1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 1991, 1992 Linus Torvalds 4 * 5 * Added support for a Unix98-style ptmx device. 6 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 7 * 8 */ 9 10 #include <linux/module.h> 11 #include <linux/errno.h> 12 #include <linux/interrupt.h> 13 #include <linux/tty.h> 14 #include <linux/tty_flip.h> 15 #include <linux/fcntl.h> 16 #include <linux/sched/signal.h> 17 #include <linux/string.h> 18 #include <linux/major.h> 19 #include <linux/mm.h> 20 #include <linux/init.h> 21 #include <linux/device.h> 22 #include <linux/uaccess.h> 23 #include <linux/bitops.h> 24 #include <linux/devpts_fs.h> 25 #include <linux/slab.h> 26 #include <linux/mutex.h> 27 #include <linux/poll.h> 28 #include <linux/mount.h> 29 #include <linux/file.h> 30 #include <linux/ioctl.h> 31 32 #undef TTY_DEBUG_HANGUP 33 #ifdef TTY_DEBUG_HANGUP 34 # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) 35 #else 36 # define tty_debug_hangup(tty, f, args...) do {} while (0) 37 #endif 38 39 #ifdef CONFIG_UNIX98_PTYS 40 static struct tty_driver *ptm_driver; 41 static struct tty_driver *pts_driver; 42 static DEFINE_MUTEX(devpts_mutex); 43 #endif 44 45 static void pty_close(struct tty_struct *tty, struct file *filp) 46 { 47 BUG_ON(!tty); 48 if (tty->driver->subtype == PTY_TYPE_MASTER) 49 WARN_ON(tty->count > 1); 50 else { 51 if (tty_io_error(tty)) 52 return; 53 if (tty->count > 2) 54 return; 55 } 56 set_bit(TTY_IO_ERROR, &tty->flags); 57 wake_up_interruptible(&tty->read_wait); 58 wake_up_interruptible(&tty->write_wait); 59 spin_lock_irq(&tty->ctrl_lock); 60 tty->packet = 0; 61 spin_unlock_irq(&tty->ctrl_lock); 62 /* Review - krefs on tty_link ?? */ 63 if (!tty->link) 64 return; 65 set_bit(TTY_OTHER_CLOSED, &tty->link->flags); 66 wake_up_interruptible(&tty->link->read_wait); 67 wake_up_interruptible(&tty->link->write_wait); 68 if (tty->driver->subtype == PTY_TYPE_MASTER) { 69 set_bit(TTY_OTHER_CLOSED, &tty->flags); 70 #ifdef CONFIG_UNIX98_PTYS 71 if (tty->driver == ptm_driver) { 72 mutex_lock(&devpts_mutex); 73 if (tty->link->driver_data) 74 devpts_pty_kill(tty->link->driver_data); 75 mutex_unlock(&devpts_mutex); 76 } 77 #endif 78 tty_vhangup(tty->link); 79 } 80 } 81 82 /* 83 * The unthrottle routine is called by the line discipline to signal 84 * that it can receive more characters. For PTY's, the TTY_THROTTLED 85 * flag is always set, to force the line discipline to always call the 86 * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE 87 * characters in the queue. This is necessary since each time this 88 * happens, we need to wake up any sleeping processes that could be 89 * (1) trying to send data to the pty, or (2) waiting in wait_until_sent() 90 * for the pty buffer to be drained. 91 */ 92 static void pty_unthrottle(struct tty_struct *tty) 93 { 94 tty_wakeup(tty->link); 95 set_bit(TTY_THROTTLED, &tty->flags); 96 } 97 98 /** 99 * pty_write - write to a pty 100 * @tty: the tty we write from 101 * @buf: kernel buffer of data 102 * @count: bytes to write 103 * 104 * Our "hardware" write method. Data is coming from the ldisc which 105 * may be in a non sleeping state. We simply throw this at the other 106 * end of the link as if we were an IRQ handler receiving stuff for 107 * the other side of the pty/tty pair. 108 */ 109 110 static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c) 111 { 112 struct tty_struct *to = tty->link; 113 unsigned long flags; 