Commit Graph

293 Commits

Author SHA1 Message Date
thompsa
8ee58ba9e6 If we have getc_inject hooked then the outq buffer is inaccessible to the
driver so skip the drain rather than waiting indefinitely.

Reviewed by:	ed
2008-10-21 14:18:45 +00:00
ed
48c0c8f51a Import some improvements to the TTY code from the MPSAFE TTY branch.
- Change the ddb(4) commands to be more useful (by thompsa@):
  - `show ttys' is now called `show all ttys'. This command will now
    also display the address where the TTY data structure resides.
  - Add `show tty <addr>', which dumps the TTY in a readable form.

- Place an upper bound on the TTY buffer sizes. Some drivers do not want
  to care about baud rates. Protect these drivers by preventing the TTY
  buffers from getting enormous. Right now we'll just clamp it to 64K,
  which is pretty high, taking into account that these buffers are only
  used by the built-in discipline.

- Only call ttydev_leave() when needed. Back in April/May the TTY
  reference counting mechanism was a little different, which required us
  to call ttydev_leave() each time we finished a cdev operation.
  Nowadays we only need to call ttydev_leave() when we really mark it as
  being closed.

- Improve return codes of read() and write() on TTY device nodes.

- Make sure we really wake up all blocked threads when the driver calls
  tty_rel_gone(). There were some possible code paths where we didn't
  properly wake up any readers/writers.

- Add extra assertions to prevent sleeping on a TTY that has been
  abandoned by the driver.

- Use ttydev_cdevsw as a more reliable method to figure out whether a
  device node is a real TTY device node.

Obtained from:	//depot/projects/mpsafetty/...
Reviewed by:	thompsa
2008-10-15 16:58:35 +00:00
ed
2e07c6d916 Don't forget to initialize `int error' in ttydev_open().
I've had some reports in the past that opening an already opened TTY
through, for example, /dev/tty can fail with random error codes. Looking
at ttydev_open(), I can see there is a way `error' is returned without
initialising it. Even though I haven't had any confirmation this fixes
the bug, I'll fix it anyway.

Reported by:	Andrzej Tobola <ato iem pw edu pl>
2008-09-26 18:17:04 +00:00
ed
7993f2b835 Fix a crash when calling tty_rel_free() while draining during closure.
Yesterday I got two reports of potential crashes, related to TTY
deallocation during device closure. When a thread is in TF_OPENCLOSE,
draining its output upon closure, we should not allow calls to
tty_rel_free() to happen at the same time. This could cause the TTY to
be torn down twice.

PR:		kern/127561
Reported by:	KOIE Hidetaka <koie suri co jp>
Discussed with:	thompsa
2008-09-24 11:16:09 +00:00
ed
1475e942ed Introduce a hooks layer for the MPSAFE TTY layer.
One of the features that prevented us from fixing some of the TTY
consumers to work once again, was an interface that allowed consumers to
do the following:

- `Sniff' incoming data, which is used by the snp(4) driver.

- Take direct control of the input and output paths of a TTY, which is
  used by ng_tty(4), ppp(4), sl(4), etc.

There's no practical advantage in committing a hooks layer without
having any consumers. In P4 there is a preliminary port of snp(4) and
thompsa@ is busy porting ng_tty(4) to this interface. I already want to
have it in the tree, because this may stimulate others to work on the
remaining modules.

Discussed with:	thompsa
Obtained from:	//depot/projects/mpsafetty/...
2008-09-22 19:25:14 +00:00
ed
0f8f4f624b Fix minor TTY API inconsistency.
Unlike tty_rel_gone() and tty_rel_sess(), the tty_rel_pgrp() routine
does not unlock the TTY. I once had the idea to make the code call
tty_rel_pgrp() and tty_rel_sess(), picking up the TTY lock once. This
turned out a little harder than I expected, so this is how it works now.

It's a lot easier if we just let tty_rel_pgrp() unlock the TTY, because
the other routines do this anyway.
2008-09-16 14:57:23 +00:00
ed
e4b90a03d0 Make TIOCCONS use priv_check() instead of checking /dev/console permissions.
As discussed with Robert on IRC, checking the permissions on
/dev/console to see if we can call TIOCCONS could be unreliable. When we
run a chroot() without a devfs instance mounted inside, it won't
actually check the permissions on the device node inside the devfs
instance.

