projects / linux-2.6-block.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
TTY: extract /dev/tty handling from tty_open
[linux-2.6-block.git] / drivers / tty / tty_io.c
... / ...
CommitLineData
1/*
2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5/*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
20 * makes for cleaner and more compact code. -TYT, 9/17/92
21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
42 *
43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
65 */
66
67#include <linux/types.h>
68#include <linux/major.h>
69#include <linux/errno.h>
70#include <linux/signal.h>
71#include <linux/fcntl.h>
72#include <linux/sched.h>
73#include <linux/interrupt.h>
74#include <linux/tty.h>
75#include <linux/tty_driver.h>
76#include <linux/tty_flip.h>
77#include <linux/devpts_fs.h>
78#include <linux/file.h>
79#include <linux/fdtable.h>
80#include <linux/console.h>
81#include <linux/timer.h>
82#include <linux/ctype.h>
83#include <linux/kd.h>
84#include <linux/mm.h>
85#include <linux/string.h>
86#include <linux/slab.h>
87#include <linux/poll.h>
88#include <linux/proc_fs.h>
89#include <linux/init.h>
90#include <linux/module.h>
91#include <linux/device.h>
92#include <linux/wait.h>
93#include <linux/bitops.h>
94#include <linux/delay.h>
95#include <linux/seq_file.h>
96#include <linux/serial.h>
97#include <linux/ratelimit.h>
98
99#include <linux/uaccess.h>
100#include <asm/system.h>
101
102#include <linux/kbd_kern.h>
103#include <linux/vt_kern.h>
104#include <linux/selection.h>
105
106#include <linux/kmod.h>
107#include <linux/nsproxy.h>
108
109#undef TTY_DEBUG_HANGUP
110
111#define TTY_PARANOIA_CHECK 1
112#define CHECK_TTY_COUNT 1
113
114struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
115 .c_iflag = ICRNL | IXON,
116 .c_oflag = OPOST | ONLCR,
117 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
118 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
119 ECHOCTL | ECHOKE | IEXTEN,
120 .c_cc = INIT_C_CC,
121 .c_ispeed = 38400,
122 .c_ospeed = 38400
123};
124
125EXPORT_SYMBOL(tty_std_termios);
126
127/* This list gets poked at by procfs and various bits of boot up code. This
128 could do with some rationalisation such as pulling the tty proc function
129 into this file */
130
131LIST_HEAD(tty_drivers); /* linked list of tty drivers */
132
133/* Mutex to protect creating and releasing a tty. This is shared with
134 vt.c for deeply disgusting hack reasons */
135DEFINE_MUTEX(tty_mutex);
136EXPORT_SYMBOL(tty_mutex);
137
138/* Spinlock to protect the tty->tty_files list */
139DEFINE_SPINLOCK(tty_files_lock);
140
141static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
142static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
143ssize_t redirected_tty_write(struct file *, const char __user *,
144 size_t, loff_t *);
145static unsigned int tty_poll(struct file *, poll_table *);
146static int tty_open(struct inode *, struct file *);
147long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
148#ifdef CONFIG_COMPAT
149static long tty_compat_ioctl(struct file *file, unsigned int cmd,
150 unsigned long arg);
151#else
152#define tty_compat_ioctl NULL
153#endif
154static int __tty_fasync(int fd, struct file *filp, int on);
155static int tty_fasync(int fd, struct file *filp, int on);
156static void release_tty(struct tty_struct *tty, int idx);
157static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
158static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
159
160/**
161 * alloc_tty_struct - allocate a tty object
162 *
163 * Return a new empty tty structure. The data fields have not
164 * been initialized in any way but has been zeroed
165 *
166 * Locking: none
167 */
168
169struct tty_struct *alloc_tty_struct(void)
170{
171 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
172}
173
174/**
175 * free_tty_struct - free a disused tty
176 * @tty: tty struct to free
177 *
178 * Free the write buffers, tty queue and tty memory itself.
179 *
180 * Locking: none. Must be called after tty is definitely unused
181 */
182
183void free_tty_struct(struct tty_struct *tty)
184{
185 if (tty->dev)
186 put_device(tty->dev);
187 kfree(tty->write_buf);
188 tty_buffer_free_all(tty);
189 kfree(tty);
190}
191
192static inline struct tty_struct *file_tty(struct file *file)
193{
194 return ((struct tty_file_private *)file->private_data)->tty;
195}
196
197int tty_alloc_file(struct file *file)
198{
199 struct tty_file_private *priv;
200
201 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
202 if (!priv)
203 return -ENOMEM;
204
205 file->private_data = priv;
206
207 return 0;
208}
209
210/* Associate a new file with the tty structure */
211void tty_add_file(struct tty_struct *tty, struct file *file)
212{
213 struct tty_file_private *priv = file->private_data;
214
215 priv->tty = tty;
216 priv->file = file;
217
218 spin_lock(&tty_files_lock);
219 list_add(&priv->list, &tty->tty_files);
220 spin_unlock(&tty_files_lock);
221}
222
223/**
224 * tty_free_file - free file->private_data
225 *
226 * This shall be used only for fail path handling when tty_add_file was not
227 * called yet.
228 */
229void tty_free_file(struct file *file)
230{
231 struct tty_file_private *priv = file->private_data;
232
233 file->private_data = NULL;
234 kfree(priv);
235}
236
237/* Delete file from its tty */
238void tty_del_file(struct file *file)
239{
240 struct tty_file_private *priv = file->private_data;
241
242 spin_lock(&tty_files_lock);
243 list_del(&priv->list);
244 spin_unlock(&tty_files_lock);
245 tty_free_file(file);
246}
247
248
249#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
250
251/**
252 * tty_name - return tty naming
253 * @tty: tty structure
254 * @buf: buffer for output
255 *
256 * Convert a tty structure into a name. The name reflects the kernel
257 * naming policy and if udev is in use may not reflect user space
258 *
259 * Locking: none
260 */
261
262char *tty_name(struct tty_struct *tty, char *buf)
263{
264 if (!tty) /* Hmm. NULL pointer. That's fun. */
265 strcpy(buf, "NULL tty");
266 else
267 strcpy(buf, tty->name);
268 return buf;
269}
270
271EXPORT_SYMBOL(tty_name);
272
273int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
274 const char *routine)
275{
276#ifdef TTY_PARANOIA_CHECK
277 if (!tty) {
278 printk(KERN_WARNING
279 "null TTY for (%d:%d) in %s\n",
280 imajor(inode), iminor(inode), routine);
281 return 1;
282 }
283 if (tty->magic != TTY_MAGIC) {
284 printk(KERN_WARNING
285 "bad magic number for tty struct (%d:%d) in %s\n",
286 imajor(inode), iminor(inode), routine);
287 return 1;
288 }
289#endif
290 return 0;
291}
292
293static int check_tty_count(struct tty_struct *tty, const char *routine)
294{
295#ifdef CHECK_TTY_COUNT
296 struct list_head *p;
297 int count = 0;
298
299 spin_lock(&tty_files_lock);
300 list_for_each(p, &tty->tty_files) {
301 count++;
302 }
303 spin_unlock(&tty_files_lock);
304 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
305 tty->driver->subtype == PTY_TYPE_SLAVE &&
306 tty->link && tty->link->count)
307 count++;
308 if (tty->count != count) {
309 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
310 "!= #fd's(%d) in %s\n",
311 tty->name, tty->count, count, routine);
312 return count;
313 }
314#endif
315 return 0;
316}
317
318/**
319 * get_tty_driver - find device of a tty
320 * @dev_t: device identifier
321 * @index: returns the index of the tty
322 *
323 * This routine returns a tty driver structure, given a device number
324 * and also passes back the index number.
325 *
326 * Locking: caller must hold tty_mutex
327 */
328
329static struct tty_driver *get_tty_driver(dev_t device, int *index)
330{
331 struct tty_driver *p;
332
333 list_for_each_entry(p, &tty_drivers, tty_drivers) {
334 dev_t base = MKDEV(p->major, p->minor_start);
335 if (device < base || device >= base + p->num)
336 continue;
337 *index = device - base;
338 return tty_driver_kref_get(p);
339 }
340 return NULL;
341}
342
343#ifdef CONFIG_CONSOLE_POLL
344
345/**
346 * tty_find_polling_driver - find device of a polled tty
347 * @name: name string to match
348 * @line: pointer to resulting tty line nr
349 *
350 * This routine returns a tty driver structure, given a name
351 * and the condition that the tty driver is capable of polled
352 * operation.
353 */
354struct tty_driver *tty_find_polling_driver(char *name, int *line)
355{
356 struct tty_driver *p, *res = NULL;
357 int tty_line = 0;
358 int len;
359 char *str, *stp;
360
361 for (str = name; *str; str++)
362 if ((*str >= '0' && *str <= '9') || *str == ',')
363 break;
364 if (!*str)
365 return NULL;
366
367 len = str - name;
368 tty_line = simple_strtoul(str, &str, 10);
369
370 mutex_lock(&tty_mutex);
371 /* Search through the tty devices to look for a match */
372 list_for_each_entry(p, &tty_drivers, tty_drivers) {
373 if (strncmp(name, p->name, len) != 0)
374 continue;
375 stp = str;
376 if (*stp == ',')
377 stp++;
378 if (*stp == '\0')
379 stp = NULL;
380
381 if (tty_line >= 0 && tty_line < p->num && p->ops &&
382 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
383 res = tty_driver_kref_get(p);
384 *line = tty_line;
385 break;
386 }
387 }
388 mutex_unlock(&tty_mutex);
389
390 return res;
391}
392EXPORT_SYMBOL_GPL(tty_find_polling_driver);
393#endif
394
395/**
396 * tty_check_change - check for POSIX terminal changes
397 * @tty: tty to check
398 *
399 * If we try to write to, or set the state of, a terminal and we're
400 * not in the foreground, send a SIGTTOU. If the signal is blocked or
401 * ignored, go ahead and perform the operation. (POSIX 7.2)
402 *
403 * Locking: ctrl_lock
404 */
405
406int tty_check_change(struct tty_struct *tty)
407{
408 unsigned long flags;
409 int ret = 0;
410
411 if (current->signal->tty != tty)
412 return 0;
413
414 spin_lock_irqsave(&tty->ctrl_lock, flags);
415
416 if (!tty->pgrp) {
417 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
418 goto out_unlock;
419 }
420 if (task_pgrp(current) == tty->pgrp)
421 goto out_unlock;
422 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
423 if (is_ignored(SIGTTOU))
424 goto out;
425 if (is_current_pgrp_orphaned()) {
426 ret = -EIO;
427 goto out;
428 }
429 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
430 set_thread_flag(TIF_SIGPENDING);
431 ret = -ERESTARTSYS;
432out:
433 return ret;
434out_unlock:
435 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
436 return ret;
437}
438
439EXPORT_SYMBOL(tty_check_change);
440
441static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
442 size_t count, loff_t *ppos)
443{
444 return 0;
445}
446
447static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
448 size_t count, loff_t *ppos)
449{
450 return -EIO;
451}
452
453/* No kernel lock held - none needed ;) */
454static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
455{
456 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
457}
458
459static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
460 unsigned long arg)
461{
462 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
463}
464
465static long hung_up_tty_compat_ioctl(struct file *file,
466 unsigned int cmd, unsigned long arg)
467{
468 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
469}
470
471static const struct file_operations tty_fops = {
472 .llseek = no_llseek,
473 .read = tty_read,
474 .write = tty_write,
475 .poll = tty_poll,
476 .unlocked_ioctl = tty_ioctl,
477 .compat_ioctl = tty_compat_ioctl,
478 .open = tty_open,
479 .release = tty_release,
480 .fasync = tty_fasync,
481};
482
483static const struct file_operations console_fops = {
484 .llseek = no_llseek,
485 .read = tty_read,
486 .write = redirected_tty_write,
487 .poll = tty_poll,
488 .unlocked_ioctl = tty_ioctl,
489 .compat_ioctl = tty_compat_ioctl,
490 .open = tty_open,
491 .release = tty_release,
492 .fasync = tty_fasync,
493};
494
495static const struct file_operations hung_up_tty_fops = {
496 .llseek = no_llseek,
497 .read = hung_up_tty_read,
498 .write = hung_up_tty_write,
499 .poll = hung_up_tty_poll,
500 .unlocked_ioctl = hung_up_tty_ioctl,
501 .compat_ioctl = hung_up_tty_compat_ioctl,
502 .release = tty_release,
503};
504
505static DEFINE_SPINLOCK(redirect_lock);
506static struct file *redirect;
507
508/**
509 * tty_wakeup - request more data
510 * @tty: terminal
511 *
512 * Internal and external helper for wakeups of tty. This function
513 * informs the line discipline if present that the driver is ready
514 * to receive more output data.
