1 /* 2 * linux/drivers/char/tty_io.c 3 * 4 * Copyright (C) 1991, 1992 Linus Torvalds 5 */ 6 7 /* 8 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 9 * or rs-channels. It also implements echoing, cooked mode etc. 10 * 11 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 12 * 13 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 14 * tty_struct and tty_queue structures. Previously there was an array 15 * of 256 tty_struct's which was statically allocated, and the 16 * tty_queue structures were allocated at boot time. Both are now 17 * dynamically allocated only when the tty is open. 18 * 19 * Also restructured routines so that there is more of a separation 20 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 21 * the low-level tty routines (serial.c, pty.c, console.c). This 22 * makes for cleaner and more compact code. -TYT, 9/17/92 23 * 24 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 25 * which can be dynamically activated and de-activated by the line 26 * discipline handling modules (like SLIP). 27 * 28 * NOTE: pay no attention to the line discipline code (yet); its 29 * interface is still subject to change in this version... 30 * -- TYT, 1/31/92 31 * 32 * Added functionality to the OPOST tty handling. No delays, but all 33 * other bits should be there. 34 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 35 * 36 * Rewrote canonical mode and added more termios flags. 37 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 38 * 39 * Reorganized FASYNC support so mouse code can share it. 40 * -- ctm@ardi.com, 9Sep95 41 * 42 * New TIOCLINUX variants added. 43 * -- mj@k332.feld.cvut.cz, 19-Nov-95 44 * 45 * Restrict vt switching via ioctl() 46 * -- grif@cs.ucr.edu, 5-Dec-95 47 * 48 * Move console and virtual terminal code to more appropriate files, 49 * implement CONFIG_VT and generalize console device interface. 50 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 51 * 52 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 53 * -- Bill Hawes <whawes@star.net>, June 97 54 * 55 * Added devfs support. 56 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 57 * 58 * Added support for a Unix98-style ptmx device. 59 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 60 * 61 * Reduced memory usage for older ARM systems 62 * -- Russell King <rmk@arm.linux.org.uk> 63 * 64 * Move do_SAK() into process context. Less stack use in devfs functions. 65 * alloc_tty_struct() always uses kmalloc() 66 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 67 */ 68 69 #include <linux/types.h> 70 #include <linux/major.h> 71 #include <linux/errno.h> 72 #include <linux/signal.h> 73 #include <linux/fcntl.h> 74 #include <linux/sched.h> 75 #include <linux/interrupt.h> 76 #include <linux/tty.h> 77 #include <linux/tty_driver.h> 78 #include <linux/tty_flip.h> 79 #include <linux/devpts_fs.h> 80 #include <linux/file.h> 81 #include <linux/fdtable.h> 82 #include <linux/console.h> 83 #include <linux/timer.h> 84 #include <linux/ctype.h> 85 #include <linux/kd.h> 86 #include <linux/mm.h> 87 #include <linux/string.h> 88 #include <linux/slab.h> 89 #include <linux/poll.h> 90 #include <linux/proc_fs.h> 91 #include <linux/init.h> 92 #include <linux/module.h> 93 #include <linux/smp_lock.h> 94 #include <linux/device.h> 95 #include <linux/wait.h> 96 #include <linux/bitops.h> 97 #include <linux/delay.h> 98 #include <linux/seq_file.h> 99 #include <linux/serial.h> 100 101 #include <linux/uaccess.h> 102 #include <asm/system.h> 103 104 #include <linux/kbd_kern.h> 105 #include <linux/vt_kern.h> 106 #include <linux/selection.h> 107 108 #include <linux/kmod.h> 109 #include <linux/nsproxy.h> 110 111 #undef TTY_DEBUG_HANGUP 112 113 #define TTY_PARANOIA_CHECK 1 114 #define CHECK_TTY_COUNT 1 115 116 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 117 .c_iflag = ICRNL | IXON, 118 .c_oflag = OPOST | ONLCR, 119 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 120 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 121 ECHOCTL | ECHOKE | IEXTEN, 122 .c_cc = INIT_C_CC, 123 .c_ispeed = 38400, 124 .c_ospeed = 38400 125 }; 126 127 EXPORT_SYMBOL(tty_std_termios); 128 129 /* This list gets poked at by procfs and various bits of boot up code. This 130 could do with some rationalisation such as pulling the tty proc function 131 into this file */ 132 133 LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 134 135 /* Mutex to protect creating and releasing a tty. This is shared with 136 vt.c for deeply disgusting hack reasons */ 137 DEFINE_MUTEX(tty_mutex); 138 EXPORT_SYMBOL(tty_mutex); 139 140 /* Spinlock to protect the tty->tty_files list */ 141 DEFINE_SPINLOCK(tty_files_lock); 142 143 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 144 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 145 ssize_t redirected_tty_write(struct file *, const char __user *, 146 size_t, loff_t *); 147 static unsigned int tty_poll(struct file *, poll_table *); 148 static int tty_open(struct inode *, struct file *); 149 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 150 #ifdef CONFIG_COMPAT 151 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 152 unsigned long arg); 153 #else 154 #define tty_compat_ioctl NULL 155 #endif 156 static int __tty_fasync(int fd, struct file *filp, int on); 157 static int tty_fasync(int fd, struct file *filp, int on); 158 static void release_tty(struct tty_struct *tty, int idx); 159 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 160 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 161 162 /** 163 * alloc_tty_struct - allocate a tty object 164 * 165 * Return a new empty tty structure. The data fields have not 166 * been initialized in any way but has been zeroed 167 * 168 * Locking: none 169 */ 170 171 struct tty_struct *alloc_tty_struct(void) 172 { 173 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 174 } 175 176 /** 177 * free_tty_struct - free a disused tty 178 * @tty: tty struct to free 179 * 180 * Free the write buffers, tty queue and tty memory itself. 181 * 182 * Locking: none. Must be called after tty is definitely unused 183 */ 184 185 void free_tty_struct(struct tty_struct *tty) 186 { 187 if (tty->dev) 188 put_device(tty->dev); 189 kfree(tty->write_buf); 190 tty_buffer_free_all(tty); 191 kfree(tty); 192 } 193 194 static inline struct tty_struct *file_tty(struct file *file) 195 { 196 return ((struct tty_file_private *)file->private_data)->tty; 197 } 198 199 /* Associate a new file with the tty structure */ 200 int tty_add_file(struct tty_struct *tty, struct file *file) 201 { 202 struct tty_file_private *priv; 203 204 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 205 if (!priv) 206 return -ENOMEM; 207 208 priv->tty = tty; 209 priv->file = file; 210 file->private_data = priv; 211 212 spin_lock(&tty_files_lock); 213 list_add(&priv->list, &tty->tty_files); 214 spin_unlock(&tty_files_lock); 215 216 return 0; 217 } 218 219 /* Delete file from its tty */ 220 void tty_del_file(struct file *file) 221 { 222 struct tty_file_private *priv = file->private_data; 223 224 spin_lock(&tty_files_lock); 225 list_del(&priv->list); 226 spin_unlock(&tty_files_lock); 227 file->private_data = NULL; 228 kfree(priv); 229 } 230 231 232 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 233 234 /** 235 * tty_name - return tty naming 236 * @tty: tty structure 237 * @buf: buffer for output 238 * 239 * Convert a tty structure into a name. The name reflects the kernel 240 * naming policy and if udev is in use may not reflect user space 241 * 242 * Locking: none 243 */ 244 245 char *tty_name(struct tty_struct *tty, char *buf) 246 { 247 if (!tty) /* Hmm. NULL pointer. That's fun. */ 248 strcpy(buf, "NULL tty"); 249 else 250 strcpy(buf, tty->name); 251 return buf; 252 } 253 254 EXPORT_SYMBOL(tty_name); 255 256 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 257 const char *routine) 258 { 259 #ifdef TTY_PARANOIA_CHECK 260 if (!tty) { 261 printk(KERN_WARNING 262 "null TTY for (%d:%d) in %s\n", 263 imajor(inode), iminor(inode), routine); 264 return 1; 265 } 266 if (tty->magic != TTY_MAGIC) { 267 printk(KERN_WARNING 268 "bad magic number for tty struct (%d:%d) in %s\n", 269 imajor(inode), iminor(inode), routine); 270 return 1; 271 } 272 #endif 273 return 0; 274 } 275 276 static int check_tty_count(struct tty_struct *tty, const char *routine) 277 { 278 #ifdef CHECK_TTY_COUNT 279 struct list_head *p; 280 int count = 0; 281 282 spin_lock(&tty_files_lock); 283 list_for_each(p, &tty->tty_files) { 284 count++; 285 } 286 spin_unlock(&tty_files_lock); 287 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 288 tty->driver->subtype == PTY_TYPE_SLAVE && 289 tty->link && tty->link->count) 290 count++; 291 if (tty->count != count) { 292 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 293 "!= #fd's(%d) in %s\n", 294 tty->name, tty->count, count, routine); 295 return count; 296 } 297 #endif 298 return 0; 299 } 300 301 /** 302 * get_tty_driver - find device of a tty 303 * @dev_t: device identifier 304 * @index: returns the index of the tty 305 * 306 * This routine returns a tty driver structure, given a device number 307 * and also passes back the index number. 308 * 309 * Locking: caller must hold tty_mutex 310 */ 311 312 static struct tty_driver *get_tty_driver(dev_t device, int *index) 313 { 314 struct tty_driver *p; 315 316 list_for_each_entry(p, &tty_drivers, tty_drivers) { 317 dev_t base = MKDEV(p->major, p->minor_start); 318 if (device < base || device >= base + p->num) 319 continue; 320 *index = device - base; 321 return tty_driver_kref_get(p); 322 } 323 return NULL; 324 } 325 326 #ifdef CONFIG_CONSOLE_POLL 327 328 /** 329 * tty_find_polling_driver - find device of a polled tty 330 * @name: name string to match 331 * @line: pointer to resulting tty line nr 332 * 333 * This routine returns a tty driver structure, given a name 334 * and the condition that the tty driver is capable of polled 335 * operation. 336 */ 337 struct tty_driver *tty_find_polling_driver(char *name, int *line) 338 { 339 struct tty_driver *p, *res = NULL; 340 int tty_line = 0; 341 int len; 342 char *str, *stp; 343 344 for (str = name; *str; str++) 345 if ((*str >= '0' && *str <= '9') || *str == ',') 346 break; 347 if (!