kernel - Refactor tty clist code
[dragonfly.git] / sys / kern / tty.c
1 /*-
2  * (MPSAFE)
3  *
4  * Copyright (c) 1982, 1986, 1990, 1991, 1993
5  *      The Regents of the University of California.  All rights reserved.
6  * (c) UNIX System Laboratories, Inc.
7  * All or some portions of this file are derived from material licensed
8  * to the University of California by American Telephone and Telegraph
9  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
10  * the permission of UNIX System Laboratories, Inc.
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  * 3. Neither the name of the University nor the names of its contributors
21  *    may be used to endorse or promote products derived from this software
22  *    without specific prior written permission.
23  *
24  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34  * SUCH DAMAGE.
35  *
36  *      @(#)tty.c       8.8 (Berkeley) 1/21/94
37  * $FreeBSD: src/sys/kern/tty.c,v 1.129.2.5 2002/03/11 01:32:31 dd Exp $
38  */
39
40 /*
41  * MPSAFE NOTE:
42  * Almost all functions in this file are acquiring the tty token due to their
43  * access and modifications of the 'tp' (struct tty) objects.
44  */
45
46 /*-
47  * TODO:
48  *      o Fix races for sending the start char in ttyflush().
49  *      o Handle inter-byte timeout for "MIN > 0, TIME > 0" in ttyselect().
50  *        With luck, there will be MIN chars before select() returns().
51  *      o Handle CLOCAL consistently for ptys.  Perhaps disallow setting it.
52  *      o Don't allow input in TS_ZOMBIE case.  It would be visible through
53  *        FIONREAD.
54  *      o Do the new sio locking stuff here and use it to avoid special
55  *        case for EXTPROC?
56  *      o Lock PENDIN too?
57  *      o Move EXTPROC and/or PENDIN to t_state?
58  *      o Wrap most of ttioctl in spltty/splx.
59  *      o Implement TIOCNOTTY or remove it from <sys/ioctl.h>.
60  *      o Send STOP if IXOFF is toggled off while TS_TBLOCK is set.
61  *      o Don't allow certain termios flags to affect disciplines other
62  *        than TTYDISC.  Cancel their effects before switch disciplines
63  *        and ignore them if they are set while we are in another
64  *        discipline.
65  *      o Now that historical speed conversions are handled here, don't
66  *        do them in drivers.
67  *      o Check for TS_CARR_ON being set while everything is closed and not
68  *        waiting for carrier.  TS_CARR_ON isn't cleared if nothing is open,
69  *        so it would live until the next open even if carrier drops.
70  *      o Restore TS_WOPEN since it is useful in pstat.  It must be cleared
71  *        only when _all_ openers leave open().
72  */
73
74 #include "opt_uconsole.h"
75
76 #include <sys/param.h>
77 #include <sys/systm.h>
78 #include <sys/filio.h>
79 #include <sys/proc.h>
80 #include <sys/priv.h>
81 #include <sys/tty.h>
82 #define TTYDEFCHARS
83 #include <sys/ttydefaults.h>    /* for ttydefchars, CEOT */
84 #undef  TTYDEFCHARS
85 #include <sys/fcntl.h>
86 #include <sys/conf.h>
87 #include <sys/dkstat.h>
88 #include <sys/kernel.h>
89 #include <sys/vnode.h>
90 #include <sys/signalvar.h>
91 #include <sys/signal2.h>
92 #include <sys/resourcevar.h>
93 #include <sys/malloc.h>
94 #include <sys/filedesc.h>
95 #include <sys/sysctl.h>
96 #include <sys/thread2.h>
97
98 #include <vm/vm.h>
99 #include <sys/lock.h>
100 #include <vm/pmap.h>
101 #include <vm/vm_map.h>
102 #include <vm/vm_extern.h>
103
104 MALLOC_DEFINE(M_TTYS, "ttys", "tty data structures");
105
106 static int      proc_compare (struct proc *p1, struct proc *p2);
107 static int      ttnread (struct tty *tp);
108 static void     ttyecho (int c, struct tty *tp);
109 static int      ttyoutput (int c, struct tty *tp);
110 static void     ttypend (struct tty *tp);
111 static void     ttyretype (struct tty *tp);
112 static void     ttyrub (int c, struct tty *tp);
113 static void     ttyrubo (struct tty *tp, int cnt);
114 static void     ttyunblock (struct tty *tp);
115 static int      ttywflush (struct tty *tp);
116 static int      filt_ttyread (struct knote *kn, long hint);
117 static void     filt_ttyrdetach (struct knote *kn);
118 static int      filt_ttywrite (struct knote *kn, long hint);
119 static void     filt_ttywdetach (struct knote *kn);
120
121 /*
122  * Table with character classes and parity. The 8th bit indicates parity,
123  * the 7th bit indicates the character is an alphameric or underscore (for
124  * ALTWERASE), and the low 6 bits indicate delay type.  If the low 6 bits
125  * are 0 then the character needs no special processing on output; classes
126  * other than 0 might be translated or (not currently) require delays.
127  */
128 #define E       0x00    /* Even parity. */
129 #define O       0x80    /* Odd parity. */
130 #define PARITY(c)       (char_type[c] & O)
131
132 #define ALPHA   0x40    /* Alpha or underscore. */
133 #define ISALPHA(c)      (char_type[(c) & TTY_CHARMASK] & ALPHA)
134
135 #define CCLASSMASK      0x3f
136 #define CCLASS(c)       (char_type[c] & CCLASSMASK)
137
138 #define BS      BACKSPACE
139 #define CC      CONTROL
140 #define CR      RETURN
141 #define NA      ORDINARY | ALPHA
142 #define NL      NEWLINE
143 #define NO      ORDINARY
144 #define TB      TAB
145 #define VT      VTAB
146
147 static u_char const char_type[] = {
148         E|CC, O|CC, O|CC, E|CC, O|CC, E|CC, E|CC, O|CC, /* nul - bel */
149         O|BS, E|TB, E|NL, O|CC, E|VT, O|CR, O|CC, E|CC, /* bs - si */
150         O|CC, E|CC, E|CC, O|CC, E|CC, O|CC, O|CC, E|CC, /* dle - etb */
151         E|CC, O|CC, O|CC, E|CC, O|CC, E|CC, E|CC, O|CC, /* can - us */
152         O|NO, E|NO, E|NO, O|NO, E|NO, O|NO, O|NO, E|NO, /* sp - ' */
153         E|NO, O|NO, O|NO, E|NO, O|NO, E|NO, E|NO, O|NO, /* ( - / */
154         E|NA, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* 0 - 7 */
155         O|NA, E|NA, E|NO, O|NO, E|NO, O|NO, O|NO, E|NO, /* 8 - ? */
156         O|NO, E|NA, E|NA, O|NA, E|NA, O|NA, O|NA, E|NA, /* @ - G */
157         E|NA, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* H - O */
158         E|NA, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* P - W */
159         O|NA, E|NA, E|NA, O|NO, E|NO, O|NO, O|NO, O|NA, /* X - _ */
160         E|NO, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* ` - g */
161         O|NA, E|NA, E|NA, O|NA, E|NA, O|NA, O|NA, E|NA, /* h - o */
162         O|NA, E|NA, E|NA, O|NA, E|NA, O|NA, O|NA, E|NA, /* p - w */
163         E|NA, O|NA, O|NA, E|NO, O|NO, E|NO, E|NO, O|CC, /* x - del */
164         /*
165          * Meta chars; should be settable per character set;
166          * for now, treat them all as normal characters.
167          */
168         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
169         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
170         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
171         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
172         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
173         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
174         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
175         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
176         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
177         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
178         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
179         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
180         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
181         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
182         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
183         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
184 };
185 #undef  BS
186 #undef  CC
187 #undef  CR
188 #undef  NA
189 #undef  NL
190 #undef  NO
191 #undef  TB
192 #undef  VT
193
194 /* Macros to clear/set/test flags. */
195 #define SET(t, f)       (t) |= (f)
196 #define CLR(t, f)       (t) &= ~(f)
197 #define ISSET(t, f)     ((t) & (f))
198
199 #undef MAX_INPUT                /* XXX wrong in <sys/syslimits.h> */
200 #define MAX_INPUT       TTYHOG  /* XXX limit is usually larger for !ICANON */
201
202 uint64_t tk_nin;
203 SYSCTL_OPAQUE(_kern, OID_AUTO, tk_nin, CTLFLAG_RD, &tk_nin, sizeof(tk_nin),
204     "LU", "TTY input statistic");
205 uint64_t tk_nout;
206 SYSCTL_OPAQUE(_kern, OID_AUTO, tk_nout, CTLFLAG_RD, &tk_nout, sizeof(tk_nout),
207     "LU", "TTY output statistic");
208 uint64_t tk_rawcc;
209
210 /*
211  * list of struct tty where pstat(8) can pick it up with sysctl
212  */
213 static TAILQ_HEAD(, tty) tty_list = TAILQ_HEAD_INITIALIZER(tty_list);
214
215 /*
216  * Initial open of tty, or (re)entry to standard tty line discipline.
217  */
218 int
219 ttyopen(cdev_t device, struct tty *tp)
220 {
221         lwkt_gettoken(&tp->t_token);
222         tp->t_dev = device;
223         if (!ISSET(tp->t_state, TS_ISOPEN)) {
224                 SET(tp->t_state, TS_ISOPEN);
225                 if (ISSET(tp->t_cflag, CLOCAL)) {
226                         SET(tp->t_state, TS_CONNECTED);
227                 }
228                 bzero(&tp->t_winsize, sizeof(tp->t_winsize));
229         }
230         ttsetwater(tp);
231         lwkt_reltoken(&tp->t_token);
232
233         return (0);
234 }
235
236 /*
237  * Handle close() on a tty line: flush and set to initial state,
238  * bumping generation number so that pending read/write calls
239  * can detect recycling of the tty.
240  *
241  * XXX our caller should have done `spltty(); l_close(); ttyclose();'
242  * and l_close() should have flushed, but we repeat the spltty() and
243  * the flush in case there are buggy callers.
244  */
245 int
246 ttyclose(struct tty *tp)
247 {
248         lwkt_gettoken(&tp->t_token);
249         funsetown(&tp->t_sigio);
250         if (constty == tp)
251                 constty = NULL;
252
253         ttyflush(tp, FREAD | FWRITE);
254         clist_free_cblocks(&tp->t_canq);
255         clist_free_cblocks(&tp->t_outq);
256         clist_free_cblocks(&tp->t_rawq);
257
258         tp->t_gen++;
259         tp->t_line = TTYDISC;
260         ttyclearsession(tp);
261         tp->t_state &= TS_REGISTERED;   /* clear all bits except */
262         lwkt_reltoken(&tp->t_token);
263
264         return (0);
265 }
266
267 /*
268  * Disassociate the tty from its session.  Traditionally this has only been
269  * a half-close, meaning that the session was still allowed to point at the
270  * tty (resulting in the tty in the ps command showing something like 'p0-'),
271  * even though the tty is no longer pointing at the session.
272  *
273  * The half close seems to be useful only for 'ps' output but there is as
274  * yet no reason to remove the feature.  The full-close code is currently
275  * #if 0'd out.  See also sess_rele() in kern/kern_proc.c.
276  */
277 void
278 ttyclearsession(struct tty *tp)
279 {
280         struct session *sp;
281         struct procglob *prg;
282         struct pgrp *opgrp;
283
284         lwkt_gettoken(&tp->t_token);
285         opgrp = tp->t_pgrp;
286         tp->t_pgrp = NULL;
287         if (opgrp) {
288                 pgrel(opgrp);
289                 opgrp = NULL;
290         }
291
292 again:
293         if ((sp = tp->t_session) != NULL) {
294                 prg = sp->s_prg;
295                 lwkt_gettoken(&prg->proc_token);
296                 if (sp != tp->t_session) {
297                         lwkt_reltoken(&prg->proc_token);
298                         goto again;
299                 }
300                 tp->t_session = NULL;
301
302 #ifdef TTY_DO_FULL_CLOSE
303                 /* FULL CLOSE (not yet) */
304                 if (sp->s_ttyp == tp) {
305                         sp->s_ttyp = NULL;
306                         ttyunhold(tp);
307                 } else {
308                         kprintf("ttyclearsession: warning: sp->s_ttyp != tp "
309                                 "%p/%p\n", sp->s_ttyp, tp);
310                 }
311 #endif
312                 lwkt_reltoken(&prg->proc_token);
313         }
314         lwkt_reltoken(&tp->t_token);
315 }
316
317 /*
318  * Release the tty vnode association for a session.  This is the 
319  * 'other half' of the close.  Because multiple opens of /dev/tty
320  * only generate a single open to the actual tty, the file modes
321  * are locked to FREAD|FWRITE.
322  *
323  * If dorevoke is non-zero, the session is also revoked.  We have to
324  * close the vnode if VCTTYISOPEN is set.
325  */
326 void
327 ttyclosesession(struct session *sp, int dorevoke)
328 {
329         struct vnode *vp;
330         struct procglob *prg;
331
332         prg = sp->s_prg;
333         lwkt_gettoken(&prg->proc_token);
334 retry:
335         /*
336          * There may not be a controlling terminal or it may have been closed
337          * out from under us.
338          */
339         if ((vp = sp->s_ttyvp) == NULL) {
340                 lwkt_reltoken(&prg->proc_token);
341                 return;
342         }
343
344         /*
345          * We need a lock if we have to close or revoke.
