projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tty: Serialize proc_set_tty() with tty_lock
[linux-2.6-block.git] / drivers / tty / tty_io.c
CommitLineData
1da177e4 1/*
1da177e4
LT		 2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5/*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
37bdfb07 20 * makes for cleaner and more compact code. -TYT, 9/17/92
1da177e4
LT		 21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
37bdfb07 42 *
1da177e4
LT		 43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
d81ed103 50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
1da177e4
LT		 51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
37bdfb07
AC		 63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
1da177e4
LT		 65 */
66
1da177e4
LT		 67#include <linux/types.h>
68#include <linux/major.h>
69#include <linux/errno.h>
70#include <linux/signal.h>
71#include <linux/fcntl.h>
72#include <linux/sched.h>
73#include <linux/interrupt.h>
74#include <linux/tty.h>
75#include <linux/tty_driver.h>
76#include <linux/tty_flip.h>
77#include <linux/devpts_fs.h>
78#include <linux/file.h>
9f3acc31 79#include <linux/fdtable.h>
1da177e4
LT		 80#include <linux/console.h>
81#include <linux/timer.h>
82#include <linux/ctype.h>
83#include <linux/kd.h>
84#include <linux/mm.h>
85#include <linux/string.h>
86#include <linux/slab.h>
87#include <linux/poll.h>
88#include <linux/proc_fs.h>
89#include <linux/init.h>
90#include <linux/module.h>
1da177e4 91#include <linux/device.h>
1da177e4
LT		 92#include <linux/wait.h>
93#include <linux/bitops.h>
b20f3ae5 94#include <linux/delay.h>
a352def2 95#include <linux/seq_file.h>
d281da7f 96#include <linux/serial.h>
5a3c6b25 97#include <linux/ratelimit.h>
1da177e4 98
a352def2 99#include <linux/uaccess.h>
1da177e4
LT		 100
101#include <linux/kbd_kern.h>
102#include <linux/vt_kern.h>
103#include <linux/selection.h>
1da177e4
LT		 104
105#include <linux/kmod.h>
b488893a 106#include <linux/nsproxy.h>
1da177e4
LT		 107
108#undef TTY_DEBUG_HANGUP
109
110#define TTY_PARANOIA_CHECK 1
111#define CHECK_TTY_COUNT 1
112
edc6afc5 113struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
1da177e4
LT		 114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
edc6afc5
AC		 119 .c_cc = INIT_C_CC,
120 .c_ispeed = 38400,
121 .c_ospeed = 38400
1da177e4
LT		 122};
123
124EXPORT_SYMBOL(tty_std_termios);
125
126/* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
128 into this file */
37bdfb07 129
1da177e4
LT		 130LIST_HEAD(tty_drivers); /* linked list of tty drivers */
131
24ec839c 132/* Mutex to protect creating and releasing a tty. This is shared with
1da177e4 133 vt.c for deeply disgusting hack reasons */
70522e12 134DEFINE_MUTEX(tty_mutex);
de2a84f2 135EXPORT_SYMBOL(tty_mutex);
1da177e4 136
ee2ffa0d
NP		 137/* Spinlock to protect the tty->tty_files list */
138DEFINE_SPINLOCK(tty_files_lock);
139
1da177e4
LT		 140static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
37bdfb07
AC		 142ssize_t redirected_tty_write(struct file *, const char __user *,
143 size_t, loff_t *);
1da177e4
LT		 144static unsigned int tty_poll(struct file *, poll_table *);
145static int tty_open(struct inode *, struct file *);
04f378b1 146long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
e10cc1df 147#ifdef CONFIG_COMPAT
37bdfb07 148static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 149 unsigned long arg);
150#else
151#define tty_compat_ioctl NULL
152#endif
ec79d605 153static int __tty_fasync(int fd, struct file *filp, int on);
37bdfb07 154static int tty_fasync(int fd, struct file *filp, int on);
d5698c28 155static void release_tty(struct tty_struct *tty, int idx);
1da177e4 156
af9b897e
AC		 157/**
158 * free_tty_struct - free a disused tty
159 * @tty: tty struct to free
160 *
161 * Free the write buffers, tty queue and tty memory itself.
162 *
163 * Locking: none. Must be called after tty is definitely unused
164 */
165
bf970ee4 166void free_tty_struct(struct tty_struct *tty)
1da177e4 167{
dc6802a7
DC		 168 if (!tty)
169 return;
30004ac9
DES		 170 if (tty->dev)
171 put_device(tty->dev);
1da177e4 172 kfree(tty->write_buf);
89c8d91e 173 tty->magic = 0xDEADDEAD;
1da177e4
LT		 174 kfree(tty);
175}
176
d996b62a
NP		 177static inline struct tty_struct *file_tty(struct file *file)
178{
179 return ((struct tty_file_private *)file->private_data)->tty;
180}
181
fa90e1c9 182int tty_alloc_file(struct file *file)
d996b62a
NP		 183{
184 struct tty_file_private *priv;
185
f573bd17
PE		 186 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
187 if (!priv)
188 return -ENOMEM;
d996b62a 189
fa90e1c9
JS		 190 file->private_data = priv;
191
192 return 0;
193}
194
195/* Associate a new file with the tty structure */
196void tty_add_file(struct tty_struct *tty, struct file *file)
197{
198 struct tty_file_private *priv = file->private_data;
199
d996b62a
NP		 200 priv->tty = tty;
201 priv->file = file;
d996b62a
NP		 202
203 spin_lock(&tty_files_lock);
204 list_add(&priv->list, &tty->tty_files);
205 spin_unlock(&tty_files_lock);
fa90e1c9 206}
f573bd17 207
fa90e1c9
JS		 208/**
209 * tty_free_file - free file->private_data
210 *
211 * This shall be used only for fail path handling when tty_add_file was not
212 * called yet.
213 */
214void tty_free_file(struct file *file)
215{
216 struct tty_file_private *priv = file->private_data;
217
218 file->private_data = NULL;
219 kfree(priv);
d996b62a
NP		 220}
221
222/* Delete file from its tty */
2520e274 223static void tty_del_file(struct file *file)
d996b62a
NP		 224{
225 struct tty_file_private *priv = file->private_data;
226
227 spin_lock(&tty_files_lock);
228 list_del(&priv->list);
229 spin_unlock(&tty_files_lock);
fa90e1c9 230 tty_free_file(file);
d996b62a
NP		 231}
232
233
1da177e4
LT		 234#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
235
af9b897e
AC		 236/**
237 * tty_name - return tty naming
238 * @tty: tty structure
239 * @buf: buffer for output
240 *
241 * Convert a tty structure into a name. The name reflects the kernel
242 * naming policy and if udev is in use may not reflect user space
243 *
244 * Locking: none
245 */
246
1da177e4
LT		 247char *tty_name(struct tty_struct *tty, char *buf)
248{
249 if (!tty) /* Hmm. NULL pointer. That's fun. */
250 strcpy(buf, "NULL tty");
251 else
252 strcpy(buf, tty->name);
253 return buf;
254}
255
256EXPORT_SYMBOL(tty_name);
257
d769a669 258int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
1da177e4
LT		 259 const char *routine)
260{
261#ifdef TTY_PARANOIA_CHECK
262 if (!tty) {
263 printk(KERN_WARNING
264 "null TTY for (%d:%d) in %s\n",
265 imajor(inode), iminor(inode), routine);
266 return 1;
267 }
268 if (tty->magic != TTY_MAGIC) {
269 printk(KERN_WARNING
270 "bad magic number for tty struct (%d:%d) in %s\n",
271 imajor(inode), iminor(inode), routine);
272 return 1;
273 }
274#endif
275 return 0;
276}
277
278static int check_tty_count(struct tty_struct *tty, const char *routine)
279{
280#ifdef CHECK_TTY_COUNT
281 struct list_head *p;
282 int count = 0;
37bdfb07 283
ee2ffa0d 284 spin_lock(&tty_files_lock);
1da177e4
LT		 285 list_for_each(p, &tty->tty_files) {
286 count++;
287 }
ee2ffa0d 288 spin_unlock(&tty_files_lock);
1da177e4
LT		 289 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
290 tty->driver->subtype == PTY_TYPE_SLAVE &&
291 tty->link && tty->link->count)
292 count++;
293 if (tty->count != count) {
294 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
295 "!= #fd's(%d) in %s\n",
296 tty->name, tty->count, count, routine);
297 return count;
24ec839c 298 }
1da177e4
LT		 299#endif
300 return 0;
301}
302
af9b897e
AC		 303/**
304 * get_tty_driver - find device of a tty
305 * @dev_t: device identifier
306 * @index: returns the index of the tty
307 *
308 * This routine returns a tty driver structure, given a device number
309 * and also passes back the index number.
310 *
311 * Locking: caller must hold tty_mutex
1da177e4 312 */
af9b897e 313
1da177e4
LT		 314static struct tty_driver *get_tty_driver(dev_t device, int *index)
315{
316 struct tty_driver *p;
317
318 list_for_each_entry(p, &tty_drivers, tty_drivers) {
319 dev_t base = MKDEV(p->major, p->minor_start);
320 if (device < base || device >= base + p->num)
321 continue;
322 *index = device - base;
7d7b93c1 323 return tty_driver_kref_get(p);
1da177e4
LT		 324 }
325 return NULL;
326}
327
f2d937f3
JW		 328#ifdef CONFIG_CONSOLE_POLL
329
330/**
331 * tty_find_polling_driver - find device of a polled tty
332 * @name: name string to match
333 * @line: pointer to resulting tty line nr
334 *
335 * This routine returns a tty driver structure, given a name
336 * and the condition that the tty driver is capable of polled
337 * operation.
338 */
339struct tty_driver *tty_find_polling_driver(char *name, int *line)
340{
341 struct tty_driver *p, *res = NULL;
342 int tty_line = 0;
0dca0fd2 343 int len;
5f0878ac 344 char *str, *stp;
f2d937f3 345
0dca0fd2
JW		 346 for (str = name; *str; str++)
347 if ((*str >= '0' && *str <= '9') || *str == ',')
348 break;
349 if (!*str)
350 return NULL;
351
352 len = str - name;
353 tty_line = simple_strtoul(str, &str, 10);
354
f2d937f3
JW		 355 mutex_lock(&tty_mutex);
356 /* Search through the tty devices to look for a match */
357 list_for_each_entry(p, &tty_drivers, tty_drivers) {
0dca0fd2
JW		 358 if (strncmp(name, p->name, len) != 0)
359 continue;
5f0878ac
AC		 360 stp = str;
361 if (*stp == ',')
362 stp++;
363 if (*stp == '\0')
364 stp = NULL;
f2d937f3 365
6eb68d6f 366 if (tty_line >= 0 && tty_line < p->num && p->ops &&
5f0878ac 367 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
7d7b93c1 368 res = tty_driver_kref_get(p);
f2d937f3
JW		 369 *line = tty_line;
370 break;
371 }
372 }
373 mutex_unlock(&tty_mutex);
374
375 return res;
376}
377EXPORT_SYMBOL_GPL(tty_find_polling_driver);
378#endif
379
af9b897e
AC		 380/**
381 * tty_check_change - check for POSIX terminal changes
382 * @tty: tty to check
383 *
384 * If we try to write to, or set the state of, a terminal and we're
385 * not in the foreground, send a SIGTTOU. If the signal is blocked or
386 * ignored, go ahead and perform the operation. (POSIX 7.2)
387 *
978e595f 388 * Locking: ctrl_lock
1da177e4 389 */
af9b897e 390
37bdfb07 391int tty_check_change(struct tty_struct *tty)
1da177e4 392{
47f86834
AC		 393 unsigned long flags;
394 int ret = 0;
395
1da177e4
LT		 396 if (current->signal->tty != tty)
397 return 0;
47f86834
AC		 398
399 spin_lock_irqsave(&tty->ctrl_lock, flags);
400
ab521dc0
EB		 401 if (!tty->pgrp) {
402 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
9ffee4cb 403 goto out_unlock;
1da177e4 404 }
ab521dc0 405 if (task_pgrp(current) == tty->pgrp)
9ffee4cb
AM		 406 goto out_unlock;
407 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1da177e4 408 if (is_ignored(SIGTTOU))
47f86834
AC		 409 goto out;
410 if (is_current_pgrp_orphaned()) {
411 ret = -EIO;
412 goto out;
413 }
040b6362
ON		 414 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
415 set_thread_flag(TIF_SIGPENDING);
47f86834
AC		 416 ret = -ERESTARTSYS;
417out:
9ffee4cb
AM		 418 return ret;
419out_unlock:
47f86834
AC		 420 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
421 return ret;
1da177e4
LT		 422}
423
424EXPORT_SYMBOL(tty_check_change);
425
37bdfb07 426static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
1da177e4
LT		 427 size_t count, loff_t *ppos)
428{
429 return 0;
430}
431
37bdfb07 432static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
1da177e4
LT		 433 size_t count, loff_t *ppos)
434{
435 return -EIO;
436}
437
438/* No kernel lock held - none needed ;) */
37bdfb07 439static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
1da177e4
LT		 440{
441 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
442}
443
04f378b1
AC		 444static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
445 unsigned long arg)
38ad2ed0
PF		 446{
447 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
448}
449
37bdfb07 450static long hung_up_tty_compat_ioctl(struct file *file,
38ad2ed0 451 unsigned int cmd, unsigned long arg)
1da177e4
LT		 452{
453 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
454}
455
62322d25 456static const struct file_operations tty_fops = {
1da177e4
LT		 457 .llseek = no_llseek,
458 .read = tty_read,
459 .write = tty_write,
460 .poll = tty_poll,
04f378b1 461 .unlocked_ioctl = tty_ioctl,
e10cc1df 462 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 463 .open = tty_open,
464 .release = tty_release,
465 .fasync = tty_fasync,
466};
467
62322d25 468static const struct file_operations console_fops = {
1da177e4
LT		 469 .llseek = no_llseek,
470 .read = tty_read,
471 .write = redirected_tty_write,
472 .poll = tty_poll,
04f378b1 473 .unlocked_ioctl = tty_ioctl,
e10cc1df 474 .compat_ioctl = tty_compat_ioctl,
1da177e4
LT		 475 .open = tty_open,
476 .release = tty_release,
477 .fasync = tty_fasync,
478};
479
62322d25 480static const struct file_operations hung_up_tty_fops = {
1da177e4
LT		 481 .llseek = no_llseek,
482 .read = hung_up_tty_read,
483 .write = hung_up_tty_write,
484 .poll = hung_up_tty_poll,
04f378b1 485 .unlocked_ioctl = hung_up_tty_ioctl,
38ad2ed0 486 .compat_ioctl = hung_up_tty_compat_ioctl,
1da177e4
LT		 487 .release = tty_release,
488};
489
490static DEFINE_SPINLOCK(redirect_lock);
491static struct file *redirect;
492
11d9befd
PH		 493
494void proc_clear_tty(struct task_struct *p)
495{
496 unsigned long flags;
497 struct tty_struct *tty;
498 spin_lock_irqsave(&p->sighand->siglock, flags);
499 tty = p->signal->tty;
500 p->signal->tty = NULL;
501 spin_unlock_irqrestore(&p->sighand->siglock, flags);
502 tty_kref_put(tty);
503}
504
2c411c11
PH		 505/**
506 * proc_set_tty - set the controlling terminal
507 *
508 * Only callable by the session leader and only if it does not already have
509 * a controlling terminal.
510 *
e218eb32
PH		 511 * Caller must hold: tty_lock()
512 * a readlock on tasklist_lock
2c411c11
PH		 513 * sighand lock
514 */
bce65f18 515static void __proc_set_tty(struct tty_struct *tty)
11d9befd 516{
ae28fa72
PH		 517 unsigned long flags;
518
519 /* We should not have a session or pgrp to put here but.... */
520 spin_lock_irqsave(&tty->ctrl_lock, flags);
521 put_pid(tty->session);
522 put_pid(tty->pgrp);
523 tty->pgrp = get_pid(task_pgrp(current));
524 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
525 tty->session = get_pid(task_session(current));
526 if (current->signal->tty) {
527 printk(KERN_DEBUG "tty not NULL!!\n");
528 tty_kref_put(current->signal->tty);
11d9befd 529 }
bce65f18
PH		 530 put_pid(current->signal->tty_old_pgrp);
531 current->signal->tty = tty_kref_get(tty);
532 current->signal->tty_old_pgrp = NULL;
11d9befd
PH		 533}
534
bce65f18 535static void proc_set_tty(struct tty_struct *tty)
11d9befd 536{
bce65f18
PH		 537 spin_lock_irq(&current->sighand->siglock);
538 __proc_set_tty(tty);
539 spin_unlock_irq(&current->sighand->siglock);
11d9befd
PH		 540}
541
542struct tty_struct *get_current_tty(void)
543{
544 struct tty_struct *tty;
545 unsigned long flags;
546
547 spin_lock_irqsave(&current->sighand->siglock, flags);
548 tty = tty_kref_get(current->signal->tty);
549 spin_unlock_irqrestore(&current->sighand->siglock, flags);
550 return tty;
551}
552EXPORT_SYMBOL_GPL(get_current_tty);
553
554static void session_clear_tty(struct pid *session)
555{
556 struct task_struct *p;
557 do_each_pid_task(session, PIDTYPE_SID, p) {
558 proc_clear_tty(p);
559 } while_each_pid_task(session, PIDTYPE_SID, p);
560}
561
1da177e4
LT		 562/**
563 * tty_wakeup - request more data
564 * @tty: terminal
565 *
566 * Internal and external helper for wakeups of tty. This function
567 * informs the line discipline if present that the driver is ready
568 * to receive more output data.
