOOMED vnode, release has been deferred until the controlling TTY 1277 * is either changed or released. 1278 */ 1279 if (vp != NULL) 1280 devfs_ctty_unref(vp); 1281 return (0); 1282 } 1283 1284 /* 1285 * Exposing information about current TTY's through sysctl 1286 */ 1287 1288 static void 1289 tty_to_xtty(struct tty *tp, struct xtty *xt) 1290 { 1291 1292 tty_assert_locked(tp); 1293 1294 memset(xt, 0, sizeof(*xt)); 1295 xt->xt_size = sizeof(struct xtty); 1296 xt->xt_insize = ttyinq_getsize(&tp->t_inq); 1297 xt->xt_incc = ttyinq_bytescanonicalized(&tp->t_inq); 1298 xt->xt_inlc = ttyinq_bytesline(&tp->t_inq); 1299 xt->xt_inlow = tp->t_inlow; 1300 xt->xt_outsize = ttyoutq_getsize(&tp->t_outq); 1301 xt->xt_outcc = ttyoutq_bytesused(&tp->t_outq); 1302 xt->xt_outlow = tp->t_outlow; 1303 xt->xt_column = tp->t_column; 1304 xt->xt_pgid = tp->t_pgrp ? tp->t_pgrp->pg_id : 0; 1305 xt->xt_sid = tp->t_session ? tp->t_session->s_sid : 0; 1306 xt->xt_flags = tp->t_flags; 1307 xt->xt_dev = tp->t_dev ? dev2udev(tp->t_dev) : (uint32_t)NODEV; 1308 } 1309 1310 static int 1311 sysctl_kern_ttys(SYSCTL_HANDLER_ARGS) 1312 { 1313 unsigned long lsize; 1314 struct thread *td = curthread; 1315 struct xtty *xtlist, *xt; 1316 struct tty *tp; 1317 struct proc *p; 1318 int cansee, error; 1319 1320 sx_slock(&tty_list_sx); 1321 lsize = tty_list_count * sizeof(struct xtty); 1322 if (lsize == 0) { 1323 sx_sunlock(&tty_list_sx); 1324 return (0); 1325 } 1326 1327 xtlist = xt = malloc(lsize, M_TTY, M_WAITOK); 1328 1329 TAILQ_FOREACH(tp, &tty_list, t_list) { 1330 tty_lock(tp); 1331 if (tp->t_session != NULL) { 1332 p = tp->t_session->s_leader; 1333 PROC_LOCK(p); 1334 cansee = (p_cansee(td, p) == 0); 1335 PROC_UNLOCK(p); 1336 } else { 1337 cansee = !jailed(td->td_ucred); 1338 } 1339 if (cansee) { 1340 tty_to_xtty(tp, xt); 1341 xt++; 1342 } 1343 tty_unlock(tp); 1344 } 1345 sx_sunlock(&tty_list_sx); 1346 1347 lsize = (xt - xtlist) * sizeof(struct xtty); 1348 if (lsize > 0) { 1349 error = SYSCTL_OUT(req, xtlist, lsize); 1350 } else { 1351 error = 0; 1352 } 1353 free(xtlist, M_TTY); 1354 return (error); 1355 } 1356 1357 SYSCTL_PROC(_kern, OID_AUTO, ttys, CTLTYPE_OPAQUE|CTLFLAG_RD|CTLFLAG_MPSAFE, 1358 0, 0, sysctl_kern_ttys, "S,xtty", "List of TTYs"); 1359 1360 /* 1361 * Device node creation. Device has been set up, now we can expose it to 1362 * the user. 1363 */ 1364 1365 int 1366 tty_makedevf(struct tty *tp, struct ucred *cred, int flags, 1367 const char *fmt, ...) 1368 { 1369 va_list ap; 1370 struct make_dev_args args; 1371 struct cdev *dev, *init, *lock, *cua, *cinit, *clock; 1372 const char *prefix = "tty"; 1373 char name[SPECNAMELEN - 3]; /* for "tty" and "cua". */ 1374 uid_t uid; 1375 gid_t gid; 1376 mode_t mode; 1377 int error; 1378 1379 /* Remove "tty" prefix from devices like PTY's. */ 1380 if (tp->t_flags & TF_NOPREFIX) 1381 prefix = ""; 1382 1383 va_start(ap, fmt); 1384 vsnrprintf(name, sizeof name, 32, fmt, ap); 1385 va_end(ap); 1386 1387 if (cred == NULL) { 1388 /* System device. */ 1389 uid = UID_ROOT; 1390 gid = GID_WHEEL; 1391 mode = S_IRUSR|S_IWUSR; 1392 } else { 1393 /* User device. */ 1394 uid = cred->cr_ruid; 1395 gid = GID_TTY; 1396 mode = S_IRUSR|S_IWUSR|S_IWGRP; 1397 } 1398 1399 flags = flags & TTYMK_CLONING ? MAKEDEV_REF : 0; 1400 flags |= MAKEDEV_CHECKNAME; 1401 1402 /* Master call-in device. */ 1403 make_dev_args_init(&args); 1404 args.mda_flags = flags; 1405 args.mda_devsw = &ttydev_cdevsw; 1406 args.mda_cr = cred; 1407 args.mda_uid = uid; 1408 args.mda_gid = gid; 1409 args.mda_mode = mode; 1410 args.mda_si_drv1 = tp; 1411 error = make_dev_s(&args, &dev, "%s%s", prefix, name); 1412 if (error != 0) 1413 return (error); 1414 tp->t_dev = dev; 1415 1416 init = lock = cua = cinit = clock = NULL; 1417 1418 /* Slave call-in devices. */ 1419 if (tp->t_flags & TF_INITLOCK) { 1420 args.mda_devsw = &ttyil_cdevsw; 1421 args.mda_unit = TTYUNIT_INIT; 1422 args.mda_si_drv1 = tp; 1423 args.mda_si_drv2 = &tp->t_termios_init_in; 1424 error = make_dev_s(&args, &init, "%s%s.init", prefix, name); 1425 if (error != 0) 1426 goto fail; 1427 dev_depends(dev, init); 1428 1429 args.mda_unit = TTYUNIT_LOCK; 1430 args.mda_si_drv2 = &tp->t_termios_lock_in; 1431 error = make_dev_s(&args, &lock, "%s%s.lock", prefix, name); 1432 if (error != 0) 1433 goto fail; 1434 dev_depends(dev, lock); 1435 } 1436 1437 /* Call-out devices. */ 1438 if (tp->t_flags & TF_CALLOUT) { 1439 make_dev_args_init(&args); 1440 args.mda_flags = flags; 1441 args.mda_devsw = &ttydev_cdevsw; 1442 args.mda_cr = cred; 1443 args.mda_uid = UID_UUCP; 1444 args.mda_gid = GID_DIALER; 1445 args.mda_mode = 0660; 1446 args.mda_unit = TTYUNIT_CALLOUT; 1447 args.mda_si_drv1 = tp; 1448 error = make_dev_s(&args, &cua, "cua%s", name); 1449 if (error != 0) 1450 goto fail; 1451 dev_depends(dev, cua); 1452 1453 /* Slave call-out devices. */ 1454 if (tp->t_flags & TF_INITLOCK) { 1455 args.mda_devsw = &ttyil_cdevsw; 1456 args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_INIT; 1457 args.mda_si_drv2 = &tp->t_termios_init_out; 1458 error = make_dev_s(&args, &cinit, "cua%s.init", name); 1459 if (error != 0) 1460 goto fail; 1461 dev_depends(dev, cinit); 1462 1463 args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_LOCK; 1464 args.mda_si_drv2 = &tp->t_termios_lock_out; 1465 error = make_dev_s(&args, &clock, "cua%s.lock", name); 1466 if (error != 0) 1467 goto fail; 1468 dev_depends(dev, clock); 1469 } 1470 } 1471 1472 sx_xlock(&tty_list_sx); 1473 TAILQ_INSERT_TAIL(&tty_list, tp, t_list); 1474 tty_list_count++; 1475 sx_xunlock(&tty_list_sx); 1476 1477 return (0); 1478 1479 fail: 1480 destroy_dev(dev); 1481 if (init) 1482 destroy_dev(init); 1483 if (lock) 1484 destroy_dev(lock); 1485 if (cinit) 1486 destroy_dev(cinit); 1487 if (clock) 1488 destroy_dev(clock); 1489 1490 return (error); 1491 } 1492 1493 /* 1494 * Signalling processes. 1495 */ 1496 1497 void 1498 tty_signal_sessleader(struct tty *tp, int sig) 1499 { 1500 struct proc *p; 1501 struct session *s; 1502 1503 tty_assert_locked(tp); 1504 MPASS(sig >= 1 && sig < NSIG); 1505 1506 /* Make signals start output again. */ 1507 tp->t_flags &= ~TF_STOPPED; 1508 tp->t_termios.c_lflag &= ~FLUSHO; 1509 1510 /* 1511 * Load s_leader exactly once to avoid race where s_leader is 1512 * set to NULL by a concurrent invocation of killjobc() by the 1513 * session leader. Note that we are not holding t_session's 1514 * lock for the read. 1515 */ 1516 if ((s = tp->t_session) != NULL && 1517 (p = atomic_load_ptr(&s->s_leader)) != NULL) { 1518 PROC_LOCK(p); 1519 kern_psignal(p, sig); 1520 PROC_UNLOCK(p); 1521 } 1522 } 1523 1524 void 1525 tty_signal_pgrp(struct tty *tp, int sig) 1526 { 1527 ksiginfo_t ksi; 1528 1529 tty_assert_locked(tp); 1530 MPASS(sig >= 1 && sig < NSIG); 1531 1532 /* Make signals start output again. */ 1533 tp->t_flags &= ~TF_STOPPED; 1534 tp->t_termios.c_lflag &= ~FLUSHO; 1535 1536 if (sig == SIGINFO && !(tp->t_termios.c_lflag & NOKERNINFO)) 1537 tty_info(tp); 1538 if (tp->t_pgrp != NULL) { 1539 ksiginfo_init(&ksi); 1540 ksi.ksi_signo = sig; 1541 ksi.ksi_code = SI_KERNEL; 1542 PGRP_LOCK(tp->t_pgrp); 1543 pgsignal(tp->t_pgrp, sig, 1, &ksi); 1544 PGRP_UNLOCK(tp->t_pgrp); 1545 } 1546 } 1547 1548 void 1549 tty_wakeup(struct tty *tp, int flags) 1550 { 1551 1552 if (tp->t_flags & TF_ASYNC && tp->t_sigio != NULL) 1553 pgsigio(&tp->t_sigio, SIGIO, (tp->t_session != NULL)); 1554 1555 if (flags & FWRITE) { 1556 cv_broadcast(&tp->t_outwait); 1557 selwakeup(&tp->t_outpoll); 1558 KNOTE_LOCKED(&tp->t_outpoll.si_note, 0); 1559 } 1560 if (flags & FREAD) { 1561 cv_broadcast(&tp->t_inwait); 1562 selwakeup(&tp->t_inpoll); 1563 KNOTE_LOCKED(&tp->t_inpoll.si_note, 0); 1564 } 1565 } 1566 1567 int 1568 tty_wait(struct tty *tp, struct cv *cv) 1569 { 1570 int error; 1571 int revokecnt = tp->t_revokecnt; 1572 1573 tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED); 1574 MPASS(!tty_gone(tp)); 1575 1576 error = cv_wait_sig(cv, tp->t_mtx); 1577 1578 /* Bail out when the device slipped away. */ 1579 if (tty_gone(tp)) 1580 return (ENXIO); 1581 1582 /* Restart the system call when we may have been revoked. */ 1583 if (tp->t_revokecnt != revokecnt) 1584 return (ERESTART); 1585 1586 return (error); 1587 } 1588 1589 int 1590 tty_timedwait(struct tty *tp, struct cv *cv, int hz) 1591 { 1592 int error; 1593 int revokecnt = tp->t_revokecnt; 1594 1595 tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED); 1596 MPASS(!tty_gone(tp)); 1597 1598 error = cv_timedwait_sig(cv, tp->t_mtx, hz); 1599 1600 /* Bail out when the device slipped away. */ 1601 if (tty_gone(tp)) 1602 return (ENXIO); 1603 1604 /* Restart the system call when we may have been revoked. */ 1605 if (tp->t_revokecnt != revokecnt) 1606 return (ERESTART); 1607 1608 return (error); 1609 } 1610 1611 void 1612 tty_flush(struct tty *tp, int flags) 1613 { 1614 1615 if (flags & FWRITE) { 1616 tp->t_flags &= ~TF_HIWAT_OUT; 1617 ttyoutq_flush(&tp->t_outq); 1618 tty_wakeup(tp, FWRITE); 1619 if (!tty_gone(tp)) { 1620 ttydevsw_outwakeup(tp); 1621 ttydevsw_pktnotify(tp, TIOCPKT_FLUSHWRITE); 1622 } 1623 } 1624 if (flags & FREAD) { 1625 tty_hiwat_in_unblock(tp); 1626 ttyinq_flush(&tp->t_inq); 1627 tty_wakeup(tp, FREAD); 1628 if (!tty_gone(tp)) { 1629 ttydevsw_inwakeup(tp); 1630 ttydevsw_pktnotify(tp, TIOCPKT_FLUSHREAD); 1631 } 1632 } 1633 } 1634 1635 void 1636 tty_set_winsize(struct tty *tp, const struct winsize *wsz) 1637 { 1638 1639 if (memcmp(&tp->t_winsize, wsz, sizeof(*wsz)) == 0) 1640 return; 1641 tp->t_winsize = *wsz; 1642 tty_signal_pgrp(tp, SIGWINCH); 1643 } 1644 1645 static int 1646 tty_generic_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, 1647 struct thread *td) 1648 { 1649 int error; 1650 1651 switch (cmd) { 1652 /* 1653 * Modem commands. 1654 * The SER_* and TIOCM_* flags are the same, but one bit 1655 * shifted. I don't know why. 1656 */ 1657 case TIOCSDTR: 1658 ttydevsw_modem(tp, SER_DTR, 0); 1659 return (0); 1660 case TIOCCDTR: 1661 ttydevsw_modem(tp, 0, SER_DTR); 1662 return (0); 1663 case TIOCMSET: { 1664 int bits = *(int *)data; 1665 ttydevsw_modem(tp, 1666 (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 1667 ((~bits) & (TIOCM_DTR | TIOCM_RTS)) >> 1); 1668 return (0); 1669 } 1670 case TIOCMBIS: { 1671 int bits = *(int *)data; 1672 ttydevsw_modem(tp, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 0); 1673 return (0); 1674 } 1675 case TIOCMBIC: { 1676 int bits = *(int *)data; 1677 ttydevsw_modem(tp, 0, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1); 1678 return (0); 1679 } 1680 case TIOCMGET: 1681 *(int *)data = TIOCM_LE + (ttydevsw_modem(tp, 0, 0) << 1); 1682 return (0); 1683 1684 case FIOASYNC: 1685 if (*(int *)data) 1686 tp->t_flags |= TF_ASYNC; 1687 else 1688 tp->t_flags &= ~TF_ASYNC; 1689 return (0); 1690 case FIONBIO: 1691 /* This device supports non-blocking operation. */ 1692 return (0); 1693 case FIONREAD: 1694 *(int *)data = ttydisc_bytesavail(tp); 1695 return (0); 1696 case FIONWRITE: 1697 case TIOCOUTQ: 1698 *(int *)data = ttyoutq_bytesused(&tp->t_outq); 1699 return (0); 1700 case FIOSETOWN: 1701 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc)) 1702 /* Not allowed to set ownership. */ 1703 return (ENOTTY); 1704 1705 /* Temporarily unlock the TTY to set ownership. */ 1706 tty_unlock(tp); 1707 error = fsetown(*(int *)data, &tp->t_sigio); 1708 tty_lock(tp); 1709 return (error); 1710 case FIOGETOWN: 1711 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc)) 1712 /* Not allowed to set ownership. */ 1713 return (ENOTTY); 1714 1715 /* Get ownership. */ 1716 *(int *)data = fgetown(&tp->t_sigio); 1717 return (0); 1718 case TIOCGETA: 1719 /* Obtain terminal flags through tcgetattr(). */ 1720 *(struct termios*)data = tp->t_termios; 1721 return (0); 1722 case TIOCSETA: 1723 case TIOCSETAW: 1724 case TIOCSETAF: { 1725 struct termios *t = data; 1726 bool canonicalize = false; 1727 1728 /* 1729 * Who makes up these funny rules? According to POSIX, 1730 * input baud rate is set equal to the output baud rate 1731 * when zero. 1732 */ 1733 if (t->c_ispeed == 0) 1734 t->c_ispeed = t->c_ospeed; 1735 1736 /* Discard any unsupported bits. */ 1737 t->c_iflag &= TTYSUP_IFLAG; 1738 t->c_oflag &= TTYSUP_OFLAG; 1739 t->c_lflag &= TTYSUP_LFLAG; 1740 t->c_cflag &= TTYSUP_CFLAG; 1741 1742 /* Set terminal flags through tcsetattr(). */ 1743 if (cmd == TIOCSETAW || cmd == TIOCSETAF) { 1744 error = tty_drain(tp, 0); 1745 if (error) 1746 return (error); 1747 if (cmd == TIOCSETAF) 1748 tty_flush(tp, FREAD); 1749 } 1750 1751 /* 1752 * Only call param() when the flags really change. 