346          */
347         if ((vp->v_flag & VCTTYISOPEN) || dorevoke) {
348                 vhold(vp);
349                 if (vn_lock(vp, LK_EXCLUSIVE | LK_RETRY | LK_FAILRECLAIM)) {
350                         vdrop(vp);
351                         goto retry;
352                 }
353
354                 /*
355                  * Retry if the vnode was ripped out from under us
356                  */
357                 if (vp != sp->s_ttyvp) {
358                         vn_unlock(vp);
359                         vdrop(vp);
360                         goto retry;
361                 }
362
363                 /*
364                  * Close and revoke as needed
365                  */
366                 sp->s_ttyvp = NULL;
367                 if (vp->v_flag & VCTTYISOPEN) {
368                         vclrflags(vp, VCTTYISOPEN);
369                         VOP_CLOSE(vp, FREAD|FWRITE, NULL);
370                 }
371                 vn_unlock(vp);
372                 if (dorevoke)
373                         vrevoke(vp, proc0.p_ucred);
374                 vdrop(vp);
375         } else {
376                 sp->s_ttyvp = NULL;
377         }
378         vrele(vp);
379         lwkt_reltoken(&prg->proc_token);
380 }
381
382 #define FLUSHQ(q) {                                                     \
383         if ((q)->c_cc)                                                  \
384                 ndflush(q, (q)->c_cc);                                  \
385 }
386
387 /* Is 'c' a line delimiter ("break" character)? */
388 #define TTBREAKC(c, lflag)                                                      \
389         ((c) == '\n' || (((c) == cc[VEOF] ||                            \
390           (c) == cc[VEOL] || ((c) == cc[VEOL2] && lflag & IEXTEN)) &&   \
391          (c) != _POSIX_VDISABLE))
392
393 /*
394  * Process input of a single character received on a tty.
395  */
396 int
397 ttyinput(int c, struct tty *tp)
398 {
399         tcflag_t iflag, lflag;
400         cc_t *cc;
401         int i, err;
402
403         lwkt_gettoken(&tp->t_token);
404         /*
405          * If input is pending take it first.
406          */
407         lflag = tp->t_lflag;
408         if (ISSET(lflag, PENDIN))
409                 ttypend(tp);
410         /*
411          * Gather stats.
412          */
413         if (ISSET(lflag, ICANON))
414                 ++tp->t_cancc;
415         else
416                 ++tp->t_rawcc;
417         ++tk_nin;
418
419         /*
420          * Block further input iff:
421          * current input > threshold AND input is available to user program
422          * AND input flow control is enabled and not yet invoked.
423          * The 3 is slop for PARMRK.
424          */
425         iflag = tp->t_iflag;
426         if (tp->t_rawq.c_cc + tp->t_canq.c_cc > tp->t_ihiwat - 3 &&
427             (!ISSET(lflag, ICANON) || tp->t_canq.c_cc != 0) &&
428             (ISSET(tp->t_cflag, CRTS_IFLOW) || ISSET(iflag, IXOFF)) &&
429             !ISSET(tp->t_state, TS_TBLOCK))
430                 ttyblock(tp);
431
432         /* Handle exceptional conditions (break, parity, framing). */
433         cc = tp->t_cc;
434         err = (ISSET(c, TTY_ERRORMASK));
435         if (err) {
436                 CLR(c, TTY_ERRORMASK);
437                 if (ISSET(err, TTY_BI)) {
438                         if (ISSET(iflag, IGNBRK)) {
439                                 lwkt_reltoken(&tp->t_token);
440                                 return (0);
441                         }
442                         if (ISSET(iflag, BRKINT)) {
443                                 ttyflush(tp, FREAD | FWRITE);
444                                 pgsignal(tp->t_pgrp, SIGINT, 1);
445                                 goto endcase;
446                         }
447                         if (ISSET(iflag, PARMRK))
448                                 goto parmrk;
449                 } else if ((ISSET(err, TTY_PE) && ISSET(iflag, INPCK))
450                         || ISSET(err, TTY_FE)) {
451                         if (ISSET(iflag, IGNPAR)) {
452                                 lwkt_reltoken(&tp->t_token);
453                                 return (0);
454                         }
455                         else if (ISSET(iflag, PARMRK)) {
456 parmrk:
457                                 if (tp->t_rawq.c_cc + tp->t_canq.c_cc >
458                                     MAX_INPUT - 3)
459                                         goto input_overflow;
460                                 clist_putc(0377 | TTY_QUOTE, &tp->t_rawq);
461                                 clist_putc(0 | TTY_QUOTE, &tp->t_rawq);
462                                 clist_putc(c | TTY_QUOTE, &tp->t_rawq);
463                                 goto endcase;
464                         } else
465                                 c = 0;
466                 }
467         }
468
469         if (!ISSET(tp->t_state, TS_TYPEN) && ISSET(iflag, ISTRIP))
470                 CLR(c, 0x80);
471         if (!ISSET(lflag, EXTPROC)) {
472                 /*
473                  * Check for literal nexting very first
474                  */
475                 if (ISSET(tp->t_state, TS_LNCH)) {
476                         SET(c, TTY_QUOTE);
477                         CLR(tp->t_state, TS_LNCH);
478                 }
479                 /*
480                  * Scan for special characters.  This code
481                  * is really just a big case statement with
482                  * non-constant cases.  The bottom of the
483                  * case statement is labeled ``endcase'', so goto
484                  * it after a case match, or similar.
485                  */
486
487                 /*
488                  * Control chars which aren't controlled
489                  * by ICANON, ISIG, or IXON.
490                  */
491                 if (ISSET(lflag, IEXTEN)) {
492                         if (CCEQ(cc[VLNEXT], c)) {
493                                 if (ISSET(lflag, ECHO)) {
494                                         if (ISSET(lflag, ECHOE)) {
495                                                 (void)ttyoutput('^', tp);
496                                                 (void)ttyoutput('\b', tp);
497                                         } else
498                                                 ttyecho(c, tp);
499                                 }
500                                 SET(tp->t_state, TS_LNCH);
501                                 goto endcase;
502                         }
503                         if (CCEQ(cc[VDISCARD], c)) {
504                                 if (ISSET(lflag, FLUSHO))
505                                         CLR(tp->t_lflag, FLUSHO);
506                                 else {
507                                         ttyflush(tp, FWRITE);
508                                         ttyecho(c, tp);
509                                         if (tp->t_rawq.c_cc + tp->t_canq.c_cc)
510                                                 ttyretype(tp);
511                                         SET(tp->t_lflag, FLUSHO);
512                                 }
513                                 goto startoutput;
514                         }
515                 }
516                 /*
517                  * Signals.
518                  */
519                 if (ISSET(lflag, ISIG)) {
520                         if (CCEQ(cc[VINTR], c) || CCEQ(cc[VQUIT], c)) {
521                                 if (!ISSET(lflag, NOFLSH))
522                                         ttyflush(tp, FREAD | FWRITE);
523                                 ttyecho(c, tp);
524                                 pgsignal(tp->t_pgrp,
525                                     CCEQ(cc[VINTR], c) ? SIGINT : SIGQUIT, 1);
526                                 goto endcase;
527                         }
528                         if (CCEQ(cc[VSUSP], c)) {
529                                 if (!ISSET(lflag, NOFLSH))
530                                         ttyflush(tp, FREAD);
531                                 ttyecho(c, tp);
532                                 pgsignal(tp->t_pgrp, SIGTSTP, 1);
533                                 goto endcase;
534                         }
535                 }
536                 /*
537                  * Handle start/stop characters.
538                  */
539                 if (ISSET(iflag, IXON)) {
540                         if (CCEQ(cc[VSTOP], c)) {
541                                 if (!ISSET(tp->t_state, TS_TTSTOP)) {
542                                         SET(tp->t_state, TS_TTSTOP);
543                                         (*tp->t_stop)(tp, 0);
544                                         lwkt_reltoken(&tp->t_token);
545                                         return (0);
546                                 }
547                                 if (!CCEQ(cc[VSTART], c)) {
548                                         lwkt_reltoken(&tp->t_token);
549                                         return (0);
550                                 }
551                                 /*
552                                  * if VSTART == VSTOP then toggle
553                                  */
554                                 goto endcase;
555                         }
556                         if (CCEQ(cc[VSTART], c))
557                                 goto restartoutput;
558                 }
559                 /*
560                  * IGNCR, ICRNL, & INLCR
561                  */
562                 if (c == '\r') {
563                         if (ISSET(iflag, IGNCR)) {
564                                 lwkt_reltoken(&tp->t_token);
565                                 return (0);
566                         }
567                         else if (ISSET(iflag, ICRNL))
568                                 c = '\n';
569                 } else if (c == '\n' && ISSET(iflag, INLCR))
570                         c = '\r';
571         }
572         if (!ISSET(tp->t_lflag, EXTPROC) && ISSET(lflag, ICANON)) {
573                 /*
574                  * From here on down canonical mode character
575                  * processing takes place.
576                  */
577                 /*
578                  * erase or erase2 (^H / ^?)
579                  */
580                 if (CCEQ(cc[VERASE], c) || CCEQ(cc[VERASE2], c) ) {
581                         if (tp->t_rawq.c_cc)
582                                 ttyrub(clist_unputc(&tp->t_rawq), tp);
583                         goto endcase;
584                 }
585                 /*
586                  * kill (^U)
587                  */
588                 if (CCEQ(cc[VKILL], c)) {
589                         if (ISSET(lflag, ECHOKE) &&
590                             tp->t_rawq.c_cc == tp->t_rocount &&
591                             !ISSET(lflag, ECHOPRT))
592                                 while (tp->t_rawq.c_cc)
593                                         ttyrub(clist_unputc(&tp->t_rawq), tp);
594                         else {
595                                 ttyecho(c, tp);
596                                 if (ISSET(lflag, ECHOK) ||
597                                     ISSET(lflag, ECHOKE))
598                                         ttyecho('\n', tp);
599                                 FLUSHQ(&tp->t_rawq);
600                                 tp->t_rocount = 0;
601                         }
602                         CLR(tp->t_state, TS_LOCAL);
603                         goto endcase;
604                 }
605                 /*
606                  * word erase (^W)
607                  */
608                 if (CCEQ(cc[VWERASE], c) && ISSET(lflag, IEXTEN)) {
609                         int ctype;
610
611                         /*
612                          * erase whitespace
613                          */
614                         while ((c = clist_unputc(&tp->t_rawq)) == ' ' || c == '\t')
615                                 ttyrub(c, tp);
616                         if (c == -1)
617                                 goto endcase;
618                         /*
619                          * erase last char of word and remember the
620                          * next chars type (for ALTWERASE)
621                          */
622                         ttyrub(c, tp);
623                         c = clist_unputc(&tp->t_rawq);
624                         if (c == -1)
625                                 goto endcase;
626                         if (c == ' ' || c == '\t') {
627                                 clist_putc(c, &tp->t_rawq);
628                                 goto endcase;
629                         }
630                         ctype = ISALPHA(c);
631                         /*
632                          * erase rest of word
633                          */
634                         do {
635                                 ttyrub(c, tp);
636                                 c = clist_unputc(&tp->t_rawq);
637                                 if (c == -1)
638                                         goto endcase;
639                         } while (c != ' ' && c != '\t' &&
640                             (!ISSET(lflag, ALTWERASE) || ISALPHA(c) == ctype));
641                         clist_putc(c, &tp->t_rawq);
642                         goto endcase;
643                 }
644                 /*
645                  * reprint line (^R)
646                  */
647                 if (CCEQ(cc[VREPRINT], c) && ISSET(lflag, IEXTEN)) {
648                         ttyretype(tp);
649                         goto endcase;
650                 }
651                 /*
652                  * ^T - kernel info and generate SIGINFO
653                  */
654                 if (CCEQ(cc[VSTATUS], c) && ISSET(lflag, IEXTEN)) {
655                         if (ISSET(lflag, ISIG))
656                                 pgsignal(tp->t_pgrp, SIGINFO, 1);
657                         if (!ISSET(lflag, NOKERNINFO))
658                                 ttyinfo(tp);
659                         goto endcase;
660                 }
661                 if (CCEQ(cc[VCHECKPT], c) && ISSET(lflag, IEXTEN)) {
662                         if (ISSET(lflag, ISIG))
663                                 pgsignal(tp->t_pgrp, SIGCKPT, 1);
664                         goto endcase;
665                 }
666         }
667         /*
668          * Check for input buffer overflow
669          */
670         if (tp->t_rawq.c_cc + tp->t_canq.c_cc >= MAX_INPUT) {
671 input_overflow:
672                 if (ISSET(iflag, IMAXBEL)) {
673                         if (tp->t_outq.c_cc < tp->t_ohiwat)
674                                 (void)ttyoutput(CTRL('g'), tp);
675                 }
676                 goto endcase;
677         }
678
679         if (   c == 0377 && ISSET(iflag, PARMRK) && !ISSET(iflag, ISTRIP)
680              && ISSET(iflag, IGNBRK|IGNPAR) != (IGNBRK|IGNPAR))
681                 clist_putc(0377 | TTY_QUOTE, &tp->t_rawq);
682
683         /*
684          * Put data char in q for user and
685          * wakeup on seeing a line delimiter.
686          */
687         if (clist_putc(c, &tp->t_rawq) >= 0) {
688                 if (!ISSET(lflag, ICANON)) {
689                         ttwakeup(tp);
690                         ttyecho(c, tp);
691                         goto endcase;
692                 }
693                 if (TTBREAKC(c, lflag)) {
694                         tp->t_rocount = 0;
695                         clist_catq(&tp->t_rawq, &tp->t_canq);
696                         ttwakeup(tp);
697                 } else if (tp->t_rocount++ == 0)
698                         tp->t_rocol = tp->t_column;
699                 if (ISSET(tp->t_state, TS_ERASE)) {
700                         /*
701                          * end of prterase \.../
702                          */
703                         CLR(tp->t_state, TS_ERASE);
704                         (void)ttyoutput('/', tp);
705                 }
706                 i = tp->t_column;
707                 ttyecho(c, tp);
708                 if (CCEQ(cc[VEOF], c) && ISSET(lflag, ECHO)) {
709                         /*
710                          * Place the cursor over the '^' of the ^D.
711                          */
712                         i = imin(2, tp->t_column - i);
713                         while (i > 0) {
714                                 (void)ttyoutput('\b', tp);
715                                 i--;
716                         }
717                 }
718         }
719 endcase:
720         /*
721          * IXANY means allow any character to restart output.
