projects / linux-2.6-block.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
serial: serial_core.h needs console.h included first
[linux-2.6-block.git] / drivers / tty / tty_io.c
... / ...
CommitLineData
1/*
2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5/*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
20 * makes for cleaner and more compact code. -TYT, 9/17/92
21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
42 *
43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
65 */
66
67#include <linux/types.h>
68#include <linux/major.h>
69#include <linux/errno.h>
70#include <linux/signal.h>
71#include <linux/fcntl.h>
72#include <linux/sched.h>
73#include <linux/interrupt.h>
74#include <linux/tty.h>
75#include <linux/tty_driver.h>
76#include <linux/tty_flip.h>
77#include <linux/devpts_fs.h>
78#include <linux/file.h>
79#include <linux/fdtable.h>
80#include <linux/console.h>
81#include <linux/timer.h>
82#include <linux/ctype.h>
83#include <linux/kd.h>
84#include <linux/mm.h>
85#include <linux/string.h>
86#include <linux/slab.h>
87#include <linux/poll.h>
88#include <linux/proc_fs.h>
89#include <linux/init.h>
90#include <linux/module.h>
91#include <linux/device.h>
92#include <linux/wait.h>
93#include <linux/bitops.h>
94#include <linux/delay.h>
95#include <linux/seq_file.h>
96#include <linux/serial.h>
97#include <linux/ratelimit.h>
98
99#include <linux/uaccess.h>
100
101#include <linux/kbd_kern.h>
102#include <linux/vt_kern.h>
103#include <linux/selection.h>
104
105#include <linux/kmod.h>
106#include <linux/nsproxy.h>
107
108#undef TTY_DEBUG_HANGUP
109
110#define TTY_PARANOIA_CHECK 1
111#define CHECK_TTY_COUNT 1
112
113struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
119 .c_cc = INIT_C_CC,
120 .c_ispeed = 38400,
121 .c_ospeed = 38400
122};
123
124EXPORT_SYMBOL(tty_std_termios);
125
126/* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
128 into this file */
129
130LIST_HEAD(tty_drivers); /* linked list of tty drivers */
131
132/* Mutex to protect creating and releasing a tty. This is shared with
133 vt.c for deeply disgusting hack reasons */
134DEFINE_MUTEX(tty_mutex);
135EXPORT_SYMBOL(tty_mutex);
136
137/* Spinlock to protect the tty->tty_files list */
138DEFINE_SPINLOCK(tty_files_lock);
139
140static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
142ssize_t redirected_tty_write(struct file *, const char __user *,
143 size_t, loff_t *);
144static unsigned int tty_poll(struct file *, poll_table *);
145static int tty_open(struct inode *, struct file *);
146long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
147#ifdef CONFIG_COMPAT
148static long tty_compat_ioctl(struct file *file, unsigned int cmd,
149 unsigned long arg);
150#else
151#define tty_compat_ioctl NULL
152#endif
153static int __tty_fasync(int fd, struct file *filp, int on);
154static int tty_fasync(int fd, struct file *filp, int on);
155static void release_tty(struct tty_struct *tty, int idx);
156static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
157static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
158
159/**
160 * alloc_tty_struct - allocate a tty object
161 *
162 * Return a new empty tty structure. The data fields have not
163 * been initialized in any way but has been zeroed
164 *
165 * Locking: none
166 */
167
168struct tty_struct *alloc_tty_struct(void)
169{
170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
171}
172
173/**
174 * free_tty_struct - free a disused tty
175 * @tty: tty struct to free
176 *
177 * Free the write buffers, tty queue and tty memory itself.
178 *
179 * Locking: none. Must be called after tty is definitely unused
180 */
181
182void free_tty_struct(struct tty_struct *tty)
183{
184 if (!tty)
185 return;
186 if (tty->dev)
187 put_device(tty->dev);
188 kfree(tty->write_buf);
189 tty_buffer_free_all(tty);
190 tty->magic = 0xDEADDEAD;
191 kfree(tty);
192}
193
194static inline struct tty_struct *file_tty(struct file *file)
195{
196 return ((struct tty_file_private *)file->private_data)->tty;
197}
198
199int tty_alloc_file(struct file *file)
200{
201 struct tty_file_private *priv;
202
203 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
204 if (!priv)
205 return -ENOMEM;
206
207 file->private_data = priv;
208
209 return 0;
210}
211
212/* Associate a new file with the tty structure */
213void tty_add_file(struct tty_struct *tty, struct file *file)
214{
215 struct tty_file_private *priv = file->private_data;
216
217 priv->tty = tty;
218 priv->file = file;
219
220 spin_lock(&tty_files_lock);
221 list_add(&priv->list, &tty->tty_files);
222 spin_unlock(&tty_files_lock);
223}
224
225/**
226 * tty_free_file - free file->private_data
227 *
228 * This shall be used only for fail path handling when tty_add_file was not
229 * called yet.
230 */
231void tty_free_file(struct file *file)
232{
233 struct tty_file_private *priv = file->private_data;
234
235 file->private_data = NULL;
236 kfree(priv);
237}
238
239/* Delete file from its tty */
240void tty_del_file(struct file *file)
241{
242 struct tty_file_private *priv = file->private_data;
243
244 spin_lock(&tty_files_lock);
245 list_del(&priv->list);
246 spin_unlock(&tty_files_lock);
247 tty_free_file(file);
248}
249
250
251#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
252
253/**
254 * tty_name - return tty naming
255 * @tty: tty structure
256 * @buf: buffer for output
257 *
258 * Convert a tty structure into a name. The name reflects the kernel
259 * naming policy and if udev is in use may not reflect user space
260 *
261 * Locking: none
262 */
263
264char *tty_name(struct tty_struct *tty, char *buf)
265{
266 if (!tty) /* Hmm. NULL pointer. That's fun. */
267 strcpy(buf, "NULL tty");
268 else
269 strcpy(buf, tty->name);
270 return buf;
271}
272
273EXPORT_SYMBOL(tty_name);
274
275int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
276 const char *routine)
277{
278#ifdef TTY_PARANOIA_CHECK
279 if (!tty) {
280 printk(KERN_WARNING
281 "null TTY for (%d:%d) in %s\n",
282 imajor(inode), iminor(inode), routine);
283 return 1;
284 }
285 if (tty->magic != TTY_MAGIC) {
286 printk(KERN_WARNING
287 "bad magic number for tty struct (%d:%d) in %s\n",
288 imajor(inode), iminor(inode), routine);
289 return 1;
290 }
291#endif
292 return 0;
293}
294
295static int check_tty_count(struct tty_struct *tty, const char *routine)
296{
297#ifdef CHECK_TTY_COUNT
298 struct list_head *p;
299 int count = 0;
300
301 spin_lock(&tty_files_lock);
302 list_for_each(p, &tty->tty_files) {
303 count++;
304 }
305 spin_unlock(&tty_files_lock);
306 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
307 tty->driver->subtype == PTY_TYPE_SLAVE &&
308 tty->link && tty->link->count)
309 count++;
310 if (tty->count != count) {
311 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
312 "!= #fd's(%d) in %s\n",
313 tty->name, tty->count, count, routine);
314 return count;
315 }
316#endif
317 return 0;
318}
319
320/**
321 * get_tty_driver - find device of a tty
322 * @dev_t: device identifier
323 * @index: returns the index of the tty
324 *
325 * This routine returns a tty driver structure, given a device number
326 * and also passes back the index number.
327 *
328 * Locking: caller must hold tty_mutex
329 */
330
331static struct tty_driver *get_tty_driver(dev_t device, int *index)
332{
333 struct tty_driver *p;
334
335 list_for_each_entry(p, &tty_drivers, tty_drivers) {
336 dev_t base = MKDEV(p->major, p->minor_start);
337 if (device < base || device >= base + p->num)
338 continue;
339 *index = device - base;
340 return tty_driver_kref_get(p);
341 }
342 return NULL;
343}
344
345#ifdef CONFIG_CONSOLE_POLL
346
347/**
348 * tty_find_polling_driver - find device of a polled tty
349 * @name: name string to match
350 * @line: pointer to resulting tty line nr
351 *
352 * This routine returns a tty driver structure, given a name
353 * and the condition that the tty driver is capable of polled
354 * operation.
355 */
356struct tty_driver *tty_find_polling_driver(char *name, int *line)
357{
358 struct tty_driver *p, *res = NULL;
359 int tty_line = 0;
360 int len;
361 char *str, *stp;
362
363 for (str = name; *str; str++)
364 if ((*str >= '0' && *str <= '9') || *str == ',')
365 break;
366 if (!*str)
367 return NULL;
368
369 len = str - name;
370 tty_line = simple_strtoul(str, &str, 10);
371
372 mutex_lock(&tty_mutex);
373 /* Search through the tty devices to look for a match */
374 list_for_each_entry(p, &tty_drivers, tty_drivers) {
375 if (strncmp(name, p->name, len) != 0)
376 continue;
377 stp = str;
378 if (*stp == ',')
379 stp++;
380 if (*stp == '\0')
381 stp = NULL;
382
383 if (tty_line >= 0 && tty_line < p->num && p->ops &&
384 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
385 res = tty_driver_kref_get(p);
386 *line = tty_line;
387 break;
388 }
389 }
390 mutex_unlock(&tty_mutex);
391
392 return res;
393}
394EXPORT_SYMBOL_GPL(tty_find_polling_driver);
395#endif
396
397/**
398 * tty_check_change - check for POSIX terminal changes
399 * @tty: tty to check
400 *
401 * If we try to write to, or set the state of, a terminal and we're
402 * not in the foreground, send a SIGTTOU. If the signal is blocked or
403 * ignored, go ahead and perform the operation. (POSIX 7.2)
404 *
405 * Locking: ctrl_lock
406 */
407
408int tty_check_change(struct tty_struct *tty)
409{
410 unsigned long flags;
411 int ret = 0;
412
413 if (current->signal->tty != tty)
414 return 0;
415
416 spin_lock_irqsave(&tty->ctrl_lock, flags);
417
418 if (!tty->pgrp) {
419 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
420 goto out_unlock;
421 }
422 if (task_pgrp(current) == tty->pgrp)
423 goto out_unlock;
424 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
425 if (is_ignored(SIGTTOU))
426 goto out;
427 if (is_current_pgrp_orphaned()) {
428 ret = -EIO;
429 goto out;
430 }
431 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
432 set_thread_flag(TIF_SIGPENDING);
433 ret = -ERESTARTSYS;
434out:
435 return ret;
436out_unlock:
437 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
438 return ret;
439}
440
441EXPORT_SYMBOL(tty_check_change);
442
443static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
444 size_t count, loff_t *ppos)
445{
446 return 0;
447}
448
449static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
450 size_t count, loff_t *ppos)
451{
452 return -EIO;
453}
454
455/* No kernel lock held - none needed ;) */
456static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
457{
458 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
459}
460
461static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
462 unsigned long arg)
463{
464 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
465}
466
467static long hung_up_tty_compat_ioctl(struct file *file,
468 unsigned int cmd, unsigned long arg)
469{
470 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
471}
472
473static const struct file_operations tty_fops = {
474 .llseek = no_llseek,
475 .read = tty_read,
476 .write = tty_write,
477 .poll = tty_poll,
478 .unlocked_ioctl = tty_ioctl,
479 .compat_ioctl = tty_compat_ioctl,
480 .open = tty_open,
481 .release = tty_release,
482 .fasync = tty_fasync,
483};
484
485static const struct file_operations console_fops = {
486 .llseek = no_llseek,
487 .read = tty_read,
488 .write = redirected_tty_write,
489 .poll = tty_poll,
490 .unlocked_ioctl = tty_ioctl,
491 .compat_ioctl = tty_compat_ioctl,
492 .open = tty_open,
493 .release = tty_release,
494 .fasync = tty_fasync,
495};
496
497static const struct file_operations hung_up_tty_fops = {
498 .llseek = no_llseek,
499 .read = hung_up_tty_read,
500 .write = hung_up_tty_write,
501 .poll = hung_up_tty_poll,
502 .unlocked_ioctl = hung_up_tty_ioctl,
503 .compat_ioctl = hung_up_tty_compat_ioctl,
504 .release = tty_release,
505};
506
507static DEFINE_SPINLOCK(redirect_lock);
508static struct file *redirect;
509
510/**
511 * tty_wakeup - request more data
512 * @tty: terminal
513 *
514 * Internal and external helper for wakeups of tty. This function
515 * informs the line discipline if present that the driver is ready
516 * to receive more output data.
517 */
518
519void tty_wakeup(struct tty_struct *tty)
520{
521 struct tty_ldisc *ld;
522
523 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
524 ld = tty_ldisc_ref(tty);
525 if (ld) {
526 if (ld->ops->write_wakeup)
527 ld->ops->write_wakeup(tty);
528 tty_ldisc_deref(ld);
529 }
530 }
531 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
532}
533
534EXPORT_SYMBOL_GPL(tty_wakeup);
535
536/**
537 * __tty_hangup - actual handler for hangup events
538 * @work: tty device
539 *
540 * This can be called by the "eventd" kernel thread. That is process
541 * synchronous but doesn't hold any locks, so we need to make sure we
542 * have the appropriate locks for what we're doing.
