1/* $NetBSD: tty_ptm.c,v 1.46 2023/04/09 09:18:09 riastradh Exp $ */ 2 3/*- 4 * Copyright (c) 2004, 2020 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29#include <sys/cdefs.h> 30__KERNEL_RCSID(0, "$NetBSD: tty_ptm.c,v 1.46 2023/04/09 09:18:09 riastradh Exp $"); 31 32#ifdef _KERNEL_OPT 33#include "opt_compat_netbsd.h" 34#include "opt_ptm.h" 35#endif 36 37/* pty multiplexor driver /dev/ptm{,x} */ 38 39#include <sys/param.h> 40#include <sys/systm.h> 41#include <sys/ioctl.h> 42#include <sys/proc.h> 43#include <sys/tty.h> 44#include <sys/stat.h> 45#include <sys/file.h> 46#include <sys/uio.h> 47#include <sys/kernel.h> 48#include <sys/vnode.h> 49#include <sys/namei.h> 50#include <sys/signalvar.h> 51#include <sys/filedesc.h> 52#include <sys/conf.h> 53#include <sys/poll.h> 54#include <sys/pty.h> 55#include <sys/kauth.h> 56#include <sys/compat_stub.h> 57 58#include <miscfs/specfs/specdev.h> 59 60#include <compat/sys/ttycom.h> 61 62#include "ioconf.h" 63 64#ifdef DEBUG_PTM 65#define DPRINTF(a) printf a 66#else 67#define DPRINTF(a) 68#endif 69 70#ifdef NO_DEV_PTM 71const struct cdevsw ptm_cdevsw = { 72 .d_open = noopen, 73 .d_close = noclose, 74 .d_read = noread, 75 .d_write = nowrite, 76 .d_ioctl = noioctl, 77 .d_stop = nostop, 78 .d_tty = notty, 79 .d_poll = nopoll, 80 .d_mmap = nommap, 81 .d_kqfilter = nokqfilter, 82 .d_discard = nodiscard, 83 .d_flag = D_TTY 84}; 85#else 86 87int pts_major, ptc_major; 88 89static dev_t pty_getfree(void); 90static int pty_alloc_master(struct lwp *, int *, dev_t *, struct mount *, int); 91static int pty_alloc_slave(struct lwp *, int *, dev_t, struct mount *); 92static int pty_vn_open(struct vnode *, struct lwp *); 93 94int 95pty_getmp(struct lwp *l, struct mount **mpp) 96{ 97 if (ptm == NULL) 98 return EOPNOTSUPP; 99 100 return (*ptm->getmp)(l, mpp); 101} 102 103dev_t 104pty_makedev(char ms, int minor) 105{ 106 return makedev(ms == 't' ? pts_major : ptc_major, minor); 107} 108 109 110static dev_t 111pty_getfree(void) 112{ 113 extern kmutex_t pt_softc_mutex; 114 int i; 115 116 mutex_enter(&pt_softc_mutex); 117 for (i = 0; i < npty; i++) { 118 if (pty_isfree(i, 0)) 119 break; 120 } 121 mutex_exit(&pt_softc_mutex); 122 return pty_makedev('t', i); 123} 124 125/* 126 * Hacked up version of vn_open. We _only_ handle ptys and only open 127 * them with FREAD|FWRITE and never deal with creat or stuff like that. 128 * 129 * We need it because we have to fake up root credentials to open the pty. 130 */ 131int 132pty_vn_open(struct vnode *vp, struct lwp *l) 133{ 134 int error; 135 136 if (vp->v_type != VCHR) { 137 vput(vp); 138 return EINVAL; 139 } 140 141 error = VOP_OPEN(vp, FREAD|FWRITE, lwp0.l_cred); 142 143 if (error) { 144 /* only ptys mean we can't get these */ 145 KASSERT(error != EDUPFD); 146 KASSERT(error != EMOVEFD); 147 vput(vp); 148 return error; 149 } 150 151 mutex_enter(vp->v_interlock); 152 vp->v_writecount++; 153 mutex_exit(vp->v_interlock); 154 155 return 0; 156} 157 158static int 159pty_alloc_master(struct lwp *l, int *fd, dev_t *dev, struct mount *mp, 160 int flags) 161{ 162 int error; 163 struct file *fp; 164 struct vnode *vp; 165 int md; 166 167 if ((error = fd_allocfile(&fp, fd)) != 0) { 168 DPRINTF(("fd_allocfile %d\n", error)); 169 return error; 170 } 171retry: 172 /* Find and open a free master pty. */ 173 *dev = pty_getfree(); 174 md = minor(*dev); 175 if ((error = pty_check(md)) != 0) { 176 DPRINTF(("pty_check %d\n", error)); 177 goto bad; 178 } 179 if (ptm == NULL) { 180 DPRINTF(("no ptm\n")); 181 error = EOPNOTSUPP; 182 goto bad; 183 } 184 if ((error = (*ptm->allocvp)(mp, l, &vp, *dev, 'p')) != 0) { 185 DPRINTF(("pty_allocvp %d\n", error)); 186 goto bad; 187 } 188 189 if ((error = pty_vn_open(vp, l)) != 0) { 190 DPRINTF(("pty_vn_open %d\n", error)); 191 /* 192 * Check if the master open failed because we lost 193 * the race to grab it. 194 */ 195 if (error != EIO) 196 goto bad; 197 error = !pty_isfree(md, 1); 198 DPRINTF(("pty_isfree %d\n", error)); 199 if (error) 200 goto retry; 201 else 202 goto bad; 203 } 204 fp->f_flag = FREAD|FWRITE|(flags&FMASK); 205 fp->f_type = DTYPE_VNODE; 206 fp->f_ops = &vnops; 207 fp->f_vnode = vp; 208 209 VOP_UNLOCK(vp); 210 fd_set_exclose(l, *fd, (flags & O_CLOEXEC) != 0); 211 fd_affix(curproc, fp, *fd); 212 return 0; 213bad: 214 fd_abort(curproc, fp, *fd); 215 return error; 216} 217 218int 219pty_grant_slave(struct lwp *l, dev_t dev, struct mount *mp) 220{ 221 int error; 222 struct vnode *vp; 223 224 /* 225 * Open the slave. 226 * namei -> setattr -> unlock -> revoke -> vrele -> 227 * namei -> open -> unlock 228 * Three stage rocket: 229 * 1. Change the owner and permissions on the slave. 230 * 2. Revoke all the users of the slave. 231 * 3. open the slave. 232 */ 233 if (ptm == NULL) 234 return EOPNOTSUPP; 235 if ((error = (*ptm->allocvp)(mp, l, &vp, dev, 't')) != 0) 236 return error; 237 238 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 239 struct vattr vattr; 240 (*ptm->getvattr)(mp, l, &vattr); 241 /* Do the VOP_SETATTR() as root. */ 242 error = VOP_SETATTR(vp, &vattr, lwp0.l_cred); 243 if (error) { 244 DPRINTF(("setattr %d\n", error)); 245 vput(vp); 246 return error; 247 } 248 } 249 VOP_UNLOCK(vp); 250 VOP_REVOKE(vp, REVOKEALL); 251 252 /* 253 * The vnode is useless after the revoke, we need to get it again. 254 */ 255 vrele(vp); 256 return 0; 257} 258 259static int 260pty_alloc_slave(struct lwp *l, int *fd, dev_t dev, struct mount *mp) 261{ 262 int error; 263 struct file *fp; 264 struct vnode *vp; 265 266 /* Grab a filedescriptor for the slave */ 267 if ((error = fd_allocfile(&fp, fd)) != 0) { 268 DPRINTF(("fd_allocfile %d\n", error)); 269 return error; 270 } 271 272 if (ptm == NULL) { 273 error = EOPNOTSUPP; 274 goto bad; 275 } 276 277 if ((error = (*ptm->allocvp)(mp, l, &vp, dev, 't')) != 0) 278 goto bad; 279 if ((error = pty_vn_open(vp, l)) != 0) 280 goto bad; 281 282 fp->f_flag = FREAD|FWRITE; 283 fp->f_type = DTYPE_VNODE; 284 fp->f_ops = &vnops; 285 fp->f_vnode = vp; 286 VOP_UNLOCK(vp); 287 fd_affix(curproc, fp, *fd); 288 return 0; 289bad: 290 fd_abort(curproc, fp, *fd); 291 return error; 292} 293 294struct ptm_pty * 295pty_sethandler(struct ptm_pty *nptm) 296{ 297 struct ptm_pty *optm = ptm; 298 ptm = nptm; 299 return optm; 300} 301 302int 303pty_fill_ptmget(struct lwp *l, dev_t dev, int cfd, int sfd, void *data, struct mount *mp) 304{ 305 struct ptmget *ptmg = data; 306 int error; 307 308 if (ptm == NULL) 309 return