]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - drivers/tty/tty_io.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
[mirror_ubuntu-artful-kernel.git] / drivers / tty / tty_io.c
1 /*
2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5 /*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
20 * makes for cleaner and more compact code. -TYT, 9/17/92
21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
42 *
43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
65 */
66
67 #include <linux/types.h>
68 #include <linux/major.h>
69 #include <linux/errno.h>
70 #include <linux/signal.h>
71 #include <linux/fcntl.h>
72 #include <linux/sched.h>
73 #include <linux/interrupt.h>
74 #include <linux/tty.h>
75 #include <linux/tty_driver.h>
76 #include <linux/tty_flip.h>
77 #include <linux/devpts_fs.h>
78 #include <linux/file.h>
79 #include <linux/fdtable.h>
80 #include <linux/console.h>
81 #include <linux/timer.h>
82 #include <linux/ctype.h>
83 #include <linux/kd.h>
84 #include <linux/mm.h>
85 #include <linux/string.h>
86 #include <linux/slab.h>
87 #include <linux/poll.h>
88 #include <linux/proc_fs.h>
89 #include <linux/init.h>
90 #include <linux/module.h>
91 #include <linux/device.h>
92 #include <linux/wait.h>
93 #include <linux/bitops.h>
94 #include <linux/delay.h>
95 #include <linux/seq_file.h>
96 #include <linux/serial.h>
97 #include <linux/ratelimit.h>
98
99 #include <linux/uaccess.h>
100
101 #include <linux/kbd_kern.h>
102 #include <linux/vt_kern.h>
103 #include <linux/selection.h>
104
105 #include <linux/kmod.h>
106 #include <linux/nsproxy.h>
107
108 #undef TTY_DEBUG_HANGUP
109
110 #define TTY_PARANOIA_CHECK 1
111 #define CHECK_TTY_COUNT 1
112
113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
119 .c_cc = INIT_C_CC,
120 .c_ispeed = 38400,
121 .c_ospeed = 38400
122 };
123
124 EXPORT_SYMBOL(tty_std_termios);
125
126 /* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
128 into this file */
129
130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */
131
132 /* Mutex to protect creating and releasing a tty. This is shared with
133 vt.c for deeply disgusting hack reasons */
134 DEFINE_MUTEX(tty_mutex);
135 EXPORT_SYMBOL(tty_mutex);
136
137 /* Spinlock to protect the tty->tty_files list */
138 DEFINE_SPINLOCK(tty_files_lock);
139
140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
142 ssize_t redirected_tty_write(struct file *, const char __user *,
143 size_t, loff_t *);
144 static unsigned int tty_poll(struct file *, poll_table *);
145 static int tty_open(struct inode *, struct file *);
146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
147 #ifdef CONFIG_COMPAT
148 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
149 unsigned long arg);
150 #else
151 #define tty_compat_ioctl NULL
152 #endif
153 static int __tty_fasync(int fd, struct file *filp, int on);
154 static int tty_fasync(int fd, struct file *filp, int on);
155 static void release_tty(struct tty_struct *tty, int idx);
156 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
157 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
158
159 /**
160 * alloc_tty_struct - allocate a tty object
161 *
162 * Return a new empty tty structure. The data fields have not
163 * been initialized in any way but has been zeroed
164 *
165 * Locking: none
166 */
167
168 struct tty_struct *alloc_tty_struct(void)
169 {
170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
171 }
172
173 /**
174 * free_tty_struct - free a disused tty
175 * @tty: tty struct to free
176 *
177 * Free the write buffers, tty queue and tty memory itself.
178 *
179 * Locking: none. Must be called after tty is definitely unused
180 */
181
182 void free_tty_struct(struct tty_struct *tty)
183 {
184 if (!tty)
185 return;
186 if (tty->dev)
187 put_device(tty->dev);
188 kfree(tty->write_buf);
189 tty->magic = 0xDEADDEAD;
190 kfree(tty);
191 }
192
193 static inline struct tty_struct *file_tty(struct file *file)
194 {
195 return ((struct tty_file_private *)file->private_data)->tty;
196 }
197
198 int tty_alloc_file(struct file *file)
199 {
200 struct tty_file_private *priv;
201
202 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
203 if (!priv)
204 return -ENOMEM;
205
206 file->private_data = priv;
207
208 return 0;
209 }
210
211 /* Associate a new file with the tty structure */
212 void tty_add_file(struct tty_struct *tty, struct file *file)
213 {
214 struct tty_file_private *priv = file->private_data;
215
216 priv->tty = tty;
217 priv->file = file;
218
219 spin_lock(&tty_files_lock);
220 list_add(&priv->list, &tty->tty_files);
221 spin_unlock(&tty_files_lock);
222 }
223
224 /**
225 * tty_free_file - free file->private_data
226 *
227 * This shall be used only for fail path handling when tty_add_file was not
228 * called yet.
229 */
230 void tty_free_file(struct file *file)
231 {
232 struct tty_file_private *priv = file->private_data;
233
234 file->private_data = NULL;
235 kfree(priv);
236 }
237
238 /* Delete file from its tty */
239 static void tty_del_file(struct file *file)
240 {
241 struct tty_file_private *priv = file->private_data;
242
243 spin_lock(&tty_files_lock);
244 list_del(&priv->list);
245 spin_unlock(&tty_files_lock);
246 tty_free_file(file);
247 }
248
249
250 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
251
252 /**
253 * tty_name - return tty naming
254 * @tty: tty structure
255 * @buf: buffer for output
256 *
257 * Convert a tty structure into a name. The name reflects the kernel
258 * naming policy and if udev is in use may not reflect user space
259 *
260 * Locking: none
261 */
262
263 char *tty_name(struct tty_struct *tty, char *buf)
264 {
265 if (!tty) /* Hmm. NULL pointer. That's fun. */
266 strcpy(buf, "NULL tty");
267 else
268 strcpy(buf, tty->name);
269 return buf;
270 }
271
272 EXPORT_SYMBOL(tty_name);
273
274 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
275 const char *routine)
276 {
277 #ifdef TTY_PARANOIA_CHECK
278 if (!tty) {
279 printk(KERN_WARNING
280 "null TTY for (%d:%d) in %s\n",
281 imajor(inode), iminor(inode), routine);
282 return 1;
283 }
284 if (tty->magic != TTY_MAGIC) {
285 printk(KERN_WARNING
286 "bad magic number for tty struct (%d:%d) in %s\n",
287 imajor(inode), iminor(inode), routine);
288 return 1;
289 }
290 #endif
291 return 0;
292 }
293
294 static int check_tty_count(struct tty_struct *tty, const char *routine)
295 {
296 #ifdef CHECK_TTY_COUNT
297 struct list_head *p;
298 int count = 0;
299
300 spin_lock(&tty_files_lock);
301 list_for_each(p, &tty->tty_files) {
302 count++;
303 }
304 spin_unlock(&tty_files_lock);
305 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
306 tty->driver->subtype == PTY_TYPE_SLAVE &&
307 tty->link && tty->link->count)
308 count++;
309 if (tty->count != count) {
310 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
311 "!= #fd's(%d) in %s\n",
312 tty->name, tty->count, count, routine);
313 return count;
314 }
315 #endif
316 return 0;
317 }
318
319 /**
320 * get_tty_driver - find device of a tty
321 * @dev_t: device identifier
322 * @index: returns the index of the tty
323 *
324 * This routine returns a tty driver structure, given a device number
325 * and also passes back the index number.
326 *
327 * Locking: caller must hold tty_mutex
328 */
329
330 static struct tty_driver *get_tty_driver(dev_t device, int *index)
331 {
332 struct tty_driver *p;
333
334 list_for_each_entry(p, &tty_drivers, tty_drivers) {
335 dev_t base = MKDEV(p->major, p->minor_start);
336 if (device < base || device >= base + p->num)
337 continue;
338 *index = device - base;
339 return tty_driver_kref_get(p);
340 }
341 return NULL;
342 }
343
344 #ifdef CONFIG_CONSOLE_POLL
345
346 /**
347 * tty_find_polling_driver - find device of a polled tty
348 * @name: name string to match
349 * @line: pointer to resulting tty line nr
350 *
351 * This routine returns a tty driver structure, given a name
352 * and the condition that the tty driver is capable of polled
353 * operation.
354 */
355 struct tty_driver *tty_find_polling_driver(char *name, int *line)
356 {
357 struct tty_driver *p, *res = NULL;
358 int tty_line = 0;
359 int len;
360 char *str, *stp;
361
362 for (str = name; *str; str++)
363 if ((*str >= '0' && *str <= '9') || *str == ',')
364 break;
365 if (!*str)
366 return NULL;
367
368 len = str - name;
369 tty_line = simple_strtoul(str, &str, 10);
370
371 mutex_lock(&tty_mutex);
372 /* Search through the tty devices to look for a match */
373 list_for_each_entry(p, &tty_drivers, tty_drivers) {
374 if (strncmp(name, p->name, len) != 0)
375 continue;
376 stp = str;
377 if (*stp == ',')
378 stp++;
379 if (*stp == '\0')
380 stp = NULL;
381
382 if (tty_line >= 0 && tty_line < p->num && p->ops &&
383 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
384 res = tty_driver_kref_get(p);
385 *line = tty_line;
386 break;
387 }
388 }
389 mutex_unlock(&tty_mutex);
390
391 return res;
392 }
393 EXPORT_SYMBOL_GPL(tty_find_polling_driver);
394 #endif
395
396 /**
397 * tty_check_change - check for POSIX terminal changes
398 * @tty: tty to check
399 *
400 * If we try to write to, or set the state of, a terminal and we're
401 * not in the foreground, send a SIGTTOU. If the signal is blocked or
402 * ignored, go ahead and perform the operation. (POSIX 7.2)
403 *
404 * Locking: ctrl_lock
405 */
406
407 int tty_check_change(struct tty_struct *tty)
408 {
409 unsigned long flags;
410 int ret = 0;
411
412 if (current->signal->tty != tty)
413 return 0;
414
415 spin_lock_irqsave(&tty->ctrl_lock, flags);
416
417 if (!tty->pgrp) {
418 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
419 goto out_unlock;
420 }
421 if (task_pgrp(current) == tty->pgrp)
422 goto out_unlock;
423 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
424 if (is_ignored(SIGTTOU))
425 goto out;
426 if (is_current_pgrp_orphaned()) {
427 ret = -EIO;
428 goto out;
429 }
430 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
431 set_thread_flag(TIF_SIGPENDING);
432 ret = -ERESTARTSYS;
433 out:
434 return ret;
435 out_unlock:
436 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
437 return ret;
438 }
439
440 EXPORT_SYMBOL(tty_check_change);
441
442 static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
443 size_t count, loff_t *ppos)
444 {
445 return 0;
446 }
447
448 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
449 size_t count, loff_t *ppos)
450 {
451 return -EIO;
452 }
453
454 /* No kernel lock held - none needed ;) */
455 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
456 {
457 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
458 }
459
460 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
461 unsigned long arg)
462 {
463 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
464 }
465
466 static long hung_up_tty_compat_ioctl(struct file *file,
467 unsigned int cmd, unsigned long arg)
468 {
469 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
470 }
471
472 static const struct file_operations tty_fops = {
473 .llseek = no_llseek,
474 .read = tty_read,
475 .write = tty_write,
476 .poll = tty_poll,
477 .unlocked_ioctl = tty_ioctl,
478 .compat_ioctl = tty_compat_ioctl,
479 .open = tty_open,
480 .release = tty_release,
481 .fasync = tty_fasync,
482 };
483
484 static const struct file_operations console_fops = {
485 .llseek = no_llseek,
486 .read = tty_read,
487 .write = redirected_tty_write,
488 .poll = tty_poll,
489 .unlocked_ioctl = tty_ioctl,
490 .compat_ioctl = tty_compat_ioctl,
491 .open = tty_open,
492 .release = tty_release,
493 .fasync = tty_fasync,
494 };
495
496 static const struct file_operations hung_up_tty_fops = {
497 .llseek = no_llseek,
498 .read = hung_up_tty_read,
499 .write = hung_up_tty_write,
500 .poll = hung_up_tty_poll,
501 .unlocked_ioctl = hung_up_tty_ioctl,
502 .compat_ioctl = hung_up_tty_compat_ioctl,
503 .release = tty_release,
504 };
505
506 static DEFINE_SPINLOCK(redirect_lock);
507 static struct file *redirect;
508
509 /**
510 * tty_wakeup - request more data
511 * @tty: terminal
512 *
513 * Internal and external helper for wakeups of tty. This function
514 * informs the line discipline if present that the driver is ready
515 * to receive more output data.
516 */
517
518 void tty_wakeup(struct tty_struct *tty)
519 {
520 struct tty_ldisc *ld;
521
522 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
523 ld = tty_ldisc_ref(tty);
524 if (ld) {
525 if (ld->ops->write_wakeup)
526 ld->ops->write_wakeup(tty);
527 tty_ldisc_deref(ld);
528 }
529 }
530 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
531 }
532
533 EXPORT_SYMBOL_GPL(tty_wakeup);
534
535 /**
536 * __tty_hangup - actual handler for hangup events
537 * @work: tty device
538 *
539 * This can be called by a "kworker" kernel thread. That is process
540 * synchronous but doesn't hold any locks, so we need to make sure we
541 * have the appropriate locks for what we're doing.
