1 /* 2 * Copyright (C) 1991, 1992 Linus Torvalds 3 */ 4 5 /* 6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 7 * or rs-channels. It also implements echoing, cooked mode etc. 8 * 9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 10 * 11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 12 * tty_struct and tty_queue structures. Previously there was an array 13 * of 256 tty_struct's which was statically allocated, and the 14 * tty_queue structures were allocated at boot time. Both are now 15 * dynamically allocated only when the tty is open. 16 * 17 * Also restructured routines so that there is more of a separation 18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 19 * the low-level tty routines (serial.c, pty.c, console.c). This 20 * makes for cleaner and more compact code. -TYT, 9/17/92 21 * 22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 23 * which can be dynamically activated and de-activated by the line 24 * discipline handling modules (like SLIP). 25 * 26 * NOTE: pay no attention to the line discipline code (yet); its 27 * interface is still subject to change in this version... 28 * -- TYT, 1/31/92 29 * 30 * Added functionality to the OPOST tty handling. No delays, but all 31 * other bits should be there. 32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 33 * 34 * Rewrote canonical mode and added more termios flags. 35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 36 * 37 * Reorganized FASYNC support so mouse code can share it. 38 * -- ctm@ardi.com, 9Sep95 39 * 40 * New TIOCLINUX variants added. 41 * -- mj@k332.feld.cvut.cz, 19-Nov-95 42 * 43 * Restrict vt switching via ioctl() 44 * -- grif@cs.ucr.edu, 5-Dec-95 45 * 46 * Move console and virtual terminal code to more appropriate files, 47 * implement CONFIG_VT and generalize console device interface. 48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 49 * 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 51 * -- Bill Hawes <whawes@star.net>, June 97 52 * 53 * Added devfs support. 54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 55 * 56 * Added support for a Unix98-style ptmx device. 57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 58 * 59 * Reduced memory usage for older ARM systems 60 * -- Russell King <rmk@arm.linux.org.uk> 61 * 62 * Move do_SAK() into process context. Less stack use in devfs functions. 63 * alloc_tty_struct() always uses kmalloc() 64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 65 */ 66 67 #include <linux/types.h> 68 #include <linux/major.h> 69 #include <linux/errno.h> 70 #include <linux/signal.h> 71 #include <linux/fcntl.h> 72 #include <linux/sched.h> 73 #include <linux/interrupt.h> 74 #include <linux/tty.h> 75 #include <linux/tty_driver.h> 76 #include <linux/tty_flip.h> 77 #include <linux/devpts_fs.h> 78 #include <linux/file.h> 79 #include <linux/fdtable.h> 80 #include <linux/console.h> 81 #include <linux/timer.h> 82 #include <linux/ctype.h> 83 #include <linux/kd.h> 84 #include <linux/mm.h> 85 #include <linux/string.h> 86 #include <linux/slab.h> 87 #include <linux/poll.h> 88 #include <linux/proc_fs.h> 89 #include <linux/init.h> 90 #include <linux/module.h> 91 #include <linux/device.h> 92 #include <linux/wait.h> 93 #include <linux/bitops.h> 94 #include <linux/delay.h> 95 #include <linux/seq_file.h> 96 #include <linux/serial.h> 97 #include <linux/ratelimit.h> 98 99 #include <linux/uaccess.h> 100 #include <asm/system.h> 101 102 #include <linux/kbd_kern.h> 103 #include <linux/vt_kern.h> 104 #include <linux/selection.h> 105 106 #include <linux/kmod.h> 107 #include <linux/nsproxy.h> 108 109 #undef TTY_DEBUG_HANGUP 110 111 #define TTY_PARANOIA_CHECK 1 112 #define CHECK_TTY_COUNT 1 113 114 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 115 .c_iflag = ICRNL | IXON, 116 .c_oflag = OPOST | ONLCR, 117 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 118 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 119 ECHOCTL | ECHOKE | IEXTEN, 120 .c_cc = INIT_C_CC, 121 .c_ispeed = 38400, 122 .c_ospeed = 38400 123 }; 124 125 EXPORT_SYMBOL(tty_std_termios); 126 127 /* This list gets poked at by procfs and various bits of boot up code. This 128 could do with some rationalisation such as pulling the tty proc function 129 into this file */ 130 131 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 132 133 /* Mutex to protect creating and releasing a tty. This is shared with 134 vt.c for deeply disgusting hack reasons */ 135 DEFINE_MUTEX(tty_mutex); 136 EXPORT_SYMBOL(tty_mutex); 137 138 /* Spinlock to protect the tty->tty_files list */ 139 DEFINE_SPINLOCK(tty_files_lock); 140 141 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 142 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 143 ssize_t redirected_tty_write(struct file *, const char __user *, 144 size_t, loff_t *); 145 static unsigned int tty_poll(struct file *, poll_table *); 146 static int tty_open(struct inode *, struct file *); 147 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 148 #ifdef CONFIG_COMPAT 149 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 150 unsigned long arg); 151 #else 152 #define tty_compat_ioctl NULL 153 #endif 154 static int __tty_fasync(int fd, struct file *filp, int on); 155 static int tty_fasync(int fd, struct file *filp, int on); 156 static void release_tty(struct tty_struct *tty, int idx); 157 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 158 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 159 160 /** 161 * alloc_tty_struct - allocate a tty object 162 * 163 * Return a new empty tty structure. The data fields have not 164 * been initialized in any way but has been zeroed 165 * 166 * Locking: none 167 */ 168 169 struct tty_struct *alloc_tty_struct(void) 170 { 171 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 172 } 173 174 /** 175 * free_tty_struct - free a disused tty 176 * @tty: tty struct to free 177 * 178 * Free the write buffers, tty queue and tty memory itself. 179 * 180 * Locking: none. Must be called after tty is definitely unused 181 */ 182 183 void free_tty_struct(struct tty_struct *tty) 184 { 185 if (tty->dev) 186 put_device(tty->dev); 187 kfree(tty->write_buf); 188 tty_buffer_free_all(tty); 189 kfree(tty); 190 } 191 192 static inline struct tty_struct *file_tty(struct file *file) 193 { 194 return ((struct tty_file_private *)file->private_data)->tty; 195 } 196 197 /* Associate a new file with the tty structure */ 198 int tty_add_file(struct tty_struct *tty, struct file *file) 199 { 200 struct tty_file_private *priv; 201 202 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 203 if (!priv) 204 return -ENOMEM; 205 206 priv->tty = tty; 207 priv->file = file; 208 file->private_data = priv; 209 210 spin_lock(&tty_files_lock); 211 list_add(&priv->list, &tty->tty_files); 212 spin_unlock(&tty_files_lock); 213 214 return 0; 215 } 216 217 /* Delete file from its tty */ 218 void tty_del_file(struct file *file) 219 { 220 struct tty_file_private *priv = file->private_data; 221 222 spin_lock(&tty_files_lock); 223 list_del(&priv->list); 224 spin_unlock(&tty_files_lock); 225 file->private_data = NULL; 226 kfree(priv); 227 } 228 229 230 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 231 232 /** 233 * tty_name - return tty naming 234 * @tty: tty structure 235 * @buf: buffer for output 236 * 237 * Convert a tty structure into a name. The name reflects the kernel 238 * naming policy and if udev is in use may not reflect user space 239 * 240 * Locking: none 241 */ 242 243 char *tty_name(struct tty_struct *tty, char *buf) 244 { 245 if (!tty) /* Hmm. NULL pointer. That's fun. */ 246 strcpy(buf, "NULL tty"); 247 else 248 strcpy(buf, tty->name); 249 return buf; 250 } 251 252 EXPORT_SYMBOL(tty_name); 253 254 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 255 const char *routine) 256 { 257 #ifdef TTY_PARANOIA_CHECK 258 if (!tty) { 259 printk(KERN_WARNING 260 "null TTY for (%d:%d) in %s\n", 261 imajor(inode), iminor(inode), routine); 262 return 1; 263 } 264 if (tty->magic != TTY_MAGIC) { 265 printk(KERN_WARNING 266 "bad magic number for tty struct (%d:%d) in %s\n", 267 imajor(inode), iminor(inode), routine); 268 return 1; 269 } 270 #endif 271 return 0; 272 } 273 274 static int check_tty_count(struct tty_struct *tty, const char *routine) 275 { 276 #ifdef CHECK_TTY_COUNT 277 struct list_head *p; 278 int count = 0; 279 280 spin_lock(&tty_files_lock); 281 list_for_each(p, &tty->tty_files) { 282 count++; 283 } 284 spin_unlock(&tty_files_lock); 285 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 286 tty->driver->subtype == PTY_TYPE_SLAVE && 287 tty->link && tty->link->count) 288 count++; 289 if (tty->count != count) { 290 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 291 "!= #fd's(%d) in %s\n", 292 tty->name, tty->count, count, routine); 293 return count; 294 } 295 #endif 296 return 0; 297 } 298 299 /** 300 * get_tty_driver - find device of a tty 301 * @dev_t: device identifier 302 * @index: returns the index of the tty 303 * 304 * This routine returns a tty driver structure, given a device number 305 * and also passes back the index number. 306 * 307 * Locking: caller must hold tty_mutex 308 */ 309 310 static struct tty_driver *get_tty_driver(dev_t device, int *index) 311 { 312 struct tty_driver *p; 313 314 list_for_each_entry(p, &tty_drivers, tty_drivers) { 315 dev_t base = MKDEV(p->major, p->minor_start); 316 if (device < base || device >= base + p->num) 317 continue; 318 *index = device - base; 319 return tty_driver_kref_get(p); 320 } 321 return NULL; 322 } 323 324 #ifdef CONFIG_CONSOLE_POLL 325 326 /** 327 * tty_find_polling_driver - find device of a polled tty 328 * @name: name string to match 329 * @line: pointer to resulting tty line nr 330 * 331 * This routine returns a tty driver structure, given a name 332 * and the condition that the tty driver is capable of polled 333 * operation. 334 */ 335 struct tty_driver *tty_find_polling_driver(char *name, int *line) 336 { 337 struct tty_driver *p, *res = NULL; 338 int tty_line = 0; 339 int len; 340 char *str, *stp; 341 342 for (str = name; *str; str++) 343 if ((*str >= '0' && *str <= '9') || *str == ',') 344 break; 345 if (!