summaryrefslogtreecommitdiffstats
path: root/sys/kern/tty_pty.c
Commit message (Collapse)AuthorAgeFilesLines
* Allow pty(4) to be loaded as a kld.ed2009-08-231-127/+0
| | | | | | | | | Unfortunately, the wrappers that are present in pts(4) don't have the mechanics to allow pty(4) to be unloaded safely, so I'm forcing this kld to return EBUSY. This also means we have to enable some extra code in pts(4) unconditionally. Proposed by: rwatson
* Small changes to the warning message generated by pty(4):ed2009-08-191-3/+4
| | | | | | | | | | - Only print the warning once, instead of filling up the screen. - Use the word "legacy" for the pty_warningcnt description, to prevent confusion. - Use log() instead of printf(). Discussed with: rwatson, jhb Approved by: re (kib)
* Don't use PTY name as format string, even though it isn't insecure here.ed2009-02-261-1/+1
| | | | | It's guaranteed that the `name' variable always contains a string of the form pty[l‐sL‐S][0‐9a‐v], but I'd rather keep the compiler happy (LLVM).
* Remove unneeded use of device unit numbers from pty(4).ed2009-01-251-8/+5
| | | | | A much more simple approach to generate the slave device name, is to obtain the device name of the master and replace 'p' by 't'.
* Allow the user to suppress the rate-limited pty(4) warning.ed2008-08-231-1/+5
| | | | | | | | | | | | | The pty(4) driver raises up to warnings when an old BSD-style PTY is created. The reason why I added this warning, was to make it easier to spot applications that allocate BSD-style PTY's, while they should just use openpty() or posix_openpt(). Add a sysctl, which allows you to override the number of remaining messages, making it possible to suppress the warnings. Requested by: kib Reviewed by: kib
* Integrate the new MPSAFE TTY layer to the FreeBSD operating system.ed2008-08-201-751/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The last half year I've been working on a replacement TTY layer for the FreeBSD kernel. The new TTY layer was designed to improve the following: - Improved driver model: The old TTY layer has a driver model that is not abstract enough to make it friendly to use. A good example is the output path, where the device drivers directly access the output buffers. This means that an in-kernel PPP implementation must always convert network buffers into TTY buffers. If a PPP implementation would be built on top of the new TTY layer (still needs a hooks layer, though), it would allow the PPP implementation to directly hand the data to the TTY driver. - Improved hotplugging: With the old TTY layer, it isn't entirely safe to destroy TTY's from the system. This implementation has a two-step destructing design, where the driver first abandons the TTY. After all threads have left the TTY, the TTY layer calls a routine in the driver, which can be used to free resources (unit numbers, etc). The pts(4) driver also implements this feature, which means posix_openpt() will now return PTY's that are created on the fly. - Improved performance: One of the major improvements is the per-TTY mutex, which is expected to improve scalability when compared to the old Giant locking. Another change is the unbuffered copying to userspace, which is both used on TTY device nodes and PTY masters. Upgrading should be quite straightforward. Unlike previous versions, existing kernel configuration files do not need to be changed, except when they reference device drivers that are listed in UPDATING. Obtained from: //depot/projects/mpsafetty/... Approved by: philip (ex-mentor) Discussed: on the lists, at BSDCan, at the DevSummit Sponsored by: Snow B.V., the Netherlands dcons(4) fixed by: kan
* Close two different races with concurrent opens of pty master devicesjhb2008-08-041-5/+24
| | | | | | that could result in leaked ttys or a leaked pty + tty pair. MFC after: 1 week
* In keeping with style(9)'s recommendations on macros, use a ';'rwatson2008-03-161-1/+1
| | | | | | | | | after each SYSINIT() macro invocation. This makes a number of lightweight C parsers much happier with the FreeBSD kernel source, including cflow's prcc and lxr. MFC after: 1 month Discussed with: imp, rink
* In rev. 1.156, the convertion of the minor number to the unit numberkib2008-01-261-3/+5
| | | | | | | | | | | | resulted in the argument to the make_dev() to be a unit number. Correct this by supplying a minor number to make_dev(), and using the unit number for the calculation of the slave tty name. Reported and tested by: Peter Holm Reviewed by: jhb Yet another pointy hat to: kib MFC after: 1 day
* In the rev. 1.153, the one place for converting minor number to unitkib2008-01-181-1/+3
| | | | | | | | | was missed. As result, pty_create_slave() may index out of the names[] bounds, creating wrong slave tty names. Tested by: kensmith Reviewed by: jhb MFC after: 3 days
* Bump up the number of ttys supported by pty(4) to 512 by making use ofjhb2007-11-191-3/+3
| | | | | | | [pt]ty[lmnoLMNO][0-9a-v]. MFC after: 3 days Reviewed by: rwatson
* A couple of optimizations to the last commit.jhb2007-11-081-2/+2
| | | | Submitted by: Christoph Mallon christoph mallon of gmx de
* Make it easier to add more ptys to the pty(4) driver:jhb2007-11-081-19/+12
| | | | | | | | | | - Use unit2minor() and minor2unit() to generate minor numbers to support unit numbers higher than 255. - Use simple string operations on the 'names' array rather than hard-coded constants and switch statements so that more ptys can be added by simply expanding the 'names' array. MFC after: 1 week
* Use make_dev_credf(MAKEDEV_REF) instead of make_dev() from pty clone handler.kib2007-07-031-2/+1
| | | | | Debugging help and testing by: Peter Holm Approved by: re (kensmith)
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningrwatson2006-11-061-2/+5
| | | | | | | | | | | | | specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
* Back out part of rev. 1.149. While adding a workaround in ptcopen() tombr2006-10-041-9/+2
| | | | | | | avoid leaked ptys works fine, this opens a possible security hole. Submitted by: bde MFC after: 3 days
* Readd rev. 1.145 because of vfs bugs and races near revoke(). Until theymbr2006-09-301-4/+14
| | | | | are fixed we can't free any slaves. Add a workaround to not to leak ptys by number.
