projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tty: Drop tty_mutex before tty reopen
[linux-2.6-block.git] / drivers / tty / tty_io.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5/*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
37bdfb07 20 * makes for cleaner and more compact code. -TYT, 9/17/92
1da177e4
LT		 21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
37bdfb07 42 *
1da177e4
LT		 43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
d81ed103 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
1da177e4
LT		 51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
37bdfb07
AC		 63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
1da177e4
LT		 65 */
66
1da177e4
LT		 67#include <linux/types.h>
68#include <linux/major.h>
69#include <linux/errno.h>
70#include <linux/signal.h>
71#include <linux/fcntl.h>
72#include <linux/sched.h>
73#include <linux/interrupt.h>
74#include <linux/tty.h>
75#include <linux/tty_driver.h>
76#include <linux/tty_flip.h>
77#include <linux/devpts_fs.h>
78#include <linux/file.h>
9f3acc31 79#include <linux/fdtable.h>
1da177e4
LT		 80#include <linux/console.h>
81#include <linux/timer.h>
82#include <linux/ctype.h>
83#include <linux/kd.h>
84#include <linux/mm.h>
85#include <linux/string.h>
86#include <linux/slab.h>
87#include <linux/poll.h>
88#include <linux/proc_fs.h>
89#include <linux/init.h>
90#include <linux/module.h>
1da177e4 91#include <linux/device.h>
1da177e4
LT		 92#include <linux/wait.h>
93#include <linux/bitops.h>
b20f3ae5 94#include <linux/delay.h>
a352def2 95#include <linux/seq_file.h>
d281da7f 96#include <linux/serial.h>
5a3c6b25 97#include <linux/ratelimit.h>
1da177e4 98
a352def2 99#include <linux/uaccess.h>
1da177e4
LT		 100
101#include <linux/kbd_kern.h>
102#include <linux/vt_kern.h>
103#include <linux/selection.h>
1da177e4
LT		 104
105#include <linux/kmod.h>
b488893a 106#include <linux/nsproxy.h>
1da177e4
LT		 107
108#undef TTY_DEBUG_HANGUP
109
110#define TTY_PARANOIA_CHECK 1
111#define CHECK_TTY_COUNT 1
112
edc6afc5 113struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
1da177e4
LT		 114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
edc6afc5
AC		 119 .c_cc = INIT_C_CC,
120 .c_ispeed = 38400,
121 .c_ospeed = 38400
1da177e4
LT		 122};
123
124EXPORT_SYMBOL(tty_std_termios);
125
126/* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
128 into this file */
37bdfb07 129
1da177e4
LT		 130LIST_HEAD(tty_drivers); /* linked list of tty drivers */
131
24ec839c 132/* Mutex to protect creating and releasing a tty. This is shared with
1da177e4 133 vt.c for deeply disgusting hack reasons */
70522e12 134DEFINE_MUTEX(tty_mutex);
de2a84f2 135EXPORT_SYMBOL(tty_mutex);
1da177e4 136
ee2ffa0d
NP		 137/* Spinlock to protect the tty->tty_files list */
138DEFINE_SPINLOCK(tty_files_lock);
139
1da177e4
LT		 140static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
37bdfb07
AC		 142ssize_t redirected_tty_write(struct file *, const char __user *,
143 size_t, loff_t *);
1da177e4
LT		 144static unsigned int tty_poll(struct file *, poll_table *);
145static int tty_open(struct inode *, struct file *);
04f378b1 146long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
e10cc1df 147#ifdef CONFIG_COMPAT
37bdfb07 148static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 149 unsigned long arg);
150#else
151#define tty_compat_ioctl NULL
152#endif
ec79d605 153static int __tty_fasync(int fd, struct file *filp, int on);
37bdfb07 154static int tty_fasync(int fd, struct file *filp, int on);
d5698c28 155static void release_tty(struct tty_struct *tty, int idx);
1da177e4 156
af9b897e
AC		 157/**
158 * free_tty_struct - free a disused tty
159 * @tty: tty struct to free
160 *
161 * Free the write buffers, tty queue and tty memory itself.
162 *
163 * Locking: none. Must be called after tty is definitely unused
164 */
165
bf970ee4 166void free_tty_struct(struct tty_struct *tty)
1da177e4 167{
dc6802a7
DC		 168 if (!tty)
169 return;
30004ac9
DES		 170 if (tty->dev)
171 put_device(tty->dev);
1da177e4 172 kfree(tty->write_buf);
89c8d91e 173 tty->magic = 0xDEADDEAD;
1da177e4
LT		 174 kfree(tty);
175}
176
d996b62a
NP		 177static inline struct tty_struct *file_tty(struct file *file)
178{
179 return ((struct tty_file_private *)file->private_data)->tty;
180}
181
fa90e1c9 182int tty_alloc_file(struct file *file)
d996b62a
NP		 183{
184 struct tty_file_private *priv;
185
f573bd17
PE		 186 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
187 if (!priv)
188 return -ENOMEM;
d996b62a 189
fa90e1c9
JS		 190 file->private_data = priv;
191
192 return 0;
193}
194
195/* Associate a new file with the tty structure */
196void tty_add_file(struct tty_struct *tty, struct file *file)
197{
198 struct tty_file_private *priv = file->private_data;
199
d996b62a
NP		 200 priv->tty = tty;
201 priv->file = file;
d996b62a
NP		 202
203 spin_lock(&tty_files_lock);
204 list_add(&priv->list, &tty->tty_files);
205 spin_unlock(&tty_files_lock);
fa90e1c9 206}
f573bd17 207
fa90e1c9
JS		 208/**
209 * tty_free_file - free file->private_data
210 *
211 * This shall be used only for fail path handling when tty_add_file was not
212 * called yet.
213 */
214void tty_free_file(struct file *file)
215{
216 struct tty_file_private *priv = file->private_data;
217
218 file->private_data = NULL;
219 kfree(priv);
d996b62a
NP		 220}
221
222/* Delete file from its tty */
2520e274 223static void tty_del_file(struct file *file)
d996b62a
NP		 224{
225 struct tty_file_private *priv = file->private_data;
226
227 spin_lock(&tty_files_lock);
228 list_del(&priv->list);
229 spin_unlock(&tty_files_lock);
fa90e1c9 230 tty_free_file(file);
d996b62a
NP		 231}
232
233
1da177e4
LT		 234#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
235
af9b897e
AC		 236/**
237 * tty_name - return tty naming
238 * @tty: tty structure
239 * @buf: buffer for output
240 *
241 * Convert a tty structure into a name. The name reflects the kernel
242 * naming policy and if udev is in use may not reflect user space
243 *
244 * Locking: none
245 */
246
1da177e4
LT		 247char *tty_name(struct tty_struct *tty, char *buf)
248{
249 if (!tty) /* Hmm. NULL pointer. That's fun. */
250 strcpy(buf, "NULL tty");
251 else
252 strcpy(buf, tty->name);
253 return buf;
254}
255
256EXPORT_SYMBOL(tty_name);
257
d769a669 258int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
1da177e4
LT		 259 const char *routine)
260{
261#ifdef TTY_PARANOIA_CHECK
262 if (!tty) {
263 printk(KERN_WARNING
264 "null TTY for (%d:%d) in %s\n",
265 imajor(inode), iminor(inode), routine);
266 return 1;
267 }
268 if (tty->magic != TTY_MAGIC) {
269 printk(KERN_WARNING
270 "bad magic number for tty struct (%d:%d) in %s\n",
271 imajor(inode), iminor(inode), routine);
272 return 1;
273 }
274#endif
275 return 0;
276}
277
278static int check_tty_count(struct tty_struct *tty, const char *routine)
279{
280#ifdef CHECK_TTY_COUNT
281 struct list_head *p;
282 int count = 0;
37bdfb07 283
ee2ffa0d 284 spin_lock(&tty_files_lock);
1da177e4
LT		 285 list_for_each(p, &tty->tty_files) {
286 count++;
287 }
ee2ffa0d 288 spin_unlock(&tty_files_lock);
1da177e4
LT		 289 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
290 tty->driver->subtype == PTY_TYPE_SLAVE &&
291 tty->link && tty->link->count)
292 count++;
293 if (tty->count != count) {
294 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
295 "!= #fd's(%d) in %s\n",
296 tty->name, tty->count, count, routine);
297 return count;
24ec839c 298 }
1da177e4
LT		 299#endif
300 return 0;
301}
302
af9b897e
AC		 303/**
304 * get_tty_driver - find device of a tty
305 * @dev_t: device identifier
306 * @index: returns the index of the tty
307 *
308 * This routine returns a tty driver structure, given a device number
309 * and also passes back the index number.
310 *
311 * Locking: caller must hold tty_mutex
1da177e4 312 */
af9b897e 313
1da177e4
LT		 314static struct tty_driver *get_tty_driver(dev_t device, int *index)
315{
316 struct tty_driver *p;
317
318 list_for_each_entry(p, &tty_drivers, tty_drivers) {
319 dev_t base = MKDEV(p->major, p->minor_start);
320 if (device < base || device >= base + p->num)
321 continue;
322 *index = device - base;
7d7b93c1 323 return tty_driver_kref_get(p);
1da177e4
LT		 324 }
325 return NULL;
326}
327
f2d937f3
JW		 328#ifdef CONFIG_CONSOLE_POLL
329
330/**
331 * tty_find_polling_driver - find device of a polled tty
332 * @name: name string to match
333 * @line: pointer to resulting tty line nr
334 *
335 * This routine returns a tty driver structure, given a name
336 * and the condition that the tty driver is capable of polled
337 * operation.
338 */
339struct tty_driver *tty_find_polling_driver(char *name, int *line)
340{
341 struct tty_driver *p, *res = NULL;
342 int tty_line = 0;
0dca0fd2 343 int len;
5f0878ac 344 char *str, *stp;
f2d937f3 345
0dca0fd2
JW		 346 for (str = name; *str; str++)
347 if ((*str >= '0' && *str <= '9') || *str == ',')
348 break;
349 if (!*str)
350 return NULL;
351
352 len = str - name;
353 tty_line = simple_strtoul(str, &str, 10);
354
f2d937f3
JW		 355 mutex_lock(&tty_mutex);
356 /* Search through the tty devices to look for a match */
357 list_for_each_entry(p, &tty_drivers, tty_drivers) {
0dca0fd2
JW		 358 if (strncmp(name, p->name, len) != 0)
359 continue;
5f0878ac
AC		 360 stp = str;
361 if (*stp == ',')
362 stp++;
363 if (*stp == '\0')
364 stp = NULL;
f2d937f3 365
6eb68d6f 366 if (tty_line >= 0 && tty_line < p->num && p->ops &&
5f0878ac 367 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
7d7b93c1 368 res = tty_driver_kref_get(p);
f2d937f3
JW		 369 *line = tty_line;
370 break;
371 }
372 }
373 mutex_unlock(&tty_mutex);
374
375 return res;
376}
377EXPORT_SYMBOL_GPL(tty_find_polling_driver);
378#endif
379
af9b897e
AC		 380/**
381 * tty_check_change - check for POSIX terminal changes
382 * @tty: tty to check
383 *
384 * If we try to write to, or set the state of, a terminal and we're
385 * not in the foreground, send a SIGTTOU. If the signal is blocked or
386 * ignored, go ahead and perform the operation. (POSIX 7.2)
387 *
978e595f 388 * Locking: ctrl_lock
1da177e4 389 */
af9b897e 390
37bdfb07 391int tty_check_change(struct tty_struct *tty)
1da177e4 392{
47f86834
AC		 393 unsigned long flags;
394 int ret = 0;
395
1da177e4
LT		 396 if (current->signal->tty != tty)
397 return 0;
47f86834
AC		 398
399 spin_lock_irqsave(&tty->ctrl_lock, flags);
400
ab521dc0
EB		 401 if (!tty->pgrp) {
402 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
9ffee4cb 403 goto out_unlock;
1da177e4 404 }
ab521dc0 405 if (task_pgrp(current) == tty->pgrp)
9ffee4cb
AM		 406 goto out_unlock;
407 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 408 if (is_ignored(SIGTTOU))
47f86834
AC		 409 goto out;
410 if (is_current_pgrp_orphaned()) {
411 ret = -EIO;
412 goto out;
413 }
040b6362
ON		 414 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
415 set_thread_flag(TIF_SIGPENDING);
47f86834
AC		 416 ret = -ERESTARTSYS;
417out:
9ffee4cb
AM		 418 return ret;
419out_unlock:
47f86834
AC		 420 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
421 return ret;
1da177e4
LT		 422}
423
424EXPORT_SYMBOL(tty_check_change);
425
37bdfb07 426static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
1da177e4
LT		 427 size_t count, loff_t *ppos)
428{
429 return 0;
430}
431
37bdfb07 432static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
1da177e4
LT		 433 size_t count, loff_t *ppos)
434{
435 return -EIO;
436}
437
438/* No kernel lock held - none needed ;) */
37bdfb07 439static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
1da177e4
LT		 440{
441 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
442}
443
04f378b1
AC		 444static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
445 unsigned long arg)
38ad2ed0
PF		 446{
447 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
448}
449
37bdfb07 450static long hung_up_tty_compat_ioctl(struct file *file,
38ad2ed0 451 unsigned int cmd, unsigned long arg)
1da177e4
LT		 452{
453 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
454}
455
62322d25 456static const struct file_operations tty_fops = {
1da177e4
LT		 457 .llseek = no_llseek,
458 .read = tty_read,
459 .write = tty_write,
460 .poll = tty_poll,
04f378b1 461 .unlocked_ioctl = tty_ioctl,
e10cc1df 462 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 463 .open = tty_open,
464 .release = tty_release,
465 .fasync = tty_fasync,
466};
467
62322d25 468static const struct file_operations console_fops = {
1da177e4
LT		 469 .llseek = no_llseek,
470 .read = tty_read,
471 .write = redirected_tty_write,
472 .poll = tty_poll,
04f378b1 473 .unlocked_ioctl = tty_ioctl,
e10cc1df 474 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 475 .open = tty_open,
476 .release = tty_release,
477 .fasync = tty_fasync,
478};
479
62322d25 480static const struct file_operations hung_up_tty_fops = {
1da177e4
LT		 481 .llseek = no_llseek,
482 .read = hung_up_tty_read,
483 .write = hung_up_tty_write,
484 .poll = hung_up_tty_poll,
04f378b1 485 .unlocked_ioctl = hung_up_tty_ioctl,
38ad2ed0 486 .compat_ioctl = hung_up_tty_compat_ioctl,
1da177e4
LT		 487 .release = tty_release,
488};
489
490static DEFINE_SPINLOCK(redirect_lock);
491static struct file *redirect;
492
11d9befd
PH		 493
494void proc_clear_tty(struct task_struct *p)
495{
496 unsigned long flags;
497 struct tty_struct *tty;
498 spin_lock_irqsave(&p->sighand->siglock, flags);
499 tty = p->signal->tty;
500 p->signal->tty = NULL;
501 spin_unlock_irqrestore(&p->sighand->siglock, flags);
502 tty_kref_put(tty);
503}
504
2c411c11
PH		 505/**
506 * proc_set_tty - set the controlling terminal
507 *
508 * Only callable by the session leader and only if it does not already have
509 * a controlling terminal.
510 *
e218eb32
PH		 511 * Caller must hold: tty_lock()
512 * a readlock on tasklist_lock
2c411c11
PH		 513 * sighand lock
514 */
bce65f18 515static void __proc_set_tty(struct tty_struct *tty)
11d9befd 516{
ae28fa72
PH		 517 unsigned long flags;
518
ae28fa72 519 spin_lock_irqsave(&tty->ctrl_lock, flags);
a361858d
PH		 520 /*
521 * The session and fg pgrp references will be non-NULL if
522 * tiocsctty() is stealing the controlling tty
523 */
ae28fa72
PH		 524 put_pid(tty->session);
525 put_pid(tty->pgrp);
526 tty->pgrp = get_pid(task_pgrp(current));
527 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
528 tty->session = get_pid(task_session(current));
529 if (current->signal->tty) {
530 printk(KERN_DEBUG "tty not NULL!!\n");
531 tty_kref_put(current->signal->tty);
11d9befd 532 }
bce65f18
PH		 533 put_pid(current->signal->tty_old_pgrp);
534 current->signal->tty = tty_kref_get(tty);
535 current->signal->tty_old_pgrp = NULL;
11d9befd
PH		 536}
537
bce65f18 538static void proc_set_tty(struct tty_struct *tty)
11d9befd 539{
bce65f18
PH		 540 spin_lock_irq(&current->sighand->siglock);
541 __proc_set_tty(tty);
542 spin_unlock_irq(&current->sighand->siglock);
11d9befd
PH		 543}
544
545struct tty_struct *get_current_tty(void)
546{
547 struct tty_struct *tty;
548 unsigned long flags;
549
550 spin_lock_irqsave(&current->sighand->siglock, flags);
551 tty = tty_kref_get(current->signal->tty);
552 spin_unlock_irqrestore(&current->sighand->siglock, flags);
553 return tty;
554}
555EXPORT_SYMBOL_GPL(get_current_tty);
556
557static void session_clear_tty(struct pid *session)
558{
559 struct task_struct *p;
560 do_each_pid_task(session, PIDTYPE_SID, p) {
561 proc_clear_tty(p);
562 } while_each_pid_task(session, PIDTYPE_SID, p);
563}
564
1da177e4
LT		 565/**
566 * tty_wakeup - request more data
567 * @tty: terminal
568 *
569 * Internal and external helper for wakeups of tty. This function
570 * informs the line discipline if present that the driver is ready
571 * to receive more output data.
