1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 110 #define TTY_PARANOIA_CHECK 1 111 #define CHECK_TTY_COUNT 1 112 113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 114 .c_iflag = ICRNL | IXON, 115 .c_oflag = OPOST | ONLCR, 116 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 118 ECHOCTL | ECHOKE | IEXTEN, 119 .c_cc = INIT_C_CC, 120 .c_ispeed = 38400, 121 .c_ospeed = 38400 122 }; 123 124 EXPORT_SYMBOL(tty_std_termios); 125 126 /* This list gets poked at by procfs and various bits of boot up code. This 127 could do with some rationalisation such as pulling the tty proc function 128 into this file */ 129 130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 131 132 /* Mutex to protect creating and releasing a tty. This is shared with 133 vt.c for deeply disgusting hack reasons */ 134 DEFINE_MUTEX(tty_mutex); 135 EXPORT_SYMBOL(tty_mutex); 136 137 /* Spinlock to protect the tty->tty_files list */ 138 DEFINE_SPINLOCK(tty_files_lock); 139 140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 142 ssize_t redirected_tty_write(struct file *, const char __user *, 143 size_t, loff_t *); 144 static unsigned int tty_poll(struct file *, poll_table *); 145 static int tty_open(struct inode *, struct file *); 146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 147 #ifdef CONFIG_COMPAT 148 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 149 unsigned long arg); 150 #else 151 #define tty_compat_ioctl NULL 152 #endif 153 static int __tty_fasync(int fd, struct file *filp, int on); 154 static int tty_fasync(int fd, struct file *filp, int on); 155 static void release_tty(struct tty_struct *tty, int idx); 156 157 /** 158 * free_tty_struct - free a disused tty 159 * @tty: tty struct to free 160 * 161 * Free the write buffers, tty queue and tty memory itself. 162 * 163 * Locking: none. Must be called after tty is definitely unused 164 */ 165 166 void free_tty_struct(struct tty_struct *tty) 167 { 168 if (!tty) 169 return; 170 put_device(tty->dev); 171 kfree(tty->write_buf); 172 tty->magic = 0xDEADDEAD; 173 kfree(tty); 174 } 175 176 static inline struct tty_struct *file_tty(struct file *file) 177 { 178 return ((struct tty_file_private *)file->private_data)->tty; 179 } 180 181 int tty_alloc_file(struct file *file) 182 { 183 struct tty_file_private *priv; 184 185 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 186 if (!priv) 187 return -ENOMEM; 188 189 file->private_data = priv; 190 191 return 0; 192 } 193 194 /* Associate a new file with the tty structure */ 195 void tty_add_file(struct tty_struct *tty, struct file *file) 196 { 197 struct tty_file_private *priv = file->private_data; 198 199 priv->tty = tty; 200 priv->file = file; 201 202 spin_lock(&tty_files_lock); 203 list_add(&priv->list, &tty->tty_files); 204 spin_unlock(&tty_files_lock); 205 } 206 207 /** 208 * tty_free_file - free file->private_data 209 * 210 * This shall be used only for fail path handling when tty_add_file was not 211 * called yet. 212 */ 213 void tty_free_file(struct file *file) 214 { 215 struct tty_file_private *priv = file->private_data; 216 217 file->private_data = NULL; 218 kfree(priv); 219 } 220 221 /* Delete file from its tty */ 222 static void tty_del_file(struct file *file) 223 { 224 struct tty_file_private *priv = file->private_data; 225 226 spin_lock(&tty_files_lock); 227 list_del(&priv->list); 228 spin_unlock(&tty_files_lock); 229 tty_free_file(file); 230 } 231 232 233 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 234 235 /** 236 * tty_name - return tty naming 237 * @tty: tty structure 238 * @buf: buffer for output 239 * 240 * Convert a tty structure into a name. The name reflects the kernel 241 * naming policy and if udev is in use may not reflect user space 242 * 243 * Locking: none 244 */ 245 246 char *tty_name(struct tty_struct *tty, char *buf) 247 { 248 if (!tty) /* Hmm. NULL pointer. That's fun. */ 249 strcpy(buf, "NULL tty"); 250 else 251 strcpy(buf, tty->name); 252 return buf; 253 } 254 255 EXPORT_SYMBOL(tty_name); 256 257 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 258 const char *routine) 259 { 260 #ifdef TTY_PARANOIA_CHECK 261 if (!tty) { 262 printk(KERN_WARNING 263 "null TTY for (%d:%d) in %s\n", 264 imajor(inode), iminor(inode), routine); 265 return 1; 266 } 267 if (tty->magic != TTY_MAGIC) { 268 printk(KERN_WARNING 269 "bad magic number for tty struct (%d:%d) in %s\n", 270 imajor(inode), iminor(inode), routine); 271 return 1; 272 } 273 #endif 274 return 0; 275 } 276 277 /* Caller must hold tty_lock */ 278 static int check_tty_count(struct tty_struct *tty, const char *routine) 279 { 280 #ifdef CHECK_TTY_COUNT 281 struct list_head *p; 282 int count = 0; 283 284 spin_lock(&tty_files_lock); 285 list_for_each(p, &tty->tty_files) { 286 count++; 287 } 288 spin_unlock(&tty_files_lock); 289 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 290 tty->driver->subtype == PTY_TYPE_SLAVE && 291 tty->link && tty->link->count) 292 count++; 293 if (tty->count != count) { 294 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 295 "!= #fd's(%d) in %s\n", 296 tty->name, tty->count, count, routine); 297 return count; 298 } 299 #endif 300 return 0; 301 } 302 303 /** 304 * get_tty_driver - find device of a tty 305 * @dev_t: device identifier 306 * @index: returns the index of the tty 307 * 308 * This routine returns a tty driver structure, given a device number 309 * and also passes back the index number. 310 * 311 * Locking: caller must hold tty_mutex 312 */ 313 314 static struct tty_driver *get_tty_driver(dev_t device, int *index) 315 { 316 struct tty_driver *p; 317 318 list_for_each_entry(p, &tty_drivers, tty_drivers) { 319 dev_t base = MKDEV(p->major, p->minor_start); 320 if (device < base || device >= base + p->num) 321 continue; 322 *index = device - base; 323 return tty_driver_kref_get(p); 324 } 325 return NULL; 326 } 327 328 #ifdef CONFIG_CONSOLE_POLL 329 330 /** 331 * tty_find_polling_driver - find device of a polled tty 332 * @name: name string to match 333 * @line: pointer to resulting tty line nr 334 * 335 * This routine returns a tty driver structure, given a name 336 * and the condition that the tty driver is capable of polled 337 * operation. 338 */ 339 struct tty_driver *tty_find_polling_driver(char *name, int *line) 340 { 341 struct tty_driver *p, *res = NULL; 342 int tty_line = 0; 343 int len; 344 char *str, *stp; 345 346 for (str = name; *str; str++) 347 if ((*str >= '0' && *str <= '9') || *str == ',') 348 break; 349 if (!*str) 350 return NULL; 351 352 len = str - name; 353 tty_line = simple_strtoul(str, &str, 10); 354 355 mutex_lock(&tty_mutex); 356 /* Search through the tty devices to look for a match */ 357 list_for_each_entry(p, &tty_drivers, tty_drivers) { 358 if (strncmp(name, p->name, len) != 0) 359 continue; 360 stp = str; 361 if (*stp == ',') 362 stp++; 363 if (*stp == '\0') 364 stp = NULL; 365 366 if (tty_line >= 0 && tty_line < p->num && p->ops && 367 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 368 res = tty_driver_kref_get(p); 369 *line = tty_line; 370 break; 371 } 372 } 373 mutex_unlock(&tty_mutex); 374 375 return res; 376 } 377 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 378 #endif 379 380 /** 381 * tty_check_change - check for POSIX terminal changes 382 * @tty: tty to check 383 * 384 * If we try to write to, or set the state of, a terminal and we're 385 * not in the foreground, send a SIGTTOU. If the signal is blocked or 386 * ignored, go ahead and perform the operation. (POSIX 7.2) 387 * 388 * Locking: ctrl_lock 389 */ 390 391 int tty_check_change(struct tty_struct *tty) 392 { 393 unsigned long flags; 394 int ret = 0; 395 396 if (current->signal->tty != tty) 397 return 0; 398 399 spin_lock_irqsave(&tty->ctrl_lock, flags); 400 401 if (!tty->pgrp) { 402 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 403 goto out_unlock; 404 } 405 if (task_pgrp(current) == tty->pgrp) 406 goto out_unlock; 407 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 408 if (is_ignored(SIGTTOU)) 409 goto out; 410 if (is_current_pgrp_orphaned()) { 411 ret = -EIO; 412 goto out; 413 } 414 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 415 set_thread_flag(TIF_SIGPENDING); 416 ret = -ERESTARTSYS; 417 out: 418 return ret; 419 out_unlock: 420 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 421 return ret; 422 } 423 424 EXPORT_SYMBOL(tty_check_change); 425 426 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 427 size_t count, loff_t *ppos) 428 { 429 return 0; 430 } 431 432 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 433 size_t count, loff_t *ppos) 434 { 435 return -EIO; 436 } 437 438 /* No kernel lock held - none needed ;) */ 439 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 440 { 441 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 442 } 443 444 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 445 unsigned long arg) 446 { 447 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 448 } 449 450 static long hung_up_tty_compat_ioctl(struct file *file, 451 unsigned int cmd, unsigned long arg) 452 { 453 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 454 } 455 456 static const struct file_operations tty_fops = { 457 .llseek = no_llseek, 458 .read = tty_read, 459 .write = tty_write, 460 .poll = tty_poll, 461 .unlocked_ioctl = tty_ioctl, 462 .compat_ioctl = tty_compat_ioctl, 463 .open = tty_open, 464 .release = tty_release, 465 .fasync = tty_fasync, 466 }; 467 468 static const struct file_operations console_fops = { 469 .llseek = no_llseek, 470 .read = tty_read, 471 .write = redirected_tty_write, 472 .poll = tty_poll, 473 .unlocked_ioctl = tty_ioctl, 474 .compat_ioctl = tty_compat_ioctl, 475 .open = tty_open, 476 .release = tty_release, 477 .fasync = tty_fasync, 478 }; 479 480 static const struct file_operations hung_up_tty_fops = { 481 .llseek = no_llseek, 482 .read = hung_up_tty_read, 483 .write = hung_up_tty_write, 484 .poll = hung_up_tty_poll, 485 .unlocked_ioctl = hung_up_tty_ioctl, 486 .compat_ioctl = hung_up_tty_compat_ioctl, 487 .release = tty_release, 488 }; 489 490 static DEFINE_SPINLOCK(redirect_lock); 491 static struct file *redirect; 492 493 494 void proc_clear_tty(struct task_struct *p) 495 { 496 unsigned long flags; 497 struct tty_struct *tty; 498 spin_lock_irqsave(&p->sighand->siglock, flags); 499 tty = p->signal->tty; 500 p->signal->tty = NULL; 501 spin_unlock_irqrestore(&p->sighand->siglock, flags); 502 tty_kref_put(tty); 503 } 504 505 /** 506 * proc_set_tty - set the controlling terminal 507 * 508 * Only callable by the session leader and only if it does not already have 509 * a controlling terminal. 510 * 511 * Caller must hold: tty_lock() 512 * a readlock on tasklist_lock 513 * sighand lock 514 */ 515 static void __proc_set_tty(struct tty_struct *tty) 516 { 517 unsigned long flags; 518 519 spin_lock_irqsave(&tty->ctrl_lock, flags); 520 /* 521 * The session and fg pgrp references will be non-NULL if 522 * tiocsctty() is stealing the controlling tty 523 */ 524 put_pid(tty->session); 525 put_pid(tty->pgrp); 526 tty->pgrp = get_pid(task_pgrp(current)); 527 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 528 tty->session = get_pid(task_session(current)); 529 if (current->signal->tty) { 530 printk(KERN_DEBUG "tty not NULL!!\n"); 531 tty_kref_put(current->signal->tty); 532 } 533 put_pid(current->signal->tty_old_pgrp); 534 current->signal->tty = tty_kref_get(tty); 535 current->signal->tty_old_pgrp = NULL; 536 } 537 538 static void proc_set_tty(struct tty_struct *tty) 539 { 540 spin_lock_irq(¤t->sighand->siglock); 541 __proc_set_tty(tty); 542 spin_unlock_irq(¤t->sighand->siglock); 543 } 544 545 struct tty_struct *get_current_tty(void) 546 { 547 struct tty_struct *tty; 548 unsigned long flags; 549 550 spin_lock_irqsave(¤t->sighand->siglock, flags); 551 tty = tty_kref_get(current->signal->tty); 552 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 553 return tty; 554 } 555 EXPORT_SYMBOL_GPL(get_current_tty); 556 557 static void session_clear_tty(struct pid *session) 558 { 559 struct task_struct *p; 560 do_each_pid_task(session, PIDTYPE_SID, p) { 561 proc_clear_tty(p); 562 } while_each_pid_task(session, PIDTYPE_SID, p); 563 } 564 565 /** 566 * tty_wakeup - request more data 567 * @tty: terminal 568 * 569 * Internal and external helper for wakeups of tty. This function 570 * informs the line discipline if present that the driver is ready 571 * to receive more output data. 572 */ 573 574 void tty_wakeup(struct tty_struct *tty) 575 { 576 struct tty_ldisc *ld; 577 578 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 579 ld = tty_ldisc_ref(tty); 580 if (ld) { 581 if (ld->ops->write_wakeup) 582 ld->ops->write_wakeup(tty); 583 tty_ldisc_deref(ld); 584 } 585 } 586 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 587 } 588 589 EXPORT_SYMBOL_GPL(tty_wakeup); 590 591 /** 592 * tty_signal_session_leader - sends SIGHUP to session leader 593 * @tty controlling tty 594 * @exit_session if non-zero, signal all foreground group processes 595 * 596 * Send SIGHUP and SIGCONT to the session leader and its process group. 