9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
25 /* All Rights Reserved */
26
27 /*
28 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
29 */
30
31 /*
32 * Pseudo Terminal Master Driver.
33 *
34 * The pseudo-tty subsystem simulates a terminal connection, where the master
35 * side represents the terminal and the slave represents the user process's
36 * special device end point. The master device is set up as a cloned device
37 * where its major device number is the major for the clone device and its minor
38 * device number is the major for the ptm driver. There are no nodes in the file
39 * system for master devices. The master pseudo driver is opened using the
40 * open(2) system call with /dev/ptmx as the device parameter. The clone open
41 * finds the next available minor device for the ptm major device.
42 *
43 * A master device is available only if it and its corresponding slave device
44 * are not already open. When the master device is opened, the corresponding
45 * slave device is automatically locked out. Only one open is allowed on a
46 * master device. Multiple opens are allowed on the slave device. After both
47 * the master and slave have been opened, the user has two file descriptors
48 * which are the end points of a full duplex connection composed of two streams
49 * which are automatically connected at the master and slave drivers. The user
50 * may then push modules onto either side of the stream pair.
51 *
52 * The master and slave drivers pass all messages to their adjacent queues.
53 * Only the M_FLUSH needs some processing. Because the read queue of one side
54 * is connected to the write queue of the other, the FLUSHR flag is changed to
55 * the FLUSHW flag and vice versa. When the master device is closed an M_HANGUP
56 * message is sent to the slave device which will render the device
57 * unusable. The process on the slave side gets the EIO when attempting to write
58 * on that stream but it will be able to read any data remaining on the stream
59 * head read queue. When all the data has been read, read() returns 0
60 * indicating that the stream can no longer be used. On the last close of the
61 * slave device, a 0-length message is sent to the master device. When the
62 * application on the master side issues a read() or getmsg() and 0 is returned,
63 * the user of the master device decides whether to issue a close() that
64 * dismantles the pseudo-terminal subsystem. If the master device is not closed,
65 * the pseudo-tty subsystem will be available to another user to open the slave
66 * device.
67 *
68 * If O_NONBLOCK or O_NDELAY is set, read on the master side returns -1 with
69 * errno set to EAGAIN if no data is available, and write returns -1 with errno
70 * set to EAGAIN if there is internal flow control.
71 *
72 * IOCTLS:
73 *
74 * ISPTM: determines whether the file descriptor is that of an open master
75 * device. Return code of zero indicates that the file descriptor
76 * represents master device.
77 *
78 * UNLKPT: unlocks the master and slave devices. It returns 0 on success. On
79 * failure, the errno is set to EINVAL indicating that the master
80 * device is not open.
81 *
82 * ZONEPT: sets the zone membership of the associated pts device.
83 *
84 * GRPPT: sets the group owner of the associated pts device.
85 *
86 * Synchronization:
87 *
88 * All global data synchronization between ptm/pts is done via global
89 * ptms_lock mutex which is initialized at system boot time from
90 * ptms_initspace (called from space.c).
91 *
92 * Individual fields of pt_ttys structure (except ptm_rdq, pts_rdq and
93 * pt_nullmsg) are protected by pt_ttys.pt_lock mutex.
94 *
95 * PT_ENTER_READ/PT_ENTER_WRITE are reference counter based read-write locks
96 * which allow reader locks to be reacquired by the same thread (usual
97 * reader/writer locks can't be used for that purpose since it is illegal for
98 * a thread to acquire a lock it already holds, even as a reader). The sole
99 * purpose of these macros is to guarantee that the peer queue will not
100 * disappear (due to closing peer) while it is used. It is safe to use
101 * PT_ENTER_READ/PT_EXIT_READ brackets across calls like putq/putnext (since
102 * they are not real locks but reference counts).
103 *
104 * PT_ENTER_WRITE/PT_EXIT_WRITE brackets are used ONLY in master/slave
105 * open/close paths to modify ptm_rdq and pts_rdq fields. These fields should
106 * be set to appropriate queues *after* qprocson() is called during open (to
107 * prevent peer from accessing the queue with incomplete plumbing) and set to
108 * NULL before qprocsoff() is called during close.
109 *
110 * The pt_nullmsg field is only used in open/close routines and it is also
111 * protected by PT_ENTER_WRITE/PT_EXIT_WRITE brackets to avoid extra mutex
112 * holds.
113 *
114 * Lock Ordering:
115 *
116 * If both ptms_lock and per-pty lock should be held, ptms_lock should always
117 * be entered first, followed by per-pty lock.
118 *
119 * See ptms.h, pts.c and ptms_conf.c for more information.