*str) 348 return NULL; 349 350 len = str - name; 351 tty_line = simple_strtoul(str, &str, 10); 352 353 mutex_lock(&tty_mutex); 354 /* Search through the tty devices to look for a match */ 355 list_for_each_entry(p, &tty_drivers, tty_drivers) { 356 if (strncmp(name, p->name, len) != 0) 357 continue; 358 stp = str; 359 if (*stp == ',') 360 stp++; 361 if (*stp == '\0') 362 stp = NULL; 363 364 if (tty_line >= 0 && tty_line < p->num && p->ops && 365 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 366 res = tty_driver_kref_get(p); 367 *line = tty_line; 368 break; 369 } 370 } 371 mutex_unlock(&tty_mutex); 372 373 return res; 374 } 375 EXPORT_SYMBOL_GPL(tty_find_polling_driver); 376 #endif 377 378 /** 379 * tty_check_change - check for POSIX terminal changes 380 * @tty: tty to check 381 * 382 * If we try to write to, or set the state of, a terminal and we're 383 * not in the foreground, send a SIGTTOU. If the signal is blocked or 384 * ignored, go ahead and perform the operation. (POSIX 7.2) 385 * 386 * Locking: ctrl_lock 387 */ 388 389 int tty_check_change(struct tty_struct *tty) 390 { 391 unsigned long flags; 392 int ret = 0; 393 394 if (current->signal->tty != tty) 395 return 0; 396 397 spin_lock_irqsave(&tty->ctrl_lock, flags); 398 399 if (!tty->pgrp) { 400 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 401 goto out_unlock; 402 } 403 if (task_pgrp(current) == tty->pgrp) 404 goto out_unlock; 405 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 406 if (is_ignored(SIGTTOU)) 407 goto out; 408 if (is_current_pgrp_orphaned()) { 409 ret = -EIO; 410 goto out; 411 } 412 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 413 set_thread_flag(TIF_SIGPENDING); 414 ret = -ERESTARTSYS; 415 out: 416 return ret; 417 out_unlock: 418 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 419 return ret; 420 } 421 422 EXPORT_SYMBOL(tty_check_change); 423 424 static ssize_t hung_up_tty_read(struct file *file, char __user *buf, 425 size_t count, loff_t *ppos) 426 { 427 return 0; 428 } 429 430 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, 431 size_t count, loff_t *ppos) 432 { 433 return -EIO; 434 } 435 436 /* No kernel lock held - none needed ;) */ 437 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) 438 { 439 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 440 } 441 442 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 443 unsigned long arg) 444 { 445 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 446 } 447 448 static long hung_up_tty_compat_ioctl(struct file *file, 449 unsigned int cmd, unsigned long arg) 450 { 451 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 452 } 453 454 static const struct file_operations tty_fops = { 455 .llseek = no_llseek, 456 .read = tty_read, 457 .write = tty_write, 458 .poll = tty_poll, 459 .unlocked_ioctl = tty_ioctl, 460 .compat_ioctl = tty_compat_ioctl, 461 .open = tty_open, 462 .release = tty_release, 463 .fasync = tty_fasync, 464 }; 465 466 static const struct file_operations console_fops = { 467 .llseek = no_llseek, 468 .read = tty_read, 469 .write = redirected_tty_write, 470 .poll = tty_poll, 471 .unlocked_ioctl = tty_ioctl, 472 .compat_ioctl = tty_compat_ioctl, 473 .open = tty_open, 474 .release = tty_release, 475 .fasync = tty_fasync, 476 }; 477 478 static const struct file_operations hung_up_tty_fops = { 479 .llseek = no_llseek, 480 .read = hung_up_tty_read, 481 .write = hung_up_tty_write, 482 .poll = hung_up_tty_poll, 483 .unlocked_ioctl = hung_up_tty_ioctl, 484 .compat_ioctl = hung_up_tty_compat_ioctl, 485 .release = tty_release, 486 }; 487 488 static DEFINE_SPINLOCK(redirect_lock); 489 static struct file *redirect; 490 491 /** 492 * tty_wakeup - request more data 493 * @tty: terminal 494 * 495 * Internal and external helper for wakeups of tty. This function 496 * informs the line discipline if present that the driver is ready 497 * to receive more output data. 498 */ 499 500 void tty_wakeup(struct tty_struct *tty) 501 { 502 struct tty_ldisc *ld; 503 504 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 505 ld = tty_ldisc_ref(tty); 506 if (ld) { 507 if (ld->ops->write_wakeup) 508 ld->ops->write_wakeup(tty); 509 tty_ldisc_deref(ld); 510 } 511 } 512 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 513 } 514 515 EXPORT_SYMBOL_GPL(tty_wakeup); 516 517 /** 518 * __tty_hangup - actual handler for hangup events 519 * @work: tty device 520 * 521 * This can be called by the "eventd" kernel thread. That is process 522 * synchronous but doesn't hold any locks, so we need to make sure we 523 * have the appropriate locks for what we're doing. 524 * 525 * The hangup event clears any pending redirections onto the hung up 526 * device. It ensures future writes will error and it does the needed 527 * line discipline hangup and signal delivery. The tty object itself 528 * remains intact. 529 * 530 * Locking: 531 * BTM 532 * redirect lock for undoing redirection 533 * file list lock for manipulating list of ttys 534 * tty_ldisc_lock from called functions 535 * termios_mutex resetting termios data 536 * tasklist_lock to walk task list for hangup event 537 * ->siglock to protect ->signal/->sighand 538 */ 539 void __tty_hangup(struct tty_struct *tty) 540 { 541 struct file *cons_filp = NULL; 542 struct file *filp, *f = NULL; 543 struct task_struct *p; 544 struct tty_file_private *priv; 545 int closecount = 0, n; 546 unsigned long flags; 547 int refs = 0; 548 549 if (!tty) 550 return; 551 552 553 spin_lock(&redirect_lock); 554 if (redirect && file_tty(redirect) == tty) { 555 f = redirect; 556 redirect = NULL; 557 } 558 spin_unlock(&redirect_lock); 559 560 tty_lock(); 561 562 /* some functions below drop BTM, so we need this bit */ 563 set_bit(TTY_HUPPING, &tty->flags); 564 565 /* inuse_filps is protected by the single tty lock, 566 this really needs to change if we want to flush the 567 workqueue with the lock held */ 568 check_tty_count(tty, "tty_hangup"); 569 570 spin_lock(&tty_files_lock); 571 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 572 list_for_each_entry(priv, &tty->tty_files, list) { 573 filp = priv->file; 574 if (filp->f_op->write == redirected_tty_write) 575 cons_filp = filp; 576 if (filp->f_op->write != tty_write) 577 continue; 578 closecount++; 579 __tty_fasync(-1, filp, 0); /* can't block */ 580 filp->f_op = &hung_up_tty_fops; 581 } 582 spin_unlock(&tty_files_lock); 583 584 /* 585 * it drops BTM and thus races with reopen 586 * we protect the race by TTY_HUPPING 587 */ 588 tty_ldisc_hangup(tty); 589 590 read_lock(&tasklist_lock); 591 if (tty->session) { 592 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 593 spin_lock_irq(&p->sighand->siglock); 594 if (p->signal->tty == tty) { 595 p->signal->tty = NULL; 596 /* We defer the dereferences outside fo 597 the tasklist lock */ 598 refs++; 599 } 600 if (!p->signal->leader) { 601 spin_unlock_irq(&p->sighand->siglock); 602 continue; 603 } 604 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 605 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 606 put_pid(p->signal->tty_old_pgrp); /* A noop */ 607 spin_lock_irqsave(&tty->ctrl_lock, flags); 608 if (tty->pgrp) 609 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 610 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 611 spin_unlock_irq(&p->sighand->siglock); 612 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 613 } 614 read_unlock(&tasklist_lock); 615 616 spin_lock_irqsave(&tty->ctrl_lock, flags); 617 clear_bit(TTY_THROTTLED, &tty->flags); 618 clear_bit(TTY_PUSH, &tty->flags); 619 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 620 put_pid(tty->session); 621 put_pid(tty->pgrp); 622 tty->session = NULL; 623 tty->pgrp = NULL; 624 tty->ctrl_status = 0; 625 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 626 627 /* Account for the p->signal references we killed */ 628 while (refs--) 629 tty_kref_put(tty); 630 631 /* 632 * If one of the devices matches a console pointer, we 633 * cannot just call hangup() because that will cause 634 * tty->count and state->count to go out of sync. 635 * So we just call close() the right number of times. 636 */ 637 if (cons_filp) { 638 if (tty->ops->close) 639 for (n = 0; n < closecount; n++) 640 tty->ops->close(tty, cons_filp); 641 } else if (tty->ops->hangup) 642 (tty->ops->hangup)(tty); 643 /* 644 * We don't want to have driver/ldisc interactions beyond 645 * the ones we did here. The driver layer expects no 646 * calls after ->hangup() from the ldisc side. However we 647 * can't yet guarantee all that. 648 */ 649 set_bit(TTY_HUPPED, &tty->flags); 650 clear_bit(TTY_HUPPING, &tty->flags); 651 tty_ldisc_enable(tty); 652 653 tty_unlock(); 654 655 if (f) 656 fput(f); 657 } 658 659 static void do_tty_hangup(struct work_struct *work) 660 { 661 struct tty_struct *tty = 662 container_of(work, struct tty_struct, hangup_work); 663 664 __tty_hangup(tty); 665 } 666 667 /** 668 * tty_hangup - trigger a hangup event 669 * @tty: tty to hangup 670 * 671 * A carrier loss (virtual or otherwise) has occurred on this like 672 * schedule a hangup sequence to run after this event. 673 */ 674 675 void tty_hangup(struct tty_struct *tty) 676 { 677 #ifdef TTY_DEBUG_HANGUP 678 char buf[64]; 679 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 680 #endif 681 schedule_work(&tty->hangup_work); 682 } 683 684 EXPORT_SYMBOL(tty_hangup); 685 686 /** 687 * tty_vhangup - process vhangup 688 * @tty: tty to hangup 689 * 690 * The user has asked via system call for the terminal to be hung up. 691 * We do this synchronously so that when the syscall returns the process 692 * is complete. That guarantee is necessary for security reasons. 693 */ 694 695 void tty_vhangup(struct tty_struct *tty) 696 { 697 #ifdef TTY_DEBUG_HANGUP 698 char buf[64]; 699 700 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 701 #endif 702 __tty_hangup(tty); 703 } 704 705 EXPORT_SYMBOL(tty_vhangup); 706 707 708 /** 709 * tty_vhangup_self - process vhangup for own ctty 710 * 711 * Perform a vhangup on the current controlling tty 712 */ 713 714 void tty_vhangup_self(void) 715 { 716 struct tty_struct *tty; 717 718 tty = get_current_tty(); 719 if (tty) { 720 tty_vhangup(tty); 721 tty_kref_put(tty); 722 } 723 } 724 725 /** 726 * tty_hung_up_p - was tty hung up 727 * @filp: file pointer of tty 728 * 729 * Return true if the tty has been subject to a vhangup or a carrier 730 * loss 731 */ 732 733 int tty_hung_up_p(struct file *filp) 734 { 735 return (filp->f_op == &hung_up_tty_fops); 736 } 737 738 EXPORT_SYMBOL(tty_hung_up_p); 739 740 static void session_clear_tty(struct pid *session) 741 { 742 struct task_struct *p; 743 do_each_pid_task(session, PIDTYPE_SID, p) { 744 proc_clear_tty(p); 745 } while_each_pid_task(session, PIDTYPE_SID, p); 746 } 747 748 /** 749 * disassociate_ctty - disconnect controlling tty 750 * @on_exit: true if exiting so need to "hang up" the session 751 * 752 * This function is typically called only by the session leader, when 753 * it wants to disassociate itself from its controlling tty. 754 * 755 * It performs the following functions: 756 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 757 * (2) Clears the tty from being controlling the session 758 * (3) Clears the controlling tty for all processes in the 759 * session group. 760 * 761 * The argument on_exit is set to 1 if called when a process is 762 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 763 * 764 * Locking: 765 * BTM is taken for hysterical raisins, and held when 766 * called from no_tty(). 767 * tty_mutex is taken to protect tty 768 * ->siglock is taken to protect ->signal/->sighand 769 * tasklist_lock is taken to walk process list for sessions 770 * ->siglock is taken to protect ->signal/->sighand 771 */ 772 773 void disassociate_ctty(int on_exit) 774 { 775 struct tty_struct *tty; 776 struct pid *tty_pgrp = NULL; 777 778 if (!current->signal->leader) 779 return; 780 781 tty = get_current_tty(); 782 if (tty) { 783 tty_pgrp = get_pid(tty->pgrp); 784 if (on_exit) { 785 if (tty->driver->type != TTY_DRIVER_TYPE_PTY) 786 tty_vhangup(tty); 787 } 788 tty_kref_put(tty); 789 } else if (on_exit) { 790 struct pid *old_pgrp; 791 spin_lock_irq(¤t->sighand->siglock); 792 old_pgrp = current->signal->tty_old_pgrp; 793 current->signal->tty_old_pgrp = NULL; 794 spin_unlock_irq(¤t->sighand->siglock); 795 if (old_pgrp) { 796 kill_pgrp(old_pgrp, SIGHUP, on_exit); 797 kill_pgrp(old_pgrp, SIGCONT, on_exit); 798 put_pid(old_pgrp); 799 } 800 return; 801 } 802 if (tty_pgrp) { 803 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 804 if (!on_exit) 805 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 806 put_pid(tty_pgrp); 807 } 808 809 spin_lock_irq(¤t->sighand->siglock); 810 put_pid(current->signal->tty_old_pgrp); 811 current->signal->tty_old_pgrp = NULL; 812 spin_unlock_irq(¤t->sighand->siglock); 813 814 tty = get_current_tty(); 815 if (tty) { 816 unsigned long flags; 817 spin_lock_irqsave(&tty->ctrl_lock, flags); 818 put_pid(tty->session); 819 put_pid(tty->pgrp); 820 tty->session = NULL; 821 tty->pgrp = NULL; 822 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 823 tty_kref_put(tty); 824 } else { 825 #ifdef TTY_DEBUG_HANGUP 826 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 827 " = NULL", tty); 828 #endif 829 } 830 831 /* Now clear signal->tty under the lock */ 832 read_lock(&tasklist_lock); 833 session_clear_tty(task_session(current)); 834 read_unlock(&tasklist_lock); 835 } 836 837 /** 838 * 839 * no_tty - Ensure the current process does not have a controlling tty 840 */ 841 void no_tty(void) 842 { 843 struct task_struct *tsk = current; 844 tty_lock(); 845 disassociate_ctty(0); 846 tty_unlock(); 847 proc_clear_tty(tsk); 848 } 849 850 851 /** 852 * stop_tty - propagate flow control 853 * @tty: tty to stop 854 * 855 * Perform flow control to the driver. For PTY/TTY pairs we 856 * must also propagate the TIOCKPKT status. May be called 857 * on an already stopped device and will not re-call the driver 858 * method. 