515 */
516
517void tty_wakeup(struct tty_struct *tty)
518{
519 struct tty_ldisc *ld;
520
521 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
522 ld = tty_ldisc_ref(tty);
523 if (ld) {
524 if (ld->ops->write_wakeup)
525 ld->ops->write_wakeup(tty);
526 tty_ldisc_deref(ld);
527 }
528 }
529 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
530}
531
532EXPORT_SYMBOL_GPL(tty_wakeup);
533
534/**
535 * __tty_hangup - actual handler for hangup events
536 * @work: tty device
537 *
538 * This can be called by the "eventd" kernel thread. That is process
539 * synchronous but doesn't hold any locks, so we need to make sure we
540 * have the appropriate locks for what we're doing.
541 *
542 * The hangup event clears any pending redirections onto the hung up
543 * device. It ensures future writes will error and it does the needed
544 * line discipline hangup and signal delivery. The tty object itself
545 * remains intact.
546 *
547 * Locking:
548 * BTM
549 * redirect lock for undoing redirection
550 * file list lock for manipulating list of ttys
551 * tty_ldisc_lock from called functions
552 * termios_mutex resetting termios data
553 * tasklist_lock to walk task list for hangup event
554 * ->siglock to protect ->signal/->sighand
555 */
556void __tty_hangup(struct tty_struct *tty)
557{
558 struct file *cons_filp = NULL;
559 struct file *filp, *f = NULL;
560 struct task_struct *p;
561 struct tty_file_private *priv;
562 int closecount = 0, n;
563 unsigned long flags;
564 int refs = 0;
565
566 if (!tty)
567 return;
568
569
570 spin_lock(&redirect_lock);
571 if (redirect && file_tty(redirect) == tty) {
572 f = redirect;
573 redirect = NULL;
574 }
575 spin_unlock(&redirect_lock);
576
577 tty_lock();
578
579 /* some functions below drop BTM, so we need this bit */
580 set_bit(TTY_HUPPING, &tty->flags);
581
582 /* inuse_filps is protected by the single tty lock,
583 this really needs to change if we want to flush the
584 workqueue with the lock held */
585 check_tty_count(tty, "tty_hangup");
586
587 spin_lock(&tty_files_lock);
588 /* This breaks for file handles being sent over AF_UNIX sockets ? */
589 list_for_each_entry(priv, &tty->tty_files, list) {
590 filp = priv->file;
591 if (filp->f_op->write == redirected_tty_write)
592 cons_filp = filp;
593 if (filp->f_op->write != tty_write)
594 continue;
595 closecount++;
596 __tty_fasync(-1, filp, 0); /* can't block */
597 filp->f_op = &hung_up_tty_fops;
598 }
599 spin_unlock(&tty_files_lock);
600
601 /*
602 * it drops BTM and thus races with reopen
603 * we protect the race by TTY_HUPPING
604 */
605 tty_ldisc_hangup(tty);
606
607 read_lock(&tasklist_lock);
608 if (tty->session) {
609 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
610 spin_lock_irq(&p->sighand->siglock);
611 if (p->signal->tty == tty) {
612 p->signal->tty = NULL;
613 /* We defer the dereferences outside fo
614 the tasklist lock */
615 refs++;
616 }
617 if (!p->signal->leader) {
618 spin_unlock_irq(&p->sighand->siglock);
619 continue;
620 }
621 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
622 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
623 put_pid(p->signal->tty_old_pgrp); /* A noop */
624 spin_lock_irqsave(&tty->ctrl_lock, flags);
625 if (tty->pgrp)
626 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
627 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
628 spin_unlock_irq(&p->sighand->siglock);
629 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
630 }
631 read_unlock(&tasklist_lock);
632
633 spin_lock_irqsave(&tty->ctrl_lock, flags);
634 clear_bit(TTY_THROTTLED, &tty->flags);
635 clear_bit(TTY_PUSH, &tty->flags);
636 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
637 put_pid(tty->session);
638 put_pid(tty->pgrp);
639 tty->session = NULL;
640 tty->pgrp = NULL;
641 tty->ctrl_status = 0;
642 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
643
644 /* Account for the p->signal references we killed */
645 while (refs--)
646 tty_kref_put(tty);
647
648 /*
649 * If one of the devices matches a console pointer, we
650 * cannot just call hangup() because that will cause
651 * tty->count and state->count to go out of sync.
652 * So we just call close() the right number of times.
653 */
654 if (cons_filp) {
655 if (tty->ops->close)
656 for (n = 0; n < closecount; n++)
657 tty->ops->close(tty, cons_filp);
658 } else if (tty->ops->hangup)
659 (tty->ops->hangup)(tty);
660 /*
661 * We don't want to have driver/ldisc interactions beyond
662 * the ones we did here. The driver layer expects no
663 * calls after ->hangup() from the ldisc side. However we
664 * can't yet guarantee all that.
665 */
666 set_bit(TTY_HUPPED, &tty->flags);
667 clear_bit(TTY_HUPPING, &tty->flags);
668 tty_ldisc_enable(tty);
669
670 tty_unlock();
671
672 if (f)
673 fput(f);
674}
675
676static void do_tty_hangup(struct work_struct *work)
677{
678 struct tty_struct *tty =
679 container_of(work, struct tty_struct, hangup_work);
680
681 __tty_hangup(tty);
682}
683
684/**
685 * tty_hangup - trigger a hangup event
686 * @tty: tty to hangup
687 *
688 * A carrier loss (virtual or otherwise) has occurred on this like
689 * schedule a hangup sequence to run after this event.
690 */
691
692void tty_hangup(struct tty_struct *tty)
693{
694#ifdef TTY_DEBUG_HANGUP
695 char buf[64];
696 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
697#endif
698 schedule_work(&tty->hangup_work);
699}
700
701EXPORT_SYMBOL(tty_hangup);
702
703/**
704 * tty_vhangup - process vhangup
705 * @tty: tty to hangup
706 *
707 * The user has asked via system call for the terminal to be hung up.
708 * We do this synchronously so that when the syscall returns the process
709 * is complete. That guarantee is necessary for security reasons.
710 */
711
712void tty_vhangup(struct tty_struct *tty)
713{
714#ifdef TTY_DEBUG_HANGUP
715 char buf[64];
716
717 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
718#endif
719 __tty_hangup(tty);
720}
721
722EXPORT_SYMBOL(tty_vhangup);
723
724
725/**
726 * tty_vhangup_self - process vhangup for own ctty
727 *
728 * Perform a vhangup on the current controlling tty
729 */
730
731void tty_vhangup_self(void)
732{
733 struct tty_struct *tty;
734
735 tty = get_current_tty();
736 if (tty) {
737 tty_vhangup(tty);
738 tty_kref_put(tty);
739 }
740}
741
742/**
743 * tty_hung_up_p - was tty hung up
744 * @filp: file pointer of tty
745 *
746 * Return true if the tty has been subject to a vhangup or a carrier
747 * loss
748 */
749
750int tty_hung_up_p(struct file *filp)
751{
752 return (filp->f_op == &hung_up_tty_fops);
753}
754
755EXPORT_SYMBOL(tty_hung_up_p);
756
757static void session_clear_tty(struct pid *session)
758{
759 struct task_struct *p;
760 do_each_pid_task(session, PIDTYPE_SID, p) {
761 proc_clear_tty(p);
762 } while_each_pid_task(session, PIDTYPE_SID, p);
763}
764
765/**
766 * disassociate_ctty - disconnect controlling tty
767 * @on_exit: true if exiting so need to "hang up" the session
768 *
769 * This function is typically called only by the session leader, when
770 * it wants to disassociate itself from its controlling tty.
771 *
772 * It performs the following functions:
773 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
774 * (2) Clears the tty from being controlling the session
775 * (3) Clears the controlling tty for all processes in the
776 * session group.
777 *
778 * The argument on_exit is set to 1 if called when a process is
779 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
780 *
781 * Locking:
782 * BTM is taken for hysterical raisins, and held when
783 * called from no_tty().
784 * tty_mutex is taken to protect tty
785 * ->siglock is taken to protect ->signal/->sighand
786 * tasklist_lock is taken to walk process list for sessions
787 * ->siglock is taken to protect ->signal/->sighand
788 */
789
790void disassociate_ctty(int on_exit)
791{
792 struct tty_struct *tty;
793
794 if (!current->signal->leader)
795 return;
796
797 tty = get_current_tty();
798 if (tty) {
799 struct pid *tty_pgrp = get_pid(tty->pgrp);
800 if (on_exit) {
801 if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
802 tty_vhangup(tty);
803 }
804 tty_kref_put(tty);
805 if (tty_pgrp) {
806 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
807 if (!on_exit)
808 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
809 put_pid(tty_pgrp);
810 }
811 } else if (on_exit) {
812 struct pid *old_pgrp;
813 spin_lock_irq(&current->sighand->siglock);
814 old_pgrp = current->signal->tty_old_pgrp;
815 current->signal->tty_old_pgrp = NULL;
816 spin_unlock_irq(&current->sighand->siglock);
817 if (old_pgrp) {
818 kill_pgrp(old_pgrp, SIGHUP, on_exit);
819 kill_pgrp(old_pgrp, SIGCONT, on_exit);
820 put_pid(old_pgrp);
821 }
822 return;
823 }
824
825 spin_lock_irq(&current->sighand->siglock);
826 put_pid(current->signal->tty_old_pgrp);
827 current->signal->tty_old_pgrp = NULL;
828 spin_unlock_irq(&current->sighand->siglock);
829
830 tty = get_current_tty();
831 if (tty) {
832 unsigned long flags;
833 spin_lock_irqsave(&tty->ctrl_lock, flags);
834 put_pid(tty->session);
835 put_pid(tty->pgrp);
836 tty->session = NULL;
837 tty->pgrp = NULL;
838 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
839 tty_kref_put(tty);
840 } else {
841#ifdef TTY_DEBUG_HANGUP
842 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
843 " = NULL", tty);
844#endif
845 }
846
847 /* Now clear signal->tty under the lock */
848 read_lock(&tasklist_lock);
849 session_clear_tty(task_session(current));
850 read_unlock(&tasklist_lock);
851}
852
853/**
854 *
855 * no_tty - Ensure the current process does not have a controlling tty
856 */
857void no_tty(void)
858{
859 struct task_struct *tsk = current;
860 tty_lock();
861 disassociate_ctty(0);
862 tty_unlock();
863 proc_clear_tty(tsk);
864}
865
866
867/**
868 * stop_tty - propagate flow control
869 * @tty: tty to stop
870 *
871 * Perform flow control to the driver. For PTY/TTY pairs we
872 * must also propagate the TIOCKPKT status. May be called
873 * on an already stopped device and will not re-call the driver
874 * method.
875 *
876 * This functionality is used by both the line disciplines for
877 * halting incoming flow and by the driver. It may therefore be
878 * called from any context, may be under the tty atomic_write_lock
879 * but not always.
880 *
881 * Locking:
882 * Uses the tty control lock internally
883 */
884
885void stop_tty(struct tty_struct *tty)
886{
887 unsigned long flags;
888 spin_lock_irqsave(&tty->ctrl_lock, flags);
889 if (tty->stopped) {
890 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
891 return;
892 }
893 tty->stopped = 1;
894 if (tty->link && tty->link->packet) {
895 tty->ctrl_status &= ~TIOCPKT_START;
896 tty->ctrl_status |= TIOCPKT_STOP;
897 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
898 }
899 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
900 if (tty->ops->stop)
901 (tty->ops->stop)(tty);
902}
903
904EXPORT_SYMBOL(stop_tty);
905
906/**
907 * start_tty - propagate flow control
908 * @tty: tty to start
909 *
910 * Start a tty that has been stopped if at all possible. Perform
911 * any necessary wakeups and propagate the TIOCPKT status. If this
912 * is the tty was previous stopped and is being started then the
913 * driver start method is invoked and the line discipline woken.
914 *
915 * Locking:
916 * ctrl_lock
917 */
918
919void start_tty(struct tty_struct *tty)
920{
921 unsigned long flags;
922 spin_lock_irqsave(&tty->ctrl_lock, flags);
923 if (!tty->stopped || tty->flow_stopped) {
924 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
925 return;
926 }
927 tty->stopped = 0;
928 if (tty->link && tty->link->packet) {
929 tty->ctrl_status &= ~TIOCPKT_STOP;
930 tty->ctrl_status |= TIOCPKT_START;
931 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
932 }
933 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
934 if (tty->ops->start)
935 (tty->ops->start)(tty);
936 /* If we have a running line discipline it may need kicking */
937 tty_wakeup(tty);
938}
939
940EXPORT_SYMBOL(start_tty);
941
942/**
943 * tty_read - read method for tty device files
944 * @file: pointer to tty file
945 * @buf: user buffer
946 * @count: size of user buffer
947 * @ppos: unused
948 *
949 * Perform the read system call function on this terminal device. Checks
950 * for hung up devices before calling the line discipline method.