572 */
37bdfb07 573
1da177e4
LT		 574void tty_wakeup(struct tty_struct *tty)
575{
576 struct tty_ldisc *ld;
37bdfb07 577
1da177e4
LT		 578 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
579 ld = tty_ldisc_ref(tty);
37bdfb07 580 if (ld) {
a352def2
AC		 581 if (ld->ops->write_wakeup)
582 ld->ops->write_wakeup(tty);
1da177e4
LT		 583 tty_ldisc_deref(ld);
584 }
585 }
4b19449d 586 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 587}
588
589EXPORT_SYMBOL_GPL(tty_wakeup);
590
ea648a47
PH		 591/**
592 * tty_signal_session_leader - sends SIGHUP to session leader
f91e2590
PH		 593 * @tty controlling tty
594 * @exit_session if non-zero, signal all foreground group processes
ea648a47 595 *
f91e2590
PH		 596 * Send SIGHUP and SIGCONT to the session leader and its process group.
597 * Optionally, signal all processes in the foreground process group.
ea648a47
PH		 598 *
599 * Returns the number of processes in the session with this tty
600 * as their controlling terminal. This value is used to drop
601 * tty references for those processes.
602 */
f91e2590 603static int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
ea648a47
PH		 604{
605 struct task_struct *p;
ea648a47 606 int refs = 0;
f91e2590 607 struct pid *tty_pgrp = NULL;
ea648a47
PH		 608
609 read_lock(&tasklist_lock);
610 if (tty->session) {
611 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
612 spin_lock_irq(&p->sighand->siglock);
613 if (p->signal->tty == tty) {
614 p->signal->tty = NULL;
615 /* We defer the dereferences outside fo
616 the tasklist lock */
617 refs++;
618 }
619 if (!p->signal->leader) {
620 spin_unlock_irq(&p->sighand->siglock);
621 continue;
622 }
623 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
624 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
625 put_pid(p->signal->tty_old_pgrp); /* A noop */
bc30c3b2 626 spin_lock(&tty->ctrl_lock);
f91e2590 627 tty_pgrp = get_pid(tty->pgrp);
ea648a47
PH		 628 if (tty->pgrp)
629 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
bc30c3b2 630 spin_unlock(&tty->ctrl_lock);
ea648a47
PH		 631 spin_unlock_irq(&p->sighand->siglock);
632 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
633 }
634 read_unlock(&tasklist_lock);
635
f91e2590
PH		 636 if (tty_pgrp) {
637 if (exit_session)
638 kill_pgrp(tty_pgrp, SIGHUP, exit_session);
639 put_pid(tty_pgrp);
640 }
641
ea648a47
PH		 642 return refs;
643}
644
af9b897e 645/**
11dbf203 646 * __tty_hangup - actual handler for hangup events
65f27f38 647 * @work: tty device
af9b897e 648 *
ef4f527c 649 * This can be called by a "kworker" kernel thread. That is process
af9b897e
AC		 650 * synchronous but doesn't hold any locks, so we need to make sure we
651 * have the appropriate locks for what we're doing.
652 *
653 * The hangup event clears any pending redirections onto the hung up
654 * device. It ensures future writes will error and it does the needed
655 * line discipline hangup and signal delivery. The tty object itself
656 * remains intact.
657 *
658 * Locking:
ec79d605 659 * BTM
24ec839c
PZ		 660 * redirect lock for undoing redirection
661 * file list lock for manipulating list of ttys
137084bb 662 * tty_ldiscs_lock from called functions
6a1c0680 663 * termios_rwsem resetting termios data
24ec839c
PZ		 664 * tasklist_lock to walk task list for hangup event
665 * ->siglock to protect ->signal/->sighand
1da177e4 666 */
f91e2590 667static void __tty_hangup(struct tty_struct *tty, int exit_session)
1da177e4 668{
37bdfb07 669 struct file *cons_filp = NULL;
1da177e4 670 struct file *filp, *f = NULL;
d996b62a 671 struct tty_file_private *priv;
1da177e4 672 int closecount = 0, n;
ea648a47 673 int refs;
1da177e4
LT		 674
675 if (!tty)
676 return;
677
1da177e4
LT		 678
679 spin_lock(&redirect_lock);
d996b62a 680 if (redirect && file_tty(redirect) == tty) {
1da177e4
LT		 681 f = redirect;
682 redirect = NULL;
683 }
684 spin_unlock(&redirect_lock);
37bdfb07 685
89c8d91e 686 tty_lock(tty);
11dbf203 687
cb50e523
PH		 688 if (test_bit(TTY_HUPPED, &tty->flags)) {
689 tty_unlock(tty);
690 return;
691 }
692
ec79d605
AB		 693 /* inuse_filps is protected by the single tty lock,
694 this really needs to change if we want to flush the
695 workqueue with the lock held */
11dbf203 696 check_tty_count(tty, "tty_hangup");
36ba782e 697
ee2ffa0d 698 spin_lock(&tty_files_lock);
1da177e4 699 /* This breaks for file handles being sent over AF_UNIX sockets ? */
d996b62a
NP		 700 list_for_each_entry(priv, &tty->tty_files, list) {
701 filp = priv->file;
1da177e4
LT		 702 if (filp->f_op->write == redirected_tty_write)
703 cons_filp = filp;
704 if (filp->f_op->write != tty_write)
705 continue;
706 closecount++;
ec79d605 707 __tty_fasync(-1, filp, 0); /* can't block */
1da177e4
LT		 708 filp->f_op = &hung_up_tty_fops;
709 }
ee2ffa0d 710 spin_unlock(&tty_files_lock);
37bdfb07 711
25fdf243
PH		 712 refs = tty_signal_session_leader(tty, exit_session);
713 /* Account for the p->signal references we killed */
714 while (refs--)
715 tty_kref_put(tty);
716
c65c9bc3 717 tty_ldisc_hangup(tty);
37bdfb07 718
20cc225b 719 spin_lock_irq(&tty->ctrl_lock);
c65c9bc3 720 clear_bit(TTY_THROTTLED, &tty->flags);
c65c9bc3 721 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
d9c1e9a8
EB		 722 put_pid(tty->session);
723 put_pid(tty->pgrp);
ab521dc0
EB		 724 tty->session = NULL;
725 tty->pgrp = NULL;
1da177e4 726 tty->ctrl_status = 0;
20cc225b 727 spin_unlock_irq(&tty->ctrl_lock);
9c9f4ded 728
1da177e4 729 /*
37bdfb07
AC		 730 * If one of the devices matches a console pointer, we
731 * cannot just call hangup() because that will cause
732 * tty->count and state->count to go out of sync.
733 * So we just call close() the right number of times.
1da177e4
LT		 734 */
735 if (cons_filp) {
f34d7a5b 736 if (tty->ops->close)
1da177e4 737 for (n = 0; n < closecount; n++)
f34d7a5b
AC		 738 tty->ops->close(tty, cons_filp);
739 } else if (tty->ops->hangup)
7c6d340f 740 tty->ops->hangup(tty);
37bdfb07
AC		 741 /*
742 * We don't want to have driver/ldisc interactions beyond
743 * the ones we did here. The driver layer expects no
744 * calls after ->hangup() from the ldisc side. However we
745 * can't yet guarantee all that.
746 */
1da177e4 747 set_bit(TTY_HUPPED, &tty->flags);
89c8d91e 748 tty_unlock(tty);
11dbf203 749
1da177e4
LT		 750 if (f)
751 fput(f);
752}
753
ddcd9fb6
AB		 754static void do_tty_hangup(struct work_struct *work)
755{
756 struct tty_struct *tty =
757 container_of(work, struct tty_struct, hangup_work);
758
f91e2590 759 __tty_hangup(tty, 0);
ddcd9fb6
AB		 760}
761
af9b897e
AC		 762/**
763 * tty_hangup - trigger a hangup event
764 * @tty: tty to hangup
765 *
766 * A carrier loss (virtual or otherwise) has occurred on this like
767 * schedule a hangup sequence to run after this event.
768 */
769
37bdfb07 770void tty_hangup(struct tty_struct *tty)
1da177e4
LT		 771{
772#ifdef TTY_DEBUG_HANGUP
773 char buf[64];
1da177e4
LT		 774 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
775#endif
776 schedule_work(&tty->hangup_work);
777}
778
779EXPORT_SYMBOL(tty_hangup);
780
af9b897e
AC		 781/**
782 * tty_vhangup - process vhangup
783 * @tty: tty to hangup
784 *
785 * The user has asked via system call for the terminal to be hung up.
786 * We do this synchronously so that when the syscall returns the process
3a4fa0a2 787 * is complete. That guarantee is necessary for security reasons.
af9b897e
AC		 788 */
789
37bdfb07 790void tty_vhangup(struct tty_struct *tty)
1da177e4
LT		 791{
792#ifdef TTY_DEBUG_HANGUP
793 char buf[64];
794
795 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
796#endif
f91e2590 797 __tty_hangup(tty, 0);
1da177e4 798}
37bdfb07 799
1da177e4
LT		 800EXPORT_SYMBOL(tty_vhangup);
801
11dbf203 802
2cb5998b
AC		 803/**
804 * tty_vhangup_self - process vhangup for own ctty
805 *
806 * Perform a vhangup on the current controlling tty
807 */
808
809void tty_vhangup_self(void)
810{
811 struct tty_struct *tty;
812
2cb5998b
AC		 813 tty = get_current_tty();
814 if (tty) {
815 tty_vhangup(tty);
816 tty_kref_put(tty);
817 }
2cb5998b
AC		 818}
819
f91e2590
PH		 820/**
821 * tty_vhangup_session - hangup session leader exit
822 * @tty: tty to hangup
823 *
824 * The session leader is exiting and hanging up its controlling terminal.
825 * Every process in the foreground process group is signalled SIGHUP.
826 *
827 * We do this synchronously so that when the syscall returns the process
828 * is complete. That guarantee is necessary for security reasons.
829 */
830
44a459fd 831static void tty_vhangup_session(struct tty_struct *tty)
f91e2590
PH		 832{
833#ifdef TTY_DEBUG_HANGUP
834 char buf[64];
835
836 printk(KERN_DEBUG "%s vhangup session...\n", tty_name(tty, buf));
837#endif
838 __tty_hangup(tty, 1);
839}
840
af9b897e
AC		 841/**
842 * tty_hung_up_p - was tty hung up
843 * @filp: file pointer of tty
844 *
845 * Return true if the tty has been subject to a vhangup or a carrier
846 * loss
847 */
848
37bdfb07 849int tty_hung_up_p(struct file *filp)
1da177e4
LT		 850{
851 return (filp->f_op == &hung_up_tty_fops);
852}
853
854EXPORT_SYMBOL(tty_hung_up_p);
855
af9b897e
AC		 856/**
857 * disassociate_ctty - disconnect controlling tty
858 * @on_exit: true if exiting so need to "hang up" the session
1da177e4 859 *
af9b897e
AC		 860 * This function is typically called only by the session leader, when
861 * it wants to disassociate itself from its controlling tty.
862 *
863 * It performs the following functions:
1da177e4
LT		 864 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
865 * (2) Clears the tty from being controlling the session
866 * (3) Clears the controlling tty for all processes in the
867 * session group.
868 *
af9b897e
AC		 869 * The argument on_exit is set to 1 if called when a process is
870 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
871 *
24ec839c 872 * Locking:
ec79d605
AB		 873 * BTM is taken for hysterical raisins, and held when
874 * called from no_tty().
24ec839c
PZ		 875 * tty_mutex is taken to protect tty
876 * ->siglock is taken to protect ->signal/->sighand
877 * tasklist_lock is taken to walk process list for sessions
878 * ->siglock is taken to protect ->signal/->sighand
1da177e4 879 */
af9b897e 880
1da177e4
LT		 881void disassociate_ctty(int on_exit)
882{
883 struct tty_struct *tty;
1da177e4 884
5ec93d11
AC		 885 if (!current->signal->leader)
886 return;
1da177e4 887
24ec839c 888 tty = get_current_tty();
1da177e4 889 if (tty) {
f91e2590
PH		 890 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
891 tty_vhangup_session(tty);
892 } else {
893 struct pid *tty_pgrp = tty_get_pgrp(tty);
894 if (tty_pgrp) {
895 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
03e12617
ON		 896 if (!on_exit)
897 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
f91e2590
PH		 898 put_pid(tty_pgrp);
899 }
1411dc4a 900 }
f91e2590
PH		 901 tty_kref_put(tty);
902
680a9671 903 } else if (on_exit) {
ab521dc0 904 struct pid *old_pgrp;
680a9671
EB		 905 spin_lock_irq(&current->sighand->siglock);
906 old_pgrp = current->signal->tty_old_pgrp;
ab521dc0 907 current->signal->tty_old_pgrp = NULL;
680a9671 908 spin_unlock_irq(&current->sighand->siglock);
24ec839c 909 if (old_pgrp) {
ab521dc0
EB		 910 kill_pgrp(old_pgrp, SIGHUP, on_exit);
911 kill_pgrp(old_pgrp, SIGCONT, on_exit);
912 put_pid(old_pgrp);
1da177e4 913 }
1da177e4
LT		 914 return;
915 }
1da177e4 916
24ec839c 917 spin_lock_irq(&current->sighand->siglock);
2a65f1d9 918 put_pid(current->signal->tty_old_pgrp);
23cac8de 919 current->signal->tty_old_pgrp = NULL;
24ec839c 920
c70dbb1e 921 tty = tty_kref_get(current->signal->tty);
24ec839c 922 if (tty) {
47f86834
AC		 923 unsigned long flags;
924 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 925 put_pid(tty->session);
926 put_pid(tty->pgrp);
927 tty->session = NULL;
928 tty->pgrp = NULL;
47f86834 929 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
452a00d2 930 tty_kref_put(tty);
24ec839c
PZ		 931 } else {
932#ifdef TTY_DEBUG_HANGUP
933 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
934 " = NULL", tty);
935#endif
936 }
1da177e4 937
c70dbb1e 938 spin_unlock_irq(&current->sighand->siglock);
1da177e4
LT		 939 /* Now clear signal->tty under the lock */
940 read_lock(&tasklist_lock);
ab521dc0 941 session_clear_tty(task_session(current));
1da177e4 942 read_unlock(&tasklist_lock);
1da177e4
LT		 943}
944
98a27ba4
EB		 945/**
946 *
947 * no_tty - Ensure the current process does not have a controlling tty
948 */
949void no_tty(void)
950{
3af502b9
AC		 951 /* FIXME: Review locking here. The tty_lock never covered any race
952 between a new association and proc_clear_tty but possible we need
953 to protect against this anyway */
98a27ba4 954 struct task_struct *tsk = current;
5ec93d11 955 disassociate_ctty(0);
98a27ba4
EB		 956 proc_clear_tty(tsk);
957}
958
af9b897e
AC		 959
960/**
beb7dd86 961 * stop_tty - propagate flow control
af9b897e
AC		 962 * @tty: tty to stop
963 *
01adc807 964 * Perform flow control to the driver. May be called
af9b897e
AC		 965 * on an already stopped device and will not re-call the driver
966 * method.
967 *
968 * This functionality is used by both the line disciplines for
969 * halting incoming flow and by the driver. It may therefore be
970 * called from any context, may be under the tty atomic_write_lock
971 * but not always.