EOPNOTSUPP; 310 311 ptmg->cfd = cfd == -1 ? minor(dev) : cfd; 312 ptmg->sfd = sfd == -1 ? minor(dev) : sfd; 313 314 error = (*ptm->makename)(mp, l, ptmg->cn, sizeof(ptmg->cn), dev, 'p'); 315 if (error) 316 return error; 317 318 return (*ptm->makename)(mp, l, ptmg->sn, sizeof(ptmg->sn), dev, 't'); 319} 320 321void 322/*ARGSUSED*/ 323ptmattach(int n) 324{ 325 extern const struct cdevsw pts_cdevsw, ptc_cdevsw; 326 /* find the major and minor of the pty devices */ 327 if ((pts_major = cdevsw_lookup_major(&pts_cdevsw)) == -1) 328 panic("%s: Can't find pty slave in cdevsw", __func__); 329 if ((ptc_major = cdevsw_lookup_major(&ptc_cdevsw)) == -1) 330 panic("%s: Can't find pty master in cdevsw", __func__); 331#ifdef COMPAT_BSDPTY 332 ptm = &ptm_bsdpty; 333#endif 334} 335 336static int 337/*ARGSUSED*/ 338ptmopen(dev_t dev, int flag, int mode, struct lwp *l) 339{ 340 int error; 341 int fd; 342 dev_t ttydev; 343 struct mount *mp; 344 345 switch(minor(dev)) { 346 case 0: /* /dev/ptmx */ 347 case 2: /* /emul/linux/dev/ptmx */ 348 if ((error = pty_getmp(l, &mp)) != 0) 349 return error; 350 if ((error = pty_alloc_master(l, &fd, &ttydev, mp, flag)) != 0) 351 return error; 352 if (minor(dev) == 2) { 353 /* 354 * Linux ptyfs grants the pty right here. 355 * Handle this case here, instead of writing 356 * a new linux module. 357 */ 358 if ((error = pty_grant_slave(l, ttydev, mp)) != 0) { 359 file_t *fp = fd_getfile(fd); 360 if (fp != NULL) { 361 fd_close(fd); 362 } 363 return error; 364 } 365 } 366 curlwp->l_dupfd = fd; 367 return EMOVEFD; 368 case 1: /* /dev/ptm */ 369 return 0; 370 default: 371 return ENODEV; 372 } 373} 374 375static int 376/*ARGSUSED*/ 377ptmclose(dev_t dev, int flag, int mode, struct lwp *l) 378{ 379 380 return (0); 381} 382 383static int 384/*ARGSUSED*/ 385ptmioctl(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l) 386{ 387 int error; 388 dev_t newdev; 389 int cfd, sfd; 390 file_t *fp; 391 struct mount *mp; 392 393 error = 0; 394 switch (cmd) { 395 case TIOCPTMGET: 396 if ((error = pty_getmp(l, &mp)) != 0) 397 return error; 398 399 if ((error = pty_alloc_master(l, &cfd, &newdev, mp, 0)) != 0) 400 return error; 401 402 if ((error = pty_grant_slave(l, newdev, mp)) != 0) 403 goto bad; 404 405 if ((error = pty_alloc_slave(l, &sfd, newdev, mp)) != 0) 406 goto bad; 407 408 /* now, put the indices and names into struct ptmget */ 409 if ((error = pty_fill_ptmget(l, newdev, cfd, sfd, data, mp)) != 0) 410 goto bad2; 411 return 0; 412 default: 413 MODULE_HOOK_CALL(tty_ptmioctl_60_hook, 414 (dev, cmd, data, flag, l), EPASSTHROUGH, error); 415 if (error != EPASSTHROUGH) 416 return error; 417 DPRINTF(("ptmioctl EINVAL\n")); 418 return EINVAL; 419 } 420bad2: 421 fp = fd_getfile(sfd); 422 if (fp != NULL) { 423 fd_close(sfd); 424 } 425 bad: 426 fp = fd_getfile(cfd); 427 if (fp != NULL) { 428 fd_close(cfd); 429 } 430 return error; 431} 432 433const struct cdevsw ptm_cdevsw = { 434 .d_open = ptmopen, 435 .d_close = ptmclose, 436 .d_read = noread, 437 .d_write = nowrite, 438 .d_ioctl = ptmioctl, 439 .d_stop = nullstop, 440 .d_tty = notty, 441 .d_poll = nopoll, 442 .d_mmap = nommap, 443 .d_kqfilter = nokqfilter, 444 .d_discard = nodiscard, 445 .d_flag = D_TTY 446}; 447#endif 448