| 1 | /* |
| 2 | * linux/drivers/char/tty_io.c |
| 3 | * |
| 4 | * Copyright (C) 1991, 1992 Linus Torvalds |
| 5 | */ |
| 6 | |
| 7 | /* |
| 8 | * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles |
| 9 | * or rs-channels. It also implements echoing, cooked mode etc. |
| 10 | * |
| 11 | * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. |
| 12 | * |
| 13 | * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the |
| 14 | * tty_struct and tty_queue structures. Previously there was an array |
| 15 | * of 256 tty_struct's which was statically allocated, and the |
| 16 | * tty_queue structures were allocated at boot time. Both are now |
| 17 | * dynamically allocated only when the tty is open. |
| 18 | * |
| 19 | * Also restructured routines so that there is more of a separation |
| 20 | * between the high-level tty routines (tty_io.c and tty_ioctl.c) and |
| 21 | * the low-level tty routines (serial.c, pty.c, console.c). This |
| 22 | * makes for cleaner and more compact code. -TYT, 9/17/92 |
| 23 | * |
| 24 | * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines |
| 25 | * which can be dynamically activated and de-activated by the line |
| 26 | * discipline handling modules (like SLIP). |
| 27 | * |
| 28 | * NOTE: pay no attention to the line discipline code (yet); its |
| 29 | * interface is still subject to change in this version... |
| 30 | * -- TYT, 1/31/92 |
| 31 | * |
| 32 | * Added functionality to the OPOST tty handling. No delays, but all |
| 33 | * other bits should be there. |
| 34 | * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. |
| 35 | * |
| 36 | * Rewrote canonical mode and added more termios flags. |
| 37 | * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 |
| 38 | * |
| 39 | * Reorganized FASYNC support so mouse code can share it. |
| 40 | * -- ctm@ardi.com, 9Sep95 |
| 41 | * |
| 42 | * New TIOCLINUX variants added. |
| 43 | * -- mj@k332.feld.cvut.cz, 19-Nov-95 |
| 44 | * |
| 45 | * Restrict vt switching via ioctl() |
| 46 | * -- grif@cs.ucr.edu, 5-Dec-95 |
| 47 | * |
| 48 | * Move console and virtual terminal code to more appropriate files, |
| 49 | * implement CONFIG_VT and generalize console device interface. |
| 50 | * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 |
| 51 | * |
| 52 | * Rewrote init_dev and release_dev to eliminate races. |
| 53 | * -- Bill Hawes <whawes@star.net>, June 97 |
| 54 | * |
| 55 | * Added devfs support. |
| 56 | * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 |
| 57 | * |
| 58 | * Added support for a Unix98-style ptmx device. |
| 59 | * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 |
| 60 | * |
| 61 | * Reduced memory usage for older ARM systems |
| 62 | * -- Russell King <rmk@arm.linux.org.uk> |
| 63 | * |
| 64 | * Move do_SAK() into process context. Less stack use in devfs functions. |
| 65 | * alloc_tty_struct() always uses kmalloc() |
| 66 | * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 |
| 67 | */ |
| 68 | |
| 69 | #include <linux/types.h> |
| 70 | #include <linux/major.h> |
| 71 | #include <linux/errno.h> |
| 72 | #include <linux/signal.h> |
| 73 | #include <linux/fcntl.h> |
| 74 | #include <linux/sched.h> |
| 75 | #include <linux/interrupt.h> |
| 76 | #include <linux/tty.h> |
| 77 | #include <linux/tty_driver.h> |
| 78 | #include <linux/tty_flip.h> |
| 79 | #include <linux/devpts_fs.h> |
| 80 | #include <linux/file.h> |
| 81 | #include <linux/console.h> |
| 82 | #include <linux/timer.h> |
| 83 | #include <linux/ctype.h> |
| 84 | #include <linux/kd.h> |
| 85 | #include <linux/mm.h> |
| 86 | #include <linux/string.h> |
| 87 | #include <linux/slab.h> |
| 88 | #include <linux/poll.h> |
| 89 | #include <linux/proc_fs.h> |
| 90 | #include <linux/init.h> |
| 91 | #include <linux/module.h> |
| 92 | #include <linux/smp_lock.h> |
| 93 | #include <linux/device.h> |
| 94 | #include <linux/idr.h> |
| 95 | #include <linux/wait.h> |
| 96 | #include <linux/bitops.h> |
| 97 | #include <linux/delay.h> |
| 98 | |
| 99 | #include <asm/uaccess.h> |
| 100 | #include <asm/system.h> |
| 101 | |
| 102 | #include <linux/kbd_kern.h> |
| 103 | #include <linux/vt_kern.h> |
| 104 | #include <linux/selection.h> |
| 105 | |
| 106 | #include <linux/kmod.h> |
| 107 | #include <linux/nsproxy.h> |
| 108 | |
| 109 | #undef TTY_DEBUG_HANGUP |
| 110 | |
| 111 | #define TTY_PARANOIA_CHECK 1 |
| 112 | #define CHECK_TTY_COUNT 1 |
| 113 | |
| 114 | struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ |
| 115 | .c_iflag = ICRNL | IXON, |
| 116 | .c_oflag = OPOST | ONLCR, |
| 117 | .c_cflag = B38400 | CS8 | CREAD | HUPCL, |
| 118 | .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | |
| 119 | ECHOCTL | ECHOKE | IEXTEN, |
| 120 | .c_cc = INIT_C_CC, |
| 121 | .c_ispeed = 38400, |
| 122 | .c_ospeed = 38400 |
| 123 | }; |
| 124 | |
| 125 | EXPORT_SYMBOL(tty_std_termios); |
| 126 | |
| 127 | /* This list gets poked at by procfs and various bits of boot up code. This |
| 128 | could do with some rationalisation such as pulling the tty proc function |
| 129 | into this file */ |
| 130 | |
| 131 | LIST_HEAD(tty_drivers); /* linked list of tty drivers */ |
| 132 | |
| 133 | /* Mutex to protect creating and releasing a tty. This is shared with |
| 134 | vt.c for deeply disgusting hack reasons */ |
| 135 | DEFINE_MUTEX(tty_mutex); |
| 136 | EXPORT_SYMBOL(tty_mutex); |
| 137 | |
| 138 | #ifdef CONFIG_UNIX98_PTYS |
| 139 | extern struct tty_driver *ptm_driver; /* Unix98 pty masters; for /dev/ptmx */ |
| 140 | extern int pty_limit; /* Config limit on Unix98 ptys */ |
| 141 | static DEFINE_IDR(allocated_ptys); |
| 142 | static DEFINE_MUTEX(allocated_ptys_lock); |
| 143 | static int ptmx_open(struct inode *, struct file *); |
| 144 | #endif |
| 145 | |
| 146 | static void initialize_tty_struct(struct tty_struct *tty); |
| 147 | |
| 148 | static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); |
| 149 | static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); |
| 150 | ssize_t redirected_tty_write(struct file *, const char __user *, |
| 151 | size_t, loff_t *); |
| 152 | static unsigned int tty_poll(struct file *, poll_table *); |
| 153 | static int tty_open(struct inode *, struct file *); |
| 154 | static int tty_release(struct inode *, struct file *); |
| 155 | long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); |
| 156 | #ifdef CONFIG_COMPAT |
| 157 | static long tty_compat_ioctl(struct file *file, unsigned int cmd, |
| 158 | unsigned long arg); |
| 159 | #else |
| 160 | #define tty_compat_ioctl NULL |
| 161 | #endif |
| 162 | static int tty_fasync(int fd, struct file *filp, int on); |
| 163 | static void release_tty(struct tty_struct *tty, int idx); |
| 164 | static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); |
| 165 | static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); |
| 166 | |
| 167 | /** |
| 168 | * alloc_tty_struct - allocate a tty object |
| 169 | * |
| 170 | * Return a new empty tty structure. The data fields have not |
| 171 | * been initialized in any way but has been zeroed |
| 172 | * |
| 173 | * Locking: none |
| 174 | */ |
| 175 | |
| 176 | static struct tty_struct *alloc_tty_struct(void) |
| 177 | { |
| 178 | return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); |
| 179 | } |
| 180 | |
| 181 | static void tty_buffer_free_all(struct tty_struct *); |
| 182 | |
| 183 | /** |
| 184 | * free_tty_struct - free a disused tty |
| 185 | * @tty: tty struct to free |
| 186 | * |
| 187 | * Free the write buffers, tty queue and tty memory itself. |
| 188 | * |
| 189 | * Locking: none. Must be called after tty is definitely unused |
| 190 | */ |
| 191 | |
| 192 | static inline void free_tty_struct(struct tty_struct *tty) |
| 193 | { |
| 194 | kfree(tty->write_buf); |
| 195 | tty_buffer_free_all(tty); |
| 196 | kfree(tty); |
| 197 | } |
| 198 | |
| 199 | #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) |
| 200 | |
| 201 | /** |
| 202 | * tty_name - return tty naming |
| 203 | * @tty: tty structure |
| 204 | * @buf: buffer for output |
| 205 | * |
| 206 | * Convert a tty structure into a name. The name reflects the kernel |
| 207 | * naming policy and if udev is in use may not reflect user space |
| 208 | * |
| 209 | * Locking: none |
| 210 | */ |
| 211 | |
| 212 | char *tty_name(struct tty_struct *tty, char *buf) |
| 213 | { |
| 214 | if (!tty) /* Hmm. NULL pointer. That's fun. */ |
| 215 | strcpy(buf, "NULL tty"); |
| 216 | else |
| 217 | strcpy(buf, tty->name); |
| 218 | return buf; |
| 219 | } |
| 220 | |
| 221 | EXPORT_SYMBOL(tty_name); |
| 222 | |
| 223 | int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, |
| 224 | const char *routine) |
| 225 | { |
| 226 | #ifdef TTY_PARANOIA_CHECK |
| 227 | if (!tty) { |
| 228 | printk(KERN_WARNING |
| 229 | "null TTY for (%d:%d) in %s\n", |
| 230 | imajor(inode), iminor(inode), routine); |
| 231 | return 1; |
| 232 | } |
| 233 | if (tty->magic != TTY_MAGIC) { |
| 234 | printk(KERN_WARNING |
| 235 | "bad magic number for tty struct (%d:%d) in %s\n", |
| 236 | imajor(inode), iminor(inode), routine); |
| 237 | return 1; |
| 238 | } |
| 239 | #endif |
| 240 | return 0; |
| 241 | } |
| 242 | |
| 243 | static int check_tty_count(struct tty_struct *tty, const char *routine) |
| 244 | { |
| 245 | #ifdef CHECK_TTY_COUNT |
| 246 | struct list_head *p; |
| 247 | int count = 0; |
| 248 | |
| 249 | file_list_lock(); |
| 250 | list_for_each(p, &tty->tty_files) { |
| 251 | count++; |
| 252 | } |
| 253 | file_list_unlock(); |
| 254 | if (tty->driver->type == TTY_DRIVER_TYPE_PTY && |
| 255 | tty->driver->subtype == PTY_TYPE_SLAVE && |
| 256 | tty->link && tty->link->count) |
| 257 | count++; |
| 258 | if (tty->count != count) { |
| 259 | printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " |
| 260 | "!= #fd's(%d) in %s\n", |
| 261 | tty->name, tty->count, count, routine); |
| 262 | return count; |
| 263 | } |
| 264 | #endif |
| 265 | return 0; |
| 266 | } |
| 267 | |
| 268 | /* |
| 269 | * Tty buffer allocation management |
| 270 | */ |
| 271 | |
| 272 | /** |
| 273 | * tty_buffer_free_all - free buffers used by a tty |
| 274 | * @tty: tty to free from |
| 275 | * |
| 276 | * Remove all the buffers pending on a tty whether queued with data |
| 277 | * or in the free ring. Must be called when the tty is no longer in use |
| 278 | * |
| 279 | * Locking: none |
| 280 | */ |
| 281 | |
| 282 | static void tty_buffer_free_all(struct tty_struct *tty) |
| 283 | { |
| 284 | struct tty_buffer *thead; |
| 285 | while ((thead = tty->buf.head) != NULL) { |
| 286 | tty->buf.head = thead->next; |
| 287 | kfree(thead); |
| 288 | } |
| 289 | while ((thead = tty->buf.free) != NULL) { |
| 290 | tty->buf.free = thead->next; |
| 291 | kfree(thead); |
| 292 | } |
| 293 | tty->buf.tail = NULL; |
| 294 | tty->buf.memory_used = 0; |
| 295 | } |
| 296 | |
| 297 | /** |
| 298 | * tty_buffer_init - prepare a tty buffer structure |
| 299 | * @tty: tty to initialise |
| 300 | * |
| 301 | * Set up the initial state of the buffer management for a tty device. |
| 302 | * Must be called before the other tty buffer functions are used. |
| 303 | * |
| 304 | * Locking: none |
| 305 | */ |
| 306 | |
| 307 | static void tty_buffer_init(struct tty_struct *tty) |
| 308 | { |
| 309 | spin_lock_init(&tty->buf.lock); |
| 310 | tty->buf.head = NULL; |
| 311 | tty->buf.tail = NULL; |
| 312 | tty->buf.free = NULL; |
| 313 | tty->buf.memory_used = 0; |
| 314 | } |
| 315 | |
| 316 | /** |
| 317 | * tty_buffer_alloc - allocate a tty buffer |
| 318 | * @tty: tty device |
| 319 | * @size: desired size (characters) |
| 320 | * |
| 321 | * Allocate a new tty buffer to hold the desired number of characters. |
| 322 | * Return NULL if out of memory or the allocation would exceed the |
| 323 | * per device queue |
| 324 | * |
| 325 | * Locking: Caller must hold tty->buf.lock |
| 326 | */ |
| 327 | |
| 328 | static struct tty_buffer *tty_buffer_alloc(struct tty_struct *tty, size_t size) |
| 329 | { |
| 330 | struct tty_buffer *p; |
| 331 | |
| 332 | if (tty->buf.memory_used + size > 65536) |
| 333 | return NULL; |
| 334 | p = kmalloc(sizeof(struct tty_buffer) + 2 * size, GFP_ATOMIC); |
| 335 | if (p == NULL) |
| 336 | return NULL; |
| 337 | p->used = 0; |
| 338 | p->size = size; |
| 339 | p->next = NULL; |
| 340 | p->commit = 0; |
| 341 | p->read = 0; |
| 342 | p->char_buf_ptr = (char *)(p->data); |
| 343 | p->flag_buf_ptr = (unsigned char *)p->char_buf_ptr + size; |
| 344 | tty->buf.memory_used += size; |
| 345 | return p; |
| 346 | } |
| 347 | |
| 348 | /** |
| 349 | * tty_buffer_free - free a tty buffer |
| 350 | * @tty: tty owning the buffer |
| 351 | * @b: the buffer to free |
| 352 | * |
| 353 | * Free a tty buffer, or add it to the free list according to our |
| 354 | * internal strategy |
| 355 | * |
| 356 | * Locking: Caller must hold tty->buf.lock |
| 357 | */ |
| 358 | |
| 359 | static void tty_buffer_free(struct tty_struct *tty, struct tty_buffer *b) |
| 360 | { |
| 361 | /* Dumb strategy for now - should keep some stats */ |
| 362 | tty->buf.memory_used -= b->size; |
| 363 | WARN_ON(tty->buf.memory_used < 0); |
| 364 | |
| 365 | if (b->size >= 512) |
| 366 | kfree(b); |
| 367 | else { |
| 368 | b->next = tty->buf.free; |
| 369 | tty->buf.free = b; |
| 370 | } |
| 371 | } |
| 372 | |
| 373 | /** |
| 374 | * __tty_buffer_flush - flush full tty buffers |
| 375 | * @tty: tty to flush |
| 376 | * |
| 377 | * flush all the buffers containing receive data. Caller must |
| 378 | * hold the buffer lock and must have ensured no parallel flush to |
| 379 | * ldisc is running. |
| 380 | * |
| 381 | * Locking: Caller must hold tty->buf.lock |
| 382 | */ |
| 383 | |
| 384 | static void __tty_buffer_flush(struct tty_struct *tty) |
| 385 | { |
| 386 | struct tty_buffer *thead; |
| 387 | |
| 388 | while ((thead = tty->buf.head) != NULL) { |
| 389 | tty->buf.head = thead->next; |
| 390 | tty_buffer_free(tty, thead); |
| 391 | } |
| 392 | tty->buf.tail = NULL; |
| 393 | } |
| 394 | |
| 395 | /** |
| 396 | * tty_buffer_flush - flush full tty buffers |
| 397 | * @tty: tty to flush |
| 398 | * |
| 399 | * flush all the buffers containing receive data. If the buffer is |
| 400 | * being processed by flush_to_ldisc then we defer the processing |
| 401 | * to that function |
| 402 | * |
| 403 | * Locking: none |
| 404 | */ |
| 405 | |
| 406 | static void tty_buffer_flush(struct tty_struct *tty) |
| 407 | { |
| 408 | unsigned long flags; |
| 409 | spin_lock_irqsave(&tty->buf.lock, flags); |
| 410 | |
| 411 | /* If the data is being pushed to the tty layer then we can't |
| 412 | process it here. Instead set a flag and the flush_to_ldisc |
| 413 | path will process the flush request before it exits */ |
| 414 | if (test_bit(TTY_FLUSHING, &tty->flags)) { |
| 415 | set_bit(TTY_FLUSHPENDING, &tty->flags); |
| 416 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 417 | wait_event(tty->read_wait, |
| 418 | test_bit(TTY_FLUSHPENDING, &tty->flags) == 0); |
| 419 | return; |
| 420 | } else |
| 421 | __tty_buffer_flush(tty); |
| 422 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 423 | } |
| 424 | |
| 425 | /** |
| 426 | * tty_buffer_find - find a free tty buffer |
| 427 | * @tty: tty owning the buffer |
| 428 | * @size: characters wanted |
| 429 | * |
| 430 | * Locate an existing suitable tty buffer or if we are lacking one then |
| 431 | * allocate a new one. We round our buffers off in 256 character chunks |
| 432 | * to get better allocation behaviour. |
| 433 | * |
| 434 | * Locking: Caller must hold tty->buf.lock |
| 435 | */ |
| 436 | |
| 437 | static struct tty_buffer *tty_buffer_find(struct tty_struct *tty, size_t size) |
| 438 | { |
| 439 | struct tty_buffer **tbh = &tty->buf.free; |
| 440 | while ((*tbh) != NULL) { |
| 441 | struct tty_buffer *t = *tbh; |
| 442 | if (t->size >= size) { |
| 443 | *tbh = t->next; |
| 444 | t->next = NULL; |
| 445 | t->used = 0; |
| 446 | t->commit = 0; |
| 447 | t->read = 0; |
| 448 | tty->buf.memory_used += t->size; |
| 449 | return t; |
| 450 | } |
| 451 | tbh = &((*tbh)->next); |
| 452 | } |
| 453 | /* Round the buffer size out */ |
| 454 | size = (size + 0xFF) & ~0xFF; |
| 455 | return tty_buffer_alloc(tty, size); |
| 456 | /* Should possibly check if this fails for the largest buffer we |
| 457 | have queued and recycle that ? */ |
| 458 | } |
| 459 | |
| 460 | /** |
| 461 | * tty_buffer_request_room - grow tty buffer if needed |
| 462 | * @tty: tty structure |
| 463 | * @size: size desired |
| 464 | * |
| 465 | * Make at least size bytes of linear space available for the tty |
| 466 | * buffer. If we fail return the size we managed to find. |
| 467 | * |
| 468 | * Locking: Takes tty->buf.lock |
| 469 | */ |
| 470 | int tty_buffer_request_room(struct tty_struct *tty, size_t size) |
| 471 | { |
| 472 | struct tty_buffer *b, *n; |
| 473 | int left; |
| 474 | unsigned long flags; |
| 475 | |
| 476 | spin_lock_irqsave(&tty->buf.lock, flags); |
| 477 | |
| 478 | /* OPTIMISATION: We could keep a per tty "zero" sized buffer to |
| 479 | remove this conditional if its worth it. This would be invisible |
| 480 | to the callers */ |
| 481 | if ((b = tty->buf.tail) != NULL) |
| 482 | left = b->size - b->used; |
| 483 | else |
| 484 | left = 0; |
| 485 | |
| 486 | if (left < size) { |
| 487 | /* This is the slow path - looking for new buffers to use */ |
| 488 | if ((n = tty_buffer_find(tty, size)) != NULL) { |
| 489 | if (b != NULL) { |
| 490 | b->next = n; |
| 491 | b->commit = b->used; |
| 492 | } else |
| 493 | tty->buf.head = n; |
| 494 | tty->buf.tail = n; |
| 495 | } else |
| 496 | size = left; |
| 497 | } |
| 498 | |
| 499 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 500 | return size; |
| 501 | } |
| 502 | EXPORT_SYMBOL_GPL(tty_buffer_request_room); |
| 503 | |
| 504 | /** |
| 505 | * tty_insert_flip_string - Add characters to the tty buffer |
| 506 | * @tty: tty structure |
| 507 | * @chars: characters |
| 508 | * @size: size |
| 509 | * |
| 510 | * Queue a series of bytes to the tty buffering. All the characters |
| 511 | * passed are marked as without error. Returns the number added. |
| 512 | * |
| 513 | * Locking: Called functions may take tty->buf.lock |
| 514 | */ |
| 515 | |
| 516 | int tty_insert_flip_string(struct tty_struct *tty, const unsigned char *chars, |
| 517 | size_t size) |
| 518 | { |
| 519 | int copied = 0; |
| 520 | do { |
| 521 | int space = tty_buffer_request_room(tty, size - copied); |
| 522 | struct tty_buffer *tb = tty->buf.tail; |
