1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 110 #define TTY_PARANOIA_CHECK 1 111 #define CHECK_TTY_COUNT 1 112 113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 114 .c_iflag = ICRNL | IXON, 115 .c_oflag = OPOST | ONLCR, 116 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 118 ECHOCTL | ECHOKE | IEXTEN, 119 .c_cc = INIT_C_CC, 120 .c_ispeed = 38400, 121 .c_ospeed = 38400 122 }; 123 124 EXPORT_SYMBOL(tty_std_termios); 125 126 /* This list gets poked at by procfs and various bits of boot up code. This 127 could do with some rationalisation such as pulling the tty proc function 128 into this file */ 129 130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 131 132 /* Mutex to protect creating and releasing a tty. This is shared with 133 vt.c for deeply disgusting hack reasons */ 134 DEFINE_MUTEX(tty_mutex); 135 EXPORT_SYMBOL(tty_mutex); 136 137 /* Spinlock to protect the tty->tty_files list */ 138 DEFINE_SPINLOCK(tty_files_lock); 139 140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 142 ssize_t redirected_tty_write(struct file *, const char __user *, 143 size_t, loff_t *); 144 static unsigned int tty_poll(struct file *, poll_table *); 145 static int tty_open(struct inode *, struct file *); 146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 147 #ifdef CONFIG_COMPAT 148 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 149 unsigned long arg); 150 #else 151 #define tty_compat_ioctl NULL 152 #endif 153 static int __tty_fasync(int fd, struct file *filp, int on); 154 static int tty_fasync(int fd, struct file *filp, int on); 155 static void release_tty(struct tty_struct *tty, int idx); 156 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 157 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 159 /** 160 * alloc_tty_struct - allocate a tty object 161 * 162 * Return a new empty tty structure. The data fields have not 163 * been initialized in any way but has been zeroed 164 * 165 * Locking: none 166 */ 167 168 struct tty_struct *alloc_tty_struct(void) 169 { 170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 171 } 172 173 /** 174 * free_tty_struct - free a disused tty 175 * @tty: tty struct to free 176 * 177 * Free the write buffers, tty queue and tty memory itself. 178 * 179 * Locking: none. Must be called after tty is definitely unused 180 */ 181 182 void free_tty_struct(struct tty_struct *tty) 183 { 184 if (tty->dev) 185 put_device(tty->dev); 186 kfree(tty->write_buf); 187 tty_buffer_free_all(tty); 188 kfree(tty); 189 } 190 191 static inline struct tty_struct *file_tty(struct file *file) 192 { 193 return ((struct tty_file_private *)file->private_data)->tty; 194 } 195 196 int tty_alloc_file(struct file *file) 197 { 198 struct tty_file_private *priv; 199 200 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 201 if (!priv) 202 return -ENOMEM; 203 204 file->private_data = priv; 205 206 return 0; 207 } 208 209 /* Associate a new file with the tty structure */ 210 void tty_add_file(struct tty_struct *tty, struct file *file) 211 { 212 struct tty_file_private *priv = file->private_data; 213 214 priv->tty = tty; 215 priv->file = file; 216 217 spin_lock(&tty_files_lock); 218 list_add(&priv->list, &tty->tty_files); 219 spin_unlock(&tty_files_lock); 220 } 221 222 /** 223 * tty_free_file - free file->private_data 224 * 225 * This shall be used only for fail path handling when tty_add_file was not 226 * called yet. 227 */ 228 void tty_free_file(struct file *file) 229 { 230 struct tty_file_private *priv = file->private_data; 231 232 file->private_data = NULL; 233 kfree(priv); 234 } 235 236 /* Delete file from its tty */ 237 void tty_del_file(struct file *file) 238 { 239 struct tty_file_private *priv = file->private_data; 240 241 spin_lock(&tty_files_lock); 242 list_del(&priv->list); 243 spin_unlock(&tty_files_lock); 244 tty_free_file(file); 245 } 246 247 248 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 249 250 /** 251 * tty_name - return tty naming 252 * @tty: tty structure 253 * @buf: buffer for output 254 * 255 * Convert a tty structure into a name. The name reflects the kernel 256 * naming policy and if udev is in use may not reflect user space 257 * 258 * Locking: none 259 */ 260 261 char *tty_name(struct tty_struct *tty, char *buf) 262 { 263 if (!tty) /* Hmm. NULL pointer. That's fun. */ 264 strcpy(buf, "NULL tty"); 265 else 266 strcpy(buf, tty->name); 267 return buf; 268 } 269 270 EXPORT_SYMBOL(tty_name); 271 272 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 273 const char *routine) 274 { 275 #ifdef TTY_PARANOIA_CHECK 276 if (!tty) { 277 printk(KERN_WARNING 278 "null TTY for (%d:%d) in %s\n", 279 imajor(inode), iminor(inode), routine); 280 return 1; 281 } 282 if (tty->magic != TTY_MAGIC) { 283 printk(KERN_WARNING 284 "bad magic number for tty struct (%d:%d) in %s\n", 285 imajor(inode), iminor(inode), routine); 286 return 1; 287 } 288 #endif 289 return 0; 290 } 291 292 static int check_tty_count(struct tty_struct *tty, const char *routine) 293 { 294 #ifdef CHECK_TTY_COUNT 295 struct list_head *p; 296 int count = 0; 297 298 spin_lock(&tty_files_lock); 299 list_for_each(p, &tty->tty_files) { 300 count++; 301 } 302 spin_unlock(&tty_files_lock); 303 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 304 tty->driver->subtype == PTY_TYPE_SLAVE && 305 tty->link && tty->link->count) 306 count++; 307 if (tty->count != count) { 308 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 309 "!= #fd's(%d) in %s\n", 310 tty->name, tty->count, count, routine); 311 return count; 312 } 313 #endif 314 return 0; 315 } 316 317 /** 318 * get_tty_driver - find device of a tty 319 * @dev_t: device identifier 320 * @index: returns the index of the tty 321 * 322 * This routine returns a tty driver structure, given a device number 323 * and also passes back the index number. 324 * 325 * Locking: caller must hold tty_mutex 326 */ 327 328 static struct tty_driver *get_tty_driver(dev_t device, int *index) 329 { 330 struct tty_driver *p; 331 332 list_for_each_entry(p, &tty_drivers, tty_drivers) { 333 dev_t base = MKDEV(p->major, p->minor_start); 334 if (device < base || device >= base + p->num) 335 continue; 336 *index = device - base; 337 return tty_driver_kref_get(p); 338 } 339 return NULL; 340 } 341 342 #ifdef CONFIG_CONSOLE_POLL 343 344 /** 345 * tty_find_polling_driver - find device of a polled tty 346 * @name: name string to match 347 * @line: pointer to resulting tty line nr 348 * 349 * This routine returns a tty driver structure, given a name 350 * and the condition that the tty driver is capable of polled 351 * operation. 352 */ 353 struct tty_driver *tty_find_polling_driver(char *name, int *line) 354 { 355 struct tty_driver *p, *res = NULL; 356 int tty_line = 0; 357 int len; 358 char *str, *stp; 359 360 for (str = name; *str; str++) 361 if ((*str >= '0' && *str <= '9') || *str == ',') 362 break; 363 if (!*str) 364 return NULL; 365 366 len = str - name; 367 tty_line = simple_strtoul(str, &str, 10); 368 369 mutex_lock(&tty_mutex); 370 /* Search through the tty devices to look for a match */ 371 list_for_each_entry(p, &tty_drivers, tty_drivers) { 372 if (strncmp(name, p->name, len) != 0) 373 continue; 374 stp = str; 375 if (*stp == ',') 376 stp++; 377 if (*stp == '\0') 378 stp = NULL; 379 380 if (tty_line >= 0 && tty_line < p->num && p->ops && 381 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 382 res = tty_driver_kref_get(p); 383 *line = tty_line; 384 break; 385 } 386 } 387 mutex_unlock(&tty_mutex); 388 389 return res; 390 } 391 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 392 #endif 393 394 /** 395 * tty_check_change - check for POSIX terminal changes 396 * @tty: tty to check 397 * 398 * If we try to write to, or set the state of, a terminal and we're 399 * not in the foreground, send a SIGTTOU. If the signal is blocked or 400 * ignored, go ahead and perform the operation. (POSIX 7.2) 401 * 402 * Locking: ctrl_lock 403 */ 404 405 int tty_check_change(struct tty_struct *tty) 406 { 407 unsigned long flags; 408 int ret = 0; 409 410 if (current->signal->tty != tty) 411 return 0; 412 413 spin_lock_irqsave(&tty->ctrl_lock, flags); 414 415 if (!tty->pgrp) { 416 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 417 goto out_unlock; 418 } 419 if (task_pgrp(current) == tty->pgrp) 420 goto out_unlock; 421 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 422 if (is_ignored(SIGTTOU)) 423 goto out; 424 if (is_current_pgrp_orphaned()) { 425 ret = -EIO; 426 goto out; 427 } 428 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 429 set_thread_flag(TIF_SIGPENDING); 430 ret = -ERESTARTSYS; 431 out: 432 return ret; 433 out_unlock: 434 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 435 return ret; 436 } 437 438 EXPORT_SYMBOL(tty_check_change); 439 440 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 441 size_t count, loff_t *ppos) 442 { 443 return 0; 444 } 445 446 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 447 size_t count, loff_t *ppos) 448 { 449 return -EIO; 450 } 451 452 /* No kernel lock held - none needed ;) */ 453 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 454 { 455 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 456 } 457 458 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 459 unsigned long arg) 460 { 461 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 462 } 463 464 static long hung_up_tty_compat_ioctl(struct file *file, 465 unsigned int cmd, unsigned long arg) 466 { 467 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 468 } 469 470 static const struct file_operations tty_fops = { 471 .llseek = no_llseek, 472 .read = tty_read, 473 .write = tty_write, 474 .poll = tty_poll, 475 .unlocked_ioctl = tty_ioctl, 476 .compat_ioctl = tty_compat_ioctl, 477 .open = tty_open, 478 .release = tty_release, 479 .fasync = tty_fasync, 480 }; 481 482 static const struct file_operations console_fops = { 483 .llseek = no_llseek, 484 .read = tty_read, 485 .write = redirected_tty_write, 486 .poll = tty_poll, 487 .unlocked_ioctl = tty_ioctl, 488 .compat_ioctl = tty_compat_ioctl, 489 .open = tty_open, 490 .release = tty_release, 491 .fasync = tty_fasync, 492 }; 493 494 static const struct file_operations hung_up_tty_fops = { 495 .llseek = no_llseek, 496 .read = hung_up_tty_read, 497 .write = hung_up_tty_write, 498 .poll = hung_up_tty_poll, 499 .unlocked_ioctl = hung_up_tty_ioctl, 500 .compat_ioctl = hung_up_tty_compat_ioctl, 501 .release = tty_release, 502 }; 503 504 static DEFINE_SPINLOCK(redirect_lock); 505 static struct file *redirect; 506 507 /** 508 * tty_wakeup - request more data 509 * @tty: terminal 510 * 511 * Internal and external helper for wakeups of tty. This function 512 * informs the line discipline if present that the driver is ready 513 * to receive more output data. 514 */ 515 516 void tty_wakeup(struct tty_struct *tty) 517 { 518 struct tty_ldisc *ld; 519 520 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 521 ld = tty_ldisc_ref(tty); 522 if (ld) { 523 if (ld->ops->write_wakeup) 524 ld->ops->write_wakeup(tty); 525 tty_ldisc_deref(ld); 526 } 527 } 528 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 529 } 530 531 EXPORT_SYMBOL_GPL(tty_wakeup); 532 533 /** 534 * __tty_hangup - actual handler for hangup events 535 * @work: tty device 536 * 537 * This can be called by the "eventd" kernel thread. That is process 538 * synchronous but doesn't hold any locks, so we need to make sure we 539 * have the appropriate locks for what we're doing. 