projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tty: revert incorrectly applied lock patch
[linux-2.6-block.git] / drivers / tty / tty_io.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5/*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
37bdfb07 20 * makes for cleaner and more compact code. -TYT, 9/17/92
1da177e4
LT		 21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
37bdfb07 42 *
1da177e4
LT		 43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
d81ed103 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
1da177e4
LT		 51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
37bdfb07
AC		 63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
1da177e4
LT		 65 */
66
1da177e4
LT		 67#include <linux/types.h>
68#include <linux/major.h>
69#include <linux/errno.h>
70#include <linux/signal.h>
71#include <linux/fcntl.h>
72#include <linux/sched.h>
73#include <linux/interrupt.h>
74#include <linux/tty.h>
75#include <linux/tty_driver.h>
76#include <linux/tty_flip.h>
77#include <linux/devpts_fs.h>
78#include <linux/file.h>
9f3acc31 79#include <linux/fdtable.h>
1da177e4
LT		 80#include <linux/console.h>
81#include <linux/timer.h>
82#include <linux/ctype.h>
83#include <linux/kd.h>
84#include <linux/mm.h>
85#include <linux/string.h>
86#include <linux/slab.h>
87#include <linux/poll.h>
88#include <linux/proc_fs.h>
89#include <linux/init.h>
90#include <linux/module.h>
1da177e4 91#include <linux/device.h>
1da177e4
LT		 92#include <linux/wait.h>
93#include <linux/bitops.h>
b20f3ae5 94#include <linux/delay.h>
a352def2 95#include <linux/seq_file.h>
d281da7f 96#include <linux/serial.h>
5a3c6b25 97#include <linux/ratelimit.h>
1da177e4 98
a352def2 99#include <linux/uaccess.h>
1da177e4
LT		 100
101#include <linux/kbd_kern.h>
102#include <linux/vt_kern.h>
103#include <linux/selection.h>
1da177e4
LT		 104
105#include <linux/kmod.h>
b488893a 106#include <linux/nsproxy.h>
1da177e4
LT		 107
108#undef TTY_DEBUG_HANGUP
109
110#define TTY_PARANOIA_CHECK 1
111#define CHECK_TTY_COUNT 1
112
edc6afc5 113struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
1da177e4
LT		 114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
edc6afc5
AC		 119 .c_cc = INIT_C_CC,
120 .c_ispeed = 38400,
121 .c_ospeed = 38400
1da177e4
LT		 122};
123
124EXPORT_SYMBOL(tty_std_termios);
125
126/* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
128 into this file */
37bdfb07 129
1da177e4
LT		 130LIST_HEAD(tty_drivers); /* linked list of tty drivers */
131
24ec839c 132/* Mutex to protect creating and releasing a tty. This is shared with
1da177e4 133 vt.c for deeply disgusting hack reasons */
70522e12 134DEFINE_MUTEX(tty_mutex);
de2a84f2 135EXPORT_SYMBOL(tty_mutex);
1da177e4 136
ee2ffa0d
NP		 137/* Spinlock to protect the tty->tty_files list */
138DEFINE_SPINLOCK(tty_files_lock);
139
1da177e4
LT		 140static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
37bdfb07
AC		 142ssize_t redirected_tty_write(struct file *, const char __user *,
143 size_t, loff_t *);
1da177e4
LT		 144static unsigned int tty_poll(struct file *, poll_table *);
145static int tty_open(struct inode *, struct file *);
04f378b1 146long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
e10cc1df 147#ifdef CONFIG_COMPAT
37bdfb07 148static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 149 unsigned long arg);
150#else
151#define tty_compat_ioctl NULL
152#endif
ec79d605 153static int __tty_fasync(int fd, struct file *filp, int on);
37bdfb07 154static int tty_fasync(int fd, struct file *filp, int on);
d5698c28 155static void release_tty(struct tty_struct *tty, int idx);
2a65f1d9 156static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
98a27ba4 157static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
1da177e4 158
af9b897e
AC		 159/**
160 * alloc_tty_struct - allocate a tty object
161 *
162 * Return a new empty tty structure. The data fields have not
163 * been initialized in any way but has been zeroed
164 *
165 * Locking: none
af9b897e 166 */
1da177e4 167
bf970ee4 168struct tty_struct *alloc_tty_struct(void)
1da177e4 169{
1266b1e1 170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
1da177e4
LT		 171}
172
af9b897e
AC		 173/**
174 * free_tty_struct - free a disused tty
175 * @tty: tty struct to free
176 *
177 * Free the write buffers, tty queue and tty memory itself.
178 *
179 * Locking: none. Must be called after tty is definitely unused
180 */
181
bf970ee4 182void free_tty_struct(struct tty_struct *tty)
1da177e4 183{
30004ac9
DES		 184 if (tty->dev)
185 put_device(tty->dev);
1da177e4 186 kfree(tty->write_buf);
33f0f88f 187 tty_buffer_free_all(tty);
1da177e4
LT		 188 kfree(tty);
189}
190
d996b62a
NP		 191static inline struct tty_struct *file_tty(struct file *file)
192{
193 return ((struct tty_file_private *)file->private_data)->tty;
194}
195
fa90e1c9 196int tty_alloc_file(struct file *file)
d996b62a
NP		 197{
198 struct tty_file_private *priv;
199
f573bd17
PE		 200 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
201 if (!priv)
202 return -ENOMEM;
d996b62a 203
fa90e1c9
JS		 204 file->private_data = priv;
205
206 return 0;
207}
208
209/* Associate a new file with the tty structure */
210void tty_add_file(struct tty_struct *tty, struct file *file)
211{
212 struct tty_file_private *priv = file->private_data;
213
d996b62a
NP		 214 priv->tty = tty;
215 priv->file = file;
d996b62a
NP		 216
217 spin_lock(&tty_files_lock);
218 list_add(&priv->list, &tty->tty_files);
219 spin_unlock(&tty_files_lock);
fa90e1c9 220}
f573bd17 221
fa90e1c9
JS		 222/**
223 * tty_free_file - free file->private_data
224 *
225 * This shall be used only for fail path handling when tty_add_file was not
226 * called yet.
227 */
228void tty_free_file(struct file *file)
229{
230 struct tty_file_private *priv = file->private_data;
231
232 file->private_data = NULL;
233 kfree(priv);
d996b62a
NP		 234}
235
236/* Delete file from its tty */
237void tty_del_file(struct file *file)
238{
239 struct tty_file_private *priv = file->private_data;
240
241 spin_lock(&tty_files_lock);
242 list_del(&priv->list);
243 spin_unlock(&tty_files_lock);
fa90e1c9 244 tty_free_file(file);
d996b62a
NP		 245}
246
247
1da177e4
LT		 248#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
249
af9b897e
AC		 250/**
251 * tty_name - return tty naming
252 * @tty: tty structure
253 * @buf: buffer for output
254 *
255 * Convert a tty structure into a name. The name reflects the kernel
256 * naming policy and if udev is in use may not reflect user space
257 *
258 * Locking: none
259 */
260
1da177e4
LT		 261char *tty_name(struct tty_struct *tty, char *buf)
262{
263 if (!tty) /* Hmm. NULL pointer. That's fun. */
264 strcpy(buf, "NULL tty");
265 else
266 strcpy(buf, tty->name);
267 return buf;
268}
269
270EXPORT_SYMBOL(tty_name);
271
d769a669 272int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
1da177e4
LT		 273 const char *routine)
274{
275#ifdef TTY_PARANOIA_CHECK
276 if (!tty) {
277 printk(KERN_WARNING
278 "null TTY for (%d:%d) in %s\n",
279 imajor(inode), iminor(inode), routine);
280 return 1;
281 }
282 if (tty->magic != TTY_MAGIC) {
283 printk(KERN_WARNING
284 "bad magic number for tty struct (%d:%d) in %s\n",
285 imajor(inode), iminor(inode), routine);
286 return 1;
287 }
288#endif
289 return 0;
290}
291
292static int check_tty_count(struct tty_struct *tty, const char *routine)
293{
294#ifdef CHECK_TTY_COUNT
295 struct list_head *p;
296 int count = 0;
37bdfb07 297
ee2ffa0d 298 spin_lock(&tty_files_lock);
1da177e4
LT		 299 list_for_each(p, &tty->tty_files) {
300 count++;
301 }
ee2ffa0d 302 spin_unlock(&tty_files_lock);
1da177e4
LT		 303 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
304 tty->driver->subtype == PTY_TYPE_SLAVE &&
305 tty->link && tty->link->count)
306 count++;
307 if (tty->count != count) {
308 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
309 "!= #fd's(%d) in %s\n",
310 tty->name, tty->count, count, routine);
311 return count;
24ec839c 312 }
1da177e4
LT		 313#endif
314 return 0;
315}
316
af9b897e
AC		 317/**
318 * get_tty_driver - find device of a tty
319 * @dev_t: device identifier
320 * @index: returns the index of the tty
321 *
322 * This routine returns a tty driver structure, given a device number
323 * and also passes back the index number.
324 *
325 * Locking: caller must hold tty_mutex
1da177e4 326 */
af9b897e 327
1da177e4
LT		 328static struct tty_driver *get_tty_driver(dev_t device, int *index)
329{
330 struct tty_driver *p;
331
332 list_for_each_entry(p, &tty_drivers, tty_drivers) {
333 dev_t base = MKDEV(p->major, p->minor_start);
334 if (device < base || device >= base + p->num)
335 continue;
336 *index = device - base;
7d7b93c1 337 return tty_driver_kref_get(p);
1da177e4
LT		 338 }
339 return NULL;
340}
341
f2d937f3
JW		 342#ifdef CONFIG_CONSOLE_POLL
343
344/**
345 * tty_find_polling_driver - find device of a polled tty
346 * @name: name string to match
347 * @line: pointer to resulting tty line nr
348 *
349 * This routine returns a tty driver structure, given a name
350 * and the condition that the tty driver is capable of polled
351 * operation.
352 */
353struct tty_driver *tty_find_polling_driver(char *name, int *line)
354{
355 struct tty_driver *p, *res = NULL;
356 int tty_line = 0;
0dca0fd2 357 int len;
5f0878ac 358 char *str, *stp;
f2d937f3 359
0dca0fd2
JW		 360 for (str = name; *str; str++)
361 if ((*str >= '0' && *str <= '9') || *str == ',')
362 break;
363 if (!*str)
364 return NULL;
365
366 len = str - name;
367 tty_line = simple_strtoul(str, &str, 10);
368
f2d937f3
JW		 369 mutex_lock(&tty_mutex);
370 /* Search through the tty devices to look for a match */
371 list_for_each_entry(p, &tty_drivers, tty_drivers) {
0dca0fd2
JW		 372 if (strncmp(name, p->name, len) != 0)
373 continue;
5f0878ac
AC		 374 stp = str;
375 if (*stp == ',')
376 stp++;
377 if (*stp == '\0')
378 stp = NULL;
f2d937f3 379
6eb68d6f 380 if (tty_line >= 0 && tty_line < p->num && p->ops &&
5f0878ac 381 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
7d7b93c1 382 res = tty_driver_kref_get(p);
f2d937f3
JW		 383 *line = tty_line;
384 break;
385 }
386 }
387 mutex_unlock(&tty_mutex);
388
389 return res;
390}
391EXPORT_SYMBOL_GPL(tty_find_polling_driver);
392#endif
393
af9b897e
AC		 394/**
395 * tty_check_change - check for POSIX terminal changes
396 * @tty: tty to check
397 *
398 * If we try to write to, or set the state of, a terminal and we're
399 * not in the foreground, send a SIGTTOU. If the signal is blocked or
400 * ignored, go ahead and perform the operation. (POSIX 7.2)
401 *
978e595f 402 * Locking: ctrl_lock
1da177e4 403 */
af9b897e 404
37bdfb07 405int tty_check_change(struct tty_struct *tty)
1da177e4 406{
47f86834
AC		 407 unsigned long flags;
408 int ret = 0;
409
1da177e4
LT		 410 if (current->signal->tty != tty)
411 return 0;
47f86834
AC		 412
413 spin_lock_irqsave(&tty->ctrl_lock, flags);
414
ab521dc0
EB		 415 if (!tty->pgrp) {
416 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
9ffee4cb 417 goto out_unlock;
1da177e4 418 }
ab521dc0 419 if (task_pgrp(current) == tty->pgrp)
9ffee4cb
AM		 420 goto out_unlock;
421 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 422 if (is_ignored(SIGTTOU))
47f86834
AC		 423 goto out;
424 if (is_current_pgrp_orphaned()) {
425 ret = -EIO;
426 goto out;
427 }
040b6362
ON		 428 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
429 set_thread_flag(TIF_SIGPENDING);
47f86834
AC		 430 ret = -ERESTARTSYS;
431out:
9ffee4cb
AM		 432 return ret;
433out_unlock:
47f86834
AC		 434 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
435 return ret;
1da177e4
LT		 436}
437
438EXPORT_SYMBOL(tty_check_change);
439
37bdfb07 440static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
1da177e4
LT		 441 size_t count, loff_t *ppos)
442{
443 return 0;
444}
445
37bdfb07 446static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
1da177e4
LT		 447 size_t count, loff_t *ppos)
448{
449 return -EIO;
450}
451
452/* No kernel lock held - none needed ;) */
37bdfb07 453static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
1da177e4
LT		 454{
455 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
456}
457
04f378b1
AC		 458static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
459 unsigned long arg)
38ad2ed0
PF		 460{
461 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
462}
463
37bdfb07 464static long hung_up_tty_compat_ioctl(struct file *file,
38ad2ed0 465 unsigned int cmd, unsigned long arg)
1da177e4
LT		 466{
467 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
468}
469
62322d25 470static const struct file_operations tty_fops = {
1da177e4
LT		 471 .llseek = no_llseek,
472 .read = tty_read,
473 .write = tty_write,
474 .poll = tty_poll,
04f378b1 475 .unlocked_ioctl = tty_ioctl,
e10cc1df 476 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 477 .open = tty_open,
478 .release = tty_release,
479 .fasync = tty_fasync,
480};
481
62322d25 482static const struct file_operations console_fops = {
1da177e4
LT		 483 .llseek = no_llseek,
484 .read = tty_read,
485 .write = redirected_tty_write,
486 .poll = tty_poll,
04f378b1 487 .unlocked_ioctl = tty_ioctl,
e10cc1df 488 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 489 .open = tty_open,
490 .release = tty_release,
491 .fasync = tty_fasync,
492};
493
62322d25 494static const struct file_operations hung_up_tty_fops = {
1da177e4
LT		 495 .llseek = no_llseek,
496 .read = hung_up_tty_read,
497 .write = hung_up_tty_write,
498 .poll = hung_up_tty_poll,
04f378b1 499 .unlocked_ioctl = hung_up_tty_ioctl,
38ad2ed0 500 .compat_ioctl = hung_up_tty_compat_ioctl,
1da177e4
LT		 501 .release = tty_release,
502};
503
504static DEFINE_SPINLOCK(redirect_lock);
505static struct file *redirect;
506
507/**
508 * tty_wakeup - request more data
509 * @tty: terminal
510 *
511 * Internal and external helper for wakeups of tty. This function
512 * informs the line discipline if present that the driver is ready
513 * to receive more output data.
514 */
37bdfb07 515
1da177e4
LT		 516void tty_wakeup(struct tty_struct *tty)
517{
518 struct tty_ldisc *ld;
37bdfb07 519
1da177e4
LT		 520 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
521 ld = tty_ldisc_ref(tty);
37bdfb07 522 if (ld) {
a352def2
AC		 523 if (ld->ops->write_wakeup)
524 ld->ops->write_wakeup(tty);
1da177e4
LT		 525 tty_ldisc_deref(ld);
526 }
527 }
4b19449d 528 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 529}
530
531EXPORT_SYMBOL_GPL(tty_wakeup);
532
af9b897e 533/**
11dbf203 534 * __tty_hangup - actual handler for hangup events
65f27f38 535 * @work: tty device
af9b897e 536 *
1bad879a 537 * This can be called by the "eventd" kernel thread. That is process
af9b897e
AC		 538 * synchronous but doesn't hold any locks, so we need to make sure we
539 * have the appropriate locks for what we're doing.
