1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 110 #define TTY_PARANOIA_CHECK 1 111 #define CHECK_TTY_COUNT 1 112 113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 114 .c_iflag = ICRNL | IXON, 115 .c_oflag = OPOST | ONLCR, 116 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 118 ECHOCTL | ECHOKE | IEXTEN, 119 .c_cc = INIT_C_CC, 120 .c_ispeed = 38400, 121 .c_ospeed = 38400 122 }; 123 124 EXPORT_SYMBOL(tty_std_termios); 125 126 /* This list gets poked at by procfs and various bits of boot up code. This 127 could do with some rationalisation such as pulling the tty proc function 128 into this file */ 129 130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 131 132 /* Mutex to protect creating and releasing a tty. This is shared with 133 vt.c for deeply disgusting hack reasons */ 134 DEFINE_MUTEX(tty_mutex); 135 EXPORT_SYMBOL(tty_mutex); 136 137 /* Spinlock to protect the tty->tty_files list */ 138 DEFINE_SPINLOCK(tty_files_lock); 139 140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 142 ssize_t redirected_tty_write(struct file *, const char __user *, 143 size_t, loff_t *); 144 static unsigned int tty_poll(struct file *, poll_table *); 145 static int tty_open(struct inode *, struct file *); 146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 147 #ifdef CONFIG_COMPAT 148 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 149 unsigned long arg); 150 #else 151 #define tty_compat_ioctl NULL 152 #endif 153 static int __tty_fasync(int fd, struct file *filp, int on); 154 static int tty_fasync(int fd, struct file *filp, int on); 155 static void release_tty(struct tty_struct *tty, int idx); 156 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 157 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 159 /** 160 * alloc_tty_struct - allocate a tty object 161 * 162 * Return a new empty tty structure. The data fields have not 163 * been initialized in any way but has been zeroed 164 * 165 * Locking: none 166 */ 167 168 struct tty_struct *alloc_tty_struct(void) 169 { 170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 171 } 172 173 /** 174 * free_tty_struct - free a disused tty 175 * @tty: tty struct to free 176 * 177 * Free the write buffers, tty queue and tty memory itself. 178 * 179 * Locking: none. Must be called after tty is definitely unused 180 */ 181 182 void free_tty_struct(struct tty_struct *tty) 183 { 184 if (tty->dev) 185 put_device(tty->dev); 186 kfree(tty->write_buf); 187 tty_buffer_free_all(tty); 188 tty->magic = 0xDEADDEAD; 189 kfree(tty); 190 } 191 192 static inline struct tty_struct *file_tty(struct file *file) 193 { 194 return ((struct tty_file_private *)file->private_data)->tty; 195 } 196 197 int tty_alloc_file(struct file *file) 198 { 199 struct tty_file_private *priv; 200 201 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 202 if (!priv) 203 return -ENOMEM; 204 205 file->private_data = priv; 206 207 return 0; 208 } 209 210 /* Associate a new file with the tty structure */ 211 void tty_add_file(struct tty_struct *tty, struct file *file) 212 { 213 struct tty_file_private *priv = file->private_data; 214 215 priv->tty = tty; 216 priv->file = file; 217 218 spin_lock(&tty_files_lock); 219 list_add(&priv->list, &tty->tty_files); 220 spin_unlock(&tty_files_lock); 221 } 222 223 /** 224 * tty_free_file - free file->private_data 225 * 226 * This shall be used only for fail path handling when tty_add_file was not 227 * called yet. 228 */ 229 void tty_free_file(struct file *file) 230 { 231 struct tty_file_private *priv = file->private_data; 232 233 file->private_data = NULL; 234 kfree(priv); 235 } 236 237 /* Delete file from its tty */ 238 void tty_del_file(struct file *file) 239 { 240 struct tty_file_private *priv = file->private_data; 241 242 spin_lock(&tty_files_lock); 243 list_del(&priv->list); 244 spin_unlock(&tty_files_lock); 245 tty_free_file(file); 246 } 247 248 249 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 250 251 /** 252 * tty_name - return tty naming 253 * @tty: tty structure 254 * @buf: buffer for output 255 * 256 * Convert a tty structure into a name. The name reflects the kernel 257 * naming policy and if udev is in use may not reflect user space 258 * 259 * Locking: none 260 */ 261 262 char *tty_name(struct tty_struct *tty, char *buf) 263 { 264 if (!tty) /* Hmm. NULL pointer. That's fun. */ 265 strcpy(buf, "NULL tty"); 266 else 267 strcpy(buf, tty->name); 268 return buf; 269 } 270 271 EXPORT_SYMBOL(tty_name); 272 273 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 274 const char *routine) 275 { 276 #ifdef TTY_PARANOIA_CHECK 277 if (!tty) { 278 printk(KERN_WARNING 279 "null TTY for (%d:%d) in %s\n", 280 imajor(inode), iminor(inode), routine); 281 return 1; 282 } 283 if (tty->magic != TTY_MAGIC) { 284 printk(KERN_WARNING 285 "bad magic number for tty struct (%d:%d) in %s\n", 286 imajor(inode), iminor(inode), routine); 287 return 1; 288 } 289 #endif 290 return 0; 291 } 292 293 static int check_tty_count(struct tty_struct *tty, const char *routine) 294 { 295 #ifdef CHECK_TTY_COUNT 296 struct list_head *p; 297 int count = 0; 298 299 spin_lock(&tty_files_lock); 300 list_for_each(p, &tty->tty_files) { 301 count++; 302 } 303 spin_unlock(&tty_files_lock); 304 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 305 tty->driver->subtype == PTY_TYPE_SLAVE && 306 tty->link && tty->link->count) 307 count++; 308 if (tty->count != count) { 309 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 310 "!= #fd's(%d) in %s\n", 311 tty->name, tty->count, count, routine); 312 return count; 313 } 314 #endif 315 return 0; 316 } 317 318 /** 319 * get_tty_driver - find device of a tty 320 * @dev_t: device identifier 321 * @index: returns the index of the tty 322 * 323 * This routine returns a tty driver structure, given a device number 324 * and also passes back the index number. 325 * 326 * Locking: caller must hold tty_mutex 327 */ 328 329 static struct tty_driver *get_tty_driver(dev_t device, int *index) 330 { 331 struct tty_driver *p; 332 333 list_for_each_entry(p, &tty_drivers, tty_drivers) { 334 dev_t base = MKDEV(p->major, p->minor_start); 335 if (device < base || device >= base + p->num) 336 continue; 337 *index = device - base; 338 return tty_driver_kref_get(p); 339 } 340 return NULL; 341 } 342 343 #ifdef CONFIG_CONSOLE_POLL 344 345 /** 346 * tty_find_polling_driver - find device of a polled tty 347 * @name: name string to match 348 * @line: pointer to resulting tty line nr 349 * 350 * This routine returns a tty driver structure, given a name 351 * and the condition that the tty driver is capable of polled 352 * operation. 353 */ 354 struct tty_driver *tty_find_polling_driver(char *name, int *line) 355 { 356 struct tty_driver *p, *res = NULL; 357 int tty_line = 0; 358 int len; 359 char *str, *stp; 360 361 for (str = name; *str; str++) 362 if ((*str >= '0' && *str <= '9') || *str == ',') 363 break; 364 if (!*str) 365 return NULL; 366 367 len = str - name; 368 tty_line = simple_strtoul(str, &str, 10); 369 370 mutex_lock(&tty_mutex); 371 /* Search through the tty devices to look for a match */ 372 list_for_each_entry(p, &tty_drivers, tty_drivers) { 373 if (strncmp(name, p->name, len) != 0) 374 continue; 375 stp = str; 376 if (*stp == ',') 377 stp++; 378 if (*stp == '\0') 379 stp = NULL; 380 381 if (tty_line >= 0 && tty_line < p->num && p->ops && 382 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 383 res = tty_driver_kref_get(p); 384 *line = tty_line; 385 break; 386 } 387 } 388 mutex_unlock(&tty_mutex); 389 390 return res; 391 } 392 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 393 #endif 394 395 /** 396 * tty_check_change - check for POSIX terminal changes 397 * @tty: tty to check 398 * 399 * If we try to write to, or set the state of, a terminal and we're 400 * not in the foreground, send a SIGTTOU. If the signal is blocked or 401 * ignored, go ahead and perform the operation. (POSIX 7.2) 402 * 403 * Locking: ctrl_lock 404 */ 405 406 int tty_check_change(struct tty_struct *tty) 407 { 408 unsigned long flags; 409 int ret = 0; 410 411 if (current->signal->tty != tty) 412 return 0; 413 414 spin_lock_irqsave(&tty->ctrl_lock, flags); 415 416 if (!tty->pgrp) { 417 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 418 goto out_unlock; 419 } 420 if (task_pgrp(current) == tty->pgrp) 421 goto out_unlock; 422 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 423 if (is_ignored(SIGTTOU)) 424 goto out; 425 if (is_current_pgrp_orphaned()) { 426 ret = -EIO; 427 goto out; 428 } 429 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 430 set_thread_flag(TIF_SIGPENDING); 431 ret = -ERESTARTSYS; 432 out: 433 return ret; 434 out_unlock: 435 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 436 return ret; 437 } 438 439 EXPORT_SYMBOL(tty_check_change); 440 441 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 442 size_t count, loff_t *ppos) 443 { 444 return 0; 445 } 446 447 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 448 size_t count, loff_t *ppos) 449 { 450 return -EIO; 451 } 452 453 /* No kernel lock held - none needed ;) */ 454 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 455 { 456 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 457 } 458 459 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 460 unsigned long arg) 461 { 462 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 463 } 464 465 static long hung_up_tty_compat_ioctl(struct file *file, 466 unsigned int cmd, unsigned long arg) 467 { 468 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 469 } 470 471 static const struct file_operations tty_fops = { 472 .llseek = no_llseek, 473 .read = tty_read, 474 .write = tty_write, 475 .poll = tty_poll, 476 .unlocked_ioctl = tty_ioctl, 477 .compat_ioctl = tty_compat_ioctl, 478 .open = tty_open, 479 .release = tty_release, 480 .fasync = tty_fasync, 481 }; 482 483 static const struct file_operations console_fops = { 484 .llseek = no_llseek, 485 .read = tty_read, 486 .write = redirected_tty_write, 487 .poll = tty_poll, 488 .unlocked_ioctl = tty_ioctl, 489 .compat_ioctl = tty_compat_ioctl, 490 .open = tty_open, 491 .release = tty_release, 492 .fasync = tty_fasync, 493 }; 494 495 static const struct file_operations hung_up_tty_fops = { 496 .llseek = no_llseek, 497 .read = hung_up_tty_read, 498 .write = hung_up_tty_write, 499 .poll = hung_up_tty_poll, 500 .unlocked_ioctl = hung_up_tty_ioctl, 501 .compat_ioctl = hung_up_tty_compat_ioctl, 502 .release = tty_release, 503 }; 504 505 static DEFINE_SPINLOCK(redirect_lock); 506 static struct file *redirect; 507 508 /** 509 * tty_wakeup - request more data 510 * @tty: terminal 511 * 512 * Internal and external helper for wakeups of tty. This function 513 * informs the line discipline if present that the driver is ready 514 * to receive more output data. 515 */ 516 517 void tty_wakeup(struct tty_struct *tty) 518 { 519 struct tty_ldisc *ld; 520 521 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 522 ld = tty_ldisc_ref(tty); 523 if (ld) { 524 if (ld->ops->write_wakeup) 525 ld->ops->write_wakeup(tty); 526 tty_ldisc_deref(ld); 527 } 528 } 529 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 530 } 531 532 EXPORT_SYMBOL_GPL(tty_wakeup); 533 534 /** 535 * __tty_hangup - actual handler for hangup events 536 * @work: tty device 537 * 538 * This can be called by the "eventd" kernel thread. That is process 539 * synchronous but doesn't hold any locks, so we need to make sure we 540 * have the appropriate locks for what we're doing. 