540 * 541 * The hangup event clears any pending redirections onto the hung up 542 * device. It ensures future writes will error and it does the needed 543 * line discipline hangup and signal delivery. The tty object itself 544 * remains intact. 545 * 546 * Locking: 547 * BTM 548 * redirect lock for undoing redirection 549 * file list lock for manipulating list of ttys 550 * tty_ldisc_lock from called functions 551 * termios_mutex resetting termios data 552 * tasklist_lock to walk task list for hangup event 553 * ->siglock to protect ->signal/->sighand 554 */ 555 void __tty_hangup(struct tty_struct *tty) 556 { 557 struct file *cons_filp = NULL; 558 struct file *filp, *f = NULL; 559 struct task_struct *p; 560 struct tty_file_private *priv; 561 int closecount = 0, n; 562 unsigned long flags; 563 int refs = 0; 564 565 if (!tty) 566 return; 567 568 569 spin_lock(&redirect_lock); 570 if (redirect && file_tty(redirect) == tty) { 571 f = redirect; 572 redirect = NULL; 573 } 574 spin_unlock(&redirect_lock); 575 576 tty_lock(); 577 578 /* some functions below drop BTM, so we need this bit */ 579 set_bit(TTY_HUPPING, &tty->flags); 580 581 /* inuse_filps is protected by the single tty lock, 582 this really needs to change if we want to flush the 583 workqueue with the lock held */ 584 check_tty_count(tty, "tty_hangup"); 585 586 spin_lock(&tty_files_lock); 587 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 588 list_for_each_entry(priv, &tty->tty_files, list) { 589 filp = priv->file; 590 if (filp->f_op->write == redirected_tty_write) 591 cons_filp = filp; 592 if (filp->f_op->write != tty_write) 593 continue; 594 closecount++; 595 __tty_fasync(-1, filp, 0); /* can't block */ 596 filp->f_op = &hung_up_tty_fops; 597 } 598 spin_unlock(&tty_files_lock); 599 600 /* 601 * it drops BTM and thus races with reopen 602 * we protect the race by TTY_HUPPING 603 */ 604 tty_ldisc_hangup(tty); 605 606 read_lock(&tasklist_lock); 607 if (tty->session) { 608 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 609 spin_lock_irq(&p->sighand->siglock); 610 if (p->signal->tty == tty) { 611 p->signal->tty = NULL; 612 /* We defer the dereferences outside fo 613 the tasklist lock */ 614 refs++; 615 } 616 if (!p->signal->leader) { 617 spin_unlock_irq(&p->sighand->siglock); 618 continue; 619 } 620 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 621 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 622 put_pid(p->signal->tty_old_pgrp); /* A noop */ 623 spin_lock_irqsave(&tty->ctrl_lock, flags); 624 if (tty->pgrp) 625 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 626 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 627 spin_unlock_irq(&p->sighand->siglock); 628 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 629 } 630 read_unlock(&tasklist_lock); 631 632 spin_lock_irqsave(&tty->ctrl_lock, flags); 633 clear_bit(TTY_THROTTLED, &tty->flags); 634 clear_bit(TTY_PUSH, &tty->flags); 635 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 636 put_pid(tty->session); 637 put_pid(tty->pgrp); 638 tty->session = NULL; 639 tty->pgrp = NULL; 640 tty->ctrl_status = 0; 641 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 642 643 /* Account for the p->signal references we killed */ 644 while (refs--) 645 tty_kref_put(tty); 646 647 /* 648 * If one of the devices matches a console pointer, we 649 * cannot just call hangup() because that will cause 650 * tty->count and state->count to go out of sync. 651 * So we just call close() the right number of times. 652 */ 653 if (cons_filp) { 654 if (tty->ops->close) 655 for (n = 0; n < closecount; n++) 656 tty->ops->close(tty, cons_filp); 657 } else if (tty->ops->hangup) 658 (tty->ops->hangup)(tty); 659 /* 660 * We don't want to have driver/ldisc interactions beyond 661 * the ones we did here. The driver layer expects no 662 * calls after ->hangup() from the ldisc side. However we 663 * can't yet guarantee all that. 664 */ 665 set_bit(TTY_HUPPED, &tty->flags); 666 clear_bit(TTY_HUPPING, &tty->flags); 667 tty_ldisc_enable(tty); 668 669 tty_unlock(); 670 671 if (f) 672 fput(f); 673 } 674 675 static void do_tty_hangup(struct work_struct *work) 676 { 677 struct tty_struct *tty = 678 container_of(work, struct tty_struct, hangup_work); 679 680 __tty_hangup(tty); 681 } 682 683 /** 684 * tty_hangup - trigger a hangup event 685 * @tty: tty to hangup 686 * 687 * A carrier loss (virtual or otherwise) has occurred on this like 688 * schedule a hangup sequence to run after this event. 689 */ 690 691 void tty_hangup(struct tty_struct *tty) 692 { 693 #ifdef TTY_DEBUG_HANGUP 694 char buf[64]; 695 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 696 #endif 697 schedule_work(&tty->hangup_work); 698 } 699 700 EXPORT_SYMBOL(tty_hangup); 701 702 /** 703 * tty_vhangup - process vhangup 704 * @tty: tty to hangup 705 * 706 * The user has asked via system call for the terminal to be hung up. 707 * We do this synchronously so that when the syscall returns the process 708 * is complete. That guarantee is necessary for security reasons. 709 */ 710 711 void tty_vhangup(struct tty_struct *tty) 712 { 713 #ifdef TTY_DEBUG_HANGUP 714 char buf[64]; 715 716 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 717 #endif 718 __tty_hangup(tty); 719 } 720 721 EXPORT_SYMBOL(tty_vhangup); 722 723 724 /** 725 * tty_vhangup_self - process vhangup for own ctty 726 * 727 * Perform a vhangup on the current controlling tty 728 */ 729 730 void tty_vhangup_self(void) 731 { 732 struct tty_struct *tty; 733 734 tty = get_current_tty(); 735 if (tty) { 736 tty_vhangup(tty); 737 tty_kref_put(tty); 738 } 739 } 740 741 /** 742 * tty_hung_up_p - was tty hung up 743 * @filp: file pointer of tty 744 * 745 * Return true if the tty has been subject to a vhangup or a carrier 746 * loss 747 */ 748 749 int tty_hung_up_p(struct file *filp) 750 { 751 return (filp->f_op == &hung_up_tty_fops); 752 } 753 754 EXPORT_SYMBOL(tty_hung_up_p); 755 756 static void session_clear_tty(struct pid *session) 757 { 758 struct task_struct *p; 759 do_each_pid_task(session, PIDTYPE_SID, p) { 760 proc_clear_tty(p); 761 } while_each_pid_task(session, PIDTYPE_SID, p); 762 } 763 764 /** 765 * disassociate_ctty - disconnect controlling tty 766 * @on_exit: true if exiting so need to "hang up" the session 767 * 768 * This function is typically called only by the session leader, when 769 * it wants to disassociate itself from its controlling tty. 770 * 771 * It performs the following functions: 772 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 773 * (2) Clears the tty from being controlling the session 774 * (3) Clears the controlling tty for all processes in the 775 * session group. 776 * 777 * The argument on_exit is set to 1 if called when a process is 778 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 779 * 780 * Locking: 781 * BTM is taken for hysterical raisins, and held when 782 * called from no_tty(). 783 * tty_mutex is taken to protect tty 784 * ->siglock is taken to protect ->signal/->sighand 785 * tasklist_lock is taken to walk process list for sessions 786 * ->siglock is taken to protect ->signal/->sighand 787 */ 788 789 void disassociate_ctty(int on_exit) 790 { 791 struct tty_struct *tty; 792 793 if (!current->signal->leader) 794 return; 795 796 tty = get_current_tty(); 797 if (tty) { 798 struct pid *tty_pgrp = get_pid(tty->pgrp); 799 if (on_exit) { 800 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 801 tty_vhangup(tty); 802 } 803 tty_kref_put(tty); 804 if (tty_pgrp) { 805 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 806 if (!on_exit) 807 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 808 put_pid(tty_pgrp); 809 } 810 } else if (on_exit) { 811 struct pid *old_pgrp; 812 spin_lock_irq(¤t->sighand->siglock); 813 old_pgrp = current->signal->tty_old_pgrp; 814 current->signal->tty_old_pgrp = NULL; 815 spin_unlock_irq(¤t->sighand->siglock); 816 if (old_pgrp) { 817 kill_pgrp(old_pgrp, SIGHUP, on_exit); 818 kill_pgrp(old_pgrp, SIGCONT, on_exit); 819 put_pid(old_pgrp); 820 } 821 return; 822 } 823 824 spin_lock_irq(¤t->sighand->siglock); 825 put_pid(current->signal->tty_old_pgrp); 826 current->signal->tty_old_pgrp = NULL; 827 spin_unlock_irq(¤t->sighand->siglock); 828 829 tty = get_current_tty(); 830 if (tty) { 831 unsigned long flags; 832 spin_lock_irqsave(&tty->ctrl_lock, flags); 833 put_pid(tty->session); 834 put_pid(tty->pgrp); 835 tty->session = NULL; 836 tty->pgrp = NULL; 837 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 838 tty_kref_put(tty); 839 } else { 840 #ifdef TTY_DEBUG_HANGUP 841 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 842 " = NULL", tty); 843 #endif 844 } 845 846 /* Now clear signal->tty under the lock */ 847 read_lock(&tasklist_lock); 848 session_clear_tty(task_session(current)); 849 read_unlock(&tasklist_lock); 850 } 851 852 /** 853 * 854 * no_tty - Ensure the current process does not have a controlling tty 855 */ 856 void no_tty(void) 857 { 858 struct task_struct *tsk = current; 859 tty_lock(); 860 disassociate_ctty(0); 861 tty_unlock(); 862 proc_clear_tty(tsk); 863 } 864 865 866 /** 867 * stop_tty - propagate flow control 868 * @tty: tty to stop 869 * 870 * Perform flow control to the driver. For PTY/TTY pairs we 871 * must also propagate the TIOCKPKT status. May be called 872 * on an already stopped device and will not re-call the driver 873 * method. 874 * 875 * This functionality is used by both the line disciplines for 876 * halting incoming flow and by the driver. It may therefore be 877 * called from any context, may be under the tty atomic_write_lock 878 * but not always. 879 * 880 * Locking: 881 * Uses the tty control lock internally 882 */ 883 884 void stop_tty(struct tty_struct *tty) 885 { 886 unsigned long flags; 887 spin_lock_irqsave(&tty->ctrl_lock, flags); 888 if (tty->stopped) { 889 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 890 return; 891 } 892 tty->stopped = 1; 893 if (tty->link && tty->link->packet) { 894 tty->ctrl_status &= ~TIOCPKT_START; 895 tty->ctrl_status |= TIOCPKT_STOP; 896 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 897 } 898 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 899 if (tty->ops->stop) 900 (tty->ops->stop)(tty); 901 } 902 903 EXPORT_SYMBOL(stop_tty); 904 905 /** 906 * start_tty - propagate flow control 907 * @tty: tty to start 908 * 909 * Start a tty that has been stopped if at all possible. Perform 910 * any necessary wakeups and propagate the TIOCPKT status. If this 911 * is the tty was previous stopped and is being started then the 912 * driver start method is invoked and the line discipline woken. 913 * 914 * Locking: 915 * ctrl_lock 916 */ 917 918 void start_tty(struct tty_struct *tty) 919 { 920 unsigned long flags; 921 spin_lock_irqsave(&tty->ctrl_lock, flags); 922 if (!tty->stopped || tty->flow_stopped) { 923 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 924 return; 925 } 926 tty->stopped = 0; 927 if (tty->link && tty->link->packet) { 928 tty->ctrl_status &= ~TIOCPKT_STOP; 929 tty->ctrl_status |= TIOCPKT_START; 930 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 931 } 932 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 933 if (tty->ops->start) 934 (tty->ops->start)(tty); 935 /* If we have a running line discipline it may need kicking */ 936 tty_wakeup(tty); 937 } 938 939 EXPORT_SYMBOL(start_tty); 940 941 /** 942 * tty_read - read method for tty device files 943 * @file: pointer to tty file 944 * @buf: user buffer 945 * @count: size of user buffer 946 * @ppos: unused 947 * 948 * Perform the read system call function on this terminal device. Checks 949 * for hung up devices before calling the line discipline method. 