1 /* $NetBSD: tty_ptm.c,v 1.46 2023/04/09 09:18:09 riastradh Exp $ */
2
3 /*-
4 * Copyright (c) 2004, 2020 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include <sys/cdefs.h>
30 __KERNEL_RCSID(0, "$NetBSD: tty_ptm.c,v 1.46 2023/04/09 09:18:09 riastradh Exp $");
31
32 #ifdef _KERNEL_OPT
33 #include "opt_compat_netbsd.h"
34 #include "opt_ptm.h"
35 #endif
36
37 /* pty multiplexor driver /dev/ptm{,x} */
38
39 #include <sys/param.h>
40 #include <sys/systm.h>
41 #include <sys/ioctl.h>
42 #include <sys/proc.h>
43 #include <sys/tty.h>
44 #include <sys/stat.h>
45 #include <sys/file.h>
46 #include <sys/uio.h>
47 #include <sys/kernel.h>
48 #include <sys/vnode.h>
49 #include <sys/namei.h>
50 #include <sys/signalvar.h>
51 #include <sys/filedesc.h>
52 #include <sys/conf.h>
53 #include <sys/poll.h>
54 #include <sys/pty.h>
55 #include <sys/kauth.h>
56 #include <sys/compat_stub.h>
57
58 #include <miscfs/specfs/specdev.h>
59
60 #include <compat/sys/ttycom.h>
61
62 #include "ioconf.h"
63
64 #ifdef DEBUG_PTM
65 #define DPRINTF(a) printf a
66 #else
67 #define DPRINTF(a)
68 #endif
69
70 #ifdef NO_DEV_PTM
71 const struct cdevsw ptm_cdevsw = {
72 .d_open = noopen,
73 .d_close = noclose,
74 .d_read = noread,
75 .d_write = nowrite,
76 .d_ioctl = noioctl,
77 .d_stop = nostop,
78 .d_tty = notty,
79 .d_poll = nopoll,
80 .d_mmap = nommap,
81 .d_kqfilter = nokqfilter,
82 .d_discard = nodiscard,
83 .d_flag = D_TTY
84 };
85 #else
86
87 int pts_major, ptc_major;
88
89 static dev_t pty_getfree(void);
90 static int pty_alloc_master(struct lwp *, int *, dev_t *, struct mount *, int);
91 static int pty_alloc_slave(struct lwp *, int *, dev_t, struct mount *);
92 static int pty_vn_open(struct vnode *, struct lwp *);
93
94 int
pty_getmp(struct lwp * l,struct mount ** mpp)95 pty_getmp(struct lwp *l, struct mount **mpp)
96 {
97 if (ptm == NULL)
98 return EOPNOTSUPP;
99
100 return (*ptm->getmp)(l, mpp);
101 }
102
103 dev_t
pty_makedev(char ms,int minor)104 pty_makedev(char ms, int minor)
105 {
106 return makedev(ms == 't' ? pts_major : ptc_major, minor);
107 }
108
109
110 static dev_t
pty_getfree(void)111 pty_getfree(void)
112 {
113 extern kmutex_t pt_softc_mutex;
114 int i;
115
116 mutex_enter(&pt_softc_mutex);
117 for (i = 0; i < npty; i++) {
118 if (pty_isfree(i, 0))
119 break;
120 }
121 mutex_exit(&pt_softc_mutex);
122 return pty_makedev('t', i);
123 }
124
125 /*
126 * Hacked up version of vn_open. We _only_ handle ptys and only open
127 * them with FREAD|FWRITE and never deal with creat or stuff like that.
128 *
129 * We need it because we have to fake up root credentials to open the pty.
130 */
131 int
pty_vn_open(struct vnode * vp,struct lwp * l)132 pty_vn_open(struct vnode *vp, struct lwp *l)
133 {
134 int error;
135
136 if (vp->v_type != VCHR) {
137 vput(vp);
138 return EINVAL;
139 }
140
141 error = VOP_OPEN(vp, FREAD|FWRITE, lwp0.l_cred);
142
143 if (error) {
144 /* only ptys mean we can't get these */
145 KASSERT(error != EDUPFD);
146 KASSERT(error != EMOVEFD);
147 vput(vp);
148 return error;
149 }
150
151 mutex_enter(vp->v_interlock);
152 vp->v_writecount++;
153 mutex_exit(vp->v_interlock);
154
155 return 0;
156 }
157
158 static int
pty_alloc_master(struct lwp * l,int * fd,dev_t * dev,struct mount * mp,int flags)159 pty_alloc_master(struct lwp *l, int *fd, dev_t *dev, struct mount *mp,
160 int flags)
161 {
162 int error;
163 struct file *fp;
164 struct vnode *vp;
165 int md;
166
167 if ((error = fd_allocfile(&fp, fd)) != 0) {
168 DPRINTF(("fd_allocfile %d\n", error));
169 return error;
170 }
171 retry:
172 /* Find and open a free master pty. */
173 *dev = pty_getfree();
174 md = minor(*dev);
175 if ((error = pty_check(md)) != 0) {
176 DPRINTF(("pty_check %d\n", error));
177 goto bad;
178 }
179 if (ptm == NULL) {
180 DPRINTF(("no ptm\n"));
181 error = EOPNOTSUPP;
182 goto bad;
183 }
184 if ((error = (*ptm->allocvp)(mp, l, &vp, *dev, 'p')) != 0) {
185 DPRINTF(("pty_allocvp %d\n", error));
186 goto bad;
187 }
188
189 if ((error = pty_vn_open(vp, l)) != 0) {
190 DPRINTF(("pty_vn_open %d\n", error));
191 /*
192 * Check if the master open failed because we lost
193 * the race to grab it.
