1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 1991, 1992 Linus Torvalds 4 * 5 * Added support for a Unix98-style ptmx device. 6 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 7 * 8 */ 9 10 #include <linux/module.h> 11 #include <linux/errno.h> 12 #include <linux/interrupt.h> 13 #include <linux/tty.h> 14 #include <linux/tty_flip.h> 15 #include <linux/fcntl.h> 16 #include <linux/sched/signal.h> 17 #include <linux/string.h> 18 #include <linux/major.h> 19 #include <linux/mm.h> 20 #include <linux/init.h> 21 #include <linux/device.h> 22 #include <linux/uaccess.h> 23 #include <linux/bitops.h> 24 #include <linux/devpts_fs.h> 25 #include <linux/slab.h> 26 #include <linux/mutex.h> 27 #include <linux/poll.h> 28 #include <linux/mount.h> 29 #include <linux/file.h> 30 #include <linux/ioctl.h> 31 #include <linux/compat.h> 32 33 #undef TTY_DEBUG_HANGUP 34 #ifdef TTY_DEBUG_HANGUP 35 # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) 36 #else 37 # define tty_debug_hangup(tty, f, args...) do {} while (0) 38 #endif 39 40 #ifdef CONFIG_UNIX98_PTYS 41 static struct tty_driver *ptm_driver; 42 static struct tty_driver *pts_driver; 43 static DEFINE_MUTEX(devpts_mutex); 44 #endif 45 46 static void pty_close(struct tty_struct *tty, struct file *filp) 47 { 48 if (tty->driver->subtype == PTY_TYPE_MASTER) 49 WARN_ON(tty->count > 1); 50 else { 51 if (tty_io_error(tty)) 52 return; 53 if (tty->count > 2) 54 return; 55 } 56 set_bit(TTY_IO_ERROR, &tty->flags); 57 wake_up_interruptible(&tty->read_wait); 58 wake_up_interruptible(&tty->write_wait); 59 spin_lock_irq(&tty->ctrl_lock); 60 tty->packet = 0; 61 spin_unlock_irq(&tty->ctrl_lock); 62 /* Review - krefs on tty_link ?? */ 63 if (!tty->link) 64 return; 65 set_bit(TTY_OTHER_CLOSED, &tty->link->flags); 66 wake_up_interruptible(&tty->link->read_wait); 67 wake_up_interruptible(&tty->link->write_wait); 68 if (tty->driver->subtype == PTY_TYPE_MASTER) { 69 struct file *f; 70 71 #ifdef CONFIG_UNIX98_PTYS 72 if (tty->driver == ptm_driver) { 73 mutex_lock(&devpts_mutex); 74 if (tty->link->driver_data) 75 devpts_pty_kill(tty->link->driver_data); 76 mutex_unlock(&devpts_mutex); 77 } 78 #endif 79 80 /* 81 * This hack is required because a program can open a 82 * pty and redirect a console to it, but if the pty is 83 * closed and the console is not released, then the 84 * slave side will never close. So release the 85 * redirect when the master closes. 86 */ 87 f = tty_release_redirect(tty->link); 88 if (f) 89 fput(f); 90 } 91 } 92 93 /* 94 * The unthrottle routine is called by the line discipline to signal 95 * that it can receive more characters. For PTY's, the TTY_THROTTLED 96 * flag is always set, to force the line discipline to always call the 97 * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE 98 * characters in the queue. This is necessary since each time this 99 * happens, we need to wake up any sleeping processes that could be 100 * (1) trying to send data to the pty, or (2) waiting in wait_until_sent() 101 * for the pty buffer to be drained. 