722          */
723         if (ISSET(tp->t_state, TS_TTSTOP) &&
724             !ISSET(iflag, IXANY) && cc[VSTART] != cc[VSTOP]) {
725                 lwkt_reltoken(&tp->t_token);
726                 return (0);
727         }
728 restartoutput:
729         CLR(tp->t_lflag, FLUSHO);
730         CLR(tp->t_state, TS_TTSTOP);
731 startoutput:
732         lwkt_reltoken(&tp->t_token);
733         return (ttstart(tp));
734 }
735
736 /*
737  * Output a single character on a tty, doing output processing
738  * as needed (expanding tabs, newline processing, etc.).
739  * Returns < 0 if succeeds, otherwise returns char to resend.
740  * Must be recursive.
741  */
742 static int
743 ttyoutput(int c, struct tty *tp)
744 {
745         tcflag_t oflag;
746         int col;
747
748         lwkt_gettoken(&tp->t_token);
749         oflag = tp->t_oflag;
750         if (!ISSET(oflag, OPOST)) {
751                 if (ISSET(tp->t_lflag, FLUSHO)) {
752                         lwkt_reltoken(&tp->t_token);
753                         return (-1);
754                 }
755                 if (clist_putc(c, &tp->t_outq)) {
756                         lwkt_reltoken(&tp->t_token);
757                         return (c);
758                 }
759                 tk_nout++;
760                 tp->t_outcc++;
761                 lwkt_reltoken(&tp->t_token);
762                 return (-1);
763         }
764         /*
765          * Do tab expansion if OXTABS is set.  Special case if we external
766          * processing, we don't do the tab expansion because we'll probably
767          * get it wrong.  If tab expansion needs to be done, let it happen
768          * externally.
769          */
770         CLR(c, ~TTY_CHARMASK);
771         if (c == '\t' &&
772             ISSET(oflag, OXTABS) && !ISSET(tp->t_lflag, EXTPROC)) {
773                 c = 8 - (tp->t_column & 7);
774                 if (!ISSET(tp->t_lflag, FLUSHO)) {
775                         c -= clist_btoq("        ", c, &tp->t_outq);
776                         tk_nout += c;
777                         tp->t_outcc += c;
778                 }
779                 tp->t_column += c;
780                 lwkt_reltoken(&tp->t_token);
781                 return (c ? -1 : '\t');
782         }
783         if (c == CEOT && ISSET(oflag, ONOEOT)) {
784                 lwkt_reltoken(&tp->t_token);
785                 return (-1);
786         }
787
788         /*
789          * Newline translation: if ONLCR is set,
790          * translate newline into "\r\n".
791          */
792         if (c == '\n' && ISSET(tp->t_oflag, ONLCR)) {
793                 tk_nout++;
794                 tp->t_outcc++;
795                 if (!ISSET(tp->t_lflag, FLUSHO) && clist_putc('\r', &tp->t_outq)) {
796                         lwkt_reltoken(&tp->t_token);
797                         return (c);
798                 }
799         }
800         /* If OCRNL is set, translate "\r" into "\n". */
801         else if (c == '\r' && ISSET(tp->t_oflag, OCRNL))
802                 c = '\n';
803         /* If ONOCR is set, don't transmit CRs when on column 0. */
804         else if (c == '\r' && ISSET(tp->t_oflag, ONOCR) && tp->t_column == 0) {
805                 lwkt_reltoken(&tp->t_token);
806                 return (-1);
807         }
808
809         tk_nout++;
810         tp->t_outcc++;
811         if (!ISSET(tp->t_lflag, FLUSHO) && clist_putc(c, &tp->t_outq)) {
812                 lwkt_reltoken(&tp->t_token);
813                 return (c);
814         }
815
816         col = tp->t_column;
817         switch (CCLASS(c)) {
818         case BACKSPACE:
819                 if (col > 0)
820                         --col;
821                 break;
822         case CONTROL:
823                 break;
824         case NEWLINE:
825                 if (ISSET(tp->t_oflag, ONLCR | ONLRET))
826                         col = 0;
827                 break;
828         case RETURN:
829                 col = 0;
830                 break;
831         case ORDINARY:
832                 ++col;
833                 break;
834         case TAB:
835                 col = (col + 8) & ~7;
836                 break;
837         }
838         tp->t_column = col;
839         lwkt_reltoken(&tp->t_token);
840
841         return (-1);
842 }
843
844 /*
845  * Ioctls for all tty devices.  Called after line-discipline specific ioctl
846  * has been called to do discipline-specific functions and/or reject any
847  * of these ioctl commands.
848  */
849 /* ARGSUSED */
850 int
851 ttioctl(struct tty *tp, u_long cmd, void *data, int flag)
852 {
853         struct thread *td = curthread;
854         struct lwp *lp = td->td_lwp;
855         struct proc *p = td->td_proc;
856         struct pgrp *opgrp;
857         struct tty *otp;
858         int error;
859
860         KKASSERT(p);
861         lwkt_gettoken(&tp->t_token);
862         lwkt_gettoken(&p->p_token);
863
864         /* If the ioctl involves modification, hang if in the background. */
865         switch (cmd) {
866         case  TIOCCBRK:
867         case  TIOCCONS:
868         case  TIOCDRAIN:
869         case  TIOCEXCL:
870         case  TIOCFLUSH:
871 #ifdef TIOCHPCL
872         case  TIOCHPCL:
873 #endif
874         case  TIOCNXCL:
875         case  TIOCSBRK:
876         case  TIOCSCTTY:
877         case  TIOCSDRAINWAIT:
878         case  TIOCSETA:
879         case  TIOCSETAF:
880         case  TIOCSETAW:
881         case  TIOCSETD:
882         case  TIOCSPGRP:
883         case  TIOCSTART:
884         case  TIOCSTAT:
885         case  TIOCSTI:
886         case  TIOCSTOP:
887         case  TIOCSWINSZ:
888                 while (isbackground(p, tp) && !(p->p_flags & P_PPWAIT) &&
889                     !SIGISMEMBER(p->p_sigignore, SIGTTOU) &&
890                     !SIGISMEMBER(lp->lwp_sigmask, SIGTTOU)) {
891                         if (p->p_pgrp->pg_jobc == 0) {
892                                 lwkt_reltoken(&p->p_token);
893                                 lwkt_reltoken(&tp->t_token);
894                                 return (EIO);
895                         }
896                         pgsignal(p->p_pgrp, SIGTTOU, 1);
897                         error = ttysleep(tp, &lbolt, PCATCH, "ttybg1",
898                                          0);
899                         if (error) {
900                                 lwkt_reltoken(&p->p_token);
901                                 lwkt_reltoken(&tp->t_token);
902                                 return (error);
903                         }
904                 }
905                 break;
906         }
907
908         switch (cmd) {                  /* Process the ioctl. */
909         case FIOASYNC:                  /* set/clear async i/o */
910                 if (*(int *)data)
911                         SET(tp->t_state, TS_ASYNC);
912                 else
913                         CLR(tp->t_state, TS_ASYNC);
914                 break;
915         case FIONREAD:                  /* get # bytes to read */
916                 *(int *)data = ttnread(tp);
917                 break;
918
919         case FIOSETOWN:
920                 /*
921                  * Policy -- Don't allow FIOSETOWN on someone else's 
922                  *           controlling tty
923                  */
924                 if (tp->t_session != NULL && !isctty(p, tp)) {
925                         lwkt_reltoken(&p->p_token);
926                         lwkt_reltoken(&tp->t_token);
927                         return (ENOTTY);
928                 }
929
930                 error = fsetown(*(int *)data, &tp->t_sigio);
931                 if (error) {
932                         lwkt_reltoken(&p->p_token);
933                         lwkt_reltoken(&tp->t_token);
934                         return (error);
935                 }
936                 break;
937         case FIOGETOWN:
938                 if (tp->t_session != NULL && !isctty(p, tp)) {
939                         lwkt_reltoken(&p->p_token);
940                         lwkt_reltoken(&tp->t_token);
941                         return (ENOTTY);
942                 }
943                 *(int *)data = fgetown(&tp->t_sigio);
944                 break;
945
946         case TIOCEXCL:                  /* set exclusive use of tty */
947                 SET(tp->t_state, TS_XCLUDE);
948                 break;
949         case TIOCFLUSH: {               /* flush buffers */
950                 int flags = *(int *)data;
951
952                 if (flags == 0)
953                         flags = FREAD | FWRITE;
954                 else
955                         flags &= FREAD | FWRITE;
956                 ttyflush(tp, flags);
957                 break;
958         }
959         case TIOCCONS:                  /* become virtual console */
960                 if (*(int *)data) {
961                         if (constty && constty != tp &&
962                             ISSET(constty->t_state, TS_CONNECTED)) {
963                                 lwkt_reltoken(&p->p_token);
964                                 lwkt_reltoken(&tp->t_token);
965                                 return (EBUSY);
966                         }
967 #ifndef UCONSOLE
968                         if ((error = priv_check(td, PRIV_ROOT)) != 0) {
969                                 lwkt_reltoken(&p->p_token);
970                                 lwkt_reltoken(&tp->t_token);
971                                 return (error);
972                         }
973 #endif
974                         constty = tp;
975                 } else if (tp == constty)
976                         constty = NULL;
977                 break;
978         case TIOCDRAIN:                 /* wait till output drained */
979                 error = ttywait(tp);
980                 if (error) {
981                         lwkt_reltoken(&p->p_token);
982                         lwkt_reltoken(&tp->t_token);
983                         return (error);
984                 }
985                 break;
986         case TIOCGETA: {                /* get termios struct */
987                 struct termios *t = (struct termios *)data;
988
989                 bcopy(&tp->t_termios, t, sizeof(struct termios));
990                 break;
991         }
992         case TIOCGETD:                  /* get line discipline */
993                 *(int *)data = tp->t_line;
994                 break;
995         case TIOCGWINSZ:                /* get window size */
996                 *(struct winsize *)data = tp->t_winsize;
997                 break;
998         case TIOCGPGRP:                 /* get pgrp of tty */
999                 if (!isctty(p, tp)) {
1000                         lwkt_reltoken(&p->p_token);
1001                         lwkt_reltoken(&tp->t_token);
1002                         return (ENOTTY);
1003                 }
1004                 *(int *)data = tp->t_pgrp ? tp->t_pgrp->pg_id : NO_PID;
1005                 break;
1006         case TIOCGSID:                  /* get sid of tty */
1007                 if (!isctty(p, tp)) {
1008                         lwkt_reltoken(&p->p_token);
1009                         lwkt_reltoken(&tp->t_token);
1010                         return (ENOTTY);
1011                 }
1012                 *(int *)data = tp->t_session->s_sid;
1013                 break;
1014 #ifdef TIOCHPCL
1015         case TIOCHPCL:                  /* hang up on last close */
1016                 SET(tp->t_cflag, HUPCL);
1017                 break;
1018 #endif
1019         case TIOCNXCL:                  /* reset exclusive use of tty */
1020                 CLR(tp->t_state, TS_XCLUDE);
1021                 break;
1022         case TIOCOUTQ:                  /* output queue size */
1023                 *(int *)data = tp->t_outq.c_cc;
1024                 break;
1025         case TIOCSETA:                  /* set termios struct */
1026         case TIOCSETAW:                 /* drain output, set */
1027         case TIOCSETAF: {               /* drn out, fls in, set */
1028                 struct termios *t = (struct termios *)data;
1029
1030                 if (t->c_ispeed == 0)
1031                         t->c_ispeed = t->c_ospeed;
1032                 if (t->c_ispeed == 0)
1033                         t->c_ispeed = tp->t_ospeed;
1034                 if (t->c_ispeed == 0) {
1035                         lwkt_reltoken(&p->p_token);
1036                         lwkt_reltoken(&tp->t_token);
1037                         return (EINVAL);
1038                 }
1039                 if (cmd == TIOCSETAW || cmd == TIOCSETAF) {
1040                         error = ttywait(tp);
1041                         if (error) {
1042                                 lwkt_reltoken(&p->p_token);
1043                                 lwkt_reltoken(&tp->t_token);
1044                                 return (error);
1045                         }
1046                         if (cmd == TIOCSETAF)
1047                                 ttyflush(tp, FREAD);
1048                 }
1049                 if (!ISSET(t->c_cflag, CIGNORE)) {
1050                         /*
1051                          * Set device hardware.
1052                          */
1053                         if (tp->t_param && (error = (*tp->t_param)(tp, t))) {
1054                                 lwkt_reltoken(&p->p_token);
1055                                 lwkt_reltoken(&tp->t_token);
1056                                 return (error);
1057                         }
1058                         if (ISSET(t->c_cflag, CLOCAL) &&
1059                             !ISSET(tp->t_cflag, CLOCAL)) {
1060                                 /*
1061                                  * XXX disconnections would be too hard to
1062                                  * get rid of without this kludge.  The only
1063                                  * way to get rid of controlling terminals
1064                                  * is to exit from the session leader.
1065                                  */
1066                                 CLR(tp->t_state, TS_ZOMBIE);
1067
1068                                 wakeup(TSA_CARR_ON(tp));
1069                                 ttwakeup(tp);
1070                                 ttwwakeup(tp);
1071                         }
1072                         if ((ISSET(tp->t_state, TS_CARR_ON) ||
1073                              ISSET(t->c_cflag, CLOCAL)) &&
1074                             !ISSET(tp->t_state, TS_ZOMBIE))
1075                                 SET(tp->t_state, TS_CONNECTED);
1076                         else
1077                                 CLR(tp->t_state, TS_CONNECTED);
1078                         tp->t_cflag = t->c_cflag;
1079                         tp->t_ispeed = t->c_ispeed;
1080                         if (t->c_ospeed != 0)
1081                                 tp->t_ospeed = t->c_ospeed;
1082                         ttsetwater(tp);
1083                 }
1084                 if (ISSET(t->c_lflag, ICANON) != ISSET(tp->t_lflag, ICANON) &&
1085                     cmd != TIOCSETAF) {
1086                         if (ISSET(t->c_lflag, ICANON))
1087                                 SET(tp->t_lflag, PENDIN);
1088                         else {
1089                                 /*
1090                                  * XXX we really shouldn't allow toggling
1091                                  * ICANON while we're in a non-termios line
1092                                  * discipline.  Now we have to worry about
1093                                  * panicing for a null queue.