597 * Optionally, signal all processes in the foreground process group. 598 * 599 * Returns the number of processes in the session with this tty 600 * as their controlling terminal. This value is used to drop 601 * tty references for those processes. 602 */ 603 static int tty_signal_session_leader(struct tty_struct *tty, int exit_session) 604 { 605 struct task_struct *p; 606 int refs = 0; 607 struct pid *tty_pgrp = NULL; 608 609 read_lock(&tasklist_lock); 610 if (tty->session) { 611 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 612 spin_lock_irq(&p->sighand->siglock); 613 if (p->signal->tty == tty) { 614 p->signal->tty = NULL; 615 /* We defer the dereferences outside fo 616 the tasklist lock */ 617 refs++; 618 } 619 if (!p->signal->leader) { 620 spin_unlock_irq(&p->sighand->siglock); 621 continue; 622 } 623 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 624 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 625 put_pid(p->signal->tty_old_pgrp); /* A noop */ 626 spin_lock(&tty->ctrl_lock); 627 tty_pgrp = get_pid(tty->pgrp); 628 if (tty->pgrp) 629 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 630 spin_unlock(&tty->ctrl_lock); 631 spin_unlock_irq(&p->sighand->siglock); 632 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 633 } 634 read_unlock(&tasklist_lock); 635 636 if (tty_pgrp) { 637 if (exit_session) 638 kill_pgrp(tty_pgrp, SIGHUP, exit_session); 639 put_pid(tty_pgrp); 640 } 641 642 return refs; 643 } 644 645 /** 646 * __tty_hangup - actual handler for hangup events 647 * @work: tty device 648 * 649 * This can be called by a "kworker" kernel thread. That is process 650 * synchronous but doesn't hold any locks, so we need to make sure we 651 * have the appropriate locks for what we're doing. 652 * 653 * The hangup event clears any pending redirections onto the hung up 654 * device. It ensures future writes will error and it does the needed 655 * line discipline hangup and signal delivery. The tty object itself 656 * remains intact. 657 * 658 * Locking: 659 * BTM 660 * redirect lock for undoing redirection 661 * file list lock for manipulating list of ttys 662 * tty_ldiscs_lock from called functions 663 * termios_rwsem resetting termios data 664 * tasklist_lock to walk task list for hangup event 665 * ->siglock to protect ->signal/->sighand 666 */ 667 static void __tty_hangup(struct tty_struct *tty, int exit_session) 668 { 669 struct file *cons_filp = NULL; 670 struct file *filp, *f = NULL; 671 struct tty_file_private *priv; 672 int closecount = 0, n; 673 int refs; 674 675 if (!tty) 676 return; 677 678 679 spin_lock(&redirect_lock); 680 if (redirect && file_tty(redirect) == tty) { 681 f = redirect; 682 redirect = NULL; 683 } 684 spin_unlock(&redirect_lock); 685 686 tty_lock(tty); 687 688 if (test_bit(TTY_HUPPED, &tty->flags)) { 689 tty_unlock(tty); 690 return; 691 } 692 693 /* inuse_filps is protected by the single tty lock, 694 this really needs to change if we want to flush the 695 workqueue with the lock held */ 696 check_tty_count(tty, "tty_hangup"); 697 698 spin_lock(&tty_files_lock); 699 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 700 list_for_each_entry(priv, &tty->tty_files, list) { 701 filp = priv->file; 702 if (filp->f_op->write == redirected_tty_write) 703 cons_filp = filp; 704 if (filp->f_op->write != tty_write) 705 continue; 706 closecount++; 707 __tty_fasync(-1, filp, 0); /* can't block */ 708 filp->f_op = &hung_up_tty_fops; 709 } 710 spin_unlock(&tty_files_lock); 711 712 refs = tty_signal_session_leader(tty, exit_session); 713 /* Account for the p->signal references we killed */ 714 while (refs--) 715 tty_kref_put(tty); 716 717 tty_ldisc_hangup(tty); 718 719 spin_lock_irq(&tty->ctrl_lock); 720 clear_bit(TTY_THROTTLED, &tty->flags); 721 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 722 put_pid(tty->session); 723 put_pid(tty->pgrp); 724 tty->session = NULL; 725 tty->pgrp = NULL; 726 tty->ctrl_status = 0; 727 spin_unlock_irq(&tty->ctrl_lock); 728 729 /* 730 * If one of the devices matches a console pointer, we 731 * cannot just call hangup() because that will cause 732 * tty->count and state->count to go out of sync. 733 * So we just call close() the right number of times. 734 */ 735 if (cons_filp) { 736 if (tty->ops->close) 737 for (n = 0; n < closecount; n++) 738 tty->ops->close(tty, cons_filp); 739 } else if (tty->ops->hangup) 740 tty->ops->hangup(tty); 741 /* 742 * We don't want to have driver/ldisc interactions beyond 743 * the ones we did here. The driver layer expects no 744 * calls after ->hangup() from the ldisc side. However we 745 * can't yet guarantee all that. 746 */ 747 set_bit(TTY_HUPPED, &tty->flags); 748 tty_unlock(tty); 749 750 if (f) 751 fput(f); 752 } 753 754 static void do_tty_hangup(struct work_struct *work) 755 { 756 struct tty_struct *tty = 757 container_of(work, struct tty_struct, hangup_work); 758 759 __tty_hangup(tty, 0); 760 } 761 762 /** 763 * tty_hangup - trigger a hangup event 764 * @tty: tty to hangup 765 * 766 * A carrier loss (virtual or otherwise) has occurred on this like 767 * schedule a hangup sequence to run after this event. 768 */ 769 770 void tty_hangup(struct tty_struct *tty) 771 { 772 #ifdef TTY_DEBUG_HANGUP 773 char buf[64]; 774 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 775 #endif 776 schedule_work(&tty->hangup_work); 777 } 778 779 EXPORT_SYMBOL(tty_hangup); 780 781 /** 782 * tty_vhangup - process vhangup 783 * @tty: tty to hangup 784 * 785 * The user has asked via system call for the terminal to be hung up. 786 * We do this synchronously so that when the syscall returns the process 787 * is complete. That guarantee is necessary for security reasons. 788 */ 789 790 void tty_vhangup(struct tty_struct *tty) 791 { 792 #ifdef TTY_DEBUG_HANGUP 793 char buf[64]; 794 795 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 796 #endif 797 __tty_hangup(tty, 0); 798 } 799 800 EXPORT_SYMBOL(tty_vhangup); 801 802 803 /** 804 * tty_vhangup_self - process vhangup for own ctty 805 * 806 * Perform a vhangup on the current controlling tty 807 */ 808 809 void tty_vhangup_self(void) 810 { 811 struct tty_struct *tty; 812 813 tty = get_current_tty(); 814 if (tty) { 815 tty_vhangup(tty); 816 tty_kref_put(tty); 817 } 818 } 819 820 /** 821 * tty_vhangup_session - hangup session leader exit 822 * @tty: tty to hangup 823 * 824 * The session leader is exiting and hanging up its controlling terminal. 825 * Every process in the foreground process group is signalled SIGHUP. 826 * 827 * We do this synchronously so that when the syscall returns the process 828 * is complete. That guarantee is necessary for security reasons. 829 */ 830 831 static void tty_vhangup_session(struct tty_struct *tty) 832 { 833 #ifdef TTY_DEBUG_HANGUP 834 char buf[64]; 835 836 printk(KERN_DEBUG "%s vhangup session...\n", tty_name(tty, buf)); 837 #endif 838 __tty_hangup(tty, 1); 839 } 840 841 /** 842 * tty_hung_up_p - was tty hung up 843 * @filp: file pointer of tty 844 * 845 * Return true if the tty has been subject to a vhangup or a carrier 846 * loss 847 */ 848 849 int tty_hung_up_p(struct file *filp) 850 { 851 return (filp->f_op == &hung_up_tty_fops); 852 } 853 854 EXPORT_SYMBOL(tty_hung_up_p); 855 856 /** 857 * disassociate_ctty - disconnect controlling tty 858 * @on_exit: true if exiting so need to "hang up" the session 859 * 860 * This function is typically called only by the session leader, when 861 * it wants to disassociate itself from its controlling tty. 862 * 863 * It performs the following functions: 864 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 865 * (2) Clears the tty from being controlling the session 866 * (3) Clears the controlling tty for all processes in the 867 * session group. 868 * 869 * The argument on_exit is set to 1 if called when a process is 870 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 871 * 872 * Locking: 873 * BTM is taken for hysterical raisins, and held when 874 * called from no_tty(). 875 * tty_mutex is taken to protect tty 876 * ->siglock is taken to protect ->signal/->sighand 877 * tasklist_lock is taken to walk process list for sessions 878 * ->siglock is taken to protect ->signal/->sighand 879 */ 880 881 void disassociate_ctty(int on_exit) 882 { 883 struct tty_struct *tty; 884 885 if (!current->signal->leader) 886 return; 887 888 tty = get_current_tty(); 889 if (tty) { 890 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) { 891 tty_vhangup_session(tty); 892 } else { 893 struct pid *tty_pgrp = tty_get_pgrp(tty); 894 if (tty_pgrp) { 895 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 896 if (!on_exit) 897 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 898 put_pid(tty_pgrp); 899 } 900 } 901 tty_kref_put(tty); 902 903 } else if (on_exit) { 904 struct pid *old_pgrp; 905 spin_lock_irq(¤t->sighand->siglock); 906 old_pgrp = current->signal->tty_old_pgrp; 907 current->signal->tty_old_pgrp = NULL; 908 spin_unlock_irq(¤t->sighand->siglock); 909 if (old_pgrp) { 910 kill_pgrp(old_pgrp, SIGHUP, on_exit); 911 kill_pgrp(old_pgrp, SIGCONT, on_exit); 912 put_pid(old_pgrp); 913 } 914 return; 915 } 916 917 spin_lock_irq(¤t->sighand->siglock); 918 put_pid(current->signal->tty_old_pgrp); 919 current->signal->tty_old_pgrp = NULL; 920 921 tty = tty_kref_get(current->signal->tty); 922 if (tty) { 923 unsigned long flags; 924 spin_lock_irqsave(&tty->ctrl_lock, flags); 925 put_pid(tty->session); 926 put_pid(tty->pgrp); 927 tty->session = NULL; 928 tty->pgrp = NULL; 929 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 930 tty_kref_put(tty); 931 } else { 932 #ifdef TTY_DEBUG_HANGUP 933 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 934 " = NULL", tty); 935 #endif 936 } 937 938 spin_unlock_irq(¤t->sighand->siglock); 939 /* Now clear signal->tty under the lock */ 940 read_lock(&tasklist_lock); 941 session_clear_tty(task_session(current)); 942 read_unlock(&tasklist_lock); 943 } 944 945 /** 946 * 947 * no_tty - Ensure the current process does not have a controlling tty 948 */ 949 void no_tty(void) 950 { 951 /* FIXME: Review locking here. The tty_lock never covered any race 952 between a new association and proc_clear_tty but possible we need 953 to protect against this anyway */ 954 struct task_struct *tsk = current; 955 disassociate_ctty(0); 956 proc_clear_tty(tsk); 957 } 958 959 960 /** 961 * stop_tty - propagate flow control 962 * @tty: tty to stop 963 * 964 * Perform flow control to the driver. May be called 965 * on an already stopped device and will not re-call the driver 966 * method. 967 * 968 * This functionality is used by both the line disciplines for 969 * halting incoming flow and by the driver. It may therefore be 970 * called from any context, may be under the tty atomic_write_lock 971 * but not always. 972 * 973 * Locking: 974 * flow_lock 975 */ 976 977 void __stop_tty(struct tty_struct *tty) 978 { 979 if (tty->stopped) 980 return; 981 tty->stopped = 1; 982 if (tty->ops->stop) 983 tty->ops->stop(tty); 984 } 985 986 void stop_tty(struct tty_struct *tty) 987 { 988 unsigned long flags; 989 990 spin_lock_irqsave(&tty->flow_lock, flags); 991 __stop_tty(tty); 992 spin_unlock_irqrestore(&tty->flow_lock, flags); 993 } 994 EXPORT_SYMBOL(stop_tty); 995 996 /** 997 * start_tty - propagate flow control 998 * @tty: tty to start 999 * 1000 * Start a tty that has been stopped if at all possible. If this 1001 * tty was previous stopped and is now being started, the driver 1002 * start method is invoked and the line discipline woken. 