1/* 2 * linux/drivers/char/tty_io.c 3 * 4 * Copyright (C) 1991, 1992 Linus Torvalds 5 */ 6 7/* 8 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 9 * or rs-channels. It also implements echoing, cooked mode etc. 10 * 11 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 12 * 13 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 14 * tty_struct and tty_queue structures. Previously there was an array 15 * of 256 tty_struct's which was statically allocated, and the 16 * tty_queue structures were allocated at boot time. Both are now 17 * dynamically allocated only when the tty is open. 18 * 19 * Also restructured routines so that there is more of a separation 20 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 21 * the low-level tty routines (serial.c, pty.c, console.c). This 22 * makes for cleaner and more compact code. -TYT, 9/17/92 23 * 24 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 25 * which can be dynamically activated and de-activated by the line 26 * discipline handling modules (like SLIP). 27 * 28 * NOTE: pay no attention to the line discipline code (yet); its 29 * interface is still subject to change in this version... 30 * -- TYT, 1/31/92 31 * 32 * Added functionality to the OPOST tty handling. No delays, but all 33 * other bits should be there. 34 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 35 * 36 * Rewrote canonical mode and added more termios flags. 37 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 38 * 39 * Reorganized FASYNC support so mouse code can share it. 40 * -- ctm@ardi.com, 9Sep95 41 * 42 * New TIOCLINUX variants added. 43 * -- mj@k332.feld.cvut.cz, 19-Nov-95 44 * 45 * Restrict vt switching via ioctl() 46 * -- grif@cs.ucr.edu, 5-Dec-95 47 * 48 * Move console and virtual terminal code to more appropriate files, 49 * implement CONFIG_VT and generalize console device interface. 50 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 51 * 52 * Rewrote init_dev and release_dev to eliminate races. 53 * -- Bill Hawes <whawes@star.net>, June 97 54 * 55 * Added devfs support. 56 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 57 * 58 * Added support for a Unix98-style ptmx device. 59 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 60 * 61 * Reduced memory usage for older ARM systems 62 * -- Russell King <rmk@arm.linux.org.uk> 63 * 64 * Move do_SAK() into process context. Less stack use in devfs functions. 65 * alloc_tty_struct() always uses kmalloc() -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 66 */ 67 68#include <linux/types.h> 69#include <linux/major.h> 70#include <linux/errno.h> 71#include <linux/signal.h> 72#include <linux/fcntl.h> 73#include <linux/sched.h> 74#include <linux/interrupt.h> 75#include <linux/tty.h> 76#include <linux/tty_driver.h> 77#include <linux/tty_flip.h> 78#include <linux/devpts_fs.h> 79#include <linux/file.h> 80#include <linux/console.h> 81#include <linux/timer.h> 82#include <linux/ctype.h> 83#include <linux/kd.h> 84#include <linux/mm.h> 85#include <linux/string.h> 86#include <linux/slab.h> 87#include <linux/poll.h> 88#include <linux/proc_fs.h> 89#include <linux/init.h> 90#include <linux/module.h> 91#include <linux/smp_lock.h> 92#include <linux/device.h> 93#include <linux/idr.h> 94#include <linux/wait.h> 95#include <linux/bitops.h> 96#include <linux/delay.h> 97 98#include <asm/uaccess.h> 99#include <asm/system.h> 100 101#include <linux/kbd_kern.h> 102#include <linux/vt_kern.h> 103#include <linux/selection.h> 104 105#include <linux/kmod.h> 106 107#undef TTY_DEBUG_HANGUP 108 109#define TTY_PARANOIA_CHECK 1 110#define CHECK_TTY_COUNT 1 111 112struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 113 .c_iflag = ICRNL | IXON, 114 .c_oflag = OPOST | ONLCR, 115 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 116 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 117 ECHOCTL | ECHOKE | IEXTEN, 118 .c_cc = INIT_C_CC, 119 .c_ispeed = 38400, 120 .c_ospeed = 38400 121}; 122 123EXPORT_SYMBOL(tty_std_termios); 124 125/* This list gets poked at by procfs and various bits of boot up code. This 126 could do with some rationalisation such as pulling the tty proc function 127 into this file */ 128 129LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 130 131/* Mutex to protect creating and releasing a tty. This is shared with 132 vt.c for deeply disgusting hack reasons */ 133DEFINE_MUTEX(tty_mutex); 134EXPORT_SYMBOL(tty_mutex); 135 136#ifdef CONFIG_UNIX98_PTYS 137extern struct tty_driver *ptm_driver; /* Unix98 pty masters; for /dev/ptmx */ 138extern int pty_limit; /* Config limit on Unix98 ptys */ 139static DEFINE_IDR(allocated_ptys); 140static DECLARE_MUTEX(allocated_ptys_lock); 141static int ptmx_open(struct inode *, struct file *); 142#endif 143 144static void initialize_tty_struct(struct tty_struct *tty); 145 146static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); 147static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); 148ssize_t redirected_tty_write(struct file *, const char __user *, size_t, loff_t *); 149static unsigned int tty_poll(struct file *, poll_table *); 150static int tty_open(struct inode *, struct file *); 151static int tty_release(struct inode *, struct file *); 152int tty_ioctl(struct inode * inode, struct file * file, 153 unsigned int cmd, unsigned long arg); 154#ifdef CONFIG_COMPAT 155static long tty_compat_ioctl(struct file * file, unsigned int cmd, 156 unsigned long arg); 157#else 158#define tty_compat_ioctl NULL 159#endif 160static int tty_fasync(int fd, struct file * filp, int on); 161static void release_tty(struct tty_struct *tty, int idx); 162static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 163static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); 164 165/** 166 * alloc_tty_struct - allocate a tty object 167 * 168 * Return a new empty tty structure. The data fields have not 169 * been initialized in any way but has been zeroed 170 * 171 * Locking: none 172 */ 173 174static struct tty_struct *alloc_tty_struct(void) 175{ 176 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); 177} 178 179static void tty_buffer_free_all(struct tty_struct *); 180 181/** 182 * free_tty_struct - free a disused tty 183 * @tty: tty struct to free 184 * 185 * Free the write buffers, tty queue and tty memory itself. 186 * 187 * Locking: none. Must be called after tty is definitely unused 188 */ 189 190static inline void free_tty_struct(struct tty_struct *tty) 191{ 192 kfree(tty->write_buf); 193 tty_buffer_free_all(tty); 194 kfree(tty); 195} 196 197#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base) 198 199/** 200 * tty_name - return tty naming 201 * @tty: tty structure 202 * @buf: buffer for output 203 * 204 * Convert a tty structure into a name. The name reflects the kernel 205 * naming policy and if udev is in use may not reflect user space 206 * 207 * Locking: none 208 */ 209 210char *tty_name(struct tty_struct *tty, char *buf) 211{ 212 if (!tty) /* Hmm. NULL pointer. That's fun. */ 213 strcpy(buf, "NULL tty"); 214 else 215 strcpy(buf, tty->name); 216 return buf; 217} 218 219EXPORT_SYMBOL(tty_name); 220 221int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 222 const char *routine) 223{ 224#ifdef TTY_PARANOIA_CHECK 225 if (!tty) { 226 printk(KERN_WARNING 227 "null TTY for (%d:%d) in %s\n", 228 imajor(inode), iminor(inode), routine); 229 return 1; 230 } 231 if (tty->magic != TTY_MAGIC) { 232 printk(KERN_WARNING 233 "bad magic number for tty struct (%d:%d) in %s\n", 234 imajor(inode), iminor(inode), routine); 235 return 1; 236 } 237#endif 238 return 0; 239} 240 241static int check_tty_count(struct tty_struct *tty, const char *routine) 242{ 243#ifdef CHECK_TTY_COUNT 244 struct list_head *p; 245 int count = 0; 246 247 file_list_lock(); 248 list_for_each(p, &tty->tty_files) { 249 count++; 250 } 251 file_list_unlock(); 252 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 253 tty->driver->subtype == PTY_TYPE_SLAVE && 254 tty->link && tty->link->count) 255 count++; 256 if (tty->count != count) { 257 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) " 258 "!= #fd's(%d) in %s\n", 259 tty->name, tty->count, count, routine); 260 return count; 261 } 262#endif 263 return 0; 264} 265 266/* 267 * Tty buffer allocation management 268 */ 269 270/** 271 * tty_buffer_free_all - free buffers used by a tty 272 * @tty: tty to free from 273 * 274 * Remove all the buffers pending on a tty whether queued with data 275 * or in the free ring. Must be called when the tty is no longer in use 276 * 277 * Locking: none 278 */ 279 280static void tty_buffer_free_all(struct tty_struct *tty) 281{ 282 struct tty_buffer *thead; 283 while((thead = tty->buf.head) != NULL) { 284 tty->buf.head = thead->next; 285 kfree(thead); 286 } 287 while((thead = tty->buf.free) != NULL) { 288 tty->buf.free = thead->next; 289 kfree(thead); 290 } 291 tty->buf.tail = NULL; 292 tty->buf.memory_used = 0; 293} 294 295/** 296 * tty_buffer_init - prepare a tty buffer structure 297 * @tty: tty to initialise 298 * 299 * Set up the initial state of the buffer management for a tty device. 300 * Must be called before the other tty buffer functions are used. 301 * 302 * Locking: none 303 */ 304 305static void tty_buffer_init(struct tty_struct *tty) 306{ 307 spin_lock_init(&tty->buf.lock); 308 tty->buf.head = NULL; 309 tty->buf.tail = NULL; 310 tty->buf.free = NULL; 311 tty->buf.memory_used = 0; 312} 313 314/** 315 * tty_buffer_alloc - allocate a tty buffer 316 * @tty: tty device 317 * @size: desired size (characters) 318 * 319 * Allocate a new tty buffer to hold the desired number of characters. 320 * Return NULL if out of memory or the allocation would exceed the 321 * per device queue 322 * 323 * Locking: Caller must hold tty->buf.lock 324 */ 325 326static struct tty_buffer *tty_buffer_alloc(struct tty_struct *tty, size_t size) 327{ 328 struct tty_buffer *p; 329 330 if (tty->buf.memory_used + size > 65536) 331 return NULL; 332 p = kmalloc(sizeof(struct tty_buffer) + 2 * size, GFP_ATOMIC); 333 if(p == NULL) 334 return NULL; 335 p->used = 0; 336 p->size = size; 337 p->next = NULL; 338 p->commit = 0; 339 p->read = 0; 340 p->char_buf_ptr = (char *)(p->data); 341 p->flag_buf_ptr = (unsigned char *)p->char_buf_ptr + size; 342 tty->buf.memory_used += size; 343 return p; 344} 345 346/** 347 * tty_buffer_free - free a tty buffer 348 * @tty: tty owning the buffer 349 * @b: the buffer to free 350 * 351 * Free a tty buffer, or add it to the free list according to our 352 * internal strategy 353 * 354 * Locking: Caller must hold tty->buf.lock 355 */ 356 357static void tty_buffer_free(struct tty_struct *tty, struct tty_buffer *b) 358{ 359 /* Dumb strategy for now - should keep some stats */ 360 tty->buf.memory_used -= b->size; 361 WARN_ON(tty->buf.memory_used < 0); 362 363 if(b->size >= 512) 364 kfree(b); 365 else { 366 b->next = tty->buf.free; 367 tty->buf.free = b; 368 } 369} 370 371/** 372 * tty_buffer_flush - flush full tty buffers 373 * @tty: tty to flush 374 * 375 * flush all the buffers containing receive data 376 * 377 * Locking: none 378 */ 379 380static void tty_buffer_flush(struct tty_struct *tty) 381{ 382 struct tty_buffer *thead; 383 unsigned long flags; 384 385 spin_lock_irqsave(&tty->buf.lock, flags); 386 while((thead = tty->buf.head) != NULL) { 387 tty->buf.head = thead->next; 388 tty_buffer_free(tty, thead); 389 } 390 tty->buf.tail = NULL; 391 spin_unlock_irqrestore(&tty->buf.lock, flags); 392} 393 394/** 395 * tty_buffer_find - find a free tty buffer 396 * @tty: tty owning the buffer 397 * @size: characters wanted 398 * 399 * Locate an existing suitable tty buffer or if we are lacking one then 400 * allocate a new one. We round our buffers off in 256 character chunks 401 * to get better allocation behaviour. 402 * 403 * Locking: Caller must hold tty->buf.lock 404 */ 405 406static struct tty_buffer *tty_buffer_find(struct tty_struct *tty, size_t size) 407{ 408 struct tty_buffer **tbh = &tty->buf.free; 409 while((*tbh) != NULL) { 410 struct tty_buffer *t = *tbh; 411 if(t->size >= size) { 412 *tbh = t->next; 413 t->next = NULL; 414 t->used = 0; 415 t->commit = 0; 416 t->read = 0; 417 tty->buf.memory_used += t->size; 418 return t; 419 } 420 tbh = &((*tbh)->next); 421 } 422 /* Round the buffer size out */ 423 size = (size + 0xFF) & ~ 0xFF; 424 return tty_buffer_alloc(tty, size); 425 /* Should possibly check if this fails for the largest buffer we 426 have queued and recycle that ? */ 427} 428 429/** 430 * tty_buffer_request_room - grow tty buffer if needed 431 * @tty: tty structure 432 * @size: size desired 433 * 434 * Make at least size bytes of linear space available for the tty 435 * buffer. If we fail return the size we managed to find. 436 * 437 * Locking: Takes tty->buf.lock 438 */ 439int tty_buffer_request_room(struct tty_struct *tty, size_t size) 440{ 441 struct tty_buffer *b, *n; 442 int left; 443 unsigned long flags; 444 445 spin_lock_irqsave(&tty->buf.lock, flags); 446 447 /* OPTIMISATION: We could keep a per tty "zero" sized buffer to 448 remove this conditional if its worth it. This would be invisible 449 to the callers */ 450 if ((b = tty->buf.tail) != NULL) 451 left = b->size - b->used; 452 else 453 left = 0; 454 455 if (left < size) { 456 /* This is the slow path - looking for new buffers to use */ 457 if ((n = tty_buffer_find(tty, size)) != NULL) { 458 if (b != NULL) { 459 b->next = n; 460 b->commit = b->used; 461 } else 462 tty->buf.head = n; 463 tty->buf.tail = n; 464 } else 465 size = left; 466 } 467 468 spin_unlock_irqrestore(&tty->buf.lock, flags); 469 return size; 470} 471EXPORT_SYMBOL_GPL(tty_buffer_request_room); 472 473/** 474 * tty_insert_flip_string - Add characters to the tty buffer 475 * @tty: tty structure 476 * @chars: characters 477 * @size: size 478 * 479 * Queue a series of bytes to the tty buffering. All the characters 480 * passed are marked as without error. Returns the number added. 