projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/dtor/input
[deliverable/linux.git] / drivers / char / tty_io.c
1 /*
2 * linux/drivers/char/tty_io.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7 /*
8 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
9 * or rs-channels. It also implements echoing, cooked mode etc.
10 *
11 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
12 *
13 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
14 * tty_struct and tty_queue structures. Previously there was an array
15 * of 256 tty_struct's which was statically allocated, and the
16 * tty_queue structures were allocated at boot time. Both are now
17 * dynamically allocated only when the tty is open.
18 *
19 * Also restructured routines so that there is more of a separation
20 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
21 * the low-level tty routines (serial.c, pty.c, console.c). This
22 * makes for cleaner and more compact code. -TYT, 9/17/92
23 *
24 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
25 * which can be dynamically activated and de-activated by the line
26 * discipline handling modules (like SLIP).
27 *
28 * NOTE: pay no attention to the line discipline code (yet); its
29 * interface is still subject to change in this version...
30 * -- TYT, 1/31/92
31 *
32 * Added functionality to the OPOST tty handling. No delays, but all
33 * other bits should be there.
34 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
35 *
36 * Rewrote canonical mode and added more termios flags.
37 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
38 *
39 * Reorganized FASYNC support so mouse code can share it.
40 * -- ctm@ardi.com, 9Sep95
41 *
42 * New TIOCLINUX variants added.
43 * -- mj@k332.feld.cvut.cz, 19-Nov-95
44 *
45 * Restrict vt switching via ioctl()
46 * -- grif@cs.ucr.edu, 5-Dec-95
47 *
48 * Move console and virtual terminal code to more appropriate files,
49 * implement CONFIG_VT and generalize console device interface.
50 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
51 *
52 * Rewrote init_dev and release_dev to eliminate races.
53 * -- Bill Hawes <whawes@star.net>, June 97
54 *
55 * Added devfs support.
56 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
57 *
58 * Added support for a Unix98-style ptmx device.
59 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
60 *
61 * Reduced memory usage for older ARM systems
62 * -- Russell King <rmk@arm.linux.org.uk>
63 *
64 * Move do_SAK() into process context. Less stack use in devfs functions.
65 * alloc_tty_struct() always uses kmalloc() -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
66 */
67
68 #include <linux/types.h>
69 #include <linux/major.h>
70 #include <linux/errno.h>
71 #include <linux/signal.h>
72 #include <linux/fcntl.h>
73 #include <linux/sched.h>
74 #include <linux/interrupt.h>
75 #include <linux/tty.h>
76 #include <linux/tty_driver.h>
77 #include <linux/tty_flip.h>
78 #include <linux/devpts_fs.h>
79 #include <linux/file.h>
80 #include <linux/console.h>
81 #include <linux/timer.h>
82 #include <linux/ctype.h>
83 #include <linux/kd.h>
84 #include <linux/mm.h>
85 #include <linux/string.h>
86 #include <linux/slab.h>
87 #include <linux/poll.h>
88 #include <linux/proc_fs.h>
89 #include <linux/init.h>
90 #include <linux/module.h>
91 #include <linux/smp_lock.h>
92 #include <linux/device.h>
93 #include <linux/idr.h>
94 #include <linux/wait.h>
95 #include <linux/bitops.h>
96 #include <linux/delay.h>
97
98 #include <asm/uaccess.h>
99 #include <asm/system.h>
100
101 #include <linux/kbd_kern.h>
102 #include <linux/vt_kern.h>
103 #include <linux/selection.h>
104
105 #include <linux/kmod.h>
106
107 #undef TTY_DEBUG_HANGUP
108
109 #define TTY_PARANOIA_CHECK 1
110 #define CHECK_TTY_COUNT 1
111
112 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
113 .c_iflag = ICRNL | IXON,
114 .c_oflag = OPOST | ONLCR,
115 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
116 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
117 ECHOCTL | ECHOKE | IEXTEN,
118 .c_cc = INIT_C_CC,
119 .c_ispeed = 38400,
120 .c_ospeed = 38400
121 };
122
123 EXPORT_SYMBOL(tty_std_termios);
124
125 /* This list gets poked at by procfs and various bits of boot up code. This
126 could do with some rationalisation such as pulling the tty proc function
127 into this file */
128
129 LIST_HEAD(tty_drivers); /* linked list of tty drivers */
130
131 /* Mutex to protect creating and releasing a tty. This is shared with
132 vt.c for deeply disgusting hack reasons */
133 DEFINE_MUTEX(tty_mutex);
134 EXPORT_SYMBOL(tty_mutex);
135
136 #ifdef CONFIG_UNIX98_PTYS
137 extern struct tty_driver *ptm_driver; /* Unix98 pty masters; for /dev/ptmx */
138 extern int pty_limit; /* Config limit on Unix98 ptys */
139 static DEFINE_IDR(allocated_ptys);
140 static DECLARE_MUTEX(allocated_ptys_lock);
141 static int ptmx_open(struct inode *, struct file *);
142 #endif
143
144 extern void disable_early_printk(void);
145
146 static void initialize_tty_struct(struct tty_struct *tty);
147
148 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
149 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
150 ssize_t redirected_tty_write(struct file *, const char __user *, size_t, loff_t *);
151 static unsigned int tty_poll(struct file *, poll_table *);
152 static int tty_open(struct inode *, struct file *);
153 static int tty_release(struct inode *, struct file *);
154 int tty_ioctl(struct inode * inode, struct file * file,
155 unsigned int cmd, unsigned long arg);
156 static int tty_fasync(int fd, struct file * filp, int on);
157 static void release_tty(struct tty_struct *tty, int idx);
158 static struct pid *__proc_set_tty(struct task_struct *tsk,
159 struct tty_struct *tty);
160
161 /**
162 * alloc_tty_struct - allocate a tty object
163 *
164 * Return a new empty tty structure. The data fields have not
165 * been initialized in any way but has been zeroed
166 *
167 * Locking: none
168 */
169
170 static struct tty_struct *alloc_tty_struct(void)
171 {
172 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
173 }
174
175 static void tty_buffer_free_all(struct tty_struct *);
176
177 /**
178 * free_tty_struct - free a disused tty
179 * @tty: tty struct to free
180 *
181 * Free the write buffers, tty queue and tty memory itself.
182 *
183 * Locking: none. Must be called after tty is definitely unused
184 */
185
186 static inline void free_tty_struct(struct tty_struct *tty)
187 {
188 kfree(tty->write_buf);
189 tty_buffer_free_all(tty);
190 kfree(tty);
191 }
192
193 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
194
195 /**
196 * tty_name - return tty naming
197 * @tty: tty structure
198 * @buf: buffer for output
199 *
200 * Convert a tty structure into a name. The name reflects the kernel
201 * naming policy and if udev is in use may not reflect user space
202 *
203 * Locking: none
204 */
205
206 char *tty_name(struct tty_struct *tty, char *buf)
207 {
208 if (!tty) /* Hmm. NULL pointer. That's fun. */
209 strcpy(buf, "NULL tty");
210 else
211 strcpy(buf, tty->name);
212 return buf;
213 }
214
215 EXPORT_SYMBOL(tty_name);
216
217 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
218 const char *routine)
219 {
220 #ifdef TTY_PARANOIA_CHECK
221 if (!tty) {
222 printk(KERN_WARNING
223 "null TTY for (%d:%d) in %s\n",
224 imajor(inode), iminor(inode), routine);
225 return 1;
226 }
227 if (tty->magic != TTY_MAGIC) {
228 printk(KERN_WARNING
229 "bad magic number for tty struct (%d:%d) in %s\n",
230 imajor(inode), iminor(inode), routine);
231 return 1;
232 }
233 #endif
234 return 0;
235 }
236
237 static int check_tty_count(struct tty_struct *tty, const char *routine)
238 {
239 #ifdef CHECK_TTY_COUNT
240 struct list_head *p;
241 int count = 0;
242
243 file_list_lock();
244 list_for_each(p, &tty->tty_files) {
245 count++;
246 }
247 file_list_unlock();
248 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
249 tty->driver->subtype == PTY_TYPE_SLAVE &&
250 tty->link && tty->link->count)
251 count++;
252 if (tty->count != count) {
253 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
254 "!= #fd's(%d) in %s\n",
255 tty->name, tty->count, count, routine);
256 return count;
257 }
258 #endif
259 return 0;
260 }
261
262 /*
263 * Tty buffer allocation management
264 */
265
266 /**
267 * tty_buffer_free_all - free buffers used by a tty
268 * @tty: tty to free from
269 *
270 * Remove all the buffers pending on a tty whether queued with data
271 * or in the free ring. Must be called when the tty is no longer in use
272 *
273 * Locking: none
274 */
275
276 static void tty_buffer_free_all(struct tty_struct *tty)
277 {
278 struct tty_buffer *thead;
279 while((thead = tty->buf.head) != NULL) {
280 tty->buf.head = thead->next;
281 kfree(thead);
282 }
283 while((thead = tty->buf.free) != NULL) {
284 tty->buf.free = thead->next;
285 kfree(thead);
286 }
287 tty->buf.tail = NULL;
288 tty->buf.memory_used = 0;
289 }
290
291 /**
292 * tty_buffer_init - prepare a tty buffer structure
293 * @tty: tty to initialise
294 *
295 * Set up the initial state of the buffer management for a tty device.
296 * Must be called before the other tty buffer functions are used.
297 *
298 * Locking: none
299 */
300
301 static void tty_buffer_init(struct tty_struct *tty)
302 {
303 spin_lock_init(&tty->buf.lock);
304 tty->buf.head = NULL;
305 tty->buf.tail = NULL;
306 tty->buf.free = NULL;
307 tty->buf.memory_used = 0;
308 }
309
310 /**
311 * tty_buffer_alloc - allocate a tty buffer
312 * @tty: tty device
313 * @size: desired size (characters)
314 *
315 * Allocate a new tty buffer to hold the desired number of characters.
316 * Return NULL if out of memory or the allocation would exceed the
317 * per device queue
318 *
319 * Locking: Caller must hold tty->buf.lock
320 */
321
322 static struct tty_buffer *tty_buffer_alloc(struct tty_struct *tty, size_t size)
323 {
324 struct tty_buffer *p;
325
326 if (tty->buf.memory_used + size > 65536)
327 return NULL;
328 p = kmalloc(sizeof(struct tty_buffer) + 2 * size, GFP_ATOMIC);
329 if(p == NULL)
330 return NULL;
331 p->used = 0;
332 p->size = size;
333 p->next = NULL;
334 p->commit = 0;
335 p->read = 0;
336 p->char_buf_ptr = (char *)(p->data);
337 p->flag_buf_ptr = (unsigned char *)p->char_buf_ptr + size;
338 tty->buf.memory_used += size;
339 return p;
340 }
341
342 /**
343 * tty_buffer_free - free a tty buffer
344 * @tty: tty owning the buffer
345 * @b: the buffer to free
346 *
347 * Free a tty buffer, or add it to the free list according to our
348 * internal strategy
349 *
350 * Locking: Caller must hold tty->buf.lock
351 */
352
353 static void tty_buffer_free(struct tty_struct *tty, struct tty_buffer *b)
354 {
355 /* Dumb strategy for now - should keep some stats */
356 tty->buf.memory_used -= b->size;
357 WARN_ON(tty->buf.memory_used < 0);
358
359 if(b->size >= 512)
360 kfree(b);
361 else {
362 b->next = tty->buf.free;
363 tty->buf.free = b;
364 }
365 }
366
367 /**
368 * tty_buffer_find - find a free tty buffer
369 * @tty: tty owning the buffer
370 * @size: characters wanted
371 *
372 * Locate an existing suitable tty buffer or if we are lacking one then
373 * allocate a new one. We round our buffers off in 256 character chunks
374 * to get better allocation behaviour.
