1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
25 /* All Rights Reserved */
26
27
28
29 /*
30 * Pseudo Terminal Master Driver.
31 *
32 * The pseudo-tty subsystem simulates a terminal connection, where the master
33 * side represents the terminal and the slave represents the user process's
34 * special device end point. The master device is set up as a cloned device
35 * where its major device number is the major for the clone device and its minor
36 * device number is the major for the ptm driver. There are no nodes in the file
37 * system for master devices. The master pseudo driver is opened using the
38 * open(2) system call with /dev/ptmx as the device parameter. The clone open
39 * finds the next available minor device for the ptm major device.
40 *
41 * A master device is available only if it and its corresponding slave device
42 * are not already open. When the master device is opened, the corresponding
43 * slave device is automatically locked out. Only one open is allowed on a
44 * master device. Multiple opens are allowed on the slave device. After both
45 * the master and slave have been opened, the user has two file descriptors
46 * which are the end points of a full duplex connection composed of two streams
47 * which are automatically connected at the master and slave drivers. The user
48 * may then push modules onto either side of the stream pair.
49 *
50 * The master and slave drivers pass all messages to their adjacent queues.
51 * Only the M_FLUSH needs some processing. Because the read queue of one side
52 * is connected to the write queue of the other, the FLUSHR flag is changed to
53 * the FLUSHW flag and vice versa. When the master device is closed an M_HANGUP
54 * message is sent to the slave device which will render the device
55 * unusable. The process on the slave side gets the EIO when attempting to write
56 * on that stream but it will be able to read any data remaining on the stream
57 * head read queue. When all the data has been read, read() returns 0
58 * indicating that the stream can no longer be used. On the last close of the
59 * slave device, a 0-length message is sent to the master device. When the
60 * application on the master side issues a read() or getmsg() and 0 is returned,
61 * the user of the master device decides whether to issue a close() that
62 * dismantles the pseudo-terminal subsystem. If the master device is not closed,
63 * the pseudo-tty subsystem will be available to another user to open the slave
64 * device.
65 *
66 * If O_NONBLOCK or O_NDELAY is set, read on the master side returns -1 with
67 * errno set to EAGAIN if no data is available, and write returns -1 with errno
68 * set to EAGAIN if there is internal flow control.
69 *
70 * IOCTLS:
71 *
72 * ISPTM: determines whether the file descriptor is that of an open master
73 * device. Return code of zero indicates that the file descriptor
74 * represents master device.
75 *
76 * UNLKPT: unlocks the master and slave devices. It returns 0 on success. On
77 * failure, the errno is set to EINVAL indicating that the master
78 * device is not open.
79 *
80 * ZONEPT: sets the zone membership of the associated pts device.
81 *
82 * GRPPT: sets the group owner of the associated pts device.
83 *
84 * Synchronization:
85 *
86 * All global data synchronization between ptm/pts is done via global
87 * ptms_lock mutex which is initialized at system boot time from
88 * ptms_initspace (called from space.c).
89 *
90 * Individual fields of pt_ttys structure (except ptm_rdq, pts_rdq and
91 * pt_nullmsg) are protected by pt_ttys.pt_lock mutex.
92 *
93 * PT_ENTER_READ/PT_ENTER_WRITE are reference counter based read-write locks
94 * which allow reader locks to be reacquired by the same thread (usual
95 * reader/writer locks can't be used for that purpose since it is illegal for
96 * a thread to acquire a lock it already holds, even as a reader). The sole
97 * purpose of these macros is to guarantee that the peer queue will not
98 * disappear (due to closing peer) while it is used. It is safe to use
99 * PT_ENTER_READ/PT_EXIT_READ brackets across calls like putq/putnext (since
100 * they are not real locks but reference counts).
101 *
102 * PT_ENTER_WRITE/PT_EXIT_WRITE brackets are used ONLY in master/slave
103 * open/close paths to modify ptm_rdq and pts_rdq fields. These fields should
104 * be set to appropriate queues *after* qprocson() is called during open (to
105 * prevent peer from accessing the queue with incomplete plumbing) and set to
106 * NULL before qprocsoff() is called during close.