972 *
973 * Locking:
f9e053dc 974 * flow_lock
af9b897e
AC		 975 */
976
f9e053dc 977void __stop_tty(struct tty_struct *tty)
1da177e4 978{
f9e053dc 979 if (tty->stopped)
1da177e4
LT		 980 return;
981 tty->stopped = 1;
f34d7a5b
AC		 982 if (tty->ops->stop)
983 (tty->ops->stop)(tty);
1da177e4
LT		 984}
985
f9e053dc
PH		 986void stop_tty(struct tty_struct *tty)
987{
988 unsigned long flags;
989
990 spin_lock_irqsave(&tty->flow_lock, flags);
991 __stop_tty(tty);
992 spin_unlock_irqrestore(&tty->flow_lock, flags);
993}
1da177e4
LT		 994EXPORT_SYMBOL(stop_tty);
995
af9b897e 996/**
beb7dd86 997 * start_tty - propagate flow control
af9b897e
AC		 998 * @tty: tty to start
999 *
01adc807
PH		 1000 * Start a tty that has been stopped if at all possible. If this
1001 * tty was previous stopped and is now being started, the driver
1002 * start method is invoked and the line discipline woken.
af9b897e
AC		 1003 *
1004 * Locking:
f9e053dc 1005 * flow_lock
af9b897e
AC		 1006 */
1007
f9e053dc 1008void __start_tty(struct tty_struct *tty)
1da177e4 1009{
f9e053dc 1010 if (!tty->stopped || tty->flow_stopped)
1da177e4
LT		 1011 return;
1012 tty->stopped = 0;
f34d7a5b
AC		 1013 if (tty->ops->start)
1014 (tty->ops->start)(tty);
1da177e4 1015 tty_wakeup(tty);
1da177e4
LT		 1016}
1017
f9e053dc
PH		 1018void start_tty(struct tty_struct *tty)
1019{
1020 unsigned long flags;
1021
1022 spin_lock_irqsave(&tty->flow_lock, flags);
1023 __start_tty(tty);
1024 spin_unlock_irqrestore(&tty->flow_lock, flags);
1025}
1da177e4
LT		 1026EXPORT_SYMBOL(start_tty);
1027
b0b88565 1028/* We limit tty time update visibility to every 8 seconds or so. */
37b7f3c7
JS		 1029static void tty_update_time(struct timespec *time)
1030{
b0b88565 1031 unsigned long sec = get_seconds() & ~7;
37b7f3c7
JS		 1032 if ((long)(sec - time->tv_sec) > 0)
1033 time->tv_sec = sec;
1034}
1035
af9b897e
AC		 1036/**
1037 * tty_read - read method for tty device files
1038 * @file: pointer to tty file
1039 * @buf: user buffer
1040 * @count: size of user buffer
1041 * @ppos: unused
1042 *
1043 * Perform the read system call function on this terminal device. Checks
1044 * for hung up devices before calling the line discipline method.
1045 *
1046 * Locking:
47f86834
AC		 1047 * Locks the line discipline internally while needed. Multiple
1048 * read calls may be outstanding in parallel.
af9b897e
AC		 1049 */
1050
37bdfb07 1051static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
1da177e4
LT		 1052 loff_t *ppos)
1053{
1054 int i;
37b7f3c7 1055 struct inode *inode = file_inode(file);
d996b62a 1056 struct tty_struct *tty = file_tty(file);
1da177e4
LT		 1057 struct tty_ldisc *ld;
1058
37b7f3c7 1059 if (tty_paranoia_check(tty, inode, "tty_read"))
1da177e4
LT		 1060 return -EIO;
1061 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
1062 return -EIO;
1063
1064 /* We want to wait for the line discipline to sort out in this
1065 situation */
1066 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 1067 if (ld->ops->read)
1068 i = (ld->ops->read)(tty, file, buf, count);
1da177e4
LT		 1069 else
1070 i = -EIO;
1071 tty_ldisc_deref(ld);
b0de59b5 1072
37b7f3c7
JS		 1073 if (i > 0)
1074 tty_update_time(&inode->i_atime);
1075
1da177e4
LT		 1076 return i;
1077}
1078
136d5258 1079static void tty_write_unlock(struct tty_struct *tty)
9c1729db
AC		 1080{
1081 mutex_unlock(&tty->atomic_write_lock);
4b19449d 1082 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
9c1729db
AC		 1083}
1084
136d5258 1085static int tty_write_lock(struct tty_struct *tty, int ndelay)
9c1729db
AC		 1086{
1087 if (!mutex_trylock(&tty->atomic_write_lock)) {
1088 if (ndelay)
1089 return -EAGAIN;
1090 if (mutex_lock_interruptible(&tty->atomic_write_lock))
1091 return -ERESTARTSYS;
1092 }
1093 return 0;
1094}
1095
1da177e4
LT		 1096/*
1097 * Split writes up in sane blocksizes to avoid
1098 * denial-of-service type attacks
1099 */
1100static inline ssize_t do_tty_write(
1101 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1102 struct tty_struct *tty,
1103 struct file *file,
1104 const char __user *buf,
1105 size_t count)
1106{
9c1729db 1107 ssize_t ret, written = 0;
1da177e4 1108 unsigned int chunk;
37bdfb07 1109
9c1729db
AC		 1110 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1111 if (ret < 0)
1112 return ret;
1da177e4
LT		 1113
1114 /*
1115 * We chunk up writes into a temporary buffer. This
1116 * simplifies low-level drivers immensely, since they
1117 * don't have locking issues and user mode accesses.
1118 *
1119 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1120 * big chunk-size..
1121 *
1122 * The default chunk-size is 2kB, because the NTTY
1123 * layer has problems with bigger chunks. It will
1124 * claim to be able to handle more characters than
1125 * it actually does.
af9b897e
AC		 1126 *
1127 * FIXME: This can probably go away now except that 64K chunks
1128 * are too likely to fail unless switched to vmalloc...
1da177e4
LT		 1129 */
1130 chunk = 2048;
1131 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1132 chunk = 65536;
1133 if (count < chunk)
1134 chunk = count;
1135
70522e12 1136 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1da177e4 1137 if (tty->write_cnt < chunk) {
402fda92 1138 unsigned char *buf_chunk;
1da177e4
LT		 1139
1140 if (chunk < 1024)
1141 chunk = 1024;
1142
402fda92
JW		 1143 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1144 if (!buf_chunk) {
9c1729db
AC		 1145 ret = -ENOMEM;
1146 goto out;
1da177e4
LT		 1147 }
1148 kfree(tty->write_buf);
1149 tty->write_cnt = chunk;
402fda92 1150 tty->write_buf = buf_chunk;
1da177e4
LT		 1151 }
1152
1153 /* Do the write .. */
1154 for (;;) {
1155 size_t size = count;
1156 if (size > chunk)
1157 size = chunk;
1158 ret = -EFAULT;
1159 if (copy_from_user(tty->write_buf, buf, size))
1160 break;
1da177e4 1161 ret = write(tty, file, tty->write_buf, size);
1da177e4
LT		 1162 if (ret <= 0)
1163 break;
1164 written += ret;
1165 buf += ret;
1166 count -= ret;
1167 if (!count)
1168 break;
1169 ret = -ERESTARTSYS;
1170 if (signal_pending(current))
1171 break;
1172 cond_resched();
1173 }
37b7f3c7
JS		 1174 if (written) {
1175 tty_update_time(&file_inode(file)->i_mtime);
1da177e4 1176 ret = written;
37b7f3c7 1177 }
9c1729db
AC		 1178out:
1179 tty_write_unlock(tty);
1da177e4
LT		 1180 return ret;
1181}
1182
95f9bfc6
AC		 1183/**
1184 * tty_write_message - write a message to a certain tty, not just the console.
1185 * @tty: the destination tty_struct
1186 * @msg: the message to write
1187 *
1188 * This is used for messages that need to be redirected to a specific tty.
1189 * We don't put it into the syslog queue right now maybe in the future if
1190 * really needed.
1191 *
ec79d605 1192 * We must still hold the BTM and test the CLOSING flag for the moment.
95f9bfc6
AC		 1193 */
1194
1195void tty_write_message(struct tty_struct *tty, char *msg)
1196{
95f9bfc6
AC		 1197 if (tty) {
1198 mutex_lock(&tty->atomic_write_lock);
89c8d91e 1199 tty_lock(tty);
eeb89d91 1200 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
89c8d91e 1201 tty_unlock(tty);
95f9bfc6 1202 tty->ops->write(tty, msg, strlen(msg));
eeb89d91 1203 } else
89c8d91e 1204 tty_unlock(tty);
95f9bfc6
AC		 1205 tty_write_unlock(tty);
1206 }
95f9bfc6
AC		 1207 return;
1208}
1209
1da177e4 1210
af9b897e
AC		 1211/**
1212 * tty_write - write method for tty device file
1213 * @file: tty file pointer
1214 * @buf: user data to write
1215 * @count: bytes to write
1216 * @ppos: unused
1217 *
1218 * Write data to a tty device via the line discipline.
1219 *
1220 * Locking:
1221 * Locks the line discipline as required
1222 * Writes to the tty driver are serialized by the atomic_write_lock
1223 * and are then processed in chunks to the device. The line discipline
a88a69c9 1224 * write method will not be invoked in parallel for each device.
af9b897e
AC		 1225 */
1226
37bdfb07
AC		 1227static ssize_t tty_write(struct file *file, const char __user *buf,
1228 size_t count, loff_t *ppos)
1da177e4 1229{
d996b62a
NP		 1230 struct tty_struct *tty = file_tty(file);
1231 struct tty_ldisc *ld;
1da177e4 1232 ssize_t ret;
37bdfb07 1233
6131ffaa 1234 if (tty_paranoia_check(tty, file_inode(file), "tty_write"))
1da177e4 1235 return -EIO;
f34d7a5b 1236 if (!tty || !tty->ops->write ||
37bdfb07
AC		 1237 (test_bit(TTY_IO_ERROR, &tty->flags)))
1238 return -EIO;
f34d7a5b
AC		 1239 /* Short term debug to catch buggy drivers */
1240 if (tty->ops->write_room == NULL)
1241 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1242 tty->driver->name);
37bdfb07 1243 ld = tty_ldisc_ref_wait(tty);
a352def2 1244 if (!ld->ops->write)
1da177e4
LT		 1245 ret = -EIO;
1246 else
a352def2 1247 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1da177e4
LT		 1248 tty_ldisc_deref(ld);
1249 return ret;
1250}
1251
37bdfb07
AC		 1252ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1253 size_t count, loff_t *ppos)
1da177e4
LT		 1254{
1255 struct file *p = NULL;
1256
1257 spin_lock(&redirect_lock);
cb0942b8
AV		 1258 if (redirect)
1259 p = get_file(redirect);
1da177e4
LT		 1260 spin_unlock(&redirect_lock);
1261
1262 if (p) {
1263 ssize_t res;
1264 res = vfs_write(p, buf, count, &p->f_pos);
1265 fput(p);
1266 return res;
1267 }
1da177e4
LT		 1268 return tty_write(file, buf, count, ppos);
1269}
1270
136d5258
PH		 1271/**
1272 * tty_send_xchar - send priority character
1273 *
1274 * Send a high priority character to the tty even if stopped
1275 *
1276 * Locking: none for xchar method, write ordering for write method.
1277 */
1278
1279int tty_send_xchar(struct tty_struct *tty, char ch)
1280{
1281 int was_stopped = tty->stopped;
1282
1283 if (tty->ops->send_xchar) {
1284 tty->ops->send_xchar(tty, ch);
1285 return 0;
1286 }
1287
1288 if (tty_write_lock(tty, 0) < 0)
1289 return -ERESTARTSYS;
1290
1291 if (was_stopped)
1292 start_tty(tty);
1293 tty->ops->write(tty, &ch, 1);
1294 if (was_stopped)
1295 stop_tty(tty);
1296 tty_write_unlock(tty);
1297 return 0;
1298}
1299
1da177e4
LT		 1300static char ptychar[] = "pqrstuvwxyzabcde";
1301
af9b897e
AC		 1302/**
1303 * pty_line_name - generate name for a pty
1304 * @driver: the tty driver in use
1305 * @index: the minor number
1306 * @p: output buffer of at least 6 bytes
1307 *
1308 * Generate a name from a driver reference and write it to the output
1309 * buffer.
1310 *
1311 * Locking: None
1312 */
1313static void pty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4
LT		 1314{
1315 int i = index + driver->name_base;
1316 /* ->name is initialized to "ttyp", but "tty" is expected */
1317 sprintf(p, "%s%c%x",
37bdfb07
AC		 1318 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1319 ptychar[i >> 4 & 0xf], i & 0xf);
1da177e4
LT		 1320}
1321
af9b897e 1322/**
8b0a88d5 1323 * tty_line_name - generate name for a tty
af9b897e
AC		 1324 * @driver: the tty driver in use
1325 * @index: the minor number
1326 * @p: output buffer of at least 7 bytes
1327 *
1328 * Generate a name from a driver reference and write it to the output
5c0a2450 1329 * buffer.
af9b897e
AC		 1330 *
1331 * Locking: None
1332 */
723abd87 1333static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4 1334{
0019b408 1335 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
723abd87 1336 return sprintf(p, "%s", driver->name);
0019b408 1337 else
723abd87
HR		 1338 return sprintf(p, "%s%d", driver->name,
1339 index + driver->name_base);
1da177e4
LT		 1340}
1341
99f1fe18
AC		 1342/**
1343 * tty_driver_lookup_tty() - find an existing tty, if any
1344 * @driver: the driver for the tty
1345 * @idx: the minor number
23499705 1346 *
aa3cb814
PH		 1347 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the
1348 * driver lookup() method returns an error.
23499705 1349 *
aa3cb814 1350 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref.
23499705 1351 */
a47d545f 1352static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
15f1a633 1353 struct inode *inode, int idx)
23499705 1354{
aa3cb814
PH		 1355 struct tty_struct *tty;
1356
99f1fe18 1357 if (driver->ops->lookup)
aa3cb814
PH		 1358 tty = driver->ops->lookup(driver, inode, idx);
1359 else
1360 tty = driver->ttys[idx];
23499705 1361
aa3cb814
PH		 1362 if (!IS_ERR(tty))
1363 tty_kref_get(tty);
1364 return tty;
23499705
SB		 1365}
1366
bf970ee4
AC		 1367/**
1368 * tty_init_termios - helper for termios setup
1369 * @tty: the tty to set up
1370 *
1371 * Initialise the termios structures for this tty. Thus runs under
1372 * the tty_mutex currently so we can be relaxed about ordering.
1373 */
1374
1375int tty_init_termios(struct tty_struct *tty)
1376{
fe6e29fd 1377 struct ktermios *tp;
bf970ee4
AC		 1378 int idx = tty->index;
1379
36b3c070
AC		 1380 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1381 tty->termios = tty->driver->init_termios;
1382 else {
1383 /* Check for lazy saved data */
1384 tp = tty->driver->termios[idx];
1385 if (tp != NULL)
1386 tty->termios = *tp;
1387 else
1388 tty->termios = tty->driver->init_termios;
bf970ee4 1389 }
bf970ee4 1390 /* Compatibility until drivers always set this */
adc8d746
AC		 1391 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1392 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
bf970ee4
AC		 1393 return 0;
1394}
fe1ae7fd 1395EXPORT_SYMBOL_GPL(tty_init_termios);
bf970ee4 1396
66d450e8
JS		 1397int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1398{
1399 int ret = tty_init_termios(tty);
1400 if (ret)
1401 return ret;
1402
1403 tty_driver_kref_get(driver);
1404 tty->count++;
1405 driver->ttys[tty->index] = tty;
1406 return 0;
1407}
1408EXPORT_SYMBOL_GPL(tty_standard_install);
1409
99f1fe18 1410/**
8b0a88d5
AC		 1411 * tty_driver_install_tty() - install a tty entry in the driver
1412 * @driver: the driver for the tty
1413 * @tty: the tty
1414 *
1415 * Install a tty object into the driver tables. The tty->index field
bf970ee4
AC		 1416 * will be set by the time this is called. This method is responsible
1417 * for ensuring any need additional structures are allocated and
1418 * configured.
8b0a88d5
AC		 1419 *
1420 * Locking: tty_mutex for now
1421 */
1422static int tty_driver_install_tty(struct tty_driver *driver,
1423 struct tty_struct *tty)
1424{
66d450e8
JS		 1425 return driver->ops->install ? driver->ops->install(driver, tty) :
1426 tty_standard_install(driver, tty);
8b0a88d5
AC		 1427}
1428
1429/**
1430 * tty_driver_remove_tty() - remove a tty from the driver tables
1431 * @driver: the driver for the tty
1432 * @idx: the minor number
1433 *
1434 * Remvoe a tty object from the driver tables. The tty->index field
1435 * will be set by the time this is called.
1436 *
1437 * Locking: tty_mutex for now
1438 */
24d406a6 1439void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
8b0a88d5
AC		 1440{
1441 if (driver->ops->remove)
1442 driver->ops->remove(driver, tty);
1443 else
1444 driver->ttys[tty->index] = NULL;
1445}
1446
1447/*
1448 * tty_reopen() - fast re-open of an open tty
1449 * @tty - the tty to open
23499705 1450 *
99f1fe18 1451 * Return 0 on success, -errno on error.
5d93e748 1452 * Re-opens on master ptys are not allowed and return -EIO.