569 */
37bdfb07 570
1da177e4
LT		 571void tty_wakeup(struct tty_struct *tty)
572{
573 struct tty_ldisc *ld;
37bdfb07 574
1da177e4
LT		 575 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
576 ld = tty_ldisc_ref(tty);
37bdfb07 577 if (ld) {
a352def2
AC		 578 if (ld->ops->write_wakeup)
579 ld->ops->write_wakeup(tty);
1da177e4
LT		 580 tty_ldisc_deref(ld);
581 }
582 }
4b19449d 583 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 584}
585
586EXPORT_SYMBOL_GPL(tty_wakeup);
587
ea648a47
PH		 588/**
589 * tty_signal_session_leader - sends SIGHUP to session leader
f91e2590
PH		 590 * @tty controlling tty
591 * @exit_session if non-zero, signal all foreground group processes
ea648a47 592 *
f91e2590
PH		 593 * Send SIGHUP and SIGCONT to the session leader and its process group.
594 * Optionally, signal all processes in the foreground process group.
ea648a47
PH		 595 *
596 * Returns the number of processes in the session with this tty
597 * as their controlling terminal. This value is used to drop
598 * tty references for those processes.
599 */
f91e2590 600static int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
ea648a47
PH		 601{
602 struct task_struct *p;
ea648a47 603 int refs = 0;
f91e2590 604 struct pid *tty_pgrp = NULL;
ea648a47
PH		 605
606 read_lock(&tasklist_lock);
607 if (tty->session) {
608 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
609 spin_lock_irq(&p->sighand->siglock);
610 if (p->signal->tty == tty) {
611 p->signal->tty = NULL;
612 /* We defer the dereferences outside fo
613 the tasklist lock */
614 refs++;
615 }
616 if (!p->signal->leader) {
617 spin_unlock_irq(&p->sighand->siglock);
618 continue;
619 }
620 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
621 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
622 put_pid(p->signal->tty_old_pgrp); /* A noop */
bc30c3b2 623 spin_lock(&tty->ctrl_lock);
f91e2590 624 tty_pgrp = get_pid(tty->pgrp);
ea648a47
PH		 625 if (tty->pgrp)
626 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
bc30c3b2 627 spin_unlock(&tty->ctrl_lock);
ea648a47
PH		 628 spin_unlock_irq(&p->sighand->siglock);
629 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
630 }
631 read_unlock(&tasklist_lock);
632
f91e2590
PH		 633 if (tty_pgrp) {
634 if (exit_session)
635 kill_pgrp(tty_pgrp, SIGHUP, exit_session);
636 put_pid(tty_pgrp);
637 }
638
ea648a47
PH		 639 return refs;
640}
641
af9b897e 642/**
11dbf203 643 * __tty_hangup - actual handler for hangup events
65f27f38 644 * @work: tty device
af9b897e 645 *
ef4f527c 646 * This can be called by a "kworker" kernel thread. That is process
af9b897e
AC		 647 * synchronous but doesn't hold any locks, so we need to make sure we
648 * have the appropriate locks for what we're doing.
649 *
650 * The hangup event clears any pending redirections onto the hung up
651 * device. It ensures future writes will error and it does the needed
652 * line discipline hangup and signal delivery. The tty object itself
653 * remains intact.
654 *
655 * Locking:
ec79d605 656 * BTM
24ec839c
PZ		 657 * redirect lock for undoing redirection
658 * file list lock for manipulating list of ttys
137084bb 659 * tty_ldiscs_lock from called functions
6a1c0680 660 * termios_rwsem resetting termios data
24ec839c
PZ		 661 * tasklist_lock to walk task list for hangup event
662 * ->siglock to protect ->signal/->sighand
1da177e4 663 */
f91e2590 664static void __tty_hangup(struct tty_struct *tty, int exit_session)
1da177e4 665{
37bdfb07 666 struct file *cons_filp = NULL;
1da177e4 667 struct file *filp, *f = NULL;
d996b62a 668 struct tty_file_private *priv;
1da177e4 669 int closecount = 0, n;
ea648a47 670 int refs;
1da177e4
LT		 671
672 if (!tty)
673 return;
674
1da177e4
LT		 675
676 spin_lock(&redirect_lock);
d996b62a 677 if (redirect && file_tty(redirect) == tty) {
1da177e4
LT		 678 f = redirect;
679 redirect = NULL;
680 }
681 spin_unlock(&redirect_lock);
37bdfb07 682
89c8d91e 683 tty_lock(tty);
11dbf203 684
cb50e523
PH		 685 if (test_bit(TTY_HUPPED, &tty->flags)) {
686 tty_unlock(tty);
687 return;
688 }
689
acfa747b
JS		 690 /* some functions below drop BTM, so we need this bit */
691 set_bit(TTY_HUPPING, &tty->flags);
692
ec79d605
AB		 693 /* inuse_filps is protected by the single tty lock,
694 this really needs to change if we want to flush the
695 workqueue with the lock held */
11dbf203 696 check_tty_count(tty, "tty_hangup");
36ba782e 697
ee2ffa0d 698 spin_lock(&tty_files_lock);
1da177e4 699 /* This breaks for file handles being sent over AF_UNIX sockets ? */
d996b62a
NP		 700 list_for_each_entry(priv, &tty->tty_files, list) {
701 filp = priv->file;
1da177e4
LT		 702 if (filp->f_op->write == redirected_tty_write)
703 cons_filp = filp;
704 if (filp->f_op->write != tty_write)
705 continue;
706 closecount++;
ec79d605 707 __tty_fasync(-1, filp, 0); /* can't block */
1da177e4
LT		 708 filp->f_op = &hung_up_tty_fops;
709 }
ee2ffa0d 710 spin_unlock(&tty_files_lock);
37bdfb07 711
25fdf243
PH		 712 refs = tty_signal_session_leader(tty, exit_session);
713 /* Account for the p->signal references we killed */
714 while (refs--)
715 tty_kref_put(tty);
716
acfa747b
JS		 717 /*
718 * it drops BTM and thus races with reopen
719 * we protect the race by TTY_HUPPING
720 */
c65c9bc3 721 tty_ldisc_hangup(tty);
37bdfb07 722
20cc225b 723 spin_lock_irq(&tty->ctrl_lock);
c65c9bc3 724 clear_bit(TTY_THROTTLED, &tty->flags);
c65c9bc3 725 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
d9c1e9a8
EB		 726 put_pid(tty->session);
727 put_pid(tty->pgrp);
ab521dc0
EB		 728 tty->session = NULL;
729 tty->pgrp = NULL;
1da177e4 730 tty->ctrl_status = 0;
20cc225b 731 spin_unlock_irq(&tty->ctrl_lock);
9c9f4ded 732
1da177e4 733 /*
37bdfb07
AC		 734 * If one of the devices matches a console pointer, we
735 * cannot just call hangup() because that will cause
736 * tty->count and state->count to go out of sync.
737 * So we just call close() the right number of times.
1da177e4
LT		 738 */
739 if (cons_filp) {
f34d7a5b 740 if (tty->ops->close)
1da177e4 741 for (n = 0; n < closecount; n++)
f34d7a5b
AC		 742 tty->ops->close(tty, cons_filp);
743 } else if (tty->ops->hangup)
7c6d340f 744 tty->ops->hangup(tty);
37bdfb07
AC		 745 /*
746 * We don't want to have driver/ldisc interactions beyond
747 * the ones we did here. The driver layer expects no
748 * calls after ->hangup() from the ldisc side. However we
749 * can't yet guarantee all that.
750 */
1da177e4 751 set_bit(TTY_HUPPED, &tty->flags);
acfa747b 752 clear_bit(TTY_HUPPING, &tty->flags);
11dbf203 753
89c8d91e 754 tty_unlock(tty);
11dbf203 755
1da177e4
LT		 756 if (f)
757 fput(f);
758}
759
ddcd9fb6
AB		 760static void do_tty_hangup(struct work_struct *work)
761{
762 struct tty_struct *tty =
763 container_of(work, struct tty_struct, hangup_work);
764
f91e2590 765 __tty_hangup(tty, 0);
ddcd9fb6
AB		 766}
767
af9b897e
AC		 768/**
769 * tty_hangup - trigger a hangup event
770 * @tty: tty to hangup
771 *
772 * A carrier loss (virtual or otherwise) has occurred on this like
773 * schedule a hangup sequence to run after this event.
774 */
775
37bdfb07 776void tty_hangup(struct tty_struct *tty)
1da177e4
LT		 777{
778#ifdef TTY_DEBUG_HANGUP
779 char buf[64];
1da177e4
LT		 780 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
781#endif
782 schedule_work(&tty->hangup_work);
783}
784
785EXPORT_SYMBOL(tty_hangup);
786
af9b897e
AC		 787/**
788 * tty_vhangup - process vhangup
789 * @tty: tty to hangup
790 *
791 * The user has asked via system call for the terminal to be hung up.
792 * We do this synchronously so that when the syscall returns the process
3a4fa0a2 793 * is complete. That guarantee is necessary for security reasons.
af9b897e
AC		 794 */
795
37bdfb07 796void tty_vhangup(struct tty_struct *tty)
1da177e4
LT		 797{
798#ifdef TTY_DEBUG_HANGUP
799 char buf[64];
800
801 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
802#endif
f91e2590 803 __tty_hangup(tty, 0);
1da177e4 804}
37bdfb07 805
1da177e4
LT		 806EXPORT_SYMBOL(tty_vhangup);
807
11dbf203 808
2cb5998b
AC		 809/**
810 * tty_vhangup_self - process vhangup for own ctty
811 *
812 * Perform a vhangup on the current controlling tty
813 */
814
815void tty_vhangup_self(void)
816{
817 struct tty_struct *tty;
818
2cb5998b
AC		 819 tty = get_current_tty();
820 if (tty) {
821 tty_vhangup(tty);
822 tty_kref_put(tty);
823 }
2cb5998b
AC		 824}
825
f91e2590
PH		 826/**
827 * tty_vhangup_session - hangup session leader exit
828 * @tty: tty to hangup
829 *
830 * The session leader is exiting and hanging up its controlling terminal.
831 * Every process in the foreground process group is signalled SIGHUP.
832 *
833 * We do this synchronously so that when the syscall returns the process
834 * is complete. That guarantee is necessary for security reasons.
835 */
836
44a459fd 837static void tty_vhangup_session(struct tty_struct *tty)
f91e2590
PH		 838{
839#ifdef TTY_DEBUG_HANGUP
840 char buf[64];
841
842 printk(KERN_DEBUG "%s vhangup session...\n", tty_name(tty, buf));
843#endif
844 __tty_hangup(tty, 1);
845}
846
af9b897e
AC		 847/**
848 * tty_hung_up_p - was tty hung up
849 * @filp: file pointer of tty
850 *
851 * Return true if the tty has been subject to a vhangup or a carrier
852 * loss
853 */
854
37bdfb07 855int tty_hung_up_p(struct file *filp)
1da177e4
LT		 856{
857 return (filp->f_op == &hung_up_tty_fops);
858}
859
860EXPORT_SYMBOL(tty_hung_up_p);
861
af9b897e
AC		 862/**
863 * disassociate_ctty - disconnect controlling tty
864 * @on_exit: true if exiting so need to "hang up" the session
1da177e4 865 *
af9b897e
AC		 866 * This function is typically called only by the session leader, when
867 * it wants to disassociate itself from its controlling tty.
868 *
869 * It performs the following functions:
1da177e4
LT		 870 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
871 * (2) Clears the tty from being controlling the session
872 * (3) Clears the controlling tty for all processes in the
873 * session group.
874 *
af9b897e
AC		 875 * The argument on_exit is set to 1 if called when a process is
876 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
877 *
24ec839c 878 * Locking:
ec79d605
AB		 879 * BTM is taken for hysterical raisins, and held when
880 * called from no_tty().
24ec839c
PZ		 881 * tty_mutex is taken to protect tty
882 * ->siglock is taken to protect ->signal/->sighand
883 * tasklist_lock is taken to walk process list for sessions
884 * ->siglock is taken to protect ->signal/->sighand
1da177e4 885 */
af9b897e 886
1da177e4
LT		 887void disassociate_ctty(int on_exit)
888{
889 struct tty_struct *tty;
1da177e4 890
5ec93d11
AC		 891 if (!current->signal->leader)
892 return;
1da177e4 893
24ec839c 894 tty = get_current_tty();
1da177e4 895 if (tty) {
f91e2590
PH		 896 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
897 tty_vhangup_session(tty);
898 } else {
899 struct pid *tty_pgrp = tty_get_pgrp(tty);
900 if (tty_pgrp) {
901 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
03e12617
ON		 902 if (!on_exit)
903 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
f91e2590
PH		 904 put_pid(tty_pgrp);
905 }
1411dc4a 906 }
f91e2590
PH		 907 tty_kref_put(tty);
908
680a9671 909 } else if (on_exit) {
ab521dc0 910 struct pid *old_pgrp;
680a9671
EB		 911 spin_lock_irq(&current->sighand->siglock);
912 old_pgrp = current->signal->tty_old_pgrp;
ab521dc0 913 current->signal->tty_old_pgrp = NULL;
680a9671 914 spin_unlock_irq(&current->sighand->siglock);
24ec839c 915 if (old_pgrp) {
ab521dc0
EB		 916 kill_pgrp(old_pgrp, SIGHUP, on_exit);
917 kill_pgrp(old_pgrp, SIGCONT, on_exit);
918 put_pid(old_pgrp);
1da177e4 919 }
1da177e4
LT		 920 return;
921 }
1da177e4 922
24ec839c 923 spin_lock_irq(&current->sighand->siglock);
2a65f1d9 924 put_pid(current->signal->tty_old_pgrp);
23cac8de 925 current->signal->tty_old_pgrp = NULL;
24ec839c 926
c70dbb1e 927 tty = tty_kref_get(current->signal->tty);
24ec839c 928 if (tty) {
47f86834
AC		 929 unsigned long flags;
930 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 931 put_pid(tty->session);
932 put_pid(tty->pgrp);
933 tty->session = NULL;
934 tty->pgrp = NULL;
47f86834 935 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
452a00d2 936 tty_kref_put(tty);
24ec839c
PZ		 937 } else {
938#ifdef TTY_DEBUG_HANGUP
939 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
940 " = NULL", tty);
941#endif
942 }
1da177e4 943
c70dbb1e 944 spin_unlock_irq(&current->sighand->siglock);
1da177e4
LT		 945 /* Now clear signal->tty under the lock */
946 read_lock(&tasklist_lock);
ab521dc0 947 session_clear_tty(task_session(current));
1da177e4 948 read_unlock(&tasklist_lock);
1da177e4
LT		 949}
950
98a27ba4
EB		 951/**
952 *
953 * no_tty - Ensure the current process does not have a controlling tty
954 */
955void no_tty(void)
956{
3af502b9
AC		 957 /* FIXME: Review locking here. The tty_lock never covered any race
958 between a new association and proc_clear_tty but possible we need
959 to protect against this anyway */
98a27ba4 960 struct task_struct *tsk = current;
5ec93d11 961 disassociate_ctty(0);
98a27ba4
EB		 962 proc_clear_tty(tsk);
963}
964
af9b897e
AC		 965
966/**
beb7dd86 967 * stop_tty - propagate flow control
af9b897e
AC		 968 * @tty: tty to stop
969 *
01adc807 970 * Perform flow control to the driver. May be called
af9b897e
AC		 971 * on an already stopped device and will not re-call the driver
972 * method.
973 *
974 * This functionality is used by both the line disciplines for
975 * halting incoming flow and by the driver. It may therefore be
976 * called from any context, may be under the tty atomic_write_lock
977 * but not always.