120 */
121
122 #include <sys/types.h>
123 #include <sys/param.h>
124 #include <sys/file.h>
125 #include <sys/sysmacros.h>
126 #include <sys/stream.h>
127 #include <sys/stropts.h>
128 #include <sys/proc.h>
129 #include <sys/errno.h>
130 #include <sys/debug.h>
131 #include <sys/cmn_err.h>
132 #include <sys/ptms.h>
133 #include <sys/stat.h>
134 #include <sys/strsun.h>
135 #include <sys/systm.h>
136 #include <sys/modctl.h>
137 #include <sys/conf.h>
138 #include <sys/ddi.h>
139 #include <sys/sunddi.h>
140 #include <sys/zone.h>
141
142 #ifdef DEBUG
143 int ptm_debug = 0;
144 #define DBG(a) if (ptm_debug) cmn_err(CE_NOTE, a)
145 #else
146 #define DBG(a)
147 #endif
148
149 static int ptmopen(queue_t *, dev_t *, int, int, cred_t *);
150 static int ptmclose(queue_t *, int, cred_t *);
151 static int ptmwput(queue_t *, mblk_t *);
152 static int ptmrsrv(queue_t *);
153 static int ptmwsrv(queue_t *);
154
155 /*
156 * Master Stream Pseudo Terminal Module: stream data structure definitions
157 */
158
159 static struct module_info ptm_info = {
160 0xdead,
161 "ptm",
162 0,
163 512,
164 512,
165 128
166 };
167
168 static struct qinit ptmrint = {
169 NULL,
170 ptmrsrv,
171 ptmopen,
172 ptmclose,
173 NULL,
174 &ptm_info,
175 NULL
176 };
177
178 static struct qinit ptmwint = {
192 NULL
193 };
194
195 static int ptm_attach(dev_info_t *, ddi_attach_cmd_t);
196 static int ptm_detach(dev_info_t *, ddi_detach_cmd_t);
197 static int ptm_devinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
198
199 static dev_info_t *ptm_dip; /* private devinfo pointer */
200
201 /*
202 * this will define (struct cb_ops cb_ptm_ops) and (struct dev_ops ptm_ops)
203 */
204 DDI_DEFINE_STREAM_OPS(ptm_ops, nulldev, nulldev, ptm_attach, ptm_detach,
205 nodev, ptm_devinfo, D_MP, &ptminfo, ddi_quiesce_not_supported);
206
207 /*
208 * Module linkage information for the kernel.
209 */
210
211 static struct modldrv modldrv = {
212 &mod_driverops, /* Type of module. This one is a pseudo driver */
213 "Master streams driver 'ptm'",
214 &ptm_ops, /* driver ops */
215 };
216
217 static struct modlinkage modlinkage = {
218 MODREV_1,
219 &modldrv,
220 NULL
221 };
222
223 int
224 _init(void)
225 {
226 int rc;
227
228 if ((rc = mod_install(&modlinkage)) == 0)
229 ptms_init();
230 return (rc);
231 }
232
233 int
234 _fini(void)
256 if (ddi_create_minor_node(devi, "ptmx", S_IFCHR,
257 0, DDI_PSEUDO, CLONE_DEV) == DDI_FAILURE) {
258 ddi_remove_minor_node(devi, NULL);
259 return (DDI_FAILURE);
260 }
261 ptm_dip = devi;
262
263 return (DDI_SUCCESS);
264 }
265
266 static int
267 ptm_detach(dev_info_t *devi, ddi_detach_cmd_t cmd)
268 {
269 if (cmd != DDI_DETACH)
270 return (DDI_FAILURE);
271
272 ddi_remove_minor_node(devi, NULL);
273 return (DDI_SUCCESS);
274 }
275
276 /*ARGSUSED*/
277 static int
278 ptm_devinfo(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg,
279 void **result)
280 {
281 int error;
282
283 switch (infocmd) {
284 case DDI_INFO_DEVT2DEVINFO:
285 if (ptm_dip == NULL) {
286 error = DDI_FAILURE;
287 } else {
288 *result = (void *)ptm_dip;
289 error = DDI_SUCCESS;
290 }
291 break;
292 case DDI_INFO_DEVT2INSTANCE:
293 *result = (void *)0;
294 error = DDI_SUCCESS;
295 break;
296 default:
297 error = DDI_FAILURE;
298 }
299 return (error);
300 }
301
302
303 /* ARGSUSED */
304 /*
305 * Open a minor of the master device. Store the write queue pointer and set the
306 * pt_state field to (PTMOPEN | PTLOCK).
307 * This code will work properly with both clone opens and direct opens of the
308 * master device.
309 */
310 static int
311 ptmopen(
312 queue_t *rqp, /* pointer to the read side queue */
313 dev_t *devp, /* pointer to stream tail's dev */
314 int oflag, /* the user open(2) supplied flags */
315 int sflag, /* open state flag */
316 cred_t *credp) /* credentials */
317 {
318 struct pt_ttys *ptmp;
319 mblk_t *mop; /* ptr to a setopts message block */
320 struct stroptions *sop;
321 minor_t dminor = getminor(*devp);
322
323 /* Allow reopen */
324 if (rqp->q_ptr != NULL)
325 return (0);
326
327 if (sflag & MODOPEN)
328 return (ENXIO);
329
330 if (!(sflag & CLONEOPEN) && dminor != 0) {
331 /*
332 * This is a direct open to specific master device through an
333 * artificially created entry with specific minor in
334 * /dev/directory. Such behavior is not supported.
