1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 1991, 1992 Linus Torvalds 4 * 5 * Added support for a Unix98-style ptmx device. 6 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 7 * 8 */ 9 10 #include <linux/module.h> 11 #include <linux/errno.h> 12 #include <linux/interrupt.h> 13 #include <linux/tty.h> 14 #include <linux/tty_flip.h> 15 #include <linux/fcntl.h> 16 #include <linux/sched/signal.h> 17 #include <linux/string.h> 18 #include <linux/major.h> 19 #include <linux/mm.h> 20 #include <linux/init.h> 21 #include <linux/device.h> 22 #include <linux/uaccess.h> 23 #include <linux/bitops.h> 24 #include <linux/devpts_fs.h> 25 #include <linux/slab.h> 26 #include <linux/mutex.h> 27 #include <linux/poll.h> 28 #include <linux/mount.h> 29 #include <linux/file.h> 30 #include <linux/ioctl.h> 31 #include <linux/compat.h> 32 33 #undef TTY_DEBUG_HANGUP 34 #ifdef TTY_DEBUG_HANGUP 35 # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) 36 #else 37 # define tty_debug_hangup(tty, f, args...) do {} while (0) 38 #endif 39 40 #ifdef CONFIG_UNIX98_PTYS 41 static struct tty_driver *ptm_driver; 42 static struct tty_driver *pts_driver; 43 static DEFINE_MUTEX(devpts_mutex); 44 #endif 45 46 static void pty_close(struct tty_struct *tty, struct file *filp) 47 { 48 if (tty->driver->subtype == PTY_TYPE_MASTER) 49 WARN_ON(tty->count > 1); 50 else { 51 if (tty_io_error(tty)) 52 return; 53 if (tty->count > 2) 54 return; 55 } 56 set_bit(TTY_IO_ERROR, &tty->flags); 57 wake_up_interruptible(&tty->read_wait); 58 wake_up_interruptible(&tty->write_wait); 59 spin_lock_irq(&tty->ctrl_lock); 60 tty->packet = 0; 61 spin_unlock_irq(&tty->ctrl_lock); 62 /* Review - krefs on tty_link ?? */ 63 if (!tty->link) 64 return; 65 set_bit(TTY_OTHER_CLOSED, &tty->link->flags); 66 wake_up_interruptible(&tty->link->read_wait); 67 wake_up_interruptible(&tty->link->write_wait); 68 if (tty->driver->subtype == PTY_TYPE_MASTER) { 69 set_bit(TTY_OTHER_CLOSED, &tty->flags); 70 #ifdef CONFIG_UNIX98_PTYS 71 if (tty->driver == ptm_driver) { 72 mutex_lock(&devpts_mutex); 73 if (tty->link->driver_data) 74 devpts_pty_kill(tty->link->driver_data); 75 mutex_unlock(&devpts_mutex); 76 } 77 #endif 78 tty_vhangup(tty->link); 79 } 80 } 81 82 /* 83 * The unthrottle routine is called by the line discipline to signal 84 * that it can receive more characters. For PTY's, the TTY_THROTTLED 85 * flag is always set, to force the line discipline to always call the 86 * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE 87 * characters in the queue. This is necessary since each time this 88 * happens, we need to wake up any sleeping processes that could be 89 * (1) trying to send data to the pty, or (2) waiting in wait_until_sent() 90 * for the pty buffer to be drained. 91 */ 92 static void pty_unthrottle(struct tty_struct *tty) 93 { 94 tty_wakeup(tty->link); 95 set_bit(TTY_THROTTLED, &tty->flags); 96 } 97 98 /** 99 * pty_write - write to a pty 100 * @tty: the tty we write from 101 * @buf: kernel buffer of data 102 * @c: bytes to write 103 * 104 * Our "hardware" write method. Data is coming from the ldisc which 105 * may be in a non sleeping state. We simply throw this at the other 106 * end of the link as if we were an IRQ handler receiving stuff for 107 * the other side of the pty/tty pair. 108 */ 109 110 static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c) 111 { 112 struct tty_struct *to = tty->link; 113 unsigned long flags; 114 115 if (tty->stopped) 116 return 0; 117 118 if (c > 0) { 119 spin_lock_irqsave(&to->port->lock, flags); 120 /* Stuff the data into the input queue of the other end */ 121 c = tty_insert_flip_string(to->port, buf, c); 122 spin_unlock_irqrestore(&to->port->lock, flags); 123 /* And shovel */ 124 if (c) 125 tty_flip_buffer_push(to->port); 126 } 127 return c; 128 } 129 130 /** 131 * pty_write_room - write space 132 * @tty: tty we are writing from 133 * 134 * Report how many bytes the ldisc can send into the queue for 135 * the other device. 