102 */ 103 static void pty_unthrottle(struct tty_struct *tty) 104 { 105 tty_wakeup(tty->link); 106 set_bit(TTY_THROTTLED, &tty->flags); 107 } 108 109 /** 110 * pty_write - write to a pty 111 * @tty: the tty we write from 112 * @buf: kernel buffer of data 113 * @c: bytes to write 114 * 115 * Our "hardware" write method. Data is coming from the ldisc which 116 * may be in a non sleeping state. We simply throw this at the other 117 * end of the link as if we were an IRQ handler receiving stuff for 118 * the other side of the pty/tty pair. 119 */ 120 121 static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c) 122 { 123 struct tty_struct *to = tty->link; 124 unsigned long flags; 125 126 if (tty->stopped) 127 return 0; 128 129 if (c > 0) { 130 spin_lock_irqsave(&to->port->lock, flags); 131 /* Stuff the data into the input queue of the other end */ 132 c = tty_insert_flip_string(to->port, buf, c); 133 spin_unlock_irqrestore(&to->port->lock, flags); 134 /* And shovel */ 135 if (c) 136 tty_flip_buffer_push(to->port); 137 } 138 return c; 139 } 140 141 /** 142 * pty_write_room - write space 143 * @tty: tty we are writing from 144 * 145 * Report how many bytes the ldisc can send into the queue for 146 * the other device. 147 */ 148 149 static int pty_write_room(struct tty_struct *tty) 150 { 151 if (tty->stopped) 152 return 0; 153 return tty_buffer_space_avail(tty->link->port); 154 } 155 156 /** 157 * pty_chars_in_buffer - characters currently in our tx queue 158 * @tty: our tty 159 * 160 * Report how much we have in the transmit queue. As everything is 161 * instantly at the other end this is easy to implement. 162 */ 163 164 static int pty_chars_in_buffer(struct tty_struct *tty) 165 { 166 return 0; 167 } 168 169 /* Set the lock flag on a pty */ 170 static int pty_set_lock(struct tty_struct *tty, int __user *arg) 171 { 172 int val; 173 if (get_user(val, arg)) 174 return -EFAULT; 175 if (val) 176 set_bit(TTY_PTY_LOCK, &tty->flags); 177 else 178 clear_bit(TTY_PTY_LOCK, &tty->flags); 179 return 0; 180 } 181 182 static int pty_get_lock(struct tty_struct *tty, int __user *arg) 183 { 184 int locked = test_bit(TTY_PTY_LOCK, &tty->flags); 185 return put_user(locked, arg); 186 } 187 188 /* Set the packet mode on a pty */ 189 static int pty_set_pktmode(struct tty_struct *tty, int __user *arg) 190 { 191 int pktmode; 192 193 if (get_user(pktmode, arg)) 194 return -EFAULT; 195 196 spin_lock_irq(&tty->ctrl_lock); 197 if (pktmode) { 198 if (!tty->packet) { 199 tty->link->ctrl_status = 0; 200 smp_mb(); 201 tty->packet = 1; 202 } 203 } else 204 tty->packet = 0; 205 spin_unlock_irq(&tty->ctrl_lock); 206 207 return 0; 208 } 209 210 /* Get the packet mode of a pty */ 211 static int pty_get_pktmode(struct tty_struct *tty, int __user *arg) 212 { 213 int pktmode = tty->packet; 214 return put_user(pktmode, arg); 215 } 216 217 /* Send a signal to the slave */ 218 static int pty_signal(struct tty_struct *tty, int sig) 219 { 220 struct pid *pgrp; 221 222 if (sig != SIGINT && sig != SIGQUIT && sig != SIGTSTP) 223 return -EINVAL; 224 225 if (tty->link) { 226 pgrp = tty_get_pgrp(tty->link); 227 if (pgrp) 228 kill_pgrp(pgrp, sig, 1); 229 put_pid(pgrp); 230 } 231 return 0; 232 } 233 234 static void pty_flush_buffer(struct tty_struct *tty) 235 { 236 struct tty_struct *to = tty->link; 237 238 if (!to) 239 return; 240 241 tty_buffer_flush(to, NULL); 242 if (to->packet) { 243 spin_lock_irq(&tty->ctrl_lock); 244 tty->ctrl_status |= TIOCPKT_FLUSHWRITE; 245 wake_up_interruptible(&to->read_wait); 246 spin_unlock_irq(&tty->ctrl_lock); 247 } 248 } 249 250 static int pty_open(struct tty_struct *tty, struct file *filp) 251 { 252 if (!tty || !tty->link) 253 return -ENODEV; 254 255 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) 256 goto out; 257 if (test_bit(TTY_PTY_LOCK, &tty->link->flags)) 258 goto out; 259 if (tty->driver->subtype == PTY_TYPE_SLAVE && tty->link->count != 1) 260 goto out; 261 262 clear_bit(TTY_IO_ERROR, &tty->flags); 