1753 */ 1754 if ((t->c_cflag & CIGNORE) == 0 && 1755 (tp->t_termios.c_cflag != t->c_cflag || 1756 ((tp->t_termios.c_iflag ^ t->c_iflag) & 1757 (IXON|IXOFF|IXANY)) || 1758 tp->t_termios.c_ispeed != t->c_ispeed || 1759 tp->t_termios.c_ospeed != t->c_ospeed)) { 1760 error = ttydevsw_param(tp, t); 1761 if (error) 1762 return (error); 1763 1764 /* XXX: CLOCAL? */ 1765 1766 tp->t_termios.c_cflag = t->c_cflag & ~CIGNORE; 1767 tp->t_termios.c_ispeed = t->c_ispeed; 1768 tp->t_termios.c_ospeed = t->c_ospeed; 1769 1770 /* Baud rate has changed - update watermarks. */ 1771 error = tty_watermarks(tp); 1772 if (error) 1773 return (error); 1774 } 1775 1776 /* 1777 * We'll canonicalize any partial input if we're transitioning 1778 * ICANON one way or the other. If we're going from -ICANON -> 1779 * ICANON, then in the worst case scenario we're in the middle 1780 * of a line but both ttydisc_read() and FIONREAD will search 1781 * for one of our line terminals. 1782 */ 1783 if ((t->c_lflag & ICANON) != (tp->t_termios.c_lflag & ICANON)) 1784 canonicalize = true; 1785 else if (tp->t_termios.c_cc[VEOF] != t->c_cc[VEOF] || 1786 tp->t_termios.c_cc[VEOL] != t->c_cc[VEOL]) 1787 canonicalize = true; 1788 1789 /* Copy new non-device driver parameters. */ 1790 tp->t_termios.c_iflag = t->c_iflag; 1791 tp->t_termios.c_oflag = t->c_oflag; 1792 tp->t_termios.c_lflag = t->c_lflag; 1793 memcpy(&tp->t_termios.c_cc, t->c_cc, sizeof t->c_cc); 1794 1795 ttydisc_optimize(tp); 1796 1797 if (canonicalize) 1798 ttydisc_canonicalize(tp); 1799 if ((t->c_lflag & ICANON) == 0) { 1800 /* 1801 * When in non-canonical mode, wake up all 1802 * readers. Any partial input has already been 1803 * canonicalized above if we were in canonical mode. 1804 * VMIN and VTIME could also be adjusted. 1805 */ 1806 tty_wakeup(tp, FREAD); 1807 } 1808 1809 /* 1810 * For packet mode: notify the PTY consumer that VSTOP 1811 * and VSTART may have been changed. 1812 */ 1813 if (tp->t_termios.c_iflag & IXON && 1814 tp->t_termios.c_cc[VSTOP] == CTRL('S') && 1815 tp->t_termios.c_cc[VSTART] == CTRL('Q')) 1816 ttydevsw_pktnotify(tp, TIOCPKT_DOSTOP); 1817 else 1818 ttydevsw_pktnotify(tp, TIOCPKT_NOSTOP); 1819 return (0); 1820 } 1821 case TIOCGETD: 1822 /* For compatibility - we only support TTYDISC. */ 1823 *(int *)data = TTYDISC; 1824 return (0); 1825 case TIOCGPGRP: 1826 if (!tty_is_ctty(tp, td->td_proc)) 1827 return (ENOTTY); 1828 1829 if (tp->t_pgrp != NULL) 1830 *(int *)data = tp->t_pgrp->pg_id; 1831 else 1832 *(int *)data = NO_PID; 1833 return (0); 1834 case TIOCGSID: 1835 if (!tty_is_ctty(tp, td->td_proc)) 1836 return (ENOTTY); 1837 1838 MPASS(tp->t_session); 1839 *(int *)data = tp->t_session->s_sid; 1840 return (0); 1841 case TIOCNOTTY: 1842 return (tty_drop_ctty(tp, td->td_proc)); 1843 case TIOCSCTTY: { 1844 struct proc *p = td->td_proc; 1845 1846 /* XXX: This looks awful. */ 1847 tty_unlock(tp); 1848 sx_xlock(&proctree_lock); 1849 tty_lock(tp); 1850 1851 if (!SESS_LEADER(p)) { 1852 /* Only the session leader may do this. */ 1853 sx_xunlock(&proctree_lock); 1854 return (EPERM); 1855 } 1856 1857 if (tp->t_session != NULL && tp->t_session == p->p_session) { 1858 /* This is already our controlling TTY. */ 1859 sx_xunlock(&proctree_lock); 1860 return (0); 1861 } 1862 1863 if (p->p_session->s_ttyp != NULL || 1864 (tp->t_session != NULL && tp->t_session->s_ttyvp != NULL && 1865 tp->t_session->s_ttyvp->v_type != VBAD)) { 1866 /* 1867 * There is already a relation between a TTY and 1868 * a session, or the caller is not the session 1869 * leader. 1870 * 1871 * Allow the TTY to be stolen when the vnode is 1872 * invalid, but the reference to the TTY is 1873 * still active. This allows immediate reuse of 1874 * TTYs of which the session leader has been 1875 * killed or the TTY revoked. 