1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 #include <asm/system.h> 101 102 #include <linux/kbd_kern.h> 103 #include <linux/vt_kern.h> 104 #include <linux/selection.h> 105 106 #include <linux/kmod.h> 107 #include <linux/nsproxy.h> 108 109 #undef TTY_DEBUG_HANGUP 110 111 #define TTY_PARANOIA_CHECK 1 112 #define CHECK_TTY_COUNT 1 113 114 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 115 .c_iflag = ICRNL | IXON, 116 .c_oflag = OPOST | ONLCR, 117 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 118 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 119 ECHOCTL | ECHOKE | IEXTEN, 120 .c_cc = INIT_C_CC, 121 .c_ispeed = 38400, 122 .c_ospeed = 38400 123 }; 124 125 EXPORT_SYMBOL(tty_std_termios); 126 127 /* This list gets poked at by procfs and various bits of boot up code. This 128 could do with some rationalisation such as pulling the tty proc function 129 into this file */ 130 131 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 132 133 /* Mutex to protect creating and releasing a tty. This is shared with 134 vt.c for deeply disgusting hack reasons */ 135 DEFINE_MUTEX(tty_mutex); 136 EXPORT_SYMBOL(tty_mutex); 137 138 /* Spinlock to protect the tty->tty_files list */ 139 DEFINE_SPINLOCK(tty_files_lock); 140 141 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 142 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 143 ssize_t redirected_tty_write(struct file *, const char __user *, 144 size_t, loff_t *); 145 static unsigned int tty_poll(struct file *, poll_table *); 146 static int tty_open(struct inode *, struct file *); 147 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 148 #ifdef CONFIG_COMPAT 149 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 150 unsigned long arg); 151 #else 152 #define tty_compat_ioctl NULL 153 #endif 154 static int __tty_fasync(int fd, struct file *filp, int on); 155 static int tty_fasync(int fd, struct file *filp, int on); 156 static void release_tty(struct tty_struct *tty, int idx); 157 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 159 160 /** 161 * alloc_tty_struct - allocate a tty object 162 * 163 * Return a new empty tty structure. The data fields have not 164 * been initialized in any way but has been zeroed 165 * 166 * Locking: none 167 */ 168 169 struct tty_struct *alloc_tty_struct(void) 170 { 171 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 172 } 173 174 /** 175 * free_tty_struct - free a disused tty 176 * @tty: tty struct to free 177 * 178 * Free the write buffers, tty queue and tty memory itself. 179 * 180 * Locking: none. Must be called after tty is definitely unused 181 */ 182 183 void free_tty_struct(struct tty_struct *tty) 184 { 185 if (tty->dev) 186 put_device(tty->dev); 187 kfree(tty->write_buf); 188 tty_buffer_free_all(tty); 189 kfree(tty); 190 } 191 192 static inline struct tty_struct *file_tty(struct file *file) 193 { 194 return ((struct tty_file_private *)file->private_data)->tty; 195 } 196 197 /* Associate a new file with the tty structure */ 198 int tty_add_file(struct tty_struct *tty, struct file *file) 199 { 200 struct tty_file_private *priv; 201 202 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 203 if (!priv) 204 return -ENOMEM; 205 206 priv->tty = tty; 207 priv->file = file; 208 file->private_data = priv; 209 210 spin_lock(&tty_files_lock); 211 list_add(&priv->list, &tty->tty_files); 212 spin_unlock(&tty_files_lock); 213 214 return 0; 215 } 216 217 /* Delete file from its tty */ 218 void tty_del_file(struct file *file) 219 { 220 struct tty_file_private *priv = file->private_data; 221 222 spin_lock(&tty_files_lock); 223 list_del(&priv->list); 224 spin_unlock(&tty_files_lock); 225 file->private_data = NULL; 226 kfree(priv); 227 } 228 229 230 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 231 232 /** 233 * tty_name - return tty naming 234 * @tty: tty structure 235 * @buf: buffer for output 236 * 237 * Convert a tty structure into a name. The name reflects the kernel 238 * naming policy and if udev is in use may not reflect user space 239 * 240 * Locking: none 241 */ 242 243 char *tty_name(struct tty_struct *tty, char *buf) 244 { 245 if (!tty) /* Hmm. NULL pointer. That's fun. */ 246 strcpy(buf, "NULL tty"); 247 else 248 strcpy(buf, tty->name); 249 return buf; 250 } 251 252 EXPORT_SYMBOL(tty_name); 253 254 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 255 const char *routine) 256 { 257 #ifdef TTY_PARANOIA_CHECK 258 if (!tty) { 259 printk(KERN_WARNING 260 "null TTY for (%d:%d) in %s\n", 261 imajor(inode), iminor(inode), routine); 262 return 1; 263 } 264 if (tty->magic != TTY_MAGIC) { 265 printk(KERN_WARNING 266 "bad magic number for tty struct (%d:%d) in %s\n", 267 imajor(inode), iminor(inode), routine); 268 return 1; 269 } 270 #endif 271 return 0; 272 } 273 274 static int check_tty_count(struct tty_struct *tty, const char *routine) 275 { 276 #ifdef CHECK_TTY_COUNT 277 struct list_head *p; 278 int count = 0; 279 280 spin_lock(&tty_files_lock); 281 list_for_each(p, &tty->tty_files) { 282 count++; 283 } 284 spin_unlock(&tty_files_lock); 285 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 286 tty->driver->subtype == PTY_TYPE_SLAVE && 287 tty->link && tty->link->count) 288 count++; 289 if (tty->count != count) { 290 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 291 "!= #fd's(%d) in %s\n", 292 tty->name, tty->count, count, routine); 293 return count; 294 } 295 #endif 296 return 0; 297 } 298 299 /** 300 * get_tty_driver - find device of a tty 301 * @dev_t: device identifier 302 * @index: returns the index of the tty 303 * 304 * This routine returns a tty driver structure, given a device number 305 * and also passes back the index number. 306 * 307 * Locking: caller must hold tty_mutex 308 */ 309 310 static struct tty_driver *get_tty_driver(dev_t device, int *index) 311 { 312 struct tty_driver *p; 313 314 list_for_each_entry(p, &tty_drivers, tty_drivers) { 315 dev_t base = MKDEV(p->major, p->minor_start); 316 if (device < base || device >= base + p->num) 317 continue; 318 *index = device - base; 319 return tty_driver_kref_get(p); 320 } 321 return NULL; 322 } 323 324 #ifdef CONFIG_CONSOLE_POLL 325 326 /** 327 * tty_find_polling_driver - find device of a polled tty 328 * @name: name string to match 329 * @line: pointer to resulting tty line nr 330 * 331 * This routine returns a tty driver structure, given a name 332 * and the condition that the tty driver is capable of polled 333 * operation. 334 */ 335 struct tty_driver *tty_find_polling_driver(char *name, int *line) 336 { 337 struct tty_driver *p, *res = NULL; 338 int tty_line = 0; 339 int len; 340 char *str, *stp; 341 342 for (str = name; *str; str++) 343 if ((*str >= '0' && *str <= '9') || *str == ',') 344 break; 345 if (!*str) 346 return NULL; 347 348 len = str - name; 349 tty_line = simple_strtoul(str, &str, 10); 350 351 mutex_lock(&tty_mutex); 352 /* Search through the tty devices to look for a match */ 353 list_for_each_entry(p, &tty_drivers, tty_drivers) { 354 if (strncmp(name, p->name, len) != 0) 355 continue; 356 stp = str; 357 if (*stp == ',') 358 stp++; 359 if (*stp == '\0') 360 stp = NULL; 361 362 if (tty_line >= 0 && tty_line < p->num && p->ops && 363 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 364 res = tty_driver_kref_get(p); 365 *line = tty_line; 366 break; 367 } 368 } 369 mutex_unlock(&tty_mutex); 370 371 return res; 372 } 373 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 374 #endif 375 376 /** 377 * tty_check_change - check for POSIX terminal changes 378 * @tty: tty to check 379 * 380 * If we try to write to, or set the state of, a terminal and we're 381 * not in the foreground, send a SIGTTOU. If the signal is blocked or 382 * ignored, go ahead and perform the operation. (POSIX 7.2) 383 * 384 * Locking: ctrl_lock 385 */ 386 387 int tty_check_change(struct tty_struct *tty) 388 { 389 unsigned long flags; 390 int ret = 0; 391 392 if (current->signal->tty != tty) 393 return 0; 394 395 spin_lock_irqsave(&tty->ctrl_lock, flags); 396 397 if (!tty->pgrp) { 398 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 399 goto out_unlock; 400 } 401 if (task_pgrp(current) == tty->pgrp) 402 goto out_unlock; 403 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 404 if (is_ignored(SIGTTOU)) 405 goto out; 406 if (is_current_pgrp_orphaned()) { 407 ret = -EIO; 408 goto out; 409 } 410 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 411 set_thread_flag(TIF_SIGPENDING); 412 ret = -ERESTARTSYS; 413 out: 414 return ret; 415 out_unlock: 416 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 417 return ret; 418 } 419 420 EXPORT_SYMBOL(tty_check_change); 421 422 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 423 size_t count, loff_t *ppos) 424 { 425 return 0; 426 } 427 428 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 429 size_t count, loff_t *ppos) 430 { 431 return -EIO; 432 } 433 434 /* No kernel lock held - none needed ;) */ 435 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 436 { 437 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 438 } 439 440 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 441 unsigned long arg) 442 { 443 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 444 } 445 446 static long hung_up_tty_compat_ioctl(struct file *file, 447 unsigned int cmd, unsigned long arg) 448 { 449 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 450 } 451 452 static const struct file_operations tty_fops = { 453 .llseek = no_llseek, 454 .read = tty_read, 455 .write = tty_write, 456 .poll = tty_poll, 457 .unlocked_ioctl = tty_ioctl, 458 .compat_ioctl = tty_compat_ioctl, 459 .open = tty_open, 460 .release = tty_release, 461 .fasync = tty_fasync, 462 }; 463 464 static const struct file_operations console_fops = { 465 .llseek = no_llseek, 466 .read = tty_read, 467 .write = redirected_tty_write, 468 .poll = tty_poll, 469 .unlocked_ioctl = tty_ioctl, 470 .compat_ioctl = tty_compat_ioctl, 471 .open = tty_open, 472 .release = tty_release, 473 .fasync = tty_fasync, 474 }; 475 476 static const struct file_operations hung_up_tty_fops = { 477 .llseek = no_llseek, 478 .read = hung_up_tty_read, 479 .write = hung_up_tty_write, 480 .poll = hung_up_tty_poll, 481 .unlocked_ioctl = hung_up_tty_ioctl, 482 .compat_ioctl = hung_up_tty_compat_ioctl, 483 .release = tty_release, 484 }; 485 486 static DEFINE_SPINLOCK(redirect_lock); 487 static struct file *redirect; 488 489 /** 490 * tty_wakeup - request more data 491 * @tty: terminal 492 * 493 * Internal and external helper for wakeups of tty. This function 494 * informs the line discipline if present that the driver is ready 495 * to receive more output data. 496 */ 497 498 void tty_wakeup(struct tty_struct *tty) 499 { 500 struct tty_ldisc *ld; 501 502 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 503 ld = tty_ldisc_ref(tty); 504 if (ld) { 505 if (ld->ops->write_wakeup) 506 ld->ops->write_wakeup(tty); 507 tty_ldisc_deref(ld); 508 } 509 } 510 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 511 } 512 513 EXPORT_SYMBOL_GPL(tty_wakeup); 514 515 /** 516 * __tty_hangup - actual handler for hangup events 517 * @work: tty device 518 * 519 * This can be called by the "eventd" kernel thread. That is process 520 * synchronous but doesn't hold any locks, so we need to make sure we 521 * have the appropriate locks for what we're doing. 