950 * 951 * Locking: 952 * Locks the line discipline internally while needed. Multiple 953 * read calls may be outstanding in parallel. 954 */ 955 956 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 957 loff_t *ppos) 958 { 959 int i; 960 struct inode *inode = file->f_path.dentry->d_inode; 961 struct tty_struct *tty = file_tty(file); 962 struct tty_ldisc *ld; 963 964 if (tty_paranoia_check(tty, inode, "tty_read")) 965 return -EIO; 966 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 967 return -EIO; 968 969 /* We want to wait for the line discipline to sort out in this 970 situation */ 971 ld = tty_ldisc_ref_wait(tty); 972 if (ld->ops->read) 973 i = (ld->ops->read)(tty, file, buf, count); 974 else 975 i = -EIO; 976 tty_ldisc_deref(ld); 977 if (i > 0) 978 inode->i_atime = current_fs_time(inode->i_sb); 979 return i; 980 } 981 982 void tty_write_unlock(struct tty_struct *tty) 983 __releases(&tty->atomic_write_lock) 984 { 985 mutex_unlock(&tty->atomic_write_lock); 986 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 987 } 988 989 int tty_write_lock(struct tty_struct *tty, int ndelay) 990 __acquires(&tty->atomic_write_lock) 991 { 992 if (!mutex_trylock(&tty->atomic_write_lock)) { 993 if (ndelay) 994 return -EAGAIN; 995 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 996 return -ERESTARTSYS; 997 } 998 return 0; 999 } 1000 1001 /* 1002 * Split writes up in sane blocksizes to avoid 1003 * denial-of-service type attacks 1004 */ 1005 static inline ssize_t do_tty_write( 1006 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1007 struct tty_struct *tty, 1008 struct file *file, 1009 const char __user *buf, 1010 size_t count) 1011 { 1012 ssize_t ret, written = 0; 1013 unsigned int chunk; 1014 1015 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1016 if (ret < 0) 1017 return ret; 1018 1019 /* 1020 * We chunk up writes into a temporary buffer. This 1021 * simplifies low-level drivers immensely, since they 1022 * don't have locking issues and user mode accesses. 1023 * 1024 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1025 * big chunk-size.. 1026 * 1027 * The default chunk-size is 2kB, because the NTTY 1028 * layer has problems with bigger chunks. It will 1029 * claim to be able to handle more characters than 1030 * it actually does. 1031 * 1032 * FIXME: This can probably go away now except that 64K chunks 1033 * are too likely to fail unless switched to vmalloc... 1034 */ 1035 chunk = 2048; 1036 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1037 chunk = 65536; 1038 if (count < chunk) 1039 chunk = count; 1040 1041 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1042 if (tty->write_cnt < chunk) { 1043 unsigned char *buf_chunk; 1044 1045 if (chunk < 1024) 1046 chunk = 1024; 1047 1048 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1049 if (!buf_chunk) { 1050 ret = -ENOMEM; 1051 goto out; 1052 } 1053 kfree(tty->write_buf); 1054 tty->write_cnt = chunk; 1055 tty->write_buf = buf_chunk; 1056 } 1057 1058 /* Do the write .. */ 1059 for (;;) { 1060 size_t size = count; 1061 if (size > chunk) 1062 size = chunk; 1063 ret = -EFAULT; 1064 if (copy_from_user(tty->write_buf, buf, size)) 1065 break; 1066 ret = write(tty, file, tty->write_buf, size); 1067 if (ret <= 0) 1068 break; 1069 written += ret; 1070 buf += ret; 1071 count -= ret; 1072 if (!count) 1073 break; 1074 ret = -ERESTARTSYS; 1075 if (signal_pending(current)) 1076 break; 1077 cond_resched(); 1078 } 1079 if (written) { 1080 struct inode *inode = file->f_path.dentry->d_inode; 1081 inode->i_mtime = current_fs_time(inode->i_sb); 1082 ret = written; 1083 } 1084 out: 1085 tty_write_unlock(tty); 1086 return ret; 1087 } 1088 1089 /** 1090 * tty_write_message - write a message to a certain tty, not just the console. 1091 * @tty: the destination tty_struct 1092 * @msg: the message to write 1093 * 1094 * This is used for messages that need to be redirected to a specific tty. 1095 * We don't put it into the syslog queue right now maybe in the future if 1096 * really needed. 1097 * 1098 * We must still hold the BTM and test the CLOSING flag for the moment. 1099 */ 1100 1101 void tty_write_message(struct tty_struct *tty, char *msg) 1102 { 1103 if (tty) { 1104 mutex_lock(&tty->atomic_write_lock); 1105 tty_lock(); 1106 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1107 tty_unlock(); 1108 tty->ops->write(tty, msg, strlen(msg)); 1109 } else 1110 tty_unlock(); 1111 tty_write_unlock(tty); 1112 } 1113 return; 1114 } 1115 1116 1117 /** 1118 * tty_write - write method for tty device file 1119 * @file: tty file pointer 1120 * @buf: user data to write 1121 * @count: bytes to write 1122 * @ppos: unused 1123 * 1124 * Write data to a tty device via the line discipline. 1125 * 1126 * Locking: 1127 * Locks the line discipline as required 1128 * Writes to the tty driver are serialized by the atomic_write_lock 1129 * and are then processed in chunks to the device. The line discipline 1130 * write method will not be invoked in parallel for each device. 1131 */ 1132 1133 static ssize_t tty_write(struct file *file, const char __user *buf, 1134 size_t count, loff_t *ppos) 1135 { 1136 struct inode *inode = file->f_path.dentry->d_inode; 1137 struct tty_struct *tty = file_tty(file); 1138 struct tty_ldisc *ld; 1139 ssize_t ret; 1140 1141 if (tty_paranoia_check(tty, inode, "tty_write")) 1142 return -EIO; 1143 if (!tty || !tty->ops->write || 1144 (test_bit(TTY_IO_ERROR, &tty->flags))) 1145 return -EIO; 1146 /* Short term debug to catch buggy drivers */ 1147 if (tty->ops->write_room == NULL) 1148 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1149 tty->driver->name); 1150 ld = tty_ldisc_ref_wait(tty); 1151 if (!ld->ops->write) 1152 ret = -EIO; 1153 else 1154 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1155 tty_ldisc_deref(ld); 1156 return ret; 1157 } 1158 1159 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1160 size_t count, loff_t *ppos) 1161 { 1162 struct file *p = NULL; 1163 1164 spin_lock(&redirect_lock); 1165 if (redirect) { 1166 get_file(redirect); 1167 p = redirect; 1168 } 1169 spin_unlock(&redirect_lock); 1170 1171 if (p) { 1172 ssize_t res; 1173 res = vfs_write(p, buf, count, &p->f_pos); 1174 fput(p); 1175 return res; 1176 } 1177 return tty_write(file, buf, count, ppos); 1178 } 1179 1180 static char ptychar[] = "pqrstuvwxyzabcde"; 1181 1182 /** 1183 * pty_line_name - generate name for a pty 1184 * @driver: the tty driver in use 1185 * @index: the minor number 1186 * @p: output buffer of at least 6 bytes 1187 * 1188 * Generate a name from a driver reference and write it to the output 1189 * buffer. 1190 * 1191 * Locking: None 1192 */ 1193 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1194 { 1195 int i = index + driver->name_base; 1196 /* ->name is initialized to "ttyp", but "tty" is expected */ 1197 sprintf(p, "%s%c%x", 1198 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1199 ptychar[i >> 4 & 0xf], i & 0xf); 1200 } 1201 1202 /** 1203 * tty_line_name - generate name for a tty 1204 * @driver: the tty driver in use 1205 * @index: the minor number 1206 * @p: output buffer of at least 7 bytes 1207 * 1208 * Generate a name from a driver reference and write it to the output 1209 * buffer. 1210 * 1211 * Locking: None 1212 */ 1213 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1214 { 1215 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1216 } 1217 1218 /** 1219 * tty_driver_lookup_tty() - find an existing tty, if any 1220 * @driver: the driver for the tty 1221 * @idx: the minor number 1222 * 1223 * Return the tty, if found or ERR_PTR() otherwise. 1224 * 1225 * Locking: tty_mutex must be held. If tty is found, the mutex must 1226 * be held until the 'fast-open' is also done. Will change once we 1227 * have refcounting in the driver and per driver locking 1228 */ 1229 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1230 struct inode *inode, int idx) 1231 { 1232 if (driver->ops->lookup) 1233 return driver->ops->lookup(driver, inode, idx); 1234 1235 return driver->ttys[idx]; 1236 } 1237 1238 /** 1239 * tty_init_termios - helper for termios setup 1240 * @tty: the tty to set up 1241 * 1242 * Initialise the termios structures for this tty. Thus runs under 1243 * the tty_mutex currently so we can be relaxed about ordering. 1244 */ 1245 1246 int tty_init_termios(struct tty_struct *tty) 1247 { 1248 struct ktermios *tp; 1249 int idx = tty->index; 1250 1251 tp = tty->driver->termios[idx]; 1252 if (tp == NULL) { 1253 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1254 if (tp == NULL) 1255 return -ENOMEM; 1256 memcpy(tp, &tty->driver->init_termios, 1257 sizeof(struct ktermios)); 1258 tty->driver->termios[idx] = tp; 1259 } 1260 tty->termios = tp; 1261 tty->termios_locked = tp + 1; 1262 1263 /* Compatibility until drivers always set this */ 1264 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1265 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1266 return 0; 1267 } 1268 EXPORT_SYMBOL_GPL(tty_init_termios); 1269 1270 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1271 { 1272 int ret = tty_init_termios(tty); 1273 if (ret) 1274 return ret; 1275 1276 tty_driver_kref_get(driver); 1277 tty->count++; 1278 driver->ttys[tty->index] = tty; 1279 return 0; 1280 } 1281 EXPORT_SYMBOL_GPL(tty_standard_install); 1282 1283 /** 1284 * tty_driver_install_tty() - install a tty entry in the driver 1285 * @driver: the driver for the tty 1286 * @tty: the tty 1287 * 1288 * Install a tty object into the driver tables. The tty->index field 1289 * will be set by the time this is called. This method is responsible 1290 * for ensuring any need additional structures are allocated and 1291 * configured. 1292 * 1293 * Locking: tty_mutex for now 1294 */ 1295 static int tty_driver_install_tty(struct tty_driver *driver, 1296 struct tty_struct *tty) 1297 { 1298 return driver->ops->install ? driver->ops->install(driver, tty) : 1299 tty_standard_install(driver, tty); 1300 } 1301 1302 /** 1303 * tty_driver_remove_tty() - remove a tty from the driver tables 1304 * @driver: the driver for the tty 1305 * @idx: the minor number 1306 * 1307 * Remvoe a tty object from the driver tables. The tty->index field 1308 * will be set by the time this is called. 1309 * 1310 * Locking: tty_mutex for now 1311 */ 1312 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1313 { 1314 if (driver->ops->remove) 1315 driver->ops->remove(driver, tty); 1316 else 1317 driver->ttys[tty->index] = NULL; 1318 } 1319 1320 /* 1321 * tty_reopen() - fast re-open of an open tty 1322 * @tty - the tty to open 1323 * 1324 * Return 0 on success, -errno on error. 1325 * 1326 * Locking: tty_mutex must be held from the time the tty was found 1327 * till this open completes. 