The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/kern/tty.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
    3  *
    4  * Copyright (c) 2008 Ed Schouten <ed@FreeBSD.org>
    5  * All rights reserved.
    6  *
    7  * Portions of this software were developed under sponsorship from Snow
    8  * B.V., the Netherlands.
    9  *
   10  * Redistribution and use in source and binary forms, with or without
   11  * modification, are permitted provided that the following conditions
   12  * are met:
   13  * 1. Redistributions of source code must retain the above copyright
   14  *    notice, this list of conditions and the following disclaimer.
   15  * 2. Redistributions in binary form must reproduce the above copyright
   16  *    notice, this list of conditions and the following disclaimer in the
   17  *    documentation and/or other materials provided with the distribution.
   18  *
   19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   29  * SUCH DAMAGE.
   30  */
   31 
   32 #include <sys/cdefs.h>
   33 __FBSDID("$FreeBSD$");
   34 
   35 #include "opt_capsicum.h"
   36 
   37 #include <sys/param.h>
   38 #include <sys/capsicum.h>
   39 #include <sys/conf.h>
   40 #include <sys/cons.h>
   41 #include <sys/fcntl.h>
   42 #include <sys/file.h>
   43 #include <sys/filedesc.h>
   44 #include <sys/filio.h>
   45 #ifdef COMPAT_43TTY
   46 #include <sys/ioctl_compat.h>
   47 #endif /* COMPAT_43TTY */
   48 #include <sys/kernel.h>
   49 #include <sys/limits.h>
   50 #include <sys/malloc.h>
   51 #include <sys/mount.h>
   52 #include <sys/poll.h>
   53 #include <sys/priv.h>
   54 #include <sys/proc.h>
   55 #include <sys/serial.h>
   56 #include <sys/signal.h>
   57 #include <sys/stat.h>
   58 #include <sys/sx.h>
   59 #include <sys/sysctl.h>
   60 #include <sys/systm.h>
   61 #include <sys/tty.h>
   62 #include <sys/ttycom.h>
   63 #define TTYDEFCHARS
   64 #include <sys/ttydefaults.h>
   65 #undef TTYDEFCHARS
   66 #include <sys/ucred.h>
   67 #include <sys/vnode.h>
   68 
   69 #include <machine/stdarg.h>
   70 
   71 static MALLOC_DEFINE(M_TTY, "tty", "tty device");
   72 
   73 static void tty_rel_free(struct tty *tp);
   74 
   75 static TAILQ_HEAD(, tty) tty_list = TAILQ_HEAD_INITIALIZER(tty_list);
   76 static struct sx tty_list_sx;
   77 SX_SYSINIT(tty_list, &tty_list_sx, "tty list");
   78 static unsigned int tty_list_count = 0;
   79 
   80 /* Character device of /dev/console. */
   81 static struct cdev      *dev_console;
   82 static const char       *dev_console_filename;
   83 
   84 /*
   85  * Flags that are supported and stored by this implementation.
   86  */
   87 #define TTYSUP_IFLAG    (IGNBRK|BRKINT|IGNPAR|PARMRK|INPCK|ISTRIP|\
   88                         INLCR|IGNCR|ICRNL|IXON|IXOFF|IXANY|IMAXBEL)
   89 #define TTYSUP_OFLAG    (OPOST|ONLCR|TAB3|ONOEOT|OCRNL|ONOCR|ONLRET)
   90 #define TTYSUP_LFLAG    (ECHOKE|ECHOE|ECHOK|ECHO|ECHONL|ECHOPRT|\
   91                         ECHOCTL|ISIG|ICANON|ALTWERASE|IEXTEN|TOSTOP|\
   92                         FLUSHO|NOKERNINFO|NOFLSH)
   93 #define TTYSUP_CFLAG    (CIGNORE|CSIZE|CSTOPB|CREAD|PARENB|PARODD|\
   94                         HUPCL|CLOCAL|CCTS_OFLOW|CRTS_IFLOW|CDTR_IFLOW|\
   95                         CDSR_OFLOW|CCAR_OFLOW)
   96 
   97 #define TTY_CALLOUT(tp,d) (dev2unit(d) & TTYUNIT_CALLOUT)
   98 
   99 static int  tty_drainwait = 5 * 60;
  100 SYSCTL_INT(_kern, OID_AUTO, tty_drainwait, CTLFLAG_RWTUN,
  101     &tty_drainwait, 0, "Default output drain timeout in seconds");
  102 
  103 /*
  104  * Set TTY buffer sizes.
  105  */
  106 
  107 #define TTYBUF_MAX      65536
  108 
  109 /*
  110  * Allocate buffer space if necessary, and set low watermarks, based on speed.
  111  * Note that the ttyxxxq_setsize() functions may drop and then reacquire the tty
  112  * lock during memory allocation.  They will return ENXIO if the tty disappears
  113  * while unlocked.
  114  */
  115 static int
  116 tty_watermarks(struct tty *tp)
  117 {
  118         size_t bs = 0;
  119         int error;
  120 
  121         /* Provide an input buffer for 2 seconds of data. */
  122         if (tp->t_termios.c_cflag & CREAD)
  123                 bs = MIN(tp->t_termios.c_ispeed / 5, TTYBUF_MAX);
  124         error = ttyinq_setsize(&tp->t_inq, tp, bs);
  125         if (error != 0)
  126                 return (error);
  127 
  128         /* Set low watermark at 10% (when 90% is available). */
  129         tp->t_inlow = (ttyinq_getallocatedsize(&tp->t_inq) * 9) / 10;
  130 
  131         /* Provide an output buffer for 2 seconds of data. */
  132         bs = MIN(tp->t_termios.c_ospeed / 5, TTYBUF_MAX);
  133         error = ttyoutq_setsize(&tp->t_outq, tp, bs);
  134         if (error != 0)
  135                 return (error);
  136 
  137         /* Set low watermark at 10% (when 90% is available). */
  138         tp->t_outlow = (ttyoutq_getallocatedsize(&tp->t_outq) * 9) / 10;
  139 
  140         return (0);
  141 }
  142 
  143 static int
  144 tty_drain(struct tty *tp, int leaving)
  145 {
  146         sbintime_t timeout_at;
  147         size_t bytes;
  148         int error;
  149 
  150         if (ttyhook_hashook(tp, getc_inject))
  151                 /* buffer is inaccessible */
  152                 return (0);
  153 
  154         /*
  155          * For close(), use the recent historic timeout of "1 second without
  156          * making progress".  For tcdrain(), use t_drainwait as the timeout,
  157          * with zero meaning "no timeout" which gives POSIX behavior.
  158          */
  159         if (leaving)
  160                 timeout_at = getsbinuptime() + SBT_1S;
  161         else if (tp->t_drainwait != 0)
  162                 timeout_at = getsbinuptime() + SBT_1S * tp->t_drainwait;
  163         else
  164                 timeout_at = 0;
  165 
  166         /*
  167          * Poll the output buffer and the hardware for completion, at 10 Hz.
  168          * Polling is required for devices which are not able to signal an
  169          * interrupt when the transmitter becomes idle (most USB serial devs).
  170          * The unusual structure of this loop ensures we check for busy one more
  171          * time after tty_timedwait() returns EWOULDBLOCK, so that success has
  172          * higher priority than timeout if the IO completed in the last 100mS.
  173          */
  174         error = 0;
  175         bytes = ttyoutq_bytesused(&tp->t_outq);
  176         for (;;) {
  177                 if (ttyoutq_bytesused(&tp->t_outq) == 0 && !ttydevsw_busy(tp))
  178                         return (0);
  179                 if (error != 0)
  180                         return (error);
  181                 ttydevsw_outwakeup(tp);
  182                 error = tty_timedwait(tp, &tp->t_outwait, hz / 10);
  183                 if (error != 0 && error != EWOULDBLOCK)
  184                         return (error);
  185                 else if (timeout_at == 0 || getsbinuptime() < timeout_at)
  186                         error = 0;
  187                 else if (leaving && ttyoutq_bytesused(&tp->t_outq) < bytes) {
  188                         /* In close, making progress, grant an extra second. */
  189                         error = 0;
  190                         timeout_at += SBT_1S;
  191                         bytes = ttyoutq_bytesused(&tp->t_outq);
  192                 }
  193         }
  194 }
  195 
  196 /*
  197  * Though ttydev_enter() and ttydev_leave() seem to be related, they
  198  * don't have to be used together. ttydev_enter() is used by the cdev
  199  * operations to prevent an actual operation from being processed when
  200  * the TTY has been abandoned. ttydev_leave() is used by ttydev_open()
  201  * and ttydev_close() to determine whether per-TTY data should be
  202  * deallocated.
  203  */
  204 
  205 static __inline int
  206 ttydev_enter(struct tty *tp)
  207 {
  208 
  209         tty_lock(tp);
  210 
  211         if (tty_gone(tp) || !tty_opened(tp)) {
  212                 /* Device is already gone. */
  213                 tty_unlock(tp);
  214                 return (ENXIO);
  215         }
  216 
  217         return (0);
  218 }
  219 
  220 static void
  221 ttydev_leave(struct tty *tp)
  222 {
  223 
  224         tty_assert_locked(tp);
  225 
  226         if (tty_opened(tp) || tp->t_flags & TF_OPENCLOSE) {
  227                 /* Device is still opened somewhere. */
  228                 tty_unlock(tp);
  229                 return;
  230         }
  231 
  232         tp->t_flags |= TF_OPENCLOSE;
  233 
  234         /* Remove console TTY. */
  235         if (constty == tp)
  236                 constty_clear();
  237 
  238         /* Drain any output. */
  239         if (!tty_gone(tp))
  240                 tty_drain(tp, 1);
  241 
  242         ttydisc_close(tp);
  243 
  244         /* Free i/o queues now since they might be large. */
  245         ttyinq_free(&tp->t_inq);
  246         tp->t_inlow = 0;
  247         ttyoutq_free(&tp->t_outq);
  248         tp->t_outlow = 0;
  249 
  250         knlist_clear(&tp->t_inpoll.si_note, 1);
  251         knlist_clear(&tp->t_outpoll.si_note, 1);
  252 
  253         if (!tty_gone(tp))
  254                 ttydevsw_close(tp);
  255 
  256         tp->t_flags &= ~TF_OPENCLOSE;
  257         cv_broadcast(&tp->t_dcdwait);
  258         tty_rel_free(tp);
  259 }
  260 
  261 /*
  262  * Operations that are exposed through the character device in /dev.
  263  */
  264 static int
  265 ttydev_open(struct cdev *dev, int oflags, int devtype __unused,
  266     struct thread *td)
  267 {
  268         struct tty *tp;
  269         int error;
  270 
  271         tp = dev->si_drv1;
  272         error = 0;
  273         tty_lock(tp);
  274         if (tty_gone(tp)) {
  275                 /* Device is already gone. */
  276                 tty_unlock(tp);
  277                 return (ENXIO);
  278         }
  279 
  280         /*
  281          * Block when other processes are currently opening or closing
  282          * the TTY.
  283          */
  284         while (tp->t_flags & TF_OPENCLOSE) {
  285                 error = tty_wait(tp, &tp->t_dcdwait);
  286                 if (error != 0) {
  287                         tty_unlock(tp);
  288                         return (error);
  289                 }
  290         }
  291         tp->t_flags |= TF_OPENCLOSE;
  292 
  293         /*
  294          * Make sure the "tty" and "cua" device cannot be opened at the
  295          * same time.  The console is a "tty" device.