543 *
544 * The hangup event clears any pending redirections onto the hung up
545 * device. It ensures future writes will error and it does the needed
546 * line discipline hangup and signal delivery. The tty object itself
547 * remains intact.
548 *
549 * Locking:
550 * BTM
551 * redirect lock for undoing redirection
552 * file list lock for manipulating list of ttys
553 * tty_ldisc_lock from called functions
554 * termios_mutex resetting termios data
555 * tasklist_lock to walk task list for hangup event
556 * ->siglock to protect ->signal/->sighand
557 */
558void __tty_hangup(struct tty_struct *tty)
559{
560 struct file *cons_filp = NULL;
561 struct file *filp, *f = NULL;
562 struct task_struct *p;
563 struct tty_file_private *priv;
564 int closecount = 0, n;
565 unsigned long flags;
566 int refs = 0;
567
568 if (!tty)
569 return;
570
571
572 spin_lock(&redirect_lock);
573 if (redirect && file_tty(redirect) == tty) {
574 f = redirect;
575 redirect = NULL;
576 }
577 spin_unlock(&redirect_lock);
578
579 tty_lock(tty);
580
581 /* some functions below drop BTM, so we need this bit */
582 set_bit(TTY_HUPPING, &tty->flags);
583
584 /* inuse_filps is protected by the single tty lock,
585 this really needs to change if we want to flush the
586 workqueue with the lock held */
587 check_tty_count(tty, "tty_hangup");
588
589 spin_lock(&tty_files_lock);
590 /* This breaks for file handles being sent over AF_UNIX sockets ? */
591 list_for_each_entry(priv, &tty->tty_files, list) {
592 filp = priv->file;
593 if (filp->f_op->write == redirected_tty_write)
594 cons_filp = filp;
595 if (filp->f_op->write != tty_write)
596 continue;
597 closecount++;
598 __tty_fasync(-1, filp, 0); /* can't block */
599 filp->f_op = &hung_up_tty_fops;
600 }
601 spin_unlock(&tty_files_lock);
602
603 /*
604 * it drops BTM and thus races with reopen
605 * we protect the race by TTY_HUPPING
606 */
607 tty_ldisc_hangup(tty);
608
609 read_lock(&tasklist_lock);
610 if (tty->session) {
611 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
612 spin_lock_irq(&p->sighand->siglock);
613 if (p->signal->tty == tty) {
614 p->signal->tty = NULL;
615 /* We defer the dereferences outside fo
616 the tasklist lock */
617 refs++;
618 }
619 if (!p->signal->leader) {
620 spin_unlock_irq(&p->sighand->siglock);
621 continue;
622 }
623 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
624 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
625 put_pid(p->signal->tty_old_pgrp); /* A noop */
626 spin_lock_irqsave(&tty->ctrl_lock, flags);
627 if (tty->pgrp)
628 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
629 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
630 spin_unlock_irq(&p->sighand->siglock);
631 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
632 }
633 read_unlock(&tasklist_lock);
634
635 spin_lock_irqsave(&tty->ctrl_lock, flags);
636 clear_bit(TTY_THROTTLED, &tty->flags);
637 clear_bit(TTY_PUSH, &tty->flags);
638 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
639 put_pid(tty->session);
640 put_pid(tty->pgrp);
641 tty->session = NULL;
642 tty->pgrp = NULL;
643 tty->ctrl_status = 0;
644 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
645
646 /* Account for the p->signal references we killed */
647 while (refs--)
648 tty_kref_put(tty);
649
650 /*
651 * If one of the devices matches a console pointer, we
652 * cannot just call hangup() because that will cause
653 * tty->count and state->count to go out of sync.
654 * So we just call close() the right number of times.
655 */
656 if (cons_filp) {
657 if (tty->ops->close)
658 for (n = 0; n < closecount; n++)
659 tty->ops->close(tty, cons_filp);
660 } else if (tty->ops->hangup)
661 (tty->ops->hangup)(tty);
662 /*
663 * We don't want to have driver/ldisc interactions beyond
664 * the ones we did here. The driver layer expects no
665 * calls after ->hangup() from the ldisc side. However we
666 * can't yet guarantee all that.
667 */
668 set_bit(TTY_HUPPED, &tty->flags);
669 clear_bit(TTY_HUPPING, &tty->flags);
670 tty_ldisc_enable(tty);
671
672 tty_unlock(tty);
673
674 if (f)
675 fput(f);
676}
677
678static void do_tty_hangup(struct work_struct *work)
679{
680 struct tty_struct *tty =
681 container_of(work, struct tty_struct, hangup_work);
682
683 __tty_hangup(tty);
684}
685
686/**
687 * tty_hangup - trigger a hangup event
688 * @tty: tty to hangup
689 *
690 * A carrier loss (virtual or otherwise) has occurred on this like
691 * schedule a hangup sequence to run after this event.
692 */
693
694void tty_hangup(struct tty_struct *tty)
695{
696#ifdef TTY_DEBUG_HANGUP
697 char buf[64];
698 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
699#endif
700 schedule_work(&tty->hangup_work);
701}
702
703EXPORT_SYMBOL(tty_hangup);
704
705/**
706 * tty_vhangup - process vhangup
707 * @tty: tty to hangup
708 *
709 * The user has asked via system call for the terminal to be hung up.
710 * We do this synchronously so that when the syscall returns the process
711 * is complete. That guarantee is necessary for security reasons.
712 */
713
714void tty_vhangup(struct tty_struct *tty)
715{
716#ifdef TTY_DEBUG_HANGUP
717 char buf[64];
718
719 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
720#endif
721 __tty_hangup(tty);
722}
723
724EXPORT_SYMBOL(tty_vhangup);
725
726
727/**
728 * tty_vhangup_self - process vhangup for own ctty
729 *
730 * Perform a vhangup on the current controlling tty
731 */
732
733void tty_vhangup_self(void)
734{
735 struct tty_struct *tty;
736
737 tty = get_current_tty();
738 if (tty) {
739 tty_vhangup(tty);
740 tty_kref_put(tty);
741 }
742}
743
744/**
745 * tty_hung_up_p - was tty hung up
746 * @filp: file pointer of tty
747 *
748 * Return true if the tty has been subject to a vhangup or a carrier
749 * loss
750 */
751
752int tty_hung_up_p(struct file *filp)
753{
754 return (filp->f_op == &hung_up_tty_fops);
755}
756
757EXPORT_SYMBOL(tty_hung_up_p);
758
759static void session_clear_tty(struct pid *session)
760{
761 struct task_struct *p;
762 do_each_pid_task(session, PIDTYPE_SID, p) {
763 proc_clear_tty(p);
764 } while_each_pid_task(session, PIDTYPE_SID, p);
765}
766
767/**
768 * disassociate_ctty - disconnect controlling tty
769 * @on_exit: true if exiting so need to "hang up" the session
770 *
771 * This function is typically called only by the session leader, when
772 * it wants to disassociate itself from its controlling tty.
773 *
774 * It performs the following functions:
775 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
776 * (2) Clears the tty from being controlling the session
777 * (3) Clears the controlling tty for all processes in the
778 * session group.
779 *
780 * The argument on_exit is set to 1 if called when a process is
781 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
782 *
783 * Locking:
784 * BTM is taken for hysterical raisins, and held when
785 * called from no_tty().
786 * tty_mutex is taken to protect tty
787 * ->siglock is taken to protect ->signal/->sighand
788 * tasklist_lock is taken to walk process list for sessions
789 * ->siglock is taken to protect ->signal/->sighand
790 */
791
792void disassociate_ctty(int on_exit)
793{
794 struct tty_struct *tty;
795
796 if (!current->signal->leader)
797 return;
798
799 tty = get_current_tty();
800 if (tty) {
801 struct pid *tty_pgrp = get_pid(tty->pgrp);
802 if (on_exit) {
803 if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
804 tty_vhangup(tty);
805 }
806 tty_kref_put(tty);
807 if (tty_pgrp) {
808 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
809 if (!on_exit)
810 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
811 put_pid(tty_pgrp);
812 }
813 } else if (on_exit) {
814 struct pid *old_pgrp;
815 spin_lock_irq(&current->sighand->siglock);
816 old_pgrp = current->signal->tty_old_pgrp;
817 current->signal->tty_old_pgrp = NULL;
818 spin_unlock_irq(&current->sighand->siglock);
819 if (old_pgrp) {
820 kill_pgrp(old_pgrp, SIGHUP, on_exit);
821 kill_pgrp(old_pgrp, SIGCONT, on_exit);
822 put_pid(old_pgrp);
823 }
824 return;
825 }
826
827 spin_lock_irq(&current->sighand->siglock);
828 put_pid(current->signal->tty_old_pgrp);
829 current->signal->tty_old_pgrp = NULL;
830 spin_unlock_irq(&current->sighand->siglock);
831
832 tty = get_current_tty();
833 if (tty) {
834 unsigned long flags;
835 spin_lock_irqsave(&tty->ctrl_lock, flags);
836 put_pid(tty->session);
837 put_pid(tty->pgrp);
838 tty->session = NULL;
839 tty->pgrp = NULL;
840 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
841 tty_kref_put(tty);
842 } else {
843#ifdef TTY_DEBUG_HANGUP
844 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
845 " = NULL", tty);
846#endif
847 }
848
849 /* Now clear signal->tty under the lock */
850 read_lock(&tasklist_lock);
851 session_clear_tty(task_session(current));
852 read_unlock(&tasklist_lock);
853}
854
855/**
856 *
857 * no_tty - Ensure the current process does not have a controlling tty
858 */
859void no_tty(void)
860{
861 /* FIXME: Review locking here. The tty_lock never covered any race
862 between a new association and proc_clear_tty but possible we need
863 to protect against this anyway */
864 struct task_struct *tsk = current;
865 disassociate_ctty(0);
866 proc_clear_tty(tsk);
867}
868
869
870/**
871 * stop_tty - propagate flow control
872 * @tty: tty to stop
873 *
874 * Perform flow control to the driver. For PTY/TTY pairs we
875 * must also propagate the TIOCKPKT status. May be called
876 * on an already stopped device and will not re-call the driver
877 * method.
878 *
879 * This functionality is used by both the line disciplines for
880 * halting incoming flow and by the driver. It may therefore be
881 * called from any context, may be under the tty atomic_write_lock
882 * but not always.
883 *
884 * Locking:
885 * Uses the tty control lock internally
886 */
887
888void stop_tty(struct tty_struct *tty)
889{
890 unsigned long flags;
891 spin_lock_irqsave(&tty->ctrl_lock, flags);
892 if (tty->stopped) {
893 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
894 return;
895 }
896 tty->stopped = 1;
897 if (tty->link && tty->link->packet) {
898 tty->ctrl_status &= ~TIOCPKT_START;
899 tty->ctrl_status |= TIOCPKT_STOP;
900 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
901 }
902 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
903 if (tty->ops->stop)
904 (tty->ops->stop)(tty);
905}
906
907EXPORT_SYMBOL(stop_tty);
908
909/**
910 * start_tty - propagate flow control
911 * @tty: tty to start
912 *
913 * Start a tty that has been stopped if at all possible. Perform
914 * any necessary wakeups and propagate the TIOCPKT status. If this
915 * is the tty was previous stopped and is being started then the
916 * driver start method is invoked and the line discipline woken.
917 *
918 * Locking:
919 * ctrl_lock
920 */
921
922void start_tty(struct tty_struct *tty)
923{
924 unsigned long flags;
925 spin_lock_irqsave(&tty->ctrl_lock, flags);
926 if (!tty->stopped || tty->flow_stopped) {
927 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
928 return;
929 }
930 tty->stopped = 0;
931 if (tty->link && tty->link->packet) {
932 tty->ctrl_status &= ~TIOCPKT_STOP;
933 tty->ctrl_status |= TIOCPKT_START;
934 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
935 }
936 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
937 if (tty->ops->start)
938 (tty->ops->start)(tty);
939 /* If we have a running line discipline it may need kicking */
940 tty_wakeup(tty);
941}
942
943EXPORT_SYMBOL(start_tty);
944
945/**
946 * tty_read - read method for tty device files
947 * @file: pointer to tty file
948 * @buf: user buffer
949 * @count: size of user buffer
950 * @ppos: unused
951 *
952 * Perform the read system call function on this terminal device. Checks
953 * for hung up devices before calling the line discipline method.
954 *
955 * Locking:
956 * Locks the line discipline internally while needed. Multiple
957 * read calls may be outstanding in parallel.