1003 * 1004 * Locking: 1005 * flow_lock 1006 */ 1007 1008 void __start_tty(struct tty_struct *tty) 1009 { 1010 if (!tty->stopped || tty->flow_stopped) 1011 return; 1012 tty->stopped = 0; 1013 if (tty->ops->start) 1014 tty->ops->start(tty); 1015 tty_wakeup(tty); 1016 } 1017 1018 void start_tty(struct tty_struct *tty) 1019 { 1020 unsigned long flags; 1021 1022 spin_lock_irqsave(&tty->flow_lock, flags); 1023 __start_tty(tty); 1024 spin_unlock_irqrestore(&tty->flow_lock, flags); 1025 } 1026 EXPORT_SYMBOL(start_tty); 1027 1028 static void tty_update_time(struct timespec *time) 1029 { 1030 unsigned long sec = get_seconds(); 1031 1032 /* 1033 * We only care if the two values differ in anything other than the 1034 * lower three bits (i.e every 8 seconds). If so, then we can update 1035 * the time of the tty device, otherwise it could be construded as a 1036 * security leak to let userspace know the exact timing of the tty. 1037 */ 1038 if ((sec ^ time->tv_sec) & ~7) 1039 time->tv_sec = sec; 1040 } 1041 1042 /** 1043 * tty_read - read method for tty device files 1044 * @file: pointer to tty file 1045 * @buf: user buffer 1046 * @count: size of user buffer 1047 * @ppos: unused 1048 * 1049 * Perform the read system call function on this terminal device. Checks 1050 * for hung up devices before calling the line discipline method. 1051 * 1052 * Locking: 1053 * Locks the line discipline internally while needed. Multiple 1054 * read calls may be outstanding in parallel. 1055 */ 1056 1057 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 1058 loff_t *ppos) 1059 { 1060 int i; 1061 struct inode *inode = file_inode(file); 1062 struct tty_struct *tty = file_tty(file); 1063 struct tty_ldisc *ld; 1064 1065 if (tty_paranoia_check(tty, inode, "tty_read")) 1066 return -EIO; 1067 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 1068 return -EIO; 1069 1070 /* We want to wait for the line discipline to sort out in this 1071 situation */ 1072 ld = tty_ldisc_ref_wait(tty); 1073 if (ld->ops->read) 1074 i = ld->ops->read(tty, file, buf, count); 1075 else 1076 i = -EIO; 1077 tty_ldisc_deref(ld); 1078 1079 if (i > 0) 1080 tty_update_time(&inode->i_atime); 1081 1082 return i; 1083 } 1084 1085 static void tty_write_unlock(struct tty_struct *tty) 1086 { 1087 mutex_unlock(&tty->atomic_write_lock); 1088 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 1089 } 1090 1091 static int tty_write_lock(struct tty_struct *tty, int ndelay) 1092 { 1093 if (!mutex_trylock(&tty->atomic_write_lock)) { 1094 if (ndelay) 1095 return -EAGAIN; 1096 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 1097 return -ERESTARTSYS; 1098 } 1099 return 0; 1100 } 1101 1102 /* 1103 * Split writes up in sane blocksizes to avoid 1104 * denial-of-service type attacks 1105 */ 1106 static inline ssize_t do_tty_write( 1107 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1108 struct tty_struct *tty, 1109 struct file *file, 1110 const char __user *buf, 1111 size_t count) 1112 { 1113 ssize_t ret, written = 0; 1114 unsigned int chunk; 1115 1116 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 1117 if (ret < 0) 1118 return ret; 1119 1120 /* 1121 * We chunk up writes into a temporary buffer. This 1122 * simplifies low-level drivers immensely, since they 1123 * don't have locking issues and user mode accesses. 1124 * 1125 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1126 * big chunk-size.. 1127 * 1128 * The default chunk-size is 2kB, because the NTTY 1129 * layer has problems with bigger chunks. It will 1130 * claim to be able to handle more characters than 1131 * it actually does. 1132 * 1133 * FIXME: This can probably go away now except that 64K chunks 1134 * are too likely to fail unless switched to vmalloc... 1135 */ 1136 chunk = 2048; 1137 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1138 chunk = 65536; 1139 if (count < chunk) 1140 chunk = count; 1141 1142 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1143 if (tty->write_cnt < chunk) { 1144 unsigned char *buf_chunk; 1145 1146 if (chunk < 1024) 1147 chunk = 1024; 1148 1149 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1150 if (!buf_chunk) { 1151 ret = -ENOMEM; 1152 goto out; 1153 } 1154 kfree(tty->write_buf); 1155 tty->write_cnt = chunk; 1156 tty->write_buf = buf_chunk; 1157 } 1158 1159 /* Do the write .. */ 1160 for (;;) { 1161 size_t size = count; 1162 if (size > chunk) 1163 size = chunk; 1164 ret = -EFAULT; 1165 if (copy_from_user(tty->write_buf, buf, size)) 1166 break; 1167 ret = write(tty, file, tty->write_buf, size); 1168 if (ret <= 0) 1169 break; 1170 written += ret; 1171 buf += ret; 1172 count -= ret; 1173 if (!count) 1174 break; 1175 ret = -ERESTARTSYS; 1176 if (signal_pending(current)) 1177 break; 1178 cond_resched(); 1179 } 1180 if (written) { 1181 tty_update_time(&file_inode(file)->i_mtime); 1182 ret = written; 1183 } 1184 out: 1185 tty_write_unlock(tty); 1186 return ret; 1187 } 1188 1189 /** 1190 * tty_write_message - write a message to a certain tty, not just the console. 1191 * @tty: the destination tty_struct 1192 * @msg: the message to write 1193 * 1194 * This is used for messages that need to be redirected to a specific tty. 1195 * We don't put it into the syslog queue right now maybe in the future if 1196 * really needed. 1197 * 1198 * We must still hold the BTM and test the CLOSING flag for the moment. 1199 */ 1200 1201 void tty_write_message(struct tty_struct *tty, char *msg) 1202 { 1203 if (tty) { 1204 mutex_lock(&tty->atomic_write_lock); 1205 tty_lock(tty); 1206 if (tty->ops->write && tty->count > 0) { 1207 tty_unlock(tty); 1208 tty->ops->write(tty, msg, strlen(msg)); 1209 } else 1210 tty_unlock(tty); 1211 tty_write_unlock(tty); 1212 } 1213 return; 1214 } 1215 1216 1217 /** 1218 * tty_write - write method for tty device file 1219 * @file: tty file pointer 1220 * @buf: user data to write 1221 * @count: bytes to write 1222 * @ppos: unused 1223 * 1224 * Write data to a tty device via the line discipline. 1225 * 1226 * Locking: 1227 * Locks the line discipline as required 1228 * Writes to the tty driver are serialized by the atomic_write_lock 1229 * and are then processed in chunks to the device. The line discipline 1230 * write method will not be invoked in parallel for each device. 1231 */ 1232 1233 static ssize_t tty_write(struct file *file, const char __user *buf, 1234 size_t count, loff_t *ppos) 1235 { 1236 struct tty_struct *tty = file_tty(file); 1237 struct tty_ldisc *ld; 1238 ssize_t ret; 1239 1240 if (tty_paranoia_check(tty, file_inode(file), "tty_write")) 1241 return -EIO; 1242 if (!tty || !tty->ops->write || 1243 (test_bit(TTY_IO_ERROR, &tty->flags))) 1244 return -EIO; 1245 /* Short term debug to catch buggy drivers */ 1246 if (tty->ops->write_room == NULL) 1247 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1248 tty->driver->name); 1249 ld = tty_ldisc_ref_wait(tty); 1250 if (!ld->ops->write) 1251 ret = -EIO; 1252 else 1253 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1254 tty_ldisc_deref(ld); 1255 return ret; 1256 } 1257 1258 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1259 size_t count, loff_t *ppos) 1260 { 1261 struct file *p = NULL; 1262 1263 spin_lock(&redirect_lock); 1264 if (redirect) 1265 p = get_file(redirect); 1266 spin_unlock(&redirect_lock); 1267 1268 if (p) { 1269 ssize_t res; 1270 res = vfs_write(p, buf, count, &p->f_pos); 1271 fput(p); 1272 return res; 1273 } 1274 return tty_write(file, buf, count, ppos); 1275 } 1276 1277 /** 1278 * tty_send_xchar - send priority character 1279 * 1280 * Send a high priority character to the tty even if stopped 1281 * 1282 * Locking: none for xchar method, write ordering for write method. 1283 */ 1284 1285 int tty_send_xchar(struct tty_struct *tty, char ch) 1286 { 1287 int was_stopped = tty->stopped; 1288 1289 if (tty->ops->send_xchar) { 1290 tty->ops->send_xchar(tty, ch); 1291 return 0; 1292 } 1293 1294 if (tty_write_lock(tty, 0) < 0) 1295 return -ERESTARTSYS; 1296 1297 if (was_stopped) 1298 start_tty(tty); 1299 tty->ops->write(tty, &ch, 1); 1300 if (was_stopped) 1301 stop_tty(tty); 1302 tty_write_unlock(tty); 1303 return 0; 1304 } 1305 1306 static char ptychar[] = "pqrstuvwxyzabcde"; 1307 1308 /** 1309 * pty_line_name - generate name for a pty 1310 * @driver: the tty driver in use 1311 * @index: the minor number 1312 * @p: output buffer of at least 6 bytes 1313 * 1314 * Generate a name from a driver reference and write it to the output 1315 * buffer. 1316 * 1317 * Locking: None 1318 */ 1319 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1320 { 1321 int i = index + driver->name_base; 1322 /* ->name is initialized to "ttyp", but "tty" is expected */ 1323 sprintf(p, "%s%c%x", 1324 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1325 ptychar[i >> 4 & 0xf], i & 0xf); 1326 } 1327 1328 /** 1329 * tty_line_name - generate name for a tty 1330 * @driver: the tty driver in use 1331 * @index: the minor number 1332 * @p: output buffer of at least 7 bytes 1333 * 1334 * Generate a name from a driver reference and write it to the output 1335 * buffer. 1336 * 1337 * Locking: None 1338 */ 1339 static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p) 1340 { 1341 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE) 1342 return sprintf(p, "%s", driver->name); 1343 else 1344 return sprintf(p, "%s%d", driver->name, 1345 index + driver->name_base); 1346 } 1347 1348 /** 1349 * tty_driver_lookup_tty() - find an existing tty, if any 1350 * @driver: the driver for the tty 1351 * @idx: the minor number 1352 * 1353 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the 1354 * driver lookup() method returns an error. 1355 * 1356 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref. 1357 */ 1358 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1359 struct inode *inode, int idx) 1360 { 1361 struct tty_struct *tty; 1362 1363 if (driver->ops->lookup) 1364 tty = driver->ops->lookup(driver, inode, idx); 1365 else 1366 tty = driver->ttys[idx]; 1367 1368 if (!IS_ERR(tty)) 1369 tty_kref_get(tty); 1370 return tty; 1371 } 1372 1373 /** 1374 * tty_init_termios - helper for termios setup 1375 * @tty: the tty to set up 1376 * 1377 * Initialise the termios structures for this tty. Thus runs under 1378 * the tty_mutex currently so we can be relaxed about ordering. 1379 */ 1380 1381 int tty_init_termios(struct tty_struct *tty) 1382 { 1383 struct ktermios *tp; 1384 int idx = tty->index; 1385 1386 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1387 tty->termios = tty->driver->init_termios; 1388 else { 1389 /* Check for lazy saved data */ 1390 tp = tty->driver->termios[idx]; 1391 if (tp != NULL) 1392 tty->termios = *tp; 1393 else 1394 tty->termios = tty->driver->init_termios; 1395 } 1396 /* Compatibility until drivers always set this */ 1397 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios); 1398 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios); 1399 return 0; 1400 } 1401 EXPORT_SYMBOL_GPL(tty_init_termios); 1402 1403 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1404 { 1405 int ret = tty_init_termios(tty); 1406 if (ret) 1407 return ret; 1408 1409 tty_driver_kref_get(driver); 1410 tty->count++; 1411 driver->ttys[tty->index] = tty; 1412 return 0; 1413 } 1414 EXPORT_SYMBOL_GPL(tty_standard_install); 1415 1416 /** 1417 * tty_driver_install_tty() - install a tty entry in the driver 1418 * @driver: the driver for the tty 1419 * @tty: the tty 1420 * 1421 * Install a tty object into the driver tables. The tty->index field 1422 * will be set by the time this is called. This method is responsible 1423 * for ensuring any need additional structures are allocated and 1424 * configured. 1425 * 1426 * Locking: tty_mutex for now 1427 */ 1428 static int tty_driver_install_tty(struct tty_driver *driver, 1429 struct tty_struct *tty) 1430 { 1431 return driver->ops->install ? driver->ops->install(driver, tty) : 1432 tty_standard_install(driver, tty); 1433 } 1434 1435 /** 1436 * tty_driver_remove_tty() - remove a tty from the driver tables 1437 * @driver: the driver for the tty 1438 * @idx: the minor number 1439 * 1440 * Remvoe a tty object from the driver tables. The tty->index field 1441 * will be set by the time this is called. 