1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
25 /* All Rights Reserved */
26
27
28
29 /*
30 * Pseudo Terminal Master Driver.
31 *
32 * The pseudo-tty subsystem simulates a terminal connection, where the master
33 * side represents the terminal and the slave represents the user process's
34 * special device end point. The master device is set up as a cloned device
35 * where its major device number is the major for the clone device and its minor
36 * device number is the major for the ptm driver. There are no nodes in the file
37 * system for master devices. The master pseudo driver is opened using the
38 * open(2) system call with /dev/ptmx as the device parameter. The clone open
39 * finds the next available minor device for the ptm major device.
40 *
41 * A master device is available only if it and its corresponding slave device
42 * are not already open. When the master device is opened, the corresponding
43 * slave device is automatically locked out. Only one open is allowed on a
44 * master device. Multiple opens are allowed on the slave device. After both
45 * the master and slave have been opened, the user has two file descriptors
46 * which are the end points of a full duplex connection composed of two streams
47 * which are automatically connected at the master and slave drivers. The user
48 * may then push modules onto either side of the stream pair.
49 *
50 * The master and slave drivers pass all messages to their adjacent queues.
51 * Only the M_FLUSH needs some processing. Because the read queue of one side
52 * is connected to the write queue of the other, the FLUSHR flag is changed to
53 * the FLUSHW flag and vice versa. When the master device is closed an M_HANGUP
54 * message is sent to the slave device which will render the device
55 * unusable. The process on the slave side gets the EIO when attempting to write
56 * on that stream but it will be able to read any data remaining on the stream
57 * head read queue. When all the data has been read, read() returns 0
58 * indicating that the stream can no longer be used. On the last close of the
59 * slave device, a 0-length message is sent to the master device. When the
60 * application on the master side issues a read() or getmsg() and 0 is returned,
61 * the user of the master device decides whether to issue a close() that
62 * dismantles the pseudo-terminal subsystem. If the master device is not closed,
63 * the pseudo-tty subsystem will be available to another user to open the slave
64 * device.
65 *
66 * If O_NONBLOCK or O_NDELAY is set, read on the master side returns -1 with
67 * errno set to EAGAIN if no data is available, and write returns -1 with errno
68 * set to EAGAIN if there is internal flow control.
69 *
70 * IOCTLS:
71 *
72 * ISPTM: determines whether the file descriptor is that of an open master
73 * device. Return code of zero indicates that the file descriptor
74 * represents master device.
75 *
76 * UNLKPT: unlocks the master and slave devices. It returns 0 on success. On
77 * failure, the errno is set to EINVAL indicating that the master
78 * device is not open.
79 *
80 * ZONEPT: sets the zone membership of the associated pts device.
81 *
82 * GRPPT: sets the group owner of the associated pts device.
83 *
84 * Synchronization:
85 *
86 * All global data synchronization between ptm/pts is done via global
87 * ptms_lock mutex which is initialized at system boot time from
88 * ptms_initspace (called from space.c).
89 *
90 * Individual fields of pt_ttys structure (except ptm_rdq, pts_rdq and
91 * pt_nullmsg) are protected by pt_ttys.pt_lock mutex.
92 *
93 * PT_ENTER_READ/PT_ENTER_WRITE are reference counter based read-write locks
94 * which allow reader locks to be reacquired by the same thread (usual
95 * reader/writer locks can't be used for that purpose since it is illegal for
96 * a thread to acquire a lock it already holds, even as a reader). The sole
97 * purpose of these macros is to guarantee that the peer queue will not
98 * disappear (due to closing peer) while it is used. It is safe to use
99 * PT_ENTER_READ/PT_EXIT_READ brackets across calls like putq/putnext (since
100 * they are not real locks but reference counts).
101 *
102 * PT_ENTER_WRITE/PT_EXIT_WRITE brackets are used ONLY in master/slave
103 * open/close paths to modify ptm_rdq and pts_rdq fields. These fields should
104 * be set to appropriate queues *after* qprocson() is called during open (to
105 * prevent peer from accessing the queue with incomplete plumbing) and set to
106 * NULL before qprocsoff() is called during close.
107 *
108 * The pt_nullmsg field is only used in open/close routines and it is also
109 * protected by PT_ENTER_WRITE/PT_EXIT_WRITE brackets to avoid extra mutex
110 * holds.