*str) 346 return NULL; 347 348 len = str - name; 349 tty_line = simple_strtoul(str, &str, 10); 350 351 mutex_lock(&tty_mutex); 352 /* Search through the tty devices to look for a match */ 353 list_for_each_entry(p, &tty_drivers, tty_drivers) { 354 if (strncmp(name, p->name, len) != 0) 355 continue; 356 stp = str; 357 if (*stp == ',') 358 stp++; 359 if (*stp == '\0') 360 stp = NULL; 361 362 if (tty_line >= 0 && tty_line < p->num && p->ops && 363 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 364 res = tty_driver_kref_get(p); 365 *line = tty_line; 366 break; 367 } 368 } 369 mutex_unlock(&tty_mutex); 370 371 return res; 372 } 373 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 374 #endif 375 376 /** 377 * tty_check_change - check for POSIX terminal changes 378 * @tty: tty to check 379 * 380 * If we try to write to, or set the state of, a terminal and we're 381 * not in the foreground, send a SIGTTOU. If the signal is blocked or 382 * ignored, go ahead and perform the operation. (POSIX 7.2) 383 * 384 * Locking: ctrl_lock 385 */ 386 387 int tty_check_change(struct tty_struct *tty) 388 { 389 unsigned long flags; 390 int ret = 0; 391 392 if (current->signal->tty != tty) 393 return 0; 394 395 spin_lock_irqsave(&tty->ctrl_lock, flags); 396 397 if (!tty->pgrp) { 398 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 399 goto out_unlock; 400 } 401 if (task_pgrp(current) == tty->pgrp) 402 goto out_unlock; 403 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 404 if (is_ignored(SIGTTOU)) 405 goto out; 406 if (is_current_pgrp_orphaned()) { 407 ret = -EIO; 408 goto out; 409 } 410 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 411 set_thread_flag(TIF_SIGPENDING); 412 ret = -ERESTARTSYS; 413 out: 414 return ret; 415 out_unlock: 416 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 417 return ret; 418 } 419 420 EXPORT_SYMBOL(tty_check_change); 421 422 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 423 size_t count, loff_t *ppos) 424 { 425 return 0; 426 } 427 428 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 429 size_t count, loff_t *ppos) 430 { 431 return -EIO; 432 } 433 434 /* No kernel lock held - none needed ;) */ 435 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 436 { 437 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 438 } 439 440 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 441 unsigned long arg) 442 { 443 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 444 } 445 446 static long hung_up_tty_compat_ioctl(struct file *file, 447 unsigned int cmd, unsigned long arg) 448 { 449 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 450 } 451 452 static const struct file_operations tty_fops = { 453 .llseek = no_llseek, 454 .read = tty_read, 455 .write = tty_write, 456 .poll = tty_poll, 457 .unlocked_ioctl = tty_ioctl, 458 .compat_ioctl = tty_compat_ioctl, 459 .open = tty_open, 460 .release = tty_release, 461 .fasync = tty_fasync, 462 }; 463 464 static const struct file_operations console_fops = { 465 .llseek = no_llseek, 466 .read = tty_read, 467 .write = redirected_tty_write, 468 .poll = tty_poll, 469 .unlocked_ioctl = tty_ioctl, 470 .compat_ioctl = tty_compat_ioctl, 471 .open = tty_open, 472 .release = tty_release, 473 .fasync = tty_fasync, 474 }; 475 476 static const struct file_operations hung_up_tty_fops = { 477 .llseek = no_llseek, 478 .read = hung_up_tty_read, 479 .write = hung_up_tty_write, 480 .poll = hung_up_tty_poll, 481 .unlocked_ioctl = hung_up_tty_ioctl, 482 .compat_ioctl = hung_up_tty_compat_ioctl, 483 .release = tty_release, 484 }; 485 486 static DEFINE_SPINLOCK(redirect_lock); 487 static struct file *redirect; 488 489 /** 490 * tty_wakeup - request more data 491 * @tty: terminal 492 * 493 * Internal and external helper for wakeups of tty. This function 494 * informs the line discipline if present that the driver is ready 495 * to receive more output data. 496 */ 497 498 void tty_wakeup(struct tty_struct *tty) 499 { 500 struct tty_ldisc *ld; 501 502 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 503 ld = tty_ldisc_ref(tty); 504 if (ld) { 505 if (ld->ops->write_wakeup) 506 ld->ops->write_wakeup(tty); 507 tty_ldisc_deref(ld); 508 } 509 } 510 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 511 } 512 513 EXPORT_SYMBOL_GPL(tty_wakeup); 514 515 /** 516 * __tty_hangup - actual handler for hangup events 517 * @work: tty device 518 * 519 * This can be called by the "eventd" kernel thread. That is process 520 * synchronous but doesn't hold any locks, so we need to make sure we 521 * have the appropriate locks for what we're doing. 522 * 523 * The hangup event clears any pending redirections onto the hung up 524 * device. It ensures future writes will error and it does the needed 525 * line discipline hangup and signal delivery. The tty object itself 526 * remains intact. 527 * 528 * Locking: 529 * BTM 530 * redirect lock for undoing redirection 531 * file list lock for manipulating list of ttys 532 * tty_ldisc_lock from called functions 533 * termios_mutex resetting termios data 534 * tasklist_lock to walk task list for hangup event 535 * ->siglock to protect ->signal/->sighand 536 */ 537 void __tty_hangup(struct tty_struct *tty) 538 { 539 struct file *cons_filp = NULL; 540 struct file *filp, *f = NULL; 541 struct task_struct *p; 542 struct tty_file_private *priv; 543 int closecount = 0, n; 544 unsigned long flags; 545 int refs = 0; 546 547 if (!tty) 548 return; 549 550 551 spin_lock(&redirect_lock); 552 if (redirect && file_tty(redirect) == tty) { 553 f = redirect; 554 redirect = NULL; 555 } 556 spin_unlock(&redirect_lock); 557 558 tty_lock(); 559 560 /* some functions below drop BTM, so we need this bit */ 561 set_bit(TTY_HUPPING, &tty->flags); 562 563 /* inuse_filps is protected by the single tty lock, 564 this really needs to change if we want to flush the 565 workqueue with the lock held */ 566 check_tty_count(tty, "tty_hangup"); 567 568 spin_lock(&tty_files_lock); 569 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 570 list_for_each_entry(priv, &tty->tty_files, list) { 571 filp = priv->file; 572 if (filp->f_op->write == redirected_tty_write) 573 cons_filp = filp; 574 if (filp->f_op->write != tty_write) 575 continue; 576 closecount++; 577 __tty_fasync(-1, filp, 0); /* can't block */ 578 filp->f_op = &hung_up_tty_fops; 579 } 580 spin_unlock(&tty_files_lock); 581 582 /* 583 * it drops BTM and thus races with reopen 584 * we protect the race by TTY_HUPPING 585 */ 586 tty_ldisc_hangup(tty); 587 588 read_lock(&tasklist_lock); 589 if (tty->session) { 590 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 591 spin_lock_irq(&p->sighand->siglock); 592 if (p->signal->tty == tty) { 593 p->signal->tty = NULL; 594 /* We defer the dereferences outside fo 595 the tasklist lock */ 596 refs++; 597 } 598 if (!p->signal->leader) { 599 spin_unlock_irq(&p->sighand->siglock); 600 continue; 601 } 602 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 603 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 604 put_pid(p->signal->tty_old_pgrp); /* A noop */ 605 spin_lock_irqsave(&tty->ctrl_lock, flags); 606 if (tty->pgrp) 607 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 608 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 609 spin_unlock_irq(&p->sighand->siglock); 610 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 611 } 612 read_unlock(&tasklist_lock); 613 614 spin_lock_irqsave(&tty->ctrl_lock, flags); 615 clear_bit(TTY_THROTTLED, &tty->flags); 616 clear_bit(TTY_PUSH, &tty->flags); 617 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 618 put_pid(tty->session); 619 put_pid(tty->pgrp); 620 tty->session = NULL; 621 tty->pgrp = NULL; 622 tty->ctrl_status = 0; 623 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 624 625 /* Account for the p->signal references we killed */ 626 while (refs--) 627 tty_kref_put(tty); 628 629 /* 630 * If one of the devices matches a console pointer, we 631 * cannot just call hangup() because that will cause 632 * tty->count and state->count to go out of sync. 633 * So we just call close() the right number of times. 634 */ 635 if (cons_filp) { 636 if (tty->ops->close) 637 for (n = 0; n < closecount; n++) 638 tty->ops->close(tty, cons_filp); 639 } else if (tty->ops->hangup) 640 (tty->ops->hangup)(tty); 641 /* 642 * We don't want to have driver/ldisc interactions beyond 643 * the ones we did here. The driver layer expects no 644 * calls after ->hangup() from the ldisc side. However we 645 * can't yet guarantee all that. 646 */ 647 set_bit(TTY_HUPPED, &tty->flags); 648 clear_bit(TTY_HUPPING, &tty->flags); 649 tty_ldisc_enable(tty); 650 651 tty_unlock(); 652 653 if (f) 654 fput(f); 655 } 656 657 static void do_tty_hangup(struct work_struct *work) 658 { 659 struct tty_struct *tty = 660 container_of(work, struct tty_struct, hangup_work); 661 662 __tty_hangup(tty); 663 } 664 665 /** 666 * tty_hangup - trigger a hangup event 667 * @tty: tty to hangup 668 * 669 * A carrier loss (virtual or otherwise) has occurred on this like 670 * schedule a hangup sequence to run after this event. 671 */ 672 673 void tty_hangup(struct tty_struct *tty) 674 { 675 #ifdef TTY_DEBUG_HANGUP 676 char buf[64]; 677 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 678 #endif 679 schedule_work(&tty->hangup_work); 680 } 681 682 EXPORT_SYMBOL(tty_hangup); 683 684 /** 685 * tty_vhangup - process vhangup 686 * @tty: tty to hangup 687 * 688 * The user has asked via system call for the terminal to be hung up. 689 * We do this synchronously so that when the syscall returns the process 690 * is complete. That guarantee is necessary for security reasons. 691 */ 692 693 void tty_vhangup(struct tty_struct *tty) 694 { 695 #ifdef TTY_DEBUG_HANGUP 696 char buf[64]; 697 698 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 699 #endif 700 __tty_hangup(tty); 701 } 702 703 EXPORT_SYMBOL(tty_vhangup); 704 705 706 /** 707 * tty_vhangup_self - process vhangup for own ctty 708 * 709 * Perform a vhangup on the current controlling tty 710 */ 711 712 void tty_vhangup_self(void) 713 { 714 struct tty_struct *tty; 715 716 tty = get_current_tty(); 717 if (tty) { 718 tty_vhangup(tty); 719 tty_kref_put(tty); 720 } 721 } 722 723 /** 724 * tty_hung_up_p - was tty hung up 725 * @filp: file pointer of tty 726 * 727 * Return true if the tty has been subject to a vhangup or a carrier 728 * loss 729 */ 730 731 int tty_hung_up_p(struct file *filp) 732 { 733 return (filp->f_op == &hung_up_tty_fops); 734 } 735 736 EXPORT_SYMBOL(tty_hung_up_p); 737 738 static void session_clear_tty(struct pid *session) 739 { 740 struct task_struct *p; 741 do_each_pid_task(session, PIDTYPE_SID, p) { 742 proc_clear_tty(p); 743 } while_each_pid_task(session, PIDTYPE_SID, p); 744 } 745 746 /** 747 * disassociate_ctty - disconnect controlling tty 748 * @on_exit: true if exiting so need to "hang up" the session 749 * 750 * This function is typically called only by the session leader, when 751 * it wants to disassociate itself from its controlling tty. 752 * 753 * It performs the following functions: 754 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 755 * (2) Clears the tty from being controlling the session 756 * (3) Clears the controlling tty for all processes in the 757 * session group. 758 * 759 * The argument on_exit is set to 1 if called when a process is 760 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 761 * 762 * Locking: 763 * BTM is taken for hysterical raisins, and held when 764 * called from no_tty(). 765 * tty_mutex is taken to protect tty 766 * ->siglock is taken to protect ->signal/->sighand 767 * tasklist_lock is taken to walk process list for sessions 768 * ->siglock is taken to protect ->signal/->sighand 769 */ 770 771 void disassociate_ctty(int on_exit) 772 { 773 struct tty_struct *tty; 774 struct pid *tty_pgrp = NULL; 775 776 if (!current->signal->leader) 777 return; 778 779 tty = get_current_tty(); 780 if (tty) { 781 tty_pgrp = get_pid(tty->pgrp); 782 if (on_exit) { 783 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 784 tty_vhangup(tty); 785 } 786 tty_kref_put(tty); 787 } else if (on_exit) { 788 struct pid *old_pgrp; 789 spin_lock_irq(¤t->sighand->siglock); 790 old_pgrp = current->signal->tty_old_pgrp; 791 current->signal->tty_old_pgrp = NULL; 792 spin_unlock_irq(¤t->sighand->siglock); 793 if (old_pgrp) { 794 kill_pgrp(old_pgrp, SIGHUP, on_exit); 795 kill_pgrp(old_pgrp, SIGCONT, on_exit); 796 put_pid(old_pgrp); 797 } 798 return; 799 } 800 if (tty_pgrp) { 801 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 802 if (!on_exit) 803 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 804 put_pid(tty_pgrp); 805 } 806 807 spin_lock_irq(¤t->sighand->siglock); 808 put_pid(current->signal->tty_old_pgrp); 809 current->signal->tty_old_pgrp = NULL; 810 spin_unlock_irq(¤t->sighand->siglock); 811 812 tty = get_current_tty(); 813 if (tty) { 814 unsigned long flags; 815 spin_lock_irqsave(&tty->ctrl_lock, flags); 816 put_pid(tty->session); 817 put_pid(tty->pgrp); 818 tty->session = NULL; 819 tty->pgrp = NULL; 820 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 821 tty_kref_put(tty); 822 } else { 823 #ifdef TTY_DEBUG_HANGUP 824 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 825 " = NULL", tty); 826 #endif 827 } 828 829 /* Now clear signal->tty under the lock */ 830 read_lock(&tasklist_lock); 831 session_clear_tty(task_session(current)); 832 read_unlock(&tasklist_lock); 833 } 834 835 /** 836 * 837 * no_tty - Ensure the current process does not have a controlling tty 838 */ 839 void no_tty(void) 840 { 841 struct task_struct *tsk = current; 842 tty_lock(); 843 disassociate_ctty(0); 844 tty_unlock(); 845 proc_clear_tty(tsk); 846 } 847 848 849 /** 850 * stop_tty - propagate flow control 851 * @tty: tty to stop 852 * 853 * Perform flow control to the driver. For PTY/TTY pairs we 854 * must also propagate the TIOCKPKT status. May be called 855 * on an already stopped device and will not re-call the driver 856 * method. 