541 * 542 * The hangup event clears any pending redirections onto the hung up 543 * device. It ensures future writes will error and it does the needed 544 * line discipline hangup and signal delivery. The tty object itself 545 * remains intact. 546 * 547 * Locking: 548 * BTM 549 * redirect lock for undoing redirection 550 * file list lock for manipulating list of ttys 551 * tty_ldisc_lock from called functions 552 * termios_mutex resetting termios data 553 * tasklist_lock to walk task list for hangup event 554 * ->siglock to protect ->signal/->sighand 555 */ 556 void __tty_hangup(struct tty_struct *tty) 557 { 558 struct file *cons_filp = NULL; 559 struct file *filp, *f = NULL; 560 struct task_struct *p; 561 struct tty_file_private *priv; 562 int closecount = 0, n; 563 unsigned long flags; 564 int refs = 0; 565 566 if (!tty) 567 return; 568 569 570 spin_lock(&redirect_lock); 571 if (redirect && file_tty(redirect) == tty) { 572 f = redirect; 573 redirect = NULL; 574 } 575 spin_unlock(&redirect_lock); 576 577 tty_lock(tty); 578 579 /* some functions below drop BTM, so we need this bit */ 580 set_bit(TTY_HUPPING, &tty->flags); 581 582 /* inuse_filps is protected by the single tty lock, 583 this really needs to change if we want to flush the 584 workqueue with the lock held */ 585 check_tty_count(tty, "tty_hangup"); 586 587 spin_lock(&tty_files_lock); 588 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 589 list_for_each_entry(priv, &tty->tty_files, list) { 590 filp = priv->file; 591 if (filp->f_op->write == redirected_tty_write) 592 cons_filp = filp; 593 if (filp->f_op->write != tty_write) 594 continue; 595 closecount++; 596 __tty_fasync(-1, filp, 0); /* can't block */ 597 filp->f_op = &hung_up_tty_fops; 598 } 599 spin_unlock(&tty_files_lock); 600 601 /* 602 * it drops BTM and thus races with reopen 603 * we protect the race by TTY_HUPPING 604 */ 605 tty_ldisc_hangup(tty); 606 607 read_lock(&tasklist_lock); 608 if (tty->session) { 609 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 610 spin_lock_irq(&p->sighand->siglock); 611 if (p->signal->tty == tty) { 612 p->signal->tty = NULL; 613 /* We defer the dereferences outside fo 614 the tasklist lock */ 615 refs++; 616 } 617 if (!p->signal->leader) { 618 spin_unlock_irq(&p->sighand->siglock); 619 continue; 620 } 621 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 622 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 623 put_pid(p->signal->tty_old_pgrp); /* A noop */ 624 spin_lock_irqsave(&tty->ctrl_lock, flags); 625 if (tty->pgrp) 626 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 627 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 628 spin_unlock_irq(&p->sighand->siglock); 629 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 630 } 631 read_unlock(&tasklist_lock); 632 633 spin_lock_irqsave(&tty->ctrl_lock, flags); 634 clear_bit(TTY_THROTTLED, &tty->flags); 635 clear_bit(TTY_PUSH, &tty->flags); 636 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 637 put_pid(tty->session); 638 put_pid(tty->pgrp); 639 tty->session = NULL; 640 tty->pgrp = NULL; 641 tty->ctrl_status = 0; 642 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 643 644 /* Account for the p->signal references we killed */ 645 while (refs--) 646 tty_kref_put(tty); 647 648 /* 649 * If one of the devices matches a console pointer, we 650 * cannot just call hangup() because that will cause 651 * tty->count and state->count to go out of sync. 652 * So we just call close() the right number of times. 653 */ 654 if (cons_filp) { 655 if (tty->ops->close) 656 for (n = 0; n < closecount; n++) 657 tty->ops->close(tty, cons_filp); 658 } else if (tty->ops->hangup) 659 (tty->ops->hangup)(tty); 660 /* 661 * We don't want to have driver/ldisc interactions beyond 662 * the ones we did here. The driver layer expects no 663 * calls after ->hangup() from the ldisc side. However we 664 * can't yet guarantee all that. 665 */ 666 set_bit(TTY_HUPPED, &tty->flags); 667 clear_bit(TTY_HUPPING, &tty->flags); 668 tty_ldisc_enable(tty); 669 670 tty_unlock(tty); 671 672 if (f) 673 fput(f); 674 } 675 676 static void do_tty_hangup(struct work_struct *work) 677 { 678 struct tty_struct *tty = 679 container_of(work, struct tty_struct, hangup_work); 680 681 __tty_hangup(tty); 682 } 683 684 /** 685 * tty_hangup - trigger a hangup event 686 * @tty: tty to hangup 687 * 688 * A carrier loss (virtual or otherwise) has occurred on this like 689 * schedule a hangup sequence to run after this event. 690 */ 691 692 void tty_hangup(struct tty_struct *tty) 693 { 694 #ifdef TTY_DEBUG_HANGUP 695 char buf[64]; 696 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 697 #endif 698 schedule_work(&tty->hangup_work); 699 } 700 701 EXPORT_SYMBOL(tty_hangup); 702 703 /** 704 * tty_vhangup - process vhangup 705 * @tty: tty to hangup 706 * 707 * The user has asked via system call for the terminal to be hung up. 708 * We do this synchronously so that when the syscall returns the process 709 * is complete. That guarantee is necessary for security reasons. 710 */ 711 712 void tty_vhangup(struct tty_struct *tty) 713 { 714 #ifdef TTY_DEBUG_HANGUP 715 char buf[64]; 716 717 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 718 #endif 719 __tty_hangup(tty); 720 } 721 722 EXPORT_SYMBOL(tty_vhangup); 723 724 725 /** 726 * tty_vhangup_self - process vhangup for own ctty 727 * 728 * Perform a vhangup on the current controlling tty 729 */ 730 731 void tty_vhangup_self(void) 732 { 733 struct tty_struct *tty; 734 735 tty = get_current_tty(); 736 if (tty) { 737 tty_vhangup(tty); 738 tty_kref_put(tty); 739 } 740 } 741 742 /** 743 * tty_hung_up_p - was tty hung up 744 * @filp: file pointer of tty 745 * 746 * Return true if the tty has been subject to a vhangup or a carrier 747 * loss 748 */ 749 750 int tty_hung_up_p(struct file *filp) 751 { 752 return (filp->f_op == &hung_up_tty_fops); 753 } 754 755 EXPORT_SYMBOL(tty_hung_up_p); 756 757 static void session_clear_tty(struct pid *session) 758 { 759 struct task_struct *p; 760 do_each_pid_task(session, PIDTYPE_SID, p) { 761 proc_clear_tty(p); 762 } while_each_pid_task(session, PIDTYPE_SID, p); 763 } 764 765 /** 766 * disassociate_ctty - disconnect controlling tty 767 * @on_exit: true if exiting so need to "hang up" the session 768 * 769 * This function is typically called only by the session leader, when 770 * it wants to disassociate itself from its controlling tty. 771 * 772 * It performs the following functions: 773 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 774 * (2) Clears the tty from being controlling the session 775 * (3) Clears the controlling tty for all processes in the 776 * session group. 777 * 778 * The argument on_exit is set to 1 if called when a process is 779 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 780 * 781 * Locking: 782 * BTM is taken for hysterical raisins, and held when 783 * called from no_tty(). 784 * tty_mutex is taken to protect tty 785 * ->siglock is taken to protect ->signal/->sighand 786 * tasklist_lock is taken to walk process list for sessions 787 * ->siglock is taken to protect ->signal/->sighand 788 */ 789 790 void disassociate_ctty(int on_exit) 791 { 792 struct tty_struct *tty; 793 794 if (!current->signal->leader) 795 return; 796 797 tty = get_current_tty(); 798 if (tty) { 799 struct pid *tty_pgrp = get_pid(tty->pgrp); 800 if (on_exit) { 801 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 802 tty_vhangup(tty); 803 } 804 tty_kref_put(tty); 805 if (tty_pgrp) { 806 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 807 if (!on_exit) 808 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 809 put_pid(tty_pgrp); 810 } 811 } else if (on_exit) { 812 struct pid *old_pgrp; 813 spin_lock_irq(¤t->sighand->siglock); 814 old_pgrp = current->signal->tty_old_pgrp; 815 current->signal->tty_old_pgrp = NULL; 816 spin_unlock_irq(¤t->sighand->siglock); 817 if (old_pgrp) { 818 kill_pgrp(old_pgrp, SIGHUP, on_exit); 819 kill_pgrp(old_pgrp, SIGCONT, on_exit); 820 put_pid(old_pgrp); 821 } 822 return; 823 } 824 825 spin_lock_irq(¤t->sighand->siglock); 826 put_pid(current->signal->tty_old_pgrp); 827 current->signal->tty_old_pgrp = NULL; 828 spin_unlock_irq(¤t->sighand->siglock); 829 830 tty = get_current_tty(); 831 if (tty) { 832 unsigned long flags; 833 spin_lock_irqsave(&tty->ctrl_lock, flags); 834 put_pid(tty->session); 835 put_pid(tty->pgrp); 836 tty->session = NULL; 837 tty->pgrp = NULL; 838 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 839 tty_kref_put(tty); 840 } else { 841 #ifdef TTY_DEBUG_HANGUP 842 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 843 " = NULL", tty); 844 #endif 845 } 846 847 /* Now clear signal->tty under the lock */ 848 read_lock(&tasklist_lock); 849 session_clear_tty(task_session(current)); 850 read_unlock(&tasklist_lock); 851 } 852 853 /** 854 * 855 * no_tty - Ensure the current process does not have a controlling tty 856 */ 857 void no_tty(void) 858 { 859 /* FIXME: Review locking here. The tty_lock never covered any race 860 between a new association and proc_clear_tty but possible we need 861 to protect against this anyway */ 862 struct task_struct *tsk = current; 863 disassociate_ctty(0); 864 proc_clear_tty(tsk); 865 } 866 867 868 /** 869 * stop_tty - propagate flow control 870 * @tty: tty to stop 871 * 872 * Perform flow control to the driver. For PTY/TTY pairs we 873 * must also propagate the TIOCKPKT status. May be called 874 * on an already stopped device and will not re-call the driver 875 * method. 876 * 877 * This functionality is used by both the line disciplines for 878 * halting incoming flow and by the driver. It may therefore be 879 * called from any context, may be under the tty atomic_write_lock 880 * but not always. 881 * 882 * Locking: 883 * Uses the tty control lock internally 884 */ 885 886 void stop_tty(struct tty_struct *tty) 887 { 888 unsigned long flags; 889 spin_lock_irqsave(&tty->ctrl_lock, flags); 890 if (tty->stopped) { 891 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 892 return; 893 } 894 tty->stopped = 1; 895 if (tty->link && tty->link->packet) { 896 tty->ctrl_status &= ~TIOCPKT_START; 897 tty->ctrl_status |= TIOCPKT_STOP; 898 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 899 } 900 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 901 if (tty->ops->stop) 902 (tty->ops->stop)(tty); 903 } 904 905 EXPORT_SYMBOL(stop_tty); 906 907 /** 908 * start_tty - propagate flow control 909 * @tty: tty to start 910 * 911 * Start a tty that has been stopped if at all possible. Perform 912 * any necessary wakeups and propagate the TIOCPKT status. If this 913 * is the tty was previous stopped and is being started then the 914 * driver start method is invoked and the line discipline woken. 915 * 916 * Locking: 917 * ctrl_lock 918 */ 919 920 void start_tty(struct tty_struct *tty) 921 { 922 unsigned long flags; 923 spin_lock_irqsave(&tty->ctrl_lock, flags); 924 if (!tty->stopped || tty->flow_stopped) { 925 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 926 return; 927 } 928 tty->stopped = 0; 929 if (tty->link && tty->link->packet) { 930 tty->ctrl_status &= ~TIOCPKT_STOP; 931 tty->ctrl_status |= TIOCPKT_START; 932 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 933 } 934 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 935 if (tty->ops->start) 936 (tty->ops->start)(tty); 937 /* If we have a running line discipline it may need kicking */ 938 tty_wakeup(tty); 939 } 940 941 EXPORT_SYMBOL(start_tty); 942 943 /** 944 * tty_read - read method for tty device files 945 * @file: pointer to tty file 946 * @buf: user buffer 947 * @count: size of user buffer 948 * @ppos: unused 949 * 950 * Perform the read system call function on this terminal device. Checks 951 * for hung up devices before calling the line discipline method. 