projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tty: fix missing assignment
[linux-2.6-block.git] / drivers / tty / tty_io.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5/*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
37bdfb07 20 * makes for cleaner and more compact code. -TYT, 9/17/92
1da177e4
LT		 21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
37bdfb07 42 *
1da177e4
LT		 43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
d81ed103 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
1da177e4
LT		 51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
37bdfb07
AC		 63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
1da177e4
LT		 65 */
66
1da177e4
LT		 67#include <linux/types.h>
68#include <linux/major.h>
69#include <linux/errno.h>
70#include <linux/signal.h>
71#include <linux/fcntl.h>
72#include <linux/sched.h>
73#include <linux/interrupt.h>
74#include <linux/tty.h>
75#include <linux/tty_driver.h>
76#include <linux/tty_flip.h>
77#include <linux/devpts_fs.h>
78#include <linux/file.h>
9f3acc31 79#include <linux/fdtable.h>
1da177e4
LT		 80#include <linux/console.h>
81#include <linux/timer.h>
82#include <linux/ctype.h>
83#include <linux/kd.h>
84#include <linux/mm.h>
85#include <linux/string.h>
86#include <linux/slab.h>
87#include <linux/poll.h>
88#include <linux/proc_fs.h>
89#include <linux/init.h>
90#include <linux/module.h>
1da177e4 91#include <linux/device.h>
1da177e4
LT		 92#include <linux/wait.h>
93#include <linux/bitops.h>
b20f3ae5 94#include <linux/delay.h>
a352def2 95#include <linux/seq_file.h>
d281da7f 96#include <linux/serial.h>
5a3c6b25 97#include <linux/ratelimit.h>
1da177e4 98
a352def2 99#include <linux/uaccess.h>
1da177e4
LT		 100
101#include <linux/kbd_kern.h>
102#include <linux/vt_kern.h>
103#include <linux/selection.h>
1da177e4
LT		 104
105#include <linux/kmod.h>
b488893a 106#include <linux/nsproxy.h>
1da177e4
LT		 107
108#undef TTY_DEBUG_HANGUP
109
110#define TTY_PARANOIA_CHECK 1
111#define CHECK_TTY_COUNT 1
112
edc6afc5 113struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
1da177e4
LT		 114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
edc6afc5
AC		 119 .c_cc = INIT_C_CC,
120 .c_ispeed = 38400,
121 .c_ospeed = 38400
1da177e4
LT		 122};
123
124EXPORT_SYMBOL(tty_std_termios);
125
126/* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
128 into this file */
37bdfb07 129
1da177e4
LT		 130LIST_HEAD(tty_drivers); /* linked list of tty drivers */
131
24ec839c 132/* Mutex to protect creating and releasing a tty. This is shared with
1da177e4 133 vt.c for deeply disgusting hack reasons */
70522e12 134DEFINE_MUTEX(tty_mutex);
de2a84f2 135EXPORT_SYMBOL(tty_mutex);
1da177e4 136
ee2ffa0d
NP		 137/* Spinlock to protect the tty->tty_files list */
138DEFINE_SPINLOCK(tty_files_lock);
139
1da177e4
LT		 140static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
37bdfb07
AC		 142ssize_t redirected_tty_write(struct file *, const char __user *,
143 size_t, loff_t *);
1da177e4
LT		 144static unsigned int tty_poll(struct file *, poll_table *);
145static int tty_open(struct inode *, struct file *);
04f378b1 146long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
e10cc1df 147#ifdef CONFIG_COMPAT
37bdfb07 148static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 149 unsigned long arg);
150#else
151#define tty_compat_ioctl NULL
152#endif
ec79d605 153static int __tty_fasync(int fd, struct file *filp, int on);
37bdfb07 154static int tty_fasync(int fd, struct file *filp, int on);
d5698c28 155static void release_tty(struct tty_struct *tty, int idx);
2a65f1d9 156static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
98a27ba4 157static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
1da177e4 158
af9b897e
AC		 159/**
160 * alloc_tty_struct - allocate a tty object
161 *
162 * Return a new empty tty structure. The data fields have not
163 * been initialized in any way but has been zeroed
164 *
165 * Locking: none
af9b897e 166 */
1da177e4 167
bf970ee4 168struct tty_struct *alloc_tty_struct(void)
1da177e4 169{
1266b1e1 170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
1da177e4
LT		 171}
172
af9b897e
AC		 173/**
174 * free_tty_struct - free a disused tty
175 * @tty: tty struct to free
176 *
177 * Free the write buffers, tty queue and tty memory itself.
178 *
179 * Locking: none. Must be called after tty is definitely unused
180 */
181
bf970ee4 182void free_tty_struct(struct tty_struct *tty)
1da177e4 183{
30004ac9
DES		 184 if (tty->dev)
185 put_device(tty->dev);
1da177e4 186 kfree(tty->write_buf);
33f0f88f 187 tty_buffer_free_all(tty);
1da177e4
LT		 188 kfree(tty);
189}
190
d996b62a
NP		 191static inline struct tty_struct *file_tty(struct file *file)
192{
193 return ((struct tty_file_private *)file->private_data)->tty;
194}
195
fa90e1c9 196int tty_alloc_file(struct file *file)
d996b62a
NP		 197{
198 struct tty_file_private *priv;
199
f573bd17
PE		 200 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
201 if (!priv)
202 return -ENOMEM;
d996b62a 203
fa90e1c9
JS		 204 file->private_data = priv;
205
206 return 0;
207}
208
209/* Associate a new file with the tty structure */
210void tty_add_file(struct tty_struct *tty, struct file *file)
211{
212 struct tty_file_private *priv = file->private_data;
213
d996b62a
NP		 214 priv->tty = tty;
215 priv->file = file;
d996b62a
NP		 216
217 spin_lock(&tty_files_lock);
218 list_add(&priv->list, &tty->tty_files);
219 spin_unlock(&tty_files_lock);
fa90e1c9 220}
f573bd17 221
fa90e1c9
JS		 222/**
223 * tty_free_file - free file->private_data
224 *
225 * This shall be used only for fail path handling when tty_add_file was not
226 * called yet.
227 */
228void tty_free_file(struct file *file)
229{
230 struct tty_file_private *priv = file->private_data;
231
232 file->private_data = NULL;
233 kfree(priv);
d996b62a
NP		 234}
235
236/* Delete file from its tty */
237void tty_del_file(struct file *file)
238{
239 struct tty_file_private *priv = file->private_data;
240
241 spin_lock(&tty_files_lock);
242 list_del(&priv->list);
243 spin_unlock(&tty_files_lock);
fa90e1c9 244 tty_free_file(file);
d996b62a
NP		 245}
246
247
1da177e4
LT		 248#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
249
af9b897e
AC		 250/**
251 * tty_name - return tty naming
252 * @tty: tty structure
253 * @buf: buffer for output
254 *
255 * Convert a tty structure into a name. The name reflects the kernel
256 * naming policy and if udev is in use may not reflect user space
257 *
258 * Locking: none
259 */
260
1da177e4
LT		 261char *tty_name(struct tty_struct *tty, char *buf)
262{
263 if (!tty) /* Hmm. NULL pointer. That's fun. */
264 strcpy(buf, "NULL tty");
265 else
266 strcpy(buf, tty->name);
267 return buf;
268}
269
270EXPORT_SYMBOL(tty_name);
271
d769a669 272int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
1da177e4
LT		 273 const char *routine)
274{
275#ifdef TTY_PARANOIA_CHECK
276 if (!tty) {
277 printk(KERN_WARNING
278 "null TTY for (%d:%d) in %s\n",
279 imajor(inode), iminor(inode), routine);
280 return 1;
281 }
282 if (tty->magic != TTY_MAGIC) {
283 printk(KERN_WARNING
284 "bad magic number for tty struct (%d:%d) in %s\n",
285 imajor(inode), iminor(inode), routine);
286 return 1;
287 }
288#endif
289 return 0;
290}
291
292static int check_tty_count(struct tty_struct *tty, const char *routine)
293{
294#ifdef CHECK_TTY_COUNT
295 struct list_head *p;
296 int count = 0;
37bdfb07 297
ee2ffa0d 298 spin_lock(&tty_files_lock);
1da177e4
LT		 299 list_for_each(p, &tty->tty_files) {
300 count++;
301 }
ee2ffa0d 302 spin_unlock(&tty_files_lock);
1da177e4
LT		 303 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
304 tty->driver->subtype == PTY_TYPE_SLAVE &&
305 tty->link && tty->link->count)
306 count++;
307 if (tty->count != count) {
308 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
309 "!= #fd's(%d) in %s\n",
310 tty->name, tty->count, count, routine);
311 return count;
24ec839c 312 }
1da177e4
LT		 313#endif
314 return 0;
315}
316
af9b897e
AC		 317/**
318 * get_tty_driver - find device of a tty
319 * @dev_t: device identifier
320 * @index: returns the index of the tty
321 *
322 * This routine returns a tty driver structure, given a device number
323 * and also passes back the index number.
324 *
325 * Locking: caller must hold tty_mutex
1da177e4 326 */
af9b897e 327
1da177e4
LT		 328static struct tty_driver *get_tty_driver(dev_t device, int *index)
329{
330 struct tty_driver *p;
331
332 list_for_each_entry(p, &tty_drivers, tty_drivers) {
333 dev_t base = MKDEV(p->major, p->minor_start);
334 if (device < base || device >= base + p->num)
335 continue;
336 *index = device - base;
7d7b93c1 337 return tty_driver_kref_get(p);
1da177e4
LT		 338 }
339 return NULL;
340}
341
f2d937f3
JW		 342#ifdef CONFIG_CONSOLE_POLL
343
344/**
345 * tty_find_polling_driver - find device of a polled tty
346 * @name: name string to match
347 * @line: pointer to resulting tty line nr
348 *
349 * This routine returns a tty driver structure, given a name
350 * and the condition that the tty driver is capable of polled
351 * operation.
352 */
353struct tty_driver *tty_find_polling_driver(char *name, int *line)
354{
355 struct tty_driver *p, *res = NULL;
356 int tty_line = 0;
0dca0fd2 357 int len;
5f0878ac 358 char *str, *stp;
f2d937f3 359
0dca0fd2
JW		 360 for (str = name; *str; str++)
361 if ((*str >= '0' && *str <= '9') || *str == ',')
362 break;
363 if (!*str)
364 return NULL;
365
366 len = str - name;
367 tty_line = simple_strtoul(str, &str, 10);
368
f2d937f3
JW		 369 mutex_lock(&tty_mutex);
370 /* Search through the tty devices to look for a match */
371 list_for_each_entry(p, &tty_drivers, tty_drivers) {
0dca0fd2
JW		 372 if (strncmp(name, p->name, len) != 0)
373 continue;
5f0878ac
AC		 374 stp = str;
375 if (*stp == ',')
376 stp++;
377 if (*stp == '\0')
378 stp = NULL;
f2d937f3 379
6eb68d6f 380 if (tty_line >= 0 && tty_line < p->num && p->ops &&
5f0878ac 381 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
7d7b93c1 382 res = tty_driver_kref_get(p);
f2d937f3
JW		 383 *line = tty_line;
384 break;
385 }
386 }
387 mutex_unlock(&tty_mutex);
388
389 return res;
390}
391EXPORT_SYMBOL_GPL(tty_find_polling_driver);
392#endif
393
af9b897e
AC		 394/**
395 * tty_check_change - check for POSIX terminal changes
396 * @tty: tty to check
397 *
398 * If we try to write to, or set the state of, a terminal and we're
399 * not in the foreground, send a SIGTTOU. If the signal is blocked or
400 * ignored, go ahead and perform the operation. (POSIX 7.2)
401 *
978e595f 402 * Locking: ctrl_lock
1da177e4 403 */
af9b897e 404
37bdfb07 405int tty_check_change(struct tty_struct *tty)
1da177e4 406{
47f86834
AC		 407 unsigned long flags;
408 int ret = 0;
409
1da177e4
LT		 410 if (current->signal->tty != tty)
411 return 0;
47f86834
AC		 412
413 spin_lock_irqsave(&tty->ctrl_lock, flags);
414
ab521dc0
EB		 415 if (!tty->pgrp) {
416 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
9ffee4cb 417 goto out_unlock;
1da177e4 418 }
ab521dc0 419 if (task_pgrp(current) == tty->pgrp)
9ffee4cb
AM		 420 goto out_unlock;
421 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 422 if (is_ignored(SIGTTOU))
47f86834
AC		 423 goto out;
424 if (is_current_pgrp_orphaned()) {
425 ret = -EIO;
426 goto out;
427 }
040b6362
ON		 428 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
429 set_thread_flag(TIF_SIGPENDING);
47f86834
AC		 430 ret = -ERESTARTSYS;
431out:
9ffee4cb
AM		 432 return ret;
433out_unlock:
47f86834
AC		 434 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
435 return ret;
1da177e4
LT		 436}
437
438EXPORT_SYMBOL(tty_check_change);
439
37bdfb07 440static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
1da177e4
LT		 441 size_t count, loff_t *ppos)
442{
443 return 0;
444}
445
37bdfb07 446static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
1da177e4
LT		 447 size_t count, loff_t *ppos)
448{
449 return -EIO;
450}
451
452/* No kernel lock held - none needed ;) */
37bdfb07 453static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
1da177e4
LT		 454{
455 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
456}
457
04f378b1
AC		 458static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
459 unsigned long arg)
38ad2ed0
PF		 460{
461 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
462}
463
37bdfb07 464static long hung_up_tty_compat_ioctl(struct file *file,
38ad2ed0 465 unsigned int cmd, unsigned long arg)
1da177e4
LT		 466{
467 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
468}
469
62322d25 470static const struct file_operations tty_fops = {
1da177e4
LT		 471 .llseek = no_llseek,
472 .read = tty_read,
473 .write = tty_write,
474 .poll = tty_poll,
04f378b1 475 .unlocked_ioctl = tty_ioctl,
e10cc1df 476 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 477 .open = tty_open,
478 .release = tty_release,
479 .fasync = tty_fasync,
480};
481
62322d25 482static const struct file_operations console_fops = {
1da177e4
LT		 483 .llseek = no_llseek,
484 .read = tty_read,
485 .write = redirected_tty_write,
486 .poll = tty_poll,
04f378b1 487 .unlocked_ioctl = tty_ioctl,
e10cc1df 488 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 489 .open = tty_open,
490 .release = tty_release,
491 .fasync = tty_fasync,
492};
493
62322d25 494static const struct file_operations hung_up_tty_fops = {
1da177e4
LT		 495 .llseek = no_llseek,
496 .read = hung_up_tty_read,
497 .write = hung_up_tty_write,
498 .poll = hung_up_tty_poll,
04f378b1 499 .unlocked_ioctl = hung_up_tty_ioctl,
38ad2ed0 500 .compat_ioctl = hung_up_tty_compat_ioctl,
1da177e4
LT		 501 .release = tty_release,
502};
503
504static DEFINE_SPINLOCK(redirect_lock);
505static struct file *redirect;
506
507/**
508 * tty_wakeup - request more data
509 * @tty: terminal
510 *
511 * Internal and external helper for wakeups of tty. This function
512 * informs the line discipline if present that the driver is ready
513 * to receive more output data.
514 */
37bdfb07 515
1da177e4
LT		 516void tty_wakeup(struct tty_struct *tty)
517{
518 struct tty_ldisc *ld;
37bdfb07 519
1da177e4
LT		 520 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
521 ld = tty_ldisc_ref(tty);
37bdfb07 522 if (ld) {
a352def2
AC		 523 if (ld->ops->write_wakeup)
524 ld->ops->write_wakeup(tty);
1da177e4
LT		 525 tty_ldisc_deref(ld);
526 }
527 }
4b19449d 528 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 529}
530
531EXPORT_SYMBOL_GPL(tty_wakeup);
532
af9b897e 533/**
11dbf203 534 * __tty_hangup - actual handler for hangup events
65f27f38 535 * @work: tty device
af9b897e 536 *
1bad879a 537 * This can be called by the "eventd" kernel thread. That is process
af9b897e
AC		 538 * synchronous but doesn't hold any locks, so we need to make sure we
539 * have the appropriate locks for what we're doing.