542 *
543 * The hangup event clears any pending redirections onto the hung up
544 * device. It ensures future writes will error and it does the needed
545 * line discipline hangup and signal delivery. The tty object itself
546 * remains intact.
547 *
548 * Locking:
549 * BTM
550 * redirect lock for undoing redirection
551 * file list lock for manipulating list of ttys
552 * tty_ldisc_lock from called functions
553 * termios_mutex resetting termios data
554 * tasklist_lock to walk task list for hangup event
555 * ->siglock to protect ->signal/->sighand
556 */
557 static void __tty_hangup(struct tty_struct *tty)
558 {
559 struct file *cons_filp = NULL;
560 struct file *filp, *f = NULL;
561 struct task_struct *p;
562 struct tty_file_private *priv;
563 int closecount = 0, n;
564 unsigned long flags;
565 int refs = 0;
566
567 if (!tty)
568 return;
569
570
571 spin_lock(&redirect_lock);
572 if (redirect && file_tty(redirect) == tty) {
573 f = redirect;
574 redirect = NULL;
575 }
576 spin_unlock(&redirect_lock);
577
578 tty_lock(tty);
579
580 /* some functions below drop BTM, so we need this bit */
581 set_bit(TTY_HUPPING, &tty->flags);
582
583 /* inuse_filps is protected by the single tty lock,
584 this really needs to change if we want to flush the
585 workqueue with the lock held */
586 check_tty_count(tty, "tty_hangup");
587
588 spin_lock(&tty_files_lock);
589 /* This breaks for file handles being sent over AF_UNIX sockets ? */
590 list_for_each_entry(priv, &tty->tty_files, list) {
591 filp = priv->file;
592 if (filp->f_op->write == redirected_tty_write)
593 cons_filp = filp;
594 if (filp->f_op->write != tty_write)
595 continue;
596 closecount++;
597 __tty_fasync(-1, filp, 0); /* can't block */
598 filp->f_op = &hung_up_tty_fops;
599 }
600 spin_unlock(&tty_files_lock);
601
602 /*
603 * it drops BTM and thus races with reopen
604 * we protect the race by TTY_HUPPING
605 */
606 tty_ldisc_hangup(tty);
607
608 read_lock(&tasklist_lock);
609 if (tty->session) {
610 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
611 spin_lock_irq(&p->sighand->siglock);
612 if (p->signal->tty == tty) {
613 p->signal->tty = NULL;
614 /* We defer the dereferences outside fo
615 the tasklist lock */
616 refs++;
617 }
618 if (!p->signal->leader) {
619 spin_unlock_irq(&p->sighand->siglock);
620 continue;
621 }
622 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
623 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
624 put_pid(p->signal->tty_old_pgrp); /* A noop */
625 spin_lock_irqsave(&tty->ctrl_lock, flags);
626 if (tty->pgrp)
627 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
628 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
629 spin_unlock_irq(&p->sighand->siglock);
630 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
631 }
632 read_unlock(&tasklist_lock);
633
634 spin_lock_irqsave(&tty->ctrl_lock, flags);
635 clear_bit(TTY_THROTTLED, &tty->flags);
636 clear_bit(TTY_PUSH, &tty->flags);
637 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
638 put_pid(tty->session);
639 put_pid(tty->pgrp);
640 tty->session = NULL;
641 tty->pgrp = NULL;
642 tty->ctrl_status = 0;
643 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
644
645 /* Account for the p->signal references we killed */
646 while (refs--)
647 tty_kref_put(tty);
648
649 /*
650 * If one of the devices matches a console pointer, we
651 * cannot just call hangup() because that will cause
652 * tty->count and state->count to go out of sync.
653 * So we just call close() the right number of times.
654 */
655 if (cons_filp) {
656 if (tty->ops->close)
657 for (n = 0; n < closecount; n++)
658 tty->ops->close(tty, cons_filp);
659 } else if (tty->ops->hangup)
660 (tty->ops->hangup)(tty);
661 /*
662 * We don't want to have driver/ldisc interactions beyond
663 * the ones we did here. The driver layer expects no
664 * calls after ->hangup() from the ldisc side. However we
665 * can't yet guarantee all that.
666 */
667 set_bit(TTY_HUPPED, &tty->flags);
668 clear_bit(TTY_HUPPING, &tty->flags);
669 tty_ldisc_enable(tty);
670
671 tty_unlock(tty);
672
673 if (f)
674 fput(f);
675 }
676
677 static void do_tty_hangup(struct work_struct *work)
678 {
679 struct tty_struct *tty =
680 container_of(work, struct tty_struct, hangup_work);
681
682 __tty_hangup(tty);
683 }
684
685 /**
686 * tty_hangup - trigger a hangup event
687 * @tty: tty to hangup
688 *
689 * A carrier loss (virtual or otherwise) has occurred on this like
690 * schedule a hangup sequence to run after this event.
691 */
692
693 void tty_hangup(struct tty_struct *tty)
694 {
695 #ifdef TTY_DEBUG_HANGUP
696 char buf[64];
697 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
698 #endif
699 schedule_work(&tty->hangup_work);
700 }
701
702 EXPORT_SYMBOL(tty_hangup);
703
704 /**
705 * tty_vhangup - process vhangup
706 * @tty: tty to hangup
707 *
708 * The user has asked via system call for the terminal to be hung up.
709 * We do this synchronously so that when the syscall returns the process
710 * is complete. That guarantee is necessary for security reasons.
711 */
712
713 void tty_vhangup(struct tty_struct *tty)
714 {
715 #ifdef TTY_DEBUG_HANGUP
716 char buf[64];
717
718 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
719 #endif
720 __tty_hangup(tty);
721 }
722
723 EXPORT_SYMBOL(tty_vhangup);
724
725
726 /**
727 * tty_vhangup_self - process vhangup for own ctty
728 *
729 * Perform a vhangup on the current controlling tty
730 */
731
732 void tty_vhangup_self(void)
733 {
734 struct tty_struct *tty;
735
736 tty = get_current_tty();
737 if (tty) {
738 tty_vhangup(tty);
739 tty_kref_put(tty);
740 }
741 }
742
743 /**
744 * tty_hung_up_p - was tty hung up
745 * @filp: file pointer of tty
746 *
747 * Return true if the tty has been subject to a vhangup or a carrier
748 * loss
749 */
750
751 int tty_hung_up_p(struct file *filp)
752 {
753 return (filp->f_op == &hung_up_tty_fops);
754 }
755
756 EXPORT_SYMBOL(tty_hung_up_p);
757
758 static void session_clear_tty(struct pid *session)
759 {
760 struct task_struct *p;
761 do_each_pid_task(session, PIDTYPE_SID, p) {
762 proc_clear_tty(p);
763 } while_each_pid_task(session, PIDTYPE_SID, p);
764 }
765
766 /**
767 * disassociate_ctty - disconnect controlling tty
768 * @on_exit: true if exiting so need to "hang up" the session
769 *
770 * This function is typically called only by the session leader, when
771 * it wants to disassociate itself from its controlling tty.
772 *
773 * It performs the following functions:
774 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
775 * (2) Clears the tty from being controlling the session
776 * (3) Clears the controlling tty for all processes in the
777 * session group.
778 *
779 * The argument on_exit is set to 1 if called when a process is
780 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
781 *
782 * Locking:
783 * BTM is taken for hysterical raisins, and held when
784 * called from no_tty().
785 * tty_mutex is taken to protect tty
786 * ->siglock is taken to protect ->signal/->sighand
787 * tasklist_lock is taken to walk process list for sessions
788 * ->siglock is taken to protect ->signal/->sighand
789 */
790
791 void disassociate_ctty(int on_exit)
792 {
793 struct tty_struct *tty;
794
795 if (!current->signal->leader)
796 return;
797
798 tty = get_current_tty();
799 if (tty) {
800 struct pid *tty_pgrp = get_pid(tty->pgrp);
801 if (on_exit) {
802 if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
803 tty_vhangup(tty);
804 }
805 tty_kref_put(tty);
806 if (tty_pgrp) {
807 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
808 if (!on_exit)
809 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
810 put_pid(tty_pgrp);
811 }
812 } else if (on_exit) {
813 struct pid *old_pgrp;
814 spin_lock_irq(&current->sighand->siglock);
815 old_pgrp = current->signal->tty_old_pgrp;
816 current->signal->tty_old_pgrp = NULL;
817 spin_unlock_irq(&current->sighand->siglock);
818 if (old_pgrp) {
819 kill_pgrp(old_pgrp, SIGHUP, on_exit);
820 kill_pgrp(old_pgrp, SIGCONT, on_exit);
821 put_pid(old_pgrp);
822 }
823 return;
824 }
825
826 spin_lock_irq(&current->sighand->siglock);
827 put_pid(current->signal->tty_old_pgrp);
828 current->signal->tty_old_pgrp = NULL;
829 spin_unlock_irq(&current->sighand->siglock);
830
831 tty = get_current_tty();
832 if (tty) {
833 unsigned long flags;
834 spin_lock_irqsave(&tty->ctrl_lock, flags);
835 put_pid(tty->session);
836 put_pid(tty->pgrp);
837 tty->session = NULL;
838 tty->pgrp = NULL;
839 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
840 tty_kref_put(tty);
841 } else {
842 #ifdef TTY_DEBUG_HANGUP
843 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
844 " = NULL", tty);
845 #endif
846 }
847
848 /* Now clear signal->tty under the lock */
849 read_lock(&tasklist_lock);
850 session_clear_tty(task_session(current));
851 read_unlock(&tasklist_lock);
852 }
853
854 /**
855 *
856 * no_tty - Ensure the current process does not have a controlling tty
857 */
858 void no_tty(void)
859 {
860 /* FIXME: Review locking here. The tty_lock never covered any race
861 between a new association and proc_clear_tty but possible we need
862 to protect against this anyway */
863 struct task_struct *tsk = current;
864 disassociate_ctty(0);
865 proc_clear_tty(tsk);
866 }
867
868
869 /**
870 * stop_tty - propagate flow control
871 * @tty: tty to stop
872 *
873 * Perform flow control to the driver. For PTY/TTY pairs we
874 * must also propagate the TIOCKPKT status. May be called
875 * on an already stopped device and will not re-call the driver
876 * method.
877 *
878 * This functionality is used by both the line disciplines for
879 * halting incoming flow and by the driver. It may therefore be
880 * called from any context, may be under the tty atomic_write_lock
881 * but not always.
882 *
883 * Locking:
884 * Uses the tty control lock internally
885 */
886
887 void stop_tty(struct tty_struct *tty)
888 {
889 unsigned long flags;
890 spin_lock_irqsave(&tty->ctrl_lock, flags);
891 if (tty->stopped) {
892 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
893 return;
894 }
895 tty->stopped = 1;
896 if (tty->link && tty->link->packet) {
897 tty->ctrl_status &= ~TIOCPKT_START;
898 tty->ctrl_status |= TIOCPKT_STOP;
899 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
900 }
901 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
902 if (tty->ops->stop)
903 (tty->ops->stop)(tty);
904 }
905
906 EXPORT_SYMBOL(stop_tty);
907
908 /**
909 * start_tty - propagate flow control
910 * @tty: tty to start
911 *
912 * Start a tty that has been stopped if at all possible. Perform
913 * any necessary wakeups and propagate the TIOCPKT status. If this
914 * is the tty was previous stopped and is being started then the
915 * driver start method is invoked and the line discipline woken.
916 *
917 * Locking:
918 * ctrl_lock
919 */
920
921 void start_tty(struct tty_struct *tty)
922 {
923 unsigned long flags;
924 spin_lock_irqsave(&tty->ctrl_lock, flags);
925 if (!tty->stopped || tty->flow_stopped) {
926 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
927 return;
928 }
929 tty->stopped = 0;
930 if (tty->link && tty->link->packet) {
931 tty->ctrl_status &= ~TIOCPKT_STOP;
932 tty->ctrl_status |= TIOCPKT_START;
933 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
934 }
935 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
936 if (tty->ops->start)
937 (tty->ops->start)(tty);
938 /* If we have a running line discipline it may need kicking */
939 tty_wakeup(tty);
940 }
941
942 EXPORT_SYMBOL(start_tty);
943
944 /**
945 * tty_read - read method for tty device files
946 * @file: pointer to tty file
947 * @buf: user buffer
948 * @count: size of user buffer
949 * @ppos: unused
950 *
951 * Perform the read system call function on this terminal device. Checks
952 * for hung up devices before calling the line discipline method.
953 *
954 * Locking:
955 * Locks the line discipline internally while needed. Multiple
956 * read calls may be outstanding in parallel.
