1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2008 Ed Schouten <ed@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Portions of this software were developed under sponsorship from Snow 8 * B.V., the Netherlands. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #include "opt_capsicum.h" 34 #include "opt_printf.h" 35 36 #include <sys/param.h> 37 #include <sys/capsicum.h> 38 #include <sys/conf.h> 39 #include <sys/cons.h> 40 #include <sys/fcntl.h> 41 #include <sys/file.h> 42 #include <sys/filedesc.h> 43 #include <sys/filio.h> 44 #ifdef COMPAT_43TTY 45 #include <sys/ioctl_compat.h> 46 #endif /* COMPAT_43TTY */ 47 #include <sys/jail.h> 48 #include <sys/kernel.h> 49 #include <sys/limits.h> 50 #include <sys/malloc.h> 51 #include <sys/mount.h> 52 #include <sys/poll.h> 53 #include <sys/priv.h> 54 #include <sys/proc.h> 55 #include <sys/serial.h> 56 #include <sys/signal.h> 57 #include <sys/stat.h> 58 #include <sys/sx.h> 59 #include <sys/sysctl.h> 60 #include <sys/systm.h> 61 #include <sys/tty.h> 62 #include <sys/ttycom.h> 63 #define TTYDEFCHARS 64 #include <sys/ttydefaults.h> 65 #undef TTYDEFCHARS 66 #include <sys/ucred.h> 67 #include <sys/vnode.h> 68 69 #include <fs/devfs/devfs.h> 70 71 #include <machine/stdarg.h> 72 73 static MALLOC_DEFINE(M_TTY, "tty", "tty device"); 74 75 static void tty_rel_free(struct tty *tp); 76 77 static TAILQ_HEAD(, tty) tty_list = TAILQ_HEAD_INITIALIZER(tty_list); 78 static struct sx tty_list_sx; 79 SX_SYSINIT(tty_list, &tty_list_sx, "tty list"); 80 static unsigned int tty_list_count = 0; 81 82 /* Character device of /dev/console. */ 83 static struct cdev *dev_console; 84 static const char *dev_console_filename; 85 86 /* 87 * Flags that are supported and stored by this implementation. 88 */ 89 #define TTYSUP_IFLAG (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK|ISTRIP|INLCR|\ 90 IGNCR|ICRNL|IXON|IXOFF|IXANY|IMAXBEL|IUTF8) 91 #define TTYSUP_OFLAG (OPOST|ONLCR|TAB3|ONOEOT|OCRNL|ONOCR|ONLRET) 92 #define TTYSUP_LFLAG (ECHOKE|ECHOE|ECHOK|ECHO|ECHONL|ECHOPRT|\ 93 ECHOCTL|ISIG|ICANON|ALTWERASE|IEXTEN|TOSTOP|\ 94 FLUSHO|NOKERNINFO|NOFLSH) 95 #define TTYSUP_CFLAG (CIGNORE|CSIZE|CSTOPB|CREAD|PARENB|PARODD|\ 96 HUPCL|CLOCAL|CCTS_OFLOW|CRTS_IFLOW|CDTR_IFLOW|\ 97 CDSR_OFLOW|CCAR_OFLOW|CNO_RTSDTR) 98 99 #define TTY_CALLOUT(tp,d) (dev2unit(d) & TTYUNIT_CALLOUT) 100 101 static int tty_drainwait = 5 * 60; 102 SYSCTL_INT(_kern, OID_AUTO, tty_drainwait, CTLFLAG_RWTUN, 103 &tty_drainwait, 0, "Default output drain timeout in seconds"); 104 105 /* 106 * Set TTY buffer sizes. 107 */ 108 109 #define TTYBUF_MAX 65536 110 111 #ifdef PRINTF_BUFR_SIZE 112 #define TTY_PRBUF_SIZE PRINTF_BUFR_SIZE 113 #else 114 #define TTY_PRBUF_SIZE 256 115 #endif 116 117 /* 118 * Allocate buffer space if necessary, and set low watermarks, based on speed. 119 * Note that the ttyxxxq_setsize() functions may drop and then reacquire the tty 120 * lock during memory allocation. They will return ENXIO if the tty disappears 121 * while unlocked. 122 */ 123 static int 124 tty_watermarks(struct tty *tp) 125 { 126 size_t bs = 0; 127 int error; 128 129 /* Provide an input buffer for 2 seconds of data. */ 130 if (tp->t_termios.c_cflag & CREAD) 131 bs = MIN(tp->t_termios.c_ispeed / 5, TTYBUF_MAX); 132 error = ttyinq_setsize(&tp->t_inq, tp, bs); 133 if (error != 0) 134 return (error); 135 136 /* Set low watermark at 10% (when 90% is available). */ 137 tp->t_inlow = (ttyinq_getallocatedsize(&tp->t_inq) * 9) / 10; 138 139 /* Provide an output buffer for 2 seconds of data. */ 140 bs = MIN(tp->t_termios.c_ospeed / 5, TTYBUF_MAX); 141 error = ttyoutq_setsize(&tp->t_outq, tp, bs); 142 if (error != 0) 143 return (error); 144 145 /* Set low watermark at 10% (when 90% is available). */ 146 tp->t_outlow = (ttyoutq_getallocatedsize(&tp->t_outq) * 9) / 10; 147 148 return (0); 149 } 150 151 static int 152 tty_drain(struct tty *tp, int leaving) 153 { 154 sbintime_t timeout_at; 155 size_t bytes; 156 int error; 157 158 if (ttyhook_hashook(tp, getc_inject)) 159 /* buffer is inaccessible */ 160 return (0); 161 162 /* 163 * For close(), use the recent historic timeout of "1 second without 164 * making progress". For tcdrain(), use t_drainwait as the timeout, 165 * with zero meaning "no timeout" which gives POSIX behavior. 166 */ 167 if (leaving) 168 timeout_at = getsbinuptime() + SBT_1S; 169 else if (tp->t_drainwait != 0) 170 timeout_at = getsbinuptime() + SBT_1S * tp->t_drainwait; 171 else 172 timeout_at = 0; 173 174 /* 175 * Poll the output buffer and the hardware for completion, at 10 Hz. 176 * Polling is required for devices which are not able to signal an 177 * interrupt when the transmitter becomes idle (most USB serial devs). 178 * The unusual structure of this loop ensures we check for busy one more 179 * time after tty_timedwait() returns EWOULDBLOCK, so that success has 180 * higher priority than timeout if the IO completed in the last 100mS. 181 */ 182 error = 0; 183 bytes = ttyoutq_bytesused(&tp->t_outq); 184 for (;;) { 185 if (ttyoutq_bytesused(&tp->t_outq) == 0 && !ttydevsw_busy(tp)) 186 return (0); 187 if (error != 0) 188 return (error); 189 ttydevsw_outwakeup(tp); 190 error = tty_timedwait(tp, &tp->t_outwait, hz / 10); 191 if (error != 0 && error != EWOULDBLOCK) 192 return (error); 193 else if (timeout_at == 0 || getsbinuptime() < timeout_at) 194 error = 0; 195 else if (leaving && ttyoutq_bytesused(&tp->t_outq) < bytes) { 196 /* In close, making progress, grant an extra second. */ 197 error = 0; 198 timeout_at += SBT_1S; 199 bytes = ttyoutq_bytesused(&tp->t_outq); 200 } 201 } 202 } 203 204 /* 205 * Though ttydev_enter() and ttydev_leave() seem to be related, they 206 * don't have to be used together. ttydev_enter() is used by the cdev 207 * operations to prevent an actual operation from being processed when 208 * the TTY has been abandoned. ttydev_leave() is used by ttydev_open() 209 * and ttydev_close() to determine whether per-TTY data should be 210 * deallocated. 211 */ 212 213 static __inline int 214 ttydev_enter(struct tty *tp) 215 { 216 217 tty_lock(tp); 218 219 if (tty_gone(tp) || !tty_opened(tp)) { 220 /* Device is already gone. */ 221 tty_unlock(tp); 222 return (ENXIO); 223 } 224 225 return (0); 226 } 227 228 static void 229 ttydev_leave(struct tty *tp) 230 { 231 232 tty_assert_locked(tp); 233 234 if (tty_opened(tp) || tp->t_flags & TF_OPENCLOSE) { 235 /* Device is still opened somewhere. */ 236 tty_unlock(tp); 237 return; 238 } 239 240 tp->t_flags |= TF_OPENCLOSE; 241 242 /* Remove console TTY. */ 243 constty_clear(tp); 244 245 /* Drain any output. */ 246 if (!tty_gone(tp)) 247 tty_drain(tp, 1); 248 249 ttydisc_close(tp); 250 251 /* Free i/o queues now since they might be large. */ 252 ttyinq_free(&tp->t_inq); 253 tp->t_inlow = 0; 254 ttyoutq_free(&tp->t_outq); 255 tp->t_outlow = 0; 256 257 if (!tty_gone(tp)) 258 ttydevsw_close(tp); 259 260 tp->t_flags &= ~TF_OPENCLOSE; 261 cv_broadcast(&tp->t_dcdwait); 262 tty_rel_free(tp); 263 } 264 265 /* 266 * Operations that are exposed through the character device in /dev. 267 */ 268 static int 269 ttydev_open(struct cdev *dev, int oflags, int devtype __unused, 270 struct thread *td) 271 { 272 struct tty *tp; 273 int error; 274 275 tp = dev->si_drv1; 276 error = 0; 277 tty_lock(tp); 278 if (tty_gone(tp)) { 279 /* Device is already gone. */ 280 tty_unlock(tp); 281 return (ENXIO); 282 } 283 284 /* 285 * Block when other processes are currently opening or closing 286 * the TTY. 287 */ 288 while (tp->t_flags & TF_OPENCLOSE) { 289 error = tty_wait(tp, &tp->t_dcdwait); 290 if (error != 0) { 291 tty_unlock(tp); 292 return (error); 293 } 294 } 295 tp->t_flags |= TF_OPENCLOSE; 296 297 /* 298 * Make sure the "tty" and "cua" device cannot be opened at the 299 * same time. The console is a "tty" device. 