540 *
541 * The hangup event clears any pending redirections onto the hung up
542 * device. It ensures future writes will error and it does the needed
543 * line discipline hangup and signal delivery. The tty object itself
544 * remains intact.
545 *
546 * Locking:
ec79d605 547 * BTM
24ec839c
PZ		 548 * redirect lock for undoing redirection
549 * file list lock for manipulating list of ttys
550 * tty_ldisc_lock from called functions
551 * termios_mutex resetting termios data
552 * tasklist_lock to walk task list for hangup event
553 * ->siglock to protect ->signal/->sighand
1da177e4 554 */
11dbf203 555void __tty_hangup(struct tty_struct *tty)
1da177e4 556{
37bdfb07 557 struct file *cons_filp = NULL;
1da177e4
LT		 558 struct file *filp, *f = NULL;
559 struct task_struct *p;
d996b62a 560 struct tty_file_private *priv;
1da177e4 561 int closecount = 0, n;
47f86834 562 unsigned long flags;
9c9f4ded 563 int refs = 0;
1da177e4
LT		 564
565 if (!tty)
566 return;
567
1da177e4
LT		 568
569 spin_lock(&redirect_lock);
d996b62a 570 if (redirect && file_tty(redirect) == tty) {
1da177e4
LT		 571 f = redirect;
572 redirect = NULL;
573 }
574 spin_unlock(&redirect_lock);
37bdfb07 575
6d31a88c 576 tty_lock();
11dbf203 577
acfa747b
JS		 578 /* some functions below drop BTM, so we need this bit */
579 set_bit(TTY_HUPPING, &tty->flags);
580
ec79d605
AB		 581 /* inuse_filps is protected by the single tty lock,
582 this really needs to change if we want to flush the
583 workqueue with the lock held */
11dbf203 584 check_tty_count(tty, "tty_hangup");
36ba782e 585
ee2ffa0d 586 spin_lock(&tty_files_lock);
1da177e4 587 /* This breaks for file handles being sent over AF_UNIX sockets ? */
d996b62a
NP		 588 list_for_each_entry(priv, &tty->tty_files, list) {
589 filp = priv->file;
1da177e4
LT		 590 if (filp->f_op->write == redirected_tty_write)
591 cons_filp = filp;
592 if (filp->f_op->write != tty_write)
593 continue;
594 closecount++;
ec79d605 595 __tty_fasync(-1, filp, 0); /* can't block */
1da177e4
LT		 596 filp->f_op = &hung_up_tty_fops;
597 }
ee2ffa0d 598 spin_unlock(&tty_files_lock);
37bdfb07 599
acfa747b
JS		 600 /*
601 * it drops BTM and thus races with reopen
602 * we protect the race by TTY_HUPPING
603 */
c65c9bc3 604 tty_ldisc_hangup(tty);
37bdfb07 605
1da177e4 606 read_lock(&tasklist_lock);
ab521dc0
EB		 607 if (tty->session) {
608 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
24ec839c 609 spin_lock_irq(&p->sighand->siglock);
9c9f4ded 610 if (p->signal->tty == tty) {
1da177e4 611 p->signal->tty = NULL;
9c9f4ded
AC		 612 /* We defer the dereferences outside fo
613 the tasklist lock */
614 refs++;
615 }
24ec839c
PZ		 616 if (!p->signal->leader) {
617 spin_unlock_irq(&p->sighand->siglock);
1da177e4 618 continue;
24ec839c
PZ		 619 }
620 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
621 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
ab521dc0 622 put_pid(p->signal->tty_old_pgrp); /* A noop */
47f86834 623 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 624 if (tty->pgrp)
625 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
47f86834 626 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
24ec839c 627 spin_unlock_irq(&p->sighand->siglock);
ab521dc0 628 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
1da177e4
LT		 629 }
630 read_unlock(&tasklist_lock);
631
47f86834 632 spin_lock_irqsave(&tty->ctrl_lock, flags);
c65c9bc3
AC		 633 clear_bit(TTY_THROTTLED, &tty->flags);
634 clear_bit(TTY_PUSH, &tty->flags);
635 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
d9c1e9a8
EB		 636 put_pid(tty->session);
637 put_pid(tty->pgrp);
ab521dc0
EB		 638 tty->session = NULL;
639 tty->pgrp = NULL;
1da177e4 640 tty->ctrl_status = 0;
47f86834
AC		 641 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
642
9c9f4ded
AC		 643 /* Account for the p->signal references we killed */
644 while (refs--)
645 tty_kref_put(tty);
646
1da177e4 647 /*
37bdfb07
AC		 648 * If one of the devices matches a console pointer, we
649 * cannot just call hangup() because that will cause
650 * tty->count and state->count to go out of sync.
651 * So we just call close() the right number of times.
1da177e4
LT		 652 */
653 if (cons_filp) {
f34d7a5b 654 if (tty->ops->close)
1da177e4 655 for (n = 0; n < closecount; n++)
f34d7a5b
AC		 656 tty->ops->close(tty, cons_filp);
657 } else if (tty->ops->hangup)
658 (tty->ops->hangup)(tty);
37bdfb07
AC		 659 /*
660 * We don't want to have driver/ldisc interactions beyond
661 * the ones we did here. The driver layer expects no
662 * calls after ->hangup() from the ldisc side. However we
663 * can't yet guarantee all that.
664 */
1da177e4 665 set_bit(TTY_HUPPED, &tty->flags);
acfa747b 666 clear_bit(TTY_HUPPING, &tty->flags);
c65c9bc3 667 tty_ldisc_enable(tty);
11dbf203 668
6d31a88c 669 tty_unlock();
11dbf203 670
1da177e4
LT		 671 if (f)
672 fput(f);
673}
674
ddcd9fb6
AB		 675static void do_tty_hangup(struct work_struct *work)
676{
677 struct tty_struct *tty =
678 container_of(work, struct tty_struct, hangup_work);
679
11dbf203 680 __tty_hangup(tty);
ddcd9fb6
AB		 681}
682
af9b897e
AC		 683/**
684 * tty_hangup - trigger a hangup event
685 * @tty: tty to hangup
686 *
687 * A carrier loss (virtual or otherwise) has occurred on this like
688 * schedule a hangup sequence to run after this event.
689 */
690
37bdfb07 691void tty_hangup(struct tty_struct *tty)
1da177e4
LT		 692{
693#ifdef TTY_DEBUG_HANGUP
694 char buf[64];
1da177e4
LT		 695 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
696#endif
697 schedule_work(&tty->hangup_work);
698}
699
700EXPORT_SYMBOL(tty_hangup);
701
af9b897e
AC		 702/**
703 * tty_vhangup - process vhangup
704 * @tty: tty to hangup
705 *
706 * The user has asked via system call for the terminal to be hung up.
707 * We do this synchronously so that when the syscall returns the process
3a4fa0a2 708 * is complete. That guarantee is necessary for security reasons.
af9b897e
AC		 709 */
710
37bdfb07 711void tty_vhangup(struct tty_struct *tty)
1da177e4
LT		 712{
713#ifdef TTY_DEBUG_HANGUP
714 char buf[64];
715
716 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
717#endif
11dbf203 718 __tty_hangup(tty);
1da177e4 719}
37bdfb07 720
1da177e4
LT		 721EXPORT_SYMBOL(tty_vhangup);
722
11dbf203 723
2cb5998b
AC		 724/**
725 * tty_vhangup_self - process vhangup for own ctty
726 *
727 * Perform a vhangup on the current controlling tty
728 */
729
730void tty_vhangup_self(void)
731{
732 struct tty_struct *tty;
733
2cb5998b
AC		 734 tty = get_current_tty();
735 if (tty) {
736 tty_vhangup(tty);
737 tty_kref_put(tty);
738 }
2cb5998b
AC		 739}
740
af9b897e
AC		 741/**
742 * tty_hung_up_p - was tty hung up
743 * @filp: file pointer of tty
744 *
745 * Return true if the tty has been subject to a vhangup or a carrier
746 * loss
747 */
748
37bdfb07 749int tty_hung_up_p(struct file *filp)
1da177e4
LT		 750{
751 return (filp->f_op == &hung_up_tty_fops);
752}
753
754EXPORT_SYMBOL(tty_hung_up_p);
755
ab521dc0 756static void session_clear_tty(struct pid *session)
24ec839c
PZ		 757{
758 struct task_struct *p;
ab521dc0 759 do_each_pid_task(session, PIDTYPE_SID, p) {
24ec839c 760 proc_clear_tty(p);
ab521dc0 761 } while_each_pid_task(session, PIDTYPE_SID, p);
24ec839c
PZ		 762}
763
af9b897e
AC		 764/**
765 * disassociate_ctty - disconnect controlling tty
766 * @on_exit: true if exiting so need to "hang up" the session
1da177e4 767 *
af9b897e
AC		 768 * This function is typically called only by the session leader, when
769 * it wants to disassociate itself from its controlling tty.
770 *
771 * It performs the following functions:
1da177e4
LT		 772 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
773 * (2) Clears the tty from being controlling the session
774 * (3) Clears the controlling tty for all processes in the
775 * session group.
776 *
af9b897e
AC		 777 * The argument on_exit is set to 1 if called when a process is
778 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
779 *
24ec839c 780 * Locking:
ec79d605
AB		 781 * BTM is taken for hysterical raisins, and held when
782 * called from no_tty().
24ec839c
PZ		 783 * tty_mutex is taken to protect tty
784 * ->siglock is taken to protect ->signal/->sighand
785 * tasklist_lock is taken to walk process list for sessions
786 * ->siglock is taken to protect ->signal/->sighand
1da177e4 787 */
af9b897e 788
1da177e4
LT		 789void disassociate_ctty(int on_exit)
790{
791 struct tty_struct *tty;
1da177e4 792
5ec93d11
AC		 793 if (!current->signal->leader)
794 return;
1da177e4 795
24ec839c 796 tty = get_current_tty();
1da177e4 797 if (tty) {
1411dc4a 798 struct pid *tty_pgrp = get_pid(tty->pgrp);
ddcd9fb6 799 if (on_exit) {
ddcd9fb6 800 if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
11dbf203 801 tty_vhangup(tty);
ddcd9fb6 802 }
452a00d2 803 tty_kref_put(tty);
1411dc4a
JS		 804 if (tty_pgrp) {
805 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
806 if (!on_exit)
807 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
808 put_pid(tty_pgrp);
809 }
680a9671 810 } else if (on_exit) {
ab521dc0 811 struct pid *old_pgrp;
680a9671
EB		 812 spin_lock_irq(&current->sighand->siglock);
813 old_pgrp = current->signal->tty_old_pgrp;
ab521dc0 814 current->signal->tty_old_pgrp = NULL;
680a9671 815 spin_unlock_irq(&current->sighand->siglock);
24ec839c 816 if (old_pgrp) {
ab521dc0
EB		 817 kill_pgrp(old_pgrp, SIGHUP, on_exit);
818 kill_pgrp(old_pgrp, SIGCONT, on_exit);
819 put_pid(old_pgrp);
1da177e4 820 }
1da177e4
LT		 821 return;
822 }
1da177e4 823
24ec839c 824 spin_lock_irq(&current->sighand->siglock);
2a65f1d9 825 put_pid(current->signal->tty_old_pgrp);
23cac8de 826 current->signal->tty_old_pgrp = NULL;
24ec839c
PZ		 827 spin_unlock_irq(&current->sighand->siglock);
828
24ec839c
PZ		 829 tty = get_current_tty();
830 if (tty) {
47f86834
AC		 831 unsigned long flags;
832 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 833 put_pid(tty->session);
834 put_pid(tty->pgrp);
835 tty->session = NULL;
836 tty->pgrp = NULL;
47f86834 837 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
452a00d2 838 tty_kref_put(tty);
24ec839c
PZ		 839 } else {
840#ifdef TTY_DEBUG_HANGUP
841 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
842 " = NULL", tty);
843#endif
844 }
1da177e4
LT		 845
846 /* Now clear signal->tty under the lock */
847 read_lock(&tasklist_lock);
ab521dc0 848 session_clear_tty(task_session(current));
1da177e4 849 read_unlock(&tasklist_lock);
1da177e4
LT		 850}
851
98a27ba4
EB		 852/**
853 *
854 * no_tty - Ensure the current process does not have a controlling tty
855 */
856void no_tty(void)
857{
3af502b9
AC		 858 /* FIXME: Review locking here. The tty_lock never covered any race
859 between a new association and proc_clear_tty but possible we need
860 to protect against this anyway */
98a27ba4 861 struct task_struct *tsk = current;
5ec93d11 862 disassociate_ctty(0);
98a27ba4
EB		 863 proc_clear_tty(tsk);
864}
865
af9b897e
AC		 866
867/**
beb7dd86 868 * stop_tty - propagate flow control
af9b897e
AC		 869 * @tty: tty to stop
870 *
871 * Perform flow control to the driver. For PTY/TTY pairs we
beb7dd86 872 * must also propagate the TIOCKPKT status. May be called
af9b897e
AC		 873 * on an already stopped device and will not re-call the driver
874 * method.
875 *
876 * This functionality is used by both the line disciplines for
877 * halting incoming flow and by the driver. It may therefore be
878 * called from any context, may be under the tty atomic_write_lock
879 * but not always.
880 *
881 * Locking:
04f378b1 882 * Uses the tty control lock internally
af9b897e
AC		 883 */
884
1da177e4
LT		 885void stop_tty(struct tty_struct *tty)
886{
04f378b1
AC		 887 unsigned long flags;
888 spin_lock_irqsave(&tty->ctrl_lock, flags);
889 if (tty->stopped) {
890 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 891 return;
04f378b1 892 }
1da177e4
LT		 893 tty->stopped = 1;
894 if (tty->link && tty->link->packet) {
895 tty->ctrl_status &= ~TIOCPKT_START;
896 tty->ctrl_status |= TIOCPKT_STOP;
4b19449d 897 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
1da177e4 898 }
04f378b1 899 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
f34d7a5b
AC		 900 if (tty->ops->stop)
901 (tty->ops->stop)(tty);
1da177e4
LT		 902}
903
904EXPORT_SYMBOL(stop_tty);
905
af9b897e 906/**
beb7dd86 907 * start_tty - propagate flow control
af9b897e
AC		 908 * @tty: tty to start
909 *
910 * Start a tty that has been stopped if at all possible. Perform
3a4fa0a2 911 * any necessary wakeups and propagate the TIOCPKT status. If this
af9b897e
AC		 912 * is the tty was previous stopped and is being started then the
913 * driver start method is invoked and the line discipline woken.
914 *
915 * Locking:
04f378b1 916 * ctrl_lock
af9b897e
AC		 917 */
918
1da177e4
LT		 919void start_tty(struct tty_struct *tty)
920{
04f378b1
AC		 921 unsigned long flags;
922 spin_lock_irqsave(&tty->ctrl_lock, flags);
923 if (!tty->stopped || tty->flow_stopped) {
924 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 925 return;
04f378b1 926 }
1da177e4
LT		 927 tty->stopped = 0;
928 if (tty->link && tty->link->packet) {
929 tty->ctrl_status &= ~TIOCPKT_STOP;
930 tty->ctrl_status |= TIOCPKT_START;
4b19449d 931 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
1da177e4 932 }
04f378b1 933 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
f34d7a5b
AC		 934 if (tty->ops->start)
935 (tty->ops->start)(tty);
1da177e4
LT		 936 /* If we have a running line discipline it may need kicking */
937 tty_wakeup(tty);
1da177e4
LT		 938}
939
940EXPORT_SYMBOL(start_tty);
941
af9b897e
AC		 942/**
943 * tty_read - read method for tty device files
944 * @file: pointer to tty file
945 * @buf: user buffer
946 * @count: size of user buffer
947 * @ppos: unused
948 *
949 * Perform the read system call function on this terminal device. Checks
950 * for hung up devices before calling the line discipline method.
