kernel - More pty fixes
[dragonfly.git] / sys / kern / tty.c
1 /*-
2  * (MPSAFE)
3  *
4  * Copyright (c) 1982, 1986, 1990, 1991, 1993
5  *      The Regents of the University of California.  All rights reserved.
6  * (c) UNIX System Laboratories, Inc.
7  * All or some portions of this file are derived from material licensed
8  * to the University of California by American Telephone and Telegraph
9  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
10  * the permission of UNIX System Laboratories, Inc.
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  * 3. All advertising materials mentioning features or use of this software
21  *    must display the following acknowledgement:
22  *      This product includes software developed by the University of
23  *      California, Berkeley and its contributors.
24  * 4. Neither the name of the University nor the names of its contributors
25  *    may be used to endorse or promote products derived from this software
26  *    without specific prior written permission.
27  *
28  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
29  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
30  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
31  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
32  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
33  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
34  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
35  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
36  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
37  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38  * SUCH DAMAGE.
39  *
40  *      @(#)tty.c       8.8 (Berkeley) 1/21/94
41  * $FreeBSD: src/sys/kern/tty.c,v 1.129.2.5 2002/03/11 01:32:31 dd Exp $
42  * $DragonFly: src/sys/kern/tty.c,v 1.46 2008/09/10 09:50:09 y0netan1 Exp $
43  */
44
45 /*
46  * MPSAFE NOTE:
47  * Almost all functions in this file are acquiring the tty token due to their
48  * access and modifications of the 'tp' (struct tty) objects.
49  */
50
51 /*-
52  * TODO:
53  *      o Fix races for sending the start char in ttyflush().
54  *      o Handle inter-byte timeout for "MIN > 0, TIME > 0" in ttyselect().
55  *        With luck, there will be MIN chars before select() returns().
56  *      o Handle CLOCAL consistently for ptys.  Perhaps disallow setting it.
57  *      o Don't allow input in TS_ZOMBIE case.  It would be visible through
58  *        FIONREAD.
59  *      o Do the new sio locking stuff here and use it to avoid special
60  *        case for EXTPROC?
61  *      o Lock PENDIN too?
62  *      o Move EXTPROC and/or PENDIN to t_state?
63  *      o Wrap most of ttioctl in spltty/splx.
64  *      o Implement TIOCNOTTY or remove it from <sys/ioctl.h>.
65  *      o Send STOP if IXOFF is toggled off while TS_TBLOCK is set.
66  *      o Don't allow certain termios flags to affect disciplines other
67  *        than TTYDISC.  Cancel their effects before switch disciplines
68  *        and ignore them if they are set while we are in another
69  *        discipline.
70  *      o Now that historical speed conversions are handled here, don't
71  *        do them in drivers.
72  *      o Check for TS_CARR_ON being set while everything is closed and not
73  *        waiting for carrier.  TS_CARR_ON isn't cleared if nothing is open,
74  *        so it would live until the next open even if carrier drops.
75  *      o Restore TS_WOPEN since it is useful in pstat.  It must be cleared
76  *        only when _all_ openers leave open().
77  */
78
79 #include "opt_compat.h"
80 #include "opt_uconsole.h"
81
82 #include <sys/param.h>
83 #include <sys/systm.h>
84 #include <sys/filio.h>
85 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
86 #include <sys/ioctl_compat.h>
87 #endif
88 #include <sys/proc.h>
89 #include <sys/priv.h>
90 #define TTYDEFCHARS
91 #include <sys/tty.h>
92 #include <sys/clist.h>
93 #undef  TTYDEFCHARS
94 #include <sys/fcntl.h>
95 #include <sys/conf.h>
96 #include <sys/dkstat.h>
97 #include <sys/kernel.h>
98 #include <sys/vnode.h>
99 #include <sys/signalvar.h>
100 #include <sys/signal2.h>
101 #include <sys/resourcevar.h>
102 #include <sys/malloc.h>
103 #include <sys/filedesc.h>
104 #include <sys/sysctl.h>
105 #include <sys/thread2.h>
106
107 #include <vm/vm.h>
108 #include <sys/lock.h>
109 #include <vm/pmap.h>
110 #include <vm/vm_map.h>
111
112 MALLOC_DEFINE(M_TTYS, "ttys", "tty data structures");
113
114 static int      proc_compare (struct proc *p1, struct proc *p2);
115 static int      ttnread (struct tty *tp);
116 static void     ttyecho (int c, struct tty *tp);
117 static int      ttyoutput (int c, struct tty *tp);
118 static void     ttypend (struct tty *tp);
119 static void     ttyretype (struct tty *tp);
120 static void     ttyrub (int c, struct tty *tp);
121 static void     ttyrubo (struct tty *tp, int cnt);
122 static void     ttyunblock (struct tty *tp);
123 static int      ttywflush (struct tty *tp);
124 static int      filt_ttyread (struct knote *kn, long hint);
125 static void     filt_ttyrdetach (struct knote *kn);
126 static int      filt_ttywrite (struct knote *kn, long hint);
127 static void     filt_ttywdetach (struct knote *kn);
128
129 /*
130  * Table with character classes and parity. The 8th bit indicates parity,
131  * the 7th bit indicates the character is an alphameric or underscore (for
132  * ALTWERASE), and the low 6 bits indicate delay type.  If the low 6 bits
133  * are 0 then the character needs no special processing on output; classes
134  * other than 0 might be translated or (not currently) require delays.
135  */
136 #define E       0x00    /* Even parity. */
137 #define O       0x80    /* Odd parity. */
138 #define PARITY(c)       (char_type[c] & O)
139
140 #define ALPHA   0x40    /* Alpha or underscore. */
141 #define ISALPHA(c)      (char_type[(c) & TTY_CHARMASK] & ALPHA)
142
143 #define CCLASSMASK      0x3f
144 #define CCLASS(c)       (char_type[c] & CCLASSMASK)
145
146 #define BS      BACKSPACE
147 #define CC      CONTROL
148 #define CR      RETURN
149 #define NA      ORDINARY | ALPHA
150 #define NL      NEWLINE
151 #define NO      ORDINARY
152 #define TB      TAB
153 #define VT      VTAB
154
155 static u_char const char_type[] = {
156         E|CC, O|CC, O|CC, E|CC, O|CC, E|CC, E|CC, O|CC, /* nul - bel */
157         O|BS, E|TB, E|NL, O|CC, E|VT, O|CR, O|CC, E|CC, /* bs - si */
158         O|CC, E|CC, E|CC, O|CC, E|CC, O|CC, O|CC, E|CC, /* dle - etb */
159         E|CC, O|CC, O|CC, E|CC, O|CC, E|CC, E|CC, O|CC, /* can - us */
160         O|NO, E|NO, E|NO, O|NO, E|NO, O|NO, O|NO, E|NO, /* sp - ' */
161         E|NO, O|NO, O|NO, E|NO, O|NO, E|NO, E|NO, O|NO, /* ( - / */
162         E|NA, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* 0 - 7 */
163         O|NA, E|NA, E|NO, O|NO, E|NO, O|NO, O|NO, E|NO, /* 8 - ? */
164         O|NO, E|NA, E|NA, O|NA, E|NA, O|NA, O|NA, E|NA, /* @ - G */
165         E|NA, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* H - O */
166         E|NA, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* P - W */
167         O|NA, E|NA, E|NA, O|NO, E|NO, O|NO, O|NO, O|NA, /* X - _ */
168         E|NO, O|NA, O|NA, E|NA, O|NA, E|NA, E|NA, O|NA, /* ` - g */
169         O|NA, E|NA, E|NA, O|NA, E|NA, O|NA, O|NA, E|NA, /* h - o */
170         O|NA, E|NA, E|NA, O|NA, E|NA, O|NA, O|NA, E|NA, /* p - w */
171         E|NA, O|NA, O|NA, E|NO, O|NO, E|NO, E|NO, O|CC, /* x - del */
172         /*
173          * Meta chars; should be settable per character set;
174          * for now, treat them all as normal characters.
175          */
176         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
177         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
178         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
179         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
180         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
181         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
182         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
183         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
184         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
185         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
186         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
187         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
188         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
189         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
190         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
191         NA,   NA,   NA,   NA,   NA,   NA,   NA,   NA,
192 };
193 #undef  BS
194 #undef  CC
195 #undef  CR
196 #undef  NA
197 #undef  NL
198 #undef  NO
199 #undef  TB
200 #undef  VT
201
202 /* Macros to clear/set/test flags. */
203 #define SET(t, f)       (t) |= (f)
204 #define CLR(t, f)       (t) &= ~(f)
205 #define ISSET(t, f)     ((t) & (f))
206
207 #undef MAX_INPUT                /* XXX wrong in <sys/syslimits.h> */
208 #define MAX_INPUT       TTYHOG  /* XXX limit is usually larger for !ICANON */
209
210 uint64_t tk_nin;
211 SYSCTL_OPAQUE(_kern, OID_AUTO, tk_nin, CTLFLAG_RD, &tk_nin, sizeof(tk_nin),
212     "LU", "TTY input statistic");
213 uint64_t tk_nout;
214 SYSCTL_OPAQUE(_kern, OID_AUTO, tk_nout, CTLFLAG_RD, &tk_nout, sizeof(tk_nout),
215     "LU", "TTY output statistic");
216 uint64_t tk_rawcc;
217
218 /*
219  * list of struct tty where pstat(8) can pick it up with sysctl
220  */
221 static TAILQ_HEAD(, tty) tty_list = TAILQ_HEAD_INITIALIZER(tty_list);
222
223 /*
224  * Initial open of tty, or (re)entry to standard tty line discipline.
225  */
226 int
227 ttyopen(cdev_t device, struct tty *tp)
228 {
229         crit_enter();
230         lwkt_gettoken(&tty_token);
231         tp->t_dev = device;
232         if (!ISSET(tp->t_state, TS_ISOPEN)) {
233                 SET(tp->t_state, TS_ISOPEN);
234                 if (ISSET(tp->t_cflag, CLOCAL)) {
235                         SET(tp->t_state, TS_CONNECTED);
236                 }
237                 bzero(&tp->t_winsize, sizeof(tp->t_winsize));
238         }
239         ttsetwater(tp);
240         lwkt_reltoken(&tty_token);
241         crit_exit();
242         return (0);
243 }
244
245 /*
246  * Handle close() on a tty line: flush and set to initial state,
247  * bumping generation number so that pending read/write calls
248  * can detect recycling of the tty.
249  *
250  * XXX our caller should have done `spltty(); l_close(); ttyclose();'
251  * and l_close() should have flushed, but we repeat the spltty() and
252  * the flush in case there are buggy callers.
253  */
254 int
255 ttyclose(struct tty *tp)
256 {
257         crit_enter();
258         lwkt_gettoken(&tty_token);
259         funsetown(tp->t_sigio);
260         if (constty == tp)
261                 constty = NULL;
262
263         ttyflush(tp, FREAD | FWRITE);
264         clist_free_cblocks(&tp->t_canq);
265         clist_free_cblocks(&tp->t_outq);
266         clist_free_cblocks(&tp->t_rawq);
267
268         tp->t_gen++;
269         tp->t_line = TTYDISC;
270         ttyclearsession(tp);
271         tp->t_state &= TS_REGISTERED;   /* clear all bits except */
272         lwkt_reltoken(&tty_token);
273         crit_exit();
274         return (0);
275 }
276
277 /*
278  * Disassociate the tty from its session.  Traditionally this has only been
279  * a half-close, meaning that the session was still allowed to point at the
280  * tty (resulting in the tty in the ps command showing something like 'p0-'),
281  * even though the tty is no longer pointing at the session.
282  *
283  * The half close seems to be useful only for 'ps' output but there is as
284  * yet no reason to remove the feature.  The full-close code is currently
285  * #if 0'd out.  See also sess_rele() in kern/kern_proc.c.
286  */
287 void
288 ttyclearsession(struct tty *tp)
289 {
290         struct session *sp;
291
292         lwkt_gettoken(&tty_token);
293         tp->t_pgrp = NULL;
294         if ((sp = tp->t_session) != NULL) {
295                 tp->t_session = NULL;
296 #ifdef TTY_DO_FULL_CLOSE
297                 /* FULL CLOSE (not yet) */
298                 if (sp->s_ttyp == tp) {
299                         sp->s_ttyp = NULL;
300                         ttyunhold(tp);
301                 } else {
302                         kprintf("ttyclearsession: warning: sp->s_ttyp != tp "
303                                 "%p/%p\n", sp->s_ttyp, tp);
304                 }
305 #endif
306         }
307         lwkt_reltoken(&tty_token);
308 }
309
310 /*
311  * Release the tty vnode association for a session.  This is the 
312  * 'other half' of the close.  Because multiple opens of /dev/tty
313  * only generate a single open to the actual tty, the file modes
314  * are locked to FREAD|FWRITE.
315  *
316  * If dorevoke is non-zero, the session is also revoked.  We have to
317  * close the vnode if VCTTYISOPEN is set.
318  */
319 void
320 ttyclosesession(struct session *sp, int dorevoke)
321 {
322         struct vnode *vp;
323
324         lwkt_gettoken(&tty_token);
325 retry:
326         /*
327          * There may not be a controlling terminal or it may have been closed
328          * out from under us.
329          */
330         if ((vp = sp->s_ttyvp) == NULL) {
331                 lwkt_reltoken(&tty_token);
332                 return;
333         }
334
335         /*
336          * We need a lock if we have to close or revoke.