300 */ 301 if (TTY_CALLOUT(tp, dev)) { 302 if (tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) { 303 error = EBUSY; 304 goto done; 305 } 306 } else { 307 if (tp->t_flags & TF_OPENED_OUT) { 308 error = EBUSY; 309 goto done; 310 } 311 } 312 313 if (tp->t_flags & TF_EXCLUDE && priv_check(td, PRIV_TTY_EXCLUSIVE)) { 314 error = EBUSY; 315 goto done; 316 } 317 318 if (!tty_opened(tp)) { 319 /* Set proper termios flags. */ 320 if (TTY_CALLOUT(tp, dev)) 321 tp->t_termios = tp->t_termios_init_out; 322 else 323 tp->t_termios = tp->t_termios_init_in; 324 ttydevsw_param(tp, &tp->t_termios); 325 /* Prevent modem control on callout devices and /dev/console. */ 326 if (TTY_CALLOUT(tp, dev) || dev == dev_console) 327 tp->t_termios.c_cflag |= CLOCAL; 328 329 if ((tp->t_termios.c_cflag & CNO_RTSDTR) == 0) 330 ttydevsw_modem(tp, SER_DTR|SER_RTS, 0); 331 332 error = ttydevsw_open(tp); 333 if (error != 0) 334 goto done; 335 336 ttydisc_open(tp); 337 error = tty_watermarks(tp); 338 if (error != 0) 339 goto done; 340 } 341 342 /* Wait for Carrier Detect. */ 343 if ((oflags & O_NONBLOCK) == 0 && 344 (tp->t_termios.c_cflag & CLOCAL) == 0) { 345 while ((ttydevsw_modem(tp, 0, 0) & SER_DCD) == 0) { 346 error = tty_wait(tp, &tp->t_dcdwait); 347 if (error != 0) 348 goto done; 349 } 350 } 351 352 if (dev == dev_console) 353 tp->t_flags |= TF_OPENED_CONS; 354 else if (TTY_CALLOUT(tp, dev)) 355 tp->t_flags |= TF_OPENED_OUT; 356 else 357 tp->t_flags |= TF_OPENED_IN; 358 MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 || 359 (tp->t_flags & TF_OPENED_OUT) == 0); 360 361 done: tp->t_flags &= ~TF_OPENCLOSE; 362 cv_broadcast(&tp->t_dcdwait); 363 ttydev_leave(tp); 364 365 return (error); 366 } 367 368 static int 369 ttydev_close(struct cdev *dev, int fflag, int devtype __unused, 370 struct thread *td) 371 { 372 struct tty *tp = dev->si_drv1; 373 374 tty_lock(tp); 375 376 /* 377 * Don't actually close the device if it is being used as the 378 * console. 379 */ 380 MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 || 381 (tp->t_flags & TF_OPENED_OUT) == 0); 382 if (dev == dev_console) 383 tp->t_flags &= ~TF_OPENED_CONS; 384 else 385 tp->t_flags &= ~(TF_OPENED_IN|TF_OPENED_OUT); 386 387 if (tp->t_flags & TF_OPENED) { 388 tty_unlock(tp); 389 return (0); 390 } 391 392 /* If revoking, flush output now to avoid draining it later. */ 393 if ((fflag & FREVOKE) != 0) { 394 tty_flush(tp, FWRITE); 395 knlist_delete(&tp->t_inpoll.si_note, td, 1); 396 knlist_delete(&tp->t_outpoll.si_note, td, 1); 397 } 398 399 tp->t_flags &= ~TF_EXCLUDE; 400 401 /* Properly wake up threads that are stuck - revoke(). */ 402 tp->t_revokecnt++; 403 tty_wakeup(tp, FREAD|FWRITE); 404 cv_broadcast(&tp->t_bgwait); 405 cv_broadcast(&tp->t_dcdwait); 406 407 ttydev_leave(tp); 408 409 return (0); 410 } 411 412 static __inline int 413 tty_is_ctty(struct tty *tp, struct proc *p) 414 { 415 416 tty_assert_locked(tp); 417 418 return (p->p_session == tp->t_session && p->p_flag & P_CONTROLT); 419 } 420 421 int 422 tty_wait_background(struct tty *tp, struct thread *td, int sig) 423 { 424 struct proc *p; 425 struct pgrp *pg; 426 ksiginfo_t ksi; 427 int error; 428 429 MPASS(sig == SIGTTIN || sig == SIGTTOU); 430 tty_assert_locked(tp); 431 432 p = td->td_proc; 433 for (;;) { 434 pg = p->p_pgrp; 435 PGRP_LOCK(pg); 436 PROC_LOCK(p); 437 438 /* 439 * pg may no longer be our process group. 440 * Re-check after locking. 441 */ 442 if (p->p_pgrp != pg) { 443 PROC_UNLOCK(p); 444 PGRP_UNLOCK(pg); 445 continue; 446 } 447 448 /* 449 * The process should only sleep, when: 450 * - This terminal is the controlling terminal 451 * - Its process group is not the foreground process 452 * group 453 * - The parent process isn't waiting for the child to 454 * exit 455 * - the signal to send to the process isn't masked 456 */ 457 if (!tty_is_ctty(tp, p) || p->p_pgrp == tp->t_pgrp) { 458 /* Allow the action to happen. */ 459 PROC_UNLOCK(p); 460 PGRP_UNLOCK(pg); 461 return (0); 462 } 463 464 if (SIGISMEMBER(p->p_sigacts->ps_sigignore, sig) || 465 SIGISMEMBER(td->td_sigmask, sig)) { 466 /* Only allow them in write()/ioctl(). */ 467 PROC_UNLOCK(p); 468 PGRP_UNLOCK(pg); 469 return (sig == SIGTTOU ? 0 : EIO); 470 } 471 472 if ((p->p_flag & P_PPWAIT) != 0 || 473 (pg->pg_flags & PGRP_ORPHANED) != 0) { 474 /* Don't allow the action to happen. */ 475 PROC_UNLOCK(p); 476 PGRP_UNLOCK(pg); 477 return (EIO); 478 } 479 PROC_UNLOCK(p); 480 481 /* 482 * Send the signal and sleep until we're the new 483 * foreground process group. 484 */ 485 if (sig != 0) { 486 ksiginfo_init(&ksi); 487 ksi.ksi_code = SI_KERNEL; 488 ksi.ksi_signo = sig; 489 sig = 0; 490 } 491 492 pgsignal(pg, ksi.ksi_signo, 1, &ksi); 493 PGRP_UNLOCK(pg); 494 495 error = tty_wait(tp, &tp->t_bgwait); 496 if (error) 497 return (error); 498 } 499 } 500 501 static int 502 ttydev_read(struct cdev *dev, struct uio *uio, int ioflag) 503 { 504 struct tty *tp = dev->si_drv1; 505 int error; 506 507 error = ttydev_enter(tp); 508 if (error) 509 goto done; 510 error = ttydisc_read(tp, uio, ioflag); 511 tty_unlock(tp); 512 513 /* 514 * The read() call should not throw an error when the device is 515 * being destroyed. Silently convert it to an EOF. 516 */ 517 done: if (error == ENXIO) 518 error = 0; 519 return (error); 520 } 521 522 static int 523 ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) 524 { 525 struct tty *tp = dev->si_drv1; 526 int defer, error; 527 528 error = ttydev_enter(tp); 529 if (error) 530 return (error); 531 532 if (tp->t_termios.c_lflag & TOSTOP) { 533 error = tty_wait_background(tp, curthread, SIGTTOU); 534 if (error) 535 goto done; 536 } 537 538 if (ioflag & IO_NDELAY && tp->t_flags & TF_BUSY_OUT) { 539 /* Allow non-blocking writes to bypass serialization. */ 540 error = ttydisc_write(tp, uio, ioflag); 541 } else { 542 /* Serialize write() calls. */ 543 while (tp->t_flags & TF_BUSY_OUT) { 544 error = tty_wait(tp, &tp->t_outserwait); 545 if (error) 546 goto done; 547 } 548 549 tp->t_flags |= TF_BUSY_OUT; 550 defer = sigdeferstop(SIGDEFERSTOP_ERESTART); 551 error = ttydisc_write(tp, uio, ioflag); 552 sigallowstop(defer); 553 tp->t_flags &= ~TF_BUSY_OUT; 554 cv_signal(&tp->t_outserwait); 555 } 556 557 done: tty_unlock(tp); 558 return (error); 559 } 560 561 static int 562 ttydev_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, 563 struct thread *td) 564 { 565 struct tty *tp = dev->si_drv1; 566 int error; 567 568 error = ttydev_enter(tp); 569 if (error) 570 return (error); 571 572 switch (cmd) { 573 case TIOCCBRK: 574 case TIOCCONS: 575 case TIOCDRAIN: 576 case TIOCEXCL: 577 case TIOCFLUSH: 578 case TIOCNXCL: 579 case TIOCSBRK: 580 case TIOCSCTTY: 581 case TIOCSETA: 582 case TIOCSETAF: 583 case TIOCSETAW: 584 case TIOCSPGRP: 585 case TIOCSTART: 586 case TIOCSTAT: 587 case TIOCSTI: 588 case TIOCSTOP: 589 case TIOCSWINSZ: 590 #if 0 591 case TIOCSDRAINWAIT: 592 case TIOCSETD: 593 #endif 594 #ifdef COMPAT_43TTY 595 case TIOCLBIC: 596 case TIOCLBIS: 597 case TIOCLSET: 598 case TIOCSETC: 599 case OTIOCSETD: 600 case TIOCSETN: 601 case TIOCSETP: 602 case TIOCSLTC: 603 #endif /* COMPAT_43TTY */ 604 /* 605 * If the ioctl() causes the TTY to be modified, let it 606 * wait in the background. 607 */ 608 error = tty_wait_background(tp, curthread, SIGTTOU); 609 if (error) 610 goto done; 611 } 612 613 if (cmd == TIOCSETA || cmd == TIOCSETAW || cmd == TIOCSETAF) { 614 struct termios *old = &tp->t_termios; 615 struct termios *new = (struct termios *)data; 616 struct termios *lock = TTY_CALLOUT(tp, dev) ? 