951 *
952 * Locking:
47f86834
AC		 953 * Locks the line discipline internally while needed. Multiple
954 * read calls may be outstanding in parallel.
af9b897e
AC		 955 */
956
37bdfb07 957static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
1da177e4
LT		 958 loff_t *ppos)
959{
960 int i;
d996b62a
NP		 961 struct inode *inode = file->f_path.dentry->d_inode;
962 struct tty_struct *tty = file_tty(file);
1da177e4
LT		 963 struct tty_ldisc *ld;
964
1da177e4
LT		 965 if (tty_paranoia_check(tty, inode, "tty_read"))
966 return -EIO;
967 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
968 return -EIO;
969
970 /* We want to wait for the line discipline to sort out in this
971 situation */
972 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 973 if (ld->ops->read)
974 i = (ld->ops->read)(tty, file, buf, count);
1da177e4
LT		 975 else
976 i = -EIO;
977 tty_ldisc_deref(ld);
1da177e4
LT		 978 if (i > 0)
979 inode->i_atime = current_fs_time(inode->i_sb);
980 return i;
981}
982
9c1729db 983void tty_write_unlock(struct tty_struct *tty)
83c67571 984 __releases(&tty->atomic_write_lock)
9c1729db
AC		 985{
986 mutex_unlock(&tty->atomic_write_lock);
4b19449d 987 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
9c1729db
AC		 988}
989
990int tty_write_lock(struct tty_struct *tty, int ndelay)
83c67571 991 __acquires(&tty->atomic_write_lock)
9c1729db
AC		 992{
993 if (!mutex_trylock(&tty->atomic_write_lock)) {
994 if (ndelay)
995 return -EAGAIN;
996 if (mutex_lock_interruptible(&tty->atomic_write_lock))
997 return -ERESTARTSYS;
998 }
999 return 0;
1000}
1001
1da177e4
LT		 1002/*
1003 * Split writes up in sane blocksizes to avoid
1004 * denial-of-service type attacks
1005 */
1006static inline ssize_t do_tty_write(
1007 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1008 struct tty_struct *tty,
1009 struct file *file,
1010 const char __user *buf,
1011 size_t count)
1012{
9c1729db 1013 ssize_t ret, written = 0;
1da177e4 1014 unsigned int chunk;
37bdfb07 1015
9c1729db
AC		 1016 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1017 if (ret < 0)
1018 return ret;
1da177e4
LT		 1019
1020 /*
1021 * We chunk up writes into a temporary buffer. This
1022 * simplifies low-level drivers immensely, since they
1023 * don't have locking issues and user mode accesses.
1024 *
1025 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1026 * big chunk-size..
1027 *
1028 * The default chunk-size is 2kB, because the NTTY
1029 * layer has problems with bigger chunks. It will
1030 * claim to be able to handle more characters than
1031 * it actually does.
af9b897e
AC		 1032 *
1033 * FIXME: This can probably go away now except that 64K chunks
1034 * are too likely to fail unless switched to vmalloc...
1da177e4
LT		 1035 */
1036 chunk = 2048;
1037 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1038 chunk = 65536;
1039 if (count < chunk)
1040 chunk = count;
1041
70522e12 1042 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1da177e4 1043 if (tty->write_cnt < chunk) {
402fda92 1044 unsigned char *buf_chunk;
1da177e4
LT		 1045
1046 if (chunk < 1024)
1047 chunk = 1024;
1048
402fda92
JW		 1049 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1050 if (!buf_chunk) {
9c1729db
AC		 1051 ret = -ENOMEM;
1052 goto out;
1da177e4
LT		 1053 }
1054 kfree(tty->write_buf);
1055 tty->write_cnt = chunk;
402fda92 1056 tty->write_buf = buf_chunk;
1da177e4
LT		 1057 }
1058
1059 /* Do the write .. */
1060 for (;;) {
1061 size_t size = count;
1062 if (size > chunk)
1063 size = chunk;
1064 ret = -EFAULT;
1065 if (copy_from_user(tty->write_buf, buf, size))
1066 break;
1da177e4 1067 ret = write(tty, file, tty->write_buf, size);
1da177e4
LT		 1068 if (ret <= 0)
1069 break;
1070 written += ret;
1071 buf += ret;
1072 count -= ret;
1073 if (!count)
1074 break;
1075 ret = -ERESTARTSYS;
1076 if (signal_pending(current))
1077 break;
1078 cond_resched();
1079 }
1080 if (written) {
a7113a96 1081 struct inode *inode = file->f_path.dentry->d_inode;
1da177e4
LT		 1082 inode->i_mtime = current_fs_time(inode->i_sb);
1083 ret = written;
1084 }
9c1729db
AC		 1085out:
1086 tty_write_unlock(tty);
1da177e4
LT		 1087 return ret;
1088}
1089
95f9bfc6
AC		 1090/**
1091 * tty_write_message - write a message to a certain tty, not just the console.
1092 * @tty: the destination tty_struct
1093 * @msg: the message to write
1094 *
1095 * This is used for messages that need to be redirected to a specific tty.
1096 * We don't put it into the syslog queue right now maybe in the future if
1097 * really needed.
1098 *
ec79d605 1099 * We must still hold the BTM and test the CLOSING flag for the moment.
95f9bfc6
AC		 1100 */
1101
1102void tty_write_message(struct tty_struct *tty, char *msg)
1103{
95f9bfc6
AC		 1104 if (tty) {
1105 mutex_lock(&tty->atomic_write_lock);
6d31a88c 1106 tty_lock();
eeb89d91 1107 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
6d31a88c 1108 tty_unlock();
95f9bfc6 1109 tty->ops->write(tty, msg, strlen(msg));
eeb89d91 1110 } else
6d31a88c 1111 tty_unlock();
95f9bfc6
AC		 1112 tty_write_unlock(tty);
1113 }
95f9bfc6
AC		 1114 return;
1115}
1116
1da177e4 1117
af9b897e
AC		 1118/**
1119 * tty_write - write method for tty device file
1120 * @file: tty file pointer
1121 * @buf: user data to write
1122 * @count: bytes to write
1123 * @ppos: unused
1124 *
1125 * Write data to a tty device via the line discipline.
1126 *
1127 * Locking:
1128 * Locks the line discipline as required
1129 * Writes to the tty driver are serialized by the atomic_write_lock
1130 * and are then processed in chunks to the device. The line discipline
a88a69c9 1131 * write method will not be invoked in parallel for each device.
af9b897e
AC		 1132 */
1133
37bdfb07
AC		 1134static ssize_t tty_write(struct file *file, const char __user *buf,
1135 size_t count, loff_t *ppos)
1da177e4 1136{
a7113a96 1137 struct inode *inode = file->f_path.dentry->d_inode;
d996b62a
NP		 1138 struct tty_struct *tty = file_tty(file);
1139 struct tty_ldisc *ld;
1da177e4 1140 ssize_t ret;
37bdfb07 1141
1da177e4
LT		 1142 if (tty_paranoia_check(tty, inode, "tty_write"))
1143 return -EIO;
f34d7a5b 1144 if (!tty || !tty->ops->write ||
37bdfb07
AC		 1145 (test_bit(TTY_IO_ERROR, &tty->flags)))
1146 return -EIO;
f34d7a5b
AC		 1147 /* Short term debug to catch buggy drivers */
1148 if (tty->ops->write_room == NULL)
1149 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1150 tty->driver->name);
37bdfb07 1151 ld = tty_ldisc_ref_wait(tty);
a352def2 1152 if (!ld->ops->write)
1da177e4
LT		 1153 ret = -EIO;
1154 else
a352def2 1155 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1da177e4
LT		 1156 tty_ldisc_deref(ld);
1157 return ret;
1158}
1159
37bdfb07
AC		 1160ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1161 size_t count, loff_t *ppos)
1da177e4
LT		 1162{
1163 struct file *p = NULL;
1164
1165 spin_lock(&redirect_lock);
1166 if (redirect) {
1167 get_file(redirect);
1168 p = redirect;
1169 }
1170 spin_unlock(&redirect_lock);
1171
1172 if (p) {
1173 ssize_t res;
1174 res = vfs_write(p, buf, count, &p->f_pos);
1175 fput(p);
1176 return res;
1177 }
1da177e4
LT		 1178 return tty_write(file, buf, count, ppos);
1179}
1180
1181static char ptychar[] = "pqrstuvwxyzabcde";
1182
af9b897e
AC		 1183/**
1184 * pty_line_name - generate name for a pty
1185 * @driver: the tty driver in use
1186 * @index: the minor number
1187 * @p: output buffer of at least 6 bytes
1188 *
1189 * Generate a name from a driver reference and write it to the output
1190 * buffer.
1191 *
1192 * Locking: None
1193 */
1194static void pty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4
LT		 1195{
1196 int i = index + driver->name_base;
1197 /* ->name is initialized to "ttyp", but "tty" is expected */
1198 sprintf(p, "%s%c%x",
37bdfb07
AC		 1199 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1200 ptychar[i >> 4 & 0xf], i & 0xf);
1da177e4
LT		 1201}
1202
af9b897e 1203/**
8b0a88d5 1204 * tty_line_name - generate name for a tty
af9b897e
AC		 1205 * @driver: the tty driver in use
1206 * @index: the minor number
1207 * @p: output buffer of at least 7 bytes
1208 *
1209 * Generate a name from a driver reference and write it to the output
1210 * buffer.
1211 *
1212 * Locking: None
1213 */
1214static void tty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4
LT		 1215{
1216 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1217}
1218
99f1fe18
AC		 1219/**
1220 * tty_driver_lookup_tty() - find an existing tty, if any
1221 * @driver: the driver for the tty
1222 * @idx: the minor number
23499705 1223 *
99f1fe18 1224 * Return the tty, if found or ERR_PTR() otherwise.
23499705 1225 *
99f1fe18
AC		 1226 * Locking: tty_mutex must be held. If tty is found, the mutex must
1227 * be held until the 'fast-open' is also done. Will change once we
1228 * have refcounting in the driver and per driver locking
23499705 1229 */
a47d545f 1230static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
15f1a633 1231 struct inode *inode, int idx)
23499705 1232{
99f1fe18 1233 if (driver->ops->lookup)
15f1a633 1234 return driver->ops->lookup(driver, inode, idx);
23499705 1235
d4834267 1236 return driver->ttys[idx];
23499705
SB		 1237}
1238
bf970ee4
AC		 1239/**
1240 * tty_init_termios - helper for termios setup
1241 * @tty: the tty to set up
1242 *
1243 * Initialise the termios structures for this tty. Thus runs under
1244 * the tty_mutex currently so we can be relaxed about ordering.
1245 */
1246
1247int tty_init_termios(struct tty_struct *tty)
1248{
fe6e29fd 1249 struct ktermios *tp;
bf970ee4
AC		 1250 int idx = tty->index;
1251
36b3c070
AC		 1252 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1253 tty->termios = tty->driver->init_termios;
1254 else {
1255 /* Check for lazy saved data */
1256 tp = tty->driver->termios[idx];
1257 if (tp != NULL)
1258 tty->termios = *tp;
1259 else
1260 tty->termios = tty->driver->init_termios;
bf970ee4 1261 }
bf970ee4 1262 /* Compatibility until drivers always set this */
adc8d746
AC		 1263 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1264 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
bf970ee4
AC		 1265 return 0;
1266}
fe1ae7fd 1267EXPORT_SYMBOL_GPL(tty_init_termios);
bf970ee4 1268
66d450e8
JS		 1269int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1270{
1271 int ret = tty_init_termios(tty);
1272 if (ret)
1273 return ret;
1274
1275 tty_driver_kref_get(driver);
1276 tty->count++;
1277 driver->ttys[tty->index] = tty;
1278 return 0;
1279}
1280EXPORT_SYMBOL_GPL(tty_standard_install);
1281
99f1fe18 1282/**
8b0a88d5
AC		 1283 * tty_driver_install_tty() - install a tty entry in the driver
1284 * @driver: the driver for the tty
1285 * @tty: the tty
1286 *
1287 * Install a tty object into the driver tables. The tty->index field
bf970ee4
AC		 1288 * will be set by the time this is called. This method is responsible
1289 * for ensuring any need additional structures are allocated and
1290 * configured.
8b0a88d5
AC		 1291 *
1292 * Locking: tty_mutex for now
1293 */
1294static int tty_driver_install_tty(struct tty_driver *driver,
1295 struct tty_struct *tty)
1296{
66d450e8
JS		 1297 return driver->ops->install ? driver->ops->install(driver, tty) :
1298 tty_standard_install(driver, tty);
8b0a88d5
AC		 1299}
1300
1301/**
1302 * tty_driver_remove_tty() - remove a tty from the driver tables
1303 * @driver: the driver for the tty
1304 * @idx: the minor number
1305 *
1306 * Remvoe a tty object from the driver tables. The tty->index field
1307 * will be set by the time this is called.
1308 *
1309 * Locking: tty_mutex for now
1310 */
24d406a6 1311void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
8b0a88d5
AC		 1312{
1313 if (driver->ops->remove)
1314 driver->ops->remove(driver, tty);
1315 else
1316 driver->ttys[tty->index] = NULL;
1317}
1318
1319/*
1320 * tty_reopen() - fast re-open of an open tty
1321 * @tty - the tty to open
23499705 1322 *
99f1fe18 1323 * Return 0 on success, -errno on error.
23499705 1324 *
99f1fe18
AC		 1325 * Locking: tty_mutex must be held from the time the tty was found
1326 * till this open completes.
23499705 1327 */
99f1fe18 1328static int tty_reopen(struct tty_struct *tty)
23499705
SB		 1329{
1330 struct tty_driver *driver = tty->driver;
1331
e2efafbf 1332 if (test_bit(TTY_CLOSING, &tty->flags) ||
acfa747b 1333 test_bit(TTY_HUPPING, &tty->flags) ||
e2efafbf 1334 test_bit(TTY_LDISC_CHANGING, &tty->flags))
23499705
SB		 1335 return -EIO;
1336
1337 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1338 driver->subtype == PTY_TYPE_MASTER) {
1339 /*
1340 * special case for PTY masters: only one open permitted,
1341 * and the slave side open count is incremented as well.
1342 */
1343 if (tty->count)
1344 return -EIO;
1345
1346 tty->link->count++;
1347 }
1348 tty->count++;
23499705 1349
1aa4bed8 1350 mutex_lock(&tty->ldisc_mutex);
99f1fe18 1351 WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
1aa4bed8 1352 mutex_unlock(&tty->ldisc_mutex);
23499705
SB		 1353
1354 return 0;
1355}
1356
af9b897e 1357/**
d81ed103 1358 * tty_init_dev - initialise a tty device
af9b897e
AC		 1359 * @driver: tty driver we are opening a device on
1360 * @idx: device index
15582d36 1361 * @ret_tty: returned tty structure
af9b897e
AC		 1362 *
1363 * Prepare a tty device. This may not be a "new" clean device but
1364 * could also be an active device. The pty drivers require special
1365 * handling because of this.
1366 *
1367 * Locking:
1368 * The function is called under the tty_mutex, which
1369 * protects us from the tty struct or driver itself going away.