859 * 860 * This functionality is used by both the line disciplines for 861 * halting incoming flow and by the driver. It may therefore be 862 * called from any context, may be under the tty atomic_write_lock 863 * but not always. 864 * 865 * Locking: 866 * Uses the tty control lock internally 867 */ 868 869 void stop_tty(struct tty_struct *tty) 870 { 871 unsigned long flags; 872 spin_lock_irqsave(&tty->ctrl_lock, flags); 873 if (tty->stopped) { 874 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 875 return; 876 } 877 tty->stopped = 1; 878 if (tty->link && tty->link->packet) { 879 tty->ctrl_status &= ~TIOCPKT_START; 880 tty->ctrl_status |= TIOCPKT_STOP; 881 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 882 } 883 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 884 if (tty->ops->stop) 885 (tty->ops->stop)(tty); 886 } 887 888 EXPORT_SYMBOL(stop_tty); 889 890 /** 891 * start_tty - propagate flow control 892 * @tty: tty to start 893 * 894 * Start a tty that has been stopped if at all possible. Perform 895 * any necessary wakeups and propagate the TIOCPKT status. If this 896 * is the tty was previous stopped and is being started then the 897 * driver start method is invoked and the line discipline woken. 898 * 899 * Locking: 900 * ctrl_lock 901 */ 902 903 void start_tty(struct tty_struct *tty) 904 { 905 unsigned long flags; 906 spin_lock_irqsave(&tty->ctrl_lock, flags); 907 if (!tty->stopped || tty->flow_stopped) { 908 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 909 return; 910 } 911 tty->stopped = 0; 912 if (tty->link && tty->link->packet) { 913 tty->ctrl_status &= ~TIOCPKT_STOP; 914 tty->ctrl_status |= TIOCPKT_START; 915 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN); 916 } 917 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 918 if (tty->ops->start) 919 (tty->ops->start)(tty); 920 /* If we have a running line discipline it may need kicking */ 921 tty_wakeup(tty); 922 } 923 924 EXPORT_SYMBOL(start_tty); 925 926 /** 927 * tty_read - read method for tty device files 928 * @file: pointer to tty file 929 * @buf: user buffer 930 * @count: size of user buffer 931 * @ppos: unused 932 * 933 * Perform the read system call function on this terminal device. Checks 934 * for hung up devices before calling the line discipline method. 935 * 936 * Locking: 937 * Locks the line discipline internally while needed. Multiple 938 * read calls may be outstanding in parallel. 939 */ 940 941 static ssize_t tty_read(struct file *file, char __user *buf, size_t count, 942 loff_t *ppos) 943 { 944 int i; 945 struct inode *inode = file->f_path.dentry->d_inode; 946 struct tty_struct *tty = file_tty(file); 947 struct tty_ldisc *ld; 948 949 if (tty_paranoia_check(tty, inode, "tty_read")) 950 return -EIO; 951 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 952 return -EIO; 953 954 /* We want to wait for the line discipline to sort out in this 955 situation */ 956 ld = tty_ldisc_ref_wait(tty); 957 if (ld->ops->read) 958 i = (ld->ops->read)(tty, file, buf, count); 959 else 960 i = -EIO; 961 tty_ldisc_deref(ld); 962 if (i > 0) 963 inode->i_atime = current_fs_time(inode->i_sb); 964 return i; 965 } 966 967 void tty_write_unlock(struct tty_struct *tty) 968 { 969 mutex_unlock(&tty->atomic_write_lock); 970 wake_up_interruptible_poll(&tty->write_wait, POLLOUT); 971 } 972 973 int tty_write_lock(struct tty_struct *tty, int ndelay) 974 { 975 if (!mutex_trylock(&tty->atomic_write_lock)) { 976 if (ndelay) 977 return -EAGAIN; 978 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 979 return -ERESTARTSYS; 980 } 981 return 0; 982 } 983 984 /* 985 * Split writes up in sane blocksizes to avoid 986 * denial-of-service type attacks 987 */ 988 static inline ssize_t do_tty_write( 989 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 990 struct tty_struct *tty, 991 struct file *file, 992 const char __user *buf, 993 size_t count) 994 { 995 ssize_t ret, written = 0; 996 unsigned int chunk; 997 998 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 999 if (ret < 0) 1000 return ret; 1001 1002 /* 1003 * We chunk up writes into a temporary buffer. This 1004 * simplifies low-level drivers immensely, since they 1005 * don't have locking issues and user mode accesses. 1006 * 1007 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1008 * big chunk-size.. 1009 * 1010 * The default chunk-size is 2kB, because the NTTY 1011 * layer has problems with bigger chunks. It will 1012 * claim to be able to handle more characters than 1013 * it actually does. 1014 * 1015 * FIXME: This can probably go away now except that 64K chunks 1016 * are too likely to fail unless switched to vmalloc... 1017 */ 1018 chunk = 2048; 1019 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1020 chunk = 65536; 1021 if (count < chunk) 1022 chunk = count; 1023 1024 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1025 if (tty->write_cnt < chunk) { 1026 unsigned char *buf_chunk; 1027 1028 if (chunk < 1024) 1029 chunk = 1024; 1030 1031 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1032 if (!buf_chunk) { 1033 ret = -ENOMEM; 1034 goto out; 1035 } 1036 kfree(tty->write_buf); 1037 tty->write_cnt = chunk; 1038 tty->write_buf = buf_chunk; 1039 } 1040 1041 /* Do the write .. */ 1042 for (;;) { 1043 size_t size = count; 1044 if (size > chunk) 1045 size = chunk; 1046 ret = -EFAULT; 1047 if (copy_from_user(tty->write_buf, buf, size)) 1048 break; 1049 ret = write(tty, file, tty->write_buf, size); 1050 if (ret <= 0) 1051 break; 1052 written += ret; 1053 buf += ret; 1054 count -= ret; 1055 if (!count) 1056 break; 1057 ret = -ERESTARTSYS; 1058 if (signal_pending(current)) 1059 break; 1060 cond_resched(); 1061 } 1062 if (written) { 1063 struct inode *inode = file->f_path.dentry->d_inode; 1064 inode->i_mtime = current_fs_time(inode->i_sb); 1065 ret = written; 1066 } 1067 out: 1068 tty_write_unlock(tty); 1069 return ret; 1070 } 1071 1072 /** 1073 * tty_write_message - write a message to a certain tty, not just the console. 1074 * @tty: the destination tty_struct 1075 * @msg: the message to write 1076 * 1077 * This is used for messages that need to be redirected to a specific tty. 1078 * We don't put it into the syslog queue right now maybe in the future if 1079 * really needed. 1080 * 1081 * We must still hold the BTM and test the CLOSING flag for the moment. 1082 */ 1083 1084 void tty_write_message(struct tty_struct *tty, char *msg) 1085 { 1086 if (tty) { 1087 mutex_lock(&tty->atomic_write_lock); 1088 tty_lock(); 1089 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) { 1090 tty_unlock(); 1091 tty->ops->write(tty, msg, strlen(msg)); 1092 } else 1093 tty_unlock(); 1094 tty_write_unlock(tty); 1095 } 1096 return; 1097 } 1098 1099 1100 /** 1101 * tty_write - write method for tty device file 1102 * @file: tty file pointer 1103 * @buf: user data to write 1104 * @count: bytes to write 1105 * @ppos: unused 1106 * 1107 * Write data to a tty device via the line discipline. 1108 * 1109 * Locking: 1110 * Locks the line discipline as required 1111 * Writes to the tty driver are serialized by the atomic_write_lock 1112 * and are then processed in chunks to the device. The line discipline 1113 * write method will not be invoked in parallel for each device. 1114 */ 1115 1116 static ssize_t tty_write(struct file *file, const char __user *buf, 1117 size_t count, loff_t *ppos) 1118 { 1119 struct inode *inode = file->f_path.dentry->d_inode; 1120 struct tty_struct *tty = file_tty(file); 1121 struct tty_ldisc *ld; 1122 ssize_t ret; 1123 1124 if (tty_paranoia_check(tty, inode, "tty_write")) 1125 return -EIO; 1126 if (!tty || !tty->ops->write || 1127 (test_bit(TTY_IO_ERROR, &tty->flags))) 1128 return -EIO; 1129 /* Short term debug to catch buggy drivers */ 1130 if (tty->ops->write_room == NULL) 1131 printk(KERN_ERR "tty driver %s lacks a write_room method.\n", 1132 tty->driver->name); 1133 ld = tty_ldisc_ref_wait(tty); 1134 if (!ld->ops->write) 1135 ret = -EIO; 1136 else 1137 ret = do_tty_write(ld->ops->write, tty, file, buf, count); 1138 tty_ldisc_deref(ld); 1139 return ret; 1140 } 1141 1142 ssize_t redirected_tty_write(struct file *file, const char __user *buf, 1143 size_t count, loff_t *ppos) 1144 { 1145 struct file *p = NULL; 1146 1147 spin_lock(&redirect_lock); 1148 if (redirect) { 1149 get_file(redirect); 1150 p = redirect; 1151 } 1152 spin_unlock(&redirect_lock); 1153 1154 if (p) { 1155 ssize_t res; 1156 res = vfs_write(p, buf, count, &p->f_pos); 1157 fput(p); 1158 return res; 1159 } 1160 return tty_write(file, buf, count, ppos); 1161 } 1162 1163 static char ptychar[] = "pqrstuvwxyzabcde"; 1164 1165 /** 1166 * pty_line_name - generate name for a pty 1167 * @driver: the tty driver in use 1168 * @index: the minor number 1169 * @p: output buffer of at least 6 bytes 1170 * 1171 * Generate a name from a driver reference and write it to the output 1172 * buffer. 1173 * 1174 * Locking: None 1175 */ 1176 static void pty_line_name(struct tty_driver *driver, int index, char *p) 1177 { 1178 int i = index + driver->name_base; 1179 /* ->name is initialized to "ttyp", but "tty" is expected */ 1180 sprintf(p, "%s%c%x", 1181 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1182 ptychar[i >> 4 & 0xf], i & 0xf); 1183 } 1184 1185 /** 1186 * tty_line_name - generate name for a tty 1187 * @driver: the tty driver in use 1188 * @index: the minor number 1189 * @p: output buffer of at least 7 bytes 1190 * 1191 * Generate a name from a driver reference and write it to the output 1192 * buffer. 1193 * 1194 * Locking: None 1195 */ 1196 static void tty_line_name(struct tty_driver *driver, int index, char *p) 1197 { 1198 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1199 } 1200 1201 /** 1202 * tty_driver_lookup_tty() - find an existing tty, if any 1203 * @driver: the driver for the tty 1204 * @idx: the minor number 1205 * 1206 * Return the tty, if found or ERR_PTR() otherwise. 1207 * 1208 * Locking: tty_mutex must be held. If tty is found, the mutex must 1209 * be held until the 'fast-open' is also done. Will change once we 1210 * have refcounting in the driver and per driver locking 1211 */ 1212 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1213 struct inode *inode, int idx) 1214 { 1215 struct tty_struct *tty; 1216 1217 if (driver->ops->lookup) 1218 return driver->ops->lookup(driver, inode, idx); 1219 1220 tty = driver->ttys[idx]; 1221 return tty; 1222 } 1223 1224 /** 1225 * tty_init_termios - helper for termios setup 1226 * @tty: the tty to set up 1227 * 1228 * Initialise the termios structures for this tty. Thus runs under 1229 * the tty_mutex currently so we can be relaxed about ordering. 