1442 * 1443 * Locking: tty_mutex for now 1444 */ 1445 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1446 { 1447 if (driver->ops->remove) 1448 driver->ops->remove(driver, tty); 1449 else 1450 driver->ttys[tty->index] = NULL; 1451 } 1452 1453 /* 1454 * tty_reopen() - fast re-open of an open tty 1455 * @tty - the tty to open 1456 * 1457 * Return 0 on success, -errno on error. 1458 * Re-opens on master ptys are not allowed and return -EIO. 1459 * 1460 * Locking: Caller must hold tty_lock 1461 */ 1462 static int tty_reopen(struct tty_struct *tty) 1463 { 1464 struct tty_driver *driver = tty->driver; 1465 1466 if (!tty->count) 1467 return -EIO; 1468 1469 if (driver->type == TTY_DRIVER_TYPE_PTY && 1470 driver->subtype == PTY_TYPE_MASTER) 1471 return -EIO; 1472 1473 if (test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN)) 1474 return -EBUSY; 1475 1476 tty->count++; 1477 1478 WARN_ON(!tty->ldisc); 1479 1480 return 0; 1481 } 1482 1483 /** 1484 * tty_init_dev - initialise a tty device 1485 * @driver: tty driver we are opening a device on 1486 * @idx: device index 1487 * @ret_tty: returned tty structure 1488 * 1489 * Prepare a tty device. This may not be a "new" clean device but 1490 * could also be an active device. The pty drivers require special 1491 * handling because of this. 1492 * 1493 * Locking: 1494 * The function is called under the tty_mutex, which 1495 * protects us from the tty struct or driver itself going away. 1496 * 1497 * On exit the tty device has the line discipline attached and 1498 * a reference count of 1. If a pair was created for pty/tty use 1499 * and the other was a pty master then it too has a reference count of 1. 1500 * 1501 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1502 * failed open. The new code protects the open with a mutex, so it's 1503 * really quite straightforward. The mutex locking can probably be 1504 * relaxed for the (most common) case of reopening a tty. 1505 */ 1506 1507 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1508 { 1509 struct tty_struct *tty; 1510 int retval; 1511 1512 /* 1513 * First time open is complex, especially for PTY devices. 1514 * This code guarantees that either everything succeeds and the 1515 * TTY is ready for operation, or else the table slots are vacated 1516 * and the allocated memory released. (Except that the termios 1517 * and locked termios may be retained.) 1518 */ 1519 1520 if (!try_module_get(driver->owner)) 1521 return ERR_PTR(-ENODEV); 1522 1523 tty = alloc_tty_struct(driver, idx); 1524 if (!tty) { 1525 retval = -ENOMEM; 1526 goto err_module_put; 1527 } 1528 1529 tty_lock(tty); 1530 retval = tty_driver_install_tty(driver, tty); 1531 if (retval < 0) 1532 goto err_deinit_tty; 1533 1534 if (!tty->port) 1535 tty->port = driver->ports[idx]; 1536 1537 WARN_RATELIMIT(!tty->port, 1538 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n", 1539 __func__, tty->driver->name); 1540 1541 tty->port->itty = tty; 1542 1543 /* 1544 * Structures all installed ... call the ldisc open routines. 1545 * If we fail here just call release_tty to clean up. No need 1546 * to decrement the use counts, as release_tty doesn't care. 1547 */ 1548 retval = tty_ldisc_setup(tty, tty->link); 1549 if (retval) 1550 goto err_release_tty; 1551 /* Return the tty locked so that it cannot vanish under the caller */ 1552 return tty; 1553 1554 err_deinit_tty: 1555 tty_unlock(tty); 1556 deinitialize_tty_struct(tty); 1557 free_tty_struct(tty); 1558 err_module_put: 1559 module_put(driver->owner); 1560 return ERR_PTR(retval); 1561 1562 /* call the tty release_tty routine to clean out this slot */ 1563 err_release_tty: 1564 tty_unlock(tty); 1565 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1566 "clearing slot %d\n", idx); 1567 release_tty(tty, idx); 1568 return ERR_PTR(retval); 1569 } 1570 1571 void tty_free_termios(struct tty_struct *tty) 1572 { 1573 struct ktermios *tp; 1574 int idx = tty->index; 1575 1576 /* If the port is going to reset then it has no termios to save */ 1577 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1578 return; 1579 1580 /* Stash the termios data */ 1581 tp = tty->driver->termios[idx]; 1582 if (tp == NULL) { 1583 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL); 1584 if (tp == NULL) { 1585 pr_warn("tty: no memory to save termios state.\n"); 1586 return; 1587 } 1588 tty->driver->termios[idx] = tp; 1589 } 1590 *tp = tty->termios; 1591 } 1592 EXPORT_SYMBOL(tty_free_termios); 1593 1594 /** 1595 * tty_flush_works - flush all works of a tty/pty pair 1596 * @tty: tty device to flush works for (or either end of a pty pair) 1597 * 1598 * Sync flush all works belonging to @tty (and the 'other' tty). 1599 */ 1600 static void tty_flush_works(struct tty_struct *tty) 1601 { 1602 flush_work(&tty->SAK_work); 1603 flush_work(&tty->hangup_work); 1604 if (tty->link) { 1605 flush_work(&tty->link->SAK_work); 1606 flush_work(&tty->link->hangup_work); 1607 } 1608 } 1609 1610 /** 1611 * release_one_tty - release tty structure memory 1612 * @kref: kref of tty we are obliterating 1613 * 1614 * Releases memory associated with a tty structure, and clears out the 1615 * driver table slots. This function is called when a device is no longer 1616 * in use. It also gets called when setup of a device fails. 1617 * 1618 * Locking: 1619 * takes the file list lock internally when working on the list 1620 * of ttys that the driver keeps. 1621 * 1622 * This method gets called from a work queue so that the driver private 1623 * cleanup ops can sleep (needed for USB at least) 1624 */ 1625 static void release_one_tty(struct work_struct *work) 1626 { 1627 struct tty_struct *tty = 1628 container_of(work, struct tty_struct, hangup_work); 1629 struct tty_driver *driver = tty->driver; 1630 struct module *owner = driver->owner; 1631 1632 if (tty->ops->cleanup) 1633 tty->ops->cleanup(tty); 1634 1635 tty->magic = 0; 1636 tty_driver_kref_put(driver); 1637 module_put(owner); 1638 1639 spin_lock(&tty_files_lock); 1640 list_del_init(&tty->tty_files); 1641 spin_unlock(&tty_files_lock); 1642 1643 put_pid(tty->pgrp); 1644 put_pid(tty->session); 1645 free_tty_struct(tty); 1646 } 1647 1648 static void queue_release_one_tty(struct kref *kref) 1649 { 1650 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1651 1652 /* The hangup queue is now free so we can reuse it rather than 1653 waste a chunk of memory for each port */ 1654 INIT_WORK(&tty->hangup_work, release_one_tty); 1655 schedule_work(&tty->hangup_work); 1656 } 1657 1658 /** 1659 * tty_kref_put - release a tty kref 1660 * @tty: tty device 1661 * 1662 * Release a reference to a tty device and if need be let the kref 1663 * layer destruct the object for us 1664 */ 1665 1666 void tty_kref_put(struct tty_struct *tty) 1667 { 1668 if (tty) 1669 kref_put(&tty->kref, queue_release_one_tty); 1670 } 1671 EXPORT_SYMBOL(tty_kref_put); 1672 1673 /** 1674 * release_tty - release tty structure memory 1675 * 1676 * Release both @tty and a possible linked partner (think pty pair), 1677 * and decrement the refcount of the backing module. 1678 * 1679 * Locking: 1680 * tty_mutex 1681 * takes the file list lock internally when working on the list 1682 * of ttys that the driver keeps. 1683 * 1684 */ 1685 static void release_tty(struct tty_struct *tty, int idx) 1686 { 1687 /* This should always be true but check for the moment */ 1688 WARN_ON(tty->index != idx); 1689 WARN_ON(!mutex_is_locked(&tty_mutex)); 1690 if (tty->ops->shutdown) 1691 tty->ops->shutdown(tty); 1692 tty_free_termios(tty); 1693 tty_driver_remove_tty(tty->driver, tty); 1694 tty->port->itty = NULL; 1695 if (tty->link) 1696 tty->link->port->itty = NULL; 1697 cancel_work_sync(&tty->port->buf.work); 1698 1699 tty_kref_put(tty->link); 1700 tty_kref_put(tty); 1701 } 1702 1703 /** 1704 * tty_release_checks - check a tty before real release 1705 * @tty: tty to check 1706 * @o_tty: link of @tty (if any) 1707 * @idx: index of the tty 1708 * 1709 * Performs some paranoid checking before true release of the @tty. 1710 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1711 */ 1712 static int tty_release_checks(struct tty_struct *tty, int idx) 1713 { 1714 #ifdef TTY_PARANOIA_CHECK 1715 if (idx < 0 || idx >= tty->driver->num) { 1716 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n", 1717 __func__, tty->name); 1718 return -1; 1719 } 1720 1721 /* not much to check for devpts */ 1722 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1723 return 0; 1724 1725 if (tty != tty->driver->ttys[idx]) { 1726 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n", 1727 __func__, idx, tty->name); 1728 return -1; 1729 } 1730 if (tty->driver->other) { 1731 struct tty_struct *o_tty = tty->link; 1732 1733 if (o_tty != tty->driver->other->ttys[idx]) { 1734 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n", 1735 __func__, idx, tty->name); 1736 return -1; 1737 } 1738 if (o_tty->link != tty) { 1739 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__); 1740 return -1; 1741 } 1742 } 1743 #endif 1744 return 0; 1745 } 1746 1747 /** 1748 * tty_release - vfs callback for close 1749 * @inode: inode of tty 1750 * @filp: file pointer for handle to tty 1751 * 1752 * Called the last time each file handle is closed that references 1753 * this tty. There may however be several such references. 1754 * 1755 * Locking: 1756 * Takes bkl. See tty_release_dev 1757 * 1758 * Even releasing the tty structures is a tricky business.. We have 1759 * to be very careful that the structures are all released at the 1760 * same time, as interrupts might otherwise get the wrong pointers. 1761 * 1762 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1763 * lead to double frees or releasing memory still in use. 1764 */ 1765 1766 int tty_release(struct inode *inode, struct file *filp) 1767 { 1768 struct tty_struct *tty = file_tty(filp); 1769 struct tty_struct *o_tty = NULL; 1770 int do_sleep, final; 1771 int idx; 1772 char buf[64]; 1773 long timeout = 0; 1774 int once = 1; 1775 1776 if (tty_paranoia_check(tty, inode, __func__)) 1777 return 0; 1778 1779 tty_lock(tty); 1780 check_tty_count(tty, __func__); 1781 1782 __tty_fasync(-1, filp, 0); 1783 1784 idx = tty->index; 1785 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1786 tty->driver->subtype == PTY_TYPE_MASTER) 1787 o_tty = tty->link; 1788 1789 if (tty_release_checks(tty, idx)) { 1790 tty_unlock(tty); 1791 return 0; 1792 } 1793 1794 #ifdef TTY_DEBUG_HANGUP 1795 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__, 1796 tty_name(tty, buf), tty->count); 1797 #endif 1798 1799 if (tty->ops->close) 1800 tty->ops->close(tty, filp); 1801 1802 /* If tty is pty master, lock the slave pty (stable lock order) */ 1803 tty_lock_slave(o_tty); 1804 1805 /* 1806 * Sanity check: if tty->count is going to zero, there shouldn't be 1807 * any waiters on tty->read_wait or tty->write_wait. We test the 1808 * wait queues and kick everyone out _before_ actually starting to 1809 * close. This ensures that we won't block while releasing the tty 1810 * structure. 1811 * 1812 * The test for the o_tty closing is necessary, since the master and 1813 * slave sides may close in any order. If the slave side closes out 1814 * first, its count will be one, since the master side holds an open. 1815 * Thus this test wouldn't be triggered at the time the slave closed, 1816 * so we do it now. 1817 */ 1818 while (1) { 1819 do_sleep = 0; 1820 1821 if (tty->count <= 1) { 1822 if (waitqueue_active(&tty->read_wait)) { 1823 wake_up_poll(&tty->read_wait, POLLIN); 1824 do_sleep++; 1825 } 1826 if (waitqueue_active(&tty->write_wait)) { 1827 wake_up_poll(&tty->write_wait, POLLOUT); 1828 do_sleep++; 1829 } 1830 } 1831 if (o_tty && o_tty->count <= 1) { 1832 if (waitqueue_active(&o_tty->read_wait)) { 1833 wake_up_poll(&o_tty->read_wait, POLLIN); 1834 do_sleep++; 1835 } 1836 if (waitqueue_active(&o_tty->write_wait)) { 1837 wake_up_poll(&o_tty->write_wait, POLLOUT); 1838 do_sleep++; 1839 } 1840 } 1841 if (!do_sleep) 1842 break; 1843 1844 if (once) { 1845 once = 0; 1846 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n", 1847 __func__, tty_name(tty, buf)); 1848 } 1849 schedule_timeout_killable(timeout); 1850 if (timeout < 120 * HZ) 1851 timeout = 2 * timeout + 1; 1852 else 1853 timeout = MAX_SCHEDULE_TIMEOUT; 1854 } 1855 1856 if (o_tty) { 1857 if (--o_tty->count < 0) { 1858 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n", 1859 __func__, o_tty->count, tty_name(o_tty, buf)); 1860 o_tty->count = 0; 1861 } 1862 } 1863 if (--tty->count < 0) { 1864 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n", 1865 __func__, tty->count, tty_name(tty, buf)); 1866 tty->count = 0; 1867 } 1868 1869 /* 1870 * We've decremented tty->count, so we need to remove this file 1871 * descriptor off the tty->tty_files list; this serves two 1872 * purposes: 1873 * - check_tty_count sees the correct number of file descriptors 1874 * associated with this tty. 1875 * - do_tty_hangup no longer sees this file descriptor as 1876 * something that needs to be handled for hangups. 