540 *
541 * The hangup event clears any pending redirections onto the hung up
542 * device. It ensures future writes will error and it does the needed
543 * line discipline hangup and signal delivery. The tty object itself
544 * remains intact.
545 *
546 * Locking:
ec79d605 547 * BTM
24ec839c
PZ		 548 * redirect lock for undoing redirection
549 * file list lock for manipulating list of ttys
550 * tty_ldisc_lock from called functions
551 * termios_mutex resetting termios data
552 * tasklist_lock to walk task list for hangup event
553 * ->siglock to protect ->signal/->sighand
1da177e4 554 */
11dbf203 555void __tty_hangup(struct tty_struct *tty)
1da177e4 556{
37bdfb07 557 struct file *cons_filp = NULL;
1da177e4
LT		 558 struct file *filp, *f = NULL;
559 struct task_struct *p;
d996b62a 560 struct tty_file_private *priv;
1da177e4 561 int closecount = 0, n;
47f86834 562 unsigned long flags;
9c9f4ded 563 int refs = 0;
1da177e4
LT		 564
565 if (!tty)
566 return;
567
1da177e4
LT		 568
569 spin_lock(&redirect_lock);
d996b62a 570 if (redirect && file_tty(redirect) == tty) {
1da177e4
LT		 571 f = redirect;
572 redirect = NULL;
573 }
574 spin_unlock(&redirect_lock);
37bdfb07 575
6d31a88c 576 tty_lock();
11dbf203 577
acfa747b
JS		 578 /* some functions below drop BTM, so we need this bit */
579 set_bit(TTY_HUPPING, &tty->flags);
580
ec79d605
AB		 581 /* inuse_filps is protected by the single tty lock,
582 this really needs to change if we want to flush the
583 workqueue with the lock held */
11dbf203 584 check_tty_count(tty, "tty_hangup");
36ba782e 585
ee2ffa0d 586 spin_lock(&tty_files_lock);
1da177e4 587 /* This breaks for file handles being sent over AF_UNIX sockets ? */
d996b62a
NP		 588 list_for_each_entry(priv, &tty->tty_files, list) {
589 filp = priv->file;
1da177e4
LT		 590 if (filp->f_op->write == redirected_tty_write)
591 cons_filp = filp;
592 if (filp->f_op->write != tty_write)
593 continue;
594 closecount++;
ec79d605 595 __tty_fasync(-1, filp, 0); /* can't block */
1da177e4
LT		 596 filp->f_op = &hung_up_tty_fops;
597 }
ee2ffa0d 598 spin_unlock(&tty_files_lock);
37bdfb07 599
acfa747b
JS		 600 /*
601 * it drops BTM and thus races with reopen
602 * we protect the race by TTY_HUPPING
603 */
c65c9bc3 604 tty_ldisc_hangup(tty);
37bdfb07 605
1da177e4 606 read_lock(&tasklist_lock);
ab521dc0
EB		 607 if (tty->session) {
608 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
24ec839c 609 spin_lock_irq(&p->sighand->siglock);
9c9f4ded 610 if (p->signal->tty == tty) {
1da177e4 611 p->signal->tty = NULL;
9c9f4ded
AC		 612 /* We defer the dereferences outside fo
613 the tasklist lock */
614 refs++;
615 }
24ec839c
PZ		 616 if (!p->signal->leader) {
617 spin_unlock_irq(&p->sighand->siglock);
1da177e4 618 continue;
24ec839c
PZ		 619 }
620 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
621 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
ab521dc0 622 put_pid(p->signal->tty_old_pgrp); /* A noop */
47f86834 623 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 624 if (tty->pgrp)
625 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
47f86834 626 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
24ec839c 627 spin_unlock_irq(&p->sighand->siglock);
ab521dc0 628 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
1da177e4
LT		 629 }
630 read_unlock(&tasklist_lock);
631
47f86834 632 spin_lock_irqsave(&tty->ctrl_lock, flags);
c65c9bc3
AC		 633 clear_bit(TTY_THROTTLED, &tty->flags);
634 clear_bit(TTY_PUSH, &tty->flags);
635 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
d9c1e9a8
EB		 636 put_pid(tty->session);
637 put_pid(tty->pgrp);
ab521dc0
EB		 638 tty->session = NULL;
639 tty->pgrp = NULL;
1da177e4 640 tty->ctrl_status = 0;
47f86834
AC		 641 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
642
9c9f4ded
AC		 643 /* Account for the p->signal references we killed */
644 while (refs--)
645 tty_kref_put(tty);
646
1da177e4 647 /*
37bdfb07
AC		 648 * If one of the devices matches a console pointer, we
649 * cannot just call hangup() because that will cause
650 * tty->count and state->count to go out of sync.
651 * So we just call close() the right number of times.
1da177e4
LT		 652 */
653 if (cons_filp) {
f34d7a5b 654 if (tty->ops->close)
1da177e4 655 for (n = 0; n < closecount; n++)
f34d7a5b
AC		 656 tty->ops->close(tty, cons_filp);
657 } else if (tty->ops->hangup)
658 (tty->ops->hangup)(tty);
37bdfb07
AC		 659 /*
660 * We don't want to have driver/ldisc interactions beyond
661 * the ones we did here. The driver layer expects no
662 * calls after ->hangup() from the ldisc side. However we
663 * can't yet guarantee all that.
664 */
1da177e4 665 set_bit(TTY_HUPPED, &tty->flags);
acfa747b 666 clear_bit(TTY_HUPPING, &tty->flags);
c65c9bc3 667 tty_ldisc_enable(tty);
11dbf203 668
6d31a88c 669 tty_unlock();
11dbf203 670
1da177e4
LT		 671 if (f)
672 fput(f);
673}
674
ddcd9fb6
AB		 675static void do_tty_hangup(struct work_struct *work)
676{
677 struct tty_struct *tty =
678 container_of(work, struct tty_struct, hangup_work);
679
11dbf203 680 __tty_hangup(tty);
ddcd9fb6
AB		 681}
682
af9b897e
AC		 683/**
684 * tty_hangup - trigger a hangup event
685 * @tty: tty to hangup
686 *
687 * A carrier loss (virtual or otherwise) has occurred on this like
688 * schedule a hangup sequence to run after this event.
689 */
690
37bdfb07 691void tty_hangup(struct tty_struct *tty)
1da177e4
LT		 692{
693#ifdef TTY_DEBUG_HANGUP
694 char buf[64];
1da177e4
LT		 695 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
696#endif
697 schedule_work(&tty->hangup_work);
698}
699
700EXPORT_SYMBOL(tty_hangup);
701
af9b897e
AC		 702/**
703 * tty_vhangup - process vhangup
704 * @tty: tty to hangup
705 *
706 * The user has asked via system call for the terminal to be hung up.
707 * We do this synchronously so that when the syscall returns the process
3a4fa0a2 708 * is complete. That guarantee is necessary for security reasons.
af9b897e
AC		 709 */
710
37bdfb07 711void tty_vhangup(struct tty_struct *tty)
1da177e4
LT		 712{
713#ifdef TTY_DEBUG_HANGUP
714 char buf[64];
715
716 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
717#endif
11dbf203 718 __tty_hangup(tty);
1da177e4 719}
37bdfb07 720
1da177e4
LT		 721EXPORT_SYMBOL(tty_vhangup);
722
11dbf203 723
2cb5998b
AC		 724/**
725 * tty_vhangup_self - process vhangup for own ctty
726 *
727 * Perform a vhangup on the current controlling tty
728 */
729
730void tty_vhangup_self(void)
731{
732 struct tty_struct *tty;
733
2cb5998b
AC		 734 tty = get_current_tty();
735 if (tty) {
736 tty_vhangup(tty);
737 tty_kref_put(tty);
738 }
2cb5998b
AC		 739}
740
af9b897e
AC		 741/**
742 * tty_hung_up_p - was tty hung up
743 * @filp: file pointer of tty
744 *
745 * Return true if the tty has been subject to a vhangup or a carrier
746 * loss
747 */
748
37bdfb07 749int tty_hung_up_p(struct file *filp)
1da177e4
LT		 750{
751 return (filp->f_op == &hung_up_tty_fops);
752}
753
754EXPORT_SYMBOL(tty_hung_up_p);
755
ab521dc0 756static void session_clear_tty(struct pid *session)
24ec839c
PZ		 757{
758 struct task_struct *p;
ab521dc0 759 do_each_pid_task(session, PIDTYPE_SID, p) {
24ec839c 760 proc_clear_tty(p);
ab521dc0 761 } while_each_pid_task(session, PIDTYPE_SID, p);
24ec839c
PZ		 762}
763
af9b897e
AC		 764/**
765 * disassociate_ctty - disconnect controlling tty
766 * @on_exit: true if exiting so need to "hang up" the session
1da177e4 767 *
af9b897e
AC		 768 * This function is typically called only by the session leader, when
769 * it wants to disassociate itself from its controlling tty.
770 *
771 * It performs the following functions:
1da177e4
LT		 772 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
773 * (2) Clears the tty from being controlling the session
774 * (3) Clears the controlling tty for all processes in the
775 * session group.
776 *
af9b897e
AC		 777 * The argument on_exit is set to 1 if called when a process is
778 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
779 *
24ec839c 780 * Locking:
ec79d605
AB		 781 * BTM is taken for hysterical raisins, and held when
782 * called from no_tty().
24ec839c
PZ		 783 * tty_mutex is taken to protect tty
784 * ->siglock is taken to protect ->signal/->sighand
785 * tasklist_lock is taken to walk process list for sessions
786 * ->siglock is taken to protect ->signal/->sighand
1da177e4 787 */
af9b897e 788
1da177e4
LT		 789void disassociate_ctty(int on_exit)
790{
791 struct tty_struct *tty;
1da177e4 792
5ec93d11
AC		 793 if (!current->signal->leader)
794 return;
1da177e4 795
24ec839c 796 tty = get_current_tty();
1da177e4 797 if (tty) {
1411dc4a 798 struct pid *tty_pgrp = get_pid(tty->pgrp);
ddcd9fb6 799 if (on_exit) {
ddcd9fb6 800 if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
11dbf203 801 tty_vhangup(tty);
ddcd9fb6 802 }
452a00d2 803 tty_kref_put(tty);
1411dc4a
JS		 804 if (tty_pgrp) {
805 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
806 if (!on_exit)
807 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
808 put_pid(tty_pgrp);
809 }
680a9671 810 } else if (on_exit) {
ab521dc0 811 struct pid *old_pgrp;
680a9671
EB		 812 spin_lock_irq(&current->sighand->siglock);
813 old_pgrp = current->signal->tty_old_pgrp;
ab521dc0 814 current->signal->tty_old_pgrp = NULL;
680a9671 815 spin_unlock_irq(&current->sighand->siglock);
24ec839c 816 if (old_pgrp) {
ab521dc0
EB		 817 kill_pgrp(old_pgrp, SIGHUP, on_exit);
818 kill_pgrp(old_pgrp, SIGCONT, on_exit);
819 put_pid(old_pgrp);
1da177e4 820 }
1da177e4
LT		 821 return;
822 }
1da177e4 823
24ec839c 824 spin_lock_irq(&current->sighand->siglock);
2a65f1d9 825 put_pid(current->signal->tty_old_pgrp);
23cac8de 826 current->signal->tty_old_pgrp = NULL;
24ec839c
PZ		 827 spin_unlock_irq(&current->sighand->siglock);
828
24ec839c
PZ		 829 tty = get_current_tty();
830 if (tty) {
47f86834
AC		 831 unsigned long flags;
832 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 833 put_pid(tty->session);
834 put_pid(tty->pgrp);
835 tty->session = NULL;
836 tty->pgrp = NULL;
47f86834 837 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
452a00d2 838 tty_kref_put(tty);
24ec839c
PZ		 839 } else {
840#ifdef TTY_DEBUG_HANGUP
841 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
842 " = NULL", tty);
843#endif
844 }
1da177e4
LT		 845
846 /* Now clear signal->tty under the lock */
847 read_lock(&tasklist_lock);
ab521dc0 848 session_clear_tty(task_session(current));
1da177e4 849 read_unlock(&tasklist_lock);
1da177e4
LT		 850}
851
98a27ba4
EB		 852/**
853 *
854 * no_tty - Ensure the current process does not have a controlling tty
855 */
856void no_tty(void)
857{
3af502b9
AC		 858 /* FIXME: Review locking here. The tty_lock never covered any race
859 between a new association and proc_clear_tty but possible we need
860 to protect against this anyway */
98a27ba4 861 struct task_struct *tsk = current;
5ec93d11 862 disassociate_ctty(0);
98a27ba4
EB		 863 proc_clear_tty(tsk);
864}
865
af9b897e
AC		 866
867/**
beb7dd86 868 * stop_tty - propagate flow control
af9b897e
AC		 869 * @tty: tty to stop
870 *
871 * Perform flow control to the driver. For PTY/TTY pairs we
beb7dd86 872 * must also propagate the TIOCKPKT status. May be called
af9b897e
AC		 873 * on an already stopped device and will not re-call the driver
874 * method.
875 *
876 * This functionality is used by both the line disciplines for
877 * halting incoming flow and by the driver. It may therefore be
878 * called from any context, may be under the tty atomic_write_lock
879 * but not always.
880 *
881 * Locking:
04f378b1 882 * Uses the tty control lock internally
af9b897e
AC		 883 */
884
1da177e4
LT		 885void stop_tty(struct tty_struct *tty)
886{
04f378b1
AC		 887 unsigned long flags;
888 spin_lock_irqsave(&tty->ctrl_lock, flags);
889 if (tty->stopped) {
890 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 891 return;
04f378b1 892 }
1da177e4
LT		 893 tty->stopped = 1;
894 if (tty->link && tty->link->packet) {
895 tty->ctrl_status &= ~TIOCPKT_START;
896 tty->ctrl_status |= TIOCPKT_STOP;
4b19449d 897 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
1da177e4 898 }
04f378b1 899 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
f34d7a5b
AC		 900 if (tty->ops->stop)
901 (tty->ops->stop)(tty);
1da177e4
LT		 902}
903
904EXPORT_SYMBOL(stop_tty);
905
af9b897e 906/**
beb7dd86 907 * start_tty - propagate flow control
af9b897e
AC		 908 * @tty: tty to start
909 *
910 * Start a tty that has been stopped if at all possible. Perform
3a4fa0a2 911 * any necessary wakeups and propagate the TIOCPKT status. If this
af9b897e
AC		 912 * is the tty was previous stopped and is being started then the
913 * driver start method is invoked and the line discipline woken.
914 *
915 * Locking:
04f378b1 916 * ctrl_lock
af9b897e
AC		 917 */
918
1da177e4
LT		 919void start_tty(struct tty_struct *tty)
920{
04f378b1
AC		 921 unsigned long flags;
922 spin_lock_irqsave(&tty->ctrl_lock, flags);
923 if (!tty->stopped || tty->flow_stopped) {
924 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 925 return;
04f378b1 926 }
1da177e4
LT		 927 tty->stopped = 0;
928 if (tty->link && tty->link->packet) {
929 tty->ctrl_status &= ~TIOCPKT_STOP;
930 tty->ctrl_status |= TIOCPKT_START;
4b19449d 931 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
1da177e4 932 }
04f378b1 933 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
f34d7a5b
AC		 934 if (tty->ops->start)
935 (tty->ops->start)(tty);
1da177e4
LT		 936 /* If we have a running line discipline it may need kicking */
937 tty_wakeup(tty);
1da177e4
LT		 938}
939
940EXPORT_SYMBOL(start_tty);
941
af9b897e
AC		 942/**
943 * tty_read - read method for tty device files
944 * @file: pointer to tty file
945 * @buf: user buffer
946 * @count: size of user buffer
947 * @ppos: unused
948 *
949 * Perform the read system call function on this terminal device. Checks
950 * for hung up devices before calling the line discipline method.
