1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 #include <asm/system.h> 101 102 #include <linux/kbd_kern.h> 103 #include <linux/vt_kern.h> 104 #include <linux/selection.h> 105 106 #include <linux/kmod.h> 107 #include <linux/nsproxy.h> 108 109 #undef TTY_DEBUG_HANGUP 110 111 #define TTY_PARANOIA_CHECK 1 112 #define CHECK_TTY_COUNT 1 113 114 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 115 .c_iflag = ICRNL | IXON, 116 .c_oflag = OPOST | ONLCR, 117 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 118 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 119 ECHOCTL | ECHOKE | IEXTEN, 120 .c_cc = INIT_C_CC, 121 .c_ispeed = 38400, 122 .c_ospeed = 38400 123 }; 124 125 EXPORT_SYMBOL(tty_std_termios); 126 127 /* This list gets poked at by procfs and various bits of boot up code. This 128 could do with some rationalisation such as pulling the tty proc function 129 into this file */ 130 131 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 132 133 /* Mutex to protect creating and releasing a tty. This is shared with 134 vt.c for deeply disgusting hack reasons */ 135 DEFINE_MUTEX(tty_mutex); 136 EXPORT_SYMBOL(tty_mutex); 137 138 /* Spinlock to protect the tty->tty_files list */ 139 DEFINE_SPINLOCK(tty_files_lock); 140 141 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 142 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 143 ssize_t redirected_tty_write(struct file *, const char __user *, 144 size_t, loff_t *); 145 static unsigned int tty_poll(struct file *, poll_table *); 146 static int tty_open(struct inode *, struct file *); 147 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 148 #ifdef CONFIG_COMPAT 149 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 150 unsigned long arg); 151 #else 152 #define tty_compat_ioctl NULL 153 #endif 154 static int __tty_fasync(int fd, struct file *filp, int on); 155 static int tty_fasync(int fd, struct file *filp, int on); 156 static void release_tty(struct tty_struct *tty, int idx); 157 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 159 160 /** 161 * alloc_tty_struct - allocate a tty object 162 * 163 * Return a new empty tty structure. The data fields have not 164 * been initialized in any way but has been zeroed 165 * 166 * Locking: none 167 */ 168 169 struct tty_struct *alloc_tty_struct(void) 170 { 171 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 172 } 173 174 /** 175 * free_tty_struct - free a disused tty 176 * @tty: tty struct to free 177 * 178 * Free the write buffers, tty queue and tty memory itself. 179 * 180 * Locking: none. Must be called after tty is definitely unused 181 */ 182 183 void free_tty_struct(struct tty_struct *tty) 184 { 185 if (tty->dev) 186 put_device(tty->dev); 187 kfree(tty->write_buf); 188 tty_buffer_free_all(tty); 189 kfree(tty); 190 } 191 192 static inline struct tty_struct *file_tty(struct file *file) 193 { 194 return ((struct tty_file_private *)file->private_data)->tty; 195 } 196 197 int tty_alloc_file(struct file *file) 198 { 199 struct tty_file_private *priv; 200 201 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 202 if (!priv) 203 return -ENOMEM; 204 205 file->private_data = priv; 206 207 return 0; 208 } 209 210 /* Associate a new file with the tty structure */ 211 void tty_add_file(struct tty_struct *tty, struct file *file) 212 { 213 struct tty_file_private *priv = file->private_data; 214 215 priv->tty = tty; 216 priv->file = file; 217 218 spin_lock(&tty_files_lock); 219 list_add(&priv->list, &tty->tty_files); 220 spin_unlock(&tty_files_lock); 221 } 222 223 /** 224 * tty_free_file - free file->private_data 225 * 226 * This shall be used only for fail path handling when tty_add_file was not 227 * called yet. 228 */ 229 void tty_free_file(struct file *file) 230 { 231 struct tty_file_private *priv = file->private_data; 232 233 file->private_data = NULL; 234 kfree(priv); 235 } 236 237 /* Delete file from its tty */ 238 void tty_del_file(struct file *file) 239 { 240 struct tty_file_private *priv = file->private_data; 241 242 spin_lock(&tty_files_lock); 243 list_del(&priv->list); 244 spin_unlock(&tty_files_lock); 245 tty_free_file(file); 246 } 247 248 249 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 250 251 /** 252 * tty_name - return tty naming 253 * @tty: tty structure 254 * @buf: buffer for output 255 * 256 * Convert a tty structure into a name. The name reflects the kernel 257 * naming policy and if udev is in use may not reflect user space 258 * 259 * Locking: none 260 */ 261 262 char *tty_name(struct tty_struct *tty, char *buf) 263 { 264 if (!tty) /* Hmm. NULL pointer. That's fun. */ 265 strcpy(buf, "NULL tty"); 266 else 267 strcpy(buf, tty->name); 268 return buf; 269 } 270 271 EXPORT_SYMBOL(tty_name); 272 273 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 274 const char *routine) 275 { 276 #ifdef TTY_PARANOIA_CHECK 277 if (!tty) { 278 printk(KERN_WARNING 279 "null TTY for (%d:%d) in %s\n", 280 imajor(inode), iminor(inode), routine); 281 return 1; 282 } 283 if (tty->magic != TTY_MAGIC) { 284 printk(KERN_WARNING 285 "bad magic number for tty struct (%d:%d) in %s\n", 286 imajor(inode), iminor(inode), routine); 287 return 1; 288 } 289 #endif 290 return 0; 291 } 292 293 static int check_tty_count(struct tty_struct *tty, const char *routine) 294 { 295 #ifdef CHECK_TTY_COUNT 296 struct list_head *p; 297 int count = 0; 298 299 spin_lock(&tty_files_lock); 300 list_for_each(p, &tty->tty_files) { 301 count++; 302 } 303 spin_unlock(&tty_files_lock); 304 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 305 tty->driver->subtype == PTY_TYPE_SLAVE && 306 tty->link && tty->link->count) 307 count++; 308 if (tty->count != count) { 309 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 310 "!= #fd's(%d) in %s\n", 311 tty->name, tty->count, count, routine); 312 return count; 313 } 314 #endif 315 return 0; 316 } 317 318 /** 319 * get_tty_driver - find device of a tty 320 * @dev_t: device identifier 321 * @index: returns the index of the tty 322 * 323 * This routine returns a tty driver structure, given a device number 324 * and also passes back the index number. 325 * 326 * Locking: caller must hold tty_mutex 327 */ 328 329 static struct tty_driver *get_tty_driver(dev_t device, int *index) 330 { 331 struct tty_driver *p; 332 333 list_for_each_entry(p, &tty_drivers, tty_drivers) { 334 dev_t base = MKDEV(p->major, p->minor_start); 335 if (device < base || device >= base + p->num) 336 continue; 337 *index = device - base; 338 return tty_driver_kref_get(p); 339 } 340 return NULL; 341 } 342 343 #ifdef CONFIG_CONSOLE_POLL 344 345 /** 346 * tty_find_polling_driver - find device of a polled tty 347 * @name: name string to match 348 * @line: pointer to resulting tty line nr 349 * 350 * This routine returns a tty driver structure, given a name 351 * and the condition that the tty driver is capable of polled 352 * operation. 353 */ 354 struct tty_driver *tty_find_polling_driver(char *name, int *line) 355 { 356 struct tty_driver *p, *res = NULL; 357 int tty_line = 0; 358 int len; 359 char *str, *stp; 360 361 for (str = name; *str; str++) 362 if ((*str >= '0' && *str <= '9') || *str == ',') 363 break; 364 if (!*str) 365 return NULL; 366 367 len = str - name; 368 tty_line = simple_strtoul(str, &str, 10); 369 370 mutex_lock(&tty_mutex); 371 /* Search through the tty devices to look for a match */ 372 list_for_each_entry(p, &tty_drivers, tty_drivers) { 373 if (strncmp(name, p->name, len) != 0) 374 continue; 375 stp = str; 376 if (*stp == ',') 377 stp++; 378 if (*stp == '\0') 379 stp = NULL; 380 381 if (tty_line >= 0 && tty_line < p->num && p->ops && 382 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 383 res = tty_driver_kref_get(p); 384 *line = tty_line; 385 break; 386 } 387 } 388 mutex_unlock(&tty_mutex); 389 390 return res; 391 } 392 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 393 #endif 394 395 /** 396 * tty_check_change - check for POSIX terminal changes 397 * @tty: tty to check 398 * 399 * If we try to write to, or set the state of, a terminal and we're 400 * not in the foreground, send a SIGTTOU. If the signal is blocked or 401 * ignored, go ahead and perform the operation. (POSIX 7.2) 402 * 403 * Locking: ctrl_lock 404 */ 405 406 int tty_check_change(struct tty_struct *tty) 407 { 408 unsigned long flags; 409 int ret = 0; 410 411 if (current->signal->tty != tty) 412 return 0; 413 414 spin_lock_irqsave(&tty->ctrl_lock, flags); 415 416 if (!tty->pgrp) { 417 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 418 goto out_unlock; 419 } 420 if (task_pgrp(current) == tty->pgrp) 421 goto out_unlock; 422 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 423 if (is_ignored(SIGTTOU)) 424 goto out; 425 if (is_current_pgrp_orphaned()) { 426 ret = -EIO; 427 goto out; 428 } 429 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 430 set_thread_flag(TIF_SIGPENDING); 431 ret = -ERESTARTSYS; 432 out: 433 return ret; 434 out_unlock: 435 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 436 return ret; 437 } 438 439 EXPORT_SYMBOL(tty_check_change); 440 441 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 442 size_t count, loff_t *ppos) 443 { 444 return 0; 445 } 446 447 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 448 size_t count, loff_t *ppos) 449 { 450 return -EIO; 451 } 452 453 /* No kernel lock held - none needed ;) */ 454 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 455 { 456 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 457 } 458 459 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 460 unsigned long arg) 461 { 462 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 463 } 464 465 static long hung_up_tty_compat_ioctl(struct file *file, 466 unsigned int cmd, unsigned long arg) 467 { 468 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 469 } 470 471 static const struct file_operations tty_fops = { 472 .llseek = no_llseek, 473 .read = tty_read, 474 .write = tty_write, 475 .poll = tty_poll, 476 .unlocked_ioctl = tty_ioctl, 477 .compat_ioctl = tty_compat_ioctl, 478 .open = tty_open, 479 .release = tty_release, 480 .fasync = tty_fasync, 481 }; 482 483 static const struct file_operations console_fops = { 484 .llseek = no_llseek, 485 .read = tty_read, 486 .write = redirected_tty_write, 487 .poll = tty_poll, 488 .unlocked_ioctl = tty_ioctl, 489 .compat_ioctl = tty_compat_ioctl, 490 .open = tty_open, 491 .release = tty_release, 492 .fasync = tty_fasync, 493 }; 494 495 static const struct file_operations hung_up_tty_fops = { 496 .llseek = no_llseek, 497 .read = hung_up_tty_read, 498 .write = hung_up_tty_write, 499 .poll = hung_up_tty_poll, 500 .unlocked_ioctl = hung_up_tty_ioctl, 501 .compat_ioctl = hung_up_tty_compat_ioctl, 502 .release = tty_release, 503 }; 504 505 static DEFINE_SPINLOCK(redirect_lock); 506 static struct file *redirect; 507 508 /** 509 * tty_wakeup - request more data 510 * @tty: terminal 511 * 512 * Internal and external helper for wakeups of tty. This function 513 * informs the line discipline if present that the driver is ready 514 * to receive more output data. 515 */ 516 517 void tty_wakeup(struct tty_struct *tty) 518 { 519 struct tty_ldisc *ld; 520 521 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 522 ld = tty_ldisc_ref(tty); 523 if (ld) { 524 if (ld->ops->write_wakeup) 525 ld->ops->write_wakeup(tty); 526 tty_ldisc_deref(ld); 527 } 528 } 529 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 530 } 531 532 EXPORT_SYMBOL_GPL(tty_wakeup); 533 534 /** 535 * __tty_hangup - actual handler for hangup events 536 * @work: tty device 537 * 538 * This can be called by the "eventd" kernel thread. That is process 539 * synchronous but doesn't hold any locks, so we need to make sure we 540 * have the appropriate locks for what we're doing. 