335 */
336 return (ENXIO);
337 }
338
339 /*
340 * The master open requires that the slave be attached
341 * before it returns so that attempts to open the slave will
342 * succeeed
343 */
344 if (ptms_attach_slave() != 0) {
345 return (ENXIO);
346 }
347
348 mop = allocb(sizeof (struct stroptions), BPRI_MED);
349 if (mop == NULL) {
350 DDBG("ptmopen(): mop allocation failed\n", 0);
351 return (ENOMEM);
352 }
353
354 if ((ptmp = pt_ttys_alloc()) == NULL) {
355 DDBG("ptmopen(): pty allocation failed\n", 0);
356 freemsg(mop);
357 return (ENOMEM);
358 }
359
360 dminor = ptmp->pt_minor;
361
362 DDBGP("ptmopen(): allocated ptmp %p\n", (uintptr_t)ptmp);
363 DDBG("ptmopen(): allocated minor %d\n", dminor);
364
365 WR(rqp)->q_ptr = rqp->q_ptr = ptmp;
366
367 qprocson(rqp);
368
369 /* Allow slave to send messages to master */
370 PT_ENTER_WRITE(ptmp);
371 ptmp->ptm_rdq = rqp;
372 PT_EXIT_WRITE(ptmp);
373
374 /*
375 * set up hi/lo water marks on stream head read queue
376 * and add controlling tty if not set
377 */
378 mop->b_datap->db_type = M_SETOPTS;
379 mop->b_wptr += sizeof (struct stroptions);
380 sop = (struct stroptions *)mop->b_rptr;
381 if (oflag & FNOCTTY)
382 sop->so_flags = SO_HIWAT | SO_LOWAT;
383 else
384 sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY;
385 sop->so_hiwat = _TTY_BUFSIZ;
386 sop->so_lowat = 256;
387 putnext(rqp, mop);
388
389 /*
390 * The input, devp, is a major device number, the output is put
391 * into the same parm as a major,minor pair.
392 */
393 *devp = makedevice(getmajor(*devp), dminor);
394
395 return (0);
396 }
397
398
399 /*
400 * Find the address to private data identifying the slave's write queue.
401 * Send a hang-up message up the slave's read queue to designate the
402 * master/slave pair is tearing down. Uattach the master and slave by
403 * nulling out the write queue fields in the private data structure.
404 * Finally, unlock the master/slave pair and mark the master as closed.
405 */
406 /*ARGSUSED1*/
407 static int
408 ptmclose(queue_t *rqp, int flag, cred_t *credp)
409 {
410 struct pt_ttys *ptmp;
411 queue_t *pts_rdq;
412
413 ASSERT(rqp->q_ptr);
414
415 ptmp = (struct pt_ttys *)rqp->q_ptr;
416 PT_ENTER_READ(ptmp);
417 if (ptmp->pts_rdq) {
418 pts_rdq = ptmp->pts_rdq;
419 if (pts_rdq->q_next) {
420 DBG(("send hangup message to slave\n"));
421 (void) putnextctl(pts_rdq, M_HANGUP);
422 }
423 }
424 PT_EXIT_READ(ptmp);
425 /*
426 * ptm_rdq should be cleared before call to qprocsoff() to prevent pts
427 * write procedure to attempt using ptm_rdq after qprocsoff.
428 */
429 PT_ENTER_WRITE(ptmp);
430 ptmp->ptm_rdq = NULL;
431 freemsg(ptmp->pt_nullmsg);
432 ptmp->pt_nullmsg = NULL;
433 /*
434 * qenable slave side write queue so that it can flush
435 * its messages as master's read queue is going away
436 */
437 if (ptmp->pts_rdq)
438 qenable(WR(ptmp->pts_rdq));
439 PT_EXIT_WRITE(ptmp);
440
441 qprocsoff(rqp);
442
443 /* Finish the close */
444 rqp->q_ptr = NULL;
445 WR(rqp)->q_ptr = NULL;
446
447 ptms_close(ptmp, PTMOPEN | PTLOCK);
448
449 return (0);
450 }
451
452 /*
453 * The wput procedure will only handle ioctl and flush messages.
454 */
455 static int
456 ptmwput(queue_t *qp, mblk_t *mp)
457 {
458 struct pt_ttys *ptmp;
459 struct iocblk *iocp;
460
461 DBG(("entering ptmwput\n"));
462 ASSERT(qp->q_ptr);
463
464 ptmp = (struct pt_ttys *)qp->q_ptr;
465 PT_ENTER_READ(ptmp);
466
467 switch (mp->b_datap->db_type) {
468 /*
469 * if write queue request, flush master's write
470 * queue and send FLUSHR up slave side. If read
471 * queue request, convert to FLUSHW and putnext().
472 */
473 case M_FLUSH:
474 {
475 unsigned char flush_flg = 0;
476
477 DBG(("ptm got flush request\n"));
478 if (*mp->b_rptr & FLUSHW) {
479 DBG(("got FLUSHW, flush ptm write Q\n"));
480 if (*mp->b_rptr & FLUSHBAND)
481 /*
482 * if it is a FLUSHBAND, do flushband.