337          */
338         if ((vp->v_flag & VCTTYISOPEN) || dorevoke) {
339                 vhold(vp);
340                 if (vn_lock(vp, LK_EXCLUSIVE|LK_RETRY)) {
341                         vdrop(vp);
342                         goto retry;
343                 }
344
345                 /*
346                  * Retry if the vnode was ripped out from under us
347                  */
348                 if (vp != sp->s_ttyvp) {
349                         vn_unlock(vp);
350                         vdrop(vp);
351                         goto retry;
352                 }
353
354                 /*
355                  * Close and revoke as needed
356                  */
357                 sp->s_ttyvp = NULL;
358                 if (vp->v_flag & VCTTYISOPEN) {
359                         vclrflags(vp, VCTTYISOPEN);
360                         VOP_CLOSE(vp, FREAD|FWRITE);
361                 }
362                 vn_unlock(vp);
363                 if (dorevoke)
364                         vrevoke(vp, proc0.p_ucred);
365                 vdrop(vp);
366         } else {
367                 sp->s_ttyvp = NULL;
368         }
369         vrele(vp);
370         lwkt_reltoken(&tty_token);
371 }
372
373 #define FLUSHQ(q) {                                                     \
374         if ((q)->c_cc)                                                  \
375                 ndflush(q, (q)->c_cc);                                  \
376 }
377
378 /* Is 'c' a line delimiter ("break" character)? */
379 #define TTBREAKC(c, lflag)                                                      \
380         ((c) == '\n' || (((c) == cc[VEOF] ||                            \
381           (c) == cc[VEOL] || ((c) == cc[VEOL2] && lflag & IEXTEN)) &&   \
382          (c) != _POSIX_VDISABLE))
383
384 /*
385  * Process input of a single character received on a tty.
386  */
387 int
388 ttyinput(int c, struct tty *tp)
389 {
390         tcflag_t iflag, lflag;
391         cc_t *cc;
392         int i, err;
393
394         lwkt_gettoken(&tty_token);
395         /*
396          * If input is pending take it first.
397          */
398         lflag = tp->t_lflag;
399         if (ISSET(lflag, PENDIN))
400                 ttypend(tp);
401         /*
402          * Gather stats.
403          */
404         if (ISSET(lflag, ICANON))
405                 ++tp->t_cancc;
406         else
407                 ++tp->t_rawcc;
408         ++tk_nin;
409
410         /*
411          * Block further input iff:
412          * current input > threshold AND input is available to user program
413          * AND input flow control is enabled and not yet invoked.
414          * The 3 is slop for PARMRK.
415          */
416         iflag = tp->t_iflag;
417         if (tp->t_rawq.c_cc + tp->t_canq.c_cc > tp->t_ihiwat - 3 &&
418             (!ISSET(lflag, ICANON) || tp->t_canq.c_cc != 0) &&
419             (ISSET(tp->t_cflag, CRTS_IFLOW) || ISSET(iflag, IXOFF)) &&
420             !ISSET(tp->t_state, TS_TBLOCK))
421                 ttyblock(tp);
422
423         /* Handle exceptional conditions (break, parity, framing). */
424         cc = tp->t_cc;
425         err = (ISSET(c, TTY_ERRORMASK));
426         if (err) {
427                 CLR(c, TTY_ERRORMASK);
428                 if (ISSET(err, TTY_BI)) {
429                         if (ISSET(iflag, IGNBRK)) {
430                                 lwkt_reltoken(&tty_token);
431                                 return (0);
432                         }
433                         if (ISSET(iflag, BRKINT)) {
434                                 ttyflush(tp, FREAD | FWRITE);
435                                 pgsignal(tp->t_pgrp, SIGINT, 1);
436                                 goto endcase;
437                         }
438                         if (ISSET(iflag, PARMRK))
439                                 goto parmrk;
440                 } else if ((ISSET(err, TTY_PE) && ISSET(iflag, INPCK))
441                         || ISSET(err, TTY_FE)) {
442                         if (ISSET(iflag, IGNPAR)) {
443                                 lwkt_reltoken(&tty_token);
444                                 return (0);
445                         }
446                         else if (ISSET(iflag, PARMRK)) {
447 parmrk:
448                                 if (tp->t_rawq.c_cc + tp->t_canq.c_cc >
449                                     MAX_INPUT - 3)
450                                         goto input_overflow;
451                                 clist_putc(0377 | TTY_QUOTE, &tp->t_rawq);
452                                 clist_putc(0 | TTY_QUOTE, &tp->t_rawq);
453                                 clist_putc(c | TTY_QUOTE, &tp->t_rawq);
454                                 goto endcase;
455                         } else
456                                 c = 0;
457                 }
458         }
459
460         if (!ISSET(tp->t_state, TS_TYPEN) && ISSET(iflag, ISTRIP))
461                 CLR(c, 0x80);
462         if (!ISSET(lflag, EXTPROC)) {
463                 /*
464                  * Check for literal nexting very first
465                  */
466                 if (ISSET(tp->t_state, TS_LNCH)) {
467                         SET(c, TTY_QUOTE);
468                         CLR(tp->t_state, TS_LNCH);
469                 }
470                 /*
471                  * Scan for special characters.  This code
472                  * is really just a big case statement with
473                  * non-constant cases.  The bottom of the
474                  * case statement is labeled ``endcase'', so goto
475                  * it after a case match, or similar.
476                  */
477
478                 /*
479                  * Control chars which aren't controlled
480                  * by ICANON, ISIG, or IXON.
481                  */
482                 if (ISSET(lflag, IEXTEN)) {
483                         if (CCEQ(cc[VLNEXT], c)) {
484                                 if (ISSET(lflag, ECHO)) {
485                                         if (ISSET(lflag, ECHOE)) {
486                                                 (void)ttyoutput('^', tp);
487                                                 (void)ttyoutput('\b', tp);
488                                         } else
489                                                 ttyecho(c, tp);
490                                 }
491                                 SET(tp->t_state, TS_LNCH);
492                                 goto endcase;
493                         }
494                         if (CCEQ(cc[VDISCARD], c)) {
495                                 if (ISSET(lflag, FLUSHO))
496                                         CLR(tp->t_lflag, FLUSHO);
497                                 else {
498                                         ttyflush(tp, FWRITE);
499                                         ttyecho(c, tp);
500                                         if (tp->t_rawq.c_cc + tp->t_canq.c_cc)
501                                                 ttyretype(tp);
502                                         SET(tp->t_lflag, FLUSHO);
503                                 }
504                                 goto startoutput;
505                         }
506                 }
507                 /*
508                  * Signals.
509                  */
510                 if (ISSET(lflag, ISIG)) {
511                         if (CCEQ(cc[VINTR], c) || CCEQ(cc[VQUIT], c)) {
512                                 if (!ISSET(lflag, NOFLSH))
513                                         ttyflush(tp, FREAD | FWRITE);
514                                 ttyecho(c, tp);
515                                 pgsignal(tp->t_pgrp,
516                                     CCEQ(cc[VINTR], c) ? SIGINT : SIGQUIT, 1);
517                                 goto endcase;
518                         }
519                         if (CCEQ(cc[VSUSP], c)) {
520                                 if (!ISSET(lflag, NOFLSH))
521                                         ttyflush(tp, FREAD);
522                                 ttyecho(c, tp);
523                                 pgsignal(tp->t_pgrp, SIGTSTP, 1);
524                                 goto endcase;
525                         }
526                 }
527                 /*
528                  * Handle start/stop characters.
529                  */
530                 if (ISSET(iflag, IXON)) {
531                         if (CCEQ(cc[VSTOP], c)) {
532                                 if (!ISSET(tp->t_state, TS_TTSTOP)) {
533                                         SET(tp->t_state, TS_TTSTOP);
534                                         (*tp->t_stop)(tp, 0);
535                                         lwkt_reltoken(&tty_token);
536                                         return (0);
537                                 }
538                                 if (!CCEQ(cc[VSTART], c)) {
539                                         lwkt_reltoken(&tty_token);
540                                         return (0);
541                                 }
542                                 /*
543                                  * if VSTART == VSTOP then toggle
544                                  */
545                                 goto endcase;
546                         }
547                         if (CCEQ(cc[VSTART], c))
548                                 goto restartoutput;
549                 }
550                 /*
551                  * IGNCR, ICRNL, & INLCR
552                  */
553                 if (c == '\r') {
554                         if (ISSET(iflag, IGNCR)) {
555                                 lwkt_reltoken(&tty_token);
556                                 return (0);
557                         }
558                         else if (ISSET(iflag, ICRNL))
559                                 c = '\n';
560                 } else if (c == '\n' && ISSET(iflag, INLCR))
561                         c = '\r';
562         }
563         if (!ISSET(tp->t_lflag, EXTPROC) && ISSET(lflag, ICANON)) {
564                 /*
565                  * From here on down canonical mode character
566                  * processing takes place.
567                  */
568                 /*
569                  * erase or erase2 (^H / ^?)
570                  */
571                 if (CCEQ(cc[VERASE], c) || CCEQ(cc[VERASE2], c) ) {
572                         if (tp->t_rawq.c_cc)
573                                 ttyrub(clist_unputc(&tp->t_rawq), tp);
574                         goto endcase;
575                 }
576                 /*
577                  * kill (^U)
578                  */
579                 if (CCEQ(cc[VKILL], c)) {
580                         if (ISSET(lflag, ECHOKE) &&
581                             tp->t_rawq.c_cc == tp->t_rocount &&
582                             !ISSET(lflag, ECHOPRT))
583                                 while (tp->t_rawq.c_cc)
584                                         ttyrub(clist_unputc(&tp->t_rawq), tp);
585                         else {
586                                 ttyecho(c, tp);
587                                 if (ISSET(lflag, ECHOK) ||
588                                     ISSET(lflag, ECHOKE))
589                                         ttyecho('\n', tp);
590                                 FLUSHQ(&tp->t_rawq);
591                                 tp->t_rocount = 0;
592                         }
593                         CLR(tp->t_state, TS_LOCAL);
594                         goto endcase;
595                 }
596                 /*
597                  * word erase (^W)
598                  */
599                 if (CCEQ(cc[VWERASE], c) && ISSET(lflag, IEXTEN)) {
600                         int ctype;
601
602                         /*
603                          * erase whitespace
604                          */
605                         while ((c = clist_unputc(&tp->t_rawq)) == ' ' || c == '\t')
606                                 ttyrub(c, tp);
607                         if (c == -1)
608                                 goto endcase;
609                         /*
610                          * erase last char of word and remember the
611                          * next chars type (for ALTWERASE)
612                          */
613                         ttyrub(c, tp);
614                         c = clist_unputc(&tp->t_rawq);
615                         if (c == -1)
616                                 goto endcase;
617                         if (c == ' ' || c == '\t') {
618                                 clist_putc(c, &tp->t_rawq);
619                                 goto endcase;
620                         }
621                         ctype = ISALPHA(c);
622                         /*
623                          * erase rest of word
624                          */
625                         do {
626                                 ttyrub(c, tp);
627                                 c = clist_unputc(&tp->t_rawq);
628                                 if (c == -1)
629                                         goto endcase;
630                         } while (c != ' ' && c != '\t' &&
631                             (!ISSET(lflag, ALTWERASE) || ISALPHA(c) == ctype));
632                         clist_putc(c, &tp->t_rawq);
633                         goto endcase;
634                 }
635                 /*
636                  * reprint line (^R)
637                  */
638                 if (CCEQ(cc[VREPRINT], c) && ISSET(lflag, IEXTEN)) {
639                         ttyretype(tp);
640                         goto endcase;
641                 }
642                 /*
643                  * ^T - kernel info and generate SIGINFO
644                  */
645                 if (CCEQ(cc[VSTATUS], c) && ISSET(lflag, IEXTEN)) {
646                         if (ISSET(lflag, ISIG))
647                                 pgsignal(tp->t_pgrp, SIGINFO, 1);
648                         if (!ISSET(lflag, NOKERNINFO))
649                                 ttyinfo(tp);
650                         goto endcase;
651                 }
652                 if (CCEQ(cc[VCHECKPT], c) && ISSET(lflag, IEXTEN)) {
653                         if (ISSET(lflag, ISIG))
654                                 pgsignal(tp->t_pgrp, SIGCKPT, 1);
655                         goto endcase;
656                 }
657         }
658         /*
659          * Check for input buffer overflow
660          */
661         if (tp->t_rawq.c_cc + tp->t_canq.c_cc >= MAX_INPUT) {
662 input_overflow:
663                 if (ISSET(iflag, IMAXBEL)) {
664                         if (tp->t_outq.c_cc < tp->t_ohiwat)
665                                 (void)ttyoutput(CTRL('g'), tp);
666                 }
667                 goto endcase;
668         }
669
670         if (   c == 0377 && ISSET(iflag, PARMRK) && !ISSET(iflag, ISTRIP)
671              && ISSET(iflag, IGNBRK|IGNPAR) != (IGNBRK|IGNPAR))
672                 clist_putc(0377 | TTY_QUOTE, &tp->t_rawq);
673
674         /*
675          * Put data char in q for user and
676          * wakeup on seeing a line delimiter.
677          */
678         if (clist_putc(c, &tp->t_rawq) >= 0) {
679                 if (!ISSET(lflag, ICANON)) {
680                         ttwakeup(tp);
681                         ttyecho(c, tp);
682                         goto endcase;
683                 }
684                 if (TTBREAKC(c, lflag)) {
685                         tp->t_rocount = 0;
686                         catq(&tp->t_rawq, &tp->t_canq);
687                         ttwakeup(tp);
688                 } else if (tp->t_rocount++ == 0)
689                         tp->t_rocol = tp->t_column;
690                 if (ISSET(tp->t_state, TS_ERASE)) {
691                         /*
692                          * end of prterase \.../
693                          */
694                         CLR(tp->t_state, TS_ERASE);
695                         (void)ttyoutput('/', tp);
696                 }
697                 i = tp->t_column;
698                 ttyecho(c, tp);
699                 if (CCEQ(cc[VEOF], c) && ISSET(lflag, ECHO)) {
700                         /*
701                          * Place the cursor over the '^' of the ^D.
702                          */
703                         i = imin(2, tp->t_column - i);
704                         while (i > 0) {
705                                 (void)ttyoutput('\b', tp);
706                                 i--;
707                         }
708                 }
709         }
710 endcase:
711         /*
712          * IXANY means allow any character to restart output.