263 clear_bit(TTY_OTHER_CLOSED, &tty->link->flags); 264 set_bit(TTY_THROTTLED, &tty->flags); 265 return 0; 266 267 out: 268 set_bit(TTY_IO_ERROR, &tty->flags); 269 return -EIO; 270 } 271 272 static void pty_set_termios(struct tty_struct *tty, 273 struct ktermios *old_termios) 274 { 275 /* See if packet mode change of state. */ 276 if (tty->link && tty->link->packet) { 277 int extproc = (old_termios->c_lflag & EXTPROC) | L_EXTPROC(tty); 278 int old_flow = ((old_termios->c_iflag & IXON) && 279 (old_termios->c_cc[VSTOP] == '\023') && 280 (old_termios->c_cc[VSTART] == '\021')); 281 int new_flow = (I_IXON(tty) && 282 STOP_CHAR(tty) == '\023' && 283 START_CHAR(tty) == '\021'); 284 if ((old_flow != new_flow) || extproc) { 285 spin_lock_irq(&tty->ctrl_lock); 286 if (old_flow != new_flow) { 287 tty->ctrl_status &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP); 288 if (new_flow) 289 tty->ctrl_status |= TIOCPKT_DOSTOP; 290 else 291 tty->ctrl_status |= TIOCPKT_NOSTOP; 292 } 293 if (extproc) 294 tty->ctrl_status |= TIOCPKT_IOCTL; 295 spin_unlock_irq(&tty->ctrl_lock); 296 wake_up_interruptible(&tty->link->read_wait); 297 } 298 } 299 300 tty->termios.c_cflag &= ~(CSIZE | PARENB); 301 tty->termios.c_cflag |= (CS8 | CREAD); 302 } 303 304 /** 305 * pty_do_resize - resize event 306 * @tty: tty being resized 307 * @ws: window size being set. 308 * 309 * Update the termios variables and send the necessary signals to 310 * peform a terminal resize correctly 311 */ 312 313 static int pty_resize(struct tty_struct *tty, struct winsize *ws) 314 { 315 struct pid *pgrp, *rpgrp; 316 struct tty_struct *pty = tty->link; 317 318 /* For a PTY we need to lock the tty side */ 319 mutex_lock(&tty->winsize_mutex); 320 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 321 goto done; 322 323 /* Signal the foreground process group of both ptys */ 324 pgrp = tty_get_pgrp(tty); 325 rpgrp = tty_get_pgrp(pty); 326 327 if (pgrp) 328 kill_pgrp(pgrp, SIGWINCH, 1); 329 if (rpgrp != pgrp && rpgrp) 330 kill_pgrp(rpgrp, SIGWINCH, 1); 331 332 put_pid(pgrp); 333 put_pid(rpgrp); 334 335 tty->winsize = *ws; 336 pty->winsize = *ws; /* Never used so will go away soon */ 337 done: 338 mutex_unlock(&tty->winsize_mutex); 339 return 0; 340 } 341 342 /** 343 * pty_start - start() handler 344 * pty_stop - stop() handler 345 * @tty: tty being flow-controlled 346 * 347 * Propagates the TIOCPKT status to the master pty. 348 * 349 * NB: only the master pty can be in packet mode so only the slave 350 * needs start()/stop() handlers 351 */ 352 static void pty_start(struct tty_struct *tty) 353 { 354 unsigned long flags; 355 356 if (tty->link && tty->link->packet) { 357 spin_lock_irqsave(&tty->ctrl_lock, flags); 358 tty->ctrl_status &= ~TIOCPKT_STOP; 359 tty->ctrl_status |= TIOCPKT_START; 360 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 361 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 362 } 363 } 364 365 static void pty_stop(struct tty_struct *tty) 366 { 367 unsigned long flags; 368 369 if (tty->link && tty->link->packet) { 370 spin_lock_irqsave(&tty->ctrl_lock, flags); 371 tty->ctrl_status &= ~TIOCPKT_START; 372 tty->ctrl_status |= TIOCPKT_STOP; 373 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 374 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 375 } 376 } 377 378 /** 379 * pty_common_install - set up the pty pair 380 * @driver: the pty driver 381 * @tty: the tty being instantiated 382 * @legacy: true if this is BSD style 383 * 384 * Perform the initial set up for the tty/pty pair. Called from the 385 * tty layer when the port is first opened. 