1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 98 #include <linux/uaccess.h> 99 #include <asm/system.h> 100 101 #include <linux/kbd_kern.h> 102 #include <linux/vt_kern.h> 103 #include <linux/selection.h> 104 105 #include <linux/kmod.h> 106 #include <linux/nsproxy.h> 107 108 #undef TTY_DEBUG_HANGUP 109 110 #define TTY_PARANOIA_CHECK 1 111 #define CHECK_TTY_COUNT 1 112 113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 114 .c_iflag = ICRNL | IXON, 115 .c_oflag = OPOST | ONLCR, 116 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 118 ECHOCTL | ECHOKE | IEXTEN, 119 .c_cc = INIT_C_CC, 120 .c_ispeed = 38400, 121 .c_ospeed = 38400 122 }; 123 124 EXPORT_SYMBOL(tty_std_termios); 125 126 /* This list gets poked at by procfs and various bits of boot up code. This 127 could do with some rationalisation such as pulling the tty proc function 128 into this file */ 129 130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 131 132 /* Mutex to protect creating and releasing a tty. This is shared with 133 vt.c for deeply disgusting hack reasons */ 134 DEFINE_MUTEX(tty_mutex); 135 EXPORT_SYMBOL(tty_mutex); 136 137 /* Spinlock to protect the tty->tty_files list */ 138 DEFINE_SPINLOCK(tty_files_lock); 139 140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 142 ssize_t redirected_tty_write(struct file *, const char __user *, 143 size_t, loff_t *); 144 static unsigned int tty_poll(struct file *, poll_table *); 145 static int tty_open(struct inode *, struct file *); 146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 147 #ifdef CONFIG_COMPAT 148 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 149 unsigned long arg); 150 #else 151 #define tty_compat_ioctl NULL 152 #endif 153 static int __tty_fasync(int fd, struct file *filp, int on); 154 static int tty_fasync(int fd, struct file *filp, int on); 155 static void release_tty(struct tty_struct *tty, int idx); 156 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 157 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 159 /** 160 * alloc_tty_struct - allocate a tty object 161 * 162 * Return a new empty tty structure. The data fields have not 163 * been initialized in any way but has been zeroed 164 * 165 * Locking: none 166 */ 167 168 struct tty_struct *alloc_tty_struct(void) 169 { 170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 171 } 172 173 /** 174 * free_tty_struct - free a disused tty 175 * @tty: tty struct to free 176 * 177 * Free the write buffers, tty queue and tty memory itself. 178 * 179 * Locking: none. Must be called after tty is definitely unused 180 */ 181 182 void free_tty_struct(struct tty_struct *tty) 183 { 184 if (tty->dev) 185 put_device(tty->dev); 186 kfree(tty->write_buf); 187 tty_buffer_free_all(tty); 188 kfree(tty); 189 } 190 191 static inline struct tty_struct *file_tty(struct file *file) 192 { 193 return ((struct tty_file_private *)file->private_data)->tty; 194 } 195 196 /* Associate a new file with the tty structure */ 197 int tty_add_file(struct tty_struct *tty, struct file *file) 198 { 199 struct tty_file_private *priv; 200 201 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 202 if (!priv) 203 return -ENOMEM; 204 205 priv->tty = tty; 206 priv->file = file; 207 file->private_data = priv; 208 209 spin_lock(&tty_files_lock); 210 list_add(&priv->list, &tty->tty_files); 211 spin_unlock(&tty_files_lock); 212 213 return 0; 214 } 215 216 /* Delete file from its tty */ 217 void tty_del_file(struct file *file) 218 { 219 struct tty_file_private *priv = file->private_data; 220 221 spin_lock(&tty_files_lock); 222 list_del(&priv->list); 223 spin_unlock(&tty_files_lock); 224 file->private_data = NULL; 225 kfree(priv); 226 } 227 228 229 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 230 231 /** 232 * tty_name - return tty naming 233 * @tty: tty structure 234 * @buf: buffer for output 235 * 236 * Convert a tty structure into a name. The name reflects the kernel 237 * naming policy and if udev is in use may not reflect user space 238 * 239 * Locking: none 240 */ 241 242 char *tty_name(struct tty_struct *tty, char *buf) 243 { 244 if (!tty) /* Hmm. NULL pointer. That's fun. */ 245 strcpy(buf, "NULL tty"); 246 else 247 strcpy(buf, tty->name); 248 return buf; 249 } 250 251 EXPORT_SYMBOL(tty_name); 252 253 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 254 const char *routine) 255 { 256 #ifdef TTY_PARANOIA_CHECK 257 if (!tty) { 258 printk(KERN_WARNING 259 "null TTY for (%d:%d) in %s\n", 260 imajor(inode), iminor(inode), routine); 261 return 1; 262 } 263 if (tty->magic != TTY_MAGIC) { 264 printk(KERN_WARNING 265 "bad magic number for tty struct (%d:%d) in %s\n", 266 imajor(inode), iminor(inode), routine); 267 return 1; 268 } 269 #endif 270 return 0; 271 } 272 273 static int check_tty_count(struct tty_struct *tty, const char *routine) 274 { 275 #ifdef CHECK_TTY_COUNT 276 struct list_head *p; 277 int count = 0; 278 279 spin_lock(&tty_files_lock); 280 list_for_each(p, &tty->tty_files) { 281 count++; 282 } 283 spin_unlock(&tty_files_lock); 284 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 285 tty->driver->subtype == PTY_TYPE_SLAVE && 286 tty->link && tty->link->count) 287 count++; 288 if (tty->count != count) { 289 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 290 "!= #fd's(%d) in %s\n", 291 tty->name, tty->count, count, routine); 292 return count; 293 } 294 #endif 295 return 0; 296 } 297 298 /** 299 * get_tty_driver - find device of a tty 300 * @dev_t: device identifier 301 * @index: returns the index of the tty 302 * 303 * This routine returns a tty driver structure, given a device number 304 * and also passes back the index number. 305 * 306 * Locking: caller must hold tty_mutex 307 */ 308 309 static struct tty_driver *get_tty_driver(dev_t device, int *index) 310 { 311 struct tty_driver *p; 312 313 list_for_each_entry(p, &tty_drivers, tty_drivers) { 314 dev_t base = MKDEV(p->major, p->minor_start); 315 if (device < base || device >= base + p->num) 316 continue; 317 *index = device - base; 318 return tty_driver_kref_get(p); 319 } 320 return NULL; 321 } 322 323 #ifdef CONFIG_CONSOLE_POLL 324 325 /** 326 * tty_find_polling_driver - find device of a polled tty 327 * @name: name string to match 328 * @line: pointer to resulting tty line nr 329 * 330 * This routine returns a tty driver structure, given a name 331 * and the condition that the tty driver is capable of polled 332 * operation. 333 */ 334 struct tty_driver *tty_find_polling_driver(char *name, int *line) 335 { 336 struct tty_driver *p, *res = NULL; 337 int tty_line = 0; 338 int len; 339 char *str, *stp; 340 341 for (str = name; *str; str++) 342 if ((*str >= '0' && *str <= '9') || *str == ',') 343 break; 344 if (!*str) 345 return NULL; 346 347 len = str - name; 348 tty_line = simple_strtoul(str, &str, 10); 349 350 mutex_lock(&tty_mutex); 351 /* Search through the tty devices to look for a match */ 352 list_for_each_entry(p, &tty_drivers, tty_drivers) { 353 if (strncmp(name, p->name, len) != 0) 354 continue; 355 stp = str; 356 if (*stp == ',') 357 stp++; 358 if (*stp == '\0') 359 stp = NULL; 360 361 if (tty_line >= 0 && tty_line < p->num && p->ops && 362 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 363 res = tty_driver_kref_get(p); 364 *line = tty_line; 365 break; 366 } 367 } 368 mutex_unlock(&tty_mutex); 369 370 return res; 371 } 372 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 373 #endif 374 375 /** 376 * tty_check_change - check for POSIX terminal changes 377 * @tty: tty to check 378 * 379 * If we try to write to, or set the state of, a terminal and we're 380 * not in the foreground, send a SIGTTOU. If the signal is blocked or 381 * ignored, go ahead and perform the operation. (POSIX 7.2) 382 * 383 * Locking: ctrl_lock 384 */ 385 386 int tty_check_change(struct tty_struct *tty) 387 { 388 unsigned long flags; 389 int ret = 0; 390 391 if (current->signal->tty != tty) 392 return 0; 393 394 spin_lock_irqsave(&tty->ctrl_lock, flags); 395 396 if (!tty->pgrp) { 397 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 398 goto out_unlock; 399 } 400 if (task_pgrp(current) == tty->pgrp) 401 goto out_unlock; 402 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 403 if (is_ignored(SIGTTOU)) 404 goto out; 405 if (is_current_pgrp_orphaned()) { 406 ret = -EIO; 407 goto out; 408 } 409 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 410 set_thread_flag(TIF_SIGPENDING); 411 ret = -ERESTARTSYS; 412 out: 413 return ret; 414 out_unlock: 415 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 416 return ret; 417 } 418 419 EXPORT_SYMBOL(tty_check_change); 420 421 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 422 size_t count, loff_t *ppos) 423 { 424 return 0; 425 } 426 427 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 428 size_t count, loff_t *ppos) 429 { 430 return -EIO; 431 } 432 433 /* No kernel lock held - none needed ;) */ 434 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 435 { 436 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 437 } 438 439 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 440 unsigned long arg) 441 { 442 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 443 } 444 445 static long hung_up_tty_compat_ioctl(struct file *file, 446 unsigned int cmd, unsigned long arg) 447 { 448 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 449 } 450 451 static const struct file_operations tty_fops = { 452 .llseek = no_llseek, 453 .read = tty_read, 454 .write = tty_write, 455 .poll = tty_poll, 456 .unlocked_ioctl = tty_ioctl, 457 .compat_ioctl = tty_compat_ioctl, 458 .open = tty_open, 459 .release = tty_release, 460 .fasync = tty_fasync, 461 }; 462 463 static const struct file_operations console_fops = { 464 .llseek = no_llseek, 465 .read = tty_read, 466 .write = redirected_tty_write, 467 .poll = tty_poll, 468 .unlocked_ioctl = tty_ioctl, 469 .compat_ioctl = tty_compat_ioctl, 470 .open = tty_open, 471 .release = tty_release, 472 .fasync = tty_fasync, 473 }; 474 475 static const struct file_operations hung_up_tty_fops = { 476 .llseek = no_llseek, 477 .read = hung_up_tty_read, 478 .write = hung_up_tty_write, 479 .poll = hung_up_tty_poll, 480 .unlocked_ioctl = hung_up_tty_ioctl, 481 .compat_ioctl = hung_up_tty_compat_ioctl, 482 .release = tty_release, 483 }; 484 485 static DEFINE_SPINLOCK(redirect_lock); 486 static struct file *redirect; 487 488 /** 489 * tty_wakeup - request more data 490 * @tty: terminal 491 * 492 * Internal and external helper for wakeups of tty. This function 493 * informs the line discipline if present that the driver is ready 494 * to receive more output data. 495 */ 496 497 void tty_wakeup(struct tty_struct *tty) 498 { 499 struct tty_ldisc *ld; 500 501 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 502 ld = tty_ldisc_ref(tty); 503 if (ld) { 504 if (ld->ops->write_wakeup) 505 ld->ops->write_wakeup(tty); 506 tty_ldisc_deref(ld); 507 } 508 } 509 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 510 } 511 512 EXPORT_SYMBOL_GPL(tty_wakeup); 513 514 /** 515 * __tty_hangup - actual handler for hangup events 516 * @work: tty device 517 * 518 * This can be called by the "eventd" kernel thread. That is process 519 * synchronous but doesn't hold any locks, so we need to make sure we 520 * have the appropriate locks for what we're doing. 