541 * 542 * The hangup event clears any pending redirections onto the hung up 543 * device. It ensures future writes will error and it does the needed 544 * line discipline hangup and signal delivery. The tty object itself 545 * remains intact. 546 * 547 * Locking: 548 * BTM 549 * redirect lock for undoing redirection 550 * file list lock for manipulating list of ttys 551 * tty_ldisc_lock from called functions 552 * termios_mutex resetting termios data 553 * tasklist_lock to walk task list for hangup event 554 * ->siglock to protect ->signal/->sighand 555 */ 556 void __tty_hangup(struct tty_struct *tty) 557 { 558 struct file *cons_filp = NULL; 559 struct file *filp, *f = NULL; 560 struct task_struct *p; 561 struct tty_file_private *priv; 562 int closecount = 0, n; 563 unsigned long flags; 564 int refs = 0; 565 566 if (!tty) 567 return; 568 569 570 spin_lock(&redirect_lock); 571 if (redirect && file_tty(redirect) == tty) { 572 f = redirect; 573 redirect = NULL; 574 } 575 spin_unlock(&redirect_lock); 576 577 tty_lock(); 578 579 /* some functions below drop BTM, so we need this bit */ 580 set_bit(TTY_HUPPING, &tty->flags); 581 582 /* inuse_filps is protected by the single tty lock, 583 this really needs to change if we want to flush the 584 workqueue with the lock held */ 585 check_tty_count(tty, "tty_hangup"); 586 587 spin_lock(&tty_files_lock); 588 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 589 list_for_each_entry(priv, &tty->tty_files, list) { 590 filp = priv->file; 591 if (filp->f_op->write == redirected_tty_write) 592 cons_filp = filp; 593 if (filp->f_op->write != tty_write) 594 continue; 595 closecount++; 596 __tty_fasync(-1, filp, 0); /* can't block */ 597 filp->f_op = &hung_up_tty_fops; 598 } 599 spin_unlock(&tty_files_lock); 600 601 /* 602 * it drops BTM and thus races with reopen 603 * we protect the race by TTY_HUPPING 604 */ 605 tty_ldisc_hangup(tty); 606 607 read_lock(&tasklist_lock); 608 if (tty->session) { 609 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 610 spin_lock_irq(&p->sighand->siglock); 611 if (p->signal->tty == tty) { 612 p->signal->tty = NULL; 613 /* We defer the dereferences outside fo 614 the tasklist lock */ 615 refs++; 616 } 617 if (!p->signal->leader) { 618 spin_unlock_irq(&p->sighand->siglock); 619 continue; 620 } 621 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 622 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 623 put_pid(p->signal->tty_old_pgrp); /* A noop */ 624 spin_lock_irqsave(&tty->ctrl_lock, flags); 625 if (tty->pgrp) 626 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 627 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 628 spin_unlock_irq(&p->sighand->siglock); 629 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 630 } 631 read_unlock(&tasklist_lock); 632 633 spin_lock_irqsave(&tty->ctrl_lock, flags); 634 clear_bit(TTY_THROTTLED, &tty->flags); 635 clear_bit(TTY_PUSH, &tty->flags); 636 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 637 put_pid(tty->session); 638 put_pid(tty->pgrp); 639 tty->session = NULL; 640 tty->pgrp = NULL; 641 tty->ctrl_status = 0; 642 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 643 644 /* Account for the p->signal references we killed */ 645 while (refs--) 646 tty_kref_put(tty); 647 648 /* 649 * If one of the devices matches a console pointer, we 650 * cannot just call hangup() because that will cause 651 * tty->count and state->count to go out of sync. 652 * So we just call close() the right number of times. 653 */ 654 if (cons_filp) { 655 if (tty->ops->close) 656 for (n = 0; n < closecount; n++) 657 tty->ops->close(tty, cons_filp); 658 } else if (tty->ops->hangup) 659 (tty->ops->hangup)(tty); 660 /* 661 * We don't want to have driver/ldisc interactions beyond 662 * the ones we did here. The driver layer expects no 663 * calls after ->hangup() from the ldisc side. However we 664 * can't yet guarantee all that. 665 */ 666 set_bit(TTY_HUPPED, &tty->flags); 667 clear_bit(TTY_HUPPING, &tty->flags); 668 tty_ldisc_enable(tty); 669 670 tty_unlock(); 671 672 if (f) 673 fput(f); 674 } 675 676 static void do_tty_hangup(struct work_struct *work) 677 { 678 struct tty_struct *tty = 679 container_of(work, struct tty_struct, hangup_work); 680 681 __tty_hangup(tty); 682 } 683 684 /** 685 * tty_hangup - trigger a hangup event 686 * @tty: tty to hangup 687 * 688 * A carrier loss (virtual or otherwise) has occurred on this like 689 * schedule a hangup sequence to run after this event. 690 */ 691 692 void tty_hangup(struct tty_struct *tty) 693 { 694 #ifdef TTY_DEBUG_HANGUP 695 char buf[64]; 696 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 697 #endif 698 schedule_work(&tty->hangup_work); 699 } 700 701 EXPORT_SYMBOL(tty_hangup); 702 703 /** 704 * tty_vhangup - process vhangup 705 * @tty: tty to hangup 706 * 707 * The user has asked via system call for the terminal to be hung up. 708 * We do this synchronously so that when the syscall returns the process 709 * is complete. That guarantee is necessary for security reasons. 710 */ 711 712 void tty_vhangup(struct tty_struct *tty) 713 { 714 #ifdef TTY_DEBUG_HANGUP 715 char buf[64]; 716 717 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 718 #endif 719 __tty_hangup(tty); 720 } 721 722 EXPORT_SYMBOL(tty_vhangup); 723 724 725 /** 726 * tty_vhangup_self - process vhangup for own ctty 727 * 728 * Perform a vhangup on the current controlling tty 729 */ 730 731 void tty_vhangup_self(void) 732 { 733 struct tty_struct *tty; 734 735 tty = get_current_tty(); 736 if (tty) { 737 tty_vhangup(tty); 738 tty_kref_put(tty); 739 } 740 } 741 742 /** 743 * tty_hung_up_p - was tty hung up 744 * @filp: file pointer of tty 745 * 746 * Return true if the tty has been subject to a vhangup or a carrier 747 * loss 748 */ 749 750 int tty_hung_up_p(struct file *filp) 751 { 752 return (filp->f_op == &hung_up_tty_fops); 753 } 754 755 EXPORT_SYMBOL(tty_hung_up_p); 756 757 static void session_clear_tty(struct pid *session) 758 { 759 struct task_struct *p; 760 do_each_pid_task(session, PIDTYPE_SID, p) { 761 proc_clear_tty(p); 762 } while_each_pid_task(session, PIDTYPE_SID, p); 763 } 764 765 /** 766 * disassociate_ctty - disconnect controlling tty 767 * @on_exit: true if exiting so need to "hang up" the session 768 * 769 * This function is typically called only by the session leader, when 770 * it wants to disassociate itself from its controlling tty. 771 * 772 * It performs the following functions: 773 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 774 * (2) Clears the tty from being controlling the session 775 * (3) Clears the controlling tty for all processes in the 776 * session group. 777 * 778 * The argument on_exit is set to 1 if called when a process is 779 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 780 * 781 * Locking: 782 * BTM is taken for hysterical raisins, and held when 783 * called from no_tty(). 784 * tty_mutex is taken to protect tty 785 * ->siglock is taken to protect ->signal/->sighand 786 * tasklist_lock is taken to walk process list for sessions 787 * ->siglock is taken to protect ->signal/->sighand 788 */ 789 790 void disassociate_ctty(int on_exit) 791 { 792 struct tty_struct *tty; 793 struct pid *tty_pgrp = NULL; 794 795 if (!current->signal->leader) 796 return; 797 798 tty = get_current_tty(); 799 if (tty) { 800 tty_pgrp = get_pid(tty->pgrp); 801 if (on_exit) { 802 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 803 tty_vhangup(tty); 804 } 805 tty_kref_put(tty); 806 } else if (on_exit) { 807 struct pid *old_pgrp; 808 spin_lock_irq(¤t->sighand->siglock); 809 old_pgrp = current->signal->tty_old_pgrp; 810 current->signal->tty_old_pgrp = NULL; 811 spin_unlock_irq(¤t->sighand->siglock); 812 if (old_pgrp) { 813 kill_pgrp(old_pgrp, SIGHUP, on_exit); 814 kill_pgrp(old_pgrp, SIGCONT, on_exit); 815 put_pid(old_pgrp); 816 } 817 return; 818 } 819 if (tty_pgrp) { 820 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 821 if (!on_exit) 822 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 823 put_pid(tty_pgrp); 824 } 825 826 spin_lock_irq(¤t->sighand->siglock); 827 put_pid(current->signal->tty_old_pgrp); 828 current->signal->tty_old_pgrp = NULL; 829 spin_unlock_irq(¤t->sighand->siglock); 830 831 tty = get_current_tty(); 832 if (tty) { 833 unsigned long flags; 834 spin_lock_irqsave(&tty->ctrl_lock, flags); 835 put_pid(tty->session); 836 put_pid(tty->pgrp); 837 tty->session = NULL; 838 tty->pgrp = NULL; 839 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 840 tty_kref_put(tty); 841 } else { 842 #ifdef TTY_DEBUG_HANGUP 843 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 844 " = NULL", tty); 845 #endif 846 } 847 848 /* Now clear signal->tty under the lock */ 849 read_lock(&tasklist_lock); 850 session_clear_tty(task_session(current)); 851 read_unlock(&tasklist_lock); 852 } 853 854 /** 855 * 856 * no_tty - Ensure the current process does not have a controlling tty 857 */ 858 void no_tty(void) 859 { 860 struct task_struct *tsk = current; 861 tty_lock(); 862 disassociate_ctty(0); 863 tty_unlock(); 864 proc_clear_tty(tsk); 865 } 866 867 868 /** 869 * stop_tty - propagate flow control 870 * @tty: tty to stop 871 * 872 * Perform flow control to the driver. For PTY/TTY pairs we 873 * must also propagate the TIOCKPKT status. May be called 874 * on an already stopped device and will not re-call the driver 875 * method. 876 * 877 * This functionality is used by both the line disciplines for 878 * halting incoming flow and by the driver. It may therefore be 879 * called from any context, may be under the tty atomic_write_lock 880 * but not always. 881 * 882 * Locking: 883 * Uses the tty control lock internally 884 */ 885 886 void stop_tty(struct tty_struct *tty) 887 { 888 unsigned long flags; 889 spin_lock_irqsave(&tty->ctrl_lock, flags); 890 if (tty->stopped) { 891 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 892 return; 893 } 894 tty->stopped = 1; 895 if (tty->link && tty->link->packet) { 896 tty->ctrl_status &= ~TIOCPKT_START; 897 tty->ctrl_status |= TIOCPKT_STOP; 898 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 899 } 900 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 901 if (tty->ops->stop) 902 (tty->ops->stop)(tty); 903 } 904 905 EXPORT_SYMBOL(stop_tty); 906 907 /** 908 * start_tty - propagate flow control 909 * @tty: tty to start 910 * 911 * Start a tty that has been stopped if at all possible. Perform 912 * any necessary wakeups and propagate the TIOCPKT status. If this 913 * is the tty was previous stopped and is being started then the 914 * driver start method is invoked and the line discipline woken. 