| 523 | /* If there is no space then tb may be NULL */ |
| 524 | if (unlikely(space == 0)) |
| 525 | break; |
| 526 | memcpy(tb->char_buf_ptr + tb->used, chars, space); |
| 527 | memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space); |
| 528 | tb->used += space; |
| 529 | copied += space; |
| 530 | chars += space; |
| 531 | /* There is a small chance that we need to split the data over |
| 532 | several buffers. If this is the case we must loop */ |
| 533 | } while (unlikely(size > copied)); |
| 534 | return copied; |
| 535 | } |
| 536 | EXPORT_SYMBOL(tty_insert_flip_string); |
| 537 | |
| 538 | /** |
| 539 | * tty_insert_flip_string_flags - Add characters to the tty buffer |
| 540 | * @tty: tty structure |
| 541 | * @chars: characters |
| 542 | * @flags: flag bytes |
| 543 | * @size: size |
| 544 | * |
| 545 | * Queue a series of bytes to the tty buffering. For each character |
| 546 | * the flags array indicates the status of the character. Returns the |
| 547 | * number added. |
| 548 | * |
| 549 | * Locking: Called functions may take tty->buf.lock |
| 550 | */ |
| 551 | |
| 552 | int tty_insert_flip_string_flags(struct tty_struct *tty, |
| 553 | const unsigned char *chars, const char *flags, size_t size) |
| 554 | { |
| 555 | int copied = 0; |
| 556 | do { |
| 557 | int space = tty_buffer_request_room(tty, size - copied); |
| 558 | struct tty_buffer *tb = tty->buf.tail; |
| 559 | /* If there is no space then tb may be NULL */ |
| 560 | if (unlikely(space == 0)) |
| 561 | break; |
| 562 | memcpy(tb->char_buf_ptr + tb->used, chars, space); |
| 563 | memcpy(tb->flag_buf_ptr + tb->used, flags, space); |
| 564 | tb->used += space; |
| 565 | copied += space; |
| 566 | chars += space; |
| 567 | flags += space; |
| 568 | /* There is a small chance that we need to split the data over |
| 569 | several buffers. If this is the case we must loop */ |
| 570 | } while (unlikely(size > copied)); |
| 571 | return copied; |
| 572 | } |
| 573 | EXPORT_SYMBOL(tty_insert_flip_string_flags); |
| 574 | |
| 575 | /** |
| 576 | * tty_schedule_flip - push characters to ldisc |
| 577 | * @tty: tty to push from |
| 578 | * |
| 579 | * Takes any pending buffers and transfers their ownership to the |
| 580 | * ldisc side of the queue. It then schedules those characters for |
| 581 | * processing by the line discipline. |
| 582 | * |
| 583 | * Locking: Takes tty->buf.lock |
| 584 | */ |
| 585 | |
| 586 | void tty_schedule_flip(struct tty_struct *tty) |
| 587 | { |
| 588 | unsigned long flags; |
| 589 | spin_lock_irqsave(&tty->buf.lock, flags); |
| 590 | if (tty->buf.tail != NULL) |
| 591 | tty->buf.tail->commit = tty->buf.tail->used; |
| 592 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 593 | schedule_delayed_work(&tty->buf.work, 1); |
| 594 | } |
| 595 | EXPORT_SYMBOL(tty_schedule_flip); |
| 596 | |
| 597 | /** |
| 598 | * tty_prepare_flip_string - make room for characters |
| 599 | * @tty: tty |
| 600 | * @chars: return pointer for character write area |
| 601 | * @size: desired size |
| 602 | * |
| 603 | * Prepare a block of space in the buffer for data. Returns the length |
| 604 | * available and buffer pointer to the space which is now allocated and |
| 605 | * accounted for as ready for normal characters. This is used for drivers |
| 606 | * that need their own block copy routines into the buffer. There is no |
| 607 | * guarantee the buffer is a DMA target! |
| 608 | * |
| 609 | * Locking: May call functions taking tty->buf.lock |
| 610 | */ |
| 611 | |
| 612 | int tty_prepare_flip_string(struct tty_struct *tty, unsigned char **chars, |
| 613 | size_t size) |
| 614 | { |
| 615 | int space = tty_buffer_request_room(tty, size); |
| 616 | if (likely(space)) { |
| 617 | struct tty_buffer *tb = tty->buf.tail; |
| 618 | *chars = tb->char_buf_ptr + tb->used; |
| 619 | memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space); |
| 620 | tb->used += space; |
| 621 | } |
| 622 | return space; |
| 623 | } |
| 624 | |
| 625 | EXPORT_SYMBOL_GPL(tty_prepare_flip_string); |
| 626 | |
| 627 | /** |
| 628 | * tty_prepare_flip_string_flags - make room for characters |
| 629 | * @tty: tty |
| 630 | * @chars: return pointer for character write area |
| 631 | * @flags: return pointer for status flag write area |
| 632 | * @size: desired size |
| 633 | * |
| 634 | * Prepare a block of space in the buffer for data. Returns the length |
| 635 | * available and buffer pointer to the space which is now allocated and |
| 636 | * accounted for as ready for characters. This is used for drivers |
| 637 | * that need their own block copy routines into the buffer. There is no |
| 638 | * guarantee the buffer is a DMA target! |
| 639 | * |
| 640 | * Locking: May call functions taking tty->buf.lock |
| 641 | */ |
| 642 | |
| 643 | int tty_prepare_flip_string_flags(struct tty_struct *tty, |
| 644 | unsigned char **chars, char **flags, size_t size) |
| 645 | { |
| 646 | int space = tty_buffer_request_room(tty, size); |
| 647 | if (likely(space)) { |
| 648 | struct tty_buffer *tb = tty->buf.tail; |
| 649 | *chars = tb->char_buf_ptr + tb->used; |
| 650 | *flags = tb->flag_buf_ptr + tb->used; |
| 651 | tb->used += space; |
| 652 | } |
| 653 | return space; |
| 654 | } |
| 655 | |
| 656 | EXPORT_SYMBOL_GPL(tty_prepare_flip_string_flags); |
| 657 | |
| 658 | |
| 659 | |
| 660 | /** |
| 661 | * tty_set_termios_ldisc - set ldisc field |
| 662 | * @tty: tty structure |
| 663 | * @num: line discipline number |
| 664 | * |
| 665 | * This is probably overkill for real world processors but |
| 666 | * they are not on hot paths so a little discipline won't do |
| 667 | * any harm. |
| 668 | * |
| 669 | * Locking: takes termios_mutex |
| 670 | */ |
| 671 | |
| 672 | static void tty_set_termios_ldisc(struct tty_struct *tty, int num) |
| 673 | { |
| 674 | mutex_lock(&tty->termios_mutex); |
| 675 | tty->termios->c_line = num; |
| 676 | mutex_unlock(&tty->termios_mutex); |
| 677 | } |
| 678 | |
| 679 | /* |
| 680 | * This guards the refcounted line discipline lists. The lock |
| 681 | * must be taken with irqs off because there are hangup path |
| 682 | * callers who will do ldisc lookups and cannot sleep. |
| 683 | */ |
| 684 | |
| 685 | static DEFINE_SPINLOCK(tty_ldisc_lock); |
| 686 | static DECLARE_WAIT_QUEUE_HEAD(tty_ldisc_wait); |
| 687 | /* Line disc dispatch table */ |
| 688 | static struct tty_ldisc tty_ldiscs[NR_LDISCS]; |
| 689 | |
| 690 | /** |
| 691 | * tty_register_ldisc - install a line discipline |
| 692 | * @disc: ldisc number |
| 693 | * @new_ldisc: pointer to the ldisc object |
| 694 | * |
| 695 | * Installs a new line discipline into the kernel. The discipline |
| 696 | * is set up as unreferenced and then made available to the kernel |
| 697 | * from this point onwards. |
| 698 | * |
| 699 | * Locking: |
| 700 | * takes tty_ldisc_lock to guard against ldisc races |
| 701 | */ |
| 702 | |
| 703 | int tty_register_ldisc(int disc, struct tty_ldisc *new_ldisc) |
| 704 | { |
| 705 | unsigned long flags; |
| 706 | int ret = 0; |
| 707 | |
| 708 | if (disc < N_TTY || disc >= NR_LDISCS) |
| 709 | return -EINVAL; |
| 710 | |
| 711 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 712 | tty_ldiscs[disc] = *new_ldisc; |
| 713 | tty_ldiscs[disc].num = disc; |
| 714 | tty_ldiscs[disc].flags |= LDISC_FLAG_DEFINED; |
| 715 | tty_ldiscs[disc].refcount = 0; |
| 716 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 717 | |
| 718 | return ret; |
| 719 | } |
| 720 | EXPORT_SYMBOL(tty_register_ldisc); |
| 721 | |
| 722 | /** |
| 723 | * tty_unregister_ldisc - unload a line discipline |
| 724 | * @disc: ldisc number |
| 725 | * @new_ldisc: pointer to the ldisc object |
| 726 | * |
| 727 | * Remove a line discipline from the kernel providing it is not |
| 728 | * currently in use. |
| 729 | * |
| 730 | * Locking: |
| 731 | * takes tty_ldisc_lock to guard against ldisc races |
| 732 | */ |
| 733 | |
| 734 | int tty_unregister_ldisc(int disc) |
| 735 | { |
| 736 | unsigned long flags; |
| 737 | int ret = 0; |
| 738 | |
| 739 | if (disc < N_TTY || disc >= NR_LDISCS) |
| 740 | return -EINVAL; |
| 741 | |
| 742 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 743 | if (tty_ldiscs[disc].refcount) |
| 744 | ret = -EBUSY; |
| 745 | else |
| 746 | tty_ldiscs[disc].flags &= ~LDISC_FLAG_DEFINED; |
| 747 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 748 | |
| 749 | return ret; |
| 750 | } |
| 751 | EXPORT_SYMBOL(tty_unregister_ldisc); |
| 752 | |
| 753 | /** |
| 754 | * tty_ldisc_get - take a reference to an ldisc |
| 755 | * @disc: ldisc number |
| 756 | * |
| 757 | * Takes a reference to a line discipline. Deals with refcounts and |
| 758 | * module locking counts. Returns NULL if the discipline is not available. |
| 759 | * Returns a pointer to the discipline and bumps the ref count if it is |
| 760 | * available |
| 761 | * |
| 762 | * Locking: |
| 763 | * takes tty_ldisc_lock to guard against ldisc races |
| 764 | */ |
| 765 | |
| 766 | struct tty_ldisc *tty_ldisc_get(int disc) |
| 767 | { |
| 768 | unsigned long flags; |
| 769 | struct tty_ldisc *ld; |
| 770 | |
| 771 | if (disc < N_TTY || disc >= NR_LDISCS) |
| 772 | return NULL; |
| 773 | |
| 774 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 775 | |
| 776 | ld = &tty_ldiscs[disc]; |
| 777 | /* Check the entry is defined */ |
| 778 | if (ld->flags & LDISC_FLAG_DEFINED) { |
| 779 | /* If the module is being unloaded we can't use it */ |
| 780 | if (!try_module_get(ld->owner)) |
| 781 | ld = NULL; |
| 782 | else /* lock it */ |
| 783 | ld->refcount++; |
| 784 | } else |
| 785 | ld = NULL; |
| 786 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 787 | return ld; |
| 788 | } |
| 789 | |
| 790 | EXPORT_SYMBOL_GPL(tty_ldisc_get); |
| 791 | |
| 792 | /** |
| 793 | * tty_ldisc_put - drop ldisc reference |
| 794 | * @disc: ldisc number |
| 795 | * |
| 796 | * Drop a reference to a line discipline. Manage refcounts and |
| 797 | * module usage counts |
| 798 | * |
| 799 | * Locking: |
| 800 | * takes tty_ldisc_lock to guard against ldisc races |
| 801 | */ |
| 802 | |
| 803 | void tty_ldisc_put(int disc) |
| 804 | { |
| 805 | struct tty_ldisc *ld; |
| 806 | unsigned long flags; |
| 807 | |
| 808 | BUG_ON(disc < N_TTY || disc >= NR_LDISCS); |
| 809 | |
| 810 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 811 | ld = &tty_ldiscs[disc]; |
| 812 | BUG_ON(ld->refcount == 0); |
| 813 | ld->refcount--; |
| 814 | module_put(ld->owner); |
| 815 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 816 | } |
| 817 | |
| 818 | EXPORT_SYMBOL_GPL(tty_ldisc_put); |
| 819 | |
| 820 | /** |
| 821 | * tty_ldisc_assign - set ldisc on a tty |
| 822 | * @tty: tty to assign |
| 823 | * @ld: line discipline |
| 824 | * |
| 825 | * Install an instance of a line discipline into a tty structure. The |
| 826 | * ldisc must have a reference count above zero to ensure it remains/ |
| 827 | * The tty instance refcount starts at zero. |
| 828 | * |
| 829 | * Locking: |
| 830 | * Caller must hold references |
| 831 | */ |
| 832 | |
| 833 | static void tty_ldisc_assign(struct tty_struct *tty, struct tty_ldisc *ld) |
| 834 | { |
| 835 | tty->ldisc = *ld; |
| 836 | tty->ldisc.refcount = 0; |
| 837 | } |
| 838 | |
| 839 | /** |
| 840 | * tty_ldisc_try - internal helper |
| 841 | * @tty: the tty |
| 842 | * |
| 843 | * Make a single attempt to grab and bump the refcount on |
| 844 | * the tty ldisc. Return 0 on failure or 1 on success. This is |
| 845 | * used to implement both the waiting and non waiting versions |
| 846 | * of tty_ldisc_ref |
| 847 | * |
| 848 | * Locking: takes tty_ldisc_lock |
| 849 | */ |
| 850 | |
| 851 | static int tty_ldisc_try(struct tty_struct *tty) |
| 852 | { |
| 853 | unsigned long flags; |
| 854 | struct tty_ldisc *ld; |
| 855 | int ret = 0; |
| 856 | |
| 857 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 858 | ld = &tty->ldisc; |
| 859 | if (test_bit(TTY_LDISC, &tty->flags)) { |
| 860 | ld->refcount++; |
| 861 | ret = 1; |
| 862 | } |
| 863 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 864 | return ret; |
| 865 | } |
| 866 | |
| 867 | /** |
| 868 | * tty_ldisc_ref_wait - wait for the tty ldisc |
| 869 | * @tty: tty device |
| 870 | * |
| 871 | * Dereference the line discipline for the terminal and take a |
| 872 | * reference to it. If the line discipline is in flux then |
| 873 | * wait patiently until it changes. |
| 874 | * |
| 875 | * Note: Must not be called from an IRQ/timer context. The caller |
| 876 | * must also be careful not to hold other locks that will deadlock |
| 877 | * against a discipline change, such as an existing ldisc reference |
| 878 | * (which we check for) |
| 879 | * |
| 880 | * Locking: call functions take tty_ldisc_lock |
| 881 | */ |
| 882 | |
| 883 | struct tty_ldisc *tty_ldisc_ref_wait(struct tty_struct *tty) |
| 884 | { |
| 885 | /* wait_event is a macro */ |
| 886 | wait_event(tty_ldisc_wait, tty_ldisc_try(tty)); |
| 887 | if (tty->ldisc.refcount == 0) |
| 888 | printk(KERN_ERR "tty_ldisc_ref_wait\n"); |
| 889 | return &tty->ldisc; |
| 890 | } |
| 891 | |
| 892 | EXPORT_SYMBOL_GPL(tty_ldisc_ref_wait); |
| 893 | |
| 894 | /** |
| 895 | * tty_ldisc_ref - get the tty ldisc |
| 896 | * @tty: tty device |
| 897 | * |
| 898 | * Dereference the line discipline for the terminal and take a |
| 899 | * reference to it. If the line discipline is in flux then |
| 900 | * return NULL. Can be called from IRQ and timer functions. |
| 901 | * |
| 902 | * Locking: called functions take tty_ldisc_lock |
| 903 | */ |
| 904 | |
| 905 | struct tty_ldisc *tty_ldisc_ref(struct tty_struct *tty) |
| 906 | { |
| 907 | if (tty_ldisc_try(tty)) |
| 908 | return &tty->ldisc; |
| 909 | return NULL; |
| 910 | } |
| 911 | |
| 912 | EXPORT_SYMBOL_GPL(tty_ldisc_ref); |
| 913 | |
| 914 | /** |
| 915 | * tty_ldisc_deref - free a tty ldisc reference |
| 916 | * @ld: reference to free up |
| 917 | * |
| 918 | * Undoes the effect of tty_ldisc_ref or tty_ldisc_ref_wait. May |
| 919 | * be called in IRQ context. |
| 920 | * |
| 921 | * Locking: takes tty_ldisc_lock |
| 922 | */ |
| 923 | |
| 924 | void tty_ldisc_deref(struct tty_ldisc *ld) |
| 925 | { |
| 926 | unsigned long flags; |
| 927 | |
| 928 | BUG_ON(ld == NULL); |
| 929 | |
| 930 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 931 | if (ld->refcount == 0) |
| 932 | printk(KERN_ERR "tty_ldisc_deref: no references.\n"); |
| 933 | else |
| 934 | ld->refcount--; |
| 935 | if (ld->refcount == 0) |
| 936 | wake_up(&tty_ldisc_wait); |
| 937 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 938 | } |
| 939 | |
| 940 | EXPORT_SYMBOL_GPL(tty_ldisc_deref); |
| 941 | |
| 942 | /** |
| 943 | * tty_ldisc_enable - allow ldisc use |
| 944 | * @tty: terminal to activate ldisc on |
| 945 | * |
| 946 | * Set the TTY_LDISC flag when the line discipline can be called |
| 947 | * again. Do necessary wakeups for existing sleepers. |
| 948 | * |
| 949 | * Note: nobody should set this bit except via this function. Clearing |
| 950 | * directly is allowed. |
| 951 | */ |
| 952 | |
| 953 | static void tty_ldisc_enable(struct tty_struct *tty) |
| 954 | { |
| 955 | set_bit(TTY_LDISC, &tty->flags); |
| 956 | wake_up(&tty_ldisc_wait); |
| 957 | } |
| 958 | |
| 959 | /** |
| 960 | * tty_set_ldisc - set line discipline |
| 961 | * @tty: the terminal to set |
| 962 | * @ldisc: the line discipline |
| 963 | * |
| 964 | * Set the discipline of a tty line. Must be called from a process |
| 965 | * context. |
| 966 | * |
| 967 | * Locking: takes tty_ldisc_lock. |
| 968 | * called functions take termios_mutex |
| 969 | */ |
| 970 | |
| 971 | static int tty_set_ldisc(struct tty_struct *tty, int ldisc) |
| 972 | { |
| 973 | int retval = 0; |
| 974 | struct tty_ldisc o_ldisc; |
| 975 | char buf[64]; |
| 976 | int work; |
| 977 | unsigned long flags; |
| 978 | struct tty_ldisc *ld; |
| 979 | struct tty_struct *o_tty; |
| 980 | |
| 981 | if ((ldisc < N_TTY) || (ldisc >= NR_LDISCS)) |
| 982 | return -EINVAL; |
| 983 | |
| 984 | restart: |
| 985 | |
| 986 | ld = tty_ldisc_get(ldisc); |
| 987 | /* Eduardo Blanco <ejbs@cs.cs.com.uy> */ |
| 988 | /* Cyrus Durgin <cider@speakeasy.org> */ |
| 989 | if (ld == NULL) { |
| 990 | request_module("tty-ldisc-%d", ldisc); |
| 991 | ld = tty_ldisc_get(ldisc); |
| 992 | } |
| 993 | if (ld == NULL) |
| 994 | return -EINVAL; |
| 995 | |
| 996 | /* |
| 997 | * Problem: What do we do if this blocks ? |
| 998 | */ |
| 999 | |
| 1000 | tty_wait_until_sent(tty, 0); |
| 1001 | |
| 1002 | if (tty->ldisc.num == ldisc) { |
| 1003 | tty_ldisc_put(ldisc); |
| 1004 | return 0; |
| 1005 | } |
| 1006 | |
| 1007 | /* |
| 1008 | * No more input please, we are switching. The new ldisc |
| 1009 | * will update this value in the ldisc open function |
| 1010 | */ |
| 1011 | |
| 1012 | tty->receive_room = 0; |
| 1013 | |
| 1014 | o_ldisc = tty->ldisc; |
| 1015 | o_tty = tty->link; |
| 1016 | |
| 1017 | /* |
| 1018 | * Make sure we don't change while someone holds a |
| 1019 | * reference to the line discipline. The TTY_LDISC bit |
| 1020 | * prevents anyone taking a reference once it is clear. |
| 1021 | * We need the lock to avoid racing reference takers. |
| 1022 | */ |
| 1023 | |
| 1024 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 1025 | if (tty->ldisc.refcount || (o_tty && o_tty->ldisc.refcount)) { |
| 1026 | if (tty->ldisc.refcount) { |
| 1027 | /* Free the new ldisc we grabbed. Must drop the lock |
| 1028 | first. */ |
| 1029 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 1030 | tty_ldisc_put(ldisc); |
| 1031 | /* |
| 1032 | * There are several reasons we may be busy, including |
| 1033 | * random momentary I/O traffic. We must therefore |
| 1034 | * retry. We could distinguish between blocking ops |
| 1035 | * and retries if we made tty_ldisc_wait() smarter. |
| 1036 | * That is up for discussion. |
| 1037 | */ |
| 1038 | if (wait_event_interruptible(tty_ldisc_wait, tty->ldisc.refcount == 0) < 0) |
| 1039 | return -ERESTARTSYS; |
| 1040 | goto restart; |
| 1041 | } |
| 1042 | if (o_tty && o_tty->ldisc.refcount) { |
| 1043 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 1044 | tty_ldisc_put(ldisc); |
| 1045 | if (wait_event_interruptible(tty_ldisc_wait, o_tty->ldisc.refcount == 0) < 0) |
| 1046 | return -ERESTARTSYS; |
| 1047 | goto restart; |
| 1048 | } |
| 1049 | } |
| 1050 | /* |
| 1051 | * If the TTY_LDISC bit is set, then we are racing against |
| 1052 | * another ldisc change |
| 1053 | */ |
| 1054 | if (!test_bit(TTY_LDISC, &tty->flags)) { |