Using the already existing PRIV_TTY_CONSOLE for this seems like a better
idea.

Approved by:	rwatson
2008-09-06 14:43:32 +00:00
ed
fa5c2849f2 Implement pts(4) packet mode.
As reported by several users on the mailing lists, applications like
screen(1) fail to properly handle ^S and ^Q characters. This was because
MPSAFE TTY didn't implement packet mode (TIOCPKT) yet. Add basic packet
mode support to make these applications work again.

Obtained from:	//depot/projects/mpsafetty/...
2008-09-04 16:39:02 +00:00
ed
fa61dcef0f Fix some edge cases in the TTY queues:
- In the current design, when a TTY decreases its baud rate, it tries to
  shrink the queues. This may not always be possible, because it will
  not free any blocks that are still filled with data.

  Change the TTY queues to store a `quota' value as well, which means it
  will not free any blocks when changing the baud rate, but when placing
  blocks back into the queue. When the amount of blocks exceeds the
  quota, they get freed.

  It also fixes some edge cases, where TIOCSETA during read()/
  write()-calls could actually make the queue a tiny bit bigger than in
  normal cases.

- Don't leak blocks of memory when calling TIOCSETA when the device
  driver abandons the TTY while allocating memory.

- Create ttyoutq_init() and ttyinq_init() to initialize the queues,
  instead of initializing them by hand. The new TTY snoop driver also
  creates an outq, so it's good to have a proper interface to do this.

Obtained from:	//depot/projects/mpsafetty/...
2008-08-30 09:18:27 +00:00
ed
17e49589f8 Properly unlock the init/lock-state devices when invoking TIOCSETA.
For some reason a return-statement crept into this code, where it
shouldn't belong. This means we didn't properly unlock the TTY before
returning to userspace.

Submitted by:	Tor Egge <tor egge cvsup no freebsd org>
2008-08-27 19:37:21 +00:00
ed
a6b774bc3b Fix two small bugs in tcsetattr().
- According to POSIX, tcsetattr() must not fail when any of the bits in
  the structure are unsupported, but it must leave the unsupported flags
  alone.

- The CIGNORE flag (set by TCSASOFT, extension) was not cleared from
  c_cflag, which means using it would cause it to be applied during its
  entire lifespan. Eventually make sure we clear the flag.

I don't really like CIGNORE, but I think we must keep it alive right
now. With our new TTY layer, we don't actually need this mechanism,
because if you leave c_cflag, c_ispeed and c_ospeed alone, we won't make
a call into the device driver anyway.

Reported by:	naddy
Tested by:	naddy
2008-08-22 21:27:37 +00:00
ed
deab1dbbf7 Prevent VSTART flooding when turning on software flow control.
It turned out we transmitted VSTART after each successful read on a TTY
when software flow control was turned on. This was because of a very
evil bug where we tested the TF_HIWAT_IN flag the other way around.

Reported by:	Christian Weisgerber <naddy mips inka de>
2008-08-22 05:15:52 +00:00
ed
cc3116a938 Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
ed
c9af5459f4 Move ttyinfo() into its own C file.
The ttyinfo() routine generates the fancy output when pressing ^T. Right
now it is stored in tty.c. In the MPSAFE TTY code it is already stored
in tty_info.c. To make integration of the MPSAFE TTY code a little
easier, take the same approach.

This makes the TTY code a little bit more readable, because having the
proc_*/thread_* routines in tty.c is very distractful.

Approved by:	philip (mentor)
2008-07-25 14:31:00 +00:00
kib
797c3188c0 Rev. 1.274 put the ttyrel() call before the destroy_dev() in the
ttyfree(), freeing the tty. Since destroy_dev() may call d_purge()
cdevsw method, that is the ttypurge() for the tty, the code ends up
accessing freed tty structure.

Put the ttyrel() after destroy_dev() in the ttyfree. To prevent the
panic the rev. 1.274 provided fix for, check the TS_GONE in sysctl
handler and refuse to provide information on such tty.