481 * 482 * Locking: Called functions may take tty->buf.lock 483 */ 484 485int tty_insert_flip_string(struct tty_struct *tty, const unsigned char *chars, 486 size_t size) 487{ 488 int copied = 0; 489 do { 490 int space = tty_buffer_request_room(tty, size - copied); 491 struct tty_buffer *tb = tty->buf.tail; 492 /* If there is no space then tb may be NULL */ 493 if(unlikely(space == 0)) 494 break; 495 memcpy(tb->char_buf_ptr + tb->used, chars, space); 496 memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space); 497 tb->used += space; 498 copied += space; 499 chars += space; 500 /* There is a small chance that we need to split the data over 501 several buffers. If this is the case we must loop */ 502 } while (unlikely(size > copied)); 503 return copied; 504} 505EXPORT_SYMBOL(tty_insert_flip_string); 506 507/** 508 * tty_insert_flip_string_flags - Add characters to the tty buffer 509 * @tty: tty structure 510 * @chars: characters 511 * @flags: flag bytes 512 * @size: size 513 * 514 * Queue a series of bytes to the tty buffering. For each character 515 * the flags array indicates the status of the character. Returns the 516 * number added. 517 * 518 * Locking: Called functions may take tty->buf.lock 519 */ 520 521int tty_insert_flip_string_flags(struct tty_struct *tty, 522 const unsigned char *chars, const char *flags, size_t size) 523{ 524 int copied = 0; 525 do { 526 int space = tty_buffer_request_room(tty, size - copied); 527 struct tty_buffer *tb = tty->buf.tail; 528 /* If there is no space then tb may be NULL */ 529 if(unlikely(space == 0)) 530 break; 531 memcpy(tb->char_buf_ptr + tb->used, chars, space); 532 memcpy(tb->flag_buf_ptr + tb->used, flags, space); 533 tb->used += space; 534 copied += space; 535 chars += space; 536 flags += space; 537 /* There is a small chance that we need to split the data over 538 several buffers. If this is the case we must loop */ 539 } while (unlikely(size > copied)); 540 return copied; 541} 542EXPORT_SYMBOL(tty_insert_flip_string_flags); 543 544/** 545 * tty_schedule_flip - push characters to ldisc 546 * @tty: tty to push from 547 * 548 * Takes any pending buffers and transfers their ownership to the 549 * ldisc side of the queue. It then schedules those characters for 550 * processing by the line discipline. 551 * 552 * Locking: Takes tty->buf.lock 553 */ 554 555void tty_schedule_flip(struct tty_struct *tty) 556{ 557 unsigned long flags; 558 spin_lock_irqsave(&tty->buf.lock, flags); 559 if (tty->buf.tail != NULL) 560 tty->buf.tail->commit = tty->buf.tail->used; 561 spin_unlock_irqrestore(&tty->buf.lock, flags); 562 schedule_delayed_work(&tty->buf.work, 1); 563} 564EXPORT_SYMBOL(tty_schedule_flip); 565 566/** 567 * tty_prepare_flip_string - make room for characters 568 * @tty: tty 569 * @chars: return pointer for character write area 570 * @size: desired size 571 * 572 * Prepare a block of space in the buffer for data. Returns the length 573 * available and buffer pointer to the space which is now allocated and 574 * accounted for as ready for normal characters. This is used for drivers 575 * that need their own block copy routines into the buffer. There is no 576 * guarantee the buffer is a DMA target! 577 * 578 * Locking: May call functions taking tty->buf.lock 579 */ 580 581int tty_prepare_flip_string(struct tty_struct *tty, unsigned char **chars, size_t size) 582{ 583 int space = tty_buffer_request_room(tty, size); 584 if (likely(space)) { 585 struct tty_buffer *tb = tty->buf.tail; 586 *chars = tb->char_buf_ptr + tb->used; 587 memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space); 588 tb->used += space; 589 } 590 return space; 591} 592 593EXPORT_SYMBOL_GPL(tty_prepare_flip_string); 594 595/** 596 * tty_prepare_flip_string_flags - make room for characters 597 * @tty: tty 598 * @chars: return pointer for character write area 599 * @flags: return pointer for status flag write area 600 * @size: desired size 601 * 602 * Prepare a block of space in the buffer for data. Returns the length 603 * available and buffer pointer to the space which is now allocated and 604 * accounted for as ready for characters. This is used for drivers 605 * that need their own block copy routines into the buffer. There is no 606 * guarantee the buffer is a DMA target! 607 * 608 * Locking: May call functions taking tty->buf.lock 609 */ 610 611int tty_prepare_flip_string_flags(struct tty_struct *tty, unsigned char **chars, char **flags, size_t size) 612{ 613 int space = tty_buffer_request_room(tty, size); 614 if (likely(space)) { 615 struct tty_buffer *tb = tty->buf.tail; 616 *chars = tb->char_buf_ptr + tb->used; 617 *flags = tb->flag_buf_ptr + tb->used; 618 tb->used += space; 619 } 620 return space; 621} 622 623EXPORT_SYMBOL_GPL(tty_prepare_flip_string_flags); 624 625 626 627/** 628 * tty_set_termios_ldisc - set ldisc field 629 * @tty: tty structure 630 * @num: line discipline number 631 * 632 * This is probably overkill for real world processors but 633 * they are not on hot paths so a little discipline won't do 634 * any harm. 635 * 636 * Locking: takes termios_mutex 637 */ 638 639static void tty_set_termios_ldisc(struct tty_struct *tty, int num) 640{ 641 mutex_lock(&tty->termios_mutex); 642 tty->termios->c_line = num; 643 mutex_unlock(&tty->termios_mutex); 644} 645 646/* 647 * This guards the refcounted line discipline lists. The lock 648 * must be taken with irqs off because there are hangup path 649 * callers who will do ldisc lookups and cannot sleep. 650 */ 651 652static DEFINE_SPINLOCK(tty_ldisc_lock); 653static DECLARE_WAIT_QUEUE_HEAD(tty_ldisc_wait); 654static struct tty_ldisc tty_ldiscs[NR_LDISCS]; /* line disc dispatch table */ 655 656/** 657 * tty_register_ldisc - install a line discipline 658 * @disc: ldisc number 659 * @new_ldisc: pointer to the ldisc object 660 * 661 * Installs a new line discipline into the kernel. The discipline 662 * is set up as unreferenced and then made available to the kernel 663 * from this point onwards. 664 * 665 * Locking: 666 * takes tty_ldisc_lock to guard against ldisc races 667 */ 668 669int tty_register_ldisc(int disc, struct tty_ldisc *new_ldisc) 670{ 671 unsigned long flags; 672 int ret = 0; 673 674 if (disc < N_TTY || disc >= NR_LDISCS) 675 return -EINVAL; 676 677 spin_lock_irqsave(&tty_ldisc_lock, flags); 678 tty_ldiscs[disc] = *new_ldisc; 679 tty_ldiscs[disc].num = disc; 680 tty_ldiscs[disc].flags |= LDISC_FLAG_DEFINED; 681 tty_ldiscs[disc].refcount = 0; 682 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 683 684 return ret; 685} 686EXPORT_SYMBOL(tty_register_ldisc); 687 688/** 689 * tty_unregister_ldisc - unload a line discipline 690 * @disc: ldisc number 691 * @new_ldisc: pointer to the ldisc object 692 * 693 * Remove a line discipline from the kernel providing it is not 694 * currently in use. 695 * 696 * Locking: 697 * takes tty_ldisc_lock to guard against ldisc races 698 */ 699 700int tty_unregister_ldisc(int disc) 701{ 702 unsigned long flags; 703 int ret = 0; 704 705 if (disc < N_TTY || disc >= NR_LDISCS) 706 return -EINVAL; 707 708 spin_lock_irqsave(&tty_ldisc_lock, flags); 709 if (tty_ldiscs[disc].refcount) 710 ret = -EBUSY; 711 else 712 tty_ldiscs[disc].flags &= ~LDISC_FLAG_DEFINED; 713 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 714 715 return ret; 716} 717EXPORT_SYMBOL(tty_unregister_ldisc); 718 719/** 720 * tty_ldisc_get - take a reference to an ldisc 721 * @disc: ldisc number 722 * 723 * Takes a reference to a line discipline. Deals with refcounts and 724 * module locking counts. Returns NULL if the discipline is not available. 725 * Returns a pointer to the discipline and bumps the ref count if it is 726 * available 727 * 728 * Locking: 729 * takes tty_ldisc_lock to guard against ldisc races 730 */ 731 732struct tty_ldisc *tty_ldisc_get(int disc) 733{ 734 unsigned long flags; 735 struct tty_ldisc *ld; 736 737 if (disc < N_TTY || disc >= NR_LDISCS) 738 return NULL; 739 740 spin_lock_irqsave(&tty_ldisc_lock, flags); 741 742 ld = &tty_ldiscs[disc]; 743 /* Check the entry is defined */ 744 if(ld->flags & LDISC_FLAG_DEFINED) 745 { 746 /* If the module is being unloaded we can't use it */ 747 if (!try_module_get(ld->owner)) 748 ld = NULL; 749 else /* lock it */ 750 ld->refcount++; 751 } 752 else 753 ld = NULL; 754 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 755 return ld; 756} 757 758EXPORT_SYMBOL_GPL(tty_ldisc_get); 759 760/** 761 * tty_ldisc_put - drop ldisc reference 762 * @disc: ldisc number 763 * 764 * Drop a reference to a line discipline. Manage refcounts and 765 * module usage counts 766 * 767 * Locking: 768 * takes tty_ldisc_lock to guard against ldisc races 769 */ 770 771void tty_ldisc_put(int disc) 772{ 773 struct tty_ldisc *ld; 774 unsigned long flags; 775 776 BUG_ON(disc < N_TTY || disc >= NR_LDISCS); 777 778 spin_lock_irqsave(&tty_ldisc_lock, flags); 779 ld = &tty_ldiscs[disc]; 780 BUG_ON(ld->refcount == 0); 781 ld->refcount--; 782 module_put(ld->owner); 783 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 784} 785 786EXPORT_SYMBOL_GPL(tty_ldisc_put); 787 788/** 789 * tty_ldisc_assign - set ldisc on a tty 790 * @tty: tty to assign 791 * @ld: line discipline 792 * 793 * Install an instance of a line discipline into a tty structure. The 794 * ldisc must have a reference count above zero to ensure it remains/ 795 * The tty instance refcount starts at zero. 796 * 797 * Locking: 798 * Caller must hold references 799 */ 800 801static void tty_ldisc_assign(struct tty_struct *tty, struct tty_ldisc *ld) 802{ 803 tty->ldisc = *ld; 804 tty->ldisc.refcount = 0; 805} 806 807/** 808 * tty_ldisc_try - internal helper 809 * @tty: the tty 810 * 811 * Make a single attempt to grab and bump the refcount on 812 * the tty ldisc. Return 0 on failure or 1 on success. This is 813 * used to implement both the waiting and non waiting versions 814 * of tty_ldisc_ref 815 * 816 * Locking: takes tty_ldisc_lock 817 */ 818 819static int tty_ldisc_try(struct tty_struct *tty) 820{ 821 unsigned long flags; 822 struct tty_ldisc *ld; 823 int ret = 0; 824 825 spin_lock_irqsave(&tty_ldisc_lock, flags); 826 ld = &tty->ldisc; 827 if(test_bit(TTY_LDISC, &tty->flags)) 828 { 829 ld->refcount++; 830 ret = 1; 831 } 832 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 833 return ret; 834} 835 836/** 837 * tty_ldisc_ref_wait - wait for the tty ldisc 838 * @tty: tty device 839 * 840 * Dereference the line discipline for the terminal and take a 841 * reference to it. If the line discipline is in flux then 842 * wait patiently until it changes. 843 * 844 * Note: Must not be called from an IRQ/timer context. The caller 845 * must also be careful not to hold other locks that will deadlock 846 * against a discipline change, such as an existing ldisc reference 847 * (which we check for) 848 * 849 * Locking: call functions take tty_ldisc_lock 850 */ 851 852struct tty_ldisc *tty_ldisc_ref_wait(struct tty_struct *tty) 853{ 854 /* wait_event is a macro */ 855 wait_event(tty_ldisc_wait, tty_ldisc_try(tty)); 856 if(tty->ldisc.refcount == 0) 857 printk(KERN_ERR "tty_ldisc_ref_wait\n"); 858 return &tty->ldisc; 859} 860 861EXPORT_SYMBOL_GPL(tty_ldisc_ref_wait); 862 863/** 864 * tty_ldisc_ref - get the tty ldisc 865 * @tty: tty device 866 * 867 * Dereference the line discipline for the terminal and take a 868 * reference to it. If the line discipline is in flux then 869 * return NULL. Can be called from IRQ and timer functions. 870 * 871 * Locking: called functions take tty_ldisc_lock 872 */ 873 874struct tty_ldisc *tty_ldisc_ref(struct tty_struct *tty) 875{ 876 if(tty_ldisc_try(tty)) 877 return &tty->ldisc; 878 return NULL; 879} 880 881EXPORT_SYMBOL_GPL(tty_ldisc_ref); 882 883/** 884 * tty_ldisc_deref - free a tty ldisc reference 885 * @ld: reference to free up 886 * 887 * Undoes the effect of tty_ldisc_ref or tty_ldisc_ref_wait. May 888 * be called in IRQ context. 889 * 890 * Locking: takes tty_ldisc_lock 891 */ 892 893void tty_ldisc_deref(struct tty_ldisc *ld) 894{ 895 unsigned long flags; 896 897 BUG_ON(ld == NULL); 898 899 spin_lock_irqsave(&tty_ldisc_lock, flags); 900 if(ld->refcount == 0) 901 printk(KERN_ERR "tty_ldisc_deref: no references.\n"); 902 else 903 ld->refcount--; 904 if(ld->refcount == 0) 905 wake_up(&tty_ldisc_wait); 906 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 907} 908 909EXPORT_SYMBOL_GPL(tty_ldisc_deref); 910 911/** 912 * tty_ldisc_enable - allow ldisc use 913 * @tty: terminal to activate ldisc on 914 * 915 * Set the TTY_LDISC flag when the line discipline can be called 916 * again. Do neccessary wakeups for existing sleepers. 917 * 918 * Note: nobody should set this bit except via this function. Clearing 919 * directly is allowed. 920 */ 921 922static void tty_ldisc_enable(struct tty_struct *tty) 923{ 924 set_bit(TTY_LDISC, &tty->flags); 925 wake_up(&tty_ldisc_wait); 926} 927 928/** 929 * tty_set_ldisc - set line discipline 930 * @tty: the terminal to set 931 * @ldisc: the line discipline 932 * 933 * Set the discipline of a tty line. Must be called from a process 934 * context. 935 * 936 * Locking: takes tty_ldisc_lock. 937 * called functions take termios_mutex 938 */ 939 940static int tty_set_ldisc(struct tty_struct *tty, int ldisc) 941{ 942 int retval = 0; 943 struct tty_ldisc o_ldisc; 944 char buf[64]; 945 int work; 946 unsigned long flags; 947 struct tty_ldisc *ld; 948 struct tty_struct *o_tty; 949 950 if ((ldisc < N_TTY) || (ldisc >= NR_LDISCS)) 951 return -EINVAL; 952 953restart: 954 955 ld = tty_ldisc_get(ldisc); 956 /* Eduardo Blanco <ejbs@cs.cs.com.uy> */ 957 /* Cyrus Durgin <cider@speakeasy.org> */ 958 if (ld == NULL) { 959 request_module("tty-ldisc-%d", ldisc); 960 ld = tty_ldisc_get(ldisc); 961 } 962 if (ld == NULL) 963 return -EINVAL; 964 965 /* 966 * Problem: What do we do if this blocks ? 967 */ 968 969 tty_wait_until_sent(tty, 0); 970 971 if (tty->ldisc.num == ldisc) { 972 tty_ldisc_put(ldisc); 973 return 0; 974 } 975 976 /* 977 * No more input please, we are switching. The new ldisc 978 * will update this value in the ldisc open function 979 */ 980 981 tty->receive_room = 0; 982 983 o_ldisc = tty->ldisc; 984 o_tty = tty->link; 985 986 /* 987 * Make sure we don't change while someone holds a 988 * reference to the line discipline. The TTY_LDISC bit 989 * prevents anyone taking a reference once it is clear. 