1// SPDX-License-Identifier: GPL-1.0+ 2/* 3 * n_tty.c --- implements the N_TTY line discipline. 4 * 5 * This code used to be in tty_io.c, but things are getting hairy 6 * enough that it made sense to split things off. (The N_TTY 7 * processing has changed so much that it's hardly recognizable, 8 * anyway...) 9 * 10 * Note that the open routine for N_TTY is guaranteed never to return 11 * an error. This is because Linux will fall back to setting a line 12 * to N_TTY if it can not switch to any other line discipline. 13 * 14 * Written by Theodore Ts'o, Copyright 1994. 15 * 16 * This file also contains code originally written by Linus Torvalds, 17 * Copyright 1991, 1992, 1993, and by Julian Cowley, Copyright 1994. 18 * 19 * Reduced memory usage for older ARM systems - Russell King. 20 * 21 * 2000/01/20 Fixed SMP locking on put_tty_queue using bits of 22 * the patch by Andrew J. Kroll <ag784@freenet.buffalo.edu> 23 * who actually finally proved there really was a race. 24 * 25 * 2002/03/18 Implemented n_tty_wakeup to send SIGIO POLL_OUTs to 26 * waiting writing processes-Sapan Bhatia <sapan@corewars.org>. 27 * Also fixed a bug in BLOCKING mode where n_tty_write returns 28 * EAGAIN 29 */ 30 31#include <linux/bitmap.h> 32#include <linux/bitops.h> 33#include <linux/ctype.h> 34#include <linux/errno.h> 35#include <linux/export.h> 36#include <linux/fcntl.h> 37#include <linux/file.h> 38#include <linux/jiffies.h> 39#include <linux/math.h> 40#include <linux/poll.h> 41#include <linux/ratelimit.h> 42#include <linux/sched.h> 43#include <linux/signal.h> 44#include <linux/slab.h> 45#include <linux/string.h> 46#include <linux/tty.h> 47#include <linux/types.h> 48#include <linux/uaccess.h> 49#include <linux/vmalloc.h> 50 51#include "tty.h" 52 53/* 54 * Until this number of characters is queued in the xmit buffer, select will 55 * return "we have room for writes". 56 */ 57#define WAKEUP_CHARS 256 58 59/* 60 * This defines the low- and high-watermarks for throttling and 61 * unthrottling the TTY driver. These watermarks are used for 62 * controlling the space in the read buffer. 63 */ 64#define TTY_THRESHOLD_THROTTLE 128 /* now based on remaining room */ 65#define TTY_THRESHOLD_UNTHROTTLE 128 66 67/* 68 * Special byte codes used in the echo buffer to represent operations 69 * or special handling of characters. Bytes in the echo buffer that 70 * are not part of such special blocks are treated as normal character 71 * codes. 72 */ 73#define ECHO_OP_START 0xff 74#define ECHO_OP_MOVE_BACK_COL 0x80 75#define ECHO_OP_SET_CANON_COL 0x81 76#define ECHO_OP_ERASE_TAB 0x82 77 78#define ECHO_COMMIT_WATERMARK 256 79#define ECHO_BLOCK 256 80#define ECHO_DISCARD_WATERMARK N_TTY_BUF_SIZE - (ECHO_BLOCK + 32) 81 82 83#undef N_TTY_TRACE 84#ifdef N_TTY_TRACE 85# define n_tty_trace(f, args...) trace_printk(f, ##args) 86#else 87# define n_tty_trace(f, args...) no_printk(f, ##args) 88#endif 89 90struct n_tty_data { 91 /* producer-published */ 92 size_t read_head; 93 size_t commit_head; 94 size_t canon_head; 95 size_t echo_head; 96 size_t echo_commit; 97 size_t echo_mark; 98 DECLARE_BITMAP(char_map, 256); 99 100 /* private to n_tty_receive_overrun (single-threaded) */ 101 unsigned long overrun_time; 102 unsigned int num_overrun; 103 104 /* non-atomic */ 105 bool no_room; 106 107 /* must hold exclusive termios_rwsem to reset these */ 108 unsigned char lnext:1, erasing:1, raw:1, real_raw:1, icanon:1; 109 unsigned char push:1; 110 111 /* shared by producer and consumer */ 112 u8 read_buf[N_TTY_BUF_SIZE]; 113 DECLARE_BITMAP(read_flags, N_TTY_BUF_SIZE); 114 u8 echo_buf[N_TTY_BUF_SIZE]; 115 116 /* consumer-published */ 117 size_t read_tail; 118 size_t line_start; 119 120 /* # of chars looked ahead (to find software flow control chars) */ 121 size_t lookahead_count; 122 123 /* protected by output lock */ 124 unsigned int column; 125 unsigned int canon_column; 126 size_t echo_tail; 127 128 struct mutex atomic_read_lock; 129 struct mutex output_lock; 130}; 131 132#define MASK(x) ((x) & (N_TTY_BUF_SIZE - 1)) 133 134static inline size_t read_cnt(struct n_tty_data *ldata) 135{ 136 return ldata->read_head - ldata->read_tail; 137} 138 139static inline u8 read_buf(struct n_tty_data *ldata, size_t i) 140{ 141 return ldata->read_buf[MASK(i)]; 142} 143 144static inline u8 *read_buf_addr(struct n_tty_data *ldata, size_t i) 145{ 146 return &ldata->read_buf[MASK(i)]; 147} 148 149static inline u8 echo_buf(struct n_tty_data *ldata, size_t i) 150{ 151 smp_rmb(); /* Matches smp_wmb() in add_echo_byte(). */ 152 return ldata->echo_buf[MASK(i)]; 153} 154 155static inline u8 *echo_buf_addr(struct n_tty_data *ldata, size_t i) 156{ 157 return &ldata->echo_buf[MASK(i)]; 158} 159 160/* If we are not echoing the data, perhaps this is a secret so erase it */ 161static void zero_buffer(const struct tty_struct *tty, u8 *buffer, size_t size) 162{ 163 if (L_ICANON(tty) && !L_ECHO(tty)) 164 memset(buffer, 0, size); 165} 166 167static void tty_copy(const struct tty_struct *tty, void *to, size_t tail, 168 size_t n) 169{ 170 struct n_tty_data *ldata = tty->disc_data; 171 size_t size = N_TTY_BUF_SIZE - tail; 172 void *from = read_buf_addr(ldata, tail); 173 174 if (n > size) { 175 tty_audit_add_data(tty, from, size); 176 memcpy(to, from, size); 177 zero_buffer(tty, from, size); 178 to += size; 179 n -= size; 180 from = ldata->read_buf; 181 } 182 183 tty_audit_add_data(tty, from, n); 184 memcpy(to, from, n); 185 zero_buffer(tty, from, n); 186} 187 188/** 189 * n_tty_kick_worker - start input worker (if required) 190 * @tty: terminal 191 * 192 * Re-schedules the flip buffer work if it may have stopped. 193 * 194 * Locking: 195 * * Caller holds exclusive %termios_rwsem, or 196 * * n_tty_read()/consumer path: 197 * holds non-exclusive %termios_rwsem 198 */ 199static void n_tty_kick_worker(const struct tty_struct *tty) 200{ 201 struct n_tty_data *ldata = tty->disc_data; 202 203 /* Did the input worker stop? Restart it */ 204 if (unlikely(READ_ONCE(ldata->no_room))) { 205 WRITE_ONCE(ldata->no_room, 0); 206 207 WARN_RATELIMIT(tty->port->itty == NULL, 208 "scheduling with invalid itty\n"); 209 /* see if ldisc has been killed - if so, this means that 210 * even though the ldisc has been halted and ->buf.work 211 * cancelled, ->buf.work is about to be rescheduled 212 */ 213 WARN_RATELIMIT(test_bit(TTY_LDISC_HALTED, &tty->flags), 214 "scheduling buffer work for halted ldisc\n"); 215 tty_buffer_restart_work(tty->port); 216 } 217} 218 219static ssize_t chars_in_buffer(const struct tty_struct *tty) 220{ 221 const struct n_tty_data *ldata = tty->disc_data; 222 size_t head = ldata->icanon ? ldata->canon_head : ldata->commit_head; 223 224 return head - ldata->read_tail; 225} 226 227/** 228 * n_tty_write_wakeup - asynchronous I/O notifier 229 * @tty: tty device 230 * 231 * Required for the ptys, serial driver etc. since processes that attach 232 * themselves to the master and rely on ASYNC IO must be woken up. 233 */ 234static void n_tty_write_wakeup(struct tty_struct *tty) 235{ 236 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 237 kill_fasync(&tty->fasync, SIGIO, POLL_OUT); 238} 239 240static void n_tty_check_throttle(struct tty_struct *tty) 241{ 242 struct n_tty_data *ldata = tty->disc_data; 243 244 /* 245 * Check the remaining room for the input canonicalization 246 * mode. We don't want to throttle the driver if we're in 247 * canonical mode and don't have a newline yet! 248 */ 249 if (ldata->icanon && ldata->canon_head == ldata->read_tail) 250 return; 251 252 do { 253 tty_set_flow_change(tty, TTY_THROTTLE_SAFE); 254 if (N_TTY_BUF_SIZE - read_cnt(ldata) >= TTY_THRESHOLD_THROTTLE) 255 break; 256 } while (!tty_throttle_safe(tty)); 257 258 __tty_set_flow_change(tty, 0); 259} 260 261static void n_tty_check_unthrottle(struct tty_struct *tty) 262{ 263 if (tty->driver->type == TTY_DRIVER_TYPE_PTY) { 264 if (chars_in_buffer(tty) > TTY_THRESHOLD_UNTHROTTLE) 265 return; 266 n_tty_kick_worker(tty); 267 tty_wakeup(tty->link); 268 return; 269 } 270 271 /* If there is enough space in the read buffer now, let the 272 * low-level driver know. We use chars_in_buffer() to 273 * check the buffer, as it now knows about canonical mode. 274 * Otherwise, if the driver is throttled and the line is 275 * longer than TTY_THRESHOLD_UNTHROTTLE in canonical mode, 276 * we won't get any more characters. 277 */ 278 279 do { 280 tty_set_flow_change(tty, TTY_UNTHROTTLE_SAFE); 281 if (chars_in_buffer(tty) > TTY_THRESHOLD_UNTHROTTLE) 282 break; 283 284 n_tty_kick_worker(tty); 285 } while (!tty_unthrottle_safe(tty)); 286 287 __tty_set_flow_change(tty, 0); 288} 289 290/** 291 * put_tty_queue - add character to tty 292 * @c: character 293 * @ldata: n_tty data 294 * 295 * Add a character to the tty read_buf queue. 296 * 297 * Locking: 298 * * n_tty_receive_buf()/producer path: 299 * caller holds non-exclusive %termios_rwsem 300 */ 301static inline void put_tty_queue(u8 c, struct n_tty_data *ldata) 302{ 303 *read_buf_addr(ldata, ldata->read_head) = c; 304 ldata->read_head++; 305} 306 307/** 308 * reset_buffer_flags - reset buffer state 309 * @ldata: line disc data to reset 310 * 311 * Reset the read buffer counters and clear the flags. Called from 312 * n_tty_open() and n_tty_flush_buffer(). 