617 &tp->t_termios_lock_out : &tp->t_termios_lock_in; 618 int cc; 619 620 /* 621 * Lock state devices. Just overwrite the values of the 622 * commands that are currently in use. 623 */ 624 new->c_iflag = (old->c_iflag & lock->c_iflag) | 625 (new->c_iflag & ~lock->c_iflag); 626 new->c_oflag = (old->c_oflag & lock->c_oflag) | 627 (new->c_oflag & ~lock->c_oflag); 628 new->c_cflag = (old->c_cflag & lock->c_cflag) | 629 (new->c_cflag & ~lock->c_cflag); 630 new->c_lflag = (old->c_lflag & lock->c_lflag) | 631 (new->c_lflag & ~lock->c_lflag); 632 for (cc = 0; cc < NCCS; ++cc) 633 if (lock->c_cc[cc]) 634 new->c_cc[cc] = old->c_cc[cc]; 635 if (lock->c_ispeed) 636 new->c_ispeed = old->c_ispeed; 637 if (lock->c_ospeed) 638 new->c_ospeed = old->c_ospeed; 639 } 640 641 error = tty_ioctl(tp, cmd, data, fflag, td); 642 done: tty_unlock(tp); 643 644 return (error); 645 } 646 647 static int 648 ttydev_poll(struct cdev *dev, int events, struct thread *td) 649 { 650 struct tty *tp = dev->si_drv1; 651 int error, revents = 0; 652 653 error = ttydev_enter(tp); 654 if (error) 655 return ((events & (POLLIN|POLLRDNORM)) | POLLHUP); 656 657 if (events & (POLLIN|POLLRDNORM)) { 658 /* See if we can read something. */ 659 if (ttydisc_read_poll(tp) > 0) 660 revents |= events & (POLLIN|POLLRDNORM); 661 } 662 663 if (tp->t_flags & TF_ZOMBIE) { 664 /* Hangup flag on zombie state. */ 665 revents |= POLLHUP; 666 } else if (events & (POLLOUT|POLLWRNORM)) { 667 /* See if we can write something. */ 668 if (ttydisc_write_poll(tp) > 0) 669 revents |= events & (POLLOUT|POLLWRNORM); 670 } 671 672 if (revents == 0) { 673 if (events & (POLLIN|POLLRDNORM)) 674 selrecord(td, &tp->t_inpoll); 675 if (events & (POLLOUT|POLLWRNORM)) 676 selrecord(td, &tp->t_outpoll); 677 } 678 679 tty_unlock(tp); 680 681 return (revents); 682 } 683 684 static int 685 ttydev_mmap(struct cdev *dev, vm_ooffset_t offset, vm_paddr_t *paddr, 686 int nprot, vm_memattr_t *memattr) 687 { 688 struct tty *tp = dev->si_drv1; 689 int error; 690 691 /* Handle mmap() through the driver. */ 692 693 error = ttydev_enter(tp); 694 if (error) 695 return (-1); 696 error = ttydevsw_mmap(tp, offset, paddr, nprot, memattr); 697 tty_unlock(tp); 698 699 return (error); 700 } 701 702 /* 703 * kqueue support. 704 */ 705 706 static void 707 tty_kqops_read_detach(struct knote *kn) 708 { 709 struct tty *tp = kn->kn_hook; 710 711 knlist_remove(&tp->t_inpoll.si_note, kn, 0); 712 } 713 714 static int 715 tty_kqops_read_event(struct knote *kn, long hint __unused) 716 { 717 struct tty *tp = kn->kn_hook; 718 719 tty_assert_locked(tp); 720 721 if (tty_gone(tp) || tp->t_flags & TF_ZOMBIE) { 722 kn->kn_flags |= EV_EOF; 723 return (1); 724 } else { 725 kn->kn_data = ttydisc_read_poll(tp); 726 return (kn->kn_data > 0); 727 } 728 } 729 730 static void 731 tty_kqops_write_detach(struct knote *kn) 732 { 733 struct tty *tp = kn->kn_hook; 734 735 knlist_remove(&tp->t_outpoll.si_note, kn, 0); 736 } 737 738 static int 739 tty_kqops_write_event(struct knote *kn, long hint __unused) 740 { 741 struct tty *tp = kn->kn_hook; 742 743 tty_assert_locked(tp); 744 745 if (tty_gone(tp)) { 746 kn->kn_flags |= EV_EOF; 747 return (1); 748 } else { 749 kn->kn_data = ttydisc_write_poll(tp); 750 return (kn->kn_data > 0); 751 } 752 } 753 754 static const struct filterops tty_kqops_read = { 755 .f_isfd = 1, 756 .f_detach = tty_kqops_read_detach, 757 .f_event = tty_kqops_read_event, 758 }; 759 760 static const struct filterops tty_kqops_write = { 761 .f_isfd = 1, 762 .f_detach = tty_kqops_write_detach, 763 .f_event = tty_kqops_write_event, 764 }; 765 766 static int 767 ttydev_kqfilter(struct cdev *dev, struct knote *kn) 768 { 769 struct tty *tp = dev->si_drv1; 770 int error; 771 772 error = ttydev_enter(tp); 773 if (error) 774 return (error); 775 776 switch (kn->kn_filter) { 777 case EVFILT_READ: 778 kn->kn_hook = tp; 779 kn->kn_fop = &tty_kqops_read; 780 knlist_add(&tp->t_inpoll.si_note, kn, 1); 781 break; 782 case EVFILT_WRITE: 783 kn->kn_hook = tp; 784 kn->kn_fop = &tty_kqops_write; 785 knlist_add(&tp->t_outpoll.si_note, kn, 1); 786 break; 787 default: 788 error = EINVAL; 789 break; 790 } 791 792 tty_unlock(tp); 793 return (error); 794 } 795 796 static struct cdevsw ttydev_cdevsw = { 797 .d_version = D_VERSION, 798 .d_open = ttydev_open, 799 .d_close = ttydev_close, 800 .d_read = ttydev_read, 801 .d_write = ttydev_write, 802 .d_ioctl = ttydev_ioctl, 803 .d_kqfilter = ttydev_kqfilter, 804 .d_poll = ttydev_poll, 805 .d_mmap = ttydev_mmap, 806 .d_name = "ttydev", 807 .d_flags = D_TTY, 808 }; 809 810 /* 811 * Init/lock-state devices 812 */ 813 814 static int 815 ttyil_open(struct cdev *dev, int oflags __unused, int devtype __unused, 816 struct thread *td) 817 { 818 struct tty *tp; 819 int error; 820 821 tp = dev->si_drv1; 822 error = 0; 823 tty_lock(tp); 824 if (tty_gone(tp)) 825 error = ENODEV; 826 tty_unlock(tp); 827 828 return (error); 829 } 830 831 static int 832 ttyil_close(struct cdev *dev __unused, int flag __unused, int mode __unused, 833 struct thread *td __unused) 834 { 835 836 return (0); 837 } 838 839 static int 840 ttyil_rdwr(struct cdev *dev __unused, struct uio *uio __unused, 841 int ioflag __unused) 842 { 843 844 return (ENODEV); 845 } 846 847 static int 848 ttyil_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, 849 struct thread *td) 850 { 851 struct tty *tp = dev->si_drv1; 852 int error; 853 854 tty_lock(tp); 855 if (tty_gone(tp)) { 856 error = ENODEV; 857 goto done; 858 } 859 860 error = ttydevsw_cioctl(tp, dev2unit(dev), cmd, data, td); 861 if (error != ENOIOCTL) 862 goto done; 863 error = 0; 864 865 switch (cmd) { 866 case TIOCGETA: 867 /* Obtain terminal flags through tcgetattr(). */ 868 *(struct termios*)data = *(struct termios*)dev->si_drv2; 869 break; 870 case TIOCSETA: 871 /* Set terminal flags through tcsetattr(). */ 872 error = priv_check(td, PRIV_TTY_SETA); 873 if (error) 874 break; 875 *(struct termios*)dev->si_drv2 = *(struct termios*)data; 876 break; 877 case TIOCGETD: 878 *(int *)data = TTYDISC; 879 break; 880 case TIOCGWINSZ: 881 bzero(data, sizeof(struct winsize)); 882 break; 883 default: 884 error = ENOTTY; 885 } 886 887 done: tty_unlock(tp); 888 return (error); 889 } 890 891 static struct cdevsw ttyil_cdevsw = { 892 .d_version = D_VERSION, 893 .d_open = ttyil_open, 894 .d_close = ttyil_close, 895 .d_read = ttyil_rdwr, 896 .d_write = ttyil_rdwr, 897 .d_ioctl = ttyil_ioctl, 898 .d_name = "ttyil", 899 .d_flags = D_TTY, 900 }; 901 902 static void 903 tty_init_termios(struct tty *tp) 904 { 905 struct termios *t = &tp->t_termios_init_in; 906 907 t->c_cflag = TTYDEF_CFLAG; 908 t->c_iflag = TTYDEF_IFLAG; 909 t->c_lflag = TTYDEF_LFLAG; 910 t->c_oflag = TTYDEF_OFLAG; 911 t->c_ispeed = TTYDEF_SPEED; 912 t->c_ospeed = TTYDEF_SPEED; 913 memcpy(&t->c_cc, ttydefchars, sizeof ttydefchars); 914 915 tp->t_termios_init_out = *t; 916 } 917 918 void 919 tty_init_console(struct tty *tp, speed_t s) 920 { 921 struct termios *ti = &tp->t_termios_init_in; 922 struct termios *to = &tp->t_termios_init_out; 923 924 if (s != 0) { 925 ti->c_ispeed = ti->c_ospeed = s; 926 to->c_ispeed = to->c_ospeed = s; 927 } 928 929 ti->c_cflag |= CLOCAL; 930 to->c_cflag |= CLOCAL; 931 } 932 933 /* 934 * Standard device routine implementations, mostly meant for 935 * pseudo-terminal device drivers. When a driver creates a new terminal 936 * device class, missing routines are patched. 937 */ 938 939 static int 940 ttydevsw_defopen(struct tty *tp __unused) 941 { 942 943 return (0); 944 } 945 946 static void 947 ttydevsw_defclose(struct tty *tp __unused) 948 { 949 950 } 951 952 static void 953 ttydevsw_defoutwakeup(struct tty *tp __unused) 954 { 955 956 panic("Terminal device has output, while not implemented"); 957 } 958 959 static void 960 ttydevsw_definwakeup(struct tty *tp __unused) 961 { 962 963 } 964 965 static int 966 ttydevsw_defioctl(struct tty *tp __unused, u_long cmd __unused, 967 caddr_t data __unused, struct thread *td __unused) 968 { 969 970 return (ENOIOCTL); 971 } 972 973 static int 974 ttydevsw_defcioctl(struct tty *tp __unused, int unit __unused, 975 u_long cmd __unused, caddr_t data __unused, struct thread *td __unused) 976 { 977 978 return (ENOIOCTL); 979 } 980 981 static int 982 ttydevsw_defparam(struct tty *tp __unused, struct termios *t) 983 { 984 985 /* 986 * Allow the baud rate to be adjusted for pseudo-devices, but at 987 * least restrict it to 115200 to prevent excessive buffer 988 * usage. Also disallow 0, to prevent foot shooting. 