990 * We need the lock to avoid racing reference takers. 991 */ 992 993 spin_lock_irqsave(&tty_ldisc_lock, flags); 994 if (tty->ldisc.refcount || (o_tty && o_tty->ldisc.refcount)) { 995 if(tty->ldisc.refcount) { 996 /* Free the new ldisc we grabbed. Must drop the lock 997 first. */ 998 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 999 tty_ldisc_put(ldisc); 1000 /* 1001 * There are several reasons we may be busy, including 1002 * random momentary I/O traffic. We must therefore 1003 * retry. We could distinguish between blocking ops 1004 * and retries if we made tty_ldisc_wait() smarter. That 1005 * is up for discussion. 1006 */ 1007 if (wait_event_interruptible(tty_ldisc_wait, tty->ldisc.refcount == 0) < 0) 1008 return -ERESTARTSYS; 1009 goto restart; 1010 } 1011 if(o_tty && o_tty->ldisc.refcount) { 1012 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 1013 tty_ldisc_put(ldisc); 1014 if (wait_event_interruptible(tty_ldisc_wait, o_tty->ldisc.refcount == 0) < 0) 1015 return -ERESTARTSYS; 1016 goto restart; 1017 } 1018 } 1019 1020 /* if the TTY_LDISC bit is set, then we are racing against another ldisc change */ 1021 1022 if (!test_bit(TTY_LDISC, &tty->flags)) { 1023 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 1024 tty_ldisc_put(ldisc); 1025 ld = tty_ldisc_ref_wait(tty); 1026 tty_ldisc_deref(ld); 1027 goto restart; 1028 } 1029 1030 clear_bit(TTY_LDISC, &tty->flags); 1031 if (o_tty) 1032 clear_bit(TTY_LDISC, &o_tty->flags); 1033 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 1034 1035 /* 1036 * From this point on we know nobody has an ldisc 1037 * usage reference, nor can they obtain one until 1038 * we say so later on. 1039 */ 1040 1041 work = cancel_delayed_work(&tty->buf.work); 1042 /* 1043 * Wait for ->hangup_work and ->buf.work handlers to terminate 1044 */ 1045 1046 flush_scheduled_work(); 1047 /* Shutdown the current discipline. */ 1048 if (tty->ldisc.close) 1049 (tty->ldisc.close)(tty); 1050 1051 /* Now set up the new line discipline. */ 1052 tty_ldisc_assign(tty, ld); 1053 tty_set_termios_ldisc(tty, ldisc); 1054 if (tty->ldisc.open) 1055 retval = (tty->ldisc.open)(tty); 1056 if (retval < 0) { 1057 tty_ldisc_put(ldisc); 1058 /* There is an outstanding reference here so this is safe */ 1059 tty_ldisc_assign(tty, tty_ldisc_get(o_ldisc.num)); 1060 tty_set_termios_ldisc(tty, tty->ldisc.num); 1061 if (tty->ldisc.open && (tty->ldisc.open(tty) < 0)) { 1062 tty_ldisc_put(o_ldisc.num); 1063 /* This driver is always present */ 1064 tty_ldisc_assign(tty, tty_ldisc_get(N_TTY)); 1065 tty_set_termios_ldisc(tty, N_TTY); 1066 if (tty->ldisc.open) { 1067 int r = tty->ldisc.open(tty); 1068 1069 if (r < 0) 1070 panic("Couldn't open N_TTY ldisc for " 1071 "%s --- error %d.", 1072 tty_name(tty, buf), r); 1073 } 1074 } 1075 } 1076 /* At this point we hold a reference to the new ldisc and a 1077 a reference to the old ldisc. If we ended up flipping back 1078 to the existing ldisc we have two references to it */ 1079 1080 if (tty->ldisc.num != o_ldisc.num && tty->driver->set_ldisc) 1081 tty->driver->set_ldisc(tty); 1082 1083 tty_ldisc_put(o_ldisc.num); 1084 1085 /* 1086 * Allow ldisc referencing to occur as soon as the driver 1087 * ldisc callback completes. 1088 */ 1089 1090 tty_ldisc_enable(tty); 1091 if (o_tty) 1092 tty_ldisc_enable(o_tty); 1093 1094 /* Restart it in case no characters kick it off. Safe if 1095 already running */ 1096 if (work) 1097 schedule_delayed_work(&tty->buf.work, 1); 1098 return retval; 1099} 1100 1101/** 1102 * get_tty_driver - find device of a tty 1103 * @dev_t: device identifier 1104 * @index: returns the index of the tty 1105 * 1106 * This routine returns a tty driver structure, given a device number 1107 * and also passes back the index number. 1108 * 1109 * Locking: caller must hold tty_mutex 1110 */ 1111 1112static struct tty_driver *get_tty_driver(dev_t device, int *index) 1113{ 1114 struct tty_driver *p; 1115 1116 list_for_each_entry(p, &tty_drivers, tty_drivers) { 1117 dev_t base = MKDEV(p->major, p->minor_start); 1118 if (device < base || device >= base + p->num) 1119 continue; 1120 *index = device - base; 1121 return p; 1122 } 1123 return NULL; 1124} 1125 1126/** 1127 * tty_check_change - check for POSIX terminal changes 1128 * @tty: tty to check 1129 * 1130 * If we try to write to, or set the state of, a terminal and we're 1131 * not in the foreground, send a SIGTTOU. If the signal is blocked or 1132 * ignored, go ahead and perform the operation. (POSIX 7.2) 1133 * 1134 * Locking: none 1135 */ 1136 1137int tty_check_change(struct tty_struct * tty) 1138{ 1139 if (current->signal->tty != tty) 1140 return 0; 1141 if (!tty->pgrp) { 1142 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n"); 1143 return 0; 1144 } 1145 if (task_pgrp(current) == tty->pgrp) 1146 return 0; 1147 if (is_ignored(SIGTTOU)) 1148 return 0; 1149 if (is_current_pgrp_orphaned()) 1150 return -EIO; 1151 kill_pgrp(task_pgrp(current), SIGTTOU, 1); 1152 set_thread_flag(TIF_SIGPENDING); 1153 return -ERESTARTSYS; 1154} 1155 1156EXPORT_SYMBOL(tty_check_change); 1157 1158static ssize_t hung_up_tty_read(struct file * file, char __user * buf, 1159 size_t count, loff_t *ppos) 1160{ 1161 return 0; 1162} 1163 1164static ssize_t hung_up_tty_write(struct file * file, const char __user * buf, 1165 size_t count, loff_t *ppos) 1166{ 1167 return -EIO; 1168} 1169 1170/* No kernel lock held - none needed ;) */ 1171static unsigned int hung_up_tty_poll(struct file * filp, poll_table * wait) 1172{ 1173 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM; 1174} 1175 1176static int hung_up_tty_ioctl(struct inode * inode, struct file * file, 1177 unsigned int cmd, unsigned long arg) 1178{ 1179 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 1180} 1181 1182static long hung_up_tty_compat_ioctl(struct file * file, 1183 unsigned int cmd, unsigned long arg) 1184{ 1185 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 1186} 1187 1188static const struct file_operations tty_fops = { 1189 .llseek = no_llseek, 1190 .read = tty_read, 1191 .write = tty_write, 1192 .poll = tty_poll, 1193 .ioctl = tty_ioctl, 1194 .compat_ioctl = tty_compat_ioctl, 1195 .open = tty_open, 1196 .release = tty_release, 1197 .fasync = tty_fasync, 1198}; 1199 1200#ifdef CONFIG_UNIX98_PTYS 1201static const struct file_operations ptmx_fops = { 1202 .llseek = no_llseek, 1203 .read = tty_read, 1204 .write = tty_write, 1205 .poll = tty_poll, 1206 .ioctl = tty_ioctl, 1207 .compat_ioctl = tty_compat_ioctl, 1208 .open = ptmx_open, 1209 .release = tty_release, 1210 .fasync = tty_fasync, 1211}; 1212#endif 1213 1214static const struct file_operations console_fops = { 1215 .llseek = no_llseek, 1216 .read = tty_read, 1217 .write = redirected_tty_write, 1218 .poll = tty_poll, 1219 .ioctl = tty_ioctl, 1220 .compat_ioctl = tty_compat_ioctl, 1221 .open = tty_open, 1222 .release = tty_release, 1223 .fasync = tty_fasync, 1224}; 1225 1226static const struct file_operations hung_up_tty_fops = { 1227 .llseek = no_llseek, 1228 .read = hung_up_tty_read, 1229 .write = hung_up_tty_write, 1230 .poll = hung_up_tty_poll, 1231 .ioctl = hung_up_tty_ioctl, 1232 .compat_ioctl = hung_up_tty_compat_ioctl, 1233 .release = tty_release, 1234}; 1235 1236static DEFINE_SPINLOCK(redirect_lock); 1237static struct file *redirect; 1238 1239/** 1240 * tty_wakeup - request more data 1241 * @tty: terminal 1242 * 1243 * Internal and external helper for wakeups of tty. This function 1244 * informs the line discipline if present that the driver is ready 1245 * to receive more output data. 1246 */ 1247 1248void tty_wakeup(struct tty_struct *tty) 1249{ 1250 struct tty_ldisc *ld; 1251 1252 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 1253 ld = tty_ldisc_ref(tty); 1254 if(ld) { 1255 if(ld->write_wakeup) 1256 ld->write_wakeup(tty); 1257 tty_ldisc_deref(ld); 1258 } 1259 } 1260 wake_up_interruptible(&tty->write_wait); 1261} 1262 1263EXPORT_SYMBOL_GPL(tty_wakeup); 1264 1265/** 1266 * tty_ldisc_flush - flush line discipline queue 1267 * @tty: tty 1268 * 1269 * Flush the line discipline queue (if any) for this tty. If there 1270 * is no line discipline active this is a no-op. 1271 */ 1272 1273void tty_ldisc_flush(struct tty_struct *tty) 1274{ 1275 struct tty_ldisc *ld = tty_ldisc_ref(tty); 1276 if(ld) { 1277 if(ld->flush_buffer) 1278 ld->flush_buffer(tty); 1279 tty_ldisc_deref(ld); 1280 } 1281 tty_buffer_flush(tty); 1282} 1283 1284EXPORT_SYMBOL_GPL(tty_ldisc_flush); 1285 1286/** 1287 * tty_reset_termios - reset terminal state 1288 * @tty: tty to reset 1289 * 1290 * Restore a terminal to the driver default state 1291 */ 1292 1293static void tty_reset_termios(struct tty_struct *tty) 1294{ 1295 mutex_lock(&tty->termios_mutex); 1296 *tty->termios = tty->driver->init_termios; 1297 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 1298 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 1299 mutex_unlock(&tty->termios_mutex); 1300} 1301 1302/** 1303 * do_tty_hangup - actual handler for hangup events 1304 * @work: tty device 1305 * 1306 * This can be called by the "eventd" kernel thread. That is process 1307 * synchronous but doesn't hold any locks, so we need to make sure we 1308 * have the appropriate locks for what we're doing. 1309 * 1310 * The hangup event clears any pending redirections onto the hung up 1311 * device. It ensures future writes will error and it does the needed 1312 * line discipline hangup and signal delivery. The tty object itself 1313 * remains intact. 1314 * 1315 * Locking: 1316 * BKL 1317 * redirect lock for undoing redirection 1318 * file list lock for manipulating list of ttys 1319 * tty_ldisc_lock from called functions 1320 * termios_mutex resetting termios data 1321 * tasklist_lock to walk task list for hangup event 1322 * ->siglock to protect ->signal/->sighand 1323 */ 1324static void do_tty_hangup(struct work_struct *work) 1325{ 1326 struct tty_struct *tty = 1327 container_of(work, struct tty_struct, hangup_work); 1328 struct file * cons_filp = NULL; 1329 struct file *filp, *f = NULL; 1330 struct task_struct *p; 1331 struct tty_ldisc *ld; 1332 int closecount = 0, n; 1333 1334 if (!tty) 1335 return; 1336 1337 /* inuse_filps is protected by the single kernel lock */ 1338 lock_kernel(); 1339 1340 spin_lock(&redirect_lock); 1341 if (redirect && redirect->private_data == tty) { 1342 f = redirect; 1343 redirect = NULL; 1344 } 1345 spin_unlock(&redirect_lock); 1346 1347 check_tty_count(tty, "do_tty_hangup"); 1348 file_list_lock(); 1349 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 1350 list_for_each_entry(filp, &tty->tty_files, f_u.fu_list) { 1351 if (filp->f_op->write == redirected_tty_write) 1352 cons_filp = filp; 1353 if (filp->f_op->write != tty_write) 1354 continue; 1355 closecount++; 1356 tty_fasync(-1, filp, 0); /* can't block */ 1357 filp->f_op = &hung_up_tty_fops; 1358 } 1359 file_list_unlock(); 1360 1361 1362 ld = tty_ldisc_ref(tty); 1363 if(ld != NULL) /* We may have no line discipline at this point */ 1364 { 1365 if (ld->flush_buffer) 1366 ld->flush_buffer(tty); 1367 if (tty->driver->flush_buffer) 1368 tty->driver->flush_buffer(tty); 1369 if ((test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) && 1370 ld->write_wakeup) 1371 ld->write_wakeup(tty); 1372 if (ld->hangup) 1373 ld->hangup(tty); 1374 } 1375 1376 1377 wake_up_interruptible(&tty->write_wait); 1378 wake_up_interruptible(&tty->read_wait); 1379 1380 /* 1381 * Shutdown the current line discipline, and reset it to 1382 * N_TTY. 1383 */ 1384 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1385 tty_reset_termios(tty); 1386 1387 /* Defer ldisc switch */ 1388 /* tty_deferred_ldisc_switch(N_TTY); 1389 1390 This should get done automatically when the port closes and 1391 tty_release is called */ 1392 1393 read_lock(&tasklist_lock); 1394 if (tty->session) { 1395 do_each_pid_task(tty->session, PIDTYPE_SID, p) { 1396 spin_lock_irq(&p->sighand->siglock); 1397 if (p->signal->tty == tty) 1398 p->signal->tty = NULL; 1399 if (!p->signal->leader) { 1400 spin_unlock_irq(&p->sighand->siglock); 1401 continue; 1402 } 1403 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p); 1404 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p); 1405 put_pid(p->signal->tty_old_pgrp); /* A noop */ 1406 if (tty->pgrp) 1407 p->signal->tty_old_pgrp = get_pid(tty->pgrp); 1408 spin_unlock_irq(&p->sighand->siglock); 1409 } while_each_pid_task(tty->session, PIDTYPE_SID, p); 1410 } 1411 read_unlock(&tasklist_lock); 1412 1413 tty->flags = 0; 1414 put_pid(tty->session); 1415 put_pid(tty->pgrp); 1416 tty->session = NULL; 1417 tty->pgrp = NULL; 1418 tty->ctrl_status = 0; 1419 /* 1420 * If one of the devices matches a console pointer, we 1421 * cannot just call hangup() because that will cause 1422 * tty->count and state->count to go out of sync. 1423 * So we just call close() the right number of times. 1424 */ 1425 if (cons_filp) { 1426 if (tty->driver->close) 1427 for (n = 0; n < closecount; n++) 1428 tty->driver->close(tty, cons_filp); 1429 } else if (tty->driver->hangup) 1430 (tty->driver->hangup)(tty); 1431 1432 /* We don't want to have driver/ldisc interactions beyond 1433 the ones we did here. The driver layer expects no 1434 calls after ->hangup() from the ldisc side. However we 1435 can't yet guarantee all that */ 1436 1437 set_bit(TTY_HUPPED, &tty->flags); 1438 if (ld) { 1439 tty_ldisc_enable(tty); 1440 tty_ldisc_deref(ld); 1441 } 1442 unlock_kernel(); 1443 if (f) 1444 fput(f); 1445} 1446 1447/** 1448 * tty_hangup - trigger a hangup event 1449 * @tty: tty to hangup 1450 * 1451 * A carrier loss (virtual or otherwise) has occurred on this like 1452 * schedule a hangup sequence to run after this event. 1453 */ 1454 1455void tty_hangup(struct tty_struct * tty) 1456{ 1457#ifdef TTY_DEBUG_HANGUP 1458 char buf[64]; 1459 1460 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf)); 1461#endif 1462 schedule_work(&tty->hangup_work); 1463} 1464 1465EXPORT_SYMBOL(tty_hangup); 1466 1467/** 1468 * tty_vhangup - process vhangup 1469 * @tty: tty to hangup 1470 * 1471 * The user has asked via system call for the terminal to be hung up. 1472 * We do this synchronously so that when the syscall returns the process 1473 * is complete. That guarantee is neccessary for security reasons. 