  296          */
  297         if (TTY_CALLOUT(tp, dev)) {
  298                 if (tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) {
  299                         error = EBUSY;
  300                         goto done;
  301                 }
  302         } else {
  303                 if (tp->t_flags & TF_OPENED_OUT) {
  304                         error = EBUSY;
  305                         goto done;
  306                 }
  307         }
  308 
  309         if (tp->t_flags & TF_EXCLUDE && priv_check(td, PRIV_TTY_EXCLUSIVE)) {
  310                 error = EBUSY;
  311                 goto done;
  312         }
  313 
  314         if (!tty_opened(tp)) {
  315                 /* Set proper termios flags. */
  316                 if (TTY_CALLOUT(tp, dev))
  317                         tp->t_termios = tp->t_termios_init_out;
  318                 else
  319                         tp->t_termios = tp->t_termios_init_in;
  320                 ttydevsw_param(tp, &tp->t_termios);
  321                 /* Prevent modem control on callout devices and /dev/console. */
  322                 if (TTY_CALLOUT(tp, dev) || dev == dev_console)
  323                         tp->t_termios.c_cflag |= CLOCAL;
  324 
  325                 ttydevsw_modem(tp, SER_DTR|SER_RTS, 0);
  326 
  327                 error = ttydevsw_open(tp);
  328                 if (error != 0)
  329                         goto done;
  330 
  331                 ttydisc_open(tp);
  332                 error = tty_watermarks(tp);
  333                 if (error != 0)
  334                         goto done;
  335         }
  336 
  337         /* Wait for Carrier Detect. */
  338         if ((oflags & O_NONBLOCK) == 0 &&
  339             (tp->t_termios.c_cflag & CLOCAL) == 0) {
  340                 while ((ttydevsw_modem(tp, 0, 0) & SER_DCD) == 0) {
  341                         error = tty_wait(tp, &tp->t_dcdwait);
  342                         if (error != 0)
  343                                 goto done;
  344                 }
  345         }
  346 
  347         if (dev == dev_console)
  348                 tp->t_flags |= TF_OPENED_CONS;
  349         else if (TTY_CALLOUT(tp, dev))
  350                 tp->t_flags |= TF_OPENED_OUT;
  351         else
  352                 tp->t_flags |= TF_OPENED_IN;
  353         MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 ||
  354             (tp->t_flags & TF_OPENED_OUT) == 0);
  355 
  356 done:   tp->t_flags &= ~TF_OPENCLOSE;
  357         cv_broadcast(&tp->t_dcdwait);
  358         ttydev_leave(tp);
  359 
  360         return (error);
  361 }
  362 
  363 static int
  364 ttydev_close(struct cdev *dev, int fflag, int devtype __unused,
  365     struct thread *td __unused)
  366 {
  367         struct tty *tp = dev->si_drv1;
  368 
  369         tty_lock(tp);
  370 
  371         /*
  372          * Don't actually close the device if it is being used as the
  373          * console.
  374          */
  375         MPASS((tp->t_flags & (TF_OPENED_CONS | TF_OPENED_IN)) == 0 ||
  376             (tp->t_flags & TF_OPENED_OUT) == 0);
  377         if (dev == dev_console)
  378                 tp->t_flags &= ~TF_OPENED_CONS;
  379         else
  380                 tp->t_flags &= ~(TF_OPENED_IN|TF_OPENED_OUT);
  381 
  382         if (tp->t_flags & TF_OPENED) {
  383                 tty_unlock(tp);
  384                 return (0);
  385         }
  386 
  387         /* If revoking, flush output now to avoid draining it later. */
  388         if (fflag & FREVOKE)
  389                 tty_flush(tp, FWRITE);
  390 
  391         tp->t_flags &= ~TF_EXCLUDE;
  392 
  393         /* Properly wake up threads that are stuck - revoke(). */
  394         tp->t_revokecnt++;
  395         tty_wakeup(tp, FREAD|FWRITE);
  396         cv_broadcast(&tp->t_bgwait);
  397         cv_broadcast(&tp->t_dcdwait);
  398 
  399         ttydev_leave(tp);
  400 
  401         return (0);
  402 }
  403 
  404 static __inline int
  405 tty_is_ctty(struct tty *tp, struct proc *p)
  406 {
  407 
  408         tty_assert_locked(tp);
  409 
  410         return (p->p_session == tp->t_session && p->p_flag & P_CONTROLT);
  411 }
  412 
  413 int
  414 tty_wait_background(struct tty *tp, struct thread *td, int sig)
  415 {
  416         struct proc *p;
  417         struct pgrp *pg;
  418         ksiginfo_t ksi;
  419         int error;
  420 
  421         MPASS(sig == SIGTTIN || sig == SIGTTOU);
  422         tty_assert_locked(tp);
  423 
  424         p = td->td_proc;
  425         for (;;) {
  426                 pg = p->p_pgrp;
  427                 PGRP_LOCK(pg);
  428                 PROC_LOCK(p);
  429 
  430                 /*
  431                  * pg may no longer be our process group.
  432                  * Re-check after locking.
  433                  */
  434                 if (p->p_pgrp != pg) {
  435                         PROC_UNLOCK(p);
  436                         PGRP_UNLOCK(pg);
  437                         continue;
  438                 }
  439 
  440                 /*
  441                  * The process should only sleep, when:
  442                  * - This terminal is the controlling terminal
  443                  * - Its process group is not the foreground process
  444                  *   group
  445                  * - The parent process isn't waiting for the child to
  446                  *   exit
  447                  * - the signal to send to the process isn't masked
  448                  */
  449                 if (!tty_is_ctty(tp, p) || p->p_pgrp == tp->t_pgrp) {
  450                         /* Allow the action to happen. */
  451                         PROC_UNLOCK(p);
  452                         PGRP_UNLOCK(pg);
  453                         return (0);
  454                 }
  455 
  456                 if (SIGISMEMBER(p->p_sigacts->ps_sigignore, sig) ||
  457                     SIGISMEMBER(td->td_sigmask, sig)) {
  458                         /* Only allow them in write()/ioctl(). */
  459                         PROC_UNLOCK(p);
  460                         PGRP_UNLOCK(pg);
  461                         return (sig == SIGTTOU ? 0 : EIO);
  462                 }
  463 
  464                 if ((p->p_flag & P_PPWAIT) != 0 ||
  465                     (pg->pg_flags & PGRP_ORPHANED) != 0) {
  466                         /* Don't allow the action to happen. */
  467                         PROC_UNLOCK(p);
  468                         PGRP_UNLOCK(pg);
  469                         return (EIO);
  470                 }
  471                 PROC_UNLOCK(p);
  472 
  473                 /*
  474                  * Send the signal and sleep until we're the new
  475                  * foreground process group.
  476                  */
  477                 if (sig != 0) {
  478                         ksiginfo_init(&ksi);
  479                         ksi.ksi_code = SI_KERNEL;
  480                         ksi.ksi_signo = sig;
  481                         sig = 0;
  482                 }
  483 
  484                 pgsignal(pg, ksi.ksi_signo, 1, &ksi);
  485                 PGRP_UNLOCK(pg);
  486 
  487                 error = tty_wait(tp, &tp->t_bgwait);
  488                 if (error)
  489                         return (error);
  490         }
  491 }
  492 
  493 static int
  494 ttydev_read(struct cdev *dev, struct uio *uio, int ioflag)
  495 {
  496         struct tty *tp = dev->si_drv1;
  497         int error;
  498 
  499         error = ttydev_enter(tp);
  500         if (error)
  501                 goto done;
  502         error = ttydisc_read(tp, uio, ioflag);
  503         tty_unlock(tp);
  504 
  505         /*
  506          * The read() call should not throw an error when the device is
  507          * being destroyed. Silently convert it to an EOF.
  508          */
  509 done:   if (error == ENXIO)
  510                 error = 0;
  511         return (error);
  512 }
  513 
  514 static int
  515 ttydev_write(struct cdev *dev, struct uio *uio, int ioflag)
  516 {
  517         struct tty *tp = dev->si_drv1;
  518         int defer, error;
  519 
  520         error = ttydev_enter(tp);
  521         if (error)
  522                 return (error);
  523 
  524         if (tp->t_termios.c_lflag & TOSTOP) {
  525                 error = tty_wait_background(tp, curthread, SIGTTOU);
  526                 if (error)
  527                         goto done;
  528         }
  529 
  530         if (ioflag & IO_NDELAY && tp->t_flags & TF_BUSY_OUT) {
  531                 /* Allow non-blocking writes to bypass serialization. */
  532                 error = ttydisc_write(tp, uio, ioflag);
  533         } else {
  534                 /* Serialize write() calls. */
  535                 while (tp->t_flags & TF_BUSY_OUT) {
  536                         error = tty_wait(tp, &tp->t_outserwait);
  537                         if (error)
  538                                 goto done;
  539                 }
  540 
  541                 tp->t_flags |= TF_BUSY_OUT;
  542                 defer = sigdeferstop(SIGDEFERSTOP_ERESTART);
  543                 error = ttydisc_write(tp, uio, ioflag);
  544                 sigallowstop(defer);
  545                 tp->t_flags &= ~TF_BUSY_OUT;
  546                 cv_signal(&tp->t_outserwait);
  547         }
  548 
  549 done:   tty_unlock(tp);
  550         return (error);
  551 }
  552 
  553 static int
  554 ttydev_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag,
  555     struct thread *td)
  556 {
  557         struct tty *tp = dev->si_drv1;
  558         int error;
  559 
  560         error = ttydev_enter(tp);
  561         if (error)
  562                 return (error);
  563 
  564         switch (cmd) {
  565         case TIOCCBRK:
  566         case TIOCCONS:
  567         case TIOCDRAIN:
  568         case TIOCEXCL:
  569         case TIOCFLUSH:
  570         case TIOCNXCL:
  571         case TIOCSBRK:
  572         case TIOCSCTTY:
  573         case TIOCSETA:
  574         case TIOCSETAF:
  575         case TIOCSETAW:
  576         case TIOCSPGRP:
  577         case TIOCSTART:
  578         case TIOCSTAT:
  579         case TIOCSTI:
  580         case TIOCSTOP:
  581         case TIOCSWINSZ:
  582 #if 0
  583         case TIOCSDRAINWAIT:
  584         case TIOCSETD:
  585 #endif
  586 #ifdef COMPAT_43TTY
  587         case  TIOCLBIC:
  588         case  TIOCLBIS:
  589         case  TIOCLSET:
  590         case  TIOCSETC:
  591         case OTIOCSETD:
  592         case  TIOCSETN:
  593         case  TIOCSETP:
  594         case  TIOCSLTC:
  595 #endif /* COMPAT_43TTY */
  596                 /*
  597                  * If the ioctl() causes the TTY to be modified, let it
  598                  * wait in the background.
  599                  */
  600                 error = tty_wait_background(tp, curthread, SIGTTOU);
  601                 if (error)
  602                         goto done;
  603         }
  604 
  605         if (cmd == TIOCSETA || cmd == TIOCSETAW || cmd == TIOCSETAF) {
  606                 struct termios *old = &tp->t_termios;
  607                 struct termios *new = (struct termios *)data;
  608                 struct termios *lock = TTY_CALLOUT(tp, dev) ?
  609                     &tp->t_termios_lock_out : &tp->t_termios_lock_in;
  610                 int cc;
  611 
  612                 /*
  613                  * Lock state devices.  Just overwrite the values of the
  614                  * commands that are currently in use.