713          */
714         if (ISSET(tp->t_state, TS_TTSTOP) &&
715             !ISSET(iflag, IXANY) && cc[VSTART] != cc[VSTOP]) {
716                 lwkt_reltoken(&tty_token);
717                 return (0);
718         }
719 restartoutput:
720         CLR(tp->t_lflag, FLUSHO);
721         CLR(tp->t_state, TS_TTSTOP);
722 startoutput:
723         lwkt_reltoken(&tty_token);
724         return (ttstart(tp));
725 }
726
727 /*
728  * Output a single character on a tty, doing output processing
729  * as needed (expanding tabs, newline processing, etc.).
730  * Returns < 0 if succeeds, otherwise returns char to resend.
731  * Must be recursive.
732  */
733 static int
734 ttyoutput(int c, struct tty *tp)
735 {
736         tcflag_t oflag;
737         int col;
738
739         lwkt_gettoken(&tty_token);
740         oflag = tp->t_oflag;
741         if (!ISSET(oflag, OPOST)) {
742                 if (ISSET(tp->t_lflag, FLUSHO)) {
743                         lwkt_reltoken(&tty_token);
744                         return (-1);
745                 }
746                 if (clist_putc(c, &tp->t_outq)) {
747                         lwkt_reltoken(&tty_token);
748                         return (c);
749                 }
750                 tk_nout++;
751                 tp->t_outcc++;
752                 lwkt_reltoken(&tty_token);
753                 return (-1);
754         }
755         /*
756          * Do tab expansion if OXTABS is set.  Special case if we external
757          * processing, we don't do the tab expansion because we'll probably
758          * get it wrong.  If tab expansion needs to be done, let it happen
759          * externally.
760          */
761         CLR(c, ~TTY_CHARMASK);
762         if (c == '\t' &&
763             ISSET(oflag, OXTABS) && !ISSET(tp->t_lflag, EXTPROC)) {
764                 c = 8 - (tp->t_column & 7);
765                 if (!ISSET(tp->t_lflag, FLUSHO)) {
766                         crit_enter();           /* Don't interrupt tabs. */
767                         c -= b_to_q("        ", c, &tp->t_outq);
768                         tk_nout += c;
769                         tp->t_outcc += c;
770                         crit_exit();
771                 }
772                 tp->t_column += c;
773                 lwkt_reltoken(&tty_token);
774                 return (c ? -1 : '\t');
775         }
776         if (c == CEOT && ISSET(oflag, ONOEOT)) {
777                 lwkt_reltoken(&tty_token);
778                 return (-1);
779         }
780
781         /*
782          * Newline translation: if ONLCR is set,
783          * translate newline into "\r\n".
784          */
785         if (c == '\n' && ISSET(tp->t_oflag, ONLCR)) {
786                 tk_nout++;
787                 tp->t_outcc++;
788                 if (!ISSET(tp->t_lflag, FLUSHO) && clist_putc('\r', &tp->t_outq)) {
789                         lwkt_reltoken(&tty_token);
790                         return (c);
791                 }
792         }
793         /* If OCRNL is set, translate "\r" into "\n". */
794         else if (c == '\r' && ISSET(tp->t_oflag, OCRNL))
795                 c = '\n';
796         /* If ONOCR is set, don't transmit CRs when on column 0. */
797         else if (c == '\r' && ISSET(tp->t_oflag, ONOCR) && tp->t_column == 0) {
798                 lwkt_reltoken(&tty_token);
799                 return (-1);
800         }
801
802         tk_nout++;
803         tp->t_outcc++;
804         if (!ISSET(tp->t_lflag, FLUSHO) && clist_putc(c, &tp->t_outq)) {
805                 lwkt_reltoken(&tty_token);
806                 return (c);
807         }
808
809         col = tp->t_column;
810         switch (CCLASS(c)) {
811         case BACKSPACE:
812                 if (col > 0)
813                         --col;
814                 break;
815         case CONTROL:
816                 break;
817         case NEWLINE:
818                 if (ISSET(tp->t_oflag, ONLCR | ONLRET))
819                         col = 0;
820                 break;
821         case RETURN:
822                 col = 0;
823                 break;
824         case ORDINARY:
825                 ++col;
826                 break;
827         case TAB:
828                 col = (col + 8) & ~7;
829                 break;
830         }
831         tp->t_column = col;
832         lwkt_reltoken(&tty_token);
833         return (-1);
834 }
835
836 /*
837  * Ioctls for all tty devices.  Called after line-discipline specific ioctl
838  * has been called to do discipline-specific functions and/or reject any
839  * of these ioctl commands.
840  */
841 /* ARGSUSED */
842 int
843 ttioctl(struct tty *tp, u_long cmd, void *data, int flag)
844 {
845         struct thread *td = curthread;
846         struct lwp *lp = td->td_lwp;
847         struct proc *p = td->td_proc;
848         struct tty *otp;
849         int error;
850
851         KKASSERT(p);
852         lwkt_gettoken(&tty_token);
853         lwkt_gettoken(&proc_token);
854
855         /* If the ioctl involves modification, hang if in the background. */
856         switch (cmd) {
857         case  TIOCCBRK:
858         case  TIOCCONS:
859         case  TIOCDRAIN:
860         case  TIOCEXCL:
861         case  TIOCFLUSH:
862 #ifdef TIOCHPCL
863         case  TIOCHPCL:
864 #endif
865         case  TIOCNXCL:
866         case  TIOCSBRK:
867         case  TIOCSCTTY:
868         case  TIOCSDRAINWAIT:
869         case  TIOCSETA:
870         case  TIOCSETAF:
871         case  TIOCSETAW:
872         case  TIOCSETD:
873         case  TIOCSPGRP:
874         case  TIOCSTART:
875         case  TIOCSTAT:
876         case  TIOCSTI:
877         case  TIOCSTOP:
878         case  TIOCSWINSZ:
879 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
880         case  TIOCLBIC:
881         case  TIOCLBIS:
882         case  TIOCLSET:
883         case  TIOCSETC:
884         case OTIOCSETD:
885         case  TIOCSETN:
886         case  TIOCSETP:
887         case  TIOCSLTC:
888 #endif
889                 while (isbackground(p, tp) && !(p->p_flag & P_PPWAIT) &&
890                     !SIGISMEMBER(p->p_sigignore, SIGTTOU) &&
891                     !SIGISMEMBER(lp->lwp_sigmask, SIGTTOU)) {
892                         if (p->p_pgrp->pg_jobc == 0) {
893                                 lwkt_reltoken(&proc_token);
894                                 lwkt_reltoken(&tty_token);
895                                 return (EIO);
896                         }
897                         pgsignal(p->p_pgrp, SIGTTOU, 1);
898                         error = ttysleep(tp, &lbolt, PCATCH, "ttybg1",
899                                          0);
900                         if (error) {
901                                 lwkt_reltoken(&proc_token);
902                                 lwkt_reltoken(&tty_token);
903                                 return (error);
904                         }
905                 }
906                 break;
907         }
908
909         switch (cmd) {                  /* Process the ioctl. */
910         case FIOASYNC:                  /* set/clear async i/o */
911                 crit_enter();
912                 if (*(int *)data)
913                         SET(tp->t_state, TS_ASYNC);
914                 else
915                         CLR(tp->t_state, TS_ASYNC);
916                 crit_exit();
917                 break;
918         case FIONREAD:                  /* get # bytes to read */
919                 crit_enter();
920                 *(int *)data = ttnread(tp);
921                 crit_exit();
922                 break;
923
924         case FIOSETOWN:
925                 /*
926                  * Policy -- Don't allow FIOSETOWN on someone else's 
927                  *           controlling tty
928                  */
929                 if (tp->t_session != NULL && !isctty(p, tp)) {
930                         lwkt_reltoken(&proc_token);
931                         lwkt_reltoken(&tty_token);
932                         return (ENOTTY);
933                 }
934
935                 error = fsetown(*(int *)data, &tp->t_sigio);
936                 if (error) {
937                         lwkt_reltoken(&proc_token);
938                         lwkt_reltoken(&tty_token);
939                         return (error);
940                 }
941                 break;
942         case FIOGETOWN:
943                 if (tp->t_session != NULL && !isctty(p, tp)) {
944                         lwkt_reltoken(&proc_token);
945                         lwkt_reltoken(&tty_token);
946                         return (ENOTTY);
947                 }
948                 *(int *)data = fgetown(tp->t_sigio);
949                 break;
950
951         case TIOCEXCL:                  /* set exclusive use of tty */
952                 crit_enter();
953                 SET(tp->t_state, TS_XCLUDE);
954                 crit_exit();
955                 break;
956         case TIOCFLUSH: {               /* flush buffers */
957                 int flags = *(int *)data;
958
959                 if (flags == 0)
960                         flags = FREAD | FWRITE;
961                 else
962                         flags &= FREAD | FWRITE;
963                 ttyflush(tp, flags);
964                 break;
965         }
966         case TIOCCONS:                  /* become virtual console */
967                 if (*(int *)data) {
968                         if (constty && constty != tp &&
969                             ISSET(constty->t_state, TS_CONNECTED)) {
970                                 lwkt_reltoken(&proc_token);
971                                 lwkt_reltoken(&tty_token);
972                                 return (EBUSY);
973                         }
974 #ifndef UCONSOLE
975                         if ((error = priv_check(td, PRIV_ROOT)) != 0) {
976                                 lwkt_reltoken(&proc_token);
977                                 lwkt_reltoken(&tty_token);
978                                 return (error);
979                         }
980 #endif
981                         constty = tp;
982                 } else if (tp == constty)
983                         constty = NULL;
984                 break;
985         case TIOCDRAIN:                 /* wait till output drained */
986                 error = ttywait(tp);
987                 if (error) {
988                         lwkt_reltoken(&proc_token);
989                         lwkt_reltoken(&tty_token);
990                         return (error);
991                 }
992                 break;
993         case TIOCGETA: {                /* get termios struct */
994                 struct termios *t = (struct termios *)data;
995
996                 bcopy(&tp->t_termios, t, sizeof(struct termios));
997                 break;
998         }
999         case TIOCGETD:                  /* get line discipline */
1000                 *(int *)data = tp->t_line;
1001                 break;
1002         case TIOCGWINSZ:                /* get window size */
1003                 *(struct winsize *)data = tp->t_winsize;
1004                 break;
1005         case TIOCGPGRP:                 /* get pgrp of tty */
1006                 if (!isctty(p, tp)) {
1007                         lwkt_reltoken(&proc_token);
1008                         lwkt_reltoken(&tty_token);
1009                         return (ENOTTY);
1010                 }
1011                 *(int *)data = tp->t_pgrp ? tp->t_pgrp->pg_id : NO_PID;
1012                 break;
1013         case TIOCGSID:                  /* get sid of tty */
1014                 if (!isctty(p, tp)) {
1015                         lwkt_reltoken(&proc_token);
1016                         lwkt_reltoken(&tty_token);
1017                         return (ENOTTY);
1018                 }
1019                 *(int *)data = tp->t_session->s_sid;
1020                 break;
1021 #ifdef TIOCHPCL
1022         case TIOCHPCL:                  /* hang up on last close */
1023                 crit_enter();
1024                 SET(tp->t_cflag, HUPCL);
1025                 crit_exit();
1026                 break;
1027 #endif
1028         case TIOCNXCL:                  /* reset exclusive use of tty */
1029                 crit_enter();
1030                 CLR(tp->t_state, TS_XCLUDE);
1031                 crit_exit();
1032                 break;
1033         case TIOCOUTQ:                  /* output queue size */
1034                 *(int *)data = tp->t_outq.c_cc;
1035                 break;
1036         case TIOCSETA:                  /* set termios struct */
1037         case TIOCSETAW:                 /* drain output, set */
1038         case TIOCSETAF: {               /* drn out, fls in, set */
1039                 struct termios *t = (struct termios *)data;
1040
1041                 if (t->c_ispeed == 0)
1042                         t->c_ispeed = t->c_ospeed;
1043                 if (t->c_ispeed == 0)
1044                         t->c_ispeed = tp->t_ospeed;
1045                 if (t->c_ispeed == 0) {
1046                         lwkt_reltoken(&proc_token);
1047                         lwkt_reltoken(&tty_token);
1048                         return (EINVAL);
1049                 }
1050                 crit_enter();
1051                 if (cmd == TIOCSETAW || cmd == TIOCSETAF) {
1052                         error = ttywait(tp);
1053                         if (error) {
1054                                 crit_exit();
1055                                 lwkt_reltoken(&proc_token);
1056                                 lwkt_reltoken(&tty_token);
1057                                 return (error);
1058                         }
1059                         if (cmd == TIOCSETAF)
1060                                 ttyflush(tp, FREAD);
1061                 }
1062                 if (!ISSET(t->c_cflag, CIGNORE)) {
1063                         /*
1064                          * Set device hardware.
1065                          */
1066                         if (tp->t_param && (error = (*tp->t_param)(tp, t))) {
1067                                 crit_exit();
1068                                 lwkt_reltoken(&proc_token);
1069                                 lwkt_reltoken(&tty_token);
1070                                 return (error);
1071                         }
1072                         if (ISSET(t->c_cflag, CLOCAL) &&
1073                             !ISSET(tp->t_cflag, CLOCAL)) {
1074                                 /*
1075                                  * XXX disconnections would be too hard to
1076                                  * get rid of without this kludge.  The only
1077                                  * way to get rid of controlling terminals
1078                                  * is to exit from the session leader.