857 * 858 * This functionality is used by both the line disciplines for 859 * halting incoming flow and by the driver. It may therefore be 860 * called from any context, may be under the tty atomic_write_lock 861 * but not always. 862 * 863 * Locking: 864 * Uses the tty control lock internally 865 */ 866 867 void stop_tty(struct tty_struct *tty) 868 { 869 unsigned long flags; 870 spin_lock_irqsave(&tty->ctrl_lock, flags); 871 if (tty->stopped) { 872 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 873 return; 874 } 875 tty->stopped = 1; 876 if (tty->link && tty->link->packet) { 877 tty->ctrl_status &= ~TIOCPKT_START; 878 tty->ctrl_status |= TIOCPKT_STOP; 879 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 880 } 881 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 882 if (tty->ops->stop) 883 (tty->ops->stop)(tty); 884 } 885 886 EXPORT_SYMBOL(stop_tty); 887 888 /** 889 * start_tty - propagate flow control 890 * @tty: tty to start 891 * 892 * Start a tty that has been stopped if at all possible. Perform 893 * any necessary wakeups and propagate the TIOCPKT status. If this 894 * is the tty was previous stopped and is being started then the 895 * driver start method is invoked and the line discipline woken. 896 * 897 * Locking: 898 * ctrl_lock 899 */ 900 901 void start_tty(struct tty_struct *tty) 902 { 903 unsigned long flags; 904 spin_lock_irqsave(&tty->ctrl_lock, flags); 905 if (!tty->stopped || tty->flow_stopped) { 906 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 907 return; 908 } 909 tty->stopped = 0; 910 if (tty->link && tty->link->packet) { 911 tty->ctrl_status &= ~TIOCPKT_STOP; 912 tty->ctrl_status |= TIOCPKT_START; 913 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 914 } 915 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 916 if (tty->ops->start) 917 (tty->ops->start)(tty); 918 /* If we have a running line discipline it may need kicking */ 919 tty_wakeup(tty); 920 } 921 922 EXPORT_SYMBOL(start_tty); 923 924 /** 925 * tty_read - read method for tty device files 926 * @file: pointer to tty file 927 * @buf: user buffer 928 * @count: size of user buffer 929 * @ppos: unused 930 * 931 * Perform the read system call function on this terminal device. Checks 932 * for hung up devices before calling the line discipline method. 933 * 934 * Locking: 935 * Locks the line discipline internally while needed. Multiple 936 * read calls may be outstanding in parallel. 937 */ 938 939 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 940 loff_t *ppos) 941 { 942 int i; 943 struct inode *inode = file->f_path.dentry->d_inode; 944 struct tty_struct *tty = file_tty(file); 945 struct tty_ldisc *ld; 946 947 if (tty_paranoia_check(tty, inode, "tty_read")) 948 return -EIO; 949 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 950 return -EIO; 951 952 /* We want to wait for the line discipline to sort out in this 953 situation */ 954 ld = tty_ldisc_ref_wait(tty); 955 if (ld->ops->read) 956 i = (ld->ops->read)(tty, file, buf, count); 957 else 958 i = -EIO; 959 tty_ldisc_deref(ld); 960 if (i > 0) 961 inode->i_atime = current_fs_time(inode->i_sb); 962 return i; 963 } 964 965 void tty_write_unlock(struct tty_struct *tty) 966 __releases(&tty->atomic_write_lock) 967 { 968 mutex_unlock(&tty->atomic_write_lock); 969 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 970 } 971 972 int tty_write_lock(struct tty_struct *tty, int ndelay) 973 __acquires(&tty->atomic_write_lock) 974 { 975 if (!mutex_trylock(&tty->atomic_write_lock)) { 976 if (ndelay) 977 return -EAGAIN; 978 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 979 return -ERESTARTSYS; 980 } 981 return 0; 982 } 983 984 /* 985 * Split writes up in sane blocksizes to avoid 986 * denial-of-service type attacks 987 */ 988 static inline ssize_t do_tty_write( 989 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 990 struct tty_struct *tty, 991 struct file *file, 992 const char __user *buf, 993 size_t count) 994 { 995 ssize_t ret, written = 0; 996 unsigned int chunk; 997 998 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 999 if (ret < 0) 1000 return ret; 1001 1002 /* 1003 * We chunk up writes into a temporary buffer. This 1004 * simplifies low-level drivers immensely, since they 1005 * don't have locking issues and user mode accesses. 1006 * 1007 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1008 * big chunk-size.. 1009 * 1010 * The default chunk-size is 2kB, because the NTTY 1011 * layer has problems with bigger chunks. It will 1012 * claim to be able to handle more characters than 1013 * it actually does. 1014 * 1015 * FIXME: This can probably go away now except that 64K chunks 1016 * are too likely to fail unless switched to vmalloc... 1017 */ 1018 chunk = 2048; 1019 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1020 chunk = 65536; 1021 if (count < chunk) 1022 chunk = count; 1023 1024 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1025 if (tty->write_cnt < chunk) { 1026 unsigned char *buf_chunk; 1027 1028 if (chunk < 1024) 1029 chunk = 1024; 1030 1031 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1032 if (!buf_chunk) { 1033 ret = -ENOMEM; 1034 goto out; 1035 } 1036 kfree(tty->write_buf); 1037 tty->write_cnt = chunk; 1038 tty->write_buf = buf_chunk; 1039 } 1040 1041 /* Do the write .. */ 1042 for (;;) { 1043 size_t size = count; 1044 if (size > chunk) 1045 size = chunk; 1046 ret = -EFAULT; 1047 if (copy_from_user(tty->write_buf, buf, size)) 1048 break; 1049 ret = write(tty, file, tty->write_buf, size); 1050 if (ret <= 0) 1051 break; 1052 written += ret; 1053 buf += ret; 1054 count -= ret; 1055 if (!count) 1056 break; 1057 ret = -ERESTARTSYS; 1058 if (signal_pending(current)) 1059 break; 1060 cond_resched(); 1061 } 1062 if (written) { 1063 struct inode *inode = file->f_path.dentry->d_inode; 1064 inode->i_mtime = current_fs_time(inode->i_sb); 1065 ret = written; 1066 } 1067 out: 1068 tty_write_unlock(tty); 1069 return ret; 1070 } 1071 1072 /** 1073 * tty_write_message - write a message to a certain tty, not just the console. 1074 * @tty: the destination tty_struct 1075 * @msg: the message to write 1076 * 1077 * This is used for messages that need to be redirected to a specific tty. 1078 * We don't put it into the syslog queue right now maybe in the future if 1079 * really needed. 1080 * 1081 * We must still hold the BTM and test the CLOSING flag for the moment. 1082 */ 1083 1084 void tty_write_message(struct tty_struct *tty, char *msg) 1085 { 1086 if (tty) { 1087 mutex_lock(&tty->atomic_write_lock); 1088 tty_lock(); 1089 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1090 tty_unlock(); 1091 tty->ops->write(tty, msg, strlen(msg)); 1092 } else 1093 tty_unlock(); 1094 tty_write_unlock(tty); 1095 } 1096 return; 1097 } 1098 1099 1100 /** 1101 * tty_write - write method for tty device file 1102 * @file: tty file pointer 1103 * @buf: user data to write 1104 * @count: bytes to write 1105 * @ppos: unused 1106 * 1107 * Write data to a tty device via the line discipline. 1108 * 1109 * Locking: 1110 * Locks the line discipline as required 1111 * Writes to the tty driver are serialized by the atomic_write_lock 1112 * and are then processed in chunks to the device. The line discipline 1113 * write method will not be invoked in parallel for each device. 1114 */ 1115 1116 static ssize_t tty_write(struct file *file, const char __user *buf, 1117 size_t count, loff_t *ppos) 1118 { 1119 struct inode *inode = file->f_path.dentry->d_inode; 1120 struct tty_struct *tty = file_tty(file); 1121 struct tty_ldisc *ld; 1122 ssize_t ret; 1123 1124 if (tty_paranoia_check(tty, inode, "tty_write")) 1125 return -EIO; 1126 if (!tty || !tty->ops->write || 1127 (test_bit(TTY_IO_ERROR, &tty->flags))) 1128 return -EIO; 1129 /* Short term debug to catch buggy drivers */ 1130 if (tty->ops->write_room == NULL) 1131 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1132 tty->driver->name); 1133 ld = tty_ldisc_ref_wait(tty); 1134 if (!ld->ops->write) 1135 ret = -EIO; 1136 else 1137 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1138 tty_ldisc_deref(ld); 1139 return ret; 1140 } 1141 1142 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1143 size_t count, loff_t *ppos) 1144 { 1145 struct file *p = NULL; 1146 1147 spin_lock(&redirect_lock); 1148 if (redirect) { 1149 get_file(redirect); 1150 p = redirect; 1151 } 1152 spin_unlock(&redirect_lock); 1153 1154 if (p) { 1155 ssize_t res; 1156 res = vfs_write(p, buf, count, &p->f_pos); 1157 fput(p); 1158 return res; 1159 } 1160 return tty_write(file, buf, count, ppos); 1161 } 1162 1163 static char ptychar[] = "pqrstuvwxyzabcde"; 1164 1165 /** 1166 * pty_line_name - generate name for a pty 1167 * @driver: the tty driver in use 1168 * @index: the minor number 1169 * @p: output buffer of at least 6 bytes 1170 * 1171 * Generate a name from a driver reference and write it to the output 1172 * buffer. 1173 * 1174 * Locking: None 1175 */ 1176 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1177 { 1178 int i = index + driver->name_base; 1179 /* ->name is initialized to "ttyp", but "tty" is expected */ 1180 sprintf(p, "%s%c%x", 1181 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1182 ptychar[i >> 4 & 0xf], i & 0xf); 1183 } 1184 1185 /** 1186 * tty_line_name - generate name for a tty 1187 * @driver: the tty driver in use 1188 * @index: the minor number 1189 * @p: output buffer of at least 7 bytes 1190 * 1191 * Generate a name from a driver reference and write it to the output 1192 * buffer. 1193 * 1194 * Locking: None 1195 */ 1196 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1197 { 1198 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1199 } 1200 1201 /** 1202 * tty_driver_lookup_tty() - find an existing tty, if any 1203 * @driver: the driver for the tty 1204 * @idx: the minor number 1205 * 1206 * Return the tty, if found or ERR_PTR() otherwise. 1207 * 1208 * Locking: tty_mutex must be held. If tty is found, the mutex must 1209 * be held until the 'fast-open' is also done. Will change once we 1210 * have refcounting in the driver and per driver locking 1211 */ 1212 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1213 struct inode *inode, int idx) 1214 { 1215 struct tty_struct *tty; 1216 1217 if (driver->ops->lookup) 1218 return driver->ops->lookup(driver, inode, idx); 1219 1220 tty = driver->ttys[idx]; 1221 return tty; 1222 } 1223 1224 /** 1225 * tty_init_termios - helper for termios setup 1226 * @tty: the tty to set up 1227 * 1228 * Initialise the termios structures for this tty. Thus runs under 1229 * the tty_mutex currently so we can be relaxed about ordering. 