957 */
958
959 static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
960 loff_t *ppos)
961 {
962 int i;
963 struct inode *inode = file->f_path.dentry->d_inode;
964 struct tty_struct *tty = file_tty(file);
965 struct tty_ldisc *ld;
966
967 if (tty_paranoia_check(tty, inode, "tty_read"))
968 return -EIO;
969 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
970 return -EIO;
971
972 /* We want to wait for the line discipline to sort out in this
973 situation */
974 ld = tty_ldisc_ref_wait(tty);
975 if (ld->ops->read)
976 i = (ld->ops->read)(tty, file, buf, count);
977 else
978 i = -EIO;
979 tty_ldisc_deref(ld);
980
981 return i;
982 }
983
984 void tty_write_unlock(struct tty_struct *tty)
985 __releases(&tty->atomic_write_lock)
986 {
987 mutex_unlock(&tty->atomic_write_lock);
988 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
989 }
990
991 int tty_write_lock(struct tty_struct *tty, int ndelay)
992 __acquires(&tty->atomic_write_lock)
993 {
994 if (!mutex_trylock(&tty->atomic_write_lock)) {
995 if (ndelay)
996 return -EAGAIN;
997 if (mutex_lock_interruptible(&tty->atomic_write_lock))
998 return -ERESTARTSYS;
999 }
1000 return 0;
1001 }
1002
1003 /*
1004 * Split writes up in sane blocksizes to avoid
1005 * denial-of-service type attacks
1006 */
1007 static inline ssize_t do_tty_write(
1008 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1009 struct tty_struct *tty,
1010 struct file *file,
1011 const char __user *buf,
1012 size_t count)
1013 {
1014 ssize_t ret, written = 0;
1015 unsigned int chunk;
1016
1017 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1018 if (ret < 0)
1019 return ret;
1020
1021 /*
1022 * We chunk up writes into a temporary buffer. This
1023 * simplifies low-level drivers immensely, since they
1024 * don't have locking issues and user mode accesses.
1025 *
1026 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1027 * big chunk-size..
1028 *
1029 * The default chunk-size is 2kB, because the NTTY
1030 * layer has problems with bigger chunks. It will
1031 * claim to be able to handle more characters than
1032 * it actually does.
1033 *
1034 * FIXME: This can probably go away now except that 64K chunks
1035 * are too likely to fail unless switched to vmalloc...
1036 */
1037 chunk = 2048;
1038 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1039 chunk = 65536;
1040 if (count < chunk)
1041 chunk = count;
1042
1043 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1044 if (tty->write_cnt < chunk) {
1045 unsigned char *buf_chunk;
1046
1047 if (chunk < 1024)
1048 chunk = 1024;
1049
1050 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1051 if (!buf_chunk) {
1052 ret = -ENOMEM;
1053 goto out;
1054 }
1055 kfree(tty->write_buf);
1056 tty->write_cnt = chunk;
1057 tty->write_buf = buf_chunk;
1058 }
1059
1060 /* Do the write .. */
1061 for (;;) {
1062 size_t size = count;
1063 if (size > chunk)
1064 size = chunk;
1065 ret = -EFAULT;
1066 if (copy_from_user(tty->write_buf, buf, size))
1067 break;
1068 ret = write(tty, file, tty->write_buf, size);
1069 if (ret <= 0)
1070 break;
1071 written += ret;
1072 buf += ret;
1073 count -= ret;
1074 if (!count)
1075 break;
1076 ret = -ERESTARTSYS;
1077 if (signal_pending(current))
1078 break;
1079 cond_resched();
1080 }
1081 if (written)
1082 ret = written;
1083 out:
1084 tty_write_unlock(tty);
1085 return ret;
1086 }
1087
1088 /**
1089 * tty_write_message - write a message to a certain tty, not just the console.
1090 * @tty: the destination tty_struct
1091 * @msg: the message to write
1092 *
1093 * This is used for messages that need to be redirected to a specific tty.
1094 * We don't put it into the syslog queue right now maybe in the future if
1095 * really needed.
1096 *
1097 * We must still hold the BTM and test the CLOSING flag for the moment.
1098 */
1099
1100 void tty_write_message(struct tty_struct *tty, char *msg)
1101 {
1102 if (tty) {
1103 mutex_lock(&tty->atomic_write_lock);
1104 tty_lock(tty);
1105 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
1106 tty_unlock(tty);
1107 tty->ops->write(tty, msg, strlen(msg));
1108 } else
1109 tty_unlock(tty);
1110 tty_write_unlock(tty);
1111 }
1112 return;
1113 }
1114
1115
1116 /**
1117 * tty_write - write method for tty device file
1118 * @file: tty file pointer
1119 * @buf: user data to write
1120 * @count: bytes to write
1121 * @ppos: unused
1122 *
1123 * Write data to a tty device via the line discipline.
1124 *
1125 * Locking:
1126 * Locks the line discipline as required
1127 * Writes to the tty driver are serialized by the atomic_write_lock
1128 * and are then processed in chunks to the device. The line discipline
1129 * write method will not be invoked in parallel for each device.
1130 */
1131
1132 static ssize_t tty_write(struct file *file, const char __user *buf,
1133 size_t count, loff_t *ppos)
1134 {
1135 struct inode *inode = file->f_path.dentry->d_inode;
1136 struct tty_struct *tty = file_tty(file);
1137 struct tty_ldisc *ld;
1138 ssize_t ret;
1139
1140 if (tty_paranoia_check(tty, inode, "tty_write"))
1141 return -EIO;
1142 if (!tty || !tty->ops->write ||
1143 (test_bit(TTY_IO_ERROR, &tty->flags)))
1144 return -EIO;
1145 /* Short term debug to catch buggy drivers */
1146 if (tty->ops->write_room == NULL)
1147 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1148 tty->driver->name);
1149 ld = tty_ldisc_ref_wait(tty);
1150 if (!ld->ops->write)
1151 ret = -EIO;
1152 else
1153 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1154 tty_ldisc_deref(ld);
1155 return ret;
1156 }
1157
1158 ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1159 size_t count, loff_t *ppos)
1160 {
1161 struct file *p = NULL;
1162
1163 spin_lock(&redirect_lock);
1164 if (redirect)
1165 p = get_file(redirect);
1166 spin_unlock(&redirect_lock);
1167
1168 if (p) {
1169 ssize_t res;
1170 res = vfs_write(p, buf, count, &p->f_pos);
1171 fput(p);
1172 return res;
1173 }
1174 return tty_write(file, buf, count, ppos);
1175 }
1176
1177 static char ptychar[] = "pqrstuvwxyzabcde";
1178
1179 /**
1180 * pty_line_name - generate name for a pty
1181 * @driver: the tty driver in use
1182 * @index: the minor number
1183 * @p: output buffer of at least 6 bytes
1184 *
1185 * Generate a name from a driver reference and write it to the output
1186 * buffer.
1187 *
1188 * Locking: None
1189 */
1190 static void pty_line_name(struct tty_driver *driver, int index, char *p)
1191 {
1192 int i = index + driver->name_base;
1193 /* ->name is initialized to "ttyp", but "tty" is expected */
1194 sprintf(p, "%s%c%x",
1195 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1196 ptychar[i >> 4 & 0xf], i & 0xf);
1197 }
1198
1199 /**
1200 * tty_line_name - generate name for a tty
1201 * @driver: the tty driver in use
1202 * @index: the minor number
1203 * @p: output buffer of at least 7 bytes
1204 *
1205 * Generate a name from a driver reference and write it to the output
1206 * buffer.
1207 *
1208 * Locking: None
1209 */
1210 static void tty_line_name(struct tty_driver *driver, int index, char *p)
1211 {
1212 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
1213 strcpy(p, driver->name);
1214 else
1215 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1216 }
1217
1218 /**
1219 * tty_driver_lookup_tty() - find an existing tty, if any
1220 * @driver: the driver for the tty
1221 * @idx: the minor number
1222 *
1223 * Return the tty, if found or ERR_PTR() otherwise.
1224 *
1225 * Locking: tty_mutex must be held. If tty is found, the mutex must
1226 * be held until the 'fast-open' is also done. Will change once we
1227 * have refcounting in the driver and per driver locking
1228 */
1229 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1230 struct inode *inode, int idx)
1231 {
1232 if (driver->ops->lookup)
1233 return driver->ops->lookup(driver, inode, idx);
1234
1235 return driver->ttys[idx];
1236 }
1237
1238 /**
1239 * tty_init_termios - helper for termios setup
1240 * @tty: the tty to set up
1241 *
1242 * Initialise the termios structures for this tty. Thus runs under
1243 * the tty_mutex currently so we can be relaxed about ordering.
1244 */
1245
1246 int tty_init_termios(struct tty_struct *tty)
1247 {
1248 struct ktermios *tp;
1249 int idx = tty->index;
1250
1251 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1252 tty->termios = tty->driver->init_termios;
1253 else {
1254 /* Check for lazy saved data */
1255 tp = tty->driver->termios[idx];
1256 if (tp != NULL)
1257 tty->termios = *tp;
1258 else
1259 tty->termios = tty->driver->init_termios;
1260 }
1261 /* Compatibility until drivers always set this */
1262 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1263 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
1264 return 0;
1265 }
1266 EXPORT_SYMBOL_GPL(tty_init_termios);
1267
1268 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1269 {
1270 int ret = tty_init_termios(tty);
1271 if (ret)
1272 return ret;
1273
1274 tty_driver_kref_get(driver);
1275 tty->count++;
1276 driver->ttys[tty->index] = tty;
1277 return 0;
1278 }
1279 EXPORT_SYMBOL_GPL(tty_standard_install);
1280
1281 /**
1282 * tty_driver_install_tty() - install a tty entry in the driver
1283 * @driver: the driver for the tty
1284 * @tty: the tty
1285 *
1286 * Install a tty object into the driver tables. The tty->index field
1287 * will be set by the time this is called. This method is responsible
1288 * for ensuring any need additional structures are allocated and
1289 * configured.
1290 *
1291 * Locking: tty_mutex for now
1292 */
1293 static int tty_driver_install_tty(struct tty_driver *driver,
1294 struct tty_struct *tty)
1295 {
1296 return driver->ops->install ? driver->ops->install(driver, tty) :
1297 tty_standard_install(driver, tty);
1298 }
1299
1300 /**
1301 * tty_driver_remove_tty() - remove a tty from the driver tables
1302 * @driver: the driver for the tty
1303 * @idx: the minor number
1304 *
1305 * Remvoe a tty object from the driver tables. The tty->index field
1306 * will be set by the time this is called.
1307 *
1308 * Locking: tty_mutex for now
1309 */
1310 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
1311 {
1312 if (driver->ops->remove)
1313 driver->ops->remove(driver, tty);
1314 else
1315 driver->ttys[tty->index] = NULL;
1316 }
1317
1318 /*
1319 * tty_reopen() - fast re-open of an open tty
1320 * @tty - the tty to open
1321 *
1322 * Return 0 on success, -errno on error.
1323 *
1324 * Locking: tty_mutex must be held from the time the tty was found
1325 * till this open completes.
1326 */
1327 static int tty_reopen(struct tty_struct *tty)
1328 {
1329 struct tty_driver *driver = tty->driver;
1330
1331 if (test_bit(TTY_CLOSING, &tty->flags) ||
1332 test_bit(TTY_HUPPING, &tty->flags) ||
1333 test_bit(TTY_LDISC_CHANGING, &tty->flags))
1334 return -EIO;
1335
1336 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1337 driver->subtype == PTY_TYPE_MASTER) {
1338 /*
1339 * special case for PTY masters: only one open permitted,
1340 * and the slave side open count is incremented as well.
1341 */
1342 if (tty->count)
1343 return -EIO;
1344
1345 tty->link->count++;
1346 }
1347 tty->count++;
1348
1349 mutex_lock(&tty->ldisc_mutex);
1350 WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
1351 mutex_unlock(&tty->ldisc_mutex);
1352
1353 return 0;
1354 }
1355
1356 /**
1357 * tty_init_dev - initialise a tty device
1358 * @driver: tty driver we are opening a device on
1359 * @idx: device index
1360 * @ret_tty: returned tty structure
1361 *
1362 * Prepare a tty device. This may not be a "new" clean device but
1363 * could also be an active device. The pty drivers require special
1364 * handling because of this.
1365 *
1366 * Locking:
1367 * The function is called under the tty_mutex, which
1368 * protects us from the tty struct or driver itself going away.
1369 *
1370 * On exit the tty device has the line discipline attached and
1371 * a reference count of 1. If a pair was created for pty/tty use
1372 * and the other was a pty master then it too has a reference count of 1.
1373 *
1374 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1375 * failed open. The new code protects the open with a mutex, so it's
1376 * really quite straightforward. The mutex locking can probably be
1377 * relaxed for the (most common) case of reopening a tty.
1378 */
1379
1380 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1381 {
1382 struct tty_struct *tty;
1383 int retval;
1384
1385 /*
1386 * First time open is complex, especially for PTY devices.
1387 * This code guarantees that either everything succeeds and the
1388 * TTY is ready for operation, or else the table slots are vacated
1389 * and the allocated memory released. (Except that the termios
1390 * and locked termios may be retained.)
1391 */
1392
1393 if (!try_module_get(driver->owner))
1394 return ERR_PTR(-ENODEV);
1395
1396 tty = alloc_tty_struct();
1397 if (!tty) {
1398 retval = -ENOMEM;
1399 goto err_module_put;
1400 }
1401 initialize_tty_struct(tty, driver, idx);
1402
1403 tty_lock(tty);
1404 retval = tty_driver_install_tty(driver, tty);
1405 if (retval < 0)
1406 goto err_deinit_tty;
1407
1408 if (!tty->port)
1409 tty->port = driver->ports[idx];
1410
1411 WARN_RATELIMIT(!tty->port,
1412 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1413 __func__, tty->driver->name);
1414
1415 tty->port->itty = tty;
1416
1417 /*
1418 * Structures all installed ... call the ldisc open routines.