111 *
112 * Lock Ordering:
113 *
114 * If both ptms_lock and per-pty lock should be held, ptms_lock should always
115 * be entered first, followed by per-pty lock.
116 *
117 * See ptms.h, pts.c and ptms_conf.c for more information.
118 */
119
120 #include <sys/types.h>
121 #include <sys/param.h>
122 #include <sys/file.h>
123 #include <sys/sysmacros.h>
124 #include <sys/stream.h>
125 #include <sys/stropts.h>
126 #include <sys/proc.h>
127 #include <sys/errno.h>
128 #include <sys/debug.h>
129 #include <sys/cmn_err.h>
130 #include <sys/ptms.h>
131 #include <sys/stat.h>
132 #include <sys/strsun.h>
133 #include <sys/systm.h>
134 #include <sys/modctl.h>
135 #include <sys/conf.h>
136 #include <sys/ddi.h>
137 #include <sys/sunddi.h>
138 #include <sys/zone.h>
139
140 #ifdef DEBUG
141 int ptm_debug = 0;
142 #define DBG(a) if (ptm_debug) cmn_err(CE_NOTE, a)
143 #else
144 #define DBG(a)
145 #endif
146
147 static int ptmopen(queue_t *, dev_t *, int, int, cred_t *);
148 static int ptmclose(queue_t *, int, cred_t *);
149 static void ptmwput(queue_t *, mblk_t *);
150 static void ptmrsrv(queue_t *);
151 static void ptmwsrv(queue_t *);
152
153 /*
154 * Master Stream Pseudo Terminal Module: stream data structure definitions
155 */
156
157 static struct module_info ptm_info = {
158 0xdead,
159 "ptm",
160 0,
161 512,
162 512,
163 128
164 };
165
166 static struct qinit ptmrint = {
167 NULL,
168 (int (*)()) ptmrsrv,
169 ptmopen,
170 ptmclose,
171 NULL,
172 &ptm_info,
173 NULL
174 };
175
176 static struct qinit ptmwint = {
177 (int (*)()) ptmwput,
178 (int (*)()) ptmwsrv,
179 NULL,
180 NULL,
181 NULL,
182 &ptm_info,
183 NULL
184 };
185
186 static struct streamtab ptminfo = {
187 &ptmrint,
188 &ptmwint,
189 NULL,
190 NULL
191 };
192
193 static int ptm_attach(dev_info_t *, ddi_attach_cmd_t);
194 static int ptm_detach(dev_info_t *, ddi_detach_cmd_t);
195 static int ptm_devinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
196
197 static dev_info_t *ptm_dip; /* private devinfo pointer */
198
199 /*
200 * this will define (struct cb_ops cb_ptm_ops) and (struct dev_ops ptm_ops)
201 */
202 DDI_DEFINE_STREAM_OPS(ptm_ops, nulldev, nulldev, ptm_attach, ptm_detach,
203 nodev, ptm_devinfo, D_MP, &ptminfo, ddi_quiesce_not_supported);
204
205 /*
206 * Module linkage information for the kernel.