483 */
484 flushband(qp, *(mp->b_rptr + 1),
485 FLUSHDATA);
486 else
487 flushq(qp, FLUSHDATA);
488 flush_flg = (*mp->b_rptr & ~FLUSHW) | FLUSHR;
489 }
490 if (*mp->b_rptr & FLUSHR) {
491 DBG(("got FLUSHR, set FLUSHW\n"));
492 flush_flg |= (*mp->b_rptr & ~FLUSHR) | FLUSHW;
493 }
494 if (flush_flg != 0 && ptmp->pts_rdq &&
495 !(ptmp->pt_state & PTLOCK)) {
496 DBG(("putnext to pts\n"));
497 *mp->b_rptr = flush_flg;
498 putnext(ptmp->pts_rdq, mp);
499 } else
500 freemsg(mp);
501 break;
502 }
503
504 case M_IOCTL:
505 iocp = (struct iocblk *)mp->b_rptr;
506 switch (iocp->ioc_cmd) {
507 default:
508 if ((ptmp->pt_state & PTLOCK) ||
509 (ptmp->pts_rdq == NULL)) {
510 DBG(("got M_IOCTL but no slave\n"));
511 miocnak(qp, mp, 0, EINVAL);
512 PT_EXIT_READ(ptmp);
513 return (0);
514 }
515 (void) putq(qp, mp);
516 break;
517 case UNLKPT:
518 mutex_enter(&ptmp->pt_lock);
519 ptmp->pt_state &= ~PTLOCK;
520 mutex_exit(&ptmp->pt_lock);
521 /*FALLTHROUGH*/
522 case ISPTM:
523 DBG(("ack the UNLKPT/ISPTM\n"));
524 miocack(qp, mp, 0, 0);
525 break;
526 case PTSSTTY:
527 mutex_enter(&ptmp->pt_lock);
528 ptmp->pt_state |= PTSTTY;
529 mutex_exit(&ptmp->pt_lock);
530 DBG(("ack PTSSTTY\n"));
570 ptop = (pt_own_t *)mp->b_cont->b_rptr;
571
572 if (!VALID_UID(ptop->pto_ruid, zone) ||
573 !VALID_GID(ptop->pto_rgid, zone)) {
574 zone_rele(zone);
575 miocnak(qp, mp, 0, EINVAL);
576 break;
577 }
578 zone_rele(zone);
579 mutex_enter(&ptmp->pt_lock);
580 ptmp->pt_ruid = ptop->pto_ruid;
581 ptmp->pt_rgid = ptop->pto_rgid;
582 mutex_exit(&ptmp->pt_lock);
583 miocack(qp, mp, 0, 0);
584 break;
585 }
586 }
587 break;
588
589 case M_READ:
590 /* Caused by ldterm - can not pass to slave */
591 freemsg(mp);
592 break;
593
594 /*
595 * send other messages to slave
596 */
597 default:
598 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
599 DBG(("got msg. but no slave\n"));
600 mp = mexchange(NULL, mp, 2, M_ERROR, -1);
601 if (mp != NULL) {
602 mp->b_rptr[0] = NOERROR;
603 mp->b_rptr[1] = EINVAL;
604 qreply(qp, mp);
605 }
606 PT_EXIT_READ(ptmp);
607 return (0);
608 }
609 DBG(("put msg on master's write queue\n"));
610 (void) putq(qp, mp);
611 break;
612 }
613 DBG(("return from ptmwput()\n"));
614 PT_EXIT_READ(ptmp);
615 return (0);
616 }
617
618
619 /*
620 * enable the write side of the slave. This triggers the
621 * slave to send any messages queued on its write side to
622 * the read side of this master.
623 */
624 static int
625 ptmrsrv(queue_t *qp)
626 {
627 struct pt_ttys *ptmp;
628
629 DBG(("entering ptmrsrv\n"));
630 ASSERT(qp->q_ptr);
631
632 ptmp = (struct pt_ttys *)qp->q_ptr;
633 PT_ENTER_READ(ptmp);
634 if (ptmp->pts_rdq) {
635 qenable(WR(ptmp->pts_rdq));
636 }
637 PT_EXIT_READ(ptmp);
638 DBG(("leaving ptmrsrv\n"));
639 return (0);
640 }
641
642
643 /*
644 * If there are messages on this queue that can be sent to
645 * slave, send them via putnext(). Else, if queued messages
646 * cannot be sent, leave them on this queue. If priority
647 * messages on this queue, send them to slave no matter what.
648 */
649 static int
650 ptmwsrv(queue_t *qp)
651 {
652 struct pt_ttys *ptmp;
653 mblk_t *mp;
654
655 DBG(("entering ptmwsrv\n"));
656 ASSERT(qp->q_ptr);
657
658 ptmp = (struct pt_ttys *)qp->q_ptr;
659
660 if ((mp = getq(qp)) == NULL) {
661 /* If there are no messages there's nothing to do. */
662 DBG(("leaving ptmwsrv (no messages)\n"));
663 return (0);
664 }
665
666 PT_ENTER_READ(ptmp);
667 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
668 DBG(("in master write srv proc but no slave\n"));
669 /*
670 * Free messages on the write queue and send
671 * NAK for any M_IOCTL type messages to wakeup
672 * the user process waiting for ACK/NAK from
673 * the ioctl invocation
674 */
675 do {
676 if (mp->b_datap->db_type == M_IOCTL)
677 miocnak(qp, mp, 0, EINVAL);
678 else
679 freemsg(mp);
680 } while ((mp = getq(qp)) != NULL);
681 flushq(qp, FLUSHALL);
682
683 mp = mexchange(NULL, NULL, 2, M_ERROR, -1);
684 if (mp != NULL) {
685 mp->b_rptr[0] = NOERROR;
686 mp->b_rptr[1] = EINVAL;
687 qreply(qp, mp);
688 }
689 PT_EXIT_READ(ptmp);
690 return (0);
691 }
692 /*
693 * while there are messages on this write queue...
694 */
695 do {
696 /*
697 * if don't have control message and cannot put
698 * msg. on slave's read queue, put it back on
699 * this queue.
700 */
701 if (mp->b_datap->db_type <= QPCTL &&
702 !bcanputnext(ptmp->pts_rdq, mp->b_band)) {
703 DBG(("put msg. back on queue\n"));
704 (void) putbq(qp, mp);
705 break;
706 }
707 /*
708 * else send the message up slave's stream
709 */
710 DBG(("send message to slave\n"));
711 putnext(ptmp->pts_rdq, mp);
712 } while ((mp = getq(qp)) != NULL);
713 DBG(("leaving ptmwsrv\n"));
714 PT_EXIT_READ(ptmp);
715 return (0);
716 }
|
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
25 /* All Rights Reserved */
26
27 /*
28 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
29 * Copyright 2021 Oxide Computer Company
30 */
31
32 /*
33 * PSEUDO-TERMINAL MANAGER DRIVER (PTM)
34 *
35 * The pseudo-terminal subsystem simulates a terminal connection, where the
36 * manager side represents the terminal and the subsidiary represents the user
37 * process's special device end point. The manager device is set up as a
38 * cloned device where its major device number is the major for the clone
39 * device and its minor device number is the major for the ptm driver. There
40 * are no nodes in the file system for manager devices. The manager pseudo
41 * driver is opened using the open(2) system call with /dev/ptmx as the device
42 * parameter. The clone open finds the next available minor device for the ptm
43 * major device.