1474 */ 1475 1476void tty_vhangup(struct tty_struct * tty) 1477{ 1478#ifdef TTY_DEBUG_HANGUP 1479 char buf[64]; 1480 1481 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf)); 1482#endif 1483 do_tty_hangup(&tty->hangup_work); 1484} 1485EXPORT_SYMBOL(tty_vhangup); 1486 1487/** 1488 * tty_hung_up_p - was tty hung up 1489 * @filp: file pointer of tty 1490 * 1491 * Return true if the tty has been subject to a vhangup or a carrier 1492 * loss 1493 */ 1494 1495int tty_hung_up_p(struct file * filp) 1496{ 1497 return (filp->f_op == &hung_up_tty_fops); 1498} 1499 1500EXPORT_SYMBOL(tty_hung_up_p); 1501 1502static void session_clear_tty(struct pid *session) 1503{ 1504 struct task_struct *p; 1505 do_each_pid_task(session, PIDTYPE_SID, p) { 1506 proc_clear_tty(p); 1507 } while_each_pid_task(session, PIDTYPE_SID, p); 1508} 1509 1510/** 1511 * disassociate_ctty - disconnect controlling tty 1512 * @on_exit: true if exiting so need to "hang up" the session 1513 * 1514 * This function is typically called only by the session leader, when 1515 * it wants to disassociate itself from its controlling tty. 1516 * 1517 * It performs the following functions: 1518 * (1) Sends a SIGHUP and SIGCONT to the foreground process group 1519 * (2) Clears the tty from being controlling the session 1520 * (3) Clears the controlling tty for all processes in the 1521 * session group. 1522 * 1523 * The argument on_exit is set to 1 if called when a process is 1524 * exiting; it is 0 if called by the ioctl TIOCNOTTY. 1525 * 1526 * Locking: 1527 * BKL is taken for hysterical raisins 1528 * tty_mutex is taken to protect tty 1529 * ->siglock is taken to protect ->signal/->sighand 1530 * tasklist_lock is taken to walk process list for sessions 1531 * ->siglock is taken to protect ->signal/->sighand 1532 */ 1533 1534void disassociate_ctty(int on_exit) 1535{ 1536 struct tty_struct *tty; 1537 struct pid *tty_pgrp = NULL; 1538 1539 lock_kernel(); 1540 1541 mutex_lock(&tty_mutex); 1542 tty = get_current_tty(); 1543 if (tty) { 1544 tty_pgrp = get_pid(tty->pgrp); 1545 mutex_unlock(&tty_mutex); 1546 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) 1547 tty_vhangup(tty); 1548 } else if (on_exit) { 1549 struct pid *old_pgrp; 1550 spin_lock_irq(¤t->sighand->siglock); 1551 old_pgrp = current->signal->tty_old_pgrp; 1552 current->signal->tty_old_pgrp = NULL; 1553 spin_unlock_irq(¤t->sighand->siglock); 1554 if (old_pgrp) { 1555 kill_pgrp(old_pgrp, SIGHUP, on_exit); 1556 kill_pgrp(old_pgrp, SIGCONT, on_exit); 1557 put_pid(old_pgrp); 1558 } 1559 mutex_unlock(&tty_mutex); 1560 unlock_kernel(); 1561 return; 1562 } 1563 if (tty_pgrp) { 1564 kill_pgrp(tty_pgrp, SIGHUP, on_exit); 1565 if (!on_exit) 1566 kill_pgrp(tty_pgrp, SIGCONT, on_exit); 1567 put_pid(tty_pgrp); 1568 } 1569 1570 spin_lock_irq(¤t->sighand->siglock); 1571 put_pid(current->signal->tty_old_pgrp); 1572 current->signal->tty_old_pgrp = NULL; 1573 spin_unlock_irq(¤t->sighand->siglock); 1574 1575 mutex_lock(&tty_mutex); 1576 /* It is possible that do_tty_hangup has free'd this tty */ 1577 tty = get_current_tty(); 1578 if (tty) { 1579 put_pid(tty->session); 1580 put_pid(tty->pgrp); 1581 tty->session = NULL; 1582 tty->pgrp = NULL; 1583 } else { 1584#ifdef TTY_DEBUG_HANGUP 1585 printk(KERN_DEBUG "error attempted to write to tty [0x%p]" 1586 " = NULL", tty); 1587#endif 1588 } 1589 mutex_unlock(&tty_mutex); 1590 1591 /* Now clear signal->tty under the lock */ 1592 read_lock(&tasklist_lock); 1593 session_clear_tty(task_session(current)); 1594 read_unlock(&tasklist_lock); 1595 unlock_kernel(); 1596} 1597 1598/** 1599 * 1600 * no_tty - Ensure the current process does not have a controlling tty 1601 */ 1602void no_tty(void) 1603{ 1604 struct task_struct *tsk = current; 1605 if (tsk->signal->leader) 1606 disassociate_ctty(0); 1607 proc_clear_tty(tsk); 1608} 1609 1610 1611/** 1612 * stop_tty - propagate flow control 1613 * @tty: tty to stop 1614 * 1615 * Perform flow control to the driver. For PTY/TTY pairs we 1616 * must also propagate the TIOCKPKT status. May be called 1617 * on an already stopped device and will not re-call the driver 1618 * method. 1619 * 1620 * This functionality is used by both the line disciplines for 1621 * halting incoming flow and by the driver. It may therefore be 1622 * called from any context, may be under the tty atomic_write_lock 1623 * but not always. 1624 * 1625 * Locking: 1626 * Broken. Relies on BKL which is unsafe here. 1627 */ 1628 1629void stop_tty(struct tty_struct *tty) 1630{ 1631 if (tty->stopped) 1632 return; 1633 tty->stopped = 1; 1634 if (tty->link && tty->link->packet) { 1635 tty->ctrl_status &= ~TIOCPKT_START; 1636 tty->ctrl_status |= TIOCPKT_STOP; 1637 wake_up_interruptible(&tty->link->read_wait); 1638 } 1639 if (tty->driver->stop) 1640 (tty->driver->stop)(tty); 1641} 1642 1643EXPORT_SYMBOL(stop_tty); 1644 1645/** 1646 * start_tty - propagate flow control 1647 * @tty: tty to start 1648 * 1649 * Start a tty that has been stopped if at all possible. Perform 1650 * any neccessary wakeups and propagate the TIOCPKT status. If this 1651 * is the tty was previous stopped and is being started then the 1652 * driver start method is invoked and the line discipline woken. 1653 * 1654 * Locking: 1655 * Broken. Relies on BKL which is unsafe here. 1656 */ 1657 1658void start_tty(struct tty_struct *tty) 1659{ 1660 if (!tty->stopped || tty->flow_stopped) 1661 return; 1662 tty->stopped = 0; 1663 if (tty->link && tty->link->packet) { 1664 tty->ctrl_status &= ~TIOCPKT_STOP; 1665 tty->ctrl_status |= TIOCPKT_START; 1666 wake_up_interruptible(&tty->link->read_wait); 1667 } 1668 if (tty->driver->start) 1669 (tty->driver->start)(tty); 1670 1671 /* If we have a running line discipline it may need kicking */ 1672 tty_wakeup(tty); 1673} 1674 1675EXPORT_SYMBOL(start_tty); 1676 1677/** 1678 * tty_read - read method for tty device files 1679 * @file: pointer to tty file 1680 * @buf: user buffer 1681 * @count: size of user buffer 1682 * @ppos: unused 1683 * 1684 * Perform the read system call function on this terminal device. Checks 1685 * for hung up devices before calling the line discipline method. 1686 * 1687 * Locking: 1688 * Locks the line discipline internally while needed 1689 * For historical reasons the line discipline read method is 1690 * invoked under the BKL. This will go away in time so do not rely on it 1691 * in new code. Multiple read calls may be outstanding in parallel. 1692 */ 1693 1694static ssize_t tty_read(struct file * file, char __user * buf, size_t count, 1695 loff_t *ppos) 1696{ 1697 int i; 1698 struct tty_struct * tty; 1699 struct inode *inode; 1700 struct tty_ldisc *ld; 1701 1702 tty = (struct tty_struct *)file->private_data; 1703 inode = file->f_path.dentry->d_inode; 1704 if (tty_paranoia_check(tty, inode, "tty_read")) 1705 return -EIO; 1706 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags))) 1707 return -EIO; 1708 1709 /* We want to wait for the line discipline to sort out in this 1710 situation */ 1711 ld = tty_ldisc_ref_wait(tty); 1712 lock_kernel(); 1713 if (ld->read) 1714 i = (ld->read)(tty,file,buf,count); 1715 else 1716 i = -EIO; 1717 tty_ldisc_deref(ld); 1718 unlock_kernel(); 1719 if (i > 0) 1720 inode->i_atime = current_fs_time(inode->i_sb); 1721 return i; 1722} 1723 1724/* 1725 * Split writes up in sane blocksizes to avoid 1726 * denial-of-service type attacks 1727 */ 1728static inline ssize_t do_tty_write( 1729 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 1730 struct tty_struct *tty, 1731 struct file *file, 1732 const char __user *buf, 1733 size_t count) 1734{ 1735 ssize_t ret = 0, written = 0; 1736 unsigned int chunk; 1737 1738 if (mutex_lock_interruptible(&tty->atomic_write_lock)) { 1739 return -ERESTARTSYS; 1740 } 1741 1742 chunk = 2048; 1743 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1744 chunk = 65536; 1745 if (count < chunk) 1746 chunk = count; 1747 1748 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1749 if (tty->write_cnt < chunk) { 1750 unsigned char *buf; 1751 1752 if (chunk < 1024) 1753 chunk = 1024; 1754 1755 buf = kmalloc(chunk, GFP_KERNEL); 1756 if (!buf) { 1757 mutex_unlock(&tty->atomic_write_lock); 1758 return -ENOMEM; 1759 } 1760 kfree(tty->write_buf); 1761 tty->write_cnt = chunk; 1762 tty->write_buf = buf; 1763 } 1764 1765 /* Do the write .. */ 1766 for (;;) { 1767 size_t size = count; 1768 if (size > chunk) 1769 size = chunk; 1770 ret = -EFAULT; 1771 if (copy_from_user(tty->write_buf, buf, size)) 1772 break; 1773 lock_kernel(); 1774 ret = write(tty, file, tty->write_buf, size); 1775 unlock_kernel(); 1776 if (ret <= 0) 1777 break; 1778 written += ret; 1779 buf += ret; 1780 count -= ret; 1781 if (!count) 1782 break; 1783 ret = -ERESTARTSYS; 1784 if (signal_pending(current)) 1785 break; 1786 cond_resched(); 1787 } 1788 if (written) { 1789 struct inode *inode = file->f_path.dentry->d_inode; 1790 inode->i_mtime = current_fs_time(inode->i_sb); 1791 ret = written; 1792 } 1793 mutex_unlock(&tty->atomic_write_lock); 1794 return ret; 1795} 1796 1797 1798/** 1799 * tty_write - write method for tty device file 1800 * @file: tty file pointer 1801 * @buf: user data to write 1802 * @count: bytes to write 1803 * @ppos: unused 1804 * 1805 * Write data to a tty device via the line discipline. 1806 * 1807 * Locking: 1808 * Locks the line discipline as required 1809 * Writes to the tty driver are serialized by the atomic_write_lock 1810 * and are then processed in chunks to the device. The line discipline 1811 * write method will not be involked in parallel for each device 1812 * The line discipline write method is called under the big 1813 * kernel lock for historical reasons. New code should not rely on this. 1814 */ 1815 1816static ssize_t tty_write(struct file * file, const char __user * buf, size_t count, 1817 loff_t *ppos) 1818{ 1819 struct tty_struct * tty; 1820 struct inode *inode = file->f_path.dentry->d_inode; 1821 ssize_t ret; 1822 struct tty_ldisc *ld; 1823 1824 tty = (struct tty_struct *)file->private_data; 1825 if (tty_paranoia_check(tty, inode, "tty_write")) 1826 return -EIO; 1827 if (!tty || !tty->driver->write || (test_bit(TTY_IO_ERROR, &tty->flags))) 1828 return -EIO; 1829 1830 ld = tty_ldisc_ref_wait(tty); 1831 if (!ld->write) 1832 ret = -EIO; 1833 else 1834 ret = do_tty_write(ld->write, tty, file, buf, count); 1835 tty_ldisc_deref(ld); 1836 return ret; 1837} 1838 1839ssize_t redirected_tty_write(struct file * file, const char __user * buf, size_t count, 1840 loff_t *ppos) 1841{ 1842 struct file *p = NULL; 1843 1844 spin_lock(&redirect_lock); 1845 if (redirect) { 1846 get_file(redirect); 1847 p = redirect; 1848 } 1849 spin_unlock(&redirect_lock); 1850 1851 if (p) { 1852 ssize_t res; 1853 res = vfs_write(p, buf, count, &p->f_pos); 1854 fput(p); 1855 return res; 1856 } 1857 1858 return tty_write(file, buf, count, ppos); 1859} 1860 1861static char ptychar[] = "pqrstuvwxyzabcde"; 1862 1863/** 1864 * pty_line_name - generate name for a pty 1865 * @driver: the tty driver in use 1866 * @index: the minor number 1867 * @p: output buffer of at least 6 bytes 1868 * 1869 * Generate a name from a driver reference and write it to the output 1870 * buffer. 1871 * 1872 * Locking: None 1873 */ 1874static void pty_line_name(struct tty_driver *driver, int index, char *p) 1875{ 1876 int i = index + driver->name_base; 1877 /* ->name is initialized to "ttyp", but "tty" is expected */ 1878 sprintf(p, "%s%c%x", 1879 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1880 ptychar[i >> 4 & 0xf], i & 0xf); 1881} 1882 1883/** 1884 * pty_line_name - generate name for a tty 1885 * @driver: the tty driver in use 1886 * @index: the minor number 1887 * @p: output buffer of at least 7 bytes 1888 * 1889 * Generate a name from a driver reference and write it to the output 1890 * buffer. 1891 * 1892 * Locking: None 1893 */ 1894static void tty_line_name(struct tty_driver *driver, int index, char *p) 1895{ 1896 sprintf(p, "%s%d", driver->name, index + driver->name_base); 1897} 1898 1899/** 1900 * init_dev - initialise a tty device 1901 * @driver: tty driver we are opening a device on 1902 * @idx: device index 1903 * @tty: returned tty structure 1904 * 1905 * Prepare a tty device. This may not be a "new" clean device but 1906 * could also be an active device. The pty drivers require special 1907 * handling because of this. 1908 * 1909 * Locking: 1910 * The function is called under the tty_mutex, which 1911 * protects us from the tty struct or driver itself going away. 1912 * 1913 * On exit the tty device has the line discipline attached and 1914 * a reference count of 1. If a pair was created for pty/tty use 1915 * and the other was a pty master then it too has a reference count of 1. 1916 * 1917 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1918 * failed open. The new code protects the open with a mutex, so it's 1919 * really quite straightforward. The mutex locking can probably be 1920 * relaxed for the (most common) case of reopening a tty. 1921 */ 1922 1923static int init_dev(struct tty_driver *driver, int idx, 1924 struct tty_struct **ret_tty) 1925{ 1926 struct tty_struct *tty, *o_tty; 1927 struct ktermios *tp, **tp_loc, *o_tp, **o_tp_loc; 1928 struct ktermios *ltp, **ltp_loc, *o_ltp, **o_ltp_loc; 1929 int retval = 0; 1930 1931 /* check whether we're reopening an existing tty */ 1932 if (driver->flags & TTY_DRIVER_DEVPTS_MEM) { 1933 tty = devpts_get_tty(idx); 1934 /* 1935 * If we don't have a tty here on a slave open, it's because 1936 * the master already started the close process and there's 1937 * no relation between devpts file and tty anymore. 