313 * 314 * Locking: 315 * * caller holds exclusive %termios_rwsem, or 316 * * (locking is not required) 317 */ 318static void reset_buffer_flags(struct n_tty_data *ldata) 319{ 320 ldata->read_head = ldata->canon_head = ldata->read_tail = 0; 321 ldata->commit_head = 0; 322 ldata->line_start = 0; 323 324 ldata->erasing = 0; 325 bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE); 326 ldata->push = 0; 327 328 ldata->lookahead_count = 0; 329} 330 331static void n_tty_packet_mode_flush(struct tty_struct *tty) 332{ 333 unsigned long flags; 334 335 if (tty->link->ctrl.packet) { 336 spin_lock_irqsave(&tty->ctrl.lock, flags); 337 tty->ctrl.pktstatus |= TIOCPKT_FLUSHREAD; 338 spin_unlock_irqrestore(&tty->ctrl.lock, flags); 339 wake_up_interruptible(&tty->link->read_wait); 340 } 341} 342 343/** 344 * n_tty_flush_buffer - clean input queue 345 * @tty: terminal device 346 * 347 * Flush the input buffer. Called when the tty layer wants the buffer flushed 348 * (eg at hangup) or when the %N_TTY line discipline internally has to clean 349 * the pending queue (for example some signals). 350 * 351 * Holds %termios_rwsem to exclude producer/consumer while buffer indices are 352 * reset. 353 * 354 * Locking: %ctrl.lock, exclusive %termios_rwsem 355 */ 356static void n_tty_flush_buffer(struct tty_struct *tty) 357{ 358 down_write(&tty->termios_rwsem); 359 reset_buffer_flags(tty->disc_data); 360 n_tty_kick_worker(tty); 361 362 if (tty->link) 363 n_tty_packet_mode_flush(tty); 364 up_write(&tty->termios_rwsem); 365} 366 367/** 368 * is_utf8_continuation - utf8 multibyte check 369 * @c: byte to check 370 * 371 * Returns: true if the utf8 character @c is a multibyte continuation 372 * character. We use this to correctly compute the on-screen size of the 373 * character when printing. 374 */ 375static inline int is_utf8_continuation(u8 c) 376{ 377 return (c & 0xc0) == 0x80; 378} 379 380/** 381 * is_continuation - multibyte check 382 * @c: byte to check 383 * @tty: terminal device 384 * 385 * Returns: true if the utf8 character @c is a multibyte continuation character 386 * and the terminal is in unicode mode. 387 */ 388static inline int is_continuation(u8 c, const struct tty_struct *tty) 389{ 390 return I_IUTF8(tty) && is_utf8_continuation(c); 391} 392 393/** 394 * do_output_char - output one character 395 * @c: character (or partial unicode symbol) 396 * @tty: terminal device 397 * @space: space available in tty driver write buffer 398 * 399 * This is a helper function that handles one output character (including 400 * special characters like TAB, CR, LF, etc.), doing OPOST processing and 401 * putting the results in the tty driver's write buffer. 402 * 403 * Note that Linux currently ignores TABDLY, CRDLY, VTDLY, FFDLY and NLDLY. 404 * They simply aren't relevant in the world today. If you ever need them, add 405 * them here. 406 * 407 * Returns: the number of bytes of buffer space used or -1 if no space left. 408 * 409 * Locking: should be called under the %output_lock to protect the column state 410 * and space left in the buffer. 411 */ 412static int do_output_char(u8 c, struct tty_struct *tty, int space) 413{ 414 struct n_tty_data *ldata = tty->disc_data; 415 int spaces; 416 417 if (!space) 418 return -1; 419 420 switch (c) { 421 case '\n': 422 if (O_ONLRET(tty)) 423 ldata->column = 0; 424 if (O_ONLCR(tty)) { 425 if (space < 2) 426 return -1; 427 ldata->canon_column = ldata->column = 0; 428 tty->ops->write(tty, "\r\n", 2); 429 return 2; 430 } 431 ldata->canon_column = ldata->column; 432 break; 433 case '\r': 434 if (O_ONOCR(tty) && ldata->column == 0) 435 return 0; 436 if (O_OCRNL(tty)) { 437 c = '\n'; 438 if (O_ONLRET(tty)) 439 ldata->canon_column = ldata->column = 0; 440 break; 441 } 442 ldata->canon_column = ldata->column = 0; 443 break; 444 case '\t': 445 spaces = 8 - (ldata->column & 7); 446 if (O_TABDLY(tty) == XTABS) { 447 if (space < spaces) 448 return -1; 449 ldata->column += spaces; 450 tty->ops->write(tty, " ", spaces); 451 return spaces; 452 } 453 ldata->column += spaces; 454 break; 455 case '\b': 456 if (ldata->column > 0) 457 ldata->column--; 458 break; 459 default: 460 if (!iscntrl(c)) { 461 if (O_OLCUC(tty)) 462 c = toupper(c); 463 if (!is_continuation(c, tty)) 464 ldata->column++; 465 } 466 break; 467 } 468 469 tty_put_char(tty, c); 470 return 1; 471} 472 473/** 474 * process_output - output post processor 475 * @c: character (or partial unicode symbol) 476 * @tty: terminal device 477 * 478 * Output one character with OPOST processing. 479 * 480 * Returns: -1 when the output device is full and the character must be 481 * retried. 482 * 483 * Locking: %output_lock to protect column state and space left (also, this is 484 *called from n_tty_write() under the tty layer write lock). 485 */ 486static int process_output(u8 c, struct tty_struct *tty) 487{ 488 struct n_tty_data *ldata = tty->disc_data; 489 int space, retval; 490 491 mutex_lock(&ldata->output_lock); 492 493 space = tty_write_room(tty); 494 retval = do_output_char(c, tty, space); 495 496 mutex_unlock(&ldata->output_lock); 497 if (retval < 0) 498 return -1; 499 else 500 return 0; 501} 502 503/** 504 * process_output_block - block post processor 505 * @tty: terminal device 506 * @buf: character buffer 507 * @nr: number of bytes to output 508 * 509 * Output a block of characters with OPOST processing. 510 * 511 * This path is used to speed up block console writes, among other things when 512 * processing blocks of output data. It handles only the simple cases normally 513 * found and helps to generate blocks of symbols for the console driver and 514 * thus improve performance. 515 * 516 * Returns: the number of characters output. 517 * 518 * Locking: %output_lock to protect column state and space left (also, this is 519 * called from n_tty_write() under the tty layer write lock). 520 */ 521static ssize_t process_output_block(struct tty_struct *tty, 522 const u8 *buf, unsigned int nr) 523{ 524 struct n_tty_data *ldata = tty->disc_data; 525 int space; 526 int i; 527 const u8 *cp; 528 529 mutex_lock(&ldata->output_lock); 530 531 space = tty_write_room(tty); 532 if (space <= 0) { 533 mutex_unlock(&ldata->output_lock); 534 return space; 535 } 536 if (nr > space) 537 nr = space; 538 539 for (i = 0, cp = buf; i < nr; i++, cp++) { 540 u8 c = *cp; 541 542 switch (c) { 543 case '\n': 544 if (O_ONLRET(tty)) 545 ldata->column = 0; 546 if (O_ONLCR(tty)) 547 goto break_out; 548 ldata->canon_column = ldata->column; 549 break; 550 case '\r': 551 if (O_ONOCR(tty) && ldata->column == 0) 552 goto break_out; 553 if (O_OCRNL(tty)) 554 goto break_out; 555 ldata->canon_column = ldata->column = 0; 556 break; 557 case '\t': 558 goto break_out; 559 case '\b': 560 if (ldata->column > 0) 561 ldata->column--; 562 break; 563 default: 564 if (!iscntrl(c)) { 565 if (O_OLCUC(tty)) 566 goto break_out; 567 if (!is_continuation(c, tty)) 568 ldata->column++; 569 } 570 break; 571 } 572 } 573break_out: 574 i = tty->ops->write(tty, buf, i); 575 576 mutex_unlock(&ldata->output_lock); 577 return i; 578} 579 580static int n_tty_process_echo_ops(struct tty_struct *tty, size_t *tail, 581 int space) 582{ 583 struct n_tty_data *ldata = tty->disc_data; 584 u8 op; 585 586 /* 587 * Since add_echo_byte() is called without holding output_lock, we 588 * might see only portion of multi-byte operation. 589 */ 590 if (MASK(ldata->echo_commit) == MASK(*tail + 1)) 591 return -ENODATA; 592 593 /* 594 * If the buffer byte is the start of a multi-byte operation, get the 595 * next byte, which is either the op code or a control character value. 596 */ 597 op = echo_buf(ldata, *tail + 1); 598 599 switch (op) { 600 case ECHO_OP_ERASE_TAB: { 601 unsigned int num_chars, num_bs; 602 603 if (MASK(ldata->echo_commit) == MASK(*tail + 2)) 604 return -ENODATA; 605 606 num_chars = echo_buf(ldata, *tail + 2); 607 608 /* 609 * Determine how many columns to go back in order to erase the 610 * tab. This depends on the number of columns used by other 611 * characters within the tab area. If this (modulo 8) count is 612 * from the start of input rather than from a previous tab, we 613 * offset by canon column. Otherwise, tab spacing is normal. 614 */ 615 if (!