958 */
959
960static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
961 loff_t *ppos)
962{
963 int i;
964 struct inode *inode = file->f_path.dentry->d_inode;
965 struct tty_struct *tty = file_tty(file);
966 struct tty_ldisc *ld;
967
968 if (tty_paranoia_check(tty, inode, "tty_read"))
969 return -EIO;
970 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
971 return -EIO;
972
973 /* We want to wait for the line discipline to sort out in this
974 situation */
975 ld = tty_ldisc_ref_wait(tty);
976 if (ld->ops->read)
977 i = (ld->ops->read)(tty, file, buf, count);
978 else
979 i = -EIO;
980 tty_ldisc_deref(ld);
981 if (i > 0)
982 inode->i_atime = current_fs_time(inode->i_sb);
983 return i;
984}
985
986void tty_write_unlock(struct tty_struct *tty)
987 __releases(&tty->atomic_write_lock)
988{
989 mutex_unlock(&tty->atomic_write_lock);
990 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
991}
992
993int tty_write_lock(struct tty_struct *tty, int ndelay)
994 __acquires(&tty->atomic_write_lock)
995{
996 if (!mutex_trylock(&tty->atomic_write_lock)) {
997 if (ndelay)
998 return -EAGAIN;
999 if (mutex_lock_interruptible(&tty->atomic_write_lock))
1000 return -ERESTARTSYS;
1001 }
1002 return 0;
1003}
1004
1005/*
1006 * Split writes up in sane blocksizes to avoid
1007 * denial-of-service type attacks
1008 */
1009static inline ssize_t do_tty_write(
1010 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1011 struct tty_struct *tty,
1012 struct file *file,
1013 const char __user *buf,
1014 size_t count)
1015{
1016 ssize_t ret, written = 0;
1017 unsigned int chunk;
1018
1019 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1020 if (ret < 0)
1021 return ret;
1022
1023 /*
1024 * We chunk up writes into a temporary buffer. This
1025 * simplifies low-level drivers immensely, since they
1026 * don't have locking issues and user mode accesses.
1027 *
1028 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1029 * big chunk-size..
1030 *
1031 * The default chunk-size is 2kB, because the NTTY
1032 * layer has problems with bigger chunks. It will
1033 * claim to be able to handle more characters than
1034 * it actually does.
1035 *
1036 * FIXME: This can probably go away now except that 64K chunks
1037 * are too likely to fail unless switched to vmalloc...
1038 */
1039 chunk = 2048;
1040 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1041 chunk = 65536;
1042 if (count < chunk)
1043 chunk = count;
1044
1045 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1046 if (tty->write_cnt < chunk) {
1047 unsigned char *buf_chunk;
1048
1049 if (chunk < 1024)
1050 chunk = 1024;
1051
1052 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1053 if (!buf_chunk) {
1054 ret = -ENOMEM;
1055 goto out;
1056 }
1057 kfree(tty->write_buf);
1058 tty->write_cnt = chunk;
1059 tty->write_buf = buf_chunk;
1060 }
1061
1062 /* Do the write .. */
1063 for (;;) {
1064 size_t size = count;
1065 if (size > chunk)
1066 size = chunk;
1067 ret = -EFAULT;
1068 if (copy_from_user(tty->write_buf, buf, size))
1069 break;
1070 ret = write(tty, file, tty->write_buf, size);
1071 if (ret <= 0)
1072 break;
1073 written += ret;
1074 buf += ret;
1075 count -= ret;
1076 if (!count)
1077 break;
1078 ret = -ERESTARTSYS;
1079 if (signal_pending(current))
1080 break;
1081 cond_resched();
1082 }
1083 if (written) {
1084 struct inode *inode = file->f_path.dentry->d_inode;
1085 inode->i_mtime = current_fs_time(inode->i_sb);
1086 ret = written;
1087 }
1088out:
1089 tty_write_unlock(tty);
1090 return ret;
1091}
1092
1093/**
1094 * tty_write_message - write a message to a certain tty, not just the console.
1095 * @tty: the destination tty_struct
1096 * @msg: the message to write
1097 *
1098 * This is used for messages that need to be redirected to a specific tty.
1099 * We don't put it into the syslog queue right now maybe in the future if
1100 * really needed.
1101 *
1102 * We must still hold the BTM and test the CLOSING flag for the moment.
1103 */
1104
1105void tty_write_message(struct tty_struct *tty, char *msg)
1106{
1107 if (tty) {
1108 mutex_lock(&tty->atomic_write_lock);
1109 tty_lock(tty);
1110 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
1111 tty_unlock(tty);
1112 tty->ops->write(tty, msg, strlen(msg));
1113 } else
1114 tty_unlock(tty);
1115 tty_write_unlock(tty);
1116 }
1117 return;
1118}
1119
1120
1121/**
1122 * tty_write - write method for tty device file
1123 * @file: tty file pointer
1124 * @buf: user data to write
1125 * @count: bytes to write
1126 * @ppos: unused
1127 *
1128 * Write data to a tty device via the line discipline.
1129 *
1130 * Locking:
1131 * Locks the line discipline as required
1132 * Writes to the tty driver are serialized by the atomic_write_lock
1133 * and are then processed in chunks to the device. The line discipline
1134 * write method will not be invoked in parallel for each device.
1135 */
1136
1137static ssize_t tty_write(struct file *file, const char __user *buf,
1138 size_t count, loff_t *ppos)
1139{
1140 struct inode *inode = file->f_path.dentry->d_inode;
1141 struct tty_struct *tty = file_tty(file);
1142 struct tty_ldisc *ld;
1143 ssize_t ret;
1144
1145 if (tty_paranoia_check(tty, inode, "tty_write"))
1146 return -EIO;
1147 if (!tty || !tty->ops->write ||
1148 (test_bit(TTY_IO_ERROR, &tty->flags)))
1149 return -EIO;
1150 /* Short term debug to catch buggy drivers */
1151 if (tty->ops->write_room == NULL)
1152 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1153 tty->driver->name);
1154 ld = tty_ldisc_ref_wait(tty);
1155 if (!ld->ops->write)
1156 ret = -EIO;
1157 else
1158 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1159 tty_ldisc_deref(ld);
1160 return ret;
1161}
1162
1163ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1164 size_t count, loff_t *ppos)
1165{
1166 struct file *p = NULL;
1167
1168 spin_lock(&redirect_lock);
1169 if (redirect) {
1170 get_file(redirect);
1171 p = redirect;
1172 }
1173 spin_unlock(&redirect_lock);
1174
1175 if (p) {
1176 ssize_t res;
1177 res = vfs_write(p, buf, count, &p->f_pos);
1178 fput(p);
1179 return res;
1180 }
1181 return tty_write(file, buf, count, ppos);
1182}
1183
1184static char ptychar[] = "pqrstuvwxyzabcde";
1185
1186/**
1187 * pty_line_name - generate name for a pty
1188 * @driver: the tty driver in use
1189 * @index: the minor number
1190 * @p: output buffer of at least 6 bytes
1191 *
1192 * Generate a name from a driver reference and write it to the output
1193 * buffer.
1194 *
1195 * Locking: None
1196 */
1197static void pty_line_name(struct tty_driver *driver, int index, char *p)
1198{
1199 int i = index + driver->name_base;
1200 /* ->name is initialized to "ttyp", but "tty" is expected */
1201 sprintf(p, "%s%c%x",
1202 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1203 ptychar[i >> 4 & 0xf], i & 0xf);
1204}
1205
1206/**
1207 * tty_line_name - generate name for a tty
1208 * @driver: the tty driver in use
1209 * @index: the minor number
1210 * @p: output buffer of at least 7 bytes
1211 *
1212 * Generate a name from a driver reference and write it to the output
1213 * buffer.
1214 *
1215 * Locking: None
1216 */
1217static void tty_line_name(struct tty_driver *driver, int index, char *p)
1218{
1219 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
1220 strcpy(p, driver->name);
1221 else
1222 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1223}
1224
1225/**
1226 * tty_driver_lookup_tty() - find an existing tty, if any
1227 * @driver: the driver for the tty
1228 * @idx: the minor number
1229 *
1230 * Return the tty, if found or ERR_PTR() otherwise.
1231 *
1232 * Locking: tty_mutex must be held. If tty is found, the mutex must
1233 * be held until the 'fast-open' is also done. Will change once we
1234 * have refcounting in the driver and per driver locking
1235 */
1236static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1237 struct inode *inode, int idx)
1238{
1239 if (driver->ops->lookup)
1240 return driver->ops->lookup(driver, inode, idx);
1241
1242 return driver->ttys[idx];
1243}
1244
1245/**
1246 * tty_init_termios - helper for termios setup
1247 * @tty: the tty to set up
1248 *
1249 * Initialise the termios structures for this tty. Thus runs under
1250 * the tty_mutex currently so we can be relaxed about ordering.
1251 */
1252
1253int tty_init_termios(struct tty_struct *tty)
1254{
1255 struct ktermios *tp;
1256 int idx = tty->index;
1257
1258 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1259 tty->termios = tty->driver->init_termios;
1260 else {
1261 /* Check for lazy saved data */
1262 tp = tty->driver->termios[idx];
1263 if (tp != NULL)
1264 tty->termios = *tp;
1265 else
1266 tty->termios = tty->driver->init_termios;
1267 }
1268 /* Compatibility until drivers always set this */
1269 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1270 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
1271 return 0;
1272}
1273EXPORT_SYMBOL_GPL(tty_init_termios);
1274
1275int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1276{
1277 int ret = tty_init_termios(tty);
1278 if (ret)
1279 return ret;
1280
1281 tty_driver_kref_get(driver);
1282 tty->count++;
1283 driver->ttys[tty->index] = tty;
1284 return 0;
1285}
1286EXPORT_SYMBOL_GPL(tty_standard_install);
1287
1288/**
1289 * tty_driver_install_tty() - install a tty entry in the driver
1290 * @driver: the driver for the tty
1291 * @tty: the tty
1292 *
1293 * Install a tty object into the driver tables. The tty->index field
1294 * will be set by the time this is called. This method is responsible
1295 * for ensuring any need additional structures are allocated and
1296 * configured.
1297 *
1298 * Locking: tty_mutex for now
1299 */
1300static int tty_driver_install_tty(struct tty_driver *driver,
1301 struct tty_struct *tty)
1302{
1303 return driver->ops->install ? driver->ops->install(driver, tty) :
1304 tty_standard_install(driver, tty);
1305}
1306
1307/**
1308 * tty_driver_remove_tty() - remove a tty from the driver tables
1309 * @driver: the driver for the tty
1310 * @idx: the minor number
1311 *
1312 * Remvoe a tty object from the driver tables. The tty->index field
1313 * will be set by the time this is called.
1314 *
1315 * Locking: tty_mutex for now
1316 */
1317void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
1318{
1319 if (driver->ops->remove)
1320 driver->ops->remove(driver, tty);
1321 else
1322 driver->ttys[tty->index] = NULL;
1323}
1324
1325/*
1326 * tty_reopen() - fast re-open of an open tty
1327 * @tty - the tty to open
1328 *
1329 * Return 0 on success, -errno on error.
1330 *
1331 * Locking: tty_mutex must be held from the time the tty was found
1332 * till this open completes.
1333 */
1334static int tty_reopen(struct tty_struct *tty)
1335{
1336 struct tty_driver *driver = tty->driver;
1337
1338 if (test_bit(TTY_CLOSING, &tty->flags) ||
1339 test_bit(TTY_HUPPING, &tty->flags) ||
1340 test_bit(TTY_LDISC_CHANGING, &tty->flags))
1341 return -EIO;
1342
1343 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1344 driver->subtype == PTY_TYPE_MASTER) {
1345 /*
1346 * special case for PTY masters: only one open permitted,
1347 * and the slave side open count is incremented as well.
1348 */
1349 if (tty->count)
1350 return -EIO;
1351
1352 tty->link->count++;
1353 }
1354 tty->count++;
1355
1356 mutex_lock(&tty->ldisc_mutex);
1357 WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
1358 mutex_unlock(&tty->ldisc_mutex);
1359
1360 return 0;
1361}
1362
1363/**
1364 * tty_init_dev - initialise a tty device
1365 * @driver: tty driver we are opening a device on
1366 * @idx: device index
1367 * @ret_tty: returned tty structure
1368 *
1369 * Prepare a tty device. This may not be a "new" clean device but
1370 * could also be an active device. The pty drivers require special
1371 * handling because of this.
1372 *
1373 * Locking:
1374 * The function is called under the tty_mutex, which
1375 * protects us from the tty struct or driver itself going away.
1376 *
1377 * On exit the tty device has the line discipline attached and
1378 * a reference count of 1. If a pair was created for pty/tty use
1379 * and the other was a pty master then it too has a reference count of 1.
1380 *
1381 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1382 * failed open. The new code protects the open with a mutex, so it's
1383 * really quite straightforward. The mutex locking can probably be
1384 * relaxed for the (most common) case of reopening a tty.
1385 */
1386
1387struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1388{
1389 struct tty_struct *tty;
1390 int retval;
1391
1392 /*
1393 * First time open is complex, especially for PTY devices.
