1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 110 #define TTY_PARANOIA_CHECK 1 111 #define CHECK_TTY_COUNT 1 112 113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 114 .c_iflag = ICRNL | IXON, 115 .c_oflag = OPOST | ONLCR, 116 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 118 ECHOCTL | ECHOKE | IEXTEN, 119 .c_cc = INIT_C_CC, 120 .c_ispeed = 38400, 121 .c_ospeed = 38400 122 }; 123 124 EXPORT_SYMBOL(tty_std_termios); 125 126 /* This list gets poked at by procfs and various bits of boot up code. This 127 could do with some rationalisation such as pulling the tty proc function 128 into this file */ 129 130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 131 132 /* Mutex to protect creating and releasing a tty. This is shared with 133 vt.c for deeply disgusting hack reasons */ 134 DEFINE_MUTEX(tty_mutex); 135 EXPORT_SYMBOL(tty_mutex); 136 137 /* Spinlock to protect the tty->tty_files list */ 138 DEFINE_SPINLOCK(tty_files_lock); 139 140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 142 ssize_t redirected_tty_write(struct file *, const char __user *, 143 size_t, loff_t *); 144 static unsigned int tty_poll(struct file *, poll_table *); 145 static int tty_open(struct inode *, struct file *); 146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 147 #ifdef CONFIG_COMPAT 148 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 149 unsigned long arg); 150 #else 151 #define tty_compat_ioctl NULL 152 #endif 153 static int __tty_fasync(int fd, struct file *filp, int on); 154 static int tty_fasync(int fd, struct file *filp, int on); 155 static void release_tty(struct tty_struct *tty, int idx); 156 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 157 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 159 /** 160 * alloc_tty_struct - allocate a tty object 161 * 162 * Return a new empty tty structure. The data fields have not 163 * been initialized in any way but has been zeroed 164 * 165 * Locking: none 166 */ 167 168 struct tty_struct *alloc_tty_struct(void) 169 { 170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 171 } 172 173 /** 174 * free_tty_struct - free a disused tty 175 * @tty: tty struct to free 176 * 177 * Free the write buffers, tty queue and tty memory itself. 178 * 179 * Locking: none. Must be called after tty is definitely unused 180 */ 181 182 void free_tty_struct(struct tty_struct *tty) 183 { 184 if (!tty) 185 return; 186 if (tty->dev) 187 put_device(tty->dev); 188 kfree(tty->write_buf); 189 tty->magic = 0xDEADDEAD; 190 kfree(tty); 191 } 192 193 static inline struct tty_struct *file_tty(struct file *file) 194 { 195 return ((struct tty_file_private *)file->private_data)->tty; 196 } 197 198 int tty_alloc_file(struct file *file) 199 { 200 struct tty_file_private *priv; 201 202 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 203 if (!priv) 204 return -ENOMEM; 205 206 file->private_data = priv; 207 208 return 0; 209 } 210 211 /* Associate a new file with the tty structure */ 212 void tty_add_file(struct tty_struct *tty, struct file *file) 213 { 214 struct tty_file_private *priv = file->private_data; 215 216 priv->tty = tty; 217 priv->file = file; 218 219 spin_lock(&tty_files_lock); 220 list_add(&priv->list, &tty->tty_files); 221 spin_unlock(&tty_files_lock); 222 } 223 224 /** 225 * tty_free_file - free file->private_data 226 * 227 * This shall be used only for fail path handling when tty_add_file was not 228 * called yet. 229 */ 230 void tty_free_file(struct file *file) 231 { 232 struct tty_file_private *priv = file->private_data; 233 234 file->private_data = NULL; 235 kfree(priv); 236 } 237 238 /* Delete file from its tty */ 239 static void tty_del_file(struct file *file) 240 { 241 struct tty_file_private *priv = file->private_data; 242 243 spin_lock(&tty_files_lock); 244 list_del(&priv->list); 245 spin_unlock(&tty_files_lock); 246 tty_free_file(file); 247 } 248 249 250 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 251 252 /** 253 * tty_name - return tty naming 254 * @tty: tty structure 255 * @buf: buffer for output 256 * 257 * Convert a tty structure into a name. The name reflects the kernel 258 * naming policy and if udev is in use may not reflect user space 259 * 260 * Locking: none 261 */ 262 263 char *tty_name(struct tty_struct *tty, char *buf) 264 { 265 if (!tty) /* Hmm. NULL pointer. That's fun. */ 266 strcpy(buf, "NULL tty"); 267 else 268 strcpy(buf, tty->name); 269 return buf; 270 } 271 272 EXPORT_SYMBOL(tty_name); 273 274 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 275 const char *routine) 276 { 277 #ifdef TTY_PARANOIA_CHECK 278 if (!tty) { 279 printk(KERN_WARNING 280 "null TTY for (%d:%d) in %s\n", 281 imajor(inode), iminor(inode), routine); 282 return 1; 283 } 284 if (tty->magic != TTY_MAGIC) { 285 printk(KERN_WARNING 286 "bad magic number for tty struct (%d:%d) in %s\n", 287 imajor(inode), iminor(inode), routine); 288 return 1; 289 } 290 #endif 291 return 0; 292 } 293 294 static int check_tty_count(struct tty_struct *tty, const char *routine) 295 { 296 #ifdef CHECK_TTY_COUNT 297 struct list_head *p; 298 int count = 0; 299 300 spin_lock(&tty_files_lock); 301 list_for_each(p, &tty->tty_files) { 302 count++; 303 } 304 spin_unlock(&tty_files_lock); 305 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 306 tty->driver->subtype == PTY_TYPE_SLAVE && 307 tty->link && tty->link->count) 308 count++; 309 if (tty->count != count) { 310 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 311 "!= #fd's(%d) in %s\n", 312 tty->name, tty->count, count, routine); 313 return count; 314 } 315 #endif 316 return 0; 317 } 318 319 /** 320 * get_tty_driver - find device of a tty 321 * @dev_t: device identifier 322 * @index: returns the index of the tty 323 * 324 * This routine returns a tty driver structure, given a device number 325 * and also passes back the index number. 326 * 327 * Locking: caller must hold tty_mutex 328 */ 329 330 static struct tty_driver *get_tty_driver(dev_t device, int *index) 331 { 332 struct tty_driver *p; 333 334 list_for_each_entry(p, &tty_drivers, tty_drivers) { 335 dev_t base = MKDEV(p->major, p->minor_start); 336 if (device < base || device >= base + p->num) 337 continue; 338 *index = device - base; 339 return tty_driver_kref_get(p); 340 } 341 return NULL; 342 } 343 344 #ifdef CONFIG_CONSOLE_POLL 345 346 /** 347 * tty_find_polling_driver - find device of a polled tty 348 * @name: name string to match 349 * @line: pointer to resulting tty line nr 350 * 351 * This routine returns a tty driver structure, given a name 352 * and the condition that the tty driver is capable of polled 353 * operation. 354 */ 355 struct tty_driver *tty_find_polling_driver(char *name, int *line) 356 { 357 struct tty_driver *p, *res = NULL; 358 int tty_line = 0; 359 int len; 360 char *str, *stp; 361 362 for (str = name; *str; str++) 363 if ((*str >= '0' && *str <= '9') || *str == ',') 364 break; 365 if (!*str) 366 return NULL; 367 368 len = str - name; 369 tty_line = simple_strtoul(str, &str, 10); 370 371 mutex_lock(&tty_mutex); 372 /* Search through the tty devices to look for a match */ 373 list_for_each_entry(p, &tty_drivers, tty_drivers) { 374 if (strncmp(name, p->name, len) != 0) 375 continue; 376 stp = str; 377 if (*stp == ',') 378 stp++; 379 if (*stp == '\0') 380 stp = NULL; 381 382 if (tty_line >= 0 && tty_line < p->num && p->ops && 383 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 384 res = tty_driver_kref_get(p); 385 *line = tty_line; 386 break; 387 } 388 } 389 mutex_unlock(&tty_mutex); 390 391 return res; 392 } 393 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 394 #endif 395 396 /** 397 * tty_check_change - check for POSIX terminal changes 398 * @tty: tty to check 399 * 400 * If we try to write to, or set the state of, a terminal and we're 401 * not in the foreground, send a SIGTTOU. If the signal is blocked or 402 * ignored, go ahead and perform the operation. (POSIX 7.2) 403 * 404 * Locking: ctrl_lock 405 */ 406 407 int tty_check_change(struct tty_struct *tty) 408 { 409 unsigned long flags; 410 int ret = 0; 411 412 if (current->signal->tty != tty) 413 return 0; 414 415 spin_lock_irqsave(&tty->ctrl_lock, flags); 416 417 if (!tty->pgrp) { 418 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 419 goto out_unlock; 420 } 421 if (task_pgrp(current) == tty->pgrp) 422 goto out_unlock; 423 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 424 if (is_ignored(SIGTTOU)) 425 goto out; 426 if (is_current_pgrp_orphaned()) { 427 ret = -EIO; 428 goto out; 429 } 430 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 431 set_thread_flag(TIF_SIGPENDING); 432 ret = -ERESTARTSYS; 433 out: 434 return ret; 435 out_unlock: 436 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 437 return ret; 438 } 439 440 EXPORT_SYMBOL(tty_check_change); 441 442 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 443 size_t count, loff_t *ppos) 444 { 445 return 0; 446 } 447 448 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 449 size_t count, loff_t *ppos) 450 { 451 return -EIO; 452 } 453 454 /* No kernel lock held - none needed ;) */ 455 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 456 { 457 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 458 } 459 460 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 461 unsigned long arg) 462 { 463 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 464 } 465 466 static long hung_up_tty_compat_ioctl(struct file *file, 467 unsigned int cmd, unsigned long arg) 468 { 469 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 470 } 471 472 static const struct file_operations tty_fops = { 473 .llseek = no_llseek, 474 .read = tty_read, 475 .write = tty_write, 476 .poll = tty_poll, 477 .unlocked_ioctl = tty_ioctl, 478 .compat_ioctl = tty_compat_ioctl, 479 .open = tty_open, 480 .release = tty_release, 481 .fasync = tty_fasync, 482 }; 483 484 static const struct file_operations console_fops = { 485 .llseek = no_llseek, 486 .read = tty_read, 487 .write = redirected_tty_write, 488 .poll = tty_poll, 489 .unlocked_ioctl = tty_ioctl, 490 .compat_ioctl = tty_compat_ioctl, 491 .open = tty_open, 492 .release = tty_release, 493 .fasync = tty_fasync, 494 }; 495 496 static const struct file_operations hung_up_tty_fops = { 497 .llseek = no_llseek, 498 .read = hung_up_tty_read, 499 .write = hung_up_tty_write, 500 .poll = hung_up_tty_poll, 501 .unlocked_ioctl = hung_up_tty_ioctl, 502 .compat_ioctl = hung_up_tty_compat_ioctl, 503 .release = tty_release, 504 }; 505 506 static DEFINE_SPINLOCK(redirect_lock); 507 static struct file *redirect; 508 509 /** 510 * tty_wakeup - request more data 511 * @tty: terminal 512 * 513 * Internal and external helper for wakeups of tty. This function 514 * informs the line discipline if present that the driver is ready 515 * to receive more output data. 516 */ 517 518 void tty_wakeup(struct tty_struct *tty) 519 { 520 struct tty_ldisc *ld; 521 522 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 523 ld = tty_ldisc_ref(tty); 524 if (ld) { 525 if (ld->ops->write_wakeup) 526 ld->ops->write_wakeup(tty); 527 tty_ldisc_deref(ld); 528 } 529 } 530 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 531 } 532 533 EXPORT_SYMBOL_GPL(tty_wakeup); 534 535 /** 536 * __tty_hangup - actual handler for hangup events 537 * @work: tty device 538 * 539 * This can be called by a "kworker" kernel thread. That is process 540 * synchronous but doesn't hold any locks, so we need to make sure we 541 * have the appropriate locks for what we're doing. 542 * 543 * The hangup event clears any pending redirections onto the hung up 544 * device. It ensures future writes will error and it does the needed 545 * line discipline hangup and signal delivery. The tty object itself 546 * remains intact. 