207 */
208
209 static struct modldrv modldrv = {
210 &mod_driverops, /* Type of module. This one is a pseudo driver */
211 "Master streams driver 'ptm'",
212 &ptm_ops, /* driver ops */
213 };
214
215 static struct modlinkage modlinkage = {
216 MODREV_1,
217 &modldrv,
218 NULL
219 };
220
221 int
222 _init(void)
223 {
224 int rc;
225
226 if ((rc = mod_install(&modlinkage)) == 0)
227 ptms_init();
228 return (rc);
229 }
230
231 int
232 _fini(void)
233 {
234 return (mod_remove(&modlinkage));
235 }
236
237 int
238 _info(struct modinfo *modinfop)
239 {
240 return (mod_info(&modlinkage, modinfop));
241 }
242
243 static int
244 ptm_attach(dev_info_t *devi, ddi_attach_cmd_t cmd)
245 {
246 if (cmd != DDI_ATTACH)
247 return (DDI_FAILURE);
248
249 if (ddi_create_minor_node(devi, "ptmajor", S_IFCHR,
250 0, DDI_PSEUDO, NULL) == DDI_FAILURE) {
251 ddi_remove_minor_node(devi, NULL);
252 return (DDI_FAILURE);
253 }
254 if (ddi_create_minor_node(devi, "ptmx", S_IFCHR,
255 0, DDI_PSEUDO, CLONE_DEV) == DDI_FAILURE) {
256 ddi_remove_minor_node(devi, NULL);
257 return (DDI_FAILURE);
258 }
259 ptm_dip = devi;
260
261 return (DDI_SUCCESS);
262 }
263
264 static int
265 ptm_detach(dev_info_t *devi, ddi_detach_cmd_t cmd)
266 {
267 if (cmd != DDI_DETACH)
268 return (DDI_FAILURE);
269
270 ddi_remove_minor_node(devi, NULL);
271 return (DDI_SUCCESS);
272 }
273
274 /*ARGSUSED*/
275 static int
276 ptm_devinfo(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg,
277 void **result)
278 {
279 int error;
280
281 switch (infocmd) {
282 case DDI_INFO_DEVT2DEVINFO:
283 if (ptm_dip == NULL) {
284 error = DDI_FAILURE;
285 } else {
286 *result = (void *)ptm_dip;
287 error = DDI_SUCCESS;
288 }
289 break;
290 case DDI_INFO_DEVT2INSTANCE:
291 *result = (void *)0;
292 error = DDI_SUCCESS;
293 break;
294 default:
295 error = DDI_FAILURE;
296 }
297 return (error);
298 }
299
300
301 /* ARGSUSED */
302 /*
303 * Open a minor of the master device. Store the write queue pointer and set the
304 * pt_state field to (PTMOPEN | PTLOCK).
305 * This code will work properly with both clone opens and direct opens of the
306 * master device.
307 */
308 static int
309 ptmopen(
310 queue_t *rqp, /* pointer to the read side queue */
311 dev_t *devp, /* pointer to stream tail's dev */
312 int oflag, /* the user open(2) supplied flags */
313 int sflag, /* open state flag */
314 cred_t *credp) /* credentials */
315 {
316 struct pt_ttys *ptmp;
317 mblk_t *mop; /* ptr to a setopts message block */
318 struct stroptions *sop;
319 minor_t dminor = getminor(*devp);
320
321 /* Allow reopen */
322 if (rqp->q_ptr != NULL)
323 return (0);
324
325 if (sflag & MODOPEN)
326 return (ENXIO);
327
328 if (!(sflag & CLONEOPEN) && dminor != 0) {
329 /*
330 * This is a direct open to specific master device through an
331 * artificially created entry with specific minor in
332 * /dev/directory. Such behavior is not supported.
333 */
334 return (ENXIO);
335 }
336
337 /*
338 * The master open requires that the slave be attached
339 * before it returns so that attempts to open the slave will
340 * succeeed
341 */
342 if (ptms_attach_slave() != 0) {
343 return (ENXIO);
344 }
345
346 mop = allocb(sizeof (struct stroptions), BPRI_MED);
347 if (mop == NULL) {
348 DDBG("ptmopen(): mop allocation failed\n", 0);
349 return (ENOMEM);
350 }
351
352 if ((ptmp = pt_ttys_alloc()) == NULL) {
353 DDBG("ptmopen(): pty allocation failed\n", 0);
354 freemsg(mop);
355 return (ENOMEM);
356 }
357
358 dminor = ptmp->pt_minor;
359
360 DDBGP("ptmopen(): allocated ptmp %p\n", (uintptr_t)ptmp);
361 DDBG("ptmopen(): allocated minor %d\n", dminor);
362
363 WR(rqp)->q_ptr = rqp->q_ptr = ptmp;
364
365 qprocson(rqp);
366
367 /* Allow slave to send messages to master */
368 PT_ENTER_WRITE(ptmp);
369 ptmp->ptm_rdq = rqp;
370 PT_EXIT_WRITE(ptmp);
371
372 /*
373 * set up hi/lo water marks on stream head read queue
374 * and add controlling tty if not set
375 */
376 mop->b_datap->db_type = M_SETOPTS;
377 mop->b_wptr += sizeof (struct stroptions);
378 sop = (struct stroptions *)mop->b_rptr;
379 if (oflag & FNOCTTY)
380 sop->so_flags = SO_HIWAT | SO_LOWAT;
381 else
382 sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY;
383 sop->so_hiwat = 512;
384 sop->so_lowat = 256;
385 putnext(rqp, mop);
386
387 /*
388 * The input, devp, is a major device number, the output is put
389 * into the same parm as a major,minor pair.