136 */ 137 138 static int pty_write_room(struct tty_struct *tty) 139 { 140 if (tty->stopped) 141 return 0; 142 return tty_buffer_space_avail(tty->link->port); 143 } 144 145 /** 146 * pty_chars_in_buffer - characters currently in our tx queue 147 * @tty: our tty 148 * 149 * Report how much we have in the transmit queue. As everything is 150 * instantly at the other end this is easy to implement. 151 */ 152 153 static int pty_chars_in_buffer(struct tty_struct *tty) 154 { 155 return 0; 156 } 157 158 /* Set the lock flag on a pty */ 159 static int pty_set_lock(struct tty_struct *tty, int __user *arg) 160 { 161 int val; 162 if (get_user(val, arg)) 163 return -EFAULT; 164 if (val) 165 set_bit(TTY_PTY_LOCK, &tty->flags); 166 else 167 clear_bit(TTY_PTY_LOCK, &tty->flags); 168 return 0; 169 } 170 171 static int pty_get_lock(struct tty_struct *tty, int __user *arg) 172 { 173 int locked = test_bit(TTY_PTY_LOCK, &tty->flags); 174 return put_user(locked, arg); 175 } 176 177 /* Set the packet mode on a pty */ 178 static int pty_set_pktmode(struct tty_struct *tty, int __user *arg) 179 { 180 int pktmode; 181 182 if (get_user(pktmode, arg)) 183 return -EFAULT; 184 185 spin_lock_irq(&tty->ctrl_lock); 186 if (pktmode) { 187 if (!tty->packet) { 188 tty->link->ctrl_status = 0; 189 smp_mb(); 190 tty->packet = 1; 191 } 192 } else 193 tty->packet = 0; 194 spin_unlock_irq(&tty->ctrl_lock); 195 196 return 0; 197 } 198 199 /* Get the packet mode of a pty */ 200 static int pty_get_pktmode(struct tty_struct *tty, int __user *arg) 201 { 202 int pktmode = tty->packet; 203 return put_user(pktmode, arg); 204 } 205 206 /* Send a signal to the slave */ 207 static int pty_signal(struct tty_struct *tty, int sig) 208 { 209 struct pid *pgrp; 210 211 if (sig != SIGINT && sig != SIGQUIT && sig != SIGTSTP) 212 return -EINVAL; 213 214 if (tty->link) { 215 pgrp = tty_get_pgrp(tty->link); 216 if (pgrp) 217 kill_pgrp(pgrp, sig, 1); 218 put_pid(pgrp); 219 } 220 return 0; 221 } 222 223 static void pty_flush_buffer(struct tty_struct *tty) 224 { 225 struct tty_struct *to = tty->link; 226 227 if (!to) 228 return; 229 230 tty_buffer_flush(to, NULL); 231 if (to->packet) { 232 spin_lock_irq(&tty->ctrl_lock); 233 tty->ctrl_status |= TIOCPKT_FLUSHWRITE; 234 wake_up_interruptible(&to->read_wait); 235 spin_unlock_irq(&tty->ctrl_lock); 236 } 237 } 238 239 static int pty_open(struct tty_struct *tty, struct file *filp) 240 { 241 if (!tty || !tty->link) 242 return -ENODEV; 243 244 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) 245 goto out; 246 if (test_bit(TTY_PTY_LOCK, &tty->link->flags)) 247 goto out; 248 if (tty->driver->subtype == PTY_TYPE_SLAVE && tty->link->count != 1) 249 goto out; 250 251 clear_bit(TTY_IO_ERROR, &tty->flags); 252 clear_bit(TTY_OTHER_CLOSED, &tty->link->flags); 253 set_bit(TTY_THROTTLED, &tty->flags); 254 return 0; 255 256 out: 257 set_bit(TTY_IO_ERROR, &tty->flags); 258 return -EIO; 259 } 260 261 static void pty_set_termios(struct