1876 */ 1877 sx_xunlock(&proctree_lock); 1878 return (EPERM); 1879 } 1880 1881 /* Connect the session to the TTY. */ 1882 tp->t_session = p->p_session; 1883 tp->t_session->s_ttyp = tp; 1884 tp->t_sessioncnt++; 1885 1886 /* Assign foreground process group. */ 1887 tp->t_pgrp = p->p_pgrp; 1888 PROC_LOCK(p); 1889 p->p_flag |= P_CONTROLT; 1890 PROC_UNLOCK(p); 1891 1892 sx_xunlock(&proctree_lock); 1893 return (0); 1894 } 1895 case TIOCSPGRP: { 1896 struct pgrp *pg; 1897 1898 /* 1899 * XXX: Temporarily unlock the TTY to locate the process 1900 * group. This code would be lot nicer if we would ever 1901 * decompose proctree_lock. 1902 */ 1903 tty_unlock(tp); 1904 sx_slock(&proctree_lock); 1905 pg = pgfind(*(int *)data); 1906 if (pg != NULL) 1907 PGRP_UNLOCK(pg); 1908 if (pg == NULL || pg->pg_session != td->td_proc->p_session) { 1909 sx_sunlock(&proctree_lock); 1910 tty_lock(tp); 1911 return (EPERM); 1912 } 1913 tty_lock(tp); 1914 1915 /* 1916 * Determine if this TTY is the controlling TTY after 1917 * relocking the TTY. 1918 */ 1919 if (!tty_is_ctty(tp, td->td_proc)) { 1920 sx_sunlock(&proctree_lock); 1921 return (ENOTTY); 1922 } 1923 tp->t_pgrp = pg; 1924 sx_sunlock(&proctree_lock); 1925 1926 /* Wake up the background process groups. */ 1927 cv_broadcast(&tp->t_bgwait); 1928 return (0); 1929 } 1930 case TIOCFLUSH: { 1931 int flags = *(int *)data; 1932 1933 if (flags == 0) 1934 flags = (FREAD|FWRITE); 1935 else 1936 flags &= (FREAD|FWRITE); 1937 tty_flush(tp, flags); 1938 return (0); 1939 } 1940 case TIOCDRAIN: 1941 /* Drain TTY output. */ 1942 return tty_drain(tp, 0); 1943 case TIOCGDRAINWAIT: 1944 *(int *)data = tp->t_drainwait; 1945 return (0); 1946 case TIOCSDRAINWAIT: 1947 error = priv_check(td, PRIV_TTY_DRAINWAIT); 1948 if (error == 0) 1949 tp->t_drainwait = *(int *)data; 1950 return (error); 1951 case TIOCCONS: 1952 /* Set terminal as console TTY. */ 1953 if (*(int *)data) { 1954 error = priv_check(td, PRIV_TTY_CONSOLE); 1955 if (error) 1956 return (error); 1957 error = constty_set(tp); 1958 } else { 1959 error = constty_clear(tp); 1960 } 1961 return (error); 1962 case TIOCGWINSZ: 1963 /* Obtain window size. */ 1964 *(struct winsize*)data = tp->t_winsize; 1965 return (0); 1966 case TIOCSWINSZ: 1967 /* Set window size. */ 1968 tty_set_winsize(tp, data); 1969 return (0); 1970 case TIOCEXCL: 1971 tp->t_flags |= TF_EXCLUDE; 1972 return (0); 1973 case TIOCNXCL: 1974 tp->t_flags &= ~TF_EXCLUDE; 1975 return (0); 1976 case TIOCSTOP: 1977 tp->t_flags |= TF_STOPPED; 1978 ttydevsw_pktnotify(tp, TIOCPKT_STOP); 1979 return (0); 1980 case TIOCSTART: 1981 tp->t_flags &= ~TF_STOPPED; 1982 tp->t_termios.c_lflag &= ~FLUSHO; 1983 ttydevsw_outwakeup(tp); 1984 ttydevsw_pktnotify(tp, TIOCPKT_START); 1985 return (0); 1986 case TIOCSTAT: 1987 tty_info(tp); 1988 return (0); 1989 case TIOCSTI: 1990 if ((fflag & FREAD) == 0 && priv_check(td, PRIV_TTY_STI)) 1991 return (EPERM); 1992 if (!tty_is_ctty(tp, td->td_proc) && 1993 priv_check(td, PRIV_TTY_STI)) 1994 return (EACCES); 1995 ttydisc_rint(tp, *(char *)data, 0); 1996 ttydisc_rint_done(tp); 1997 return (0); 1998 } 1999 2000 #ifdef COMPAT_43TTY 2001 return tty_ioctl_compat(tp, cmd, data, fflag, td); 2002 #else /* !COMPAT_43TTY */ 2003 return (ENOIOCTL); 2004 #endif /* COMPAT_43TTY */ 2005 } 2006 2007 int 2008 tty_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, struct thread *td) 2009 { 2010 int error; 2011 2012 tty_assert_locked(tp); 2013 2014 if (tty_gone(tp)) 2015 return (ENXIO); 2016 2017 error = ttydevsw_ioctl(tp, cmd, data, td); 2018 if (error == ENOIOCTL) 2019 error = tty_generic_ioctl(tp, cmd, data, fflag, td); 2020 2021 return (error); 2022 } 2023 2024 dev_t 2025 tty_udev(struct tty *tp) 2026 { 2027 2028 if (tp->t_dev) 2029 return (dev2udev(tp->t_dev)); 2030 else 2031 return (NODEV); 2032 } 2033 2034 int 2035 tty_checkoutq(struct tty *tp) 2036 { 2037 2038 /* 256 bytes should be enough to print a log message. */ 2039 return (ttyoutq_bytesleft(&tp->t_outq) >= 256); 2040 } 2041 2042 void 2043 tty_hiwat_in_block(struct tty *tp) 2044 { 2045 2046 if ((tp->t_flags & TF_HIWAT_IN) == 0 && 2047 tp->t_termios.c_iflag & IXOFF && 2048 tp->t_termios.c_cc[VSTOP] != _POSIX_VDISABLE) { 2049 /* 2050 * Input flow control. Only enter the high watermark when we 2051 * can successfully store the VSTOP character. 