44 *
45 * A manager device is available only if it and its corresponding subsidiary
46 * device are not already open. When the manager device is opened, the
47 * corresponding subsidiary device is automatically locked out. Only one open
48 * is allowed on a manager device. Multiple opens are allowed on the
49 * subsidiary device. After both the manager and subsidiary have been opened,
50 * the user has two file descriptors which are the end points of a full duplex
51 * connection composed of two streams which are automatically connected at the
52 * manager and subsidiary drivers. The user may then push modules onto either
53 * side of the stream pair.
54 *
55 * The manager and subsidiary drivers pass all messages to their adjacent
56 * queues. Only the M_FLUSH needs some processing. Because the read queue of
57 * one side is connected to the write queue of the other, the FLUSHR flag is
58 * changed to the FLUSHW flag and vice versa. When the manager device is
59 * closed an M_HANGUP message is sent to the subsidiary device which will
60 * render the device unusable. The process on the subsidiary side gets an EIO
61 * error when attempting to write on that stream but it will be able to read
62 * any data remaining on the stream head read queue. When all the data has
63 * been read, read() returns 0 indicating that the stream can no longer be
64 * used. On the last close of the subsidiary device, a 0-length message is
65 * sent to the manager device. When the application on the manager side issues
66 * a read() or getmsg() and 0 is returned, the user of the manager device
67 * decides whether to issue a close() that dismantles the pseudo-terminal
68 * subsystem. If the manager device is not closed, the pseudo-terminal
69 * subsystem will be available to another user to open the subsidiary device.
70 *
71 * If O_NONBLOCK or O_NDELAY is set, read on the manager side returns -1 with
72 * errno set to EAGAIN if no data is available, and write returns -1 with errno
73 * set to EAGAIN if there is internal flow control.
74 *
75 *
76 * IOCTLS
77 *
78 * ISPTM
79 * Determines whether the file descriptor is that of an open
80 * manager device. Return code of zero indicates that the file
81 * descriptor represents a manager device.
82 *
83 * UNLKPT
84 * Unlocks the manager and subsidiary devices. It returns 0 on
85 * success. On failure, the errno is set to EINVAL indicating that
86 * the manager device is not open.
87 *
88 * ZONEPT
89 * Sets the zone membership of the associated subsidiary device.
90 *
91 * GRPPT
92 * Sets the group owner of the associated subsidiary device.
93 *
94 *
95 * SYNCHRONIZATION
96 *
97 * All global data synchronization between ptm/pts is done via global ptms_lock
98 * mutex which is initialized at system boot time from ptms_initspace (called
99 * from space.c).
100 *
101 * Individual fields of pt_ttys structure (except ptm_rdq, pts_rdq and
102 * pt_nullmsg) are protected by pt_ttys.pt_lock mutex.
103 *
104 * PT_ENTER_READ/PT_ENTER_WRITE are reference counter based read-write locks
105 * which allow reader locks to be reacquired by the same thread (usual
106 * reader/writer locks can't be used for that purpose since it is illegal for a
107 * thread to acquire a lock it already holds, even as a reader). The sole
108 * purpose of these macros is to guarantee that the peer queue will not
109 * disappear (due to closing peer) while it is used. It is safe to use
110 * PT_ENTER_READ/PT_EXIT_READ brackets across calls like putq/putnext (since
111 * they are not real locks but reference counts).
112 *
113 * PT_ENTER_WRITE/PT_EXIT_WRITE brackets are used ONLY in manager/subsidiary
114 * open/close paths to modify ptm_rdq and pts_rdq fields. These fields should
115 * be set to appropriate queues *after* qprocson() is called during open (to
116 * prevent peer from accessing the queue with incomplete plumbing) and set to
117 * NULL before qprocsoff() is called during close.
118 *
119 * The pt_nullmsg field is only used in open/close routines and it is also
120 * protected by PT_ENTER_WRITE/PT_EXIT_WRITE brackets to avoid extra mutex
121 * holds.
122 *
123 *
124 * LOCK ORDERING
125 *
126 * If both ptms_lock and per-pty lock should be held, ptms_lock should always
127 * be entered first, followed by per-pty lock.
128 *
129 * See ptms.h, pts.c, and ptms_conf.c for more information.