915 * 916 * Locking: 917 * ctrl_lock 918 */ 919 920 void start_tty(struct tty_struct *tty) 921 { 922 unsigned long flags; 923 spin_lock_irqsave(&tty->ctrl_lock, flags); 924 if (!tty->stopped || tty->flow_stopped) { 925 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 926 return; 927 } 928 tty->stopped = 0; 929 if (tty->link && tty->link->packet) { 930 tty->ctrl_status &= ~TIOCPKT_STOP; 931 tty->ctrl_status |= TIOCPKT_START; 932 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 933 } 934 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 935 if (tty->ops->start) 936 (tty->ops->start)(tty); 937 /* If we have a running line discipline it may need kicking */ 938 tty_wakeup(tty); 939 } 940 941 EXPORT_SYMBOL(start_tty); 942 943 /** 944 * tty_read - read method for tty device files 945 * @file: pointer to tty file 946 * @buf: user buffer 947 * @count: size of user buffer 948 * @ppos: unused 949 * 950 * Perform the read system call function on this terminal device. Checks 951 * for hung up devices before calling the line discipline method. 952 * 953 * Locking: 954 * Locks the line discipline internally while needed. Multiple 955 * read calls may be outstanding in parallel. 956 */ 957 958 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 959 loff_t *ppos) 960 { 961 int i; 962 struct inode *inode = file->f_path.dentry->d_inode; 963 struct tty_struct *tty = file_tty(file); 964 struct tty_ldisc *ld; 965 966 if (tty_paranoia_check(tty, inode, "tty_read")) 967 return -EIO; 968 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 969 return -EIO; 970 971 /* We want to wait for the line discipline to sort out in this 972 situation */ 973 ld = tty_ldisc_ref_wait(tty); 974 if (ld->ops->read) 975 i = (ld->ops->read)(tty, file, buf, count); 976 else 977 i = -EIO; 978 tty_ldisc_deref(ld); 979 if (i > 0) 980 inode->i_atime = current_fs_time(inode->i_sb); 981 return i; 982 } 983 984 void tty_write_unlock(struct tty_struct *tty) 985 __releases(&tty->atomic_write_lock) 986 { 987 mutex_unlock(&tty->atomic_write_lock); 988 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 989 } 990 991 int tty_write_lock(struct tty_struct *tty, int ndelay) 992 __acquires(&tty->atomic_write_lock) 993 { 994 if (!mutex_trylock(&tty->atomic_write_lock)) { 995 if (ndelay) 996 return -EAGAIN; 997 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 998 return -ERESTARTSYS; 999 } 1000 return 0; 1001 } 1002 1003 /* 1004 * Split writes up in sane blocksizes to avoid 1005 * denial-of-service type attacks 1006 */ 1007 static inline ssize_t do_tty_write( 1008 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1009 struct tty_struct *tty, 1010 struct file *file, 1011 const char __user *buf, 1012 size_t count) 1013 { 1014 ssize_t ret, written = 0; 1015 unsigned int chunk; 1016 1017 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1018 if (ret < 0) 1019 return ret; 1020 1021 /* 1022 * We chunk up writes into a temporary buffer. This 1023 * simplifies low-level drivers immensely, since they 1024 * don't have locking issues and user mode accesses. 1025 * 1026 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1027 * big chunk-size.. 1028 * 1029 * The default chunk-size is 2kB, because the NTTY 1030 * layer has problems with bigger chunks. It will 1031 * claim to be able to handle more characters than 1032 * it actually does. 1033 * 1034 * FIXME: This can probably go away now except that 64K chunks 1035 * are too likely to fail unless switched to vmalloc... 1036 */ 1037 chunk = 2048; 1038 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1039 chunk = 65536; 1040 if (count < chunk) 1041 chunk = count; 1042 1043 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1044 if (tty->write_cnt < chunk) { 1045 unsigned char *buf_chunk; 1046 1047 if (chunk < 1024) 1048 chunk = 1024; 1049 1050 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1051 if (!buf_chunk) { 1052 ret = -ENOMEM; 1053 goto out; 1054 } 1055 kfree(tty->write_buf); 1056 tty->write_cnt = chunk; 1057 tty->write_buf = buf_chunk; 1058 } 1059 1060 /* Do the write .. */ 1061 for (;;) { 1062 size_t size = count; 1063 if (size > chunk) 1064 size = chunk; 1065 ret = -EFAULT; 1066 if (copy_from_user(tty->write_buf, buf, size)) 1067 break; 1068 ret = write(tty, file, tty->write_buf, size); 1069 if (ret <= 0) 1070 break; 1071 written += ret; 1072 buf += ret; 1073 count -= ret; 1074 if (!count) 1075 break; 1076 ret = -ERESTARTSYS; 1077 if (signal_pending(current)) 1078 break; 1079 cond_resched(); 1080 } 1081 if (written) { 1082 struct inode *inode = file->f_path.dentry->d_inode; 1083 inode->i_mtime = current_fs_time(inode->i_sb); 1084 ret = written; 1085 } 1086 out: 1087 tty_write_unlock(tty); 1088 return ret; 1089 } 1090 1091 /** 1092 * tty_write_message - write a message to a certain tty, not just the console. 1093 * @tty: the destination tty_struct 1094 * @msg: the message to write 1095 * 1096 * This is used for messages that need to be redirected to a specific tty. 1097 * We don't put it into the syslog queue right now maybe in the future if 1098 * really needed. 1099 * 1100 * We must still hold the BTM and test the CLOSING flag for the moment. 1101 */ 1102 1103 void tty_write_message(struct tty_struct *tty, char *msg) 1104 { 1105 if (tty) { 1106 mutex_lock(&tty->atomic_write_lock); 1107 tty_lock(); 1108 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1109 tty_unlock(); 1110 tty->ops->write(tty, msg, strlen(msg)); 1111 } else 1112 tty_unlock(); 1113 tty_write_unlock(tty); 1114 } 1115 return; 1116 } 1117 1118 1119 /** 1120 * tty_write - write method for tty device file 1121 * @file: tty file pointer 1122 * @buf: user data to write 1123 * @count: bytes to write 1124 * @ppos: unused 1125 * 1126 * Write data to a tty device via the line discipline. 1127 * 1128 * Locking: 1129 * Locks the line discipline as required 1130 * Writes to the tty driver are serialized by the atomic_write_lock 1131 * and are then processed in chunks to the device. The line discipline 1132 * write method will not be invoked in parallel for each device. 1133 */ 1134 1135 static ssize_t tty_write(struct file *file, const char __user *buf, 1136 size_t count, loff_t *ppos) 1137 { 1138 struct inode *inode = file->f_path.dentry->d_inode; 1139 struct tty_struct *tty = file_tty(file); 1140 struct tty_ldisc *ld; 1141 ssize_t ret; 1142 1143 if (tty_paranoia_check(tty, inode, "tty_write")) 1144 return -EIO; 1145 if (!tty || !tty->ops->write || 1146 (test_bit(TTY_IO_ERROR, &tty->flags))) 1147 return -EIO; 1148 /* Short term debug to catch buggy drivers */ 1149 if (tty->ops->write_room == NULL) 1150 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1151 tty->driver->name); 1152 ld = tty_ldisc_ref_wait(tty); 1153 if (!ld->ops->write) 1154 ret = -EIO; 1155 else 1156 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1157 tty_ldisc_deref(ld); 1158 return ret; 1159 } 1160 1161 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1162 size_t count, loff_t *ppos) 1163 { 1164 struct file *p = NULL; 1165 1166 spin_lock(&redirect_lock); 1167 if (redirect) { 1168 get_file(redirect); 1169 p = redirect; 1170 } 1171 spin_unlock(&redirect_lock); 1172 1173 if (p) { 1174 ssize_t res; 1175 res = vfs_write(p, buf, count, &p->f_pos); 1176 fput(p); 1177 return res; 1178 } 1179 return tty_write(file, buf, count, ppos); 1180 } 1181 1182 static char ptychar[] = "pqrstuvwxyzabcde"; 1183 1184 /** 1185 * pty_line_name - generate name for a pty 1186 * @driver: the tty driver in use 1187 * @index: the minor number 1188 * @p: output buffer of at least 6 bytes 1189 * 1190 * Generate a name from a driver reference and write it to the output 1191 * buffer. 1192 * 1193 * Locking: None 1194 */ 1195 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1196 { 1197 int i = index + driver->name_base; 1198 /* ->name is initialized to "ttyp", but "tty" is expected */ 1199 sprintf(p, "%s%c%x", 1200 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1201 ptychar[i >> 4 & 0xf], i & 0xf); 1202 } 1203 1204 /** 1205 * tty_line_name - generate name for a tty 1206 * @driver: the tty driver in use 1207 * @index: the minor number 1208 * @p: output buffer of at least 7 bytes 1209 * 1210 * Generate a name from a driver reference and write it to the output 1211 * buffer. 1212 * 1213 * Locking: None 1214 */ 1215 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1216 { 1217 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1218 } 1219 1220 /** 1221 * tty_driver_lookup_tty() - find an existing tty, if any 1222 * @driver: the driver for the tty 1223 * @idx: the minor number 1224 * 1225 * Return the tty, if found or ERR_PTR() otherwise. 1226 * 1227 * Locking: tty_mutex must be held. If tty is found, the mutex must 1228 * be held until the 'fast-open' is also done. Will change once we 1229 * have refcounting in the driver and per driver locking 1230 */ 1231 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1232 struct inode *inode, int idx) 1233 { 1234 struct tty_struct *tty; 1235 1236 if (driver->ops->lookup) 1237 return driver->ops->lookup(driver, inode, idx); 1238 1239 tty = driver->ttys[idx]; 1240 return tty; 1241 } 1242 1243 /** 1244 * tty_init_termios - helper for termios setup 1245 * @tty: the tty to set up 1246 * 1247 * Initialise the termios structures for this tty. Thus runs under 1248 * the tty_mutex currently so we can be relaxed about ordering. 1249 */ 1250 1251 int tty_init_termios(struct tty_struct *tty) 1252 { 1253 struct ktermios *tp; 1254 int idx = tty->index; 1255 1256 tp = tty->driver->termios[idx]; 1257 if (tp == NULL) { 1258 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1259 if (tp == NULL) 1260 return -ENOMEM; 1261 memcpy(tp, &tty->driver->init_termios, 1262 sizeof(struct ktermios)); 1263 tty->driver->termios[idx] = tp; 1264 } 1265 tty->termios = tp; 1266 tty->termios_locked = tp + 1; 1267 1268 /* Compatibility until drivers always set this */ 1269 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1270 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1271 return 0; 1272 } 1273 EXPORT_SYMBOL_GPL(tty_init_termios); 1274 1275 /** 1276 * tty_driver_install_tty() - install a tty entry in the driver 1277 * @driver: the driver for the tty 1278 * @tty: the tty 1279 * 1280 * Install a tty object into the driver tables. The tty->index field 1281 * will be set by the time this is called. This method is responsible 1282 * for ensuring any need additional structures are allocated and 1283 * configured. 1284 * 1285 * Locking: tty_mutex for now 1286 */ 1287 static int tty_driver_install_tty(struct tty_driver *driver, 1288 struct tty_struct *tty) 1289 { 1290 int idx = tty->index; 1291 int ret; 1292 1293 if (driver->ops->install) { 1294 ret = driver->ops->install(driver, tty); 1295 return ret; 1296 } 1297 1298 if (tty_init_termios(tty) == 0) { 1299 tty_driver_kref_get(driver); 1300 tty->count++; 1301 driver->ttys[idx] = tty; 1302 return 0; 1303 } 1304 return -ENOMEM; 1305 } 1306 1307 /** 1308 * tty_driver_remove_tty() - remove a tty from the driver tables 1309 * @driver: the driver for the tty 1310 * @idx: the minor number 1311 * 1312 * Remvoe a tty object from the driver tables. The tty->index field 1313 * will be set by the time this is called. 1314 * 1315 * Locking: tty_mutex for now 1316 */ 1317 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1318 { 1319 if (driver->ops->remove) 1320 driver->ops->remove(driver, tty); 1321 else 1322 driver->ttys[tty->index] = NULL; 1323 } 1324 1325 /* 1326 * tty_reopen() - fast re-open of an open tty 1327 * @tty - the tty to open 1328 * 1329 * Return 0 on success, -errno on error. 1330 * 1331 * Locking: tty_mutex must be held from the time the tty was found 1332 * till this open completes. 