114 115 if (tty->stopped) 116 return 0; 117 118 if (c > 0) { 119 spin_lock_irqsave(&to->port->lock, flags); 120 /* Stuff the data into the input queue of the other end */ 121 c = tty_insert_flip_string(to->port, buf, c); 122 /* And shovel */ 123 if (c) 124 tty_flip_buffer_push(to->port); 125 spin_unlock_irqrestore(&to->port->lock, flags); 126 } 127 return c; 128 } 129 130 /** 131 * pty_write_room - write space 132 * @tty: tty we are writing from 133 * 134 * Report how many bytes the ldisc can send into the queue for 135 * the other device. 136 */ 137 138 static int pty_write_room(struct tty_struct *tty) 139 { 140 if (tty->stopped) 141 return 0; 142 return tty_buffer_space_avail(tty->link->port); 143 } 144 145 /** 146 * pty_chars_in_buffer - characters currently in our tx queue 147 * @tty: our tty 148 * 149 * Report how much we have in the transmit queue. As everything is 150 * instantly at the other end this is easy to implement. 151 */ 152 153 static int pty_chars_in_buffer(struct tty_struct *tty) 154 { 155 return 0; 156 } 157 158 /* Set the lock flag on a pty */ 159 static int pty_set_lock(struct tty_struct *tty, int __user *arg) 160 { 161 int val; 162 if (get_user(val, arg)) 163 return -EFAULT; 164 if (val) 165 set_bit(TTY_PTY_LOCK, &tty->flags); 166 else 167 clear_bit(TTY_PTY_LOCK, &tty->flags); 168 return 0; 169 } 170 171 static int pty_get_lock(struct tty_struct *tty, int __user *arg) 172 { 173 int locked = test_bit(TTY_PTY_LOCK, &tty->flags); 174 return put_user(locked, arg); 175 } 176 177 /* Set the packet mode on a pty */ 178 static int pty_set_pktmode(struct tty_struct *tty, int __user *arg) 179 { 180 int pktmode; 181 182 if (get_user(pktmode, arg)) 183 return -EFAULT; 184 185 spin_lock_irq(&tty->ctrl_lock); 186 if (pktmode) { 187 if (!tty->packet) { 188 tty->link->ctrl_status = 0; 189 smp_mb(); 190 tty->packet = 1; 191 } 192 } else 193 tty->packet = 0; 194 spin_unlock_irq(&tty->ctrl_lock); 195 196 return 0; 197 } 198 199 /* Get the packet mode of a pty */ 200 static int pty_get_pktmode(struct tty_struct *tty, int __user *arg) 201 { 202 int pktmode = tty->packet; 203 return put_user(pktmode, arg); 204 } 205 206 /* Send a signal to the slave */ 207 static int pty_signal(struct tty_struct *tty, int sig) 208 { 209 struct pid *pgrp; 210 211 if (sig != SIGINT && sig != SIGQUIT && sig != SIGTSTP) 212 return -EINVAL; 213 214 if (tty->link) { 215 pgrp = tty_get_pgrp(tty->link); 216 if (pgrp) 217 kill_pgrp(pgrp, sig, 1); 218 put_pid(pgrp); 219 } 220 return 0; 221 } 222 223 static void pty_flush_buffer(struct tty_struct *tty) 224 { 225 struct tty_struct *to = tty->link; 226 227 if (!to) 228 return; 229 230 tty_buffer_flush(to, NULL); 231 if (to->packet) { 232 spin_lock_irq(&tty->ctrl_lock); 233 tty->ctrl_status |= TIOCPKT_FLUSHWRITE; 234 wake_up_interruptible(&to->read_wait); 235 spin_unlock_irq(&tty->ctrl_lock); 236 } 237 } 238 239 static int pty_open(struct tty_struct *tty, struct file *filp) 240 { 241 if (!tty || !tty->link) 242 return -ENODEV; 243 244 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) 245 goto out; 246 if (test_bit(TTY_PTY_LOCK, &tty->link->flags)) 247 goto out; 248 if (tty->driver->subtype == PTY_TYPE_SLAVE && tty->link->count != 1) 249 goto out; 250 251 clear_bit(TTY_IO_ERROR, &tty->flags); 252 clear_bit(TTY_OTHER_CLOSED, &tty->link->flags); 253 set_bit(TTY_THROTTLED, &tty->flags); 254 return 0; 255 256 out: 257 set_bit(TTY_IO_ERROR, &tty->flags); 