1079                                  */
1080                                 CLR(tp->t_state, TS_ZOMBIE);
1081
1082                                 wakeup(TSA_CARR_ON(tp));
1083                                 ttwakeup(tp);
1084                                 ttwwakeup(tp);
1085                         }
1086                         if ((ISSET(tp->t_state, TS_CARR_ON) ||
1087                              ISSET(t->c_cflag, CLOCAL)) &&
1088                             !ISSET(tp->t_state, TS_ZOMBIE))
1089                                 SET(tp->t_state, TS_CONNECTED);
1090                         else
1091                                 CLR(tp->t_state, TS_CONNECTED);
1092                         tp->t_cflag = t->c_cflag;
1093                         tp->t_ispeed = t->c_ispeed;
1094                         if (t->c_ospeed != 0)
1095                                 tp->t_ospeed = t->c_ospeed;
1096                         ttsetwater(tp);
1097                 }
1098                 if (ISSET(t->c_lflag, ICANON) != ISSET(tp->t_lflag, ICANON) &&
1099                     cmd != TIOCSETAF) {
1100                         if (ISSET(t->c_lflag, ICANON))
1101                                 SET(tp->t_lflag, PENDIN);
1102                         else {
1103                                 /*
1104                                  * XXX we really shouldn't allow toggling
1105                                  * ICANON while we're in a non-termios line
1106                                  * discipline.  Now we have to worry about
1107                                  * panicing for a null queue.
1108                                  */
1109                                 if (tp->t_canq.c_cbreserved > 0 &&
1110                                     tp->t_rawq.c_cbreserved > 0) {
1111                                         catq(&tp->t_rawq, &tp->t_canq);
1112                                         /*
1113                                          * XXX the queue limits may be
1114                                          * different, so the old queue
1115                                          * swapping method no longer works.
1116                                          */
1117                                         catq(&tp->t_canq, &tp->t_rawq);
1118                                 }
1119                                 CLR(tp->t_lflag, PENDIN);
1120                         }
1121                         ttwakeup(tp);
1122                 }
1123                 tp->t_iflag = t->c_iflag;
1124                 tp->t_oflag = t->c_oflag;
1125                 /*
1126                  * Make the EXTPROC bit read only.
1127                  */
1128                 if (ISSET(tp->t_lflag, EXTPROC))
1129                         SET(t->c_lflag, EXTPROC);
1130                 else
1131                         CLR(t->c_lflag, EXTPROC);
1132                 tp->t_lflag = t->c_lflag | ISSET(tp->t_lflag, PENDIN);
1133                 if (t->c_cc[VMIN] != tp->t_cc[VMIN] ||
1134                     t->c_cc[VTIME] != tp->t_cc[VTIME])
1135                         ttwakeup(tp);
1136                 bcopy(t->c_cc, tp->t_cc, sizeof(t->c_cc));
1137                 crit_exit();
1138                 break;
1139         }
1140         case TIOCSETD: {                /* set line discipline */
1141                 int t = *(int *)data;
1142                 cdev_t device = tp->t_dev;
1143
1144                 if ((u_int)t >= nlinesw) {
1145                         lwkt_reltoken(&proc_token);
1146                         lwkt_reltoken(&tty_token);
1147                         return (ENXIO);
1148                 }
1149                 if (t != tp->t_line) {
1150                         crit_enter();
1151                         (*linesw[tp->t_line].l_close)(tp, flag);
1152                         error = (*linesw[t].l_open)(device, tp);
1153                         if (error) {
1154                                 (void)(*linesw[tp->t_line].l_open)(device, tp);
1155                                 crit_exit();
1156                                 lwkt_reltoken(&proc_token);
1157                                 lwkt_reltoken(&tty_token);
1158                                 return (error);
1159                         }
1160                         tp->t_line = t;
1161                         crit_exit();
1162                 }
1163                 break;
1164         }
1165         case TIOCSTART:                 /* start output, like ^Q */
1166                 crit_enter();
1167                 if (ISSET(tp->t_state, TS_TTSTOP) ||
1168                     ISSET(tp->t_lflag, FLUSHO)) {
1169                         CLR(tp->t_lflag, FLUSHO);
1170                         CLR(tp->t_state, TS_TTSTOP);
1171                         ttstart(tp);
1172                 }
1173                 crit_exit();
1174                 break;
1175         case TIOCSTI:                   /* simulate terminal input */
1176                 if ((flag & FREAD) == 0 && priv_check(td, PRIV_ROOT)) {
1177                         lwkt_reltoken(&proc_token);
1178                         lwkt_reltoken(&tty_token);
1179                         return (EPERM);
1180                 }
1181                 if (!isctty(p, tp) && priv_check(td, PRIV_ROOT)) {
1182                         lwkt_reltoken(&proc_token);
1183                         lwkt_reltoken(&tty_token);
1184                         return (EACCES);
1185                 }
1186                 crit_enter();
1187                 (*linesw[tp->t_line].l_rint)(*(u_char *)data, tp);
1188                 crit_exit();
1189                 break;
1190         case TIOCSTOP:                  /* stop output, like ^S */
1191                 crit_enter();
1192                 if (!ISSET(tp->t_state, TS_TTSTOP)) {
1193                         SET(tp->t_state, TS_TTSTOP);
1194                         (*tp->t_stop)(tp, 0);
1195                 }
1196                 crit_exit();
1197                 break;
1198         case TIOCSCTTY:                 /* become controlling tty */
1199                 /* Session ctty vnode pointer set in vnode layer. */
1200                 if (!SESS_LEADER(p) ||
1201                     ((p->p_session->s_ttyvp || tp->t_session) &&
1202                     (tp->t_session != p->p_session))) {
1203                         lwkt_reltoken(&proc_token);
1204                         lwkt_reltoken(&tty_token);
1205                         return (EPERM);
1206                 }
1207                 ttyhold(tp);
1208                 tp->t_session = p->p_session;
1209                 tp->t_pgrp = p->p_pgrp;
1210                 otp = p->p_session->s_ttyp;
1211                 p->p_session->s_ttyp = tp;
1212                 if (otp)
1213                         ttyunhold(otp);
1214                 p->p_flag |= P_CONTROLT;
1215                 break;
1216         case TIOCSPGRP: {               /* set pgrp of tty */
1217                 pid_t pgid = *(int *)data;
1218
1219                 if (!isctty(p, tp)) {
1220                         lwkt_reltoken(&proc_token);
1221                         lwkt_reltoken(&tty_token);
1222                         return (ENOTTY);
1223                 }
1224                 else if (pgid < 1 || pgid > PID_MAX) {
1225                         lwkt_reltoken(&proc_token);
1226                         lwkt_reltoken(&tty_token);
1227                         return (EINVAL);
1228                 } else {
1229                         struct pgrp *pgrp = pgfind(pgid);
1230                         if (pgrp == NULL || pgrp->pg_session != p->p_session) {
1231                                 lwkt_reltoken(&proc_token);
1232                                 lwkt_reltoken(&tty_token);
1233                                 return (EPERM);
1234                         }
1235
1236                         tp->t_pgrp = pgrp;
1237                 }
1238                 break;
1239         }
1240         case TIOCSTAT:                  /* simulate control-T */
1241                 crit_enter();
1242                 ttyinfo(tp);
1243                 crit_exit();
1244                 break;
1245         case TIOCSWINSZ:                /* set window size */
1246                 if (bcmp((caddr_t)&tp->t_winsize, data,
1247                     sizeof (struct winsize))) {
1248                         tp->t_winsize = *(struct winsize *)data;
1249                         pgsignal(tp->t_pgrp, SIGWINCH, 1);
1250                 }
1251                 break;
1252         case TIOCSDRAINWAIT:
1253                 error = priv_check(td, PRIV_ROOT);
1254                 if (error) {
1255                         lwkt_reltoken(&proc_token);
1256                         lwkt_reltoken(&tty_token);
1257                         return (error);
1258                 }
1259                 tp->t_timeout = *(int *)data * hz;
1260                 wakeup(TSA_OCOMPLETE(tp));
1261                 wakeup(TSA_OLOWAT(tp));
1262                 break;
1263         case TIOCGDRAINWAIT:
1264                 *(int *)data = tp->t_timeout / hz;
1265                 break;
1266         default:
1267 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
1268                 lwkt_reltoken(&proc_token);
1269                 lwkt_reltoken(&tty_token);
1270                 return (ttcompat(tp, cmd, data, flag));
1271 #else
1272                 lwkt_reltoken(&proc_token);
1273                 lwkt_reltoken(&tty_token);
1274                 return (ENOIOCTL);
1275 #endif
1276         }
1277         lwkt_reltoken(&proc_token);
1278         lwkt_reltoken(&tty_token);
1279         return (0);
1280 }
1281
1282 static struct filterops ttyread_filtops =
1283         { FILTEROP_ISFD, NULL, filt_ttyrdetach, filt_ttyread };
1284 static struct filterops ttywrite_filtops =
1285         { FILTEROP_ISFD, NULL, filt_ttywdetach, filt_ttywrite };
1286
1287 int
1288 ttykqfilter(struct dev_kqfilter_args *ap)
1289 {
1290         cdev_t dev = ap->a_head.a_dev;
1291         struct knote *kn = ap->a_kn;
1292         struct tty *tp = dev->si_tty;
1293         struct klist *klist;
1294
1295         ap->a_result = 0;
1296
1297         lwkt_gettoken(&tty_token);
1298         switch (kn->kn_filter) {
1299         case EVFILT_READ:
1300                 klist = &tp->t_rkq.ki_note;
1301                 kn->kn_fop = &ttyread_filtops;
1302                 break;
1303         case EVFILT_WRITE:
1304                 klist = &tp->t_wkq.ki_note;
1305                 kn->kn_fop = &ttywrite_filtops;
1306                 break;
1307         default:
1308                 ap->a_result = EOPNOTSUPP;
1309                 lwkt_reltoken(&tty_token);
1310                 return (0);
1311         }
1312         lwkt_reltoken(&tty_token);
1313         kn->kn_hook = (caddr_t)dev;
1314         knote_insert(klist, kn);
1315
1316         return (0);
1317 }
1318
1319 static void
1320 filt_ttyrdetach(struct knote *kn)
1321 {
1322         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1323
1324         lwkt_gettoken(&tty_token);
1325         knote_remove(&tp->t_rkq.ki_note, kn);
1326         lwkt_reltoken(&tty_token);
1327 }
1328
1329 static int
1330 filt_ttyread(struct knote *kn, long hint)
1331 {
1332         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1333
1334         lwkt_gettoken(&tty_token);
1335         kn->kn_data = ttnread(tp);
1336         if (ISSET(tp->t_state, TS_ZOMBIE)) {
1337                 kn->kn_flags |= EV_EOF;
1338                 lwkt_reltoken(&tty_token);
1339                 return (1);
1340         }
1341         lwkt_reltoken(&tty_token);
1342         return (kn->kn_data > 0);
1343 }
1344
1345 static void
1346 filt_ttywdetach(struct knote *kn)
1347 {
1348         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1349
1350         lwkt_gettoken(&tty_token);
1351         knote_remove(&tp->t_wkq.ki_note, kn);
1352         lwkt_reltoken(&tty_token);
1353 }
1354
1355 static int
1356 filt_ttywrite(struct knote *kn, long hint)
1357 {
1358         struct tty *tp = ((cdev_t)kn->kn_hook)->si_tty;
1359         int ret;
1360
1361         lwkt_gettoken(&tty_token);
1362         kn->kn_data = tp->t_outq.c_cc;
1363         if (ISSET(tp->t_state, TS_ZOMBIE)) {
1364                 lwkt_reltoken(&tty_token);
1365                 return (1);
1366         }
1367         ret = (kn->kn_data <= tp->t_olowat &&
1368             ISSET(tp->t_state, TS_CONNECTED));
1369         lwkt_reltoken(&tty_token);
1370         return ret;
1371 }
1372
1373 /*
1374  * Must be called while in a critical section.
1375  * NOTE: tty_token must be held.
1376  */
1377 static int
1378 ttnread(struct tty *tp)
1379 {
1380         int nread;
1381
1382         ASSERT_LWKT_TOKEN_HELD(&tty_token);
1383         if (ISSET(tp->t_lflag, PENDIN))
1384                 ttypend(tp);
1385         nread = tp->t_canq.c_cc;
1386         if (!ISSET(tp->t_lflag, ICANON)) {
1387                 nread += tp->t_rawq.c_cc;
1388                 if (nread < tp->t_cc[VMIN] && tp->t_cc[VTIME] == 0)
1389                         nread = 0;
1390         }
1391         return (nread);
1392 }
1393
1394 /*
1395  * Wait for output to drain.
1396  */
1397 int
1398 ttywait(struct tty *tp)
1399 {
1400         int error;
1401
1402         error = 0;
1403         crit_enter();
1404         lwkt_gettoken(&tty_token);
1405         while ((tp->t_outq.c_cc || ISSET(tp->t_state, TS_BUSY)) &&
1406                ISSET(tp->t_state, TS_CONNECTED) && tp->t_oproc) {
1407                 (*tp->t_oproc)(tp);
1408                 if ((tp->t_outq.c_cc || ISSET(tp->t_state, TS_BUSY)) &&
1409                     ISSET(tp->t_state, TS_CONNECTED)) {
1410                         SET(tp->t_state, TS_SO_OCOMPLETE);
1411                         error = ttysleep(tp, TSA_OCOMPLETE(tp),
1412                                          PCATCH, "ttywai",
1413                                          tp->t_timeout);
1414                         if (error) {
1415                                 if (error == EWOULDBLOCK)
1416                                         error = EIO;
1417                                 break;
1418                         }
1419                 } else
1420                         break;
1421         }
1422         if (!error && (tp->t_outq.c_cc || ISSET(tp->t_state, TS_BUSY)))
1423                 error = EIO;
1424         lwkt_reltoken(&tty_token);
1425         crit_exit();
1426         return (error);
1427 }
1428
1429 /*
1430  * Flush if successfully wait.
1431  */
1432 static int
1433 ttywflush(struct tty *tp)
1434 {
1435         int error;
1436
1437         if ((error = ttywait(tp)) == 0)
1438                 ttyflush(tp, FREAD);
1439         return (error);
1440 }
1441
1442 /*
1443  * Flush tty read and/or write queues, notifying anyone waiting.