547 * 548 * Locking: 549 * BTM 550 * redirect lock for undoing redirection 551 * file list lock for manipulating list of ttys 552 * tty_ldisc_lock from called functions 553 * termios_mutex resetting termios data 554 * tasklist_lock to walk task list for hangup event 555 * ->siglock to protect ->signal/->sighand 556 */ 557 static void __tty_hangup(struct tty_struct *tty) 558 { 559 struct file *cons_filp = NULL; 560 struct file *filp, *f = NULL; 561 struct task_struct *p; 562 struct tty_file_private *priv; 563 int closecount = 0, n; 564 unsigned long flags; 565 int refs = 0; 566 567 if (!tty) 568 return; 569 570 571 spin_lock(&redirect_lock); 572 if (redirect && file_tty(redirect) == tty) { 573 f = redirect; 574 redirect = NULL; 575 } 576 spin_unlock(&redirect_lock); 577 578 tty_lock(tty); 579 580 /* some functions below drop BTM, so we need this bit */ 581 set_bit(TTY_HUPPING, &tty->flags); 582 583 /* inuse_filps is protected by the single tty lock, 584 this really needs to change if we want to flush the 585 workqueue with the lock held */ 586 check_tty_count(tty, "tty_hangup"); 587 588 spin_lock(&tty_files_lock); 589 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 590 list_for_each_entry(priv, &tty->tty_files, list) { 591 filp = priv->file; 592 if (filp->f_op->write == redirected_tty_write) 593 cons_filp = filp; 594 if (filp->f_op->write != tty_write) 595 continue; 596 closecount++; 597 __tty_fasync(-1, filp, 0); /* can't block */ 598 filp->f_op = &hung_up_tty_fops; 599 } 600 spin_unlock(&tty_files_lock); 601 602 /* 603 * it drops BTM and thus races with reopen 604 * we protect the race by TTY_HUPPING 605 */ 606 tty_ldisc_hangup(tty); 607 608 read_lock(&tasklist_lock); 609 if (tty->session) { 610 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 611 spin_lock_irq(&p->sighand->siglock); 612 if (p->signal->tty == tty) { 613 p->signal->tty = NULL; 614 /* We defer the dereferences outside fo 615 the tasklist lock */ 616 refs++; 617 } 618 if (!p->signal->leader) { 619 spin_unlock_irq(&p->sighand->siglock); 620 continue; 621 } 622 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 623 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 624 put_pid(p->signal->tty_old_pgrp); /* A noop */ 625 spin_lock_irqsave(&tty->ctrl_lock, flags); 626 if (tty->pgrp) 627 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 628 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 629 spin_unlock_irq(&p->sighand->siglock); 630 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 631 } 632 read_unlock(&tasklist_lock); 633 634 spin_lock_irqsave(&tty->ctrl_lock, flags); 635 clear_bit(TTY_THROTTLED, &tty->flags); 636 clear_bit(TTY_PUSH, &tty->flags); 637 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 638 put_pid(tty->session); 639 put_pid(tty->pgrp); 640 tty->session = NULL; 641 tty->pgrp = NULL; 642 tty->ctrl_status = 0; 643 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 644 645 /* Account for the p->signal references we killed */ 646 while (refs--) 647 tty_kref_put(tty); 648 649 /* 650 * If one of the devices matches a console pointer, we 651 * cannot just call hangup() because that will cause 652 * tty->count and state->count to go out of sync. 653 * So we just call close() the right number of times. 654 */ 655 if (cons_filp) { 656 if (tty->ops->close) 657 for (n = 0; n < closecount; n++) 658 tty->ops->close(tty, cons_filp); 659 } else if (tty->ops->hangup) 660 (tty->ops->hangup)(tty); 661 /* 662 * We don't want to have driver/ldisc interactions beyond 663 * the ones we did here. The driver layer expects no 664 * calls after ->hangup() from the ldisc side. However we 665 * can't yet guarantee all that. 666 */ 667 set_bit(TTY_HUPPED, &tty->flags); 668 clear_bit(TTY_HUPPING, &tty->flags); 669 tty_ldisc_enable(tty); 670 671 tty_unlock(tty); 672 673 if (f) 674 fput(f); 675 } 676 677 static void do_tty_hangup(struct work_struct *work) 678 { 679 struct tty_struct *tty = 680 container_of(work, struct tty_struct, hangup_work); 681 682 __tty_hangup(tty); 683 } 684 685 /** 686 * tty_hangup - trigger a hangup event 687 * @tty: tty to hangup 688 * 689 * A carrier loss (virtual or otherwise) has occurred on this like 690 * schedule a hangup sequence to run after this event. 691 */ 692 693 void tty_hangup(struct tty_struct *tty) 694 { 695 #ifdef TTY_DEBUG_HANGUP 696 char buf[64]; 697 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 698 #endif 699 schedule_work(&tty->hangup_work); 700 } 701 702 EXPORT_SYMBOL(tty_hangup); 703 704 /** 705 * tty_vhangup - process vhangup 706 * @tty: tty to hangup 707 * 708 * The user has asked via system call for the terminal to be hung up. 709 * We do this synchronously so that when the syscall returns the process 710 * is complete. That guarantee is necessary for security reasons. 711 */ 712 713 void tty_vhangup(struct tty_struct *tty) 714 { 715 #ifdef TTY_DEBUG_HANGUP 716 char buf[64]; 717 718 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 719 #endif 720 __tty_hangup(tty); 721 } 722 723 EXPORT_SYMBOL(tty_vhangup); 724 725 726 /** 727 * tty_vhangup_self - process vhangup for own ctty 728 * 729 * Perform a vhangup on the current controlling tty 730 */ 731 732 void tty_vhangup_self(void) 733 { 734 struct tty_struct *tty; 735 736 tty = get_current_tty(); 737 if (tty) { 738 tty_vhangup(tty); 739 tty_kref_put(tty); 740 } 741 } 742 743 /** 744 * tty_hung_up_p - was tty hung up 745 * @filp: file pointer of tty 746 * 747 * Return true if the tty has been subject to a vhangup or a carrier 748 * loss 749 */ 750 751 int tty_hung_up_p(struct file *filp) 752 { 753 return (filp->f_op == &hung_up_tty_fops); 754 } 755 756 EXPORT_SYMBOL(tty_hung_up_p); 757 758 static void session_clear_tty(struct pid *session) 759 { 760 struct task_struct *p; 761 do_each_pid_task(session, PIDTYPE_SID, p) { 762 proc_clear_tty(p); 763 } while_each_pid_task(session, PIDTYPE_SID, p); 764 } 765 766 /** 767 * disassociate_ctty - disconnect controlling tty 768 * @on_exit: true if exiting so need to "hang up" the session 769 * 770 * This function is typically called only by the session leader, when 771 * it wants to disassociate itself from its controlling tty. 772 * 773 * It performs the following functions: 774 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 775 * (2) Clears the tty from being controlling the session 776 * (3) Clears the controlling tty for all processes in the 777 * session group. 778 * 779 * The argument on_exit is set to 1 if called when a process is 780 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 781 * 782 * Locking: 783 * BTM is taken for hysterical raisins, and held when 784 * called from no_tty(). 785 * tty_mutex is taken to protect tty 786 * ->siglock is taken to protect ->signal/->sighand 787 * tasklist_lock is taken to walk process list for sessions 788 * ->siglock is taken to protect ->signal/->sighand 789 */ 790 791 void disassociate_ctty(int on_exit) 792 { 793 struct tty_struct *tty; 794 795 if (!current->signal->leader) 796 return; 797 798 tty = get_current_tty(); 799 if (tty) { 800 struct pid *tty_pgrp = get_pid(tty->pgrp); 801 if (on_exit) { 802 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 803 tty_vhangup(tty); 804 } 805 tty_kref_put(tty); 806 if (tty_pgrp) { 807 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 808 if (!on_exit) 809 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 810 put_pid(tty_pgrp); 811 } 812 } else if (on_exit) { 813 struct pid *old_pgrp; 814 spin_lock_irq(¤t->sighand->siglock); 815 old_pgrp = current->signal->tty_old_pgrp; 816 current->signal->tty_old_pgrp = NULL; 817 spin_unlock_irq(¤t->sighand->siglock); 818 if (old_pgrp) { 819 kill_pgrp(old_pgrp, SIGHUP, on_exit); 820 kill_pgrp(old_pgrp, SIGCONT, on_exit); 821 put_pid(old_pgrp); 822 } 823 return; 824 } 825 826 spin_lock_irq(¤t->sighand->siglock); 827 put_pid(current->signal->tty_old_pgrp); 828 current->signal->tty_old_pgrp = NULL; 829 spin_unlock_irq(¤t->sighand->siglock); 830 831 tty = get_current_tty(); 832 if (tty) { 833 unsigned long flags; 834 spin_lock_irqsave(&tty->ctrl_lock, flags); 835 put_pid(tty->session); 836 put_pid(tty->pgrp); 837 tty->session = NULL; 838 tty->pgrp = NULL; 839 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 840 tty_kref_put(tty); 841 } else { 842 #ifdef TTY_DEBUG_HANGUP 843 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 844 " = NULL", tty); 845 #endif 846 } 847 848 /* Now clear signal->tty under the lock */ 849 read_lock(&tasklist_lock); 850 session_clear_tty(task_session(current)); 851 read_unlock(&tasklist_lock); 852 } 853 854 /** 855 * 856 * no_tty - Ensure the current process does not have a controlling tty 857 */ 858 void no_tty(void) 859 { 860 /* FIXME: Review locking here. The tty_lock never covered any race 861 between a new association and proc_clear_tty but possible we need 862 to protect against this anyway */ 863 struct task_struct *tsk = current; 864 disassociate_ctty(0); 865 proc_clear_tty(tsk); 866 } 867 868 869 /** 870 * stop_tty - propagate flow control 871 * @tty: tty to stop 872 * 873 * Perform flow control to the driver. For PTY/TTY pairs we 874 * must also propagate the TIOCKPKT status. May be called 875 * on an already stopped device and will not re-call the driver 876 * method. 877 * 878 * This functionality is used by both the line disciplines for 879 * halting incoming flow and by the driver. It may therefore be 880 * called from any context, may be under the tty atomic_write_lock 881 * but not always. 882 * 883 * Locking: 884 * Uses the tty control lock internally 885 */ 886 887 void stop_tty(struct tty_struct *tty) 888 { 889 unsigned long flags; 890 spin_lock_irqsave(&tty->ctrl_lock, flags); 891 if (tty->stopped) { 892 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 893 return; 894 } 895 tty->stopped = 1; 896 if (tty->link && tty->link->packet) { 897 tty->ctrl_status &= ~TIOCPKT_START; 898 tty->ctrl_status |= TIOCPKT_STOP; 899 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 900 } 901 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 902 if (tty->ops->stop) 903 (tty->ops->stop)(tty); 904 } 905 906 EXPORT_SYMBOL(stop_tty); 907 908 /** 909 * start_tty - propagate flow control 910 * @tty: tty to start 911 * 912 * Start a tty that has been stopped if at all possible. Perform 913 * any necessary wakeups and propagate the TIOCPKT status. If this 914 * is the tty was previous stopped and is being started then the 915 * driver start method is invoked and the line discipline woken. 916 * 917 * Locking: 918 * ctrl_lock 919 */ 920 921 void start_tty(struct tty_struct *tty) 922 { 923 unsigned long flags; 924 spin_lock_irqsave(&tty->ctrl_lock, flags); 925 if (!tty->stopped || tty->flow_stopped) { 926 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 927 return; 928 } 929 tty->stopped = 0; 930 if (tty->link && tty->link->packet) { 931 tty->ctrl_status &= ~TIOCPKT_STOP; 932 tty->ctrl_status |= TIOCPKT_START; 933 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 934 } 935 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 936 if (tty->ops->start) 937 (tty->ops->start)(tty); 938 /* If we have a running line discipline it may need kicking */ 939 tty_wakeup(tty); 940 } 941 942 EXPORT_SYMBOL(start_tty); 943 944 /** 945 * tty_read - read method for tty device files 946 * @file: pointer to tty file 947 * @buf: user buffer 948 * @count: size of user buffer 949 * @ppos: unused 950 * 951 * Perform the read system call function on this terminal device. Checks 952 * for hung up devices before calling the line discipline method. 953 * 954 * Locking: 955 * Locks the line discipline internally while needed. Multiple 956 * read calls may be outstanding in parallel. 