521 * 522 * The hangup event clears any pending redirections onto the hung up 523 * device. It ensures future writes will error and it does the needed 524 * line discipline hangup and signal delivery. The tty object itself 525 * remains intact. 526 * 527 * Locking: 528 * BTM 529 * redirect lock for undoing redirection 530 * file list lock for manipulating list of ttys 531 * tty_ldisc_lock from called functions 532 * termios_mutex resetting termios data 533 * tasklist_lock to walk task list for hangup event 534 * ->siglock to protect ->signal/->sighand 535 */ 536 void __tty_hangup(struct tty_struct *tty) 537 { 538 struct file *cons_filp = NULL; 539 struct file *filp, *f = NULL; 540 struct task_struct *p; 541 struct tty_file_private *priv; 542 int closecount = 0, n; 543 unsigned long flags; 544 int refs = 0; 545 546 if (!tty) 547 return; 548 549 550 spin_lock(&redirect_lock); 551 if (redirect && file_tty(redirect) == tty) { 552 f = redirect; 553 redirect = NULL; 554 } 555 spin_unlock(&redirect_lock); 556 557 tty_lock(); 558 559 /* some functions below drop BTM, so we need this bit */ 560 set_bit(TTY_HUPPING, &tty->flags); 561 562 /* inuse_filps is protected by the single tty lock, 563 this really needs to change if we want to flush the 564 workqueue with the lock held */ 565 check_tty_count(tty, "tty_hangup"); 566 567 spin_lock(&tty_files_lock); 568 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 569 list_for_each_entry(priv, &tty->tty_files, list) { 570 filp = priv->file; 571 if (filp->f_op->write == redirected_tty_write) 572 cons_filp = filp; 573 if (filp->f_op->write != tty_write) 574 continue; 575 closecount++; 576 __tty_fasync(-1, filp, 0); /* can't block */ 577 filp->f_op = &hung_up_tty_fops; 578 } 579 spin_unlock(&tty_files_lock); 580 581 /* 582 * it drops BTM and thus races with reopen 583 * we protect the race by TTY_HUPPING 584 */ 585 tty_ldisc_hangup(tty); 586 587 read_lock(&tasklist_lock); 588 if (tty->session) { 589 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 590 spin_lock_irq(&p->sighand->siglock); 591 if (p->signal->tty == tty) { 592 p->signal->tty = NULL; 593 /* We defer the dereferences outside fo 594 the tasklist lock */ 595 refs++; 596 } 597 if (!p->signal->leader) { 598 spin_unlock_irq(&p->sighand->siglock); 599 continue; 600 } 601 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 602 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 603 put_pid(p->signal->tty_old_pgrp); /* A noop */ 604 spin_lock_irqsave(&tty->ctrl_lock, flags); 605 if (tty->pgrp) 606 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 607 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 608 spin_unlock_irq(&p->sighand->siglock); 609 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 610 } 611 read_unlock(&tasklist_lock); 612 613 spin_lock_irqsave(&tty->ctrl_lock, flags); 614 clear_bit(TTY_THROTTLED, &tty->flags); 615 clear_bit(TTY_PUSH, &tty->flags); 616 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 617 put_pid(tty->session); 618 put_pid(tty->pgrp); 619 tty->session = NULL; 620 tty->pgrp = NULL; 621 tty->ctrl_status = 0; 622 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 623 624 /* Account for the p->signal references we killed */ 625 while (refs--) 626 tty_kref_put(tty); 627 628 /* 629 * If one of the devices matches a console pointer, we 630 * cannot just call hangup() because that will cause 631 * tty->count and state->count to go out of sync. 632 * So we just call close() the right number of times. 633 */ 634 if (cons_filp) { 635 if (tty->ops->close) 636 for (n = 0; n < closecount; n++) 637 tty->ops->close(tty, cons_filp); 638 } else if (tty->ops->hangup) 639 (tty->ops->hangup)(tty); 640 /* 641 * We don't want to have driver/ldisc interactions beyond 642 * the ones we did here. The driver layer expects no 643 * calls after ->hangup() from the ldisc side. However we 644 * can't yet guarantee all that. 645 */ 646 set_bit(TTY_HUPPED, &tty->flags); 647 clear_bit(TTY_HUPPING, &tty->flags); 648 tty_ldisc_enable(tty); 649 650 tty_unlock(); 651 652 if (f) 653 fput(f); 654 } 655 656 static void do_tty_hangup(struct work_struct *work) 657 { 658 struct tty_struct *tty = 659 container_of(work, struct tty_struct, hangup_work); 660 661 __tty_hangup(tty); 662 } 663 664 /** 665 * tty_hangup - trigger a hangup event 666 * @tty: tty to hangup 667 * 668 * A carrier loss (virtual or otherwise) has occurred on this like 669 * schedule a hangup sequence to run after this event. 670 */ 671 672 void tty_hangup(struct tty_struct *tty) 673 { 674 #ifdef TTY_DEBUG_HANGUP 675 char buf[64]; 676 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 677 #endif 678 schedule_work(&tty->hangup_work); 679 } 680 681 EXPORT_SYMBOL(tty_hangup); 682 683 /** 684 * tty_vhangup - process vhangup 685 * @tty: tty to hangup 686 * 687 * The user has asked via system call for the terminal to be hung up. 688 * We do this synchronously so that when the syscall returns the process 689 * is complete. That guarantee is necessary for security reasons. 690 */ 691 692 void tty_vhangup(struct tty_struct *tty) 693 { 694 #ifdef TTY_DEBUG_HANGUP 695 char buf[64]; 696 697 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 698 #endif 699 __tty_hangup(tty); 700 } 701 702 EXPORT_SYMBOL(tty_vhangup); 703 704 705 /** 706 * tty_vhangup_self - process vhangup for own ctty 707 * 708 * Perform a vhangup on the current controlling tty 709 */ 710 711 void tty_vhangup_self(void) 712 { 713 struct tty_struct *tty; 714 715 tty = get_current_tty(); 716 if (tty) { 717 tty_vhangup(tty); 718 tty_kref_put(tty); 719 } 720 } 721 722 /** 723 * tty_hung_up_p - was tty hung up 724 * @filp: file pointer of tty 725 * 726 * Return true if the tty has been subject to a vhangup or a carrier 727 * loss 728 */ 729 730 int tty_hung_up_p(struct file *filp) 731 { 732 return (filp->f_op == &hung_up_tty_fops); 733 } 734 735 EXPORT_SYMBOL(tty_hung_up_p); 736 737 static void session_clear_tty(struct pid *session) 738 { 739 struct task_struct *p; 740 do_each_pid_task(session, PIDTYPE_SID, p) { 741 proc_clear_tty(p); 742 } while_each_pid_task(session, PIDTYPE_SID, p); 743 } 744 745 /** 746 * disassociate_ctty - disconnect controlling tty 747 * @on_exit: true if exiting so need to "hang up" the session 748 * 749 * This function is typically called only by the session leader, when 750 * it wants to disassociate itself from its controlling tty. 751 * 752 * It performs the following functions: 753 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 754 * (2) Clears the tty from being controlling the session 755 * (3) Clears the controlling tty for all processes in the 756 * session group. 757 * 758 * The argument on_exit is set to 1 if called when a process is 759 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 760 * 761 * Locking: 762 * BTM is taken for hysterical raisins, and held when 763 * called from no_tty(). 764 * tty_mutex is taken to protect tty 765 * ->siglock is taken to protect ->signal/->sighand 766 * tasklist_lock is taken to walk process list for sessions 767 * ->siglock is taken to protect ->signal/->sighand 768 */ 769 770 void disassociate_ctty(int on_exit) 771 { 772 struct tty_struct *tty; 773 struct pid *tty_pgrp = NULL; 774 775 if (!current->signal->leader) 776 return; 777 778 tty = get_current_tty(); 779 if (tty) { 780 tty_pgrp = get_pid(tty->pgrp); 781 if (on_exit) { 782 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 783 tty_vhangup(tty); 784 } 785 tty_kref_put(tty); 786 } else if (on_exit) { 787 struct pid *old_pgrp; 788 spin_lock_irq(¤t->sighand->siglock); 789 old_pgrp = current->signal->tty_old_pgrp; 790 current->signal->tty_old_pgrp = NULL; 791 spin_unlock_irq(¤t->sighand->siglock); 792 if (old_pgrp) { 793 kill_pgrp(old_pgrp, SIGHUP, on_exit); 794 kill_pgrp(old_pgrp, SIGCONT, on_exit); 795 put_pid(old_pgrp); 796 } 797 return; 798 } 799 if (tty_pgrp) { 800 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 801 if (!on_exit) 802 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 803 put_pid(tty_pgrp); 804 } 805 806 spin_lock_irq(¤t->sighand->siglock); 807 put_pid(current->signal->tty_old_pgrp); 808 current->signal->tty_old_pgrp = NULL; 809 spin_unlock_irq(¤t->sighand->siglock); 810 811 tty = get_current_tty(); 812 if (tty) { 813 unsigned long flags; 814 spin_lock_irqsave(&tty->ctrl_lock, flags); 815 put_pid(tty->session); 816 put_pid(tty->pgrp); 817 tty->session = NULL; 818 tty->pgrp = NULL; 819 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 820 tty_kref_put(tty); 821 } else { 822 #ifdef TTY_DEBUG_HANGUP 823 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 824 " = NULL", tty); 825 #endif 826 } 827 828 /* Now clear signal->tty under the lock */ 829 read_lock(&tasklist_lock); 830 session_clear_tty(task_session(current)); 831 read_unlock(&tasklist_lock); 832 } 833 834 /** 835 * 836 * no_tty - Ensure the current process does not have a controlling tty 837 */ 838 void no_tty(void) 839 { 840 struct task_struct *tsk = current; 841 tty_lock(); 842 disassociate_ctty(0); 843 tty_unlock(); 844 proc_clear_tty(tsk); 845 } 846 847 848 /** 849 * stop_tty - propagate flow control 850 * @tty: tty to stop 851 * 852 * Perform flow control to the driver. For PTY/TTY pairs we 853 * must also propagate the TIOCKPKT status. May be called 854 * on an already stopped device and will not re-call the driver 855 * method. 856 * 857 * This functionality is used by both the line disciplines for 858 * halting incoming flow and by the driver. It may therefore be 859 * called from any context, may be under the tty atomic_write_lock 860 * but not always. 861 * 862 * Locking: 863 * Uses the tty control lock internally 864 */ 865 866 void stop_tty(struct tty_struct *tty) 867 { 868 unsigned long flags; 869 spin_lock_irqsave(&tty->ctrl_lock, flags); 870 if (tty->stopped) { 871 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 872 return; 873 } 874 tty->stopped = 1; 875 if (tty->link && tty->link->packet) { 876 tty->ctrl_status &= ~TIOCPKT_START; 877 tty->ctrl_status |= TIOCPKT_STOP; 878 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 879 } 880 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 881 if (tty->ops->stop) 882 (tty->ops->stop)(tty); 883 } 884 885 EXPORT_SYMBOL(stop_tty); 886 887 /** 888 * start_tty - propagate flow control 889 * @tty: tty to start 890 * 891 * Start a tty that has been stopped if at all possible. Perform 892 * any necessary wakeups and propagate the TIOCPKT status. If this 893 * is the tty was previous stopped and is being started then the 894 * driver start method is invoked and the line discipline woken. 895 * 896 * Locking: 897 * ctrl_lock 898 */ 899 900 void start_tty(struct tty_struct *tty) 901 { 902 unsigned long flags; 903 spin_lock_irqsave(&tty->ctrl_lock, flags); 904 if (!tty->stopped || tty->flow_stopped) { 905 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 906 return; 907 } 908 tty->stopped = 0; 909 if (tty->link && tty->link->packet) { 910 tty->ctrl_status &= ~TIOCPKT_STOP; 911 tty->ctrl_status |= TIOCPKT_START; 912 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 913 } 914 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 915 if (tty->ops->start) 916 (tty->ops->start)(tty); 917 /* If we have a running line discipline it may need kicking */ 918 tty_wakeup(tty); 919 } 920 921 EXPORT_SYMBOL(start_tty); 922 923 /** 924 * tty_read - read method for tty device files 925 * @file: pointer to tty file 926 * @buf: user buffer 927 * @count: size of user buffer 928 * @ppos: unused 929 * 930 * Perform the read system call function on this terminal device. Checks 931 * for hung up devices before calling the line discipline method. 