375 *
376 * Locking: Caller must hold tty->buf.lock
377 */
378
379 static struct tty_buffer *tty_buffer_find(struct tty_struct *tty, size_t size)
380 {
381 struct tty_buffer **tbh = &tty->buf.free;
382 while((*tbh) != NULL) {
383 struct tty_buffer *t = *tbh;
384 if(t->size >= size) {
385 *tbh = t->next;
386 t->next = NULL;
387 t->used = 0;
388 t->commit = 0;
389 t->read = 0;
390 tty->buf.memory_used += t->size;
391 return t;
392 }
393 tbh = &((*tbh)->next);
394 }
395 /* Round the buffer size out */
396 size = (size + 0xFF) & ~ 0xFF;
397 return tty_buffer_alloc(tty, size);
398 /* Should possibly check if this fails for the largest buffer we
399 have queued and recycle that ? */
400 }
401
402 /**
403 * tty_buffer_request_room - grow tty buffer if needed
404 * @tty: tty structure
405 * @size: size desired
406 *
407 * Make at least size bytes of linear space available for the tty
408 * buffer. If we fail return the size we managed to find.
409 *
410 * Locking: Takes tty->buf.lock
411 */
412 int tty_buffer_request_room(struct tty_struct *tty, size_t size)
413 {
414 struct tty_buffer *b, *n;
415 int left;
416 unsigned long flags;
417
418 spin_lock_irqsave(&tty->buf.lock, flags);
419
420 /* OPTIMISATION: We could keep a per tty "zero" sized buffer to
421 remove this conditional if its worth it. This would be invisible
422 to the callers */
423 if ((b = tty->buf.tail) != NULL)
424 left = b->size - b->used;
425 else
426 left = 0;
427
428 if (left < size) {
429 /* This is the slow path - looking for new buffers to use */
430 if ((n = tty_buffer_find(tty, size)) != NULL) {
431 if (b != NULL) {
432 b->next = n;
433 b->commit = b->used;
434 } else
435 tty->buf.head = n;
436 tty->buf.tail = n;
437 } else
438 size = left;
439 }
440
441 spin_unlock_irqrestore(&tty->buf.lock, flags);
442 return size;
443 }
444 EXPORT_SYMBOL_GPL(tty_buffer_request_room);
445
446 /**
447 * tty_insert_flip_string - Add characters to the tty buffer
448 * @tty: tty structure
449 * @chars: characters
450 * @size: size
451 *
452 * Queue a series of bytes to the tty buffering. All the characters
453 * passed are marked as without error. Returns the number added.
454 *
455 * Locking: Called functions may take tty->buf.lock
456 */
457
458 int tty_insert_flip_string(struct tty_struct *tty, const unsigned char *chars,
459 size_t size)
460 {
461 int copied = 0;
462 do {
463 int space = tty_buffer_request_room(tty, size - copied);
464 struct tty_buffer *tb = tty->buf.tail;
465 /* If there is no space then tb may be NULL */
466 if(unlikely(space == 0))
467 break;
468 memcpy(tb->char_buf_ptr + tb->used, chars, space);
469 memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space);
470 tb->used += space;
471 copied += space;
472 chars += space;
473 /* There is a small chance that we need to split the data over
474 several buffers. If this is the case we must loop */
475 } while (unlikely(size > copied));
476 return copied;
477 }
478 EXPORT_SYMBOL(tty_insert_flip_string);
479
480 /**
481 * tty_insert_flip_string_flags - Add characters to the tty buffer
482 * @tty: tty structure
483 * @chars: characters
484 * @flags: flag bytes
485 * @size: size
486 *
487 * Queue a series of bytes to the tty buffering. For each character
488 * the flags array indicates the status of the character. Returns the
489 * number added.
490 *
491 * Locking: Called functions may take tty->buf.lock
492 */
493
494 int tty_insert_flip_string_flags(struct tty_struct *tty,
495 const unsigned char *chars, const char *flags, size_t size)
496 {
497 int copied = 0;
498 do {
499 int space = tty_buffer_request_room(tty, size - copied);
500 struct tty_buffer *tb = tty->buf.tail;
501 /* If there is no space then tb may be NULL */
502 if(unlikely(space == 0))
503 break;
504 memcpy(tb->char_buf_ptr + tb->used, chars, space);
505 memcpy(tb->flag_buf_ptr + tb->used, flags, space);
506 tb->used += space;
507 copied += space;
508 chars += space;
509 flags += space;
510 /* There is a small chance that we need to split the data over
511 several buffers. If this is the case we must loop */
512 } while (unlikely(size > copied));
513 return copied;
514 }
515 EXPORT_SYMBOL(tty_insert_flip_string_flags);
516
517 /**
518 * tty_schedule_flip - push characters to ldisc
519 * @tty: tty to push from
520 *
521 * Takes any pending buffers and transfers their ownership to the
522 * ldisc side of the queue. It then schedules those characters for
523 * processing by the line discipline.
524 *
525 * Locking: Takes tty->buf.lock
526 */
527
528 void tty_schedule_flip(struct tty_struct *tty)
529 {
530 unsigned long flags;
531 spin_lock_irqsave(&tty->buf.lock, flags);
532 if (tty->buf.tail != NULL)
533 tty->buf.tail->commit = tty->buf.tail->used;
534 spin_unlock_irqrestore(&tty->buf.lock, flags);
535 schedule_delayed_work(&tty->buf.work, 1);
536 }
537 EXPORT_SYMBOL(tty_schedule_flip);
538
539 /**
540 * tty_prepare_flip_string - make room for characters
541 * @tty: tty
542 * @chars: return pointer for character write area
543 * @size: desired size
544 *
545 * Prepare a block of space in the buffer for data. Returns the length
546 * available and buffer pointer to the space which is now allocated and
547 * accounted for as ready for normal characters. This is used for drivers
548 * that need their own block copy routines into the buffer. There is no
549 * guarantee the buffer is a DMA target!
550 *
551 * Locking: May call functions taking tty->buf.lock
552 */
553
554 int tty_prepare_flip_string(struct tty_struct *tty, unsigned char **chars, size_t size)
555 {
556 int space = tty_buffer_request_room(tty, size);
557 if (likely(space)) {
558 struct tty_buffer *tb = tty->buf.tail;
559 *chars = tb->char_buf_ptr + tb->used;
560 memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space);
561 tb->used += space;
562 }
563 return space;
564 }
565
566 EXPORT_SYMBOL_GPL(tty_prepare_flip_string);
567
568 /**
569 * tty_prepare_flip_string_flags - make room for characters
570 * @tty: tty
571 * @chars: return pointer for character write area
572 * @flags: return pointer for status flag write area
573 * @size: desired size
574 *
575 * Prepare a block of space in the buffer for data. Returns the length
576 * available and buffer pointer to the space which is now allocated and
577 * accounted for as ready for characters. This is used for drivers
578 * that need their own block copy routines into the buffer. There is no
579 * guarantee the buffer is a DMA target!
580 *
581 * Locking: May call functions taking tty->buf.lock
582 */
583
584 int tty_prepare_flip_string_flags(struct tty_struct *tty, unsigned char **chars, char **flags, size_t size)
585 {
586 int space = tty_buffer_request_room(tty, size);
587 if (likely(space)) {
588 struct tty_buffer *tb = tty->buf.tail;
589 *chars = tb->char_buf_ptr + tb->used;
590 *flags = tb->flag_buf_ptr + tb->used;
591 tb->used += space;
592 }
593 return space;
594 }
595
596 EXPORT_SYMBOL_GPL(tty_prepare_flip_string_flags);
597
598
599
600 /**
601 * tty_set_termios_ldisc - set ldisc field
602 * @tty: tty structure
603 * @num: line discipline number
604 *
605 * This is probably overkill for real world processors but
606 * they are not on hot paths so a little discipline won't do
607 * any harm.
608 *
609 * Locking: takes termios_mutex
610 */
611
612 static void tty_set_termios_ldisc(struct tty_struct *tty, int num)
613 {
614 mutex_lock(&tty->termios_mutex);
615 tty->termios->c_line = num;
616 mutex_unlock(&tty->termios_mutex);
617 }
618
619 /*
620 * This guards the refcounted line discipline lists. The lock
621 * must be taken with irqs off because there are hangup path
622 * callers who will do ldisc lookups and cannot sleep.
623 */
624
625 static DEFINE_SPINLOCK(tty_ldisc_lock);
626 static DECLARE_WAIT_QUEUE_HEAD(tty_ldisc_wait);
627 static struct tty_ldisc tty_ldiscs[NR_LDISCS]; /* line disc dispatch table */
628
629 /**
630 * tty_register_ldisc - install a line discipline
631 * @disc: ldisc number
632 * @new_ldisc: pointer to the ldisc object
633 *
634 * Installs a new line discipline into the kernel. The discipline
635 * is set up as unreferenced and then made available to the kernel
636 * from this point onwards.
637 *
638 * Locking:
639 * takes tty_ldisc_lock to guard against ldisc races
640 */
641
642 int tty_register_ldisc(int disc, struct tty_ldisc *new_ldisc)
643 {
644 unsigned long flags;
645 int ret = 0;
646
647 if (disc < N_TTY || disc >= NR_LDISCS)
648 return -EINVAL;
649
650 spin_lock_irqsave(&tty_ldisc_lock, flags);
651 tty_ldiscs[disc] = *new_ldisc;
652 tty_ldiscs[disc].num = disc;
653 tty_ldiscs[disc].flags |= LDISC_FLAG_DEFINED;
654 tty_ldiscs[disc].refcount = 0;
655 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
656
657 return ret;
658 }
659 EXPORT_SYMBOL(tty_register_ldisc);
660
661 /**
662 * tty_unregister_ldisc - unload a line discipline
663 * @disc: ldisc number
664 * @new_ldisc: pointer to the ldisc object
665 *
666 * Remove a line discipline from the kernel providing it is not
667 * currently in use.
668 *
669 * Locking:
670 * takes tty_ldisc_lock to guard against ldisc races
671 */
672
673 int tty_unregister_ldisc(int disc)
674 {
675 unsigned long flags;
676 int ret = 0;
677
678 if (disc < N_TTY || disc >= NR_LDISCS)
679 return -EINVAL;
680
681 spin_lock_irqsave(&tty_ldisc_lock, flags);
682 if (tty_ldiscs[disc].refcount)
683 ret = -EBUSY;
684 else
685 tty_ldiscs[disc].flags &= ~LDISC_FLAG_DEFINED;
686 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
687
688 return ret;
689 }
690 EXPORT_SYMBOL(tty_unregister_ldisc);
691
692 /**
693 * tty_ldisc_get - take a reference to an ldisc
694 * @disc: ldisc number
695 *
696 * Takes a reference to a line discipline. Deals with refcounts and
697 * module locking counts. Returns NULL if the discipline is not available.