957 */ 958 959 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 960 loff_t *ppos) 961 { 962 int i; 963 struct inode *inode = file->f_path.dentry->d_inode; 964 struct tty_struct *tty = file_tty(file); 965 struct tty_ldisc *ld; 966 967 if (tty_paranoia_check(tty, inode, "tty_read")) 968 return -EIO; 969 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 970 return -EIO; 971 972 /* We want to wait for the line discipline to sort out in this 973 situation */ 974 ld = tty_ldisc_ref_wait(tty); 975 if (ld->ops->read) 976 i = (ld->ops->read)(tty, file, buf, count); 977 else 978 i = -EIO; 979 tty_ldisc_deref(ld); 980 981 return i; 982 } 983 984 void tty_write_unlock(struct tty_struct *tty) 985 __releases(&tty->atomic_write_lock) 986 { 987 mutex_unlock(&tty->atomic_write_lock); 988 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 989 } 990 991 int tty_write_lock(struct tty_struct *tty, int ndelay) 992 __acquires(&tty->atomic_write_lock) 993 { 994 if (!mutex_trylock(&tty->atomic_write_lock)) { 995 if (ndelay) 996 return -EAGAIN; 997 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 998 return -ERESTARTSYS; 999 } 1000 return 0; 1001 } 1002 1003 /* 1004 * Split writes up in sane blocksizes to avoid 1005 * denial-of-service type attacks 1006 */ 1007 static inline ssize_t do_tty_write( 1008 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1009 struct tty_struct *tty, 1010 struct file *file, 1011 const char __user *buf, 1012 size_t count) 1013 { 1014 ssize_t ret, written = 0; 1015 unsigned int chunk; 1016 1017 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1018 if (ret < 0) 1019 return ret; 1020 1021 /* 1022 * We chunk up writes into a temporary buffer. This 1023 * simplifies low-level drivers immensely, since they 1024 * don't have locking issues and user mode accesses. 1025 * 1026 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1027 * big chunk-size.. 1028 * 1029 * The default chunk-size is 2kB, because the NTTY 1030 * layer has problems with bigger chunks. It will 1031 * claim to be able to handle more characters than 1032 * it actually does. 1033 * 1034 * FIXME: This can probably go away now except that 64K chunks 1035 * are too likely to fail unless switched to vmalloc... 1036 */ 1037 chunk = 2048; 1038 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1039 chunk = 65536; 1040 if (count < chunk) 1041 chunk = count; 1042 1043 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1044 if (tty->write_cnt < chunk) { 1045 unsigned char *buf_chunk; 1046 1047 if (chunk < 1024) 1048 chunk = 1024; 1049 1050 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1051 if (!buf_chunk) { 1052 ret = -ENOMEM; 1053 goto out; 1054 } 1055 kfree(tty->write_buf); 1056 tty->write_cnt = chunk; 1057 tty->write_buf = buf_chunk; 1058 } 1059 1060 /* Do the write .. */ 1061 for (;;) { 1062 size_t size = count; 1063 if (size > chunk) 1064 size = chunk; 1065 ret = -EFAULT; 1066 if (copy_from_user(tty->write_buf, buf, size)) 1067 break; 1068 ret = write(tty, file, tty->write_buf, size); 1069 if (ret <= 0) 1070 break; 1071 written += ret; 1072 buf += ret; 1073 count -= ret; 1074 if (!count) 1075 break; 1076 ret = -ERESTARTSYS; 1077 if (signal_pending(current)) 1078 break; 1079 cond_resched(); 1080 } 1081 if (written) 1082 ret = written; 1083 out: 1084 tty_write_unlock(tty); 1085 return ret; 1086 } 1087 1088 /** 1089 * tty_write_message - write a message to a certain tty, not just the console. 1090 * @tty: the destination tty_struct 1091 * @msg: the message to write 1092 * 1093 * This is used for messages that need to be redirected to a specific tty. 1094 * We don't put it into the syslog queue right now maybe in the future if 1095 * really needed. 1096 * 1097 * We must still hold the BTM and test the CLOSING flag for the moment. 1098 */ 1099 1100 void tty_write_message(struct tty_struct *tty, char *msg) 1101 { 1102 if (tty) { 1103 mutex_lock(&tty->atomic_write_lock); 1104 tty_lock(tty); 1105 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1106 tty_unlock(tty); 1107 tty->ops->write(tty, msg, strlen(msg)); 1108 } else 1109 tty_unlock(tty); 1110 tty_write_unlock(tty); 1111 } 1112 return; 1113 } 1114 1115 1116 /** 1117 * tty_write - write method for tty device file 1118 * @file: tty file pointer 1119 * @buf: user data to write 1120 * @count: bytes to write 1121 * @ppos: unused 1122 * 1123 * Write data to a tty device via the line discipline. 1124 * 1125 * Locking: 1126 * Locks the line discipline as required 1127 * Writes to the tty driver are serialized by the atomic_write_lock 1128 * and are then processed in chunks to the device. The line discipline 1129 * write method will not be invoked in parallel for each device. 1130 */ 1131 1132 static ssize_t tty_write(struct file *file, const char __user *buf, 1133 size_t count, loff_t *ppos) 1134 { 1135 struct inode *inode = file->f_path.dentry->d_inode; 1136 struct tty_struct *tty = file_tty(file); 1137 struct tty_ldisc *ld; 1138 ssize_t ret; 1139 1140 if (tty_paranoia_check(tty, inode, "tty_write")) 1141 return -EIO; 1142 if (!tty || !tty->ops->write || 1143 (test_bit(TTY_IO_ERROR, &tty->flags))) 1144 return -EIO; 1145 /* Short term debug to catch buggy drivers */ 1146 if (tty->ops->write_room == NULL) 1147 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1148 tty->driver->name); 1149 ld = tty_ldisc_ref_wait(tty); 1150 if (!ld->ops->write) 1151 ret = -EIO; 1152 else 1153 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1154 tty_ldisc_deref(ld); 1155 return ret; 1156 } 1157 1158 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1159 size_t count, loff_t *ppos) 1160 { 1161 struct file *p = NULL; 1162 1163 spin_lock(&redirect_lock); 1164 if (redirect) 1165 p = get_file(redirect); 1166 spin_unlock(&redirect_lock); 1167 1168 if (p) { 1169 ssize_t res; 1170 res = vfs_write(p, buf, count, &p->f_pos); 1171 fput(p); 1172 return res; 1173 } 1174 return tty_write(file, buf, count, ppos); 1175 } 1176 1177 static char ptychar[] = "pqrstuvwxyzabcde"; 1178 1179 /** 1180 * pty_line_name - generate name for a pty 1181 * @driver: the tty driver in use 1182 * @index: the minor number 1183 * @p: output buffer of at least 6 bytes 1184 * 1185 * Generate a name from a driver reference and write it to the output 1186 * buffer. 1187 * 1188 * Locking: None 1189 */ 1190 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1191 { 1192 int i = index + driver->name_base; 1193 /* ->name is initialized to "ttyp", but "tty" is expected */ 1194 sprintf(p, "%s%c%x", 1195 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1196 ptychar[i >> 4 & 0xf], i & 0xf); 1197 } 1198 1199 /** 1200 * tty_line_name - generate name for a tty 1201 * @driver: the tty driver in use 1202 * @index: the minor number 1203 * @p: output buffer of at least 7 bytes 1204 * 1205 * Generate a name from a driver reference and write it to the output 1206 * buffer. 1207 * 1208 * Locking: None 1209 */ 1210 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1211 { 1212 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE) 1213 strcpy(p, driver->name); 1214 else 1215 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1216 } 1217 1218 /** 1219 * tty_driver_lookup_tty() - find an existing tty, if any 1220 * @driver: the driver for the tty 1221 * @idx: the minor number 1222 * 1223 * Return the tty, if found or ERR_PTR() otherwise. 1224 * 1225 * Locking: tty_mutex must be held. If tty is found, the mutex must 1226 * be held until the 'fast-open' is also done. Will change once we 1227 * have refcounting in the driver and per driver locking 1228 */ 1229 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1230 struct inode *inode, int idx) 1231 { 1232 if (driver->ops->lookup) 1233 return driver->ops->lookup(driver, inode, idx); 1234 1235 return driver->ttys[idx]; 1236 } 1237 1238 /** 1239 * tty_init_termios - helper for termios setup 1240 * @tty: the tty to set up 1241 * 1242 * Initialise the termios structures for this tty. Thus runs under 1243 * the tty_mutex currently so we can be relaxed about ordering. 1244 */ 1245 1246 int tty_init_termios(struct tty_struct *tty) 1247 { 1248 struct ktermios *tp; 1249 int idx = tty->index; 1250 1251 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1252 tty->termios = tty->driver->init_termios; 1253 else { 1254 /* Check for lazy saved data */ 1255 tp = tty->driver->termios[idx]; 1256 if (tp != NULL) 1257 tty->termios = *tp; 1258 else 1259 tty->termios = tty->driver->init_termios; 1260 } 1261 /* Compatibility until drivers always set this */ 1262 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios); 1263 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios); 1264 return 0; 1265 } 1266 EXPORT_SYMBOL_GPL(tty_init_termios); 1267 1268 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1269 { 1270 int ret = tty_init_termios(tty); 1271 if (ret) 1272 return ret; 1273 1274 tty_driver_kref_get(driver); 1275 tty->count++; 1276 driver->ttys[tty->index] = tty; 1277 return 0; 1278 } 1279 EXPORT_SYMBOL_GPL(tty_standard_install); 1280 1281 /** 1282 * tty_driver_install_tty() - install a tty entry in the driver 1283 * @driver: the driver for the tty 1284 * @tty: the tty 1285 * 1286 * Install a tty object into the driver tables. The tty->index field 1287 * will be set by the time this is called. This method is responsible 1288 * for ensuring any need additional structures are allocated and 1289 * configured. 1290 * 1291 * Locking: tty_mutex for now 1292 */ 1293 static int tty_driver_install_tty(struct tty_driver *driver, 1294 struct tty_struct *tty) 1295 { 1296 return driver->ops->install ? driver->ops->install(driver, tty) : 1297 tty_standard_install(driver, tty); 1298 } 1299 1300 /** 1301 * tty_driver_remove_tty() - remove a tty from the driver tables 1302 * @driver: the driver for the tty 1303 * @idx: the minor number 1304 * 1305 * Remvoe a tty object from the driver tables. The tty->index field 1306 * will be set by the time this is called. 1307 * 1308 * Locking: tty_mutex for now 1309 */ 1310 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1311 { 1312 if (driver->ops->remove) 1313 driver->ops->remove(driver, tty); 1314 else 1315 driver->ttys[tty->index] = NULL; 1316 } 1317 1318 /* 1319 * tty_reopen() - fast re-open of an open tty 1320 * @tty - the tty to open 1321 * 1322 * Return 0 on success, -errno on error. 1323 * 1324 * Locking: tty_mutex must be held from the time the tty was found 1325 * till this open completes. 1326 */ 1327 static int tty_reopen(struct tty_struct *tty) 1328 { 1329 struct tty_driver *driver = tty->driver; 1330 1331 if (test_bit(TTY_CLOSING, &tty->flags) || 1332 test_bit(TTY_HUPPING, &tty->flags) || 1333 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1334 return -EIO; 1335 1336 if (driver->type == TTY_DRIVER_TYPE_PTY && 1337 driver->subtype == PTY_TYPE_MASTER) { 1338 /* 1339 * special case for PTY masters: only one open permitted, 1340 * and the slave side open count is incremented as well. 1341 */ 1342 if (tty->count) 1343 return -EIO; 1344 1345 tty->link->count++; 1346 } 1347 tty->count++; 1348 1349 mutex_lock(&tty->ldisc_mutex); 1350 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1351 mutex_unlock(&tty->ldisc_mutex); 1352 1353 return 0; 1354 } 1355 1356 /** 1357 * tty_init_dev - initialise a tty device 1358 * @driver: tty driver we are opening a device on 1359 * @idx: device index 1360 * @ret_tty: returned tty structure 1361 * 1362 * Prepare a tty device. This may not be a "new" clean device but 1363 * could also be an active device. The pty drivers require special 1364 * handling because of this. 1365 * 1366 * Locking: 1367 * The function is called under the tty_mutex, which 1368 * protects us from the tty struct or driver itself going away. 1369 * 1370 * On exit the tty device has the line discipline attached and 1371 * a reference count of 1. If a pair was created for pty/tty use 1372 * and the other was a pty master then it too has a reference count of 1. 1373 * 1374 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1375 * failed open. The new code protects the open with a mutex, so it's 1376 * really quite straightforward. The mutex locking can probably be 1377 * relaxed for the (most common) case of reopening a tty. 1378 */ 1379 1380 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1381 { 1382 struct tty_struct *tty; 1383 int retval; 1384 1385 /* 1386 * First time open is complex, especially for PTY devices. 