1230 */ 1231 1232 int tty_init_termios(struct tty_struct *tty) 1233 { 1234 struct ktermios *tp; 1235 int idx = tty->index; 1236 1237 tp = tty->driver->termios[idx]; 1238 if (tp == NULL) { 1239 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL); 1240 if (tp == NULL) 1241 return -ENOMEM; 1242 memcpy(tp, &tty->driver->init_termios, 1243 sizeof(struct ktermios)); 1244 tty->driver->termios[idx] = tp; 1245 } 1246 tty->termios = tp; 1247 tty->termios_locked = tp + 1; 1248 1249 /* Compatibility until drivers always set this */ 1250 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1251 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1252 return 0; 1253 } 1254 EXPORT_SYMBOL_GPL(tty_init_termios); 1255 1256 /** 1257 * tty_driver_install_tty() - install a tty entry in the driver 1258 * @driver: the driver for the tty 1259 * @tty: the tty 1260 * 1261 * Install a tty object into the driver tables. The tty->index field 1262 * will be set by the time this is called. This method is responsible 1263 * for ensuring any need additional structures are allocated and 1264 * configured. 1265 * 1266 * Locking: tty_mutex for now 1267 */ 1268 static int tty_driver_install_tty(struct tty_driver *driver, 1269 struct tty_struct *tty) 1270 { 1271 int idx = tty->index; 1272 int ret; 1273 1274 if (driver->ops->install) { 1275 ret = driver->ops->install(driver, tty); 1276 return ret; 1277 } 1278 1279 if (tty_init_termios(tty) == 0) { 1280 tty_driver_kref_get(driver); 1281 tty->count++; 1282 driver->ttys[idx] = tty; 1283 return 0; 1284 } 1285 return -ENOMEM; 1286 } 1287 1288 /** 1289 * tty_driver_remove_tty() - remove a tty from the driver tables 1290 * @driver: the driver for the tty 1291 * @idx: the minor number 1292 * 1293 * Remvoe a tty object from the driver tables. The tty->index field 1294 * will be set by the time this is called. 1295 * 1296 * Locking: tty_mutex for now 1297 */ 1298 static void tty_driver_remove_tty(struct tty_driver *driver, 1299 struct tty_struct *tty) 1300 { 1301 if (driver->ops->remove) 1302 driver->ops->remove(driver, tty); 1303 else 1304 driver->ttys[tty->index] = NULL; 1305 } 1306 1307 /* 1308 * tty_reopen() - fast re-open of an open tty 1309 * @tty - the tty to open 1310 * 1311 * Return 0 on success, -errno on error. 1312 * 1313 * Locking: tty_mutex must be held from the time the tty was found 1314 * till this open completes. 1315 */ 1316 static int tty_reopen(struct tty_struct *tty) 1317 { 1318 struct tty_driver *driver = tty->driver; 1319 1320 if (test_bit(TTY_CLOSING, &tty->flags) || 1321 test_bit(TTY_HUPPING, &tty->flags) || 1322 test_bit(TTY_LDISC_CHANGING, &tty->flags)) 1323 return -EIO; 1324 1325 if (driver->type == TTY_DRIVER_TYPE_PTY && 1326 driver->subtype == PTY_TYPE_MASTER) { 1327 /* 1328 * special case for PTY masters: only one open permitted, 1329 * and the slave side open count is incremented as well. 1330 */ 1331 if (tty->count) 1332 return -EIO; 1333 1334 tty->link->count++; 1335 } 1336 tty->count++; 1337 tty->driver = driver; /* N.B. why do this every time?? */ 1338 1339 mutex_lock(&tty->ldisc_mutex); 1340 WARN_ON(!test_bit(TTY_LDISC, &tty->flags)); 1341 mutex_unlock(&tty->ldisc_mutex); 1342 1343 return 0; 1344 } 1345 1346 /** 1347 * tty_init_dev - initialise a tty device 1348 * @driver: tty driver we are opening a device on 1349 * @idx: device index 1350 * @ret_tty: returned tty structure 1351 * @first_ok: ok to open a new device (used by ptmx) 1352 * 1353 * Prepare a tty device. This may not be a "new" clean device but 1354 * could also be an active device. The pty drivers require special 1355 * handling because of this. 1356 * 1357 * Locking: 1358 * The function is called under the tty_mutex, which 1359 * protects us from the tty struct or driver itself going away. 1360 * 1361 * On exit the tty device has the line discipline attached and 1362 * a reference count of 1. If a pair was created for pty/tty use 1363 * and the other was a pty master then it too has a reference count of 1. 1364 * 1365 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1366 * failed open. The new code protects the open with a mutex, so it's 1367 * really quite straightforward. The mutex locking can probably be 1368 * relaxed for the (most common) case of reopening a tty. 1369 */ 1370 1371 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx, 1372 int first_ok) 1373 { 1374 struct tty_struct *tty; 1375 int retval; 1376 1377 /* Check if pty master is being opened multiple times */ 1378 if (driver->subtype == PTY_TYPE_MASTER && 1379 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) { 1380 return ERR_PTR(-EIO); 1381 } 1382 1383 /* 1384 * First time open is complex, especially for PTY devices. 1385 * This code guarantees that either everything succeeds and the 1386 * TTY is ready for operation, or else the table slots are vacated 1387 * and the allocated memory released. (Except that the termios 1388 * and locked termios may be retained.) 1389 */ 1390 1391 if (!try_module_get(driver->owner)) 1392 return ERR_PTR(-ENODEV); 1393 1394 tty = alloc_tty_struct(); 1395 if (!tty) 1396 goto fail_no_mem; 1397 initialize_tty_struct(tty, driver, idx); 1398 1399 retval = tty_driver_install_tty(driver, tty); 1400 if (retval < 0) { 1401 free_tty_struct(tty); 1402 module_put(driver->owner); 1403 return ERR_PTR(retval); 1404 } 1405 1406 /* 1407 * Structures all installed ... call the ldisc open routines. 1408 * If we fail here just call release_tty to clean up. No need 1409 * to decrement the use counts, as release_tty doesn't care. 1410 */ 1411 retval = tty_ldisc_setup(tty, tty->link); 1412 if (retval) 1413 goto release_mem_out; 1414 return tty; 1415 1416 fail_no_mem: 1417 module_put(driver->owner); 1418 return ERR_PTR(-ENOMEM); 1419 1420 /* call the tty release_tty routine to clean out this slot */ 1421 release_mem_out: 1422 if (printk_ratelimit()) 1423 printk(KERN_INFO "tty_init_dev: ldisc open failed, " 1424 "clearing slot %d\n", idx); 1425 release_tty(tty, idx); 1426 return ERR_PTR(retval); 1427 } 1428 1429 void tty_free_termios(struct tty_struct *tty) 1430 { 1431 struct ktermios *tp; 1432 int idx = tty->index; 1433 /* Kill this flag and push into drivers for locking etc */ 1434 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 1435 /* FIXME: Locking on ->termios array */ 1436 tp = tty->termios; 1437 tty->driver->termios[idx] = NULL; 1438 kfree(tp); 1439 } 1440 } 1441 EXPORT_SYMBOL(tty_free_termios); 1442 1443 void tty_shutdown(struct tty_struct *tty) 1444 { 1445 tty_driver_remove_tty(tty->driver, tty); 1446 tty_free_termios(tty); 1447 } 1448 EXPORT_SYMBOL(tty_shutdown); 1449 1450 /** 1451 * release_one_tty - release tty structure memory 1452 * @kref: kref of tty we are obliterating 1453 * 1454 * Releases memory associated with a tty structure, and clears out the 1455 * driver table slots. This function is called when a device is no longer 1456 * in use. It also gets called when setup of a device fails. 1457 * 1458 * Locking: 1459 * tty_mutex - sometimes only 1460 * takes the file list lock internally when working on the list 1461 * of ttys that the driver keeps. 1462 * 1463 * This method gets called from a work queue so that the driver private 1464 * cleanup ops can sleep (needed for USB at least) 1465 */ 1466 static void release_one_tty(struct work_struct *work) 1467 { 1468 struct tty_struct *tty = 1469 container_of(work, struct tty_struct, hangup_work); 1470 struct tty_driver *driver = tty->driver; 1471 1472 if (tty->ops->cleanup) 1473 tty->ops->cleanup(tty); 1474 1475 tty->magic = 0; 1476 tty_driver_kref_put(driver); 1477 module_put(driver->owner); 1478 1479 spin_lock(&tty_files_lock); 1480 list_del_init(&tty->tty_files); 1481 spin_unlock(&tty_files_lock); 1482 1483 put_pid(tty->pgrp); 1484 put_pid(tty->session); 1485 free_tty_struct(tty); 1486 } 1487 1488 static void queue_release_one_tty(struct kref *kref) 1489 { 1490 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1491 1492 if (tty->ops->shutdown) 1493 tty->ops->shutdown(tty); 1494 else 1495 tty_shutdown(tty); 1496 1497 /* The hangup queue is now free so we can reuse it rather than 1498 waste a chunk of memory for each port */ 1499 INIT_WORK(&tty->hangup_work, release_one_tty); 1500 schedule_work(&tty->hangup_work); 1501 } 1502 1503 /** 1504 * tty_kref_put - release a tty kref 1505 * @tty: tty device 1506 * 1507 * Release a reference to a tty device and if need be let the kref 1508 * layer destruct the object for us 1509 */ 1510 1511 void tty_kref_put(struct tty_struct *tty) 1512 { 1513 if (tty) 1514 kref_put(&tty->kref, queue_release_one_tty); 1515 } 1516 EXPORT_SYMBOL(tty_kref_put); 1517 1518 /** 1519 * release_tty - release tty structure memory 1520 * 1521 * Release both @tty and a possible linked partner (think pty pair), 1522 * and decrement the refcount of the backing module. 1523 * 1524 * Locking: 1525 * tty_mutex - sometimes only 1526 * takes the file list lock internally when working on the list 1527 * of ttys that the driver keeps. 1528 * FIXME: should we require tty_mutex is held here ?? 1529 * 1530 */ 1531 static void release_tty(struct tty_struct *tty, int idx) 1532 { 1533 /* This should always be true but check for the moment */ 1534 WARN_ON(tty->index != idx); 1535 1536 if (tty->link) 1537 tty_kref_put(tty->link); 1538 tty_kref_put(tty); 1539 } 1540 1541 /** 1542 * tty_release - vfs callback for close 1543 * @inode: inode of tty 1544 * @filp: file pointer for handle to tty 1545 * 1546 * Called the last time each file handle is closed that references 1547 * this tty. There may however be several such references. 1548 * 1549 * Locking: 1550 * Takes bkl. See tty_release_dev 1551 * 1552 * Even releasing the tty structures is a tricky business.. We have 1553 * to be very careful that the structures are all released at the 1554 * same time, as interrupts might otherwise get the wrong pointers. 1555 * 1556 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1557 * lead to double frees or releasing memory still in use. 1558 */ 1559 1560 int tty_release(struct inode *inode, struct file *filp) 1561 { 1562 struct tty_struct *tty = file_tty(filp); 1563 struct tty_struct *o_tty; 1564 int pty_master, tty_closing, o_tty_closing, do_sleep; 1565 int devpts; 1566 int idx; 1567 char buf[64]; 1568 1569 if (tty_paranoia_check(tty, inode, "tty_release_dev")) 1570 return 0; 1571 1572 tty_lock(); 1573 check_tty_count(tty, "tty_release_dev"); 1574 1575 __tty_fasync(-1, filp, 0); 1576 1577 idx = tty->index; 1578 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1579 tty->driver->subtype == PTY_TYPE_MASTER); 1580 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 1581 o_tty = tty->link; 1582 1583 #ifdef TTY_PARANOIA_CHECK 1584 if (idx < 0 || idx >= tty->driver->num) { 1585 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to " 1586 "free (%s)\n", tty->name); 1587 tty_unlock(); 1588 return 0; 1589 } 1590 if (!devpts) { 1591 if (tty != tty->driver->ttys[idx]) { 1592 tty_unlock(); 1593 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty " 1594 "for (%s)\n", idx, tty->name); 1595 return 0; 1596 } 1597 if (tty->termios != tty->driver->termios[idx]) { 1598 tty_unlock(); 1599 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios " 1600 "for (%s)\n", 1601 idx, tty->name); 1602 return 0; 1603 } 1604 } 1605 #endif 1606 1607 #ifdef TTY_DEBUG_HANGUP 1608 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...", 1609 tty_name(tty, buf), tty->count); 1610 #endif 1611 1612 #ifdef TTY_PARANOIA_CHECK 1613 if (tty->driver->other && 1614 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 1615 if (o_tty != tty->driver->other->ttys[idx]) { 1616 tty_unlock(); 1617 printk(KERN_DEBUG "tty_release_dev: other->table[%d] " 1618 "not o_tty for (%s)\n", 1619 idx, tty->name); 1620 return 0 ; 1621 } 1622 if (o_tty->termios != tty->driver->other->termios[idx]) { 1623 tty_unlock(); 1624 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] " 1625 "not o_termios for (%s)\n", 1626 idx, tty->name); 1627 return 0; 1628 } 1629 if (o_tty->link != tty) { 1630 tty_unlock(); 1631 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n"); 1632 return 0; 1633 } 1634 } 1635 #endif 1636 if (tty->ops->close) 1637 tty->ops->close(tty, filp); 1638 1639 tty_unlock(); 1640 /* 1641 * Sanity check: if tty->count is going to zero, there shouldn't be 1642 * any waiters on tty->read_wait or tty->write_wait. We test the 1643 * wait queues and kick everyone out _before_ actually starting to 1644 * close. This ensures that we won't block while releasing the tty 1645 * structure. 