| 1055 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 1056 | tty_ldisc_put(ldisc); |
| 1057 | ld = tty_ldisc_ref_wait(tty); |
| 1058 | tty_ldisc_deref(ld); |
| 1059 | goto restart; |
| 1060 | } |
| 1061 | |
| 1062 | clear_bit(TTY_LDISC, &tty->flags); |
| 1063 | if (o_tty) |
| 1064 | clear_bit(TTY_LDISC, &o_tty->flags); |
| 1065 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 1066 | |
| 1067 | /* |
| 1068 | * From this point on we know nobody has an ldisc |
| 1069 | * usage reference, nor can they obtain one until |
| 1070 | * we say so later on. |
| 1071 | */ |
| 1072 | |
| 1073 | work = cancel_delayed_work(&tty->buf.work); |
| 1074 | /* |
| 1075 | * Wait for ->hangup_work and ->buf.work handlers to terminate |
| 1076 | */ |
| 1077 | flush_scheduled_work(); |
| 1078 | /* Shutdown the current discipline. */ |
| 1079 | if (tty->ldisc.close) |
| 1080 | (tty->ldisc.close)(tty); |
| 1081 | |
| 1082 | /* Now set up the new line discipline. */ |
| 1083 | tty_ldisc_assign(tty, ld); |
| 1084 | tty_set_termios_ldisc(tty, ldisc); |
| 1085 | if (tty->ldisc.open) |
| 1086 | retval = (tty->ldisc.open)(tty); |
| 1087 | if (retval < 0) { |
| 1088 | tty_ldisc_put(ldisc); |
| 1089 | /* There is an outstanding reference here so this is safe */ |
| 1090 | tty_ldisc_assign(tty, tty_ldisc_get(o_ldisc.num)); |
| 1091 | tty_set_termios_ldisc(tty, tty->ldisc.num); |
| 1092 | if (tty->ldisc.open && (tty->ldisc.open(tty) < 0)) { |
| 1093 | tty_ldisc_put(o_ldisc.num); |
| 1094 | /* This driver is always present */ |
| 1095 | tty_ldisc_assign(tty, tty_ldisc_get(N_TTY)); |
| 1096 | tty_set_termios_ldisc(tty, N_TTY); |
| 1097 | if (tty->ldisc.open) { |
| 1098 | int r = tty->ldisc.open(tty); |
| 1099 | |
| 1100 | if (r < 0) |
| 1101 | panic("Couldn't open N_TTY ldisc for " |
| 1102 | "%s --- error %d.", |
| 1103 | tty_name(tty, buf), r); |
| 1104 | } |
| 1105 | } |
| 1106 | } |
| 1107 | /* At this point we hold a reference to the new ldisc and a |
| 1108 | a reference to the old ldisc. If we ended up flipping back |
| 1109 | to the existing ldisc we have two references to it */ |
| 1110 | |
| 1111 | if (tty->ldisc.num != o_ldisc.num && tty->ops->set_ldisc) |
| 1112 | tty->ops->set_ldisc(tty); |
| 1113 | |
| 1114 | tty_ldisc_put(o_ldisc.num); |
| 1115 | |
| 1116 | /* |
| 1117 | * Allow ldisc referencing to occur as soon as the driver |
| 1118 | * ldisc callback completes. |
| 1119 | */ |
| 1120 | |
| 1121 | tty_ldisc_enable(tty); |
| 1122 | if (o_tty) |
| 1123 | tty_ldisc_enable(o_tty); |
| 1124 | |
| 1125 | /* Restart it in case no characters kick it off. Safe if |
| 1126 | already running */ |
| 1127 | if (work) |
| 1128 | schedule_delayed_work(&tty->buf.work, 1); |
| 1129 | return retval; |
| 1130 | } |
| 1131 | |
| 1132 | /** |
| 1133 | * get_tty_driver - find device of a tty |
| 1134 | * @dev_t: device identifier |
| 1135 | * @index: returns the index of the tty |
| 1136 | * |
| 1137 | * This routine returns a tty driver structure, given a device number |
| 1138 | * and also passes back the index number. |
| 1139 | * |
| 1140 | * Locking: caller must hold tty_mutex |
| 1141 | */ |
| 1142 | |
| 1143 | static struct tty_driver *get_tty_driver(dev_t device, int *index) |
| 1144 | { |
| 1145 | struct tty_driver *p; |
| 1146 | |
| 1147 | list_for_each_entry(p, &tty_drivers, tty_drivers) { |
| 1148 | dev_t base = MKDEV(p->major, p->minor_start); |
| 1149 | if (device < base || device >= base + p->num) |
| 1150 | continue; |
| 1151 | *index = device - base; |
| 1152 | return p; |
| 1153 | } |
| 1154 | return NULL; |
| 1155 | } |
| 1156 | |
| 1157 | #ifdef CONFIG_CONSOLE_POLL |
| 1158 | |
| 1159 | /** |
| 1160 | * tty_find_polling_driver - find device of a polled tty |
| 1161 | * @name: name string to match |
| 1162 | * @line: pointer to resulting tty line nr |
| 1163 | * |
| 1164 | * This routine returns a tty driver structure, given a name |
| 1165 | * and the condition that the tty driver is capable of polled |
| 1166 | * operation. |
| 1167 | */ |
| 1168 | struct tty_driver *tty_find_polling_driver(char *name, int *line) |
| 1169 | { |
| 1170 | struct tty_driver *p, *res = NULL; |
| 1171 | int tty_line = 0; |
| 1172 | char *str; |
| 1173 | |
| 1174 | mutex_lock(&tty_mutex); |
| 1175 | /* Search through the tty devices to look for a match */ |
| 1176 | list_for_each_entry(p, &tty_drivers, tty_drivers) { |
| 1177 | str = name + strlen(p->name); |
| 1178 | tty_line = simple_strtoul(str, &str, 10); |
| 1179 | if (*str == ',') |
| 1180 | str++; |
| 1181 | if (*str == '\0') |
| 1182 | str = NULL; |
| 1183 | |
| 1184 | if (tty_line >= 0 && tty_line <= p->num && p->ops && |
| 1185 | p->ops->poll_init && !p->ops->poll_init(p, tty_line, str)) { |
| 1186 | res = p; |
| 1187 | *line = tty_line; |
| 1188 | break; |
| 1189 | } |
| 1190 | } |
| 1191 | mutex_unlock(&tty_mutex); |
| 1192 | |
| 1193 | return res; |
| 1194 | } |
| 1195 | EXPORT_SYMBOL_GPL(tty_find_polling_driver); |
| 1196 | #endif |
| 1197 | |
| 1198 | /** |
| 1199 | * tty_check_change - check for POSIX terminal changes |
| 1200 | * @tty: tty to check |
| 1201 | * |
| 1202 | * If we try to write to, or set the state of, a terminal and we're |
| 1203 | * not in the foreground, send a SIGTTOU. If the signal is blocked or |
| 1204 | * ignored, go ahead and perform the operation. (POSIX 7.2) |
| 1205 | * |
| 1206 | * Locking: ctrl_lock |
| 1207 | */ |
| 1208 | |
| 1209 | int tty_check_change(struct tty_struct *tty) |
| 1210 | { |
| 1211 | unsigned long flags; |
| 1212 | int ret = 0; |
| 1213 | |
| 1214 | if (current->signal->tty != tty) |
| 1215 | return 0; |
| 1216 | |
| 1217 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 1218 | |
| 1219 | if (!tty->pgrp) { |
| 1220 | printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); |
| 1221 | goto out; |
| 1222 | } |
| 1223 | if (task_pgrp(current) == tty->pgrp) |
| 1224 | goto out; |
| 1225 | if (is_ignored(SIGTTOU)) |
| 1226 | goto out; |
| 1227 | if (is_current_pgrp_orphaned()) { |
| 1228 | ret = -EIO; |
| 1229 | goto out; |
| 1230 | } |
| 1231 | kill_pgrp(task_pgrp(current), SIGTTOU, 1); |
| 1232 | set_thread_flag(TIF_SIGPENDING); |
| 1233 | ret = -ERESTARTSYS; |
| 1234 | out: |
| 1235 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1236 | return ret; |
| 1237 | } |
| 1238 | |
| 1239 | EXPORT_SYMBOL(tty_check_change); |
| 1240 | |
| 1241 | static ssize_t hung_up_tty_read(struct file *file, char __user *buf, |
| 1242 | size_t count, loff_t *ppos) |
| 1243 | { |
| 1244 | return 0; |
| 1245 | } |
| 1246 | |
| 1247 | static ssize_t hung_up_tty_write(struct file *file, const char __user *buf, |
| 1248 | size_t count, loff_t *ppos) |
| 1249 | { |
| 1250 | return -EIO; |
| 1251 | } |
| 1252 | |
| 1253 | /* No kernel lock held - none needed ;) */ |
| 1254 | static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait) |
| 1255 | { |
| 1256 | return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; |
| 1257 | } |
| 1258 | |
| 1259 | static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, |
| 1260 | unsigned long arg) |
| 1261 | { |
| 1262 | return cmd == TIOCSPGRP ? -ENOTTY : -EIO; |
| 1263 | } |
| 1264 | |
| 1265 | static long hung_up_tty_compat_ioctl(struct file *file, |
| 1266 | unsigned int cmd, unsigned long arg) |
| 1267 | { |
| 1268 | return cmd == TIOCSPGRP ? -ENOTTY : -EIO; |
| 1269 | } |
| 1270 | |
| 1271 | static const struct file_operations tty_fops = { |
| 1272 | .llseek = no_llseek, |
| 1273 | .read = tty_read, |
| 1274 | .write = tty_write, |
| 1275 | .poll = tty_poll, |
| 1276 | .unlocked_ioctl = tty_ioctl, |
| 1277 | .compat_ioctl = tty_compat_ioctl, |
| 1278 | .open = tty_open, |
| 1279 | .release = tty_release, |
| 1280 | .fasync = tty_fasync, |
| 1281 | }; |
| 1282 | |
| 1283 | #ifdef CONFIG_UNIX98_PTYS |
| 1284 | static const struct file_operations ptmx_fops = { |
| 1285 | .llseek = no_llseek, |
| 1286 | .read = tty_read, |
| 1287 | .write = tty_write, |
| 1288 | .poll = tty_poll, |
| 1289 | .unlocked_ioctl = tty_ioctl, |
| 1290 | .compat_ioctl = tty_compat_ioctl, |
| 1291 | .open = ptmx_open, |
| 1292 | .release = tty_release, |
| 1293 | .fasync = tty_fasync, |
| 1294 | }; |
| 1295 | #endif |
| 1296 | |
| 1297 | static const struct file_operations console_fops = { |
| 1298 | .llseek = no_llseek, |
| 1299 | .read = tty_read, |
| 1300 | .write = redirected_tty_write, |
| 1301 | .poll = tty_poll, |
| 1302 | .unlocked_ioctl = tty_ioctl, |
| 1303 | .compat_ioctl = tty_compat_ioctl, |
| 1304 | .open = tty_open, |
| 1305 | .release = tty_release, |
| 1306 | .fasync = tty_fasync, |
| 1307 | }; |
| 1308 | |
| 1309 | static const struct file_operations hung_up_tty_fops = { |
| 1310 | .llseek = no_llseek, |
| 1311 | .read = hung_up_tty_read, |
| 1312 | .write = hung_up_tty_write, |
| 1313 | .poll = hung_up_tty_poll, |
| 1314 | .unlocked_ioctl = hung_up_tty_ioctl, |
| 1315 | .compat_ioctl = hung_up_tty_compat_ioctl, |
| 1316 | .release = tty_release, |
| 1317 | }; |
| 1318 | |
| 1319 | static DEFINE_SPINLOCK(redirect_lock); |
| 1320 | static struct file *redirect; |
| 1321 | |
| 1322 | /** |
| 1323 | * tty_wakeup - request more data |
| 1324 | * @tty: terminal |
| 1325 | * |
| 1326 | * Internal and external helper for wakeups of tty. This function |
| 1327 | * informs the line discipline if present that the driver is ready |
| 1328 | * to receive more output data. |
| 1329 | */ |
| 1330 | |
| 1331 | void tty_wakeup(struct tty_struct *tty) |
| 1332 | { |
| 1333 | struct tty_ldisc *ld; |
| 1334 | |
| 1335 | if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { |
| 1336 | ld = tty_ldisc_ref(tty); |
| 1337 | if (ld) { |
| 1338 | if (ld->write_wakeup) |
| 1339 | ld->write_wakeup(tty); |
| 1340 | tty_ldisc_deref(ld); |
| 1341 | } |
| 1342 | } |
| 1343 | wake_up_interruptible(&tty->write_wait); |
| 1344 | } |
| 1345 | |
| 1346 | EXPORT_SYMBOL_GPL(tty_wakeup); |
| 1347 | |
| 1348 | /** |
| 1349 | * tty_ldisc_flush - flush line discipline queue |
| 1350 | * @tty: tty |
| 1351 | * |
| 1352 | * Flush the line discipline queue (if any) for this tty. If there |
| 1353 | * is no line discipline active this is a no-op. |
| 1354 | */ |
| 1355 | |
| 1356 | void tty_ldisc_flush(struct tty_struct *tty) |
| 1357 | { |
| 1358 | struct tty_ldisc *ld = tty_ldisc_ref(tty); |
| 1359 | if (ld) { |
| 1360 | if (ld->flush_buffer) |
| 1361 | ld->flush_buffer(tty); |
| 1362 | tty_ldisc_deref(ld); |
| 1363 | } |
| 1364 | tty_buffer_flush(tty); |
| 1365 | } |
| 1366 | |
| 1367 | EXPORT_SYMBOL_GPL(tty_ldisc_flush); |
| 1368 | |
| 1369 | /** |
| 1370 | * tty_reset_termios - reset terminal state |
| 1371 | * @tty: tty to reset |
| 1372 | * |
| 1373 | * Restore a terminal to the driver default state |
| 1374 | */ |
| 1375 | |
| 1376 | static void tty_reset_termios(struct tty_struct *tty) |
| 1377 | { |
| 1378 | mutex_lock(&tty->termios_mutex); |
| 1379 | *tty->termios = tty->driver->init_termios; |
| 1380 | tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); |
| 1381 | tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); |
| 1382 | mutex_unlock(&tty->termios_mutex); |
| 1383 | } |
| 1384 | |
| 1385 | /** |
| 1386 | * do_tty_hangup - actual handler for hangup events |
| 1387 | * @work: tty device |
| 1388 | * |
| 1389 | * This can be called by the "eventd" kernel thread. That is process |
| 1390 | * synchronous but doesn't hold any locks, so we need to make sure we |
| 1391 | * have the appropriate locks for what we're doing. |
| 1392 | * |
| 1393 | * The hangup event clears any pending redirections onto the hung up |
| 1394 | * device. It ensures future writes will error and it does the needed |
| 1395 | * line discipline hangup and signal delivery. The tty object itself |
| 1396 | * remains intact. |
| 1397 | * |
| 1398 | * Locking: |
| 1399 | * BKL |
| 1400 | * redirect lock for undoing redirection |
| 1401 | * file list lock for manipulating list of ttys |
| 1402 | * tty_ldisc_lock from called functions |
| 1403 | * termios_mutex resetting termios data |
| 1404 | * tasklist_lock to walk task list for hangup event |
| 1405 | * ->siglock to protect ->signal/->sighand |
| 1406 | */ |
| 1407 | static void do_tty_hangup(struct work_struct *work) |
| 1408 | { |
| 1409 | struct tty_struct *tty = |
| 1410 | container_of(work, struct tty_struct, hangup_work); |
| 1411 | struct file *cons_filp = NULL; |
| 1412 | struct file *filp, *f = NULL; |
| 1413 | struct task_struct *p; |
| 1414 | struct tty_ldisc *ld; |
| 1415 | int closecount = 0, n; |
| 1416 | unsigned long flags; |
| 1417 | |
| 1418 | if (!tty) |
| 1419 | return; |
| 1420 | |
| 1421 | /* inuse_filps is protected by the single kernel lock */ |
| 1422 | lock_kernel(); |
| 1423 | |
| 1424 | spin_lock(&redirect_lock); |
| 1425 | if (redirect && redirect->private_data == tty) { |
| 1426 | f = redirect; |
| 1427 | redirect = NULL; |
| 1428 | } |
| 1429 | spin_unlock(&redirect_lock); |
| 1430 | |
| 1431 | check_tty_count(tty, "do_tty_hangup"); |
| 1432 | file_list_lock(); |
| 1433 | /* This breaks for file handles being sent over AF_UNIX sockets ? */ |
| 1434 | list_for_each_entry(filp, &tty->tty_files, f_u.fu_list) { |
| 1435 | if (filp->f_op->write == redirected_tty_write) |
| 1436 | cons_filp = filp; |
| 1437 | if (filp->f_op->write != tty_write) |
| 1438 | continue; |
| 1439 | closecount++; |
| 1440 | tty_fasync(-1, filp, 0); /* can't block */ |
| 1441 | filp->f_op = &hung_up_tty_fops; |
| 1442 | } |
| 1443 | file_list_unlock(); |
| 1444 | /* |
| 1445 | * FIXME! What are the locking issues here? This may me overdoing |
| 1446 | * things... This question is especially important now that we've |
| 1447 | * removed the irqlock. |
| 1448 | */ |
| 1449 | ld = tty_ldisc_ref(tty); |
| 1450 | if (ld != NULL) { |
| 1451 | /* We may have no line discipline at this point */ |
| 1452 | if (ld->flush_buffer) |
| 1453 | ld->flush_buffer(tty); |
| 1454 | tty_driver_flush_buffer(tty); |
| 1455 | if ((test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) && |
| 1456 | ld->write_wakeup) |
| 1457 | ld->write_wakeup(tty); |
| 1458 | if (ld->hangup) |
| 1459 | ld->hangup(tty); |
| 1460 | } |
| 1461 | /* |
| 1462 | * FIXME: Once we trust the LDISC code better we can wait here for |
| 1463 | * ldisc completion and fix the driver call race |
| 1464 | */ |
| 1465 | wake_up_interruptible(&tty->write_wait); |
| 1466 | wake_up_interruptible(&tty->read_wait); |
| 1467 | /* |
| 1468 | * Shutdown the current line discipline, and reset it to |
| 1469 | * N_TTY. |
| 1470 | */ |
| 1471 | if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) |
| 1472 | tty_reset_termios(tty); |
| 1473 | /* Defer ldisc switch */ |
| 1474 | /* tty_deferred_ldisc_switch(N_TTY); |
| 1475 | |
| 1476 | This should get done automatically when the port closes and |
| 1477 | tty_release is called */ |
| 1478 | |
| 1479 | read_lock(&tasklist_lock); |
| 1480 | if (tty->session) { |
| 1481 | do_each_pid_task(tty->session, PIDTYPE_SID, p) { |
| 1482 | spin_lock_irq(&p->sighand->siglock); |
| 1483 | if (p->signal->tty == tty) |
| 1484 | p->signal->tty = NULL; |
| 1485 | if (!p->signal->leader) { |
| 1486 | spin_unlock_irq(&p->sighand->siglock); |
| 1487 | continue; |
| 1488 | } |
| 1489 | __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); |
| 1490 | __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); |
| 1491 | put_pid(p->signal->tty_old_pgrp); /* A noop */ |
| 1492 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 1493 | if (tty->pgrp) |
| 1494 | p->signal->tty_old_pgrp = get_pid(tty->pgrp); |
| 1495 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1496 | spin_unlock_irq(&p->sighand->siglock); |
| 1497 | } while_each_pid_task(tty->session, PIDTYPE_SID, p); |
| 1498 | } |
| 1499 | read_unlock(&tasklist_lock); |
| 1500 | |
| 1501 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 1502 | tty->flags = 0; |
| 1503 | put_pid(tty->session); |
| 1504 | put_pid(tty->pgrp); |
| 1505 | tty->session = NULL; |
| 1506 | tty->pgrp = NULL; |
| 1507 | tty->ctrl_status = 0; |
| 1508 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1509 | |
| 1510 | /* |
| 1511 | * If one of the devices matches a console pointer, we |
| 1512 | * cannot just call hangup() because that will cause |
| 1513 | * tty->count and state->count to go out of sync. |
| 1514 | * So we just call close() the right number of times. |
| 1515 | */ |
| 1516 | if (cons_filp) { |
| 1517 | if (tty->ops->close) |
| 1518 | for (n = 0; n < closecount; n++) |
| 1519 | tty->ops->close(tty, cons_filp); |
| 1520 | } else if (tty->ops->hangup) |
| 1521 | (tty->ops->hangup)(tty); |
| 1522 | /* |
| 1523 | * We don't want to have driver/ldisc interactions beyond |
| 1524 | * the ones we did here. The driver layer expects no |
| 1525 | * calls after ->hangup() from the ldisc side. However we |
| 1526 | * can't yet guarantee all that. |
| 1527 | */ |
| 1528 | set_bit(TTY_HUPPED, &tty->flags); |
| 1529 | if (ld) { |
| 1530 | tty_ldisc_enable(tty); |
| 1531 | tty_ldisc_deref(ld); |
| 1532 | } |
| 1533 | unlock_kernel(); |
| 1534 | if (f) |
| 1535 | fput(f); |
| 1536 | } |
| 1537 | |
| 1538 | /** |
| 1539 | * tty_hangup - trigger a hangup event |
| 1540 | * @tty: tty to hangup |
| 1541 | * |
| 1542 | * A carrier loss (virtual or otherwise) has occurred on this like |
| 1543 | * schedule a hangup sequence to run after this event. |
| 1544 | */ |
| 1545 | |
| 1546 | void tty_hangup(struct tty_struct *tty) |
| 1547 | { |
| 1548 | #ifdef TTY_DEBUG_HANGUP |
| 1549 | char buf[64]; |
| 1550 | printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); |
| 1551 | #endif |
| 1552 | schedule_work(&tty->hangup_work); |
| 1553 | } |
| 1554 | |
| 1555 | EXPORT_SYMBOL(tty_hangup); |
| 1556 | |
| 1557 | /** |
| 1558 | * tty_vhangup - process vhangup |
| 1559 | * @tty: tty to hangup |
| 1560 | * |
| 1561 | * The user has asked via system call for the terminal to be hung up. |
| 1562 | * We do this synchronously so that when the syscall returns the process |
| 1563 | * is complete. That guarantee is necessary for security reasons. |
| 1564 | */ |
| 1565 | |
| 1566 | void tty_vhangup(struct tty_struct *tty) |
| 1567 | { |
| 1568 | #ifdef TTY_DEBUG_HANGUP |
| 1569 | char buf[64]; |
| 1570 | |
| 1571 | printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); |
| 1572 | #endif |
| 1573 | do_tty_hangup(&tty->hangup_work); |
| 1574 | } |
| 1575 | |
| 1576 | EXPORT_SYMBOL(tty_vhangup); |
| 1577 | |
| 1578 | /** |
| 1579 | * tty_hung_up_p - was tty hung up |
| 1580 | * @filp: file pointer of tty |