1938 */ 1939 if (!tty && driver->subtype == PTY_TYPE_SLAVE) { 1940 retval = -EIO; 1941 goto end_init; 1942 } 1943 /* 1944 * It's safe from now on because init_dev() is called with 1945 * tty_mutex held and release_dev() won't change tty->count 1946 * or tty->flags without having to grab tty_mutex 1947 */ 1948 if (tty && driver->subtype == PTY_TYPE_MASTER) 1949 tty = tty->link; 1950 } else { 1951 tty = driver->ttys[idx]; 1952 } 1953 if (tty) goto fast_track; 1954 1955 /* 1956 * First time open is complex, especially for PTY devices. 1957 * This code guarantees that either everything succeeds and the 1958 * TTY is ready for operation, or else the table slots are vacated 1959 * and the allocated memory released. (Except that the termios 1960 * and locked termios may be retained.) 1961 */ 1962 1963 if (!try_module_get(driver->owner)) { 1964 retval = -ENODEV; 1965 goto end_init; 1966 } 1967 1968 o_tty = NULL; 1969 tp = o_tp = NULL; 1970 ltp = o_ltp = NULL; 1971 1972 tty = alloc_tty_struct(); 1973 if(!tty) 1974 goto fail_no_mem; 1975 initialize_tty_struct(tty); 1976 tty->driver = driver; 1977 tty->index = idx; 1978 tty_line_name(driver, idx, tty->name); 1979 1980 if (driver->flags & TTY_DRIVER_DEVPTS_MEM) { 1981 tp_loc = &tty->termios; 1982 ltp_loc = &tty->termios_locked; 1983 } else { 1984 tp_loc = &driver->termios[idx]; 1985 ltp_loc = &driver->termios_locked[idx]; 1986 } 1987 1988 if (!*tp_loc) { 1989 tp = (struct ktermios *) kmalloc(sizeof(struct ktermios), 1990 GFP_KERNEL); 1991 if (!tp) 1992 goto free_mem_out; 1993 *tp = driver->init_termios; 1994 } 1995 1996 if (!*ltp_loc) { 1997 ltp = (struct ktermios *) kmalloc(sizeof(struct ktermios), 1998 GFP_KERNEL); 1999 if (!ltp) 2000 goto free_mem_out; 2001 memset(ltp, 0, sizeof(struct ktermios)); 2002 } 2003 2004 if (driver->type == TTY_DRIVER_TYPE_PTY) { 2005 o_tty = alloc_tty_struct(); 2006 if (!o_tty) 2007 goto free_mem_out; 2008 initialize_tty_struct(o_tty); 2009 o_tty->driver = driver->other; 2010 o_tty->index = idx; 2011 tty_line_name(driver->other, idx, o_tty->name); 2012 2013 if (driver->flags & TTY_DRIVER_DEVPTS_MEM) { 2014 o_tp_loc = &o_tty->termios; 2015 o_ltp_loc = &o_tty->termios_locked; 2016 } else { 2017 o_tp_loc = &driver->other->termios[idx]; 2018 o_ltp_loc = &driver->other->termios_locked[idx]; 2019 } 2020 2021 if (!*o_tp_loc) { 2022 o_tp = (struct ktermios *) 2023 kmalloc(sizeof(struct ktermios), GFP_KERNEL); 2024 if (!o_tp) 2025 goto free_mem_out; 2026 *o_tp = driver->other->init_termios; 2027 } 2028 2029 if (!*o_ltp_loc) { 2030 o_ltp = (struct ktermios *) 2031 kmalloc(sizeof(struct ktermios), GFP_KERNEL); 2032 if (!o_ltp) 2033 goto free_mem_out; 2034 memset(o_ltp, 0, sizeof(struct ktermios)); 2035 } 2036 2037 /* 2038 * Everything allocated ... set up the o_tty structure. 2039 */ 2040 if (!(driver->other->flags & TTY_DRIVER_DEVPTS_MEM)) { 2041 driver->other->ttys[idx] = o_tty; 2042 } 2043 if (!*o_tp_loc) 2044 *o_tp_loc = o_tp; 2045 if (!*o_ltp_loc) 2046 *o_ltp_loc = o_ltp; 2047 o_tty->termios = *o_tp_loc; 2048 o_tty->termios_locked = *o_ltp_loc; 2049 driver->other->refcount++; 2050 if (driver->subtype == PTY_TYPE_MASTER) 2051 o_tty->count++; 2052 2053 /* Establish the links in both directions */ 2054 tty->link = o_tty; 2055 o_tty->link = tty; 2056 } 2057 2058 /* 2059 * All structures have been allocated, so now we install them. 2060 * Failures after this point use release_tty to clean up, so 2061 * there's no need to null out the local pointers. 2062 */ 2063 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 2064 driver->ttys[idx] = tty; 2065 } 2066 2067 if (!*tp_loc) 2068 *tp_loc = tp; 2069 if (!*ltp_loc) 2070 *ltp_loc = ltp; 2071 tty->termios = *tp_loc; 2072 tty->termios_locked = *ltp_loc; 2073 /* Compatibility until drivers always set this */ 2074 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios); 2075 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios); 2076 driver->refcount++; 2077 tty->count++; 2078 2079 /* 2080 * Structures all installed ... call the ldisc open routines. 2081 * If we fail here just call release_tty to clean up. No need 2082 * to decrement the use counts, as release_tty doesn't care. 2083 */ 2084 2085 if (tty->ldisc.open) { 2086 retval = (tty->ldisc.open)(tty); 2087 if (retval) 2088 goto release_mem_out; 2089 } 2090 if (o_tty && o_tty->ldisc.open) { 2091 retval = (o_tty->ldisc.open)(o_tty); 2092 if (retval) { 2093 if (tty->ldisc.close) 2094 (tty->ldisc.close)(tty); 2095 goto release_mem_out; 2096 } 2097 tty_ldisc_enable(o_tty); 2098 } 2099 tty_ldisc_enable(tty); 2100 goto success; 2101 2102 /* 2103 * This fast open can be used if the tty is already open. 2104 * No memory is allocated, and the only failures are from 2105 * attempting to open a closing tty or attempting multiple 2106 * opens on a pty master. 2107 */ 2108fast_track: 2109 if (test_bit(TTY_CLOSING, &tty->flags)) { 2110 retval = -EIO; 2111 goto end_init; 2112 } 2113 if (driver->type == TTY_DRIVER_TYPE_PTY && 2114 driver->subtype == PTY_TYPE_MASTER) { 2115 /* 2116 * special case for PTY masters: only one open permitted, 2117 * and the slave side open count is incremented as well. 2118 */ 2119 if (tty->count) { 2120 retval = -EIO; 2121 goto end_init; 2122 } 2123 tty->link->count++; 2124 } 2125 tty->count++; 2126 tty->driver = driver; /* N.B. why do this every time?? */ 2127 2128 if(!test_bit(TTY_LDISC, &tty->flags)) 2129 printk(KERN_ERR "init_dev but no ldisc\n"); 2130success: 2131 *ret_tty = tty; 2132 2133 /* All paths come through here to release the mutex */ 2134end_init: 2135 return retval; 2136 2137 /* Release locally allocated memory ... nothing placed in slots */ 2138free_mem_out: 2139 kfree(o_tp); 2140 if (o_tty) 2141 free_tty_struct(o_tty); 2142 kfree(ltp); 2143 kfree(tp); 2144 free_tty_struct(tty); 2145 2146fail_no_mem: 2147 module_put(driver->owner); 2148 retval = -ENOMEM; 2149 goto end_init; 2150 2151 /* call the tty release_tty routine to clean out this slot */ 2152release_mem_out: 2153 if (printk_ratelimit()) 2154 printk(KERN_INFO "init_dev: ldisc open failed, " 2155 "clearing slot %d\n", idx); 2156 release_tty(tty, idx); 2157 goto end_init; 2158} 2159 2160static void release_one_tty(struct tty_struct *tty, int idx) 2161{ 2162 int devpts = tty->driver->flags & TTY_DRIVER_DEVPTS_MEM; 2163 struct ktermios *tp; 2164 2165 if (!devpts) 2166 tty->driver->ttys[idx] = NULL; 2167 2168 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) { 2169 tp = tty->termios; 2170 if (!devpts) 2171 tty->driver->termios[idx] = NULL; 2172 kfree(tp); 2173 2174 tp = tty->termios_locked; 2175 if (!devpts) 2176 tty->driver->termios_locked[idx] = NULL; 2177 kfree(tp); 2178 } 2179 2180 2181 tty->magic = 0; 2182 tty->driver->refcount--; 2183 2184 file_list_lock(); 2185 list_del_init(&tty->tty_files); 2186 file_list_unlock(); 2187 2188 free_tty_struct(tty); 2189} 2190 2191static void release_tty(struct tty_struct *tty, int idx) 2192{ 2193 struct tty_driver *driver = tty->driver; 2194 2195 if (tty->link) 2196 release_one_tty(tty->link, idx); 2197 release_one_tty(tty, idx); 2198 module_put(driver->owner); 2199} 2200 2201/* 2202 * Even releasing the tty structures is a tricky business.. We have 2203 * to be very careful that the structures are all released at the 2204 * same time, as interrupts might otherwise get the wrong pointers. 2205 * 2206 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 2207 * lead to double frees or releasing memory still in use. 2208 */ 2209static void release_dev(struct file * filp) 2210{ 2211 struct tty_struct *tty, *o_tty; 2212 int pty_master, tty_closing, o_tty_closing, do_sleep; 2213 int devpts; 2214 int idx; 2215 char buf[64]; 2216 unsigned long flags; 2217 2218 tty = (struct tty_struct *)filp->private_data; 2219 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "release_dev")) 2220 return; 2221 2222 check_tty_count(tty, "release_dev"); 2223 2224 tty_fasync(-1, filp, 0); 2225 2226 idx = tty->index; 2227 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2228 tty->driver->subtype == PTY_TYPE_MASTER); 2229 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0; 2230 o_tty = tty->link; 2231 2232#ifdef TTY_PARANOIA_CHECK 2233 if (idx < 0 || idx >= tty->driver->num) { 2234 printk(KERN_DEBUG "release_dev: bad idx when trying to " 2235 "free (%s)\n", tty->name); 2236 return; 2237 } 2238 if (!(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 2239 if (tty != tty->driver->ttys[idx]) { 2240 printk(KERN_DEBUG "release_dev: driver.table[%d] not tty " 2241 "for (%s)\n", idx, tty->name); 2242 return; 2243 } 2244 if (tty->termios != tty->driver->termios[idx]) { 2245 printk(KERN_DEBUG "release_dev: driver.termios[%d] not termios " 2246 "for (%s)\n", 2247 idx, tty->name); 2248 return; 2249 } 2250 if (tty->termios_locked != tty->driver->termios_locked[idx]) { 2251 printk(KERN_DEBUG "release_dev: driver.termios_locked[%d] not " 2252 "termios_locked for (%s)\n", 2253 idx, tty->name); 2254 return; 2255 } 2256 } 2257#endif 2258 2259#ifdef TTY_DEBUG_HANGUP 2260 printk(KERN_DEBUG "release_dev of %s (tty count=%d)...", 2261 tty_name(tty, buf), tty->count); 2262#endif 2263 2264#ifdef TTY_PARANOIA_CHECK 2265 if (tty->driver->other && 2266 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) { 2267 if (o_tty != tty->driver->other->ttys[idx]) { 2268 printk(KERN_DEBUG "release_dev: other->table[%d] " 2269 "not o_tty for (%s)\n", 2270 idx, tty->name); 2271 return; 2272 } 2273 if (o_tty->termios != tty->driver->other->termios[idx]) { 2274 printk(KERN_DEBUG "release_dev: other->termios[%d] " 2275 "not o_termios for (%s)\n", 2276 idx, tty->name); 2277 return; 2278 } 2279 if (o_tty->termios_locked != 2280 tty->driver->other->termios_locked[idx]) { 2281 printk(KERN_DEBUG "release_dev: other->termios_locked[" 2282 "%d] not o_termios_locked for (%s)\n", 2283 idx, tty->name); 2284 return; 2285 } 2286 if (o_tty->link != tty) { 2287 printk(KERN_DEBUG "release_dev: bad pty pointers\n"); 2288 return; 2289 } 2290 } 2291#endif 2292 if (tty->driver->close) 2293 tty->driver->close(tty, filp); 2294 2295 /* 2296 * Sanity check: if tty->count is going to zero, there shouldn't be 2297 * any waiters on tty->read_wait or tty->write_wait. We test the 2298 * wait queues and kick everyone out _before_ actually starting to 2299 * close. This ensures that we won't block while releasing the tty 2300 * structure. 2301 * 2302 * The test for the o_tty closing is necessary, since the master and 2303 * slave sides may close in any order. If the slave side closes out 2304 * first, its count will be one, since the master side holds an open. 2305 * Thus this test wouldn't be triggered at the time the slave closes, 2306 * so we do it now. 2307 * 2308 * Note that it's possible for the tty to be opened again while we're 2309 * flushing out waiters. By recalculating the closing flags before 2310 * each iteration we avoid any problems. 2311 */ 2312 while (1) { 2313 /* Guard against races with tty->count changes elsewhere and 2314 opens on /dev/tty */ 2315 2316 mutex_lock(&tty_mutex); 2317 tty_closing = tty->count <= 1; 2318 o_tty_closing = o_tty && 2319 (o_tty->count <= (pty_master ? 1 : 0)); 2320 do_sleep = 0; 2321 2322 if (tty_closing) { 2323 if (waitqueue_active(&tty->read_wait)) { 2324 wake_up(&tty->read_wait); 2325 do_sleep++; 2326 } 2327 if (waitqueue_active(&tty->write_wait)) { 2328 wake_up(&tty->write_wait); 2329 do_sleep++; 2330 } 2331 } 2332 if (o_tty_closing) { 2333 if (waitqueue_active(&o_tty->read_wait)) { 2334 wake_up(&o_tty->read_wait); 2335 do_sleep++; 2336 } 2337 if (waitqueue_active(&o_tty->write_wait)) { 2338 wake_up(&o_tty->write_wait); 2339 do_sleep++; 2340 } 2341 } 2342 if (!do_sleep) 2343 break; 2344 2345 printk(KERN_WARNING "release_dev: %s: read/write wait queue " 2346 "active!\n", tty_name(tty, buf)); 2347 mutex_unlock(&tty_mutex); 2348 schedule(); 2349 } 2350 2351 /* 2352 * The closing flags are now consistent with the open counts on 2353 * both sides, and we've completed the last operation that could 2354 * block, so it's safe to proceed with closing. 2355 */ 2356 if (pty_master) { 2357 if (--o_tty->count < 0) { 2358 printk(KERN_WARNING "release_dev: bad pty slave count " 2359 "(%d) for %s\n", 2360 o_tty->count, tty_name(o_tty, buf)); 2361 o_tty->count = 0; 2362 } 2363 } 2364 if (--tty->count < 0) { 2365 printk(KERN_WARNING "release_dev: bad tty->count (%d) for %s\n", 2366 tty->count, tty_name(tty, buf)); 2367 tty->count = 0; 2368 } 2369 2370 /* 2371 * We've decremented tty->count, so we need to remove this file 2372 * descriptor off the tty->tty_files list; this serves two 2373 * purposes: 2374 * - check_tty_count sees the correct number of file descriptors 2375 * associated with this tty. 2376 * - do_tty_hangup no longer sees this file descriptor as 2377 * something that needs to be handled for hangups. 2378 */ 2379 file_kill(filp); 2380 filp->private_data = NULL; 2381 2382 /* 2383 * Perform some housekeeping before deciding whether to return. 2384 * 2385 * Set the TTY_CLOSING flag if this was the last open. In the 2386 * case of a pty we may have to wait around for the other side 2387 * to close, and TTY_CLOSING makes sure we can't be reopened. 