1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched/signal.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 #ifdef TTY_DEBUG_HANGUP 110 # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) 111 #else 112 # define tty_debug_hangup(tty, f, args...) do { } while (0) 113 #endif 114 115 #define TTY_PARANOIA_CHECK 1 116 #define CHECK_TTY_COUNT 1 117 118 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 119 .c_iflag = ICRNL | IXON, 120 .c_oflag = OPOST | ONLCR, 121 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 122 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 123 ECHOCTL | ECHOKE | IEXTEN, 124 .c_cc = INIT_C_CC, 125 .c_ispeed = 38400, 126 .c_ospeed = 38400, 127 /* .c_line = N_TTY, */ 128 }; 129 130 EXPORT_SYMBOL(tty_std_termios); 131 132 /* This list gets poked at by procfs and various bits of boot up code. This 133 could do with some rationalisation such as pulling the tty proc function 134 into this file */ 135 136 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 137 138 /* Mutex to protect creating and releasing a tty */ 139 DEFINE_MUTEX(tty_mutex); 140 141 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 142 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 143 ssize_t redirected_tty_write(struct file *, const char __user *, 144 size_t, loff_t *); 145 static unsigned int tty_poll(struct file *, poll_table *); 146 static int tty_open(struct inode *, struct file *); 147 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 148 #ifdef CONFIG_COMPAT 149 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 150 unsigned long arg); 151 #else 152 #define tty_compat_ioctl NULL 153 #endif 154 static int __tty_fasync(int fd, struct file *filp, int on); 155 static int tty_fasync(int fd, struct file *filp, int on); 156 static void release_tty(struct tty_struct *tty, int idx); 157 158 /** 159 * free_tty_struct - free a disused tty 160 * @tty: tty struct to free 161 * 162 * Free the write buffers, tty queue and tty memory itself. 163 * 164 * Locking: none. Must be called after tty is definitely unused 165 */ 166 167 static void free_tty_struct(struct tty_struct *tty) 168 { 169 tty_ldisc_deinit(tty); 170 put_device(tty->dev); 171 kfree(tty->write_buf); 172 tty->magic = 0xDEADDEAD; 173 kfree(tty); 174 } 175 176 static inline struct tty_struct *file_tty(struct file *file) 177 { 178 return ((struct tty_file_private *)file->private_data)->tty; 179 } 180 181 int tty_alloc_file(struct file *file) 182 { 183 struct tty_file_private *priv; 184 185 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 186 if (!priv) 187 return -ENOMEM; 188 189 file->private_data = priv; 190 191 return 0; 192 } 193 194 /* Associate a new file with the tty structure */ 195 void tty_add_file(struct tty_struct *tty, struct file *file) 196 { 197 struct tty_file_private *priv = file->private_data; 198 199 priv->tty = tty; 200 priv->file = file; 201 202 spin_lock(&tty->files_lock); 203 list_add(&priv->list, &tty->tty_files); 204 spin_unlock(&tty->files_lock); 205 } 206 207 /** 208 * tty_free_file - free file->private_data 209 * 210 * This shall be used only for fail path handling when tty_add_file was not 211 * called yet. 212 */ 213 void tty_free_file(struct file *file) 214 { 215 struct tty_file_private *priv = file->private_data; 216 217 file->private_data = NULL; 218 kfree(priv); 219 } 220 221 /* Delete file from its tty */ 222 static void tty_del_file(struct file *file) 223 { 224 struct tty_file_private *priv = file->private_data; 225 struct tty_struct *tty = priv->tty; 226 227 spin_lock(&tty->files_lock); 228 list_del(&priv->list); 229 spin_unlock(&tty->files_lock); 230 tty_free_file(file); 231 } 232 233 /** 234 * tty_name - return tty naming 235 * @tty: tty structure 236 * 237 * Convert a tty structure into a name. The name reflects the kernel 238 * naming policy and if udev is in use may not reflect user space 239 * 240 * Locking: none 241 */ 242 243 const char *tty_name(const struct tty_struct *tty) 244 { 245 if (!tty) /* Hmm. NULL pointer. That's fun. */ 246 return "NULL tty"; 247 return tty->name; 248 } 249 250 EXPORT_SYMBOL(tty_name); 251 252 const char *tty_driver_name(const struct tty_struct *tty) 253 { 254 if (!tty || !tty->driver) 255 return ""; 256 return tty->driver->name; 257 } 258 259 static int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 260 const char *routine) 261 { 262 #ifdef TTY_PARANOIA_CHECK 263 if (!tty) { 264 pr_warn("(%d:%d): %s: NULL tty\n", 265 imajor(inode), iminor(inode), routine); 266 return 1; 267 } 268 if (tty->magic != TTY_MAGIC) { 269 pr_warn("(%d:%d): %s: bad magic number\n", 270 imajor(inode), iminor(inode), routine); 271 return 1; 272 } 273 #endif 274 return 0; 275 } 276 277 /* Caller must hold tty_lock */ 278 static int check_tty_count(struct tty_struct *tty, const char *routine) 279 { 280 #ifdef CHECK_TTY_COUNT 281 struct list_head *p; 282 int count = 0; 283 284 spin_lock(&tty->files_lock); 285 list_for_each(p, &tty->tty_files) { 286 count++; 287 } 288 spin_unlock(&tty->files_lock); 289 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 290 tty->driver->subtype == PTY_TYPE_SLAVE && 291 tty->link && tty->link->count) 292 count++; 293 if (tty->count != count) { 294 tty_warn(tty, "%s: tty->count(%d) != #fd's(%d)\n", 295 routine, tty->count, count); 296 return count; 297 } 298 #endif 299 return 0; 300 } 301 302 /** 303 * get_tty_driver - find device of a tty 304 * @dev_t: device identifier 305 * @index: returns the index of the tty 306 * 307 * This routine returns a tty driver structure, given a device number 308 * and also passes back the index number. 309 * 310 * Locking: caller must hold tty_mutex 311 */ 312 313 static struct tty_driver *get_tty_driver(dev_t device, int *index) 314 { 315 struct tty_driver *p; 316 317 list_for_each_entry(p, &tty_drivers, tty_drivers) { 318 dev_t base = MKDEV(p->major, p->minor_start); 319 if (device < base || device >= base + p->num) 320 continue; 321 *index = device - base; 322 return tty_driver_kref_get(p); 323 } 324 return NULL; 325 } 326 327 #ifdef CONFIG_CONSOLE_POLL 328 329 /** 330 * tty_find_polling_driver - find device of a polled tty 331 * @name: name string to match 332 * @line: pointer to resulting tty line nr 333 * 334 * This routine returns a tty driver structure, given a name 335 * and the condition that the tty driver is capable of polled 336 * operation. 337 */ 338 struct tty_driver *tty_find_polling_driver(char *name, int *line) 339 { 340 struct tty_driver *p, *res = NULL; 341 int tty_line = 0; 342 int len; 343 char *str, *stp; 344 345 for (str = name; *str; str++) 346 if ((*str >= '0' && *str <= '9') || *str == ',') 347 break; 348 if (!*str) 349 return NULL; 350 351 len = str - name; 352 tty_line = simple_strtoul(str, &str, 10); 353 354 mutex_lock(&tty_mutex); 355 /* Search through the tty devices to look for a match */ 356 list_for_each_entry(p, &tty_drivers, tty_drivers) { 357 if (strncmp(name, p->name, len) != 0) 358 continue; 359 stp = str; 360 if (*stp == ',') 361 stp++; 362 if (*stp == '\0') 363 stp = NULL; 364 365 if (tty_line >= 0 && tty_line < p->num && p->ops && 366 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 367 res = tty_driver_kref_get(p); 368 *line = tty_line; 369 break; 370 } 371 } 372 mutex_unlock(&tty_mutex); 373 374 return res; 375 } 376 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 377 #endif 378 379 static int is_ignored(int sig) 380 { 381 return (sigismember(¤t->blocked, sig) || 382 current->sighand->action[sig-1].sa.sa_handler == SIG_IGN); 383 } 384 385 /** 386 * tty_check_change - check for POSIX terminal changes 387 * @tty: tty to check 388 * 389 * If we try to write to, or set the state of, a terminal and we're 390 * not in the foreground, send a SIGTTOU. If the signal is blocked or 391 * ignored, go ahead and perform the operation. (POSIX 7.2) 392 * 393 * Locking: ctrl_lock 394 */ 395 396 int __tty_check_change(struct tty_struct *tty, int sig) 397 { 398 unsigned long flags; 399 struct pid *pgrp, *tty_pgrp; 400 int ret = 0; 401 402 if (current->signal->tty != tty) 403 return 0; 404 405 rcu_read_lock(); 406 pgrp = task_pgrp(current); 407 408 spin_lock_irqsave(&tty->ctrl_lock, flags); 409 tty_pgrp = tty->pgrp; 410 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 411 412 if (tty_pgrp && pgrp != tty->pgrp) { 413 if (is_ignored(sig)) { 414 if (sig == SIGTTIN) 415 ret = -EIO; 416 } else if (is_current_pgrp_orphaned()) 417 ret = -EIO; 418 else { 419 kill_pgrp(pgrp, sig, 1); 420 set_thread_flag(TIF_SIGPENDING); 421 ret = -ERESTARTSYS; 422 } 423 } 424 rcu_read_unlock(); 425 426 if (!tty_pgrp) 427 tty_warn(tty, "sig=%d, tty->pgrp == NULL!\n", sig); 428 429 return ret; 430 } 431 432 int tty_check_change(struct tty_struct *tty) 433 { 434 return __tty_check_change(tty, SIGTTOU); 435 } 436 EXPORT_SYMBOL(tty_check_change); 437 438 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 439 size_t count, loff_t *ppos) 440 { 441 return 0; 442 } 443 444 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 445 size_t count, loff_t *ppos) 446 { 447 return -EIO; 448 } 449 450 /* No kernel lock held - none needed ;) */ 451 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 452 { 453 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 454 } 455 456 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 457 unsigned long arg) 458 { 459 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 460 } 461 462 static long hung_up_tty_compat_ioctl(struct file *file, 463 unsigned int cmd, unsigned long arg) 464 { 465 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 466 } 467 468 static int hung_up_tty_fasync(int fd, struct file *file, int on) 469 { 470 return -ENOTTY; 471 } 472 473 static const struct file_operations tty_fops = { 474 .llseek = no_llseek, 475 .read = tty_read, 476 .write = tty_write, 477 .poll = tty_poll, 478 .unlocked_ioctl = tty_ioctl, 479 .compat_ioctl = tty_compat_ioctl, 480 .open = tty_open, 481 .release = tty_release, 482 .fasync = tty_fasync, 483 }; 484 485 static const struct file_operations console_fops = { 486 .llseek = no_llseek, 487 .read = tty_read, 488 .write = redirected_tty_write, 489 .poll = tty_poll, 490 .unlocked_ioctl = tty_ioctl, 491 .compat_ioctl = tty_compat_ioctl, 492 .open = tty_open, 493 .release = tty_release, 494 .fasync = tty_fasync, 495 }; 496 497 static const struct file_operations hung_up_tty_fops = { 498 .llseek = no_llseek, 499 .read = hung_up_tty_read, 500 .write = hung_up_tty_write, 501 .poll = hung_up_tty_poll, 502 .unlocked_ioctl = hung_up_tty_ioctl, 503 .compat_ioctl = hung_up_tty_compat_ioctl, 504 .release = tty_release, 505 .fasync = hung_up_tty_fasync, 506 }; 507 508 static DEFINE_SPINLOCK(redirect_lock); 509 static struct file *redirect; 510 511 512 void proc_clear_tty(struct task_struct *p) 513 { 514 unsigned long flags; 515 struct tty_struct *tty; 516 spin_lock_irqsave(&p->sighand->siglock, flags); 517 tty = p->signal->tty; 518 p->signal->tty = NULL; 519 spin_unlock_irqrestore(&p->sighand->siglock, flags); 520 tty_kref_put(tty); 521 } 522 523 /** 524 * proc_set_tty - set the controlling terminal 525 * 526 * Only callable by the session leader and only if it does not already have 527 * a controlling terminal. 528 * 529 * Caller must hold: tty_lock() 530 * a readlock on tasklist_lock 531 * sighand lock 532 */ 533 static void __proc_set_tty(struct tty_struct *tty) 534 { 535 unsigned long flags; 536 537 spin_lock_irqsave(&tty->ctrl_lock, flags); 538 /* 539 * The session and fg pgrp references will be non-NULL if 540 * tiocsctty() is stealing the controlling tty 541 */ 542 put_pid(tty->session); 543 put_pid(tty->pgrp); 544 tty->pgrp = get_pid(task_pgrp(current)); 545 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 546 tty->session = get_pid(task_session(current)); 547 if (current->signal->tty) { 548 tty_debug(tty, "current tty %s not NULL!!