258 return -EIO; 259 } 260 261 static void pty_set_termios(struct tty_struct *tty, 262 struct ktermios *old_termios) 263 { 264 /* See if packet mode change of state. */ 265 if (tty->link && tty->link->packet) { 266 int extproc = (old_termios->c_lflag & EXTPROC) | L_EXTPROC(tty); 267 int old_flow = ((old_termios->c_iflag & IXON) && 268 (old_termios->c_cc[VSTOP] == '\023') && 269 (old_termios->c_cc[VSTART] == '\021')); 270 int new_flow = (I_IXON(tty) && 271 STOP_CHAR(tty) == '\023' && 272 START_CHAR(tty) == '\021'); 273 if ((old_flow != new_flow) || extproc) { 274 spin_lock_irq(&tty->ctrl_lock); 275 if (old_flow != new_flow) { 276 tty->ctrl_status &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP); 277 if (new_flow) 278 tty->ctrl_status |= TIOCPKT_DOSTOP; 279 else 280 tty->ctrl_status |= TIOCPKT_NOSTOP; 281 } 282 if (extproc) 283 tty->ctrl_status |= TIOCPKT_IOCTL; 284 spin_unlock_irq(&tty->ctrl_lock); 285 wake_up_interruptible(&tty->link->read_wait); 286 } 287 } 288 289 tty->termios.c_cflag &= ~(CSIZE | PARENB); 290 tty->termios.c_cflag |= (CS8 | CREAD); 291 } 292 293 /** 294 * pty_do_resize - resize event 295 * @tty: tty being resized 296 * @ws: window size being set. 297 * 298 * Update the termios variables and send the necessary signals to 299 * peform a terminal resize correctly 300 */ 301 302 static int pty_resize(struct tty_struct *tty, struct winsize *ws) 303 { 304 struct pid *pgrp, *rpgrp; 305 struct tty_struct *pty = tty->link; 306 307 /* For a PTY we need to lock the tty side */ 308 mutex_lock(&tty->winsize_mutex); 309 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 310 goto done; 311 312 /* Signal the foreground process group of both ptys */ 313 pgrp = tty_get_pgrp(tty); 314 rpgrp = tty_get_pgrp(pty); 315 316 if (pgrp) 317 kill_pgrp(pgrp, SIGWINCH, 1); 318 if (rpgrp != pgrp && rpgrp) 319 kill_pgrp(rpgrp, SIGWINCH, 1); 320 321 put_pid(pgrp); 322 put_pid(rpgrp); 323 324 tty->winsize = *ws; 325 pty->winsize = *ws; /* Never used so will go away soon */ 326 done: 327 mutex_unlock(&tty->winsize_mutex); 328 return 0; 329 } 330 331 /** 332 * pty_start - start() handler 333 * pty_stop - stop() handler 334 * @tty: tty being flow-controlled 335 * 336 * Propagates the TIOCPKT status to the master pty. 337 * 338 * NB: only the master pty can be in packet mode so only the slave 339 * needs start()/stop() handlers 340 */ 341 static void pty_start(struct tty_struct *tty) 342 { 343 unsigned long flags; 344 345 if (tty->link && tty->link->packet) { 346 spin_lock_irqsave(&tty->ctrl_lock, flags); 347 tty->ctrl_status &= ~TIOCPKT_STOP; 348 tty->ctrl_status |= TIOCPKT_START; 349 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 350 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 351 } 352 } 353 354 static void pty_stop(struct tty_struct *tty) 355 { 356 unsigned long flags; 357 358 if (tty->link && tty->link->packet) { 359 spin_lock_irqsave(&tty->ctrl_lock, flags); 360 tty->ctrl_status &= ~TIOCPKT_START; 361 tty->ctrl_status |= TIOCPKT_STOP; 362 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 363 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 364 } 365 } 366 367 /** 368 * pty_common_install - set up the pty pair 369 * @driver: the pty driver 370 * @tty: the tty being instantiated 371 * @legacy: true if this is BSD style 372 * 373 * Perform the initial set up for the tty/pty pair. Called from the 374 * tty layer when the port is first opened. 