1387 * This code guarantees that either everything succeeds and the 1388 * TTY is ready for operation, or else the table slots are vacated 1389 * and the allocated memory released. (Except that the termios 1390 * and locked termios may be retained.) 1391 */ 1392 1393 if (!try_module_get(driver->owner)) 1394 return ERR_PTR(-ENODEV); 1395 1396 tty = alloc_tty_struct(); 1397 if (!tty) { 1398 retval = -ENOMEM; 1399 goto err_module_put; 1400 } 1401 initialize_tty_struct(tty, driver, idx); 1402 1403 tty_lock(tty); 1404 retval = tty_driver_install_tty(driver, tty); 1405 if (retval < 0) 1406 goto err_deinit_tty; 1407 1408 if (!tty->port) 1409 tty->port = driver->ports[idx]; 1410 1411 WARN_RATELIMIT(!tty->port, 1412 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n", 1413 __func__, tty->driver->name); 1414 1415 tty->port->itty = tty; 1416 1417 /* 1418 * Structures all installed ... call the ldisc open routines. 1419 * If we fail here just call release_tty to clean up. No need 1420 * to decrement the use counts, as release_tty doesn't care. 1421 */ 1422 retval = tty_ldisc_setup(tty, tty->link); 1423 if (retval) 1424 goto err_release_tty; 1425 /* Return the tty locked so that it cannot vanish under the caller */ 1426 return tty; 1427 1428 err_deinit_tty: 1429 tty_unlock(tty); 1430 deinitialize_tty_struct(tty); 1431 free_tty_struct(tty); 1432 err_module_put: 1433 module_put(driver->owner); 1434 return ERR_PTR(retval); 1435 1436 /* call the tty release_tty routine to clean out this slot */ 1437 err_release_tty: 1438 tty_unlock(tty); 1439 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1440 "clearing slot %d\n", idx); 1441 release_tty(tty, idx); 1442 return ERR_PTR(retval); 1443 } 1444 1445 void tty_free_termios(struct tty_struct *tty) 1446 { 1447 struct ktermios *tp; 1448 int idx = tty->index; 1449 1450 /* If the port is going to reset then it has no termios to save */ 1451 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1452 return; 1453 1454 /* Stash the termios data */ 1455 tp = tty->driver->termios[idx]; 1456 if (tp == NULL) { 1457 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL); 1458 if (tp == NULL) { 1459 pr_warn("tty: no memory to save termios state.\n"); 1460 return; 1461 } 1462 tty->driver->termios[idx] = tp; 1463 } 1464 *tp = tty->termios; 1465 } 1466 EXPORT_SYMBOL(tty_free_termios); 1467 1468 1469 /** 1470 * release_one_tty - release tty structure memory 1471 * @kref: kref of tty we are obliterating 1472 * 1473 * Releases memory associated with a tty structure, and clears out the 1474 * driver table slots. This function is called when a device is no longer 1475 * in use. It also gets called when setup of a device fails. 1476 * 1477 * Locking: 1478 * takes the file list lock internally when working on the list 1479 * of ttys that the driver keeps. 1480 * 1481 * This method gets called from a work queue so that the driver private 1482 * cleanup ops can sleep (needed for USB at least) 1483 */ 1484 static void release_one_tty(struct work_struct *work) 1485 { 1486 struct tty_struct *tty = 1487 container_of(work, struct tty_struct, hangup_work); 1488 struct tty_driver *driver = tty->driver; 1489 1490 if (tty->ops->cleanup) 1491 tty->ops->cleanup(tty); 1492 1493 tty->magic = 0; 1494 tty_driver_kref_put(driver); 1495 module_put(driver->owner); 1496 1497 spin_lock(&tty_files_lock); 1498 list_del_init(&tty->tty_files); 1499 spin_unlock(&tty_files_lock); 1500 1501 put_pid(tty->pgrp); 1502 put_pid(tty->session); 1503 free_tty_struct(tty); 1504 } 1505 1506 static void queue_release_one_tty(struct kref *kref) 1507 { 1508 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1509 1510 /* The hangup queue is now free so we can reuse it rather than 1511 waste a chunk of memory for each port */ 1512 INIT_WORK(&tty->hangup_work, release_one_tty); 1513 schedule_work(&tty->hangup_work); 1514 } 1515 1516 /** 1517 * tty_kref_put - release a tty kref 1518 * @tty: tty device 1519 * 1520 * Release a reference to a tty device and if need be let the kref 1521 * layer destruct the object for us 1522 */ 1523 1524 void tty_kref_put(struct tty_struct *tty) 1525 { 1526 if (tty) 1527 kref_put(&tty->kref, queue_release_one_tty); 1528 } 1529 EXPORT_SYMBOL(tty_kref_put); 1530 1531 /** 1532 * release_tty - release tty structure memory 1533 * 1534 * Release both @tty and a possible linked partner (think pty pair), 1535 * and decrement the refcount of the backing module. 1536 * 1537 * Locking: 1538 * tty_mutex 1539 * takes the file list lock internally when working on the list 1540 * of ttys that the driver keeps. 1541 * 1542 */ 1543 static void release_tty(struct tty_struct *tty, int idx) 1544 { 1545 /* This should always be true but check for the moment */ 1546 WARN_ON(tty->index != idx); 1547 WARN_ON(!mutex_is_locked(&tty_mutex)); 1548 if (tty->ops->shutdown) 1549 tty->ops->shutdown(tty); 1550 tty_free_termios(tty); 1551 tty_driver_remove_tty(tty->driver, tty); 1552 tty->port->itty = NULL; 1553 1554 if (tty->link) 1555 tty_kref_put(tty->link); 1556 tty_kref_put(tty); 1557 } 1558 1559 /** 1560 * tty_release_checks - check a tty before real release 1561 * @tty: tty to check 1562 * @o_tty: link of @tty (if any) 1563 * @idx: index of the tty 1564 * 1565 * Performs some paranoid checking before true release of the @tty. 1566 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1567 */ 1568 static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty, 1569 int idx) 1570 { 1571 #ifdef TTY_PARANOIA_CHECK 1572 if (idx < 0 || idx >= tty->driver->num) { 1573 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n", 1574 __func__, tty->name); 1575 return -1; 1576 } 1577 1578 /* not much to check for devpts */ 1579 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1580 return 0; 1581 1582 if (tty != tty->driver->ttys[idx]) { 1583 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n", 1584 __func__, idx, tty->name); 1585 return -1; 1586 } 1587 if (tty->driver->other) { 1588 if (o_tty != tty->driver->other->ttys[idx]) { 1589 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n", 1590 __func__, idx, tty->name); 1591 return -1; 1592 } 1593 if (o_tty->link != tty) { 1594 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__); 1595 return -1; 1596 } 1597 } 1598 #endif 1599 return 0; 1600 } 1601 1602 /** 1603 * tty_release - vfs callback for close 1604 * @inode: inode of tty 1605 * @filp: file pointer for handle to tty 1606 * 1607 * Called the last time each file handle is closed that references 1608 * this tty. There may however be several such references. 1609 * 1610 * Locking: 1611 * Takes bkl. See tty_release_dev 1612 * 1613 * Even releasing the tty structures is a tricky business.. We have 1614 * to be very careful that the structures are all released at the 1615 * same time, as interrupts might otherwise get the wrong pointers. 1616 * 1617 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1618 * lead to double frees or releasing memory still in use. 1619 */ 1620 1621 int tty_release(struct inode *inode, struct file *filp) 1622 { 1623 struct tty_struct *tty = file_tty(filp); 1624 struct tty_struct *o_tty; 1625 int pty_master, tty_closing, o_tty_closing, do_sleep; 1626 int idx; 1627 char buf[64]; 1628 1629 if (tty_paranoia_check(tty, inode, __func__)) 1630 return 0; 1631 1632 tty_lock(tty); 1633 check_tty_count(tty, __func__); 1634 1635 __tty_fasync(-1, filp, 0); 1636 1637 idx = tty->index; 1638 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1639 tty->driver->subtype == PTY_TYPE_MASTER); 1640 /* Review: parallel close */ 1641 o_tty = tty->link; 1642 1643 if (tty_release_checks(tty, o_tty, idx)) { 1644 tty_unlock(tty); 1645 return 0; 1646 } 1647 1648 #ifdef TTY_DEBUG_HANGUP 1649 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__, 1650 tty_name(tty, buf), tty->count); 1651 #endif 1652 1653 if (tty->ops->close) 1654 tty->ops->close(tty, filp); 1655 1656 tty_unlock(tty); 1657 /* 1658 * Sanity check: if tty->count is going to zero, there shouldn't be 1659 * any waiters on tty->read_wait or tty->write_wait. We test the 1660 * wait queues and kick everyone out _before_ actually starting to 1661 * close. This ensures that we won't block while releasing the tty 1662 * structure. 1663 * 1664 * The test for the o_tty closing is necessary, since the master and 1665 * slave sides may close in any order. If the slave side closes out 1666 * first, its count will be one, since the master side holds an open. 1667 * Thus this test wouldn't be triggered at the time the slave closes, 1668 * so we do it now. 1669 * 1670 * Note that it's possible for the tty to be opened again while we're 1671 * flushing out waiters. By recalculating the closing flags before 1672 * each iteration we avoid any problems. 1673 */ 1674 while (1) { 1675 /* Guard against races with tty->count changes elsewhere and 1676 opens on /dev/tty */ 1677 1678 mutex_lock(&tty_mutex); 1679 tty_lock_pair(tty, o_tty); 1680 tty_closing = tty->count <= 1; 1681 o_tty_closing = o_tty && 1682 (o_tty->count <= (pty_master ? 1 : 0)); 1683 do_sleep = 0; 1684 1685 if (tty_closing) { 1686 if (waitqueue_active(&tty->read_wait)) { 1687 wake_up_poll(&tty->read_wait, POLLIN); 1688 do_sleep++; 1689 } 1690 if (waitqueue_active(&tty->write_wait)) { 1691 wake_up_poll(&tty->write_wait, POLLOUT); 1692 do_sleep++; 1693 } 1694 } 1695 if (o_tty_closing) { 1696 if (waitqueue_active(&o_tty->read_wait)) { 1697 wake_up_poll(&o_tty->read_wait, POLLIN); 1698 do_sleep++; 1699 } 1700 if (waitqueue_active(&o_tty->write_wait)) { 1701 wake_up_poll(&o_tty->write_wait, POLLOUT); 1702 do_sleep++; 1703 } 1704 } 1705 if (!do_sleep) 1706 break; 1707 1708 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n", 1709 __func__, tty_name(tty, buf)); 1710 tty_unlock_pair(tty, o_tty); 1711 mutex_unlock(&tty_mutex); 1712 schedule(); 1713 } 1714 1715 /* 1716 * The closing flags are now consistent with the open counts on 1717 * both sides, and we've completed the last operation that could 1718 * block, so it's safe to proceed with closing. 1719 * 1720 * We must *not* drop the tty_mutex until we ensure that a further 1721 * entry into tty_open can not pick up this tty. 1722 */ 1723 if (pty_master) { 1724 if (--o_tty->count < 0) { 1725 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n", 1726 __func__, o_tty->count, tty_name(o_tty, buf)); 1727 o_tty->count = 0; 1728 } 1729 } 1730 if (--tty->count < 0) { 1731 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n", 1732 __func__, tty->count, tty_name(tty, buf)); 1733 tty->count = 0; 1734 } 1735 1736 /* 1737 * We've decremented tty->count, so we need to remove this file 1738 * descriptor off the tty->tty_files list; this serves two 1739 * purposes: 1740 * - check_tty_count sees the correct number of file descriptors 1741 * associated with this tty. 1742 * - do_tty_hangup no longer sees this file descriptor as 1743 * something that needs to be handled for hangups. 1744 */ 1745 tty_del_file(filp); 1746 1747 /* 1748 * Perform some housekeeping before deciding whether to return. 1749 * 1750 * Set the TTY_CLOSING flag if this was the last open. In the 1751 * case of a pty we may have to wait around for the other side 1752 * to close, and TTY_CLOSING makes sure we can't be reopened. 1753 */ 1754 if (tty_closing) 1755 set_bit(TTY_CLOSING, &tty->flags); 1756 if (o_tty_closing) 1757 set_bit(TTY_CLOSING, &o_tty->flags); 1758 1759 /* 1760 * If _either_ side is closing, make sure there aren't any 1761 * processes that still think tty or o_tty is their controlling 1762 * tty. 1763 */ 1764 if (tty_closing || o_tty_closing) { 1765 read_lock(&tasklist_lock); 1766 session_clear_tty(tty->session); 1767 if (o_tty) 1768 session_clear_tty(o_tty->session); 1769 read_unlock(&tasklist_lock); 1770 } 1771 1772 mutex_unlock(&tty_mutex); 1773 tty_unlock_pair(tty, o_tty); 1774 /* At this point the TTY_CLOSING flag should ensure a dead tty 1775 cannot be re-opened by a racing opener */ 1776 1777 /* check whether both sides are closing ... */ 1778 if (!tty_closing || (o_tty && !o_tty_closing)) 1779 return 0; 1780 1781 #ifdef TTY_DEBUG_HANGUP 1782 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__); 1783 #endif 1784 /* 1785 * Ask the line discipline code to release its structures 1786 */ 1787 tty_ldisc_release(tty, o_tty); 1788 /* 1789 * The release_tty function takes care of the details of clearing 1790 * the slots and preserving the termios structure. The tty_unlock_pair 1791 * should be safe as we keep a kref while the tty is locked (so the 1792 * unlock never unlocks a freed tty). 