390 */
391 *devp = makedevice(getmajor(*devp), dminor);
392
393 return (0);
394 }
395
396
397 /*
398 * Find the address to private data identifying the slave's write queue.
399 * Send a hang-up message up the slave's read queue to designate the
400 * master/slave pair is tearing down. Uattach the master and slave by
401 * nulling out the write queue fields in the private data structure.
402 * Finally, unlock the master/slave pair and mark the master as closed.
403 */
404 /*ARGSUSED1*/
405 static int
406 ptmclose(queue_t *rqp, int flag, cred_t *credp)
407 {
408 struct pt_ttys *ptmp;
409 queue_t *pts_rdq;
410
411 ASSERT(rqp->q_ptr);
412
413 ptmp = (struct pt_ttys *)rqp->q_ptr;
414 PT_ENTER_READ(ptmp);
415 if (ptmp->pts_rdq) {
416 pts_rdq = ptmp->pts_rdq;
417 if (pts_rdq->q_next) {
418 DBG(("send hangup message to slave\n"));
419 (void) putnextctl(pts_rdq, M_HANGUP);
420 }
421 }
422 PT_EXIT_READ(ptmp);
423 /*
424 * ptm_rdq should be cleared before call to qprocsoff() to prevent pts
425 * write procedure to attempt using ptm_rdq after qprocsoff.
426 */
427 PT_ENTER_WRITE(ptmp);
428 ptmp->ptm_rdq = NULL;
429 freemsg(ptmp->pt_nullmsg);
430 ptmp->pt_nullmsg = NULL;
431 /*
432 * qenable slave side write queue so that it can flush
433 * its messages as master's read queue is going away
434 */
435 if (ptmp->pts_rdq)
436 qenable(WR(ptmp->pts_rdq));
437 PT_EXIT_WRITE(ptmp);
438
439 qprocsoff(rqp);
440
441 /* Finish the close */
442 rqp->q_ptr = NULL;
443 WR(rqp)->q_ptr = NULL;
444
445 ptms_close(ptmp, PTMOPEN | PTLOCK);
446
447 return (0);
448 }
449
450 static boolean_t
451 ptmptsopencb(ptmptsopencb_arg_t arg)
452 {
453 struct pt_ttys *ptmp = (struct pt_ttys *)arg;
454 boolean_t rval;
455
456 PT_ENTER_READ(ptmp);
457 rval = (ptmp->pt_nullmsg != NULL);
458 PT_EXIT_READ(ptmp);
459 return (rval);
460 }
461
462 /*
463 * The wput procedure will only handle ioctl and flush messages.
464 */
465 static void
466 ptmwput(queue_t *qp, mblk_t *mp)
467 {
468 struct pt_ttys *ptmp;
469 struct iocblk *iocp;
470
471 DBG(("entering ptmwput\n"));
472 ASSERT(qp->q_ptr);
473
474 ptmp = (struct pt_ttys *)qp->q_ptr;
475 PT_ENTER_READ(ptmp);
476
477 switch (mp->b_datap->db_type) {
478 /*
479 * if write queue request, flush master's write
480 * queue and send FLUSHR up slave side. If read
481 * queue request, convert to FLUSHW and putnext().
482 */
483 case M_FLUSH:
484 {
485 unsigned char flush_flg = 0;
486
487 DBG(("ptm got flush request\n"));
488 if (*mp->b_rptr & FLUSHW) {
489 DBG(("got FLUSHW, flush ptm write Q\n"));
490 if (*mp->b_rptr & FLUSHBAND)
491 /*
492 * if it is a FLUSHBAND, do flushband.