tty_struct *tty, 262 struct ktermios *old_termios) 263 { 264 /* See if packet mode change of state. */ 265 if (tty->link && tty->link->packet) { 266 int extproc = (old_termios->c_lflag & EXTPROC) | L_EXTPROC(tty); 267 int old_flow = ((old_termios->c_iflag & IXON) && 268 (old_termios->c_cc[VSTOP] == '\023') && 269 (old_termios->c_cc[VSTART] == '\021')); 270 int new_flow = (I_IXON(tty) && 271 STOP_CHAR(tty) == '\023' && 272 START_CHAR(tty) == '\021'); 273 if ((old_flow != new_flow) || extproc) { 274 spin_lock_irq(&tty->ctrl_lock); 275 if (old_flow != new_flow) { 276 tty->ctrl_status &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP); 277 if (new_flow) 278 tty->ctrl_status |= TIOCPKT_DOSTOP; 279 else 280 tty->ctrl_status |= TIOCPKT_NOSTOP; 281 } 282 if (extproc) 283 tty->ctrl_status |= TIOCPKT_IOCTL; 284 spin_unlock_irq(&tty->ctrl_lock); 285 wake_up_interruptible(&tty->link->read_wait); 286 } 287 } 288 289 tty->termios.c_cflag &= ~(CSIZE | PARENB); 290 tty->termios.c_cflag |= (CS8 | CREAD); 291 } 292 293 /** 294 * pty_do_resize - resize event 295 * @tty: tty being resized 296 * @ws: window size being set. 297 * 298 * Update the termios variables and send the necessary signals to 299 * peform a terminal resize correctly 300 */ 301 302 static int pty_resize(struct tty_struct *tty, struct winsize *ws) 303 { 304 struct pid *pgrp, *rpgrp; 305 struct tty_struct *pty = tty->link; 306 307 /* For a PTY we need to lock the tty side */ 308 mutex_lock(&tty->winsize_mutex); 309 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 310 goto done; 311 312 /* Signal the foreground process group of both ptys */ 313 pgrp = tty_get_pgrp(tty); 314 rpgrp = tty_get_pgrp(pty); 315 316 if (pgrp) 317 kill_pgrp(pgrp, SIGWINCH, 1); 318 if (rpgrp != pgrp && rpgrp) 319 kill_pgrp(rpgrp, SIGWINCH, 1); 320 321 put_pid(pgrp); 322 put_pid(rpgrp); 323 324 tty->winsize = *ws; 325 pty->winsize = *ws; /* Never used so will go away soon */ 326 done: 327 mutex_unlock(&tty->winsize_mutex); 328 return 0; 329 } 330 331 /** 332 * pty_start - start() handler 333 * pty_stop - stop() handler 334 * @tty: tty being flow-controlled 335 * 336 * Propagates the TIOCPKT status to the master pty. 337 * 338 * NB: only the master pty can be in packet mode so only the slave 339 * needs start()/stop() handlers 340 */ 341 static void pty_start(struct tty_struct *tty) 342 { 343 unsigned long flags; 344 345 if (tty->link && tty->link->packet) { 346 spin_lock_irqsave(&tty->ctrl_lock, flags); 347 tty->ctrl_status &= ~TIOCPKT_STOP; 348 tty->ctrl_status |= TIOCPKT_START; 349 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 350 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 351 } 352 } 353 354 static void pty_stop(struct tty_struct *tty) 355 { 356 unsigned long flags; 357 358 if (tty->link && tty->link->packet) { 359 spin_lock_irqsave(&tty->ctrl_lock, flags); 360 tty->ctrl_status &= ~TIOCPKT_START; 361 tty->ctrl_status |= TIOCPKT_STOP; 362 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 363 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 364 } 365 } 366 367 /** 368 * pty_common_install - set up the pty pair 369 * @driver: the pty driver 370 * @tty: the tty being instantiated 371 * @legacy: true if this is BSD style 372 * 373 * Perform the initial set up for the tty/pty pair. Called from the 374 * tty layer when the port is first opened. 