978 *
979 * Locking:
f9e053dc 980 * flow_lock
af9b897e
AC		 981 */
982
f9e053dc 983void __stop_tty(struct tty_struct *tty)
1da177e4 984{
f9e053dc 985 if (tty->stopped)
1da177e4
LT		 986 return;
987 tty->stopped = 1;
f34d7a5b
AC		 988 if (tty->ops->stop)
989 (tty->ops->stop)(tty);
1da177e4
LT		 990}
991
f9e053dc
PH		 992void stop_tty(struct tty_struct *tty)
993{
994 unsigned long flags;
995
996 spin_lock_irqsave(&tty->flow_lock, flags);
997 __stop_tty(tty);
998 spin_unlock_irqrestore(&tty->flow_lock, flags);
999}
1da177e4
LT		 1000EXPORT_SYMBOL(stop_tty);
1001
af9b897e 1002/**
beb7dd86 1003 * start_tty - propagate flow control
af9b897e
AC		 1004 * @tty: tty to start
1005 *
01adc807
PH		 1006 * Start a tty that has been stopped if at all possible. If this
1007 * tty was previous stopped and is now being started, the driver
1008 * start method is invoked and the line discipline woken.
af9b897e
AC		 1009 *
1010 * Locking:
f9e053dc 1011 * flow_lock
af9b897e
AC		 1012 */
1013
f9e053dc 1014void __start_tty(struct tty_struct *tty)
1da177e4 1015{
f9e053dc 1016 if (!tty->stopped || tty->flow_stopped)
1da177e4
LT		 1017 return;
1018 tty->stopped = 0;
f34d7a5b
AC		 1019 if (tty->ops->start)
1020 (tty->ops->start)(tty);
1da177e4 1021 tty_wakeup(tty);
1da177e4
LT		 1022}
1023
f9e053dc
PH		 1024void start_tty(struct tty_struct *tty)
1025{
1026 unsigned long flags;
1027
1028 spin_lock_irqsave(&tty->flow_lock, flags);
1029 __start_tty(tty);
1030 spin_unlock_irqrestore(&tty->flow_lock, flags);
1031}
1da177e4
LT		 1032EXPORT_SYMBOL(start_tty);
1033
b0b88565 1034/* We limit tty time update visibility to every 8 seconds or so. */
37b7f3c7
JS		 1035static void tty_update_time(struct timespec *time)
1036{
b0b88565 1037 unsigned long sec = get_seconds() & ~7;
37b7f3c7
JS		 1038 if ((long)(sec - time->tv_sec) > 0)
1039 time->tv_sec = sec;
1040}
1041
af9b897e
AC		 1042/**
1043 * tty_read - read method for tty device files
1044 * @file: pointer to tty file
1045 * @buf: user buffer
1046 * @count: size of user buffer
1047 * @ppos: unused
1048 *
1049 * Perform the read system call function on this terminal device. Checks
1050 * for hung up devices before calling the line discipline method.
1051 *
1052 * Locking:
47f86834
AC		 1053 * Locks the line discipline internally while needed. Multiple
1054 * read calls may be outstanding in parallel.
af9b897e
AC		 1055 */
1056
37bdfb07 1057static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
1da177e4
LT		 1058 loff_t *ppos)
1059{
1060 int i;
37b7f3c7 1061 struct inode *inode = file_inode(file);
d996b62a 1062 struct tty_struct *tty = file_tty(file);
1da177e4
LT		 1063 struct tty_ldisc *ld;
1064
37b7f3c7 1065 if (tty_paranoia_check(tty, inode, "tty_read"))
1da177e4
LT		 1066 return -EIO;
1067 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
1068 return -EIO;
1069
1070 /* We want to wait for the line discipline to sort out in this
1071 situation */
1072 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 1073 if (ld->ops->read)
1074 i = (ld->ops->read)(tty, file, buf, count);
1da177e4
LT		 1075 else
1076 i = -EIO;
1077 tty_ldisc_deref(ld);
b0de59b5 1078
37b7f3c7
JS		 1079 if (i > 0)
1080 tty_update_time(&inode->i_atime);
1081
1da177e4
LT		 1082 return i;
1083}
1084
136d5258 1085static void tty_write_unlock(struct tty_struct *tty)
9c1729db
AC		 1086{
1087 mutex_unlock(&tty->atomic_write_lock);
4b19449d 1088 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
9c1729db
AC		 1089}
1090
136d5258 1091static int tty_write_lock(struct tty_struct *tty, int ndelay)
9c1729db
AC		 1092{
1093 if (!mutex_trylock(&tty->atomic_write_lock)) {
1094 if (ndelay)
1095 return -EAGAIN;
1096 if (mutex_lock_interruptible(&tty->atomic_write_lock))
1097 return -ERESTARTSYS;
1098 }
1099 return 0;
1100}
1101
1da177e4
LT		 1102/*
1103 * Split writes up in sane blocksizes to avoid
1104 * denial-of-service type attacks
1105 */
1106static inline ssize_t do_tty_write(
1107 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1108 struct tty_struct *tty,
1109 struct file *file,
1110 const char __user *buf,
1111 size_t count)
1112{
9c1729db 1113 ssize_t ret, written = 0;
1da177e4 1114 unsigned int chunk;
37bdfb07 1115
9c1729db
AC		 1116 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1117 if (ret < 0)
1118 return ret;
1da177e4
LT		 1119
1120 /*
1121 * We chunk up writes into a temporary buffer. This
1122 * simplifies low-level drivers immensely, since they
1123 * don't have locking issues and user mode accesses.
1124 *
1125 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1126 * big chunk-size..
1127 *
1128 * The default chunk-size is 2kB, because the NTTY
1129 * layer has problems with bigger chunks. It will
1130 * claim to be able to handle more characters than
1131 * it actually does.
af9b897e
AC		 1132 *
1133 * FIXME: This can probably go away now except that 64K chunks
1134 * are too likely to fail unless switched to vmalloc...
1da177e4
LT		 1135 */
1136 chunk = 2048;
1137 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1138 chunk = 65536;
1139 if (count < chunk)
1140 chunk = count;
1141
70522e12 1142 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1da177e4 1143 if (tty->write_cnt < chunk) {
402fda92 1144 unsigned char *buf_chunk;
1da177e4
LT		 1145
1146 if (chunk < 1024)
1147 chunk = 1024;
1148
402fda92
JW		 1149 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1150 if (!buf_chunk) {
9c1729db
AC		 1151 ret = -ENOMEM;
1152 goto out;
1da177e4
LT		 1153 }
1154 kfree(tty->write_buf);
1155 tty->write_cnt = chunk;
402fda92 1156 tty->write_buf = buf_chunk;
1da177e4
LT		 1157 }
1158
1159 /* Do the write .. */
1160 for (;;) {
1161 size_t size = count;
1162 if (size > chunk)
1163 size = chunk;
1164 ret = -EFAULT;
1165 if (copy_from_user(tty->write_buf, buf, size))
1166 break;
1da177e4 1167 ret = write(tty, file, tty->write_buf, size);
1da177e4
LT		 1168 if (ret <= 0)
1169 break;
1170 written += ret;
1171 buf += ret;
1172 count -= ret;
1173 if (!count)
1174 break;
1175 ret = -ERESTARTSYS;
1176 if (signal_pending(current))
1177 break;
1178 cond_resched();
1179 }
37b7f3c7
JS		 1180 if (written) {
1181 tty_update_time(&file_inode(file)->i_mtime);
1da177e4 1182 ret = written;
37b7f3c7 1183 }
9c1729db
AC		 1184out:
1185 tty_write_unlock(tty);
1da177e4
LT		 1186 return ret;
1187}
1188
95f9bfc6
AC		 1189/**
1190 * tty_write_message - write a message to a certain tty, not just the console.
1191 * @tty: the destination tty_struct
1192 * @msg: the message to write
1193 *
1194 * This is used for messages that need to be redirected to a specific tty.
1195 * We don't put it into the syslog queue right now maybe in the future if
1196 * really needed.
1197 *
ec79d605 1198 * We must still hold the BTM and test the CLOSING flag for the moment.
95f9bfc6
AC		 1199 */
1200
1201void tty_write_message(struct tty_struct *tty, char *msg)
1202{
95f9bfc6
AC		 1203 if (tty) {
1204 mutex_lock(&tty->atomic_write_lock);
89c8d91e 1205 tty_lock(tty);
eeb89d91 1206 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
89c8d91e 1207 tty_unlock(tty);
95f9bfc6 1208 tty->ops->write(tty, msg, strlen(msg));
eeb89d91 1209 } else
89c8d91e 1210 tty_unlock(tty);
95f9bfc6
AC		 1211 tty_write_unlock(tty);
1212 }
95f9bfc6
AC		 1213 return;
1214}
1215
1da177e4 1216
af9b897e
AC		 1217/**
1218 * tty_write - write method for tty device file
1219 * @file: tty file pointer
1220 * @buf: user data to write
1221 * @count: bytes to write
1222 * @ppos: unused
1223 *
1224 * Write data to a tty device via the line discipline.
1225 *
1226 * Locking:
1227 * Locks the line discipline as required
1228 * Writes to the tty driver are serialized by the atomic_write_lock
1229 * and are then processed in chunks to the device. The line discipline
a88a69c9 1230 * write method will not be invoked in parallel for each device.
af9b897e
AC		 1231 */
1232
37bdfb07
AC		 1233static ssize_t tty_write(struct file *file, const char __user *buf,
1234 size_t count, loff_t *ppos)
1da177e4 1235{
d996b62a
NP		 1236 struct tty_struct *tty = file_tty(file);
1237 struct tty_ldisc *ld;
1da177e4 1238 ssize_t ret;
37bdfb07 1239
6131ffaa 1240 if (tty_paranoia_check(tty, file_inode(file), "tty_write"))
1da177e4 1241 return -EIO;
f34d7a5b 1242 if (!tty || !tty->ops->write ||
37bdfb07
AC		 1243 (test_bit(TTY_IO_ERROR, &tty->flags)))
1244 return -EIO;
f34d7a5b
AC		 1245 /* Short term debug to catch buggy drivers */
1246 if (tty->ops->write_room == NULL)
1247 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1248 tty->driver->name);
37bdfb07 1249 ld = tty_ldisc_ref_wait(tty);
a352def2 1250 if (!ld->ops->write)
1da177e4
LT		 1251 ret = -EIO;
1252 else
a352def2 1253 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1da177e4
LT		 1254 tty_ldisc_deref(ld);
1255 return ret;
1256}
1257
37bdfb07
AC		 1258ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1259 size_t count, loff_t *ppos)
1da177e4
LT		 1260{
1261 struct file *p = NULL;
1262
1263 spin_lock(&redirect_lock);
cb0942b8
AV		 1264 if (redirect)
1265 p = get_file(redirect);
1da177e4
LT		 1266 spin_unlock(&redirect_lock);
1267
1268 if (p) {
1269 ssize_t res;
1270 res = vfs_write(p, buf, count, &p->f_pos);
1271 fput(p);
1272 return res;
1273 }
1da177e4
LT		 1274 return tty_write(file, buf, count, ppos);
1275}
1276
136d5258
PH		 1277/**
1278 * tty_send_xchar - send priority character
1279 *
1280 * Send a high priority character to the tty even if stopped
1281 *
1282 * Locking: none for xchar method, write ordering for write method.
1283 */
1284
1285int tty_send_xchar(struct tty_struct *tty, char ch)
1286{
1287 int was_stopped = tty->stopped;
1288
1289 if (tty->ops->send_xchar) {
1290 tty->ops->send_xchar(tty, ch);
1291 return 0;
1292 }
1293
1294 if (tty_write_lock(tty, 0) < 0)
1295 return -ERESTARTSYS;
1296
1297 if (was_stopped)
1298 start_tty(tty);
1299 tty->ops->write(tty, &ch, 1);
1300 if (was_stopped)
1301 stop_tty(tty);
1302 tty_write_unlock(tty);
1303 return 0;
1304}
1305
1da177e4
LT		 1306static char ptychar[] = "pqrstuvwxyzabcde";
1307
af9b897e
AC		 1308/**
1309 * pty_line_name - generate name for a pty
1310 * @driver: the tty driver in use
1311 * @index: the minor number
1312 * @p: output buffer of at least 6 bytes
1313 *
1314 * Generate a name from a driver reference and write it to the output
1315 * buffer.
1316 *
1317 * Locking: None
1318 */
1319static void pty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4
LT		 1320{
1321 int i = index + driver->name_base;
1322 /* ->name is initialized to "ttyp", but "tty" is expected */
1323 sprintf(p, "%s%c%x",
37bdfb07
AC		 1324 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1325 ptychar[i >> 4 & 0xf], i & 0xf);
1da177e4
LT		 1326}
1327
af9b897e 1328/**
8b0a88d5 1329 * tty_line_name - generate name for a tty
af9b897e
AC		 1330 * @driver: the tty driver in use
1331 * @index: the minor number
1332 * @p: output buffer of at least 7 bytes
1333 *
1334 * Generate a name from a driver reference and write it to the output
5c0a2450 1335 * buffer.
af9b897e
AC		 1336 *
1337 * Locking: None
1338 */
723abd87 1339static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p)
1da177e4 1340{
0019b408 1341 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
723abd87 1342 return sprintf(p, "%s", driver->name);
0019b408 1343 else
723abd87
HR		 1344 return sprintf(p, "%s%d", driver->name,
1345 index + driver->name_base);
1da177e4
LT		 1346}
1347
99f1fe18
AC		 1348/**
1349 * tty_driver_lookup_tty() - find an existing tty, if any
1350 * @driver: the driver for the tty
1351 * @idx: the minor number
23499705 1352 *
99f1fe18 1353 * Return the tty, if found or ERR_PTR() otherwise.
23499705 1354 *
99f1fe18
AC		 1355 * Locking: tty_mutex must be held. If tty is found, the mutex must
1356 * be held until the 'fast-open' is also done. Will change once we
1357 * have refcounting in the driver and per driver locking
23499705 1358 */
a47d545f 1359static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
15f1a633 1360 struct inode *inode, int idx)
23499705 1361{
99f1fe18 1362 if (driver->ops->lookup)
15f1a633 1363 return driver->ops->lookup(driver, inode, idx);
23499705 1364
d4834267 1365 return driver->ttys[idx];
23499705
SB		 1366}
1367
bf970ee4
AC		 1368/**
1369 * tty_init_termios - helper for termios setup
1370 * @tty: the tty to set up
1371 *
1372 * Initialise the termios structures for this tty. Thus runs under
1373 * the tty_mutex currently so we can be relaxed about ordering.
1374 */
1375
1376int tty_init_termios(struct tty_struct *tty)
1377{
fe6e29fd 1378 struct ktermios *tp;
bf970ee4
AC		 1379 int idx = tty->index;
1380
36b3c070
AC		 1381 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1382 tty->termios = tty->driver->init_termios;
1383 else {
1384 /* Check for lazy saved data */
1385 tp = tty->driver->termios[idx];
1386 if (tp != NULL)
1387 tty->termios = *tp;
1388 else
1389 tty->termios = tty->driver->init_termios;
bf970ee4 1390 }
bf970ee4 1391 /* Compatibility until drivers always set this */
adc8d746
AC		 1392 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1393 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
bf970ee4
AC		 1394 return 0;
1395}
fe1ae7fd 1396EXPORT_SYMBOL_GPL(tty_init_termios);
bf970ee4 1397
66d450e8
JS		 1398int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1399{
1400 int ret = tty_init_termios(tty);
1401 if (ret)
1402 return ret;
1403
1404 tty_driver_kref_get(driver);
1405 tty->count++;
1406 driver->ttys[tty->index] = tty;
1407 return 0;
1408}
1409EXPORT_SYMBOL_GPL(tty_standard_install);
1410
99f1fe18 1411/**
8b0a88d5
AC		 1412 * tty_driver_install_tty() - install a tty entry in the driver
1413 * @driver: the driver for the tty
1414 * @tty: the tty
1415 *
1416 * Install a tty object into the driver tables. The tty->index field
bf970ee4
AC		 1417 * will be set by the time this is called. This method is responsible
1418 * for ensuring any need additional structures are allocated and
1419 * configured.
8b0a88d5
AC		 1420 *
1421 * Locking: tty_mutex for now
1422 */
1423static int tty_driver_install_tty(struct tty_driver *driver,
1424 struct tty_struct *tty)
1425{
66d450e8
JS		 1426 return driver->ops->install ? driver->ops->install(driver, tty) :
1427 tty_standard_install(driver, tty);
8b0a88d5
AC		 1428}
1429
1430/**
1431 * tty_driver_remove_tty() - remove a tty from the driver tables
1432 * @driver: the driver for the tty
1433 * @idx: the minor number
1434 *
1435 * Remvoe a tty object from the driver tables. The tty->index field
1436 * will be set by the time this is called.
1437 *
1438 * Locking: tty_mutex for now
1439 */
24d406a6 1440void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
8b0a88d5
AC		 1441{
1442 if (driver->ops->remove)
1443 driver->ops->remove(driver, tty);
1444 else
1445 driver->ttys[tty->index] = NULL;
1446}
1447
1448/*
1449 * tty_reopen() - fast re-open of an open tty
1450 * @tty - the tty to open
23499705 1451 *
99f1fe18 1452 * Return 0 on success, -errno on error.
23499705 1453 *
99f1fe18
AC		 1454 * Locking: tty_mutex must be held from the time the tty was found
1455 * till this open completes.