1419 * If we fail here just call release_tty to clean up. No need
1420 * to decrement the use counts, as release_tty doesn't care.
1421 */
1422 retval = tty_ldisc_setup(tty, tty->link);
1423 if (retval)
1424 goto err_release_tty;
1425 /* Return the tty locked so that it cannot vanish under the caller */
1426 return tty;
1427
1428 err_deinit_tty:
1429 tty_unlock(tty);
1430 deinitialize_tty_struct(tty);
1431 free_tty_struct(tty);
1432 err_module_put:
1433 module_put(driver->owner);
1434 return ERR_PTR(retval);
1435
1436 /* call the tty release_tty routine to clean out this slot */
1437 err_release_tty:
1438 tty_unlock(tty);
1439 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
1440 "clearing slot %d\n", idx);
1441 release_tty(tty, idx);
1442 return ERR_PTR(retval);
1443 }
1444
1445 void tty_free_termios(struct tty_struct *tty)
1446 {
1447 struct ktermios *tp;
1448 int idx = tty->index;
1449
1450 /* If the port is going to reset then it has no termios to save */
1451 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1452 return;
1453
1454 /* Stash the termios data */
1455 tp = tty->driver->termios[idx];
1456 if (tp == NULL) {
1457 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1458 if (tp == NULL) {
1459 pr_warn("tty: no memory to save termios state.\n");
1460 return;
1461 }
1462 tty->driver->termios[idx] = tp;
1463 }
1464 *tp = tty->termios;
1465 }
1466 EXPORT_SYMBOL(tty_free_termios);
1467
1468
1469 /**
1470 * release_one_tty - release tty structure memory
1471 * @kref: kref of tty we are obliterating
1472 *
1473 * Releases memory associated with a tty structure, and clears out the
1474 * driver table slots. This function is called when a device is no longer
1475 * in use. It also gets called when setup of a device fails.
1476 *
1477 * Locking:
1478 * takes the file list lock internally when working on the list
1479 * of ttys that the driver keeps.
1480 *
1481 * This method gets called from a work queue so that the driver private
1482 * cleanup ops can sleep (needed for USB at least)
1483 */
1484 static void release_one_tty(struct work_struct *work)
1485 {
1486 struct tty_struct *tty =
1487 container_of(work, struct tty_struct, hangup_work);
1488 struct tty_driver *driver = tty->driver;
1489
1490 if (tty->ops->cleanup)
1491 tty->ops->cleanup(tty);
1492
1493 tty->magic = 0;
1494 tty_driver_kref_put(driver);
1495 module_put(driver->owner);
1496
1497 spin_lock(&tty_files_lock);
1498 list_del_init(&tty->tty_files);
1499 spin_unlock(&tty_files_lock);
1500
1501 put_pid(tty->pgrp);
1502 put_pid(tty->session);
1503 free_tty_struct(tty);
1504 }
1505
1506 static void queue_release_one_tty(struct kref *kref)
1507 {
1508 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1509
1510 /* The hangup queue is now free so we can reuse it rather than
1511 waste a chunk of memory for each port */
1512 INIT_WORK(&tty->hangup_work, release_one_tty);
1513 schedule_work(&tty->hangup_work);
1514 }
1515
1516 /**
1517 * tty_kref_put - release a tty kref
1518 * @tty: tty device
1519 *
1520 * Release a reference to a tty device and if need be let the kref
1521 * layer destruct the object for us
1522 */
1523
1524 void tty_kref_put(struct tty_struct *tty)
1525 {
1526 if (tty)
1527 kref_put(&tty->kref, queue_release_one_tty);
1528 }
1529 EXPORT_SYMBOL(tty_kref_put);
1530
1531 /**
1532 * release_tty - release tty structure memory
1533 *
1534 * Release both @tty and a possible linked partner (think pty pair),
1535 * and decrement the refcount of the backing module.
1536 *
1537 * Locking:
1538 * tty_mutex
1539 * takes the file list lock internally when working on the list
1540 * of ttys that the driver keeps.
1541 *
1542 */
1543 static void release_tty(struct tty_struct *tty, int idx)
1544 {
1545 /* This should always be true but check for the moment */
1546 WARN_ON(tty->index != idx);
1547 WARN_ON(!mutex_is_locked(&tty_mutex));
1548 if (tty->ops->shutdown)
1549 tty->ops->shutdown(tty);
1550 tty_free_termios(tty);
1551 tty_driver_remove_tty(tty->driver, tty);
1552 tty->port->itty = NULL;
1553
1554 if (tty->link)
1555 tty_kref_put(tty->link);
1556 tty_kref_put(tty);
1557 }
1558
1559 /**
1560 * tty_release_checks - check a tty before real release
1561 * @tty: tty to check
1562 * @o_tty: link of @tty (if any)
1563 * @idx: index of the tty
1564 *
1565 * Performs some paranoid checking before true release of the @tty.
1566 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1567 */
1568 static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1569 int idx)
1570 {
1571 #ifdef TTY_PARANOIA_CHECK
1572 if (idx < 0 || idx >= tty->driver->num) {
1573 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1574 __func__, tty->name);
1575 return -1;
1576 }
1577
1578 /* not much to check for devpts */
1579 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1580 return 0;
1581
1582 if (tty != tty->driver->ttys[idx]) {
1583 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1584 __func__, idx, tty->name);
1585 return -1;
1586 }
1587 if (tty->driver->other) {
1588 if (o_tty != tty->driver->other->ttys[idx]) {
1589 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1590 __func__, idx, tty->name);
1591 return -1;
1592 }
1593 if (o_tty->link != tty) {
1594 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
1595 return -1;
1596 }
1597 }
1598 #endif
1599 return 0;
1600 }
1601
1602 /**
1603 * tty_release - vfs callback for close
1604 * @inode: inode of tty
1605 * @filp: file pointer for handle to tty
1606 *
1607 * Called the last time each file handle is closed that references
1608 * this tty. There may however be several such references.
1609 *
1610 * Locking:
1611 * Takes bkl. See tty_release_dev
1612 *
1613 * Even releasing the tty structures is a tricky business.. We have
1614 * to be very careful that the structures are all released at the
1615 * same time, as interrupts might otherwise get the wrong pointers.
1616 *
1617 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1618 * lead to double frees or releasing memory still in use.
1619 */
1620
1621 int tty_release(struct inode *inode, struct file *filp)
1622 {
1623 struct tty_struct *tty = file_tty(filp);
1624 struct tty_struct *o_tty;
1625 int pty_master, tty_closing, o_tty_closing, do_sleep;
1626 int idx;
1627 char buf[64];
1628
1629 if (tty_paranoia_check(tty, inode, __func__))
1630 return 0;
1631
1632 tty_lock(tty);
1633 check_tty_count(tty, __func__);
1634
1635 __tty_fasync(-1, filp, 0);
1636
1637 idx = tty->index;
1638 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1639 tty->driver->subtype == PTY_TYPE_MASTER);
1640 /* Review: parallel close */
1641 o_tty = tty->link;
1642
1643 if (tty_release_checks(tty, o_tty, idx)) {
1644 tty_unlock(tty);
1645 return 0;
1646 }
1647
1648 #ifdef TTY_DEBUG_HANGUP
1649 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1650 tty_name(tty, buf), tty->count);
1651 #endif
1652
1653 if (tty->ops->close)
1654 tty->ops->close(tty, filp);
1655
1656 tty_unlock(tty);
1657 /*
1658 * Sanity check: if tty->count is going to zero, there shouldn't be
1659 * any waiters on tty->read_wait or tty->write_wait. We test the
1660 * wait queues and kick everyone out _before_ actually starting to
1661 * close. This ensures that we won't block while releasing the tty
1662 * structure.
1663 *
1664 * The test for the o_tty closing is necessary, since the master and
1665 * slave sides may close in any order. If the slave side closes out
1666 * first, its count will be one, since the master side holds an open.
1667 * Thus this test wouldn't be triggered at the time the slave closes,
1668 * so we do it now.
1669 *
1670 * Note that it's possible for the tty to be opened again while we're
1671 * flushing out waiters. By recalculating the closing flags before
1672 * each iteration we avoid any problems.
1673 */
1674 while (1) {
1675 /* Guard against races with tty->count changes elsewhere and
1676 opens on /dev/tty */
1677
1678 mutex_lock(&tty_mutex);
1679 tty_lock_pair(tty, o_tty);
1680 tty_closing = tty->count <= 1;
1681 o_tty_closing = o_tty &&
1682 (o_tty->count <= (pty_master ? 1 : 0));
1683 do_sleep = 0;
1684
1685 if (tty_closing) {
1686 if (waitqueue_active(&tty->read_wait)) {
1687 wake_up_poll(&tty->read_wait, POLLIN);
1688 do_sleep++;
1689 }
1690 if (waitqueue_active(&tty->write_wait)) {
1691 wake_up_poll(&tty->write_wait, POLLOUT);
1692 do_sleep++;
1693 }
1694 }
1695 if (o_tty_closing) {
1696 if (waitqueue_active(&o_tty->read_wait)) {
1697 wake_up_poll(&o_tty->read_wait, POLLIN);
1698 do_sleep++;
1699 }
1700 if (waitqueue_active(&o_tty->write_wait)) {
1701 wake_up_poll(&o_tty->write_wait, POLLOUT);
1702 do_sleep++;
1703 }
1704 }
1705 if (!do_sleep)
1706 break;
1707
1708 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1709 __func__, tty_name(tty, buf));
1710 tty_unlock_pair(tty, o_tty);
1711 mutex_unlock(&tty_mutex);
1712 schedule();
1713 }
1714
1715 /*
1716 * The closing flags are now consistent with the open counts on
1717 * both sides, and we've completed the last operation that could
1718 * block, so it's safe to proceed with closing.
1719 *
1720 * We must *not* drop the tty_mutex until we ensure that a further
1721 * entry into tty_open can not pick up this tty.
1722 */
1723 if (pty_master) {
1724 if (--o_tty->count < 0) {
1725 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1726 __func__, o_tty->count, tty_name(o_tty, buf));
1727 o_tty->count = 0;
1728 }
1729 }
1730 if (--tty->count < 0) {
1731 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1732 __func__, tty->count, tty_name(tty, buf));
1733 tty->count = 0;
1734 }
1735
1736 /*
1737 * We've decremented tty->count, so we need to remove this file
1738 * descriptor off the tty->tty_files list; this serves two
1739 * purposes:
1740 * - check_tty_count sees the correct number of file descriptors
1741 * associated with this tty.
1742 * - do_tty_hangup no longer sees this file descriptor as
1743 * something that needs to be handled for hangups.
1744 */
1745 tty_del_file(filp);
1746
1747 /*
1748 * Perform some housekeeping before deciding whether to return.
1749 *
1750 * Set the TTY_CLOSING flag if this was the last open. In the
1751 * case of a pty we may have to wait around for the other side
1752 * to close, and TTY_CLOSING makes sure we can't be reopened.
1753 */
1754 if (tty_closing)
1755 set_bit(TTY_CLOSING, &tty->flags);
1756 if (o_tty_closing)
1757 set_bit(TTY_CLOSING, &o_tty->flags);
1758
1759 /*
1760 * If _either_ side is closing, make sure there aren't any
1761 * processes that still think tty or o_tty is their controlling
1762 * tty.
1763 */
1764 if (tty_closing || o_tty_closing) {
1765 read_lock(&tasklist_lock);
1766 session_clear_tty(tty->session);
1767 if (o_tty)
1768 session_clear_tty(o_tty->session);
1769 read_unlock(&tasklist_lock);
1770 }
1771
1772 mutex_unlock(&tty_mutex);
1773 tty_unlock_pair(tty, o_tty);
1774 /* At this point the TTY_CLOSING flag should ensure a dead tty
1775 cannot be re-opened by a racing opener */
1776
1777 /* check whether both sides are closing ... */
1778 if (!tty_closing || (o_tty && !o_tty_closing))
1779 return 0;
1780
1781 #ifdef TTY_DEBUG_HANGUP
1782 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__);
1783 #endif
1784 /*
1785 * Ask the line discipline code to release its structures
1786 */
1787 tty_ldisc_release(tty, o_tty);
1788 /*
1789 * The release_tty function takes care of the details of clearing
1790 * the slots and preserving the termios structure. The tty_unlock_pair
1791 * should be safe as we keep a kref while the tty is locked (so the
1792 * unlock never unlocks a freed tty).
1793 */
1794 mutex_lock(&tty_mutex);
1795 release_tty(tty, idx);
1796 mutex_unlock(&tty_mutex);
1797
1798 return 0;
1799 }
1800
1801 /**
1802 * tty_open_current_tty - get tty of current task for open
1803 * @device: device number
1804 * @filp: file pointer to tty
1805 * @return: tty of the current task iff @device is /dev/tty
1806 *
1807 * We cannot return driver and index like for the other nodes because
1808 * devpts will not work then. It expects inodes to be from devpts FS.