951 *
952 * Locking:
47f86834
AC		 953 * Locks the line discipline internally while needed. Multiple
954 * read calls may be outstanding in parallel.
af9b897e
AC		 955 */
956
37bdfb07 957static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
1da177e4
LT		 958 loff_t *ppos)
959{
960 int i;
d996b62a
NP		 961 struct inode *inode = file->f_path.dentry->d_inode;
962 struct tty_struct *tty = file_tty(file);
1da177e4
LT		 963 struct tty_ldisc *ld;
964
1da177e4
LT		 965 if (tty_paranoia_check(tty, inode, "tty_read"))
966 return -EIO;
967 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
968 return -EIO;
969
970 /* We want to wait for the line discipline to sort out in this
971 situation */
972 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 973 if (ld->ops->read)
974 i = (ld->ops->read)(tty, file, buf, count);
1da177e4
LT		 975 else
976 i = -EIO;
977 tty_ldisc_deref(ld);
1da177e4
LT		 978 if (i > 0)
979 inode->i_atime = current_fs_time(inode->i_sb);
980 return i;
981}
982
9c1729db 983void tty_write_unlock(struct tty_struct *tty)
83c67571 984 __releases(&tty->atomic_write_lock)
9c1729db
AC		 985{
986 mutex_unlock(&tty->atomic_write_lock);
4b19449d 987 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
9c1729db
AC		 988}
989
990int tty_write_lock(struct tty_struct *tty, int ndelay)
83c67571 991 __acquires(&tty->atomic_write_lock)
9c1729db
AC		 992{
993 if (!mutex_trylock(&tty->atomic_write_lock)) {
994 if (ndelay)
995 return -EAGAIN;
996 if (mutex_lock_interruptible(&tty->atomic_write_lock))
997 return -ERESTARTSYS;
998 }
999 return 0;
1000}
1001
1da177e4
LT		 1002/*
1003 * Split writes up in sane blocksizes to avoid
1004 * denial-of-service type attacks
1005 */
1006static inline ssize_t do_tty_write(
1007 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1008 struct tty_struct *tty,
1009 struct file *file,
1010 const char __user *buf,
1011 size_t count)
1012{
9c1729db 1013 ssize_t ret, written = 0;
1da177e4 1014 unsigned int chunk;
37bdfb07 1015
9c1729db
AC		 1016 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1017 if (ret < 0)
1018 return ret;
1da177e4
LT		 1019
1020 /*
1021 * We chunk up writes into a temporary buffer. This
1022 * simplifies low-level drivers immensely, since they
1023 * don't have locking issues and user mode accesses.
1024 *
1025 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1026 * big chunk-size..
1027 *
1028 * The default chunk-size is 2kB, because the NTTY
1029 * layer has problems with bigger chunks. It will
1030 * claim to be able to handle more characters than
1031 * it actually does.
af9b897e
AC		 1032 *
1033 * FIXME: This can probably go away now except that 64K chunks
1034 * are too likely to fail unless switched to vmalloc...
1da177e4
LT		 1035 */
1036 chunk = 2048;
1037 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1038 chunk = 65536;
1039 if (count < chunk)
1040 chunk = count;
1041
70522e12 1042 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1da177e4 1043 if (tty->write_cnt < chunk) {
402fda92 1044 unsigned char *buf_chunk;
1da177e4
LT		 1045
1046 if (chunk < 1024)
1047 chunk = 1024;
1048
402fda92
JW		 1049 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1050 if (!buf_chunk) {
9c1729db
AC		 1051 ret = -ENOMEM;
1052 goto out;
1da177e4
LT		 1053 }
1054 kfree(tty->write_buf);
1055 tty->write_cnt = chunk;
402fda92 1056 tty->write_buf = buf_chunk;
1da177e4
LT		 1057 }
1058
1059 /* Do the write .. */
1060 for (;;) {
1061 size_t size = count;
1062 if (size > chunk)
1063 size = chunk;
1064 ret = -EFAULT;
1065 if (copy_from_user(tty->write_buf, buf, size))
1066 break;
1da177e4 1067 ret = write(tty, file, tty->write_buf, size);
1da177e4
LT		 1068 if (ret <= 0)
1069 break;
1070 written += ret;
1071 buf += ret;
1072 count -= ret;
1073 if (!count)
1074 break;
1075 ret = -ERESTARTSYS;
1076 if (signal_pending(current))
1077 break;
1078 cond_resched();
1079 }
1080 if (written) {
a7113a96 1081 struct inode *inode = file->f_path.dentry->d_inode;
1da177e4
LT		 1082 inode->i_mtime = current_fs_time(inode->i_sb);
1083 ret = written;
1084 }
9c1729db
AC		 1085out:
1086 tty_write_unlock(tty);
1da177e4
LT		 1087 return ret;
1088}
1089
95f9bfc6
AC		 1090/**
1091 * tty_write_message - write a message to a certain tty, not just the console.
1092 * @tty: the destination tty_struct
1093 * @msg: the message to write
1094 *
1095 * This is used for messages that need to be redirected to a specific tty.
1096 * We don't put it into the syslog queue right now maybe in the future if
1097 * really needed.
1098 *
ec79d605 1099 * We must still hold the BTM and test the CLOSING flag for the moment.
95f9bfc6
AC		 1100 */
1101
1102void tty_write_message(struct tty_struct *tty, char *msg)
1103{
95f9bfc6
AC		 1104 if (tty) {
1105 mutex_lock(&tty->atomic_write_lock);
6d31a88c 1106 tty_lock();
eeb89d91 1107 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
6d31a88c 1108 tty_unlock();
95f9bfc6 1109 tty->ops->write(tty, msg, strlen(msg));
eeb89d91 1110 } else
6d31a88c 1111 tty_unlock();
95f9bfc6
AC		 1112 tty_write_unlock(tty);
1113 }
95f9bfc6
AC		 1114 return;
1115}
1116
1da177e4 1117
af9b897e
AC		 1118/**
1119 * tty_write - write method for tty device file
1120 * @file: tty file pointer
1121 * @buf: user data to write
1122 * @count: bytes to write
1123 * @ppos: unused
1124 *
1125 * Write data to a tty device via the line discipline.
1126 *
1127 * Locking:
1128 * Locks the line discipline as required
1129 * Writes to the tty driver are serialized by the atomic_write_lock
1130 * and are then processed in chunks to the device. The line discipline
a88a69c9 1131 * write method will not be invoked in parallel for each device.
af9b897e
AC		 1132 */
1133
37bdfb07
AC		 1134static ssize_t tty_write(struct file *file, const char __user *buf,
1135 size_t count, loff_t *ppos)
1da177e4 1136{
a7113a96 1137 struct inode *inode = file->f_path.dentry->d_inode;
d996b62a
NP		 1138 struct tty_struct *tty = file_tty(file);
1139 struct tty_ldisc *ld;
1da177e4 1140 ssize_t ret;
37bdfb07 1141
1da177e4
LT		 1142 if (tty_paranoia_check(tty, inode, "tty_write"))
1143 return -EIO;
f34d7a5b 1144 if (!tty || !tty->ops->write ||
37bdfb07
AC		 1145 (test_bit(TTY_IO_ERROR, &tty->flags)))
1146 return -EIO;
f34d7a5b
AC		 1147 /* Short term debug to catch buggy drivers */
1148 if (tty->ops->write_room == NULL)
1149 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1150 tty->driver->name);
37bdfb07 1151 ld = tty_ldisc_ref_wait(tty);
a352def2 1152 if (!ld->ops->write)
1da177e4
LT		 1153 ret = -EIO;
1154 else
a352def2 1155 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1da177e4
LT		 1156 tty_ldisc_deref(ld);
1157 return ret;
1158}
1159
37bdfb07
AC		 1160ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1161 size_t count, loff_t *ppos)
1da177e4
LT		 1162{
1163 struct file *p = NULL;
1164
1165 spin_lock(&redirect_lock);
1166 if (redirect) {
1167 get_file(redirect);
1168 p = redirect;
1169 }
1170 spin_unlock(&redirect_lock);
1171
1172 if (p) {
1173 ssize_t res;
1174 res = vfs_write(p, buf, count, &p->f_pos);
1175 fput(p);
1176 return res;
1177 }
1da177e4
LT		 1178 return tty_write(file, buf, count, ppos);
1179}
1180
1181static char ptychar[] = "pqrstuvwxyzabcde";
1182
af9b897e
AC		 1183/**
1184 * pty_line_name - generate name for a pty
1185 * @driver: the tty driver in use
1186 * @index: the minor number
1187 * @p: output buffer of at least 6 bytes
1188 *
1189 * Generate a name from a driver reference and write it to the output
1190 * buffer.
1191 *
1192 * Locking: None
1193 */
1194static void pty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4
LT		 1195{
1196 int i = index + driver->name_base;
1197 /* ->name is initialized to "ttyp", but "tty" is expected */
1198 sprintf(p, "%s%c%x",
37bdfb07
AC		 1199 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1200 ptychar[i >> 4 & 0xf], i & 0xf);
1da177e4
LT		 1201}
1202
af9b897e 1203/**
8b0a88d5 1204 * tty_line_name - generate name for a tty
af9b897e
AC		 1205 * @driver: the tty driver in use
1206 * @index: the minor number
1207 * @p: output buffer of at least 7 bytes
1208 *
1209 * Generate a name from a driver reference and write it to the output
1210 * buffer.
1211 *
1212 * Locking: None
1213 */
1214static void tty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4
LT		 1215{
1216 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1217}
1218
99f1fe18
AC		 1219/**
1220 * tty_driver_lookup_tty() - find an existing tty, if any
1221 * @driver: the driver for the tty
1222 * @idx: the minor number
23499705 1223 *
99f1fe18 1224 * Return the tty, if found or ERR_PTR() otherwise.
23499705 1225 *
99f1fe18
AC		 1226 * Locking: tty_mutex must be held. If tty is found, the mutex must
1227 * be held until the 'fast-open' is also done. Will change once we
1228 * have refcounting in the driver and per driver locking
23499705 1229 */
a47d545f 1230static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
15f1a633 1231 struct inode *inode, int idx)
23499705 1232{
99f1fe18 1233 if (driver->ops->lookup)
15f1a633 1234 return driver->ops->lookup(driver, inode, idx);
23499705 1235
d4834267 1236 return driver->ttys[idx];
23499705
SB		 1237}
1238
bf970ee4
AC		 1239/**
1240 * tty_init_termios - helper for termios setup
1241 * @tty: the tty to set up
1242 *
1243 * Initialise the termios structures for this tty. Thus runs under
1244 * the tty_mutex currently so we can be relaxed about ordering.
1245 */
1246
1247int tty_init_termios(struct tty_struct *tty)
1248{
fe6e29fd 1249 struct ktermios *tp;
bf970ee4
AC		 1250 int idx = tty->index;
1251
1252 tp = tty->driver->termios[idx];
bf970ee4 1253 if (tp == NULL) {
fe6e29fd
AC		 1254 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL);
1255 if (tp == NULL)
bf970ee4 1256 return -ENOMEM;
bf970ee4
AC		 1257 memcpy(tp, &tty->driver->init_termios,
1258 sizeof(struct ktermios));
1259 tty->driver->termios[idx] = tp;
bf970ee4
AC		 1260 }
1261 tty->termios = tp;
fe6e29fd 1262 tty->termios_locked = tp + 1;
bf970ee4
AC		 1263
1264 /* Compatibility until drivers always set this */
1265 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
1266 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
1267 return 0;
1268}
fe1ae7fd 1269EXPORT_SYMBOL_GPL(tty_init_termios);
bf970ee4 1270
66d450e8
JS		 1271int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1272{
1273 int ret = tty_init_termios(tty);
1274 if (ret)
1275 return ret;
1276
1277 tty_driver_kref_get(driver);
1278 tty->count++;
1279 driver->ttys[tty->index] = tty;
1280 return 0;
1281}
1282EXPORT_SYMBOL_GPL(tty_standard_install);
1283
99f1fe18 1284/**
8b0a88d5
AC		 1285 * tty_driver_install_tty() - install a tty entry in the driver
1286 * @driver: the driver for the tty
1287 * @tty: the tty
1288 *
1289 * Install a tty object into the driver tables. The tty->index field
bf970ee4
AC		 1290 * will be set by the time this is called. This method is responsible
1291 * for ensuring any need additional structures are allocated and
1292 * configured.
8b0a88d5
AC		 1293 *
1294 * Locking: tty_mutex for now
1295 */
1296static int tty_driver_install_tty(struct tty_driver *driver,
1297 struct tty_struct *tty)
1298{
66d450e8
JS		 1299 return driver->ops->install ? driver->ops->install(driver, tty) :
1300 tty_standard_install(driver, tty);
8b0a88d5
AC		 1301}
1302
1303/**
1304 * tty_driver_remove_tty() - remove a tty from the driver tables
1305 * @driver: the driver for the tty
1306 * @idx: the minor number
1307 *
1308 * Remvoe a tty object from the driver tables. The tty->index field
1309 * will be set by the time this is called.
1310 *
1311 * Locking: tty_mutex for now
1312 */
24d406a6 1313void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
8b0a88d5
AC		 1314{
1315 if (driver->ops->remove)
1316 driver->ops->remove(driver, tty);
1317 else
1318 driver->ttys[tty->index] = NULL;
1319}
1320
1321/*
1322 * tty_reopen() - fast re-open of an open tty
1323 * @tty - the tty to open
23499705 1324 *
99f1fe18 1325 * Return 0 on success, -errno on error.
23499705 1326 *
99f1fe18
AC		 1327 * Locking: tty_mutex must be held from the time the tty was found
1328 * till this open completes.
23499705 1329 */
99f1fe18 1330static int tty_reopen(struct tty_struct *tty)
23499705
SB		 1331{
1332 struct tty_driver *driver = tty->driver;
1333
e2efafbf 1334 if (test_bit(TTY_CLOSING, &tty->flags) ||
acfa747b 1335 test_bit(TTY_HUPPING, &tty->flags) ||
e2efafbf 1336 test_bit(TTY_LDISC_CHANGING, &tty->flags))
23499705
SB		 1337 return -EIO;
1338
1339 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1340 driver->subtype == PTY_TYPE_MASTER) {
1341 /*
1342 * special case for PTY masters: only one open permitted,
1343 * and the slave side open count is incremented as well.
1344 */
1345 if (tty->count)
1346 return -EIO;
1347
1348 tty->link->count++;
1349 }
1350 tty->count++;
23499705 1351
1aa4bed8 1352 mutex_lock(&tty->ldisc_mutex);
99f1fe18 1353 WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
1aa4bed8 1354 mutex_unlock(&tty->ldisc_mutex);
23499705
SB		 1355
1356 return 0;
1357}
1358
af9b897e 1359/**
d81ed103 1360 * tty_init_dev - initialise a tty device
af9b897e
AC		 1361 * @driver: tty driver we are opening a device on
1362 * @idx: device index
15582d36 1363 * @ret_tty: returned tty structure
af9b897e
AC		 1364 *
1365 * Prepare a tty device. This may not be a "new" clean device but
1366 * could also be an active device. The pty drivers require special
1367 * handling because of this.
1368 *
1369 * Locking:
1370 * The function is called under the tty_mutex, which
1371 * protects us from the tty struct or driver itself going away.
