1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 110 #define TTY_PARANOIA_CHECK 1 111 #define CHECK_TTY_COUNT 1 112 113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 114 .c_iflag = ICRNL | IXON, 115 .c_oflag = OPOST | ONLCR, 116 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 118 ECHOCTL | ECHOKE | IEXTEN, 119 .c_cc = INIT_C_CC, 120 .c_ispeed = 38400, 121 .c_ospeed = 38400 122 }; 123 124 EXPORT_SYMBOL(tty_std_termios); 125 126 /* This list gets poked at by procfs and various bits of boot up code. This 127 could do with some rationalisation such as pulling the tty proc function 128 into this file */ 129 130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 131 132 /* Mutex to protect creating and releasing a tty. This is shared with 133 vt.c for deeply disgusting hack reasons */ 134 DEFINE_MUTEX(tty_mutex); 135 EXPORT_SYMBOL(tty_mutex); 136 137 /* Spinlock to protect the tty->tty_files list */ 138 DEFINE_SPINLOCK(tty_files_lock); 139 140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 142 ssize_t redirected_tty_write(struct file *, const char __user *, 143 size_t, loff_t *); 144 static unsigned int tty_poll(struct file *, poll_table *); 145 static int tty_open(struct inode *, struct file *); 146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 147 #ifdef CONFIG_COMPAT 148 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 149 unsigned long arg); 150 #else 151 #define tty_compat_ioctl NULL 152 #endif 153 static int __tty_fasync(int fd, struct file *filp, int on); 154 static int tty_fasync(int fd, struct file *filp, int on); 155 static void release_tty(struct tty_struct *tty, int idx); 156 157 /** 158 * free_tty_struct - free a disused tty 159 * @tty: tty struct to free 160 * 161 * Free the write buffers, tty queue and tty memory itself. 162 * 163 * Locking: none. Must be called after tty is definitely unused 164 */ 165 166 void free_tty_struct(struct tty_struct *tty) 167 { 168 if (!tty) 169 return; 170 put_device(tty->dev); 171 kfree(tty->write_buf); 172 tty->magic = 0xDEADDEAD; 173 kfree(tty); 174 } 175 176 static inline struct tty_struct *file_tty(struct file *file) 177 { 178 return ((struct tty_file_private *)file->private_data)->tty; 179 } 180 181 int tty_alloc_file(struct file *file) 182 { 183 struct tty_file_private *priv; 184 185 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 186 if (!priv) 187 return -ENOMEM; 188 189 file->private_data = priv; 190 191 return 0; 192 } 193 194 /* Associate a new file with the tty structure */ 195 void tty_add_file(struct tty_struct *tty, struct file *file) 196 { 197 struct tty_file_private *priv = file->private_data; 198 199 priv->tty = tty; 200 priv->file = file; 201 202 spin_lock(&tty_files_lock); 203 list_add(&priv->list, &tty->tty_files); 204 spin_unlock(&tty_files_lock); 205 } 206 207 /** 208 * tty_free_file - free file->private_data 209 * 210 * This shall be used only for fail path handling when tty_add_file was not 211 * called yet. 212 */ 213 void tty_free_file(struct file *file) 214 { 215 struct tty_file_private *priv = file->private_data; 216 217 file->private_data = NULL; 218 kfree(priv); 219 } 220 221 /* Delete file from its tty */ 222 static void tty_del_file(struct file *file) 223 { 224 struct tty_file_private *priv = file->private_data; 225 226 spin_lock(&tty_files_lock); 227 list_del(&priv->list); 228 spin_unlock(&tty_files_lock); 229 tty_free_file(file); 230 } 231 232 233 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 234 235 /** 236 * tty_name - return tty naming 237 * @tty: tty structure 238 * @buf: buffer for output 239 * 240 * Convert a tty structure into a name. The name reflects the kernel 241 * naming policy and if udev is in use may not reflect user space 242 * 243 * Locking: none 244 */ 245 246 char *tty_name(struct tty_struct *tty, char *buf) 247 { 248 if (!tty) /* Hmm. NULL pointer. That's fun. */ 249 strcpy(buf, "NULL tty"); 250 else 251 strcpy(buf, tty->name); 252 return buf; 253 } 254 255 EXPORT_SYMBOL(tty_name); 256 257 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 258 const char *routine) 259 { 260 #ifdef TTY_PARANOIA_CHECK 261 if (!tty) { 262 printk(KERN_WARNING 263 "null TTY for (%d:%d) in %s\n", 264 imajor(inode), iminor(inode), routine); 265 return 1; 266 } 267 if (tty->magic != TTY_MAGIC) { 268 printk(KERN_WARNING 269 "bad magic number for tty struct (%d:%d) in %s\n", 270 imajor(inode), iminor(inode), routine); 271 return 1; 272 } 273 #endif 274 return 0; 275 } 276 277 /* Caller must hold tty_lock */ 278 static int check_tty_count(struct tty_struct *tty, const char *routine) 279 { 280 #ifdef CHECK_TTY_COUNT 281 struct list_head *p; 282 int count = 0; 283 284 spin_lock(&tty_files_lock); 285 list_for_each(p, &tty->tty_files) { 286 count++; 287 } 288 spin_unlock(&tty_files_lock); 289 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 290 tty->driver->subtype == PTY_TYPE_SLAVE && 291 tty->link && tty->link->count) 292 count++; 293 if (tty->count != count) { 294 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 295 "!= #fd's(%d) in %s\n", 296 tty->name, tty->count, count, routine); 297 return count; 298 } 299 #endif 300 return 0; 301 } 302 303 /** 304 * get_tty_driver - find device of a tty 305 * @dev_t: device identifier 306 * @index: returns the index of the tty 307 * 308 * This routine returns a tty driver structure, given a device number 309 * and also passes back the index number. 310 * 311 * Locking: caller must hold tty_mutex 312 */ 313 314 static struct tty_driver *get_tty_driver(dev_t device, int *index) 315 { 316 struct tty_driver *p; 317 318 list_for_each_entry(p, &tty_drivers, tty_drivers) { 319 dev_t base = MKDEV(p->major, p->minor_start); 320 if (device < base || device >= base + p->num) 321 continue; 322 *index = device - base; 323 return tty_driver_kref_get(p); 324 } 325 return NULL; 326 } 327 328 #ifdef CONFIG_CONSOLE_POLL 329 330 /** 331 * tty_find_polling_driver - find device of a polled tty 332 * @name: name string to match 333 * @line: pointer to resulting tty line nr 334 * 335 * This routine returns a tty driver structure, given a name 336 * and the condition that the tty driver is capable of polled 337 * operation. 338 */ 339 struct tty_driver *tty_find_polling_driver(char *name, int *line) 340 { 341 struct tty_driver *p, *res = NULL; 342 int tty_line = 0; 343 int len; 344 char *str, *stp; 345 346 for (str = name; *str; str++) 347 if ((*str >= '0' && *str <= '9') || *str == ',') 348 break; 349 if (!*str) 350 return NULL; 351 352 len = str - name; 353 tty_line = simple_strtoul(str, &str, 10); 354 355 mutex_lock(&tty_mutex); 356 /* Search through the tty devices to look for a match */ 357 list_for_each_entry(p, &tty_drivers, tty_drivers) { 358 if (strncmp(name, p->name, len) != 0) 359 continue; 360 stp = str; 361 if (*stp == ',') 362 stp++; 363 if (*stp == '\0') 364 stp = NULL; 365 366 if (tty_line >= 0 && tty_line < p->num && p->ops && 367 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 368 res = tty_driver_kref_get(p); 369 *line = tty_line; 370 break; 371 } 372 } 373 mutex_unlock(&tty_mutex); 374 375 return res; 376 } 377 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 378 #endif 379 380 /** 381 * tty_check_change - check for POSIX terminal changes 382 * @tty: tty to check 383 * 384 * If we try to write to, or set the state of, a terminal and we're 385 * not in the foreground, send a SIGTTOU. If the signal is blocked or 386 * ignored, go ahead and perform the operation. (POSIX 7.2) 387 * 388 * Locking: ctrl_lock 389 */ 390 391 int tty_check_change(struct tty_struct *tty) 392 { 393 unsigned long flags; 394 int ret = 0; 395 396 if (current->signal->tty != tty) 397 return 0; 398 399 spin_lock_irqsave(&tty->ctrl_lock, flags); 400 401 if (!tty->pgrp) { 402 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 403 goto out_unlock; 404 } 405 if (task_pgrp(current) == tty->pgrp) 406 goto out_unlock; 407 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 408 if (is_ignored(SIGTTOU)) 409 goto out; 410 if (is_current_pgrp_orphaned()) { 411 ret = -EIO; 412 goto out; 413 } 414 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 415 set_thread_flag(TIF_SIGPENDING); 416 ret = -ERESTARTSYS; 417 out: 418 return ret; 419 out_unlock: 420 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 421 return ret; 422 } 423 424 EXPORT_SYMBOL(tty_check_change); 425 426 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 427 size_t count, loff_t *ppos) 428 { 429 return 0; 430 } 431 432 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 433 size_t count, loff_t *ppos) 434 { 435 return -EIO; 436 } 437 438 /* No kernel lock held - none needed ;) */ 439 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 440 { 441 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 442 } 443 444 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 445 unsigned long arg) 446 { 447 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 448 } 449 450 static long hung_up_tty_compat_ioctl(struct file *file, 451 unsigned int cmd, unsigned long arg) 452 { 453 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 454 } 455 456 static const struct file_operations tty_fops = { 457 .llseek = no_llseek, 458 .read = tty_read, 459 .write = tty_write, 460 .poll = tty_poll, 461 .unlocked_ioctl = tty_ioctl, 462 .compat_ioctl = tty_compat_ioctl, 463 .open = tty_open, 464 .release = tty_release, 465 .fasync = tty_fasync, 466 }; 467 468 static const struct file_operations console_fops = { 469 .llseek = no_llseek, 470 .read = tty_read, 471 .write = redirected_tty_write, 472 .poll = tty_poll, 473 .unlocked_ioctl = tty_ioctl, 474 .compat_ioctl = tty_compat_ioctl, 475 .open = tty_open, 476 .release = tty_release, 477 .fasync = tty_fasync, 478 }; 479 480 static const struct file_operations hung_up_tty_fops = { 481 .llseek = no_llseek, 482 .read = hung_up_tty_read, 483 .write = hung_up_tty_write, 484 .poll = hung_up_tty_poll, 485 .unlocked_ioctl = hung_up_tty_ioctl, 486 .compat_ioctl = hung_up_tty_compat_ioctl, 487 .release = tty_release, 488 }; 489 490 static DEFINE_SPINLOCK(redirect_lock); 491 static struct file *redirect; 492 493 494 void proc_clear_tty(struct task_struct *p) 495 { 496 unsigned long flags; 497 struct tty_struct *tty; 498 spin_lock_irqsave(&p->sighand->siglock, flags); 499 tty = p->signal->tty; 500 p->signal->tty = NULL; 501 spin_unlock_irqrestore(&p->sighand->siglock, flags); 502 tty_kref_put(tty); 503 } 504 505 /** 506 * proc_set_tty - set the controlling terminal 507 * 508 * Only callable by the session leader and only if it does not already have 509 * a controlling terminal. 510 * 511 * Caller must hold: tty_lock() 512 * a readlock on tasklist_lock 513 * sighand lock 514 */ 515 static void __proc_set_tty(struct tty_struct *tty) 516 { 517 unsigned long flags; 518 519 spin_lock_irqsave(&tty->ctrl_lock, flags); 520 /* 521 * The session and fg pgrp references will be non-NULL if 522 * tiocsctty() is stealing the controlling tty 523 */ 524 put_pid(tty->session); 525 put_pid(tty->pgrp); 526 tty->pgrp = get_pid(task_pgrp(current)); 527 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 528 tty->session = get_pid(task_session(current)); 529 if (current->signal->tty) { 530 printk(KERN_DEBUG "tty not NULL!!\n"); 531 tty_kref_put(current->signal->tty); 532 } 533 put_pid(current->signal->tty_old_pgrp); 534 current->signal->tty = tty_kref_get(tty); 535 current->signal->tty_old_pgrp = NULL; 536 } 537 538 static void proc_set_tty(struct tty_struct *tty) 539 { 540 spin_lock_irq(¤t->sighand->siglock); 541 __proc_set_tty(tty); 542 spin_unlock_irq(¤t->sighand->siglock); 543 } 544 545 struct tty_struct *get_current_tty(void) 546 { 547 struct tty_struct *tty; 548 unsigned long flags; 549 550 spin_lock_irqsave(¤t->sighand->siglock, flags); 551 tty = tty_kref_get(current->signal->tty); 552 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 553 return tty; 554 } 555 EXPORT_SYMBOL_GPL(get_current_tty); 556 557 static void session_clear_tty(struct pid *session) 558 { 559 struct task_struct *p; 560 do_each_pid_task(session, PIDTYPE_SID, p) { 561 proc_clear_tty(p); 562 } while_each_pid_task(session, PIDTYPE_SID, p); 563 } 564 565 /** 566 * tty_wakeup - request more data 567 * @tty: terminal 568 * 569 * Internal and external helper for wakeups of tty. This function 570 * informs the line discipline if present that the driver is ready 571 * to receive more output data. 572 */ 573 574 void tty_wakeup(struct tty_struct *tty) 575 { 576 struct tty_ldisc *ld; 577 578 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 579 ld = tty_ldisc_ref(tty); 580 if (ld) { 581 if (ld->ops->write_wakeup) 582 ld->ops->write_wakeup(tty); 583 tty_ldisc_deref(ld); 584 } 585 } 586 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 587 } 588 589 EXPORT_SYMBOL_GPL(tty_wakeup); 590 591 /** 592 * tty_signal_session_leader - sends SIGHUP to session leader 593 * @tty controlling tty 594 * @exit_session if non-zero, signal all foreground group processes 595 * 596 * Send SIGHUP and SIGCONT to the session leader and its process group. 