1370 *
1371 * On exit the tty device has the line discipline attached and
1372 * a reference count of 1. If a pair was created for pty/tty use
1373 * and the other was a pty master then it too has a reference count of 1.
1374 *
1da177e4 1375 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
70522e12
IM		 1376 * failed open. The new code protects the open with a mutex, so it's
1377 * really quite straightforward. The mutex locking can probably be
1da177e4
LT		 1378 * relaxed for the (most common) case of reopening a tty.
1379 */
af9b897e 1380
593a27c4 1381struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1da177e4 1382{
bf970ee4 1383 struct tty_struct *tty;
73ec06fc 1384 int retval;
1da177e4 1385
1da177e4
LT		 1386 /*
1387 * First time open is complex, especially for PTY devices.
1388 * This code guarantees that either everything succeeds and the
1389 * TTY is ready for operation, or else the table slots are vacated
37bdfb07 1390 * and the allocated memory released. (Except that the termios
1da177e4
LT		 1391 * and locked termios may be retained.)
1392 */
1393
73ec06fc
AC		 1394 if (!try_module_get(driver->owner))
1395 return ERR_PTR(-ENODEV);
1da177e4 1396
1da177e4 1397 tty = alloc_tty_struct();
d5543503
JS		 1398 if (!tty) {
1399 retval = -ENOMEM;
1400 goto err_module_put;
1401 }
bf970ee4 1402 initialize_tty_struct(tty, driver, idx);
1da177e4 1403
73ec06fc 1404 retval = tty_driver_install_tty(driver, tty);
d5543503 1405 if (retval < 0)
a9dccddb 1406 goto err_deinit_tty;
8b0a88d5 1407
04831dc1
JS		 1408 if (!tty->port)
1409 tty->port = driver->ports[idx];
1410
37bdfb07 1411 /*
1da177e4 1412 * Structures all installed ... call the ldisc open routines.
d5698c28
CH		 1413 * If we fail here just call release_tty to clean up. No need
1414 * to decrement the use counts, as release_tty doesn't care.
1da177e4 1415 */
bf970ee4 1416 retval = tty_ldisc_setup(tty, tty->link);
01e1abb2 1417 if (retval)
d5543503 1418 goto err_release_tty;
73ec06fc 1419 return tty;
1da177e4 1420
a9dccddb
JS		 1421err_deinit_tty:
1422 deinitialize_tty_struct(tty);
d5543503
JS		 1423 free_tty_struct(tty);
1424err_module_put:
1da177e4 1425 module_put(driver->owner);
d5543503 1426 return ERR_PTR(retval);
1da177e4 1427
d5698c28 1428 /* call the tty release_tty routine to clean out this slot */
d5543503 1429err_release_tty:
5a3c6b25 1430 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
4050914f 1431 "clearing slot %d\n", idx);
d5698c28 1432 release_tty(tty, idx);
73ec06fc 1433 return ERR_PTR(retval);
1da177e4
LT		 1434}
1435
feebed65
AC		 1436void tty_free_termios(struct tty_struct *tty)
1437{
1438 struct ktermios *tp;
1439 int idx = tty->index;
36b3c070
AC		 1440
1441 /* If the port is going to reset then it has no termios to save */
1442 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1443 return;
1444
1445 /* Stash the termios data */
1446 tp = tty->driver->termios[idx];
1447 if (tp == NULL) {
1448 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1449 if (tp == NULL) {
1450 pr_warn("tty: no memory to save termios state.\n");
1451 return;
1452 }
4ac5d705 1453 tty->driver->termios[idx] = tp;
feebed65 1454 }
36b3c070 1455 *tp = tty->termios;
feebed65
AC		 1456}
1457EXPORT_SYMBOL(tty_free_termios);
1458
feebed65 1459
af9b897e 1460/**
d5698c28 1461 * release_one_tty - release tty structure memory
9c9f4ded 1462 * @kref: kref of tty we are obliterating
af9b897e
AC		 1463 *
1464 * Releases memory associated with a tty structure, and clears out the
1465 * driver table slots. This function is called when a device is no longer
1466 * in use. It also gets called when setup of a device fails.
1467 *
1468 * Locking:
af9b897e
AC		 1469 * takes the file list lock internally when working on the list
1470 * of ttys that the driver keeps.
b50989dc
AC		 1471 *
1472 * This method gets called from a work queue so that the driver private
f278a2f7 1473 * cleanup ops can sleep (needed for USB at least)
1da177e4 1474 */
b50989dc 1475static void release_one_tty(struct work_struct *work)
1da177e4 1476{
b50989dc
AC		 1477 struct tty_struct *tty =
1478 container_of(work, struct tty_struct, hangup_work);
6f967f78 1479 struct tty_driver *driver = tty->driver;
d5698c28 1480
f278a2f7
DY		 1481 if (tty->ops->cleanup)
1482 tty->ops->cleanup(tty);
1483
1da177e4 1484 tty->magic = 0;
7d7b93c1 1485 tty_driver_kref_put(driver);
6f967f78 1486 module_put(driver->owner);
d5698c28 1487
ee2ffa0d 1488 spin_lock(&tty_files_lock);
1da177e4 1489 list_del_init(&tty->tty_files);
ee2ffa0d 1490 spin_unlock(&tty_files_lock);
d5698c28 1491
6da8d866
ON		 1492 put_pid(tty->pgrp);
1493 put_pid(tty->session);
1da177e4
LT		 1494 free_tty_struct(tty);
1495}
1496
b50989dc
AC		 1497static void queue_release_one_tty(struct kref *kref)
1498{
1499 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
f278a2f7 1500
b50989dc
AC		 1501 /* The hangup queue is now free so we can reuse it rather than
1502 waste a chunk of memory for each port */
1503 INIT_WORK(&tty->hangup_work, release_one_tty);
1504 schedule_work(&tty->hangup_work);
1505}
1506
9c9f4ded
AC		 1507/**
1508 * tty_kref_put - release a tty kref
1509 * @tty: tty device
1510 *
1511 * Release a reference to a tty device and if need be let the kref
1512 * layer destruct the object for us
1513 */
1514
1515void tty_kref_put(struct tty_struct *tty)
1516{
1517 if (tty)
b50989dc 1518 kref_put(&tty->kref, queue_release_one_tty);
9c9f4ded
AC		 1519}
1520EXPORT_SYMBOL(tty_kref_put);
1521
d5698c28
CH		 1522/**
1523 * release_tty - release tty structure memory
1524 *
1525 * Release both @tty and a possible linked partner (think pty pair),
1526 * and decrement the refcount of the backing module.
1527 *
1528 * Locking:
d155255a 1529 * tty_mutex
d5698c28
CH		 1530 * takes the file list lock internally when working on the list
1531 * of ttys that the driver keeps.
9c9f4ded 1532 *
d5698c28
CH		 1533 */
1534static void release_tty(struct tty_struct *tty, int idx)
1535{
9c9f4ded
AC		 1536 /* This should always be true but check for the moment */
1537 WARN_ON(tty->index != idx);
d155255a 1538 WARN_ON(!mutex_is_locked(&tty_mutex));
36b3c070
AC		 1539 if (tty->ops->shutdown)
1540 tty->ops->shutdown(tty);
1541 tty_free_termios(tty);
1542 tty_driver_remove_tty(tty->driver, tty);
1543
d5698c28 1544 if (tty->link)
9c9f4ded
AC		 1545 tty_kref_put(tty->link);
1546 tty_kref_put(tty);
d5698c28
CH		 1547}
1548
955787ca
JS		 1549/**
1550 * tty_release_checks - check a tty before real release
1551 * @tty: tty to check
1552 * @o_tty: link of @tty (if any)
1553 * @idx: index of the tty
1554 *
1555 * Performs some paranoid checking before true release of the @tty.
1556 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1557 */
1558static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1559 int idx)
1560{
1561#ifdef TTY_PARANOIA_CHECK
1562 if (idx < 0 || idx >= tty->driver->num) {
9de44bd6
JS		 1563 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1564 __func__, tty->name);
955787ca
JS		 1565 return -1;
1566 }
1567
1568 /* not much to check for devpts */
1569 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1570 return 0;
1571
1572 if (tty != tty->driver->ttys[idx]) {
9de44bd6
JS		 1573 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1574 __func__, idx, tty->name);
955787ca
JS		 1575 return -1;
1576 }
955787ca
JS		 1577 if (tty->driver->other) {
1578 if (o_tty != tty->driver->other->ttys[idx]) {
9de44bd6
JS		 1579 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1580 __func__, idx, tty->name);
955787ca
JS		 1581 return -1;
1582 }
955787ca 1583 if (o_tty->link != tty) {
9de44bd6 1584 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
955787ca
JS		 1585 return -1;
1586 }
1587 }
1588#endif
1589 return 0;
1590}
1591
eeb89d91
AC		 1592/**
1593 * tty_release - vfs callback for close
1594 * @inode: inode of tty
1595 * @filp: file pointer for handle to tty
1596 *
1597 * Called the last time each file handle is closed that references
1598 * this tty. There may however be several such references.
1599 *
1600 * Locking:
1601 * Takes bkl. See tty_release_dev
1602 *
1da177e4
LT		 1603 * Even releasing the tty structures is a tricky business.. We have
1604 * to be very careful that the structures are all released at the
1605 * same time, as interrupts might otherwise get the wrong pointers.
1606 *
1607 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1608 * lead to double frees or releasing memory still in use.
1609 */
eeb89d91
AC		 1610
1611int tty_release(struct inode *inode, struct file *filp)
1da177e4 1612{
d996b62a
NP		 1613 struct tty_struct *tty = file_tty(filp);
1614 struct tty_struct *o_tty;
1da177e4 1615 int pty_master, tty_closing, o_tty_closing, do_sleep;
14a6283e 1616 int devpts;
1da177e4
LT		 1617 int idx;
1618 char buf[64];
37bdfb07 1619
9de44bd6 1620 if (tty_paranoia_check(tty, inode, __func__))
eeb89d91 1621 return 0;
1da177e4 1622
6d31a88c 1623 tty_lock();
9de44bd6 1624 check_tty_count(tty, __func__);
1da177e4 1625
ec79d605 1626 __tty_fasync(-1, filp, 0);
1da177e4
LT		 1627
1628 idx = tty->index;
1629 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1630 tty->driver->subtype == PTY_TYPE_MASTER);
1631 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
1da177e4
LT		 1632 o_tty = tty->link;
1633
955787ca 1634 if (tty_release_checks(tty, o_tty, idx)) {
6d31a88c 1635 tty_unlock();
eeb89d91 1636 return 0;
1da177e4 1637 }
1da177e4
LT		 1638
1639#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 1640 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1641 tty_name(tty, buf), tty->count);
1da177e4
LT		 1642#endif
1643
f34d7a5b
AC		 1644 if (tty->ops->close)
1645 tty->ops->close(tty, filp);
1da177e4 1646
6d31a88c 1647 tty_unlock();
1da177e4
LT		 1648 /*
1649 * Sanity check: if tty->count is going to zero, there shouldn't be
1650 * any waiters on tty->read_wait or tty->write_wait. We test the
1651 * wait queues and kick everyone out _before_ actually starting to
1652 * close. This ensures that we won't block while releasing the tty
1653 * structure.
1654 *
1655 * The test for the o_tty closing is necessary, since the master and
1656 * slave sides may close in any order. If the slave side closes out
1657 * first, its count will be one, since the master side holds an open.
1658 * Thus this test wouldn't be triggered at the time the slave closes,
1659 * so we do it now.
1660 *
1661 * Note that it's possible for the tty to be opened again while we're
1662 * flushing out waiters. By recalculating the closing flags before
1663 * each iteration we avoid any problems.
1664 */
1665 while (1) {
1666 /* Guard against races with tty->count changes elsewhere and
1667 opens on /dev/tty */
37bdfb07 1668
70522e12 1669 mutex_lock(&tty_mutex);
6d31a88c 1670 tty_lock();
1da177e4
LT		 1671 tty_closing = tty->count <= 1;
1672 o_tty_closing = o_tty &&
1673 (o_tty->count <= (pty_master ? 1 : 0));
1da177e4
LT		 1674 do_sleep = 0;
1675
1676 if (tty_closing) {
1677 if (waitqueue_active(&tty->read_wait)) {
4b19449d 1678 wake_up_poll(&tty->read_wait, POLLIN);
1da177e4
LT		 1679 do_sleep++;
1680 }
1681 if (waitqueue_active(&tty->write_wait)) {
4b19449d 1682 wake_up_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 1683 do_sleep++;
1684 }
1685 }
1686 if (o_tty_closing) {
1687 if (waitqueue_active(&o_tty->read_wait)) {
4b19449d 1688 wake_up_poll(&o_tty->read_wait, POLLIN);
1da177e4
LT		 1689 do_sleep++;
1690 }
1691 if (waitqueue_active(&o_tty->write_wait)) {
4b19449d 1692 wake_up_poll(&o_tty->write_wait, POLLOUT);
1da177e4
LT		 1693 do_sleep++;
1694 }
1695 }
1696 if (!do_sleep)
1697 break;
1698
9de44bd6
JS		 1699 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1700 __func__, tty_name(tty, buf));
6d31a88c 1701 tty_unlock();
70522e12 1702 mutex_unlock(&tty_mutex);
1da177e4 1703 schedule();
37bdfb07 1704 }
1da177e4
LT		 1705
1706 /*
37bdfb07
AC		 1707 * The closing flags are now consistent with the open counts on
1708 * both sides, and we've completed the last operation that could
1da177e4 1709 * block, so it's safe to proceed with closing.
d155255a
AC		 1710 *
1711 * We must *not* drop the tty_mutex until we ensure that a further
1712 * entry into tty_open can not pick up this tty.
1da177e4 1713 */
1da177e4
LT		 1714 if (pty_master) {
1715 if (--o_tty->count < 0) {
9de44bd6
JS		 1716 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1717 __func__, o_tty->count, tty_name(o_tty, buf));
1da177e4
LT		 1718 o_tty->count = 0;
1719 }
1720 }
1721 if (--tty->count < 0) {
9de44bd6
JS		 1722 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1723 __func__, tty->count, tty_name(tty, buf));
1da177e4
LT		 1724 tty->count = 0;
1725 }
37bdfb07 1726
1da177e4
LT		 1727 /*
1728 * We've decremented tty->count, so we need to remove this file
1729 * descriptor off the tty->tty_files list; this serves two
1730 * purposes:
1731 * - check_tty_count sees the correct number of file descriptors
1732 * associated with this tty.
1733 * - do_tty_hangup no longer sees this file descriptor as
1734 * something that needs to be handled for hangups.
1735 */
d996b62a 1736 tty_del_file(filp);
1da177e4
LT		 1737
1738 /*
1739 * Perform some housekeeping before deciding whether to return.
1740 *
1741 * Set the TTY_CLOSING flag if this was the last open. In the
1742 * case of a pty we may have to wait around for the other side
1743 * to close, and TTY_CLOSING makes sure we can't be reopened.
1744 */
37bdfb07 1745 if (tty_closing)
1da177e4 1746 set_bit(TTY_CLOSING, &tty->flags);
37bdfb07 1747 if (o_tty_closing)
1da177e4
LT		 1748 set_bit(TTY_CLOSING, &o_tty->flags);
1749
1750 /*
1751 * If _either_ side is closing, make sure there aren't any
1752 * processes that still think tty or o_tty is their controlling
1753 * tty.