Reported, debugging help and tested by:	pho
DIscussed with and reviewed by:	jhb
MFC after:	1 week
2008-05-23 16:47:55 +00:00
kib
90775e30db The dev_refthread() in the tty_gettp() may fail, because Giant is taken
in the giant_trick routines after the dev_refthread increments the
si_threadcount. Remove assert, do not perform dev_relthread() for failed
dev_refthread(), and handle failure in the tty_gettp() callers (cdevsw
tty methods).

Before kern_conf.c 1.210 and 1.211, the kernel usually paniced in the
giant_trick routines dereferencing NULL cdevsw, not taking this fault.

Reported by:	Vince Hoffman <jhary unsane co uk>
Debugging help and tested by:	pho
Reviewed by:	jhb
MFC after:	1 week
2008-05-23 16:46:27 +00:00
kib
a0dac34fa6 Use the t_state for the TS_GONE test.
Submitted by:   jhb
MFC after:	3 days
2008-05-23 16:43:59 +00:00
ed
bdc5be605f Move TTY unrelated bits out of <sys/tty.h>.
For some reason, the <sys/tty.h> header file also contains routines of the
clists and console that are used inside the TTY layer. Because the clists
are not only used by the TTY layer (example: various input drivers), we'd
better move the entire clist programming interface into <sys/clist.h>. Also
remove a declaration of nonexistent variable.

The <sys/tty.h> header also contains various definitions for the console
code (tty_cons.c). Also move these to <sys/cons.h>, because they are
not implemented inside the TTY layer.

While there, create separate malloc pools for the clist and console code.

Approved by:	philip (mentor)
2008-05-23 16:06:35 +00:00
davidxu
a19eeb1bb9 Implement POSIX function tcgetsid() which returns session id.
PR: stand/107561
2008-04-15 08:33:32 +00:00
jeff
46f09d5bc3 - Relax requirements for p_numthreads, p_threads, p_swtick, and p_nice from
requiring the per-process spinlock to only requiring the process lock.
 - Reflect these changes in the proc.h documentation and consumers throughout
   the kernel.  This is a substantial reduction in locking cost for these
   fields and was made possible by recent changes to threading support.
2008-03-19 06:19:01 +00:00
jhb
c9a8a65b69 Close a race in the kern.ttys sysctl handler that resulted in panics in
dev2udev() when a tty was being detached concurrently with the sysctl
handler:
- Hold the 'tty_list_mutex' lock while we read all the fields out of the
  struct tty for copying out later.  Previously the pty(4) and pts(4)
  destroy routines could set t_dev to NULL, drop their reference on the
  tty and destroy the cdev while the sysctl handler was attempting to
  invoke dev2udev() on the cdev being destroyed.  This happened when the
  sysctl handler read the value of t_dev prior to it being set to NULL
  either due to it being stale or due to timing races.  By holding the
  list lock we guarantee that the destroy routines will block in ttyrel()
  in that case and not destroy the cdev until after we've copied all of our
  data.  We may see a NULL cdev pointer or we may see the previous value,
  but the previous value will no longer point to a destroyed cdev if we
  see it.
- Fix the ttyfree() routine used by tty device drivers in their detach
  methods to use ttyrel() on the tty so we don't leak them.  Also, fix it
  to use the same order of operations as pty/pts destruction (set t_dev
  NULL, ttyrel(), destroy_dev()) so it cooperates with the sysctl handler.

MFC after:	3 days
Tested by:	avatar
2008-01-08 04:53:28 +00:00
kib
a8fa279159 ttyfree() frees the cdev(). But if there are pending kevents,
filt_ttyrdetach() etc would later attempt to dereference cdev->si_tty,
causing a 0xdeadc0de dereference.  Change kn_hook value from cdev to
struct tty to avoid dereferencing freed cdev.

In ttygone(), wake up select(), sigio and kevent() users in addition
to the queue sleepers.

Return EV_EOF from kevent filters if TS_GONE is set.