989 */ 990 if (t->c_ispeed < B50) 991 t->c_ispeed = B50; 992 else if (t->c_ispeed > B115200) 993 t->c_ispeed = B115200; 994 if (t->c_ospeed < B50) 995 t->c_ospeed = B50; 996 else if (t->c_ospeed > B115200) 997 t->c_ospeed = B115200; 998 t->c_cflag |= CREAD; 999 1000 return (0); 1001 } 1002 1003 static int 1004 ttydevsw_defmodem(struct tty *tp __unused, int sigon __unused, 1005 int sigoff __unused) 1006 { 1007 1008 /* Simulate a carrier to make the TTY layer happy. */ 1009 return (SER_DCD); 1010 } 1011 1012 static int 1013 ttydevsw_defmmap(struct tty *tp __unused, vm_ooffset_t offset __unused, 1014 vm_paddr_t *paddr __unused, int nprot __unused, 1015 vm_memattr_t *memattr __unused) 1016 { 1017 1018 return (-1); 1019 } 1020 1021 static void 1022 ttydevsw_defpktnotify(struct tty *tp __unused, char event __unused) 1023 { 1024 1025 } 1026 1027 static void 1028 ttydevsw_deffree(void *softc __unused) 1029 { 1030 1031 panic("Terminal device freed without a free-handler"); 1032 } 1033 1034 static bool 1035 ttydevsw_defbusy(struct tty *tp __unused) 1036 { 1037 1038 return (FALSE); 1039 } 1040 1041 /* 1042 * TTY allocation and deallocation. TTY devices can be deallocated when 1043 * the driver doesn't use it anymore, when the TTY isn't a session's 1044 * controlling TTY and when the device node isn't opened through devfs. 1045 */ 1046 1047 struct tty * 1048 tty_alloc(struct ttydevsw *tsw, void *sc) 1049 { 1050 1051 return (tty_alloc_mutex(tsw, sc, NULL)); 1052 } 1053 1054 struct tty * 1055 tty_alloc_mutex(struct ttydevsw *tsw, void *sc, struct mtx *mutex) 1056 { 1057 struct tty *tp; 1058 1059 /* Make sure the driver defines all routines. */ 1060 #define PATCH_FUNC(x) do { \ 1061 if (tsw->tsw_ ## x == NULL) \ 1062 tsw->tsw_ ## x = ttydevsw_def ## x; \ 1063 } while (0) 1064 PATCH_FUNC(open); 1065 PATCH_FUNC(close); 1066 PATCH_FUNC(outwakeup); 1067 PATCH_FUNC(inwakeup); 1068 PATCH_FUNC(ioctl); 1069 PATCH_FUNC(cioctl); 1070 PATCH_FUNC(param); 1071 PATCH_FUNC(modem); 1072 PATCH_FUNC(mmap); 1073 PATCH_FUNC(pktnotify); 1074 PATCH_FUNC(free); 1075 PATCH_FUNC(busy); 1076 #undef PATCH_FUNC 1077 1078 tp = malloc(sizeof(struct tty) + TTY_PRBUF_SIZE, M_TTY, 1079 M_WAITOK | M_ZERO); 1080 tp->t_prbufsz = TTY_PRBUF_SIZE; 1081 tp->t_devsw = tsw; 1082 tp->t_devswsoftc = sc; 1083 tp->t_flags = tsw->tsw_flags; 1084 tp->t_drainwait = tty_drainwait; 1085 1086 tty_init_termios(tp); 1087 1088 cv_init(&tp->t_inwait, "ttyin"); 1089 cv_init(&tp->t_outwait, "ttyout"); 1090 cv_init(&tp->t_outserwait, "ttyosr"); 1091 cv_init(&tp->t_bgwait, "ttybg"); 1092 cv_init(&tp->t_dcdwait, "ttydcd"); 1093 1094 /* Allow drivers to use a custom mutex to lock the TTY. */ 1095 if (mutex != NULL) { 1096 tp->t_mtx = mutex; 1097 } else { 1098 tp->t_mtx = &tp->t_mtxobj; 1099 mtx_init(&tp->t_mtxobj, "ttymtx", NULL, MTX_DEF); 1100 } 1101 1102 knlist_init_mtx(&tp->t_inpoll.si_note, tp->t_mtx); 1103 knlist_init_mtx(&tp->t_outpoll.si_note, tp->t_mtx); 1104 1105 return (tp); 1106 } 1107 1108 static void 1109 tty_dealloc(void *arg) 1110 { 1111 struct tty *tp = arg; 1112 1113 /* 1114 * ttyydev_leave() usually frees the i/o queues earlier, but it is 1115 * not always called between queue allocation and here. The queues 1116 * may be allocated by ioctls on a pty control device without the 1117 * corresponding pty slave device ever being open, or after it is 1118 * closed. 1119 */ 1120 ttyinq_free(&tp->t_inq); 1121 ttyoutq_free(&tp->t_outq); 1122 seldrain(&tp->t_inpoll); 1123 seldrain(&tp->t_outpoll); 1124 knlist_clear(&tp->t_inpoll.si_note, 0); 1125 knlist_clear(&tp->t_outpoll.si_note, 0); 1126 knlist_destroy(&tp->t_inpoll.si_note); 1127 knlist_destroy(&tp->t_outpoll.si_note); 1128 1129 cv_destroy(&tp->t_inwait); 1130 cv_destroy(&tp->t_outwait); 1131 cv_destroy(&tp->t_bgwait); 1132 cv_destroy(&tp->t_dcdwait); 1133 cv_destroy(&tp->t_outserwait); 1134 1135 if (tp->t_mtx == &tp->t_mtxobj) 1136 mtx_destroy(&tp->t_mtxobj); 1137 ttydevsw_free(tp); 1138 free(tp, M_TTY); 1139 } 1140 1141 static void 1142 tty_rel_free(struct tty *tp) 1143 { 1144 struct cdev *dev; 1145 1146 tty_assert_locked(tp); 1147 1148 #define TF_ACTIVITY (TF_GONE|TF_OPENED|TF_HOOK|TF_OPENCLOSE) 1149 if (tp->t_sessioncnt != 0 || (tp->t_flags & TF_ACTIVITY) != TF_GONE) { 1150 /* TTY is still in use. */ 1151 tty_unlock(tp); 1152 return; 1153 } 1154 1155 /* Stop asynchronous I/O. */ 1156 funsetown(&tp->t_sigio); 1157 1158 /* TTY can be deallocated. */ 1159 dev = tp->t_dev; 1160 tp->t_dev = NULL; 1161 tty_unlock(tp); 1162 1163 if (dev != NULL) { 1164 sx_xlock(&tty_list_sx); 1165 TAILQ_REMOVE(&tty_list, tp, t_list); 1166 tty_list_count--; 1167 sx_xunlock(&tty_list_sx); 1168 destroy_dev_sched_cb(dev, tty_dealloc, tp); 1169 } 1170 } 1171 1172 void 1173 tty_rel_pgrp(struct tty *tp, struct pgrp *pg) 1174 { 1175 1176 MPASS(tp->t_sessioncnt > 0); 1177 tty_assert_locked(tp); 1178 1179 if (tp->t_pgrp == pg) 1180 tp->t_pgrp = NULL; 1181 1182 tty_unlock(tp); 1183 } 1184 1185 void 1186 tty_rel_sess(struct tty *tp, struct session *sess) 1187 { 1188 1189 MPASS(tp->t_sessioncnt > 0); 1190 1191 /* Current session has left. */ 1192 if (tp->t_session == sess) { 1193 tp->t_session = NULL; 1194 MPASS(tp->t_pgrp == NULL); 1195 } 1196 tp->t_sessioncnt--; 1197 tty_rel_free(tp); 1198 } 1199 1200 void 1201 tty_rel_gone(struct tty *tp) 1202 { 1203 1204 tty_assert_locked(tp); 1205 MPASS(!tty_gone(tp)); 1206 1207 /* Simulate carrier removal. */ 1208 ttydisc_modem(tp, 0); 1209 1210 /* Wake up all blocked threads. */ 1211 tty_wakeup(tp, FREAD|FWRITE); 1212 cv_broadcast(&tp->t_bgwait); 1213 cv_broadcast(&tp->t_dcdwait); 1214 1215 tp->t_flags |= TF_GONE; 1216 tty_rel_free(tp); 1217 } 1218 1219 static int 1220 tty_drop_ctty(struct tty *tp, struct proc *p) 1221 { 1222 struct session *session; 1223 struct vnode *vp; 1224 1225 /* 1226 * This looks terrible, but it's generally safe as long as the tty 1227 * hasn't gone away while we had the lock dropped. All of our sanity 1228 * checking that this operation is OK happens after we've picked it back 1229 * up, so other state changes are generally not fatal and the potential 1230 * for this particular operation to happen out-of-order in a 1231 * multithreaded scenario is likely a non-issue. 1232 */ 1233 tty_unlock(tp); 1234 sx_xlock(&proctree_lock); 1235 tty_lock(tp); 1236 if (tty_gone(tp)) { 1237 sx_xunlock(&proctree_lock); 1238 return (ENODEV); 1239 } 1240 1241 /* 1242 * If the session doesn't have a controlling TTY, or if we weren't 1243 * invoked on the controlling TTY, we'll return ENOIOCTL as we've 1244 * historically done. 1245 */ 1246 session = p->p_session; 1247 if (session->s_ttyp == NULL || session->s_ttyp != tp) { 1248 sx_xunlock(&proctree_lock); 1249 return (ENOTTY); 1250 } 1251 1252 if (!SESS_LEADER(p)) { 1253 sx_xunlock(&proctree_lock); 1254 return (EPERM); 1255 } 1256 1257 PROC_LOCK(p); 1258 SESS_LOCK(session); 1259 vp = session->s_ttyvp; 1260 session->s_ttyp = NULL; 1261 session->s_ttyvp = NULL; 1262 session->s_ttydp = NULL; 1263 SESS_UNLOCK(session); 1264 1265 tp->t_sessioncnt--; 1266 p->p_flag &= ~P_CONTROLT; 1267 PROC_UNLOCK(p); 1268 sx_xunlock(&proctree_lock); 1269 1270 /* 1271 * If we did have a vnode, release our reference. Ordinarily we manage 1272 * these at the devfs layer, but we can't necessarily know that we were 1273 * invoked on the vnode referenced in the session (i.e. the vnode we 1274 * hold a reference to). We explicitly don't check VBAD/VIRF_DOOMED here 1275 * to avoid a vnode leak -- in circumstances elsewhere where we'd hit a 1276 * VIRF_DOOMED vnode, release has been deferred until the controlling TTY 1277 * is either changed or released. 