1754 */
1755 if (tty_closing || o_tty_closing) {
1da177e4 1756 read_lock(&tasklist_lock);
24ec839c 1757 session_clear_tty(tty->session);
1da177e4 1758 if (o_tty)
24ec839c 1759 session_clear_tty(o_tty->session);
1da177e4
LT		 1760 read_unlock(&tasklist_lock);
1761 }
1762
70522e12 1763 mutex_unlock(&tty_mutex);
d155255a
AC		 1764 tty_unlock();
1765 /* At this point the TTY_CLOSING flag should ensure a dead tty
1766 cannot be re-opened by a racing opener */
da965822 1767
1da177e4 1768 /* check whether both sides are closing ... */
d155255a 1769 if (!tty_closing || (o_tty && !o_tty_closing))
eeb89d91 1770 return 0;
37bdfb07 1771
1da177e4 1772#ifdef TTY_DEBUG_HANGUP
9de44bd6 1773 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__);
1da177e4
LT		 1774#endif
1775 /*
01e1abb2 1776 * Ask the line discipline code to release its structures
1da177e4 1777 */
01e1abb2 1778 tty_ldisc_release(tty, o_tty);
1da177e4 1779 /*
d5698c28 1780 * The release_tty function takes care of the details of clearing
6d31a88c 1781 * the slots and preserving the termios structure.
1da177e4 1782 */
d155255a 1783 mutex_lock(&tty_mutex);
d5698c28 1784 release_tty(tty, idx);
d155255a 1785 mutex_unlock(&tty_mutex);
1da177e4 1786
1da177e4 1787 /* Make this pty number available for reallocation */
718a9163 1788 if (devpts)
15f1a633 1789 devpts_kill_index(inode, idx);
d155255a 1790
eeb89d91 1791 return 0;
1da177e4
LT		 1792}
1793
b82154ac
JS		 1794/**
1795 * tty_open_current_tty - get tty of current task for open
1796 * @device: device number
1797 * @filp: file pointer to tty
1798 * @return: tty of the current task iff @device is /dev/tty
1799 *
1800 * We cannot return driver and index like for the other nodes because
1801 * devpts will not work then. It expects inodes to be from devpts FS.
3af502b9
AC		 1802 *
1803 * We need to move to returning a refcounted object from all the lookup
1804 * paths including this one.
b82154ac
JS		 1805 */
1806static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1807{
1808 struct tty_struct *tty;
1809
1810 if (device != MKDEV(TTYAUX_MAJOR, 0))
1811 return NULL;
1812
1813 tty = get_current_tty();
1814 if (!tty)
1815 return ERR_PTR(-ENXIO);
1816
1817 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1818 /* noctty = 1; */
1819 tty_kref_put(tty);
1820 /* FIXME: we put a reference and return a TTY! */
3af502b9 1821 /* This is only safe because the caller holds tty_mutex */
b82154ac
JS		 1822 return tty;
1823}
1824
5b5e7040
JS		 1825/**
1826 * tty_lookup_driver - lookup a tty driver for a given device file
1827 * @device: device number
1828 * @filp: file pointer to tty
1829 * @noctty: set if the device should not become a controlling tty
1830 * @index: index for the device in the @return driver
1831 * @return: driver for this inode (with increased refcount)
1832 *
1833 * If @return is not erroneous, the caller is responsible to decrement the
1834 * refcount by tty_driver_kref_put.
1835 *
1836 * Locking: tty_mutex protects get_tty_driver
1837 */
1838static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1839 int *noctty, int *index)
1840{
1841 struct tty_driver *driver;
1842
2cd0050c 1843 switch (device) {
5b5e7040 1844#ifdef CONFIG_VT
2cd0050c 1845 case MKDEV(TTY_MAJOR, 0): {
5b5e7040
JS		 1846 extern struct tty_driver *console_driver;
1847 driver = tty_driver_kref_get(console_driver);
1848 *index = fg_console;
1849 *noctty = 1;
2cd0050c 1850 break;
5b5e7040
JS		 1851 }
1852#endif
2cd0050c 1853 case MKDEV(TTYAUX_MAJOR, 1): {
5b5e7040
JS		 1854 struct tty_driver *console_driver = console_device(index);
1855 if (console_driver) {
1856 driver = tty_driver_kref_get(console_driver);
1857 if (driver) {
1858 /* Don't let /dev/console block */
1859 filp->f_flags |= O_NONBLOCK;
1860 *noctty = 1;
2cd0050c 1861 break;
5b5e7040
JS		 1862 }
1863 }
1864 return ERR_PTR(-ENODEV);
1865 }
2cd0050c
JS		 1866 default:
1867 driver = get_tty_driver(device, index);
1868 if (!driver)
1869 return ERR_PTR(-ENODEV);
1870 break;
1871 }
5b5e7040
JS		 1872 return driver;
1873}
1874
af9b897e 1875/**
eeb89d91 1876 * tty_open - open a tty device
af9b897e
AC		 1877 * @inode: inode of device file
1878 * @filp: file pointer to tty
1da177e4 1879 *
af9b897e
AC		 1880 * tty_open and tty_release keep up the tty count that contains the
1881 * number of opens done on a tty. We cannot use the inode-count, as
1882 * different inodes might point to the same tty.
1da177e4 1883 *
af9b897e
AC		 1884 * Open-counting is needed for pty masters, as well as for keeping
1885 * track of serial lines: DTR is dropped when the last close happens.
1886 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1887 *
1888 * The termios state of a pty is reset on first open so that
1889 * settings don't persist across reuse.
1890 *
5b5e7040 1891 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
24ec839c
PZ		 1892 * tty->count should protect the rest.
1893 * ->siglock protects ->signal/->sighand
1da177e4 1894 */
af9b897e 1895
eeb89d91 1896static int tty_open(struct inode *inode, struct file *filp)
1da177e4 1897{
b82154ac 1898 struct tty_struct *tty;
1da177e4 1899 int noctty, retval;
b82154ac 1900 struct tty_driver *driver = NULL;
1da177e4
LT		 1901 int index;
1902 dev_t device = inode->i_rdev;
846c151a 1903 unsigned saved_flags = filp->f_flags;
1da177e4
LT		 1904
1905 nonseekable_open(inode, filp);
37bdfb07 1906
1da177e4 1907retry_open:
fa90e1c9
JS		 1908 retval = tty_alloc_file(filp);
1909 if (retval)
1910 return -ENOMEM;
1911
1da177e4
LT		 1912 noctty = filp->f_flags & O_NOCTTY;
1913 index = -1;
1914 retval = 0;
37bdfb07 1915
70522e12 1916 mutex_lock(&tty_mutex);
6d31a88c
AC		 1917 tty_lock();
1918
b82154ac
JS		 1919 tty = tty_open_current_tty(device, filp);
1920 if (IS_ERR(tty)) {
ba5db448
JS		 1921 retval = PTR_ERR(tty);
1922 goto err_unlock;
5b5e7040
JS		 1923 } else if (!tty) {
1924 driver = tty_lookup_driver(device, filp, &noctty, &index);
1925 if (IS_ERR(driver)) {
ba5db448
JS		 1926 retval = PTR_ERR(driver);
1927 goto err_unlock;
1da177e4 1928 }
1da177e4 1929
4a2b5fdd 1930 /* check whether we're reopening an existing tty */
15f1a633 1931 tty = tty_driver_lookup_tty(driver, inode, index);
808ffa3d 1932 if (IS_ERR(tty)) {
ba5db448
JS		 1933 retval = PTR_ERR(tty);
1934 goto err_unlock;
808ffa3d 1935 }
4a2b5fdd
SB		 1936 }
1937
1938 if (tty) {
1939 retval = tty_reopen(tty);
6d31a88c 1940 if (retval)
4a2b5fdd 1941 tty = ERR_PTR(retval);
6d31a88c 1942 } else
593a27c4 1943 tty = tty_init_dev(driver, index);
4a2b5fdd 1944
70522e12 1945 mutex_unlock(&tty_mutex);
b82154ac
JS		 1946 if (driver)
1947 tty_driver_kref_put(driver);
eeb89d91 1948 if (IS_ERR(tty)) {
6d31a88c 1949 tty_unlock();
ba5db448
JS		 1950 retval = PTR_ERR(tty);
1951 goto err_file;
eeb89d91 1952 }
1da177e4 1953
fa90e1c9 1954 tty_add_file(tty, filp);
d996b62a 1955
9de44bd6 1956 check_tty_count(tty, __func__);
1da177e4
LT		 1957 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1958 tty->driver->subtype == PTY_TYPE_MASTER)
1959 noctty = 1;
1960#ifdef TTY_DEBUG_HANGUP
9de44bd6 1961 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
1da177e4 1962#endif
909bc774
HRK		 1963 if (tty->ops->open)
1964 retval = tty->ops->open(tty, filp);
1965 else
1966 retval = -ENODEV;
1da177e4
LT		 1967 filp->f_flags = saved_flags;
1968
37bdfb07
AC		 1969 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
1970 !capable(CAP_SYS_ADMIN))
1da177e4
LT		 1971 retval = -EBUSY;
1972
1973 if (retval) {
1974#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 1975 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
1976 retval, tty->name);
1da177e4 1977#endif
6d31a88c 1978 tty_unlock(); /* need to call tty_release without BTM */
eeb89d91 1979 tty_release(inode, filp);
64ba3dc3 1980 if (retval != -ERESTARTSYS)
1da177e4 1981 return retval;
64ba3dc3
AB		 1982
1983 if (signal_pending(current))
1da177e4 1984 return retval;
64ba3dc3 1985
1da177e4
LT		 1986 schedule();
1987 /*
1988 * Need to reset f_op in case a hangup happened.
1989 */
6d31a88c 1990 tty_lock();
1da177e4
LT		 1991 if (filp->f_op == &hung_up_tty_fops)
1992 filp->f_op = &tty_fops;
6d31a88c 1993 tty_unlock();
1da177e4
LT		 1994 goto retry_open;
1995 }
6d31a88c 1996 tty_unlock();
eeb89d91 1997
24ec839c
PZ		 1998
1999 mutex_lock(&tty_mutex);
6d31a88c 2000 tty_lock();
24ec839c 2001 spin_lock_irq(&current->sighand->siglock);
1da177e4
LT		 2002 if (!noctty &&
2003 current->signal->leader &&
2004 !current->signal->tty &&
ab521dc0 2005 tty->session == NULL)
2a65f1d9 2006 __proc_set_tty(current, tty);
24ec839c 2007 spin_unlock_irq(&current->sighand->siglock);
6d31a88c 2008 tty_unlock();
24ec839c 2009 mutex_unlock(&tty_mutex);
1da177e4 2010 return 0;
ba5db448 2011err_unlock:
6d31a88c 2012 tty_unlock();
ba5db448
JS		 2013 mutex_unlock(&tty_mutex);
2014 /* after locks to avoid deadlock */
2015 if (!IS_ERR_OR_NULL(driver))
2016 tty_driver_kref_put(driver);
2017err_file:
2018 tty_free_file(filp);
2019 return retval;
1da177e4
LT		 2020}
2021
39d95b9d
JC		 2022
2023
af9b897e
AC		 2024/**
2025 * tty_poll - check tty status
2026 * @filp: file being polled
2027 * @wait: poll wait structures to update
2028 *
2029 * Call the line discipline polling method to obtain the poll
2030 * status of the device.
2031 *
2032 * Locking: locks called line discipline but ldisc poll method
2033 * may be re-entered freely by other callers.
2034 */
2035
37bdfb07 2036static unsigned int tty_poll(struct file *filp, poll_table *wait)
1da177e4 2037{
d996b62a 2038 struct tty_struct *tty = file_tty(filp);
1da177e4
LT		 2039 struct tty_ldisc *ld;
2040 int ret = 0;
2041
a7113a96 2042 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
1da177e4 2043 return 0;
37bdfb07 2044
1da177e4 2045 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2046 if (ld->ops->poll)
2047 ret = (ld->ops->poll)(tty, filp, wait);
1da177e4
LT		 2048 tty_ldisc_deref(ld);
2049 return ret;
2050}
2051
ec79d605 2052static int __tty_fasync(int fd, struct file *filp, int on)
1da177e4 2053{
d996b62a 2054 struct tty_struct *tty = file_tty(filp);
47f86834 2055 unsigned long flags;
5d1e3230 2056 int retval = 0;
1da177e4 2057
a7113a96 2058 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
5d1e3230 2059 goto out;
37bdfb07 2060
1da177e4
LT		 2061 retval = fasync_helper(fd, filp, on, &tty->fasync);
2062 if (retval <= 0)
5d1e3230 2063 goto out;
1da177e4
LT		 2064
2065 if (on) {
ab521dc0
EB		 2066 enum pid_type type;
2067 struct pid *pid;
1da177e4
LT		 2068 if (!waitqueue_active(&tty->read_wait))
2069 tty->minimum_to_wake = 1;
47f86834 2070 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2071 if (tty->pgrp) {
2072 pid = tty->pgrp;
2073 type = PIDTYPE_PGID;
2074 } else {
2075 pid = task_pid(current);
2076 type = PIDTYPE_PID;
2077 }
80e1e823 2078 get_pid(pid);
70362511 2079 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
80e1e823
LT		 2080 retval = __f_setown(filp, pid, type, 0);
2081 put_pid(pid);
1da177e4 2082 if (retval)
5d1e3230 2083 goto out;
1da177e4
LT		 2084 } else {
2085 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2086 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2087 }
5d1e3230
JC		 2088 retval = 0;
2089out:
ec79d605
AB		 2090 return retval;
2091}
2092
2093static int tty_fasync(int fd, struct file *filp, int on)
2094{
2095 int retval;
6d31a88c 2096 tty_lock();
ec79d605 2097 retval = __tty_fasync(fd, filp, on);
6d31a88c 2098 tty_unlock();
5d1e3230 2099 return retval;
1da177e4
LT		 2100}
2101
af9b897e
AC		 2102/**
2103 * tiocsti - fake input character
2104 * @tty: tty to fake input into
2105 * @p: pointer to character
2106 *
3a4fa0a2 2107 * Fake input to a tty device. Does the necessary locking and
af9b897e
AC		 2108 * input management.
2109 *
2110 * FIXME: does not honour flow control ??
2111 *
2112 * Locking:
2113 * Called functions take tty_ldisc_lock
2114 * current->signal->tty check is safe without locks
28298232
AC		 2115 *
2116 * FIXME: may race normal receive processing
af9b897e
AC		 2117 */
2118
1da177e4
LT		 2119static int tiocsti(struct tty_struct *tty, char __user *p)
2120{
2121 char ch, mbz = 0;
2122 struct tty_ldisc *ld;
37bdfb07 2123
1da177e4
LT		 2124 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2125 return -EPERM;
2126 if (get_user(ch, p))
2127 return -EFAULT;
1e641743 2128 tty_audit_tiocsti(tty, ch);
1da177e4 2129 ld = tty_ldisc_ref_wait(tty);
a352def2 2130 ld->ops->receive_buf(tty, &ch, &mbz, 1);
1da177e4
LT		 2131 tty_ldisc_deref(ld);
2132 return 0;
2133}
2134
af9b897e
AC		 2135/**
2136 * tiocgwinsz - implement window query ioctl
2137 * @tty; tty
2138 * @arg: user buffer for result
2139 *
808a0d38 2140 * Copies the kernel idea of the window size into the user buffer.
af9b897e 2141 *
24ec839c 2142 * Locking: tty->termios_mutex is taken to ensure the winsize data
808a0d38 2143 * is consistent.
af9b897e
AC		 2144 */
2145
37bdfb07 2146static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
1da177e4 2147{
808a0d38
AC		 2148 int err;
2149
5785c95b 2150 mutex_lock(&tty->termios_mutex);
808a0d38 2151 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
5785c95b 2152 mutex_unlock(&tty->termios_mutex);
808a0d38
AC		 2153
2154 return err ? -EFAULT: 0;
1da177e4
LT		 2155}
2156
af9b897e 2157/**
8c9a9dd0
AC		 2158 * tty_do_resize - resize event
2159 * @tty: tty being resized
8c9a9dd0
AC		 2160 * @rows: rows (character)
2161 * @cols: cols (character)
2162 *
3ad2f3fb 2163 * Update the termios variables and send the necessary signals to
8c9a9dd0 2164 * peform a terminal resize correctly
af9b897e
AC		 2165 */
2166
fc6f6238 2167int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
1da177e4 2168{
fc6f6238 2169 struct pid *pgrp;
47f86834 2170 unsigned long flags;
1da177e4 2171
fc6f6238
AC		 2172 /* Lock the tty */
2173 mutex_lock(&tty->termios_mutex);
2174 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
ca9bda00 2175 goto done;
47f86834
AC		 2176 /* Get the PID values and reference them so we can
2177 avoid holding the tty ctrl lock while sending signals */
2178 spin_lock_irqsave(&tty->ctrl_lock, flags);
2179 pgrp = get_pid(tty->pgrp);
47f86834
AC		 2180 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2181
2182 if (pgrp)
2183 kill_pgrp(pgrp, SIGWINCH, 1);
47f86834 2184 put_pid(pgrp);
47f86834 2185
8c9a9dd0 2186 tty->winsize = *ws;
ca9bda00 2187done:
fc6f6238 2188 mutex_unlock(&tty->termios_mutex);
1da177e4
LT		 2189 return 0;
2190}
2191
8c9a9dd0
AC		 2192/**
2193 * tiocswinsz - implement window size set ioctl
fc6f6238 2194 * @tty; tty side of tty
8c9a9dd0
AC		 2195 * @arg: user buffer for result
2196 *
2197 * Copies the user idea of the window size to the kernel. Traditionally
2198 * this is just advisory information but for the Linux console it
2199 * actually has driver level meaning and triggers a VC resize.