Submitted by:	peter
Tested by:	Peter Holm
Approved by:	re (kensmith)
MFC after:	2 weeks
2007-07-20 09:41:54 +00:00
jeff
4392265a3a - Use rufetchcalc() rather than calcru() in ttyinfo so that we get
correct system and user time stats.

Approved by:	re
Reported by:	kris
Discussed with:	Attilio
2007-07-01 00:17:59 +00:00
cognet
72a3e057dd Re-acquire the PROC_SLOCK before calling calcru(), and release it after,
since calcru() expects it to be locked.

Reviewed by:	attilio
2007-06-11 21:05:41 +00:00
mjacob
c3eaa66d34 The new compiler can't quite follow the logic of has_stime and
complains about using uninitialized tags in stime.
2007-06-10 01:49:17 +00:00
jeff
0e873af7bd Commit 9/14 of sched_lock decomposition.
- Attempt to return the ttyinfo() selection algorithm to something sane
   as it has been broken and disabled for some time.  Adapt this algorithm
   in such a way that it does not conflict with per-cpu scheduler locking.

Tested by:      kris, current@
Tested on:      i386, amd64, ULE, 4BSD, libthr, libkse, PREEMPTION, etc.
Discussed with: kris, attilio, kmacy, jhb, julian, bde (small parts each)
2007-06-04 23:55:32 +00:00
mbr
a2c03bf6cb Back out rev. 1.266. The real cause for the recent panics has been fixed
in rev. 1.267 and there is no need to keep this test.
2006-12-20 02:49:59 +00:00
mbr
37965664cc Giant might have been temporarily dropped while waiting for proctree_lock, allowing for an
intervening tty_close() that cleared tp->t_session.

Submitted by:	tegge
MFC:		1 day
2006-12-19 22:34:32 +00:00
mbr
ccabbc6486 Add the tp->t_refcnt validity check back. There are still some race
conditions where tp->t_refcnt can go to zero.
2006-12-19 16:46:13 +00:00
julian
396ed947f6 Threading cleanup.. part 2 of several.
Make part of John Birrell's KSE patch permanent..
Specifically, remove:
Any reference of the ksegrp structure. This feature was
never fully utilised and made things overly complicated.
All code in the scheduler that tried to make threaded programs
fair to unthreaded programs.  Libpthread processes will already
do this to some extent and libthr processes already disable it.

Also:
Since this makes such a big change to the scheduler(s), take the opportunity
to rename some structures and elements that had to be moved anyhow.
This makes the code a lot more readable.

The ULE scheduler compiles again but I have no idea if it works.

The 4bsd scheduler still reqires a little cleaning and some functions that now do
ALMOST nothing will go away, but I thought I'd do that as a separate commit.

Tested by David Xu, and Dan Eischen using libthr and libpthread.
2006-12-06 06:34:57 +00:00
tegge
4fdb31ed24 Don't drop reference to tty in tty_close() if TS_ISOPEN is already cleared.
Reviewed by:	bde
2006-11-06 22:12:43 +00:00
rwatson
10d0d9cf47 Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges.  These may
require some future tweaking.

Sponsored by:           nCircle Network Security, Inc.
Obtained from:          TrustedBSD Project
Discussed on:           arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
                        Alex Lyashkov <umka at sevcity dot net>,
                        Skip Ford <skip dot ford at verizon dot net>,
                        Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
jb
f82c799735 Make KSE a kernel option, turned on by default in all GENERIC
kernel configs except sun4v (which doesn't process signals properly
with KSE).

Reviewed by:	davidxu@
2006-10-26 21:42:22 +00:00
mbr
b63df50b58 Any call of tty_close() with a tty refcount of <= 1 is wrong and we will
free the tty in this case. This is a workaround until the underlaying
devfs/tty problems are fixed.

MFC after:	1 day
2006-09-30 08:11:51 +00:00
mbr
9af53fcaab Check for tp->t_refcnt == 0 before doing anything in tty_open().
PR:		103520
MFC after:	1 week
2006-09-23 14:52:46 +00:00
mbr
cdbb778538 Back out rev. 1.258. The real race cause has been fixed
in rev. 1.241 of kern_proc.c.