932 * 933 * Locking: 934 * Locks the line discipline internally while needed. Multiple 935 * read calls may be outstanding in parallel. 936 */ 937 938 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 939 loff_t *ppos) 940 { 941 int i; 942 struct inode *inode = file->f_path.dentry->d_inode; 943 struct tty_struct *tty = file_tty(file); 944 struct tty_ldisc *ld; 945 946 if (tty_paranoia_check(tty, inode, "tty_read")) 947 return -EIO; 948 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 949 return -EIO; 950 951 /* We want to wait for the line discipline to sort out in this 952 situation */ 953 ld = tty_ldisc_ref_wait(tty); 954 if (ld->ops->read) 955 i = (ld->ops->read)(tty, file, buf, count); 956 else 957 i = -EIO; 958 tty_ldisc_deref(ld); 959 if (i > 0) 960 inode->i_atime = current_fs_time(inode->i_sb); 961 return i; 962 } 963 964 void tty_write_unlock(struct tty_struct *tty) 965 __releases(&tty->atomic_write_lock) 966 { 967 mutex_unlock(&tty->atomic_write_lock); 968 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 969 } 970 971 int tty_write_lock(struct tty_struct *tty, int ndelay) 972 __acquires(&tty->atomic_write_lock) 973 { 974 if (!mutex_trylock(&tty->atomic_write_lock)) { 975 if (ndelay) 976 return -EAGAIN; 977 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 978 return -ERESTARTSYS; 979 } 980 return 0; 981 } 982 983 /* 984 * Split writes up in sane blocksizes to avoid 985 * denial-of-service type attacks 986 */ 987 static inline ssize_t do_tty_write( 988 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 989 struct tty_struct *tty, 990 struct file *file, 991 const char __user *buf, 992 size_t count) 993 { 994 ssize_t ret, written = 0; 995 unsigned int chunk; 996 997 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 998 if (ret < 0) 999 return ret; 1000 1001 /* 1002 * We chunk up writes into a temporary buffer. This 1003 * simplifies low-level drivers immensely, since they 1004 * don't have locking issues and user mode accesses. 1005 * 1006 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1007 * big chunk-size.. 1008 * 1009 * The default chunk-size is 2kB, because the NTTY 1010 * layer has problems with bigger chunks. It will 1011 * claim to be able to handle more characters than 1012 * it actually does. 1013 * 1014 * FIXME: This can probably go away now except that 64K chunks 1015 * are too likely to fail unless switched to vmalloc... 1016 */ 1017 chunk = 2048; 1018 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1019 chunk = 65536; 1020 if (count < chunk) 1021 chunk = count; 1022 1023 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1024 if (tty->write_cnt < chunk) { 1025 unsigned char *buf_chunk; 1026 1027 if (chunk < 1024) 1028 chunk = 1024; 1029 1030 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1031 if (!buf_chunk) { 1032 ret = -ENOMEM; 1033 goto out; 1034 } 1035 kfree(tty->write_buf); 1036 tty->write_cnt = chunk; 1037 tty->write_buf = buf_chunk; 1038 } 1039 1040 /* Do the write .. */ 1041 for (;;) { 1042 size_t size = count; 1043 if (size > chunk) 1044 size = chunk; 1045 ret = -EFAULT; 1046 if (copy_from_user(tty->write_buf, buf, size)) 1047 break; 1048 ret = write(tty, file, tty->write_buf, size); 1049 if (ret <= 0) 1050 break; 1051 written += ret; 1052 buf += ret; 1053 count -= ret; 1054 if (!count) 1055 break; 1056 ret = -ERESTARTSYS; 1057 if (signal_pending(current)) 1058 break; 1059 cond_resched(); 1060 } 1061 if (written) { 1062 struct inode *inode = file->f_path.dentry->d_inode; 1063 inode->i_mtime = current_fs_time(inode->i_sb); 1064 ret = written; 1065 } 1066 out: 1067 tty_write_unlock(tty); 1068 return ret; 1069 } 1070 1071 /** 1072 * tty_write_message - write a message to a certain tty, not just the console. 1073 * @tty: the destination tty_struct 1074 * @msg: the message to write 1075 * 1076 * This is used for messages that need to be redirected to a specific tty. 1077 * We don't put it into the syslog queue right now maybe in the future if 1078 * really needed. 1079 * 1080 * We must still hold the BTM and test the CLOSING flag for the moment. 1081 */ 1082 1083 void tty_write_message(struct tty_struct *tty, char *msg) 1084 { 1085 if (tty) { 1086 mutex_lock(&tty->atomic_write_lock); 1087 tty_lock(); 1088 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1089 tty_unlock(); 1090 tty->ops->write(tty, msg, strlen(msg)); 1091 } else 1092 tty_unlock(); 1093 tty_write_unlock(tty); 1094 } 1095 return; 1096 } 1097 1098 1099 /** 1100 * tty_write - write method for tty device file 1101 * @file: tty file pointer 1102 * @buf: user data to write 1103 * @count: bytes to write 1104 * @ppos: unused 1105 * 1106 * Write data to a tty device via the line discipline. 1107 * 1108 * Locking: 1109 * Locks the line discipline as required 1110 * Writes to the tty driver are serialized by the atomic_write_lock 1111 * and are then processed in chunks to the device. The line discipline 1112 * write method will not be invoked in parallel for each device. 1113 */ 1114 1115 static ssize_t tty_write(struct file *file, const char __user *buf, 1116 size_t count, loff_t *ppos) 1117 { 1118 struct inode *inode = file->f_path.dentry->d_inode; 1119 struct tty_struct *tty = file_tty(file); 1120 struct tty_ldisc *ld; 1121 ssize_t ret; 1122 1123 if (tty_paranoia_check(tty, inode, "tty_write")) 1124 return -EIO; 1125 if (!tty || !tty->ops->write || 1126 (test_bit(TTY_IO_ERROR, &tty->flags))) 1127 return -EIO; 1128 /* Short term debug to catch buggy drivers */ 1129 if (tty->ops->write_room == NULL) 1130 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1131 tty->driver->name); 1132 ld = tty_ldisc_ref_wait(tty); 1133 if (!ld->ops->write) 1134 ret = -EIO; 1135 else 1136 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1137 tty_ldisc_deref(ld); 1138 return ret; 1139 } 1140 1141 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1142 size_t count, loff_t *ppos) 1143 { 1144 struct file *p = NULL; 1145 1146 spin_lock(&redirect_lock); 1147 if (redirect) { 1148 get_file(redirect); 1149 p = redirect; 1150 } 1151 spin_unlock(&redirect_lock); 1152 1153 if (p) { 1154 ssize_t res; 1155 res = vfs_write(p, buf, count, &p->f_pos); 1156 fput(p); 1157 return res; 1158 } 1159 return tty_write(file, buf, count, ppos); 1160 } 1161 1162 static char ptychar[] = "pqrstuvwxyzabcde"; 1163 1164 /** 1165 * pty_line_name - generate name for a pty 1166 * @driver: the tty driver in use 1167 * @index: the minor number 1168 * @p: output buffer of at least 6 bytes 1169 * 1170 * Generate a name from a driver reference and write it to the output 1171 * buffer. 1172 * 1173 * Locking: None 1174 */ 1175 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1176 { 1177 int i = index + driver->name_base; 1178 /* ->name is initialized to "ttyp", but "tty" is expected */ 1179 sprintf(p, "%s%c%x", 1180 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1181 ptychar[i >> 4 & 0xf], i & 0xf); 1182 } 1183 1184 /** 1185 * tty_line_name - generate name for a tty 1186 * @driver: the tty driver in use 1187 * @index: the minor number 1188 * @p: output buffer of at least 7 bytes 1189 * 1190 * Generate a name from a driver reference and write it to the output 1191 * buffer. 1192 * 1193 * Locking: None 1194 */ 1195 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1196 { 1197 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1198 } 1199 1200 /** 1201 * tty_driver_lookup_tty() - find an existing tty, if any 1202 * @driver: the driver for the tty 1203 * @idx: the minor number 1204 * 1205 * Return the tty, if found or ERR_PTR() otherwise. 1206 * 1207 * Locking: tty_mutex must be held. If tty is found, the mutex must 1208 * be held until the 'fast-open' is also done. Will change once we 1209 * have refcounting in the driver and per driver locking 1210 */ 1211 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1212 struct inode *inode, int idx) 1213 { 1214 struct tty_struct *tty; 1215 1216 if (driver->ops->lookup) 1217 return driver->ops->lookup(driver, inode, idx); 1218 1219 tty = driver->ttys[idx]; 1220 return tty; 1221 } 1222 1223 /** 1224 * tty_init_termios - helper for termios setup 1225 * @tty: the tty to set up 1226 * 1227 * Initialise the termios structures for this tty. Thus runs under 1228 * the tty_mutex currently so we can be relaxed about ordering. 1229 */ 1230 1231 int tty_init_termios(struct tty_struct *tty) 1232 { 1233 struct ktermios *tp; 1234 int idx = tty->index; 1235 1236 tp = tty->driver->termios[idx]; 1237 if (tp == NULL) { 1238 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1239 if (tp == NULL) 1240 return -ENOMEM; 1241 memcpy(tp, &tty->driver->init_termios, 1242 sizeof(struct ktermios)); 1243 tty->driver->termios[idx] = tp; 1244 } 1245 tty->termios = tp; 1246 tty->termios_locked = tp + 1; 1247 1248 /* Compatibility until drivers always set this */ 1249 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1250 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1251 return 0; 1252 } 1253 EXPORT_SYMBOL_GPL(tty_init_termios); 1254 1255 /** 1256 * tty_driver_install_tty() - install a tty entry in the driver 1257 * @driver: the driver for the tty 1258 * @tty: the tty 1259 * 1260 * Install a tty object into the driver tables. The tty->index field 1261 * will be set by the time this is called. This method is responsible 1262 * for ensuring any need additional structures are allocated and 1263 * configured. 1264 * 1265 * Locking: tty_mutex for now 1266 */ 1267 static int tty_driver_install_tty(struct tty_driver *driver, 1268 struct tty_struct *tty) 1269 { 1270 int idx = tty->index; 1271 int ret; 1272 1273 if (driver->ops->install) { 1274 ret = driver->ops->install(driver, tty); 1275 return ret; 1276 } 1277 1278 if (tty_init_termios(tty) == 0) { 1279 tty_driver_kref_get(driver); 1280 tty->count++; 1281 driver->ttys[idx] = tty; 1282 return 0; 1283 } 1284 return -ENOMEM; 1285 } 1286 1287 /** 1288 * tty_driver_remove_tty() - remove a tty from the driver tables 1289 * @driver: the driver for the tty 1290 * @idx: the minor number 1291 * 1292 * Remvoe a tty object from the driver tables. The tty->index field 1293 * will be set by the time this is called. 1294 * 1295 * Locking: tty_mutex for now 1296 */ 1297 static void tty_driver_remove_tty(struct tty_driver *driver, 1298 struct tty_struct *tty) 1299 { 1300 if (driver->ops->remove) 1301 driver->ops->remove(driver, tty); 1302 else 1303 driver->ttys[tty->index] = NULL; 1304 } 1305 1306 /* 1307 * tty_reopen() - fast re-open of an open tty 1308 * @tty - the tty to open 1309 * 1310 * Return 0 on success, -errno on error. 1311 * 1312 * Locking: tty_mutex must be held from the time the tty was found 1313 * till this open completes. 