1372 *
1373 * On exit the tty device has the line discipline attached and
1374 * a reference count of 1. If a pair was created for pty/tty use
1375 * and the other was a pty master then it too has a reference count of 1.
1376 *
1da177e4 1377 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
70522e12
IM		 1378 * failed open. The new code protects the open with a mutex, so it's
1379 * really quite straightforward. The mutex locking can probably be
1da177e4
LT		 1380 * relaxed for the (most common) case of reopening a tty.
1381 */
af9b897e 1382
593a27c4 1383struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1da177e4 1384{
bf970ee4 1385 struct tty_struct *tty;
73ec06fc 1386 int retval;
1da177e4 1387
1da177e4
LT		 1388 /*
1389 * First time open is complex, especially for PTY devices.
1390 * This code guarantees that either everything succeeds and the
1391 * TTY is ready for operation, or else the table slots are vacated
37bdfb07 1392 * and the allocated memory released. (Except that the termios
1da177e4
LT		 1393 * and locked termios may be retained.)
1394 */
1395
73ec06fc
AC		 1396 if (!try_module_get(driver->owner))
1397 return ERR_PTR(-ENODEV);
1da177e4 1398
1da177e4 1399 tty = alloc_tty_struct();
d5543503
JS		 1400 if (!tty) {
1401 retval = -ENOMEM;
1402 goto err_module_put;
1403 }
bf970ee4 1404 initialize_tty_struct(tty, driver, idx);
1da177e4 1405
73ec06fc 1406 retval = tty_driver_install_tty(driver, tty);
d5543503 1407 if (retval < 0)
a9dccddb 1408 goto err_deinit_tty;
8b0a88d5 1409
04831dc1
JS		 1410 if (!tty->port)
1411 tty->port = driver->ports[idx];
1412
37bdfb07 1413 /*
1da177e4 1414 * Structures all installed ... call the ldisc open routines.
d5698c28
CH		 1415 * If we fail here just call release_tty to clean up. No need
1416 * to decrement the use counts, as release_tty doesn't care.
1da177e4 1417 */
bf970ee4 1418 retval = tty_ldisc_setup(tty, tty->link);
01e1abb2 1419 if (retval)
d5543503 1420 goto err_release_tty;
73ec06fc 1421 return tty;
1da177e4 1422
a9dccddb
JS		 1423err_deinit_tty:
1424 deinitialize_tty_struct(tty);
d5543503
JS		 1425 free_tty_struct(tty);
1426err_module_put:
1da177e4 1427 module_put(driver->owner);
d5543503 1428 return ERR_PTR(retval);
1da177e4 1429
d5698c28 1430 /* call the tty release_tty routine to clean out this slot */
d5543503 1431err_release_tty:
5a3c6b25 1432 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
4050914f 1433 "clearing slot %d\n", idx);
d5698c28 1434 release_tty(tty, idx);
73ec06fc 1435 return ERR_PTR(retval);
1da177e4
LT		 1436}
1437
feebed65
AC		 1438void tty_free_termios(struct tty_struct *tty)
1439{
1440 struct ktermios *tp;
1441 int idx = tty->index;
1442 /* Kill this flag and push into drivers for locking etc */
1443 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) {
1444 /* FIXME: Locking on ->termios array */
1445 tp = tty->termios;
1446 tty->driver->termios[idx] = NULL;
1447 kfree(tp);
feebed65
AC		 1448 }
1449}
1450EXPORT_SYMBOL(tty_free_termios);
1451
1452void tty_shutdown(struct tty_struct *tty)
1453{
8b0a88d5 1454 tty_driver_remove_tty(tty->driver, tty);
feebed65
AC		 1455 tty_free_termios(tty);
1456}
1457EXPORT_SYMBOL(tty_shutdown);
1458
af9b897e 1459/**
d5698c28 1460 * release_one_tty - release tty structure memory
9c9f4ded 1461 * @kref: kref of tty we are obliterating
af9b897e
AC		 1462 *
1463 * Releases memory associated with a tty structure, and clears out the
1464 * driver table slots. This function is called when a device is no longer
1465 * in use. It also gets called when setup of a device fails.
1466 *
1467 * Locking:
1468 * tty_mutex - sometimes only
1469 * takes the file list lock internally when working on the list
1470 * of ttys that the driver keeps.
b50989dc
AC		 1471 *
1472 * This method gets called from a work queue so that the driver private
f278a2f7 1473 * cleanup ops can sleep (needed for USB at least)
1da177e4 1474 */
b50989dc 1475static void release_one_tty(struct work_struct *work)
1da177e4 1476{
b50989dc
AC		 1477 struct tty_struct *tty =
1478 container_of(work, struct tty_struct, hangup_work);
6f967f78 1479 struct tty_driver *driver = tty->driver;
d5698c28 1480
f278a2f7
DY		 1481 if (tty->ops->cleanup)
1482 tty->ops->cleanup(tty);
1483
1da177e4 1484 tty->magic = 0;
7d7b93c1 1485 tty_driver_kref_put(driver);
6f967f78 1486 module_put(driver->owner);
d5698c28 1487
ee2ffa0d 1488 spin_lock(&tty_files_lock);
1da177e4 1489 list_del_init(&tty->tty_files);
ee2ffa0d 1490 spin_unlock(&tty_files_lock);
d5698c28 1491
6da8d866
ON		 1492 put_pid(tty->pgrp);
1493 put_pid(tty->session);
1da177e4
LT		 1494 free_tty_struct(tty);
1495}
1496
b50989dc
AC		 1497static void queue_release_one_tty(struct kref *kref)
1498{
1499 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
f278a2f7
DY		 1500
1501 if (tty->ops->shutdown)
1502 tty->ops->shutdown(tty);
1503 else
1504 tty_shutdown(tty);
1505
b50989dc
AC		 1506 /* The hangup queue is now free so we can reuse it rather than
1507 waste a chunk of memory for each port */
1508 INIT_WORK(&tty->hangup_work, release_one_tty);
1509 schedule_work(&tty->hangup_work);
1510}
1511
9c9f4ded
AC		 1512/**
1513 * tty_kref_put - release a tty kref
1514 * @tty: tty device
1515 *
1516 * Release a reference to a tty device and if need be let the kref
1517 * layer destruct the object for us
1518 */
1519
1520void tty_kref_put(struct tty_struct *tty)
1521{
1522 if (tty)
b50989dc 1523 kref_put(&tty->kref, queue_release_one_tty);
9c9f4ded
AC		 1524}
1525EXPORT_SYMBOL(tty_kref_put);
1526
d5698c28
CH		 1527/**
1528 * release_tty - release tty structure memory
1529 *
1530 * Release both @tty and a possible linked partner (think pty pair),
1531 * and decrement the refcount of the backing module.
1532 *
1533 * Locking:
1534 * tty_mutex - sometimes only
1535 * takes the file list lock internally when working on the list
1536 * of ttys that the driver keeps.
1537 * FIXME: should we require tty_mutex is held here ??
9c9f4ded 1538 *
d5698c28
CH		 1539 */
1540static void release_tty(struct tty_struct *tty, int idx)
1541{
9c9f4ded
AC		 1542 /* This should always be true but check for the moment */
1543 WARN_ON(tty->index != idx);
1544
d5698c28 1545 if (tty->link)
9c9f4ded
AC		 1546 tty_kref_put(tty->link);
1547 tty_kref_put(tty);
d5698c28
CH		 1548}
1549
955787ca
JS		 1550/**
1551 * tty_release_checks - check a tty before real release
1552 * @tty: tty to check
1553 * @o_tty: link of @tty (if any)
1554 * @idx: index of the tty
1555 *
1556 * Performs some paranoid checking before true release of the @tty.
1557 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1558 */
1559static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1560 int idx)
1561{
1562#ifdef TTY_PARANOIA_CHECK
1563 if (idx < 0 || idx >= tty->driver->num) {
9de44bd6
JS		 1564 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1565 __func__, tty->name);
955787ca
JS		 1566 return -1;
1567 }
1568
1569 /* not much to check for devpts */
1570 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1571 return 0;
1572
1573 if (tty != tty->driver->ttys[idx]) {
9de44bd6
JS		 1574 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1575 __func__, idx, tty->name);
955787ca
JS		 1576 return -1;
1577 }
1578 if (tty->termios != tty->driver->termios[idx]) {
9de44bd6
JS		 1579 printk(KERN_DEBUG "%s: driver.termios[%d] not termios for (%s)\n",
1580 __func__, idx, tty->name);
955787ca
JS		 1581 return -1;
1582 }
1583 if (tty->driver->other) {
1584 if (o_tty != tty->driver->other->ttys[idx]) {
9de44bd6
JS		 1585 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1586 __func__, idx, tty->name);
955787ca
JS		 1587 return -1;
1588 }
1589 if (o_tty->termios != tty->driver->other->termios[idx]) {
9de44bd6
JS		 1590 printk(KERN_DEBUG "%s: other->termios[%d] not o_termios for (%s)\n",
1591 __func__, idx, tty->name);
955787ca
JS		 1592 return -1;
1593 }
1594 if (o_tty->link != tty) {
9de44bd6 1595 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
955787ca
JS		 1596 return -1;
1597 }
1598 }
1599#endif
1600 return 0;
1601}
1602
eeb89d91
AC		 1603/**
1604 * tty_release - vfs callback for close
1605 * @inode: inode of tty
1606 * @filp: file pointer for handle to tty
1607 *
1608 * Called the last time each file handle is closed that references
1609 * this tty. There may however be several such references.
1610 *
1611 * Locking:
1612 * Takes bkl. See tty_release_dev
1613 *
1da177e4
LT		 1614 * Even releasing the tty structures is a tricky business.. We have
1615 * to be very careful that the structures are all released at the
1616 * same time, as interrupts might otherwise get the wrong pointers.
1617 *
1618 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1619 * lead to double frees or releasing memory still in use.
1620 */
eeb89d91
AC		 1621
1622int tty_release(struct inode *inode, struct file *filp)
1da177e4 1623{
d996b62a
NP		 1624 struct tty_struct *tty = file_tty(filp);
1625 struct tty_struct *o_tty;
1da177e4 1626 int pty_master, tty_closing, o_tty_closing, do_sleep;
14a6283e 1627 int devpts;
1da177e4
LT		 1628 int idx;
1629 char buf[64];
37bdfb07 1630
9de44bd6 1631 if (tty_paranoia_check(tty, inode, __func__))
eeb89d91 1632 return 0;
1da177e4 1633
6d31a88c 1634 tty_lock();
9de44bd6 1635 check_tty_count(tty, __func__);
1da177e4 1636
ec79d605 1637 __tty_fasync(-1, filp, 0);
1da177e4
LT		 1638
1639 idx = tty->index;
1640 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1641 tty->driver->subtype == PTY_TYPE_MASTER);
1642 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
1da177e4
LT		 1643 o_tty = tty->link;
1644
955787ca 1645 if (tty_release_checks(tty, o_tty, idx)) {
6d31a88c 1646 tty_unlock();
eeb89d91 1647 return 0;
1da177e4 1648 }
1da177e4
LT		 1649
1650#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 1651 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1652 tty_name(tty, buf), tty->count);
1da177e4
LT		 1653#endif
1654
f34d7a5b
AC		 1655 if (tty->ops->close)
1656 tty->ops->close(tty, filp);
1da177e4 1657
6d31a88c 1658 tty_unlock();
1da177e4
LT		 1659 /*
1660 * Sanity check: if tty->count is going to zero, there shouldn't be
1661 * any waiters on tty->read_wait or tty->write_wait. We test the
1662 * wait queues and kick everyone out _before_ actually starting to
1663 * close. This ensures that we won't block while releasing the tty
1664 * structure.
1665 *
1666 * The test for the o_tty closing is necessary, since the master and
1667 * slave sides may close in any order. If the slave side closes out
1668 * first, its count will be one, since the master side holds an open.
1669 * Thus this test wouldn't be triggered at the time the slave closes,
1670 * so we do it now.
1671 *
1672 * Note that it's possible for the tty to be opened again while we're
1673 * flushing out waiters. By recalculating the closing flags before
1674 * each iteration we avoid any problems.
1675 */
1676 while (1) {
1677 /* Guard against races with tty->count changes elsewhere and
1678 opens on /dev/tty */
37bdfb07 1679
70522e12 1680 mutex_lock(&tty_mutex);
6d31a88c 1681 tty_lock();
1da177e4
LT		 1682 tty_closing = tty->count <= 1;
1683 o_tty_closing = o_tty &&
1684 (o_tty->count <= (pty_master ? 1 : 0));
1da177e4
LT		 1685 do_sleep = 0;
1686
1687 if (tty_closing) {
1688 if (waitqueue_active(&tty->read_wait)) {
4b19449d 1689 wake_up_poll(&tty->read_wait, POLLIN);
1da177e4
LT		 1690 do_sleep++;
1691 }
1692 if (waitqueue_active(&tty->write_wait)) {
4b19449d 1693 wake_up_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 1694 do_sleep++;
1695 }
1696 }
1697 if (o_tty_closing) {
1698 if (waitqueue_active(&o_tty->read_wait)) {
4b19449d 1699 wake_up_poll(&o_tty->read_wait, POLLIN);
1da177e4
LT		 1700 do_sleep++;
1701 }
1702 if (waitqueue_active(&o_tty->write_wait)) {
4b19449d 1703 wake_up_poll(&o_tty->write_wait, POLLOUT);
1da177e4
LT		 1704 do_sleep++;
1705 }
1706 }
1707 if (!do_sleep)
1708 break;
1709
9de44bd6
JS		 1710 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1711 __func__, tty_name(tty, buf));
6d31a88c 1712 tty_unlock();
70522e12 1713 mutex_unlock(&tty_mutex);
1da177e4 1714 schedule();
37bdfb07 1715 }
1da177e4
LT		 1716
1717 /*
37bdfb07
AC		 1718 * The closing flags are now consistent with the open counts on
1719 * both sides, and we've completed the last operation that could
1da177e4
LT		 1720 * block, so it's safe to proceed with closing.
1721 */
1da177e4
LT		 1722 if (pty_master) {
1723 if (--o_tty->count < 0) {
9de44bd6
JS		 1724 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1725 __func__, o_tty->count, tty_name(o_tty, buf));
1da177e4
LT		 1726 o_tty->count = 0;
1727 }
1728 }
1729 if (--tty->count < 0) {
9de44bd6
JS		 1730 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1731 __func__, tty->count, tty_name(tty, buf));
1da177e4
LT		 1732 tty->count = 0;
1733 }
37bdfb07 1734
1da177e4
LT		 1735 /*
1736 * We've decremented tty->count, so we need to remove this file
1737 * descriptor off the tty->tty_files list; this serves two
1738 * purposes:
1739 * - check_tty_count sees the correct number of file descriptors
1740 * associated with this tty.
1741 * - do_tty_hangup no longer sees this file descriptor as
1742 * something that needs to be handled for hangups.
1743 */
d996b62a 1744 tty_del_file(filp);
1da177e4
LT		 1745
1746 /*
1747 * Perform some housekeeping before deciding whether to return.
1748 *
1749 * Set the TTY_CLOSING flag if this was the last open. In the
1750 * case of a pty we may have to wait around for the other side
1751 * to close, and TTY_CLOSING makes sure we can't be reopened.
1752 */
37bdfb07 1753 if (tty_closing)
1da177e4 1754 set_bit(TTY_CLOSING, &tty->flags);
37bdfb07 1755 if (o_tty_closing)
1da177e4
LT		 1756 set_bit(TTY_CLOSING, &o_tty->flags);
1757
1758 /*
1759 * If _either_ side is closing, make sure there aren't any
1760 * processes that still think tty or o_tty is their controlling
1761 * tty.