698 * Returns a pointer to the discipline and bumps the ref count if it is
699 * available
700 *
701 * Locking:
702 * takes tty_ldisc_lock to guard against ldisc races
703 */
704
705 struct tty_ldisc *tty_ldisc_get(int disc)
706 {
707 unsigned long flags;
708 struct tty_ldisc *ld;
709
710 if (disc < N_TTY || disc >= NR_LDISCS)
711 return NULL;
712
713 spin_lock_irqsave(&tty_ldisc_lock, flags);
714
715 ld = &tty_ldiscs[disc];
716 /* Check the entry is defined */
717 if(ld->flags & LDISC_FLAG_DEFINED)
718 {
719 /* If the module is being unloaded we can't use it */
720 if (!try_module_get(ld->owner))
721 ld = NULL;
722 else /* lock it */
723 ld->refcount++;
724 }
725 else
726 ld = NULL;
727 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
728 return ld;
729 }
730
731 EXPORT_SYMBOL_GPL(tty_ldisc_get);
732
733 /**
734 * tty_ldisc_put - drop ldisc reference
735 * @disc: ldisc number
736 *
737 * Drop a reference to a line discipline. Manage refcounts and
738 * module usage counts
739 *
740 * Locking:
741 * takes tty_ldisc_lock to guard against ldisc races
742 */
743
744 void tty_ldisc_put(int disc)
745 {
746 struct tty_ldisc *ld;
747 unsigned long flags;
748
749 BUG_ON(disc < N_TTY || disc >= NR_LDISCS);
750
751 spin_lock_irqsave(&tty_ldisc_lock, flags);
752 ld = &tty_ldiscs[disc];
753 BUG_ON(ld->refcount == 0);
754 ld->refcount--;
755 module_put(ld->owner);
756 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
757 }
758
759 EXPORT_SYMBOL_GPL(tty_ldisc_put);
760
761 /**
762 * tty_ldisc_assign - set ldisc on a tty
763 * @tty: tty to assign
764 * @ld: line discipline
765 *
766 * Install an instance of a line discipline into a tty structure. The
767 * ldisc must have a reference count above zero to ensure it remains/
768 * The tty instance refcount starts at zero.
769 *
770 * Locking:
771 * Caller must hold references
772 */
773
774 static void tty_ldisc_assign(struct tty_struct *tty, struct tty_ldisc *ld)
775 {
776 tty->ldisc = *ld;
777 tty->ldisc.refcount = 0;
778 }
779
780 /**
781 * tty_ldisc_try - internal helper
782 * @tty: the tty
783 *
784 * Make a single attempt to grab and bump the refcount on
785 * the tty ldisc. Return 0 on failure or 1 on success. This is
786 * used to implement both the waiting and non waiting versions
787 * of tty_ldisc_ref
788 *
789 * Locking: takes tty_ldisc_lock
790 */
791
792 static int tty_ldisc_try(struct tty_struct *tty)
793 {
794 unsigned long flags;
795 struct tty_ldisc *ld;
796 int ret = 0;
797
798 spin_lock_irqsave(&tty_ldisc_lock, flags);
799 ld = &tty->ldisc;
800 if(test_bit(TTY_LDISC, &tty->flags))
801 {
802 ld->refcount++;
803 ret = 1;
804 }
805 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
806 return ret;
807 }
808
809 /**
810 * tty_ldisc_ref_wait - wait for the tty ldisc
811 * @tty: tty device
812 *
813 * Dereference the line discipline for the terminal and take a
814 * reference to it. If the line discipline is in flux then
815 * wait patiently until it changes.
816 *
817 * Note: Must not be called from an IRQ/timer context. The caller
818 * must also be careful not to hold other locks that will deadlock
819 * against a discipline change, such as an existing ldisc reference
820 * (which we check for)
821 *
822 * Locking: call functions take tty_ldisc_lock
823 */
824
825 struct tty_ldisc *tty_ldisc_ref_wait(struct tty_struct *tty)
826 {
827 /* wait_event is a macro */
828 wait_event(tty_ldisc_wait, tty_ldisc_try(tty));
829 if(tty->ldisc.refcount == 0)
830 printk(KERN_ERR "tty_ldisc_ref_wait\n");
831 return &tty->ldisc;
832 }
833
834 EXPORT_SYMBOL_GPL(tty_ldisc_ref_wait);
835
836 /**
837 * tty_ldisc_ref - get the tty ldisc
838 * @tty: tty device
839 *
840 * Dereference the line discipline for the terminal and take a
841 * reference to it. If the line discipline is in flux then
842 * return NULL. Can be called from IRQ and timer functions.
843 *
844 * Locking: called functions take tty_ldisc_lock
845 */
846
847 struct tty_ldisc *tty_ldisc_ref(struct tty_struct *tty)
848 {
849 if(tty_ldisc_try(tty))
850 return &tty->ldisc;
851 return NULL;
852 }
853
854 EXPORT_SYMBOL_GPL(tty_ldisc_ref);
855
856 /**
857 * tty_ldisc_deref - free a tty ldisc reference
858 * @ld: reference to free up
859 *
860 * Undoes the effect of tty_ldisc_ref or tty_ldisc_ref_wait. May
861 * be called in IRQ context.
862 *
863 * Locking: takes tty_ldisc_lock
864 */
865
866 void tty_ldisc_deref(struct tty_ldisc *ld)
867 {
868 unsigned long flags;
869
870 BUG_ON(ld == NULL);
871
872 spin_lock_irqsave(&tty_ldisc_lock, flags);
873 if(ld->refcount == 0)
874 printk(KERN_ERR "tty_ldisc_deref: no references.\n");
875 else
876 ld->refcount--;
877 if(ld->refcount == 0)
878 wake_up(&tty_ldisc_wait);
879 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
880 }
881
882 EXPORT_SYMBOL_GPL(tty_ldisc_deref);
883
884 /**
885 * tty_ldisc_enable - allow ldisc use
886 * @tty: terminal to activate ldisc on
887 *
888 * Set the TTY_LDISC flag when the line discipline can be called
889 * again. Do neccessary wakeups for existing sleepers.
890 *
891 * Note: nobody should set this bit except via this function. Clearing
892 * directly is allowed.
893 */
894
895 static void tty_ldisc_enable(struct tty_struct *tty)
896 {
897 set_bit(TTY_LDISC, &tty->flags);
898 wake_up(&tty_ldisc_wait);
899 }
900
901 /**
902 * tty_set_ldisc - set line discipline
903 * @tty: the terminal to set
904 * @ldisc: the line discipline
905 *
906 * Set the discipline of a tty line. Must be called from a process
907 * context.
908 *
909 * Locking: takes tty_ldisc_lock.
910 * called functions take termios_mutex
911 */
912
913 static int tty_set_ldisc(struct tty_struct *tty, int ldisc)
914 {
915 int retval = 0;
916 struct tty_ldisc o_ldisc;
917 char buf[64];
918 int work;
919 unsigned long flags;
920 struct tty_ldisc *ld;
921 struct tty_struct *o_tty;
922
923 if ((ldisc < N_TTY) || (ldisc >= NR_LDISCS))
924 return -EINVAL;
925
926 restart:
927
928 ld = tty_ldisc_get(ldisc);
929 /* Eduardo Blanco <ejbs@cs.cs.com.uy> */
930 /* Cyrus Durgin <cider@speakeasy.org> */
931 if (ld == NULL) {
932 request_module("tty-ldisc-%d", ldisc);
933 ld = tty_ldisc_get(ldisc);
934 }
935 if (ld == NULL)
936 return -EINVAL;
937
938 /*
939 * No more input please, we are switching. The new ldisc
940 * will update this value in the ldisc open function
941 */
942
943 tty->receive_room = 0;
944
945 /*
946 * Problem: What do we do if this blocks ?
947 */
948
949 tty_wait_until_sent(tty, 0);
950
951 if (tty->ldisc.num == ldisc) {
952 tty_ldisc_put(ldisc);
953 return 0;
954 }
955
956 o_ldisc = tty->ldisc;
957 o_tty = tty->link;
958
959 /*
960 * Make sure we don't change while someone holds a
961 * reference to the line discipline. The TTY_LDISC bit
962 * prevents anyone taking a reference once it is clear.
963 * We need the lock to avoid racing reference takers.
964 */
965
966 spin_lock_irqsave(&tty_ldisc_lock, flags);
967 if (tty->ldisc.refcount || (o_tty && o_tty->ldisc.refcount)) {
968 if(tty->ldisc.refcount) {
969 /* Free the new ldisc we grabbed. Must drop the lock
970 first. */
971 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
972 tty_ldisc_put(ldisc);
973 /*
974 * There are several reasons we may be busy, including
975 * random momentary I/O traffic. We must therefore
976 * retry. We could distinguish between blocking ops
977 * and retries if we made tty_ldisc_wait() smarter. That
978 * is up for discussion.
979 */
980 if (wait_event_interruptible(tty_ldisc_wait, tty->ldisc.refcount == 0) < 0)
981 return -ERESTARTSYS;
982 goto restart;
983 }
984 if(o_tty && o_tty->ldisc.refcount) {
985 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
986 tty_ldisc_put(ldisc);
987 if (wait_event_interruptible(tty_ldisc_wait, o_tty->ldisc.refcount == 0) < 0)
988 return -ERESTARTSYS;
989 goto restart;
990 }
991 }
992
993 /* if the TTY_LDISC bit is set, then we are racing against another ldisc change */
994
995 if (!test_bit(TTY_LDISC, &tty->flags)) {
996 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
997 tty_ldisc_put(ldisc);
998 ld = tty_ldisc_ref_wait(tty);
999 tty_ldisc_deref(ld);
1000 goto restart;
1001 }
1002
1003 clear_bit(TTY_LDISC, &tty->flags);
1004 if (o_tty)
1005 clear_bit(TTY_LDISC, &o_tty->flags);
1006 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
1007
1008 /*
1009 * From this point on we know nobody has an ldisc
1010 * usage reference, nor can they obtain one until
1011 * we say so later on.
1012 */
1013
1014 work = cancel_delayed_work(&tty->buf.work);
1015 /*
1016 * Wait for ->hangup_work and ->buf.work handlers to terminate
1017 */
1018
1019 flush_scheduled_work();
1020 /* Shutdown the current discipline. */
1021 if (tty->ldisc.close)
1022 (tty->ldisc.close)(tty);
1023
1024 /* Now set up the new line discipline. */
1025 tty_ldisc_assign(tty, ld);
1026 tty_set_termios_ldisc(tty, ldisc);
1027 if (tty->ldisc.open)
1028 retval = (tty->ldisc.open)(tty);
1029 if (retval < 0) {
1030 tty_ldisc_put(ldisc);
1031 /* There is an outstanding reference here so this is safe */
1032 tty_ldisc_assign(tty, tty_ldisc_get(o_ldisc.num));
1033 tty_set_termios_ldisc(tty, tty->ldisc.num);
1034 if (tty->ldisc.open && (tty->ldisc.open(tty) < 0)) {
1035 tty_ldisc_put(o_ldisc.num);
1036 /* This driver is always present */
1037 tty_ldisc_assign(tty, tty_ldisc_get(N_TTY));
1038 tty_set_termios_ldisc(tty, N_TTY);
1039 if (tty->ldisc.open) {
1040 int r = tty->ldisc.open(tty);
1041
1042 if (r < 0)
1043 panic("Couldn't open N_TTY ldisc for "
1044 "%s --- error %d.",
1045 tty_name(tty, buf), r);
1046 }
1047 }
1048 }
1049 /* At this point we hold a reference to the new ldisc and a
1050 a reference to the old ldisc. If we ended up flipping back
1051 to the existing ldisc we have two references to it */
1052
1053 if (tty->ldisc.num != o_ldisc.num && tty->driver->set_ldisc)
1054 tty->driver->set_ldisc(tty);
1055
1056 tty_ldisc_put(o_ldisc.num);
1057
1058 /*
1059 * Allow ldisc referencing to occur as soon as the driver
1060 * ldisc callback completes.