375 * 376 * Locking: the caller must hold the tty_mutex 377 */ 378 static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty, 379 bool legacy) 380 { 381 struct tty_struct *o_tty; 382 struct tty_port *ports[2]; 383 int idx = tty->index; 384 int retval = -ENOMEM; 385 386 /* Opening the slave first has always returned -EIO */ 387 if (driver->subtype != PTY_TYPE_MASTER) 388 return -EIO; 389 390 ports[0] = kmalloc(sizeof **ports, GFP_KERNEL); 391 ports[1] = kmalloc(sizeof **ports, GFP_KERNEL); 392 if (!ports[0] || !ports[1]) 393 goto err; 394 if (!try_module_get(driver->other->owner)) { 395 /* This cannot in fact currently happen */ 396 goto err; 397 } 398 o_tty = alloc_tty_struct(driver->other, idx); 399 if (!o_tty) 400 goto err_put_module; 401 402 tty_set_lock_subclass(o_tty); 403 lockdep_set_subclass(&o_tty->termios_rwsem, TTY_LOCK_SLAVE); 404 405 if (legacy) { 406 /* We always use new tty termios data so we can do this 407 the easy way .. */ 408 tty_init_termios(tty); 409 tty_init_termios(o_tty); 410 411 driver->other->ttys[idx] = o_tty; 412 driver->ttys[idx] = tty; 413 } else { 414 memset(&tty->termios_locked, 0, sizeof(tty->termios_locked)); 415 tty->termios = driver->init_termios; 416 memset(&o_tty->termios_locked, 0, sizeof(tty->termios_locked)); 417 o_tty->termios = driver->other->init_termios; 418 } 419 420 /* 421 * Everything allocated ... set up the o_tty structure. 422 */ 423 tty_driver_kref_get(driver->other); 424 /* Establish the links in both directions */ 425 tty->link = o_tty; 426 o_tty->link = tty; 427 tty_port_init(ports[0]); 428 tty_port_init(ports[1]); 429 tty_buffer_set_limit(ports[0], 8192); 430 tty_buffer_set_limit(ports[1], 8192); 431 o_tty->port = ports[0]; 432 tty->port = ports[1]; 433 o_tty->port->itty = o_tty; 434 435 tty_buffer_set_lock_subclass(o_tty->port); 436 437 tty_driver_kref_get(driver); 438 tty->count++; 439 o_tty->count++; 440 return 0; 441 442 err_put_module: 443 module_put(driver->other->owner); 444 err: 445 kfree(ports[0]); 446 kfree(ports[1]); 447 return retval; 448 } 449 450 static void pty_cleanup(struct tty_struct *tty) 451 { 452 tty_port_put(tty->port); 453 } 454 455 /* Traditional BSD devices */ 456 #ifdef CONFIG_LEGACY_PTYS 457 458 static int pty_install(struct tty_driver *driver, struct tty_struct *tty) 459 { 460 return pty_common_install(driver, tty, true); 461 } 462 463 static void pty_remove(struct tty_driver *driver, struct tty_struct *tty) 464 { 465 struct tty_struct *pair = tty->link; 466 driver->ttys[tty->index] = NULL; 467 if (pair) 468 pair->driver->ttys[pair->index] = NULL; 469 } 470 471 static int pty_bsd_ioctl(struct tty_struct *tty, 472 unsigned int cmd, unsigned long arg) 473 { 474 switch (cmd) { 475 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 476 return pty_set_lock(tty, (int __user *) arg); 477 case TIOCGPTLCK: /* Get PT Lock status */ 478 return pty_get_lock(tty, (int __user *)arg); 479 case TIOCPKT: /* Set PT packet mode */ 480 return pty_set_pktmode(tty, (int __user *)arg); 481 case TIOCGPKT: /* Get PT packet mode */ 482 return pty_get_pktmode(tty, (int __user *)arg); 483 case TIOCSIG: /* Send signal to other side of pty */ 484 return pty_signal(tty, (int) arg); 485 case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */ 486 return -EINVAL; 487 } 488 return -ENOIOCTLCMD; 489 } 490 491 #ifdef CONFIG_COMPAT 492 static long pty_bsd_compat_ioctl(struct tty_struct *tty, 493 unsigned int cmd, unsigned long arg) 494 { 495 /* 496 * PTY ioctls don't require any special translation between 32-bit and 497 * 64-bit userspace, they are already compatible. 