  615                  */
  616                 new->c_iflag = (old->c_iflag & lock->c_iflag) |
  617                     (new->c_iflag & ~lock->c_iflag);
  618                 new->c_oflag = (old->c_oflag & lock->c_oflag) |
  619                     (new->c_oflag & ~lock->c_oflag);
  620                 new->c_cflag = (old->c_cflag & lock->c_cflag) |
  621                     (new->c_cflag & ~lock->c_cflag);
  622                 new->c_lflag = (old->c_lflag & lock->c_lflag) |
  623                     (new->c_lflag & ~lock->c_lflag);
  624                 for (cc = 0; cc < NCCS; ++cc)
  625                         if (lock->c_cc[cc])
  626                                 new->c_cc[cc] = old->c_cc[cc];
  627                 if (lock->c_ispeed)
  628                         new->c_ispeed = old->c_ispeed;
  629                 if (lock->c_ospeed)
  630                         new->c_ospeed = old->c_ospeed;
  631         }
  632 
  633         error = tty_ioctl(tp, cmd, data, fflag, td);
  634 done:   tty_unlock(tp);
  635 
  636         return (error);
  637 }
  638 
  639 static int
  640 ttydev_poll(struct cdev *dev, int events, struct thread *td)
  641 {
  642         struct tty *tp = dev->si_drv1;
  643         int error, revents = 0;
  644 
  645         error = ttydev_enter(tp);
  646         if (error)
  647                 return ((events & (POLLIN|POLLRDNORM)) | POLLHUP);
  648 
  649         if (events & (POLLIN|POLLRDNORM)) {
  650                 /* See if we can read something. */
  651                 if (ttydisc_read_poll(tp) > 0)
  652                         revents |= events & (POLLIN|POLLRDNORM);
  653         }
  654 
  655         if (tp->t_flags & TF_ZOMBIE) {
  656                 /* Hangup flag on zombie state. */
  657                 revents |= POLLHUP;
  658         } else if (events & (POLLOUT|POLLWRNORM)) {
  659                 /* See if we can write something. */
  660                 if (ttydisc_write_poll(tp) > 0)
  661                         revents |= events & (POLLOUT|POLLWRNORM);
  662         }
  663 
  664         if (revents == 0) {
  665                 if (events & (POLLIN|POLLRDNORM))
  666                         selrecord(td, &tp->t_inpoll);
  667                 if (events & (POLLOUT|POLLWRNORM))
  668                         selrecord(td, &tp->t_outpoll);
  669         }
  670 
  671         tty_unlock(tp);
  672 
  673         return (revents);
  674 }
  675 
  676 static int
  677 ttydev_mmap(struct cdev *dev, vm_ooffset_t offset, vm_paddr_t *paddr,
  678     int nprot, vm_memattr_t *memattr)
  679 {
  680         struct tty *tp = dev->si_drv1;
  681         int error;
  682 
  683         /* Handle mmap() through the driver. */
  684 
  685         error = ttydev_enter(tp);
  686         if (error)
  687                 return (-1);
  688         error = ttydevsw_mmap(tp, offset, paddr, nprot, memattr);
  689         tty_unlock(tp);
  690 
  691         return (error);
  692 }
  693 
  694 /*
  695  * kqueue support.
  696  */
  697 
  698 static void
  699 tty_kqops_read_detach(struct knote *kn)
  700 {
  701         struct tty *tp = kn->kn_hook;
  702 
  703         knlist_remove(&tp->t_inpoll.si_note, kn, 0);
  704 }
  705 
  706 static int
  707 tty_kqops_read_event(struct knote *kn, long hint __unused)
  708 {
  709         struct tty *tp = kn->kn_hook;
  710 
  711         tty_assert_locked(tp);
  712 
  713         if (tty_gone(tp) || tp->t_flags & TF_ZOMBIE) {
  714                 kn->kn_flags |= EV_EOF;
  715                 return (1);
  716         } else {
  717                 kn->kn_data = ttydisc_read_poll(tp);
  718                 return (kn->kn_data > 0);
  719         }
  720 }
  721 
  722 static void
  723 tty_kqops_write_detach(struct knote *kn)
  724 {
  725         struct tty *tp = kn->kn_hook;
  726 
  727         knlist_remove(&tp->t_outpoll.si_note, kn, 0);
  728 }
  729 
  730 static int
  731 tty_kqops_write_event(struct knote *kn, long hint __unused)
  732 {
  733         struct tty *tp = kn->kn_hook;
  734 
  735         tty_assert_locked(tp);
  736 
  737         if (tty_gone(tp)) {
  738                 kn->kn_flags |= EV_EOF;
  739                 return (1);
  740         } else {
  741                 kn->kn_data = ttydisc_write_poll(tp);
  742                 return (kn->kn_data > 0);
  743         }
  744 }
  745 
  746 static struct filterops tty_kqops_read = {
  747         .f_isfd = 1,
  748         .f_detach = tty_kqops_read_detach,
  749         .f_event = tty_kqops_read_event,
  750 };
  751 
  752 static struct filterops tty_kqops_write = {
  753         .f_isfd = 1,
  754         .f_detach = tty_kqops_write_detach,
  755         .f_event = tty_kqops_write_event,
  756 };
  757 
  758 static int
  759 ttydev_kqfilter(struct cdev *dev, struct knote *kn)
  760 {
  761         struct tty *tp = dev->si_drv1;
  762         int error;
  763 
  764         error = ttydev_enter(tp);
  765         if (error)
  766                 return (error);
  767 
  768         switch (kn->kn_filter) {
  769         case EVFILT_READ:
  770                 kn->kn_hook = tp;
  771                 kn->kn_fop = &tty_kqops_read;
  772                 knlist_add(&tp->t_inpoll.si_note, kn, 1);
  773                 break;
  774         case EVFILT_WRITE:
  775                 kn->kn_hook = tp;
  776                 kn->kn_fop = &tty_kqops_write;
  777                 knlist_add(&tp->t_outpoll.si_note, kn, 1);
  778                 break;
  779         default:
  780                 error = EINVAL;
  781                 break;
  782         }
  783 
  784         tty_unlock(tp);
  785         return (error);
  786 }
  787 
  788 static struct cdevsw ttydev_cdevsw = {
  789         .d_version      = D_VERSION,
  790         .d_open         = ttydev_open,
  791         .d_close        = ttydev_close,
  792         .d_read         = ttydev_read,
  793         .d_write        = ttydev_write,
  794         .d_ioctl        = ttydev_ioctl,
  795         .d_kqfilter     = ttydev_kqfilter,
  796         .d_poll         = ttydev_poll,
  797         .d_mmap         = ttydev_mmap,
  798         .d_name         = "ttydev",
  799         .d_flags        = D_TTY,
  800 };
  801 
  802 /*
  803  * Init/lock-state devices
  804  */
  805 
  806 static int
  807 ttyil_open(struct cdev *dev, int oflags __unused, int devtype __unused,
  808     struct thread *td)
  809 {
  810         struct tty *tp;
  811         int error;
  812 
  813         tp = dev->si_drv1;
  814         error = 0;
  815         tty_lock(tp);
  816         if (tty_gone(tp))
  817                 error = ENODEV;
  818         tty_unlock(tp);
  819 
  820         return (error);
  821 }
  822 
  823 static int
  824 ttyil_close(struct cdev *dev __unused, int flag __unused, int mode __unused,
  825     struct thread *td __unused)
  826 {
  827 
  828         return (0);
  829 }
  830 
  831 static int
  832 ttyil_rdwr(struct cdev *dev __unused, struct uio *uio __unused,
  833     int ioflag __unused)
  834 {
  835 
  836         return (ENODEV);
  837 }
  838 
  839 static int
  840 ttyil_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag,
  841     struct thread *td)
  842 {
  843         struct tty *tp = dev->si_drv1;
  844         int error;
  845 
  846         tty_lock(tp);
  847         if (tty_gone(tp)) {
  848                 error = ENODEV;
  849                 goto done;
  850         }
  851 
  852         error = ttydevsw_cioctl(tp, dev2unit(dev), cmd, data, td);
  853         if (error != ENOIOCTL)
  854                 goto done;
  855         error = 0;
  856 
  857         switch (cmd) {
  858         case TIOCGETA:
  859                 /* Obtain terminal flags through tcgetattr(). */
  860                 *(struct termios*)data = *(struct termios*)dev->si_drv2;
  861                 break;
  862         case TIOCSETA:
  863                 /* Set terminal flags through tcsetattr(). */
  864                 error = priv_check(td, PRIV_TTY_SETA);
  865                 if (error)
  866                         break;
  867                 *(struct termios*)dev->si_drv2 = *(struct termios*)data;
  868                 break;
  869         case TIOCGETD:
  870                 *(int *)data = TTYDISC;
  871                 break;
  872         case TIOCGWINSZ:
  873                 bzero(data, sizeof(struct winsize));
  874                 break;
  875         default:
  876                 error = ENOTTY;
  877         }
  878 
  879 done:   tty_unlock(tp);
  880         return (error);
  881 }
  882 
  883 static struct cdevsw ttyil_cdevsw = {
  884         .d_version      = D_VERSION,
  885         .d_open         = ttyil_open,
  886         .d_close        = ttyil_close,
  887         .d_read         = ttyil_rdwr,
  888         .d_write        = ttyil_rdwr,
  889         .d_ioctl        = ttyil_ioctl,
  890         .d_name         = "ttyil",
  891         .d_flags        = D_TTY,
  892 };
  893 
  894 static void
  895 tty_init_termios(struct tty *tp)
  896 {
  897         struct termios *t = &tp->t_termios_init_in;
  898 
  899         t->c_cflag = TTYDEF_CFLAG;
  900         t->c_iflag = TTYDEF_IFLAG;
  901         t->c_lflag = TTYDEF_LFLAG;
  902         t->c_oflag = TTYDEF_OFLAG;
  903         t->c_ispeed = TTYDEF_SPEED;
  904         t->c_ospeed = TTYDEF_SPEED;
  905         memcpy(&t->c_cc, ttydefchars, sizeof ttydefchars);
  906 
  907         tp->t_termios_init_out = *t;
  908 }
  909 
  910 void
  911 tty_init_console(struct tty *tp, speed_t s)
  912 {
  913         struct termios *ti = &tp->t_termios_init_in;
  914         struct termios *to = &tp->t_termios_init_out;
  915 
  916         if (s != 0) {
  917                 ti->c_ispeed = ti->c_ospeed = s;
  918                 to->c_ispeed = to->c_ospeed = s;
  919         }
  920 
  921         ti->c_cflag |= CLOCAL;
  922         to->c_cflag |= CLOCAL;
  923 }
  924 
  925 /*
  926  * Standard device routine implementations, mostly meant for
  927  * pseudo-terminal device drivers. When a driver creates a new terminal
  928  * device class, missing routines are patched.
  929  */
  930 
  931 static int
  932 ttydevsw_defopen(struct tty *tp __unused)
  933 {
  934 
  935         return (0);
  936 }
  937 
  938 static void
  939 ttydevsw_defclose(struct tty *tp __unused)
  940 {
  941 
  942 }
  943 
  944 static void
  945 ttydevsw_defoutwakeup(struct tty *tp __unused)
  946 {
  947 
  948         panic("Terminal device has output, while not implemented");
  949 }
  950 
  951 static void
  952 ttydevsw_definwakeup(struct tty *tp __unused)
  953 {
  954 
  955 }
  956 
  957 static int
  958 ttydevsw_defioctl(struct tty *tp __unused, u_long cmd __unused,
  959     caddr_t data __unused, struct thread *td __unused)
  960 {
  961 
  962         return (ENOIOCTL);
  963 }
  964 
  965 static int
  966 ttydevsw_defcioctl(struct tty *tp __unused, int unit __unused,
  967     u_long cmd __unused, caddr_t data __unused, struct thread *td __unused)
  968 {
  969 
  970         return (ENOIOCTL);
  971 }
  972 
  973 static int
  974 ttydevsw_defparam(struct tty *tp __unused, struct termios *t)
  975 {
  976 
  977         /*
  978          * Allow the baud rate to be adjusted for pseudo-devices, but at
  979          * least restrict it to 115200 to prevent excessive buffer
  980          * usage.  Also disallow 0, to prevent foot shooting.
  981          */
  982         if (t->c_ispeed < B50)
  983                 t->c_ispeed = B50;
  984         else if (t->c_ispeed > B115200)
  985                 t->c_ispeed = B115200;
  986         if (t->c_ospeed < B50)
  987                 t->c_ospeed = B50;
  988         else if (t->c_ospeed > B115200)
  989                 t->c_ospeed = B115200;
  990         t->c_cflag |= CREAD;
  991 
  992         return (0);
  993 }
  994 
  995 static int
  996 ttydevsw_defmodem(struct tty *tp __unused, int sigon __unused,
  997     int sigoff __unused)
  998 {
  999 
 1000         /* Simulate a carrier to make the TTY layer happy. */
 1001         return (SER_DCD);
 1002 }
 1003 
 1004 static int
 1005 ttydevsw_defmmap(struct tty *tp __unused, vm_ooffset_t offset __unused,
 1006     vm_paddr_t *paddr __unused, int nprot __unused,
 1007     vm_memattr_t *memattr __unused)
 1008 {
 1009 
 1010         return (-1);
 1011 }
 1012 
 1013 static void
 1014 ttydevsw_defpktnotify(struct tty *tp __unused, char event __unused)
 1015 {
 1016 
 1017 }
 1018 
 1019 static void
 1020 ttydevsw_deffree(void *softc __unused)
 1021 {
 1022 
 1023         panic("Terminal device freed without a free-handler");
 1024 }
 1025 
 1026 static bool
 1027 ttydevsw_defbusy(struct tty *tp __unused)
 1028 {
 1029 
 1030         return (FALSE);
 1031 }
 1032 
 1033 /*
 1034  * TTY allocation and deallocation. TTY devices can be deallocated when
 1035  * the driver doesn't use it anymore, when the TTY isn't a session's
 1036  * controlling TTY and when the device node isn't opened through devfs.