375 * 376 * Locking: the caller must hold the tty_mutex 377 */ 378 static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty, 379 bool legacy) 380 { 381 struct tty_struct *o_tty; 382 struct tty_port *ports[2]; 383 int idx = tty->index; 384 int retval = -ENOMEM; 385 386 /* Opening the slave first has always returned -EIO */ 387 if (driver->subtype != PTY_TYPE_MASTER) 388 return -EIO; 389 390 ports[0] = kmalloc(sizeof **ports, GFP_KERNEL); 391 ports[1] = kmalloc(sizeof **ports, GFP_KERNEL); 392 if (!ports[0] || !ports[1]) 393 goto err; 394 if (!try_module_get(driver->other->owner)) { 395 /* This cannot in fact currently happen */ 396 goto err; 397 } 398 o_tty = alloc_tty_struct(driver->other, idx); 399 if (!o_tty) 400 goto err_put_module; 401 402 tty_set_lock_subclass(o_tty); 403 lockdep_set_subclass(&o_tty->termios_rwsem, TTY_LOCK_SLAVE); 404 405 if (legacy) { 406 /* We always use new tty termios data so we can do this 407 the easy way .. */ 408 tty_init_termios(tty); 409 tty_init_termios(o_tty); 410 411 driver->other->ttys[idx] = o_tty; 412 driver->ttys[idx] = tty; 413 } else { 414 memset(&tty->termios_locked, 0, sizeof(tty->termios_locked)); 415 tty->termios = driver->init_termios; 416 memset(&o_tty->termios_locked, 0, sizeof(tty->termios_locked)); 417 o_tty->termios = driver->other->init_termios; 418 } 419 420 /* 421 * Everything allocated ... set up the o_tty structure. 422 */ 423 tty_driver_kref_get(driver->other); 424 /* Establish the links in both directions */ 425 tty->link = o_tty; 426 o_tty->link = tty; 427 tty_port_init(ports[0]); 428 tty_port_init(ports[1]); 429 tty_buffer_set_limit(ports[0], 8192); 430 tty_buffer_set_limit(ports[1], 8192); 431 o_tty->port = ports[0]; 432 tty->port = ports[1]; 433 o_tty->port->itty = o_tty; 434 435 tty_buffer_set_lock_subclass(o_tty->port); 436 437 tty_driver_kref_get(driver); 438 tty->count++; 439 o_tty->count++; 440 return 0; 441 442 err_put_module: 443 module_put(driver->other->owner); 444 err: 445 kfree(ports[0]); 446 kfree(ports[1]); 447 return retval; 448 } 449 450 static void pty_cleanup(struct tty_struct *tty) 451 { 452 tty_port_put(tty->port); 453 } 454 455 /* Traditional BSD devices */ 456 #ifdef CONFIG_LEGACY_PTYS 457 458 static int pty_install(struct tty_driver *driver, struct tty_struct *tty) 459 { 460 return pty_common_install(driver, tty, true); 461 } 462 463 static void pty_remove(struct tty_driver *driver, struct tty_struct *tty) 464 { 465 struct tty_struct *pair = tty->link; 466 driver->ttys[tty->index] = NULL; 467 if (pair) 468 pair->driver->ttys[pair->index] = NULL; 469 } 470 471 static int pty_bsd_ioctl(struct tty_struct *tty, 472 unsigned int cmd, unsigned long arg) 473 { 474 switch (cmd) { 475 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 476 return pty_set_lock(tty, (int __user *) arg); 477 case TIOCGPTLCK: /* Get PT Lock status */ 478 return pty_get_lock(tty, (int __user *)arg); 479 case TIOCPKT: /* Set PT packet mode */ 480 return pty_set_pktmode(tty, (int __user *)arg); 481 case TIOCGPKT: /* Get PT packet mode */ 482 return pty_get_pktmode(tty, (int __user *)arg); 483 case TIOCSIG: /* Send signal to other side of pty */ 484 return pty_signal(tty, (int) arg); 485 case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */ 486 return -EINVAL; 487 } 488 return -ENOIOCTLCMD; 489 } 490 491 static long pty_bsd_compat_ioctl(struct tty_struct *tty, 492 unsigned int cmd, unsigned long arg) 493 { 494 /* 495 * PTY ioctls don't require any special translation between 32-bit and 496 * 64-bit userspace, they are already compatible. 