23499705 1456 */
99f1fe18 1457static int tty_reopen(struct tty_struct *tty)
23499705
SB		 1458{
1459 struct tty_driver *driver = tty->driver;
1460
e2efafbf 1461 if (test_bit(TTY_CLOSING, &tty->flags) ||
36697529 1462 test_bit(TTY_HUPPING, &tty->flags))
23499705
SB		 1463 return -EIO;
1464
1465 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1466 driver->subtype == PTY_TYPE_MASTER) {
1467 /*
1468 * special case for PTY masters: only one open permitted,
1469 * and the slave side open count is incremented as well.
1470 */
1471 if (tty->count)
1472 return -EIO;
1473
1474 tty->link->count++;
1475 }
1476 tty->count++;
23499705 1477
36697529 1478 WARN_ON(!tty->ldisc);
23499705
SB		 1479
1480 return 0;
1481}
1482
af9b897e 1483/**
d81ed103 1484 * tty_init_dev - initialise a tty device
af9b897e
AC		 1485 * @driver: tty driver we are opening a device on
1486 * @idx: device index
15582d36 1487 * @ret_tty: returned tty structure
af9b897e
AC		 1488 *
1489 * Prepare a tty device. This may not be a "new" clean device but
1490 * could also be an active device. The pty drivers require special
1491 * handling because of this.
1492 *
1493 * Locking:
1494 * The function is called under the tty_mutex, which
1495 * protects us from the tty struct or driver itself going away.
1496 *
1497 * On exit the tty device has the line discipline attached and
1498 * a reference count of 1. If a pair was created for pty/tty use
1499 * and the other was a pty master then it too has a reference count of 1.
1500 *
1da177e4 1501 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
70522e12
IM		 1502 * failed open. The new code protects the open with a mutex, so it's
1503 * really quite straightforward. The mutex locking can probably be
1da177e4
LT		 1504 * relaxed for the (most common) case of reopening a tty.
1505 */
af9b897e 1506
593a27c4 1507struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1da177e4 1508{
bf970ee4 1509 struct tty_struct *tty;
73ec06fc 1510 int retval;
1da177e4 1511
1da177e4
LT		 1512 /*
1513 * First time open is complex, especially for PTY devices.
1514 * This code guarantees that either everything succeeds and the
1515 * TTY is ready for operation, or else the table slots are vacated
37bdfb07 1516 * and the allocated memory released. (Except that the termios
1da177e4
LT		 1517 * and locked termios may be retained.)
1518 */
1519
73ec06fc
AC		 1520 if (!try_module_get(driver->owner))
1521 return ERR_PTR(-ENODEV);
1da177e4 1522
2c964a2f 1523 tty = alloc_tty_struct(driver, idx);
d5543503
JS		 1524 if (!tty) {
1525 retval = -ENOMEM;
1526 goto err_module_put;
1527 }
1da177e4 1528
89c8d91e 1529 tty_lock(tty);
73ec06fc 1530 retval = tty_driver_install_tty(driver, tty);
d5543503 1531 if (retval < 0)
a9dccddb 1532 goto err_deinit_tty;
8b0a88d5 1533
04831dc1
JS		 1534 if (!tty->port)
1535 tty->port = driver->ports[idx];
1536
5d4121c0
JS		 1537 WARN_RATELIMIT(!tty->port,
1538 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1539 __func__, tty->driver->name);
1540
967fab69
JS		 1541 tty->port->itty = tty;
1542
37bdfb07 1543 /*
1da177e4 1544 * Structures all installed ... call the ldisc open routines.
d5698c28
CH		 1545 * If we fail here just call release_tty to clean up. No need
1546 * to decrement the use counts, as release_tty doesn't care.
1da177e4 1547 */
bf970ee4 1548 retval = tty_ldisc_setup(tty, tty->link);
01e1abb2 1549 if (retval)
d5543503 1550 goto err_release_tty;
89c8d91e 1551 /* Return the tty locked so that it cannot vanish under the caller */
73ec06fc 1552 return tty;
1da177e4 1553
a9dccddb 1554err_deinit_tty:
89c8d91e 1555 tty_unlock(tty);
a9dccddb 1556 deinitialize_tty_struct(tty);
d5543503
JS		 1557 free_tty_struct(tty);
1558err_module_put:
1da177e4 1559 module_put(driver->owner);
d5543503 1560 return ERR_PTR(retval);
1da177e4 1561
d5698c28 1562 /* call the tty release_tty routine to clean out this slot */
d5543503 1563err_release_tty:
89c8d91e 1564 tty_unlock(tty);
5a3c6b25 1565 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
4050914f 1566 "clearing slot %d\n", idx);
d5698c28 1567 release_tty(tty, idx);
73ec06fc 1568 return ERR_PTR(retval);
1da177e4
LT		 1569}
1570
feebed65
AC		 1571void tty_free_termios(struct tty_struct *tty)
1572{
1573 struct ktermios *tp;
1574 int idx = tty->index;
36b3c070
AC		 1575
1576 /* If the port is going to reset then it has no termios to save */
1577 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1578 return;
1579
1580 /* Stash the termios data */
1581 tp = tty->driver->termios[idx];
1582 if (tp == NULL) {
1583 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1584 if (tp == NULL) {
1585 pr_warn("tty: no memory to save termios state.\n");
1586 return;
1587 }
4ac5d705 1588 tty->driver->termios[idx] = tp;
feebed65 1589 }
36b3c070 1590 *tp = tty->termios;
feebed65
AC		 1591}
1592EXPORT_SYMBOL(tty_free_termios);
1593
a2965b7b
PH		 1594/**
1595 * tty_flush_works - flush all works of a tty
1596 * @tty: tty device to flush works for
1597 *
1598 * Sync flush all works belonging to @tty.
1599 */
1600static void tty_flush_works(struct tty_struct *tty)
1601{
1602 flush_work(&tty->SAK_work);
1603 flush_work(&tty->hangup_work);
1604}
feebed65 1605
af9b897e 1606/**
d5698c28 1607 * release_one_tty - release tty structure memory
9c9f4ded 1608 * @kref: kref of tty we are obliterating
af9b897e
AC		 1609 *
1610 * Releases memory associated with a tty structure, and clears out the
1611 * driver table slots. This function is called when a device is no longer
1612 * in use. It also gets called when setup of a device fails.
1613 *
1614 * Locking:
af9b897e
AC		 1615 * takes the file list lock internally when working on the list
1616 * of ttys that the driver keeps.
b50989dc
AC		 1617 *
1618 * This method gets called from a work queue so that the driver private
f278a2f7 1619 * cleanup ops can sleep (needed for USB at least)
1da177e4 1620 */
b50989dc 1621static void release_one_tty(struct work_struct *work)
1da177e4 1622{
b50989dc
AC		 1623 struct tty_struct *tty =
1624 container_of(work, struct tty_struct, hangup_work);
6f967f78 1625 struct tty_driver *driver = tty->driver;
b216df53 1626 struct module *owner = driver->owner;
d5698c28 1627
f278a2f7
DY		 1628 if (tty->ops->cleanup)
1629 tty->ops->cleanup(tty);
1630
1da177e4 1631 tty->magic = 0;
7d7b93c1 1632 tty_driver_kref_put(driver);
b216df53 1633 module_put(owner);
d5698c28 1634
ee2ffa0d 1635 spin_lock(&tty_files_lock);
1da177e4 1636 list_del_init(&tty->tty_files);
ee2ffa0d 1637 spin_unlock(&tty_files_lock);
d5698c28 1638
6da8d866
ON		 1639 put_pid(tty->pgrp);
1640 put_pid(tty->session);
1da177e4
LT		 1641 free_tty_struct(tty);
1642}
1643
b50989dc
AC		 1644static void queue_release_one_tty(struct kref *kref)
1645{
1646 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
f278a2f7 1647
b50989dc
AC		 1648 /* The hangup queue is now free so we can reuse it rather than
1649 waste a chunk of memory for each port */
1650 INIT_WORK(&tty->hangup_work, release_one_tty);
1651 schedule_work(&tty->hangup_work);
1652}
1653
9c9f4ded
AC		 1654/**
1655 * tty_kref_put - release a tty kref
1656 * @tty: tty device
1657 *
1658 * Release a reference to a tty device and if need be let the kref
1659 * layer destruct the object for us
1660 */
1661
1662void tty_kref_put(struct tty_struct *tty)
1663{
1664 if (tty)
b50989dc 1665 kref_put(&tty->kref, queue_release_one_tty);
9c9f4ded
AC		 1666}
1667EXPORT_SYMBOL(tty_kref_put);
1668
d5698c28
CH		 1669/**
1670 * release_tty - release tty structure memory
1671 *
1672 * Release both @tty and a possible linked partner (think pty pair),
1673 * and decrement the refcount of the backing module.
1674 *
1675 * Locking:
d155255a 1676 * tty_mutex
d5698c28
CH		 1677 * takes the file list lock internally when working on the list
1678 * of ttys that the driver keeps.
9c9f4ded 1679 *
d5698c28
CH		 1680 */
1681static void release_tty(struct tty_struct *tty, int idx)
1682{
9c9f4ded
AC		 1683 /* This should always be true but check for the moment */
1684 WARN_ON(tty->index != idx);
d155255a 1685 WARN_ON(!mutex_is_locked(&tty_mutex));
36b3c070
AC		 1686 if (tty->ops->shutdown)
1687 tty->ops->shutdown(tty);
1688 tty_free_termios(tty);
1689 tty_driver_remove_tty(tty->driver, tty);
967fab69 1690 tty->port->itty = NULL;
64e377dc
PH		 1691 if (tty->link)
1692 tty->link->port->itty = NULL;
4f98d467 1693 cancel_work_sync(&tty->port->buf.work);
36b3c070 1694
d5698c28 1695 if (tty->link)
9c9f4ded
AC		 1696 tty_kref_put(tty->link);
1697 tty_kref_put(tty);
d5698c28
CH		 1698}
1699
955787ca
JS		 1700/**
1701 * tty_release_checks - check a tty before real release
1702 * @tty: tty to check
1703 * @o_tty: link of @tty (if any)
1704 * @idx: index of the tty
1705 *
1706 * Performs some paranoid checking before true release of the @tty.
1707 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1708 */
1709static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1710 int idx)
1711{
1712#ifdef TTY_PARANOIA_CHECK
1713 if (idx < 0 || idx >= tty->driver->num) {
9de44bd6
JS		 1714 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1715 __func__, tty->name);
955787ca
JS		 1716 return -1;
1717 }
1718
1719 /* not much to check for devpts */
1720 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1721 return 0;
1722
1723 if (tty != tty->driver->ttys[idx]) {
9de44bd6
JS		 1724 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1725 __func__, idx, tty->name);
955787ca
JS		 1726 return -1;
1727 }
955787ca
JS		 1728 if (tty->driver->other) {
1729 if (o_tty != tty->driver->other->ttys[idx]) {
9de44bd6
JS		 1730 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1731 __func__, idx, tty->name);
955787ca
JS		 1732 return -1;
1733 }
955787ca 1734 if (o_tty->link != tty) {
9de44bd6 1735 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
955787ca
JS		 1736 return -1;
1737 }
1738 }
1739#endif
1740 return 0;
1741}
1742
eeb89d91
AC		 1743/**
1744 * tty_release - vfs callback for close
1745 * @inode: inode of tty
1746 * @filp: file pointer for handle to tty
1747 *
1748 * Called the last time each file handle is closed that references
1749 * this tty. There may however be several such references.
1750 *
1751 * Locking:
1752 * Takes bkl. See tty_release_dev
1753 *
1da177e4
LT		 1754 * Even releasing the tty structures is a tricky business.. We have
1755 * to be very careful that the structures are all released at the
1756 * same time, as interrupts might otherwise get the wrong pointers.
1757 *
1758 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1759 * lead to double frees or releasing memory still in use.
1760 */
eeb89d91
AC		 1761
1762int tty_release(struct inode *inode, struct file *filp)
1da177e4 1763{
d996b62a
NP		 1764 struct tty_struct *tty = file_tty(filp);
1765 struct tty_struct *o_tty;
1da177e4 1766 int pty_master, tty_closing, o_tty_closing, do_sleep;
1da177e4
LT		 1767 int idx;
1768 char buf[64];
37bdfb07 1769
9de44bd6 1770 if (tty_paranoia_check(tty, inode, __func__))
eeb89d91 1771 return 0;
1da177e4 1772
89c8d91e 1773 tty_lock(tty);
9de44bd6 1774 check_tty_count(tty, __func__);
1da177e4 1775
ec79d605 1776 __tty_fasync(-1, filp, 0);
1da177e4
LT		 1777
1778 idx = tty->index;
1779 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1780 tty->driver->subtype == PTY_TYPE_MASTER);
89c8d91e 1781 /* Review: parallel close */
1da177e4
LT		 1782 o_tty = tty->link;
1783
955787ca 1784 if (tty_release_checks(tty, o_tty, idx)) {
89c8d91e 1785 tty_unlock(tty);
eeb89d91 1786 return 0;
1da177e4 1787 }
1da177e4
LT		 1788
1789#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 1790 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1791 tty_name(tty, buf), tty->count);
1da177e4
LT		 1792#endif
1793
f34d7a5b
AC		 1794 if (tty->ops->close)
1795 tty->ops->close(tty, filp);
1da177e4 1796
89c8d91e 1797 tty_unlock(tty);
1da177e4
LT		 1798 /*
1799 * Sanity check: if tty->count is going to zero, there shouldn't be
1800 * any waiters on tty->read_wait or tty->write_wait. We test the
1801 * wait queues and kick everyone out _before_ actually starting to
1802 * close. This ensures that we won't block while releasing the tty
1803 * structure.
1804 *
1805 * The test for the o_tty closing is necessary, since the master and
1806 * slave sides may close in any order. If the slave side closes out
1807 * first, its count will be one, since the master side holds an open.
1808 * Thus this test wouldn't be triggered at the time the slave closes,
1809 * so we do it now.
1810 *
1811 * Note that it's possible for the tty to be opened again while we're
1812 * flushing out waiters. By recalculating the closing flags before
1813 * each iteration we avoid any problems.
1814 */
1815 while (1) {
1816 /* Guard against races with tty->count changes elsewhere and
1817 opens on /dev/tty */
37bdfb07 1818
70522e12 1819 mutex_lock(&tty_mutex);
89c8d91e 1820 tty_lock_pair(tty, o_tty);
1da177e4
LT		 1821 tty_closing = tty->count <= 1;
1822 o_tty_closing = o_tty &&
1823 (o_tty->count <= (pty_master ? 1 : 0));
1da177e4
LT		 1824 do_sleep = 0;
1825
1826 if (tty_closing) {
1827 if (waitqueue_active(&tty->read_wait)) {
4b19449d 1828 wake_up_poll(&tty->read_wait, POLLIN);
1da177e4
LT		 1829 do_sleep++;
1830 }
1831 if (waitqueue_active(&tty->write_wait)) {
4b19449d 1832 wake_up_poll(&tty->write_wait, POLLOUT);
1da177e4
LT		 1833 do_sleep++;
1834 }
1835 }
1836 if (o_tty_closing) {
1837 if (waitqueue_active(&o_tty->read_wait)) {
4b19449d 1838 wake_up_poll(&o_tty->read_wait, POLLIN);
1da177e4
LT		 1839 do_sleep++;
1840 }
1841 if (waitqueue_active(&o_tty->write_wait)) {
4b19449d 1842 wake_up_poll(&o_tty->write_wait, POLLOUT);
1da177e4
LT		 1843 do_sleep++;
1844 }
1845 }
1846 if (!do_sleep)
1847 break;
1848
9de44bd6
JS		 1849 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1850 __func__, tty_name(tty, buf));
89c8d91e 1851 tty_unlock_pair(tty, o_tty);
70522e12 1852 mutex_unlock(&tty_mutex);
1da177e4 1853 schedule();
37bdfb07 1854 }
1da177e4
LT		 1855
1856 /*
37bdfb07
AC		 1857 * The closing flags are now consistent with the open counts on
1858 * both sides, and we've completed the last operation that could
1da177e4 1859 * block, so it's safe to proceed with closing.
d155255a
AC		 1860 *
1861 * We must *not* drop the tty_mutex until we ensure that a further
1862 * entry into tty_open can not pick up this tty.
1da177e4 1863 */
1da177e4
LT		 1864 if (pty_master) {
1865 if (--o_tty->count < 0) {
9de44bd6
JS		 1866 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1867 __func__, o_tty->count, tty_name(o_tty, buf));
1da177e4
LT		 1868 o_tty->count = 0;
1869 }
1870 }
1871 if (--tty->count < 0) {
9de44bd6
JS		 1872 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1873 __func__, tty->count, tty_name(tty, buf));
1da177e4
LT		 1874 tty->count = 0;
1875 }
37bdfb07 1876
1da177e4
LT		 1877 /*
1878 * We've decremented tty->count, so we need to remove this file
1879 * descriptor off the tty->tty_files list; this serves two
1880 * purposes:
1881 * - check_tty_count sees the correct number of file descriptors
1882 * associated with this tty.