1314 */ 1315 static int tty_reopen(struct tty_struct *tty) 1316 { 1317 struct tty_driver *driver = tty->driver; 1318 1319 if (test_bit(TTY_CLOSING, &tty->flags) || 1320 test_bit(TTY_HUPPING, &tty->flags) || 1321 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1322 return -EIO; 1323 1324 if (driver->type == TTY_DRIVER_TYPE_PTY && 1325 driver->subtype == PTY_TYPE_MASTER) { 1326 /* 1327 * special case for PTY masters: only one open permitted, 1328 * and the slave side open count is incremented as well. 1329 */ 1330 if (tty->count) 1331 return -EIO; 1332 1333 tty->link->count++; 1334 } 1335 tty->count++; 1336 tty->driver = driver; /* N.B. why do this every time?? */ 1337 1338 mutex_lock(&tty->ldisc_mutex); 1339 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1340 mutex_unlock(&tty->ldisc_mutex); 1341 1342 return 0; 1343 } 1344 1345 /** 1346 * tty_init_dev - initialise a tty device 1347 * @driver: tty driver we are opening a device on 1348 * @idx: device index 1349 * @ret_tty: returned tty structure 1350 * @first_ok: ok to open a new device (used by ptmx) 1351 * 1352 * Prepare a tty device. This may not be a "new" clean device but 1353 * could also be an active device. The pty drivers require special 1354 * handling because of this. 1355 * 1356 * Locking: 1357 * The function is called under the tty_mutex, which 1358 * protects us from the tty struct or driver itself going away. 1359 * 1360 * On exit the tty device has the line discipline attached and 1361 * a reference count of 1. If a pair was created for pty/tty use 1362 * and the other was a pty master then it too has a reference count of 1. 1363 * 1364 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1365 * failed open. The new code protects the open with a mutex, so it's 1366 * really quite straightforward. The mutex locking can probably be 1367 * relaxed for the (most common) case of reopening a tty. 1368 */ 1369 1370 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx, 1371 int first_ok) 1372 { 1373 struct tty_struct *tty; 1374 int retval; 1375 1376 /* Check if pty master is being opened multiple times */ 1377 if (driver->subtype == PTY_TYPE_MASTER && 1378 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) { 1379 return ERR_PTR(-EIO); 1380 } 1381 1382 /* 1383 * First time open is complex, especially for PTY devices. 1384 * This code guarantees that either everything succeeds and the 1385 * TTY is ready for operation, or else the table slots are vacated 1386 * and the allocated memory released. (Except that the termios 1387 * and locked termios may be retained.) 1388 */ 1389 1390 if (!try_module_get(driver->owner)) 1391 return ERR_PTR(-ENODEV); 1392 1393 tty = alloc_tty_struct(); 1394 if (!tty) { 1395 retval = -ENOMEM; 1396 goto err_module_put; 1397 } 1398 initialize_tty_struct(tty, driver, idx); 1399 1400 retval = tty_driver_install_tty(driver, tty); 1401 if (retval < 0) 1402 goto err_deinit_tty; 1403 1404 /* 1405 * Structures all installed ... call the ldisc open routines. 1406 * If we fail here just call release_tty to clean up. No need 1407 * to decrement the use counts, as release_tty doesn't care. 1408 */ 1409 retval = tty_ldisc_setup(tty, tty->link); 1410 if (retval) 1411 goto err_release_tty; 1412 return tty; 1413 1414 err_deinit_tty: 1415 deinitialize_tty_struct(tty); 1416 free_tty_struct(tty); 1417 err_module_put: 1418 module_put(driver->owner); 1419 return ERR_PTR(retval); 1420 1421 /* call the tty release_tty routine to clean out this slot */ 1422 err_release_tty: 1423 if (printk_ratelimit()) 1424 printk(KERN_INFO "tty_init_dev: ldisc open failed, " 1425 "clearing slot %d\n", idx); 1426 release_tty(tty, idx); 1427 return ERR_PTR(retval); 1428 } 1429 1430 void tty_free_termios(struct tty_struct *tty) 1431 { 1432 struct ktermios *tp; 1433 int idx = tty->index; 1434 /* Kill this flag and push into drivers for locking etc */ 1435 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1436 /* FIXME: Locking on ->termios array */ 1437 tp = tty->termios; 1438 tty->driver->termios[idx] = NULL; 1439 kfree(tp); 1440 } 1441 } 1442 EXPORT_SYMBOL(tty_free_termios); 1443 1444 void tty_shutdown(struct tty_struct *tty) 1445 { 1446 tty_driver_remove_tty(tty->driver, tty); 1447 tty_free_termios(tty); 1448 } 1449 EXPORT_SYMBOL(tty_shutdown); 1450 1451 /** 1452 * release_one_tty - release tty structure memory 1453 * @kref: kref of tty we are obliterating 1454 * 1455 * Releases memory associated with a tty structure, and clears out the 1456 * driver table slots. This function is called when a device is no longer 1457 * in use. It also gets called when setup of a device fails. 1458 * 1459 * Locking: 1460 * tty_mutex - sometimes only 1461 * takes the file list lock internally when working on the list 1462 * of ttys that the driver keeps. 1463 * 1464 * This method gets called from a work queue so that the driver private 1465 * cleanup ops can sleep (needed for USB at least) 1466 */ 1467 static void release_one_tty(struct work_struct *work) 1468 { 1469 struct tty_struct *tty = 1470 container_of(work, struct tty_struct, hangup_work); 1471 struct tty_driver *driver = tty->driver; 1472 1473 if (tty->ops->cleanup) 1474 tty->ops->cleanup(tty); 1475 1476 tty->magic = 0; 1477 tty_driver_kref_put(driver); 1478 module_put(driver->owner); 1479 1480 spin_lock(&tty_files_lock); 1481 list_del_init(&tty->tty_files); 1482 spin_unlock(&tty_files_lock); 1483 1484 put_pid(tty->pgrp); 1485 put_pid(tty->session); 1486 free_tty_struct(tty); 1487 } 1488 1489 static void queue_release_one_tty(struct kref *kref) 1490 { 1491 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1492 1493 if (tty->ops->shutdown) 1494 tty->ops->shutdown(tty); 1495 else 1496 tty_shutdown(tty); 1497 1498 /* The hangup queue is now free so we can reuse it rather than 1499 waste a chunk of memory for each port */ 1500 INIT_WORK(&tty->hangup_work, release_one_tty); 1501 schedule_work(&tty->hangup_work); 1502 } 1503 1504 /** 1505 * tty_kref_put - release a tty kref 1506 * @tty: tty device 1507 * 1508 * Release a reference to a tty device and if need be let the kref 1509 * layer destruct the object for us 1510 */ 1511 1512 void tty_kref_put(struct tty_struct *tty) 1513 { 1514 if (tty) 1515 kref_put(&tty->kref, queue_release_one_tty); 1516 } 1517 EXPORT_SYMBOL(tty_kref_put); 1518 1519 /** 1520 * release_tty - release tty structure memory 1521 * 1522 * Release both @tty and a possible linked partner (think pty pair), 1523 * and decrement the refcount of the backing module. 1524 * 1525 * Locking: 1526 * tty_mutex - sometimes only 1527 * takes the file list lock internally when working on the list 1528 * of ttys that the driver keeps. 1529 * FIXME: should we require tty_mutex is held here ?? 1530 * 1531 */ 1532 static void release_tty(struct tty_struct *tty, int idx) 1533 { 1534 /* This should always be true but check for the moment */ 1535 WARN_ON(tty->index != idx); 1536 1537 if (tty->link) 1538 tty_kref_put(tty->link); 1539 tty_kref_put(tty); 1540 } 1541 1542 /** 1543 * tty_release - vfs callback for close 1544 * @inode: inode of tty 1545 * @filp: file pointer for handle to tty 1546 * 1547 * Called the last time each file handle is closed that references 1548 * this tty. There may however be several such references. 1549 * 1550 * Locking: 1551 * Takes bkl. See tty_release_dev 1552 * 1553 * Even releasing the tty structures is a tricky business.. We have 1554 * to be very careful that the structures are all released at the 1555 * same time, as interrupts might otherwise get the wrong pointers. 1556 * 1557 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1558 * lead to double frees or releasing memory still in use. 1559 */ 1560 1561 int tty_release(struct inode *inode, struct file *filp) 1562 { 1563 struct tty_struct *tty = file_tty(filp); 1564 struct tty_struct *o_tty; 1565 int pty_master, tty_closing, o_tty_closing, do_sleep; 1566 int devpts; 1567 int idx; 1568 char buf[64]; 1569 1570 if (tty_paranoia_check(tty, inode, "tty_release_dev")) 1571 return 0; 1572 1573 tty_lock(); 1574 check_tty_count(tty, "tty_release_dev"); 1575 1576 __tty_fasync(-1, filp, 0); 1577 1578 idx = tty->index; 1579 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1580 tty->driver->subtype == PTY_TYPE_MASTER); 1581 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1582 o_tty = tty->link; 1583 1584 #ifdef TTY_PARANOIA_CHECK 1585 if (idx < 0 || idx >= tty->driver->num) { 1586 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to " 1587 "free (%s)\n", tty->name); 1588 tty_unlock(); 1589 return 0; 1590 } 1591 if (!devpts) { 1592 if (tty != tty->driver->ttys[idx]) { 1593 tty_unlock(); 1594 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty " 1595 "for (%s)\n", idx, tty->name); 1596 return 0; 1597 } 1598 if (tty->termios != tty->driver->termios[idx]) { 1599 tty_unlock(); 1600 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios " 1601 "for (%s)\n", 1602 idx, tty->name); 1603 return 0; 1604 } 1605 } 1606 #endif 1607 1608 #ifdef TTY_DEBUG_HANGUP 1609 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...", 1610 tty_name(tty, buf), tty->count); 1611 #endif 1612 1613 #ifdef TTY_PARANOIA_CHECK 1614 if (tty->driver->other && 1615 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 1616 if (o_tty != tty->driver->other->ttys[idx]) { 1617 tty_unlock(); 1618 printk(KERN_DEBUG "tty_release_dev: other->table[%d] " 1619 "not o_tty for (%s)\n", 1620 idx, tty->name); 1621 return 0 ; 1622 } 1623 if (o_tty->termios != tty->driver->other->termios[idx]) { 1624 tty_unlock(); 1625 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] " 1626 "not o_termios for (%s)\n", 1627 idx, tty->name); 1628 return 0; 1629 } 1630 if (o_tty->link != tty) { 1631 tty_unlock(); 1632 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n"); 1633 return 0; 1634 } 1635 } 1636 #endif 1637 if (tty->ops->close) 1638 tty->ops->close(tty, filp); 1639 1640 tty_unlock(); 1641 /* 1642 * Sanity check: if tty->count is going to zero, there shouldn't be 1643 * any waiters on tty->read_wait or tty->write_wait. We test the 1644 * wait queues and kick everyone out _before_ actually starting to 1645 * close. This ensures that we won't block while releasing the tty 1646 * structure. 1647 * 1648 * The test for the o_tty closing is necessary, since the master and 1649 * slave sides may close in any order. If the slave side closes out 1650 * first, its count will be one, since the master side holds an open. 1651 * Thus this test wouldn't be triggered at the time the slave closes, 1652 * so we do it now. 1653 * 1654 * Note that it's possible for the tty to be opened again while we're 1655 * flushing out waiters. By recalculating the closing flags before 1656 * each iteration we avoid any problems. 1657 */ 1658 while (1) { 1659 /* Guard against races with tty->count changes elsewhere and 1660 opens on /dev/tty */ 1661 1662 mutex_lock(&tty_mutex); 1663 tty_lock(); 1664 tty_closing = tty->count <= 1; 1665 o_tty_closing = o_tty && 1666 (o_tty->count <= (pty_master ? 1 : 0)); 1667 do_sleep = 0; 1668 1669 if (tty_closing) { 1670 if (waitqueue_active(&tty->read_wait)) { 1671 wake_up_poll(&tty->read_wait, POLLIN); 1672 do_sleep++; 1673 } 1674 if (waitqueue_active(&tty->write_wait)) { 1675 wake_up_poll(&tty->write_wait, POLLOUT); 1676 do_sleep++; 1677 } 1678 } 1679 if (o_tty_closing) { 1680 if (waitqueue_active(&o_tty->read_wait)) { 1681 wake_up_poll(&o_tty->read_wait, POLLIN); 1682 do_sleep++; 1683 } 1684 if (waitqueue_active(&o_tty->write_wait)) { 1685 wake_up_poll(&o_tty->write_wait, POLLOUT); 1686 do_sleep++; 1687 } 1688 } 1689 if (!do_sleep) 1690 break; 1691 1692 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue " 1693 "active!