\n", 549 current->signal->tty->name); 550 tty_kref_put(current->signal->tty); 551 } 552 put_pid(current->signal->tty_old_pgrp); 553 current->signal->tty = tty_kref_get(tty); 554 current->signal->tty_old_pgrp = NULL; 555 } 556 557 static void proc_set_tty(struct tty_struct *tty) 558 { 559 spin_lock_irq(¤t->sighand->siglock); 560 __proc_set_tty(tty); 561 spin_unlock_irq(¤t->sighand->siglock); 562 } 563 564 struct tty_struct *get_current_tty(void) 565 { 566 struct tty_struct *tty; 567 unsigned long flags; 568 569 spin_lock_irqsave(¤t->sighand->siglock, flags); 570 tty = tty_kref_get(current->signal->tty); 571 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 572 return tty; 573 } 574 EXPORT_SYMBOL_GPL(get_current_tty); 575 576 static void session_clear_tty(struct pid *session) 577 { 578 struct task_struct *p; 579 do_each_pid_task(session, PIDTYPE_SID, p) { 580 proc_clear_tty(p); 581 } while_each_pid_task(session, PIDTYPE_SID, p); 582 } 583 584 /** 585 * tty_wakeup - request more data 586 * @tty: terminal 587 * 588 * Internal and external helper for wakeups of tty. This function 589 * informs the line discipline if present that the driver is ready 590 * to receive more output data. 591 */ 592 593 void tty_wakeup(struct tty_struct *tty) 594 { 595 struct tty_ldisc *ld; 596 597 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 598 ld = tty_ldisc_ref(tty); 599 if (ld) { 600 if (ld->ops->write_wakeup) 601 ld->ops->write_wakeup(tty); 602 tty_ldisc_deref(ld); 603 } 604 } 605 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 606 } 607 608 EXPORT_SYMBOL_GPL(tty_wakeup); 609 610 /** 611 * tty_signal_session_leader - sends SIGHUP to session leader 612 * @tty controlling tty 613 * @exit_session if non-zero, signal all foreground group processes 614 * 615 * Send SIGHUP and SIGCONT to the session leader and its process group. 616 * Optionally, signal all processes in the foreground process group. 617 * 618 * Returns the number of processes in the session with this tty 619 * as their controlling terminal. This value is used to drop 620 * tty references for those processes. 621 */ 622 static int tty_signal_session_leader(struct tty_struct *tty, int exit_session) 623 { 624 struct task_struct *p; 625 int refs = 0; 626 struct pid *tty_pgrp = NULL; 627 628 read_lock(&tasklist_lock); 629 if (tty->session) { 630 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 631 spin_lock_irq(&p->sighand->siglock); 632 if (p->signal->tty == tty) { 633 p->signal->tty = NULL; 634 /* We defer the dereferences outside fo 635 the tasklist lock */ 636 refs++; 637 } 638 if (!p->signal->leader) { 639 spin_unlock_irq(&p->sighand->siglock); 640 continue; 641 } 642 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 643 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 644 put_pid(p->signal->tty_old_pgrp); /* A noop */ 645 spin_lock(&tty->ctrl_lock); 646 tty_pgrp = get_pid(tty->pgrp); 647 if (tty->pgrp) 648 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 649 spin_unlock(&tty->ctrl_lock); 650 spin_unlock_irq(&p->sighand->siglock); 651 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 652 } 653 read_unlock(&tasklist_lock); 654 655 if (tty_pgrp) { 656 if (exit_session) 657 kill_pgrp(tty_pgrp, SIGHUP, exit_session); 658 put_pid(tty_pgrp); 659 } 660 661 return refs; 662 } 663 664 /** 665 * __tty_hangup - actual handler for hangup events 666 * @work: tty device 667 * 668 * This can be called by a "kworker" kernel thread. That is process 669 * synchronous but doesn't hold any locks, so we need to make sure we 670 * have the appropriate locks for what we're doing. 671 * 672 * The hangup event clears any pending redirections onto the hung up 673 * device. It ensures future writes will error and it does the needed 674 * line discipline hangup and signal delivery. The tty object itself 675 * remains intact. 676 * 677 * Locking: 678 * BTM 679 * redirect lock for undoing redirection 680 * file list lock for manipulating list of ttys 681 * tty_ldiscs_lock from called functions 682 * termios_rwsem resetting termios data 683 * tasklist_lock to walk task list for hangup event 684 * ->siglock to protect ->signal/->sighand 685 */ 686 static void __tty_hangup(struct tty_struct *tty, int exit_session) 687 { 688 struct file *cons_filp = NULL; 689 struct file *filp, *f = NULL; 690 struct tty_file_private *priv; 691 int closecount = 0, n; 692 int refs; 693 694 if (!tty) 695 return; 696 697 698 spin_lock(&redirect_lock); 699 if (redirect && file_tty(redirect) == tty) { 700 f = redirect; 701 redirect = NULL; 702 } 703 spin_unlock(&redirect_lock); 704 705 tty_lock(tty); 706 707 if (test_bit(TTY_HUPPED, &tty->flags)) { 708 tty_unlock(tty); 709 return; 710 } 711 712 /* inuse_filps is protected by the single tty lock, 713 this really needs to change if we want to flush the 714 workqueue with the lock held */ 715 check_tty_count(tty, "tty_hangup"); 716 717 spin_lock(&tty->files_lock); 718 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 719 list_for_each_entry(priv, &tty->tty_files, list) { 720 filp = priv->file; 721 if (filp->f_op->write == redirected_tty_write) 722 cons_filp = filp; 723 if (filp->f_op->write != tty_write) 724 continue; 725 closecount++; 726 __tty_fasync(-1, filp, 0); /* can't block */ 727 filp->f_op = &hung_up_tty_fops; 728 } 729 spin_unlock(&tty->files_lock); 730 731 refs = tty_signal_session_leader(tty, exit_session); 732 /* Account for the p->signal references we killed */ 733 while (refs--) 734 tty_kref_put(tty); 735 736 tty_ldisc_hangup(tty, cons_filp != NULL); 737 738 spin_lock_irq(&tty->ctrl_lock); 739 clear_bit(TTY_THROTTLED, &tty->flags); 740 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 741 put_pid(tty->session); 742 put_pid(tty->pgrp); 743 tty->session = NULL; 744 tty->pgrp = NULL; 745 tty->ctrl_status = 0; 746 spin_unlock_irq(&tty->ctrl_lock); 747 748 /* 749 * If one of the devices matches a console pointer, we 750 * cannot just call hangup() because that will cause 751 * tty->count and state->count to go out of sync. 752 * So we just call close() the right number of times. 753 */ 754 if (cons_filp) { 755 if (tty->ops->close) 756 for (n = 0; n < closecount; n++) 757 tty->ops->close(tty, cons_filp); 758 } else if (tty->ops->hangup) 759 tty->ops->hangup(tty); 760 /* 761 * We don't want to have driver/ldisc interactions beyond the ones 762 * we did here. The driver layer expects no calls after ->hangup() 763 * from the ldisc side, which is now guaranteed. 764 */ 765 set_bit(TTY_HUPPED, &tty->flags); 766 tty_unlock(tty); 767 768 if (f) 769 fput(f); 770 } 771 772 static void do_tty_hangup(struct work_struct *work) 773 { 774 struct tty_struct *tty = 775 container_of(work, struct tty_struct, hangup_work); 776 777 __tty_hangup(tty, 0); 778 } 779 780 /** 781 * tty_hangup - trigger a hangup event 782 * @tty: tty to hangup 783 * 784 * A carrier loss (virtual or otherwise) has occurred on this like 785 * schedule a hangup sequence to run after this event. 786 */ 787 788 void tty_hangup(struct tty_struct *tty) 789 { 790 tty_debug_hangup(tty, "hangup\n"); 791 schedule_work(&tty->hangup_work); 792 } 793 794 EXPORT_SYMBOL(tty_hangup); 795 796 /** 797 * tty_vhangup - process vhangup 798 * @tty: tty to hangup 799 * 800 * The user has asked via system call for the terminal to be hung up. 801 * We do this synchronously so that when the syscall returns the process 802 * is complete. That guarantee is necessary for security reasons. 803 */ 804 805 void tty_vhangup(struct tty_struct *tty) 806 { 807 tty_debug_hangup(tty, "vhangup\n"); 808 __tty_hangup(tty, 0); 809 } 810 811 EXPORT_SYMBOL(tty_vhangup); 812 813 814 /** 815 * tty_vhangup_self - process vhangup for own ctty 816 * 817 * Perform a vhangup on the current controlling tty 818 */ 819 820 void tty_vhangup_self(void) 821 { 822 struct tty_struct *tty; 823 824 tty = get_current_tty(); 825 if (tty) { 826 tty_vhangup(tty); 827 tty_kref_put(tty); 828 } 829 } 830 831 /** 832 * tty_vhangup_session - hangup session leader exit 833 * @tty: tty to hangup 834 * 835 * The session leader is exiting and hanging up its controlling terminal. 836 * Every process in the foreground process group is signalled SIGHUP. 837 * 838 * We do this synchronously so that when the syscall returns the process 839 * is complete. That guarantee is necessary for security reasons. 840 */ 841 842 static void tty_vhangup_session(struct tty_struct *tty) 843 { 844 tty_debug_hangup(tty, "session hangup\n"); 845 __tty_hangup(tty, 1); 846 } 847 848 /** 849 * tty_hung_up_p - was tty hung up 850 * @filp: file pointer of tty 851 * 852 * Return true if the tty has been subject to a vhangup or a carrier 853 * loss 854 */ 855 856 int tty_hung_up_p(struct file *filp) 857 { 858 return (filp && filp->f_op == &hung_up_tty_fops); 859 } 860 861 EXPORT_SYMBOL(tty_hung_up_p); 862 863 /** 864 * disassociate_ctty - disconnect controlling tty 865 * @on_exit: true if exiting so need to "hang up" the session 866 * 867 * This function is typically called only by the session leader, when 868 * it wants to disassociate itself from its controlling tty. 869 * 870 * It performs the following functions: 871 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 872 * (2) Clears the tty from being controlling the session 873 * (3) Clears the controlling tty for all processes in the 874 * session group. 875 * 876 * The argument on_exit is set to 1 if called when a process is 877 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 878 * 879 * Locking: 880 * BTM is taken for hysterical raisins, and held when 881 * called from no_tty(). 882 * tty_mutex is taken to protect tty 883 * ->siglock is taken to protect ->signal/->sighand 884 * tasklist_lock is taken to walk process list for sessions 885 * ->siglock is taken to protect ->signal/->sighand 886 */ 887 888 void disassociate_ctty(int on_exit) 889 { 890 struct tty_struct *tty; 891 892 if (!current->signal->leader) 893 return; 894 895 tty = get_current_tty(); 896 if (tty) { 897 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) { 898 tty_vhangup_session(tty); 899 } else { 900 struct pid *tty_pgrp = tty_get_pgrp(tty); 901 if (tty_pgrp) { 902 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 903 if (!on_exit) 904 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 905 put_pid(tty_pgrp); 906 } 907 } 908 tty_kref_put(tty); 909 910 } else if (on_exit) { 911 struct pid *old_pgrp; 912 spin_lock_irq(¤t->sighand->siglock); 913 old_pgrp = current->signal->tty_old_pgrp; 914 current->signal->tty_old_pgrp = NULL; 915 spin_unlock_irq(¤t->sighand->siglock); 916 if (old_pgrp) { 917 kill_pgrp(old_pgrp, SIGHUP, on_exit); 918 kill_pgrp(old_pgrp, SIGCONT, on_exit); 919 put_pid(old_pgrp); 920 } 921 return; 922 } 923 924 spin_lock_irq(¤t->sighand->siglock); 925 put_pid(current->signal->tty_old_pgrp); 926 current->signal->tty_old_pgrp = NULL; 927 928 tty = tty_kref_get(current->signal->tty); 929 if (tty) { 930 unsigned long flags; 931 spin_lock_irqsave(&tty->ctrl_lock, flags); 932 put_pid(tty->session); 933 put_pid(tty->pgrp); 934 tty->session = NULL; 935 tty->pgrp = NULL; 936 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 937 tty_kref_put(tty); 938 } else 939 tty_debug_hangup(tty, "no current tty\n"); 940 941 spin_unlock_irq(¤t->sighand->siglock); 942 /* Now clear signal->tty under the lock */ 943 read_lock(&tasklist_lock); 944 session_clear_tty(task_session(current)); 945 read_unlock(&tasklist_lock); 946 } 947 948 /** 949 * 950 * no_tty - Ensure the current process does not have a controlling tty 951 */ 952 void no_tty(void) 953 { 954 /* FIXME: Review locking here. The tty_lock never covered any race 955 between a new association and proc_clear_tty but possible we need 956 to protect against this anyway */ 957 struct task_struct *tsk = current; 958 disassociate_ctty(0); 959 proc_clear_tty(tsk); 960 } 961 962 963 /** 964 * stop_tty - propagate flow control 965 * @tty: tty to stop 966 * 967 * Perform flow control to the driver. May be called 968 * on an already stopped device and will not re-call the driver 969 * method. 970 * 971 * This functionality is used by both the line disciplines for 972 * halting incoming flow and by the driver. It may therefore be 973 * called from any context, may be under the tty atomic_write_lock 974 * but not always. 975 * 976 * Locking: 977 * flow_lock 978 */ 979 980 void __stop_tty(struct tty_struct *tty) 981 { 982 if (tty->stopped) 983 return; 984 tty->stopped = 1; 985 if (tty->ops->stop) 986 tty->ops->stop(tty); 987 } 988 989 void stop_tty(struct tty_struct *tty) 990 { 991 unsigned long flags; 992 993 spin_lock_irqsave(&tty->flow_lock, flags); 994 __stop_tty(tty); 995 spin_unlock_irqrestore(&tty->flow_lock, flags); 996 } 997 EXPORT_SYMBOL(stop_tty); 998 999 /** 1000 * start_tty - propagate flow control 1001 * @tty: tty to start 1002 * 1003 * Start a tty that has been stopped if at all possible. If this 1004 * tty was previous stopped and is now being started, the driver 1005 * start method is invoked and the line discipline woken. 