1793 */ 1794 mutex_lock(&tty_mutex); 1795 release_tty(tty, idx); 1796 mutex_unlock(&tty_mutex); 1797 1798 return 0; 1799 } 1800 1801 /** 1802 * tty_open_current_tty - get tty of current task for open 1803 * @device: device number 1804 * @filp: file pointer to tty 1805 * @return: tty of the current task iff @device is /dev/tty 1806 * 1807 * We cannot return driver and index like for the other nodes because 1808 * devpts will not work then. It expects inodes to be from devpts FS. 1809 * 1810 * We need to move to returning a refcounted object from all the lookup 1811 * paths including this one. 1812 */ 1813 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1814 { 1815 struct tty_struct *tty; 1816 1817 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1818 return NULL; 1819 1820 tty = get_current_tty(); 1821 if (!tty) 1822 return ERR_PTR(-ENXIO); 1823 1824 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1825 /* noctty = 1; */ 1826 tty_kref_put(tty); 1827 /* FIXME: we put a reference and return a TTY! */ 1828 /* This is only safe because the caller holds tty_mutex */ 1829 return tty; 1830 } 1831 1832 /** 1833 * tty_lookup_driver - lookup a tty driver for a given device file 1834 * @device: device number 1835 * @filp: file pointer to tty 1836 * @noctty: set if the device should not become a controlling tty 1837 * @index: index for the device in the @return driver 1838 * @return: driver for this inode (with increased refcount) 1839 * 1840 * If @return is not erroneous, the caller is responsible to decrement the 1841 * refcount by tty_driver_kref_put. 1842 * 1843 * Locking: tty_mutex protects get_tty_driver 1844 */ 1845 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1846 int *noctty, int *index) 1847 { 1848 struct tty_driver *driver; 1849 1850 switch (device) { 1851 #ifdef CONFIG_VT 1852 case MKDEV(TTY_MAJOR, 0): { 1853 extern struct tty_driver *console_driver; 1854 driver = tty_driver_kref_get(console_driver); 1855 *index = fg_console; 1856 *noctty = 1; 1857 break; 1858 } 1859 #endif 1860 case MKDEV(TTYAUX_MAJOR, 1): { 1861 struct tty_driver *console_driver = console_device(index); 1862 if (console_driver) { 1863 driver = tty_driver_kref_get(console_driver); 1864 if (driver) { 1865 /* Don't let /dev/console block */ 1866 filp->f_flags |= O_NONBLOCK; 1867 *noctty = 1; 1868 break; 1869 } 1870 } 1871 return ERR_PTR(-ENODEV); 1872 } 1873 default: 1874 driver = get_tty_driver(device, index); 1875 if (!driver) 1876 return ERR_PTR(-ENODEV); 1877 break; 1878 } 1879 return driver; 1880 } 1881 1882 /** 1883 * tty_open - open a tty device 1884 * @inode: inode of device file 1885 * @filp: file pointer to tty 1886 * 1887 * tty_open and tty_release keep up the tty count that contains the 1888 * number of opens done on a tty. We cannot use the inode-count, as 1889 * different inodes might point to the same tty. 1890 * 1891 * Open-counting is needed for pty masters, as well as for keeping 1892 * track of serial lines: DTR is dropped when the last close happens. 1893 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1894 * 1895 * The termios state of a pty is reset on first open so that 1896 * settings don't persist across reuse. 1897 * 1898 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 1899 * tty->count should protect the rest. 1900 * ->siglock protects ->signal/->sighand 1901 * 1902 * Note: the tty_unlock/lock cases without a ref are only safe due to 1903 * tty_mutex 1904 */ 1905 1906 static int tty_open(struct inode *inode, struct file *filp) 1907 { 1908 struct tty_struct *tty; 1909 int noctty, retval; 1910 struct tty_driver *driver = NULL; 1911 int index; 1912 dev_t device = inode->i_rdev; 1913 unsigned saved_flags = filp->f_flags; 1914 1915 nonseekable_open(inode, filp); 1916 1917 retry_open: 1918 retval = tty_alloc_file(filp); 1919 if (retval) 1920 return -ENOMEM; 1921 1922 noctty = filp->f_flags & O_NOCTTY; 1923 index = -1; 1924 retval = 0; 1925 1926 mutex_lock(&tty_mutex); 1927 /* This is protected by the tty_mutex */ 1928 tty = tty_open_current_tty(device, filp); 1929 if (IS_ERR(tty)) { 1930 retval = PTR_ERR(tty); 1931 goto err_unlock; 1932 } else if (!tty) { 1933 driver = tty_lookup_driver(device, filp, &noctty, &index); 1934 if (IS_ERR(driver)) { 1935 retval = PTR_ERR(driver); 1936 goto err_unlock; 1937 } 1938 1939 /* check whether we're reopening an existing tty */ 1940 tty = tty_driver_lookup_tty(driver, inode, index); 1941 if (IS_ERR(tty)) { 1942 retval = PTR_ERR(tty); 1943 goto err_unlock; 1944 } 1945 } 1946 1947 if (tty) { 1948 tty_lock(tty); 1949 retval = tty_reopen(tty); 1950 if (retval < 0) { 1951 tty_unlock(tty); 1952 tty = ERR_PTR(retval); 1953 } 1954 } else /* Returns with the tty_lock held for now */ 1955 tty = tty_init_dev(driver, index); 1956 1957 mutex_unlock(&tty_mutex); 1958 if (driver) 1959 tty_driver_kref_put(driver); 1960 if (IS_ERR(tty)) { 1961 retval = PTR_ERR(tty); 1962 goto err_file; 1963 } 1964 1965 tty_add_file(tty, filp); 1966 1967 check_tty_count(tty, __func__); 1968 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1969 tty->driver->subtype == PTY_TYPE_MASTER) 1970 noctty = 1; 1971 #ifdef TTY_DEBUG_HANGUP 1972 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name); 1973 #endif 1974 if (tty->ops->open) 1975 retval = tty->ops->open(tty, filp); 1976 else 1977 retval = -ENODEV; 1978 filp->f_flags = saved_flags; 1979 1980 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1981 !capable(CAP_SYS_ADMIN)) 1982 retval = -EBUSY; 1983 1984 if (retval) { 1985 #ifdef TTY_DEBUG_HANGUP 1986 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__, 1987 retval, tty->name); 1988 #endif 1989 tty_unlock(tty); /* need to call tty_release without BTM */ 1990 tty_release(inode, filp); 1991 if (retval != -ERESTARTSYS) 1992 return retval; 1993 1994 if (signal_pending(current)) 1995 return retval; 1996 1997 schedule(); 1998 /* 1999 * Need to reset f_op in case a hangup happened. 2000 */ 2001 if (filp->f_op == &hung_up_tty_fops) 2002 filp->f_op = &tty_fops; 2003 goto retry_open; 2004 } 2005 tty_unlock(tty); 2006 2007 2008 mutex_lock(&tty_mutex); 2009 tty_lock(tty); 2010 spin_lock_irq(¤t->sighand->siglock); 2011 if (!noctty && 2012 current->signal->leader && 2013 !current->signal->tty && 2014 tty->session == NULL) 2015 __proc_set_tty(current, tty); 2016 spin_unlock_irq(¤t->sighand->siglock); 2017 tty_unlock(tty); 2018 mutex_unlock(&tty_mutex); 2019 return 0; 2020 err_unlock: 2021 mutex_unlock(&tty_mutex); 2022 /* after locks to avoid deadlock */ 2023 if (!IS_ERR_OR_NULL(driver)) 2024 tty_driver_kref_put(driver); 2025 err_file: 2026 tty_free_file(filp); 2027 return retval; 2028 } 2029 2030 2031 2032 /** 2033 * tty_poll - check tty status 2034 * @filp: file being polled 2035 * @wait: poll wait structures to update 2036 * 2037 * Call the line discipline polling method to obtain the poll 2038 * status of the device. 2039 * 2040 * Locking: locks called line discipline but ldisc poll method 2041 * may be re-entered freely by other callers. 2042 */ 2043 2044 static unsigned int tty_poll(struct file *filp, poll_table *wait) 2045 { 2046 struct tty_struct *tty = file_tty(filp); 2047 struct tty_ldisc *ld; 2048 int ret = 0; 2049 2050 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 2051 return 0; 2052 2053 ld = tty_ldisc_ref_wait(tty); 2054 if (ld->ops->poll) 2055 ret = (ld->ops->poll)(tty, filp, wait); 2056 tty_ldisc_deref(ld); 2057 return ret; 2058 } 2059 2060 static int __tty_fasync(int fd, struct file *filp, int on) 2061 { 2062 struct tty_struct *tty = file_tty(filp); 2063 unsigned long flags; 2064 int retval = 0; 2065 2066 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 2067 goto out; 2068 2069 retval = fasync_helper(fd, filp, on, &tty->fasync); 2070 if (retval <= 0) 2071 goto out; 2072 2073 if (on) { 2074 enum pid_type type; 2075 struct pid *pid; 2076 if (!waitqueue_active(&tty->read_wait)) 2077 tty->minimum_to_wake = 1; 2078 spin_lock_irqsave(&tty->ctrl_lock, flags); 2079 if (tty->pgrp) { 2080 pid = tty->pgrp; 2081 type = PIDTYPE_PGID; 2082 } else { 2083 pid = task_pid(current); 2084 type = PIDTYPE_PID; 2085 } 2086 get_pid(pid); 2087 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2088 retval = __f_setown(filp, pid, type, 0); 2089 put_pid(pid); 2090 if (retval) 2091 goto out; 2092 } else { 2093 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2094 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2095 } 2096 retval = 0; 2097 out: 2098 return retval; 2099 } 2100 2101 static int tty_fasync(int fd, struct file *filp, int on) 2102 { 2103 struct tty_struct *tty = file_tty(filp); 2104 int retval; 2105 2106 tty_lock(tty); 2107 retval = __tty_fasync(fd, filp, on); 2108 tty_unlock(tty); 2109 2110 return retval; 2111 } 2112 2113 /** 2114 * tiocsti - fake input character 2115 * @tty: tty to fake input into 2116 * @p: pointer to character 2117 * 2118 * Fake input to a tty device. Does the necessary locking and 2119 * input management. 2120 * 2121 * FIXME: does not honour flow control ?? 2122 * 2123 * Locking: 2124 * Called functions take tty_ldisc_lock 2125 * current->signal->tty check is safe without locks 2126 * 2127 * FIXME: may race normal receive processing 2128 */ 2129 2130 static int tiocsti(struct tty_struct *tty, char __user *p) 2131 { 2132 char ch, mbz = 0; 2133 struct tty_ldisc *ld; 2134 2135 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2136 return -EPERM; 2137 if (get_user(ch, p)) 2138 return -EFAULT; 2139 tty_audit_tiocsti(tty, ch); 2140 ld = tty_ldisc_ref_wait(tty); 2141 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2142 tty_ldisc_deref(ld); 2143 return 0; 2144 } 2145 2146 /** 2147 * tiocgwinsz - implement window query ioctl 2148 * @tty; tty 2149 * @arg: user buffer for result 2150 * 2151 * Copies the kernel idea of the window size into the user buffer. 2152 * 2153 * Locking: tty->termios_mutex is taken to ensure the winsize data 2154 * is consistent. 2155 */ 2156 2157 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2158 { 2159 int err; 2160 2161 mutex_lock(&tty->termios_mutex); 2162 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2163 mutex_unlock(&tty->termios_mutex); 2164 2165 return err ? -EFAULT: 0; 2166 } 2167 2168 /** 2169 * tty_do_resize - resize event 2170 * @tty: tty being resized 2171 * @rows: rows (character) 2172 * @cols: cols (character) 2173 * 2174 * Update the termios variables and send the necessary signals to 2175 * peform a terminal resize correctly 2176 */ 2177 2178 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2179 { 2180 struct pid *pgrp; 2181 unsigned long flags; 2182 2183 /* Lock the tty */ 2184 mutex_lock(&tty->termios_mutex); 2185 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2186 goto done; 2187 /* Get the PID values and reference them so we can 2188 avoid holding the tty ctrl lock while sending signals */ 2189 spin_lock_irqsave(&tty->ctrl_lock, flags); 2190 pgrp = get_pid(tty->pgrp); 2191 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2192 2193 if (pgrp) 2194 kill_pgrp(pgrp, SIGWINCH, 1); 2195 put_pid(pgrp); 2196 2197 tty->winsize = *ws; 2198 done: 2199 mutex_unlock(&tty->termios_mutex); 2200 return 0; 2201 } 2202 2203 /** 2204 * tiocswinsz - implement window size set ioctl 2205 * @tty; tty side of tty 2206 * @arg: user buffer for result 2207 * 2208 * Copies the user idea of the window size to the kernel. Traditionally 2209 * this is just advisory information but for the Linux console it 2210 * actually has driver level meaning and triggers a VC resize. 