1230 */ 1231 1232 int tty_init_termios(struct tty_struct *tty) 1233 { 1234 struct ktermios *tp; 1235 int idx = tty->index; 1236 1237 tp = tty->driver->termios[idx]; 1238 if (tp == NULL) { 1239 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1240 if (tp == NULL) 1241 return -ENOMEM; 1242 memcpy(tp, &tty->driver->init_termios, 1243 sizeof(struct ktermios)); 1244 tty->driver->termios[idx] = tp; 1245 } 1246 tty->termios = tp; 1247 tty->termios_locked = tp + 1; 1248 1249 /* Compatibility until drivers always set this */ 1250 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1251 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1252 return 0; 1253 } 1254 EXPORT_SYMBOL_GPL(tty_init_termios); 1255 1256 /** 1257 * tty_driver_install_tty() - install a tty entry in the driver 1258 * @driver: the driver for the tty 1259 * @tty: the tty 1260 * 1261 * Install a tty object into the driver tables. The tty->index field 1262 * will be set by the time this is called. This method is responsible 1263 * for ensuring any need additional structures are allocated and 1264 * configured. 1265 * 1266 * Locking: tty_mutex for now 1267 */ 1268 static int tty_driver_install_tty(struct tty_driver *driver, 1269 struct tty_struct *tty) 1270 { 1271 int idx = tty->index; 1272 int ret; 1273 1274 if (driver->ops->install) { 1275 ret = driver->ops->install(driver, tty); 1276 return ret; 1277 } 1278 1279 if (tty_init_termios(tty) == 0) { 1280 tty_driver_kref_get(driver); 1281 tty->count++; 1282 driver->ttys[idx] = tty; 1283 return 0; 1284 } 1285 return -ENOMEM; 1286 } 1287 1288 /** 1289 * tty_driver_remove_tty() - remove a tty from the driver tables 1290 * @driver: the driver for the tty 1291 * @idx: the minor number 1292 * 1293 * Remvoe a tty object from the driver tables. The tty->index field 1294 * will be set by the time this is called. 1295 * 1296 * Locking: tty_mutex for now 1297 */ 1298 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1299 { 1300 if (driver->ops->remove) 1301 driver->ops->remove(driver, tty); 1302 else 1303 driver->ttys[tty->index] = NULL; 1304 } 1305 1306 /* 1307 * tty_reopen() - fast re-open of an open tty 1308 * @tty - the tty to open 1309 * 1310 * Return 0 on success, -errno on error. 1311 * 1312 * Locking: tty_mutex must be held from the time the tty was found 1313 * till this open completes. 1314 */ 1315 static int tty_reopen(struct tty_struct *tty) 1316 { 1317 struct tty_driver *driver = tty->driver; 1318 1319 if (test_bit(TTY_CLOSING, &tty->flags) || 1320 test_bit(TTY_HUPPING, &tty->flags) || 1321 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1322 return -EIO; 1323 1324 if (driver->type == TTY_DRIVER_TYPE_PTY && 1325 driver->subtype == PTY_TYPE_MASTER) { 1326 /* 1327 * special case for PTY masters: only one open permitted, 1328 * and the slave side open count is incremented as well. 1329 */ 1330 if (tty->count) 1331 return -EIO; 1332 1333 tty->link->count++; 1334 } 1335 tty->count++; 1336 tty->driver = driver; /* N.B. why do this every time?? */ 1337 1338 mutex_lock(&tty->ldisc_mutex); 1339 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1340 mutex_unlock(&tty->ldisc_mutex); 1341 1342 return 0; 1343 } 1344 1345 /** 1346 * tty_init_dev - initialise a tty device 1347 * @driver: tty driver we are opening a device on 1348 * @idx: device index 1349 * @ret_tty: returned tty structure 1350 * @first_ok: ok to open a new device (used by ptmx) 1351 * 1352 * Prepare a tty device. This may not be a "new" clean device but 1353 * could also be an active device. The pty drivers require special 1354 * handling because of this. 1355 * 1356 * Locking: 1357 * The function is called under the tty_mutex, which 1358 * protects us from the tty struct or driver itself going away. 1359 * 1360 * On exit the tty device has the line discipline attached and 1361 * a reference count of 1. If a pair was created for pty/tty use 1362 * and the other was a pty master then it too has a reference count of 1. 1363 * 1364 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1365 * failed open. The new code protects the open with a mutex, so it's 1366 * really quite straightforward. The mutex locking can probably be 1367 * relaxed for the (most common) case of reopening a tty. 1368 */ 1369 1370 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx, 1371 int first_ok) 1372 { 1373 struct tty_struct *tty; 1374 int retval; 1375 1376 /* Check if pty master is being opened multiple times */ 1377 if (driver->subtype == PTY_TYPE_MASTER && 1378 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) { 1379 return ERR_PTR(-EIO); 1380 } 1381 1382 /* 1383 * First time open is complex, especially for PTY devices. 1384 * This code guarantees that either everything succeeds and the 1385 * TTY is ready for operation, or else the table slots are vacated 1386 * and the allocated memory released. (Except that the termios 1387 * and locked termios may be retained.) 1388 */ 1389 1390 if (!try_module_get(driver->owner)) 1391 return ERR_PTR(-ENODEV); 1392 1393 tty = alloc_tty_struct(); 1394 if (!tty) { 1395 retval = -ENOMEM; 1396 goto err_module_put; 1397 } 1398 initialize_tty_struct(tty, driver, idx); 1399 1400 retval = tty_driver_install_tty(driver, tty); 1401 if (retval < 0) 1402 goto err_deinit_tty; 1403 1404 /* 1405 * Structures all installed ... call the ldisc open routines. 1406 * If we fail here just call release_tty to clean up. No need 1407 * to decrement the use counts, as release_tty doesn't care. 1408 */ 1409 retval = tty_ldisc_setup(tty, tty->link); 1410 if (retval) 1411 goto err_release_tty; 1412 return tty; 1413 1414 err_deinit_tty: 1415 deinitialize_tty_struct(tty); 1416 free_tty_struct(tty); 1417 err_module_put: 1418 module_put(driver->owner); 1419 return ERR_PTR(retval); 1420 1421 /* call the tty release_tty routine to clean out this slot */ 1422 err_release_tty: 1423 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, " 1424 "clearing slot %d\n", idx); 1425 release_tty(tty, idx); 1426 return ERR_PTR(retval); 1427 } 1428 1429 void tty_free_termios(struct tty_struct *tty) 1430 { 1431 struct ktermios *tp; 1432 int idx = tty->index; 1433 /* Kill this flag and push into drivers for locking etc */ 1434 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1435 /* FIXME: Locking on ->termios array */ 1436 tp = tty->termios; 1437 tty->driver->termios[idx] = NULL; 1438 kfree(tp); 1439 } 1440 } 1441 EXPORT_SYMBOL(tty_free_termios); 1442 1443 void tty_shutdown(struct tty_struct *tty) 1444 { 1445 tty_driver_remove_tty(tty->driver, tty); 1446 tty_free_termios(tty); 1447 } 1448 EXPORT_SYMBOL(tty_shutdown); 1449 1450 /** 1451 * release_one_tty - release tty structure memory 1452 * @kref: kref of tty we are obliterating 1453 * 1454 * Releases memory associated with a tty structure, and clears out the 1455 * driver table slots. This function is called when a device is no longer 1456 * in use. It also gets called when setup of a device fails. 1457 * 1458 * Locking: 1459 * tty_mutex - sometimes only 1460 * takes the file list lock internally when working on the list 1461 * of ttys that the driver keeps. 1462 * 1463 * This method gets called from a work queue so that the driver private 1464 * cleanup ops can sleep (needed for USB at least) 1465 */ 1466 static void release_one_tty(struct work_struct *work) 1467 { 1468 struct tty_struct *tty = 1469 container_of(work, struct tty_struct, hangup_work); 1470 struct tty_driver *driver = tty->driver; 1471 1472 if (tty->ops->cleanup) 1473 tty->ops->cleanup(tty); 1474 1475 tty->magic = 0; 1476 tty_driver_kref_put(driver); 1477 module_put(driver->owner); 1478 1479 spin_lock(&tty_files_lock); 1480 list_del_init(&tty->tty_files); 1481 spin_unlock(&tty_files_lock); 1482 1483 put_pid(tty->pgrp); 1484 put_pid(tty->session); 1485 free_tty_struct(tty); 1486 } 1487 1488 static void queue_release_one_tty(struct kref *kref) 1489 { 1490 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1491 1492 if (tty->ops->shutdown) 1493 tty->ops->shutdown(tty); 1494 else 1495 tty_shutdown(tty); 1496 1497 /* The hangup queue is now free so we can reuse it rather than 1498 waste a chunk of memory for each port */ 1499 INIT_WORK(&tty->hangup_work, release_one_tty); 1500 schedule_work(&tty->hangup_work); 1501 } 1502 1503 /** 1504 * tty_kref_put - release a tty kref 1505 * @tty: tty device 1506 * 1507 * Release a reference to a tty device and if need be let the kref 1508 * layer destruct the object for us 1509 */ 1510 1511 void tty_kref_put(struct tty_struct *tty) 1512 { 1513 if (tty) 1514 kref_put(&tty->kref, queue_release_one_tty); 1515 } 1516 EXPORT_SYMBOL(tty_kref_put); 1517 1518 /** 1519 * release_tty - release tty structure memory 1520 * 1521 * Release both @tty and a possible linked partner (think pty pair), 1522 * and decrement the refcount of the backing module. 1523 * 1524 * Locking: 1525 * tty_mutex - sometimes only 1526 * takes the file list lock internally when working on the list 1527 * of ttys that the driver keeps. 1528 * FIXME: should we require tty_mutex is held here ?? 1529 * 1530 */ 1531 static void release_tty(struct tty_struct *tty, int idx) 1532 { 1533 /* This should always be true but check for the moment */ 1534 WARN_ON(tty->index != idx); 1535 1536 if (tty->link) 1537 tty_kref_put(tty->link); 1538 tty_kref_put(tty); 1539 } 1540 1541 /** 1542 * tty_release - vfs callback for close 1543 * @inode: inode of tty 1544 * @filp: file pointer for handle to tty 1545 * 1546 * Called the last time each file handle is closed that references 1547 * this tty. There may however be several such references. 1548 * 1549 * Locking: 1550 * Takes bkl. See tty_release_dev 1551 * 1552 * Even releasing the tty structures is a tricky business.. We have 1553 * to be very careful that the structures are all released at the 1554 * same time, as interrupts might otherwise get the wrong pointers. 1555 * 1556 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1557 * lead to double frees or releasing memory still in use. 1558 */ 1559 1560 int tty_release(struct inode *inode, struct file *filp) 1561 { 1562 struct tty_struct *tty = file_tty(filp); 1563 struct tty_struct *o_tty; 1564 int pty_master, tty_closing, o_tty_closing, do_sleep; 1565 int devpts; 1566 int idx; 1567 char buf[64]; 1568 1569 if (tty_paranoia_check(tty, inode, "tty_release_dev")) 1570 return 0; 1571 1572 tty_lock(); 1573 check_tty_count(tty, "tty_release_dev"); 1574 1575 __tty_fasync(-1, filp, 0); 1576 1577 idx = tty->index; 1578 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1579 tty->driver->subtype == PTY_TYPE_MASTER); 1580 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1581 o_tty = tty->link; 1582 1583 #ifdef TTY_PARANOIA_CHECK 1584 if (idx < 0 || idx >= tty->driver->num) { 1585 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to " 1586 "free (%s)\n", tty->name); 1587 tty_unlock(); 1588 return 0; 1589 } 1590 if (!devpts) { 1591 if (tty != tty->driver->ttys[idx]) { 1592 tty_unlock(); 1593 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty " 1594 "for (%s)\n", idx, tty->name); 1595 return 0; 1596 } 1597 if (tty->termios != tty->driver->termios[idx]) { 1598 tty_unlock(); 1599 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios " 1600 "for (%s)\n", 1601 idx, tty->name); 1602 return 0; 1603 } 1604 } 1605 #endif 1606 1607 #ifdef TTY_DEBUG_HANGUP 1608 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...", 1609 tty_name(tty, buf), tty->count); 1610 #endif 1611 1612 #ifdef TTY_PARANOIA_CHECK 1613 if (tty->driver->other && 1614 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 1615 if (o_tty != tty->driver->other->ttys[idx]) { 1616 tty_unlock(); 1617 printk(KERN_DEBUG "tty_release_dev: other->table[%d] " 1618 "not o_tty for (%s)\n", 1619 idx, tty->name); 1620 return 0 ; 1621 } 1622 if (o_tty->termios != tty->driver->other->termios[idx]) { 1623 tty_unlock(); 1624 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] " 1625 "not o_termios for (%s)\n", 1626 idx, tty->name); 1627 return 0; 1628 } 1629 if (o_tty->link != tty) { 1630 tty_unlock(); 1631 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n"); 1632 return 0; 1633 } 1634 } 1635 #endif 1636 if (tty->ops->close) 1637 tty->ops->close(tty, filp); 1638 1639 tty_unlock(); 1640 /* 1641 * Sanity check: if tty->count is going to zero, there shouldn't be 1642 * any waiters on tty->read_wait or tty->write_wait. We test the 1643 * wait queues and kick everyone out _before_ actually starting to 1644 * close. This ensures that we won't block while releasing the tty 1645 * structure. 