1061 */
1062
1063 tty_ldisc_enable(tty);
1064 if (o_tty)
1065 tty_ldisc_enable(o_tty);
1066
1067 /* Restart it in case no characters kick it off. Safe if
1068 already running */
1069 if (work)
1070 schedule_delayed_work(&tty->buf.work, 1);
1071 return retval;
1072 }
1073
1074 /**
1075 * get_tty_driver - find device of a tty
1076 * @dev_t: device identifier
1077 * @index: returns the index of the tty
1078 *
1079 * This routine returns a tty driver structure, given a device number
1080 * and also passes back the index number.
1081 *
1082 * Locking: caller must hold tty_mutex
1083 */
1084
1085 static struct tty_driver *get_tty_driver(dev_t device, int *index)
1086 {
1087 struct tty_driver *p;
1088
1089 list_for_each_entry(p, &tty_drivers, tty_drivers) {
1090 dev_t base = MKDEV(p->major, p->minor_start);
1091 if (device < base || device >= base + p->num)
1092 continue;
1093 *index = device - base;
1094 return p;
1095 }
1096 return NULL;
1097 }
1098
1099 /**
1100 * tty_check_change - check for POSIX terminal changes
1101 * @tty: tty to check
1102 *
1103 * If we try to write to, or set the state of, a terminal and we're
1104 * not in the foreground, send a SIGTTOU. If the signal is blocked or
1105 * ignored, go ahead and perform the operation. (POSIX 7.2)
1106 *
1107 * Locking: none
1108 */
1109
1110 int tty_check_change(struct tty_struct * tty)
1111 {
1112 if (current->signal->tty != tty)
1113 return 0;
1114 if (!tty->pgrp) {
1115 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
1116 return 0;
1117 }
1118 if (task_pgrp(current) == tty->pgrp)
1119 return 0;
1120 if (is_ignored(SIGTTOU))
1121 return 0;
1122 if (is_current_pgrp_orphaned())
1123 return -EIO;
1124 (void) kill_pgrp(task_pgrp(current), SIGTTOU, 1);
1125 return -ERESTARTSYS;
1126 }
1127
1128 EXPORT_SYMBOL(tty_check_change);
1129
1130 static ssize_t hung_up_tty_read(struct file * file, char __user * buf,
1131 size_t count, loff_t *ppos)
1132 {
1133 return 0;
1134 }
1135
1136 static ssize_t hung_up_tty_write(struct file * file, const char __user * buf,
1137 size_t count, loff_t *ppos)
1138 {
1139 return -EIO;
1140 }
1141
1142 /* No kernel lock held - none needed ;) */
1143 static unsigned int hung_up_tty_poll(struct file * filp, poll_table * wait)
1144 {
1145 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
1146 }
1147
1148 static int hung_up_tty_ioctl(struct inode * inode, struct file * file,
1149 unsigned int cmd, unsigned long arg)
1150 {
1151 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
1152 }
1153
1154 static const struct file_operations tty_fops = {
1155 .llseek = no_llseek,
1156 .read = tty_read,
1157 .write = tty_write,
1158 .poll = tty_poll,
1159 .ioctl = tty_ioctl,
1160 .open = tty_open,
1161 .release = tty_release,
1162 .fasync = tty_fasync,
1163 };
1164
1165 #ifdef CONFIG_UNIX98_PTYS
1166 static const struct file_operations ptmx_fops = {
1167 .llseek = no_llseek,
1168 .read = tty_read,
1169 .write = tty_write,
1170 .poll = tty_poll,
1171 .ioctl = tty_ioctl,
1172 .open = ptmx_open,
1173 .release = tty_release,
1174 .fasync = tty_fasync,
1175 };
1176 #endif
1177
1178 static const struct file_operations console_fops = {
1179 .llseek = no_llseek,
1180 .read = tty_read,
1181 .write = redirected_tty_write,
1182 .poll = tty_poll,
1183 .ioctl = tty_ioctl,
1184 .open = tty_open,
1185 .release = tty_release,
1186 .fasync = tty_fasync,
1187 };
1188
1189 static const struct file_operations hung_up_tty_fops = {
1190 .llseek = no_llseek,
1191 .read = hung_up_tty_read,
1192 .write = hung_up_tty_write,
1193 .poll = hung_up_tty_poll,
1194 .ioctl = hung_up_tty_ioctl,
1195 .release = tty_release,
1196 };
1197
1198 static DEFINE_SPINLOCK(redirect_lock);
1199 static struct file *redirect;
1200
1201 /**
1202 * tty_wakeup - request more data
1203 * @tty: terminal
1204 *
1205 * Internal and external helper for wakeups of tty. This function
1206 * informs the line discipline if present that the driver is ready
1207 * to receive more output data.
1208 */
1209
1210 void tty_wakeup(struct tty_struct *tty)
1211 {
1212 struct tty_ldisc *ld;
1213
1214 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
1215 ld = tty_ldisc_ref(tty);
1216 if(ld) {
1217 if(ld->write_wakeup)
1218 ld->write_wakeup(tty);
1219 tty_ldisc_deref(ld);
1220 }
1221 }
1222 wake_up_interruptible(&tty->write_wait);
1223 }
1224
1225 EXPORT_SYMBOL_GPL(tty_wakeup);
1226
1227 /**
1228 * tty_ldisc_flush - flush line discipline queue
1229 * @tty: tty
1230 *
1231 * Flush the line discipline queue (if any) for this tty. If there
1232 * is no line discipline active this is a no-op.
1233 */
1234
1235 void tty_ldisc_flush(struct tty_struct *tty)
1236 {
1237 struct tty_ldisc *ld = tty_ldisc_ref(tty);
1238 if(ld) {
1239 if(ld->flush_buffer)
1240 ld->flush_buffer(tty);
1241 tty_ldisc_deref(ld);
1242 }
1243 }
1244
1245 EXPORT_SYMBOL_GPL(tty_ldisc_flush);
1246
1247 /**
1248 * tty_reset_termios - reset terminal state
1249 * @tty: tty to reset
1250 *
1251 * Restore a terminal to the driver default state
1252 */
1253
1254 static void tty_reset_termios(struct tty_struct *tty)
1255 {
1256 mutex_lock(&tty->termios_mutex);
1257 *tty->termios = tty->driver->init_termios;
1258 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
1259 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
1260 mutex_unlock(&tty->termios_mutex);
1261 }
1262
1263 /**
1264 * do_tty_hangup - actual handler for hangup events
1265 * @work: tty device
1266 *
1267 * This can be called by the "eventd" kernel thread. That is process
1268 * synchronous but doesn't hold any locks, so we need to make sure we
1269 * have the appropriate locks for what we're doing.
1270 *
1271 * The hangup event clears any pending redirections onto the hung up
1272 * device. It ensures future writes will error and it does the needed
1273 * line discipline hangup and signal delivery. The tty object itself
1274 * remains intact.
1275 *
1276 * Locking:
1277 * BKL
1278 * redirect lock for undoing redirection
1279 * file list lock for manipulating list of ttys
1280 * tty_ldisc_lock from called functions
1281 * termios_mutex resetting termios data
1282 * tasklist_lock to walk task list for hangup event
1283 * ->siglock to protect ->signal/->sighand
1284 */
1285 static void do_tty_hangup(struct work_struct *work)
1286 {
1287 struct tty_struct *tty =
1288 container_of(work, struct tty_struct, hangup_work);
1289 struct file * cons_filp = NULL;
1290 struct file *filp, *f = NULL;
1291 struct task_struct *p;
1292 struct tty_ldisc *ld;
1293 int closecount = 0, n;
1294
1295 if (!tty)
1296 return;
1297
1298 /* inuse_filps is protected by the single kernel lock */
1299 lock_kernel();
1300
1301 spin_lock(&redirect_lock);
1302 if (redirect && redirect->private_data == tty) {
1303 f = redirect;
1304 redirect = NULL;
1305 }
1306 spin_unlock(&redirect_lock);
1307
1308 check_tty_count(tty, "do_tty_hangup");
1309 file_list_lock();
1310 /* This breaks for file handles being sent over AF_UNIX sockets ? */
1311 list_for_each_entry(filp, &tty->tty_files, f_u.fu_list) {
1312 if (filp->f_op->write == redirected_tty_write)
1313 cons_filp = filp;
1314 if (filp->f_op->write != tty_write)
1315 continue;
1316 closecount++;
1317 tty_fasync(-1, filp, 0); /* can't block */
1318 filp->f_op = &hung_up_tty_fops;
1319 }
1320 file_list_unlock();
1321
1322 /* FIXME! What are the locking issues here? This may me overdoing things..
1323 * this question is especially important now that we've removed the irqlock. */
1324
1325 ld = tty_ldisc_ref(tty);
1326 if(ld != NULL) /* We may have no line discipline at this point */
1327 {
1328 if (ld->flush_buffer)
1329 ld->flush_buffer(tty);
1330 if (tty->driver->flush_buffer)
1331 tty->driver->flush_buffer(tty);
1332 if ((test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) &&
1333 ld->write_wakeup)
1334 ld->write_wakeup(tty);
1335 if (ld->hangup)
1336 ld->hangup(tty);
1337 }
1338
1339 /* FIXME: Once we trust the LDISC code better we can wait here for
1340 ldisc completion and fix the driver call race */
1341
1342 wake_up_interruptible(&tty->write_wait);
1343 wake_up_interruptible(&tty->read_wait);
1344
1345 /*
1346 * Shutdown the current line discipline, and reset it to
1347 * N_TTY.
1348 */
1349 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1350 tty_reset_termios(tty);
1351
1352 /* Defer ldisc switch */
1353 /* tty_deferred_ldisc_switch(N_TTY);
1354
1355 This should get done automatically when the port closes and
1356 tty_release is called */
1357
1358 read_lock(&tasklist_lock);
1359 if (tty->session) {
1360 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
1361 spin_lock_irq(&p->sighand->siglock);
1362 if (p->signal->tty == tty)
1363 p->signal->tty = NULL;
1364 if (!p->signal->leader) {
1365 spin_unlock_irq(&p->sighand->siglock);
1366 continue;
1367 }
1368 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
1369 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
1370 put_pid(p->signal->tty_old_pgrp); /* A noop */
1371 if (tty->pgrp)
1372 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
1373 spin_unlock_irq(&p->sighand->siglock);
1374 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
1375 }
1376 read_unlock(&tasklist_lock);
1377
1378 tty->flags = 0;
1379 tty->session = NULL;
1380 tty->pgrp = NULL;
1381 tty->ctrl_status = 0;
1382 /*
1383 * If one of the devices matches a console pointer, we
1384 * cannot just call hangup() because that will cause
1385 * tty->count and state->count to go out of sync.
1386 * So we just call close() the right number of times.