2200 *
2201 * Locking:
25985edc 2202 * Driver dependent. The default do_resize method takes the
8c9a9dd0
AC		 2203 * tty termios mutex and ctrl_lock. The console takes its own lock
2204 * then calls into the default method.
2205 */
2206
fc6f6238 2207static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
8c9a9dd0
AC		 2208{
2209 struct winsize tmp_ws;
2210 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2211 return -EFAULT;
2212
2213 if (tty->ops->resize)
fc6f6238 2214 return tty->ops->resize(tty, &tmp_ws);
8c9a9dd0 2215 else
fc6f6238 2216 return tty_do_resize(tty, &tmp_ws);
8c9a9dd0
AC		 2217}
2218
af9b897e
AC		 2219/**
2220 * tioccons - allow admin to move logical console
2221 * @file: the file to become console
2222 *
25985edc 2223 * Allow the administrator to move the redirected console device
af9b897e
AC		 2224 *
2225 * Locking: uses redirect_lock to guard the redirect information
2226 */
2227
1da177e4
LT		 2228static int tioccons(struct file *file)
2229{
2230 if (!capable(CAP_SYS_ADMIN))
2231 return -EPERM;
2232 if (file->f_op->write == redirected_tty_write) {
2233 struct file *f;
2234 spin_lock(&redirect_lock);
2235 f = redirect;
2236 redirect = NULL;
2237 spin_unlock(&redirect_lock);
2238 if (f)
2239 fput(f);
2240 return 0;
2241 }
2242 spin_lock(&redirect_lock);
2243 if (redirect) {
2244 spin_unlock(&redirect_lock);
2245 return -EBUSY;
2246 }
2247 get_file(file);
2248 redirect = file;
2249 spin_unlock(&redirect_lock);
2250 return 0;
2251}
2252
af9b897e
AC		 2253/**
2254 * fionbio - non blocking ioctl
2255 * @file: file to set blocking value
2256 * @p: user parameter
2257 *
2258 * Historical tty interfaces had a blocking control ioctl before
2259 * the generic functionality existed. This piece of history is preserved
2260 * in the expected tty API of posix OS's.
2261 *
6146b9af 2262 * Locking: none, the open file handle ensures it won't go away.
af9b897e 2263 */
1da177e4
LT		 2264
2265static int fionbio(struct file *file, int __user *p)
2266{
2267 int nonblock;
2268
2269 if (get_user(nonblock, p))
2270 return -EFAULT;
2271
db1dd4d3 2272 spin_lock(&file->f_lock);
1da177e4
LT		 2273 if (nonblock)
2274 file->f_flags |= O_NONBLOCK;
2275 else
2276 file->f_flags &= ~O_NONBLOCK;
db1dd4d3 2277 spin_unlock(&file->f_lock);
1da177e4
LT		 2278 return 0;
2279}
2280
af9b897e
AC		 2281/**
2282 * tiocsctty - set controlling tty
2283 * @tty: tty structure
2284 * @arg: user argument
2285 *
2286 * This ioctl is used to manage job control. It permits a session
2287 * leader to set this tty as the controlling tty for the session.
2288 *
2289 * Locking:
28298232 2290 * Takes tty_mutex() to protect tty instance
24ec839c
PZ		 2291 * Takes tasklist_lock internally to walk sessions
2292 * Takes ->siglock() when updating signal->tty
af9b897e
AC		 2293 */
2294
1da177e4
LT		 2295static int tiocsctty(struct tty_struct *tty, int arg)
2296{
24ec839c 2297 int ret = 0;
ab521dc0 2298 if (current->signal->leader && (task_session(current) == tty->session))
24ec839c
PZ		 2299 return ret;
2300
2301 mutex_lock(&tty_mutex);
1da177e4
LT		 2302 /*
2303 * The process must be a session leader and
2304 * not have a controlling tty already.
2305 */
24ec839c
PZ		 2306 if (!current->signal->leader || current->signal->tty) {
2307 ret = -EPERM;
2308 goto unlock;
2309 }
2310
ab521dc0 2311 if (tty->session) {
1da177e4
LT		 2312 /*
2313 * This tty is already the controlling
2314 * tty for another session group!
2315 */
37bdfb07 2316 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
1da177e4
LT		 2317 /*
2318 * Steal it away
2319 */
1da177e4 2320 read_lock(&tasklist_lock);
24ec839c 2321 session_clear_tty(tty->session);
1da177e4 2322 read_unlock(&tasklist_lock);
24ec839c
PZ		 2323 } else {
2324 ret = -EPERM;
2325 goto unlock;
2326 }
1da177e4 2327 }
24ec839c
PZ		 2328 proc_set_tty(current, tty);
2329unlock:
28298232 2330 mutex_unlock(&tty_mutex);
24ec839c 2331 return ret;
1da177e4
LT		 2332}
2333
5d0fdf1e
AC		 2334/**
2335 * tty_get_pgrp - return a ref counted pgrp pid
2336 * @tty: tty to read
2337 *
2338 * Returns a refcounted instance of the pid struct for the process
2339 * group controlling the tty.
2340 */
2341
2342struct pid *tty_get_pgrp(struct tty_struct *tty)
2343{
2344 unsigned long flags;
2345 struct pid *pgrp;
2346
2347 spin_lock_irqsave(&tty->ctrl_lock, flags);
2348 pgrp = get_pid(tty->pgrp);
2349 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2350
2351 return pgrp;
2352}
2353EXPORT_SYMBOL_GPL(tty_get_pgrp);
2354
af9b897e
AC		 2355/**
2356 * tiocgpgrp - get process group
2357 * @tty: tty passed by user
25985edc 2358 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2359 * @p: returned pid
2360 *
2361 * Obtain the process group of the tty. If there is no process group
2362 * return an error.
2363 *
24ec839c 2364 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2365 */
2366
1da177e4
LT		 2367static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2368{
5d0fdf1e
AC		 2369 struct pid *pid;
2370 int ret;
1da177e4
LT		 2371 /*
2372 * (tty == real_tty) is a cheap way of
2373 * testing if the tty is NOT a master pty.
2374 */
2375 if (tty == real_tty && current->signal->tty != real_tty)
2376 return -ENOTTY;
5d0fdf1e
AC		 2377 pid = tty_get_pgrp(real_tty);
2378 ret = put_user(pid_vnr(pid), p);
2379 put_pid(pid);
2380 return ret;
1da177e4
LT		 2381}
2382
af9b897e
AC		 2383/**
2384 * tiocspgrp - attempt to set process group
2385 * @tty: tty passed by user
2386 * @real_tty: tty side device matching tty passed by user
2387 * @p: pid pointer
2388 *
2389 * Set the process group of the tty to the session passed. Only
2390 * permitted where the tty session is our session.
2391 *
47f86834 2392 * Locking: RCU, ctrl lock
af9b897e
AC		 2393 */
2394
1da177e4
LT		 2395static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2396{
04a2e6a5
EB		 2397 struct pid *pgrp;
2398 pid_t pgrp_nr;
1da177e4 2399 int retval = tty_check_change(real_tty);
47f86834 2400 unsigned long flags;
1da177e4
LT		 2401
2402 if (retval == -EIO)
2403 return -ENOTTY;
2404 if (retval)
2405 return retval;
2406 if (!current->signal->tty ||
2407 (current->signal->tty != real_tty) ||
ab521dc0 2408 (real_tty->session != task_session(current)))
1da177e4 2409 return -ENOTTY;
04a2e6a5 2410 if (get_user(pgrp_nr, p))
1da177e4 2411 return -EFAULT;
04a2e6a5 2412 if (pgrp_nr < 0)
1da177e4 2413 return -EINVAL;
04a2e6a5 2414 rcu_read_lock();
b488893a 2415 pgrp = find_vpid(pgrp_nr);
04a2e6a5
EB		 2416 retval = -ESRCH;
2417 if (!pgrp)
2418 goto out_unlock;
2419 retval = -EPERM;
2420 if (session_of_pgrp(pgrp) != task_session(current))
2421 goto out_unlock;
2422 retval = 0;
47f86834 2423 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2424 put_pid(real_tty->pgrp);
2425 real_tty->pgrp = get_pid(pgrp);
47f86834 2426 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
04a2e6a5
EB		 2427out_unlock:
2428 rcu_read_unlock();
2429 return retval;
1da177e4
LT		 2430}
2431
af9b897e
AC		 2432/**
2433 * tiocgsid - get session id
2434 * @tty: tty passed by user
25985edc 2435 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2436 * @p: pointer to returned session id
2437 *
2438 * Obtain the session id of the tty. If there is no session
2439 * return an error.
2440 *
24ec839c 2441 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2442 */
2443
1da177e4
LT		 2444static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2445{
2446 /*
2447 * (tty == real_tty) is a cheap way of
2448 * testing if the tty is NOT a master pty.
2449 */
2450 if (tty == real_tty && current->signal->tty != real_tty)
2451 return -ENOTTY;
ab521dc0 2452 if (!real_tty->session)
1da177e4 2453 return -ENOTTY;
b488893a 2454 return put_user(pid_vnr(real_tty->session), p);
1da177e4
LT		 2455}
2456
af9b897e
AC		 2457/**
2458 * tiocsetd - set line discipline
2459 * @tty: tty device
2460 * @p: pointer to user data
2461 *
2462 * Set the line discipline according to user request.
2463 *
2464 * Locking: see tty_set_ldisc, this function is just a helper
2465 */
2466
1da177e4
LT		 2467static int tiocsetd(struct tty_struct *tty, int __user *p)
2468{
2469 int ldisc;
04f378b1 2470 int ret;
1da177e4
LT		 2471
2472 if (get_user(ldisc, p))
2473 return -EFAULT;
04f378b1 2474
04f378b1 2475 ret = tty_set_ldisc(tty, ldisc);
04f378b1
AC		 2476
2477 return ret;
1da177e4
LT		 2478}
2479
af9b897e
AC		 2480/**
2481 * send_break - performed time break
2482 * @tty: device to break on
2483 * @duration: timeout in mS
2484 *
2485 * Perform a timed break on hardware that lacks its own driver level
2486 * timed break functionality.
2487 *
2488 * Locking:
28298232 2489 * atomic_write_lock serializes
af9b897e 2490 *
af9b897e
AC		 2491 */
2492
b20f3ae5 2493static int send_break(struct tty_struct *tty, unsigned int duration)
1da177e4 2494{
9e98966c
AC		 2495 int retval;
2496
2497 if (tty->ops->break_ctl == NULL)
2498 return 0;
2499
2500 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2501 retval = tty->ops->break_ctl(tty, duration);
2502 else {
2503 /* Do the work ourselves */
2504 if (tty_write_lock(tty, 0) < 0)
2505 return -EINTR;
2506 retval = tty->ops->break_ctl(tty, -1);
2507 if (retval)
2508 goto out;
2509 if (!signal_pending(current))
2510 msleep_interruptible(duration);
2511 retval = tty->ops->break_ctl(tty, 0);
2512out:
2513 tty_write_unlock(tty);
2514 if (signal_pending(current))
2515 retval = -EINTR;
2516 }
2517 return retval;
1da177e4
LT		 2518}
2519
af9b897e 2520/**
f34d7a5b 2521 * tty_tiocmget - get modem status
af9b897e
AC		 2522 * @tty: tty device
2523 * @file: user file pointer
2524 * @p: pointer to result
2525 *
2526 * Obtain the modem status bits from the tty driver if the feature
2527 * is supported. Return -EINVAL if it is not available.
2528 *
2529 * Locking: none (up to the driver)
2530 */
2531
60b33c13 2532static int tty_tiocmget(struct tty_struct *tty, int __user *p)
1da177e4
LT		 2533{
2534 int retval = -EINVAL;
2535
f34d7a5b 2536 if (tty->ops->tiocmget) {
60b33c13 2537 retval = tty->ops->tiocmget(tty);
1da177e4
LT		 2538
2539 if (retval >= 0)
2540 retval = put_user(retval, p);
2541 }
2542 return retval;
2543}
2544
af9b897e 2545/**
f34d7a5b 2546 * tty_tiocmset - set modem status
af9b897e 2547 * @tty: tty device
af9b897e
AC		 2548 * @cmd: command - clear bits, set bits or set all
2549 * @p: pointer to desired bits
2550 *
2551 * Set the modem status bits from the tty driver if the feature
2552 * is supported. Return -EINVAL if it is not available.
2553 *
2554 * Locking: none (up to the driver)
2555 */
2556
20b9d177 2557static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
1da177e4
LT		 2558 unsigned __user *p)
2559{
ae677517
AC		 2560 int retval;
2561 unsigned int set, clear, val;
1da177e4 2562
ae677517
AC		 2563 if (tty->ops->tiocmset == NULL)
2564 return -EINVAL;
1da177e4 2565
ae677517
AC		 2566 retval = get_user(val, p);
2567 if (retval)
2568 return retval;
2569 set = clear = 0;
2570 switch (cmd) {
2571 case TIOCMBIS:
2572 set = val;
2573 break;
2574 case TIOCMBIC:
2575 clear = val;
2576 break;
2577 case TIOCMSET:
2578 set = val;
2579 clear = ~val;
2580 break;
2581 }
2582 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2583 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
20b9d177 2584 return tty->ops->tiocmset(tty, set, clear);
1da177e4
LT		 2585}
2586
d281da7f
AC		 2587static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2588{
2589 int retval = -EINVAL;
2590 struct serial_icounter_struct icount;
2591 memset(&icount, 0, sizeof(icount));
2592 if (tty->ops->get_icount)
2593 retval = tty->ops->get_icount(tty, &icount);
2594 if (retval != 0)
2595 return retval;
2596 if (copy_to_user(arg, &icount, sizeof(icount)))
2597 return -EFAULT;
2598 return 0;
2599}
2600
e8b70e7d
AC		 2601struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2602{
2603 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2604 tty->driver->subtype == PTY_TYPE_MASTER)
2605 tty = tty->link;
2606 return tty;
2607}
2608EXPORT_SYMBOL(tty_pair_get_tty);
2609
2610struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2611{
2612 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2613 tty->driver->subtype == PTY_TYPE_MASTER)
2614 return tty;
2615 return tty->link;
2616}
2617EXPORT_SYMBOL(tty_pair_get_pty);
2618
1da177e4
LT		 2619/*
2620 * Split this up, as gcc can choke on it otherwise..