\n", tty_name(tty, buf)); 1694 tty_unlock(); 1695 mutex_unlock(&tty_mutex); 1696 schedule(); 1697 } 1698 1699 /* 1700 * The closing flags are now consistent with the open counts on 1701 * both sides, and we've completed the last operation that could 1702 * block, so it's safe to proceed with closing. 1703 */ 1704 if (pty_master) { 1705 if (--o_tty->count < 0) { 1706 printk(KERN_WARNING "tty_release_dev: bad pty slave count " 1707 "(%d) for %s\n", 1708 o_tty->count, tty_name(o_tty, buf)); 1709 o_tty->count = 0; 1710 } 1711 } 1712 if (--tty->count < 0) { 1713 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n", 1714 tty->count, tty_name(tty, buf)); 1715 tty->count = 0; 1716 } 1717 1718 /* 1719 * We've decremented tty->count, so we need to remove this file 1720 * descriptor off the tty->tty_files list; this serves two 1721 * purposes: 1722 * - check_tty_count sees the correct number of file descriptors 1723 * associated with this tty. 1724 * - do_tty_hangup no longer sees this file descriptor as 1725 * something that needs to be handled for hangups. 1726 */ 1727 tty_del_file(filp); 1728 1729 /* 1730 * Perform some housekeeping before deciding whether to return. 1731 * 1732 * Set the TTY_CLOSING flag if this was the last open. In the 1733 * case of a pty we may have to wait around for the other side 1734 * to close, and TTY_CLOSING makes sure we can't be reopened. 1735 */ 1736 if (tty_closing) 1737 set_bit(TTY_CLOSING, &tty->flags); 1738 if (o_tty_closing) 1739 set_bit(TTY_CLOSING, &o_tty->flags); 1740 1741 /* 1742 * If _either_ side is closing, make sure there aren't any 1743 * processes that still think tty or o_tty is their controlling 1744 * tty. 1745 */ 1746 if (tty_closing || o_tty_closing) { 1747 read_lock(&tasklist_lock); 1748 session_clear_tty(tty->session); 1749 if (o_tty) 1750 session_clear_tty(o_tty->session); 1751 read_unlock(&tasklist_lock); 1752 } 1753 1754 mutex_unlock(&tty_mutex); 1755 1756 /* check whether both sides are closing ... */ 1757 if (!tty_closing || (o_tty && !o_tty_closing)) { 1758 tty_unlock(); 1759 return 0; 1760 } 1761 1762 #ifdef TTY_DEBUG_HANGUP 1763 printk(KERN_DEBUG "freeing tty structure..."); 1764 #endif 1765 /* 1766 * Ask the line discipline code to release its structures 1767 */ 1768 tty_ldisc_release(tty, o_tty); 1769 /* 1770 * The release_tty function takes care of the details of clearing 1771 * the slots and preserving the termios structure. 1772 */ 1773 release_tty(tty, idx); 1774 1775 /* Make this pty number available for reallocation */ 1776 if (devpts) 1777 devpts_kill_index(inode, idx); 1778 tty_unlock(); 1779 return 0; 1780 } 1781 1782 /** 1783 * tty_open - open a tty device 1784 * @inode: inode of device file 1785 * @filp: file pointer to tty 1786 * 1787 * tty_open and tty_release keep up the tty count that contains the 1788 * number of opens done on a tty. We cannot use the inode-count, as 1789 * different inodes might point to the same tty. 1790 * 1791 * Open-counting is needed for pty masters, as well as for keeping 1792 * track of serial lines: DTR is dropped when the last close happens. 1793 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1794 * 1795 * The termios state of a pty is reset on first open so that 1796 * settings don't persist across reuse. 1797 * 1798 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work. 1799 * tty->count should protect the rest. 1800 * ->siglock protects ->signal/->sighand 1801 */ 1802 1803 static int tty_open(struct inode *inode, struct file *filp) 1804 { 1805 struct tty_struct *tty = NULL; 1806 int noctty, retval; 1807 struct tty_driver *driver; 1808 int index; 1809 dev_t device = inode->i_rdev; 1810 unsigned saved_flags = filp->f_flags; 1811 1812 nonseekable_open(inode, filp); 1813 1814 retry_open: 1815 noctty = filp->f_flags & O_NOCTTY; 1816 index = -1; 1817 retval = 0; 1818 1819 mutex_lock(&tty_mutex); 1820 tty_lock(); 1821 1822 if (device == MKDEV(TTYAUX_MAJOR, 0)) { 1823 tty = get_current_tty(); 1824 if (!tty) { 1825 tty_unlock(); 1826 mutex_unlock(&tty_mutex); 1827 return -ENXIO; 1828 } 1829 driver = tty_driver_kref_get(tty->driver); 1830 index = tty->index; 1831 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1832 /* noctty = 1; */ 1833 /* FIXME: Should we take a driver reference ? */ 1834 tty_kref_put(tty); 1835 goto got_driver; 1836 } 1837 #ifdef CONFIG_VT 1838 if (device == MKDEV(TTY_MAJOR, 0)) { 1839 extern struct tty_driver *console_driver; 1840 driver = tty_driver_kref_get(console_driver); 1841 index = fg_console; 1842 noctty = 1; 1843 goto got_driver; 1844 } 1845 #endif 1846 if (device == MKDEV(TTYAUX_MAJOR, 1)) { 1847 struct tty_driver *console_driver = console_device(&index); 1848 if (console_driver) { 1849 driver = tty_driver_kref_get(console_driver); 1850 if (driver) { 1851 /* Don't let /dev/console block */ 1852 filp->f_flags |= O_NONBLOCK; 1853 noctty = 1; 1854 goto got_driver; 1855 } 1856 } 1857 tty_unlock(); 1858 mutex_unlock(&tty_mutex); 1859 return -ENODEV; 1860 } 1861 1862 driver = get_tty_driver(device, &index); 1863 if (!driver) { 1864 tty_unlock(); 1865 mutex_unlock(&tty_mutex); 1866 return -ENODEV; 1867 } 1868 got_driver: 1869 if (!tty) { 1870 /* check whether we're reopening an existing tty */ 1871 tty = tty_driver_lookup_tty(driver, inode, index); 1872 1873 if (IS_ERR(tty)) { 1874 tty_unlock(); 1875 mutex_unlock(&tty_mutex); 1876 return PTR_ERR(tty); 1877 } 1878 } 1879 1880 if (tty) { 1881 retval = tty_reopen(tty); 1882 if (retval) 1883 tty = ERR_PTR(retval); 1884 } else 1885 tty = tty_init_dev(driver, index, 0); 1886 1887 mutex_unlock(&tty_mutex); 1888 tty_driver_kref_put(driver); 1889 if (IS_ERR(tty)) { 1890 tty_unlock(); 1891 return PTR_ERR(tty); 1892 } 1893 1894 retval = tty_add_file(tty, filp); 1895 if (retval) { 1896 tty_unlock(); 1897 tty_release(inode, filp); 1898 return retval; 1899 } 1900 1901 check_tty_count(tty, "tty_open"); 1902 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1903 tty->driver->subtype == PTY_TYPE_MASTER) 1904 noctty = 1; 1905 #ifdef TTY_DEBUG_HANGUP 1906 printk(KERN_DEBUG "opening %s...", tty->name); 1907 #endif 1908 if (tty->ops->open) 1909 retval = tty->ops->open(tty, filp); 1910 else 1911 retval = -ENODEV; 1912 filp->f_flags = saved_flags; 1913 1914 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1915 !capable(CAP_SYS_ADMIN)) 1916 retval = -EBUSY; 1917 1918 if (retval) { 1919 #ifdef TTY_DEBUG_HANGUP 1920 printk(KERN_DEBUG "error %d in opening %s...", retval, 1921 tty->name); 1922 #endif 1923 tty_unlock(); /* need to call tty_release without BTM */ 1924 tty_release(inode, filp); 1925 if (retval != -ERESTARTSYS) 1926 return retval; 1927 1928 if (signal_pending(current)) 1929 return retval; 1930 1931 schedule(); 1932 /* 1933 * Need to reset f_op in case a hangup happened. 1934 */ 1935 tty_lock(); 1936 if (filp->f_op == &hung_up_tty_fops) 1937 filp->f_op = &tty_fops; 1938 tty_unlock(); 1939 goto retry_open; 1940 } 1941 tty_unlock(); 1942 1943 1944 mutex_lock(&tty_mutex); 1945 tty_lock(); 1946 spin_lock_irq(¤t->sighand->siglock); 1947 if (!noctty && 1948 current->signal->leader && 1949 !current->signal->tty && 1950 tty->session == NULL) 1951 __proc_set_tty(current, tty); 1952 spin_unlock_irq(¤t->sighand->siglock); 1953 tty_unlock(); 1954 mutex_unlock(&tty_mutex); 1955 return 0; 1956 } 1957 1958 1959 1960 /** 1961 * tty_poll - check tty status 1962 * @filp: file being polled 1963 * @wait: poll wait structures to update 1964 * 1965 * Call the line discipline polling method to obtain the poll 1966 * status of the device. 1967 * 1968 * Locking: locks called line discipline but ldisc poll method 1969 * may be re-entered freely by other callers. 1970 */ 1971 1972 static unsigned int tty_poll(struct file *filp, poll_table *wait) 1973 { 1974 struct tty_struct *tty = file_tty(filp); 1975 struct tty_ldisc *ld; 1976 int ret = 0; 1977 1978 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 1979 return 0; 1980 1981 ld = tty_ldisc_ref_wait(tty); 1982 if (ld->ops->poll) 1983 ret = (ld->ops->poll)(tty, filp, wait); 1984 tty_ldisc_deref(ld); 1985 return ret; 1986 } 1987 1988 static int __tty_fasync(int fd, struct file *filp, int on) 1989 { 1990 struct tty_struct *tty = file_tty(filp); 1991 unsigned long flags; 1992 int retval = 0; 1993 1994 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 1995 goto out; 1996 1997 retval = fasync_helper(fd, filp, on, &tty->fasync); 1998 if (retval <= 0) 1999 goto out; 2000 2001 if (on) { 2002 enum pid_type type; 2003 struct pid *pid; 2004 if (!waitqueue_active(&tty->read_wait)) 2005 tty->minimum_to_wake = 1; 2006 spin_lock_irqsave(&tty->ctrl_lock, flags); 2007 if (tty->pgrp) { 2008 pid = tty->pgrp; 2009 type = PIDTYPE_PGID; 2010 } else { 2011 pid = task_pid(current); 2012 type = PIDTYPE_PID; 2013 } 2014 get_pid(pid); 2015 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2016 retval = __f_setown(filp, pid, type, 0); 2017 put_pid(pid); 2018 if (retval) 2019 goto out; 2020 } else { 2021 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2022 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2023 } 2024 retval = 0; 2025 out: 2026 return retval; 2027 } 2028 2029 static int tty_fasync(int fd, struct file *filp, int on) 2030 { 2031 int retval; 2032 tty_lock(); 2033 retval = __tty_fasync(fd, filp, on); 2034 tty_unlock(); 2035 return retval; 2036 } 2037 2038 /** 2039 * tiocsti - fake input character 2040 * @tty: tty to fake input into 2041 * @p: pointer to character 2042 * 2043 * Fake input to a tty device. Does the necessary locking and 2044 * input management. 2045 * 2046 * FIXME: does not honour flow control ?? 2047 * 2048 * Locking: 2049 * Called functions take tty_ldisc_lock 2050 * current->signal->tty check is safe without locks 2051 * 2052 * FIXME: may race normal receive processing 2053 */ 2054 2055 static int tiocsti(struct tty_struct *tty, char __user *p) 2056 { 2057 char ch, mbz = 0; 2058 struct tty_ldisc *ld; 2059 2060 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2061 return -EPERM; 2062 if (get_user(ch, p)) 2063 return -EFAULT; 2064 tty_audit_tiocsti(tty, ch); 2065 ld = tty_ldisc_ref_wait(tty); 2066 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2067 tty_ldisc_deref(ld); 2068 return 0; 2069 } 2070 2071 /** 2072 * tiocgwinsz - implement window query ioctl 2073 * @tty; tty 2074 * @arg: user buffer for result 2075 * 2076 * Copies the kernel idea of the window size into the user buffer. 2077 * 2078 * Locking: tty->termios_mutex is taken to ensure the winsize data 2079 * is consistent. 