597 * Optionally, signal all processes in the foreground process group. 598 * 599 * Returns the number of processes in the session with this tty 600 * as their controlling terminal. This value is used to drop 601 * tty references for those processes. 602 */ 603 static int tty_signal_session_leader(struct tty_struct *tty, int exit_session) 604 { 605 struct task_struct *p; 606 int refs = 0; 607 struct pid *tty_pgrp = NULL; 608 609 read_lock(&tasklist_lock); 610 if (tty->session) { 611 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 612 spin_lock_irq(&p->sighand->siglock); 613 if (p->signal->tty == tty) { 614 p->signal->tty = NULL; 615 /* We defer the dereferences outside fo 616 the tasklist lock */ 617 refs++; 618 } 619 if (!p->signal->leader) { 620 spin_unlock_irq(&p->sighand->siglock); 621 continue; 622 } 623 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 624 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 625 put_pid(p->signal->tty_old_pgrp); /* A noop */ 626 spin_lock(&tty->ctrl_lock); 627 tty_pgrp = get_pid(tty->pgrp); 628 if (tty->pgrp) 629 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 630 spin_unlock(&tty->ctrl_lock); 631 spin_unlock_irq(&p->sighand->siglock); 632 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 633 } 634 read_unlock(&tasklist_lock); 635 636 if (tty_pgrp) { 637 if (exit_session) 638 kill_pgrp(tty_pgrp, SIGHUP, exit_session); 639 put_pid(tty_pgrp); 640 } 641 642 return refs; 643 } 644 645 /** 646 * __tty_hangup - actual handler for hangup events 647 * @work: tty device 648 * 649 * This can be called by a "kworker" kernel thread. That is process 650 * synchronous but doesn't hold any locks, so we need to make sure we 651 * have the appropriate locks for what we're doing. 652 * 653 * The hangup event clears any pending redirections onto the hung up 654 * device. It ensures future writes will error and it does the needed 655 * line discipline hangup and signal delivery. The tty object itself 656 * remains intact. 657 * 658 * Locking: 659 * BTM 660 * redirect lock for undoing redirection 661 * file list lock for manipulating list of ttys 662 * tty_ldiscs_lock from called functions 663 * termios_rwsem resetting termios data 664 * tasklist_lock to walk task list for hangup event 665 * ->siglock to protect ->signal/->sighand 666 */ 667 static void __tty_hangup(struct tty_struct *tty, int exit_session) 668 { 669 struct file *cons_filp = NULL; 670 struct file *filp, *f = NULL; 671 struct tty_file_private *priv; 672 int closecount = 0, n; 673 int refs; 674 675 if (!tty) 676 return; 677 678 679 spin_lock(&redirect_lock); 680 if (redirect && file_tty(redirect) == tty) { 681 f = redirect; 682 redirect = NULL; 683 } 684 spin_unlock(&redirect_lock); 685 686 tty_lock(tty); 687 688 if (test_bit(TTY_HUPPED, &tty->flags)) { 689 tty_unlock(tty); 690 return; 691 } 692 693 /* inuse_filps is protected by the single tty lock, 694 this really needs to change if we want to flush the 695 workqueue with the lock held */ 696 check_tty_count(tty, "tty_hangup"); 697 698 spin_lock(&tty_files_lock); 699 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 700 list_for_each_entry(priv, &tty->tty_files, list) { 701 filp = priv->file; 702 if (filp->f_op->write == redirected_tty_write) 703 cons_filp = filp; 704 if (filp->f_op->write != tty_write) 705 continue; 706 closecount++; 707 __tty_fasync(-1, filp, 0); /* can't block */ 708 filp->f_op = &hung_up_tty_fops; 709 } 710 spin_unlock(&tty_files_lock); 711 712 refs = tty_signal_session_leader(tty, exit_session); 713 /* Account for the p->signal references we killed */ 714 while (refs--) 715 tty_kref_put(tty); 716 717 tty_ldisc_hangup(tty); 718 719 spin_lock_irq(&tty->ctrl_lock); 720 clear_bit(TTY_THROTTLED, &tty->flags); 721 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 722 put_pid(tty->session); 723 put_pid(tty->pgrp); 724 tty->session = NULL; 725 tty->pgrp = NULL; 726 tty->ctrl_status = 0; 727 spin_unlock_irq(&tty->ctrl_lock); 728 729 /* 730 * If one of the devices matches a console pointer, we 731 * cannot just call hangup() because that will cause 732 * tty->count and state->count to go out of sync. 733 * So we just call close() the right number of times. 734 */ 735 if (cons_filp) { 736 if (tty->ops->close) 737 for (n = 0; n < closecount; n++) 738 tty->ops->close(tty, cons_filp); 739 } else if (tty->ops->hangup) 740 tty->ops->hangup(tty); 741 /* 742 * We don't want to have driver/ldisc interactions beyond 743 * the ones we did here. The driver layer expects no 744 * calls after ->hangup() from the ldisc side. However we 745 * can't yet guarantee all that. 746 */ 747 set_bit(TTY_HUPPED, &tty->flags); 748 tty_unlock(tty); 749 750 if (f) 751 fput(f); 752 } 753 754 static void do_tty_hangup(struct work_struct *work) 755 { 756 struct tty_struct *tty = 757 container_of(work, struct tty_struct, hangup_work); 758 759 __tty_hangup(tty, 0); 760 } 761 762 /** 763 * tty_hangup - trigger a hangup event 764 * @tty: tty to hangup 765 * 766 * A carrier loss (virtual or otherwise) has occurred on this like 767 * schedule a hangup sequence to run after this event. 768 */ 769 770 void tty_hangup(struct tty_struct *tty) 771 { 772 #ifdef TTY_DEBUG_HANGUP 773 char buf[64]; 774 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 775 #endif 776 schedule_work(&tty->hangup_work); 777 } 778 779 EXPORT_SYMBOL(tty_hangup); 780 781 /** 782 * tty_vhangup - process vhangup 783 * @tty: tty to hangup 784 * 785 * The user has asked via system call for the terminal to be hung up. 786 * We do this synchronously so that when the syscall returns the process 787 * is complete. That guarantee is necessary for security reasons. 788 */ 789 790 void tty_vhangup(struct tty_struct *tty) 791 { 792 #ifdef TTY_DEBUG_HANGUP 793 char buf[64]; 794 795 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 796 #endif 797 __tty_hangup(tty, 0); 798 } 799 800 EXPORT_SYMBOL(tty_vhangup); 801 802 803 /** 804 * tty_vhangup_self - process vhangup for own ctty 805 * 806 * Perform a vhangup on the current controlling tty 807 */ 808 809 void tty_vhangup_self(void) 810 { 811 struct tty_struct *tty; 812 813 tty = get_current_tty(); 814 if (tty) { 815 tty_vhangup(tty); 816 tty_kref_put(tty); 817 } 818 } 819 820 /** 821 * tty_vhangup_session - hangup session leader exit 822 * @tty: tty to hangup 823 * 824 * The session leader is exiting and hanging up its controlling terminal. 825 * Every process in the foreground process group is signalled SIGHUP. 826 * 827 * We do this synchronously so that when the syscall returns the process 828 * is complete. That guarantee is necessary for security reasons. 829 */ 830 831 static void tty_vhangup_session(struct tty_struct *tty) 832 { 833 #ifdef TTY_DEBUG_HANGUP 834 char buf[64]; 835 836 printk(KERN_DEBUG "%s vhangup session...\n", tty_name(tty, buf)); 837 #endif 838 __tty_hangup(tty, 1); 839 } 840 841 /** 842 * tty_hung_up_p - was tty hung up 843 * @filp: file pointer of tty 844 * 845 * Return true if the tty has been subject to a vhangup or a carrier 846 * loss 847 */ 848 849 int tty_hung_up_p(struct file *filp) 850 { 851 return (filp->f_op == &hung_up_tty_fops); 852 } 853 854 EXPORT_SYMBOL(tty_hung_up_p); 855 856 /** 857 * disassociate_ctty - disconnect controlling tty 858 * @on_exit: true if exiting so need to "hang up" the session 859 * 860 * This function is typically called only by the session leader, when 861 * it wants to disassociate itself from its controlling tty. 862 * 863 * It performs the following functions: 864 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 865 * (2) Clears the tty from being controlling the session 866 * (3) Clears the controlling tty for all processes in the 867 * session group. 868 * 869 * The argument on_exit is set to 1 if called when a process is 870 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 871 * 872 * Locking: 873 * BTM is taken for hysterical raisins, and held when 874 * called from no_tty(). 875 * tty_mutex is taken to protect tty 876 * ->siglock is taken to protect ->signal/->sighand 877 * tasklist_lock is taken to walk process list for sessions 878 * ->siglock is taken to protect ->signal/->sighand 879 */ 880 881 void disassociate_ctty(int on_exit) 882 { 883 struct tty_struct *tty; 884 885 if (!current->signal->leader) 886 return; 887 888 tty = get_current_tty(); 889 if (tty) { 890 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) { 891 tty_vhangup_session(tty); 892 } else { 893 struct pid *tty_pgrp = tty_get_pgrp(tty); 894 if (tty_pgrp) { 895 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 896 if (!on_exit) 897 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 898 put_pid(tty_pgrp); 899 } 900 } 901 tty_kref_put(tty); 902 903 } else if (on_exit) { 904 struct pid *old_pgrp; 905 spin_lock_irq(¤t->sighand->siglock); 906 old_pgrp = current->signal->tty_old_pgrp; 907 current->signal->tty_old_pgrp = NULL; 908 spin_unlock_irq(¤t->sighand->siglock); 909 if (old_pgrp) { 910 kill_pgrp(old_pgrp, SIGHUP, on_exit); 911 kill_pgrp(old_pgrp, SIGCONT, on_exit); 912 put_pid(old_pgrp); 913 } 914 return; 915 } 916 917 spin_lock_irq(¤t->sighand->siglock); 918 put_pid(current->signal->tty_old_pgrp); 919 current->signal->tty_old_pgrp = NULL; 920 921 tty = tty_kref_get(current->signal->tty); 922 if (tty) { 923 unsigned long flags; 924 spin_lock_irqsave(&tty->ctrl_lock, flags); 925 put_pid(tty->session); 926 put_pid(tty->pgrp); 927 tty->session = NULL; 928 tty->pgrp = NULL; 929 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 930 tty_kref_put(tty); 931 } else { 932 #ifdef TTY_DEBUG_HANGUP 933 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 934 " = NULL", tty); 935 #endif 936 } 937 938 spin_unlock_irq(¤t->sighand->siglock); 939 /* Now clear signal->tty under the lock */ 940 read_lock(&tasklist_lock); 941 session_clear_tty(task_session(current)); 942 read_unlock(&tasklist_lock); 943 } 944 945 /** 946 * 947 * no_tty - Ensure the current process does not have a controlling tty 948 */ 949 void no_tty(void) 950 { 951 /* FIXME: Review locking here. The tty_lock never covered any race 952 between a new association and proc_clear_tty but possible we need 953 to protect against this anyway */ 954 struct task_struct *tsk = current; 955 disassociate_ctty(0); 956 proc_clear_tty(tsk); 957 } 958 959 960 /** 961 * stop_tty - propagate flow control 962 * @tty: tty to stop 963 * 964 * Perform flow control to the driver. May be called 965 * on an already stopped device and will not re-call the driver 966 * method. 967 * 968 * This functionality is used by both the line disciplines for 969 * halting incoming flow and by the driver. It may therefore be 970 * called from any context, may be under the tty atomic_write_lock 971 * but not always. 972 * 973 * Locking: 974 * flow_lock 975 */ 976 977 void __stop_tty(struct tty_struct *tty) 978 { 979 if (tty->stopped) 980 return; 981 tty->stopped = 1; 982 if (tty->ops->stop) 983 tty->ops->stop(tty); 984 } 985 986 void stop_tty(struct tty_struct *tty) 987 { 988 unsigned long flags; 989 990 spin_lock_irqsave(&tty->flow_lock, flags); 991 __stop_tty(tty); 992 spin_unlock_irqrestore(&tty->flow_lock, flags); 993 } 994 EXPORT_SYMBOL(stop_tty); 995 996 /** 997 * start_tty - propagate flow control 998 * @tty: tty to start 999 * 1000 * Start a tty that has been stopped if at all possible. If this 1001 * tty was previous stopped and is now being started, the driver 1002 * start method is invoked and the line discipline woken. 