2211 * 2212 * Locking: 2213 * Driver dependent. The default do_resize method takes the 2214 * tty termios mutex and ctrl_lock. The console takes its own lock 2215 * then calls into the default method. 2216 */ 2217 2218 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2219 { 2220 struct winsize tmp_ws; 2221 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2222 return -EFAULT; 2223 2224 if (tty->ops->resize) 2225 return tty->ops->resize(tty, &tmp_ws); 2226 else 2227 return tty_do_resize(tty, &tmp_ws); 2228 } 2229 2230 /** 2231 * tioccons - allow admin to move logical console 2232 * @file: the file to become console 2233 * 2234 * Allow the administrator to move the redirected console device 2235 * 2236 * Locking: uses redirect_lock to guard the redirect information 2237 */ 2238 2239 static int tioccons(struct file *file) 2240 { 2241 if (!capable(CAP_SYS_ADMIN)) 2242 return -EPERM; 2243 if (file->f_op->write == redirected_tty_write) { 2244 struct file *f; 2245 spin_lock(&redirect_lock); 2246 f = redirect; 2247 redirect = NULL; 2248 spin_unlock(&redirect_lock); 2249 if (f) 2250 fput(f); 2251 return 0; 2252 } 2253 spin_lock(&redirect_lock); 2254 if (redirect) { 2255 spin_unlock(&redirect_lock); 2256 return -EBUSY; 2257 } 2258 redirect = get_file(file); 2259 spin_unlock(&redirect_lock); 2260 return 0; 2261 } 2262 2263 /** 2264 * fionbio - non blocking ioctl 2265 * @file: file to set blocking value 2266 * @p: user parameter 2267 * 2268 * Historical tty interfaces had a blocking control ioctl before 2269 * the generic functionality existed. This piece of history is preserved 2270 * in the expected tty API of posix OS's. 2271 * 2272 * Locking: none, the open file handle ensures it won't go away. 2273 */ 2274 2275 static int fionbio(struct file *file, int __user *p) 2276 { 2277 int nonblock; 2278 2279 if (get_user(nonblock, p)) 2280 return -EFAULT; 2281 2282 spin_lock(&file->f_lock); 2283 if (nonblock) 2284 file->f_flags |= O_NONBLOCK; 2285 else 2286 file->f_flags &= ~O_NONBLOCK; 2287 spin_unlock(&file->f_lock); 2288 return 0; 2289 } 2290 2291 /** 2292 * tiocsctty - set controlling tty 2293 * @tty: tty structure 2294 * @arg: user argument 2295 * 2296 * This ioctl is used to manage job control. It permits a session 2297 * leader to set this tty as the controlling tty for the session. 2298 * 2299 * Locking: 2300 * Takes tty_mutex() to protect tty instance 2301 * Takes tasklist_lock internally to walk sessions 2302 * Takes ->siglock() when updating signal->tty 2303 */ 2304 2305 static int tiocsctty(struct tty_struct *tty, int arg) 2306 { 2307 int ret = 0; 2308 if (current->signal->leader && (task_session(current) == tty->session)) 2309 return ret; 2310 2311 mutex_lock(&tty_mutex); 2312 /* 2313 * The process must be a session leader and 2314 * not have a controlling tty already. 2315 */ 2316 if (!current->signal->leader || current->signal->tty) { 2317 ret = -EPERM; 2318 goto unlock; 2319 } 2320 2321 if (tty->session) { 2322 /* 2323 * This tty is already the controlling 2324 * tty for another session group! 2325 */ 2326 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2327 /* 2328 * Steal it away 2329 */ 2330 read_lock(&tasklist_lock); 2331 session_clear_tty(tty->session); 2332 read_unlock(&tasklist_lock); 2333 } else { 2334 ret = -EPERM; 2335 goto unlock; 2336 } 2337 } 2338 proc_set_tty(current, tty); 2339 unlock: 2340 mutex_unlock(&tty_mutex); 2341 return ret; 2342 } 2343 2344 /** 2345 * tty_get_pgrp - return a ref counted pgrp pid 2346 * @tty: tty to read 2347 * 2348 * Returns a refcounted instance of the pid struct for the process 2349 * group controlling the tty. 2350 */ 2351 2352 struct pid *tty_get_pgrp(struct tty_struct *tty) 2353 { 2354 unsigned long flags; 2355 struct pid *pgrp; 2356 2357 spin_lock_irqsave(&tty->ctrl_lock, flags); 2358 pgrp = get_pid(tty->pgrp); 2359 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2360 2361 return pgrp; 2362 } 2363 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2364 2365 /** 2366 * tiocgpgrp - get process group 2367 * @tty: tty passed by user 2368 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2369 * @p: returned pid 2370 * 2371 * Obtain the process group of the tty. If there is no process group 2372 * return an error. 2373 * 2374 * Locking: none. Reference to current->signal->tty is safe. 2375 */ 2376 2377 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2378 { 2379 struct pid *pid; 2380 int ret; 2381 /* 2382 * (tty == real_tty) is a cheap way of 2383 * testing if the tty is NOT a master pty. 2384 */ 2385 if (tty == real_tty && current->signal->tty != real_tty) 2386 return -ENOTTY; 2387 pid = tty_get_pgrp(real_tty); 2388 ret = put_user(pid_vnr(pid), p); 2389 put_pid(pid); 2390 return ret; 2391 } 2392 2393 /** 2394 * tiocspgrp - attempt to set process group 2395 * @tty: tty passed by user 2396 * @real_tty: tty side device matching tty passed by user 2397 * @p: pid pointer 2398 * 2399 * Set the process group of the tty to the session passed. Only 2400 * permitted where the tty session is our session. 2401 * 2402 * Locking: RCU, ctrl lock 2403 */ 2404 2405 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2406 { 2407 struct pid *pgrp; 2408 pid_t pgrp_nr; 2409 int retval = tty_check_change(real_tty); 2410 unsigned long flags; 2411 2412 if (retval == -EIO) 2413 return -ENOTTY; 2414 if (retval) 2415 return retval; 2416 if (!current->signal->tty || 2417 (current->signal->tty != real_tty) || 2418 (real_tty->session != task_session(current))) 2419 return -ENOTTY; 2420 if (get_user(pgrp_nr, p)) 2421 return -EFAULT; 2422 if (pgrp_nr < 0) 2423 return -EINVAL; 2424 rcu_read_lock(); 2425 pgrp = find_vpid(pgrp_nr); 2426 retval = -ESRCH; 2427 if (!pgrp) 2428 goto out_unlock; 2429 retval = -EPERM; 2430 if (session_of_pgrp(pgrp) != task_session(current)) 2431 goto out_unlock; 2432 retval = 0; 2433 spin_lock_irqsave(&tty->ctrl_lock, flags); 2434 put_pid(real_tty->pgrp); 2435 real_tty->pgrp = get_pid(pgrp); 2436 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2437 out_unlock: 2438 rcu_read_unlock(); 2439 return retval; 2440 } 2441 2442 /** 2443 * tiocgsid - get session id 2444 * @tty: tty passed by user 2445 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2446 * @p: pointer to returned session id 2447 * 2448 * Obtain the session id of the tty. If there is no session 2449 * return an error. 2450 * 2451 * Locking: none. Reference to current->signal->tty is safe. 2452 */ 2453 2454 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2455 { 2456 /* 2457 * (tty == real_tty) is a cheap way of 2458 * testing if the tty is NOT a master pty. 2459 */ 2460 if (tty == real_tty && current->signal->tty != real_tty) 2461 return -ENOTTY; 2462 if (!real_tty->session) 2463 return -ENOTTY; 2464 return put_user(pid_vnr(real_tty->session), p); 2465 } 2466 2467 /** 2468 * tiocsetd - set line discipline 2469 * @tty: tty device 2470 * @p: pointer to user data 2471 * 2472 * Set the line discipline according to user request. 2473 * 2474 * Locking: see tty_set_ldisc, this function is just a helper 2475 */ 2476 2477 static int tiocsetd(struct tty_struct *tty, int __user *p) 2478 { 2479 int ldisc; 2480 int ret; 2481 2482 if (get_user(ldisc, p)) 2483 return -EFAULT; 2484 2485 ret = tty_set_ldisc(tty, ldisc); 2486 2487 return ret; 2488 } 2489 2490 /** 2491 * send_break - performed time break 2492 * @tty: device to break on 2493 * @duration: timeout in mS 2494 * 2495 * Perform a timed break on hardware that lacks its own driver level 2496 * timed break functionality. 2497 * 2498 * Locking: 2499 * atomic_write_lock serializes 2500 * 2501 */ 2502 2503 static int send_break(struct tty_struct *tty, unsigned int duration) 2504 { 2505 int retval; 2506 2507 if (tty->ops->break_ctl == NULL) 2508 return 0; 2509 2510 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2511 retval = tty->ops->break_ctl(tty, duration); 2512 else { 2513 /* Do the work ourselves */ 2514 if (tty_write_lock(tty, 0) < 0) 2515 return -EINTR; 2516 retval = tty->ops->break_ctl(tty, -1); 2517 if (retval) 2518 goto out; 2519 if (!signal_pending(current)) 2520 msleep_interruptible(duration); 2521 retval = tty->ops->break_ctl(tty, 0); 2522 out: 2523 tty_write_unlock(tty); 2524 if (signal_pending(current)) 2525 retval = -EINTR; 2526 } 2527 return retval; 2528 } 2529 2530 /** 2531 * tty_tiocmget - get modem status 2532 * @tty: tty device 2533 * @file: user file pointer 2534 * @p: pointer to result 2535 * 2536 * Obtain the modem status bits from the tty driver if the feature 2537 * is supported. Return -EINVAL if it is not available. 2538 * 2539 * Locking: none (up to the driver) 2540 */ 2541 2542 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2543 { 2544 int retval = -EINVAL; 2545 2546 if (tty->ops->tiocmget) { 2547 retval = tty->ops->tiocmget(tty); 2548 2549 if (retval >= 0) 2550 retval = put_user(retval, p); 2551 } 2552 return retval; 2553 } 2554 2555 /** 2556 * tty_tiocmset - set modem status 2557 * @tty: tty device 2558 * @cmd: command - clear bits, set bits or set all 2559 * @p: pointer to desired bits 2560 * 2561 * Set the modem status bits from the tty driver if the feature 2562 * is supported. Return -EINVAL if it is not available. 2563 * 2564 * Locking: none (up to the driver) 2565 */ 2566 2567 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2568 unsigned __user *p) 2569 { 2570 int retval; 2571 unsigned int set, clear, val; 2572 2573 if (tty->ops->tiocmset == NULL) 2574 return -EINVAL; 2575 2576 retval = get_user(val, p); 2577 if (retval) 2578 return retval; 2579 set = clear = 0; 2580 switch (cmd) { 2581 case TIOCMBIS: 2582 set = val; 2583 break; 2584 case TIOCMBIC: 2585 clear = val; 2586 break; 2587 case TIOCMSET: 2588 set = val; 2589 clear = ~val; 2590 break; 2591 } 2592 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2593 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2594 return tty->ops->tiocmset(tty, set, clear); 2595 } 2596 2597 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2598 { 2599 int retval = -EINVAL; 2600 struct serial_icounter_struct icount; 2601 memset(&icount, 0, sizeof(icount)); 2602 if (tty->ops->get_icount) 2603 retval = tty->ops->get_icount(tty, &icount); 2604 if (retval != 0) 2605 return retval; 2606 if (copy_to_user(arg, &icount, sizeof(icount))) 2607 return -EFAULT; 2608 return 0; 2609 } 2610 2611 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2612 { 2613 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2614 tty->driver->subtype == PTY_TYPE_MASTER) 2615 tty = tty->link; 2616 return tty; 2617 } 2618 EXPORT_SYMBOL(tty_pair_get_tty); 2619 2620 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2621 { 2622 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2623 tty->driver->subtype == PTY_TYPE_MASTER) 2624 return tty; 2625 return tty->link; 2626 } 2627 EXPORT_SYMBOL(tty_pair_get_pty); 2628 2629 /* 2630 * Split this up, as gcc can choke on it otherwise.. 2631 */ 2632 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2633 { 2634 struct tty_struct *tty = file_tty(file); 2635 struct tty_struct *real_tty; 2636 void __user *p = (void __user *)arg; 2637 int retval; 2638 struct tty_ldisc *ld; 2639 struct inode *inode = file->f_dentry->d_inode; 2640 2641 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2642 return -EINVAL; 2643 2644 real_tty = tty_pair_get_tty(tty); 2645 2646 /* 2647 * Factor out some common prep work 2648 */ 2649 switch (cmd) { 2650 case TIOCSETD: 2651 case TIOCSBRK: 2652 case TIOCCBRK: 2653 case TCSBRK: 2654 case TCSBRKP: 2655 retval = tty_check_change(tty); 2656 if (retval) 2657 return retval; 2658 if (cmd != TIOCCBRK) { 2659 tty_wait_until_sent(tty, 0); 2660 if (signal_pending(current)) 2661 return -EINTR; 2662 } 2663 break; 2664 } 2665 2666 /* 2667 * Now do the stuff. 