(num_chars & 0x80)) 616 num_chars += ldata->canon_column; 617 num_bs = 8 - (num_chars & 7); 618 619 if (num_bs > space) 620 return -ENOSPC; 621 622 space -= num_bs; 623 while (num_bs--) { 624 tty_put_char(tty, '\b'); 625 if (ldata->column > 0) 626 ldata->column--; 627 } 628 *tail += 3; 629 break; 630 } 631 case ECHO_OP_SET_CANON_COL: 632 ldata->canon_column = ldata->column; 633 *tail += 2; 634 break; 635 636 case ECHO_OP_MOVE_BACK_COL: 637 if (ldata->column > 0) 638 ldata->column--; 639 *tail += 2; 640 break; 641 642 case ECHO_OP_START: 643 /* This is an escaped echo op start code */ 644 if (!space) 645 return -ENOSPC; 646 647 tty_put_char(tty, ECHO_OP_START); 648 ldata->column++; 649 space--; 650 *tail += 2; 651 break; 652 653 default: 654 /* 655 * If the op is not a special byte code, it is a ctrl char 656 * tagged to be echoed as "^X" (where X is the letter 657 * representing the control char). Note that we must ensure 658 * there is enough space for the whole ctrl pair. 659 */ 660 if (space < 2) 661 return -ENOSPC; 662 663 tty_put_char(tty, '^'); 664 tty_put_char(tty, op ^ 0100); 665 ldata->column += 2; 666 space -= 2; 667 *tail += 2; 668 break; 669 } 670 671 return space; 672} 673 674/** 675 * __process_echoes - write pending echo characters 676 * @tty: terminal device 677 * 678 * Write previously buffered echo (and other ldisc-generated) characters to the 679 * tty. 680 * 681 * Characters generated by the ldisc (including echoes) need to be buffered 682 * because the driver's write buffer can fill during heavy program output. 683 * Echoing straight to the driver will often fail under these conditions, 684 * causing lost characters and resulting mismatches of ldisc state information. 685 * 686 * Since the ldisc state must represent the characters actually sent to the 687 * driver at the time of the write, operations like certain changes in column 688 * state are also saved in the buffer and executed here. 689 * 690 * A circular fifo buffer is used so that the most recent characters are 691 * prioritized. Also, when control characters are echoed with a prefixed "^", 692 * the pair is treated atomically and thus not separated. 693 * 694 * Locking: callers must hold %output_lock. 695 */ 696static size_t __process_echoes(struct tty_struct *tty) 697{ 698 struct n_tty_data *ldata = tty->disc_data; 699 int space, old_space; 700 size_t tail; 701 u8 c; 702 703 old_space = space = tty_write_room(tty); 704 705 tail = ldata->echo_tail; 706 while (MASK(ldata->echo_commit) != MASK(tail)) { 707 c = echo_buf(ldata, tail); 708 if (c == ECHO_OP_START) { 709 int ret = n_tty_process_echo_ops(tty, &tail, space); 710 if (ret == -ENODATA) 711 goto not_yet_stored; 712 if (ret < 0) 713 break; 714 space = ret; 715 } else { 716 if (O_OPOST(tty)) { 717 int retval = do_output_char(c, tty, space); 718 if (retval < 0) 719 break; 720 space -= retval; 721 } else { 722 if (!space) 723 break; 724 tty_put_char(tty, c); 725 space -= 1; 726 } 727 tail += 1; 728 } 729 } 730 731 /* If the echo buffer is nearly full (so that the possibility exists 732 * of echo overrun before the next commit), then discard enough 733 * data at the tail to prevent a subsequent overrun */ 734 while (ldata->echo_commit > tail && 735 ldata->echo_commit - tail >= ECHO_DISCARD_WATERMARK) { 736 if (echo_buf(ldata, tail) == ECHO_OP_START) { 737 if (echo_buf(ldata, tail + 1) == ECHO_OP_ERASE_TAB) 738 tail += 3; 739 else 740 tail += 2; 741 } else 742 tail++; 743 } 744 745 not_yet_stored: 746 ldata->echo_tail = tail; 747 return old_space - space; 748} 749 750static void commit_echoes(struct tty_struct *tty) 751{ 752 struct n_tty_data *ldata = tty->disc_data; 753 size_t nr, old, echoed; 754 size_t head; 755 756 mutex_lock(&ldata->output_lock); 757 head = ldata->echo_head; 758 ldata->echo_mark = head; 759 old = ldata->echo_commit - ldata->echo_tail; 760 761 /* Process committed echoes if the accumulated # of bytes 762 * is over the threshold (and try again each time another 763 * block is accumulated) */ 764 nr = head - ldata->echo_tail; 765 if (nr < ECHO_COMMIT_WATERMARK || 766 (nr % ECHO_BLOCK > old % ECHO_BLOCK)) { 767 mutex_unlock(&ldata->output_lock); 768 return; 769 } 770 771 ldata->echo_commit = head; 772 echoed = __process_echoes(tty); 773 mutex_unlock(&ldata->output_lock); 774 775 if (echoed && tty->ops->flush_chars) 776 tty->ops->flush_chars(tty); 777} 778 779static void process_echoes(struct tty_struct *tty) 780{ 781 struct n_tty_data *ldata = tty->disc_data; 782 size_t echoed; 783 784 if (ldata->echo_mark == ldata->echo_tail) 785 return; 786 787 mutex_lock(&ldata->output_lock); 788 ldata->echo_commit = ldata->echo_mark; 789 echoed = __process_echoes(tty); 790 mutex_unlock(&ldata->output_lock); 791 792 if (echoed && tty->ops->flush_chars) 793 tty->ops->flush_chars(tty); 794} 795 796/* NB: echo_mark and echo_head should be equivalent here */ 797static void flush_echoes(struct tty_struct *tty) 798{ 799 struct n_tty_data *ldata = tty->disc_data; 800 801 if ((!L_ECHO(tty) && !L_ECHONL(tty)) || 802 ldata->echo_commit == ldata->echo_head) 803 return; 804 805 mutex_lock(&ldata->output_lock); 806 ldata->echo_commit = ldata->echo_head; 807 __process_echoes(tty); 808 mutex_unlock(&ldata->output_lock); 809} 810 811/** 812 * add_echo_byte - add a byte to the echo buffer 813 * @c: unicode byte to echo 814 * @ldata: n_tty data 815 * 816 * Add a character or operation byte to the echo buffer. 817 */ 818static inline void add_echo_byte(u8 c, struct n_tty_data *ldata) 819{ 820 *echo_buf_addr(ldata, ldata->echo_head) = c; 821 smp_wmb(); /* Matches smp_rmb() in echo_buf(). */ 822 ldata->echo_head++; 823} 824 825/** 826 * echo_move_back_col - add operation to move back a column 827 * @ldata: n_tty data 828 * 829 * Add an operation to the echo buffer to move back one column. 830 */ 831static void echo_move_back_col(struct n_tty_data *ldata) 832{ 833 add_echo_byte(ECHO_OP_START, ldata); 834 add_echo_byte(ECHO_OP_MOVE_BACK_COL, ldata); 835} 836 837/** 838 * echo_set_canon_col - add operation to set the canon column 839 * @ldata: n_tty data 840 * 841 * Add an operation to the echo buffer to set the canon column to the current 842 * column. 843 */ 844static void echo_set_canon_col(struct n_tty_data *ldata) 845{ 846 add_echo_byte(ECHO_OP_START, ldata); 847 add_echo_byte(ECHO_OP_SET_CANON_COL, ldata); 848} 849 850/** 851 * echo_erase_tab - add operation to erase a tab 852 * @num_chars: number of character columns already used 853 * @after_tab: true if num_chars starts after a previous tab 854 * @ldata: n_tty data 855 * 856 * Add an operation to the echo buffer to erase a tab. 857 * 858 * Called by the eraser function, which knows how many character columns have 859 * been used since either a previous tab or the start of input. This 860 * information will be used later, along with canon column (if applicable), to 861 * go back the correct number of columns. 862 */ 863static void echo_erase_tab(unsigned int num_chars, int after_tab, 864 struct n_tty_data *ldata) 865{ 866 add_echo_byte(ECHO_OP_START, ldata); 867 add_echo_byte(ECHO_OP_ERASE_TAB, ldata); 868 869 /* We only need to know this modulo 8 (tab spacing) */ 870 num_chars &= 7; 871 872 /* Set the high bit as a flag if num_chars is after a previous tab */ 873 if (after_tab) 874 num_chars |= 0x80; 875 876 add_echo_byte(num_chars, ldata); 877} 878 879/** 880 * echo_char_raw - echo a character raw 881 * @c: unicode byte to echo 882 * @ldata: line disc data 883 * 884 * Echo user input back onto the screen. This must be called only when 885 * L_ECHO(tty) is true. Called from the &tty_driver.receive_buf() path. 886 * 887 * This variant does not treat control characters specially. 888 */ 889static void echo_char_raw(u8 c, struct n_tty_data *ldata) 890{ 891 if (c == ECHO_OP_START) { 892 add_echo_byte(ECHO_OP_START, ldata); 893 add_echo_byte(ECHO_OP_START, ldata); 894 } else { 895 add_echo_byte(c, ldata); 896 } 897} 898 899/** 900 * echo_char - echo a character 901 * @c: unicode byte to echo 902 * @tty: terminal device 903 * 904 * Echo user input back onto the screen. This must be called only when 905 * L_ECHO(tty) is true. Called from the &tty_driver.receive_buf() path. 906 * 907 * This variant tags control characters to be echoed as "^X" (where X is the 908 * letter representing the control char). 909 */ 910static void echo_char(u8 c, const struct tty_struct *tty) 911{ 912 struct n_tty_data *ldata = tty->disc_data; 913 914 if (c == ECHO_OP_START) { 915 add_echo_byte(ECHO_OP_START, ldata); 916 add_echo_byte(ECHO_OP_START, ldata); 917 } else { 918 if (L_ECHOCTL(tty) && iscntrl(c) && c != '\t') 919 add_echo_byte(ECHO_OP_START, ldata); 920 add_echo_byte(c, ldata); 921 } 922} 923 924/** 925 * finish_erasing - complete erase 926 * @ldata: n_tty data 927 */ 928static inline void finish_erasing(struct n_tty_data *ldata) 929{ 930 if (ldata->erasing) { 931 echo_char_raw('/', ldata); 932 ldata->erasing = 0; 933 } 934} 935 936/** 937 * eraser - handle erase function 938 * @c: character input 939 * @tty: terminal device 940 * 941 * Perform erase and necessary output when an erase character is present in the 942 * stream from the driver layer. Handles the complexities of UTF-8 multibyte 943 * symbols. 