1646 * 1647 * The test for the o_tty closing is necessary, since the master and 1648 * slave sides may close in any order. If the slave side closes out 1649 * first, its count will be one, since the master side holds an open. 1650 * Thus this test wouldn't be triggered at the time the slave closes, 1651 * so we do it now. 1652 * 1653 * Note that it's possible for the tty to be opened again while we're 1654 * flushing out waiters. By recalculating the closing flags before 1655 * each iteration we avoid any problems. 1656 */ 1657 while (1) { 1658 /* Guard against races with tty->count changes elsewhere and 1659 opens on /dev/tty */ 1660 1661 mutex_lock(&tty_mutex); 1662 tty_lock(); 1663 tty_closing = tty->count <= 1; 1664 o_tty_closing = o_tty && 1665 (o_tty->count <= (pty_master ? 1 : 0)); 1666 do_sleep = 0; 1667 1668 if (tty_closing) { 1669 if (waitqueue_active(&tty->read_wait)) { 1670 wake_up_poll(&tty->read_wait, POLLIN); 1671 do_sleep++; 1672 } 1673 if (waitqueue_active(&tty->write_wait)) { 1674 wake_up_poll(&tty->write_wait, POLLOUT); 1675 do_sleep++; 1676 } 1677 } 1678 if (o_tty_closing) { 1679 if (waitqueue_active(&o_tty->read_wait)) { 1680 wake_up_poll(&o_tty->read_wait, POLLIN); 1681 do_sleep++; 1682 } 1683 if (waitqueue_active(&o_tty->write_wait)) { 1684 wake_up_poll(&o_tty->write_wait, POLLOUT); 1685 do_sleep++; 1686 } 1687 } 1688 if (!do_sleep) 1689 break; 1690 1691 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue " 1692 "active!\n", tty_name(tty, buf)); 1693 tty_unlock(); 1694 mutex_unlock(&tty_mutex); 1695 schedule(); 1696 } 1697 1698 /* 1699 * The closing flags are now consistent with the open counts on 1700 * both sides, and we've completed the last operation that could 1701 * block, so it's safe to proceed with closing. 1702 */ 1703 if (pty_master) { 1704 if (--o_tty->count < 0) { 1705 printk(KERN_WARNING "tty_release_dev: bad pty slave count " 1706 "(%d) for %s\n", 1707 o_tty->count, tty_name(o_tty, buf)); 1708 o_tty->count = 0; 1709 } 1710 } 1711 if (--tty->count < 0) { 1712 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n", 1713 tty->count, tty_name(tty, buf)); 1714 tty->count = 0; 1715 } 1716 1717 /* 1718 * We've decremented tty->count, so we need to remove this file 1719 * descriptor off the tty->tty_files list; this serves two 1720 * purposes: 1721 * - check_tty_count sees the correct number of file descriptors 1722 * associated with this tty. 1723 * - do_tty_hangup no longer sees this file descriptor as 1724 * something that needs to be handled for hangups. 1725 */ 1726 tty_del_file(filp); 1727 1728 /* 1729 * Perform some housekeeping before deciding whether to return. 1730 * 1731 * Set the TTY_CLOSING flag if this was the last open. In the 1732 * case of a pty we may have to wait around for the other side 1733 * to close, and TTY_CLOSING makes sure we can't be reopened. 1734 */ 1735 if (tty_closing) 1736 set_bit(TTY_CLOSING, &tty->flags); 1737 if (o_tty_closing) 1738 set_bit(TTY_CLOSING, &o_tty->flags); 1739 1740 /* 1741 * If _either_ side is closing, make sure there aren't any 1742 * processes that still think tty or o_tty is their controlling 1743 * tty. 1744 */ 1745 if (tty_closing || o_tty_closing) { 1746 read_lock(&tasklist_lock); 1747 session_clear_tty(tty->session); 1748 if (o_tty) 1749 session_clear_tty(o_tty->session); 1750 read_unlock(&tasklist_lock); 1751 } 1752 1753 mutex_unlock(&tty_mutex); 1754 1755 /* check whether both sides are closing ... */ 1756 if (!tty_closing || (o_tty && !o_tty_closing)) { 1757 tty_unlock(); 1758 return 0; 1759 } 1760 1761 #ifdef TTY_DEBUG_HANGUP 1762 printk(KERN_DEBUG "freeing tty structure..."); 1763 #endif 1764 /* 1765 * Ask the line discipline code to release its structures 1766 */ 1767 tty_ldisc_release(tty, o_tty); 1768 /* 1769 * The release_tty function takes care of the details of clearing 1770 * the slots and preserving the termios structure. 1771 */ 1772 release_tty(tty, idx); 1773 1774 /* Make this pty number available for reallocation */ 1775 if (devpts) 1776 devpts_kill_index(inode, idx); 1777 tty_unlock(); 1778 return 0; 1779 } 1780 1781 /** 1782 * tty_open - open a tty device 1783 * @inode: inode of device file 1784 * @filp: file pointer to tty 1785 * 1786 * tty_open and tty_release keep up the tty count that contains the 1787 * number of opens done on a tty. We cannot use the inode-count, as 1788 * different inodes might point to the same tty. 1789 * 1790 * Open-counting is needed for pty masters, as well as for keeping 1791 * track of serial lines: DTR is dropped when the last close happens. 1792 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1793 * 1794 * The termios state of a pty is reset on first open so that 1795 * settings don't persist across reuse. 1796 * 1797 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work. 1798 * tty->count should protect the rest. 1799 * ->siglock protects ->signal/->sighand 1800 */ 1801 1802 static int tty_open(struct inode *inode, struct file *filp) 1803 { 1804 struct tty_struct *tty = NULL; 1805 int noctty, retval; 1806 struct tty_driver *driver; 1807 int index; 1808 dev_t device = inode->i_rdev; 1809 unsigned saved_flags = filp->f_flags; 1810 1811 nonseekable_open(inode, filp); 1812 1813 retry_open: 1814 noctty = filp->f_flags & O_NOCTTY; 1815 index = -1; 1816 retval = 0; 1817 1818 mutex_lock(&tty_mutex); 1819 tty_lock(); 1820 1821 if (device == MKDEV(TTYAUX_MAJOR, 0)) { 1822 tty = get_current_tty(); 1823 if (!tty) { 1824 tty_unlock(); 1825 mutex_unlock(&tty_mutex); 1826 return -ENXIO; 1827 } 1828 driver = tty_driver_kref_get(tty->driver); 1829 index = tty->index; 1830 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1831 /* noctty = 1; */ 1832 /* FIXME: Should we take a driver reference ? */ 1833 tty_kref_put(tty); 1834 goto got_driver; 1835 } 1836 #ifdef CONFIG_VT 1837 if (device == MKDEV(TTY_MAJOR, 0)) { 1838 extern struct tty_driver *console_driver; 1839 driver = tty_driver_kref_get(console_driver); 1840 index = fg_console; 1841 noctty = 1; 1842 goto got_driver; 1843 } 1844 #endif 1845 if (device == MKDEV(TTYAUX_MAJOR, 1)) { 1846 struct tty_driver *console_driver = console_device(&index); 1847 if (console_driver) { 1848 driver = tty_driver_kref_get(console_driver); 1849 if (driver) { 1850 /* Don't let /dev/console block */ 1851 filp->f_flags |= O_NONBLOCK; 1852 noctty = 1; 1853 goto got_driver; 1854 } 1855 } 1856 tty_unlock(); 1857 mutex_unlock(&tty_mutex); 1858 return -ENODEV; 1859 } 1860 1861 driver = get_tty_driver(device, &index); 1862 if (!driver) { 1863 tty_unlock(); 1864 mutex_unlock(&tty_mutex); 1865 return -ENODEV; 1866 } 1867 got_driver: 1868 if (!tty) { 1869 /* check whether we're reopening an existing tty */ 1870 tty = tty_driver_lookup_tty(driver, inode, index); 1871 1872 if (IS_ERR(tty)) { 1873 tty_unlock(); 1874 mutex_unlock(&tty_mutex); 1875 return PTR_ERR(tty); 1876 } 1877 } 1878 1879 if (tty) { 1880 retval = tty_reopen(tty); 1881 if (retval) 1882 tty = ERR_PTR(retval); 1883 } else 1884 tty = tty_init_dev(driver, index, 0); 1885 1886 mutex_unlock(&tty_mutex); 1887 tty_driver_kref_put(driver); 1888 if (IS_ERR(tty)) { 1889 tty_unlock(); 1890 return PTR_ERR(tty); 1891 } 1892 1893 retval = tty_add_file(tty, filp); 1894 if (retval) { 1895 tty_unlock(); 1896 tty_release(inode, filp); 1897 return retval; 1898 } 1899 1900 check_tty_count(tty, "tty_open"); 1901 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1902 tty->driver->subtype == PTY_TYPE_MASTER) 1903 noctty = 1; 1904 #ifdef TTY_DEBUG_HANGUP 1905 printk(KERN_DEBUG "opening %s...", tty->name); 1906 #endif 1907 if (tty->ops->open) 1908 retval = tty->ops->open(tty, filp); 1909 else 1910 retval = -ENODEV; 1911 filp->f_flags = saved_flags; 1912 1913 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1914 !capable(CAP_SYS_ADMIN)) 1915 retval = -EBUSY; 1916 1917 if (retval) { 1918 #ifdef TTY_DEBUG_HANGUP 1919 printk(KERN_DEBUG "error %d in opening %s...", retval, 1920 tty->name); 1921 #endif 1922 tty_unlock(); /* need to call tty_release without BTM */ 1923 tty_release(inode, filp); 1924 if (retval != -ERESTARTSYS) 1925 return retval; 1926 1927 if (signal_pending(current)) 1928 return retval; 1929 1930 schedule(); 1931 /* 1932 * Need to reset f_op in case a hangup happened. 1933 */ 1934 tty_lock(); 1935 if (filp->f_op == &hung_up_tty_fops) 1936 filp->f_op = &tty_fops; 1937 tty_unlock(); 1938 goto retry_open; 1939 } 1940 tty_unlock(); 1941 1942 1943 mutex_lock(&tty_mutex); 1944 tty_lock(); 1945 spin_lock_irq(¤t->sighand->siglock); 1946 if (!noctty && 1947 current->signal->leader && 1948 !current->signal->tty && 1949 tty->session == NULL) 1950 __proc_set_tty(current, tty); 1951 spin_unlock_irq(¤t->sighand->siglock); 1952 tty_unlock(); 1953 mutex_unlock(&tty_mutex); 1954 return 0; 1955 } 1956 1957 1958 1959 /** 1960 * tty_poll - check tty status 1961 * @filp: file being polled 1962 * @wait: poll wait structures to update 1963 * 1964 * Call the line discipline polling method to obtain the poll 1965 * status of the device. 1966 * 1967 * Locking: locks called line discipline but ldisc poll method 1968 * may be re-entered freely by other callers. 1969 */ 1970 1971 static unsigned int tty_poll(struct file *filp, poll_table *wait) 1972 { 1973 struct tty_struct *tty = file_tty(filp); 1974 struct tty_ldisc *ld; 1975 int ret = 0; 1976 1977 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 1978 return 0; 1979 1980 ld = tty_ldisc_ref_wait(tty); 1981 if (ld->ops->poll) 1982 ret = (ld->ops->poll)(tty, filp, wait); 1983 tty_ldisc_deref(ld); 1984 return ret; 1985 } 1986 1987 static int __tty_fasync(int fd, struct file *filp, int on) 1988 { 1989 struct tty_struct *tty = file_tty(filp); 1990 unsigned long flags; 1991 int retval = 0; 1992 1993 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 1994 goto out; 1995 1996 retval = fasync_helper(fd, filp, on, &tty->fasync); 1997 if (retval <= 0) 1998 goto out; 1999 2000 if (on) { 2001 enum pid_type type; 2002 struct pid *pid; 2003 if (!waitqueue_active(&tty->read_wait)) 2004 tty->minimum_to_wake = 1; 2005 spin_lock_irqsave(&tty->ctrl_lock, flags); 2006 if (tty->pgrp) { 2007 pid = tty->pgrp; 2008 type = PIDTYPE_PGID; 2009 } else { 2010 pid = task_pid(current); 2011 type = PIDTYPE_PID; 2012 } 2013 get_pid(pid); 2014 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2015 retval = __f_setown(filp, pid, type, 0); 2016 put_pid(pid); 2017 if (retval) 2018 goto out; 2019 } else { 2020 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2021 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2022 } 2023 retval = 0; 2024 out: 2025 return retval; 2026 } 2027 2028 static int tty_fasync(int fd, struct file *filp, int on) 2029 { 2030 int retval; 2031 tty_lock(); 2032 retval = __tty_fasync(fd, filp, on); 2033 tty_unlock(); 2034 return retval; 2035 } 2036 2037 /** 2038 * tiocsti - fake input character 2039 * @tty: tty to fake input into 2040 * @p: pointer to character 2041 * 2042 * Fake input to a tty device. Does the necessary locking and 2043 * input management. 2044 * 2045 * FIXME: does not honour flow control ?? 