497 */ 498 return pty_bsd_ioctl(tty, cmd, arg); 499 } 500 501 static int legacy_count = CONFIG_LEGACY_PTY_COUNT; 502 /* 503 * not really modular, but the easiest way to keep compat with existing 504 * bootargs behaviour is to continue using module_param here. 505 */ 506 module_param(legacy_count, int, 0); 507 508 /* 509 * The master side of a pty can do TIOCSPTLCK and thus 510 * has pty_bsd_ioctl. 511 */ 512 static const struct tty_operations master_pty_ops_bsd = { 513 .install = pty_install, 514 .open = pty_open, 515 .close = pty_close, 516 .write = pty_write, 517 .write_room = pty_write_room, 518 .flush_buffer = pty_flush_buffer, 519 .chars_in_buffer = pty_chars_in_buffer, 520 .unthrottle = pty_unthrottle, 521 .ioctl = pty_bsd_ioctl, 522 .compat_ioctl = pty_bsd_compat_ioctl, 523 .cleanup = pty_cleanup, 524 .resize = pty_resize, 525 .remove = pty_remove 526 }; 527 528 static const struct tty_operations slave_pty_ops_bsd = { 529 .install = pty_install, 530 .open = pty_open, 531 .close = pty_close, 532 .write = pty_write, 533 .write_room = pty_write_room, 534 .flush_buffer = pty_flush_buffer, 535 .chars_in_buffer = pty_chars_in_buffer, 536 .unthrottle = pty_unthrottle, 537 .set_termios = pty_set_termios, 538 .cleanup = pty_cleanup, 539 .resize = pty_resize, 540 .start = pty_start, 541 .stop = pty_stop, 542 .remove = pty_remove 543 }; 544 545 static void __init legacy_pty_init(void) 546 { 547 struct tty_driver *pty_driver, *pty_slave_driver; 548 549 if (legacy_count <= 0) 550 return; 551 552 pty_driver = tty_alloc_driver(legacy_count, 553 TTY_DRIVER_RESET_TERMIOS | 554 TTY_DRIVER_REAL_RAW | 555 TTY_DRIVER_DYNAMIC_ALLOC); 556 if (IS_ERR(pty_driver)) 557 panic("Couldn't allocate pty driver"); 558 559 pty_slave_driver = tty_alloc_driver(legacy_count, 560 TTY_DRIVER_RESET_TERMIOS | 561 TTY_DRIVER_REAL_RAW | 562 TTY_DRIVER_DYNAMIC_ALLOC); 563 if (IS_ERR(pty_slave_driver)) 564 panic("Couldn't allocate pty slave driver"); 565 566 pty_driver->driver_name = "pty_master"; 567 pty_driver->name = "pty"; 568 pty_driver->major = PTY_MASTER_MAJOR; 569 pty_driver->minor_start = 0; 570 pty_driver->type = TTY_DRIVER_TYPE_PTY; 571 pty_driver->subtype = PTY_TYPE_MASTER; 572 pty_driver->init_termios = tty_std_termios; 573 pty_driver->init_termios.c_iflag = 0; 574 pty_driver->init_termios.c_oflag = 0; 575 pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 576 pty_driver->init_termios.c_lflag = 0; 577 pty_driver->init_termios.c_ispeed = 38400; 578 pty_driver->init_termios.c_ospeed = 38400; 579 pty_driver->other = pty_slave_driver; 580 tty_set_operations(pty_driver, &master_pty_ops_bsd); 581 582 pty_slave_driver->driver_name = "pty_slave"; 583 pty_slave_driver->name = "ttyp"; 584 pty_slave_driver->major = PTY_SLAVE_MAJOR; 585 pty_slave_driver->minor_start = 0; 586 pty_slave_driver->type = TTY_DRIVER_TYPE_PTY; 587 pty_slave_driver->subtype = PTY_TYPE_SLAVE; 588 pty_slave_driver->init_termios = tty_std_termios; 589 pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 590 pty_slave_driver->init_termios.c_ispeed = 38400; 591 pty_slave_driver->init_termios.c_ospeed = 38400; 592 pty_slave_driver->other = pty_driver; 593 tty_set_operations(pty_slave_driver, &slave_pty_ops_bsd); 594 595 if (tty_register_driver(pty_driver)) 596 