386 * 387 * Locking: the caller must hold the tty_mutex 388 */ 389 static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty, 390 bool legacy) 391 { 392 struct tty_struct *o_tty; 393 struct tty_port *ports[2]; 394 int idx = tty->index; 395 int retval = -ENOMEM; 396 397 /* Opening the slave first has always returned -EIO */ 398 if (driver->subtype != PTY_TYPE_MASTER) 399 return -EIO; 400 401 ports[0] = kmalloc(sizeof **ports, GFP_KERNEL); 402 ports[1] = kmalloc(sizeof **ports, GFP_KERNEL); 403 if (!ports[0] || !ports[1]) 404 goto err; 405 if (!try_module_get(driver->other->owner)) { 406 /* This cannot in fact currently happen */ 407 goto err; 408 } 409 o_tty = alloc_tty_struct(driver->other, idx); 410 if (!o_tty) 411 goto err_put_module; 412 413 tty_set_lock_subclass(o_tty); 414 lockdep_set_subclass(&o_tty->termios_rwsem, TTY_LOCK_SLAVE); 415 416 if (legacy) { 417 /* We always use new tty termios data so we can do this 418 the easy way .. */ 419 tty_init_termios(tty); 420 tty_init_termios(o_tty); 421 422 driver->other->ttys[idx] = o_tty; 423 driver->ttys[idx] = tty; 424 } else { 425 memset(&tty->termios_locked, 0, sizeof(tty->termios_locked)); 426 tty->termios = driver->init_termios; 427 memset(&o_tty->termios_locked, 0, sizeof(tty->termios_locked)); 428 o_tty->termios = driver->other->init_termios; 429 } 430 431 /* 432 * Everything allocated ... set up the o_tty structure. 433 */ 434 tty_driver_kref_get(driver->other); 435 /* Establish the links in both directions */ 436 tty->link = o_tty; 437 o_tty->link = tty; 438 tty_port_init(ports[0]); 439 tty_port_init(ports[1]); 440 tty_buffer_set_limit(ports[0], 8192); 441 tty_buffer_set_limit(ports[1], 8192); 442 o_tty->port = ports[0]; 443 tty->port = ports[1]; 444 o_tty->port->itty = o_tty; 445 446 tty_buffer_set_lock_subclass(o_tty->port); 447 448 tty_driver_kref_get(driver); 449 tty->count++; 450 o_tty->count++; 451 return 0; 452 453 err_put_module: 454 module_put(driver->other->owner); 455 err: 456 kfree(ports[0]); 457 kfree(ports[1]); 458 return retval; 459 } 460 461 static void pty_cleanup(struct tty_struct *tty) 462 { 463 tty_port_put(tty->port); 464 } 465 466 /* Traditional BSD devices */ 467 #ifdef CONFIG_LEGACY_PTYS 468 469 static int pty_install(struct tty_driver *driver, struct tty_struct *tty) 470 { 471 return pty_common_install(driver, tty, true); 472 } 473 474 static void pty_remove(struct tty_driver *driver, struct tty_struct *tty) 475 { 476 struct tty_struct *pair = tty->link; 477 driver->ttys[tty->index] = NULL; 478 if (pair) 479 pair->driver->ttys[pair->index] = NULL; 480 } 481 482 static int pty_bsd_ioctl(struct tty_struct *tty, 483 unsigned int cmd, unsigned long arg) 484 { 485 switch (cmd) { 486 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 487 return pty_set_lock(tty, (int __user *) arg); 488 case TIOCGPTLCK: /* Get PT Lock status */ 489 return pty_get_lock(tty, (int __user *)arg); 490 case TIOCPKT: /* Set PT packet mode */ 491 return pty_set_pktmode(tty, (int __user *)arg); 492 case TIOCGPKT: /* Get PT packet mode */ 493 return pty_get_pktmode(tty, (int __user *)arg); 494 case TIOCSIG: /* Send signal to other side of pty */ 495 return pty_signal(tty, (int) arg); 496 case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */ 497 return -EINVAL; 498 } 499 return -ENOIOCTLCMD; 500 } 501 502 #ifdef CONFIG_COMPAT 503 static long pty_bsd_compat_ioctl(struct tty_struct *tty, 504 unsigned int cmd, unsigned long arg) 505 { 506 /* 507 * PTY ioctls don't require any special translation between 32-bit and 508 * 64-bit userspace, they are already compatible. 