1278 */ 1279 if (vp != NULL) 1280 devfs_ctty_unref(vp); 1281 return (0); 1282 } 1283 1284 /* 1285 * Exposing information about current TTY's through sysctl 1286 */ 1287 1288 static void 1289 tty_to_xtty(struct tty *tp, struct xtty *xt) 1290 { 1291 1292 tty_assert_locked(tp); 1293 1294 memset(xt, 0, sizeof(*xt)); 1295 xt->xt_size = sizeof(struct xtty); 1296 xt->xt_insize = ttyinq_getsize(&tp->t_inq); 1297 xt->xt_incc = ttyinq_bytescanonicalized(&tp->t_inq); 1298 xt->xt_inlc = ttyinq_bytesline(&tp->t_inq); 1299 xt->xt_inlow = tp->t_inlow; 1300 xt->xt_outsize = ttyoutq_getsize(&tp->t_outq); 1301 xt->xt_outcc = ttyoutq_bytesused(&tp->t_outq); 1302 xt->xt_outlow = tp->t_outlow; 1303 xt->xt_column = tp->t_column; 1304 xt->xt_pgid = tp->t_pgrp ? tp->t_pgrp->pg_id : 0; 1305 xt->xt_sid = tp->t_session ? tp->t_session->s_sid : 0; 1306 xt->xt_flags = tp->t_flags; 1307 xt->xt_dev = tp->t_dev ? dev2udev(tp->t_dev) : (uint32_t)NODEV; 1308 } 1309 1310 static int 1311 sysctl_kern_ttys(SYSCTL_HANDLER_ARGS) 1312 { 1313 unsigned long lsize; 1314 struct thread *td = curthread; 1315 struct xtty *xtlist, *xt; 1316 struct tty *tp; 1317 struct proc *p; 1318 int error; 1319 bool cansee; 1320 1321 sx_slock(&tty_list_sx); 1322 lsize = tty_list_count * sizeof(struct xtty); 1323 if (lsize == 0) { 1324 sx_sunlock(&tty_list_sx); 1325 return (0); 1326 } 1327 1328 xtlist = xt = malloc(lsize, M_TTY, M_WAITOK); 1329 1330 TAILQ_FOREACH(tp, &tty_list, t_list) { 1331 tty_lock(tp); 1332 if (tp->t_session != NULL && 1333 (p = atomic_load_ptr(&tp->t_session->s_leader)) != NULL) { 1334 PROC_LOCK(p); 1335 cansee = (p_cansee(td, p) == 0); 1336 PROC_UNLOCK(p); 1337 } else { 1338 cansee = !jailed(td->td_ucred); 1339 } 1340 if (cansee) { 1341 tty_to_xtty(tp, xt); 1342 xt++; 1343 } 1344 tty_unlock(tp); 1345 } 1346 sx_sunlock(&tty_list_sx); 1347 1348 lsize = (xt - xtlist) * sizeof(struct xtty); 1349 if (lsize > 0) { 1350 error = SYSCTL_OUT(req, xtlist, lsize); 1351 } else { 1352 error = 0; 1353 } 1354 free(xtlist, M_TTY); 1355 return (error); 1356 } 1357 1358 SYSCTL_PROC(_kern, OID_AUTO, ttys, CTLTYPE_OPAQUE|CTLFLAG_RD|CTLFLAG_MPSAFE, 1359 0, 0, sysctl_kern_ttys, "S,xtty", "List of TTYs"); 1360 1361 /* 1362 * Device node creation. Device has been set up, now we can expose it to 1363 * the user. 1364 */ 1365 1366 int 1367 tty_makedevf(struct tty *tp, struct ucred *cred, int flags, 1368 const char *fmt, ...) 1369 { 1370 va_list ap; 1371 struct make_dev_args args; 1372 struct cdev *dev, *init, *lock, *cua, *cinit, *clock; 1373 const char *prefix = "tty"; 1374 char name[SPECNAMELEN - 3]; /* for "tty" and "cua". */ 1375 uid_t uid; 1376 gid_t gid; 1377 mode_t mode; 1378 int error; 1379 1380 /* Remove "tty" prefix from devices like PTY's. */ 1381 if (tp->t_flags & TF_NOPREFIX) 1382 prefix = ""; 1383 1384 va_start(ap, fmt); 1385 vsnrprintf(name, sizeof name, 32, fmt, ap); 1386 va_end(ap); 1387 1388 if (cred == NULL) { 1389 /* System device. */ 1390 uid = UID_ROOT; 1391 gid = GID_WHEEL; 1392 mode = S_IRUSR|S_IWUSR; 1393 } else { 1394 /* User device. */ 1395 uid = cred->cr_ruid; 1396 gid = GID_TTY; 1397 mode = S_IRUSR|S_IWUSR|S_IWGRP; 1398 } 1399 1400 flags = flags & TTYMK_CLONING ? MAKEDEV_REF : 0; 1401 flags |= MAKEDEV_CHECKNAME; 1402 1403 /* Master call-in device. */ 1404 make_dev_args_init(&args); 1405 args.mda_flags = flags; 1406 args.mda_devsw = &ttydev_cdevsw; 1407 args.mda_cr = cred; 1408 args.mda_uid = uid; 1409 args.mda_gid = gid; 1410 args.mda_mode = mode; 1411 args.mda_si_drv1 = tp; 1412 error = make_dev_s(&args, &dev, "%s%s", prefix, name); 1413 if (error != 0) 1414 return (error); 1415 tp->t_dev = dev; 1416 1417 init = lock = cua = cinit = clock = NULL; 1418 1419 /* Slave call-in devices. */ 1420 if (tp->t_flags & TF_INITLOCK) { 1421 args.mda_devsw = &ttyil_cdevsw; 1422 args.mda_unit = TTYUNIT_INIT; 1423 args.mda_si_drv1 = tp; 1424 args.mda_si_drv2 = &tp->t_termios_init_in; 1425 error = make_dev_s(&args, &init, "%s%s.init", prefix, name); 1426 if (error != 0) 1427 goto fail; 1428 dev_depends(dev, init); 1429 1430 args.mda_unit = TTYUNIT_LOCK; 1431 args.mda_si_drv2 = &tp->t_termios_lock_in; 1432 error = make_dev_s(&args, &lock, "%s%s.lock", prefix, name); 1433 if (error != 0) 1434 goto fail; 1435 dev_depends(dev, lock); 1436 } 1437 1438 /* Call-out devices. */ 1439 if (tp->t_flags & TF_CALLOUT) { 1440 make_dev_args_init(&args); 1441 args.mda_flags = flags; 1442 args.mda_devsw = &ttydev_cdevsw; 1443 args.mda_cr = cred; 1444 args.mda_uid = UID_UUCP; 1445 args.mda_gid = GID_DIALER; 1446 args.mda_mode = 0660; 1447 args.mda_unit = TTYUNIT_CALLOUT; 1448 args.mda_si_drv1 = tp; 1449 error = make_dev_s(&args, &cua, "cua%s", name); 1450 if (error != 0) 1451 goto fail; 1452 dev_depends(dev, cua); 1453 1454 /* Slave call-out devices. */ 1455 if (tp->t_flags & TF_INITLOCK) { 1456 args.mda_devsw = &ttyil_cdevsw; 1457 args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_INIT; 1458 args.mda_si_drv2 = &tp->t_termios_init_out; 1459 error = make_dev_s(&args, &cinit, "cua%s.init", name); 1460 if (error != 0) 1461 goto fail; 1462 dev_depends(dev, cinit); 1463 1464 args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_LOCK; 1465 args.mda_si_drv2 = &tp->t_termios_lock_out; 1466 error = make_dev_s(&args, &clock, "cua%s.lock", name); 1467 if (error != 0) 1468 goto fail; 1469 dev_depends(dev, clock); 1470 } 1471 } 1472 1473 sx_xlock(&tty_list_sx); 1474 TAILQ_INSERT_TAIL(&tty_list, tp, t_list); 1475 tty_list_count++; 1476 sx_xunlock(&tty_list_sx); 1477 1478 return (0); 1479 1480 fail: 1481 destroy_dev(dev); 1482 if (init) 1483 destroy_dev(init); 1484 if (lock) 1485 destroy_dev(lock); 1486 if (cinit) 1487 destroy_dev(cinit); 1488 if (clock) 1489 destroy_dev(clock); 1490 1491 return (error); 1492 } 1493 1494 /* 1495 * Signalling processes. 1496 */ 1497 1498 void 1499 tty_signal_sessleader(struct tty *tp, int sig) 1500 { 1501 struct proc *p; 1502 struct session *s; 1503 1504 tty_assert_locked(tp); 1505 MPASS(sig >= 1 && sig < NSIG); 1506 1507 /* Make signals start output again. */ 1508 tp->t_flags &= ~TF_STOPPED; 1509 tp->t_termios.c_lflag &= ~FLUSHO; 1510 1511 /* 1512 * Load s_leader exactly once to avoid race where s_leader is 1513 * set to NULL by a concurrent invocation of killjobc() by the 1514 * session leader. Note that we are not holding t_session's 1515 * lock for the read. 1516 */ 1517 if ((s = tp->t_session) != NULL && 1518 (p = atomic_load_ptr(&s->s_leader)) != NULL) { 1519 PROC_LOCK(p); 1520 kern_psignal(p, sig); 1521 PROC_UNLOCK(p); 1522 } 1523 } 1524 1525 void 1526 tty_signal_pgrp(struct tty *tp, int sig) 1527 { 1528 ksiginfo_t ksi; 1529 1530 tty_assert_locked(tp); 1531 MPASS(sig >= 1 && sig < NSIG); 1532 1533 /* Make signals start output again. */ 1534 tp->t_flags &= ~TF_STOPPED; 1535 tp->t_termios.c_lflag &= ~FLUSHO; 1536 1537 if (sig == SIGINFO && !(tp->t_termios.c_lflag & NOKERNINFO)) 1538 tty_info(tp); 1539 if (tp->t_pgrp != NULL) { 1540 ksiginfo_init(&ksi); 1541 ksi.ksi_signo = sig; 1542 ksi.ksi_code = SI_KERNEL; 1543 PGRP_LOCK(tp->t_pgrp); 1544 pgsignal(tp->t_pgrp, sig, 1, &ksi); 1545 PGRP_UNLOCK(tp->t_pgrp); 1546 } 1547 } 1548 1549 void 1550 tty_wakeup(struct tty *tp, int flags) 1551 { 1552 1553 if (tp->t_flags & TF_ASYNC && tp->t_sigio != NULL) 1554 pgsigio(&tp->t_sigio, SIGIO, (tp->t_session != NULL)); 1555 1556 if (flags & FWRITE) { 1557 cv_broadcast(&tp->t_outwait); 1558 selwakeup(&tp->t_outpoll); 1559 KNOTE_LOCKED(&tp->t_outpoll.si_note, 0); 1560 } 1561 if (flags & FREAD) { 1562 cv_broadcast(&tp->t_inwait); 1563 selwakeup(&tp->t_inpoll); 1564 KNOTE_LOCKED(&tp->t_inpoll.si_note, 0); 1565 } 1566 } 1567 1568 int 1569 tty_wait(struct tty *tp, struct cv *cv) 1570 { 1571 int error; 1572 int revokecnt = tp->t_revokecnt; 1573 1574 tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED); 1575 MPASS(!tty_gone(tp)); 1576 1577 error = cv_wait_sig(cv, tp->t_mtx); 1578 1579 /* Bail out when the device slipped away. */ 1580 if (tty_gone(tp)) 1581 return (ENXIO); 1582 1583 /* Restart the system call when we may have been revoked. */ 1584 if (tp->t_revokecnt != revokecnt) 1585 return (ERESTART); 1586 1587 return (error); 1588 } 1589 1590 int 1591 tty_timedwait(struct tty *tp, struct cv *cv, int hz) 1592 { 1593 int error; 1594 int revokecnt = tp->t_revokecnt; 1595 1596 tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED); 1597 MPASS(!tty_gone(tp)); 1598 1599 error = cv_timedwait_sig(cv, tp->t_mtx, hz); 1600 1601 /* Bail out when the device slipped away. */ 1602 if (tty_gone(tp)) 1603 return (ENXIO); 1604 1605 /* Restart the system call when we may have been revoked. */ 1606 if (tp->t_revokecnt != revokecnt) 1607 return (ERESTART); 1608 1609 return (error); 1610 } 1611 1612 void 1613 tty_flush(struct tty *tp, int flags) 1614 { 1615 1616 if (flags & FWRITE) { 1617 tp->t_flags &= ~TF_HIWAT_OUT; 1618 ttyoutq_flush(&tp->t_outq); 1619 tty_wakeup(tp, FWRITE); 1620 if (!tty_gone(tp)) { 1621 ttydevsw_outwakeup(tp); 1622 ttydevsw_pktnotify(tp, TIOCPKT_FLUSHWRITE); 1623 } 1624 } 1625 if (flags & FREAD) { 1626 tty_hiwat_in_unblock(tp); 1627 ttyinq_flush(&tp->t_inq); 1628 tty_wakeup(tp, FREAD); 1629 if (!tty_gone(tp)) { 1630 ttydevsw_inwakeup(tp); 1631 ttydevsw_pktnotify(tp, TIOCPKT_FLUSHREAD); 1632 } 1633 } 1634 } 1635 1636 void 1637 tty_set_winsize(struct tty *tp, const struct winsize *wsz) 1638 { 1639 1640 if (memcmp(&tp->t_winsize, wsz, sizeof(*wsz)) == 0) 1641 return; 1642 tp->t_winsize = *wsz; 1643 tty_signal_pgrp(tp, SIGWINCH); 1644 } 1645 1646 static int 1647 tty_generic_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, 1648 struct thread *td) 1649 { 1650 int error; 1651 1652 switch (cmd) { 1653 /* 1654 * Modem commands. 