1394 * This code guarantees that either everything succeeds and the
1395 * TTY is ready for operation, or else the table slots are vacated
1396 * and the allocated memory released. (Except that the termios
1397 * and locked termios may be retained.)
1398 */
1399
1400 if (!try_module_get(driver->owner))
1401 return ERR_PTR(-ENODEV);
1402
1403 tty = alloc_tty_struct();
1404 if (!tty) {
1405 retval = -ENOMEM;
1406 goto err_module_put;
1407 }
1408 initialize_tty_struct(tty, driver, idx);
1409
1410 tty_lock(tty);
1411 retval = tty_driver_install_tty(driver, tty);
1412 if (retval < 0)
1413 goto err_deinit_tty;
1414
1415 if (!tty->port)
1416 tty->port = driver->ports[idx];
1417
1418 WARN_RATELIMIT(!tty->port,
1419 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1420 __func__, tty->driver->name);
1421
1422 /*
1423 * Structures all installed ... call the ldisc open routines.
1424 * If we fail here just call release_tty to clean up. No need
1425 * to decrement the use counts, as release_tty doesn't care.
1426 */
1427 retval = tty_ldisc_setup(tty, tty->link);
1428 if (retval)
1429 goto err_release_tty;
1430 /* Return the tty locked so that it cannot vanish under the caller */
1431 return tty;
1432
1433err_deinit_tty:
1434 tty_unlock(tty);
1435 deinitialize_tty_struct(tty);
1436 free_tty_struct(tty);
1437err_module_put:
1438 module_put(driver->owner);
1439 return ERR_PTR(retval);
1440
1441 /* call the tty release_tty routine to clean out this slot */
1442err_release_tty:
1443 tty_unlock(tty);
1444 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
1445 "clearing slot %d\n", idx);
1446 release_tty(tty, idx);
1447 return ERR_PTR(retval);
1448}
1449
1450void tty_free_termios(struct tty_struct *tty)
1451{
1452 struct ktermios *tp;
1453 int idx = tty->index;
1454
1455 /* If the port is going to reset then it has no termios to save */
1456 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1457 return;
1458
1459 /* Stash the termios data */
1460 tp = tty->driver->termios[idx];
1461 if (tp == NULL) {
1462 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1463 if (tp == NULL) {
1464 pr_warn("tty: no memory to save termios state.\n");
1465 return;
1466 }
1467 tty->driver->termios[idx] = tp;
1468 }
1469 *tp = tty->termios;
1470}
1471EXPORT_SYMBOL(tty_free_termios);
1472
1473
1474/**
1475 * release_one_tty - release tty structure memory
1476 * @kref: kref of tty we are obliterating
1477 *
1478 * Releases memory associated with a tty structure, and clears out the
1479 * driver table slots. This function is called when a device is no longer
1480 * in use. It also gets called when setup of a device fails.
1481 *
1482 * Locking:
1483 * takes the file list lock internally when working on the list
1484 * of ttys that the driver keeps.
1485 *
1486 * This method gets called from a work queue so that the driver private
1487 * cleanup ops can sleep (needed for USB at least)
1488 */
1489static void release_one_tty(struct work_struct *work)
1490{
1491 struct tty_struct *tty =
1492 container_of(work, struct tty_struct, hangup_work);
1493 struct tty_driver *driver = tty->driver;
1494
1495 if (tty->ops->cleanup)
1496 tty->ops->cleanup(tty);
1497
1498 tty->magic = 0;
1499 tty_driver_kref_put(driver);
1500 module_put(driver->owner);
1501
1502 spin_lock(&tty_files_lock);
1503 list_del_init(&tty->tty_files);
1504 spin_unlock(&tty_files_lock);
1505
1506 put_pid(tty->pgrp);
1507 put_pid(tty->session);
1508 free_tty_struct(tty);
1509}
1510
1511static void queue_release_one_tty(struct kref *kref)
1512{
1513 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1514
1515 /* The hangup queue is now free so we can reuse it rather than
1516 waste a chunk of memory for each port */
1517 INIT_WORK(&tty->hangup_work, release_one_tty);
1518 schedule_work(&tty->hangup_work);
1519}
1520
1521/**
1522 * tty_kref_put - release a tty kref
1523 * @tty: tty device
1524 *
1525 * Release a reference to a tty device and if need be let the kref
1526 * layer destruct the object for us
1527 */
1528
1529void tty_kref_put(struct tty_struct *tty)
1530{
1531 if (tty)
1532 kref_put(&tty->kref, queue_release_one_tty);
1533}
1534EXPORT_SYMBOL(tty_kref_put);
1535
1536/**
1537 * release_tty - release tty structure memory
1538 *
1539 * Release both @tty and a possible linked partner (think pty pair),
1540 * and decrement the refcount of the backing module.
1541 *
1542 * Locking:
1543 * tty_mutex
1544 * takes the file list lock internally when working on the list
1545 * of ttys that the driver keeps.
1546 *
1547 */
1548static void release_tty(struct tty_struct *tty, int idx)
1549{
1550 /* This should always be true but check for the moment */
1551 WARN_ON(tty->index != idx);
1552 WARN_ON(!mutex_is_locked(&tty_mutex));
1553 if (tty->ops->shutdown)
1554 tty->ops->shutdown(tty);
1555 tty_free_termios(tty);
1556 tty_driver_remove_tty(tty->driver, tty);
1557
1558 if (tty->link)
1559 tty_kref_put(tty->link);
1560 tty_kref_put(tty);
1561}
1562
1563/**
1564 * tty_release_checks - check a tty before real release
1565 * @tty: tty to check
1566 * @o_tty: link of @tty (if any)
1567 * @idx: index of the tty
1568 *
1569 * Performs some paranoid checking before true release of the @tty.
1570 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1571 */
1572static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1573 int idx)
1574{
1575#ifdef TTY_PARANOIA_CHECK
1576 if (idx < 0 || idx >= tty->driver->num) {
1577 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1578 __func__, tty->name);
1579 return -1;
1580 }
1581
1582 /* not much to check for devpts */
1583 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1584 return 0;
1585
1586 if (tty != tty->driver->ttys[idx]) {
1587 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1588 __func__, idx, tty->name);
1589 return -1;
1590 }
1591 if (tty->driver->other) {
1592 if (o_tty != tty->driver->other->ttys[idx]) {
1593 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1594 __func__, idx, tty->name);
1595 return -1;
1596 }
1597 if (o_tty->link != tty) {
1598 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
1599 return -1;
1600 }
1601 }
1602#endif
1603 return 0;
1604}
1605
1606/**
1607 * tty_release - vfs callback for close
1608 * @inode: inode of tty
1609 * @filp: file pointer for handle to tty
1610 *
1611 * Called the last time each file handle is closed that references
1612 * this tty. There may however be several such references.
1613 *
1614 * Locking:
1615 * Takes bkl. See tty_release_dev
1616 *
1617 * Even releasing the tty structures is a tricky business.. We have
1618 * to be very careful that the structures are all released at the
1619 * same time, as interrupts might otherwise get the wrong pointers.
1620 *
1621 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1622 * lead to double frees or releasing memory still in use.
1623 */
1624
1625int tty_release(struct inode *inode, struct file *filp)
1626{
1627 struct tty_struct *tty = file_tty(filp);
1628 struct tty_struct *o_tty;
1629 int pty_master, tty_closing, o_tty_closing, do_sleep;
1630 int devpts;
1631 int idx;
1632 char buf[64];
1633
1634 if (tty_paranoia_check(tty, inode, __func__))
1635 return 0;
1636
1637 tty_lock(tty);
1638 check_tty_count(tty, __func__);
1639
1640 __tty_fasync(-1, filp, 0);
1641
1642 idx = tty->index;
1643 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1644 tty->driver->subtype == PTY_TYPE_MASTER);
1645 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
1646 /* Review: parallel close */
1647 o_tty = tty->link;
1648
1649 if (tty_release_checks(tty, o_tty, idx)) {
1650 tty_unlock(tty);
1651 return 0;
1652 }
1653
1654#ifdef TTY_DEBUG_HANGUP
1655 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1656 tty_name(tty, buf), tty->count);
1657#endif
1658
1659 if (tty->ops->close)
1660 tty->ops->close(tty, filp);
1661
1662 tty_unlock(tty);
1663 /*
1664 * Sanity check: if tty->count is going to zero, there shouldn't be
1665 * any waiters on tty->read_wait or tty->write_wait. We test the
1666 * wait queues and kick everyone out _before_ actually starting to
1667 * close. This ensures that we won't block while releasing the tty
1668 * structure.
1669 *
1670 * The test for the o_tty closing is necessary, since the master and
1671 * slave sides may close in any order. If the slave side closes out
1672 * first, its count will be one, since the master side holds an open.
1673 * Thus this test wouldn't be triggered at the time the slave closes,
1674 * so we do it now.
1675 *
1676 * Note that it's possible for the tty to be opened again while we're
1677 * flushing out waiters. By recalculating the closing flags before
1678 * each iteration we avoid any problems.
1679 */
1680 while (1) {
1681 /* Guard against races with tty->count changes elsewhere and
1682 opens on /dev/tty */
1683
1684 mutex_lock(&tty_mutex);
1685 tty_lock_pair(tty, o_tty);
1686 tty_closing = tty->count <= 1;
1687 o_tty_closing = o_tty &&
1688 (o_tty->count <= (pty_master ? 1 : 0));
1689 do_sleep = 0;
1690
1691 if (tty_closing) {
1692 if (waitqueue_active(&tty->read_wait)) {
1693 wake_up_poll(&tty->read_wait, POLLIN);
1694 do_sleep++;
1695 }
1696 if (waitqueue_active(&tty->write_wait)) {
1697 wake_up_poll(&tty->write_wait, POLLOUT);
1698 do_sleep++;
1699 }
1700 }
1701 if (o_tty_closing) {
1702 if (waitqueue_active(&o_tty->read_wait)) {
1703 wake_up_poll(&o_tty->read_wait, POLLIN);
1704 do_sleep++;
1705 }
1706 if (waitqueue_active(&o_tty->write_wait)) {
1707 wake_up_poll(&o_tty->write_wait, POLLOUT);
1708 do_sleep++;
1709 }
1710 }
1711 if (!do_sleep)
1712 break;
1713
1714 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1715 __func__, tty_name(tty, buf));
1716 tty_unlock_pair(tty, o_tty);
1717 mutex_unlock(&tty_mutex);
1718 schedule();
1719 }
1720
1721 /*
1722 * The closing flags are now consistent with the open counts on
1723 * both sides, and we've completed the last operation that could
1724 * block, so it's safe to proceed with closing.
1725 *
1726 * We must *not* drop the tty_mutex until we ensure that a further
1727 * entry into tty_open can not pick up this tty.
1728 */
1729 if (pty_master) {
1730 if (--o_tty->count < 0) {
1731 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1732 __func__, o_tty->count, tty_name(o_tty, buf));
1733 o_tty->count = 0;
1734 }
1735 }
1736 if (--tty->count < 0) {
1737 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1738 __func__, tty->count, tty_name(tty, buf));
1739 tty->count = 0;
1740 }
1741
1742 /*
1743 * We've decremented tty->count, so we need to remove this file
1744 * descriptor off the tty->tty_files list; this serves two
1745 * purposes:
1746 * - check_tty_count sees the correct number of file descriptors
1747 * associated with this tty.
1748 * - do_tty_hangup no longer sees this file descriptor as
1749 * something that needs to be handled for hangups.
1750 */
1751 tty_del_file(filp);
1752
1753 /*
1754 * Perform some housekeeping before deciding whether to return.
1755 *
1756 * Set the TTY_CLOSING flag if this was the last open. In the
1757 * case of a pty we may have to wait around for the other side
1758 * to close, and TTY_CLOSING makes sure we can't be reopened.
1759 */
1760 if (tty_closing)
1761 set_bit(TTY_CLOSING, &tty->flags);
1762 if (o_tty_closing)
1763 set_bit(TTY_CLOSING, &o_tty->flags);
1764
1765 /*
1766 * If _either_ side is closing, make sure there aren't any
1767 * processes that still think tty or o_tty is their controlling
1768 * tty.
1769 */
1770 if (tty_closing || o_tty_closing) {
1771 read_lock(&tasklist_lock);
1772 session_clear_tty(tty->session);
1773 if (o_tty)
1774 session_clear_tty(o_tty->session);
1775 read_unlock(&tasklist_lock);
1776 }
1777
1778 mutex_unlock(&tty_mutex);
1779 tty_unlock_pair(tty, o_tty);
1780 /* At this point the TTY_CLOSING flag should ensure a dead tty
1781 cannot be re-opened by a racing opener */
1782
1783 /* check whether both sides are closing ... */
1784 if (!tty_closing || (o_tty && !o_tty_closing))
1785 return 0;
1786
1787#ifdef TTY_DEBUG_HANGUP
1788 printk(KERN_DEBUG "%s: freeing tty structure...\n", __func__);
1789#endif
1790 /*
1791 * Ask the line discipline code to release its structures
1792 */
1793 tty_ldisc_release(tty, o_tty);
1794 /*
1795 * The release_tty function takes care of the details of clearing
1796 * the slots and preserving the termios structure. The tty_unlock_pair
1797 * should be safe as we keep a kref while the tty is locked (so the
1798 * unlock never unlocks a freed tty).