1444  */
1445 void
1446 ttyflush(struct tty *tp, int rw)
1447 {
1448         crit_enter();
1449         lwkt_gettoken(&tty_token);
1450 #if 0
1451 again:
1452 #endif
1453         if (rw & FWRITE) {
1454                 FLUSHQ(&tp->t_outq);
1455                 CLR(tp->t_state, TS_TTSTOP);
1456         }
1457         (*tp->t_stop)(tp, rw);
1458         if (rw & FREAD) {
1459                 FLUSHQ(&tp->t_canq);
1460                 FLUSHQ(&tp->t_rawq);
1461                 CLR(tp->t_lflag, PENDIN);
1462                 tp->t_rocount = 0;
1463                 tp->t_rocol = 0;
1464                 CLR(tp->t_state, TS_LOCAL);
1465                 ttwakeup(tp);
1466                 if (ISSET(tp->t_state, TS_TBLOCK)) {
1467                         if (rw & FWRITE)
1468                                 FLUSHQ(&tp->t_outq);
1469                         ttyunblock(tp);
1470
1471                         /*
1472                          * Don't let leave any state that might clobber the
1473                          * next line discipline (although we should do more
1474                          * to send the START char).  Not clearing the state
1475                          * may have caused the "putc to a clist with no
1476                          * reserved cblocks" panic/kprintf.
1477                          */
1478                         CLR(tp->t_state, TS_TBLOCK);
1479
1480 #if 0 /* forget it, sleeping isn't always safe and we don't know when it is */
1481                         if (ISSET(tp->t_iflag, IXOFF)) {
1482                                 /*
1483                                  * XXX wait a bit in the hope that the stop
1484                                  * character (if any) will go out.  Waiting
1485                                  * isn't good since it allows races.  This
1486                                  * will be fixed when the stop character is
1487                                  * put in a special queue.  Don't bother with
1488                                  * the checks in ttywait() since the timeout
1489                                  * will save us.
1490                                  */
1491                                 SET(tp->t_state, TS_SO_OCOMPLETE);
1492                                 ttysleep(tp, TSA_OCOMPLETE(tp), 0,
1493                                          "ttyfls", hz / 10);
1494                                 /*
1495                                  * Don't try sending the stop character again.
1496                                  */
1497                                 CLR(tp->t_state, TS_TBLOCK);
1498                                 goto again;
1499                         }
1500 #endif
1501                 }
1502         }
1503         if (rw & FWRITE) {
1504                 FLUSHQ(&tp->t_outq);
1505                 ttwwakeup(tp);
1506         }
1507         lwkt_reltoken(&tty_token);
1508         crit_exit();
1509 }
1510
1511 /*
1512  * Copy in the default termios characters.
1513  */
1514 void
1515 termioschars(struct termios *t)
1516 {
1517         lwkt_gettoken(&tty_token);
1518         bcopy(ttydefchars, t->c_cc, sizeof t->c_cc);
1519         lwkt_reltoken(&tty_token);
1520 }
1521
1522 /*
1523  * Old interface.
1524  */
1525 void
1526 ttychars(struct tty *tp)
1527 {
1528         lwkt_gettoken(&tty_token);
1529         termioschars(&tp->t_termios);
1530         lwkt_reltoken(&tty_token);
1531 }
1532
1533 /*
1534  * Handle input high water.  Send stop character for the IXOFF case.  Turn
1535  * on our input flow control bit and propagate the changes to the driver.
1536  * XXX the stop character should be put in a special high priority queue.
1537  */
1538 void
1539 ttyblock(struct tty *tp)
1540 {
1541         lwkt_gettoken(&tty_token);
1542         SET(tp->t_state, TS_TBLOCK);
1543         if (ISSET(tp->t_iflag, IXOFF) && tp->t_cc[VSTOP] != _POSIX_VDISABLE &&
1544             clist_putc(tp->t_cc[VSTOP], &tp->t_outq) != 0)
1545                 CLR(tp->t_state, TS_TBLOCK);    /* try again later */
1546         ttstart(tp);
1547         lwkt_reltoken(&tty_token);
1548 }
1549
1550 /*
1551  * Handle input low water.  Send start character for the IXOFF case.  Turn
1552  * off our input flow control bit and propagate the changes to the driver.
1553  * XXX the start character should be put in a special high priority queue.
1554  */
1555 static void
1556 ttyunblock(struct tty *tp)
1557 {
1558         lwkt_gettoken(&tty_token);
1559         CLR(tp->t_state, TS_TBLOCK);
1560         if (ISSET(tp->t_iflag, IXOFF) && tp->t_cc[VSTART] != _POSIX_VDISABLE &&
1561             clist_putc(tp->t_cc[VSTART], &tp->t_outq) != 0)
1562                 SET(tp->t_state, TS_TBLOCK);    /* try again later */
1563         ttstart(tp);
1564         lwkt_reltoken(&tty_token);
1565 }
1566
1567 #ifdef notyet
1568 /* Not used by any current (i386) drivers. */
1569 /*
1570  * Restart after an inter-char delay.
1571  */
1572 void
1573 ttrstrt(void *tp_arg)
1574 {
1575         struct tty *tp;
1576
1577         KASSERT(tp_arg != NULL, ("ttrstrt"));
1578
1579         tp = tp_arg;
1580         crit_enter();
1581         lwkt_gettoken(&tty_token);
1582         CLR(tp->t_state, TS_TIMEOUT);
1583         ttstart(tp);
1584         lwkt_reltoken(&tty_token);
1585         crit_exit();
1586 }
1587 #endif
1588
1589 int
1590 ttstart(struct tty *tp)
1591 {
1592         lwkt_gettoken(&tty_token);
1593         if (tp->t_oproc != NULL)        /* XXX: Kludge for pty. */
1594                 (*tp->t_oproc)(tp);
1595         lwkt_reltoken(&tty_token);
1596         return (0);
1597 }
1598
1599 /*
1600  * "close" a line discipline
1601  */
1602 int
1603 ttylclose(struct tty *tp, int flag)
1604 {
1605         lwkt_gettoken(&tty_token);
1606         if (flag & FNONBLOCK || ttywflush(tp))
1607                 ttyflush(tp, FREAD | FWRITE);
1608         lwkt_reltoken(&tty_token);
1609         return (0);
1610 }
1611
1612 void
1613 ttyhold(struct tty *tp)
1614 {
1615         ++tp->t_refs;
1616 }
1617
1618 void
1619 ttyunhold(struct tty *tp)
1620 {
1621         if (tp->t_unhold)
1622                 tp->t_unhold(tp);
1623         else
1624                 --tp->t_refs;
1625 }
1626
1627 /*
1628  * Handle modem control transition on a tty.
1629  * Flag indicates new state of carrier.
1630  * Returns 0 if the line should be turned off, otherwise 1.
1631  */
1632 int
1633 ttymodem(struct tty *tp, int flag)
1634 {
1635         lwkt_gettoken(&tty_token);
1636         if (ISSET(tp->t_state, TS_CARR_ON) && ISSET(tp->t_cflag, MDMBUF)) {
1637                 /*
1638                  * MDMBUF: do flow control according to carrier flag
1639                  * XXX TS_CAR_OFLOW doesn't do anything yet.  TS_TTSTOP
1640                  * works if IXON and IXANY are clear.
1641                  */
1642                 if (flag) {
1643                         CLR(tp->t_state, TS_CAR_OFLOW);
1644                         CLR(tp->t_state, TS_TTSTOP);
1645                         ttstart(tp);
1646                 } else if (!ISSET(tp->t_state, TS_CAR_OFLOW)) {
1647                         SET(tp->t_state, TS_CAR_OFLOW);
1648                         SET(tp->t_state, TS_TTSTOP);
1649                         (*tp->t_stop)(tp, 0);
1650                 }
1651         } else if (flag == 0) {
1652                 /*
1653                  * Lost carrier.
1654                  */
1655                 CLR(tp->t_state, TS_CARR_ON);
1656                 if (ISSET(tp->t_state, TS_ISOPEN) &&
1657                     !ISSET(tp->t_cflag, CLOCAL)) {
1658                         SET(tp->t_state, TS_ZOMBIE);
1659                         CLR(tp->t_state, TS_CONNECTED);
1660                         if (tp->t_session && tp->t_session->s_leader)
1661                                 ksignal(tp->t_session->s_leader, SIGHUP);
1662                         ttyflush(tp, FREAD | FWRITE);
1663                         lwkt_reltoken(&tty_token);
1664                         return (0);
1665                 }
1666         } else {
1667                 /*
1668                  * Carrier now on.
1669                  */
1670                 SET(tp->t_state, TS_CARR_ON);
1671                 if (!ISSET(tp->t_state, TS_ZOMBIE))
1672                         SET(tp->t_state, TS_CONNECTED);
1673                 wakeup(TSA_CARR_ON(tp));
1674                 ttwakeup(tp);
1675                 ttwwakeup(tp);
1676         }
1677         lwkt_reltoken(&tty_token);
1678         return (1);
1679 }
1680
1681 /*
1682  * Reinput pending characters after state switch
1683  * call from a critical section.
1684  */
1685 static void
1686 ttypend(struct tty *tp)
1687 {
1688         struct clist tq;
1689         int c;
1690
1691         lwkt_gettoken(&tty_token);
1692         CLR(tp->t_lflag, PENDIN);
1693         SET(tp->t_state, TS_TYPEN);
1694         /*
1695          * XXX this assumes too much about clist internals.  It may even
1696          * fail if the cblock slush pool is empty.  We can't allocate more
1697          * cblocks here because we are called from an interrupt handler
1698          * and clist_alloc_cblocks() can wait.
1699          */
1700         tq = tp->t_rawq;
1701         bzero(&tp->t_rawq, sizeof tp->t_rawq);
1702         tp->t_rawq.c_cbmax = tq.c_cbmax;
1703         tp->t_rawq.c_cbreserved = tq.c_cbreserved;
1704         while ((c = clist_getc(&tq)) >= 0)
1705                 ttyinput(c, tp);
1706         CLR(tp->t_state, TS_TYPEN);
1707         lwkt_reltoken(&tty_token);
1708 }
1709
1710 /*
1711  * Process a read call on a tty device.
1712  */
1713 int
1714 ttread(struct tty *tp, struct uio *uio, int flag)
1715 {
1716         struct clist *qp;
1717         int c;
1718         tcflag_t lflag;
1719         cc_t *cc = tp->t_cc;
1720         struct proc *pp;
1721         struct lwp *lp;
1722         int first, error = 0;
1723         int has_stime = 0, last_cc = 0;
1724         long slp = 0;           /* XXX this should be renamed `timo'. */
1725         struct timeval stime;
1726
1727         lp = curthread->td_lwp;
1728         stime.tv_sec = 0;       /* fix compiler warnings */
1729         stime.tv_usec = 0;
1730
1731         lwkt_gettoken(&tty_token);
1732 loop:
1733         crit_enter();
1734         lflag = tp->t_lflag;
1735         /*
1736          * take pending input first
1737          */
1738         if (ISSET(lflag, PENDIN)) {
1739                 ttypend(tp);
1740                 splz();         /* reduce latency */
1741                 lflag = tp->t_lflag;    /* XXX ttypend() clobbers it */
1742         }
1743
1744         /*
1745          * Hang process if it's in the background.
1746          */
1747         lwkt_gettoken(&proc_token);
1748         if ((pp = curproc) && isbackground(pp, tp)) {
1749                 crit_exit();
1750                 if (SIGISMEMBER(pp->p_sigignore, SIGTTIN) ||
1751                     SIGISMEMBER(lp->lwp_sigmask, SIGTTIN) ||
1752                     (pp->p_flag & P_PPWAIT) || pp->p_pgrp->pg_jobc == 0) {
1753                         lwkt_reltoken(&proc_token);
1754                         lwkt_reltoken(&tty_token);
1755                         return (EIO);
1756                 }
1757                 pgsignal(pp->p_pgrp, SIGTTIN, 1);
1758                 error = ttysleep(tp, &lbolt, PCATCH, "ttybg2", 0);
1759                 if (error) {
1760                         lwkt_reltoken(&proc_token);
1761                         lwkt_reltoken(&tty_token);
1762                         return (error);
1763                 }
1764                 lwkt_reltoken(&proc_token);
1765                 goto loop;
1766         }
1767         lwkt_reltoken(&proc_token);
1768
1769         if (ISSET(tp->t_state, TS_ZOMBIE)) {
1770                 crit_exit();
1771                 lwkt_reltoken(&tty_token);
1772                 return (0);     /* EOF */
1773         }
1774
1775         /*
1776          * If canonical, use the canonical queue,
1777          * else use the raw queue.
1778          *
1779          * (should get rid of clists...)
1780          */
1781         qp = ISSET(lflag, ICANON) ? &tp->t_canq : &tp->t_rawq;
1782
1783         if (flag & IO_NDELAY) {
1784                 if (qp->c_cc > 0)
1785                         goto read;
1786                 if (!ISSET(lflag, ICANON) && cc[VMIN] == 0) {
1787                         crit_exit();
1788                         lwkt_reltoken(&tty_token);
1789                         return (0);
1790                 }
1791                 crit_exit();
1792                 lwkt_reltoken(&tty_token);
1793                 return (EWOULDBLOCK);
1794         }
1795         if (!ISSET(lflag, ICANON)) {
1796                 int m = cc[VMIN];
1797                 long t = cc[VTIME];
1798                 struct timeval timecopy;
1799
1800                 /*
1801                  * Check each of the four combinations.
1802                  * (m > 0 && t == 0) is the normal read case.
1803                  * It should be fairly efficient, so we check that and its
1804                  * companion case (m == 0 && t == 0) first.
1805                  * For the other two cases, we compute the target sleep time
1806                  * into slp.