1883 * - do_tty_hangup no longer sees this file descriptor as
1884 * something that needs to be handled for hangups.
1885 */
d996b62a 1886 tty_del_file(filp);
1da177e4
LT		 1887
1888 /*
1889 * Perform some housekeeping before deciding whether to return.
1890 *
1891 * Set the TTY_CLOSING flag if this was the last open. In the
1892 * case of a pty we may have to wait around for the other side
1893 * to close, and TTY_CLOSING makes sure we can't be reopened.
1894 */
37bdfb07 1895 if (tty_closing)
1da177e4 1896 set_bit(TTY_CLOSING, &tty->flags);
37bdfb07 1897 if (o_tty_closing)
1da177e4
LT		 1898 set_bit(TTY_CLOSING, &o_tty->flags);
1899
1900 /*
1901 * If _either_ side is closing, make sure there aren't any
1902 * processes that still think tty or o_tty is their controlling
1903 * tty.
1904 */
1905 if (tty_closing || o_tty_closing) {
1da177e4 1906 read_lock(&tasklist_lock);
24ec839c 1907 session_clear_tty(tty->session);
1da177e4 1908 if (o_tty)
24ec839c 1909 session_clear_tty(o_tty->session);
1da177e4
LT		 1910 read_unlock(&tasklist_lock);
1911 }
1912
70522e12 1913 mutex_unlock(&tty_mutex);
89c8d91e 1914 tty_unlock_pair(tty, o_tty);
d155255a
AC		 1915 /* At this point the TTY_CLOSING flag should ensure a dead tty
1916 cannot be re-opened by a racing opener */
da965822 1917
1da177e4 1918 /* check whether both sides are closing ... */
d155255a 1919 if (!tty_closing || (o_tty && !o_tty_closing))
eeb89d91 1920 return 0;
37bdfb07 1921
1da177e4 1922#ifdef TTY_DEBUG_HANGUP
96433d10 1923 printk(KERN_DEBUG "%s: %s: final close\n", __func__, tty_name(tty, buf));
1da177e4
LT		 1924#endif
1925 /*
01e1abb2 1926 * Ask the line discipline code to release its structures
1da177e4 1927 */
01e1abb2 1928 tty_ldisc_release(tty, o_tty);
a2965b7b
PH		 1929
1930 /* Wait for pending work before tty destruction commmences */
1931 tty_flush_works(tty);
1932 if (o_tty)
1933 tty_flush_works(o_tty);
1934
96433d10
PH		 1935#ifdef TTY_DEBUG_HANGUP
1936 printk(KERN_DEBUG "%s: %s: freeing structure...\n", __func__, tty_name(tty, buf));
1937#endif
1da177e4 1938 /*
d5698c28 1939 * The release_tty function takes care of the details of clearing
89c8d91e
AC		 1940 * the slots and preserving the termios structure. The tty_unlock_pair
1941 * should be safe as we keep a kref while the tty is locked (so the
1942 * unlock never unlocks a freed tty).
1da177e4 1943 */
d155255a 1944 mutex_lock(&tty_mutex);
d5698c28 1945 release_tty(tty, idx);
d155255a 1946 mutex_unlock(&tty_mutex);
1da177e4 1947
eeb89d91 1948 return 0;
1da177e4
LT		 1949}
1950
b82154ac
JS		 1951/**
1952 * tty_open_current_tty - get tty of current task for open
1953 * @device: device number
1954 * @filp: file pointer to tty
1955 * @return: tty of the current task iff @device is /dev/tty
1956 *
1957 * We cannot return driver and index like for the other nodes because
1958 * devpts will not work then. It expects inodes to be from devpts FS.
3af502b9
AC		 1959 *
1960 * We need to move to returning a refcounted object from all the lookup
1961 * paths including this one.
b82154ac
JS		 1962 */
1963static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1964{
1965 struct tty_struct *tty;
1966
1967 if (device != MKDEV(TTYAUX_MAJOR, 0))
1968 return NULL;
1969
1970 tty = get_current_tty();
1971 if (!tty)
1972 return ERR_PTR(-ENXIO);
1973
1974 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1975 /* noctty = 1; */
1976 tty_kref_put(tty);
1977 /* FIXME: we put a reference and return a TTY! */
3af502b9 1978 /* This is only safe because the caller holds tty_mutex */
b82154ac
JS		 1979 return tty;
1980}
1981
5b5e7040
JS		 1982/**
1983 * tty_lookup_driver - lookup a tty driver for a given device file
1984 * @device: device number
1985 * @filp: file pointer to tty
1986 * @noctty: set if the device should not become a controlling tty
1987 * @index: index for the device in the @return driver
1988 * @return: driver for this inode (with increased refcount)
1989 *
1990 * If @return is not erroneous, the caller is responsible to decrement the
1991 * refcount by tty_driver_kref_put.
1992 *
1993 * Locking: tty_mutex protects get_tty_driver
1994 */
1995static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1996 int *noctty, int *index)
1997{
1998 struct tty_driver *driver;
1999
2cd0050c 2000 switch (device) {
5b5e7040 2001#ifdef CONFIG_VT
2cd0050c 2002 case MKDEV(TTY_MAJOR, 0): {
5b5e7040
JS		 2003 extern struct tty_driver *console_driver;
2004 driver = tty_driver_kref_get(console_driver);
2005 *index = fg_console;
2006 *noctty = 1;
2cd0050c 2007 break;
5b5e7040
JS		 2008 }
2009#endif
2cd0050c 2010 case MKDEV(TTYAUX_MAJOR, 1): {
5b5e7040
JS		 2011 struct tty_driver *console_driver = console_device(index);
2012 if (console_driver) {
2013 driver = tty_driver_kref_get(console_driver);
2014 if (driver) {
2015 /* Don't let /dev/console block */
2016 filp->f_flags |= O_NONBLOCK;
2017 *noctty = 1;
2cd0050c 2018 break;
5b5e7040
JS		 2019 }
2020 }
2021 return ERR_PTR(-ENODEV);
2022 }
2cd0050c
JS		 2023 default:
2024 driver = get_tty_driver(device, index);
2025 if (!driver)
2026 return ERR_PTR(-ENODEV);
2027 break;
2028 }
5b5e7040
JS		 2029 return driver;
2030}
2031
af9b897e 2032/**
eeb89d91 2033 * tty_open - open a tty device
af9b897e
AC		 2034 * @inode: inode of device file
2035 * @filp: file pointer to tty
1da177e4 2036 *
af9b897e
AC		 2037 * tty_open and tty_release keep up the tty count that contains the
2038 * number of opens done on a tty. We cannot use the inode-count, as
2039 * different inodes might point to the same tty.
1da177e4 2040 *
af9b897e
AC		 2041 * Open-counting is needed for pty masters, as well as for keeping
2042 * track of serial lines: DTR is dropped when the last close happens.
2043 * (This is not done solely through tty->count, now. - Ted 1/27/92)
2044 *
2045 * The termios state of a pty is reset on first open so that
2046 * settings don't persist across reuse.
2047 *
5b5e7040 2048 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
24ec839c
PZ		 2049 * tty->count should protect the rest.
2050 * ->siglock protects ->signal/->sighand
89c8d91e
AC		 2051 *
2052 * Note: the tty_unlock/lock cases without a ref are only safe due to
2053 * tty_mutex
1da177e4 2054 */
af9b897e 2055
eeb89d91 2056static int tty_open(struct inode *inode, struct file *filp)
1da177e4 2057{
b82154ac 2058 struct tty_struct *tty;
1da177e4 2059 int noctty, retval;
b82154ac 2060 struct tty_driver *driver = NULL;
1da177e4
LT		 2061 int index;
2062 dev_t device = inode->i_rdev;
846c151a 2063 unsigned saved_flags = filp->f_flags;
1da177e4
LT		 2064
2065 nonseekable_open(inode, filp);
37bdfb07 2066
1da177e4 2067retry_open:
fa90e1c9
JS		 2068 retval = tty_alloc_file(filp);
2069 if (retval)
2070 return -ENOMEM;
2071
1da177e4
LT		 2072 noctty = filp->f_flags & O_NOCTTY;
2073 index = -1;
2074 retval = 0;
37bdfb07 2075
70522e12 2076 mutex_lock(&tty_mutex);
89c8d91e 2077 /* This is protected by the tty_mutex */
b82154ac
JS		 2078 tty = tty_open_current_tty(device, filp);
2079 if (IS_ERR(tty)) {
ba5db448
JS		 2080 retval = PTR_ERR(tty);
2081 goto err_unlock;
5b5e7040
JS		 2082 } else if (!tty) {
2083 driver = tty_lookup_driver(device, filp, &noctty, &index);
2084 if (IS_ERR(driver)) {
ba5db448
JS		 2085 retval = PTR_ERR(driver);
2086 goto err_unlock;
1da177e4 2087 }
1da177e4 2088
4a2b5fdd 2089 /* check whether we're reopening an existing tty */
15f1a633 2090 tty = tty_driver_lookup_tty(driver, inode, index);
808ffa3d 2091 if (IS_ERR(tty)) {
ba5db448
JS		 2092 retval = PTR_ERR(tty);
2093 goto err_unlock;
808ffa3d 2094 }
4a2b5fdd
SB		 2095 }
2096
2097 if (tty) {
89c8d91e 2098 tty_lock(tty);
4a2b5fdd 2099 retval = tty_reopen(tty);
89c8d91e
AC		 2100 if (retval < 0) {
2101 tty_unlock(tty);
4a2b5fdd 2102 tty = ERR_PTR(retval);
89c8d91e
AC		 2103 }
2104 } else /* Returns with the tty_lock held for now */
593a27c4 2105 tty = tty_init_dev(driver, index);
4a2b5fdd 2106
70522e12 2107 mutex_unlock(&tty_mutex);
b82154ac
JS		 2108 if (driver)
2109 tty_driver_kref_put(driver);
eeb89d91 2110 if (IS_ERR(tty)) {
ba5db448
JS		 2111 retval = PTR_ERR(tty);
2112 goto err_file;
eeb89d91 2113 }
1da177e4 2114
fa90e1c9 2115 tty_add_file(tty, filp);
d996b62a 2116
9de44bd6 2117 check_tty_count(tty, __func__);
1da177e4
LT		 2118 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2119 tty->driver->subtype == PTY_TYPE_MASTER)
2120 noctty = 1;
2121#ifdef TTY_DEBUG_HANGUP
9de44bd6 2122 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
1da177e4 2123#endif
909bc774
HRK		 2124 if (tty->ops->open)
2125 retval = tty->ops->open(tty, filp);
2126 else
2127 retval = -ENODEV;
1da177e4
LT		 2128 filp->f_flags = saved_flags;
2129
37bdfb07
AC		 2130 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
2131 !capable(CAP_SYS_ADMIN))
1da177e4
LT		 2132 retval = -EBUSY;
2133
2134 if (retval) {
2135#ifdef TTY_DEBUG_HANGUP
9de44bd6
JS		 2136 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
2137 retval, tty->name);
1da177e4 2138#endif
89c8d91e 2139 tty_unlock(tty); /* need to call tty_release without BTM */
eeb89d91 2140 tty_release(inode, filp);
64ba3dc3 2141 if (retval != -ERESTARTSYS)
1da177e4 2142 return retval;
64ba3dc3
AB		 2143
2144 if (signal_pending(current))
1da177e4 2145 return retval;
64ba3dc3 2146
1da177e4
LT		 2147 schedule();
2148 /*
2149 * Need to reset f_op in case a hangup happened.
2150 */
2151 if (filp->f_op == &hung_up_tty_fops)
2152 filp->f_op = &tty_fops;
2153 goto retry_open;
2154 }
d4855e1f 2155 clear_bit(TTY_HUPPED, &tty->flags);
eeb89d91 2156
24ec839c 2157
2c411c11 2158 read_lock(&tasklist_lock);
24ec839c 2159 spin_lock_irq(&current->sighand->siglock);
1da177e4
LT		 2160 if (!noctty &&
2161 current->signal->leader &&
2162 !current->signal->tty &&
ab521dc0 2163 tty->session == NULL)
bce65f18 2164 __proc_set_tty(tty);
24ec839c 2165 spin_unlock_irq(&current->sighand->siglock);
2c411c11 2166 read_unlock(&tasklist_lock);
89c8d91e 2167 tty_unlock(tty);
1da177e4 2168 return 0;
ba5db448 2169err_unlock:
ba5db448
JS		 2170 mutex_unlock(&tty_mutex);
2171 /* after locks to avoid deadlock */
2172 if (!IS_ERR_OR_NULL(driver))
2173 tty_driver_kref_put(driver);
2174err_file:
2175 tty_free_file(filp);
2176 return retval;
1da177e4
LT		 2177}
2178
39d95b9d
JC		 2179
2180
af9b897e
AC		 2181/**
2182 * tty_poll - check tty status
2183 * @filp: file being polled
2184 * @wait: poll wait structures to update
2185 *
2186 * Call the line discipline polling method to obtain the poll
2187 * status of the device.
2188 *
2189 * Locking: locks called line discipline but ldisc poll method
2190 * may be re-entered freely by other callers.
2191 */
2192
37bdfb07 2193static unsigned int tty_poll(struct file *filp, poll_table *wait)
1da177e4 2194{
d996b62a 2195 struct tty_struct *tty = file_tty(filp);
1da177e4
LT		 2196 struct tty_ldisc *ld;
2197 int ret = 0;
2198
6131ffaa 2199 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll"))
1da177e4 2200 return 0;
37bdfb07 2201
1da177e4 2202 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2203 if (ld->ops->poll)
2204 ret = (ld->ops->poll)(tty, filp, wait);
1da177e4
LT		 2205 tty_ldisc_deref(ld);
2206 return ret;
2207}
2208
ec79d605 2209static int __tty_fasync(int fd, struct file *filp, int on)
1da177e4 2210{
d996b62a 2211 struct tty_struct *tty = file_tty(filp);
f6c8dbe6 2212 struct tty_ldisc *ldisc;
47f86834 2213 unsigned long flags;
5d1e3230 2214 int retval = 0;
1da177e4 2215
6131ffaa 2216 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync"))
5d1e3230 2217 goto out;
37bdfb07 2218
1da177e4
LT		 2219 retval = fasync_helper(fd, filp, on, &tty->fasync);
2220 if (retval <= 0)
5d1e3230 2221 goto out;
1da177e4 2222
f6c8dbe6
PH		 2223 ldisc = tty_ldisc_ref(tty);
2224 if (ldisc) {
2225 if (ldisc->ops->fasync)
2226 ldisc->ops->fasync(tty, on);
2227 tty_ldisc_deref(ldisc);
2228 }
2229
1da177e4 2230 if (on) {
ab521dc0
EB		 2231 enum pid_type type;
2232 struct pid *pid;
f6c8dbe6 2233
47f86834 2234 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2235 if (tty->pgrp) {
2236 pid = tty->pgrp;
2237 type = PIDTYPE_PGID;
2238 } else {
2239 pid = task_pid(current);
2240 type = PIDTYPE_PID;
2241 }
80e1e823 2242 get_pid(pid);
70362511 2243 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
e0b93edd 2244 __f_setown(filp, pid, type, 0);
80e1e823 2245 put_pid(pid);
e0b93edd 2246 retval = 0;
1da177e4 2247 }
5d1e3230 2248out:
ec79d605
AB		 2249 return retval;
2250}
2251
2252static int tty_fasync(int fd, struct file *filp, int on)
2253{
89c8d91e 2254 struct tty_struct *tty = file_tty(filp);
ec79d605 2255 int retval;
89c8d91e
AC		 2256
2257 tty_lock(tty);
ec79d605 2258 retval = __tty_fasync(fd, filp, on);
89c8d91e
AC		 2259 tty_unlock(tty);
2260
5d1e3230 2261 return retval;
1da177e4
LT		 2262}
2263
af9b897e
AC		 2264/**
2265 * tiocsti - fake input character
2266 * @tty: tty to fake input into
2267 * @p: pointer to character
2268 *
3a4fa0a2 2269 * Fake input to a tty device. Does the necessary locking and
af9b897e
AC		 2270 * input management.
2271 *
2272 * FIXME: does not honour flow control ??