522 * 523 * The hangup event clears any pending redirections onto the hung up 524 * device. It ensures future writes will error and it does the needed 525 * line discipline hangup and signal delivery. The tty object itself 526 * remains intact. 527 * 528 * Locking: 529 * BTM 530 * redirect lock for undoing redirection 531 * file list lock for manipulating list of ttys 532 * tty_ldisc_lock from called functions 533 * termios_mutex resetting termios data 534 * tasklist_lock to walk task list for hangup event 535 * ->siglock to protect ->signal/->sighand 536 */ 537 void __tty_hangup(struct tty_struct *tty) 538 { 539 struct file *cons_filp = NULL; 540 struct file *filp, *f = NULL; 541 struct task_struct *p; 542 struct tty_file_private *priv; 543 int closecount = 0, n; 544 unsigned long flags; 545 int refs = 0; 546 547 if (!tty) 548 return; 549 550 551 spin_lock(&redirect_lock); 552 if (redirect && file_tty(redirect) == tty) { 553 f = redirect; 554 redirect = NULL; 555 } 556 spin_unlock(&redirect_lock); 557 558 tty_lock(); 559 560 /* some functions below drop BTM, so we need this bit */ 561 set_bit(TTY_HUPPING, &tty->flags); 562 563 /* inuse_filps is protected by the single tty lock, 564 this really needs to change if we want to flush the 565 workqueue with the lock held */ 566 check_tty_count(tty, "tty_hangup"); 567 568 spin_lock(&tty_files_lock); 569 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 570 list_for_each_entry(priv, &tty->tty_files, list) { 571 filp = priv->file; 572 if (filp->f_op->write == redirected_tty_write) 573 cons_filp = filp; 574 if (filp->f_op->write != tty_write) 575 continue; 576 closecount++; 577 __tty_fasync(-1, filp, 0); /* can't block */ 578 filp->f_op = &hung_up_tty_fops; 579 } 580 spin_unlock(&tty_files_lock); 581 582 /* 583 * it drops BTM and thus races with reopen 584 * we protect the race by TTY_HUPPING 585 */ 586 tty_ldisc_hangup(tty); 587 588 read_lock(&tasklist_lock); 589 if (tty->session) { 590 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 591 spin_lock_irq(&p->sighand->siglock); 592 if (p->signal->tty == tty) { 593 p->signal->tty = NULL; 594 /* We defer the dereferences outside fo 595 the tasklist lock */ 596 refs++; 597 } 598 if (!p->signal->leader) { 599 spin_unlock_irq(&p->sighand->siglock); 600 continue; 601 } 602 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 603 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 604 put_pid(p->signal->tty_old_pgrp); /* A noop */ 605 spin_lock_irqsave(&tty->ctrl_lock, flags); 606 if (tty->pgrp) 607 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 608 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 609 spin_unlock_irq(&p->sighand->siglock); 610 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 611 } 612 read_unlock(&tasklist_lock); 613 614 spin_lock_irqsave(&tty->ctrl_lock, flags); 615 clear_bit(TTY_THROTTLED, &tty->flags); 616 clear_bit(TTY_PUSH, &tty->flags); 617 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 618 put_pid(tty->session); 619 put_pid(tty->pgrp); 620 tty->session = NULL; 621 tty->pgrp = NULL; 622 tty->ctrl_status = 0; 623 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 624 625 /* Account for the p->signal references we killed */ 626 while (refs--) 627 tty_kref_put(tty); 628 629 /* 630 * If one of the devices matches a console pointer, we 631 * cannot just call hangup() because that will cause 632 * tty->count and state->count to go out of sync. 633 * So we just call close() the right number of times. 634 */ 635 if (cons_filp) { 636 if (tty->ops->close) 637 for (n = 0; n < closecount; n++) 638 tty->ops->close(tty, cons_filp); 639 } else if (tty->ops->hangup) 640 (tty->ops->hangup)(tty); 641 /* 642 * We don't want to have driver/ldisc interactions beyond 643 * the ones we did here. The driver layer expects no 644 * calls after ->hangup() from the ldisc side. However we 645 * can't yet guarantee all that. 646 */ 647 set_bit(TTY_HUPPED, &tty->flags); 648 clear_bit(TTY_HUPPING, &tty->flags); 649 tty_ldisc_enable(tty); 650 651 tty_unlock(); 652 653 if (f) 654 fput(f); 655 } 656 657 static void do_tty_hangup(struct work_struct *work) 658 { 659 struct tty_struct *tty = 660 container_of(work, struct tty_struct, hangup_work); 661 662 __tty_hangup(tty); 663 } 664 665 /** 666 * tty_hangup - trigger a hangup event 667 * @tty: tty to hangup 668 * 669 * A carrier loss (virtual or otherwise) has occurred on this like 670 * schedule a hangup sequence to run after this event. 671 */ 672 673 void tty_hangup(struct tty_struct *tty) 674 { 675 #ifdef TTY_DEBUG_HANGUP 676 char buf[64]; 677 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 678 #endif 679 schedule_work(&tty->hangup_work); 680 } 681 682 EXPORT_SYMBOL(tty_hangup); 683 684 /** 685 * tty_vhangup - process vhangup 686 * @tty: tty to hangup 687 * 688 * The user has asked via system call for the terminal to be hung up. 689 * We do this synchronously so that when the syscall returns the process 690 * is complete. That guarantee is necessary for security reasons. 691 */ 692 693 void tty_vhangup(struct tty_struct *tty) 694 { 695 #ifdef TTY_DEBUG_HANGUP 696 char buf[64]; 697 698 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 699 #endif 700 __tty_hangup(tty); 701 } 702 703 EXPORT_SYMBOL(tty_vhangup); 704 705 706 /** 707 * tty_vhangup_self - process vhangup for own ctty 708 * 709 * Perform a vhangup on the current controlling tty 710 */ 711 712 void tty_vhangup_self(void) 713 { 714 struct tty_struct *tty; 715 716 tty = get_current_tty(); 717 if (tty) { 718 tty_vhangup(tty); 719 tty_kref_put(tty); 720 } 721 } 722 723 /** 724 * tty_hung_up_p - was tty hung up 725 * @filp: file pointer of tty 726 * 727 * Return true if the tty has been subject to a vhangup or a carrier 728 * loss 729 */ 730 731 int tty_hung_up_p(struct file *filp) 732 { 733 return (filp->f_op == &hung_up_tty_fops); 734 } 735 736 EXPORT_SYMBOL(tty_hung_up_p); 737 738 static void session_clear_tty(struct pid *session) 739 { 740 struct task_struct *p; 741 do_each_pid_task(session, PIDTYPE_SID, p) { 742 proc_clear_tty(p); 743 } while_each_pid_task(session, PIDTYPE_SID, p); 744 } 745 746 /** 747 * disassociate_ctty - disconnect controlling tty 748 * @on_exit: true if exiting so need to "hang up" the session 749 * 750 * This function is typically called only by the session leader, when 751 * it wants to disassociate itself from its controlling tty. 752 * 753 * It performs the following functions: 754 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 755 * (2) Clears the tty from being controlling the session 756 * (3) Clears the controlling tty for all processes in the 757 * session group. 758 * 759 * The argument on_exit is set to 1 if called when a process is 760 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 761 * 762 * Locking: 763 * BTM is taken for hysterical raisins, and held when 764 * called from no_tty(). 765 * tty_mutex is taken to protect tty 766 * ->siglock is taken to protect ->signal/->sighand 767 * tasklist_lock is taken to walk process list for sessions 768 * ->siglock is taken to protect ->signal/->sighand 769 */ 770 771 void disassociate_ctty(int on_exit) 772 { 773 struct tty_struct *tty; 774 struct pid *tty_pgrp = NULL; 775 776 if (!current->signal->leader) 777 return; 778 779 tty = get_current_tty(); 780 if (tty) { 781 tty_pgrp = get_pid(tty->pgrp); 782 if (on_exit) { 783 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 784 tty_vhangup(tty); 785 } 786 tty_kref_put(tty); 787 } else if (on_exit) { 788 struct pid *old_pgrp; 789 spin_lock_irq(¤t->sighand->siglock); 790 old_pgrp = current->signal->tty_old_pgrp; 791 current->signal->tty_old_pgrp = NULL; 792 spin_unlock_irq(¤t->sighand->siglock); 793 if (old_pgrp) { 794 kill_pgrp(old_pgrp, SIGHUP, on_exit); 795 kill_pgrp(old_pgrp, SIGCONT, on_exit); 796 put_pid(old_pgrp); 797 } 798 return; 799 } 800 if (tty_pgrp) { 801 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 802 if (!on_exit) 803 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 804 put_pid(tty_pgrp); 805 } 806 807 spin_lock_irq(¤t->sighand->siglock); 808 put_pid(current->signal->tty_old_pgrp); 809 current->signal->tty_old_pgrp = NULL; 810 spin_unlock_irq(¤t->sighand->siglock); 811 812 tty = get_current_tty(); 813 if (tty) { 814 unsigned long flags; 815 spin_lock_irqsave(&tty->ctrl_lock, flags); 816 put_pid(tty->session); 817 put_pid(tty->pgrp); 818 tty->session = NULL; 819 tty->pgrp = NULL; 820 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 821 tty_kref_put(tty); 822 } else { 823 #ifdef TTY_DEBUG_HANGUP 824 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 825 " = NULL", tty); 826 #endif 827 } 828 829 /* Now clear signal->tty under the lock */ 830 read_lock(&tasklist_lock); 831 session_clear_tty(task_session(current)); 832 read_unlock(&tasklist_lock); 833 } 834 835 /** 836 * 837 * no_tty - Ensure the current process does not have a controlling tty 838 */ 839 void no_tty(void) 840 { 841 struct task_struct *tsk = current; 842 tty_lock(); 843 disassociate_ctty(0); 844 tty_unlock(); 845 proc_clear_tty(tsk); 846 } 847 848 849 /** 850 * stop_tty - propagate flow control 851 * @tty: tty to stop 852 * 853 * Perform flow control to the driver. For PTY/TTY pairs we 854 * must also propagate the TIOCKPKT status. May be called 855 * on an already stopped device and will not re-call the driver 856 * method. 857 * 858 * This functionality is used by both the line disciplines for 859 * halting incoming flow and by the driver. It may therefore be 860 * called from any context, may be under the tty atomic_write_lock 861 * but not always. 862 * 863 * Locking: 864 * Uses the tty control lock internally 865 */ 866 867 void stop_tty(struct tty_struct *tty) 868 { 869 unsigned long flags; 870 spin_lock_irqsave(&tty->ctrl_lock, flags); 871 if (tty->stopped) { 872 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 873 return; 874 } 875 tty->stopped = 1; 876 if (tty->link && tty->link->packet) { 877 tty->ctrl_status &= ~TIOCPKT_START; 878 tty->ctrl_status |= TIOCPKT_STOP; 879 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 880 } 881 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 882 if (tty->ops->stop) 883 (tty->ops->stop)(tty); 884 } 885 886 EXPORT_SYMBOL(stop_tty); 887 888 /** 889 * start_tty - propagate flow control 890 * @tty: tty to start 891 * 892 * Start a tty that has been stopped if at all possible. Perform 893 * any necessary wakeups and propagate the TIOCPKT status. If this 894 * is the tty was previous stopped and is being started then the 895 * driver start method is invoked and the line discipline woken. 896 * 897 * Locking: 898 * ctrl_lock 899 */ 900 901 void start_tty(struct tty_struct *tty) 902 { 903 unsigned long flags; 904 spin_lock_irqsave(&tty->ctrl_lock, flags); 905 if (!tty->stopped || tty->flow_stopped) { 906 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 907 return; 908 } 909 tty->stopped = 0; 910 if (tty->link && tty->link->packet) { 911 tty->ctrl_status &= ~TIOCPKT_STOP; 912 tty->ctrl_status |= TIOCPKT_START; 913 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 914 } 915 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 916 if (tty->ops->start) 917 (tty->ops->start)(tty); 918 /* If we have a running line discipline it may need kicking */ 919 tty_wakeup(tty); 920 } 921 922 EXPORT_SYMBOL(start_tty); 923 924 /** 925 * tty_read - read method for tty device files 926 * @file: pointer to tty file 927 * @buf: user buffer 928 * @count: size of user buffer 929 * @ppos: unused 930 * 931 * Perform the read system call function on this terminal device. Checks 932 * for hung up devices before calling the line discipline method. 