1762 */
1763 if (tty_closing || o_tty_closing) {
1da177e4 1764 read_lock(&tasklist_lock);
24ec839c 1765 session_clear_tty(tty->session);
1da177e4 1766 if (o_tty)
24ec839c 1767 session_clear_tty(o_tty->session);
1da177e4
LT		 1768 read_unlock(&tasklist_lock);
1769 }
1770
70522e12 1771 mutex_unlock(&tty_mutex);
da965822 1772
1da177e4 1773 /* check whether both sides are closing ... */
eeb89d91 1774 if (!tty_closing || (o_tty && !o_tty_closing)) {
6d31a88c 1775 tty_unlock();
eeb89d91
AC		 1776 return 0;
1777 }
37bdfb07 1778
1da177e4 1779#ifdef TTY_DEBUG_HANGUP
9de44bd6 1780 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__);
1da177e4
LT		 1781#endif
1782 /*
01e1abb2 1783 * Ask the line discipline code to release its structures
1da177e4 1784 */
01e1abb2 1785 tty_ldisc_release(tty, o_tty);
1da177e4 1786 /*
d5698c28 1787 * The release_tty function takes care of the details of clearing
6d31a88c 1788 * the slots and preserving the termios structure.
1da177e4 1789 */
d5698c28 1790 release_tty(tty, idx);
1da177e4 1791
1da177e4 1792 /* Make this pty number available for reallocation */
718a9163 1793 if (devpts)
15f1a633 1794 devpts_kill_index(inode, idx);
6d31a88c 1795 tty_unlock();
eeb89d91 1796 return 0;
1da177e4
LT		 1797}
1798
b82154ac
JS		 1799/**
1800 * tty_open_current_tty - get tty of current task for open
1801 * @device: device number
1802 * @filp: file pointer to tty
1803 * @return: tty of the current task iff @device is /dev/tty
1804 *
1805 * We cannot return driver and index like for the other nodes because
1806 * devpts will not work then. It expects inodes to be from devpts FS.
3af502b9
AC		 1807 *
1808 * We need to move to returning a refcounted object from all the lookup
1809 * paths including this one.
b82154ac
JS		 1810 */
1811static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1812{
1813 struct tty_struct *tty;
1814
1815 if (device != MKDEV(TTYAUX_MAJOR, 0))
1816 return NULL;
1817
1818 tty = get_current_tty();
1819 if (!tty)
1820 return ERR_PTR(-ENXIO);
1821
1822 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1823 /* noctty = 1; */
1824 tty_kref_put(tty);
1825 /* FIXME: we put a reference and return a TTY! */
3af502b9 1826 /* This is only safe because the caller holds tty_mutex */
b82154ac
JS		 1827 return tty;
1828}
1829
5b5e7040
JS		 1830/**
1831 * tty_lookup_driver - lookup a tty driver for a given device file
1832 * @device: device number
1833 * @filp: file pointer to tty
1834 * @noctty: set if the device should not become a controlling tty
1835 * @index: index for the device in the @return driver
1836 * @return: driver for this inode (with increased refcount)
1837 *
1838 * If @return is not erroneous, the caller is responsible to decrement the
1839 * refcount by tty_driver_kref_put.
1840 *
1841 * Locking: tty_mutex protects get_tty_driver
1842 */
1843static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1844 int *noctty, int *index)
1845{
1846 struct tty_driver *driver;
1847
2cd0050c 1848 switch (device) {
5b5e7040 1849#ifdef CONFIG_VT
2cd0050c 1850 case MKDEV(TTY_MAJOR, 0): {
5b5e7040
JS		 1851 extern struct tty_driver *console_driver;
1852 driver = tty_driver_kref_get(console_driver);
1853 *index = fg_console;
1854 *noctty = 1;
2cd0050c 1855 break;
5b5e7040
JS		 1856 }
1857#endif
2cd0050c 1858 case MKDEV(TTYAUX_MAJOR, 1): {
5b5e7040
JS		 1859 struct tty_driver *console_driver = console_device(index);
1860 if (console_driver) {
1861 driver = tty_driver_kref_get(console_driver);
1862 if (driver) {
1863 /* Don't let /dev/console block */
1864 filp->f_flags |= O_NONBLOCK;
1865 *noctty = 1;
2cd0050c 1866 break;
5b5e7040
JS		 1867 }
1868 }
1869 return ERR_PTR(-ENODEV);
1870 }
2cd0050c
JS		 1871 default:
1872 driver = get_tty_driver(device, index);
1873 if (!driver)
1874 return ERR_PTR(-ENODEV);
1875 break;
1876 }
5b5e7040
JS		 1877 return driver;
1878}
1879
af9b897e 1880/**
eeb89d91 1881 * tty_open - open a tty device
af9b897e
AC		 1882 * @inode: inode of device file
1883 * @filp: file pointer to tty
1da177e4 1884 *
af9b897e
AC		 1885 * tty_open and tty_release keep up the tty count that contains the
1886 * number of opens done on a tty. We cannot use the inode-count, as
1887 * different inodes might point to the same tty.
1da177e4 1888 *
af9b897e
AC		 1889 * Open-counting is needed for pty masters, as well as for keeping
1890 * track of serial lines: DTR is dropped when the last close happens.
1891 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1892 *
1893 * The termios state of a pty is reset on first open so that
1894 * settings don't persist across reuse.
1895 *
5b5e7040 1896 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
24ec839c
PZ		 1897 * tty->count should protect the rest.
1898 * ->siglock protects ->signal/->sighand
1da177e4 1899 */
af9b897e 1900
eeb89d91 1901static int tty_open(struct inode *inode, struct file *filp)
1da177e4 1902{
b82154ac 1903 struct tty_struct *tty;
1da177e4 1904 int noctty, retval;
b82154ac 1905 struct tty_driver *driver = NULL;
1da177e4
LT		 1906 int index;
1907 dev_t device = inode->i_rdev;
846c151a 1908 unsigned saved_flags = filp->f_flags;
1da177e4
LT		 1909
1910 nonseekable_open(inode, filp);
37bdfb07 1911
1da177e4 1912retry_open:
fa90e1c9
JS		 1913 retval = tty_alloc_file(filp);
1914 if (retval)
1915 return -ENOMEM;
1916
1da177e4
LT		 1917 noctty = filp->f_flags & O_NOCTTY;
1918 index = -1;
1919 retval = 0;
37bdfb07 1920
70522e12 1921 mutex_lock(&tty_mutex);
6d31a88c
AC		 1922 tty_lock();
1923
b82154ac
JS		 1924 tty = tty_open_current_tty(device, filp);
1925 if (IS_ERR(tty)) {
ba5db448
JS		 1926 retval = PTR_ERR(tty);
1927 goto err_unlock;
5b5e7040
JS		 1928 } else if (!tty) {
1929 driver = tty_lookup_driver(device, filp, &noctty, &index);
1930 if (IS_ERR(driver)) {
ba5db448
JS		 1931 retval = PTR_ERR(driver);
1932 goto err_unlock;
1da177e4 1933 }
1da177e4 1934
4a2b5fdd 1935 /* check whether we're reopening an existing tty */
15f1a633 1936 tty = tty_driver_lookup_tty(driver, inode, index);
808ffa3d 1937 if (IS_ERR(tty)) {
ba5db448
JS		 1938 retval = PTR_ERR(tty);
1939 goto err_unlock;
808ffa3d 1940 }
4a2b5fdd
SB		 1941 }
1942
1943 if (tty) {
1944 retval = tty_reopen(tty);
6d31a88c 1945 if (retval)
4a2b5fdd 1946 tty = ERR_PTR(retval);
6d31a88c 1947 } else
593a27c4 1948 tty = tty_init_dev(driver, index);
4a2b5fdd 1949
70522e12 1950 mutex_unlock(&tty_mutex);
b82154ac
JS		 1951 if (driver)
1952 tty_driver_kref_put(driver);
eeb89d91 1953 if (IS_ERR(tty)) {
6d31a88c 1954 tty_unlock();
ba5db448
JS		 1955 retval = PTR_ERR(tty);
1956 goto err_file;
eeb89d91 1957 }
1da177e4 1958
fa90e1c9 1959 tty_add_file(tty, filp);
d996b62a 1960
9de44bd6 1961 check_tty_count(tty, __func__);
1da177e4
LT		 1962 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1963 tty->driver->subtype == PTY_TYPE_MASTER)
1964 noctty = 1;
1965#ifdef TTY_DEBUG_HANGUP
9de44bd6 1966 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
1da177e4 1967#endif
909bc774
HRK		 1968 if (tty->ops->open)
1969 retval = tty->ops->open(tty, filp);
1970 else
1971 retval = -ENODEV;
1da177e4
LT		 1972 filp->f_flags = saved_flags;
1973
37bdfb07
AC		 1974 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
1975 !capable(CAP_SYS_ADMIN))
1da177e4
LT		 1976 retval = -EBUSY;
1977
1978 if (retval) {
1979#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 1980 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
1981 retval, tty->name);
1da177e4 1982#endif
6d31a88c 1983 tty_unlock(); /* need to call tty_release without BTM */
eeb89d91 1984 tty_release(inode, filp);
64ba3dc3 1985 if (retval != -ERESTARTSYS)
1da177e4 1986 return retval;
64ba3dc3
AB		 1987
1988 if (signal_pending(current))
1da177e4 1989 return retval;
64ba3dc3 1990
1da177e4
LT		 1991 schedule();
1992 /*
1993 * Need to reset f_op in case a hangup happened.
1994 */
6d31a88c 1995 tty_lock();
1da177e4
LT		 1996 if (filp->f_op == &hung_up_tty_fops)
1997 filp->f_op = &tty_fops;
6d31a88c 1998 tty_unlock();
1da177e4
LT		 1999 goto retry_open;
2000 }
6d31a88c 2001 tty_unlock();
eeb89d91 2002
24ec839c
PZ		 2003
2004 mutex_lock(&tty_mutex);
6d31a88c 2005 tty_lock();
24ec839c 2006 spin_lock_irq(&current->sighand->siglock);
1da177e4
LT		 2007 if (!noctty &&
2008 current->signal->leader &&
2009 !current->signal->tty &&
ab521dc0 2010 tty->session == NULL)
2a65f1d9 2011 __proc_set_tty(current, tty);
24ec839c 2012 spin_unlock_irq(&current->sighand->siglock);
6d31a88c 2013 tty_unlock();
24ec839c 2014 mutex_unlock(&tty_mutex);
1da177e4 2015 return 0;
ba5db448 2016err_unlock:
6d31a88c 2017 tty_unlock();
ba5db448
JS		 2018 mutex_unlock(&tty_mutex);
2019 /* after locks to avoid deadlock */
2020 if (!IS_ERR_OR_NULL(driver))
2021 tty_driver_kref_put(driver);
2022err_file:
2023 tty_free_file(filp);
2024 return retval;
1da177e4
LT		 2025}
2026
39d95b9d
JC		 2027
2028
af9b897e
AC		 2029/**
2030 * tty_poll - check tty status
2031 * @filp: file being polled
2032 * @wait: poll wait structures to update
2033 *
2034 * Call the line discipline polling method to obtain the poll
2035 * status of the device.
2036 *
2037 * Locking: locks called line discipline but ldisc poll method
2038 * may be re-entered freely by other callers.
2039 */
2040
37bdfb07 2041static unsigned int tty_poll(struct file *filp, poll_table *wait)
1da177e4 2042{
d996b62a 2043 struct tty_struct *tty = file_tty(filp);
1da177e4
LT		 2044 struct tty_ldisc *ld;
2045 int ret = 0;
2046
a7113a96 2047 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
1da177e4 2048 return 0;
37bdfb07 2049
1da177e4 2050 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2051 if (ld->ops->poll)
2052 ret = (ld->ops->poll)(tty, filp, wait);
1da177e4
LT		 2053 tty_ldisc_deref(ld);
2054 return ret;
2055}
2056
ec79d605 2057static int __tty_fasync(int fd, struct file *filp, int on)
1da177e4 2058{
d996b62a 2059 struct tty_struct *tty = file_tty(filp);
47f86834 2060 unsigned long flags;
5d1e3230 2061 int retval = 0;
1da177e4 2062
a7113a96 2063 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
5d1e3230 2064 goto out;
37bdfb07 2065
1da177e4
LT		 2066 retval = fasync_helper(fd, filp, on, &tty->fasync);
2067 if (retval <= 0)
5d1e3230 2068 goto out;
1da177e4
LT		 2069
2070 if (on) {
ab521dc0
EB		 2071 enum pid_type type;
2072 struct pid *pid;
1da177e4
LT		 2073 if (!waitqueue_active(&tty->read_wait))
2074 tty->minimum_to_wake = 1;
47f86834 2075 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2076 if (tty->pgrp) {
2077 pid = tty->pgrp;
2078 type = PIDTYPE_PGID;
2079 } else {
2080 pid = task_pid(current);
2081 type = PIDTYPE_PID;
2082 }
80e1e823 2083 get_pid(pid);
70362511 2084 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
80e1e823
LT		 2085 retval = __f_setown(filp, pid, type, 0);
2086 put_pid(pid);
1da177e4 2087 if (retval)
5d1e3230 2088 goto out;
1da177e4
LT		 2089 } else {
2090 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2091 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2092 }
5d1e3230
JC		 2093 retval = 0;
2094out:
ec79d605
AB		 2095 return retval;
2096}
2097
2098static int tty_fasync(int fd, struct file *filp, int on)
2099{
2100 int retval;
6d31a88c 2101 tty_lock();
ec79d605 2102 retval = __tty_fasync(fd, filp, on);
6d31a88c 2103 tty_unlock();
5d1e3230 2104 return retval;
1da177e4
LT		 2105}
2106
af9b897e
AC		 2107/**
2108 * tiocsti - fake input character
2109 * @tty: tty to fake input into
2110 * @p: pointer to character
2111 *
3a4fa0a2 2112 * Fake input to a tty device. Does the necessary locking and
af9b897e
AC		 2113 * input management.
2114 *
2115 * FIXME: does not honour flow control ??
2116 *
2117 * Locking:
2118 * Called functions take tty_ldisc_lock
2119 * current->signal->tty check is safe without locks
28298232
AC		 2120 *
2121 * FIXME: may race normal receive processing
af9b897e
AC		 2122 */
2123
1da177e4
LT		 2124static int tiocsti(struct tty_struct *tty, char __user *p)
2125{
2126 char ch, mbz = 0;
2127 struct tty_ldisc *ld;
37bdfb07 2128
1da177e4
LT		 2129 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2130 return -EPERM;
2131 if (get_user(ch, p))
2132 return -EFAULT;
1e641743 2133 tty_audit_tiocsti(tty, ch);
1da177e4 2134 ld = tty_ldisc_ref_wait(tty);
a352def2 2135 ld->ops->receive_buf(tty, &ch, &mbz, 1);
1da177e4
LT		 2136 tty_ldisc_deref(ld);
2137 return 0;
2138}
2139
af9b897e
AC		 2140/**
2141 * tiocgwinsz - implement window query ioctl
2142 * @tty; tty
2143 * @arg: user buffer for result
2144 *
808a0d38 2145 * Copies the kernel idea of the window size into the user buffer.
af9b897e 2146 *
24ec839c 2147 * Locking: tty->termios_mutex is taken to ensure the winsize data
808a0d38 2148 * is consistent.
af9b897e
AC		 2149 */
2150
37bdfb07 2151static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
1da177e4 2152{
808a0d38
AC		 2153 int err;
2154
5785c95b 2155 mutex_lock(&tty->termios_mutex);
808a0d38 2156 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
5785c95b 2157 mutex_unlock(&tty->termios_mutex);
808a0d38
AC		 2158
2159 return err ? -EFAULT: 0;
1da177e4
LT		 2160}
2161
af9b897e 2162/**
8c9a9dd0
AC		 2163 * tty_do_resize - resize event
2164 * @tty: tty being resized
8c9a9dd0
AC		 2165 * @rows: rows (character)
2166 * @cols: cols (character)
2167 *
3ad2f3fb 2168 * Update the termios variables and send the necessary signals to
8c9a9dd0 2169 * peform a terminal resize correctly
af9b897e
AC		 2170 */
2171
fc6f6238 2172int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
1da177e4 2173{
fc6f6238 2174 struct pid *pgrp;
47f86834 2175 unsigned long flags;
1da177e4 2176
fc6f6238
AC		 2177 /* Lock the tty */
2178 mutex_lock(&tty->termios_mutex);
2179 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
ca9bda00 2180 goto done;
47f86834
AC		 2181 /* Get the PID values and reference them so we can
2182 avoid holding the tty ctrl lock while sending signals */
2183 spin_lock_irqsave(&tty->ctrl_lock, flags);
2184 pgrp = get_pid(tty->pgrp);
47f86834
AC		 2185 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2186
2187 if (pgrp)
2188 kill_pgrp(pgrp, SIGWINCH, 1);
47f86834 2189 put_pid(pgrp);
47f86834 2190
8c9a9dd0 2191 tty->winsize = *ws;
ca9bda00 2192done:
fc6f6238 2193 mutex_unlock(&tty->termios_mutex);
1da177e4
LT		 2194 return 0;
2195}
2196
8c9a9dd0
AC		 2197/**
2198 * tiocswinsz - implement window size set ioctl
fc6f6238 2199 * @tty; tty side of tty
8c9a9dd0
AC		 2200 * @arg: user buffer for result
2201 *
2202 * Copies the user idea of the window size to the kernel. Traditionally
2203 * this is just advisory information but for the Linux console it
2204 * actually has driver level meaning and triggers a VC resize.