2046 * 2047 * Locking: 2048 * Called functions take tty_ldisc_lock 2049 * current->signal->tty check is safe without locks 2050 * 2051 * FIXME: may race normal receive processing 2052 */ 2053 2054 static int tiocsti(struct tty_struct *tty, char __user *p) 2055 { 2056 char ch, mbz = 0; 2057 struct tty_ldisc *ld; 2058 2059 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2060 return -EPERM; 2061 if (get_user(ch, p)) 2062 return -EFAULT; 2063 tty_audit_tiocsti(tty, ch); 2064 ld = tty_ldisc_ref_wait(tty); 2065 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2066 tty_ldisc_deref(ld); 2067 return 0; 2068 } 2069 2070 /** 2071 * tiocgwinsz - implement window query ioctl 2072 * @tty; tty 2073 * @arg: user buffer for result 2074 * 2075 * Copies the kernel idea of the window size into the user buffer. 2076 * 2077 * Locking: tty->termios_mutex is taken to ensure the winsize data 2078 * is consistent. 2079 */ 2080 2081 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2082 { 2083 int err; 2084 2085 mutex_lock(&tty->termios_mutex); 2086 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2087 mutex_unlock(&tty->termios_mutex); 2088 2089 return err ? -EFAULT: 0; 2090 } 2091 2092 /** 2093 * tty_do_resize - resize event 2094 * @tty: tty being resized 2095 * @rows: rows (character) 2096 * @cols: cols (character) 2097 * 2098 * Update the termios variables and send the necessary signals to 2099 * peform a terminal resize correctly 2100 */ 2101 2102 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2103 { 2104 struct pid *pgrp; 2105 unsigned long flags; 2106 2107 /* Lock the tty */ 2108 mutex_lock(&tty->termios_mutex); 2109 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2110 goto done; 2111 /* Get the PID values and reference them so we can 2112 avoid holding the tty ctrl lock while sending signals */ 2113 spin_lock_irqsave(&tty->ctrl_lock, flags); 2114 pgrp = get_pid(tty->pgrp); 2115 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2116 2117 if (pgrp) 2118 kill_pgrp(pgrp, SIGWINCH, 1); 2119 put_pid(pgrp); 2120 2121 tty->winsize = *ws; 2122 done: 2123 mutex_unlock(&tty->termios_mutex); 2124 return 0; 2125 } 2126 2127 /** 2128 * tiocswinsz - implement window size set ioctl 2129 * @tty; tty side of tty 2130 * @arg: user buffer for result 2131 * 2132 * Copies the user idea of the window size to the kernel. Traditionally 2133 * this is just advisory information but for the Linux console it 2134 * actually has driver level meaning and triggers a VC resize. 2135 * 2136 * Locking: 2137 * Driver dependent. The default do_resize method takes the 2138 * tty termios mutex and ctrl_lock. The console takes its own lock 2139 * then calls into the default method. 2140 */ 2141 2142 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2143 { 2144 struct winsize tmp_ws; 2145 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2146 return -EFAULT; 2147 2148 if (tty->ops->resize) 2149 return tty->ops->resize(tty, &tmp_ws); 2150 else 2151 return tty_do_resize(tty, &tmp_ws); 2152 } 2153 2154 /** 2155 * tioccons - allow admin to move logical console 2156 * @file: the file to become console 2157 * 2158 * Allow the administrator to move the redirected console device 2159 * 2160 * Locking: uses redirect_lock to guard the redirect information 2161 */ 2162 2163 static int tioccons(struct file *file) 2164 { 2165 if (!capable(CAP_SYS_ADMIN)) 2166 return -EPERM; 2167 if (file->f_op->write == redirected_tty_write) { 2168 struct file *f; 2169 spin_lock(&redirect_lock); 2170 f = redirect; 2171 redirect = NULL; 2172 spin_unlock(&redirect_lock); 2173 if (f) 2174 fput(f); 2175 return 0; 2176 } 2177 spin_lock(&redirect_lock); 2178 if (redirect) { 2179 spin_unlock(&redirect_lock); 2180 return -EBUSY; 2181 } 2182 get_file(file); 2183 redirect = file; 2184 spin_unlock(&redirect_lock); 2185 return 0; 2186 } 2187 2188 /** 2189 * fionbio - non blocking ioctl 2190 * @file: file to set blocking value 2191 * @p: user parameter 2192 * 2193 * Historical tty interfaces had a blocking control ioctl before 2194 * the generic functionality existed. This piece of history is preserved 2195 * in the expected tty API of posix OS's. 2196 * 2197 * Locking: none, the open file handle ensures it won't go away. 2198 */ 2199 2200 static int fionbio(struct file *file, int __user *p) 2201 { 2202 int nonblock; 2203 2204 if (get_user(nonblock, p)) 2205 return -EFAULT; 2206 2207 spin_lock(&file->f_lock); 2208 if (nonblock) 2209 file->f_flags |= O_NONBLOCK; 2210 else 2211 file->f_flags &= ~O_NONBLOCK; 2212 spin_unlock(&file->f_lock); 2213 return 0; 2214 } 2215 2216 /** 2217 * tiocsctty - set controlling tty 2218 * @tty: tty structure 2219 * @arg: user argument 2220 * 2221 * This ioctl is used to manage job control. It permits a session 2222 * leader to set this tty as the controlling tty for the session. 2223 * 2224 * Locking: 2225 * Takes tty_mutex() to protect tty instance 2226 * Takes tasklist_lock internally to walk sessions 2227 * Takes ->siglock() when updating signal->tty 2228 */ 2229 2230 static int tiocsctty(struct tty_struct *tty, int arg) 2231 { 2232 int ret = 0; 2233 if (current->signal->leader && (task_session(current) == tty->session)) 2234 return ret; 2235 2236 mutex_lock(&tty_mutex); 2237 /* 2238 * The process must be a session leader and 2239 * not have a controlling tty already. 2240 */ 2241 if (!current->signal->leader || current->signal->tty) { 2242 ret = -EPERM; 2243 goto unlock; 2244 } 2245 2246 if (tty->session) { 2247 /* 2248 * This tty is already the controlling 2249 * tty for another session group! 2250 */ 2251 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2252 /* 2253 * Steal it away 2254 */ 2255 read_lock(&tasklist_lock); 2256 session_clear_tty(tty->session); 2257 read_unlock(&tasklist_lock); 2258 } else { 2259 ret = -EPERM; 2260 goto unlock; 2261 } 2262 } 2263 proc_set_tty(current, tty); 2264 unlock: 2265 mutex_unlock(&tty_mutex); 2266 return ret; 2267 } 2268 2269 /** 2270 * tty_get_pgrp - return a ref counted pgrp pid 2271 * @tty: tty to read 2272 * 2273 * Returns a refcounted instance of the pid struct for the process 2274 * group controlling the tty. 2275 */ 2276 2277 struct pid *tty_get_pgrp(struct tty_struct *tty) 2278 { 2279 unsigned long flags; 2280 struct pid *pgrp; 2281 2282 spin_lock_irqsave(&tty->ctrl_lock, flags); 2283 pgrp = get_pid(tty->pgrp); 2284 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2285 2286 return pgrp; 2287 } 2288 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2289 2290 /** 2291 * tiocgpgrp - get process group 2292 * @tty: tty passed by user 2293 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2294 * @p: returned pid 2295 * 2296 * Obtain the process group of the tty. If there is no process group 2297 * return an error. 2298 * 2299 * Locking: none. Reference to current->signal->tty is safe. 2300 */ 2301 2302 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2303 { 2304 struct pid *pid; 2305 int ret; 2306 /* 2307 * (tty == real_tty) is a cheap way of 2308 * testing if the tty is NOT a master pty. 2309 */ 2310 if (tty == real_tty && current->signal->tty != real_tty) 2311 return -ENOTTY; 2312 pid = tty_get_pgrp(real_tty); 2313 ret = put_user(pid_vnr(pid), p); 2314 put_pid(pid); 2315 return ret; 2316 } 2317 2318 /** 2319 * tiocspgrp - attempt to set process group 2320 * @tty: tty passed by user 2321 * @real_tty: tty side device matching tty passed by user 2322 * @p: pid pointer 2323 * 2324 * Set the process group of the tty to the session passed. Only 2325 * permitted where the tty session is our session. 2326 * 2327 * Locking: RCU, ctrl lock 2328 */ 2329 2330 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2331 { 2332 struct pid *pgrp; 2333 pid_t pgrp_nr; 2334 int retval = tty_check_change(real_tty); 2335 unsigned long flags; 2336 2337 if (retval == -EIO) 2338 return -ENOTTY; 2339 if (retval) 2340 return retval; 2341 if (!current->signal->tty || 2342 (current->signal->tty != real_tty) || 2343 (real_tty->session != task_session(current))) 2344 return -ENOTTY; 2345 if (get_user(pgrp_nr, p)) 2346 return -EFAULT; 2347 if (pgrp_nr < 0) 2348 return -EINVAL; 2349 rcu_read_lock(); 2350 pgrp = find_vpid(pgrp_nr); 2351 retval = -ESRCH; 2352 if (!pgrp) 2353 goto out_unlock; 2354 retval = -EPERM; 2355 if (session_of_pgrp(pgrp) != task_session(current)) 2356 goto out_unlock; 2357 retval = 0; 2358 spin_lock_irqsave(&tty->ctrl_lock, flags); 2359 put_pid(real_tty->pgrp); 2360 real_tty->pgrp = get_pid(pgrp); 2361 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2362 out_unlock: 2363 rcu_read_unlock(); 2364 return retval; 2365 } 2366 2367 /** 2368 * tiocgsid - get session id 2369 * @tty: tty passed by user 2370 * @real_tty: tty side of the tty passed by the user if a pty else the tty 2371 * @p: pointer to returned session id 2372 * 2373 * Obtain the session id of the tty. If there is no session 2374 * return an error. 2375 * 2376 * Locking: none. Reference to current->signal->tty is safe. 2377 */ 2378 2379 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2380 { 2381 /* 2382 * (tty == real_tty) is a cheap way of 2383 * testing if the tty is NOT a master pty. 2384 */ 2385 if (tty == real_tty && current->signal->tty != real_tty) 2386 return -ENOTTY; 2387 if (!real_tty->session) 2388 return -ENOTTY; 2389 return put_user(pid_vnr(real_tty->session), p); 2390 } 2391 2392 /** 2393 * tiocsetd - set line discipline 2394 * @tty: tty device 2395 * @p: pointer to user data 2396 * 2397 * Set the line discipline according to user request. 2398 * 2399 * Locking: see tty_set_ldisc, this function is just a helper 2400 */ 2401 2402 static int tiocsetd(struct tty_struct *tty, int __user *p) 2403 { 2404 int ldisc; 2405 int ret; 2406 2407 if (get_user(ldisc, p)) 2408 return -EFAULT; 2409 2410 ret = tty_set_ldisc(tty, ldisc); 2411 2412 return ret; 2413 } 2414 2415 /** 2416 * send_break - performed time break 2417 * @tty: device to break on 2418 * @duration: timeout in mS 2419 * 2420 * Perform a timed break on hardware that lacks its own driver level 2421 * timed break functionality. 2422 * 2423 * Locking: 2424 * atomic_write_lock serializes 2425 * 2426 */ 2427 2428 static int send_break(struct tty_struct *tty, unsigned int duration) 2429 { 2430 int retval; 2431 2432 if (tty->ops->break_ctl == NULL) 2433 return 0; 2434 2435 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2436 retval = tty->ops->break_ctl(tty, duration); 2437 else { 2438 /* Do the work ourselves */ 2439 if (tty_write_lock(tty, 0) < 0) 2440 return -EINTR; 2441 retval = tty->ops->break_ctl(tty, -1); 2442 if (retval) 2443 goto out; 2444 if (!signal_pending(current)) 2445 msleep_interruptible(duration); 2446 retval = tty->ops->break_ctl(tty, 0); 2447 out: 2448 tty_write_unlock(tty); 2449 if (signal_pending(current)) 2450 retval = -EINTR; 2451 } 2452 return retval; 2453 } 2454 2455 /** 2456 * tty_tiocmget - get modem status 2457 * @tty: tty device 2458 * @file: user file pointer 2459 * @p: pointer to result 2460 * 2461 * Obtain the modem status bits from the tty driver if the feature 2462 * is supported. Return -EINVAL if it is not available. 2463 * 2464 * Locking: none (up to the driver) 2465 */ 2466 2467 static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2468 { 2469 int retval = -EINVAL; 2470 2471 if (tty->ops->tiocmget) { 2472 retval = tty->ops->tiocmget(tty); 2473 2474 if (retval >= 0) 2475 retval = put_user(retval, p); 2476 } 2477 return retval; 2478 } 2479 2480 /** 2481 * tty_tiocmset - set modem status 2482 * @tty: tty device 2483 * @cmd: command - clear bits, set bits or set all 2484 * @p: pointer to desired bits 2485 * 2486 * Set the modem status bits from the tty driver if the feature 2487 * is supported. Return -EINVAL if it is not available. 