[linux-block.git] / drivers / tty / tty_jobctrl.c

// SPDX-License-Identifier: GPL-2.0
/*
 *  Copyright (C) 1991, 1992  Linus Torvalds
 */

#include <linux/types.h>
#include <linux/errno.h>
#include <linux/signal.h>
#include <linux/sched/signal.h>
#include <linux/sched/task.h>
#include <linux/tty.h>
#include <linux/fcntl.h>
#include <linux/uaccess.h>

static int is_ignored(int sig)
{
	return (sigismember(&current->blocked, sig) ||
		current->sighand->action[sig-1].sa.sa_handler == SIG_IGN);
}

/**
 *	tty_check_change	-	check for POSIX terminal changes
 *	@tty: tty to check
 *	@sig: signal to send
 *
 *	If we try to write to, or set the state of, a terminal and we're
 *	not in the foreground, send a SIGTTOU.  If the signal is blocked or
 *	ignored, go ahead and perform the operation.  (POSIX 7.2)
 *
 *	Locking: ctrl_lock
 */
int __tty_check_change(struct tty_struct *tty, int sig)
{
	unsigned long flags;
	struct pid *pgrp, *tty_pgrp;
	int ret = 0;

	if (current->signal->tty != tty)
		return 0;

	rcu_read_lock();
	pgrp = task_pgrp(current);

	spin_lock_irqsave(&tty->ctrl_lock, flags);
	tty_pgrp = tty->pgrp;
	spin_unlock_irqrestore(&tty->ctrl_lock, flags);

	if (tty_pgrp && pgrp != tty_pgrp) {
		if (is_ignored(sig)) {
			if (sig == SIGTTIN)
				ret = -EIO;
		} else if (is_current_pgrp_orphaned())
			ret = -EIO;
		else {
			kill_pgrp(pgrp, sig, 1);
			set_thread_flag(TIF_SIGPENDING);
			ret = -ERESTARTSYS;
		}
	}
	rcu_read_unlock();

	if (!tty_pgrp)
		tty_warn(tty, "sig=%d, tty->pgrp == NULL!\n", sig);

	return ret;
}

int tty_check_change(struct tty_struct *tty)
{
	return __tty_check_change(tty, SIGTTOU);
}
EXPORT_SYMBOL(tty_check_change);

void proc_clear_tty(struct task_struct *p)
{
	unsigned long flags;
	struct tty_struct *tty;
	spin_lock_irqsave(&p->sighand->siglock, flags);
	tty = p->signal->tty;
	p->signal->tty = NULL;
	spin_unlock_irqrestore(&p->sighand->siglock, flags);
	tty_kref_put(tty);
}

/**
 * proc_set_tty -  set the controlling terminal
 *	@tty: tty structure
 *
 * Only callable by the session leader and only if it does not already have
 * a controlling terminal.
 *
 * Caller must hold:  tty_lock()
 *		      a readlock on tasklist_lock
 *		      sighand lock
 */
static void __proc_set_tty(struct tty_struct *tty)
{
	unsigned long flags;

	spin_lock_irqsave(&tty->ctrl_lock, flags);
	/*
	 * The session and fg pgrp references will be non-NULL if
	 * tiocsctty() is stealing the controlling tty
	 */
	put_pid(tty->session);
	put_pid(tty->pgrp);
	tty->pgrp = get_pid(task_pgrp(current));
	tty->session = get_pid(task_session(current));
	spin_unlock_irqrestore(&tty->ctrl_lock, flags);
	if (current->signal->tty) {
		tty_debug(tty, "current tty %s not NULL!!\n",
			  current->signal->tty->name);
		tty_kref_put(current->signal->tty);
	}
	put_pid(current->signal->tty_old_pgrp);
	current->signal->tty = tty_kref_get(tty);
	current->signal->tty_old_pgrp = NULL;
}

static void proc_set_tty(struct tty_struct *tty)
{
	spin_lock_irq(&current->sighand->siglock);
	__proc_set_tty(tty);
	spin_unlock_irq(&current->sighand->siglock);
}

/*
 * Called by tty_open() to set the controlling tty if applicable.
 */
void tty_open_proc_set_tty(struct file *filp, struct tty_struct *tty)
{
	read_lock(&tasklist_lock);
	spin_lock_irq(&current->sighand->siglock);
	if (current->signal->leader &&
	    !current->signal->tty &&
	    tty->session == NULL) {
		/*
		 * Don't let a process that only has write access to the tty
		 * obtain the privileges associated with having a tty as
		 * controlling terminal (being able to reopen it with full
		 * access through /dev/tty, being able to perform pushback).
		 * Many distributions set the group of all ttys to "tty" and
		 * grant write-only access to all terminals for setgid tty
		 * binaries, which should not imply full privileges on all ttys.
		 *
		 * This could theoretically break old code that performs open()
		 * on a write-only file descriptor. In that case, it might be
		 * necessary to also permit this if
		 * inode_permission(inode, MAY_READ) == 0.
		 */
		if (filp->f_mode & FMODE_READ)
			__proc_set_tty(tty);
	}
	spin_unlock_irq(&current->sighand->siglock);
	read_unlock(&tasklist_lock);
}

struct tty_struct *get_current_tty(void)
{
	struct tty_struct *tty;
	unsigned long flags;

	spin_lock_irqsave(&current->sighand->siglock, flags);
	tty = tty_kref_get(current->signal->tty);
	spin_unlock_irqrestore(&current->sighand->siglock, flags);
	return tty;
}
EXPORT_SYMBOL_GPL(get_current_tty);