130 */
131
132 #include <sys/types.h>
133 #include <sys/param.h>
134 #include <sys/file.h>
135 #include <sys/sysmacros.h>
136 #include <sys/stream.h>
137 #include <sys/stropts.h>
138 #include <sys/proc.h>
139 #include <sys/errno.h>
140 #include <sys/debug.h>
141 #include <sys/cmn_err.h>
142 #include <sys/ptms.h>
143 #include <sys/stat.h>
144 #include <sys/strsun.h>
145 #include <sys/systm.h>
146 #include <sys/modctl.h>
147 #include <sys/conf.h>
148 #include <sys/ddi.h>
149 #include <sys/sunddi.h>
150 #include <sys/zone.h>
151
152 #ifdef DEBUG
153 int ptm_debug = 0;
154 #define DBG(a) if (ptm_debug) cmn_err(CE_NOTE, a)
155 #else
156 #define DBG(a)
157 #endif
158
159 static int ptmopen(queue_t *, dev_t *, int, int, cred_t *);
160 static int ptmclose(queue_t *, int, cred_t *);
161 static int ptmwput(queue_t *, mblk_t *);
162 static int ptmrsrv(queue_t *);
163 static int ptmwsrv(queue_t *);
164
165 static struct module_info ptm_info = {
166 0xdead,
167 "ptm",
168 0,
169 512,
170 512,
171 128
172 };
173
174 static struct qinit ptmrint = {
175 NULL,
176 ptmrsrv,
177 ptmopen,
178 ptmclose,
179 NULL,
180 &ptm_info,
181 NULL
182 };
183
184 static struct qinit ptmwint = {
198 NULL
199 };
200
201 static int ptm_attach(dev_info_t *, ddi_attach_cmd_t);
202 static int ptm_detach(dev_info_t *, ddi_detach_cmd_t);
203 static int ptm_devinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
204
205 static dev_info_t *ptm_dip; /* private devinfo pointer */
206
207 /*
208 * this will define (struct cb_ops cb_ptm_ops) and (struct dev_ops ptm_ops)
209 */
210 DDI_DEFINE_STREAM_OPS(ptm_ops, nulldev, nulldev, ptm_attach, ptm_detach,
211 nodev, ptm_devinfo, D_MP, &ptminfo, ddi_quiesce_not_supported);
212
213 /*
214 * Module linkage information for the kernel.
215 */
216
217 static struct modldrv modldrv = {
218 &mod_driverops,
219 "Pseudo-Terminal Manager Driver",
220 &ptm_ops,
221 };
222
223 static struct modlinkage modlinkage = {
224 MODREV_1,
225 &modldrv,
226 NULL
227 };
228
229 int
230 _init(void)
231 {
232 int rc;
233
234 if ((rc = mod_install(&modlinkage)) == 0)
235 ptms_init();
236 return (rc);
237 }
238
239 int
240 _fini(void)
262 if (ddi_create_minor_node(devi, "ptmx", S_IFCHR,
263 0, DDI_PSEUDO, CLONE_DEV) == DDI_FAILURE) {
264 ddi_remove_minor_node(devi, NULL);
265 return (DDI_FAILURE);
266 }
267 ptm_dip = devi;
268
269 return (DDI_SUCCESS);
270 }
271
272 static int
273 ptm_detach(dev_info_t *devi, ddi_detach_cmd_t cmd)
274 {
275 if (cmd != DDI_DETACH)
276 return (DDI_FAILURE);
277
278 ddi_remove_minor_node(devi, NULL);
279 return (DDI_SUCCESS);
280 }
281
282 static int
283 ptm_devinfo(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg,
284 void **result)
285 {
286 int error;
287
288 switch (infocmd) {
289 case DDI_INFO_DEVT2DEVINFO:
290 if (ptm_dip == NULL) {
291 error = DDI_FAILURE;
292 } else {
293 *result = (void *)ptm_dip;
294 error = DDI_SUCCESS;
295 }
296 break;
297 case DDI_INFO_DEVT2INSTANCE:
298 *result = (void *)0;
299 error = DDI_SUCCESS;
300 break;
301 default:
302 error = DDI_FAILURE;
303 }
304 return (error);
305 }
306
307
308 /*
309 * Open a minor of the manager device. Store the write queue pointer and set
310 * the pt_state field to (PTMOPEN | PTLOCK).
311 * This code will work properly with both clone opens and direct opens of the
312 * manager device.
313 */
314 static int
315 ptmopen(
316 queue_t *rqp, /* pointer to the read side queue */
317 dev_t *devp, /* pointer to stream tail's dev */
318 int oflag, /* the user open(2) supplied flags */
319 int sflag, /* open state flag */
320 cred_t *credp) /* credentials */
321 {
322 struct pt_ttys *ptmp;
323 mblk_t *mop; /* ptr to a setopts message block */
324 struct stroptions *sop;
325 minor_t dminor = getminor(*devp);
326
327 /* Allow reopen */
328 if (rqp->q_ptr != NULL)
329 return (0);
330
331 if (sflag & MODOPEN)
332 return (ENXIO);
333
334 if (!(sflag & CLONEOPEN) && dminor != 0) {
335 /*
336 * This is a direct open to specific manager device through an
337 * artificially created entry with specific minor in
338 * /dev/directory. Such behavior is not supported.
339 */
340 return (ENXIO);
341 }
342
343 /*
344 * The manager open requires that the subsidiary be attached before it
345 * returns so that attempts to open the subsidiary will succeeed
346 */
347 if (ptms_attach_subsidiary() != 0) {
348 return (ENXIO);
349 }
350
351 mop = allocb(sizeof (struct stroptions), BPRI_MED);
352 if (mop == NULL) {
353 DDBG("ptmopen(): mop allocation failed\n", 0);
354 return (ENOMEM);
355 }
356
357 if ((ptmp = pt_ttys_alloc()) == NULL) {
358 DDBG("ptmopen(): pty allocation failed\n", 0);
359 freemsg(mop);
360 return (ENOMEM);
361 }
362
363 dminor = ptmp->pt_minor;
364
365 DDBGP("ptmopen(): allocated ptmp %p\n", (uintptr_t)ptmp);
366 DDBG("ptmopen(): allocated minor %d\n", dminor);
367
368 WR(rqp)->q_ptr = rqp->q_ptr = ptmp;
369
370 qprocson(rqp);
371
372 /* Allow subsidiary to send messages to manager */
373 PT_ENTER_WRITE(ptmp);
374 ptmp->ptm_rdq = rqp;
375 PT_EXIT_WRITE(ptmp);
376
377 /*
378 * set up hi/lo water marks on stream head read queue
379 * and add controlling tty if not set
380 */
381 mop->b_datap->db_type = M_SETOPTS;
382 mop->b_wptr += sizeof (struct stroptions);
383 sop = (struct stroptions *)mop->b_rptr;
384 if (oflag & FNOCTTY)
385 sop->so_flags = SO_HIWAT | SO_LOWAT;
386 else
387 sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY;
388 sop->so_hiwat = _TTY_BUFSIZ;
389 sop->so_lowat = 256;
390 putnext(rqp, mop);
391
392 /*
393 * The input, devp, is a major device number, the output is put
394 * into the same parm as a major,minor pair.