1877 */ 1878 tty_del_file(filp); 1879 1880 /* 1881 * Perform some housekeeping before deciding whether to return. 1882 * 1883 * If _either_ side is closing, make sure there aren't any 1884 * processes that still think tty or o_tty is their controlling 1885 * tty. 1886 */ 1887 if (!tty->count) { 1888 read_lock(&tasklist_lock); 1889 session_clear_tty(tty->session); 1890 if (o_tty) 1891 session_clear_tty(o_tty->session); 1892 read_unlock(&tasklist_lock); 1893 } 1894 1895 /* check whether both sides are closing ... */ 1896 final = !tty->count && !(o_tty && o_tty->count); 1897 1898 tty_unlock_slave(o_tty); 1899 tty_unlock(tty); 1900 1901 /* At this point, the tty->count == 0 should ensure a dead tty 1902 cannot be re-opened by a racing opener */ 1903 1904 if (!final) 1905 return 0; 1906 1907 #ifdef TTY_DEBUG_HANGUP 1908 printk(KERN_DEBUG "%s: %s: final close\n", __func__, tty_name(tty, buf)); 1909 #endif 1910 /* 1911 * Ask the line discipline code to release its structures 1912 */ 1913 tty_ldisc_release(tty); 1914 1915 /* Wait for pending work before tty destruction commmences */ 1916 tty_flush_works(tty); 1917 1918 #ifdef TTY_DEBUG_HANGUP 1919 printk(KERN_DEBUG "%s: %s: freeing structure...\n", __func__, tty_name(tty, buf)); 1920 #endif 1921 /* 1922 * The release_tty function takes care of the details of clearing 1923 * the slots and preserving the termios structure. The tty_unlock_pair 1924 * should be safe as we keep a kref while the tty is locked (so the 1925 * unlock never unlocks a freed tty). 1926 */ 1927 mutex_lock(&tty_mutex); 1928 release_tty(tty, idx); 1929 mutex_unlock(&tty_mutex); 1930 1931 return 0; 1932 } 1933 1934 /** 1935 * tty_open_current_tty - get locked tty of current task 1936 * @device: device number 1937 * @filp: file pointer to tty 1938 * @return: locked tty of the current task iff @device is /dev/tty 1939 * 1940 * Performs a re-open of the current task's controlling tty. 1941 * 1942 * We cannot return driver and index like for the other nodes because 1943 * devpts will not work then. It expects inodes to be from devpts FS. 1944 */ 1945 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1946 { 1947 struct tty_struct *tty; 1948 int retval; 1949 1950 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1951 return NULL; 1952 1953 tty = get_current_tty(); 1954 if (!tty) 1955 return ERR_PTR(-ENXIO); 1956 1957 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1958 /* noctty = 1; */ 1959 tty_lock(tty); 1960 tty_kref_put(tty); /* safe to drop the kref now */ 1961 1962 retval = tty_reopen(tty); 1963 if (retval < 0) { 1964 tty_unlock(tty); 1965 tty = ERR_PTR(retval); 1966 } 1967 return tty; 1968 } 1969 1970 /** 1971 * tty_lookup_driver - lookup a tty driver for a given device file 1972 * @device: device number 1973 * @filp: file pointer to tty 1974 * @noctty: set if the device should not become a controlling tty 1975 * @index: index for the device in the @return driver 1976 * @return: driver for this inode (with increased refcount) 1977 * 1978 * If @return is not erroneous, the caller is responsible to decrement the 1979 * refcount by tty_driver_kref_put. 1980 * 1981 * Locking: tty_mutex protects get_tty_driver 1982 */ 1983 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1984 int *noctty, int *index) 1985 { 1986 struct tty_driver *driver; 1987 1988 switch (device) { 1989 #ifdef CONFIG_VT 1990 case MKDEV(TTY_MAJOR, 0): { 1991 extern struct tty_driver *console_driver; 1992 driver = tty_driver_kref_get(console_driver); 1993 *index = fg_console; 1994 *noctty = 1; 1995 break; 1996 } 1997 #endif 1998 case MKDEV(TTYAUX_MAJOR, 1): { 1999 struct tty_driver *console_driver = console_device(index); 2000 if (console_driver) { 2001 driver = tty_driver_kref_get(console_driver); 2002 if (driver) { 2003 /* Don't let /dev/console block */ 2004 filp->f_flags |= O_NONBLOCK; 2005 *noctty = 1; 2006 break; 2007 } 2008 } 2009 return ERR_PTR(-ENODEV); 2010 } 2011 default: 2012 driver = get_tty_driver(device, index); 2013 if (!driver) 2014 return ERR_PTR(-ENODEV); 2015 break; 2016 } 2017 return driver; 2018 } 2019 2020 /** 2021 * tty_open - open a tty device 2022 * @inode: inode of device file 2023 * @filp: file pointer to tty 2024 * 2025 * tty_open and tty_release keep up the tty count that contains the 2026 * number of opens done on a tty. We cannot use the inode-count, as 2027 * different inodes might point to the same tty. 2028 * 2029 * Open-counting is needed for pty masters, as well as for keeping 2030 * track of serial lines: DTR is dropped when the last close happens. 2031 * (This is not done solely through tty->count, now. - Ted 1/27/92) 2032 * 2033 * The termios state of a pty is reset on first open so that 2034 * settings don't persist across reuse. 2035 * 2036 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 2037 * tty->count should protect the rest. 2038 * ->siglock protects ->signal/->sighand 2039 * 2040 * Note: the tty_unlock/lock cases without a ref are only safe due to 2041 * tty_mutex 2042 */ 2043 2044 static int tty_open(struct inode *inode, struct file *filp) 2045 { 2046 struct tty_struct *tty; 2047 int noctty, retval; 2048 struct tty_driver *driver = NULL; 2049 int index; 2050 dev_t device = inode->i_rdev; 2051 unsigned saved_flags = filp->f_flags; 2052 2053 nonseekable_open(inode, filp); 2054 2055 retry_open: 2056 retval = tty_alloc_file(filp); 2057 if (retval) 2058 return -ENOMEM; 2059 2060 noctty = filp->f_flags & O_NOCTTY; 2061 index = -1; 2062 retval = 0; 2063 2064 tty = tty_open_current_tty(device, filp); 2065 if (!tty) { 2066 mutex_lock(&tty_mutex); 2067 driver = tty_lookup_driver(device, filp, &noctty, &index); 2068 if (IS_ERR(driver)) { 2069 retval = PTR_ERR(driver); 2070 goto err_unlock; 2071 } 2072 2073 /* check whether we're reopening an existing tty */ 2074 tty = tty_driver_lookup_tty(driver, inode, index); 2075 if (IS_ERR(tty)) { 2076 retval = PTR_ERR(tty); 2077 goto err_unlock; 2078 } 2079 2080 if (tty) { 2081 mutex_unlock(&tty_mutex); 2082 tty_lock(tty); 2083 /* safe to drop the kref from tty_driver_lookup_tty() */ 2084 tty_kref_put(tty); 2085 retval = tty_reopen(tty); 2086 if (retval < 0) { 2087 tty_unlock(tty); 2088 tty = ERR_PTR(retval); 2089 } 2090 } else { /* Returns with the tty_lock held for now */ 2091 tty = tty_init_dev(driver, index); 2092 mutex_unlock(&tty_mutex); 2093 } 2094 2095 tty_driver_kref_put(driver); 2096 } 2097 2098 if (IS_ERR(tty)) { 2099 retval = PTR_ERR(tty); 2100 goto err_file; 2101 } 2102 2103 tty_add_file(tty, filp); 2104 2105 check_tty_count(tty, __func__); 2106 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2107 tty->driver->subtype == PTY_TYPE_MASTER) 2108 noctty = 1; 2109 #ifdef TTY_DEBUG_HANGUP 2110 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name); 2111 #endif 2112 if (tty->ops->open) 2113 retval = tty->ops->open(tty, filp); 2114 else 2115 retval = -ENODEV; 2116 filp->f_flags = saved_flags; 2117 2118 if (retval) { 2119 #ifdef TTY_DEBUG_HANGUP 2120 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__, 2121 retval, tty->name); 2122 #endif 2123 tty_unlock(tty); /* need to call tty_release without BTM */ 2124 tty_release(inode, filp); 2125 if (retval != -ERESTARTSYS) 2126 return retval; 2127 2128 if (signal_pending(current)) 2129 return retval; 2130 2131 schedule(); 2132 /* 2133 * Need to reset f_op in case a hangup happened. 2134 */ 2135 if (tty_hung_up_p(filp)) 2136 filp->f_op = &tty_fops; 2137 goto retry_open; 2138 } 2139 clear_bit(TTY_HUPPED, &tty->flags); 2140 2141 2142 read_lock(&tasklist_lock); 2143 spin_lock_irq(¤t->sighand->siglock); 2144 if (!noctty && 2145 current->signal->leader && 2146 !current->signal->tty && 2147 tty->session == NULL) 2148 __proc_set_tty(tty); 2149 spin_unlock_irq(¤t->sighand->siglock); 2150 read_unlock(&tasklist_lock); 2151 tty_unlock(tty); 2152 return 0; 2153 err_unlock: 2154 mutex_unlock(&tty_mutex); 2155 /* after locks to avoid deadlock */ 2156 if (!IS_ERR_OR_NULL(driver)) 2157 tty_driver_kref_put(driver); 2158 err_file: 2159 tty_free_file(filp); 2160 return retval; 2161 } 2162 2163 2164 2165 /** 2166 * tty_poll - check tty status 2167 * @filp: file being polled 2168 * @wait: poll wait structures to update 2169 * 2170 * Call the line discipline polling method to obtain the poll 2171 * status of the device. 2172 * 2173 * Locking: locks called line discipline but ldisc poll method 2174 * may be re-entered freely by other callers. 2175 */ 2176 2177 static unsigned int tty_poll(struct file *filp, poll_table *wait) 2178 { 2179 struct tty_struct *tty = file_tty(filp); 2180 struct tty_ldisc *ld; 2181 int ret = 0; 2182 2183 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll")) 2184 return 0; 2185 2186 ld = tty_ldisc_ref_wait(tty); 2187 if (ld->ops->poll) 2188 ret = ld->ops->poll(tty, filp, wait); 2189 tty_ldisc_deref(ld); 2190 return ret; 2191 } 2192 2193 static int __tty_fasync(int fd, struct file *filp, int on) 2194 { 2195 struct tty_struct *tty = file_tty(filp); 2196 struct tty_ldisc *ldisc; 2197 unsigned long flags; 2198 int retval = 0; 2199 2200 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync")) 2201 goto out; 2202 2203 retval = fasync_helper(fd, filp, on, &tty->fasync); 2204 if (retval <= 0) 2205 goto out; 2206 2207 ldisc = tty_ldisc_ref(tty); 2208 if (ldisc) { 2209 if (ldisc->ops->fasync) 2210 ldisc->ops->fasync(tty, on); 2211 tty_ldisc_deref(ldisc); 2212 } 2213 2214 if (on) { 2215 enum pid_type type; 2216 struct pid *pid; 2217 2218 spin_lock_irqsave(&tty->ctrl_lock, flags); 2219 if (tty->pgrp) { 2220 pid = tty->pgrp; 2221 type = PIDTYPE_PGID; 2222 } else { 2223 pid = task_pid(current); 2224 type = PIDTYPE_PID; 2225 } 2226 get_pid(pid); 2227 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2228 __f_setown(filp, pid, type, 0); 2229 put_pid(pid); 2230 retval = 0; 2231 } 2232 out: 2233 return retval; 2234 } 2235 2236 static int tty_fasync(int fd, struct file *filp, int on) 2237 { 2238 struct tty_struct *tty = file_tty(filp); 2239 int retval; 2240 2241 tty_lock(tty); 2242 retval = __tty_fasync(fd, filp, on); 2243 tty_unlock(tty); 2244 2245 return retval; 2246 } 2247 2248 /** 2249 * tiocsti - fake input character 2250 * @tty: tty to fake input into 2251 * @p: pointer to character 2252 * 2253 * Fake input to a tty device. Does the necessary locking and 2254 * input management. 2255 * 2256 * FIXME: does not honour flow control ?? 2257 * 2258 * Locking: 2259 * Called functions take tty_ldiscs_lock 2260 * current->signal->tty check is safe without locks 2261 * 2262 * FIXME: may race normal receive processing 2263 */ 2264 2265 static int tiocsti(struct tty_struct *tty, char __user *p) 2266 { 2267 char ch, mbz = 0; 2268 struct tty_ldisc *ld; 2269 2270 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2271 return -EPERM; 2272 if (get_user(ch, p)) 2273 return -EFAULT; 2274 tty_audit_tiocsti(tty, ch); 2275 ld = tty_ldisc_ref_wait(tty); 2276 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2277 tty_ldisc_deref(ld); 2278 return 0; 2279 } 2280 2281 /** 2282 * tiocgwinsz - implement window query ioctl 2283 * @tty; tty 2284 * @arg: user buffer for result 2285 * 2286 * Copies the kernel idea of the window size into the user buffer. 2287 * 2288 * Locking: tty->winsize_mutex is taken to ensure the winsize data 2289 * is consistent. 