1 /*        $NetBSD: ptyfs_vfsops.c,v 1.58 2020/03/16 21:20:10 pgoyette Exp $     */
2 
3 /*
4  * Copyright (c) 1992, 1993, 1995
5  *        The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software donated to Berkeley by
8  * Jan-Simon Pendry.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  *
34  */
35 
36 /*
37  * Pseudo-tty Filesystem
38  */
39 
40 #include <sys/cdefs.h>
41 __KERNEL_RCSID(0, "$NetBSD: ptyfs_vfsops.c,v 1.58 2020/03/16 21:20:10 pgoyette Exp $");
42 
43 #include <sys/param.h>
44 #include <sys/systm.h>
45 #include <sys/sysctl.h>
46 #include <sys/conf.h>
47 #include <sys/proc.h>
48 #include <sys/vnode.h>
49 #include <sys/mount.h>
50 #include <sys/namei.h>
51 #include <sys/stat.h>
52 #include <sys/dirent.h>
53 #include <sys/malloc.h>
54 #include <sys/syslog.h>
55 #include <sys/select.h>
56 #include <sys/filedesc.h>
57 #include <sys/tty.h>
58 #include <sys/pty.h>
59 #include <sys/kauth.h>
60 #include <sys/module.h>
61 
62 #include <fs/ptyfs/ptyfs.h>
63 #include <miscfs/genfs/genfs.h>
64 #include <miscfs/specfs/specdev.h>
65 
66 MODULE(MODULE_CLASS_VFS, ptyfs, NULL);
67 
68 MALLOC_JUSTDEFINE(M_PTYFSMNT, "ptyfs mount", "ptyfs mount structures");
69 MALLOC_JUSTDEFINE(M_PTYFSTMP, "ptyfs temp", "ptyfs temporary structures");
70 
71 VFS_PROTOS(ptyfs);
72 
73 static int ptyfs__allocvp(struct mount *, struct lwp *, struct vnode **,
74     dev_t, char);
75 static int ptyfs__makename(struct mount *, struct lwp *, char *, size_t,
76     dev_t, char);
77 static void ptyfs__getvattr(struct mount *, struct lwp *, struct vattr *);
78 static int ptyfs__getmp(struct lwp *, struct mount **);
79 
80 /*
81  * ptm glue: When we mount, we make ptm point to us.
82  */
83 struct ptm_pty *ptyfs_save_ptm;
84 static int ptyfs_count;
85 
86 static TAILQ_HEAD(, ptyfsmount) ptyfs_head;
87 
88 struct ptm_pty ptm_ptyfspty = {
89           ptyfs__allocvp,
90           ptyfs__makename,
91           ptyfs__getvattr,
92           ptyfs__getmp,
93 };
94 
95 static int
ptyfs__getmp(struct lwp * l,struct mount ** mpp)96 ptyfs__getmp(struct lwp *l, struct mount **mpp)
97 {
98           struct cwdinfo *cwdi = l->l_proc->p_cwdi;
99           struct mount *mp;
100           struct ptyfsmount *pmnt;
101 
102           TAILQ_FOREACH(pmnt, &ptyfs_head, pmnt_le) {
103                     mp = pmnt->pmnt_mp;
104                     if (cwdi->cwdi_rdir == NULL)
105                               goto ok;
106 
107                     if (vn_isunder(mp->mnt_vnodecovered, cwdi->cwdi_rdir, l))
108                               goto ok;
109           }
110           *mpp = NULL;
111           return EOPNOTSUPP;
112 ok:
113           *mpp = mp;
114           return 0;
115 }
116 
117 static const char *
ptyfs__getpath(struct lwp * l,const struct mount * mp)118 ptyfs__getpath(struct lwp *l, const struct mount *mp)
119 {
120 #define MAXBUF (sizeof(mp->mnt_stat.f_mntonname) + 32)
121           struct cwdinfo *cwdi = l->l_proc->p_cwdi;
122           char *buf;
123           const char *rv;
124           size_t len;
125           char *bp;
126           int error;
127 
128           rv = mp->mnt_stat.f_mntonname;
129           if (cwdi->cwdi_rdir == NULL)
130                     return rv;
131 
132           buf = malloc(MAXBUF, M_TEMP, M_WAITOK);
133           bp = buf + MAXBUF;
134           *--bp = '\0';
135           error = getcwd_common(mp->mnt_vnodecovered, cwdi->cwdi_rdir, &bp,
136               buf, MAXBUF / 2, 0, l);
137           if (error) {        /* Mount point is out of rdir */
138                     rv = NULL;
139                     goto out;
140           }
141 