944 * 945 * Locking: n_tty_receive_buf()/producer path: 946 * caller holds non-exclusive %termios_rwsem 947 */ 948static void eraser(u8 c, const struct tty_struct *tty) 949{ 950 struct n_tty_data *ldata = tty->disc_data; 951 enum { ERASE, WERASE, KILL } kill_type; 952 size_t head; 953 size_t cnt; 954 int seen_alnums; 955 956 if (ldata->read_head == ldata->canon_head) { 957 /* process_output('\a', tty); */ /* what do you think? */ 958 return; 959 } 960 if (c == ERASE_CHAR(tty)) 961 kill_type = ERASE; 962 else if (c == WERASE_CHAR(tty)) 963 kill_type = WERASE; 964 else { 965 if (!L_ECHO(tty)) { 966 ldata->read_head = ldata->canon_head; 967 return; 968 } 969 if (!L_ECHOK(tty) || !L_ECHOKE(tty) || !L_ECHOE(tty)) { 970 ldata->read_head = ldata->canon_head; 971 finish_erasing(ldata); 972 echo_char(KILL_CHAR(tty), tty); 973 /* Add a newline if ECHOK is on and ECHOKE is off. */ 974 if (L_ECHOK(tty)) 975 echo_char_raw('\n', ldata); 976 return; 977 } 978 kill_type = KILL; 979 } 980 981 seen_alnums = 0; 982 while (MASK(ldata->read_head) != MASK(ldata->canon_head)) { 983 head = ldata->read_head; 984 985 /* erase a single possibly multibyte character */ 986 do { 987 head--; 988 c = read_buf(ldata, head); 989 } while (is_continuation(c, tty) && 990 MASK(head) != MASK(ldata->canon_head)); 991 992 /* do not partially erase */ 993 if (is_continuation(c, tty)) 994 break; 995 996 if (kill_type == WERASE) { 997 /* Equivalent to BSD's ALTWERASE. */ 998 if (isalnum(c) || c == '_') 999 seen_alnums++; 1000 else if (seen_alnums) 1001 break; 1002 } 1003 cnt = ldata->read_head - head; 1004 ldata->read_head = head; 1005 if (L_ECHO(tty)) { 1006 if (L_ECHOPRT(tty)) { 1007 if (!ldata->erasing) { 1008 echo_char_raw('\\', ldata); 1009 ldata->erasing = 1; 1010 } 1011 /* if cnt > 1, output a multi-byte character */ 1012 echo_char(c, tty); 1013 while (--cnt > 0) { 1014 head++; 1015 echo_char_raw(read_buf(ldata, head), ldata); 1016 echo_move_back_col(ldata); 1017 } 1018 } else if (kill_type == ERASE && !L_ECHOE(tty)) { 1019 echo_char(ERASE_CHAR(tty), tty); 1020 } else if (c == '\t') { 1021 unsigned int num_chars = 0; 1022 int after_tab = 0; 1023 size_t tail = ldata->read_head; 1024 1025 /* 1026 * Count the columns used for characters 1027 * since the start of input or after a 1028 * previous tab. 1029 * This info is used to go back the correct 1030 * number of columns. 1031 */ 1032 while (MASK(tail) != MASK(ldata->canon_head)) { 1033 tail--; 1034 c = read_buf(ldata, tail); 1035 if (c == '\t') { 1036 after_tab = 1; 1037 break; 1038 } else if (iscntrl(c)) { 1039 if (L_ECHOCTL(tty)) 1040 num_chars += 2; 1041 } else if (!is_continuation(c, tty)) { 1042 num_chars++; 1043 } 1044 } 1045 echo_erase_tab(num_chars, after_tab, ldata); 1046 } else { 1047 if (iscntrl(c) && L_ECHOCTL(tty)) { 1048 echo_char_raw('\b', ldata); 1049 echo_char_raw(' ', ldata); 1050 echo_char_raw('\b', ldata); 1051 } 1052 if (!iscntrl(c) || L_ECHOCTL(tty)) { 1053 echo_char_raw('\b', ldata); 1054 echo_char_raw(' ', ldata); 1055 echo_char_raw('\b', ldata); 1056 } 1057 } 1058 } 1059 if (kill_type == ERASE) 1060 break; 1061 } 1062 if (ldata->read_head == ldata->canon_head && L_ECHO(tty)) 1063 finish_erasing(ldata); 1064} 1065 1066 1067static void __isig(int sig, struct tty_struct *tty) 1068{ 1069 struct pid *tty_pgrp = tty_get_pgrp(tty); 1070 if (tty_pgrp) { 1071 kill_pgrp(tty_pgrp, sig, 1); 1072 put_pid(tty_pgrp); 1073 } 1074} 1075 1076/** 1077 * isig - handle the ISIG optio 1078 * @sig: signal 1079 * @tty: terminal 1080 * 1081 * Called when a signal is being sent due to terminal input. Called from the 1082 * &tty_driver.receive_buf() path, so serialized. 1083 * 1084 * Performs input and output flush if !NOFLSH. In this context, the echo 1085 * buffer is 'output'. The signal is processed first to alert any current 1086 * readers or writers to discontinue and exit their i/o loops. 1087 * 1088 * Locking: %ctrl.lock 1089 */ 1090static void isig(int sig, struct tty_struct *tty) 1091{ 1092 struct n_tty_data *ldata = tty->disc_data; 1093 1094 if (L_NOFLSH(tty)) { 1095 /* signal only */ 1096 __isig(sig, tty); 1097 1098 } else { /* signal and flush */ 1099 up_read(&tty->termios_rwsem); 1100 down_write(&tty->termios_rwsem); 1101 1102 __isig(sig, tty); 1103 1104 /* clear echo buffer */ 1105 mutex_lock(&ldata->output_lock); 1106 ldata->echo_head = ldata->echo_tail = 0; 1107 ldata->echo_mark = ldata->echo_commit = 0; 1108 mutex_unlock(&ldata->output_lock); 1109 1110 /* clear output buffer */ 1111 tty_driver_flush_buffer(tty); 1112 1113 /* clear input buffer */ 1114 reset_buffer_flags(tty->disc_data); 1115 1116 /* notify pty master of flush */ 1117 if (tty->link) 1118 n_tty_packet_mode_flush(tty); 1119 1120 up_write(&tty->termios_rwsem); 1121 down_read(&tty->termios_rwsem); 1122 } 1123} 1124 1125/** 1126 * n_tty_receive_break - handle break 1127 * @tty: terminal 1128 * 1129 * An RS232 break event has been hit in the incoming bitstream. This can cause 1130 * a variety of events depending upon the termios settings. 1131 * 1132 * Locking: n_tty_receive_buf()/producer path: 1133 * caller holds non-exclusive termios_rwsem 1134 * 1135 * Note: may get exclusive %termios_rwsem if flushing input buffer 1136 */ 1137static void n_tty_receive_break(struct tty_struct *tty) 1138{ 1139 struct n_tty_data *ldata = tty->disc_data; 1140 1141 if (I_IGNBRK(tty)) 1142 return; 1143 if (I_BRKINT(tty)) { 1144 isig(SIGINT, tty); 1145 return; 1146 } 1147 if (I_PARMRK(tty)) { 1148 put_tty_queue('\377', ldata); 1149 put_tty_queue('\0', ldata); 1150 } 1151 put_tty_queue('\0', ldata); 1152} 1153 1154/** 1155 * n_tty_receive_overrun - handle overrun reporting 1156 * @tty: terminal 1157 * 1158 * Data arrived faster than we could process it. While the tty driver has 1159 * flagged this the bits that were missed are gone forever. 1160 * 1161 * Called from the receive_buf path so single threaded. Does not need locking 1162 * as num_overrun and overrun_time are function private. 1163 */ 1164static void n_tty_receive_overrun(const struct tty_struct *tty) 1165{ 1166 struct n_tty_data *ldata = tty->disc_data; 1167 1168 ldata->num_overrun++; 1169 if (time_is_before_jiffies(ldata->overrun_time + HZ)) { 1170 tty_warn(tty, "%u input overrun(s)\n", ldata->num_overrun); 1171 ldata->overrun_time = jiffies; 1172 ldata->num_overrun = 0; 1173 } 1174} 1175 1176/** 1177 * n_tty_receive_parity_error - error notifier 1178 * @tty: terminal device 1179 * @c: character 1180 * 1181 * Process a parity error and queue the right data to indicate the error case 1182 * if necessary. 1183 * 1184 * Locking: n_tty_receive_buf()/producer path: 1185 * caller holds non-exclusive %termios_rwsem 1186 */ 1187static void n_tty_receive_parity_error(const struct tty_struct *tty, 1188 u8 c) 1189{ 1190 struct n_tty_data *ldata = tty->disc_data; 1191 1192 if (I_INPCK(tty)) { 1193 if (I_IGNPAR(tty)) 1194 return; 1195 if (I_PARMRK(tty)) { 1196 put_tty_queue('\377', ldata); 1197 put_tty_queue('\0', ldata); 1198 put_tty_queue(c, ldata); 1199 } else 1200 put_tty_queue('\0', ldata); 1201 } else 1202 put_tty_queue(c, ldata); 1203} 1204 1205static void 1206n_tty_receive_signal_char(struct tty_struct *tty, int signal, u8 c) 1207{ 1208 isig(signal, tty); 1209 if (I_IXON(tty)) 1210 start_tty(tty); 1211 if (L_ECHO(tty)) { 1212 echo_char(c, tty); 1213 commit_echoes(tty); 1214 } else 1215 process_echoes(tty); 1216} 1217 1218static bool n_tty_is_char_flow_ctrl(struct tty_struct *tty, u8 c) 1219{ 1220 return c == START_CHAR(tty) || c == STOP_CHAR(tty); 1221} 1222 1223/** 1224 * n_tty_receive_char_flow_ctrl - receive flow control chars 1225 * @tty: terminal device 1226 * @c: character 1227 * @lookahead_done: lookahead has processed this character already 1228 * 1229 * Receive and process flow control character actions. 1230 * 1231 * In case lookahead for flow control chars already handled the character in 1232 * advance to the normal receive, the actions are skipped during normal 1233 * receive. 1234 * 1235 * Returns true if @c is consumed as flow-control character, the character 1236 * must not be treated as normal character. 1237 */ 1238static bool n_tty_receive_char_flow_ctrl(struct tty_struct *tty, u8 c, 1239 bool lookahead_done) 1240{ 1241 if (!n_tty_is_char_flow_ctrl(tty, c)) 1242 return false; 1243 1244 if (lookahead_done) 1245 return true; 1246 1247 if (c == START_CHAR(tty)) { 1248 start_tty(tty); 1249 process_echoes(tty); 1250 return true; 1251 } 1252 1253 /* STOP_CHAR */ 1254 stop_tty(tty); 1255 return true; 1256} 1257 1258static void n_tty_receive_handle_newline(struct tty_struct *tty, u8 c) 1259{ 1260 struct n_tty_data *ldata = tty->disc_data; 1261 1262 set_bit(MASK(ldata->read_head), ldata->read_flags); 1263 put_tty_queue(c, ldata); 1264 smp_store_release(&ldata->canon_head, ldata->read_head); 1265 kill_fasync(&tty->fasync, SIGIO, POLL_IN); 1266 wake_up_interruptible_poll(&tty->read_wait, EPOLLIN | EPOLLRDNORM); 1267} 1268 1269static bool n_tty_receive_char_canon(struct tty_struct *tty, u8 c) 1270{ 1271 struct n_tty_data *ldata = tty->disc_data; 1272 1273 if (c == ERASE_CHAR(tty) || c == KILL_CHAR(tty) || 1274 (c == WERASE_CHAR(tty) && L_IEXTEN(tty))) { 1275 eraser(c, tty); 1276 commit_echoes(tty); 1277 1278 return true; 1279 } 1280 1281 if (c == LNEXT_CHAR(tty) && L_IEXTEN(tty)) { 1282 ldata->lnext = 1; 1283 if (L_ECHO(tty)) { 1284 finish_erasing(ldata); 1285 if (L_ECHOCTL(tty)) { 1286 echo_char_raw('^', ldata); 1287 echo_char_raw('\b', ldata); 1288 commit_echoes(tty); 1289 } 1290 } 1291 1292 return true; 1293 } 1294 1295 if (c == REPRINT_CHAR(tty) && L_ECHO(tty) && L_IEXTEN(tty)) { 1296 size_t tail = ldata->canon_head; 1297 1298 finish_erasing(ldata); 1299 echo_char(c, tty); 1300 echo_char_raw('\n', ldata); 1301 while (MASK(tail) != MASK(ldata->read_head)) { 1302 echo_char(read_buf(ldata, tail), tty); 1303 tail++; 1304 } 1305 commit_echoes(tty); 1306 1307 return true; 1308 } 1309 1310 if (c == '\n') { 1311 if (L_ECHO(tty) || L_ECHONL(tty)) { 1312 echo_char_raw('\n', ldata); 1313 commit_echoes(tty); 1314 } 1315 n_tty_receive_handle_newline(tty, c); 1316 1317 return true; 1318 } 1319 1320 if (c == EOF_CHAR(tty)) { 1321 c = __DISABLED_CHAR; 1322 n_tty_receive_handle_newline(tty, c); 1323 1324 return true; 1325 } 1326 1327 if ((c == EOL_CHAR(tty)) || 1328 (c == EOL2_CHAR(tty) && L_IEXTEN(tty))) { 1329 /* 1330 * XXX are EOL_CHAR and EOL2_CHAR echoed?!? 