2290 */ 2291 2292 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2293 { 2294 int err; 2295 2296 mutex_lock(&tty->winsize_mutex); 2297 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2298 mutex_unlock(&tty->winsize_mutex); 2299 2300 return err ? -EFAULT: 0; 2301 } 2302 2303 /** 2304 * tty_do_resize - resize event 2305 * @tty: tty being resized 2306 * @rows: rows (character) 2307 * @cols: cols (character) 2308 * 2309 * Update the termios variables and send the necessary signals to 2310 * peform a terminal resize correctly 2311 */ 2312 2313 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2314 { 2315 struct pid *pgrp; 2316 2317 /* Lock the tty */ 2318 mutex_lock(&tty->winsize_mutex); 2319 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2320 goto done; 2321 2322 /* Signal the foreground process group */ 2323 pgrp = tty_get_pgrp(tty); 2324 if (pgrp) 2325 kill_pgrp(pgrp, SIGWINCH, 1); 2326 put_pid(pgrp); 2327 2328 tty->winsize = *ws; 2329 done: 2330 mutex_unlock(&tty->winsize_mutex); 2331 return 0; 2332 } 2333 EXPORT_SYMBOL(tty_do_resize); 2334 2335 /** 2336 * tiocswinsz - implement window size set ioctl 2337 * @tty; tty side of tty 2338 * @arg: user buffer for result 2339 * 2340 * Copies the user idea of the window size to the kernel. Traditionally 2341 * this is just advisory information but for the Linux console it 2342 * actually has driver level meaning and triggers a VC resize. 2343 * 2344 * Locking: 2345 * Driver dependent. The default do_resize method takes the 2346 * tty termios mutex and ctrl_lock. The console takes its own lock 2347 * then calls into the default method. 2348 */ 2349 2350 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2351 { 2352 struct winsize tmp_ws; 2353 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2354 return -EFAULT; 2355 2356 if (tty->ops->resize) 2357 return tty->ops->resize(tty, &tmp_ws); 2358 else 2359 return tty_do_resize(tty, &tmp_ws); 2360 } 2361 2362 /** 2363 * tioccons - allow admin to move logical console 2364 * @file: the file to become console 2365 * 2366 * Allow the administrator to move the redirected console device 2367 * 2368 * Locking: uses redirect_lock to guard the redirect information 2369 */ 2370 2371 static int tioccons(struct file *file) 2372 { 2373 if (!capable(CAP_SYS_ADMIN)) 2374 return -EPERM; 2375 if (file->f_op->write == redirected_tty_write) { 2376 struct file *f; 2377 spin_lock(&redirect_lock); 2378 f = redirect; 2379 redirect = NULL; 2380 spin_unlock(&redirect_lock); 2381 if (f) 2382 fput(f); 2383 return 0; 2384 } 2385 spin_lock(&redirect_lock); 2386 if (redirect) { 2387 spin_unlock(&redirect_lock); 2388 return -EBUSY; 2389 } 2390 redirect = get_file(file); 2391 spin_unlock(&redirect_lock); 2392 return 0; 2393 } 2394 2395 /** 2396 * fionbio - non blocking ioctl 2397 * @file: file to set blocking value 2398 * @p: user parameter 2399 * 2400 * Historical tty interfaces had a blocking control ioctl before 2401 * the generic functionality existed. This piece of history is preserved 2402 * in the expected tty API of posix OS's. 2403 * 2404 * Locking: none, the open file handle ensures it won't go away. 2405 */ 2406 2407 static int fionbio(struct file *file, int __user *p) 2408 { 2409 int nonblock; 2410 2411 if (get_user(nonblock, p)) 2412 return -EFAULT; 2413 2414 spin_lock(&file->f_lock); 2415 if (nonblock) 2416 file->f_flags |= O_NONBLOCK; 2417 else 2418 file->f_flags &= ~O_NONBLOCK; 2419 spin_unlock(&file->f_lock); 2420 return 0; 2421 } 2422 2423 /** 2424 * tiocsctty - set controlling tty 2425 * @tty: tty structure 2426 * @arg: user argument 2427 * 2428 * This ioctl is used to manage job control. It permits a session 2429 * leader to set this tty as the controlling tty for the session. 2430 * 2431 * Locking: 2432 * Takes tty_lock() to serialize proc_set_tty() for this tty 2433 * Takes tasklist_lock internally to walk sessions 2434 * Takes ->siglock() when updating signal->tty 2435 */ 2436 2437 static int tiocsctty(struct tty_struct *tty, int arg) 2438 { 2439 int ret = 0; 2440 2441 tty_lock(tty); 2442 read_lock(&tasklist_lock); 2443 2444 if (current->signal->leader && (task_session(current) == tty->session)) 2445 goto unlock; 2446 2447 /* 2448 * The process must be a session leader and 2449 * not have a controlling tty already. 2450 */ 2451 if (!current->signal->leader || current->signal->tty) { 2452 ret = -EPERM; 2453 goto unlock; 2454 } 2455 2456 if (tty->session) { 2457 /* 2458 * This tty is already the controlling 2459 * tty for another session group! 2460 */ 2461 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2462 /* 2463 * Steal it away 2464 */ 2465 session_clear_tty(tty->session); 2466 } else { 2467 ret = -EPERM; 2468 goto unlock; 2469 } 2470 } 2471 proc_set_tty(tty); 2472 unlock: 2473 read_unlock(&tasklist_lock); 2474 tty_unlock(tty); 2475 return ret; 2476 } 2477 2478 /** 2479 * tty_get_pgrp - return a ref counted pgrp pid 2480 * @tty: tty to read 2481 * 2482 * Returns a refcounted instance of the pid struct for the process 2483 * group controlling the tty. 2484 */ 2485 2486 struct pid *tty_get_pgrp(struct tty_struct *tty) 2487 { 2488 unsigned long flags; 2489 struct pid *pgrp; 2490 2491 spin_lock_irqsave(&tty->ctrl_lock, flags); 2492 pgrp = get_pid(tty->pgrp); 2493 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2494 2495 return pgrp; 2496 } 2497 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2498 2499 /* 2500 * This checks not only the pgrp, but falls back on the pid if no 2501 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly 2502 * without this... 2503 * 2504 * The caller must hold rcu lock or the tasklist lock. 2505 */ 2506 static struct pid *session_of_pgrp(struct pid *pgrp) 2507 { 2508 struct task_struct *p; 2509 struct pid *sid = NULL; 2510 2511 p = pid_task(pgrp, PIDTYPE_PGID); 2512 if (p == NULL) 2513 p = pid_task(pgrp, PIDTYPE_PID); 2514 if (p != NULL) 2515 sid = task_session(p); 2516 2517 return sid; 2518 } 2519 2520 /** 2521 * tiocgpgrp - get process group 2522 * @tty: tty passed by user 2523 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2524 * @p: returned pid 2525 * 2526 * Obtain the process group of the tty. If there is no process group 2527 * return an error. 2528 * 2529 * Locking: none. Reference to current->signal->tty is safe. 2530 */ 2531 2532 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2533 { 2534 struct pid *pid; 2535 int ret; 2536 /* 2537 * (tty == real_tty) is a cheap way of 2538 * testing if the tty is NOT a master pty. 2539 */ 2540 if (tty == real_tty && current->signal->tty != real_tty) 2541 return -ENOTTY; 2542 pid = tty_get_pgrp(real_tty); 2543 ret = put_user(pid_vnr(pid), p); 2544 put_pid(pid); 2545 return ret; 2546 } 2547 2548 /** 2549 * tiocspgrp - attempt to set process group 2550 * @tty: tty passed by user 2551 * @real_tty: tty side device matching tty passed by user 2552 * @p: pid pointer 2553 * 2554 * Set the process group of the tty to the session passed. Only 2555 * permitted where the tty session is our session. 2556 * 2557 * Locking: RCU, ctrl lock 2558 */ 2559 2560 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2561 { 2562 struct pid *pgrp; 2563 pid_t pgrp_nr; 2564 int retval = tty_check_change(real_tty); 2565 unsigned long flags; 2566 2567 if (retval == -EIO) 2568 return -ENOTTY; 2569 if (retval) 2570 return retval; 2571 if (!current->signal->tty || 2572 (current->signal->tty != real_tty) || 2573 (real_tty->session != task_session(current))) 2574 return -ENOTTY; 2575 if (get_user(pgrp_nr, p)) 2576 return -EFAULT; 2577 if (pgrp_nr < 0) 2578 return -EINVAL; 2579 rcu_read_lock(); 2580 pgrp = find_vpid(pgrp_nr); 2581 retval = -ESRCH; 2582 if (!pgrp) 2583 goto out_unlock; 2584 retval = -EPERM; 2585 if (session_of_pgrp(pgrp) != task_session(current)) 2586 goto out_unlock; 2587 retval = 0; 2588 spin_lock_irqsave(&tty->ctrl_lock, flags); 2589 put_pid(real_tty->pgrp); 2590 real_tty->pgrp = get_pid(pgrp); 2591 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2592 out_unlock: 2593 rcu_read_unlock(); 2594 return retval; 2595 } 2596 2597 /** 2598 * tiocgsid - get session id 2599 * @tty: tty passed by user 2600 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2601 * @p: pointer to returned session id 2602 * 2603 * Obtain the session id of the tty. If there is no session 2604 * return an error. 2605 * 2606 * Locking: none. Reference to current->signal->tty is safe. 2607 */ 2608 2609 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2610 { 2611 /* 2612 * (tty == real_tty) is a cheap way of 2613 * testing if the tty is NOT a master pty. 2614 */ 2615 if (tty == real_tty && current->signal->tty != real_tty) 2616 return -ENOTTY; 2617 if (!real_tty->session) 2618 return -ENOTTY; 2619 return put_user(pid_vnr(real_tty->session), p); 2620 } 2621 2622 /** 2623 * tiocsetd - set line discipline 2624 * @tty: tty device 2625 * @p: pointer to user data 2626 * 2627 * Set the line discipline according to user request. 2628 * 2629 * Locking: see tty_set_ldisc, this function is just a helper 2630 */ 2631 2632 static int tiocsetd(struct tty_struct *tty, int __user *p) 2633 { 2634 int ldisc; 2635 int ret; 2636 2637 if (get_user(ldisc, p)) 2638 return -EFAULT; 2639 2640 ret = tty_set_ldisc(tty, ldisc); 2641 2642 return ret; 2643 } 2644 2645 /** 2646 * send_break - performed time break 2647 * @tty: device to break on 2648 * @duration: timeout in mS 2649 * 2650 * Perform a timed break on hardware that lacks its own driver level 2651 * timed break functionality. 2652 * 2653 * Locking: 2654 * atomic_write_lock serializes 2655 * 2656 */ 2657 2658 static int send_break(struct tty_struct *tty, unsigned int duration) 2659 { 2660 int retval; 2661 2662 if (tty->ops->break_ctl == NULL) 2663 return 0; 2664 2665 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2666 retval = tty->ops->break_ctl(tty, duration); 2667 else { 2668 /* Do the work ourselves */ 2669 if (tty_write_lock(tty, 0) < 0) 2670 return -EINTR; 2671 retval = tty->ops->break_ctl(tty, -1); 2672 if (retval) 2673 goto out; 2674 if (!signal_pending(current)) 2675 msleep_interruptible(duration); 2676 retval = tty->ops->break_ctl(tty, 0); 2677 out: 2678 tty_write_unlock(tty); 2679 if (signal_pending(current)) 2680 retval = -EINTR; 2681 } 2682 return retval; 2683 } 2684 2685 /** 2686 * tty_tiocmget - get modem status 2687 * @tty: tty device 2688 * @file: user file pointer 2689 * @p: pointer to result 2690 * 2691 * Obtain the modem status bits from the tty driver if the feature 2692 * is supported. Return -EINVAL if it is not available. 2693 * 2694 * Locking: none (up to the driver) 2695 */ 2696 2697 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2698 { 2699 int retval = -EINVAL; 2700 2701 if (tty->ops->tiocmget) { 2702 retval = tty->ops->tiocmget(tty); 2703 2704 if (retval >= 0) 2705 retval = put_user(retval, p); 2706 } 2707 return retval; 2708 } 2709 2710 /** 2711 * tty_tiocmset - set modem status 2712 * @tty: tty device 2713 * @cmd: command - clear bits, set bits or set all 2714 * @p: pointer to desired bits 2715 * 2716 * Set the modem status bits from the tty driver if the feature 2717 * is supported. Return -EINVAL if it is not available. 2718 * 2719 * Locking: none (up to the driver) 2720 */ 2721 2722 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2723 unsigned __user *p) 2724 { 2725 int retval; 2726 unsigned int set, clear, val; 2727 2728 if (tty->ops->tiocmset == NULL) 2729 return -EINVAL; 2730 2731 retval = get_user(val, p); 2732 if (retval) 2733 return retval; 2734 set = clear = 0; 2735 switch (cmd) { 2736 case TIOCMBIS: 2737 set = val; 2738 break; 2739 case TIOCMBIC: 2740 clear = val; 2741 break; 2742 case TIOCMSET: 2743 set = val; 2744 clear = ~val; 2745 break; 2746 } 2747 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2748 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2749 return tty->ops->tiocmset(tty, set, clear); 2750 } 2751 2752 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2753 { 2754 int retval = -EINVAL; 2755 struct serial_icounter_struct icount; 2756 memset(&icount, 0, sizeof(icount)); 2757 if (tty->ops->get_icount) 2758 retval = tty->ops->get_icount(tty, &icount); 2759 if (retval != 0) 2760 return retval; 2761 if (copy_to_user(arg, &icount, sizeof(icount))) 2762 return -EFAULT; 2763 return 0; 2764 } 2765 2766 static void tty_warn_deprecated_flags(struct serial_struct __user *ss) 2767 { 2768 static DEFINE_RATELIMIT_STATE(depr_flags, 2769 DEFAULT_RATELIMIT_INTERVAL, 2770 DEFAULT_RATELIMIT_BURST); 2771 char comm[TASK_COMM_LEN]; 2772 int flags; 2773 2774 if (get_user(flags, &ss->flags)) 2775 return; 2776 2777 flags &= ASYNC_DEPRECATED; 2778 2779 if (flags && __ratelimit(&depr_flags)) 2780 pr_warning("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n", 2781 __func__, get_task_comm(comm, current), flags); 2782 } 2783 2784 /* 2785 * if pty, return the slave side (real_tty) 2786 * otherwise, return self 2787 */ 2788 static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2789 { 2790 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2791 tty->driver->subtype == PTY_TYPE_MASTER) 2792 tty = tty->link; 2793 return tty; 2794 } 2795 2796 /* 2797 * Split this up, as gcc can choke on it otherwise.. 