142           len = strlen(bp);
143           if (len < sizeof(mp->mnt_stat.f_mntonname))       /* XXX */
144                     rv += strlen(rv) - len;
145 out:
146           free(buf, M_TEMP);
147           return rv;
148 }
149 
150 static int
ptyfs__makename(struct mount * mp,struct lwp * l,char * tbuf,size_t bufsiz,dev_t dev,char ms)151 ptyfs__makename(struct mount *mp, struct lwp *l, char *tbuf, size_t bufsiz,
152     dev_t dev, char ms)
153 {
154           size_t len;
155           const char *np;
156           int pty = minor(dev);
157 
158           switch (ms) {
159           case 'p':
160                     /* We don't provide access to the master, should we? */
161                     len = snprintf(tbuf, bufsiz, "/dev/null");
162                     break;
163           case 't':
164                     /*
165                      * We support traditional ptys, so we can get here,
166                      * if pty had been opened before PTYFS was mounted,
167                      * or was opened through /dev/ptyXX devices.
168                      * Return it only outside chroot for more security .
169                      */
170                     if (l->l_proc->p_cwdi->cwdi_rdir == NULL
171                         && ptyfs_save_ptm != NULL
172                         && ptyfs_next_active(mp, pty) != pty)
173                               return (*ptyfs_save_ptm->makename)(mp, l,
174                                   tbuf, bufsiz, dev, ms);
175 
176                     np = ptyfs__getpath(l, mp);
177                     if (np == NULL)
178                               return EOPNOTSUPP;
179                     len = snprintf(tbuf, bufsiz, "%s/%llu", np,
180                               (unsigned long long)minor(dev));
181                     break;
182           default:
183                     return EINVAL;
184           }
185 
186           return len >= bufsiz ? ENOSPC : 0;
187 }
188 
189 
190 static int
191 /*ARGSUSED*/
ptyfs__allocvp(struct mount * mp,struct lwp * l,struct vnode ** vpp,dev_t dev,char ms)192 ptyfs__allocvp(struct mount *mp, struct lwp *l, struct vnode **vpp,
193     dev_t dev, char ms)
194 {
195           int error;
196           ptyfstype type;
197 
198           switch (ms) {
199           case 'p':
200                     type = PTYFSptc;
201                     break;
202           case 't':
203                     type = PTYFSpts;
204                     break;
205           default:
206                     return EINVAL;
207           }
208 
209           error = ptyfs_allocvp(mp, vpp, type, minor(dev));
210           if (error)
211                     return error;
212           error = vn_lock(*vpp, LK_EXCLUSIVE);
213           if (error) {
214                     vrele(*vpp);
215                     *vpp = NULL;
216                     return error;
217           }
218           if (type == PTYFSptc)
219                     ptyfs_set_active(mp, minor(dev));
220           return 0;
221 }
222 
223 
224 static void
ptyfs__getvattr(struct mount * mp,struct lwp * l,struct vattr * vattr)225 ptyfs__getvattr(struct mount *mp, struct lwp *l, struct vattr *vattr)
226 {
227           struct ptyfsmount *pmnt = VFSTOPTY(mp);
228           vattr_null(vattr);
229           /* get real uid */
230           vattr->va_uid = kauth_cred_getuid(l->l_cred);
231           vattr->va_gid = pmnt->pmnt_gid;
232           vattr->va_mode = pmnt->pmnt_mode;
233 }
234 
235 
236 void
ptyfs_init(void)237 ptyfs_init(void)
238 {
239 
240           TAILQ_INIT(&ptyfs_head);
241           malloc_type_attach(M_PTYFSMNT);