/*
 * Called from tty_release().
 */
void session_clear_tty(struct pid *session)
{
	struct task_struct *p;
	do_each_pid_task(session, PIDTYPE_SID, p) {
		proc_clear_tty(p);
	} while_each_pid_task(session, PIDTYPE_SID, p);
}

/**
 *	tty_signal_session_leader	- sends SIGHUP to session leader
 *	@tty: controlling tty
 *	@exit_session: if non-zero, signal all foreground group processes
 *
 *	Send SIGHUP and SIGCONT to the session leader and its process group.
 *	Optionally, signal all processes in the foreground process group.
 *
 *	Returns the number of processes in the session with this tty
 *	as their controlling terminal. This value is used to drop
 *	tty references for those processes.
 */
int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
{
	struct task_struct *p;
	int refs = 0;
	struct pid *tty_pgrp = NULL;

	read_lock(&tasklist_lock);
	if (tty->session) {
		do_each_pid_task(tty->session, PIDTYPE_SID, p) {
			spin_lock_irq(&p->sighand->siglock);
			if (p->signal->tty == tty) {
				p->signal->tty = NULL;
				/* We defer the dereferences outside fo
				   the tasklist lock */
				refs++;
			}
			if (!p->signal->leader) {
				spin_unlock_irq(&p->sighand->siglock);
				continue;
			}
			__group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
			__group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
			put_pid(p->signal->tty_old_pgrp);  /* A noop */
			spin_lock(&tty->ctrl_lock);
			tty_pgrp = get_pid(tty->pgrp);
			if (tty->pgrp)
				p->signal->tty_old_pgrp = get_pid(tty->pgrp);
			spin_unlock(&tty->ctrl_lock);
			spin_unlock_irq(&p->sighand->siglock);
		} while_each_pid_task(tty->session, PIDTYPE_SID, p);
	}
	read_unlock(&tasklist_lock);

	if (tty_pgrp) {
		if (exit_session)
			kill_pgrp(tty_pgrp, SIGHUP, exit_session);
		put_pid(tty_pgrp);
	}

	return refs;
}

/**
 *	disassociate_ctty	-	disconnect controlling tty
 *	@on_exit: true if exiting so need to "hang up" the session
 *
 *	This function is typically called only by the session leader, when
 *	it wants to disassociate itself from its controlling tty.
 *
 *	It performs the following functions:
 * 	(1)  Sends a SIGHUP and SIGCONT to the foreground process group
 * 	(2)  Clears the tty from being controlling the session
 * 	(3)  Clears the controlling tty for all processes in the
 * 		session group.
 *
 *	The argument on_exit is set to 1 if called when a process is
 *	exiting; it is 0 if called by the ioctl TIOCNOTTY.
 *
 *	Locking:
 *		BTM is taken for hysterical raisons, and held when
 *		  called from no_tty().
 *		  tty_mutex is taken to protect tty
 *		  ->siglock is taken to protect ->signal/->sighand
 *		  tasklist_lock is taken to walk process list for sessions
 *		    ->siglock is taken to protect ->signal/->sighand
 */
void disassociate_ctty(int on_exit)
{
	struct tty_struct *tty;

	if (!current->signal->leader)
		return;

	tty = get_current_tty();
	if (tty) {
		if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
			tty_vhangup_session(tty);
		} else {
			struct pid *tty_pgrp = tty_get_pgrp(tty);
			if (tty_pgrp) {
				kill_pgrp(tty_pgrp, SIGHUP, on_exit);
				if (!on_exit)
					kill_pgrp(tty_pgrp, SIGCONT, on_exit);
				put_pid(tty_pgrp);
			}
		}
		tty_kref_put(tty);

	} else if (on_exit) {
		struct pid *old_pgrp;
		spin_lock_irq(&current->sighand->siglock);
		old_pgrp = current->signal->tty_old_pgrp;
		current->signal->tty_old_pgrp = NULL;
		spin_unlock_irq(&current->sighand->siglock);
		if (old_pgrp) {
			kill_pgrp(old_pgrp, SIGHUP, on_exit);
			kill_pgrp(old_pgrp, SIGCONT, on_exit);
			put_pid(old_pgrp);
		}
		return;
	}

	spin_lock_irq(&current->sighand->siglock);
	put_pid(current->signal->tty_old_pgrp);
	current->signal->tty_old_pgrp = NULL;
	tty = tty_kref_get(current->signal->tty);
	spin_unlock_irq(&current->sighand->siglock);

	if (tty) {
		unsigned long flags;

		tty_lock(tty);
		spin_lock_irqsave(&tty->ctrl_lock, flags);
		put_pid(tty->session);
		put_pid(tty->pgrp);
		tty->session = NULL;
		tty->pgrp = NULL;
		spin_unlock_irqrestore(&tty->ctrl_lock, flags);
		tty_unlock(tty);
		tty_kref_put(tty);
	}