498 */ 499 return pty_bsd_ioctl(tty, cmd, (unsigned long)compat_ptr(arg)); 500 } 501 #else 502 #define pty_bsd_compat_ioctl NULL 503 #endif 504 505 static int legacy_count = CONFIG_LEGACY_PTY_COUNT; 506 /* 507 * not really modular, but the easiest way to keep compat with existing 508 * bootargs behaviour is to continue using module_param here. 509 */ 510 module_param(legacy_count, int, 0); 511 512 /* 513 * The master side of a pty can do TIOCSPTLCK and thus 514 * has pty_bsd_ioctl. 515 */ 516 static const struct tty_operations master_pty_ops_bsd = { 517 .install = pty_install, 518 .open = pty_open, 519 .close = pty_close, 520 .write = pty_write, 521 .write_room = pty_write_room, 522 .flush_buffer = pty_flush_buffer, 523 .chars_in_buffer = pty_chars_in_buffer, 524 .unthrottle = pty_unthrottle, 525 .ioctl = pty_bsd_ioctl, 526 .compat_ioctl = pty_bsd_compat_ioctl, 527 .cleanup = pty_cleanup, 528 .resize = pty_resize, 529 .remove = pty_remove 530 }; 531 532 static const struct tty_operations slave_pty_ops_bsd = { 533 .install = pty_install, 534 .open = pty_open, 535 .close = pty_close, 536 .write = pty_write, 537 .write_room = pty_write_room, 538 .flush_buffer = pty_flush_buffer, 539 .chars_in_buffer = pty_chars_in_buffer, 540 .unthrottle = pty_unthrottle, 541 .set_termios = pty_set_termios, 542 .cleanup = pty_cleanup, 543 .resize = pty_resize, 544 .start = pty_start, 545 .stop = pty_stop, 546 .remove = pty_remove 547 }; 548 549 static void __init legacy_pty_init(void) 550 { 551 struct tty_driver *pty_driver, *pty_slave_driver; 552 553 if (legacy_count <= 0) 554 return; 555 556 pty_driver = tty_alloc_driver(legacy_count, 557 TTY_DRIVER_RESET_TERMIOS | 558 TTY_DRIVER_REAL_RAW | 559 TTY_DRIVER_DYNAMIC_ALLOC); 560 if (IS_ERR(pty_driver)) 561 panic("Couldn't allocate pty driver"); 562 563 pty_slave_driver = tty_alloc_driver(legacy_count, 564 TTY_DRIVER_RESET_TERMIOS | 565 TTY_DRIVER_REAL_RAW | 566 TTY_DRIVER_DYNAMIC_ALLOC); 567 if (IS_ERR(pty_slave_driver)) 568 panic("Couldn't allocate pty slave driver"); 569 570 pty_driver->driver_name = "pty_master"; 571 pty_driver->name = "pty"; 572 pty_driver->major = PTY_MASTER_MAJOR; 573 pty_driver->minor_start = 0; 574 pty_driver->type = TTY_DRIVER_TYPE_PTY; 575 pty_driver->subtype = PTY_TYPE_MASTER; 576 pty_driver->init_termios = tty_std_termios; 577 pty_driver->init_termios.c_iflag = 0; 578 pty_driver->init_termios.c_oflag = 0; 579 pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 580 pty_driver->init_termios.c_lflag = 0; 581 pty_driver->init_termios.c_ispeed = 38400; 582 pty_driver->init_termios.c_ospeed = 38400; 583 pty_driver->other = pty_slave_driver; 584 tty_set_operations(pty_driver, &master_pty_ops_bsd); 585 586 pty_slave_driver->driver_name = "pty_slave"; 587 pty_slave_driver->name = "ttyp"; 588 pty_slave_driver->major = PTY_SLAVE_MAJOR; 589 pty_slave_driver->minor_start = 0; 590 pty_slave_driver->type = TTY_DRIVER_TYPE_PTY; 591 pty_slave_driver->subtype = PTY_TYPE_SLAVE; 592 pty_slave_driver->init_termios = tty_std_termios; 593 pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 594 pty_slave_driver->init_termios.c_ispeed = 38400; 595 pty_slave_driver->init_termios.c_ospeed = 38400; 596 pty_slave_driver->other = pty_driver; 597 tty_set_operations(pty_slave_driver, &slave_pty_ops_bsd); 598 599 if (tty_register_driver(pty_driver)) 600 panic("Couldn't register pty driver"); 601 if (tty_register_driver(pty_slave_driver)) 