1328 */ 1329 static int tty_reopen(struct tty_struct *tty) 1330 { 1331 struct tty_driver *driver = tty->driver; 1332 1333 if (test_bit(TTY_CLOSING, &tty->flags) || 1334 test_bit(TTY_HUPPING, &tty->flags) || 1335 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1336 return -EIO; 1337 1338 if (driver->type == TTY_DRIVER_TYPE_PTY && 1339 driver->subtype == PTY_TYPE_MASTER) { 1340 /* 1341 * special case for PTY masters: only one open permitted, 1342 * and the slave side open count is incremented as well. 1343 */ 1344 if (tty->count) 1345 return -EIO; 1346 1347 tty->link->count++; 1348 } 1349 tty->count++; 1350 1351 mutex_lock(&tty->ldisc_mutex); 1352 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1353 mutex_unlock(&tty->ldisc_mutex); 1354 1355 return 0; 1356 } 1357 1358 /** 1359 * tty_init_dev - initialise a tty device 1360 * @driver: tty driver we are opening a device on 1361 * @idx: device index 1362 * @ret_tty: returned tty structure 1363 * 1364 * Prepare a tty device. This may not be a "new" clean device but 1365 * could also be an active device. The pty drivers require special 1366 * handling because of this. 1367 * 1368 * Locking: 1369 * The function is called under the tty_mutex, which 1370 * protects us from the tty struct or driver itself going away. 1371 * 1372 * On exit the tty device has the line discipline attached and 1373 * a reference count of 1. If a pair was created for pty/tty use 1374 * and the other was a pty master then it too has a reference count of 1. 1375 * 1376 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1377 * failed open. The new code protects the open with a mutex, so it's 1378 * really quite straightforward. The mutex locking can probably be 1379 * relaxed for the (most common) case of reopening a tty. 1380 */ 1381 1382 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1383 { 1384 struct tty_struct *tty; 1385 int retval; 1386 1387 /* 1388 * First time open is complex, especially for PTY devices. 1389 * This code guarantees that either everything succeeds and the 1390 * TTY is ready for operation, or else the table slots are vacated 1391 * and the allocated memory released. (Except that the termios 1392 * and locked termios may be retained.) 1393 */ 1394 1395 if (!try_module_get(driver->owner)) 1396 return ERR_PTR(-ENODEV); 1397 1398 tty = alloc_tty_struct(); 1399 if (!tty) { 1400 retval = -ENOMEM; 1401 goto err_module_put; 1402 } 1403 initialize_tty_struct(tty, driver, idx); 1404 1405 retval = tty_driver_install_tty(driver, tty); 1406 if (retval < 0) 1407 goto err_deinit_tty; 1408 1409 /* 1410 * Structures all installed ... call the ldisc open routines. 1411 * If we fail here just call release_tty to clean up. No need 1412 * to decrement the use counts, as release_tty doesn't care. 1413 */ 1414 retval = tty_ldisc_setup(tty, tty->link); 1415 if (retval) 1416 goto err_release_tty; 1417 return tty; 1418 1419 err_deinit_tty: 1420 deinitialize_tty_struct(tty); 1421 free_tty_struct(tty); 1422 err_module_put: 1423 module_put(driver->owner); 1424 return ERR_PTR(retval); 1425 1426 /* call the tty release_tty routine to clean out this slot */ 1427 err_release_tty: 1428 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1429 "clearing slot %d\n", idx); 1430 release_tty(tty, idx); 1431 return ERR_PTR(retval); 1432 } 1433 1434 void tty_free_termios(struct tty_struct *tty) 1435 { 1436 struct ktermios *tp; 1437 int idx = tty->index; 1438 /* Kill this flag and push into drivers for locking etc */ 1439 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1440 /* FIXME: Locking on ->termios array */ 1441 tp = tty->termios; 1442 tty->driver->termios[idx] = NULL; 1443 kfree(tp); 1444 } 1445 } 1446 EXPORT_SYMBOL(tty_free_termios); 1447 1448 void tty_shutdown(struct tty_struct *tty) 1449 { 1450 tty_driver_remove_tty(tty->driver, tty); 1451 tty_free_termios(tty); 1452 } 1453 EXPORT_SYMBOL(tty_shutdown); 1454 1455 /** 1456 * release_one_tty - release tty structure memory 1457 * @kref: kref of tty we are obliterating 1458 * 1459 * Releases memory associated with a tty structure, and clears out the 1460 * driver table slots. This function is called when a device is no longer 1461 * in use. It also gets called when setup of a device fails. 1462 * 1463 * Locking: 1464 * tty_mutex - sometimes only 1465 * takes the file list lock internally when working on the list 1466 * of ttys that the driver keeps. 1467 * 1468 * This method gets called from a work queue so that the driver private 1469 * cleanup ops can sleep (needed for USB at least) 1470 */ 1471 static void release_one_tty(struct work_struct *work) 1472 { 1473 struct tty_struct *tty = 1474 container_of(work, struct tty_struct, hangup_work); 1475 struct tty_driver *driver = tty->driver; 1476 1477 if (tty->ops->cleanup) 1478 tty->ops->cleanup(tty); 1479 1480 tty->magic = 0; 1481 tty_driver_kref_put(driver); 1482 module_put(driver->owner); 1483 1484 spin_lock(&tty_files_lock); 1485 list_del_init(&tty->tty_files); 1486 spin_unlock(&tty_files_lock); 1487 1488 put_pid(tty->pgrp); 1489 put_pid(tty->session); 1490 free_tty_struct(tty); 1491 } 1492 1493 static void queue_release_one_tty(struct kref *kref) 1494 { 1495 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1496 1497 if (tty->ops->shutdown) 1498 tty->ops->shutdown(tty); 1499 else 1500 tty_shutdown(tty); 1501 1502 /* The hangup queue is now free so we can reuse it rather than 1503 waste a chunk of memory for each port */ 1504 INIT_WORK(&tty->hangup_work, release_one_tty); 1505 schedule_work(&tty->hangup_work); 1506 } 1507 1508 /** 1509 * tty_kref_put - release a tty kref 1510 * @tty: tty device 1511 * 1512 * Release a reference to a tty device and if need be let the kref 1513 * layer destruct the object for us 1514 */ 1515 1516 void tty_kref_put(struct tty_struct *tty) 1517 { 1518 if (tty) 1519 kref_put(&tty->kref, queue_release_one_tty); 1520 } 1521 EXPORT_SYMBOL(tty_kref_put); 1522 1523 /** 1524 * release_tty - release tty structure memory 1525 * 1526 * Release both @tty and a possible linked partner (think pty pair), 1527 * and decrement the refcount of the backing module. 1528 * 1529 * Locking: 1530 * tty_mutex - sometimes only 1531 * takes the file list lock internally when working on the list 1532 * of ttys that the driver keeps. 1533 * FIXME: should we require tty_mutex is held here ?? 1534 * 1535 */ 1536 static void release_tty(struct tty_struct *tty, int idx) 1537 { 1538 /* This should always be true but check for the moment */ 1539 WARN_ON(tty->index != idx); 1540 1541 if (tty->link) 1542 tty_kref_put(tty->link); 1543 tty_kref_put(tty); 1544 } 1545 1546 /** 1547 * tty_release_checks - check a tty before real release 1548 * @tty: tty to check 1549 * @o_tty: link of @tty (if any) 1550 * @idx: index of the tty 1551 * 1552 * Performs some paranoid checking before true release of the @tty. 1553 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1554 */ 1555 static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty, 1556 int idx) 1557 { 1558 #ifdef TTY_PARANOIA_CHECK 1559 if (idx < 0 || idx >= tty->driver->num) { 1560 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n", 1561 __func__, tty->name); 1562 return -1; 1563 } 1564 1565 /* not much to check for devpts */ 1566 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1567 return 0; 1568 1569 if (tty != tty->driver->ttys[idx]) { 1570 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n", 1571 __func__, idx, tty->name); 1572 return -1; 1573 } 1574 if (tty->termios != tty->driver->termios[idx]) { 1575 printk(KERN_DEBUG "%s: driver.termios[%d] not termios for (%s)\n", 1576 __func__, idx, tty->name); 1577 return -1; 1578 } 1579 if (tty->driver->other) { 1580 if (o_tty != tty->driver->other->ttys[idx]) { 1581 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n", 1582 __func__, idx, tty->name); 1583 return -1; 1584 } 1585 if (o_tty->termios != tty->driver->other->termios[idx]) { 1586 printk(KERN_DEBUG "%s: other->termios[%d] not o_termios for (%s)\n", 1587 __func__, idx, tty->name); 1588 return -1; 1589 } 1590 if (o_tty->link != tty) { 1591 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__); 1592 return -1; 1593 } 1594 } 1595 #endif 1596 return 0; 1597 } 1598 1599 /** 1600 * tty_release - vfs callback for close 1601 * @inode: inode of tty 1602 * @filp: file pointer for handle to tty 1603 * 1604 * Called the last time each file handle is closed that references 1605 * this tty. There may however be several such references. 1606 * 1607 * Locking: 1608 * Takes bkl. See tty_release_dev 1609 * 1610 * Even releasing the tty structures is a tricky business.. We have 1611 * to be very careful that the structures are all released at the 1612 * same time, as interrupts might otherwise get the wrong pointers. 1613 * 1614 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1615 * lead to double frees or releasing memory still in use. 1616 */ 1617 1618 int tty_release(struct inode *inode, struct file *filp) 1619 { 1620 struct tty_struct *tty = file_tty(filp); 1621 struct tty_struct *o_tty; 1622 int pty_master, tty_closing, o_tty_closing, do_sleep; 1623 int devpts; 1624 int idx; 1625 char buf[64]; 1626 1627 if (tty_paranoia_check(tty, inode, __func__)) 1628 return 0; 1629 1630 tty_lock(); 1631 check_tty_count(tty, __func__); 1632 1633 __tty_fasync(-1, filp, 0); 1634 1635 idx = tty->index; 1636 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1637 tty->driver->subtype == PTY_TYPE_MASTER); 1638 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1639 o_tty = tty->link; 1640 1641 if (tty_release_checks(tty, o_tty, idx)) { 1642 tty_unlock(); 1643 return 0; 1644 } 1645 1646 #ifdef TTY_DEBUG_HANGUP 1647 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__, 1648 tty_name(tty, buf), tty->count); 1649 #endif 1650 1651 if (tty->ops->close) 1652 tty->ops->close(tty, filp); 1653 1654 tty_unlock(); 1655 /* 1656 * Sanity check: if tty->count is going to zero, there shouldn't be 1657 * any waiters on tty->read_wait or tty->write_wait. We test the 1658 * wait queues and kick everyone out _before_ actually starting to 1659 * close. This ensures that we won't block while releasing the tty 1660 * structure. 1661 * 1662 * The test for the o_tty closing is necessary, since the master and 1663 * slave sides may close in any order. If the slave side closes out 1664 * first, its count will be one, since the master side holds an open. 1665 * Thus this test wouldn't be triggered at the time the slave closes, 1666 * so we do it now. 1667 * 1668 * Note that it's possible for the tty to be opened again while we're 1669 * flushing out waiters. By recalculating the closing flags before 1670 * each iteration we avoid any problems. 1671 */ 1672 while (1) { 1673 /* Guard against races with tty->count changes elsewhere and 1674 opens on /dev/tty */ 1675 1676 mutex_lock(&tty_mutex); 1677 tty_lock(); 1678 tty_closing = tty->count <= 1; 1679 o_tty_closing = o_tty && 1680 (o_tty->count <= (pty_master ? 1 : 0)); 1681 do_sleep = 0; 1682 1683 if (tty_closing) { 1684 if (waitqueue_active(&tty->read_wait)) { 1685 wake_up_poll(&tty->read_wait, POLLIN); 1686 do_sleep++; 1687 } 1688 if (waitqueue_active(&tty->write_wait)) { 1689 wake_up_poll(&tty->write_wait, POLLOUT); 1690 do_sleep++; 1691 } 1692 } 1693 if (o_tty_closing) { 1694 if (waitqueue_active(&o_tty->read_wait)) { 1695 wake_up_poll(&o_tty->read_wait, POLLIN); 1696 do_sleep++; 1697 } 1698 if (waitqueue_active(&o_tty->write_wait)) { 1699 wake_up_poll(&o_tty->write_wait, POLLOUT); 1700 do_sleep++; 1701 } 1702 } 1703 if (!do_sleep) 1704 break; 1705 1706 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n", 1707 __func__, tty_name(tty, buf)); 1708 tty_unlock(); 1709 mutex_unlock(&tty_mutex); 1710 schedule(); 1711 } 1712 1713 /* 1714 * The closing flags are now consistent with the open counts on 1715 * both sides, and we've completed the last operation that could 1716 * block, so it's safe to proceed with closing. 