2388 */ 2389 if(tty_closing) 2390 set_bit(TTY_CLOSING, &tty->flags); 2391 if(o_tty_closing) 2392 set_bit(TTY_CLOSING, &o_tty->flags); 2393 2394 /* 2395 * If _either_ side is closing, make sure there aren't any 2396 * processes that still think tty or o_tty is their controlling 2397 * tty. 2398 */ 2399 if (tty_closing || o_tty_closing) { 2400 read_lock(&tasklist_lock); 2401 session_clear_tty(tty->session); 2402 if (o_tty) 2403 session_clear_tty(o_tty->session); 2404 read_unlock(&tasklist_lock); 2405 } 2406 2407 mutex_unlock(&tty_mutex); 2408 2409 /* check whether both sides are closing ... */ 2410 if (!tty_closing || (o_tty && !o_tty_closing)) 2411 return; 2412 2413#ifdef TTY_DEBUG_HANGUP 2414 printk(KERN_DEBUG "freeing tty structure..."); 2415#endif 2416 /* 2417 * Prevent flush_to_ldisc() from rescheduling the work for later. Then 2418 * kill any delayed work. As this is the final close it does not 2419 * race with the set_ldisc code path. 2420 */ 2421 clear_bit(TTY_LDISC, &tty->flags); 2422 cancel_delayed_work(&tty->buf.work); 2423 2424 /* 2425 * Wait for ->hangup_work and ->buf.work handlers to terminate 2426 */ 2427 2428 flush_scheduled_work(); 2429 2430 /* 2431 * Wait for any short term users (we know they are just driver 2432 * side waiters as the file is closing so user count on the file 2433 * side is zero. 2434 */ 2435 spin_lock_irqsave(&tty_ldisc_lock, flags); 2436 while(tty->ldisc.refcount) 2437 { 2438 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 2439 wait_event(tty_ldisc_wait, tty->ldisc.refcount == 0); 2440 spin_lock_irqsave(&tty_ldisc_lock, flags); 2441 } 2442 spin_unlock_irqrestore(&tty_ldisc_lock, flags); 2443 if (tty->ldisc.close) 2444 (tty->ldisc.close)(tty); 2445 tty_ldisc_put(tty->ldisc.num); 2446 2447 /* 2448 * Switch the line discipline back 2449 */ 2450 tty_ldisc_assign(tty, tty_ldisc_get(N_TTY)); 2451 tty_set_termios_ldisc(tty,N_TTY); 2452 if (o_tty) { 2453 clear_bit(TTY_LDISC, &o_tty->flags); 2454 if (o_tty->ldisc.close) 2455 (o_tty->ldisc.close)(o_tty); 2456 tty_ldisc_put(o_tty->ldisc.num); 2457 tty_ldisc_assign(o_tty, tty_ldisc_get(N_TTY)); 2458 tty_set_termios_ldisc(o_tty,N_TTY); 2459 } 2460 /* 2461 * The release_tty function takes care of the details of clearing 2462 * the slots and preserving the termios structure. 2463 */ 2464 release_tty(tty, idx); 2465 2466#ifdef CONFIG_UNIX98_PTYS 2467 /* Make this pty number available for reallocation */ 2468 if (devpts) { 2469 down(&allocated_ptys_lock); 2470 idr_remove(&allocated_ptys, idx); 2471 up(&allocated_ptys_lock); 2472 } 2473#endif 2474 2475} 2476 2477/** 2478 * tty_open - open a tty device 2479 * @inode: inode of device file 2480 * @filp: file pointer to tty 2481 * 2482 * tty_open and tty_release keep up the tty count that contains the 2483 * number of opens done on a tty. We cannot use the inode-count, as 2484 * different inodes might point to the same tty. 2485 * 2486 * Open-counting is needed for pty masters, as well as for keeping 2487 * track of serial lines: DTR is dropped when the last close happens. 2488 * (This is not done solely through tty->count, now. - Ted 1/27/92) 2489 * 2490 * The termios state of a pty is reset on first open so that 2491 * settings don't persist across reuse. 2492 * 2493 * Locking: tty_mutex protects tty, get_tty_driver and init_dev work. 2494 * tty->count should protect the rest. 2495 * ->siglock protects ->signal/->sighand 2496 */ 2497 2498static int tty_open(struct inode * inode, struct file * filp) 2499{ 2500 struct tty_struct *tty; 2501 int noctty, retval; 2502 struct tty_driver *driver; 2503 int index; 2504 dev_t device = inode->i_rdev; 2505 unsigned short saved_flags = filp->f_flags; 2506 2507 nonseekable_open(inode, filp); 2508 2509retry_open: 2510 noctty = filp->f_flags & O_NOCTTY; 2511 index = -1; 2512 retval = 0; 2513 2514 mutex_lock(&tty_mutex); 2515 2516 if (device == MKDEV(TTYAUX_MAJOR,0)) { 2517 tty = get_current_tty(); 2518 if (!tty) { 2519 mutex_unlock(&tty_mutex); 2520 return -ENXIO; 2521 } 2522 driver = tty->driver; 2523 index = tty->index; 2524 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 2525 /* noctty = 1; */ 2526 goto got_driver; 2527 } 2528#ifdef CONFIG_VT 2529 if (device == MKDEV(TTY_MAJOR,0)) { 2530 extern struct tty_driver *console_driver; 2531 driver = console_driver; 2532 index = fg_console; 2533 noctty = 1; 2534 goto got_driver; 2535 } 2536#endif 2537 if (device == MKDEV(TTYAUX_MAJOR,1)) { 2538 driver = console_device(&index); 2539 if (driver) { 2540 /* Don't let /dev/console block */ 2541 filp->f_flags |= O_NONBLOCK; 2542 noctty = 1; 2543 goto got_driver; 2544 } 2545 mutex_unlock(&tty_mutex); 2546 return -ENODEV; 2547 } 2548 2549 driver = get_tty_driver(device, &index); 2550 if (!driver) { 2551 mutex_unlock(&tty_mutex); 2552 return -ENODEV; 2553 } 2554got_driver: 2555 retval = init_dev(driver, index, &tty); 2556 mutex_unlock(&tty_mutex); 2557 if (retval) 2558 return retval; 2559 2560 filp->private_data = tty; 2561 file_move(filp, &tty->tty_files); 2562 check_tty_count(tty, "tty_open"); 2563 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2564 tty->driver->subtype == PTY_TYPE_MASTER) 2565 noctty = 1; 2566#ifdef TTY_DEBUG_HANGUP 2567 printk(KERN_DEBUG "opening %s...", tty->name); 2568#endif 2569 if (!retval) { 2570 if (tty->driver->open) 2571 retval = tty->driver->open(tty, filp); 2572 else 2573 retval = -ENODEV; 2574 } 2575 filp->f_flags = saved_flags; 2576 2577 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN)) 2578 retval = -EBUSY; 2579 2580 if (retval) { 2581#ifdef TTY_DEBUG_HANGUP 2582 printk(KERN_DEBUG "error %d in opening %s...", retval, 2583 tty->name); 2584#endif 2585 release_dev(filp); 2586 if (retval != -ERESTARTSYS) 2587 return retval; 2588 if (signal_pending(current)) 2589 return retval; 2590 schedule(); 2591 /* 2592 * Need to reset f_op in case a hangup happened. 2593 */ 2594 if (filp->f_op == &hung_up_tty_fops) 2595 filp->f_op = &tty_fops; 2596 goto retry_open; 2597 } 2598 2599 mutex_lock(&tty_mutex); 2600 spin_lock_irq(¤t->sighand->siglock); 2601 if (!noctty && 2602 current->signal->leader && 2603 !current->signal->tty && 2604 tty->session == NULL) 2605 __proc_set_tty(current, tty); 2606 spin_unlock_irq(¤t->sighand->siglock); 2607 mutex_unlock(&tty_mutex); 2608 return 0; 2609} 2610 2611#ifdef CONFIG_UNIX98_PTYS 2612/** 2613 * ptmx_open - open a unix 98 pty master 2614 * @inode: inode of device file 2615 * @filp: file pointer to tty 2616 * 2617 * Allocate a unix98 pty master device from the ptmx driver. 2618 * 2619 * Locking: tty_mutex protects theinit_dev work. tty->count should 2620 protect the rest. 2621 * allocated_ptys_lock handles the list of free pty numbers 2622 */ 2623 2624static int ptmx_open(struct inode * inode, struct file * filp) 2625{ 2626 struct tty_struct *tty; 2627 int retval; 2628 int index; 2629 int idr_ret; 2630 2631 nonseekable_open(inode, filp); 2632 2633 /* find a device that is not in use. */ 2634 down(&allocated_ptys_lock); 2635 if (!idr_pre_get(&allocated_ptys, GFP_KERNEL)) { 2636 up(&allocated_ptys_lock); 2637 return -ENOMEM; 2638 } 2639 idr_ret = idr_get_new(&allocated_ptys, NULL, &index); 2640 if (idr_ret < 0) { 2641 up(&allocated_ptys_lock); 2642 if (idr_ret == -EAGAIN) 2643 return -ENOMEM; 2644 return -EIO; 2645 } 2646 if (index >= pty_limit) { 2647 idr_remove(&allocated_ptys, index); 2648 up(&allocated_ptys_lock); 2649 return -EIO; 2650 } 2651 up(&allocated_ptys_lock); 2652 2653 mutex_lock(&tty_mutex); 2654 retval = init_dev(ptm_driver, index, &tty); 2655 mutex_unlock(&tty_mutex); 2656 2657 if (retval) 2658 goto out; 2659 2660 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */ 2661 filp->private_data = tty; 2662 file_move(filp, &tty->tty_files); 2663 2664 retval = -ENOMEM; 2665 if (devpts_pty_new(tty->link)) 2666 goto out1; 2667 2668 check_tty_count(tty, "tty_open"); 2669 retval = ptm_driver->open(tty, filp); 2670 if (!retval) 2671 return 0; 2672out1: 2673 release_dev(filp); 2674 return retval; 2675out: 2676 down(&allocated_ptys_lock); 2677 idr_remove(&allocated_ptys, index); 2678 up(&allocated_ptys_lock); 2679 return retval; 2680} 2681#endif 2682 2683/** 2684 * tty_release - vfs callback for close 2685 * @inode: inode of tty 2686 * @filp: file pointer for handle to tty 2687 * 2688 * Called the last time each file handle is closed that references 2689 * this tty. There may however be several such references. 2690 * 2691 * Locking: 2692 * Takes bkl. See release_dev 2693 */ 2694 2695static int tty_release(struct inode * inode, struct file * filp) 2696{ 2697 lock_kernel(); 2698 release_dev(filp); 2699 unlock_kernel(); 2700 return 0; 2701} 2702 2703/** 2704 * tty_poll - check tty status 2705 * @filp: file being polled 2706 * @wait: poll wait structures to update 2707 * 2708 * Call the line discipline polling method to obtain the poll 2709 * status of the device. 2710 * 2711 * Locking: locks called line discipline but ldisc poll method 2712 * may be re-entered freely by other callers. 2713 */ 2714 2715static unsigned int tty_poll(struct file * filp, poll_table * wait) 2716{ 2717 struct tty_struct * tty; 2718 struct tty_ldisc *ld; 2719 int ret = 0; 2720 2721 tty = (struct tty_struct *)filp->private_data; 2722 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll")) 2723 return 0; 2724 2725 ld = tty_ldisc_ref_wait(tty); 2726 if (ld->poll) 2727 ret = (ld->poll)(tty, filp, wait); 2728 tty_ldisc_deref(ld); 2729 return ret; 2730} 2731 2732static int tty_fasync(int fd, struct file * filp, int on) 2733{ 2734 struct tty_struct * tty; 2735 int retval; 2736 2737 tty = (struct tty_struct *)filp->private_data; 2738 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync")) 2739 return 0; 2740 2741 retval = fasync_helper(fd, filp, on, &tty->fasync); 2742 if (retval <= 0) 2743 return retval; 2744 2745 if (on) { 2746 enum pid_type type; 2747 struct pid *pid; 2748 if (!waitqueue_active(&tty->read_wait)) 2749 tty->minimum_to_wake = 1; 2750 if (tty->pgrp) { 2751 pid = tty->pgrp; 2752 type = PIDTYPE_PGID; 2753 } else { 2754 pid = task_pid(current); 2755 type = PIDTYPE_PID; 2756 } 2757 retval = __f_setown(filp, pid, type, 0); 2758 if (retval) 2759 return retval; 2760 } else { 2761 if (!tty->fasync && !waitqueue_active(&tty->read_wait)) 2762 tty->minimum_to_wake = N_TTY_BUF_SIZE; 2763 } 2764 return 0; 2765} 2766 2767 2768static int tiocsti(struct tty_struct *tty, char __user *p) 2769{ 2770 char ch, mbz = 0; 2771 struct tty_ldisc *ld; 2772 2773 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2774 return -EPERM; 2775 if (get_user(ch, p)) 2776 return -EFAULT; 2777 ld = tty_ldisc_ref_wait(tty); 2778 ld->receive_buf(tty, &ch, &mbz, 1); 2779 tty_ldisc_deref(ld); 2780 return 0; 2781} 2782 2783/** 2784 * tiocgwinsz - implement window query ioctl 2785 * @tty; tty 2786 * @arg: user buffer for result 2787 * 2788 * Copies the kernel idea of the window size into the user buffer. 2789 * 2790 * Locking: tty->termios_mutex is taken to ensure the winsize data 2791 * is consistent. 2792 */ 2793 2794static int tiocgwinsz(struct tty_struct *tty, struct winsize __user * arg) 2795{ 2796 int err; 2797 2798 mutex_lock(&tty->termios_mutex); 2799 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2800 mutex_unlock(&tty->termios_mutex); 2801 2802 return err ? -EFAULT: 0; 2803} 2804 2805/** 2806 * tiocswinsz - implement window size set ioctl 2807 * @tty; tty 2808 * @arg: user buffer for result 2809 * 2810 * Copies the user idea of the window size to the kernel. Traditionally 2811 * this is just advisory information but for the Linux console it 2812 * actually has driver level meaning and triggers a VC resize. 2813 * 2814 * Locking: 2815 * Called function use the console_sem is used to ensure we do 2816 * not try and resize the console twice at once. 2817 * The tty->termios_mutex is used to ensure we don't double 2818 * resize and get confused. Lock order - tty->termios_mutex before 2819 * console sem 2820 */ 2821 2822static int tiocswinsz(struct tty_struct *tty, struct tty_struct *real_tty, 2823 struct winsize __user * arg) 2824{ 2825 struct winsize tmp_ws; 2826 2827 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2828 return -EFAULT; 2829 2830 mutex_lock(&tty->termios_mutex); 2831 if (!memcmp(&tmp_ws, &tty->winsize, sizeof(*arg))) 2832 goto done; 2833 2834#ifdef CONFIG_VT 2835 if (tty->driver->type == TTY_DRIVER_TYPE_CONSOLE) { 2836 if (vc_lock_resize(tty->driver_data, tmp_ws.ws_col, 2837 tmp_ws.ws_row)) { 2838 mutex_unlock(&tty->termios_mutex); 2839 return -ENXIO; 2840 } 2841 } 2842#endif 2843 if (tty->pgrp) 2844 kill_pgrp(tty->pgrp, SIGWINCH, 1); 2845 if ((real_tty->pgrp != tty->pgrp) && real_tty->pgrp) 2846 kill_pgrp(real_tty->pgrp, SIGWINCH, 1); 2847 tty->winsize = tmp_ws; 2848 real_tty->winsize = tmp_ws; 2849done: 2850 mutex_unlock(&tty->termios_mutex); 2851 return 0; 2852} 2853 2854/** 2855 * tioccons - allow admin to move logical console 2856 * @file: the file to become console 2857 * 2858 * Allow the adminstrator to move the redirected console device 2859 * 2860 * Locking: uses redirect_lock to guard the redirect information 2861 */ 2862 2863static int tioccons(struct file *file) 2864{ 2865 if (!capable(CAP_SYS_ADMIN)) 2866 return -EPERM; 2867 if (file->f_op->write == redirected_tty_write) { 2868 struct file *f; 2869 spin_lock(&redirect_lock); 2870 f = redirect; 2871 redirect = NULL; 2872 spin_unlock(&redirect_lock); 2873 if (f) 2874 fput(f); 2875 return 0; 2876 } 2877 spin_lock(&redirect_lock); 2878 if (redirect) { 2879 spin_unlock(&redirect_lock); 2880 return -EBUSY; 2881 } 2882 get_file(file); 2883 redirect = file; 2884 spin_unlock(&redirect_lock); 2885 return 0; 2886} 2887 2888/** 2889 * fionbio - non blocking ioctl 2890 * @file: file to set blocking value 2891 * @p: user parameter 2892 * 2893 * Historical tty interfaces had a blocking control ioctl before 2894 * the generic functionality existed. This piece of history is preserved 2895 * in the expected tty API of posix OS's. 2896 * 2897 * Locking: none, the open fle handle ensures it won't go away. 2898 */ 2899 2900static int fionbio(struct file *file, int __user *p) 2901{ 2902 int nonblock; 2903 2904 if (get_user(nonblock, p)) 2905 return -EFAULT; 2906 2907 if (nonblock) 2908 file->f_flags |= O_NONBLOCK; 2909 else 2910 file->f_flags &= ~O_NONBLOCK; 2911 return 0; 2912} 2913 2914/** 2915 * tiocsctty - set controlling tty 2916 * @tty: tty structure 2917 * @arg: user argument 2918 * 2919 * This ioctl is used to manage job control. It permits a session 2920 * leader to set this tty as the controlling tty for the session. 2921 * 2922 * Locking: 2923 * Takes tty_mutex() to protect tty instance 2924 * Takes tasklist_lock internally to walk sessions 2925 * Takes ->siglock() when updating signal->tty 2926 */ 2927 2928static int tiocsctty(struct tty_struct *tty, int arg) 2929{ 2930 int ret = 0; 2931 if (current->signal->leader && (task_session(current) == tty->session)) 2932 return ret; 2933 2934 mutex_lock(&tty_mutex); 2935 /* 2936 * The process must be a session leader and 2937 * not have a controlling tty already. 2938 */ 2939 if (!current->signal->leader || current->signal->tty) { 2940 ret = -EPERM; 2941 goto unlock; 2942 } 2943 2944 if (tty->session) { 2945 /* 2946 * This tty is already the controlling 2947 * tty for another session group! 