2080 */ 2081 2082 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2083 { 2084 int err; 2085 2086 mutex_lock(&tty->termios_mutex); 2087 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2088 mutex_unlock(&tty->termios_mutex); 2089 2090 return err ? -EFAULT: 0; 2091 } 2092 2093 /** 2094 * tty_do_resize - resize event 2095 * @tty: tty being resized 2096 * @rows: rows (character) 2097 * @cols: cols (character) 2098 * 2099 * Update the termios variables and send the necessary signals to 2100 * peform a terminal resize correctly 2101 */ 2102 2103 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2104 { 2105 struct pid *pgrp; 2106 unsigned long flags; 2107 2108 /* Lock the tty */ 2109 mutex_lock(&tty->termios_mutex); 2110 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2111 goto done; 2112 /* Get the PID values and reference them so we can 2113 avoid holding the tty ctrl lock while sending signals */ 2114 spin_lock_irqsave(&tty->ctrl_lock, flags); 2115 pgrp = get_pid(tty->pgrp); 2116 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2117 2118 if (pgrp) 2119 kill_pgrp(pgrp, SIGWINCH, 1); 2120 put_pid(pgrp); 2121 2122 tty->winsize = *ws; 2123 done: 2124 mutex_unlock(&tty->termios_mutex); 2125 return 0; 2126 } 2127 2128 /** 2129 * tiocswinsz - implement window size set ioctl 2130 * @tty; tty side of tty 2131 * @arg: user buffer for result 2132 * 2133 * Copies the user idea of the window size to the kernel. Traditionally 2134 * this is just advisory information but for the Linux console it 2135 * actually has driver level meaning and triggers a VC resize. 2136 * 2137 * Locking: 2138 * Driver dependent. The default do_resize method takes the 2139 * tty termios mutex and ctrl_lock. The console takes its own lock 2140 * then calls into the default method. 2141 */ 2142 2143 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2144 { 2145 struct winsize tmp_ws; 2146 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2147 return -EFAULT; 2148 2149 if (tty->ops->resize) 2150 return tty->ops->resize(tty, &tmp_ws); 2151 else 2152 return tty_do_resize(tty, &tmp_ws); 2153 } 2154 2155 /** 2156 * tioccons - allow admin to move logical console 2157 * @file: the file to become console 2158 * 2159 * Allow the administrator to move the redirected console device 2160 * 2161 * Locking: uses redirect_lock to guard the redirect information 2162 */ 2163 2164 static int tioccons(struct file *file) 2165 { 2166 if (!capable(CAP_SYS_ADMIN)) 2167 return -EPERM; 2168 if (file->f_op->write == redirected_tty_write) { 2169 struct file *f; 2170 spin_lock(&redirect_lock); 2171 f = redirect; 2172 redirect = NULL; 2173 spin_unlock(&redirect_lock); 2174 if (f) 2175 fput(f); 2176 return 0; 2177 } 2178 spin_lock(&redirect_lock); 2179 if (redirect) { 2180 spin_unlock(&redirect_lock); 2181 return -EBUSY; 2182 } 2183 get_file(file); 2184 redirect = file; 2185 spin_unlock(&redirect_lock); 2186 return 0; 2187 } 2188 2189 /** 2190 * fionbio - non blocking ioctl 2191 * @file: file to set blocking value 2192 * @p: user parameter 2193 * 2194 * Historical tty interfaces had a blocking control ioctl before 2195 * the generic functionality existed. This piece of history is preserved 2196 * in the expected tty API of posix OS's. 2197 * 2198 * Locking: none, the open file handle ensures it won't go away. 2199 */ 2200 2201 static int fionbio(struct file *file, int __user *p) 2202 { 2203 int nonblock; 2204 2205 if (get_user(nonblock, p)) 2206 return -EFAULT; 2207 2208 spin_lock(&file->f_lock); 2209 if (nonblock) 2210 file->f_flags |= O_NONBLOCK; 2211 else 2212 file->f_flags &= ~O_NONBLOCK; 2213 spin_unlock(&file->f_lock); 2214 return 0; 2215 } 2216 2217 /** 2218 * tiocsctty - set controlling tty 2219 * @tty: tty structure 2220 * @arg: user argument 2221 * 2222 * This ioctl is used to manage job control. It permits a session 2223 * leader to set this tty as the controlling tty for the session. 2224 * 2225 * Locking: 2226 * Takes tty_mutex() to protect tty instance 2227 * Takes tasklist_lock internally to walk sessions 2228 * Takes ->siglock() when updating signal->tty 2229 */ 2230 2231 static int tiocsctty(struct tty_struct *tty, int arg) 2232 { 2233 int ret = 0; 2234 if (current->signal->leader && (task_session(current) == tty->session)) 2235 return ret; 2236 2237 mutex_lock(&tty_mutex); 2238 /* 2239 * The process must be a session leader and 2240 * not have a controlling tty already. 2241 */ 2242 if (!current->signal->leader || current->signal->tty) { 2243 ret = -EPERM; 2244 goto unlock; 2245 } 2246 2247 if (tty->session) { 2248 /* 2249 * This tty is already the controlling 2250 * tty for another session group! 2251 */ 2252 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2253 /* 2254 * Steal it away 2255 */ 2256 read_lock(&tasklist_lock); 2257 session_clear_tty(tty->session); 2258 read_unlock(&tasklist_lock); 2259 } else { 2260 ret = -EPERM; 2261 goto unlock; 2262 } 2263 } 2264 proc_set_tty(current, tty); 2265 unlock: 2266 mutex_unlock(&tty_mutex); 2267 return ret; 2268 } 2269 2270 /** 2271 * tty_get_pgrp - return a ref counted pgrp pid 2272 * @tty: tty to read 2273 * 2274 * Returns a refcounted instance of the pid struct for the process 2275 * group controlling the tty. 2276 */ 2277 2278 struct pid *tty_get_pgrp(struct tty_struct *tty) 2279 { 2280 unsigned long flags; 2281 struct pid *pgrp; 2282 2283 spin_lock_irqsave(&tty->ctrl_lock, flags); 2284 pgrp = get_pid(tty->pgrp); 2285 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2286 2287 return pgrp; 2288 } 2289 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2290 2291 /** 2292 * tiocgpgrp - get process group 2293 * @tty: tty passed by user 2294 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2295 * @p: returned pid 2296 * 2297 * Obtain the process group of the tty. If there is no process group 2298 * return an error. 2299 * 2300 * Locking: none. Reference to current->signal->tty is safe. 2301 */ 2302 2303 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2304 { 2305 struct pid *pid; 2306 int ret; 2307 /* 2308 * (tty == real_tty) is a cheap way of 2309 * testing if the tty is NOT a master pty. 2310 */ 2311 if (tty == real_tty && current->signal->tty != real_tty) 2312 return -ENOTTY; 2313 pid = tty_get_pgrp(real_tty); 2314 ret = put_user(pid_vnr(pid), p); 2315 put_pid(pid); 2316 return ret; 2317 } 2318 2319 /** 2320 * tiocspgrp - attempt to set process group 2321 * @tty: tty passed by user 2322 * @real_tty: tty side device matching tty passed by user 2323 * @p: pid pointer 2324 * 2325 * Set the process group of the tty to the session passed. Only 2326 * permitted where the tty session is our session. 2327 * 2328 * Locking: RCU, ctrl lock 2329 */ 2330 2331 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2332 { 2333 struct pid *pgrp; 2334 pid_t pgrp_nr; 2335 int retval = tty_check_change(real_tty); 2336 unsigned long flags; 2337 2338 if (retval == -EIO) 2339 return -ENOTTY; 2340 if (retval) 2341 return retval; 2342 if (!current->signal->tty || 2343 (current->signal->tty != real_tty) || 2344 (real_tty->session != task_session(current))) 2345 return -ENOTTY; 2346 if (get_user(pgrp_nr, p)) 2347 return -EFAULT; 2348 if (pgrp_nr < 0) 2349 return -EINVAL; 2350 rcu_read_lock(); 2351 pgrp = find_vpid(pgrp_nr); 2352 retval = -ESRCH; 2353 if (!pgrp) 2354 goto out_unlock; 2355 retval = -EPERM; 2356 if (session_of_pgrp(pgrp) != task_session(current)) 2357 goto out_unlock; 2358 retval = 0; 2359 spin_lock_irqsave(&tty->ctrl_lock, flags); 2360 put_pid(real_tty->pgrp); 2361 real_tty->pgrp = get_pid(pgrp); 2362 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2363 out_unlock: 2364 rcu_read_unlock(); 2365 return retval; 2366 } 2367 2368 /** 2369 * tiocgsid - get session id 2370 * @tty: tty passed by user 2371 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2372 * @p: pointer to returned session id 2373 * 2374 * Obtain the session id of the tty. If there is no session 2375 * return an error. 2376 * 2377 * Locking: none. Reference to current->signal->tty is safe. 2378 */ 2379 2380 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2381 { 2382 /* 2383 * (tty == real_tty) is a cheap way of 2384 * testing if the tty is NOT a master pty. 2385 */ 2386 if (tty == real_tty && current->signal->tty != real_tty) 2387 return -ENOTTY; 2388 if (!real_tty->session) 2389 return -ENOTTY; 2390 return put_user(pid_vnr(real_tty->session), p); 2391 } 2392 2393 /** 2394 * tiocsetd - set line discipline 2395 * @tty: tty device 2396 * @p: pointer to user data 2397 * 2398 * Set the line discipline according to user request. 2399 * 2400 * Locking: see tty_set_ldisc, this function is just a helper 2401 */ 2402 2403 static int tiocsetd(struct tty_struct *tty, int __user *p) 2404 { 2405 int ldisc; 2406 int ret; 2407 2408 if (get_user(ldisc, p)) 2409 return -EFAULT; 2410 2411 ret = tty_set_ldisc(tty, ldisc); 2412 2413 return ret; 2414 } 2415 2416 /** 2417 * send_break - performed time break 2418 * @tty: device to break on 2419 * @duration: timeout in mS 2420 * 2421 * Perform a timed break on hardware that lacks its own driver level 2422 * timed break functionality. 2423 * 2424 * Locking: 2425 * atomic_write_lock serializes 2426 * 2427 */ 2428 2429 static int send_break(struct tty_struct *tty, unsigned int duration) 2430 { 2431 int retval; 2432 2433 if (tty->ops->break_ctl == NULL) 2434 return 0; 2435 2436 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2437 retval = tty->ops->break_ctl(tty, duration); 2438 else { 2439 /* Do the work ourselves */ 2440 if (tty_write_lock(tty, 0) < 0) 2441 return -EINTR; 2442 retval = tty->ops->break_ctl(tty, -1); 2443 if (retval) 2444 goto out; 2445 if (!signal_pending(current)) 2446 msleep_interruptible(duration); 2447 retval = tty->ops->break_ctl(tty, 0); 2448 out: 2449 tty_write_unlock(tty); 2450 if (signal_pending(current)) 2451 retval = -EINTR; 2452 } 2453 return retval; 2454 } 2455 2456 /** 2457 * tty_tiocmget - get modem status 2458 * @tty: tty device 2459 * @file: user file pointer 2460 * @p: pointer to result 2461 * 2462 * Obtain the modem status bits from the tty driver if the feature 2463 * is supported. Return -EINVAL if it is not available. 2464 * 2465 * Locking: none (up to the driver) 2466 */ 2467 2468 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2469 { 2470 int retval = -EINVAL; 2471 2472 if (tty->ops->tiocmget) { 2473 retval = tty->ops->tiocmget(tty); 2474 2475 if (retval >= 0) 2476 retval = put_user(retval, p); 2477 } 2478 return retval; 2479 } 2480 2481 /** 2482 * tty_tiocmset - set modem status 2483 * @tty: tty device 2484 * @cmd: command - clear bits, set bits or set all 2485 * @p: pointer to desired bits 2486 * 2487 * Set the modem status bits from the tty driver if the feature 2488 * is supported. Return -EINVAL if it is not available. 2489 * 2490 * Locking: none (up to the driver) 2491 */ 2492 2493 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2494 unsigned __user *p) 2495 { 2496 int retval; 2497 unsigned int set, clear, val; 2498 2499 if (tty->ops->tiocmset == NULL) 2500 return -EINVAL; 2501 2502 retval = get_user(val, p); 2503 if (retval) 2504 return retval; 2505 set = clear = 0; 2506 switch (cmd) { 2507 case TIOCMBIS: 2508 set = val; 2509 break; 2510 case TIOCMBIC: 2511 clear = val; 2512 break; 2513 case TIOCMSET: 2514 set = val; 2515 clear = ~val; 2516 break; 2517 } 2518 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2519 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2520 return tty->ops->tiocmset(tty, set, clear); 2521 } 2522 2523 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2524 { 2525 int retval = -EINVAL; 2526 struct serial_icounter_struct icount; 2527 memset(&icount, 0, sizeof(icount)); 2528 if (tty->ops->get_icount) 2529 retval = tty->ops->get_icount(tty, &icount); 2530 if (retval != 0) 2531 return retval; 2532 if (copy_to_user(arg, &icount, sizeof(icount))) 2533 return -EFAULT; 2534 return 0; 2535 } 2536 2537 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2538 { 2539 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2540 tty->driver->subtype == PTY_TYPE_MASTER) 2541 tty = tty->link; 2542 return tty; 2543 } 2544 EXPORT_SYMBOL(tty_pair_get_tty); 2545 2546 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2547 { 2548 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2549 tty->driver->subtype == PTY_TYPE_MASTER) 2550 return tty; 2551 return tty->link; 2552 } 2553 EXPORT_SYMBOL(tty_pair_get_pty); 2554 2555 /* 2556 * Split this up, as gcc can choke on it otherwise.. 