242           malloc_type_attach(M_PTYFSTMP);
243           ptyfs_hashinit();
244 }
245 
246 void
ptyfs_reinit(void)247 ptyfs_reinit(void)
248 {
249 
250 }
251 
252 void
ptyfs_done(void)253 ptyfs_done(void)
254 {
255 
256           ptyfs_hashdone();
257           malloc_type_detach(M_PTYFSTMP);
258           malloc_type_detach(M_PTYFSMNT);
259 }
260 
261 #define OSIZE sizeof(struct { int f; gid_t g; mode_t m; })
262 /*
263  * Mount the Pseudo tty params filesystem
264  */
265 int
ptyfs_mount(struct mount * mp,const char * path,void * data,size_t * data_len)266 ptyfs_mount(struct mount *mp, const char *path, void *data, size_t *data_len)
267 {
268           struct lwp *l = curlwp;
269           int error = 0;
270           struct ptyfsmount *pmnt;
271           struct ptyfs_args *args = data;
272 
273           if (args == NULL)
274                     return EINVAL;
275           if (*data_len != sizeof *args) {
276                     if (*data_len != OSIZE || args->version >= PTYFS_ARGSVERSION)
277                               return EINVAL;
278           }
279 
280           if (UIO_MX & (UIO_MX - 1)) {
281                     log(LOG_ERR, "ptyfs: invalid directory entry size");
282                     return EINVAL;
283           }
284 
285           if (mp->mnt_flag & MNT_GETARGS) {
286                     pmnt = VFSTOPTY(mp);
287                     if (pmnt == NULL)
288                               return EIO;
289                     args->mode = pmnt->pmnt_mode;
290                     args->gid = pmnt->pmnt_gid;
291                     if (args->version >= PTYFS_ARGSVERSION) {
292                               args->flags = pmnt->pmnt_flags;
293                               *data_len = sizeof *args;
294                     } else {
295                               *data_len = OSIZE;
296                     }
297                     return 0;
298           }
299 
300 #if 0
301           /* Don't allow more than one mount */
302           if (ptyfs_count)
303                     return EBUSY;
304 #endif
305 
306           if (mp->mnt_flag & MNT_UPDATE)
307                     return EOPNOTSUPP;
308 
309           if (args->version > PTYFS_ARGSVERSION)
310                     return EINVAL;
311 
312           pmnt = malloc(sizeof(struct ptyfsmount), M_PTYFSMNT, M_WAITOK);
313 
314           mp->mnt_data = pmnt;
315           mutex_init(&pmnt->pmnt_lock, MUTEX_DEFAULT, IPL_NONE);
316           pmnt->pmnt_gid = args->gid;
317           pmnt->pmnt_mode = args->mode;
318           if (args->version >= PTYFS_ARGSVERSION)
319                     pmnt->pmnt_flags = args->flags;
320           else
321                     pmnt->pmnt_flags = 0;
322           pmnt->pmnt_bitmap_size = 0;
323           pmnt->pmnt_bitmap = NULL;
324           mp->mnt_flag |= MNT_LOCAL;
325           vfs_getnewfsid(mp);
326 
327           if ((error = set_statvfs_info(path, UIO_USERSPACE, "ptyfs",
328               UIO_SYSSPACE, mp->mnt_op->vfs_name, mp, l)) != 0) {
329                     free(pmnt, M_PTYFSMNT);
330                     return error;
331           }
332 
333           pmnt->pmnt_mp = mp;
334           TAILQ_INSERT_TAIL(&ptyfs_head, pmnt, pmnt_le);
335           if (ptyfs_count++ == 0) {
336                     /* Point pty access to us */
337                     ptyfs_save_ptm = pty_sethandler(&ptm_ptyfspty);
338           }
339           return 0;
340 }
341 
342 /*ARGSUSED*/
343 int
ptyfs_start(struct mount * mp,int flags)344 ptyfs_start(struct mount *mp, int flags)
345 {
346           return 0;
347 }
348 
349 /*ARGSUSED*/
350 int