	/* Now clear signal->tty under the lock */
	read_lock(&tasklist_lock);
	session_clear_tty(task_session(current));
	read_unlock(&tasklist_lock);
}

/*
 *
 *	no_tty	- Ensure the current process does not have a controlling tty
 */
void no_tty(void)
{
	/* FIXME: Review locking here. The tty_lock never covered any race
	   between a new association and proc_clear_tty but possible we need
	   to protect against this anyway */
	struct task_struct *tsk = current;
	disassociate_ctty(0);
	proc_clear_tty(tsk);
}

/**
 *	tiocsctty	-	set controlling tty
 *	@tty: tty structure
 *	@file: file structure used to check permissions
 *	@arg: user argument
 *
 *	This ioctl is used to manage job control. It permits a session
 *	leader to set this tty as the controlling tty for the session.
 *
 *	Locking:
 *		Takes tty_lock() to serialize proc_set_tty() for this tty
 *		Takes tasklist_lock internally to walk sessions
 *		Takes ->siglock() when updating signal->tty
 */
static int tiocsctty(struct tty_struct *tty, struct file *file, int arg)
{
	int ret = 0;

	tty_lock(tty);
	read_lock(&tasklist_lock);

	if (current->signal->leader && (task_session(current) == tty->session))
		goto unlock;

	/*
	 * The process must be a session leader and
	 * not have a controlling tty already.
	 */
	if (!current->signal->leader || current->signal->tty) {
		ret = -EPERM;
		goto unlock;
	}

	if (tty->session) {
		/*
		 * This tty is already the controlling
		 * tty for another session group!
		 */
		if (arg == 1 && capable(CAP_SYS_ADMIN)) {
			/*
			 * Steal it away
			 */
			session_clear_tty(tty->session);
		} else {
			ret = -EPERM;
			goto unlock;
		}
	}

	/* See the comment in tty_open_proc_set_tty(). */
	if ((file->f_mode & FMODE_READ) == 0 && !capable(CAP_SYS_ADMIN)) {
		ret = -EPERM;
		goto unlock;
	}

	proc_set_tty(tty);
unlock:
	read_unlock(&tasklist_lock);
	tty_unlock(tty);
	return ret;
}

/**
 *	tty_get_pgrp	-	return a ref counted pgrp pid
 *	@tty: tty to read
 *
 *	Returns a refcounted instance of the pid struct for the process
 *	group controlling the tty.
 */
struct pid *tty_get_pgrp(struct tty_struct *tty)
{
	unsigned long flags;
	struct pid *pgrp;

	spin_lock_irqsave(&tty->ctrl_lock, flags);
	pgrp = get_pid(tty->pgrp);
	spin_unlock_irqrestore(&tty->ctrl_lock, flags);

	return pgrp;
}
EXPORT_SYMBOL_GPL(tty_get_pgrp);

/*
 * This checks not only the pgrp, but falls back on the pid if no
 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly
 * without this...
 *
 * The caller must hold rcu lock or the tasklist lock.
 */
static struct pid *session_of_pgrp(struct pid *pgrp)
{
	struct task_struct *p;
	struct pid *sid = NULL;

	p = pid_task(pgrp, PIDTYPE_PGID);
	if (p == NULL)
		p = pid_task(pgrp, PIDTYPE_PID);
	if (p != NULL)
		sid = task_session(p);

	return sid;
}

/**
 *	tiocgpgrp		-	get process group
 *	@tty: tty passed by user
 *	@real_tty: tty side of the tty passed by the user if a pty else the tty
 *	@p: returned pid
 *
 *	Obtain the process group of the tty. If there is no process group
 *	return an error.
 *
 *	Locking: none. Reference to current->signal->tty is safe.
 */
static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
{
	struct pid *pid;
	int ret;
	/*
	 * (tty == real_tty) is a cheap way of
	 * testing if the tty is NOT a master pty.
	 */
	if (tty == real_tty && current->signal->tty != real_tty)
		return -ENOTTY;
	pid = tty_get_pgrp(real_tty);
	ret =  put_user(pid_vnr(pid), p);
	put_pid(pid);
	return ret;
}