1387 */
1388 if (cons_filp) {
1389 if (tty->driver->close)
1390 for (n = 0; n < closecount; n++)
1391 tty->driver->close(tty, cons_filp);
1392 } else if (tty->driver->hangup)
1393 (tty->driver->hangup)(tty);
1394
1395 /* We don't want to have driver/ldisc interactions beyond
1396 the ones we did here. The driver layer expects no
1397 calls after ->hangup() from the ldisc side. However we
1398 can't yet guarantee all that */
1399
1400 set_bit(TTY_HUPPED, &tty->flags);
1401 if (ld) {
1402 tty_ldisc_enable(tty);
1403 tty_ldisc_deref(ld);
1404 }
1405 unlock_kernel();
1406 if (f)
1407 fput(f);
1408 }
1409
1410 /**
1411 * tty_hangup - trigger a hangup event
1412 * @tty: tty to hangup
1413 *
1414 * A carrier loss (virtual or otherwise) has occurred on this like
1415 * schedule a hangup sequence to run after this event.
1416 */
1417
1418 void tty_hangup(struct tty_struct * tty)
1419 {
1420 #ifdef TTY_DEBUG_HANGUP
1421 char buf[64];
1422
1423 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
1424 #endif
1425 schedule_work(&tty->hangup_work);
1426 }
1427
1428 EXPORT_SYMBOL(tty_hangup);
1429
1430 /**
1431 * tty_vhangup - process vhangup
1432 * @tty: tty to hangup
1433 *
1434 * The user has asked via system call for the terminal to be hung up.
1435 * We do this synchronously so that when the syscall returns the process
1436 * is complete. That guarantee is neccessary for security reasons.
1437 */
1438
1439 void tty_vhangup(struct tty_struct * tty)
1440 {
1441 #ifdef TTY_DEBUG_HANGUP
1442 char buf[64];
1443
1444 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
1445 #endif
1446 do_tty_hangup(&tty->hangup_work);
1447 }
1448 EXPORT_SYMBOL(tty_vhangup);
1449
1450 /**
1451 * tty_hung_up_p - was tty hung up
1452 * @filp: file pointer of tty
1453 *
1454 * Return true if the tty has been subject to a vhangup or a carrier
1455 * loss
1456 */
1457
1458 int tty_hung_up_p(struct file * filp)
1459 {
1460 return (filp->f_op == &hung_up_tty_fops);
1461 }
1462
1463 EXPORT_SYMBOL(tty_hung_up_p);
1464
1465 static void session_clear_tty(struct pid *session)
1466 {
1467 struct task_struct *p;
1468 do_each_pid_task(session, PIDTYPE_SID, p) {
1469 proc_clear_tty(p);
1470 } while_each_pid_task(session, PIDTYPE_SID, p);
1471 }
1472
1473 /**
1474 * disassociate_ctty - disconnect controlling tty
1475 * @on_exit: true if exiting so need to "hang up" the session
1476 *
1477 * This function is typically called only by the session leader, when
1478 * it wants to disassociate itself from its controlling tty.
1479 *
1480 * It performs the following functions:
1481 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
1482 * (2) Clears the tty from being controlling the session
1483 * (3) Clears the controlling tty for all processes in the
1484 * session group.
1485 *
1486 * The argument on_exit is set to 1 if called when a process is
1487 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
1488 *
1489 * Locking:
1490 * BKL is taken for hysterical raisins
1491 * tty_mutex is taken to protect tty
1492 * ->siglock is taken to protect ->signal/->sighand
1493 * tasklist_lock is taken to walk process list for sessions
1494 * ->siglock is taken to protect ->signal/->sighand
1495 */
1496
1497 void disassociate_ctty(int on_exit)
1498 {
1499 struct tty_struct *tty;
1500 struct pid *tty_pgrp = NULL;
1501
1502 lock_kernel();
1503
1504 mutex_lock(&tty_mutex);
1505 tty = get_current_tty();
1506 if (tty) {
1507 tty_pgrp = get_pid(tty->pgrp);
1508 mutex_unlock(&tty_mutex);
1509 /* XXX: here we race, there is nothing protecting tty */
1510 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY)
1511 tty_vhangup(tty);
1512 } else if (on_exit) {
1513 struct pid *old_pgrp;
1514 spin_lock_irq(&current->sighand->siglock);
1515 old_pgrp = current->signal->tty_old_pgrp;
1516 current->signal->tty_old_pgrp = NULL;
1517 spin_unlock_irq(&current->sighand->siglock);
1518 if (old_pgrp) {
1519 kill_pgrp(old_pgrp, SIGHUP, on_exit);
1520 kill_pgrp(old_pgrp, SIGCONT, on_exit);
1521 put_pid(old_pgrp);
1522 }
1523 mutex_unlock(&tty_mutex);
1524 unlock_kernel();
1525 return;
1526 }
1527 if (tty_pgrp) {
1528 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
1529 if (!on_exit)
1530 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
1531 put_pid(tty_pgrp);
1532 }
1533
1534 spin_lock_irq(&current->sighand->siglock);
1535 tty_pgrp = current->signal->tty_old_pgrp;
1536 current->signal->tty_old_pgrp = NULL;
1537 spin_unlock_irq(&current->sighand->siglock);
1538 put_pid(tty_pgrp);
1539
1540 mutex_lock(&tty_mutex);
1541 /* It is possible that do_tty_hangup has free'd this tty */
1542 tty = get_current_tty();
1543 if (tty) {
1544 put_pid(tty->session);
1545 put_pid(tty->pgrp);
1546 tty->session = NULL;
1547 tty->pgrp = NULL;
1548 } else {
1549 #ifdef TTY_DEBUG_HANGUP
1550 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
1551 " = NULL", tty);
1552 #endif
1553 }
1554 mutex_unlock(&tty_mutex);
1555
1556 /* Now clear signal->tty under the lock */
1557 read_lock(&tasklist_lock);
1558 session_clear_tty(task_session(current));
1559 read_unlock(&tasklist_lock);
1560 unlock_kernel();
1561 }
1562
1563
1564 /**
1565 * stop_tty - propogate flow control
1566 * @tty: tty to stop
1567 *
1568 * Perform flow control to the driver. For PTY/TTY pairs we
1569 * must also propogate the TIOCKPKT status. May be called
1570 * on an already stopped device and will not re-call the driver
1571 * method.
1572 *
1573 * This functionality is used by both the line disciplines for
1574 * halting incoming flow and by the driver. It may therefore be
1575 * called from any context, may be under the tty atomic_write_lock
1576 * but not always.
1577 *
1578 * Locking:
1579 * Broken. Relies on BKL which is unsafe here.
1580 */
1581
1582 void stop_tty(struct tty_struct *tty)
1583 {
1584 if (tty->stopped)
1585 return;
1586 tty->stopped = 1;
1587 if (tty->link && tty->link->packet) {
1588 tty->ctrl_status &= ~TIOCPKT_START;
1589 tty->ctrl_status |= TIOCPKT_STOP;
1590 wake_up_interruptible(&tty->link->read_wait);
1591 }
1592 if (tty->driver->stop)
1593 (tty->driver->stop)(tty);
1594 }
1595
1596 EXPORT_SYMBOL(stop_tty);
1597
1598 /**
1599 * start_tty - propogate flow control
1600 * @tty: tty to start
1601 *
1602 * Start a tty that has been stopped if at all possible. Perform
1603 * any neccessary wakeups and propogate the TIOCPKT status. If this
1604 * is the tty was previous stopped and is being started then the
1605 * driver start method is invoked and the line discipline woken.
1606 *
1607 * Locking:
1608 * Broken. Relies on BKL which is unsafe here.
1609 */
1610
1611 void start_tty(struct tty_struct *tty)
1612 {
1613 if (!tty->stopped || tty->flow_stopped)
1614 return;
1615 tty->stopped = 0;
1616 if (tty->link && tty->link->packet) {
1617 tty->ctrl_status &= ~TIOCPKT_STOP;
1618 tty->ctrl_status |= TIOCPKT_START;
1619 wake_up_interruptible(&tty->link->read_wait);
1620 }
1621 if (tty->driver->start)
1622 (tty->driver->start)(tty);
1623
1624 /* If we have a running line discipline it may need kicking */
1625 tty_wakeup(tty);
1626 }
1627
1628 EXPORT_SYMBOL(start_tty);
1629
1630 /**
1631 * tty_read - read method for tty device files
1632 * @file: pointer to tty file
1633 * @buf: user buffer
1634 * @count: size of user buffer
1635 * @ppos: unused
1636 *
1637 * Perform the read system call function on this terminal device. Checks
1638 * for hung up devices before calling the line discipline method.
1639 *
1640 * Locking:
1641 * Locks the line discipline internally while needed
1642 * For historical reasons the line discipline read method is
1643 * invoked under the BKL. This will go away in time so do not rely on it
1644 * in new code. Multiple read calls may be outstanding in parallel.
1645 */
1646
1647 static ssize_t tty_read(struct file * file, char __user * buf, size_t count,
1648 loff_t *ppos)
1649 {
1650 int i;
1651 struct tty_struct * tty;
1652 struct inode *inode;
1653 struct tty_ldisc *ld;
1654
1655 tty = (struct tty_struct *)file->private_data;
1656 inode = file->f_path.dentry->d_inode;
1657 if (tty_paranoia_check(tty, inode, "tty_read"))
1658 return -EIO;
1659 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
1660 return -EIO;
1661
1662 /* We want to wait for the line discipline to sort out in this
1663 situation */
1664 ld = tty_ldisc_ref_wait(tty);
1665 lock_kernel();
1666 if (ld->read)
1667 i = (ld->read)(tty,file,buf,count);
1668 else
1669 i = -EIO;
1670 tty_ldisc_deref(ld);
1671 unlock_kernel();
1672 if (i > 0)
1673 inode->i_atime = current_fs_time(inode->i_sb);
1674 return i;
1675 }
1676
1677 /*
1678 * Split writes up in sane blocksizes to avoid
1679 * denial-of-service type attacks
1680 */
1681 static inline ssize_t do_tty_write(
1682 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1683 struct tty_struct *tty,
1684 struct file *file,
1685 const char __user *buf,
1686 size_t count)
1687 {
1688 ssize_t ret = 0, written = 0;
1689 unsigned int chunk;
1690
1691 /* FIXME: O_NDELAY ... */
1692 if (mutex_lock_interruptible(&tty->atomic_write_lock)) {
1693 return -ERESTARTSYS;
1694 }
1695
1696 /*
1697 * We chunk up writes into a temporary buffer. This
1698 * simplifies low-level drivers immensely, since they
1699 * don't have locking issues and user mode accesses.
1700 *
1701 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1702 * big chunk-size..
1703 *
1704 * The default chunk-size is 2kB, because the NTTY
1705 * layer has problems with bigger chunks. It will
1706 * claim to be able to handle more characters than
1707 * it actually does.
1708 *
1709 * FIXME: This can probably go away now except that 64K chunks
1710 * are too likely to fail unless switched to vmalloc...