2273 *
2274 * Locking:
137084bb 2275 * Called functions take tty_ldiscs_lock
af9b897e 2276 * current->signal->tty check is safe without locks
28298232
AC		 2277 *
2278 * FIXME: may race normal receive processing
af9b897e
AC		 2279 */
2280
1da177e4
LT		 2281static int tiocsti(struct tty_struct *tty, char __user *p)
2282{
2283 char ch, mbz = 0;
2284 struct tty_ldisc *ld;
37bdfb07 2285
1da177e4
LT		 2286 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2287 return -EPERM;
2288 if (get_user(ch, p))
2289 return -EFAULT;
1e641743 2290 tty_audit_tiocsti(tty, ch);
1da177e4 2291 ld = tty_ldisc_ref_wait(tty);
a352def2 2292 ld->ops->receive_buf(tty, &ch, &mbz, 1);
1da177e4
LT		 2293 tty_ldisc_deref(ld);
2294 return 0;
2295}
2296
af9b897e
AC		 2297/**
2298 * tiocgwinsz - implement window query ioctl
2299 * @tty; tty
2300 * @arg: user buffer for result
2301 *
808a0d38 2302 * Copies the kernel idea of the window size into the user buffer.
af9b897e 2303 *
dee4a0be 2304 * Locking: tty->winsize_mutex is taken to ensure the winsize data
808a0d38 2305 * is consistent.
af9b897e
AC		 2306 */
2307
37bdfb07 2308static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
1da177e4 2309{
808a0d38
AC		 2310 int err;
2311
dee4a0be 2312 mutex_lock(&tty->winsize_mutex);
808a0d38 2313 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
dee4a0be 2314 mutex_unlock(&tty->winsize_mutex);
808a0d38
AC		 2315
2316 return err ? -EFAULT: 0;
1da177e4
LT		 2317}
2318
af9b897e 2319/**
8c9a9dd0
AC		 2320 * tty_do_resize - resize event
2321 * @tty: tty being resized
8c9a9dd0
AC		 2322 * @rows: rows (character)
2323 * @cols: cols (character)
2324 *
3ad2f3fb 2325 * Update the termios variables and send the necessary signals to
8c9a9dd0 2326 * peform a terminal resize correctly
af9b897e
AC		 2327 */
2328
fc6f6238 2329int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
1da177e4 2330{
fc6f6238 2331 struct pid *pgrp;
1da177e4 2332
fc6f6238 2333 /* Lock the tty */
dee4a0be 2334 mutex_lock(&tty->winsize_mutex);
fc6f6238 2335 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
ca9bda00 2336 goto done;
47f86834 2337
5b239542
PH		 2338 /* Signal the foreground process group */
2339 pgrp = tty_get_pgrp(tty);
47f86834
AC		 2340 if (pgrp)
2341 kill_pgrp(pgrp, SIGWINCH, 1);
47f86834 2342 put_pid(pgrp);
47f86834 2343
8c9a9dd0 2344 tty->winsize = *ws;
ca9bda00 2345done:
dee4a0be 2346 mutex_unlock(&tty->winsize_mutex);
1da177e4
LT		 2347 return 0;
2348}
4d334fd1 2349EXPORT_SYMBOL(tty_do_resize);
1da177e4 2350
8c9a9dd0
AC		 2351/**
2352 * tiocswinsz - implement window size set ioctl
fc6f6238 2353 * @tty; tty side of tty
8c9a9dd0
AC		 2354 * @arg: user buffer for result
2355 *
2356 * Copies the user idea of the window size to the kernel. Traditionally
2357 * this is just advisory information but for the Linux console it
2358 * actually has driver level meaning and triggers a VC resize.
2359 *
2360 * Locking:
25985edc 2361 * Driver dependent. The default do_resize method takes the
8c9a9dd0
AC		 2362 * tty termios mutex and ctrl_lock. The console takes its own lock
2363 * then calls into the default method.
2364 */
2365
fc6f6238 2366static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
8c9a9dd0
AC		 2367{
2368 struct winsize tmp_ws;
2369 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2370 return -EFAULT;
2371
2372 if (tty->ops->resize)
fc6f6238 2373 return tty->ops->resize(tty, &tmp_ws);
8c9a9dd0 2374 else
fc6f6238 2375 return tty_do_resize(tty, &tmp_ws);
8c9a9dd0
AC		 2376}
2377
af9b897e
AC		 2378/**
2379 * tioccons - allow admin to move logical console
2380 * @file: the file to become console
2381 *
25985edc 2382 * Allow the administrator to move the redirected console device
af9b897e
AC		 2383 *
2384 * Locking: uses redirect_lock to guard the redirect information
2385 */
2386
1da177e4
LT		 2387static int tioccons(struct file *file)
2388{
2389 if (!capable(CAP_SYS_ADMIN))
2390 return -EPERM;
2391 if (file->f_op->write == redirected_tty_write) {
2392 struct file *f;
2393 spin_lock(&redirect_lock);
2394 f = redirect;
2395 redirect = NULL;
2396 spin_unlock(&redirect_lock);
2397 if (f)
2398 fput(f);
2399 return 0;
2400 }
2401 spin_lock(&redirect_lock);
2402 if (redirect) {
2403 spin_unlock(&redirect_lock);
2404 return -EBUSY;
2405 }
cb0942b8 2406 redirect = get_file(file);
1da177e4
LT		 2407 spin_unlock(&redirect_lock);
2408 return 0;
2409}
2410
af9b897e
AC		 2411/**
2412 * fionbio - non blocking ioctl
2413 * @file: file to set blocking value
2414 * @p: user parameter
2415 *
2416 * Historical tty interfaces had a blocking control ioctl before
2417 * the generic functionality existed. This piece of history is preserved
2418 * in the expected tty API of posix OS's.
2419 *
6146b9af 2420 * Locking: none, the open file handle ensures it won't go away.
af9b897e 2421 */
1da177e4
LT		 2422
2423static int fionbio(struct file *file, int __user *p)
2424{
2425 int nonblock;
2426
2427 if (get_user(nonblock, p))
2428 return -EFAULT;
2429
db1dd4d3 2430 spin_lock(&file->f_lock);
1da177e4
LT		 2431 if (nonblock)
2432 file->f_flags |= O_NONBLOCK;
2433 else
2434 file->f_flags &= ~O_NONBLOCK;
db1dd4d3 2435 spin_unlock(&file->f_lock);
1da177e4
LT		 2436 return 0;
2437}
2438
af9b897e
AC		 2439/**
2440 * tiocsctty - set controlling tty
2441 * @tty: tty structure
2442 * @arg: user argument
2443 *
2444 * This ioctl is used to manage job control. It permits a session
2445 * leader to set this tty as the controlling tty for the session.
2446 *
2447 * Locking:
e218eb32 2448 * Takes tty_lock() to serialize proc_set_tty() for this tty
24ec839c
PZ		 2449 * Takes tasklist_lock internally to walk sessions
2450 * Takes ->siglock() when updating signal->tty
af9b897e
AC		 2451 */
2452
1da177e4
LT		 2453static int tiocsctty(struct tty_struct *tty, int arg)
2454{
24ec839c 2455 int ret = 0;
24ec839c 2456
e218eb32 2457 tty_lock(tty);
2c411c11
PH		 2458 read_lock(&tasklist_lock);
2459
2460 if (current->signal->leader && (task_session(current) == tty->session))
2461 goto unlock;
2462
1da177e4
LT		 2463 /*
2464 * The process must be a session leader and
2465 * not have a controlling tty already.
2466 */
24ec839c
PZ		 2467 if (!current->signal->leader || current->signal->tty) {
2468 ret = -EPERM;
2469 goto unlock;
2470 }
2471
ab521dc0 2472 if (tty->session) {
1da177e4
LT		 2473 /*
2474 * This tty is already the controlling
2475 * tty for another session group!
2476 */
37bdfb07 2477 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
1da177e4
LT		 2478 /*
2479 * Steal it away
2480 */
24ec839c 2481 session_clear_tty(tty->session);
24ec839c
PZ		 2482 } else {
2483 ret = -EPERM;
2484 goto unlock;
2485 }
1da177e4 2486 }
bce65f18 2487 proc_set_tty(tty);
24ec839c 2488unlock:
2c411c11 2489 read_unlock(&tasklist_lock);
e218eb32 2490 tty_unlock(tty);
24ec839c 2491 return ret;
1da177e4
LT		 2492}
2493
5d0fdf1e
AC		 2494/**
2495 * tty_get_pgrp - return a ref counted pgrp pid
2496 * @tty: tty to read
2497 *
2498 * Returns a refcounted instance of the pid struct for the process
2499 * group controlling the tty.
2500 */
2501
2502struct pid *tty_get_pgrp(struct tty_struct *tty)
2503{
2504 unsigned long flags;
2505 struct pid *pgrp;
2506
2507 spin_lock_irqsave(&tty->ctrl_lock, flags);
2508 pgrp = get_pid(tty->pgrp);
2509 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2510
2511 return pgrp;
2512}
2513EXPORT_SYMBOL_GPL(tty_get_pgrp);
2514
e1c2296c
PH		 2515/*
2516 * This checks not only the pgrp, but falls back on the pid if no
2517 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly
2518 * without this...
2519 *
2520 * The caller must hold rcu lock or the tasklist lock.
2521 */
2522static struct pid *session_of_pgrp(struct pid *pgrp)
2523{
2524 struct task_struct *p;
2525 struct pid *sid = NULL;
2526
2527 p = pid_task(pgrp, PIDTYPE_PGID);
2528 if (p == NULL)
2529 p = pid_task(pgrp, PIDTYPE_PID);
2530 if (p != NULL)
2531 sid = task_session(p);
2532
2533 return sid;
2534}
2535
af9b897e
AC		 2536/**
2537 * tiocgpgrp - get process group
2538 * @tty: tty passed by user
25985edc 2539 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2540 * @p: returned pid
2541 *
2542 * Obtain the process group of the tty. If there is no process group
2543 * return an error.
2544 *
24ec839c 2545 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2546 */
2547
1da177e4
LT		 2548static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2549{
5d0fdf1e
AC		 2550 struct pid *pid;
2551 int ret;
1da177e4
LT		 2552 /*
2553 * (tty == real_tty) is a cheap way of
2554 * testing if the tty is NOT a master pty.
2555 */
2556 if (tty == real_tty && current->signal->tty != real_tty)
2557 return -ENOTTY;
5d0fdf1e
AC		 2558 pid = tty_get_pgrp(real_tty);
2559 ret = put_user(pid_vnr(pid), p);
2560 put_pid(pid);
2561 return ret;
1da177e4
LT		 2562}
2563
af9b897e
AC		 2564/**
2565 * tiocspgrp - attempt to set process group
2566 * @tty: tty passed by user
2567 * @real_tty: tty side device matching tty passed by user
2568 * @p: pid pointer
2569 *
2570 * Set the process group of the tty to the session passed. Only
2571 * permitted where the tty session is our session.
2572 *
47f86834 2573 * Locking: RCU, ctrl lock
af9b897e
AC		 2574 */
2575
1da177e4
LT		 2576static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2577{
04a2e6a5
EB		 2578 struct pid *pgrp;
2579 pid_t pgrp_nr;
1da177e4 2580 int retval = tty_check_change(real_tty);
47f86834 2581 unsigned long flags;
1da177e4
LT		 2582
2583 if (retval == -EIO)
2584 return -ENOTTY;
2585 if (retval)
2586 return retval;
2587 if (!current->signal->tty ||
2588 (current->signal->tty != real_tty) ||
ab521dc0 2589 (real_tty->session != task_session(current)))
1da177e4 2590 return -ENOTTY;
04a2e6a5 2591 if (get_user(pgrp_nr, p))
1da177e4 2592 return -EFAULT;
04a2e6a5 2593 if (pgrp_nr < 0)
1da177e4 2594 return -EINVAL;
04a2e6a5 2595 rcu_read_lock();
b488893a 2596 pgrp = find_vpid(pgrp_nr);
04a2e6a5
EB		 2597 retval = -ESRCH;
2598 if (!pgrp)
2599 goto out_unlock;
2600 retval = -EPERM;
2601 if (session_of_pgrp(pgrp) != task_session(current))
2602 goto out_unlock;
2603 retval = 0;
47f86834 2604 spin_lock_irqsave(&tty->ctrl_lock, flags);
ab521dc0
EB		 2605 put_pid(real_tty->pgrp);
2606 real_tty->pgrp = get_pid(pgrp);
47f86834 2607 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
04a2e6a5
EB		 2608out_unlock:
2609 rcu_read_unlock();
2610 return retval;
1da177e4
LT		 2611}
2612
af9b897e
AC		 2613/**
2614 * tiocgsid - get session id
2615 * @tty: tty passed by user
25985edc 2616 * @real_tty: tty side of the tty passed by the user if a pty else the tty
af9b897e
AC		 2617 * @p: pointer to returned session id
2618 *
2619 * Obtain the session id of the tty. If there is no session
2620 * return an error.
2621 *
24ec839c 2622 * Locking: none. Reference to current->signal->tty is safe.
af9b897e
AC		 2623 */
2624
1da177e4
LT		 2625static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2626{
2627 /*
2628 * (tty == real_tty) is a cheap way of
2629 * testing if the tty is NOT a master pty.
2630 */
2631 if (tty == real_tty && current->signal->tty != real_tty)
2632 return -ENOTTY;
ab521dc0 2633 if (!real_tty->session)
1da177e4 2634 return -ENOTTY;
b488893a 2635 return put_user(pid_vnr(real_tty->session), p);
1da177e4
LT		 2636}
2637
af9b897e
AC		 2638/**
2639 * tiocsetd - set line discipline
2640 * @tty: tty device
2641 * @p: pointer to user data
2642 *
2643 * Set the line discipline according to user request.
2644 *
2645 * Locking: see tty_set_ldisc, this function is just a helper
2646 */
2647
1da177e4
LT		 2648static int tiocsetd(struct tty_struct *tty, int __user *p)
2649{
2650 int ldisc;
04f378b1 2651 int ret;
1da177e4
LT		 2652
2653 if (get_user(ldisc, p))
2654 return -EFAULT;
04f378b1 2655
04f378b1 2656 ret = tty_set_ldisc(tty, ldisc);
04f378b1
AC		 2657
2658 return ret;
1da177e4
LT		 2659}
2660
af9b897e
AC		 2661/**
2662 * send_break - performed time break
2663 * @tty: device to break on
2664 * @duration: timeout in mS
2665 *
2666 * Perform a timed break on hardware that lacks its own driver level
2667 * timed break functionality.
2668 *
2669 * Locking:
28298232 2670 * atomic_write_lock serializes
af9b897e 2671 *
af9b897e
AC		 2672 */
2673
b20f3ae5 2674static int send_break(struct tty_struct *tty, unsigned int duration)
1da177e4 2675{
9e98966c
AC		 2676 int retval;
2677
2678 if (tty->ops->break_ctl == NULL)
2679 return 0;
2680
2681 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2682 retval = tty->ops->break_ctl(tty, duration);
2683 else {
2684 /* Do the work ourselves */
2685 if (tty_write_lock(tty, 0) < 0)
2686 return -EINTR;
2687 retval = tty->ops->break_ctl(tty, -1);
2688 if (retval)
2689 goto out;
2690 if (!signal_pending(current))
2691 msleep_interruptible(duration);
2692 retval = tty->ops->break_ctl(tty, 0);
2693out:
2694 tty_write_unlock(tty);
2695 if (signal_pending(current))
2696 retval = -EINTR;
2697 }
2698 return retval;
1da177e4
LT		 2699}
2700
af9b897e 2701/**
f34d7a5b 2702 * tty_tiocmget - get modem status
af9b897e
AC		 2703 * @tty: tty device
2704 * @file: user file pointer
2705 * @p: pointer to result
2706 *
2707 * Obtain the modem status bits from the tty driver if the feature
2708 * is supported. Return -EINVAL if it is not available.
2709 *
2710 * Locking: none (up to the driver)
2711 */
2712
60b33c13 2713static int tty_tiocmget(struct tty_struct *tty, int __user *p)
1da177e4
LT		 2714{
2715 int retval = -EINVAL;
2716
f34d7a5b 2717 if (tty->ops->tiocmget) {
60b33c13 2718 retval = tty->ops->tiocmget(tty);
1da177e4
LT		 2719
2720 if (retval >= 0)
2721 retval = put_user(retval, p);
2722 }
2723 return retval;
2724}
2725
af9b897e 2726/**
f34d7a5b 2727 * tty_tiocmset - set modem status
af9b897e 2728 * @tty: tty device
af9b897e
AC		 2729 * @cmd: command - clear bits, set bits or set all
2730 * @p: pointer to desired bits
2731 *
2732 * Set the modem status bits from the tty driver if the feature
2733 * is supported. Return -EINVAL if it is not available.