/**
 *	tiocspgrp		-	attempt to set process group
 *	@tty: tty passed by user
 *	@real_tty: tty side device matching tty passed by user
 *	@p: pid pointer
 *
 *	Set the process group of the tty to the session passed. Only
 *	permitted where the tty session is our session.
 *
 *	Locking: RCU, ctrl lock
 */
static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
{
	struct pid *pgrp;
	pid_t pgrp_nr;
	int retval = tty_check_change(real_tty);

	if (retval == -EIO)
		return -ENOTTY;
	if (retval)
		return retval;

	if (get_user(pgrp_nr, p))
		return -EFAULT;
	if (pgrp_nr < 0)
		return -EINVAL;

	spin_lock_irq(&real_tty->ctrl_lock);
	if (!current->signal->tty ||
	    (current->signal->tty != real_tty) ||
	    (real_tty->session != task_session(current))) {
		retval = -ENOTTY;
		goto out_unlock_ctrl;
	}
	rcu_read_lock();
	pgrp = find_vpid(pgrp_nr);
	retval = -ESRCH;
	if (!pgrp)
		goto out_unlock;
	retval = -EPERM;
	if (session_of_pgrp(pgrp) != task_session(current))
		goto out_unlock;
	retval = 0;
	put_pid(real_tty->pgrp);
	real_tty->pgrp = get_pid(pgrp);
out_unlock:
	rcu_read_unlock();
out_unlock_ctrl:
	spin_unlock_irq(&real_tty->ctrl_lock);
	return retval;
}

/**
 *	tiocgsid		-	get session id
 *	@tty: tty passed by user
 *	@real_tty: tty side of the tty passed by the user if a pty else the tty
 *	@p: pointer to returned session id
 *
 *	Obtain the session id of the tty. If there is no session
 *	return an error.
 */
static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
{
	unsigned long flags;
	pid_t sid;

	/*
	 * (tty == real_tty) is a cheap way of
	 * testing if the tty is NOT a master pty.
	*/
	if (tty == real_tty && current->signal->tty != real_tty)
		return -ENOTTY;

	spin_lock_irqsave(&real_tty->ctrl_lock, flags);
	if (!real_tty->session)
		goto err;
	sid = pid_vnr(real_tty->session);
	spin_unlock_irqrestore(&real_tty->ctrl_lock, flags);

	return put_user(sid, p);

err:
	spin_unlock_irqrestore(&real_tty->ctrl_lock, flags);
	return -ENOTTY;
}

/*
 * Called from tty_ioctl(). If tty is a pty then real_tty is the slave side,
 * if not then tty == real_tty.
 */
long tty_jobctrl_ioctl(struct tty_struct *tty, struct tty_struct *real_tty,
		       struct file *file, unsigned int cmd, unsigned long arg)
{
	void __user *p = (void __user *)arg;