Requested by:	jhb
2006-09-21 14:09:26 +00:00
mbr
eecf512f8f Fix locking race in ttymodem(). The locking of the proctree happens too late
and opens a small race window before tp->t_session->s_leader is accessed. In case
tp->t_session has just been set to NULL elsewhere, we get a panic().

This fix is a bandaid until someone else fixes the whole locking in the tty subsystem.
Definitly more work needs to be done.

MFC after:	1 week
Reviewed by:	mlaier
PR:		kern/103101
2006-09-10 16:51:56 +00:00
phk
57be8af642 Move the old BSD4.3 tty compatibility from (!BURN_BRIDGES && COMPAT_43)
to COMPAT_43TTY.

Add COMPAT_43TTY to NOTES and */conf/GENERIC

Compile tty_compat.c only under the new option.

Spit out
	#warning "Old BSD tty API used, please upgrade."
if ioctl_compat.h gets #included from userland.
2006-01-10 09:19:10 +00:00
phk
3dc6c75d0c Deorbit ttymalloc() in preference for ttyalloc() 2006-01-04 09:59:07 +00:00
phk
04004b89a1 Use MTX_SYSINIT to set up the tty list mutex. 2006-01-04 08:22:39 +00:00
jhb
31b3920270 Revert most of revision 1.235 and fix the problem a different way. We
can't acquire an sx lock in ttyinfo() because ttyinfo() can be called
from interrupt handlers (such as atkbd_intr()).  Instead, go back to
locking the process group while we pick a thread to display information for
and hold that lock until after we drop sched_lock to make sure the
process doesn't exit out from under us.  sched_lock ensures that the
specific thread from that process doesn't go away.  To protect against
the process exiting after we drop the proc lock but before we dereference
it to lookup the pid and p_comm in the call to ttyprintf(), we now copy
the pid and p_comm to local variables while holding the proc lock.

This problem was found by the recently added TD_NO_SLEEPING assertions for
interrupt handlers.

Tested by:	emaste
MFC after:	1 week
2005-10-27 16:47:28 +00:00
phk
49fa638000 Use new functions to call into drivers methods. 2005-10-16 21:07:31 +00:00
phk
10f4dbda56 Make ttyconsolemode() call ttsetwater() so that drivers don't have to. 2005-10-16 20:58:22 +00:00
phk
2853ff590d Eliminate two unused arguments to ttycreate(). 2005-10-16 20:22:56 +00:00
ssouhlal
efe31cd3da Fix the recent panics/LORs/hangs created by my kqueue commit by:
- Introducing the possibility of using locks different than mutexes
for the knlist locking. In order to do this, we add three arguments to
knlist_init() to specify the functions to use to lock, unlock and
check if the lock is owned. If these arguments are NULL, we assume
mtx_lock, mtx_unlock and mtx_owned, respectively.

- Using the vnode lock for the knlist locking, when doing kqueue operations
on a vnode. This way, we don't have to lock the vnode while holding a
mutex, in filt_vfsread.

Reviewed by:	jmg
Approved by:	re (scottl), scottl (mentor override)
Pointyhat to:	ssouhlal
Will be happy:	everyone
2005-07-01 16:28:32 +00:00
avatar
e496403c65 According to the comment in struct tty, t_modem is optional; hence we should
guard against NULL t_modem entry. Otherwise, driver doesn't have t_modem
callback implemented(such like sys/dev/usb/ucycom.c) would panic when
someone opens the driver's associated tty device.

Reviewed by:	phk, sam (mentor)
2005-04-13 13:56:17 +00:00
phk
d55eb47f57 Make (some) serial ports implement the PPS-API again. This change
appearantly fell out during the tty code cleanup.
2005-03-26 20:12:39 +00:00
peter
b9ba5b3710 Replace my previous change for 32 bit systems with hz > 169 with Bruce's
simpler one.
2005-03-12 00:13:45 +00:00
peter
eca731ac63 Make the tty vmin/vtime timeouts work for hz > 169 on 32 bit machines. 2005-03-12 00:10:23 +00:00
phk
18d1a64228 Add placeholder mutex argument to new_unrhdr(). 2005-03-07 11:05:47 +00:00