493 */
494 flushband(qp, *(mp->b_rptr + 1),
495 FLUSHDATA);
496 else
497 flushq(qp, FLUSHDATA);
498 flush_flg = (*mp->b_rptr & ~FLUSHW) | FLUSHR;
499 }
500 if (*mp->b_rptr & FLUSHR) {
501 DBG(("got FLUSHR, set FLUSHW\n"));
502 flush_flg |= (*mp->b_rptr & ~FLUSHR) | FLUSHW;
503 }
504 if (flush_flg != 0 && ptmp->pts_rdq &&
505 !(ptmp->pt_state & PTLOCK)) {
506 DBG(("putnext to pts\n"));
507 *mp->b_rptr = flush_flg;
508 putnext(ptmp->pts_rdq, mp);
509 } else
510 freemsg(mp);
511 break;
512 }
513
514 case M_IOCTL:
515 iocp = (struct iocblk *)mp->b_rptr;
516 switch (iocp->ioc_cmd) {
517 default:
518 if ((ptmp->pt_state & PTLOCK) ||
519 (ptmp->pts_rdq == NULL)) {
520 DBG(("got M_IOCTL but no slave\n"));
521 miocnak(qp, mp, 0, EINVAL);
522 PT_EXIT_READ(ptmp);
523 return;
524 }
525 (void) putq(qp, mp);
526 break;
527 case UNLKPT:
528 mutex_enter(&ptmp->pt_lock);
529 ptmp->pt_state &= ~PTLOCK;
530 mutex_exit(&ptmp->pt_lock);
531 /*FALLTHROUGH*/
532 case ISPTM:
533 DBG(("ack the UNLKPT/ISPTM\n"));
534 miocack(qp, mp, 0, 0);
535 break;
536 case ZONEPT:
537 {
538 zoneid_t z;
539 int error;
540
541 if ((error = drv_priv(iocp->ioc_cr)) != 0) {
542 miocnak(qp, mp, 0, error);
543 break;
544 }
545 if ((error = miocpullup(mp, sizeof (zoneid_t))) != 0) {
546 miocnak(qp, mp, 0, error);
547 break;
548 }
549 z = *((zoneid_t *)mp->b_cont->b_rptr);
550 if (z < MIN_ZONEID || z > MAX_ZONEID) {
551 miocnak(qp, mp, 0, EINVAL);
552 break;
553 }
554
555 mutex_enter(&ptmp->pt_lock);
556 ptmp->pt_zoneid = z;
557 mutex_exit(&ptmp->pt_lock);
558 miocack(qp, mp, 0, 0);
559 break;
560 }
561 case OWNERPT:
562 {
563 pt_own_t *ptop;
564 int error;
565 zone_t *zone;
566
567 if ((error = miocpullup(mp, sizeof (pt_own_t))) != 0) {
568 miocnak(qp, mp, 0, error);
569 break;
570 }
571
572 zone = zone_find_by_id(ptmp->pt_zoneid);
573 ptop = (pt_own_t *)mp->b_cont->b_rptr;
574
575 if (!VALID_UID(ptop->pto_ruid, zone) ||
576 !VALID_GID(ptop->pto_rgid, zone)) {
577 zone_rele(zone);
578 miocnak(qp, mp, 0, EINVAL);
579 break;
580 }
581 zone_rele(zone);
582 mutex_enter(&ptmp->pt_lock);
583 ptmp->pt_ruid = ptop->pto_ruid;
584 ptmp->pt_rgid = ptop->pto_rgid;
585 mutex_exit(&ptmp->pt_lock);
586 miocack(qp, mp, 0, 0);
587 break;
588 }
589 case PTMPTSOPENCB:
590 {
591 mblk_t *dp; /* ioctl reply data */
592 ptmptsopencb_t *ppocb;
593
594 /* only allow the kernel to invoke this ioctl */
595 if (iocp->ioc_cr != kcred) {
596 miocnak(qp, mp, 0, EINVAL);
597 break;
598 }
599
600 /* we don't support transparent ioctls */
601 ASSERT(iocp->ioc_count != TRANSPARENT);
602 if (iocp->ioc_count == TRANSPARENT) {
603 miocnak(qp, mp, 0, EINVAL);
604 break;
605 }
606
607 /* allocate a response message */
608 dp = allocb(sizeof (ptmptsopencb_t), BPRI_MED);
609 if (dp == NULL) {
610 miocnak(qp, mp, 0, EAGAIN);
611 break;
612 }
613
614 /* initialize the ioctl results */
615 ppocb = (ptmptsopencb_t *)dp->b_rptr;
616 ppocb->ppocb_func = ptmptsopencb;
617 ppocb->ppocb_arg = (ptmptsopencb_arg_t)ptmp;
618
619 /* send the reply data */
620 mioc2ack(mp, dp, sizeof (ptmptsopencb_t), 0);
621 qreply(qp, mp);
622 break;
623 }
624 }
625 break;
626
627 case M_READ:
628 /* Caused by ldterm - can not pass to slave */
629 freemsg(mp);
630 break;
631
632 /*
633 * send other messages to slave
634 */
635 default:
636 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
637 DBG(("got msg. but no slave\n"));
638 mp = mexchange(NULL, mp, 2, M_ERROR, -1);
639 if (mp != NULL) {
640 mp->b_rptr[0] = NOERROR;
641 mp->b_rptr[1] = EINVAL;
642 qreply(qp, mp);
643 }
644 PT_EXIT_READ(ptmp);
645 return;
646 }
647 DBG(("put msg on master's write queue\n"));
648 (void) putq(qp, mp);
649 break;
650 }
651 DBG(("return from ptmwput()\n"));
652 PT_EXIT_READ(ptmp);
653 }
654
655
656 /*
657 * enable the write side of the slave. This triggers the
658 * slave to send any messages queued on its write side to
659 * the read side of this master.