194 */
195 if (error != EIO)
196 goto bad;
197 error = !pty_isfree(md, 1);
198 DPRINTF(("pty_isfree %d\n", error));
199 if (error)
200 goto retry;
201 else
202 goto bad;
203 }
204 fp->f_flag = FREAD|FWRITE|(flags&FMASK);
205 fp->f_type = DTYPE_VNODE;
206 fp->f_ops = &vnops;
207 fp->f_vnode = vp;
208
209 VOP_UNLOCK(vp);
210 fd_set_exclose(l, *fd, (flags & O_CLOEXEC) != 0);
211 fd_affix(curproc, fp, *fd);
212 return 0;
213 bad:
214 fd_abort(curproc, fp, *fd);
215 return error;
216 }
217
218 int
pty_grant_slave(struct lwp * l,dev_t dev,struct mount * mp)219 pty_grant_slave(struct lwp *l, dev_t dev, struct mount *mp)
220 {
221 int error;
222 struct vnode *vp;
223
224 /*
225 * Open the slave.
226 * namei -> setattr -> unlock -> revoke -> vrele ->
227 * namei -> open -> unlock
228 * Three stage rocket:
229 * 1. Change the owner and permissions on the slave.
230 * 2. Revoke all the users of the slave.
231 * 3. open the slave.
232 */
233 if (ptm == NULL)
234 return EOPNOTSUPP;
235 if ((error = (*ptm->allocvp)(mp, l, &vp, dev, 't')) != 0)
236 return error;
237
238 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) {
239 struct vattr vattr;
240 (*ptm->getvattr)(mp, l, &vattr);
241 /* Do the VOP_SETATTR() as root. */
242 error = VOP_SETATTR(vp, &vattr, lwp0.l_cred);
243 if (error) {
244 DPRINTF(("setattr %d\n", error));
245 vput(vp);
246 return error;
247 }
248 }
249 VOP_UNLOCK(vp);
250 VOP_REVOKE(vp, REVOKEALL);
251
252 /*
253 * The vnode is useless after the revoke, we need to get it again.
254 */
255 vrele(vp);
256 return 0;
257 }
258
259 static int
pty_alloc_slave(struct lwp * l,int * fd,dev_t dev,struct mount * mp)260 pty_alloc_slave(struct lwp *l, int *fd, dev_t dev, struct mount *mp)
261 {
262 int error;
263 struct file *fp;
264 struct vnode *vp;
265
266 /* Grab a filedescriptor for the slave */
267 if ((error = fd_allocfile(&fp, fd)) != 0) {
268 DPRINTF(("fd_allocfile %d\n", error));
269 return error;
270 }
271
272 if (ptm == NULL) {
273 error = EOPNOTSUPP;
274 goto bad;
275 }
276
277 if ((error = (*ptm->allocvp)(mp, l, &vp, dev, 't')) != 0)
278 goto bad;
279 if ((error = pty_vn_open(vp, l)) != 0)
280 goto bad;
281
282 fp->f_flag = FREAD|FWRITE;
283 fp->f_type = DTYPE_VNODE;
284 fp->f_ops = &vnops;
285 fp->f_vnode = vp;
286 VOP_UNLOCK(vp);
287 fd_affix(curproc, fp, *fd);
288 return 0;
289 bad:
290 fd_abort(curproc, fp, *fd);
291 return error;
292 }
293
294 struct ptm_pty *
pty_sethandler(struct ptm_pty * nptm)295 pty_sethandler(struct ptm_pty *nptm)
296 {
297 struct ptm_pty *optm = ptm;
298 ptm = nptm;
299 return optm;
300 }
301
302 int
pty_fill_ptmget(struct lwp * l,dev_t dev,int cfd,int sfd,void * data,struct mount * mp)303 pty_fill_ptmget(struct lwp *l, dev_t dev, int cfd, int sfd, void *data, struct mount *mp)
304 {
305 struct ptmget *ptmg = data;
306 int error;
307
308 if (ptm == NULL)
309 return EOPNOTSUPP;
310
311 ptmg->cfd = cfd == -1 ? minor(dev) : cfd;
312 ptmg->sfd = sfd == -1 ? minor(dev) : sfd;
313
314 error = (*ptm->makename)(mp, l, ptmg->cn, sizeof(ptmg->cn), dev, 'p');
315 if (error)
316 return error;
317
318 return (*ptm->makename)(mp, l, ptmg->sn, sizeof(ptmg->sn), dev, 't');