1711 */
1712 chunk = 2048;
1713 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1714 chunk = 65536;
1715 if (count < chunk)
1716 chunk = count;
1717
1718 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1719 if (tty->write_cnt < chunk) {
1720 unsigned char *buf;
1721
1722 if (chunk < 1024)
1723 chunk = 1024;
1724
1725 buf = kmalloc(chunk, GFP_KERNEL);
1726 if (!buf) {
1727 mutex_unlock(&tty->atomic_write_lock);
1728 return -ENOMEM;
1729 }
1730 kfree(tty->write_buf);
1731 tty->write_cnt = chunk;
1732 tty->write_buf = buf;
1733 }
1734
1735 /* Do the write .. */
1736 for (;;) {
1737 size_t size = count;
1738 if (size > chunk)
1739 size = chunk;
1740 ret = -EFAULT;
1741 if (copy_from_user(tty->write_buf, buf, size))
1742 break;
1743 lock_kernel();
1744 ret = write(tty, file, tty->write_buf, size);
1745 unlock_kernel();
1746 if (ret <= 0)
1747 break;
1748 written += ret;
1749 buf += ret;
1750 count -= ret;
1751 if (!count)
1752 break;
1753 ret = -ERESTARTSYS;
1754 if (signal_pending(current))
1755 break;
1756 cond_resched();
1757 }
1758 if (written) {
1759 struct inode *inode = file->f_path.dentry->d_inode;
1760 inode->i_mtime = current_fs_time(inode->i_sb);
1761 ret = written;
1762 }
1763 mutex_unlock(&tty->atomic_write_lock);
1764 return ret;
1765 }
1766
1767
1768 /**
1769 * tty_write - write method for tty device file
1770 * @file: tty file pointer
1771 * @buf: user data to write
1772 * @count: bytes to write
1773 * @ppos: unused
1774 *
1775 * Write data to a tty device via the line discipline.
1776 *
1777 * Locking:
1778 * Locks the line discipline as required
1779 * Writes to the tty driver are serialized by the atomic_write_lock
1780 * and are then processed in chunks to the device. The line discipline
1781 * write method will not be involked in parallel for each device
1782 * The line discipline write method is called under the big
1783 * kernel lock for historical reasons. New code should not rely on this.
1784 */
1785
1786 static ssize_t tty_write(struct file * file, const char __user * buf, size_t count,
1787 loff_t *ppos)
1788 {
1789 struct tty_struct * tty;
1790 struct inode *inode = file->f_path.dentry->d_inode;
1791 ssize_t ret;
1792 struct tty_ldisc *ld;
1793
1794 tty = (struct tty_struct *)file->private_data;
1795 if (tty_paranoia_check(tty, inode, "tty_write"))
1796 return -EIO;
1797 if (!tty || !tty->driver->write || (test_bit(TTY_IO_ERROR, &tty->flags)))
1798 return -EIO;
1799
1800 ld = tty_ldisc_ref_wait(tty);
1801 if (!ld->write)
1802 ret = -EIO;
1803 else
1804 ret = do_tty_write(ld->write, tty, file, buf, count);
1805 tty_ldisc_deref(ld);
1806 return ret;
1807 }
1808
1809 ssize_t redirected_tty_write(struct file * file, const char __user * buf, size_t count,
1810 loff_t *ppos)
1811 {
1812 struct file *p = NULL;
1813
1814 spin_lock(&redirect_lock);
1815 if (redirect) {
1816 get_file(redirect);
1817 p = redirect;
1818 }
1819 spin_unlock(&redirect_lock);
1820
1821 if (p) {
1822 ssize_t res;
1823 res = vfs_write(p, buf, count, &p->f_pos);
1824 fput(p);
1825 return res;
1826 }
1827
1828 return tty_write(file, buf, count, ppos);
1829 }
1830
1831 static char ptychar[] = "pqrstuvwxyzabcde";
1832
1833 /**
1834 * pty_line_name - generate name for a pty
1835 * @driver: the tty driver in use
1836 * @index: the minor number
1837 * @p: output buffer of at least 6 bytes
1838 *
1839 * Generate a name from a driver reference and write it to the output
1840 * buffer.
1841 *
1842 * Locking: None
1843 */
1844 static void pty_line_name(struct tty_driver *driver, int index, char *p)
1845 {
1846 int i = index + driver->name_base;
1847 /* ->name is initialized to "ttyp", but "tty" is expected */
1848 sprintf(p, "%s%c%x",
1849 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1850 ptychar[i >> 4 & 0xf], i & 0xf);
1851 }
1852
1853 /**
1854 * pty_line_name - generate name for a tty
1855 * @driver: the tty driver in use
1856 * @index: the minor number
1857 * @p: output buffer of at least 7 bytes
1858 *
1859 * Generate a name from a driver reference and write it to the output
1860 * buffer.
1861 *
1862 * Locking: None
1863 */
1864 static void tty_line_name(struct tty_driver *driver, int index, char *p)
1865 {
1866 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1867 }
1868
1869 /**
1870 * init_dev - initialise a tty device
1871 * @driver: tty driver we are opening a device on
1872 * @idx: device index
1873 * @tty: returned tty structure
1874 *
1875 * Prepare a tty device. This may not be a "new" clean device but
1876 * could also be an active device. The pty drivers require special
1877 * handling because of this.
1878 *
1879 * Locking:
1880 * The function is called under the tty_mutex, which
1881 * protects us from the tty struct or driver itself going away.
1882 *
1883 * On exit the tty device has the line discipline attached and
1884 * a reference count of 1. If a pair was created for pty/tty use
1885 * and the other was a pty master then it too has a reference count of 1.
1886 *
1887 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1888 * failed open. The new code protects the open with a mutex, so it's
1889 * really quite straightforward. The mutex locking can probably be
1890 * relaxed for the (most common) case of reopening a tty.
1891 */
1892
1893 static int init_dev(struct tty_driver *driver, int idx,
1894 struct tty_struct **ret_tty)
1895 {
1896 struct tty_struct *tty, *o_tty;
1897 struct ktermios *tp, **tp_loc, *o_tp, **o_tp_loc;
1898 struct ktermios *ltp, **ltp_loc, *o_ltp, **o_ltp_loc;
1899 int retval = 0;
1900
1901 /* check whether we're reopening an existing tty */
1902 if (driver->flags & TTY_DRIVER_DEVPTS_MEM) {
1903 tty = devpts_get_tty(idx);
1904 /*
1905 * If we don't have a tty here on a slave open, it's because
1906 * the master already started the close process and there's
1907 * no relation between devpts file and tty anymore.
1908 */
1909 if (!tty && driver->subtype == PTY_TYPE_SLAVE) {
1910 retval = -EIO;
1911 goto end_init;
1912 }
1913 /*
1914 * It's safe from now on because init_dev() is called with
1915 * tty_mutex held and release_dev() won't change tty->count
1916 * or tty->flags without having to grab tty_mutex
1917 */
1918 if (tty && driver->subtype == PTY_TYPE_MASTER)
1919 tty = tty->link;
1920 } else {
1921 tty = driver->ttys[idx];
1922 }
1923 if (tty) goto fast_track;
1924
1925 /*
1926 * First time open is complex, especially for PTY devices.
1927 * This code guarantees that either everything succeeds and the
1928 * TTY is ready for operation, or else the table slots are vacated
1929 * and the allocated memory released. (Except that the termios
1930 * and locked termios may be retained.)
1931 */
1932
1933 if (!try_module_get(driver->owner)) {
1934 retval = -ENODEV;
1935 goto end_init;
1936 }
1937
1938 o_tty = NULL;
1939 tp = o_tp = NULL;
1940 ltp = o_ltp = NULL;
1941
1942 tty = alloc_tty_struct();
1943 if(!tty)
1944 goto fail_no_mem;
1945 initialize_tty_struct(tty);
1946 tty->driver = driver;
1947 tty->index = idx;
1948 tty_line_name(driver, idx, tty->name);
1949
1950 if (driver->flags & TTY_DRIVER_DEVPTS_MEM) {
1951 tp_loc = &tty->termios;
1952 ltp_loc = &tty->termios_locked;
1953 } else {
1954 tp_loc = &driver->termios[idx];
1955 ltp_loc = &driver->termios_locked[idx];
1956 }
1957
1958 if (!*tp_loc) {
1959 tp = (struct ktermios *) kmalloc(sizeof(struct ktermios),
1960 GFP_KERNEL);
1961 if (!tp)
1962 goto free_mem_out;
1963 *tp = driver->init_termios;
1964 }
1965
1966 if (!*ltp_loc) {
1967 ltp = (struct ktermios *) kmalloc(sizeof(struct ktermios),
1968 GFP_KERNEL);
1969 if (!ltp)
1970 goto free_mem_out;
1971 memset(ltp, 0, sizeof(struct ktermios));
1972 }
1973
1974 if (driver->type == TTY_DRIVER_TYPE_PTY) {
1975 o_tty = alloc_tty_struct();
1976 if (!o_tty)
1977 goto free_mem_out;
1978 initialize_tty_struct(o_tty);
1979 o_tty->driver = driver->other;
1980 o_tty->index = idx;
1981 tty_line_name(driver->other, idx, o_tty->name);
1982
1983 if (driver->flags & TTY_DRIVER_DEVPTS_MEM) {
1984 o_tp_loc = &o_tty->termios;
1985 o_ltp_loc = &o_tty->termios_locked;
1986 } else {
1987 o_tp_loc = &driver->other->termios[idx];
1988 o_ltp_loc = &driver->other->termios_locked[idx];
1989 }
1990
1991 if (!*o_tp_loc) {
1992 o_tp = (struct ktermios *)
1993 kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1994 if (!o_tp)
1995 goto free_mem_out;
1996 *o_tp = driver->other->init_termios;
1997 }
1998
1999 if (!*o_ltp_loc) {
2000 o_ltp = (struct ktermios *)
2001 kmalloc(sizeof(struct ktermios), GFP_KERNEL);
2002 if (!o_ltp)
2003 goto free_mem_out;
2004 memset(o_ltp, 0, sizeof(struct ktermios));
2005 }
2006
2007 /*
2008 * Everything allocated ... set up the o_tty structure.
2009 */
2010 if (!(driver->other->flags & TTY_DRIVER_DEVPTS_MEM)) {
2011 driver->other->ttys[idx] = o_tty;
2012 }
2013 if (!*o_tp_loc)
2014 *o_tp_loc = o_tp;
2015 if (!*o_ltp_loc)
2016 *o_ltp_loc = o_ltp;
2017 o_tty->termios = *o_tp_loc;
2018 o_tty->termios_locked = *o_ltp_loc;
2019 driver->other->refcount++;
2020 if (driver->subtype == PTY_TYPE_MASTER)
2021 o_tty->count++;
2022
2023 /* Establish the links in both directions */
2024 tty->link = o_tty;
2025 o_tty->link = tty;
2026 }
2027
2028 /*
2029 * All structures have been allocated, so now we install them.
2030 * Failures after this point use release_tty to clean up, so
2031 * there's no need to null out the local pointers.
2032 */
2033 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
2034 driver->ttys[idx] = tty;
2035 }
2036
2037 if (!*tp_loc)
2038 *tp_loc = tp;
2039 if (!*ltp_loc)
2040 *ltp_loc = ltp;
2041 tty->termios = *tp_loc;
2042 tty->termios_locked = *ltp_loc;
2043 /* Compatibility until drivers always set this */
2044 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
2045 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
2046 driver->refcount++;
2047 tty->count++;
2048
2049 /*
2050 * Structures all installed ... call the ldisc open routines.
2051 * If we fail here just call release_tty to clean up. No need
2052 * to decrement the use counts, as release_tty doesn't care.
2053 */
2054
2055 if (tty->ldisc.open) {
2056 retval = (tty->ldisc.open)(tty);
2057 if (retval)
2058 goto release_mem_out;
2059 }
2060 if (o_tty && o_tty->ldisc.open) {
2061 retval = (o_tty->ldisc.open)(o_tty);
2062 if (retval) {
2063 if (tty->ldisc.close)
2064 (tty->ldisc.close)(tty);
2065 goto release_mem_out;
2066 }
2067 tty_ldisc_enable(o_tty);
2068 }
2069 tty_ldisc_enable(tty);
2070 goto success;
2071
2072 /*
2073 * This fast open can be used if the tty is already open.