| 1581 | * |
| 1582 | * Return true if the tty has been subject to a vhangup or a carrier |
| 1583 | * loss |
| 1584 | */ |
| 1585 | |
| 1586 | int tty_hung_up_p(struct file *filp) |
| 1587 | { |
| 1588 | return (filp->f_op == &hung_up_tty_fops); |
| 1589 | } |
| 1590 | |
| 1591 | EXPORT_SYMBOL(tty_hung_up_p); |
| 1592 | |
| 1593 | /** |
| 1594 | * is_tty - checker whether file is a TTY |
| 1595 | * @filp: file handle that may be a tty |
| 1596 | * |
| 1597 | * Check if the file handle is a tty handle. |
| 1598 | */ |
| 1599 | |
| 1600 | int is_tty(struct file *filp) |
| 1601 | { |
| 1602 | return filp->f_op->read == tty_read |
| 1603 | || filp->f_op->read == hung_up_tty_read; |
| 1604 | } |
| 1605 | |
| 1606 | static void session_clear_tty(struct pid *session) |
| 1607 | { |
| 1608 | struct task_struct *p; |
| 1609 | do_each_pid_task(session, PIDTYPE_SID, p) { |
| 1610 | proc_clear_tty(p); |
| 1611 | } while_each_pid_task(session, PIDTYPE_SID, p); |
| 1612 | } |
| 1613 | |
| 1614 | /** |
| 1615 | * disassociate_ctty - disconnect controlling tty |
| 1616 | * @on_exit: true if exiting so need to "hang up" the session |
| 1617 | * |
| 1618 | * This function is typically called only by the session leader, when |
| 1619 | * it wants to disassociate itself from its controlling tty. |
| 1620 | * |
| 1621 | * It performs the following functions: |
| 1622 | * (1) Sends a SIGHUP and SIGCONT to the foreground process group |
| 1623 | * (2) Clears the tty from being controlling the session |
| 1624 | * (3) Clears the controlling tty for all processes in the |
| 1625 | * session group. |
| 1626 | * |
| 1627 | * The argument on_exit is set to 1 if called when a process is |
| 1628 | * exiting; it is 0 if called by the ioctl TIOCNOTTY. |
| 1629 | * |
| 1630 | * Locking: |
| 1631 | * BKL is taken for hysterical raisins |
| 1632 | * tty_mutex is taken to protect tty |
| 1633 | * ->siglock is taken to protect ->signal/->sighand |
| 1634 | * tasklist_lock is taken to walk process list for sessions |
| 1635 | * ->siglock is taken to protect ->signal/->sighand |
| 1636 | */ |
| 1637 | |
| 1638 | void disassociate_ctty(int on_exit) |
| 1639 | { |
| 1640 | struct tty_struct *tty; |
| 1641 | struct pid *tty_pgrp = NULL; |
| 1642 | |
| 1643 | |
| 1644 | mutex_lock(&tty_mutex); |
| 1645 | tty = get_current_tty(); |
| 1646 | if (tty) { |
| 1647 | tty_pgrp = get_pid(tty->pgrp); |
| 1648 | mutex_unlock(&tty_mutex); |
| 1649 | lock_kernel(); |
| 1650 | /* XXX: here we race, there is nothing protecting tty */ |
| 1651 | if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) |
| 1652 | tty_vhangup(tty); |
| 1653 | unlock_kernel(); |
| 1654 | } else if (on_exit) { |
| 1655 | struct pid *old_pgrp; |
| 1656 | spin_lock_irq(¤t->sighand->siglock); |
| 1657 | old_pgrp = current->signal->tty_old_pgrp; |
| 1658 | current->signal->tty_old_pgrp = NULL; |
| 1659 | spin_unlock_irq(¤t->sighand->siglock); |
| 1660 | if (old_pgrp) { |
| 1661 | kill_pgrp(old_pgrp, SIGHUP, on_exit); |
| 1662 | kill_pgrp(old_pgrp, SIGCONT, on_exit); |
| 1663 | put_pid(old_pgrp); |
| 1664 | } |
| 1665 | mutex_unlock(&tty_mutex); |
| 1666 | return; |
| 1667 | } |
| 1668 | if (tty_pgrp) { |
| 1669 | kill_pgrp(tty_pgrp, SIGHUP, on_exit); |
| 1670 | if (!on_exit) |
| 1671 | kill_pgrp(tty_pgrp, SIGCONT, on_exit); |
| 1672 | put_pid(tty_pgrp); |
| 1673 | } |
| 1674 | |
| 1675 | spin_lock_irq(¤t->sighand->siglock); |
| 1676 | put_pid(current->signal->tty_old_pgrp); |
| 1677 | current->signal->tty_old_pgrp = NULL; |
| 1678 | spin_unlock_irq(¤t->sighand->siglock); |
| 1679 | |
| 1680 | mutex_lock(&tty_mutex); |
| 1681 | /* It is possible that do_tty_hangup has free'd this tty */ |
| 1682 | tty = get_current_tty(); |
| 1683 | if (tty) { |
| 1684 | unsigned long flags; |
| 1685 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 1686 | put_pid(tty->session); |
| 1687 | put_pid(tty->pgrp); |
| 1688 | tty->session = NULL; |
| 1689 | tty->pgrp = NULL; |
| 1690 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1691 | } else { |
| 1692 | #ifdef TTY_DEBUG_HANGUP |
| 1693 | printk(KERN_DEBUG "error attempted to write to tty [0x%p]" |
| 1694 | " = NULL", tty); |
| 1695 | #endif |
| 1696 | } |
| 1697 | mutex_unlock(&tty_mutex); |
| 1698 | |
| 1699 | /* Now clear signal->tty under the lock */ |
| 1700 | read_lock(&tasklist_lock); |
| 1701 | session_clear_tty(task_session(current)); |
| 1702 | read_unlock(&tasklist_lock); |
| 1703 | } |
| 1704 | |
| 1705 | /** |
| 1706 | * |
| 1707 | * no_tty - Ensure the current process does not have a controlling tty |
| 1708 | */ |
| 1709 | void no_tty(void) |
| 1710 | { |
| 1711 | struct task_struct *tsk = current; |
| 1712 | lock_kernel(); |
| 1713 | if (tsk->signal->leader) |
| 1714 | disassociate_ctty(0); |
| 1715 | unlock_kernel(); |
| 1716 | proc_clear_tty(tsk); |
| 1717 | } |
| 1718 | |
| 1719 | |
| 1720 | /** |
| 1721 | * stop_tty - propagate flow control |
| 1722 | * @tty: tty to stop |
| 1723 | * |
| 1724 | * Perform flow control to the driver. For PTY/TTY pairs we |
| 1725 | * must also propagate the TIOCKPKT status. May be called |
| 1726 | * on an already stopped device and will not re-call the driver |
| 1727 | * method. |
| 1728 | * |
| 1729 | * This functionality is used by both the line disciplines for |
| 1730 | * halting incoming flow and by the driver. It may therefore be |
| 1731 | * called from any context, may be under the tty atomic_write_lock |
| 1732 | * but not always. |
| 1733 | * |
| 1734 | * Locking: |
| 1735 | * Uses the tty control lock internally |
| 1736 | */ |
| 1737 | |
| 1738 | void stop_tty(struct tty_struct *tty) |
| 1739 | { |
| 1740 | unsigned long flags; |
| 1741 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 1742 | if (tty->stopped) { |
| 1743 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1744 | return; |
| 1745 | } |
| 1746 | tty->stopped = 1; |
| 1747 | if (tty->link && tty->link->packet) { |
| 1748 | tty->ctrl_status &= ~TIOCPKT_START; |
| 1749 | tty->ctrl_status |= TIOCPKT_STOP; |
| 1750 | wake_up_interruptible(&tty->link->read_wait); |
| 1751 | } |
| 1752 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1753 | if (tty->ops->stop) |
| 1754 | (tty->ops->stop)(tty); |
| 1755 | } |
| 1756 | |
| 1757 | EXPORT_SYMBOL(stop_tty); |
| 1758 | |
| 1759 | /** |
| 1760 | * start_tty - propagate flow control |
| 1761 | * @tty: tty to start |
| 1762 | * |
| 1763 | * Start a tty that has been stopped if at all possible. Perform |
| 1764 | * any necessary wakeups and propagate the TIOCPKT status. If this |
| 1765 | * is the tty was previous stopped and is being started then the |
| 1766 | * driver start method is invoked and the line discipline woken. |
| 1767 | * |
| 1768 | * Locking: |
| 1769 | * ctrl_lock |
| 1770 | */ |
| 1771 | |
| 1772 | void start_tty(struct tty_struct *tty) |
| 1773 | { |
| 1774 | unsigned long flags; |
| 1775 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 1776 | if (!tty->stopped || tty->flow_stopped) { |
| 1777 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1778 | return; |
| 1779 | } |
| 1780 | tty->stopped = 0; |
| 1781 | if (tty->link && tty->link->packet) { |
| 1782 | tty->ctrl_status &= ~TIOCPKT_STOP; |
| 1783 | tty->ctrl_status |= TIOCPKT_START; |
| 1784 | wake_up_interruptible(&tty->link->read_wait); |
| 1785 | } |
| 1786 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 1787 | if (tty->ops->start) |
| 1788 | (tty->ops->start)(tty); |
| 1789 | /* If we have a running line discipline it may need kicking */ |
| 1790 | tty_wakeup(tty); |
| 1791 | } |
| 1792 | |
| 1793 | EXPORT_SYMBOL(start_tty); |
| 1794 | |
| 1795 | /** |
| 1796 | * tty_read - read method for tty device files |
| 1797 | * @file: pointer to tty file |
| 1798 | * @buf: user buffer |
| 1799 | * @count: size of user buffer |
| 1800 | * @ppos: unused |
| 1801 | * |
| 1802 | * Perform the read system call function on this terminal device. Checks |
| 1803 | * for hung up devices before calling the line discipline method. |
| 1804 | * |
| 1805 | * Locking: |
| 1806 | * Locks the line discipline internally while needed. Multiple |
| 1807 | * read calls may be outstanding in parallel. |
| 1808 | */ |
| 1809 | |
| 1810 | static ssize_t tty_read(struct file *file, char __user *buf, size_t count, |
| 1811 | loff_t *ppos) |
| 1812 | { |
| 1813 | int i; |
| 1814 | struct tty_struct *tty; |
| 1815 | struct inode *inode; |
| 1816 | struct tty_ldisc *ld; |
| 1817 | |
| 1818 | tty = (struct tty_struct *)file->private_data; |
| 1819 | inode = file->f_path.dentry->d_inode; |
| 1820 | if (tty_paranoia_check(tty, inode, "tty_read")) |
| 1821 | return -EIO; |
| 1822 | if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) |
| 1823 | return -EIO; |
| 1824 | |
| 1825 | /* We want to wait for the line discipline to sort out in this |
| 1826 | situation */ |
| 1827 | ld = tty_ldisc_ref_wait(tty); |
| 1828 | if (ld->read) |
| 1829 | i = (ld->read)(tty, file, buf, count); |
| 1830 | else |
| 1831 | i = -EIO; |
| 1832 | tty_ldisc_deref(ld); |
| 1833 | if (i > 0) |
| 1834 | inode->i_atime = current_fs_time(inode->i_sb); |
| 1835 | return i; |
| 1836 | } |
| 1837 | |
| 1838 | void tty_write_unlock(struct tty_struct *tty) |
| 1839 | { |
| 1840 | mutex_unlock(&tty->atomic_write_lock); |
| 1841 | wake_up_interruptible(&tty->write_wait); |
| 1842 | } |
| 1843 | |
| 1844 | int tty_write_lock(struct tty_struct *tty, int ndelay) |
| 1845 | { |
| 1846 | if (!mutex_trylock(&tty->atomic_write_lock)) { |
| 1847 | if (ndelay) |
| 1848 | return -EAGAIN; |
| 1849 | if (mutex_lock_interruptible(&tty->atomic_write_lock)) |
| 1850 | return -ERESTARTSYS; |
| 1851 | } |
| 1852 | return 0; |
| 1853 | } |
| 1854 | |
| 1855 | /* |
| 1856 | * Split writes up in sane blocksizes to avoid |
| 1857 | * denial-of-service type attacks |
| 1858 | */ |
| 1859 | static inline ssize_t do_tty_write( |
| 1860 | ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), |
| 1861 | struct tty_struct *tty, |
| 1862 | struct file *file, |
| 1863 | const char __user *buf, |
| 1864 | size_t count) |
| 1865 | { |
| 1866 | ssize_t ret, written = 0; |
| 1867 | unsigned int chunk; |
| 1868 | |
| 1869 | ret = tty_write_lock(tty, file->f_flags & O_NDELAY); |
| 1870 | if (ret < 0) |
| 1871 | return ret; |
| 1872 | |
| 1873 | /* |
| 1874 | * We chunk up writes into a temporary buffer. This |
| 1875 | * simplifies low-level drivers immensely, since they |
| 1876 | * don't have locking issues and user mode accesses. |
| 1877 | * |
| 1878 | * But if TTY_NO_WRITE_SPLIT is set, we should use a |
| 1879 | * big chunk-size.. |
| 1880 | * |
| 1881 | * The default chunk-size is 2kB, because the NTTY |
| 1882 | * layer has problems with bigger chunks. It will |
| 1883 | * claim to be able to handle more characters than |
| 1884 | * it actually does. |
| 1885 | * |
| 1886 | * FIXME: This can probably go away now except that 64K chunks |
| 1887 | * are too likely to fail unless switched to vmalloc... |
| 1888 | */ |
| 1889 | chunk = 2048; |
| 1890 | if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) |
| 1891 | chunk = 65536; |
| 1892 | if (count < chunk) |
| 1893 | chunk = count; |
| 1894 | |
| 1895 | /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ |
| 1896 | if (tty->write_cnt < chunk) { |
| 1897 | unsigned char *buf; |
| 1898 | |
| 1899 | if (chunk < 1024) |
| 1900 | chunk = 1024; |
| 1901 | |
| 1902 | buf = kmalloc(chunk, GFP_KERNEL); |
| 1903 | if (!buf) { |
| 1904 | ret = -ENOMEM; |
| 1905 | goto out; |
| 1906 | } |
| 1907 | kfree(tty->write_buf); |
| 1908 | tty->write_cnt = chunk; |
| 1909 | tty->write_buf = buf; |
| 1910 | } |
| 1911 | |
| 1912 | /* Do the write .. */ |
| 1913 | for (;;) { |
| 1914 | size_t size = count; |
| 1915 | if (size > chunk) |
| 1916 | size = chunk; |
| 1917 | ret = -EFAULT; |
| 1918 | if (copy_from_user(tty->write_buf, buf, size)) |
| 1919 | break; |
| 1920 | ret = write(tty, file, tty->write_buf, size); |
| 1921 | if (ret <= 0) |
| 1922 | break; |
| 1923 | written += ret; |
| 1924 | buf += ret; |
| 1925 | count -= ret; |
| 1926 | if (!count) |
| 1927 | break; |
| 1928 | ret = -ERESTARTSYS; |
| 1929 | if (signal_pending(current)) |
| 1930 | break; |
| 1931 | cond_resched(); |
| 1932 | } |
| 1933 | if (written) { |
| 1934 | struct inode *inode = file->f_path.dentry->d_inode; |
| 1935 | inode->i_mtime = current_fs_time(inode->i_sb); |
| 1936 | ret = written; |
| 1937 | } |
| 1938 | out: |
| 1939 | tty_write_unlock(tty); |
| 1940 | return ret; |
| 1941 | } |
| 1942 | |
| 1943 | |
| 1944 | /** |
| 1945 | * tty_write - write method for tty device file |
| 1946 | * @file: tty file pointer |
| 1947 | * @buf: user data to write |
| 1948 | * @count: bytes to write |
| 1949 | * @ppos: unused |
| 1950 | * |
| 1951 | * Write data to a tty device via the line discipline. |
| 1952 | * |
| 1953 | * Locking: |
| 1954 | * Locks the line discipline as required |
| 1955 | * Writes to the tty driver are serialized by the atomic_write_lock |
| 1956 | * and are then processed in chunks to the device. The line discipline |
| 1957 | * write method will not be involked in parallel for each device |
| 1958 | * The line discipline write method is called under the big |
| 1959 | * kernel lock for historical reasons. New code should not rely on this. |
| 1960 | */ |
| 1961 | |
| 1962 | static ssize_t tty_write(struct file *file, const char __user *buf, |
| 1963 | size_t count, loff_t *ppos) |
| 1964 | { |
| 1965 | struct tty_struct *tty; |
| 1966 | struct inode *inode = file->f_path.dentry->d_inode; |
| 1967 | ssize_t ret; |
| 1968 | struct tty_ldisc *ld; |
| 1969 | |
| 1970 | tty = (struct tty_struct *)file->private_data; |
| 1971 | if (tty_paranoia_check(tty, inode, "tty_write")) |
| 1972 | return -EIO; |
| 1973 | if (!tty || !tty->ops->write || |
| 1974 | (test_bit(TTY_IO_ERROR, &tty->flags))) |
| 1975 | return -EIO; |
| 1976 | /* Short term debug to catch buggy drivers */ |
| 1977 | if (tty->ops->write_room == NULL) |
| 1978 | printk(KERN_ERR "tty driver %s lacks a write_room method.\n", |
| 1979 | tty->driver->name); |
| 1980 | ld = tty_ldisc_ref_wait(tty); |
| 1981 | if (!ld->write) |
| 1982 | ret = -EIO; |
| 1983 | else |
| 1984 | ret = do_tty_write(ld->write, tty, file, buf, count); |
| 1985 | tty_ldisc_deref(ld); |
| 1986 | return ret; |
| 1987 | } |
| 1988 | |
| 1989 | ssize_t redirected_tty_write(struct file *file, const char __user *buf, |
| 1990 | size_t count, loff_t *ppos) |
| 1991 | { |
| 1992 | struct file *p = NULL; |
| 1993 | |
| 1994 | spin_lock(&redirect_lock); |
| 1995 | if (redirect) { |
| 1996 | get_file(redirect); |
| 1997 | p = redirect; |
| 1998 | } |
| 1999 | spin_unlock(&redirect_lock); |
| 2000 | |
| 2001 | if (p) { |
| 2002 | ssize_t res; |
| 2003 | res = vfs_write(p, buf, count, &p->f_pos); |
| 2004 | fput(p); |
| 2005 | return res; |
| 2006 | } |
| 2007 | return tty_write(file, buf, count, ppos); |
| 2008 | } |
| 2009 | |
| 2010 | static char ptychar[] = "pqrstuvwxyzabcde"; |
| 2011 | |
| 2012 | /** |
| 2013 | * pty_line_name - generate name for a pty |
| 2014 | * @driver: the tty driver in use |
| 2015 | * @index: the minor number |
| 2016 | * @p: output buffer of at least 6 bytes |
| 2017 | * |
| 2018 | * Generate a name from a driver reference and write it to the output |
| 2019 | * buffer. |
| 2020 | * |
| 2021 | * Locking: None |
| 2022 | */ |
| 2023 | static void pty_line_name(struct tty_driver *driver, int index, char *p) |
| 2024 | { |
| 2025 | int i = index + driver->name_base; |
| 2026 | /* ->name is initialized to "ttyp", but "tty" is expected */ |
| 2027 | sprintf(p, "%s%c%x", |
| 2028 | driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, |
| 2029 | ptychar[i >> 4 & 0xf], i & 0xf); |
| 2030 | } |
| 2031 | |
| 2032 | /** |
| 2033 | * pty_line_name - generate name for a tty |
| 2034 | * @driver: the tty driver in use |
| 2035 | * @index: the minor number |
| 2036 | * @p: output buffer of at least 7 bytes |
| 2037 | * |
| 2038 | * Generate a name from a driver reference and write it to the output |
| 2039 | * buffer. |
| 2040 | * |
| 2041 | * Locking: None |
| 2042 | */ |
| 2043 | static void tty_line_name(struct tty_driver *driver, int index, char *p) |
| 2044 | { |
| 2045 | sprintf(p, "%s%d", driver->name, index + driver->name_base); |
| 2046 | } |
| 2047 | |
| 2048 | /** |
| 2049 | * init_dev - initialise a tty device |
| 2050 | * @driver: tty driver we are opening a device on |
| 2051 | * @idx: device index |
| 2052 | * @tty: returned tty structure |
| 2053 | * |
| 2054 | * Prepare a tty device. This may not be a "new" clean device but |
| 2055 | * could also be an active device. The pty drivers require special |
| 2056 | * handling because of this. |
| 2057 | * |
| 2058 | * Locking: |
| 2059 | * The function is called under the tty_mutex, which |
| 2060 | * protects us from the tty struct or driver itself going away. |
| 2061 | * |
| 2062 | * On exit the tty device has the line discipline attached and |
| 2063 | * a reference count of 1. If a pair was created for pty/tty use |
| 2064 | * and the other was a pty master then it too has a reference count of 1. |
| 2065 | * |
| 2066 | * WSH 06/09/97: Rewritten to remove races and properly clean up after a |
| 2067 | * failed open. The new code protects the open with a mutex, so it's |
| 2068 | * really quite straightforward. The mutex locking can probably be |
| 2069 | * relaxed for the (most common) case of reopening a tty. |
| 2070 | */ |
| 2071 | |
| 2072 | static int init_dev(struct tty_driver *driver, int idx, |
| 2073 | struct tty_struct **ret_tty) |
| 2074 | { |
| 2075 | struct tty_struct *tty, *o_tty; |
| 2076 | struct ktermios *tp, **tp_loc, *o_tp, **o_tp_loc; |
| 2077 | struct ktermios *ltp, **ltp_loc, *o_ltp, **o_ltp_loc; |
| 2078 | int retval = 0; |
| 2079 | |
| 2080 | /* check whether we're reopening an existing tty */ |
| 2081 | if (driver->flags & TTY_DRIVER_DEVPTS_MEM) { |
| 2082 | tty = devpts_get_tty(idx); |
| 2083 | /* |
| 2084 | * If we don't have a tty here on a slave open, it's because |
| 2085 | * the master already started the close process and there's |
| 2086 | * no relation between devpts file and tty anymore. |
| 2087 | */ |
| 2088 | if (!tty && driver->subtype == PTY_TYPE_SLAVE) { |
| 2089 | retval = -EIO; |
| 2090 | goto end_init; |
| 2091 | } |
| 2092 | /* |
| 2093 | * It's safe from now on because init_dev() is called with |
| 2094 | * tty_mutex held and release_dev() won't change tty->count |
| 2095 | * or tty->flags without having to grab tty_mutex |