	switch (cmd) {
	case TIOCNOTTY:
		if (current->signal->tty != tty)
			return -ENOTTY;
		no_tty();
		return 0;
	case TIOCSCTTY:
		return tiocsctty(real_tty, file, arg);
	case TIOCGPGRP:
		return tiocgpgrp(tty, real_tty, p);
	case TIOCSPGRP:
		return tiocspgrp(tty, real_tty, p);
	case TIOCGSID:
		return tiocgsid(tty, real_tty, p);
	}
	return -ENOIOCTLCMD;
}
Commit	Line	Data
e3b3d0f5	1	// SPDX-License-Identifier: GPL-2.0
a1235b3e NP	2	/*
	3	* Copyright (C) 1991, 1992 Linus Torvalds
	4	*/
	5
	6	#include <linux/types.h>
	7	#include <linux/errno.h>
	8	#include <linux/signal.h>
	9	#include <linux/sched/signal.h>
	10	#include <linux/sched/task.h>
	11	#include <linux/tty.h>
	12	#include <linux/fcntl.h>
	13	#include <linux/uaccess.h>
	14
	15	static int is_ignored(int sig)
	16	{
	17	return (sigismember(&current->blocked, sig) \|\|
	18	current->sighand->action[sig-1].sa.sa_handler == SIG_IGN);
	19	}
	20
	21	/**
	22	* tty_check_change - check for POSIX terminal changes
	23	* @tty: tty to check
bc38fe24	24	* @sig: signal to send
a1235b3e NP	25	*
	26	* If we try to write to, or set the state of, a terminal and we're
	27	* not in the foreground, send a SIGTTOU. If the signal is blocked or
	28	* ignored, go ahead and perform the operation. (POSIX 7.2)
	29	*
	30	* Locking: ctrl_lock
	31	*/
	32	int __tty_check_change(struct tty_struct *tty, int sig)
	33	{
	34	unsigned long flags;
	35	struct pid pgrp, tty_pgrp;
	36	int ret = 0;
	37
	38	if (current->signal->tty != tty)
	39	return 0;
	40
	41	rcu_read_lock();
	42	pgrp = task_pgrp(current);
	43
	44	spin_lock_irqsave(&tty->ctrl_lock, flags);
	45	tty_pgrp = tty->pgrp;
	46	spin_unlock_irqrestore(&tty->ctrl_lock, flags);
	47
cf90c06f	48	if (tty_pgrp && pgrp != tty_pgrp) {
a1235b3e NP	49	if (is_ignored(sig)) {
	50	if (sig == SIGTTIN)
	51	ret = -EIO;
	52	} else if (is_current_pgrp_orphaned())
	53	ret = -EIO;
	54	else {
	55	kill_pgrp(pgrp, sig, 1);
	56	set_thread_flag(TIF_SIGPENDING);
	57	ret = -ERESTARTSYS;
	58	}
	59	}
	60	rcu_read_unlock();
	61
	62	if (!tty_pgrp)
	63	tty_warn(tty, "sig=%d, tty->pgrp == NULL!\n", sig);
	64
	65	return ret;
	66	}
	67
	68	int tty_check_change(struct tty_struct *tty)
	69	{
	70	return __tty_check_change(tty, SIGTTOU);
	71	}
	72	EXPORT_SYMBOL(tty_check_change);
	73
	74	void proc_clear_tty(struct task_struct *p)
	75	{
	76	unsigned long flags;
	77	struct tty_struct *tty;
	78	spin_lock_irqsave(&p->sighand->siglock, flags);
	79	tty = p->signal->tty;
	80	p->signal->tty = NULL;
	81	spin_unlock_irqrestore(&p->sighand->siglock, flags);
	82	tty_kref_put(tty);
	83	}
	84
	85	/**
	86	* proc_set_tty - set the controlling terminal
bc38fe24	87	* @tty: tty structure
a1235b3e NP	88	*
	89	* Only callable by the session leader and only if it does not already have
	90	* a controlling terminal.
	91	*
	92	* Caller must hold: tty_lock()
	93	* a readlock on tasklist_lock
	94	* sighand lock
	95	*/
	96	static void __proc_set_tty(struct tty_struct *tty)
	97	{
	98	unsigned long flags;
	99
	100	spin_lock_irqsave(&tty->ctrl_lock, flags);
	101	/*
	102	* The session and fg pgrp references will be non-NULL if
	103	* tiocsctty() is stealing the controlling tty
	104	*/
	105	put_pid(tty->session);
	106	put_pid(tty->pgrp);
	107	tty->pgrp = get_pid(task_pgrp(current));
a1235b3e	108	tty->session = get_pid(task_session(current));
c8bcd9c5	109	spin_unlock_irqrestore(&tty->ctrl_lock, flags);
a1235b3e NP	110	if (current->signal->tty) {
	111	tty_debug(tty, "current tty %s not NULL!!\n",
	112	current->signal->tty->name);
	113	tty_kref_put(current->signal->tty);
	114	}
	115	put_pid(current->signal->tty_old_pgrp);
	116	current->signal->tty = tty_kref_get(tty);
	117	current->signal->tty_old_pgrp = NULL;
	118	}
	119
	120	static void proc_set_tty(struct tty_struct *tty)
	121	{
	122	spin_lock_irq(&current->sighand->siglock);
	123	__proc_set_tty(tty);
	124	spin_unlock_irq(&current->sighand->siglock);
	125	}
	126
	127	/*
	128	* Called by tty_open() to set the controlling tty if applicable.
	129	*/
	130	void tty_open_proc_set_tty(struct file filp, struct tty_struct tty)
	131	{
	132	read_lock(&tasklist_lock);
	133	spin_lock_irq(&current->sighand->siglock);
	134	if (current->signal->leader &&
	135	!current->signal->tty &&
	136	tty->session == NULL) {
	137	/*
	138	* Don't let a process that only has write access to the tty
	139	* obtain the privileges associated with having a tty as