1003 * 1004 * Locking: 1005 * flow_lock 1006 */ 1007 1008 void __start_tty(struct tty_struct *tty) 1009 { 1010 if (!tty->stopped || tty->flow_stopped) 1011 return; 1012 tty->stopped = 0; 1013 if (tty->ops->start) 1014 tty->ops->start(tty); 1015 tty_wakeup(tty); 1016 } 1017 1018 void start_tty(struct tty_struct *tty) 1019 { 1020 unsigned long flags; 1021 1022 spin_lock_irqsave(&tty->flow_lock, flags); 1023 __start_tty(tty); 1024 spin_unlock_irqrestore(&tty->flow_lock, flags); 1025 } 1026 EXPORT_SYMBOL(start_tty); 1027 1028 /* We limit tty time update visibility to every 8 seconds or so. */ 1029 static void tty_update_time(struct timespec *time) 1030 { 1031 unsigned long sec = get_seconds() & ~7; 1032 if ((long)(sec - time->tv_sec) > 0) 1033 time->tv_sec = sec; 1034 } 1035 1036 /** 1037 * tty_read - read method for tty device files 1038 * @file: pointer to tty file 1039 * @buf: user buffer 1040 * @count: size of user buffer 1041 * @ppos: unused 1042 * 1043 * Perform the read system call function on this terminal device. Checks 1044 * for hung up devices before calling the line discipline method. 1045 * 1046 * Locking: 1047 * Locks the line discipline internally while needed. Multiple 1048 * read calls may be outstanding in parallel. 1049 */ 1050 1051 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 1052 loff_t *ppos) 1053 { 1054 int i; 1055 struct inode *inode = file_inode(file); 1056 struct tty_struct *tty = file_tty(file); 1057 struct tty_ldisc *ld; 1058 1059 if (tty_paranoia_check(tty, inode, "tty_read")) 1060 return -EIO; 1061 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 1062 return -EIO; 1063 1064 /* We want to wait for the line discipline to sort out in this 1065 situation */ 1066 ld = tty_ldisc_ref_wait(tty); 1067 if (ld->ops->read) 1068 i = ld->ops->read(tty, file, buf, count); 1069 else 1070 i = -EIO; 1071 tty_ldisc_deref(ld); 1072 1073 if (i > 0) 1074 tty_update_time(&inode->i_atime); 1075 1076 return i; 1077 } 1078 1079 static void tty_write_unlock(struct tty_struct *tty) 1080 { 1081 mutex_unlock(&tty->atomic_write_lock); 1082 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 1083 } 1084 1085 static int tty_write_lock(struct tty_struct *tty, int ndelay) 1086 { 1087 if (!mutex_trylock(&tty->atomic_write_lock)) { 1088 if (ndelay) 1089 return -EAGAIN; 1090 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 1091 return -ERESTARTSYS; 1092 } 1093 return 0; 1094 } 1095 1096 /* 1097 * Split writes up in sane blocksizes to avoid 1098 * denial-of-service type attacks 1099 */ 1100 static inline ssize_t do_tty_write( 1101 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1102 struct tty_struct *tty, 1103 struct file *file, 1104 const char __user *buf, 1105 size_t count) 1106 { 1107 ssize_t ret, written = 0; 1108 unsigned int chunk; 1109 1110 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1111 if (ret < 0) 1112 return ret; 1113 1114 /* 1115 * We chunk up writes into a temporary buffer. This 1116 * simplifies low-level drivers immensely, since they 1117 * don't have locking issues and user mode accesses. 1118 * 1119 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1120 * big chunk-size.. 1121 * 1122 * The default chunk-size is 2kB, because the NTTY 1123 * layer has problems with bigger chunks. It will 1124 * claim to be able to handle more characters than 1125 * it actually does. 1126 * 1127 * FIXME: This can probably go away now except that 64K chunks 1128 * are too likely to fail unless switched to vmalloc... 1129 */ 1130 chunk = 2048; 1131 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1132 chunk = 65536; 1133 if (count < chunk) 1134 chunk = count; 1135 1136 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1137 if (tty->write_cnt < chunk) { 1138 unsigned char *buf_chunk; 1139 1140 if (chunk < 1024) 1141 chunk = 1024; 1142 1143 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1144 if (!buf_chunk) { 1145 ret = -ENOMEM; 1146 goto out; 1147 } 1148 kfree(tty->write_buf); 1149 tty->write_cnt = chunk; 1150 tty->write_buf = buf_chunk; 1151 } 1152 1153 /* Do the write .. */ 1154 for (;;) { 1155 size_t size = count; 1156 if (size > chunk) 1157 size = chunk; 1158 ret = -EFAULT; 1159 if (copy_from_user(tty->write_buf, buf, size)) 1160 break; 1161 ret = write(tty, file, tty->write_buf, size); 1162 if (ret <= 0) 1163 break; 1164 written += ret; 1165 buf += ret; 1166 count -= ret; 1167 if (!count) 1168 break; 1169 ret = -ERESTARTSYS; 1170 if (signal_pending(current)) 1171 break; 1172 cond_resched(); 1173 } 1174 if (written) { 1175 tty_update_time(&file_inode(file)->i_mtime); 1176 ret = written; 1177 } 1178 out: 1179 tty_write_unlock(tty); 1180 return ret; 1181 } 1182 1183 /** 1184 * tty_write_message - write a message to a certain tty, not just the console. 1185 * @tty: the destination tty_struct 1186 * @msg: the message to write 1187 * 1188 * This is used for messages that need to be redirected to a specific tty. 1189 * We don't put it into the syslog queue right now maybe in the future if 1190 * really needed. 1191 * 1192 * We must still hold the BTM and test the CLOSING flag for the moment. 1193 */ 1194 1195 void tty_write_message(struct tty_struct *tty, char *msg) 1196 { 1197 if (tty) { 1198 mutex_lock(&tty->atomic_write_lock); 1199 tty_lock(tty); 1200 if (tty->ops->write && tty->count > 0) { 1201 tty_unlock(tty); 1202 tty->ops->write(tty, msg, strlen(msg)); 1203 } else 1204 tty_unlock(tty); 1205 tty_write_unlock(tty); 1206 } 1207 return; 1208 } 1209 1210 1211 /** 1212 * tty_write - write method for tty device file 1213 * @file: tty file pointer 1214 * @buf: user data to write 1215 * @count: bytes to write 1216 * @ppos: unused 1217 * 1218 * Write data to a tty device via the line discipline. 1219 * 1220 * Locking: 1221 * Locks the line discipline as required 1222 * Writes to the tty driver are serialized by the atomic_write_lock 1223 * and are then processed in chunks to the device. The line discipline 1224 * write method will not be invoked in parallel for each device. 1225 */ 1226 1227 static ssize_t tty_write(struct file *file, const char __user *buf, 1228 size_t count, loff_t *ppos) 1229 { 1230 struct tty_struct *tty = file_tty(file); 1231 struct tty_ldisc *ld; 1232 ssize_t ret; 1233 1234 if (tty_paranoia_check(tty, file_inode(file), "tty_write")) 1235 return -EIO; 1236 if (!tty || !tty->ops->write || 1237 (test_bit(TTY_IO_ERROR, &tty->flags))) 1238 return -EIO; 1239 /* Short term debug to catch buggy drivers */ 1240 if (tty->ops->write_room == NULL) 1241 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1242 tty->driver->name); 1243 ld = tty_ldisc_ref_wait(tty); 1244 if (!ld->ops->write) 1245 ret = -EIO; 1246 else 1247 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1248 tty_ldisc_deref(ld); 1249 return ret; 1250 } 1251 1252 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1253 size_t count, loff_t *ppos) 1254 { 1255 struct file *p = NULL; 1256 1257 spin_lock(&redirect_lock); 1258 if (redirect) 1259 p = get_file(redirect); 1260 spin_unlock(&redirect_lock); 1261 1262 if (p) { 1263 ssize_t res; 1264 res = vfs_write(p, buf, count, &p->f_pos); 1265 fput(p); 1266 return res; 1267 } 1268 return tty_write(file, buf, count, ppos); 1269 } 1270 1271 /** 1272 * tty_send_xchar - send priority character 1273 * 1274 * Send a high priority character to the tty even if stopped 1275 * 1276 * Locking: none for xchar method, write ordering for write method. 1277 */ 1278 1279 int tty_send_xchar(struct tty_struct *tty, char ch) 1280 { 1281 int was_stopped = tty->stopped; 1282 1283 if (tty->ops->send_xchar) { 1284 tty->ops->send_xchar(tty, ch); 1285 return 0; 1286 } 1287 1288 if (tty_write_lock(tty, 0) < 0) 1289 return -ERESTARTSYS; 1290 1291 if (was_stopped) 1292 start_tty(tty); 1293 tty->ops->write(tty, &ch, 1); 1294 if (was_stopped) 1295 stop_tty(tty); 1296 tty_write_unlock(tty); 1297 return 0; 1298 } 1299 1300 static char ptychar[] = "pqrstuvwxyzabcde"; 1301 1302 /** 1303 * pty_line_name - generate name for a pty 1304 * @driver: the tty driver in use 1305 * @index: the minor number 1306 * @p: output buffer of at least 6 bytes 1307 * 1308 * Generate a name from a driver reference and write it to the output 1309 * buffer. 1310 * 1311 * Locking: None 1312 */ 1313 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1314 { 1315 int i = index + driver->name_base; 1316 /* ->name is initialized to "ttyp", but "tty" is expected */ 1317 sprintf(p, "%s%c%x", 1318 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1319 ptychar[i >> 4 & 0xf], i & 0xf); 1320 } 1321 1322 /** 1323 * tty_line_name - generate name for a tty 1324 * @driver: the tty driver in use 1325 * @index: the minor number 1326 * @p: output buffer of at least 7 bytes 1327 * 1328 * Generate a name from a driver reference and write it to the output 1329 * buffer. 1330 * 1331 * Locking: None 1332 */ 1333 static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p) 1334 { 1335 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE) 1336 return sprintf(p, "%s", driver->name); 1337 else 1338 return sprintf(p, "%s%d", driver->name, 1339 index + driver->name_base); 1340 } 1341 1342 /** 1343 * tty_driver_lookup_tty() - find an existing tty, if any 1344 * @driver: the driver for the tty 1345 * @idx: the minor number 1346 * 1347 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the 1348 * driver lookup() method returns an error. 1349 * 1350 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref. 1351 */ 1352 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1353 struct inode *inode, int idx) 1354 { 1355 struct tty_struct *tty; 1356 1357 if (driver->ops->lookup) 1358 tty = driver->ops->lookup(driver, inode, idx); 1359 else 1360 tty = driver->ttys[idx]; 1361 1362 if (!IS_ERR(tty)) 1363 tty_kref_get(tty); 1364 return tty; 1365 } 1366 1367 /** 1368 * tty_init_termios - helper for termios setup 1369 * @tty: the tty to set up 1370 * 1371 * Initialise the termios structures for this tty. Thus runs under 1372 * the tty_mutex currently so we can be relaxed about ordering. 1373 */ 1374 1375 int tty_init_termios(struct tty_struct *tty) 1376 { 1377 struct ktermios *tp; 1378 int idx = tty->index; 1379 1380 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1381 tty->termios = tty->driver->init_termios; 1382 else { 1383 /* Check for lazy saved data */ 1384 tp = tty->driver->termios[idx]; 1385 if (tp != NULL) 1386 tty->termios = *tp; 1387 else 1388 tty->termios = tty->driver->init_termios; 1389 } 1390 /* Compatibility until drivers always set this */ 1391 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios); 1392 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios); 1393 return 0; 1394 } 1395 EXPORT_SYMBOL_GPL(tty_init_termios); 1396 1397 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1398 { 1399 int ret = tty_init_termios(tty); 1400 if (ret) 1401 return ret; 1402 1403 tty_driver_kref_get(driver); 1404 tty->count++; 1405 driver->ttys[tty->index] = tty; 1406 return 0; 1407 } 1408 EXPORT_SYMBOL_GPL(tty_standard_install); 1409 1410 /** 1411 * tty_driver_install_tty() - install a tty entry in the driver 1412 * @driver: the driver for the tty 1413 * @tty: the tty 1414 * 1415 * Install a tty object into the driver tables. The tty->index field 1416 * will be set by the time this is called. This method is responsible 1417 * for ensuring any need additional structures are allocated and 1418 * configured. 1419 * 1420 * Locking: tty_mutex for now 1421 */ 1422 static int tty_driver_install_tty(struct tty_driver *driver, 1423 struct tty_struct *tty) 1424 { 1425 return driver->ops->install ? driver->ops->install(driver, tty) : 1426 tty_standard_install(driver, tty); 1427 } 1428 1429 /** 1430 * tty_driver_remove_tty() - remove a tty from the driver tables 1431 * @driver: the driver for the tty 1432 * @idx: the minor number 1433 * 1434 * Remvoe a tty object from the driver tables. The tty->index field 1435 * will be set by the time this is called. 1436 * 1437 * Locking: tty_mutex for now 1438 */ 1439 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1440 { 1441 if (driver->ops->remove) 1442 driver->ops->remove(driver, tty); 1443 else 1444 driver->ttys[tty->index] = NULL; 1445 } 1446 1447 /* 1448 * tty_reopen() - fast re-open of an open tty 1449 * @tty - the tty to open 1450 * 1451 * Return 0 on success, -errno on error. 