1717 */ 1718 if (pty_master) { 1719 if (--o_tty->count < 0) { 1720 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n", 1721 __func__, o_tty->count, tty_name(o_tty, buf)); 1722 o_tty->count = 0; 1723 } 1724 } 1725 if (--tty->count < 0) { 1726 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n", 1727 __func__, tty->count, tty_name(tty, buf)); 1728 tty->count = 0; 1729 } 1730 1731 /* 1732 * We've decremented tty->count, so we need to remove this file 1733 * descriptor off the tty->tty_files list; this serves two 1734 * purposes: 1735 * - check_tty_count sees the correct number of file descriptors 1736 * associated with this tty. 1737 * - do_tty_hangup no longer sees this file descriptor as 1738 * something that needs to be handled for hangups. 1739 */ 1740 tty_del_file(filp); 1741 1742 /* 1743 * Perform some housekeeping before deciding whether to return. 1744 * 1745 * Set the TTY_CLOSING flag if this was the last open. In the 1746 * case of a pty we may have to wait around for the other side 1747 * to close, and TTY_CLOSING makes sure we can't be reopened. 1748 */ 1749 if (tty_closing) 1750 set_bit(TTY_CLOSING, &tty->flags); 1751 if (o_tty_closing) 1752 set_bit(TTY_CLOSING, &o_tty->flags); 1753 1754 /* 1755 * If _either_ side is closing, make sure there aren't any 1756 * processes that still think tty or o_tty is their controlling 1757 * tty. 1758 */ 1759 if (tty_closing || o_tty_closing) { 1760 read_lock(&tasklist_lock); 1761 session_clear_tty(tty->session); 1762 if (o_tty) 1763 session_clear_tty(o_tty->session); 1764 read_unlock(&tasklist_lock); 1765 } 1766 1767 mutex_unlock(&tty_mutex); 1768 1769 /* check whether both sides are closing ... */ 1770 if (!tty_closing || (o_tty && !o_tty_closing)) { 1771 tty_unlock(); 1772 return 0; 1773 } 1774 1775 #ifdef TTY_DEBUG_HANGUP 1776 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__); 1777 #endif 1778 /* 1779 * Ask the line discipline code to release its structures 1780 */ 1781 tty_ldisc_release(tty, o_tty); 1782 /* 1783 * The release_tty function takes care of the details of clearing 1784 * the slots and preserving the termios structure. 1785 */ 1786 release_tty(tty, idx); 1787 1788 /* Make this pty number available for reallocation */ 1789 if (devpts) 1790 devpts_kill_index(inode, idx); 1791 tty_unlock(); 1792 return 0; 1793 } 1794 1795 /** 1796 * tty_open_current_tty - get tty of current task for open 1797 * @device: device number 1798 * @filp: file pointer to tty 1799 * @return: tty of the current task iff @device is /dev/tty 1800 * 1801 * We cannot return driver and index like for the other nodes because 1802 * devpts will not work then. It expects inodes to be from devpts FS. 1803 */ 1804 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1805 { 1806 struct tty_struct *tty; 1807 1808 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1809 return NULL; 1810 1811 tty = get_current_tty(); 1812 if (!tty) 1813 return ERR_PTR(-ENXIO); 1814 1815 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1816 /* noctty = 1; */ 1817 tty_kref_put(tty); 1818 /* FIXME: we put a reference and return a TTY! */ 1819 return tty; 1820 } 1821 1822 /** 1823 * tty_lookup_driver - lookup a tty driver for a given device file 1824 * @device: device number 1825 * @filp: file pointer to tty 1826 * @noctty: set if the device should not become a controlling tty 1827 * @index: index for the device in the @return driver 1828 * @return: driver for this inode (with increased refcount) 1829 * 1830 * If @return is not erroneous, the caller is responsible to decrement the 1831 * refcount by tty_driver_kref_put. 1832 * 1833 * Locking: tty_mutex protects get_tty_driver 1834 */ 1835 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1836 int *noctty, int *index) 1837 { 1838 struct tty_driver *driver; 1839 1840 switch (device) { 1841 #ifdef CONFIG_VT 1842 case MKDEV(TTY_MAJOR, 0): { 1843 extern struct tty_driver *console_driver; 1844 driver = tty_driver_kref_get(console_driver); 1845 *index = fg_console; 1846 *noctty = 1; 1847 break; 1848 } 1849 #endif 1850 case MKDEV(TTYAUX_MAJOR, 1): { 1851 struct tty_driver *console_driver = console_device(index); 1852 if (console_driver) { 1853 driver = tty_driver_kref_get(console_driver); 1854 if (driver) { 1855 /* Don't let /dev/console block */ 1856 filp->f_flags |= O_NONBLOCK; 1857 *noctty = 1; 1858 break; 1859 } 1860 } 1861 return ERR_PTR(-ENODEV); 1862 } 1863 default: 1864 driver = get_tty_driver(device, index); 1865 if (!driver) 1866 return ERR_PTR(-ENODEV); 1867 break; 1868 } 1869 return driver; 1870 } 1871 1872 /** 1873 * tty_open - open a tty device 1874 * @inode: inode of device file 1875 * @filp: file pointer to tty 1876 * 1877 * tty_open and tty_release keep up the tty count that contains the 1878 * number of opens done on a tty. We cannot use the inode-count, as 1879 * different inodes might point to the same tty. 1880 * 1881 * Open-counting is needed for pty masters, as well as for keeping 1882 * track of serial lines: DTR is dropped when the last close happens. 1883 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1884 * 1885 * The termios state of a pty is reset on first open so that 1886 * settings don't persist across reuse. 1887 * 1888 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 1889 * tty->count should protect the rest. 1890 * ->siglock protects ->signal/->sighand 1891 */ 1892 1893 static int tty_open(struct inode *inode, struct file *filp) 1894 { 1895 struct tty_struct *tty; 1896 int noctty, retval; 1897 struct tty_driver *driver = NULL; 1898 int index; 1899 dev_t device = inode->i_rdev; 1900 unsigned saved_flags = filp->f_flags; 1901 1902 nonseekable_open(inode, filp); 1903 1904 retry_open: 1905 retval = tty_alloc_file(filp); 1906 if (retval) 1907 return -ENOMEM; 1908 1909 noctty = filp->f_flags & O_NOCTTY; 1910 index = -1; 1911 retval = 0; 1912 1913 mutex_lock(&tty_mutex); 1914 tty_lock(); 1915 1916 tty = tty_open_current_tty(device, filp); 1917 if (IS_ERR(tty)) { 1918 retval = PTR_ERR(tty); 1919 goto err_unlock; 1920 } else if (!tty) { 1921 driver = tty_lookup_driver(device, filp, &noctty, &index); 1922 if (IS_ERR(driver)) { 1923 retval = PTR_ERR(driver); 1924 goto err_unlock; 1925 } 1926 1927 /* check whether we're reopening an existing tty */ 1928 tty = tty_driver_lookup_tty(driver, inode, index); 1929 if (IS_ERR(tty)) { 1930 retval = PTR_ERR(tty); 1931 goto err_unlock; 1932 } 1933 } 1934 1935 if (tty) { 1936 retval = tty_reopen(tty); 1937 if (retval) 1938 tty = ERR_PTR(retval); 1939 } else 1940 tty = tty_init_dev(driver, index); 1941 1942 mutex_unlock(&tty_mutex); 1943 if (driver) 1944 tty_driver_kref_put(driver); 1945 if (IS_ERR(tty)) { 1946 tty_unlock(); 1947 retval = PTR_ERR(tty); 1948 goto err_file; 1949 } 1950 1951 tty_add_file(tty, filp); 1952 1953 check_tty_count(tty, __func__); 1954 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1955 tty->driver->subtype == PTY_TYPE_MASTER) 1956 noctty = 1; 1957 #ifdef TTY_DEBUG_HANGUP 1958 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name); 1959 #endif 1960 if (tty->ops->open) 1961 retval = tty->ops->open(tty, filp); 1962 else 1963 retval = -ENODEV; 1964 filp->f_flags = saved_flags; 1965 1966 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1967 !capable(CAP_SYS_ADMIN)) 1968 retval = -EBUSY; 1969 1970 if (retval) { 1971 #ifdef TTY_DEBUG_HANGUP 1972 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__, 1973 retval, tty->name); 1974 #endif 1975 tty_unlock(); /* need to call tty_release without BTM */ 1976 tty_release(inode, filp); 1977 if (retval != -ERESTARTSYS) 1978 return retval; 1979 1980 if (signal_pending(current)) 1981 return retval; 1982 1983 schedule(); 1984 /* 1985 * Need to reset f_op in case a hangup happened. 1986 */ 1987 tty_lock(); 1988 if (filp->f_op == &hung_up_tty_fops) 1989 filp->f_op = &tty_fops; 1990 tty_unlock(); 1991 goto retry_open; 1992 } 1993 tty_unlock(); 1994 1995 1996 mutex_lock(&tty_mutex); 1997 tty_lock(); 1998 spin_lock_irq(¤t->sighand->siglock); 1999 if (!noctty && 2000 current->signal->leader && 2001 !current->signal->tty && 2002 tty->session == NULL) 2003 __proc_set_tty(current, tty); 2004 spin_unlock_irq(¤t->sighand->siglock); 2005 tty_unlock(); 2006 mutex_unlock(&tty_mutex); 2007 return 0; 2008 err_unlock: 2009 tty_unlock(); 2010 mutex_unlock(&tty_mutex); 2011 /* after locks to avoid deadlock */ 2012 if (!IS_ERR_OR_NULL(driver)) 2013 tty_driver_kref_put(driver); 2014 err_file: 2015 tty_free_file(filp); 2016 return retval; 2017 } 2018 2019 2020 2021 /** 2022 * tty_poll - check tty status 2023 * @filp: file being polled 2024 * @wait: poll wait structures to update 2025 * 2026 * Call the line discipline polling method to obtain the poll 2027 * status of the device. 2028 * 2029 * Locking: locks called line discipline but ldisc poll method 2030 * may be re-entered freely by other callers. 2031 */ 2032 2033 static unsigned int tty_poll(struct file *filp, poll_table *wait) 2034 { 2035 struct tty_struct *tty = file_tty(filp); 2036 struct tty_ldisc *ld; 2037 int ret = 0; 2038 2039 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 2040 return 0; 2041 2042 ld = tty_ldisc_ref_wait(tty); 2043 if (ld->ops->poll) 2044 ret = (ld->ops->poll)(tty, filp, wait); 2045 tty_ldisc_deref(ld); 2046 return ret; 2047 } 2048 2049 static int __tty_fasync(int fd, struct file *filp, int on) 2050 { 2051 struct tty_struct *tty = file_tty(filp); 2052 unsigned long flags; 2053 int retval = 0; 2054 2055 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 2056 goto out; 2057 2058 retval = fasync_helper(fd, filp, on, &tty->fasync); 2059 if (retval <= 0) 2060 goto out; 2061 2062 if (on) { 2063 enum pid_type type; 2064 struct pid *pid; 2065 if (!waitqueue_active(&tty->read_wait)) 2066 tty->minimum_to_wake = 1; 2067 spin_lock_irqsave(&tty->ctrl_lock, flags); 2068 if (tty->pgrp) { 2069 pid = tty->pgrp; 2070 type = PIDTYPE_PGID; 2071 } else { 2072 pid = task_pid(current); 2073 type = PIDTYPE_PID; 2074 } 2075 get_pid(pid); 2076 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2077 retval = __f_setown(filp, pid, type, 0); 2078 put_pid(pid); 2079 if (retval) 2080 goto out; 2081 } else { 2082 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2083 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2084 } 2085 retval = 0; 2086 out: 2087 return retval; 2088 } 2089 2090 static int tty_fasync(int fd, struct file *filp, int on) 2091 { 2092 int retval; 2093 tty_lock(); 2094 retval = __tty_fasync(fd, filp, on); 2095 tty_unlock(); 2096 return retval; 2097 } 2098 2099 /** 2100 * tiocsti - fake input character 2101 * @tty: tty to fake input into 2102 * @p: pointer to character 2103 * 2104 * Fake input to a tty device. Does the necessary locking and 2105 * input management. 2106 * 2107 * FIXME: does not honour flow control ?? 2108 * 2109 * Locking: 2110 * Called functions take tty_ldisc_lock 2111 * current->signal->tty check is safe without locks 2112 * 2113 * FIXME: may race normal receive processing 2114 */ 2115 2116 static int tiocsti(struct tty_struct *tty, char __user *p) 2117 { 2118 char ch, mbz = 0; 2119 struct tty_ldisc *ld; 2120 2121 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2122 return -EPERM; 2123 if (get_user(ch, p)) 2124 return -EFAULT; 2125 tty_audit_tiocsti(tty, ch); 2126 ld = tty_ldisc_ref_wait(tty); 2127 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2128 tty_ldisc_deref(ld); 2129 return 0; 2130 } 2131 2132 /** 2133 * tiocgwinsz - implement window query ioctl 2134 * @tty; tty 2135 * @arg: user buffer for result 2136 * 2137 * Copies the kernel idea of the window size into the user buffer. 