1333 */ 1334 static int tty_reopen(struct tty_struct *tty) 1335 { 1336 struct tty_driver *driver = tty->driver; 1337 1338 if (test_bit(TTY_CLOSING, &tty->flags) || 1339 test_bit(TTY_HUPPING, &tty->flags) || 1340 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1341 return -EIO; 1342 1343 if (driver->type == TTY_DRIVER_TYPE_PTY && 1344 driver->subtype == PTY_TYPE_MASTER) { 1345 /* 1346 * special case for PTY masters: only one open permitted, 1347 * and the slave side open count is incremented as well. 1348 */ 1349 if (tty->count) 1350 return -EIO; 1351 1352 tty->link->count++; 1353 } 1354 tty->count++; 1355 tty->driver = driver; /* N.B. why do this every time?? */ 1356 1357 mutex_lock(&tty->ldisc_mutex); 1358 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1359 mutex_unlock(&tty->ldisc_mutex); 1360 1361 return 0; 1362 } 1363 1364 /** 1365 * tty_init_dev - initialise a tty device 1366 * @driver: tty driver we are opening a device on 1367 * @idx: device index 1368 * @ret_tty: returned tty structure 1369 * @first_ok: ok to open a new device (used by ptmx) 1370 * 1371 * Prepare a tty device. This may not be a "new" clean device but 1372 * could also be an active device. The pty drivers require special 1373 * handling because of this. 1374 * 1375 * Locking: 1376 * The function is called under the tty_mutex, which 1377 * protects us from the tty struct or driver itself going away. 1378 * 1379 * On exit the tty device has the line discipline attached and 1380 * a reference count of 1. If a pair was created for pty/tty use 1381 * and the other was a pty master then it too has a reference count of 1. 1382 * 1383 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1384 * failed open. The new code protects the open with a mutex, so it's 1385 * really quite straightforward. The mutex locking can probably be 1386 * relaxed for the (most common) case of reopening a tty. 1387 */ 1388 1389 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx, 1390 int first_ok) 1391 { 1392 struct tty_struct *tty; 1393 int retval; 1394 1395 /* Check if pty master is being opened multiple times */ 1396 if (driver->subtype == PTY_TYPE_MASTER && 1397 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) { 1398 return ERR_PTR(-EIO); 1399 } 1400 1401 /* 1402 * First time open is complex, especially for PTY devices. 1403 * This code guarantees that either everything succeeds and the 1404 * TTY is ready for operation, or else the table slots are vacated 1405 * and the allocated memory released. (Except that the termios 1406 * and locked termios may be retained.) 1407 */ 1408 1409 if (!try_module_get(driver->owner)) 1410 return ERR_PTR(-ENODEV); 1411 1412 tty = alloc_tty_struct(); 1413 if (!tty) { 1414 retval = -ENOMEM; 1415 goto err_module_put; 1416 } 1417 initialize_tty_struct(tty, driver, idx); 1418 1419 retval = tty_driver_install_tty(driver, tty); 1420 if (retval < 0) 1421 goto err_deinit_tty; 1422 1423 /* 1424 * Structures all installed ... call the ldisc open routines. 1425 * If we fail here just call release_tty to clean up. No need 1426 * to decrement the use counts, as release_tty doesn't care. 1427 */ 1428 retval = tty_ldisc_setup(tty, tty->link); 1429 if (retval) 1430 goto err_release_tty; 1431 return tty; 1432 1433 err_deinit_tty: 1434 deinitialize_tty_struct(tty); 1435 free_tty_struct(tty); 1436 err_module_put: 1437 module_put(driver->owner); 1438 return ERR_PTR(retval); 1439 1440 /* call the tty release_tty routine to clean out this slot */ 1441 err_release_tty: 1442 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1443 "clearing slot %d\n", idx); 1444 release_tty(tty, idx); 1445 return ERR_PTR(retval); 1446 } 1447 1448 void tty_free_termios(struct tty_struct *tty) 1449 { 1450 struct ktermios *tp; 1451 int idx = tty->index; 1452 /* Kill this flag and push into drivers for locking etc */ 1453 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1454 /* FIXME: Locking on ->termios array */ 1455 tp = tty->termios; 1456 tty->driver->termios[idx] = NULL; 1457 kfree(tp); 1458 } 1459 } 1460 EXPORT_SYMBOL(tty_free_termios); 1461 1462 void tty_shutdown(struct tty_struct *tty) 1463 { 1464 tty_driver_remove_tty(tty->driver, tty); 1465 tty_free_termios(tty); 1466 } 1467 EXPORT_SYMBOL(tty_shutdown); 1468 1469 /** 1470 * release_one_tty - release tty structure memory 1471 * @kref: kref of tty we are obliterating 1472 * 1473 * Releases memory associated with a tty structure, and clears out the 1474 * driver table slots. This function is called when a device is no longer 1475 * in use. It also gets called when setup of a device fails. 1476 * 1477 * Locking: 1478 * tty_mutex - sometimes only 1479 * takes the file list lock internally when working on the list 1480 * of ttys that the driver keeps. 1481 * 1482 * This method gets called from a work queue so that the driver private 1483 * cleanup ops can sleep (needed for USB at least) 1484 */ 1485 static void release_one_tty(struct work_struct *work) 1486 { 1487 struct tty_struct *tty = 1488 container_of(work, struct tty_struct, hangup_work); 1489 struct tty_driver *driver = tty->driver; 1490 1491 if (tty->ops->cleanup) 1492 tty->ops->cleanup(tty); 1493 1494 tty->magic = 0; 1495 tty_driver_kref_put(driver); 1496 module_put(driver->owner); 1497 1498 spin_lock(&tty_files_lock); 1499 list_del_init(&tty->tty_files); 1500 spin_unlock(&tty_files_lock); 1501 1502 put_pid(tty->pgrp); 1503 put_pid(tty->session); 1504 free_tty_struct(tty); 1505 } 1506 1507 static void queue_release_one_tty(struct kref *kref) 1508 { 1509 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1510 1511 if (tty->ops->shutdown) 1512 tty->ops->shutdown(tty); 1513 else 1514 tty_shutdown(tty); 1515 1516 /* The hangup queue is now free so we can reuse it rather than 1517 waste a chunk of memory for each port */ 1518 INIT_WORK(&tty->hangup_work, release_one_tty); 1519 schedule_work(&tty->hangup_work); 1520 } 1521 1522 /** 1523 * tty_kref_put - release a tty kref 1524 * @tty: tty device 1525 * 1526 * Release a reference to a tty device and if need be let the kref 1527 * layer destruct the object for us 1528 */ 1529 1530 void tty_kref_put(struct tty_struct *tty) 1531 { 1532 if (tty) 1533 kref_put(&tty->kref, queue_release_one_tty); 1534 } 1535 EXPORT_SYMBOL(tty_kref_put); 1536 1537 /** 1538 * release_tty - release tty structure memory 1539 * 1540 * Release both @tty and a possible linked partner (think pty pair), 1541 * and decrement the refcount of the backing module. 1542 * 1543 * Locking: 1544 * tty_mutex - sometimes only 1545 * takes the file list lock internally when working on the list 1546 * of ttys that the driver keeps. 1547 * FIXME: should we require tty_mutex is held here ?? 1548 * 1549 */ 1550 static void release_tty(struct tty_struct *tty, int idx) 1551 { 1552 /* This should always be true but check for the moment */ 1553 WARN_ON(tty->index != idx); 1554 1555 if (tty->link) 1556 tty_kref_put(tty->link); 1557 tty_kref_put(tty); 1558 } 1559 1560 /** 1561 * tty_release - vfs callback for close 1562 * @inode: inode of tty 1563 * @filp: file pointer for handle to tty 1564 * 1565 * Called the last time each file handle is closed that references 1566 * this tty. There may however be several such references. 1567 * 1568 * Locking: 1569 * Takes bkl. See tty_release_dev 1570 * 1571 * Even releasing the tty structures is a tricky business.. We have 1572 * to be very careful that the structures are all released at the 1573 * same time, as interrupts might otherwise get the wrong pointers. 1574 * 1575 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1576 * lead to double frees or releasing memory still in use. 1577 */ 1578 1579 int tty_release(struct inode *inode, struct file *filp) 1580 { 1581 struct tty_struct *tty = file_tty(filp); 1582 struct tty_struct *o_tty; 1583 int pty_master, tty_closing, o_tty_closing, do_sleep; 1584 int devpts; 1585 int idx; 1586 char buf[64]; 1587 1588 if (tty_paranoia_check(tty, inode, "tty_release_dev")) 1589 return 0; 1590 1591 tty_lock(); 1592 check_tty_count(tty, "tty_release_dev"); 1593 1594 __tty_fasync(-1, filp, 0); 1595 1596 idx = tty->index; 1597 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1598 tty->driver->subtype == PTY_TYPE_MASTER); 1599 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1600 o_tty = tty->link; 1601 1602 #ifdef TTY_PARANOIA_CHECK 1603 if (idx < 0 || idx >= tty->driver->num) { 1604 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to " 1605 "free (%s)\n", tty->name); 1606 tty_unlock(); 1607 return 0; 1608 } 1609 if (!devpts) { 1610 if (tty != tty->driver->ttys[idx]) { 1611 tty_unlock(); 1612 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty " 1613 "for (%s)\n", idx, tty->name); 1614 return 0; 1615 } 1616 if (tty->termios != tty->driver->termios[idx]) { 1617 tty_unlock(); 1618 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios " 1619 "for (%s)\n", 1620 idx, tty->name); 1621 return 0; 1622 } 1623 } 1624 #endif 1625 1626 #ifdef TTY_DEBUG_HANGUP 1627 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...", 1628 tty_name(tty, buf), tty->count); 1629 #endif 1630 1631 #ifdef TTY_PARANOIA_CHECK 1632 if (tty->driver->other && 1633 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 1634 if (o_tty != tty->driver->other->ttys[idx]) { 1635 tty_unlock(); 1636 printk(KERN_DEBUG "tty_release_dev: other->table[%d] " 1637 "not o_tty for (%s)\n", 1638 idx, tty->name); 1639 return 0 ; 1640 } 1641 if (o_tty->termios != tty->driver->other->termios[idx]) { 1642 tty_unlock(); 1643 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] " 1644 "not o_termios for (%s)\n", 1645 idx, tty->name); 1646 return 0; 1647 } 1648 if (o_tty->link != tty) { 1649 tty_unlock(); 1650 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n"); 1651 return 0; 1652 } 1653 } 1654 #endif 1655 if (tty->ops->close) 1656 tty->ops->close(tty, filp); 1657 1658 tty_unlock(); 1659 /* 1660 * Sanity check: if tty->count is going to zero, there shouldn't be 1661 * any waiters on tty->read_wait or tty->write_wait. We test the 1662 * wait queues and kick everyone out _before_ actually starting to 1663 * close. This ensures that we won't block while releasing the tty 1664 * structure. 1665 * 1666 * The test for the o_tty closing is necessary, since the master and 1667 * slave sides may close in any order. If the slave side closes out 1668 * first, its count will be one, since the master side holds an open. 1669 * Thus this test wouldn't be triggered at the time the slave closes, 1670 * so we do it now. 1671 * 1672 * Note that it's possible for the tty to be opened again while we're 1673 * flushing out waiters. By recalculating the closing flags before 1674 * each iteration we avoid any problems. 1675 */ 1676 while (1) { 1677 /* Guard against races with tty->count changes elsewhere and 1678 opens on /dev/tty */ 1679 1680 mutex_lock(&tty_mutex); 1681 tty_lock(); 1682 tty_closing = tty->count <= 1; 1683 o_tty_closing = o_tty && 1684 (o_tty->count <= (pty_master ? 