1452 * Re-opens on master ptys are not allowed and return -EIO. 1453 * 1454 * Locking: Caller must hold tty_lock 1455 */ 1456 static int tty_reopen(struct tty_struct *tty) 1457 { 1458 struct tty_driver *driver = tty->driver; 1459 1460 if (!tty->count) 1461 return -EIO; 1462 1463 if (driver->type == TTY_DRIVER_TYPE_PTY && 1464 driver->subtype == PTY_TYPE_MASTER) 1465 return -EIO; 1466 1467 tty->count++; 1468 1469 WARN_ON(!tty->ldisc); 1470 1471 return 0; 1472 } 1473 1474 /** 1475 * tty_init_dev - initialise a tty device 1476 * @driver: tty driver we are opening a device on 1477 * @idx: device index 1478 * @ret_tty: returned tty structure 1479 * 1480 * Prepare a tty device. This may not be a "new" clean device but 1481 * could also be an active device. The pty drivers require special 1482 * handling because of this. 1483 * 1484 * Locking: 1485 * The function is called under the tty_mutex, which 1486 * protects us from the tty struct or driver itself going away. 1487 * 1488 * On exit the tty device has the line discipline attached and 1489 * a reference count of 1. If a pair was created for pty/tty use 1490 * and the other was a pty master then it too has a reference count of 1. 1491 * 1492 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1493 * failed open. The new code protects the open with a mutex, so it's 1494 * really quite straightforward. The mutex locking can probably be 1495 * relaxed for the (most common) case of reopening a tty. 1496 */ 1497 1498 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1499 { 1500 struct tty_struct *tty; 1501 int retval; 1502 1503 /* 1504 * First time open is complex, especially for PTY devices. 1505 * This code guarantees that either everything succeeds and the 1506 * TTY is ready for operation, or else the table slots are vacated 1507 * and the allocated memory released. (Except that the termios 1508 * and locked termios may be retained.) 1509 */ 1510 1511 if (!try_module_get(driver->owner)) 1512 return ERR_PTR(-ENODEV); 1513 1514 tty = alloc_tty_struct(driver, idx); 1515 if (!tty) { 1516 retval = -ENOMEM; 1517 goto err_module_put; 1518 } 1519 1520 tty_lock(tty); 1521 retval = tty_driver_install_tty(driver, tty); 1522 if (retval < 0) 1523 goto err_deinit_tty; 1524 1525 if (!tty->port) 1526 tty->port = driver->ports[idx]; 1527 1528 WARN_RATELIMIT(!tty->port, 1529 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n", 1530 __func__, tty->driver->name); 1531 1532 tty->port->itty = tty; 1533 1534 /* 1535 * Structures all installed ... call the ldisc open routines. 1536 * If we fail here just call release_tty to clean up. No need 1537 * to decrement the use counts, as release_tty doesn't care. 1538 */ 1539 retval = tty_ldisc_setup(tty, tty->link); 1540 if (retval) 1541 goto err_release_tty; 1542 /* Return the tty locked so that it cannot vanish under the caller */ 1543 return tty; 1544 1545 err_deinit_tty: 1546 tty_unlock(tty); 1547 deinitialize_tty_struct(tty); 1548 free_tty_struct(tty); 1549 err_module_put: 1550 module_put(driver->owner); 1551 return ERR_PTR(retval); 1552 1553 /* call the tty release_tty routine to clean out this slot */ 1554 err_release_tty: 1555 tty_unlock(tty); 1556 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1557 "clearing slot %d\n", idx); 1558 release_tty(tty, idx); 1559 return ERR_PTR(retval); 1560 } 1561 1562 void tty_free_termios(struct tty_struct *tty) 1563 { 1564 struct ktermios *tp; 1565 int idx = tty->index; 1566 1567 /* If the port is going to reset then it has no termios to save */ 1568 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1569 return; 1570 1571 /* Stash the termios data */ 1572 tp = tty->driver->termios[idx]; 1573 if (tp == NULL) { 1574 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL); 1575 if (tp == NULL) { 1576 pr_warn("tty: no memory to save termios state.\n"); 1577 return; 1578 } 1579 tty->driver->termios[idx] = tp; 1580 } 1581 *tp = tty->termios; 1582 } 1583 EXPORT_SYMBOL(tty_free_termios); 1584 1585 /** 1586 * tty_flush_works - flush all works of a tty/pty pair 1587 * @tty: tty device to flush works for (or either end of a pty pair) 1588 * 1589 * Sync flush all works belonging to @tty (and the 'other' tty). 1590 */ 1591 static void tty_flush_works(struct tty_struct *tty) 1592 { 1593 flush_work(&tty->SAK_work); 1594 flush_work(&tty->hangup_work); 1595 if (tty->link) { 1596 flush_work(&tty->link->SAK_work); 1597 flush_work(&tty->link->hangup_work); 1598 } 1599 } 1600 1601 /** 1602 * release_one_tty - release tty structure memory 1603 * @kref: kref of tty we are obliterating 1604 * 1605 * Releases memory associated with a tty structure, and clears out the 1606 * driver table slots. This function is called when a device is no longer 1607 * in use. It also gets called when setup of a device fails. 1608 * 1609 * Locking: 1610 * takes the file list lock internally when working on the list 1611 * of ttys that the driver keeps. 1612 * 1613 * This method gets called from a work queue so that the driver private 1614 * cleanup ops can sleep (needed for USB at least) 1615 */ 1616 static void release_one_tty(struct work_struct *work) 1617 { 1618 struct tty_struct *tty = 1619 container_of(work, struct tty_struct, hangup_work); 1620 struct tty_driver *driver = tty->driver; 1621 struct module *owner = driver->owner; 1622 1623 if (tty->ops->cleanup) 1624 tty->ops->cleanup(tty); 1625 1626 tty->magic = 0; 1627 tty_driver_kref_put(driver); 1628 module_put(owner); 1629 1630 spin_lock(&tty_files_lock); 1631 list_del_init(&tty->tty_files); 1632 spin_unlock(&tty_files_lock); 1633 1634 put_pid(tty->pgrp); 1635 put_pid(tty->session); 1636 free_tty_struct(tty); 1637 } 1638 1639 static void queue_release_one_tty(struct kref *kref) 1640 { 1641 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1642 1643 /* The hangup queue is now free so we can reuse it rather than 1644 waste a chunk of memory for each port */ 1645 INIT_WORK(&tty->hangup_work, release_one_tty); 1646 schedule_work(&tty->hangup_work); 1647 } 1648 1649 /** 1650 * tty_kref_put - release a tty kref 1651 * @tty: tty device 1652 * 1653 * Release a reference to a tty device and if need be let the kref 1654 * layer destruct the object for us 1655 */ 1656 1657 void tty_kref_put(struct tty_struct *tty) 1658 { 1659 if (tty) 1660 kref_put(&tty->kref, queue_release_one_tty); 1661 } 1662 EXPORT_SYMBOL(tty_kref_put); 1663 1664 /** 1665 * release_tty - release tty structure memory 1666 * 1667 * Release both @tty and a possible linked partner (think pty pair), 1668 * and decrement the refcount of the backing module. 1669 * 1670 * Locking: 1671 * tty_mutex 1672 * takes the file list lock internally when working on the list 1673 * of ttys that the driver keeps. 1674 * 1675 */ 1676 static void release_tty(struct tty_struct *tty, int idx) 1677 { 1678 /* This should always be true but check for the moment */ 1679 WARN_ON(tty->index != idx); 1680 WARN_ON(!mutex_is_locked(&tty_mutex)); 1681 if (tty->ops->shutdown) 1682 tty->ops->shutdown(tty); 1683 tty_free_termios(tty); 1684 tty_driver_remove_tty(tty->driver, tty); 1685 tty->port->itty = NULL; 1686 if (tty->link) 1687 tty->link->port->itty = NULL; 1688 cancel_work_sync(&tty->port->buf.work); 1689 1690 tty_kref_put(tty->link); 1691 tty_kref_put(tty); 1692 } 1693 1694 /** 1695 * tty_release_checks - check a tty before real release 1696 * @tty: tty to check 1697 * @o_tty: link of @tty (if any) 1698 * @idx: index of the tty 1699 * 1700 * Performs some paranoid checking before true release of the @tty. 1701 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1702 */ 1703 static int tty_release_checks(struct tty_struct *tty, int idx) 1704 { 1705 #ifdef TTY_PARANOIA_CHECK 1706 if (idx < 0 || idx >= tty->driver->num) { 1707 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n", 1708 __func__, tty->name); 1709 return -1; 1710 } 1711 1712 /* not much to check for devpts */ 1713 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1714 return 0; 1715 1716 if (tty != tty->driver->ttys[idx]) { 1717 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n", 1718 __func__, idx, tty->name); 1719 return -1; 1720 } 1721 if (tty->driver->other) { 1722 struct tty_struct *o_tty = tty->link; 1723 1724 if (o_tty != tty->driver->other->ttys[idx]) { 1725 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n", 1726 __func__, idx, tty->name); 1727 return -1; 1728 } 1729 if (o_tty->link != tty) { 1730 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__); 1731 return -1; 1732 } 1733 } 1734 #endif 1735 return 0; 1736 } 1737 1738 /** 1739 * tty_release - vfs callback for close 1740 * @inode: inode of tty 1741 * @filp: file pointer for handle to tty 1742 * 1743 * Called the last time each file handle is closed that references 1744 * this tty. There may however be several such references. 1745 * 1746 * Locking: 1747 * Takes bkl. See tty_release_dev 1748 * 1749 * Even releasing the tty structures is a tricky business.. We have 1750 * to be very careful that the structures are all released at the 1751 * same time, as interrupts might otherwise get the wrong pointers. 1752 * 1753 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1754 * lead to double frees or releasing memory still in use. 1755 */ 1756 1757 int tty_release(struct inode *inode, struct file *filp) 1758 { 1759 struct tty_struct *tty = file_tty(filp); 1760 struct tty_struct *o_tty = NULL; 1761 int do_sleep, final; 1762 int idx; 1763 char buf[64]; 1764 long timeout = 0; 1765 int once = 1; 1766 1767 if (tty_paranoia_check(tty, inode, __func__)) 1768 return 0; 1769 1770 tty_lock(tty); 1771 check_tty_count(tty, __func__); 1772 1773 __tty_fasync(-1, filp, 0); 1774 1775 idx = tty->index; 1776 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1777 tty->driver->subtype == PTY_TYPE_MASTER) 1778 o_tty = tty->link; 1779 1780 if (tty_release_checks(tty, idx)) { 1781 tty_unlock(tty); 1782 return 0; 1783 } 1784 1785 #ifdef TTY_DEBUG_HANGUP 1786 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__, 1787 tty_name(tty, buf), tty->count); 1788 #endif 1789 1790 if (tty->ops->close) 1791 tty->ops->close(tty, filp); 1792 1793 /* If tty is pty master, lock the slave pty (stable lock order) */ 1794 tty_lock_slave(o_tty); 1795 1796 /* 1797 * Sanity check: if tty->count is going to zero, there shouldn't be 1798 * any waiters on tty->read_wait or tty->write_wait. We test the 1799 * wait queues and kick everyone out _before_ actually starting to 1800 * close. This ensures that we won't block while releasing the tty 1801 * structure. 1802 * 1803 * The test for the o_tty closing is necessary, since the master and 1804 * slave sides may close in any order. If the slave side closes out 1805 * first, its count will be one, since the master side holds an open. 1806 * Thus this test wouldn't be triggered at the time the slave closed, 1807 * so we do it now. 1808 */ 1809 while (1) { 1810 do_sleep = 0; 1811 1812 if (tty->count <= 1) { 1813 if (waitqueue_active(&tty->read_wait)) { 1814 wake_up_poll(&tty->read_wait, POLLIN); 1815 do_sleep++; 1816 } 1817 if (waitqueue_active(&tty->write_wait)) { 1818 wake_up_poll(&tty->write_wait, POLLOUT); 1819 do_sleep++; 1820 } 1821 } 1822 if (o_tty && o_tty->count <= 1) { 1823 if (waitqueue_active(&o_tty->read_wait)) { 1824 wake_up_poll(&o_tty->read_wait, POLLIN); 1825 do_sleep++; 1826 } 1827 if (waitqueue_active(&o_tty->write_wait)) { 1828 wake_up_poll(&o_tty->write_wait, POLLOUT); 1829 do_sleep++; 1830 } 1831 } 1832 if (!do_sleep) 1833 break; 1834 1835 if (once) { 1836 once = 0; 1837 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n", 1838 __func__, tty_name(tty, buf)); 1839 } 1840 schedule_timeout_killable(timeout); 1841 if (timeout < 120 * HZ) 1842 timeout = 2 * timeout + 1; 1843 else 1844 timeout = MAX_SCHEDULE_TIMEOUT; 1845 } 1846 1847 if (o_tty) { 1848 if (--o_tty->count < 0) { 1849 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n", 1850 __func__, o_tty->count, tty_name(o_tty, buf)); 1851 o_tty->count = 0; 1852 } 1853 } 1854 if (--tty->count < 0) { 1855 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n", 1856 __func__, tty->count, tty_name(tty, buf)); 1857 tty->count = 0; 1858 } 1859 1860 /* 1861 * We've decremented tty->count, so we need to remove this file 1862 * descriptor off the tty->tty_files list; this serves two 1863 * purposes: 1864 * - check_tty_count sees the correct number of file descriptors 1865 * associated with this tty. 1866 * - do_tty_hangup no longer sees this file descriptor as 1867 * something that needs to be handled for hangups. 