2205 *
2206 * Locking:
25985edc 2207 * Driver dependent. The default do_resize method takes the
8c9a9dd0
AC		 2208 * tty termios mutex and ctrl_lock. The console takes its own lock
2209 * then calls into the default method.
2210 */
2211
fc6f6238 2212static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
8c9a9dd0
AC		 2213{
2214 struct winsize tmp_ws;
2215 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2216 return -EFAULT;
2217
2218 if (tty->ops->resize)
fc6f6238 2219 return tty->ops->resize(tty, &tmp_ws);
8c9a9dd0 2220 else
fc6f6238 2221 return tty_do_resize(tty, &tmp_ws);
8c9a9dd0
AC		 2222}
2223
af9b897e
AC		 2224/**
2225 * tioccons - allow admin to move logical console
2226 * @file: the file to become console
2227 *
25985edc 2228 * Allow the administrator to move the redirected console device
af9b897e
AC		 2229 *
2230 * Locking: uses redirect_lock to guard the redirect information
2231 */
2232
1da177e4
LT		 2233static int tioccons(struct file *file)
2234{
2235 if (!capable(CAP_SYS_ADMIN))
2236 return -EPERM;
2237 if (file->f_op->write == redirected_tty_write) {
2238 struct file *f;
2239 spin_lock(&redirect_lock);
2240 f = redirect;
2241 redirect = NULL;
2242 spin_unlock(&redirect_lock);
2243 if (f)
2244 fput(f);
2245 return 0;
2246 }
2247 spin_lock(&redirect_lock);
2248 if (redirect) {
2249 spin_unlock(&redirect_lock);
2250 return -EBUSY;
2251 }
2252 get_file(file);
2253 redirect = file;
2254 spin_unlock(&redirect_lock);
2255 return 0;
2256}
2257
af9b897e
AC		 2258/**
2259 * fionbio - non blocking ioctl
2260 * @file: file to set blocking value
2261 * @p: user parameter
2262 *
2263 * Historical tty interfaces had a blocking control ioctl before
2264 * the generic functionality existed. This piece of history is preserved
2265 * in the expected tty API of posix OS's.
2266 *
6146b9af 2267 * Locking: none, the open file handle ensures it won't go away.
af9b897e 2268 */
1da177e4
LT		 2269
2270static int fionbio(struct file *file, int __user *p)
2271{
2272 int nonblock;
2273
2274 if (get_user(nonblock, p))
2275 return -EFAULT;
2276
db1dd4d3 2277 spin_lock(&file->f_lock);
1da177e4
LT		 2278 if (nonblock)
2279 file->f_flags |= O_NONBLOCK;
2280 else
2281 file->f_flags &= ~O_NONBLOCK;
db1dd4d3 2282 spin_unlock(&file->f_lock);
1da177e4
LT		 2283 return 0;
2284}
2285
af9b897e
AC		 2286/**
2287 * tiocsctty - set controlling tty
2288 * @tty: tty structure
2289 * @arg: user argument
2290 *
2291 * This ioctl is used to manage job control. It permits a session
2292 * leader to set this tty as the controlling tty for the session.
2293 *
2294 * Locking:
28298232 2295 * Takes tty_mutex() to protect tty instance
24ec839c
PZ		 2296 * Takes tasklist_lock internally to walk sessions
2297 * Takes ->siglock() when updating signal->tty
af9b897e
AC		 2298 */
2299
1da177e4
LT		 2300static int tiocsctty(struct tty_struct *tty, int arg)
2301{
24ec839c 2302 int ret = 0;
ab521dc0 2303 if (current->signal->leader && (task_session(current) == tty->session))
24ec839c
PZ		 2304 return ret;
2305
2306 mutex_lock(&tty_mutex);
1da177e4
LT		 2307 /*
2308 * The process must be a session leader and
2309 * not have a controlling tty already.
2310 */
24ec839c
PZ		 2311 if (!current->signal->leader || current->signal->tty) {
2312 ret = -EPERM;
2313 goto unlock;
2314 }
2315
ab521dc0 2316 if (tty->session) {
1da177e4
LT		 2317 /*
2318 * This tty is already the controlling
2319 * tty for another session group!
2320 */
37bdfb07 2321 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
1da177e4
LT		 2322 /*
2323 * Steal it away
2324 */
1da177e4 2325 read_lock(&tasklist_lock);
24ec839c 2326 session_clear_tty(tty->session);
1da177e4 2327 read_unlock(&tasklist_lock);
24ec839c
PZ		 2328 } else {
2329 ret = -EPERM;
2330 goto unlock;
2331 }
1da177e4 2332 }
24ec839c
PZ		 2333 proc_set_tty(current, tty);
2334unlock:
28298232 2335 mutex_unlock(&tty_mutex);
24ec839c 2336 return ret;
1da177e4
LT		 2337}
2338
5d0fdf1e
AC		 2339/**
2340 * tty_get_pgrp - return a ref counted pgrp pid
2341 * @tty: tty to read
2342 *
2343 * Returns a refcounted instance of the pid struct for the process
2344 * group controlling the tty.
2345 */
2346
2347struct pid *tty_get_pgrp(struct tty_struct *tty)
2348{
2349 unsigned long flags;
2350 struct pid *pgrp;
2351
2352 spin_lock_irqsave(&tty->ctrl_lock, flags);
2353 pgrp = get_pid(tty->pgrp);
2354 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2355
2356 return pgrp;
2357}
2358EXPORT_SYMBOL_GPL(tty_get_pgrp);
2359
af9b897e
AC		 2360/**
2361 * tiocgpgrp - get process group
2362 * @tty: tty passed by user
25985edc 2363 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2364 * @p: returned pid
2365 *
2366 * Obtain the process group of the tty. If there is no process group
2367 * return an error.
2368 *
24ec839c 2369 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2370 */
2371
1da177e4
LT		 2372static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2373{
5d0fdf1e
AC		 2374 struct pid *pid;
2375 int ret;
1da177e4
LT		 2376 /*
2377 * (tty == real_tty) is a cheap way of
2378 * testing if the tty is NOT a master pty.
2379 */
2380 if (tty == real_tty && current->signal->tty != real_tty)
2381 return -ENOTTY;
5d0fdf1e
AC		 2382 pid = tty_get_pgrp(real_tty);
2383 ret = put_user(pid_vnr(pid), p);
2384 put_pid(pid);
2385 return ret;
1da177e4
LT		 2386}
2387
af9b897e
AC		 2388/**
2389 * tiocspgrp - attempt to set process group
2390 * @tty: tty passed by user
2391 * @real_tty: tty side device matching tty passed by user
2392 * @p: pid pointer
2393 *
2394 * Set the process group of the tty to the session passed. Only
2395 * permitted where the tty session is our session.
2396 *
47f86834 2397 * Locking: RCU, ctrl lock
af9b897e
AC		 2398 */
2399
1da177e4
LT		 2400static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2401{
04a2e6a5
EB		 2402 struct pid *pgrp;
2403 pid_t pgrp_nr;
1da177e4 2404 int retval = tty_check_change(real_tty);
47f86834 2405 unsigned long flags;
1da177e4
LT		 2406
2407 if (retval == -EIO)
2408 return -ENOTTY;
2409 if (retval)
2410 return retval;
2411 if (!current->signal->tty ||
2412 (current->signal->tty != real_tty) ||
ab521dc0 2413 (real_tty->session != task_session(current)))
1da177e4 2414 return -ENOTTY;
04a2e6a5 2415 if (get_user(pgrp_nr, p))
1da177e4 2416 return -EFAULT;
04a2e6a5 2417 if (pgrp_nr < 0)
1da177e4 2418 return -EINVAL;
04a2e6a5 2419 rcu_read_lock();
b488893a 2420 pgrp = find_vpid(pgrp_nr);
04a2e6a5
EB		 2421 retval = -ESRCH;
2422 if (!pgrp)
2423 goto out_unlock;
2424 retval = -EPERM;
2425 if (session_of_pgrp(pgrp) != task_session(current))
2426 goto out_unlock;
2427 retval = 0;
47f86834 2428 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2429 put_pid(real_tty->pgrp);
2430 real_tty->pgrp = get_pid(pgrp);
47f86834 2431 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
04a2e6a5
EB		 2432out_unlock:
2433 rcu_read_unlock();
2434 return retval;
1da177e4
LT		 2435}
2436
af9b897e
AC		 2437/**
2438 * tiocgsid - get session id
2439 * @tty: tty passed by user
25985edc 2440 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2441 * @p: pointer to returned session id
2442 *
2443 * Obtain the session id of the tty. If there is no session
2444 * return an error.
2445 *
24ec839c 2446 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2447 */
2448
1da177e4
LT		 2449static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2450{
2451 /*
2452 * (tty == real_tty) is a cheap way of
2453 * testing if the tty is NOT a master pty.
2454 */
2455 if (tty == real_tty && current->signal->tty != real_tty)
2456 return -ENOTTY;
ab521dc0 2457 if (!real_tty->session)
1da177e4 2458 return -ENOTTY;
b488893a 2459 return put_user(pid_vnr(real_tty->session), p);
1da177e4
LT		 2460}
2461
af9b897e
AC		 2462/**
2463 * tiocsetd - set line discipline
2464 * @tty: tty device
2465 * @p: pointer to user data
2466 *
2467 * Set the line discipline according to user request.
2468 *
2469 * Locking: see tty_set_ldisc, this function is just a helper
2470 */
2471
1da177e4
LT		 2472static int tiocsetd(struct tty_struct *tty, int __user *p)
2473{
2474 int ldisc;
04f378b1 2475 int ret;
1da177e4
LT		 2476
2477 if (get_user(ldisc, p))
2478 return -EFAULT;
04f378b1 2479
04f378b1 2480 ret = tty_set_ldisc(tty, ldisc);
04f378b1
AC		 2481
2482 return ret;
1da177e4
LT		 2483}
2484
af9b897e
AC		 2485/**
2486 * send_break - performed time break
2487 * @tty: device to break on
2488 * @duration: timeout in mS
2489 *
2490 * Perform a timed break on hardware that lacks its own driver level
2491 * timed break functionality.
2492 *
2493 * Locking:
28298232 2494 * atomic_write_lock serializes
af9b897e 2495 *
af9b897e
AC		 2496 */
2497
b20f3ae5 2498static int send_break(struct tty_struct *tty, unsigned int duration)
1da177e4 2499{
9e98966c
AC		 2500 int retval;
2501
2502 if (tty->ops->break_ctl == NULL)
2503 return 0;
2504
2505 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2506 retval = tty->ops->break_ctl(tty, duration);
2507 else {
2508 /* Do the work ourselves */
2509 if (tty_write_lock(tty, 0) < 0)
2510 return -EINTR;
2511 retval = tty->ops->break_ctl(tty, -1);
2512 if (retval)
2513 goto out;
2514 if (!signal_pending(current))
2515 msleep_interruptible(duration);
2516 retval = tty->ops->break_ctl(tty, 0);
2517out:
2518 tty_write_unlock(tty);
2519 if (signal_pending(current))
2520 retval = -EINTR;
2521 }
2522 return retval;
1da177e4
LT		 2523}
2524
af9b897e 2525/**
f34d7a5b 2526 * tty_tiocmget - get modem status
af9b897e
AC		 2527 * @tty: tty device
2528 * @file: user file pointer
2529 * @p: pointer to result
2530 *
2531 * Obtain the modem status bits from the tty driver if the feature
2532 * is supported. Return -EINVAL if it is not available.
2533 *
2534 * Locking: none (up to the driver)
2535 */
2536
60b33c13 2537static int tty_tiocmget(struct tty_struct *tty, int __user *p)
1da177e4
LT		 2538{
2539 int retval = -EINVAL;
2540
f34d7a5b 2541 if (tty->ops->tiocmget) {
60b33c13 2542 retval = tty->ops->tiocmget(tty);
1da177e4
LT		 2543
2544 if (retval >= 0)
2545 retval = put_user(retval, p);
2546 }
2547 return retval;
2548}
2549
af9b897e 2550/**
f34d7a5b 2551 * tty_tiocmset - set modem status
af9b897e 2552 * @tty: tty device
af9b897e
AC		 2553 * @cmd: command - clear bits, set bits or set all
2554 * @p: pointer to desired bits
2555 *
2556 * Set the modem status bits from the tty driver if the feature
2557 * is supported. Return -EINVAL if it is not available.
2558 *
2559 * Locking: none (up to the driver)
2560 */
2561
20b9d177 2562static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
1da177e4
LT		 2563 unsigned __user *p)
2564{
ae677517
AC		 2565 int retval;
2566 unsigned int set, clear, val;
1da177e4 2567
ae677517
AC		 2568 if (tty->ops->tiocmset == NULL)
2569 return -EINVAL;
1da177e4 2570
ae677517
AC		 2571 retval = get_user(val, p);
2572 if (retval)
2573 return retval;
2574 set = clear = 0;
2575 switch (cmd) {
2576 case TIOCMBIS:
2577 set = val;
2578 break;
2579 case TIOCMBIC:
2580 clear = val;
2581 break;
2582 case TIOCMSET:
2583 set = val;
2584 clear = ~val;
2585 break;
2586 }
2587 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2588 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
20b9d177 2589 return tty->ops->tiocmset(tty, set, clear);
1da177e4
LT		 2590}
2591
d281da7f
AC		 2592static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2593{
2594 int retval = -EINVAL;
2595 struct serial_icounter_struct icount;
2596 memset(&icount, 0, sizeof(icount));
2597 if (tty->ops->get_icount)
2598 retval = tty->ops->get_icount(tty, &icount);
2599 if (retval != 0)
2600 return retval;
2601 if (copy_to_user(arg, &icount, sizeof(icount)))
2602 return -EFAULT;
2603 return 0;
2604}
2605
e8b70e7d
AC		 2606struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2607{
2608 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2609 tty->driver->subtype == PTY_TYPE_MASTER)
2610 tty = tty->link;
2611 return tty;
2612}
2613EXPORT_SYMBOL(tty_pair_get_tty);
2614
2615struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2616{
2617 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2618 tty->driver->subtype == PTY_TYPE_MASTER)
2619 return tty;
2620 return tty->link;
2621}
2622EXPORT_SYMBOL(tty_pair_get_pty);
2623
1da177e4
LT		 2624/*
2625 * Split this up, as gcc can choke on it otherwise..