2734 *
2735 * Locking: none (up to the driver)
2736 */
2737
20b9d177 2738static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
1da177e4
LT		 2739 unsigned __user *p)
2740{
ae677517
AC		 2741 int retval;
2742 unsigned int set, clear, val;
1da177e4 2743
ae677517
AC		 2744 if (tty->ops->tiocmset == NULL)
2745 return -EINVAL;
1da177e4 2746
ae677517
AC		 2747 retval = get_user(val, p);
2748 if (retval)
2749 return retval;
2750 set = clear = 0;
2751 switch (cmd) {
2752 case TIOCMBIS:
2753 set = val;
2754 break;
2755 case TIOCMBIC:
2756 clear = val;
2757 break;
2758 case TIOCMSET:
2759 set = val;
2760 clear = ~val;
2761 break;
2762 }
2763 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2764 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
20b9d177 2765 return tty->ops->tiocmset(tty, set, clear);
1da177e4
LT		 2766}
2767
d281da7f
AC		 2768static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2769{
2770 int retval = -EINVAL;
2771 struct serial_icounter_struct icount;
2772 memset(&icount, 0, sizeof(icount));
2773 if (tty->ops->get_icount)
2774 retval = tty->ops->get_icount(tty, &icount);
2775 if (retval != 0)
2776 return retval;
2777 if (copy_to_user(arg, &icount, sizeof(icount)))
2778 return -EFAULT;
2779 return 0;
2780}
2781
8f166e00
PH		 2782/*
2783 * if pty, return the slave side (real_tty)
2784 * otherwise, return self
2785 */
2786static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
e8b70e7d
AC		 2787{
2788 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2789 tty->driver->subtype == PTY_TYPE_MASTER)
2790 tty = tty->link;
2791 return tty;
2792}
e8b70e7d 2793
1da177e4
LT		 2794/*
2795 * Split this up, as gcc can choke on it otherwise..
2796 */
04f378b1 2797long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1da177e4 2798{
d996b62a
NP		 2799 struct tty_struct *tty = file_tty(file);
2800 struct tty_struct *real_tty;
1da177e4
LT		 2801 void __user *p = (void __user *)arg;
2802 int retval;
2803 struct tty_ldisc *ld;
37bdfb07 2804
6131ffaa 2805 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
1da177e4
LT		 2806 return -EINVAL;
2807
e8b70e7d 2808 real_tty = tty_pair_get_tty(tty);
1da177e4
LT		 2809
2810 /*
2811 * Factor out some common prep work
2812 */
2813 switch (cmd) {
2814 case TIOCSETD:
2815 case TIOCSBRK:
2816 case TIOCCBRK:
2817 case TCSBRK:
37bdfb07 2818 case TCSBRKP:
1da177e4
LT		 2819 retval = tty_check_change(tty);
2820 if (retval)
2821 return retval;
2822 if (cmd != TIOCCBRK) {
2823 tty_wait_until_sent(tty, 0);
2824 if (signal_pending(current))
2825 return -EINTR;
2826 }
2827 break;
2828 }
2829
9e98966c
AC		 2830 /*
2831 * Now do the stuff.
2832 */
1da177e4 2833 switch (cmd) {
37bdfb07
AC		 2834 case TIOCSTI:
2835 return tiocsti(tty, p);
2836 case TIOCGWINSZ:
8f520021 2837 return tiocgwinsz(real_tty, p);
37bdfb07 2838 case TIOCSWINSZ:
fc6f6238 2839 return tiocswinsz(real_tty, p);
37bdfb07
AC		 2840 case TIOCCONS:
2841 return real_tty != tty ? -EINVAL : tioccons(file);
2842 case FIONBIO:
2843 return fionbio(file, p);
2844 case TIOCEXCL:
2845 set_bit(TTY_EXCLUSIVE, &tty->flags);
2846 return 0;
2847 case TIOCNXCL:
2848 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2849 return 0;
84fd7bdf
CG		 2850 case TIOCGEXCL:
2851 {
2852 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags);
2853 return put_user(excl, (int __user *)p);
2854 }
37bdfb07
AC		 2855 case TIOCNOTTY:
2856 if (current->signal->tty != tty)
2857 return -ENOTTY;
2858 no_tty();
2859 return 0;
2860 case TIOCSCTTY:
2861 return tiocsctty(tty, arg);
2862 case TIOCGPGRP:
2863 return tiocgpgrp(tty, real_tty, p);
2864 case TIOCSPGRP:
2865 return tiocspgrp(tty, real_tty, p);
2866 case TIOCGSID:
2867 return tiocgsid(tty, real_tty, p);
2868 case TIOCGETD:
c65c9bc3 2869 return put_user(tty->ldisc->ops->num, (int __user *)p);
37bdfb07
AC		 2870 case TIOCSETD:
2871 return tiocsetd(tty, p);
3c95c985
KS		 2872 case TIOCVHANGUP:
2873 if (!capable(CAP_SYS_ADMIN))
2874 return -EPERM;
2875 tty_vhangup(tty);
2876 return 0;
b7b8de08
WF		 2877 case TIOCGDEV:
2878 {
2879 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2880 return put_user(ret, (unsigned int __user *)p);
2881 }
37bdfb07
AC		 2882 /*
2883 * Break handling
2884 */
2885 case TIOCSBRK: /* Turn break on, unconditionally */
f34d7a5b 2886 if (tty->ops->break_ctl)
9e98966c 2887 return tty->ops->break_ctl(tty, -1);
37bdfb07 2888 return 0;
37bdfb07 2889 case TIOCCBRK: /* Turn break off, unconditionally */
f34d7a5b 2890 if (tty->ops->break_ctl)
9e98966c 2891 return tty->ops->break_ctl(tty, 0);
37bdfb07
AC		 2892 return 0;
2893 case TCSBRK: /* SVID version: non-zero arg --> no break */
2894 /* non-zero arg means wait for all output data
2895 * to be sent (performed above) but don't send break.
2896 * This is used by the tcdrain() termios function.
2897 */
2898 if (!arg)
2899 return send_break(tty, 250);
2900 return 0;
2901 case TCSBRKP: /* support for POSIX tcsendbreak() */
2902 return send_break(tty, arg ? arg*100 : 250);
2903
2904 case TIOCMGET:
60b33c13 2905 return tty_tiocmget(tty, p);
37bdfb07
AC		 2906 case TIOCMSET:
2907 case TIOCMBIC:
2908 case TIOCMBIS:
20b9d177 2909 return tty_tiocmset(tty, cmd, p);
d281da7f
AC		 2910 case TIOCGICOUNT:
2911 retval = tty_tiocgicount(tty, p);
2912 /* For the moment allow fall through to the old method */
2913 if (retval != -EINVAL)
2914 return retval;
2915 break;
37bdfb07
AC		 2916 case TCFLSH:
2917 switch (arg) {
2918 case TCIFLUSH:
2919 case TCIOFLUSH:
2920 /* flush tty buffer and allow ldisc to process ioctl */
2921 tty_buffer_flush(tty);
c5c34d48 2922 break;
37bdfb07
AC		 2923 }
2924 break;
1da177e4 2925 }
f34d7a5b 2926 if (tty->ops->ioctl) {
6caa76b7 2927 retval = (tty->ops->ioctl)(tty, cmd, arg);
1da177e4
LT		 2928 if (retval != -ENOIOCTLCMD)
2929 return retval;
2930 }
2931 ld = tty_ldisc_ref_wait(tty);
2932 retval = -EINVAL;
a352def2
AC		 2933 if (ld->ops->ioctl) {
2934 retval = ld->ops->ioctl(tty, file, cmd, arg);
1da177e4 2935 if (retval == -ENOIOCTLCMD)
bbb63c51 2936 retval = -ENOTTY;
1da177e4
LT		 2937 }
2938 tty_ldisc_deref(ld);
2939 return retval;
2940}
2941
e10cc1df 2942#ifdef CONFIG_COMPAT
37bdfb07 2943static long tty_compat_ioctl(struct file *file, unsigned int cmd,
e10cc1df
PF		 2944 unsigned long arg)
2945{
d996b62a 2946 struct tty_struct *tty = file_tty(file);
e10cc1df
PF		 2947 struct tty_ldisc *ld;
2948 int retval = -ENOIOCTLCMD;
2949
6131ffaa 2950 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
e10cc1df
PF		 2951 return -EINVAL;
2952
f34d7a5b 2953 if (tty->ops->compat_ioctl) {
6caa76b7 2954 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
e10cc1df
PF		 2955 if (retval != -ENOIOCTLCMD)
2956 return retval;
2957 }
2958
2959 ld = tty_ldisc_ref_wait(tty);
a352def2
AC		 2960 if (ld->ops->compat_ioctl)
2961 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
8193c429
TM		 2962 else
2963 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
e10cc1df
PF		 2964 tty_ldisc_deref(ld);
2965
2966 return retval;
2967}
2968#endif
1da177e4 2969
c3c073f8
AV		 2970static int this_tty(const void *t, struct file *file, unsigned fd)
2971{
2972 if (likely(file->f_op->read != tty_read))
2973 return 0;
2974 return file_tty(file) != t ? 0 : fd + 1;
2975}
2976
1da177e4
LT		 2977/*
2978 * This implements the "Secure Attention Key" --- the idea is to
2979 * prevent trojan horses by killing all processes associated with this
2980 * tty when the user hits the "Secure Attention Key". Required for
2981 * super-paranoid applications --- see the Orange Book for more details.
37bdfb07 2982 *
1da177e4
LT		 2983 * This code could be nicer; ideally it should send a HUP, wait a few
2984 * seconds, then send a INT, and then a KILL signal. But you then
2985 * have to coordinate with the init process, since all processes associated
2986 * with the current tty must be dead before the new getty is allowed
2987 * to spawn.
2988 *
2989 * Now, if it would be correct ;-/ The current code has a nasty hole -
2990 * it doesn't catch files in flight. We may send the descriptor to ourselves
2991 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2992 *
2993 * Nasty bug: do_SAK is being called in interrupt context. This can
2994 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2995 */
8b6312f4 2996void __do_SAK(struct tty_struct *tty)
1da177e4
LT		 2997{
2998#ifdef TTY_SOFT_SAK
2999 tty_hangup(tty);
3000#else
652486fb 3001 struct task_struct *g, *p;
ab521dc0 3002 struct pid *session;
1da177e4 3003 int i;
37bdfb07 3004
1da177e4
LT		 3005 if (!tty)
3006 return;
24ec839c 3007 session = tty->session;
37bdfb07 3008
b3f13deb 3009 tty_ldisc_flush(tty);
1da177e4 3010
f34d7a5b 3011 tty_driver_flush_buffer(tty);
37bdfb07 3012
1da177e4 3013 read_lock(&tasklist_lock);
652486fb 3014 /* Kill the entire session */
ab521dc0 3015 do_each_pid_task(session, PIDTYPE_SID, p) {
652486fb 3016 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 3017 " (%s): task_session(p)==tty->session\n",
ba25f9dc 3018 task_pid_nr(p), p->comm);
652486fb 3019 send_sig(SIGKILL, p, 1);
ab521dc0 3020 } while_each_pid_task(session, PIDTYPE_SID, p);
652486fb
EB		 3021 /* Now kill any processes that happen to have the
3022 * tty open.
3023 */
3024 do_each_thread(g, p) {
3025 if (p->signal->tty == tty) {
1da177e4 3026 printk(KERN_NOTICE "SAK: killed process %d"
1b0f7ffd 3027 " (%s): task_session(p)==tty->session\n",
ba25f9dc 3028 task_pid_nr(p), p->comm);
1da177e4
LT		 3029 send_sig(SIGKILL, p, 1);
3030 continue;
3031 }
3032 task_lock(p);
c3c073f8
AV		 3033 i = iterate_fd(p->files, 0, this_tty, tty);
3034 if (i != 0) {
3035 printk(KERN_NOTICE "SAK: killed process %d"
3036 " (%s): fd#%d opened to the tty\n",
3037 task_pid_nr(p), p->comm, i - 1);
3038 force_sig(SIGKILL, p);
1da177e4
LT		 3039 }
3040 task_unlock(p);
652486fb 3041 } while_each_thread(g, p);
1da177e4
LT		 3042 read_unlock(&tasklist_lock);
3043#endif
3044}
3045
8b6312f4
EB		 3046static void do_SAK_work(struct work_struct *work)
3047{
3048 struct tty_struct *tty =
3049 container_of(work, struct tty_struct, SAK_work);
3050 __do_SAK(tty);
3051}
3052
1da177e4
LT		 3053/*
3054 * The tq handling here is a little racy - tty->SAK_work may already be queued.
3055 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
3056 * the values which we write to it will be identical to the values which it
3057 * already has. --akpm
3058 */
3059void do_SAK(struct tty_struct *tty)
3060{
3061 if (!tty)
3062 return;
1da177e4
LT		 3063 schedule_work(&tty->SAK_work);
3064}
3065
3066EXPORT_SYMBOL(do_SAK);
3067
6e9430ac 3068static int dev_match_devt(struct device *dev, const void *data)
30004ac9 3069{
6e9430ac 3070 const dev_t *devt = data;
30004ac9
DES		 3071 return dev->devt == *devt;
3072}
3073
3074/* Must put_device() after it's unused! */
3075static struct device *tty_get_device(struct tty_struct *tty)
3076{
3077 dev_t devt = tty_devnum(tty);
3078 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
3079}
3080
3081
af9b897e 3082/**
2c964a2f 3083 * alloc_tty_struct
af9b897e 3084 *
2c964a2f 3085 * This subroutine allocates and initializes a tty structure.
af9b897e 3086 *
2c964a2f 3087 * Locking: none - tty in question is not exposed at this point
1da177e4 3088 */
af9b897e 3089
2c964a2f 3090struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
1da177e4 3091{
2c964a2f
RV		 3092 struct tty_struct *tty;
3093
3094 tty = kzalloc(sizeof(*tty), GFP_KERNEL);
3095 if (!tty)
3096 return NULL;
3097
9c9f4ded 3098 kref_init(&tty->kref);
1da177e4 3099 tty->magic = TTY_MAGIC;
01e1abb2 3100 tty_ldisc_init(tty);
ab521dc0
EB		 3101 tty->session = NULL;
3102 tty->pgrp = NULL;
89c8d91e 3103 mutex_init(&tty->legacy_mutex);
d8c1f929 3104 mutex_init(&tty->throttle_mutex);
6a1c0680 3105 init_rwsem(&tty->termios_rwsem);
dee4a0be 3106 mutex_init(&tty->winsize_mutex);
36697529 3107 init_ldsem(&tty->ldisc_sem);
1da177e4
LT		 3108 init_waitqueue_head(&tty->write_wait);
3109 init_waitqueue_head(&tty->read_wait);
65f27f38 3110 INIT_WORK(&tty->hangup_work, do_tty_hangup);
70522e12 3111 mutex_init(&tty->atomic_write_lock);
04f378b1 3112 spin_lock_init(&tty->ctrl_lock);
f9e053dc 3113 spin_lock_init(&tty->flow_lock);
1da177e4 3114 INIT_LIST_HEAD(&tty->tty_files);
7f1f86a0 3115 INIT_WORK(&tty->SAK_work, do_SAK_work);
bf970ee4
AC		 3116
3117 tty->driver = driver;
3118 tty->ops = driver->ops;
3119 tty->index = idx;
3120 tty_line_name(driver, idx, tty->name);
30004ac9 3121 tty->dev = tty_get_device(tty);
2c964a2f
RV		 3122
3123 return tty;
1da177e4
LT		 3124}
3125
6716671d
JS		 3126/**
3127 * deinitialize_tty_struct
3128 * @tty: tty to deinitialize
3129 *
3130 * This subroutine deinitializes a tty structure that has been newly
3131 * allocated but tty_release cannot be called on that yet.
3132 *
3133 * Locking: none - tty in question must not be exposed at this point
3134 */
3135void deinitialize_tty_struct(struct tty_struct *tty)
3136{
3137 tty_ldisc_deinit(tty);
3138}
3139
f34d7a5b
AC		 3140/**
3141 * tty_put_char - write one character to a tty
3142 * @tty: tty
3143 * @ch: character
3144 *
3145 * Write one byte to the tty using the provided put_char method
3146 * if present. Returns the number of characters successfully output.
3147 *
3148 * Note: the specific put_char operation in the driver layer may go
3149 * away soon. Don't call it directly, use this method
1da177e4 3150 */
af9b897e 3151
f34d7a5b 3152int tty_put_char(struct tty_struct *tty, unsigned char ch)
1da177e4 3153{
f34d7a5b
AC		 3154 if (tty->ops->put_char)
3155 return tty->ops->put_char(tty, ch);
3156 return tty->ops->write(tty, &ch, 1);
1da177e4 3157}
f34d7a5b
AC		 3158EXPORT_SYMBOL_GPL(tty_put_char);
3159
d81ed103 3160struct class *tty_class;
1da177e4 3161
7e73eca6
JS		 3162static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
3163 unsigned int index, unsigned int count)
3164{
3165 /* init here, since reused cdevs cause crashes */
3166 cdev_init(&driver->cdevs[index], &tty_fops);
3167 driver->cdevs[index].owner = driver->owner;
3168 return cdev_add(&driver->cdevs[index], dev, count);
3169}
3170
1da177e4 3171/**
af9b897e
AC		 3172 * tty_register_device - register a tty device
3173 * @driver: the tty driver that describes the tty device
3174 * @index: the index in the tty driver for this tty device
3175 * @device: a struct device that is associated with this tty device.