1094                                  */
1095                                 if (tp->t_canq.c_ccmax > 0 &&
1096                                     tp->t_rawq.c_ccmax > 0) {
1097                                         clist_catq(&tp->t_rawq, &tp->t_canq);
1098                                         /*
1099                                          * XXX the queue limits may be
1100                                          * different, so the old queue
1101                                          * swapping method no longer works.
1102                                          */
1103                                         clist_catq(&tp->t_canq, &tp->t_rawq);
1104                                 }
1105                                 CLR(tp->t_lflag, PENDIN);
1106                         }
1107                         ttwakeup(tp);
1108                 }
1109                 tp->t_iflag = t->c_iflag;
1110                 tp->t_oflag = t->c_oflag;
1111                 /*
1112                  * Make the EXTPROC bit read only.
1113                  */
1114                 if (ISSET(tp->t_lflag, EXTPROC))
1115                         SET(t->c_lflag, EXTPROC);
1116                 else
1117                         CLR(t->c_lflag, EXTPROC);
1118                 tp->t_lflag = t->c_lflag | ISSET(tp->t_lflag, PENDIN);
1119                 if (t->c_cc[VMIN] != tp->t_cc[VMIN] ||
1120                     t->c_cc[VTIME] != tp->t_cc[VTIME])
1121                         ttwakeup(tp);
1122                 bcopy(t->c_cc, tp->t_cc, sizeof(t->c_cc));
1123                 break;
1124         }
1125         case TIOCSETD: {                /* set line discipline */
1126                 int t = *(int *)data;
1127                 cdev_t device = tp->t_dev;
1128
1129                 if ((u_int)t >= nlinesw) {
1130                         lwkt_reltoken(&p->p_token);
1131                         lwkt_reltoken(&tp->t_token);
1132                         return (ENXIO);
1133                 }
1134                 if (t != tp->t_line) {
1135                         (*linesw[tp->t_line].l_close)(tp, flag);
1136                         error = (*linesw[t].l_open)(device, tp);
1137                         if (error) {
1138                                 (void)(*linesw[tp->t_line].l_open)(device, tp);
1139                                 lwkt_reltoken(&p->p_token);
1140                                 lwkt_reltoken(&tp->t_token);
1141                                 return (error);
1142                         }
1143                         tp->t_line = t;
1144                 }
1145                 break;
1146         }
1147         case TIOCSTART:                 /* start output, like ^Q */
1148                 if (ISSET(tp->t_state, TS_TTSTOP) ||
1149                     ISSET(tp->t_lflag, FLUSHO)) {
1150                         CLR(tp->t_lflag, FLUSHO);
1151                         CLR(tp->t_state, TS_TTSTOP);
1152                         ttstart(tp);
1153                 }
1154                 break;
1155         case TIOCSTI:                   /* simulate terminal input */
1156                 if ((flag & FREAD) == 0 && priv_check(td, PRIV_ROOT)) {
1157                         lwkt_reltoken(&p->p_token);
1158                         lwkt_reltoken(&tp->t_token);
1159                         return (EPERM);
1160                 }
1161                 if (!isctty(p, tp) && priv_check(td, PRIV_ROOT)) {
1162                         lwkt_reltoken(&p->p_token);
1163                         lwkt_reltoken(&tp->t_token);
1164                         return (EACCES);
1165                 }
1166                 (*linesw[tp->t_line].l_rint)(*(u_char *)data, tp);
1167                 break;
1168         case TIOCSTOP:                  /* stop output, like ^S */
1169                 if (!ISSET(tp->t_state, TS_TTSTOP)) {
1170                         SET(tp->t_state, TS_TTSTOP);
1171                         (*tp->t_stop)(tp, 0);
1172                 }
1173                 break;
1174         case TIOCSCTTY:                 /* become controlling tty */
1175                 /* Session ctty vnode pointer set in vnode layer. */
1176                 if (!SESS_LEADER(p) ||
1177                     ((p->p_session->s_ttyvp || tp->t_session) &&
1178                     (tp->t_session != p->p_session))) {
1179                         lwkt_reltoken(&p->p_token);
1180                         lwkt_reltoken(&tp->t_token);
1181                         return (EPERM);
1182                 }
1183                 ttyhold(tp);
1184                 tp->t_session = p->p_session;
1185                 opgrp = tp->t_pgrp;
1186                 pgref(p->p_pgrp);
1187                 tp->t_pgrp = p->p_pgrp;
1188                 otp = p->p_session->s_ttyp;
1189                 p->p_session->s_ttyp = tp;
1190                 p->p_flags |= P_CONTROLT;
1191                 if (otp)
1192                         ttyunhold(otp);
1193                 if (opgrp) {
1194                         pgrel(opgrp);
1195                         opgrp = NULL;
1196                 }
1197                 break;
1198         case TIOCSPGRP: {               /* set pgrp of tty */
1199                 pid_t pgid = *(int *)data;
1200
1201                 if (!isctty(p, tp)) {
1202                         lwkt_reltoken(&p->p_token);
1203                         lwkt_reltoken(&tp->t_token);
1204                         return (ENOTTY);
1205                 }
1206                 else if (pgid < 1 || pgid > PID_MAX) {
1207                         lwkt_reltoken(&p->p_token);
1208                         lwkt_reltoken(&tp->t_token);
1209                         return (EINVAL);
1210                 } else {
1211                         struct pgrp *pgrp = pgfind(pgid);
1212                         if (pgrp == NULL || pgrp->pg_session != p->p_session) {
1213                                 if (pgrp)
1214                                         pgrel(pgrp);
1215                                 lwkt_reltoken(&p->p_token);
1216                                 lwkt_reltoken(&tp->t_token);
1217                                 return (EPERM);
1218                         }
1219                         opgrp = tp->t_pgrp;
1220                         tp->t_pgrp = pgrp;
1221                         if (opgrp) {
1222                                 pgrel(opgrp);
1223                                 opgrp = NULL;
1224                         }
1225                 }
1226                 break;
1227         }
1228         case TIOCSTAT:                  /* simulate control-T */
1229                 ttyinfo(tp);
1230                 break;
1231         case TIOCSWINSZ:                /* set window size */
1232                 if (bcmp((caddr_t)&tp->t_winsize, data,
1233                     sizeof (struct winsize))) {
1234                         tp->t_winsize = *(struct winsize *)data;
1235                         pgsignal(tp->t_pgrp, SIGWINCH, 1);
1236                 }
1237                 break;
1238         case TIOCSDRAINWAIT:
1239                 error = priv_check(td, PRIV_ROOT);
1240                 if (error) {
1241                         lwkt_reltoken(&p->p_token);
1242                         lwkt_reltoken(&tp->t_token);
1243                         return (error);
1244                 }
1245                 tp->t_timeout = *(int *)data * hz;
1246                 wakeup(TSA_OCOMPLETE(tp));
1247                 wakeup(TSA_OLOWAT(tp));
1248                 break;
1249         case TIOCGDRAINWAIT:
1250                 *(int *)data = tp->t_timeout / hz;
1251                 break;
1252         default:
1253                 lwkt_reltoken(&p->p_token);
1254                 lwkt_reltoken(&tp->t_token);
1255                 return (ENOIOCTL);
1256         }
1257         lwkt_reltoken(&p->p_token);
1258         lwkt_reltoken(&tp->t_token);
1259         return (0);
1260 }
1261
1262 static struct filterops ttyread_filtops =
1263         { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ttyrdetach, filt_ttyread };
1264 static struct filterops ttywrite_filtops =
1265         { FILTEROP_ISFD|FILTEROP_MPSAFE, NULL, filt_ttywdetach, filt_ttywrite };
1266
1267 int
1268 ttykqfilter(struct dev_kqfilter_args *ap)
1269 {
1270         cdev_t dev = ap->a_head.a_dev;
1271         struct knote *kn = ap->a_kn;
1272         struct tty *tp = dev->si_tty;
1273         struct klist *klist;
1274
1275         ap->a_result = 0;
1276
1277         lwkt_gettoken(&tp->t_token);
1278         switch (kn->kn_filter) {
1279         case EVFILT_READ:
1280                 klist = &tp->t_rkq.ki_note;
1281                 kn->kn_fop = &ttyread_filtops;
1282                 break;
1283         case EVFILT_WRITE:
1284                 klist = &tp->t_wkq.ki_note;
1285                 kn->kn_fop = &ttywrite_filtops;
1286                 break;
1287         default:
1288                 ap->a_result = EOPNOTSUPP;
1289                 lwkt_reltoken(&tp->t_token);
1290                 return (0);
1291         }
1292         lwkt_reltoken(&tp->t_token);
1293         kn->kn_hook = (caddr_t)dev;
1294         knote_insert(klist, kn);
1295
1296         return (0);
1297 }
1298
1299 static void
1300 filt_ttyrdetach(struct knote *kn)
1301 {
1302         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1303
1304         lwkt_gettoken(&tp->t_token);
1305         knote_remove(&tp->t_rkq.ki_note, kn);
1306         lwkt_reltoken(&tp->t_token);
1307 }
1308
1309 static int
1310 filt_ttyread(struct knote *kn, long hint)
1311 {
1312         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1313
1314         lwkt_gettoken(&tp->t_token);
1315         kn->kn_data = ttnread(tp);
1316         if (ISSET(tp->t_state, TS_ZOMBIE)) {
1317                 kn->kn_flags |= (EV_EOF | EV_NODATA);
1318                 lwkt_reltoken(&tp->t_token);
1319                 return (1);
1320         }
1321         lwkt_reltoken(&tp->t_token);
1322         return (kn->kn_data > 0);
1323 }
1324
1325 static void
1326 filt_ttywdetach(struct knote *kn)
1327 {
1328         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1329
1330         lwkt_gettoken(&tp->t_token);
1331         knote_remove(&tp->t_wkq.ki_note, kn);
1332         lwkt_reltoken(&tp->t_token);
1333 }
1334
1335 static int
1336 filt_ttywrite(struct knote *kn, long hint)
1337 {
1338         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1339         int ret;
1340
1341         lwkt_gettoken(&tp->t_token);
1342         kn->kn_data = tp->t_outq.c_cc;
1343         if (ISSET(tp->t_state, TS_ZOMBIE)) {
1344                 lwkt_reltoken(&tp->t_token);
1345                 return (1);
1346         }
1347         ret = (kn->kn_data <= tp->t_olowat &&
1348             ISSET(tp->t_state, TS_CONNECTED));
1349         lwkt_reltoken(&tp->t_token);
1350         return ret;
1351 }
1352
1353 /*
1354  * NOTE: tp->t_token must be held.
1355  */
1356 static int
1357 ttnread(struct tty *tp)
1358 {
1359         int nread;
1360
1361         ASSERT_LWKT_TOKEN_HELD(&tp->t_token);
1362         if (ISSET(tp->t_lflag, PENDIN))
1363                 ttypend(tp);
1364         nread = tp->t_canq.c_cc;
1365         if (!ISSET(tp->t_lflag, ICANON)) {
1366                 nread += tp->t_rawq.c_cc;
1367                 if (nread < tp->t_cc[VMIN] && tp->t_cc[VTIME] == 0)
1368                         nread = 0;
1369         }
1370         return (nread);
1371 }
1372
1373 /*
1374  * Wait for output to drain.
1375  */
1376 int
1377 ttywait(struct tty *tp)
1378 {
1379         int error;
1380
1381         error = 0;
1382         lwkt_gettoken(&tp->t_token);
1383         while ((tp->t_outq.c_cc || ISSET(tp->t_state, TS_BUSY)) &&
1384                ISSET(tp->t_state, TS_CONNECTED) && tp->t_oproc) {
1385                 (*tp->t_oproc)(tp);
1386                 if ((tp->t_outq.c_cc || ISSET(tp->t_state, TS_BUSY)) &&
1387                     ISSET(tp->t_state, TS_CONNECTED)) {
1388                         SET(tp->t_state, TS_SO_OCOMPLETE);
1389                         error = ttysleep(tp, TSA_OCOMPLETE(tp),
1390                                          PCATCH, "ttywai",
1391                                          tp->t_timeout);
1392                         if (error) {
1393                                 if (error == EWOULDBLOCK)
1394                                         error = EIO;
1395                                 break;
1396                         }
1397                 } else
1398                         break;
1399         }
1400         if (!error && (tp->t_outq.c_cc || ISSET(tp->t_state, TS_BUSY)))
1401                 error = EIO;
1402         lwkt_reltoken(&tp->t_token);
1403
1404         return (error);
1405 }
1406
1407 /*
1408  * Flush if successfully wait.
1409  */
1410 static int
1411 ttywflush(struct tty *tp)
1412 {
1413         int error;
1414
1415         if ((error = ttywait(tp)) == 0)
1416                 ttyflush(tp, FREAD);
1417         return (error);
1418 }
1419
1420 /*
1421  * Flush tty read and/or write queues, notifying anyone waiting.
1422  */
1423 void
1424 ttyflush(struct tty *tp, int rw)
1425 {
1426         lwkt_gettoken(&tp->t_token);
1427 #if 0
1428 again:
1429 #endif
1430         if (rw & FWRITE) {
1431                 FLUSHQ(&tp->t_outq);
1432                 CLR(tp->t_state, TS_TTSTOP);
1433         }
1434         (*tp->t_stop)(tp, rw);
1435         if (rw & FREAD) {
1436                 FLUSHQ(&tp->t_canq);
1437                 FLUSHQ(&tp->t_rawq);
1438                 CLR(tp->t_lflag, PENDIN);
1439                 tp->t_rocount = 0;
1440                 tp->t_rocol = 0;
1441                 CLR(tp->t_state, TS_LOCAL);
1442                 ttwakeup(tp);
1443                 if (ISSET(tp->t_state, TS_TBLOCK)) {
1444                         if (rw & FWRITE)
1445                                 FLUSHQ(&tp->t_outq);
1446                         ttyunblock(tp);
1447
1448                         /*
1449                          * Don't let leave any state that might clobber the
1450                          * next line discipline (although we should do more
1451                          * to send the START char).  Not clearing the state
1452                          * may have caused the "putc to a clist with no
1453                          * reserved cblocks" panic/kprintf.