1809 *
1810 * We need to move to returning a refcounted object from all the lookup
1811 * paths including this one.
1812 */
1813 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1814 {
1815 struct tty_struct *tty;
1816
1817 if (device != MKDEV(TTYAUX_MAJOR, 0))
1818 return NULL;
1819
1820 tty = get_current_tty();
1821 if (!tty)
1822 return ERR_PTR(-ENXIO);
1823
1824 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1825 /* noctty = 1; */
1826 tty_kref_put(tty);
1827 /* FIXME: we put a reference and return a TTY! */
1828 /* This is only safe because the caller holds tty_mutex */
1829 return tty;
1830 }
1831
1832 /**
1833 * tty_lookup_driver - lookup a tty driver for a given device file
1834 * @device: device number
1835 * @filp: file pointer to tty
1836 * @noctty: set if the device should not become a controlling tty
1837 * @index: index for the device in the @return driver
1838 * @return: driver for this inode (with increased refcount)
1839 *
1840 * If @return is not erroneous, the caller is responsible to decrement the
1841 * refcount by tty_driver_kref_put.
1842 *
1843 * Locking: tty_mutex protects get_tty_driver
1844 */
1845 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1846 int *noctty, int *index)
1847 {
1848 struct tty_driver *driver;
1849
1850 switch (device) {
1851 #ifdef CONFIG_VT
1852 case MKDEV(TTY_MAJOR, 0): {
1853 extern struct tty_driver *console_driver;
1854 driver = tty_driver_kref_get(console_driver);
1855 *index = fg_console;
1856 *noctty = 1;
1857 break;
1858 }
1859 #endif
1860 case MKDEV(TTYAUX_MAJOR, 1): {
1861 struct tty_driver *console_driver = console_device(index);
1862 if (console_driver) {
1863 driver = tty_driver_kref_get(console_driver);
1864 if (driver) {
1865 /* Don't let /dev/console block */
1866 filp->f_flags |= O_NONBLOCK;
1867 *noctty = 1;
1868 break;
1869 }
1870 }
1871 return ERR_PTR(-ENODEV);
1872 }
1873 default:
1874 driver = get_tty_driver(device, index);
1875 if (!driver)
1876 return ERR_PTR(-ENODEV);
1877 break;
1878 }
1879 return driver;
1880 }
1881
1882 /**
1883 * tty_open - open a tty device
1884 * @inode: inode of device file
1885 * @filp: file pointer to tty
1886 *
1887 * tty_open and tty_release keep up the tty count that contains the
1888 * number of opens done on a tty. We cannot use the inode-count, as
1889 * different inodes might point to the same tty.
1890 *
1891 * Open-counting is needed for pty masters, as well as for keeping
1892 * track of serial lines: DTR is dropped when the last close happens.
1893 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1894 *
1895 * The termios state of a pty is reset on first open so that
1896 * settings don't persist across reuse.
1897 *
1898 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
1899 * tty->count should protect the rest.
1900 * ->siglock protects ->signal/->sighand
1901 *
1902 * Note: the tty_unlock/lock cases without a ref are only safe due to
1903 * tty_mutex
1904 */
1905
1906 static int tty_open(struct inode *inode, struct file *filp)
1907 {
1908 struct tty_struct *tty;
1909 int noctty, retval;
1910 struct tty_driver *driver = NULL;
1911 int index;
1912 dev_t device = inode->i_rdev;
1913 unsigned saved_flags = filp->f_flags;
1914
1915 nonseekable_open(inode, filp);
1916
1917 retry_open:
1918 retval = tty_alloc_file(filp);
1919 if (retval)
1920 return -ENOMEM;
1921
1922 noctty = filp->f_flags & O_NOCTTY;
1923 index = -1;
1924 retval = 0;
1925
1926 mutex_lock(&tty_mutex);
1927 /* This is protected by the tty_mutex */
1928 tty = tty_open_current_tty(device, filp);
1929 if (IS_ERR(tty)) {
1930 retval = PTR_ERR(tty);
1931 goto err_unlock;
1932 } else if (!tty) {
1933 driver = tty_lookup_driver(device, filp, &noctty, &index);
1934 if (IS_ERR(driver)) {
1935 retval = PTR_ERR(driver);
1936 goto err_unlock;
1937 }
1938
1939 /* check whether we're reopening an existing tty */
1940 tty = tty_driver_lookup_tty(driver, inode, index);
1941 if (IS_ERR(tty)) {
1942 retval = PTR_ERR(tty);
1943 goto err_unlock;
1944 }
1945 }
1946
1947 if (tty) {
1948 tty_lock(tty);
1949 retval = tty_reopen(tty);
1950 if (retval < 0) {
1951 tty_unlock(tty);
1952 tty = ERR_PTR(retval);
1953 }
1954 } else /* Returns with the tty_lock held for now */
1955 tty = tty_init_dev(driver, index);
1956
1957 mutex_unlock(&tty_mutex);
1958 if (driver)
1959 tty_driver_kref_put(driver);
1960 if (IS_ERR(tty)) {
1961 retval = PTR_ERR(tty);
1962 goto err_file;
1963 }
1964
1965 tty_add_file(tty, filp);
1966
1967 check_tty_count(tty, __func__);
1968 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1969 tty->driver->subtype == PTY_TYPE_MASTER)
1970 noctty = 1;
1971 #ifdef TTY_DEBUG_HANGUP
1972 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
1973 #endif
1974 if (tty->ops->open)
1975 retval = tty->ops->open(tty, filp);
1976 else
1977 retval = -ENODEV;
1978 filp->f_flags = saved_flags;
1979
1980 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
1981 !capable(CAP_SYS_ADMIN))
1982 retval = -EBUSY;
1983
1984 if (retval) {
1985 #ifdef TTY_DEBUG_HANGUP
1986 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
1987 retval, tty->name);
1988 #endif
1989 tty_unlock(tty); /* need to call tty_release without BTM */
1990 tty_release(inode, filp);
1991 if (retval != -ERESTARTSYS)
1992 return retval;
1993
1994 if (signal_pending(current))
1995 return retval;
1996
1997 schedule();
1998 /*
1999 * Need to reset f_op in case a hangup happened.
2000 */
2001 if (filp->f_op == &hung_up_tty_fops)
2002 filp->f_op = &tty_fops;
2003 goto retry_open;
2004 }
2005 tty_unlock(tty);
2006
2007
2008 mutex_lock(&tty_mutex);
2009 tty_lock(tty);
2010 spin_lock_irq(&current->sighand->siglock);
2011 if (!noctty &&
2012 current->signal->leader &&
2013 !current->signal->tty &&
2014 tty->session == NULL)
2015 __proc_set_tty(current, tty);
2016 spin_unlock_irq(&current->sighand->siglock);
2017 tty_unlock(tty);
2018 mutex_unlock(&tty_mutex);
2019 return 0;
2020 err_unlock:
2021 mutex_unlock(&tty_mutex);
2022 /* after locks to avoid deadlock */
2023 if (!IS_ERR_OR_NULL(driver))
2024 tty_driver_kref_put(driver);
2025 err_file:
2026 tty_free_file(filp);
2027 return retval;
2028 }
2029
2030
2031
2032 /**
2033 * tty_poll - check tty status
2034 * @filp: file being polled
2035 * @wait: poll wait structures to update
2036 *
2037 * Call the line discipline polling method to obtain the poll
2038 * status of the device.
2039 *
2040 * Locking: locks called line discipline but ldisc poll method
2041 * may be re-entered freely by other callers.
2042 */
2043
2044 static unsigned int tty_poll(struct file *filp, poll_table *wait)
2045 {
2046 struct tty_struct *tty = file_tty(filp);
2047 struct tty_ldisc *ld;
2048 int ret = 0;
2049
2050 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
2051 return 0;
2052
2053 ld = tty_ldisc_ref_wait(tty);
2054 if (ld->ops->poll)
2055 ret = (ld->ops->poll)(tty, filp, wait);
2056 tty_ldisc_deref(ld);
2057 return ret;
2058 }
2059
2060 static int __tty_fasync(int fd, struct file *filp, int on)
2061 {
2062 struct tty_struct *tty = file_tty(filp);
2063 unsigned long flags;
2064 int retval = 0;
2065
2066 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
2067 goto out;
2068
2069 retval = fasync_helper(fd, filp, on, &tty->fasync);
2070 if (retval <= 0)
2071 goto out;
2072
2073 if (on) {
2074 enum pid_type type;
2075 struct pid *pid;
2076 if (!waitqueue_active(&tty->read_wait))
2077 tty->minimum_to_wake = 1;
2078 spin_lock_irqsave(&tty->ctrl_lock, flags);
2079 if (tty->pgrp) {
2080 pid = tty->pgrp;
2081 type = PIDTYPE_PGID;
2082 } else {
2083 pid = task_pid(current);
2084 type = PIDTYPE_PID;
2085 }
2086 get_pid(pid);
2087 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2088 retval = __f_setown(filp, pid, type, 0);
2089 put_pid(pid);
2090 if (retval)
2091 goto out;
2092 } else {
2093 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2094 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2095 }
2096 retval = 0;
2097 out:
2098 return retval;
2099 }
2100
2101 static int tty_fasync(int fd, struct file *filp, int on)
2102 {
2103 struct tty_struct *tty = file_tty(filp);
2104 int retval;
2105
2106 tty_lock(tty);
2107 retval = __tty_fasync(fd, filp, on);
2108 tty_unlock(tty);
2109
2110 return retval;
2111 }
2112
2113 /**
2114 * tiocsti - fake input character
2115 * @tty: tty to fake input into
2116 * @p: pointer to character
2117 *
2118 * Fake input to a tty device. Does the necessary locking and
2119 * input management.
2120 *
2121 * FIXME: does not honour flow control ??
2122 *
2123 * Locking:
2124 * Called functions take tty_ldisc_lock
2125 * current->signal->tty check is safe without locks
2126 *
2127 * FIXME: may race normal receive processing
2128 */
2129
2130 static int tiocsti(struct tty_struct *tty, char __user *p)
2131 {
2132 char ch, mbz = 0;
2133 struct tty_ldisc *ld;
2134
2135 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2136 return -EPERM;
2137 if (get_user(ch, p))
2138 return -EFAULT;
2139 tty_audit_tiocsti(tty, ch);
2140 ld = tty_ldisc_ref_wait(tty);
2141 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2142 tty_ldisc_deref(ld);
2143 return 0;
2144 }
2145
2146 /**
2147 * tiocgwinsz - implement window query ioctl
2148 * @tty; tty
2149 * @arg: user buffer for result
2150 *
2151 * Copies the kernel idea of the window size into the user buffer.
2152 *
2153 * Locking: tty->termios_mutex is taken to ensure the winsize data
2154 * is consistent.
2155 */
2156
2157 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2158 {
2159 int err;
2160
2161 mutex_lock(&tty->termios_mutex);
2162 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2163 mutex_unlock(&tty->termios_mutex);
2164
2165 return err ? -EFAULT: 0;
2166 }
2167
2168 /**
2169 * tty_do_resize - resize event
2170 * @tty: tty being resized
2171 * @rows: rows (character)
2172 * @cols: cols (character)
2173 *
2174 * Update the termios variables and send the necessary signals to
2175 * peform a terminal resize correctly
2176 */
2177
2178 int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2179 {
2180 struct pid *pgrp;
2181 unsigned long flags;
2182
2183 /* Lock the tty */
2184 mutex_lock(&tty->termios_mutex);
2185 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2186 goto done;
2187 /* Get the PID values and reference them so we can
2188 avoid holding the tty ctrl lock while sending signals */
2189 spin_lock_irqsave(&tty->ctrl_lock, flags);
2190 pgrp = get_pid(tty->pgrp);
2191 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2192
2193 if (pgrp)
2194 kill_pgrp(pgrp, SIGWINCH, 1);
2195 put_pid(pgrp);
2196
2197 tty->winsize = *ws;
2198 done:
2199 mutex_unlock(&tty->termios_mutex);
2200 return 0;
2201 }
2202 EXPORT_SYMBOL(tty_do_resize);
2203
2204 /**
2205 * tiocswinsz - implement window size set ioctl
2206 * @tty; tty side of tty
2207 * @arg: user buffer for result
2208 *
2209 * Copies the user idea of the window size to the kernel. Traditionally
2210 * this is just advisory information but for the Linux console it
2211 * actually has driver level meaning and triggers a VC resize.
2212 *
2213 * Locking:
2214 * Driver dependent. The default do_resize method takes the
2215 * tty termios mutex and ctrl_lock. The console takes its own lock
2216 * then calls into the default method.