2138 * 2139 * Locking: tty->termios_mutex is taken to ensure the winsize data 2140 * is consistent. 2141 */ 2142 2143 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2144 { 2145 int err; 2146 2147 mutex_lock(&tty->termios_mutex); 2148 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2149 mutex_unlock(&tty->termios_mutex); 2150 2151 return err ? -EFAULT: 0; 2152 } 2153 2154 /** 2155 * tty_do_resize - resize event 2156 * @tty: tty being resized 2157 * @rows: rows (character) 2158 * @cols: cols (character) 2159 * 2160 * Update the termios variables and send the necessary signals to 2161 * peform a terminal resize correctly 2162 */ 2163 2164 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2165 { 2166 struct pid *pgrp; 2167 unsigned long flags; 2168 2169 /* Lock the tty */ 2170 mutex_lock(&tty->termios_mutex); 2171 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2172 goto done; 2173 /* Get the PID values and reference them so we can 2174 avoid holding the tty ctrl lock while sending signals */ 2175 spin_lock_irqsave(&tty->ctrl_lock, flags); 2176 pgrp = get_pid(tty->pgrp); 2177 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2178 2179 if (pgrp) 2180 kill_pgrp(pgrp, SIGWINCH, 1); 2181 put_pid(pgrp); 2182 2183 tty->winsize = *ws; 2184 done: 2185 mutex_unlock(&tty->termios_mutex); 2186 return 0; 2187 } 2188 2189 /** 2190 * tiocswinsz - implement window size set ioctl 2191 * @tty; tty side of tty 2192 * @arg: user buffer for result 2193 * 2194 * Copies the user idea of the window size to the kernel. Traditionally 2195 * this is just advisory information but for the Linux console it 2196 * actually has driver level meaning and triggers a VC resize. 2197 * 2198 * Locking: 2199 * Driver dependent. The default do_resize method takes the 2200 * tty termios mutex and ctrl_lock. The console takes its own lock 2201 * then calls into the default method. 2202 */ 2203 2204 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2205 { 2206 struct winsize tmp_ws; 2207 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2208 return -EFAULT; 2209 2210 if (tty->ops->resize) 2211 return tty->ops->resize(tty, &tmp_ws); 2212 else 2213 return tty_do_resize(tty, &tmp_ws); 2214 } 2215 2216 /** 2217 * tioccons - allow admin to move logical console 2218 * @file: the file to become console 2219 * 2220 * Allow the administrator to move the redirected console device 2221 * 2222 * Locking: uses redirect_lock to guard the redirect information 2223 */ 2224 2225 static int tioccons(struct file *file) 2226 { 2227 if (!capable(CAP_SYS_ADMIN)) 2228 return -EPERM; 2229 if (file->f_op->write == redirected_tty_write) { 2230 struct file *f; 2231 spin_lock(&redirect_lock); 2232 f = redirect; 2233 redirect = NULL; 2234 spin_unlock(&redirect_lock); 2235 if (f) 2236 fput(f); 2237 return 0; 2238 } 2239 spin_lock(&redirect_lock); 2240 if (redirect) { 2241 spin_unlock(&redirect_lock); 2242 return -EBUSY; 2243 } 2244 get_file(file); 2245 redirect = file; 2246 spin_unlock(&redirect_lock); 2247 return 0; 2248 } 2249 2250 /** 2251 * fionbio - non blocking ioctl 2252 * @file: file to set blocking value 2253 * @p: user parameter 2254 * 2255 * Historical tty interfaces had a blocking control ioctl before 2256 * the generic functionality existed. This piece of history is preserved 2257 * in the expected tty API of posix OS's. 2258 * 2259 * Locking: none, the open file handle ensures it won't go away. 2260 */ 2261 2262 static int fionbio(struct file *file, int __user *p) 2263 { 2264 int nonblock; 2265 2266 if (get_user(nonblock, p)) 2267 return -EFAULT; 2268 2269 spin_lock(&file->f_lock); 2270 if (nonblock) 2271 file->f_flags |= O_NONBLOCK; 2272 else 2273 file->f_flags &= ~O_NONBLOCK; 2274 spin_unlock(&file->f_lock); 2275 return 0; 2276 } 2277 2278 /** 2279 * tiocsctty - set controlling tty 2280 * @tty: tty structure 2281 * @arg: user argument 2282 * 2283 * This ioctl is used to manage job control. It permits a session 2284 * leader to set this tty as the controlling tty for the session. 2285 * 2286 * Locking: 2287 * Takes tty_mutex() to protect tty instance 2288 * Takes tasklist_lock internally to walk sessions 2289 * Takes ->siglock() when updating signal->tty 2290 */ 2291 2292 static int tiocsctty(struct tty_struct *tty, int arg) 2293 { 2294 int ret = 0; 2295 if (current->signal->leader && (task_session(current) == tty->session)) 2296 return ret; 2297 2298 mutex_lock(&tty_mutex); 2299 /* 2300 * The process must be a session leader and 2301 * not have a controlling tty already. 2302 */ 2303 if (!current->signal->leader || current->signal->tty) { 2304 ret = -EPERM; 2305 goto unlock; 2306 } 2307 2308 if (tty->session) { 2309 /* 2310 * This tty is already the controlling 2311 * tty for another session group! 2312 */ 2313 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2314 /* 2315 * Steal it away 2316 */ 2317 read_lock(&tasklist_lock); 2318 session_clear_tty(tty->session); 2319 read_unlock(&tasklist_lock); 2320 } else { 2321 ret = -EPERM; 2322 goto unlock; 2323 } 2324 } 2325 proc_set_tty(current, tty); 2326 unlock: 2327 mutex_unlock(&tty_mutex); 2328 return ret; 2329 } 2330 2331 /** 2332 * tty_get_pgrp - return a ref counted pgrp pid 2333 * @tty: tty to read 2334 * 2335 * Returns a refcounted instance of the pid struct for the process 2336 * group controlling the tty. 2337 */ 2338 2339 struct pid *tty_get_pgrp(struct tty_struct *tty) 2340 { 2341 unsigned long flags; 2342 struct pid *pgrp; 2343 2344 spin_lock_irqsave(&tty->ctrl_lock, flags); 2345 pgrp = get_pid(tty->pgrp); 2346 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2347 2348 return pgrp; 2349 } 2350 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2351 2352 /** 2353 * tiocgpgrp - get process group 2354 * @tty: tty passed by user 2355 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2356 * @p: returned pid 2357 * 2358 * Obtain the process group of the tty. If there is no process group 2359 * return an error. 2360 * 2361 * Locking: none. Reference to current->signal->tty is safe. 2362 */ 2363 2364 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2365 { 2366 struct pid *pid; 2367 int ret; 2368 /* 2369 * (tty == real_tty) is a cheap way of 2370 * testing if the tty is NOT a master pty. 2371 */ 2372 if (tty == real_tty && current->signal->tty != real_tty) 2373 return -ENOTTY; 2374 pid = tty_get_pgrp(real_tty); 2375 ret = put_user(pid_vnr(pid), p); 2376 put_pid(pid); 2377 return ret; 2378 } 2379 2380 /** 2381 * tiocspgrp - attempt to set process group 2382 * @tty: tty passed by user 2383 * @real_tty: tty side device matching tty passed by user 2384 * @p: pid pointer 2385 * 2386 * Set the process group of the tty to the session passed. Only 2387 * permitted where the tty session is our session. 2388 * 2389 * Locking: RCU, ctrl lock 2390 */ 2391 2392 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2393 { 2394 struct pid *pgrp; 2395 pid_t pgrp_nr; 2396 int retval = tty_check_change(real_tty); 2397 unsigned long flags; 2398 2399 if (retval == -EIO) 2400 return -ENOTTY; 2401 if (retval) 2402 return retval; 2403 if (!current->signal->tty || 2404 (current->signal->tty != real_tty) || 2405 (real_tty->session != task_session(current))) 2406 return -ENOTTY; 2407 if (get_user(pgrp_nr, p)) 2408 return -EFAULT; 2409 if (pgrp_nr < 0) 2410 return -EINVAL; 2411 rcu_read_lock(); 2412 pgrp = find_vpid(pgrp_nr); 2413 retval = -ESRCH; 2414 if (!pgrp) 2415 goto out_unlock; 2416 retval = -EPERM; 2417 if (session_of_pgrp(pgrp) != task_session(current)) 2418 goto out_unlock; 2419 retval = 0; 2420 spin_lock_irqsave(&tty->ctrl_lock, flags); 2421 put_pid(real_tty->pgrp); 2422 real_tty->pgrp = get_pid(pgrp); 2423 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2424 out_unlock: 2425 rcu_read_unlock(); 2426 return retval; 2427 } 2428 2429 /** 2430 * tiocgsid - get session id 2431 * @tty: tty passed by user 2432 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2433 * @p: pointer to returned session id 2434 * 2435 * Obtain the session id of the tty. If there is no session 2436 * return an error. 2437 * 2438 * Locking: none. Reference to current->signal->tty is safe. 2439 */ 2440 2441 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2442 { 2443 /* 2444 * (tty == real_tty) is a cheap way of 2445 * testing if the tty is NOT a master pty. 2446 */ 2447 if (tty == real_tty && current->signal->tty != real_tty) 2448 return -ENOTTY; 2449 if (!real_tty->session) 2450 return -ENOTTY; 2451 return put_user(pid_vnr(real_tty->session), p); 2452 } 2453 2454 /** 2455 * tiocsetd - set line discipline 2456 * @tty: tty device 2457 * @p: pointer to user data 2458 * 2459 * Set the line discipline according to user request. 2460 * 2461 * Locking: see tty_set_ldisc, this function is just a helper 2462 */ 2463 2464 static int tiocsetd(struct tty_struct *tty, int __user *p) 2465 { 2466 int ldisc; 2467 int ret; 2468 2469 if (get_user(ldisc, p)) 2470 return -EFAULT; 2471 2472 ret = tty_set_ldisc(tty, ldisc); 2473 2474 return ret; 2475 } 2476 2477 /** 2478 * send_break - performed time break 2479 * @tty: device to break on 2480 * @duration: timeout in mS 2481 * 2482 * Perform a timed break on hardware that lacks its own driver level 2483 * timed break functionality. 2484 * 2485 * Locking: 2486 * atomic_write_lock serializes 2487 * 2488 */ 2489 2490 static int send_break(struct tty_struct *tty, unsigned int duration) 2491 { 2492 int retval; 2493 2494 if (tty->ops->break_ctl == NULL) 2495 return 0; 2496 2497 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2498 retval = tty->ops->break_ctl(tty, duration); 2499 else { 2500 /* Do the work ourselves */ 2501 if (tty_write_lock(tty, 0) < 0) 2502 return -EINTR; 2503 retval = tty->ops->break_ctl(tty, -1); 2504 if (retval) 2505 goto out; 2506 if (!signal_pending(current)) 2507 msleep_interruptible(duration); 2508 retval = tty->ops->break_ctl(tty, 0); 2509 out: 2510 tty_write_unlock(tty); 2511 if (signal_pending(current)) 2512 retval = -EINTR; 2513 } 2514 return retval; 2515 } 2516 2517 /** 2518 * tty_tiocmget - get modem status 2519 * @tty: tty device 2520 * @file: user file pointer 2521 * @p: pointer to result 2522 * 2523 * Obtain the modem status bits from the tty driver if the feature 2524 * is supported. Return -EINVAL if it is not available. 2525 * 2526 * Locking: none (up to the driver) 2527 */ 2528 2529 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2530 { 2531 int retval = -EINVAL; 2532 2533 if (tty->ops->tiocmget) { 2534 retval = tty->ops->tiocmget(tty); 2535 2536 if (retval >= 0) 2537 retval = put_user(retval, p); 2538 } 2539 return retval; 2540 } 2541 2542 /** 2543 * tty_tiocmset - set modem status 2544 * @tty: tty device 2545 * @cmd: command - clear bits, set bits or set all 2546 * @p: pointer to desired bits 2547 * 2548 * Set the modem status bits from the tty driver if the feature 2549 * is supported. Return -EINVAL if it is not available. 