1646 * 1647 * The test for the o_tty closing is necessary, since the master and 1648 * slave sides may close in any order. If the slave side closes out 1649 * first, its count will be one, since the master side holds an open. 1650 * Thus this test wouldn't be triggered at the time the slave closes, 1651 * so we do it now. 1652 * 1653 * Note that it's possible for the tty to be opened again while we're 1654 * flushing out waiters. By recalculating the closing flags before 1655 * each iteration we avoid any problems. 1656 */ 1657 while (1) { 1658 /* Guard against races with tty->count changes elsewhere and 1659 opens on /dev/tty */ 1660 1661 mutex_lock(&tty_mutex); 1662 tty_lock(); 1663 tty_closing = tty->count <= 1; 1664 o_tty_closing = o_tty && 1665 (o_tty->count <= (pty_master ? 1 : 0)); 1666 do_sleep = 0; 1667 1668 if (tty_closing) { 1669 if (waitqueue_active(&tty->read_wait)) { 1670 wake_up_poll(&tty->read_wait, POLLIN); 1671 do_sleep++; 1672 } 1673 if (waitqueue_active(&tty->write_wait)) { 1674 wake_up_poll(&tty->write_wait, POLLOUT); 1675 do_sleep++; 1676 } 1677 } 1678 if (o_tty_closing) { 1679 if (waitqueue_active(&o_tty->read_wait)) { 1680 wake_up_poll(&o_tty->read_wait, POLLIN); 1681 do_sleep++; 1682 } 1683 if (waitqueue_active(&o_tty->write_wait)) { 1684 wake_up_poll(&o_tty->write_wait, POLLOUT); 1685 do_sleep++; 1686 } 1687 } 1688 if (!do_sleep) 1689 break; 1690 1691 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue " 1692 "active!\n", tty_name(tty, buf)); 1693 tty_unlock(); 1694 mutex_unlock(&tty_mutex); 1695 schedule(); 1696 } 1697 1698 /* 1699 * The closing flags are now consistent with the open counts on 1700 * both sides, and we've completed the last operation that could 1701 * block, so it's safe to proceed with closing. 1702 */ 1703 if (pty_master) { 1704 if (--o_tty->count < 0) { 1705 printk(KERN_WARNING "tty_release_dev: bad pty slave count " 1706 "(%d) for %s\n", 1707 o_tty->count, tty_name(o_tty, buf)); 1708 o_tty->count = 0; 1709 } 1710 } 1711 if (--tty->count < 0) { 1712 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n", 1713 tty->count, tty_name(tty, buf)); 1714 tty->count = 0; 1715 } 1716 1717 /* 1718 * We've decremented tty->count, so we need to remove this file 1719 * descriptor off the tty->tty_files list; this serves two 1720 * purposes: 1721 * - check_tty_count sees the correct number of file descriptors 1722 * associated with this tty. 1723 * - do_tty_hangup no longer sees this file descriptor as 1724 * something that needs to be handled for hangups. 1725 */ 1726 tty_del_file(filp); 1727 1728 /* 1729 * Perform some housekeeping before deciding whether to return. 1730 * 1731 * Set the TTY_CLOSING flag if this was the last open. In the 1732 * case of a pty we may have to wait around for the other side 1733 * to close, and TTY_CLOSING makes sure we can't be reopened. 1734 */ 1735 if (tty_closing) 1736 set_bit(TTY_CLOSING, &tty->flags); 1737 if (o_tty_closing) 1738 set_bit(TTY_CLOSING, &o_tty->flags); 1739 1740 /* 1741 * If _either_ side is closing, make sure there aren't any 1742 * processes that still think tty or o_tty is their controlling 1743 * tty. 1744 */ 1745 if (tty_closing || o_tty_closing) { 1746 read_lock(&tasklist_lock); 1747 session_clear_tty(tty->session); 1748 if (o_tty) 1749 session_clear_tty(o_tty->session); 1750 read_unlock(&tasklist_lock); 1751 } 1752 1753 mutex_unlock(&tty_mutex); 1754 1755 /* check whether both sides are closing ... */ 1756 if (!tty_closing || (o_tty && !o_tty_closing)) { 1757 tty_unlock(); 1758 return 0; 1759 } 1760 1761 #ifdef TTY_DEBUG_HANGUP 1762 printk(KERN_DEBUG "freeing tty structure..."); 1763 #endif 1764 /* 1765 * Ask the line discipline code to release its structures 1766 */ 1767 tty_ldisc_release(tty, o_tty); 1768 /* 1769 * The release_tty function takes care of the details of clearing 1770 * the slots and preserving the termios structure. 1771 */ 1772 release_tty(tty, idx); 1773 1774 /* Make this pty number available for reallocation */ 1775 if (devpts) 1776 devpts_kill_index(inode, idx); 1777 tty_unlock(); 1778 return 0; 1779 } 1780 1781 /** 1782 * tty_open - open a tty device 1783 * @inode: inode of device file 1784 * @filp: file pointer to tty 1785 * 1786 * tty_open and tty_release keep up the tty count that contains the 1787 * number of opens done on a tty. We cannot use the inode-count, as 1788 * different inodes might point to the same tty. 1789 * 1790 * Open-counting is needed for pty masters, as well as for keeping 1791 * track of serial lines: DTR is dropped when the last close happens. 1792 * (This is not done solely through tty->count, now. - Ted 1/27/92) 1793 * 1794 * The termios state of a pty is reset on first open so that 1795 * settings don't persist across reuse. 1796 * 1797 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work. 1798 * tty->count should protect the rest. 1799 * ->siglock protects ->signal/->sighand 1800 */ 1801 1802 static int tty_open(struct inode *inode, struct file *filp) 1803 { 1804 struct tty_struct *tty = NULL; 1805 int noctty, retval; 1806 struct tty_driver *driver; 1807 int index; 1808 dev_t device = inode->i_rdev; 1809 unsigned saved_flags = filp->f_flags; 1810 1811 nonseekable_open(inode, filp); 1812 1813 retry_open: 1814 noctty = filp->f_flags & O_NOCTTY; 1815 index = -1; 1816 retval = 0; 1817 1818 mutex_lock(&tty_mutex); 1819 tty_lock(); 1820 1821 if (device == MKDEV(TTYAUX_MAJOR, 0)) { 1822 tty = get_current_tty(); 1823 if (!tty) { 1824 tty_unlock(); 1825 mutex_unlock(&tty_mutex); 1826 return -ENXIO; 1827 } 1828 driver = tty_driver_kref_get(tty->driver); 1829 index = tty->index; 1830 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1831 /* noctty = 1; */ 1832 /* FIXME: Should we take a driver reference ? */ 1833 tty_kref_put(tty); 1834 goto got_driver; 1835 } 1836 #ifdef CONFIG_VT 1837 if (device == MKDEV(TTY_MAJOR, 0)) { 1838 extern struct tty_driver *console_driver; 1839 driver = tty_driver_kref_get(console_driver); 1840 index = fg_console; 1841 noctty = 1; 1842 goto got_driver; 1843 } 1844 #endif 1845 if (device == MKDEV(TTYAUX_MAJOR, 1)) { 1846 struct tty_driver *console_driver = console_device(&index); 1847 if (console_driver) { 1848 driver = tty_driver_kref_get(console_driver); 1849 if (driver) { 1850 /* Don't let /dev/console block */ 1851 filp->f_flags |= O_NONBLOCK; 1852 noctty = 1; 1853 goto got_driver; 1854 } 1855 } 1856 tty_unlock(); 1857 mutex_unlock(&tty_mutex); 1858 return -ENODEV; 1859 } 1860 1861 driver = get_tty_driver(device, &index); 1862 if (!driver) { 1863 tty_unlock(); 1864 mutex_unlock(&tty_mutex); 1865 return -ENODEV; 1866 } 1867 got_driver: 1868 if (!tty) { 1869 /* check whether we're reopening an existing tty */ 1870 tty = tty_driver_lookup_tty(driver, inode, index); 1871 1872 if (IS_ERR(tty)) { 1873 tty_unlock(); 1874 mutex_unlock(&tty_mutex); 1875 return PTR_ERR(tty); 1876 } 1877 } 1878 1879 if (tty) { 1880 retval = tty_reopen(tty); 1881 if (retval) 1882 tty = ERR_PTR(retval); 1883 } else 1884 tty = tty_init_dev(driver, index, 0); 1885 1886 mutex_unlock(&tty_mutex); 1887 tty_driver_kref_put(driver); 1888 if (IS_ERR(tty)) { 1889 tty_unlock(); 1890 return PTR_ERR(tty); 1891 } 1892 1893 retval = tty_add_file(tty, filp); 1894 if (retval) { 1895 tty_unlock(); 1896 return retval; 1897 } 1898 1899 check_tty_count(tty, "tty_open"); 1900 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1901 tty->driver->subtype == PTY_TYPE_MASTER) 1902 noctty = 1; 1903 #ifdef TTY_DEBUG_HANGUP 1904 printk(KERN_DEBUG "opening %s...", tty->name); 1905 #endif 1906 if (!retval) { 1907 if (tty->ops->open) 1908 retval = tty->ops->open(tty, filp); 1909 else 1910 retval = -ENODEV; 1911 } 1912 filp->f_flags = saved_flags; 1913 1914 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && 1915 !capable(CAP_SYS_ADMIN)) 1916 retval = -EBUSY; 1917 1918 if (retval) { 1919 #ifdef TTY_DEBUG_HANGUP 1920 printk(KERN_DEBUG "error %d in opening %s...", retval, 1921 tty->name); 1922 #endif 1923 tty_unlock(); /* need to call tty_release without BTM */ 1924 tty_release(inode, filp); 1925 if (retval != -ERESTARTSYS) 1926 return retval; 1927 1928 if (signal_pending(current)) 1929 return retval; 1930 1931 schedule(); 1932 /* 1933 * Need to reset f_op in case a hangup happened. 1934 */ 1935 tty_lock(); 1936 if (filp->f_op == &hung_up_tty_fops) 1937 filp->f_op = &tty_fops; 1938 tty_unlock(); 1939 goto retry_open; 1940 } 1941 tty_unlock(); 1942 1943 1944 mutex_lock(&tty_mutex); 1945 tty_lock(); 1946 spin_lock_irq(¤t->sighand->siglock); 1947 if (!noctty && 1948 current->signal->leader && 1949 !current->signal->tty && 1950 tty->session == NULL) 1951 __proc_set_tty(current, tty); 1952 spin_unlock_irq(¤t->sighand->siglock); 1953 tty_unlock(); 1954 mutex_unlock(&tty_mutex); 1955 return 0; 1956 } 1957 1958 1959 1960 /** 1961 * tty_poll - check tty status 1962 * @filp: file being polled 1963 * @wait: poll wait structures to update 1964 * 1965 * Call the line discipline polling method to obtain the poll 1966 * status of the device. 1967 * 1968 * Locking: locks called line discipline but ldisc poll method 1969 * may be re-entered freely by other callers. 1970 */ 1971 1972 static unsigned int tty_poll(struct file *filp, poll_table *wait) 1973 { 1974 struct tty_struct *tty = file_tty(filp); 1975 struct tty_ldisc *ld; 1976 int ret = 0; 1977 1978 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 1979 return 0; 1980 1981 ld = tty_ldisc_ref_wait(tty); 1982 if (ld->ops->poll) 1983 ret = (ld->ops->poll)(tty, filp, wait); 1984 tty_ldisc_deref(ld); 1985 return ret; 1986 } 1987 1988 static int __tty_fasync(int fd, struct file *filp, int on) 1989 { 1990 struct tty_struct *tty = file_tty(filp); 1991 unsigned long flags; 1992 int retval = 0; 1993 1994 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 1995 goto out; 1996 1997 retval = fasync_helper(fd, filp, on, &tty->fasync); 1998 if (retval <= 0) 1999 goto out; 2000 2001 if (on) { 2002 enum pid_type type; 2003 struct pid *pid; 2004 if (!waitqueue_active(&tty->read_wait)) 2005 tty->minimum_to_wake = 1; 2006 spin_lock_irqsave(&tty->ctrl_lock, flags); 2007 if (tty->pgrp) { 2008 pid = tty->pgrp; 2009 type = PIDTYPE_PGID; 2010 } else { 2011 pid = task_pid(current); 2012 type = PIDTYPE_PID; 2013 } 2014 get_pid(pid); 2015 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2016 retval = __f_setown(filp, pid, type, 0); 2017 put_pid(pid); 2018 if (retval) 2019 goto out; 2020 } else { 2021 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2022 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2023 } 2024 retval = 0; 2025 out: 2026 return retval; 2027 } 2028 2029 static int tty_fasync(int fd, struct file *filp, int on) 2030 { 2031 int retval; 2032 tty_lock(); 2033 retval = __tty_fasync(fd, filp, on); 2034 tty_unlock(); 2035 return retval; 2036 } 2037 2038 /** 2039 * tiocsti - fake input character 2040 * @tty: tty to fake input into 2041 * @p: pointer to character 2042 * 2043 * Fake input to a tty device. Does the necessary locking and 2044 * input management. 