2052 */ 2053 if (ttyoutq_write_nofrag(&tp->t_outq, 2054 &tp->t_termios.c_cc[VSTOP], 1) == 0) 2055 tp->t_flags |= TF_HIWAT_IN; 2056 } else { 2057 /* No input flow control. */ 2058 tp->t_flags |= TF_HIWAT_IN; 2059 } 2060 } 2061 2062 void 2063 tty_hiwat_in_unblock(struct tty *tp) 2064 { 2065 2066 if (tp->t_flags & TF_HIWAT_IN && 2067 tp->t_termios.c_iflag & IXOFF && 2068 tp->t_termios.c_cc[VSTART] != _POSIX_VDISABLE) { 2069 /* 2070 * Input flow control. Only leave the high watermark when we 2071 * can successfully store the VSTART character. 2072 */ 2073 if (ttyoutq_write_nofrag(&tp->t_outq, 2074 &tp->t_termios.c_cc[VSTART], 1) == 0) 2075 tp->t_flags &= ~TF_HIWAT_IN; 2076 } else { 2077 /* No input flow control. */ 2078 tp->t_flags &= ~TF_HIWAT_IN; 2079 } 2080 2081 if (!tty_gone(tp)) 2082 ttydevsw_inwakeup(tp); 2083 } 2084 2085 /* 2086 * TTY hooks interface. 2087 */ 2088 2089 static int 2090 ttyhook_defrint(struct tty *tp, char c, int flags) 2091 { 2092 2093 if (ttyhook_rint_bypass(tp, &c, 1) != 1) 2094 return (-1); 2095 2096 return (0); 2097 } 2098 2099 int 2100 ttyhook_register(struct tty **rtp, struct proc *p, int fd, struct ttyhook *th, 2101 void *softc) 2102 { 2103 struct tty *tp; 2104 struct file *fp; 2105 struct cdev *dev; 2106 struct cdevsw *cdp; 2107 struct filedesc *fdp; 2108 cap_rights_t rights; 2109 int error, ref; 2110 2111 /* Validate the file descriptor. */ 2112 /* 2113 * XXX this code inspects a file descriptor from a different process, 2114 * but there is no dedicated routine to do it in fd code, making the 2115 * ordeal highly questionable. 2116 */ 2117 fdp = p->p_fd; 2118 FILEDESC_SLOCK(fdp); 2119 error = fget_cap_noref(fdp, fd, cap_rights_init_one(&rights, CAP_TTYHOOK), 2120 &fp, NULL); 2121 if (error == 0 && !fhold(fp)) 2122 error = EBADF; 2123 FILEDESC_SUNLOCK(fdp); 2124 if (error != 0) 2125 return (error); 2126 if (fp->f_ops == &badfileops) { 2127 error = EBADF; 2128 goto done1; 2129 } 2130 2131 /* 2132 * Make sure the vnode is bound to a character device. 2133 * Unlocked check for the vnode type is ok there, because we 2134 * only shall prevent calling devvn_refthread on the file that 2135 * never has been opened over a character device. 2136 */ 2137 if (fp->f_type != DTYPE_VNODE || fp->f_vnode->v_type != VCHR) { 2138 error = EINVAL; 2139 goto done1; 2140 } 2141 2142 /* Make sure it is a TTY. */ 2143 cdp = devvn_refthread(fp->f_vnode, &dev, &ref); 2144 if (cdp == NULL) { 2145 error = ENXIO; 2146 goto done1; 2147 } 2148 if (dev != fp->f_data) { 2149 error = ENXIO; 2150 goto done2; 2151 } 2152 if (cdp != &ttydev_cdevsw) { 2153 error = ENOTTY; 2154 goto done2; 2155 } 2156 tp = dev->si_drv1; 2157 2158 /* Try to attach the hook to the TTY. */ 2159 error = EBUSY; 2160 tty_lock(tp); 2161 MPASS((tp->t_hook == NULL) == ((tp->t_flags & TF_HOOK) == 0)); 2162 if (tp->t_flags & TF_HOOK) 2163 goto done3; 2164 2165 tp->t_flags |= TF_HOOK; 2166 tp->t_hook = th; 2167 tp->t_hooksoftc = softc; 2168 *rtp = tp; 2169 error = 0; 2170 2171 /* Maybe we can switch into bypass mode now. */ 2172 ttydisc_optimize(tp); 2173 2174 /* Silently convert rint() calls to rint_bypass() when possible. */ 2175 if (!ttyhook_hashook(tp, rint) && ttyhook_hashook(tp, rint_bypass)) 2176 th->th_rint = ttyhook_defrint; 2177 2178 done3: tty_unlock(tp); 2179 done2: dev_relthread(dev, ref); 2180 done1: fdrop(fp, curthread); 2181 return (error); 2182 } 2183 2184 void 2185 ttyhook_unregister(struct tty *tp) 2186 { 2187 2188 tty_assert_locked(tp); 2189 MPASS(tp->t_flags & TF_HOOK); 2190 2191 /* Disconnect the hook. */ 2192 tp->t_flags &= ~TF_HOOK; 2193 tp->t_hook = NULL; 2194 2195 /* Maybe we need to leave bypass mode. */ 2196 ttydisc_optimize(tp); 2197 2198 /* Maybe deallocate the TTY as well. */ 2199 tty_rel_free(tp); 2200 } 2201 2202 /* 2203 * /dev/console handling. 