1006 * 1007 * Locking: 1008 * flow_lock 1009 */ 1010 1011 void __start_tty(struct tty_struct *tty) 1012 { 1013 if (!tty->stopped || tty->flow_stopped) 1014 return; 1015 tty->stopped = 0; 1016 if (tty->ops->start) 1017 tty->ops->start(tty); 1018 tty_wakeup(tty); 1019 } 1020 1021 void start_tty(struct tty_struct *tty) 1022 { 1023 unsigned long flags; 1024 1025 spin_lock_irqsave(&tty->flow_lock, flags); 1026 __start_tty(tty); 1027 spin_unlock_irqrestore(&tty->flow_lock, flags); 1028 } 1029 EXPORT_SYMBOL(start_tty); 1030 1031 static void tty_update_time(struct timespec *time) 1032 { 1033 unsigned long sec = get_seconds(); 1034 1035 /* 1036 * We only care if the two values differ in anything other than the 1037 * lower three bits (i.e every 8 seconds). If so, then we can update 1038 * the time of the tty device, otherwise it could be construded as a 1039 * security leak to let userspace know the exact timing of the tty. 1040 */ 1041 if ((sec ^ time->tv_sec) & ~7) 1042 time->tv_sec = sec; 1043 } 1044 1045 /** 1046 * tty_read - read method for tty device files 1047 * @file: pointer to tty file 1048 * @buf: user buffer 1049 * @count: size of user buffer 1050 * @ppos: unused 1051 * 1052 * Perform the read system call function on this terminal device. Checks 1053 * for hung up devices before calling the line discipline method. 1054 * 1055 * Locking: 1056 * Locks the line discipline internally while needed. Multiple 1057 * read calls may be outstanding in parallel. 1058 */ 1059 1060 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 1061 loff_t *ppos) 1062 { 1063 int i; 1064 struct inode *inode = file_inode(file); 1065 struct tty_struct *tty = file_tty(file); 1066 struct tty_ldisc *ld; 1067 1068 if (tty_paranoia_check(tty, inode, "tty_read")) 1069 return -EIO; 1070 if (!tty || tty_io_error(tty)) 1071 return -EIO; 1072 1073 /* We want to wait for the line discipline to sort out in this 1074 situation */ 1075 ld = tty_ldisc_ref_wait(tty); 1076 if (!ld) 1077 return hung_up_tty_read(file, buf, count, ppos); 1078 if (ld->ops->read) 1079 i = ld->ops->read(tty, file, buf, count); 1080 else 1081 i = -EIO; 1082 tty_ldisc_deref(ld); 1083 1084 if (i > 0) 1085 tty_update_time(&inode->i_atime); 1086 1087 return i; 1088 } 1089 1090 static void tty_write_unlock(struct tty_struct *tty) 1091 { 1092 mutex_unlock(&tty->atomic_write_lock); 1093 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 1094 } 1095 1096 static int tty_write_lock(struct tty_struct *tty, int ndelay) 1097 { 1098 if (!mutex_trylock(&tty->atomic_write_lock)) { 1099 if (ndelay) 1100 return -EAGAIN; 1101 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 1102 return -ERESTARTSYS; 1103 } 1104 return 0; 1105 } 1106 1107 /* 1108 * Split writes up in sane blocksizes to avoid 1109 * denial-of-service type attacks 1110 */ 1111 static inline ssize_t do_tty_write( 1112 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1113 struct tty_struct *tty, 1114 struct file *file, 1115 const char __user *buf, 1116 size_t count) 1117 { 1118 ssize_t ret, written = 0; 1119 unsigned int chunk; 1120 1121 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1122 if (ret < 0) 1123 return ret; 1124 1125 /* 1126 * We chunk up writes into a temporary buffer. This 1127 * simplifies low-level drivers immensely, since they 1128 * don't have locking issues and user mode accesses. 1129 * 1130 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1131 * big chunk-size.. 1132 * 1133 * The default chunk-size is 2kB, because the NTTY 1134 * layer has problems with bigger chunks. It will 1135 * claim to be able to handle more characters than 1136 * it actually does. 1137 * 1138 * FIXME: This can probably go away now except that 64K chunks 1139 * are too likely to fail unless switched to vmalloc... 1140 */ 1141 chunk = 2048; 1142 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1143 chunk = 65536; 1144 if (count < chunk) 1145 chunk = count; 1146 1147 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1148 if (tty->write_cnt < chunk) { 1149 unsigned char *buf_chunk; 1150 1151 if (chunk < 1024) 1152 chunk = 1024; 1153 1154 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1155 if (!buf_chunk) { 1156 ret = -ENOMEM; 1157 goto out; 1158 } 1159 kfree(tty->write_buf); 1160 tty->write_cnt = chunk; 1161 tty->write_buf = buf_chunk; 1162 } 1163 1164 /* Do the write .. */ 1165 for (;;) { 1166 size_t size = count; 1167 if (size > chunk) 1168 size = chunk; 1169 ret = -EFAULT; 1170 if (copy_from_user(tty->write_buf, buf, size)) 1171 break; 1172 ret = write(tty, file, tty->write_buf, size); 1173 if (ret <= 0) 1174 break; 1175 written += ret; 1176 buf += ret; 1177 count -= ret; 1178 if (!count) 1179 break; 1180 ret = -ERESTARTSYS; 1181 if (signal_pending(current)) 1182 break; 1183 cond_resched(); 1184 } 1185 if (written) { 1186 tty_update_time(&file_inode(file)->i_mtime); 1187 ret = written; 1188 } 1189 out: 1190 tty_write_unlock(tty); 1191 return ret; 1192 } 1193 1194 /** 1195 * tty_write_message - write a message to a certain tty, not just the console. 1196 * @tty: the destination tty_struct 1197 * @msg: the message to write 1198 * 1199 * This is used for messages that need to be redirected to a specific tty. 1200 * We don't put it into the syslog queue right now maybe in the future if 1201 * really needed. 1202 * 1203 * We must still hold the BTM and test the CLOSING flag for the moment. 1204 */ 1205 1206 void tty_write_message(struct tty_struct *tty, char *msg) 1207 { 1208 if (tty) { 1209 mutex_lock(&tty->atomic_write_lock); 1210 tty_lock(tty); 1211 if (tty->ops->write && tty->count > 0) 1212 tty->ops->write(tty, msg, strlen(msg)); 1213 tty_unlock(tty); 1214 tty_write_unlock(tty); 1215 } 1216 return; 1217 } 1218 1219 1220 /** 1221 * tty_write - write method for tty device file 1222 * @file: tty file pointer 1223 * @buf: user data to write 1224 * @count: bytes to write 1225 * @ppos: unused 1226 * 1227 * Write data to a tty device via the line discipline. 1228 * 1229 * Locking: 1230 * Locks the line discipline as required 1231 * Writes to the tty driver are serialized by the atomic_write_lock 1232 * and are then processed in chunks to the device. The line discipline 1233 * write method will not be invoked in parallel for each device. 1234 */ 1235 1236 static ssize_t tty_write(struct file *file, const char __user *buf, 1237 size_t count, loff_t *ppos) 1238 { 1239 struct tty_struct *tty = file_tty(file); 1240 struct tty_ldisc *ld; 1241 ssize_t ret; 1242 1243 if (tty_paranoia_check(tty, file_inode(file), "tty_write")) 1244 return -EIO; 1245 if (!tty || !tty->ops->write || tty_io_error(tty)) 1246 return -EIO; 1247 /* Short term debug to catch buggy drivers */ 1248 if (tty->ops->write_room == NULL) 1249 tty_err(tty, "missing write_room method\n"); 1250 ld = tty_ldisc_ref_wait(tty); 1251 if (!ld) 1252 return hung_up_tty_write(file, buf, count, ppos); 1253 if (!ld->ops->write) 1254 ret = -EIO; 1255 else 1256 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1257 tty_ldisc_deref(ld); 1258 return ret; 1259 } 1260 1261 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1262 size_t count, loff_t *ppos) 1263 { 1264 struct file *p = NULL; 1265 1266 spin_lock(&redirect_lock); 1267 if (redirect) 1268 p = get_file(redirect); 1269 spin_unlock(&redirect_lock); 1270 1271 if (p) { 1272 ssize_t res; 1273 res = vfs_write(p, buf, count, &p->f_pos); 1274 fput(p); 1275 return res; 1276 } 1277 return tty_write(file, buf, count, ppos); 1278 } 1279 1280 /** 1281 * tty_send_xchar - send priority character 1282 * 1283 * Send a high priority character to the tty even if stopped 1284 * 1285 * Locking: none for xchar method, write ordering for write method. 1286 */ 1287 1288 int tty_send_xchar(struct tty_struct *tty, char ch) 1289 { 1290 int was_stopped = tty->stopped; 1291 1292 if (tty->ops->send_xchar) { 1293 down_read(&tty->termios_rwsem); 1294 tty->ops->send_xchar(tty, ch); 1295 up_read(&tty->termios_rwsem); 1296 return 0; 1297 } 1298 1299 if (tty_write_lock(tty, 0) < 0) 1300 return -ERESTARTSYS; 1301 1302 down_read(&tty->termios_rwsem); 1303 if (was_stopped) 1304 start_tty(tty); 1305 tty->ops->write(tty, &ch, 1); 1306 if (was_stopped) 1307 stop_tty(tty); 1308 up_read(&tty->termios_rwsem); 1309 tty_write_unlock(tty); 1310 return 0; 1311 } 1312 1313 static char ptychar[] = "pqrstuvwxyzabcde"; 1314 1315 /** 1316 * pty_line_name - generate name for a pty 1317 * @driver: the tty driver in use 1318 * @index: the minor number 1319 * @p: output buffer of at least 6 bytes 1320 * 1321 * Generate a name from a driver reference and write it to the output 1322 * buffer. 1323 * 1324 * Locking: None 1325 */ 1326 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1327 { 1328 int i = index + driver->name_base; 1329 /* ->name is initialized to "ttyp", but "tty" is expected */ 1330 sprintf(p, "%s%c%x", 1331 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1332 ptychar[i >> 4 & 0xf], i & 0xf); 1333 } 1334 1335 /** 1336 * tty_line_name - generate name for a tty 1337 * @driver: the tty driver in use 1338 * @index: the minor number 1339 * @p: output buffer of at least 7 bytes 1340 * 1341 * Generate a name from a driver reference and write it to the output 1342 * buffer. 1343 * 1344 * Locking: None 1345 */ 1346 static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p) 1347 { 1348 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE) 1349 return sprintf(p, "%s", driver->name); 1350 else 1351 return sprintf(p, "%s%d", driver->name, 1352 index + driver->name_base); 1353 } 1354 1355 /** 1356 * tty_driver_lookup_tty() - find an existing tty, if any 1357 * @driver: the driver for the tty 1358 * @idx: the minor number 1359 * 1360 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the 1361 * driver lookup() method returns an error. 1362 * 1363 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref. 1364 */ 1365 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1366 struct file *file, int idx) 1367 { 1368 struct tty_struct *tty; 1369 1370 if (driver->ops->lookup) 1371 tty = driver->ops->lookup(driver, file, idx); 1372 else 1373 tty = driver->ttys[idx]; 1374 1375 if (!IS_ERR(tty)) 1376 tty_kref_get(tty); 1377 return tty; 1378 } 1379 1380 /** 1381 * tty_init_termios - helper for termios setup 1382 * @tty: the tty to set up 1383 * 1384 * Initialise the termios structures for this tty. Thus runs under 1385 * the tty_mutex currently so we can be relaxed about ordering. 1386 */ 1387 1388 void tty_init_termios(struct tty_struct *tty) 1389 { 1390 struct ktermios *tp; 1391 int idx = tty->index; 1392 1393 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1394 tty->termios = tty->driver->init_termios; 1395 else { 1396 /* Check for lazy saved data */ 1397 tp = tty->driver->termios[idx]; 1398 if (tp != NULL) { 1399 tty->termios = *tp; 1400 tty->termios.c_line = tty->driver->init_termios.c_line; 1401 } else 1402 tty->termios = tty->driver->init_termios; 1403 } 1404 /* Compatibility until drivers always set this */ 1405 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios); 1406 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios); 1407 } 1408 EXPORT_SYMBOL_GPL(tty_init_termios); 1409 1410 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1411 { 1412 tty_init_termios(tty); 1413 tty_driver_kref_get(driver); 1414 tty->count++; 1415 driver->ttys[tty->index] = tty; 1416 return 0; 1417 } 1418 EXPORT_SYMBOL_GPL(tty_standard_install); 1419 1420 /** 1421 * tty_driver_install_tty() - install a tty entry in the driver 1422 * @driver: the driver for the tty 1423 * @tty: the tty 1424 * 1425 * Install a tty object into the driver tables. The tty->index field 1426 * will be set by the time this is called. This method is responsible 1427 * for ensuring any need additional structures are allocated and 1428 * configured. 1429 * 1430 * Locking: tty_mutex for now 1431 */ 1432 static int tty_driver_install_tty(struct tty_driver *driver, 1433 struct tty_struct *tty) 1434 { 1435 return driver->ops->install ? driver->ops->install(driver, tty) : 1436 tty_standard_install(driver, tty); 1437 } 1438 1439 /** 1440 * tty_driver_remove_tty() - remove a tty from the driver tables 1441 * @driver: the driver for the tty 1442 * @idx: the minor number 1443 * 1444 * Remvoe a tty object from the driver tables. The tty->index field 1445 * will be set by the time this is called. 1446 * 1447 * Locking: tty_mutex for now 1448 */ 1449 static void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1450 { 1451 if (driver->ops->remove) 1452 driver->ops->remove(driver, tty); 1453 else 1454 driver->ttys[tty->index] = NULL; 1455 } 1456 1457 /* 1458 * tty_reopen() - fast re-open of an open tty 1459 * @tty - the tty to open 1460 * 1461 * Return 0 on success, -errno on error. 