 1037  */
 1038 
 1039 struct tty *
 1040 tty_alloc(struct ttydevsw *tsw, void *sc)
 1041 {
 1042 
 1043         return (tty_alloc_mutex(tsw, sc, NULL));
 1044 }
 1045 
 1046 struct tty *
 1047 tty_alloc_mutex(struct ttydevsw *tsw, void *sc, struct mtx *mutex)
 1048 {
 1049         struct tty *tp;
 1050 
 1051         /* Make sure the driver defines all routines. */
 1052 #define PATCH_FUNC(x) do {                              \
 1053         if (tsw->tsw_ ## x == NULL)                     \
 1054                 tsw->tsw_ ## x = ttydevsw_def ## x;     \
 1055 } while (0)
 1056         PATCH_FUNC(open);
 1057         PATCH_FUNC(close);
 1058         PATCH_FUNC(outwakeup);
 1059         PATCH_FUNC(inwakeup);
 1060         PATCH_FUNC(ioctl);
 1061         PATCH_FUNC(cioctl);
 1062         PATCH_FUNC(param);
 1063         PATCH_FUNC(modem);
 1064         PATCH_FUNC(mmap);
 1065         PATCH_FUNC(pktnotify);
 1066         PATCH_FUNC(free);
 1067         PATCH_FUNC(busy);
 1068 #undef PATCH_FUNC
 1069 
 1070         tp = malloc(sizeof(struct tty), M_TTY, M_WAITOK|M_ZERO);
 1071         tp->t_devsw = tsw;
 1072         tp->t_devswsoftc = sc;
 1073         tp->t_flags = tsw->tsw_flags;
 1074         tp->t_drainwait = tty_drainwait;
 1075 
 1076         tty_init_termios(tp);
 1077 
 1078         cv_init(&tp->t_inwait, "ttyin");
 1079         cv_init(&tp->t_outwait, "ttyout");
 1080         cv_init(&tp->t_outserwait, "ttyosr");
 1081         cv_init(&tp->t_bgwait, "ttybg");
 1082         cv_init(&tp->t_dcdwait, "ttydcd");
 1083 
 1084         /* Allow drivers to use a custom mutex to lock the TTY. */
 1085         if (mutex != NULL) {
 1086                 tp->t_mtx = mutex;
 1087         } else {
 1088                 tp->t_mtx = &tp->t_mtxobj;
 1089                 mtx_init(&tp->t_mtxobj, "ttymtx", NULL, MTX_DEF);
 1090         }
 1091 
 1092         knlist_init_mtx(&tp->t_inpoll.si_note, tp->t_mtx);
 1093         knlist_init_mtx(&tp->t_outpoll.si_note, tp->t_mtx);
 1094 
 1095         return (tp);
 1096 }
 1097 
 1098 static void
 1099 tty_dealloc(void *arg)
 1100 {
 1101         struct tty *tp = arg;
 1102 
 1103         /*
 1104          * ttyydev_leave() usually frees the i/o queues earlier, but it is
 1105          * not always called between queue allocation and here.  The queues
 1106          * may be allocated by ioctls on a pty control device without the
 1107          * corresponding pty slave device ever being open, or after it is
 1108          * closed.
 1109          */
 1110         ttyinq_free(&tp->t_inq);
 1111         ttyoutq_free(&tp->t_outq);
 1112         seldrain(&tp->t_inpoll);
 1113         seldrain(&tp->t_outpoll);
 1114         knlist_destroy(&tp->t_inpoll.si_note);
 1115         knlist_destroy(&tp->t_outpoll.si_note);
 1116 
 1117         cv_destroy(&tp->t_inwait);
 1118         cv_destroy(&tp->t_outwait);
 1119         cv_destroy(&tp->t_bgwait);
 1120         cv_destroy(&tp->t_dcdwait);
 1121         cv_destroy(&tp->t_outserwait);
 1122 
 1123         if (tp->t_mtx == &tp->t_mtxobj)
 1124                 mtx_destroy(&tp->t_mtxobj);
 1125         ttydevsw_free(tp);
 1126         free(tp, M_TTY);
 1127 }
 1128 
 1129 static void
 1130 tty_rel_free(struct tty *tp)
 1131 {
 1132         struct cdev *dev;
 1133 
 1134         tty_assert_locked(tp);
 1135 
 1136 #define TF_ACTIVITY     (TF_GONE|TF_OPENED|TF_HOOK|TF_OPENCLOSE)
 1137         if (tp->t_sessioncnt != 0 || (tp->t_flags & TF_ACTIVITY) != TF_GONE) {
 1138                 /* TTY is still in use. */
 1139                 tty_unlock(tp);
 1140                 return;
 1141         }
 1142 
 1143         /* Stop asynchronous I/O. */
 1144         funsetown(&tp->t_sigio);
 1145 
 1146         /* TTY can be deallocated. */
 1147         dev = tp->t_dev;
 1148         tp->t_dev = NULL;
 1149         tty_unlock(tp);
 1150 
 1151         if (dev != NULL) {
 1152                 sx_xlock(&tty_list_sx);
 1153                 TAILQ_REMOVE(&tty_list, tp, t_list);
 1154                 tty_list_count--;
 1155                 sx_xunlock(&tty_list_sx);
 1156                 destroy_dev_sched_cb(dev, tty_dealloc, tp);
 1157         }
 1158 }
 1159 
 1160 void
 1161 tty_rel_pgrp(struct tty *tp, struct pgrp *pg)
 1162 {
 1163 
 1164         MPASS(tp->t_sessioncnt > 0);
 1165         tty_assert_locked(tp);
 1166 
 1167         if (tp->t_pgrp == pg)
 1168                 tp->t_pgrp = NULL;
 1169 
 1170         tty_unlock(tp);
 1171 }
 1172 
 1173 void
 1174 tty_rel_sess(struct tty *tp, struct session *sess)
 1175 {
 1176 
 1177         MPASS(tp->t_sessioncnt > 0);
 1178 
 1179         /* Current session has left. */
 1180         if (tp->t_session == sess) {
 1181                 tp->t_session = NULL;
 1182                 MPASS(tp->t_pgrp == NULL);
 1183         }
 1184         tp->t_sessioncnt--;
 1185         tty_rel_free(tp);
 1186 }
 1187 
 1188 void
 1189 tty_rel_gone(struct tty *tp)
 1190 {
 1191 
 1192         tty_assert_locked(tp);
 1193         MPASS(!tty_gone(tp));
 1194 
 1195         /* Simulate carrier removal. */
 1196         ttydisc_modem(tp, 0);
 1197 
 1198         /* Wake up all blocked threads. */
 1199         tty_wakeup(tp, FREAD|FWRITE);
 1200         cv_broadcast(&tp->t_bgwait);
 1201         cv_broadcast(&tp->t_dcdwait);
 1202 
 1203         tp->t_flags |= TF_GONE;
 1204         tty_rel_free(tp);
 1205 }
 1206 
 1207 static int
 1208 tty_drop_ctty(struct tty *tp, struct proc *p)
 1209 {
 1210         struct session *session;
 1211         struct vnode *vp;
 1212 
 1213         /*
 1214          * This looks terrible, but it's generally safe as long as the tty
 1215          * hasn't gone away while we had the lock dropped.  All of our sanity
 1216          * checking that this operation is OK happens after we've picked it back
 1217          * up, so other state changes are generally not fatal and the potential
 1218          * for this particular operation to happen out-of-order in a
 1219          * multithreaded scenario is likely a non-issue.
 1220          */
 1221         tty_unlock(tp);
 1222         sx_xlock(&proctree_lock);
 1223         tty_lock(tp);
 1224         if (tty_gone(tp)) {
 1225                 sx_xunlock(&proctree_lock);
 1226                 return (ENODEV);
 1227         }
 1228 
 1229         /*
 1230          * If the session doesn't have a controlling TTY, or if we weren't
 1231          * invoked on the controlling TTY, we'll return ENOIOCTL as we've
 1232          * historically done.
 1233          */
 1234         session = p->p_session;
 1235         if (session->s_ttyp == NULL || session->s_ttyp != tp) {
 1236                 sx_xunlock(&proctree_lock);
 1237                 return (ENOTTY);
 1238         }
 1239 
 1240         if (!SESS_LEADER(p)) {
 1241                 sx_xunlock(&proctree_lock);
 1242                 return (EPERM);
 1243         }
 1244 
 1245         PROC_LOCK(p);
 1246         SESS_LOCK(session);
 1247         vp = session->s_ttyvp;
 1248         session->s_ttyp = NULL;
 1249         session->s_ttyvp = NULL;
 1250         session->s_ttydp = NULL;
 1251         SESS_UNLOCK(session);
 1252 
 1253         tp->t_sessioncnt--;
 1254         p->p_flag &= ~P_CONTROLT;
 1255         PROC_UNLOCK(p);
 1256         sx_xunlock(&proctree_lock);
 1257 
 1258         /*
 1259          * If we did have a vnode, release our reference.  Ordinarily we manage
 1260          * these at the devfs layer, but we can't necessarily know that we were
 1261          * invoked on the vnode referenced in the session (i.e. the vnode we
 1262          * hold a reference to).  We explicitly don't check VBAD/VI_DOOMED here
 1263          * to avoid a vnode leak -- in circumstances elsewhere where we'd hit a
 1264          * VI_DOOMED vnode, release has been deferred until the controlling TTY
 1265          * is either changed or released.
 1266          */
 1267         if (vp != NULL)
 1268                 vrele(vp);
 1269         return (0);
 1270 }
 1271 
 1272 /*
 1273  * Exposing information about current TTY's through sysctl
 1274  */
 1275 
 1276 static void
 1277 tty_to_xtty(struct tty *tp, struct xtty *xt)
 1278 {
 1279 
 1280         tty_assert_locked(tp);
 1281 
 1282         xt->xt_size = sizeof(struct xtty);
 1283         xt->xt_insize = ttyinq_getsize(&tp->t_inq);
 1284         xt->xt_incc = ttyinq_bytescanonicalized(&tp->t_inq);
 1285         xt->xt_inlc = ttyinq_bytesline(&tp->t_inq);
 1286         xt->xt_inlow = tp->t_inlow;
 1287         xt->xt_outsize = ttyoutq_getsize(&tp->t_outq);
 1288         xt->xt_outcc = ttyoutq_bytesused(&tp->t_outq);
 1289         xt->xt_outlow = tp->t_outlow;
 1290         xt->xt_column = tp->t_column;
 1291         xt->xt_pgid = tp->t_pgrp ? tp->t_pgrp->pg_id : 0;
 1292         xt->xt_sid = tp->t_session ? tp->t_session->s_sid : 0;
 1293         xt->xt_flags = tp->t_flags;
 1294         xt->xt_dev = tp->t_dev ? dev2udev(tp->t_dev) : (uint32_t)NODEV;
 1295 }
 1296 
 1297 static int
 1298 sysctl_kern_ttys(SYSCTL_HANDLER_ARGS)
 1299 {
 1300         unsigned long lsize;
 1301         struct xtty *xtlist, *xt;
 1302         struct tty *tp;
 1303         int error;
 1304 
 1305         sx_slock(&tty_list_sx);
 1306         lsize = tty_list_count * sizeof(struct xtty);
 1307         if (lsize == 0) {
 1308                 sx_sunlock(&tty_list_sx);
 1309                 return (0);
 1310         }
 1311 
 1312         xtlist = xt = malloc(lsize, M_TTY, M_WAITOK);
 1313 
 1314         TAILQ_FOREACH(tp, &tty_list, t_list) {
 1315                 tty_lock(tp);
 1316                 tty_to_xtty(tp, xt);
 1317                 tty_unlock(tp);
 1318                 xt++;
 1319         }
 1320         sx_sunlock(&tty_list_sx);
 1321 
 1322         error = SYSCTL_OUT(req, xtlist, lsize);
 1323         free(xtlist, M_TTY);
 1324         return (error);
 1325 }
 1326 
 1327 SYSCTL_PROC(_kern, OID_AUTO, ttys, CTLTYPE_OPAQUE|CTLFLAG_RD|CTLFLAG_MPSAFE,
 1328         0, 0, sysctl_kern_ttys, "S,xtty", "List of TTYs");
 1329 
 1330 /*
 1331  * Device node creation. Device has been set up, now we can expose it to
 1332  * the user.