951 *
952 * Locking:
953 * Locks the line discipline internally while needed. Multiple
954 * read calls may be outstanding in parallel.
955 */
956
957static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
958 loff_t *ppos)
959{
960 int i;
961 struct inode *inode = file->f_path.dentry->d_inode;
962 struct tty_struct *tty = file_tty(file);
963 struct tty_ldisc *ld;
964
965 if (tty_paranoia_check(tty, inode, "tty_read"))
966 return -EIO;
967 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
968 return -EIO;
969
970 /* We want to wait for the line discipline to sort out in this
971 situation */
972 ld = tty_ldisc_ref_wait(tty);
973 if (ld->ops->read)
974 i = (ld->ops->read)(tty, file, buf, count);
975 else
976 i = -EIO;
977 tty_ldisc_deref(ld);
978 if (i > 0)
979 inode->i_atime = current_fs_time(inode->i_sb);
980 return i;
981}
982
983void tty_write_unlock(struct tty_struct *tty)
984 __releases(&tty->atomic_write_lock)
985{
986 mutex_unlock(&tty->atomic_write_lock);
987 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
988}
989
990int tty_write_lock(struct tty_struct *tty, int ndelay)
991 __acquires(&tty->atomic_write_lock)
992{
993 if (!mutex_trylock(&tty->atomic_write_lock)) {
994 if (ndelay)
995 return -EAGAIN;
996 if (mutex_lock_interruptible(&tty->atomic_write_lock))
997 return -ERESTARTSYS;
998 }
999 return 0;
1000}
1001
1002/*
1003 * Split writes up in sane blocksizes to avoid
1004 * denial-of-service type attacks
1005 */
1006static inline ssize_t do_tty_write(
1007 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1008 struct tty_struct *tty,
1009 struct file *file,
1010 const char __user *buf,
1011 size_t count)
1012{
1013 ssize_t ret, written = 0;
1014 unsigned int chunk;
1015
1016 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1017 if (ret < 0)
1018 return ret;
1019
1020 /*
1021 * We chunk up writes into a temporary buffer. This
1022 * simplifies low-level drivers immensely, since they
1023 * don't have locking issues and user mode accesses.
1024 *
1025 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1026 * big chunk-size..
1027 *
1028 * The default chunk-size is 2kB, because the NTTY
1029 * layer has problems with bigger chunks. It will
1030 * claim to be able to handle more characters than
1031 * it actually does.
1032 *
1033 * FIXME: This can probably go away now except that 64K chunks
1034 * are too likely to fail unless switched to vmalloc...
1035 */
1036 chunk = 2048;
1037 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1038 chunk = 65536;
1039 if (count < chunk)
1040 chunk = count;
1041
1042 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1043 if (tty->write_cnt < chunk) {
1044 unsigned char *buf_chunk;
1045
1046 if (chunk < 1024)
1047 chunk = 1024;
1048
1049 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1050 if (!buf_chunk) {
1051 ret = -ENOMEM;
1052 goto out;
1053 }
1054 kfree(tty->write_buf);
1055 tty->write_cnt = chunk;
1056 tty->write_buf = buf_chunk;
1057 }
1058
1059 /* Do the write .. */
1060 for (;;) {
1061 size_t size = count;
1062 if (size > chunk)
1063 size = chunk;
1064 ret = -EFAULT;
1065 if (copy_from_user(tty->write_buf, buf, size))
1066 break;
1067 ret = write(tty, file, tty->write_buf, size);
1068 if (ret <= 0)
1069 break;
1070 written += ret;
1071 buf += ret;
1072 count -= ret;
1073 if (!count)
1074 break;
1075 ret = -ERESTARTSYS;
1076 if (signal_pending(current))
1077 break;
1078 cond_resched();
1079 }
1080 if (written) {
1081 struct inode *inode = file->f_path.dentry->d_inode;
1082 inode->i_mtime = current_fs_time(inode->i_sb);
1083 ret = written;
1084 }
1085out:
1086 tty_write_unlock(tty);
1087 return ret;
1088}
1089
1090/**
1091 * tty_write_message - write a message to a certain tty, not just the console.
1092 * @tty: the destination tty_struct
1093 * @msg: the message to write
1094 *
1095 * This is used for messages that need to be redirected to a specific tty.
1096 * We don't put it into the syslog queue right now maybe in the future if
1097 * really needed.
1098 *
1099 * We must still hold the BTM and test the CLOSING flag for the moment.
1100 */
1101
1102void tty_write_message(struct tty_struct *tty, char *msg)
1103{
1104 if (tty) {
1105 mutex_lock(&tty->atomic_write_lock);
1106 tty_lock();
1107 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
1108 tty_unlock();
1109 tty->ops->write(tty, msg, strlen(msg));
1110 } else
1111 tty_unlock();
1112 tty_write_unlock(tty);
1113 }
1114 return;
1115}
1116
1117
1118/**
1119 * tty_write - write method for tty device file
1120 * @file: tty file pointer
1121 * @buf: user data to write
1122 * @count: bytes to write
1123 * @ppos: unused
1124 *
1125 * Write data to a tty device via the line discipline.
1126 *
1127 * Locking:
1128 * Locks the line discipline as required
1129 * Writes to the tty driver are serialized by the atomic_write_lock
1130 * and are then processed in chunks to the device. The line discipline
1131 * write method will not be invoked in parallel for each device.
1132 */
1133
1134static ssize_t tty_write(struct file *file, const char __user *buf,
1135 size_t count, loff_t *ppos)
1136{
1137 struct inode *inode = file->f_path.dentry->d_inode;
1138 struct tty_struct *tty = file_tty(file);
1139 struct tty_ldisc *ld;
1140 ssize_t ret;
1141
1142 if (tty_paranoia_check(tty, inode, "tty_write"))
1143 return -EIO;
1144 if (!tty || !tty->ops->write ||
1145 (test_bit(TTY_IO_ERROR, &tty->flags)))
1146 return -EIO;
1147 /* Short term debug to catch buggy drivers */
1148 if (tty->ops->write_room == NULL)
1149 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1150 tty->driver->name);
1151 ld = tty_ldisc_ref_wait(tty);
1152 if (!ld->ops->write)
1153 ret = -EIO;
1154 else
1155 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1156 tty_ldisc_deref(ld);
1157 return ret;
1158}
1159
1160ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1161 size_t count, loff_t *ppos)
1162{
1163 struct file *p = NULL;
1164
1165 spin_lock(&redirect_lock);
1166 if (redirect) {
1167 get_file(redirect);
1168 p = redirect;
1169 }
1170 spin_unlock(&redirect_lock);
1171
1172 if (p) {
1173 ssize_t res;
1174 res = vfs_write(p, buf, count, &p->f_pos);
1175 fput(p);
1176 return res;
1177 }
1178 return tty_write(file, buf, count, ppos);
1179}
1180
1181static char ptychar[] = "pqrstuvwxyzabcde";
1182
1183/**
1184 * pty_line_name - generate name for a pty
1185 * @driver: the tty driver in use
1186 * @index: the minor number
1187 * @p: output buffer of at least 6 bytes
1188 *
1189 * Generate a name from a driver reference and write it to the output
1190 * buffer.
1191 *
1192 * Locking: None
1193 */
1194static void pty_line_name(struct tty_driver *driver, int index, char *p)
1195{
1196 int i = index + driver->name_base;
1197 /* ->name is initialized to "ttyp", but "tty" is expected */
1198 sprintf(p, "%s%c%x",
1199 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1200 ptychar[i >> 4 & 0xf], i & 0xf);
1201}
1202
1203/**
1204 * tty_line_name - generate name for a tty
1205 * @driver: the tty driver in use
1206 * @index: the minor number
1207 * @p: output buffer of at least 7 bytes
1208 *
1209 * Generate a name from a driver reference and write it to the output
1210 * buffer.
1211 *
1212 * Locking: None
1213 */
1214static void tty_line_name(struct tty_driver *driver, int index, char *p)
1215{
1216 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1217}
1218
1219/**
1220 * tty_driver_lookup_tty() - find an existing tty, if any
1221 * @driver: the driver for the tty
1222 * @idx: the minor number
1223 *
1224 * Return the tty, if found or ERR_PTR() otherwise.
1225 *
1226 * Locking: tty_mutex must be held. If tty is found, the mutex must
1227 * be held until the 'fast-open' is also done. Will change once we
1228 * have refcounting in the driver and per driver locking
1229 */
1230static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1231 struct inode *inode, int idx)
1232{
1233 struct tty_struct *tty;
1234
1235 if (driver->ops->lookup)
1236 return driver->ops->lookup(driver, inode, idx);
1237
1238 tty = driver->ttys[idx];
1239 return tty;
1240}
1241
1242/**
1243 * tty_init_termios - helper for termios setup
1244 * @tty: the tty to set up
1245 *
1246 * Initialise the termios structures for this tty. Thus runs under
1247 * the tty_mutex currently so we can be relaxed about ordering.
1248 */
1249
1250int tty_init_termios(struct tty_struct *tty)
1251{
1252 struct ktermios *tp;
1253 int idx = tty->index;
1254
1255 tp = tty->driver->termios[idx];
1256 if (tp == NULL) {
1257 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL);
1258 if (tp == NULL)
1259 return -ENOMEM;
1260 memcpy(tp, &tty->driver->init_termios,
1261 sizeof(struct ktermios));
1262 tty->driver->termios[idx] = tp;
1263 }
1264 tty->termios = tp;
1265 tty->termios_locked = tp + 1;
1266
1267 /* Compatibility until drivers always set this */
1268 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
1269 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
1270 return 0;
1271}
1272EXPORT_SYMBOL_GPL(tty_init_termios);
1273
1274/**
1275 * tty_driver_install_tty() - install a tty entry in the driver
1276 * @driver: the driver for the tty
1277 * @tty: the tty
1278 *
1279 * Install a tty object into the driver tables. The tty->index field
1280 * will be set by the time this is called. This method is responsible
1281 * for ensuring any need additional structures are allocated and
1282 * configured.
1283 *
1284 * Locking: tty_mutex for now
1285 */
1286static int tty_driver_install_tty(struct tty_driver *driver,
1287 struct tty_struct *tty)
1288{
1289 int idx = tty->index;
1290 int ret;
1291
1292 if (driver->ops->install) {
1293 ret = driver->ops->install(driver, tty);
1294 return ret;
1295 }
1296
1297 if (tty_init_termios(tty) == 0) {
1298 tty_driver_kref_get(driver);
1299 tty->count++;
1300 driver->ttys[idx] = tty;
1301 return 0;
1302 }
1303 return -ENOMEM;
1304}
1305
1306/**
1307 * tty_driver_remove_tty() - remove a tty from the driver tables
1308 * @driver: the driver for the tty
1309 * @idx: the minor number
1310 *
1311 * Remvoe a tty object from the driver tables. The tty->index field
1312 * will be set by the time this is called.
1313 *
1314 * Locking: tty_mutex for now
1315 */
1316void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
1317{
1318 if (driver->ops->remove)
1319 driver->ops->remove(driver, tty);
1320 else
1321 driver->ttys[tty->index] = NULL;
1322}
1323
1324/*
1325 * tty_reopen() - fast re-open of an open tty
1326 * @tty - the tty to open
1327 *
1328 * Return 0 on success, -errno on error.
1329 *
1330 * Locking: tty_mutex must be held from the time the tty was found
1331 * till this open completes.
1332 */
1333static int tty_reopen(struct tty_struct *tty)
1334{
1335 struct tty_driver *driver = tty->driver;
1336
1337 if (test_bit(TTY_CLOSING, &tty->flags) ||
1338 test_bit(TTY_HUPPING, &tty->flags) ||
1339 test_bit(TTY_LDISC_CHANGING, &tty->flags))
1340 return -EIO;
1341
1342 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1343 driver->subtype == PTY_TYPE_MASTER) {
1344 /*
1345 * special case for PTY masters: only one open permitted,
1346 * and the slave side open count is incremented as well.