2557 */ 2558 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2559 { 2560 struct tty_struct *tty = file_tty(file); 2561 struct tty_struct *real_tty; 2562 void __user *p = (void __user *)arg; 2563 int retval; 2564 struct tty_ldisc *ld; 2565 struct inode *inode = file->f_dentry->d_inode; 2566 2567 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2568 return -EINVAL; 2569 2570 real_tty = tty_pair_get_tty(tty); 2571 2572 /* 2573 * Factor out some common prep work 2574 */ 2575 switch (cmd) { 2576 case TIOCSETD: 2577 case TIOCSBRK: 2578 case TIOCCBRK: 2579 case TCSBRK: 2580 case TCSBRKP: 2581 retval = tty_check_change(tty); 2582 if (retval) 2583 return retval; 2584 if (cmd != TIOCCBRK) { 2585 tty_wait_until_sent(tty, 0); 2586 if (signal_pending(current)) 2587 return -EINTR; 2588 } 2589 break; 2590 } 2591 2592 /* 2593 * Now do the stuff. 2594 */ 2595 switch (cmd) { 2596 case TIOCSTI: 2597 return tiocsti(tty, p); 2598 case TIOCGWINSZ: 2599 return tiocgwinsz(real_tty, p); 2600 case TIOCSWINSZ: 2601 return tiocswinsz(real_tty, p); 2602 case TIOCCONS: 2603 return real_tty != tty ? -EINVAL : tioccons(file); 2604 case FIONBIO: 2605 return fionbio(file, p); 2606 case TIOCEXCL: 2607 set_bit(TTY_EXCLUSIVE, &tty->flags); 2608 return 0; 2609 case TIOCNXCL: 2610 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2611 return 0; 2612 case TIOCNOTTY: 2613 if (current->signal->tty != tty) 2614 return -ENOTTY; 2615 no_tty(); 2616 return 0; 2617 case TIOCSCTTY: 2618 return tiocsctty(tty, arg); 2619 case TIOCGPGRP: 2620 return tiocgpgrp(tty, real_tty, p); 2621 case TIOCSPGRP: 2622 return tiocspgrp(tty, real_tty, p); 2623 case TIOCGSID: 2624 return tiocgsid(tty, real_tty, p); 2625 case TIOCGETD: 2626 return put_user(tty->ldisc->ops->num, (int __user *)p); 2627 case TIOCSETD: 2628 return tiocsetd(tty, p); 2629 case TIOCVHANGUP: 2630 if (!capable(CAP_SYS_ADMIN)) 2631 return -EPERM; 2632 tty_vhangup(tty); 2633 return 0; 2634 case TIOCGDEV: 2635 { 2636 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2637 return put_user(ret, (unsigned int __user *)p); 2638 } 2639 /* 2640 * Break handling 2641 */ 2642 case TIOCSBRK: /* Turn break on, unconditionally */ 2643 if (tty->ops->break_ctl) 2644 return tty->ops->break_ctl(tty, -1); 2645 return 0; 2646 case TIOCCBRK: /* Turn break off, unconditionally */ 2647 if (tty->ops->break_ctl) 2648 return tty->ops->break_ctl(tty, 0); 2649 return 0; 2650 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2651 /* non-zero arg means wait for all output data 2652 * to be sent (performed above) but don't send break. 2653 * This is used by the tcdrain() termios function. 2654 */ 2655 if (!arg) 2656 return send_break(tty, 250); 2657 return 0; 2658 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2659 return send_break(tty, arg ? arg*100 : 250); 2660 2661 case TIOCMGET: 2662 return tty_tiocmget(tty, p); 2663 case TIOCMSET: 2664 case TIOCMBIC: 2665 case TIOCMBIS: 2666 return tty_tiocmset(tty, cmd, p); 2667 case TIOCGICOUNT: 2668 retval = tty_tiocgicount(tty, p); 2669 /* For the moment allow fall through to the old method */ 2670 if (retval != -EINVAL) 2671 return retval; 2672 break; 2673 case TCFLSH: 2674 switch (arg) { 2675 case TCIFLUSH: 2676 case TCIOFLUSH: 2677 /* flush tty buffer and allow ldisc to process ioctl */ 2678 tty_buffer_flush(tty); 2679 break; 2680 } 2681 break; 2682 } 2683 if (tty->ops->ioctl) { 2684 retval = (tty->ops->ioctl)(tty, cmd, arg); 2685 if (retval != -ENOIOCTLCMD) 2686 return retval; 2687 } 2688 ld = tty_ldisc_ref_wait(tty); 2689 retval = -EINVAL; 2690 if (ld->ops->ioctl) { 2691 retval = ld->ops->ioctl(tty, file, cmd, arg); 2692 if (retval == -ENOIOCTLCMD) 2693 retval = -EINVAL; 2694 } 2695 tty_ldisc_deref(ld); 2696 return retval; 2697 } 2698 2699 #ifdef CONFIG_COMPAT 2700 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2701 unsigned long arg) 2702 { 2703 struct inode *inode = file->f_dentry->d_inode; 2704 struct tty_struct *tty = file_tty(file); 2705 struct tty_ldisc *ld; 2706 int retval = -ENOIOCTLCMD; 2707 2708 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2709 return -EINVAL; 2710 2711 if (tty->ops->compat_ioctl) { 2712 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2713 if (retval != -ENOIOCTLCMD) 2714 return retval; 2715 } 2716 2717 ld = tty_ldisc_ref_wait(tty); 2718 if (ld->ops->compat_ioctl) 2719 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2720 tty_ldisc_deref(ld); 2721 2722 return retval; 2723 } 2724 #endif 2725 2726 /* 2727 * This implements the "Secure Attention Key" --- the idea is to 2728 * prevent trojan horses by killing all processes associated with this 2729 * tty when the user hits the "Secure Attention Key". Required for 2730 * super-paranoid applications --- see the Orange Book for more details. 2731 * 2732 * This code could be nicer; ideally it should send a HUP, wait a few 2733 * seconds, then send a INT, and then a KILL signal. But you then 2734 * have to coordinate with the init process, since all processes associated 2735 * with the current tty must be dead before the new getty is allowed 2736 * to spawn. 2737 * 2738 * Now, if it would be correct ;-/ The current code has a nasty hole - 2739 * it doesn't catch files in flight. We may send the descriptor to ourselves 2740 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2741 * 2742 * Nasty bug: do_SAK is being called in interrupt context. This can 2743 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2744 */ 2745 void __do_SAK(struct tty_struct *tty) 2746 { 2747 #ifdef TTY_SOFT_SAK 2748 tty_hangup(tty); 2749 #else 2750 struct task_struct *g, *p; 2751 struct pid *session; 2752 int i; 2753 struct file *filp; 2754 struct fdtable *fdt; 2755 2756 if (!tty) 2757 return; 2758 session = tty->session; 2759 2760 tty_ldisc_flush(tty); 2761 2762 tty_driver_flush_buffer(tty); 2763 2764 read_lock(&tasklist_lock); 2765 /* Kill the entire session */ 2766 do_each_pid_task(session, PIDTYPE_SID, p) { 2767 printk(KERN_NOTICE "SAK: killed process %d" 2768 " (%s): task_session(p)==tty->session\n", 2769 task_pid_nr(p), p->comm); 2770 send_sig(SIGKILL, p, 1); 2771 } while_each_pid_task(session, PIDTYPE_SID, p); 2772 /* Now kill any processes that happen to have the 2773 * tty open. 2774 */ 2775 do_each_thread(g, p) { 2776 if (p->signal->tty == tty) { 2777 printk(KERN_NOTICE "SAK: killed process %d" 2778 " (%s): task_session(p)==tty->session\n", 2779 task_pid_nr(p), p->comm); 2780 send_sig(SIGKILL, p, 1); 2781 continue; 2782 } 2783 task_lock(p); 2784 if (p->files) { 2785 /* 2786 * We don't take a ref to the file, so we must 2787 * hold ->file_lock instead. 2788 */ 2789 spin_lock(&p->files->file_lock); 2790 fdt = files_fdtable(p->files); 2791 for (i = 0; i < fdt->max_fds; i++) { 2792 filp = fcheck_files(p->files, i); 2793 if (!filp) 2794 continue; 2795 if (filp->f_op->read == tty_read && 2796 file_tty(filp) == tty) { 2797 printk(KERN_NOTICE "SAK: killed process %d" 2798 " (%s): fd#%d opened to the tty\n", 2799 task_pid_nr(p), p->comm, i); 2800 force_sig(SIGKILL, p); 2801 break; 2802 } 2803 } 2804 spin_unlock(&p->files->file_lock); 2805 } 2806 task_unlock(p); 2807 } while_each_thread(g, p); 2808 read_unlock(&tasklist_lock); 2809 #endif 2810 } 2811 2812 static void do_SAK_work(struct work_struct *work) 2813 { 2814 struct tty_struct *tty = 2815 container_of(work, struct tty_struct, SAK_work); 2816 __do_SAK(tty); 2817 } 2818 2819 /* 2820 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2821 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2822 * the values which we write to it will be identical to the values which it 2823 * already has. --akpm 2824 */ 2825 void do_SAK(struct tty_struct *tty) 2826 { 2827 if (!tty) 2828 return; 2829 schedule_work(&tty->SAK_work); 2830 } 2831 2832 EXPORT_SYMBOL(do_SAK); 2833 2834 static int dev_match_devt(struct device *dev, void *data) 2835 { 2836 dev_t *devt = data; 2837 return dev->devt == *devt; 2838 } 2839 2840 /* Must put_device() after it's unused! */ 2841 static struct device *tty_get_device(struct tty_struct *tty) 2842 { 2843 dev_t devt = tty_devnum(tty); 2844 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2845 } 2846 2847 2848 /** 2849 * initialize_tty_struct 2850 * @tty: tty to initialize 2851 * 2852 * This subroutine initializes a tty structure that has been newly 2853 * allocated. 2854 * 2855 * Locking: none - tty in question must not be exposed at this point 2856 */ 2857 2858 void initialize_tty_struct(struct tty_struct *tty, 2859 struct tty_driver *driver, int idx) 2860 { 2861 memset(tty, 0, sizeof(struct tty_struct)); 2862 kref_init(&tty->kref); 2863 tty->magic = TTY_MAGIC; 2864 tty_ldisc_init(tty); 2865 tty->session = NULL; 2866 tty->pgrp = NULL; 2867 tty->overrun_time = jiffies; 2868 tty->buf.head = tty->buf.tail = NULL; 2869 tty_buffer_init(tty); 2870 mutex_init(&tty->termios_mutex); 2871 mutex_init(&tty->ldisc_mutex); 2872 init_waitqueue_head(&tty->write_wait); 2873 init_waitqueue_head(&tty->read_wait); 2874 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2875 mutex_init(&tty->atomic_read_lock); 2876 mutex_init(&tty->atomic_write_lock); 2877 mutex_init(&tty->output_lock); 2878 mutex_init(&tty->echo_lock); 2879 spin_lock_init(&tty->read_lock); 2880 spin_lock_init(&tty->ctrl_lock); 2881 INIT_LIST_HEAD(&tty->tty_files); 2882 INIT_WORK(&tty->SAK_work, do_SAK_work); 2883 2884 tty->driver = driver; 2885 tty->ops = driver->ops; 2886 tty->index = idx; 2887 tty_line_name(driver, idx, tty->name); 2888 tty->dev = tty_get_device(tty); 2889 } 2890 2891 /** 2892 * deinitialize_tty_struct 2893 * @tty: tty to deinitialize 2894 * 2895 * This subroutine deinitializes a tty structure that has been newly 2896 * allocated but tty_release cannot be called on that yet. 2897 * 2898 * Locking: none - tty in question must not be exposed at this point 2899 */ 2900 void deinitialize_tty_struct(struct tty_struct *tty) 2901 { 2902 tty_ldisc_deinit(tty); 2903 } 2904 2905 /** 2906 * tty_put_char - write one character to a tty 2907 * @tty: tty 2908 * @ch: character 2909 * 2910 * Write one byte to the tty using the provided put_char method 2911 * if present. Returns the number of characters successfully output. 2912 * 2913 * Note: the specific put_char operation in the driver layer may go 2914 * away soon. Don't call it directly, use this method 2915 */ 2916 2917 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2918 { 2919 if (tty->ops->put_char) 2920 return tty->ops->put_char(tty, ch); 2921 return tty->ops->write(tty, &ch, 1); 2922 } 2923 EXPORT_SYMBOL_GPL(tty_put_char); 2924 2925 struct class *tty_class; 2926 2927 /** 2928 * tty_register_device - register a tty device 2929 * @driver: the tty driver that describes the tty device 2930 * @index: the index in the tty driver for this tty device 2931 * @device: a struct device that is associated with this tty device. 