 1333  */
 1334 
 1335 int
 1336 tty_makedevf(struct tty *tp, struct ucred *cred, int flags,
 1337     const char *fmt, ...)
 1338 {
 1339         va_list ap;
 1340         struct make_dev_args args;
 1341         struct cdev *dev, *init, *lock, *cua, *cinit, *clock;
 1342         const char *prefix = "tty";
 1343         char name[SPECNAMELEN - 3]; /* for "tty" and "cua". */
 1344         uid_t uid;
 1345         gid_t gid;
 1346         mode_t mode;
 1347         int error;
 1348 
 1349         /* Remove "tty" prefix from devices like PTY's. */
 1350         if (tp->t_flags & TF_NOPREFIX)
 1351                 prefix = "";
 1352 
 1353         va_start(ap, fmt);
 1354         vsnrprintf(name, sizeof name, 32, fmt, ap);
 1355         va_end(ap);
 1356 
 1357         if (cred == NULL) {
 1358                 /* System device. */
 1359                 uid = UID_ROOT;
 1360                 gid = GID_WHEEL;
 1361                 mode = S_IRUSR|S_IWUSR;
 1362         } else {
 1363                 /* User device. */
 1364                 uid = cred->cr_ruid;
 1365                 gid = GID_TTY;
 1366                 mode = S_IRUSR|S_IWUSR|S_IWGRP;
 1367         }
 1368 
 1369         flags = flags & TTYMK_CLONING ? MAKEDEV_REF : 0;
 1370         flags |= MAKEDEV_CHECKNAME;
 1371 
 1372         /* Master call-in device. */
 1373         make_dev_args_init(&args);
 1374         args.mda_flags = flags;
 1375         args.mda_devsw = &ttydev_cdevsw;
 1376         args.mda_cr = cred;
 1377         args.mda_uid = uid;
 1378         args.mda_gid = gid;
 1379         args.mda_mode = mode;
 1380         args.mda_si_drv1 = tp;
 1381         error = make_dev_s(&args, &dev, "%s%s", prefix, name);
 1382         if (error != 0)
 1383                 return (error);
 1384         tp->t_dev = dev;
 1385 
 1386         init = lock = cua = cinit = clock = NULL;
 1387 
 1388         /* Slave call-in devices. */
 1389         if (tp->t_flags & TF_INITLOCK) {
 1390                 args.mda_devsw = &ttyil_cdevsw;
 1391                 args.mda_unit = TTYUNIT_INIT;
 1392                 args.mda_si_drv1 = tp;
 1393                 args.mda_si_drv2 = &tp->t_termios_init_in;
 1394                 error = make_dev_s(&args, &init, "%s%s.init", prefix, name);
 1395                 if (error != 0)
 1396                         goto fail;
 1397                 dev_depends(dev, init);
 1398 
 1399                 args.mda_unit = TTYUNIT_LOCK;
 1400                 args.mda_si_drv2 = &tp->t_termios_lock_in;
 1401                 error = make_dev_s(&args, &lock, "%s%s.lock", prefix, name);
 1402                 if (error != 0)
 1403                         goto fail;
 1404                 dev_depends(dev, lock);
 1405         }
 1406 
 1407         /* Call-out devices. */
 1408         if (tp->t_flags & TF_CALLOUT) {
 1409                 make_dev_args_init(&args);
 1410                 args.mda_flags = flags;
 1411                 args.mda_devsw = &ttydev_cdevsw;
 1412                 args.mda_cr = cred;
 1413                 args.mda_uid = UID_UUCP;
 1414                 args.mda_gid = GID_DIALER;
 1415                 args.mda_mode = 0660;
 1416                 args.mda_unit = TTYUNIT_CALLOUT;
 1417                 args.mda_si_drv1 = tp;
 1418                 error = make_dev_s(&args, &cua, "cua%s", name);
 1419                 if (error != 0)
 1420                         goto fail;
 1421                 dev_depends(dev, cua);
 1422 
 1423                 /* Slave call-out devices. */
 1424                 if (tp->t_flags & TF_INITLOCK) {
 1425                         args.mda_devsw = &ttyil_cdevsw;
 1426                         args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_INIT;
 1427                         args.mda_si_drv2 = &tp->t_termios_init_out;
 1428                         error = make_dev_s(&args, &cinit, "cua%s.init", name);
 1429                         if (error != 0)
 1430                                 goto fail;
 1431                         dev_depends(dev, cinit);
 1432 
 1433                         args.mda_unit = TTYUNIT_CALLOUT | TTYUNIT_LOCK;
 1434                         args.mda_si_drv2 = &tp->t_termios_lock_out;
 1435                         error = make_dev_s(&args, &clock, "cua%s.lock", name);
 1436                         if (error != 0)
 1437                                 goto fail;
 1438                         dev_depends(dev, clock);
 1439                 }
 1440         }
 1441 
 1442         sx_xlock(&tty_list_sx);
 1443         TAILQ_INSERT_TAIL(&tty_list, tp, t_list);
 1444         tty_list_count++;
 1445         sx_xunlock(&tty_list_sx);
 1446 
 1447         return (0);
 1448 
 1449 fail:
 1450         destroy_dev(dev);
 1451         if (init)
 1452                 destroy_dev(init);
 1453         if (lock)
 1454                 destroy_dev(lock);
 1455         if (cinit)
 1456                 destroy_dev(cinit);
 1457         if (clock)
 1458                 destroy_dev(clock);
 1459 
 1460         return (error);
 1461 }
 1462 
 1463 /*
 1464  * Signalling processes.
 1465  */
 1466 
 1467 void
 1468 tty_signal_sessleader(struct tty *tp, int sig)
 1469 {
 1470         struct proc *p;
 1471         struct session *s;
 1472 
 1473         tty_assert_locked(tp);
 1474         MPASS(sig >= 1 && sig < NSIG);
 1475 
 1476         /* Make signals start output again. */
 1477         tp->t_flags &= ~TF_STOPPED;
 1478 
 1479         /*
 1480          * Load s_leader exactly once to avoid race where s_leader is
 1481          * set to NULL by a concurrent invocation of killjobc() by the
 1482          * session leader.  Note that we are not holding t_session's
 1483          * lock for the read.
 1484          */
 1485         if ((s = tp->t_session) != NULL &&
 1486             (p = atomic_load_ptr(&s->s_leader)) != NULL) {
 1487                 PROC_LOCK(p);
 1488                 kern_psignal(p, sig);
 1489                 PROC_UNLOCK(p);
 1490         }
 1491 }
 1492 
 1493 void
 1494 tty_signal_pgrp(struct tty *tp, int sig)
 1495 {
 1496         ksiginfo_t ksi;
 1497 
 1498         tty_assert_locked(tp);
 1499         MPASS(sig >= 1 && sig < NSIG);
 1500 
 1501         /* Make signals start output again. */
 1502         tp->t_flags &= ~TF_STOPPED;
 1503 
 1504         if (sig == SIGINFO && !(tp->t_termios.c_lflag & NOKERNINFO))
 1505                 tty_info(tp);
 1506         if (tp->t_pgrp != NULL) {
 1507                 ksiginfo_init(&ksi);
 1508                 ksi.ksi_signo = sig;
 1509                 ksi.ksi_code = SI_KERNEL;
 1510                 PGRP_LOCK(tp->t_pgrp);
 1511                 pgsignal(tp->t_pgrp, sig, 1, &ksi);
 1512                 PGRP_UNLOCK(tp->t_pgrp);
 1513         }
 1514 }
 1515 
 1516 void
 1517 tty_wakeup(struct tty *tp, int flags)
 1518 {
 1519 
 1520         if (tp->t_flags & TF_ASYNC && tp->t_sigio != NULL)
 1521                 pgsigio(&tp->t_sigio, SIGIO, (tp->t_session != NULL));
 1522 
 1523         if (flags & FWRITE) {
 1524                 cv_broadcast(&tp->t_outwait);
 1525                 selwakeup(&tp->t_outpoll);
 1526                 KNOTE_LOCKED(&tp->t_outpoll.si_note, 0);
 1527         }
 1528         if (flags & FREAD) {
 1529                 cv_broadcast(&tp->t_inwait);
 1530                 selwakeup(&tp->t_inpoll);
 1531                 KNOTE_LOCKED(&tp->t_inpoll.si_note, 0);
 1532         }
 1533 }
 1534 
 1535 int
 1536 tty_wait(struct tty *tp, struct cv *cv)
 1537 {
 1538         int error;
 1539         int revokecnt = tp->t_revokecnt;
 1540 
 1541         tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED);
 1542         MPASS(!tty_gone(tp));
 1543 
 1544         error = cv_wait_sig(cv, tp->t_mtx);
 1545 
 1546         /* Bail out when the device slipped away. */
 1547         if (tty_gone(tp))
 1548                 return (ENXIO);
 1549 
 1550         /* Restart the system call when we may have been revoked. */
 1551         if (tp->t_revokecnt != revokecnt)
 1552                 return (ERESTART);
 1553 
 1554         return (error);
 1555 }
 1556 
 1557 int
 1558 tty_timedwait(struct tty *tp, struct cv *cv, int hz)
 1559 {
 1560         int error;
 1561         int revokecnt = tp->t_revokecnt;
 1562 
 1563         tty_lock_assert(tp, MA_OWNED|MA_NOTRECURSED);
 1564         MPASS(!tty_gone(tp));
 1565 
 1566         error = cv_timedwait_sig(cv, tp->t_mtx, hz);
 1567 
 1568         /* Bail out when the device slipped away. */
 1569         if (tty_gone(tp))
 1570                 return (ENXIO);
 1571 
 1572         /* Restart the system call when we may have been revoked. */
 1573         if (tp->t_revokecnt != revokecnt)
 1574                 return (ERESTART);
 1575 
 1576         return (error);
 1577 }
 1578 
 1579 void
 1580 tty_flush(struct tty *tp, int flags)
 1581 {
 1582 
 1583         if (flags & FWRITE) {
 1584                 tp->t_flags &= ~TF_HIWAT_OUT;
 1585                 ttyoutq_flush(&tp->t_outq);
 1586                 tty_wakeup(tp, FWRITE);
 1587                 if (!tty_gone(tp)) {
 1588                         ttydevsw_outwakeup(tp);
 1589                         ttydevsw_pktnotify(tp, TIOCPKT_FLUSHWRITE);
 1590                 }
 1591         }
 1592         if (flags & FREAD) {
 1593                 tty_hiwat_in_unblock(tp);
 1594                 ttyinq_flush(&tp->t_inq);
 1595                 tty_wakeup(tp, FREAD);
 1596                 if (!tty_gone(tp)) {
 1597                         ttydevsw_inwakeup(tp);
 1598                         ttydevsw_pktnotify(tp, TIOCPKT_FLUSHREAD);
 1599                 }
 1600         }
 1601 }
 1602 
 1603 void
 1604 tty_set_winsize(struct tty *tp, const struct winsize *wsz)
 1605 {
 1606 
 1607         if (memcmp(&tp->t_winsize, wsz, sizeof(*wsz)) == 0)
 1608                 return;
 1609         tp->t_winsize = *wsz;
 1610         tty_signal_pgrp(tp, SIGWINCH);
 1611 }
 1612 
 1613 static int
 1614 tty_generic_ioctl(struct tty *tp, u_long cmd, void *data, int fflag,
 1615     struct thread *td)
 1616 {
 1617         int error;
 1618 
 1619         switch (cmd) {
 1620         /*
 1621          * Modem commands.