23499705 1453 *
5d93e748 1454 * Locking: Caller must hold tty_lock
23499705 1455 */
99f1fe18 1456static int tty_reopen(struct tty_struct *tty)
23499705
SB		 1457{
1458 struct tty_driver *driver = tty->driver;
1459
216030ec 1460 if (!tty->count)
23499705
SB		 1461 return -EIO;
1462
1463 if (driver->type == TTY_DRIVER_TYPE_PTY &&
5d93e748
PH		 1464 driver->subtype == PTY_TYPE_MASTER)
1465 return -EIO;
23499705 1466
23499705 1467 tty->count++;
23499705 1468
36697529 1469 WARN_ON(!tty->ldisc);
23499705
SB		 1470
1471 return 0;
1472}
1473
af9b897e 1474/**
d81ed103 1475 * tty_init_dev - initialise a tty device
af9b897e
AC		 1476 * @driver: tty driver we are opening a device on
1477 * @idx: device index
15582d36 1478 * @ret_tty: returned tty structure
af9b897e
AC		 1479 *
1480 * Prepare a tty device. This may not be a "new" clean device but
1481 * could also be an active device. The pty drivers require special
1482 * handling because of this.
1483 *
1484 * Locking:
1485 * The function is called under the tty_mutex, which
1486 * protects us from the tty struct or driver itself going away.
1487 *
1488 * On exit the tty device has the line discipline attached and
1489 * a reference count of 1. If a pair was created for pty/tty use
1490 * and the other was a pty master then it too has a reference count of 1.
1491 *
1da177e4 1492 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
70522e12
IM		 1493 * failed open. The new code protects the open with a mutex, so it's
1494 * really quite straightforward. The mutex locking can probably be
1da177e4
LT		 1495 * relaxed for the (most common) case of reopening a tty.
1496 */
af9b897e 1497
593a27c4 1498struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1da177e4 1499{
bf970ee4 1500 struct tty_struct *tty;
73ec06fc 1501 int retval;
1da177e4 1502
1da177e4
LT		 1503 /*
1504 * First time open is complex, especially for PTY devices.
1505 * This code guarantees that either everything succeeds and the
1506 * TTY is ready for operation, or else the table slots are vacated
37bdfb07 1507 * and the allocated memory released. (Except that the termios
1da177e4
LT		 1508 * and locked termios may be retained.)
1509 */
1510
73ec06fc
AC		 1511 if (!try_module_get(driver->owner))
1512 return ERR_PTR(-ENODEV);
1da177e4 1513
2c964a2f 1514 tty = alloc_tty_struct(driver, idx);
d5543503
JS		 1515 if (!tty) {
1516 retval = -ENOMEM;
1517 goto err_module_put;
1518 }
1da177e4 1519
89c8d91e 1520 tty_lock(tty);
73ec06fc 1521 retval = tty_driver_install_tty(driver, tty);
d5543503 1522 if (retval < 0)
a9dccddb 1523 goto err_deinit_tty;
8b0a88d5 1524
04831dc1
JS		 1525 if (!tty->port)
1526 tty->port = driver->ports[idx];
1527
5d4121c0
JS		 1528 WARN_RATELIMIT(!tty->port,
1529 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1530 __func__, tty->driver->name);
1531
967fab69
JS		 1532 tty->port->itty = tty;
1533
37bdfb07 1534 /*
1da177e4 1535 * Structures all installed ... call the ldisc open routines.
d5698c28
CH		 1536 * If we fail here just call release_tty to clean up. No need
1537 * to decrement the use counts, as release_tty doesn't care.
1da177e4 1538 */
bf970ee4 1539 retval = tty_ldisc_setup(tty, tty->link);
01e1abb2 1540 if (retval)
d5543503 1541 goto err_release_tty;
89c8d91e 1542 /* Return the tty locked so that it cannot vanish under the caller */
73ec06fc 1543 return tty;
1da177e4 1544
a9dccddb 1545err_deinit_tty:
89c8d91e 1546 tty_unlock(tty);
a9dccddb 1547 deinitialize_tty_struct(tty);
d5543503
JS		 1548 free_tty_struct(tty);
1549err_module_put:
1da177e4 1550 module_put(driver->owner);
d5543503 1551 return ERR_PTR(retval);
1da177e4 1552
d5698c28 1553 /* call the tty release_tty routine to clean out this slot */
d5543503 1554err_release_tty:
89c8d91e 1555 tty_unlock(tty);
5a3c6b25 1556 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
4050914f 1557 "clearing slot %d\n", idx);
d5698c28 1558 release_tty(tty, idx);
73ec06fc 1559 return ERR_PTR(retval);
1da177e4
LT		 1560}
1561
feebed65
AC		 1562void tty_free_termios(struct tty_struct *tty)
1563{
1564 struct ktermios *tp;
1565 int idx = tty->index;
36b3c070
AC		 1566
1567 /* If the port is going to reset then it has no termios to save */
1568 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1569 return;
1570
1571 /* Stash the termios data */
1572 tp = tty->driver->termios[idx];
1573 if (tp == NULL) {
1574 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1575 if (tp == NULL) {
1576 pr_warn("tty: no memory to save termios state.\n");
1577 return;
1578 }
4ac5d705 1579 tty->driver->termios[idx] = tp;
feebed65 1580 }
36b3c070 1581 *tp = tty->termios;
feebed65
AC		 1582}
1583EXPORT_SYMBOL(tty_free_termios);
1584
a2965b7b
PH		 1585/**
1586 * tty_flush_works - flush all works of a tty
1587 * @tty: tty device to flush works for
1588 *
1589 * Sync flush all works belonging to @tty.
1590 */
1591static void tty_flush_works(struct tty_struct *tty)
1592{
1593 flush_work(&tty->SAK_work);
1594 flush_work(&tty->hangup_work);
1595}
feebed65 1596
af9b897e 1597/**
d5698c28 1598 * release_one_tty - release tty structure memory
9c9f4ded 1599 * @kref: kref of tty we are obliterating
af9b897e
AC		 1600 *
1601 * Releases memory associated with a tty structure, and clears out the
1602 * driver table slots. This function is called when a device is no longer
1603 * in use. It also gets called when setup of a device fails.
1604 *
1605 * Locking:
af9b897e
AC		 1606 * takes the file list lock internally when working on the list
1607 * of ttys that the driver keeps.
b50989dc
AC		 1608 *
1609 * This method gets called from a work queue so that the driver private
f278a2f7 1610 * cleanup ops can sleep (needed for USB at least)
1da177e4 1611 */
b50989dc 1612static void release_one_tty(struct work_struct *work)
1da177e4 1613{
b50989dc
AC		 1614 struct tty_struct *tty =
1615 container_of(work, struct tty_struct, hangup_work);
6f967f78 1616 struct tty_driver *driver = tty->driver;
b216df53 1617 struct module *owner = driver->owner;
d5698c28 1618
f278a2f7
DY		 1619 if (tty->ops->cleanup)
1620 tty->ops->cleanup(tty);
1621
1da177e4 1622 tty->magic = 0;
7d7b93c1 1623 tty_driver_kref_put(driver);
b216df53 1624 module_put(owner);
d5698c28 1625
ee2ffa0d 1626 spin_lock(&tty_files_lock);
1da177e4 1627 list_del_init(&tty->tty_files);
ee2ffa0d 1628 spin_unlock(&tty_files_lock);
d5698c28 1629
6da8d866
ON		 1630 put_pid(tty->pgrp);
1631 put_pid(tty->session);
1da177e4
LT		 1632 free_tty_struct(tty);
1633}
1634
b50989dc
AC		 1635static void queue_release_one_tty(struct kref *kref)
1636{
1637 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
f278a2f7 1638
b50989dc
AC		 1639 /* The hangup queue is now free so we can reuse it rather than
1640 waste a chunk of memory for each port */
1641 INIT_WORK(&tty->hangup_work, release_one_tty);
1642 schedule_work(&tty->hangup_work);
1643}
1644
9c9f4ded
AC		 1645/**
1646 * tty_kref_put - release a tty kref
1647 * @tty: tty device
1648 *
1649 * Release a reference to a tty device and if need be let the kref
1650 * layer destruct the object for us
1651 */
1652
1653void tty_kref_put(struct tty_struct *tty)
1654{
1655 if (tty)
b50989dc 1656 kref_put(&tty->kref, queue_release_one_tty);
9c9f4ded
AC		 1657}
1658EXPORT_SYMBOL(tty_kref_put);
1659
d5698c28
CH		 1660/**
1661 * release_tty - release tty structure memory
1662 *
1663 * Release both @tty and a possible linked partner (think pty pair),
1664 * and decrement the refcount of the backing module.
1665 *
1666 * Locking:
d155255a 1667 * tty_mutex
d5698c28
CH		 1668 * takes the file list lock internally when working on the list
1669 * of ttys that the driver keeps.
9c9f4ded 1670 *
d5698c28
CH		 1671 */
1672static void release_tty(struct tty_struct *tty, int idx)
1673{
9c9f4ded
AC		 1674 /* This should always be true but check for the moment */
1675 WARN_ON(tty->index != idx);
d155255a 1676 WARN_ON(!mutex_is_locked(&tty_mutex));
36b3c070
AC		 1677 if (tty->ops->shutdown)
1678 tty->ops->shutdown(tty);
1679 tty_free_termios(tty);
1680 tty_driver_remove_tty(tty->driver, tty);
967fab69 1681 tty->port->itty = NULL;
64e377dc
PH		 1682 if (tty->link)
1683 tty->link->port->itty = NULL;
4f98d467 1684 cancel_work_sync(&tty->port->buf.work);
36b3c070 1685
d5698c28 1686 if (tty->link)
9c9f4ded
AC		 1687 tty_kref_put(tty->link);
1688 tty_kref_put(tty);
d5698c28
CH		 1689}
1690
955787ca
JS		 1691/**
1692 * tty_release_checks - check a tty before real release
1693 * @tty: tty to check
1694 * @o_tty: link of @tty (if any)
1695 * @idx: index of the tty
1696 *
1697 * Performs some paranoid checking before true release of the @tty.
1698 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1699 */
1700static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1701 int idx)
1702{
1703#ifdef TTY_PARANOIA_CHECK
1704 if (idx < 0 || idx >= tty->driver->num) {
9de44bd6
JS		 1705 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1706 __func__, tty->name);
955787ca
JS		 1707 return -1;
1708 }
1709
1710 /* not much to check for devpts */
1711 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1712 return 0;
1713
1714 if (tty != tty->driver->ttys[idx]) {
9de44bd6
JS		 1715 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1716 __func__, idx, tty->name);
955787ca
JS		 1717 return -1;
1718 }
955787ca
JS		 1719 if (tty->driver->other) {
1720 if (o_tty != tty->driver->other->ttys[idx]) {
9de44bd6
JS		 1721 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1722 __func__, idx, tty->name);
955787ca
JS		 1723 return -1;
1724 }
955787ca 1725 if (o_tty->link != tty) {
9de44bd6 1726 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
955787ca
JS		 1727 return -1;
1728 }
1729 }
1730#endif
1731 return 0;
1732}
1733
eeb89d91
AC		 1734/**
1735 * tty_release - vfs callback for close
1736 * @inode: inode of tty
1737 * @filp: file pointer for handle to tty
1738 *
1739 * Called the last time each file handle is closed that references
1740 * this tty. There may however be several such references.
1741 *
1742 * Locking:
1743 * Takes bkl. See tty_release_dev
1744 *
1da177e4
LT		 1745 * Even releasing the tty structures is a tricky business.. We have
1746 * to be very careful that the structures are all released at the
1747 * same time, as interrupts might otherwise get the wrong pointers.
1748 *
1749 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1750 * lead to double frees or releasing memory still in use.
1751 */
eeb89d91
AC		 1752
1753int tty_release(struct inode *inode, struct file *filp)
1da177e4 1754{
d996b62a
NP		 1755 struct tty_struct *tty = file_tty(filp);
1756 struct tty_struct *o_tty;
1da177e4 1757 int pty_master, tty_closing, o_tty_closing, do_sleep;
1da177e4
LT		 1758 int idx;
1759 char buf[64];
37bdfb07 1760
9de44bd6 1761 if (tty_paranoia_check(tty, inode, __func__))
eeb89d91 1762 return 0;
1da177e4 1763
89c8d91e 1764 tty_lock(tty);
9de44bd6 1765 check_tty_count(tty, __func__);
1da177e4 1766
ec79d605 1767 __tty_fasync(-1, filp, 0);
1da177e4
LT		 1768
1769 idx = tty->index;
1770 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1771 tty->driver->subtype == PTY_TYPE_MASTER);
89c8d91e 1772 /* Review: parallel close */
1da177e4
LT		 1773 o_tty = tty->link;
1774
955787ca 1775 if (tty_release_checks(tty, o_tty, idx)) {
89c8d91e 1776 tty_unlock(tty);
eeb89d91 1777 return 0;
1da177e4 1778 }
1da177e4
LT		 1779
1780#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 1781 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1782 tty_name(tty, buf), tty->count);
1da177e4
LT		 1783#endif
1784
f34d7a5b
AC		 1785 if (tty->ops->close)
1786 tty->ops->close(tty, filp);
1da177e4 1787
89c8d91e 1788 tty_unlock(tty);
1da177e4
LT		 1789 /*
1790 * Sanity check: if tty->count is going to zero, there shouldn't be
1791 * any waiters on tty->read_wait or tty->write_wait. We test the
1792 * wait queues and kick everyone out _before_ actually starting to
1793 * close. This ensures that we won't block while releasing the tty
1794 * structure.
1795 *
1796 * The test for the o_tty closing is necessary, since the master and
1797 * slave sides may close in any order. If the slave side closes out
1798 * first, its count will be one, since the master side holds an open.
1799 * Thus this test wouldn't be triggered at the time the slave closes,
1800 * so we do it now.
1801 *
1802 * Note that it's possible for the tty to be opened again while we're
1803 * flushing out waiters. By recalculating the closing flags before
1804 * each iteration we avoid any problems.
1805 */
1806 while (1) {
1807 /* Guard against races with tty->count changes elsewhere and
1808 opens on /dev/tty */
37bdfb07 1809
70522e12 1810 mutex_lock(&tty_mutex);
89c8d91e 1811 tty_lock_pair(tty, o_tty);
1da177e4
LT		 1812 tty_closing = tty->count <= 1;
1813 o_tty_closing = o_tty &&
1814 (o_tty->count <= (pty_master ? 1 : 0));
1da177e4
LT		 1815 do_sleep = 0;
1816
1817 if (tty_closing) {
1818 if (waitqueue_active(&tty->read_wait)) {
4b19449d 1819 wake_up_poll(&tty->read_wait, POLLIN);
1da177e4
LT		 1820 do_sleep++;
1821 }
1822 if (waitqueue_active(&tty->write_wait)) {
4b19449d 1823 wake_up_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 1824 do_sleep++;
1825 }
1826 }
1827 if (o_tty_closing) {
1828 if (waitqueue_active(&o_tty->read_wait)) {
4b19449d 1829 wake_up_poll(&o_tty->read_wait, POLLIN);
1da177e4
LT		 1830 do_sleep++;
1831 }
1832 if (waitqueue_active(&o_tty->write_wait)) {
4b19449d 1833 wake_up_poll(&o_tty->write_wait, POLLOUT);
1da177e4
LT		 1834 do_sleep++;
1835 }
1836 }
1837 if (!do_sleep)
1838 break;
1839
9de44bd6
JS		 1840 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1841 __func__, tty_name(tty, buf));
89c8d91e 1842 tty_unlock_pair(tty, o_tty);
70522e12 1843 mutex_unlock(&tty_mutex);
1da177e4 1844 schedule();
37bdfb07 1845 }
1da177e4
LT		 1846
1847 /*
37bdfb07
AC		 1848 * The closing flags are now consistent with the open counts on
1849 * both sides, and we've completed the last operation that could
1da177e4 1850 * block, so it's safe to proceed with closing.
d155255a
AC		 1851 *
1852 * We must *not* drop the tty_mutex until we ensure that a further
1853 * entry into tty_open can not pick up this tty.
1da177e4 1854 */
1da177e4
LT		 1855 if (pty_master) {
1856 if (--o_tty->count < 0) {
9de44bd6
JS		 1857 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1858 __func__, o_tty->count, tty_name(o_tty, buf));
1da177e4
LT		 1859 o_tty->count = 0;
1860 }
1861 }
1862 if (--tty->count < 0) {
9de44bd6
JS		 1863 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1864 __func__, tty->count, tty_name(tty, buf));
1da177e4
LT		 1865 tty->count = 0;
1866 }
37bdfb07 1867
1da177e4
LT		 1868 /*
1869 * We've decremented tty->count, so we need to remove this file
1870 * descriptor off the tty->tty_files list; this serves two
1871 * purposes:
1872 * - check_tty_count sees the correct number of file descriptors
1873 * associated with this tty.