2204 */ 2205 2206 static int 2207 ttyconsdev_open(struct cdev *dev, int oflags, int devtype, struct thread *td) 2208 { 2209 struct tty *tp; 2210 2211 /* System has no console device. */ 2212 if (dev_console_filename == NULL) 2213 return (ENXIO); 2214 2215 /* Look up corresponding TTY by device name. */ 2216 sx_slock(&tty_list_sx); 2217 TAILQ_FOREACH(tp, &tty_list, t_list) { 2218 if (strcmp(dev_console_filename, tty_devname(tp)) == 0) { 2219 dev_console->si_drv1 = tp; 2220 break; 2221 } 2222 } 2223 sx_sunlock(&tty_list_sx); 2224 2225 /* System console has no TTY associated. */ 2226 if (dev_console->si_drv1 == NULL) 2227 return (ENXIO); 2228 2229 return (ttydev_open(dev, oflags, devtype, td)); 2230 } 2231 2232 static int 2233 ttyconsdev_write(struct cdev *dev, struct uio *uio, int ioflag) 2234 { 2235 2236 log_console(uio); 2237 2238 return (ttydev_write(dev, uio, ioflag)); 2239 } 2240 2241 /* 2242 * /dev/console is a little different than normal TTY's. When opened, 2243 * it determines which TTY to use. When data gets written to it, it 2244 * will be logged in the kernel message buffer. 2245 */ 2246 static struct cdevsw ttyconsdev_cdevsw = { 2247 .d_version = D_VERSION, 2248 .d_open = ttyconsdev_open, 2249 .d_close = ttydev_close, 2250 .d_read = ttydev_read, 2251 .d_write = ttyconsdev_write, 2252 .d_ioctl = ttydev_ioctl, 2253 .d_kqfilter = ttydev_kqfilter, 2254 .d_poll = ttydev_poll, 2255 .d_mmap = ttydev_mmap, 2256 .d_name = "ttyconsdev", 2257 .d_flags = D_TTY, 2258 }; 2259 2260 static void 2261 ttyconsdev_init(void *unused __unused) 2262 { 2263 2264 dev_console = make_dev_credf(MAKEDEV_ETERNAL, &ttyconsdev_cdevsw, 0, 2265 NULL, UID_ROOT, GID_WHEEL, 0600, "console"); 2266 } 2267 2268 SYSINIT(tty, SI_SUB_DRIVERS, SI_ORDER_FIRST, ttyconsdev_init, NULL); 2269 2270 void 2271 ttyconsdev_select(const char *name) 2272 { 2273 2274 dev_console_filename = name; 2275 } 2276 2277 /* 2278 * Debugging routines. 2279 */ 2280 2281 #include "opt_ddb.h" 2282 #ifdef DDB 2283 #include <ddb/ddb.h> 2284 #include <ddb/db_sym.h> 2285 2286 static const struct { 2287 int flag; 2288 char val; 2289 } ttystates[] = { 2290 #if 0 2291 { TF_NOPREFIX, 'N' }, 2292 #endif 2293 { TF_INITLOCK, 'I' }, 2294 { TF_CALLOUT, 'C' }, 2295 2296 /* Keep these together -> 'Oi' and 'Oo'. */ 2297 { TF_OPENED, 'O' }, 2298 { TF_OPENED_IN, 'i' }, 2299 { TF_OPENED_OUT, 'o' }, 2300 { TF_OPENED_CONS, 'c' }, 2301 2302 { TF_GONE, 'G' }, 2303 { TF_OPENCLOSE, 'B' }, 2304 { TF_ASYNC, 'Y' }, 2305 { TF_LITERAL, 'L' }, 2306 2307 /* Keep these together -> 'Hi' and 'Ho'. */ 2308 { TF_HIWAT, 'H' }, 2309 { TF_HIWAT_IN, 'i' }, 2310 { TF_HIWAT_OUT, 'o' }, 2311 2312 { TF_STOPPED, 'S' }, 2313 { TF_EXCLUDE, 'X' }, 2314 { TF_BYPASS, 'l' }, 2315 { TF_ZOMBIE, 'Z' }, 2316 { TF_HOOK, 's' }, 2317 2318 /* Keep these together -> 'bi' and 'bo'. */ 2319 { TF_BUSY, 'b' }, 2320 { TF_BUSY_IN, 'i' }, 2321 { TF_BUSY_OUT, 'o' }, 2322 2323 { 0, '\0'}, 2324 }; 2325 2326 #define TTY_FLAG_BITS \ 2327 "\20\1NOPREFIX\2INITLOCK\3CALLOUT\4OPENED_IN" \ 2328 "\5OPENED_OUT\6OPENED_CONS\7GONE\10OPENCLOSE" \ 2329 "\11ASYNC\12LITERAL\13HIWAT_IN\14HIWAT_OUT" \ 2330 "\15STOPPED\16EXCLUDE\17BYPASS\20ZOMBIE" \ 2331 "\21HOOK\22BUSY_IN\23BUSY_OUT" 2332 2333 #define DB_PRINTSYM(name, addr) \ 2334 db_printf("%s " #name ": ", sep); \ 2335 db_printsym((db_addr_t) addr, DB_STGY_ANY); \ 2336 db_printf("\n"); 2337 2338 static void 2339 _db_show_devsw(const char *sep, const struct ttydevsw *tsw) 2340 { 2341 2342 db_printf("%sdevsw: ", sep); 2343 db_printsym((db_addr_t)tsw, DB_STGY_ANY); 2344 db_printf(" (%p)\n", tsw); 2345 DB_PRINTSYM(open, tsw->tsw_open); 2346 DB_PRINTSYM(close, tsw->tsw_close); 2347 DB_PRINTSYM(outwakeup, tsw->tsw_outwakeup); 2348 DB_PRINTSYM(inwakeup, tsw->tsw_inwakeup); 2349 DB_PRINTSYM(ioctl, tsw->tsw_ioctl); 2350 DB_PRINTSYM(param, tsw->tsw_param); 2351 DB_PRINTSYM(modem, tsw->tsw_modem); 2352 DB_PRINTSYM(mmap, tsw->tsw_mmap); 2353 DB_PRINTSYM(pktnotify, tsw->tsw_pktnotify); 2354 DB_PRINTSYM(free, tsw->tsw_free); 2355 } 2356 2357 static void 2358 _db_show_hooks(const char *sep, const struct ttyhook *th) 2359 { 2360 2361 db_printf("%shook: ", sep); 2362 db_printsym((db_addr_t)th, DB_STGY_ANY); 2363 db_printf(" (%p)\n", th); 2364 if (th == NULL) 2365 return; 2366 DB_PRINTSYM(rint, th->th_rint); 2367 DB_PRINTSYM(rint_bypass, th->th_rint_bypass); 2368 DB_PRINTSYM(rint_done, th->th_rint_done); 2369 DB_PRINTSYM(rint_poll, th->th_rint_poll); 2370 DB_PRINTSYM(getc_inject, th->th_getc_inject); 