| 2096 | */ |
| 2097 | if (tty && driver->subtype == PTY_TYPE_MASTER) |
| 2098 | tty = tty->link; |
| 2099 | } else { |
| 2100 | tty = driver->ttys[idx]; |
| 2101 | } |
| 2102 | if (tty) goto fast_track; |
| 2103 | |
| 2104 | /* |
| 2105 | * First time open is complex, especially for PTY devices. |
| 2106 | * This code guarantees that either everything succeeds and the |
| 2107 | * TTY is ready for operation, or else the table slots are vacated |
| 2108 | * and the allocated memory released. (Except that the termios |
| 2109 | * and locked termios may be retained.) |
| 2110 | */ |
| 2111 | |
| 2112 | if (!try_module_get(driver->owner)) { |
| 2113 | retval = -ENODEV; |
| 2114 | goto end_init; |
| 2115 | } |
| 2116 | |
| 2117 | o_tty = NULL; |
| 2118 | tp = o_tp = NULL; |
| 2119 | ltp = o_ltp = NULL; |
| 2120 | |
| 2121 | tty = alloc_tty_struct(); |
| 2122 | if (!tty) |
| 2123 | goto fail_no_mem; |
| 2124 | initialize_tty_struct(tty); |
| 2125 | tty->driver = driver; |
| 2126 | tty->ops = driver->ops; |
| 2127 | tty->index = idx; |
| 2128 | tty_line_name(driver, idx, tty->name); |
| 2129 | |
| 2130 | if (driver->flags & TTY_DRIVER_DEVPTS_MEM) { |
| 2131 | tp_loc = &tty->termios; |
| 2132 | ltp_loc = &tty->termios_locked; |
| 2133 | } else { |
| 2134 | tp_loc = &driver->termios[idx]; |
| 2135 | ltp_loc = &driver->termios_locked[idx]; |
| 2136 | } |
| 2137 | |
| 2138 | if (!*tp_loc) { |
| 2139 | tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL); |
| 2140 | if (!tp) |
| 2141 | goto free_mem_out; |
| 2142 | *tp = driver->init_termios; |
| 2143 | } |
| 2144 | |
| 2145 | if (!*ltp_loc) { |
| 2146 | ltp = kzalloc(sizeof(struct ktermios), GFP_KERNEL); |
| 2147 | if (!ltp) |
| 2148 | goto free_mem_out; |
| 2149 | } |
| 2150 | |
| 2151 | if (driver->type == TTY_DRIVER_TYPE_PTY) { |
| 2152 | o_tty = alloc_tty_struct(); |
| 2153 | if (!o_tty) |
| 2154 | goto free_mem_out; |
| 2155 | initialize_tty_struct(o_tty); |
| 2156 | o_tty->driver = driver->other; |
| 2157 | o_tty->ops = driver->ops; |
| 2158 | o_tty->index = idx; |
| 2159 | tty_line_name(driver->other, idx, o_tty->name); |
| 2160 | |
| 2161 | if (driver->flags & TTY_DRIVER_DEVPTS_MEM) { |
| 2162 | o_tp_loc = &o_tty->termios; |
| 2163 | o_ltp_loc = &o_tty->termios_locked; |
| 2164 | } else { |
| 2165 | o_tp_loc = &driver->other->termios[idx]; |
| 2166 | o_ltp_loc = &driver->other->termios_locked[idx]; |
| 2167 | } |
| 2168 | |
| 2169 | if (!*o_tp_loc) { |
| 2170 | o_tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL); |
| 2171 | if (!o_tp) |
| 2172 | goto free_mem_out; |
| 2173 | *o_tp = driver->other->init_termios; |
| 2174 | } |
| 2175 | |
| 2176 | if (!*o_ltp_loc) { |
| 2177 | o_ltp = kzalloc(sizeof(struct ktermios), GFP_KERNEL); |
| 2178 | if (!o_ltp) |
| 2179 | goto free_mem_out; |
| 2180 | } |
| 2181 | |
| 2182 | /* |
| 2183 | * Everything allocated ... set up the o_tty structure. |
| 2184 | */ |
| 2185 | if (!(driver->other->flags & TTY_DRIVER_DEVPTS_MEM)) |
| 2186 | driver->other->ttys[idx] = o_tty; |
| 2187 | if (!*o_tp_loc) |
| 2188 | *o_tp_loc = o_tp; |
| 2189 | if (!*o_ltp_loc) |
| 2190 | *o_ltp_loc = o_ltp; |
| 2191 | o_tty->termios = *o_tp_loc; |
| 2192 | o_tty->termios_locked = *o_ltp_loc; |
| 2193 | driver->other->refcount++; |
| 2194 | if (driver->subtype == PTY_TYPE_MASTER) |
| 2195 | o_tty->count++; |
| 2196 | |
| 2197 | /* Establish the links in both directions */ |
| 2198 | tty->link = o_tty; |
| 2199 | o_tty->link = tty; |
| 2200 | } |
| 2201 | |
| 2202 | /* |
| 2203 | * All structures have been allocated, so now we install them. |
| 2204 | * Failures after this point use release_tty to clean up, so |
| 2205 | * there's no need to null out the local pointers. |
| 2206 | */ |
| 2207 | if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM)) |
| 2208 | driver->ttys[idx] = tty; |
| 2209 | |
| 2210 | if (!*tp_loc) |
| 2211 | *tp_loc = tp; |
| 2212 | if (!*ltp_loc) |
| 2213 | *ltp_loc = ltp; |
| 2214 | tty->termios = *tp_loc; |
| 2215 | tty->termios_locked = *ltp_loc; |
| 2216 | /* Compatibility until drivers always set this */ |
| 2217 | tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); |
| 2218 | tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); |
| 2219 | driver->refcount++; |
| 2220 | tty->count++; |
| 2221 | |
| 2222 | /* |
| 2223 | * Structures all installed ... call the ldisc open routines. |
| 2224 | * If we fail here just call release_tty to clean up. No need |
| 2225 | * to decrement the use counts, as release_tty doesn't care. |
| 2226 | */ |
| 2227 | |
| 2228 | if (tty->ldisc.open) { |
| 2229 | retval = (tty->ldisc.open)(tty); |
| 2230 | if (retval) |
| 2231 | goto release_mem_out; |
| 2232 | } |
| 2233 | if (o_tty && o_tty->ldisc.open) { |
| 2234 | retval = (o_tty->ldisc.open)(o_tty); |
| 2235 | if (retval) { |
| 2236 | if (tty->ldisc.close) |
| 2237 | (tty->ldisc.close)(tty); |
| 2238 | goto release_mem_out; |
| 2239 | } |
| 2240 | tty_ldisc_enable(o_tty); |
| 2241 | } |
| 2242 | tty_ldisc_enable(tty); |
| 2243 | goto success; |
| 2244 | |
| 2245 | /* |
| 2246 | * This fast open can be used if the tty is already open. |
| 2247 | * No memory is allocated, and the only failures are from |
| 2248 | * attempting to open a closing tty or attempting multiple |
| 2249 | * opens on a pty master. |
| 2250 | */ |
| 2251 | fast_track: |
| 2252 | if (test_bit(TTY_CLOSING, &tty->flags)) { |
| 2253 | retval = -EIO; |
| 2254 | goto end_init; |
| 2255 | } |
| 2256 | if (driver->type == TTY_DRIVER_TYPE_PTY && |
| 2257 | driver->subtype == PTY_TYPE_MASTER) { |
| 2258 | /* |
| 2259 | * special case for PTY masters: only one open permitted, |
| 2260 | * and the slave side open count is incremented as well. |
| 2261 | */ |
| 2262 | if (tty->count) { |
| 2263 | retval = -EIO; |
| 2264 | goto end_init; |
| 2265 | } |
| 2266 | tty->link->count++; |
| 2267 | } |
| 2268 | tty->count++; |
| 2269 | tty->driver = driver; /* N.B. why do this every time?? */ |
| 2270 | |
| 2271 | /* FIXME */ |
| 2272 | if (!test_bit(TTY_LDISC, &tty->flags)) |
| 2273 | printk(KERN_ERR "init_dev but no ldisc\n"); |
| 2274 | success: |
| 2275 | *ret_tty = tty; |
| 2276 | |
| 2277 | /* All paths come through here to release the mutex */ |
| 2278 | end_init: |
| 2279 | return retval; |
| 2280 | |
| 2281 | /* Release locally allocated memory ... nothing placed in slots */ |
| 2282 | free_mem_out: |
| 2283 | kfree(o_tp); |
| 2284 | if (o_tty) |
| 2285 | free_tty_struct(o_tty); |
| 2286 | kfree(ltp); |
| 2287 | kfree(tp); |
| 2288 | free_tty_struct(tty); |
| 2289 | |
| 2290 | fail_no_mem: |
| 2291 | module_put(driver->owner); |
| 2292 | retval = -ENOMEM; |
| 2293 | goto end_init; |
| 2294 | |
| 2295 | /* call the tty release_tty routine to clean out this slot */ |
| 2296 | release_mem_out: |
| 2297 | if (printk_ratelimit()) |
| 2298 | printk(KERN_INFO "init_dev: ldisc open failed, " |
| 2299 | "clearing slot %d\n", idx); |
| 2300 | release_tty(tty, idx); |
| 2301 | goto end_init; |
| 2302 | } |
| 2303 | |
| 2304 | /** |
| 2305 | * release_one_tty - release tty structure memory |
| 2306 | * |
| 2307 | * Releases memory associated with a tty structure, and clears out the |
| 2308 | * driver table slots. This function is called when a device is no longer |
| 2309 | * in use. It also gets called when setup of a device fails. |
| 2310 | * |
| 2311 | * Locking: |
| 2312 | * tty_mutex - sometimes only |
| 2313 | * takes the file list lock internally when working on the list |
| 2314 | * of ttys that the driver keeps. |
| 2315 | * FIXME: should we require tty_mutex is held here ?? |
| 2316 | */ |
| 2317 | static void release_one_tty(struct tty_struct *tty, int idx) |
| 2318 | { |
| 2319 | int devpts = tty->driver->flags & TTY_DRIVER_DEVPTS_MEM; |
| 2320 | struct ktermios *tp; |
| 2321 | |
| 2322 | if (!devpts) |
| 2323 | tty->driver->ttys[idx] = NULL; |
| 2324 | |
| 2325 | if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { |
| 2326 | tp = tty->termios; |
| 2327 | if (!devpts) |
| 2328 | tty->driver->termios[idx] = NULL; |
| 2329 | kfree(tp); |
| 2330 | |
| 2331 | tp = tty->termios_locked; |
| 2332 | if (!devpts) |
| 2333 | tty->driver->termios_locked[idx] = NULL; |
| 2334 | kfree(tp); |
| 2335 | } |
| 2336 | |
| 2337 | |
| 2338 | tty->magic = 0; |
| 2339 | tty->driver->refcount--; |
| 2340 | |
| 2341 | file_list_lock(); |
| 2342 | list_del_init(&tty->tty_files); |
| 2343 | file_list_unlock(); |
| 2344 | |
| 2345 | free_tty_struct(tty); |
| 2346 | } |
| 2347 | |
| 2348 | /** |
| 2349 | * release_tty - release tty structure memory |
| 2350 | * |
| 2351 | * Release both @tty and a possible linked partner (think pty pair), |
| 2352 | * and decrement the refcount of the backing module. |
| 2353 | * |
| 2354 | * Locking: |
| 2355 | * tty_mutex - sometimes only |
| 2356 | * takes the file list lock internally when working on the list |
| 2357 | * of ttys that the driver keeps. |
| 2358 | * FIXME: should we require tty_mutex is held here ?? |
| 2359 | */ |
| 2360 | static void release_tty(struct tty_struct *tty, int idx) |
| 2361 | { |
| 2362 | struct tty_driver *driver = tty->driver; |
| 2363 | |
| 2364 | if (tty->link) |
| 2365 | release_one_tty(tty->link, idx); |
| 2366 | release_one_tty(tty, idx); |
| 2367 | module_put(driver->owner); |
| 2368 | } |
| 2369 | |
| 2370 | /* |
| 2371 | * Even releasing the tty structures is a tricky business.. We have |
| 2372 | * to be very careful that the structures are all released at the |
| 2373 | * same time, as interrupts might otherwise get the wrong pointers. |
| 2374 | * |
| 2375 | * WSH 09/09/97: rewritten to avoid some nasty race conditions that could |
| 2376 | * lead to double frees or releasing memory still in use. |
| 2377 | */ |
| 2378 | static void release_dev(struct file *filp) |
| 2379 | { |
| 2380 | struct tty_struct *tty, *o_tty; |
| 2381 | int pty_master, tty_closing, o_tty_closing, do_sleep; |
| 2382 | int devpts; |
| 2383 | int idx; |
| 2384 | char buf[64]; |
| 2385 | unsigned long flags; |
| 2386 | |
| 2387 | tty = (struct tty_struct *)filp->private_data; |
| 2388 | if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, |
| 2389 | "release_dev")) |
| 2390 | return; |
| 2391 | |
| 2392 | check_tty_count(tty, "release_dev"); |
| 2393 | |
| 2394 | tty_fasync(-1, filp, 0); |
| 2395 | |
| 2396 | idx = tty->index; |
| 2397 | pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && |
| 2398 | tty->driver->subtype == PTY_TYPE_MASTER); |
| 2399 | devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; |
| 2400 | o_tty = tty->link; |
| 2401 | |
| 2402 | #ifdef TTY_PARANOIA_CHECK |
| 2403 | if (idx < 0 || idx >= tty->driver->num) { |
| 2404 | printk(KERN_DEBUG "release_dev: bad idx when trying to " |
| 2405 | "free (%s)\n", tty->name); |
| 2406 | return; |
| 2407 | } |
| 2408 | if (!(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { |
| 2409 | if (tty != tty->driver->ttys[idx]) { |
| 2410 | printk(KERN_DEBUG "release_dev: driver.table[%d] not tty " |
| 2411 | "for (%s)\n", idx, tty->name); |
| 2412 | return; |
| 2413 | } |
| 2414 | if (tty->termios != tty->driver->termios[idx]) { |
| 2415 | printk(KERN_DEBUG "release_dev: driver.termios[%d] not termios " |
| 2416 | "for (%s)\n", |
| 2417 | idx, tty->name); |
| 2418 | return; |
| 2419 | } |
| 2420 | if (tty->termios_locked != tty->driver->termios_locked[idx]) { |
| 2421 | printk(KERN_DEBUG "release_dev: driver.termios_locked[%d] not " |
| 2422 | "termios_locked for (%s)\n", |
| 2423 | idx, tty->name); |
| 2424 | return; |
| 2425 | } |
| 2426 | } |
| 2427 | #endif |
| 2428 | |
| 2429 | #ifdef TTY_DEBUG_HANGUP |
| 2430 | printk(KERN_DEBUG "release_dev of %s (tty count=%d)...", |
| 2431 | tty_name(tty, buf), tty->count); |
| 2432 | #endif |
| 2433 | |
| 2434 | #ifdef TTY_PARANOIA_CHECK |
| 2435 | if (tty->driver->other && |
| 2436 | !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { |
| 2437 | if (o_tty != tty->driver->other->ttys[idx]) { |
| 2438 | printk(KERN_DEBUG "release_dev: other->table[%d] " |
| 2439 | "not o_tty for (%s)\n", |
| 2440 | idx, tty->name); |
| 2441 | return; |
| 2442 | } |
| 2443 | if (o_tty->termios != tty->driver->other->termios[idx]) { |
| 2444 | printk(KERN_DEBUG "release_dev: other->termios[%d] " |
| 2445 | "not o_termios for (%s)\n", |
| 2446 | idx, tty->name); |
| 2447 | return; |
| 2448 | } |
| 2449 | if (o_tty->termios_locked != |
| 2450 | tty->driver->other->termios_locked[idx]) { |
| 2451 | printk(KERN_DEBUG "release_dev: other->termios_locked[" |
| 2452 | "%d] not o_termios_locked for (%s)\n", |
| 2453 | idx, tty->name); |
| 2454 | return; |
| 2455 | } |
| 2456 | if (o_tty->link != tty) { |
| 2457 | printk(KERN_DEBUG "release_dev: bad pty pointers\n"); |
| 2458 | return; |
| 2459 | } |
| 2460 | } |
| 2461 | #endif |
| 2462 | if (tty->ops->close) |
| 2463 | tty->ops->close(tty, filp); |
| 2464 | |
| 2465 | /* |
| 2466 | * Sanity check: if tty->count is going to zero, there shouldn't be |
| 2467 | * any waiters on tty->read_wait or tty->write_wait. We test the |
| 2468 | * wait queues and kick everyone out _before_ actually starting to |
| 2469 | * close. This ensures that we won't block while releasing the tty |
| 2470 | * structure. |
| 2471 | * |
| 2472 | * The test for the o_tty closing is necessary, since the master and |
| 2473 | * slave sides may close in any order. If the slave side closes out |
| 2474 | * first, its count will be one, since the master side holds an open. |
| 2475 | * Thus this test wouldn't be triggered at the time the slave closes, |
| 2476 | * so we do it now. |
| 2477 | * |
| 2478 | * Note that it's possible for the tty to be opened again while we're |
| 2479 | * flushing out waiters. By recalculating the closing flags before |
| 2480 | * each iteration we avoid any problems. |
| 2481 | */ |
| 2482 | while (1) { |
| 2483 | /* Guard against races with tty->count changes elsewhere and |
| 2484 | opens on /dev/tty */ |
| 2485 | |
| 2486 | mutex_lock(&tty_mutex); |
| 2487 | tty_closing = tty->count <= 1; |
| 2488 | o_tty_closing = o_tty && |
| 2489 | (o_tty->count <= (pty_master ? 1 : 0)); |
| 2490 | do_sleep = 0; |
| 2491 | |
| 2492 | if (tty_closing) { |
| 2493 | if (waitqueue_active(&tty->read_wait)) { |
| 2494 | wake_up(&tty->read_wait); |
| 2495 | do_sleep++; |
| 2496 | } |
| 2497 | if (waitqueue_active(&tty->write_wait)) { |
| 2498 | wake_up(&tty->write_wait); |
| 2499 | do_sleep++; |
| 2500 | } |
| 2501 | } |
| 2502 | if (o_tty_closing) { |
| 2503 | if (waitqueue_active(&o_tty->read_wait)) { |
| 2504 | wake_up(&o_tty->read_wait); |
| 2505 | do_sleep++; |
| 2506 | } |
| 2507 | if (waitqueue_active(&o_tty->write_wait)) { |
| 2508 | wake_up(&o_tty->write_wait); |
| 2509 | do_sleep++; |
| 2510 | } |
| 2511 | } |
| 2512 | if (!do_sleep) |
| 2513 | break; |
| 2514 | |
| 2515 | printk(KERN_WARNING "release_dev: %s: read/write wait queue " |
| 2516 | "active!\n", tty_name(tty, buf)); |
| 2517 | mutex_unlock(&tty_mutex); |
| 2518 | schedule(); |
| 2519 | } |
| 2520 | |
| 2521 | /* |
| 2522 | * The closing flags are now consistent with the open counts on |
| 2523 | * both sides, and we've completed the last operation that could |
| 2524 | * block, so it's safe to proceed with closing. |
| 2525 | */ |
| 2526 | if (pty_master) { |
| 2527 | if (--o_tty->count < 0) { |
| 2528 | printk(KERN_WARNING "release_dev: bad pty slave count " |
| 2529 | "(%d) for %s\n", |
| 2530 | o_tty->count, tty_name(o_tty, buf)); |
| 2531 | o_tty->count = 0; |
| 2532 | } |
| 2533 | } |
| 2534 | if (--tty->count < 0) { |
| 2535 | printk(KERN_WARNING "release_dev: bad tty->count (%d) for %s\n", |
| 2536 | tty->count, tty_name(tty, buf)); |
| 2537 | tty->count = 0; |
| 2538 | } |
| 2539 | |
| 2540 | /* |
| 2541 | * We've decremented tty->count, so we need to remove this file |
| 2542 | * descriptor off the tty->tty_files list; this serves two |
| 2543 | * purposes: |
| 2544 | * - check_tty_count sees the correct number of file descriptors |
| 2545 | * associated with this tty. |
| 2546 | * - do_tty_hangup no longer sees this file descriptor as |
| 2547 | * something that needs to be handled for hangups. |
| 2548 | */ |
| 2549 | file_kill(filp); |
| 2550 | filp->private_data = NULL; |
| 2551 | |
| 2552 | /* |
| 2553 | * Perform some housekeeping before deciding whether to return. |
| 2554 | * |
| 2555 | * Set the TTY_CLOSING flag if this was the last open. In the |
| 2556 | * case of a pty we may have to wait around for the other side |
| 2557 | * to close, and TTY_CLOSING makes sure we can't be reopened. |
| 2558 | */ |
| 2559 | if (tty_closing) |
| 2560 | set_bit(TTY_CLOSING, &tty->flags); |
| 2561 | if (o_tty_closing) |
| 2562 | set_bit(TTY_CLOSING, &o_tty->flags); |
| 2563 | |
| 2564 | /* |
| 2565 | * If _either_ side is closing, make sure there aren't any |
| 2566 | * processes that still think tty or o_tty is their controlling |
| 2567 | * tty. |
| 2568 | */ |
| 2569 | if (tty_closing || o_tty_closing) { |
| 2570 | read_lock(&tasklist_lock); |
| 2571 | session_clear_tty(tty->session); |
| 2572 | if (o_tty) |
| 2573 | session_clear_tty(o_tty->session); |
| 2574 | read_unlock(&tasklist_lock); |
| 2575 | } |
| 2576 | |
| 2577 | mutex_unlock(&tty_mutex); |
| 2578 | |
| 2579 | /* check whether both sides are closing ... */ |
| 2580 | if (!tty_closing || (o_tty && !o_tty_closing)) |
| 2581 | return; |
| 2582 | |
| 2583 | #ifdef TTY_DEBUG_HANGUP |
| 2584 | printk(KERN_DEBUG "freeing tty structure..."); |
| 2585 | #endif |
| 2586 | /* |
| 2587 | * Prevent flush_to_ldisc() from rescheduling the work for later. Then |
| 2588 | * kill any delayed work. As this is the final close it does not |
| 2589 | * race with the set_ldisc code path. |
| 2590 | */ |
| 2591 | clear_bit(TTY_LDISC, &tty->flags); |
| 2592 | cancel_delayed_work(&tty->buf.work); |
| 2593 | |
| 2594 | /* |
| 2595 | * Wait for ->hangup_work and ->buf.work handlers to terminate |
| 2596 | */ |
| 2597 | |
| 2598 | flush_scheduled_work(); |
| 2599 | |
| 2600 | /* |
| 2601 | * Wait for any short term users (we know they are just driver |
| 2602 | * side waiters as the file is closing so user count on the file |
| 2603 | * side is zero. |
| 2604 | */ |
| 2605 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 2606 | while (tty->ldisc.refcount) { |
| 2607 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 2608 | wait_event(tty_ldisc_wait, tty->ldisc.refcount == 0); |
| 2609 | spin_lock_irqsave(&tty_ldisc_lock, flags); |
| 2610 | } |