2550 * 2551 * Locking: none (up to the driver) 2552 */ 2553 2554 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2555 unsigned __user *p) 2556 { 2557 int retval; 2558 unsigned int set, clear, val; 2559 2560 if (tty->ops->tiocmset == NULL) 2561 return -EINVAL; 2562 2563 retval = get_user(val, p); 2564 if (retval) 2565 return retval; 2566 set = clear = 0; 2567 switch (cmd) { 2568 case TIOCMBIS: 2569 set = val; 2570 break; 2571 case TIOCMBIC: 2572 clear = val; 2573 break; 2574 case TIOCMSET: 2575 set = val; 2576 clear = ~val; 2577 break; 2578 } 2579 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2580 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2581 return tty->ops->tiocmset(tty, set, clear); 2582 } 2583 2584 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2585 { 2586 int retval = -EINVAL; 2587 struct serial_icounter_struct icount; 2588 memset(&icount, 0, sizeof(icount)); 2589 if (tty->ops->get_icount) 2590 retval = tty->ops->get_icount(tty, &icount); 2591 if (retval != 0) 2592 return retval; 2593 if (copy_to_user(arg, &icount, sizeof(icount))) 2594 return -EFAULT; 2595 return 0; 2596 } 2597 2598 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2599 { 2600 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2601 tty->driver->subtype == PTY_TYPE_MASTER) 2602 tty = tty->link; 2603 return tty; 2604 } 2605 EXPORT_SYMBOL(tty_pair_get_tty); 2606 2607 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2608 { 2609 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2610 tty->driver->subtype == PTY_TYPE_MASTER) 2611 return tty; 2612 return tty->link; 2613 } 2614 EXPORT_SYMBOL(tty_pair_get_pty); 2615 2616 /* 2617 * Split this up, as gcc can choke on it otherwise.. 2618 */ 2619 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2620 { 2621 struct tty_struct *tty = file_tty(file); 2622 struct tty_struct *real_tty; 2623 void __user *p = (void __user *)arg; 2624 int retval; 2625 struct tty_ldisc *ld; 2626 struct inode *inode = file->f_dentry->d_inode; 2627 2628 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2629 return -EINVAL; 2630 2631 real_tty = tty_pair_get_tty(tty); 2632 2633 /* 2634 * Factor out some common prep work 2635 */ 2636 switch (cmd) { 2637 case TIOCSETD: 2638 case TIOCSBRK: 2639 case TIOCCBRK: 2640 case TCSBRK: 2641 case TCSBRKP: 2642 retval = tty_check_change(tty); 2643 if (retval) 2644 return retval; 2645 if (cmd != TIOCCBRK) { 2646 tty_wait_until_sent(tty, 0); 2647 if (signal_pending(current)) 2648 return -EINTR; 2649 } 2650 break; 2651 } 2652 2653 /* 2654 * Now do the stuff. 2655 */ 2656 switch (cmd) { 2657 case TIOCSTI: 2658 return tiocsti(tty, p); 2659 case TIOCGWINSZ: 2660 return tiocgwinsz(real_tty, p); 2661 case TIOCSWINSZ: 2662 return tiocswinsz(real_tty, p); 2663 case TIOCCONS: 2664 return real_tty != tty ? -EINVAL : tioccons(file); 2665 case FIONBIO: 2666 return fionbio(file, p); 2667 case TIOCEXCL: 2668 set_bit(TTY_EXCLUSIVE, &tty->flags); 2669 return 0; 2670 case TIOCNXCL: 2671 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2672 return 0; 2673 case TIOCNOTTY: 2674 if (current->signal->tty != tty) 2675 return -ENOTTY; 2676 no_tty(); 2677 return 0; 2678 case TIOCSCTTY: 2679 return tiocsctty(tty, arg); 2680 case TIOCGPGRP: 2681 return tiocgpgrp(tty, real_tty, p); 2682 case TIOCSPGRP: 2683 return tiocspgrp(tty, real_tty, p); 2684 case TIOCGSID: 2685 return tiocgsid(tty, real_tty, p); 2686 case TIOCGETD: 2687 return put_user(tty->ldisc->ops->num, (int __user *)p); 2688 case TIOCSETD: 2689 return tiocsetd(tty, p); 2690 case TIOCVHANGUP: 2691 if (!capable(CAP_SYS_ADMIN)) 2692 return -EPERM; 2693 tty_vhangup(tty); 2694 return 0; 2695 case TIOCGDEV: 2696 { 2697 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2698 return put_user(ret, (unsigned int __user *)p); 2699 } 2700 /* 2701 * Break handling 2702 */ 2703 case TIOCSBRK: /* Turn break on, unconditionally */ 2704 if (tty->ops->break_ctl) 2705 return tty->ops->break_ctl(tty, -1); 2706 return 0; 2707 case TIOCCBRK: /* Turn break off, unconditionally */ 2708 if (tty->ops->break_ctl) 2709 return tty->ops->break_ctl(tty, 0); 2710 return 0; 2711 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2712 /* non-zero arg means wait for all output data 2713 * to be sent (performed above) but don't send break. 2714 * This is used by the tcdrain() termios function. 2715 */ 2716 if (!arg) 2717 return send_break(tty, 250); 2718 return 0; 2719 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2720 return send_break(tty, arg ? arg*100 : 250); 2721 2722 case TIOCMGET: 2723 return tty_tiocmget(tty, p); 2724 case TIOCMSET: 2725 case TIOCMBIC: 2726 case TIOCMBIS: 2727 return tty_tiocmset(tty, cmd, p); 2728 case TIOCGICOUNT: 2729 retval = tty_tiocgicount(tty, p); 2730 /* For the moment allow fall through to the old method */ 2731 if (retval != -EINVAL) 2732 return retval; 2733 break; 2734 case TCFLSH: 2735 switch (arg) { 2736 case TCIFLUSH: 2737 case TCIOFLUSH: 2738 /* flush tty buffer and allow ldisc to process ioctl */ 2739 tty_buffer_flush(tty); 2740 break; 2741 } 2742 break; 2743 } 2744 if (tty->ops->ioctl) { 2745 retval = (tty->ops->ioctl)(tty, cmd, arg); 2746 if (retval != -ENOIOCTLCMD) 2747 return retval; 2748 } 2749 ld = tty_ldisc_ref_wait(tty); 2750 retval = -EINVAL; 2751 if (ld->ops->ioctl) { 2752 retval = ld->ops->ioctl(tty, file, cmd, arg); 2753 if (retval == -ENOIOCTLCMD) 2754 retval = -EINVAL; 2755 } 2756 tty_ldisc_deref(ld); 2757 return retval; 2758 } 2759 2760 #ifdef CONFIG_COMPAT 2761 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2762 unsigned long arg) 2763 { 2764 struct inode *inode = file->f_dentry->d_inode; 2765 struct tty_struct *tty = file_tty(file); 2766 struct tty_ldisc *ld; 2767 int retval = -ENOIOCTLCMD; 2768 2769 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2770 return -EINVAL; 2771 2772 if (tty->ops->compat_ioctl) { 2773 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2774 if (retval != -ENOIOCTLCMD) 2775 return retval; 2776 } 2777 2778 ld = tty_ldisc_ref_wait(tty); 2779 if (ld->ops->compat_ioctl) 2780 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2781 else 2782 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 2783 tty_ldisc_deref(ld); 2784 2785 return retval; 2786 } 2787 #endif 2788 2789 /* 2790 * This implements the "Secure Attention Key" --- the idea is to 2791 * prevent trojan horses by killing all processes associated with this 2792 * tty when the user hits the "Secure Attention Key". Required for 2793 * super-paranoid applications --- see the Orange Book for more details. 2794 * 2795 * This code could be nicer; ideally it should send a HUP, wait a few 2796 * seconds, then send a INT, and then a KILL signal. But you then 2797 * have to coordinate with the init process, since all processes associated 2798 * with the current tty must be dead before the new getty is allowed 2799 * to spawn. 2800 * 2801 * Now, if it would be correct ;-/ The current code has a nasty hole - 2802 * it doesn't catch files in flight. We may send the descriptor to ourselves 2803 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2804 * 2805 * Nasty bug: do_SAK is being called in interrupt context. This can 2806 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2807 */ 2808 void __do_SAK(struct tty_struct *tty) 2809 { 2810 #ifdef TTY_SOFT_SAK 2811 tty_hangup(tty); 2812 #else 2813 struct task_struct *g, *p; 2814 struct pid *session; 2815 int i; 2816 struct file *filp; 2817 struct fdtable *fdt; 2818 2819 if (!tty) 2820 return; 2821 session = tty->session; 2822 2823 tty_ldisc_flush(tty); 2824 2825 tty_driver_flush_buffer(tty); 2826 2827 read_lock(&tasklist_lock); 2828 /* Kill the entire session */ 2829 do_each_pid_task(session, PIDTYPE_SID, p) { 2830 printk(KERN_NOTICE "SAK: killed process %d" 2831 " (%s): task_session(p)==tty->session\n", 2832 task_pid_nr(p), p->comm); 2833 send_sig(SIGKILL, p, 1); 2834 } while_each_pid_task(session, PIDTYPE_SID, p); 2835 /* Now kill any processes that happen to have the 2836 * tty open. 2837 */ 2838 do_each_thread(g, p) { 2839 if (p->signal->tty == tty) { 2840 printk(KERN_NOTICE "SAK: killed process %d" 2841 " (%s): task_session(p)==tty->session\n", 2842 task_pid_nr(p), p->comm); 2843 send_sig(SIGKILL, p, 1); 2844 continue; 2845 } 2846 task_lock(p); 2847 if (p->files) { 2848 /* 2849 * We don't take a ref to the file, so we must 2850 * hold ->file_lock instead. 2851 */ 2852 spin_lock(&p->files->file_lock); 2853 fdt = files_fdtable(p->files); 2854 for (i = 0; i < fdt->max_fds; i++) { 2855 filp = fcheck_files(p->files, i); 2856 if (!filp) 2857 continue; 2858 if (filp->f_op->read == tty_read && 2859 file_tty(filp) == tty) { 2860 printk(KERN_NOTICE "SAK: killed process %d" 2861 " (%s): fd#%d opened to the tty\n", 2862 task_pid_nr(p), p->comm, i); 2863 force_sig(SIGKILL, p); 2864 break; 2865 } 2866 } 2867 spin_unlock(&p->files->file_lock); 2868 } 2869 task_unlock(p); 2870 } while_each_thread(g, p); 2871 read_unlock(&tasklist_lock); 2872 #endif 2873 } 2874 2875 static void do_SAK_work(struct work_struct *work) 2876 { 2877 struct tty_struct *tty = 2878 container_of(work, struct tty_struct, SAK_work); 2879 __do_SAK(tty); 2880 } 2881 2882 /* 2883 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2884 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2885 * the values which we write to it will be identical to the values which it 2886 * already has. --akpm 2887 */ 2888 void do_SAK(struct tty_struct *tty) 2889 { 2890 if (!tty) 2891 return; 2892 schedule_work(&tty->SAK_work); 2893 } 2894 2895 EXPORT_SYMBOL(do_SAK); 2896 2897 static int dev_match_devt(struct device *dev, void *data) 2898 { 2899 dev_t *devt = data; 2900 return dev->devt == *devt; 2901 } 2902 2903 /* Must put_device() after it's unused! */ 2904 static struct device *tty_get_device(struct tty_struct *tty) 2905 { 2906 dev_t devt = tty_devnum(tty); 2907 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2908 } 2909 2910 2911 /** 2912 * initialize_tty_struct 2913 * @tty: tty to initialize 2914 * 2915 * This subroutine initializes a tty structure that has been newly 2916 * allocated. 2917 * 2918 * Locking: none - tty in question must not be exposed at this point 2919 */ 2920 2921 void initialize_tty_struct(struct tty_struct *tty, 2922 struct tty_driver *driver, int idx) 2923 { 2924 memset(tty, 0, sizeof(struct tty_struct)); 2925 kref_init(&tty->kref); 2926 tty->magic = TTY_MAGIC; 2927 tty_ldisc_init(tty); 2928 tty->session = NULL; 2929 tty->pgrp = NULL; 2930 tty->overrun_time = jiffies; 2931 tty_buffer_init(tty); 2932 mutex_init(&tty->termios_mutex); 2933 mutex_init(&tty->ldisc_mutex); 2934 init_waitqueue_head(&tty->write_wait); 2935 init_waitqueue_head(&tty->read_wait); 2936 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2937 mutex_init(&tty->atomic_read_lock); 2938 mutex_init(&tty->atomic_write_lock); 2939 mutex_init(&tty->output_lock); 2940 mutex_init(&tty->echo_lock); 2941 spin_lock_init(&tty->read_lock); 2942 spin_lock_init(&tty->ctrl_lock); 2943 INIT_LIST_HEAD(&tty->tty_files); 2944 INIT_WORK(&tty->SAK_work, do_SAK_work); 2945 2946 tty->driver = driver; 2947 tty->ops = driver->ops; 2948 tty->index = idx; 2949 tty_line_name(driver, idx, tty->name); 2950 tty->dev = tty_get_device(tty); 2951 } 2952 2953 /** 2954 * deinitialize_tty_struct 2955 * @tty: tty to deinitialize 2956 * 2957 * This subroutine deinitializes a tty structure that has been newly 2958 * allocated but tty_release cannot be called on that yet. 2959 * 2960 * Locking: none - tty in question must not be exposed at this point 2961 */ 2962 void deinitialize_tty_struct(struct tty_struct *tty) 2963 { 2964 tty_ldisc_deinit(tty); 2965 } 2966 2967 /** 2968 * tty_put_char - write one character to a tty 2969 * @tty: tty 2970 * @ch: character 2971 * 2972 * Write one byte to the tty using the provided put_char method 2973 * if present. Returns the number of characters successfully output. 