	140	* controlling terminal (being able to reopen it with full
	141	* access through /dev/tty, being able to perform pushback).
	142	* Many distributions set the group of all ttys to "tty" and
	143	* grant write-only access to all terminals for setgid tty
	144	* binaries, which should not imply full privileges on all ttys.
	145	*
	146	* This could theoretically break old code that performs open()
	147	* on a write-only file descriptor. In that case, it might be
	148	* necessary to also permit this if
	149	* inode_permission(inode, MAY_READ) == 0.
	150	*/
	151	if (filp->f_mode & FMODE_READ)
	152	__proc_set_tty(tty);
	153	}
	154	spin_unlock_irq(&current->sighand->siglock);
	155	read_unlock(&tasklist_lock);
	156	}
	157
	158	struct tty_struct *get_current_tty(void)
	159	{
	160	struct tty_struct *tty;
	161	unsigned long flags;
	162
	163	spin_lock_irqsave(&current->sighand->siglock, flags);
	164	tty = tty_kref_get(current->signal->tty);
	165	spin_unlock_irqrestore(&current->sighand->siglock, flags);
	166	return tty;
	167	}
	168	EXPORT_SYMBOL_GPL(get_current_tty);
	169
	170	/*
	171	* Called from tty_release().
	172	*/
	173	void session_clear_tty(struct pid *session)
174	{
175	struct task_struct *p;
176	do_each_pid_task(session, PIDTYPE_SID, p) {
177	proc_clear_tty(p);
178	} while_each_pid_task(session, PIDTYPE_SID, p);
179	}
180
181	/**
182	* tty_signal_session_leader - sends SIGHUP to session leader
fa441954 JS	183	* @tty: controlling tty
fa441954 JS	184	* @exit_session: if non-zero, signal all foreground group processes
a1235b3e NP	185	*
	186	* Send SIGHUP and SIGCONT to the session leader and its process group.
	187	* Optionally, signal all processes in the foreground process group.
	188	*
	189	* Returns the number of processes in the session with this tty
	190	* as their controlling terminal. This value is used to drop
	191	* tty references for those processes.
	192	*/
	193	int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
	194	{
	195	struct task_struct *p;
	196	int refs = 0;
	197	struct pid *tty_pgrp = NULL;
	198
	199	read_lock(&tasklist_lock);
	200	if (tty->session) {
	201	do_each_pid_task(tty->session, PIDTYPE_SID, p) {
	202	spin_lock_irq(&p->sighand->siglock);
	203	if (p->signal->tty == tty) {
	204	p->signal->tty = NULL;
	205	/* We defer the dereferences outside fo
	206	the tasklist lock */
	207	refs++;
	208	}
	209	if (!p->signal->leader) {
	210	spin_unlock_irq(&p->sighand->siglock);
	211	continue;
	212	}
	213	__group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
	214	__group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
	215	put_pid(p->signal->tty_old_pgrp); /* A noop */
	216	spin_lock(&tty->ctrl_lock);
	217	tty_pgrp = get_pid(tty->pgrp);
	218	if (tty->pgrp)
	219	p->signal->tty_old_pgrp = get_pid(tty->pgrp);
	220	spin_unlock(&tty->ctrl_lock);
	221	spin_unlock_irq(&p->sighand->siglock);
	222	} while_each_pid_task(tty->session, PIDTYPE_SID, p);
	223	}
	224	read_unlock(&tasklist_lock);
	225
	226	if (tty_pgrp) {
	227	if (exit_session)
	228	kill_pgrp(tty_pgrp, SIGHUP, exit_session);
	229	put_pid(tty_pgrp);
	230	}
	231
	232	return refs;
	233	}
	234
	235	/**
	236	* disassociate_ctty - disconnect controlling tty
	237	* @on_exit: true if exiting so need to "hang up" the session
	238	*
	239	* This function is typically called only by the session leader, when
	240	* it wants to disassociate itself from its controlling tty.
	241	*
	242	* It performs the following functions:
	243	* (1) Sends a SIGHUP and SIGCONT to the foreground process group
	244	* (2) Clears the tty from being controlling the session
	245	* (3) Clears the controlling tty for all processes in the
	246	* session group.
	247	*
	248	* The argument on_exit is set to 1 if called when a process is
249	* exiting; it is 0 if called by the ioctl TIOCNOTTY.
250	*
251	* Locking:
252	* BTM is taken for hysterical raisons, and held when
253	* called from no_tty().
254	* tty_mutex is taken to protect tty
255	* ->siglock is taken to protect ->signal/->sighand
256	* tasklist_lock is taken to walk process list for sessions
257	* ->siglock is taken to protect ->signal/->sighand
258	*/
259	void disassociate_ctty(int on_exit)
260	{
261	struct tty_struct *tty;
262
263	if (!current->signal->leader)
264	return;
265
266	tty = get_current_tty();
267	if (tty) {
268	if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