933 * 934 * Locking: 935 * Locks the line discipline internally while needed. Multiple 936 * read calls may be outstanding in parallel. 937 */ 938 939 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 940 loff_t *ppos) 941 { 942 int i; 943 struct inode *inode = file->f_path.dentry->d_inode; 944 struct tty_struct *tty = file_tty(file); 945 struct tty_ldisc *ld; 946 947 if (tty_paranoia_check(tty, inode, "tty_read")) 948 return -EIO; 949 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 950 return -EIO; 951 952 /* We want to wait for the line discipline to sort out in this 953 situation */ 954 ld = tty_ldisc_ref_wait(tty); 955 if (ld->ops->read) 956 i = (ld->ops->read)(tty, file, buf, count); 957 else 958 i = -EIO; 959 tty_ldisc_deref(ld); 960 if (i > 0) 961 inode->i_atime = current_fs_time(inode->i_sb); 962 return i; 963 } 964 965 void tty_write_unlock(struct tty_struct *tty) 966 __releases(&tty->atomic_write_lock) 967 { 968 mutex_unlock(&tty->atomic_write_lock); 969 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 970 } 971 972 int tty_write_lock(struct tty_struct *tty, int ndelay) 973 __acquires(&tty->atomic_write_lock) 974 { 975 if (!mutex_trylock(&tty->atomic_write_lock)) { 976 if (ndelay) 977 return -EAGAIN; 978 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 979 return -ERESTARTSYS; 980 } 981 return 0; 982 } 983 984 /* 985 * Split writes up in sane blocksizes to avoid 986 * denial-of-service type attacks 987 */ 988 static inline ssize_t do_tty_write( 989 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 990 struct tty_struct *tty, 991 struct file *file, 992 const char __user *buf, 993 size_t count) 994 { 995 ssize_t ret, written = 0; 996 unsigned int chunk; 997 998 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 999 if (ret < 0) 1000 return ret; 1001 1002 /* 1003 * We chunk up writes into a temporary buffer. This 1004 * simplifies low-level drivers immensely, since they 1005 * don't have locking issues and user mode accesses. 1006 * 1007 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1008 * big chunk-size.. 1009 * 1010 * The default chunk-size is 2kB, because the NTTY 1011 * layer has problems with bigger chunks. It will 1012 * claim to be able to handle more characters than 1013 * it actually does. 1014 * 1015 * FIXME: This can probably go away now except that 64K chunks 1016 * are too likely to fail unless switched to vmalloc... 1017 */ 1018 chunk = 2048; 1019 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1020 chunk = 65536; 1021 if (count < chunk) 1022 chunk = count; 1023 1024 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1025 if (tty->write_cnt < chunk) { 1026 unsigned char *buf_chunk; 1027 1028 if (chunk < 1024) 1029 chunk = 1024; 1030 1031 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1032 if (!buf_chunk) { 1033 ret = -ENOMEM; 1034 goto out; 1035 } 1036 kfree(tty->write_buf); 1037 tty->write_cnt = chunk; 1038 tty->write_buf = buf_chunk; 1039 } 1040 1041 /* Do the write .. */ 1042 for (;;) { 1043 size_t size = count; 1044 if (size > chunk) 1045 size = chunk; 1046 ret = -EFAULT; 1047 if (copy_from_user(tty->write_buf, buf, size)) 1048 break; 1049 ret = write(tty, file, tty->write_buf, size); 1050 if (ret <= 0) 1051 break; 1052 written += ret; 1053 buf += ret; 1054 count -= ret; 1055 if (!count) 1056 break; 1057 ret = -ERESTARTSYS; 1058 if (signal_pending(current)) 1059 break; 1060 cond_resched(); 1061 } 1062 if (written) { 1063 struct inode *inode = file->f_path.dentry->d_inode; 1064 inode->i_mtime = current_fs_time(inode->i_sb); 1065 ret = written; 1066 } 1067 out: 1068 tty_write_unlock(tty); 1069 return ret; 1070 } 1071 1072 /** 1073 * tty_write_message - write a message to a certain tty, not just the console. 1074 * @tty: the destination tty_struct 1075 * @msg: the message to write 1076 * 1077 * This is used for messages that need to be redirected to a specific tty. 1078 * We don't put it into the syslog queue right now maybe in the future if 1079 * really needed. 1080 * 1081 * We must still hold the BTM and test the CLOSING flag for the moment. 1082 */ 1083 1084 void tty_write_message(struct tty_struct *tty, char *msg) 1085 { 1086 if (tty) { 1087 mutex_lock(&tty->atomic_write_lock); 1088 tty_lock(); 1089 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1090 tty_unlock(); 1091 tty->ops->write(tty, msg, strlen(msg)); 1092 } else 1093 tty_unlock(); 1094 tty_write_unlock(tty); 1095 } 1096 return; 1097 } 1098 1099 1100 /** 1101 * tty_write - write method for tty device file 1102 * @file: tty file pointer 1103 * @buf: user data to write 1104 * @count: bytes to write 1105 * @ppos: unused 1106 * 1107 * Write data to a tty device via the line discipline. 1108 * 1109 * Locking: 1110 * Locks the line discipline as required 1111 * Writes to the tty driver are serialized by the atomic_write_lock 1112 * and are then processed in chunks to the device. The line discipline 1113 * write method will not be invoked in parallel for each device. 1114 */ 1115 1116 static ssize_t tty_write(struct file *file, const char __user *buf, 1117 size_t count, loff_t *ppos) 1118 { 1119 struct inode *inode = file->f_path.dentry->d_inode; 1120 struct tty_struct *tty = file_tty(file); 1121 struct tty_ldisc *ld; 1122 ssize_t ret; 1123 1124 if (tty_paranoia_check(tty, inode, "tty_write")) 1125 return -EIO; 1126 if (!tty || !tty->ops->write || 1127 (test_bit(TTY_IO_ERROR, &tty->flags))) 1128 return -EIO; 1129 /* Short term debug to catch buggy drivers */ 1130 if (tty->ops->write_room == NULL) 1131 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1132 tty->driver->name); 1133 ld = tty_ldisc_ref_wait(tty); 1134 if (!ld->ops->write) 1135 ret = -EIO; 1136 else 1137 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1138 tty_ldisc_deref(ld); 1139 return ret; 1140 } 1141 1142 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1143 size_t count, loff_t *ppos) 1144 { 1145 struct file *p = NULL; 1146 1147 spin_lock(&redirect_lock); 1148 if (redirect) { 1149 get_file(redirect); 1150 p = redirect; 1151 } 1152 spin_unlock(&redirect_lock); 1153 1154 if (p) { 1155 ssize_t res; 1156 res = vfs_write(p, buf, count, &p->f_pos); 1157 fput(p); 1158 return res; 1159 } 1160 return tty_write(file, buf, count, ppos); 1161 } 1162 1163 static char ptychar[] = "pqrstuvwxyzabcde"; 1164 1165 /** 1166 * pty_line_name - generate name for a pty 1167 * @driver: the tty driver in use 1168 * @index: the minor number 1169 * @p: output buffer of at least 6 bytes 1170 * 1171 * Generate a name from a driver reference and write it to the output 1172 * buffer. 1173 * 1174 * Locking: None 1175 */ 1176 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1177 { 1178 int i = index + driver->name_base; 1179 /* ->name is initialized to "ttyp", but "tty" is expected */ 1180 sprintf(p, "%s%c%x", 1181 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1182 ptychar[i >> 4 & 0xf], i & 0xf); 1183 } 1184 1185 /** 1186 * tty_line_name - generate name for a tty 1187 * @driver: the tty driver in use 1188 * @index: the minor number 1189 * @p: output buffer of at least 7 bytes 1190 * 1191 * Generate a name from a driver reference and write it to the output 1192 * buffer. 1193 * 1194 * Locking: None 1195 */ 1196 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1197 { 1198 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1199 } 1200 1201 /** 1202 * tty_driver_lookup_tty() - find an existing tty, if any 1203 * @driver: the driver for the tty 1204 * @idx: the minor number 1205 * 1206 * Return the tty, if found or ERR_PTR() otherwise. 1207 * 1208 * Locking: tty_mutex must be held. If tty is found, the mutex must 1209 * be held until the 'fast-open' is also done. Will change once we 1210 * have refcounting in the driver and per driver locking 1211 */ 1212 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1213 struct inode *inode, int idx) 1214 { 1215 struct tty_struct *tty; 1216 1217 if (driver->ops->lookup) 1218 return driver->ops->lookup(driver, inode, idx); 1219 1220 tty = driver->ttys[idx]; 1221 return tty; 1222 } 1223 1224 /** 1225 * tty_init_termios - helper for termios setup 1226 * @tty: the tty to set up 1227 * 1228 * Initialise the termios structures for this tty. Thus runs under 1229 * the tty_mutex currently so we can be relaxed about ordering. 1230 */ 1231 1232 int tty_init_termios(struct tty_struct *tty) 1233 { 1234 struct ktermios *tp; 1235 int idx = tty->index; 1236 1237 tp = tty->driver->termios[idx]; 1238 if (tp == NULL) { 1239 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1240 if (tp == NULL) 1241 return -ENOMEM; 1242 memcpy(tp, &tty->driver->init_termios, 1243 sizeof(struct ktermios)); 1244 tty->driver->termios[idx] = tp; 1245 } 1246 tty->termios = tp; 1247 tty->termios_locked = tp + 1; 1248 1249 /* Compatibility until drivers always set this */ 1250 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1251 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1252 return 0; 1253 } 1254 EXPORT_SYMBOL_GPL(tty_init_termios); 1255 1256 /** 1257 * tty_driver_install_tty() - install a tty entry in the driver 1258 * @driver: the driver for the tty 1259 * @tty: the tty 1260 * 1261 * Install a tty object into the driver tables. The tty->index field 1262 * will be set by the time this is called. This method is responsible 1263 * for ensuring any need additional structures are allocated and 1264 * configured. 1265 * 1266 * Locking: tty_mutex for now 1267 */ 1268 static int tty_driver_install_tty(struct tty_driver *driver, 1269 struct tty_struct *tty) 1270 { 1271 int idx = tty->index; 1272 int ret; 1273 1274 if (driver->ops->install) { 1275 ret = driver->ops->install(driver, tty); 1276 return ret; 1277 } 1278 1279 if (tty_init_termios(tty) == 0) { 1280 tty_driver_kref_get(driver); 1281 tty->count++; 1282 driver->ttys[idx] = tty; 1283 return 0; 1284 } 1285 return -ENOMEM; 1286 } 1287 1288 /** 1289 * tty_driver_remove_tty() - remove a tty from the driver tables 1290 * @driver: the driver for the tty 1291 * @idx: the minor number 1292 * 1293 * Remvoe a tty object from the driver tables. The tty->index field 1294 * will be set by the time this is called. 1295 * 1296 * Locking: tty_mutex for now 1297 */ 1298 static void tty_driver_remove_tty(struct tty_driver *driver, 1299 struct tty_struct *tty) 1300 { 1301 if (driver->ops->remove) 1302 driver->ops->remove(driver, tty); 1303 else 1304 driver->ttys[tty->index] = NULL; 1305 } 1306 1307 /* 1308 * tty_reopen() - fast re-open of an open tty 1309 * @tty - the tty to open 1310 * 1311 * Return 0 on success, -errno on error. 1312 * 1313 * Locking: tty_mutex must be held from the time the tty was found 1314 * till this open completes. 