660 */
661 static void
662 ptmrsrv(queue_t *qp)
663 {
664 struct pt_ttys *ptmp;
665
666 DBG(("entering ptmrsrv\n"));
667 ASSERT(qp->q_ptr);
668
669 ptmp = (struct pt_ttys *)qp->q_ptr;
670 PT_ENTER_READ(ptmp);
671 if (ptmp->pts_rdq) {
672 qenable(WR(ptmp->pts_rdq));
673 }
674 PT_EXIT_READ(ptmp);
675 DBG(("leaving ptmrsrv\n"));
676 }
677
678
679 /*
680 * If there are messages on this queue that can be sent to
681 * slave, send them via putnext(). Else, if queued messages
682 * cannot be sent, leave them on this queue. If priority
683 * messages on this queue, send them to slave no matter what.
684 */
685 static void
686 ptmwsrv(queue_t *qp)
687 {
688 struct pt_ttys *ptmp;
689 mblk_t *mp;
690
691 DBG(("entering ptmwsrv\n"));
692 ASSERT(qp->q_ptr);
693
694 ptmp = (struct pt_ttys *)qp->q_ptr;
695
696 if ((mp = getq(qp)) == NULL) {
697 /* If there are no messages there's nothing to do. */
698 DBG(("leaving ptmwsrv (no messages)\n"));
699 return;
700 }
701
702 PT_ENTER_READ(ptmp);
703 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
704 DBG(("in master write srv proc but no slave\n"));
705 /*
706 * Free messages on the write queue and send
707 * NAK for any M_IOCTL type messages to wakeup
708 * the user process waiting for ACK/NAK from
709 * the ioctl invocation
710 */
711 do {
712 if (mp->b_datap->db_type == M_IOCTL)
713 miocnak(qp, mp, 0, EINVAL);
714 else
715 freemsg(mp);
716 } while ((mp = getq(qp)) != NULL);
717 flushq(qp, FLUSHALL);
718
719 mp = mexchange(NULL, NULL, 2, M_ERROR, -1);
720 if (mp != NULL) {
721 mp->b_rptr[0] = NOERROR;
722 mp->b_rptr[1] = EINVAL;
723 qreply(qp, mp);
724 }
725 PT_EXIT_READ(ptmp);
726 return;
727 }
728 /*
729 * while there are messages on this write queue...
730 */
731 do {
732 /*
733 * if don't have control message and cannot put
734 * msg. on slave's read queue, put it back on
735 * this queue.
736 */
737 if (mp->b_datap->db_type <= QPCTL &&
738 !bcanputnext(ptmp->pts_rdq, mp->b_band)) {
739 DBG(("put msg. back on queue\n"));
740 (void) putbq(qp, mp);
741 break;
742 }
743 /*
744 * else send the message up slave's stream
745 */
746 DBG(("send message to slave\n"));
747 putnext(ptmp->pts_rdq, mp);
748 } while ((mp = getq(qp)) != NULL);
749 DBG(("leaving ptmwsrv\n"));
750 PT_EXIT_READ(ptmp);
751 }