269	tty_vhangup_session(tty);
270	} else {
271	struct pid *tty_pgrp = tty_get_pgrp(tty);
272	if (tty_pgrp) {
273	kill_pgrp(tty_pgrp, SIGHUP, on_exit);
274	if (!on_exit)
275	kill_pgrp(tty_pgrp, SIGCONT, on_exit);
276	put_pid(tty_pgrp);
277	}
278	}
279	tty_kref_put(tty);
280
281	} else if (on_exit) {
282	struct pid *old_pgrp;
283	spin_lock_irq(&current->sighand->siglock);
284	old_pgrp = current->signal->tty_old_pgrp;
285	current->signal->tty_old_pgrp = NULL;
286	spin_unlock_irq(&current->sighand->siglock);
287	if (old_pgrp) {
288	kill_pgrp(old_pgrp, SIGHUP, on_exit);
289	kill_pgrp(old_pgrp, SIGCONT, on_exit);
290	put_pid(old_pgrp);
291	}
292	return;
293	}
294
295	spin_lock_irq(&current->sighand->siglock);
296	put_pid(current->signal->tty_old_pgrp);
297	current->signal->tty_old_pgrp = NULL;
a1235b3e	298	tty = tty_kref_get(current->signal->tty);
c8bcd9c5 JH	299	spin_unlock_irq(&current->sighand->siglock);
c8bcd9c5 JH	300
a1235b3e NP	301	if (tty) {
a1235b3e NP	302	unsigned long flags;
c8bcd9c5 JH	303
c8bcd9c5 JH	304	tty_lock(tty);
a1235b3e NP	305	spin_lock_irqsave(&tty->ctrl_lock, flags);
	306	put_pid(tty->session);
	307	put_pid(tty->pgrp);
	308	tty->session = NULL;
	309	tty->pgrp = NULL;
	310	spin_unlock_irqrestore(&tty->ctrl_lock, flags);
c8bcd9c5	311	tty_unlock(tty);
a1235b3e NP	312	tty_kref_put(tty);
	313	}
	314
a1235b3e NP	315	/* Now clear signal->tty under the lock */
	316	read_lock(&tasklist_lock);
	317	session_clear_tty(task_session(current));
	318	read_unlock(&tasklist_lock);
	319	}
	320
3adf2aa8	321	/*
a1235b3e NP	322	*
	323	* no_tty - Ensure the current process does not have a controlling tty
	324	*/
	325	void no_tty(void)
	326	{
	327	/* FIXME: Review locking here. The tty_lock never covered any race
	328	between a new association and proc_clear_tty but possible we need
	329	to protect against this anyway */
	330	struct task_struct *tsk = current;
	331	disassociate_ctty(0);
	332	proc_clear_tty(tsk);
	333	}
	334
	335	/**
	336	* tiocsctty - set controlling tty
	337	* @tty: tty structure
bc38fe24	338	* @file: file structure used to check permissions
a1235b3e NP	339	* @arg: user argument
	340	*
	341	* This ioctl is used to manage job control. It permits a session
	342	* leader to set this tty as the controlling tty for the session.
	343	*
	344	* Locking:
	345	* Takes tty_lock() to serialize proc_set_tty() for this tty
	346	* Takes tasklist_lock internally to walk sessions
	347	* Takes ->siglock() when updating signal->tty
	348	*/
	349	static int tiocsctty(struct tty_struct tty, struct file file, int arg)
	350	{
	351	int ret = 0;
	352
	353	tty_lock(tty);
	354	read_lock(&tasklist_lock);
	355
	356	if (current->signal->leader && (task_session(current) == tty->session))
	357	goto unlock;
	358
	359	/*
	360	* The process must be a session leader and
	361	* not have a controlling tty already.
	362	*/
	363	if (!current->signal->leader \|\| current->signal->tty) {
	364	ret = -EPERM;
	365	goto unlock;
	366	}
	367
	368	if (tty->session) {
	369	/*
	370	* This tty is already the controlling
	371	* tty for another session group!
	372	*/
	373	if (arg == 1 && capable(CAP_SYS_ADMIN)) {
	374	/*
	375	* Steal it away
	376	*/
	377	session_clear_tty(tty->session);
	378	} else {
	379	ret = -EPERM;
	380	goto unlock;
	381	}
	382	}
	383
	384	/* See the comment in tty_open_proc_set_tty(). */
	385	if ((file->f_mode & FMODE_READ) == 0 && !capable(CAP_SYS_ADMIN)) {
	386	ret = -EPERM;
	387	goto unlock;
	388	}
	389
	390	proc_set_tty(tty);
	391	unlock:
	392	read_unlock(&tasklist_lock);
	393	tty_unlock(tty);
	394	return ret;
	395	}
	396
	397	/**
	398	* tty_get_pgrp - return a ref counted pgrp pid
	399	* @tty: tty to read
	400	*
	401	* Returns a refcounted instance of the pid struct for the process
	402	* group controlling the tty.
403	*/
404	struct pid tty_get_pgrp(struct tty_struct tty)
405	{
406	unsigned long flags;
407	struct pid *pgrp;
408
409	spin_lock_irqsave(&tty->ctrl_lock, flags);
410	pgrp = get_pid(tty->pgrp);
411	spin_unlock_irqrestore(&tty->ctrl_lock, flags);
412
413	return pgrp;
414	}
415	EXPORT_SYMBOL_GPL(tty_get_pgrp);
416
417	/*
418	* This checks not only the pgrp, but falls back on the pid if no
419	* satisfactory pgrp is found. I dunno - gdb doesn't work correctly
420	* without this...
421	*
422	* The caller must hold rcu lock or the tasklist lock.
423	*/