952 * 953 * Locking: 954 * Locks the line discipline internally while needed. Multiple 955 * read calls may be outstanding in parallel. 956 */ 957 958 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 959 loff_t *ppos) 960 { 961 int i; 962 struct inode *inode = file->f_path.dentry->d_inode; 963 struct tty_struct *tty = file_tty(file); 964 struct tty_ldisc *ld; 965 966 if (tty_paranoia_check(tty, inode, "tty_read")) 967 return -EIO; 968 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 969 return -EIO; 970 971 /* We want to wait for the line discipline to sort out in this 972 situation */ 973 ld = tty_ldisc_ref_wait(tty); 974 if (ld->ops->read) 975 i = (ld->ops->read)(tty, file, buf, count); 976 else 977 i = -EIO; 978 tty_ldisc_deref(ld); 979 if (i > 0) 980 inode->i_atime = current_fs_time(inode->i_sb); 981 return i; 982 } 983 984 void tty_write_unlock(struct tty_struct *tty) 985 __releases(&tty->atomic_write_lock) 986 { 987 mutex_unlock(&tty->atomic_write_lock); 988 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 989 } 990 991 int tty_write_lock(struct tty_struct *tty, int ndelay) 992 __acquires(&tty->atomic_write_lock) 993 { 994 if (!mutex_trylock(&tty->atomic_write_lock)) { 995 if (ndelay) 996 return -EAGAIN; 997 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 998 return -ERESTARTSYS; 999 } 1000 return 0; 1001 } 1002 1003 /* 1004 * Split writes up in sane blocksizes to avoid 1005 * denial-of-service type attacks 1006 */ 1007 static inline ssize_t do_tty_write( 1008 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1009 struct tty_struct *tty, 1010 struct file *file, 1011 const char __user *buf, 1012 size_t count) 1013 { 1014 ssize_t ret, written = 0; 1015 unsigned int chunk; 1016 1017 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1018 if (ret < 0) 1019 return ret; 1020 1021 /* 1022 * We chunk up writes into a temporary buffer. This 1023 * simplifies low-level drivers immensely, since they 1024 * don't have locking issues and user mode accesses. 1025 * 1026 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1027 * big chunk-size.. 1028 * 1029 * The default chunk-size is 2kB, because the NTTY 1030 * layer has problems with bigger chunks. It will 1031 * claim to be able to handle more characters than 1032 * it actually does. 1033 * 1034 * FIXME: This can probably go away now except that 64K chunks 1035 * are too likely to fail unless switched to vmalloc... 1036 */ 1037 chunk = 2048; 1038 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1039 chunk = 65536; 1040 if (count < chunk) 1041 chunk = count; 1042 1043 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1044 if (tty->write_cnt < chunk) { 1045 unsigned char *buf_chunk; 1046 1047 if (chunk < 1024) 1048 chunk = 1024; 1049 1050 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1051 if (!buf_chunk) { 1052 ret = -ENOMEM; 1053 goto out; 1054 } 1055 kfree(tty->write_buf); 1056 tty->write_cnt = chunk; 1057 tty->write_buf = buf_chunk; 1058 } 1059 1060 /* Do the write .. */ 1061 for (;;) { 1062 size_t size = count; 1063 if (size > chunk) 1064 size = chunk; 1065 ret = -EFAULT; 1066 if (copy_from_user(tty->write_buf, buf, size)) 1067 break; 1068 ret = write(tty, file, tty->write_buf, size); 1069 if (ret <= 0) 1070 break; 1071 written += ret; 1072 buf += ret; 1073 count -= ret; 1074 if (!count) 1075 break; 1076 ret = -ERESTARTSYS; 1077 if (signal_pending(current)) 1078 break; 1079 cond_resched(); 1080 } 1081 if (written) { 1082 struct inode *inode = file->f_path.dentry->d_inode; 1083 inode->i_mtime = current_fs_time(inode->i_sb); 1084 ret = written; 1085 } 1086 out: 1087 tty_write_unlock(tty); 1088 return ret; 1089 } 1090 1091 /** 1092 * tty_write_message - write a message to a certain tty, not just the console. 1093 * @tty: the destination tty_struct 1094 * @msg: the message to write 1095 * 1096 * This is used for messages that need to be redirected to a specific tty. 1097 * We don't put it into the syslog queue right now maybe in the future if 1098 * really needed. 1099 * 1100 * We must still hold the BTM and test the CLOSING flag for the moment. 1101 */ 1102 1103 void tty_write_message(struct tty_struct *tty, char *msg) 1104 { 1105 if (tty) { 1106 mutex_lock(&tty->atomic_write_lock); 1107 tty_lock(tty); 1108 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1109 tty_unlock(tty); 1110 tty->ops->write(tty, msg, strlen(msg)); 1111 } else 1112 tty_unlock(tty); 1113 tty_write_unlock(tty); 1114 } 1115 return; 1116 } 1117 1118 1119 /** 1120 * tty_write - write method for tty device file 1121 * @file: tty file pointer 1122 * @buf: user data to write 1123 * @count: bytes to write 1124 * @ppos: unused 1125 * 1126 * Write data to a tty device via the line discipline. 1127 * 1128 * Locking: 1129 * Locks the line discipline as required 1130 * Writes to the tty driver are serialized by the atomic_write_lock 1131 * and are then processed in chunks to the device. The line discipline 1132 * write method will not be invoked in parallel for each device. 1133 */ 1134 1135 static ssize_t tty_write(struct file *file, const char __user *buf, 1136 size_t count, loff_t *ppos) 1137 { 1138 struct inode *inode = file->f_path.dentry->d_inode; 1139 struct tty_struct *tty = file_tty(file); 1140 struct tty_ldisc *ld; 1141 ssize_t ret; 1142 1143 if (tty_paranoia_check(tty, inode, "tty_write")) 1144 return -EIO; 1145 if (!tty || !tty->ops->write || 1146 (test_bit(TTY_IO_ERROR, &tty->flags))) 1147 return -EIO; 1148 /* Short term debug to catch buggy drivers */ 1149 if (tty->ops->write_room == NULL) 1150 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1151 tty->driver->name); 1152 ld = tty_ldisc_ref_wait(tty); 1153 if (!ld->ops->write) 1154 ret = -EIO; 1155 else 1156 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1157 tty_ldisc_deref(ld); 1158 return ret; 1159 } 1160 1161 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1162 size_t count, loff_t *ppos) 1163 { 1164 struct file *p = NULL; 1165 1166 spin_lock(&redirect_lock); 1167 if (redirect) { 1168 get_file(redirect); 1169 p = redirect; 1170 } 1171 spin_unlock(&redirect_lock); 1172 1173 if (p) { 1174 ssize_t res; 1175 res = vfs_write(p, buf, count, &p->f_pos); 1176 fput(p); 1177 return res; 1178 } 1179 return tty_write(file, buf, count, ppos); 1180 } 1181 1182 static char ptychar[] = "pqrstuvwxyzabcde"; 1183 1184 /** 1185 * pty_line_name - generate name for a pty 1186 * @driver: the tty driver in use 1187 * @index: the minor number 1188 * @p: output buffer of at least 6 bytes 1189 * 1190 * Generate a name from a driver reference and write it to the output 1191 * buffer. 1192 * 1193 * Locking: None 1194 */ 1195 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1196 { 1197 int i = index + driver->name_base; 1198 /* ->name is initialized to "ttyp", but "tty" is expected */ 1199 sprintf(p, "%s%c%x", 1200 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1201 ptychar[i >> 4 & 0xf], i & 0xf); 1202 } 1203 1204 /** 1205 * tty_line_name - generate name for a tty 1206 * @driver: the tty driver in use 1207 * @index: the minor number 1208 * @p: output buffer of at least 7 bytes 1209 * 1210 * Generate a name from a driver reference and write it to the output 1211 * buffer. 1212 * 1213 * Locking: None 1214 */ 1215 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1216 { 1217 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1218 } 1219 1220 /** 1221 * tty_driver_lookup_tty() - find an existing tty, if any 1222 * @driver: the driver for the tty 1223 * @idx: the minor number 1224 * 1225 * Return the tty, if found or ERR_PTR() otherwise. 1226 * 1227 * Locking: tty_mutex must be held. If tty is found, the mutex must 1228 * be held until the 'fast-open' is also done. Will change once we 1229 * have refcounting in the driver and per driver locking 1230 */ 1231 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1232 struct inode *inode, int idx) 1233 { 1234 if (driver->ops->lookup) 1235 return driver->ops->lookup(driver, inode, idx); 1236 1237 return driver->ttys[idx]; 1238 } 1239 1240 /** 1241 * tty_init_termios - helper for termios setup 1242 * @tty: the tty to set up 1243 * 1244 * Initialise the termios structures for this tty. Thus runs under 1245 * the tty_mutex currently so we can be relaxed about ordering. 1246 */ 1247 1248 int tty_init_termios(struct tty_struct *tty) 1249 { 1250 struct ktermios *tp; 1251 int idx = tty->index; 1252 1253 tp = tty->driver->termios[idx]; 1254 if (tp == NULL) { 1255 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1256 if (tp == NULL) 1257 return -ENOMEM; 1258 memcpy(tp, &tty->driver->init_termios, 1259 sizeof(struct ktermios)); 1260 tty->driver->termios[idx] = tp; 1261 } 1262 tty->termios = tp; 1263 tty->termios_locked = tp + 1; 1264 1265 /* Compatibility until drivers always set this */ 1266 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1267 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1268 return 0; 1269 } 1270 EXPORT_SYMBOL_GPL(tty_init_termios); 1271 1272 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1273 { 1274 int ret = tty_init_termios(tty); 1275 if (ret) 1276 return ret; 1277 1278 tty_driver_kref_get(driver); 1279 tty->count++; 1280 driver->ttys[tty->index] = tty; 1281 return 0; 1282 } 1283 EXPORT_SYMBOL_GPL(tty_standard_install); 1284 1285 /** 1286 * tty_driver_install_tty() - install a tty entry in the driver 1287 * @driver: the driver for the tty 1288 * @tty: the tty 1289 * 1290 * Install a tty object into the driver tables. The tty->index field 1291 * will be set by the time this is called. This method is responsible 1292 * for ensuring any need additional structures are allocated and 1293 * configured. 1294 * 1295 * Locking: tty_mutex for now 1296 */ 1297 static int tty_driver_install_tty(struct tty_driver *driver, 1298 struct tty_struct *tty) 1299 { 1300 return driver->ops->install ? driver->ops->install(driver, tty) : 1301 tty_standard_install(driver, tty); 1302 } 1303 1304 /** 1305 * tty_driver_remove_tty() - remove a tty from the driver tables 1306 * @driver: the driver for the tty 1307 * @idx: the minor number 1308 * 1309 * Remvoe a tty object from the driver tables. The tty->index field 1310 * will be set by the time this is called. 1311 * 1312 * Locking: tty_mutex for now 1313 */ 1314 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1315 { 1316 if (driver->ops->remove) 1317 driver->ops->remove(driver, tty); 1318 else 1319 driver->ttys[tty->index] = NULL; 1320 } 1321 1322 /* 1323 * tty_reopen() - fast re-open of an open tty 1324 * @tty - the tty to open 1325 * 1326 * Return 0 on success, -errno on error. 1327 * 1328 * Locking: tty_mutex must be held from the time the tty was found 1329 * till this open completes. 1330 */ 1331 static int tty_reopen(struct tty_struct *tty) 1332 { 1333 struct tty_driver *driver = tty->driver; 1334 1335 if (test_bit(TTY_CLOSING, &tty->flags) || 1336 test_bit(TTY_HUPPING, &tty->flags) || 1337 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1338 return -EIO; 1339 1340 if (driver->type == TTY_DRIVER_TYPE_PTY && 1341 driver->subtype == PTY_TYPE_MASTER) { 1342 /* 1343 * special case for PTY masters: only one open permitted, 1344 * and the slave side open count is incremented as well. 1345 */ 1346 if (tty->count) 1347 return -EIO; 1348 1349 tty->link->count++; 1350 } 1351 tty->count++; 1352 1353 mutex_lock(&tty->ldisc_mutex); 1354 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1355 mutex_unlock(&tty->ldisc_mutex); 1356 1357 return 0; 1358 } 1359 1360 /** 1361 * tty_init_dev - initialise a tty device 1362 * @driver: tty driver we are opening a device on 1363 * @idx: device index 1364 * @ret_tty: returned tty structure 1365 * 1366 * Prepare a tty device. This may not be a "new" clean device but 1367 * could also be an active device. The pty drivers require special 1368 * handling because of this. 1369 * 1370 * Locking: 1371 * The function is called under the tty_mutex, which 1372 * protects us from the tty struct or driver itself going away. 1373 * 1374 * On exit the tty device has the line discipline attached and 1375 * a reference count of 1. If a pair was created for pty/tty use 1376 * and the other was a pty master then it too has a reference count of 1. 