2045 * 2046 * FIXME: does not honour flow control ?? 2047 * 2048 * Locking: 2049 * Called functions take tty_ldisc_lock 2050 * current->signal->tty check is safe without locks 2051 * 2052 * FIXME: may race normal receive processing 2053 */ 2054 2055 static int tiocsti(struct tty_struct *tty, char __user *p) 2056 { 2057 char ch, mbz = 0; 2058 struct tty_ldisc *ld; 2059 2060 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2061 return -EPERM; 2062 if (get_user(ch, p)) 2063 return -EFAULT; 2064 tty_audit_tiocsti(tty, ch); 2065 ld = tty_ldisc_ref_wait(tty); 2066 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2067 tty_ldisc_deref(ld); 2068 return 0; 2069 } 2070 2071 /** 2072 * tiocgwinsz - implement window query ioctl 2073 * @tty; tty 2074 * @arg: user buffer for result 2075 * 2076 * Copies the kernel idea of the window size into the user buffer. 2077 * 2078 * Locking: tty->termios_mutex is taken to ensure the winsize data 2079 * is consistent. 2080 */ 2081 2082 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2083 { 2084 int err; 2085 2086 mutex_lock(&tty->termios_mutex); 2087 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2088 mutex_unlock(&tty->termios_mutex); 2089 2090 return err ? -EFAULT: 0; 2091 } 2092 2093 /** 2094 * tty_do_resize - resize event 2095 * @tty: tty being resized 2096 * @rows: rows (character) 2097 * @cols: cols (character) 2098 * 2099 * Update the termios variables and send the necessary signals to 2100 * peform a terminal resize correctly 2101 */ 2102 2103 int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2104 { 2105 struct pid *pgrp; 2106 unsigned long flags; 2107 2108 /* Lock the tty */ 2109 mutex_lock(&tty->termios_mutex); 2110 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2111 goto done; 2112 /* Get the PID values and reference them so we can 2113 avoid holding the tty ctrl lock while sending signals */ 2114 spin_lock_irqsave(&tty->ctrl_lock, flags); 2115 pgrp = get_pid(tty->pgrp); 2116 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2117 2118 if (pgrp) 2119 kill_pgrp(pgrp, SIGWINCH, 1); 2120 put_pid(pgrp); 2121 2122 tty->winsize = *ws; 2123 done: 2124 mutex_unlock(&tty->termios_mutex); 2125 return 0; 2126 } 2127 2128 /** 2129 * tiocswinsz - implement window size set ioctl 2130 * @tty; tty side of tty 2131 * @arg: user buffer for result 2132 * 2133 * Copies the user idea of the window size to the kernel. Traditionally 2134 * this is just advisory information but for the Linux console it 2135 * actually has driver level meaning and triggers a VC resize. 2136 * 2137 * Locking: 2138 * Driver dependant. The default do_resize method takes the 2139 * tty termios mutex and ctrl_lock. The console takes its own lock 2140 * then calls into the default method. 2141 */ 2142 2143 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2144 { 2145 struct winsize tmp_ws; 2146 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2147 return -EFAULT; 2148 2149 if (tty->ops->resize) 2150 return tty->ops->resize(tty, &tmp_ws); 2151 else 2152 return tty_do_resize(tty, &tmp_ws); 2153 } 2154 2155 /** 2156 * tioccons - allow admin to move logical console 2157 * @file: the file to become console 2158 * 2159 * Allow the adminstrator to move the redirected console device 2160 * 2161 * Locking: uses redirect_lock to guard the redirect information 2162 */ 2163 2164 static int tioccons(struct file *file) 2165 { 2166 if (!capable(CAP_SYS_ADMIN)) 2167 return -EPERM; 2168 if (file->f_op->write == redirected_tty_write) { 2169 struct file *f; 2170 spin_lock(&redirect_lock); 2171 f = redirect; 2172 redirect = NULL; 2173 spin_unlock(&redirect_lock); 2174 if (f) 2175 fput(f); 2176 return 0; 2177 } 2178 spin_lock(&redirect_lock); 2179 if (redirect) { 2180 spin_unlock(&redirect_lock); 2181 return -EBUSY; 2182 } 2183 get_file(file); 2184 redirect = file; 2185 spin_unlock(&redirect_lock); 2186 return 0; 2187 } 2188 2189 /** 2190 * fionbio - non blocking ioctl 2191 * @file: file to set blocking value 2192 * @p: user parameter 2193 * 2194 * Historical tty interfaces had a blocking control ioctl before 2195 * the generic functionality existed. This piece of history is preserved 2196 * in the expected tty API of posix OS's. 2197 * 2198 * Locking: none, the open file handle ensures it won't go away. 2199 */ 2200 2201 static int fionbio(struct file *file, int __user *p) 2202 { 2203 int nonblock; 2204 2205 if (get_user(nonblock, p)) 2206 return -EFAULT; 2207 2208 spin_lock(&file->f_lock); 2209 if (nonblock) 2210 file->f_flags |= O_NONBLOCK; 2211 else 2212 file->f_flags &= ~O_NONBLOCK; 2213 spin_unlock(&file->f_lock); 2214 return 0; 2215 } 2216 2217 /** 2218 * tiocsctty - set controlling tty 2219 * @tty: tty structure 2220 * @arg: user argument 2221 * 2222 * This ioctl is used to manage job control. It permits a session 2223 * leader to set this tty as the controlling tty for the session. 2224 * 2225 * Locking: 2226 * Takes tty_mutex() to protect tty instance 2227 * Takes tasklist_lock internally to walk sessions 2228 * Takes ->siglock() when updating signal->tty 2229 */ 2230 2231 static int tiocsctty(struct tty_struct *tty, int arg) 2232 { 2233 int ret = 0; 2234 if (current->signal->leader && (task_session(current) == tty->session)) 2235 return ret; 2236 2237 mutex_lock(&tty_mutex); 2238 /* 2239 * The process must be a session leader and 2240 * not have a controlling tty already. 2241 */ 2242 if (!current->signal->leader || current->signal->tty) { 2243 ret = -EPERM; 2244 goto unlock; 2245 } 2246 2247 if (tty->session) { 2248 /* 2249 * This tty is already the controlling 2250 * tty for another session group! 2251 */ 2252 if (arg == 1 && capable(CAP_SYS_ADMIN)) { 2253 /* 2254 * Steal it away 2255 */ 2256 read_lock(&tasklist_lock); 2257 session_clear_tty(tty->session); 2258 read_unlock(&tasklist_lock); 2259 } else { 2260 ret = -EPERM; 2261 goto unlock; 2262 } 2263 } 2264 proc_set_tty(current, tty); 2265 unlock: 2266 mutex_unlock(&tty_mutex); 2267 return ret; 2268 } 2269 2270 /** 2271 * tty_get_pgrp - return a ref counted pgrp pid 2272 * @tty: tty to read 2273 * 2274 * Returns a refcounted instance of the pid struct for the process 2275 * group controlling the tty. 2276 */ 2277 2278 struct pid *tty_get_pgrp(struct tty_struct *tty) 2279 { 2280 unsigned long flags; 2281 struct pid *pgrp; 2282 2283 spin_lock_irqsave(&tty->ctrl_lock, flags); 2284 pgrp = get_pid(tty->pgrp); 2285 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2286 2287 return pgrp; 2288 } 2289 EXPORT_SYMBOL_GPL(tty_get_pgrp); 2290 2291 /** 2292 * tiocgpgrp - get process group 2293 * @tty: tty passed by user 2294 * @real_tty: tty side of the tty pased by the user if a pty else the tty 2295 * @p: returned pid 2296 * 2297 * Obtain the process group of the tty. If there is no process group 2298 * return an error. 2299 * 2300 * Locking: none. Reference to current->signal->tty is safe. 2301 */ 2302 2303 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2304 { 2305 struct pid *pid; 2306 int ret; 2307 /* 2308 * (tty == real_tty) is a cheap way of 2309 * testing if the tty is NOT a master pty. 2310 */ 2311 if (tty == real_tty && current->signal->tty != real_tty) 2312 return -ENOTTY; 2313 pid = tty_get_pgrp(real_tty); 2314 ret = put_user(pid_vnr(pid), p); 2315 put_pid(pid); 2316 return ret; 2317 } 2318 2319 /** 2320 * tiocspgrp - attempt to set process group 2321 * @tty: tty passed by user 2322 * @real_tty: tty side device matching tty passed by user 2323 * @p: pid pointer 2324 * 2325 * Set the process group of the tty to the session passed. Only 2326 * permitted where the tty session is our session. 2327 * 2328 * Locking: RCU, ctrl lock 2329 */ 2330 2331 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2332 { 2333 struct pid *pgrp; 2334 pid_t pgrp_nr; 2335 int retval = tty_check_change(real_tty); 2336 unsigned long flags; 2337 2338 if (retval == -EIO) 2339 return -ENOTTY; 2340 if (retval) 2341 return retval; 2342 if (!current->signal->tty || 2343 (current->signal->tty != real_tty) || 2344 (real_tty->session != task_session(current))) 2345 return -ENOTTY; 2346 if (get_user(pgrp_nr, p)) 2347 return -EFAULT; 2348 if (pgrp_nr < 0) 2349 return -EINVAL; 2350 rcu_read_lock(); 2351 pgrp = find_vpid(pgrp_nr); 2352 retval = -ESRCH; 2353 if (!pgrp) 2354 goto out_unlock; 2355 retval = -EPERM; 2356 if (session_of_pgrp(pgrp) != task_session(current)) 2357 goto out_unlock; 2358 retval = 0; 2359 spin_lock_irqsave(&tty->ctrl_lock, flags); 2360 put_pid(real_tty->pgrp); 2361 real_tty->pgrp = get_pid(pgrp); 2362 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2363 out_unlock: 2364 rcu_read_unlock(); 2365 return retval; 2366 } 2367 2368 /** 2369 * tiocgsid - get session id 2370 * @tty: tty passed by user 2371 * @real_tty: tty side of the tty pased by the user if a pty else the tty 2372 * @p: pointer to returned session id 2373 * 2374 * Obtain the session id of the tty. If there is no session 2375 * return an error. 2376 * 2377 * Locking: none. Reference to current->signal->tty is safe. 2378 */ 2379 2380 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2381 { 2382 /* 2383 * (tty == real_tty) is a cheap way of 2384 * testing if the tty is NOT a master pty. 2385 */ 2386 if (tty == real_tty && current->signal->tty != real_tty) 2387 return -ENOTTY; 2388 if (!real_tty->session) 2389 return -ENOTTY; 2390 return put_user(pid_vnr(real_tty->session), p); 2391 } 2392 2393 /** 2394 * tiocsetd - set line discipline 2395 * @tty: tty device 2396 * @p: pointer to user data 2397 * 2398 * Set the line discipline according to user request. 2399 * 2400 * Locking: see tty_set_ldisc, this function is just a helper 2401 */ 2402 2403 static int tiocsetd(struct tty_struct *tty, int __user *p) 2404 { 2405 int ldisc; 2406 int ret; 2407 2408 if (get_user(ldisc, p)) 2409 return -EFAULT; 2410 2411 ret = tty_set_ldisc(tty, ldisc); 2412 2413 return ret; 2414 } 2415 2416 /** 2417 * send_break - performed time break 2418 * @tty: device to break on 2419 * @duration: timeout in mS 2420 * 2421 * Perform a timed break on hardware that lacks its own driver level 2422 * timed break functionality. 2423 * 2424 * Locking: 2425 * atomic_write_lock serializes 2426 * 2427 */ 2428 2429 static int send_break(struct tty_struct *tty, unsigned int duration) 2430 { 2431 int retval; 2432 2433 if (tty->ops->break_ctl == NULL) 2434 return 0; 2435 2436 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2437 retval = tty->ops->break_ctl(tty, duration); 2438 else { 2439 /* Do the work ourselves */ 2440 if (tty_write_lock(tty, 0) < 0) 2441 return -EINTR; 2442 retval = tty->ops->break_ctl(tty, -1); 2443 if (retval) 2444 goto out; 2445 if (!signal_pending(current)) 2446 msleep_interruptible(duration); 2447 retval = tty->ops->break_ctl(tty, 0); 2448 out: 2449 tty_write_unlock(tty); 2450 if (signal_pending(current)) 2451 retval = -EINTR; 2452 } 2453 return retval; 2454 } 2455 2456 /** 2457 * tty_tiocmget - get modem status 2458 * @tty: tty device 2459 * @file: user file pointer 2460 * @p: pointer to result 2461 * 2462 * Obtain the modem status bits from the tty driver if the feature 2463 * is supported. Return -EINVAL if it is not available. 2464 * 2465 * Locking: none (up to the driver) 2466 */ 2467 2468 static int tty_tiocmget(struct tty_struct *tty, struct file *file, int __user *p) 2469 { 2470 int retval = -EINVAL; 2471 2472 if (tty->ops->tiocmget) { 2473 retval = tty->ops->tiocmget(tty, file); 2474 2475 if (retval >= 0) 2476 retval = put_user(retval, p); 2477 } 2478 return retval; 2479 } 2480 2481 /** 2482 * tty_tiocmset - set modem status 2483 * @tty: tty device 2484 * @file: user file pointer 2485 * @cmd: command - clear bits, set bits or set all 2486 * @p: pointer to desired bits 2487 * 2488 * Set the modem status bits from the tty driver if the feature 2489 * is supported. Return -EINVAL if it is not available. 