1799 */
1800 mutex_lock(&tty_mutex);
1801 release_tty(tty, idx);
1802 mutex_unlock(&tty_mutex);
1803
1804 /* Make this pty number available for reallocation */
1805 if (devpts)
1806 devpts_kill_index(inode, idx);
1807 return 0;
1808}
1809
1810/**
1811 * tty_open_current_tty - get tty of current task for open
1812 * @device: device number
1813 * @filp: file pointer to tty
1814 * @return: tty of the current task iff @device is /dev/tty
1815 *
1816 * We cannot return driver and index like for the other nodes because
1817 * devpts will not work then. It expects inodes to be from devpts FS.
1818 *
1819 * We need to move to returning a refcounted object from all the lookup
1820 * paths including this one.
1821 */
1822static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1823{
1824 struct tty_struct *tty;
1825
1826 if (device != MKDEV(TTYAUX_MAJOR, 0))
1827 return NULL;
1828
1829 tty = get_current_tty();
1830 if (!tty)
1831 return ERR_PTR(-ENXIO);
1832
1833 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1834 /* noctty = 1; */
1835 tty_kref_put(tty);
1836 /* FIXME: we put a reference and return a TTY! */
1837 /* This is only safe because the caller holds tty_mutex */
1838 return tty;
1839}
1840
1841/**
1842 * tty_lookup_driver - lookup a tty driver for a given device file
1843 * @device: device number
1844 * @filp: file pointer to tty
1845 * @noctty: set if the device should not become a controlling tty
1846 * @index: index for the device in the @return driver
1847 * @return: driver for this inode (with increased refcount)
1848 *
1849 * If @return is not erroneous, the caller is responsible to decrement the
1850 * refcount by tty_driver_kref_put.
1851 *
1852 * Locking: tty_mutex protects get_tty_driver
1853 */
1854static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1855 int *noctty, int *index)
1856{
1857 struct tty_driver *driver;
1858
1859 switch (device) {
1860#ifdef CONFIG_VT
1861 case MKDEV(TTY_MAJOR, 0): {
1862 extern struct tty_driver *console_driver;
1863 driver = tty_driver_kref_get(console_driver);
1864 *index = fg_console;
1865 *noctty = 1;
1866 break;
1867 }
1868#endif
1869 case MKDEV(TTYAUX_MAJOR, 1): {
1870 struct tty_driver *console_driver = console_device(index);
1871 if (console_driver) {
1872 driver = tty_driver_kref_get(console_driver);
1873 if (driver) {
1874 /* Don't let /dev/console block */
1875 filp->f_flags |= O_NONBLOCK;
1876 *noctty = 1;
1877 break;
1878 }
1879 }
1880 return ERR_PTR(-ENODEV);
1881 }
1882 default:
1883 driver = get_tty_driver(device, index);
1884 if (!driver)
1885 return ERR_PTR(-ENODEV);
1886 break;
1887 }
1888 return driver;
1889}
1890
1891/**
1892 * tty_open - open a tty device
1893 * @inode: inode of device file
1894 * @filp: file pointer to tty
1895 *
1896 * tty_open and tty_release keep up the tty count that contains the
1897 * number of opens done on a tty. We cannot use the inode-count, as
1898 * different inodes might point to the same tty.
1899 *
1900 * Open-counting is needed for pty masters, as well as for keeping
1901 * track of serial lines: DTR is dropped when the last close happens.
1902 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1903 *
1904 * The termios state of a pty is reset on first open so that
1905 * settings don't persist across reuse.
1906 *
1907 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
1908 * tty->count should protect the rest.
1909 * ->siglock protects ->signal/->sighand
1910 *
1911 * Note: the tty_unlock/lock cases without a ref are only safe due to
1912 * tty_mutex
1913 */
1914
1915static int tty_open(struct inode *inode, struct file *filp)
1916{
1917 struct tty_struct *tty;
1918 int noctty, retval;
1919 struct tty_driver *driver = NULL;
1920 int index;
1921 dev_t device = inode->i_rdev;
1922 unsigned saved_flags = filp->f_flags;
1923
1924 nonseekable_open(inode, filp);
1925
1926retry_open:
1927 retval = tty_alloc_file(filp);
1928 if (retval)
1929 return -ENOMEM;
1930
1931 noctty = filp->f_flags & O_NOCTTY;
1932 index = -1;
1933 retval = 0;
1934
1935 mutex_lock(&tty_mutex);
1936 /* This is protected by the tty_mutex */
1937 tty = tty_open_current_tty(device, filp);
1938 if (IS_ERR(tty)) {
1939 retval = PTR_ERR(tty);
1940 goto err_unlock;
1941 } else if (!tty) {
1942 driver = tty_lookup_driver(device, filp, &noctty, &index);
1943 if (IS_ERR(driver)) {
1944 retval = PTR_ERR(driver);
1945 goto err_unlock;
1946 }
1947
1948 /* check whether we're reopening an existing tty */
1949 tty = tty_driver_lookup_tty(driver, inode, index);
1950 if (IS_ERR(tty)) {
1951 retval = PTR_ERR(tty);
1952 goto err_unlock;
1953 }
1954 }
1955
1956 if (tty) {
1957 tty_lock(tty);
1958 retval = tty_reopen(tty);
1959 if (retval < 0) {
1960 tty_unlock(tty);
1961 tty = ERR_PTR(retval);
1962 }
1963 } else /* Returns with the tty_lock held for now */
1964 tty = tty_init_dev(driver, index);
1965
1966 mutex_unlock(&tty_mutex);
1967 if (driver)
1968 tty_driver_kref_put(driver);
1969 if (IS_ERR(tty)) {
1970 retval = PTR_ERR(tty);
1971 goto err_file;
1972 }
1973
1974 tty_add_file(tty, filp);
1975
1976 check_tty_count(tty, __func__);
1977 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1978 tty->driver->subtype == PTY_TYPE_MASTER)
1979 noctty = 1;
1980#ifdef TTY_DEBUG_HANGUP
1981 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
1982#endif
1983 if (tty->ops->open)
1984 retval = tty->ops->open(tty, filp);
1985 else
1986 retval = -ENODEV;
1987 filp->f_flags = saved_flags;
1988
1989 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
1990 !capable(CAP_SYS_ADMIN))
1991 retval = -EBUSY;
1992
1993 if (retval) {
1994#ifdef TTY_DEBUG_HANGUP
1995 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
1996 retval, tty->name);
1997#endif
1998 tty_unlock(tty); /* need to call tty_release without BTM */
1999 tty_release(inode, filp);
2000 if (retval != -ERESTARTSYS)
2001 return retval;
2002
2003 if (signal_pending(current))
2004 return retval;
2005
2006 schedule();
2007 /*
2008 * Need to reset f_op in case a hangup happened.
2009 */
2010 if (filp->f_op == &hung_up_tty_fops)
2011 filp->f_op = &tty_fops;
2012 goto retry_open;
2013 }
2014 tty_unlock(tty);
2015
2016
2017 mutex_lock(&tty_mutex);
2018 tty_lock(tty);
2019 spin_lock_irq(&current->sighand->siglock);
2020 if (!noctty &&
2021 current->signal->leader &&
2022 !current->signal->tty &&
2023 tty->session == NULL)
2024 __proc_set_tty(current, tty);
2025 spin_unlock_irq(&current->sighand->siglock);
2026 tty_unlock(tty);
2027 mutex_unlock(&tty_mutex);
2028 return 0;
2029err_unlock:
2030 mutex_unlock(&tty_mutex);
2031 /* after locks to avoid deadlock */
2032 if (!IS_ERR_OR_NULL(driver))
2033 tty_driver_kref_put(driver);
2034err_file:
2035 tty_free_file(filp);
2036 return retval;
2037}
2038
2039
2040
2041/**
2042 * tty_poll - check tty status
2043 * @filp: file being polled
2044 * @wait: poll wait structures to update
2045 *
2046 * Call the line discipline polling method to obtain the poll
2047 * status of the device.
2048 *
2049 * Locking: locks called line discipline but ldisc poll method
2050 * may be re-entered freely by other callers.
2051 */
2052
2053static unsigned int tty_poll(struct file *filp, poll_table *wait)
2054{
2055 struct tty_struct *tty = file_tty(filp);
2056 struct tty_ldisc *ld;
2057 int ret = 0;
2058
2059 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
2060 return 0;
2061
2062 ld = tty_ldisc_ref_wait(tty);
2063 if (ld->ops->poll)
2064 ret = (ld->ops->poll)(tty, filp, wait);
2065 tty_ldisc_deref(ld);
2066 return ret;
2067}
2068
2069static int __tty_fasync(int fd, struct file *filp, int on)
2070{
2071 struct tty_struct *tty = file_tty(filp);
2072 unsigned long flags;
2073 int retval = 0;
2074
2075 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
2076 goto out;
2077
2078 retval = fasync_helper(fd, filp, on, &tty->fasync);
2079 if (retval <= 0)
2080 goto out;
2081
2082 if (on) {
2083 enum pid_type type;
2084 struct pid *pid;
2085 if (!waitqueue_active(&tty->read_wait))
2086 tty->minimum_to_wake = 1;
2087 spin_lock_irqsave(&tty->ctrl_lock, flags);
2088 if (tty->pgrp) {
2089 pid = tty->pgrp;
2090 type = PIDTYPE_PGID;
2091 } else {
2092 pid = task_pid(current);
2093 type = PIDTYPE_PID;
2094 }
2095 get_pid(pid);
2096 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2097 retval = __f_setown(filp, pid, type, 0);
2098 put_pid(pid);
2099 if (retval)
2100 goto out;
2101 } else {
2102 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2103 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2104 }
2105 retval = 0;
2106out:
2107 return retval;
2108}
2109
2110static int tty_fasync(int fd, struct file *filp, int on)
2111{
2112 struct tty_struct *tty = file_tty(filp);
2113 int retval;
2114
2115 tty_lock(tty);
2116 retval = __tty_fasync(fd, filp, on);
2117 tty_unlock(tty);
2118
2119 return retval;
2120}
2121
2122/**
2123 * tiocsti - fake input character
2124 * @tty: tty to fake input into
2125 * @p: pointer to character
2126 *
2127 * Fake input to a tty device. Does the necessary locking and
2128 * input management.
2129 *
2130 * FIXME: does not honour flow control ??
2131 *
2132 * Locking:
2133 * Called functions take tty_ldisc_lock
2134 * current->signal->tty check is safe without locks
2135 *
2136 * FIXME: may race normal receive processing
2137 */
2138
2139static int tiocsti(struct tty_struct *tty, char __user *p)
2140{
2141 char ch, mbz = 0;
2142 struct tty_ldisc *ld;
2143
2144 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2145 return -EPERM;
2146 if (get_user(ch, p))
2147 return -EFAULT;
2148 tty_audit_tiocsti(tty, ch);
2149 ld = tty_ldisc_ref_wait(tty);
2150 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2151 tty_ldisc_deref(ld);
2152 return 0;
2153}
2154
2155/**
2156 * tiocgwinsz - implement window query ioctl
2157 * @tty; tty
2158 * @arg: user buffer for result
2159 *
2160 * Copies the kernel idea of the window size into the user buffer.
2161 *
2162 * Locking: tty->termios_mutex is taken to ensure the winsize data
2163 * is consistent.
2164 */
2165
2166static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2167{
2168 int err;
2169
2170 mutex_lock(&tty->termios_mutex);
2171 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2172 mutex_unlock(&tty->termios_mutex);
2173
2174 return err ? -EFAULT: 0;
2175}
2176
2177/**
2178 * tty_do_resize - resize event
2179 * @tty: tty being resized
2180 * @rows: rows (character)
2181 * @cols: cols (character)
2182 *
2183 * Update the termios variables and send the necessary signals to
2184 * peform a terminal resize correctly
2185 */
2186
2187int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2188{
2189 struct pid *pgrp;
2190 unsigned long flags;
2191
2192 /* Lock the tty */
2193 mutex_lock(&tty->termios_mutex);
2194 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2195 goto done;
2196 /* Get the PID values and reference them so we can
2197 avoid holding the tty ctrl lock while sending signals */
2198 spin_lock_irqsave(&tty->ctrl_lock, flags);
2199 pgrp = get_pid(tty->pgrp);
2200 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2201
2202 if (pgrp)
2203 kill_pgrp(pgrp, SIGWINCH, 1);
2204 put_pid(pgrp);
2205
2206 tty->winsize = *ws;
2207done:
2208 mutex_unlock(&tty->termios_mutex);
2209 return 0;
2210}
2211
2212/**
2213 * tiocswinsz - implement window size set ioctl
2214 * @tty; tty side of tty
2215 * @arg: user buffer for result
2216 *
2217 * Copies the user idea of the window size to the kernel. Traditionally
2218 * this is just advisory information but for the Linux console it
2219 * actually has driver level meaning and triggers a VC resize.