ptyfs_unmount(struct mount * mp,int mntflags)351 ptyfs_unmount(struct mount *mp, int mntflags)
352 {
353           int error;
354           int flags = 0;
355           struct ptyfsmount *pmnt;
356 
357           if (mntflags & MNT_FORCE)
358                     flags |= FORCECLOSE;
359 
360           if ((error = vflush(mp, 0, flags)) != 0)
361                     return error;
362 
363           ptyfs_count--;
364           if (ptyfs_count == 0) {
365                     /* Restore where pty access was pointing */
366                     (void)pty_sethandler(ptyfs_save_ptm);
367                     ptyfs_save_ptm = NULL;
368           }
369           TAILQ_FOREACH(pmnt, &ptyfs_head, pmnt_le) {
370                     if (pmnt->pmnt_mp == mp) {
371                               TAILQ_REMOVE(&ptyfs_head, pmnt, pmnt_le);
372                               break;
373                     }
374           }
375 
376           /*
377            * Finally, throw away the ptyfsmount structure
378            */
379           if (pmnt->pmnt_bitmap_size > 0)
380                     kmem_free(pmnt->pmnt_bitmap, pmnt->pmnt_bitmap_size);
381           mutex_destroy(&pmnt->pmnt_lock);
382           free(mp->mnt_data, M_PTYFSMNT);
383           mp->mnt_data = NULL;
384 
385           return 0;
386 }
387 
388 int
ptyfs_root(struct mount * mp,int lktype,struct vnode ** vpp)389 ptyfs_root(struct mount *mp, int lktype, struct vnode **vpp)
390 {
391           int error;
392 
393           /* setup "." */
394           error = ptyfs_allocvp(mp, vpp, PTYFSroot, 0);
395           if (error)
396                     return error;
397           error = vn_lock(*vpp, lktype);
398           if (error) {
399                     vrele(*vpp);
400                     *vpp = NULL;
401                     return error;
402           }
403           return 0;
404 }
405 
406 /*ARGSUSED*/
407 int
ptyfs_sync(struct mount * mp,int waitfor,kauth_cred_t uc)408 ptyfs_sync(struct mount *mp, int waitfor,
409     kauth_cred_t uc)
410 {
411           return 0;
412 }
413 
414 /*
415  * Initialize this vnode / ptynode pair.
416  * Only for the slave side of a pty, caller assures
417  * no other thread will try to load this node.
418  */
419 int
ptyfs_loadvnode(struct mount * mp,struct vnode * vp,const void * key,size_t key_len,const void ** new_key)420 ptyfs_loadvnode(struct mount *mp, struct vnode *vp,
421     const void *key, size_t key_len, const void **new_key)
422 {
423           struct ptyfskey pkey;
424           struct ptyfsnode *ptyfs;
425 
426           KASSERT(key_len == sizeof(pkey));
427           memcpy(&pkey, key, key_len);
428 
429           ptyfs = ptyfs_get_node(pkey.ptk_type, pkey.ptk_pty);
430           KASSERT(memcmp(&ptyfs->ptyfs_key, &pkey, sizeof(pkey)) == 0);
431 
432           switch (pkey.ptk_type) {
433           case PTYFSroot:     /* /pts = dr-xr-xr-x */
434                     vp->v_type = VDIR;
435                     vp->v_vflag = VV_ROOT;
436                     break;
437 
438           case PTYFSpts:      /* /pts/N = cxxxxxxxxx */
439           case PTYFSptc:      /* controlling side = cxxxxxxxxx */
440                     vp->v_type = VCHR;
441                     spec_node_init(vp, PTYFS_MAKEDEV(ptyfs));
442                     break;
443           default:
444                     panic("ptyfs_loadvnode");
445           }
446 
447           vp->v_tag = VT_PTYFS;
448           vp->v_op = ptyfs_vnodeop_p;
449           vp->v_data = ptyfs;
450           uvm_vnp_setsize(vp, 0);
451           *new_key = &ptyfs->ptyfs_key;
452           return 0;
453 }
454 
455 /*
456  * Kernfs flat namespace lookup.