1347 */
1348 if (tty->count)
1349 return -EIO;
1350
1351 tty->link->count++;
1352 }
1353 tty->count++;
1354 tty->driver = driver; /* N.B. why do this every time?? */
1355
1356 mutex_lock(&tty->ldisc_mutex);
1357 WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
1358 mutex_unlock(&tty->ldisc_mutex);
1359
1360 return 0;
1361}
1362
1363/**
1364 * tty_init_dev - initialise a tty device
1365 * @driver: tty driver we are opening a device on
1366 * @idx: device index
1367 * @ret_tty: returned tty structure
1368 * @first_ok: ok to open a new device (used by ptmx)
1369 *
1370 * Prepare a tty device. This may not be a "new" clean device but
1371 * could also be an active device. The pty drivers require special
1372 * handling because of this.
1373 *
1374 * Locking:
1375 * The function is called under the tty_mutex, which
1376 * protects us from the tty struct or driver itself going away.
1377 *
1378 * On exit the tty device has the line discipline attached and
1379 * a reference count of 1. If a pair was created for pty/tty use
1380 * and the other was a pty master then it too has a reference count of 1.
1381 *
1382 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1383 * failed open. The new code protects the open with a mutex, so it's
1384 * really quite straightforward. The mutex locking can probably be
1385 * relaxed for the (most common) case of reopening a tty.
1386 */
1387
1388struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx,
1389 int first_ok)
1390{
1391 struct tty_struct *tty;
1392 int retval;
1393
1394 /* Check if pty master is being opened multiple times */
1395 if (driver->subtype == PTY_TYPE_MASTER &&
1396 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) {
1397 return ERR_PTR(-EIO);
1398 }
1399
1400 /*
1401 * First time open is complex, especially for PTY devices.
1402 * This code guarantees that either everything succeeds and the
1403 * TTY is ready for operation, or else the table slots are vacated
1404 * and the allocated memory released. (Except that the termios
1405 * and locked termios may be retained.)
1406 */
1407
1408 if (!try_module_get(driver->owner))
1409 return ERR_PTR(-ENODEV);
1410
1411 tty = alloc_tty_struct();
1412 if (!tty) {
1413 retval = -ENOMEM;
1414 goto err_module_put;
1415 }
1416 initialize_tty_struct(tty, driver, idx);
1417
1418 retval = tty_driver_install_tty(driver, tty);
1419 if (retval < 0)
1420 goto err_deinit_tty;
1421
1422 /*
1423 * Structures all installed ... call the ldisc open routines.
1424 * If we fail here just call release_tty to clean up. No need
1425 * to decrement the use counts, as release_tty doesn't care.
1426 */
1427 retval = tty_ldisc_setup(tty, tty->link);
1428 if (retval)
1429 goto err_release_tty;
1430 return tty;
1431
1432err_deinit_tty:
1433 deinitialize_tty_struct(tty);
1434 free_tty_struct(tty);
1435err_module_put:
1436 module_put(driver->owner);
1437 return ERR_PTR(retval);
1438
1439 /* call the tty release_tty routine to clean out this slot */
1440err_release_tty:
1441 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
1442 "clearing slot %d\n", idx);
1443 release_tty(tty, idx);
1444 return ERR_PTR(retval);
1445}
1446
1447void tty_free_termios(struct tty_struct *tty)
1448{
1449 struct ktermios *tp;
1450 int idx = tty->index;
1451 /* Kill this flag and push into drivers for locking etc */
1452 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) {
1453 /* FIXME: Locking on ->termios array */
1454 tp = tty->termios;
1455 tty->driver->termios[idx] = NULL;
1456 kfree(tp);
1457 }
1458}
1459EXPORT_SYMBOL(tty_free_termios);
1460
1461void tty_shutdown(struct tty_struct *tty)
1462{
1463 tty_driver_remove_tty(tty->driver, tty);
1464 tty_free_termios(tty);
1465}
1466EXPORT_SYMBOL(tty_shutdown);
1467
1468/**
1469 * release_one_tty - release tty structure memory
1470 * @kref: kref of tty we are obliterating
1471 *
1472 * Releases memory associated with a tty structure, and clears out the
1473 * driver table slots. This function is called when a device is no longer
1474 * in use. It also gets called when setup of a device fails.
1475 *
1476 * Locking:
1477 * tty_mutex - sometimes only
1478 * takes the file list lock internally when working on the list
1479 * of ttys that the driver keeps.
1480 *
1481 * This method gets called from a work queue so that the driver private
1482 * cleanup ops can sleep (needed for USB at least)
1483 */
1484static void release_one_tty(struct work_struct *work)
1485{
1486 struct tty_struct *tty =
1487 container_of(work, struct tty_struct, hangup_work);
1488 struct tty_driver *driver = tty->driver;
1489
1490 if (tty->ops->cleanup)
1491 tty->ops->cleanup(tty);
1492
1493 tty->magic = 0;
1494 tty_driver_kref_put(driver);
1495 module_put(driver->owner);
1496
1497 spin_lock(&tty_files_lock);
1498 list_del_init(&tty->tty_files);
1499 spin_unlock(&tty_files_lock);
1500
1501 put_pid(tty->pgrp);
1502 put_pid(tty->session);
1503 free_tty_struct(tty);
1504}
1505
1506static void queue_release_one_tty(struct kref *kref)
1507{
1508 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1509
1510 if (tty->ops->shutdown)
1511 tty->ops->shutdown(tty);
1512 else
1513 tty_shutdown(tty);
1514
1515 /* The hangup queue is now free so we can reuse it rather than
1516 waste a chunk of memory for each port */
1517 INIT_WORK(&tty->hangup_work, release_one_tty);
1518 schedule_work(&tty->hangup_work);
1519}
1520
1521/**
1522 * tty_kref_put - release a tty kref
1523 * @tty: tty device
1524 *
1525 * Release a reference to a tty device and if need be let the kref
1526 * layer destruct the object for us
1527 */
1528
1529void tty_kref_put(struct tty_struct *tty)
1530{
1531 if (tty)
1532 kref_put(&tty->kref, queue_release_one_tty);
1533}
1534EXPORT_SYMBOL(tty_kref_put);
1535
1536/**
1537 * release_tty - release tty structure memory
1538 *
1539 * Release both @tty and a possible linked partner (think pty pair),
1540 * and decrement the refcount of the backing module.
1541 *
1542 * Locking:
1543 * tty_mutex - sometimes only
1544 * takes the file list lock internally when working on the list
1545 * of ttys that the driver keeps.
1546 * FIXME: should we require tty_mutex is held here ??
1547 *
1548 */
1549static void release_tty(struct tty_struct *tty, int idx)
1550{
1551 /* This should always be true but check for the moment */
1552 WARN_ON(tty->index != idx);
1553
1554 if (tty->link)
1555 tty_kref_put(tty->link);
1556 tty_kref_put(tty);
1557}
1558
1559/**
1560 * tty_release - vfs callback for close
1561 * @inode: inode of tty
1562 * @filp: file pointer for handle to tty
1563 *
1564 * Called the last time each file handle is closed that references
1565 * this tty. There may however be several such references.
1566 *
1567 * Locking:
1568 * Takes bkl. See tty_release_dev
1569 *
1570 * Even releasing the tty structures is a tricky business.. We have
1571 * to be very careful that the structures are all released at the
1572 * same time, as interrupts might otherwise get the wrong pointers.
1573 *
1574 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1575 * lead to double frees or releasing memory still in use.
1576 */
1577
1578int tty_release(struct inode *inode, struct file *filp)
1579{
1580 struct tty_struct *tty = file_tty(filp);
1581 struct tty_struct *o_tty;
1582 int pty_master, tty_closing, o_tty_closing, do_sleep;
1583 int devpts;
1584 int idx;
1585 char buf[64];
1586
1587 if (tty_paranoia_check(tty, inode, "tty_release_dev"))
1588 return 0;
1589
1590 tty_lock();
1591 check_tty_count(tty, "tty_release_dev");
1592
1593 __tty_fasync(-1, filp, 0);
1594
1595 idx = tty->index;
1596 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1597 tty->driver->subtype == PTY_TYPE_MASTER);
1598 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
1599 o_tty = tty->link;
1600
1601#ifdef TTY_PARANOIA_CHECK
1602 if (idx < 0 || idx >= tty->driver->num) {
1603 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to "
1604 "free (%s)\n", tty->name);
1605 tty_unlock();
1606 return 0;
1607 }
1608 if (!devpts) {
1609 if (tty != tty->driver->ttys[idx]) {
1610 tty_unlock();
1611 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty "
1612 "for (%s)\n", idx, tty->name);
1613 return 0;
1614 }
1615 if (tty->termios != tty->driver->termios[idx]) {
1616 tty_unlock();
1617 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios "
1618 "for (%s)\n",
1619 idx, tty->name);
1620 return 0;
1621 }
1622 }
1623#endif
1624
1625#ifdef TTY_DEBUG_HANGUP
1626 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...",
1627 tty_name(tty, buf), tty->count);
1628#endif
1629
1630#ifdef TTY_PARANOIA_CHECK
1631 if (tty->driver->other &&
1632 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
1633 if (o_tty != tty->driver->other->ttys[idx]) {
1634 tty_unlock();
1635 printk(KERN_DEBUG "tty_release_dev: other->table[%d] "
1636 "not o_tty for (%s)\n",
1637 idx, tty->name);
1638 return 0 ;
1639 }
1640 if (o_tty->termios != tty->driver->other->termios[idx]) {
1641 tty_unlock();
1642 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] "
1643 "not o_termios for (%s)\n",
1644 idx, tty->name);
1645 return 0;
1646 }
1647 if (o_tty->link != tty) {
1648 tty_unlock();
1649 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n");
1650 return 0;
1651 }
1652 }
1653#endif
1654 if (tty->ops->close)
1655 tty->ops->close(tty, filp);
1656
1657 tty_unlock();
1658 /*
1659 * Sanity check: if tty->count is going to zero, there shouldn't be
1660 * any waiters on tty->read_wait or tty->write_wait. We test the
1661 * wait queues and kick everyone out _before_ actually starting to
1662 * close. This ensures that we won't block while releasing the tty
1663 * structure.
1664 *
1665 * The test for the o_tty closing is necessary, since the master and
1666 * slave sides may close in any order. If the slave side closes out
1667 * first, its count will be one, since the master side holds an open.
1668 * Thus this test wouldn't be triggered at the time the slave closes,
1669 * so we do it now.
1670 *
1671 * Note that it's possible for the tty to be opened again while we're
1672 * flushing out waiters. By recalculating the closing flags before
1673 * each iteration we avoid any problems.
1674 */
1675 while (1) {
1676 /* Guard against races with tty->count changes elsewhere and
1677 opens on /dev/tty */
1678
1679 mutex_lock(&tty_mutex);
1680 tty_lock();
1681 tty_closing = tty->count <= 1;
1682 o_tty_closing = o_tty &&
1683 (o_tty->count <= (pty_master ? 1 : 0));
1684 do_sleep = 0;
1685
1686 if (tty_closing) {
1687 if (waitqueue_active(&tty->read_wait)) {
1688 wake_up_poll(&tty->read_wait, POLLIN);
1689 do_sleep++;
1690 }
1691 if (waitqueue_active(&tty->write_wait)) {
1692 wake_up_poll(&tty->write_wait, POLLOUT);
1693 do_sleep++;
1694 }
1695 }
1696 if (o_tty_closing) {
1697 if (waitqueue_active(&o_tty->read_wait)) {
1698 wake_up_poll(&o_tty->read_wait, POLLIN);
1699 do_sleep++;
1700 }
1701 if (waitqueue_active(&o_tty->write_wait)) {
1702 wake_up_poll(&o_tty->write_wait, POLLOUT);
1703 do_sleep++;
1704 }
1705 }
1706 if (!do_sleep)
1707 break;
1708
1709 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue "
1710 "active!\n", tty_name(tty, buf));
1711 tty_unlock();
1712 mutex_unlock(&tty_mutex);
1713 schedule();
1714 }
1715
1716 /*
1717 * The closing flags are now consistent with the open counts on
1718 * both sides, and we've completed the last operation that could
1719 * block, so it's safe to proceed with closing.
1720 */
1721 if (pty_master) {
1722 if (--o_tty->count < 0) {
1723 printk(KERN_WARNING "tty_release_dev: bad pty slave count "
1724 "(%d) for %s\n",
1725 o_tty->count, tty_name(o_tty, buf));
1726 o_tty->count = 0;
1727 }
1728 }
1729 if (--tty->count < 0) {
1730 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n",
1731 tty->count, tty_name(tty, buf));
1732 tty->count = 0;
1733 }
1734
1735 /*
1736 * We've decremented tty->count, so we need to remove this file
1737 * descriptor off the tty->tty_files list; this serves two
1738 * purposes:
1739 * - check_tty_count sees the correct number of file descriptors
1740 * associated with this tty.
1741 * - do_tty_hangup no longer sees this file descriptor as
1742 * something that needs to be handled for hangups.