1331 */ 1332 if (L_ECHO(tty)) { 1333 /* Record the column of first canon char. */ 1334 if (ldata->canon_head == ldata->read_head) 1335 echo_set_canon_col(ldata); 1336 echo_char(c, tty); 1337 commit_echoes(tty); 1338 } 1339 /* 1340 * XXX does PARMRK doubling happen for 1341 * EOL_CHAR and EOL2_CHAR? 1342 */ 1343 if (c == '\377' && I_PARMRK(tty)) 1344 put_tty_queue(c, ldata); 1345 1346 n_tty_receive_handle_newline(tty, c); 1347 1348 return true; 1349 } 1350 1351 return false; 1352} 1353 1354static void n_tty_receive_char_special(struct tty_struct *tty, u8 c, 1355 bool lookahead_done) 1356{ 1357 struct n_tty_data *ldata = tty->disc_data; 1358 1359 if (I_IXON(tty) && n_tty_receive_char_flow_ctrl(tty, c, lookahead_done)) 1360 return; 1361 1362 if (L_ISIG(tty)) { 1363 if (c == INTR_CHAR(tty)) { 1364 n_tty_receive_signal_char(tty, SIGINT, c); 1365 return; 1366 } else if (c == QUIT_CHAR(tty)) { 1367 n_tty_receive_signal_char(tty, SIGQUIT, c); 1368 return; 1369 } else if (c == SUSP_CHAR(tty)) { 1370 n_tty_receive_signal_char(tty, SIGTSTP, c); 1371 return; 1372 } 1373 } 1374 1375 if (tty->flow.stopped && !tty->flow.tco_stopped && I_IXON(tty) && I_IXANY(tty)) { 1376 start_tty(tty); 1377 process_echoes(tty); 1378 } 1379 1380 if (c == '\r') { 1381 if (I_IGNCR(tty)) 1382 return; 1383 if (I_ICRNL(tty)) 1384 c = '\n'; 1385 } else if (c == '\n' && I_INLCR(tty)) 1386 c = '\r'; 1387 1388 if (ldata->icanon && n_tty_receive_char_canon(tty, c)) 1389 return; 1390 1391 if (L_ECHO(tty)) { 1392 finish_erasing(ldata); 1393 if (c == '\n') 1394 echo_char_raw('\n', ldata); 1395 else { 1396 /* Record the column of first canon char. */ 1397 if (ldata->canon_head == ldata->read_head) 1398 echo_set_canon_col(ldata); 1399 echo_char(c, tty); 1400 } 1401 commit_echoes(tty); 1402 } 1403 1404 /* PARMRK doubling check */ 1405 if (c == '\377' && I_PARMRK(tty)) 1406 put_tty_queue(c, ldata); 1407 1408 put_tty_queue(c, ldata); 1409} 1410 1411/** 1412 * n_tty_receive_char - perform processing 1413 * @tty: terminal device 1414 * @c: character 1415 * 1416 * Process an individual character of input received from the driver. This is 1417 * serialized with respect to itself by the rules for the driver above. 1418 * 1419 * Locking: n_tty_receive_buf()/producer path: 1420 * caller holds non-exclusive %termios_rwsem 1421 * publishes canon_head if canonical mode is active 1422 */ 1423static void n_tty_receive_char(struct tty_struct *tty, u8 c) 1424{ 1425 struct n_tty_data *ldata = tty->disc_data; 1426 1427 if (tty->flow.stopped && !tty->flow.tco_stopped && I_IXON(tty) && I_IXANY(tty)) { 1428 start_tty(tty); 1429 process_echoes(tty); 1430 } 1431 if (L_ECHO(tty)) { 1432 finish_erasing(ldata); 1433 /* Record the column of first canon char. */ 1434 if (ldata->canon_head == ldata->read_head) 1435 echo_set_canon_col(ldata); 1436 echo_char(c, tty); 1437 commit_echoes(tty); 1438 } 1439 /* PARMRK doubling check */ 1440 if (c == '\377' && I_PARMRK(tty)) 1441 put_tty_queue(c, ldata); 1442 put_tty_queue(c, ldata); 1443} 1444 1445static void n_tty_receive_char_closing(struct tty_struct *tty, u8 c, 1446 bool lookahead_done) 1447{ 1448 if (I_ISTRIP(tty)) 1449 c &= 0x7f; 1450 if (I_IUCLC(tty) && L_IEXTEN(tty)) 1451 c = tolower(c); 1452 1453 if (I_IXON(tty)) { 1454 if (!n_tty_receive_char_flow_ctrl(tty, c, lookahead_done) && 1455 tty->flow.stopped && !tty->flow.tco_stopped && I_IXANY(tty) && 1456 c != INTR_CHAR(tty) && c != QUIT_CHAR(tty) && 1457 c != SUSP_CHAR(tty)) { 1458 start_tty(tty); 1459 process_echoes(tty); 1460 } 1461 } 1462} 1463 1464static void 1465n_tty_receive_char_flagged(struct tty_struct *tty, u8 c, u8 flag) 1466{ 1467 switch (flag) { 1468 case TTY_BREAK: 1469 n_tty_receive_break(tty); 1470 break; 1471 case TTY_PARITY: 1472 case TTY_FRAME: 1473 n_tty_receive_parity_error(tty, c); 1474 break; 1475 case TTY_OVERRUN: 1476 n_tty_receive_overrun(tty); 1477 break; 1478 default: 1479 tty_err(tty, "unknown flag %u\n", flag); 1480 break; 1481 } 1482} 1483 1484static void 1485n_tty_receive_char_lnext(struct tty_struct *tty, u8 c, u8 flag) 1486{ 1487 struct n_tty_data *ldata = tty->disc_data; 1488 1489 ldata->lnext = 0; 1490 if (likely(flag == TTY_NORMAL)) { 1491 if (I_ISTRIP(tty)) 1492 c &= 0x7f; 1493 if (I_IUCLC(tty) && L_IEXTEN(tty)) 1494 c = tolower(c); 1495 n_tty_receive_char(tty, c); 1496 } else 1497 n_tty_receive_char_flagged(tty, c, flag); 1498} 1499 1500/* Caller must ensure count > 0 */ 1501static void n_tty_lookahead_flow_ctrl(struct tty_struct *tty, const u8 *cp, 1502 const u8 *fp, size_t count) 1503{ 1504 struct n_tty_data *ldata = tty->disc_data; 1505 u8 flag = TTY_NORMAL; 1506 1507 ldata->lookahead_count += count; 1508 1509 if (!I_IXON(tty)) 1510 return; 1511 1512 while (count--) { 1513 if (fp) 1514 flag = *fp++; 1515 if (likely(flag == TTY_NORMAL)) 1516 n_tty_receive_char_flow_ctrl(tty, *cp, false); 1517 cp++; 1518 } 1519} 1520 1521static void 1522n_tty_receive_buf_real_raw(const struct tty_struct *tty, const u8 *cp, 1523 size_t count) 1524{ 1525 struct n_tty_data *ldata = tty->disc_data; 1526 1527 /* handle buffer wrap-around by a loop */ 1528 for (unsigned int i = 0; i < 2; i++) { 1529 size_t head = MASK(ldata->read_head); 1530 size_t n = min(count, N_TTY_BUF_SIZE - head); 1531 1532 memcpy(read_buf_addr(ldata, head), cp, n); 1533 1534 ldata->read_head += n; 1535 cp += n; 1536 count -= n; 1537 } 1538} 1539 1540static void 1541n_tty_receive_buf_raw(struct tty_struct *tty, const u8 *cp, const u8 *fp, 1542 size_t count) 1543{ 1544 struct n_tty_data *ldata = tty->disc_data; 1545 u8 flag = TTY_NORMAL; 1546 1547 while (count--) { 1548 if (fp) 1549 flag = *fp++; 1550 if (likely(flag == TTY_NORMAL)) 1551 put_tty_queue(*cp++, ldata); 1552 else 1553 n_tty_receive_char_flagged(tty, *cp++, flag); 1554 } 1555} 1556 1557static void 1558n_tty_receive_buf_closing(struct tty_struct *tty, const u8 *cp, const u8 *fp, 1559 size_t count, bool lookahead_done) 1560{ 1561 u8 flag = TTY_NORMAL; 1562 1563 while (count--) { 1564 if (fp) 1565 flag = *fp++; 1566 if (likely(flag == TTY_NORMAL)) 1567 n_tty_receive_char_closing(tty, *cp++, lookahead_done); 1568 } 1569} 1570 1571static void n_tty_receive_buf_standard(struct tty_struct *tty, const u8 *cp, 1572 const u8 *fp, size_t count, 1573 bool lookahead_done) 1574{ 1575 struct n_tty_data *ldata = tty->disc_data; 1576 u8 flag = TTY_NORMAL; 1577 1578 while (count--) { 1579 u8 c = *cp++; 1580 1581 if (fp) 1582 flag = *fp++; 1583 1584 if (ldata->lnext) { 1585 n_tty_receive_char_lnext(tty, c, flag); 1586 continue; 1587 } 1588 1589 if (unlikely(flag != TTY_NORMAL)) { 1590 n_tty_receive_char_flagged(tty, c, flag); 1591 continue; 1592 } 1593 1594 if (I_ISTRIP(tty)) 1595 c &= 0x7f; 1596 if (I_IUCLC(tty) && L_IEXTEN(tty)) 1597 c = tolower(c); 1598 if (L_EXTPROC(tty)) { 1599 put_tty_queue(c, ldata); 1600 continue; 1601 } 1602 1603 if (test_bit(c, ldata->char_map)) 1604 n_tty_receive_char_special(tty, c, lookahead_done); 1605 else 1606 n_tty_receive_char(tty, c); 1607 } 1608} 1609 1610static void __receive_buf(struct tty_struct *tty, const u8 *cp, const u8 *fp, 1611 size_t count) 1612{ 1613 struct n_tty_data *ldata = tty->disc_data; 1614 bool preops = I_ISTRIP(tty) || (I_IUCLC(tty) && L_IEXTEN(tty)); 1615 size_t la_count = min(ldata->lookahead_count, count); 1616 1617 if (ldata->real_raw) 1618 n_tty_receive_buf_real_raw(tty, cp, count); 1619 else if (ldata->raw || (L_EXTPROC(tty) && !preops)) 1620 n_tty_receive_buf_raw(tty, cp, fp, count); 1621 else if (tty->closing && !L_EXTPROC(tty)) { 1622 if (la_count > 0) 1623 n_tty_receive_buf_closing(tty, cp, fp, la_count, true); 1624 if (count > la_count) 1625 n_tty_receive_buf_closing(tty, cp, fp, count - la_count, false); 1626 } else { 1627 if (la_count > 0) 1628 n_tty_receive_buf_standard(tty, cp, fp, la_count, true); 1629 if (count > la_count) 1630 n_tty_receive_buf_standard(tty, cp, fp, count - la_count, false); 1631 1632 flush_echoes(tty); 1633 if (tty->ops->flush_chars) 1634 tty->ops->flush_chars(tty); 1635 } 1636 1637 ldata->lookahead_count -= la_count; 1638 1639 if (ldata->icanon && !L_EXTPROC(tty)) 1640 return; 1641 1642 /* publish read_head to consumer */ 1643 smp_store_release(&ldata->commit_head, ldata->read_head); 1644 1645 if (read_cnt(ldata)) { 1646 kill_fasync(&tty->fasync, SIGIO, POLL_IN); 1647 wake_up_interruptible_poll(&tty->read_wait, EPOLLIN | EPOLLRDNORM); 1648 } 1649} 1650 1651/** 1652 * n_tty_receive_buf_common - process input 1653 * @tty: device to receive input 1654 * @cp: input chars 1655 * @fp: flags for each char (if %NULL, all chars are %TTY_NORMAL) 1656 * @count: number of input chars in @cp 1657 * @flow: enable flow control 1658 * 1659 * Called by the terminal driver when a block of characters has been received. 