395 */
396 *devp = makedevice(getmajor(*devp), dminor);
397
398 return (0);
399 }
400
401
402 /*
403 * Find the address to private data identifying the subsidiary's write queue.
404 * Send a hang-up message up the subsidiary's read queue to designate the
405 * manager/subsidiary pair is tearing down. Uattach the manager and subsidiary
406 * by nulling out the write queue fields in the private data structure.
407 * Finally, unlock the manager/subsidiary pair and mark the manager as closed.
408 */
409 static int
410 ptmclose(queue_t *rqp, int flag, cred_t *credp)
411 {
412 struct pt_ttys *ptmp;
413 queue_t *pts_rdq;
414
415 ASSERT(rqp->q_ptr);
416
417 ptmp = (struct pt_ttys *)rqp->q_ptr;
418 PT_ENTER_READ(ptmp);
419 if (ptmp->pts_rdq) {
420 pts_rdq = ptmp->pts_rdq;
421 if (pts_rdq->q_next) {
422 DBG(("send hangup message to subsidiary\n"));
423 (void) putnextctl(pts_rdq, M_HANGUP);
424 }
425 }
426 PT_EXIT_READ(ptmp);
427 /*
428 * ptm_rdq should be cleared before call to qprocsoff() to prevent pts
429 * write procedure to attempt using ptm_rdq after qprocsoff.
430 */
431 PT_ENTER_WRITE(ptmp);
432 ptmp->ptm_rdq = NULL;
433 freemsg(ptmp->pt_nullmsg);
434 ptmp->pt_nullmsg = NULL;
435 /*
436 * qenable subsidiary side write queue so that it can flush
437 * its messages as manager's read queue is going away
438 */
439 if (ptmp->pts_rdq)
440 qenable(WR(ptmp->pts_rdq));
441 PT_EXIT_WRITE(ptmp);
442
443 qprocsoff(rqp);
444
445 /* Finish the close */
446 rqp->q_ptr = NULL;
447 WR(rqp)->q_ptr = NULL;
448
449 ptms_close(ptmp, PTMOPEN | PTLOCK);
450
451 return (0);
452 }
453
454 /*
455 * The wput procedure will only handle ioctl and flush messages.
456 */
457 static int
458 ptmwput(queue_t *qp, mblk_t *mp)
459 {
460 struct pt_ttys *ptmp;
461 struct iocblk *iocp;
462
463 DBG(("entering ptmwput\n"));
464 ASSERT(qp->q_ptr);
465
466 ptmp = (struct pt_ttys *)qp->q_ptr;
467 PT_ENTER_READ(ptmp);
468
469 switch (mp->b_datap->db_type) {
470 /*
471 * If this is a write queue request, flush manager's write queue and
472 * send FLUSHR up subsidiary side. If it is a read queue request,
473 * convert to FLUSHW and putnext().
474 */
475 case M_FLUSH:
476 {
477 unsigned char flush_flg = 0;
478
479 DBG(("ptm got flush request\n"));
480 if (*mp->b_rptr & FLUSHW) {
481 DBG(("got FLUSHW, flush ptm write Q\n"));
482 if (*mp->b_rptr & FLUSHBAND) {
483 /*
484 * if it is a FLUSHBAND, do flushband.