1 : 0)); 1685 do_sleep = 0; 1686 1687 if (tty_closing) { 1688 if (waitqueue_active(&tty->read_wait)) { 1689 wake_up_poll(&tty->read_wait, POLLIN); 1690 do_sleep++; 1691 } 1692 if (waitqueue_active(&tty->write_wait)) { 1693 wake_up_poll(&tty->write_wait, POLLOUT); 1694 do_sleep++; 1695 } 1696 } 1697 if (o_tty_closing) { 1698 if (waitqueue_active(&o_tty->read_wait)) { 1699 wake_up_poll(&o_tty->read_wait, POLLIN); 1700 do_sleep++; 1701 } 1702 if (waitqueue_active(&o_tty->write_wait)) { 1703 wake_up_poll(&o_tty->write_wait, POLLOUT); 1704 do_sleep++; 1705 } 1706 } 1707 if (!do_sleep) 1708 break; 1709 1710 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue " 1711 "active!\n", tty_name(tty, buf)); 1712 tty_unlock(); 1713 mutex_unlock(&tty_mutex); 1714 schedule(); 1715 } 1716 1717 /* 1718 * The closing flags are now consistent with the open counts on 1719 * both sides, and we've completed the last operation that could 1720 * block, so it's safe to proceed with closing. 1721 */ 1722 if (pty_master) { 1723 if (--o_tty->count < 0) { 1724 printk(KERN_WARNING "tty_release_dev: bad pty slave count " 1725 "(%d) for %s\n", 1726 o_tty->count, tty_name(o_tty, buf)); 1727 o_tty->count = 0; 1728 } 1729 } 1730 if (--tty->count < 0) { 1731 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n", 1732 tty->count, tty_name(tty, buf)); 1733 tty->count = 0; 1734 } 1735 1736 /* 1737 * We've decremented tty->count, so we need to remove this file 1738 * descriptor off the tty->tty_files list; this serves two 1739 * purposes: 1740 * - check_tty_count sees the correct number of file descriptors 1741 * associated with this tty. 1742 * - do_tty_hangup no longer sees this file descriptor as 1743 * something that needs to be handled for hangups. 1744 */ 1745 tty_del_file(filp); 1746 1747 /* 1748 * Perform some housekeeping before deciding whether to return. 1749 * 1750 * Set the TTY_CLOSING flag if this was the last open. In the 1751 * case of a pty we may have to wait around for the other side 1752 * to close, and TTY_CLOSING makes sure we can't be reopened. 1753 */ 1754 if (tty_closing) 1755 set_bit(TTY_CLOSING, &tty->flags); 1756 if (o_tty_closing) 1757 set_bit(TTY_CLOSING, &o_tty->flags); 1758 1759 /* 1760 * If _either_ side is closing, make sure there aren't any 1761 * processes that still think tty or o_tty is their controlling 1762 * tty. 1763 */ 1764 if (tty_closing || o_tty_closing) { 1765 read_lock(&tasklist_lock); 1766 session_clear_tty(tty->session); 1767 if (o_tty) 1768 session_clear_tty(o_tty->session); 1769 read_unlock(&tasklist_lock); 1770 } 1771 1772 mutex_unlock(&tty_mutex); 1773 1774 /* check whether both sides are closing ... */ 1775 if (!tty_closing || (o_tty && !o_tty_closing)) { 1776 tty_unlock(); 1777 return 0; 1778 } 1779 1780 #ifdef TTY_DEBUG_HANGUP 1781 printk(KERN_DEBUG "freeing tty structure..."); 1782 #endif 1783 /* 1784 * Ask the line discipline code to release its structures 1785 */ 1786 tty_ldisc_release(tty, o_tty); 1787 /* 1788 * The release_tty function takes care of the details of clearing 1789 * the slots and preserving the termios structure. 1790 */ 1791 release_tty(tty, idx); 1792 1793 /* Make this pty number available for reallocation */ 1794 if (devpts) 1795 devpts_kill_index(inode, idx); 1796 tty_unlock(); 1797 return 0; 1798 } 1799 1800 /** 1801 * tty_open - open a tty device 1802 * @inode: inode of device file 1803 * @filp: file pointer to tty 1804 * 1805 * tty_open and tty_release keep up the tty count that contains the 1806 * number of opens done on a tty. We cannot use the inode-count, as 1807 * different inodes might point to the same tty. 1808 * 1809 * Open-counting is needed for pty masters, as well as for keeping 1810 * track of serial lines: DTR is dropped when the last close happens. 1811 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1812 * 1813 * The termios state of a pty is reset on first open so that 1814 * settings don't persist across reuse. 1815 * 1816 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work. 1817 * tty->count should protect the rest. 1818 * ->siglock protects ->signal/->sighand 1819 */ 1820 1821 static int tty_open(struct inode *inode, struct file *filp) 1822 { 1823 struct tty_struct *tty = NULL; 1824 int noctty, retval; 1825 struct tty_driver *driver; 1826 int index; 1827 dev_t device = inode->i_rdev; 1828 unsigned saved_flags = filp->f_flags; 1829 1830 nonseekable_open(inode, filp); 1831 1832 retry_open: 1833 retval = tty_alloc_file(filp); 1834 if (retval) 1835 return -ENOMEM; 1836 1837 noctty = filp->f_flags & O_NOCTTY; 1838 index = -1; 1839 retval = 0; 1840 1841 mutex_lock(&tty_mutex); 1842 tty_lock(); 1843 1844 if (device == MKDEV(TTYAUX_MAJOR, 0)) { 1845 tty = get_current_tty(); 1846 if (!tty) { 1847 tty_unlock(); 1848 mutex_unlock(&tty_mutex); 1849 tty_free_file(filp); 1850 return -ENXIO; 1851 } 1852 driver = tty_driver_kref_get(tty->driver); 1853 index = tty->index; 1854 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1855 /* noctty = 1; */ 1856 /* FIXME: Should we take a driver reference ? */ 1857 tty_kref_put(tty); 1858 goto got_driver; 1859 } 1860 #ifdef CONFIG_VT 1861 if (device == MKDEV(TTY_MAJOR, 0)) { 1862 extern struct tty_driver *console_driver; 1863 driver = tty_driver_kref_get(console_driver); 1864 index = fg_console; 1865 noctty = 1; 1866 goto got_driver; 1867 } 1868 #endif 1869 if (device == MKDEV(TTYAUX_MAJOR, 1)) { 1870 struct tty_driver *console_driver = console_device(&index); 1871 if (console_driver) { 1872 driver = tty_driver_kref_get(console_driver); 1873 if (driver) { 1874 /* Don't let /dev/console block */ 1875 filp->f_flags |= O_NONBLOCK; 1876 noctty = 1; 1877 goto got_driver; 1878 } 1879 } 1880 tty_unlock(); 1881 mutex_unlock(&tty_mutex); 1882 tty_free_file(filp); 1883 return -ENODEV; 1884 } 1885 1886 driver = get_tty_driver(device, &index); 1887 if (!driver) { 1888 tty_unlock(); 1889 mutex_unlock(&tty_mutex); 1890 tty_free_file(filp); 1891 return -ENODEV; 1892 } 1893 got_driver: 1894 if (!tty) { 1895 /* check whether we're reopening an existing tty */ 1896 tty = tty_driver_lookup_tty(driver, inode, index); 1897 1898 if (IS_ERR(tty)) { 1899 tty_unlock(); 1900 mutex_unlock(&tty_mutex); 1901 tty_driver_kref_put(driver); 1902 tty_free_file(filp); 1903 return PTR_ERR(tty); 1904 } 1905 } 1906 1907 if (tty) { 1908 retval = tty_reopen(tty); 1909 if (retval) 1910 tty = ERR_PTR(retval); 1911 } else 1912 tty = tty_init_dev(driver, index, 0); 1913 1914 mutex_unlock(&tty_mutex); 1915 tty_driver_kref_put(driver); 1916 if (IS_ERR(tty)) { 1917 tty_unlock(); 1918 tty_free_file(filp); 1919 return PTR_ERR(tty); 1920 } 1921 1922 tty_add_file(tty, filp); 1923 1924 check_tty_count(tty, "tty_open"); 1925 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1926 tty->driver->subtype == PTY_TYPE_MASTER) 1927 noctty = 1; 1928 #ifdef TTY_DEBUG_HANGUP 1929 printk(KERN_DEBUG "opening %s...", tty->name); 1930 #endif 1931 if (tty->ops->open) 1932 retval = tty->ops->open(tty, filp); 1933 else 1934 retval = -ENODEV; 1935 filp->f_flags = saved_flags; 1936 1937 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1938 !capable(CAP_SYS_ADMIN)) 1939 retval = -EBUSY; 1940 1941 if (retval) { 1942 #ifdef TTY_DEBUG_HANGUP 1943 printk(KERN_DEBUG "error %d in opening %s...", retval, 1944 tty->name); 1945 #endif 1946 tty_unlock(); /* need to call tty_release without BTM */ 1947 tty_release(inode, filp); 1948 if (retval != -ERESTARTSYS) 1949 return retval; 1950 1951 if (signal_pending(current)) 1952 return retval; 1953 1954 schedule(); 1955 /* 1956 * Need to reset f_op in case a hangup happened. 1957 */ 1958 tty_lock(); 1959 if (filp->f_op == &hung_up_tty_fops) 1960 filp->f_op = &tty_fops; 1961 tty_unlock(); 1962 goto retry_open; 1963 } 1964 tty_unlock(); 1965 1966 1967 mutex_lock(&tty_mutex); 1968 tty_lock(); 1969 spin_lock_irq(¤t->sighand->siglock); 1970 if (!noctty && 1971 current->signal->leader && 1972 !current->signal->tty && 1973 tty->session == NULL) 1974 __proc_set_tty(current, tty); 1975 spin_unlock_irq(¤t->sighand->siglock); 1976 tty_unlock(); 1977 mutex_unlock(&tty_mutex); 1978 return 0; 1979 } 1980 1981 1982 1983 /** 1984 * tty_poll - check tty status 1985 * @filp: file being polled 1986 * @wait: poll wait structures to update 1987 * 1988 * Call the line discipline polling method to obtain the poll 1989 * status of the device. 1990 * 1991 * Locking: locks called line discipline but ldisc poll method 1992 * may be re-entered freely by other callers. 1993 */ 1994 1995 static unsigned int tty_poll(struct file *filp, poll_table *wait) 1996 { 1997 struct tty_struct *tty = file_tty(filp); 1998 struct tty_ldisc *ld; 1999 int ret = 0; 2000 2001 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 2002 return 0; 2003 2004 ld = tty_ldisc_ref_wait(tty); 2005 if (ld->ops->poll) 2006 ret = (ld->ops->poll)(tty, filp, wait); 2007 tty_ldisc_deref(ld); 2008 return ret; 2009 } 2010 2011 static int __tty_fasync(int fd, struct file *filp, int on) 2012 { 2013 struct tty_struct *tty = file_tty(filp); 2014 unsigned long flags; 2015 int retval = 0; 2016 2017 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 2018 goto out; 2019 2020 retval = fasync_helper(fd, filp, on, &tty->fasync); 2021 if (retval <= 0) 2022 goto out; 2023 2024 if (on) { 2025 enum pid_type type; 2026 struct pid *pid; 2027 if (!waitqueue_active(&tty->read_wait)) 2028 tty->minimum_to_wake = 1; 2029 spin_lock_irqsave(&tty->ctrl_lock, flags); 2030 if (tty->pgrp) { 2031 pid = tty->pgrp; 2032 type = PIDTYPE_PGID; 2033 } else { 2034 pid = task_pid(current); 2035 type = PIDTYPE_PID; 2036 } 2037 get_pid(pid); 2038 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2039 retval = __f_setown(filp, pid, type, 0); 2040 put_pid(pid); 2041 if (retval) 2042 goto out; 2043 } else { 2044 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2045 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2046 } 2047 retval = 0; 2048 out: 2049 return retval; 2050 } 2051 2052 static int tty_fasync(int fd, struct file *filp, int on) 2053 { 2054 int retval; 2055 tty_lock(); 2056 retval = __tty_fasync(fd, filp, on); 2057 tty_unlock(); 2058 return retval; 2059 } 2060 2061 /** 2062 * tiocsti - fake input character 2063 * @tty: tty to fake input into 2064 * @p: pointer to character 2065 * 2066 * Fake input to a tty device. Does the necessary locking and 2067 * input management. 2068 * 2069 * FIXME: does not honour flow control ?? 2070 * 2071 * Locking: 2072 * Called functions take tty_ldisc_lock 2073 * current->signal->tty check is safe without locks 2074 * 2075 * FIXME: may race normal receive processing 2076 */ 2077 2078 static int tiocsti(struct tty_struct *tty, char __user *p) 2079 { 2080 char ch, mbz = 0; 2081 struct tty_ldisc *ld; 2082 2083 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2084 return -EPERM; 2085 if (get_user(ch, p)) 2086 return -EFAULT; 2087 tty_audit_tiocsti(tty, ch); 2088 ld = tty_ldisc_ref_wait(tty); 2089 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2090 tty_ldisc_deref(ld); 2091 return 0; 2092 } 2093 2094 /** 2095 * tiocgwinsz - implement window query ioctl 2096 * @tty; tty 2097 * @arg: user buffer for result 2098 * 2099 * Copies the kernel idea of the window size into the user buffer. 2100 * 2101 * Locking: tty->termios_mutex is taken to ensure the winsize data 2102 * is consistent. 