 1622          * The SER_* and TIOCM_* flags are the same, but one bit
 1623          * shifted. I don't know why.
 1624          */
 1625         case TIOCSDTR:
 1626                 ttydevsw_modem(tp, SER_DTR, 0);
 1627                 return (0);
 1628         case TIOCCDTR:
 1629                 ttydevsw_modem(tp, 0, SER_DTR);
 1630                 return (0);
 1631         case TIOCMSET: {
 1632                 int bits = *(int *)data;
 1633                 ttydevsw_modem(tp,
 1634                     (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1,
 1635                     ((~bits) & (TIOCM_DTR | TIOCM_RTS)) >> 1);
 1636                 return (0);
 1637         }
 1638         case TIOCMBIS: {
 1639                 int bits = *(int *)data;
 1640                 ttydevsw_modem(tp, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1, 0);
 1641                 return (0);
 1642         }
 1643         case TIOCMBIC: {
 1644                 int bits = *(int *)data;
 1645                 ttydevsw_modem(tp, 0, (bits & (TIOCM_DTR | TIOCM_RTS)) >> 1);
 1646                 return (0);
 1647         }
 1648         case TIOCMGET:
 1649                 *(int *)data = TIOCM_LE + (ttydevsw_modem(tp, 0, 0) << 1);
 1650                 return (0);
 1651 
 1652         case FIOASYNC:
 1653                 if (*(int *)data)
 1654                         tp->t_flags |= TF_ASYNC;
 1655                 else
 1656                         tp->t_flags &= ~TF_ASYNC;
 1657                 return (0);
 1658         case FIONBIO:
 1659                 /* This device supports non-blocking operation. */
 1660                 return (0);
 1661         case FIONREAD:
 1662                 *(int *)data = ttyinq_bytescanonicalized(&tp->t_inq);
 1663                 return (0);
 1664         case FIONWRITE:
 1665         case TIOCOUTQ:
 1666                 *(int *)data = ttyoutq_bytesused(&tp->t_outq);
 1667                 return (0);
 1668         case FIOSETOWN:
 1669                 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc))
 1670                         /* Not allowed to set ownership. */
 1671                         return (ENOTTY);
 1672 
 1673                 /* Temporarily unlock the TTY to set ownership. */
 1674                 tty_unlock(tp);
 1675                 error = fsetown(*(int *)data, &tp->t_sigio);
 1676                 tty_lock(tp);
 1677                 return (error);
 1678         case FIOGETOWN:
 1679                 if (tp->t_session != NULL && !tty_is_ctty(tp, td->td_proc))
 1680                         /* Not allowed to set ownership. */
 1681                         return (ENOTTY);
 1682 
 1683                 /* Get ownership. */
 1684                 *(int *)data = fgetown(&tp->t_sigio);
 1685                 return (0);
 1686         case TIOCGETA:
 1687                 /* Obtain terminal flags through tcgetattr(). */
 1688                 *(struct termios*)data = tp->t_termios;
 1689                 return (0);
 1690         case TIOCSETA:
 1691         case TIOCSETAW:
 1692         case TIOCSETAF: {
 1693                 struct termios *t = data;
 1694 
 1695                 /*
 1696                  * Who makes up these funny rules? According to POSIX,
 1697                  * input baud rate is set equal to the output baud rate
 1698                  * when zero.
 1699                  */
 1700                 if (t->c_ispeed == 0)
 1701                         t->c_ispeed = t->c_ospeed;
 1702 
 1703                 /* Discard any unsupported bits. */
 1704                 t->c_iflag &= TTYSUP_IFLAG;
 1705                 t->c_oflag &= TTYSUP_OFLAG;
 1706                 t->c_lflag &= TTYSUP_LFLAG;
 1707                 t->c_cflag &= TTYSUP_CFLAG;
 1708 
 1709                 /* Set terminal flags through tcsetattr(). */
 1710                 if (cmd == TIOCSETAW || cmd == TIOCSETAF) {
 1711                         error = tty_drain(tp, 0);
 1712                         if (error)
 1713                                 return (error);
 1714                         if (cmd == TIOCSETAF)
 1715                                 tty_flush(tp, FREAD);
 1716                 }
 1717 
 1718                 /*
 1719                  * Only call param() when the flags really change.
 1720                  */
 1721                 if ((t->c_cflag & CIGNORE) == 0 &&
 1722                     (tp->t_termios.c_cflag != t->c_cflag ||
 1723                     ((tp->t_termios.c_iflag ^ t->c_iflag) &
 1724                     (IXON|IXOFF|IXANY)) ||
 1725                     tp->t_termios.c_ispeed != t->c_ispeed ||
 1726                     tp->t_termios.c_ospeed != t->c_ospeed)) {
 1727                         error = ttydevsw_param(tp, t);
 1728                         if (error)
 1729                                 return (error);
 1730 
 1731                         /* XXX: CLOCAL? */
 1732 
 1733                         tp->t_termios.c_cflag = t->c_cflag & ~CIGNORE;
 1734                         tp->t_termios.c_ispeed = t->c_ispeed;
 1735                         tp->t_termios.c_ospeed = t->c_ospeed;
 1736 
 1737                         /* Baud rate has changed - update watermarks. */
 1738                         error = tty_watermarks(tp);
 1739                         if (error)
 1740                                 return (error);
 1741                 }
 1742 
 1743                 /* Copy new non-device driver parameters. */
 1744                 tp->t_termios.c_iflag = t->c_iflag;
 1745                 tp->t_termios.c_oflag = t->c_oflag;
 1746                 tp->t_termios.c_lflag = t->c_lflag;
 1747                 memcpy(&tp->t_termios.c_cc, t->c_cc, sizeof t->c_cc);
 1748 
 1749                 ttydisc_optimize(tp);
 1750 
 1751                 if ((t->c_lflag & ICANON) == 0) {
 1752                         /*
 1753                          * When in non-canonical mode, wake up all
 1754                          * readers. Canonicalize any partial input. VMIN
 1755                          * and VTIME could also be adjusted.
 1756                          */
 1757                         ttyinq_canonicalize(&tp->t_inq);
 1758                         tty_wakeup(tp, FREAD);
 1759                 }
 1760 
 1761                 /*
 1762                  * For packet mode: notify the PTY consumer that VSTOP
 1763                  * and VSTART may have been changed.
 1764                  */
 1765                 if (tp->t_termios.c_iflag & IXON &&
 1766                     tp->t_termios.c_cc[VSTOP] == CTRL('S') &&
 1767                     tp->t_termios.c_cc[VSTART] == CTRL('Q'))
 1768                         ttydevsw_pktnotify(tp, TIOCPKT_DOSTOP);
 1769                 else
 1770                         ttydevsw_pktnotify(tp, TIOCPKT_NOSTOP);
 1771                 return (0);
 1772         }
 1773         case TIOCGETD:
 1774                 /* For compatibility - we only support TTYDISC. */
 1775                 *(int *)data = TTYDISC;
 1776                 return (0);
 1777         case TIOCGPGRP:
 1778                 if (!tty_is_ctty(tp, td->td_proc))
 1779                         return (ENOTTY);
 1780 
 1781                 if (tp->t_pgrp != NULL)
 1782                         *(int *)data = tp->t_pgrp->pg_id;
 1783                 else
 1784                         *(int *)data = NO_PID;
 1785                 return (0);
 1786         case TIOCGSID:
 1787                 if (!tty_is_ctty(tp, td->td_proc))
 1788                         return (ENOTTY);
 1789 
 1790                 MPASS(tp->t_session);
 1791                 *(int *)data = tp->t_session->s_sid;
 1792                 return (0);
 1793         case TIOCNOTTY:
 1794                 return (tty_drop_ctty(tp, td->td_proc));
 1795         case TIOCSCTTY: {
 1796                 struct proc *p = td->td_proc;
 1797 
 1798                 /* XXX: This looks awful. */
 1799                 tty_unlock(tp);
 1800                 sx_xlock(&proctree_lock);
 1801                 tty_lock(tp);
 1802 
 1803                 if (!SESS_LEADER(p)) {
 1804                         /* Only the session leader may do this. */
 1805                         sx_xunlock(&proctree_lock);
 1806                         return (EPERM);
 1807                 }
 1808 
 1809                 if (tp->t_session != NULL && tp->t_session == p->p_session) {
 1810                         /* This is already our controlling TTY. */
 1811                         sx_xunlock(&proctree_lock);
 1812                         return (0);
 1813                 }
 1814 
 1815                 if (p->p_session->s_ttyp != NULL ||
 1816                     (tp->t_session != NULL && tp->t_session->s_ttyvp != NULL &&
 1817                     tp->t_session->s_ttyvp->v_type != VBAD)) {
 1818                         /*
 1819                          * There is already a relation between a TTY and
 1820                          * a session, or the caller is not the session
 1821                          * leader.
 1822                          *
 1823                          * Allow the TTY to be stolen when the vnode is
 1824                          * invalid, but the reference to the TTY is
 1825                          * still active.  This allows immediate reuse of
 1826                          * TTYs of which the session leader has been
 1827                          * killed or the TTY revoked.
 1828                          */
 1829                         sx_xunlock(&proctree_lock);
 1830                         return (EPERM);
 1831                 }
 1832 
 1833                 /* Connect the session to the TTY. */
 1834                 tp->t_session = p->p_session;
 1835                 tp->t_session->s_ttyp = tp;
 1836                 tp->t_sessioncnt++;
 1837 
 1838                 /* Assign foreground process group. */
 1839                 tp->t_pgrp = p->p_pgrp;
 1840                 PROC_LOCK(p);
 1841                 p->p_flag |= P_CONTROLT;
 1842                 PROC_UNLOCK(p);
 1843 
 1844                 sx_xunlock(&proctree_lock);
 1845                 return (0);
 1846         }
 1847         case TIOCSPGRP: {
 1848                 struct pgrp *pg;
 1849 
 1850                 /*
 1851                  * XXX: Temporarily unlock the TTY to locate the process
 1852                  * group. This code would be lot nicer if we would ever
 1853                  * decompose proctree_lock.
 1854                  */
 1855                 tty_unlock(tp);
 1856                 sx_slock(&proctree_lock);
 1857                 pg = pgfind(*(int *)data);
 1858                 if (pg != NULL)
 1859                         PGRP_UNLOCK(pg);
 1860                 if (pg == NULL || pg->pg_session != td->td_proc->p_session) {
 1861                         sx_sunlock(&proctree_lock);
 1862                         tty_lock(tp);
 1863                         return (EPERM);
 1864                 }
 1865                 tty_lock(tp);
 1866 
 1867                 /*
 1868                  * Determine if this TTY is the controlling TTY after
 1869                  * relocking the TTY.