1807                  */
1808                 if (t == 0) {
1809                         if (qp->c_cc < m)
1810                                 goto sleep;
1811                         if (qp->c_cc > 0)
1812                                 goto read;
1813
1814                         /* m, t and qp->c_cc are all 0.  0 is enough input. */
1815                         crit_exit();
1816                         lwkt_reltoken(&tty_token);
1817                         return (0);
1818                 }
1819                 t *= 100000;            /* time in us */
1820 #define diff(t1, t2) (((t1).tv_sec - (t2).tv_sec) * 1000000 + \
1821                          ((t1).tv_usec - (t2).tv_usec))
1822                 if (m > 0) {
1823                         if (qp->c_cc <= 0)
1824                                 goto sleep;
1825                         if (qp->c_cc >= m)
1826                                 goto read;
1827                         getmicrotime(&timecopy);
1828                         if (has_stime == 0) {
1829                                 /* first character, start timer */
1830                                 has_stime = 1;
1831                                 stime = timecopy;
1832                                 slp = t;
1833                         } else if (qp->c_cc > last_cc) {
1834                                 /* got a character, restart timer */
1835                                 stime = timecopy;
1836                                 slp = t;
1837                         } else {
1838                                 /* nothing, check expiration */
1839                                 slp = t - diff(timecopy, stime);
1840                                 if (slp <= 0)
1841                                         goto read;
1842                         }
1843                         last_cc = qp->c_cc;
1844                 } else {        /* m == 0 */
1845                         if (qp->c_cc > 0)
1846                                 goto read;
1847                         getmicrotime(&timecopy);
1848                         if (has_stime == 0) {
1849                                 has_stime = 1;
1850                                 stime = timecopy;
1851                                 slp = t;
1852                         } else {
1853                                 slp = t - diff(timecopy, stime);
1854                                 if (slp <= 0) {
1855                                         /* Timed out, but 0 is enough input. */
1856                                         crit_exit();
1857                                         lwkt_reltoken(&tty_token);
1858                                         return (0);
1859                                 }
1860                         }
1861                 }
1862 #undef diff
1863                 /*
1864                  * Rounding down may make us wake up just short
1865                  * of the target, so we round up.
1866                  * The formula is ceiling(slp * hz/1000000).
1867                  * 32-bit arithmetic is enough for hz < 169.
1868                  * XXX see tvtohz() for how to avoid overflow if hz
1869                  * is large (divide by `tick' and/or arrange to
1870                  * use tvtohz() if hz is large).
1871                  */
1872                 slp = (long) (((u_long)slp * hz) + 999999) / 1000000;
1873                 goto sleep;
1874         }
1875         if (qp->c_cc <= 0) {
1876 sleep:
1877                 /*
1878                  * There is no input, or not enough input and we can block.
1879                  */
1880                 error = ttysleep(tp, TSA_HUP_OR_INPUT(tp), PCATCH,
1881                                  ISSET(tp->t_state, TS_CONNECTED) ?
1882                                  "ttyin" : "ttyhup", (int)slp);
1883                 crit_exit();
1884                 if (error == EWOULDBLOCK)
1885                         error = 0;
1886                 else if (error) {
1887                         lwkt_reltoken(&tty_token);
1888                         return (error);
1889                 }
1890                 /*
1891                  * XXX what happens if another process eats some input
1892                  * while we are asleep (not just here)?  It would be
1893                  * safest to detect changes and reset our state variables
1894                  * (has_stime and last_cc).
1895                  */
1896                 slp = 0;
1897                 goto loop;
1898         }
1899 read:
1900         crit_exit();
1901         /*
1902          * Input present, check for input mapping and processing.
1903          */
1904         first = 1;
1905         if (ISSET(lflag, ICANON | ISIG))
1906                 goto slowcase;
1907         for (;;) {
1908                 char ibuf[IBUFSIZ];
1909                 int icc;
1910
1911                 icc = (int)szmin(uio->uio_resid, IBUFSIZ);
1912                 icc = q_to_b(qp, ibuf, icc);
1913                 if (icc <= 0) {
1914                         if (first)
1915                                 goto loop;
1916                         break;
1917                 }
1918                 error = uiomove(ibuf, (size_t)icc, uio);
1919                 /*
1920                  * XXX if there was an error then we should ungetc() the
1921                  * unmoved chars and reduce icc here.
1922                  */
1923                 if (error)
1924                         break;
1925                 if (uio->uio_resid == 0)
1926                         break;
1927                 first = 0;
1928         }
1929         goto out;
1930 slowcase:
1931         for (;;) {
1932                 c = clist_getc(qp);
1933                 if (c < 0) {
1934                         if (first)
1935                                 goto loop;
1936                         break;
1937                 }
1938                 /*
1939                  * delayed suspend (^Y)
1940                  */
1941                 if (CCEQ(cc[VDSUSP], c) &&
1942                     ISSET(lflag, IEXTEN | ISIG) == (IEXTEN | ISIG)) {
1943                         pgsignal(tp->t_pgrp, SIGTSTP, 1);
1944                         if (first) {
1945                                 error = ttysleep(tp, &lbolt, PCATCH,
1946                                                  "ttybg3", 0);
1947                                 if (error)
1948                                         break;
1949                                 goto loop;
1950                         }
1951                         break;
1952                 }
1953                 /*
1954                  * Interpret EOF only in canonical mode.
1955                  */
1956                 if (CCEQ(cc[VEOF], c) && ISSET(lflag, ICANON))
1957                         break;
1958                 /*
1959                  * Give user character.
1960                  */
1961                 error = ureadc(c, uio);
1962                 if (error)
1963                         /* XXX should ungetc(c, qp). */
1964                         break;
1965                 if (uio->uio_resid == 0)
1966                         break;
1967                 /*
1968                  * In canonical mode check for a "break character"
1969                  * marking the end of a "line of input".
1970                  */
1971                 if (ISSET(lflag, ICANON) && TTBREAKC(c, lflag))
1972                         break;
1973                 first = 0;
1974         }
1975
1976 out:
1977         /*
1978          * Look to unblock input now that (presumably)
1979          * the input queue has gone down.
1980          */
1981         crit_enter();
1982         if (ISSET(tp->t_state, TS_TBLOCK) &&
1983             tp->t_rawq.c_cc + tp->t_canq.c_cc <= tp->t_ilowat)
1984                 ttyunblock(tp);
1985         crit_exit();
1986
1987         lwkt_reltoken(&tty_token);
1988         return (error);
1989 }
1990
1991 /*
1992  * Check the output queue on tp for space for a kernel message (from uprintf
1993  * or tprintf).  Allow some space over the normal hiwater mark so we don't
1994  * lose messages due to normal flow control, but don't let the tty run amok.
1995  * Sleeps here are not interruptible, but we return prematurely if new signals
1996  * arrive.
1997  */
1998 int
1999 ttycheckoutq(struct tty *tp, int wait)
2000 {
2001         struct lwp *lp = curthread->td_lwp;
2002         int hiwat;
2003         sigset_t oldset, newset;
2004
2005         lwkt_gettoken(&tty_token);
2006         hiwat = tp->t_ohiwat;
2007         SIGEMPTYSET(oldset);
2008         SIGEMPTYSET(newset);
2009         crit_enter();
2010         if (wait)
2011                 oldset = lwp_sigpend(lp);
2012         if (tp->t_outq.c_cc > hiwat + OBUFSIZ + 100) {
2013                 while (tp->t_outq.c_cc > hiwat) {
2014                         ttstart(tp);
2015                         if (tp->t_outq.c_cc <= hiwat)
2016                                 break;
2017                         if (wait)
2018                                 newset = lwp_sigpend(lp);
2019                         if (!wait || SIGSETNEQ(oldset, newset)) {
2020                                 crit_exit();
2021                                 lwkt_reltoken(&tty_token);
2022                                 return (0);
2023                         }
2024                         SET(tp->t_state, TS_SO_OLOWAT);
2025                         tsleep(TSA_OLOWAT(tp), 0, "ttoutq", hz);
2026                 }
2027         }
2028         crit_exit();
2029         lwkt_reltoken(&tty_token);
2030         return (1);
2031 }
2032
2033 /*
2034  * Process a write call on a tty device.
2035  */
2036 int
2037 ttwrite(struct tty *tp, struct uio *uio, int flag)
2038 {
2039         char *cp = NULL;
2040         int cc, ce;
2041         struct proc *pp;
2042         struct lwp *lp;
2043         int i, hiwat, error;
2044         size_t cnt;
2045
2046         char obuf[OBUFSIZ];
2047
2048         lwkt_gettoken(&tty_token);
2049         lp = curthread->td_lwp;
2050         hiwat = tp->t_ohiwat;
2051         cnt = uio->uio_resid;
2052         error = 0;
2053         cc = 0;
2054 loop:
2055         crit_enter();
2056         if (ISSET(tp->t_state, TS_ZOMBIE)) {
2057                 crit_exit();
2058                 if (uio->uio_resid == cnt)
2059                         error = EIO;
2060                 goto out;
2061         }
2062         if (!ISSET(tp->t_state, TS_CONNECTED)) {
2063                 if (flag & IO_NDELAY) {
2064                         crit_exit();
2065                         error = EWOULDBLOCK;
2066                         goto out;
2067                 }
2068                 error = ttysleep(tp, TSA_CARR_ON(tp), PCATCH, "ttydcd", 0);
2069                 crit_exit();
2070                 if (error)
2071                         goto out;
2072                 goto loop;
2073         }
2074         crit_exit();
2075
2076         /*
2077          * Hang the process if it's in the background.
2078          */
2079         lwkt_gettoken(&proc_token);
2080         if ((pp = curproc) && isbackground(pp, tp) &&
2081             ISSET(tp->t_lflag, TOSTOP) && !(pp->p_flag & P_PPWAIT) &&
2082             !SIGISMEMBER(pp->p_sigignore, SIGTTOU) &&
2083             !SIGISMEMBER(lp->lwp_sigmask, SIGTTOU)) {
2084                 if (pp->p_pgrp->pg_jobc == 0) {
2085                         error = EIO;
2086                         lwkt_reltoken(&proc_token);
2087                         goto out;
2088                 }
2089                 pgsignal(pp->p_pgrp, SIGTTOU, 1);
2090                 lwkt_reltoken(&proc_token);
2091                 error = ttysleep(tp, &lbolt, PCATCH, "ttybg4", 0);
2092                 if (error)
2093                         goto out;
2094                 goto loop;
2095         }
2096         lwkt_reltoken(&proc_token);
2097         /*
2098          * Process the user's data in at most OBUFSIZ chunks.  Perform any
2099          * output translation.  Keep track of high water mark, sleep on
2100          * overflow awaiting device aid in acquiring new space.
2101          */
2102         while (uio->uio_resid > 0 || cc > 0) {
2103                 if (ISSET(tp->t_lflag, FLUSHO)) {
2104                         uio->uio_resid = 0;
2105                         lwkt_reltoken(&tty_token);
2106                         return (0);
2107                 }
2108                 if (tp->t_outq.c_cc > hiwat)
2109                         goto ovhiwat;
2110                 /*
2111                  * Grab a hunk of data from the user, unless we have some
2112                  * leftover from last time.
2113                  */
2114                 if (cc == 0) {
2115                         cc = szmin(uio->uio_resid, OBUFSIZ);
2116                         cp = obuf;
2117                         error = uiomove(cp, (size_t)cc, uio);
2118                         if (error) {
2119                                 cc = 0;
2120                                 break;
2121                         }
2122                 }
2123                 /*
2124                  * If nothing fancy need be done, grab those characters we
2125                  * can handle without any of ttyoutput's processing and
2126                  * just transfer them to the output q.  For those chars
2127                  * which require special processing (as indicated by the
2128                  * bits in char_type), call ttyoutput.  After processing
2129                  * a hunk of data, look for FLUSHO so ^O's will take effect
2130                  * immediately.
2131                  */
2132                 while (cc > 0) {
2133                         if (!ISSET(tp->t_oflag, OPOST))
2134                                 ce = cc;
2135                         else {
2136                                 ce = cc - scanc((u_int)cc, (u_char *)cp,
2137                                                 char_type, CCLASSMASK);
2138                                 /*
2139                                  * If ce is zero, then we're processing
2140                                  * a special character through ttyoutput.
2141                                  */
2142                                 if (ce == 0) {
2143                                         tp->t_rocount = 0;
2144                                         if (ttyoutput(*cp, tp) >= 0) {
2145                                                 /* No Clists, wait a bit. */
2146                                                 ttstart(tp);
2147                                                 if (flag & IO_NDELAY) {
2148                                                         error = EWOULDBLOCK;
2149                                                         goto out;
2150                                                 }
2151                                                 error = ttysleep(tp, &lbolt,
2152                                                                  PCATCH,
2153                                                                  "ttybf1", 0);
2154                                                 if (error)
2155                                                         goto out;
2156                                                 goto loop;
2157                                         }
2158                                         cp++;
2159                                         cc--;
2160                                         if (ISSET(tp->t_lflag, FLUSHO) ||
2161                                             tp->t_outq.c_cc > hiwat)
2162                                                 goto ovhiwat;
2163                                         continue;
2164                                 }
2165                         }
2166                         /*
2167                          * A bunch of normal characters have been found.
2168                          * Transfer them en masse to the output queue and
2169                          * continue processing at the top of the loop.
2170                          * If there are any further characters in this
2171                          * <= OBUFSIZ chunk, the first should be a character
2172                          * requiring special handling by ttyoutput.
2173                          */
2174                         tp->t_rocount = 0;
2175                         i = b_to_q(cp, ce, &tp->t_outq);
2176                         ce -= i;
2177                         tp->t_column += ce;
2178                         cp += ce, cc -= ce, tk_nout += ce;
2179                         tp->t_outcc += ce;
2180                         if (i > 0) {
2181                                 /* No Clists, wait a bit. */
2182                                 ttstart(tp);
2183                                 if (flag & IO_NDELAY) {
2184                                         error = EWOULDBLOCK;
2185                                         goto out;
2186                                 }
2187                                 error = ttysleep(tp, &lbolt, PCATCH,
2188                                                  "ttybf2", 0);
2189                                 if (error)
2190                                         goto out;
2191                                 goto loop;
2192                         }
2193                         if (ISSET(tp->t_lflag, FLUSHO) ||
2194                             tp->t_outq.c_cc > hiwat)
2195                                 break;
2196                 }
2197                 ttstart(tp);
2198         }
2199 out:
2200         /*
2201          * If cc is nonzero, we leave the uio structure inconsistent, as the
2202          * offset and iov pointers have moved forward, but it doesn't matter
2203          * (the call will either return short or restart with a new uio).