2798 */ 2799 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2800 { 2801 struct tty_struct *tty = file_tty(file); 2802 struct tty_struct *real_tty; 2803 void __user *p = (void __user *)arg; 2804 int retval; 2805 struct tty_ldisc *ld; 2806 2807 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2808 return -EINVAL; 2809 2810 real_tty = tty_pair_get_tty(tty); 2811 2812 /* 2813 * Factor out some common prep work 2814 */ 2815 switch (cmd) { 2816 case TIOCSETD: 2817 case TIOCSBRK: 2818 case TIOCCBRK: 2819 case TCSBRK: 2820 case TCSBRKP: 2821 retval = tty_check_change(tty); 2822 if (retval) 2823 return retval; 2824 if (cmd != TIOCCBRK) { 2825 tty_wait_until_sent(tty, 0); 2826 if (signal_pending(current)) 2827 return -EINTR; 2828 } 2829 break; 2830 } 2831 2832 /* 2833 * Now do the stuff. 2834 */ 2835 switch (cmd) { 2836 case TIOCSTI: 2837 return tiocsti(tty, p); 2838 case TIOCGWINSZ: 2839 return tiocgwinsz(real_tty, p); 2840 case TIOCSWINSZ: 2841 return tiocswinsz(real_tty, p); 2842 case TIOCCONS: 2843 return real_tty != tty ? -EINVAL : tioccons(file); 2844 case FIONBIO: 2845 return fionbio(file, p); 2846 case TIOCEXCL: 2847 set_bit(TTY_EXCLUSIVE, &tty->flags); 2848 return 0; 2849 case TIOCNXCL: 2850 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2851 return 0; 2852 case TIOCGEXCL: 2853 { 2854 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags); 2855 return put_user(excl, (int __user *)p); 2856 } 2857 case TIOCNOTTY: 2858 if (current->signal->tty != tty) 2859 return -ENOTTY; 2860 no_tty(); 2861 return 0; 2862 case TIOCSCTTY: 2863 return tiocsctty(tty, arg); 2864 case TIOCGPGRP: 2865 return tiocgpgrp(tty, real_tty, p); 2866 case TIOCSPGRP: 2867 return tiocspgrp(tty, real_tty, p); 2868 case TIOCGSID: 2869 return tiocgsid(tty, real_tty, p); 2870 case TIOCGETD: 2871 return put_user(tty->ldisc->ops->num, (int __user *)p); 2872 case TIOCSETD: 2873 return tiocsetd(tty, p); 2874 case TIOCVHANGUP: 2875 if (!capable(CAP_SYS_ADMIN)) 2876 return -EPERM; 2877 tty_vhangup(tty); 2878 return 0; 2879 case TIOCGDEV: 2880 { 2881 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2882 return put_user(ret, (unsigned int __user *)p); 2883 } 2884 /* 2885 * Break handling 2886 */ 2887 case TIOCSBRK: /* Turn break on, unconditionally */ 2888 if (tty->ops->break_ctl) 2889 return tty->ops->break_ctl(tty, -1); 2890 return 0; 2891 case TIOCCBRK: /* Turn break off, unconditionally */ 2892 if (tty->ops->break_ctl) 2893 return tty->ops->break_ctl(tty, 0); 2894 return 0; 2895 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2896 /* non-zero arg means wait for all output data 2897 * to be sent (performed above) but don't send break. 2898 * This is used by the tcdrain() termios function. 2899 */ 2900 if (!arg) 2901 return send_break(tty, 250); 2902 return 0; 2903 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2904 return send_break(tty, arg ? arg*100 : 250); 2905 2906 case TIOCMGET: 2907 return tty_tiocmget(tty, p); 2908 case TIOCMSET: 2909 case TIOCMBIC: 2910 case TIOCMBIS: 2911 return tty_tiocmset(tty, cmd, p); 2912 case TIOCGICOUNT: 2913 retval = tty_tiocgicount(tty, p); 2914 /* For the moment allow fall through to the old method */ 2915 if (retval != -EINVAL) 2916 return retval; 2917 break; 2918 case TCFLSH: 2919 switch (arg) { 2920 case TCIFLUSH: 2921 case TCIOFLUSH: 2922 /* flush tty buffer and allow ldisc to process ioctl */ 2923 tty_buffer_flush(tty, NULL); 2924 break; 2925 } 2926 break; 2927 case TIOCSSERIAL: 2928 tty_warn_deprecated_flags(p); 2929 break; 2930 } 2931 if (tty->ops->ioctl) { 2932 retval = tty->ops->ioctl(tty, cmd, arg); 2933 if (retval != -ENOIOCTLCMD) 2934 return retval; 2935 } 2936 ld = tty_ldisc_ref_wait(tty); 2937 retval = -EINVAL; 2938 if (ld->ops->ioctl) { 2939 retval = ld->ops->ioctl(tty, file, cmd, arg); 2940 if (retval == -ENOIOCTLCMD) 2941 retval = -ENOTTY; 2942 } 2943 tty_ldisc_deref(ld); 2944 return retval; 2945 } 2946 2947 #ifdef CONFIG_COMPAT 2948 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2949 unsigned long arg) 2950 { 2951 struct tty_struct *tty = file_tty(file); 2952 struct tty_ldisc *ld; 2953 int retval = -ENOIOCTLCMD; 2954 2955 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2956 return -EINVAL; 2957 2958 if (tty->ops->compat_ioctl) { 2959 retval = tty->ops->compat_ioctl(tty, cmd, arg); 2960 if (retval != -ENOIOCTLCMD) 2961 return retval; 2962 } 2963 2964 ld = tty_ldisc_ref_wait(tty); 2965 if (ld->ops->compat_ioctl) 2966 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2967 else 2968 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg); 2969 tty_ldisc_deref(ld); 2970 2971 return retval; 2972 } 2973 #endif 2974 2975 static int this_tty(const void *t, struct file *file, unsigned fd) 2976 { 2977 if (likely(file->f_op->read != tty_read)) 2978 return 0; 2979 return file_tty(file) != t ? 0 : fd + 1; 2980 } 2981 2982 /* 2983 * This implements the "Secure Attention Key" --- the idea is to 2984 * prevent trojan horses by killing all processes associated with this 2985 * tty when the user hits the "Secure Attention Key". Required for 2986 * super-paranoid applications --- see the Orange Book for more details. 2987 * 2988 * This code could be nicer; ideally it should send a HUP, wait a few 2989 * seconds, then send a INT, and then a KILL signal. But you then 2990 * have to coordinate with the init process, since all processes associated 2991 * with the current tty must be dead before the new getty is allowed 2992 * to spawn. 2993 * 2994 * Now, if it would be correct ;-/ The current code has a nasty hole - 2995 * it doesn't catch files in flight. We may send the descriptor to ourselves 2996 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2997 * 2998 * Nasty bug: do_SAK is being called in interrupt context. This can 2999 * deadlock. We punt it up to process context. AKPM - 16Mar2001 3000 */ 3001 void __do_SAK(struct tty_struct *tty) 3002 { 3003 #ifdef TTY_SOFT_SAK 3004 tty_hangup(tty); 3005 #else 3006 struct task_struct *g, *p; 3007 struct pid *session; 3008 int i; 3009 3010 if (!tty) 3011 return; 3012 session = tty->session; 3013 3014 tty_ldisc_flush(tty); 3015 3016 tty_driver_flush_buffer(tty); 3017 3018 read_lock(&tasklist_lock); 3019 /* Kill the entire session */ 3020 do_each_pid_task(session, PIDTYPE_SID, p) { 3021 printk(KERN_NOTICE "SAK: killed process %d" 3022 " (%s): task_session(p)==tty->session\n", 3023 task_pid_nr(p), p->comm); 3024 send_sig(SIGKILL, p, 1); 3025 } while_each_pid_task(session, PIDTYPE_SID, p); 3026 /* Now kill any processes that happen to have the 3027 * tty open. 3028 */ 3029 do_each_thread(g, p) { 3030 if (p->signal->tty == tty) { 3031 printk(KERN_NOTICE "SAK: killed process %d" 3032 " (%s): task_session(p)==tty->session\n", 3033 task_pid_nr(p), p->comm); 3034 send_sig(SIGKILL, p, 1); 3035 continue; 3036 } 3037 task_lock(p); 3038 i = iterate_fd(p->files, 0, this_tty, tty); 3039 if (i != 0) { 3040 printk(KERN_NOTICE "SAK: killed process %d" 3041 " (%s): fd#%d opened to the tty\n", 3042 task_pid_nr(p), p->comm, i - 1); 3043 force_sig(SIGKILL, p); 3044 } 3045 task_unlock(p); 3046 } while_each_thread(g, p); 3047 read_unlock(&tasklist_lock); 3048 #endif 3049 } 3050 3051 static void do_SAK_work(struct work_struct *work) 3052 { 3053 struct tty_struct *tty = 3054 container_of(work, struct tty_struct, SAK_work); 3055 __do_SAK(tty); 3056 } 3057 3058 /* 3059 * The tq handling here is a little racy - tty->SAK_work may already be queued. 3060 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 3061 * the values which we write to it will be identical to the values which it 3062 * already has. --akpm 3063 */ 3064 void do_SAK(struct tty_struct *tty) 3065 { 3066 if (!tty) 3067 return; 3068 schedule_work(&tty->SAK_work); 3069 } 3070 3071 EXPORT_SYMBOL(do_SAK); 3072 3073 static int dev_match_devt(struct device *dev, const void *data) 3074 { 3075 const dev_t *devt = data; 3076 return dev->devt == *devt; 3077 } 3078 3079 /* Must put_device() after it's unused! */ 3080 static struct device *tty_get_device(struct tty_struct *tty) 3081 { 3082 dev_t devt = tty_devnum(tty); 3083 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 3084 } 3085 3086 3087 /** 3088 * alloc_tty_struct 3089 * 3090 * This subroutine allocates and initializes a tty structure. 3091 * 3092 * Locking: none - tty in question is not exposed at this point 3093 */ 3094 3095 struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) 3096 { 3097 struct tty_struct *tty; 3098 3099 tty = kzalloc(sizeof(*tty), GFP_KERNEL); 3100 if (!tty) 3101 return NULL; 3102 3103 kref_init(&tty->kref); 3104 tty->magic = TTY_MAGIC; 3105 tty_ldisc_init(tty); 3106 tty->session = NULL; 3107 tty->pgrp = NULL; 3108 mutex_init(&tty->legacy_mutex); 3109 mutex_init(&tty->throttle_mutex); 3110 init_rwsem(&tty->termios_rwsem); 3111 mutex_init(&tty->winsize_mutex); 3112 init_ldsem(&tty->ldisc_sem); 3113 init_waitqueue_head(&tty->write_wait); 3114 init_waitqueue_head(&tty->read_wait); 3115 INIT_WORK(&tty->hangup_work, do_tty_hangup); 3116 mutex_init(&tty->atomic_write_lock); 3117 spin_lock_init(&tty->ctrl_lock); 3118 spin_lock_init(&tty->flow_lock); 3119 INIT_LIST_HEAD(&tty->tty_files); 3120 INIT_WORK(&tty->SAK_work, do_SAK_work); 3121 3122 tty->driver = driver; 3123 tty->ops = driver->ops; 3124 tty->index = idx; 3125 tty_line_name(driver, idx, tty->name); 3126 tty->dev = tty_get_device(tty); 3127 3128 return tty; 3129 } 3130 3131 /** 3132 * deinitialize_tty_struct 3133 * @tty: tty to deinitialize 3134 * 3135 * This subroutine deinitializes a tty structure that has been newly 3136 * allocated but tty_release cannot be called on that yet. 3137 * 3138 * Locking: none - tty in question must not be exposed at this point 3139 */ 3140 void deinitialize_tty_struct(struct tty_struct *tty) 3141 { 3142 tty_ldisc_deinit(tty); 3143 } 3144 3145 /** 3146 * tty_put_char - write one character to a tty 3147 * @tty: tty 3148 * @ch: character 3149 * 3150 * Write one byte to the tty using the provided put_char method 3151 * if present. Returns the number of characters successfully output. 3152 * 3153 * Note: the specific put_char operation in the driver layer may go 3154 * away soon. Don't call it directly, use this method 3155 */ 3156 3157 int tty_put_char(struct tty_struct *tty, unsigned char ch) 3158 { 3159 if (tty->ops->put_char) 3160 return tty->ops->put_char(tty, ch); 3161 return tty->ops->write(tty, &ch, 1); 3162 } 3163 EXPORT_SYMBOL_GPL(tty_put_char); 3164 3165 struct class *tty_class; 3166 3167 static int tty_cdev_add(struct tty_driver *driver, dev_t dev, 3168 unsigned int index, unsigned int count) 3169 { 3170 /* init here, since reused cdevs cause crashes */ 3171 cdev_init(&driver->cdevs[index], &tty_fops); 3172 driver->cdevs[index].owner = driver->owner; 3173 return cdev_add(&driver->cdevs[index], dev, count); 3174 } 3175 3176 /** 3177 * tty_register_device - register a tty device 3178 * @driver: the tty driver that describes the tty device 3179 * @index: the index in the tty driver for this tty device 3180 * @device: a struct device that is associated with this tty device. 3181 * This field is optional, if there is no known struct device 3182 * for this tty device it can be set to NULL safely. 3183 * 3184 * Returns a pointer to the struct device for this tty device 3185 * (or ERR_PTR(-EFOO) on error). 3186 * 3187 * This call is required to be made to register an individual tty device 3188 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3189 * that bit is not set, this function should not be called by a tty 3190 * driver. 3191 * 3192 * Locking: ?? 