2948 */ 2949 if ((arg == 1) && capable(CAP_SYS_ADMIN)) { 2950 /* 2951 * Steal it away 2952 */ 2953 read_lock(&tasklist_lock); 2954 session_clear_tty(tty->session); 2955 read_unlock(&tasklist_lock); 2956 } else { 2957 ret = -EPERM; 2958 goto unlock; 2959 } 2960 } 2961 proc_set_tty(current, tty); 2962unlock: 2963 mutex_unlock(&tty_mutex); 2964 return ret; 2965} 2966 2967/** 2968 * tiocgpgrp - get process group 2969 * @tty: tty passed by user 2970 * @real_tty: tty side of the tty pased by the user if a pty else the tty 2971 * @p: returned pid 2972 * 2973 * Obtain the process group of the tty. If there is no process group 2974 * return an error. 2975 * 2976 * Locking: none. Reference to current->signal->tty is safe. 2977 */ 2978 2979static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 2980{ 2981 /* 2982 * (tty == real_tty) is a cheap way of 2983 * testing if the tty is NOT a master pty. 2984 */ 2985 if (tty == real_tty && current->signal->tty != real_tty) 2986 return -ENOTTY; 2987 return put_user(pid_nr(real_tty->pgrp), p); 2988} 2989 2990/** 2991 * tiocspgrp - attempt to set process group 2992 * @tty: tty passed by user 2993 * @real_tty: tty side device matching tty passed by user 2994 * @p: pid pointer 2995 * 2996 * Set the process group of the tty to the session passed. Only 2997 * permitted where the tty session is our session. 2998 * 2999 * Locking: None 3000 */ 3001 3002static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 3003{ 3004 struct pid *pgrp; 3005 pid_t pgrp_nr; 3006 int retval = tty_check_change(real_tty); 3007 3008 if (retval == -EIO) 3009 return -ENOTTY; 3010 if (retval) 3011 return retval; 3012 if (!current->signal->tty || 3013 (current->signal->tty != real_tty) || 3014 (real_tty->session != task_session(current))) 3015 return -ENOTTY; 3016 if (get_user(pgrp_nr, p)) 3017 return -EFAULT; 3018 if (pgrp_nr < 0) 3019 return -EINVAL; 3020 rcu_read_lock(); 3021 pgrp = find_pid(pgrp_nr); 3022 retval = -ESRCH; 3023 if (!pgrp) 3024 goto out_unlock; 3025 retval = -EPERM; 3026 if (session_of_pgrp(pgrp) != task_session(current)) 3027 goto out_unlock; 3028 retval = 0; 3029 put_pid(real_tty->pgrp); 3030 real_tty->pgrp = get_pid(pgrp); 3031out_unlock: 3032 rcu_read_unlock(); 3033 return retval; 3034} 3035 3036/** 3037 * tiocgsid - get session id 3038 * @tty: tty passed by user 3039 * @real_tty: tty side of the tty pased by the user if a pty else the tty 3040 * @p: pointer to returned session id 3041 * 3042 * Obtain the session id of the tty. If there is no session 3043 * return an error. 3044 * 3045 * Locking: none. Reference to current->signal->tty is safe. 3046 */ 3047 3048static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) 3049{ 3050 /* 3051 * (tty == real_tty) is a cheap way of 3052 * testing if the tty is NOT a master pty. 3053 */ 3054 if (tty == real_tty && current->signal->tty != real_tty) 3055 return -ENOTTY; 3056 if (!real_tty->session) 3057 return -ENOTTY; 3058 return put_user(pid_nr(real_tty->session), p); 3059} 3060 3061/** 3062 * tiocsetd - set line discipline 3063 * @tty: tty device 3064 * @p: pointer to user data 3065 * 3066 * Set the line discipline according to user request. 3067 * 3068 * Locking: see tty_set_ldisc, this function is just a helper 3069 */ 3070 3071static int tiocsetd(struct tty_struct *tty, int __user *p) 3072{ 3073 int ldisc; 3074 3075 if (get_user(ldisc, p)) 3076 return -EFAULT; 3077 return tty_set_ldisc(tty, ldisc); 3078} 3079 3080/** 3081 * send_break - performed time break 3082 * @tty: device to break on 3083 * @duration: timeout in mS 3084 * 3085 * Perform a timed break on hardware that lacks its own driver level 3086 * timed break functionality. 3087 * 3088 * Locking: 3089 * atomic_write_lock serializes 3090 * 3091 */ 3092 3093static int send_break(struct tty_struct *tty, unsigned int duration) 3094{ 3095 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 3096 return -EINTR; 3097 tty->driver->break_ctl(tty, -1); 3098 if (!signal_pending(current)) { 3099 msleep_interruptible(duration); 3100 } 3101 tty->driver->break_ctl(tty, 0); 3102 mutex_unlock(&tty->atomic_write_lock); 3103 if (signal_pending(current)) 3104 return -EINTR; 3105 return 0; 3106} 3107 3108/** 3109 * tiocmget - get modem status 3110 * @tty: tty device 3111 * @file: user file pointer 3112 * @p: pointer to result 3113 * 3114 * Obtain the modem status bits from the tty driver if the feature 3115 * is supported. Return -EINVAL if it is not available. 3116 * 3117 * Locking: none (up to the driver) 3118 */ 3119 3120static int tty_tiocmget(struct tty_struct *tty, struct file *file, int __user *p) 3121{ 3122 int retval = -EINVAL; 3123 3124 if (tty->driver->tiocmget) { 3125 retval = tty->driver->tiocmget(tty, file); 3126 3127 if (retval >= 0) 3128 retval = put_user(retval, p); 3129 } 3130 return retval; 3131} 3132 3133/** 3134 * tiocmset - set modem status 3135 * @tty: tty device 3136 * @file: user file pointer 3137 * @cmd: command - clear bits, set bits or set all 3138 * @p: pointer to desired bits 3139 * 3140 * Set the modem status bits from the tty driver if the feature 3141 * is supported. Return -EINVAL if it is not available. 3142 * 3143 * Locking: none (up to the driver) 3144 */ 3145 3146static int tty_tiocmset(struct tty_struct *tty, struct file *file, unsigned int cmd, 3147 unsigned __user *p) 3148{ 3149 int retval = -EINVAL; 3150 3151 if (tty->driver->tiocmset) { 3152 unsigned int set, clear, val; 3153 3154 retval = get_user(val, p); 3155 if (retval) 3156 return retval; 3157 3158 set = clear = 0; 3159 switch (cmd) { 3160 case TIOCMBIS: 3161 set = val; 3162 break; 3163 case TIOCMBIC: 3164 clear = val; 3165 break; 3166 case TIOCMSET: 3167 set = val; 3168 clear = ~val; 3169 break; 3170 } 3171 3172 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 3173 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 3174 3175 retval = tty->driver->tiocmset(tty, file, set, clear); 3176 } 3177 return retval; 3178} 3179 3180/* 3181 * Split this up, as gcc can choke on it otherwise.. 3182 */ 3183int tty_ioctl(struct inode * inode, struct file * file, 3184 unsigned int cmd, unsigned long arg) 3185{ 3186 struct tty_struct *tty, *real_tty; 3187 void __user *p = (void __user *)arg; 3188 int retval; 3189 struct tty_ldisc *ld; 3190 3191 tty = (struct tty_struct *)file->private_data; 3192 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 3193 return -EINVAL; 3194 3195 /* CHECKME: is this safe as one end closes ? */ 3196 3197 real_tty = tty; 3198 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 3199 tty->driver->subtype == PTY_TYPE_MASTER) 3200 real_tty = tty->link; 3201 3202 /* 3203 * Break handling by driver 3204 */ 3205 if (!tty->driver->break_ctl) { 3206 switch(cmd) { 3207 case TIOCSBRK: 3208 case TIOCCBRK: 3209 if (tty->driver->ioctl) 3210 return tty->driver->ioctl(tty, file, cmd, arg); 3211 return -EINVAL; 3212 3213 /* These two ioctl's always return success; even if */ 3214 /* the driver doesn't support them. */ 3215 case TCSBRK: 3216 case TCSBRKP: 3217 if (!tty->driver->ioctl) 3218 return 0; 3219 retval = tty->driver->ioctl(tty, file, cmd, arg); 3220 if (retval == -ENOIOCTLCMD) 3221 retval = 0; 3222 return retval; 3223 } 3224 } 3225 3226 /* 3227 * Factor out some common prep work 3228 */ 3229 switch (cmd) { 3230 case TIOCSETD: 3231 case TIOCSBRK: 3232 case TIOCCBRK: 3233 case TCSBRK: 3234 case TCSBRKP: 3235 retval = tty_check_change(tty); 3236 if (retval) 3237 return retval; 3238 if (cmd != TIOCCBRK) { 3239 tty_wait_until_sent(tty, 0); 3240 if (signal_pending(current)) 3241 return -EINTR; 3242 } 3243 break; 3244 } 3245 3246 switch (cmd) { 3247 case TIOCSTI: 3248 return tiocsti(tty, p); 3249 case TIOCGWINSZ: 3250 return tiocgwinsz(tty, p); 3251 case TIOCSWINSZ: 3252 return tiocswinsz(tty, real_tty, p); 3253 case TIOCCONS: 3254 return real_tty!=tty ? -EINVAL : tioccons(file); 3255 case FIONBIO: 3256 return fionbio(file, p); 3257 case TIOCEXCL: 3258 set_bit(TTY_EXCLUSIVE, &tty->flags); 3259 return 0; 3260 case TIOCNXCL: 3261 clear_bit(TTY_EXCLUSIVE, &tty->flags); 3262 return 0; 3263 case TIOCNOTTY: 3264 if (current->signal->tty != tty) 3265 return -ENOTTY; 3266 no_tty(); 3267 return 0; 3268 case TIOCSCTTY: 3269 return tiocsctty(tty, arg); 3270 case TIOCGPGRP: 3271 return tiocgpgrp(tty, real_tty, p); 3272 case TIOCSPGRP: 3273 return tiocspgrp(tty, real_tty, p); 3274 case TIOCGSID: 3275 return tiocgsid(tty, real_tty, p); 3276 case TIOCGETD: 3277 return put_user(tty->ldisc.num, (int __user *)p); 3278 case TIOCSETD: 3279 return tiocsetd(tty, p); 3280#ifdef CONFIG_VT 3281 case TIOCLINUX: 3282 return tioclinux(tty, arg); 3283#endif 3284 /* 3285 * Break handling 3286 */ 3287 case TIOCSBRK: /* Turn break on, unconditionally */ 3288 tty->driver->break_ctl(tty, -1); 3289 return 0; 3290 3291 case TIOCCBRK: /* Turn break off, unconditionally */ 3292 tty->driver->break_ctl(tty, 0); 3293 return 0; 3294 case TCSBRK: /* SVID version: non-zero arg --> no break */ 3295 /* non-zero arg means wait for all output data 3296 * to be sent (performed above) but don't send break. 3297 * This is used by the tcdrain() termios function. 3298 */ 3299 if (!arg) 3300 return send_break(tty, 250); 3301 return 0; 3302 case TCSBRKP: /* support for POSIX tcsendbreak() */ 3303 return send_break(tty, arg ? arg*100 : 250); 3304 3305 case TIOCMGET: 3306 return tty_tiocmget(tty, file, p); 3307 3308 case TIOCMSET: 3309 case TIOCMBIC: 3310 case TIOCMBIS: 3311 return tty_tiocmset(tty, file, cmd, p); 3312 case TCFLSH: 3313 switch (arg) { 3314 case TCIFLUSH: 3315 case TCIOFLUSH: 3316 /* flush tty buffer and allow ldisc to process ioctl */ 3317 tty_buffer_flush(tty); 3318 break; 3319 } 3320 break; 3321 } 3322 if (tty->driver->ioctl) { 3323 retval = (tty->driver->ioctl)(tty, file, cmd, arg); 3324 if (retval != -ENOIOCTLCMD) 3325 return retval; 3326 } 3327 ld = tty_ldisc_ref_wait(tty); 3328 retval = -EINVAL; 3329 if (ld->ioctl) { 3330 retval = ld->ioctl(tty, file, cmd, arg); 3331 if (retval == -ENOIOCTLCMD) 3332 retval = -EINVAL; 3333 } 3334 tty_ldisc_deref(ld); 3335 return retval; 3336} 3337 3338#ifdef CONFIG_COMPAT 3339static long tty_compat_ioctl(struct file * file, unsigned int cmd, 3340 unsigned long arg) 3341{ 3342 struct inode *inode = file->f_dentry->d_inode; 3343 struct tty_struct *tty = file->private_data; 3344 struct tty_ldisc *ld; 3345 int retval = -ENOIOCTLCMD; 3346 3347 if (tty_paranoia_check(tty, inode, "tty_ioctl")) 3348 return -EINVAL; 3349 3350 if (tty->driver->compat_ioctl) { 3351 retval = (tty->driver->compat_ioctl)(tty, file, cmd, arg); 3352 if (retval != -ENOIOCTLCMD) 3353 return retval; 3354 } 3355 3356 ld = tty_ldisc_ref_wait(tty); 3357 if (ld->compat_ioctl) 3358 retval = ld->compat_ioctl(tty, file, cmd, arg); 3359 tty_ldisc_deref(ld); 3360 3361 return retval; 3362} 3363#endif 3364 3365void __do_SAK(struct tty_struct *tty) 3366{ 3367#ifdef TTY_SOFT_SAK 3368 tty_hangup(tty); 3369#else 3370 struct task_struct *g, *p; 3371 struct pid *session; 3372 int i; 3373 struct file *filp; 3374 struct fdtable *fdt; 3375 3376 if (!tty) 3377 return; 3378 session = tty->session; 3379 3380 tty_ldisc_flush(tty); 3381 3382 if (tty->driver->flush_buffer) 3383 tty->driver->flush_buffer(tty); 3384 3385 read_lock(&tasklist_lock); 3386 /* Kill the entire session */ 3387 do_each_pid_task(session, PIDTYPE_SID, p) { 3388 printk(KERN_NOTICE "SAK: killed process %d" 3389 " (%s): process_session(p)==tty->session\n", 3390 p->pid, p->comm); 3391 send_sig(SIGKILL, p, 1); 3392 } while_each_pid_task(session, PIDTYPE_SID, p); 3393 /* Now kill any processes that happen to have the 3394 * tty open. 3395 */ 3396 do_each_thread(g, p) { 3397 if (p->signal->tty == tty) { 3398 printk(KERN_NOTICE "SAK: killed process %d" 3399 " (%s): process_session(p)==tty->session\n", 3400 p->pid, p->comm); 3401 send_sig(SIGKILL, p, 1); 3402 continue; 3403 } 3404 task_lock(p); 3405 if (p->files) { 3406 /* 3407 * We don't take a ref to the file, so we must 3408 * hold ->file_lock instead. 3409 */ 3410 spin_lock(&p->files->file_lock); 3411 fdt = files_fdtable(p->files); 3412 for (i=0; i < fdt->max_fds; i++) { 3413 filp = fcheck_files(p->files, i); 3414 if (!filp) 3415 continue; 3416 if (filp->f_op->read == tty_read && 3417 filp->private_data == tty) { 3418 printk(KERN_NOTICE "SAK: killed process %d" 3419 " (%s): fd#%d opened to the tty\n", 3420 p->pid, p->comm, i); 3421 force_sig(SIGKILL, p); 3422 break; 3423 } 3424 } 3425 spin_unlock(&p->files->file_lock); 3426 } 3427 task_unlock(p); 3428 } while_each_thread(g, p); 3429 read_unlock(&tasklist_lock); 3430#endif 3431} 3432 3433static void do_SAK_work(struct work_struct *work) 3434{ 3435 struct tty_struct *tty = 3436 container_of(work, struct tty_struct, SAK_work); 3437 __do_SAK(tty); 3438} 3439 3440/* 3441 * The tq handling here is a little racy - tty->SAK_work may already be queued. 3442 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 3443 * the values which we write to it will be identical to the values which it 3444 * already has. --akpm 3445 */ 3446void do_SAK(struct tty_struct *tty) 3447{ 3448 if (!tty) 3449 return; 3450 schedule_work(&tty->SAK_work); 3451} 3452 3453EXPORT_SYMBOL(do_SAK); 3454 3455/** 3456 * flush_to_ldisc 3457 * @work: tty structure passed from work queue. 3458 * 3459 * This routine is called out of the software interrupt to flush data 3460 * from the buffer chain to the line discipline. 3461 * 3462 * Locking: holds tty->buf.lock to guard buffer list. Drops the lock 3463 * while invoking the line discipline receive_buf method. The 3464 * receive_buf method is single threaded for each tty instance. 