1868 */ 1869 tty_del_file(filp); 1870 1871 /* 1872 * Perform some housekeeping before deciding whether to return. 1873 * 1874 * If _either_ side is closing, make sure there aren't any 1875 * processes that still think tty or o_tty is their controlling 1876 * tty. 1877 */ 1878 if (!tty->count) { 1879 read_lock(&tasklist_lock); 1880 session_clear_tty(tty->session); 1881 if (o_tty) 1882 session_clear_tty(o_tty->session); 1883 read_unlock(&tasklist_lock); 1884 } 1885 1886 /* check whether both sides are closing ... */ 1887 final = !tty->count && !(o_tty && o_tty->count); 1888 1889 tty_unlock_slave(o_tty); 1890 tty_unlock(tty); 1891 1892 /* At this point, the tty->count == 0 should ensure a dead tty 1893 cannot be re-opened by a racing opener */ 1894 1895 if (!final) 1896 return 0; 1897 1898 #ifdef TTY_DEBUG_HANGUP 1899 printk(KERN_DEBUG "%s: %s: final close\n", __func__, tty_name(tty, buf)); 1900 #endif 1901 /* 1902 * Ask the line discipline code to release its structures 1903 */ 1904 tty_ldisc_release(tty); 1905 1906 /* Wait for pending work before tty destruction commmences */ 1907 tty_flush_works(tty); 1908 1909 #ifdef TTY_DEBUG_HANGUP 1910 printk(KERN_DEBUG "%s: %s: freeing structure...\n", __func__, tty_name(tty, buf)); 1911 #endif 1912 /* 1913 * The release_tty function takes care of the details of clearing 1914 * the slots and preserving the termios structure. The tty_unlock_pair 1915 * should be safe as we keep a kref while the tty is locked (so the 1916 * unlock never unlocks a freed tty). 1917 */ 1918 mutex_lock(&tty_mutex); 1919 release_tty(tty, idx); 1920 mutex_unlock(&tty_mutex); 1921 1922 return 0; 1923 } 1924 1925 /** 1926 * tty_open_current_tty - get locked tty of current task 1927 * @device: device number 1928 * @filp: file pointer to tty 1929 * @return: locked tty of the current task iff @device is /dev/tty 1930 * 1931 * Performs a re-open of the current task's controlling tty. 1932 * 1933 * We cannot return driver and index like for the other nodes because 1934 * devpts will not work then. It expects inodes to be from devpts FS. 1935 */ 1936 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1937 { 1938 struct tty_struct *tty; 1939 int retval; 1940 1941 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1942 return NULL; 1943 1944 tty = get_current_tty(); 1945 if (!tty) 1946 return ERR_PTR(-ENXIO); 1947 1948 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1949 /* noctty = 1; */ 1950 tty_lock(tty); 1951 tty_kref_put(tty); /* safe to drop the kref now */ 1952 1953 retval = tty_reopen(tty); 1954 if (retval < 0) { 1955 tty_unlock(tty); 1956 tty = ERR_PTR(retval); 1957 } 1958 return tty; 1959 } 1960 1961 /** 1962 * tty_lookup_driver - lookup a tty driver for a given device file 1963 * @device: device number 1964 * @filp: file pointer to tty 1965 * @noctty: set if the device should not become a controlling tty 1966 * @index: index for the device in the @return driver 1967 * @return: driver for this inode (with increased refcount) 1968 * 1969 * If @return is not erroneous, the caller is responsible to decrement the 1970 * refcount by tty_driver_kref_put. 1971 * 1972 * Locking: tty_mutex protects get_tty_driver 1973 */ 1974 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1975 int *noctty, int *index) 1976 { 1977 struct tty_driver *driver; 1978 1979 switch (device) { 1980 #ifdef CONFIG_VT 1981 case MKDEV(TTY_MAJOR, 0): { 1982 extern struct tty_driver *console_driver; 1983 driver = tty_driver_kref_get(console_driver); 1984 *index = fg_console; 1985 *noctty = 1; 1986 break; 1987 } 1988 #endif 1989 case MKDEV(TTYAUX_MAJOR, 1): { 1990 struct tty_driver *console_driver = console_device(index); 1991 if (console_driver) { 1992 driver = tty_driver_kref_get(console_driver); 1993 if (driver) { 1994 /* Don't let /dev/console block */ 1995 filp->f_flags |= O_NONBLOCK; 1996 *noctty = 1; 1997 break; 1998 } 1999 } 2000 return ERR_PTR(-ENODEV); 2001 } 2002 default: 2003 driver = get_tty_driver(device, index); 2004 if (!driver) 2005 return ERR_PTR(-ENODEV); 2006 break; 2007 } 2008 return driver; 2009 } 2010 2011 /** 2012 * tty_open - open a tty device 2013 * @inode: inode of device file 2014 * @filp: file pointer to tty 2015 * 2016 * tty_open and tty_release keep up the tty count that contains the 2017 * number of opens done on a tty. We cannot use the inode-count, as 2018 * different inodes might point to the same tty. 2019 * 2020 * Open-counting is needed for pty masters, as well as for keeping 2021 * track of serial lines: DTR is dropped when the last close happens. 2022 * (This is not done solely through tty->count, now. - Ted 1/27/92) 2023 * 2024 * The termios state of a pty is reset on first open so that 2025 * settings don't persist across reuse. 2026 * 2027 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 2028 * tty->count should protect the rest. 2029 * ->siglock protects ->signal/->sighand 2030 * 2031 * Note: the tty_unlock/lock cases without a ref are only safe due to 2032 * tty_mutex 2033 */ 2034 2035 static int tty_open(struct inode *inode, struct file *filp) 2036 { 2037 struct tty_struct *tty; 2038 int noctty, retval; 2039 struct tty_driver *driver = NULL; 2040 int index; 2041 dev_t device = inode->i_rdev; 2042 unsigned saved_flags = filp->f_flags; 2043 2044 nonseekable_open(inode, filp); 2045 2046 retry_open: 2047 retval = tty_alloc_file(filp); 2048 if (retval) 2049 return -ENOMEM; 2050 2051 noctty = filp->f_flags & O_NOCTTY; 2052 index = -1; 2053 retval = 0; 2054 2055 tty = tty_open_current_tty(device, filp); 2056 if (!tty) { 2057 mutex_lock(&tty_mutex); 2058 driver = tty_lookup_driver(device, filp, &noctty, &index); 2059 if (IS_ERR(driver)) { 2060 retval = PTR_ERR(driver); 2061 goto err_unlock; 2062 } 2063 2064 /* check whether we're reopening an existing tty */ 2065 tty = tty_driver_lookup_tty(driver, inode, index); 2066 if (IS_ERR(tty)) { 2067 retval = PTR_ERR(tty); 2068 goto err_unlock; 2069 } 2070 2071 if (tty) { 2072 mutex_unlock(&tty_mutex); 2073 tty_lock(tty); 2074 /* safe to drop the kref from tty_driver_lookup_tty() */ 2075 tty_kref_put(tty); 2076 retval = tty_reopen(tty); 2077 if (retval < 0) { 2078 tty_unlock(tty); 2079 tty = ERR_PTR(retval); 2080 } 2081 } else { /* Returns with the tty_lock held for now */ 2082 tty = tty_init_dev(driver, index); 2083 mutex_unlock(&tty_mutex); 2084 } 2085 2086 tty_driver_kref_put(driver); 2087 } 2088 2089 if (IS_ERR(tty)) { 2090 retval = PTR_ERR(tty); 2091 goto err_file; 2092 } 2093 2094 tty_add_file(tty, filp); 2095 2096 check_tty_count(tty, __func__); 2097 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2098 tty->driver->subtype == PTY_TYPE_MASTER) 2099 noctty = 1; 2100 #ifdef TTY_DEBUG_HANGUP 2101 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name); 2102 #endif 2103 if (tty->ops->open) 2104 retval = tty->ops->open(tty, filp); 2105 else 2106 retval = -ENODEV; 2107 filp->f_flags = saved_flags; 2108 2109 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 2110 !capable(CAP_SYS_ADMIN)) 2111 retval = -EBUSY; 2112 2113 if (retval) { 2114 #ifdef TTY_DEBUG_HANGUP 2115 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__, 2116 retval, tty->name); 2117 #endif 2118 tty_unlock(tty); /* need to call tty_release without BTM */ 2119 tty_release(inode, filp); 2120 if (retval != -ERESTARTSYS) 2121 return retval; 2122 2123 if (signal_pending(current)) 2124 return retval; 2125 2126 schedule(); 2127 /* 2128 * Need to reset f_op in case a hangup happened. 2129 */ 2130 if (tty_hung_up_p(filp)) 2131 filp->f_op = &tty_fops; 2132 goto retry_open; 2133 } 2134 clear_bit(TTY_HUPPED, &tty->flags); 2135 2136 2137 read_lock(&tasklist_lock); 2138 spin_lock_irq(¤t->sighand->siglock); 2139 if (!noctty && 2140 current->signal->leader && 2141 !current->signal->tty && 2142 tty->session == NULL) 2143 __proc_set_tty(tty); 2144 spin_unlock_irq(¤t->sighand->siglock); 2145 read_unlock(&tasklist_lock); 2146 tty_unlock(tty); 2147 return 0; 2148 err_unlock: 2149 mutex_unlock(&tty_mutex); 2150 /* after locks to avoid deadlock */ 2151 if (!IS_ERR_OR_NULL(driver)) 2152 tty_driver_kref_put(driver); 2153 err_file: 2154 tty_free_file(filp); 2155 return retval; 2156 } 2157 2158 2159 2160 /** 2161 * tty_poll - check tty status 2162 * @filp: file being polled 2163 * @wait: poll wait structures to update 2164 * 2165 * Call the line discipline polling method to obtain the poll 2166 * status of the device. 2167 * 2168 * Locking: locks called line discipline but ldisc poll method 2169 * may be re-entered freely by other callers. 2170 */ 2171 2172 static unsigned int tty_poll(struct file *filp, poll_table *wait) 2173 { 2174 struct tty_struct *tty = file_tty(filp); 2175 struct tty_ldisc *ld; 2176 int ret = 0; 2177 2178 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll")) 2179 return 0; 2180 2181 ld = tty_ldisc_ref_wait(tty); 2182 if (ld->ops->poll) 2183 ret = ld->ops->poll(tty, filp, wait); 2184 tty_ldisc_deref(ld); 2185 return ret; 2186 } 2187 2188 static int __tty_fasync(int fd, struct file *filp, int on) 2189 { 2190 struct tty_struct *tty = file_tty(filp); 2191 struct tty_ldisc *ldisc; 2192 unsigned long flags; 2193 int retval = 0; 2194 2195 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync")) 2196 goto out; 2197 2198 retval = fasync_helper(fd, filp, on, &tty->fasync); 2199 if (retval <= 0) 2200 goto out; 2201 2202 ldisc = tty_ldisc_ref(tty); 2203 if (ldisc) { 2204 if (ldisc->ops->fasync) 2205 ldisc->ops->fasync(tty, on); 2206 tty_ldisc_deref(ldisc); 2207 } 2208 2209 if (on) { 2210 enum pid_type type; 2211 struct pid *pid; 2212 2213 spin_lock_irqsave(&tty->ctrl_lock, flags); 2214 if (tty->pgrp) { 2215 pid = tty->pgrp; 2216 type = PIDTYPE_PGID; 2217 } else { 2218 pid = task_pid(current); 2219 type = PIDTYPE_PID; 2220 } 2221 get_pid(pid); 2222 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2223 __f_setown(filp, pid, type, 0); 2224 put_pid(pid); 2225 retval = 0; 2226 } 2227 out: 2228 return retval; 2229 } 2230 2231 static int tty_fasync(int fd, struct file *filp, int on) 2232 { 2233 struct tty_struct *tty = file_tty(filp); 2234 int retval; 2235 2236 tty_lock(tty); 2237 retval = __tty_fasync(fd, filp, on); 2238 tty_unlock(tty); 2239 2240 return retval; 2241 } 2242 2243 /** 2244 * tiocsti - fake input character 2245 * @tty: tty to fake input into 2246 * @p: pointer to character 2247 * 2248 * Fake input to a tty device. Does the necessary locking and 2249 * input management. 2250 * 2251 * FIXME: does not honour flow control ?? 2252 * 2253 * Locking: 2254 * Called functions take tty_ldiscs_lock 2255 * current->signal->tty check is safe without locks 2256 * 2257 * FIXME: may race normal receive processing 2258 */ 2259 2260 static int tiocsti(struct tty_struct *tty, char __user *p) 2261 { 2262 char ch, mbz = 0; 2263 struct tty_ldisc *ld; 2264 2265 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2266 return -EPERM; 2267 if (get_user(ch, p)) 2268 return -EFAULT; 2269 tty_audit_tiocsti(tty, ch); 2270 ld = tty_ldisc_ref_wait(tty); 2271 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2272 tty_ldisc_deref(ld); 2273 return 0; 2274 } 2275 2276 /** 2277 * tiocgwinsz - implement window query ioctl 2278 * @tty; tty 2279 * @arg: user buffer for result 2280 * 2281 * Copies the kernel idea of the window size into the user buffer. 2282 * 2283 * Locking: tty->winsize_mutex is taken to ensure the winsize data 2284 * is consistent. 