1454                          */
1455                         CLR(tp->t_state, TS_TBLOCK);
1456
1457 #if 0 /* forget it, sleeping isn't always safe and we don't know when it is */
1458                         if (ISSET(tp->t_iflag, IXOFF)) {
1459                                 /*
1460                                  * XXX wait a bit in the hope that the stop
1461                                  * character (if any) will go out.  Waiting
1462                                  * isn't good since it allows races.  This
1463                                  * will be fixed when the stop character is
1464                                  * put in a special queue.  Don't bother with
1465                                  * the checks in ttywait() since the timeout
1466                                  * will save us.
1467                                  */
1468                                 SET(tp->t_state, TS_SO_OCOMPLETE);
1469                                 ttysleep(tp, TSA_OCOMPLETE(tp), 0,
1470                                          "ttyfls", hz / 10);
1471                                 /*
1472                                  * Don't try sending the stop character again.
1473                                  */
1474                                 CLR(tp->t_state, TS_TBLOCK);
1475                                 goto again;
1476                         }
1477 #endif
1478                 }
1479         }
1480         if (rw & FWRITE) {
1481                 FLUSHQ(&tp->t_outq);
1482                 ttwwakeup(tp);
1483         }
1484         lwkt_reltoken(&tp->t_token);
1485 }
1486
1487 /*
1488  * Copy in the default termios characters.
1489  */
1490 void
1491 termioschars(struct termios *t)
1492 {
1493         bcopy(ttydefchars, t->c_cc, sizeof t->c_cc);
1494 }
1495
1496 /*
1497  * Old interface.
1498  */
1499 void
1500 ttychars(struct tty *tp)
1501 {
1502         lwkt_gettoken(&tp->t_token);
1503         termioschars(&tp->t_termios);
1504         lwkt_reltoken(&tp->t_token);
1505 }
1506
1507 /*
1508  * Handle input high water.  Send stop character for the IXOFF case.  Turn
1509  * on our input flow control bit and propagate the changes to the driver.
1510  * XXX the stop character should be put in a special high priority queue.
1511  */
1512 void
1513 ttyblock(struct tty *tp)
1514 {
1515         lwkt_gettoken(&tp->t_token);
1516         SET(tp->t_state, TS_TBLOCK);
1517         if (ISSET(tp->t_iflag, IXOFF) && tp->t_cc[VSTOP] != _POSIX_VDISABLE &&
1518             clist_putc(tp->t_cc[VSTOP], &tp->t_outq) != 0)
1519                 CLR(tp->t_state, TS_TBLOCK);    /* try again later */
1520         ttstart(tp);
1521         lwkt_reltoken(&tp->t_token);
1522 }
1523
1524 /*
1525  * Handle input low water.  Send start character for the IXOFF case.  Turn
1526  * off our input flow control bit and propagate the changes to the driver.
1527  * XXX the start character should be put in a special high priority queue.
1528  */
1529 static void
1530 ttyunblock(struct tty *tp)
1531 {
1532         lwkt_gettoken(&tp->t_token);
1533         CLR(tp->t_state, TS_TBLOCK);
1534         if (ISSET(tp->t_iflag, IXOFF) && tp->t_cc[VSTART] != _POSIX_VDISABLE &&
1535             clist_putc(tp->t_cc[VSTART], &tp->t_outq) != 0)
1536                 SET(tp->t_state, TS_TBLOCK);    /* try again later */
1537         ttstart(tp);
1538         lwkt_reltoken(&tp->t_token);
1539 }
1540
1541 int
1542 ttstart(struct tty *tp)
1543 {
1544         lwkt_gettoken(&tp->t_token);
1545         if (tp->t_oproc != NULL)        /* XXX: Kludge for pty. */
1546                 (*tp->t_oproc)(tp);
1547         lwkt_reltoken(&tp->t_token);
1548         return (0);
1549 }
1550
1551 /*
1552  * "close" a line discipline
1553  */
1554 int
1555 ttylclose(struct tty *tp, int flag)
1556 {
1557         lwkt_gettoken(&tp->t_token);
1558         if (flag & FNONBLOCK || ttywflush(tp))
1559                 ttyflush(tp, FREAD | FWRITE);
1560         lwkt_reltoken(&tp->t_token);
1561         return (0);
1562 }
1563
1564 void
1565 ttyhold(struct tty *tp)
1566 {
1567         lwkt_gettoken(&tp->t_token);
1568         ++tp->t_refs;
1569         lwkt_reltoken(&tp->t_token);
1570 }
1571
1572 void
1573 ttyunhold(struct tty *tp)
1574 {
1575         lwkt_gettoken(&tp->t_token);
1576         if (tp->t_unhold)
1577                 tp->t_unhold(tp);
1578         else
1579                 --tp->t_refs;
1580         lwkt_reltoken(&tp->t_token);
1581 }
1582
1583 /*
1584  * Handle modem control transition on a tty.
1585  * Flag indicates new state of carrier.
1586  * Returns 0 if the line should be turned off, otherwise 1.
1587  */
1588 int
1589 ttymodem(struct tty *tp, int flag)
1590 {
1591         lwkt_gettoken(&tp->t_token);
1592         if (ISSET(tp->t_state, TS_CARR_ON) && ISSET(tp->t_cflag, MDMBUF)) {
1593                 /*
1594                  * MDMBUF: do flow control according to carrier flag
1595                  * XXX TS_CAR_OFLOW doesn't do anything yet.  TS_TTSTOP
1596                  * works if IXON and IXANY are clear.
1597                  */
1598                 if (flag) {
1599                         CLR(tp->t_state, TS_CAR_OFLOW);
1600                         CLR(tp->t_state, TS_TTSTOP);
1601                         ttstart(tp);
1602                 } else if (!ISSET(tp->t_state, TS_CAR_OFLOW)) {
1603                         SET(tp->t_state, TS_CAR_OFLOW);
1604                         SET(tp->t_state, TS_TTSTOP);
1605                         (*tp->t_stop)(tp, 0);
1606                 }
1607         } else if (flag == 0) {
1608                 /*
1609                  * Lost carrier.
1610                  */
1611                 CLR(tp->t_state, TS_CARR_ON);
1612                 if (ISSET(tp->t_state, TS_ISOPEN) &&
1613                     !ISSET(tp->t_cflag, CLOCAL)) {
1614                         SET(tp->t_state, TS_ZOMBIE);
1615                         CLR(tp->t_state, TS_CONNECTED);
1616                         if (tp->t_session && tp->t_session->s_leader)
1617                                 ksignal(tp->t_session->s_leader, SIGHUP);
1618                         ttyflush(tp, FREAD | FWRITE);
1619                         lwkt_reltoken(&tp->t_token);
1620                         return (0);
1621                 }
1622         } else {
1623                 /*
1624                  * Carrier now on.
1625                  */
1626                 SET(tp->t_state, TS_CARR_ON);
1627                 if (!ISSET(tp->t_state, TS_ZOMBIE))
1628                         SET(tp->t_state, TS_CONNECTED);
1629                 wakeup(TSA_CARR_ON(tp));
1630                 ttwakeup(tp);
1631                 ttwwakeup(tp);
1632         }
1633         lwkt_reltoken(&tp->t_token);
1634         return (1);
1635 }
1636
1637 /*
1638  * Reinput pending characters after state switch
1639  */
1640 static void
1641 ttypend(struct tty *tp)
1642 {
1643         struct clist tq;
1644         int c;
1645
1646         lwkt_gettoken(&tp->t_token);
1647         CLR(tp->t_lflag, PENDIN);
1648         SET(tp->t_state, TS_TYPEN);
1649         /*
1650          * XXX this assumes too much about clist internals.  It may even
1651          * fail if the cblock slush pool is empty.  We can't allocate more
1652          * cblocks here because we are called from an interrupt handler
1653          * and clist_alloc_cblocks() can wait.
1654          */
1655         tq = tp->t_rawq;
1656         bzero(&tp->t_rawq, sizeof tp->t_rawq);
1657         clist_alloc_cblocks(&tp->t_rawq, tq.c_ccmax);
1658         while ((c = clist_getc(&tq)) >= 0)
1659                 ttyinput(c, tp);
1660         CLR(tp->t_state, TS_TYPEN);
1661         clist_free_cblocks(&tq);
1662         lwkt_reltoken(&tp->t_token);
1663 }
1664
1665 /*
1666  * Process a read call on a tty device.
1667  */
1668 int
1669 ttread(struct tty *tp, struct uio *uio, int flag)
1670 {
1671         struct clist *qp;
1672         int c;
1673         tcflag_t lflag;
1674         cc_t *cc = tp->t_cc;
1675         struct proc *pp;
1676         struct lwp *lp;
1677         int first, error = 0;
1678         int has_stime = 0, last_cc = 0;
1679         long slp = 0;           /* XXX this should be renamed `timo'. */
1680         struct timeval stime;
1681
1682         lp = curthread->td_lwp;
1683         stime.tv_sec = 0;       /* fix compiler warnings */
1684         stime.tv_usec = 0;
1685
1686         lwkt_gettoken(&tp->t_token);
1687 loop:
1688         lflag = tp->t_lflag;
1689         /*
1690          * take pending input first
1691          */
1692         if (ISSET(lflag, PENDIN)) {
1693                 ttypend(tp);
1694                 splz();         /* reduce latency */
1695                 lflag = tp->t_lflag;    /* XXX ttypend() clobbers it */
1696         }
1697
1698         /*
1699          * Hang process if it's in the background.
1700          */
1701         if ((pp = curproc) != NULL)
1702                 lwkt_gettoken(&pp->p_token);
1703         if (pp && isbackground(pp, tp)) {
1704                 if (SIGISMEMBER(pp->p_sigignore, SIGTTIN) ||
1705                     SIGISMEMBER(lp->lwp_sigmask, SIGTTIN) ||
1706                     (pp->p_flags & P_PPWAIT) || pp->p_pgrp->pg_jobc == 0) {
1707                         lwkt_reltoken(&pp->p_token);
1708                         lwkt_reltoken(&tp->t_token);
1709                         return (EIO);
1710                 }
1711                 pgsignal(pp->p_pgrp, SIGTTIN, 1);
1712                 error = ttysleep(tp, &lbolt, PCATCH, "ttybg2", 0);
1713                 if (error) {
1714                         lwkt_reltoken(&pp->p_token);
1715                         lwkt_reltoken(&tp->t_token);
1716                         return (error);
1717                 }
1718                 lwkt_reltoken(&pp->p_token);
1719                 goto loop;
1720         }
1721         if (pp)
1722                 lwkt_reltoken(&pp->p_token);
1723
1724         if (ISSET(tp->t_state, TS_ZOMBIE)) {
1725                 lwkt_reltoken(&tp->t_token);
1726                 return (0);     /* EOF */
1727         }
1728
1729         /*
1730          * If canonical, use the canonical queue,
1731          * else use the raw queue.
1732          *
1733          * (should get rid of clists...)
1734          */
1735         qp = ISSET(lflag, ICANON) ? &tp->t_canq : &tp->t_rawq;
1736
1737         if (flag & IO_NDELAY) {
1738                 if (qp->c_cc > 0)
1739                         goto read;
1740                 if (!ISSET(lflag, ICANON) && cc[VMIN] == 0) {
1741                         lwkt_reltoken(&tp->t_token);
1742                         return (0);
1743                 }
1744                 lwkt_reltoken(&tp->t_token);
1745                 return (EWOULDBLOCK);
1746         }
1747         if (!ISSET(lflag, ICANON)) {
1748                 int m = cc[VMIN];
1749                 long t = cc[VTIME];
1750                 struct timeval timecopy;
1751
1752                 /*
1753                  * Check each of the four combinations.
1754                  * (m > 0 && t == 0) is the normal read case.
1755                  * It should be fairly efficient, so we check that and its
1756                  * companion case (m == 0 && t == 0) first.
1757                  * For the other two cases, we compute the target sleep time
1758                  * into slp.
1759                  */
1760                 if (t == 0) {
1761                         if (qp->c_cc < m)
1762                                 goto sleep;
1763                         if (qp->c_cc > 0)
1764                                 goto read;
1765
1766                         /* m, t and qp->c_cc are all 0.  0 is enough input. */
1767                         lwkt_reltoken(&tp->t_token);
1768                         return (0);
1769                 }
1770                 t *= 100000;            /* time in us */
1771 #define diff(t1, t2) (((t1).tv_sec - (t2).tv_sec) * 1000000 + \
1772                          ((t1).tv_usec - (t2).tv_usec))
1773                 if (m > 0) {
1774                         if (qp->c_cc <= 0)
1775                                 goto sleep;
1776                         if (qp->c_cc >= m)
1777                                 goto read;
1778                         getmicrotime(&timecopy);
1779                         if (has_stime == 0) {
1780                                 /* first character, start timer */
1781                                 has_stime = 1;
1782                                 stime = timecopy;
1783                                 slp = t;
1784                         } else if (qp->c_cc > last_cc) {
1785                                 /* got a character, restart timer */
1786                                 stime = timecopy;
1787                                 slp = t;
1788                         } else {
1789                                 /* nothing, check expiration */
1790                                 slp = t - diff(timecopy, stime);
1791                                 if (slp <= 0)
1792                                         goto read;
1793                         }
1794                         last_cc = qp->c_cc;
1795                 } else {        /* m == 0 */
1796                         if (qp->c_cc > 0)
1797                                 goto read;
1798                         getmicrotime(&timecopy);
1799                         if (has_stime == 0) {
1800                                 has_stime = 1;
1801                                 stime = timecopy;
1802                                 slp = t;
1803                         } else {
1804                                 slp = t - diff(timecopy, stime);
1805                                 if (slp <= 0) {
1806                                         /* Timed out, but 0 is enough input. */
1807                                         lwkt_reltoken(&tp->t_token);
1808                                         return (0);
1809                                 }
1810                         }
1811                 }
1812 #undef diff
1813                 /*
1814                  * Rounding down may make us wake up just short
1815                  * of the target, so we round up.