1377 * 1378 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1379 * failed open. The new code protects the open with a mutex, so it's 1380 * really quite straightforward. The mutex locking can probably be 1381 * relaxed for the (most common) case of reopening a tty. 1382 */ 1383 1384 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1385 { 1386 struct tty_struct *tty; 1387 int retval; 1388 1389 /* 1390 * First time open is complex, especially for PTY devices. 1391 * This code guarantees that either everything succeeds and the 1392 * TTY is ready for operation, or else the table slots are vacated 1393 * and the allocated memory released. (Except that the termios 1394 * and locked termios may be retained.) 1395 */ 1396 1397 if (!try_module_get(driver->owner)) 1398 return ERR_PTR(-ENODEV); 1399 1400 tty = alloc_tty_struct(); 1401 if (!tty) { 1402 retval = -ENOMEM; 1403 goto err_module_put; 1404 } 1405 initialize_tty_struct(tty, driver, idx); 1406 1407 tty_lock(tty); 1408 retval = tty_driver_install_tty(driver, tty); 1409 if (retval < 0) 1410 goto err_deinit_tty; 1411 1412 /* 1413 * Structures all installed ... call the ldisc open routines. 1414 * If we fail here just call release_tty to clean up. No need 1415 * to decrement the use counts, as release_tty doesn't care. 1416 */ 1417 retval = tty_ldisc_setup(tty, tty->link); 1418 if (retval) 1419 goto err_release_tty; 1420 /* Return the tty locked so that it cannot vanish under the caller */ 1421 return tty; 1422 1423 err_deinit_tty: 1424 tty_unlock(tty); 1425 deinitialize_tty_struct(tty); 1426 free_tty_struct(tty); 1427 err_module_put: 1428 module_put(driver->owner); 1429 return ERR_PTR(retval); 1430 1431 /* call the tty release_tty routine to clean out this slot */ 1432 err_release_tty: 1433 tty_unlock(tty); 1434 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1435 "clearing slot %d\n", idx); 1436 release_tty(tty, idx); 1437 return ERR_PTR(retval); 1438 } 1439 1440 void tty_free_termios(struct tty_struct *tty) 1441 { 1442 struct ktermios *tp; 1443 int idx = tty->index; 1444 /* Kill this flag and push into drivers for locking etc */ 1445 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1446 /* FIXME: Locking on ->termios array */ 1447 tp = tty->termios; 1448 tty->driver->termios[idx] = NULL; 1449 kfree(tp); 1450 } 1451 } 1452 EXPORT_SYMBOL(tty_free_termios); 1453 1454 void tty_shutdown(struct tty_struct *tty) 1455 { 1456 tty_driver_remove_tty(tty->driver, tty); 1457 tty_free_termios(tty); 1458 } 1459 EXPORT_SYMBOL(tty_shutdown); 1460 1461 /** 1462 * release_one_tty - release tty structure memory 1463 * @kref: kref of tty we are obliterating 1464 * 1465 * Releases memory associated with a tty structure, and clears out the 1466 * driver table slots. This function is called when a device is no longer 1467 * in use. It also gets called when setup of a device fails. 1468 * 1469 * Locking: 1470 * tty_mutex - sometimes only 1471 * takes the file list lock internally when working on the list 1472 * of ttys that the driver keeps. 1473 * 1474 * This method gets called from a work queue so that the driver private 1475 * cleanup ops can sleep (needed for USB at least) 1476 */ 1477 static void release_one_tty(struct work_struct *work) 1478 { 1479 struct tty_struct *tty = 1480 container_of(work, struct tty_struct, hangup_work); 1481 struct tty_driver *driver = tty->driver; 1482 1483 if (tty->ops->cleanup) 1484 tty->ops->cleanup(tty); 1485 1486 tty->magic = 0; 1487 tty_driver_kref_put(driver); 1488 module_put(driver->owner); 1489 1490 spin_lock(&tty_files_lock); 1491 list_del_init(&tty->tty_files); 1492 spin_unlock(&tty_files_lock); 1493 1494 put_pid(tty->pgrp); 1495 put_pid(tty->session); 1496 free_tty_struct(tty); 1497 } 1498 1499 static void queue_release_one_tty(struct kref *kref) 1500 { 1501 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1502 1503 if (tty->ops->shutdown) 1504 tty->ops->shutdown(tty); 1505 else 1506 tty_shutdown(tty); 1507 1508 /* The hangup queue is now free so we can reuse it rather than 1509 waste a chunk of memory for each port */ 1510 INIT_WORK(&tty->hangup_work, release_one_tty); 1511 schedule_work(&tty->hangup_work); 1512 } 1513 1514 /** 1515 * tty_kref_put - release a tty kref 1516 * @tty: tty device 1517 * 1518 * Release a reference to a tty device and if need be let the kref 1519 * layer destruct the object for us 1520 */ 1521 1522 void tty_kref_put(struct tty_struct *tty) 1523 { 1524 if (tty) 1525 kref_put(&tty->kref, queue_release_one_tty); 1526 } 1527 EXPORT_SYMBOL(tty_kref_put); 1528 1529 /** 1530 * release_tty - release tty structure memory 1531 * 1532 * Release both @tty and a possible linked partner (think pty pair), 1533 * and decrement the refcount of the backing module. 1534 * 1535 * Locking: 1536 * tty_mutex - sometimes only 1537 * takes the file list lock internally when working on the list 1538 * of ttys that the driver keeps. 1539 * FIXME: should we require tty_mutex is held here ?? 1540 * 1541 */ 1542 static void release_tty(struct tty_struct *tty, int idx) 1543 { 1544 /* This should always be true but check for the moment */ 1545 WARN_ON(tty->index != idx); 1546 1547 if (tty->link) 1548 tty_kref_put(tty->link); 1549 tty_kref_put(tty); 1550 } 1551 1552 /** 1553 * tty_release_checks - check a tty before real release 1554 * @tty: tty to check 1555 * @o_tty: link of @tty (if any) 1556 * @idx: index of the tty 1557 * 1558 * Performs some paranoid checking before true release of the @tty. 1559 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1560 */ 1561 static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty, 1562 int idx) 1563 { 1564 #ifdef TTY_PARANOIA_CHECK 1565 if (idx < 0 || idx >= tty->driver->num) { 1566 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n", 1567 __func__, tty->name); 1568 return -1; 1569 } 1570 1571 /* not much to check for devpts */ 1572 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1573 return 0; 1574 1575 if (tty != tty->driver->ttys[idx]) { 1576 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n", 1577 __func__, idx, tty->name); 1578 return -1; 1579 } 1580 if (tty->termios != tty->driver->termios[idx]) { 1581 printk(KERN_DEBUG "%s: driver.termios[%d] not termios for (%s)\n", 1582 __func__, idx, tty->name); 1583 return -1; 1584 } 1585 if (tty->driver->other) { 1586 if (o_tty != tty->driver->other->ttys[idx]) { 1587 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n", 1588 __func__, idx, tty->name); 1589 return -1; 1590 } 1591 if (o_tty->termios != tty->driver->other->termios[idx]) { 1592 printk(KERN_DEBUG "%s: other->termios[%d] not o_termios for (%s)\n", 1593 __func__, idx, tty->name); 1594 return -1; 1595 } 1596 if (o_tty->link != tty) { 1597 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__); 1598 return -1; 1599 } 1600 } 1601 #endif 1602 return 0; 1603 } 1604 1605 /** 1606 * tty_release - vfs callback for close 1607 * @inode: inode of tty 1608 * @filp: file pointer for handle to tty 1609 * 1610 * Called the last time each file handle is closed that references 1611 * this tty. There may however be several such references. 1612 * 1613 * Locking: 1614 * Takes bkl. See tty_release_dev 1615 * 1616 * Even releasing the tty structures is a tricky business.. We have 1617 * to be very careful that the structures are all released at the 1618 * same time, as interrupts might otherwise get the wrong pointers. 1619 * 1620 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1621 * lead to double frees or releasing memory still in use. 1622 */ 1623 1624 int tty_release(struct inode *inode, struct file *filp) 1625 { 1626 struct tty_struct *tty = file_tty(filp); 1627 struct tty_struct *o_tty; 1628 int pty_master, tty_closing, o_tty_closing, do_sleep; 1629 int devpts; 1630 int idx; 1631 char buf[64]; 1632 1633 if (tty_paranoia_check(tty, inode, __func__)) 1634 return 0; 1635 1636 tty_lock(tty); 1637 check_tty_count(tty, __func__); 1638 1639 __tty_fasync(-1, filp, 0); 1640 1641 idx = tty->index; 1642 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1643 tty->driver->subtype == PTY_TYPE_MASTER); 1644 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1645 /* Review: parallel close */ 1646 o_tty = tty->link; 1647 1648 if (tty_release_checks(tty, o_tty, idx)) { 1649 tty_unlock(tty); 1650 return 0; 1651 } 1652 1653 #ifdef TTY_DEBUG_HANGUP 1654 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__, 1655 tty_name(tty, buf), tty->count); 1656 #endif 1657 1658 if (tty->ops->close) 1659 tty->ops->close(tty, filp); 1660 1661 tty_unlock(tty); 1662 /* 1663 * Sanity check: if tty->count is going to zero, there shouldn't be 1664 * any waiters on tty->read_wait or tty->write_wait. We test the 1665 * wait queues and kick everyone out _before_ actually starting to 1666 * close. This ensures that we won't block while releasing the tty 1667 * structure. 1668 * 1669 * The test for the o_tty closing is necessary, since the master and 1670 * slave sides may close in any order. If the slave side closes out 1671 * first, its count will be one, since the master side holds an open. 1672 * Thus this test wouldn't be triggered at the time the slave closes, 1673 * so we do it now. 1674 * 1675 * Note that it's possible for the tty to be opened again while we're 1676 * flushing out waiters. By recalculating the closing flags before 1677 * each iteration we avoid any problems. 1678 */ 1679 while (1) { 1680 /* Guard against races with tty->count changes elsewhere and 1681 opens on /dev/tty */ 1682 1683 mutex_lock(&tty_mutex); 1684 tty_lock_pair(tty, o_tty); 1685 tty_closing = tty->count <= 1; 1686 o_tty_closing = o_tty && 1687 (o_tty->count <= (pty_master ? 1 : 0)); 1688 do_sleep = 0; 1689 1690 if (tty_closing) { 1691 if (waitqueue_active(&tty->read_wait)) { 1692 wake_up_poll(&tty->read_wait, POLLIN); 1693 do_sleep++; 1694 } 1695 if (waitqueue_active(&tty->write_wait)) { 1696 wake_up_poll(&tty->write_wait, POLLOUT); 1697 do_sleep++; 1698 } 1699 } 1700 if (o_tty_closing) { 1701 if (waitqueue_active(&o_tty->read_wait)) { 1702 wake_up_poll(&o_tty->read_wait, POLLIN); 1703 do_sleep++; 1704 } 1705 if (waitqueue_active(&o_tty->write_wait)) { 1706 wake_up_poll(&o_tty->write_wait, POLLOUT); 1707 do_sleep++; 1708 } 1709 } 1710 if (!do_sleep) 1711 break; 1712 1713 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n", 1714 __func__, tty_name(tty, buf)); 1715 tty_unlock_pair(tty, o_tty); 1716 mutex_unlock(&tty_mutex); 1717 schedule(); 1718 } 1719 1720 /* 1721 * The closing flags are now consistent with the open counts on 1722 * both sides, and we've completed the last operation that could 1723 * block, so it's safe to proceed with closing. 