panic("Couldn't register pty driver"); 597 if (tty_register_driver(pty_slave_driver)) 598 panic("Couldn't register pty slave driver"); 599 } 600 #else 601 static inline void legacy_pty_init(void) { } 602 #endif 603 604 /* Unix98 devices */ 605 #ifdef CONFIG_UNIX98_PTYS 606 static struct cdev ptmx_cdev; 607 608 /** 609 * ptm_open_peer - open the peer of a pty 610 * @master: the open struct file of the ptmx device node 611 * @tty: the master of the pty being opened 612 * @flags: the flags for open 613 * 614 * Provide a race free way for userspace to open the slave end of a pty 615 * (where they have the master fd and cannot access or trust the mount 616 * namespace /dev/pts was mounted inside). 617 */ 618 int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags) 619 { 620 int fd = -1; 621 struct file *filp; 622 int retval = -EINVAL; 623 struct path path; 624 625 if (tty->driver != ptm_driver) 626 return -EIO; 627 628 fd = get_unused_fd_flags(flags); 629 if (fd < 0) { 630 retval = fd; 631 goto err; 632 } 633 634 /* Compute the slave's path */ 635 path.mnt = devpts_mntget(master, tty->driver_data); 636 if (IS_ERR(path.mnt)) { 637 retval = PTR_ERR(path.mnt); 638 goto err_put; 639 } 640 path.dentry = tty->link->driver_data; 641 642 filp = dentry_open(&path, flags, current_cred()); 643 mntput(path.mnt); 644 if (IS_ERR(filp)) { 645 retval = PTR_ERR(filp); 646 goto err_put; 647 } 648 649 fd_install(fd, filp); 650 return fd; 651 652 err_put: 653 put_unused_fd(fd); 654 err: 655 return retval; 656 } 657 658 static int pty_unix98_ioctl(struct tty_struct *tty, 659 unsigned int cmd, unsigned long arg) 660 { 661 switch (cmd) { 662 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 663 return pty_set_lock(tty, (int __user *)arg); 664 case TIOCGPTLCK: /* Get PT Lock status */ 665 return pty_get_lock(tty, (int __user *)arg); 666 case TIOCPKT: /* Set PT packet mode */ 667 return pty_set_pktmode(tty, (int __user *)arg); 668 case TIOCGPKT: /* Get PT packet mode */ 669 return pty_get_pktmode(tty, (int __user *)arg); 670 case TIOCGPTN: /* Get PT Number */ 671 return put_user(tty->index, (unsigned int __user *)arg); 672 case TIOCSIG: /* Send signal to other side of pty */ 673 return pty_signal(tty, (int) arg); 674 } 675 676 return -ENOIOCTLCMD; 677 } 678 679 static long pty_unix98_compat_ioctl(struct tty_struct *tty, 680 unsigned int cmd, unsigned long arg) 681 { 682 /* 683 * PTY ioctls don't require any special translation between 32-bit and 684 * 64-bit userspace, they are already compatible. 685 */ 686 return pty_unix98_ioctl(tty, cmd, arg); 687 } 688 689 /** 690 * ptm_unix98_lookup - find a pty master 691 * @driver: ptm driver 692 * @idx: tty index 693 * 694 * Look up a pty master device. Called under the tty_mutex for now. 695 * This provides our locking. 696 */ 697 698 static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver, 699 struct file *file, int idx) 700 { 701 /* Master must be open via /dev/ptmx */ 702 return ERR_PTR(-EIO); 703 } 704 705 /** 706 * pts_unix98_lookup - find a pty slave 707 * @driver: pts driver 708 * @idx: tty index 709 * 710 * Look up a pty master device. Called under the tty_mutex for now. 711 * This provides our locking for the tty pointer. 