1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 26 /* All Rights Reserved */ 27 28 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 /* 32 * Pseudo Terminal Master Driver. 33 * 34 * The pseudo-tty subsystem simulates a terminal connection, where the master 35 * side represents the terminal and the slave represents the user process's 36 * special device end point. The master device is set up as a cloned device 37 * where its major device number is the major for the clone device and its minor 38 * device number is the major for the ptm driver. There are no nodes in the file 39 * system for master devices. The master pseudo driver is opened using the 40 * open(2) system call with /dev/ptmx as the device parameter. The clone open 41 * finds the next available minor device for the ptm major device. 42 * 43 * A master device is available only if it and its corresponding slave device 44 * are not already open. When the master device is opened, the corresponding 45 * slave device is automatically locked out. Only one open is allowed on a 46 * master device. Multiple opens are allowed on the slave device. After both 47 * the master and slave have been opened, the user has two file descriptors 48 * which are the end points of a full duplex connection composed of two streams 49 * which are automatically connected at the master and slave drivers. The user 50 * may then push modules onto either side of the stream pair. 51 * 52 * The master and slave drivers pass all messages to their adjacent queues. 53 * Only the M_FLUSH needs some processing. Because the read queue of one side 54 * is connected to the write queue of the other, the FLUSHR flag is changed to 55 * the FLUSHW flag and vice versa. When the master device is closed an M_HANGUP 56 * message is sent to the slave device which will render the device 57 * unusable. The process on the slave side gets the EIO when attempting to write 58 * on that stream but it will be able to read any data remaining on the stream 59 * head read queue. When all the data has been read, read() returns 0 60 * indicating that the stream can no longer be used. On the last close of the 61 * slave device, a 0-length message is sent to the master device. When the 62 * application on the master side issues a read() or getmsg() and 0 is returned, 63 * the user of the master device decides whether to issue a close() that 64 * dismantles the pseudo-terminal subsystem. If the master device is not closed, 65 * the pseudo-tty subsystem will be available to another user to open the slave 66 * device. 67 * 68 * If O_NONBLOCK or O_NDELAY is set, read on the master side returns -1 with 69 * errno set to EAGAIN if no data is available, and write returns -1 with errno 70 * set to EAGAIN if there is internal flow control. 71 * 72 * IOCTLS: 73 * 74 * ISPTM: determines whether the file descriptor is that of an open master 75 * device. Return code of zero indicates that the file descriptor 76 * represents master device. 77 * 78 * UNLKPT: unlocks the master and slave devices. It returns 0 on success. On 79 * failure, the errno is set to EINVAL indicating that the master 80 * device is not open. 81 * 82 * ZONEPT: sets the zone membership of the associated pts device. 