2488 * 2489 * Locking: none (up to the driver) 2490 */ 2491 2492 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2493 unsigned __user *p) 2494 { 2495 int retval; 2496 unsigned int set, clear, val; 2497 2498 if (tty->ops->tiocmset == NULL) 2499 return -EINVAL; 2500 2501 retval = get_user(val, p); 2502 if (retval) 2503 return retval; 2504 set = clear = 0; 2505 switch (cmd) { 2506 case TIOCMBIS: 2507 set = val; 2508 break; 2509 case TIOCMBIC: 2510 clear = val; 2511 break; 2512 case TIOCMSET: 2513 set = val; 2514 clear = ~val; 2515 break; 2516 } 2517 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2518 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2519 return tty->ops->tiocmset(tty, set, clear); 2520 } 2521 2522 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2523 { 2524 int retval = -EINVAL; 2525 struct serial_icounter_struct icount; 2526 memset(&icount, 0, sizeof(icount)); 2527 if (tty->ops->get_icount) 2528 retval = tty->ops->get_icount(tty, &icount); 2529 if (retval != 0) 2530 return retval; 2531 if (copy_to_user(arg, &icount, sizeof(icount))) 2532 return -EFAULT; 2533 return 0; 2534 } 2535 2536 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2537 { 2538 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2539 tty->driver->subtype == PTY_TYPE_MASTER) 2540 tty = tty->link; 2541 return tty; 2542 } 2543 EXPORT_SYMBOL(tty_pair_get_tty); 2544 2545 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2546 { 2547 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2548 tty->driver->subtype == PTY_TYPE_MASTER) 2549 return tty; 2550 return tty->link; 2551 } 2552 EXPORT_SYMBOL(tty_pair_get_pty); 2553 2554 /* 2555 * Split this up, as gcc can choke on it otherwise.. 2556 */ 2557 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2558 { 2559 struct tty_struct *tty = file_tty(file); 2560 struct tty_struct *real_tty; 2561 void __user *p = (void __user *)arg; 2562 int retval; 2563 struct tty_ldisc *ld; 2564 struct inode *inode = file->f_dentry->d_inode; 2565 2566 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2567 return -EINVAL; 2568 2569 real_tty = tty_pair_get_tty(tty); 2570 2571 /* 2572 * Factor out some common prep work 2573 */ 2574 switch (cmd) { 2575 case TIOCSETD: 2576 case TIOCSBRK: 2577 case TIOCCBRK: 2578 case TCSBRK: 2579 case TCSBRKP: 2580 retval = tty_check_change(tty); 2581 if (retval) 2582 return retval; 2583 if (cmd != TIOCCBRK) { 2584 tty_wait_until_sent(tty, 0); 2585 if (signal_pending(current)) 2586 return -EINTR; 2587 } 2588 break; 2589 } 2590 2591 /* 2592 * Now do the stuff. 2593 */ 2594 switch (cmd) { 2595 case TIOCSTI: 2596 return tiocsti(tty, p); 2597 case TIOCGWINSZ: 2598 return tiocgwinsz(real_tty, p); 2599 case TIOCSWINSZ: 2600 return tiocswinsz(real_tty, p); 2601 case TIOCCONS: 2602 return real_tty != tty ? -EINVAL : tioccons(file); 2603 case FIONBIO: 2604 return fionbio(file, p); 2605 case TIOCEXCL: 2606 set_bit(TTY_EXCLUSIVE, &tty->flags); 2607 return 0; 2608 case TIOCNXCL: 2609 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2610 return 0; 2611 case TIOCNOTTY: 2612 if (current->signal->tty != tty) 2613 return -ENOTTY; 2614 no_tty(); 2615 return 0; 2616 case TIOCSCTTY: 2617 return tiocsctty(tty, arg); 2618 case TIOCGPGRP: 2619 return tiocgpgrp(tty, real_tty, p); 2620 case TIOCSPGRP: 2621 return tiocspgrp(tty, real_tty, p); 2622 case TIOCGSID: 2623 return tiocgsid(tty, real_tty, p); 2624 case TIOCGETD: 2625 return put_user(tty->ldisc->ops->num, (int __user *)p); 2626 case TIOCSETD: 2627 return tiocsetd(tty, p); 2628 case TIOCVHANGUP: 2629 if (!capable(CAP_SYS_ADMIN)) 2630 return -EPERM; 2631 tty_vhangup(tty); 2632 return 0; 2633 case TIOCGDEV: 2634 { 2635 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2636 return put_user(ret, (unsigned int __user *)p); 2637 } 2638 /* 2639 * Break handling 2640 */ 2641 case TIOCSBRK: /* Turn break on, unconditionally */ 2642 if (tty->ops->break_ctl) 2643 return tty->ops->break_ctl(tty, -1); 2644 return 0; 2645 case TIOCCBRK: /* Turn break off, unconditionally */ 2646 if (tty->ops->break_ctl) 2647 return tty->ops->break_ctl(tty, 0); 2648 return 0; 2649 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2650 /* non-zero arg means wait for all output data 2651 * to be sent (performed above) but don't send break. 2652 * This is used by the tcdrain() termios function. 2653 */ 2654 if (!arg) 2655 return send_break(tty, 250); 2656 return 0; 2657 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2658 return send_break(tty, arg ? arg*100 : 250); 2659 2660 case TIOCMGET: 2661 return tty_tiocmget(tty, p); 2662 case TIOCMSET: 2663 case TIOCMBIC: 2664 case TIOCMBIS: 2665 return tty_tiocmset(tty, cmd, p); 2666 case TIOCGICOUNT: 2667 retval = tty_tiocgicount(tty, p); 2668 /* For the moment allow fall through to the old method */ 2669 if (retval != -EINVAL) 2670 return retval; 2671 break; 2672 case TCFLSH: 2673 switch (arg) { 2674 case TCIFLUSH: 2675 case TCIOFLUSH: 2676 /* flush tty buffer and allow ldisc to process ioctl */ 2677 tty_buffer_flush(tty); 2678 break; 2679 } 2680 break; 2681 } 2682 if (tty->ops->ioctl) { 2683 retval = (tty->ops->ioctl)(tty, cmd, arg); 2684 if (retval != -ENOIOCTLCMD) 2685 return retval; 2686 } 2687 ld = tty_ldisc_ref_wait(tty); 2688 retval = -EINVAL; 2689 if (ld->ops->ioctl) { 2690 retval = ld->ops->ioctl(tty, file, cmd, arg); 2691 if (retval == -ENOIOCTLCMD) 2692 retval = -EINVAL; 2693 } 2694 tty_ldisc_deref(ld); 2695 return retval; 2696 } 2697 2698 #ifdef CONFIG_COMPAT 2699 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2700 unsigned long arg) 2701 { 2702 struct inode *inode = file->f_dentry->d_inode; 2703 struct tty_struct *tty = file_tty(file); 2704 struct tty_ldisc *ld; 2705 int retval = -ENOIOCTLCMD; 2706 2707 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2708 return -EINVAL; 2709 2710 if (tty->ops->compat_ioctl) { 2711 retval = (tty->ops->compat_ioctl)(tty, cmd, arg); 2712 if (retval != -ENOIOCTLCMD) 2713 return retval; 2714 } 2715 2716 ld = tty_ldisc_ref_wait(tty); 2717 if (ld->ops->compat_ioctl) 2718 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2719 tty_ldisc_deref(ld); 2720 2721 return retval; 2722 } 2723 #endif 2724 2725 /* 2726 * This implements the "Secure Attention Key" --- the idea is to 2727 * prevent trojan horses by killing all processes associated with this 2728 * tty when the user hits the "Secure Attention Key". Required for 2729 * super-paranoid applications --- see the Orange Book for more details. 2730 * 2731 * This code could be nicer; ideally it should send a HUP, wait a few 2732 * seconds, then send a INT, and then a KILL signal. But you then 2733 * have to coordinate with the init process, since all processes associated 2734 * with the current tty must be dead before the new getty is allowed 2735 * to spawn. 2736 * 2737 * Now, if it would be correct ;-/ The current code has a nasty hole - 2738 * it doesn't catch files in flight. We may send the descriptor to ourselves 2739 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2740 * 2741 * Nasty bug: do_SAK is being called in interrupt context. This can 2742 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2743 */ 2744 void __do_SAK(struct tty_struct *tty) 2745 { 2746 #ifdef TTY_SOFT_SAK 2747 tty_hangup(tty); 2748 #else 2749 struct task_struct *g, *p; 2750 struct pid *session; 2751 int i; 2752 struct file *filp; 2753 struct fdtable *fdt; 2754 2755 if (!tty) 2756 return; 2757 session = tty->session; 2758 2759 tty_ldisc_flush(tty); 2760 2761 tty_driver_flush_buffer(tty); 2762 2763 read_lock(&tasklist_lock); 2764 /* Kill the entire session */ 2765 do_each_pid_task(session, PIDTYPE_SID, p) { 2766 printk(KERN_NOTICE "SAK: killed process %d" 2767 " (%s): task_session(p)==tty->session\n", 2768 task_pid_nr(p), p->comm); 2769 send_sig(SIGKILL, p, 1); 2770 } while_each_pid_task(session, PIDTYPE_SID, p); 2771 /* Now kill any processes that happen to have the 2772 * tty open. 2773 */ 2774 do_each_thread(g, p) { 2775 if (p->signal->tty == tty) { 2776 printk(KERN_NOTICE "SAK: killed process %d" 2777 " (%s): task_session(p)==tty->session\n", 2778 task_pid_nr(p), p->comm); 2779 send_sig(SIGKILL, p, 1); 2780 continue; 2781 } 2782 task_lock(p); 2783 if (p->files) { 2784 /* 2785 * We don't take a ref to the file, so we must 2786 * hold ->file_lock instead. 2787 */ 2788 spin_lock(&p->files->file_lock); 2789 fdt = files_fdtable(p->files); 2790 for (i = 0; i < fdt->max_fds; i++) { 2791 filp = fcheck_files(p->files, i); 2792 if (!filp) 2793 continue; 2794 if (filp->f_op->read == tty_read && 2795 file_tty(filp) == tty) { 2796 printk(KERN_NOTICE "SAK: killed process %d" 2797 " (%s): fd#%d opened to the tty\n", 2798 task_pid_nr(p), p->comm, i); 2799 force_sig(SIGKILL, p); 2800 break; 2801 } 2802 } 2803 spin_unlock(&p->files->file_lock); 2804 } 2805 task_unlock(p); 2806 } while_each_thread(g, p); 2807 read_unlock(&tasklist_lock); 2808 #endif 2809 } 2810 2811 static void do_SAK_work(struct work_struct *work) 2812 { 2813 struct tty_struct *tty = 2814 container_of(work, struct tty_struct, SAK_work); 2815 __do_SAK(tty); 2816 } 2817 2818 /* 2819 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2820 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2821 * the values which we write to it will be identical to the values which it 2822 * already has. --akpm 2823 */ 2824 void do_SAK(struct tty_struct *tty) 2825 { 2826 if (!tty) 2827 return; 2828 schedule_work(&tty->SAK_work); 2829 } 2830 2831 EXPORT_SYMBOL(do_SAK); 2832 2833 static int dev_match_devt(struct device *dev, void *data) 2834 { 2835 dev_t *devt = data; 2836 return dev->devt == *devt; 2837 } 2838 2839 /* Must put_device() after it's unused! */ 2840 static struct device *tty_get_device(struct tty_struct *tty) 2841 { 2842 dev_t devt = tty_devnum(tty); 2843 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2844 } 2845 2846 2847 /** 2848 * initialize_tty_struct 2849 * @tty: tty to initialize 2850 * 2851 * This subroutine initializes a tty structure that has been newly 2852 * allocated. 2853 * 2854 * Locking: none - tty in question must not be exposed at this point 2855 */ 2856 2857 void initialize_tty_struct(struct tty_struct *tty, 2858 struct tty_driver *driver, int idx) 2859 { 2860 memset(tty, 0, sizeof(struct tty_struct)); 2861 kref_init(&tty->kref); 2862 tty->magic = TTY_MAGIC; 2863 tty_ldisc_init(tty); 2864 tty->session = NULL; 2865 tty->pgrp = NULL; 2866 tty->overrun_time = jiffies; 2867 tty->buf.head = tty->buf.tail = NULL; 2868 tty_buffer_init(tty); 2869 mutex_init(&tty->termios_mutex); 2870 mutex_init(&tty->ldisc_mutex); 2871 init_waitqueue_head(&tty->write_wait); 2872 init_waitqueue_head(&tty->read_wait); 2873 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2874 mutex_init(&tty->atomic_read_lock); 2875 mutex_init(&tty->atomic_write_lock); 2876 mutex_init(&tty->output_lock); 2877 mutex_init(&tty->echo_lock); 2878 spin_lock_init(&tty->read_lock); 2879 spin_lock_init(&tty->ctrl_lock); 2880 INIT_LIST_HEAD(&tty->tty_files); 2881 INIT_WORK(&tty->SAK_work, do_SAK_work); 2882 2883 tty->driver = driver; 2884 tty->ops = driver->ops; 2885 tty->index = idx; 2886 tty_line_name(driver, idx, tty->name); 2887 tty->dev = tty_get_device(tty); 2888 } 2889 2890 /** 2891 * deinitialize_tty_struct 2892 * @tty: tty to deinitialize 2893 * 2894 * This subroutine deinitializes a tty structure that has been newly 2895 * allocated but tty_release cannot be called on that yet. 2896 * 2897 * Locking: none - tty in question must not be exposed at this point 2898 */ 2899 void deinitialize_tty_struct(struct tty_struct *tty) 2900 { 2901 tty_ldisc_deinit(tty); 2902 } 2903 2904 /** 2905 * tty_put_char - write one character to a tty 2906 * @tty: tty 2907 * @ch: character 2908 * 2909 * Write one byte to the tty using the provided put_char method 2910 * if present. Returns the number of characters successfully output. 