| 2611 | spin_unlock_irqrestore(&tty_ldisc_lock, flags); |
| 2612 | /* |
| 2613 | * Shutdown the current line discipline, and reset it to N_TTY. |
| 2614 | * N.B. why reset ldisc when we're releasing the memory?? |
| 2615 | * |
| 2616 | * FIXME: this MUST get fixed for the new reflocking |
| 2617 | */ |
| 2618 | if (tty->ldisc.close) |
| 2619 | (tty->ldisc.close)(tty); |
| 2620 | tty_ldisc_put(tty->ldisc.num); |
| 2621 | |
| 2622 | /* |
| 2623 | * Switch the line discipline back |
| 2624 | */ |
| 2625 | tty_ldisc_assign(tty, tty_ldisc_get(N_TTY)); |
| 2626 | tty_set_termios_ldisc(tty, N_TTY); |
| 2627 | if (o_tty) { |
| 2628 | /* FIXME: could o_tty be in setldisc here ? */ |
| 2629 | clear_bit(TTY_LDISC, &o_tty->flags); |
| 2630 | if (o_tty->ldisc.close) |
| 2631 | (o_tty->ldisc.close)(o_tty); |
| 2632 | tty_ldisc_put(o_tty->ldisc.num); |
| 2633 | tty_ldisc_assign(o_tty, tty_ldisc_get(N_TTY)); |
| 2634 | tty_set_termios_ldisc(o_tty, N_TTY); |
| 2635 | } |
| 2636 | /* |
| 2637 | * The release_tty function takes care of the details of clearing |
| 2638 | * the slots and preserving the termios structure. |
| 2639 | */ |
| 2640 | release_tty(tty, idx); |
| 2641 | |
| 2642 | #ifdef CONFIG_UNIX98_PTYS |
| 2643 | /* Make this pty number available for reallocation */ |
| 2644 | if (devpts) { |
| 2645 | mutex_lock(&allocated_ptys_lock); |
| 2646 | idr_remove(&allocated_ptys, idx); |
| 2647 | mutex_unlock(&allocated_ptys_lock); |
| 2648 | } |
| 2649 | #endif |
| 2650 | |
| 2651 | } |
| 2652 | |
| 2653 | /** |
| 2654 | * tty_open - open a tty device |
| 2655 | * @inode: inode of device file |
| 2656 | * @filp: file pointer to tty |
| 2657 | * |
| 2658 | * tty_open and tty_release keep up the tty count that contains the |
| 2659 | * number of opens done on a tty. We cannot use the inode-count, as |
| 2660 | * different inodes might point to the same tty. |
| 2661 | * |
| 2662 | * Open-counting is needed for pty masters, as well as for keeping |
| 2663 | * track of serial lines: DTR is dropped when the last close happens. |
| 2664 | * (This is not done solely through tty->count, now. - Ted 1/27/92) |
| 2665 | * |
| 2666 | * The termios state of a pty is reset on first open so that |
| 2667 | * settings don't persist across reuse. |
| 2668 | * |
| 2669 | * Locking: tty_mutex protects tty, get_tty_driver and init_dev work. |
| 2670 | * tty->count should protect the rest. |
| 2671 | * ->siglock protects ->signal/->sighand |
| 2672 | */ |
| 2673 | |
| 2674 | static int tty_open(struct inode *inode, struct file *filp) |
| 2675 | { |
| 2676 | struct tty_struct *tty; |
| 2677 | int noctty, retval; |
| 2678 | struct tty_driver *driver; |
| 2679 | int index; |
| 2680 | dev_t device = inode->i_rdev; |
| 2681 | unsigned short saved_flags = filp->f_flags; |
| 2682 | |
| 2683 | nonseekable_open(inode, filp); |
| 2684 | |
| 2685 | retry_open: |
| 2686 | noctty = filp->f_flags & O_NOCTTY; |
| 2687 | index = -1; |
| 2688 | retval = 0; |
| 2689 | |
| 2690 | mutex_lock(&tty_mutex); |
| 2691 | |
| 2692 | if (device == MKDEV(TTYAUX_MAJOR, 0)) { |
| 2693 | tty = get_current_tty(); |
| 2694 | if (!tty) { |
| 2695 | mutex_unlock(&tty_mutex); |
| 2696 | return -ENXIO; |
| 2697 | } |
| 2698 | driver = tty->driver; |
| 2699 | index = tty->index; |
| 2700 | filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ |
| 2701 | /* noctty = 1; */ |
| 2702 | goto got_driver; |
| 2703 | } |
| 2704 | #ifdef CONFIG_VT |
| 2705 | if (device == MKDEV(TTY_MAJOR, 0)) { |
| 2706 | extern struct tty_driver *console_driver; |
| 2707 | driver = console_driver; |
| 2708 | index = fg_console; |
| 2709 | noctty = 1; |
| 2710 | goto got_driver; |
| 2711 | } |
| 2712 | #endif |
| 2713 | if (device == MKDEV(TTYAUX_MAJOR, 1)) { |
| 2714 | driver = console_device(&index); |
| 2715 | if (driver) { |
| 2716 | /* Don't let /dev/console block */ |
| 2717 | filp->f_flags |= O_NONBLOCK; |
| 2718 | noctty = 1; |
| 2719 | goto got_driver; |
| 2720 | } |
| 2721 | mutex_unlock(&tty_mutex); |
| 2722 | return -ENODEV; |
| 2723 | } |
| 2724 | |
| 2725 | driver = get_tty_driver(device, &index); |
| 2726 | if (!driver) { |
| 2727 | mutex_unlock(&tty_mutex); |
| 2728 | return -ENODEV; |
| 2729 | } |
| 2730 | got_driver: |
| 2731 | retval = init_dev(driver, index, &tty); |
| 2732 | mutex_unlock(&tty_mutex); |
| 2733 | if (retval) |
| 2734 | return retval; |
| 2735 | |
| 2736 | filp->private_data = tty; |
| 2737 | file_move(filp, &tty->tty_files); |
| 2738 | check_tty_count(tty, "tty_open"); |
| 2739 | if (tty->driver->type == TTY_DRIVER_TYPE_PTY && |
| 2740 | tty->driver->subtype == PTY_TYPE_MASTER) |
| 2741 | noctty = 1; |
| 2742 | #ifdef TTY_DEBUG_HANGUP |
| 2743 | printk(KERN_DEBUG "opening %s...", tty->name); |
| 2744 | #endif |
| 2745 | if (!retval) { |
| 2746 | if (tty->ops->open) |
| 2747 | retval = tty->ops->open(tty, filp); |
| 2748 | else |
| 2749 | retval = -ENODEV; |
| 2750 | } |
| 2751 | filp->f_flags = saved_flags; |
| 2752 | |
| 2753 | if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && |
| 2754 | !capable(CAP_SYS_ADMIN)) |
| 2755 | retval = -EBUSY; |
| 2756 | |
| 2757 | if (retval) { |
| 2758 | #ifdef TTY_DEBUG_HANGUP |
| 2759 | printk(KERN_DEBUG "error %d in opening %s...", retval, |
| 2760 | tty->name); |
| 2761 | #endif |
| 2762 | release_dev(filp); |
| 2763 | if (retval != -ERESTARTSYS) |
| 2764 | return retval; |
| 2765 | if (signal_pending(current)) |
| 2766 | return retval; |
| 2767 | schedule(); |
| 2768 | /* |
| 2769 | * Need to reset f_op in case a hangup happened. |
| 2770 | */ |
| 2771 | if (filp->f_op == &hung_up_tty_fops) |
| 2772 | filp->f_op = &tty_fops; |
| 2773 | goto retry_open; |
| 2774 | } |
| 2775 | |
| 2776 | mutex_lock(&tty_mutex); |
| 2777 | spin_lock_irq(¤t->sighand->siglock); |
| 2778 | if (!noctty && |
| 2779 | current->signal->leader && |
| 2780 | !current->signal->tty && |
| 2781 | tty->session == NULL) |
| 2782 | __proc_set_tty(current, tty); |
| 2783 | spin_unlock_irq(¤t->sighand->siglock); |
| 2784 | mutex_unlock(&tty_mutex); |
| 2785 | return 0; |
| 2786 | } |
| 2787 | |
| 2788 | #ifdef CONFIG_UNIX98_PTYS |
| 2789 | /** |
| 2790 | * ptmx_open - open a unix 98 pty master |
| 2791 | * @inode: inode of device file |
| 2792 | * @filp: file pointer to tty |
| 2793 | * |
| 2794 | * Allocate a unix98 pty master device from the ptmx driver. |
| 2795 | * |
| 2796 | * Locking: tty_mutex protects theinit_dev work. tty->count should |
| 2797 | * protect the rest. |
| 2798 | * allocated_ptys_lock handles the list of free pty numbers |
| 2799 | */ |
| 2800 | |
| 2801 | static int ptmx_open(struct inode *inode, struct file *filp) |
| 2802 | { |
| 2803 | struct tty_struct *tty; |
| 2804 | int retval; |
| 2805 | int index; |
| 2806 | int idr_ret; |
| 2807 | |
| 2808 | nonseekable_open(inode, filp); |
| 2809 | |
| 2810 | /* find a device that is not in use. */ |
| 2811 | mutex_lock(&allocated_ptys_lock); |
| 2812 | if (!idr_pre_get(&allocated_ptys, GFP_KERNEL)) { |
| 2813 | mutex_unlock(&allocated_ptys_lock); |
| 2814 | return -ENOMEM; |
| 2815 | } |
| 2816 | idr_ret = idr_get_new(&allocated_ptys, NULL, &index); |
| 2817 | if (idr_ret < 0) { |
| 2818 | mutex_unlock(&allocated_ptys_lock); |
| 2819 | if (idr_ret == -EAGAIN) |
| 2820 | return -ENOMEM; |
| 2821 | return -EIO; |
| 2822 | } |
| 2823 | if (index >= pty_limit) { |
| 2824 | idr_remove(&allocated_ptys, index); |
| 2825 | mutex_unlock(&allocated_ptys_lock); |
| 2826 | return -EIO; |
| 2827 | } |
| 2828 | mutex_unlock(&allocated_ptys_lock); |
| 2829 | |
| 2830 | mutex_lock(&tty_mutex); |
| 2831 | retval = init_dev(ptm_driver, index, &tty); |
| 2832 | mutex_unlock(&tty_mutex); |
| 2833 | |
| 2834 | if (retval) |
| 2835 | goto out; |
| 2836 | |
| 2837 | set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */ |
| 2838 | filp->private_data = tty; |
| 2839 | file_move(filp, &tty->tty_files); |
| 2840 | |
| 2841 | retval = devpts_pty_new(tty->link); |
| 2842 | if (retval) |
| 2843 | goto out1; |
| 2844 | |
| 2845 | check_tty_count(tty, "ptmx_open"); |
| 2846 | retval = ptm_driver->ops->open(tty, filp); |
| 2847 | if (!retval) |
| 2848 | return 0; |
| 2849 | out1: |
| 2850 | release_dev(filp); |
| 2851 | return retval; |
| 2852 | out: |
| 2853 | mutex_lock(&allocated_ptys_lock); |
| 2854 | idr_remove(&allocated_ptys, index); |
| 2855 | mutex_unlock(&allocated_ptys_lock); |
| 2856 | return retval; |
| 2857 | } |
| 2858 | #endif |
| 2859 | |
| 2860 | /** |
| 2861 | * tty_release - vfs callback for close |
| 2862 | * @inode: inode of tty |
| 2863 | * @filp: file pointer for handle to tty |
| 2864 | * |
| 2865 | * Called the last time each file handle is closed that references |
| 2866 | * this tty. There may however be several such references. |
| 2867 | * |
| 2868 | * Locking: |
| 2869 | * Takes bkl. See release_dev |
| 2870 | */ |
| 2871 | |
| 2872 | static int tty_release(struct inode *inode, struct file *filp) |
| 2873 | { |
| 2874 | lock_kernel(); |
| 2875 | release_dev(filp); |
| 2876 | unlock_kernel(); |
| 2877 | return 0; |
| 2878 | } |
| 2879 | |
| 2880 | /** |
| 2881 | * tty_poll - check tty status |
| 2882 | * @filp: file being polled |
| 2883 | * @wait: poll wait structures to update |
| 2884 | * |
| 2885 | * Call the line discipline polling method to obtain the poll |
| 2886 | * status of the device. |
| 2887 | * |
| 2888 | * Locking: locks called line discipline but ldisc poll method |
| 2889 | * may be re-entered freely by other callers. |
| 2890 | */ |
| 2891 | |
| 2892 | static unsigned int tty_poll(struct file *filp, poll_table *wait) |
| 2893 | { |
| 2894 | struct tty_struct *tty; |
| 2895 | struct tty_ldisc *ld; |
| 2896 | int ret = 0; |
| 2897 | |
| 2898 | tty = (struct tty_struct *)filp->private_data; |
| 2899 | if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) |
| 2900 | return 0; |
| 2901 | |
| 2902 | ld = tty_ldisc_ref_wait(tty); |
| 2903 | if (ld->poll) |
| 2904 | ret = (ld->poll)(tty, filp, wait); |
| 2905 | tty_ldisc_deref(ld); |
| 2906 | return ret; |
| 2907 | } |
| 2908 | |
| 2909 | static int tty_fasync(int fd, struct file *filp, int on) |
| 2910 | { |
| 2911 | struct tty_struct *tty; |
| 2912 | unsigned long flags; |
| 2913 | int retval; |
| 2914 | |
| 2915 | tty = (struct tty_struct *)filp->private_data; |
| 2916 | if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) |
| 2917 | return 0; |
| 2918 | |
| 2919 | retval = fasync_helper(fd, filp, on, &tty->fasync); |
| 2920 | if (retval <= 0) |
| 2921 | return retval; |
| 2922 | |
| 2923 | if (on) { |
| 2924 | enum pid_type type; |
| 2925 | struct pid *pid; |
| 2926 | if (!waitqueue_active(&tty->read_wait)) |
| 2927 | tty->minimum_to_wake = 1; |
| 2928 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 2929 | if (tty->pgrp) { |
| 2930 | pid = tty->pgrp; |
| 2931 | type = PIDTYPE_PGID; |
| 2932 | } else { |
| 2933 | pid = task_pid(current); |
| 2934 | type = PIDTYPE_PID; |
| 2935 | } |
| 2936 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 2937 | retval = __f_setown(filp, pid, type, 0); |
| 2938 | if (retval) |
| 2939 | return retval; |
| 2940 | } else { |
| 2941 | if (!tty->fasync && !waitqueue_active(&tty->read_wait)) |
| 2942 | tty->minimum_to_wake = N_TTY_BUF_SIZE; |
| 2943 | } |
| 2944 | return 0; |
| 2945 | } |
| 2946 | |
| 2947 | /** |
| 2948 | * tiocsti - fake input character |
| 2949 | * @tty: tty to fake input into |
| 2950 | * @p: pointer to character |
| 2951 | * |
| 2952 | * Fake input to a tty device. Does the necessary locking and |
| 2953 | * input management. |
| 2954 | * |
| 2955 | * FIXME: does not honour flow control ?? |
| 2956 | * |
| 2957 | * Locking: |
| 2958 | * Called functions take tty_ldisc_lock |
| 2959 | * current->signal->tty check is safe without locks |
| 2960 | * |
| 2961 | * FIXME: may race normal receive processing |
| 2962 | */ |
| 2963 | |
| 2964 | static int tiocsti(struct tty_struct *tty, char __user *p) |
| 2965 | { |
| 2966 | char ch, mbz = 0; |
| 2967 | struct tty_ldisc *ld; |
| 2968 | |
| 2969 | if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) |
| 2970 | return -EPERM; |
| 2971 | if (get_user(ch, p)) |
| 2972 | return -EFAULT; |
| 2973 | ld = tty_ldisc_ref_wait(tty); |
| 2974 | ld->receive_buf(tty, &ch, &mbz, 1); |
| 2975 | tty_ldisc_deref(ld); |
| 2976 | return 0; |
| 2977 | } |
| 2978 | |
| 2979 | /** |
| 2980 | * tiocgwinsz - implement window query ioctl |
| 2981 | * @tty; tty |
| 2982 | * @arg: user buffer for result |
| 2983 | * |
| 2984 | * Copies the kernel idea of the window size into the user buffer. |
| 2985 | * |
| 2986 | * Locking: tty->termios_mutex is taken to ensure the winsize data |
| 2987 | * is consistent. |
| 2988 | */ |
| 2989 | |
| 2990 | static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) |
| 2991 | { |
| 2992 | int err; |
| 2993 | |
| 2994 | mutex_lock(&tty->termios_mutex); |
| 2995 | err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); |
| 2996 | mutex_unlock(&tty->termios_mutex); |
| 2997 | |
| 2998 | return err ? -EFAULT: 0; |
| 2999 | } |
| 3000 | |
| 3001 | /** |
| 3002 | * tiocswinsz - implement window size set ioctl |
| 3003 | * @tty; tty |
| 3004 | * @arg: user buffer for result |
| 3005 | * |
| 3006 | * Copies the user idea of the window size to the kernel. Traditionally |
| 3007 | * this is just advisory information but for the Linux console it |
| 3008 | * actually has driver level meaning and triggers a VC resize. |
| 3009 | * |
| 3010 | * Locking: |
| 3011 | * Called function use the console_sem is used to ensure we do |
| 3012 | * not try and resize the console twice at once. |
| 3013 | * The tty->termios_mutex is used to ensure we don't double |
| 3014 | * resize and get confused. Lock order - tty->termios_mutex before |
| 3015 | * console sem |
| 3016 | */ |
| 3017 | |
| 3018 | static int tiocswinsz(struct tty_struct *tty, struct tty_struct *real_tty, |
| 3019 | struct winsize __user *arg) |
| 3020 | { |
| 3021 | struct winsize tmp_ws; |
| 3022 | struct pid *pgrp, *rpgrp; |
| 3023 | unsigned long flags; |
| 3024 | |
| 3025 | if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) |
| 3026 | return -EFAULT; |
| 3027 | |
| 3028 | mutex_lock(&tty->termios_mutex); |
| 3029 | if (!memcmp(&tmp_ws, &tty->winsize, sizeof(*arg))) |
| 3030 | goto done; |
| 3031 | |
| 3032 | #ifdef CONFIG_VT |
| 3033 | if (tty->driver->type == TTY_DRIVER_TYPE_CONSOLE) { |
| 3034 | if (vc_lock_resize(tty->driver_data, tmp_ws.ws_col, |
| 3035 | tmp_ws.ws_row)) { |
| 3036 | mutex_unlock(&tty->termios_mutex); |
| 3037 | return -ENXIO; |
| 3038 | } |
| 3039 | } |
| 3040 | #endif |
| 3041 | /* Get the PID values and reference them so we can |
| 3042 | avoid holding the tty ctrl lock while sending signals */ |
| 3043 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 3044 | pgrp = get_pid(tty->pgrp); |
| 3045 | rpgrp = get_pid(real_tty->pgrp); |
| 3046 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 3047 | |
| 3048 | if (pgrp) |
| 3049 | kill_pgrp(pgrp, SIGWINCH, 1); |
| 3050 | if (rpgrp != pgrp && rpgrp) |
| 3051 | kill_pgrp(rpgrp, SIGWINCH, 1); |
| 3052 | |
| 3053 | put_pid(pgrp); |
| 3054 | put_pid(rpgrp); |
| 3055 | |
| 3056 | tty->winsize = tmp_ws; |
| 3057 | real_tty->winsize = tmp_ws; |
| 3058 | done: |
| 3059 | mutex_unlock(&tty->termios_mutex); |
| 3060 | return 0; |
| 3061 | } |
| 3062 | |
| 3063 | /** |
| 3064 | * tioccons - allow admin to move logical console |
| 3065 | * @file: the file to become console |
| 3066 | * |
| 3067 | * Allow the adminstrator to move the redirected console device |
| 3068 | * |
| 3069 | * Locking: uses redirect_lock to guard the redirect information |
| 3070 | */ |
| 3071 | |
| 3072 | static int tioccons(struct file *file) |
| 3073 | { |
| 3074 | if (!capable(CAP_SYS_ADMIN)) |
| 3075 | return -EPERM; |
| 3076 | if (file->f_op->write == redirected_tty_write) { |
| 3077 | struct file *f; |
| 3078 | spin_lock(&redirect_lock); |
| 3079 | f = redirect; |
| 3080 | redirect = NULL; |
| 3081 | spin_unlock(&redirect_lock); |
| 3082 | if (f) |
| 3083 | fput(f); |
| 3084 | return 0; |
| 3085 | } |
| 3086 | spin_lock(&redirect_lock); |
| 3087 | if (redirect) { |
| 3088 | spin_unlock(&redirect_lock); |
| 3089 | return -EBUSY; |
| 3090 | } |
| 3091 | get_file(file); |
| 3092 | redirect = file; |
| 3093 | spin_unlock(&redirect_lock); |
| 3094 | return 0; |
| 3095 | } |
| 3096 | |
| 3097 | /** |
| 3098 | * fionbio - non blocking ioctl |
| 3099 | * @file: file to set blocking value |
| 3100 | * @p: user parameter |
| 3101 | * |
| 3102 | * Historical tty interfaces had a blocking control ioctl before |
| 3103 | * the generic functionality existed. This piece of history is preserved |
| 3104 | * in the expected tty API of posix OS's. |
| 3105 | * |
| 3106 | * Locking: none, the open fle handle ensures it won't go away. |
| 3107 | */ |
| 3108 | |
| 3109 | static int fionbio(struct file *file, int __user *p) |
| 3110 | { |
| 3111 | int nonblock; |
| 3112 | |
| 3113 | if (get_user(nonblock, p)) |
| 3114 | return -EFAULT; |
| 3115 | |
| 3116 | /* file->f_flags is still BKL protected in the fs layer - vomit */ |
| 3117 | lock_kernel(); |
| 3118 | if (nonblock) |
| 3119 | file->f_flags |= O_NONBLOCK; |
| 3120 | else |
| 3121 | file->f_flags &= ~O_NONBLOCK; |
| 3122 | unlock_kernel(); |
| 3123 | return 0; |
| 3124 | } |
| 3125 | |
| 3126 | /** |
| 3127 | * tiocsctty - set controlling tty |
| 3128 | * @tty: tty structure |
| 3129 | * @arg: user argument |
| 3130 | * |
| 3131 | * This ioctl is used to manage job control. It permits a session |
| 3132 | * leader to set this tty as the controlling tty for the session. |
| 3133 | * |
| 3134 | * Locking: |
| 3135 | * Takes tty_mutex() to protect tty instance |
| 3136 | * Takes tasklist_lock internally to walk sessions |
| 3137 | * Takes ->siglock() when updating signal->tty |
| 3138 | */ |
| 3139 | |
| 3140 | static int tiocsctty(struct tty_struct *tty, int arg) |
| 3141 | { |
| 3142 | int ret = 0; |
| 3143 | if (current->signal->leader && (task_session(current) == tty->session)) |
| 3144 | return ret; |
| 3145 | |
| 3146 | mutex_lock(&tty_mutex); |
| 3147 | /* |
| 3148 | * The process must be a session leader and |
| 3149 | * not have a controlling tty already. |
| 3150 | */ |
| 3151 | if (!current->signal->leader || current->signal->tty) { |
| 3152 | ret = -EPERM; |
| 3153 | goto unlock; |
| 3154 | } |
| 3155 | |
| 3156 | if (tty->session) { |
| 3157 | /* |
| 3158 | * This tty is already the controlling |
| 3159 | * tty for another session group! |
| 3160 | */ |
| 3161 | if (arg == 1 && capable(CAP_SYS_ADMIN)) { |