2285 */ 2286 2287 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2288 { 2289 int err; 2290 2291 mutex_lock(&tty->winsize_mutex); 2292 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2293 mutex_unlock(&tty->winsize_mutex); 2294 2295 return err ? -EFAULT: 0; 2296 } 2297 2298 /** 2299 * tty_do_resize - resize event 2300 * @tty: tty being resized 2301 * @rows: rows (character) 2302 * @cols: cols (character) 2303 * 2304 * Update the termios variables and send the necessary signals to 2305 * peform a terminal resize correctly 2306 */ 2307 2308 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2309 { 2310 struct pid *pgrp; 2311 2312 /* Lock the tty */ 2313 mutex_lock(&tty->winsize_mutex); 2314 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2315 goto done; 2316 2317 /* Signal the foreground process group */ 2318 pgrp = tty_get_pgrp(tty); 2319 if (pgrp) 2320 kill_pgrp(pgrp, SIGWINCH, 1); 2321 put_pid(pgrp); 2322 2323 tty->winsize = *ws; 2324 done: 2325 mutex_unlock(&tty->winsize_mutex); 2326 return 0; 2327 } 2328 EXPORT_SYMBOL(tty_do_resize); 2329 2330 /** 2331 * tiocswinsz - implement window size set ioctl 2332 * @tty; tty side of tty 2333 * @arg: user buffer for result 2334 * 2335 * Copies the user idea of the window size to the kernel. Traditionally 2336 * this is just advisory information but for the Linux console it 2337 * actually has driver level meaning and triggers a VC resize. 2338 * 2339 * Locking: 2340 * Driver dependent. The default do_resize method takes the 2341 * tty termios mutex and ctrl_lock. The console takes its own lock 2342 * then calls into the default method. 2343 */ 2344 2345 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2346 { 2347 struct winsize tmp_ws; 2348 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2349 return -EFAULT; 2350 2351 if (tty->ops->resize) 2352 return tty->ops->resize(tty, &tmp_ws); 2353 else 2354 return tty_do_resize(tty, &tmp_ws); 2355 } 2356 2357 /** 2358 * tioccons - allow admin to move logical console 2359 * @file: the file to become console 2360 * 2361 * Allow the administrator to move the redirected console device 2362 * 2363 * Locking: uses redirect_lock to guard the redirect information 2364 */ 2365 2366 static int tioccons(struct file *file) 2367 { 2368 if (!capable(CAP_SYS_ADMIN)) 2369 return -EPERM; 2370 if (file->f_op->write == redirected_tty_write) { 2371 struct file *f; 2372 spin_lock(&redirect_lock); 2373 f = redirect; 2374 redirect = NULL; 2375 spin_unlock(&redirect_lock); 2376 if (f) 2377 fput(f); 2378 return 0; 2379 } 2380 spin_lock(&redirect_lock); 2381 if (redirect) { 2382 spin_unlock(&redirect_lock); 2383 return -EBUSY; 2384 } 2385 redirect = get_file(file); 2386 spin_unlock(&redirect_lock); 2387 return 0; 2388 } 2389 2390 /** 2391 * fionbio - non blocking ioctl 2392 * @file: file to set blocking value 2393 * @p: user parameter 2394 * 2395 * Historical tty interfaces had a blocking control ioctl before 2396 * the generic functionality existed. This piece of history is preserved 2397 * in the expected tty API of posix OS's. 2398 * 2399 * Locking: none, the open file handle ensures it won't go away. 2400 */ 2401 2402 static int fionbio(struct file *file, int __user *p) 2403 { 2404 int nonblock; 2405 2406 if (get_user(nonblock, p)) 2407 return -EFAULT; 2408 2409 spin_lock(&file->f_lock); 2410 if (nonblock) 2411 file->f_flags |= O_NONBLOCK; 2412 else 2413 file->f_flags &= ~O_NONBLOCK; 2414 spin_unlock(&file->f_lock); 2415 return 0; 2416 } 2417 2418 /** 2419 * tiocsctty - set controlling tty 2420 * @tty: tty structure 2421 * @arg: user argument 2422 * 2423 * This ioctl is used to manage job control. It permits a session 2424 * leader to set this tty as the controlling tty for the session. 2425 * 2426 * Locking: 2427 * Takes tty_lock() to serialize proc_set_tty() for this tty 2428 * Takes tasklist_lock internally to walk sessions 2429 * Takes ->siglock() when updating signal->tty 2430 */ 2431 2432 static int tiocsctty(struct tty_struct *tty, int arg) 2433 { 2434 int ret = 0; 2435 2436 tty_lock(tty); 2437 read_lock(&tasklist_lock); 2438 2439 if (current->signal->leader && (task_session(current) == tty->session)) 2440 goto unlock; 2441 2442 /* 2443 * The process must be a session leader and 2444 * not have a controlling tty already. 2445 */ 2446 if (!current->signal->leader || current->signal->tty) { 2447 ret = -EPERM; 2448 goto unlock; 2449 } 2450 2451 if (tty->session) { 2452 /* 2453 * This tty is already the controlling 2454 * tty for another session group! 2455 */ 2456 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2457 /* 2458 * Steal it away 2459 */ 2460 session_clear_tty(tty->session); 2461 } else { 2462 ret = -EPERM; 2463 goto unlock; 2464 } 2465 } 2466 proc_set_tty(tty); 2467 unlock: 2468 read_unlock(&tasklist_lock); 2469 tty_unlock(tty); 2470 return ret; 2471 } 2472 2473 /** 2474 * tty_get_pgrp - return a ref counted pgrp pid 2475 * @tty: tty to read 2476 * 2477 * Returns a refcounted instance of the pid struct for the process 2478 * group controlling the tty. 2479 */ 2480 2481 struct pid *tty_get_pgrp(struct tty_struct *tty) 2482 { 2483 unsigned long flags; 2484 struct pid *pgrp; 2485 2486 spin_lock_irqsave(&tty->ctrl_lock, flags); 2487 pgrp = get_pid(tty->pgrp); 2488 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2489 2490 return pgrp; 2491 } 2492 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2493 2494 /* 2495 * This checks not only the pgrp, but falls back on the pid if no 2496 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly 2497 * without this... 2498 * 2499 * The caller must hold rcu lock or the tasklist lock. 2500 */ 2501 static struct pid *session_of_pgrp(struct pid *pgrp) 2502 { 2503 struct task_struct *p; 2504 struct pid *sid = NULL; 2505 2506 p = pid_task(pgrp, PIDTYPE_PGID); 2507 if (p == NULL) 2508 p = pid_task(pgrp, PIDTYPE_PID); 2509 if (p != NULL) 2510 sid = task_session(p); 2511 2512 return sid; 2513 } 2514 2515 /** 2516 * tiocgpgrp - get process group 2517 * @tty: tty passed by user 2518 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2519 * @p: returned pid 2520 * 2521 * Obtain the process group of the tty. If there is no process group 2522 * return an error. 2523 * 2524 * Locking: none. Reference to current->signal->tty is safe. 2525 */ 2526 2527 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2528 { 2529 struct pid *pid; 2530 int ret; 2531 /* 2532 * (tty == real_tty) is a cheap way of 2533 * testing if the tty is NOT a master pty. 2534 */ 2535 if (tty == real_tty && current->signal->tty != real_tty) 2536 return -ENOTTY; 2537 pid = tty_get_pgrp(real_tty); 2538 ret = put_user(pid_vnr(pid), p); 2539 put_pid(pid); 2540 return ret; 2541 } 2542 2543 /** 2544 * tiocspgrp - attempt to set process group 2545 * @tty: tty passed by user 2546 * @real_tty: tty side device matching tty passed by user 2547 * @p: pid pointer 2548 * 2549 * Set the process group of the tty to the session passed. Only 2550 * permitted where the tty session is our session. 2551 * 2552 * Locking: RCU, ctrl lock 2553 */ 2554 2555 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2556 { 2557 struct pid *pgrp; 2558 pid_t pgrp_nr; 2559 int retval = tty_check_change(real_tty); 2560 unsigned long flags; 2561 2562 if (retval == -EIO) 2563 return -ENOTTY; 2564 if (retval) 2565 return retval; 2566 if (!current->signal->tty || 2567 (current->signal->tty != real_tty) || 2568 (real_tty->session != task_session(current))) 2569 return -ENOTTY; 2570 if (get_user(pgrp_nr, p)) 2571 return -EFAULT; 2572 if (pgrp_nr < 0) 2573 return -EINVAL; 2574 rcu_read_lock(); 2575 pgrp = find_vpid(pgrp_nr); 2576 retval = -ESRCH; 2577 if (!pgrp) 2578 goto out_unlock; 2579 retval = -EPERM; 2580 if (session_of_pgrp(pgrp) != task_session(current)) 2581 goto out_unlock; 2582 retval = 0; 2583 spin_lock_irqsave(&tty->ctrl_lock, flags); 2584 put_pid(real_tty->pgrp); 2585 real_tty->pgrp = get_pid(pgrp); 2586 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2587 out_unlock: 2588 rcu_read_unlock(); 2589 return retval; 2590 } 2591 2592 /** 2593 * tiocgsid - get session id 2594 * @tty: tty passed by user 2595 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2596 * @p: pointer to returned session id 2597 * 2598 * Obtain the session id of the tty. If there is no session 2599 * return an error. 2600 * 2601 * Locking: none. Reference to current->signal->tty is safe. 2602 */ 2603 2604 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2605 { 2606 /* 2607 * (tty == real_tty) is a cheap way of 2608 * testing if the tty is NOT a master pty. 2609 */ 2610 if (tty == real_tty && current->signal->tty != real_tty) 2611 return -ENOTTY; 2612 if (!real_tty->session) 2613 return -ENOTTY; 2614 return put_user(pid_vnr(real_tty->session), p); 2615 } 2616 2617 /** 2618 * tiocsetd - set line discipline 2619 * @tty: tty device 2620 * @p: pointer to user data 2621 * 2622 * Set the line discipline according to user request. 2623 * 2624 * Locking: see tty_set_ldisc, this function is just a helper 2625 */ 2626 2627 static int tiocsetd(struct tty_struct *tty, int __user *p) 2628 { 2629 int ldisc; 2630 int ret; 2631 2632 if (get_user(ldisc, p)) 2633 return -EFAULT; 2634 2635 ret = tty_set_ldisc(tty, ldisc); 2636 2637 return ret; 2638 } 2639 2640 /** 2641 * send_break - performed time break 2642 * @tty: device to break on 2643 * @duration: timeout in mS 2644 * 2645 * Perform a timed break on hardware that lacks its own driver level 2646 * timed break functionality. 2647 * 2648 * Locking: 2649 * atomic_write_lock serializes 2650 * 2651 */ 2652 2653 static int send_break(struct tty_struct *tty, unsigned int duration) 2654 { 2655 int retval; 2656 2657 if (tty->ops->break_ctl == NULL) 2658 return 0; 2659 2660 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2661 retval = tty->ops->break_ctl(tty, duration); 2662 else { 2663 /* Do the work ourselves */ 2664 if (tty_write_lock(tty, 0) < 0) 2665 return -EINTR; 2666 retval = tty->ops->break_ctl(tty, -1); 2667 if (retval) 2668 goto out; 2669 if (!signal_pending(current)) 2670 msleep_interruptible(duration); 2671 retval = tty->ops->break_ctl(tty, 0); 2672 out: 2673 tty_write_unlock(tty); 2674 if (signal_pending(current)) 2675 retval = -EINTR; 2676 } 2677 return retval; 2678 } 2679 2680 /** 2681 * tty_tiocmget - get modem status 2682 * @tty: tty device 2683 * @file: user file pointer 2684 * @p: pointer to result 2685 * 2686 * Obtain the modem status bits from the tty driver if the feature 2687 * is supported. Return -EINVAL if it is not available. 2688 * 2689 * Locking: none (up to the driver) 2690 */ 2691 2692 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2693 { 2694 int retval = -EINVAL; 2695 2696 if (tty->ops->tiocmget) { 2697 retval = tty->ops->tiocmget(tty); 2698 2699 if (retval >= 0) 2700 retval = put_user(retval, p); 2701 } 2702 return retval; 2703 } 2704 2705 /** 2706 * tty_tiocmset - set modem status 2707 * @tty: tty device 2708 * @cmd: command - clear bits, set bits or set all 2709 * @p: pointer to desired bits 2710 * 2711 * Set the modem status bits from the tty driver if the feature 2712 * is supported. Return -EINVAL if it is not available. 2713 * 2714 * Locking: none (up to the driver) 2715 */ 2716 2717 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2718 unsigned __user *p) 2719 { 2720 int retval; 2721 unsigned int set, clear, val; 2722 2723 if (tty->ops->tiocmset == NULL) 2724 return -EINVAL; 2725 2726 retval = get_user(val, p); 2727 if (retval) 2728 return retval; 2729 set = clear = 0; 2730 switch (cmd) { 2731 case TIOCMBIS: 2732 set = val; 2733 break; 2734 case TIOCMBIC: 2735 clear = val; 2736 break; 2737 case TIOCMSET: 2738 set = val; 2739 clear = ~val; 2740 break; 2741 } 2742 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2743 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2744 return tty->ops->tiocmset(tty, set, clear); 2745 } 2746 2747 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2748 { 2749 int retval = -EINVAL; 2750 struct serial_icounter_struct icount; 2751 memset(&icount, 0, sizeof(icount)); 2752 if (tty->ops->get_icount) 2753 retval = tty->ops->get_icount(tty, &icount); 2754 if (retval != 0) 2755 return retval; 2756 if (copy_to_user(arg, &icount, sizeof(icount))) 2757 return -EFAULT; 2758 return 0; 2759 } 2760 2761 static void tty_warn_deprecated_flags(struct serial_struct __user *ss) 2762 { 2763 static DEFINE_RATELIMIT_STATE(depr_flags, 2764 DEFAULT_RATELIMIT_INTERVAL, 2765 DEFAULT_RATELIMIT_BURST); 2766 char comm[TASK_COMM_LEN]; 2767 int flags; 2768 2769 if (get_user(flags, &ss->flags)) 2770 return; 2771 2772 flags &= ASYNC_DEPRECATED; 2773 2774 if (flags && __ratelimit(&depr_flags)) 2775 pr_warning("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n", 2776 __func__, get_task_comm(comm, current), flags); 2777 } 2778 2779 /* 2780 * if pty, return the slave side (real_tty) 2781 * otherwise, return self 2782 */ 2783 static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2784 { 2785 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2786 tty->driver->subtype == PTY_TYPE_MASTER) 2787 tty = tty->link; 2788 return tty; 2789 } 2790 2791 /* 2792 * Split this up, as gcc can choke on it otherwise.. 