1743 */
1744 tty_del_file(filp);
1745
1746 /*
1747 * Perform some housekeeping before deciding whether to return.
1748 *
1749 * Set the TTY_CLOSING flag if this was the last open. In the
1750 * case of a pty we may have to wait around for the other side
1751 * to close, and TTY_CLOSING makes sure we can't be reopened.
1752 */
1753 if (tty_closing)
1754 set_bit(TTY_CLOSING, &tty->flags);
1755 if (o_tty_closing)
1756 set_bit(TTY_CLOSING, &o_tty->flags);
1757
1758 /*
1759 * If _either_ side is closing, make sure there aren't any
1760 * processes that still think tty or o_tty is their controlling
1761 * tty.
1762 */
1763 if (tty_closing || o_tty_closing) {
1764 read_lock(&tasklist_lock);
1765 session_clear_tty(tty->session);
1766 if (o_tty)
1767 session_clear_tty(o_tty->session);
1768 read_unlock(&tasklist_lock);
1769 }
1770
1771 mutex_unlock(&tty_mutex);
1772
1773 /* check whether both sides are closing ... */
1774 if (!tty_closing || (o_tty && !o_tty_closing)) {
1775 tty_unlock();
1776 return 0;
1777 }
1778
1779#ifdef TTY_DEBUG_HANGUP
1780 printk(KERN_DEBUG "freeing tty structure...");
1781#endif
1782 /*
1783 * Ask the line discipline code to release its structures
1784 */
1785 tty_ldisc_release(tty, o_tty);
1786 /*
1787 * The release_tty function takes care of the details of clearing
1788 * the slots and preserving the termios structure.
1789 */
1790 release_tty(tty, idx);
1791
1792 /* Make this pty number available for reallocation */
1793 if (devpts)
1794 devpts_kill_index(inode, idx);
1795 tty_unlock();
1796 return 0;
1797}
1798
1799/**
1800 * tty_open_current_tty - get tty of current task for open
1801 * @device: device number
1802 * @filp: file pointer to tty
1803 * @return: tty of the current task iff @device is /dev/tty
1804 *
1805 * We cannot return driver and index like for the other nodes because
1806 * devpts will not work then. It expects inodes to be from devpts FS.
1807 */
1808static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1809{
1810 struct tty_struct *tty;
1811
1812 if (device != MKDEV(TTYAUX_MAJOR, 0))
1813 return NULL;
1814
1815 tty = get_current_tty();
1816 if (!tty)
1817 return ERR_PTR(-ENXIO);
1818
1819 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1820 /* noctty = 1; */
1821 tty_kref_put(tty);
1822 /* FIXME: we put a reference and return a TTY! */
1823 return tty;
1824}
1825
1826/**
1827 * tty_open - open a tty device
1828 * @inode: inode of device file
1829 * @filp: file pointer to tty
1830 *
1831 * tty_open and tty_release keep up the tty count that contains the
1832 * number of opens done on a tty. We cannot use the inode-count, as
1833 * different inodes might point to the same tty.
1834 *
1835 * Open-counting is needed for pty masters, as well as for keeping
1836 * track of serial lines: DTR is dropped when the last close happens.
1837 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1838 *
1839 * The termios state of a pty is reset on first open so that
1840 * settings don't persist across reuse.
1841 *
1842 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work.
1843 * tty->count should protect the rest.
1844 * ->siglock protects ->signal/->sighand
1845 */
1846
1847static int tty_open(struct inode *inode, struct file *filp)
1848{
1849 struct tty_struct *tty;
1850 int noctty, retval;
1851 struct tty_driver *driver = NULL;
1852 int index;
1853 dev_t device = inode->i_rdev;
1854 unsigned saved_flags = filp->f_flags;
1855
1856 nonseekable_open(inode, filp);
1857
1858retry_open:
1859 retval = tty_alloc_file(filp);
1860 if (retval)
1861 return -ENOMEM;
1862
1863 noctty = filp->f_flags & O_NOCTTY;
1864 index = -1;
1865 retval = 0;
1866
1867 mutex_lock(&tty_mutex);
1868 tty_lock();
1869
1870 tty = tty_open_current_tty(device, filp);
1871 if (IS_ERR(tty)) {
1872 tty_unlock();
1873 mutex_unlock(&tty_mutex);
1874 tty_free_file(filp);
1875 return PTR_ERR(tty);
1876 } else if (tty)
1877 goto got_driver;
1878
1879#ifdef CONFIG_VT
1880 if (device == MKDEV(TTY_MAJOR, 0)) {
1881 extern struct tty_driver *console_driver;
1882 driver = tty_driver_kref_get(console_driver);
1883 index = fg_console;
1884 noctty = 1;
1885 goto got_driver;
1886 }
1887#endif
1888 if (device == MKDEV(TTYAUX_MAJOR, 1)) {
1889 struct tty_driver *console_driver = console_device(&index);
1890 if (console_driver) {
1891 driver = tty_driver_kref_get(console_driver);
1892 if (driver) {
1893 /* Don't let /dev/console block */
1894 filp->f_flags |= O_NONBLOCK;
1895 noctty = 1;
1896 goto got_driver;
1897 }
1898 }
1899 tty_unlock();
1900 mutex_unlock(&tty_mutex);
1901 tty_free_file(filp);
1902 return -ENODEV;
1903 }
1904
1905 driver = get_tty_driver(device, &index);
1906 if (!driver) {
1907 tty_unlock();
1908 mutex_unlock(&tty_mutex);
1909 tty_free_file(filp);
1910 return -ENODEV;
1911 }
1912got_driver:
1913 if (!tty) {
1914 /* check whether we're reopening an existing tty */
1915 tty = tty_driver_lookup_tty(driver, inode, index);
1916
1917 if (IS_ERR(tty)) {
1918 tty_unlock();
1919 mutex_unlock(&tty_mutex);
1920 tty_driver_kref_put(driver);
1921 tty_free_file(filp);
1922 return PTR_ERR(tty);
1923 }
1924 }
1925
1926 if (tty) {
1927 retval = tty_reopen(tty);
1928 if (retval)
1929 tty = ERR_PTR(retval);
1930 } else
1931 tty = tty_init_dev(driver, index, 0);
1932
1933 mutex_unlock(&tty_mutex);
1934 if (driver)
1935 tty_driver_kref_put(driver);
1936 if (IS_ERR(tty)) {
1937 tty_unlock();
1938 tty_free_file(filp);
1939 return PTR_ERR(tty);
1940 }
1941
1942 tty_add_file(tty, filp);
1943
1944 check_tty_count(tty, "tty_open");
1945 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1946 tty->driver->subtype == PTY_TYPE_MASTER)
1947 noctty = 1;
1948#ifdef TTY_DEBUG_HANGUP
1949 printk(KERN_DEBUG "opening %s...", tty->name);
1950#endif
1951 if (tty->ops->open)
1952 retval = tty->ops->open(tty, filp);
1953 else
1954 retval = -ENODEV;
1955 filp->f_flags = saved_flags;
1956
1957 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
1958 !capable(CAP_SYS_ADMIN))
1959 retval = -EBUSY;
1960
1961 if (retval) {
1962#ifdef TTY_DEBUG_HANGUP
1963 printk(KERN_DEBUG "error %d in opening %s...", retval,
1964 tty->name);
1965#endif
1966 tty_unlock(); /* need to call tty_release without BTM */
1967 tty_release(inode, filp);
1968 if (retval != -ERESTARTSYS)
1969 return retval;
1970
1971 if (signal_pending(current))
1972 return retval;
1973
1974 schedule();
1975 /*
1976 * Need to reset f_op in case a hangup happened.
1977 */
1978 tty_lock();
1979 if (filp->f_op == &hung_up_tty_fops)
1980 filp->f_op = &tty_fops;
1981 tty_unlock();
1982 goto retry_open;
1983 }
1984 tty_unlock();
1985
1986
1987 mutex_lock(&tty_mutex);
1988 tty_lock();
1989 spin_lock_irq(&current->sighand->siglock);
1990 if (!noctty &&
1991 current->signal->leader &&
1992 !current->signal->tty &&
1993 tty->session == NULL)
1994 __proc_set_tty(current, tty);
1995 spin_unlock_irq(&current->sighand->siglock);
1996 tty_unlock();
1997 mutex_unlock(&tty_mutex);
1998 return 0;
1999}
2000
2001
2002
2003/**
2004 * tty_poll - check tty status
2005 * @filp: file being polled
2006 * @wait: poll wait structures to update
2007 *
2008 * Call the line discipline polling method to obtain the poll
2009 * status of the device.
2010 *
2011 * Locking: locks called line discipline but ldisc poll method
2012 * may be re-entered freely by other callers.
2013 */
2014
2015static unsigned int tty_poll(struct file *filp, poll_table *wait)
2016{
2017 struct tty_struct *tty = file_tty(filp);
2018 struct tty_ldisc *ld;
2019 int ret = 0;
2020
2021 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
2022 return 0;
2023
2024 ld = tty_ldisc_ref_wait(tty);
2025 if (ld->ops->poll)
2026 ret = (ld->ops->poll)(tty, filp, wait);
2027 tty_ldisc_deref(ld);
2028 return ret;
2029}
2030
2031static int __tty_fasync(int fd, struct file *filp, int on)
2032{
2033 struct tty_struct *tty = file_tty(filp);
2034 unsigned long flags;
2035 int retval = 0;
2036
2037 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
2038 goto out;
2039
2040 retval = fasync_helper(fd, filp, on, &tty->fasync);
2041 if (retval <= 0)
2042 goto out;
2043
2044 if (on) {
2045 enum pid_type type;
2046 struct pid *pid;
2047 if (!waitqueue_active(&tty->read_wait))
2048 tty->minimum_to_wake = 1;
2049 spin_lock_irqsave(&tty->ctrl_lock, flags);
2050 if (tty->pgrp) {
2051 pid = tty->pgrp;
2052 type = PIDTYPE_PGID;
2053 } else {
2054 pid = task_pid(current);
2055 type = PIDTYPE_PID;
2056 }
2057 get_pid(pid);
2058 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2059 retval = __f_setown(filp, pid, type, 0);
2060 put_pid(pid);
2061 if (retval)
2062 goto out;
2063 } else {
2064 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2065 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2066 }
2067 retval = 0;
2068out:
2069 return retval;
2070}
2071
2072static int tty_fasync(int fd, struct file *filp, int on)
2073{
2074 int retval;
2075 tty_lock();
2076 retval = __tty_fasync(fd, filp, on);
2077 tty_unlock();
2078 return retval;
2079}
2080
2081/**
2082 * tiocsti - fake input character
2083 * @tty: tty to fake input into
2084 * @p: pointer to character
2085 *
2086 * Fake input to a tty device. Does the necessary locking and
2087 * input management.
2088 *
2089 * FIXME: does not honour flow control ??
2090 *
2091 * Locking:
2092 * Called functions take tty_ldisc_lock
2093 * current->signal->tty check is safe without locks
2094 *
2095 * FIXME: may race normal receive processing
2096 */
2097
2098static int tiocsti(struct tty_struct *tty, char __user *p)
2099{
2100 char ch, mbz = 0;
2101 struct tty_ldisc *ld;
2102
2103 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2104 return -EPERM;
2105 if (get_user(ch, p))
2106 return -EFAULT;
2107 tty_audit_tiocsti(tty, ch);
2108 ld = tty_ldisc_ref_wait(tty);
2109 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2110 tty_ldisc_deref(ld);
2111 return 0;
2112}
2113
2114/**
2115 * tiocgwinsz - implement window query ioctl
2116 * @tty; tty
2117 * @arg: user buffer for result
2118 *
2119 * Copies the kernel idea of the window size into the user buffer.
2120 *
2121 * Locking: tty->termios_mutex is taken to ensure the winsize data
2122 * is consistent.
2123 */
2124
2125static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2126{
2127 int err;
2128
2129 mutex_lock(&tty->termios_mutex);
2130 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2131 mutex_unlock(&tty->termios_mutex);
2132
2133 return err ? -EFAULT: 0;
2134}
2135
2136/**
2137 * tty_do_resize - resize event
2138 * @tty: tty being resized
2139 * @rows: rows (character)
2140 * @cols: cols (character)
2141 *
2142 * Update the termios variables and send the necessary signals to
2143 * peform a terminal resize correctly
2144 */
2145
2146int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2147{
2148 struct pid *pgrp;
2149 unsigned long flags;
2150
2151 /* Lock the tty */
2152 mutex_lock(&tty->termios_mutex);
2153 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2154 goto done;
2155 /* Get the PID values and reference them so we can
2156 avoid holding the tty ctrl lock while sending signals */
2157 spin_lock_irqsave(&tty->ctrl_lock, flags);
2158 pgrp = get_pid(tty->pgrp);
2159 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2160
2161 if (pgrp)
2162 kill_pgrp(pgrp, SIGWINCH, 1);
2163 put_pid(pgrp);
2164
2165 tty->winsize = *ws;
2166done:
2167 mutex_unlock(&tty->termios_mutex);
2168 return 0;
2169}
2170
2171/**
2172 * tiocswinsz - implement window size set ioctl
2173 * @tty; tty side of tty
2174 * @arg: user buffer for result
2175 *
2176 * Copies the user idea of the window size to the kernel. Traditionally
2177 * this is just advisory information but for the Linux console it
2178 * actually has driver level meaning and triggers a VC resize.