602 panic("Couldn't register pty slave driver"); 603 } 604 #else 605 static inline void legacy_pty_init(void) { } 606 #endif 607 608 /* Unix98 devices */ 609 #ifdef CONFIG_UNIX98_PTYS 610 static struct cdev ptmx_cdev; 611 612 /** 613 * ptm_open_peer - open the peer of a pty 614 * @master: the open struct file of the ptmx device node 615 * @tty: the master of the pty being opened 616 * @flags: the flags for open 617 * 618 * Provide a race free way for userspace to open the slave end of a pty 619 * (where they have the master fd and cannot access or trust the mount 620 * namespace /dev/pts was mounted inside). 621 */ 622 int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags) 623 { 624 int fd = -1; 625 struct file *filp; 626 int retval = -EINVAL; 627 struct path path; 628 629 if (tty->driver != ptm_driver) 630 return -EIO; 631 632 fd = get_unused_fd_flags(flags); 633 if (fd < 0) { 634 retval = fd; 635 goto err; 636 } 637 638 /* Compute the slave's path */ 639 path.mnt = devpts_mntget(master, tty->driver_data); 640 if (IS_ERR(path.mnt)) { 641 retval = PTR_ERR(path.mnt); 642 goto err_put; 643 } 644 path.dentry = tty->link->driver_data; 645 646 filp = dentry_open(&path, flags, current_cred()); 647 mntput(path.mnt); 648 if (IS_ERR(filp)) { 649 retval = PTR_ERR(filp); 650 goto err_put; 651 } 652 653 fd_install(fd, filp); 654 return fd; 655 656 err_put: 657 put_unused_fd(fd); 658 err: 659 return retval; 660 } 661 662 static int pty_unix98_ioctl(struct tty_struct *tty, 663 unsigned int cmd, unsigned long arg) 664 { 665 switch (cmd) { 666 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 667 return pty_set_lock(tty, (int __user *)arg); 668 case TIOCGPTLCK: /* Get PT Lock status */ 669 return pty_get_lock(tty, (int __user *)arg); 670 case TIOCPKT: /* Set PT packet mode */ 671 return pty_set_pktmode(tty, (int __user *)arg); 672 case TIOCGPKT: /* Get PT packet mode */ 673 return pty_get_pktmode(tty, (int __user *)arg); 674 case TIOCGPTN: /* Get PT Number */ 675 return put_user(tty->index, (unsigned int __user *)arg); 676 case TIOCSIG: /* Send signal to other side of pty */ 677 return pty_signal(tty, (int) arg); 678 } 679 680 return -ENOIOCTLCMD; 681 } 682 683 #ifdef CONFIG_COMPAT 684 static long pty_unix98_compat_ioctl(struct tty_struct *tty, 685 unsigned int cmd, unsigned long arg) 686 { 687 /* 688 * PTY ioctls don't require any special translation between 32-bit and 689 * 64-bit userspace, they are already compatible. 690 */ 691 return pty_unix98_ioctl(tty, cmd, 692 cmd == TIOCSIG ? arg : (unsigned long)compat_ptr(arg)); 693 } 694 #else 695 #define pty_unix98_compat_ioctl NULL 696 #endif 697 698 /** 699 * ptm_unix98_lookup - find a pty master 700 * @driver: ptm driver 701 * @file: unused 702 * @idx: tty index 703 * 704 * Look up a pty master device. Called under the tty_mutex for now. 705 * This provides our locking. 706 */ 707 708 static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver, 709 struct file *file, int idx) 710 { 711 /* Master must be open via /dev/ptmx */ 712 return ERR_PTR(-EIO); 713 } 714 715 /** 716 * pts_unix98_lookup - find a pty slave 717 * @driver: pts driver 718 * @file: file pointer to tty 719 * @idx: tty index 720 * 721 * Look up a pty master device. Called under the tty_mutex for now. 722 * This provides our locking for the tty pointer. 