424	static struct pid session_of_pgrp(struct pid pgrp)
425	{
426	struct task_struct *p;
427	struct pid *sid = NULL;
428
429	p = pid_task(pgrp, PIDTYPE_PGID);
430	if (p == NULL)
431	p = pid_task(pgrp, PIDTYPE_PID);
432	if (p != NULL)
433	sid = task_session(p);
434
435	return sid;
436	}
437
438	/**
439	* tiocgpgrp - get process group
440	* @tty: tty passed by user
441	* @real_tty: tty side of the tty passed by the user if a pty else the tty
442	* @p: returned pid
443	*
444	* Obtain the process group of the tty. If there is no process group
445	* return an error.
446	*
447	* Locking: none. Reference to current->signal->tty is safe.
448	*/
449	static int tiocgpgrp(struct tty_struct tty, struct tty_struct real_tty, pid_t __user *p)
450	{
451	struct pid *pid;
452	int ret;
453	/*
454	* (tty == real_tty) is a cheap way of
455	* testing if the tty is NOT a master pty.
456	*/
457	if (tty == real_tty && current->signal->tty != real_tty)
458	return -ENOTTY;
459	pid = tty_get_pgrp(real_tty);
460	ret = put_user(pid_vnr(pid), p);
461	put_pid(pid);
462	return ret;
463	}
464
465	/**
466	* tiocspgrp - attempt to set process group
467	* @tty: tty passed by user
468	* @real_tty: tty side device matching tty passed by user
469	* @p: pid pointer
470	*
471	* Set the process group of the tty to the session passed. Only
472	* permitted where the tty session is our session.
473	*
474	* Locking: RCU, ctrl lock
475	*/
476	static int tiocspgrp(struct tty_struct tty, struct tty_struct real_tty, pid_t __user *p)
477	{
478	struct pid *pgrp;
479	pid_t pgrp_nr;
480	int retval = tty_check_change(real_tty);
481
482	if (retval == -EIO)
483	return -ENOTTY;
484	if (retval)
485	return retval;
c8bcd9c5	486
a1235b3e NP	487	if (get_user(pgrp_nr, p))
	488	return -EFAULT;
	489	if (pgrp_nr < 0)
	490	return -EINVAL;
c8bcd9c5 JH	491
	492	spin_lock_irq(&real_tty->ctrl_lock);
	493	if (!current->signal->tty \|\|
	494	(current->signal->tty != real_tty) \|\|
	495	(real_tty->session != task_session(current))) {
	496	retval = -ENOTTY;
	497	goto out_unlock_ctrl;
	498	}
a1235b3e NP	499	rcu_read_lock();
	500	pgrp = find_vpid(pgrp_nr);
	501	retval = -ESRCH;
	502	if (!pgrp)
	503	goto out_unlock;
	504	retval = -EPERM;
	505	if (session_of_pgrp(pgrp) != task_session(current))
	506	goto out_unlock;
	507	retval = 0;
a1235b3e NP	508	put_pid(real_tty->pgrp);
a1235b3e NP	509	real_tty->pgrp = get_pid(pgrp);
a1235b3e NP	510	out_unlock:
a1235b3e NP	511	rcu_read_unlock();
c8bcd9c5 JH	512	out_unlock_ctrl:
c8bcd9c5 JH	513	spin_unlock_irq(&real_tty->ctrl_lock);
a1235b3e NP	514	return retval;
	515	}
	516
	517	/**
	518	* tiocgsid - get session id
	519	* @tty: tty passed by user
	520	* @real_tty: tty side of the tty passed by the user if a pty else the tty
	521	* @p: pointer to returned session id
	522	*
	523	* Obtain the session id of the tty. If there is no session
	524	* return an error.
a1235b3e NP	525	*/
	526	static int tiocgsid(struct tty_struct tty, struct tty_struct real_tty, pid_t __user *p)
	527	{
c8bcd9c5 JH	528	unsigned long flags;
	529	pid_t sid;
	530
a1235b3e NP	531	/*
	532	* (tty == real_tty) is a cheap way of
	533	* testing if the tty is NOT a master pty.
	534	*/
	535	if (tty == real_tty && current->signal->tty != real_tty)
	536	return -ENOTTY;
c8bcd9c5 JH	537
c8bcd9c5 JH	538	spin_lock_irqsave(&real_tty->ctrl_lock, flags);
a1235b3e	539	if (!real_tty->session)
c8bcd9c5 JH	540	goto err;
	541	sid = pid_vnr(real_tty->session);
	542	spin_unlock_irqrestore(&real_tty->ctrl_lock, flags);
	543
	544	return put_user(sid, p);
	545
	546	err:
	547	spin_unlock_irqrestore(&real_tty->ctrl_lock, flags);
	548	return -ENOTTY;
a1235b3e NP	549	}
	550
	551	/*
	552	* Called from tty_ioctl(). If tty is a pty then real_tty is the slave side,
	553	* if not then tty == real_tty.
	554	*/
	555	long tty_jobctrl_ioctl(struct tty_struct tty, struct tty_struct real_tty,
	556	struct file *file, unsigned int cmd, unsigned long arg)
	557	{
	558	void __user p = (void __user )arg;
	559
	560	switch (cmd) {
	561	case TIOCNOTTY:
	562	if (current->signal->tty != tty)
	563	return -ENOTTY;
	564	no_tty();
	565	return 0;
	566	case TIOCSCTTY:
	567	return tiocsctty(real_tty, file, arg);
	568	case TIOCGPGRP:
	569	return tiocgpgrp(tty, real_tty, p);
	570	case TIOCSPGRP:
	571	return tiocspgrp(tty, real_tty, p);
	572	case TIOCGSID:
	573	return tiocgsid(tty, real_tty, p);
	574	}
	575	return -ENOIOCTLCMD;
	576	}