1462 * Re-opens on master ptys are not allowed and return -EIO. 1463 * 1464 * Locking: Caller must hold tty_lock 1465 */ 1466 static int tty_reopen(struct tty_struct *tty) 1467 { 1468 struct tty_driver *driver = tty->driver; 1469 1470 if (driver->type == TTY_DRIVER_TYPE_PTY && 1471 driver->subtype == PTY_TYPE_MASTER) 1472 return -EIO; 1473 1474 if (!tty->count) 1475 return -EAGAIN; 1476 1477 if (test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN)) 1478 return -EBUSY; 1479 1480 tty->count++; 1481 1482 if (!tty->ldisc) 1483 return tty_ldisc_reinit(tty, tty->termios.c_line); 1484 1485 return 0; 1486 } 1487 1488 /** 1489 * tty_init_dev - initialise a tty device 1490 * @driver: tty driver we are opening a device on 1491 * @idx: device index 1492 * @ret_tty: returned tty structure 1493 * 1494 * Prepare a tty device. This may not be a "new" clean device but 1495 * could also be an active device. The pty drivers require special 1496 * handling because of this. 1497 * 1498 * Locking: 1499 * The function is called under the tty_mutex, which 1500 * protects us from the tty struct or driver itself going away. 1501 * 1502 * On exit the tty device has the line discipline attached and 1503 * a reference count of 1. If a pair was created for pty/tty use 1504 * and the other was a pty master then it too has a reference count of 1. 1505 * 1506 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1507 * failed open. The new code protects the open with a mutex, so it's 1508 * really quite straightforward. The mutex locking can probably be 1509 * relaxed for the (most common) case of reopening a tty. 1510 */ 1511 1512 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1513 { 1514 struct tty_struct *tty; 1515 int retval; 1516 1517 /* 1518 * First time open is complex, especially for PTY devices. 1519 * This code guarantees that either everything succeeds and the 1520 * TTY is ready for operation, or else the table slots are vacated 1521 * and the allocated memory released. (Except that the termios 1522 * and locked termios may be retained.) 1523 */ 1524 1525 if (!try_module_get(driver->owner)) 1526 return ERR_PTR(-ENODEV); 1527 1528 tty = alloc_tty_struct(driver, idx); 1529 if (!tty) { 1530 retval = -ENOMEM; 1531 goto err_module_put; 1532 } 1533 1534 tty_lock(tty); 1535 retval = tty_driver_install_tty(driver, tty); 1536 if (retval < 0) 1537 goto err_free_tty; 1538 1539 if (!tty->port) 1540 tty->port = driver->ports[idx]; 1541 1542 WARN_RATELIMIT(!tty->port, 1543 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n", 1544 __func__, tty->driver->name); 1545 1546 tty->port->itty = tty; 1547 1548 /* 1549 * Structures all installed ... call the ldisc open routines. 1550 * If we fail here just call release_tty to clean up. No need 1551 * to decrement the use counts, as release_tty doesn't care. 1552 */ 1553 retval = tty_ldisc_setup(tty, tty->link); 1554 if (retval) 1555 goto err_release_tty; 1556 /* Return the tty locked so that it cannot vanish under the caller */ 1557 return tty; 1558 1559 err_free_tty: 1560 tty_unlock(tty); 1561 free_tty_struct(tty); 1562 err_module_put: 1563 module_put(driver->owner); 1564 return ERR_PTR(retval); 1565 1566 /* call the tty release_tty routine to clean out this slot */ 1567 err_release_tty: 1568 tty_unlock(tty); 1569 tty_info_ratelimited(tty, "ldisc open failed (%d), clearing slot %d\n", 1570 retval, idx); 1571 release_tty(tty, idx); 1572 return ERR_PTR(retval); 1573 } 1574 1575 static void tty_free_termios(struct tty_struct *tty) 1576 { 1577 struct ktermios *tp; 1578 int idx = tty->index; 1579 1580 /* If the port is going to reset then it has no termios to save */ 1581 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1582 return; 1583 1584 /* Stash the termios data */ 1585 tp = tty->driver->termios[idx]; 1586 if (tp == NULL) { 1587 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL); 1588 if (tp == NULL) 1589 return; 1590 tty->driver->termios[idx] = tp; 1591 } 1592 *tp = tty->termios; 1593 } 1594 1595 /** 1596 * tty_flush_works - flush all works of a tty/pty pair 1597 * @tty: tty device to flush works for (or either end of a pty pair) 1598 * 1599 * Sync flush all works belonging to @tty (and the 'other' tty). 1600 */ 1601 static void tty_flush_works(struct tty_struct *tty) 1602 { 1603 flush_work(&tty->SAK_work); 1604 flush_work(&tty->hangup_work); 1605 if (tty->link) { 1606 flush_work(&tty->link->SAK_work); 1607 flush_work(&tty->link->hangup_work); 1608 } 1609 } 1610 1611 /** 1612 * release_one_tty - release tty structure memory 1613 * @kref: kref of tty we are obliterating 1614 * 1615 * Releases memory associated with a tty structure, and clears out the 1616 * driver table slots. This function is called when a device is no longer 1617 * in use. It also gets called when setup of a device fails. 1618 * 1619 * Locking: 1620 * takes the file list lock internally when working on the list 1621 * of ttys that the driver keeps. 1622 * 1623 * This method gets called from a work queue so that the driver private 1624 * cleanup ops can sleep (needed for USB at least) 1625 */ 1626 static void release_one_tty(struct work_struct *work) 1627 { 1628 struct tty_struct *tty = 1629 container_of(work, struct tty_struct, hangup_work); 1630 struct tty_driver *driver = tty->driver; 1631 struct module *owner = driver->owner; 1632 1633 if (tty->ops->cleanup) 1634 tty->ops->cleanup(tty); 1635 1636 tty->magic = 0; 1637 tty_driver_kref_put(driver); 1638 module_put(owner); 1639 1640 spin_lock(&tty->files_lock); 1641 list_del_init(&tty->tty_files); 1642 spin_unlock(&tty->files_lock); 1643 1644 put_pid(tty->pgrp); 1645 put_pid(tty->session); 1646 free_tty_struct(tty); 1647 } 1648 1649 static void queue_release_one_tty(struct kref *kref) 1650 { 1651 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1652 1653 /* The hangup queue is now free so we can reuse it rather than 1654 waste a chunk of memory for each port */ 1655 INIT_WORK(&tty->hangup_work, release_one_tty); 1656 schedule_work(&tty->hangup_work); 1657 } 1658 1659 /** 1660 * tty_kref_put - release a tty kref 1661 * @tty: tty device 1662 * 1663 * Release a reference to a tty device and if need be let the kref 1664 * layer destruct the object for us 1665 */ 1666 1667 void tty_kref_put(struct tty_struct *tty) 1668 { 1669 if (tty) 1670 kref_put(&tty->kref, queue_release_one_tty); 1671 } 1672 EXPORT_SYMBOL(tty_kref_put); 1673 1674 /** 1675 * release_tty - release tty structure memory 1676 * 1677 * Release both @tty and a possible linked partner (think pty pair), 1678 * and decrement the refcount of the backing module. 1679 * 1680 * Locking: 1681 * tty_mutex 1682 * takes the file list lock internally when working on the list 1683 * of ttys that the driver keeps. 1684 * 1685 */ 1686 static void release_tty(struct tty_struct *tty, int idx) 1687 { 1688 /* This should always be true but check for the moment */ 1689 WARN_ON(tty->index != idx); 1690 WARN_ON(!mutex_is_locked(&tty_mutex)); 1691 if (tty->ops->shutdown) 1692 tty->ops->shutdown(tty); 1693 tty_free_termios(tty); 1694 tty_driver_remove_tty(tty->driver, tty); 1695 tty->port->itty = NULL; 1696 if (tty->link) 1697 tty->link->port->itty = NULL; 1698 tty_buffer_cancel_work(tty->port); 1699 1700 tty_kref_put(tty->link); 1701 tty_kref_put(tty); 1702 } 1703 1704 /** 1705 * tty_release_checks - check a tty before real release 1706 * @tty: tty to check 1707 * @o_tty: link of @tty (if any) 1708 * @idx: index of the tty 1709 * 1710 * Performs some paranoid checking before true release of the @tty. 1711 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1712 */ 1713 static int tty_release_checks(struct tty_struct *tty, int idx) 1714 { 1715 #ifdef TTY_PARANOIA_CHECK 1716 if (idx < 0 || idx >= tty->driver->num) { 1717 tty_debug(tty, "bad idx %d\n", idx); 1718 return -1; 1719 } 1720 1721 /* not much to check for devpts */ 1722 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1723 return 0; 1724 1725 if (tty != tty->driver->ttys[idx]) { 1726 tty_debug(tty, "bad driver table[%d] = %p\n", 1727 idx, tty->driver->ttys[idx]); 1728 return -1; 1729 } 1730 if (tty->driver->other) { 1731 struct tty_struct *o_tty = tty->link; 1732 1733 if (o_tty != tty->driver->other->ttys[idx]) { 1734 tty_debug(tty, "bad other table[%d] = %p\n", 1735 idx, tty->driver->other->ttys[idx]); 1736 return -1; 1737 } 1738 if (o_tty->link != tty) { 1739 tty_debug(tty, "bad link = %p\n", o_tty->link); 1740 return -1; 1741 } 1742 } 1743 #endif 1744 return 0; 1745 } 1746 1747 /** 1748 * tty_release_struct - release a tty struct 1749 * @tty: tty device 1750 * @idx: index of the tty 1751 * 1752 * Performs the final steps to release and free a tty device. It is 1753 * roughly the reverse of tty_init_dev. 1754 */ 1755 void tty_release_struct(struct tty_struct *tty, int idx) 1756 { 1757 /* 1758 * Ask the line discipline code to release its structures 1759 */ 1760 tty_ldisc_release(tty); 1761 1762 /* Wait for pending work before tty destruction commmences */ 1763 tty_flush_works(tty); 1764 1765 tty_debug_hangup(tty, "freeing structure\n"); 1766 /* 1767 * The release_tty function takes care of the details of clearing 1768 * the slots and preserving the termios structure. The tty_unlock_pair 1769 * should be safe as we keep a kref while the tty is locked (so the 1770 * unlock never unlocks a freed tty). 1771 */ 1772 mutex_lock(&tty_mutex); 1773 release_tty(tty, idx); 1774 mutex_unlock(&tty_mutex); 1775 } 1776 EXPORT_SYMBOL_GPL(tty_release_struct); 1777 1778 /** 1779 * tty_release - vfs callback for close 1780 * @inode: inode of tty 1781 * @filp: file pointer for handle to tty 1782 * 1783 * Called the last time each file handle is closed that references 1784 * this tty. There may however be several such references. 1785 * 1786 * Locking: 1787 * Takes bkl. See tty_release_dev 1788 * 1789 * Even releasing the tty structures is a tricky business.. We have 1790 * to be very careful that the structures are all released at the 1791 * same time, as interrupts might otherwise get the wrong pointers. 1792 * 1793 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1794 * lead to double frees or releasing memory still in use. 1795 */ 1796 1797 int tty_release(struct inode *inode, struct file *filp) 1798 { 1799 struct tty_struct *tty = file_tty(filp); 1800 struct tty_struct *o_tty = NULL; 1801 int do_sleep, final; 1802 int idx; 1803 long timeout = 0; 1804 int once = 1; 1805 1806 if (tty_paranoia_check(tty, inode, __func__)) 1807 return 0; 1808 1809 tty_lock(tty); 1810 check_tty_count(tty, __func__); 1811 1812 __tty_fasync(-1, filp, 0); 1813 1814 idx = tty->index; 1815 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1816 tty->driver->subtype == PTY_TYPE_MASTER) 1817 o_tty = tty->link; 1818 1819 if (tty_release_checks(tty, idx)) { 1820 tty_unlock(tty); 1821 return 0; 1822 } 1823 1824 tty_debug_hangup(tty, "releasing (count=%d)\n", tty->count); 1825 1826 if (tty->ops->close) 1827 tty->ops->close(tty, filp); 1828 1829 /* If tty is pty master, lock the slave pty (stable lock order) */ 1830 tty_lock_slave(o_tty); 1831 1832 /* 1833 * Sanity check: if tty->count is going to zero, there shouldn't be 1834 * any waiters on tty->read_wait or tty->write_wait. We test the 1835 * wait queues and kick everyone out _before_ actually starting to 1836 * close. This ensures that we won't block while releasing the tty 1837 * structure. 1838 * 1839 * The test for the o_tty closing is necessary, since the master and 1840 * slave sides may close in any order. If the slave side closes out 1841 * first, its count will be one, since the master side holds an open. 1842 * Thus this test wouldn't be triggered at the time the slave closed, 1843 * so we do it now. 1844 */ 1845 while (1) { 1846 do_sleep = 0; 1847 1848 if (tty->count <= 1) { 1849 if (waitqueue_active(&tty->read_wait)) { 1850 wake_up_poll(&tty->read_wait, POLLIN); 1851 do_sleep++; 1852 } 1853 if (waitqueue_active(&tty->write_wait)) { 1854 wake_up_poll(&tty->write_wait, POLLOUT); 1855 do_sleep++; 1856 } 1857 } 1858 if (o_tty && o_tty->count <= 1) { 1859 if (waitqueue_active(&o_tty->read_wait)) { 1860 wake_up_poll(&o_tty->read_wait, POLLIN); 1861 do_sleep++; 1862 } 1863 if (waitqueue_active(&o_tty->write_wait)) { 1864 wake_up_poll(&o_tty->write_wait, POLLOUT); 1865 do_sleep++; 1866 } 1867 } 1868 if (!do_sleep) 1869 break; 1870 1871 if (once) { 1872 once = 0; 1873 tty_warn(tty, "read/write wait queue active!