723 */ 724 725 static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver, 726 struct file *file, int idx) 727 { 728 struct tty_struct *tty; 729 730 mutex_lock(&devpts_mutex); 731 tty = devpts_get_priv(file->f_path.dentry); 732 mutex_unlock(&devpts_mutex); 733 /* Master must be open before slave */ 734 if (!tty) 735 return ERR_PTR(-EIO); 736 return tty; 737 } 738 739 static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty) 740 { 741 return pty_common_install(driver, tty, false); 742 } 743 744 /* this is called once with whichever end is closed last */ 745 static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty) 746 { 747 struct pts_fs_info *fsi; 748 749 if (tty->driver->subtype == PTY_TYPE_MASTER) 750 fsi = tty->driver_data; 751 else 752 fsi = tty->link->driver_data; 753 754 if (fsi) { 755 devpts_kill_index(fsi, tty->index); 756 devpts_release(fsi); 757 } 758 } 759 760 static void pty_show_fdinfo(struct tty_struct *tty, struct seq_file *m) 761 { 762 seq_printf(m, "tty-index:\t%d\n", tty->index); 763 } 764 765 static const struct tty_operations ptm_unix98_ops = { 766 .lookup = ptm_unix98_lookup, 767 .install = pty_unix98_install, 768 .remove = pty_unix98_remove, 769 .open = pty_open, 770 .close = pty_close, 771 .write = pty_write, 772 .write_room = pty_write_room, 773 .flush_buffer = pty_flush_buffer, 774 .chars_in_buffer = pty_chars_in_buffer, 775 .unthrottle = pty_unthrottle, 776 .ioctl = pty_unix98_ioctl, 777 .compat_ioctl = pty_unix98_compat_ioctl, 778 .resize = pty_resize, 779 .cleanup = pty_cleanup, 780 .show_fdinfo = pty_show_fdinfo, 781 }; 782 783 static const struct tty_operations pty_unix98_ops = { 784 .lookup = pts_unix98_lookup, 785 .install = pty_unix98_install, 786 .remove = pty_unix98_remove, 787 .open = pty_open, 788 .close = pty_close, 789 .write = pty_write, 790 .write_room = pty_write_room, 791 .flush_buffer = pty_flush_buffer, 792 .chars_in_buffer = pty_chars_in_buffer, 793 .unthrottle = pty_unthrottle, 794 .set_termios = pty_set_termios, 795 .start = pty_start, 796 .stop = pty_stop, 797 .cleanup = pty_cleanup, 798 }; 799 800 /** 801 * ptmx_open - open a unix 98 pty master 802 * @inode: inode of device file 803 * @filp: file pointer to tty 804 * 805 * Allocate a unix98 pty master device from the ptmx driver. 806 * 807 * Locking: tty_mutex protects the init_dev work. tty->count should 808 * protect the rest. 809 * allocated_ptys_lock handles the list of free pty numbers 810 */ 811 812 static int ptmx_open(struct inode *inode, struct file *filp) 813 { 814 struct pts_fs_info *fsi; 815 struct tty_struct *tty; 816 struct dentry *dentry; 817 int retval; 818 int index; 819 820 nonseekable_open(inode, filp); 821 822 /* We refuse fsnotify events on ptmx, since it's a shared resource */ 823 filp->f_mode |= FMODE_NONOTIFY; 824 825 retval = tty_alloc_file(filp); 826 if (retval) 827 return retval; 828 829 fsi = devpts_acquire(filp); 830 if (IS_ERR(fsi)) { 831 retval = PTR_ERR(fsi); 832 goto out_free_file; 833 } 834 835 /* find a device that is not in use. */ 836 mutex_lock(&devpts_mutex); 837 index = devpts_new_index(fsi); 838 mutex_unlock(&devpts_mutex); 839 840 retval = index; 841 if (index < 0) 842 goto out_put_fsi; 843 844 845 mutex_lock(&tty_mutex); 846 tty = tty_init_dev(ptm_driver, index); 847 /* The tty returned here is locked so we can safely 848 drop the mutex */ 849 mutex_unlock(&tty_mutex); 850 851 retval = PTR_ERR(tty); 852 if (IS_ERR(tty)) 853 goto out; 854 855 /* 856 * From here on out, the tty is "live", and the index and 857 * fsi will be killed/put by the tty_release() 858 */ 859 