1660 * This function must be called from soft contexts not from interrupt context. 1661 * The driver is responsible for making calls one at a time and in order (or 1662 * using flush_to_ldisc()). 1663 * 1664 * Returns: the # of input chars from @cp which were processed. 1665 * 1666 * In canonical mode, the maximum line length is 4096 chars (including the line 1667 * termination char); lines longer than 4096 chars are truncated. After 4095 1668 * chars, input data is still processed but not stored. Overflow processing 1669 * ensures the tty can always receive more input until at least one line can be 1670 * read. 1671 * 1672 * In non-canonical mode, the read buffer will only accept 4095 chars; this 1673 * provides the necessary space for a newline char if the input mode is 1674 * switched to canonical. 1675 * 1676 * Note it is possible for the read buffer to _contain_ 4096 chars in 1677 * non-canonical mode: the read buffer could already contain the maximum canon 1678 * line of 4096 chars when the mode is switched to non-canonical. 1679 * 1680 * Locking: n_tty_receive_buf()/producer path: 1681 * claims non-exclusive %termios_rwsem 1682 * publishes commit_head or canon_head 1683 */ 1684static size_t 1685n_tty_receive_buf_common(struct tty_struct *tty, const u8 *cp, const u8 *fp, 1686 size_t count, bool flow) 1687{ 1688 struct n_tty_data *ldata = tty->disc_data; 1689 size_t n, rcvd = 0; 1690 int room, overflow; 1691 1692 down_read(&tty->termios_rwsem); 1693 1694 do { 1695 /* 1696 * When PARMRK is set, each input char may take up to 3 chars 1697 * in the read buf; reduce the buffer space avail by 3x 1698 * 1699 * If we are doing input canonicalization, and there are no 1700 * pending newlines, let characters through without limit, so 1701 * that erase characters will be handled. Other excess 1702 * characters will be beeped. 1703 * 1704 * paired with store in *_copy_from_read_buf() -- guarantees 1705 * the consumer has loaded the data in read_buf up to the new 1706 * read_tail (so this producer will not overwrite unread data) 1707 */ 1708 size_t tail = smp_load_acquire(&ldata->read_tail); 1709 1710 room = N_TTY_BUF_SIZE - (ldata->read_head - tail); 1711 if (I_PARMRK(tty)) 1712 room = DIV_ROUND_UP(room, 3); 1713 room--; 1714 if (room <= 0) { 1715 overflow = ldata->icanon && ldata->canon_head == tail; 1716 if (overflow && room < 0) 1717 ldata->read_head--; 1718 room = overflow; 1719 WRITE_ONCE(ldata->no_room, flow && !room); 1720 } else 1721 overflow = 0; 1722 1723 n = min_t(size_t, count, room); 1724 if (!n) 1725 break; 1726 1727 /* ignore parity errors if handling overflow */ 1728 if (!overflow || !fp || *fp != TTY_PARITY) 1729 __receive_buf(tty, cp, fp, n); 1730 1731 cp += n; 1732 if (fp) 1733 fp += n; 1734 count -= n; 1735 rcvd += n; 1736 } while (!test_bit(TTY_LDISC_CHANGING, &tty->flags)); 1737 1738 tty->receive_room = room; 1739 1740 /* Unthrottle if handling overflow on pty */ 1741 if (tty->driver->type == TTY_DRIVER_TYPE_PTY) { 1742 if (overflow) { 1743 tty_set_flow_change(tty, TTY_UNTHROTTLE_SAFE); 1744 tty_unthrottle_safe(tty); 1745 __tty_set_flow_change(tty, 0); 1746 } 1747 } else 1748 n_tty_check_throttle(tty); 1749 1750 if (unlikely(ldata->no_room)) { 1751 /* 1752 * Barrier here is to ensure to read the latest read_tail in 1753 * chars_in_buffer() and to make sure that read_tail is not loaded 1754 * before ldata->no_room is set. 1755 */ 1756 smp_mb(); 1757 if (!chars_in_buffer(tty)) 1758 n_tty_kick_worker(tty); 1759 } 1760 1761 up_read(&tty->termios_rwsem); 1762 1763 return rcvd; 1764} 1765 1766static void n_tty_receive_buf(struct tty_struct *tty, const u8 *cp, 1767 const u8 *fp, size_t count) 1768{ 1769 n_tty_receive_buf_common(tty, cp, fp, count, false); 1770} 1771 1772static size_t n_tty_receive_buf2(struct tty_struct *tty, const u8 *cp, 1773 const u8 *fp, size_t count) 1774{ 1775 return n_tty_receive_buf_common(tty, cp, fp, count, true); 1776} 1777 1778/** 1779 * n_tty_set_termios - termios data changed 1780 * @tty: terminal 1781 * @old: previous data 1782 * 1783 * Called by the tty layer when the user changes termios flags so that the line 1784 * discipline can plan ahead. This function cannot sleep and is protected from 1785 * re-entry by the tty layer. The user is guaranteed that this function will 1786 * not be re-entered or in progress when the ldisc is closed. 1787 * 1788 * Locking: Caller holds @tty->termios_rwsem 1789 */ 1790static void n_tty_set_termios(struct tty_struct *tty, const struct ktermios *old) 1791{ 1792 struct n_tty_data *ldata = tty->disc_data; 1793 1794 if (!old || (old->c_lflag ^ tty->termios.c_lflag) & (ICANON | EXTPROC)) { 1795 bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE); 1796 ldata->line_start = ldata->read_tail; 1797 if (!L_ICANON(tty) || !read_cnt(ldata)) { 1798 ldata->canon_head = ldata->read_tail; 1799 ldata->push = 0; 1800 } else { 1801 set_bit(MASK(ldata->read_head - 1), ldata->read_flags); 1802 ldata->canon_head = ldata->read_head; 1803 ldata->push = 1; 1804 } 1805 ldata->commit_head = ldata->read_head; 1806 ldata->erasing = 0; 1807 ldata->lnext = 0; 1808 } 1809 1810 ldata->icanon = (L_ICANON(tty) != 0); 1811 1812 if (I_ISTRIP(tty) || I_IUCLC(tty) || I_IGNCR(tty) || 1813 I_ICRNL(tty) || I_INLCR(tty) || L_ICANON(tty) || 1814 I_IXON(tty) || L_ISIG(tty) || L_ECHO(tty) || 1815 I_PARMRK(tty)) { 1816 bitmap_zero(ldata->char_map, 256); 1817 1818 if (I_IGNCR(tty) || I_ICRNL(tty)) 1819 set_bit('\r', ldata->char_map); 1820 if (I_INLCR(tty)) 1821 set_bit('\n', ldata->char_map); 1822 1823 if (L_ICANON(tty)) { 1824 set_bit(ERASE_CHAR(tty), ldata->char_map); 1825 set_bit(KILL_CHAR(tty), ldata->char_map); 1826 set_bit(EOF_CHAR(tty), ldata->char_map); 1827 set_bit('\n', ldata->char_map); 1828 set_bit(EOL_CHAR(tty), ldata->char_map); 1829 if (L_IEXTEN(tty)) { 1830 set_bit(WERASE_CHAR(tty), ldata->char_map); 1831 set_bit(LNEXT_CHAR(tty), ldata->char_map); 1832 set_bit(EOL2_CHAR(tty), ldata->char_map); 1833 if (L_ECHO(tty)) 1834 set_bit(REPRINT_CHAR(tty), 1835 ldata->char_map); 1836 } 1837 } 1838 if (I_IXON(tty)) { 1839 set_bit(START_CHAR(tty), ldata->char_map); 1840 set_bit(STOP_CHAR(tty), ldata->char_map); 1841 } 1842 if (L_ISIG(tty)) { 1843 set_bit(INTR_CHAR(tty), ldata->char_map); 1844 set_bit(QUIT_CHAR(tty), ldata->char_map); 1845 set_bit(SUSP_CHAR(tty), ldata->char_map); 1846 } 1847 clear_bit(__DISABLED_CHAR, ldata->char_map); 1848 ldata->raw = 0; 1849 ldata->real_raw = 0; 1850 } else { 1851 ldata->raw = 1; 1852 if ((I_IGNBRK(tty) || (!I_BRKINT(tty) && !I_PARMRK(tty))) && 1853 (I_IGNPAR(tty) || !I_INPCK(tty)) && 1854 (tty->driver->flags & TTY_DRIVER_REAL_RAW)) 1855 ldata->real_raw = 1; 1856 else 1857 ldata->real_raw = 0; 1858 } 1859 /* 1860 * Fix tty hang when I_IXON(tty) is cleared, but the tty 1861 * been stopped by STOP_CHAR(tty) before it. 1862 */ 1863 if (!I_IXON(tty) && old && (old->c_iflag & IXON) && !tty->flow.tco_stopped) { 1864 start_tty(tty); 1865 process_echoes(tty); 1866 } 1867 1868 /* The termios change make the tty ready for I/O */ 1869 wake_up_interruptible(&tty->write_wait); 1870 wake_up_interruptible(&tty->read_wait); 1871} 1872 1873/** 1874 * n_tty_close - close the ldisc for this tty 1875 * @tty: device 1876 * 1877 * Called from the terminal layer when this line discipline is being shut down, 1878 * either because of a close or becsuse of a discipline change. The function 1879 * will not be called while other ldisc methods are in progress. 1880 */ 1881static void n_tty_close(struct tty_struct *tty) 1882{ 1883 struct n_tty_data *ldata = tty->disc_data; 1884 1885 if (tty->link) 1886 n_tty_packet_mode_flush(tty); 1887 1888 down_write(&tty->termios_rwsem); 1889 vfree(ldata); 1890 tty->disc_data = NULL; 1891 up_write(&tty->termios_rwsem); 1892} 1893 1894/** 1895 * n_tty_open - open an ldisc 1896 * @tty: terminal to open 1897 * 1898 * Called when this line discipline is being attached to the terminal device. 1899 * Can sleep. Called serialized so that no other events will occur in parallel. 1900 * No further open will occur until a close. 