2668 */ 2669 switch (cmd) { 2670 case TIOCSTI: 2671 return tiocsti(tty, p); 2672 case TIOCGWINSZ: 2673 return tiocgwinsz(real_tty, p); 2674 case TIOCSWINSZ: 2675 return tiocswinsz(real_tty, p); 2676 case TIOCCONS: 2677 return real_tty != tty ? -EINVAL : tioccons(file); 2678 case FIONBIO: 2679 return fionbio(file, p); 2680 case TIOCEXCL: 2681 set_bit(TTY_EXCLUSIVE, &tty->flags); 2682 return 0; 2683 case TIOCNXCL: 2684 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2685 return 0; 2686 case TIOCGEXCL: 2687 { 2688 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags); 2689 return put_user(excl, (int __user *)p); 2690 } 2691 case TIOCNOTTY: 2692 if (current->signal->tty != tty) 2693 return -ENOTTY; 2694 no_tty(); 2695 return 0; 2696 case TIOCSCTTY: 2697 return tiocsctty(tty, arg); 2698 case TIOCGPGRP: 2699 return tiocgpgrp(tty, real_tty, p); 2700 case TIOCSPGRP: 2701 return tiocspgrp(tty, real_tty, p); 2702 case TIOCGSID: 2703 return tiocgsid(tty, real_tty, p); 2704 case TIOCGETD: 2705 return put_user(tty->ldisc->ops->num, (int __user *)p); 2706 case TIOCSETD: 2707 return tiocsetd(tty, p); 2708 case TIOCVHANGUP: 2709 if (!capable(CAP_SYS_ADMIN)) 2710 return -EPERM; 2711 tty_vhangup(tty); 2712 return 0; 2713 case TIOCGDEV: 2714 { 2715 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2716 return put_user(ret, (unsigned int __user *)p); 2717 } 2718 /* 2719 * Break handling 2720 */ 2721 case TIOCSBRK: /* Turn break on, unconditionally */ 2722 if (tty->ops->break_ctl) 2723 return tty->ops->break_ctl(tty, -1); 2724 return 0; 2725 case TIOCCBRK: /* Turn break off, unconditionally */ 2726 if (tty->ops->break_ctl) 2727 return tty->ops->break_ctl(tty, 0); 2728 return 0; 2729 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2730 /* non-zero arg means wait for all output data 2731 * to be sent (performed above) but don't send break. 2732 * This is used by the tcdrain() termios function. 2733 */ 2734 if (!arg) 2735 return send_break(tty, 250); 2736 return 0; 2737 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2738 return send_break(tty, arg ? arg*100 : 250); 2739 2740 case TIOCMGET: 2741 return tty_tiocmget(tty, p); 2742 case TIOCMSET: 2743 case TIOCMBIC: 2744 case TIOCMBIS: 2745 return tty_tiocmset(tty, cmd, p); 2746 case TIOCGICOUNT: 2747 retval = tty_tiocgicount(tty, p); 2748 /* For the moment allow fall through to the old method */ 2749 if (retval != -EINVAL) 2750 return retval; 2751 break; 2752 case TCFLSH: 2753 switch (arg) { 2754 case TCIFLUSH: 2755 case TCIOFLUSH: 2756 /* flush tty buffer and allow ldisc to process ioctl */ 2757 tty_buffer_flush(tty); 2758 break; 2759 } 2760 break; 2761 } 2762 if (tty->ops->ioctl) { 2763 retval = (tty->ops->ioctl)(tty, cmd, arg); 2764 if (retval != -ENOIOCTLCMD) 2765 return retval; 2766 } 2767 ld = tty_ldisc_ref_wait(tty); 2768 retval = -EINVAL; 2769 if (ld->ops->ioctl) { 2770 retval = ld->ops->ioctl(tty, file, cmd, arg); 2771 if (retval == -ENOIOCTLCMD) 2772 retval = -ENOTTY; 2773 } 2774 tty_ldisc_deref(ld); 2775 return retval; 2776 } 2777 2778 #ifdef CONFIG_COMPAT 2779 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2780 unsigned long arg) 2781 { 2782 struct inode *inode = file->f_dentry->d_inode; 2783 struct tty_struct *tty = file_tty(file); 2784 struct tty_ldisc *ld; 2785 int retval = -ENOIOCTLCMD; 2786 2787 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2788 return -EINVAL; 2789 2790 if (tty->ops->compat_ioctl) { 2791 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2792 if (retval != -ENOIOCTLCMD) 2793 return retval; 2794 } 2795 2796 ld = tty_ldisc_ref_wait(tty); 2797 if (ld->ops->compat_ioctl) 2798 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2799 else 2800 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 2801 tty_ldisc_deref(ld); 2802 2803 return retval; 2804 } 2805 #endif 2806 2807 static int this_tty(const void *t, struct file *file, unsigned fd) 2808 { 2809 if (likely(file->f_op->read != tty_read)) 2810 return 0; 2811 return file_tty(file) != t ? 0 : fd + 1; 2812 } 2813 2814 /* 2815 * This implements the "Secure Attention Key" --- the idea is to 2816 * prevent trojan horses by killing all processes associated with this 2817 * tty when the user hits the "Secure Attention Key". Required for 2818 * super-paranoid applications --- see the Orange Book for more details. 2819 * 2820 * This code could be nicer; ideally it should send a HUP, wait a few 2821 * seconds, then send a INT, and then a KILL signal. But you then 2822 * have to coordinate with the init process, since all processes associated 2823 * with the current tty must be dead before the new getty is allowed 2824 * to spawn. 2825 * 2826 * Now, if it would be correct ;-/ The current code has a nasty hole - 2827 * it doesn't catch files in flight. We may send the descriptor to ourselves 2828 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2829 * 2830 * Nasty bug: do_SAK is being called in interrupt context. This can 2831 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2832 */ 2833 void __do_SAK(struct tty_struct *tty) 2834 { 2835 #ifdef TTY_SOFT_SAK 2836 tty_hangup(tty); 2837 #else 2838 struct task_struct *g, *p; 2839 struct pid *session; 2840 int i; 2841 2842 if (!tty) 2843 return; 2844 session = tty->session; 2845 2846 tty_ldisc_flush(tty); 2847 2848 tty_driver_flush_buffer(tty); 2849 2850 read_lock(&tasklist_lock); 2851 /* Kill the entire session */ 2852 do_each_pid_task(session, PIDTYPE_SID, p) { 2853 printk(KERN_NOTICE "SAK: killed process %d" 2854 " (%s): task_session(p)==tty->session\n", 2855 task_pid_nr(p), p->comm); 2856 send_sig(SIGKILL, p, 1); 2857 } while_each_pid_task(session, PIDTYPE_SID, p); 2858 /* Now kill any processes that happen to have the 2859 * tty open. 2860 */ 2861 do_each_thread(g, p) { 2862 if (p->signal->tty == tty) { 2863 printk(KERN_NOTICE "SAK: killed process %d" 2864 " (%s): task_session(p)==tty->session\n", 2865 task_pid_nr(p), p->comm); 2866 send_sig(SIGKILL, p, 1); 2867 continue; 2868 } 2869 task_lock(p); 2870 i = iterate_fd(p->files, 0, this_tty, tty); 2871 if (i != 0) { 2872 printk(KERN_NOTICE "SAK: killed process %d" 2873 " (%s): fd#%d opened to the tty\n", 2874 task_pid_nr(p), p->comm, i - 1); 2875 force_sig(SIGKILL, p); 2876 } 2877 task_unlock(p); 2878 } while_each_thread(g, p); 2879 read_unlock(&tasklist_lock); 2880 #endif 2881 } 2882 2883 static void do_SAK_work(struct work_struct *work) 2884 { 2885 struct tty_struct *tty = 2886 container_of(work, struct tty_struct, SAK_work); 2887 __do_SAK(tty); 2888 } 2889 2890 /* 2891 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2892 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2893 * the values which we write to it will be identical to the values which it 2894 * already has. --akpm 2895 */ 2896 void do_SAK(struct tty_struct *tty) 2897 { 2898 if (!tty) 2899 return; 2900 schedule_work(&tty->SAK_work); 2901 } 2902 2903 EXPORT_SYMBOL(do_SAK); 2904 2905 static int dev_match_devt(struct device *dev, const void *data) 2906 { 2907 const dev_t *devt = data; 2908 return dev->devt == *devt; 2909 } 2910 2911 /* Must put_device() after it's unused! */ 2912 static struct device *tty_get_device(struct tty_struct *tty) 2913 { 2914 dev_t devt = tty_devnum(tty); 2915 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2916 } 2917 2918 2919 /** 2920 * initialize_tty_struct 2921 * @tty: tty to initialize 2922 * 2923 * This subroutine initializes a tty structure that has been newly 2924 * allocated. 2925 * 2926 * Locking: none - tty in question must not be exposed at this point 2927 */ 2928 2929 void initialize_tty_struct(struct tty_struct *tty, 2930 struct tty_driver *driver, int idx) 2931 { 2932 memset(tty, 0, sizeof(struct tty_struct)); 2933 kref_init(&tty->kref); 2934 tty->magic = TTY_MAGIC; 2935 tty_ldisc_init(tty); 2936 tty->session = NULL; 2937 tty->pgrp = NULL; 2938 mutex_init(&tty->legacy_mutex); 2939 mutex_init(&tty->termios_mutex); 2940 mutex_init(&tty->ldisc_mutex); 2941 init_waitqueue_head(&tty->write_wait); 2942 init_waitqueue_head(&tty->read_wait); 2943 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2944 mutex_init(&tty->atomic_write_lock); 2945 spin_lock_init(&tty->ctrl_lock); 2946 INIT_LIST_HEAD(&tty->tty_files); 2947 INIT_WORK(&tty->SAK_work, do_SAK_work); 2948 2949 tty->driver = driver; 2950 tty->ops = driver->ops; 2951 tty->index = idx; 2952 tty_line_name(driver, idx, tty->name); 2953 tty->dev = tty_get_device(tty); 2954 } 2955 2956 /** 2957 * deinitialize_tty_struct 2958 * @tty: tty to deinitialize 2959 * 2960 * This subroutine deinitializes a tty structure that has been newly 2961 * allocated but tty_release cannot be called on that yet. 2962 * 2963 * Locking: none - tty in question must not be exposed at this point 2964 */ 2965 void deinitialize_tty_struct(struct tty_struct *tty) 2966 { 2967 tty_ldisc_deinit(tty); 2968 } 2969 2970 /** 2971 * tty_put_char - write one character to a tty 2972 * @tty: tty 2973 * @ch: character 2974 * 2975 * Write one byte to the tty using the provided put_char method 2976 * if present. Returns the number of characters successfully output. 2977 * 2978 * Note: the specific put_char operation in the driver layer may go 2979 * away soon. Don't call it directly, use this method 2980 */ 2981 2982 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2983 { 2984 if (tty->ops->put_char) 2985 return tty->ops->put_char(tty, ch); 2986 return tty->ops->write(tty, &ch, 1); 2987 } 2988 EXPORT_SYMBOL_GPL(tty_put_char); 2989 2990 struct class *tty_class; 2991 2992 static int tty_cdev_add(struct tty_driver *driver, dev_t dev, 2993 unsigned int index, unsigned int count) 2994 { 2995 /* init here, since reused cdevs cause crashes */ 2996 cdev_init(&driver->cdevs[index], &tty_fops); 2997 driver->cdevs[index].owner = driver->owner; 2998 return cdev_add(&driver->cdevs[index], dev, count); 2999 } 3000 3001 /** 3002 * tty_register_device - register a tty device 3003 * @driver: the tty driver that describes the tty device 3004 * @index: the index in the tty driver for this tty device 3005 * @device: a struct device that is associated with this tty device. 3006 * This field is optional, if there is no known struct device 3007 * for this tty device it can be set to NULL safely. 3008 * 3009 * Returns a pointer to the struct device for this tty device 3010 * (or ERR_PTR(-EFOO) on error). 3011 * 3012 * This call is required to be made to register an individual tty device 3013 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3014 * that bit is not set, this function should not be called by a tty 3015 * driver. 3016 * 3017 * Locking: ?? 3018 */ 3019 3020 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3021 struct device *device) 3022 { 3023 return tty_register_device_attr(driver, index, device, NULL, NULL); 3024 } 3025 EXPORT_SYMBOL(tty_register_device); 3026 3027 static void tty_device_create_release(struct device *dev) 3028 { 3029 pr_debug("device: '%s': %s\n", dev_name(dev), __func__); 3030 kfree(dev); 3031 } 3032 3033 /** 3034 * tty_register_device_attr - register a tty device 3035 * @driver: the tty driver that describes the tty device 3036 * @index: the index in the tty driver for this tty device 3037 * @device: a struct device that is associated with this tty device. 3038 * This field is optional, if there is no known struct device 3039 * for this tty device it can be set to NULL safely. 3040 * @drvdata: Driver data to be set to device. 3041 * @attr_grp: Attribute group to be set on device. 3042 * 3043 * Returns a pointer to the struct device for this tty device 3044 * (or ERR_PTR(-EFOO) on error). 3045 * 3046 * This call is required to be made to register an individual tty device 3047 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3048 * that bit is not set, this function should not be called by a tty 3049 * driver. 3050 * 3051 * Locking: ?? 3052 */ 3053 struct device *tty_register_device_attr(struct tty_driver *driver, 3054 unsigned index, struct device *device, 3055 void *drvdata, 3056 const struct attribute_group **attr_grp) 3057 { 3058 char name[64]; 3059 dev_t devt = MKDEV(driver->major, driver->minor_start) + index; 3060 struct device *dev = NULL; 3061 int retval = -ENODEV; 3062 bool cdev = false; 3063 3064 if (index >= driver->num) { 3065 printk(KERN_ERR "Attempt to register invalid tty line number " 3066 " (%d).