107 *
108 * The pt_nullmsg field is only used in open/close routines and it is also
109 * protected by PT_ENTER_WRITE/PT_EXIT_WRITE brackets to avoid extra mutex
110 * holds.
111 *
112 * Lock Ordering:
113 *
114 * If both ptms_lock and per-pty lock should be held, ptms_lock should always
115 * be entered first, followed by per-pty lock.
116 *
117 * See ptms.h, pts.c and ptms_conf.c for more information.
118 */
119
120 #include <sys/types.h>
121 #include <sys/param.h>
122 #include <sys/file.h>
123 #include <sys/sysmacros.h>
124 #include <sys/stream.h>
125 #include <sys/stropts.h>
126 #include <sys/proc.h>
127 #include <sys/errno.h>
128 #include <sys/debug.h>
129 #include <sys/cmn_err.h>
130 #include <sys/ptms.h>
131 #include <sys/stat.h>
132 #include <sys/strsun.h>
133 #include <sys/systm.h>
134 #include <sys/modctl.h>
135 #include <sys/conf.h>
136 #include <sys/ddi.h>
137 #include <sys/sunddi.h>
138 #include <sys/zone.h>
139
140 #ifdef DEBUG
141 int ptm_debug = 0;
142 #define DBG(a) if (ptm_debug) cmn_err(CE_NOTE, a)
143 #else
144 #define DBG(a)
145 #endif
146
147 static int ptmopen(queue_t *, dev_t *, int, int, cred_t *);
148 static int ptmclose(queue_t *, int, cred_t *);
149 static void ptmwput(queue_t *, mblk_t *);
150 static void ptmrsrv(queue_t *);
151 static void ptmwsrv(queue_t *);
152
153 /*
154 * Master Stream Pseudo Terminal Module: stream data structure definitions
155 */
156
157 static struct module_info ptm_info = {
158 0xdead,
159 "ptm",
160 0,
161 512,
162 512,
163 128
164 };
165
166 static struct qinit ptmrint = {
167 NULL,
168 (int (*)()) ptmrsrv,
169 ptmopen,
170 ptmclose,
171 NULL,
172 &ptm_info,
173 NULL
174 };
175
176 static struct qinit ptmwint = {
177 (int (*)()) ptmwput,
178 (int (*)()) ptmwsrv,
179 NULL,
180 NULL,
181 NULL,
182 &ptm_info,
183 NULL
184 };
185
186 static struct streamtab ptminfo = {
187 &ptmrint,
188 &ptmwint,
189 NULL,
190 NULL
191 };
192
193 static int ptm_attach(dev_info_t *, ddi_attach_cmd_t);
194 static int ptm_detach(dev_info_t *, ddi_detach_cmd_t);
195 static int ptm_devinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
196
197 static dev_info_t *ptm_dip; /* private devinfo pointer */
198
199 /*
200 * this will define (struct cb_ops cb_ptm_ops) and (struct dev_ops ptm_ops)
201 */
202 DDI_DEFINE_STREAM_OPS(ptm_ops, nulldev, nulldev, ptm_attach, ptm_detach,
203 nodev, ptm_devinfo, D_MP, &ptminfo, ddi_quiesce_not_supported);
204
205 /*
206 * Module linkage information for the kernel.