83 * 84 * GRPPT: sets the group owner of the associated pts device. 85 * 86 * Synchronization: 87 * 88 * All global data synchronization between ptm/pts is done via global 89 * ptms_lock mutex which is initialized at system boot time from 90 * ptms_initspace (called from space.c). 91 * 92 * Individual fields of pt_ttys structure (except ptm_rdq, pts_rdq and 93 * pt_nullmsg) are protected by pt_ttys.pt_lock mutex. 94 * 95 * PT_ENTER_READ/PT_ENTER_WRITE are reference counter based read-write locks 96 * which allow reader locks to be reacquired by the same thread (usual 97 * reader/writer locks can't be used for that purpose since it is illegal for 98 * a thread to acquire a lock it already holds, even as a reader). The sole 99 * purpose of these macros is to guarantee that the peer queue will not 100 * disappear (due to closing peer) while it is used. It is safe to use 101 * PT_ENTER_READ/PT_EXIT_READ brackets across calls like putq/putnext (since 102 * they are not real locks but reference counts). 103 * 104 * PT_ENTER_WRITE/PT_EXIT_WRITE brackets are used ONLY in master/slave 105 * open/close paths to modify ptm_rdq and pts_rdq fields. These fields should 106 * be set to appropriate queues *after* qprocson() is called during open (to 107 * prevent peer from accessing the queue with incomplete plumbing) and set to 108 * NULL before qprocsoff() is called during close. 109 * 110 * The pt_nullmsg field is only used in open/close routines and it is also 111 * protected by PT_ENTER_WRITE/PT_EXIT_WRITE brackets to avoid extra mutex 112 * holds. 113 * 114 * Lock Ordering: 115 * 116 * If both ptms_lock and per-pty lock should be held, ptms_lock should always 117 * be entered first, followed by per-pty lock. 118 * 119 * See ptms.h, pts.c and ptms_conf.c for more information. 120 */ 121 122 #include <sys/types.h> 123 #include <sys/param.h> 124 #include <sys/file.h> 125 #include <sys/sysmacros.h> 126 #include <sys/stream.h> 127 #include <sys/stropts.h> 128 #include <sys/proc.h> 129 #include <sys/errno.h> 130 #include <sys/debug.h> 131 #include <sys/cmn_err.h> 132 #include <sys/ptms.h> 133 #include <sys/stat.h> 134 #include <sys/strsun.h> 135 #include <sys/systm.h> 136 #include <sys/modctl.h> 137 #include <sys/conf.h> 138 #include <sys/ddi.h> 139 #include <sys/sunddi.h> 140 #include <sys/zone.h> 141 142 #ifdef DEBUG 143 int ptm_debug = 0; 144 #define DBG(a) if (ptm_debug) cmn_err(CE_NOTE, a) 145 #else 146 #define DBG(a) 147 #endif 148 149 static int ptmopen(queue_t *, dev_t *, int, int, cred_t *); 150 static int ptmclose(queue_t *, int, cred_t *); 151 static void ptmwput(queue_t *, mblk_t *); 152 static void ptmrsrv(queue_t *); 153 static void ptmwsrv(queue_t *); 154 155 /* 156 * Master Stream Pseudo Terminal Module: stream data structure definitions 157 */ 158 159 static struct module_info ptm_info = { 160 0xdead, 161 "ptm", 162 0, 163 512, 164 512, 165 128 166 }; 167 168 static struct qinit ptmrint = { 169 NULL, 170 (int (*)()) ptmrsrv, 171 ptmopen, 172 ptmclose, 173 NULL, 174 &ptm_info, 