2626 */
04f378b1 2627long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1da177e4 2628{
d996b62a
NP		 2629 struct tty_struct *tty = file_tty(file);
2630 struct tty_struct *real_tty;
1da177e4
LT		 2631 void __user *p = (void __user *)arg;
2632 int retval;
2633 struct tty_ldisc *ld;
04f378b1 2634 struct inode *inode = file->f_dentry->d_inode;
37bdfb07 2635
1da177e4
LT		 2636 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2637 return -EINVAL;
2638
e8b70e7d 2639 real_tty = tty_pair_get_tty(tty);
1da177e4
LT		 2640
2641 /*
2642 * Factor out some common prep work
2643 */
2644 switch (cmd) {
2645 case TIOCSETD:
2646 case TIOCSBRK:
2647 case TIOCCBRK:
2648 case TCSBRK:
37bdfb07 2649 case TCSBRKP:
1da177e4
LT		 2650 retval = tty_check_change(tty);
2651 if (retval)
2652 return retval;
2653 if (cmd != TIOCCBRK) {
2654 tty_wait_until_sent(tty, 0);
2655 if (signal_pending(current))
2656 return -EINTR;
2657 }
2658 break;
2659 }
2660
9e98966c
AC		 2661 /*
2662 * Now do the stuff.
2663 */
1da177e4 2664 switch (cmd) {
37bdfb07
AC		 2665 case TIOCSTI:
2666 return tiocsti(tty, p);
2667 case TIOCGWINSZ:
8f520021 2668 return tiocgwinsz(real_tty, p);
37bdfb07 2669 case TIOCSWINSZ:
fc6f6238 2670 return tiocswinsz(real_tty, p);
37bdfb07
AC		 2671 case TIOCCONS:
2672 return real_tty != tty ? -EINVAL : tioccons(file);
2673 case FIONBIO:
2674 return fionbio(file, p);
2675 case TIOCEXCL:
2676 set_bit(TTY_EXCLUSIVE, &tty->flags);
2677 return 0;
2678 case TIOCNXCL:
2679 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2680 return 0;
2681 case TIOCNOTTY:
2682 if (current->signal->tty != tty)
2683 return -ENOTTY;
2684 no_tty();
2685 return 0;
2686 case TIOCSCTTY:
2687 return tiocsctty(tty, arg);
2688 case TIOCGPGRP:
2689 return tiocgpgrp(tty, real_tty, p);
2690 case TIOCSPGRP:
2691 return tiocspgrp(tty, real_tty, p);
2692 case TIOCGSID:
2693 return tiocgsid(tty, real_tty, p);
2694 case TIOCGETD:
c65c9bc3 2695 return put_user(tty->ldisc->ops->num, (int __user *)p);
37bdfb07
AC		 2696 case TIOCSETD:
2697 return tiocsetd(tty, p);
3c95c985
KS		 2698 case TIOCVHANGUP:
2699 if (!capable(CAP_SYS_ADMIN))
2700 return -EPERM;
2701 tty_vhangup(tty);
2702 return 0;
b7b8de08
WF		 2703 case TIOCGDEV:
2704 {
2705 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2706 return put_user(ret, (unsigned int __user *)p);
2707 }
37bdfb07
AC		 2708 /*
2709 * Break handling
2710 */
2711 case TIOCSBRK: /* Turn break on, unconditionally */
f34d7a5b 2712 if (tty->ops->break_ctl)
9e98966c 2713 return tty->ops->break_ctl(tty, -1);
37bdfb07 2714 return 0;
37bdfb07 2715 case TIOCCBRK: /* Turn break off, unconditionally */
f34d7a5b 2716 if (tty->ops->break_ctl)
9e98966c 2717 return tty->ops->break_ctl(tty, 0);
37bdfb07
AC		 2718 return 0;
2719 case TCSBRK: /* SVID version: non-zero arg --> no break */
2720 /* non-zero arg means wait for all output data
2721 * to be sent (performed above) but don't send break.
2722 * This is used by the tcdrain() termios function.
2723 */
2724 if (!arg)
2725 return send_break(tty, 250);
2726 return 0;
2727 case TCSBRKP: /* support for POSIX tcsendbreak() */
2728 return send_break(tty, arg ? arg*100 : 250);
2729
2730 case TIOCMGET:
60b33c13 2731 return tty_tiocmget(tty, p);
37bdfb07
AC		 2732 case TIOCMSET:
2733 case TIOCMBIC:
2734 case TIOCMBIS:
20b9d177 2735 return tty_tiocmset(tty, cmd, p);
d281da7f
AC		 2736 case TIOCGICOUNT:
2737 retval = tty_tiocgicount(tty, p);
2738 /* For the moment allow fall through to the old method */
2739 if (retval != -EINVAL)
2740 return retval;
2741 break;
37bdfb07
AC		 2742 case TCFLSH:
2743 switch (arg) {
2744 case TCIFLUSH:
2745 case TCIOFLUSH:
2746 /* flush tty buffer and allow ldisc to process ioctl */
2747 tty_buffer_flush(tty);
c5c34d48 2748 break;
37bdfb07
AC		 2749 }
2750 break;
1da177e4 2751 }
f34d7a5b 2752 if (tty->ops->ioctl) {
6caa76b7 2753 retval = (tty->ops->ioctl)(tty, cmd, arg);
1da177e4
LT		 2754 if (retval != -ENOIOCTLCMD)
2755 return retval;
2756 }
2757 ld = tty_ldisc_ref_wait(tty);
2758 retval = -EINVAL;
a352def2
AC		 2759 if (ld->ops->ioctl) {
2760 retval = ld->ops->ioctl(tty, file, cmd, arg);
1da177e4
LT		 2761 if (retval == -ENOIOCTLCMD)
2762 retval = -EINVAL;
2763 }
2764 tty_ldisc_deref(ld);
2765 return retval;
2766}
2767
e10cc1df 2768#ifdef CONFIG_COMPAT
37bdfb07 2769static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 2770 unsigned long arg)
2771{
2772 struct inode *inode = file->f_dentry->d_inode;
d996b62a 2773 struct tty_struct *tty = file_tty(file);
e10cc1df
PF		 2774 struct tty_ldisc *ld;
2775 int retval = -ENOIOCTLCMD;
2776
2777 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2778 return -EINVAL;
2779
f34d7a5b 2780 if (tty->ops->compat_ioctl) {
6caa76b7 2781 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
e10cc1df
PF		 2782 if (retval != -ENOIOCTLCMD)
2783 return retval;
2784 }
2785
2786 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2787 if (ld->ops->compat_ioctl)
2788 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
8193c429
TM		 2789 else
2790 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
e10cc1df
PF		 2791 tty_ldisc_deref(ld);
2792
2793 return retval;
2794}
2795#endif
1da177e4
LT		 2796
2797/*
2798 * This implements the "Secure Attention Key" --- the idea is to
2799 * prevent trojan horses by killing all processes associated with this
2800 * tty when the user hits the "Secure Attention Key". Required for
2801 * super-paranoid applications --- see the Orange Book for more details.
37bdfb07 2802 *
1da177e4
LT		 2803 * This code could be nicer; ideally it should send a HUP, wait a few
2804 * seconds, then send a INT, and then a KILL signal. But you then
2805 * have to coordinate with the init process, since all processes associated
2806 * with the current tty must be dead before the new getty is allowed
2807 * to spawn.
2808 *
2809 * Now, if it would be correct ;-/ The current code has a nasty hole -
2810 * it doesn't catch files in flight. We may send the descriptor to ourselves
2811 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2812 *
2813 * Nasty bug: do_SAK is being called in interrupt context. This can
2814 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2815 */
8b6312f4 2816void __do_SAK(struct tty_struct *tty)
1da177e4
LT		 2817{
2818#ifdef TTY_SOFT_SAK
2819 tty_hangup(tty);
2820#else
652486fb 2821 struct task_struct *g, *p;
ab521dc0 2822 struct pid *session;
1da177e4
LT		 2823 int i;
2824 struct file *filp;
badf1662 2825 struct fdtable *fdt;
37bdfb07 2826
1da177e4
LT		 2827 if (!tty)
2828 return;
24ec839c 2829 session = tty->session;
37bdfb07 2830
b3f13deb 2831 tty_ldisc_flush(tty);
1da177e4 2832
f34d7a5b 2833 tty_driver_flush_buffer(tty);
37bdfb07 2834
1da177e4 2835 read_lock(&tasklist_lock);
652486fb 2836 /* Kill the entire session */
ab521dc0 2837 do_each_pid_task(session, PIDTYPE_SID, p) {
652486fb 2838 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 2839 " (%s): task_session(p)==tty->session\n",
ba25f9dc 2840 task_pid_nr(p), p->comm);
652486fb 2841 send_sig(SIGKILL, p, 1);
ab521dc0 2842 } while_each_pid_task(session, PIDTYPE_SID, p);
652486fb
EB		 2843 /* Now kill any processes that happen to have the
2844 * tty open.
2845 */
2846 do_each_thread(g, p) {
2847 if (p->signal->tty == tty) {
1da177e4 2848 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 2849 " (%s): task_session(p)==tty->session\n",
ba25f9dc 2850 task_pid_nr(p), p->comm);
1da177e4
LT		 2851 send_sig(SIGKILL, p, 1);
2852 continue;
2853 }
2854 task_lock(p);
2855 if (p->files) {
ca99c1da
DS		 2856 /*
2857 * We don't take a ref to the file, so we must
2858 * hold ->file_lock instead.
2859 */
2860 spin_lock(&p->files->file_lock);
badf1662 2861 fdt = files_fdtable(p->files);
37bdfb07 2862 for (i = 0; i < fdt->max_fds; i++) {
1da177e4
LT		 2863 filp = fcheck_files(p->files, i);
2864 if (!filp)
2865 continue;
2866 if (filp->f_op->read == tty_read &&
d996b62a 2867 file_tty(filp) == tty) {
1da177e4
LT		 2868 printk(KERN_NOTICE "SAK: killed process %d"
2869 " (%s): fd#%d opened to the tty\n",
ba25f9dc 2870 task_pid_nr(p), p->comm, i);
20ac9437 2871 force_sig(SIGKILL, p);
1da177e4
LT		 2872 break;
2873 }
2874 }
ca99c1da 2875 spin_unlock(&p->files->file_lock);
1da177e4
LT		 2876 }
2877 task_unlock(p);
652486fb 2878 } while_each_thread(g, p);
1da177e4
LT		 2879 read_unlock(&tasklist_lock);
2880#endif
2881}
2882
8b6312f4
EB		 2883static void do_SAK_work(struct work_struct *work)
2884{
2885 struct tty_struct *tty =
2886 container_of(work, struct tty_struct, SAK_work);
2887 __do_SAK(tty);
2888}
2889
1da177e4
LT		 2890/*
2891 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2892 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2893 * the values which we write to it will be identical to the values which it
2894 * already has. --akpm
2895 */
2896void do_SAK(struct tty_struct *tty)
2897{
2898 if (!tty)
2899 return;
1da177e4
LT		 2900 schedule_work(&tty->SAK_work);
2901}
2902
2903EXPORT_SYMBOL(do_SAK);
2904
30004ac9
DES		 2905static int dev_match_devt(struct device *dev, void *data)
2906{
2907 dev_t *devt = data;
2908 return dev->devt == *devt;
2909}
2910
2911/* Must put_device() after it's unused! */
2912static struct device *tty_get_device(struct tty_struct *tty)
2913{
2914 dev_t devt = tty_devnum(tty);
2915 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2916}
2917
2918
af9b897e
AC		 2919/**
2920 * initialize_tty_struct
2921 * @tty: tty to initialize
2922 *
2923 * This subroutine initializes a tty structure that has been newly
2924 * allocated.
2925 *
2926 * Locking: none - tty in question must not be exposed at this point
1da177e4 2927 */
af9b897e 2928
bf970ee4
AC		 2929void initialize_tty_struct(struct tty_struct *tty,
2930 struct tty_driver *driver, int idx)
1da177e4
LT		 2931{
2932 memset(tty, 0, sizeof(struct tty_struct));
9c9f4ded 2933 kref_init(&tty->kref);
1da177e4 2934 tty->magic = TTY_MAGIC;
01e1abb2 2935 tty_ldisc_init(tty);
ab521dc0
EB		 2936 tty->session = NULL;
2937 tty->pgrp = NULL;
1da177e4 2938 tty->overrun_time = jiffies;
33f0f88f 2939 tty_buffer_init(tty);
5785c95b 2940 mutex_init(&tty->termios_mutex);
c65c9bc3 2941 mutex_init(&tty->ldisc_mutex);
1da177e4
LT		 2942 init_waitqueue_head(&tty->write_wait);
2943 init_waitqueue_head(&tty->read_wait);
65f27f38 2944 INIT_WORK(&tty->hangup_work, do_tty_hangup);
70522e12
IM		 2945 mutex_init(&tty->atomic_read_lock);
2946 mutex_init(&tty->atomic_write_lock);
a88a69c9
JP		 2947 mutex_init(&tty->output_lock);
2948 mutex_init(&tty->echo_lock);
1da177e4 2949 spin_lock_init(&tty->read_lock);
04f378b1 2950 spin_lock_init(&tty->ctrl_lock);
1da177e4 2951 INIT_LIST_HEAD(&tty->tty_files);
7f1f86a0 2952 INIT_WORK(&tty->SAK_work, do_SAK_work);
bf970ee4
AC		 2953
2954 tty->driver = driver;
2955 tty->ops = driver->ops;
2956 tty->index = idx;
2957 tty_line_name(driver, idx, tty->name);
30004ac9 2958 tty->dev = tty_get_device(tty);
1da177e4
LT		 2959}
2960
6716671d
JS		 2961/**
2962 * deinitialize_tty_struct
2963 * @tty: tty to deinitialize
2964 *
2965 * This subroutine deinitializes a tty structure that has been newly
2966 * allocated but tty_release cannot be called on that yet.
2967 *
2968 * Locking: none - tty in question must not be exposed at this point
2969 */
2970void deinitialize_tty_struct(struct tty_struct *tty)
2971{
2972 tty_ldisc_deinit(tty);
2973}
2974
f34d7a5b
AC		 2975/**
2976 * tty_put_char - write one character to a tty
2977 * @tty: tty
2978 * @ch: character
2979 *
2980 * Write one byte to the tty using the provided put_char method
2981 * if present. Returns the number of characters successfully output.
2982 *
2983 * Note: the specific put_char operation in the driver layer may go
2984 * away soon. Don't call it directly, use this method
1da177e4 2985 */
af9b897e 2986
f34d7a5b 2987int tty_put_char(struct tty_struct *tty, unsigned char ch)
1da177e4 2988{
f34d7a5b
AC		 2989 if (tty->ops->put_char)
2990 return tty->ops->put_char(tty, ch);
2991 return tty->ops->write(tty, &ch, 1);
1da177e4 2992}
f34d7a5b
AC		 2993EXPORT_SYMBOL_GPL(tty_put_char);
2994
d81ed103 2995struct class *tty_class;
1da177e4
LT		 2996
2997/**
af9b897e
AC		 2998 * tty_register_device - register a tty device
2999 * @driver: the tty driver that describes the tty device
3000 * @index: the index in the tty driver for this tty device
3001 * @device: a struct device that is associated with this tty device.
3002 * This field is optional, if there is no known struct device
3003 * for this tty device it can be set to NULL safely.
1da177e4 3004 *
01107d34
GKH		 3005 * Returns a pointer to the struct device for this tty device
3006 * (or ERR_PTR(-EFOO) on error).