207 */
208
209 static struct modldrv modldrv = {
210 &mod_driverops, /* Type of module. This one is a pseudo driver */
211 "Master streams driver 'ptm'",
212 &ptm_ops, /* driver ops */
213 };
214
215 static struct modlinkage modlinkage = {
216 MODREV_1,
217 { &modldrv, NULL }
218 };
219
220 int
221 _init(void)
222 {
223 int rc;
224
225 if ((rc = mod_install(&modlinkage)) == 0)
226 ptms_init();
227 return (rc);
228 }
229
230 int
231 _fini(void)
232 {
233 return (mod_remove(&modlinkage));
234 }
235
236 int
237 _info(struct modinfo *modinfop)
238 {
239 return (mod_info(&modlinkage, modinfop));
240 }
241
242 static int
243 ptm_attach(dev_info_t *devi, ddi_attach_cmd_t cmd)
244 {
245 if (cmd != DDI_ATTACH)
246 return (DDI_FAILURE);
247
248 if (ddi_create_minor_node(devi, "ptmajor", S_IFCHR,
249 0, DDI_PSEUDO, NULL) == DDI_FAILURE) {
250 ddi_remove_minor_node(devi, NULL);
251 return (DDI_FAILURE);
252 }
253 if (ddi_create_minor_node(devi, "ptmx", S_IFCHR,
254 0, DDI_PSEUDO, CLONE_DEV) == DDI_FAILURE) {
255 ddi_remove_minor_node(devi, NULL);
256 return (DDI_FAILURE);
257 }
258 ptm_dip = devi;
259
260 return (DDI_SUCCESS);
261 }
262
263 static int
264 ptm_detach(dev_info_t *devi, ddi_detach_cmd_t cmd)
265 {
266 if (cmd != DDI_DETACH)
267 return (DDI_FAILURE);
268
269 ddi_remove_minor_node(devi, NULL);
270 return (DDI_SUCCESS);
271 }
272
273 /*ARGSUSED*/
274 static int
275 ptm_devinfo(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg,
276 void **result)
277 {
278 int error;
279
280 switch (infocmd) {
281 case DDI_INFO_DEVT2DEVINFO:
282 if (ptm_dip == NULL) {
283 error = DDI_FAILURE;
284 } else {
285 *result = (void *)ptm_dip;
286 error = DDI_SUCCESS;
287 }
288 break;
289 case DDI_INFO_DEVT2INSTANCE:
290 *result = (void *)0;
291 error = DDI_SUCCESS;
292 break;
293 default:
294 error = DDI_FAILURE;
295 }
296 return (error);
297 }
298
299
300 /* ARGSUSED */
301 /*
302 * Open a minor of the master device. Store the write queue pointer and set the
303 * pt_state field to (PTMOPEN | PTLOCK).
304 * This code will work properly with both clone opens and direct opens of the
305 * master device.
306 */
307 static int
308 ptmopen(
309 queue_t *rqp, /* pointer to the read side queue */
310 dev_t *devp, /* pointer to stream tail's dev */
311 int oflag, /* the user open(2) supplied flags */
312 int sflag, /* open state flag */
313 cred_t *credp) /* credentials */
314 {
315 struct pt_ttys *ptmp;
316 mblk_t *mop; /* ptr to a setopts message block */
317 struct stroptions *sop;
318 minor_t dminor = getminor(*devp);
319
320 /* Allow reopen */
321 if (rqp->q_ptr != NULL)
322 return (0);
323
324 if (sflag & MODOPEN)
325 return (ENXIO);
326
327 if (!(sflag & CLONEOPEN) && dminor != 0) {
328 /*
329 * This is a direct open to specific master device through an
330 * artificially created entry with specific minor in
331 * /dev/directory. Such behavior is not supported.