2074 * No memory is allocated, and the only failures are from
2075 * attempting to open a closing tty or attempting multiple
2076 * opens on a pty master.
2077 */
2078 fast_track:
2079 if (test_bit(TTY_CLOSING, &tty->flags)) {
2080 retval = -EIO;
2081 goto end_init;
2082 }
2083 if (driver->type == TTY_DRIVER_TYPE_PTY &&
2084 driver->subtype == PTY_TYPE_MASTER) {
2085 /*
2086 * special case for PTY masters: only one open permitted,
2087 * and the slave side open count is incremented as well.
2088 */
2089 if (tty->count) {
2090 retval = -EIO;
2091 goto end_init;
2092 }
2093 tty->link->count++;
2094 }
2095 tty->count++;
2096 tty->driver = driver; /* N.B. why do this every time?? */
2097
2098 /* FIXME */
2099 if(!test_bit(TTY_LDISC, &tty->flags))
2100 printk(KERN_ERR "init_dev but no ldisc\n");
2101 success:
2102 *ret_tty = tty;
2103
2104 /* All paths come through here to release the mutex */
2105 end_init:
2106 return retval;
2107
2108 /* Release locally allocated memory ... nothing placed in slots */
2109 free_mem_out:
2110 kfree(o_tp);
2111 if (o_tty)
2112 free_tty_struct(o_tty);
2113 kfree(ltp);
2114 kfree(tp);
2115 free_tty_struct(tty);
2116
2117 fail_no_mem:
2118 module_put(driver->owner);
2119 retval = -ENOMEM;
2120 goto end_init;
2121
2122 /* call the tty release_tty routine to clean out this slot */
2123 release_mem_out:
2124 if (printk_ratelimit())
2125 printk(KERN_INFO "init_dev: ldisc open failed, "
2126 "clearing slot %d\n", idx);
2127 release_tty(tty, idx);
2128 goto end_init;
2129 }
2130
2131 /**
2132 * release_one_tty - release tty structure memory
2133 *
2134 * Releases memory associated with a tty structure, and clears out the
2135 * driver table slots. This function is called when a device is no longer
2136 * in use. It also gets called when setup of a device fails.
2137 *
2138 * Locking:
2139 * tty_mutex - sometimes only
2140 * takes the file list lock internally when working on the list
2141 * of ttys that the driver keeps.
2142 * FIXME: should we require tty_mutex is held here ??
2143 */
2144 static void release_one_tty(struct tty_struct *tty, int idx)
2145 {
2146 int devpts = tty->driver->flags & TTY_DRIVER_DEVPTS_MEM;
2147 struct ktermios *tp;
2148
2149 if (!devpts)
2150 tty->driver->ttys[idx] = NULL;
2151
2152 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) {
2153 tp = tty->termios;
2154 if (!devpts)
2155 tty->driver->termios[idx] = NULL;
2156 kfree(tp);
2157
2158 tp = tty->termios_locked;
2159 if (!devpts)
2160 tty->driver->termios_locked[idx] = NULL;
2161 kfree(tp);
2162 }
2163
2164
2165 tty->magic = 0;
2166 tty->driver->refcount--;
2167
2168 file_list_lock();
2169 list_del_init(&tty->tty_files);
2170 file_list_unlock();
2171
2172 free_tty_struct(tty);
2173 }
2174
2175 /**
2176 * release_tty - release tty structure memory
2177 *
2178 * Release both @tty and a possible linked partner (think pty pair),
2179 * and decrement the refcount of the backing module.
2180 *
2181 * Locking:
2182 * tty_mutex - sometimes only
2183 * takes the file list lock internally when working on the list
2184 * of ttys that the driver keeps.
2185 * FIXME: should we require tty_mutex is held here ??
2186 */
2187 static void release_tty(struct tty_struct *tty, int idx)
2188 {
2189 struct tty_driver *driver = tty->driver;
2190
2191 if (tty->link)
2192 release_one_tty(tty->link, idx);
2193 release_one_tty(tty, idx);
2194 module_put(driver->owner);
2195 }
2196
2197 /*
2198 * Even releasing the tty structures is a tricky business.. We have
2199 * to be very careful that the structures are all released at the
2200 * same time, as interrupts might otherwise get the wrong pointers.
2201 *
2202 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
2203 * lead to double frees or releasing memory still in use.
2204 */
2205 static void release_dev(struct file * filp)
2206 {
2207 struct tty_struct *tty, *o_tty;
2208 int pty_master, tty_closing, o_tty_closing, do_sleep;
2209 int devpts;
2210 int idx;
2211 char buf[64];
2212 unsigned long flags;
2213
2214 tty = (struct tty_struct *)filp->private_data;
2215 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "release_dev"))
2216 return;
2217
2218 check_tty_count(tty, "release_dev");
2219
2220 tty_fasync(-1, filp, 0);
2221
2222 idx = tty->index;
2223 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2224 tty->driver->subtype == PTY_TYPE_MASTER);
2225 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
2226 o_tty = tty->link;
2227
2228 #ifdef TTY_PARANOIA_CHECK
2229 if (idx < 0 || idx >= tty->driver->num) {
2230 printk(KERN_DEBUG "release_dev: bad idx when trying to "
2231 "free (%s)\n", tty->name);
2232 return;
2233 }
2234 if (!(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
2235 if (tty != tty->driver->ttys[idx]) {
2236 printk(KERN_DEBUG "release_dev: driver.table[%d] not tty "
2237 "for (%s)\n", idx, tty->name);
2238 return;
2239 }
2240 if (tty->termios != tty->driver->termios[idx]) {
2241 printk(KERN_DEBUG "release_dev: driver.termios[%d] not termios "
2242 "for (%s)\n",
2243 idx, tty->name);
2244 return;
2245 }
2246 if (tty->termios_locked != tty->driver->termios_locked[idx]) {
2247 printk(KERN_DEBUG "release_dev: driver.termios_locked[%d] not "
2248 "termios_locked for (%s)\n",
2249 idx, tty->name);
2250 return;
2251 }
2252 }
2253 #endif
2254
2255 #ifdef TTY_DEBUG_HANGUP
2256 printk(KERN_DEBUG "release_dev of %s (tty count=%d)...",
2257 tty_name(tty, buf), tty->count);
2258 #endif
2259
2260 #ifdef TTY_PARANOIA_CHECK
2261 if (tty->driver->other &&
2262 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
2263 if (o_tty != tty->driver->other->ttys[idx]) {
2264 printk(KERN_DEBUG "release_dev: other->table[%d] "
2265 "not o_tty for (%s)\n",
2266 idx, tty->name);
2267 return;
2268 }
2269 if (o_tty->termios != tty->driver->other->termios[idx]) {
2270 printk(KERN_DEBUG "release_dev: other->termios[%d] "
2271 "not o_termios for (%s)\n",
2272 idx, tty->name);
2273 return;
2274 }
2275 if (o_tty->termios_locked !=
2276 tty->driver->other->termios_locked[idx]) {
2277 printk(KERN_DEBUG "release_dev: other->termios_locked["
2278 "%d] not o_termios_locked for (%s)\n",
2279 idx, tty->name);
2280 return;
2281 }
2282 if (o_tty->link != tty) {
2283 printk(KERN_DEBUG "release_dev: bad pty pointers\n");
2284 return;
2285 }
2286 }
2287 #endif
2288 if (tty->driver->close)
2289 tty->driver->close(tty, filp);
2290
2291 /*
2292 * Sanity check: if tty->count is going to zero, there shouldn't be
2293 * any waiters on tty->read_wait or tty->write_wait. We test the
2294 * wait queues and kick everyone out _before_ actually starting to
2295 * close. This ensures that we won't block while releasing the tty
2296 * structure.
2297 *
2298 * The test for the o_tty closing is necessary, since the master and
2299 * slave sides may close in any order. If the slave side closes out
2300 * first, its count will be one, since the master side holds an open.
2301 * Thus this test wouldn't be triggered at the time the slave closes,
2302 * so we do it now.
2303 *
2304 * Note that it's possible for the tty to be opened again while we're
2305 * flushing out waiters. By recalculating the closing flags before
2306 * each iteration we avoid any problems.
2307 */
2308 while (1) {
2309 /* Guard against races with tty->count changes elsewhere and
2310 opens on /dev/tty */
2311
2312 mutex_lock(&tty_mutex);
2313 tty_closing = tty->count <= 1;
2314 o_tty_closing = o_tty &&
2315 (o_tty->count <= (pty_master ? 1 : 0));
2316 do_sleep = 0;
2317
2318 if (tty_closing) {
2319 if (waitqueue_active(&tty->read_wait)) {
2320 wake_up(&tty->read_wait);
2321 do_sleep++;
2322 }
2323 if (waitqueue_active(&tty->write_wait)) {
2324 wake_up(&tty->write_wait);
2325 do_sleep++;
2326 }
2327 }
2328 if (o_tty_closing) {
2329 if (waitqueue_active(&o_tty->read_wait)) {
2330 wake_up(&o_tty->read_wait);
2331 do_sleep++;
2332 }
2333 if (waitqueue_active(&o_tty->write_wait)) {
2334 wake_up(&o_tty->write_wait);
2335 do_sleep++;
2336 }
2337 }
2338 if (!do_sleep)
2339 break;
2340
2341 printk(KERN_WARNING "release_dev: %s: read/write wait queue "
2342 "active!\n", tty_name(tty, buf));
2343 mutex_unlock(&tty_mutex);
2344 schedule();
2345 }
2346
2347 /*
2348 * The closing flags are now consistent with the open counts on
2349 * both sides, and we've completed the last operation that could
2350 * block, so it's safe to proceed with closing.
2351 */
2352 if (pty_master) {
2353 if (--o_tty->count < 0) {
2354 printk(KERN_WARNING "release_dev: bad pty slave count "
2355 "(%d) for %s\n",
2356 o_tty->count, tty_name(o_tty, buf));
2357 o_tty->count = 0;
2358 }
2359 }
2360 if (--tty->count < 0) {
2361 printk(KERN_WARNING "release_dev: bad tty->count (%d) for %s\n",
2362 tty->count, tty_name(tty, buf));
2363 tty->count = 0;
2364 }
2365
2366 /*
2367 * We've decremented tty->count, so we need to remove this file
2368 * descriptor off the tty->tty_files list; this serves two
2369 * purposes:
2370 * - check_tty_count sees the correct number of file descriptors
2371 * associated with this tty.
2372 * - do_tty_hangup no longer sees this file descriptor as
2373 * something that needs to be handled for hangups.
2374 */
2375 file_kill(filp);
2376 filp->private_data = NULL;
2377
2378 /*
2379 * Perform some housekeeping before deciding whether to return.
2380 *
2381 * Set the TTY_CLOSING flag if this was the last open. In the
2382 * case of a pty we may have to wait around for the other side
2383 * to close, and TTY_CLOSING makes sure we can't be reopened.
2384 */
2385 if(tty_closing)
2386 set_bit(TTY_CLOSING, &tty->flags);
2387 if(o_tty_closing)
2388 set_bit(TTY_CLOSING, &o_tty->flags);
2389
2390 /*
2391 * If _either_ side is closing, make sure there aren't any
2392 * processes that still think tty or o_tty is their controlling
2393 * tty.