\n"); 1874 } 1875 schedule_timeout_killable(timeout); 1876 if (timeout < 120 * HZ) 1877 timeout = 2 * timeout + 1; 1878 else 1879 timeout = MAX_SCHEDULE_TIMEOUT; 1880 } 1881 1882 if (o_tty) { 1883 if (--o_tty->count < 0) { 1884 tty_warn(tty, "bad slave count (%d)\n", o_tty->count); 1885 o_tty->count = 0; 1886 } 1887 } 1888 if (--tty->count < 0) { 1889 tty_warn(tty, "bad tty->count (%d)\n", tty->count); 1890 tty->count = 0; 1891 } 1892 1893 /* 1894 * We've decremented tty->count, so we need to remove this file 1895 * descriptor off the tty->tty_files list; this serves two 1896 * purposes: 1897 * - check_tty_count sees the correct number of file descriptors 1898 * associated with this tty. 1899 * - do_tty_hangup no longer sees this file descriptor as 1900 * something that needs to be handled for hangups. 1901 */ 1902 tty_del_file(filp); 1903 1904 /* 1905 * Perform some housekeeping before deciding whether to return. 1906 * 1907 * If _either_ side is closing, make sure there aren't any 1908 * processes that still think tty or o_tty is their controlling 1909 * tty. 1910 */ 1911 if (!tty->count) { 1912 read_lock(&tasklist_lock); 1913 session_clear_tty(tty->session); 1914 if (o_tty) 1915 session_clear_tty(o_tty->session); 1916 read_unlock(&tasklist_lock); 1917 } 1918 1919 /* check whether both sides are closing ... */ 1920 final = !tty->count && !(o_tty && o_tty->count); 1921 1922 tty_unlock_slave(o_tty); 1923 tty_unlock(tty); 1924 1925 /* At this point, the tty->count == 0 should ensure a dead tty 1926 cannot be re-opened by a racing opener */ 1927 1928 if (!final) 1929 return 0; 1930 1931 tty_debug_hangup(tty, "final close\n"); 1932 1933 tty_release_struct(tty, idx); 1934 return 0; 1935 } 1936 1937 /** 1938 * tty_open_current_tty - get locked tty of current task 1939 * @device: device number 1940 * @filp: file pointer to tty 1941 * @return: locked tty of the current task iff @device is /dev/tty 1942 * 1943 * Performs a re-open of the current task's controlling tty. 1944 * 1945 * We cannot return driver and index like for the other nodes because 1946 * devpts will not work then. It expects inodes to be from devpts FS. 1947 */ 1948 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1949 { 1950 struct tty_struct *tty; 1951 int retval; 1952 1953 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1954 return NULL; 1955 1956 tty = get_current_tty(); 1957 if (!tty) 1958 return ERR_PTR(-ENXIO); 1959 1960 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1961 /* noctty = 1; */ 1962 tty_lock(tty); 1963 tty_kref_put(tty); /* safe to drop the kref now */ 1964 1965 retval = tty_reopen(tty); 1966 if (retval < 0) { 1967 tty_unlock(tty); 1968 tty = ERR_PTR(retval); 1969 } 1970 return tty; 1971 } 1972 1973 /** 1974 * tty_lookup_driver - lookup a tty driver for a given device file 1975 * @device: device number 1976 * @filp: file pointer to tty 1977 * @index: index for the device in the @return driver 1978 * @return: driver for this inode (with increased refcount) 1979 * 1980 * If @return is not erroneous, the caller is responsible to decrement the 1981 * refcount by tty_driver_kref_put. 1982 * 1983 * Locking: tty_mutex protects get_tty_driver 1984 */ 1985 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1986 int *index) 1987 { 1988 struct tty_driver *driver; 1989 1990 switch (device) { 1991 #ifdef CONFIG_VT 1992 case MKDEV(TTY_MAJOR, 0): { 1993 extern struct tty_driver *console_driver; 1994 driver = tty_driver_kref_get(console_driver); 1995 *index = fg_console; 1996 break; 1997 } 1998 #endif 1999 case MKDEV(TTYAUX_MAJOR, 1): { 2000 struct tty_driver *console_driver = console_device(index); 2001 if (console_driver) { 2002 driver = tty_driver_kref_get(console_driver); 2003 if (driver) { 2004 /* Don't let /dev/console block */ 2005 filp->f_flags |= O_NONBLOCK; 2006 break; 2007 } 2008 } 2009 return ERR_PTR(-ENODEV); 2010 } 2011 default: 2012 driver = get_tty_driver(device, index); 2013 if (!driver) 2014 return ERR_PTR(-ENODEV); 2015 break; 2016 } 2017 return driver; 2018 } 2019 2020 /** 2021 * tty_open_by_driver - open a tty device 2022 * @device: dev_t of device to open 2023 * @inode: inode of device file 2024 * @filp: file pointer to tty 2025 * 2026 * Performs the driver lookup, checks for a reopen, or otherwise 2027 * performs the first-time tty initialization. 2028 * 2029 * Returns the locked initialized or re-opened &tty_struct 2030 * 2031 * Claims the global tty_mutex to serialize: 2032 * - concurrent first-time tty initialization 2033 * - concurrent tty driver removal w/ lookup 2034 * - concurrent tty removal from driver table 2035 */ 2036 static struct tty_struct *tty_open_by_driver(dev_t device, struct inode *inode, 2037 struct file *filp) 2038 { 2039 struct tty_struct *tty; 2040 struct tty_driver *driver = NULL; 2041 int index = -1; 2042 int retval; 2043 2044 mutex_lock(&tty_mutex); 2045 driver = tty_lookup_driver(device, filp, &index); 2046 if (IS_ERR(driver)) { 2047 mutex_unlock(&tty_mutex); 2048 return ERR_CAST(driver); 2049 } 2050 2051 /* check whether we're reopening an existing tty */ 2052 tty = tty_driver_lookup_tty(driver, filp, index); 2053 if (IS_ERR(tty)) { 2054 mutex_unlock(&tty_mutex); 2055 goto out; 2056 } 2057 2058 if (tty) { 2059 mutex_unlock(&tty_mutex); 2060 retval = tty_lock_interruptible(tty); 2061 tty_kref_put(tty); /* drop kref from tty_driver_lookup_tty() */ 2062 if (retval) { 2063 if (retval == -EINTR) 2064 retval = -ERESTARTSYS; 2065 tty = ERR_PTR(retval); 2066 goto out; 2067 } 2068 retval = tty_reopen(tty); 2069 if (retval < 0) { 2070 tty_unlock(tty); 2071 tty = ERR_PTR(retval); 2072 } 2073 } else { /* Returns with the tty_lock held for now */ 2074 tty = tty_init_dev(driver, index); 2075 mutex_unlock(&tty_mutex); 2076 } 2077 out: 2078 tty_driver_kref_put(driver); 2079 return tty; 2080 } 2081 2082 /** 2083 * tty_open - open a tty device 2084 * @inode: inode of device file 2085 * @filp: file pointer to tty 2086 * 2087 * tty_open and tty_release keep up the tty count that contains the 2088 * number of opens done on a tty. We cannot use the inode-count, as 2089 * different inodes might point to the same tty. 2090 * 2091 * Open-counting is needed for pty masters, as well as for keeping 2092 * track of serial lines: DTR is dropped when the last close happens. 2093 * (This is not done solely through tty->count, now. - Ted 1/27/92) 2094 * 2095 * The termios state of a pty is reset on first open so that 2096 * settings don't persist across reuse. 2097 * 2098 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 2099 * tty->count should protect the rest. 2100 * ->siglock protects ->signal/->sighand 2101 * 2102 * Note: the tty_unlock/lock cases without a ref are only safe due to 2103 * tty_mutex 2104 */ 2105 2106 static int tty_open(struct inode *inode, struct file *filp) 2107 { 2108 struct tty_struct *tty; 2109 int noctty, retval; 2110 dev_t device = inode->i_rdev; 2111 unsigned saved_flags = filp->f_flags; 2112 2113 nonseekable_open(inode, filp); 2114 2115 retry_open: 2116 retval = tty_alloc_file(filp); 2117 if (retval) 2118 return -ENOMEM; 2119 2120 tty = tty_open_current_tty(device, filp); 2121 if (!tty) 2122 tty = tty_open_by_driver(device, inode, filp); 2123 2124 if (IS_ERR(tty)) { 2125 tty_free_file(filp); 2126 retval = PTR_ERR(tty); 2127 if (retval != -EAGAIN || signal_pending(current)) 2128 return retval; 2129 schedule(); 2130 goto retry_open; 2131 } 2132 2133 tty_add_file(tty, filp); 2134 2135 check_tty_count(tty, __func__); 2136 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count); 2137 2138 if (tty->ops->open) 2139 retval = tty->ops->open(tty, filp); 2140 else 2141 retval = -ENODEV; 2142 filp->f_flags = saved_flags; 2143 2144 if (retval) { 2145 tty_debug_hangup(tty, "open error %d, releasing\n", retval); 2146 2147 tty_unlock(tty); /* need to call tty_release without BTM */ 2148 tty_release(inode, filp); 2149 if (retval != -ERESTARTSYS) 2150 return retval; 2151 2152 if (signal_pending(current)) 2153 return retval; 2154 2155 schedule(); 2156 /* 2157 * Need to reset f_op in case a hangup happened. 2158 */ 2159 if (tty_hung_up_p(filp)) 2160 filp->f_op = &tty_fops; 2161 goto retry_open; 2162 } 2163 clear_bit(TTY_HUPPED, &tty->flags); 2164 2165 2166 read_lock(&tasklist_lock); 2167 spin_lock_irq(¤t->sighand->siglock); 2168 noctty = (filp->f_flags & O_NOCTTY) || 2169 (IS_ENABLED(CONFIG_VT) && device == MKDEV(TTY_MAJOR, 0)) || 2170 device == MKDEV(TTYAUX_MAJOR, 1) || 2171 (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2172 tty->driver->subtype == PTY_TYPE_MASTER); 2173 2174 if (!noctty && 2175 current->signal->leader && 2176 !current->signal->tty && 2177 tty->session == NULL) { 2178 /* 2179 * Don't let a process that only has write access to the tty 2180 * obtain the privileges associated with having a tty as 2181 * controlling terminal (being able to reopen it with full 2182 * access through /dev/tty, being able to perform pushback). 2183 * Many distributions set the group of all ttys to "tty" and 2184 * grant write-only access to all terminals for setgid tty 2185 * binaries, which should not imply full privileges on all ttys. 2186 * 2187 * This could theoretically break old code that performs open() 2188 * on a write-only file descriptor. In that case, it might be 2189 * necessary to also permit this if 2190 * inode_permission(inode, MAY_READ) == 0. 2191 */ 2192 if (filp->f_mode & FMODE_READ) 2193 __proc_set_tty(tty); 2194 } 2195 spin_unlock_irq(¤t->sighand->siglock); 2196 read_unlock(&tasklist_lock); 2197 tty_unlock(tty); 2198 return 0; 2199 } 2200 2201 2202 2203 /** 2204 * tty_poll - check tty status 2205 * @filp: file being polled 2206 * @wait: poll wait structures to update 2207 * 2208 * Call the line discipline polling method to obtain the poll 2209 * status of the device. 2210 * 2211 * Locking: locks called line discipline but ldisc poll method 2212 * may be re-entered freely by other callers. 2213 */ 2214 2215 static unsigned int tty_poll(struct file *filp, poll_table *wait) 2216 { 2217 struct tty_struct *tty = file_tty(filp); 2218 struct tty_ldisc *ld; 2219 int ret = 0; 2220 2221 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll")) 2222 return 0; 2223 2224 ld = tty_ldisc_ref_wait(tty); 2225 if (!ld) 2226 return hung_up_tty_poll(filp, wait); 2227 if (ld->ops->poll) 2228 ret = ld->ops->poll(tty, filp, wait); 2229 tty_ldisc_deref(ld); 2230 return ret; 2231 } 2232 2233 static int __tty_fasync(int fd, struct file *filp, int on) 2234 { 2235 struct tty_struct *tty = file_tty(filp); 2236 unsigned long flags; 2237 int retval = 0; 2238 2239 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync")) 2240 goto out; 2241 2242 retval = fasync_helper(fd, filp, on, &tty->fasync); 2243 if (retval <= 0) 2244 goto out; 2245 2246 if (on) { 2247 enum pid_type type; 2248 struct pid *pid; 2249 2250 spin_lock_irqsave(&tty->ctrl_lock, flags); 2251 if (tty->pgrp) { 2252 pid = tty->pgrp; 2253 type = PIDTYPE_PGID; 2254 } else { 2255 pid = task_pid(current); 2256 type = PIDTYPE_PID; 2257 } 2258 get_pid(pid); 2259 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2260 __f_setown(filp, pid, type, 0); 2261 put_pid(pid); 2262 retval = 0; 2263 } 2264 out: 2265 return retval; 2266 } 2267 2268 static int tty_fasync(int fd, struct file *filp, int on) 2269 { 2270 struct tty_struct *tty = file_tty(filp); 2271 int retval = -ENOTTY; 2272 2273 tty_lock(tty); 2274 if (!tty_hung_up_p(filp)) 2275 retval = __tty_fasync(fd, filp, on); 2276 tty_unlock(tty); 2277 2278 return retval; 2279 } 2280 2281 /** 2282 * tiocsti - fake input character 2283 * @tty: tty to fake input into 2284 * @p: pointer to character 2285 * 2286 * Fake input to a tty device. Does the necessary locking and 2287 * input management. 2288 * 2289 * FIXME: does not honour flow control ?? 2290 * 2291 * Locking: 2292 * Called functions take tty_ldiscs_lock 2293 * current->signal->tty check is safe without locks 2294 * 2295 * FIXME: may race normal receive processing 2296 */ 2297 2298 static int tiocsti(struct tty_struct *tty, char __user *p) 2299 { 2300 char ch, mbz = 0; 2301 struct tty_ldisc *ld; 2302 2303 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2304 return -EPERM; 2305 if (get_user(ch, p)) 2306 return -EFAULT; 2307 tty_audit_tiocsti(tty, ch); 2308 ld = tty_ldisc_ref_wait(tty); 2309 if (!ld) 2310 return -EIO; 2311 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2312 tty_ldisc_deref(ld); 2313 return 0; 2314 } 2315 2316 /** 2317 * tiocgwinsz - implement window query ioctl 2318 * @tty; tty 2319 * @arg: user buffer for result 2320 * 2321 * Copies the kernel idea of the window size into the user buffer. 2322 * 2323 * Locking: tty->winsize_mutex is taken to ensure the winsize data 2324 * is consistent. 