3465 */ 3466 3467static void flush_to_ldisc(struct work_struct *work) 3468{ 3469 struct tty_struct *tty = 3470 container_of(work, struct tty_struct, buf.work.work); 3471 unsigned long flags; 3472 struct tty_ldisc *disc; 3473 struct tty_buffer *tbuf, *head; 3474 char *char_buf; 3475 unsigned char *flag_buf; 3476 3477 disc = tty_ldisc_ref(tty); 3478 if (disc == NULL) /* !TTY_LDISC */ 3479 return; 3480 3481 spin_lock_irqsave(&tty->buf.lock, flags); 3482 head = tty->buf.head; 3483 if (head != NULL) { 3484 tty->buf.head = NULL; 3485 for (;;) { 3486 int count = head->commit - head->read; 3487 if (!count) { 3488 if (head->next == NULL) 3489 break; 3490 tbuf = head; 3491 head = head->next; 3492 tty_buffer_free(tty, tbuf); 3493 continue; 3494 } 3495 if (!tty->receive_room) { 3496 schedule_delayed_work(&tty->buf.work, 1); 3497 break; 3498 } 3499 if (count > tty->receive_room) 3500 count = tty->receive_room; 3501 char_buf = head->char_buf_ptr + head->read; 3502 flag_buf = head->flag_buf_ptr + head->read; 3503 head->read += count; 3504 spin_unlock_irqrestore(&tty->buf.lock, flags); 3505 disc->receive_buf(tty, char_buf, flag_buf, count); 3506 spin_lock_irqsave(&tty->buf.lock, flags); 3507 } 3508 tty->buf.head = head; 3509 } 3510 spin_unlock_irqrestore(&tty->buf.lock, flags); 3511 3512 tty_ldisc_deref(disc); 3513} 3514 3515/** 3516 * tty_flip_buffer_push - terminal 3517 * @tty: tty to push 3518 * 3519 * Queue a push of the terminal flip buffers to the line discipline. This 3520 * function must not be called from IRQ context if tty->low_latency is set. 3521 * 3522 * In the event of the queue being busy for flipping the work will be 3523 * held off and retried later. 3524 * 3525 * Locking: tty buffer lock. Driver locks in low latency mode. 3526 */ 3527 3528void tty_flip_buffer_push(struct tty_struct *tty) 3529{ 3530 unsigned long flags; 3531 spin_lock_irqsave(&tty->buf.lock, flags); 3532 if (tty->buf.tail != NULL) 3533 tty->buf.tail->commit = tty->buf.tail->used; 3534 spin_unlock_irqrestore(&tty->buf.lock, flags); 3535 3536 if (tty->low_latency) 3537 flush_to_ldisc(&tty->buf.work.work); 3538 else 3539 schedule_delayed_work(&tty->buf.work, 1); 3540} 3541 3542EXPORT_SYMBOL(tty_flip_buffer_push); 3543 3544 3545/** 3546 * initialize_tty_struct 3547 * @tty: tty to initialize 3548 * 3549 * This subroutine initializes a tty structure that has been newly 3550 * allocated. 3551 * 3552 * Locking: none - tty in question must not be exposed at this point 3553 */ 3554 3555static void initialize_tty_struct(struct tty_struct *tty) 3556{ 3557 memset(tty, 0, sizeof(struct tty_struct)); 3558 tty->magic = TTY_MAGIC; 3559 tty_ldisc_assign(tty, tty_ldisc_get(N_TTY)); 3560 tty->session = NULL; 3561 tty->pgrp = NULL; 3562 tty->overrun_time = jiffies; 3563 tty->buf.head = tty->buf.tail = NULL; 3564 tty_buffer_init(tty); 3565 INIT_DELAYED_WORK(&tty->buf.work, flush_to_ldisc); 3566 init_MUTEX(&tty->buf.pty_sem); 3567 mutex_init(&tty->termios_mutex); 3568 init_waitqueue_head(&tty->write_wait); 3569 init_waitqueue_head(&tty->read_wait); 3570 INIT_WORK(&tty->hangup_work, do_tty_hangup); 3571 mutex_init(&tty->atomic_read_lock); 3572 mutex_init(&tty->atomic_write_lock); 3573 spin_lock_init(&tty->read_lock); 3574 INIT_LIST_HEAD(&tty->tty_files); 3575 INIT_WORK(&tty->SAK_work, do_SAK_work); 3576} 3577 3578/* 3579 * The default put_char routine if the driver did not define one. 3580 */ 3581 3582static void tty_default_put_char(struct tty_struct *tty, unsigned char ch) 3583{ 3584 tty->driver->write(tty, &ch, 1); 3585} 3586 3587static struct class *tty_class; 3588 3589/** 3590 * tty_register_device - register a tty device 3591 * @driver: the tty driver that describes the tty device 3592 * @index: the index in the tty driver for this tty device 3593 * @device: a struct device that is associated with this tty device. 3594 * This field is optional, if there is no known struct device 3595 * for this tty device it can be set to NULL safely. 3596 * 3597 * Returns a pointer to the struct device for this tty device 3598 * (or ERR_PTR(-EFOO) on error). 3599 * 3600 * This call is required to be made to register an individual tty device 3601 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3602 * that bit is not set, this function should not be called by a tty 3603 * driver. 3604 * 3605 * Locking: ?? 3606 */ 3607 3608struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3609 struct device *device) 3610{ 3611 char name[64]; 3612 dev_t dev = MKDEV(driver->major, driver->minor_start) + index; 3613 3614 if (index >= driver->num) { 3615 printk(KERN_ERR "Attempt to register invalid tty line number " 3616 " (%d).\n", index); 3617 return ERR_PTR(-EINVAL); 3618 } 3619 3620 if (driver->type == TTY_DRIVER_TYPE_PTY) 3621 pty_line_name(driver, index, name); 3622 else 3623 tty_line_name(driver, index, name); 3624 3625 return device_create(tty_class, device, dev, name); 3626} 3627 3628/** 3629 * tty_unregister_device - unregister a tty device 3630 * @driver: the tty driver that describes the tty device 3631 * @index: the index in the tty driver for this tty device 3632 * 3633 * If a tty device is registered with a call to tty_register_device() then 3634 * this function must be called when the tty device is gone. 3635 * 3636 * Locking: ?? 3637 */ 3638 3639void tty_unregister_device(struct tty_driver *driver, unsigned index) 3640{ 3641 device_destroy(tty_class, MKDEV(driver->major, driver->minor_start) + index); 3642} 3643 3644EXPORT_SYMBOL(tty_register_device); 3645EXPORT_SYMBOL(tty_unregister_device); 3646 3647struct tty_driver *alloc_tty_driver(int lines) 3648{ 3649 struct tty_driver *driver; 3650 3651 driver = kmalloc(sizeof(struct tty_driver), GFP_KERNEL); 3652 if (driver) { 3653 memset(driver, 0, sizeof(struct tty_driver)); 3654 driver->magic = TTY_DRIVER_MAGIC; 3655 driver->num = lines; 3656 /* later we'll move allocation of tables here */ 3657 } 3658 return driver; 3659} 3660 3661void put_tty_driver(struct tty_driver *driver) 3662{ 3663 kfree(driver); 3664} 3665 3666void tty_set_operations(struct tty_driver *driver, 3667 const struct tty_operations *op) 3668{ 3669 driver->open = op->open; 3670 driver->close = op->close; 3671 driver->write = op->write; 3672 driver->put_char = op->put_char; 3673 driver->flush_chars = op->flush_chars; 3674 driver->write_room = op->write_room; 3675 driver->chars_in_buffer = op->chars_in_buffer; 3676 driver->ioctl = op->ioctl; 3677 driver->compat_ioctl = op->compat_ioctl; 3678 driver->set_termios = op->set_termios; 3679 driver->throttle = op->throttle; 3680 driver->unthrottle = op->unthrottle; 3681 driver->stop = op->stop; 3682 driver->start = op->start; 3683 driver->hangup = op->hangup; 3684 driver->break_ctl = op->break_ctl; 3685 driver->flush_buffer = op->flush_buffer; 3686 driver->set_ldisc = op->set_ldisc; 3687 driver->wait_until_sent = op->wait_until_sent; 3688 driver->send_xchar = op->send_xchar; 3689 driver->read_proc = op->read_proc; 3690 driver->write_proc = op->write_proc; 3691 driver->tiocmget = op->tiocmget; 3692 driver->tiocmset = op->tiocmset; 3693} 3694 3695 3696EXPORT_SYMBOL(alloc_tty_driver); 3697EXPORT_SYMBOL(put_tty_driver); 3698EXPORT_SYMBOL(tty_set_operations); 3699 3700/* 3701 * Called by a tty driver to register itself. 3702 */ 3703int tty_register_driver(struct tty_driver *driver) 3704{ 3705 int error; 3706 int i; 3707 dev_t dev; 3708 void **p = NULL; 3709 3710 if (driver->flags & TTY_DRIVER_INSTALLED) 3711 return 0; 3712 3713 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) { 3714 p = kzalloc(driver->num * 3 * sizeof(void *), GFP_KERNEL); 3715 if (!p) 3716 return -ENOMEM; 3717 } 3718 3719 if (!driver->major) { 3720 error = alloc_chrdev_region(&dev, driver->minor_start, driver->num, 3721 driver->name); 3722 if (!error) { 3723 driver->major = MAJOR(dev); 3724 driver->minor_start = MINOR(dev); 3725 } 3726 } else { 3727 dev = MKDEV(driver->major, driver->minor_start); 3728 error = register_chrdev_region(dev, driver->num, driver->name); 3729 } 3730 if (error < 0) { 3731 kfree(p); 3732 return error; 3733 } 3734 3735 if (p) { 3736 driver->ttys = (struct tty_struct **)p; 3737 driver->termios = (struct ktermios **)(p + driver->num); 3738 driver->termios_locked = (struct ktermios **)(p + driver->num * 2); 3739 } else { 3740 driver->ttys = NULL; 3741 driver->termios = NULL; 3742 driver->termios_locked = NULL; 3743 } 3744 3745 cdev_init(&driver->cdev, &tty_fops); 3746 driver->cdev.owner = driver->owner; 3747 error = cdev_add(&driver->cdev, dev, driver->num); 3748 if (error) { 3749 unregister_chrdev_region(dev, driver->num); 3750 driver->ttys = NULL; 3751 driver->termios = driver->termios_locked = NULL; 3752 kfree(p); 3753 return error; 3754 } 3755 3756 if (!driver->put_char) 3757 driver->put_char = tty_default_put_char; 3758 3759 mutex_lock(&tty_mutex); 3760 list_add(&driver->tty_drivers, &tty_drivers); 3761 mutex_unlock(&tty_mutex); 3762 3763 if ( !(driver->flags & TTY_DRIVER_DYNAMIC_DEV) ) { 3764 for(i = 0; i < driver->num; i++) 3765 tty_register_device(driver, i, NULL); 3766 } 3767 proc_tty_register_driver(driver); 3768 return 0; 3769} 3770 3771EXPORT_SYMBOL(tty_register_driver); 3772 3773/* 3774 * Called by a tty driver to unregister itself. 3775 */ 3776int tty_unregister_driver(struct tty_driver *driver) 3777{ 3778 int i; 3779 struct ktermios *tp; 3780 void *p; 3781 3782 if (driver->refcount) 3783 return -EBUSY; 3784 3785 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3786 driver->num); 3787 mutex_lock(&tty_mutex); 3788 list_del(&driver->tty_drivers); 3789 mutex_unlock(&tty_mutex); 3790 3791 /* 3792 * Free the termios and termios_locked structures because 3793 * we don't want to get memory leaks when modular tty 3794 * drivers are removed from the kernel. 3795 */ 3796 for (i = 0; i < driver->num; i++) { 3797 tp = driver->termios[i]; 3798 if (tp) { 3799 driver->termios[i] = NULL; 3800 kfree(tp); 3801 } 3802 tp = driver->termios_locked[i]; 3803 if (tp) { 3804 driver->termios_locked[i] = NULL; 3805 kfree(tp); 3806 } 3807 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3808 tty_unregister_device(driver, i); 3809 } 3810 p = driver->ttys; 3811 proc_tty_unregister_driver(driver); 3812 driver->ttys = NULL; 3813 driver->termios = driver->termios_locked = NULL; 3814 kfree(p); 3815 cdev_del(&driver->cdev); 3816 return 0; 3817} 3818EXPORT_SYMBOL(tty_unregister_driver); 3819 3820dev_t tty_devnum(struct tty_struct *tty) 3821{ 3822 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3823} 3824EXPORT_SYMBOL(tty_devnum); 3825 3826void proc_clear_tty(struct task_struct *p) 3827{ 3828 spin_lock_irq(&p->sighand->siglock); 3829 p->signal->tty = NULL; 3830 spin_unlock_irq(&p->sighand->siglock); 3831} 3832EXPORT_SYMBOL(proc_clear_tty); 3833 3834static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3835{ 3836 if (tty) { 3837 /* We should not have a session or pgrp to here but.... */ 3838 put_pid(tty->session); 3839 put_pid(tty->pgrp); 3840 tty->session = get_pid(task_session(tsk)); 3841 tty->pgrp = get_pid(task_pgrp(tsk)); 3842 } 3843 put_pid(tsk->signal->tty_old_pgrp); 3844 tsk->signal->tty = tty; 3845 tsk->signal->tty_old_pgrp = NULL; 3846} 3847 3848static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty) 3849{ 3850 spin_lock_irq(&tsk->sighand->siglock); 3851 __proc_set_tty(tsk, tty); 3852 spin_unlock_irq(&tsk->sighand->siglock); 3853} 3854 3855struct tty_struct *get_current_tty(void) 3856{ 3857 struct tty_struct *tty; 3858 WARN_ON_ONCE(!mutex_is_locked(&tty_mutex)); 3859 tty = current->signal->tty; 3860 /* 3861 * session->tty can be changed/cleared from under us, make sure we 3862 * issue the load. The obtained pointer, when not NULL, is valid as 3863 * long as we hold tty_mutex. 3864 */ 3865 barrier(); 3866 return tty; 3867} 3868EXPORT_SYMBOL_GPL(get_current_tty); 3869 3870/* 3871 * Initialize the console device. This is called *early*, so 3872 * we can't necessarily depend on lots of kernel help here. 3873 * Just do some early initializations, and do the complex setup 3874 * later. 3875 */ 3876void __init console_init(void) 3877{ 3878 initcall_t *call; 3879 3880 /* Setup the default TTY line discipline. */ 3881 (void) tty_register_ldisc(N_TTY, &tty_ldisc_N_TTY); 3882 3883 /* 3884 * set up the console device so that later boot sequences can 3885 * inform about problems etc.. 3886 */ 3887 call = __con_initcall_start; 3888 while (call < __con_initcall_end) { 3889 (*call)(); 3890 call++; 3891 } 3892} 3893 3894#ifdef CONFIG_VT 3895extern int vty_init(void); 3896#endif 3897 3898static int __init tty_class_init(void) 3899{ 3900 tty_class = class_create(THIS_MODULE, "tty"); 3901 if (IS_ERR(tty_class)) 3902 return PTR_ERR(tty_class); 3903 return 0; 3904} 3905 3906postcore_initcall(tty_class_init); 3907 3908/* 3/2004 jmc: why do these devices exist? */ 3909 3910static struct cdev tty_cdev, console_cdev; 3911#ifdef CONFIG_UNIX98_PTYS 3912static struct cdev ptmx_cdev; 3913#endif 3914#ifdef CONFIG_VT 3915static struct cdev vc0_cdev; 3916#endif 3917 3918/* 3919 * Ok, now we can initialize the rest of the tty devices and can count 3920 * on memory allocations, interrupts etc.. 3921 */ 3922static int __init tty_init(void) 3923{ 3924 cdev_init(&tty_cdev, &tty_fops); 3925 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3926 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3927 panic("Couldn't register /dev/tty driver\n"); 3928 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), "tty"); 3929 3930 cdev_init(&console_cdev, &console_fops); 3931 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3932 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3933 panic("Couldn't register /dev/console driver\n"); 3934 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), "console"); 3935 3936#ifdef CONFIG_UNIX98_PTYS 3937 cdev_init(&ptmx_cdev, &ptmx_fops); 3938 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || 3939 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0) 3940 panic("Couldn't register /dev/ptmx driver\n"); 3941 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), "ptmx"); 3942#endif 3943 3944#ifdef CONFIG_VT 3945 cdev_init(&vc0_cdev, &console_fops); 3946 if (cdev_add(&vc0_cdev, MKDEV(TTY_MAJOR, 0), 1) || 3947 register_chrdev_region(MKDEV(TTY_MAJOR, 0), 1, "/dev/vc/0") < 0) 3948 panic("Couldn't register /dev/tty0 driver\n"); 3949 device_create(tty_class, NULL, MKDEV(TTY_MAJOR, 0), "tty0"); 3950 3951 vty_init(); 3952#endif 3953 return 0; 3954} 3955module_init(tty_init); 3956