Commit Graph

6 Commits

Author SHA1 Message Date
Ed Schouten
52f542a8e4 Enable secure TTY input buffer flushing by default.
I'm leaving the sysctl there. If people really notice a slowdown, they
can revert to the old behaviour.

Discussed with:	kib
2009-05-21 16:48:06 +00:00
Ed Schouten
770c15f60f Add a new sysctl: kern.tty_inq_flush_secure.
When enabled all TTY input queue buffers are zeroed when flushing or
closing the TTY. Because TTY input queues are also used to store filled
in passwords, this may be an interesting switch to enable for security
minded people.
2009-05-21 16:19:54 +00:00
Ed Schouten
1d952ed28c Use unsigned longs for the TTY's sysctl stats.
Spotted by:	clang
2009-02-26 10:28:32 +00:00
Ed Schouten
41ba7e9b13 Slightly improve the design of the TTY buffer.
The TTY buffers used the standard <sys/queue.h> lists. Unfortunately
they have a big shortcoming. If you want to have a double linked list,
but no tail pointer, it's still not possible to obtain the previous
element in the list. Inside the buffers we don't need them. This is why
I switched to custom linked list macros. The macros will also keep track
of the amount of items in the list. Because it doesn't use a sentinel,
we can just initialize the queues with zero.

In its simplest form (the output queue), we will only keep two
references to blocks in the queue, namely the head of the list and the
last block in use. All free blocks are stored behind the last block in
use.

I noticed there was a very subtle bug in the previous code: in a very
uncommon corner case, it would uma_zfree() a block in the queue before
calling memcpy() to extract the data from the block.
2009-02-03 19:58:28 +00:00
Ed Schouten
74bb9e3ad5 Fix some edge cases in the TTY queues:
- In the current design, when a TTY decreases its baud rate, it tries to
  shrink the queues. This may not always be possible, because it will
  not free any blocks that are still filled with data.

  Change the TTY queues to store a `quota' value as well, which means it
  will not free any blocks when changing the baud rate, but when placing
  blocks back into the queue. When the amount of blocks exceeds the
  quota, they get freed.

  It also fixes some edge cases, where TIOCSETA during read()/
  write()-calls could actually make the queue a tiny bit bigger than in
  normal cases.

- Don't leak blocks of memory when calling TIOCSETA when the device
  driver abandons the TTY while allocating memory.

- Create ttyoutq_init() and ttyinq_init() to initialize the queues,
  instead of initializing them by hand. The new TTY snoop driver also
  creates an outq, so it's good to have a proper interface to do this.

Obtained from:	//depot/projects/mpsafetty/...
2008-08-30 09:18:27 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00