2325 */ 2326 2327 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2328 { 2329 int err; 2330 2331 mutex_lock(&tty->winsize_mutex); 2332 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2333 mutex_unlock(&tty->winsize_mutex); 2334 2335 return err ? -EFAULT: 0; 2336 } 2337 2338 /** 2339 * tty_do_resize - resize event 2340 * @tty: tty being resized 2341 * @rows: rows (character) 2342 * @cols: cols (character) 2343 * 2344 * Update the termios variables and send the necessary signals to 2345 * peform a terminal resize correctly 2346 */ 2347 2348 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2349 { 2350 struct pid *pgrp; 2351 2352 /* Lock the tty */ 2353 mutex_lock(&tty->winsize_mutex); 2354 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2355 goto done; 2356 2357 /* Signal the foreground process group */ 2358 pgrp = tty_get_pgrp(tty); 2359 if (pgrp) 2360 kill_pgrp(pgrp, SIGWINCH, 1); 2361 put_pid(pgrp); 2362 2363 tty->winsize = *ws; 2364 done: 2365 mutex_unlock(&tty->winsize_mutex); 2366 return 0; 2367 } 2368 EXPORT_SYMBOL(tty_do_resize); 2369 2370 /** 2371 * tiocswinsz - implement window size set ioctl 2372 * @tty; tty side of tty 2373 * @arg: user buffer for result 2374 * 2375 * Copies the user idea of the window size to the kernel. Traditionally 2376 * this is just advisory information but for the Linux console it 2377 * actually has driver level meaning and triggers a VC resize. 2378 * 2379 * Locking: 2380 * Driver dependent. The default do_resize method takes the 2381 * tty termios mutex and ctrl_lock. The console takes its own lock 2382 * then calls into the default method. 2383 */ 2384 2385 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2386 { 2387 struct winsize tmp_ws; 2388 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2389 return -EFAULT; 2390 2391 if (tty->ops->resize) 2392 return tty->ops->resize(tty, &tmp_ws); 2393 else 2394 return tty_do_resize(tty, &tmp_ws); 2395 } 2396 2397 /** 2398 * tioccons - allow admin to move logical console 2399 * @file: the file to become console 2400 * 2401 * Allow the administrator to move the redirected console device 2402 * 2403 * Locking: uses redirect_lock to guard the redirect information 2404 */ 2405 2406 static int tioccons(struct file *file) 2407 { 2408 if (!capable(CAP_SYS_ADMIN)) 2409 return -EPERM; 2410 if (file->f_op->write == redirected_tty_write) { 2411 struct file *f; 2412 spin_lock(&redirect_lock); 2413 f = redirect; 2414 redirect = NULL; 2415 spin_unlock(&redirect_lock); 2416 if (f) 2417 fput(f); 2418 return 0; 2419 } 2420 spin_lock(&redirect_lock); 2421 if (redirect) { 2422 spin_unlock(&redirect_lock); 2423 return -EBUSY; 2424 } 2425 redirect = get_file(file); 2426 spin_unlock(&redirect_lock); 2427 return 0; 2428 } 2429 2430 /** 2431 * fionbio - non blocking ioctl 2432 * @file: file to set blocking value 2433 * @p: user parameter 2434 * 2435 * Historical tty interfaces had a blocking control ioctl before 2436 * the generic functionality existed. This piece of history is preserved 2437 * in the expected tty API of posix OS's. 2438 * 2439 * Locking: none, the open file handle ensures it won't go away. 2440 */ 2441 2442 static int fionbio(struct file *file, int __user *p) 2443 { 2444 int nonblock; 2445 2446 if (get_user(nonblock, p)) 2447 return -EFAULT; 2448 2449 spin_lock(&file->f_lock); 2450 if (nonblock) 2451 file->f_flags |= O_NONBLOCK; 2452 else 2453 file->f_flags &= ~O_NONBLOCK; 2454 spin_unlock(&file->f_lock); 2455 return 0; 2456 } 2457 2458 /** 2459 * tiocsctty - set controlling tty 2460 * @tty: tty structure 2461 * @arg: user argument 2462 * 2463 * This ioctl is used to manage job control. It permits a session 2464 * leader to set this tty as the controlling tty for the session. 2465 * 2466 * Locking: 2467 * Takes tty_lock() to serialize proc_set_tty() for this tty 2468 * Takes tasklist_lock internally to walk sessions 2469 * Takes ->siglock() when updating signal->tty 2470 */ 2471 2472 static int tiocsctty(struct tty_struct *tty, struct file *file, int arg) 2473 { 2474 int ret = 0; 2475 2476 tty_lock(tty); 2477 read_lock(&tasklist_lock); 2478 2479 if (current->signal->leader && (task_session(current) == tty->session)) 2480 goto unlock; 2481 2482 /* 2483 * The process must be a session leader and 2484 * not have a controlling tty already. 2485 */ 2486 if (!current->signal->leader || current->signal->tty) { 2487 ret = -EPERM; 2488 goto unlock; 2489 } 2490 2491 if (tty->session) { 2492 /* 2493 * This tty is already the controlling 2494 * tty for another session group! 2495 */ 2496 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2497 /* 2498 * Steal it away 2499 */ 2500 session_clear_tty(tty->session); 2501 } else { 2502 ret = -EPERM; 2503 goto unlock; 2504 } 2505 } 2506 2507 /* See the comment in tty_open(). */ 2508 if ((file->f_mode & FMODE_READ) == 0 && !capable(CAP_SYS_ADMIN)) { 2509 ret = -EPERM; 2510 goto unlock; 2511 } 2512 2513 proc_set_tty(tty); 2514 unlock: 2515 read_unlock(&tasklist_lock); 2516 tty_unlock(tty); 2517 return ret; 2518 } 2519 2520 /** 2521 * tty_get_pgrp - return a ref counted pgrp pid 2522 * @tty: tty to read 2523 * 2524 * Returns a refcounted instance of the pid struct for the process 2525 * group controlling the tty. 2526 */ 2527 2528 struct pid *tty_get_pgrp(struct tty_struct *tty) 2529 { 2530 unsigned long flags; 2531 struct pid *pgrp; 2532 2533 spin_lock_irqsave(&tty->ctrl_lock, flags); 2534 pgrp = get_pid(tty->pgrp); 2535 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2536 2537 return pgrp; 2538 } 2539 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2540 2541 /* 2542 * This checks not only the pgrp, but falls back on the pid if no 2543 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly 2544 * without this... 2545 * 2546 * The caller must hold rcu lock or the tasklist lock. 2547 */ 2548 static struct pid *session_of_pgrp(struct pid *pgrp) 2549 { 2550 struct task_struct *p; 2551 struct pid *sid = NULL; 2552 2553 p = pid_task(pgrp, PIDTYPE_PGID); 2554 if (p == NULL) 2555 p = pid_task(pgrp, PIDTYPE_PID); 2556 if (p != NULL) 2557 sid = task_session(p); 2558 2559 return sid; 2560 } 2561 2562 /** 2563 * tiocgpgrp - get process group 2564 * @tty: tty passed by user 2565 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2566 * @p: returned pid 2567 * 2568 * Obtain the process group of the tty. If there is no process group 2569 * return an error. 2570 * 2571 * Locking: none. Reference to current->signal->tty is safe. 2572 */ 2573 2574 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2575 { 2576 struct pid *pid; 2577 int ret; 2578 /* 2579 * (tty == real_tty) is a cheap way of 2580 * testing if the tty is NOT a master pty. 2581 */ 2582 if (tty == real_tty && current->signal->tty != real_tty) 2583 return -ENOTTY; 2584 pid = tty_get_pgrp(real_tty); 2585 ret = put_user(pid_vnr(pid), p); 2586 put_pid(pid); 2587 return ret; 2588 } 2589 2590 /** 2591 * tiocspgrp - attempt to set process group 2592 * @tty: tty passed by user 2593 * @real_tty: tty side device matching tty passed by user 2594 * @p: pid pointer 2595 * 2596 * Set the process group of the tty to the session passed. Only 2597 * permitted where the tty session is our session. 2598 * 2599 * Locking: RCU, ctrl lock 2600 */ 2601 2602 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2603 { 2604 struct pid *pgrp; 2605 pid_t pgrp_nr; 2606 int retval = tty_check_change(real_tty); 2607 2608 if (retval == -EIO) 2609 return -ENOTTY; 2610 if (retval) 2611 return retval; 2612 if (!current->signal->tty || 2613 (current->signal->tty != real_tty) || 2614 (real_tty->session != task_session(current))) 2615 return -ENOTTY; 2616 if (get_user(pgrp_nr, p)) 2617 return -EFAULT; 2618 if (pgrp_nr < 0) 2619 return -EINVAL; 2620 rcu_read_lock(); 2621 pgrp = find_vpid(pgrp_nr); 2622 retval = -ESRCH; 2623 if (!pgrp) 2624 goto out_unlock; 2625 retval = -EPERM; 2626 if (session_of_pgrp(pgrp) != task_session(current)) 2627 goto out_unlock; 2628 retval = 0; 2629 spin_lock_irq(&tty->ctrl_lock); 2630 put_pid(real_tty->pgrp); 2631 real_tty->pgrp = get_pid(pgrp); 2632 spin_unlock_irq(&tty->ctrl_lock); 2633 out_unlock: 2634 rcu_read_unlock(); 2635 return retval; 2636 } 2637 2638 /** 2639 * tiocgsid - get session id 2640 * @tty: tty passed by user 2641 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2642 * @p: pointer to returned session id 2643 * 2644 * Obtain the session id of the tty. If there is no session 2645 * return an error. 2646 * 2647 * Locking: none. Reference to current->signal->tty is safe. 2648 */ 2649 2650 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2651 { 2652 /* 2653 * (tty == real_tty) is a cheap way of 2654 * testing if the tty is NOT a master pty. 2655 */ 2656 if (tty == real_tty && current->signal->tty != real_tty) 2657 return -ENOTTY; 2658 if (!real_tty->session) 2659 return -ENOTTY; 2660 return put_user(pid_vnr(real_tty->session), p); 2661 } 2662 2663 /** 2664 * tiocsetd - set line discipline 2665 * @tty: tty device 2666 * @p: pointer to user data 2667 * 2668 * Set the line discipline according to user request. 2669 * 2670 * Locking: see tty_set_ldisc, this function is just a helper 2671 */ 2672 2673 static int tiocsetd(struct tty_struct *tty, int __user *p) 2674 { 2675 int disc; 2676 int ret; 2677 2678 if (get_user(disc, p)) 2679 return -EFAULT; 2680 2681 ret = tty_set_ldisc(tty, disc); 2682 2683 return ret; 2684 } 2685 2686 /** 2687 * tiocgetd - get line discipline 2688 * @tty: tty device 2689 * @p: pointer to user data 2690 * 2691 * Retrieves the line discipline id directly from the ldisc. 2692 * 2693 * Locking: waits for ldisc reference (in case the line discipline 2694 * is changing or the tty is being hungup) 2695 */ 2696 2697 static int tiocgetd(struct tty_struct *tty, int __user *p) 2698 { 2699 struct tty_ldisc *ld; 2700 int ret; 2701 2702 ld = tty_ldisc_ref_wait(tty); 2703 if (!ld) 2704 return -EIO; 2705 ret = put_user(ld->ops->num, p); 2706 tty_ldisc_deref(ld); 2707 return ret; 2708 } 2709 2710 /** 2711 * send_break - performed time break 2712 * @tty: device to break on 2713 * @duration: timeout in mS 2714 * 2715 * Perform a timed break on hardware that lacks its own driver level 2716 * timed break functionality. 2717 * 2718 * Locking: 2719 * atomic_write_lock serializes 2720 * 2721 */ 2722 2723 static int send_break(struct tty_struct *tty, unsigned int duration) 2724 { 2725 int retval; 2726 2727 if (tty->ops->break_ctl == NULL) 2728 return 0; 2729 2730 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2731 retval = tty->ops->break_ctl(tty, duration); 2732 else { 2733 /* Do the work ourselves */ 2734 if (tty_write_lock(tty, 0) < 0) 2735 return -EINTR; 2736 retval = tty->ops->break_ctl(tty, -1); 2737 if (retval) 2738 goto out; 2739 if (!signal_pending(current)) 2740 msleep_interruptible(duration); 2741 retval = tty->ops->break_ctl(tty, 0); 2742 out: 2743 tty_write_unlock(tty); 2744 if (signal_pending(current)) 2745 retval = -EINTR; 2746 } 2747 return retval; 2748 } 2749 2750 /** 2751 * tty_tiocmget - get modem status 2752 * @tty: tty device 2753 * @file: user file pointer 2754 * @p: pointer to result 2755 * 2756 * Obtain the modem status bits from the tty driver if the feature 2757 * is supported. Return -EINVAL if it is not available. 2758 * 2759 * Locking: none (up to the driver) 2760 */ 2761 2762 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2763 { 2764 int retval = -EINVAL; 2765 2766 if (tty->ops->tiocmget) { 2767 retval = tty->ops->tiocmget(tty); 2768 2769 if (retval >= 0) 2770 retval = put_user(retval, p); 2771 } 2772 return retval; 2773 } 2774 2775 /** 2776 * tty_tiocmset - set modem status 2777 * @tty: tty device 2778 * @cmd: command - clear bits, set bits or set all 2779 * @p: pointer to desired bits 2780 * 2781 * Set the modem status bits from the tty driver if the feature 2782 * is supported. Return -EINVAL if it is not available. 