2793 */ 2794 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2795 { 2796 struct tty_struct *tty = file_tty(file); 2797 struct tty_struct *real_tty; 2798 void __user *p = (void __user *)arg; 2799 int retval; 2800 struct tty_ldisc *ld; 2801 2802 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2803 return -EINVAL; 2804 2805 real_tty = tty_pair_get_tty(tty); 2806 2807 /* 2808 * Factor out some common prep work 2809 */ 2810 switch (cmd) { 2811 case TIOCSETD: 2812 case TIOCSBRK: 2813 case TIOCCBRK: 2814 case TCSBRK: 2815 case TCSBRKP: 2816 retval = tty_check_change(tty); 2817 if (retval) 2818 return retval; 2819 if (cmd != TIOCCBRK) { 2820 tty_wait_until_sent(tty, 0); 2821 if (signal_pending(current)) 2822 return -EINTR; 2823 } 2824 break; 2825 } 2826 2827 /* 2828 * Now do the stuff. 2829 */ 2830 switch (cmd) { 2831 case TIOCSTI: 2832 return tiocsti(tty, p); 2833 case TIOCGWINSZ: 2834 return tiocgwinsz(real_tty, p); 2835 case TIOCSWINSZ: 2836 return tiocswinsz(real_tty, p); 2837 case TIOCCONS: 2838 return real_tty != tty ? -EINVAL : tioccons(file); 2839 case FIONBIO: 2840 return fionbio(file, p); 2841 case TIOCEXCL: 2842 set_bit(TTY_EXCLUSIVE, &tty->flags); 2843 return 0; 2844 case TIOCNXCL: 2845 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2846 return 0; 2847 case TIOCGEXCL: 2848 { 2849 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags); 2850 return put_user(excl, (int __user *)p); 2851 } 2852 case TIOCNOTTY: 2853 if (current->signal->tty != tty) 2854 return -ENOTTY; 2855 no_tty(); 2856 return 0; 2857 case TIOCSCTTY: 2858 return tiocsctty(tty, arg); 2859 case TIOCGPGRP: 2860 return tiocgpgrp(tty, real_tty, p); 2861 case TIOCSPGRP: 2862 return tiocspgrp(tty, real_tty, p); 2863 case TIOCGSID: 2864 return tiocgsid(tty, real_tty, p); 2865 case TIOCGETD: 2866 return put_user(tty->ldisc->ops->num, (int __user *)p); 2867 case TIOCSETD: 2868 return tiocsetd(tty, p); 2869 case TIOCVHANGUP: 2870 if (!capable(CAP_SYS_ADMIN)) 2871 return -EPERM; 2872 tty_vhangup(tty); 2873 return 0; 2874 case TIOCGDEV: 2875 { 2876 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2877 return put_user(ret, (unsigned int __user *)p); 2878 } 2879 /* 2880 * Break handling 2881 */ 2882 case TIOCSBRK: /* Turn break on, unconditionally */ 2883 if (tty->ops->break_ctl) 2884 return tty->ops->break_ctl(tty, -1); 2885 return 0; 2886 case TIOCCBRK: /* Turn break off, unconditionally */ 2887 if (tty->ops->break_ctl) 2888 return tty->ops->break_ctl(tty, 0); 2889 return 0; 2890 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2891 /* non-zero arg means wait for all output data 2892 * to be sent (performed above) but don't send break. 2893 * This is used by the tcdrain() termios function. 2894 */ 2895 if (!arg) 2896 return send_break(tty, 250); 2897 return 0; 2898 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2899 return send_break(tty, arg ? arg*100 : 250); 2900 2901 case TIOCMGET: 2902 return tty_tiocmget(tty, p); 2903 case TIOCMSET: 2904 case TIOCMBIC: 2905 case TIOCMBIS: 2906 return tty_tiocmset(tty, cmd, p); 2907 case TIOCGICOUNT: 2908 retval = tty_tiocgicount(tty, p); 2909 /* For the moment allow fall through to the old method */ 2910 if (retval != -EINVAL) 2911 return retval; 2912 break; 2913 case TCFLSH: 2914 switch (arg) { 2915 case TCIFLUSH: 2916 case TCIOFLUSH: 2917 /* flush tty buffer and allow ldisc to process ioctl */ 2918 tty_buffer_flush(tty, NULL); 2919 break; 2920 } 2921 break; 2922 case TIOCSSERIAL: 2923 tty_warn_deprecated_flags(p); 2924 break; 2925 } 2926 if (tty->ops->ioctl) { 2927 retval = tty->ops->ioctl(tty, cmd, arg); 2928 if (retval != -ENOIOCTLCMD) 2929 return retval; 2930 } 2931 ld = tty_ldisc_ref_wait(tty); 2932 retval = -EINVAL; 2933 if (ld->ops->ioctl) { 2934 retval = ld->ops->ioctl(tty, file, cmd, arg); 2935 if (retval == -ENOIOCTLCMD) 2936 retval = -ENOTTY; 2937 } 2938 tty_ldisc_deref(ld); 2939 return retval; 2940 } 2941 2942 #ifdef CONFIG_COMPAT 2943 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2944 unsigned long arg) 2945 { 2946 struct tty_struct *tty = file_tty(file); 2947 struct tty_ldisc *ld; 2948 int retval = -ENOIOCTLCMD; 2949 2950 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2951 return -EINVAL; 2952 2953 if (tty->ops->compat_ioctl) { 2954 retval = tty->ops->compat_ioctl(tty, cmd, arg); 2955 if (retval != -ENOIOCTLCMD) 2956 return retval; 2957 } 2958 2959 ld = tty_ldisc_ref_wait(tty); 2960 if (ld->ops->compat_ioctl) 2961 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2962 else 2963 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 2964 tty_ldisc_deref(ld); 2965 2966 return retval; 2967 } 2968 #endif 2969 2970 static int this_tty(const void *t, struct file *file, unsigned fd) 2971 { 2972 if (likely(file->f_op->read != tty_read)) 2973 return 0; 2974 return file_tty(file) != t ? 0 : fd + 1; 2975 } 2976 2977 /* 2978 * This implements the "Secure Attention Key" --- the idea is to 2979 * prevent trojan horses by killing all processes associated with this 2980 * tty when the user hits the "Secure Attention Key". Required for 2981 * super-paranoid applications --- see the Orange Book for more details. 2982 * 2983 * This code could be nicer; ideally it should send a HUP, wait a few 2984 * seconds, then send a INT, and then a KILL signal. But you then 2985 * have to coordinate with the init process, since all processes associated 2986 * with the current tty must be dead before the new getty is allowed 2987 * to spawn. 2988 * 2989 * Now, if it would be correct ;-/ The current code has a nasty hole - 2990 * it doesn't catch files in flight. We may send the descriptor to ourselves 2991 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2992 * 2993 * Nasty bug: do_SAK is being called in interrupt context. This can 2994 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2995 */ 2996 void __do_SAK(struct tty_struct *tty) 2997 { 2998 #ifdef TTY_SOFT_SAK 2999 tty_hangup(tty); 3000 #else 3001 struct task_struct *g, *p; 3002 struct pid *session; 3003 int i; 3004 3005 if (!tty) 3006 return; 3007 session = tty->session; 3008 3009 tty_ldisc_flush(tty); 3010 3011 tty_driver_flush_buffer(tty); 3012 3013 read_lock(&tasklist_lock); 3014 /* Kill the entire session */ 3015 do_each_pid_task(session, PIDTYPE_SID, p) { 3016 printk(KERN_NOTICE "SAK: killed process %d" 3017 " (%s): task_session(p)==tty->session\n", 3018 task_pid_nr(p), p->comm); 3019 send_sig(SIGKILL, p, 1); 3020 } while_each_pid_task(session, PIDTYPE_SID, p); 3021 /* Now kill any processes that happen to have the 3022 * tty open. 3023 */ 3024 do_each_thread(g, p) { 3025 if (p->signal->tty == tty) { 3026 printk(KERN_NOTICE "SAK: killed process %d" 3027 " (%s): task_session(p)==tty->session\n", 3028 task_pid_nr(p), p->comm); 3029 send_sig(SIGKILL, p, 1); 3030 continue; 3031 } 3032 task_lock(p); 3033 i = iterate_fd(p->files, 0, this_tty, tty); 3034 if (i != 0) { 3035 printk(KERN_NOTICE "SAK: killed process %d" 3036 " (%s): fd#%d opened to the tty\n", 3037 task_pid_nr(p), p->comm, i - 1); 3038 force_sig(SIGKILL, p); 3039 } 3040 task_unlock(p); 3041 } while_each_thread(g, p); 3042 read_unlock(&tasklist_lock); 3043 #endif 3044 } 3045 3046 static void do_SAK_work(struct work_struct *work) 3047 { 3048 struct tty_struct *tty = 3049 container_of(work, struct tty_struct, SAK_work); 3050 __do_SAK(tty); 3051 } 3052 3053 /* 3054 * The tq handling here is a little racy - tty->SAK_work may already be queued. 3055 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 3056 * the values which we write to it will be identical to the values which it 3057 * already has. --akpm 3058 */ 3059 void do_SAK(struct tty_struct *tty) 3060 { 3061 if (!tty) 3062 return; 3063 schedule_work(&tty->SAK_work); 3064 } 3065 3066 EXPORT_SYMBOL(do_SAK); 3067 3068 static int dev_match_devt(struct device *dev, const void *data) 3069 { 3070 const dev_t *devt = data; 3071 return dev->devt == *devt; 3072 } 3073 3074 /* Must put_device() after it's unused! */ 3075 static struct device *tty_get_device(struct tty_struct *tty) 3076 { 3077 dev_t devt = tty_devnum(tty); 3078 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 3079 } 3080 3081 3082 /** 3083 * alloc_tty_struct 3084 * 3085 * This subroutine allocates and initializes a tty structure. 3086 * 3087 * Locking: none - tty in question is not exposed at this point 3088 */ 3089 3090 struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) 3091 { 3092 struct tty_struct *tty; 3093 3094 tty = kzalloc(sizeof(*tty), GFP_KERNEL); 3095 if (!tty) 3096 return NULL; 3097 3098 kref_init(&tty->kref); 3099 tty->magic = TTY_MAGIC; 3100 tty_ldisc_init(tty); 3101 tty->session = NULL; 3102 tty->pgrp = NULL; 3103 mutex_init(&tty->legacy_mutex); 3104 mutex_init(&tty->throttle_mutex); 3105 init_rwsem(&tty->termios_rwsem); 3106 mutex_init(&tty->winsize_mutex); 3107 init_ldsem(&tty->ldisc_sem); 3108 init_waitqueue_head(&tty->write_wait); 3109 init_waitqueue_head(&tty->read_wait); 3110 INIT_WORK(&tty->hangup_work, do_tty_hangup); 3111 mutex_init(&tty->atomic_write_lock); 3112 spin_lock_init(&tty->ctrl_lock); 3113 spin_lock_init(&tty->flow_lock); 3114 INIT_LIST_HEAD(&tty->tty_files); 3115 INIT_WORK(&tty->SAK_work, do_SAK_work); 3116 3117 tty->driver = driver; 3118 tty->ops = driver->ops; 3119 tty->index = idx; 3120 tty_line_name(driver, idx, tty->name); 3121 tty->dev = tty_get_device(tty); 3122 3123 return tty; 3124 } 3125 3126 /** 3127 * deinitialize_tty_struct 3128 * @tty: tty to deinitialize 3129 * 3130 * This subroutine deinitializes a tty structure that has been newly 3131 * allocated but tty_release cannot be called on that yet. 3132 * 3133 * Locking: none - tty in question must not be exposed at this point 3134 */ 3135 void deinitialize_tty_struct(struct tty_struct *tty) 3136 { 3137 tty_ldisc_deinit(tty); 3138 } 3139 3140 /** 3141 * tty_put_char - write one character to a tty 3142 * @tty: tty 3143 * @ch: character 3144 * 3145 * Write one byte to the tty using the provided put_char method 3146 * if present. Returns the number of characters successfully output. 3147 * 3148 * Note: the specific put_char operation in the driver layer may go 3149 * away soon. Don't call it directly, use this method 3150 */ 3151 3152 int tty_put_char(struct tty_struct *tty, unsigned char ch) 3153 { 3154 if (tty->ops->put_char) 3155 return tty->ops->put_char(tty, ch); 3156 return tty->ops->write(tty, &ch, 1); 3157 } 3158 EXPORT_SYMBOL_GPL(tty_put_char); 3159 3160 struct class *tty_class; 3161 3162 static int tty_cdev_add(struct tty_driver *driver, dev_t dev, 3163 unsigned int index, unsigned int count) 3164 { 3165 /* init here, since reused cdevs cause crashes */ 3166 cdev_init(&driver->cdevs[index], &tty_fops); 3167 driver->cdevs[index].owner = driver->owner; 3168 return cdev_add(&driver->cdevs[index], dev, count); 3169 } 3170 3171 /** 3172 * tty_register_device - register a tty device 3173 * @driver: the tty driver that describes the tty device 3174 * @index: the index in the tty driver for this tty device 3175 * @device: a struct device that is associated with this tty device. 3176 * This field is optional, if there is no known struct device 3177 * for this tty device it can be set to NULL safely. 3178 * 3179 * Returns a pointer to the struct device for this tty device 3180 * (or ERR_PTR(-EFOO) on error). 3181 * 3182 * This call is required to be made to register an individual tty device 3183 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3184 * that bit is not set, this function should not be called by a tty 3185 * driver. 3186 * 3187 * Locking: ?? 