2179 *
2180 * Locking:
2181 * Driver dependent. The default do_resize method takes the
2182 * tty termios mutex and ctrl_lock. The console takes its own lock
2183 * then calls into the default method.
2184 */
2185
2186static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2187{
2188 struct winsize tmp_ws;
2189 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2190 return -EFAULT;
2191
2192 if (tty->ops->resize)
2193 return tty->ops->resize(tty, &tmp_ws);
2194 else
2195 return tty_do_resize(tty, &tmp_ws);
2196}
2197
2198/**
2199 * tioccons - allow admin to move logical console
2200 * @file: the file to become console
2201 *
2202 * Allow the administrator to move the redirected console device
2203 *
2204 * Locking: uses redirect_lock to guard the redirect information
2205 */
2206
2207static int tioccons(struct file *file)
2208{
2209 if (!capable(CAP_SYS_ADMIN))
2210 return -EPERM;
2211 if (file->f_op->write == redirected_tty_write) {
2212 struct file *f;
2213 spin_lock(&redirect_lock);
2214 f = redirect;
2215 redirect = NULL;
2216 spin_unlock(&redirect_lock);
2217 if (f)
2218 fput(f);
2219 return 0;
2220 }
2221 spin_lock(&redirect_lock);
2222 if (redirect) {
2223 spin_unlock(&redirect_lock);
2224 return -EBUSY;
2225 }
2226 get_file(file);
2227 redirect = file;
2228 spin_unlock(&redirect_lock);
2229 return 0;
2230}
2231
2232/**
2233 * fionbio - non blocking ioctl
2234 * @file: file to set blocking value
2235 * @p: user parameter
2236 *
2237 * Historical tty interfaces had a blocking control ioctl before
2238 * the generic functionality existed. This piece of history is preserved
2239 * in the expected tty API of posix OS's.
2240 *
2241 * Locking: none, the open file handle ensures it won't go away.
2242 */
2243
2244static int fionbio(struct file *file, int __user *p)
2245{
2246 int nonblock;
2247
2248 if (get_user(nonblock, p))
2249 return -EFAULT;
2250
2251 spin_lock(&file->f_lock);
2252 if (nonblock)
2253 file->f_flags |= O_NONBLOCK;
2254 else
2255 file->f_flags &= ~O_NONBLOCK;
2256 spin_unlock(&file->f_lock);
2257 return 0;
2258}
2259
2260/**
2261 * tiocsctty - set controlling tty
2262 * @tty: tty structure
2263 * @arg: user argument
2264 *
2265 * This ioctl is used to manage job control. It permits a session
2266 * leader to set this tty as the controlling tty for the session.
2267 *
2268 * Locking:
2269 * Takes tty_mutex() to protect tty instance
2270 * Takes tasklist_lock internally to walk sessions
2271 * Takes ->siglock() when updating signal->tty
2272 */
2273
2274static int tiocsctty(struct tty_struct *tty, int arg)
2275{
2276 int ret = 0;
2277 if (current->signal->leader && (task_session(current) == tty->session))
2278 return ret;
2279
2280 mutex_lock(&tty_mutex);
2281 /*
2282 * The process must be a session leader and
2283 * not have a controlling tty already.
2284 */
2285 if (!current->signal->leader || current->signal->tty) {
2286 ret = -EPERM;
2287 goto unlock;
2288 }
2289
2290 if (tty->session) {
2291 /*
2292 * This tty is already the controlling
2293 * tty for another session group!
2294 */
2295 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
2296 /*
2297 * Steal it away
2298 */
2299 read_lock(&tasklist_lock);
2300 session_clear_tty(tty->session);
2301 read_unlock(&tasklist_lock);
2302 } else {
2303 ret = -EPERM;
2304 goto unlock;
2305 }
2306 }
2307 proc_set_tty(current, tty);
2308unlock:
2309 mutex_unlock(&tty_mutex);
2310 return ret;
2311}
2312
2313/**
2314 * tty_get_pgrp - return a ref counted pgrp pid
2315 * @tty: tty to read
2316 *
2317 * Returns a refcounted instance of the pid struct for the process
2318 * group controlling the tty.
2319 */
2320
2321struct pid *tty_get_pgrp(struct tty_struct *tty)
2322{
2323 unsigned long flags;
2324 struct pid *pgrp;
2325
2326 spin_lock_irqsave(&tty->ctrl_lock, flags);
2327 pgrp = get_pid(tty->pgrp);
2328 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2329
2330 return pgrp;
2331}
2332EXPORT_SYMBOL_GPL(tty_get_pgrp);
2333
2334/**
2335 * tiocgpgrp - get process group
2336 * @tty: tty passed by user
2337 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2338 * @p: returned pid
2339 *
2340 * Obtain the process group of the tty. If there is no process group
2341 * return an error.
2342 *
2343 * Locking: none. Reference to current->signal->tty is safe.
2344 */
2345
2346static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2347{
2348 struct pid *pid;
2349 int ret;
2350 /*
2351 * (tty == real_tty) is a cheap way of
2352 * testing if the tty is NOT a master pty.
2353 */
2354 if (tty == real_tty && current->signal->tty != real_tty)
2355 return -ENOTTY;
2356 pid = tty_get_pgrp(real_tty);
2357 ret = put_user(pid_vnr(pid), p);
2358 put_pid(pid);
2359 return ret;
2360}
2361
2362/**
2363 * tiocspgrp - attempt to set process group
2364 * @tty: tty passed by user
2365 * @real_tty: tty side device matching tty passed by user
2366 * @p: pid pointer
2367 *
2368 * Set the process group of the tty to the session passed. Only
2369 * permitted where the tty session is our session.
2370 *
2371 * Locking: RCU, ctrl lock
2372 */
2373
2374static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2375{
2376 struct pid *pgrp;
2377 pid_t pgrp_nr;
2378 int retval = tty_check_change(real_tty);
2379 unsigned long flags;
2380
2381 if (retval == -EIO)
2382 return -ENOTTY;
2383 if (retval)
2384 return retval;
2385 if (!current->signal->tty ||
2386 (current->signal->tty != real_tty) ||
2387 (real_tty->session != task_session(current)))
2388 return -ENOTTY;
2389 if (get_user(pgrp_nr, p))
2390 return -EFAULT;
2391 if (pgrp_nr < 0)
2392 return -EINVAL;
2393 rcu_read_lock();
2394 pgrp = find_vpid(pgrp_nr);
2395 retval = -ESRCH;
2396 if (!pgrp)
2397 goto out_unlock;
2398 retval = -EPERM;
2399 if (session_of_pgrp(pgrp) != task_session(current))
2400 goto out_unlock;
2401 retval = 0;
2402 spin_lock_irqsave(&tty->ctrl_lock, flags);
2403 put_pid(real_tty->pgrp);
2404 real_tty->pgrp = get_pid(pgrp);
2405 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2406out_unlock:
2407 rcu_read_unlock();
2408 return retval;
2409}
2410
2411/**
2412 * tiocgsid - get session id
2413 * @tty: tty passed by user
2414 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2415 * @p: pointer to returned session id
2416 *
2417 * Obtain the session id of the tty. If there is no session
2418 * return an error.
2419 *
2420 * Locking: none. Reference to current->signal->tty is safe.
2421 */
2422
2423static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2424{
2425 /*
2426 * (tty == real_tty) is a cheap way of
2427 * testing if the tty is NOT a master pty.
2428 */
2429 if (tty == real_tty && current->signal->tty != real_tty)
2430 return -ENOTTY;
2431 if (!real_tty->session)
2432 return -ENOTTY;
2433 return put_user(pid_vnr(real_tty->session), p);
2434}
2435
2436/**
2437 * tiocsetd - set line discipline
2438 * @tty: tty device
2439 * @p: pointer to user data
2440 *
2441 * Set the line discipline according to user request.
2442 *
2443 * Locking: see tty_set_ldisc, this function is just a helper
2444 */
2445
2446static int tiocsetd(struct tty_struct *tty, int __user *p)
2447{
2448 int ldisc;
2449 int ret;
2450
2451 if (get_user(ldisc, p))
2452 return -EFAULT;
2453
2454 ret = tty_set_ldisc(tty, ldisc);
2455
2456 return ret;
2457}
2458
2459/**
2460 * send_break - performed time break
2461 * @tty: device to break on
2462 * @duration: timeout in mS
2463 *
2464 * Perform a timed break on hardware that lacks its own driver level
2465 * timed break functionality.
2466 *
2467 * Locking:
2468 * atomic_write_lock serializes
2469 *
2470 */
2471
2472static int send_break(struct tty_struct *tty, unsigned int duration)
2473{
2474 int retval;
2475
2476 if (tty->ops->break_ctl == NULL)
2477 return 0;
2478
2479 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2480 retval = tty->ops->break_ctl(tty, duration);
2481 else {
2482 /* Do the work ourselves */
2483 if (tty_write_lock(tty, 0) < 0)
2484 return -EINTR;
2485 retval = tty->ops->break_ctl(tty, -1);
2486 if (retval)
2487 goto out;
2488 if (!signal_pending(current))
2489 msleep_interruptible(duration);
2490 retval = tty->ops->break_ctl(tty, 0);
2491out:
2492 tty_write_unlock(tty);
2493 if (signal_pending(current))
2494 retval = -EINTR;
2495 }
2496 return retval;
2497}
2498
2499/**
2500 * tty_tiocmget - get modem status
2501 * @tty: tty device
2502 * @file: user file pointer
2503 * @p: pointer to result
2504 *
2505 * Obtain the modem status bits from the tty driver if the feature
2506 * is supported. Return -EINVAL if it is not available.
2507 *
2508 * Locking: none (up to the driver)
2509 */
2510
2511static int tty_tiocmget(struct tty_struct *tty, int __user *p)
2512{
2513 int retval = -EINVAL;
2514
2515 if (tty->ops->tiocmget) {
2516 retval = tty->ops->tiocmget(tty);
2517
2518 if (retval >= 0)
2519 retval = put_user(retval, p);
2520 }
2521 return retval;
2522}
2523
2524/**
2525 * tty_tiocmset - set modem status
2526 * @tty: tty device
2527 * @cmd: command - clear bits, set bits or set all
2528 * @p: pointer to desired bits
2529 *
2530 * Set the modem status bits from the tty driver if the feature
2531 * is supported. Return -EINVAL if it is not available.
2532 *
2533 * Locking: none (up to the driver)
2534 */
2535
2536static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
2537 unsigned __user *p)
2538{
2539 int retval;
2540 unsigned int set, clear, val;
2541
2542 if (tty->ops->tiocmset == NULL)
2543 return -EINVAL;
2544
2545 retval = get_user(val, p);
2546 if (retval)
2547 return retval;
2548 set = clear = 0;
2549 switch (cmd) {
2550 case TIOCMBIS:
2551 set = val;
2552 break;
2553 case TIOCMBIC:
2554 clear = val;
2555 break;
2556 case TIOCMSET:
2557 set = val;
2558 clear = ~val;
2559 break;
2560 }
2561 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2562 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2563 return tty->ops->tiocmset(tty, set, clear);
2564}
2565
2566static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2567{
2568 int retval = -EINVAL;
2569 struct serial_icounter_struct icount;
2570 memset(&icount, 0, sizeof(icount));
2571 if (tty->ops->get_icount)
2572 retval = tty->ops->get_icount(tty, &icount);
2573 if (retval != 0)
2574 return retval;
2575 if (copy_to_user(arg, &icount, sizeof(icount)))
2576 return -EFAULT;
2577 return 0;
2578}
2579
2580struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2581{
2582 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2583 tty->driver->subtype == PTY_TYPE_MASTER)
2584 tty = tty->link;
2585 return tty;
2586}
2587EXPORT_SYMBOL(tty_pair_get_tty);
2588
2589struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2590{
2591 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2592 tty->driver->subtype == PTY_TYPE_MASTER)
2593 return tty;
2594 return tty->link;
2595}
2596EXPORT_SYMBOL(tty_pair_get_pty);
2597
2598/*
2599 * Split this up, as gcc can choke on it otherwise..