1315 */ 1316 static int tty_reopen(struct tty_struct *tty) 1317 { 1318 struct tty_driver *driver = tty->driver; 1319 1320 if (test_bit(TTY_CLOSING, &tty->flags) || 1321 test_bit(TTY_HUPPING, &tty->flags) || 1322 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1323 return -EIO; 1324 1325 if (driver->type == TTY_DRIVER_TYPE_PTY && 1326 driver->subtype == PTY_TYPE_MASTER) { 1327 /* 1328 * special case for PTY masters: only one open permitted, 1329 * and the slave side open count is incremented as well. 1330 */ 1331 if (tty->count) 1332 return -EIO; 1333 1334 tty->link->count++; 1335 } 1336 tty->count++; 1337 tty->driver = driver; /* N.B. why do this every time?? */ 1338 1339 mutex_lock(&tty->ldisc_mutex); 1340 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1341 mutex_unlock(&tty->ldisc_mutex); 1342 1343 return 0; 1344 } 1345 1346 /** 1347 * tty_init_dev - initialise a tty device 1348 * @driver: tty driver we are opening a device on 1349 * @idx: device index 1350 * @ret_tty: returned tty structure 1351 * @first_ok: ok to open a new device (used by ptmx) 1352 * 1353 * Prepare a tty device. This may not be a "new" clean device but 1354 * could also be an active device. The pty drivers require special 1355 * handling because of this. 1356 * 1357 * Locking: 1358 * The function is called under the tty_mutex, which 1359 * protects us from the tty struct or driver itself going away. 1360 * 1361 * On exit the tty device has the line discipline attached and 1362 * a reference count of 1. If a pair was created for pty/tty use 1363 * and the other was a pty master then it too has a reference count of 1. 1364 * 1365 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1366 * failed open. The new code protects the open with a mutex, so it's 1367 * really quite straightforward. The mutex locking can probably be 1368 * relaxed for the (most common) case of reopening a tty. 1369 */ 1370 1371 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx, 1372 int first_ok) 1373 { 1374 struct tty_struct *tty; 1375 int retval; 1376 1377 /* Check if pty master is being opened multiple times */ 1378 if (driver->subtype == PTY_TYPE_MASTER && 1379 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) { 1380 return ERR_PTR(-EIO); 1381 } 1382 1383 /* 1384 * First time open is complex, especially for PTY devices. 1385 * This code guarantees that either everything succeeds and the 1386 * TTY is ready for operation, or else the table slots are vacated 1387 * and the allocated memory released. (Except that the termios 1388 * and locked termios may be retained.) 1389 */ 1390 1391 if (!try_module_get(driver->owner)) 1392 return ERR_PTR(-ENODEV); 1393 1394 tty = alloc_tty_struct(); 1395 if (!tty) { 1396 retval = -ENOMEM; 1397 goto err_module_put; 1398 } 1399 initialize_tty_struct(tty, driver, idx); 1400 1401 retval = tty_driver_install_tty(driver, tty); 1402 if (retval < 0) 1403 goto err_deinit_tty; 1404 1405 /* 1406 * Structures all installed ... call the ldisc open routines. 1407 * If we fail here just call release_tty to clean up. No need 1408 * to decrement the use counts, as release_tty doesn't care. 1409 */ 1410 retval = tty_ldisc_setup(tty, tty->link); 1411 if (retval) 1412 goto err_release_tty; 1413 return tty; 1414 1415 err_deinit_tty: 1416 deinitialize_tty_struct(tty); 1417 free_tty_struct(tty); 1418 err_module_put: 1419 module_put(driver->owner); 1420 return ERR_PTR(retval); 1421 1422 /* call the tty release_tty routine to clean out this slot */ 1423 err_release_tty: 1424 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1425 "clearing slot %d\n", idx); 1426 release_tty(tty, idx); 1427 return ERR_PTR(retval); 1428 } 1429 1430 void tty_free_termios(struct tty_struct *tty) 1431 { 1432 struct ktermios *tp; 1433 int idx = tty->index; 1434 /* Kill this flag and push into drivers for locking etc */ 1435 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1436 /* FIXME: Locking on ->termios array */ 1437 tp = tty->termios; 1438 tty->driver->termios[idx] = NULL; 1439 kfree(tp); 1440 } 1441 } 1442 EXPORT_SYMBOL(tty_free_termios); 1443 1444 void tty_shutdown(struct tty_struct *tty) 1445 { 1446 tty_driver_remove_tty(tty->driver, tty); 1447 tty_free_termios(tty); 1448 } 1449 EXPORT_SYMBOL(tty_shutdown); 1450 1451 /** 1452 * release_one_tty - release tty structure memory 1453 * @kref: kref of tty we are obliterating 1454 * 1455 * Releases memory associated with a tty structure, and clears out the 1456 * driver table slots. This function is called when a device is no longer 1457 * in use. It also gets called when setup of a device fails. 1458 * 1459 * Locking: 1460 * tty_mutex - sometimes only 1461 * takes the file list lock internally when working on the list 1462 * of ttys that the driver keeps. 1463 * 1464 * This method gets called from a work queue so that the driver private 1465 * cleanup ops can sleep (needed for USB at least) 1466 */ 1467 static void release_one_tty(struct work_struct *work) 1468 { 1469 struct tty_struct *tty = 1470 container_of(work, struct tty_struct, hangup_work); 1471 struct tty_driver *driver = tty->driver; 1472 1473 if (tty->ops->cleanup) 1474 tty->ops->cleanup(tty); 1475 1476 tty->magic = 0; 1477 tty_driver_kref_put(driver); 1478 module_put(driver->owner); 1479 1480 spin_lock(&tty_files_lock); 1481 list_del_init(&tty->tty_files); 1482 spin_unlock(&tty_files_lock); 1483 1484 put_pid(tty->pgrp); 1485 put_pid(tty->session); 1486 free_tty_struct(tty); 1487 } 1488 1489 static void queue_release_one_tty(struct kref *kref) 1490 { 1491 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1492 1493 if (tty->ops->shutdown) 1494 tty->ops->shutdown(tty); 1495 else 1496 tty_shutdown(tty); 1497 1498 /* The hangup queue is now free so we can reuse it rather than 1499 waste a chunk of memory for each port */ 1500 INIT_WORK(&tty->hangup_work, release_one_tty); 1501 schedule_work(&tty->hangup_work); 1502 } 1503 1504 /** 1505 * tty_kref_put - release a tty kref 1506 * @tty: tty device 1507 * 1508 * Release a reference to a tty device and if need be let the kref 1509 * layer destruct the object for us 1510 */ 1511 1512 void tty_kref_put(struct tty_struct *tty) 1513 { 1514 if (tty) 1515 kref_put(&tty->kref, queue_release_one_tty); 1516 } 1517 EXPORT_SYMBOL(tty_kref_put); 1518 1519 /** 1520 * release_tty - release tty structure memory 1521 * 1522 * Release both @tty and a possible linked partner (think pty pair), 1523 * and decrement the refcount of the backing module. 1524 * 1525 * Locking: 1526 * tty_mutex - sometimes only 1527 * takes the file list lock internally when working on the list 1528 * of ttys that the driver keeps. 1529 * FIXME: should we require tty_mutex is held here ?? 1530 * 1531 */ 1532 static void release_tty(struct tty_struct *tty, int idx) 1533 { 1534 /* This should always be true but check for the moment */ 1535 WARN_ON(tty->index != idx); 1536 1537 if (tty->link) 1538 tty_kref_put(tty->link); 1539 tty_kref_put(tty); 1540 } 1541 1542 /** 1543 * tty_release - vfs callback for close 1544 * @inode: inode of tty 1545 * @filp: file pointer for handle to tty 1546 * 1547 * Called the last time each file handle is closed that references 1548 * this tty. There may however be several such references. 1549 * 1550 * Locking: 1551 * Takes bkl. See tty_release_dev 1552 * 1553 * Even releasing the tty structures is a tricky business.. We have 1554 * to be very careful that the structures are all released at the 1555 * same time, as interrupts might otherwise get the wrong pointers. 1556 * 1557 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1558 * lead to double frees or releasing memory still in use. 1559 */ 1560 1561 int tty_release(struct inode *inode, struct file *filp) 1562 { 1563 struct tty_struct *tty = file_tty(filp); 1564 struct tty_struct *o_tty; 1565 int pty_master, tty_closing, o_tty_closing, do_sleep; 1566 int devpts; 1567 int idx; 1568 char buf[64]; 1569 1570 if (tty_paranoia_check(tty, inode, "tty_release_dev")) 1571 return 0; 1572 1573 tty_lock(); 1574 check_tty_count(tty, "tty_release_dev"); 1575 1576 __tty_fasync(-1, filp, 0); 1577 1578 idx = tty->index; 1579 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1580 tty->driver->subtype == PTY_TYPE_MASTER); 1581 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1582 o_tty = tty->link; 1583 1584 #ifdef TTY_PARANOIA_CHECK 1585 if (idx < 0 || idx >= tty->driver->num) { 1586 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to " 1587 "free (%s)\n", tty->name); 1588 tty_unlock(); 1589 return 0; 1590 } 1591 if (!devpts) { 1592 if (tty != tty->driver->ttys[idx]) { 1593 tty_unlock(); 1594 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty " 1595 "for (%s)\n", idx, tty->name); 1596 return 0; 1597 } 1598 if (tty->termios != tty->driver->termios[idx]) { 1599 tty_unlock(); 1600 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios " 1601 "for (%s)\n", 1602 idx, tty->name); 1603 return 0; 1604 } 1605 } 1606 #endif 1607 1608 #ifdef TTY_DEBUG_HANGUP 1609 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...", 1610 tty_name(tty, buf), tty->count); 1611 #endif 1612 1613 #ifdef TTY_PARANOIA_CHECK 1614 if (tty->driver->other && 1615 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 1616 if (o_tty != tty->driver->other->ttys[idx]) { 1617 tty_unlock(); 1618 printk(KERN_DEBUG "tty_release_dev: other->table[%d] " 1619 "not o_tty for (%s)\n", 1620 idx, tty->name); 1621 return 0 ; 1622 } 1623 if (o_tty->termios != tty->driver->other->termios[idx]) { 1624 tty_unlock(); 1625 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] " 1626 "not o_termios for (%s)\n", 1627 idx, tty->name); 1628 return 0; 1629 } 1630 if (o_tty->link != tty) { 1631 tty_unlock(); 1632 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n"); 1633 return 0; 1634 } 1635 } 1636 #endif 1637 if (tty->ops->close) 1638 tty->ops->close(tty, filp); 1639 1640 tty_unlock(); 1641 /* 1642 * Sanity check: if tty->count is going to zero, there shouldn't be 1643 * any waiters on tty->read_wait or tty->write_wait. We test the 1644 * wait queues and kick everyone out _before_ actually starting to 1645 * close. This ensures that we won't block while releasing the tty 1646 * structure. 1647 * 1648 * The test for the o_tty closing is necessary, since the master and 1649 * slave sides may close in any order. If the slave side closes out 1650 * first, its count will be one, since the master side holds an open. 1651 * Thus this test wouldn't be triggered at the time the slave closes, 1652 * so we do it now. 1653 * 1654 * Note that it's possible for the tty to be opened again while we're 1655 * flushing out waiters. By recalculating the closing flags before 1656 * each iteration we avoid any problems. 1657 */ 1658 while (1) { 1659 /* Guard against races with tty->count changes elsewhere and 1660 opens on /dev/tty */ 1661 1662 mutex_lock(&tty_mutex); 1663 tty_lock(); 1664 tty_closing = tty->count <= 1; 1665 o_tty_closing = o_tty && 1666 (o_tty->count <= (pty_master ? 1 : 0)); 1667 do_sleep = 0; 1668 1669 if (tty_closing) { 1670 if (waitqueue_active(&tty->read_wait)) { 1671 wake_up_poll(&tty->read_wait, POLLIN); 1672 do_sleep++; 1673 } 1674 if (waitqueue_active(&tty->write_wait)) { 1675 wake_up_poll(&tty->write_wait, POLLOUT); 1676 do_sleep++; 1677 } 1678 } 1679 if (o_tty_closing) { 1680 if (waitqueue_active(&o_tty->read_wait)) { 1681 wake_up_poll(&o_tty->read_wait, POLLIN); 1682 do_sleep++; 1683 } 1684 if (waitqueue_active(&o_tty->write_wait)) { 1685 wake_up_poll(&o_tty->write_wait, POLLOUT); 1686 do_sleep++; 1687 } 1688 } 1689 if (!do_sleep) 1690 break; 1691 1692 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue " 1693 "active!