2911 * 2912 * Note: the specific put_char operation in the driver layer may go 2913 * away soon. Don't call it directly, use this method 2914 */ 2915 2916 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2917 { 2918 if (tty->ops->put_char) 2919 return tty->ops->put_char(tty, ch); 2920 return tty->ops->write(tty, &ch, 1); 2921 } 2922 EXPORT_SYMBOL_GPL(tty_put_char); 2923 2924 struct class *tty_class; 2925 2926 /** 2927 * tty_register_device - register a tty device 2928 * @driver: the tty driver that describes the tty device 2929 * @index: the index in the tty driver for this tty device 2930 * @device: a struct device that is associated with this tty device. 2931 * This field is optional, if there is no known struct device 2932 * for this tty device it can be set to NULL safely. 2933 * 2934 * Returns a pointer to the struct device for this tty device 2935 * (or ERR_PTR(-EFOO) on error). 2936 * 2937 * This call is required to be made to register an individual tty device 2938 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 2939 * that bit is not set, this function should not be called by a tty 2940 * driver. 2941 * 2942 * Locking: ?? 2943 */ 2944 2945 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 2946 struct device *device) 2947 { 2948 char name[64]; 2949 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 2950 2951 if (index >= driver->num) { 2952 printk(KERN_ERR "Attempt to register invalid tty line number " 2953 " (%d).\n", index); 2954 return ERR_PTR(-EINVAL); 2955 } 2956 2957 if (driver->type == TTY_DRIVER_TYPE_PTY) 2958 pty_line_name(driver, index, name); 2959 else 2960 tty_line_name(driver, index, name); 2961 2962 return device_create(tty_class, device, dev, NULL, name); 2963 } 2964 EXPORT_SYMBOL(tty_register_device); 2965 2966 /** 2967 * tty_unregister_device - unregister a tty device 2968 * @driver: the tty driver that describes the tty device 2969 * @index: the index in the tty driver for this tty device 2970 * 2971 * If a tty device is registered with a call to tty_register_device() then 2972 * this function must be called when the tty device is gone. 2973 * 2974 * Locking: ?? 2975 */ 2976 2977 void tty_unregister_device(struct tty_driver *driver, unsigned index) 2978 { 2979 device_destroy(tty_class, 2980 MKDEV(driver->major, driver->minor_start) + index); 2981 } 2982 EXPORT_SYMBOL(tty_unregister_device); 2983 2984 struct tty_driver *alloc_tty_driver(int lines) 2985 { 2986 struct tty_driver *driver; 2987 2988 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 2989 if (driver) { 2990 kref_init(&driver->kref); 2991 driver->magic = TTY_DRIVER_MAGIC; 2992 driver->num = lines; 2993 /* later we'll move allocation of tables here */ 2994 } 2995 return driver; 2996 } 2997 EXPORT_SYMBOL(alloc_tty_driver); 2998 2999 static void destruct_tty_driver(struct kref *kref) 3000 { 3001 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3002 int i; 3003 struct ktermios *tp; 3004 void *p; 3005 3006 if (driver->flags & TTY_DRIVER_INSTALLED) { 3007 /* 3008 * Free the termios and termios_locked structures because 3009 * we don't want to get memory leaks when modular tty 3010 * drivers are removed from the kernel. 3011 */ 3012 for (i = 0; i < driver->num; i++) { 3013 tp = driver->termios[i]; 3014 if (tp) { 3015 driver->termios[i] = NULL; 3016 kfree(tp); 3017 } 3018 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3019 tty_unregister_device(driver, i); 3020 } 3021 p = driver->ttys; 3022 proc_tty_unregister_driver(driver); 3023 driver->ttys = NULL; 3024 driver->termios = NULL; 3025 kfree(p); 3026 cdev_del(&driver->cdev); 3027 } 3028 kfree(driver); 3029 } 3030 3031 void tty_driver_kref_put(struct tty_driver *driver) 3032 { 3033 kref_put(&driver->kref, destruct_tty_driver); 3034 } 3035 EXPORT_SYMBOL(tty_driver_kref_put); 3036 3037 void tty_set_operations(struct tty_driver *driver, 3038 const struct tty_operations *op) 3039 { 3040 driver->ops = op; 3041 }; 3042 EXPORT_SYMBOL(tty_set_operations); 3043 3044 void put_tty_driver(struct tty_driver *d) 3045 { 3046 tty_driver_kref_put(d); 3047 } 3048 EXPORT_SYMBOL(put_tty_driver); 3049 3050 /* 3051 * Called by a tty driver to register itself. 3052 */ 3053 int tty_register_driver(struct tty_driver *driver) 3054 { 3055 int error; 3056 int i; 3057 dev_t dev; 3058 void **p = NULL; 3059 struct device *d; 3060 3061 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3062 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3063 if (!p) 3064 return -ENOMEM; 3065 } 3066 3067 if (!driver->major) { 3068 error = alloc_chrdev_region(&dev, driver->minor_start, 3069 driver->num, driver->name); 3070 if (!error) { 3071 driver->major = MAJOR(dev); 3072 driver->minor_start = MINOR(dev); 3073 } 3074 } else { 3075 dev = MKDEV(driver->major, driver->minor_start); 3076 error = register_chrdev_region(dev, driver->num, driver->name); 3077 } 3078 if (error < 0) { 3079 kfree(p); 3080 return error; 3081 } 3082 3083 if (p) { 3084 driver->ttys = (struct tty_struct **)p; 3085 driver->termios = (struct ktermios **)(p + driver->num); 3086 } else { 3087 driver->ttys = NULL; 3088 driver->termios = NULL; 3089 } 3090 3091 cdev_init(&driver->cdev, &tty_fops); 3092 driver->cdev.owner = driver->owner; 3093 error = cdev_add(&driver->cdev, dev, driver->num); 3094 if (error) { 3095 unregister_chrdev_region(dev, driver->num); 3096 driver->ttys = NULL; 3097 driver->termios = NULL; 3098 kfree(p); 3099 return error; 3100 } 3101 3102 mutex_lock(&tty_mutex); 3103 list_add(&driver->tty_drivers, &tty_drivers); 3104 mutex_unlock(&tty_mutex); 3105 3106 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3107 for (i = 0; i < driver->num; i++) { 3108 d = tty_register_device(driver, i, NULL); 3109 if (IS_ERR(d)) { 3110 error = PTR_ERR(d); 3111 goto err; 3112 } 3113 } 3114 } 3115 proc_tty_register_driver(driver); 3116 driver->flags |= TTY_DRIVER_INSTALLED; 3117 return 0; 3118 3119 err: 3120 for (i--; i >= 0; i--) 3121 tty_unregister_device(driver, i); 3122 3123 mutex_lock(&tty_mutex); 3124 list_del(&driver->tty_drivers); 3125 mutex_unlock(&tty_mutex); 3126 3127 unregister_chrdev_region(dev, driver->num); 3128 driver->ttys = NULL; 3129 driver->termios = NULL; 3130 kfree(p); 3131 return error; 3132 } 3133 3134 EXPORT_SYMBOL(tty_register_driver); 3135 3136 /* 3137 * Called by a tty driver to unregister itself. 3138 */ 3139 int tty_unregister_driver(struct tty_driver *driver) 3140 { 3141 #if 0 3142 /* FIXME */ 3143 if (driver->refcount) 3144 return -EBUSY; 3145 #endif 3146 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3147 driver->num); 3148 mutex_lock(&tty_mutex); 3149 list_del(&driver->tty_drivers); 3150 mutex_unlock(&tty_mutex); 3151 return 0; 3152 } 3153 3154 EXPORT_SYMBOL(tty_unregister_driver); 3155 3156 dev_t tty_devnum(struct tty_struct *tty) 3157 { 3158 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3159 } 3160 EXPORT_SYMBOL(tty_devnum); 3161 3162 void proc_clear_tty(struct task_struct *p) 3163 { 3164 unsigned long flags; 3165 struct tty_struct *tty; 3166 spin_lock_irqsave(&p->sighand->siglock, flags); 3167 tty = p->signal->tty; 3168 p->signal->tty = NULL; 3169 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3170 tty_kref_put(tty); 3171 } 3172 3173 /* Called under the sighand lock */ 3174 3175 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3176 { 3177 if (tty) { 3178 unsigned long flags; 3179 /* We should not have a session or pgrp to put here but.... */ 3180 spin_lock_irqsave(&tty->ctrl_lock, flags); 3181 put_pid(tty->session); 3182 put_pid(tty->pgrp); 3183 tty->pgrp = get_pid(task_pgrp(tsk)); 3184 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3185 tty->session = get_pid(task_session(tsk)); 3186 if (tsk->signal->tty) { 3187 printk(KERN_DEBUG "tty not NULL!!\n"); 3188 tty_kref_put(tsk->signal->tty); 3189 } 3190 } 3191 put_pid(tsk->signal->tty_old_pgrp); 3192 tsk->signal->tty = tty_kref_get(tty); 3193 tsk->signal->tty_old_pgrp = NULL; 3194 } 3195 3196 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3197 { 3198 spin_lock_irq(&tsk->sighand->siglock); 3199 __proc_set_tty(tsk, tty); 3200 spin_unlock_irq(&tsk->sighand->siglock); 3201 } 3202 3203 struct tty_struct *get_current_tty(void) 3204 { 3205 struct tty_struct *tty; 3206 unsigned long flags; 3207 3208 spin_lock_irqsave(¤t->sighand->siglock, flags); 3209 tty = tty_kref_get(current->signal->tty); 3210 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3211 return tty; 3212 } 3213 EXPORT_SYMBOL_GPL(get_current_tty); 3214 3215 void tty_default_fops(struct file_operations *fops) 3216 { 3217 *fops = tty_fops; 3218 } 3219 3220 /* 3221 * Initialize the console device. This is called *early*, so 3222 * we can't necessarily depend on lots of kernel help here. 3223 * Just do some early initializations, and do the complex setup 3224 * later. 3225 */ 3226 void __init console_init(void) 3227 { 3228 initcall_t *call; 3229 3230 /* Setup the default TTY line discipline. */ 3231 tty_ldisc_begin(); 3232 3233 /* 3234 * set up the console device so that later boot sequences can 3235 * inform about problems etc.. 3236 */ 3237 call = __con_initcall_start; 3238 while (call < __con_initcall_end) { 3239 (*call)(); 3240 call++; 3241 } 3242 } 3243 3244 static char *tty_devnode(struct device *dev, mode_t *mode) 3245 { 3246 if (!mode) 3247 return NULL; 3248 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3249 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3250 *mode = 0666; 3251 return NULL; 3252 } 3253 3254 static int __init tty_class_init(void) 3255 { 3256 tty_class = class_create(THIS_MODULE, "tty"); 3257 if (IS_ERR(tty_class)) 3258 return PTR_ERR(tty_class); 3259 tty_class->devnode = tty_devnode; 3260 return 0; 3261 } 3262 3263 postcore_initcall(tty_class_init); 3264 3265 /* 3/2004 jmc: why do these devices exist? */ 3266 static struct cdev tty_cdev, console_cdev; 3267 3268 static ssize_t show_cons_active(struct device *dev, 3269 struct device_attribute *attr, char *buf) 3270 { 3271 struct console *cs[16]; 3272 int i = 0; 3273 struct console *c; 3274 ssize_t count = 0; 3275 3276 console_lock(); 3277 for_each_console(c) { 3278 if (!c->device) 3279 continue; 3280 if (!c->write) 3281 continue; 3282 if ((c->flags & CON_ENABLED) == 0) 3283 continue; 3284 cs[i++] = c; 3285 if (i >= ARRAY_SIZE(cs)) 3286 break; 3287 } 3288 while (i--) 3289 count += sprintf(buf + count, "%s%d%c", 3290 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3291 console_unlock(); 3292 3293 return count; 3294 } 3295 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3296 3297 static struct device *consdev; 3298 3299 void console_sysfs_notify(void) 3300 { 3301 if (consdev) 3302 sysfs_notify(&consdev->kobj, NULL, "active"); 3303 } 3304 3305 /* 3306 * Ok, now we can initialize the rest of the tty devices and can count 3307 * on memory allocations, interrupts etc.. 3308 */ 3309 int __init tty_init(void) 3310 { 3311 cdev_init(&tty_cdev, &tty_fops); 3312 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3313 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3314 panic("Couldn't register /dev/tty driver\n"); 3315 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3316 3317 cdev_init(&console_cdev, &console_fops); 3318 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3319 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3320 panic("Couldn't register /dev/console driver\n"); 3321 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3322 "console"); 3323 if (IS_ERR(consdev)) 3324 consdev = NULL; 3325 else 3326 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3327 3328 #ifdef CONFIG_VT 3329 vty_init(&console_fops); 3330 #endif 3331 return 0; 3332 } 3333 3334