1874 * - do_tty_hangup no longer sees this file descriptor as
1875 * something that needs to be handled for hangups.
1876 */
d996b62a 1877 tty_del_file(filp);
1da177e4
LT		 1878
1879 /*
1880 * Perform some housekeeping before deciding whether to return.
1881 *
1882 * Set the TTY_CLOSING flag if this was the last open. In the
1883 * case of a pty we may have to wait around for the other side
1884 * to close, and TTY_CLOSING makes sure we can't be reopened.
1885 */
37bdfb07 1886 if (tty_closing)
1da177e4 1887 set_bit(TTY_CLOSING, &tty->flags);
37bdfb07 1888 if (o_tty_closing)
1da177e4
LT		 1889 set_bit(TTY_CLOSING, &o_tty->flags);
1890
1891 /*
1892 * If _either_ side is closing, make sure there aren't any
1893 * processes that still think tty or o_tty is their controlling
1894 * tty.
1895 */
1896 if (tty_closing || o_tty_closing) {
1da177e4 1897 read_lock(&tasklist_lock);
24ec839c 1898 session_clear_tty(tty->session);
1da177e4 1899 if (o_tty)
24ec839c 1900 session_clear_tty(o_tty->session);
1da177e4
LT		 1901 read_unlock(&tasklist_lock);
1902 }
1903
70522e12 1904 mutex_unlock(&tty_mutex);
89c8d91e 1905 tty_unlock_pair(tty, o_tty);
d155255a
AC		 1906 /* At this point the TTY_CLOSING flag should ensure a dead tty
1907 cannot be re-opened by a racing opener */
da965822 1908
1da177e4 1909 /* check whether both sides are closing ... */
d155255a 1910 if (!tty_closing || (o_tty && !o_tty_closing))
eeb89d91 1911 return 0;
37bdfb07 1912
1da177e4 1913#ifdef TTY_DEBUG_HANGUP
96433d10 1914 printk(KERN_DEBUG "%s: %s: final close\n", __func__, tty_name(tty, buf));
1da177e4
LT		 1915#endif
1916 /*
01e1abb2 1917 * Ask the line discipline code to release its structures
1da177e4 1918 */
01e1abb2 1919 tty_ldisc_release(tty, o_tty);
a2965b7b
PH		 1920
1921 /* Wait for pending work before tty destruction commmences */
1922 tty_flush_works(tty);
1923 if (o_tty)
1924 tty_flush_works(o_tty);
1925
96433d10
PH		 1926#ifdef TTY_DEBUG_HANGUP
1927 printk(KERN_DEBUG "%s: %s: freeing structure...\n", __func__, tty_name(tty, buf));
1928#endif
1da177e4 1929 /*
d5698c28 1930 * The release_tty function takes care of the details of clearing
89c8d91e
AC		 1931 * the slots and preserving the termios structure. The tty_unlock_pair
1932 * should be safe as we keep a kref while the tty is locked (so the
1933 * unlock never unlocks a freed tty).
1da177e4 1934 */
d155255a 1935 mutex_lock(&tty_mutex);
d5698c28 1936 release_tty(tty, idx);
d155255a 1937 mutex_unlock(&tty_mutex);
1da177e4 1938
eeb89d91 1939 return 0;
1da177e4
LT		 1940}
1941
b82154ac 1942/**
52494eeb 1943 * tty_open_current_tty - get locked tty of current task
b82154ac
JS		 1944 * @device: device number
1945 * @filp: file pointer to tty
52494eeb
PH		 1946 * @return: locked tty of the current task iff @device is /dev/tty
1947 *
1948 * Performs a re-open of the current task's controlling tty.
b82154ac
JS		 1949 *
1950 * We cannot return driver and index like for the other nodes because
1951 * devpts will not work then. It expects inodes to be from devpts FS.
1952 */
1953static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1954{
1955 struct tty_struct *tty;
52494eeb 1956 int retval;
b82154ac
JS		 1957
1958 if (device != MKDEV(TTYAUX_MAJOR, 0))
1959 return NULL;
1960
1961 tty = get_current_tty();
1962 if (!tty)
1963 return ERR_PTR(-ENXIO);
1964
1965 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1966 /* noctty = 1; */
52494eeb
PH		 1967 tty_lock(tty);
1968 tty_kref_put(tty); /* safe to drop the kref now */
1969
1970 retval = tty_reopen(tty);
1971 if (retval < 0) {
1972 tty_unlock(tty);
1973 tty = ERR_PTR(retval);
1974 }
b82154ac
JS		 1975 return tty;
1976}
1977
5b5e7040
JS		 1978/**
1979 * tty_lookup_driver - lookup a tty driver for a given device file
1980 * @device: device number
1981 * @filp: file pointer to tty
1982 * @noctty: set if the device should not become a controlling tty
1983 * @index: index for the device in the @return driver
1984 * @return: driver for this inode (with increased refcount)
1985 *
1986 * If @return is not erroneous, the caller is responsible to decrement the
1987 * refcount by tty_driver_kref_put.
1988 *
1989 * Locking: tty_mutex protects get_tty_driver
1990 */
1991static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1992 int *noctty, int *index)
1993{
1994 struct tty_driver *driver;
1995
2cd0050c 1996 switch (device) {
5b5e7040 1997#ifdef CONFIG_VT
2cd0050c 1998 case MKDEV(TTY_MAJOR, 0): {
5b5e7040
JS		 1999 extern struct tty_driver *console_driver;
2000 driver = tty_driver_kref_get(console_driver);
2001 *index = fg_console;
2002 *noctty = 1;
2cd0050c 2003 break;
5b5e7040
JS		 2004 }
2005#endif
2cd0050c 2006 case MKDEV(TTYAUX_MAJOR, 1): {
5b5e7040
JS		 2007 struct tty_driver *console_driver = console_device(index);
2008 if (console_driver) {
2009 driver = tty_driver_kref_get(console_driver);
2010 if (driver) {
2011 /* Don't let /dev/console block */
2012 filp->f_flags |= O_NONBLOCK;
2013 *noctty = 1;
2cd0050c 2014 break;
5b5e7040
JS		 2015 }
2016 }
2017 return ERR_PTR(-ENODEV);
2018 }
2cd0050c
JS		 2019 default:
2020 driver = get_tty_driver(device, index);
2021 if (!driver)
2022 return ERR_PTR(-ENODEV);
2023 break;
2024 }
5b5e7040
JS		 2025 return driver;
2026}
2027
af9b897e 2028/**
eeb89d91 2029 * tty_open - open a tty device
af9b897e
AC		 2030 * @inode: inode of device file
2031 * @filp: file pointer to tty
1da177e4 2032 *
af9b897e
AC		 2033 * tty_open and tty_release keep up the tty count that contains the
2034 * number of opens done on a tty. We cannot use the inode-count, as
2035 * different inodes might point to the same tty.
1da177e4 2036 *
af9b897e
AC		 2037 * Open-counting is needed for pty masters, as well as for keeping
2038 * track of serial lines: DTR is dropped when the last close happens.
2039 * (This is not done solely through tty->count, now. - Ted 1/27/92)
2040 *
2041 * The termios state of a pty is reset on first open so that
2042 * settings don't persist across reuse.
2043 *
5b5e7040 2044 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
24ec839c
PZ		 2045 * tty->count should protect the rest.
2046 * ->siglock protects ->signal/->sighand
89c8d91e
AC		 2047 *
2048 * Note: the tty_unlock/lock cases without a ref are only safe due to
2049 * tty_mutex
1da177e4 2050 */
af9b897e 2051
eeb89d91 2052static int tty_open(struct inode *inode, struct file *filp)
1da177e4 2053{
b82154ac 2054 struct tty_struct *tty;
1da177e4 2055 int noctty, retval;
b82154ac 2056 struct tty_driver *driver = NULL;
1da177e4
LT		 2057 int index;
2058 dev_t device = inode->i_rdev;
846c151a 2059 unsigned saved_flags = filp->f_flags;
1da177e4
LT		 2060
2061 nonseekable_open(inode, filp);
37bdfb07 2062
1da177e4 2063retry_open:
fa90e1c9
JS		 2064 retval = tty_alloc_file(filp);
2065 if (retval)
2066 return -ENOMEM;
2067
1da177e4
LT		 2068 noctty = filp->f_flags & O_NOCTTY;
2069 index = -1;
2070 retval = 0;
37bdfb07 2071
b82154ac 2072 tty = tty_open_current_tty(device, filp);
52494eeb
PH		 2073 if (!tty) {
2074 mutex_lock(&tty_mutex);
5b5e7040
JS		 2075 driver = tty_lookup_driver(device, filp, &noctty, &index);
2076 if (IS_ERR(driver)) {
ba5db448
JS		 2077 retval = PTR_ERR(driver);
2078 goto err_unlock;
1da177e4 2079 }
1da177e4 2080
4a2b5fdd 2081 /* check whether we're reopening an existing tty */
15f1a633 2082 tty = tty_driver_lookup_tty(driver, inode, index);
808ffa3d 2083 if (IS_ERR(tty)) {
ba5db448
JS		 2084 retval = PTR_ERR(tty);
2085 goto err_unlock;
808ffa3d 2086 }
4a2b5fdd 2087
52494eeb 2088 if (tty) {
aa3cb814 2089 mutex_unlock(&tty_mutex);
52494eeb 2090 tty_lock(tty);
aa3cb814
PH		 2091 /* safe to drop the kref from tty_driver_lookup_tty() */
2092 tty_kref_put(tty);
52494eeb
PH		 2093 retval = tty_reopen(tty);
2094 if (retval < 0) {
2095 tty_unlock(tty);
2096 tty = ERR_PTR(retval);
2097 }
aa3cb814 2098 } else { /* Returns with the tty_lock held for now */
52494eeb 2099 tty = tty_init_dev(driver, index);
aa3cb814
PH		 2100 mutex_unlock(&tty_mutex);
2101 }
4a2b5fdd 2102
b82154ac 2103 tty_driver_kref_put(driver);
52494eeb
PH		 2104 }
2105
eeb89d91 2106 if (IS_ERR(tty)) {
ba5db448
JS		 2107 retval = PTR_ERR(tty);
2108 goto err_file;
eeb89d91 2109 }
1da177e4 2110
fa90e1c9 2111 tty_add_file(tty, filp);
d996b62a 2112
9de44bd6 2113 check_tty_count(tty, __func__);
1da177e4
LT		 2114 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2115 tty->driver->subtype == PTY_TYPE_MASTER)
2116 noctty = 1;
2117#ifdef TTY_DEBUG_HANGUP
9de44bd6 2118 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
1da177e4 2119#endif
909bc774
HRK		 2120 if (tty->ops->open)
2121 retval = tty->ops->open(tty, filp);
2122 else
2123 retval = -ENODEV;
1da177e4
LT		 2124 filp->f_flags = saved_flags;
2125
37bdfb07
AC		 2126 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
2127 !capable(CAP_SYS_ADMIN))
1da177e4
LT		 2128 retval = -EBUSY;
2129
2130 if (retval) {
2131#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 2132 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
2133 retval, tty->name);
1da177e4 2134#endif
89c8d91e 2135 tty_unlock(tty); /* need to call tty_release without BTM */
eeb89d91 2136 tty_release(inode, filp);
64ba3dc3 2137 if (retval != -ERESTARTSYS)
1da177e4 2138 return retval;
64ba3dc3
AB		 2139
2140 if (signal_pending(current))
1da177e4 2141 return retval;
64ba3dc3 2142
1da177e4
LT		 2143 schedule();
2144 /*
2145 * Need to reset f_op in case a hangup happened.
2146 */
2147 if (filp->f_op == &hung_up_tty_fops)
2148 filp->f_op = &tty_fops;
2149 goto retry_open;
2150 }
d4855e1f 2151 clear_bit(TTY_HUPPED, &tty->flags);
eeb89d91 2152
24ec839c 2153
2c411c11 2154 read_lock(&tasklist_lock);
24ec839c 2155 spin_lock_irq(&current->sighand->siglock);
1da177e4
LT		 2156 if (!noctty &&
2157 current->signal->leader &&
2158 !current->signal->tty &&
ab521dc0 2159 tty->session == NULL)
bce65f18 2160 __proc_set_tty(tty);
24ec839c 2161 spin_unlock_irq(&current->sighand->siglock);
2c411c11 2162 read_unlock(&tasklist_lock);
89c8d91e 2163 tty_unlock(tty);
1da177e4 2164 return 0;
ba5db448 2165err_unlock:
ba5db448
JS		 2166 mutex_unlock(&tty_mutex);
2167 /* after locks to avoid deadlock */
2168 if (!IS_ERR_OR_NULL(driver))
2169 tty_driver_kref_put(driver);
2170err_file:
2171 tty_free_file(filp);
2172 return retval;
1da177e4
LT		 2173}
2174
39d95b9d
JC		 2175
2176
af9b897e
AC		 2177/**
2178 * tty_poll - check tty status
2179 * @filp: file being polled
2180 * @wait: poll wait structures to update
2181 *
2182 * Call the line discipline polling method to obtain the poll
2183 * status of the device.
2184 *
2185 * Locking: locks called line discipline but ldisc poll method
2186 * may be re-entered freely by other callers.
2187 */
2188
37bdfb07 2189static unsigned int tty_poll(struct file *filp, poll_table *wait)
1da177e4 2190{
d996b62a 2191 struct tty_struct *tty = file_tty(filp);
1da177e4
LT		 2192 struct tty_ldisc *ld;
2193 int ret = 0;
2194
6131ffaa 2195 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll"))
1da177e4 2196 return 0;
37bdfb07 2197
1da177e4 2198 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2199 if (ld->ops->poll)
2200 ret = (ld->ops->poll)(tty, filp, wait);
1da177e4
LT		 2201 tty_ldisc_deref(ld);
2202 return ret;
2203}
2204
ec79d605 2205static int __tty_fasync(int fd, struct file *filp, int on)
1da177e4 2206{
d996b62a 2207 struct tty_struct *tty = file_tty(filp);
f6c8dbe6 2208 struct tty_ldisc *ldisc;
47f86834 2209 unsigned long flags;
5d1e3230 2210 int retval = 0;
1da177e4 2211
6131ffaa 2212 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync"))
5d1e3230 2213 goto out;
37bdfb07 2214
1da177e4
LT		 2215 retval = fasync_helper(fd, filp, on, &tty->fasync);
2216 if (retval <= 0)
5d1e3230 2217 goto out;
1da177e4 2218
f6c8dbe6
PH		 2219 ldisc = tty_ldisc_ref(tty);
2220 if (ldisc) {
2221 if (ldisc->ops->fasync)
2222 ldisc->ops->fasync(tty, on);
2223 tty_ldisc_deref(ldisc);
2224 }
2225
1da177e4 2226 if (on) {
ab521dc0
EB		 2227 enum pid_type type;
2228 struct pid *pid;
f6c8dbe6 2229
47f86834 2230 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2231 if (tty->pgrp) {
2232 pid = tty->pgrp;
2233 type = PIDTYPE_PGID;
2234 } else {
2235 pid = task_pid(current);
2236 type = PIDTYPE_PID;
2237 }
80e1e823 2238 get_pid(pid);
70362511 2239 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
e0b93edd 2240 __f_setown(filp, pid, type, 0);
80e1e823 2241 put_pid(pid);
e0b93edd 2242 retval = 0;
1da177e4 2243 }
5d1e3230 2244out:
ec79d605
AB		 2245 return retval;
2246}
2247
2248static int tty_fasync(int fd, struct file *filp, int on)
2249{
89c8d91e 2250 struct tty_struct *tty = file_tty(filp);
ec79d605 2251 int retval;
89c8d91e
AC		 2252
2253 tty_lock(tty);
ec79d605 2254 retval = __tty_fasync(fd, filp, on);
89c8d91e
AC		 2255 tty_unlock(tty);
2256
5d1e3230 2257 return retval;
1da177e4
LT		 2258}
2259
af9b897e
AC		 2260/**
2261 * tiocsti - fake input character
2262 * @tty: tty to fake input into
2263 * @p: pointer to character
2264 *
3a4fa0a2 2265 * Fake input to a tty device. Does the necessary locking and
af9b897e
AC		 2266 * input management.
2267 *
2268 * FIXME: does not honour flow control ??