\n", tty_name(tty, buf)); 1694 tty_unlock(); 1695 mutex_unlock(&tty_mutex); 1696 schedule(); 1697 } 1698 1699 /* 1700 * The closing flags are now consistent with the open counts on 1701 * both sides, and we've completed the last operation that could 1702 * block, so it's safe to proceed with closing. 1703 */ 1704 if (pty_master) { 1705 if (--o_tty->count < 0) { 1706 printk(KERN_WARNING "tty_release_dev: bad pty slave count " 1707 "(%d) for %s\n", 1708 o_tty->count, tty_name(o_tty, buf)); 1709 o_tty->count = 0; 1710 } 1711 } 1712 if (--tty->count < 0) { 1713 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n", 1714 tty->count, tty_name(tty, buf)); 1715 tty->count = 0; 1716 } 1717 1718 /* 1719 * We've decremented tty->count, so we need to remove this file 1720 * descriptor off the tty->tty_files list; this serves two 1721 * purposes: 1722 * - check_tty_count sees the correct number of file descriptors 1723 * associated with this tty. 1724 * - do_tty_hangup no longer sees this file descriptor as 1725 * something that needs to be handled for hangups. 1726 */ 1727 tty_del_file(filp); 1728 1729 /* 1730 * Perform some housekeeping before deciding whether to return. 1731 * 1732 * Set the TTY_CLOSING flag if this was the last open. In the 1733 * case of a pty we may have to wait around for the other side 1734 * to close, and TTY_CLOSING makes sure we can't be reopened. 1735 */ 1736 if (tty_closing) 1737 set_bit(TTY_CLOSING, &tty->flags); 1738 if (o_tty_closing) 1739 set_bit(TTY_CLOSING, &o_tty->flags); 1740 1741 /* 1742 * If _either_ side is closing, make sure there aren't any 1743 * processes that still think tty or o_tty is their controlling 1744 * tty. 1745 */ 1746 if (tty_closing || o_tty_closing) { 1747 read_lock(&tasklist_lock); 1748 session_clear_tty(tty->session); 1749 if (o_tty) 1750 session_clear_tty(o_tty->session); 1751 read_unlock(&tasklist_lock); 1752 } 1753 1754 mutex_unlock(&tty_mutex); 1755 1756 /* check whether both sides are closing ... */ 1757 if (!tty_closing || (o_tty && !o_tty_closing)) { 1758 tty_unlock(); 1759 return 0; 1760 } 1761 1762 #ifdef TTY_DEBUG_HANGUP 1763 printk(KERN_DEBUG "freeing tty structure..."); 1764 #endif 1765 /* 1766 * Ask the line discipline code to release its structures 1767 */ 1768 tty_ldisc_release(tty, o_tty); 1769 /* 1770 * The release_tty function takes care of the details of clearing 1771 * the slots and preserving the termios structure. 1772 */ 1773 release_tty(tty, idx); 1774 1775 /* Make this pty number available for reallocation */ 1776 if (devpts) 1777 devpts_kill_index(inode, idx); 1778 tty_unlock(); 1779 return 0; 1780 } 1781 1782 /** 1783 * tty_open - open a tty device 1784 * @inode: inode of device file 1785 * @filp: file pointer to tty 1786 * 1787 * tty_open and tty_release keep up the tty count that contains the 1788 * number of opens done on a tty. We cannot use the inode-count, as 1789 * different inodes might point to the same tty. 1790 * 1791 * Open-counting is needed for pty masters, as well as for keeping 1792 * track of serial lines: DTR is dropped when the last close happens. 1793 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1794 * 1795 * The termios state of a pty is reset on first open so that 1796 * settings don't persist across reuse. 1797 * 1798 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work. 1799 * tty->count should protect the rest. 1800 * ->siglock protects ->signal/->sighand 1801 */ 1802 1803 static int tty_open(struct inode *inode, struct file *filp) 1804 { 1805 struct tty_struct *tty = NULL; 1806 int noctty, retval; 1807 struct tty_driver *driver; 1808 int index; 1809 dev_t device = inode->i_rdev; 1810 unsigned saved_flags = filp->f_flags; 1811 1812 nonseekable_open(inode, filp); 1813 1814 retry_open: 1815 noctty = filp->f_flags & O_NOCTTY; 1816 index = -1; 1817 retval = 0; 1818 1819 mutex_lock(&tty_mutex); 1820 tty_lock(); 1821 1822 if (device == MKDEV(TTYAUX_MAJOR, 0)) { 1823 tty = get_current_tty(); 1824 if (!tty) { 1825 tty_unlock(); 1826 mutex_unlock(&tty_mutex); 1827 return -ENXIO; 1828 } 1829 driver = tty_driver_kref_get(tty->driver); 1830 index = tty->index; 1831 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1832 /* noctty = 1; */ 1833 /* FIXME: Should we take a driver reference ? */ 1834 tty_kref_put(tty); 1835 goto got_driver; 1836 } 1837 #ifdef CONFIG_VT 1838 if (device == MKDEV(TTY_MAJOR, 0)) { 1839 extern struct tty_driver *console_driver; 1840 driver = tty_driver_kref_get(console_driver); 1841 index = fg_console; 1842 noctty = 1; 1843 goto got_driver; 1844 } 1845 #endif 1846 if (device == MKDEV(TTYAUX_MAJOR, 1)) { 1847 struct tty_driver *console_driver = console_device(&index); 1848 if (console_driver) { 1849 driver = tty_driver_kref_get(console_driver); 1850 if (driver) { 1851 /* Don't let /dev/console block */ 1852 filp->f_flags |= O_NONBLOCK; 1853 noctty = 1; 1854 goto got_driver; 1855 } 1856 } 1857 tty_unlock(); 1858 mutex_unlock(&tty_mutex); 1859 return -ENODEV; 1860 } 1861 1862 driver = get_tty_driver(device, &index); 1863 if (!driver) { 1864 tty_unlock(); 1865 mutex_unlock(&tty_mutex); 1866 return -ENODEV; 1867 } 1868 got_driver: 1869 if (!tty) { 1870 /* check whether we're reopening an existing tty */ 1871 tty = tty_driver_lookup_tty(driver, inode, index); 1872 1873 if (IS_ERR(tty)) { 1874 tty_unlock(); 1875 mutex_unlock(&tty_mutex); 1876 return PTR_ERR(tty); 1877 } 1878 } 1879 1880 if (tty) { 1881 retval = tty_reopen(tty); 1882 if (retval) 1883 tty = ERR_PTR(retval); 1884 } else 1885 tty = tty_init_dev(driver, index, 0); 1886 1887 mutex_unlock(&tty_mutex); 1888 tty_driver_kref_put(driver); 1889 if (IS_ERR(tty)) { 1890 tty_unlock(); 1891 return PTR_ERR(tty); 1892 } 1893 1894 retval = tty_add_file(tty, filp); 1895 if (retval) { 1896 tty_unlock(); 1897 tty_release(inode, filp); 1898 return retval; 1899 } 1900 1901 check_tty_count(tty, "tty_open"); 1902 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1903 tty->driver->subtype == PTY_TYPE_MASTER) 1904 noctty = 1; 1905 #ifdef TTY_DEBUG_HANGUP 1906 printk(KERN_DEBUG "opening %s...", tty->name); 1907 #endif 1908 if (tty->ops->open) 1909 retval = tty->ops->open(tty, filp); 1910 else 1911 retval = -ENODEV; 1912 filp->f_flags = saved_flags; 1913 1914 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1915 !capable(CAP_SYS_ADMIN)) 1916 retval = -EBUSY; 1917 1918 if (retval) { 1919 #ifdef TTY_DEBUG_HANGUP 1920 printk(KERN_DEBUG "error %d in opening %s...", retval, 1921 tty->name); 1922 #endif 1923 tty_unlock(); /* need to call tty_release without BTM */ 1924 tty_release(inode, filp); 1925 if (retval != -ERESTARTSYS) 1926 return retval; 1927 1928 if (signal_pending(current)) 1929 return retval; 1930 1931 schedule(); 1932 /* 1933 * Need to reset f_op in case a hangup happened. 1934 */ 1935 tty_lock(); 1936 if (filp->f_op == &hung_up_tty_fops) 1937 filp->f_op = &tty_fops; 1938 tty_unlock(); 1939 goto retry_open; 1940 } 1941 tty_unlock(); 1942 1943 1944 mutex_lock(&tty_mutex); 1945 tty_lock(); 1946 spin_lock_irq(¤t->sighand->siglock); 1947 if (!noctty && 1948 current->signal->leader && 1949 !current->signal->tty && 1950 tty->session == NULL) 1951 __proc_set_tty(current, tty); 1952 spin_unlock_irq(¤t->sighand->siglock); 1953 tty_unlock(); 1954 mutex_unlock(&tty_mutex); 1955 return 0; 1956 } 1957 1958 1959 1960 /** 1961 * tty_poll - check tty status 1962 * @filp: file being polled 1963 * @wait: poll wait structures to update 1964 * 1965 * Call the line discipline polling method to obtain the poll 1966 * status of the device. 1967 * 1968 * Locking: locks called line discipline but ldisc poll method 1969 * may be re-entered freely by other callers. 1970 */ 1971 1972 static unsigned int tty_poll(struct file *filp, poll_table *wait) 1973 { 1974 struct tty_struct *tty = file_tty(filp); 1975 struct tty_ldisc *ld; 1976 int ret = 0; 1977 1978 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 1979 return 0; 1980 1981 ld = tty_ldisc_ref_wait(tty); 1982 if (ld->ops->poll) 1983 ret = (ld->ops->poll)(tty, filp, wait); 1984 tty_ldisc_deref(ld); 1985 return ret; 1986 } 1987 1988 static int __tty_fasync(int fd, struct file *filp, int on) 1989 { 1990 struct tty_struct *tty = file_tty(filp); 1991 unsigned long flags; 1992 int retval = 0; 1993 1994 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 1995 goto out; 1996 1997 retval = fasync_helper(fd, filp, on, &tty->fasync); 1998 if (retval <= 0) 1999 goto out; 2000 2001 if (on) { 2002 enum pid_type type; 2003 struct pid *pid; 2004 if (!waitqueue_active(&tty->read_wait)) 2005 tty->minimum_to_wake = 1; 2006 spin_lock_irqsave(&tty->ctrl_lock, flags); 2007 if (tty->pgrp) { 2008 pid = tty->pgrp; 2009 type = PIDTYPE_PGID; 2010 } else { 2011 pid = task_pid(current); 2012 type = PIDTYPE_PID; 2013 } 2014 get_pid(pid); 2015 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2016 retval = __f_setown(filp, pid, type, 0); 2017 put_pid(pid); 2018 if (retval) 2019 goto out; 2020 } else { 2021 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2022 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2023 } 2024 retval = 0; 2025 out: 2026 return retval; 2027 } 2028 2029 static int tty_fasync(int fd, struct file *filp, int on) 2030 { 2031 int retval; 2032 tty_lock(); 2033 retval = __tty_fasync(fd, filp, on); 2034 tty_unlock(); 2035 return retval; 2036 } 2037 2038 /** 2039 * tiocsti - fake input character 2040 * @tty: tty to fake input into 2041 * @p: pointer to character 2042 * 2043 * Fake input to a tty device. Does the necessary locking and 2044 * input management. 2045 * 2046 * FIXME: does not honour flow control ?? 2047 * 2048 * Locking: 2049 * Called functions take tty_ldisc_lock 2050 * current->signal->tty check is safe without locks 2051 * 2052 * FIXME: may race normal receive processing 2053 */ 2054 2055 static int tiocsti(struct tty_struct *tty, char __user *p) 2056 { 2057 char ch, mbz = 0; 2058 struct tty_ldisc *ld; 2059 2060 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2061 return -EPERM; 2062 if (get_user(ch, p)) 2063 return -EFAULT; 2064 tty_audit_tiocsti(tty, ch); 2065 ld = tty_ldisc_ref_wait(tty); 2066 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2067 tty_ldisc_deref(ld); 2068 return 0; 2069 } 2070 2071 /** 2072 * tiocgwinsz - implement window query ioctl 2073 * @tty; tty 2074 * @arg: user buffer for result 2075 * 2076 * Copies the kernel idea of the window size into the user buffer. 2077 * 2078 * Locking: tty->termios_mutex is taken to ensure the winsize data 2079 * is consistent. 