3188 */ 3189 3190 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3191 struct device *device) 3192 { 3193 return tty_register_device_attr(driver, index, device, NULL, NULL); 3194 } 3195 EXPORT_SYMBOL(tty_register_device); 3196 3197 static void tty_device_create_release(struct device *dev) 3198 { 3199 pr_debug("device: '%s': %s\n", dev_name(dev), __func__); 3200 kfree(dev); 3201 } 3202 3203 /** 3204 * tty_register_device_attr - register a tty device 3205 * @driver: the tty driver that describes the tty device 3206 * @index: the index in the tty driver for this tty device 3207 * @device: a struct device that is associated with this tty device. 3208 * This field is optional, if there is no known struct device 3209 * for this tty device it can be set to NULL safely. 3210 * @drvdata: Driver data to be set to device. 3211 * @attr_grp: Attribute group to be set on device. 3212 * 3213 * Returns a pointer to the struct device for this tty device 3214 * (or ERR_PTR(-EFOO) on error). 3215 * 3216 * This call is required to be made to register an individual tty device 3217 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3218 * that bit is not set, this function should not be called by a tty 3219 * driver. 3220 * 3221 * Locking: ?? 3222 */ 3223 struct device *tty_register_device_attr(struct tty_driver *driver, 3224 unsigned index, struct device *device, 3225 void *drvdata, 3226 const struct attribute_group **attr_grp) 3227 { 3228 char name[64]; 3229 dev_t devt = MKDEV(driver->major, driver->minor_start) + index; 3230 struct device *dev = NULL; 3231 int retval = -ENODEV; 3232 bool cdev = false; 3233 3234 if (index >= driver->num) { 3235 printk(KERN_ERR "Attempt to register invalid tty line number " 3236 " (%d).\n", index); 3237 return ERR_PTR(-EINVAL); 3238 } 3239 3240 if (driver->type == TTY_DRIVER_TYPE_PTY) 3241 pty_line_name(driver, index, name); 3242 else 3243 tty_line_name(driver, index, name); 3244 3245 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3246 retval = tty_cdev_add(driver, devt, index, 1); 3247 if (retval) 3248 goto error; 3249 cdev = true; 3250 } 3251 3252 dev = kzalloc(sizeof(*dev), GFP_KERNEL); 3253 if (!dev) { 3254 retval = -ENOMEM; 3255 goto error; 3256 } 3257 3258 dev->devt = devt; 3259 dev->class = tty_class; 3260 dev->parent = device; 3261 dev->release = tty_device_create_release; 3262 dev_set_name(dev, "%s", name); 3263 dev->groups = attr_grp; 3264 dev_set_drvdata(dev, drvdata); 3265 3266 retval = device_register(dev); 3267 if (retval) 3268 goto error; 3269 3270 return dev; 3271 3272 error: 3273 put_device(dev); 3274 if (cdev) 3275 cdev_del(&driver->cdevs[index]); 3276 return ERR_PTR(retval); 3277 } 3278 EXPORT_SYMBOL_GPL(tty_register_device_attr); 3279 3280 /** 3281 * tty_unregister_device - unregister a tty device 3282 * @driver: the tty driver that describes the tty device 3283 * @index: the index in the tty driver for this tty device 3284 * 3285 * If a tty device is registered with a call to tty_register_device() then 3286 * this function must be called when the tty device is gone. 3287 * 3288 * Locking: ?? 3289 */ 3290 3291 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3292 { 3293 device_destroy(tty_class, 3294 MKDEV(driver->major, driver->minor_start) + index); 3295 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) 3296 cdev_del(&driver->cdevs[index]); 3297 } 3298 EXPORT_SYMBOL(tty_unregister_device); 3299 3300 /** 3301 * __tty_alloc_driver -- allocate tty driver 3302 * @lines: count of lines this driver can handle at most 3303 * @owner: module which is repsonsible for this driver 3304 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags 3305 * 3306 * This should not be called directly, some of the provided macros should be 3307 * used instead. Use IS_ERR and friends on @retval. 3308 */ 3309 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner, 3310 unsigned long flags) 3311 { 3312 struct tty_driver *driver; 3313 unsigned int cdevs = 1; 3314 int err; 3315 3316 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1)) 3317 return ERR_PTR(-EINVAL); 3318 3319 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3320 if (!driver) 3321 return ERR_PTR(-ENOMEM); 3322 3323 kref_init(&driver->kref); 3324 driver->magic = TTY_DRIVER_MAGIC; 3325 driver->num = lines; 3326 driver->owner = owner; 3327 driver->flags = flags; 3328 3329 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) { 3330 driver->ttys = kcalloc(lines, sizeof(*driver->ttys), 3331 GFP_KERNEL); 3332 driver->termios = kcalloc(lines, sizeof(*driver->termios), 3333 GFP_KERNEL); 3334 if (!driver->ttys || !driver->termios) { 3335 err = -ENOMEM; 3336 goto err_free_all; 3337 } 3338 } 3339 3340 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3341 driver->ports = kcalloc(lines, sizeof(*driver->ports), 3342 GFP_KERNEL); 3343 if (!driver->ports) { 3344 err = -ENOMEM; 3345 goto err_free_all; 3346 } 3347 cdevs = lines; 3348 } 3349 3350 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL); 3351 if (!driver->cdevs) { 3352 err = -ENOMEM; 3353 goto err_free_all; 3354 } 3355 3356 return driver; 3357 err_free_all: 3358 kfree(driver->ports); 3359 kfree(driver->ttys); 3360 kfree(driver->termios); 3361 kfree(driver); 3362 return ERR_PTR(err); 3363 } 3364 EXPORT_SYMBOL(__tty_alloc_driver); 3365 3366 static void destruct_tty_driver(struct kref *kref) 3367 { 3368 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3369 int i; 3370 struct ktermios *tp; 3371 3372 if (driver->flags & TTY_DRIVER_INSTALLED) { 3373 /* 3374 * Free the termios and termios_locked structures because 3375 * we don't want to get memory leaks when modular tty 3376 * drivers are removed from the kernel. 3377 */ 3378 for (i = 0; i < driver->num; i++) { 3379 tp = driver->termios[i]; 3380 if (tp) { 3381 driver->termios[i] = NULL; 3382 kfree(tp); 3383 } 3384 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3385 tty_unregister_device(driver, i); 3386 } 3387 proc_tty_unregister_driver(driver); 3388 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) 3389 cdev_del(&driver->cdevs[0]); 3390 } 3391 kfree(driver->cdevs); 3392 kfree(driver->ports); 3393 kfree(driver->termios); 3394 kfree(driver->ttys); 3395 kfree(driver); 3396 } 3397 3398 void tty_driver_kref_put(struct tty_driver *driver) 3399 { 3400 kref_put(&driver->kref, destruct_tty_driver); 3401 } 3402 EXPORT_SYMBOL(tty_driver_kref_put); 3403 3404 void tty_set_operations(struct tty_driver *driver, 3405 const struct tty_operations *op) 3406 { 3407 driver->ops = op; 3408 }; 3409 EXPORT_SYMBOL(tty_set_operations); 3410 3411 void put_tty_driver(struct tty_driver *d) 3412 { 3413 tty_driver_kref_put(d); 3414 } 3415 EXPORT_SYMBOL(put_tty_driver); 3416 3417 /* 3418 * Called by a tty driver to register itself. 3419 */ 3420 int tty_register_driver(struct tty_driver *driver) 3421 { 3422 int error; 3423 int i; 3424 dev_t dev; 3425 struct device *d; 3426 3427 if (!driver->major) { 3428 error = alloc_chrdev_region(&dev, driver->minor_start, 3429 driver->num, driver->name); 3430 if (!error) { 3431 driver->major = MAJOR(dev); 3432 driver->minor_start = MINOR(dev); 3433 } 3434 } else { 3435 dev = MKDEV(driver->major, driver->minor_start); 3436 error = register_chrdev_region(dev, driver->num, driver->name); 3437 } 3438 if (error < 0) 3439 goto err; 3440 3441 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) { 3442 error = tty_cdev_add(driver, dev, 0, driver->num); 3443 if (error) 3444 goto err_unreg_char; 3445 } 3446 3447 mutex_lock(&tty_mutex); 3448 list_add(&driver->tty_drivers, &tty_drivers); 3449 mutex_unlock(&tty_mutex); 3450 3451 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3452 for (i = 0; i < driver->num; i++) { 3453 d = tty_register_device(driver, i, NULL); 3454 if (IS_ERR(d)) { 3455 error = PTR_ERR(d); 3456 goto err_unreg_devs; 3457 } 3458 } 3459 } 3460 proc_tty_register_driver(driver); 3461 driver->flags |= TTY_DRIVER_INSTALLED; 3462 return 0; 3463 3464 err_unreg_devs: 3465 for (i--; i >= 0; i--) 3466 tty_unregister_device(driver, i); 3467 3468 mutex_lock(&tty_mutex); 3469 list_del(&driver->tty_drivers); 3470 mutex_unlock(&tty_mutex); 3471 3472 err_unreg_char: 3473 unregister_chrdev_region(dev, driver->num); 3474 err: 3475 return error; 3476 } 3477 EXPORT_SYMBOL(tty_register_driver); 3478 3479 /* 3480 * Called by a tty driver to unregister itself. 3481 */ 3482 int tty_unregister_driver(struct tty_driver *driver) 3483 { 3484 #if 0 3485 /* FIXME */ 3486 if (driver->refcount) 3487 return -EBUSY; 3488 #endif 3489 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3490 driver->num); 3491 mutex_lock(&tty_mutex); 3492 list_del(&driver->tty_drivers); 3493 mutex_unlock(&tty_mutex); 3494 return 0; 3495 } 3496 3497 EXPORT_SYMBOL(tty_unregister_driver); 3498 3499 dev_t tty_devnum(struct tty_struct *tty) 3500 { 3501 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3502 } 3503 EXPORT_SYMBOL(tty_devnum); 3504 3505 void tty_default_fops(struct file_operations *fops) 3506 { 3507 *fops = tty_fops; 3508 } 3509 3510 /* 3511 * Initialize the console device. This is called *early*, so 3512 * we can't necessarily depend on lots of kernel help here. 3513 * Just do some early initializations, and do the complex setup 3514 * later. 3515 */ 3516 void __init console_init(void) 3517 { 3518 initcall_t *call; 3519 3520 /* Setup the default TTY line discipline. */ 3521 tty_ldisc_begin(); 3522 3523 /* 3524 * set up the console device so that later boot sequences can 3525 * inform about problems etc.. 3526 */ 3527 call = __con_initcall_start; 3528 while (call < __con_initcall_end) { 3529 (*call)(); 3530 call++; 3531 } 3532 } 3533 3534 static char *tty_devnode(struct device *dev, umode_t *mode) 3535 { 3536 if (!mode) 3537 return NULL; 3538 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3539 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3540 *mode = 0666; 3541 return NULL; 3542 } 3543 3544 static int __init tty_class_init(void) 3545 { 3546 tty_class = class_create(THIS_MODULE, "tty"); 3547 if (IS_ERR(tty_class)) 3548 return PTR_ERR(tty_class); 3549 tty_class->devnode = tty_devnode; 3550 return 0; 3551 } 3552 3553 postcore_initcall(tty_class_init); 3554 3555 /* 3/2004 jmc: why do these devices exist? */ 3556 static struct cdev tty_cdev, console_cdev; 3557 3558 static ssize_t show_cons_active(struct device *dev, 3559 struct device_attribute *attr, char *buf) 3560 { 3561 struct console *cs[16]; 3562 int i = 0; 3563 struct console *c; 3564 ssize_t count = 0; 3565 3566 console_lock(); 3567 for_each_console(c) { 3568 if (!c->device) 3569 continue; 3570 if (!c->write) 3571 continue; 3572 if ((c->flags & CON_ENABLED) == 0) 3573 continue; 3574 cs[i++] = c; 3575 if (i >= ARRAY_SIZE(cs)) 3576 break; 3577 } 3578 while (i--) { 3579 int index = cs[i]->index; 3580 struct tty_driver *drv = cs[i]->device(cs[i], &index); 3581 3582 /* don't resolve tty0 as some programs depend on it */ 3583 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR)) 3584 count += tty_line_name(drv, index, buf + count); 3585 else 3586 count += sprintf(buf + count, "%s%d", 3587 cs[i]->name, cs[i]->index); 3588 3589 count += sprintf(buf + count, "%c", i ? ' ':'\n'); 3590 } 3591 console_unlock(); 3592 3593 return count; 3594 } 3595 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3596 3597 static struct device *consdev; 3598 3599 void console_sysfs_notify(void) 3600 { 3601 if (consdev) 3602 sysfs_notify(&consdev->kobj, NULL, "active"); 3603 } 3604 3605 /* 3606 * Ok, now we can initialize the rest of the tty devices and can count 3607 * on memory allocations, interrupts etc.. 3608 */ 3609 int __init tty_init(void) 3610 { 3611 cdev_init(&tty_cdev, &tty_fops); 3612 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3613 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3614 panic("Couldn't register /dev/tty driver\n"); 3615 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3616 3617 cdev_init(&console_cdev, &console_fops); 3618 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3619 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3620 panic("Couldn't register /dev/console driver\n"); 3621 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3622 "console"); 3623 if (IS_ERR(consdev)) 3624 consdev = NULL; 3625 else 3626 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3627 3628 #ifdef CONFIG_VT 3629 vty_init(&console_fops); 3630 #endif 3631 return 0; 3632 } 3633 3634