2269 *
2270 * Locking:
137084bb 2271 * Called functions take tty_ldiscs_lock
af9b897e 2272 * current->signal->tty check is safe without locks
28298232
AC		 2273 *
2274 * FIXME: may race normal receive processing
af9b897e
AC		 2275 */
2276
1da177e4
LT		 2277static int tiocsti(struct tty_struct *tty, char __user *p)
2278{
2279 char ch, mbz = 0;
2280 struct tty_ldisc *ld;
37bdfb07 2281
1da177e4
LT		 2282 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2283 return -EPERM;
2284 if (get_user(ch, p))
2285 return -EFAULT;
1e641743 2286 tty_audit_tiocsti(tty, ch);
1da177e4 2287 ld = tty_ldisc_ref_wait(tty);
a352def2 2288 ld->ops->receive_buf(tty, &ch, &mbz, 1);
1da177e4
LT		 2289 tty_ldisc_deref(ld);
2290 return 0;
2291}
2292
af9b897e
AC		 2293/**
2294 * tiocgwinsz - implement window query ioctl
2295 * @tty; tty
2296 * @arg: user buffer for result
2297 *
808a0d38 2298 * Copies the kernel idea of the window size into the user buffer.
af9b897e 2299 *
dee4a0be 2300 * Locking: tty->winsize_mutex is taken to ensure the winsize data
808a0d38 2301 * is consistent.
af9b897e
AC		 2302 */
2303
37bdfb07 2304static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
1da177e4 2305{
808a0d38
AC		 2306 int err;
2307
dee4a0be 2308 mutex_lock(&tty->winsize_mutex);
808a0d38 2309 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
dee4a0be 2310 mutex_unlock(&tty->winsize_mutex);
808a0d38
AC		 2311
2312 return err ? -EFAULT: 0;
1da177e4
LT		 2313}
2314
af9b897e 2315/**
8c9a9dd0
AC		 2316 * tty_do_resize - resize event
2317 * @tty: tty being resized
8c9a9dd0
AC		 2318 * @rows: rows (character)
2319 * @cols: cols (character)
2320 *
3ad2f3fb 2321 * Update the termios variables and send the necessary signals to
8c9a9dd0 2322 * peform a terminal resize correctly
af9b897e
AC		 2323 */
2324
fc6f6238 2325int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
1da177e4 2326{
fc6f6238 2327 struct pid *pgrp;
1da177e4 2328
fc6f6238 2329 /* Lock the tty */
dee4a0be 2330 mutex_lock(&tty->winsize_mutex);
fc6f6238 2331 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
ca9bda00 2332 goto done;
47f86834 2333
5b239542
PH		 2334 /* Signal the foreground process group */
2335 pgrp = tty_get_pgrp(tty);
47f86834
AC		 2336 if (pgrp)
2337 kill_pgrp(pgrp, SIGWINCH, 1);
47f86834 2338 put_pid(pgrp);
47f86834 2339
8c9a9dd0 2340 tty->winsize = *ws;
ca9bda00 2341done:
dee4a0be 2342 mutex_unlock(&tty->winsize_mutex);
1da177e4
LT		 2343 return 0;
2344}
4d334fd1 2345EXPORT_SYMBOL(tty_do_resize);
1da177e4 2346
8c9a9dd0
AC		 2347/**
2348 * tiocswinsz - implement window size set ioctl
fc6f6238 2349 * @tty; tty side of tty
8c9a9dd0
AC		 2350 * @arg: user buffer for result
2351 *
2352 * Copies the user idea of the window size to the kernel. Traditionally
2353 * this is just advisory information but for the Linux console it
2354 * actually has driver level meaning and triggers a VC resize.
2355 *
2356 * Locking:
25985edc 2357 * Driver dependent. The default do_resize method takes the
8c9a9dd0
AC		 2358 * tty termios mutex and ctrl_lock. The console takes its own lock
2359 * then calls into the default method.
2360 */
2361
fc6f6238 2362static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
8c9a9dd0
AC		 2363{
2364 struct winsize tmp_ws;
2365 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2366 return -EFAULT;
2367
2368 if (tty->ops->resize)
fc6f6238 2369 return tty->ops->resize(tty, &tmp_ws);
8c9a9dd0 2370 else
fc6f6238 2371 return tty_do_resize(tty, &tmp_ws);
8c9a9dd0
AC		 2372}
2373
af9b897e
AC		 2374/**
2375 * tioccons - allow admin to move logical console
2376 * @file: the file to become console
2377 *
25985edc 2378 * Allow the administrator to move the redirected console device
af9b897e
AC		 2379 *
2380 * Locking: uses redirect_lock to guard the redirect information
2381 */
2382
1da177e4
LT		 2383static int tioccons(struct file *file)
2384{
2385 if (!capable(CAP_SYS_ADMIN))
2386 return -EPERM;
2387 if (file->f_op->write == redirected_tty_write) {
2388 struct file *f;
2389 spin_lock(&redirect_lock);
2390 f = redirect;
2391 redirect = NULL;
2392 spin_unlock(&redirect_lock);
2393 if (f)
2394 fput(f);
2395 return 0;
2396 }
2397 spin_lock(&redirect_lock);
2398 if (redirect) {
2399 spin_unlock(&redirect_lock);
2400 return -EBUSY;
2401 }
cb0942b8 2402 redirect = get_file(file);
1da177e4
LT		 2403 spin_unlock(&redirect_lock);
2404 return 0;
2405}
2406
af9b897e
AC		 2407/**
2408 * fionbio - non blocking ioctl
2409 * @file: file to set blocking value
2410 * @p: user parameter
2411 *
2412 * Historical tty interfaces had a blocking control ioctl before
2413 * the generic functionality existed. This piece of history is preserved
2414 * in the expected tty API of posix OS's.
2415 *
6146b9af 2416 * Locking: none, the open file handle ensures it won't go away.
af9b897e 2417 */
1da177e4
LT		 2418
2419static int fionbio(struct file *file, int __user *p)
2420{
2421 int nonblock;
2422
2423 if (get_user(nonblock, p))
2424 return -EFAULT;
2425
db1dd4d3 2426 spin_lock(&file->f_lock);
1da177e4
LT		 2427 if (nonblock)
2428 file->f_flags |= O_NONBLOCK;
2429 else
2430 file->f_flags &= ~O_NONBLOCK;
db1dd4d3 2431 spin_unlock(&file->f_lock);
1da177e4
LT		 2432 return 0;
2433}
2434
af9b897e
AC		 2435/**
2436 * tiocsctty - set controlling tty
2437 * @tty: tty structure
2438 * @arg: user argument
2439 *
2440 * This ioctl is used to manage job control. It permits a session
2441 * leader to set this tty as the controlling tty for the session.
2442 *
2443 * Locking:
e218eb32 2444 * Takes tty_lock() to serialize proc_set_tty() for this tty
24ec839c
PZ		 2445 * Takes tasklist_lock internally to walk sessions
2446 * Takes ->siglock() when updating signal->tty
af9b897e
AC		 2447 */
2448
1da177e4
LT		 2449static int tiocsctty(struct tty_struct *tty, int arg)
2450{
24ec839c 2451 int ret = 0;
24ec839c 2452
e218eb32 2453 tty_lock(tty);
2c411c11
PH		 2454 read_lock(&tasklist_lock);
2455
2456 if (current->signal->leader && (task_session(current) == tty->session))
2457 goto unlock;
2458
1da177e4
LT		 2459 /*
2460 * The process must be a session leader and
2461 * not have a controlling tty already.
2462 */
24ec839c
PZ		 2463 if (!current->signal->leader || current->signal->tty) {
2464 ret = -EPERM;
2465 goto unlock;
2466 }
2467
ab521dc0 2468 if (tty->session) {
1da177e4
LT		 2469 /*
2470 * This tty is already the controlling
2471 * tty for another session group!
2472 */
37bdfb07 2473 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
1da177e4
LT		 2474 /*
2475 * Steal it away
2476 */
24ec839c 2477 session_clear_tty(tty->session);
24ec839c
PZ		 2478 } else {
2479 ret = -EPERM;
2480 goto unlock;
2481 }
1da177e4 2482 }
bce65f18 2483 proc_set_tty(tty);
24ec839c 2484unlock:
2c411c11 2485 read_unlock(&tasklist_lock);
e218eb32 2486 tty_unlock(tty);
24ec839c 2487 return ret;
1da177e4
LT		 2488}
2489
5d0fdf1e
AC		 2490/**
2491 * tty_get_pgrp - return a ref counted pgrp pid
2492 * @tty: tty to read
2493 *
2494 * Returns a refcounted instance of the pid struct for the process
2495 * group controlling the tty.
2496 */
2497
2498struct pid *tty_get_pgrp(struct tty_struct *tty)
2499{
2500 unsigned long flags;
2501 struct pid *pgrp;
2502
2503 spin_lock_irqsave(&tty->ctrl_lock, flags);
2504 pgrp = get_pid(tty->pgrp);
2505 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2506
2507 return pgrp;
2508}
2509EXPORT_SYMBOL_GPL(tty_get_pgrp);
2510
e1c2296c
PH		 2511/*
2512 * This checks not only the pgrp, but falls back on the pid if no
2513 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly
2514 * without this...
2515 *
2516 * The caller must hold rcu lock or the tasklist lock.
2517 */
2518static struct pid *session_of_pgrp(struct pid *pgrp)
2519{
2520 struct task_struct *p;
2521 struct pid *sid = NULL;
2522
2523 p = pid_task(pgrp, PIDTYPE_PGID);
2524 if (p == NULL)
2525 p = pid_task(pgrp, PIDTYPE_PID);
2526 if (p != NULL)
2527 sid = task_session(p);
2528
2529 return sid;
2530}
2531
af9b897e
AC		 2532/**
2533 * tiocgpgrp - get process group
2534 * @tty: tty passed by user
25985edc 2535 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2536 * @p: returned pid
2537 *
2538 * Obtain the process group of the tty. If there is no process group
2539 * return an error.
2540 *
24ec839c 2541 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2542 */
2543
1da177e4
LT		 2544static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2545{
5d0fdf1e
AC		 2546 struct pid *pid;
2547 int ret;
1da177e4
LT		 2548 /*
2549 * (tty == real_tty) is a cheap way of
2550 * testing if the tty is NOT a master pty.
2551 */
2552 if (tty == real_tty && current->signal->tty != real_tty)
2553 return -ENOTTY;
5d0fdf1e
AC		 2554 pid = tty_get_pgrp(real_tty);
2555 ret = put_user(pid_vnr(pid), p);
2556 put_pid(pid);
2557 return ret;
1da177e4
LT		 2558}
2559
af9b897e
AC		 2560/**
2561 * tiocspgrp - attempt to set process group
2562 * @tty: tty passed by user
2563 * @real_tty: tty side device matching tty passed by user
2564 * @p: pid pointer
2565 *
2566 * Set the process group of the tty to the session passed. Only
2567 * permitted where the tty session is our session.
2568 *
47f86834 2569 * Locking: RCU, ctrl lock
af9b897e
AC		 2570 */
2571
1da177e4
LT		 2572static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2573{
04a2e6a5
EB		 2574 struct pid *pgrp;
2575 pid_t pgrp_nr;
1da177e4 2576 int retval = tty_check_change(real_tty);
47f86834 2577 unsigned long flags;
1da177e4
LT		 2578
2579 if (retval == -EIO)
2580 return -ENOTTY;
2581 if (retval)
2582 return retval;
2583 if (!current->signal->tty ||
2584 (current->signal->tty != real_tty) ||
ab521dc0 2585 (real_tty->session != task_session(current)))
1da177e4 2586 return -ENOTTY;
04a2e6a5 2587 if (get_user(pgrp_nr, p))
1da177e4 2588 return -EFAULT;
04a2e6a5 2589 if (pgrp_nr < 0)
1da177e4 2590 return -EINVAL;
04a2e6a5 2591 rcu_read_lock();
b488893a 2592 pgrp = find_vpid(pgrp_nr);
04a2e6a5
EB		 2593 retval = -ESRCH;
2594 if (!pgrp)
2595 goto out_unlock;
2596 retval = -EPERM;
2597 if (session_of_pgrp(pgrp) != task_session(current))
2598 goto out_unlock;
2599 retval = 0;
47f86834 2600 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2601 put_pid(real_tty->pgrp);
2602 real_tty->pgrp = get_pid(pgrp);
47f86834 2603 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
04a2e6a5
EB		 2604out_unlock:
2605 rcu_read_unlock();
2606 return retval;
1da177e4
LT		 2607}
2608
af9b897e
AC		 2609/**
2610 * tiocgsid - get session id
2611 * @tty: tty passed by user
25985edc 2612 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2613 * @p: pointer to returned session id
2614 *
2615 * Obtain the session id of the tty. If there is no session
2616 * return an error.
2617 *
24ec839c 2618 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2619 */
2620
1da177e4
LT		 2621static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2622{
2623 /*
2624 * (tty == real_tty) is a cheap way of
2625 * testing if the tty is NOT a master pty.
2626 */
2627 if (tty == real_tty && current->signal->tty != real_tty)
2628 return -ENOTTY;
ab521dc0 2629 if (!real_tty->session)
1da177e4 2630 return -ENOTTY;
b488893a 2631 return put_user(pid_vnr(real_tty->session), p);
1da177e4
LT		 2632}
2633
af9b897e
AC		 2634/**
2635 * tiocsetd - set line discipline
2636 * @tty: tty device
2637 * @p: pointer to user data
2638 *
2639 * Set the line discipline according to user request.
2640 *
2641 * Locking: see tty_set_ldisc, this function is just a helper
2642 */
2643
1da177e4
LT		 2644static int tiocsetd(struct tty_struct *tty, int __user *p)
2645{
2646 int ldisc;
04f378b1 2647 int ret;
1da177e4
LT		 2648
2649 if (get_user(ldisc, p))
2650 return -EFAULT;
04f378b1 2651
04f378b1 2652 ret = tty_set_ldisc(tty, ldisc);
04f378b1
AC		 2653
2654 return ret;
1da177e4
LT		 2655}
2656
af9b897e
AC		 2657/**
2658 * send_break - performed time break
2659 * @tty: device to break on
2660 * @duration: timeout in mS
2661 *
2662 * Perform a timed break on hardware that lacks its own driver level
2663 * timed break functionality.
2664 *
2665 * Locking:
28298232 2666 * atomic_write_lock serializes
af9b897e 2667 *
af9b897e
AC		 2668 */
2669
b20f3ae5 2670static int send_break(struct tty_struct *tty, unsigned int duration)
1da177e4 2671{
9e98966c
AC		 2672 int retval;
2673
2674 if (tty->ops->break_ctl == NULL)
2675 return 0;
2676
2677 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2678 retval = tty->ops->break_ctl(tty, duration);
2679 else {
2680 /* Do the work ourselves */
2681 if (tty_write_lock(tty, 0) < 0)
2682 return -EINTR;
2683 retval = tty->ops->break_ctl(tty, -1);
2684 if (retval)
2685 goto out;
2686 if (!signal_pending(current))
2687 msleep_interruptible(duration);
2688 retval = tty->ops->break_ctl(tty, 0);
2689out:
2690 tty_write_unlock(tty);
2691 if (signal_pending(current))
2692 retval = -EINTR;
2693 }
2694 return retval;
1da177e4
LT		 2695}
2696
af9b897e 2697/**
f34d7a5b 2698 * tty_tiocmget - get modem status
af9b897e
AC		 2699 * @tty: tty device
2700 * @file: user file pointer
2701 * @p: pointer to result
2702 *
2703 * Obtain the modem status bits from the tty driver if the feature
2704 * is supported. Return -EINVAL if it is not available.
2705 *
2706 * Locking: none (up to the driver)
2707 */
2708
60b33c13 2709static int tty_tiocmget(struct tty_struct *tty, int __user *p)
1da177e4
LT		 2710{
2711 int retval = -EINVAL;
2712
f34d7a5b 2713 if (tty->ops->tiocmget) {
60b33c13 2714 retval = tty->ops->tiocmget(tty);
1da177e4
LT		 2715
2716 if (retval >= 0)
2717 retval = put_user(retval, p);
2718 }
2719 return retval;
2720}
2721
af9b897e 2722/**
f34d7a5b 2723 * tty_tiocmset - set modem status
af9b897e 2724 * @tty: tty device
af9b897e
AC		 2725 * @cmd: command - clear bits, set bits or set all
2726 * @p: pointer to desired bits
2727 *
2728 * Set the modem status bits from the tty driver if the feature
2729 * is supported. Return -EINVAL if it is not available.