2217 */
2218
2219 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2220 {
2221 struct winsize tmp_ws;
2222 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2223 return -EFAULT;
2224
2225 if (tty->ops->resize)
2226 return tty->ops->resize(tty, &tmp_ws);
2227 else
2228 return tty_do_resize(tty, &tmp_ws);
2229 }
2230
2231 /**
2232 * tioccons - allow admin to move logical console
2233 * @file: the file to become console
2234 *
2235 * Allow the administrator to move the redirected console device
2236 *
2237 * Locking: uses redirect_lock to guard the redirect information
2238 */
2239
2240 static int tioccons(struct file *file)
2241 {
2242 if (!capable(CAP_SYS_ADMIN))
2243 return -EPERM;
2244 if (file->f_op->write == redirected_tty_write) {
2245 struct file *f;
2246 spin_lock(&redirect_lock);
2247 f = redirect;
2248 redirect = NULL;
2249 spin_unlock(&redirect_lock);
2250 if (f)
2251 fput(f);
2252 return 0;
2253 }
2254 spin_lock(&redirect_lock);
2255 if (redirect) {
2256 spin_unlock(&redirect_lock);
2257 return -EBUSY;
2258 }
2259 redirect = get_file(file);
2260 spin_unlock(&redirect_lock);
2261 return 0;
2262 }
2263
2264 /**
2265 * fionbio - non blocking ioctl
2266 * @file: file to set blocking value
2267 * @p: user parameter
2268 *
2269 * Historical tty interfaces had a blocking control ioctl before
2270 * the generic functionality existed. This piece of history is preserved
2271 * in the expected tty API of posix OS's.
2272 *
2273 * Locking: none, the open file handle ensures it won't go away.
2274 */
2275
2276 static int fionbio(struct file *file, int __user *p)
2277 {
2278 int nonblock;
2279
2280 if (get_user(nonblock, p))
2281 return -EFAULT;
2282
2283 spin_lock(&file->f_lock);
2284 if (nonblock)
2285 file->f_flags |= O_NONBLOCK;
2286 else
2287 file->f_flags &= ~O_NONBLOCK;
2288 spin_unlock(&file->f_lock);
2289 return 0;
2290 }
2291
2292 /**
2293 * tiocsctty - set controlling tty
2294 * @tty: tty structure
2295 * @arg: user argument
2296 *
2297 * This ioctl is used to manage job control. It permits a session
2298 * leader to set this tty as the controlling tty for the session.
2299 *
2300 * Locking:
2301 * Takes tty_mutex() to protect tty instance
2302 * Takes tasklist_lock internally to walk sessions
2303 * Takes ->siglock() when updating signal->tty
2304 */
2305
2306 static int tiocsctty(struct tty_struct *tty, int arg)
2307 {
2308 int ret = 0;
2309 if (current->signal->leader && (task_session(current) == tty->session))
2310 return ret;
2311
2312 mutex_lock(&tty_mutex);
2313 /*
2314 * The process must be a session leader and
2315 * not have a controlling tty already.
2316 */
2317 if (!current->signal->leader || current->signal->tty) {
2318 ret = -EPERM;
2319 goto unlock;
2320 }
2321
2322 if (tty->session) {
2323 /*
2324 * This tty is already the controlling
2325 * tty for another session group!
2326 */
2327 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
2328 /*
2329 * Steal it away
2330 */
2331 read_lock(&tasklist_lock);
2332 session_clear_tty(tty->session);
2333 read_unlock(&tasklist_lock);
2334 } else {
2335 ret = -EPERM;
2336 goto unlock;
2337 }
2338 }
2339 proc_set_tty(current, tty);
2340 unlock:
2341 mutex_unlock(&tty_mutex);
2342 return ret;
2343 }
2344
2345 /**
2346 * tty_get_pgrp - return a ref counted pgrp pid
2347 * @tty: tty to read
2348 *
2349 * Returns a refcounted instance of the pid struct for the process
2350 * group controlling the tty.
2351 */
2352
2353 struct pid *tty_get_pgrp(struct tty_struct *tty)
2354 {
2355 unsigned long flags;
2356 struct pid *pgrp;
2357
2358 spin_lock_irqsave(&tty->ctrl_lock, flags);
2359 pgrp = get_pid(tty->pgrp);
2360 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2361
2362 return pgrp;
2363 }
2364 EXPORT_SYMBOL_GPL(tty_get_pgrp);
2365
2366 /**
2367 * tiocgpgrp - get process group
2368 * @tty: tty passed by user
2369 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2370 * @p: returned pid
2371 *
2372 * Obtain the process group of the tty. If there is no process group
2373 * return an error.
2374 *
2375 * Locking: none. Reference to current->signal->tty is safe.
2376 */
2377
2378 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2379 {
2380 struct pid *pid;
2381 int ret;
2382 /*
2383 * (tty == real_tty) is a cheap way of
2384 * testing if the tty is NOT a master pty.
2385 */
2386 if (tty == real_tty && current->signal->tty != real_tty)
2387 return -ENOTTY;
2388 pid = tty_get_pgrp(real_tty);
2389 ret = put_user(pid_vnr(pid), p);
2390 put_pid(pid);
2391 return ret;
2392 }
2393
2394 /**
2395 * tiocspgrp - attempt to set process group
2396 * @tty: tty passed by user
2397 * @real_tty: tty side device matching tty passed by user
2398 * @p: pid pointer
2399 *
2400 * Set the process group of the tty to the session passed. Only
2401 * permitted where the tty session is our session.
2402 *
2403 * Locking: RCU, ctrl lock
2404 */
2405
2406 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2407 {
2408 struct pid *pgrp;
2409 pid_t pgrp_nr;
2410 int retval = tty_check_change(real_tty);
2411 unsigned long flags;
2412
2413 if (retval == -EIO)
2414 return -ENOTTY;
2415 if (retval)
2416 return retval;
2417 if (!current->signal->tty ||
2418 (current->signal->tty != real_tty) ||
2419 (real_tty->session != task_session(current)))
2420 return -ENOTTY;
2421 if (get_user(pgrp_nr, p))
2422 return -EFAULT;
2423 if (pgrp_nr < 0)
2424 return -EINVAL;
2425 rcu_read_lock();
2426 pgrp = find_vpid(pgrp_nr);
2427 retval = -ESRCH;
2428 if (!pgrp)
2429 goto out_unlock;
2430 retval = -EPERM;
2431 if (session_of_pgrp(pgrp) != task_session(current))
2432 goto out_unlock;
2433 retval = 0;
2434 spin_lock_irqsave(&tty->ctrl_lock, flags);
2435 put_pid(real_tty->pgrp);
2436 real_tty->pgrp = get_pid(pgrp);
2437 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2438 out_unlock:
2439 rcu_read_unlock();
2440 return retval;
2441 }
2442
2443 /**
2444 * tiocgsid - get session id
2445 * @tty: tty passed by user
2446 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2447 * @p: pointer to returned session id
2448 *
2449 * Obtain the session id of the tty. If there is no session
2450 * return an error.
2451 *
2452 * Locking: none. Reference to current->signal->tty is safe.
2453 */
2454
2455 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2456 {
2457 /*
2458 * (tty == real_tty) is a cheap way of
2459 * testing if the tty is NOT a master pty.
2460 */
2461 if (tty == real_tty && current->signal->tty != real_tty)
2462 return -ENOTTY;
2463 if (!real_tty->session)
2464 return -ENOTTY;
2465 return put_user(pid_vnr(real_tty->session), p);
2466 }
2467
2468 /**
2469 * tiocsetd - set line discipline
2470 * @tty: tty device
2471 * @p: pointer to user data
2472 *
2473 * Set the line discipline according to user request.
2474 *
2475 * Locking: see tty_set_ldisc, this function is just a helper
2476 */
2477
2478 static int tiocsetd(struct tty_struct *tty, int __user *p)
2479 {
2480 int ldisc;
2481 int ret;
2482
2483 if (get_user(ldisc, p))
2484 return -EFAULT;
2485
2486 ret = tty_set_ldisc(tty, ldisc);
2487
2488 return ret;
2489 }
2490
2491 /**
2492 * send_break - performed time break
2493 * @tty: device to break on
2494 * @duration: timeout in mS
2495 *
2496 * Perform a timed break on hardware that lacks its own driver level
2497 * timed break functionality.
2498 *
2499 * Locking:
2500 * atomic_write_lock serializes
2501 *
2502 */
2503
2504 static int send_break(struct tty_struct *tty, unsigned int duration)
2505 {
2506 int retval;
2507
2508 if (tty->ops->break_ctl == NULL)
2509 return 0;
2510
2511 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2512 retval = tty->ops->break_ctl(tty, duration);
2513 else {
2514 /* Do the work ourselves */
2515 if (tty_write_lock(tty, 0) < 0)
2516 return -EINTR;
2517 retval = tty->ops->break_ctl(tty, -1);
2518 if (retval)
2519 goto out;
2520 if (!signal_pending(current))
2521 msleep_interruptible(duration);
2522 retval = tty->ops->break_ctl(tty, 0);
2523 out:
2524 tty_write_unlock(tty);
2525 if (signal_pending(current))
2526 retval = -EINTR;
2527 }
2528 return retval;
2529 }
2530
2531 /**
2532 * tty_tiocmget - get modem status
2533 * @tty: tty device
2534 * @file: user file pointer
2535 * @p: pointer to result
2536 *
2537 * Obtain the modem status bits from the tty driver if the feature
2538 * is supported. Return -EINVAL if it is not available.
2539 *
2540 * Locking: none (up to the driver)
2541 */
2542
2543 static int tty_tiocmget(struct tty_struct *tty, int __user *p)
2544 {
2545 int retval = -EINVAL;
2546
2547 if (tty->ops->tiocmget) {
2548 retval = tty->ops->tiocmget(tty);
2549
2550 if (retval >= 0)
2551 retval = put_user(retval, p);
2552 }
2553 return retval;
2554 }
2555
2556 /**
2557 * tty_tiocmset - set modem status
2558 * @tty: tty device
2559 * @cmd: command - clear bits, set bits or set all
2560 * @p: pointer to desired bits
2561 *
2562 * Set the modem status bits from the tty driver if the feature
2563 * is supported. Return -EINVAL if it is not available.
2564 *
2565 * Locking: none (up to the driver)
2566 */
2567
2568 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
2569 unsigned __user *p)
2570 {
2571 int retval;
2572 unsigned int set, clear, val;
2573
2574 if (tty->ops->tiocmset == NULL)
2575 return -EINVAL;
2576
2577 retval = get_user(val, p);
2578 if (retval)
2579 return retval;
2580 set = clear = 0;
2581 switch (cmd) {
2582 case TIOCMBIS:
2583 set = val;
2584 break;
2585 case TIOCMBIC:
2586 clear = val;
2587 break;
2588 case TIOCMSET:
2589 set = val;
2590 clear = ~val;
2591 break;
2592 }
2593 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2594 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2595 return tty->ops->tiocmset(tty, set, clear);
2596 }
2597
2598 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2599 {
2600 int retval = -EINVAL;
2601 struct serial_icounter_struct icount;
2602 memset(&icount, 0, sizeof(icount));
2603 if (tty->ops->get_icount)
2604 retval = tty->ops->get_icount(tty, &icount);
2605 if (retval != 0)
2606 return retval;
2607 if (copy_to_user(arg, &icount, sizeof(icount)))
2608 return -EFAULT;
2609 return 0;
2610 }
2611
2612 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2613 {
2614 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2615 tty->driver->subtype == PTY_TYPE_MASTER)
2616 tty = tty->link;
2617 return tty;
2618 }
2619 EXPORT_SYMBOL(tty_pair_get_tty);
2620
2621 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2622 {
2623 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2624 tty->driver->subtype == PTY_TYPE_MASTER)
2625 return tty;
2626 return tty->link;
2627 }
2628 EXPORT_SYMBOL(tty_pair_get_pty);
2629
2630 /*
2631 * Split this up, as gcc can choke on it otherwise..
2632 */
2633 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2634 {
2635 struct tty_struct *tty = file_tty(file);
2636 struct tty_struct *real_tty;
2637 void __user *p = (void __user *)arg;
2638 int retval;
2639 struct tty_ldisc *ld;
2640 struct inode *inode = file->f_dentry->d_inode;
2641
2642 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2643 return -EINVAL;
2644
2645 real_tty = tty_pair_get_tty(tty);
2646
2647 /*
2648 * Factor out some common prep work
2649 */
2650 switch (cmd) {
2651 case TIOCSETD:
2652 case TIOCSBRK:
2653 case TIOCCBRK:
2654 case TCSBRK:
2655 case TCSBRKP:
2656 retval = tty_check_change(tty);
2657 if (retval)
2658 return retval;
2659 if (cmd != TIOCCBRK) {
2660 tty_wait_until_sent(tty, 0);
2661 if (signal_pending(current))
2662 return -EINTR;
2663 }
2664 break;
2665 }
2666
2667 /*
2668 * Now do the stuff.