2204          */
2205         uio->uio_resid += cc;
2206         lwkt_reltoken(&tty_token);
2207         return (error);
2208
2209 ovhiwat:
2210         ttstart(tp);
2211         crit_enter();
2212         /*
2213          * This can only occur if FLUSHO is set in t_lflag,
2214          * or if ttstart/oproc is synchronous (or very fast).
2215          */
2216         if (tp->t_outq.c_cc <= hiwat) {
2217                 crit_exit();
2218                 goto loop;
2219         }
2220         if (flag & IO_NDELAY) {
2221                 crit_exit();
2222                 uio->uio_resid += cc;
2223                 lwkt_reltoken(&tty_token);
2224                 return (uio->uio_resid == cnt ? EWOULDBLOCK : 0);
2225         }
2226         SET(tp->t_state, TS_SO_OLOWAT);
2227         error = ttysleep(tp, TSA_OLOWAT(tp), PCATCH, "ttywri", tp->t_timeout);
2228         crit_exit();
2229         if (error == EWOULDBLOCK)
2230                 error = EIO;
2231         if (error)
2232                 goto out;
2233         goto loop;
2234 }
2235
2236 /*
2237  * Rubout one character from the rawq of tp
2238  * as cleanly as possible.
2239  * NOTE: Must be called with tty_token held
2240  */
2241 static void
2242 ttyrub(int c, struct tty *tp)
2243 {
2244         char *cp;
2245         int savecol;
2246         int tabc;
2247
2248         ASSERT_LWKT_TOKEN_HELD(&tty_token);
2249         if (!ISSET(tp->t_lflag, ECHO) || ISSET(tp->t_lflag, EXTPROC))
2250                 return;
2251         CLR(tp->t_lflag, FLUSHO);
2252         if (ISSET(tp->t_lflag, ECHOE)) {
2253                 if (tp->t_rocount == 0) {
2254                         /*
2255                          * Screwed by ttwrite; retype
2256                          */
2257                         ttyretype(tp);
2258                         return;
2259                 }
2260                 if (c == ('\t' | TTY_QUOTE) || c == ('\n' | TTY_QUOTE))
2261                         ttyrubo(tp, 2);
2262                 else {
2263                         CLR(c, ~TTY_CHARMASK);
2264                         switch (CCLASS(c)) {
2265                         case ORDINARY:
2266                                 ttyrubo(tp, 1);
2267                                 break;
2268                         case BACKSPACE:
2269                         case CONTROL:
2270                         case NEWLINE:
2271                         case RETURN:
2272                         case VTAB:
2273                                 if (ISSET(tp->t_lflag, ECHOCTL))
2274                                         ttyrubo(tp, 2);
2275                                 break;
2276                         case TAB:
2277                                 if (tp->t_rocount < tp->t_rawq.c_cc) {
2278                                         ttyretype(tp);
2279                                         return;
2280                                 }
2281                                 crit_enter();
2282                                 savecol = tp->t_column;
2283                                 SET(tp->t_state, TS_CNTTB);
2284                                 SET(tp->t_lflag, FLUSHO);
2285                                 tp->t_column = tp->t_rocol;
2286                                 cp = tp->t_rawq.c_cf;
2287                                 if (cp)
2288                                         tabc = *cp;     /* XXX FIX NEXTC */
2289                                 for (; cp; cp = nextc(&tp->t_rawq, cp, &tabc))
2290                                         ttyecho(tabc, tp);
2291                                 CLR(tp->t_lflag, FLUSHO);
2292                                 CLR(tp->t_state, TS_CNTTB);
2293                                 crit_exit();
2294
2295                                 /* savecol will now be length of the tab. */
2296                                 savecol -= tp->t_column;
2297                                 tp->t_column += savecol;
2298                                 if (savecol > 8)
2299                                         savecol = 8;    /* overflow screw */
2300                                 while (--savecol >= 0)
2301                                         (void)ttyoutput('\b', tp);
2302                                 break;
2303                         default:                        /* XXX */
2304 #define PANICSTR        "ttyrub: would panic c = %d, val = %d\n"
2305                                 (void)kprintf(PANICSTR, c, CCLASS(c));
2306 #ifdef notdef
2307                                 panic(PANICSTR, c, CCLASS(c));
2308 #endif
2309                         }
2310                 }
2311         } else if (ISSET(tp->t_lflag, ECHOPRT)) {
2312                 if (!ISSET(tp->t_state, TS_ERASE)) {
2313                         SET(tp->t_state, TS_ERASE);
2314                         (void)ttyoutput('\\', tp);
2315                 }
2316                 ttyecho(c, tp);
2317         } else {
2318                 ttyecho(tp->t_cc[VERASE], tp);
2319                 /*
2320                  * This code may be executed not only when an ERASE key
2321                  * is pressed, but also when ^U (KILL) or ^W (WERASE) are.
2322                  * So, I didn't think it was worthwhile to pass the extra
2323                  * information (which would need an extra parameter,
2324                  * changing every call) needed to distinguish the ERASE2
2325                  * case from the ERASE.
2326                  */
2327         }
2328         --tp->t_rocount;
2329 }
2330
2331 /*
2332  * Back over cnt characters, erasing them.
2333  * NOTE: Must be called with tty_token held
2334  */
2335 static void
2336 ttyrubo(struct tty *tp, int cnt)
2337 {
2338         ASSERT_LWKT_TOKEN_HELD(&tty_token);
2339         while (cnt-- > 0) {
2340                 (void)ttyoutput('\b', tp);
2341                 (void)ttyoutput(' ', tp);
2342                 (void)ttyoutput('\b', tp);
2343         }
2344 }
2345
2346 /*
2347  * ttyretype --
2348  *      Reprint the rawq line.  Note, it is assumed that c_cc has already
2349  *      been checked.
2350  * NOTE: Must be called with tty_token held
2351  */
2352 static void
2353 ttyretype(struct tty *tp)
2354 {
2355         char *cp;
2356         int c;
2357
2358         ASSERT_LWKT_TOKEN_HELD(&tty_token);
2359         /* Echo the reprint character. */
2360         if (tp->t_cc[VREPRINT] != _POSIX_VDISABLE)
2361                 ttyecho(tp->t_cc[VREPRINT], tp);
2362
2363         (void)ttyoutput('\n', tp);
2364
2365         /*
2366          * XXX
2367          * FIX: NEXTC IS BROKEN - DOESN'T CHECK QUOTE
2368          * BIT OF FIRST CHAR.
2369          */
2370         crit_enter();
2371         for (cp = tp->t_canq.c_cf, c = (cp != NULL ? *cp : 0);
2372             cp != NULL; cp = nextc(&tp->t_canq, cp, &c))
2373                 ttyecho(c, tp);
2374         for (cp = tp->t_rawq.c_cf, c = (cp != NULL ? *cp : 0);
2375             cp != NULL; cp = nextc(&tp->t_rawq, cp, &c))
2376                 ttyecho(c, tp);
2377         CLR(tp->t_state, TS_ERASE);
2378         crit_exit();
2379
2380         tp->t_rocount = tp->t_rawq.c_cc;
2381         tp->t_rocol = 0;
2382 }
2383
2384 /*
2385  * Echo a typed character to the terminal.
2386  * NOTE: Must be called with tty_token held
2387  */
2388 static void
2389 ttyecho(int c, struct tty *tp)
2390 {
2391         ASSERT_LWKT_TOKEN_HELD(&tty_token);
2392
2393         if (!ISSET(tp->t_state, TS_CNTTB))
2394                 CLR(tp->t_lflag, FLUSHO);
2395         if ((!ISSET(tp->t_lflag, ECHO) &&
2396              (c != '\n' || !ISSET(tp->t_lflag, ECHONL))) ||
2397             ISSET(tp->t_lflag, EXTPROC))
2398                 return;
2399         if (ISSET(tp->t_lflag, ECHOCTL) &&
2400             ((ISSET(c, TTY_CHARMASK) <= 037 && c != '\t' && c != '\n') ||
2401             ISSET(c, TTY_CHARMASK) == 0177)) {
2402                 (void)ttyoutput('^', tp);
2403                 CLR(c, ~TTY_CHARMASK);
2404                 if (c == 0177)
2405                         c = '?';
2406                 else
2407                         c += 'A' - 1;
2408         }
2409         (void)ttyoutput(c, tp);
2410 }
2411
2412 /*
2413  * Wake up any readers on a tty.
2414  */
2415 void
2416 ttwakeup(struct tty *tp)
2417 {
2418         lwkt_gettoken(&tty_token);
2419         if (ISSET(tp->t_state, TS_ASYNC) && tp->t_sigio != NULL)
2420                 pgsigio(tp->t_sigio, SIGIO, (tp->t_session != NULL));
2421         wakeup(TSA_HUP_OR_INPUT(tp));
2422         KNOTE(&tp->t_rkq.ki_note, 0);
2423         lwkt_reltoken(&tty_token);
2424 }
2425
2426 /*
2427  * Wake up any writers on a tty.
2428  */
2429 void
2430 ttwwakeup(struct tty *tp)
2431 {
2432         lwkt_gettoken(&tty_token);
2433         if (ISSET(tp->t_state, TS_ASYNC) && tp->t_sigio != NULL)
2434                 pgsigio(tp->t_sigio, SIGIO, (tp->t_session != NULL));
2435         if (ISSET(tp->t_state, TS_BUSY | TS_SO_OCOMPLETE) ==
2436             TS_SO_OCOMPLETE && tp->t_outq.c_cc == 0) {
2437                 CLR(tp->t_state, TS_SO_OCOMPLETE);
2438                 wakeup(TSA_OCOMPLETE(tp));
2439         }
2440         if (ISSET(tp->t_state, TS_SO_OLOWAT) &&
2441             tp->t_outq.c_cc <= tp->t_olowat) {
2442                 CLR(tp->t_state, TS_SO_OLOWAT);
2443                 wakeup(TSA_OLOWAT(tp));
2444         }
2445         KNOTE(&tp->t_wkq.ki_note, 0);
2446         lwkt_reltoken(&tty_token);
2447 }
2448
2449 /*
2450  * Look up a code for a specified speed in a conversion table;
2451  * used by drivers to map software speed values to hardware parameters.
2452  * No requirements
2453  */
2454 int
2455 ttspeedtab(int speed, struct speedtab *table)
2456 {
2457
2458         for ( ; table->sp_speed != -1; table++)
2459                 if (table->sp_speed == speed)
2460                         return (table->sp_code);
2461         return (-1);
2462 }
2463
2464 /*
2465  * Set input and output watermarks and buffer sizes.  For input, the
2466  * high watermark is about one second's worth of input above empty, the
2467  * low watermark is slightly below high water, and the buffer size is a
2468  * driver-dependent amount above high water.  For output, the watermarks
2469  * are near the ends of the buffer, with about 1 second's worth of input
2470  * between them.  All this only applies to the standard line discipline.
2471  */
2472 void
2473 ttsetwater(struct tty *tp)
2474 {
2475         int cps, ttmaxhiwat, x;
2476
2477         lwkt_gettoken(&tty_token);
2478         /* Input. */
2479         clist_alloc_cblocks(&tp->t_canq, TTYHOG, 512);
2480         switch (tp->t_ispeedwat) {
2481         case (speed_t)-1:
2482                 cps = tp->t_ispeed / 10;
2483                 break;
2484         case 0:
2485                 /*
2486                  * This case is for old drivers that don't know about
2487                  * t_ispeedwat.  Arrange for them to get the old buffer
2488                  * sizes and watermarks.
2489                  */
2490                 cps = TTYHOG - 2 * 256;
2491                 tp->t_ififosize = 2 * 2048;
2492                 break;
2493         default:
2494                 cps = tp->t_ispeedwat / 10;
2495                 break;
2496         }
2497         tp->t_ihiwat = cps;
2498         tp->t_ilowat = 7 * cps / 8;
2499         x = cps + tp->t_ififosize;
2500         clist_alloc_cblocks(&tp->t_rawq, x, x);
2501
2502         /* Output. */
2503         switch (tp->t_ospeedwat) {
2504         case (speed_t)-1:
2505                 cps = tp->t_ospeed / 10;
2506                 ttmaxhiwat = 2 * TTMAXHIWAT;
2507                 break;
2508         case 0:
2509                 cps = tp->t_ospeed / 10;
2510                 ttmaxhiwat = TTMAXHIWAT;
2511                 break;
2512         default:
2513                 cps = tp->t_ospeedwat / 10;
2514                 ttmaxhiwat = 8 * TTMAXHIWAT;
2515                 break;
2516         }
2517 #define CLAMP(x, h, l)  ((x) > h ? h : ((x) < l) ? l : (x))
2518         tp->t_olowat = x = CLAMP(cps / 2, TTMAXLOWAT, TTMINLOWAT);
2519         x += cps;
2520         x = CLAMP(x, ttmaxhiwat, TTMINHIWAT);   /* XXX clamps are too magic */
2521         tp->t_ohiwat = roundup(x, CBSIZE);      /* XXX for compat */
2522         x = imax(tp->t_ohiwat, TTMAXHIWAT);     /* XXX for compat/safety */
2523         x += OBUFSIZ + 100;
2524         clist_alloc_cblocks(&tp->t_outq, x, x);
2525 #undef  CLAMP
2526         lwkt_reltoken(&tty_token);
2527 }
2528
2529 /*
2530  * Report on state of foreground process group.