| 3162 | /* |
| 3163 | * Steal it away |
| 3164 | */ |
| 3165 | read_lock(&tasklist_lock); |
| 3166 | session_clear_tty(tty->session); |
| 3167 | read_unlock(&tasklist_lock); |
| 3168 | } else { |
| 3169 | ret = -EPERM; |
| 3170 | goto unlock; |
| 3171 | } |
| 3172 | } |
| 3173 | proc_set_tty(current, tty); |
| 3174 | unlock: |
| 3175 | mutex_unlock(&tty_mutex); |
| 3176 | return ret; |
| 3177 | } |
| 3178 | |
| 3179 | /** |
| 3180 | * tty_get_pgrp - return a ref counted pgrp pid |
| 3181 | * @tty: tty to read |
| 3182 | * |
| 3183 | * Returns a refcounted instance of the pid struct for the process |
| 3184 | * group controlling the tty. |
| 3185 | */ |
| 3186 | |
| 3187 | struct pid *tty_get_pgrp(struct tty_struct *tty) |
| 3188 | { |
| 3189 | unsigned long flags; |
| 3190 | struct pid *pgrp; |
| 3191 | |
| 3192 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 3193 | pgrp = get_pid(tty->pgrp); |
| 3194 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 3195 | |
| 3196 | return pgrp; |
| 3197 | } |
| 3198 | EXPORT_SYMBOL_GPL(tty_get_pgrp); |
| 3199 | |
| 3200 | /** |
| 3201 | * tiocgpgrp - get process group |
| 3202 | * @tty: tty passed by user |
| 3203 | * @real_tty: tty side of the tty pased by the user if a pty else the tty |
| 3204 | * @p: returned pid |
| 3205 | * |
| 3206 | * Obtain the process group of the tty. If there is no process group |
| 3207 | * return an error. |
| 3208 | * |
| 3209 | * Locking: none. Reference to current->signal->tty is safe. |
| 3210 | */ |
| 3211 | |
| 3212 | static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) |
| 3213 | { |
| 3214 | struct pid *pid; |
| 3215 | int ret; |
| 3216 | /* |
| 3217 | * (tty == real_tty) is a cheap way of |
| 3218 | * testing if the tty is NOT a master pty. |
| 3219 | */ |
| 3220 | if (tty == real_tty && current->signal->tty != real_tty) |
| 3221 | return -ENOTTY; |
| 3222 | pid = tty_get_pgrp(real_tty); |
| 3223 | ret = put_user(pid_vnr(pid), p); |
| 3224 | put_pid(pid); |
| 3225 | return ret; |
| 3226 | } |
| 3227 | |
| 3228 | /** |
| 3229 | * tiocspgrp - attempt to set process group |
| 3230 | * @tty: tty passed by user |
| 3231 | * @real_tty: tty side device matching tty passed by user |
| 3232 | * @p: pid pointer |
| 3233 | * |
| 3234 | * Set the process group of the tty to the session passed. Only |
| 3235 | * permitted where the tty session is our session. |
| 3236 | * |
| 3237 | * Locking: RCU, ctrl lock |
| 3238 | */ |
| 3239 | |
| 3240 | static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) |
| 3241 | { |
| 3242 | struct pid *pgrp; |
| 3243 | pid_t pgrp_nr; |
| 3244 | int retval = tty_check_change(real_tty); |
| 3245 | unsigned long flags; |
| 3246 | |
| 3247 | if (retval == -EIO) |
| 3248 | return -ENOTTY; |
| 3249 | if (retval) |
| 3250 | return retval; |
| 3251 | if (!current->signal->tty || |
| 3252 | (current->signal->tty != real_tty) || |
| 3253 | (real_tty->session != task_session(current))) |
| 3254 | return -ENOTTY; |
| 3255 | if (get_user(pgrp_nr, p)) |
| 3256 | return -EFAULT; |
| 3257 | if (pgrp_nr < 0) |
| 3258 | return -EINVAL; |
| 3259 | rcu_read_lock(); |
| 3260 | pgrp = find_vpid(pgrp_nr); |
| 3261 | retval = -ESRCH; |
| 3262 | if (!pgrp) |
| 3263 | goto out_unlock; |
| 3264 | retval = -EPERM; |
| 3265 | if (session_of_pgrp(pgrp) != task_session(current)) |
| 3266 | goto out_unlock; |
| 3267 | retval = 0; |
| 3268 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 3269 | put_pid(real_tty->pgrp); |
| 3270 | real_tty->pgrp = get_pid(pgrp); |
| 3271 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 3272 | out_unlock: |
| 3273 | rcu_read_unlock(); |
| 3274 | return retval; |
| 3275 | } |
| 3276 | |
| 3277 | /** |
| 3278 | * tiocgsid - get session id |
| 3279 | * @tty: tty passed by user |
| 3280 | * @real_tty: tty side of the tty pased by the user if a pty else the tty |
| 3281 | * @p: pointer to returned session id |
| 3282 | * |
| 3283 | * Obtain the session id of the tty. If there is no session |
| 3284 | * return an error. |
| 3285 | * |
| 3286 | * Locking: none. Reference to current->signal->tty is safe. |
| 3287 | */ |
| 3288 | |
| 3289 | static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) |
| 3290 | { |
| 3291 | /* |
| 3292 | * (tty == real_tty) is a cheap way of |
| 3293 | * testing if the tty is NOT a master pty. |
| 3294 | */ |
| 3295 | if (tty == real_tty && current->signal->tty != real_tty) |
| 3296 | return -ENOTTY; |
| 3297 | if (!real_tty->session) |
| 3298 | return -ENOTTY; |
| 3299 | return put_user(pid_vnr(real_tty->session), p); |
| 3300 | } |
| 3301 | |
| 3302 | /** |
| 3303 | * tiocsetd - set line discipline |
| 3304 | * @tty: tty device |
| 3305 | * @p: pointer to user data |
| 3306 | * |
| 3307 | * Set the line discipline according to user request. |
| 3308 | * |
| 3309 | * Locking: see tty_set_ldisc, this function is just a helper |
| 3310 | */ |
| 3311 | |
| 3312 | static int tiocsetd(struct tty_struct *tty, int __user *p) |
| 3313 | { |
| 3314 | int ldisc; |
| 3315 | int ret; |
| 3316 | |
| 3317 | if (get_user(ldisc, p)) |
| 3318 | return -EFAULT; |
| 3319 | |
| 3320 | lock_kernel(); |
| 3321 | ret = tty_set_ldisc(tty, ldisc); |
| 3322 | unlock_kernel(); |
| 3323 | |
| 3324 | return ret; |
| 3325 | } |
| 3326 | |
| 3327 | /** |
| 3328 | * send_break - performed time break |
| 3329 | * @tty: device to break on |
| 3330 | * @duration: timeout in mS |
| 3331 | * |
| 3332 | * Perform a timed break on hardware that lacks its own driver level |
| 3333 | * timed break functionality. |
| 3334 | * |
| 3335 | * Locking: |
| 3336 | * atomic_write_lock serializes |
| 3337 | * |
| 3338 | */ |
| 3339 | |
| 3340 | static int send_break(struct tty_struct *tty, unsigned int duration) |
| 3341 | { |
| 3342 | if (tty_write_lock(tty, 0) < 0) |
| 3343 | return -EINTR; |
| 3344 | tty->ops->break_ctl(tty, -1); |
| 3345 | if (!signal_pending(current)) |
| 3346 | msleep_interruptible(duration); |
| 3347 | tty->ops->break_ctl(tty, 0); |
| 3348 | tty_write_unlock(tty); |
| 3349 | if (!signal_pending(current)) |
| 3350 | return -EINTR; |
| 3351 | return 0; |
| 3352 | } |
| 3353 | |
| 3354 | /** |
| 3355 | * tty_tiocmget - get modem status |
| 3356 | * @tty: tty device |
| 3357 | * @file: user file pointer |
| 3358 | * @p: pointer to result |
| 3359 | * |
| 3360 | * Obtain the modem status bits from the tty driver if the feature |
| 3361 | * is supported. Return -EINVAL if it is not available. |
| 3362 | * |
| 3363 | * Locking: none (up to the driver) |
| 3364 | */ |
| 3365 | |
| 3366 | static int tty_tiocmget(struct tty_struct *tty, struct file *file, int __user *p) |
| 3367 | { |
| 3368 | int retval = -EINVAL; |
| 3369 | |
| 3370 | if (tty->ops->tiocmget) { |
| 3371 | retval = tty->ops->tiocmget(tty, file); |
| 3372 | |
| 3373 | if (retval >= 0) |
| 3374 | retval = put_user(retval, p); |
| 3375 | } |
| 3376 | return retval; |
| 3377 | } |
| 3378 | |
| 3379 | /** |
| 3380 | * tty_tiocmset - set modem status |
| 3381 | * @tty: tty device |
| 3382 | * @file: user file pointer |
| 3383 | * @cmd: command - clear bits, set bits or set all |
| 3384 | * @p: pointer to desired bits |
| 3385 | * |
| 3386 | * Set the modem status bits from the tty driver if the feature |
| 3387 | * is supported. Return -EINVAL if it is not available. |
| 3388 | * |
| 3389 | * Locking: none (up to the driver) |
| 3390 | */ |
| 3391 | |
| 3392 | static int tty_tiocmset(struct tty_struct *tty, struct file *file, unsigned int cmd, |
| 3393 | unsigned __user *p) |
| 3394 | { |
| 3395 | int retval = -EINVAL; |
| 3396 | |
| 3397 | if (tty->ops->tiocmset) { |
| 3398 | unsigned int set, clear, val; |
| 3399 | |
| 3400 | retval = get_user(val, p); |
| 3401 | if (retval) |
| 3402 | return retval; |
| 3403 | |
| 3404 | set = clear = 0; |
| 3405 | switch (cmd) { |
| 3406 | case TIOCMBIS: |
| 3407 | set = val; |
| 3408 | break; |
| 3409 | case TIOCMBIC: |
| 3410 | clear = val; |
| 3411 | break; |
| 3412 | case TIOCMSET: |
| 3413 | set = val; |
| 3414 | clear = ~val; |
| 3415 | break; |
| 3416 | } |
| 3417 | |
| 3418 | set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; |
| 3419 | clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; |
| 3420 | |
| 3421 | retval = tty->ops->tiocmset(tty, file, set, clear); |
| 3422 | } |
| 3423 | return retval; |
| 3424 | } |
| 3425 | |
| 3426 | /* |
| 3427 | * Split this up, as gcc can choke on it otherwise.. |
| 3428 | */ |
| 3429 | long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) |
| 3430 | { |
| 3431 | struct tty_struct *tty, *real_tty; |
| 3432 | void __user *p = (void __user *)arg; |
| 3433 | int retval; |
| 3434 | struct tty_ldisc *ld; |
| 3435 | struct inode *inode = file->f_dentry->d_inode; |
| 3436 | |
| 3437 | tty = (struct tty_struct *)file->private_data; |
| 3438 | if (tty_paranoia_check(tty, inode, "tty_ioctl")) |
| 3439 | return -EINVAL; |
| 3440 | |
| 3441 | real_tty = tty; |
| 3442 | if (tty->driver->type == TTY_DRIVER_TYPE_PTY && |
| 3443 | tty->driver->subtype == PTY_TYPE_MASTER) |
| 3444 | real_tty = tty->link; |
| 3445 | |
| 3446 | /* |
| 3447 | * Break handling by driver |
| 3448 | */ |
| 3449 | |
| 3450 | retval = -EINVAL; |
| 3451 | |
| 3452 | if (!tty->ops->break_ctl) { |
| 3453 | switch (cmd) { |
| 3454 | case TIOCSBRK: |
| 3455 | case TIOCCBRK: |
| 3456 | if (tty->ops->ioctl) |
| 3457 | retval = tty->ops->ioctl(tty, file, cmd, arg); |
| 3458 | if (retval != -EINVAL && retval != -ENOIOCTLCMD) |
| 3459 | printk(KERN_WARNING "tty: driver %s needs updating to use break_ctl\n", tty->driver->name); |
| 3460 | return retval; |
| 3461 | |
| 3462 | /* These two ioctl's always return success; even if */ |
| 3463 | /* the driver doesn't support them. */ |
| 3464 | case TCSBRK: |
| 3465 | case TCSBRKP: |
| 3466 | if (!tty->ops->ioctl) |
| 3467 | return 0; |
| 3468 | retval = tty->ops->ioctl(tty, file, cmd, arg); |
| 3469 | if (retval != -EINVAL && retval != -ENOIOCTLCMD) |
| 3470 | printk(KERN_WARNING "tty: driver %s needs updating to use break_ctl\n", tty->driver->name); |
| 3471 | if (retval == -ENOIOCTLCMD) |
| 3472 | retval = 0; |
| 3473 | return retval; |
| 3474 | } |
| 3475 | } |
| 3476 | |
| 3477 | /* |
| 3478 | * Factor out some common prep work |
| 3479 | */ |
| 3480 | switch (cmd) { |
| 3481 | case TIOCSETD: |
| 3482 | case TIOCSBRK: |
| 3483 | case TIOCCBRK: |
| 3484 | case TCSBRK: |
| 3485 | case TCSBRKP: |
| 3486 | retval = tty_check_change(tty); |
| 3487 | if (retval) |
| 3488 | return retval; |
| 3489 | if (cmd != TIOCCBRK) { |
| 3490 | tty_wait_until_sent(tty, 0); |
| 3491 | if (signal_pending(current)) |
| 3492 | return -EINTR; |
| 3493 | } |
| 3494 | break; |
| 3495 | } |
| 3496 | |
| 3497 | switch (cmd) { |
| 3498 | case TIOCSTI: |
| 3499 | return tiocsti(tty, p); |
| 3500 | case TIOCGWINSZ: |
| 3501 | return tiocgwinsz(tty, p); |
| 3502 | case TIOCSWINSZ: |
| 3503 | return tiocswinsz(tty, real_tty, p); |
| 3504 | case TIOCCONS: |
| 3505 | return real_tty != tty ? -EINVAL : tioccons(file); |
| 3506 | case FIONBIO: |
| 3507 | return fionbio(file, p); |
| 3508 | case TIOCEXCL: |
| 3509 | set_bit(TTY_EXCLUSIVE, &tty->flags); |
| 3510 | return 0; |
| 3511 | case TIOCNXCL: |
| 3512 | clear_bit(TTY_EXCLUSIVE, &tty->flags); |
| 3513 | return 0; |
| 3514 | case TIOCNOTTY: |
| 3515 | if (current->signal->tty != tty) |
| 3516 | return -ENOTTY; |
| 3517 | no_tty(); |
| 3518 | return 0; |
| 3519 | case TIOCSCTTY: |
| 3520 | return tiocsctty(tty, arg); |
| 3521 | case TIOCGPGRP: |
| 3522 | return tiocgpgrp(tty, real_tty, p); |
| 3523 | case TIOCSPGRP: |
| 3524 | return tiocspgrp(tty, real_tty, p); |
| 3525 | case TIOCGSID: |
| 3526 | return tiocgsid(tty, real_tty, p); |
| 3527 | case TIOCGETD: |
| 3528 | return put_user(tty->ldisc.num, (int __user *)p); |
| 3529 | case TIOCSETD: |
| 3530 | return tiocsetd(tty, p); |
| 3531 | #ifdef CONFIG_VT |
| 3532 | case TIOCLINUX: |
| 3533 | return tioclinux(tty, arg); |
| 3534 | #endif |
| 3535 | /* |
| 3536 | * Break handling |
| 3537 | */ |
| 3538 | case TIOCSBRK: /* Turn break on, unconditionally */ |
| 3539 | if (tty->ops->break_ctl) |
| 3540 | tty->ops->break_ctl(tty, -1); |
| 3541 | return 0; |
| 3542 | |
| 3543 | case TIOCCBRK: /* Turn break off, unconditionally */ |
| 3544 | if (tty->ops->break_ctl) |
| 3545 | tty->ops->break_ctl(tty, 0); |
| 3546 | return 0; |
| 3547 | case TCSBRK: /* SVID version: non-zero arg --> no break */ |
| 3548 | /* non-zero arg means wait for all output data |
| 3549 | * to be sent (performed above) but don't send break. |
| 3550 | * This is used by the tcdrain() termios function. |
| 3551 | */ |
| 3552 | if (!arg) |
| 3553 | return send_break(tty, 250); |
| 3554 | return 0; |
| 3555 | case TCSBRKP: /* support for POSIX tcsendbreak() */ |
| 3556 | return send_break(tty, arg ? arg*100 : 250); |
| 3557 | |
| 3558 | case TIOCMGET: |
| 3559 | return tty_tiocmget(tty, file, p); |
| 3560 | case TIOCMSET: |
| 3561 | case TIOCMBIC: |
| 3562 | case TIOCMBIS: |
| 3563 | return tty_tiocmset(tty, file, cmd, p); |
| 3564 | case TCFLSH: |
| 3565 | switch (arg) { |
| 3566 | case TCIFLUSH: |
| 3567 | case TCIOFLUSH: |
| 3568 | /* flush tty buffer and allow ldisc to process ioctl */ |
| 3569 | tty_buffer_flush(tty); |
| 3570 | break; |
| 3571 | } |
| 3572 | break; |
| 3573 | } |
| 3574 | if (tty->ops->ioctl) { |
| 3575 | retval = (tty->ops->ioctl)(tty, file, cmd, arg); |
| 3576 | if (retval != -ENOIOCTLCMD) |
| 3577 | return retval; |
| 3578 | } |
| 3579 | ld = tty_ldisc_ref_wait(tty); |
| 3580 | retval = -EINVAL; |
| 3581 | if (ld->ioctl) { |
| 3582 | retval = ld->ioctl(tty, file, cmd, arg); |
| 3583 | if (retval == -ENOIOCTLCMD) |
| 3584 | retval = -EINVAL; |
| 3585 | } |
| 3586 | tty_ldisc_deref(ld); |
| 3587 | return retval; |
| 3588 | } |
| 3589 | |
| 3590 | #ifdef CONFIG_COMPAT |
| 3591 | static long tty_compat_ioctl(struct file *file, unsigned int cmd, |
| 3592 | unsigned long arg) |
| 3593 | { |
| 3594 | struct inode *inode = file->f_dentry->d_inode; |
| 3595 | struct tty_struct *tty = file->private_data; |
| 3596 | struct tty_ldisc *ld; |
| 3597 | int retval = -ENOIOCTLCMD; |
| 3598 | |
| 3599 | if (tty_paranoia_check(tty, inode, "tty_ioctl")) |
| 3600 | return -EINVAL; |
| 3601 | |
| 3602 | if (tty->ops->compat_ioctl) { |
| 3603 | retval = (tty->ops->compat_ioctl)(tty, file, cmd, arg); |
| 3604 | if (retval != -ENOIOCTLCMD) |
| 3605 | return retval; |
| 3606 | } |
| 3607 | |
| 3608 | ld = tty_ldisc_ref_wait(tty); |
| 3609 | if (ld->compat_ioctl) |
| 3610 | retval = ld->compat_ioctl(tty, file, cmd, arg); |
| 3611 | tty_ldisc_deref(ld); |
| 3612 | |
| 3613 | return retval; |
| 3614 | } |
| 3615 | #endif |
| 3616 | |
| 3617 | /* |
| 3618 | * This implements the "Secure Attention Key" --- the idea is to |
| 3619 | * prevent trojan horses by killing all processes associated with this |
| 3620 | * tty when the user hits the "Secure Attention Key". Required for |
| 3621 | * super-paranoid applications --- see the Orange Book for more details. |
| 3622 | * |
| 3623 | * This code could be nicer; ideally it should send a HUP, wait a few |
| 3624 | * seconds, then send a INT, and then a KILL signal. But you then |
| 3625 | * have to coordinate with the init process, since all processes associated |
| 3626 | * with the current tty must be dead before the new getty is allowed |
| 3627 | * to spawn. |
| 3628 | * |
| 3629 | * Now, if it would be correct ;-/ The current code has a nasty hole - |
| 3630 | * it doesn't catch files in flight. We may send the descriptor to ourselves |
| 3631 | * via AF_UNIX socket, close it and later fetch from socket. FIXME. |
| 3632 | * |
| 3633 | * Nasty bug: do_SAK is being called in interrupt context. This can |
| 3634 | * deadlock. We punt it up to process context. AKPM - 16Mar2001 |
| 3635 | */ |
| 3636 | void __do_SAK(struct tty_struct *tty) |
| 3637 | { |
| 3638 | #ifdef TTY_SOFT_SAK |
| 3639 | tty_hangup(tty); |
| 3640 | #else |
| 3641 | struct task_struct *g, *p; |
| 3642 | struct pid *session; |
| 3643 | int i; |
| 3644 | struct file *filp; |
| 3645 | struct fdtable *fdt; |
| 3646 | |
| 3647 | if (!tty) |
| 3648 | return; |
| 3649 | session = tty->session; |
| 3650 | |
| 3651 | tty_ldisc_flush(tty); |
| 3652 | |
| 3653 | tty_driver_flush_buffer(tty); |
| 3654 | |
| 3655 | read_lock(&tasklist_lock); |
| 3656 | /* Kill the entire session */ |
| 3657 | do_each_pid_task(session, PIDTYPE_SID, p) { |
| 3658 | printk(KERN_NOTICE "SAK: killed process %d" |
| 3659 | " (%s): task_session_nr(p)==tty->session\n", |
| 3660 | task_pid_nr(p), p->comm); |
| 3661 | send_sig(SIGKILL, p, 1); |
| 3662 | } while_each_pid_task(session, PIDTYPE_SID, p); |
| 3663 | /* Now kill any processes that happen to have the |
| 3664 | * tty open. |
| 3665 | */ |
| 3666 | do_each_thread(g, p) { |
| 3667 | if (p->signal->tty == tty) { |
| 3668 | printk(KERN_NOTICE "SAK: killed process %d" |
| 3669 | " (%s): task_session_nr(p)==tty->session\n", |
| 3670 | task_pid_nr(p), p->comm); |
| 3671 | send_sig(SIGKILL, p, 1); |
| 3672 | continue; |
| 3673 | } |
| 3674 | task_lock(p); |
| 3675 | if (p->files) { |
| 3676 | /* |
| 3677 | * We don't take a ref to the file, so we must |
| 3678 | * hold ->file_lock instead. |
| 3679 | */ |
| 3680 | spin_lock(&p->files->file_lock); |
| 3681 | fdt = files_fdtable(p->files); |
| 3682 | for (i = 0; i < fdt->max_fds; i++) { |
| 3683 | filp = fcheck_files(p->files, i); |
| 3684 | if (!filp) |
| 3685 | continue; |
| 3686 | if (filp->f_op->read == tty_read && |
| 3687 | filp->private_data == tty) { |
| 3688 | printk(KERN_NOTICE "SAK: killed process %d" |
| 3689 | " (%s): fd#%d opened to the tty\n", |
| 3690 | task_pid_nr(p), p->comm, i); |
| 3691 | force_sig(SIGKILL, p); |
| 3692 | break; |
| 3693 | } |
| 3694 | } |
| 3695 | spin_unlock(&p->files->file_lock); |
| 3696 | } |
| 3697 | task_unlock(p); |
| 3698 | } while_each_thread(g, p); |
| 3699 | read_unlock(&tasklist_lock); |
| 3700 | #endif |
| 3701 | } |
| 3702 | |
| 3703 | static void do_SAK_work(struct work_struct *work) |
| 3704 | { |
| 3705 | struct tty_struct *tty = |
| 3706 | container_of(work, struct tty_struct, SAK_work); |
| 3707 | __do_SAK(tty); |
| 3708 | } |
| 3709 | |
| 3710 | /* |
| 3711 | * The tq handling here is a little racy - tty->SAK_work may already be queued. |
| 3712 | * Fortunately we don't need to worry, because if ->SAK_work is already queued, |
| 3713 | * the values which we write to it will be identical to the values which it |
| 3714 | * already has. --akpm |
| 3715 | */ |