2730 *
2731 * Locking: none (up to the driver)
2732 */
2733
20b9d177 2734static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
1da177e4
LT		 2735 unsigned __user *p)
2736{
ae677517
AC		 2737 int retval;
2738 unsigned int set, clear, val;
1da177e4 2739
ae677517
AC		 2740 if (tty->ops->tiocmset == NULL)
2741 return -EINVAL;
1da177e4 2742
ae677517
AC		 2743 retval = get_user(val, p);
2744 if (retval)
2745 return retval;
2746 set = clear = 0;
2747 switch (cmd) {
2748 case TIOCMBIS:
2749 set = val;
2750 break;
2751 case TIOCMBIC:
2752 clear = val;
2753 break;
2754 case TIOCMSET:
2755 set = val;
2756 clear = ~val;
2757 break;
2758 }
2759 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2760 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
20b9d177 2761 return tty->ops->tiocmset(tty, set, clear);
1da177e4
LT		 2762}
2763
d281da7f
AC		 2764static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2765{
2766 int retval = -EINVAL;
2767 struct serial_icounter_struct icount;
2768 memset(&icount, 0, sizeof(icount));
2769 if (tty->ops->get_icount)
2770 retval = tty->ops->get_icount(tty, &icount);
2771 if (retval != 0)
2772 return retval;
2773 if (copy_to_user(arg, &icount, sizeof(icount)))
2774 return -EFAULT;
2775 return 0;
2776}
2777
8f166e00
PH		 2778/*
2779 * if pty, return the slave side (real_tty)
2780 * otherwise, return self
2781 */
2782static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
e8b70e7d
AC		 2783{
2784 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2785 tty->driver->subtype == PTY_TYPE_MASTER)
2786 tty = tty->link;
2787 return tty;
2788}
e8b70e7d 2789
1da177e4
LT		 2790/*
2791 * Split this up, as gcc can choke on it otherwise..
2792 */
04f378b1 2793long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1da177e4 2794{
d996b62a
NP		 2795 struct tty_struct *tty = file_tty(file);
2796 struct tty_struct *real_tty;
1da177e4
LT		 2797 void __user *p = (void __user *)arg;
2798 int retval;
2799 struct tty_ldisc *ld;
37bdfb07 2800
6131ffaa 2801 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
1da177e4
LT		 2802 return -EINVAL;
2803
e8b70e7d 2804 real_tty = tty_pair_get_tty(tty);
1da177e4
LT		 2805
2806 /*
2807 * Factor out some common prep work
2808 */
2809 switch (cmd) {
2810 case TIOCSETD:
2811 case TIOCSBRK:
2812 case TIOCCBRK:
2813 case TCSBRK:
37bdfb07 2814 case TCSBRKP:
1da177e4
LT		 2815 retval = tty_check_change(tty);
2816 if (retval)
2817 return retval;
2818 if (cmd != TIOCCBRK) {
2819 tty_wait_until_sent(tty, 0);
2820 if (signal_pending(current))
2821 return -EINTR;
2822 }
2823 break;
2824 }
2825
9e98966c
AC		 2826 /*
2827 * Now do the stuff.
2828 */
1da177e4 2829 switch (cmd) {
37bdfb07
AC		 2830 case TIOCSTI:
2831 return tiocsti(tty, p);
2832 case TIOCGWINSZ:
8f520021 2833 return tiocgwinsz(real_tty, p);
37bdfb07 2834 case TIOCSWINSZ:
fc6f6238 2835 return tiocswinsz(real_tty, p);
37bdfb07
AC		 2836 case TIOCCONS:
2837 return real_tty != tty ? -EINVAL : tioccons(file);
2838 case FIONBIO:
2839 return fionbio(file, p);
2840 case TIOCEXCL:
2841 set_bit(TTY_EXCLUSIVE, &tty->flags);
2842 return 0;
2843 case TIOCNXCL:
2844 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2845 return 0;
84fd7bdf
CG		 2846 case TIOCGEXCL:
2847 {
2848 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags);
2849 return put_user(excl, (int __user *)p);
2850 }
37bdfb07
AC		 2851 case TIOCNOTTY:
2852 if (current->signal->tty != tty)
2853 return -ENOTTY;
2854 no_tty();
2855 return 0;
2856 case TIOCSCTTY:
2857 return tiocsctty(tty, arg);
2858 case TIOCGPGRP:
2859 return tiocgpgrp(tty, real_tty, p);
2860 case TIOCSPGRP:
2861 return tiocspgrp(tty, real_tty, p);
2862 case TIOCGSID:
2863 return tiocgsid(tty, real_tty, p);
2864 case TIOCGETD:
c65c9bc3 2865 return put_user(tty->ldisc->ops->num, (int __user *)p);
37bdfb07
AC		 2866 case TIOCSETD:
2867 return tiocsetd(tty, p);
3c95c985
KS		 2868 case TIOCVHANGUP:
2869 if (!capable(CAP_SYS_ADMIN))
2870 return -EPERM;
2871 tty_vhangup(tty);
2872 return 0;
b7b8de08
WF		 2873 case TIOCGDEV:
2874 {
2875 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2876 return put_user(ret, (unsigned int __user *)p);
2877 }
37bdfb07
AC		 2878 /*
2879 * Break handling
2880 */
2881 case TIOCSBRK: /* Turn break on, unconditionally */
f34d7a5b 2882 if (tty->ops->break_ctl)
9e98966c 2883 return tty->ops->break_ctl(tty, -1);
37bdfb07 2884 return 0;
37bdfb07 2885 case TIOCCBRK: /* Turn break off, unconditionally */
f34d7a5b 2886 if (tty->ops->break_ctl)
9e98966c 2887 return tty->ops->break_ctl(tty, 0);
37bdfb07
AC		 2888 return 0;
2889 case TCSBRK: /* SVID version: non-zero arg --> no break */
2890 /* non-zero arg means wait for all output data
2891 * to be sent (performed above) but don't send break.
2892 * This is used by the tcdrain() termios function.
2893 */
2894 if (!arg)
2895 return send_break(tty, 250);
2896 return 0;
2897 case TCSBRKP: /* support for POSIX tcsendbreak() */
2898 return send_break(tty, arg ? arg*100 : 250);
2899
2900 case TIOCMGET:
60b33c13 2901 return tty_tiocmget(tty, p);
37bdfb07
AC		 2902 case TIOCMSET:
2903 case TIOCMBIC:
2904 case TIOCMBIS:
20b9d177 2905 return tty_tiocmset(tty, cmd, p);
d281da7f
AC		 2906 case TIOCGICOUNT:
2907 retval = tty_tiocgicount(tty, p);
2908 /* For the moment allow fall through to the old method */
2909 if (retval != -EINVAL)
2910 return retval;
2911 break;
37bdfb07
AC		 2912 case TCFLSH:
2913 switch (arg) {
2914 case TCIFLUSH:
2915 case TCIOFLUSH:
2916 /* flush tty buffer and allow ldisc to process ioctl */
2917 tty_buffer_flush(tty);
c5c34d48 2918 break;
37bdfb07
AC		 2919 }
2920 break;
1da177e4 2921 }
f34d7a5b 2922 if (tty->ops->ioctl) {
6caa76b7 2923 retval = (tty->ops->ioctl)(tty, cmd, arg);
1da177e4
LT		 2924 if (retval != -ENOIOCTLCMD)
2925 return retval;
2926 }
2927 ld = tty_ldisc_ref_wait(tty);
2928 retval = -EINVAL;
a352def2
AC		 2929 if (ld->ops->ioctl) {
2930 retval = ld->ops->ioctl(tty, file, cmd, arg);
1da177e4 2931 if (retval == -ENOIOCTLCMD)
bbb63c51 2932 retval = -ENOTTY;
1da177e4
LT		 2933 }
2934 tty_ldisc_deref(ld);
2935 return retval;
2936}
2937
e10cc1df 2938#ifdef CONFIG_COMPAT
37bdfb07 2939static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 2940 unsigned long arg)
2941{
d996b62a 2942 struct tty_struct *tty = file_tty(file);
e10cc1df
PF		 2943 struct tty_ldisc *ld;
2944 int retval = -ENOIOCTLCMD;
2945
6131ffaa 2946 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
e10cc1df
PF		 2947 return -EINVAL;
2948
f34d7a5b 2949 if (tty->ops->compat_ioctl) {
6caa76b7 2950 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
e10cc1df
PF		 2951 if (retval != -ENOIOCTLCMD)
2952 return retval;
2953 }
2954
2955 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2956 if (ld->ops->compat_ioctl)
2957 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
8193c429
TM		 2958 else
2959 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
e10cc1df
PF		 2960 tty_ldisc_deref(ld);
2961
2962 return retval;
2963}
2964#endif
1da177e4 2965
c3c073f8
AV		 2966static int this_tty(const void *t, struct file *file, unsigned fd)
2967{
2968 if (likely(file->f_op->read != tty_read))
2969 return 0;
2970 return file_tty(file) != t ? 0 : fd + 1;
2971}
2972
1da177e4
LT		 2973/*
2974 * This implements the "Secure Attention Key" --- the idea is to
2975 * prevent trojan horses by killing all processes associated with this
2976 * tty when the user hits the "Secure Attention Key". Required for
2977 * super-paranoid applications --- see the Orange Book for more details.
37bdfb07 2978 *
1da177e4
LT		 2979 * This code could be nicer; ideally it should send a HUP, wait a few
2980 * seconds, then send a INT, and then a KILL signal. But you then
2981 * have to coordinate with the init process, since all processes associated
2982 * with the current tty must be dead before the new getty is allowed
2983 * to spawn.
2984 *
2985 * Now, if it would be correct ;-/ The current code has a nasty hole -
2986 * it doesn't catch files in flight. We may send the descriptor to ourselves
2987 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2988 *
2989 * Nasty bug: do_SAK is being called in interrupt context. This can
2990 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2991 */
8b6312f4 2992void __do_SAK(struct tty_struct *tty)
1da177e4
LT		 2993{
2994#ifdef TTY_SOFT_SAK
2995 tty_hangup(tty);
2996#else
652486fb 2997 struct task_struct *g, *p;
ab521dc0 2998 struct pid *session;
1da177e4 2999 int i;
37bdfb07 3000
1da177e4
LT		 3001 if (!tty)
3002 return;
24ec839c 3003 session = tty->session;
37bdfb07 3004
b3f13deb 3005 tty_ldisc_flush(tty);
1da177e4 3006
f34d7a5b 3007 tty_driver_flush_buffer(tty);
37bdfb07 3008
1da177e4 3009 read_lock(&tasklist_lock);
652486fb 3010 /* Kill the entire session */
ab521dc0 3011 do_each_pid_task(session, PIDTYPE_SID, p) {
652486fb 3012 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 3013 " (%s): task_session(p)==tty->session\n",
ba25f9dc 3014 task_pid_nr(p), p->comm);
652486fb 3015 send_sig(SIGKILL, p, 1);
ab521dc0 3016 } while_each_pid_task(session, PIDTYPE_SID, p);
652486fb
EB		 3017 /* Now kill any processes that happen to have the
3018 * tty open.
3019 */
3020 do_each_thread(g, p) {
3021 if (p->signal->tty == tty) {
1da177e4 3022 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 3023 " (%s): task_session(p)==tty->session\n",
ba25f9dc 3024 task_pid_nr(p), p->comm);
1da177e4
LT		 3025 send_sig(SIGKILL, p, 1);
3026 continue;
3027 }
3028 task_lock(p);
c3c073f8
AV		 3029 i = iterate_fd(p->files, 0, this_tty, tty);
3030 if (i != 0) {
3031 printk(KERN_NOTICE "SAK: killed process %d"
3032 " (%s): fd#%d opened to the tty\n",
3033 task_pid_nr(p), p->comm, i - 1);
3034 force_sig(SIGKILL, p);
1da177e4
LT		 3035 }
3036 task_unlock(p);
652486fb 3037 } while_each_thread(g, p);
1da177e4
LT		 3038 read_unlock(&tasklist_lock);
3039#endif
3040}
3041
8b6312f4
EB		 3042static void do_SAK_work(struct work_struct *work)
3043{
3044 struct tty_struct *tty =
3045 container_of(work, struct tty_struct, SAK_work);
3046 __do_SAK(tty);
3047}
3048
1da177e4
LT		 3049/*
3050 * The tq handling here is a little racy - tty->SAK_work may already be queued.
3051 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
3052 * the values which we write to it will be identical to the values which it
3053 * already has. --akpm
3054 */
3055void do_SAK(struct tty_struct *tty)
3056{
3057 if (!tty)
3058 return;
1da177e4
LT		 3059 schedule_work(&tty->SAK_work);
3060}
3061
3062EXPORT_SYMBOL(do_SAK);
3063
6e9430ac 3064static int dev_match_devt(struct device *dev, const void *data)
30004ac9 3065{
6e9430ac 3066 const dev_t *devt = data;
30004ac9
DES		 3067 return dev->devt == *devt;
3068}
3069
3070/* Must put_device() after it's unused! */
3071static struct device *tty_get_device(struct tty_struct *tty)
3072{
3073 dev_t devt = tty_devnum(tty);
3074 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
3075}
3076
3077
af9b897e 3078/**
2c964a2f 3079 * alloc_tty_struct
af9b897e 3080 *
2c964a2f 3081 * This subroutine allocates and initializes a tty structure.
af9b897e 3082 *
2c964a2f 3083 * Locking: none - tty in question is not exposed at this point
1da177e4 3084 */
af9b897e 3085
2c964a2f 3086struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
1da177e4 3087{
2c964a2f
RV		 3088 struct tty_struct *tty;
3089
3090 tty = kzalloc(sizeof(*tty), GFP_KERNEL);
3091 if (!tty)
3092 return NULL;
3093
9c9f4ded 3094 kref_init(&tty->kref);
1da177e4 3095 tty->magic = TTY_MAGIC;
01e1abb2 3096 tty_ldisc_init(tty);
ab521dc0
EB		 3097 tty->session = NULL;
3098 tty->pgrp = NULL;
89c8d91e 3099 mutex_init(&tty->legacy_mutex);
d8c1f929 3100 mutex_init(&tty->throttle_mutex);
6a1c0680 3101 init_rwsem(&tty->termios_rwsem);
dee4a0be 3102 mutex_init(&tty->winsize_mutex);
36697529 3103 init_ldsem(&tty->ldisc_sem);
1da177e4
LT		 3104 init_waitqueue_head(&tty->write_wait);
3105 init_waitqueue_head(&tty->read_wait);
65f27f38 3106 INIT_WORK(&tty->hangup_work, do_tty_hangup);
70522e12 3107 mutex_init(&tty->atomic_write_lock);
04f378b1 3108 spin_lock_init(&tty->ctrl_lock);
f9e053dc 3109 spin_lock_init(&tty->flow_lock);
1da177e4 3110 INIT_LIST_HEAD(&tty->tty_files);
7f1f86a0 3111 INIT_WORK(&tty->SAK_work, do_SAK_work);
bf970ee4
AC		 3112
3113 tty->driver = driver;
3114 tty->ops = driver->ops;
3115 tty->index = idx;
3116 tty_line_name(driver, idx, tty->name);
30004ac9 3117 tty->dev = tty_get_device(tty);
2c964a2f
RV		 3118
3119 return tty;
1da177e4
LT		 3120}
3121
6716671d
JS		 3122/**
3123 * deinitialize_tty_struct
3124 * @tty: tty to deinitialize
3125 *
3126 * This subroutine deinitializes a tty structure that has been newly
3127 * allocated but tty_release cannot be called on that yet.
3128 *
3129 * Locking: none - tty in question must not be exposed at this point
3130 */
3131void deinitialize_tty_struct(struct tty_struct *tty)
3132{
3133 tty_ldisc_deinit(tty);
3134}
3135
f34d7a5b
AC		 3136/**
3137 * tty_put_char - write one character to a tty
3138 * @tty: tty
3139 * @ch: character
3140 *
3141 * Write one byte to the tty using the provided put_char method
3142 * if present. Returns the number of characters successfully output.
3143 *
3144 * Note: the specific put_char operation in the driver layer may go
3145 * away soon. Don't call it directly, use this method
1da177e4 3146 */
af9b897e 3147
f34d7a5b 3148int tty_put_char(struct tty_struct *tty, unsigned char ch)
1da177e4 3149{
f34d7a5b
AC		 3150 if (tty->ops->put_char)
3151 return tty->ops->put_char(tty, ch);
3152 return tty->ops->write(tty, &ch, 1);
1da177e4 3153}
f34d7a5b
AC		 3154EXPORT_SYMBOL_GPL(tty_put_char);
3155
d81ed103 3156struct class *tty_class;
1da177e4 3157
7e73eca6
JS		 3158static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
3159 unsigned int index, unsigned int count)
3160{
3161 /* init here, since reused cdevs cause crashes */
3162 cdev_init(&driver->cdevs[index], &tty_fops);
3163 driver->cdevs[index].owner = driver->owner;
3164 return cdev_add(&driver->cdevs[index], dev, count);
3165}
3166
1da177e4 3167/**
af9b897e
AC		 3168 * tty_register_device - register a tty device
3169 * @driver: the tty driver that describes the tty device
3170 * @index: the index in the tty driver for this tty device
3171 * @device: a struct device that is associated with this tty device.