2621 */
04f378b1 2622long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1da177e4 2623{
d996b62a
NP		 2624 struct tty_struct *tty = file_tty(file);
2625 struct tty_struct *real_tty;
1da177e4
LT		 2626 void __user *p = (void __user *)arg;
2627 int retval;
2628 struct tty_ldisc *ld;
04f378b1 2629 struct inode *inode = file->f_dentry->d_inode;
37bdfb07 2630
1da177e4
LT		 2631 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2632 return -EINVAL;
2633
e8b70e7d 2634 real_tty = tty_pair_get_tty(tty);
1da177e4
LT		 2635
2636 /*
2637 * Factor out some common prep work
2638 */
2639 switch (cmd) {
2640 case TIOCSETD:
2641 case TIOCSBRK:
2642 case TIOCCBRK:
2643 case TCSBRK:
37bdfb07 2644 case TCSBRKP:
1da177e4
LT		 2645 retval = tty_check_change(tty);
2646 if (retval)
2647 return retval;
2648 if (cmd != TIOCCBRK) {
2649 tty_wait_until_sent(tty, 0);
2650 if (signal_pending(current))
2651 return -EINTR;
2652 }
2653 break;
2654 }
2655
9e98966c
AC		 2656 /*
2657 * Now do the stuff.
2658 */
1da177e4 2659 switch (cmd) {
37bdfb07
AC		 2660 case TIOCSTI:
2661 return tiocsti(tty, p);
2662 case TIOCGWINSZ:
8f520021 2663 return tiocgwinsz(real_tty, p);
37bdfb07 2664 case TIOCSWINSZ:
fc6f6238 2665 return tiocswinsz(real_tty, p);
37bdfb07
AC		 2666 case TIOCCONS:
2667 return real_tty != tty ? -EINVAL : tioccons(file);
2668 case FIONBIO:
2669 return fionbio(file, p);
2670 case TIOCEXCL:
2671 set_bit(TTY_EXCLUSIVE, &tty->flags);
2672 return 0;
2673 case TIOCNXCL:
2674 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2675 return 0;
2676 case TIOCNOTTY:
2677 if (current->signal->tty != tty)
2678 return -ENOTTY;
2679 no_tty();
2680 return 0;
2681 case TIOCSCTTY:
2682 return tiocsctty(tty, arg);
2683 case TIOCGPGRP:
2684 return tiocgpgrp(tty, real_tty, p);
2685 case TIOCSPGRP:
2686 return tiocspgrp(tty, real_tty, p);
2687 case TIOCGSID:
2688 return tiocgsid(tty, real_tty, p);
2689 case TIOCGETD:
c65c9bc3 2690 return put_user(tty->ldisc->ops->num, (int __user *)p);
37bdfb07
AC		 2691 case TIOCSETD:
2692 return tiocsetd(tty, p);
3c95c985
KS		 2693 case TIOCVHANGUP:
2694 if (!capable(CAP_SYS_ADMIN))
2695 return -EPERM;
2696 tty_vhangup(tty);
2697 return 0;
b7b8de08
WF		 2698 case TIOCGDEV:
2699 {
2700 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2701 return put_user(ret, (unsigned int __user *)p);
2702 }
37bdfb07
AC		 2703 /*
2704 * Break handling
2705 */
2706 case TIOCSBRK: /* Turn break on, unconditionally */
f34d7a5b 2707 if (tty->ops->break_ctl)
9e98966c 2708 return tty->ops->break_ctl(tty, -1);
37bdfb07 2709 return 0;
37bdfb07 2710 case TIOCCBRK: /* Turn break off, unconditionally */
f34d7a5b 2711 if (tty->ops->break_ctl)
9e98966c 2712 return tty->ops->break_ctl(tty, 0);
37bdfb07
AC		 2713 return 0;
2714 case TCSBRK: /* SVID version: non-zero arg --> no break */
2715 /* non-zero arg means wait for all output data
2716 * to be sent (performed above) but don't send break.
2717 * This is used by the tcdrain() termios function.
2718 */
2719 if (!arg)
2720 return send_break(tty, 250);
2721 return 0;
2722 case TCSBRKP: /* support for POSIX tcsendbreak() */
2723 return send_break(tty, arg ? arg*100 : 250);
2724
2725 case TIOCMGET:
60b33c13 2726 return tty_tiocmget(tty, p);
37bdfb07
AC		 2727 case TIOCMSET:
2728 case TIOCMBIC:
2729 case TIOCMBIS:
20b9d177 2730 return tty_tiocmset(tty, cmd, p);
d281da7f
AC		 2731 case TIOCGICOUNT:
2732 retval = tty_tiocgicount(tty, p);
2733 /* For the moment allow fall through to the old method */
2734 if (retval != -EINVAL)
2735 return retval;
2736 break;
37bdfb07
AC		 2737 case TCFLSH:
2738 switch (arg) {
2739 case TCIFLUSH:
2740 case TCIOFLUSH:
2741 /* flush tty buffer and allow ldisc to process ioctl */
2742 tty_buffer_flush(tty);
c5c34d48 2743 break;
37bdfb07
AC		 2744 }
2745 break;
1da177e4 2746 }
f34d7a5b 2747 if (tty->ops->ioctl) {
6caa76b7 2748 retval = (tty->ops->ioctl)(tty, cmd, arg);
1da177e4
LT		 2749 if (retval != -ENOIOCTLCMD)
2750 return retval;
2751 }
2752 ld = tty_ldisc_ref_wait(tty);
2753 retval = -EINVAL;
a352def2
AC		 2754 if (ld->ops->ioctl) {
2755 retval = ld->ops->ioctl(tty, file, cmd, arg);
1da177e4
LT		 2756 if (retval == -ENOIOCTLCMD)
2757 retval = -EINVAL;
2758 }
2759 tty_ldisc_deref(ld);
2760 return retval;
2761}
2762
e10cc1df 2763#ifdef CONFIG_COMPAT
37bdfb07 2764static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 2765 unsigned long arg)
2766{
2767 struct inode *inode = file->f_dentry->d_inode;
d996b62a 2768 struct tty_struct *tty = file_tty(file);
e10cc1df
PF		 2769 struct tty_ldisc *ld;
2770 int retval = -ENOIOCTLCMD;
2771
2772 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2773 return -EINVAL;
2774
f34d7a5b 2775 if (tty->ops->compat_ioctl) {
6caa76b7 2776 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
e10cc1df
PF		 2777 if (retval != -ENOIOCTLCMD)
2778 return retval;
2779 }
2780
2781 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2782 if (ld->ops->compat_ioctl)
2783 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
8193c429
TM		 2784 else
2785 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
e10cc1df
PF		 2786 tty_ldisc_deref(ld);
2787
2788 return retval;
2789}
2790#endif
1da177e4
LT		 2791
2792/*
2793 * This implements the "Secure Attention Key" --- the idea is to
2794 * prevent trojan horses by killing all processes associated with this
2795 * tty when the user hits the "Secure Attention Key". Required for
2796 * super-paranoid applications --- see the Orange Book for more details.
37bdfb07 2797 *
1da177e4
LT		 2798 * This code could be nicer; ideally it should send a HUP, wait a few
2799 * seconds, then send a INT, and then a KILL signal. But you then
2800 * have to coordinate with the init process, since all processes associated
2801 * with the current tty must be dead before the new getty is allowed
2802 * to spawn.
2803 *
2804 * Now, if it would be correct ;-/ The current code has a nasty hole -
2805 * it doesn't catch files in flight. We may send the descriptor to ourselves
2806 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2807 *
2808 * Nasty bug: do_SAK is being called in interrupt context. This can
2809 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2810 */
8b6312f4 2811void __do_SAK(struct tty_struct *tty)
1da177e4
LT		 2812{
2813#ifdef TTY_SOFT_SAK
2814 tty_hangup(tty);
2815#else
652486fb 2816 struct task_struct *g, *p;
ab521dc0 2817 struct pid *session;
1da177e4
LT		 2818 int i;
2819 struct file *filp;
badf1662 2820 struct fdtable *fdt;
37bdfb07 2821
1da177e4
LT		 2822 if (!tty)
2823 return;
24ec839c 2824 session = tty->session;
37bdfb07 2825
b3f13deb 2826 tty_ldisc_flush(tty);
1da177e4 2827
f34d7a5b 2828 tty_driver_flush_buffer(tty);
37bdfb07 2829
1da177e4 2830 read_lock(&tasklist_lock);
652486fb 2831 /* Kill the entire session */
ab521dc0 2832 do_each_pid_task(session, PIDTYPE_SID, p) {
652486fb 2833 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 2834 " (%s): task_session(p)==tty->session\n",
ba25f9dc 2835 task_pid_nr(p), p->comm);
652486fb 2836 send_sig(SIGKILL, p, 1);
ab521dc0 2837 } while_each_pid_task(session, PIDTYPE_SID, p);
652486fb
EB		 2838 /* Now kill any processes that happen to have the
2839 * tty open.
2840 */
2841 do_each_thread(g, p) {
2842 if (p->signal->tty == tty) {
1da177e4 2843 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 2844 " (%s): task_session(p)==tty->session\n",
ba25f9dc 2845 task_pid_nr(p), p->comm);
1da177e4
LT		 2846 send_sig(SIGKILL, p, 1);
2847 continue;
2848 }
2849 task_lock(p);
2850 if (p->files) {
ca99c1da
DS		 2851 /*
2852 * We don't take a ref to the file, so we must
2853 * hold ->file_lock instead.
2854 */
2855 spin_lock(&p->files->file_lock);
badf1662 2856 fdt = files_fdtable(p->files);
37bdfb07 2857 for (i = 0; i < fdt->max_fds; i++) {
1da177e4
LT		 2858 filp = fcheck_files(p->files, i);
2859 if (!filp)
2860 continue;
2861 if (filp->f_op->read == tty_read &&
d996b62a 2862 file_tty(filp) == tty) {
1da177e4
LT		 2863 printk(KERN_NOTICE "SAK: killed process %d"
2864 " (%s): fd#%d opened to the tty\n",
ba25f9dc 2865 task_pid_nr(p), p->comm, i);
20ac9437 2866 force_sig(SIGKILL, p);
1da177e4
LT		 2867 break;
2868 }
2869 }
ca99c1da 2870 spin_unlock(&p->files->file_lock);
1da177e4
LT		 2871 }
2872 task_unlock(p);
652486fb 2873 } while_each_thread(g, p);
1da177e4
LT		 2874 read_unlock(&tasklist_lock);
2875#endif
2876}
2877
8b6312f4
EB		 2878static void do_SAK_work(struct work_struct *work)
2879{
2880 struct tty_struct *tty =
2881 container_of(work, struct tty_struct, SAK_work);
2882 __do_SAK(tty);
2883}
2884
1da177e4
LT		 2885/*
2886 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2887 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2888 * the values which we write to it will be identical to the values which it
2889 * already has. --akpm
2890 */
2891void do_SAK(struct tty_struct *tty)
2892{
2893 if (!tty)
2894 return;
1da177e4
LT		 2895 schedule_work(&tty->SAK_work);
2896}
2897
2898EXPORT_SYMBOL(do_SAK);
2899
30004ac9
DES		 2900static int dev_match_devt(struct device *dev, void *data)
2901{
2902 dev_t *devt = data;
2903 return dev->devt == *devt;
2904}
2905
2906/* Must put_device() after it's unused! */
2907static struct device *tty_get_device(struct tty_struct *tty)
2908{
2909 dev_t devt = tty_devnum(tty);
2910 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2911}
2912
2913
af9b897e
AC		 2914/**
2915 * initialize_tty_struct
2916 * @tty: tty to initialize
2917 *
2918 * This subroutine initializes a tty structure that has been newly
2919 * allocated.
2920 *
2921 * Locking: none - tty in question must not be exposed at this point
1da177e4 2922 */
af9b897e 2923
bf970ee4
AC		 2924void initialize_tty_struct(struct tty_struct *tty,
2925 struct tty_driver *driver, int idx)
1da177e4
LT		 2926{
2927 memset(tty, 0, sizeof(struct tty_struct));
9c9f4ded 2928 kref_init(&tty->kref);
1da177e4 2929 tty->magic = TTY_MAGIC;
01e1abb2 2930 tty_ldisc_init(tty);
ab521dc0
EB		 2931 tty->session = NULL;
2932 tty->pgrp = NULL;
1da177e4 2933 tty->overrun_time = jiffies;
33f0f88f 2934 tty_buffer_init(tty);
5785c95b 2935 mutex_init(&tty->termios_mutex);
c65c9bc3 2936 mutex_init(&tty->ldisc_mutex);
1da177e4
LT		 2937 init_waitqueue_head(&tty->write_wait);
2938 init_waitqueue_head(&tty->read_wait);
65f27f38 2939 INIT_WORK(&tty->hangup_work, do_tty_hangup);
70522e12
IM		 2940 mutex_init(&tty->atomic_read_lock);
2941 mutex_init(&tty->atomic_write_lock);
a88a69c9
JP		 2942 mutex_init(&tty->output_lock);
2943 mutex_init(&tty->echo_lock);
1da177e4 2944 spin_lock_init(&tty->read_lock);
04f378b1 2945 spin_lock_init(&tty->ctrl_lock);
1da177e4 2946 INIT_LIST_HEAD(&tty->tty_files);
7f1f86a0 2947 INIT_WORK(&tty->SAK_work, do_SAK_work);
bf970ee4
AC		 2948
2949 tty->driver = driver;
2950 tty->ops = driver->ops;
2951 tty->index = idx;
2952 tty_line_name(driver, idx, tty->name);
30004ac9 2953 tty->dev = tty_get_device(tty);
1da177e4
LT		 2954}
2955
6716671d
JS		 2956/**
2957 * deinitialize_tty_struct
2958 * @tty: tty to deinitialize
2959 *
2960 * This subroutine deinitializes a tty structure that has been newly
2961 * allocated but tty_release cannot be called on that yet.
2962 *
2963 * Locking: none - tty in question must not be exposed at this point
2964 */
2965void deinitialize_tty_struct(struct tty_struct *tty)
2966{
2967 tty_ldisc_deinit(tty);
2968}
2969
f34d7a5b
AC		 2970/**
2971 * tty_put_char - write one character to a tty
2972 * @tty: tty
2973 * @ch: character
2974 *
2975 * Write one byte to the tty using the provided put_char method
2976 * if present. Returns the number of characters successfully output.
2977 *
2978 * Note: the specific put_char operation in the driver layer may go
2979 * away soon. Don't call it directly, use this method
1da177e4 2980 */
af9b897e 2981
f34d7a5b 2982int tty_put_char(struct tty_struct *tty, unsigned char ch)
1da177e4 2983{
f34d7a5b
AC		 2984 if (tty->ops->put_char)
2985 return tty->ops->put_char(tty, ch);
2986 return tty->ops->write(tty, &ch, 1);
1da177e4 2987}
f34d7a5b
AC		 2988EXPORT_SYMBOL_GPL(tty_put_char);
2989
d81ed103 2990struct class *tty_class;
1da177e4
LT		 2991
2992/**
af9b897e
AC		 2993 * tty_register_device - register a tty device
2994 * @driver: the tty driver that describes the tty device
2995 * @index: the index in the tty driver for this tty device
2996 * @device: a struct device that is associated with this tty device.
2997 * This field is optional, if there is no known struct device
2998 * for this tty device it can be set to NULL safely.
1da177e4 2999 *
01107d34
GKH		 3000 * Returns a pointer to the struct device for this tty device
3001 * (or ERR_PTR(-EFOO) on error).