2220 *
2221 * Locking:
2222 * Driver dependent. The default do_resize method takes the
2223 * tty termios mutex and ctrl_lock. The console takes its own lock
2224 * then calls into the default method.
2225 */
2226
2227static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2228{
2229 struct winsize tmp_ws;
2230 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2231 return -EFAULT;
2232
2233 if (tty->ops->resize)
2234 return tty->ops->resize(tty, &tmp_ws);
2235 else
2236 return tty_do_resize(tty, &tmp_ws);
2237}
2238
2239/**
2240 * tioccons - allow admin to move logical console
2241 * @file: the file to become console
2242 *
2243 * Allow the administrator to move the redirected console device
2244 *
2245 * Locking: uses redirect_lock to guard the redirect information
2246 */
2247
2248static int tioccons(struct file *file)
2249{
2250 if (!capable(CAP_SYS_ADMIN))
2251 return -EPERM;
2252 if (file->f_op->write == redirected_tty_write) {
2253 struct file *f;
2254 spin_lock(&redirect_lock);
2255 f = redirect;
2256 redirect = NULL;
2257 spin_unlock(&redirect_lock);
2258 if (f)
2259 fput(f);
2260 return 0;
2261 }
2262 spin_lock(&redirect_lock);
2263 if (redirect) {
2264 spin_unlock(&redirect_lock);
2265 return -EBUSY;
2266 }
2267 get_file(file);
2268 redirect = file;
2269 spin_unlock(&redirect_lock);
2270 return 0;
2271}
2272
2273/**
2274 * fionbio - non blocking ioctl
2275 * @file: file to set blocking value
2276 * @p: user parameter
2277 *
2278 * Historical tty interfaces had a blocking control ioctl before
2279 * the generic functionality existed. This piece of history is preserved
2280 * in the expected tty API of posix OS's.
2281 *
2282 * Locking: none, the open file handle ensures it won't go away.
2283 */
2284
2285static int fionbio(struct file *file, int __user *p)
2286{
2287 int nonblock;
2288
2289 if (get_user(nonblock, p))
2290 return -EFAULT;
2291
2292 spin_lock(&file->f_lock);
2293 if (nonblock)
2294 file->f_flags |= O_NONBLOCK;
2295 else
2296 file->f_flags &= ~O_NONBLOCK;
2297 spin_unlock(&file->f_lock);
2298 return 0;
2299}
2300
2301/**
2302 * tiocsctty - set controlling tty
2303 * @tty: tty structure
2304 * @arg: user argument
2305 *
2306 * This ioctl is used to manage job control. It permits a session
2307 * leader to set this tty as the controlling tty for the session.
2308 *
2309 * Locking:
2310 * Takes tty_mutex() to protect tty instance
2311 * Takes tasklist_lock internally to walk sessions
2312 * Takes ->siglock() when updating signal->tty
2313 */
2314
2315static int tiocsctty(struct tty_struct *tty, int arg)
2316{
2317 int ret = 0;
2318 if (current->signal->leader && (task_session(current) == tty->session))
2319 return ret;
2320
2321 mutex_lock(&tty_mutex);
2322 /*
2323 * The process must be a session leader and
2324 * not have a controlling tty already.
2325 */
2326 if (!current->signal->leader || current->signal->tty) {
2327 ret = -EPERM;
2328 goto unlock;
2329 }
2330
2331 if (tty->session) {
2332 /*
2333 * This tty is already the controlling
2334 * tty for another session group!
2335 */
2336 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
2337 /*
2338 * Steal it away
2339 */
2340 read_lock(&tasklist_lock);
2341 session_clear_tty(tty->session);
2342 read_unlock(&tasklist_lock);
2343 } else {
2344 ret = -EPERM;
2345 goto unlock;
2346 }
2347 }
2348 proc_set_tty(current, tty);
2349unlock:
2350 mutex_unlock(&tty_mutex);
2351 return ret;
2352}
2353
2354/**
2355 * tty_get_pgrp - return a ref counted pgrp pid
2356 * @tty: tty to read
2357 *
2358 * Returns a refcounted instance of the pid struct for the process
2359 * group controlling the tty.
2360 */
2361
2362struct pid *tty_get_pgrp(struct tty_struct *tty)
2363{
2364 unsigned long flags;
2365 struct pid *pgrp;
2366
2367 spin_lock_irqsave(&tty->ctrl_lock, flags);
2368 pgrp = get_pid(tty->pgrp);
2369 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2370
2371 return pgrp;
2372}
2373EXPORT_SYMBOL_GPL(tty_get_pgrp);
2374
2375/**
2376 * tiocgpgrp - get process group
2377 * @tty: tty passed by user
2378 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2379 * @p: returned pid
2380 *
2381 * Obtain the process group of the tty. If there is no process group
2382 * return an error.
2383 *
2384 * Locking: none. Reference to current->signal->tty is safe.
2385 */
2386
2387static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2388{
2389 struct pid *pid;
2390 int ret;
2391 /*
2392 * (tty == real_tty) is a cheap way of
2393 * testing if the tty is NOT a master pty.
2394 */
2395 if (tty == real_tty && current->signal->tty != real_tty)
2396 return -ENOTTY;
2397 pid = tty_get_pgrp(real_tty);
2398 ret = put_user(pid_vnr(pid), p);
2399 put_pid(pid);
2400 return ret;
2401}
2402
2403/**
2404 * tiocspgrp - attempt to set process group
2405 * @tty: tty passed by user
2406 * @real_tty: tty side device matching tty passed by user
2407 * @p: pid pointer
2408 *
2409 * Set the process group of the tty to the session passed. Only
2410 * permitted where the tty session is our session.
2411 *
2412 * Locking: RCU, ctrl lock
2413 */
2414
2415static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2416{
2417 struct pid *pgrp;
2418 pid_t pgrp_nr;
2419 int retval = tty_check_change(real_tty);
2420 unsigned long flags;
2421
2422 if (retval == -EIO)
2423 return -ENOTTY;
2424 if (retval)
2425 return retval;
2426 if (!current->signal->tty ||
2427 (current->signal->tty != real_tty) ||
2428 (real_tty->session != task_session(current)))
2429 return -ENOTTY;
2430 if (get_user(pgrp_nr, p))
2431 return -EFAULT;
2432 if (pgrp_nr < 0)
2433 return -EINVAL;
2434 rcu_read_lock();
2435 pgrp = find_vpid(pgrp_nr);
2436 retval = -ESRCH;
2437 if (!pgrp)
2438 goto out_unlock;
2439 retval = -EPERM;
2440 if (session_of_pgrp(pgrp) != task_session(current))
2441 goto out_unlock;
2442 retval = 0;
2443 spin_lock_irqsave(&tty->ctrl_lock, flags);
2444 put_pid(real_tty->pgrp);
2445 real_tty->pgrp = get_pid(pgrp);
2446 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2447out_unlock:
2448 rcu_read_unlock();
2449 return retval;
2450}
2451
2452/**
2453 * tiocgsid - get session id
2454 * @tty: tty passed by user
2455 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2456 * @p: pointer to returned session id
2457 *
2458 * Obtain the session id of the tty. If there is no session
2459 * return an error.
2460 *
2461 * Locking: none. Reference to current->signal->tty is safe.
2462 */
2463
2464static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2465{
2466 /*
2467 * (tty == real_tty) is a cheap way of
2468 * testing if the tty is NOT a master pty.
2469 */
2470 if (tty == real_tty && current->signal->tty != real_tty)
2471 return -ENOTTY;
2472 if (!real_tty->session)
2473 return -ENOTTY;
2474 return put_user(pid_vnr(real_tty->session), p);
2475}
2476
2477/**
2478 * tiocsetd - set line discipline
2479 * @tty: tty device
2480 * @p: pointer to user data
2481 *
2482 * Set the line discipline according to user request.
2483 *
2484 * Locking: see tty_set_ldisc, this function is just a helper
2485 */
2486
2487static int tiocsetd(struct tty_struct *tty, int __user *p)
2488{
2489 int ldisc;
2490 int ret;
2491
2492 if (get_user(ldisc, p))
2493 return -EFAULT;
2494
2495 ret = tty_set_ldisc(tty, ldisc);
2496
2497 return ret;
2498}
2499
2500/**
2501 * send_break - performed time break
2502 * @tty: device to break on
2503 * @duration: timeout in mS
2504 *
2505 * Perform a timed break on hardware that lacks its own driver level
2506 * timed break functionality.
2507 *
2508 * Locking:
2509 * atomic_write_lock serializes
2510 *
2511 */
2512
2513static int send_break(struct tty_struct *tty, unsigned int duration)
2514{
2515 int retval;
2516
2517 if (tty->ops->break_ctl == NULL)
2518 return 0;
2519
2520 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2521 retval = tty->ops->break_ctl(tty, duration);
2522 else {
2523 /* Do the work ourselves */
2524 if (tty_write_lock(tty, 0) < 0)
2525 return -EINTR;
2526 retval = tty->ops->break_ctl(tty, -1);
2527 if (retval)
2528 goto out;
2529 if (!signal_pending(current))
2530 msleep_interruptible(duration);
2531 retval = tty->ops->break_ctl(tty, 0);
2532out:
2533 tty_write_unlock(tty);
2534 if (signal_pending(current))
2535 retval = -EINTR;
2536 }
2537 return retval;
2538}
2539
2540/**
2541 * tty_tiocmget - get modem status
2542 * @tty: tty device
2543 * @file: user file pointer
2544 * @p: pointer to result
2545 *
2546 * Obtain the modem status bits from the tty driver if the feature
2547 * is supported. Return -EINVAL if it is not available.
2548 *
2549 * Locking: none (up to the driver)
2550 */
2551
2552static int tty_tiocmget(struct tty_struct *tty, int __user *p)
2553{
2554 int retval = -EINVAL;
2555
2556 if (tty->ops->tiocmget) {
2557 retval = tty->ops->tiocmget(tty);
2558
2559 if (retval >= 0)
2560 retval = put_user(retval, p);
2561 }
2562 return retval;
2563}
2564
2565/**
2566 * tty_tiocmset - set modem status
2567 * @tty: tty device
2568 * @cmd: command - clear bits, set bits or set all
2569 * @p: pointer to desired bits
2570 *
2571 * Set the modem status bits from the tty driver if the feature
2572 * is supported. Return -EINVAL if it is not available.
2573 *
2574 * Locking: none (up to the driver)
2575 */
2576
2577static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
2578 unsigned __user *p)
2579{
2580 int retval;
2581 unsigned int set, clear, val;
2582
2583 if (tty->ops->tiocmset == NULL)
2584 return -EINVAL;
2585
2586 retval = get_user(val, p);
2587 if (retval)
2588 return retval;
2589 set = clear = 0;
2590 switch (cmd) {
2591 case TIOCMBIS:
2592 set = val;
2593 break;
2594 case TIOCMBIC:
2595 clear = val;
2596 break;
2597 case TIOCMSET:
2598 set = val;
2599 clear = ~val;
2600 break;
2601 }
2602 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2603 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2604 return tty->ops->tiocmset(tty, set, clear);
2605}
2606
2607static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2608{
2609 int retval = -EINVAL;
2610 struct serial_icounter_struct icount;
2611 memset(&icount, 0, sizeof(icount));
2612 if (tty->ops->get_icount)
2613 retval = tty->ops->get_icount(tty, &icount);
2614 if (retval != 0)
2615 return retval;
2616 if (copy_to_user(arg, &icount, sizeof(icount)))
2617 return -EFAULT;
2618 return 0;
2619}
2620
2621struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2622{
2623 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2624 tty->driver->subtype == PTY_TYPE_MASTER)
2625 tty = tty->link;
2626 return tty;
2627}
2628EXPORT_SYMBOL(tty_pair_get_tty);
2629
2630struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2631{
2632 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2633 tty->driver->subtype == PTY_TYPE_MASTER)
2634 return tty;
2635 return tty->link;
2636}
2637EXPORT_SYMBOL(tty_pair_get_pty);
2638
2639/*
2640 * Split this up, as gcc can choke on it otherwise..
2641 */
2642long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2643{
2644 struct tty_struct *tty = file_tty(file);
2645 struct tty_struct *real_tty;
2646 void __user *p = (void __user *)arg;
2647 int retval;
2648 struct tty_ldisc *ld;
2649 struct inode *inode = file->f_dentry->d_inode;
2650
2651 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2652 return -EINVAL;
2653
2654 real_tty = tty_pair_get_tty(tty);
2655
2656 /*
2657 * Factor out some common prep work
2658 */
2659 switch (cmd) {
2660 case TIOCSETD:
2661 case TIOCSBRK:
2662 case TIOCCBRK:
2663 case TCSBRK:
2664 case TCSBRKP:
2665 retval = tty_check_change(tty);
2666 if (retval)
2667 return retval;
2668 if (cmd != TIOCCBRK) {
2669 tty_wait_until_sent(tty, 0);
2670 if (signal_pending(current))
2671 return -EINTR;
2672 }
2673 break;
2674 }
2675
2676 /*
2677 * Now do the stuff.