332 */
333 return (ENXIO);
334 }
335
336 /*
337 * The master open requires that the slave be attached
338 * before it returns so that attempts to open the slave will
339 * succeeed
340 */
341 if (ptms_attach_slave() != 0) {
342 return (ENXIO);
343 }
344
345 mop = allocb(sizeof (struct stroptions), BPRI_MED);
346 if (mop == NULL) {
347 DDBG("ptmopen(): mop allocation failed\n", 0);
348 return (ENOMEM);
349 }
350
351 if ((ptmp = pt_ttys_alloc()) == NULL) {
352 DDBG("ptmopen(): pty allocation failed\n", 0);
353 freemsg(mop);
354 return (ENOMEM);
355 }
356
357 dminor = ptmp->pt_minor;
358
359 DDBGP("ptmopen(): allocated ptmp %p\n", (uintptr_t)ptmp);
360 DDBG("ptmopen(): allocated minor %d\n", dminor);
361
362 WR(rqp)->q_ptr = rqp->q_ptr = ptmp;
363
364 qprocson(rqp);
365
366 /* Allow slave to send messages to master */
367 PT_ENTER_WRITE(ptmp);
368 ptmp->ptm_rdq = rqp;
369 PT_EXIT_WRITE(ptmp);
370
371 /*
372 * set up hi/lo water marks on stream head read queue
373 * and add controlling tty if not set
374 */
375 mop->b_datap->db_type = M_SETOPTS;
376 mop->b_wptr += sizeof (struct stroptions);
377 sop = (struct stroptions *)mop->b_rptr;
378 if (oflag & FNOCTTY)
379 sop->so_flags = SO_HIWAT | SO_LOWAT;
380 else
381 sop->so_flags = SO_HIWAT | SO_LOWAT | SO_ISTTY;
382 sop->so_hiwat = 512;
383 sop->so_lowat = 256;
384 putnext(rqp, mop);
385
386 /*
387 * The input, devp, is a major device number, the output is put
388 * into the same parm as a major,minor pair.
389 */
390 *devp = makedevice(getmajor(*devp), dminor);
391
392 return (0);
393 }
394
395
396 /*
397 * Find the address to private data identifying the slave's write queue.
398 * Send a hang-up message up the slave's read queue to designate the
399 * master/slave pair is tearing down. Uattach the master and slave by
400 * nulling out the write queue fields in the private data structure.
401 * Finally, unlock the master/slave pair and mark the master as closed.
402 */
403 /*ARGSUSED1*/
404 static int
405 ptmclose(queue_t *rqp, int flag, cred_t *credp)
406 {
407 struct pt_ttys *ptmp;
408 queue_t *pts_rdq;
409
410 ASSERT(rqp->q_ptr);
411
412 ptmp = (struct pt_ttys *)rqp->q_ptr;
413 PT_ENTER_READ(ptmp);
414 if (ptmp->pts_rdq) {
415 pts_rdq = ptmp->pts_rdq;
416 if (pts_rdq->q_next) {
417 DBG(("send hangup message to slave\n"));
418 (void) putnextctl(pts_rdq, M_HANGUP);
419 }
420 }
421 PT_EXIT_READ(ptmp);
422 /*
423 * ptm_rdq should be cleared before call to qprocsoff() to prevent pts
424 * write procedure to attempt using ptm_rdq after qprocsoff.
425 */
426 PT_ENTER_WRITE(ptmp);
427 ptmp->ptm_rdq = NULL;
428 freemsg(ptmp->pt_nullmsg);
429 ptmp->pt_nullmsg = NULL;
430 /*
431 * qenable slave side write queue so that it can flush
432 * its messages as master's read queue is going away
433 */
434 if (ptmp->pts_rdq)
435 qenable(WR(ptmp->pts_rdq));
436 PT_EXIT_WRITE(ptmp);
437
438 qprocsoff(rqp);
439
440 /* Finish the close */
441 rqp->q_ptr = NULL;
442 WR(rqp)->q_ptr = NULL;
443
444 ptms_close(ptmp, PTMOPEN | PTLOCK);
445
446 return (0);
447 }
448
449 /*
450 * The wput procedure will only handle ioctl and flush messages.
451 */
452 static void
453 ptmwput(queue_t *qp, mblk_t *mp)
454 {
455 struct pt_ttys *ptmp;
456 struct iocblk *iocp;
457
458 DBG(("entering ptmwput\n"));
459 ASSERT(qp->q_ptr);
460
461 ptmp = (struct pt_ttys *)qp->q_ptr;
462 PT_ENTER_READ(ptmp);
463
464 switch (mp->b_datap->db_type) {
465 /*
466 * if write queue request, flush master's write
467 * queue and send FLUSHR up slave side. If read
468 * queue request, convert to FLUSHW and putnext().