2080 */ 2081 2082 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2083 { 2084 int err; 2085 2086 mutex_lock(&tty->termios_mutex); 2087 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2088 mutex_unlock(&tty->termios_mutex); 2089 2090 return err ? -EFAULT: 0; 2091 } 2092 2093 /** 2094 * tty_do_resize - resize event 2095 * @tty: tty being resized 2096 * @rows: rows (character) 2097 * @cols: cols (character) 2098 * 2099 * Update the termios variables and send the necessary signals to 2100 * peform a terminal resize correctly 2101 */ 2102 2103 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2104 { 2105 struct pid *pgrp; 2106 unsigned long flags; 2107 2108 /* Lock the tty */ 2109 mutex_lock(&tty->termios_mutex); 2110 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2111 goto done; 2112 /* Get the PID values and reference them so we can 2113 avoid holding the tty ctrl lock while sending signals */ 2114 spin_lock_irqsave(&tty->ctrl_lock, flags); 2115 pgrp = get_pid(tty->pgrp); 2116 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2117 2118 if (pgrp) 2119 kill_pgrp(pgrp, SIGWINCH, 1); 2120 put_pid(pgrp); 2121 2122 tty->winsize = *ws; 2123 done: 2124 mutex_unlock(&tty->termios_mutex); 2125 return 0; 2126 } 2127 2128 /** 2129 * tiocswinsz - implement window size set ioctl 2130 * @tty; tty side of tty 2131 * @arg: user buffer for result 2132 * 2133 * Copies the user idea of the window size to the kernel. Traditionally 2134 * this is just advisory information but for the Linux console it 2135 * actually has driver level meaning and triggers a VC resize. 2136 * 2137 * Locking: 2138 * Driver dependent. The default do_resize method takes the 2139 * tty termios mutex and ctrl_lock. The console takes its own lock 2140 * then calls into the default method. 2141 */ 2142 2143 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2144 { 2145 struct winsize tmp_ws; 2146 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2147 return -EFAULT; 2148 2149 if (tty->ops->resize) 2150 return tty->ops->resize(tty, &tmp_ws); 2151 else 2152 return tty_do_resize(tty, &tmp_ws); 2153 } 2154 2155 /** 2156 * tioccons - allow admin to move logical console 2157 * @file: the file to become console 2158 * 2159 * Allow the administrator to move the redirected console device 2160 * 2161 * Locking: uses redirect_lock to guard the redirect information 2162 */ 2163 2164 static int tioccons(struct file *file) 2165 { 2166 if (!capable(CAP_SYS_ADMIN)) 2167 return -EPERM; 2168 if (file->f_op->write == redirected_tty_write) { 2169 struct file *f; 2170 spin_lock(&redirect_lock); 2171 f = redirect; 2172 redirect = NULL; 2173 spin_unlock(&redirect_lock); 2174 if (f) 2175 fput(f); 2176 return 0; 2177 } 2178 spin_lock(&redirect_lock); 2179 if (redirect) { 2180 spin_unlock(&redirect_lock); 2181 return -EBUSY; 2182 } 2183 get_file(file); 2184 redirect = file; 2185 spin_unlock(&redirect_lock); 2186 return 0; 2187 } 2188 2189 /** 2190 * fionbio - non blocking ioctl 2191 * @file: file to set blocking value 2192 * @p: user parameter 2193 * 2194 * Historical tty interfaces had a blocking control ioctl before 2195 * the generic functionality existed. This piece of history is preserved 2196 * in the expected tty API of posix OS's. 2197 * 2198 * Locking: none, the open file handle ensures it won't go away. 2199 */ 2200 2201 static int fionbio(struct file *file, int __user *p) 2202 { 2203 int nonblock; 2204 2205 if (get_user(nonblock, p)) 2206 return -EFAULT; 2207 2208 spin_lock(&file->f_lock); 2209 if (nonblock) 2210 file->f_flags |= O_NONBLOCK; 2211 else 2212 file->f_flags &= ~O_NONBLOCK; 2213 spin_unlock(&file->f_lock); 2214 return 0; 2215 } 2216 2217 /** 2218 * tiocsctty - set controlling tty 2219 * @tty: tty structure 2220 * @arg: user argument 2221 * 2222 * This ioctl is used to manage job control. It permits a session 2223 * leader to set this tty as the controlling tty for the session. 2224 * 2225 * Locking: 2226 * Takes tty_mutex() to protect tty instance 2227 * Takes tasklist_lock internally to walk sessions 2228 * Takes ->siglock() when updating signal->tty 2229 */ 2230 2231 static int tiocsctty(struct tty_struct *tty, int arg) 2232 { 2233 int ret = 0; 2234 if (current->signal->leader && (task_session(current) == tty->session)) 2235 return ret; 2236 2237 mutex_lock(&tty_mutex); 2238 /* 2239 * The process must be a session leader and 2240 * not have a controlling tty already. 2241 */ 2242 if (!current->signal->leader || current->signal->tty) { 2243 ret = -EPERM; 2244 goto unlock; 2245 } 2246 2247 if (tty->session) { 2248 /* 2249 * This tty is already the controlling 2250 * tty for another session group! 2251 */ 2252 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2253 /* 2254 * Steal it away 2255 */ 2256 read_lock(&tasklist_lock); 2257 session_clear_tty(tty->session); 2258 read_unlock(&tasklist_lock); 2259 } else { 2260 ret = -EPERM; 2261 goto unlock; 2262 } 2263 } 2264 proc_set_tty(current, tty); 2265 unlock: 2266 mutex_unlock(&tty_mutex); 2267 return ret; 2268 } 2269 2270 /** 2271 * tty_get_pgrp - return a ref counted pgrp pid 2272 * @tty: tty to read 2273 * 2274 * Returns a refcounted instance of the pid struct for the process 2275 * group controlling the tty. 2276 */ 2277 2278 struct pid *tty_get_pgrp(struct tty_struct *tty) 2279 { 2280 unsigned long flags; 2281 struct pid *pgrp; 2282 2283 spin_lock_irqsave(&tty->ctrl_lock, flags); 2284 pgrp = get_pid(tty->pgrp); 2285 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2286 2287 return pgrp; 2288 } 2289 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2290 2291 /** 2292 * tiocgpgrp - get process group 2293 * @tty: tty passed by user 2294 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2295 * @p: returned pid 2296 * 2297 * Obtain the process group of the tty. If there is no process group 2298 * return an error. 2299 * 2300 * Locking: none. Reference to current->signal->tty is safe. 2301 */ 2302 2303 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2304 { 2305 struct pid *pid; 2306 int ret; 2307 /* 2308 * (tty == real_tty) is a cheap way of 2309 * testing if the tty is NOT a master pty. 2310 */ 2311 if (tty == real_tty && current->signal->tty != real_tty) 2312 return -ENOTTY; 2313 pid = tty_get_pgrp(real_tty); 2314 ret = put_user(pid_vnr(pid), p); 2315 put_pid(pid); 2316 return ret; 2317 } 2318 2319 /** 2320 * tiocspgrp - attempt to set process group 2321 * @tty: tty passed by user 2322 * @real_tty: tty side device matching tty passed by user 2323 * @p: pid pointer 2324 * 2325 * Set the process group of the tty to the session passed. Only 2326 * permitted where the tty session is our session. 2327 * 2328 * Locking: RCU, ctrl lock 2329 */ 2330 2331 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2332 { 2333 struct pid *pgrp; 2334 pid_t pgrp_nr; 2335 int retval = tty_check_change(real_tty); 2336 unsigned long flags; 2337 2338 if (retval == -EIO) 2339 return -ENOTTY; 2340 if (retval) 2341 return retval; 2342 if (!current->signal->tty || 2343 (current->signal->tty != real_tty) || 2344 (real_tty->session != task_session(current))) 2345 return -ENOTTY; 2346 if (get_user(pgrp_nr, p)) 2347 return -EFAULT; 2348 if (pgrp_nr < 0) 2349 return -EINVAL; 2350 rcu_read_lock(); 2351 pgrp = find_vpid(pgrp_nr); 2352 retval = -ESRCH; 2353 if (!pgrp) 2354 goto out_unlock; 2355 retval = -EPERM; 2356 if (session_of_pgrp(pgrp) != task_session(current)) 2357 goto out_unlock; 2358 retval = 0; 2359 spin_lock_irqsave(&tty->ctrl_lock, flags); 2360 put_pid(real_tty->pgrp); 2361 real_tty->pgrp = get_pid(pgrp); 2362 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2363 out_unlock: 2364 rcu_read_unlock(); 2365 return retval; 2366 } 2367 2368 /** 2369 * tiocgsid - get session id 2370 * @tty: tty passed by user 2371 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2372 * @p: pointer to returned session id 2373 * 2374 * Obtain the session id of the tty. If there is no session 2375 * return an error. 2376 * 2377 * Locking: none. Reference to current->signal->tty is safe. 2378 */ 2379 2380 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2381 { 2382 /* 2383 * (tty == real_tty) is a cheap way of 2384 * testing if the tty is NOT a master pty. 2385 */ 2386 if (tty == real_tty && current->signal->tty != real_tty) 2387 return -ENOTTY; 2388 if (!real_tty->session) 2389 return -ENOTTY; 2390 return put_user(pid_vnr(real_tty->session), p); 2391 } 2392 2393 /** 2394 * tiocsetd - set line discipline 2395 * @tty: tty device 2396 * @p: pointer to user data 2397 * 2398 * Set the line discipline according to user request. 2399 * 2400 * Locking: see tty_set_ldisc, this function is just a helper 2401 */ 2402 2403 static int tiocsetd(struct tty_struct *tty, int __user *p) 2404 { 2405 int ldisc; 2406 int ret; 2407 2408 if (get_user(ldisc, p)) 2409 return -EFAULT; 2410 2411 ret = tty_set_ldisc(tty, ldisc); 2412 2413 return ret; 2414 } 2415 2416 /** 2417 * send_break - performed time break 2418 * @tty: device to break on 2419 * @duration: timeout in mS 2420 * 2421 * Perform a timed break on hardware that lacks its own driver level 2422 * timed break functionality. 2423 * 2424 * Locking: 2425 * atomic_write_lock serializes 2426 * 2427 */ 2428 2429 static int send_break(struct tty_struct *tty, unsigned int duration) 2430 { 2431 int retval; 2432 2433 if (tty->ops->break_ctl == NULL) 2434 return 0; 2435 2436 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2437 retval = tty->ops->break_ctl(tty, duration); 2438 else { 2439 /* Do the work ourselves */ 2440 if (tty_write_lock(tty, 0) < 0) 2441 return -EINTR; 2442 retval = tty->ops->break_ctl(tty, -1); 2443 if (retval) 2444 goto out; 2445 if (!signal_pending(current)) 2446 msleep_interruptible(duration); 2447 retval = tty->ops->break_ctl(tty, 0); 2448 out: 2449 tty_write_unlock(tty); 2450 if (signal_pending(current)) 2451 retval = -EINTR; 2452 } 2453 return retval; 2454 } 2455 2456 /** 2457 * tty_tiocmget - get modem status 2458 * @tty: tty device 2459 * @file: user file pointer 2460 * @p: pointer to result 2461 * 2462 * Obtain the modem status bits from the tty driver if the feature 2463 * is supported. Return -EINVAL if it is not available. 2464 * 2465 * Locking: none (up to the driver) 2466 */ 2467 2468 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2469 { 2470 int retval = -EINVAL; 2471 2472 if (tty->ops->tiocmget) { 2473 retval = tty->ops->tiocmget(tty); 2474 2475 if (retval >= 0) 2476 retval = put_user(retval, p); 2477 } 2478 return retval; 2479 } 2480 2481 /** 2482 * tty_tiocmset - set modem status 2483 * @tty: tty device 2484 * @cmd: command - clear bits, set bits or set all 2485 * @p: pointer to desired bits 2486 * 2487 * Set the modem status bits from the tty driver if the feature 2488 * is supported. Return -EINVAL if it is not available. 2489 * 2490 * Locking: none (up to the driver) 2491 */ 2492 2493 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2494 unsigned __user *p) 2495 { 2496 int retval; 2497 unsigned int set, clear, val; 2498 2499 if (tty->ops->tiocmset == NULL) 2500 return -EINVAL; 2501 2502 retval = get_user(val, p); 2503 if (retval) 2504 return retval; 2505 set = clear = 0; 2506 switch (cmd) { 2507 case TIOCMBIS: 2508 set = val; 2509 break; 2510 case TIOCMBIC: 2511 clear = val; 2512 break; 2513 case TIOCMSET: 2514 set = val; 2515 clear = ~val; 2516 break; 2517 } 2518 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2519 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2520 return tty->ops->tiocmset(tty, set, clear); 2521 } 2522 2523 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2524 { 2525 int retval = -EINVAL; 2526 struct serial_icounter_struct icount; 2527 memset(&icount, 0, sizeof(icount)); 2528 if (tty->ops->get_icount) 2529 retval = tty->ops->get_icount(tty, &icount); 2530 if (retval != 0) 2531 return retval; 2532 if (copy_to_user(arg, &icount, sizeof(icount))) 2533 return -EFAULT; 2534 return 0; 2535 } 2536 2537 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2538 { 2539 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2540 tty->driver->subtype == PTY_TYPE_MASTER) 2541 tty = tty->link; 2542 return tty; 2543 } 2544 EXPORT_SYMBOL(tty_pair_get_tty); 2545 2546 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2547 { 2548 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2549 tty->driver->subtype == PTY_TYPE_MASTER) 2550 return tty; 2551 return tty->link; 2552 } 2553 EXPORT_SYMBOL(tty_pair_get_pty); 2554 2555 /* 2556 * Split this up, as gcc can choke on it otherwise.. 