1724 */ 1725 if (pty_master) { 1726 if (--o_tty->count < 0) { 1727 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n", 1728 __func__, o_tty->count, tty_name(o_tty, buf)); 1729 o_tty->count = 0; 1730 } 1731 } 1732 if (--tty->count < 0) { 1733 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n", 1734 __func__, tty->count, tty_name(tty, buf)); 1735 tty->count = 0; 1736 } 1737 1738 /* 1739 * We've decremented tty->count, so we need to remove this file 1740 * descriptor off the tty->tty_files list; this serves two 1741 * purposes: 1742 * - check_tty_count sees the correct number of file descriptors 1743 * associated with this tty. 1744 * - do_tty_hangup no longer sees this file descriptor as 1745 * something that needs to be handled for hangups. 1746 */ 1747 tty_del_file(filp); 1748 1749 /* 1750 * Perform some housekeeping before deciding whether to return. 1751 * 1752 * Set the TTY_CLOSING flag if this was the last open. In the 1753 * case of a pty we may have to wait around for the other side 1754 * to close, and TTY_CLOSING makes sure we can't be reopened. 1755 */ 1756 if (tty_closing) 1757 set_bit(TTY_CLOSING, &tty->flags); 1758 if (o_tty_closing) 1759 set_bit(TTY_CLOSING, &o_tty->flags); 1760 1761 /* 1762 * If _either_ side is closing, make sure there aren't any 1763 * processes that still think tty or o_tty is their controlling 1764 * tty. 1765 */ 1766 if (tty_closing || o_tty_closing) { 1767 read_lock(&tasklist_lock); 1768 session_clear_tty(tty->session); 1769 if (o_tty) 1770 session_clear_tty(o_tty->session); 1771 read_unlock(&tasklist_lock); 1772 } 1773 1774 mutex_unlock(&tty_mutex); 1775 1776 /* check whether both sides are closing ... */ 1777 if (!tty_closing || (o_tty && !o_tty_closing)) { 1778 tty_unlock_pair(tty, o_tty); 1779 return 0; 1780 } 1781 1782 #ifdef TTY_DEBUG_HANGUP 1783 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__); 1784 #endif 1785 /* 1786 * Ask the line discipline code to release its structures 1787 */ 1788 tty_ldisc_release(tty, o_tty); 1789 /* 1790 * The release_tty function takes care of the details of clearing 1791 * the slots and preserving the termios structure. The tty_unlock_pair 1792 * should be safe as we keep a kref while the tty is locked (so the 1793 * unlock never unlocks a freed tty). 1794 */ 1795 release_tty(tty, idx); 1796 tty_unlock_pair(tty, o_tty); 1797 1798 /* Make this pty number available for reallocation */ 1799 if (devpts) 1800 devpts_kill_index(inode, idx); 1801 return 0; 1802 } 1803 1804 /** 1805 * tty_open_current_tty - get tty of current task for open 1806 * @device: device number 1807 * @filp: file pointer to tty 1808 * @return: tty of the current task iff @device is /dev/tty 1809 * 1810 * We cannot return driver and index like for the other nodes because 1811 * devpts will not work then. It expects inodes to be from devpts FS. 1812 * 1813 * We need to move to returning a refcounted object from all the lookup 1814 * paths including this one. 1815 */ 1816 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1817 { 1818 struct tty_struct *tty; 1819 1820 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1821 return NULL; 1822 1823 tty = get_current_tty(); 1824 if (!tty) 1825 return ERR_PTR(-ENXIO); 1826 1827 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1828 /* noctty = 1; */ 1829 tty_kref_put(tty); 1830 /* FIXME: we put a reference and return a TTY! */ 1831 /* This is only safe because the caller holds tty_mutex */ 1832 return tty; 1833 } 1834 1835 /** 1836 * tty_lookup_driver - lookup a tty driver for a given device file 1837 * @device: device number 1838 * @filp: file pointer to tty 1839 * @noctty: set if the device should not become a controlling tty 1840 * @index: index for the device in the @return driver 1841 * @return: driver for this inode (with increased refcount) 1842 * 1843 * If @return is not erroneous, the caller is responsible to decrement the 1844 * refcount by tty_driver_kref_put. 1845 * 1846 * Locking: tty_mutex protects get_tty_driver 1847 */ 1848 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1849 int *noctty, int *index) 1850 { 1851 struct tty_driver *driver; 1852 1853 switch (device) { 1854 #ifdef CONFIG_VT 1855 case MKDEV(TTY_MAJOR, 0): { 1856 extern struct tty_driver *console_driver; 1857 driver = tty_driver_kref_get(console_driver); 1858 *index = fg_console; 1859 *noctty = 1; 1860 break; 1861 } 1862 #endif 1863 case MKDEV(TTYAUX_MAJOR, 1): { 1864 struct tty_driver *console_driver = console_device(index); 1865 if (console_driver) { 1866 driver = tty_driver_kref_get(console_driver); 1867 if (driver) { 1868 /* Don't let /dev/console block */ 1869 filp->f_flags |= O_NONBLOCK; 1870 *noctty = 1; 1871 break; 1872 } 1873 } 1874 return ERR_PTR(-ENODEV); 1875 } 1876 default: 1877 driver = get_tty_driver(device, index); 1878 if (!driver) 1879 return ERR_PTR(-ENODEV); 1880 break; 1881 } 1882 return driver; 1883 } 1884 1885 /** 1886 * tty_open - open a tty device 1887 * @inode: inode of device file 1888 * @filp: file pointer to tty 1889 * 1890 * tty_open and tty_release keep up the tty count that contains the 1891 * number of opens done on a tty. We cannot use the inode-count, as 1892 * different inodes might point to the same tty. 1893 * 1894 * Open-counting is needed for pty masters, as well as for keeping 1895 * track of serial lines: DTR is dropped when the last close happens. 1896 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1897 * 1898 * The termios state of a pty is reset on first open so that 1899 * settings don't persist across reuse. 1900 * 1901 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 1902 * tty->count should protect the rest. 1903 * ->siglock protects ->signal/->sighand 1904 * 1905 * Note: the tty_unlock/lock cases without a ref are only safe due to 1906 * tty_mutex 1907 */ 1908 1909 static int tty_open(struct inode *inode, struct file *filp) 1910 { 1911 struct tty_struct *tty; 1912 int noctty, retval; 1913 struct tty_driver *driver = NULL; 1914 int index; 1915 dev_t device = inode->i_rdev; 1916 unsigned saved_flags = filp->f_flags; 1917 1918 nonseekable_open(inode, filp); 1919 1920 retry_open: 1921 retval = tty_alloc_file(filp); 1922 if (retval) 1923 return -ENOMEM; 1924 1925 noctty = filp->f_flags & O_NOCTTY; 1926 index = -1; 1927 retval = 0; 1928 1929 mutex_lock(&tty_mutex); 1930 /* This is protected by the tty_mutex */ 1931 tty = tty_open_current_tty(device, filp); 1932 if (IS_ERR(tty)) { 1933 retval = PTR_ERR(tty); 1934 goto err_unlock; 1935 } else if (!tty) { 1936 driver = tty_lookup_driver(device, filp, &noctty, &index); 1937 if (IS_ERR(driver)) { 1938 retval = PTR_ERR(driver); 1939 goto err_unlock; 1940 } 1941 1942 /* check whether we're reopening an existing tty */ 1943 tty = tty_driver_lookup_tty(driver, inode, index); 1944 if (IS_ERR(tty)) { 1945 retval = PTR_ERR(tty); 1946 goto err_unlock; 1947 } 1948 } 1949 1950 if (tty) { 1951 tty_lock(tty); 1952 retval = tty_reopen(tty); 1953 if (retval < 0) { 1954 tty_unlock(tty); 1955 tty = ERR_PTR(retval); 1956 } 1957 } else /* Returns with the tty_lock held for now */ 1958 tty = tty_init_dev(driver, index); 1959 1960 mutex_unlock(&tty_mutex); 1961 if (driver) 1962 tty_driver_kref_put(driver); 1963 if (IS_ERR(tty)) { 1964 retval = PTR_ERR(tty); 1965 goto err_file; 1966 } 1967 1968 tty_add_file(tty, filp); 1969 1970 check_tty_count(tty, __func__); 1971 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1972 tty->driver->subtype == PTY_TYPE_MASTER) 1973 noctty = 1; 1974 #ifdef TTY_DEBUG_HANGUP 1975 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name); 1976 #endif 1977 if (tty->ops->open) 1978 retval = tty->ops->open(tty, filp); 1979 else 1980 retval = -ENODEV; 1981 filp->f_flags = saved_flags; 1982 1983 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1984 !capable(CAP_SYS_ADMIN)) 1985 retval = -EBUSY; 1986 1987 if (retval) { 1988 #ifdef TTY_DEBUG_HANGUP 1989 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__, 1990 retval, tty->name); 1991 #endif 1992 tty_unlock(tty); /* need to call tty_release without BTM */ 1993 tty_release(inode, filp); 1994 if (retval != -ERESTARTSYS) 1995 return retval; 1996 1997 if (signal_pending(current)) 1998 return retval; 1999 2000 schedule(); 2001 /* 2002 * Need to reset f_op in case a hangup happened. 2003 */ 2004 if (filp->f_op == &hung_up_tty_fops) 2005 filp->f_op = &tty_fops; 2006 goto retry_open; 2007 } 2008 tty_unlock(tty); 2009 2010 2011 mutex_lock(&tty_mutex); 2012 tty_lock(tty); 2013 spin_lock_irq(¤t->sighand->siglock); 2014 if (!noctty && 2015 current->signal->leader && 2016 !current->signal->tty && 2017 tty->session == NULL) 2018 __proc_set_tty(current, tty); 2019 spin_unlock_irq(¤t->sighand->siglock); 2020 tty_unlock(tty); 2021 mutex_unlock(&tty_mutex); 2022 return 0; 2023 err_unlock: 2024 mutex_unlock(&tty_mutex); 2025 /* after locks to avoid deadlock */ 2026 if (!IS_ERR_OR_NULL(driver)) 2027 tty_driver_kref_put(driver); 2028 err_file: 2029 tty_free_file(filp); 2030 return retval; 2031 } 2032 2033 2034 2035 /** 2036 * tty_poll - check tty status 2037 * @filp: file being polled 2038 * @wait: poll wait structures to update 2039 * 2040 * Call the line discipline polling method to obtain the poll 2041 * status of the device. 2042 * 2043 * Locking: locks called line discipline but ldisc poll method 2044 * may be re-entered freely by other callers. 2045 */ 2046 2047 static unsigned int tty_poll(struct file *filp, poll_table *wait) 2048 { 2049 struct tty_struct *tty = file_tty(filp); 2050 struct tty_ldisc *ld; 2051 int ret = 0; 2052 2053 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 2054 return 0; 2055 2056 ld = tty_ldisc_ref_wait(tty); 2057 if (ld->ops->poll) 2058 ret = (ld->ops->poll)(tty, filp, wait); 2059 tty_ldisc_deref(ld); 2060 return ret; 2061 } 2062 2063 static int __tty_fasync(int fd, struct file *filp, int on) 2064 { 2065 struct tty_struct *tty = file_tty(filp); 2066 unsigned long flags; 2067 int retval = 0; 2068 2069 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 2070 goto out; 2071 2072 retval = fasync_helper(fd, filp, on, &tty->fasync); 2073 if (retval <= 0) 2074 goto out; 2075 2076 if (on) { 2077 enum pid_type type; 2078 struct pid *pid; 2079 if (!waitqueue_active(&tty->read_wait)) 2080 tty->minimum_to_wake = 1; 2081 spin_lock_irqsave(&tty->ctrl_lock, flags); 2082 if (tty->pgrp) { 2083 pid = tty->pgrp; 2084 type = PIDTYPE_PGID; 2085 } else { 2086 pid = task_pid(current); 2087 type = PIDTYPE_PID; 2088 } 2089 get_pid(pid); 2090 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2091 retval = __f_setown(filp, pid, type, 0); 2092 put_pid(pid); 2093 if (retval) 2094 goto out; 2095 } else { 2096 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2097 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2098 } 2099 retval = 0; 2100 out: 2101 return retval; 2102 } 2103 2104 static int tty_fasync(int fd, struct file *filp, int on) 2105 { 2106 struct tty_struct *tty = file_tty(filp); 2107 int retval; 2108 2109 tty_lock(tty); 2110 retval = __tty_fasync(fd, filp, on); 2111 tty_unlock(tty); 2112 2113 return retval; 2114 } 2115 2116 /** 2117 * tiocsti - fake input character 2118 * @tty: tty to fake input into 2119 * @p: pointer to character 2120 * 2121 * Fake input to a tty device. Does the necessary locking and 2122 * input management. 2123 * 2124 * FIXME: does not honour flow control ?? 2125 * 2126 * Locking: 2127 * Called functions take tty_ldisc_lock 2128 * current->signal->tty check is safe without locks 2129 * 2130 * FIXME: may race normal receive processing 2131 */ 2132 2133 static int tiocsti(struct tty_struct *tty, char __user *p) 2134 { 2135 char ch, mbz = 0; 2136 struct tty_ldisc *ld; 2137 2138 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2139 return -EPERM; 2140 if (get_user(ch, p)) 2141 return -EFAULT; 2142 tty_audit_tiocsti(tty, ch); 2143 ld = tty_ldisc_ref_wait(tty); 2144 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2145 tty_ldisc_deref(ld); 2146 return 0; 2147 } 2148 2149 /** 2150 * tiocgwinsz - implement window query ioctl 2151 * @tty; tty 2152 * @arg: user buffer for result 2153 * 2154 * Copies the kernel idea of the window size into the user buffer. 