1655 * The SER_* and TIOCM_* flags are the same, but one bit 1656 * shifted. I don't know why. 1657 */ 1658 case TIOCSDTR: 1659 ttydevsw_modem(tp, SER_DTR, 0); 1660 return (0); 1661 case TIOCCDTR: 1662 ttydevsw_modem(tp, 0, SER_DTR); 1663 return (0); 1664 case TIOCMSET: { 1665 int bits = *(int *)data; 1666 ttydevsw_modem(tp, 1667 (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 1668 ((~bits) & (TIOCM_DTR | TIOCM_RTS)) >> 1); 1669 return (0); 1670 } 1671 case TIOCMBIS: { 1672 int bits = *(int *)data; 1673 ttydevsw_modem(tp, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 0); 1674 return (0); 1675 } 1676 case TIOCMBIC: { 1677 int bits = *(int *)data; 1678 ttydevsw_modem(tp, 0, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1); 1679 return (0); 1680 } 1681 case TIOCMGET: 1682 *(int *)data = TIOCM_LE + (ttydevsw_modem(tp, 0, 0) << 1); 1683 return (0); 1684 1685 case FIOASYNC: 1686 if (*(int *)data) 1687 tp->t_flags |= TF_ASYNC; 1688 else 1689 tp->t_flags &= ~TF_ASYNC; 1690 return (0); 1691 case FIONBIO: 1692 /* This device supports non-blocking operation. */ 1693 return (0); 1694 case FIONREAD: 1695 *(int *)data = ttydisc_bytesavail(tp); 1696 return (0); 1697 case FIONWRITE: 1698 case TIOCOUTQ: 1699 *(int *)data = ttyoutq_bytesused(&tp->t_outq); 1700 return (0); 1701 case FIOSETOWN: 1702 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc)) 1703 /* Not allowed to set ownership. */ 1704 return (ENOTTY); 1705 1706 /* Temporarily unlock the TTY to set ownership. */ 1707 tty_unlock(tp); 1708 error = fsetown(*(int *)data, &tp->t_sigio); 1709 tty_lock(tp); 1710 return (error); 1711 case FIOGETOWN: 1712 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc)) 1713 /* Not allowed to set ownership. */ 1714 return (ENOTTY); 1715 1716 /* Get ownership. */ 1717 *(int *)data = fgetown(&tp->t_sigio); 1718 return (0); 1719 case TIOCGETA: 1720 /* Obtain terminal flags through tcgetattr(). */ 1721 *(struct termios*)data = tp->t_termios; 1722 return (0); 1723 case TIOCSETA: 1724 case TIOCSETAW: 1725 case TIOCSETAF: { 1726 struct termios *t = data; 1727 bool canonicalize = false; 1728 1729 /* 1730 * Who makes up these funny rules? According to POSIX, 1731 * input baud rate is set equal to the output baud rate 1732 * when zero. 1733 */ 1734 if (t->c_ispeed == 0) 1735 t->c_ispeed = t->c_ospeed; 1736 1737 /* Discard any unsupported bits. */ 1738 t->c_iflag &= TTYSUP_IFLAG; 1739 t->c_oflag &= TTYSUP_OFLAG; 1740 t->c_lflag &= TTYSUP_LFLAG; 1741 t->c_cflag &= TTYSUP_CFLAG; 1742 1743 /* Set terminal flags through tcsetattr(). */ 1744 if (cmd == TIOCSETAW || cmd == TIOCSETAF) { 1745 error = tty_drain(tp, 0); 1746 if (error) 1747 return (error); 1748 if (cmd == TIOCSETAF) 1749 tty_flush(tp, FREAD); 1750 } 1751 1752 /* 1753 * Only call param() when the flags really change. 1754 */ 1755 if ((t->c_cflag & CIGNORE) == 0 && 1756 (tp->t_termios.c_cflag != t->c_cflag || 1757 ((tp->t_termios.c_iflag ^ t->c_iflag) & 1758 (IXON|IXOFF|IXANY)) || 1759 tp->t_termios.c_ispeed != t->c_ispeed || 1760 tp->t_termios.c_ospeed != t->c_ospeed)) { 1761 error = ttydevsw_param(tp, t); 1762 if (error) 1763 return (error); 1764 1765 /* XXX: CLOCAL? */ 1766 1767 tp->t_termios.c_cflag = t->c_cflag & ~CIGNORE; 1768 tp->t_termios.c_ispeed = t->c_ispeed; 1769 tp->t_termios.c_ospeed = t->c_ospeed; 1770 1771 /* Baud rate has changed - update watermarks. */ 1772 error = tty_watermarks(tp); 1773 if (error) 1774 return (error); 1775 } 1776 1777 /* 1778 * We'll canonicalize any partial input if we're transitioning 1779 * ICANON one way or the other. If we're going from -ICANON -> 1780 * ICANON, then in the worst case scenario we're in the middle 1781 * of a line but both ttydisc_read() and FIONREAD will search 1782 * for one of our line terminals. 1783 */ 1784 if ((t->c_lflag & ICANON) != (tp->t_termios.c_lflag & ICANON)) 1785 canonicalize = true; 1786 else if (tp->t_termios.c_cc[VEOF] != t->c_cc[VEOF] || 1787 tp->t_termios.c_cc[VEOL] != t->c_cc[VEOL]) 1788 canonicalize = true; 1789 1790 /* Copy new non-device driver parameters. */ 1791 tp->t_termios.c_iflag = t->c_iflag; 1792 tp->t_termios.c_oflag = t->c_oflag; 1793 tp->t_termios.c_lflag = t->c_lflag; 1794 memcpy(&tp->t_termios.c_cc, t->c_cc, sizeof t->c_cc); 1795 1796 ttydisc_optimize(tp); 1797 1798 if (canonicalize) 1799 ttydisc_canonicalize(tp); 1800 if ((t->c_lflag & ICANON) == 0) { 1801 /* 1802 * When in non-canonical mode, wake up all 1803 * readers. Any partial input has already been 1804 * canonicalized above if we were in canonical mode. 1805 * VMIN and VTIME could also be adjusted. 1806 */ 1807 tty_wakeup(tp, FREAD); 1808 } 1809 1810 /* 1811 * For packet mode: notify the PTY consumer that VSTOP 1812 * and VSTART may have been changed. 1813 */ 1814 if (tp->t_termios.c_iflag & IXON && 1815 tp->t_termios.c_cc[VSTOP] == CTRL('S') && 1816 tp->t_termios.c_cc[VSTART] == CTRL('Q')) 1817 ttydevsw_pktnotify(tp, TIOCPKT_DOSTOP); 1818 else 1819 ttydevsw_pktnotify(tp, TIOCPKT_NOSTOP); 1820 return (0); 1821 } 1822 case TIOCGETD: 1823 /* For compatibility - we only support TTYDISC. */ 1824 *(int *)data = TTYDISC; 1825 return (0); 1826 case TIOCGPGRP: 1827 if (!tty_is_ctty(tp, td->td_proc)) 1828 return (ENOTTY); 1829 1830 if (tp->t_pgrp != NULL) 1831 *(int *)data = tp->t_pgrp->pg_id; 1832 else 1833 *(int *)data = NO_PID; 1834 return (0); 1835 case TIOCGSID: 1836 if (!tty_is_ctty(tp, td->td_proc)) 1837 return (ENOTTY); 1838 1839 MPASS(tp->t_session); 1840 *(int *)data = tp->t_session->s_sid; 1841 return (0); 1842 case TIOCNOTTY: 1843 return (tty_drop_ctty(tp, td->td_proc)); 1844 case TIOCSCTTY: { 1845 struct proc *p = td->td_proc; 1846 1847 /* XXX: This looks awful. */ 1848 tty_unlock(tp); 1849 sx_xlock(&proctree_lock); 1850 tty_lock(tp); 1851 1852 if (!SESS_LEADER(p)) { 1853 /* Only the session leader may do this. */ 1854 sx_xunlock(&proctree_lock); 1855 return (EPERM); 1856 } 1857 1858 if (tp->t_session != NULL && tp->t_session == p->p_session) { 1859 /* This is already our controlling TTY. */ 1860 sx_xunlock(&proctree_lock); 1861 return (0); 1862 } 1863 1864 if (p->p_session->s_ttyp != NULL || 1865 (tp->t_session != NULL && tp->t_session->s_ttyvp != NULL && 1866 tp->t_session->s_ttyvp->v_type != VBAD)) { 1867 /* 1868 * There is already a relation between a TTY and 1869 * a session, or the caller is not the session 1870 * leader. 1871 * 1872 * Allow the TTY to be stolen when the vnode is 1873 * invalid, but the reference to the TTY is 1874 * still active. This allows immediate reuse of 1875 * TTYs of which the session leader has been 1876 * killed or the TTY revoked. 