485 */
486 flushband(qp, *(mp->b_rptr + 1),
487 FLUSHDATA);
488 } else {
489 flushq(qp, FLUSHDATA);
490 }
491 flush_flg = (*mp->b_rptr & ~FLUSHW) | FLUSHR;
492 }
493 if (*mp->b_rptr & FLUSHR) {
494 DBG(("got FLUSHR, set FLUSHW\n"));
495 flush_flg |= (*mp->b_rptr & ~FLUSHR) | FLUSHW;
496 }
497 if (flush_flg != 0 && ptmp->pts_rdq &&
498 !(ptmp->pt_state & PTLOCK)) {
499 DBG(("putnext to pts\n"));
500 *mp->b_rptr = flush_flg;
501 putnext(ptmp->pts_rdq, mp);
502 } else {
503 freemsg(mp);
504 }
505 break;
506 }
507
508 case M_IOCTL:
509 iocp = (struct iocblk *)mp->b_rptr;
510 switch (iocp->ioc_cmd) {
511 default:
512 if ((ptmp->pt_state & PTLOCK) ||
513 (ptmp->pts_rdq == NULL)) {
514 DBG(("got M_IOCTL but no subsidiary\n"));
515 miocnak(qp, mp, 0, EINVAL);
516 PT_EXIT_READ(ptmp);
517 return (0);
518 }
519 (void) putq(qp, mp);
520 break;
521 case UNLKPT:
522 mutex_enter(&ptmp->pt_lock);
523 ptmp->pt_state &= ~PTLOCK;
524 mutex_exit(&ptmp->pt_lock);
525 /*FALLTHROUGH*/
526 case ISPTM:
527 DBG(("ack the UNLKPT/ISPTM\n"));
528 miocack(qp, mp, 0, 0);
529 break;
530 case PTSSTTY:
531 mutex_enter(&ptmp->pt_lock);
532 ptmp->pt_state |= PTSTTY;
533 mutex_exit(&ptmp->pt_lock);
534 DBG(("ack PTSSTTY\n"));
574 ptop = (pt_own_t *)mp->b_cont->b_rptr;
575
576 if (!VALID_UID(ptop->pto_ruid, zone) ||
577 !VALID_GID(ptop->pto_rgid, zone)) {
578 zone_rele(zone);
579 miocnak(qp, mp, 0, EINVAL);
580 break;
581 }
582 zone_rele(zone);
583 mutex_enter(&ptmp->pt_lock);
584 ptmp->pt_ruid = ptop->pto_ruid;
585 ptmp->pt_rgid = ptop->pto_rgid;
586 mutex_exit(&ptmp->pt_lock);
587 miocack(qp, mp, 0, 0);
588 break;
589 }
590 }
591 break;
592
593 case M_READ:
594 /* Caused by ldterm - can not pass to subsidiary */
595 freemsg(mp);
596 break;
597
598 /*
599 * Send other messages to the subsidiary:
600 */
601 default:
602 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
603 DBG(("got msg. but no subsidiary\n"));
604 mp = mexchange(NULL, mp, 2, M_ERROR, -1);
605 if (mp != NULL) {
606 mp->b_rptr[0] = NOERROR;
607 mp->b_rptr[1] = EINVAL;
608 qreply(qp, mp);
609 }
610 PT_EXIT_READ(ptmp);
611 return (0);
612 }
613 DBG(("put msg on manager's write queue\n"));
614 (void) putq(qp, mp);
615 break;
616 }
617 DBG(("return from ptmwput()\n"));
618 PT_EXIT_READ(ptmp);
619 return (0);
620 }
621
622
623 /*
624 * Enable the write side of the subsidiary. This triggers the subsidiary to
625 * send any messages queued on its write side to the read side of this manager.
626 */
627 static int
628 ptmrsrv(queue_t *qp)
629 {
630 struct pt_ttys *ptmp;
631
632 DBG(("entering ptmrsrv\n"));
633 ASSERT(qp->q_ptr);
634
635 ptmp = (struct pt_ttys *)qp->q_ptr;
636 PT_ENTER_READ(ptmp);
637 if (ptmp->pts_rdq) {
638 qenable(WR(ptmp->pts_rdq));
639 }
640 PT_EXIT_READ(ptmp);
641 DBG(("leaving ptmrsrv\n"));
642 return (0);
643 }
644
645
646 /*
647 * If there are messages on this queue that can be sent to subsidiary, send
648 * them via putnext(). Otherwise, if queued messages cannot be sent, leave
649 * them on this queue. If priority messages on this queue, send them to the
650 * subsidiary no matter what.
651 */
652 static int
653 ptmwsrv(queue_t *qp)
654 {
655 struct pt_ttys *ptmp;
656 mblk_t *mp;
657
658 DBG(("entering ptmwsrv\n"));
659 ASSERT(qp->q_ptr);
660
661 ptmp = (struct pt_ttys *)qp->q_ptr;
662
663 if ((mp = getq(qp)) == NULL) {
664 /* If there are no messages there's nothing to do. */
665 DBG(("leaving ptmwsrv (no messages)\n"));
666 return (0);
667 }
668
669 PT_ENTER_READ(ptmp);
670 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
671 DBG(("in manager write srv proc but no subsidiary\n"));
672 /*
673 * Free messages on the write queue and send
674 * NAK for any M_IOCTL type messages to wakeup
675 * the user process waiting for ACK/NAK from
676 * the ioctl invocation
677 */
678 do {
679 if (mp->b_datap->db_type == M_IOCTL)
680 miocnak(qp, mp, 0, EINVAL);
681 else
682 freemsg(mp);
683 } while ((mp = getq(qp)) != NULL);
684 flushq(qp, FLUSHALL);
685
686 mp = mexchange(NULL, NULL, 2, M_ERROR, -1);
687 if (mp != NULL) {
688 mp->b_rptr[0] = NOERROR;
689 mp->b_rptr[1] = EINVAL;
690 qreply(qp, mp);
691 }
692 PT_EXIT_READ(ptmp);
693 return (0);
694 }
695 /*
696 * While there are messages on this write queue...
697 */
698 do {
699 /*
700 * If this is not a control message, and we cannot put messages
701 * on the subsidiary's read queue, put it back on this queue.
702 */
703 if (mp->b_datap->db_type <= QPCTL &&
704 !bcanputnext(ptmp->pts_rdq, mp->b_band)) {
705 DBG(("put msg. back on queue\n"));
706 (void) putbq(qp, mp);
707 break;
708 }
709 /*
710 * Otherwise send the message up subsidiary's stream
711 */
712 DBG(("send message to subsidiary\n"));
713 putnext(ptmp->pts_rdq, mp);
714 } while ((mp = getq(qp)) != NULL);
715 DBG(("leaving ptmwsrv\n"));
716 PT_EXIT_READ(ptmp);
717 return (0);
718 }
|