1901 */ 1902static int n_tty_open(struct tty_struct *tty) 1903{ 1904 struct n_tty_data *ldata; 1905 1906 /* Currently a malloc failure here can panic */ 1907 ldata = vzalloc(sizeof(*ldata)); 1908 if (!ldata) 1909 return -ENOMEM; 1910 1911 ldata->overrun_time = jiffies; 1912 mutex_init(&ldata->atomic_read_lock); 1913 mutex_init(&ldata->output_lock); 1914 1915 tty->disc_data = ldata; 1916 tty->closing = 0; 1917 /* indicate buffer work may resume */ 1918 clear_bit(TTY_LDISC_HALTED, &tty->flags); 1919 n_tty_set_termios(tty, NULL); 1920 tty_unthrottle(tty); 1921 return 0; 1922} 1923 1924static inline int input_available_p(const struct tty_struct *tty, int poll) 1925{ 1926 const struct n_tty_data *ldata = tty->disc_data; 1927 int amt = poll && !TIME_CHAR(tty) && MIN_CHAR(tty) ? MIN_CHAR(tty) : 1; 1928 1929 if (ldata->icanon && !L_EXTPROC(tty)) 1930 return ldata->canon_head != ldata->read_tail; 1931 else 1932 return ldata->commit_head - ldata->read_tail >= amt; 1933} 1934 1935/** 1936 * copy_from_read_buf - copy read data directly 1937 * @tty: terminal device 1938 * @kbp: data 1939 * @nr: size of data 1940 * 1941 * Helper function to speed up n_tty_read(). It is only called when %ICANON is 1942 * off; it copies characters straight from the tty queue. 1943 * 1944 * Returns: true if it successfully copied data, but there is still more data 1945 * to be had. 1946 * 1947 * Locking: 1948 * * called under the @ldata->atomic_read_lock sem 1949 * * n_tty_read()/consumer path: 1950 * caller holds non-exclusive %termios_rwsem; 1951 * read_tail published 1952 */ 1953static bool copy_from_read_buf(const struct tty_struct *tty, u8 **kbp, 1954 size_t *nr) 1955 1956{ 1957 struct n_tty_data *ldata = tty->disc_data; 1958 size_t n; 1959 bool is_eof; 1960 size_t head = smp_load_acquire(&ldata->commit_head); 1961 size_t tail = MASK(ldata->read_tail); 1962 1963 n = min3(head - ldata->read_tail, N_TTY_BUF_SIZE - tail, *nr); 1964 if (!n) 1965 return false; 1966 1967 u8 *from = read_buf_addr(ldata, tail); 1968 memcpy(*kbp, from, n); 1969 is_eof = n == 1 && *from == EOF_CHAR(tty); 1970 tty_audit_add_data(tty, from, n); 1971 zero_buffer(tty, from, n); 1972 smp_store_release(&ldata->read_tail, ldata->read_tail + n); 1973 1974 /* Turn single EOF into zero-length read */ 1975 if (L_EXTPROC(tty) && ldata->icanon && is_eof && 1976 head == ldata->read_tail) 1977 return false; 1978 1979 *kbp += n; 1980 *nr -= n; 1981 1982 /* If we have more to copy, let the caller know */ 1983 return head != ldata->read_tail; 1984} 1985 1986/** 1987 * canon_copy_from_read_buf - copy read data in canonical mode 1988 * @tty: terminal device 1989 * @kbp: data 1990 * @nr: size of data 1991 * 1992 * Helper function for n_tty_read(). It is only called when %ICANON is on; it 1993 * copies one line of input up to and including the line-delimiting character 1994 * into the result buffer. 1995 * 1996 * Note: When termios is changed from non-canonical to canonical mode and the 1997 * read buffer contains data, n_tty_set_termios() simulates an EOF push (as if 1998 * C-d were input) _without_ the %DISABLED_CHAR in the buffer. This causes data 1999 * already processed as input to be immediately available as input although a 2000 * newline has not been received. 2001 * 2002 * Locking: 2003 * * called under the %atomic_read_lock mutex 2004 * * n_tty_read()/consumer path: 2005 * caller holds non-exclusive %termios_rwsem; 2006 * read_tail published 2007 */ 2008static bool canon_copy_from_read_buf(const struct tty_struct *tty, u8 **kbp, 2009 size_t *nr) 2010{ 2011 struct n_tty_data *ldata = tty->disc_data; 2012 size_t n, size, more, c; 2013 size_t eol; 2014 size_t tail, canon_head; 2015 int found = 0; 2016 2017 /* N.B. avoid overrun if nr == 0 */ 2018 if (!*nr) 2019 return false; 2020 2021 canon_head = smp_load_acquire(&ldata->canon_head); 2022 n = min(*nr, canon_head - ldata->read_tail); 2023 2024 tail = MASK(ldata->read_tail); 2025 size = min_t(size_t, tail + n, N_TTY_BUF_SIZE); 2026 2027 n_tty_trace("%s: nr:%zu tail:%zu n:%zu size:%zu\n", 2028 __func__, *nr, tail, n, size); 2029 2030 eol = find_next_bit(ldata->read_flags, size, tail); 2031 more = n - (size - tail); 2032 if (eol == N_TTY_BUF_SIZE && more) { 2033 /* scan wrapped without finding set bit */ 2034 eol = find_first_bit(ldata->read_flags, more); 2035 found = eol != more; 2036 } else 2037 found = eol != size; 2038 2039 n = eol - tail; 2040 if (n > N_TTY_BUF_SIZE) 2041 n += N_TTY_BUF_SIZE; 2042 c = n + found; 2043 2044 if (!found || read_buf(ldata, eol) != __DISABLED_CHAR) 2045 n = c; 2046 2047 n_tty_trace("%s: eol:%zu found:%d n:%zu c:%zu tail:%zu more:%zu\n", 2048 __func__, eol, found, n, c, tail, more); 2049 2050 tty_copy(tty, *kbp, tail, n); 2051 *kbp += n; 2052 *nr -= n; 2053 2054 if (found) 2055 clear_bit(eol, ldata->read_flags); 2056 smp_store_release(&ldata->read_tail, ldata->read_tail + c); 2057 2058 if (found) { 2059 if (!ldata->push) 2060 ldata->line_start = ldata->read_tail; 2061 else 2062 ldata->push = 0; 2063 tty_audit_push(); 2064 return false; 2065 } 2066 2067 /* No EOL found - do a continuation retry if there is more data */ 2068 return ldata->read_tail != canon_head; 2069} 2070 2071/* 2072 * If we finished a read at the exact location of an 2073 * EOF (special EOL character that's a __DISABLED_CHAR) 2074 * in the stream, silently eat the EOF. 2075 */ 2076static void canon_skip_eof(struct n_tty_data *ldata) 2077{ 2078 size_t tail, canon_head; 2079 2080 canon_head = smp_load_acquire(&ldata->canon_head); 2081 tail = ldata->read_tail; 2082 2083 // No data? 2084 if (tail == canon_head) 2085 return; 2086 2087 // See if the tail position is EOF in the circular buffer 2088 tail &= (N_TTY_BUF_SIZE - 1); 2089 if (!test_bit(tail, ldata->read_flags)) 2090 return; 2091 if (read_buf(ldata, tail) != __DISABLED_CHAR) 2092 return; 2093 2094 // Clear the EOL bit, skip the EOF char. 2095 clear_bit(tail, ldata->read_flags); 2096 smp_store_release(&ldata->read_tail, ldata->read_tail + 1); 2097} 2098 2099/** 2100 * job_control - check job control 2101 * @tty: tty 2102 * @file: file handle 2103 * 2104 * Perform job control management checks on this @file/@tty descriptor and if 2105 * appropriate send any needed signals and return a negative error code if 2106 * action should be taken. 2107 * 2108 * Locking: 2109 * * redirected write test is safe 2110 * * current->signal->tty check is safe 2111 * * ctrl.lock to safely reference @tty->ctrl.pgrp 2112 */ 2113static int job_control(struct tty_struct *tty, struct file *file) 2114{ 2115 /* Job control check -- must be done at start and after 2116 every sleep (POSIX.1 7.1.1.4). */ 2117 /* NOTE: not yet done after every sleep pending a thorough 2118 check of the logic of this change. -- jlc */ 2119 /* don't stop on /dev/console */ 2120 if (file->f_op->write_iter == redirected_tty_write) 2121 return 0; 2122 2123 return __tty_check_change(tty, SIGTTIN); 2124} 2125 2126 2127/** 2128 * n_tty_read - read function for tty 2129 * @tty: tty device 2130 * @file: file object 2131 * @kbuf: kernelspace buffer pointer 2132 * @nr: size of I/O 2133 * @cookie: if non-%NULL, this is a continuation read 2134 * @offset: where to continue reading from (unused in n_tty) 2135 * 2136 * Perform reads for the line discipline. We are guaranteed that the line 2137 * discipline will not be closed under us but we may get multiple parallel 2138 * readers and must handle this ourselves. We may also get a hangup. Always 2139 * called in user context, may sleep. 2140 * 2141 * This code must be sure never to sleep through a hangup. 2142 * 2143 * Locking: n_tty_read()/consumer path: 2144 * claims non-exclusive termios_rwsem; 2145 * publishes read_tail 2146 */ 2147static ssize_t n_tty_read(struct tty_struct *tty, struct file *file, u8 *kbuf, 2148 size_t nr, void **cookie, unsigned long offset) 2149{ 2150 struct n_tty_data *ldata = tty->disc_data; 2151 u8 *kb = kbuf; 2152 DEFINE_WAIT_FUNC(wait, woken_wake_function); 2153 int minimum, time; 2154 ssize_t retval; 2155 long timeout; 2156 bool packet; 2157 size_t old_tail; 2158 2159 /* 2160 * Is this a continuation of a read started earler? 2161 * 2162 * If so, we still hold the atomic_read_lock and the 2163 * termios_rwsem, and can just continue to copy data. 2164 */ 2165 if (*cookie) { 2166 if (ldata->icanon && !L_EXTPROC(tty)) { 2167 /* 2168 * If we have filled the user buffer, see 2169 * if we should skip an EOF character before 2170 * releasing the lock and returning done. 2171 */ 2172 if (!nr) 2173 canon_skip_eof(ldata); 2174 else if (canon_copy_from_read_buf(tty, &kb, &nr)) 2175 return kb - kbuf; 2176 } else { 2177 if (copy_from_read_buf(tty, &kb, &nr)) 2178 return kb - kbuf; 2179 } 2180 2181 /* No more data - release locks and stop retries */ 2182 n_tty_kick_worker(tty); 2183 n_tty_check_unthrottle(tty); 2184 up_read(&tty->termios_rwsem); 2185 mutex_unlock(&ldata->atomic_read_lock); 2186 *cookie = NULL; 2187 return kb - kbuf; 2188 } 2189 2190 retval = job_control(tty, file); 2191 if (retval < 0) 2192 return retval; 2193 2194 /* 2195 * Internal serialization of reads. 