2669 */
2670 switch (cmd) {
2671 case TIOCSTI:
2672 return tiocsti(tty, p);
2673 case TIOCGWINSZ:
2674 return tiocgwinsz(real_tty, p);
2675 case TIOCSWINSZ:
2676 return tiocswinsz(real_tty, p);
2677 case TIOCCONS:
2678 return real_tty != tty ? -EINVAL : tioccons(file);
2679 case FIONBIO:
2680 return fionbio(file, p);
2681 case TIOCEXCL:
2682 set_bit(TTY_EXCLUSIVE, &tty->flags);
2683 return 0;
2684 case TIOCNXCL:
2685 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2686 return 0;
2687 case TIOCGEXCL:
2688 {
2689 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags);
2690 return put_user(excl, (int __user *)p);
2691 }
2692 case TIOCNOTTY:
2693 if (current->signal->tty != tty)
2694 return -ENOTTY;
2695 no_tty();
2696 return 0;
2697 case TIOCSCTTY:
2698 return tiocsctty(tty, arg);
2699 case TIOCGPGRP:
2700 return tiocgpgrp(tty, real_tty, p);
2701 case TIOCSPGRP:
2702 return tiocspgrp(tty, real_tty, p);
2703 case TIOCGSID:
2704 return tiocgsid(tty, real_tty, p);
2705 case TIOCGETD:
2706 return put_user(tty->ldisc->ops->num, (int __user *)p);
2707 case TIOCSETD:
2708 return tiocsetd(tty, p);
2709 case TIOCVHANGUP:
2710 if (!capable(CAP_SYS_ADMIN))
2711 return -EPERM;
2712 tty_vhangup(tty);
2713 return 0;
2714 case TIOCGDEV:
2715 {
2716 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2717 return put_user(ret, (unsigned int __user *)p);
2718 }
2719 /*
2720 * Break handling
2721 */
2722 case TIOCSBRK: /* Turn break on, unconditionally */
2723 if (tty->ops->break_ctl)
2724 return tty->ops->break_ctl(tty, -1);
2725 return 0;
2726 case TIOCCBRK: /* Turn break off, unconditionally */
2727 if (tty->ops->break_ctl)
2728 return tty->ops->break_ctl(tty, 0);
2729 return 0;
2730 case TCSBRK: /* SVID version: non-zero arg --> no break */
2731 /* non-zero arg means wait for all output data
2732 * to be sent (performed above) but don't send break.
2733 * This is used by the tcdrain() termios function.
2734 */
2735 if (!arg)
2736 return send_break(tty, 250);
2737 return 0;
2738 case TCSBRKP: /* support for POSIX tcsendbreak() */
2739 return send_break(tty, arg ? arg*100 : 250);
2740
2741 case TIOCMGET:
2742 return tty_tiocmget(tty, p);
2743 case TIOCMSET:
2744 case TIOCMBIC:
2745 case TIOCMBIS:
2746 return tty_tiocmset(tty, cmd, p);
2747 case TIOCGICOUNT:
2748 retval = tty_tiocgicount(tty, p);
2749 /* For the moment allow fall through to the old method */
2750 if (retval != -EINVAL)
2751 return retval;
2752 break;
2753 case TCFLSH:
2754 switch (arg) {
2755 case TCIFLUSH:
2756 case TCIOFLUSH:
2757 /* flush tty buffer and allow ldisc to process ioctl */
2758 tty_buffer_flush(tty);
2759 break;
2760 }
2761 break;
2762 }
2763 if (tty->ops->ioctl) {
2764 retval = (tty->ops->ioctl)(tty, cmd, arg);
2765 if (retval != -ENOIOCTLCMD)
2766 return retval;
2767 }
2768 ld = tty_ldisc_ref_wait(tty);
2769 retval = -EINVAL;
2770 if (ld->ops->ioctl) {
2771 retval = ld->ops->ioctl(tty, file, cmd, arg);
2772 if (retval == -ENOIOCTLCMD)
2773 retval = -ENOTTY;
2774 }
2775 tty_ldisc_deref(ld);
2776 return retval;
2777 }
2778
2779 #ifdef CONFIG_COMPAT
2780 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
2781 unsigned long arg)
2782 {
2783 struct inode *inode = file->f_dentry->d_inode;
2784 struct tty_struct *tty = file_tty(file);
2785 struct tty_ldisc *ld;
2786 int retval = -ENOIOCTLCMD;
2787
2788 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2789 return -EINVAL;
2790
2791 if (tty->ops->compat_ioctl) {
2792 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
2793 if (retval != -ENOIOCTLCMD)
2794 return retval;
2795 }
2796
2797 ld = tty_ldisc_ref_wait(tty);
2798 if (ld->ops->compat_ioctl)
2799 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
2800 else
2801 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
2802 tty_ldisc_deref(ld);
2803
2804 return retval;
2805 }
2806 #endif
2807
2808 static int this_tty(const void *t, struct file *file, unsigned fd)
2809 {
2810 if (likely(file->f_op->read != tty_read))
2811 return 0;
2812 return file_tty(file) != t ? 0 : fd + 1;
2813 }
2814
2815 /*
2816 * This implements the "Secure Attention Key" --- the idea is to
2817 * prevent trojan horses by killing all processes associated with this
2818 * tty when the user hits the "Secure Attention Key". Required for
2819 * super-paranoid applications --- see the Orange Book for more details.
2820 *
2821 * This code could be nicer; ideally it should send a HUP, wait a few
2822 * seconds, then send a INT, and then a KILL signal. But you then
2823 * have to coordinate with the init process, since all processes associated
2824 * with the current tty must be dead before the new getty is allowed
2825 * to spawn.
2826 *
2827 * Now, if it would be correct ;-/ The current code has a nasty hole -
2828 * it doesn't catch files in flight. We may send the descriptor to ourselves
2829 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2830 *
2831 * Nasty bug: do_SAK is being called in interrupt context. This can
2832 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2833 */
2834 void __do_SAK(struct tty_struct *tty)
2835 {
2836 #ifdef TTY_SOFT_SAK
2837 tty_hangup(tty);
2838 #else
2839 struct task_struct *g, *p;
2840 struct pid *session;
2841 int i;
2842
2843 if (!tty)
2844 return;
2845 session = tty->session;
2846
2847 tty_ldisc_flush(tty);
2848
2849 tty_driver_flush_buffer(tty);
2850
2851 read_lock(&tasklist_lock);
2852 /* Kill the entire session */
2853 do_each_pid_task(session, PIDTYPE_SID, p) {
2854 printk(KERN_NOTICE "SAK: killed process %d"
2855 " (%s): task_session(p)==tty->session\n",
2856 task_pid_nr(p), p->comm);
2857 send_sig(SIGKILL, p, 1);
2858 } while_each_pid_task(session, PIDTYPE_SID, p);
2859 /* Now kill any processes that happen to have the
2860 * tty open.
2861 */
2862 do_each_thread(g, p) {
2863 if (p->signal->tty == tty) {
2864 printk(KERN_NOTICE "SAK: killed process %d"
2865 " (%s): task_session(p)==tty->session\n",
2866 task_pid_nr(p), p->comm);
2867 send_sig(SIGKILL, p, 1);
2868 continue;
2869 }
2870 task_lock(p);
2871 i = iterate_fd(p->files, 0, this_tty, tty);
2872 if (i != 0) {
2873 printk(KERN_NOTICE "SAK: killed process %d"
2874 " (%s): fd#%d opened to the tty\n",
2875 task_pid_nr(p), p->comm, i - 1);
2876 force_sig(SIGKILL, p);
2877 }
2878 task_unlock(p);
2879 } while_each_thread(g, p);
2880 read_unlock(&tasklist_lock);
2881 #endif
2882 }
2883
2884 static void do_SAK_work(struct work_struct *work)
2885 {
2886 struct tty_struct *tty =
2887 container_of(work, struct tty_struct, SAK_work);
2888 __do_SAK(tty);
2889 }
2890
2891 /*
2892 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2893 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2894 * the values which we write to it will be identical to the values which it
2895 * already has. --akpm
2896 */
2897 void do_SAK(struct tty_struct *tty)
2898 {
2899 if (!tty)
2900 return;
2901 schedule_work(&tty->SAK_work);
2902 }
2903
2904 EXPORT_SYMBOL(do_SAK);
2905
2906 static int dev_match_devt(struct device *dev, const void *data)
2907 {
2908 const dev_t *devt = data;
2909 return dev->devt == *devt;
2910 }
2911
2912 /* Must put_device() after it's unused! */
2913 static struct device *tty_get_device(struct tty_struct *tty)
2914 {
2915 dev_t devt = tty_devnum(tty);
2916 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2917 }
2918
2919
2920 /**
2921 * initialize_tty_struct
2922 * @tty: tty to initialize
2923 *
2924 * This subroutine initializes a tty structure that has been newly
2925 * allocated.
2926 *
2927 * Locking: none - tty in question must not be exposed at this point
2928 */
2929
2930 void initialize_tty_struct(struct tty_struct *tty,
2931 struct tty_driver *driver, int idx)
2932 {
2933 memset(tty, 0, sizeof(struct tty_struct));
2934 kref_init(&tty->kref);
2935 tty->magic = TTY_MAGIC;
2936 tty_ldisc_init(tty);
2937 tty->session = NULL;
2938 tty->pgrp = NULL;
2939 mutex_init(&tty->legacy_mutex);
2940 mutex_init(&tty->termios_mutex);
2941 mutex_init(&tty->ldisc_mutex);
2942 init_waitqueue_head(&tty->write_wait);
2943 init_waitqueue_head(&tty->read_wait);
2944 INIT_WORK(&tty->hangup_work, do_tty_hangup);
2945 mutex_init(&tty->atomic_write_lock);
2946 spin_lock_init(&tty->ctrl_lock);
2947 INIT_LIST_HEAD(&tty->tty_files);
2948 INIT_WORK(&tty->SAK_work, do_SAK_work);
2949
2950 tty->driver = driver;
2951 tty->ops = driver->ops;
2952 tty->index = idx;
2953 tty_line_name(driver, idx, tty->name);
2954 tty->dev = tty_get_device(tty);
2955 }
2956
2957 /**
2958 * deinitialize_tty_struct
2959 * @tty: tty to deinitialize
2960 *
2961 * This subroutine deinitializes a tty structure that has been newly
2962 * allocated but tty_release cannot be called on that yet.
2963 *
2964 * Locking: none - tty in question must not be exposed at this point
2965 */
2966 void deinitialize_tty_struct(struct tty_struct *tty)
2967 {
2968 tty_ldisc_deinit(tty);
2969 }
2970
2971 /**
2972 * tty_put_char - write one character to a tty
2973 * @tty: tty
2974 * @ch: character
2975 *
2976 * Write one byte to the tty using the provided put_char method
2977 * if present. Returns the number of characters successfully output.
2978 *
2979 * Note: the specific put_char operation in the driver layer may go
2980 * away soon. Don't call it directly, use this method
2981 */
2982
2983 int tty_put_char(struct tty_struct *tty, unsigned char ch)
2984 {
2985 if (tty->ops->put_char)
2986 return tty->ops->put_char(tty, ch);
2987 return tty->ops->write(tty, &ch, 1);
2988 }
2989 EXPORT_SYMBOL_GPL(tty_put_char);
2990
2991 struct class *tty_class;
2992
2993 static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
2994 unsigned int index, unsigned int count)
2995 {
2996 /* init here, since reused cdevs cause crashes */
2997 cdev_init(&driver->cdevs[index], &tty_fops);
2998 driver->cdevs[index].owner = driver->owner;
2999 return cdev_add(&driver->cdevs[index], dev, count);
3000 }
3001
3002 /**
3003 * tty_register_device - register a tty device
3004 * @driver: the tty driver that describes the tty device
3005 * @index: the index in the tty driver for this tty device
3006 * @device: a struct device that is associated with this tty device.
3007 * This field is optional, if there is no known struct device
3008 * for this tty device it can be set to NULL safely.
3009 *
3010 * Returns a pointer to the struct device for this tty device
3011 * (or ERR_PTR(-EFOO) on error).
3012 *
3013 * This call is required to be made to register an individual tty device
3014 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3015 * that bit is not set, this function should not be called by a tty
3016 * driver.
3017 *
3018 * Locking: ??
3019 */
3020
3021 struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3022 struct device *device)
3023 {
3024 return tty_register_device_attr(driver, index, device, NULL, NULL);
3025 }
3026 EXPORT_SYMBOL(tty_register_device);
3027
3028 static void tty_device_create_release(struct device *dev)
3029 {
3030 pr_debug("device: '%s': %s\n", dev_name(dev), __func__);
3031 kfree(dev);
3032 }
3033
3034 /**
3035 * tty_register_device_attr - register a tty device
3036 * @driver: the tty driver that describes the tty device
3037 * @index: the index in the tty driver for this tty device
3038 * @device: a struct device that is associated with this tty device.
3039 * This field is optional, if there is no known struct device
3040 * for this tty device it can be set to NULL safely.
3041 * @drvdata: Driver data to be set to device.
3042 * @attr_grp: Attribute group to be set on device.
3043 *
3044 * Returns a pointer to the struct device for this tty device
3045 * (or ERR_PTR(-EFOO) on error).
3046 *
3047 * This call is required to be made to register an individual tty device
3048 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3049 * that bit is not set, this function should not be called by a tty
3050 * driver.
3051 *
3052 * Locking: ??