3172 * This field is optional, if there is no known struct device
3173 * for this tty device it can be set to NULL safely.
1da177e4 3174 *
01107d34
GKH		 3175 * Returns a pointer to the struct device for this tty device
3176 * (or ERR_PTR(-EFOO) on error).
1cdcb6b4 3177 *
af9b897e
AC		 3178 * This call is required to be made to register an individual tty device
3179 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3180 * that bit is not set, this function should not be called by a tty
3181 * driver.
3182 *
3183 * Locking: ??
1da177e4 3184 */
af9b897e 3185
01107d34
GKH		 3186struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3187 struct device *device)
1da177e4 3188{
6915c0e4
TH		 3189 return tty_register_device_attr(driver, index, device, NULL, NULL);
3190}
3191EXPORT_SYMBOL(tty_register_device);
3192
b1b79916
TH		 3193static void tty_device_create_release(struct device *dev)
3194{
3195 pr_debug("device: '%s': %s\n", dev_name(dev), __func__);
3196 kfree(dev);
3197}
3198
6915c0e4
TH		 3199/**
3200 * tty_register_device_attr - register a tty device
3201 * @driver: the tty driver that describes the tty device
3202 * @index: the index in the tty driver for this tty device
3203 * @device: a struct device that is associated with this tty device.
3204 * This field is optional, if there is no known struct device
3205 * for this tty device it can be set to NULL safely.
3206 * @drvdata: Driver data to be set to device.
3207 * @attr_grp: Attribute group to be set on device.
3208 *
3209 * Returns a pointer to the struct device for this tty device
3210 * (or ERR_PTR(-EFOO) on error).
3211 *
3212 * This call is required to be made to register an individual tty device
3213 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3214 * that bit is not set, this function should not be called by a tty
3215 * driver.
3216 *
3217 * Locking: ??
3218 */
3219struct device *tty_register_device_attr(struct tty_driver *driver,
3220 unsigned index, struct device *device,
3221 void *drvdata,
3222 const struct attribute_group **attr_grp)
3223{
1da177e4 3224 char name[64];
6915c0e4
TH		 3225 dev_t devt = MKDEV(driver->major, driver->minor_start) + index;
3226 struct device *dev = NULL;
3227 int retval = -ENODEV;
7e73eca6 3228 bool cdev = false;
1da177e4
LT		 3229
3230 if (index >= driver->num) {
3231 printk(KERN_ERR "Attempt to register invalid tty line number "
3232 " (%d).\n", index);
1cdcb6b4 3233 return ERR_PTR(-EINVAL);
1da177e4
LT		 3234 }
3235
1da177e4
LT		 3236 if (driver->type == TTY_DRIVER_TYPE_PTY)
3237 pty_line_name(driver, index, name);
3238 else
3239 tty_line_name(driver, index, name);
1cdcb6b4 3240
7e73eca6 3241 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
6915c0e4
TH		 3242 retval = tty_cdev_add(driver, devt, index, 1);
3243 if (retval)
3244 goto error;
7e73eca6
JS		 3245 cdev = true;
3246 }
3247
6915c0e4
TH		 3248 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3249 if (!dev) {
3250 retval = -ENOMEM;
3251 goto error;
3252 }
7e73eca6 3253
6915c0e4
TH		 3254 dev->devt = devt;
3255 dev->class = tty_class;
3256 dev->parent = device;
b1b79916 3257 dev->release = tty_device_create_release;
6915c0e4
TH		 3258 dev_set_name(dev, "%s", name);
3259 dev->groups = attr_grp;
3260 dev_set_drvdata(dev, drvdata);
3261
3262 retval = device_register(dev);
3263 if (retval)
3264 goto error;
3265
3266 return dev;
3267
3268error:
3269 put_device(dev);
3270 if (cdev)
3271 cdev_del(&driver->cdevs[index]);
3272 return ERR_PTR(retval);
1da177e4 3273}
6915c0e4 3274EXPORT_SYMBOL_GPL(tty_register_device_attr);
1da177e4
LT		 3275
3276/**
af9b897e
AC		 3277 * tty_unregister_device - unregister a tty device
3278 * @driver: the tty driver that describes the tty device
3279 * @index: the index in the tty driver for this tty device
1da177e4 3280 *
af9b897e
AC		 3281 * If a tty device is registered with a call to tty_register_device() then
3282 * this function must be called when the tty device is gone.
3283 *
3284 * Locking: ??
1da177e4 3285 */
af9b897e 3286
1da177e4
LT		 3287void tty_unregister_device(struct tty_driver *driver, unsigned index)
3288{
37bdfb07
AC		 3289 device_destroy(tty_class,
3290 MKDEV(driver->major, driver->minor_start) + index);
7e73eca6
JS		 3291 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC))
3292 cdev_del(&driver->cdevs[index]);
1da177e4 3293}
1da177e4
LT		 3294EXPORT_SYMBOL(tty_unregister_device);
3295
7f0bc6a6
JS		 3296/**
3297 * __tty_alloc_driver -- allocate tty driver
3298 * @lines: count of lines this driver can handle at most
3299 * @owner: module which is repsonsible for this driver
3300 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
3301 *
3302 * This should not be called directly, some of the provided macros should be
3303 * used instead. Use IS_ERR and friends on @retval.
3304 */
3305struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
3306 unsigned long flags)
1da177e4
LT		 3307{
3308 struct tty_driver *driver;
7e73eca6 3309 unsigned int cdevs = 1;
16a02081 3310 int err;
1da177e4 3311
0019b408 3312 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
7f0bc6a6
JS		 3313 return ERR_PTR(-EINVAL);
3314
506eb99a 3315 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
7f0bc6a6
JS		 3316 if (!driver)
3317 return ERR_PTR(-ENOMEM);
3318
3319 kref_init(&driver->kref);
3320 driver->magic = TTY_DRIVER_MAGIC;
3321 driver->num = lines;
3322 driver->owner = owner;
3323 driver->flags = flags;
16a02081
JS		 3324
3325 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
3326 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
3327 GFP_KERNEL);
3328 driver->termios = kcalloc(lines, sizeof(*driver->termios),
3329 GFP_KERNEL);
3330 if (!driver->ttys || !driver->termios) {
3331 err = -ENOMEM;
3332 goto err_free_all;
3333 }
3334 }
3335
3336 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3337 driver->ports = kcalloc(lines, sizeof(*driver->ports),
3338 GFP_KERNEL);
3339 if (!driver->ports) {
3340 err = -ENOMEM;
3341 goto err_free_all;
3342 }
7e73eca6
JS		 3343 cdevs = lines;
3344 }
3345
3346 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
3347 if (!driver->cdevs) {
3348 err = -ENOMEM;
3349 goto err_free_all;
16a02081 3350 }
7f0bc6a6 3351
1da177e4 3352 return driver;
16a02081
JS		 3353err_free_all:
3354 kfree(driver->ports);
3355 kfree(driver->ttys);
3356 kfree(driver->termios);
3357 kfree(driver);
3358 return ERR_PTR(err);
1da177e4 3359}
7f0bc6a6 3360EXPORT_SYMBOL(__tty_alloc_driver);
1da177e4 3361
7d7b93c1 3362static void destruct_tty_driver(struct kref *kref)
1da177e4 3363{
7d7b93c1
AC		 3364 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3365 int i;
3366 struct ktermios *tp;
7d7b93c1
AC		 3367
3368 if (driver->flags & TTY_DRIVER_INSTALLED) {
3369 /*
3370 * Free the termios and termios_locked structures because
3371 * we don't want to get memory leaks when modular tty
3372 * drivers are removed from the kernel.
3373 */
3374 for (i = 0; i < driver->num; i++) {
3375 tp = driver->termios[i];
3376 if (tp) {
3377 driver->termios[i] = NULL;
3378 kfree(tp);
3379 }
7d7b93c1
AC		 3380 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3381 tty_unregister_device(driver, i);
3382 }
7d7b93c1 3383 proc_tty_unregister_driver(driver);
7e73eca6
JS		 3384 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
3385 cdev_del(&driver->cdevs[0]);
7d7b93c1 3386 }
7e73eca6 3387 kfree(driver->cdevs);
04831dc1 3388 kfree(driver->ports);
16a02081
JS		 3389 kfree(driver->termios);
3390 kfree(driver->ttys);
1da177e4
LT		 3391 kfree(driver);
3392}
3393
7d7b93c1
AC		 3394void tty_driver_kref_put(struct tty_driver *driver)
3395{
3396 kref_put(&driver->kref, destruct_tty_driver);
3397}
3398EXPORT_SYMBOL(tty_driver_kref_put);
3399
b68e31d0
JD		 3400void tty_set_operations(struct tty_driver *driver,
3401 const struct tty_operations *op)
1da177e4 3402{
f34d7a5b
AC		 3403 driver->ops = op;
3404};
7d7b93c1 3405EXPORT_SYMBOL(tty_set_operations);
1da177e4 3406
7d7b93c1
AC		 3407void put_tty_driver(struct tty_driver *d)
3408{
3409 tty_driver_kref_put(d);
3410}
1da177e4 3411EXPORT_SYMBOL(put_tty_driver);
1da177e4
LT		 3412
3413/*
3414 * Called by a tty driver to register itself.
3415 */
3416int tty_register_driver(struct tty_driver *driver)
3417{
3418 int error;
37bdfb07 3419 int i;
1da177e4 3420 dev_t dev;
b670bde0 3421 struct device *d;
1da177e4 3422
1da177e4 3423 if (!driver->major) {
37bdfb07
AC		 3424 error = alloc_chrdev_region(&dev, driver->minor_start,
3425 driver->num, driver->name);
1da177e4
LT		 3426 if (!error) {
3427 driver->major = MAJOR(dev);
3428 driver->minor_start = MINOR(dev);
3429 }
3430 } else {
3431 dev = MKDEV(driver->major, driver->minor_start);
e5717c48 3432 error = register_chrdev_region(dev, driver->num, driver->name);
1da177e4 3433 }
9bb8a3d4 3434 if (error < 0)
16a02081 3435 goto err;
1da177e4 3436
7e73eca6
JS		 3437 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
3438 error = tty_cdev_add(driver, dev, 0, driver->num);
3439 if (error)
3440 goto err_unreg_char;
3441 }
1da177e4 3442
ca509f69 3443 mutex_lock(&tty_mutex);
1da177e4 3444 list_add(&driver->tty_drivers, &tty_drivers);
ca509f69 3445 mutex_unlock(&tty_mutex);
37bdfb07
AC		 3446
3447 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
b670bde0
VK		 3448 for (i = 0; i < driver->num; i++) {
3449 d = tty_register_device(driver, i, NULL);
3450 if (IS_ERR(d)) {
3451 error = PTR_ERR(d);
16a02081 3452 goto err_unreg_devs;
b670bde0
VK		 3453 }
3454 }
1da177e4
LT		 3455 }
3456 proc_tty_register_driver(driver);
7d7b93c1 3457 driver->flags |= TTY_DRIVER_INSTALLED;
1da177e4 3458 return 0;
b670bde0 3459
16a02081 3460err_unreg_devs:
b670bde0
VK		 3461 for (i--; i >= 0; i--)
3462 tty_unregister_device(driver, i);
3463
3464 mutex_lock(&tty_mutex);
3465 list_del(&driver->tty_drivers);
3466 mutex_unlock(&tty_mutex);
3467
9bb8a3d4 3468err_unreg_char:
b670bde0 3469 unregister_chrdev_region(dev, driver->num);
16a02081 3470err:
b670bde0 3471 return error;
1da177e4 3472}
1da177e4
LT		 3473EXPORT_SYMBOL(tty_register_driver);
3474
3475/*
3476 * Called by a tty driver to unregister itself.
3477 */
3478int tty_unregister_driver(struct tty_driver *driver)
3479{
7d7b93c1
AC		 3480#if 0
3481 /* FIXME */
1da177e4
LT		 3482 if (driver->refcount)
3483 return -EBUSY;
7d7b93c1 3484#endif
1da177e4
LT		 3485 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3486 driver->num);
ca509f69 3487 mutex_lock(&tty_mutex);
1da177e4 3488 list_del(&driver->tty_drivers);
ca509f69 3489 mutex_unlock(&tty_mutex);
1da177e4
LT		 3490 return 0;
3491}
7d7b93c1 3492
1da177e4
LT		 3493EXPORT_SYMBOL(tty_unregister_driver);
3494
24ec839c
PZ		 3495dev_t tty_devnum(struct tty_struct *tty)
3496{
3497 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3498}
3499EXPORT_SYMBOL(tty_devnum);
1da177e4 3500
d81ed103
AC		 3501void tty_default_fops(struct file_operations *fops)
3502{
3503 *fops = tty_fops;
3504}
3505
1da177e4
LT		 3506/*
3507 * Initialize the console device. This is called *early*, so
3508 * we can't necessarily depend on lots of kernel help here.
3509 * Just do some early initializations, and do the complex setup
3510 * later.
3511 */
3512void __init console_init(void)
3513{
3514 initcall_t *call;
3515
3516 /* Setup the default TTY line discipline. */
01e1abb2 3517 tty_ldisc_begin();
1da177e4
LT		 3518
3519 /*
37bdfb07 3520 * set up the console device so that later boot sequences can
1da177e4
LT		 3521 * inform about problems etc..
3522 */
1da177e4
LT		 3523 call = __con_initcall_start;
3524 while (call < __con_initcall_end) {
3525 (*call)();
3526 call++;
3527 }
3528}
3529
2c9ede55 3530static char *tty_devnode(struct device *dev, umode_t *mode)
e454cea2
KS		 3531{
3532 if (!mode)
3533 return NULL;
3534 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3535 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3536 *mode = 0666;
3537 return NULL;
3538}
3539
1da177e4
LT		 3540static int __init tty_class_init(void)
3541{
7fe845d1 3542 tty_class = class_create(THIS_MODULE, "tty");
1da177e4
LT		 3543 if (IS_ERR(tty_class))
3544 return PTR_ERR(tty_class);
e454cea2 3545 tty_class->devnode = tty_devnode;
1da177e4
LT		 3546 return 0;
3547}
3548
3549postcore_initcall(tty_class_init);
3550
3551/* 3/2004 jmc: why do these devices exist? */
1da177e4 3552static struct cdev tty_cdev, console_cdev;
1da177e4 3553
fbc92a34
KS		 3554static ssize_t show_cons_active(struct device *dev,
3555 struct device_attribute *attr, char *buf)
3556{
3557 struct console *cs[16];
3558 int i = 0;
3559 struct console *c;
3560 ssize_t count = 0;
3561
ac751efa 3562 console_lock();
a2a6a822 3563 for_each_console(c) {
fbc92a34
KS		 3564 if (!c->device)
3565 continue;
3566 if (!c->write)
3567 continue;
3568 if ((c->flags & CON_ENABLED) == 0)
3569 continue;
3570 cs[i++] = c;
3571 if (i >= ARRAY_SIZE(cs))
3572 break;
3573 }
723abd87
HR		 3574 while (i--) {
3575 int index = cs[i]->index;
3576 struct tty_driver *drv = cs[i]->device(cs[i], &index);
3577
3578 /* don't resolve tty0 as some programs depend on it */
3579 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR))
3580 count += tty_line_name(drv, index, buf + count);
3581 else
3582 count += sprintf(buf + count, "%s%d",
3583 cs[i]->name, cs[i]->index);
3584
3585 count += sprintf(buf + count, "%c", i ? ' ':'\n');
3586 }
ac751efa 3587 console_unlock();
fbc92a34
KS		 3588
3589 return count;
3590}
3591static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3592
3593static struct device *consdev;
3594
3595void console_sysfs_notify(void)
3596{
3597 if (consdev)
3598 sysfs_notify(&consdev->kobj, NULL, "active");
3599}
3600
1da177e4
LT		 3601/*
3602 * Ok, now we can initialize the rest of the tty devices and can count
3603 * on memory allocations, interrupts etc..
3604 */
31d1d48e 3605int __init tty_init(void)
1da177e4
LT		 3606{
3607 cdev_init(&tty_cdev, &tty_fops);
3608 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3609 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3610 panic("Couldn't register /dev/tty driver\n");
fbc92a34 3611 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
1da177e4
LT		 3612
3613 cdev_init(&console_cdev, &console_fops);
3614 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3615 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3616 panic("Couldn't register /dev/console driver\n");
fbc92a34 3617 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
47aa5793 3618 "console");
fbc92a34
KS		 3619 if (IS_ERR(consdev))
3620 consdev = NULL;
3621 else
a2a6a822 3622 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
1da177e4 3623
1da177e4 3624#ifdef CONFIG_VT
d81ed103 3625 vty_init(&console_fops);
1da177e4
LT		 3626#endif
3627 return 0;
3628}
31d1d48e 3629
Linux 6.x block layer and io_uring tree(s)