2490 * 2491 * Locking: none (up to the driver) 2492 */ 2493 2494 static int tty_tiocmset(struct tty_struct *tty, struct file *file, unsigned int cmd, 2495 unsigned __user *p) 2496 { 2497 int retval; 2498 unsigned int set, clear, val; 2499 2500 if (tty->ops->tiocmset == NULL) 2501 return -EINVAL; 2502 2503 retval = get_user(val, p); 2504 if (retval) 2505 return retval; 2506 set = clear = 0; 2507 switch (cmd) { 2508 case TIOCMBIS: 2509 set = val; 2510 break; 2511 case TIOCMBIC: 2512 clear = val; 2513 break; 2514 case TIOCMSET: 2515 set = val; 2516 clear = ~val; 2517 break; 2518 } 2519 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2520 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2521 return tty->ops->tiocmset(tty, file, set, clear); 2522 } 2523 2524 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2525 { 2526 int retval = -EINVAL; 2527 struct serial_icounter_struct icount; 2528 memset(&icount, 0, sizeof(icount)); 2529 if (tty->ops->get_icount) 2530 retval = tty->ops->get_icount(tty, &icount); 2531 if (retval != 0) 2532 return retval; 2533 if (copy_to_user(arg, &icount, sizeof(icount))) 2534 return -EFAULT; 2535 return 0; 2536 } 2537 2538 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2539 { 2540 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2541 tty->driver->subtype == PTY_TYPE_MASTER) 2542 tty = tty->link; 2543 return tty; 2544 } 2545 EXPORT_SYMBOL(tty_pair_get_tty); 2546 2547 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty) 2548 { 2549 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2550 tty->driver->subtype == PTY_TYPE_MASTER) 2551 return tty; 2552 return tty->link; 2553 } 2554 EXPORT_SYMBOL(tty_pair_get_pty); 2555 2556 /* 2557 * Split this up, as gcc can choke on it otherwise.. 2558 */ 2559 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2560 { 2561 struct tty_struct *tty = file_tty(file); 2562 struct tty_struct *real_tty; 2563 void __user *p = (void __user *)arg; 2564 int retval; 2565 struct tty_ldisc *ld; 2566 struct inode *inode = file->f_dentry->d_inode; 2567 2568 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2569 return -EINVAL; 2570 2571 real_tty = tty_pair_get_tty(tty); 2572 2573 /* 2574 * Factor out some common prep work 2575 */ 2576 switch (cmd) { 2577 case TIOCSETD: 2578 case TIOCSBRK: 2579 case TIOCCBRK: 2580 case TCSBRK: 2581 case TCSBRKP: 2582 retval = tty_check_change(tty); 2583 if (retval) 2584 return retval; 2585 if (cmd != TIOCCBRK) { 2586 tty_wait_until_sent(tty, 0); 2587 if (signal_pending(current)) 2588 return -EINTR; 2589 } 2590 break; 2591 } 2592 2593 /* 2594 * Now do the stuff. 2595 */ 2596 switch (cmd) { 2597 case TIOCSTI: 2598 return tiocsti(tty, p); 2599 case TIOCGWINSZ: 2600 return tiocgwinsz(real_tty, p); 2601 case TIOCSWINSZ: 2602 return tiocswinsz(real_tty, p); 2603 case TIOCCONS: 2604 return real_tty != tty ? -EINVAL : tioccons(file); 2605 case FIONBIO: 2606 return fionbio(file, p); 2607 case TIOCEXCL: 2608 set_bit(TTY_EXCLUSIVE, &tty->flags); 2609 return 0; 2610 case TIOCNXCL: 2611 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2612 return 0; 2613 case TIOCNOTTY: 2614 if (current->signal->tty != tty) 2615 return -ENOTTY; 2616 no_tty(); 2617 return 0; 2618 case TIOCSCTTY: 2619 return tiocsctty(tty, arg); 2620 case TIOCGPGRP: 2621 return tiocgpgrp(tty, real_tty, p); 2622 case TIOCSPGRP: 2623 return tiocspgrp(tty, real_tty, p); 2624 case TIOCGSID: 2625 return tiocgsid(tty, real_tty, p); 2626 case TIOCGETD: 2627 return put_user(tty->ldisc->ops->num, (int __user *)p); 2628 case TIOCSETD: 2629 return tiocsetd(tty, p); 2630 case TIOCGDEV: 2631 { 2632 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2633 return put_user(ret, (unsigned int __user *)p); 2634 } 2635 /* 2636 * Break handling 2637 */ 2638 case TIOCSBRK: /* Turn break on, unconditionally */ 2639 if (tty->ops->break_ctl) 2640 return tty->ops->break_ctl(tty, -1); 2641 return 0; 2642 case TIOCCBRK: /* Turn break off, unconditionally */ 2643 if (tty->ops->break_ctl) 2644 return tty->ops->break_ctl(tty, 0); 2645 return 0; 2646 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2647 /* non-zero arg means wait for all output data 2648 * to be sent (performed above) but don't send break. 2649 * This is used by the tcdrain() termios function. 2650 */ 2651 if (!arg) 2652 return send_break(tty, 250); 2653 return 0; 2654 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2655 return send_break(tty, arg ? arg*100 : 250); 2656 2657 case TIOCMGET: 2658 return tty_tiocmget(tty, file, p); 2659 case TIOCMSET: 2660 case TIOCMBIC: 2661 case TIOCMBIS: 2662 return tty_tiocmset(tty, file, cmd, p); 2663 case TIOCGICOUNT: 2664 retval = tty_tiocgicount(tty, p); 2665 /* For the moment allow fall through to the old method */ 2666 if (retval != -EINVAL) 2667 return retval; 2668 break; 2669 case TCFLSH: 2670 switch (arg) { 2671 case TCIFLUSH: 2672 case TCIOFLUSH: 2673 /* flush tty buffer and allow ldisc to process ioctl */ 2674 tty_buffer_flush(tty); 2675 break; 2676 } 2677 break; 2678 } 2679 if (tty->ops->ioctl) { 2680 retval = (tty->ops->ioctl)(tty, file, cmd, arg); 2681 if (retval != -ENOIOCTLCMD) 2682 return retval; 2683 } 2684 ld = tty_ldisc_ref_wait(tty); 2685 retval = -EINVAL; 2686 if (ld->ops->ioctl) { 2687 retval = ld->ops->ioctl(tty, file, cmd, arg); 2688 if (retval == -ENOIOCTLCMD) 2689 retval = -EINVAL; 2690 } 2691 tty_ldisc_deref(ld); 2692 return retval; 2693 } 2694 2695 #ifdef CONFIG_COMPAT 2696 static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2697 unsigned long arg) 2698 { 2699 struct inode *inode = file->f_dentry->d_inode; 2700 struct tty_struct *tty = file_tty(file); 2701 struct tty_ldisc *ld; 2702 int retval = -ENOIOCTLCMD; 2703 2704 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 2705 return -EINVAL; 2706 2707 if (tty->ops->compat_ioctl) { 2708 retval = (tty->ops->compat_ioctl)(tty, file, cmd, arg); 2709 if (retval != -ENOIOCTLCMD) 2710 return retval; 2711 } 2712 2713 ld = tty_ldisc_ref_wait(tty); 2714 if (ld->ops->compat_ioctl) 2715 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 2716 tty_ldisc_deref(ld); 2717 2718 return retval; 2719 } 2720 #endif 2721 2722 /* 2723 * This implements the "Secure Attention Key" --- the idea is to 2724 * prevent trojan horses by killing all processes associated with this 2725 * tty when the user hits the "Secure Attention Key". Required for 2726 * super-paranoid applications --- see the Orange Book for more details. 2727 * 2728 * This code could be nicer; ideally it should send a HUP, wait a few 2729 * seconds, then send a INT, and then a KILL signal. But you then 2730 * have to coordinate with the init process, since all processes associated 2731 * with the current tty must be dead before the new getty is allowed 2732 * to spawn. 2733 * 2734 * Now, if it would be correct ;-/ The current code has a nasty hole - 2735 * it doesn't catch files in flight. We may send the descriptor to ourselves 2736 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 2737 * 2738 * Nasty bug: do_SAK is being called in interrupt context. This can 2739 * deadlock. We punt it up to process context. AKPM - 16Mar2001 2740 */ 2741 void __do_SAK(struct tty_struct *tty) 2742 { 2743 #ifdef TTY_SOFT_SAK 2744 tty_hangup(tty); 2745 #else 2746 struct task_struct *g, *p; 2747 struct pid *session; 2748 int i; 2749 struct file *filp; 2750 struct fdtable *fdt; 2751 2752 if (!tty) 2753 return; 2754 session = tty->session; 2755 2756 tty_ldisc_flush(tty); 2757 2758 tty_driver_flush_buffer(tty); 2759 2760 read_lock(&tasklist_lock); 2761 /* Kill the entire session */ 2762 do_each_pid_task(session, PIDTYPE_SID, p) { 2763 printk(KERN_NOTICE "SAK: killed process %d" 2764 " (%s): task_session(p)==tty->session\n", 2765 task_pid_nr(p), p->comm); 2766 send_sig(SIGKILL, p, 1); 2767 } while_each_pid_task(session, PIDTYPE_SID, p); 2768 /* Now kill any processes that happen to have the 2769 * tty open. 2770 */ 2771 do_each_thread(g, p) { 2772 if (p->signal->tty == tty) { 2773 printk(KERN_NOTICE "SAK: killed process %d" 2774 " (%s): task_session(p)==tty->session\n", 2775 task_pid_nr(p), p->comm); 2776 send_sig(SIGKILL, p, 1); 2777 continue; 2778 } 2779 task_lock(p); 2780 if (p->files) { 2781 /* 2782 * We don't take a ref to the file, so we must 2783 * hold ->file_lock instead. 2784 */ 2785 spin_lock(&p->files->file_lock); 2786 fdt = files_fdtable(p->files); 2787 for (i = 0; i < fdt->max_fds; i++) { 2788 filp = fcheck_files(p->files, i); 2789 if (!filp) 2790 continue; 2791 if (filp->f_op->read == tty_read && 2792 file_tty(filp) == tty) { 2793 printk(KERN_NOTICE "SAK: killed process %d" 2794 " (%s): fd#%d opened to the tty\n", 2795 task_pid_nr(p), p->comm, i); 2796 force_sig(SIGKILL, p); 2797 break; 2798 } 2799 } 2800 spin_unlock(&p->files->file_lock); 2801 } 2802 task_unlock(p); 2803 } while_each_thread(g, p); 2804 read_unlock(&tasklist_lock); 2805 #endif 2806 } 2807 2808 static void do_SAK_work(struct work_struct *work) 2809 { 2810 struct tty_struct *tty = 2811 container_of(work, struct tty_struct, SAK_work); 2812 __do_SAK(tty); 2813 } 2814 2815 /* 2816 * The tq handling here is a little racy - tty->SAK_work may already be queued. 2817 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 2818 * the values which we write to it will be identical to the values which it 2819 * already has. --akpm 2820 */ 2821 void do_SAK(struct tty_struct *tty) 2822 { 2823 if (!tty) 2824 return; 2825 schedule_work(&tty->SAK_work); 2826 } 2827 2828 EXPORT_SYMBOL(do_SAK); 2829 2830 static int dev_match_devt(struct device *dev, void *data) 2831 { 2832 dev_t *devt = data; 2833 return dev->devt == *devt; 2834 } 2835 2836 /* Must put_device() after it's unused! */ 2837 static struct device *tty_get_device(struct tty_struct *tty) 2838 { 2839 dev_t devt = tty_devnum(tty); 2840 return class_find_device(tty_class, NULL, &devt, dev_match_devt); 2841 } 2842 2843 2844 /** 2845 * initialize_tty_struct 2846 * @tty: tty to initialize 2847 * 2848 * This subroutine initializes a tty structure that has been newly 2849 * allocated. 2850 * 2851 * Locking: none - tty in question must not be exposed at this point 2852 */ 2853 2854 void initialize_tty_struct(struct tty_struct *tty, 2855 struct tty_driver *driver, int idx) 2856 { 2857 memset(tty, 0, sizeof(struct tty_struct)); 2858 kref_init(&tty->kref); 2859 tty->magic = TTY_MAGIC; 2860 tty_ldisc_init(tty); 2861 tty->session = NULL; 2862 tty->pgrp = NULL; 2863 tty->overrun_time = jiffies; 2864 tty->buf.head = tty->buf.tail = NULL; 2865 tty_buffer_init(tty); 2866 mutex_init(&tty->termios_mutex); 2867 mutex_init(&tty->ldisc_mutex); 2868 init_waitqueue_head(&tty->write_wait); 2869 init_waitqueue_head(&tty->read_wait); 2870 INIT_WORK(&tty->hangup_work, do_tty_hangup); 2871 mutex_init(&tty->atomic_read_lock); 2872 mutex_init(&tty->atomic_write_lock); 2873 mutex_init(&tty->output_lock); 2874 mutex_init(&tty->echo_lock); 2875 spin_lock_init(&tty->read_lock); 2876 spin_lock_init(&tty->ctrl_lock); 2877 INIT_LIST_HEAD(&tty->tty_files); 2878 INIT_WORK(&tty->SAK_work, do_SAK_work); 2879 2880 tty->driver = driver; 2881 tty->ops = driver->ops; 2882 tty->index = idx; 2883 tty_line_name(driver, idx, tty->name); 2884 tty->dev = tty_get_device(tty); 2885 } 2886 2887 /** 2888 * tty_put_char - write one character to a tty 2889 * @tty: tty 2890 * @ch: character 2891 * 2892 * Write one byte to the tty using the provided put_char method 2893 * if present. Returns the number of characters successfully output. 