3193 */ 3194 3195 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3196 struct device *device) 3197 { 3198 return tty_register_device_attr(driver, index, device, NULL, NULL); 3199 } 3200 EXPORT_SYMBOL(tty_register_device); 3201 3202 static void tty_device_create_release(struct device *dev) 3203 { 3204 pr_debug("device: '%s': %s\n", dev_name(dev), __func__); 3205 kfree(dev); 3206 } 3207 3208 /** 3209 * tty_register_device_attr - register a tty device 3210 * @driver: the tty driver that describes the tty device 3211 * @index: the index in the tty driver for this tty device 3212 * @device: a struct device that is associated with this tty device. 3213 * This field is optional, if there is no known struct device 3214 * for this tty device it can be set to NULL safely. 3215 * @drvdata: Driver data to be set to device. 3216 * @attr_grp: Attribute group to be set on device. 3217 * 3218 * Returns a pointer to the struct device for this tty device 3219 * (or ERR_PTR(-EFOO) on error). 3220 * 3221 * This call is required to be made to register an individual tty device 3222 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3223 * that bit is not set, this function should not be called by a tty 3224 * driver. 3225 * 3226 * Locking: ?? 3227 */ 3228 struct device *tty_register_device_attr(struct tty_driver *driver, 3229 unsigned index, struct device *device, 3230 void *drvdata, 3231 const struct attribute_group **attr_grp) 3232 { 3233 char name[64]; 3234 dev_t devt = MKDEV(driver->major, driver->minor_start) + index; 3235 struct device *dev = NULL; 3236 int retval = -ENODEV; 3237 bool cdev = false; 3238 3239 if (index >= driver->num) { 3240 printk(KERN_ERR "Attempt to register invalid tty line number " 3241 " (%d).\n", index); 3242 return ERR_PTR(-EINVAL); 3243 } 3244 3245 if (driver->type == TTY_DRIVER_TYPE_PTY) 3246 pty_line_name(driver, index, name); 3247 else 3248 tty_line_name(driver, index, name); 3249 3250 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3251 retval = tty_cdev_add(driver, devt, index, 1); 3252 if (retval) 3253 goto error; 3254 cdev = true; 3255 } 3256 3257 dev = kzalloc(sizeof(*dev), GFP_KERNEL); 3258 if (!dev) { 3259 retval = -ENOMEM; 3260 goto error; 3261 } 3262 3263 dev->devt = devt; 3264 dev->class = tty_class; 3265 dev->parent = device; 3266 dev->release = tty_device_create_release; 3267 dev_set_name(dev, "%s", name); 3268 dev->groups = attr_grp; 3269 dev_set_drvdata(dev, drvdata); 3270 3271 retval = device_register(dev); 3272 if (retval) 3273 goto error; 3274 3275 return dev; 3276 3277 error: 3278 put_device(dev); 3279 if (cdev) 3280 cdev_del(&driver->cdevs[index]); 3281 return ERR_PTR(retval); 3282 } 3283 EXPORT_SYMBOL_GPL(tty_register_device_attr); 3284 3285 /** 3286 * tty_unregister_device - unregister a tty device 3287 * @driver: the tty driver that describes the tty device 3288 * @index: the index in the tty driver for this tty device 3289 * 3290 * If a tty device is registered with a call to tty_register_device() then 3291 * this function must be called when the tty device is gone. 3292 * 3293 * Locking: ?? 3294 */ 3295 3296 void tty_unregister_device(struct tty_driver *driver, unsigned index) 3297 { 3298 device_destroy(tty_class, 3299 MKDEV(driver->major, driver->minor_start) + index); 3300 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) 3301 cdev_del(&driver->cdevs[index]); 3302 } 3303 EXPORT_SYMBOL(tty_unregister_device); 3304 3305 /** 3306 * __tty_alloc_driver -- allocate tty driver 3307 * @lines: count of lines this driver can handle at most 3308 * @owner: module which is repsonsible for this driver 3309 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags 3310 * 3311 * This should not be called directly, some of the provided macros should be 3312 * used instead. Use IS_ERR and friends on @retval. 3313 */ 3314 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner, 3315 unsigned long flags) 3316 { 3317 struct tty_driver *driver; 3318 unsigned int cdevs = 1; 3319 int err; 3320 3321 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1)) 3322 return ERR_PTR(-EINVAL); 3323 3324 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 3325 if (!driver) 3326 return ERR_PTR(-ENOMEM); 3327 3328 kref_init(&driver->kref); 3329 driver->magic = TTY_DRIVER_MAGIC; 3330 driver->num = lines; 3331 driver->owner = owner; 3332 driver->flags = flags; 3333 3334 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) { 3335 driver->ttys = kcalloc(lines, sizeof(*driver->ttys), 3336 GFP_KERNEL); 3337 driver->termios = kcalloc(lines, sizeof(*driver->termios), 3338 GFP_KERNEL); 3339 if (!driver->ttys || !driver->termios) { 3340 err = -ENOMEM; 3341 goto err_free_all; 3342 } 3343 } 3344 3345 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3346 driver->ports = kcalloc(lines, sizeof(*driver->ports), 3347 GFP_KERNEL); 3348 if (!driver->ports) { 3349 err = -ENOMEM; 3350 goto err_free_all; 3351 } 3352 cdevs = lines; 3353 } 3354 3355 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL); 3356 if (!driver->cdevs) { 3357 err = -ENOMEM; 3358 goto err_free_all; 3359 } 3360 3361 return driver; 3362 err_free_all: 3363 kfree(driver->ports); 3364 kfree(driver->ttys); 3365 kfree(driver->termios); 3366 kfree(driver); 3367 return ERR_PTR(err); 3368 } 3369 EXPORT_SYMBOL(__tty_alloc_driver); 3370 3371 static void destruct_tty_driver(struct kref *kref) 3372 { 3373 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3374 int i; 3375 struct ktermios *tp; 3376 3377 if (driver->flags & TTY_DRIVER_INSTALLED) { 3378 /* 3379 * Free the termios and termios_locked structures because 3380 * we don't want to get memory leaks when modular tty 3381 * drivers are removed from the kernel. 3382 */ 3383 for (i = 0; i < driver->num; i++) { 3384 tp = driver->termios[i]; 3385 if (tp) { 3386 driver->termios[i] = NULL; 3387 kfree(tp); 3388 } 3389 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3390 tty_unregister_device(driver, i); 3391 } 3392 proc_tty_unregister_driver(driver); 3393 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) 3394 cdev_del(&driver->cdevs[0]); 3395 } 3396 kfree(driver->cdevs); 3397 kfree(driver->ports); 3398 kfree(driver->termios); 3399 kfree(driver->ttys); 3400 kfree(driver); 3401 } 3402 3403 void tty_driver_kref_put(struct tty_driver *driver) 3404 { 3405 kref_put(&driver->kref, destruct_tty_driver); 3406 } 3407 EXPORT_SYMBOL(tty_driver_kref_put); 3408 3409 void tty_set_operations(struct tty_driver *driver, 3410 const struct tty_operations *op) 3411 { 3412 driver->ops = op; 3413 }; 3414 EXPORT_SYMBOL(tty_set_operations); 3415 3416 void put_tty_driver(struct tty_driver *d) 3417 { 3418 tty_driver_kref_put(d); 3419 } 3420 EXPORT_SYMBOL(put_tty_driver); 3421 3422 /* 3423 * Called by a tty driver to register itself. 3424 */ 3425 int tty_register_driver(struct tty_driver *driver) 3426 { 3427 int error; 3428 int i; 3429 dev_t dev; 3430 struct device *d; 3431 3432 if (!driver->major) { 3433 error = alloc_chrdev_region(&dev, driver->minor_start, 3434 driver->num, driver->name); 3435 if (!error) { 3436 driver->major = MAJOR(dev); 3437 driver->minor_start = MINOR(dev); 3438 } 3439 } else { 3440 dev = MKDEV(driver->major, driver->minor_start); 3441 error = register_chrdev_region(dev, driver->num, driver->name); 3442 } 3443 if (error < 0) 3444 goto err; 3445 3446 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) { 3447 error = tty_cdev_add(driver, dev, 0, driver->num); 3448 if (error) 3449 goto err_unreg_char; 3450 } 3451 3452 mutex_lock(&tty_mutex); 3453 list_add(&driver->tty_drivers, &tty_drivers); 3454 mutex_unlock(&tty_mutex); 3455 3456 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3457 for (i = 0; i < driver->num; i++) { 3458 d = tty_register_device(driver, i, NULL); 3459 if (IS_ERR(d)) { 3460 error = PTR_ERR(d); 3461 goto err_unreg_devs; 3462 } 3463 } 3464 } 3465 proc_tty_register_driver(driver); 3466 driver->flags |= TTY_DRIVER_INSTALLED; 3467 return 0; 3468 3469 err_unreg_devs: 3470 for (i--; i >= 0; i--) 3471 tty_unregister_device(driver, i); 3472 3473 mutex_lock(&tty_mutex); 3474 list_del(&driver->tty_drivers); 3475 mutex_unlock(&tty_mutex); 3476 3477 err_unreg_char: 3478 unregister_chrdev_region(dev, driver->num); 3479 err: 3480 return error; 3481 } 3482 EXPORT_SYMBOL(tty_register_driver); 3483 3484 /* 3485 * Called by a tty driver to unregister itself. 3486 */ 3487 int tty_unregister_driver(struct tty_driver *driver) 3488 { 3489 #if 0 3490 /* FIXME */ 3491 if (driver->refcount) 3492 return -EBUSY; 3493 #endif 3494 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3495 driver->num); 3496 mutex_lock(&tty_mutex); 3497 list_del(&driver->tty_drivers); 3498 mutex_unlock(&tty_mutex); 3499 return 0; 3500 } 3501 3502 EXPORT_SYMBOL(tty_unregister_driver); 3503 3504 dev_t tty_devnum(struct tty_struct *tty) 3505 { 3506 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3507 } 3508 EXPORT_SYMBOL(tty_devnum); 3509 3510 void tty_default_fops(struct file_operations *fops) 3511 { 3512 *fops = tty_fops; 3513 } 3514 3515 /* 3516 * Initialize the console device. This is called *early*, so 3517 * we can't necessarily depend on lots of kernel help here. 3518 * Just do some early initializations, and do the complex setup 3519 * later. 3520 */ 3521 void __init console_init(void) 3522 { 3523 initcall_t *call; 3524 3525 /* Setup the default TTY line discipline. */ 3526 tty_ldisc_begin(); 3527 3528 /* 3529 * set up the console device so that later boot sequences can 3530 * inform about problems etc.. 3531 */ 3532 call = __con_initcall_start; 3533 while (call < __con_initcall_end) { 3534 (*call)(); 3535 call++; 3536 } 3537 } 3538 3539 static char *tty_devnode(struct device *dev, umode_t *mode) 3540 { 3541 if (!mode) 3542 return NULL; 3543 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3544 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3545 *mode = 0666; 3546 return NULL; 3547 } 3548 3549 static int __init tty_class_init(void) 3550 { 3551 tty_class = class_create(THIS_MODULE, "tty"); 3552 if (IS_ERR(tty_class)) 3553 return PTR_ERR(tty_class); 3554 tty_class->devnode = tty_devnode; 3555 return 0; 3556 } 3557 3558 postcore_initcall(tty_class_init); 3559 3560 /* 3/2004 jmc: why do these devices exist? */ 3561 static struct cdev tty_cdev, console_cdev; 3562 3563 static ssize_t show_cons_active(struct device *dev, 3564 struct device_attribute *attr, char *buf) 3565 { 3566 struct console *cs[16]; 3567 int i = 0; 3568 struct console *c; 3569 ssize_t count = 0; 3570 3571 console_lock(); 3572 for_each_console(c) { 3573 if (!c->device) 3574 continue; 3575 if (!c->write) 3576 continue; 3577 if ((c->flags & CON_ENABLED) == 0) 3578 continue; 3579 cs[i++] = c; 3580 if (i >= ARRAY_SIZE(cs)) 3581 break; 3582 } 3583 while (i--) { 3584 int index = cs[i]->index; 3585 struct tty_driver *drv = cs[i]->device(cs[i], &index); 3586 3587 /* don't resolve tty0 as some programs depend on it */ 3588 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR)) 3589 count += tty_line_name(drv, index, buf + count); 3590 else 3591 count += sprintf(buf + count, "%s%d", 3592 cs[i]->name, cs[i]->index); 3593 3594 count += sprintf(buf + count, "%c", i ? ' ':'\n'); 3595 } 3596 console_unlock(); 3597 3598 return count; 3599 } 3600 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3601 3602 static struct attribute *cons_dev_attrs[] = { 3603 &dev_attr_active.attr, 3604 NULL 3605 }; 3606 3607 ATTRIBUTE_GROUPS(cons_dev); 3608 3609 static struct device *consdev; 3610 3611 void console_sysfs_notify(void) 3612 { 3613 if (consdev) 3614 sysfs_notify(&consdev->kobj, NULL, "active"); 3615 } 3616 3617 /* 3618 * Ok, now we can initialize the rest of the tty devices and can count 3619 * on memory allocations, interrupts etc.. 3620 */ 3621 int __init tty_init(void) 3622 { 3623 cdev_init(&tty_cdev, &tty_fops); 3624 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3625 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3626 panic("Couldn't register /dev/tty driver\n"); 3627 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3628 3629 cdev_init(&console_cdev, &console_fops); 3630 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3631 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3632 panic("Couldn't register /dev/console driver\n"); 3633 consdev = device_create_with_groups(tty_class, NULL, 3634 MKDEV(TTYAUX_MAJOR, 1), NULL, 3635 cons_dev_groups, "console"); 3636 if (IS_ERR(consdev)) 3637 consdev = NULL; 3638 3639 #ifdef CONFIG_VT 3640 vty_init(&console_fops); 3641 #endif 3642 return 0; 3643 } 3644 3645