3176 * This field is optional, if there is no known struct device
3177 * for this tty device it can be set to NULL safely.
1da177e4 3178 *
01107d34
GKH		 3179 * Returns a pointer to the struct device for this tty device
3180 * (or ERR_PTR(-EFOO) on error).
1cdcb6b4 3181 *
af9b897e
AC		 3182 * This call is required to be made to register an individual tty device
3183 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3184 * that bit is not set, this function should not be called by a tty
3185 * driver.
3186 *
3187 * Locking: ??
1da177e4 3188 */
af9b897e 3189
01107d34
GKH		 3190struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3191 struct device *device)
1da177e4 3192{
6915c0e4
TH		 3193 return tty_register_device_attr(driver, index, device, NULL, NULL);
3194}
3195EXPORT_SYMBOL(tty_register_device);
3196
b1b79916
TH		 3197static void tty_device_create_release(struct device *dev)
3198{
3199 pr_debug("device: '%s': %s\n", dev_name(dev), __func__);
3200 kfree(dev);
3201}
3202
6915c0e4
TH		 3203/**
3204 * tty_register_device_attr - register a tty device
3205 * @driver: the tty driver that describes the tty device
3206 * @index: the index in the tty driver for this tty device
3207 * @device: a struct device that is associated with this tty device.
3208 * This field is optional, if there is no known struct device
3209 * for this tty device it can be set to NULL safely.
3210 * @drvdata: Driver data to be set to device.
3211 * @attr_grp: Attribute group to be set on device.
3212 *
3213 * Returns a pointer to the struct device for this tty device
3214 * (or ERR_PTR(-EFOO) on error).
3215 *
3216 * This call is required to be made to register an individual tty device
3217 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3218 * that bit is not set, this function should not be called by a tty
3219 * driver.
3220 *
3221 * Locking: ??
3222 */
3223struct device *tty_register_device_attr(struct tty_driver *driver,
3224 unsigned index, struct device *device,
3225 void *drvdata,
3226 const struct attribute_group **attr_grp)
3227{
1da177e4 3228 char name[64];
6915c0e4
TH		 3229 dev_t devt = MKDEV(driver->major, driver->minor_start) + index;
3230 struct device *dev = NULL;
3231 int retval = -ENODEV;
7e73eca6 3232 bool cdev = false;
1da177e4
LT		 3233
3234 if (index >= driver->num) {
3235 printk(KERN_ERR "Attempt to register invalid tty line number "
3236 " (%d).\n", index);
1cdcb6b4 3237 return ERR_PTR(-EINVAL);
1da177e4
LT		 3238 }
3239
1da177e4
LT		 3240 if (driver->type == TTY_DRIVER_TYPE_PTY)
3241 pty_line_name(driver, index, name);
3242 else
3243 tty_line_name(driver, index, name);
1cdcb6b4 3244
7e73eca6 3245 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
6915c0e4
TH		 3246 retval = tty_cdev_add(driver, devt, index, 1);
3247 if (retval)
3248 goto error;
7e73eca6
JS		 3249 cdev = true;
3250 }
3251
6915c0e4
TH		 3252 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3253 if (!dev) {
3254 retval = -ENOMEM;
3255 goto error;
3256 }
7e73eca6 3257
6915c0e4
TH		 3258 dev->devt = devt;
3259 dev->class = tty_class;
3260 dev->parent = device;
b1b79916 3261 dev->release = tty_device_create_release;
6915c0e4
TH		 3262 dev_set_name(dev, "%s", name);
3263 dev->groups = attr_grp;
3264 dev_set_drvdata(dev, drvdata);
3265
3266 retval = device_register(dev);
3267 if (retval)
3268 goto error;
3269
3270 return dev;
3271
3272error:
3273 put_device(dev);
3274 if (cdev)
3275 cdev_del(&driver->cdevs[index]);
3276 return ERR_PTR(retval);
1da177e4 3277}
6915c0e4 3278EXPORT_SYMBOL_GPL(tty_register_device_attr);
1da177e4
LT		 3279
3280/**
af9b897e
AC		 3281 * tty_unregister_device - unregister a tty device
3282 * @driver: the tty driver that describes the tty device
3283 * @index: the index in the tty driver for this tty device
1da177e4 3284 *
af9b897e
AC		 3285 * If a tty device is registered with a call to tty_register_device() then
3286 * this function must be called when the tty device is gone.
3287 *
3288 * Locking: ??
1da177e4 3289 */
af9b897e 3290
1da177e4
LT		 3291void tty_unregister_device(struct tty_driver *driver, unsigned index)
3292{
37bdfb07
AC		 3293 device_destroy(tty_class,
3294 MKDEV(driver->major, driver->minor_start) + index);
7e73eca6
JS		 3295 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC))
3296 cdev_del(&driver->cdevs[index]);
1da177e4 3297}
1da177e4
LT		 3298EXPORT_SYMBOL(tty_unregister_device);
3299
7f0bc6a6
JS		 3300/**
3301 * __tty_alloc_driver -- allocate tty driver
3302 * @lines: count of lines this driver can handle at most
3303 * @owner: module which is repsonsible for this driver
3304 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
3305 *
3306 * This should not be called directly, some of the provided macros should be
3307 * used instead. Use IS_ERR and friends on @retval.
3308 */
3309struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
3310 unsigned long flags)
1da177e4
LT		 3311{
3312 struct tty_driver *driver;
7e73eca6 3313 unsigned int cdevs = 1;
16a02081 3314 int err;
1da177e4 3315
0019b408 3316 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
7f0bc6a6
JS		 3317 return ERR_PTR(-EINVAL);
3318
506eb99a 3319 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
7f0bc6a6
JS		 3320 if (!driver)
3321 return ERR_PTR(-ENOMEM);
3322
3323 kref_init(&driver->kref);
3324 driver->magic = TTY_DRIVER_MAGIC;
3325 driver->num = lines;
3326 driver->owner = owner;
3327 driver->flags = flags;
16a02081
JS		 3328
3329 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
3330 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
3331 GFP_KERNEL);
3332 driver->termios = kcalloc(lines, sizeof(*driver->termios),
3333 GFP_KERNEL);
3334 if (!driver->ttys || !driver->termios) {
3335 err = -ENOMEM;
3336 goto err_free_all;
3337 }
3338 }
3339
3340 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3341 driver->ports = kcalloc(lines, sizeof(*driver->ports),
3342 GFP_KERNEL);
3343 if (!driver->ports) {
3344 err = -ENOMEM;
3345 goto err_free_all;
3346 }
7e73eca6
JS		 3347 cdevs = lines;
3348 }
3349
3350 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
3351 if (!driver->cdevs) {
3352 err = -ENOMEM;
3353 goto err_free_all;
16a02081 3354 }
7f0bc6a6 3355
1da177e4 3356 return driver;
16a02081
JS		 3357err_free_all:
3358 kfree(driver->ports);
3359 kfree(driver->ttys);
3360 kfree(driver->termios);
3361 kfree(driver);
3362 return ERR_PTR(err);
1da177e4 3363}
7f0bc6a6 3364EXPORT_SYMBOL(__tty_alloc_driver);
1da177e4 3365
7d7b93c1 3366static void destruct_tty_driver(struct kref *kref)
1da177e4 3367{
7d7b93c1
AC		 3368 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3369 int i;
3370 struct ktermios *tp;
7d7b93c1
AC		 3371
3372 if (driver->flags & TTY_DRIVER_INSTALLED) {
3373 /*
3374 * Free the termios and termios_locked structures because
3375 * we don't want to get memory leaks when modular tty
3376 * drivers are removed from the kernel.
3377 */
3378 for (i = 0; i < driver->num; i++) {
3379 tp = driver->termios[i];
3380 if (tp) {
3381 driver->termios[i] = NULL;
3382 kfree(tp);
3383 }
7d7b93c1
AC		 3384 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3385 tty_unregister_device(driver, i);
3386 }
7d7b93c1 3387 proc_tty_unregister_driver(driver);
7e73eca6
JS		 3388 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
3389 cdev_del(&driver->cdevs[0]);
7d7b93c1 3390 }
7e73eca6 3391 kfree(driver->cdevs);
04831dc1 3392 kfree(driver->ports);
16a02081
JS		 3393 kfree(driver->termios);
3394 kfree(driver->ttys);
1da177e4
LT		 3395 kfree(driver);
3396}
3397
7d7b93c1
AC		 3398void tty_driver_kref_put(struct tty_driver *driver)
3399{
3400 kref_put(&driver->kref, destruct_tty_driver);
3401}
3402EXPORT_SYMBOL(tty_driver_kref_put);
3403
b68e31d0
JD		 3404void tty_set_operations(struct tty_driver *driver,
3405 const struct tty_operations *op)
1da177e4 3406{
f34d7a5b
AC		 3407 driver->ops = op;
3408};
7d7b93c1 3409EXPORT_SYMBOL(tty_set_operations);
1da177e4 3410
7d7b93c1
AC		 3411void put_tty_driver(struct tty_driver *d)
3412{
3413 tty_driver_kref_put(d);
3414}
1da177e4 3415EXPORT_SYMBOL(put_tty_driver);
1da177e4
LT		 3416
3417/*
3418 * Called by a tty driver to register itself.
3419 */
3420int tty_register_driver(struct tty_driver *driver)
3421{
3422 int error;
37bdfb07 3423 int i;
1da177e4 3424 dev_t dev;
b670bde0 3425 struct device *d;
1da177e4 3426
1da177e4 3427 if (!driver->major) {
37bdfb07
AC		 3428 error = alloc_chrdev_region(&dev, driver->minor_start,
3429 driver->num, driver->name);
1da177e4
LT		 3430 if (!error) {
3431 driver->major = MAJOR(dev);
3432 driver->minor_start = MINOR(dev);
3433 }
3434 } else {
3435 dev = MKDEV(driver->major, driver->minor_start);
e5717c48 3436 error = register_chrdev_region(dev, driver->num, driver->name);
1da177e4 3437 }
9bb8a3d4 3438 if (error < 0)
16a02081 3439 goto err;
1da177e4 3440
7e73eca6
JS		 3441 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
3442 error = tty_cdev_add(driver, dev, 0, driver->num);
3443 if (error)
3444 goto err_unreg_char;
3445 }
1da177e4 3446
ca509f69 3447 mutex_lock(&tty_mutex);
1da177e4 3448 list_add(&driver->tty_drivers, &tty_drivers);
ca509f69 3449 mutex_unlock(&tty_mutex);
37bdfb07
AC		 3450
3451 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
b670bde0
VK		 3452 for (i = 0; i < driver->num; i++) {
3453 d = tty_register_device(driver, i, NULL);
3454 if (IS_ERR(d)) {
3455 error = PTR_ERR(d);
16a02081 3456 goto err_unreg_devs;
b670bde0
VK		 3457 }
3458 }
1da177e4
LT		 3459 }
3460 proc_tty_register_driver(driver);
7d7b93c1 3461 driver->flags |= TTY_DRIVER_INSTALLED;
1da177e4 3462 return 0;
b670bde0 3463
16a02081 3464err_unreg_devs:
b670bde0
VK		 3465 for (i--; i >= 0; i--)
3466 tty_unregister_device(driver, i);
3467
3468 mutex_lock(&tty_mutex);
3469 list_del(&driver->tty_drivers);
3470 mutex_unlock(&tty_mutex);
3471
9bb8a3d4 3472err_unreg_char:
b670bde0 3473 unregister_chrdev_region(dev, driver->num);
16a02081 3474err:
b670bde0 3475 return error;
1da177e4 3476}
1da177e4
LT		 3477EXPORT_SYMBOL(tty_register_driver);
3478
3479/*
3480 * Called by a tty driver to unregister itself.
3481 */
3482int tty_unregister_driver(struct tty_driver *driver)
3483{
7d7b93c1
AC		 3484#if 0
3485 /* FIXME */
1da177e4
LT		 3486 if (driver->refcount)
3487 return -EBUSY;
7d7b93c1 3488#endif
1da177e4
LT		 3489 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3490 driver->num);
ca509f69 3491 mutex_lock(&tty_mutex);
1da177e4 3492 list_del(&driver->tty_drivers);
ca509f69 3493 mutex_unlock(&tty_mutex);
1da177e4
LT		 3494 return 0;
3495}
7d7b93c1 3496
1da177e4
LT		 3497EXPORT_SYMBOL(tty_unregister_driver);
3498
24ec839c
PZ		 3499dev_t tty_devnum(struct tty_struct *tty)
3500{
3501 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3502}
3503EXPORT_SYMBOL(tty_devnum);
1da177e4 3504
d81ed103
AC		 3505void tty_default_fops(struct file_operations *fops)
3506{
3507 *fops = tty_fops;
3508}
3509
1da177e4
LT		 3510/*
3511 * Initialize the console device. This is called *early*, so
3512 * we can't necessarily depend on lots of kernel help here.
3513 * Just do some early initializations, and do the complex setup
3514 * later.
3515 */
3516void __init console_init(void)
3517{
3518 initcall_t *call;
3519
3520 /* Setup the default TTY line discipline. */
01e1abb2 3521 tty_ldisc_begin();
1da177e4
LT		 3522
3523 /*
37bdfb07 3524 * set up the console device so that later boot sequences can
1da177e4
LT		 3525 * inform about problems etc..
3526 */
1da177e4
LT		 3527 call = __con_initcall_start;
3528 while (call < __con_initcall_end) {
3529 (*call)();
3530 call++;
3531 }
3532}
3533
2c9ede55 3534static char *tty_devnode(struct device *dev, umode_t *mode)
e454cea2
KS		 3535{
3536 if (!mode)
3537 return NULL;
3538 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3539 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3540 *mode = 0666;
3541 return NULL;
3542}
3543
1da177e4
LT		 3544static int __init tty_class_init(void)
3545{
7fe845d1 3546 tty_class = class_create(THIS_MODULE, "tty");
1da177e4
LT		 3547 if (IS_ERR(tty_class))
3548 return PTR_ERR(tty_class);
e454cea2 3549 tty_class->devnode = tty_devnode;
1da177e4
LT		 3550 return 0;
3551}
3552
3553postcore_initcall(tty_class_init);
3554
3555/* 3/2004 jmc: why do these devices exist? */
1da177e4 3556static struct cdev tty_cdev, console_cdev;
1da177e4 3557
fbc92a34
KS		 3558static ssize_t show_cons_active(struct device *dev,
3559 struct device_attribute *attr, char *buf)
3560{
3561 struct console *cs[16];
3562 int i = 0;
3563 struct console *c;
3564 ssize_t count = 0;
3565
ac751efa 3566 console_lock();
a2a6a822 3567 for_each_console(c) {
fbc92a34
KS		 3568 if (!c->device)
3569 continue;
3570 if (!c->write)
3571 continue;
3572 if ((c->flags & CON_ENABLED) == 0)
3573 continue;
3574 cs[i++] = c;
3575 if (i >= ARRAY_SIZE(cs))
3576 break;
3577 }
723abd87
HR		 3578 while (i--) {
3579 int index = cs[i]->index;
3580 struct tty_driver *drv = cs[i]->device(cs[i], &index);
3581
3582 /* don't resolve tty0 as some programs depend on it */
3583 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR))
3584 count += tty_line_name(drv, index, buf + count);
3585 else
3586 count += sprintf(buf + count, "%s%d",
3587 cs[i]->name, cs[i]->index);
3588
3589 count += sprintf(buf + count, "%c", i ? ' ':'\n');
3590 }
ac751efa 3591 console_unlock();
fbc92a34
KS		 3592
3593 return count;
3594}
3595static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3596
3597static struct device *consdev;
3598
3599void console_sysfs_notify(void)
3600{
3601 if (consdev)
3602 sysfs_notify(&consdev->kobj, NULL, "active");
3603}
3604
1da177e4
LT		 3605/*
3606 * Ok, now we can initialize the rest of the tty devices and can count
3607 * on memory allocations, interrupts etc..
3608 */
31d1d48e 3609int __init tty_init(void)
1da177e4
LT		 3610{
3611 cdev_init(&tty_cdev, &tty_fops);
3612 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3613 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3614 panic("Couldn't register /dev/tty driver\n");
fbc92a34 3615 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
1da177e4
LT		 3616
3617 cdev_init(&console_cdev, &console_fops);
3618 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3619 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3620 panic("Couldn't register /dev/console driver\n");
fbc92a34 3621 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
47aa5793 3622 "console");
fbc92a34
KS		 3623 if (IS_ERR(consdev))
3624 consdev = NULL;
3625 else
a2a6a822 3626 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
1da177e4 3627
1da177e4 3628#ifdef CONFIG_VT
d81ed103 3629 vty_init(&console_fops);
1da177e4
LT		 3630#endif
3631 return 0;
3632}
31d1d48e 3633
Linux 6.x block layer and io_uring tree(s)