2155 * 2156 * Locking: tty->termios_mutex is taken to ensure the winsize data 2157 * is consistent. 2158 */ 2159 2160 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2161 { 2162 int err; 2163 2164 mutex_lock(&tty->termios_mutex); 2165 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2166 mutex_unlock(&tty->termios_mutex); 2167 2168 return err ? -EFAULT: 0; 2169 } 2170 2171 /** 2172 * tty_do_resize - resize event 2173 * @tty: tty being resized 2174 * @rows: rows (character) 2175 * @cols: cols (character) 2176 * 2177 * Update the termios variables and send the necessary signals to 2178 * peform a terminal resize correctly 2179 */ 2180 2181 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2182 { 2183 struct pid *pgrp; 2184 unsigned long flags; 2185 2186 /* Lock the tty */ 2187 mutex_lock(&tty->termios_mutex); 2188 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2189 goto done; 2190 /* Get the PID values and reference them so we can 2191 avoid holding the tty ctrl lock while sending signals */ 2192 spin_lock_irqsave(&tty->ctrl_lock, flags); 2193 pgrp = get_pid(tty->pgrp); 2194 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2195 2196 if (pgrp) 2197 kill_pgrp(pgrp, SIGWINCH, 1); 2198 put_pid(pgrp); 2199 2200 tty->winsize = *ws; 2201 done: 2202 mutex_unlock(&tty->termios_mutex); 2203 return 0; 2204 } 2205 2206 /** 2207 * tiocswinsz - implement window size set ioctl 2208 * @tty; tty side of tty 2209 * @arg: user buffer for result 2210 * 2211 * Copies the user idea of the window size to the kernel. Traditionally 2212 * this is just advisory information but for the Linux console it 2213 * actually has driver level meaning and triggers a VC resize. 2214 * 2215 * Locking: 2216 * Driver dependent. The default do_resize method takes the 2217 * tty termios mutex and ctrl_lock. The console takes its own lock 2218 * then calls into the default method. 2219 */ 2220 2221 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2222 { 2223 struct winsize tmp_ws; 2224 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2225 return -EFAULT; 2226 2227 if (tty->ops->resize) 2228 return tty->ops->resize(tty, &tmp_ws); 2229 else 2230 return tty_do_resize(tty, &tmp_ws); 2231 } 2232 2233 /** 2234 * tioccons - allow admin to move logical console 2235 * @file: the file to become console 2236 * 2237 * Allow the administrator to move the redirected console device 2238 * 2239 * Locking: uses redirect_lock to guard the redirect information 2240 */ 2241 2242 static int tioccons(struct file *file) 2243 { 2244 if (!capable(CAP_SYS_ADMIN)) 2245 return -EPERM; 2246 if (file->f_op->write == redirected_tty_write) { 2247 struct file *f; 2248 spin_lock(&redirect_lock); 2249 f = redirect; 2250 redirect = NULL; 2251 spin_unlock(&redirect_lock); 2252 if (f) 2253 fput(f); 2254 return 0; 2255 } 2256 spin_lock(&redirect_lock); 2257 if (redirect) { 2258 spin_unlock(&redirect_lock); 2259 return -EBUSY; 2260 } 2261 get_file(file); 2262 redirect = file; 2263 spin_unlock(&redirect_lock); 2264 return 0; 2265 } 2266 2267 /** 2268 * fionbio - non blocking ioctl 2269 * @file: file to set blocking value 2270 * @p: user parameter 2271 * 2272 * Historical tty interfaces had a blocking control ioctl before 2273 * the generic functionality existed. This piece of history is preserved 2274 * in the expected tty API of posix OS's. 2275 * 2276 * Locking: none, the open file handle ensures it won't go away. 2277 */ 2278 2279 static int fionbio(struct file *file, int __user *p) 2280 { 2281 int nonblock; 2282 2283 if (get_user(nonblock, p)) 2284 return -EFAULT; 2285 2286 spin_lock(&file->f_lock); 2287 if (nonblock) 2288 file->f_flags |= O_NONBLOCK; 2289 else 2290 file->f_flags &= ~O_NONBLOCK; 2291 spin_unlock(&file->f_lock); 2292 return 0; 2293 } 2294 2295 /** 2296 * tiocsctty - set controlling tty 2297 * @tty: tty structure 2298 * @arg: user argument 2299 * 2300 * This ioctl is used to manage job control. It permits a session 2301 * leader to set this tty as the controlling tty for the session. 2302 * 2303 * Locking: 2304 * Takes tty_mutex() to protect tty instance 2305 * Takes tasklist_lock internally to walk sessions 2306 * Takes ->siglock() when updating signal->tty 2307 */ 2308 2309 static int tiocsctty(struct tty_struct *tty, int arg) 2310 { 2311 int ret = 0; 2312 if (current->signal->leader && (task_session(current) == tty->session)) 2313 return ret; 2314 2315 mutex_lock(&tty_mutex); 2316 /* 2317 * The process must be a session leader and 2318 * not have a controlling tty already. 2319 */ 2320 if (!current->signal->leader || current->signal->tty) { 2321 ret = -EPERM; 2322 goto unlock; 2323 } 2324 2325 if (tty->session) { 2326 /* 2327 * This tty is already the controlling 2328 * tty for another session group! 2329 */ 2330 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2331 /* 2332 * Steal it away 2333 */ 2334 read_lock(&tasklist_lock); 2335 session_clear_tty(tty->session); 2336 read_unlock(&tasklist_lock); 2337 } else { 2338 ret = -EPERM; 2339 goto unlock; 2340 } 2341 } 2342 proc_set_tty(current, tty); 2343 unlock: 2344 mutex_unlock(&tty_mutex); 2345 return ret; 2346 } 2347 2348 /** 2349 * tty_get_pgrp - return a ref counted pgrp pid 2350 * @tty: tty to read 2351 * 2352 * Returns a refcounted instance of the pid struct for the process 2353 * group controlling the tty. 2354 */ 2355 2356 struct pid *tty_get_pgrp(struct tty_struct *tty) 2357 { 2358 unsigned long flags; 2359 struct pid *pgrp; 2360 2361 spin_lock_irqsave(&tty->ctrl_lock, flags); 2362 pgrp = get_pid(tty->pgrp); 2363 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2364 2365 return pgrp; 2366 } 2367 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2368 2369 /** 2370 * tiocgpgrp - get process group 2371 * @tty: tty passed by user 2372 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2373 * @p: returned pid 2374 * 2375 * Obtain the process group of the tty. If there is no process group 2376 * return an error. 2377 * 2378 * Locking: none. Reference to current->signal->tty is safe. 2379 */ 2380 2381 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2382 { 2383 struct pid *pid; 2384 int ret; 2385 /* 2386 * (tty == real_tty) is a cheap way of 2387 * testing if the tty is NOT a master pty. 2388 */ 2389 if (tty == real_tty && current->signal->tty != real_tty) 2390 return -ENOTTY; 2391 pid = tty_get_pgrp(real_tty); 2392 ret = put_user(pid_vnr(pid), p); 2393 put_pid(pid); 2394 return ret; 2395 } 2396 2397 /** 2398 * tiocspgrp - attempt to set process group 2399 * @tty: tty passed by user 2400 * @real_tty: tty side device matching tty passed by user 2401 * @p: pid pointer 2402 * 2403 * Set the process group of the tty to the session passed. Only 2404 * permitted where the tty session is our session. 2405 * 2406 * Locking: RCU, ctrl lock 2407 */ 2408 2409 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2410 { 2411 struct pid *pgrp; 2412 pid_t pgrp_nr; 2413 int retval = tty_check_change(real_tty); 2414 unsigned long flags; 2415 2416 if (retval == -EIO) 2417 return -ENOTTY; 2418 if (retval) 2419 return retval; 2420 if (!current->signal->tty || 2421 (current->signal->tty != real_tty) || 2422 (real_tty->session != task_session(current))) 2423 return -ENOTTY; 2424 if (get_user(pgrp_nr, p)) 2425 return -EFAULT; 2426 if (pgrp_nr < 0) 2427 return -EINVAL; 2428 rcu_read_lock(); 2429 pgrp = find_vpid(pgrp_nr); 2430 retval = -ESRCH; 2431 if (!pgrp) 2432 goto out_unlock; 2433 retval = -EPERM; 2434 if (session_of_pgrp(pgrp) != task_session(current)) 2435 goto out_unlock; 2436 retval = 0; 2437 spin_lock_irqsave(&tty->ctrl_lock, flags); 2438 put_pid(real_tty->pgrp); 2439 real_tty->pgrp = get_pid(pgrp); 2440 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2441 out_unlock: 2442 rcu_read_unlock(); 2443 return retval; 2444 } 2445 2446 /** 2447 * tiocgsid - get session id 2448 * @tty: tty passed by user 2449 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2450 * @p: pointer to returned session id 2451 * 2452 * Obtain the session id of the tty. If there is no session 2453 * return an error. 2454 * 2455 * Locking: none. Reference to current->signal->tty is safe. 2456 */ 2457 2458 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2459 { 2460 /* 2461 * (tty == real_tty) is a cheap way of 2462 * testing if the tty is NOT a master pty. 2463 */ 2464 if (tty == real_tty && current->signal->tty != real_tty) 2465 return -ENOTTY; 2466 if (!real_tty->session) 2467 return -ENOTTY; 2468 return put_user(pid_vnr(real_tty->session), p); 2469 } 2470 2471 /** 2472 * tiocsetd - set line discipline 2473 * @tty: tty device 2474 * @p: pointer to user data 2475 * 2476 * Set the line discipline according to user request. 2477 * 2478 * Locking: see tty_set_ldisc, this function is just a helper 2479 */ 2480 2481 static int tiocsetd(struct tty_struct *tty, int __user *p) 2482 { 2483 int ldisc; 2484 int ret; 2485 2486 if (get_user(ldisc, p)) 2487 return -EFAULT; 2488 2489 ret = tty_set_ldisc(tty, ldisc); 2490 2491 return ret; 2492 } 2493 2494 /** 2495 * send_break - performed time break 2496 * @tty: device to break on 2497 * @duration: timeout in mS 2498 * 2499 * Perform a timed break on hardware that lacks its own driver level 2500 * timed break functionality. 2501 * 2502 * Locking: 2503 * atomic_write_lock serializes 2504 * 2505 */ 2506 2507 static int send_break(struct tty_struct *tty, unsigned int duration) 2508 { 2509 int retval; 2510 2511 if (tty->ops->break_ctl == NULL) 2512 return 0; 2513 2514 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2515 retval = tty->ops->break_ctl(tty, duration); 2516 else { 2517 /* Do the work ourselves */ 2518 if (tty_write_lock(tty, 0) < 0) 2519 return -EINTR; 2520 retval = tty->ops->break_ctl(tty, -1); 2521 if (retval) 2522 goto out; 2523 if (!signal_pending(current)) 2524 msleep_interruptible(duration); 2525 retval = tty->ops->break_ctl(tty, 0); 2526 out: 2527 tty_write_unlock(tty); 2528 if (signal_pending(current)) 2529 retval = -EINTR; 2530 } 2531 return retval; 2532 } 2533 2534 /** 2535 * tty_tiocmget - get modem status 2536 * @tty: tty device 2537 * @file: user file pointer 2538 * @p: pointer to result 2539 * 2540 * Obtain the modem status bits from the tty driver if the feature 2541 * is supported. Return -EINVAL if it is not available. 2542 * 2543 * Locking: none (up to the driver) 2544 */ 2545 2546 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2547 { 2548 int retval = -EINVAL; 2549 2550 if (tty->ops->tiocmget) { 2551 retval = tty->ops->tiocmget(tty); 2552 2553 if (retval >= 0) 2554 retval = put_user(retval, p); 2555 } 2556 return retval; 2557 } 2558 2559 /** 2560 * tty_tiocmset - set modem status 2561 * @tty: tty device 2562 * @cmd: command - clear bits, set bits or set all 2563 * @p: pointer to desired bits 2564 * 2565 * Set the modem status bits from the tty driver if the feature 2566 * is supported. Return -EINVAL if it is not available. 