2600 */
2601long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2602{
2603 struct tty_struct *tty = file_tty(file);
2604 struct tty_struct *real_tty;
2605 void __user *p = (void __user *)arg;
2606 int retval;
2607 struct tty_ldisc *ld;
2608 struct inode *inode = file->f_dentry->d_inode;
2609
2610 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2611 return -EINVAL;
2612
2613 real_tty = tty_pair_get_tty(tty);
2614
2615 /*
2616 * Factor out some common prep work
2617 */
2618 switch (cmd) {
2619 case TIOCSETD:
2620 case TIOCSBRK:
2621 case TIOCCBRK:
2622 case TCSBRK:
2623 case TCSBRKP:
2624 retval = tty_check_change(tty);
2625 if (retval)
2626 return retval;
2627 if (cmd != TIOCCBRK) {
2628 tty_wait_until_sent(tty, 0);
2629 if (signal_pending(current))
2630 return -EINTR;
2631 }
2632 break;
2633 }
2634
2635 /*
2636 * Now do the stuff.
2637 */
2638 switch (cmd) {
2639 case TIOCSTI:
2640 return tiocsti(tty, p);
2641 case TIOCGWINSZ:
2642 return tiocgwinsz(real_tty, p);
2643 case TIOCSWINSZ:
2644 return tiocswinsz(real_tty, p);
2645 case TIOCCONS:
2646 return real_tty != tty ? -EINVAL : tioccons(file);
2647 case FIONBIO:
2648 return fionbio(file, p);
2649 case TIOCEXCL:
2650 set_bit(TTY_EXCLUSIVE, &tty->flags);
2651 return 0;
2652 case TIOCNXCL:
2653 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2654 return 0;
2655 case TIOCNOTTY:
2656 if (current->signal->tty != tty)
2657 return -ENOTTY;
2658 no_tty();
2659 return 0;
2660 case TIOCSCTTY:
2661 return tiocsctty(tty, arg);
2662 case TIOCGPGRP:
2663 return tiocgpgrp(tty, real_tty, p);
2664 case TIOCSPGRP:
2665 return tiocspgrp(tty, real_tty, p);
2666 case TIOCGSID:
2667 return tiocgsid(tty, real_tty, p);
2668 case TIOCGETD:
2669 return put_user(tty->ldisc->ops->num, (int __user *)p);
2670 case TIOCSETD:
2671 return tiocsetd(tty, p);
2672 case TIOCVHANGUP:
2673 if (!capable(CAP_SYS_ADMIN))
2674 return -EPERM;
2675 tty_vhangup(tty);
2676 return 0;
2677 case TIOCGDEV:
2678 {
2679 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2680 return put_user(ret, (unsigned int __user *)p);
2681 }
2682 /*
2683 * Break handling
2684 */
2685 case TIOCSBRK: /* Turn break on, unconditionally */
2686 if (tty->ops->break_ctl)
2687 return tty->ops->break_ctl(tty, -1);
2688 return 0;
2689 case TIOCCBRK: /* Turn break off, unconditionally */
2690 if (tty->ops->break_ctl)
2691 return tty->ops->break_ctl(tty, 0);
2692 return 0;
2693 case TCSBRK: /* SVID version: non-zero arg --> no break */
2694 /* non-zero arg means wait for all output data
2695 * to be sent (performed above) but don't send break.
2696 * This is used by the tcdrain() termios function.
2697 */
2698 if (!arg)
2699 return send_break(tty, 250);
2700 return 0;
2701 case TCSBRKP: /* support for POSIX tcsendbreak() */
2702 return send_break(tty, arg ? arg*100 : 250);
2703
2704 case TIOCMGET:
2705 return tty_tiocmget(tty, p);
2706 case TIOCMSET:
2707 case TIOCMBIC:
2708 case TIOCMBIS:
2709 return tty_tiocmset(tty, cmd, p);
2710 case TIOCGICOUNT:
2711 retval = tty_tiocgicount(tty, p);
2712 /* For the moment allow fall through to the old method */
2713 if (retval != -EINVAL)
2714 return retval;
2715 break;
2716 case TCFLSH:
2717 switch (arg) {
2718 case TCIFLUSH:
2719 case TCIOFLUSH:
2720 /* flush tty buffer and allow ldisc to process ioctl */
2721 tty_buffer_flush(tty);
2722 break;
2723 }
2724 break;
2725 }
2726 if (tty->ops->ioctl) {
2727 retval = (tty->ops->ioctl)(tty, cmd, arg);
2728 if (retval != -ENOIOCTLCMD)
2729 return retval;
2730 }
2731 ld = tty_ldisc_ref_wait(tty);
2732 retval = -EINVAL;
2733 if (ld->ops->ioctl) {
2734 retval = ld->ops->ioctl(tty, file, cmd, arg);
2735 if (retval == -ENOIOCTLCMD)
2736 retval = -EINVAL;
2737 }
2738 tty_ldisc_deref(ld);
2739 return retval;
2740}
2741
2742#ifdef CONFIG_COMPAT
2743static long tty_compat_ioctl(struct file *file, unsigned int cmd,
2744 unsigned long arg)
2745{
2746 struct inode *inode = file->f_dentry->d_inode;
2747 struct tty_struct *tty = file_tty(file);
2748 struct tty_ldisc *ld;
2749 int retval = -ENOIOCTLCMD;
2750
2751 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2752 return -EINVAL;
2753
2754 if (tty->ops->compat_ioctl) {
2755 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
2756 if (retval != -ENOIOCTLCMD)
2757 return retval;
2758 }
2759
2760 ld = tty_ldisc_ref_wait(tty);
2761 if (ld->ops->compat_ioctl)
2762 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
2763 else
2764 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
2765 tty_ldisc_deref(ld);
2766
2767 return retval;
2768}
2769#endif
2770
2771/*
2772 * This implements the "Secure Attention Key" --- the idea is to
2773 * prevent trojan horses by killing all processes associated with this
2774 * tty when the user hits the "Secure Attention Key". Required for
2775 * super-paranoid applications --- see the Orange Book for more details.
2776 *
2777 * This code could be nicer; ideally it should send a HUP, wait a few
2778 * seconds, then send a INT, and then a KILL signal. But you then
2779 * have to coordinate with the init process, since all processes associated
2780 * with the current tty must be dead before the new getty is allowed
2781 * to spawn.
2782 *
2783 * Now, if it would be correct ;-/ The current code has a nasty hole -
2784 * it doesn't catch files in flight. We may send the descriptor to ourselves
2785 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2786 *
2787 * Nasty bug: do_SAK is being called in interrupt context. This can
2788 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2789 */
2790void __do_SAK(struct tty_struct *tty)
2791{
2792#ifdef TTY_SOFT_SAK
2793 tty_hangup(tty);
2794#else
2795 struct task_struct *g, *p;
2796 struct pid *session;
2797 int i;
2798 struct file *filp;
2799 struct fdtable *fdt;
2800
2801 if (!tty)
2802 return;
2803 session = tty->session;
2804
2805 tty_ldisc_flush(tty);
2806
2807 tty_driver_flush_buffer(tty);
2808
2809 read_lock(&tasklist_lock);
2810 /* Kill the entire session */
2811 do_each_pid_task(session, PIDTYPE_SID, p) {
2812 printk(KERN_NOTICE "SAK: killed process %d"
2813 " (%s): task_session(p)==tty->session\n",
2814 task_pid_nr(p), p->comm);
2815 send_sig(SIGKILL, p, 1);
2816 } while_each_pid_task(session, PIDTYPE_SID, p);
2817 /* Now kill any processes that happen to have the
2818 * tty open.
2819 */
2820 do_each_thread(g, p) {
2821 if (p->signal->tty == tty) {
2822 printk(KERN_NOTICE "SAK: killed process %d"
2823 " (%s): task_session(p)==tty->session\n",
2824 task_pid_nr(p), p->comm);
2825 send_sig(SIGKILL, p, 1);
2826 continue;
2827 }
2828 task_lock(p);
2829 if (p->files) {
2830 /*
2831 * We don't take a ref to the file, so we must
2832 * hold ->file_lock instead.
2833 */
2834 spin_lock(&p->files->file_lock);
2835 fdt = files_fdtable(p->files);
2836 for (i = 0; i < fdt->max_fds; i++) {
2837 filp = fcheck_files(p->files, i);
2838 if (!filp)
2839 continue;
2840 if (filp->f_op->read == tty_read &&
2841 file_tty(filp) == tty) {
2842 printk(KERN_NOTICE "SAK: killed process %d"
2843 " (%s): fd#%d opened to the tty\n",
2844 task_pid_nr(p), p->comm, i);
2845 force_sig(SIGKILL, p);
2846 break;
2847 }
2848 }
2849 spin_unlock(&p->files->file_lock);
2850 }
2851 task_unlock(p);
2852 } while_each_thread(g, p);
2853 read_unlock(&tasklist_lock);
2854#endif
2855}
2856
2857static void do_SAK_work(struct work_struct *work)
2858{
2859 struct tty_struct *tty =
2860 container_of(work, struct tty_struct, SAK_work);
2861 __do_SAK(tty);
2862}
2863
2864/*
2865 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2866 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2867 * the values which we write to it will be identical to the values which it
2868 * already has. --akpm
2869 */
2870void do_SAK(struct tty_struct *tty)
2871{
2872 if (!tty)
2873 return;
2874 schedule_work(&tty->SAK_work);
2875}
2876
2877EXPORT_SYMBOL(do_SAK);
2878
2879static int dev_match_devt(struct device *dev, void *data)
2880{
2881 dev_t *devt = data;
2882 return dev->devt == *devt;
2883}
2884
2885/* Must put_device() after it's unused! */
2886static struct device *tty_get_device(struct tty_struct *tty)
2887{
2888 dev_t devt = tty_devnum(tty);
2889 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2890}
2891
2892
2893/**
2894 * initialize_tty_struct
2895 * @tty: tty to initialize
2896 *
2897 * This subroutine initializes a tty structure that has been newly
2898 * allocated.
2899 *
2900 * Locking: none - tty in question must not be exposed at this point
2901 */
2902
2903void initialize_tty_struct(struct tty_struct *tty,
2904 struct tty_driver *driver, int idx)
2905{
2906 memset(tty, 0, sizeof(struct tty_struct));
2907 kref_init(&tty->kref);
2908 tty->magic = TTY_MAGIC;
2909 tty_ldisc_init(tty);
2910 tty->session = NULL;
2911 tty->pgrp = NULL;
2912 tty->overrun_time = jiffies;
2913 tty->buf.head = tty->buf.tail = NULL;
2914 tty_buffer_init(tty);
2915 mutex_init(&tty->termios_mutex);
2916 mutex_init(&tty->ldisc_mutex);
2917 init_waitqueue_head(&tty->write_wait);
2918 init_waitqueue_head(&tty->read_wait);
2919 INIT_WORK(&tty->hangup_work, do_tty_hangup);
2920 mutex_init(&tty->atomic_read_lock);
2921 mutex_init(&tty->atomic_write_lock);
2922 mutex_init(&tty->output_lock);
2923 mutex_init(&tty->echo_lock);
2924 spin_lock_init(&tty->read_lock);
2925 spin_lock_init(&tty->ctrl_lock);
2926 INIT_LIST_HEAD(&tty->tty_files);
2927 INIT_WORK(&tty->SAK_work, do_SAK_work);
2928
2929 tty->driver = driver;
2930 tty->ops = driver->ops;
2931 tty->index = idx;
2932 tty_line_name(driver, idx, tty->name);
2933 tty->dev = tty_get_device(tty);
2934}
2935
2936/**
2937 * deinitialize_tty_struct
2938 * @tty: tty to deinitialize
2939 *
2940 * This subroutine deinitializes a tty structure that has been newly
2941 * allocated but tty_release cannot be called on that yet.
2942 *
2943 * Locking: none - tty in question must not be exposed at this point
2944 */
2945void deinitialize_tty_struct(struct tty_struct *tty)
2946{
2947 tty_ldisc_deinit(tty);
2948}
2949
2950/**
2951 * tty_put_char - write one character to a tty
2952 * @tty: tty
2953 * @ch: character
2954 *
2955 * Write one byte to the tty using the provided put_char method
2956 * if present. Returns the number of characters successfully output.