1816                  * The formula is ceiling(slp * hz/1000000).
1817                  * 32-bit arithmetic is enough for hz < 169.
1818                  * XXX see tvtohz() for how to avoid overflow if hz
1819                  * is large (divide by `tick' and/or arrange to
1820                  * use tvtohz() if hz is large).
1821                  */
1822                 slp = (long) (((u_long)slp * hz) + 999999) / 1000000;
1823                 goto sleep;
1824         }
1825         if (qp->c_cc <= 0) {
1826 sleep:
1827                 /*
1828                  * There is no input, or not enough input and we can block.
1829                  */
1830                 error = ttysleep(tp, TSA_HUP_OR_INPUT(tp), PCATCH,
1831                                  ISSET(tp->t_state, TS_CONNECTED) ?
1832                                  "ttyin" : "ttyhup", (int)slp);
1833                 if (error == EWOULDBLOCK)
1834                         error = 0;
1835                 else if (error) {
1836                         lwkt_reltoken(&tp->t_token);
1837                         return (error);
1838                 }
1839                 /*
1840                  * XXX what happens if another process eats some input
1841                  * while we are asleep (not just here)?  It would be
1842                  * safest to detect changes and reset our state variables
1843                  * (has_stime and last_cc).
1844                  */
1845                 slp = 0;
1846                 goto loop;
1847         }
1848 read:
1849         /*
1850          * Input present, check for input mapping and processing.
1851          */
1852         first = 1;
1853         if (ISSET(lflag, ICANON | ISIG))
1854                 goto slowcase;
1855         for (;;) {
1856                 char ibuf[IBUFSIZ];
1857                 int icc;
1858
1859                 icc = (int)szmin(uio->uio_resid, IBUFSIZ);
1860                 icc = clist_qtob(qp, ibuf, icc);
1861                 if (icc <= 0) {
1862                         if (first)
1863                                 goto loop;
1864                         break;
1865                 }
1866                 error = uiomove(ibuf, (size_t)icc, uio);
1867                 /*
1868                  * XXX if there was an error then we should ungetc() the
1869                  * unmoved chars and reduce icc here.
1870                  */
1871                 if (error)
1872                         break;
1873                 if (uio->uio_resid == 0)
1874                         break;
1875                 first = 0;
1876         }
1877         goto out;
1878 slowcase:
1879         for (;;) {
1880                 c = clist_getc(qp);
1881                 if (c < 0) {
1882                         if (first)
1883                                 goto loop;
1884                         break;
1885                 }
1886                 /*
1887                  * delayed suspend (^Y)
1888                  */
1889                 if (CCEQ(cc[VDSUSP], c) &&
1890                     ISSET(lflag, IEXTEN | ISIG) == (IEXTEN | ISIG)) {
1891                         pgsignal(tp->t_pgrp, SIGTSTP, 1);
1892                         if (first) {
1893                                 error = ttysleep(tp, &lbolt, PCATCH,
1894                                                  "ttybg3", 0);
1895                                 if (error)
1896                                         break;
1897                                 goto loop;
1898                         }
1899                         break;
1900                 }
1901                 /*
1902                  * Interpret EOF only in canonical mode.
1903                  */
1904                 if (CCEQ(cc[VEOF], c) && ISSET(lflag, ICANON))
1905                         break;
1906                 /*
1907                  * Give user character.
1908                  */
1909                 error = ureadc(c, uio);
1910                 if (error)
1911                         /* XXX should ungetc(c, qp). */
1912                         break;
1913                 if (uio->uio_resid == 0)
1914                         break;
1915                 /*
1916                  * In canonical mode check for a "break character"
1917                  * marking the end of a "line of input".
1918                  */
1919                 if (ISSET(lflag, ICANON) && TTBREAKC(c, lflag))
1920                         break;
1921                 first = 0;
1922         }
1923
1924 out:
1925         /*
1926          * Look to unblock input now that (presumably)
1927          * the input queue has gone down.
1928          */
1929         if (ISSET(tp->t_state, TS_TBLOCK) &&
1930             tp->t_rawq.c_cc + tp->t_canq.c_cc <= tp->t_ilowat) {
1931                 ttyunblock(tp);
1932         }
1933
1934         lwkt_reltoken(&tp->t_token);
1935         return (error);
1936 }
1937
1938 /*
1939  * Check the output queue on tp for space for a kernel message (from uprintf
1940  * or tprintf).  Allow some space over the normal hiwater mark so we don't
1941  * lose messages due to normal flow control, but don't let the tty run amok.
1942  * Sleeps here are not interruptible, but we return prematurely if new signals
1943  * arrive.
1944  */
1945 int
1946 ttycheckoutq(struct tty *tp, int wait)
1947 {
1948         struct lwp *lp = curthread->td_lwp;
1949         int hiwat;
1950         sigset_t oldset, newset;
1951
1952         lwkt_gettoken(&tp->t_token);
1953         hiwat = tp->t_ohiwat;
1954         SIGEMPTYSET(oldset);
1955         SIGEMPTYSET(newset);
1956         if (wait)
1957                 oldset = lwp_sigpend(lp);
1958         if (tp->t_outq.c_cc > hiwat + OBUFSIZ + 100) {
1959                 while (tp->t_outq.c_cc > hiwat) {
1960                         ttstart(tp);
1961                         if (tp->t_outq.c_cc <= hiwat)
1962                                 break;
1963                         if (wait)
1964                                 newset = lwp_sigpend(lp);
1965                         if (!wait || SIGSETNEQ(oldset, newset)) {
1966                                 lwkt_reltoken(&tp->t_token);
1967                                 return (0);
1968                         }
1969                         SET(tp->t_state, TS_SO_OLOWAT);
1970                         tsleep(TSA_OLOWAT(tp), 0, "ttoutq", hz);
1971                 }
1972         }
1973         lwkt_reltoken(&tp->t_token);
1974         return (1);
1975 }
1976
1977 /*
1978  * Process a write call on a tty device.
1979  */
1980 int
1981 ttwrite(struct tty *tp, struct uio *uio, int flag)
1982 {
1983         char *cp = NULL;
1984         int cc, ce;
1985         struct proc *pp;
1986         struct lwp *lp;
1987         int i, hiwat, error;
1988         size_t cnt;
1989
1990         char obuf[OBUFSIZ];
1991
1992         lwkt_gettoken(&tp->t_token);
1993         lp = curthread->td_lwp;
1994         hiwat = tp->t_ohiwat;
1995         cnt = uio->uio_resid;
1996         error = 0;
1997         cc = 0;
1998 loop:
1999         if (ISSET(tp->t_state, TS_ZOMBIE)) {
2000                 if (uio->uio_resid == cnt)
2001                         error = EIO;
2002                 goto out;
2003         }
2004         if (!ISSET(tp->t_state, TS_CONNECTED)) {
2005                 if (flag & IO_NDELAY) {
2006                         error = EWOULDBLOCK;
2007                         goto out;
2008                 }
2009                 error = ttysleep(tp, TSA_CARR_ON(tp), PCATCH, "ttydcd", 0);
2010                 if (error)
2011                         goto out;
2012                 goto loop;
2013         }
2014
2015         /*
2016          * Hang the process if it's in the background.
2017          */
2018         if ((pp = curproc) != NULL)
2019                 lwkt_gettoken(&pp->p_token);
2020         if (pp && isbackground(pp, tp) &&
2021             ISSET(tp->t_lflag, TOSTOP) && !(pp->p_flags & P_PPWAIT) &&
2022             !SIGISMEMBER(pp->p_sigignore, SIGTTOU) &&
2023             !SIGISMEMBER(lp->lwp_sigmask, SIGTTOU)) {
2024                 if (pp->p_pgrp->pg_jobc == 0) {
2025                         error = EIO;
2026                         lwkt_reltoken(&pp->p_token);
2027                         goto out;
2028                 }
2029                 pgsignal(pp->p_pgrp, SIGTTOU, 1);
2030                 lwkt_reltoken(&pp->p_token);
2031                 error = ttysleep(tp, &lbolt, PCATCH, "ttybg4", 0);
2032                 if (error)
2033                         goto out;
2034                 goto loop;
2035         }
2036         if (pp)
2037                 lwkt_reltoken(&pp->p_token);
2038         /*
2039          * Process the user's data in at most OBUFSIZ chunks.  Perform any
2040          * output translation.  Keep track of high water mark, sleep on
2041          * overflow awaiting device aid in acquiring new space.
2042          */
2043         while (uio->uio_resid > 0 || cc > 0) {
2044                 if (ISSET(tp->t_lflag, FLUSHO)) {
2045                         uio->uio_resid = 0;
2046                         lwkt_reltoken(&tp->t_token);
2047                         return (0);
2048                 }
2049                 if (tp->t_outq.c_cc > hiwat)
2050                         goto ovhiwat;
2051                 /*
2052                  * Grab a hunk of data from the user, unless we have some
2053                  * leftover from last time.
2054                  */
2055                 if (cc == 0) {
2056                         cc = szmin(uio->uio_resid, OBUFSIZ);
2057                         cp = obuf;
2058                         error = uiomove(cp, (size_t)cc, uio);
2059                         if (error) {
2060                                 cc = 0;
2061                                 break;
2062                         }
2063                 }
2064                 /*
2065                  * If nothing fancy need be done, grab those characters we
2066                  * can handle without any of ttyoutput's processing and
2067                  * just transfer them to the output q.  For those chars
2068                  * which require special processing (as indicated by the
2069                  * bits in char_type), call ttyoutput.  After processing
2070                  * a hunk of data, look for FLUSHO so ^O's will take effect
2071                  * immediately.
2072                  */
2073                 while (cc > 0) {
2074                         if (!ISSET(tp->t_oflag, OPOST))
2075                                 ce = cc;
2076                         else {
2077                                 ce = cc - scanc((u_int)cc, (u_char *)cp,
2078                                                 char_type, CCLASSMASK);
2079                                 /*
2080                                  * If ce is zero, then we're processing
2081                                  * a special character through ttyoutput.
2082                                  */
2083                                 if (ce == 0) {
2084                                         tp->t_rocount = 0;
2085                                         if (ttyoutput(*cp, tp) >= 0) {
2086                                                 /* No Clists, wait a bit. */
2087                                                 ttstart(tp);
2088                                                 if (flag & IO_NDELAY) {
2089                                                         error = EWOULDBLOCK;
2090                                                         goto out;
2091                                                 }
2092                                                 error = ttysleep(tp, &lbolt,
2093                                                                  PCATCH,
2094                                                                  "ttybf1", 0);
2095                                                 if (error)
2096                                                         goto out;
2097                                                 goto loop;
2098                                         }
2099                                         cp++;
2100                                         cc--;
2101                                         if (ISSET(tp->t_lflag, FLUSHO) ||
2102                                             tp->t_outq.c_cc > hiwat)
2103                                                 goto ovhiwat;
2104                                         continue;
2105                                 }
2106                         }
2107                         /*
2108                          * A bunch of normal characters have been found.
2109                          * Transfer them en masse to the output queue and
2110                          * continue processing at the top of the loop.
2111                          * If there are any further characters in this
2112                          * <= OBUFSIZ chunk, the first should be a character
2113                          * requiring special handling by ttyoutput.
2114                          */
2115                         tp->t_rocount = 0;
2116                         i = clist_btoq(cp, ce, &tp->t_outq);
2117                         ce -= i;
2118                         tp->t_column += ce;
2119                         cp += ce, cc -= ce, tk_nout += ce;
2120                         tp->t_outcc += ce;
2121                         if (i > 0) {
2122                                 /* No Clists, wait a bit. */
2123                                 ttstart(tp);
2124                                 if (flag & IO_NDELAY) {
2125                                         error = EWOULDBLOCK;
2126                                         goto out;
2127                                 }
2128                                 error = ttysleep(tp, &lbolt, PCATCH,
2129                                                  "ttybf2", 0);
2130                                 if (error)
2131                                         goto out;
2132                                 goto loop;
2133                         }
2134                         if (ISSET(tp->t_lflag, FLUSHO) ||
2135                             tp->t_outq.c_cc > hiwat)
2136                                 break;
2137                 }
2138                 ttstart(tp);
2139         }
2140 out:
2141         /*
2142          * If cc is nonzero, we leave the uio structure inconsistent, as the
2143          * offset and iov pointers have moved forward, but it doesn't matter
2144          * (the call will either return short or restart with a new uio).
2145          */
2146         uio->uio_resid += cc;
2147         lwkt_reltoken(&tp->t_token);
2148         return (error);
2149
2150 ovhiwat:
2151         ttstart(tp);
2152         /*
2153          * This can only occur if FLUSHO is set in t_lflag,
2154          * or if ttstart/oproc is synchronous (or very fast).
2155          */
2156         if (tp->t_outq.c_cc <= hiwat) {
2157                 goto loop;
2158         }
2159         if (flag & IO_NDELAY) {
2160                 uio->uio_resid += cc;
2161                 lwkt_reltoken(&tp->t_token);
2162                 return (uio->uio_resid == cnt ? EWOULDBLOCK : 0);
2163         }
2164         SET(tp->t_state, TS_SO_OLOWAT);
2165         error = ttysleep(tp, TSA_OLOWAT(tp), PCATCH, "ttywri", tp->t_timeout);
2166         if (error == EWOULDBLOCK)
2167                 error = EIO;
2168         if (error)
2169                 goto out;
2170         goto loop;
2171 }
2172
2173 /*
2174  * Rubout one character from the rawq of tp
2175  * as cleanly as possible.