2103 */ 2104 2105 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2106 { 2107 int err; 2108 2109 mutex_lock(&tty->termios_mutex); 2110 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2111 mutex_unlock(&tty->termios_mutex); 2112 2113 return err ? -EFAULT: 0; 2114 } 2115 2116 /** 2117 * tty_do_resize - resize event 2118 * @tty: tty being resized 2119 * @rows: rows (character) 2120 * @cols: cols (character) 2121 * 2122 * Update the termios variables and send the necessary signals to 2123 * peform a terminal resize correctly 2124 */ 2125 2126 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2127 { 2128 struct pid *pgrp; 2129 unsigned long flags; 2130 2131 /* Lock the tty */ 2132 mutex_lock(&tty->termios_mutex); 2133 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2134 goto done; 2135 /* Get the PID values and reference them so we can 2136 avoid holding the tty ctrl lock while sending signals */ 2137 spin_lock_irqsave(&tty->ctrl_lock, flags); 2138 pgrp = get_pid(tty->pgrp); 2139 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2140 2141 if (pgrp) 2142 kill_pgrp(pgrp, SIGWINCH, 1); 2143 put_pid(pgrp); 2144 2145 tty->winsize = *ws; 2146 done: 2147 mutex_unlock(&tty->termios_mutex); 2148 return 0; 2149 } 2150 2151 /** 2152 * tiocswinsz - implement window size set ioctl 2153 * @tty; tty side of tty 2154 * @arg: user buffer for result 2155 * 2156 * Copies the user idea of the window size to the kernel. Traditionally 2157 * this is just advisory information but for the Linux console it 2158 * actually has driver level meaning and triggers a VC resize. 2159 * 2160 * Locking: 2161 * Driver dependent. The default do_resize method takes the 2162 * tty termios mutex and ctrl_lock. The console takes its own lock 2163 * then calls into the default method. 2164 */ 2165 2166 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2167 { 2168 struct winsize tmp_ws; 2169 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2170 return -EFAULT; 2171 2172 if (tty->ops->resize) 2173 return tty->ops->resize(tty, &tmp_ws); 2174 else 2175 return tty_do_resize(tty, &tmp_ws); 2176 } 2177 2178 /** 2179 * tioccons - allow admin to move logical console 2180 * @file: the file to become console 2181 * 2182 * Allow the administrator to move the redirected console device 2183 * 2184 * Locking: uses redirect_lock to guard the redirect information 2185 */ 2186 2187 static int tioccons(struct file *file) 2188 { 2189 if (!capable(CAP_SYS_ADMIN)) 2190 return -EPERM; 2191 if (file->f_op->write == redirected_tty_write) { 2192 struct file *f; 2193 spin_lock(&redirect_lock); 2194 f = redirect; 2195 redirect = NULL; 2196 spin_unlock(&redirect_lock); 2197 if (f) 2198 fput(f); 2199 return 0; 2200 } 2201 spin_lock(&redirect_lock); 2202 if (redirect) { 2203 spin_unlock(&redirect_lock); 2204 return -EBUSY; 2205 } 2206 get_file(file); 2207 redirect = file; 2208 spin_unlock(&redirect_lock); 2209 return 0; 2210 } 2211 2212 /** 2213 * fionbio - non blocking ioctl 2214 * @file: file to set blocking value 2215 * @p: user parameter 2216 * 2217 * Historical tty interfaces had a blocking control ioctl before 2218 * the generic functionality existed. This piece of history is preserved 2219 * in the expected tty API of posix OS's. 2220 * 2221 * Locking: none, the open file handle ensures it won't go away. 2222 */ 2223 2224 static int fionbio(struct file *file, int __user *p) 2225 { 2226 int nonblock; 2227 2228 if (get_user(nonblock, p)) 2229 return -EFAULT; 2230 2231 spin_lock(&file->f_lock); 2232 if (nonblock) 2233 file->f_flags |= O_NONBLOCK; 2234 else 2235 file->f_flags &= ~O_NONBLOCK; 2236 spin_unlock(&file->f_lock); 2237 return 0; 2238 } 2239 2240 /** 2241 * tiocsctty - set controlling tty 2242 * @tty: tty structure 2243 * @arg: user argument 2244 * 2245 * This ioctl is used to manage job control. It permits a session 2246 * leader to set this tty as the controlling tty for the session. 2247 * 2248 * Locking: 2249 * Takes tty_mutex() to protect tty instance 2250 * Takes tasklist_lock internally to walk sessions 2251 * Takes ->siglock() when updating signal->tty 2252 */ 2253 2254 static int tiocsctty(struct tty_struct *tty, int arg) 2255 { 2256 int ret = 0; 2257 if (current->signal->leader && (task_session(current) == tty->session)) 2258 return ret; 2259 2260 mutex_lock(&tty_mutex); 2261 /* 2262 * The process must be a session leader and 2263 * not have a controlling tty already. 2264 */ 2265 if (!current->signal->leader || current->signal->tty) { 2266 ret = -EPERM; 2267 goto unlock; 2268 } 2269 2270 if (tty->session) { 2271 /* 2272 * This tty is already the controlling 2273 * tty for another session group! 2274 */ 2275 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2276 /* 2277 * Steal it away 2278 */ 2279 read_lock(&tasklist_lock); 2280 session_clear_tty(tty->session); 2281 read_unlock(&tasklist_lock); 2282 } else { 2283 ret = -EPERM; 2284 goto unlock; 2285 } 2286 } 2287 proc_set_tty(current, tty); 2288 unlock: 2289 mutex_unlock(&tty_mutex); 2290 return ret; 2291 } 2292 2293 /** 2294 * tty_get_pgrp - return a ref counted pgrp pid 2295 * @tty: tty to read 2296 * 2297 * Returns a refcounted instance of the pid struct for the process 2298 * group controlling the tty. 2299 */ 2300 2301 struct pid *tty_get_pgrp(struct tty_struct *tty) 2302 { 2303 unsigned long flags; 2304 struct pid *pgrp; 2305 2306 spin_lock_irqsave(&tty->ctrl_lock, flags); 2307 pgrp = get_pid(tty->pgrp); 2308 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2309 2310 return pgrp; 2311 } 2312 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2313 2314 /** 2315 * tiocgpgrp - get process group 2316 * @tty: tty passed by user 2317 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2318 * @p: returned pid 2319 * 2320 * Obtain the process group of the tty. If there is no process group 2321 * return an error. 2322 * 2323 * Locking: none. Reference to current->signal->tty is safe. 2324 */ 2325 2326 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2327 { 2328 struct pid *pid; 2329 int ret; 2330 /* 2331 * (tty == real_tty) is a cheap way of 2332 * testing if the tty is NOT a master pty. 2333 */ 2334 if (tty == real_tty && current->signal->tty != real_tty) 2335 return -ENOTTY; 2336 pid = tty_get_pgrp(real_tty); 2337 ret = put_user(pid_vnr(pid), p); 2338 put_pid(pid); 2339 return ret; 2340 } 2341 2342 /** 2343 * tiocspgrp - attempt to set process group 2344 * @tty: tty passed by user 2345 * @real_tty: tty side device matching tty passed by user 2346 * @p: pid pointer 2347 * 2348 * Set the process group of the tty to the session passed. Only 2349 * permitted where the tty session is our session. 2350 * 2351 * Locking: RCU, ctrl lock 2352 */ 2353 2354 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2355 { 2356 struct pid *pgrp; 2357 pid_t pgrp_nr; 2358 int retval = tty_check_change(real_tty); 2359 unsigned long flags; 2360 2361 if (retval == -EIO) 2362 return -ENOTTY; 2363 if (retval) 2364 return retval; 2365 if (!current->signal->tty || 2366 (current->signal->tty != real_tty) || 2367 (real_tty->session != task_session(current))) 2368 return -ENOTTY; 2369 if (get_user(pgrp_nr, p)) 2370 return -EFAULT; 2371 if (pgrp_nr < 0) 2372 return -EINVAL; 2373 rcu_read_lock(); 2374 pgrp = find_vpid(pgrp_nr); 2375 retval = -ESRCH; 2376 if (!pgrp) 2377 goto out_unlock; 2378 retval = -EPERM; 2379 if (session_of_pgrp(pgrp) != task_session(current)) 2380 goto out_unlock; 2381 retval = 0; 2382 spin_lock_irqsave(&tty->ctrl_lock, flags); 2383 put_pid(real_tty->pgrp); 2384 real_tty->pgrp = get_pid(pgrp); 2385 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2386 out_unlock: 2387 rcu_read_unlock(); 2388 return retval; 2389 } 2390 2391 /** 2392 * tiocgsid - get session id 2393 * @tty: tty passed by user 2394 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2395 * @p: pointer to returned session id 2396 * 2397 * Obtain the session id of the tty. If there is no session 2398 * return an error. 2399 * 2400 * Locking: none. Reference to current->signal->tty is safe. 2401 */ 2402 2403 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2404 { 2405 /* 2406 * (tty == real_tty) is a cheap way of 2407 * testing if the tty is NOT a master pty. 2408 */ 2409 if (tty == real_tty && current->signal->tty != real_tty) 2410 return -ENOTTY; 2411 if (!real_tty->session) 2412 return -ENOTTY; 2413 return put_user(pid_vnr(real_tty->session), p); 2414 } 2415 2416 /** 2417 * tiocsetd - set line discipline 2418 * @tty: tty device 2419 * @p: pointer to user data 2420 * 2421 * Set the line discipline according to user request. 2422 * 2423 * Locking: see tty_set_ldisc, this function is just a helper 2424 */ 2425 2426 static int tiocsetd(struct tty_struct *tty, int __user *p) 2427 { 2428 int ldisc; 2429 int ret; 2430 2431 if (get_user(ldisc, p)) 2432 return -EFAULT; 2433 2434 ret = tty_set_ldisc(tty, ldisc); 2435 2436 return ret; 2437 } 2438 2439 /** 2440 * send_break - performed time break 2441 * @tty: device to break on 2442 * @duration: timeout in mS 2443 * 2444 * Perform a timed break on hardware that lacks its own driver level 2445 * timed break functionality. 2446 * 2447 * Locking: 2448 * atomic_write_lock serializes 2449 * 2450 */ 2451 2452 static int send_break(struct tty_struct *tty, unsigned int duration) 2453 { 2454 int retval; 2455 2456 if (tty->ops->break_ctl == NULL) 2457 return 0; 2458 2459 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2460 retval = tty->ops->break_ctl(tty, duration); 2461 else { 2462 /* Do the work ourselves */ 2463 if (tty_write_lock(tty, 0) < 0) 2464 return -EINTR; 2465 retval = tty->ops->break_ctl(tty, -1); 2466 if (retval) 2467 goto out; 2468 if (!signal_pending(current)) 2469 msleep_interruptible(duration); 2470 retval = tty->ops->break_ctl(tty, 0); 2471 out: 2472 tty_write_unlock(tty); 2473 if (signal_pending(current)) 2474 retval = -EINTR; 2475 } 2476 return retval; 2477 } 2478 2479 /** 2480 * tty_tiocmget - get modem status 2481 * @tty: tty device 2482 * @file: user file pointer 2483 * @p: pointer to result 2484 * 2485 * Obtain the modem status bits from the tty driver if the feature 2486 * is supported. Return -EINVAL if it is not available. 2487 * 2488 * Locking: none (up to the driver) 2489 */ 2490 2491 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2492 { 2493 int retval = -EINVAL; 2494 2495 if (tty->ops->tiocmget) { 2496 retval = tty->ops->tiocmget(tty); 2497 2498 if (retval >= 0) 2499 retval = put_user(retval, p); 2500 } 2501 return retval; 2502 } 2503 2504 /** 2505 * tty_tiocmset - set modem status 2506 * @tty: tty device 2507 * @cmd: command - clear bits, set bits or set all 2508 * @p: pointer to desired bits 2509 * 2510 * Set the modem status bits from the tty driver if the feature 2511 * is supported. Return -EINVAL if it is not available. 2512 * 2513 * Locking: none (up to the driver) 2514 */ 2515 2516 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2517 unsigned __user *p) 2518 { 2519 int retval; 2520 unsigned int set, clear, val; 2521 2522 if (tty->ops->tiocmset == NULL) 2523 return -EINVAL; 2524 2525 retval = get_user(val, p); 2526 if (retval) 2527 return retval; 2528 set = clear = 0; 2529 switch (cmd) { 2530 case TIOCMBIS: 2531 set = val; 2532 break; 2533 case TIOCMBIC: 2534 clear = val; 2535 break; 2536 case TIOCMSET: 2537 set = val; 2538 clear = ~val; 2539 break; 2540 } 2541 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2542 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2543 return tty->ops->tiocmset(tty, set, clear); 2544 } 2545 2546 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2547 { 2548 int retval = -EINVAL; 2549 struct serial_icounter_struct icount; 2550 memset(&icount, 0, sizeof(icount)); 2551 if (tty->ops->get_icount) 2552 retval = tty->ops->get_icount(tty, &icount); 2553 if (retval != 0) 2554 return retval; 2555 if (copy_to_user(arg, &icount, sizeof(icount))) 2556 return -EFAULT; 2557 return 0; 2558 } 2559 2560 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2561 { 2562 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2563 tty->driver->subtype == PTY_TYPE_MASTER) 2564 tty = tty->link; 2565 return tty; 2566 } 2567 EXPORT_SYMBOL(tty_pair_get_tty); 2568 2569 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2570 { 2571 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2572 tty->driver->subtype == PTY_TYPE_MASTER) 2573 return tty; 2574 return tty->link; 2575 } 2576 EXPORT_SYMBOL(tty_pair_get_pty); 2577 2578 /* 2579 * Split this up, as gcc can choke on it otherwise.. 