175 NULL 176 }; 177 178 static struct qinit ptmwint = { 179 (int (*)()) ptmwput, 180 (int (*)()) ptmwsrv, 181 NULL, 182 NULL, 183 NULL, 184 &ptm_info, 185 NULL 186 }; 187 188 static struct streamtab ptminfo = { 189 &ptmrint, 190 &ptmwint, 191 NULL, 192 NULL 193 }; 194 195 static int ptm_attach(dev_info_t *, ddi_attach_cmd_t); 196 static int ptm_detach(dev_info_t *, ddi_detach_cmd_t); 197 static int ptm_devinfo(dev_info_t *, ddi_info_cmd_t, void *, void **); 198 199 static dev_info_t *ptm_dip; /* private devinfo pointer */ 200 201 /* 202 * this will define (struct cb_ops cb_ptm_ops) and (struct dev_ops ptm_ops) 203 */ 204 DDI_DEFINE_STREAM_OPS(ptm_ops, nulldev, nulldev, ptm_attach, ptm_detach, 205 nodev, ptm_devinfo, D_MP, &ptminfo); 206 207 /* 208 * Module linkage information for the kernel. 209 */ 210 211 static struct modldrv modldrv = { 212 &mod_driverops, /* Type of module. This one is a pseudo driver */ 213 "Master streams driver 'ptm' %I%", 214 &ptm_ops, /* driver ops */ 215 }; 216 217 static struct modlinkage modlinkage = { 218 MODREV_1, 219 &modldrv, 220 NULL 221 }; 222 223 int 224 _init(void) 225 { 226 int rc; 227 228 if ((rc = mod_install(&modlinkage)) == 0) 229 ptms_init(); 230 return (rc); 231 } 232 233 int 234 _fini(void) 235 { 236 return (mod_remove(&modlinkage)); 237 } 238 239 int 240 _info(struct modinfo *modinfop) 241 { 242 return (mod_info(&modlinkage, modinfop)); 243 } 244 245 static int 246 ptm_attach(dev_info_t *devi, ddi_attach_cmd_t cmd) 247 { 248 if (cmd != DDI_ATTACH) 249 return (DDI_FAILURE); 250 251 if (ddi_create_minor_node(devi, "ptmajor", S_IFCHR, 252 0, DDI_PSEUDO, NULL) == DDI_FAILURE) { 253 ddi_remove_minor_node(devi, NULL); 254 return (DDI_FAILURE); 255 } 256 if (ddi_create_minor_node(devi, "ptmx", S_IFCHR, 257 0, DDI_PSEUDO, CLONE_DEV) == DDI_FAILURE) { 258 ddi_remove_minor_node(devi, NULL); 259 return (DDI_FAILURE); 260 } 261 ptm_dip = devi; 262 263 return (DDI_SUCCESS); 264 } 265 266 static int 267 ptm_detach(dev_info_t *devi, ddi_detach_cmd_t cmd) 268 { 269 if (cmd != DDI_DETACH) 270 return (DDI_FAILURE); 271 272 ddi_remove_minor_node(devi, NULL); 273 return (DDI_SUCCESS); 274 } 275 276 /*ARGSUSED*/ 277 static int 278 ptm_devinfo(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, 279 void **result) 280 { 281 int error; 282 283 switch (infocmd) { 284 case DDI_INFO_DEVT2DEVINFO: 285 if (ptm_dip == NULL) { 286 error = DDI_FAILURE; 287 } else { 288 *result = (void *)ptm_dip; 289 error = DDI_SUCCESS; 290 } 291 break; 292 case DDI_INFO_DEVT2INSTANCE: 293 *result = (void *)0; 294 error = DDI_SUCCESS; 295 break; 296 default: 297 error = DDI_FAILURE; 298 } 299 return (error); 300 } 301 302 303 /* ARGSUSED */ 304 /* 305 * Open a minor of the master device. Store the write queue pointer and set the 306 * pt_state field to (PTMOPEN | PTLOCK). 307 * This code will work properly with both clone opens and direct opens of the 308 * master device. 