469 */
470 case M_FLUSH:
471 {
472 unsigned char flush_flg = 0;
473
474 DBG(("ptm got flush request\n"));
475 if (*mp->b_rptr & FLUSHW) {
476 DBG(("got FLUSHW, flush ptm write Q\n"));
477 if (*mp->b_rptr & FLUSHBAND)
478 /*
479 * if it is a FLUSHBAND, do flushband.
480 */
481 flushband(qp, *(mp->b_rptr + 1),
482 FLUSHDATA);
483 else
484 flushq(qp, FLUSHDATA);
485 flush_flg = (*mp->b_rptr & ~FLUSHW) | FLUSHR;
486 }
487 if (*mp->b_rptr & FLUSHR) {
488 DBG(("got FLUSHR, set FLUSHW\n"));
489 flush_flg |= (*mp->b_rptr & ~FLUSHR) | FLUSHW;
490 }
491 if (flush_flg != 0 && ptmp->pts_rdq &&
492 !(ptmp->pt_state & PTLOCK)) {
493 DBG(("putnext to pts\n"));
494 *mp->b_rptr = flush_flg;
495 putnext(ptmp->pts_rdq, mp);
496 } else
497 freemsg(mp);
498 break;
499 }
500
501 case M_IOCTL:
502 iocp = (struct iocblk *)mp->b_rptr;
503 switch (iocp->ioc_cmd) {
504 default:
505 if ((ptmp->pt_state & PTLOCK) ||
506 (ptmp->pts_rdq == NULL)) {
507 DBG(("got M_IOCTL but no slave\n"));
508 miocnak(qp, mp, 0, EINVAL);
509 PT_EXIT_READ(ptmp);
510 return;
511 }
512 (void) putq(qp, mp);
513 break;
514 case UNLKPT:
515 mutex_enter(&ptmp->pt_lock);
516 ptmp->pt_state &= ~PTLOCK;
517 mutex_exit(&ptmp->pt_lock);
518 /*FALLTHROUGH*/
519 case ISPTM:
520 DBG(("ack the UNLKPT/ISPTM\n"));
521 miocack(qp, mp, 0, 0);
522 break;
523 case ZONEPT:
524 {
525 zoneid_t z;
526 int error;
527
528 if ((error = drv_priv(iocp->ioc_cr)) != 0) {
529 miocnak(qp, mp, 0, error);
530 break;
531 }
532 if ((error = miocpullup(mp, sizeof (zoneid_t))) != 0) {
533 miocnak(qp, mp, 0, error);
534 break;
535 }
536 z = *((zoneid_t *)mp->b_cont->b_rptr);
537 if (z < MIN_ZONEID || z > MAX_ZONEID) {
538 miocnak(qp, mp, 0, EINVAL);
539 break;
540 }
541
542 mutex_enter(&ptmp->pt_lock);
543 ptmp->pt_zoneid = z;
544 mutex_exit(&ptmp->pt_lock);
545 miocack(qp, mp, 0, 0);
546 break;
547 }
548 case OWNERPT:
549 {
550 pt_own_t *ptop;
551 int error;
552 zone_t *zone;
553
554 if ((error = miocpullup(mp, sizeof (pt_own_t))) != 0) {
555 miocnak(qp, mp, 0, error);
556 break;
557 }
558
559 zone = zone_find_by_id(ptmp->pt_zoneid);
560 ptop = (pt_own_t *)mp->b_cont->b_rptr;
561
562 if (!VALID_UID(ptop->pto_ruid, zone) ||
563 !VALID_GID(ptop->pto_rgid, zone)) {
564 zone_rele(zone);
565 miocnak(qp, mp, 0, EINVAL);
566 break;
567 }
568 zone_rele(zone);
569 mutex_enter(&ptmp->pt_lock);
570 ptmp->pt_ruid = ptop->pto_ruid;
571 ptmp->pt_rgid = ptop->pto_rgid;
572 mutex_exit(&ptmp->pt_lock);
573 miocack(qp, mp, 0, 0);
574 break;
575 }
576 }
577 break;
578
579 case M_READ:
580 /* Caused by ldterm - can not pass to slave */
581 freemsg(mp);
582 break;
583
584 /*
585 * send other messages to slave
586 */
587 default:
588 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
589 DBG(("got msg. but no slave\n"));
590 mp = mexchange(NULL, mp, 2, M_ERROR, -1);
591 if (mp != NULL) {
592 mp->b_rptr[0] = NOERROR;
593 mp->b_rptr[1] = EINVAL;
594 qreply(qp, mp);
595 }
596 PT_EXIT_READ(ptmp);
597 return;
598 }
599 DBG(("put msg on master's write queue\n"));
600 (void) putq(qp, mp);
601 break;
602 }
603 DBG(("return from ptmwput()\n"));
604 PT_EXIT_READ(ptmp);
605 }
606
607
608 /*
609 * enable the write side of the slave. This triggers the
610 * slave to send any messages queued on its write side to
611 * the read side of this master.