* Free tty struct after last close. This should fix the pty-leak by numbers.mbr2006-09-291-12/+17
| | | | | | | | Remove workarounds for tty_refcount beeing 0, this will be fixed differently later. Back out rev 1.145 since we initialize the tty struct from scratch and bad things can't happen anymore.
* Fix our ioctl(2) implementation when the argument is "int". Newru2006-09-271-0/+11
| | | | | | | | | | | | | ioctls passing integer arguments should use the _IOWINT() macro. This fixes a lot of ioctl's not working on sparc64, most notable being keyboard/syscons ioctls. Full ABI compatibility is provided, with the bonus of fixing the handling of old ioctls on sparc64. Reviewed by: bde (with contributions) Tested by: emax, marius MFC after: 1 week
* Check for tp->t_refcnt == 0 before doing anything in tty_open().mbr2006-09-231-0/+12
| | | | | PR: 103520 MFC after: 1 week
* Don't destroy the slave /dev entry until someone figures out why devfs seemscognet2006-02-021-1/+1
| | | | to behave badly when we do so.
* Allow root in the host environment to open ptys within jailed environments.csjp2006-01-311-1/+1
| | | | | | | | | | | | | | This logic change was introduced in revision 1.74: Correct an oversight in jail() that allowed processes in jail to access ptys in ways that might be unethical, especially towards processes not in jail, or in other jails. It should be fine to allow root in the host environment to do this. This allows for more effective monitoring of prisons from the host environment. Discussed with: rwatson MFC after: 1 week
* Don't attempt to re-create the /dev entry for the slave part if it alreadycognet2006-01-261-1/+2
| | | | | | | exist when opening the master. This can happen if one open the master, then open the slave, then close and re-open the master. Reported by: Peter Holm
* Bring in a sysv-style pts implementation, as found in the rwatson_pts ↵cognet2006-01-261-7/+54
| | | | | | | | | | | | perforce branch. It works the same as its SysV/linux counterpart : You obtain a fd to the master pseudo terminal by opening /dev/ptmx, which craetes a node for the master as /dev/pty[num] and a node for the slave as /dev/pts/[num]. It should play nicely with the existing BSD ptys. By default, the system will use the BSD ptys, one can set the sysctl kern.pts.enable to 1 to make it use the new pts system. The max number of pty that can be allocated on a system can be changed with the sysctl kern.pts.max. It defaults to 1000, and can be increased, but it is not recommanded, as any pty with a number > 999 won't be handled by whatever uses utmp(5).
* Move the old BSD4.3 tty compatibility from (!BURN_BRIDGES && COMPAT_43)phk2006-01-101-9/+3
| | | | | | | | | | | | to COMPAT_43TTY. Add COMPAT_43TTY to NOTES and */conf/GENERIC Compile tty_compat.c only under the new option. Spit out #warning "Old BSD tty API used, please upgrade." if ioctl_compat.h gets #included from userland.