509 */ 510 return pty_bsd_ioctl(tty, cmd, (unsigned long)compat_ptr(arg)); 511 } 512 #else 513 #define pty_bsd_compat_ioctl NULL 514 #endif 515 516 static int legacy_count = CONFIG_LEGACY_PTY_COUNT; 517 /* 518 * not really modular, but the easiest way to keep compat with existing 519 * bootargs behaviour is to continue using module_param here. 520 */ 521 module_param(legacy_count, int, 0); 522 523 /* 524 * The master side of a pty can do TIOCSPTLCK and thus 525 * has pty_bsd_ioctl. 526 */ 527 static const struct tty_operations master_pty_ops_bsd = { 528 .install = pty_install, 529 .open = pty_open, 530 .close = pty_close, 531 .write = pty_write, 532 .write_room = pty_write_room, 533 .flush_buffer = pty_flush_buffer, 534 .chars_in_buffer = pty_chars_in_buffer, 535 .unthrottle = pty_unthrottle, 536 .ioctl = pty_bsd_ioctl, 537 .compat_ioctl = pty_bsd_compat_ioctl, 538 .cleanup = pty_cleanup, 539 .resize = pty_resize, 540 .remove = pty_remove 541 }; 542 543 static const struct tty_operations slave_pty_ops_bsd = { 544 .install = pty_install, 545 .open = pty_open, 546 .close = pty_close, 547 .write = pty_write, 548 .write_room = pty_write_room, 549 .flush_buffer = pty_flush_buffer, 550 .chars_in_buffer = pty_chars_in_buffer, 551 .unthrottle = pty_unthrottle, 552 .set_termios = pty_set_termios, 553 .cleanup = pty_cleanup, 554 .resize = pty_resize, 555 .start = pty_start, 556 .stop = pty_stop, 557 .remove = pty_remove 558 }; 559 560 static void __init legacy_pty_init(void) 561 { 562 struct tty_driver *pty_driver, *pty_slave_driver; 563 564 if (legacy_count <= 0) 565 return; 566 567 pty_driver = tty_alloc_driver(legacy_count, 568 TTY_DRIVER_RESET_TERMIOS | 569 TTY_DRIVER_REAL_RAW | 570 TTY_DRIVER_DYNAMIC_ALLOC); 571 if (IS_ERR(pty_driver)) 572 panic("Couldn't allocate pty driver"); 573 574 pty_slave_driver = tty_alloc_driver(legacy_count, 575 TTY_DRIVER_RESET_TERMIOS | 576 TTY_DRIVER_REAL_RAW | 577 TTY_DRIVER_DYNAMIC_ALLOC); 578 if (IS_ERR(pty_slave_driver)) 579 panic("Couldn't allocate pty slave driver"); 580 581 pty_driver->driver_name = "pty_master"; 582 pty_driver->name = "pty"; 583 pty_driver->major = PTY_MASTER_MAJOR; 584 pty_driver->minor_start = 0; 585 pty_driver->type = TTY_DRIVER_TYPE_PTY; 586 pty_driver->subtype = PTY_TYPE_MASTER; 587 pty_driver->init_termios = tty_std_termios; 588 pty_driver->init_termios.c_iflag = 0; 589 pty_driver->init_termios.c_oflag = 0; 590 pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 591 pty_driver->init_termios.c_lflag = 0; 592 pty_driver->init_termios.c_ispeed = 38400; 593 pty_driver->init_termios.c_ospeed = 38400; 594 pty_driver->other = pty_slave_driver; 595 tty_set_operations(pty_driver, &master_pty_ops_bsd); 596 597 pty_slave_driver->driver_name = "pty_slave"; 598 pty_slave_driver->name = "ttyp"; 599 pty_slave_driver->major = PTY_SLAVE_MAJOR; 600 pty_slave_driver->minor_start = 0; 601 pty_slave_driver->type = TTY_DRIVER_TYPE_PTY; 602 pty_slave_driver->subtype = PTY_TYPE_SLAVE; 603 pty_slave_driver->init_termios = tty_std_termios; 604 pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 605 pty_slave_driver->init_termios.c_ispeed = 38400; 606 pty_slave_driver->init_termios.c_ospeed = 38400; 607 pty_slave_driver->other = pty_driver; 608 tty_set_operations(pty_slave_driver, &slave_pty_ops_bsd); 609 610 if (tty_register_driver(pty_driver)) 611 panic("Couldn't register pty driver"); 612 if (tty_register_driver(pty_slave_driver)) 613 panic("Couldn't register pty slave driver"); 614 } 615 #else 616 static inline void legacy_pty_init(void) { } 617 #endif 618 619 /* Unix98 devices */ 620 #ifdef CONFIG_UNIX98_PTYS 621 static struct cdev ptmx_cdev; 622 623 /** 624 * ptm_open_peer - open the peer of a pty 625 * @master: the open struct file of the ptmx device node 626 * @tty: the master of the pty being opened 627 * @flags: the flags for open 628 * 629 * Provide a race free way for userspace to open the slave end of a pty 630 * (where they have the master fd and cannot access or trust the mount 631 * namespace /dev/pts was mounted inside). 632 */ 633 int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags) 634 { 635 int fd = -1; 636 struct file *filp; 637 int retval = -EINVAL; 638 struct path path; 639 640 if (tty->driver != ptm_driver) 641 return -EIO; 642 643 fd = get_unused_fd_flags(flags); 644 if (fd < 0) { 645 retval = fd; 646 goto err; 647 } 648 649 /* Compute the slave's path */ 650 path.mnt = devpts_mntget(master, tty->driver_data); 651 if (IS_ERR(path.mnt)) { 652 retval = PTR_ERR(path.mnt); 653 goto err_put; 654 } 655 path.dentry = tty->link->driver_data; 656 657 filp = dentry_open(&path, flags, current_cred()); 658 mntput(path.mnt); 659 if (IS_ERR(filp)) { 660 retval = PTR_ERR(filp); 661 goto err_put; 662 } 663 664 fd_install(fd, filp); 665 return fd; 666 667 err_put: 668 put_unused_fd(fd); 669 err: 670 return retval; 671 } 672 673 static int pty_unix98_ioctl(struct tty_struct *tty, 674 unsigned int cmd, unsigned long arg) 675 { 676 switch (cmd) { 677 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 678 return pty_set_lock(tty, (int __user *)arg); 679 case TIOCGPTLCK: /* Get PT Lock status */ 680 return pty_get_lock(tty, (int __user *)arg); 681 case TIOCPKT: /* Set PT packet mode */ 682 return pty_set_pktmode(tty, (int __user *)arg); 683 case TIOCGPKT: /* Get PT packet mode */ 684 return pty_get_pktmode(tty, (int __user *)arg); 685 case TIOCGPTN: /* Get PT Number */ 686 return put_user(tty->index, (unsigned int __user *)arg); 687 case TIOCSIG: /* Send signal to other side of pty */ 688 return pty_signal(tty, (int) arg); 689 } 690 691 return -ENOIOCTLCMD; 692 } 693 694 #ifdef CONFIG_COMPAT 695 static long pty_unix98_compat_ioctl(struct tty_struct *tty, 696 unsigned int cmd, unsigned long arg) 697 { 698 /* 699 * PTY ioctls don't require any special translation between 32-bit and 700 * 64-bit userspace, they are already compatible. 701 */ 702 return pty_unix98_ioctl(tty, cmd, 703 cmd == TIOCSIG ? arg : (unsigned long)compat_ptr(arg)); 704 } 705 #else 706 #define pty_unix98_compat_ioctl NULL 707 #endif 708 709 /** 710 * ptm_unix98_lookup - find a pty master 711 * @driver: ptm driver 712 * @file: unused 713 * @idx: tty index 714 * 715 * Look up a pty master device. Called under the tty_mutex for now. 716 * This provides our locking. 717 */ 718 719 static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver, 720 struct file *file, int idx) 721 { 722 /* Master must be open via /dev/ptmx */ 723 return ERR_PTR(-EIO); 724 } 725 726 /** 727 * pts_unix98_lookup - find a pty slave 728 * @driver: pts driver 729 * @file: file pointer to tty 730 * @idx: tty index 731 * 732 * Look up a pty master device. Called under the tty_mutex for now. 733 * This provides our locking for the tty pointer. 