1877 */ 1878 sx_xunlock(&proctree_lock); 1879 return (EPERM); 1880 } 1881 1882 /* Connect the session to the TTY. */ 1883 tp->t_session = p->p_session; 1884 tp->t_session->s_ttyp = tp; 1885 tp->t_sessioncnt++; 1886 1887 /* Assign foreground process group. */ 1888 tp->t_pgrp = p->p_pgrp; 1889 PROC_LOCK(p); 1890 p->p_flag |= P_CONTROLT; 1891 PROC_UNLOCK(p); 1892 1893 sx_xunlock(&proctree_lock); 1894 return (0); 1895 } 1896 case TIOCSPGRP: { 1897 struct pgrp *pg; 1898 1899 /* 1900 * XXX: Temporarily unlock the TTY to locate the process 1901 * group. This code would be lot nicer if we would ever 1902 * decompose proctree_lock. 1903 */ 1904 tty_unlock(tp); 1905 sx_slock(&proctree_lock); 1906 pg = pgfind(*(int *)data); 1907 if (pg != NULL) 1908 PGRP_UNLOCK(pg); 1909 if (pg == NULL || pg->pg_session != td->td_proc->p_session) { 1910 sx_sunlock(&proctree_lock); 1911 tty_lock(tp); 1912 return (EPERM); 1913 } 1914 tty_lock(tp); 1915 1916 /* 1917 * Determine if this TTY is the controlling TTY after 1918 * relocking the TTY. 1919 */ 1920 if (!tty_is_ctty(tp, td->td_proc)) { 1921 sx_sunlock(&proctree_lock); 1922 return (ENOTTY); 1923 } 1924 tp->t_pgrp = pg; 1925 sx_sunlock(&proctree_lock); 1926 1927 /* Wake up the background process groups. */ 1928 cv_broadcast(&tp->t_bgwait); 1929 return (0); 1930 } 1931 case TIOCFLUSH: { 1932 int flags = *(int *)data; 1933 1934 if (flags == 0) 1935 flags = (FREAD|FWRITE); 1936 else 1937 flags &= (FREAD|FWRITE); 1938 tty_flush(tp, flags); 1939 return (0); 1940 } 1941 case TIOCDRAIN: 1942 /* Drain TTY output. */ 1943 return tty_drain(tp, 0); 1944 case TIOCGDRAINWAIT: 1945 *(int *)data = tp->t_drainwait; 1946 return (0); 1947 case TIOCSDRAINWAIT: 1948 error = priv_check(td, PRIV_TTY_DRAINWAIT); 1949 if (error == 0) 1950 tp->t_drainwait = *(int *)data; 1951 return (error); 1952 case TIOCCONS: 1953 /* Set terminal as console TTY. */ 1954 if (*(int *)data) { 1955 error = priv_check(td, PRIV_TTY_CONSOLE); 1956 if (error) 1957 return (error); 1958 error = constty_set(tp); 1959 } else { 1960 error = constty_clear(tp); 1961 } 1962 return (error); 1963 case TIOCGWINSZ: 1964 /* Obtain window size. */ 1965 *(struct winsize*)data = tp->t_winsize; 1966 return (0); 1967 case TIOCSWINSZ: 1968 /* Set window size. */ 1969 tty_set_winsize(tp, data); 1970 return (0); 1971 case TIOCEXCL: 1972 tp->t_flags |= TF_EXCLUDE; 1973 return (0); 1974 case TIOCNXCL: 1975 tp->t_flags &= ~TF_EXCLUDE; 1976 return (0); 1977 case TIOCSTOP: 1978 tp->t_flags |= TF_STOPPED; 1979 ttydevsw_pktnotify(tp, TIOCPKT_STOP); 1980 return (0); 1981 case TIOCSTART: 1982 tp->t_flags &= ~TF_STOPPED; 1983 tp->t_termios.c_lflag &= ~FLUSHO; 1984 ttydevsw_outwakeup(tp); 1985 ttydevsw_pktnotify(tp, TIOCPKT_START); 1986 return (0); 1987 case TIOCSTAT: 1988 tty_info(tp); 1989 return (0); 1990 case TIOCSTI: 1991 if ((fflag & FREAD) == 0 && priv_check(td, PRIV_TTY_STI)) 1992 return (EPERM); 1993 if (!tty_is_ctty(tp, td->td_proc) && 1994 priv_check(td, PRIV_TTY_STI)) 1995 return (EACCES); 1996 ttydisc_rint(tp, *(char *)data, 0); 1997 ttydisc_rint_done(tp); 1998 return (0); 1999 } 2000 2001 #ifdef COMPAT_43TTY 2002 return tty_ioctl_compat(tp, cmd, data, fflag, td); 2003 #else /* !COMPAT_43TTY */ 2004 return (ENOIOCTL); 2005 #endif /* COMPAT_43TTY */ 2006 } 2007 2008 int 2009 tty_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, struct thread *td) 2010 { 2011 int error; 2012 2013 tty_assert_locked(tp); 2014 2015 if (tty_gone(tp)) 2016 return (ENXIO); 2017 2018 error = ttydevsw_ioctl(tp, cmd, data, td); 2019 if (error == ENOIOCTL) 2020 error = tty_generic_ioctl(tp, cmd, data, fflag, td); 2021 2022 return (error); 2023 } 2024 2025 dev_t 2026 tty_udev(struct tty *tp) 2027 { 2028 2029 if (tp->t_dev) 2030 return (dev2udev(tp->t_dev)); 2031 else 2032 return (NODEV); 2033 } 2034 2035 int 2036 tty_checkoutq(struct tty *tp) 2037 { 2038 2039 /* 256 bytes should be enough to print a log message. */ 2040 return (ttyoutq_bytesleft(&tp->t_outq) >= 256); 2041 } 2042 2043 void 2044 tty_hiwat_in_block(struct tty *tp) 2045 { 2046 2047 if ((tp->t_flags & TF_HIWAT_IN) == 0 && 2048 tp->t_termios.c_iflag & IXOFF && 2049 tp->t_termios.c_cc[VSTOP] != _POSIX_VDISABLE) { 2050 /* 2051 * Input flow control. Only enter the high watermark when we 2052 * can successfully store the VSTOP character. 2053 */ 2054 if (ttyoutq_write_nofrag(&tp->t_outq, 2055 &tp->t_termios.c_cc[VSTOP], 1) == 0) 2056 tp->t_flags |= TF_HIWAT_IN; 2057 } else { 2058 /* No input flow control. */ 2059 tp->t_flags |= TF_HIWAT_IN; 2060 } 2061 } 2062 2063 void 2064 tty_hiwat_in_unblock(struct tty *tp) 2065 { 2066 2067 if (tp->t_flags & TF_HIWAT_IN && 2068 tp->t_termios.c_iflag & IXOFF && 2069 tp->t_termios.c_cc[VSTART] != _POSIX_VDISABLE) { 2070 /* 2071 * Input flow control. Only leave the high watermark when we 2072 * can successfully store the VSTART character. 2073 */ 2074 if (ttyoutq_write_nofrag(&tp->t_outq, 2075 &tp->t_termios.c_cc[VSTART], 1) == 0) 2076 tp->t_flags &= ~TF_HIWAT_IN; 2077 } else { 2078 /* No input flow control. */ 2079 tp->t_flags &= ~TF_HIWAT_IN; 2080 } 2081 2082 if (!tty_gone(tp)) 2083 ttydevsw_inwakeup(tp); 2084 } 2085 2086 /* 2087 * TTY hooks interface. 2088 */ 2089 2090 static int 2091 ttyhook_defrint(struct tty *tp, char c, int flags) 2092 { 2093 2094 if (ttyhook_rint_bypass(tp, &c, 1) != 1) 2095 return (-1); 2096 2097 return (0); 2098 } 2099 2100 int 2101 ttyhook_register(struct tty **rtp, struct proc *p, int fd, struct ttyhook *th, 2102 void *softc) 2103 { 2104 struct tty *tp; 2105 struct file *fp; 2106 struct cdev *dev; 2107 struct cdevsw *cdp; 2108 struct filedesc *fdp; 2109 cap_rights_t rights; 2110 int error, ref; 2111 2112 /* Validate the file descriptor. */ 2113 /* 2114 * XXX this code inspects a file descriptor from a different process, 2115 * but there is no dedicated routine to do it in fd code, making the 2116 * ordeal highly questionable. 2117 */ 2118 fdp = p->p_fd; 2119 FILEDESC_SLOCK(fdp); 2120 error = fget_cap_noref(fdp, fd, cap_rights_init_one(&rights, CAP_TTYHOOK), 2121 &fp, NULL); 2122 if (error == 0 && !fhold(fp)) 2123 error = EBADF; 2124 FILEDESC_SUNLOCK(fdp); 2125 if (error != 0) 2126 return (error); 2127 if (fp->f_ops == &badfileops) { 2128 error = EBADF; 2129 goto done1; 2130 } 2131 2132 /* 2133 * Make sure the vnode is bound to a character device. 2134 * Unlocked check for the vnode type is ok there, because we 2135 * only shall prevent calling devvn_refthread on the file that 2136 * never has been opened over a character device. 2137 */ 2138 if (fp->f_type != DTYPE_VNODE || fp->f_vnode->v_type != VCHR) { 2139 error = EINVAL; 2140 goto done1; 2141 } 2142 2143 /* Make sure it is a TTY. */ 2144 cdp = devvn_refthread(fp->f_vnode, &dev, &ref); 2145 if (cdp == NULL) { 2146 error = ENXIO; 2147 goto done1; 2148 } 2149 if (dev != fp->f_data) { 2150 error = ENXIO; 2151 goto done2; 2152 } 2153 if (cdp != &ttydev_cdevsw) { 2154 error = ENOTTY; 2155 goto done2; 2156 } 2157 tp = dev->si_drv1; 2158 2159 /* Try to attach the hook to the TTY. */ 2160 error = EBUSY; 2161 tty_lock(tp); 2162 MPASS((tp->t_hook == NULL) == ((tp->t_flags & TF_HOOK) == 0)); 2163 if (tp->t_flags & TF_HOOK) 2164 goto done3; 2165 2166 tp->t_flags |= TF_HOOK; 2167 tp->t_hook = th; 2168 tp->t_hooksoftc = softc; 2169 *rtp = tp; 2170 error = 0; 2171 2172 /* Maybe we can switch into bypass mode now. */ 2173 ttydisc_optimize(tp); 2174 2175 /* Silently convert rint() calls to rint_bypass() when possible. */ 2176 if (!ttyhook_hashook(tp, rint) && ttyhook_hashook(tp, rint_bypass)) 2177 th->th_rint = ttyhook_defrint; 2178 2179 done3: tty_unlock(tp); 2180 done2: dev_relthread(dev, ref); 2181 done1: fdrop(fp, curthread); 2182 return (error); 2183 } 2184 2185 void 2186 ttyhook_unregister(struct tty *tp) 2187 { 2188 2189 tty_assert_locked(tp); 2190 MPASS(tp->t_flags & TF_HOOK); 2191 2192 /* Disconnect the hook. */ 2193 tp->t_flags &= ~TF_HOOK; 2194 tp->t_hook = NULL; 2195 2196 /* Maybe we need to leave bypass mode. */ 2197 ttydisc_optimize(tp); 2198 2199 /* Maybe deallocate the TTY as well. */ 2200 tty_rel_free(tp); 2201 } 2202 2203 /* 2204 * /dev/console handling. 2205 */ 2206 2207 static int 2208 ttyconsdev_open(struct cdev *dev, int oflags, int devtype, struct thread *td) 2209 { 2210 struct tty *tp; 2211 2212 /* System has no console device. */ 2213 if (dev_console_filename == NULL) 2214 return (ENXIO); 2215 2216 /* Look up corresponding TTY by device name. */ 2217 sx_slock(&tty_list_sx); 2218 TAILQ_FOREACH(tp, &tty_list, t_list) { 2219 if (strcmp(dev_console_filename, tty_devname(tp)) == 0) { 2220 dev_console->si_drv1 = tp; 2221 break; 2222 } 2223 } 2224 sx_sunlock(&tty_list_sx); 2225 2226 /* System console has no TTY associated. */ 2227 if (dev_console->si_drv1 == NULL) 2228 return (ENXIO); 2229 2230 return (ttydev_open(dev, oflags, devtype, td)); 2231 } 2232 2233 static int 2234 ttyconsdev_write(struct cdev *dev, struct uio *uio, int ioflag) 2235 { 2236 2237 log_console(uio); 2238 2239 return (ttydev_write(dev, uio, ioflag)); 2240 } 2241 2242 /* 2243 * /dev/console is a little different than normal TTY's. When opened, 2244 * it determines which TTY to use. When data gets written to it, it 2245 * will be logged in the kernel message buffer. 