| 3716 | void do_SAK(struct tty_struct *tty) |
| 3717 | { |
| 3718 | if (!tty) |
| 3719 | return; |
| 3720 | schedule_work(&tty->SAK_work); |
| 3721 | } |
| 3722 | |
| 3723 | EXPORT_SYMBOL(do_SAK); |
| 3724 | |
| 3725 | /** |
| 3726 | * flush_to_ldisc |
| 3727 | * @work: tty structure passed from work queue. |
| 3728 | * |
| 3729 | * This routine is called out of the software interrupt to flush data |
| 3730 | * from the buffer chain to the line discipline. |
| 3731 | * |
| 3732 | * Locking: holds tty->buf.lock to guard buffer list. Drops the lock |
| 3733 | * while invoking the line discipline receive_buf method. The |
| 3734 | * receive_buf method is single threaded for each tty instance. |
| 3735 | */ |
| 3736 | |
| 3737 | static void flush_to_ldisc(struct work_struct *work) |
| 3738 | { |
| 3739 | struct tty_struct *tty = |
| 3740 | container_of(work, struct tty_struct, buf.work.work); |
| 3741 | unsigned long flags; |
| 3742 | struct tty_ldisc *disc; |
| 3743 | struct tty_buffer *tbuf, *head; |
| 3744 | char *char_buf; |
| 3745 | unsigned char *flag_buf; |
| 3746 | |
| 3747 | disc = tty_ldisc_ref(tty); |
| 3748 | if (disc == NULL) /* !TTY_LDISC */ |
| 3749 | return; |
| 3750 | |
| 3751 | spin_lock_irqsave(&tty->buf.lock, flags); |
| 3752 | /* So we know a flush is running */ |
| 3753 | set_bit(TTY_FLUSHING, &tty->flags); |
| 3754 | head = tty->buf.head; |
| 3755 | if (head != NULL) { |
| 3756 | tty->buf.head = NULL; |
| 3757 | for (;;) { |
| 3758 | int count = head->commit - head->read; |
| 3759 | if (!count) { |
| 3760 | if (head->next == NULL) |
| 3761 | break; |
| 3762 | tbuf = head; |
| 3763 | head = head->next; |
| 3764 | tty_buffer_free(tty, tbuf); |
| 3765 | continue; |
| 3766 | } |
| 3767 | /* Ldisc or user is trying to flush the buffers |
| 3768 | we are feeding to the ldisc, stop feeding the |
| 3769 | line discipline as we want to empty the queue */ |
| 3770 | if (test_bit(TTY_FLUSHPENDING, &tty->flags)) |
| 3771 | break; |
| 3772 | if (!tty->receive_room) { |
| 3773 | schedule_delayed_work(&tty->buf.work, 1); |
| 3774 | break; |
| 3775 | } |
| 3776 | if (count > tty->receive_room) |
| 3777 | count = tty->receive_room; |
| 3778 | char_buf = head->char_buf_ptr + head->read; |
| 3779 | flag_buf = head->flag_buf_ptr + head->read; |
| 3780 | head->read += count; |
| 3781 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 3782 | disc->receive_buf(tty, char_buf, flag_buf, count); |
| 3783 | spin_lock_irqsave(&tty->buf.lock, flags); |
| 3784 | } |
| 3785 | /* Restore the queue head */ |
| 3786 | tty->buf.head = head; |
| 3787 | } |
| 3788 | /* We may have a deferred request to flush the input buffer, |
| 3789 | if so pull the chain under the lock and empty the queue */ |
| 3790 | if (test_bit(TTY_FLUSHPENDING, &tty->flags)) { |
| 3791 | __tty_buffer_flush(tty); |
| 3792 | clear_bit(TTY_FLUSHPENDING, &tty->flags); |
| 3793 | wake_up(&tty->read_wait); |
| 3794 | } |
| 3795 | clear_bit(TTY_FLUSHING, &tty->flags); |
| 3796 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 3797 | |
| 3798 | tty_ldisc_deref(disc); |
| 3799 | } |
| 3800 | |
| 3801 | /** |
| 3802 | * tty_flip_buffer_push - terminal |
| 3803 | * @tty: tty to push |
| 3804 | * |
| 3805 | * Queue a push of the terminal flip buffers to the line discipline. This |
| 3806 | * function must not be called from IRQ context if tty->low_latency is set. |
| 3807 | * |
| 3808 | * In the event of the queue being busy for flipping the work will be |
| 3809 | * held off and retried later. |
| 3810 | * |
| 3811 | * Locking: tty buffer lock. Driver locks in low latency mode. |
| 3812 | */ |
| 3813 | |
| 3814 | void tty_flip_buffer_push(struct tty_struct *tty) |
| 3815 | { |
| 3816 | unsigned long flags; |
| 3817 | spin_lock_irqsave(&tty->buf.lock, flags); |
| 3818 | if (tty->buf.tail != NULL) |
| 3819 | tty->buf.tail->commit = tty->buf.tail->used; |
| 3820 | spin_unlock_irqrestore(&tty->buf.lock, flags); |
| 3821 | |
| 3822 | if (tty->low_latency) |
| 3823 | flush_to_ldisc(&tty->buf.work.work); |
| 3824 | else |
| 3825 | schedule_delayed_work(&tty->buf.work, 1); |
| 3826 | } |
| 3827 | |
| 3828 | EXPORT_SYMBOL(tty_flip_buffer_push); |
| 3829 | |
| 3830 | |
| 3831 | /** |
| 3832 | * initialize_tty_struct |
| 3833 | * @tty: tty to initialize |
| 3834 | * |
| 3835 | * This subroutine initializes a tty structure that has been newly |
| 3836 | * allocated. |
| 3837 | * |
| 3838 | * Locking: none - tty in question must not be exposed at this point |
| 3839 | */ |
| 3840 | |
| 3841 | static void initialize_tty_struct(struct tty_struct *tty) |
| 3842 | { |
| 3843 | memset(tty, 0, sizeof(struct tty_struct)); |
| 3844 | tty->magic = TTY_MAGIC; |
| 3845 | tty_ldisc_assign(tty, tty_ldisc_get(N_TTY)); |
| 3846 | tty->session = NULL; |
| 3847 | tty->pgrp = NULL; |
| 3848 | tty->overrun_time = jiffies; |
| 3849 | tty->buf.head = tty->buf.tail = NULL; |
| 3850 | tty_buffer_init(tty); |
| 3851 | INIT_DELAYED_WORK(&tty->buf.work, flush_to_ldisc); |
| 3852 | mutex_init(&tty->termios_mutex); |
| 3853 | init_waitqueue_head(&tty->write_wait); |
| 3854 | init_waitqueue_head(&tty->read_wait); |
| 3855 | INIT_WORK(&tty->hangup_work, do_tty_hangup); |
| 3856 | mutex_init(&tty->atomic_read_lock); |
| 3857 | mutex_init(&tty->atomic_write_lock); |
| 3858 | spin_lock_init(&tty->read_lock); |
| 3859 | spin_lock_init(&tty->ctrl_lock); |
| 3860 | INIT_LIST_HEAD(&tty->tty_files); |
| 3861 | INIT_WORK(&tty->SAK_work, do_SAK_work); |
| 3862 | } |
| 3863 | |
| 3864 | /** |
| 3865 | * tty_put_char - write one character to a tty |
| 3866 | * @tty: tty |
| 3867 | * @ch: character |
| 3868 | * |
| 3869 | * Write one byte to the tty using the provided put_char method |
| 3870 | * if present. Returns the number of characters successfully output. |
| 3871 | * |
| 3872 | * Note: the specific put_char operation in the driver layer may go |
| 3873 | * away soon. Don't call it directly, use this method |
| 3874 | */ |
| 3875 | |
| 3876 | int tty_put_char(struct tty_struct *tty, unsigned char ch) |
| 3877 | { |
| 3878 | if (tty->ops->put_char) |
| 3879 | return tty->ops->put_char(tty, ch); |
| 3880 | return tty->ops->write(tty, &ch, 1); |
| 3881 | } |
| 3882 | |
| 3883 | EXPORT_SYMBOL_GPL(tty_put_char); |
| 3884 | |
| 3885 | static struct class *tty_class; |
| 3886 | |
| 3887 | /** |
| 3888 | * tty_register_device - register a tty device |
| 3889 | * @driver: the tty driver that describes the tty device |
| 3890 | * @index: the index in the tty driver for this tty device |
| 3891 | * @device: a struct device that is associated with this tty device. |
| 3892 | * This field is optional, if there is no known struct device |
| 3893 | * for this tty device it can be set to NULL safely. |
| 3894 | * |
| 3895 | * Returns a pointer to the struct device for this tty device |
| 3896 | * (or ERR_PTR(-EFOO) on error). |
| 3897 | * |
| 3898 | * This call is required to be made to register an individual tty device |
| 3899 | * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If |
| 3900 | * that bit is not set, this function should not be called by a tty |
| 3901 | * driver. |
| 3902 | * |
| 3903 | * Locking: ?? |
| 3904 | */ |
| 3905 | |
| 3906 | struct device *tty_register_device(struct tty_driver *driver, unsigned index, |
| 3907 | struct device *device) |
| 3908 | { |
| 3909 | char name[64]; |
| 3910 | dev_t dev = MKDEV(driver->major, driver->minor_start) + index; |
| 3911 | |
| 3912 | if (index >= driver->num) { |
| 3913 | printk(KERN_ERR "Attempt to register invalid tty line number " |
| 3914 | " (%d).\n", index); |
| 3915 | return ERR_PTR(-EINVAL); |
| 3916 | } |
| 3917 | |
| 3918 | if (driver->type == TTY_DRIVER_TYPE_PTY) |
| 3919 | pty_line_name(driver, index, name); |
| 3920 | else |
| 3921 | tty_line_name(driver, index, name); |
| 3922 | |
| 3923 | return device_create(tty_class, device, dev, name); |
| 3924 | } |
| 3925 | |
| 3926 | /** |
| 3927 | * tty_unregister_device - unregister a tty device |
| 3928 | * @driver: the tty driver that describes the tty device |
| 3929 | * @index: the index in the tty driver for this tty device |
| 3930 | * |
| 3931 | * If a tty device is registered with a call to tty_register_device() then |
| 3932 | * this function must be called when the tty device is gone. |
| 3933 | * |
| 3934 | * Locking: ?? |
| 3935 | */ |
| 3936 | |
| 3937 | void tty_unregister_device(struct tty_driver *driver, unsigned index) |
| 3938 | { |
| 3939 | device_destroy(tty_class, |
| 3940 | MKDEV(driver->major, driver->minor_start) + index); |
| 3941 | } |
| 3942 | |
| 3943 | EXPORT_SYMBOL(tty_register_device); |
| 3944 | EXPORT_SYMBOL(tty_unregister_device); |
| 3945 | |
| 3946 | struct tty_driver *alloc_tty_driver(int lines) |
| 3947 | { |
| 3948 | struct tty_driver *driver; |
| 3949 | |
| 3950 | driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL); |
| 3951 | if (driver) { |
| 3952 | driver->magic = TTY_DRIVER_MAGIC; |
| 3953 | driver->num = lines; |
| 3954 | /* later we'll move allocation of tables here */ |
| 3955 | } |
| 3956 | return driver; |
| 3957 | } |
| 3958 | |
| 3959 | void put_tty_driver(struct tty_driver *driver) |
| 3960 | { |
| 3961 | kfree(driver); |
| 3962 | } |
| 3963 | |
| 3964 | void tty_set_operations(struct tty_driver *driver, |
| 3965 | const struct tty_operations *op) |
| 3966 | { |
| 3967 | driver->ops = op; |
| 3968 | }; |
| 3969 | |
| 3970 | EXPORT_SYMBOL(alloc_tty_driver); |
| 3971 | EXPORT_SYMBOL(put_tty_driver); |
| 3972 | EXPORT_SYMBOL(tty_set_operations); |
| 3973 | |
| 3974 | /* |
| 3975 | * Called by a tty driver to register itself. |
| 3976 | */ |
| 3977 | int tty_register_driver(struct tty_driver *driver) |
| 3978 | { |
| 3979 | int error; |
| 3980 | int i; |
| 3981 | dev_t dev; |
| 3982 | void **p = NULL; |
| 3983 | |
| 3984 | if (driver->flags & TTY_DRIVER_INSTALLED) |
| 3985 | return 0; |
| 3986 | |
| 3987 | if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { |
| 3988 | p = kzalloc(driver->num * 3 * sizeof(void *), GFP_KERNEL); |
| 3989 | if (!p) |
| 3990 | return -ENOMEM; |
| 3991 | } |
| 3992 | |
| 3993 | if (!driver->major) { |
| 3994 | error = alloc_chrdev_region(&dev, driver->minor_start, |
| 3995 | driver->num, driver->name); |
| 3996 | if (!error) { |
| 3997 | driver->major = MAJOR(dev); |
| 3998 | driver->minor_start = MINOR(dev); |
| 3999 | } |
| 4000 | } else { |
| 4001 | dev = MKDEV(driver->major, driver->minor_start); |
| 4002 | error = register_chrdev_region(dev, driver->num, driver->name); |
| 4003 | } |
| 4004 | if (error < 0) { |
| 4005 | kfree(p); |
| 4006 | return error; |
| 4007 | } |
| 4008 | |
| 4009 | if (p) { |
| 4010 | driver->ttys = (struct tty_struct **)p; |
| 4011 | driver->termios = (struct ktermios **)(p + driver->num); |
| 4012 | driver->termios_locked = (struct ktermios **) |
| 4013 | (p + driver->num * 2); |
| 4014 | } else { |
| 4015 | driver->ttys = NULL; |
| 4016 | driver->termios = NULL; |
| 4017 | driver->termios_locked = NULL; |
| 4018 | } |
| 4019 | |
| 4020 | cdev_init(&driver->cdev, &tty_fops); |
| 4021 | driver->cdev.owner = driver->owner; |
| 4022 | error = cdev_add(&driver->cdev, dev, driver->num); |
| 4023 | if (error) { |
| 4024 | unregister_chrdev_region(dev, driver->num); |
| 4025 | driver->ttys = NULL; |
| 4026 | driver->termios = driver->termios_locked = NULL; |
| 4027 | kfree(p); |
| 4028 | return error; |
| 4029 | } |
| 4030 | |
| 4031 | mutex_lock(&tty_mutex); |
| 4032 | list_add(&driver->tty_drivers, &tty_drivers); |
| 4033 | mutex_unlock(&tty_mutex); |
| 4034 | |
| 4035 | if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { |
| 4036 | for (i = 0; i < driver->num; i++) |
| 4037 | tty_register_device(driver, i, NULL); |
| 4038 | } |
| 4039 | proc_tty_register_driver(driver); |
| 4040 | return 0; |
| 4041 | } |
| 4042 | |
| 4043 | EXPORT_SYMBOL(tty_register_driver); |
| 4044 | |
| 4045 | /* |
| 4046 | * Called by a tty driver to unregister itself. |
| 4047 | */ |
| 4048 | int tty_unregister_driver(struct tty_driver *driver) |
| 4049 | { |
| 4050 | int i; |
| 4051 | struct ktermios *tp; |
| 4052 | void *p; |
| 4053 | |
| 4054 | if (driver->refcount) |
| 4055 | return -EBUSY; |
| 4056 | |
| 4057 | unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), |
| 4058 | driver->num); |
| 4059 | mutex_lock(&tty_mutex); |
| 4060 | list_del(&driver->tty_drivers); |
| 4061 | mutex_unlock(&tty_mutex); |
| 4062 | |
| 4063 | /* |
| 4064 | * Free the termios and termios_locked structures because |
| 4065 | * we don't want to get memory leaks when modular tty |
| 4066 | * drivers are removed from the kernel. |
| 4067 | */ |
| 4068 | for (i = 0; i < driver->num; i++) { |
| 4069 | tp = driver->termios[i]; |
| 4070 | if (tp) { |
| 4071 | driver->termios[i] = NULL; |
| 4072 | kfree(tp); |
| 4073 | } |
| 4074 | tp = driver->termios_locked[i]; |
| 4075 | if (tp) { |
| 4076 | driver->termios_locked[i] = NULL; |
| 4077 | kfree(tp); |
| 4078 | } |
| 4079 | if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) |
| 4080 | tty_unregister_device(driver, i); |
| 4081 | } |
| 4082 | p = driver->ttys; |
| 4083 | proc_tty_unregister_driver(driver); |
| 4084 | driver->ttys = NULL; |
| 4085 | driver->termios = driver->termios_locked = NULL; |
| 4086 | kfree(p); |
| 4087 | cdev_del(&driver->cdev); |
| 4088 | return 0; |
| 4089 | } |
| 4090 | EXPORT_SYMBOL(tty_unregister_driver); |
| 4091 | |
| 4092 | dev_t tty_devnum(struct tty_struct *tty) |
| 4093 | { |
| 4094 | return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; |
| 4095 | } |
| 4096 | EXPORT_SYMBOL(tty_devnum); |
| 4097 | |
| 4098 | void proc_clear_tty(struct task_struct *p) |
| 4099 | { |
| 4100 | spin_lock_irq(&p->sighand->siglock); |
| 4101 | p->signal->tty = NULL; |
| 4102 | spin_unlock_irq(&p->sighand->siglock); |
| 4103 | } |
| 4104 | EXPORT_SYMBOL(proc_clear_tty); |
| 4105 | |
| 4106 | /* Called under the sighand lock */ |
| 4107 | |
| 4108 | static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) |
| 4109 | { |
| 4110 | if (tty) { |
| 4111 | unsigned long flags; |
| 4112 | /* We should not have a session or pgrp to put here but.... */ |
| 4113 | spin_lock_irqsave(&tty->ctrl_lock, flags); |
| 4114 | put_pid(tty->session); |
| 4115 | put_pid(tty->pgrp); |
| 4116 | tty->pgrp = get_pid(task_pgrp(tsk)); |
| 4117 | spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
| 4118 | tty->session = get_pid(task_session(tsk)); |
| 4119 | } |
| 4120 | put_pid(tsk->signal->tty_old_pgrp); |
| 4121 | tsk->signal->tty = tty; |
| 4122 | tsk->signal->tty_old_pgrp = NULL; |
| 4123 | } |
| 4124 | |
| 4125 | static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) |
| 4126 | { |
| 4127 | spin_lock_irq(&tsk->sighand->siglock); |
| 4128 | __proc_set_tty(tsk, tty); |
| 4129 | spin_unlock_irq(&tsk->sighand->siglock); |
| 4130 | } |
| 4131 | |
| 4132 | struct tty_struct *get_current_tty(void) |
| 4133 | { |
| 4134 | struct tty_struct *tty; |
| 4135 | WARN_ON_ONCE(!mutex_is_locked(&tty_mutex)); |
| 4136 | tty = current->signal->tty; |
| 4137 | /* |
| 4138 | * session->tty can be changed/cleared from under us, make sure we |
| 4139 | * issue the load. The obtained pointer, when not NULL, is valid as |
| 4140 | * long as we hold tty_mutex. |
| 4141 | */ |
| 4142 | barrier(); |
| 4143 | return tty; |
| 4144 | } |
| 4145 | EXPORT_SYMBOL_GPL(get_current_tty); |
| 4146 | |
| 4147 | /* |
| 4148 | * Initialize the console device. This is called *early*, so |
| 4149 | * we can't necessarily depend on lots of kernel help here. |
| 4150 | * Just do some early initializations, and do the complex setup |
| 4151 | * later. |
| 4152 | */ |
| 4153 | void __init console_init(void) |
| 4154 | { |
| 4155 | initcall_t *call; |
| 4156 | |
| 4157 | /* Setup the default TTY line discipline. */ |
| 4158 | (void) tty_register_ldisc(N_TTY, &tty_ldisc_N_TTY); |
| 4159 | |
| 4160 | /* |
| 4161 | * set up the console device so that later boot sequences can |
| 4162 | * inform about problems etc.. |
| 4163 | */ |
| 4164 | call = __con_initcall_start; |
| 4165 | while (call < __con_initcall_end) { |
| 4166 | (*call)(); |
| 4167 | call++; |
| 4168 | } |
| 4169 | } |
| 4170 | |
| 4171 | static int __init tty_class_init(void) |
| 4172 | { |
| 4173 | tty_class = class_create(THIS_MODULE, "tty"); |
| 4174 | if (IS_ERR(tty_class)) |
| 4175 | return PTR_ERR(tty_class); |
| 4176 | return 0; |
| 4177 | } |
| 4178 | |
| 4179 | postcore_initcall(tty_class_init); |
| 4180 | |
| 4181 | /* 3/2004 jmc: why do these devices exist? */ |
| 4182 | |
| 4183 | static struct cdev tty_cdev, console_cdev; |
| 4184 | #ifdef CONFIG_UNIX98_PTYS |
| 4185 | static struct cdev ptmx_cdev; |
| 4186 | #endif |
| 4187 | #ifdef CONFIG_VT |
| 4188 | static struct cdev vc0_cdev; |
| 4189 | #endif |
| 4190 | |
| 4191 | /* |
| 4192 | * Ok, now we can initialize the rest of the tty devices and can count |
| 4193 | * on memory allocations, interrupts etc.. |
| 4194 | */ |
| 4195 | static int __init tty_init(void) |
| 4196 | { |
| 4197 | cdev_init(&tty_cdev, &tty_fops); |
| 4198 | if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || |
| 4199 | register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) |
| 4200 | panic("Couldn't register /dev/tty driver\n"); |
| 4201 | device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), "tty"); |
| 4202 | |
| 4203 | cdev_init(&console_cdev, &console_fops); |
| 4204 | if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || |
| 4205 | register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) |
| 4206 | panic("Couldn't register /dev/console driver\n"); |
| 4207 | device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), "console"); |
| 4208 | |
| 4209 | #ifdef CONFIG_UNIX98_PTYS |
| 4210 | cdev_init(&ptmx_cdev, &ptmx_fops); |
| 4211 | if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || |
| 4212 | register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0) |
| 4213 | panic("Couldn't register /dev/ptmx driver\n"); |
| 4214 | device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), "ptmx"); |
| 4215 | #endif |
| 4216 | |
| 4217 | #ifdef CONFIG_VT |
| 4218 | cdev_init(&vc0_cdev, &console_fops); |
| 4219 | if (cdev_add(&vc0_cdev, MKDEV(TTY_MAJOR, 0), 1) || |
| 4220 | register_chrdev_region(MKDEV(TTY_MAJOR, 0), 1, "/dev/vc/0") < 0) |
| 4221 | panic("Couldn't register /dev/tty0 driver\n"); |
| 4222 | device_create(tty_class, NULL, MKDEV(TTY_MAJOR, 0), "tty0"); |
| 4223 | |
| 4224 | vty_init(); |
| 4225 | #endif |
| 4226 | return 0; |
| 4227 | } |
| 4228 | module_init(tty_init); |