734 */ 735 736 static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver, 737 struct file *file, int idx) 738 { 739 struct tty_struct *tty; 740 741 mutex_lock(&devpts_mutex); 742 tty = devpts_get_priv(file->f_path.dentry); 743 mutex_unlock(&devpts_mutex); 744 /* Master must be open before slave */ 745 if (!tty) 746 return ERR_PTR(-EIO); 747 return tty; 748 } 749 750 static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty) 751 { 752 return pty_common_install(driver, tty, false); 753 } 754 755 /* this is called once with whichever end is closed last */ 756 static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty) 757 { 758 struct pts_fs_info *fsi; 759 760 if (tty->driver->subtype == PTY_TYPE_MASTER) 761 fsi = tty->driver_data; 762 else 763 fsi = tty->link->driver_data; 764 765 if (fsi) { 766 devpts_kill_index(fsi, tty->index); 767 devpts_release(fsi); 768 } 769 } 770 771 static void pty_show_fdinfo(struct tty_struct *tty, struct seq_file *m) 772 { 773 seq_printf(m, "tty-index:\t%d\n", tty->index); 774 } 775 776 static const struct tty_operations ptm_unix98_ops = { 777 .lookup = ptm_unix98_lookup, 778 .install = pty_unix98_install, 779 .remove = pty_unix98_remove, 780 .open = pty_open, 781 .close = pty_close, 782 .write = pty_write, 783 .write_room = pty_write_room, 784 .flush_buffer = pty_flush_buffer, 785 .chars_in_buffer = pty_chars_in_buffer, 786 .unthrottle = pty_unthrottle, 787 .ioctl = pty_unix98_ioctl, 788 .compat_ioctl = pty_unix98_compat_ioctl, 789 .resize = pty_resize, 790 .cleanup = pty_cleanup, 791 .show_fdinfo = pty_show_fdinfo, 792 }; 793 794 static const struct tty_operations pty_unix98_ops = { 795 .lookup = pts_unix98_lookup, 796 .install = pty_unix98_install, 797 .remove = pty_unix98_remove, 798 .open = pty_open, 799 .close = pty_close, 800 .write = pty_write, 801 .write_room = pty_write_room, 802 .flush_buffer = pty_flush_buffer, 803 .chars_in_buffer = pty_chars_in_buffer, 804 .unthrottle = pty_unthrottle, 805 .set_termios = pty_set_termios, 806 .start = pty_start, 807 .stop = pty_stop, 808 .cleanup = pty_cleanup, 809 }; 810 811 /** 812 * ptmx_open - open a unix 98 pty master 813 * @inode: inode of device file 814 * @filp: file pointer to tty 815 * 816 * Allocate a unix98 pty master device from the ptmx driver. 817 * 818 * Locking: tty_mutex protects the init_dev work. tty->count should 819 * protect the rest. 820 * allocated_ptys_lock handles the list of free pty numbers 821 */ 822 823 static int ptmx_open(struct inode *inode, struct file *filp) 824 { 825 struct pts_fs_info *fsi; 826 struct tty_struct *tty; 827 struct dentry *dentry; 828 int retval; 829 int index; 830 831 nonseekable_open(inode, filp); 832 833 /* We refuse fsnotify events on ptmx, since it's a shared resource */ 834 filp->f_mode |= FMODE_NONOTIFY; 835 836 retval = tty_alloc_file(filp); 837 if (retval) 838 return retval; 839 840 fsi = devpts_acquire(filp); 841 if (IS_ERR(fsi)) { 842 retval = PTR_ERR(fsi); 843 goto out_free_file; 844 } 845 846 /* find a device that is not in use. */ 847 mutex_lock(&devpts_mutex); 848 index = devpts_new_index(fsi); 849 mutex_unlock(&devpts_mutex); 850 851 retval = index; 852 if (index < 0) 853 goto out_put_fsi; 854 855 856 mutex_lock(&tty_mutex); 857 tty = tty_init_dev(ptm_driver, index); 858 /* The tty returned here is locked so we can safely 859 drop the mutex */ 860 mutex_unlock(&tty_mutex); 861 862 retval = PTR_ERR(tty); 863 if (IS_ERR(tty)) 864 goto out; 865 866 /* 867 * From here on out, the tty is "live", and the index and 868 * fsi will be killed/put by