2196 */ 2197 if (file->f_flags & O_NONBLOCK) { 2198 if (!mutex_trylock(&ldata->atomic_read_lock)) 2199 return -EAGAIN; 2200 } else { 2201 if (mutex_lock_interruptible(&ldata->atomic_read_lock)) 2202 return -ERESTARTSYS; 2203 } 2204 2205 down_read(&tty->termios_rwsem); 2206 2207 minimum = time = 0; 2208 timeout = MAX_SCHEDULE_TIMEOUT; 2209 if (!ldata->icanon) { 2210 minimum = MIN_CHAR(tty); 2211 if (minimum) { 2212 time = (HZ / 10) * TIME_CHAR(tty); 2213 } else { 2214 timeout = (HZ / 10) * TIME_CHAR(tty); 2215 minimum = 1; 2216 } 2217 } 2218 2219 packet = tty->ctrl.packet; 2220 old_tail = ldata->read_tail; 2221 2222 add_wait_queue(&tty->read_wait, &wait); 2223 while (nr) { 2224 /* First test for status change. */ 2225 if (packet && tty->link->ctrl.pktstatus) { 2226 u8 cs; 2227 if (kb != kbuf) 2228 break; 2229 spin_lock_irq(&tty->link->ctrl.lock); 2230 cs = tty->link->ctrl.pktstatus; 2231 tty->link->ctrl.pktstatus = 0; 2232 spin_unlock_irq(&tty->link->ctrl.lock); 2233 *kb++ = cs; 2234 nr--; 2235 break; 2236 } 2237 2238 if (!input_available_p(tty, 0)) { 2239 up_read(&tty->termios_rwsem); 2240 tty_buffer_flush_work(tty->port); 2241 down_read(&tty->termios_rwsem); 2242 if (!input_available_p(tty, 0)) { 2243 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) { 2244 retval = -EIO; 2245 break; 2246 } 2247 if (tty_hung_up_p(file)) 2248 break; 2249 /* 2250 * Abort readers for ttys which never actually 2251 * get hung up. See __tty_hangup(). 2252 */ 2253 if (test_bit(TTY_HUPPING, &tty->flags)) 2254 break; 2255 if (!timeout) 2256 break; 2257 if (tty_io_nonblock(tty, file)) { 2258 retval = -EAGAIN; 2259 break; 2260 } 2261 if (signal_pending(current)) { 2262 retval = -ERESTARTSYS; 2263 break; 2264 } 2265 up_read(&tty->termios_rwsem); 2266 2267 timeout = wait_woken(&wait, TASK_INTERRUPTIBLE, 2268 timeout); 2269 2270 down_read(&tty->termios_rwsem); 2271 continue; 2272 } 2273 } 2274 2275 if (ldata->icanon && !L_EXTPROC(tty)) { 2276 if (canon_copy_from_read_buf(tty, &kb, &nr)) 2277 goto more_to_be_read; 2278 } else { 2279 /* Deal with packet mode. */ 2280 if (packet && kb == kbuf) { 2281 *kb++ = TIOCPKT_DATA; 2282 nr--; 2283 } 2284 2285 /* 2286 * Copy data, and if there is more to be had 2287 * and we have nothing more to wait for, then 2288 * let's mark us for retries. 2289 * 2290 * NOTE! We return here with both the termios_sem 2291 * and atomic_read_lock still held, the retries 2292 * will release them when done. 2293 */ 2294 if (copy_from_read_buf(tty, &kb, &nr) && kb - kbuf >= minimum) { 2295more_to_be_read: 2296 remove_wait_queue(&tty->read_wait, &wait); 2297 *cookie = cookie; 2298 return kb - kbuf; 2299 } 2300 } 2301 2302 n_tty_check_unthrottle(tty); 2303 2304 if (kb - kbuf >= minimum) 2305 break; 2306 if (time) 2307 timeout = time; 2308 } 2309 if (old_tail != ldata->read_tail) { 2310 /* 2311 * Make sure no_room is not read in n_tty_kick_worker() 2312 * before setting ldata->read_tail in copy_from_read_buf(). 2313 */ 2314 smp_mb(); 2315 n_tty_kick_worker(tty); 2316 } 2317 up_read(&tty->termios_rwsem); 2318 2319 remove_wait_queue(&tty->read_wait, &wait); 2320 mutex_unlock(&ldata->atomic_read_lock); 2321 2322 if (kb - kbuf) 2323 retval = kb - kbuf; 2324 2325 return retval; 2326} 2327 2328/** 2329 * n_tty_write - write function for tty 2330 * @tty: tty device 2331 * @file: file object 2332 * @buf: userspace buffer pointer 2333 * @nr: size of I/O 2334 * 2335 * Write function of the terminal device. This is serialized with respect to 2336 * other write callers but not to termios changes, reads and other such events. 2337 * Since the receive code will echo characters, thus calling driver write 2338 * methods, the %output_lock is used in the output processing functions called 2339 * here as well as in the echo processing function to protect the column state 2340 * and space left in the buffer. 2341 * 2342 * This code must be sure never to sleep through a hangup. 2343 * 2344 * Locking: output_lock to protect column state and space left 2345 * (note that the process_output*() functions take this lock themselves) 2346 */ 2347 2348static ssize_t n_tty_write(struct tty_struct *tty, struct file *file, 2349 const u8 *buf, size_t nr) 2350{ 2351 const u8 *b = buf; 2352 DEFINE_WAIT_FUNC(wait, woken_wake_function); 2353 ssize_t num, retval = 0; 2354 2355 /* Job control check -- must be done at start (POSIX.1 7.1.1.4). */ 2356 if (L_TOSTOP(tty) && file->f_op->write_iter != redirected_tty_write) { 2357 retval = tty_check_change(tty); 2358 if (retval) 2359 return retval; 2360 } 2361 2362 down_read(&tty->termios_rwsem); 2363 2364 /* Write out any echoed characters that are still pending */ 2365 process_echoes(tty); 2366 2367 add_wait_queue(&tty->write_wait, &wait); 2368 while (1) { 2369 if (signal_pending(current)) { 2370 retval = -ERESTARTSYS; 2371 break; 2372 } 2373 if (tty_hung_up_p(file) || (tty->link && !tty->link->count)) { 2374 retval = -EIO; 2375 break; 2376 } 2377 if (O_OPOST(tty)) { 2378 while (nr > 0) { 2379 num = process_output_block(tty, b, nr); 2380 if (num < 0) { 2381 if (num == -EAGAIN) 2382 break; 2383 retval = num; 2384 goto break_out; 2385 } 2386 b += num; 2387 nr -= num; 2388 if (nr == 0) 2389 break; 2390 if (process_output(*b, tty) < 0) 2391 break; 2392 b++; nr--; 2393 } 2394 if (tty->ops->flush_chars) 2395 tty->ops->flush_chars(tty); 2396 } else { 2397 struct n_tty_data *ldata = tty->disc_data; 2398 2399 while (nr > 0) { 2400 mutex_lock(&ldata->output_lock); 2401 num = tty->ops->write(tty, b, nr); 2402 mutex_unlock(&ldata->output_lock); 2403 if (num < 0) { 2404 retval = num; 2405 goto break_out; 2406 } 2407 if (!num) 2408 break; 2409 b += num; 2410 nr -= num; 2411 } 2412 } 2413 if (!nr) 2414 break; 2415 if (tty_io_nonblock(tty, file)) { 2416 retval = -EAGAIN; 2417 break; 2418 } 2419 up_read(&tty->termios_rwsem); 2420 2421 wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT); 2422 2423 down_read(&tty->termios_rwsem); 2424 } 2425break_out: 2426 remove_wait_queue(&tty->write_wait, &wait); 2427 if (nr && tty->fasync) 2428 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2429 up_read(&tty->termios_rwsem); 2430 return (b - buf) ? b - buf : retval; 2431} 2432 2433/** 2434 * n_tty_poll - poll method for N_TTY 2435 * @tty: terminal device 2436 * @file: file accessing it 2437 * @wait: poll table 2438 * 2439 * Called when the line discipline is asked to poll() for data or for special 2440 * events. This code is not serialized with respect to other events save 2441 * open/close. 2442 * 2443 * This code must be sure never to sleep through a hangup. 2444 * 2445 * Locking: called without the kernel lock held -- fine. 2446 */ 2447static __poll_t n_tty_poll(struct tty_struct *tty, struct file *file, 2448 poll_table *wait) 2449{ 2450 __poll_t mask = 0; 2451 2452 poll_wait(file, &tty->read_wait, wait); 2453 poll_wait(file, &tty->write_wait, wait); 2454 if (input_available_p(tty, 1)) 2455 mask |= EPOLLIN | EPOLLRDNORM; 2456 else { 2457 tty_buffer_flush_work(tty->port); 2458 if (input_available_p(tty, 1)) 2459 mask |= EPOLLIN | EPOLLRDNORM; 2460 } 2461 if (tty->ctrl.packet && tty->link->ctrl.pktstatus) 2462 mask |= EPOLLPRI | EPOLLIN | EPOLLRDNORM; 2463 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) 2464 mask |= EPOLLHUP; 2465 if (tty_hung_up_p(file)) 2466 mask |= EPOLLHUP; 2467 if (tty->ops->write && !tty_is_writelocked(tty) && 2468 tty_chars_in_buffer(tty) < WAKEUP_CHARS && 2469 tty_write_room(tty) > 0) 2470 mask |= EPOLLOUT | EPOLLWRNORM; 2471 return mask; 2472} 2473 2474static unsigned long inq_canon(struct n_tty_data *ldata) 2475{ 2476 size_t nr, head, tail; 2477 2478 if (ldata->canon_head == ldata->read_tail) 2479 return 0; 2480 head = ldata->canon_head; 2481 tail = ldata->read_tail; 2482 nr = head - tail; 2483 /* Skip EOF-chars.. */ 2484 while (MASK(head) != MASK(tail)) { 2485 if (test_bit(MASK(tail), ldata->read_flags) && 2486 read_buf(ldata, tail) == __DISABLED_CHAR) 2487 nr--; 2488 tail++; 2489 } 2490 return nr; 2491} 2492 2493static int n_tty_ioctl(struct tty_struct *tty, unsigned int cmd, 2494 unsigned long arg) 2495{ 2496 struct n_tty_data *ldata = tty->disc_data; 2497 unsigned int num; 2498 2499 switch (cmd) { 2500 case TIOCOUTQ: 2501 return put_user(tty_chars_in_buffer(tty), (int __user *) arg); 2502 case TIOCINQ: 2503 down_write(&tty->termios_rwsem); 2504 if (L_ICANON(tty) && !L_EXTPROC(tty)) 2505 num = inq_canon(ldata); 2506 else 2507 num = read_cnt(ldata); 2508 up_write(&tty->termios_rwsem); 2509 return put_user(num, (unsigned int __user *) arg); 2510 default: 2511 return n_tty_ioctl_helper(tty, cmd, arg); 2512 } 2513} 2514 2515static struct tty_ldisc_ops n_tty_ops = { 2516 .owner = THIS_MODULE, 2517 .num = N_TTY, 2518 .name = "n_tty", 2519 .open = n_tty_open, 2520 .close = n_tty_close, 2521 .flush_buffer = n_tty_flush_buffer, 2522 .read = n_tty_read, 2523 .write = n_tty_write, 2524 .ioctl = n_tty_ioctl, 2525 .set_termios = n_tty_set_termios, 2526 .poll = n_tty_poll, 2527 .receive_buf = n_tty_receive_buf, 2528 .write_wakeup = n_tty_write_wakeup, 2529 .receive_buf2 = n_tty_receive_buf2, 2530 .lookahead_buf = n_tty_lookahead_flow_ctrl, 2531}; 2532 2533/** 2534 * n_tty_inherit_ops - inherit N_TTY methods 2535 * @ops: struct tty_ldisc_ops where to save N_TTY methods 2536 * 2537 * Enables a 'subclass' line discipline to 'inherit' N_TTY methods. 2538 */ 2539 2540void n_tty_inherit_ops(struct tty_ldisc_ops *ops) 2541{ 2542 *ops = n_tty_ops; 2543 ops->owner = NULL; 2544} 2545EXPORT_SYMBOL_GPL(n_tty_inherit_ops); 2546 2547void __init n_tty_init(void) 2548{ 2549 tty_register_ldisc(&n_tty_ops); 2550} 2551