 1870                  */
 1871                 if (!tty_is_ctty(tp, td->td_proc)) {
 1872                         sx_sunlock(&proctree_lock);
 1873                         return (ENOTTY);
 1874                 }
 1875                 tp->t_pgrp = pg;
 1876                 sx_sunlock(&proctree_lock);
 1877 
 1878                 /* Wake up the background process groups. */
 1879                 cv_broadcast(&tp->t_bgwait);
 1880                 return (0);
 1881         }
 1882         case TIOCFLUSH: {
 1883                 int flags = *(int *)data;
 1884 
 1885                 if (flags == 0)
 1886                         flags = (FREAD|FWRITE);
 1887                 else
 1888                         flags &= (FREAD|FWRITE);
 1889                 tty_flush(tp, flags);
 1890                 return (0);
 1891         }
 1892         case TIOCDRAIN:
 1893                 /* Drain TTY output. */
 1894                 return tty_drain(tp, 0);
 1895         case TIOCGDRAINWAIT:
 1896                 *(int *)data = tp->t_drainwait;
 1897                 return (0);
 1898         case TIOCSDRAINWAIT:
 1899                 error = priv_check(td, PRIV_TTY_DRAINWAIT);
 1900                 if (error == 0)
 1901                         tp->t_drainwait = *(int *)data;
 1902                 return (error);
 1903         case TIOCCONS:
 1904                 /* Set terminal as console TTY. */
 1905                 if (*(int *)data) {
 1906                         error = priv_check(td, PRIV_TTY_CONSOLE);
 1907                         if (error)
 1908                                 return (error);
 1909 
 1910                         /*
 1911                          * XXX: constty should really need to be locked!
 1912                          * XXX: allow disconnected constty's to be stolen!
 1913                          */
 1914 
 1915                         if (constty == tp)
 1916                                 return (0);
 1917                         if (constty != NULL)
 1918                                 return (EBUSY);
 1919 
 1920                         tty_unlock(tp);
 1921                         constty_set(tp);
 1922                         tty_lock(tp);
 1923                 } else if (constty == tp) {
 1924                         constty_clear();
 1925                 }
 1926                 return (0);
 1927         case TIOCGWINSZ:
 1928                 /* Obtain window size. */
 1929                 *(struct winsize*)data = tp->t_winsize;
 1930                 return (0);
 1931         case TIOCSWINSZ:
 1932                 /* Set window size. */
 1933                 tty_set_winsize(tp, data);
 1934                 return (0);
 1935         case TIOCEXCL:
 1936                 tp->t_flags |= TF_EXCLUDE;
 1937                 return (0);
 1938         case TIOCNXCL:
 1939                 tp->t_flags &= ~TF_EXCLUDE;
 1940                 return (0);
 1941         case TIOCSTOP:
 1942                 tp->t_flags |= TF_STOPPED;
 1943                 ttydevsw_pktnotify(tp, TIOCPKT_STOP);
 1944                 return (0);
 1945         case TIOCSTART:
 1946                 tp->t_flags &= ~TF_STOPPED;
 1947                 ttydevsw_outwakeup(tp);
 1948                 ttydevsw_pktnotify(tp, TIOCPKT_START);
 1949                 return (0);
 1950         case TIOCSTAT:
 1951                 tty_info(tp);
 1952                 return (0);
 1953         case TIOCSTI:
 1954                 if ((fflag & FREAD) == 0 && priv_check(td, PRIV_TTY_STI))
 1955                         return (EPERM);
 1956                 if (!tty_is_ctty(tp, td->td_proc) &&
 1957                     priv_check(td, PRIV_TTY_STI))
 1958                         return (EACCES);
 1959                 ttydisc_rint(tp, *(char *)data, 0);
 1960                 ttydisc_rint_done(tp);
 1961                 return (0);
 1962         }
 1963 
 1964 #ifdef COMPAT_43TTY
 1965         return tty_ioctl_compat(tp, cmd, data, fflag, td);
 1966 #else /* !COMPAT_43TTY */
 1967         return (ENOIOCTL);
 1968 #endif /* COMPAT_43TTY */
 1969 }
 1970 
 1971 int
 1972 tty_ioctl(struct tty *tp, u_long cmd, void *data, int fflag, struct thread *td)
 1973 {
 1974         int error;
 1975 
 1976         tty_assert_locked(tp);
 1977 
 1978         if (tty_gone(tp))
 1979                 return (ENXIO);
 1980 
 1981         error = ttydevsw_ioctl(tp, cmd, data, td);
 1982         if (error == ENOIOCTL)
 1983                 error = tty_generic_ioctl(tp, cmd, data, fflag, td);
 1984 
 1985         return (error);
 1986 }
 1987 
 1988 dev_t
 1989 tty_udev(struct tty *tp)
 1990 {
 1991 
 1992         if (tp->t_dev)
 1993                 return (dev2udev(tp->t_dev));
 1994         else
 1995                 return (NODEV);
 1996 }
 1997 
 1998 int
 1999 tty_checkoutq(struct tty *tp)
 2000 {
 2001 
 2002         /* 256 bytes should be enough to print a log message. */
 2003         return (ttyoutq_bytesleft(&tp->t_outq) >= 256);
 2004 }
 2005 
 2006 void
 2007 tty_hiwat_in_block(struct tty *tp)
 2008 {
 2009 
 2010         if ((tp->t_flags & TF_HIWAT_IN) == 0 &&
 2011             tp->t_termios.c_iflag & IXOFF &&
 2012             tp->t_termios.c_cc[VSTOP] != _POSIX_VDISABLE) {
 2013                 /*
 2014                  * Input flow control. Only enter the high watermark when we
 2015                  * can successfully store the VSTOP character.
 2016                  */
 2017                 if (ttyoutq_write_nofrag(&tp->t_outq,
 2018                     &tp->t_termios.c_cc[VSTOP], 1) == 0)
 2019                         tp->t_flags |= TF_HIWAT_IN;
 2020         } else {
 2021                 /* No input flow control. */
 2022                 tp->t_flags |= TF_HIWAT_IN;
 2023         }
 2024 }
 2025 
 2026 void
 2027 tty_hiwat_in_unblock(struct tty *tp)
 2028 {
 2029 
 2030         if (tp->t_flags & TF_HIWAT_IN &&
 2031             tp->t_termios.c_iflag & IXOFF &&
 2032             tp->t_termios.c_cc[VSTART] != _POSIX_VDISABLE) {
 2033                 /*
 2034                  * Input flow control. Only leave the high watermark when we
 2035                  * can successfully store the VSTART character.
 2036                  */
 2037                 if (ttyoutq_write_nofrag(&tp->t_outq,
 2038                     &tp->t_termios.c_cc[VSTART], 1) == 0)
 2039                         tp->t_flags &= ~TF_HIWAT_IN;
 2040         } else {
 2041                 /* No input flow control. */
 2042                 tp->t_flags &= ~TF_HIWAT_IN;
 2043         }
 2044 
 2045         if (!tty_gone(tp))
 2046                 ttydevsw_inwakeup(tp);
 2047 }
 2048 
 2049 /*
 2050  * TTY hooks interface.
 2051  */
 2052 
 2053 static int
 2054 ttyhook_defrint(struct tty *tp, char c, int flags)
 2055 {
 2056 
 2057         if (ttyhook_rint_bypass(tp, &c, 1) != 1)
 2058                 return (-1);
 2059 
 2060         return (0);
 2061 }
 2062 
 2063 int
 2064 ttyhook_register(struct tty **rtp, struct proc *p, int fd, struct ttyhook *th,
 2065     void *softc)
 2066 {
 2067         struct tty *tp;
 2068         struct file *fp;
 2069         struct cdev *dev;
 2070         struct cdevsw *cdp;
 2071         struct filedesc *fdp;
 2072         cap_rights_t rights;
 2073         int error, ref;
 2074 
 2075         /* Validate the file descriptor. */
 2076         fdp = p->p_fd;
 2077         error = fget_unlocked(fdp, fd, cap_rights_init(&rights, CAP_TTYHOOK),
 2078             &fp, NULL);
 2079         if (error != 0)
 2080                 return (error);
 2081         if (fp->f_ops == &badfileops) {
 2082                 error = EBADF;
 2083                 goto done1;
 2084         }
 2085 
 2086         /*
 2087          * Make sure the vnode is bound to a character device.
 2088          * Unlocked check for the vnode type is ok there, because we
 2089          * only shall prevent calling devvn_refthread on the file that
 2090          * never has been opened over a character device.
 2091          */
 2092         if (fp->f_type != DTYPE_VNODE || fp->f_vnode->v_type != VCHR) {
 2093                 error = EINVAL;
 2094                 goto done1;
 2095         }
 2096 
 2097         /* Make sure it is a TTY. */
 2098         cdp = devvn_refthread(fp->f_vnode, &dev, &ref);
 2099         if (cdp == NULL) {
 2100                 error = ENXIO;
 2101                 goto done1;
 2102         }
 2103         if (dev != fp->f_data) {
 2104                 error = ENXIO;
 2105                 goto done2;
 2106         }
 2107         if (cdp != &ttydev_cdevsw) {
 2108                 error = ENOTTY;
 2109                 goto done2;
 2110         }
 2111         tp = dev->si_drv1;
 2112 
 2113         /* Try to attach the hook to the TTY. */
 2114         error = EBUSY;
 2115         tty_lock(tp);
 2116         MPASS((tp->t_hook == NULL) == ((tp->t_flags & TF_HOOK) == 0));
 2117         if (tp->t_flags & TF_HOOK)
 2118                 goto done3;
 2119 
 2120         tp->t_flags |= TF_HOOK;
 2121         tp->t_hook = th;
 2122         tp->t_hooksoftc = softc;
 2123         *rtp = tp;
 2124         error = 0;
 2125 
 2126         /* Maybe we can switch into bypass mode now. */
 2127         ttydisc_optimize(tp);
 2128 
 2129         /* Silently convert rint() calls to rint_bypass() when possible. */
 2130         if (!ttyhook_hashook(tp, rint) && ttyhook_hashook(tp, rint_bypass))
 2131                 th->th_rint = ttyhook_defrint;
 2132 
 2133 done3:  tty_unlock(tp);
 2134 done2:  dev_relthread(dev, ref);
 2135 done1:  fdrop(fp, curthread);
 2136         return (error);
 2137 }
 2138 
 2139 void
 2140 ttyhook_unregister(struct tty *tp)
 2141 {
 2142 
 2143         tty_assert_locked(tp);
 2144         MPASS(tp->t_flags & TF_HOOK);
 2145 
 2146         /* Disconnect the hook. */
 2147         tp->t_flags &= ~TF_HOOK;
 2148         tp->t_hook = NULL;
 2149 
 2150         /* Maybe we need to leave bypass mode. */
 2151         ttydisc_optimize(tp);
 2152 
 2153         /* Maybe deallocate the TTY as well. */
 2154         tty_rel_free(tp);
 2155 }
 2156 
 2157 /*
 2158  * /dev/console handling.
 2159  */
 2160 
 2161 static int
 2162 ttyconsdev_open(struct cdev *dev, int oflags, int devtype, struct thread *td)
 2163 {
 2164         struct tty *tp;
 2165 
 2166         /* System has no console device. */
 2167         if (dev_console_filename == NULL)
 2168                 return (ENXIO);
 2169 
 2170         /* Look up corresponding TTY by device name. */
 2171         sx_slock(&tty_list_sx);
 2172         TAILQ_FOREACH(tp, &tty_list, t_list) {
 2173                 if (strcmp(dev_console_filename, tty_devname(tp)) == 0) {
 2174                         dev_console->si_drv1 = tp;
 2175                         break;
 2176                 }
 2177         }
 2178         sx_sunlock(&tty_list_sx);
 2179 
 2180         /* System console has no TTY associated. */
 2181         if (dev_console->si_drv1 == NULL)
 2182                 return (ENXIO);
 2183 
 2184         return (ttydev_open(dev, oflags, devtype, td));
 2185 }
 2186 
 2187 static int
 2188 ttyconsdev_write(struct cdev *dev, struct uio *uio, int ioflag)
 2189 {
 2190 
 2191         log_console(uio);
 2192 
 2193         return (ttydev_write(dev, uio, ioflag));
 2194 }
 2195 
 2196 /*
 2197  * /dev/console is a little different than normal TTY's.  When opened,
 2198  * it determines which TTY to use.  When data gets written to it, it
 2199  * will be logged in the kernel message buffer.