2176  * NOTE: Must be called with tp->t_token held
2177  */
2178 static void
2179 ttyrub(int c, struct tty *tp)
2180 {
2181         void *cp;
2182         int savecol;
2183         int tabc;
2184
2185         ASSERT_LWKT_TOKEN_HELD(&tp->t_token);
2186         if (!ISSET(tp->t_lflag, ECHO) || ISSET(tp->t_lflag, EXTPROC))
2187                 return;
2188         CLR(tp->t_lflag, FLUSHO);
2189         if (ISSET(tp->t_lflag, ECHOE)) {
2190                 if (tp->t_rocount == 0) {
2191                         /*
2192                          * Screwed by ttwrite; retype
2193                          */
2194                         ttyretype(tp);
2195                         return;
2196                 }
2197                 if (c == ('\t' | TTY_QUOTE) || c == ('\n' | TTY_QUOTE))
2198                         ttyrubo(tp, 2);
2199                 else {
2200                         CLR(c, ~TTY_CHARMASK);
2201                         switch (CCLASS(c)) {
2202                         case ORDINARY:
2203                                 ttyrubo(tp, 1);
2204                                 break;
2205                         case BACKSPACE:
2206                         case CONTROL:
2207                         case NEWLINE:
2208                         case RETURN:
2209                         case VTAB:
2210                                 if (ISSET(tp->t_lflag, ECHOCTL))
2211                                         ttyrubo(tp, 2);
2212                                 break;
2213                         case TAB:
2214                                 if (tp->t_rocount < tp->t_rawq.c_cc) {
2215                                         ttyretype(tp);
2216                                         return;
2217                                 }
2218                                 savecol = tp->t_column;
2219                                 SET(tp->t_state, TS_CNTTB);
2220                                 SET(tp->t_lflag, FLUSHO);
2221                                 tp->t_column = tp->t_rocol;
2222
2223                                 cp = clist_nextc(&tp->t_rawq, NULL, &tabc);
2224                                 while (cp) {
2225                                         ttyecho(tabc, tp);
2226                                         cp = clist_nextc(&tp->t_rawq,
2227                                                          cp, &tabc);
2228                                 }
2229                                 CLR(tp->t_lflag, FLUSHO);
2230                                 CLR(tp->t_state, TS_CNTTB);
2231
2232                                 /* savecol will now be length of the tab. */
2233                                 savecol -= tp->t_column;
2234                                 tp->t_column += savecol;
2235                                 if (savecol > 8)
2236                                         savecol = 8;    /* overflow screw */
2237                                 while (--savecol >= 0)
2238                                         (void)ttyoutput('\b', tp);
2239                                 break;
2240                         default:                        /* XXX */
2241 #define PANICSTR        "ttyrub: would panic c = %d, val = %d\n"
2242                                 (void)kprintf(PANICSTR, c, CCLASS(c));
2243 #ifdef notdef
2244                                 panic(PANICSTR, c, CCLASS(c));
2245 #endif
2246                         }
2247                 }
2248         } else if (ISSET(tp->t_lflag, ECHOPRT)) {
2249                 if (!ISSET(tp->t_state, TS_ERASE)) {
2250                         SET(tp->t_state, TS_ERASE);
2251                         (void)ttyoutput('\\', tp);
2252                 }
2253                 ttyecho(c, tp);
2254         } else {
2255                 ttyecho(tp->t_cc[VERASE], tp);
2256                 /*
2257                  * This code may be executed not only when an ERASE key
2258                  * is pressed, but also when ^U (KILL) or ^W (WERASE) are.
2259                  * So, I didn't think it was worthwhile to pass the extra
2260                  * information (which would need an extra parameter,
2261                  * changing every call) needed to distinguish the ERASE2
2262                  * case from the ERASE.
2263                  */
2264         }
2265         --tp->t_rocount;
2266 }
2267
2268 /*
2269  * Back over cnt characters, erasing them.
2270  * NOTE: Must be called with tp->t_token held
2271  */
2272 static void
2273 ttyrubo(struct tty *tp, int cnt)
2274 {
2275         ASSERT_LWKT_TOKEN_HELD(&tp->t_token);
2276         while (cnt-- > 0) {
2277                 (void)ttyoutput('\b', tp);
2278                 (void)ttyoutput(' ', tp);
2279                 (void)ttyoutput('\b', tp);
2280         }
2281 }
2282
2283 /*
2284  * ttyretype --
2285  *      Reprint the rawq line.  Note, it is assumed that c_cc has already
2286  *      been checked.
2287  * NOTE: Must be called with tp->t_token held
2288  */
2289 static void
2290 ttyretype(struct tty *tp)
2291 {
2292         void *cp;
2293         int c;
2294
2295         ASSERT_LWKT_TOKEN_HELD(&tp->t_token);
2296         /* Echo the reprint character. */
2297         if (tp->t_cc[VREPRINT] != _POSIX_VDISABLE)
2298                 ttyecho(tp->t_cc[VREPRINT], tp);
2299
2300         (void)ttyoutput('\n', tp);
2301
2302         /*
2303          * XXX
2304          * FIX: NEXTC IS BROKEN - DOESN'T CHECK QUOTE
2305          * BIT OF FIRST CHAR.
2306          */
2307         cp = clist_nextc(&tp->t_canq, NULL, &c);
2308         while (cp) {
2309                 ttyecho(c, tp);
2310                 cp = clist_nextc(&tp->t_canq, cp, &c);
2311         }
2312         cp = clist_nextc(&tp->t_rawq, NULL, &c);
2313         while (cp) {
2314                 ttyecho(c, tp);
2315                 cp = clist_nextc(&tp->t_rawq, cp, &c);
2316         }
2317         CLR(tp->t_state, TS_ERASE);
2318
2319         tp->t_rocount = tp->t_rawq.c_cc;
2320         tp->t_rocol = 0;
2321 }
2322
2323 /*
2324  * Echo a typed character to the terminal.
2325  * NOTE: Must be called with tp->t_token held
2326  */
2327 static void
2328 ttyecho(int c, struct tty *tp)
2329 {
2330         ASSERT_LWKT_TOKEN_HELD(&tp->t_token);
2331
2332         if (!ISSET(tp->t_state, TS_CNTTB))
2333                 CLR(tp->t_lflag, FLUSHO);
2334         if ((!ISSET(tp->t_lflag, ECHO) &&
2335              (c != '\n' || !ISSET(tp->t_lflag, ECHONL))) ||
2336             ISSET(tp->t_lflag, EXTPROC))
2337                 return;
2338         if (ISSET(tp->t_lflag, ECHOCTL) &&
2339             ((ISSET(c, TTY_CHARMASK) <= 037 && c != '\t' && c != '\n') ||
2340             ISSET(c, TTY_CHARMASK) == 0177)) {
2341                 (void)ttyoutput('^', tp);
2342                 CLR(c, ~TTY_CHARMASK);
2343                 if (c == 0177)
2344                         c = '?';
2345                 else
2346                         c += 'A' - 1;
2347         }
2348         (void)ttyoutput(c, tp);
2349 }
2350
2351 /*
2352  * Wake up any readers on a tty.
2353  */
2354 void
2355 ttwakeup(struct tty *tp)
2356 {
2357         lwkt_gettoken(&tp->t_token);
2358         if (ISSET(tp->t_state, TS_ASYNC) && tp->t_sigio != NULL)
2359                 pgsigio(tp->t_sigio, SIGIO, (tp->t_session != NULL));
2360         wakeup(TSA_HUP_OR_INPUT(tp));
2361         KNOTE(&tp->t_rkq.ki_note, 0);
2362         lwkt_reltoken(&tp->t_token);
2363 }
2364
2365 /*
2366  * Wake up any writers on a tty.
2367  */
2368 void
2369 ttwwakeup(struct tty *tp)
2370 {
2371         lwkt_gettoken(&tp->t_token);
2372         if (ISSET(tp->t_state, TS_ASYNC) && tp->t_sigio != NULL)
2373                 pgsigio(tp->t_sigio, SIGIO, (tp->t_session != NULL));
2374         if (ISSET(tp->t_state, TS_BUSY | TS_SO_OCOMPLETE) ==
2375             TS_SO_OCOMPLETE && tp->t_outq.c_cc == 0) {
2376                 CLR(tp->t_state, TS_SO_OCOMPLETE);
2377                 wakeup(TSA_OCOMPLETE(tp));
2378         }
2379         if (ISSET(tp->t_state, TS_SO_OLOWAT) &&
2380             tp->t_outq.c_cc <= tp->t_olowat) {
2381                 CLR(tp->t_state, TS_SO_OLOWAT);
2382                 wakeup(TSA_OLOWAT(tp));
2383         }
2384         KNOTE(&tp->t_wkq.ki_note, 0);
2385         lwkt_reltoken(&tp->t_token);
2386 }
2387
2388 /*
2389  * Look up a code for a specified speed in a conversion table;
2390  * used by drivers to map software speed values to hardware parameters.
2391  * No requirements
2392  */
2393 int
2394 ttspeedtab(int speed, struct speedtab *table)
2395 {
2396
2397         for ( ; table->sp_speed != -1; table++)
2398                 if (table->sp_speed == speed)
2399                         return (table->sp_code);
2400         return (-1);
2401 }
2402
2403 /*
2404  * Set input and output watermarks and buffer sizes.  For input, the
2405  * high watermark is about one second's worth of input above empty, the
2406  * low watermark is slightly below high water, and the buffer size is a
2407  * driver-dependent amount above high water.  For output, the watermarks
2408  * are near the ends of the buffer, with about 1 second's worth of input
2409  * between them.  All this only applies to the standard line discipline.
2410  */
2411 void
2412 ttsetwater(struct tty *tp)
2413 {
2414         int cps, ttmaxhiwat, x;
2415
2416         lwkt_gettoken(&tp->t_token);
2417         /* Input. */
2418         clist_alloc_cblocks(&tp->t_canq, TTYHOG);
2419         switch (tp->t_ispeedwat) {
2420         case (speed_t)-1:
2421                 cps = tp->t_ispeed / 10;
2422                 break;
2423         case 0:
2424                 /*
2425                  * This case is for old drivers that don't know about
2426                  * t_ispeedwat.  Arrange for them to get the old buffer
2427                  * sizes and watermarks.
2428                  */
2429                 cps = TTYHOG - 2 * 256;
2430                 tp->t_ififosize = 2 * 2048;
2431                 break;
2432         default:
2433                 cps = tp->t_ispeedwat / 10;
2434                 break;
2435         }
2436         tp->t_ihiwat = cps;
2437         tp->t_ilowat = 7 * cps / 8;
2438         x = cps + tp->t_ififosize;
2439         clist_alloc_cblocks(&tp->t_rawq, x);
2440
2441         /* Output. */
2442         switch (tp->t_ospeedwat) {
2443         case (speed_t)-1:
2444                 cps = tp->t_ospeed / 10;
2445                 ttmaxhiwat = 2 * TTMAXHIWAT;
2446                 break;
2447         case 0:
2448                 cps = tp->t_ospeed / 10;
2449                 ttmaxhiwat = TTMAXHIWAT;
2450                 break;
2451         default:
2452                 cps = tp->t_ospeedwat / 10;
2453                 ttmaxhiwat = 8 * TTMAXHIWAT;
2454                 break;
2455         }
2456 #define CLAMP(x, h, l)  ((x) > h ? h : ((x) < l) ? l : (x))
2457         tp->t_olowat = x = CLAMP(cps / 2, TTMAXLOWAT, TTMINLOWAT);
2458         x += cps;
2459         x = CLAMP(x, ttmaxhiwat, TTMINHIWAT);   /* XXX clamps are too magic */
2460         /* tp->t_ohiwat = roundup(x, CBSIZE); */ /* XXX for compat */
2461         x = imax(tp->t_ohiwat, TTMAXHIWAT);     /* XXX for compat/safety */
2462         x += OBUFSIZ + 100;
2463         clist_alloc_cblocks(&tp->t_outq, x);
2464 #undef  CLAMP
2465         lwkt_reltoken(&tp->t_token);
2466 }
2467
2468 /*
2469  * Report on state of foreground process group.
2470  */
2471 void
2472 ttyinfo(struct tty *tp)
2473 {
2474         struct pgrp *pgrp;
2475         struct proc *p, *pick;
2476         struct lwp *lp;
2477         struct rusage ru;
2478         char buf[64];
2479         const char *str;
2480         struct vmspace *vm;
2481         long vmsz;
2482         int pctcpu;
2483         int tmp;
2484
2485         if (ttycheckoutq(tp,0) == 0)
2486                 return;
2487
2488         lwkt_gettoken(&tp->t_token);
2489
2490         /*
2491          * We always print the load average, then figure out what else to
2492          * print based on the state of the current process group.
2493          */
2494         tmp = (averunnable.ldavg[0] * 100 + FSCALE / 2) >> FSHIFT;
2495         ttyprintf(tp, "load: %d.%02d ", tmp / 100, tmp % 100);
2496
2497         if (tp->t_session == NULL) {
2498                 ttyprintf(tp, "not a controlling terminal\n");
2499                 goto done2;
2500         }
2501         if ((pgrp = tp->t_pgrp) == NULL) {
2502                 ttyprintf(tp, "no foreground process group\n");
2503                 goto done2;
2504         }
2505
2506         /*
2507          * Pick an interesting process.  Note that certain elements,
2508          * in particular the wmesg.
2509          *
2510          * NOTE: lwp_wmesg is lwp_thread->td_wmesg.
2511          */
2512         pgref(pgrp);
2513         lwkt_gettoken(&pgrp->pg_token);
2514
2515         pick = NULL;
2516         for (p = LIST_FIRST(&pgrp->pg_members);
2517              p != NULL;
2518              p = LIST_NEXT(p, p_pglist)) {
2519                 PHOLD(p);
2520                 if (proc_compare(pick, p)) {
2521                         if (pick)
2522                                 PRELE(pick);
2523                         pick = p;
2524                 } else {
2525                         PRELE(p);
2526                 }
2527         }
2528         if (pick == NULL) {
2529                 ttyprintf(tp, "empty foreground process group\n");
2530                 goto done1;
2531         }
2532
2533         /*
2534          * Pick an interesting LWP (XXX)
2535          *
2536          * pick is held.