712 */ 713 714 static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver, 715 struct file *file, int idx) 716 { 717 struct tty_struct *tty; 718 719 mutex_lock(&devpts_mutex); 720 tty = devpts_get_priv(file->f_path.dentry); 721 mutex_unlock(&devpts_mutex); 722 /* Master must be open before slave */ 723 if (!tty) 724 return ERR_PTR(-EIO); 725 return tty; 726 } 727 728 static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty) 729 { 730 return pty_common_install(driver, tty, false); 731 } 732 733 /* this is called once with whichever end is closed last */ 734 static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty) 735 { 736 struct pts_fs_info *fsi; 737 738 if (tty->driver->subtype == PTY_TYPE_MASTER) 739 fsi = tty->driver_data; 740 else 741 fsi = tty->link->driver_data; 742 743 if (fsi) { 744 devpts_kill_index(fsi, tty->index); 745 devpts_release(fsi); 746 } 747 } 748 749 static void pty_show_fdinfo(struct tty_struct *tty, struct seq_file *m) 750 { 751 seq_printf(m, "tty-index:\t%d\n", tty->index); 752 } 753 754 static const struct tty_operations ptm_unix98_ops = { 755 .lookup = ptm_unix98_lookup, 756 .install = pty_unix98_install, 757 .remove = pty_unix98_remove, 758 .open = pty_open, 759 .close = pty_close, 760 .write = pty_write, 761 .write_room = pty_write_room, 762 .flush_buffer = pty_flush_buffer, 763 .chars_in_buffer = pty_chars_in_buffer, 764 .unthrottle = pty_unthrottle, 765 .ioctl = pty_unix98_ioctl, 766 .compat_ioctl = pty_unix98_compat_ioctl, 767 .resize = pty_resize, 768 .cleanup = pty_cleanup, 769 .show_fdinfo = pty_show_fdinfo, 770 }; 771 772 static const struct tty_operations pty_unix98_ops = { 773 .lookup = pts_unix98_lookup, 774 .install = pty_unix98_install, 775 .remove = pty_unix98_remove, 776 .open = pty_open, 777 .close = pty_close, 778 .write = pty_write, 779 .write_room = pty_write_room, 780 .flush_buffer = pty_flush_buffer, 781 .chars_in_buffer = pty_chars_in_buffer, 782 .unthrottle = pty_unthrottle, 783 .set_termios = pty_set_termios, 784 .start = pty_start, 785 .stop = pty_stop, 786 .cleanup = pty_cleanup, 787 }; 788 789 /** 790 * ptmx_open - open a unix 98 pty master 791 * @inode: inode of device file 792 * @filp: file pointer to tty 793 * 794 * Allocate a unix98 pty master device from the ptmx driver. 795 * 796 * Locking: tty_mutex protects the init_dev work. tty->count should 797 * protect the rest. 798 * allocated_ptys_lock handles the list of free pty numbers 799 */ 800 801 static int ptmx_open(struct inode *inode, struct file *filp) 802 { 803 struct pts_fs_info *fsi; 804 struct tty_struct *tty; 805 struct dentry *dentry; 806 int retval; 807 int index; 808 809 nonseekable_open(inode, filp); 810 811 /* We refuse fsnotify events on ptmx, since it's a shared resource */ 812 filp->f_mode |= FMODE_NONOTIFY; 813 814 retval = tty_alloc_file(filp); 815 if (retval) 816 return retval; 817 818 fsi = devpts_acquire(filp); 819 if (IS_ERR(fsi)) { 820 retval = PTR_ERR(fsi); 821 goto out_free_file; 822 } 823 824 /* find a device that is not in use. */ 825 mutex_lock(&devpts_mutex); 826 index = devpts_new_index(fsi); 827 mutex_unlock(&devpts_mutex); 828 829 retval = index; 830 if (index < 0) 831 goto out_put_fsi; 832 833 834 mutex_lock(&tty_mutex); 835 tty = tty_init_dev(ptm_driver, index); 836 /* The tty returned here is locked so we can safely 837 drop the mutex */ 838 mutex_unlock(&tty_mutex); 839 840 retval = PTR_ERR(tty); 841 if (IS_ERR(tty)) 842 goto out; 843 844 /* 845 * From here on out, the tty is "live", and the index and 846 * fsi will be killed/put by the tty_release() 847 */ 848 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */ 849 tty->driver_data = fsi; 850 851 tty_add_file(tty, filp); 852 853 dentry = devpts_pty_new(fsi, index, tty->link); 854 if (IS_ERR(dentry)) { 855 retval = PTR_ERR(dentry); 856 goto err_release; 857 } 858 tty->link->driver_data = dentry; 859 860 retval = ptm_driver->ops->open(tty, filp); 861 if (retval) 862 goto err_release; 863 864 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count); 865 866 tty_unlock(tty); 867 return 0; 868 err_release: 869 tty_unlock(tty); 870 // This will also put-ref the fsi 871 tty_release(inode, filp); 872 return retval; 873 out: 874 devpts_kill_index(fsi, index); 875 out_put_fsi: 876 devpts_release(fsi); 877 out_free_file: 878 tty_free_file(filp); 879 return retval; 880 } 881 882 static struct file_operations ptmx_fops __ro_after_init; 883 884 static void __init unix98_pty_init(void) 885 { 886 ptm_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 887 TTY_DRIVER_RESET_TERMIOS | 888 TTY_DRIVER_REAL_RAW | 889 TTY_DRIVER_DYNAMIC_DEV | 890 TTY_DRIVER_DEVPTS_MEM | 891 TTY_DRIVER_DYNAMIC_ALLOC); 892 if (IS_ERR(ptm_driver)) 893 panic("Couldn't allocate Unix98 ptm driver"); 894 pts_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 895 TTY_DRIVER_RESET_TERMIOS | 896 TTY_DRIVER_REAL_RAW | 897 TTY_DRIVER_DYNAMIC_DEV | 898 TTY_DRIVER_DEVPTS_MEM | 899 TTY_DRIVER_DYNAMIC_ALLOC); 900 if (IS_ERR(pts_driver)) 901 panic("Couldn't allocate Unix98 pts driver"); 902 903 ptm_driver->driver_name = "pty_master"; 904 ptm_driver->name = "ptm"; 905 ptm_driver->major = UNIX98_PTY_MASTER_MAJOR; 906 ptm_driver->minor_start = 0; 907 ptm_driver->type = TTY_DRIVER_TYPE_PTY; 908 ptm_driver->subtype = PTY_TYPE_MASTER; 909 ptm_driver->init_termios = tty_std_termios; 910 ptm_driver->init_termios.c_iflag = 0; 911 ptm_driver->init_termios.c_oflag = 0; 912 ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 913 ptm_driver->init_termios.c_lflag = 0; 914 ptm_driver->init_termios.c_ispeed = 38400; 915 ptm_driver->init_termios.c_ospeed = 38400; 916 ptm_driver->other = pts_driver; 917 tty_set_operations(ptm_driver, &ptm_unix98_ops); 918 919 pts_driver->driver_name = "pty_slave"; 920 pts_driver->name = "pts"; 921 pts_driver->major = UNIX98_PTY_SLAVE_MAJOR; 922 pts_driver->minor_start = 0; 923 pts_driver->type = TTY_DRIVER_TYPE_PTY; 924 pts_driver->subtype = PTY_TYPE_SLAVE; 925 pts_driver->init_termios = tty_std_termios; 926 pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 927 pts_driver->init_termios.c_ispeed = 38400; 928 pts_driver->init_termios.c_ospeed = 38400; 929 pts_driver->other = ptm_driver; 930 tty_set_operations(pts_driver, &pty_unix98_ops); 931 932 if (tty_register_driver(ptm_driver)) 933 panic("Couldn't register Unix98 ptm driver"); 934 if (tty_register_driver(pts_driver)) 935 panic("Couldn't register Unix98 pts driver"); 936 937 /* Now create the /dev/ptmx special device */ 938 tty_default_fops(&ptmx_fops); 939 ptmx_fops.open = ptmx_open; 940 941 cdev_init(&ptmx_cdev, &ptmx_fops); 942 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || 943 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0) 944 panic("Couldn't register /dev/ptmx driver"); 945 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, "ptmx"); 946 } 947 948 #else 949 static inline void unix98_pty_init(void) { } 950 #endif 951 952 static int __init pty_init(void) 953 { 954 legacy_pty_init(); 955 unix98_pty_init(); 956 return 0; 957 } 958 device_initcall(pty_init); 959