2580 */ 2581 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2582 { 2583 struct tty_struct *tty = file_tty(file); 2584 struct tty_struct *real_tty; 2585 void __user *p = (void __user *)arg; 2586 int retval; 2587 struct tty_ldisc *ld; 2588 struct inode *inode = file->f_dentry->d_inode; 2589 2590 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2591 return -EINVAL; 2592 2593 real_tty = tty_pair_get_tty(tty); 2594 2595 /* 2596 * Factor out some common prep work 2597 */ 2598 switch (cmd) { 2599 case TIOCSETD: 2600 case TIOCSBRK: 2601 case TIOCCBRK: 2602 case TCSBRK: 2603 case TCSBRKP: 2604 retval = tty_check_change(tty); 2605 if (retval) 2606 return retval; 2607 if (cmd != TIOCCBRK) { 2608 tty_wait_until_sent(tty, 0); 2609 if (signal_pending(current)) 2610 return -EINTR; 2611 } 2612 break; 2613 } 2614 2615 /* 2616 * Now do the stuff. 2617 */ 2618 switch (cmd) { 2619 case TIOCSTI: 2620 return tiocsti(tty, p); 2621 case TIOCGWINSZ: 2622 return tiocgwinsz(real_tty, p); 2623 case TIOCSWINSZ: 2624 return tiocswinsz(real_tty, p); 2625 case TIOCCONS: 2626 return real_tty != tty ? -EINVAL : tioccons(file); 2627 case FIONBIO: 2628 return fionbio(file, p); 2629 case TIOCEXCL: 2630 set_bit(TTY_EXCLUSIVE, &tty->flags); 2631 return 0; 2632 case TIOCNXCL: 2633 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2634 return 0; 2635 case TIOCNOTTY: 2636 if (current->signal->tty != tty) 2637 return -ENOTTY; 2638 no_tty(); 2639 return 0; 2640 case TIOCSCTTY: 2641 return tiocsctty(tty, arg); 2642 case TIOCGPGRP: 2643 return tiocgpgrp(tty, real_tty, p); 2644 case TIOCSPGRP: 2645 return tiocspgrp(tty, real_tty, p); 2646 case TIOCGSID: 2647 return tiocgsid(tty, real_tty, p); 2648 case TIOCGETD: 2649 return put_user(tty->ldisc->ops->num, (int __user *)p); 2650 case TIOCSETD: 2651 return tiocsetd(tty, p); 2652 case TIOCVHANGUP: 2653 if (!capable(CAP_SYS_ADMIN)) 2654 return -EPERM; 2655 tty_vhangup(tty); 2656 return 0; 2657 case TIOCGDEV: 2658 { 2659 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2660 return put_user(ret, (unsigned int __user *)p); 2661 } 2662 /* 2663 * Break handling 2664 */ 2665 case TIOCSBRK: /* Turn break on, unconditionally */ 2666 if (tty->ops->break_ctl) 2667 return tty->ops->break_ctl(tty, -1); 2668 return 0; 2669 case TIOCCBRK: /* Turn break off, unconditionally */ 2670 if (tty->ops->break_ctl) 2671 return tty->ops->break_ctl(tty, 0); 2672 return 0; 2673 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2674 /* non-zero arg means wait for all output data 2675 * to be sent (performed above) but don't send break. 2676 * This is used by the tcdrain() termios function. 2677 */ 2678 if (!arg) 2679 return send_break(tty, 250); 2680 return 0; 2681 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2682 return send_break(tty, arg ? arg*100 : 250); 2683 2684 case TIOCMGET: 2685 return tty_tiocmget(tty, p); 2686 case TIOCMSET: 2687 case TIOCMBIC: 2688 case TIOCMBIS: 2689 return tty_tiocmset(tty, cmd, p); 2690 case TIOCGICOUNT: 2691 retval = tty_tiocgicount(tty, p); 2692 /* For the moment allow fall through to the old method */ 2693 if (retval != -EINVAL) 2694 return retval; 2695 break; 2696 case TCFLSH: 2697 switch (arg) { 2698 case TCIFLUSH: 2699 case TCIOFLUSH: 2700 /* flush tty buffer and allow ldisc to process ioctl */ 2701 tty_buffer_flush(tty); 2702 break; 2703 } 2704 break; 2705 } 2706 if (tty->ops->ioctl) { 2707 retval = (tty->ops->ioctl)(tty, cmd, arg); 2708 if (retval != -ENOIOCTLCMD) 2709 return retval; 2710 } 2711 ld = tty_ldisc_ref_wait(tty); 2712 retval = -EINVAL; 2713 if (ld->ops->ioctl) { 2714 retval = ld->ops->ioctl(tty, file, cmd, arg); 2715 if (retval == -ENOIOCTLCMD) 2716 retval = -EINVAL; 2717 } 2718 tty_ldisc_deref(ld); 2719 return retval; 2720 } 2721 2722 #ifdef CONFIG_COMPAT 2723 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2724 unsigned long arg) 2725 { 2726 struct inode *inode = file->f_dentry->d_inode; 2727 struct tty_struct *tty = file_tty(file); 2728 struct tty_ldisc *ld; 2729 int retval = -ENOIOCTLCMD; 2730 2731 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2732 return -EINVAL; 2733 2734 if (tty->ops->compat_ioctl) { 2735 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2736 if (retval != -ENOIOCTLCMD) 2737 return retval; 2738 } 2739 2740 ld = tty_ldisc_ref_wait(tty); 2741 if (ld->ops->compat_ioctl) 2742 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2743 else 2744 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 2745 tty_ldisc_deref(ld); 2746 2747 return retval; 2748 } 2749 #endif 2750 2751 /* 2752 * This implements the "Secure Attention Key" --- the idea is to 2753 * prevent trojan horses by killing all processes associated with this 2754 * tty when the user hits the "Secure Attention Key". Required for 2755 * super-paranoid applications --- see the Orange Book for more details. 2756 * 2757 * This code could be nicer; ideally it should send a HUP, wait a few 2758 * seconds, then send a INT, and then a KILL signal. But you then 2759 * have to coordinate with the init process, since all processes associated 2760 * with the current tty must be dead before the new getty is allowed 2761 * to spawn. 2762 * 2763 * Now, if it would be correct ;-/ The current code has a nasty hole - 2764 * it doesn't catch files in flight. We may send the descriptor to ourselves 2765 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2766 * 2767 * Nasty bug: do_SAK is being called in interrupt context. This can 2768 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2769 */ 2770 void __do_SAK(struct tty_struct *tty) 2771 { 2772 #ifdef TTY_SOFT_SAK 2773 tty_hangup(tty); 2774 #else 2775 struct task_struct *g, *p; 2776 struct pid *session; 2777 int i; 2778 struct file *filp; 2779 struct fdtable *fdt; 2780 2781 if (!tty) 2782 return; 2783 session = tty->session; 2784 2785 tty_ldisc_flush(tty); 2786 2787 tty_driver_flush_buffer(tty); 2788 2789 read_lock(&tasklist_lock); 2790 /* Kill the entire session */ 2791 do_each_pid_task(session, PIDTYPE_SID, p) { 2792 printk(KERN_NOTICE "SAK: killed process %d" 2793 " (%s): task_session(p)==tty->session\n", 2794 task_pid_nr(p), p->comm); 2795 send_sig(SIGKILL, p, 1); 2796 } while_each_pid_task(session, PIDTYPE_SID, p); 2797 /* Now kill any processes that happen to have the 2798 * tty open. 2799 */ 2800 do_each_thread(g, p) { 2801 if (p->signal->tty == tty) { 2802 printk(KERN_NOTICE "SAK: killed process %d" 2803 " (%s): task_session(p)==tty->session\n", 2804 task_pid_nr(p), p->comm); 2805 send_sig(SIGKILL, p, 1); 2806 continue; 2807 } 2808 task_lock(p); 2809 if (p->files) { 2810 /* 2811 * We don't take a ref to the file, so we must 2812 * hold ->file_lock instead. 2813 */ 2814 spin_lock(&p->files->file_lock); 2815 fdt = files_fdtable(p->files); 2816 for (i = 0; i < fdt->max_fds; i++) { 2817 filp = fcheck_files(p->files, i); 2818 if (!filp) 2819 continue; 2820 if (filp->f_op->read == tty_read && 2821 file_tty(filp) == tty) { 2822 printk(KERN_NOTICE "SAK: killed process %d" 2823 " (%s): fd#%d opened to the tty\n", 2824 task_pid_nr(p), p->comm, i); 2825 force_sig(SIGKILL, p); 2826 break; 2827 } 2828 } 2829 spin_unlock(&p->files->file_lock); 2830 } 2831 task_unlock(p); 2832 } while_each_thread(g, p); 2833 read_unlock(&tasklist_lock); 2834 #endif 2835 } 2836 2837 static void do_SAK_work(struct work_struct *work) 2838 { 2839 struct tty_struct *tty = 2840 container_of(work, struct tty_struct, SAK_work); 2841 __do_SAK(tty); 2842 } 2843 2844 /* 2845 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2846 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2847 * the values which we write to it will be identical to the values which it 2848 * already has. --akpm 2849 */ 2850 void do_SAK(struct tty_struct *tty) 2851 { 2852 if (!tty) 2853 return; 2854 schedule_work(&tty->SAK_work); 2855 } 2856 2857 EXPORT_SYMBOL(do_SAK); 2858 2859 static int dev_match_devt(struct device *dev, void *data) 2860 { 2861 dev_t *devt = data; 2862 return dev->devt == *devt; 2863 } 2864 2865 /* Must put_device() after it's unused! */ 2866 static struct device *tty_get_device(struct tty_struct *tty) 2867 { 2868 dev_t devt = tty_devnum(tty); 2869 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2870 } 2871 2872 2873 /** 2874 * initialize_tty_struct 2875 * @tty: tty to initialize 2876 * 2877 * This subroutine initializes a tty structure that has been newly 2878 * allocated. 2879 * 2880 * Locking: none - tty in question must not be exposed at this point 2881 */ 2882 2883 void initialize_tty_struct(struct tty_struct *tty, 2884 struct tty_driver *driver, int idx) 2885 { 2886 memset(tty, 0, sizeof(struct tty_struct)); 2887 kref_init(&tty->kref); 2888 tty->magic = TTY_MAGIC; 2889 tty_ldisc_init(tty); 2890 tty->session = NULL; 2891 tty->pgrp = NULL; 2892 tty->overrun_time = jiffies; 2893 tty->buf.head = tty->buf.tail = NULL; 2894 tty_buffer_init(tty); 2895 mutex_init(&tty->termios_mutex); 2896 mutex_init(&tty->ldisc_mutex); 2897 init_waitqueue_head(&tty->write_wait); 2898 init_waitqueue_head(&tty->read_wait); 2899 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2900 mutex_init(&tty->atomic_read_lock); 2901 mutex_init(&tty->atomic_write_lock); 2902 mutex_init(&tty->output_lock); 2903 mutex_init(&tty->echo_lock); 2904 spin_lock_init(&tty->read_lock); 2905 spin_lock_init(&tty->ctrl_lock); 2906 INIT_LIST_HEAD(&tty->tty_files); 2907 INIT_WORK(&tty->SAK_work, do_SAK_work); 2908 2909 tty->driver = driver; 2910 tty->ops = driver->ops; 2911 tty->index = idx; 2912 tty_line_name(driver, idx, tty->name); 2913 tty->dev = tty_get_device(tty); 2914 } 2915 2916 /** 2917 * deinitialize_tty_struct 2918 * @tty: tty to deinitialize 2919 * 2920 * This subroutine deinitializes a tty structure that has been newly 2921 * allocated but tty_release cannot be called on that yet. 2922 * 2923 * Locking: none - tty in question must not be exposed at this point 2924 */ 2925 void deinitialize_tty_struct(struct tty_struct *tty) 2926 { 2927 tty_ldisc_deinit(tty); 2928 } 2929 2930 /** 2931 * tty_put_char - write one character to a tty 2932 * @tty: tty 2933 * @ch: character 2934 * 2935 * Write one byte to the tty using the provided put_char method 2936 * if present. Returns the number of characters successfully output. 