2557 */ 2558 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2559 { 2560 struct tty_struct *tty = file_tty(file); 2561 struct tty_struct *real_tty; 2562 void __user *p = (void __user *)arg; 2563 int retval; 2564 struct tty_ldisc *ld; 2565 struct inode *inode = file->f_dentry->d_inode; 2566 2567 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2568 return -EINVAL; 2569 2570 real_tty = tty_pair_get_tty(tty); 2571 2572 /* 2573 * Factor out some common prep work 2574 */ 2575 switch (cmd) { 2576 case TIOCSETD: 2577 case TIOCSBRK: 2578 case TIOCCBRK: 2579 case TCSBRK: 2580 case TCSBRKP: 2581 retval = tty_check_change(tty); 2582 if (retval) 2583 return retval; 2584 if (cmd != TIOCCBRK) { 2585 tty_wait_until_sent(tty, 0); 2586 if (signal_pending(current)) 2587 return -EINTR; 2588 } 2589 break; 2590 } 2591 2592 /* 2593 * Now do the stuff. 2594 */ 2595 switch (cmd) { 2596 case TIOCSTI: 2597 return tiocsti(tty, p); 2598 case TIOCGWINSZ: 2599 return tiocgwinsz(real_tty, p); 2600 case TIOCSWINSZ: 2601 return tiocswinsz(real_tty, p); 2602 case TIOCCONS: 2603 return real_tty != tty ? -EINVAL : tioccons(file); 2604 case FIONBIO: 2605 return fionbio(file, p); 2606 case TIOCEXCL: 2607 set_bit(TTY_EXCLUSIVE, &tty->flags); 2608 return 0; 2609 case TIOCNXCL: 2610 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2611 return 0; 2612 case TIOCNOTTY: 2613 if (current->signal->tty != tty) 2614 return -ENOTTY; 2615 no_tty(); 2616 return 0; 2617 case TIOCSCTTY: 2618 return tiocsctty(tty, arg); 2619 case TIOCGPGRP: 2620 return tiocgpgrp(tty, real_tty, p); 2621 case TIOCSPGRP: 2622 return tiocspgrp(tty, real_tty, p); 2623 case TIOCGSID: 2624 return tiocgsid(tty, real_tty, p); 2625 case TIOCGETD: 2626 return put_user(tty->ldisc->ops->num, (int __user *)p); 2627 case TIOCSETD: 2628 return tiocsetd(tty, p); 2629 case TIOCVHANGUP: 2630 if (!capable(CAP_SYS_ADMIN)) 2631 return -EPERM; 2632 tty_vhangup(tty); 2633 return 0; 2634 case TIOCGDEV: 2635 { 2636 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2637 return put_user(ret, (unsigned int __user *)p); 2638 } 2639 /* 2640 * Break handling 2641 */ 2642 case TIOCSBRK: /* Turn break on, unconditionally */ 2643 if (tty->ops->break_ctl) 2644 return tty->ops->break_ctl(tty, -1); 2645 return 0; 2646 case TIOCCBRK: /* Turn break off, unconditionally */ 2647 if (tty->ops->break_ctl) 2648 return tty->ops->break_ctl(tty, 0); 2649 return 0; 2650 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2651 /* non-zero arg means wait for all output data 2652 * to be sent (performed above) but don't send break. 2653 * This is used by the tcdrain() termios function. 2654 */ 2655 if (!arg) 2656 return send_break(tty, 250); 2657 return 0; 2658 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2659 return send_break(tty, arg ? arg*100 : 250); 2660 2661 case TIOCMGET: 2662 return tty_tiocmget(tty, p); 2663 case TIOCMSET: 2664 case TIOCMBIC: 2665 case TIOCMBIS: 2666 return tty_tiocmset(tty, cmd, p); 2667 case TIOCGICOUNT: 2668 retval = tty_tiocgicount(tty, p); 2669 /* For the moment allow fall through to the old method */ 2670 if (retval != -EINVAL) 2671 return retval; 2672 break; 2673 case TCFLSH: 2674 switch (arg) { 2675 case TCIFLUSH: 2676 case TCIOFLUSH: 2677 /* flush tty buffer and allow ldisc to process ioctl */ 2678 tty_buffer_flush(tty); 2679 break; 2680 } 2681 break; 2682 } 2683 if (tty->ops->ioctl) { 2684 retval = (tty->ops->ioctl)(tty, cmd, arg); 2685 if (retval != -ENOIOCTLCMD) 2686 return retval; 2687 } 2688 ld = tty_ldisc_ref_wait(tty); 2689 retval = -EINVAL; 2690 if (ld->ops->ioctl) { 2691 retval = ld->ops->ioctl(tty, file, cmd, arg); 2692 if (retval == -ENOIOCTLCMD) 2693 retval = -EINVAL; 2694 } 2695 tty_ldisc_deref(ld); 2696 return retval; 2697 } 2698 2699 #ifdef CONFIG_COMPAT 2700 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2701 unsigned long arg) 2702 { 2703 struct inode *inode = file->f_dentry->d_inode; 2704 struct tty_struct *tty = file_tty(file); 2705 struct tty_ldisc *ld; 2706 int retval = -ENOIOCTLCMD; 2707 2708 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2709 return -EINVAL; 2710 2711 if (tty->ops->compat_ioctl) { 2712 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2713 if (retval != -ENOIOCTLCMD) 2714 return retval; 2715 } 2716 2717 ld = tty_ldisc_ref_wait(tty); 2718 if (ld->ops->compat_ioctl) 2719 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2720 tty_ldisc_deref(ld); 2721 2722 return retval; 2723 } 2724 #endif 2725 2726 /* 2727 * This implements the "Secure Attention Key" --- the idea is to 2728 * prevent trojan horses by killing all processes associated with this 2729 * tty when the user hits the "Secure Attention Key". Required for 2730 * super-paranoid applications --- see the Orange Book for more details. 2731 * 2732 * This code could be nicer; ideally it should send a HUP, wait a few 2733 * seconds, then send a INT, and then a KILL signal. But you then 2734 * have to coordinate with the init process, since all processes associated 2735 * with the current tty must be dead before the new getty is allowed 2736 * to spawn. 2737 * 2738 * Now, if it would be correct ;-/ The current code has a nasty hole - 2739 * it doesn't catch files in flight. We may send the descriptor to ourselves 2740 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2741 * 2742 * Nasty bug: do_SAK is being called in interrupt context. This can 2743 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2744 */ 2745 void __do_SAK(struct tty_struct *tty) 2746 { 2747 #ifdef TTY_SOFT_SAK 2748 tty_hangup(tty); 2749 #else 2750 struct task_struct *g, *p; 2751 struct pid *session; 2752 int i; 2753 struct file *filp; 2754 struct fdtable *fdt; 2755 2756 if (!tty) 2757 return; 2758 session = tty->session; 2759 2760 tty_ldisc_flush(tty); 2761 2762 tty_driver_flush_buffer(tty); 2763 2764 read_lock(&tasklist_lock); 2765 /* Kill the entire session */ 2766 do_each_pid_task(session, PIDTYPE_SID, p) { 2767 printk(KERN_NOTICE "SAK: killed process %d" 2768 " (%s): task_session(p)==tty->session\n", 2769 task_pid_nr(p), p->comm); 2770 send_sig(SIGKILL, p, 1); 2771 } while_each_pid_task(session, PIDTYPE_SID, p); 2772 /* Now kill any processes that happen to have the 2773 * tty open. 2774 */ 2775 do_each_thread(g, p) { 2776 if (p->signal->tty == tty) { 2777 printk(KERN_NOTICE "SAK: killed process %d" 2778 " (%s): task_session(p)==tty->session\n", 2779 task_pid_nr(p), p->comm); 2780 send_sig(SIGKILL, p, 1); 2781 continue; 2782 } 2783 task_lock(p); 2784 if (p->files) { 2785 /* 2786 * We don't take a ref to the file, so we must 2787 * hold ->file_lock instead. 2788 */ 2789 spin_lock(&p->files->file_lock); 2790 fdt = files_fdtable(p->files); 2791 for (i = 0; i < fdt->max_fds; i++) { 2792 filp = fcheck_files(p->files, i); 2793 if (!filp) 2794 continue; 2795 if (filp->f_op->read == tty_read && 2796 file_tty(filp) == tty) { 2797 printk(KERN_NOTICE "SAK: killed process %d" 2798 " (%s): fd#%d opened to the tty\n", 2799 task_pid_nr(p), p->comm, i); 2800 force_sig(SIGKILL, p); 2801 break; 2802 } 2803 } 2804 spin_unlock(&p->files->file_lock); 2805 } 2806 task_unlock(p); 2807 } while_each_thread(g, p); 2808 read_unlock(&tasklist_lock); 2809 #endif 2810 } 2811 2812 static void do_SAK_work(struct work_struct *work) 2813 { 2814 struct tty_struct *tty = 2815 container_of(work, struct tty_struct, SAK_work); 2816 __do_SAK(tty); 2817 } 2818 2819 /* 2820 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2821 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2822 * the values which we write to it will be identical to the values which it 2823 * already has. --akpm 2824 */ 2825 void do_SAK(struct tty_struct *tty) 2826 { 2827 if (!tty) 2828 return; 2829 schedule_work(&tty->SAK_work); 2830 } 2831 2832 EXPORT_SYMBOL(do_SAK); 2833 2834 static int dev_match_devt(struct device *dev, void *data) 2835 { 2836 dev_t *devt = data; 2837 return dev->devt == *devt; 2838 } 2839 2840 /* Must put_device() after it's unused! */ 2841 static struct device *tty_get_device(struct tty_struct *tty) 2842 { 2843 dev_t devt = tty_devnum(tty); 2844 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2845 } 2846 2847 2848 /** 2849 * initialize_tty_struct 2850 * @tty: tty to initialize 2851 * 2852 * This subroutine initializes a tty structure that has been newly 2853 * allocated. 2854 * 2855 * Locking: none - tty in question must not be exposed at this point 2856 */ 2857 2858 void initialize_tty_struct(struct tty_struct *tty, 2859 struct tty_driver *driver, int idx) 2860 { 2861 memset(tty, 0, sizeof(struct tty_struct)); 2862 kref_init(&tty->kref); 2863 tty->magic = TTY_MAGIC; 2864 tty_ldisc_init(tty); 2865 tty->session = NULL; 2866 tty->pgrp = NULL; 2867 tty->overrun_time = jiffies; 2868 tty->buf.head = tty->buf.tail = NULL; 2869 tty_buffer_init(tty); 2870 mutex_init(&tty->termios_mutex); 2871 mutex_init(&tty->ldisc_mutex); 2872 init_waitqueue_head(&tty->write_wait); 2873 init_waitqueue_head(&tty->read_wait); 2874 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2875 mutex_init(&tty->atomic_read_lock); 2876 mutex_init(&tty->atomic_write_lock); 2877 mutex_init(&tty->output_lock); 2878 mutex_init(&tty->echo_lock); 2879 spin_lock_init(&tty->read_lock); 2880 spin_lock_init(&tty->ctrl_lock); 2881 INIT_LIST_HEAD(&tty->tty_files); 2882 INIT_WORK(&tty->SAK_work, do_SAK_work); 2883 2884 tty->driver = driver; 2885 tty->ops = driver->ops; 2886 tty->index = idx; 2887 tty_line_name(driver, idx, tty->name); 2888 tty->dev = tty_get_device(tty); 2889 } 2890 2891 /** 2892 * deinitialize_tty_struct 2893 * @tty: tty to deinitialize 2894 * 2895 * This subroutine deinitializes a tty structure that has been newly 2896 * allocated but tty_release cannot be called on that yet. 2897 * 2898 * Locking: none - tty in question must not be exposed at this point 2899 */ 2900 void deinitialize_tty_struct(struct tty_struct *tty) 2901 { 2902 tty_ldisc_deinit(tty); 2903 } 2904 2905 /** 2906 * tty_put_char - write one character to a tty 2907 * @tty: tty 2908 * @ch: character 2909 * 2910 * Write one byte to the tty using the provided put_char method 2911 * if present. Returns the number of characters successfully output. 2912 * 2913 * Note: the specific put_char operation in the driver layer may go 2914 * away soon. Don't call it directly, use this method 2915 */ 2916 2917 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2918 { 2919 if (tty->ops->put_char) 2920 return tty->ops->put_char(tty, ch); 2921 return tty->ops->write(tty, &ch, 1); 2922 } 2923 EXPORT_SYMBOL_GPL(tty_put_char); 2924 2925 struct class *tty_class; 2926 2927 /** 2928 * tty_register_device - register a tty device 2929 * @driver: the tty driver that describes the tty device 2930 * @index: the index in the tty driver for this tty device 2931 * @device: a struct device that is associated with this tty device. 