\n", index); 3067 return ERR_PTR(-EINVAL); 3068 } 3069 3070 if (driver->type == TTY_DRIVER_TYPE_PTY) 3071 pty_line_name(driver, index, name); 3072 else 3073 tty_line_name(driver, index, name); 3074 3075 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3076 retval = tty_cdev_add(driver, devt, index, 1); 3077 if (retval) 3078 goto error; 3079 cdev = true; 3080 } 3081 3082 dev = kzalloc(sizeof(*dev), GFP_KERNEL); 3083 if (!dev) { 3084 retval = -ENOMEM; 3085 goto error; 3086 } 3087 3088 dev->devt = devt; 3089 dev->class = tty_class; 3090 dev->parent = device; 3091 dev->release = tty_device_create_release; 3092 dev_set_name(dev, "%s", name); 3093 dev->groups = attr_grp; 3094 dev_set_drvdata(dev, drvdata); 3095 3096 retval = device_register(dev); 3097 if (retval) 3098 goto error; 3099 3100 return dev; 3101 3102 error: 3103 put_device(dev); 3104 if (cdev) 3105 cdev_del(&driver->cdevs[index]); 3106 return ERR_PTR(retval); 3107 } 3108 EXPORT_SYMBOL_GPL(tty_register_device_attr); 3109 3110 /** 3111 * tty_unregister_device - unregister a tty device 3112 * @driver: the tty driver that describes the tty device 3113 * @index: the index in the tty driver for this tty device 3114 * 3115 * If a tty device is registered with a call to tty_register_device() then 3116 * this function must be called when the tty device is gone. 3117 * 3118 * Locking: ?? 3119 */ 3120 3121 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3122 { 3123 device_destroy(tty_class, 3124 MKDEV(driver->major, driver->minor_start) + index); 3125 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) 3126 cdev_del(&driver->cdevs[index]); 3127 } 3128 EXPORT_SYMBOL(tty_unregister_device); 3129 3130 /** 3131 * __tty_alloc_driver -- allocate tty driver 3132 * @lines: count of lines this driver can handle at most 3133 * @owner: module which is repsonsible for this driver 3134 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags 3135 * 3136 * This should not be called directly, some of the provided macros should be 3137 * used instead. Use IS_ERR and friends on @retval. 3138 */ 3139 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner, 3140 unsigned long flags) 3141 { 3142 struct tty_driver *driver; 3143 unsigned int cdevs = 1; 3144 int err; 3145 3146 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1)) 3147 return ERR_PTR(-EINVAL); 3148 3149 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3150 if (!driver) 3151 return ERR_PTR(-ENOMEM); 3152 3153 kref_init(&driver->kref); 3154 driver->magic = TTY_DRIVER_MAGIC; 3155 driver->num = lines; 3156 driver->owner = owner; 3157 driver->flags = flags; 3158 3159 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) { 3160 driver->ttys = kcalloc(lines, sizeof(*driver->ttys), 3161 GFP_KERNEL); 3162 driver->termios = kcalloc(lines, sizeof(*driver->termios), 3163 GFP_KERNEL); 3164 if (!driver->ttys || !driver->termios) { 3165 err = -ENOMEM; 3166 goto err_free_all; 3167 } 3168 } 3169 3170 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3171 driver->ports = kcalloc(lines, sizeof(*driver->ports), 3172 GFP_KERNEL); 3173 if (!driver->ports) { 3174 err = -ENOMEM; 3175 goto err_free_all; 3176 } 3177 cdevs = lines; 3178 } 3179 3180 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL); 3181 if (!driver->cdevs) { 3182 err = -ENOMEM; 3183 goto err_free_all; 3184 } 3185 3186 return driver; 3187 err_free_all: 3188 kfree(driver->ports); 3189 kfree(driver->ttys); 3190 kfree(driver->termios); 3191 kfree(driver); 3192 return ERR_PTR(err); 3193 } 3194 EXPORT_SYMBOL(__tty_alloc_driver); 3195 3196 static void destruct_tty_driver(struct kref *kref) 3197 { 3198 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3199 int i; 3200 struct ktermios *tp; 3201 3202 if (driver->flags & TTY_DRIVER_INSTALLED) { 3203 /* 3204 * Free the termios and termios_locked structures because 3205 * we don't want to get memory leaks when modular tty 3206 * drivers are removed from the kernel. 3207 */ 3208 for (i = 0; i < driver->num; i++) { 3209 tp = driver->termios[i]; 3210 if (tp) { 3211 driver->termios[i] = NULL; 3212 kfree(tp); 3213 } 3214 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3215 tty_unregister_device(driver, i); 3216 } 3217 proc_tty_unregister_driver(driver); 3218 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) 3219 cdev_del(&driver->cdevs[0]); 3220 } 3221 kfree(driver->cdevs); 3222 kfree(driver->ports); 3223 kfree(driver->termios); 3224 kfree(driver->ttys); 3225 kfree(driver); 3226 } 3227 3228 void tty_driver_kref_put(struct tty_driver *driver) 3229 { 3230 kref_put(&driver->kref, destruct_tty_driver); 3231 } 3232 EXPORT_SYMBOL(tty_driver_kref_put); 3233 3234 void tty_set_operations(struct tty_driver *driver, 3235 const struct tty_operations *op) 3236 { 3237 driver->ops = op; 3238 }; 3239 EXPORT_SYMBOL(tty_set_operations); 3240 3241 void put_tty_driver(struct tty_driver *d) 3242 { 3243 tty_driver_kref_put(d); 3244 } 3245 EXPORT_SYMBOL(put_tty_driver); 3246 3247 /* 3248 * Called by a tty driver to register itself. 3249 */ 3250 int tty_register_driver(struct tty_driver *driver) 3251 { 3252 int error; 3253 int i; 3254 dev_t dev; 3255 struct device *d; 3256 3257 if (!driver->major) { 3258 error = alloc_chrdev_region(&dev, driver->minor_start, 3259 driver->num, driver->name); 3260 if (!error) { 3261 driver->major = MAJOR(dev); 3262 driver->minor_start = MINOR(dev); 3263 } 3264 } else { 3265 dev = MKDEV(driver->major, driver->minor_start); 3266 error = register_chrdev_region(dev, driver->num, driver->name); 3267 } 3268 if (error < 0) 3269 goto err; 3270 3271 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) { 3272 error = tty_cdev_add(driver, dev, 0, driver->num); 3273 if (error) 3274 goto err_unreg_char; 3275 } 3276 3277 mutex_lock(&tty_mutex); 3278 list_add(&driver->tty_drivers, &tty_drivers); 3279 mutex_unlock(&tty_mutex); 3280 3281 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3282 for (i = 0; i < driver->num; i++) { 3283 d = tty_register_device(driver, i, NULL); 3284 if (IS_ERR(d)) { 3285 error = PTR_ERR(d); 3286 goto err_unreg_devs; 3287 } 3288 } 3289 } 3290 proc_tty_register_driver(driver); 3291 driver->flags |= TTY_DRIVER_INSTALLED; 3292 return 0; 3293 3294 err_unreg_devs: 3295 for (i--; i >= 0; i--) 3296 tty_unregister_device(driver, i); 3297 3298 mutex_lock(&tty_mutex); 3299 list_del(&driver->tty_drivers); 3300 mutex_unlock(&tty_mutex); 3301 3302 err_unreg_char: 3303 unregister_chrdev_region(dev, driver->num); 3304 err: 3305 return error; 3306 } 3307 EXPORT_SYMBOL(tty_register_driver); 3308 3309 /* 3310 * Called by a tty driver to unregister itself. 3311 */ 3312 int tty_unregister_driver(struct tty_driver *driver) 3313 { 3314 #if 0 3315 /* FIXME */ 3316 if (driver->refcount) 3317 return -EBUSY; 3318 #endif 3319 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3320 driver->num); 3321 mutex_lock(&tty_mutex); 3322 list_del(&driver->tty_drivers); 3323 mutex_unlock(&tty_mutex); 3324 return 0; 3325 } 3326 3327 EXPORT_SYMBOL(tty_unregister_driver); 3328 3329 dev_t tty_devnum(struct tty_struct *tty) 3330 { 3331 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3332 } 3333 EXPORT_SYMBOL(tty_devnum); 3334 3335 void proc_clear_tty(struct task_struct *p) 3336 { 3337 unsigned long flags; 3338 struct tty_struct *tty; 3339 spin_lock_irqsave(&p->sighand->siglock, flags); 3340 tty = p->signal->tty; 3341 p->signal->tty = NULL; 3342 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3343 tty_kref_put(tty); 3344 } 3345 3346 /* Called under the sighand lock */ 3347 3348 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3349 { 3350 if (tty) { 3351 unsigned long flags; 3352 /* We should not have a session or pgrp to put here but.... */ 3353 spin_lock_irqsave(&tty->ctrl_lock, flags); 3354 put_pid(tty->session); 3355 put_pid(tty->pgrp); 3356 tty->pgrp = get_pid(task_pgrp(tsk)); 3357 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3358 tty->session = get_pid(task_session(tsk)); 3359 if (tsk->signal->tty) { 3360 printk(KERN_DEBUG "tty not NULL!!\n"); 3361 tty_kref_put(tsk->signal->tty); 3362 } 3363 } 3364 put_pid(tsk->signal->tty_old_pgrp); 3365 tsk->signal->tty = tty_kref_get(tty); 3366 tsk->signal->tty_old_pgrp = NULL; 3367 } 3368 3369 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3370 { 3371 spin_lock_irq(&tsk->sighand->siglock); 3372 __proc_set_tty(tsk, tty); 3373 spin_unlock_irq(&tsk->sighand->siglock); 3374 } 3375 3376 struct tty_struct *get_current_tty(void) 3377 { 3378 struct tty_struct *tty; 3379 unsigned long flags; 3380 3381 spin_lock_irqsave(¤t->sighand->siglock, flags); 3382 tty = tty_kref_get(current->signal->tty); 3383 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3384 return tty; 3385 } 3386 EXPORT_SYMBOL_GPL(get_current_tty); 3387 3388 void tty_default_fops(struct file_operations *fops) 3389 { 3390 *fops = tty_fops; 3391 } 3392 3393 /* 3394 * Initialize the console device. This is called *early*, so 3395 * we can't necessarily depend on lots of kernel help here. 3396 * Just do some early initializations, and do the complex setup 3397 * later. 3398 */ 3399 void __init console_init(void) 3400 { 3401 initcall_t *call; 3402 3403 /* Setup the default TTY line discipline. */ 3404 tty_ldisc_begin(); 3405 3406 /* 3407 * set up the console device so that later boot sequences can 3408 * inform about problems etc.. 3409 */ 3410 call = __con_initcall_start; 3411 while (call < __con_initcall_end) { 3412 (*call)(); 3413 call++; 3414 } 3415 } 3416 3417 static char *tty_devnode(struct device *dev, umode_t *mode) 3418 { 3419 if (!mode) 3420 return NULL; 3421 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3422 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3423 *mode = 0666; 3424 return NULL; 3425 } 3426 3427 static int __init tty_class_init(void) 3428 { 3429 tty_class = class_create(THIS_MODULE, "tty"); 3430 if (IS_ERR(tty_class)) 3431 return PTR_ERR(tty_class); 3432 tty_class->devnode = tty_devnode; 3433 return 0; 3434 } 3435 3436 postcore_initcall(tty_class_init); 3437 3438 /* 3/2004 jmc: why do these devices exist? */ 3439 static struct cdev tty_cdev, console_cdev; 3440 3441 static ssize_t show_cons_active(struct device *dev, 3442 struct device_attribute *attr, char *buf) 3443 { 3444 struct console *cs[16]; 3445 int i = 0; 3446 struct console *c; 3447 ssize_t count = 0; 3448 3449 console_lock(); 3450 for_each_console(c) { 3451 if (!c->device) 3452 continue; 3453 if (!c->write) 3454 continue; 3455 if ((c->flags & CON_ENABLED) == 0) 3456 continue; 3457 cs[i++] = c; 3458 if (i >= ARRAY_SIZE(cs)) 3459 break; 3460 } 3461 while (i--) 3462 count += sprintf(buf + count, "%s%d%c", 3463 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3464 console_unlock(); 3465 3466 return count; 3467 } 3468 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3469 3470 static struct device *consdev; 3471 3472 void console_sysfs_notify(void) 3473 { 3474 if (consdev) 3475 sysfs_notify(&consdev->kobj, NULL, "active"); 3476 } 3477 3478 /* 3479 * Ok, now we can initialize the rest of the tty devices and can count 3480 * on memory allocations, interrupts etc.. 3481 */ 3482 int __init tty_init(void) 3483 { 3484 cdev_init(&tty_cdev, &tty_fops); 3485 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3486 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3487 panic("Couldn't register /dev/tty driver\n"); 3488 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3489 3490 cdev_init(&console_cdev, &console_fops); 3491 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3492 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3493 panic("Couldn't register /dev/console driver\n"); 3494 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3495 "console"); 3496 if (IS_ERR(consdev)) 3497 consdev = NULL; 3498 else 3499 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3500 3501 #ifdef CONFIG_VT 3502 vty_init(&console_fops); 3503 #endif 3504 return 0; 3505 } 3506 3507