2783 * 2784 * Locking: none (up to the driver) 2785 */ 2786 2787 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2788 unsigned __user *p) 2789 { 2790 int retval; 2791 unsigned int set, clear, val; 2792 2793 if (tty->ops->tiocmset == NULL) 2794 return -EINVAL; 2795 2796 retval = get_user(val, p); 2797 if (retval) 2798 return retval; 2799 set = clear = 0; 2800 switch (cmd) { 2801 case TIOCMBIS: 2802 set = val; 2803 break; 2804 case TIOCMBIC: 2805 clear = val; 2806 break; 2807 case TIOCMSET: 2808 set = val; 2809 clear = ~val; 2810 break; 2811 } 2812 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2813 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2814 return tty->ops->tiocmset(tty, set, clear); 2815 } 2816 2817 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2818 { 2819 int retval = -EINVAL; 2820 struct serial_icounter_struct icount; 2821 memset(&icount, 0, sizeof(icount)); 2822 if (tty->ops->get_icount) 2823 retval = tty->ops->get_icount(tty, &icount); 2824 if (retval != 0) 2825 return retval; 2826 if (copy_to_user(arg, &icount, sizeof(icount))) 2827 return -EFAULT; 2828 return 0; 2829 } 2830 2831 static void tty_warn_deprecated_flags(struct serial_struct __user *ss) 2832 { 2833 static DEFINE_RATELIMIT_STATE(depr_flags, 2834 DEFAULT_RATELIMIT_INTERVAL, 2835 DEFAULT_RATELIMIT_BURST); 2836 char comm[TASK_COMM_LEN]; 2837 int flags; 2838 2839 if (get_user(flags, &ss->flags)) 2840 return; 2841 2842 flags &= ASYNC_DEPRECATED; 2843 2844 if (flags && __ratelimit(&depr_flags)) 2845 pr_warning("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n", 2846 __func__, get_task_comm(comm, current), flags); 2847 } 2848 2849 /* 2850 * if pty, return the slave side (real_tty) 2851 * otherwise, return self 2852 */ 2853 static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2854 { 2855 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2856 tty->driver->subtype == PTY_TYPE_MASTER) 2857 tty = tty->link; 2858 return tty; 2859 } 2860 2861 /* 2862 * Split this up, as gcc can choke on it otherwise.. 2863 */ 2864 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2865 { 2866 struct tty_struct *tty = file_tty(file); 2867 struct tty_struct *real_tty; 2868 void __user *p = (void __user *)arg; 2869 int retval; 2870 struct tty_ldisc *ld; 2871 2872 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2873 return -EINVAL; 2874 2875 real_tty = tty_pair_get_tty(tty); 2876 2877 /* 2878 * Factor out some common prep work 2879 */ 2880 switch (cmd) { 2881 case TIOCSETD: 2882 case TIOCSBRK: 2883 case TIOCCBRK: 2884 case TCSBRK: 2885 case TCSBRKP: 2886 retval = tty_check_change(tty); 2887 if (retval) 2888 return retval; 2889 if (cmd != TIOCCBRK) { 2890 tty_wait_until_sent(tty, 0); 2891 if (signal_pending(current)) 2892 return -EINTR; 2893 } 2894 break; 2895 } 2896 2897 /* 2898 * Now do the stuff. 2899 */ 2900 switch (cmd) { 2901 case TIOCSTI: 2902 return tiocsti(tty, p); 2903 case TIOCGWINSZ: 2904 return tiocgwinsz(real_tty, p); 2905 case TIOCSWINSZ: 2906 return tiocswinsz(real_tty, p); 2907 case TIOCCONS: 2908 return real_tty != tty ? -EINVAL : tioccons(file); 2909 case FIONBIO: 2910 return fionbio(file, p); 2911 case TIOCEXCL: 2912 set_bit(TTY_EXCLUSIVE, &tty->flags); 2913 return 0; 2914 case TIOCNXCL: 2915 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2916 return 0; 2917 case TIOCGEXCL: 2918 { 2919 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags); 2920 return put_user(excl, (int __user *)p); 2921 } 2922 case TIOCNOTTY: 2923 if (current->signal->tty != tty) 2924 return -ENOTTY; 2925 no_tty(); 2926 return 0; 2927 case TIOCSCTTY: 2928 return tiocsctty(real_tty, file, arg); 2929 case TIOCGPGRP: 2930 return tiocgpgrp(tty, real_tty, p); 2931 case TIOCSPGRP: 2932 return tiocspgrp(tty, real_tty, p); 2933 case TIOCGSID: 2934 return tiocgsid(tty, real_tty, p); 2935 case TIOCGETD: 2936 return tiocgetd(tty, p); 2937 case TIOCSETD: 2938 return tiocsetd(tty, p); 2939 case TIOCVHANGUP: 2940 if (!capable(CAP_SYS_ADMIN)) 2941 return -EPERM; 2942 tty_vhangup(tty); 2943 return 0; 2944 case TIOCGDEV: 2945 { 2946 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2947 return put_user(ret, (unsigned int __user *)p); 2948 } 2949 /* 2950 * Break handling 2951 */ 2952 case TIOCSBRK: /* Turn break on, unconditionally */ 2953 if (tty->ops->break_ctl) 2954 return tty->ops->break_ctl(tty, -1); 2955 return 0; 2956 case TIOCCBRK: /* Turn break off, unconditionally */ 2957 if (tty->ops->break_ctl) 2958 return tty->ops->break_ctl(tty, 0); 2959 return 0; 2960 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2961 /* non-zero arg means wait for all output data 2962 * to be sent (performed above) but don't send break. 2963 * This is used by the tcdrain() termios function. 2964 */ 2965 if (!arg) 2966 return send_break(tty, 250); 2967 return 0; 2968 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2969 return send_break(tty, arg ? arg*100 : 250); 2970 2971 case TIOCMGET: 2972 return tty_tiocmget(tty, p); 2973 case TIOCMSET: 2974 case TIOCMBIC: 2975 case TIOCMBIS: 2976 return tty_tiocmset(tty, cmd, p); 2977 case TIOCGICOUNT: 2978 retval = tty_tiocgicount(tty, p); 2979 /* For the moment allow fall through to the old method */ 2980 if (retval != -EINVAL) 2981 return retval; 2982 break; 2983 case TCFLSH: 2984 switch (arg) { 2985 case TCIFLUSH: 2986 case TCIOFLUSH: 2987 /* flush tty buffer and allow ldisc to process ioctl */ 2988 tty_buffer_flush(tty, NULL); 2989 break; 2990 } 2991 break; 2992 case TIOCSSERIAL: 2993 tty_warn_deprecated_flags(p); 2994 break; 2995 } 2996 if (tty->ops->ioctl) { 2997 retval = tty->ops->ioctl(tty, cmd, arg); 2998 if (retval != -ENOIOCTLCMD) 2999 return retval; 3000 } 3001 ld = tty_ldisc_ref_wait(tty); 3002 if (!ld) 3003 return hung_up_tty_ioctl(file, cmd, arg); 3004 retval = -EINVAL; 3005 if (ld->ops->ioctl) { 3006 retval = ld->ops->ioctl(tty, file, cmd, arg); 3007 if (retval == -ENOIOCTLCMD) 3008 retval = -ENOTTY; 3009 } 3010 tty_ldisc_deref(ld); 3011 return retval; 3012 } 3013 3014 #ifdef CONFIG_COMPAT 3015 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 3016 unsigned long arg) 3017 { 3018 struct tty_struct *tty = file_tty(file); 3019 struct tty_ldisc *ld; 3020 int retval = -ENOIOCTLCMD; 3021 3022 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 3023 return -EINVAL; 3024 3025 if (tty->ops->compat_ioctl) { 3026 retval = tty->ops->compat_ioctl(tty, cmd, arg); 3027 if (retval != -ENOIOCTLCMD) 3028 return retval; 3029 } 3030 3031 ld = tty_ldisc_ref_wait(tty); 3032 if (!ld) 3033 return hung_up_tty_compat_ioctl(file, cmd, arg); 3034 if (ld->ops->compat_ioctl) 3035 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 3036 else 3037 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 3038 tty_ldisc_deref(ld); 3039 3040 return retval; 3041 } 3042 #endif 3043 3044 static int this_tty(const void *t, struct file *file, unsigned fd) 3045 { 3046 if (likely(file->f_op->read != tty_read)) 3047 return 0; 3048 return file_tty(file) != t ? 0 : fd + 1; 3049 } 3050 3051 /* 3052 * This implements the "Secure Attention Key" --- the idea is to 3053 * prevent trojan horses by killing all processes associated with this 3054 * tty when the user hits the "Secure Attention Key". Required for 3055 * super-paranoid applications --- see the Orange Book for more details. 3056 * 3057 * This code could be nicer; ideally it should send a HUP, wait a few 3058 * seconds, then send a INT, and then a KILL signal. But you then 3059 * have to coordinate with the init process, since all processes associated 3060 * with the current tty must be dead before the new getty is allowed 3061 * to spawn. 3062 * 3063 * Now, if it would be correct ;-/ The current code has a nasty hole - 3064 * it doesn't catch files in flight. We may send the descriptor to ourselves 3065 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 3066 * 3067 * Nasty bug: do_SAK is being called in interrupt context. This can 3068 * deadlock. We punt it up to process context. AKPM - 16Mar2001 3069 */ 3070 void __do_SAK(struct tty_struct *tty) 3071 { 3072 #ifdef TTY_SOFT_SAK 3073 tty_hangup(tty); 3074 #else 3075 struct task_struct *g, *p; 3076 struct pid *session; 3077 int i; 3078 3079 if (!tty) 3080 return; 3081 session = tty->session; 3082 3083 tty_ldisc_flush(tty); 3084 3085 tty_driver_flush_buffer(tty); 3086 3087 read_lock(&tasklist_lock); 3088 /* Kill the entire session */ 3089 do_each_pid_task(session, PIDTYPE_SID, p) { 3090 tty_notice(tty, "SAK: killed process %d (%s): by session\n", 3091 task_pid_nr(p), p->comm); 3092 send_sig(SIGKILL, p, 1); 3093 } while_each_pid_task(session, PIDTYPE_SID, p); 3094 3095 /* Now kill any processes that happen to have the tty open */ 3096 do_each_thread(g, p) { 3097 if (p->signal->tty == tty) { 3098 tty_notice(tty, "SAK: killed process %d (%s): by controlling tty\n", 3099 task_pid_nr(p), p->comm); 3100 send_sig(SIGKILL, p, 1); 3101 continue; 3102 } 3103 task_lock(p); 3104 i = iterate_fd(p->files, 0, this_tty, tty); 3105 if (i != 0) { 3106 tty_notice(tty, "SAK: killed process %d (%s): by fd#%d\n", 3107 task_pid_nr(p), p->comm, i - 1); 3108 force_sig(SIGKILL, p); 3109 } 3110 task_unlock(p); 3111 } while_each_thread(g, p); 3112 read_unlock(&tasklist_lock); 3113 #endif 3114 } 3115 3116 static void do_SAK_work(struct work_struct *work) 3117 { 3118 struct tty_struct *tty = 3119 container_of(work, struct tty_struct, SAK_work); 3120 __do_SAK(tty); 3121 } 3122 3123 /* 3124 * The tq handling here is a little racy - tty->SAK_work may already be queued. 3125 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 3126 * the values which we write to it will be identical to the values which it 3127 * already has. --akpm 3128 */ 3129 void do_SAK(struct tty_struct *tty) 3130 { 3131 if (!tty) 3132 return; 3133 schedule_work(&tty->SAK_work); 3134 } 3135 3136 EXPORT_SYMBOL(do_SAK); 3137 3138 static int dev_match_devt(struct device *dev, const void *data) 3139 { 3140 const dev_t *devt = data; 3141 return dev->devt == *devt; 3142 } 3143 3144 /* Must put_device() after it's unused! */ 3145 static struct device *tty_get_device(struct tty_struct *tty) 3146 { 3147 dev_t devt = tty_devnum(tty); 3148 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 3149 } 3150 3151 3152 /** 3153 * alloc_tty_struct 3154 * 3155 * This subroutine allocates and initializes a tty structure. 3156 * 3157 * Locking: none - tty in question is not exposed at this point 3158 */ 3159 3160 struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) 3161 { 3162 struct tty_struct *tty; 3163 3164 tty = kzalloc(sizeof(*tty), GFP_KERNEL); 3165 if (!tty) 3166 return NULL; 3167 3168 kref_init(&tty->kref); 3169 tty->magic = TTY_MAGIC; 3170 tty_ldisc_init(tty); 3171 tty->session = NULL; 3172 tty->pgrp = NULL; 3173 mutex_init(&tty->legacy_mutex); 3174 mutex_init(&tty->throttle_mutex); 3175 init_rwsem(&tty->termios_rwsem); 3176 mutex_init(&tty->winsize_mutex); 3177 init_ldsem(&tty->ldisc_sem); 3178 init_waitqueue_head(&tty->write_wait); 3179 init_waitqueue_head(&tty->read_wait); 3180 INIT_WORK(&tty->hangup_work, do_tty_hangup); 3181 mutex_init(&tty->atomic_write_lock); 3182 spin_lock_init(&tty->ctrl_lock); 3183 spin_lock_init(&tty->flow_lock); 3184 spin_lock_init(&tty->files_lock); 3185 INIT_LIST_HEAD(&tty->tty_files); 3186 INIT_WORK(&tty->SAK_work, do_SAK_work); 3187 3188 tty->driver = driver; 3189 tty->ops = driver->ops; 3190 tty->index = idx; 3191 tty_line_name(driver, idx, tty->name); 3192 tty->dev = tty_get_device(tty); 3193 3194 return tty; 3195 } 3196 3197 /** 3198 * tty_put_char - write one character to a tty 3199 * @tty: tty 3200 * @ch: character 3201 * 3202 * Write one byte to the tty using the provided put_char method 3203 * if present. Returns the number of characters successfully output. 3204 * 3205 * Note: the specific put_char operation in the driver layer may go 3206 * away soon. Don't call it directly, use this method 3207 */ 3208 3209 int tty_put_char(struct tty_struct *tty, unsigned char ch) 3210 { 3211 if (tty->ops->put_char) 3212 return tty->ops->put_char(tty, ch); 3213 return tty->ops->write(tty, &ch, 1); 3214 } 3215 EXPORT_SYMBOL_GPL(tty_put_char); 3216 3217 struct class *tty_class; 3218 3219 static int tty_cdev_add(struct tty_driver *driver, dev_t dev, 3220 unsigned int index, unsigned int count) 3221 { 3222 int err; 3223 3224 /* init here, since reused cdevs cause crashes */ 3225 driver->cdevs[index] = cdev_alloc(); 3226 if (!driver->cdevs[index]) 3227 return -ENOMEM; 3228 driver->cdevs[index]->ops = &tty_fops; 3229 driver->cdevs[index]->owner = driver->owner; 3230 err = cdev_add(driver->cdevs[index], dev, count); 3231 if (err) 3232 kobject_put(&driver->cdevs[index]->kobj); 3233 return err; 3234 } 3235 3236 /** 3237 * tty_register_device - register a tty device 3238 * @driver: the tty driver that describes the tty device 3239 * @index: the index in the tty driver for this tty device 3240 * @device: a struct device that is associated with this tty device. 3241 * This field is optional, if there is no known struct device 3242 * for this tty device it can be set to NULL safely. 3243 * 3244 * Returns a pointer to the struct device for this tty device 3245 * (or ERR_PTR(-EFOO) on error). 3246 * 3247 * This call is required to be made to register an individual tty device 3248 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3249 * that bit is not set, this function should not be called by a tty 3250 * driver. 3251 * 3252 * Locking: ?? 