* Use ttyalloc() instead of ttymalloc()phk2006-01-041-1/+1
|
* Merge the dev_clone and dev_clone_cred event handlers into a singlerwatson2005-08-081-1/+1
| | | | | | | | | | | | | event handler, dev_clone, which accepts a credential argument. Implementors of the event can ignore it if they're not interested, and most do. This avoids having multiple event handler types and fall-back/precedence logic in devfs. This changes the kernel API for /dev cloning, and may affect third party packages containg cloning kernel modules. Requested by: phk MFC after: 3 days
* When devfs cloning takes place, provide access to the credential of therwatson2005-07-141-7/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | process that caused the clone event to take place for the device driver creating the device. This allows cloned device drivers to adapt the device node based on security aspects of the process, such as the uid, gid, and MAC label. - Add a cred reference to struct cdev, so that when a device node is instantiated as a vnode, the cloning credential can be exposed to MAC. - Add make_dev_cred(), a version of make_dev() that additionally accepts the credential to stick in the struct cdev. Implement it and make_dev() in terms of a back-end make_dev_credv(). - Add a new event handler, dev_clone_cred, which can be registered to receive the credential instead of dev_clone, if desired. - Modify the MAC entry point mac_create_devfs_device() to accept an optional credential pointer (may be NULL), so that MAC policies can inspect and act on the label or other elements of the credential when initializing the skeleton device protections. - Modify tty_pty.c to register clone_dev_cred and invoke make_dev_cred(), so that the pty clone credential is exposed to the MAC Framework. While currently primarily focussed on MAC policies, this change is also a prerequisite for changes to allow ptys to be instantiated with the UID of the process looking up the pty. This requires further changes to the pty driver -- in particular, to immediately recycle pty nodes on last close so that the credential-related state can be recreated on next lookup. Submitted by: Andrew Reisse <andrew.reisse@sparta.com> Obtained from: TrustedBSD Project Sponsored by: SPAWAR, SPARTA MFC after: 1 week MFC note: Merge to 6.x, but not 5.x for ABI reasons
* Explicitly hold a reference to the cdev we have just cloned. Thisphk2005-03-311-0/+1
| | | | | closes the race where the cdev was reclaimed before it ever made it back to devfs lookup.
* Use dynamic major number allocation.phk2005-02-271-5/+1
|
* /* -> /*- for copyright notices, minor format tweaks as necessaryimp2005-01-061-1/+1
|
* Include uio.hphk2004-12-221-3/+3
| | | | | Check O_NONBLOCK instead if IO_NDELAY Don't include vnode.h
* Add new function ttyinitmode() which sets our systemwide defaultphk2004-10-181-6/+1
| | | | | | | | | | | | | | modes on a tty structure. Both the ".init" and the current settings are initialized allowing the function to be used both at attach and open time. The function takes an argument to decide if echoing should be enabled. Echoing should not be enabled for regular physical serial ports unless they are consoles, in which case they should be configured by ttyconsolemode() instead. Use the new function throughout.
* Make pty's always come up in echo mode.phk2004-10-151-1/+1
|
* Split the ioctl function in control and slave side, this eliminatedphk2004-09-231-68/+78
| | | | a troublesome devsw() call.
* Use the tty->t_sc field to find our softc.phk2004-09-161-3/+4
|
* Preparation commit for the tty cleanups that will follow in the nearphk2004-07-151-1/+1
| | | | | | | | | future: rename ttyopen() -> tty_open() and ttyclose() -> tty_close(). We need the ttyopen() and ttyclose() for the new generic cdevsw functions for tty devices in order to have consistent naming.
* Gah! commit from wrong tree.phk2004-06-251-6/+0
| | | | Remove now unused variables from last commit.
* Retire the TIOC_REMOTE ioctl.phk2004-06-251-95/+3
| | | | | It was added 22 years ago for emacs to use, but emacs gave up on it it 17 years ago.
* Put the pre FreeBSD-2.x tty compat code under BURN_BRIDGES.phk2004-06-211-2/+6
|
* Second half of the dev_t cleanup.phk2004-06-171-2/+2
| | | | | | | | | | | The big lines are: NODEV -> NULL NOUDEV -> NODEV udev_t -> dev_t udev2dev() -> findcdev() Various minor adjustments including handling of userland access to kernel space struct cdev etc.
* Do the dreaded s/dev_t/struct cdev */phk2004-06-161-16/+16
| | | | Bump __FreeBSD_version accordingly.
* Deorbit COMPAT_SUNOS.phk2004-06-111-2/+2
| | | | | We inherited this from the sparc32 port of BSD4.4-Lite1. We have neither a sparc32 port nor a SunOS4.x compatibility desire these days.
* Rename struct pt_ioctl to "ptsc" and pointers to it from "pti" to "pt"phk2004-06-091-65/+65
|
* Ditch K&R function stylephk2004-06-091-63/+15
|
* Move PTY private defines into PTY private files.phk2004-06-091-0/+4
|
* Machine generated patch which changes linedisc calls from accessingphk2004-06-041-8/+8
| | | | | | linesw[] directly to using the ttyld...() functions The ttyld...() functions ar inline so there is no performance hit.
* Use ttymalloc() instead of ttyregister(). Use ttyioctl() instead ofphk2004-06-041-8/+6
| | | | direct calls to the linedisc.
* There is no need to explicitly call the stop function. In all likelyhoodphk2004-06-011-1/+0
| | | | ->l_close() did it and ttyclose certainly will.
* Remove advertising clause from University of California Regent's license,imp2004-04-051-4/+0
| | | | | | per letter dated July 22, 1999. Approved by: core
OpenPOWER on IntegriCloud