309 */ 310 static int 311 ptmopen( 312 queue_t *rqp, /* pointer to the read side queue */ 313 dev_t *devp, /* pointer to stream tail's dev */ 314 int oflag, /* the user open(2) supplied flags */ 315 int sflag, /* open state flag */ 316 cred_t *credp) /* credentials */ 317 { 318 struct pt_ttys *ptmp; 319 mblk_t *mop; /* ptr to a setopts message block */ 320 struct stroptions *sop; 321 minor_t dminor = getminor(*devp); 322 323 /* Allow reopen */ 324 if (rqp->q_ptr != NULL) 325 return (0); 326 327 if (sflag & MODOPEN) 328 return (ENXIO); 329 330 if (!(sflag & CLONEOPEN) && dminor != 0) { 331 /* 332 * This is a direct open to specific master device through an 333 * artificially created entry with specific minor in 334 * /dev/directory. Such behavior is not supported. 335 */ 336 return (ENXIO); 337 } 338 339 /* 340 * The master open requires that the slave be attached 341 * before it returns so that attempts to open the slave will 342 * succeeed 343 */ 344 if (ptms_attach_slave() != 0) { 345 return (ENXIO); 346 } 347 348 mop = allocb(sizeof (struct stroptions), BPRI_MED); 349 if (mop == NULL) { 350 DDBG("ptmopen(): mop allocation failed\n", 0); 351 return (ENOMEM); 352 } 353 354 if ((ptmp = pt_ttys_alloc()) == NULL) { 355 DDBG("ptmopen(): pty allocation failed\n", 0); 356 freemsg(mop); 357 return (ENOMEM); 358 } 359 360 dminor = ptmp->pt_minor; 361 362 DDBGP("ptmopen(): allocated ptmp %p\n", (uintptr_t)ptmp); 363 DDBG("ptmopen(): allocated minor %d\n", dminor); 364 365 WR(rqp)->q_ptr = rqp->q_ptr = ptmp; 366 367 qprocson(rqp); 368 369 /* Allow slave to send messages to master */ 370 PT_ENTER_WRITE(ptmp); 371 ptmp->ptm_rdq = rqp; 372 PT_EXIT_WRITE(ptmp); 373 374 /* 375 * set up hi/lo water marks on stream head read queue 376 * and add controlling tty if not set 377 */ 378 mop->b_datap->db_type = M_SETOPTS; 379 mop->b_wptr += sizeof (struct stroptions); 380 sop = (struct stroptions *)mop->b_rptr; 381 if (oflag & FNOCTTY) 382 sop->so_flags = SO_HIWAT | SO_LOWAT; 383 else 384 sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY; 385 sop->so_hiwat = 512; 386 sop->so_lowat = 256; 387 putnext(rqp, mop); 388 389 /* 390 * The input, devp, is a major device number, the output is put 391 * into the same parm as a major,minor pair. 392 */ 393 *devp = makedevice(getmajor(*devp), dminor); 394 395 return (0); 396 } 397 398 399 /* 400 * Find the address to private data identifying the slave's write queue. 401 * Send a hang-up message up the slave's read queue to designate the 402 * master/slave pair is tearing down. Uattach the master and slave by 403 * nulling out the write queue fields in the private data structure. 404 * Finally, unlock the master/slave pair and mark the master as closed. 405 */ 406 /*ARGSUSED1*/ 407 static int 408 ptmclose(queue_t *rqp, int flag, cred_t *credp) 409 { 410 struct pt_ttys *ptmp; 411 queue_t *pts_rdq; 412 413 ASSERT(rqp->q_ptr); 414 415 ptmp = (struct pt_ttys *)rqp->q_ptr; 416 PT_ENTER_READ(ptmp); 417 if (ptmp->pts_rdq) { 418 pts_rdq = ptmp->pts_rdq; 419 if (pts_rdq->q_next) { 420 DBG(("send hangup message to slave\n")); 421 (void) putnextctl(pts_rdq, M_HANGUP); 422 } 423 } 424 PT_EXIT_READ(ptmp); 425 /* 426 * ptm_rdq should be cleared before call to qprocsoff() to prevent pts 427 * write procedure to attempt using ptm_rdq after qprocsoff. 