 2200  */
 2201 static struct cdevsw ttyconsdev_cdevsw = {
 2202         .d_version      = D_VERSION,
 2203         .d_open         = ttyconsdev_open,
 2204         .d_close        = ttydev_close,
 2205         .d_read         = ttydev_read,
 2206         .d_write        = ttyconsdev_write,
 2207         .d_ioctl        = ttydev_ioctl,
 2208         .d_kqfilter     = ttydev_kqfilter,
 2209         .d_poll         = ttydev_poll,
 2210         .d_mmap         = ttydev_mmap,
 2211         .d_name         = "ttyconsdev",
 2212         .d_flags        = D_TTY,
 2213 };
 2214 
 2215 static void
 2216 ttyconsdev_init(void *unused __unused)
 2217 {
 2218 
 2219         dev_console = make_dev_credf(MAKEDEV_ETERNAL, &ttyconsdev_cdevsw, 0,
 2220             NULL, UID_ROOT, GID_WHEEL, 0600, "console");
 2221 }
 2222 
 2223 SYSINIT(tty, SI_SUB_DRIVERS, SI_ORDER_FIRST, ttyconsdev_init, NULL);
 2224 
 2225 void
 2226 ttyconsdev_select(const char *name)
 2227 {
 2228 
 2229         dev_console_filename = name;
 2230 }
 2231 
 2232 /*
 2233  * Debugging routines.
 2234  */
 2235 
 2236 #include "opt_ddb.h"
 2237 #ifdef DDB
 2238 #include <ddb/ddb.h>
 2239 #include <ddb/db_sym.h>
 2240 
 2241 static const struct {
 2242         int flag;
 2243         char val;
 2244 } ttystates[] = {
 2245 #if 0
 2246         { TF_NOPREFIX,          'N' },
 2247 #endif
 2248         { TF_INITLOCK,          'I' },
 2249         { TF_CALLOUT,           'C' },
 2250 
 2251         /* Keep these together -> 'Oi' and 'Oo'. */
 2252         { TF_OPENED,            'O' },
 2253         { TF_OPENED_IN,         'i' },
 2254         { TF_OPENED_OUT,        'o' },
 2255         { TF_OPENED_CONS,       'c' },
 2256 
 2257         { TF_GONE,              'G' },
 2258         { TF_OPENCLOSE,         'B' },
 2259         { TF_ASYNC,             'Y' },
 2260         { TF_LITERAL,           'L' },
 2261 
 2262         /* Keep these together -> 'Hi' and 'Ho'. */
 2263         { TF_HIWAT,             'H' },
 2264         { TF_HIWAT_IN,          'i' },
 2265         { TF_HIWAT_OUT,         'o' },
 2266 
 2267         { TF_STOPPED,           'S' },
 2268         { TF_EXCLUDE,           'X' },
 2269         { TF_BYPASS,            'l' },
 2270         { TF_ZOMBIE,            'Z' },
 2271         { TF_HOOK,              's' },
 2272 
 2273         /* Keep these together -> 'bi' and 'bo'. */
 2274         { TF_BUSY,              'b' },
 2275         { TF_BUSY_IN,           'i' },
 2276         { TF_BUSY_OUT,          'o' },
 2277 
 2278         { 0,                    '\0'},
 2279 };
 2280 
 2281 #define TTY_FLAG_BITS \
 2282         "\2\1NOPREFIX\2INITLOCK\3CALLOUT\4OPENED_IN" \
 2283         "\5OPENED_OUT\6OPENED_CONS\7GONE\10OPENCLOSE" \
 2284         "\11ASYNC\12LITERAL\13HIWAT_IN\14HIWAT_OUT" \
 2285         "\15STOPPED\16EXCLUDE\17BYPASS\20ZOMBIE" \
 2286         "\21HOOK\22BUSY_IN\23BUSY_OUT"
 2287 
 2288 #define DB_PRINTSYM(name, addr) \
 2289         db_printf("%s  " #name ": ", sep); \
 2290         db_printsym((db_addr_t) addr, DB_STGY_ANY); \
 2291         db_printf("\n");
 2292 
 2293 static void
 2294 _db_show_devsw(const char *sep, const struct ttydevsw *tsw)
 2295 {
 2296 
 2297         db_printf("%sdevsw: ", sep);
 2298         db_printsym((db_addr_t)tsw, DB_STGY_ANY);
 2299         db_printf(" (%p)\n", tsw);
 2300         DB_PRINTSYM(open, tsw->tsw_open);
 2301         DB_PRINTSYM(close, tsw->tsw_close);
 2302         DB_PRINTSYM(outwakeup, tsw->tsw_outwakeup);
 2303         DB_PRINTSYM(inwakeup, tsw->tsw_inwakeup);
 2304         DB_PRINTSYM(ioctl, tsw->tsw_ioctl);
 2305         DB_PRINTSYM(param, tsw->tsw_param);
 2306         DB_PRINTSYM(modem, tsw->tsw_modem);
 2307         DB_PRINTSYM(mmap, tsw->tsw_mmap);
 2308         DB_PRINTSYM(pktnotify, tsw->tsw_pktnotify);
 2309         DB_PRINTSYM(free, tsw->tsw_free);
 2310 }
 2311 
 2312 static void
 2313 _db_show_hooks(const char *sep, const struct ttyhook *th)
 2314 {
 2315 
 2316         db_printf("%shook: ", sep);
 2317         db_printsym((db_addr_t)th, DB_STGY_ANY);
 2318         db_printf(" (%p)\n", th);
 2319         if (th == NULL)
 2320                 return;
 2321         DB_PRINTSYM(rint, th->th_rint);
 2322         DB_PRINTSYM(rint_bypass, th->th_rint_bypass);
 2323         DB_PRINTSYM(rint_done, th->th_rint_done);
 2324         DB_PRINTSYM(rint_poll, th->th_rint_poll);
 2325         DB_PRINTSYM(getc_inject, th->th_getc_inject);
 2326         DB_PRINTSYM(getc_capture, th->th_getc_capture);
 2327         DB_PRINTSYM(getc_poll, th->th_getc_poll);
 2328         DB_PRINTSYM(close, th->th_close);
 2329 }
 2330 
 2331 static void
 2332 _db_show_termios(const char *name, const struct termios *t)
 2333 {
 2334 
 2335         db_printf("%s: iflag 0x%x oflag 0x%x cflag 0x%x "
 2336             "lflag 0x%x ispeed %u ospeed %u\n", name,
 2337             t->c_iflag, t->c_oflag, t->c_cflag, t->c_lflag,
 2338             t->c_ispeed, t->c_ospeed);
 2339 }
 2340 
 2341 /* DDB command to show TTY statistics. */
 2342 DB_SHOW_COMMAND(tty, db_show_tty)
 2343 {
 2344         struct tty *tp;
 2345 
 2346         if (!have_addr) {
 2347                 db_printf("usage: show tty <addr>\n");
 2348                 return;
 2349         }
 2350         tp = (struct tty *)addr;
 2351 
 2352         db_printf("%p: %s\n", tp, tty_devname(tp));
 2353         db_printf("\tmtx: %p\n", tp->t_mtx);
 2354         db_printf("\tflags: 0x%b\n", tp->t_flags, TTY_FLAG_BITS);
 2355         db_printf("\trevokecnt: %u\n", tp->t_revokecnt);
 2356 
 2357         /* Buffering mechanisms. */
 2358         db_printf("\tinq: %p begin %u linestart %u reprint %u end %u "
 2359             "nblocks %u quota %u\n", &tp->t_inq, tp->t_inq.ti_begin,
 2360             tp->t_inq.ti_linestart, tp->t_inq.ti_reprint, tp->t_inq.ti_end,
 2361             tp->t_inq.ti_nblocks, tp->t_inq.ti_quota);
 2362         db_printf("\toutq: %p begin %u end %u nblocks %u quota %u\n",
 2363             &tp->t_outq, tp->t_outq.to_begin, tp->t_outq.to_end,
 2364             tp->t_outq.to_nblocks, tp->t_outq.to_quota);
 2365         db_printf("\tinlow: %zu\n", tp->t_inlow);
 2366         db_printf("\toutlow: %zu\n", tp->t_outlow);
 2367         _db_show_termios("\ttermios", &tp->t_termios);
 2368         db_printf("\twinsize: row %u col %u xpixel %u ypixel %u\n",
 2369             tp->t_winsize.ws_row, tp->t_winsize.ws_col,
 2370             tp->t_winsize.ws_xpixel, tp->t_winsize.ws_ypixel);
 2371         db_printf("\tcolumn: %u\n", tp->t_column);
 2372         db_printf("\twritepos: %u\n", tp->t_writepos);
 2373         db_printf("\tcompatflags: 0x%x\n", tp->t_compatflags);
 2374 
 2375         /* Init/lock-state devices. */
 2376         _db_show_termios("\ttermios_init_in", &tp->t_termios_init_in);
 2377         _db_show_termios("\ttermios_init_out", &tp->t_termios_init_out);
 2378         _db_show_termios("\ttermios_lock_in", &tp->t_termios_lock_in);
 2379         _db_show_termios("\ttermios_lock_out", &tp->t_termios_lock_out);
 2380 
 2381         /* Hooks */
 2382         _db_show_devsw("\t", tp->t_devsw);
 2383         _db_show_hooks("\t", tp->t_hook);
 2384 
 2385         /* Process info. */
 2386         db_printf("\tpgrp: %p gid %d\n", tp->t_pgrp,
 2387             tp->t_pgrp ? tp->t_pgrp->pg_id : 0);
 2388         db_printf("\tsession: %p", tp->t_session);
 2389         if (tp->t_session != NULL)
 2390             db_printf(" count %u leader %p tty %p sid %d login %s",
 2391                 tp->t_session->s_count, tp->t_session->s_leader,
 2392                 tp->t_session->s_ttyp, tp->t_session->s_sid,
 2393                 tp->t_session->s_login);
 2394         db_printf("\n");
 2395         db_printf("\tsessioncnt: %u\n", tp->t_sessioncnt);
 2396         db_printf("\tdevswsoftc: %p\n", tp->t_devswsoftc);
 2397         db_printf("\thooksoftc: %p\n", tp->t_hooksoftc);
 2398         db_printf("\tdev: %p\n", tp->t_dev);
 2399 }
 2400 
 2401 /* DDB command to list TTYs. */
 2402 DB_SHOW_ALL_COMMAND(ttys, db_show_all_ttys)
 2403 {
 2404         struct tty *tp;
 2405         size_t isiz, osiz;
 2406         int i, j;
 2407 
 2408         /* Make the output look like `pstat -t'. */
 2409         db_printf("PTR        ");
 2410 #if defined(__LP64__)
 2411         db_printf("        ");
 2412 #endif
 2413         db_printf("      LINE   INQ  CAN  LIN  LOW  OUTQ  USE  LOW   "
 2414             "COL  SESS  PGID STATE\n");
 2415 
 2416         TAILQ_FOREACH(tp, &tty_list, t_list) {
 2417                 isiz = tp->t_inq.ti_nblocks * TTYINQ_DATASIZE;
 2418                 osiz = tp->t_outq.to_nblocks * TTYOUTQ_DATASIZE;
 2419 
 2420                 db_printf("%p %10s %5zu %4u %4u %4zu %5zu %4u %4zu %5u %5d "
 2421                     "%5d ", tp, tty_devname(tp), isiz,
 2422                     tp->t_inq.ti_linestart - tp->t_inq.ti_begin,
 2423                     tp->t_inq.ti_end - tp->t_inq.ti_linestart,
 2424                     isiz - tp->t_inlow, osiz,
 2425                     tp->t_outq.to_end - tp->t_outq.to_begin,
 2426                     osiz - tp->t_outlow, MIN(tp->t_column, 99999),
 2427                     tp->t_session ? tp->t_session->s_sid : 0,
 2428                     tp->t_pgrp ? tp->t_pgrp->pg_id : 0);
 2429 
 2430                 /* Flag bits. */
 2431                 for (i = j = 0; ttystates[i].flag; i++)
 2432                         if (tp->t_flags & ttystates[i].flag) {
 2433                                 db_printf("%c", ttystates[i].val);
 2434                                 j++;
 2435                         }
 2436                 if (j == 0)
 2437                         db_printf("-");
 2438                 db_printf("\n");
 2439         }
 2440 }
 2441 #endif /* DDB */

Cache object: f83173f5a68fc35f0ae57b3e779bec78


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.