2894 * 2895 * Note: the specific put_char operation in the driver layer may go 2896 * away soon. Don't call it directly, use this method 2897 */ 2898 2899 int tty_put_char(struct tty_struct *tty, unsigned char ch) 2900 { 2901 if (tty->ops->put_char) 2902 return tty->ops->put_char(tty, ch); 2903 return tty->ops->write(tty, &ch, 1); 2904 } 2905 EXPORT_SYMBOL_GPL(tty_put_char); 2906 2907 struct class *tty_class; 2908 2909 /** 2910 * tty_register_device - register a tty device 2911 * @driver: the tty driver that describes the tty device 2912 * @index: the index in the tty driver for this tty device 2913 * @device: a struct device that is associated with this tty device. 2914 * This field is optional, if there is no known struct device 2915 * for this tty device it can be set to NULL safely. 2916 * 2917 * Returns a pointer to the struct device for this tty device 2918 * (or ERR_PTR(-EFOO) on error). 2919 * 2920 * This call is required to be made to register an individual tty device 2921 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 2922 * that bit is not set, this function should not be called by a tty 2923 * driver. 2924 * 2925 * Locking: ?? 2926 */ 2927 2928 struct device *tty_register_device(struct tty_driver *driver, unsigned index, 2929 struct device *device) 2930 { 2931 char name[64]; 2932 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 2933 2934 if (index >= driver->num) { 2935 printk(KERN_ERR "Attempt to register invalid tty line number " 2936 " (%d).\n", index); 2937 return ERR_PTR(-EINVAL); 2938 } 2939 2940 if (driver->type == TTY_DRIVER_TYPE_PTY) 2941 pty_line_name(driver, index, name); 2942 else 2943 tty_line_name(driver, index, name); 2944 2945 return device_create(tty_class, device, dev, NULL, name); 2946 } 2947 EXPORT_SYMBOL(tty_register_device); 2948 2949 /** 2950 * tty_unregister_device - unregister a tty device 2951 * @driver: the tty driver that describes the tty device 2952 * @index: the index in the tty driver for this tty device 2953 * 2954 * If a tty device is registered with a call to tty_register_device() then 2955 * this function must be called when the tty device is gone. 2956 * 2957 * Locking: ?? 2958 */ 2959 2960 void tty_unregister_device(struct tty_driver *driver, unsigned index) 2961 { 2962 device_destroy(tty_class, 2963 MKDEV(driver->major, driver->minor_start) + index); 2964 } 2965 EXPORT_SYMBOL(tty_unregister_device); 2966 2967 struct tty_driver *alloc_tty_driver(int lines) 2968 { 2969 struct tty_driver *driver; 2970 2971 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); 2972 if (driver) { 2973 kref_init(&driver->kref); 2974 driver->magic = TTY_DRIVER_MAGIC; 2975 driver->num = lines; 2976 /* later we'll move allocation of tables here */ 2977 } 2978 return driver; 2979 } 2980 EXPORT_SYMBOL(alloc_tty_driver); 2981 2982 static void destruct_tty_driver(struct kref *kref) 2983 { 2984 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 2985 int i; 2986 struct ktermios *tp; 2987 void *p; 2988 2989 if (driver->flags & TTY_DRIVER_INSTALLED) { 2990 /* 2991 * Free the termios and termios_locked structures because 2992 * we don't want to get memory leaks when modular tty 2993 * drivers are removed from the kernel. 2994 */ 2995 for (i = 0; i < driver->num; i++) { 2996 tp = driver->termios[i]; 2997 if (tp) { 2998 driver->termios[i] = NULL; 2999 kfree(tp); 3000 } 3001 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3002 tty_unregister_device(driver, i); 3003 } 3004 p = driver->ttys; 3005 proc_tty_unregister_driver(driver); 3006 driver->ttys = NULL; 3007 driver->termios = NULL; 3008 kfree(p); 3009 cdev_del(&driver->cdev); 3010 } 3011 kfree(driver); 3012 } 3013 3014 void tty_driver_kref_put(struct tty_driver *driver) 3015 { 3016 kref_put(&driver->kref, destruct_tty_driver); 3017 } 3018 EXPORT_SYMBOL(tty_driver_kref_put); 3019 3020 void tty_set_operations(struct tty_driver *driver, 3021 const struct tty_operations *op) 3022 { 3023 driver->ops = op; 3024 }; 3025 EXPORT_SYMBOL(tty_set_operations); 3026 3027 void put_tty_driver(struct tty_driver *d) 3028 { 3029 tty_driver_kref_put(d); 3030 } 3031 EXPORT_SYMBOL(put_tty_driver); 3032 3033 /* 3034 * Called by a tty driver to register itself. 3035 */ 3036 int tty_register_driver(struct tty_driver *driver) 3037 { 3038 int error; 3039 int i; 3040 dev_t dev; 3041 void **p = NULL; 3042 struct device *d; 3043 3044 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3045 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL); 3046 if (!p) 3047 return -ENOMEM; 3048 } 3049 3050 if (!driver->major) { 3051 error = alloc_chrdev_region(&dev, driver->minor_start, 3052 driver->num, driver->name); 3053 if (!error) { 3054 driver->major = MAJOR(dev); 3055 driver->minor_start = MINOR(dev); 3056 } 3057 } else { 3058 dev = MKDEV(driver->major, driver->minor_start); 3059 error = register_chrdev_region(dev, driver->num, driver->name); 3060 } 3061 if (error < 0) { 3062 kfree(p); 3063 return error; 3064 } 3065 3066 if (p) { 3067 driver->ttys = (struct tty_struct **)p; 3068 driver->termios = (struct ktermios **)(p + driver->num); 3069 } else { 3070 driver->ttys = NULL; 3071 driver->termios = NULL; 3072 } 3073 3074 cdev_init(&driver->cdev, &tty_fops); 3075 driver->cdev.owner = driver->owner; 3076 error = cdev_add(&driver->cdev, dev, driver->num); 3077 if (error) { 3078 unregister_chrdev_region(dev, driver->num); 3079 driver->ttys = NULL; 3080 driver->termios = NULL; 3081 kfree(p); 3082 return error; 3083 } 3084 3085 mutex_lock(&tty_mutex); 3086 list_add(&driver->tty_drivers, &tty_drivers); 3087 mutex_unlock(&tty_mutex); 3088 3089 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3090 for (i = 0; i < driver->num; i++) { 3091 d = tty_register_device(driver, i, NULL); 3092 if (IS_ERR(d)) { 3093 error = PTR_ERR(d); 3094 goto err; 3095 } 3096 } 3097 } 3098 proc_tty_register_driver(driver); 3099 driver->flags |= TTY_DRIVER_INSTALLED; 3100 return 0; 3101 3102 err: 3103 for (i--; i >= 0; i--) 3104 tty_unregister_device(driver, i); 3105 3106 mutex_lock(&tty_mutex); 3107 list_del(&driver->tty_drivers); 3108 mutex_unlock(&tty_mutex); 3109 3110 unregister_chrdev_region(dev, driver->num); 3111 driver->ttys = NULL; 3112 driver->termios = NULL; 3113 kfree(p); 3114 return error; 3115 } 3116 3117 EXPORT_SYMBOL(tty_register_driver); 3118 3119 /* 3120 * Called by a tty driver to unregister itself. 3121 */ 3122 int tty_unregister_driver(struct tty_driver *driver) 3123 { 3124 #if 0 3125 /* FIXME */ 3126 if (driver->refcount) 3127 return -EBUSY; 3128 #endif 3129 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3130 driver->num); 3131 mutex_lock(&tty_mutex); 3132 list_del(&driver->tty_drivers); 3133 mutex_unlock(&tty_mutex); 3134 return 0; 3135 } 3136 3137 EXPORT_SYMBOL(tty_unregister_driver); 3138 3139 dev_t tty_devnum(struct tty_struct *tty) 3140 { 3141 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3142 } 3143 EXPORT_SYMBOL(tty_devnum); 3144 3145 void proc_clear_tty(struct task_struct *p) 3146 { 3147 unsigned long flags; 3148 struct tty_struct *tty; 3149 spin_lock_irqsave(&p->sighand->siglock, flags); 3150 tty = p->signal->tty; 3151 p->signal->tty = NULL; 3152 spin_unlock_irqrestore(&p->sighand->siglock, flags); 3153 tty_kref_put(tty); 3154 } 3155 3156 /* Called under the sighand lock */ 3157 3158 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3159 { 3160 if (tty) { 3161 unsigned long flags; 3162 /* We should not have a session or pgrp to put here but.... */ 3163 spin_lock_irqsave(&tty->ctrl_lock, flags); 3164 put_pid(tty->session); 3165 put_pid(tty->pgrp); 3166 tty->pgrp = get_pid(task_pgrp(tsk)); 3167 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3168 tty->session = get_pid(task_session(tsk)); 3169 if (tsk->signal->tty) { 3170 printk(KERN_DEBUG "tty not NULL!!\n"); 3171 tty_kref_put(tsk->signal->tty); 3172 } 3173 } 3174 put_pid(tsk->signal->tty_old_pgrp); 3175 tsk->signal->tty = tty_kref_get(tty); 3176 tsk->signal->tty_old_pgrp = NULL; 3177 } 3178 3179 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3180 { 3181 spin_lock_irq(&tsk->sighand->siglock); 3182 __proc_set_tty(tsk, tty); 3183 spin_unlock_irq(&tsk->sighand->siglock); 3184 } 3185 3186 struct tty_struct *get_current_tty(void) 3187 { 3188 struct tty_struct *tty; 3189 unsigned long flags; 3190 3191 spin_lock_irqsave(¤t->sighand->siglock, flags); 3192 tty = tty_kref_get(current->signal->tty); 3193 spin_unlock_irqrestore(¤t->sighand->siglock, flags); 3194 return tty; 3195 } 3196 EXPORT_SYMBOL_GPL(get_current_tty); 3197 3198 void tty_default_fops(struct file_operations *fops) 3199 { 3200 *fops = tty_fops; 3201 } 3202 3203 /* 3204 * Initialize the console device. This is called *early*, so 3205 * we can't necessarily depend on lots of kernel help here. 3206 * Just do some early initializations, and do the complex setup 3207 * later. 3208 */ 3209 void __init console_init(void) 3210 { 3211 initcall_t *call; 3212 3213 /* Setup the default TTY line discipline. */ 3214 tty_ldisc_begin(); 3215 3216 /* 3217 * set up the console device so that later boot sequences can 3218 * inform about problems etc.. 3219 */ 3220 call = __con_initcall_start; 3221 while (call < __con_initcall_end) { 3222 (*call)(); 3223 call++; 3224 } 3225 } 3226 3227 static char *tty_devnode(struct device *dev, mode_t *mode) 3228 { 3229 if (!mode) 3230 return NULL; 3231 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3232 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3233 *mode = 0666; 3234 return NULL; 3235 } 3236 3237 static int __init tty_class_init(void) 3238 { 3239 tty_class = class_create(THIS_MODULE, "tty"); 3240 if (IS_ERR(tty_class)) 3241 return PTR_ERR(tty_class); 3242 tty_class->devnode = tty_devnode; 3243 return 0; 3244 } 3245 3246 postcore_initcall(tty_class_init); 3247 3248 /* 3/2004 jmc: why do these devices exist? */ 3249 static struct cdev tty_cdev, console_cdev; 3250 3251 static ssize_t show_cons_active(struct device *dev, 3252 struct device_attribute *attr, char *buf) 3253 { 3254 struct console *cs[16]; 3255 int i = 0; 3256 struct console *c; 3257 ssize_t count = 0; 3258 3259 console_lock(); 3260 for_each_console(c) { 3261 if (!c->device) 3262 continue; 3263 if (!c->write) 3264 continue; 3265 if ((c->flags & CON_ENABLED) == 0) 3266 continue; 3267 cs[i++] = c; 3268 if (i >= ARRAY_SIZE(cs)) 3269 break; 3270 } 3271 while (i--) 3272 count += sprintf(buf + count, "%s%d%c", 3273 cs[i]->name, cs[i]->index, i ? ' ':'\n'); 3274 console_unlock(); 3275 3276 return count; 3277 } 3278 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3279 3280 static struct device *consdev; 3281 3282 void console_sysfs_notify(void) 3283 { 3284 if (consdev) 3285 sysfs_notify(&consdev->kobj, NULL, "active"); 3286 } 3287 3288 /* 3289 * Ok, now we can initialize the rest of the tty devices and can count 3290 * on memory allocations, interrupts etc.. 3291 */ 3292 int __init tty_init(void) 3293 { 3294 cdev_init(&tty_cdev, &tty_fops); 3295 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3296 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3297 panic("Couldn't register /dev/tty driver\n"); 3298 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3299 3300 cdev_init(&console_cdev, &console_fops); 3301 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3302 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3303 panic("Couldn't register /dev/console driver\n"); 3304 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL, 3305 "console"); 3306 if (IS_ERR(consdev)) 3307 consdev = NULL; 3308 else 3309 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0); 3310 3311 #ifdef CONFIG_VT 3312 vty_init(&console_fops); 3313 #endif 3314 return 0; 3315 } 3316 3317