428 */ 429 PT_ENTER_WRITE(ptmp); 430 ptmp->ptm_rdq = NULL; 431 freemsg(ptmp->pt_nullmsg); 432 ptmp->pt_nullmsg = NULL; 433 /* 434 * qenable slave side write queue so that it can flush 435 * its messages as master's read queue is going away 436 */ 437 if (ptmp->pts_rdq) 438 qenable(WR(ptmp->pts_rdq)); 439 PT_EXIT_WRITE(ptmp); 440 441 qprocsoff(rqp); 442 443 /* Finish the close */ 444 rqp->q_ptr = NULL; 445 WR(rqp)->q_ptr = NULL; 446 447 ptms_close(ptmp, PTMOPEN | PTLOCK); 448 449 return (0); 450 } 451 452 /* 453 * The wput procedure will only handle ioctl and flush messages. 454 */ 455 static void 456 ptmwput(queue_t *qp, mblk_t *mp) 457 { 458 struct pt_ttys *ptmp; 459 struct iocblk *iocp; 460 461 DBG(("entering ptmwput\n")); 462 ASSERT(qp->q_ptr); 463 464 ptmp = (struct pt_ttys *)qp->q_ptr; 465 PT_ENTER_READ(ptmp); 466 467 switch (mp->b_datap->db_type) { 468 /* 469 * if write queue request, flush master's write 470 * queue and send FLUSHR up slave side. If read 471 * queue request, convert to FLUSHW and putnext(). 472 */ 473 case M_FLUSH: 474 { 475 unsigned char flush_flg = 0; 476 477 DBG(("ptm got flush request\n")); 478 if (*mp->b_rptr & FLUSHW) { 479 DBG(("got FLUSHW, flush ptm write Q\n")); 480 if (*mp->b_rptr & FLUSHBAND) 481 /* 482 * if it is a FLUSHBAND, do flushband. 483 */ 484 flushband(qp, *(mp->b_rptr + 1), 485 FLUSHDATA); 486 else 487 flushq(qp, FLUSHDATA); 488 flush_flg = (*mp->b_rptr & ~FLUSHW) | FLUSHR; 489 } 490 if (*mp->b_rptr & FLUSHR) { 491 DBG(("got FLUSHR, set FLUSHW\n")); 492 flush_flg |= (*mp->b_rptr & ~FLUSHR) | FLUSHW; 493 } 494 if (flush_flg != 0 && ptmp->pts_rdq && 495 !(ptmp->pt_state & PTLOCK)) { 496 DBG(("putnext to pts\n")); 497 *mp->b_rptr = flush_flg; 498 putnext(ptmp->pts_rdq, mp); 499 } else 500 freemsg(mp); 501 break; 502 } 503 504 case M_IOCTL: 505 iocp = (struct iocblk *)mp->b_rptr; 506 switch (iocp->ioc_cmd) { 507 default: 508 if ((ptmp->pt_state & PTLOCK) || 509 (ptmp->pts_rdq == NULL)) { 510 DBG(("got M_IOCTL but no slave\n")); 511 miocnak(qp, mp, 0, EINVAL); 512 PT_EXIT_READ(ptmp); 513 return; 514 } 515 (void) putq(qp, mp); 516 break; 517 case UNLKPT: 518 mutex_enter(&ptmp->pt_lock); 519 ptmp->pt_state &= ~PTLOCK; 520 mutex_exit(&ptmp->pt_lock); 521 /*FALLTHROUGH*/ 522 case ISPTM: 523 DBG(("ack the UNLKPT/ISPTM\n")); 524 miocack(qp, mp, 0, 0); 525 break; 526 case ZONEPT: 527 { 528 zoneid_t z; 529 int error; 530 531 if ((error = drv_priv(iocp->ioc_cr)) != 0) { 532 miocnak(qp, mp, 0, error); 533 break; 534 } 535 if ((error = miocpullup(mp, sizeof (zoneid_t))) != 0) { 536 miocnak(qp, mp, 0, error); 537 break; 538 } 539 z = *((zoneid_t *)mp->b_cont->b_rptr); 540 if (z < MIN_ZONEID || z > MAX_ZONEID) { 541 miocnak(qp, mp, 0, EINVAL); 542 break; 543 } 544 545 mutex_enter(&ptmp->pt_lock); 546 ptmp->pt_zoneid = z; 547 mutex_exit(&ptmp->pt_lock); 548 miocack(qp, mp, 0, 0); 549 break; 550 } 551 case PT_OWNER: 552 { 553 pt_own_t *ptop; 554 int error; 555 556 if ((error = miocpullup(mp, sizeof (pt_own_t))) != 0) { 557 miocnak(qp, mp, 0, error); 558 break; 559 } 560 561 ptop = (pt_own_t *)mp->b_cont->b_rptr; 562 563 if (ptop->pto_ruid < 0 || ptop->pto_rgid < 0) { 564 