3253 */ 3254 3255 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3256 struct device *device) 3257 { 3258 return tty_register_device_attr(driver, index, device, NULL, NULL); 3259 } 3260 EXPORT_SYMBOL(tty_register_device); 3261 3262 static void tty_device_create_release(struct device *dev) 3263 { 3264 dev_dbg(dev, "releasing...\n"); 3265 kfree(dev); 3266 } 3267 3268 /** 3269 * tty_register_device_attr - register a tty device 3270 * @driver: the tty driver that describes the tty device 3271 * @index: the index in the tty driver for this tty device 3272 * @device: a struct device that is associated with this tty device. 3273 * This field is optional, if there is no known struct device 3274 * for this tty device it can be set to NULL safely. 3275 * @drvdata: Driver data to be set to device. 3276 * @attr_grp: Attribute group to be set on device. 3277 * 3278 * Returns a pointer to the struct device for this tty device 3279 * (or ERR_PTR(-EFOO) on error). 3280 * 3281 * This call is required to be made to register an individual tty device 3282 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3283 * that bit is not set, this function should not be called by a tty 3284 * driver. 3285 * 3286 * Locking: ?? 3287 */ 3288 struct device *tty_register_device_attr(struct tty_driver *driver, 3289 unsigned index, struct device *device, 3290 void *drvdata, 3291 const struct attribute_group **attr_grp) 3292 { 3293 char name[64]; 3294 dev_t devt = MKDEV(driver->major, driver->minor_start) + index; 3295 struct device *dev = NULL; 3296 int retval = -ENODEV; 3297 bool cdev = false; 3298 3299 if (index >= driver->num) { 3300 pr_err("%s: Attempt to register invalid tty line number (%d)\n", 3301 driver->name, index); 3302 return ERR_PTR(-EINVAL); 3303 } 3304 3305 if (driver->type == TTY_DRIVER_TYPE_PTY) 3306 pty_line_name(driver, index, name); 3307 else 3308 tty_line_name(driver, index, name); 3309 3310 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3311 retval = tty_cdev_add(driver, devt, index, 1); 3312 if (retval) 3313 goto error; 3314 cdev = true; 3315 } 3316 3317 dev = kzalloc(sizeof(*dev), GFP_KERNEL); 3318 if (!dev) { 3319 retval = -ENOMEM; 3320 goto error; 3321 } 3322 3323 dev->devt = devt; 3324 dev->class = tty_class; 3325 dev->parent = device; 3326 dev->release = tty_device_create_release; 3327 dev_set_name(dev, "%s", name); 3328 dev->groups = attr_grp; 3329 dev_set_drvdata(dev, drvdata); 3330 3331 retval = device_register(dev); 3332 if (retval) 3333 goto error; 3334 3335 return dev; 3336 3337 error: 3338 put_device(dev); 3339 if (cdev) { 3340 cdev_del(driver->cdevs[index]); 3341 driver->cdevs[index] = NULL; 3342 } 3343 return ERR_PTR(retval); 3344 } 3345 EXPORT_SYMBOL_GPL(tty_register_device_attr); 3346 3347 /** 3348 * tty_unregister_device - unregister a tty device 3349 * @driver: the tty driver that describes the tty device 3350 * @index: the index in the tty driver for this tty device 3351 * 3352 * If a tty device is registered with a call to tty_register_device() then 3353 * this function must be called when the tty device is gone. 3354 * 3355 * Locking: ?? 3356 */ 3357 3358 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3359 { 3360 device_destroy(tty_class, 3361 MKDEV(driver->major, driver->minor_start) + index); 3362 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3363 cdev_del(driver->cdevs[index]); 3364 driver->cdevs[index] = NULL; 3365 } 3366 } 3367 EXPORT_SYMBOL(tty_unregister_device); 3368 3369 /** 3370 * __tty_alloc_driver -- allocate tty driver 3371 * @lines: count of lines this driver can handle at most 3372 * @owner: module which is repsonsible for this driver 3373 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags 3374 * 3375 * This should not be called directly, some of the provided macros should be 3376 * used instead. Use IS_ERR and friends on @retval. 3377 */ 3378 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner, 3379 unsigned long flags) 3380 { 3381 struct tty_driver *driver; 3382 unsigned int cdevs = 1; 3383 int err; 3384 3385 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1)) 3386 return ERR_PTR(-EINVAL); 3387 3388 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3389 if (!driver) 3390 return ERR_PTR(-ENOMEM); 3391 3392 kref_init(&driver->kref); 3393 driver->magic = TTY_DRIVER_MAGIC; 3394 driver->num = lines; 3395 driver->owner = owner; 3396 driver->flags = flags; 3397 3398 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) { 3399 driver->ttys = kcalloc(lines, sizeof(*driver->ttys), 3400 GFP_KERNEL); 3401 driver->termios = kcalloc(lines, sizeof(*driver->termios), 3402 GFP_KERNEL); 3403 if (!driver->ttys || !driver->termios) { 3404 err = -ENOMEM; 3405 goto err_free_all; 3406 } 3407 } 3408 3409 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3410 driver->ports = kcalloc(lines, sizeof(*driver->ports), 3411 GFP_KERNEL); 3412 if (!driver->ports) { 3413 err = -ENOMEM; 3414 goto err_free_all; 3415 } 3416 cdevs = lines; 3417 } 3418 3419 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL); 3420 if (!driver->cdevs) { 3421 err = -ENOMEM; 3422 goto err_free_all; 3423 } 3424 3425 return driver; 3426 err_free_all: 3427 kfree(driver->ports); 3428 kfree(driver->ttys); 3429 kfree(driver->termios); 3430 kfree(driver->cdevs); 3431 kfree(driver); 3432 return ERR_PTR(err); 3433 } 3434 EXPORT_SYMBOL(__tty_alloc_driver); 3435 3436 static void destruct_tty_driver(struct kref *kref) 3437 { 3438 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3439 int i; 3440 struct ktermios *tp; 3441 3442 if (driver->flags & TTY_DRIVER_INSTALLED) { 3443 /* 3444 * Free the termios and termios_locked structures because 3445 * we don't want to get memory leaks when modular tty 3446 * drivers are removed from the kernel. 3447 */ 3448 for (i = 0; i < driver->num; i++) { 3449 tp = driver->termios[i]; 3450 if (tp) { 3451 driver->termios[i] = NULL; 3452 kfree(tp); 3453 } 3454 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3455 tty_unregister_device(driver, i); 3456 } 3457 proc_tty_unregister_driver(driver); 3458 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) 3459 cdev_del(driver->cdevs[0]); 3460 } 3461 kfree(driver->cdevs); 3462 kfree(driver->ports); 3463 kfree(driver->termios); 3464 kfree(driver->ttys); 3465 kfree(driver); 3466 } 3467 3468 void tty_driver_kref_put(struct tty_driver *driver) 3469 { 3470 kref_put(&driver->kref, destruct_tty_driver); 3471 } 3472 EXPORT_SYMBOL(tty_driver_kref_put); 3473 3474 void tty_set_operations(struct tty_driver *driver, 3475 const struct tty_operations *op) 3476 { 3477 driver->ops = op; 3478 }; 3479 EXPORT_SYMBOL(tty_set_operations); 3480 3481 void put_tty_driver(struct tty_driver *d) 3482 { 3483 tty_driver_kref_put(d); 3484 } 3485 EXPORT_SYMBOL(put_tty_driver); 3486 3487 /* 3488 * Called by a tty driver to register itself. 3489 */ 3490 int tty_register_driver(struct tty_driver *driver) 3491 { 3492 int error; 3493 int i; 3494 dev_t dev; 3495 struct device *d; 3496 3497 if (!driver->major) { 3498 error = alloc_chrdev_region(&dev, driver->minor_start, 3499 driver->num, driver->name); 3500 if (!error) { 3501 driver->major = MAJOR(dev); 3502 driver->minor_start = MINOR(dev); 3503 } 3504 } else { 3505 dev = MKDEV(driver->major, driver->minor_start); 3506 error = register_chrdev_region(dev, driver->num, driver->name); 3507 } 3508 if (error < 0) 3509 goto err; 3510 3511 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) { 3512 error = tty_cdev_add(driver, dev, 0, driver->num); 3513 if (error) 3514 goto err_unreg_char; 3515 } 3516 3517 mutex_lock(&tty_mutex); 3518 list_add(&driver->tty_drivers, &tty_drivers); 3519 mutex_unlock(&tty_mutex); 3520 3521 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3522 for (i = 0; i < driver->num; i++) { 3523 d = tty_register_device(driver, i, NULL); 3524 if (IS_ERR(d)) { 3525 error = PTR_ERR(d); 3526 goto err_unreg_devs; 3527 } 3528 } 3529 } 3530 proc_tty_register_driver(driver); 3531 driver->flags |= TTY_DRIVER_INSTALLED; 3532 return 0; 3533 3534 err_unreg_devs: 3535 for (i--; i >= 0; i--) 3536 tty_unregister_device(driver, i); 3537 3538 mutex_lock(&tty_mutex); 3539 list_del(&driver->tty_drivers); 3540 mutex_unlock(&tty_mutex); 3541 3542 err_unreg_char: 3543 unregister_chrdev_region(dev, driver->num); 3544 err: 3545 return error; 3546 } 3547 EXPORT_SYMBOL(tty_register_driver); 3548 3549 /* 3550 * Called by a tty driver to unregister itself. 3551 */ 3552 int tty_unregister_driver(struct tty_driver *driver) 3553 { 3554 #if 0 3555 /* FIXME */ 3556 if (driver->refcount) 3557 return -EBUSY; 3558 #endif 3559 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3560 driver->num); 3561 mutex_lock(&tty_mutex); 3562 list_del(&driver->tty_drivers); 3563 mutex_unlock(&tty_mutex); 3564 return 0; 3565 } 3566 3567 EXPORT_SYMBOL(tty_unregister_driver); 3568 3569 dev_t tty_devnum(struct tty_struct *tty) 3570 { 3571 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3572 } 3573 EXPORT_SYMBOL(tty_devnum); 3574 3575 void tty_default_fops(struct file_operations *fops) 3576 { 3577 *fops = tty_fops; 3578 } 3579 3580 /* 3581 * Initialize the console device. This is called *early*, so 3582 * we can't necessarily depend on lots of kernel help here. 3583 * Just do some early initializations, and do the complex setup 3584 * later. 3585 */ 3586 void __init console_init(void) 3587 { 3588 initcall_t *call; 3589 3590 /* Setup the default TTY line discipline. */ 3591 n_tty_init(); 3592 3593 /* 3594 * set up the console device so that later boot sequences can 3595 * inform about problems etc.. 3596 */ 3597 call = __con_initcall_start; 3598 while (call < __con_initcall_end) { 3599 (*call)(); 3600 call++; 3601 } 3602 } 3603 3604 static char *tty_devnode(struct device *dev, umode_t *mode) 3605 { 3606 if (!mode) 3607 return NULL; 3608 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3609 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3610 *mode = 0666; 3611 return NULL; 3612 } 3613 3614 static int __init tty_class_init(void) 3615 { 3616 tty_class = class_create(THIS_MODULE, "tty"); 3617 if (IS_ERR(tty_class)) 3618 return PTR_ERR(tty_class); 3619 tty_class->devnode = tty_devnode; 3620 return 0; 3621 } 3622 3623 postcore_initcall(tty_class_init); 3624 3625 /* 3/2004 jmc: why do these devices exist? */ 3626 static struct cdev tty_cdev, console_cdev; 3627 3628 static ssize_t show_cons_active(struct device *dev, 3629 struct device_attribute *attr, char *buf) 3630 { 3631 struct console *cs[16]; 3632 int i = 0; 3633 struct console *c; 3634 ssize_t count = 0; 3635 3636 console_lock(); 3637 for_each_console(c) { 3638 if (!c->device) 3639 continue; 3640 if (!c->write) 3641 continue; 3642 if ((c->flags & CON_ENABLED) == 0) 3643 continue; 3644 cs[i++] = c; 3645 if (i >= ARRAY_SIZE(cs)) 3646 break; 3647 } 3648 while (i--) { 3649 int index = cs[i]->index; 3650 struct tty_driver *drv = cs[i]->device(cs[i], &index); 3651 3652 /* don't resolve tty0 as some programs depend on it */ 3653 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR)) 3654 count += tty_line_name(drv, index, buf + count); 3655 else 3656 count += sprintf(buf + count, "%s%d", 3657 cs[i]->name, cs[i]->index); 3658 3659 count += sprintf(buf + count, "%c", i ? ' ':'\n'); 3660 } 3661 console_unlock(); 3662 3663 return count; 3664 } 3665 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3666 3667 static struct attribute *cons_dev_attrs[] = { 3668 &dev_attr_active.attr, 3669 NULL 3670 }; 3671 3672 ATTRIBUTE_GROUPS(cons_dev); 3673 3674 static struct device *consdev; 3675 3676 void console_sysfs_notify(void) 3677 { 3678 if (consdev) 3679 sysfs_notify(&consdev->kobj, NULL, "active"); 3680 } 3681 3682 /* 3683 * Ok, now we can initialize the rest of the tty devices and can count 3684 * on memory allocations, interrupts etc.. 3685 */ 3686 int __init tty_init(void) 3687 { 3688 cdev_init(&tty_cdev, &tty_fops); 3689 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3690 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3691 panic("Couldn't register /dev/tty driver\n"); 3692 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3693 3694 cdev_init(&console_cdev, &console_fops); 3695 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3696 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3697 panic("Couldn't register /dev/console driver\n"); 3698 consdev = device_create_with_groups(tty_class, NULL, 3699 MKDEV(TTYAUX_MAJOR, 1), NULL, 3700 cons_dev_groups, "console"); 3701 if (IS_ERR(consdev)) 3702 consdev = NULL; 3703 3704 #ifdef CONFIG_VT 3705 vty_init(&console_fops); 3706 #endif 3707 return 0; 3708 } 3709 3710