2537          */
2538         lp = FIRST_LWP_IN_PROC(pick);
2539         if (lp == NULL) {
2540                 PRELE(pick);
2541                 ttyprintf(tp, "foreground process without lwp\n");
2542                 goto done1;
2543         }
2544
2545         /*
2546          * Figure out what wait/process-state message, and command
2547          * buffer to present
2548          */
2549         /*
2550          * XXX lwp This is a horrible mixture.  We need to rework this
2551          * as soon as lwps have their own runnable status.
2552          */
2553         LWPHOLD(lp);
2554         if (pick->p_flags & P_WEXIT)
2555                 str = "exiting";
2556         else if (lp->lwp_stat == LSRUN)
2557                 str = "running";
2558         else if (pick->p_stat == SIDL)
2559                 str = "spawning";
2560         else if (lp->lwp_wmesg) /* lwp_thread must not be NULL */
2561                 str = lp->lwp_wmesg;
2562         else
2563                 str = "iowait";
2564
2565         ksnprintf(buf, sizeof(buf), "cmd: %s %d [%s]",
2566                   pick->p_comm, pick->p_pid, str);
2567
2568         /*
2569          * Calculate cpu usage, percent cpu, and cmsz.  Note that
2570          * 'pick' becomes invalid the moment we release the token.
2571          */
2572         if (lp->lwp_thread && (pick->p_flags & P_SWAPPEDOUT) == 0)
2573                 calcru_proc(pick, &ru);
2574
2575         pctcpu = (lp->lwp_pctcpu * 10000 + FSCALE / 2) >> FSHIFT;
2576
2577         LWPRELE(lp);
2578
2579         /*
2580          * NOTE: vmspace should be protected from destruction by the
2581          *       combination of pg_token and the fact that we are not
2582          *       flagged as a zombie.
2583          */
2584         if (pick->p_stat == SIDL || pick->p_stat == SZOMB) {
2585                 vmsz = 0;
2586         } else if ((vm = pick->p_vmspace) == NULL) {
2587                 vmsz = 0;
2588         } else {
2589                 vmspace_hold(vm);
2590                 vmsz = pgtok(vmspace_resident_count(vm));
2591                 vmspace_drop(vm);
2592         }
2593         PRELE(pick);
2594
2595         /*
2596          * Dump the output
2597          */
2598         ttyprintf(tp, " %s ",
2599                   buf);
2600         ttyprintf(tp, "%ld.%02ldu ",
2601                   ru.ru_utime.tv_sec, ru.ru_utime.tv_usec / 10000);
2602         ttyprintf(tp, "%ld.%02lds ",
2603                   ru.ru_stime.tv_sec, ru.ru_stime.tv_usec / 10000);
2604         ttyprintf(tp, "%d%% %ldk\n",
2605                   pctcpu / 100, vmsz);
2606
2607 done1:
2608         lwkt_reltoken(&pgrp->pg_token);
2609         pgrel(pgrp);
2610 done2:
2611         tp->t_rocount = 0;      /* so pending input will be retyped if BS */
2612         lwkt_reltoken(&tp->t_token);
2613 }
2614
2615 /*
2616  * Returns 1 if p2 is "better" than p1
2617  *
2618  * The algorithm for picking the "interesting" process is thus:
2619  *
2620  *      1) Only foreground processes are eligible - implied.
2621  *      2) Runnable processes are favored over anything else.  The runner
2622  *         with the highest cpu utilization is picked (p_cpticks).  Ties are
2623  *         broken by picking the highest pid.
2624  *      3) The sleeper with the shortest sleep time is next.  With ties,
2625  *         we pick out just "short-term" sleepers (LWP_SINTR == 0).
2626  *      4) Further ties are broken by picking the highest pid.
2627  *
2628  * NOTE: must be called with p1 and p2 held.
2629  */
2630 #define ISRUN(lp)       ((lp)->lwp_stat == LSRUN)
2631 #define TESTAB(a, b)    ((a)<<1 | (b))
2632 #define ONLYA   2
2633 #define ONLYB   1
2634 #define BOTH    3
2635
2636 static int
2637 proc_compare(struct proc *p1, struct proc *p2)
2638 {
2639         struct lwp *lp1, *lp2;
2640         int res;
2641
2642         if (p1 == NULL)
2643                 return (1);
2644         if (lwkt_trytoken(&p1->p_token) == 0)
2645                 return (1);
2646         if (lwkt_trytoken(&p2->p_token) == 0) {
2647                 lwkt_reltoken(&p1->p_token);
2648                 return (0);
2649         }
2650
2651         /*
2652          * weed out zombies
2653          */
2654         switch (TESTAB(p1->p_stat == SZOMB, p2->p_stat == SZOMB)) {
2655         case ONLYA:
2656                 res = 1;
2657                 goto done;
2658         case ONLYB:
2659                 res = 0;
2660                 goto done;
2661         case BOTH:
2662                 res = (p2->p_pid > p1->p_pid);  /* tie - return highest pid */
2663                 goto done;
2664         default:
2665                 break;
2666         }
2667
2668         /* XXX choose the best lwp? */
2669         lp1 = FIRST_LWP_IN_PROC(p1);
2670         lp2 = FIRST_LWP_IN_PROC(p2);
2671
2672         /*
2673          * Favor one with LWPs verses one that has none (is exiting).
2674          */
2675         if (lp1 == NULL) {
2676                 res = 1;
2677                 goto done;
2678         }
2679         if (lp2 == NULL) {
2680                 res = 0;
2681                 goto done;
2682         }
2683
2684         /*
2685          * see if at least one of them is runnable
2686          */
2687         switch (TESTAB(ISRUN(lp1), ISRUN(lp2))) {
2688         case ONLYA:
2689                 res = 0;
2690                 goto done;
2691         case ONLYB:
2692                 res = 1;
2693                 goto done;
2694         case BOTH:
2695                 /*
2696                  * tie - favor one with highest recent cpu utilization
2697                  */
2698                 if (lp2->lwp_cpticks > lp1->lwp_cpticks)
2699                         res = 1;
2700                 else if (lp1->lwp_cpticks > lp2->lwp_cpticks)
2701                         res = 0;
2702                 else
2703                         res = (p2->p_pid > p1->p_pid); /* tie - ret highest */
2704                 goto done;
2705         default:
2706                 break;
2707         }
2708
2709         /*
2710          * Pick the one with the smallest sleep time
2711          */
2712         if (lp2->lwp_slptime > lp1->lwp_slptime) {
2713                 res = 0;
2714                 goto done;
2715         }
2716         if (lp1->lwp_slptime > lp2->lwp_slptime) {
2717                 res = 1;
2718                 goto done;
2719         }
2720
2721         /*
2722          * Favor one sleeping in a non-interruptible sleep
2723          */
2724         if ((lp1->lwp_flags & LWP_SINTR) && (lp2->lwp_flags & LWP_SINTR) == 0)
2725                 res = 1;
2726         else
2727         if ((lp2->lwp_flags & LWP_SINTR) && (lp1->lwp_flags & LWP_SINTR) == 0)
2728                 res = 0;
2729         else
2730                 res = (p2->p_pid > p1->p_pid);  /* tie - return highest pid */
2731         /* fall through */
2732
2733 done:
2734         lwkt_reltoken(&p2->p_token);
2735         lwkt_reltoken(&p1->p_token);
2736         return (res);
2737 }
2738
2739 /*
2740  * Output char to tty; console putchar style.
2741  */
2742 int
2743 tputchar(int c, struct tty *tp)
2744 {
2745         lwkt_gettoken(&tp->t_token);
2746         if (!ISSET(tp->t_state, TS_CONNECTED)) {
2747                 lwkt_reltoken(&tp->t_token);
2748                 return (-1);
2749         }
2750         if (c == '\n')
2751                 (void)ttyoutput('\r', tp);
2752         (void)ttyoutput(c, tp);
2753         ttstart(tp);
2754         lwkt_reltoken(&tp->t_token);
2755
2756         return (0);
2757 }
2758
2759 /*
2760  * Sleep on chan, returning ERESTART if tty changed while we napped and
2761  * returning any errors (e.g. EINTR/EWOULDBLOCK) reported by tsleep.  If
2762  * the tty is revoked, restarting a pending call will redo validation done
2763  * at the start of the call.
2764  */
2765 int
2766 ttysleep(struct tty *tp, void *chan, int slpflags, char *wmesg, int timo)
2767 {
2768         int error;
2769         int gen;
2770
2771         gen = tp->t_gen;
2772         error = tsleep(chan, slpflags, wmesg, timo);
2773         if (error)
2774                 return (error);
2775         return (tp->t_gen == gen ? 0 : ERESTART);
2776 }
2777
2778 /*
2779  * Revoke a tty.
2780  *
2781  * We bump the gen to force any ttysleep()'s to return with ERESTART
2782  * and flush the tty.  The related fp's should already have been
2783  * replaced so the tty will close when the last references on the
2784  * original fp's go away.
2785  */
2786 int
2787 ttyrevoke(struct dev_revoke_args *ap)
2788 {
2789         struct tty *tp;
2790
2791         tp = ap->a_head.a_dev->si_tty;
2792         lwkt_gettoken(&tp->t_token);
2793         tp->t_gen++;
2794         ttyflush(tp, FREAD | FWRITE);
2795         wakeup(TSA_CARR_ON(tp));
2796         ttwakeup(tp);
2797         ttwwakeup(tp);
2798         lwkt_reltoken(&tp->t_token);
2799
2800         return (0);
2801 }
2802
2803 /*
2804  * Allocate a tty struct.  Clists in the struct will be allocated by
2805  * ttyopen().  The tty itself is protected by tp->t_token.  tty_token
2806  * is primarily used to interlock the NULL test and for registration.
2807  *
2808  * by convention, once allocated, tty structures are never freed.  This
2809  * saves us from numerous release race scenarios that can occur due to the
2810  * token being embedded in the tty structure.
2811  */
2812 struct tty *
2813 ttymalloc(struct tty **tpp)
2814 {
2815         struct tty *tp;
2816
2817         if ((tp = *tpp) == NULL) {
2818                 tp = kmalloc(sizeof *tp, M_TTYS, M_WAITOK|M_ZERO);
2819                 lwkt_gettoken(&tty_token);
2820                 if (*tpp == NULL) {     /* recheck after blocking kmalloc */
2821                         *tpp = tp;
2822                         ttyinit(tp);
2823                         ttyregister(tp);
2824                 } else {
2825                         kfree(tp, M_TTYS);
2826                 }
2827                 lwkt_reltoken(&tty_token);
2828         }
2829         return (tp);
2830 }
2831
2832 /*
2833  * Caller must hold tp->t_token
2834  */
2835 void
2836 ttyunregister(struct tty *tp)
2837 {
2838         lwkt_gettoken(&tty_token);
2839         if (ISSET(tp->t_state, TS_REGISTERED)) {
2840                 CLR(tp->t_state, TS_REGISTERED);
2841                 TAILQ_REMOVE(&tty_list, tp, t_list);
2842         }
2843         lwkt_reltoken(&tty_token);
2844 }
2845
2846 void
2847 ttyinit(struct tty *tp)
2848 {
2849         lwkt_token_init(&tp->t_token, "tp");
2850 }
2851
2852 void
2853 ttyregister(struct tty *tp)
2854 {
2855         lwkt_gettoken(&tty_token);
2856         if (!ISSET(tp->t_state, TS_REGISTERED)) {
2857                 SET(tp->t_state, TS_REGISTERED);
2858                 TAILQ_INSERT_HEAD(&tty_list, tp, t_list);
2859         }
2860         lwkt_reltoken(&tty_token);
2861 }
2862
2863 static int
2864 sysctl_kern_ttys(SYSCTL_HANDLER_ARGS)
2865 {
2866         int error;
2867         struct tty *tp;
2868         struct tty t;
2869         struct tty marker;
2870
2871         bzero(&marker, sizeof(marker));
2872         marker.t_state = TS_MARKER;
2873         error = 0;
2874
2875         lwkt_gettoken(&tty_token);
2876
2877         TAILQ_INSERT_HEAD(&tty_list, &marker, t_list);
2878         while ((tp = TAILQ_NEXT(&marker, t_list)) != NULL) {
2879                 TAILQ_REMOVE(&tty_list, &marker, t_list);
2880                 TAILQ_INSERT_AFTER(&tty_list, tp, &marker, t_list);
2881                 if (tp->t_state & TS_MARKER)
2882                         continue;
2883                 t = *tp;
2884                 if (t.t_dev)
2885                         t.t_dev = (cdev_t)(uintptr_t)dev2udev(t.t_dev);
2886                 error = SYSCTL_OUT(req, (caddr_t)&t, sizeof(t));
2887                 if (error)
2888                         break;
2889         }
2890         TAILQ_REMOVE(&tty_list, &marker, t_list);
2891         lwkt_reltoken(&tty_token);
2892         return (error);
2893 }
2894
2895 SYSCTL_PROC(_kern, OID_AUTO, ttys, CTLTYPE_OPAQUE|CTLFLAG_RD,
2896         0, 0, sysctl_kern_ttys, "S,tty", "All struct ttys");
2897
2898 void
2899 nottystop(struct tty *tp, int rw)
2900 {
2901         return;
2902 }
2903
2904 int
2905 ttyread(struct dev_read_args *ap)
2906 {
2907         struct tty *tp;
2908         int ret;
2909
2910         tp = ap->a_head.a_dev->si_tty;
2911         if (tp == NULL)
2912                 return (ENODEV);
2913         lwkt_gettoken(&tp->t_token);
2914         ret = ((*linesw[tp->t_line].l_read)(tp, ap->a_uio, ap->a_ioflag));
2915         lwkt_reltoken(&tp->t_token);
2916
2917         return ret;
2918 }
2919
2920 int
2921 ttywrite(struct dev_write_args *ap)
2922 {
2923         struct tty *tp;
2924         int ret;
2925
2926         tp = ap->a_head.a_dev->si_tty;
2927         if (tp == NULL)
2928                 return (ENODEV);
2929         lwkt_gettoken(&tp->t_token);
2930         ret = ((*linesw[tp->t_line].l_write)(tp, ap->a_uio, ap->a_ioflag));
2931         lwkt_reltoken(&tp->t_token);
2932
2933         return ret;
2934 }