2937 * 2938 * Note: the specific put_char operation in the driver layer may go 2939 * away soon. Don't call it directly, use this method 2940 */ 2941 2942 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2943 { 2944 if (tty->ops->put_char) 2945 return tty->ops->put_char(tty, ch); 2946 return tty->ops->write(tty, &ch, 1); 2947 } 2948 EXPORT_SYMBOL_GPL(tty_put_char); 2949 2950 struct class *tty_class; 2951 2952 /** 2953 * tty_register_device - register a tty device 2954 * @driver: the tty driver that describes the tty device 2955 * @index: the index in the tty driver for this tty device 2956 * @device: a struct device that is associated with this tty device. 2957 * This field is optional, if there is no known struct device 2958 * for this tty device it can be set to NULL safely. 2959 * 2960 * Returns a pointer to the struct device for this tty device 2961 * (or ERR_PTR(-EFOO) on error). 2962 * 2963 * This call is required to be made to register an individual tty device 2964 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 2965 * that bit is not set, this function should not be called by a tty 2966 * driver. 2967 * 2968 * Locking: ?? 2969 */ 2970 2971 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 2972 struct device *device) 2973 { 2974 char name[64]; 2975 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 2976 2977 if (index >= driver->num) { 2978 printk(KERN_ERR "Attempt to register invalid tty line number " 2979 " (%d).\n", index); 2980 return ERR_PTR(-EINVAL); 2981 } 2982 2983 if (driver->type == TTY_DRIVER_TYPE_PTY) 2984 pty_line_name(driver, index, name); 2985 else 2986 tty_line_name(driver, index, name); 2987 2988 return device_create(tty_class, device, dev, NULL, name); 2989 } 2990 EXPORT_SYMBOL(tty_register_device); 2991 2992 /** 2993 * tty_unregister_device - unregister a tty device 2994 * @driver: the tty driver that describes the tty device 2995 * @index: the index in the tty driver for this tty device 2996 * 2997 * If a tty device is registered with a call to tty_register_device() then 2998 * this function must be called when the tty device is gone. 2999 * 3000 * Locking: ?? 3001 */ 3002 3003 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3004 { 3005 device_destroy(tty_class, 3006 MKDEV(driver->major, driver->minor_start) + index); 3007 } 3008 EXPORT_SYMBOL(tty_unregister_device); 3009 3010 struct tty_driver *alloc_tty_driver(int lines) 3011 { 3012 struct tty_driver *driver; 3013 3014 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3015 if (driver) { 3016 kref_init(&driver->kref); 3017 driver->magic = TTY_DRIVER_MAGIC; 3018 driver->num = lines; 3019 /* later we'll move allocation of tables here */ 3020 } 3021 return driver; 3022 } 3023 EXPORT_SYMBOL(alloc_tty_driver); 3024 3025 static void destruct_tty_driver(struct kref *kref) 3026 { 3027 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3028 int i; 3029 struct ktermios *tp; 3030 void *p; 3031 3032 if (driver->flags & TTY_DRIVER_INSTALLED) { 3033 /* 3034 * Free the termios and termios_locked structures because 3035 * we don't want to get memory leaks when modular tty 3036 * drivers are removed from the kernel. 3037 */ 3038 for (i = 0; i < driver->num; i++) { 3039 tp = driver->termios[i]; 3040 if (tp) { 3041 driver->termios[i] = NULL; 3042 kfree(tp); 3043 } 3044 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3045 tty_unregister_device(driver, i); 3046 } 3047 p = driver->ttys; 3048 proc_tty_unregister_driver(driver); 3049 driver->ttys = NULL; 3050 driver->termios = NULL; 3051 kfree(p); 3052 cdev_del(&driver->cdev); 3053 } 3054 kfree(driver); 3055 } 3056 3057 void tty_driver_kref_put(struct tty_driver *driver) 3058 { 3059 kref_put(&driver->kref, destruct_tty_driver); 3060 } 3061 EXPORT_SYMBOL(tty_driver_kref_put); 3062 3063 void tty_set_operations(struct tty_driver *driver, 3064 const struct tty_operations *op) 3065 { 3066 driver->ops = op; 3067 }; 3068 EXPORT_SYMBOL(tty_set_operations); 3069 3070 void put_tty_driver(struct tty_driver *d) 3071 { 3072 tty_driver_kref_put(d); 3073 } 3074 EXPORT_SYMBOL(put_tty_driver); 3075 3076 /* 3077 * Called by a tty driver to register itself. 3078 */ 3079 int tty_register_driver(struct tty_driver *driver) 3080 { 3081 int error; 3082 int i; 3083 dev_t dev; 3084 void **p = NULL; 3085 struct device *d; 3086 3087 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3088 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3089 if (!p) 3090 return -ENOMEM; 3091 } 3092 3093 if (!driver->major) { 3094 error = alloc_chrdev_region(&dev, driver->minor_start, 3095 driver->num, driver->name); 3096 if (!error) { 3097 driver->major = MAJOR(dev); 3098 driver->minor_start = MINOR(dev); 3099 } 3100 } else { 3101 dev = MKDEV(driver->major, driver->minor_start); 3102 error = register_chrdev_region(dev, driver->num, driver->name); 3103 } 3104 if (error < 0) { 3105 kfree(p); 3106 return error; 3107 } 3108 3109 if (p) { 3110 driver->ttys = (struct tty_struct **)p; 3111 driver->termios = (struct ktermios **)(p + driver->num); 3112 } else { 3113 driver->ttys = NULL; 3114 driver->termios = NULL; 3115 } 3116 3117 cdev_init(&driver->cdev, &tty_fops); 3118 driver->cdev.owner = driver->owner; 3119 error = cdev_add(&driver->cdev, dev, driver->num); 3120 if (error) { 3121 unregister_chrdev_region(dev, driver->num); 3122 driver->ttys = NULL; 3123 driver->termios = NULL; 3124 kfree(p); 3125 return error; 3126 } 3127 3128 mutex_lock(&tty_mutex); 3129 list_add(&driver->tty_drivers, &tty_drivers); 3130 mutex_unlock(&tty_mutex); 3131 3132 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3133 for (i = 0; i < driver->num; i++) { 3134 d = tty_register_device(driver, i, NULL); 3135 if (IS_ERR(d)) { 3136 error = PTR_ERR(d); 3137 goto err; 3138 } 3139 } 3140 } 3141 proc_tty_register_driver(driver); 3142 driver->flags |= TTY_DRIVER_INSTALLED; 3143 return 0; 3144 3145 err: 3146 for (i--; i >= 0; i--) 3147 tty_unregister_device(driver, i); 3148 3149 mutex_lock(&tty_mutex); 3150 list_del(&driver->tty_drivers); 3151 mutex_unlock(&tty_mutex); 3152 3153 unregister_chrdev_region(dev, driver->num); 3154 driver->ttys = NULL; 3155 driver->termios = NULL; 3156 kfree(p); 3157 return error; 3158 } 3159 3160 EXPORT_SYMBOL(tty_register_driver); 3161 3162 /* 3163 * Called by a tty driver to unregister itself. 3164 */ 3165 int tty_unregister_driver(struct tty_driver *driver) 3166 { 3167 #if 0 3168 /* FIXME */ 3169 if (driver->refcount) 3170 return -EBUSY; 3171 #endif 3172 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3173 driver->num); 3174 mutex_lock(&tty_mutex); 3175 list_del(&driver->tty_drivers); 3176 mutex_unlock(&tty_mutex); 3177 return 0; 3178 } 3179 3180 EXPORT_SYMBOL(tty_unregister_driver); 3181 3182 dev_t tty_devnum(struct tty_struct *tty) 3183 { 3184 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3185 } 3186 EXPORT_SYMBOL(tty_devnum); 3187 3188 void proc_clear_tty(struct task_struct *p) 3189 { 3190 unsigned long flags; 3191 struct tty_struct *tty; 3192 spin_lock_irqsave(&p->sighand->siglock, flags); 3193 tty = p->signal->tty; 3194 p->signal->tty = NULL; 3195 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3196 tty_kref_put(tty); 3197 } 3198 3199 /* Called under the sighand lock */ 3200 3201 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3202 { 3203 if (tty) { 3204 unsigned long flags; 3205 /* We should not have a session or pgrp to put here but.... */ 3206 spin_lock_irqsave(&tty->ctrl_lock, flags); 3207 put_pid(tty->session); 3208 put_pid(tty->pgrp); 3209 tty->pgrp = get_pid(task_pgrp(tsk)); 3210 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3211 tty->session = get_pid(task_session(tsk)); 3212 if (tsk->signal->tty) { 3213 printk(KERN_DEBUG "tty not NULL!!\n"); 3214 tty_kref_put(tsk->signal->tty); 3215 } 3216 } 3217 put_pid(tsk->signal->tty_old_pgrp); 3218 tsk->signal->tty = tty_kref_get(tty); 3219 tsk->signal->tty_old_pgrp = NULL; 3220 } 3221 3222 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3223 { 3224 spin_lock_irq(&tsk->sighand->siglock); 3225 __proc_set_tty(tsk, tty); 3226 spin_unlock_irq(&tsk->sighand->siglock); 3227 } 3228 3229 struct tty_struct *get_current_tty(void) 3230 { 3231 struct tty_struct *tty; 3232 unsigned long flags; 3233 3234 spin_lock_irqsave(¤t->sighand->siglock, flags); 3235 tty = tty_kref_get(current->signal->tty); 3236 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3237 return tty; 3238 } 3239 EXPORT_SYMBOL_GPL(get_current_tty); 3240 3241 void tty_default_fops(struct file_operations *fops) 3242 { 3243 *fops = tty_fops; 3244 } 3245 3246 /* 3247 * Initialize the console device. This is called *early*, so 3248 * we can't necessarily depend on lots of kernel help here. 3249 * Just do some early initializations, and do the complex setup 3250 * later. 3251 */ 3252 void __init console_init(void) 3253 { 3254 initcall_t *call; 3255 3256 /* Setup the default TTY line discipline. */ 3257 tty_ldisc_begin(); 3258 3259 /* 3260 * set up the console device so that later boot sequences can 3261 * inform about problems etc.. 3262 */ 3263 call = __con_initcall_start; 3264 while (call < __con_initcall_end) { 3265 (*call)(); 3266 call++; 3267 } 3268 } 3269 3270 static char *tty_devnode(struct device *dev, mode_t *mode) 3271 { 3272 if (!mode) 3273 return NULL; 3274 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3275 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3276 *mode = 0666; 3277 return NULL; 3278 } 3279 3280 static int __init tty_class_init(void) 3281 { 3282 tty_class = class_create(THIS_MODULE, "tty"); 3283 if (IS_ERR(tty_class)) 3284 return PTR_ERR(tty_class); 3285 tty_class->devnode = tty_devnode; 3286 return 0; 3287 } 3288 3289 postcore_initcall(tty_class_init); 3290 3291 /* 3/2004 jmc: why do these devices exist? */ 3292 static struct cdev tty_cdev, console_cdev; 3293 3294 static ssize_t show_cons_active(struct device *dev, 3295 struct device_attribute *attr, char *buf) 3296 { 3297 struct console *cs[16]; 3298 int i = 0; 3299 struct console *c; 3300 ssize_t count = 0; 3301 3302 console_lock(); 3303 for_each_console(c) { 3304 if (!c->device) 3305 continue; 3306 if (!c->write) 3307 continue; 3308 if ((c->flags & CON_ENABLED) == 0) 3309 continue; 3310 cs[i++] = c; 3311 if (i >= ARRAY_SIZE(cs)) 3312 break; 3313 } 3314 while (i--) 3315 count += sprintf(buf + count, "%s%d%c", 3316 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3317 console_unlock(); 3318 3319 return count; 3320 } 3321 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3322 3323 static struct device *consdev; 3324 3325 void console_sysfs_notify(void) 3326 { 3327 if (consdev) 3328 sysfs_notify(&consdev->kobj, NULL, "active"); 3329 } 3330 3331 /* 3332 * Ok, now we can initialize the rest of the tty devices and can count 3333 * on memory allocations, interrupts etc.. 3334 */ 3335 int __init tty_init(void) 3336 { 3337 cdev_init(&tty_cdev, &tty_fops); 3338 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3339 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3340 panic("Couldn't register /dev/tty driver\n"); 3341 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3342 3343 cdev_init(&console_cdev, &console_fops); 3344 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3345 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3346 panic("Couldn't register /dev/console driver\n"); 3347 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3348 "console"); 3349 if (IS_ERR(consdev)) 3350 consdev = NULL; 3351 else 3352 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3353 3354 #ifdef CONFIG_VT 3355 vty_init(&console_fops); 3356 #endif 3357 return 0; 3358 } 3359 3360