2932 * This field is optional, if there is no known struct device 2933 * for this tty device it can be set to NULL safely. 2934 * 2935 * Returns a pointer to the struct device for this tty device 2936 * (or ERR_PTR(-EFOO) on error). 2937 * 2938 * This call is required to be made to register an individual tty device 2939 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 2940 * that bit is not set, this function should not be called by a tty 2941 * driver. 2942 * 2943 * Locking: ?? 2944 */ 2945 2946 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 2947 struct device *device) 2948 { 2949 char name[64]; 2950 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 2951 2952 if (index >= driver->num) { 2953 printk(KERN_ERR "Attempt to register invalid tty line number " 2954 " (%d).\n", index); 2955 return ERR_PTR(-EINVAL); 2956 } 2957 2958 if (driver->type == TTY_DRIVER_TYPE_PTY) 2959 pty_line_name(driver, index, name); 2960 else 2961 tty_line_name(driver, index, name); 2962 2963 return device_create(tty_class, device, dev, NULL, name); 2964 } 2965 EXPORT_SYMBOL(tty_register_device); 2966 2967 /** 2968 * tty_unregister_device - unregister a tty device 2969 * @driver: the tty driver that describes the tty device 2970 * @index: the index in the tty driver for this tty device 2971 * 2972 * If a tty device is registered with a call to tty_register_device() then 2973 * this function must be called when the tty device is gone. 2974 * 2975 * Locking: ?? 2976 */ 2977 2978 void tty_unregister_device(struct tty_driver *driver, unsigned index) 2979 { 2980 device_destroy(tty_class, 2981 MKDEV(driver->major, driver->minor_start) + index); 2982 } 2983 EXPORT_SYMBOL(tty_unregister_device); 2984 2985 struct tty_driver *alloc_tty_driver(int lines) 2986 { 2987 struct tty_driver *driver; 2988 2989 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 2990 if (driver) { 2991 kref_init(&driver->kref); 2992 driver->magic = TTY_DRIVER_MAGIC; 2993 driver->num = lines; 2994 /* later we'll move allocation of tables here */ 2995 } 2996 return driver; 2997 } 2998 EXPORT_SYMBOL(alloc_tty_driver); 2999 3000 static void destruct_tty_driver(struct kref *kref) 3001 { 3002 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3003 int i; 3004 struct ktermios *tp; 3005 void *p; 3006 3007 if (driver->flags & TTY_DRIVER_INSTALLED) { 3008 /* 3009 * Free the termios and termios_locked structures because 3010 * we don't want to get memory leaks when modular tty 3011 * drivers are removed from the kernel. 3012 */ 3013 for (i = 0; i < driver->num; i++) { 3014 tp = driver->termios[i]; 3015 if (tp) { 3016 driver->termios[i] = NULL; 3017 kfree(tp); 3018 } 3019 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3020 tty_unregister_device(driver, i); 3021 } 3022 p = driver->ttys; 3023 proc_tty_unregister_driver(driver); 3024 driver->ttys = NULL; 3025 driver->termios = NULL; 3026 kfree(p); 3027 cdev_del(&driver->cdev); 3028 } 3029 kfree(driver); 3030 } 3031 3032 void tty_driver_kref_put(struct tty_driver *driver) 3033 { 3034 kref_put(&driver->kref, destruct_tty_driver); 3035 } 3036 EXPORT_SYMBOL(tty_driver_kref_put); 3037 3038 void tty_set_operations(struct tty_driver *driver, 3039 const struct tty_operations *op) 3040 { 3041 driver->ops = op; 3042 }; 3043 EXPORT_SYMBOL(tty_set_operations); 3044 3045 void put_tty_driver(struct tty_driver *d) 3046 { 3047 tty_driver_kref_put(d); 3048 } 3049 EXPORT_SYMBOL(put_tty_driver); 3050 3051 /* 3052 * Called by a tty driver to register itself. 3053 */ 3054 int tty_register_driver(struct tty_driver *driver) 3055 { 3056 int error; 3057 int i; 3058 dev_t dev; 3059 void **p = NULL; 3060 struct device *d; 3061 3062 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3063 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3064 if (!p) 3065 return -ENOMEM; 3066 } 3067 3068 if (!driver->major) { 3069 error = alloc_chrdev_region(&dev, driver->minor_start, 3070 driver->num, driver->name); 3071 if (!error) { 3072 driver->major = MAJOR(dev); 3073 driver->minor_start = MINOR(dev); 3074 } 3075 } else { 3076 dev = MKDEV(driver->major, driver->minor_start); 3077 error = register_chrdev_region(dev, driver->num, driver->name); 3078 } 3079 if (error < 0) { 3080 kfree(p); 3081 return error; 3082 } 3083 3084 if (p) { 3085 driver->ttys = (struct tty_struct **)p; 3086 driver->termios = (struct ktermios **)(p + driver->num); 3087 } else { 3088 driver->ttys = NULL; 3089 driver->termios = NULL; 3090 } 3091 3092 cdev_init(&driver->cdev, &tty_fops); 3093 driver->cdev.owner = driver->owner; 3094 error = cdev_add(&driver->cdev, dev, driver->num); 3095 if (error) { 3096 unregister_chrdev_region(dev, driver->num); 3097 driver->ttys = NULL; 3098 driver->termios = NULL; 3099 kfree(p); 3100 return error; 3101 } 3102 3103 mutex_lock(&tty_mutex); 3104 list_add(&driver->tty_drivers, &tty_drivers); 3105 mutex_unlock(&tty_mutex); 3106 3107 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3108 for (i = 0; i < driver->num; i++) { 3109 d = tty_register_device(driver, i, NULL); 3110 if (IS_ERR(d)) { 3111 error = PTR_ERR(d); 3112 goto err; 3113 } 3114 } 3115 } 3116 proc_tty_register_driver(driver); 3117 driver->flags |= TTY_DRIVER_INSTALLED; 3118 return 0; 3119 3120 err: 3121 for (i--; i >= 0; i--) 3122 tty_unregister_device(driver, i); 3123 3124 mutex_lock(&tty_mutex); 3125 list_del(&driver->tty_drivers); 3126 mutex_unlock(&tty_mutex); 3127 3128 unregister_chrdev_region(dev, driver->num); 3129 driver->ttys = NULL; 3130 driver->termios = NULL; 3131 kfree(p); 3132 return error; 3133 } 3134 3135 EXPORT_SYMBOL(tty_register_driver); 3136 3137 /* 3138 * Called by a tty driver to unregister itself. 3139 */ 3140 int tty_unregister_driver(struct tty_driver *driver) 3141 { 3142 #if 0 3143 /* FIXME */ 3144 if (driver->refcount) 3145 return -EBUSY; 3146 #endif 3147 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3148 driver->num); 3149 mutex_lock(&tty_mutex); 3150 list_del(&driver->tty_drivers); 3151 mutex_unlock(&tty_mutex); 3152 return 0; 3153 } 3154 3155 EXPORT_SYMBOL(tty_unregister_driver); 3156 3157 dev_t tty_devnum(struct tty_struct *tty) 3158 { 3159 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3160 } 3161 EXPORT_SYMBOL(tty_devnum); 3162 3163 void proc_clear_tty(struct task_struct *p) 3164 { 3165 unsigned long flags; 3166 struct tty_struct *tty; 3167 spin_lock_irqsave(&p->sighand->siglock, flags); 3168 tty = p->signal->tty; 3169 p->signal->tty = NULL; 3170 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3171 tty_kref_put(tty); 3172 } 3173 3174 /* Called under the sighand lock */ 3175 3176 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3177 { 3178 if (tty) { 3179 unsigned long flags; 3180 /* We should not have a session or pgrp to put here but.... */ 3181 spin_lock_irqsave(&tty->ctrl_lock, flags); 3182 put_pid(tty->session); 3183 put_pid(tty->pgrp); 3184 tty->pgrp = get_pid(task_pgrp(tsk)); 3185 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3186 tty->session = get_pid(task_session(tsk)); 3187 if (tsk->signal->tty) { 3188 printk(KERN_DEBUG "tty not NULL!!\n"); 3189 tty_kref_put(tsk->signal->tty); 3190 } 3191 } 3192 put_pid(tsk->signal->tty_old_pgrp); 3193 tsk->signal->tty = tty_kref_get(tty); 3194 tsk->signal->tty_old_pgrp = NULL; 3195 } 3196 3197 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3198 { 3199 spin_lock_irq(&tsk->sighand->siglock); 3200 __proc_set_tty(tsk, tty); 3201 spin_unlock_irq(&tsk->sighand->siglock); 3202 } 3203 3204 struct tty_struct *get_current_tty(void) 3205 { 3206 struct tty_struct *tty; 3207 unsigned long flags; 3208 3209 spin_lock_irqsave(¤t->sighand->siglock, flags); 3210 tty = tty_kref_get(current->signal->tty); 3211 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3212 return tty; 3213 } 3214 EXPORT_SYMBOL_GPL(get_current_tty); 3215 3216 void tty_default_fops(struct file_operations *fops) 3217 { 3218 *fops = tty_fops; 3219 } 3220 3221 /* 3222 * Initialize the console device. This is called *early*, so 3223 * we can't necessarily depend on lots of kernel help here. 3224 * Just do some early initializations, and do the complex setup 3225 * later. 3226 */ 3227 void __init console_init(void) 3228 { 3229 initcall_t *call; 3230 3231 /* Setup the default TTY line discipline. */ 3232 tty_ldisc_begin(); 3233 3234 /* 3235 * set up the console device so that later boot sequences can 3236 * inform about problems etc.. 3237 */ 3238 call = __con_initcall_start; 3239 while (call < __con_initcall_end) { 3240 (*call)(); 3241 call++; 3242 } 3243 } 3244 3245 static char *tty_devnode(struct device *dev, mode_t *mode) 3246 { 3247 if (!mode) 3248 return NULL; 3249 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3250 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3251 *mode = 0666; 3252 return NULL; 3253 } 3254 3255 static int __init tty_class_init(void) 3256 { 3257 tty_class = class_create(THIS_MODULE, "tty"); 3258 if (IS_ERR(tty_class)) 3259 return PTR_ERR(tty_class); 3260 tty_class->devnode = tty_devnode; 3261 return 0; 3262 } 3263 3264 postcore_initcall(tty_class_init); 3265 3266 /* 3/2004 jmc: why do these devices exist? */ 3267 static struct cdev tty_cdev, console_cdev; 3268 3269 static ssize_t show_cons_active(struct device *dev, 3270 struct device_attribute *attr, char *buf) 3271 { 3272 struct console *cs[16]; 3273 int i = 0; 3274 struct console *c; 3275 ssize_t count = 0; 3276 3277 console_lock(); 3278 for_each_console(c) { 3279 if (!c->device) 3280 continue; 3281 if (!c->write) 3282 continue; 3283 if ((c->flags & CON_ENABLED) == 0) 3284 continue; 3285 cs[i++] = c; 3286 if (i >= ARRAY_SIZE(cs)) 3287 break; 3288 } 3289 while (i--) 3290 count += sprintf(buf + count, "%s%d%c", 3291 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3292 console_unlock(); 3293 3294 return count; 3295 } 3296 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3297 3298 static struct device *consdev; 3299 3300 void console_sysfs_notify(void) 3301 { 3302 if (consdev) 3303 sysfs_notify(&consdev->kobj, NULL, "active"); 3304 } 3305 3306 /* 3307 * Ok, now we can initialize the rest of the tty devices and can count 3308 * on memory allocations, interrupts etc.. 3309 */ 3310 int __init tty_init(void) 3311 { 3312 cdev_init(&tty_cdev, &tty_fops); 3313 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3314 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3315 panic("Couldn't register /dev/tty driver\n"); 3316 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3317 3318 cdev_init(&console_cdev, &console_fops); 3319 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3320 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3321 panic("Couldn't register /dev/console driver\n"); 3322 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3323 "console"); 3324 if (IS_ERR(consdev)) 3325 consdev = NULL; 3326 else 3327 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3328 3329 #ifdef CONFIG_VT 3330 vty_init(&console_fops); 3331 #endif 3332 return 0; 3333 } 3334 3335