2678 */
2679 switch (cmd) {
2680 case TIOCSTI:
2681 return tiocsti(tty, p);
2682 case TIOCGWINSZ:
2683 return tiocgwinsz(real_tty, p);
2684 case TIOCSWINSZ:
2685 return tiocswinsz(real_tty, p);
2686 case TIOCCONS:
2687 return real_tty != tty ? -EINVAL : tioccons(file);
2688 case FIONBIO:
2689 return fionbio(file, p);
2690 case TIOCEXCL:
2691 set_bit(TTY_EXCLUSIVE, &tty->flags);
2692 return 0;
2693 case TIOCNXCL:
2694 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2695 return 0;
2696 case TIOCNOTTY:
2697 if (current->signal->tty != tty)
2698 return -ENOTTY;
2699 no_tty();
2700 return 0;
2701 case TIOCSCTTY:
2702 return tiocsctty(tty, arg);
2703 case TIOCGPGRP:
2704 return tiocgpgrp(tty, real_tty, p);
2705 case TIOCSPGRP:
2706 return tiocspgrp(tty, real_tty, p);
2707 case TIOCGSID:
2708 return tiocgsid(tty, real_tty, p);
2709 case TIOCGETD:
2710 return put_user(tty->ldisc->ops->num, (int __user *)p);
2711 case TIOCSETD:
2712 return tiocsetd(tty, p);
2713 case TIOCVHANGUP:
2714 if (!capable(CAP_SYS_ADMIN))
2715 return -EPERM;
2716 tty_vhangup(tty);
2717 return 0;
2718 case TIOCGDEV:
2719 {
2720 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2721 return put_user(ret, (unsigned int __user *)p);
2722 }
2723 /*
2724 * Break handling
2725 */
2726 case TIOCSBRK: /* Turn break on, unconditionally */
2727 if (tty->ops->break_ctl)
2728 return tty->ops->break_ctl(tty, -1);
2729 return 0;
2730 case TIOCCBRK: /* Turn break off, unconditionally */
2731 if (tty->ops->break_ctl)
2732 return tty->ops->break_ctl(tty, 0);
2733 return 0;
2734 case TCSBRK: /* SVID version: non-zero arg --> no break */
2735 /* non-zero arg means wait for all output data
2736 * to be sent (performed above) but don't send break.
2737 * This is used by the tcdrain() termios function.
2738 */
2739 if (!arg)
2740 return send_break(tty, 250);
2741 return 0;
2742 case TCSBRKP: /* support for POSIX tcsendbreak() */
2743 return send_break(tty, arg ? arg*100 : 250);
2744
2745 case TIOCMGET:
2746 return tty_tiocmget(tty, p);
2747 case TIOCMSET:
2748 case TIOCMBIC:
2749 case TIOCMBIS:
2750 return tty_tiocmset(tty, cmd, p);
2751 case TIOCGICOUNT:
2752 retval = tty_tiocgicount(tty, p);
2753 /* For the moment allow fall through to the old method */
2754 if (retval != -EINVAL)
2755 return retval;
2756 break;
2757 case TCFLSH:
2758 switch (arg) {
2759 case TCIFLUSH:
2760 case TCIOFLUSH:
2761 /* flush tty buffer and allow ldisc to process ioctl */
2762 tty_buffer_flush(tty);
2763 break;
2764 }
2765 break;
2766 }
2767 if (tty->ops->ioctl) {
2768 retval = (tty->ops->ioctl)(tty, cmd, arg);
2769 if (retval != -ENOIOCTLCMD)
2770 return retval;
2771 }
2772 ld = tty_ldisc_ref_wait(tty);
2773 retval = -EINVAL;
2774 if (ld->ops->ioctl) {
2775 retval = ld->ops->ioctl(tty, file, cmd, arg);
2776 if (retval == -ENOIOCTLCMD)
2777 retval = -ENOTTY;
2778 }
2779 tty_ldisc_deref(ld);
2780 return retval;
2781}
2782
2783#ifdef CONFIG_COMPAT
2784static long tty_compat_ioctl(struct file *file, unsigned int cmd,
2785 unsigned long arg)
2786{
2787 struct inode *inode = file->f_dentry->d_inode;
2788 struct tty_struct *tty = file_tty(file);
2789 struct tty_ldisc *ld;
2790 int retval = -ENOIOCTLCMD;
2791
2792 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2793 return -EINVAL;
2794
2795 if (tty->ops->compat_ioctl) {
2796 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
2797 if (retval != -ENOIOCTLCMD)
2798 return retval;
2799 }
2800
2801 ld = tty_ldisc_ref_wait(tty);
2802 if (ld->ops->compat_ioctl)
2803 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
2804 else
2805 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
2806 tty_ldisc_deref(ld);
2807
2808 return retval;
2809}
2810#endif
2811
2812/*
2813 * This implements the "Secure Attention Key" --- the idea is to
2814 * prevent trojan horses by killing all processes associated with this
2815 * tty when the user hits the "Secure Attention Key". Required for
2816 * super-paranoid applications --- see the Orange Book for more details.
2817 *
2818 * This code could be nicer; ideally it should send a HUP, wait a few
2819 * seconds, then send a INT, and then a KILL signal. But you then
2820 * have to coordinate with the init process, since all processes associated
2821 * with the current tty must be dead before the new getty is allowed
2822 * to spawn.
2823 *
2824 * Now, if it would be correct ;-/ The current code has a nasty hole -
2825 * it doesn't catch files in flight. We may send the descriptor to ourselves
2826 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2827 *
2828 * Nasty bug: do_SAK is being called in interrupt context. This can
2829 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2830 */
2831void __do_SAK(struct tty_struct *tty)
2832{
2833#ifdef TTY_SOFT_SAK
2834 tty_hangup(tty);
2835#else
2836 struct task_struct *g, *p;
2837 struct pid *session;
2838 int i;
2839 struct file *filp;
2840 struct fdtable *fdt;
2841
2842 if (!tty)
2843 return;
2844 session = tty->session;
2845
2846 tty_ldisc_flush(tty);
2847
2848 tty_driver_flush_buffer(tty);
2849
2850 read_lock(&tasklist_lock);
2851 /* Kill the entire session */
2852 do_each_pid_task(session, PIDTYPE_SID, p) {
2853 printk(KERN_NOTICE "SAK: killed process %d"
2854 " (%s): task_session(p)==tty->session\n",
2855 task_pid_nr(p), p->comm);
2856 send_sig(SIGKILL, p, 1);
2857 } while_each_pid_task(session, PIDTYPE_SID, p);
2858 /* Now kill any processes that happen to have the
2859 * tty open.
2860 */
2861 do_each_thread(g, p) {
2862 if (p->signal->tty == tty) {
2863 printk(KERN_NOTICE "SAK: killed process %d"
2864 " (%s): task_session(p)==tty->session\n",
2865 task_pid_nr(p), p->comm);
2866 send_sig(SIGKILL, p, 1);
2867 continue;
2868 }
2869 task_lock(p);
2870 if (p->files) {
2871 /*
2872 * We don't take a ref to the file, so we must
2873 * hold ->file_lock instead.
2874 */
2875 spin_lock(&p->files->file_lock);
2876 fdt = files_fdtable(p->files);
2877 for (i = 0; i < fdt->max_fds; i++) {
2878 filp = fcheck_files(p->files, i);
2879 if (!filp)
2880 continue;
2881 if (filp->f_op->read == tty_read &&
2882 file_tty(filp) == tty) {
2883 printk(KERN_NOTICE "SAK: killed process %d"
2884 " (%s): fd#%d opened to the tty\n",
2885 task_pid_nr(p), p->comm, i);
2886 force_sig(SIGKILL, p);
2887 break;
2888 }
2889 }
2890 spin_unlock(&p->files->file_lock);
2891 }
2892 task_unlock(p);
2893 } while_each_thread(g, p);
2894 read_unlock(&tasklist_lock);
2895#endif
2896}
2897
2898static void do_SAK_work(struct work_struct *work)
2899{
2900 struct tty_struct *tty =
2901 container_of(work, struct tty_struct, SAK_work);
2902 __do_SAK(tty);
2903}
2904
2905/*
2906 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2907 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2908 * the values which we write to it will be identical to the values which it
2909 * already has. --akpm
2910 */
2911void do_SAK(struct tty_struct *tty)
2912{
2913 if (!tty)
2914 return;
2915 schedule_work(&tty->SAK_work);
2916}
2917
2918EXPORT_SYMBOL(do_SAK);
2919
2920static int dev_match_devt(struct device *dev, void *data)
2921{
2922 dev_t *devt = data;
2923 return dev->devt == *devt;
2924}
2925
2926/* Must put_device() after it's unused! */
2927static struct device *tty_get_device(struct tty_struct *tty)
2928{
2929 dev_t devt = tty_devnum(tty);
2930 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2931}
2932
2933
2934/**
2935 * initialize_tty_struct
2936 * @tty: tty to initialize
2937 *
2938 * This subroutine initializes a tty structure that has been newly
2939 * allocated.
2940 *
2941 * Locking: none - tty in question must not be exposed at this point
2942 */
2943
2944void initialize_tty_struct(struct tty_struct *tty,
2945 struct tty_driver *driver, int idx)
2946{
2947 memset(tty, 0, sizeof(struct tty_struct));
2948 kref_init(&tty->kref);
2949 tty->magic = TTY_MAGIC;
2950 tty_ldisc_init(tty);
2951 tty->session = NULL;
2952 tty->pgrp = NULL;
2953 tty->overrun_time = jiffies;
2954 tty_buffer_init(tty);
2955 mutex_init(&tty->legacy_mutex);
2956 mutex_init(&tty->termios_mutex);
2957 mutex_init(&tty->ldisc_mutex);
2958 init_waitqueue_head(&tty->write_wait);
2959 init_waitqueue_head(&tty->read_wait);
2960 INIT_WORK(&tty->hangup_work, do_tty_hangup);
2961 mutex_init(&tty->atomic_read_lock);
2962 mutex_init(&tty->atomic_write_lock);
2963 mutex_init(&tty->output_lock);
2964 mutex_init(&tty->echo_lock);
2965 spin_lock_init(&tty->read_lock);
2966 spin_lock_init(&tty->ctrl_lock);
2967 INIT_LIST_HEAD(&tty->tty_files);
2968 INIT_WORK(&tty->SAK_work, do_SAK_work);
2969
2970 tty->driver = driver;
2971 tty->ops = driver->ops;
2972 tty->index = idx;
2973 tty_line_name(driver, idx, tty->name);
2974 tty->dev = tty_get_device(tty);
2975}
2976
2977/**
2978 * deinitialize_tty_struct
2979 * @tty: tty to deinitialize
2980 *
2981 * This subroutine deinitializes a tty structure that has been newly
2982 * allocated but tty_release cannot be called on that yet.
2983 *
2984 * Locking: none - tty in question must not be exposed at this point
2985 */
2986void deinitialize_tty_struct(struct tty_struct *tty)
2987{
2988 tty_ldisc_deinit(tty);
2989}
2990
2991/**
2992 * tty_put_char - write one character to a tty
2993 * @tty: tty
2994 * @ch: character
2995 *
2996 * Write one byte to the tty using the provided put_char method
2997 * if present. Returns the number of characters successfully output.
2998 *
2999 * Note: the specific put_char operation in the driver layer may go
3000 * away soon. Don't call it directly, use this method
3001 */
3002
3003int tty_put_char(struct tty_struct *tty, unsigned char ch)
3004{
3005 if (tty->ops->put_char)
3006 return tty->ops->put_char(tty, ch);
3007 return tty->ops->write(tty, &ch, 1);
3008}
3009EXPORT_SYMBOL_GPL(tty_put_char);
3010
3011struct class *tty_class;
3012
3013static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
3014 unsigned int index, unsigned int count)
3015{
3016 /* init here, since reused cdevs cause crashes */
3017 cdev_init(&driver->cdevs[index], &tty_fops);
3018 driver->cdevs[index].owner = driver->owner;
3019 return cdev_add(&driver->cdevs[index], dev, count);
3020}
3021
3022/**
3023 * tty_register_device - register a tty device
3024 * @driver: the tty driver that describes the tty device
3025 * @index: the index in the tty driver for this tty device
3026 * @device: a struct device that is associated with this tty device.
3027 * This field is optional, if there is no known struct device
3028 * for this tty device it can be set to NULL safely.
3029 *
3030 * Returns a pointer to the struct device for this tty device
3031 * (or ERR_PTR(-EFOO) on error).
3032 *
3033 * This call is required to be made to register an individual tty device
3034 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3035 * that bit is not set, this function should not be called by a tty
3036 * driver.
3037 *
3038 * Locking: ??