2567 * 2568 * Locking: none (up to the driver) 2569 */ 2570 2571 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2572 unsigned __user *p) 2573 { 2574 int retval; 2575 unsigned int set, clear, val; 2576 2577 if (tty->ops->tiocmset == NULL) 2578 return -EINVAL; 2579 2580 retval = get_user(val, p); 2581 if (retval) 2582 return retval; 2583 set = clear = 0; 2584 switch (cmd) { 2585 case TIOCMBIS: 2586 set = val; 2587 break; 2588 case TIOCMBIC: 2589 clear = val; 2590 break; 2591 case TIOCMSET: 2592 set = val; 2593 clear = ~val; 2594 break; 2595 } 2596 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2597 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2598 return tty->ops->tiocmset(tty, set, clear); 2599 } 2600 2601 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2602 { 2603 int retval = -EINVAL; 2604 struct serial_icounter_struct icount; 2605 memset(&icount, 0, sizeof(icount)); 2606 if (tty->ops->get_icount) 2607 retval = tty->ops->get_icount(tty, &icount); 2608 if (retval != 0) 2609 return retval; 2610 if (copy_to_user(arg, &icount, sizeof(icount))) 2611 return -EFAULT; 2612 return 0; 2613 } 2614 2615 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2616 { 2617 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2618 tty->driver->subtype == PTY_TYPE_MASTER) 2619 tty = tty->link; 2620 return tty; 2621 } 2622 EXPORT_SYMBOL(tty_pair_get_tty); 2623 2624 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2625 { 2626 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2627 tty->driver->subtype == PTY_TYPE_MASTER) 2628 return tty; 2629 return tty->link; 2630 } 2631 EXPORT_SYMBOL(tty_pair_get_pty); 2632 2633 /* 2634 * Split this up, as gcc can choke on it otherwise.. 2635 */ 2636 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2637 { 2638 struct tty_struct *tty = file_tty(file); 2639 struct tty_struct *real_tty; 2640 void __user *p = (void __user *)arg; 2641 int retval; 2642 struct tty_ldisc *ld; 2643 struct inode *inode = file->f_dentry->d_inode; 2644 2645 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2646 return -EINVAL; 2647 2648 real_tty = tty_pair_get_tty(tty); 2649 2650 /* 2651 * Factor out some common prep work 2652 */ 2653 switch (cmd) { 2654 case TIOCSETD: 2655 case TIOCSBRK: 2656 case TIOCCBRK: 2657 case TCSBRK: 2658 case TCSBRKP: 2659 retval = tty_check_change(tty); 2660 if (retval) 2661 return retval; 2662 if (cmd != TIOCCBRK) { 2663 tty_wait_until_sent(tty, 0); 2664 if (signal_pending(current)) 2665 return -EINTR; 2666 } 2667 break; 2668 } 2669 2670 /* 2671 * Now do the stuff. 2672 */ 2673 switch (cmd) { 2674 case TIOCSTI: 2675 return tiocsti(tty, p); 2676 case TIOCGWINSZ: 2677 return tiocgwinsz(real_tty, p); 2678 case TIOCSWINSZ: 2679 return tiocswinsz(real_tty, p); 2680 case TIOCCONS: 2681 return real_tty != tty ? -EINVAL : tioccons(file); 2682 case FIONBIO: 2683 return fionbio(file, p); 2684 case TIOCEXCL: 2685 set_bit(TTY_EXCLUSIVE, &tty->flags); 2686 return 0; 2687 case TIOCNXCL: 2688 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2689 return 0; 2690 case TIOCNOTTY: 2691 if (current->signal->tty != tty) 2692 return -ENOTTY; 2693 no_tty(); 2694 return 0; 2695 case TIOCSCTTY: 2696 return tiocsctty(tty, arg); 2697 case TIOCGPGRP: 2698 return tiocgpgrp(tty, real_tty, p); 2699 case TIOCSPGRP: 2700 return tiocspgrp(tty, real_tty, p); 2701 case TIOCGSID: 2702 return tiocgsid(tty, real_tty, p); 2703 case TIOCGETD: 2704 return put_user(tty->ldisc->ops->num, (int __user *)p); 2705 case TIOCSETD: 2706 return tiocsetd(tty, p); 2707 case TIOCVHANGUP: 2708 if (!capable(CAP_SYS_ADMIN)) 2709 return -EPERM; 2710 tty_vhangup(tty); 2711 return 0; 2712 case TIOCGDEV: 2713 { 2714 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2715 return put_user(ret, (unsigned int __user *)p); 2716 } 2717 /* 2718 * Break handling 2719 */ 2720 case TIOCSBRK: /* Turn break on, unconditionally */ 2721 if (tty->ops->break_ctl) 2722 return tty->ops->break_ctl(tty, -1); 2723 return 0; 2724 case TIOCCBRK: /* Turn break off, unconditionally */ 2725 if (tty->ops->break_ctl) 2726 return tty->ops->break_ctl(tty, 0); 2727 return 0; 2728 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2729 /* non-zero arg means wait for all output data 2730 * to be sent (performed above) but don't send break. 2731 * This is used by the tcdrain() termios function. 2732 */ 2733 if (!arg) 2734 return send_break(tty, 250); 2735 return 0; 2736 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2737 return send_break(tty, arg ? arg*100 : 250); 2738 2739 case TIOCMGET: 2740 return tty_tiocmget(tty, p); 2741 case TIOCMSET: 2742 case TIOCMBIC: 2743 case TIOCMBIS: 2744 return tty_tiocmset(tty, cmd, p); 2745 case TIOCGICOUNT: 2746 retval = tty_tiocgicount(tty, p); 2747 /* For the moment allow fall through to the old method */ 2748 if (retval != -EINVAL) 2749 return retval; 2750 break; 2751 case TCFLSH: 2752 switch (arg) { 2753 case TCIFLUSH: 2754 case TCIOFLUSH: 2755 /* flush tty buffer and allow ldisc to process ioctl */ 2756 tty_buffer_flush(tty); 2757 break; 2758 } 2759 break; 2760 } 2761 if (tty->ops->ioctl) { 2762 retval = (tty->ops->ioctl)(tty, cmd, arg); 2763 if (retval != -ENOIOCTLCMD) 2764 return retval; 2765 } 2766 ld = tty_ldisc_ref_wait(tty); 2767 retval = -EINVAL; 2768 if (ld->ops->ioctl) { 2769 retval = ld->ops->ioctl(tty, file, cmd, arg); 2770 if (retval == -ENOIOCTLCMD) 2771 retval = -EINVAL; 2772 } 2773 tty_ldisc_deref(ld); 2774 return retval; 2775 } 2776 2777 #ifdef CONFIG_COMPAT 2778 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2779 unsigned long arg) 2780 { 2781 struct inode *inode = file->f_dentry->d_inode; 2782 struct tty_struct *tty = file_tty(file); 2783 struct tty_ldisc *ld; 2784 int retval = -ENOIOCTLCMD; 2785 2786 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2787 return -EINVAL; 2788 2789 if (tty->ops->compat_ioctl) { 2790 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2791 if (retval != -ENOIOCTLCMD) 2792 return retval; 2793 } 2794 2795 ld = tty_ldisc_ref_wait(tty); 2796 if (ld->ops->compat_ioctl) 2797 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2798 else 2799 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 2800 tty_ldisc_deref(ld); 2801 2802 return retval; 2803 } 2804 #endif 2805 2806 /* 2807 * This implements the "Secure Attention Key" --- the idea is to 2808 * prevent trojan horses by killing all processes associated with this 2809 * tty when the user hits the "Secure Attention Key". Required for 2810 * super-paranoid applications --- see the Orange Book for more details. 2811 * 2812 * This code could be nicer; ideally it should send a HUP, wait a few 2813 * seconds, then send a INT, and then a KILL signal. But you then 2814 * have to coordinate with the init process, since all processes associated 2815 * with the current tty must be dead before the new getty is allowed 2816 * to spawn. 2817 * 2818 * Now, if it would be correct ;-/ The current code has a nasty hole - 2819 * it doesn't catch files in flight. We may send the descriptor to ourselves 2820 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2821 * 2822 * Nasty bug: do_SAK is being called in interrupt context. This can 2823 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2824 */ 2825 void __do_SAK(struct tty_struct *tty) 2826 { 2827 #ifdef TTY_SOFT_SAK 2828 tty_hangup(tty); 2829 #else 2830 struct task_struct *g, *p; 2831 struct pid *session; 2832 int i; 2833 struct file *filp; 2834 struct fdtable *fdt; 2835 2836 if (!tty) 2837 return; 2838 session = tty->session; 2839 2840 tty_ldisc_flush(tty); 2841 2842 tty_driver_flush_buffer(tty); 2843 2844 read_lock(&tasklist_lock); 2845 /* Kill the entire session */ 2846 do_each_pid_task(session, PIDTYPE_SID, p) { 2847 printk(KERN_NOTICE "SAK: killed process %d" 2848 " (%s): task_session(p)==tty->session\n", 2849 task_pid_nr(p), p->comm); 2850 send_sig(SIGKILL, p, 1); 2851 } while_each_pid_task(session, PIDTYPE_SID, p); 2852 /* Now kill any processes that happen to have the 2853 * tty open. 2854 */ 2855 do_each_thread(g, p) { 2856 if (p->signal->tty == tty) { 2857 printk(KERN_NOTICE "SAK: killed process %d" 2858 " (%s): task_session(p)==tty->session\n", 2859 task_pid_nr(p), p->comm); 2860 send_sig(SIGKILL, p, 1); 2861 continue; 2862 } 2863 task_lock(p); 2864 if (p->files) { 2865 /* 2866 * We don't take a ref to the file, so we must 2867 * hold ->file_lock instead. 2868 */ 2869 spin_lock(&p->files->file_lock); 2870 fdt = files_fdtable(p->files); 2871 for (i = 0; i < fdt->max_fds; i++) { 2872 filp = fcheck_files(p->files, i); 2873 if (!filp) 2874 continue; 2875 if (filp->f_op->read == tty_read && 2876 file_tty(filp) == tty) { 2877 printk(KERN_NOTICE "SAK: killed process %d" 2878 " (%s): fd#%d opened to the tty\n", 2879 task_pid_nr(p), p->comm, i); 2880 force_sig(SIGKILL, p); 2881 break; 2882 } 2883 } 2884 spin_unlock(&p->files->file_lock); 2885 } 2886 task_unlock(p); 2887 } while_each_thread(g, p); 2888 read_unlock(&tasklist_lock); 2889 #endif 2890 } 2891 2892 static void do_SAK_work(struct work_struct *work) 2893 { 2894 struct tty_struct *tty = 2895 container_of(work, struct tty_struct, SAK_work); 2896 __do_SAK(tty); 2897 } 2898 2899 /* 2900 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2901 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2902 * the values which we write to it will be identical to the values which it 2903 * already has. --akpm 2904 */ 2905 void do_SAK(struct tty_struct *tty) 2906 { 2907 if (!tty) 2908 return; 2909 schedule_work(&tty->SAK_work); 2910 } 2911 2912 EXPORT_SYMBOL(do_SAK); 2913 2914 static int dev_match_devt(struct device *dev, void *data) 2915 { 2916 dev_t *devt = data; 2917 return dev->devt == *devt; 2918 } 2919 2920 /* Must put_device() after it's unused! */ 2921 static struct device *tty_get_device(struct tty_struct *tty) 2922 { 2923 dev_t devt = tty_devnum(tty); 2924 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2925 } 2926 2927 2928 /** 2929 * initialize_tty_struct 2930 * @tty: tty to initialize 2931 * 2932 * This subroutine initializes a tty structure that has been newly 2933 * allocated. 2934 * 2935 * Locking: none - tty in question must not be exposed at this point 2936 */ 2937 2938 void initialize_tty_struct(struct tty_struct *tty, 2939 struct tty_driver *driver, int idx) 2940 { 2941 memset(tty, 0, sizeof(struct tty_struct)); 2942 kref_init(&tty->kref); 2943 tty->magic = TTY_MAGIC; 2944 tty_ldisc_init(tty); 2945 tty->session = NULL; 2946 tty->pgrp = NULL; 2947 tty->overrun_time = jiffies; 2948 tty_buffer_init(tty); 2949 mutex_init(&tty->legacy_mutex); 2950 mutex_init(&tty->termios_mutex); 2951 mutex_init(&tty->ldisc_mutex); 2952 init_waitqueue_head(&tty->write_wait); 2953 init_waitqueue_head(&tty->read_wait); 2954 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2955 mutex_init(&tty->atomic_read_lock); 2956 mutex_init(&tty->atomic_write_lock); 2957 mutex_init(&tty->output_lock); 2958 mutex_init(&tty->echo_lock); 2959 spin_lock_init(&tty->read_lock); 2960 spin_lock_init(&tty->ctrl_lock); 2961 INIT_LIST_HEAD(&tty->tty_files); 2962 INIT_WORK(&tty->SAK_work, do_SAK_work); 2963 2964 tty->driver = driver; 2965 tty->ops = driver->ops; 2966 tty->index = idx; 2967 tty_line_name(driver, idx, tty->name); 2968 tty->dev = tty_get_device(tty); 2969 } 2970 2971 /** 2972 * deinitialize_tty_struct 2973 * @tty: tty to deinitialize 2974 * 2975 * This subroutine deinitializes a tty structure that has been newly 2976 * allocated but tty_release cannot be called on that yet. 2977 * 2978 * Locking: none - tty in question must not be exposed at this point 2979 */ 2980 void deinitialize_tty_struct(struct tty_struct *tty) 2981 { 2982 tty_ldisc_deinit(tty); 2983 } 2984 2985 /** 2986 * tty_put_char - write one character to a tty 2987 * @tty: tty 2988 * @ch: character 2989 * 2990 * Write one byte to the tty using the provided put_char method 2991 * if present. Returns the number of characters successfully output. 