319 }
320
321 void
322 /*ARGSUSED*/
ptmattach(int n)323 ptmattach(int n)
324 {
325 extern const struct cdevsw pts_cdevsw, ptc_cdevsw;
326 /* find the major and minor of the pty devices */
327 if ((pts_major = cdevsw_lookup_major(&pts_cdevsw)) == -1)
328 panic("%s: Can't find pty slave in cdevsw", __func__);
329 if ((ptc_major = cdevsw_lookup_major(&ptc_cdevsw)) == -1)
330 panic("%s: Can't find pty master in cdevsw", __func__);
331 #ifdef COMPAT_BSDPTY
332 ptm = &ptm_bsdpty;
333 #endif
334 }
335
336 static int
337 /*ARGSUSED*/
ptmopen(dev_t dev,int flag,int mode,struct lwp * l)338 ptmopen(dev_t dev, int flag, int mode, struct lwp *l)
339 {
340 int error;
341 int fd;
342 dev_t ttydev;
343 struct mount *mp;
344
345 switch(minor(dev)) {
346 case 0: /* /dev/ptmx */
347 case 2: /* /emul/linux/dev/ptmx */
348 if ((error = pty_getmp(l, &mp)) != 0)
349 return error;
350 if ((error = pty_alloc_master(l, &fd, &ttydev, mp, flag)) != 0)
351 return error;
352 if (minor(dev) == 2) {
353 /*
354 * Linux ptyfs grants the pty right here.
355 * Handle this case here, instead of writing
356 * a new linux module.
357 */
358 if ((error = pty_grant_slave(l, ttydev, mp)) != 0) {
359 file_t *fp = fd_getfile(fd);
360 if (fp != NULL) {
361 fd_close(fd);
362 }
363 return error;
364 }
365 }
366 curlwp->l_dupfd = fd;
367 return EMOVEFD;
368 case 1: /* /dev/ptm */
369 return 0;
370 default:
371 return ENODEV;
372 }
373 }
374
375 static int
376 /*ARGSUSED*/
ptmclose(dev_t dev,int flag,int mode,struct lwp * l)377 ptmclose(dev_t dev, int flag, int mode, struct lwp *l)
378 {
379
380 return (0);
381 }
382
383 static int
384 /*ARGSUSED*/
ptmioctl(dev_t dev,u_long cmd,void * data,int flag,struct lwp * l)385 ptmioctl(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l)
386 {
387 int error;
388 dev_t newdev;
389 int cfd, sfd;
390 file_t *fp;
391 struct mount *mp;
392
393 error = 0;
394 switch (cmd) {
395 case TIOCPTMGET:
396 if ((error = pty_getmp(l, &mp)) != 0)
397 return error;
398
399 if ((error = pty_alloc_master(l, &cfd, &newdev, mp, 0)) != 0)
400 return error;
401
402 if ((error = pty_grant_slave(l, newdev, mp)) != 0)
403 goto bad;
404
405 if ((error = pty_alloc_slave(l, &sfd, newdev, mp)) != 0)
406 goto bad;
407
408 /* now, put the indices and names into struct ptmget */
409 if ((error = pty_fill_ptmget(l, newdev, cfd, sfd, data, mp)) != 0)
410 goto bad2;
411 return 0;
412 default:
413 MODULE_HOOK_CALL(tty_ptmioctl_60_hook,
414 (dev, cmd, data, flag, l), EPASSTHROUGH, error);
415 if (error != EPASSTHROUGH)
416 return error;
417 DPRINTF(("ptmioctl EINVAL\n"));
418 return EINVAL;
419 }
420 bad2:
421 fp = fd_getfile(sfd);
422 if (fp != NULL) {
423 fd_close(sfd);
424 }
425 bad:
426 fp = fd_getfile(cfd);
427 if (fp != NULL) {
428 fd_close(cfd);
429 }
430 return error;
431 }
432
433 const struct cdevsw ptm_cdevsw = {
434 .d_open = ptmopen,
435 .d_close = ptmclose,
436 .d_read = noread,
437 .d_write = nowrite,
438 .d_ioctl = ptmioctl,
439 .d_stop = nullstop,
440 .d_tty = notty,
441 .d_poll = nopoll,
442 .d_mmap = nommap,
443 .d_kqfilter = nokqfilter,
444 .d_discard = nodiscard,
445 .d_flag = D_TTY
446 };
447 #endif
448