2974 * 2975 * Note: the specific put_char operation in the driver layer may go 2976 * away soon. Don't call it directly, use this method 2977 */ 2978 2979 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2980 { 2981 if (tty->ops->put_char) 2982 return tty->ops->put_char(tty, ch); 2983 return tty->ops->write(tty, &ch, 1); 2984 } 2985 EXPORT_SYMBOL_GPL(tty_put_char); 2986 2987 struct class *tty_class; 2988 2989 /** 2990 * tty_register_device - register a tty device 2991 * @driver: the tty driver that describes the tty device 2992 * @index: the index in the tty driver for this tty device 2993 * @device: a struct device that is associated with this tty device. 2994 * This field is optional, if there is no known struct device 2995 * for this tty device it can be set to NULL safely. 2996 * 2997 * Returns a pointer to the struct device for this tty device 2998 * (or ERR_PTR(-EFOO) on error). 2999 * 3000 * This call is required to be made to register an individual tty device 3001 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3002 * that bit is not set, this function should not be called by a tty 3003 * driver. 3004 * 3005 * Locking: ?? 3006 */ 3007 3008 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3009 struct device *device) 3010 { 3011 char name[64]; 3012 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 3013 3014 if (index >= driver->num) { 3015 printk(KERN_ERR "Attempt to register invalid tty line number " 3016 " (%d).\n", index); 3017 return ERR_PTR(-EINVAL); 3018 } 3019 3020 if (driver->type == TTY_DRIVER_TYPE_PTY) 3021 pty_line_name(driver, index, name); 3022 else 3023 tty_line_name(driver, index, name); 3024 3025 return device_create(tty_class, device, dev, NULL, name); 3026 } 3027 EXPORT_SYMBOL(tty_register_device); 3028 3029 /** 3030 * tty_unregister_device - unregister a tty device 3031 * @driver: the tty driver that describes the tty device 3032 * @index: the index in the tty driver for this tty device 3033 * 3034 * If a tty device is registered with a call to tty_register_device() then 3035 * this function must be called when the tty device is gone. 3036 * 3037 * Locking: ?? 3038 */ 3039 3040 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3041 { 3042 device_destroy(tty_class, 3043 MKDEV(driver->major, driver->minor_start) + index); 3044 } 3045 EXPORT_SYMBOL(tty_unregister_device); 3046 3047 struct tty_driver *__alloc_tty_driver(int lines, struct module *owner) 3048 { 3049 struct tty_driver *driver; 3050 3051 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3052 if (driver) { 3053 kref_init(&driver->kref); 3054 driver->magic = TTY_DRIVER_MAGIC; 3055 driver->num = lines; 3056 driver->owner = owner; 3057 /* later we'll move allocation of tables here */ 3058 } 3059 return driver; 3060 } 3061 EXPORT_SYMBOL(__alloc_tty_driver); 3062 3063 static void destruct_tty_driver(struct kref *kref) 3064 { 3065 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3066 int i; 3067 struct ktermios *tp; 3068 void *p; 3069 3070 if (driver->flags & TTY_DRIVER_INSTALLED) { 3071 /* 3072 * Free the termios and termios_locked structures because 3073 * we don't want to get memory leaks when modular tty 3074 * drivers are removed from the kernel. 3075 */ 3076 for (i = 0; i < driver->num; i++) { 3077 tp = driver->termios[i]; 3078 if (tp) { 3079 driver->termios[i] = NULL; 3080 kfree(tp); 3081 } 3082 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3083 tty_unregister_device(driver, i); 3084 } 3085 p = driver->ttys; 3086 proc_tty_unregister_driver(driver); 3087 driver->ttys = NULL; 3088 driver->termios = NULL; 3089 kfree(p); 3090 cdev_del(&driver->cdev); 3091 } 3092 kfree(driver); 3093 } 3094 3095 void tty_driver_kref_put(struct tty_driver *driver) 3096 { 3097 kref_put(&driver->kref, destruct_tty_driver); 3098 } 3099 EXPORT_SYMBOL(tty_driver_kref_put); 3100 3101 void tty_set_operations(struct tty_driver *driver, 3102 const struct tty_operations *op) 3103 { 3104 driver->ops = op; 3105 }; 3106 EXPORT_SYMBOL(tty_set_operations); 3107 3108 void put_tty_driver(struct tty_driver *d) 3109 { 3110 tty_driver_kref_put(d); 3111 } 3112 EXPORT_SYMBOL(put_tty_driver); 3113 3114 /* 3115 * Called by a tty driver to register itself. 3116 */ 3117 int tty_register_driver(struct tty_driver *driver) 3118 { 3119 int error; 3120 int i; 3121 dev_t dev; 3122 void **p = NULL; 3123 struct device *d; 3124 3125 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3126 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3127 if (!p) 3128 return -ENOMEM; 3129 } 3130 3131 if (!driver->major) { 3132 error = alloc_chrdev_region(&dev, driver->minor_start, 3133 driver->num, driver->name); 3134 if (!error) { 3135 driver->major = MAJOR(dev); 3136 driver->minor_start = MINOR(dev); 3137 } 3138 } else { 3139 dev = MKDEV(driver->major, driver->minor_start); 3140 error = register_chrdev_region(dev, driver->num, driver->name); 3141 } 3142 if (error < 0) { 3143 kfree(p); 3144 return error; 3145 } 3146 3147 if (p) { 3148 driver->ttys = (struct tty_struct **)p; 3149 driver->termios = (struct ktermios **)(p + driver->num); 3150 } else { 3151 driver->ttys = NULL; 3152 driver->termios = NULL; 3153 } 3154 3155 cdev_init(&driver->cdev, &tty_fops); 3156 driver->cdev.owner = driver->owner; 3157 error = cdev_add(&driver->cdev, dev, driver->num); 3158 if (error) { 3159 unregister_chrdev_region(dev, driver->num); 3160 driver->ttys = NULL; 3161 driver->termios = NULL; 3162 kfree(p); 3163 return error; 3164 } 3165 3166 mutex_lock(&tty_mutex); 3167 list_add(&driver->tty_drivers, &tty_drivers); 3168 mutex_unlock(&tty_mutex); 3169 3170 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3171 for (i = 0; i < driver->num; i++) { 3172 d = tty_register_device(driver, i, NULL); 3173 if (IS_ERR(d)) { 3174 error = PTR_ERR(d); 3175 goto err; 3176 } 3177 } 3178 } 3179 proc_tty_register_driver(driver); 3180 driver->flags |= TTY_DRIVER_INSTALLED; 3181 return 0; 3182 3183 err: 3184 for (i--; i >= 0; i--) 3185 tty_unregister_device(driver, i); 3186 3187 mutex_lock(&tty_mutex); 3188 list_del(&driver->tty_drivers); 3189 mutex_unlock(&tty_mutex); 3190 3191 unregister_chrdev_region(dev, driver->num); 3192 driver->ttys = NULL; 3193 driver->termios = NULL; 3194 kfree(p); 3195 return error; 3196 } 3197 3198 EXPORT_SYMBOL(tty_register_driver); 3199 3200 /* 3201 * Called by a tty driver to unregister itself. 3202 */ 3203 int tty_unregister_driver(struct tty_driver *driver) 3204 { 3205 #if 0 3206 /* FIXME */ 3207 if (driver->refcount) 3208 return -EBUSY; 3209 #endif 3210 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3211 driver->num); 3212 mutex_lock(&tty_mutex); 3213 list_del(&driver->tty_drivers); 3214 mutex_unlock(&tty_mutex); 3215 return 0; 3216 } 3217 3218 EXPORT_SYMBOL(tty_unregister_driver); 3219 3220 dev_t tty_devnum(struct tty_struct *tty) 3221 { 3222 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3223 } 3224 EXPORT_SYMBOL(tty_devnum); 3225 3226 void proc_clear_tty(struct task_struct *p) 3227 { 3228 unsigned long flags; 3229 struct tty_struct *tty; 3230 spin_lock_irqsave(&p->sighand->siglock, flags); 3231 tty = p->signal->tty; 3232 p->signal->tty = NULL; 3233 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3234 tty_kref_put(tty); 3235 } 3236 3237 /* Called under the sighand lock */ 3238 3239 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3240 { 3241 if (tty) { 3242 unsigned long flags; 3243 /* We should not have a session or pgrp to put here but.... */ 3244 spin_lock_irqsave(&tty->ctrl_lock, flags); 3245 put_pid(tty->session); 3246 put_pid(tty->pgrp); 3247 tty->pgrp = get_pid(task_pgrp(tsk)); 3248 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3249 tty->session = get_pid(task_session(tsk)); 3250 if (tsk->signal->tty) { 3251 printk(KERN_DEBUG "tty not NULL!!\n"); 3252 tty_kref_put(tsk->signal->tty); 3253 } 3254 } 3255 put_pid(tsk->signal->tty_old_pgrp); 3256 tsk->signal->tty = tty_kref_get(tty); 3257 tsk->signal->tty_old_pgrp = NULL; 3258 } 3259 3260 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3261 { 3262 spin_lock_irq(&tsk->sighand->siglock); 3263 __proc_set_tty(tsk, tty); 3264 spin_unlock_irq(&tsk->sighand->siglock); 3265 } 3266 3267 struct tty_struct *get_current_tty(void) 3268 { 3269 struct tty_struct *tty; 3270 unsigned long flags; 3271 3272 spin_lock_irqsave(¤t->sighand->siglock, flags); 3273 tty = tty_kref_get(current->signal->tty); 3274 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3275 return tty; 3276 } 3277 EXPORT_SYMBOL_GPL(get_current_tty); 3278 3279 void tty_default_fops(struct file_operations *fops) 3280 { 3281 *fops = tty_fops; 3282 } 3283 3284 /* 3285 * Initialize the console device. This is called *early*, so 3286 * we can't necessarily depend on lots of kernel help here. 3287 * Just do some early initializations, and do the complex setup 3288 * later. 3289 */ 3290 void __init console_init(void) 3291 { 3292 initcall_t *call; 3293 3294 /* Setup the default TTY line discipline. */ 3295 tty_ldisc_begin(); 3296 3297 /* 3298 * set up the console device so that later boot sequences can 3299 * inform about problems etc.. 3300 */ 3301 call = __con_initcall_start; 3302 while (call < __con_initcall_end) { 3303 (*call)(); 3304 call++; 3305 } 3306 } 3307 3308 static char *tty_devnode(struct device *dev, umode_t *mode) 3309 { 3310 if (!mode) 3311 return NULL; 3312 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3313 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3314 *mode = 0666; 3315 return NULL; 3316 } 3317 3318 static int __init tty_class_init(void) 3319 { 3320 tty_class = class_create(THIS_MODULE, "tty"); 3321 if (IS_ERR(tty_class)) 3322 return PTR_ERR(tty_class); 3323 tty_class->devnode = tty_devnode; 3324 return 0; 3325 } 3326 3327 postcore_initcall(tty_class_init); 3328 3329 /* 3/2004 jmc: why do these devices exist? */ 3330 static struct cdev tty_cdev, console_cdev; 3331 3332 static ssize_t show_cons_active(struct device *dev, 3333 struct device_attribute *attr, char *buf) 3334 { 3335 struct console *cs[16]; 3336 int i = 0; 3337 struct console *c; 3338 ssize_t count = 0; 3339 3340 console_lock(); 3341 for_each_console(c) { 3342 if (!c->device) 3343 continue; 3344 if (!c->write) 3345 continue; 3346 if ((c->flags & CON_ENABLED) == 0) 3347 continue; 3348 cs[i++] = c; 3349 if (i >= ARRAY_SIZE(cs)) 3350 break; 3351 } 3352 while (i--) 3353 count += sprintf(buf + count, "%s%d%c", 3354 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3355 console_unlock(); 3356 3357 return count; 3358 } 3359 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3360 3361 static struct device *consdev; 3362 3363 void console_sysfs_notify(void) 3364 { 3365 if (consdev) 3366 sysfs_notify(&consdev->kobj, NULL, "active"); 3367 } 3368 3369 /* 3370 * Ok, now we can initialize the rest of the tty devices and can count 3371 * on memory allocations, interrupts etc.. 3372 */ 3373 int __init tty_init(void) 3374 { 3375 cdev_init(&tty_cdev, &tty_fops); 3376 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3377 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3378 panic("Couldn't register /dev/tty driver\n"); 3379 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3380 3381 cdev_init(&console_cdev, &console_fops); 3382 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3383 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3384 panic("Couldn't register /dev/console driver\n"); 3385 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3386 "console"); 3387 if (IS_ERR(consdev)) 3388 consdev = NULL; 3389 else 3390 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3391 3392 #ifdef CONFIG_VT 3393 vty_init(&console_fops); 3394 #endif 3395 return 0; 3396 } 3397 3398