2992 * 2993 * Note: the specific put_char operation in the driver layer may go 2994 * away soon. Don't call it directly, use this method 2995 */ 2996 2997 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2998 { 2999 if (tty->ops->put_char) 3000 return tty->ops->put_char(tty, ch); 3001 return tty->ops->write(tty, &ch, 1); 3002 } 3003 EXPORT_SYMBOL_GPL(tty_put_char); 3004 3005 struct class *tty_class; 3006 3007 /** 3008 * tty_register_device - register a tty device 3009 * @driver: the tty driver that describes the tty device 3010 * @index: the index in the tty driver for this tty device 3011 * @device: a struct device that is associated with this tty device. 3012 * This field is optional, if there is no known struct device 3013 * for this tty device it can be set to NULL safely. 3014 * 3015 * Returns a pointer to the struct device for this tty device 3016 * (or ERR_PTR(-EFOO) on error). 3017 * 3018 * This call is required to be made to register an individual tty device 3019 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3020 * that bit is not set, this function should not be called by a tty 3021 * driver. 3022 * 3023 * Locking: ?? 3024 */ 3025 3026 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3027 struct device *device) 3028 { 3029 char name[64]; 3030 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 3031 3032 if (index >= driver->num) { 3033 printk(KERN_ERR "Attempt to register invalid tty line number " 3034 " (%d).\n", index); 3035 return ERR_PTR(-EINVAL); 3036 } 3037 3038 if (driver->type == TTY_DRIVER_TYPE_PTY) 3039 pty_line_name(driver, index, name); 3040 else 3041 tty_line_name(driver, index, name); 3042 3043 return device_create(tty_class, device, dev, NULL, name); 3044 } 3045 EXPORT_SYMBOL(tty_register_device); 3046 3047 /** 3048 * tty_unregister_device - unregister a tty device 3049 * @driver: the tty driver that describes the tty device 3050 * @index: the index in the tty driver for this tty device 3051 * 3052 * If a tty device is registered with a call to tty_register_device() then 3053 * this function must be called when the tty device is gone. 3054 * 3055 * Locking: ?? 3056 */ 3057 3058 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3059 { 3060 device_destroy(tty_class, 3061 MKDEV(driver->major, driver->minor_start) + index); 3062 } 3063 EXPORT_SYMBOL(tty_unregister_device); 3064 3065 struct tty_driver *__alloc_tty_driver(int lines, struct module *owner) 3066 { 3067 struct tty_driver *driver; 3068 3069 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3070 if (driver) { 3071 kref_init(&driver->kref); 3072 driver->magic = TTY_DRIVER_MAGIC; 3073 driver->num = lines; 3074 driver->owner = owner; 3075 /* later we'll move allocation of tables here */ 3076 } 3077 return driver; 3078 } 3079 EXPORT_SYMBOL(__alloc_tty_driver); 3080 3081 static void destruct_tty_driver(struct kref *kref) 3082 { 3083 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3084 int i; 3085 struct ktermios *tp; 3086 void *p; 3087 3088 if (driver->flags & TTY_DRIVER_INSTALLED) { 3089 /* 3090 * Free the termios and termios_locked structures because 3091 * we don't want to get memory leaks when modular tty 3092 * drivers are removed from the kernel. 3093 */ 3094 for (i = 0; i < driver->num; i++) { 3095 tp = driver->termios[i]; 3096 if (tp) { 3097 driver->termios[i] = NULL; 3098 kfree(tp); 3099 } 3100 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3101 tty_unregister_device(driver, i); 3102 } 3103 p = driver->ttys; 3104 proc_tty_unregister_driver(driver); 3105 driver->ttys = NULL; 3106 driver->termios = NULL; 3107 kfree(p); 3108 cdev_del(&driver->cdev); 3109 } 3110 kfree(driver); 3111 } 3112 3113 void tty_driver_kref_put(struct tty_driver *driver) 3114 { 3115 kref_put(&driver->kref, destruct_tty_driver); 3116 } 3117 EXPORT_SYMBOL(tty_driver_kref_put); 3118 3119 void tty_set_operations(struct tty_driver *driver, 3120 const struct tty_operations *op) 3121 { 3122 driver->ops = op; 3123 }; 3124 EXPORT_SYMBOL(tty_set_operations); 3125 3126 void put_tty_driver(struct tty_driver *d) 3127 { 3128 tty_driver_kref_put(d); 3129 } 3130 EXPORT_SYMBOL(put_tty_driver); 3131 3132 /* 3133 * Called by a tty driver to register itself. 3134 */ 3135 int tty_register_driver(struct tty_driver *driver) 3136 { 3137 int error; 3138 int i; 3139 dev_t dev; 3140 void **p = NULL; 3141 struct device *d; 3142 3143 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3144 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3145 if (!p) 3146 return -ENOMEM; 3147 } 3148 3149 if (!driver->major) { 3150 error = alloc_chrdev_region(&dev, driver->minor_start, 3151 driver->num, driver->name); 3152 if (!error) { 3153 driver->major = MAJOR(dev); 3154 driver->minor_start = MINOR(dev); 3155 } 3156 } else { 3157 dev = MKDEV(driver->major, driver->minor_start); 3158 error = register_chrdev_region(dev, driver->num, driver->name); 3159 } 3160 if (error < 0) { 3161 kfree(p); 3162 return error; 3163 } 3164 3165 if (p) { 3166 driver->ttys = (struct tty_struct **)p; 3167 driver->termios = (struct ktermios **)(p + driver->num); 3168 } else { 3169 driver->ttys = NULL; 3170 driver->termios = NULL; 3171 } 3172 3173 cdev_init(&driver->cdev, &tty_fops); 3174 driver->cdev.owner = driver->owner; 3175 error = cdev_add(&driver->cdev, dev, driver->num); 3176 if (error) { 3177 unregister_chrdev_region(dev, driver->num); 3178 driver->ttys = NULL; 3179 driver->termios = NULL; 3180 kfree(p); 3181 return error; 3182 } 3183 3184 mutex_lock(&tty_mutex); 3185 list_add(&driver->tty_drivers, &tty_drivers); 3186 mutex_unlock(&tty_mutex); 3187 3188 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3189 for (i = 0; i < driver->num; i++) { 3190 d = tty_register_device(driver, i, NULL); 3191 if (IS_ERR(d)) { 3192 error = PTR_ERR(d); 3193 goto err; 3194 } 3195 } 3196 } 3197 proc_tty_register_driver(driver); 3198 driver->flags |= TTY_DRIVER_INSTALLED; 3199 return 0; 3200 3201 err: 3202 for (i--; i >= 0; i--) 3203 tty_unregister_device(driver, i); 3204 3205 mutex_lock(&tty_mutex); 3206 list_del(&driver->tty_drivers); 3207 mutex_unlock(&tty_mutex); 3208 3209 unregister_chrdev_region(dev, driver->num); 3210 driver->ttys = NULL; 3211 driver->termios = NULL; 3212 kfree(p); 3213 return error; 3214 } 3215 3216 EXPORT_SYMBOL(tty_register_driver); 3217 3218 /* 3219 * Called by a tty driver to unregister itself. 3220 */ 3221 int tty_unregister_driver(struct tty_driver *driver) 3222 { 3223 #if 0 3224 /* FIXME */ 3225 if (driver->refcount) 3226 return -EBUSY; 3227 #endif 3228 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3229 driver->num); 3230 mutex_lock(&tty_mutex); 3231 list_del(&driver->tty_drivers); 3232 mutex_unlock(&tty_mutex); 3233 return 0; 3234 } 3235 3236 EXPORT_SYMBOL(tty_unregister_driver); 3237 3238 dev_t tty_devnum(struct tty_struct *tty) 3239 { 3240 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3241 } 3242 EXPORT_SYMBOL(tty_devnum); 3243 3244 void proc_clear_tty(struct task_struct *p) 3245 { 3246 unsigned long flags; 3247 struct tty_struct *tty; 3248 spin_lock_irqsave(&p->sighand->siglock, flags); 3249 tty = p->signal->tty; 3250 p->signal->tty = NULL; 3251 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3252 tty_kref_put(tty); 3253 } 3254 3255 /* Called under the sighand lock */ 3256 3257 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3258 { 3259 if (tty) { 3260 unsigned long flags; 3261 /* We should not have a session or pgrp to put here but.... */ 3262 spin_lock_irqsave(&tty->ctrl_lock, flags); 3263 put_pid(tty->session); 3264 put_pid(tty->pgrp); 3265 tty->pgrp = get_pid(task_pgrp(tsk)); 3266 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3267 tty->session = get_pid(task_session(tsk)); 3268 if (tsk->signal->tty) { 3269 printk(KERN_DEBUG "tty not NULL!!\n"); 3270 tty_kref_put(tsk->signal->tty); 3271 } 3272 } 3273 put_pid(tsk->signal->tty_old_pgrp); 3274 tsk->signal->tty = tty_kref_get(tty); 3275 tsk->signal->tty_old_pgrp = NULL; 3276 } 3277 3278 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3279 { 3280 spin_lock_irq(&tsk->sighand->siglock); 3281 __proc_set_tty(tsk, tty); 3282 spin_unlock_irq(&tsk->sighand->siglock); 3283 } 3284 3285 struct tty_struct *get_current_tty(void) 3286 { 3287 struct tty_struct *tty; 3288 unsigned long flags; 3289 3290 spin_lock_irqsave(¤t->sighand->siglock, flags); 3291 tty = tty_kref_get(current->signal->tty); 3292 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3293 return tty; 3294 } 3295 EXPORT_SYMBOL_GPL(get_current_tty); 3296 3297 void tty_default_fops(struct file_operations *fops) 3298 { 3299 *fops = tty_fops; 3300 } 3301 3302 /* 3303 * Initialize the console device. This is called *early*, so 3304 * we can't necessarily depend on lots of kernel help here. 3305 * Just do some early initializations, and do the complex setup 3306 * later. 3307 */ 3308 void __init console_init(void) 3309 { 3310 initcall_t *call; 3311 3312 /* Setup the default TTY line discipline. */ 3313 tty_ldisc_begin(); 3314 3315 /* 3316 * set up the console device so that later boot sequences can 3317 * inform about problems etc.. 3318 */ 3319 call = __con_initcall_start; 3320 while (call < __con_initcall_end) { 3321 (*call)(); 3322 call++; 3323 } 3324 } 3325 3326 static char *tty_devnode(struct device *dev, umode_t *mode) 3327 { 3328 if (!mode) 3329 return NULL; 3330 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3331 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3332 *mode = 0666; 3333 return NULL; 3334 } 3335 3336 static int __init tty_class_init(void) 3337 { 3338 tty_class = class_create(THIS_MODULE, "tty"); 3339 if (IS_ERR(tty_class)) 3340 return PTR_ERR(tty_class); 3341 tty_class->devnode = tty_devnode; 3342 return 0; 3343 } 3344 3345 postcore_initcall(tty_class_init); 3346 3347 /* 3/2004 jmc: why do these devices exist? */ 3348 static struct cdev tty_cdev, console_cdev; 3349 3350 static ssize_t show_cons_active(struct device *dev, 3351 struct device_attribute *attr, char *buf) 3352 { 3353 struct console *cs[16]; 3354 int i = 0; 3355 struct console *c; 3356 ssize_t count = 0; 3357 3358 console_lock(); 3359 for_each_console(c) { 3360 if (!c->device) 3361 continue; 3362 if (!c->write) 3363 continue; 3364 if ((c->flags & CON_ENABLED) == 0) 3365 continue; 3366 cs[i++] = c; 3367 if (i >= ARRAY_SIZE(cs)) 3368 break; 3369 } 3370 while (i--) 3371 count += sprintf(buf + count, "%s%d%c", 3372 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3373 console_unlock(); 3374 3375 return count; 3376 } 3377 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3378 3379 static struct device *consdev; 3380 3381 void console_sysfs_notify(void) 3382 { 3383 if (consdev) 3384 sysfs_notify(&consdev->kobj, NULL, "active"); 3385 } 3386 3387 /* 3388 * Ok, now we can initialize the rest of the tty devices and can count 3389 * on memory allocations, interrupts etc.. 3390 */ 3391 int __init tty_init(void) 3392 { 3393 cdev_init(&tty_cdev, &tty_fops); 3394 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3395 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3396 panic("Couldn't register /dev/tty driver\n"); 3397 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3398 3399 cdev_init(&console_cdev, &console_fops); 3400 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3401 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3402 panic("Couldn't register /dev/console driver\n"); 3403 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3404 "console"); 3405 if (IS_ERR(consdev)) 3406 consdev = NULL; 3407 else 3408 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3409 3410 #ifdef CONFIG_VT 3411 vty_init(&console_fops); 3412 #endif 3413 return 0; 3414 } 3415 3416