miocnak(qp, mp, 0, EINVAL); 565 break; 566 } 567 568 mutex_enter(&ptmp->pt_lock); 569 ptmp->pt_ruid = ptop->pto_ruid; 570 ptmp->pt_rgid = ptop->pto_rgid; 571 mutex_exit(&ptmp->pt_lock); 572 miocack(qp, mp, 0, 0); 573 break; 574 } 575 } 576 break; 577 578 case M_READ: 579 /* Caused by ldterm - can not pass to slave */ 580 freemsg(mp); 581 break; 582 583 /* 584 * send other messages to slave 585 */ 586 default: 587 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) { 588 DBG(("got msg. but no slave\n")); 589 mp = mexchange(NULL, mp, 2, M_ERROR, -1); 590 if (mp != NULL) { 591 mp->b_rptr[0] = NOERROR; 592 mp->b_rptr[1] = EINVAL; 593 qreply(qp, mp); 594 } 595 PT_EXIT_READ(ptmp); 596 return; 597 } 598 DBG(("put msg on master's write queue\n")); 599 (void) putq(qp, mp); 600 break; 601 } 602 DBG(("return from ptmwput()\n")); 603 PT_EXIT_READ(ptmp); 604 } 605 606 607 /* 608 * enable the write side of the slave. This triggers the 609 * slave to send any messages queued on its write side to 610 * the read side of this master. 611 */ 612 static void 613 ptmrsrv(queue_t *qp) 614 { 615 struct pt_ttys *ptmp; 616 617 DBG(("entering ptmrsrv\n")); 618 ASSERT(qp->q_ptr); 619 620 ptmp = (struct pt_ttys *)qp->q_ptr; 621 PT_ENTER_READ(ptmp); 622 if (ptmp->pts_rdq) { 623 qenable(WR(ptmp->pts_rdq)); 624 } 625 PT_EXIT_READ(ptmp); 626 DBG(("leaving ptmrsrv\n")); 627 } 628 629 630 /* 631 * If there are messages on this queue that can be sent to 632 * slave, send them via putnext(). Else, if queued messages 633 * cannot be sent, leave them on this queue. If priority 634 * messages on this queue, send them to slave no matter what. 635 */ 636 static void 637 ptmwsrv(queue_t *qp) 638 { 639 struct pt_ttys *ptmp; 640 mblk_t *mp; 641 642 DBG(("entering ptmwsrv\n")); 643 ASSERT(qp->q_ptr); 644 645 ptmp = (struct pt_ttys *)qp->q_ptr; 646 PT_ENTER_READ(ptmp); 647 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) { 648 DBG(("in master write srv proc but no slave\n")); 649 /* 650 * Free messages on the write queue and send 651 * NAK for any M_IOCTL type messages to wakeup 652 * the user process waiting for ACK/NAK from 653 * the ioctl invocation 654 */ 655 while ((mp = getq(qp)) != NULL) { 656 if (mp->b_datap->db_type == M_IOCTL) 657 miocnak(qp, mp, 0, EINVAL); 658 else 659 freemsg(mp); 660 } 661 flushq(qp, FLUSHALL); 662 663 mp = mexchange(NULL, NULL, 2, M_ERROR, -1); 664 if (mp != NULL) { 665 mp->b_rptr[0] = NOERROR; 666 mp->b_rptr[1] = EINVAL; 667 qreply(qp, mp); 668 } 669 PT_EXIT_READ(ptmp); 670 return; 671 } 672 /* 673 * while there are messages on this write queue... 674 */ 675 while ((mp = getq(qp)) != NULL) { 676 /* 677 * if don't have control message and cannot put 678 * msg. on slave's read queue, put it back on 679 * this queue. 680 */ 681 if (mp->b_datap->db_type <= QPCTL && 682 !bcanputnext(ptmp->pts_rdq, mp->b_band)) { 683 DBG(("put msg. back on queue\n")); 684 (void) putbq(qp, mp); 685 break; 686 } 687 /* 688 * else send the message up slave's stream 689 */ 690 DBG(("send message to slave\n")); 691 putnext(ptmp->pts_rdq, mp); 692 } 693 DBG(("leaving ptmwsrv\n")); 694 PT_EXIT_READ(ptmp); 695 } 696