3053 */
3054 struct device *tty_register_device_attr(struct tty_driver *driver,
3055 unsigned index, struct device *device,
3056 void *drvdata,
3057 const struct attribute_group **attr_grp)
3058 {
3059 char name[64];
3060 dev_t devt = MKDEV(driver->major, driver->minor_start) + index;
3061 struct device *dev = NULL;
3062 int retval = -ENODEV;
3063 bool cdev = false;
3064
3065 if (index >= driver->num) {
3066 printk(KERN_ERR "Attempt to register invalid tty line number "
3067 " (%d).\n", index);
3068 return ERR_PTR(-EINVAL);
3069 }
3070
3071 if (driver->type == TTY_DRIVER_TYPE_PTY)
3072 pty_line_name(driver, index, name);
3073 else
3074 tty_line_name(driver, index, name);
3075
3076 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3077 retval = tty_cdev_add(driver, devt, index, 1);
3078 if (retval)
3079 goto error;
3080 cdev = true;
3081 }
3082
3083 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3084 if (!dev) {
3085 retval = -ENOMEM;
3086 goto error;
3087 }
3088
3089 dev->devt = devt;
3090 dev->class = tty_class;
3091 dev->parent = device;
3092 dev->release = tty_device_create_release;
3093 dev_set_name(dev, "%s", name);
3094 dev->groups = attr_grp;
3095 dev_set_drvdata(dev, drvdata);
3096
3097 retval = device_register(dev);
3098 if (retval)
3099 goto error;
3100
3101 return dev;
3102
3103 error:
3104 put_device(dev);
3105 if (cdev)
3106 cdev_del(&driver->cdevs[index]);
3107 return ERR_PTR(retval);
3108 }
3109 EXPORT_SYMBOL_GPL(tty_register_device_attr);
3110
3111 /**
3112 * tty_unregister_device - unregister a tty device
3113 * @driver: the tty driver that describes the tty device
3114 * @index: the index in the tty driver for this tty device
3115 *
3116 * If a tty device is registered with a call to tty_register_device() then
3117 * this function must be called when the tty device is gone.
3118 *
3119 * Locking: ??
3120 */
3121
3122 void tty_unregister_device(struct tty_driver *driver, unsigned index)
3123 {
3124 device_destroy(tty_class,
3125 MKDEV(driver->major, driver->minor_start) + index);
3126 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC))
3127 cdev_del(&driver->cdevs[index]);
3128 }
3129 EXPORT_SYMBOL(tty_unregister_device);
3130
3131 /**
3132 * __tty_alloc_driver -- allocate tty driver
3133 * @lines: count of lines this driver can handle at most
3134 * @owner: module which is repsonsible for this driver
3135 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
3136 *
3137 * This should not be called directly, some of the provided macros should be
3138 * used instead. Use IS_ERR and friends on @retval.
3139 */
3140 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
3141 unsigned long flags)
3142 {
3143 struct tty_driver *driver;
3144 unsigned int cdevs = 1;
3145 int err;
3146
3147 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
3148 return ERR_PTR(-EINVAL);
3149
3150 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
3151 if (!driver)
3152 return ERR_PTR(-ENOMEM);
3153
3154 kref_init(&driver->kref);
3155 driver->magic = TTY_DRIVER_MAGIC;
3156 driver->num = lines;
3157 driver->owner = owner;
3158 driver->flags = flags;
3159
3160 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
3161 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
3162 GFP_KERNEL);
3163 driver->termios = kcalloc(lines, sizeof(*driver->termios),
3164 GFP_KERNEL);
3165 if (!driver->ttys || !driver->termios) {
3166 err = -ENOMEM;
3167 goto err_free_all;
3168 }
3169 }
3170
3171 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3172 driver->ports = kcalloc(lines, sizeof(*driver->ports),
3173 GFP_KERNEL);
3174 if (!driver->ports) {
3175 err = -ENOMEM;
3176 goto err_free_all;
3177 }
3178 cdevs = lines;
3179 }
3180
3181 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
3182 if (!driver->cdevs) {
3183 err = -ENOMEM;
3184 goto err_free_all;
3185 }
3186
3187 return driver;
3188 err_free_all:
3189 kfree(driver->ports);
3190 kfree(driver->ttys);
3191 kfree(driver->termios);
3192 kfree(driver);
3193 return ERR_PTR(err);
3194 }
3195 EXPORT_SYMBOL(__tty_alloc_driver);
3196
3197 static void destruct_tty_driver(struct kref *kref)
3198 {
3199 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3200 int i;
3201 struct ktermios *tp;
3202
3203 if (driver->flags & TTY_DRIVER_INSTALLED) {
3204 /*
3205 * Free the termios and termios_locked structures because
3206 * we don't want to get memory leaks when modular tty
3207 * drivers are removed from the kernel.
3208 */
3209 for (i = 0; i < driver->num; i++) {
3210 tp = driver->termios[i];
3211 if (tp) {
3212 driver->termios[i] = NULL;
3213 kfree(tp);
3214 }
3215 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3216 tty_unregister_device(driver, i);
3217 }
3218 proc_tty_unregister_driver(driver);
3219 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
3220 cdev_del(&driver->cdevs[0]);
3221 }
3222 kfree(driver->cdevs);
3223 kfree(driver->ports);
3224 kfree(driver->termios);
3225 kfree(driver->ttys);
3226 kfree(driver);
3227 }
3228
3229 void tty_driver_kref_put(struct tty_driver *driver)
3230 {
3231 kref_put(&driver->kref, destruct_tty_driver);
3232 }
3233 EXPORT_SYMBOL(tty_driver_kref_put);
3234
3235 void tty_set_operations(struct tty_driver *driver,
3236 const struct tty_operations *op)
3237 {
3238 driver->ops = op;
3239 };
3240 EXPORT_SYMBOL(tty_set_operations);
3241
3242 void put_tty_driver(struct tty_driver *d)
3243 {
3244 tty_driver_kref_put(d);
3245 }
3246 EXPORT_SYMBOL(put_tty_driver);
3247
3248 /*
3249 * Called by a tty driver to register itself.
3250 */
3251 int tty_register_driver(struct tty_driver *driver)
3252 {
3253 int error;
3254 int i;
3255 dev_t dev;
3256 struct device *d;
3257
3258 if (!driver->major) {
3259 error = alloc_chrdev_region(&dev, driver->minor_start,
3260 driver->num, driver->name);
3261 if (!error) {
3262 driver->major = MAJOR(dev);
3263 driver->minor_start = MINOR(dev);
3264 }
3265 } else {
3266 dev = MKDEV(driver->major, driver->minor_start);
3267 error = register_chrdev_region(dev, driver->num, driver->name);
3268 }
3269 if (error < 0)
3270 goto err;
3271
3272 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
3273 error = tty_cdev_add(driver, dev, 0, driver->num);
3274 if (error)
3275 goto err_unreg_char;
3276 }
3277
3278 mutex_lock(&tty_mutex);
3279 list_add(&driver->tty_drivers, &tty_drivers);
3280 mutex_unlock(&tty_mutex);
3281
3282 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3283 for (i = 0; i < driver->num; i++) {
3284 d = tty_register_device(driver, i, NULL);
3285 if (IS_ERR(d)) {
3286 error = PTR_ERR(d);
3287 goto err_unreg_devs;
3288 }
3289 }
3290 }
3291 proc_tty_register_driver(driver);
3292 driver->flags |= TTY_DRIVER_INSTALLED;
3293 return 0;
3294
3295 err_unreg_devs:
3296 for (i--; i >= 0; i--)
3297 tty_unregister_device(driver, i);
3298
3299 mutex_lock(&tty_mutex);
3300 list_del(&driver->tty_drivers);
3301 mutex_unlock(&tty_mutex);
3302
3303 err_unreg_char:
3304 unregister_chrdev_region(dev, driver->num);
3305 err:
3306 return error;
3307 }
3308 EXPORT_SYMBOL(tty_register_driver);
3309
3310 /*
3311 * Called by a tty driver to unregister itself.
3312 */
3313 int tty_unregister_driver(struct tty_driver *driver)
3314 {
3315 #if 0
3316 /* FIXME */
3317 if (driver->refcount)
3318 return -EBUSY;
3319 #endif
3320 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3321 driver->num);
3322 mutex_lock(&tty_mutex);
3323 list_del(&driver->tty_drivers);
3324 mutex_unlock(&tty_mutex);
3325 return 0;
3326 }
3327
3328 EXPORT_SYMBOL(tty_unregister_driver);
3329
3330 dev_t tty_devnum(struct tty_struct *tty)
3331 {
3332 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3333 }
3334 EXPORT_SYMBOL(tty_devnum);
3335
3336 void proc_clear_tty(struct task_struct *p)
3337 {
3338 unsigned long flags;
3339 struct tty_struct *tty;
3340 spin_lock_irqsave(&p->sighand->siglock, flags);
3341 tty = p->signal->tty;
3342 p->signal->tty = NULL;
3343 spin_unlock_irqrestore(&p->sighand->siglock, flags);
3344 tty_kref_put(tty);
3345 }
3346
3347 /* Called under the sighand lock */
3348
3349 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3350 {
3351 if (tty) {
3352 unsigned long flags;
3353 /* We should not have a session or pgrp to put here but.... */
3354 spin_lock_irqsave(&tty->ctrl_lock, flags);
3355 put_pid(tty->session);
3356 put_pid(tty->pgrp);
3357 tty->pgrp = get_pid(task_pgrp(tsk));
3358 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3359 tty->session = get_pid(task_session(tsk));
3360 if (tsk->signal->tty) {
3361 printk(KERN_DEBUG "tty not NULL!!\n");
3362 tty_kref_put(tsk->signal->tty);
3363 }
3364 }
3365 put_pid(tsk->signal->tty_old_pgrp);
3366 tsk->signal->tty = tty_kref_get(tty);
3367 tsk->signal->tty_old_pgrp = NULL;
3368 }
3369
3370 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3371 {
3372 spin_lock_irq(&tsk->sighand->siglock);
3373 __proc_set_tty(tsk, tty);
3374 spin_unlock_irq(&tsk->sighand->siglock);
3375 }
3376
3377 struct tty_struct *get_current_tty(void)
3378 {
3379 struct tty_struct *tty;
3380 unsigned long flags;
3381
3382 spin_lock_irqsave(&current->sighand->siglock, flags);
3383 tty = tty_kref_get(current->signal->tty);
3384 spin_unlock_irqrestore(&current->sighand->siglock, flags);
3385 return tty;
3386 }
3387 EXPORT_SYMBOL_GPL(get_current_tty);
3388
3389 void tty_default_fops(struct file_operations *fops)
3390 {
3391 *fops = tty_fops;
3392 }
3393
3394 /*
3395 * Initialize the console device. This is called *early*, so
3396 * we can't necessarily depend on lots of kernel help here.
3397 * Just do some early initializations, and do the complex setup
3398 * later.
3399 */
3400 void __init console_init(void)
3401 {
3402 initcall_t *call;
3403
3404 /* Setup the default TTY line discipline. */
3405 tty_ldisc_begin();
3406
3407 /*
3408 * set up the console device so that later boot sequences can
3409 * inform about problems etc..
3410 */
3411 call = __con_initcall_start;
3412 while (call < __con_initcall_end) {
3413 (*call)();
3414 call++;
3415 }
3416 }
3417
3418 static char *tty_devnode(struct device *dev, umode_t *mode)
3419 {
3420 if (!mode)
3421 return NULL;
3422 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3423 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3424 *mode = 0666;
3425 return NULL;
3426 }
3427
3428 static int __init tty_class_init(void)
3429 {
3430 tty_class = class_create(THIS_MODULE, "tty");
3431 if (IS_ERR(tty_class))
3432 return PTR_ERR(tty_class);
3433 tty_class->devnode = tty_devnode;
3434 return 0;
3435 }
3436
3437 postcore_initcall(tty_class_init);
3438
3439 /* 3/2004 jmc: why do these devices exist? */
3440 static struct cdev tty_cdev, console_cdev;
3441
3442 static ssize_t show_cons_active(struct device *dev,
3443 struct device_attribute *attr, char *buf)
3444 {
3445 struct console *cs[16];
3446 int i = 0;
3447 struct console *c;
3448 ssize_t count = 0;
3449
3450 console_lock();
3451 for_each_console(c) {
3452 if (!c->device)
3453 continue;
3454 if (!c->write)
3455 continue;
3456 if ((c->flags & CON_ENABLED) == 0)
3457 continue;
3458 cs[i++] = c;
3459 if (i >= ARRAY_SIZE(cs))
3460 break;
3461 }
3462 while (i--)
3463 count += sprintf(buf + count, "%s%d%c",
3464 cs[i]->name, cs[i]->index, i ? ' ':'\n');
3465 console_unlock();
3466
3467 return count;
3468 }
3469 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3470
3471 static struct device *consdev;
3472
3473 void console_sysfs_notify(void)
3474 {
3475 if (consdev)
3476 sysfs_notify(&consdev->kobj, NULL, "active");
3477 }
3478
3479 /*
3480 * Ok, now we can initialize the rest of the tty devices and can count
3481 * on memory allocations, interrupts etc..
3482 */
3483 int __init tty_init(void)
3484 {
3485 cdev_init(&tty_cdev, &tty_fops);
3486 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3487 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3488 panic("Couldn't register /dev/tty driver\n");
3489 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
3490
3491 cdev_init(&console_cdev, &console_fops);
3492 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3493 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3494 panic("Couldn't register /dev/console driver\n");
3495 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
3496 "console");
3497 if (IS_ERR(consdev))
3498 consdev = NULL;
3499 else
3500 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
3501
3502 #ifdef CONFIG_VT
3503 vty_init(&console_fops);
3504 #endif
3505 return 0;
3506 }
3507
Ubuntu Artful kernel mirror