612 */
613 static void
614 ptmrsrv(queue_t *qp)
615 {
616 struct pt_ttys *ptmp;
617
618 DBG(("entering ptmrsrv\n"));
619 ASSERT(qp->q_ptr);
620
621 ptmp = (struct pt_ttys *)qp->q_ptr;
622 PT_ENTER_READ(ptmp);
623 if (ptmp->pts_rdq) {
624 qenable(WR(ptmp->pts_rdq));
625 }
626 PT_EXIT_READ(ptmp);
627 DBG(("leaving ptmrsrv\n"));
628 }
629
630
631 /*
632 * If there are messages on this queue that can be sent to
633 * slave, send them via putnext(). Else, if queued messages
634 * cannot be sent, leave them on this queue. If priority
635 * messages on this queue, send them to slave no matter what.
636 */
637 static void
638 ptmwsrv(queue_t *qp)
639 {
640 struct pt_ttys *ptmp;
641 mblk_t *mp;
642
643 DBG(("entering ptmwsrv\n"));
644 ASSERT(qp->q_ptr);
645
646 ptmp = (struct pt_ttys *)qp->q_ptr;
647
648 if ((mp = getq(qp)) == NULL) {
649 /* If there are no messages there's nothing to do. */
650 DBG(("leaving ptmwsrv (no messages)\n"));
651 return;
652 }
653
654 PT_ENTER_READ(ptmp);
655 if ((ptmp->pt_state & PTLOCK) || (ptmp->pts_rdq == NULL)) {
656 DBG(("in master write srv proc but no slave\n"));
657 /*
658 * Free messages on the write queue and send
659 * NAK for any M_IOCTL type messages to wakeup
660 * the user process waiting for ACK/NAK from
661 * the ioctl invocation
662 */
663 do {
664 if (mp->b_datap->db_type == M_IOCTL)
665 miocnak(qp, mp, 0, EINVAL);
666 else
667 freemsg(mp);
668 } while ((mp = getq(qp)) != NULL);
669 flushq(qp, FLUSHALL);
670
671 mp = mexchange(NULL, NULL, 2, M_ERROR, -1);
672 if (mp != NULL) {
673 mp->b_rptr[0] = NOERROR;
674 mp->b_rptr[1] = EINVAL;
675 qreply(qp, mp);
676 }
677 PT_EXIT_READ(ptmp);
678 return;
679 }
680 /*
681 * while there are messages on this write queue...
682 */
683 do {
684 /*
685 * if don't have control message and cannot put
686 * msg. on slave's read queue, put it back on
687 * this queue.
688 */
689 if (mp->b_datap->db_type <= QPCTL &&
690 !bcanputnext(ptmp->pts_rdq, mp->b_band)) {
691 DBG(("put msg. back on queue\n"));
692 (void) putbq(qp, mp);
693 break;
694 }
695 /*
696 * else send the message up slave's stream
697 */
698 DBG(("send message to slave\n"));
699 putnext(ptmp->pts_rdq, mp);
700 } while ((mp = getq(qp)) != NULL);
701 DBG(("leaving ptmwsrv\n"));
702 PT_EXIT_READ(ptmp);
703 }