2531  */
2532 void
2533 ttyinfo(struct tty *tp)
2534 {
2535         struct proc *p, *pick;
2536         struct lwp *lp;
2537         struct rusage ru;
2538         int tmp;
2539
2540         if (ttycheckoutq(tp,0) == 0)
2541                 return;
2542
2543         lwkt_gettoken(&tty_token);
2544         lwkt_gettoken(&proc_token);
2545         /*
2546          * We always print the load average, then figure out what else to
2547          * print based on the state of the current process group.
2548          */
2549         tmp = (averunnable.ldavg[0] * 100 + FSCALE / 2) >> FSHIFT;
2550         ttyprintf(tp, "load: %d.%02d ", tmp / 100, tmp % 100);
2551
2552         if (tp->t_session == NULL) {
2553                 ttyprintf(tp, "not a controlling terminal\n");
2554         } else if (tp->t_pgrp == NULL) {
2555                 ttyprintf(tp, "no foreground process group\n");
2556         } else if ((p = LIST_FIRST(&tp->t_pgrp->pg_members)) == 0) {
2557                 ttyprintf(tp, "empty foreground process group\n");
2558         } else {
2559                 /*
2560                  * Pick an interesting process.  Note that certain elements,
2561                  * in particular the wmesg, require a critical section for
2562                  * safe access (YYY and we are still not MP safe).
2563                  *
2564                  * NOTE: lwp_wmesg is lwp_thread->td_wmesg.
2565                  */
2566                 char buf[64];
2567                 const char *str;
2568                 long vmsz;
2569                 int pctcpu;
2570
2571                 crit_enter();
2572
2573                 /* XXX lwp should compare lwps */
2574
2575                 for (pick = NULL; p != 0; p = LIST_NEXT(p, p_pglist)) {
2576                         if (proc_compare(pick, p))
2577                                 pick = p;
2578                 }
2579
2580                 /* XXX lwp */
2581                 lp = FIRST_LWP_IN_PROC(pick);
2582                 if (lp == NULL) {
2583                         ttyprintf(tp, "foreground process without lwp\n");
2584                         tp->t_rocount = 0;
2585                         crit_exit();
2586                         lwkt_reltoken(&proc_token);
2587                         lwkt_reltoken(&tty_token);
2588                         return;
2589                 }
2590
2591                 /*
2592                  * Figure out what wait/process-state message, and command
2593                  * buffer to present
2594                  */
2595                 /*
2596                  * XXX lwp This is a horrible mixture.  We need to rework this
2597                  * as soon as lwps have their own runnable status.
2598                  */
2599                 if (pick->p_flag & P_WEXIT)
2600                         str = "exiting";
2601                 else if (lp->lwp_stat == LSRUN)
2602                         str = "running";
2603                 else if (pick->p_stat == SIDL)
2604                         str = "spawning";
2605                 else if (lp->lwp_wmesg) /* lwp_thread must not be NULL */
2606                         str = lp->lwp_wmesg;
2607                 else
2608                         str = "iowait";
2609
2610                 ksnprintf(buf, sizeof(buf), "cmd: %s %d [%s]",
2611                         pick->p_comm, pick->p_pid, str);
2612
2613                 /*
2614                  * Calculate cpu usage, percent cpu, and cmsz.  Note that
2615                  * 'pick' becomes invalid the moment we exit the critical
2616                  * section.
2617                  */
2618                 if (lp->lwp_thread && (pick->p_flag & P_SWAPPEDOUT) == 0)
2619                         calcru_proc(pick, &ru);
2620
2621                 pctcpu = (lp->lwp_pctcpu * 10000 + FSCALE / 2) >> FSHIFT;
2622
2623                 if (pick->p_stat == SIDL || pick->p_stat == SZOMB)
2624                     vmsz = 0;
2625                 else
2626                     vmsz = pgtok(vmspace_resident_count(pick->p_vmspace));
2627
2628                 crit_exit();
2629
2630                 /*
2631                  * Dump the output
2632                  */
2633                 ttyprintf(tp, " %s ", buf);
2634                 ttyprintf(tp, "%ld.%02ldu ",
2635                         ru.ru_utime.tv_sec, ru.ru_utime.tv_usec / 10000);
2636                 ttyprintf(tp, "%ld.%02lds ",
2637                         ru.ru_stime.tv_sec, ru.ru_stime.tv_usec / 10000);
2638                 ttyprintf(tp, "%d%% %ldk\n", pctcpu / 100, vmsz);
2639         }
2640         tp->t_rocount = 0;      /* so pending input will be retyped if BS */
2641         lwkt_reltoken(&proc_token);
2642         lwkt_reltoken(&tty_token);
2643 }
2644
2645 /*
2646  * Returns 1 if p2 is "better" than p1
2647  *
2648  * The algorithm for picking the "interesting" process is thus:
2649  *
2650  *      1) Only foreground processes are eligible - implied.
2651  *      2) Runnable processes are favored over anything else.  The runner
2652  *         with the highest cpu utilization is picked (p_cpticks).  Ties are
2653  *         broken by picking the highest pid.
2654  *      3) The sleeper with the shortest sleep time is next.  With ties,
2655  *         we pick out just "short-term" sleepers (LWP_SINTR == 0).
2656  *      4) Further ties are broken by picking the highest pid.
2657  *
2658  * NOTE: must be called with proc_token held.
2659  */
2660 #define ISRUN(lp)       ((lp)->lwp_stat == LSRUN)
2661 #define TESTAB(a, b)    ((a)<<1 | (b))
2662 #define ONLYA   2
2663 #define ONLYB   1
2664 #define BOTH    3
2665
2666 static int
2667 proc_compare(struct proc *p1, struct proc *p2)
2668 {
2669         struct lwp *lp1, *lp2;
2670
2671         ASSERT_LWKT_TOKEN_HELD(&proc_token);
2672
2673         if (p1 == NULL)
2674                 return (1);
2675
2676         /*
2677          * weed out zombies
2678          */
2679         switch (TESTAB(p1->p_stat == SZOMB, p2->p_stat == SZOMB)) {
2680         case ONLYA:
2681                 return (1);
2682         case ONLYB:
2683                 return (0);
2684         case BOTH:
2685                 return (p2->p_pid > p1->p_pid); /* tie - return highest pid */
2686         }
2687
2688         /* XXX lwp */
2689         lp1 = FIRST_LWP_IN_PROC(p1);
2690         lp2 = FIRST_LWP_IN_PROC(p2);
2691
2692         /*
2693          * see if at least one of them is runnable
2694          */
2695         switch (TESTAB(ISRUN(lp1), ISRUN(lp2))) {
2696         case ONLYA:
2697                 return (0);
2698         case ONLYB:
2699                 return (1);
2700         case BOTH:
2701                 /*
2702                  * tie - favor one with highest recent cpu utilization
2703                  */
2704                 if (lp2->lwp_cpticks > lp1->lwp_cpticks)
2705                         return (1);
2706                 if (lp1->lwp_cpticks > lp2->lwp_cpticks)
2707                         return (0);
2708                 return (p2->p_pid > p1->p_pid); /* tie - return highest pid */
2709         }
2710         /*
2711          * pick the one with the smallest sleep time
2712          */
2713         if (lp2->lwp_slptime > lp1->lwp_slptime)
2714                 return (0);
2715         if (lp1->lwp_slptime > lp2->lwp_slptime)
2716                 return (1);
2717         /*
2718          * favor one sleeping in a non-interruptible sleep
2719          */
2720         if (lp1->lwp_flag & LWP_SINTR && (lp2->lwp_flag & LWP_SINTR) == 0)
2721                 return (1);
2722         if (lp2->lwp_flag & LWP_SINTR && (lp1->lwp_flag & LWP_SINTR) == 0)
2723                 return (0);
2724         return (p2->p_pid > p1->p_pid);         /* tie - return highest pid */
2725 }
2726
2727 /*
2728  * Output char to tty; console putchar style.
2729  */
2730 int
2731 tputchar(int c, struct tty *tp)
2732 {
2733         crit_enter();
2734         lwkt_gettoken(&tty_token);
2735         if (!ISSET(tp->t_state, TS_CONNECTED)) {
2736                 lwkt_reltoken(&tty_token);
2737                 crit_exit();
2738                 return (-1);
2739         }
2740         if (c == '\n')
2741                 (void)ttyoutput('\r', tp);
2742         (void)ttyoutput(c, tp);
2743         ttstart(tp);
2744         lwkt_reltoken(&tty_token);
2745         crit_exit();
2746         return (0);
2747 }
2748
2749 /*
2750  * Sleep on chan, returning ERESTART if tty changed while we napped and
2751  * returning any errors (e.g. EINTR/EWOULDBLOCK) reported by tsleep.  If
2752  * the tty is revoked, restarting a pending call will redo validation done
2753  * at the start of the call.
2754  */
2755 int
2756 ttysleep(struct tty *tp, void *chan, int slpflags, char *wmesg, int timo)
2757 {
2758         int error;
2759         int gen;
2760
2761         gen = tp->t_gen;
2762         error = tsleep(chan, slpflags, wmesg, timo);
2763         if (error)
2764                 return (error);
2765         return (tp->t_gen == gen ? 0 : ERESTART);
2766 }
2767
2768 /*
2769  * Revoke a tty.
2770  *
2771  * We bump the gen to force any ttysleep()'s to return with ERESTART
2772  * and flush the tty.  The related fp's should already have been
2773  * replaced so the tty will close when the last references on the
2774  * original fp's go away.
2775  */
2776 int
2777 ttyrevoke(struct dev_revoke_args *ap)
2778 {
2779         struct tty *tp;
2780
2781         lwkt_gettoken(&tty_token);
2782         tp = ap->a_head.a_dev->si_tty;
2783         tp->t_gen++;
2784         ttyflush(tp, FREAD | FWRITE);
2785         wakeup(TSA_CARR_ON(tp));
2786         ttwakeup(tp);
2787         ttwwakeup(tp);
2788         lwkt_reltoken(&tty_token);
2789         return (0);
2790 }
2791
2792 /*
2793  * Allocate a tty struct.  Clists in the struct will be allocated by
2794  * ttyopen().
2795  */
2796 struct tty *
2797 ttymalloc(struct tty *tp)
2798 {
2799
2800         if (tp) {
2801                 return(tp);
2802         }
2803         tp = kmalloc(sizeof *tp, M_TTYS, M_WAITOK|M_ZERO);
2804         ttyregister(tp);
2805         return (tp);
2806 }
2807
2808 void
2809 ttyunregister(struct tty *tp)
2810 {
2811         lwkt_gettoken(&tty_token);
2812         KKASSERT(ISSET(tp->t_state, TS_REGISTERED));
2813         CLR(tp->t_state, TS_REGISTERED);
2814         TAILQ_REMOVE(&tty_list, tp, t_list);
2815         lwkt_reltoken(&tty_token);
2816 }
2817
2818 void
2819 ttyregister(struct tty *tp)
2820 {
2821         lwkt_gettoken(&tty_token);
2822         KKASSERT(!ISSET(tp->t_state, TS_REGISTERED));
2823         SET(tp->t_state, TS_REGISTERED);
2824         TAILQ_INSERT_HEAD(&tty_list, tp, t_list);
2825         lwkt_reltoken(&tty_token);
2826 }
2827
2828 static int
2829 sysctl_kern_ttys(SYSCTL_HANDLER_ARGS)
2830 {
2831         int error;
2832         struct tty *tp;
2833         struct tty t;
2834         struct tty marker;
2835
2836         bzero(&marker, sizeof(marker));
2837         marker.t_state = TS_MARKER;
2838         error = 0;
2839
2840         lwkt_gettoken(&tty_token);
2841
2842         TAILQ_INSERT_HEAD(&tty_list, &marker, t_list);
2843         while ((tp = TAILQ_NEXT(&marker, t_list)) != NULL) {
2844                 TAILQ_REMOVE(&tty_list, &marker, t_list);
2845                 TAILQ_INSERT_AFTER(&tty_list, tp, &marker, t_list);
2846                 if (tp->t_state & TS_MARKER)
2847                         continue;
2848                 t = *tp;
2849                 if (t.t_dev)
2850                         t.t_dev = (cdev_t)(uintptr_t)dev2udev(t.t_dev);
2851                 error = SYSCTL_OUT(req, (caddr_t)&t, sizeof(t));
2852                 if (error)
2853                         break;
2854         }
2855         TAILQ_REMOVE(&tty_list, &marker, t_list);
2856         lwkt_reltoken(&tty_token);
2857         return (error);
2858 }
2859
2860 SYSCTL_PROC(_kern, OID_AUTO, ttys, CTLTYPE_OPAQUE|CTLFLAG_RD,
2861         0, 0, sysctl_kern_ttys, "S,tty", "All struct ttys");
2862
2863 void
2864 nottystop(struct tty *tp, int rw)
2865 {
2866         return;
2867 }
2868
2869 int
2870 ttyread(struct dev_read_args *ap)
2871 {
2872         struct tty *tp;
2873         int ret;
2874
2875         tp = ap->a_head.a_dev->si_tty;
2876         if (tp == NULL)
2877                 return (ENODEV);
2878         lwkt_gettoken(&tty_token);
2879         ret = ((*linesw[tp->t_line].l_read)(tp, ap->a_uio, ap->a_ioflag));
2880         lwkt_reltoken(&tty_token);
2881
2882         return ret;
2883 }
2884
2885 int
2886 ttywrite(struct dev_write_args *ap)
2887 {
2888         struct tty *tp;
2889         int ret;
2890
2891         tp = ap->a_head.a_dev->si_tty;
2892         if (tp == NULL)
2893                 return (ENODEV);
2894         lwkt_gettoken(&tty_token);
2895         ret = ((*linesw[tp->t_line].l_write)(tp, ap->a_uio, ap->a_ioflag));
2896         lwkt_reltoken(&tty_token);
2897
2898         return ret;
2899 }