the tty_release() 869 */ 870 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */ 871 tty->driver_data = fsi; 872 873 tty_add_file(tty, filp); 874 875 dentry = devpts_pty_new(fsi, index, tty->link); 876 if (IS_ERR(dentry)) { 877 retval = PTR_ERR(dentry); 878 goto err_release; 879 } 880 tty->link->driver_data = dentry; 881 882 retval = ptm_driver->ops->open(tty, filp); 883 if (retval) 884 goto err_release; 885 886 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count); 887 888 tty_unlock(tty); 889 return 0; 890 err_release: 891 tty_unlock(tty); 892 // This will also put-ref the fsi 893 tty_release(inode, filp); 894 return retval; 895 out: 896 devpts_kill_index(fsi, index); 897 out_put_fsi: 898 devpts_release(fsi); 899 out_free_file: 900 tty_free_file(filp); 901 return retval; 902 } 903 904 static struct file_operations ptmx_fops __ro_after_init; 905 906 static void __init unix98_pty_init(void) 907 { 908 ptm_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 909 TTY_DRIVER_RESET_TERMIOS | 910 TTY_DRIVER_REAL_RAW | 911 TTY_DRIVER_DYNAMIC_DEV | 912 TTY_DRIVER_DEVPTS_MEM | 913 TTY_DRIVER_DYNAMIC_ALLOC); 914 if (IS_ERR(ptm_driver)) 915 panic("Couldn't allocate Unix98 ptm driver"); 916 pts_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 917 TTY_DRIVER_RESET_TERMIOS | 918 TTY_DRIVER_REAL_RAW | 919 TTY_DRIVER_DYNAMIC_DEV | 920 TTY_DRIVER_DEVPTS_MEM | 921 TTY_DRIVER_DYNAMIC_ALLOC); 922 if (IS_ERR(pts_driver)) 923 panic("Couldn't allocate Unix98 pts driver"); 924 925 ptm_driver->driver_name = "pty_master"; 926 ptm_driver->name = "ptm"; 927 ptm_driver->major = UNIX98_PTY_MASTER_MAJOR; 928 ptm_driver->minor_start = 0; 929 ptm_driver->type = TTY_DRIVER_TYPE_PTY; 930 ptm_driver->subtype = PTY_TYPE_MASTER; 931 ptm_driver->init_termios = tty_std_termios; 932 ptm_driver->init_termios.c_iflag = 0; 933 ptm_driver->init_termios.c_oflag = 0; 934 ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 935 ptm_driver->init_termios.c_lflag = 0; 936 ptm_driver->init_termios.c_ispeed = 38400; 937 ptm_driver->init_termios.c_ospeed = 38400; 938 ptm_driver->other = pts_driver; 939 tty_set_operations(ptm_driver, &ptm_unix98_ops); 940 941 pts_driver->driver_name = "pty_slave"; 942 pts_driver->name = "pts"; 943 pts_driver->major = UNIX98_PTY_SLAVE_MAJOR; 944 pts_driver->minor_start = 0; 945 pts_driver->type = TTY_DRIVER_TYPE_PTY; 946 pts_driver->subtype = PTY_TYPE_SLAVE; 947 pts_driver->init_termios = tty_std_termios; 948 pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 949 pts_driver->init_termios.c_ispeed = 38400; 950 pts_driver->init_termios.c_ospeed = 38400; 951 pts_driver->other = ptm_driver; 952 tty_set_operations(pts_driver, &pty_unix98_ops); 953 954 if (tty_register_driver(ptm_driver)) 955 panic("Couldn't register Unix98 ptm driver"); 956 if (tty_register_driver(pts_driver)) 957 panic("Couldn't register Unix98 pts driver"); 958 959 /* Now create the /dev/ptmx special device */ 960 tty_default_fops(&ptmx_fops); 961 ptmx_fops.open = ptmx_open; 962 963 cdev_init(&ptmx_cdev, &ptmx_fops); 964 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || 965 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0) 966 panic("Couldn't register /dev/ptmx driver"); 967 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, "ptmx"); 968 } 969 970 #else 971 static inline void unix98_pty_init(void) { } 972 #endif 973 974 static int __init pty_init(void) 975 { 976 legacy_pty_init(); 977 unix98_pty_init(); 978 return 0; 979 } 980 device_initcall(pty_init); 981