457  * Currently unsupported.
458  */
459 /*ARGSUSED*/
460 int
ptyfs_vget(struct mount * mp,ino_t ino,int lktype,struct vnode ** vpp)461 ptyfs_vget(struct mount *mp, ino_t ino, int lktype,
462     struct vnode **vpp)
463 {
464           return EOPNOTSUPP;
465 }
466 
467 extern const struct vnodeopv_desc ptyfs_vnodeop_opv_desc;
468 
469 const struct vnodeopv_desc * const ptyfs_vnodeopv_descs[] = {
470           &ptyfs_vnodeop_opv_desc,
471           NULL,
472 };
473 
474 struct vfsops ptyfs_vfsops = {
475           .vfs_name = MOUNT_PTYFS,
476           .vfs_min_mount_data = sizeof (struct ptyfs_args),
477           .vfs_mount = ptyfs_mount,
478           .vfs_start = ptyfs_start,
479           .vfs_unmount = ptyfs_unmount,
480           .vfs_root = ptyfs_root,
481           .vfs_quotactl = (void *)eopnotsupp,
482           .vfs_statvfs = genfs_statvfs,
483           .vfs_sync = ptyfs_sync,
484           .vfs_vget = ptyfs_vget,
485           .vfs_loadvnode = ptyfs_loadvnode,
486           .vfs_fhtovp = (void *)eopnotsupp,
487           .vfs_vptofh = (void *)eopnotsupp,
488           .vfs_init = ptyfs_init,
489           .vfs_reinit = ptyfs_reinit,
490           .vfs_done = ptyfs_done,
491           .vfs_snapshot = (void *)eopnotsupp,
492           .vfs_extattrctl = (void *)eopnotsupp,
493           .vfs_suspendctl = genfs_suspendctl,
494           .vfs_renamelock_enter = genfs_renamelock_enter,
495           .vfs_renamelock_exit = genfs_renamelock_exit,
496           .vfs_fsync = (void *)eopnotsupp,
497           .vfs_opv_descs = ptyfs_vnodeopv_descs
498 };
499 
500 SYSCTL_SETUP(ptyfs_sysctl_setup, "ptyfs sysctl")
501 {
502 
503           sysctl_createv(clog, 0, NULL, NULL,
504                            CTLFLAG_PERMANENT,
505                            CTLTYPE_NODE, "ptyfs",
506                            SYSCTL_DESCR("Pty file system"),
507                            NULL, 0, NULL, 0,
508                            CTL_VFS, 23, CTL_EOL);
509           /*
510            * XXX the "23" above could be dynamic, thereby eliminating
511            * one more instance of the "number to vfs" mapping problem,
512            * but "23" is the order as taken from sys/mount.h
513            */
514 }
515 
516 static int
ptyfs_modcmd(modcmd_t cmd,void * arg)517 ptyfs_modcmd(modcmd_t cmd, void *arg)
518 {
519           int error;
520 
521           switch (cmd) {
522           case MODULE_CMD_INIT:
523                     error = vfs_attach(&ptyfs_vfsops);
524                     if (error != 0)
525                               break;
526                     break;
527           case MODULE_CMD_FINI:
528                     error = vfs_detach(&ptyfs_vfsops);
529                     if (error != 0)
530                               break;
531                     break;
532           default:
533                     error = ENOTTY;
534                     break;
535           }
536 
537           return (error);
538 }
539