1cdcb6b4 3007 *
af9b897e
AC		 3008 * This call is required to be made to register an individual tty device
3009 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3010 * that bit is not set, this function should not be called by a tty
3011 * driver.
3012 *
3013 * Locking: ??
1da177e4 3014 */
af9b897e 3015
01107d34
GKH		 3016struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3017 struct device *device)
1da177e4
LT		 3018{
3019 char name[64];
3020 dev_t dev = MKDEV(driver->major, driver->minor_start) + index;
3021
3022 if (index >= driver->num) {
3023 printk(KERN_ERR "Attempt to register invalid tty line number "
3024 " (%d).\n", index);
1cdcb6b4 3025 return ERR_PTR(-EINVAL);
1da177e4
LT		 3026 }
3027
1da177e4
LT		 3028 if (driver->type == TTY_DRIVER_TYPE_PTY)
3029 pty_line_name(driver, index, name);
3030 else
3031 tty_line_name(driver, index, name);
1cdcb6b4 3032
03457cd4 3033 return device_create(tty_class, device, dev, NULL, name);
1da177e4 3034}
7d7b93c1 3035EXPORT_SYMBOL(tty_register_device);
1da177e4
LT		 3036
3037/**
af9b897e
AC		 3038 * tty_unregister_device - unregister a tty device
3039 * @driver: the tty driver that describes the tty device
3040 * @index: the index in the tty driver for this tty device
1da177e4 3041 *
af9b897e
AC		 3042 * If a tty device is registered with a call to tty_register_device() then
3043 * this function must be called when the tty device is gone.
3044 *
3045 * Locking: ??
1da177e4 3046 */
af9b897e 3047
1da177e4
LT		 3048void tty_unregister_device(struct tty_driver *driver, unsigned index)
3049{
37bdfb07
AC		 3050 device_destroy(tty_class,
3051 MKDEV(driver->major, driver->minor_start) + index);
1da177e4 3052}
1da177e4
LT		 3053EXPORT_SYMBOL(tty_unregister_device);
3054
1a54a76d 3055struct tty_driver *__alloc_tty_driver(int lines, struct module *owner)
1da177e4
LT		 3056{
3057 struct tty_driver *driver;
3058
506eb99a 3059 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
1da177e4 3060 if (driver) {
7d7b93c1 3061 kref_init(&driver->kref);
1da177e4
LT		 3062 driver->magic = TTY_DRIVER_MAGIC;
3063 driver->num = lines;
1a54a76d 3064 driver->owner = owner;
1da177e4
LT		 3065 /* later we'll move allocation of tables here */
3066 }
3067 return driver;
3068}
1a54a76d 3069EXPORT_SYMBOL(__alloc_tty_driver);
1da177e4 3070
7d7b93c1 3071static void destruct_tty_driver(struct kref *kref)
1da177e4 3072{
7d7b93c1
AC		 3073 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3074 int i;
3075 struct ktermios *tp;
3076 void *p;
3077
3078 if (driver->flags & TTY_DRIVER_INSTALLED) {
3079 /*
3080 * Free the termios and termios_locked structures because
3081 * we don't want to get memory leaks when modular tty
3082 * drivers are removed from the kernel.
3083 */
3084 for (i = 0; i < driver->num; i++) {
3085 tp = driver->termios[i];
3086 if (tp) {
3087 driver->termios[i] = NULL;
3088 kfree(tp);
3089 }
7d7b93c1
AC		 3090 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3091 tty_unregister_device(driver, i);
3092 }
3093 p = driver->ttys;
3094 proc_tty_unregister_driver(driver);
3095 driver->ttys = NULL;
fe6e29fd 3096 driver->termios = NULL;
7d7b93c1
AC		 3097 kfree(p);
3098 cdev_del(&driver->cdev);
3099 }
04831dc1 3100 kfree(driver->ports);
1da177e4
LT		 3101 kfree(driver);
3102}
3103
7d7b93c1
AC		 3104void tty_driver_kref_put(struct tty_driver *driver)
3105{
3106 kref_put(&driver->kref, destruct_tty_driver);
3107}
3108EXPORT_SYMBOL(tty_driver_kref_put);
3109
b68e31d0
JD		 3110void tty_set_operations(struct tty_driver *driver,
3111 const struct tty_operations *op)
1da177e4 3112{
f34d7a5b
AC		 3113 driver->ops = op;
3114};
7d7b93c1 3115EXPORT_SYMBOL(tty_set_operations);
1da177e4 3116
7d7b93c1
AC		 3117void put_tty_driver(struct tty_driver *d)
3118{
3119 tty_driver_kref_put(d);
3120}
1da177e4 3121EXPORT_SYMBOL(put_tty_driver);
1da177e4
LT		 3122
3123/*
3124 * Called by a tty driver to register itself.
3125 */
3126int tty_register_driver(struct tty_driver *driver)
3127{
3128 int error;
37bdfb07 3129 int i;
1da177e4
LT		 3130 dev_t dev;
3131 void **p = NULL;
b670bde0 3132 struct device *d;
1da177e4 3133
543691a6 3134 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) {
fe6e29fd 3135 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL);
1da177e4
LT		 3136 if (!p)
3137 return -ENOMEM;
1da177e4 3138 }
04831dc1
JS		 3139 /*
3140 * There is too many lines in PTY and we won't need the array there
3141 * since it has an ->install hook where it assigns ports properly.
3142 */
3143 if (driver->type != TTY_DRIVER_TYPE_PTY) {
3144 driver->ports = kcalloc(driver->num, sizeof(struct tty_port *),
3145 GFP_KERNEL);
3146 if (!driver->ports) {
3147 error = -ENOMEM;
3148 goto err_free_p;
3149 }
3150 }
1da177e4
LT		 3151
3152 if (!driver->major) {
37bdfb07
AC		 3153 error = alloc_chrdev_region(&dev, driver->minor_start,
3154 driver->num, driver->name);
1da177e4
LT		 3155 if (!error) {
3156 driver->major = MAJOR(dev);
3157 driver->minor_start = MINOR(dev);
3158 }
3159 } else {
3160 dev = MKDEV(driver->major, driver->minor_start);
e5717c48 3161 error = register_chrdev_region(dev, driver->num, driver->name);
1da177e4 3162 }
9bb8a3d4
JS		 3163 if (error < 0)
3164 goto err_free_p;
1da177e4
LT		 3165
3166 if (p) {
3167 driver->ttys = (struct tty_struct **)p;
edc6afc5 3168 driver->termios = (struct ktermios **)(p + driver->num);
1da177e4
LT		 3169 } else {
3170 driver->ttys = NULL;
3171 driver->termios = NULL;
1da177e4
LT		 3172 }
3173
3174 cdev_init(&driver->cdev, &tty_fops);
3175 driver->cdev.owner = driver->owner;
3176 error = cdev_add(&driver->cdev, dev, driver->num);
9bb8a3d4
JS		 3177 if (error)
3178 goto err_unreg_char;
1da177e4 3179
ca509f69 3180 mutex_lock(&tty_mutex);
1da177e4 3181 list_add(&driver->tty_drivers, &tty_drivers);
ca509f69 3182 mutex_unlock(&tty_mutex);
37bdfb07
AC		 3183
3184 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
b670bde0
VK		 3185 for (i = 0; i < driver->num; i++) {
3186 d = tty_register_device(driver, i, NULL);
3187 if (IS_ERR(d)) {
3188 error = PTR_ERR(d);
3189 goto err;
3190 }
3191 }
1da177e4
LT		 3192 }
3193 proc_tty_register_driver(driver);
7d7b93c1 3194 driver->flags |= TTY_DRIVER_INSTALLED;
1da177e4 3195 return 0;
b670bde0
VK		 3196
3197err:
3198 for (i--; i >= 0; i--)
3199 tty_unregister_device(driver, i);
3200
3201 mutex_lock(&tty_mutex);
3202 list_del(&driver->tty_drivers);
3203 mutex_unlock(&tty_mutex);
3204
9bb8a3d4 3205err_unreg_char:
b670bde0
VK		 3206 unregister_chrdev_region(dev, driver->num);
3207 driver->ttys = NULL;
3208 driver->termios = NULL;
04831dc1 3209err_free_p: /* destruct_tty_driver will free driver->ports */
b670bde0
VK		 3210 kfree(p);
3211 return error;
1da177e4 3212}
1da177e4
LT		 3213EXPORT_SYMBOL(tty_register_driver);
3214
3215/*
3216 * Called by a tty driver to unregister itself.
3217 */
3218int tty_unregister_driver(struct tty_driver *driver)
3219{
7d7b93c1
AC		 3220#if 0
3221 /* FIXME */
1da177e4
LT		 3222 if (driver->refcount)
3223 return -EBUSY;
7d7b93c1 3224#endif
1da177e4
LT		 3225 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3226 driver->num);
ca509f69 3227 mutex_lock(&tty_mutex);
1da177e4 3228 list_del(&driver->tty_drivers);
ca509f69 3229 mutex_unlock(&tty_mutex);
1da177e4
LT		 3230 return 0;
3231}
7d7b93c1 3232
1da177e4
LT		 3233EXPORT_SYMBOL(tty_unregister_driver);
3234
24ec839c
PZ		 3235dev_t tty_devnum(struct tty_struct *tty)
3236{
3237 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3238}
3239EXPORT_SYMBOL(tty_devnum);
3240
3241void proc_clear_tty(struct task_struct *p)
3242{
7c3b1dcf 3243 unsigned long flags;
9c9f4ded 3244 struct tty_struct *tty;
7c3b1dcf 3245 spin_lock_irqsave(&p->sighand->siglock, flags);
9c9f4ded 3246 tty = p->signal->tty;
24ec839c 3247 p->signal->tty = NULL;
7c3b1dcf 3248 spin_unlock_irqrestore(&p->sighand->siglock, flags);
9c9f4ded 3249 tty_kref_put(tty);
24ec839c 3250}
24ec839c 3251
47f86834
AC		 3252/* Called under the sighand lock */
3253
2a65f1d9 3254static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
24ec839c
PZ		 3255{
3256 if (tty) {
47f86834
AC		 3257 unsigned long flags;
3258 /* We should not have a session or pgrp to put here but.... */
3259 spin_lock_irqsave(&tty->ctrl_lock, flags);
d9c1e9a8
EB		 3260 put_pid(tty->session);
3261 put_pid(tty->pgrp);
ab521dc0 3262 tty->pgrp = get_pid(task_pgrp(tsk));
47f86834
AC		 3263 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3264 tty->session = get_pid(task_session(tsk));
9c9f4ded
AC		 3265 if (tsk->signal->tty) {
3266 printk(KERN_DEBUG "tty not NULL!!\n");
3267 tty_kref_put(tsk->signal->tty);
3268 }
24ec839c 3269 }
2a65f1d9 3270 put_pid(tsk->signal->tty_old_pgrp);
9c9f4ded 3271 tsk->signal->tty = tty_kref_get(tty);
ab521dc0 3272 tsk->signal->tty_old_pgrp = NULL;
24ec839c
PZ		 3273}
3274
98a27ba4 3275static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
24ec839c
PZ		 3276{
3277 spin_lock_irq(&tsk->sighand->siglock);
2a65f1d9 3278 __proc_set_tty(tsk, tty);
24ec839c
PZ		 3279 spin_unlock_irq(&tsk->sighand->siglock);
3280}
3281
3282struct tty_struct *get_current_tty(void)
3283{
3284 struct tty_struct *tty;
934e6ebf
AC		 3285 unsigned long flags;
3286
3287 spin_lock_irqsave(&current->sighand->siglock, flags);
452a00d2 3288 tty = tty_kref_get(current->signal->tty);
934e6ebf 3289 spin_unlock_irqrestore(&current->sighand->siglock, flags);
24ec839c
PZ		 3290 return tty;
3291}
a311f743 3292EXPORT_SYMBOL_GPL(get_current_tty);
1da177e4 3293
d81ed103
AC		 3294void tty_default_fops(struct file_operations *fops)
3295{
3296 *fops = tty_fops;
3297}
3298
1da177e4
LT		 3299/*
3300 * Initialize the console device. This is called *early*, so
3301 * we can't necessarily depend on lots of kernel help here.
3302 * Just do some early initializations, and do the complex setup
3303 * later.
3304 */
3305void __init console_init(void)
3306{
3307 initcall_t *call;
3308
3309 /* Setup the default TTY line discipline. */
01e1abb2 3310 tty_ldisc_begin();
1da177e4
LT		 3311
3312 /*
37bdfb07 3313 * set up the console device so that later boot sequences can
1da177e4
LT		 3314 * inform about problems etc..
3315 */
1da177e4
LT		 3316 call = __con_initcall_start;
3317 while (call < __con_initcall_end) {
3318 (*call)();
3319 call++;
3320 }
3321}
3322
2c9ede55 3323static char *tty_devnode(struct device *dev, umode_t *mode)
e454cea2
KS		 3324{
3325 if (!mode)
3326 return NULL;
3327 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3328 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3329 *mode = 0666;
3330 return NULL;
3331}
3332
1da177e4
LT		 3333static int __init tty_class_init(void)
3334{
7fe845d1 3335 tty_class = class_create(THIS_MODULE, "tty");
1da177e4
LT		 3336 if (IS_ERR(tty_class))
3337 return PTR_ERR(tty_class);
e454cea2 3338 tty_class->devnode = tty_devnode;
1da177e4
LT		 3339 return 0;
3340}
3341
3342postcore_initcall(tty_class_init);
3343
3344/* 3/2004 jmc: why do these devices exist? */
1da177e4 3345static struct cdev tty_cdev, console_cdev;
1da177e4 3346
fbc92a34
KS		 3347static ssize_t show_cons_active(struct device *dev,
3348 struct device_attribute *attr, char *buf)
3349{
3350 struct console *cs[16];
3351 int i = 0;
3352 struct console *c;
3353 ssize_t count = 0;
3354
ac751efa 3355 console_lock();
a2a6a822 3356 for_each_console(c) {
fbc92a34
KS		 3357 if (!c->device)
3358 continue;
3359 if (!c->write)
3360 continue;
3361 if ((c->flags & CON_ENABLED) == 0)
3362 continue;
3363 cs[i++] = c;
3364 if (i >= ARRAY_SIZE(cs))
3365 break;
3366 }
3367 while (i--)
3368 count += sprintf(buf + count, "%s%d%c",
3369 cs[i]->name, cs[i]->index, i ? ' ':'\n');
ac751efa 3370 console_unlock();
fbc92a34
KS		 3371
3372 return count;
3373}
3374static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3375
3376static struct device *consdev;
3377
3378void console_sysfs_notify(void)
3379{
3380 if (consdev)
3381 sysfs_notify(&consdev->kobj, NULL, "active");
3382}
3383
1da177e4
LT		 3384/*
3385 * Ok, now we can initialize the rest of the tty devices and can count
3386 * on memory allocations, interrupts etc..
3387 */
31d1d48e 3388int __init tty_init(void)
1da177e4
LT		 3389{
3390 cdev_init(&tty_cdev, &tty_fops);
3391 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3392 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3393 panic("Couldn't register /dev/tty driver\n");
fbc92a34 3394 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
1da177e4
LT		 3395
3396 cdev_init(&console_cdev, &console_fops);
3397 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3398 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3399 panic("Couldn't register /dev/console driver\n");
fbc92a34 3400 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
47aa5793 3401 "console");
fbc92a34
KS		 3402 if (IS_ERR(consdev))
3403 consdev = NULL;
3404 else
a2a6a822 3405 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
1da177e4 3406
1da177e4 3407#ifdef CONFIG_VT
d81ed103 3408 vty_init(&console_fops);
1da177e4
LT		 3409#endif
3410 return 0;
3411}
31d1d48e 3412
Linux 6.x block layer and io_uring tree(s)