2246 */ 2247 static struct cdevsw ttyconsdev_cdevsw = { 2248 .d_version = D_VERSION, 2249 .d_open = ttyconsdev_open, 2250 .d_close = ttydev_close, 2251 .d_read = ttydev_read, 2252 .d_write = ttyconsdev_write, 2253 .d_ioctl = ttydev_ioctl, 2254 .d_kqfilter = ttydev_kqfilter, 2255 .d_poll = ttydev_poll, 2256 .d_mmap = ttydev_mmap, 2257 .d_name = "ttyconsdev", 2258 .d_flags = D_TTY, 2259 }; 2260 2261 static void 2262 ttyconsdev_init(void *unused __unused) 2263 { 2264 2265 dev_console = make_dev_credf(MAKEDEV_ETERNAL, &ttyconsdev_cdevsw, 0, 2266 NULL, UID_ROOT, GID_WHEEL, 0600, "console"); 2267 } 2268 2269 SYSINIT(tty, SI_SUB_DRIVERS, SI_ORDER_FIRST, ttyconsdev_init, NULL); 2270 2271 void 2272 ttyconsdev_select(const char *name) 2273 { 2274 2275 dev_console_filename = name; 2276 } 2277 2278 /* 2279 * Debugging routines. 2280 */ 2281 2282 #include "opt_ddb.h" 2283 #ifdef DDB 2284 #include <ddb/ddb.h> 2285 #include <ddb/db_sym.h> 2286 2287 static const struct { 2288 int flag; 2289 char val; 2290 } ttystates[] = { 2291 #if 0 2292 { TF_NOPREFIX, 'N' }, 2293 #endif 2294 { TF_INITLOCK, 'I' }, 2295 { TF_CALLOUT, 'C' }, 2296 2297 /* Keep these together -> 'Oi' and 'Oo'. */ 2298 { TF_OPENED, 'O' }, 2299 { TF_OPENED_IN, 'i' }, 2300 { TF_OPENED_OUT, 'o' }, 2301 { TF_OPENED_CONS, 'c' }, 2302 2303 { TF_GONE, 'G' }, 2304 { TF_OPENCLOSE, 'B' }, 2305 { TF_ASYNC, 'Y' }, 2306 { TF_LITERAL, 'L' }, 2307 2308 /* Keep these together -> 'Hi' and 'Ho'. */ 2309 { TF_HIWAT, 'H' }, 2310 { TF_HIWAT_IN, 'i' }, 2311 { TF_HIWAT_OUT, 'o' }, 2312 2313 { TF_STOPPED, 'S' }, 2314 { TF_EXCLUDE, 'X' }, 2315 { TF_BYPASS, 'l' }, 2316 { TF_ZOMBIE, 'Z' }, 2317 { TF_HOOK, 's' }, 2318 2319 /* Keep these together -> 'bi' and 'bo'. */ 2320 { TF_BUSY, 'b' }, 2321 { TF_BUSY_IN, 'i' }, 2322 { TF_BUSY_OUT, 'o' }, 2323 2324 { 0, '\0'}, 2325 }; 2326 2327 #define TTY_FLAG_BITS \ 2328 "\20\1NOPREFIX\2INITLOCK\3CALLOUT\4OPENED_IN" \ 2329 "\5OPENED_OUT\6OPENED_CONS\7GONE\10OPENCLOSE" \ 2330 "\11ASYNC\12LITERAL\13HIWAT_IN\14HIWAT_OUT" \ 2331 "\15STOPPED\16EXCLUDE\17BYPASS\20ZOMBIE" \ 2332 "\21HOOK\22BUSY_IN\23BUSY_OUT" 2333 2334 #define DB_PRINTSYM(name, addr) \ 2335 db_printf("%s " #name ": ", sep); \ 2336 db_printsym((db_addr_t) addr, DB_STGY_ANY); \ 2337 db_printf("\n"); 2338 2339 static void 2340 _db_show_devsw(const char *sep, const struct ttydevsw *tsw) 2341 { 2342 2343 db_printf("%sdevsw: ", sep); 2344 db_printsym((db_addr_t)tsw, DB_STGY_ANY); 2345 db_printf(" (%p)\n", tsw); 2346 DB_PRINTSYM(open, tsw->tsw_open); 2347 DB_PRINTSYM(close, tsw->tsw_close); 2348 DB_PRINTSYM(outwakeup, tsw->tsw_outwakeup); 2349 DB_PRINTSYM(inwakeup, tsw->tsw_inwakeup); 2350 DB_PRINTSYM(ioctl, tsw->tsw_ioctl); 2351 DB_PRINTSYM(param, tsw->tsw_param); 2352 DB_PRINTSYM(modem, tsw->tsw_modem); 2353 DB_PRINTSYM(mmap, tsw->tsw_mmap); 2354 DB_PRINTSYM(pktnotify, tsw->tsw_pktnotify); 2355 DB_PRINTSYM(free, tsw->tsw_free); 2356 } 2357 2358 static void 2359 _db_show_hooks(const char *sep, const struct ttyhook *th) 2360 { 2361 2362 db_printf("%shook: ", sep); 2363 db_printsym((db_addr_t)th, DB_STGY_ANY); 2364 db_printf(" (%p)\n", th); 2365 if (th == NULL) 2366 return; 2367 DB_PRINTSYM(rint, th->th_rint); 2368 DB_PRINTSYM(rint_bypass, th->th_rint_bypass); 2369 DB_PRINTSYM(rint_done, th->th_rint_done); 2370 DB_PRINTSYM(rint_poll, th->th_rint_poll); 2371 DB_PRINTSYM(getc_inject, th->th_getc_inject); 2372 DB_PRINTSYM(getc_capture, th->th_getc_capture); 2373 DB_PRINTSYM(getc_poll, th->th_getc_poll); 2374 DB_PRINTSYM(close, th->th_close); 2375 } 2376 2377 static void 2378 _db_show_termios(const char *name, const struct termios *t) 2379 { 2380 2381 db_printf("%s: iflag 0x%x oflag 0x%x cflag 0x%x " 2382 "lflag 0x%x ispeed %u ospeed %u\n", name, 2383 t->c_iflag, t->c_oflag, t->c_cflag, t->c_lflag, 2384 t->c_ispeed, t->c_ospeed); 2385 } 2386 2387 /* DDB command to show TTY statistics. */ 2388 DB_SHOW_COMMAND(tty, db_show_tty) 2389 { 2390 struct tty *tp; 2391 2392 if (!have_addr) { 2393 db_printf("usage: show tty <addr>\n"); 2394 return; 2395 } 2396 tp = (struct tty *)addr; 2397 2398 db_printf("%p: %s\n", tp, tty_devname(tp)); 2399 db_printf("\tmtx: %p\n", tp->t_mtx); 2400 db_printf("\tflags: 0x%b\n", tp->t_flags, TTY_FLAG_BITS); 2401 db_printf("\trevokecnt: %u\n", tp->t_revokecnt); 2402 2403 /* Buffering mechanisms. */ 2404 db_printf("\tinq: %p begin %u linestart %u reprint %u end %u " 2405 "nblocks %u quota %u\n", &tp->t_inq, tp->t_inq.ti_begin, 2406 tp->t_inq.ti_linestart, tp->t_inq.ti_reprint, tp->t_inq.ti_end, 2407 tp->t_inq.ti_nblocks, tp->t_inq.ti_quota); 2408 db_printf("\toutq: %p begin %u end %u nblocks %u quota %u\n", 2409 &tp->t_outq, tp->t_outq.to_begin, tp->t_outq.to_end, 2410 tp->t_outq.to_nblocks, tp->t_outq.to_quota); 2411 db_printf("\tinlow: %zu\n", tp->t_inlow); 2412 db_printf("\toutlow: %zu\n", tp->t_outlow); 2413 _db_show_termios("\ttermios", &tp->t_termios); 2414 db_printf("\twinsize: row %u col %u xpixel %u ypixel %u\n", 2415 tp->t_winsize.ws_row, tp->t_winsize.ws_col, 2416 tp->t_winsize.ws_xpixel, tp->t_winsize.ws_ypixel); 2417 db_printf("\tcolumn: %u\n", tp->t_column); 2418 db_printf("\twritepos: %u\n", tp->t_writepos); 2419 db_printf("\tcompatflags: 0x%x\n", tp->t_compatflags); 2420 2421 /* Init/lock-state devices. */ 2422 _db_show_termios("\ttermios_init_in", &tp->t_termios_init_in); 2423 _db_show_termios("\ttermios_init_out", &tp->t_termios_init_out); 2424 _db_show_termios("\ttermios_lock_in", &tp->t_termios_lock_in); 2425 _db_show_termios("\ttermios_lock_out", &tp->t_termios_lock_out); 2426 2427 /* Hooks */ 2428 _db_show_devsw("\t", tp->t_devsw); 2429 _db_show_hooks("\t", tp->t_hook); 2430 2431 /* Process info. */ 2432 db_printf("\tpgrp: %p gid %d\n", tp->t_pgrp, 2433 tp->t_pgrp ? tp->t_pgrp->pg_id : 0); 2434 db_printf("\tsession: %p", tp->t_session); 2435 if (tp->t_session != NULL) 2436 db_printf(" count %u leader %p tty %p sid %d login %s", 2437 tp->t_session->s_count, tp->t_session->s_leader, 2438 tp->t_session->s_ttyp, tp->t_session->s_sid, 2439 tp->t_session->s_login); 2440 db_printf("\n"); 2441 db_printf("\tsessioncnt: %u\n", tp->t_sessioncnt); 2442 db_printf("\tdevswsoftc: %p\n", tp->t_devswsoftc); 2443 db_printf("\thooksoftc: %p\n", tp->t_hooksoftc); 2444 db_printf("\tdev: %p\n", tp->t_dev); 2445 } 2446 2447 /* DDB command to list TTYs. */ 2448 DB_SHOW_ALL_COMMAND(ttys, db_show_all_ttys) 2449 { 2450 struct tty *tp; 2451 size_t isiz, osiz; 2452 int i, j; 2453 2454 /* Make the output look like `pstat -t'. */ 2455 db_printf("PTR "); 2456 #if defined(__LP64__) 2457 db_printf(" "); 2458 #endif 2459 db_printf(" LINE INQ CAN LIN LOW OUTQ USE LOW " 2460 "COL SESS PGID STATE\n"); 2461 2462 TAILQ_FOREACH(tp, &tty_list, t_list) { 2463 isiz = tp->t_inq.ti_nblocks * TTYINQ_DATASIZE; 2464 osiz = tp->t_outq.to_nblocks * TTYOUTQ_DATASIZE; 2465 2466 db_printf("%p %10s %5zu %4u %4u %4zu %5zu %4u %4zu %5u %5d " 2467 "%5d ", tp, tty_devname(tp), isiz, 2468 tp->t_inq.ti_linestart - tp->t_inq.ti_begin, 2469 tp->t_inq.ti_end - tp->t_inq.ti_linestart, 2470 isiz - tp->t_inlow, osiz, 2471 tp->t_outq.to_end - tp->t_outq.to_begin, 2472 osiz - tp->t_outlow, MIN(tp->t_column, 99999), 2473 tp->t_session ? tp->t_session->s_sid : 0, 2474 tp->t_pgrp ? tp->t_pgrp->pg_id : 0); 2475 2476 /* Flag bits. */ 2477 for (i = j = 0; ttystates[i].flag; i++) 2478 if (tp->t_flags & ttystates[i].flag) { 2479 db_printf("%c", ttystates[i].val); 2480 j++; 2481 } 2482 if (j == 0) 2483 db_printf("-"); 2484 db_printf("\n"); 2485 } 2486 } 2487 #endif /* DDB */ 2488