3039 */
3040
3041struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3042 struct device *device)
3043{
3044 struct device *ret;
3045 char name[64];
3046 dev_t dev = MKDEV(driver->major, driver->minor_start) + index;
3047 bool cdev = false;
3048
3049 if (index >= driver->num) {
3050 printk(KERN_ERR "Attempt to register invalid tty line number "
3051 " (%d).\n", index);
3052 return ERR_PTR(-EINVAL);
3053 }
3054
3055 if (driver->type == TTY_DRIVER_TYPE_PTY)
3056 pty_line_name(driver, index, name);
3057 else
3058 tty_line_name(driver, index, name);
3059
3060 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3061 int error = tty_cdev_add(driver, dev, index, 1);
3062 if (error)
3063 return ERR_PTR(error);
3064 cdev = true;
3065 }
3066
3067 ret = device_create(tty_class, device, dev, NULL, name);
3068 if (IS_ERR(ret) && cdev)
3069 cdev_del(&driver->cdevs[index]);
3070
3071 return ret;
3072}
3073EXPORT_SYMBOL(tty_register_device);
3074
3075/**
3076 * tty_unregister_device - unregister a tty device
3077 * @driver: the tty driver that describes the tty device
3078 * @index: the index in the tty driver for this tty device
3079 *
3080 * If a tty device is registered with a call to tty_register_device() then
3081 * this function must be called when the tty device is gone.
3082 *
3083 * Locking: ??
3084 */
3085
3086void tty_unregister_device(struct tty_driver *driver, unsigned index)
3087{
3088 device_destroy(tty_class,
3089 MKDEV(driver->major, driver->minor_start) + index);
3090 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC))
3091 cdev_del(&driver->cdevs[index]);
3092}
3093EXPORT_SYMBOL(tty_unregister_device);
3094
3095/**
3096 * __tty_alloc_driver -- allocate tty driver
3097 * @lines: count of lines this driver can handle at most
3098 * @owner: module which is repsonsible for this driver
3099 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
3100 *
3101 * This should not be called directly, some of the provided macros should be
3102 * used instead. Use IS_ERR and friends on @retval.
3103 */
3104struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
3105 unsigned long flags)
3106{
3107 struct tty_driver *driver;
3108 unsigned int cdevs = 1;
3109 int err;
3110
3111 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
3112 return ERR_PTR(-EINVAL);
3113
3114 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
3115 if (!driver)
3116 return ERR_PTR(-ENOMEM);
3117
3118 kref_init(&driver->kref);
3119 driver->magic = TTY_DRIVER_MAGIC;
3120 driver->num = lines;
3121 driver->owner = owner;
3122 driver->flags = flags;
3123
3124 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
3125 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
3126 GFP_KERNEL);
3127 driver->termios = kcalloc(lines, sizeof(*driver->termios),
3128 GFP_KERNEL);
3129 if (!driver->ttys || !driver->termios) {
3130 err = -ENOMEM;
3131 goto err_free_all;
3132 }
3133 }
3134
3135 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3136 driver->ports = kcalloc(lines, sizeof(*driver->ports),
3137 GFP_KERNEL);
3138 if (!driver->ports) {
3139 err = -ENOMEM;
3140 goto err_free_all;
3141 }
3142 cdevs = lines;
3143 }
3144
3145 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
3146 if (!driver->cdevs) {
3147 err = -ENOMEM;
3148 goto err_free_all;
3149 }
3150
3151 return driver;
3152err_free_all:
3153 kfree(driver->ports);
3154 kfree(driver->ttys);
3155 kfree(driver->termios);
3156 kfree(driver);
3157 return ERR_PTR(err);
3158}
3159EXPORT_SYMBOL(__tty_alloc_driver);
3160
3161static void destruct_tty_driver(struct kref *kref)
3162{
3163 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3164 int i;
3165 struct ktermios *tp;
3166
3167 if (driver->flags & TTY_DRIVER_INSTALLED) {
3168 /*
3169 * Free the termios and termios_locked structures because
3170 * we don't want to get memory leaks when modular tty
3171 * drivers are removed from the kernel.
3172 */
3173 for (i = 0; i < driver->num; i++) {
3174 tp = driver->termios[i];
3175 if (tp) {
3176 driver->termios[i] = NULL;
3177 kfree(tp);
3178 }
3179 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3180 tty_unregister_device(driver, i);
3181 }
3182 proc_tty_unregister_driver(driver);
3183 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
3184 cdev_del(&driver->cdevs[0]);
3185 }
3186 kfree(driver->cdevs);
3187 kfree(driver->ports);
3188 kfree(driver->termios);
3189 kfree(driver->ttys);
3190 kfree(driver);
3191}
3192
3193void tty_driver_kref_put(struct tty_driver *driver)
3194{
3195 kref_put(&driver->kref, destruct_tty_driver);
3196}
3197EXPORT_SYMBOL(tty_driver_kref_put);
3198
3199void tty_set_operations(struct tty_driver *driver,
3200 const struct tty_operations *op)
3201{
3202 driver->ops = op;
3203};
3204EXPORT_SYMBOL(tty_set_operations);
3205
3206void put_tty_driver(struct tty_driver *d)
3207{
3208 tty_driver_kref_put(d);
3209}
3210EXPORT_SYMBOL(put_tty_driver);
3211
3212/*
3213 * Called by a tty driver to register itself.
3214 */
3215int tty_register_driver(struct tty_driver *driver)
3216{
3217 int error;
3218 int i;
3219 dev_t dev;
3220 struct device *d;
3221
3222 if (!driver->major) {
3223 error = alloc_chrdev_region(&dev, driver->minor_start,
3224 driver->num, driver->name);
3225 if (!error) {
3226 driver->major = MAJOR(dev);
3227 driver->minor_start = MINOR(dev);
3228 }
3229 } else {
3230 dev = MKDEV(driver->major, driver->minor_start);
3231 error = register_chrdev_region(dev, driver->num, driver->name);
3232 }
3233 if (error < 0)
3234 goto err;
3235
3236 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
3237 error = tty_cdev_add(driver, dev, 0, driver->num);
3238 if (error)
3239 goto err_unreg_char;
3240 }
3241
3242 mutex_lock(&tty_mutex);
3243 list_add(&driver->tty_drivers, &tty_drivers);
3244 mutex_unlock(&tty_mutex);
3245
3246 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3247 for (i = 0; i < driver->num; i++) {
3248 d = tty_register_device(driver, i, NULL);
3249 if (IS_ERR(d)) {
3250 error = PTR_ERR(d);
3251 goto err_unreg_devs;
3252 }
3253 }
3254 }
3255 proc_tty_register_driver(driver);
3256 driver->flags |= TTY_DRIVER_INSTALLED;
3257 return 0;
3258
3259err_unreg_devs:
3260 for (i--; i >= 0; i--)
3261 tty_unregister_device(driver, i);
3262
3263 mutex_lock(&tty_mutex);
3264 list_del(&driver->tty_drivers);
3265 mutex_unlock(&tty_mutex);
3266
3267err_unreg_char:
3268 unregister_chrdev_region(dev, driver->num);
3269err:
3270 return error;
3271}
3272EXPORT_SYMBOL(tty_register_driver);
3273
3274/*
3275 * Called by a tty driver to unregister itself.
3276 */
3277int tty_unregister_driver(struct tty_driver *driver)
3278{
3279#if 0
3280 /* FIXME */
3281 if (driver->refcount)
3282 return -EBUSY;
3283#endif
3284 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3285 driver->num);
3286 mutex_lock(&tty_mutex);
3287 list_del(&driver->tty_drivers);
3288 mutex_unlock(&tty_mutex);
3289 return 0;
3290}
3291
3292EXPORT_SYMBOL(tty_unregister_driver);
3293
3294dev_t tty_devnum(struct tty_struct *tty)
3295{
3296 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3297}
3298EXPORT_SYMBOL(tty_devnum);
3299
3300void proc_clear_tty(struct task_struct *p)
3301{
3302 unsigned long flags;
3303 struct tty_struct *tty;
3304 spin_lock_irqsave(&p->sighand->siglock, flags);
3305 tty = p->signal->tty;
3306 p->signal->tty = NULL;
3307 spin_unlock_irqrestore(&p->sighand->siglock, flags);
3308 tty_kref_put(tty);
3309}
3310
3311/* Called under the sighand lock */
3312
3313static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3314{
3315 if (tty) {
3316 unsigned long flags;
3317 /* We should not have a session or pgrp to put here but.... */
3318 spin_lock_irqsave(&tty->ctrl_lock, flags);
3319 put_pid(tty->session);
3320 put_pid(tty->pgrp);
3321 tty->pgrp = get_pid(task_pgrp(tsk));
3322 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3323 tty->session = get_pid(task_session(tsk));
3324 if (tsk->signal->tty) {
3325 printk(KERN_DEBUG "tty not NULL!!\n");
3326 tty_kref_put(tsk->signal->tty);
3327 }
3328 }
3329 put_pid(tsk->signal->tty_old_pgrp);
3330 tsk->signal->tty = tty_kref_get(tty);
3331 tsk->signal->tty_old_pgrp = NULL;
3332}
3333
3334static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3335{
3336 spin_lock_irq(&tsk->sighand->siglock);
3337 __proc_set_tty(tsk, tty);
3338 spin_unlock_irq(&tsk->sighand->siglock);
3339}
3340
3341struct tty_struct *get_current_tty(void)
3342{
3343 struct tty_struct *tty;
3344 unsigned long flags;
3345
3346 spin_lock_irqsave(&current->sighand->siglock, flags);
3347 tty = tty_kref_get(current->signal->tty);
3348 spin_unlock_irqrestore(&current->sighand->siglock, flags);
3349 return tty;
3350}
3351EXPORT_SYMBOL_GPL(get_current_tty);
3352
3353void tty_default_fops(struct file_operations *fops)
3354{
3355 *fops = tty_fops;
3356}
3357
3358/*
3359 * Initialize the console device. This is called *early*, so
3360 * we can't necessarily depend on lots of kernel help here.
3361 * Just do some early initializations, and do the complex setup
3362 * later.
3363 */
3364void __init console_init(void)
3365{
3366 initcall_t *call;
3367
3368 /* Setup the default TTY line discipline. */
3369 tty_ldisc_begin();
3370
3371 /*
3372 * set up the console device so that later boot sequences can
3373 * inform about problems etc..
3374 */
3375 call = __con_initcall_start;
3376 while (call < __con_initcall_end) {
3377 (*call)();
3378 call++;
3379 }
3380}
3381
3382static char *tty_devnode(struct device *dev, umode_t *mode)
3383{
3384 if (!mode)
3385 return NULL;
3386 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3387 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3388 *mode = 0666;
3389 return NULL;
3390}
3391
3392static int __init tty_class_init(void)
3393{
3394 tty_class = class_create(THIS_MODULE, "tty");
3395 if (IS_ERR(tty_class))
3396 return PTR_ERR(tty_class);
3397 tty_class->devnode = tty_devnode;
3398 return 0;
3399}
3400
3401postcore_initcall(tty_class_init);
3402
3403/* 3/2004 jmc: why do these devices exist? */
3404static struct cdev tty_cdev, console_cdev;
3405
3406static ssize_t show_cons_active(struct device *dev,
3407 struct device_attribute *attr, char *buf)
3408{
3409 struct console *cs[16];
3410 int i = 0;
3411 struct console *c;
3412 ssize_t count = 0;
3413
3414 console_lock();
3415 for_each_console(c) {
3416 if (!c->device)
3417 continue;
3418 if (!c->write)
3419 continue;
3420 if ((c->flags & CON_ENABLED) == 0)
3421 continue;
3422 cs[i++] = c;
3423 if (i >= ARRAY_SIZE(cs))
3424 break;
3425 }
3426 while (i--)
3427 count += sprintf(buf + count, "%s%d%c",
3428 cs[i]->name, cs[i]->index, i ? ' ':'\n');
3429 console_unlock();
3430
3431 return count;
3432}
3433static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3434
3435static struct device *consdev;
3436
3437void console_sysfs_notify(void)
3438{
3439 if (consdev)
3440 sysfs_notify(&consdev->kobj, NULL, "active");
3441}
3442
3443/*
3444 * Ok, now we can initialize the rest of the tty devices and can count
3445 * on memory allocations, interrupts etc..
3446 */
3447int __init tty_init(void)
3448{
3449 cdev_init(&tty_cdev, &tty_fops);
3450 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3451 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3452 panic("Couldn't register /dev/tty driver\n");
3453 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
3454
3455 cdev_init(&console_cdev, &console_fops);
3456 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3457 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3458 panic("Couldn't register /dev/console driver\n");
3459 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
3460 "console");
3461 if (IS_ERR(consdev))
3462 consdev = NULL;
3463 else
3464 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
3465
3466#ifdef CONFIG_VT
3467 vty_init(&console_fops);
3468#endif
3469 return 0;
3470}
3471
Linux 6.x block layer and io_uring tree(s)