2932 * This field is optional, if there is no known struct device 2933 * for this tty device it can be set to NULL safely. 2934 * 2935 * Returns a pointer to the struct device for this tty device 2936 * (or ERR_PTR(-EFOO) on error). 2937 * 2938 * This call is required to be made to register an individual tty device 2939 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 2940 * that bit is not set, this function should not be called by a tty 2941 * driver. 2942 * 2943 * Locking: ?? 2944 */ 2945 2946 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 2947 struct device *device) 2948 { 2949 char name[64]; 2950 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 2951 2952 if (index >= driver->num) { 2953 printk(KERN_ERR "Attempt to register invalid tty line number " 2954 " (%d).\n", index); 2955 return ERR_PTR(-EINVAL); 2956 } 2957 2958 if (driver->type == TTY_DRIVER_TYPE_PTY) 2959 pty_line_name(driver, index, name); 2960 else 2961 tty_line_name(driver, index, name); 2962 2963 return device_create(tty_class, device, dev, NULL, name); 2964 } 2965 EXPORT_SYMBOL(tty_register_device); 2966 2967 /** 2968 * tty_unregister_device - unregister a tty device 2969 * @driver: the tty driver that describes the tty device 2970 * @index: the index in the tty driver for this tty device 2971 * 2972 * If a tty device is registered with a call to tty_register_device() then 2973 * this function must be called when the tty device is gone. 2974 * 2975 * Locking: ?? 2976 */ 2977 2978 void tty_unregister_device(struct tty_driver *driver, unsigned index) 2979 { 2980 device_destroy(tty_class, 2981 MKDEV(driver->major, driver->minor_start) + index); 2982 } 2983 EXPORT_SYMBOL(tty_unregister_device); 2984 2985 struct tty_driver *alloc_tty_driver(int lines) 2986 { 2987 struct tty_driver *driver; 2988 2989 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 2990 if (driver) { 2991 kref_init(&driver->kref); 2992 driver->magic = TTY_DRIVER_MAGIC; 2993 driver->num = lines; 2994 /* later we'll move allocation of tables here */ 2995 } 2996 return driver; 2997 } 2998 EXPORT_SYMBOL(alloc_tty_driver); 2999 3000 static void destruct_tty_driver(struct kref *kref) 3001 { 3002 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3003 int i; 3004 struct ktermios *tp; 3005 void *p; 3006 3007 if (driver->flags & TTY_DRIVER_INSTALLED) { 3008 /* 3009 * Free the termios and termios_locked structures because 3010 * we don't want to get memory leaks when modular tty 3011 * drivers are removed from the kernel. 3012 */ 3013 for (i = 0; i < driver->num; i++) { 3014 tp = driver->termios[i]; 3015 if (tp) { 3016 driver->termios[i] = NULL; 3017 kfree(tp); 3018 } 3019 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3020 tty_unregister_device(driver, i); 3021 } 3022 p = driver->ttys; 3023 proc_tty_unregister_driver(driver); 3024 driver->ttys = NULL; 3025 driver->termios = NULL; 3026 kfree(p); 3027 cdev_del(&driver->cdev); 3028 } 3029 kfree(driver); 3030 } 3031 3032 void tty_driver_kref_put(struct tty_driver *driver) 3033 { 3034 kref_put(&driver->kref, destruct_tty_driver); 3035 } 3036 EXPORT_SYMBOL(tty_driver_kref_put); 3037 3038 void tty_set_operations(struct tty_driver *driver, 3039 const struct tty_operations *op) 3040 { 3041 driver->ops = op; 3042 }; 3043 EXPORT_SYMBOL(tty_set_operations); 3044 3045 void put_tty_driver(struct tty_driver *d) 3046 { 3047 tty_driver_kref_put(d); 3048 } 3049 EXPORT_SYMBOL(put_tty_driver); 3050 3051 /* 3052 * Called by a tty driver to register itself. 3053 */ 3054 int tty_register_driver(struct tty_driver *driver) 3055 { 3056 int error; 3057 int i; 3058 dev_t dev; 3059 void **p = NULL; 3060 struct device *d; 3061 3062 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3063 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3064 if (!p) 3065 return -ENOMEM; 3066 } 3067 3068 if (!driver->major) { 3069 error = alloc_chrdev_region(&dev, driver->minor_start, 3070 driver->num, driver->name); 3071 if (!error) { 3072 driver->major = MAJOR(dev); 3073 driver->minor_start = MINOR(dev); 3074 } 3075 } else { 3076 dev = MKDEV(driver->major, driver->minor_start); 3077 error = register_chrdev_region(dev, driver->num, driver->name); 3078 } 3079 if (error < 0) { 3080 kfree(p); 3081 return error; 3082 } 3083 3084 if (p) { 3085 driver->ttys = (struct tty_struct **)p; 3086 driver->termios = (struct ktermios **)(p + driver->num); 3087 } else { 3088 driver->ttys = NULL; 3089 driver->termios = NULL; 3090 } 3091 3092 cdev_init(&driver->cdev, &tty_fops); 3093 driver->cdev.owner = driver->owner; 3094 error = cdev_add(&driver->cdev, dev, driver->num); 3095 if (error) { 3096 unregister_chrdev_region(dev, driver->num); 3097 driver->ttys = NULL; 3098 driver->termios = NULL; 3099 kfree(p); 3100 return error; 3101 } 3102 3103 mutex_lock(&tty_mutex); 3104 list_add(&driver->tty_drivers, &tty_drivers); 3105 mutex_unlock(&tty_mutex); 3106 3107 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3108 for (i = 0; i < driver->num; i++) { 3109 d = tty_register_device(driver, i, NULL); 3110 if (IS_ERR(d)) { 3111 error = PTR_ERR(d); 3112 goto err; 3113 } 3114 } 3115 } 3116 proc_tty_register_driver(driver); 3117 driver->flags |= TTY_DRIVER_INSTALLED; 3118 return 0; 3119 3120 err: 3121 for (i--; i >= 0; i--) 3122 tty_unregister_device(driver, i); 3123 3124 mutex_lock(&tty_mutex); 3125 list_del(&driver->tty_drivers); 3126 mutex_unlock(&tty_mutex); 3127 3128 unregister_chrdev_region(dev, driver->num); 3129 driver->ttys = NULL; 3130 driver->termios = NULL; 3131 kfree(p); 3132 return error; 3133 } 3134 3135 EXPORT_SYMBOL(tty_register_driver); 3136 3137 /* 3138 * Called by a tty driver to unregister itself. 3139 */ 3140 int tty_unregister_driver(struct tty_driver *driver) 3141 { 3142 #if 0 3143 /* FIXME */ 3144 if (driver->refcount) 3145 return -EBUSY; 3146 #endif 3147 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3148 driver->num); 3149 mutex_lock(&tty_mutex); 3150 list_del(&driver->tty_drivers); 3151 mutex_unlock(&tty_mutex); 3152 return 0; 3153 } 3154 3155 EXPORT_SYMBOL(tty_unregister_driver); 3156 3157 dev_t tty_devnum(struct tty_struct *tty) 3158 { 3159 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3160 } 3161 EXPORT_SYMBOL(tty_devnum); 3162 3163 void proc_clear_tty(struct task_struct *p) 3164 { 3165 unsigned long flags; 3166 struct tty_struct *tty; 3167 spin_lock_irqsave(&p->sighand->siglock, flags); 3168 tty = p->signal->tty; 3169 p->signal->tty = NULL; 3170 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3171 tty_kref_put(tty); 3172 } 3173 3174 /* Called under the sighand lock */ 3175 3176 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3177 { 3178 if (tty) { 3179 unsigned long flags; 3180 /* We should not have a session or pgrp to put here but.... */ 3181 spin_lock_irqsave(&tty->ctrl_lock, flags); 3182 put_pid(tty->session); 3183 put_pid(tty->pgrp); 3184 tty->pgrp = get_pid(task_pgrp(tsk)); 3185 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3186 tty->session = get_pid(task_session(tsk)); 3187 if (tsk->signal->tty) { 3188 printk(KERN_DEBUG "tty not NULL!!\n"); 3189 tty_kref_put(tsk->signal->tty); 3190 } 3191 } 3192 put_pid(tsk->signal->tty_old_pgrp); 3193 tsk->signal->tty = tty_kref_get(tty); 3194 tsk->signal->tty_old_pgrp = NULL; 3195 } 3196 3197 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3198 { 3199 spin_lock_irq(&tsk->sighand->siglock); 3200 __proc_set_tty(tsk, tty); 3201 spin_unlock_irq(&tsk->sighand->siglock); 3202 } 3203 3204 struct tty_struct *get_current_tty(void) 3205 { 3206 struct tty_struct *tty; 3207 unsigned long flags; 3208 3209 spin_lock_irqsave(¤t->sighand->siglock, flags); 3210 tty = tty_kref_get(current->signal->tty); 3211 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3212 return tty; 3213 } 3214 EXPORT_SYMBOL_GPL(get_current_tty); 3215 3216 void tty_default_fops(struct file_operations *fops) 3217 { 3218 *fops = tty_fops; 3219 } 3220 3221 /* 3222 * Initialize the console device. This is called *early*, so 3223 * we can't necessarily depend on lots of kernel help here. 3224 * Just do some early initializations, and do the complex setup 3225 * later. 3226 */ 3227 void __init console_init(void) 3228 { 3229 initcall_t *call; 3230 3231 /* Setup the default TTY line discipline. */ 3232 tty_ldisc_begin(); 3233 3234 /* 3235 * set up the console device so that later boot sequences can 3236 * inform about problems etc.. 3237 */ 3238 call = __con_initcall_start; 3239 while (call < __con_initcall_end) { 3240 (*call)(); 3241 call++; 3242 } 3243 } 3244 3245 static char *tty_devnode(struct device *dev, mode_t *mode) 3246 { 3247 if (!mode) 3248 return NULL; 3249 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3250 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3251 *mode = 0666; 3252 return NULL; 3253 } 3254 3255 static int __init tty_class_init(void) 3256 { 3257 tty_class = class_create(THIS_MODULE, "tty"); 3258 if (IS_ERR(tty_class)) 3259 return PTR_ERR(tty_class); 3260 tty_class->devnode = tty_devnode; 3261 return 0; 3262 } 3263 3264 postcore_initcall(tty_class_init); 3265 3266 /* 3/2004 jmc: why do these devices exist? */ 3267 static struct cdev tty_cdev, console_cdev; 3268 3269 static ssize_t show_cons_active(struct device *dev, 3270 struct device_attribute *attr, char *buf) 3271 { 3272 struct console *cs[16]; 3273 int i = 0; 3274 struct console *c; 3275 ssize_t count = 0; 3276 3277 console_lock(); 3278 for_each_console(c) { 3279 if (!c->device) 3280 continue; 3281 if (!c->write) 3282 continue; 3283 if ((c->flags & CON_ENABLED) == 0) 3284 continue; 3285 cs[i++] = c; 3286 if (i >= ARRAY_SIZE(cs)) 3287 break; 3288 } 3289 while (i--) 3290 count += sprintf(buf + count, "%s%d%c", 3291 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3292 console_unlock(); 3293 3294 return count; 3295 } 3296 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3297 3298 static struct device *consdev; 3299 3300 void console_sysfs_notify(void) 3301 { 3302 if (consdev) 3303 sysfs_notify(&consdev->kobj, NULL, "active"); 3304 } 3305 3306 /* 3307 * Ok, now we can initialize the rest of the tty devices and can count 3308 * on memory allocations, interrupts etc.. 3309 */ 3310 int __init tty_init(void) 3311 { 3312 cdev_init(&tty_cdev, &tty_fops); 3313 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3314 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3315 panic("Couldn't register /dev/tty driver\n"); 3316 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3317 3318 cdev_init(&console_cdev, &console_fops); 3319 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3320 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3321 panic("Couldn't register /dev/console driver\n"); 3322 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3323 "console"); 3324 if (IS_ERR(consdev)) 3325 consdev = NULL; 3326 else 3327 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3328 3329 #ifdef CONFIG_VT 3330 vty_init(&console_fops); 3331 #endif 3332 return 0; 3333 } 3334 3335