2371 DB_PRINTSYM(getc_capture, th->th_getc_capture); 2372 DB_PRINTSYM(getc_poll, th->th_getc_poll); 2373 DB_PRINTSYM(close, th->th_close); 2374 } 2375 2376 static void 2377 _db_show_termios(const char *name, const struct termios *t) 2378 { 2379 2380 db_printf("%s: iflag 0x%x oflag 0x%x cflag 0x%x " 2381 "lflag 0x%x ispeed %u ospeed %u\n", name, 2382 t->c_iflag, t->c_oflag, t->c_cflag, t->c_lflag, 2383 t->c_ispeed, t->c_ospeed); 2384 } 2385 2386 /* DDB command to show TTY statistics. */ 2387 DB_SHOW_COMMAND(tty, db_show_tty) 2388 { 2389 struct tty *tp; 2390 2391 if (!have_addr) { 2392 db_printf("usage: show tty <addr>\n"); 2393 return; 2394 } 2395 tp = (struct tty *)addr; 2396 2397 db_printf("%p: %s\n", tp, tty_devname(tp)); 2398 db_printf("\tmtx: %p\n", tp->t_mtx); 2399 db_printf("\tflags: 0x%b\n", tp->t_flags, TTY_FLAG_BITS); 2400 db_printf("\trevokecnt: %u\n", tp->t_revokecnt); 2401 2402 /* Buffering mechanisms. */ 2403 db_printf("\tinq: %p begin %u linestart %u reprint %u end %u " 2404 "nblocks %u quota %u\n", &tp->t_inq, tp->t_inq.ti_begin, 2405 tp->t_inq.ti_linestart, tp->t_inq.ti_reprint, tp->t_inq.ti_end, 2406 tp->t_inq.ti_nblocks, tp->t_inq.ti_quota); 2407 db_printf("\toutq: %p begin %u end %u nblocks %u quota %u\n", 2408 &tp->t_outq, tp->t_outq.to_begin, tp->t_outq.to_end, 2409 tp->t_outq.to_nblocks, tp->t_outq.to_quota); 2410 db_printf("\tinlow: %zu\n", tp->t_inlow); 2411 db_printf("\toutlow: %zu\n", tp->t_outlow); 2412 _db_show_termios("\ttermios", &tp->t_termios); 2413 db_printf("\twinsize: row %u col %u xpixel %u ypixel %u\n", 2414 tp->t_winsize.ws_row, tp->t_winsize.ws_col, 2415 tp->t_winsize.ws_xpixel, tp->t_winsize.ws_ypixel); 2416 db_printf("\tcolumn: %u\n", tp->t_column); 2417 db_printf("\twritepos: %u\n", tp->t_writepos); 2418 db_printf("\tcompatflags: 0x%x\n", tp->t_compatflags); 2419 2420 /* Init/lock-state devices. */ 2421 _db_show_termios("\ttermios_init_in", &tp->t_termios_init_in); 2422 _db_show_termios("\ttermios_init_out", &tp->t_termios_init_out); 2423 _db_show_termios("\ttermios_lock_in", &tp->t_termios_lock_in); 2424 _db_show_termios("\ttermios_lock_out", &tp->t_termios_lock_out); 2425 2426 /* Hooks */ 2427 _db_show_devsw("\t", tp->t_devsw); 2428 _db_show_hooks("\t", tp->t_hook); 2429 2430 /* Process info. */ 2431 db_printf("\tpgrp: %p gid %d\n", tp->t_pgrp, 2432 tp->t_pgrp ? tp->t_pgrp->pg_id : 0); 2433 db_printf("\tsession: %p", tp->t_session); 2434 if (tp->t_session != NULL) 2435 db_printf(" count %u leader %p tty %p sid %d login %s", 2436 tp->t_session->s_count, tp->t_session->s_leader, 2437 tp->t_session->s_ttyp, tp->t_session->s_sid, 2438 tp->t_session->s_login); 2439 db_printf("\n"); 2440 db_printf("\tsessioncnt: %u\n", tp->t_sessioncnt); 2441 db_printf("\tdevswsoftc: %p\n", tp->t_devswsoftc); 2442 db_printf("\thooksoftc: %p\n", tp->t_hooksoftc); 2443 db_printf("\tdev: %p\n", tp->t_dev); 2444 } 2445 2446 /* DDB command to list TTYs. */ 2447 DB_SHOW_ALL_COMMAND(ttys, db_show_all_ttys) 2448 { 2449 struct tty *tp; 2450 size_t isiz, osiz; 2451 int i, j; 2452 2453 /* Make the output look like `pstat -t'. */ 2454 db_printf("PTR "); 2455 #if defined(__LP64__) 2456 db_printf(" "); 2457 #endif 2458 db_printf(" LINE INQ CAN LIN LOW OUTQ USE LOW " 2459 "COL SESS PGID STATE\n"); 2460 2461 TAILQ_FOREACH(tp, &tty_list, t_list) { 2462 isiz = tp->t_inq.ti_nblocks * TTYINQ_DATASIZE; 2463 osiz = tp->t_outq.to_nblocks * TTYOUTQ_DATASIZE; 2464 2465 db_printf("%p %10s %5zu %4u %4u %4zu %5zu %4u %4zu %5u %5d " 2466 "%5d ", tp, tty_devname(tp), isiz, 2467 tp->t_inq.ti_linestart - tp->t_inq.ti_begin, 2468 tp->t_inq.ti_end - tp->t_inq.ti_linestart, 2469 isiz - tp->t_inlow, osiz, 2470 tp->t_outq.to_end - tp->t_outq.to_begin, 2471 osiz - tp->t_outlow, MIN(tp->t_column, 99999), 2472 tp->t_session ? tp->t_session->s_sid : 0, 2473 tp->t_pgrp ? tp->t_pgrp->pg_id : 0); 2474 2475 /* Flag bits. */ 2476 for (i = j = 0; ttystates[i].flag; i++) 2477 if (tp->t_flags & ttystates[i].flag) { 2478 db_printf("%c", ttystates[i].val); 2479 j++; 2480 } 2481 if (j == 0) 2482 db_printf("-"); 2483 db_printf("\n"); 2484 } 2485 } 2486 #endif /* DDB */ 2487