2957 *
2958 * Note: the specific put_char operation in the driver layer may go
2959 * away soon. Don't call it directly, use this method
2960 */
2961
2962int tty_put_char(struct tty_struct *tty, unsigned char ch)
2963{
2964 if (tty->ops->put_char)
2965 return tty->ops->put_char(tty, ch);
2966 return tty->ops->write(tty, &ch, 1);
2967}
2968EXPORT_SYMBOL_GPL(tty_put_char);
2969
2970struct class *tty_class;
2971
2972/**
2973 * tty_register_device - register a tty device
2974 * @driver: the tty driver that describes the tty device
2975 * @index: the index in the tty driver for this tty device
2976 * @device: a struct device that is associated with this tty device.
2977 * This field is optional, if there is no known struct device
2978 * for this tty device it can be set to NULL safely.
2979 *
2980 * Returns a pointer to the struct device for this tty device
2981 * (or ERR_PTR(-EFOO) on error).
2982 *
2983 * This call is required to be made to register an individual tty device
2984 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
2985 * that bit is not set, this function should not be called by a tty
2986 * driver.
2987 *
2988 * Locking: ??
2989 */
2990
2991struct device *tty_register_device(struct tty_driver *driver, unsigned index,
2992 struct device *device)
2993{
2994 char name[64];
2995 dev_t dev = MKDEV(driver->major, driver->minor_start) + index;
2996
2997 if (index >= driver->num) {
2998 printk(KERN_ERR "Attempt to register invalid tty line number "
2999 " (%d).\n", index);
3000 return ERR_PTR(-EINVAL);
3001 }
3002
3003 if (driver->type == TTY_DRIVER_TYPE_PTY)
3004 pty_line_name(driver, index, name);
3005 else
3006 tty_line_name(driver, index, name);
3007
3008 return device_create(tty_class, device, dev, NULL, name);
3009}
3010EXPORT_SYMBOL(tty_register_device);
3011
3012/**
3013 * tty_unregister_device - unregister a tty device
3014 * @driver: the tty driver that describes the tty device
3015 * @index: the index in the tty driver for this tty device
3016 *
3017 * If a tty device is registered with a call to tty_register_device() then
3018 * this function must be called when the tty device is gone.
3019 *
3020 * Locking: ??
3021 */
3022
3023void tty_unregister_device(struct tty_driver *driver, unsigned index)
3024{
3025 device_destroy(tty_class,
3026 MKDEV(driver->major, driver->minor_start) + index);
3027}
3028EXPORT_SYMBOL(tty_unregister_device);
3029
3030struct tty_driver *alloc_tty_driver(int lines)
3031{
3032 struct tty_driver *driver;
3033
3034 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
3035 if (driver) {
3036 kref_init(&driver->kref);
3037 driver->magic = TTY_DRIVER_MAGIC;
3038 driver->num = lines;
3039 /* later we'll move allocation of tables here */
3040 }
3041 return driver;
3042}
3043EXPORT_SYMBOL(alloc_tty_driver);
3044
3045static void destruct_tty_driver(struct kref *kref)
3046{
3047 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3048 int i;
3049 struct ktermios *tp;
3050 void *p;
3051
3052 if (driver->flags & TTY_DRIVER_INSTALLED) {
3053 /*
3054 * Free the termios and termios_locked structures because
3055 * we don't want to get memory leaks when modular tty
3056 * drivers are removed from the kernel.
3057 */
3058 for (i = 0; i < driver->num; i++) {
3059 tp = driver->termios[i];
3060 if (tp) {
3061 driver->termios[i] = NULL;
3062 kfree(tp);
3063 }
3064 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3065 tty_unregister_device(driver, i);
3066 }
3067 p = driver->ttys;
3068 proc_tty_unregister_driver(driver);
3069 driver->ttys = NULL;
3070 driver->termios = NULL;
3071 kfree(p);
3072 cdev_del(&driver->cdev);
3073 }
3074 kfree(driver);
3075}
3076
3077void tty_driver_kref_put(struct tty_driver *driver)
3078{
3079 kref_put(&driver->kref, destruct_tty_driver);
3080}
3081EXPORT_SYMBOL(tty_driver_kref_put);
3082
3083void tty_set_operations(struct tty_driver *driver,
3084 const struct tty_operations *op)
3085{
3086 driver->ops = op;
3087};
3088EXPORT_SYMBOL(tty_set_operations);
3089
3090void put_tty_driver(struct tty_driver *d)
3091{
3092 tty_driver_kref_put(d);
3093}
3094EXPORT_SYMBOL(put_tty_driver);
3095
3096/*
3097 * Called by a tty driver to register itself.
3098 */
3099int tty_register_driver(struct tty_driver *driver)
3100{
3101 int error;
3102 int i;
3103 dev_t dev;
3104 void **p = NULL;
3105 struct device *d;
3106
3107 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) {
3108 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL);
3109 if (!p)
3110 return -ENOMEM;
3111 }
3112
3113 if (!driver->major) {
3114 error = alloc_chrdev_region(&dev, driver->minor_start,
3115 driver->num, driver->name);
3116 if (!error) {
3117 driver->major = MAJOR(dev);
3118 driver->minor_start = MINOR(dev);
3119 }
3120 } else {
3121 dev = MKDEV(driver->major, driver->minor_start);
3122 error = register_chrdev_region(dev, driver->num, driver->name);
3123 }
3124 if (error < 0) {
3125 kfree(p);
3126 return error;
3127 }
3128
3129 if (p) {
3130 driver->ttys = (struct tty_struct **)p;
3131 driver->termios = (struct ktermios **)(p + driver->num);
3132 } else {
3133 driver->ttys = NULL;
3134 driver->termios = NULL;
3135 }
3136
3137 cdev_init(&driver->cdev, &tty_fops);
3138 driver->cdev.owner = driver->owner;
3139 error = cdev_add(&driver->cdev, dev, driver->num);
3140 if (error) {
3141 unregister_chrdev_region(dev, driver->num);
3142 driver->ttys = NULL;
3143 driver->termios = NULL;
3144 kfree(p);
3145 return error;
3146 }
3147
3148 mutex_lock(&tty_mutex);
3149 list_add(&driver->tty_drivers, &tty_drivers);
3150 mutex_unlock(&tty_mutex);
3151
3152 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3153 for (i = 0; i < driver->num; i++) {
3154 d = tty_register_device(driver, i, NULL);
3155 if (IS_ERR(d)) {
3156 error = PTR_ERR(d);
3157 goto err;
3158 }
3159 }
3160 }
3161 proc_tty_register_driver(driver);
3162 driver->flags |= TTY_DRIVER_INSTALLED;
3163 return 0;
3164
3165err:
3166 for (i--; i >= 0; i--)
3167 tty_unregister_device(driver, i);
3168
3169 mutex_lock(&tty_mutex);
3170 list_del(&driver->tty_drivers);
3171 mutex_unlock(&tty_mutex);
3172
3173 unregister_chrdev_region(dev, driver->num);
3174 driver->ttys = NULL;
3175 driver->termios = NULL;
3176 kfree(p);
3177 return error;
3178}
3179
3180EXPORT_SYMBOL(tty_register_driver);
3181
3182/*
3183 * Called by a tty driver to unregister itself.
3184 */
3185int tty_unregister_driver(struct tty_driver *driver)
3186{
3187#if 0
3188 /* FIXME */
3189 if (driver->refcount)
3190 return -EBUSY;
3191#endif
3192 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3193 driver->num);
3194 mutex_lock(&tty_mutex);
3195 list_del(&driver->tty_drivers);
3196 mutex_unlock(&tty_mutex);
3197 return 0;
3198}
3199
3200EXPORT_SYMBOL(tty_unregister_driver);
3201
3202dev_t tty_devnum(struct tty_struct *tty)
3203{
3204 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3205}
3206EXPORT_SYMBOL(tty_devnum);
3207
3208void proc_clear_tty(struct task_struct *p)
3209{
3210 unsigned long flags;
3211 struct tty_struct *tty;
3212 spin_lock_irqsave(&p->sighand->siglock, flags);
3213 tty = p->signal->tty;
3214 p->signal->tty = NULL;
3215 spin_unlock_irqrestore(&p->sighand->siglock, flags);
3216 tty_kref_put(tty);
3217}
3218
3219/* Called under the sighand lock */
3220
3221static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3222{
3223 if (tty) {
3224 unsigned long flags;
3225 /* We should not have a session or pgrp to put here but.... */
3226 spin_lock_irqsave(&tty->ctrl_lock, flags);
3227 put_pid(tty->session);
3228 put_pid(tty->pgrp);
3229 tty->pgrp = get_pid(task_pgrp(tsk));
3230 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3231 tty->session = get_pid(task_session(tsk));
3232 if (tsk->signal->tty) {
3233 printk(KERN_DEBUG "tty not NULL!!\n");
3234 tty_kref_put(tsk->signal->tty);
3235 }
3236 }
3237 put_pid(tsk->signal->tty_old_pgrp);
3238 tsk->signal->tty = tty_kref_get(tty);
3239 tsk->signal->tty_old_pgrp = NULL;
3240}
3241
3242static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3243{
3244 spin_lock_irq(&tsk->sighand->siglock);
3245 __proc_set_tty(tsk, tty);
3246 spin_unlock_irq(&tsk->sighand->siglock);
3247}
3248
3249struct tty_struct *get_current_tty(void)
3250{
3251 struct tty_struct *tty;
3252 unsigned long flags;
3253
3254 spin_lock_irqsave(&current->sighand->siglock, flags);
3255 tty = tty_kref_get(current->signal->tty);
3256 spin_unlock_irqrestore(&current->sighand->siglock, flags);
3257 return tty;
3258}
3259EXPORT_SYMBOL_GPL(get_current_tty);
3260
3261void tty_default_fops(struct file_operations *fops)
3262{
3263 *fops = tty_fops;
3264}
3265
3266/*
3267 * Initialize the console device. This is called *early*, so
3268 * we can't necessarily depend on lots of kernel help here.
3269 * Just do some early initializations, and do the complex setup
3270 * later.
3271 */
3272void __init console_init(void)
3273{
3274 initcall_t *call;
3275
3276 /* Setup the default TTY line discipline. */
3277 tty_ldisc_begin();
3278
3279 /*
3280 * set up the console device so that later boot sequences can
3281 * inform about problems etc..
3282 */
3283 call = __con_initcall_start;
3284 while (call < __con_initcall_end) {
3285 (*call)();
3286 call++;
3287 }
3288}
3289
3290static char *tty_devnode(struct device *dev, mode_t *mode)
3291{
3292 if (!mode)
3293 return NULL;
3294 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3295 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3296 *mode = 0666;
3297 return NULL;
3298}
3299
3300static int __init tty_class_init(void)
3301{
3302 tty_class = class_create(THIS_MODULE, "tty");
3303 if (IS_ERR(tty_class))
3304 return PTR_ERR(tty_class);
3305 tty_class->devnode = tty_devnode;
3306 return 0;
3307}
3308
3309postcore_initcall(tty_class_init);
3310
3311/* 3/2004 jmc: why do these devices exist? */
3312static struct cdev tty_cdev, console_cdev;
3313
3314static ssize_t show_cons_active(struct device *dev,
3315 struct device_attribute *attr, char *buf)
3316{
3317 struct console *cs[16];
3318 int i = 0;
3319 struct console *c;
3320 ssize_t count = 0;
3321
3322 console_lock();
3323 for_each_console(c) {
3324 if (!c->device)
3325 continue;
3326 if (!c->write)
3327 continue;
3328 if ((c->flags & CON_ENABLED) == 0)
3329 continue;
3330 cs[i++] = c;
3331 if (i >= ARRAY_SIZE(cs))
3332 break;
3333 }
3334 while (i--)
3335 count += sprintf(buf + count, "%s%d%c",
3336 cs[i]->name, cs[i]->index, i ? ' ':'\n');
3337 console_unlock();
3338
3339 return count;
3340}
3341static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3342
3343static struct device *consdev;
3344
3345void console_sysfs_notify(void)
3346{
3347 if (consdev)
3348 sysfs_notify(&consdev->kobj, NULL, "active");
3349}
3350
3351/*
3352 * Ok, now we can initialize the rest of the tty devices and can count
3353 * on memory allocations, interrupts etc..
3354 */
3355int __init tty_init(void)
3356{
3357 cdev_init(&tty_cdev, &tty_fops);
3358 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3359 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3360 panic("Couldn't register /dev/tty driver\n");
3361 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
3362
3363 cdev_init(&console_cdev, &console_fops);
3364 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3365 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3366 panic("Couldn't register /dev/console driver\n");
3367 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
3368 "console");
3369 if (IS_ERR(consdev))
3370 consdev = NULL;
3371 else
3372 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
3373
3374#ifdef CONFIG_VT
3375 vty_init(&console_fops);
3376#endif
3377 return 0;
3378}
3379
Linux 6.x block layer and io_uring tree(s)