1cdcb6b4 3002 *
af9b897e
AC		 3003 * This call is required to be made to register an individual tty device
3004 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3005 * that bit is not set, this function should not be called by a tty
3006 * driver.
3007 *
3008 * Locking: ??
1da177e4 3009 */
af9b897e 3010
01107d34
GKH		 3011struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3012 struct device *device)
1da177e4
LT		 3013{
3014 char name[64];
3015 dev_t dev = MKDEV(driver->major, driver->minor_start) + index;
3016
3017 if (index >= driver->num) {
3018 printk(KERN_ERR "Attempt to register invalid tty line number "
3019 " (%d).\n", index);
1cdcb6b4 3020 return ERR_PTR(-EINVAL);
1da177e4
LT		 3021 }
3022
1da177e4
LT		 3023 if (driver->type == TTY_DRIVER_TYPE_PTY)
3024 pty_line_name(driver, index, name);
3025 else
3026 tty_line_name(driver, index, name);
1cdcb6b4 3027
03457cd4 3028 return device_create(tty_class, device, dev, NULL, name);
1da177e4 3029}
7d7b93c1 3030EXPORT_SYMBOL(tty_register_device);
1da177e4
LT		 3031
3032/**
af9b897e
AC		 3033 * tty_unregister_device - unregister a tty device
3034 * @driver: the tty driver that describes the tty device
3035 * @index: the index in the tty driver for this tty device
1da177e4 3036 *
af9b897e
AC		 3037 * If a tty device is registered with a call to tty_register_device() then
3038 * this function must be called when the tty device is gone.
3039 *
3040 * Locking: ??
1da177e4 3041 */
af9b897e 3042
1da177e4
LT		 3043void tty_unregister_device(struct tty_driver *driver, unsigned index)
3044{
37bdfb07
AC		 3045 device_destroy(tty_class,
3046 MKDEV(driver->major, driver->minor_start) + index);
1da177e4 3047}
1da177e4
LT		 3048EXPORT_SYMBOL(tty_unregister_device);
3049
1a54a76d 3050struct tty_driver *__alloc_tty_driver(int lines, struct module *owner)
1da177e4
LT		 3051{
3052 struct tty_driver *driver;
3053
506eb99a 3054 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
1da177e4 3055 if (driver) {
7d7b93c1 3056 kref_init(&driver->kref);
1da177e4
LT		 3057 driver->magic = TTY_DRIVER_MAGIC;
3058 driver->num = lines;
1a54a76d 3059 driver->owner = owner;
1da177e4
LT		 3060 /* later we'll move allocation of tables here */
3061 }
3062 return driver;
3063}
1a54a76d 3064EXPORT_SYMBOL(__alloc_tty_driver);
1da177e4 3065
7d7b93c1 3066static void destruct_tty_driver(struct kref *kref)
1da177e4 3067{
7d7b93c1
AC		 3068 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3069 int i;
3070 struct ktermios *tp;
3071 void *p;
3072
3073 if (driver->flags & TTY_DRIVER_INSTALLED) {
3074 /*
3075 * Free the termios and termios_locked structures because
3076 * we don't want to get memory leaks when modular tty
3077 * drivers are removed from the kernel.
3078 */
3079 for (i = 0; i < driver->num; i++) {
3080 tp = driver->termios[i];
3081 if (tp) {
3082 driver->termios[i] = NULL;
3083 kfree(tp);
3084 }
7d7b93c1
AC		 3085 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3086 tty_unregister_device(driver, i);
3087 }
3088 p = driver->ttys;
3089 proc_tty_unregister_driver(driver);
3090 driver->ttys = NULL;
fe6e29fd 3091 driver->termios = NULL;
7d7b93c1
AC		 3092 kfree(p);
3093 cdev_del(&driver->cdev);
3094 }
04831dc1 3095 kfree(driver->ports);
1da177e4
LT		 3096 kfree(driver);
3097}
3098
7d7b93c1
AC		 3099void tty_driver_kref_put(struct tty_driver *driver)
3100{
3101 kref_put(&driver->kref, destruct_tty_driver);
3102}
3103EXPORT_SYMBOL(tty_driver_kref_put);
3104
b68e31d0
JD		 3105void tty_set_operations(struct tty_driver *driver,
3106 const struct tty_operations *op)
1da177e4 3107{
f34d7a5b
AC		 3108 driver->ops = op;
3109};
7d7b93c1 3110EXPORT_SYMBOL(tty_set_operations);
1da177e4 3111
7d7b93c1
AC		 3112void put_tty_driver(struct tty_driver *d)
3113{
3114 tty_driver_kref_put(d);
3115}
1da177e4 3116EXPORT_SYMBOL(put_tty_driver);
1da177e4
LT		 3117
3118/*
3119 * Called by a tty driver to register itself.
3120 */
3121int tty_register_driver(struct tty_driver *driver)
3122{
3123 int error;
37bdfb07 3124 int i;
1da177e4
LT		 3125 dev_t dev;
3126 void **p = NULL;
b670bde0 3127 struct device *d;
1da177e4 3128
543691a6 3129 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) {
fe6e29fd 3130 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL);
1da177e4
LT		 3131 if (!p)
3132 return -ENOMEM;
1da177e4 3133 }
04831dc1
JS		 3134 /*
3135 * There is too many lines in PTY and we won't need the array there
3136 * since it has an ->install hook where it assigns ports properly.
3137 */
3138 if (driver->type != TTY_DRIVER_TYPE_PTY) {
3139 driver->ports = kcalloc(driver->num, sizeof(struct tty_port *),
3140 GFP_KERNEL);
3141 if (!driver->ports) {
3142 error = -ENOMEM;
3143 goto err_free_p;
3144 }
3145 }
1da177e4
LT		 3146
3147 if (!driver->major) {
37bdfb07
AC		 3148 error = alloc_chrdev_region(&dev, driver->minor_start,
3149 driver->num, driver->name);
1da177e4
LT		 3150 if (!error) {
3151 driver->major = MAJOR(dev);
3152 driver->minor_start = MINOR(dev);
3153 }
3154 } else {
3155 dev = MKDEV(driver->major, driver->minor_start);
e5717c48 3156 error = register_chrdev_region(dev, driver->num, driver->name);
1da177e4 3157 }
9bb8a3d4
JS		 3158 if (error < 0)
3159 goto err_free_p;
1da177e4
LT		 3160
3161 if (p) {
3162 driver->ttys = (struct tty_struct **)p;
edc6afc5 3163 driver->termios = (struct ktermios **)(p + driver->num);
1da177e4
LT		 3164 } else {
3165 driver->ttys = NULL;
3166 driver->termios = NULL;
1da177e4
LT		 3167 }
3168
3169 cdev_init(&driver->cdev, &tty_fops);
3170 driver->cdev.owner = driver->owner;
3171 error = cdev_add(&driver->cdev, dev, driver->num);
9bb8a3d4
JS		 3172 if (error)
3173 goto err_unreg_char;
1da177e4 3174
ca509f69 3175 mutex_lock(&tty_mutex);
1da177e4 3176 list_add(&driver->tty_drivers, &tty_drivers);
ca509f69 3177 mutex_unlock(&tty_mutex);
37bdfb07
AC		 3178
3179 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
b670bde0
VK		 3180 for (i = 0; i < driver->num; i++) {
3181 d = tty_register_device(driver, i, NULL);
3182 if (IS_ERR(d)) {
3183 error = PTR_ERR(d);
3184 goto err;
3185 }
3186 }
1da177e4
LT		 3187 }
3188 proc_tty_register_driver(driver);
7d7b93c1 3189 driver->flags |= TTY_DRIVER_INSTALLED;
1da177e4 3190 return 0;
b670bde0
VK		 3191
3192err:
3193 for (i--; i >= 0; i--)
3194 tty_unregister_device(driver, i);
3195
3196 mutex_lock(&tty_mutex);
3197 list_del(&driver->tty_drivers);
3198 mutex_unlock(&tty_mutex);
3199
9bb8a3d4 3200err_unreg_char:
b670bde0
VK		 3201 unregister_chrdev_region(dev, driver->num);
3202 driver->ttys = NULL;
3203 driver->termios = NULL;
04831dc1 3204err_free_p: /* destruct_tty_driver will free driver->ports */
b670bde0
VK		 3205 kfree(p);
3206 return error;
1da177e4 3207}
1da177e4
LT		 3208EXPORT_SYMBOL(tty_register_driver);
3209
3210/*
3211 * Called by a tty driver to unregister itself.
3212 */
3213int tty_unregister_driver(struct tty_driver *driver)
3214{
7d7b93c1
AC		 3215#if 0
3216 /* FIXME */
1da177e4
LT		 3217 if (driver->refcount)
3218 return -EBUSY;
7d7b93c1 3219#endif
1da177e4
LT		 3220 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3221 driver->num);
ca509f69 3222 mutex_lock(&tty_mutex);
1da177e4 3223 list_del(&driver->tty_drivers);
ca509f69 3224 mutex_unlock(&tty_mutex);
1da177e4
LT		 3225 return 0;
3226}
7d7b93c1 3227
1da177e4
LT		 3228EXPORT_SYMBOL(tty_unregister_driver);
3229
24ec839c
PZ		 3230dev_t tty_devnum(struct tty_struct *tty)
3231{
3232 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3233}
3234EXPORT_SYMBOL(tty_devnum);
3235
3236void proc_clear_tty(struct task_struct *p)
3237{
7c3b1dcf 3238 unsigned long flags;
9c9f4ded 3239 struct tty_struct *tty;
7c3b1dcf 3240 spin_lock_irqsave(&p->sighand->siglock, flags);
9c9f4ded 3241 tty = p->signal->tty;
24ec839c 3242 p->signal->tty = NULL;
7c3b1dcf 3243 spin_unlock_irqrestore(&p->sighand->siglock, flags);
9c9f4ded 3244 tty_kref_put(tty);
24ec839c 3245}
24ec839c 3246
47f86834
AC		 3247/* Called under the sighand lock */
3248
2a65f1d9 3249static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
24ec839c
PZ		 3250{
3251 if (tty) {
47f86834
AC		 3252 unsigned long flags;
3253 /* We should not have a session or pgrp to put here but.... */
3254 spin_lock_irqsave(&tty->ctrl_lock, flags);
d9c1e9a8
EB		 3255 put_pid(tty->session);
3256 put_pid(tty->pgrp);
ab521dc0 3257 tty->pgrp = get_pid(task_pgrp(tsk));
47f86834
AC		 3258 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3259 tty->session = get_pid(task_session(tsk));
9c9f4ded
AC		 3260 if (tsk->signal->tty) {
3261 printk(KERN_DEBUG "tty not NULL!!\n");
3262 tty_kref_put(tsk->signal->tty);
3263 }
24ec839c 3264 }
2a65f1d9 3265 put_pid(tsk->signal->tty_old_pgrp);
9c9f4ded 3266 tsk->signal->tty = tty_kref_get(tty);
ab521dc0 3267 tsk->signal->tty_old_pgrp = NULL;
24ec839c
PZ		 3268}
3269
98a27ba4 3270static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
24ec839c
PZ		 3271{
3272 spin_lock_irq(&tsk->sighand->siglock);
2a65f1d9 3273 __proc_set_tty(tsk, tty);
24ec839c
PZ		 3274 spin_unlock_irq(&tsk->sighand->siglock);
3275}
3276
3277struct tty_struct *get_current_tty(void)
3278{
3279 struct tty_struct *tty;
934e6ebf
AC		 3280 unsigned long flags;
3281
3282 spin_lock_irqsave(&current->sighand->siglock, flags);
452a00d2 3283 tty = tty_kref_get(current->signal->tty);
934e6ebf 3284 spin_unlock_irqrestore(&current->sighand->siglock, flags);
24ec839c
PZ		 3285 return tty;
3286}
a311f743 3287EXPORT_SYMBOL_GPL(get_current_tty);
1da177e4 3288
d81ed103
AC		 3289void tty_default_fops(struct file_operations *fops)
3290{
3291 *fops = tty_fops;
3292}
3293
1da177e4
LT		 3294/*
3295 * Initialize the console device. This is called *early*, so
3296 * we can't necessarily depend on lots of kernel help here.
3297 * Just do some early initializations, and do the complex setup
3298 * later.
3299 */
3300void __init console_init(void)
3301{
3302 initcall_t *call;
3303
3304 /* Setup the default TTY line discipline. */
01e1abb2 3305 tty_ldisc_begin();
1da177e4
LT		 3306
3307 /*
37bdfb07 3308 * set up the console device so that later boot sequences can
1da177e4
LT		 3309 * inform about problems etc..
3310 */
1da177e4
LT		 3311 call = __con_initcall_start;
3312 while (call < __con_initcall_end) {
3313 (*call)();
3314 call++;
3315 }
3316}
3317
2c9ede55 3318static char *tty_devnode(struct device *dev, umode_t *mode)
e454cea2
KS		 3319{
3320 if (!mode)
3321 return NULL;
3322 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3323 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3324 *mode = 0666;
3325 return NULL;
3326}
3327
1da177e4
LT		 3328static int __init tty_class_init(void)
3329{
7fe845d1 3330 tty_class = class_create(THIS_MODULE, "tty");
1da177e4
LT		 3331 if (IS_ERR(tty_class))
3332 return PTR_ERR(tty_class);
e454cea2 3333 tty_class->devnode = tty_devnode;
1da177e4
LT		 3334 return 0;
3335}
3336
3337postcore_initcall(tty_class_init);
3338
3339/* 3/2004 jmc: why do these devices exist? */
1da177e4 3340static struct cdev tty_cdev, console_cdev;
1da177e4 3341
fbc92a34
KS		 3342static ssize_t show_cons_active(struct device *dev,
3343 struct device_attribute *attr, char *buf)
3344{
3345 struct console *cs[16];
3346 int i = 0;
3347 struct console *c;
3348 ssize_t count = 0;
3349
ac751efa 3350 console_lock();
a2a6a822 3351 for_each_console(c) {
fbc92a34
KS		 3352 if (!c->device)
3353 continue;
3354 if (!c->write)
3355 continue;
3356 if ((c->flags & CON_ENABLED) == 0)
3357 continue;
3358 cs[i++] = c;
3359 if (i >= ARRAY_SIZE(cs))
3360 break;
3361 }
3362 while (i--)
3363 count += sprintf(buf + count, "%s%d%c",
3364 cs[i]->name, cs[i]->index, i ? ' ':'\n');
ac751efa 3365 console_unlock();
fbc92a34
KS		 3366
3367 return count;
3368}
3369static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3370
3371static struct device *consdev;
3372
3373void console_sysfs_notify(void)
3374{
3375 if (consdev)
3376 sysfs_notify(&consdev->kobj, NULL, "active");
3377}
3378
1da177e4
LT		 3379/*
3380 * Ok, now we can initialize the rest of the tty devices and can count
3381 * on memory allocations, interrupts etc..
3382 */
31d1d48e 3383int __init tty_init(void)
1da177e4
LT		 3384{
3385 cdev_init(&tty_cdev, &tty_fops);
3386 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3387 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3388 panic("Couldn't register /dev/tty driver\n");
fbc92a34 3389 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
1da177e4
LT		 3390
3391 cdev_init(&console_cdev, &console_fops);
3392 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3393 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3394 panic("Couldn't register /dev/console driver\n");
fbc92a34 3395 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
47aa5793 3396 "console");
fbc92a34
KS		 3397 if (IS_ERR(consdev))
3398 consdev = NULL;
3399 else
a2a6a822 3400 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
1da177e4 3401
1da177e4 3402#ifdef CONFIG_VT
d81ed103 3403 vty_init(&console_fops);
1da177e4
LT		 3404#endif
3405 return 0;
3406}
31d1d48e 3407
Linux 6.x block layer and io_uring tree(s)