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */ 860 tty->driver_data = fsi; 861 862 tty_add_file(tty, filp); 863 864 dentry = devpts_pty_new(fsi, index, tty->link); 865 if (IS_ERR(dentry)) { 866 retval = PTR_ERR(dentry); 867 goto err_release; 868 } 869 tty->link->driver_data = dentry; 870 871 retval = ptm_driver->ops->open(tty, filp); 872 if (retval) 873 goto err_release; 874 875 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count); 876 877 tty_unlock(tty); 878 return 0; 879 err_release: 880 tty_unlock(tty); 881 // This will also put-ref the fsi 882 tty_release(inode, filp); 883 return retval; 884 out: 885 devpts_kill_index(fsi, index); 886 out_put_fsi: 887 devpts_release(fsi); 888 out_free_file: 889 tty_free_file(filp); 890 return retval; 891 } 892 893 static struct file_operations ptmx_fops __ro_after_init; 894 895 static void __init unix98_pty_init(void) 896 { 897 ptm_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 898 TTY_DRIVER_RESET_TERMIOS | 899 TTY_DRIVER_REAL_RAW | 900 TTY_DRIVER_DYNAMIC_DEV | 901 TTY_DRIVER_DEVPTS_MEM | 902 TTY_DRIVER_DYNAMIC_ALLOC); 903 if (IS_ERR(ptm_driver)) 904 panic("Couldn't allocate Unix98 ptm driver"); 905 pts_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 906 TTY_DRIVER_RESET_TERMIOS | 907 TTY_DRIVER_REAL_RAW | 908 TTY_DRIVER_DYNAMIC_DEV | 909 TTY_DRIVER_DEVPTS_MEM | 910 TTY_DRIVER_DYNAMIC_ALLOC); 911 if (IS_ERR(pts_driver)) 912 panic("Couldn't allocate Unix98 pts driver"); 913 914 ptm_driver->driver_name = "pty_master"; 915 ptm_driver->name = "ptm"; 916 ptm_driver->major = UNIX98_PTY_MASTER_MAJOR; 917 ptm_driver->minor_start = 0; 918 ptm_driver->type = TTY_DRIVER_TYPE_PTY; 919 ptm_driver->subtype = PTY_TYPE_MASTER; 920 ptm_driver->init_termios = tty_std_termios; 921 ptm_driver->init_termios.c_iflag = 0; 922 ptm_driver->init_termios.c_oflag = 0; 923 ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 924 ptm_driver->init_termios.c_lflag = 0; 925 ptm_driver->init_termios.c_ispeed = 38400; 926 ptm_driver->init_termios.c_ospeed = 38400; 927 ptm_driver->other = pts_driver; 928 tty_set_operations(ptm_driver, &ptm_unix98_ops); 929 930 pts_driver->driver_name = "pty_slave"; 931 pts_driver->name = "pts"; 932 pts_driver->major = UNIX98_PTY_SLAVE_MAJOR; 933 pts_driver->minor_start = 0; 934 pts_driver->type = TTY_DRIVER_TYPE_PTY; 935 pts_driver->subtype = PTY_TYPE_SLAVE; 936 pts_driver->init_termios = tty_std_termios; 937 pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 938 pts_driver->init_termios.c_ispeed = 38400; 939 pts_driver->init_termios.c_ospeed = 38400; 940 pts_driver->other = ptm_driver; 941 tty_set_operations(pts_driver, &pty_unix98_ops); 942 943 if (tty_register_driver(ptm_driver)) 944 panic("Couldn't register Unix98 ptm driver"); 945 if (tty_register_driver(pts_driver)) 946 panic("Couldn't register Unix98 pts driver"); 947 948 /* Now create the /dev/ptmx special device */ 949 tty_default_fops(&ptmx_fops); 950 ptmx_fops.open = ptmx_open; 951 952 cdev_init(&ptmx_cdev, &ptmx_fops); 953 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || 954 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0) 955 panic("Couldn't register /dev/ptmx driver"); 956 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, "ptmx"); 957 } 958 959 #else 960 static inline void unix98_pty_init(void) { } 961 #endif 962 963 static int __init pty_init(void) 964 { 965 legacy_pty_init(); 966 unix98_pty_init(); 967 return 0; 968 } 969 device_initcall(pty_init); 970