2394 */
2395 if (tty_closing || o_tty_closing) {
2396 read_lock(&tasklist_lock);
2397 session_clear_tty(tty->session);
2398 if (o_tty)
2399 session_clear_tty(o_tty->session);
2400 read_unlock(&tasklist_lock);
2401 }
2402
2403 mutex_unlock(&tty_mutex);
2404
2405 /* check whether both sides are closing ... */
2406 if (!tty_closing || (o_tty && !o_tty_closing))
2407 return;
2408
2409 #ifdef TTY_DEBUG_HANGUP
2410 printk(KERN_DEBUG "freeing tty structure...");
2411 #endif
2412 /*
2413 * Prevent flush_to_ldisc() from rescheduling the work for later. Then
2414 * kill any delayed work. As this is the final close it does not
2415 * race with the set_ldisc code path.
2416 */
2417 clear_bit(TTY_LDISC, &tty->flags);
2418 cancel_delayed_work(&tty->buf.work);
2419
2420 /*
2421 * Wait for ->hangup_work and ->buf.work handlers to terminate
2422 */
2423
2424 flush_scheduled_work();
2425
2426 /*
2427 * Wait for any short term users (we know they are just driver
2428 * side waiters as the file is closing so user count on the file
2429 * side is zero.
2430 */
2431 spin_lock_irqsave(&tty_ldisc_lock, flags);
2432 while(tty->ldisc.refcount)
2433 {
2434 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
2435 wait_event(tty_ldisc_wait, tty->ldisc.refcount == 0);
2436 spin_lock_irqsave(&tty_ldisc_lock, flags);
2437 }
2438 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
2439 /*
2440 * Shutdown the current line discipline, and reset it to N_TTY.
2441 * N.B. why reset ldisc when we're releasing the memory??
2442 *
2443 * FIXME: this MUST get fixed for the new reflocking
2444 */
2445 if (tty->ldisc.close)
2446 (tty->ldisc.close)(tty);
2447 tty_ldisc_put(tty->ldisc.num);
2448
2449 /*
2450 * Switch the line discipline back
2451 */
2452 tty_ldisc_assign(tty, tty_ldisc_get(N_TTY));
2453 tty_set_termios_ldisc(tty,N_TTY);
2454 if (o_tty) {
2455 /* FIXME: could o_tty be in setldisc here ? */
2456 clear_bit(TTY_LDISC, &o_tty->flags);
2457 if (o_tty->ldisc.close)
2458 (o_tty->ldisc.close)(o_tty);
2459 tty_ldisc_put(o_tty->ldisc.num);
2460 tty_ldisc_assign(o_tty, tty_ldisc_get(N_TTY));
2461 tty_set_termios_ldisc(o_tty,N_TTY);
2462 }
2463 /*
2464 * The release_tty function takes care of the details of clearing
2465 * the slots and preserving the termios structure.
2466 */
2467 release_tty(tty, idx);
2468
2469 #ifdef CONFIG_UNIX98_PTYS
2470 /* Make this pty number available for reallocation */
2471 if (devpts) {
2472 down(&allocated_ptys_lock);
2473 idr_remove(&allocated_ptys, idx);
2474 up(&allocated_ptys_lock);
2475 }
2476 #endif
2477
2478 }
2479
2480 /**
2481 * tty_open - open a tty device
2482 * @inode: inode of device file
2483 * @filp: file pointer to tty
2484 *
2485 * tty_open and tty_release keep up the tty count that contains the
2486 * number of opens done on a tty. We cannot use the inode-count, as
2487 * different inodes might point to the same tty.
2488 *
2489 * Open-counting is needed for pty masters, as well as for keeping
2490 * track of serial lines: DTR is dropped when the last close happens.
2491 * (This is not done solely through tty->count, now. - Ted 1/27/92)
2492 *
2493 * The termios state of a pty is reset on first open so that
2494 * settings don't persist across reuse.
2495 *
2496 * Locking: tty_mutex protects tty, get_tty_driver and init_dev work.
2497 * tty->count should protect the rest.
2498 * ->siglock protects ->signal/->sighand
2499 */
2500
2501 static int tty_open(struct inode * inode, struct file * filp)
2502 {
2503 struct tty_struct *tty;
2504 int noctty, retval;
2505 struct tty_driver *driver;
2506 int index;
2507 dev_t device = inode->i_rdev;
2508 unsigned short saved_flags = filp->f_flags;
2509 struct pid *old_pgrp;
2510
2511 nonseekable_open(inode, filp);
2512
2513 retry_open:
2514 noctty = filp->f_flags & O_NOCTTY;
2515 index = -1;
2516 retval = 0;
2517
2518 mutex_lock(&tty_mutex);
2519
2520 if (device == MKDEV(TTYAUX_MAJOR,0)) {
2521 tty = get_current_tty();
2522 if (!tty) {
2523 mutex_unlock(&tty_mutex);
2524 return -ENXIO;
2525 }
2526 driver = tty->driver;
2527 index = tty->index;
2528 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
2529 /* noctty = 1; */
2530 goto got_driver;
2531 }
2532 #ifdef CONFIG_VT
2533 if (device == MKDEV(TTY_MAJOR,0)) {
2534 extern struct tty_driver *console_driver;
2535 driver = console_driver;
2536 index = fg_console;
2537 noctty = 1;
2538 goto got_driver;
2539 }
2540 #endif
2541 if (device == MKDEV(TTYAUX_MAJOR,1)) {
2542 driver = console_device(&index);
2543 if (driver) {
2544 /* Don't let /dev/console block */
2545 filp->f_flags |= O_NONBLOCK;
2546 noctty = 1;
2547 goto got_driver;
2548 }
2549 mutex_unlock(&tty_mutex);
2550 return -ENODEV;
2551 }
2552
2553 driver = get_tty_driver(device, &index);
2554 if (!driver) {
2555 mutex_unlock(&tty_mutex);
2556 return -ENODEV;
2557 }
2558 got_driver:
2559 retval = init_dev(driver, index, &tty);
2560 mutex_unlock(&tty_mutex);
2561 if (retval)
2562 return retval;
2563
2564 filp->private_data = tty;
2565 file_move(filp, &tty->tty_files);
2566 check_tty_count(tty, "tty_open");
2567 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2568 tty->driver->subtype == PTY_TYPE_MASTER)
2569 noctty = 1;
2570 #ifdef TTY_DEBUG_HANGUP
2571 printk(KERN_DEBUG "opening %s...", tty->name);
2572 #endif
2573 if (!retval) {
2574 if (tty->driver->open)
2575 retval = tty->driver->open(tty, filp);
2576 else
2577 retval = -ENODEV;
2578 }
2579 filp->f_flags = saved_flags;
2580
2581 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN))
2582 retval = -EBUSY;
2583
2584 if (retval) {
2585 #ifdef TTY_DEBUG_HANGUP
2586 printk(KERN_DEBUG "error %d in opening %s...", retval,
2587 tty->name);
2588 #endif
2589 release_dev(filp);
2590 if (retval != -ERESTARTSYS)
2591 return retval;
2592 if (signal_pending(current))
2593 return retval;
2594 schedule();
2595 /*
2596 * Need to reset f_op in case a hangup happened.
2597 */
2598 if (filp->f_op == &hung_up_tty_fops)
2599 filp->f_op = &tty_fops;
2600 goto retry_open;
2601 }
2602
2603 old_pgrp = NULL;
2604 mutex_lock(&tty_mutex);
2605 spin_lock_irq(&current->sighand->siglock);
2606 if (!noctty &&
2607 current->signal->leader &&
2608 !current->signal->tty &&
2609 tty->session == NULL)
2610 old_pgrp = __proc_set_tty(current, tty);
2611 spin_unlock_irq(&current->sighand->siglock);
2612 mutex_unlock(&tty_mutex);
2613 put_pid(old_pgrp);
2614 return 0;
2615 }
2616
2617 #ifdef CONFIG_UNIX98_PTYS
2618 /**
2619 * ptmx_open - open a unix 98 pty master
2620 * @inode: inode of device file
2621 * @filp: file pointer to tty
2622 *
2623 * Allocate a unix98 pty master device from the ptmx driver.
2624 *
2625 * Locking: tty_mutex protects theinit_dev work. tty->count should
2626 protect the rest.
2627 * allocated_ptys_lock handles the list of free pty numbers
2628 */
2629
2630 static int ptmx_open(struct inode * inode, struct file * filp)
2631 {
2632 struct tty_struct *tty;
2633 int retval;
2634 int index;
2635 int idr_ret;
2636
2637 nonseekable_open(inode, filp);
2638
2639 /* find a device that is not in use. */
2640 down(&allocated_ptys_lock);
2641 if (!idr_pre_get(&allocated_ptys, GFP_KERNEL)) {
2642 up(&allocated_ptys_lock);
2643 return -ENOMEM;
2644 }
2645 idr_ret = idr_get_new(&allocated_ptys, NULL, &index);
2646 if (idr_ret < 0) {
2647 up(&allocated_ptys_lock);
2648 if (idr_ret == -EAGAIN)
2649 return -ENOMEM;
2650 return -EIO;
2651 }
2652 if (index >= pty_limit) {
2653 idr_remove(&allocated_ptys, index);
2654 up(&allocated_ptys_lock);
2655 return -EIO;
2656 }
2657 up(&allocated_ptys_lock);
2658
2659 mutex_lock(&tty_mutex);
2660 retval = init_dev(ptm_driver, index, &tty);
2661 mutex_unlock(&tty_mutex);
2662
2663 if (retval)
2664 goto out;
2665
2666 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */
2667 filp->private_data = tty;
2668 file_move(filp, &tty->tty_files);
2669
2670 retval = -ENOMEM;
2671 if (devpts_pty_new(tty->link))
2672 goto out1;
2673
2674 check_tty_count(tty, "tty_open");
2675 retval = ptm_driver->open(tty, filp);
2676 if (!retval)
2677 return 0;
2678 out1:
2679 release_dev(filp);
2680 return retval;
2681 out:
2682 down(&allocated_ptys_lock);
2683 idr_remove(&allocated_ptys, index);
2684 up(&allocated_ptys_lock);
2685 return retval;
2686 }
2687 #endif
2688
2689 /**
2690 * tty_release - vfs callback for close
2691 * @inode: inode of tty
2692 * @filp: file pointer for handle to tty
2693 *
2694 * Called the last time each file handle is closed that references
2695 * this tty. There may however be several such references.
2696 *
2697 * Locking:
2698 * Takes bkl. See release_dev
2699 */
2700
2701 static int tty_release(struct inode * inode, struct file * filp)
2702 {
2703 lock_kernel();
2704 release_dev(filp);
2705 unlock_kernel();
2706 return 0;
2707 }
2708
2709 /**
2710 * tty_poll - check tty status
2711 * @filp: file being polled
2712 * @wait: poll wait structures to update
2713 *
2714 * Call the line discipline polling method to obtain the poll
2715 * status of the device.
2716 *
2717 * Locking: locks called line discipline but ldisc poll method
2718 * may be re-entered freely by other callers.
2719 */
2720
2721 static unsigned int tty_poll(struct file * filp, poll_table * wait)
2722 {
2723 struct tty_struct * tty;
2724 struct tty_ldisc *ld;
2725 int ret = 0;
2726
2727 tty = (struct tty_struct *)filp->private_data;
2728 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
2729 return 0;
2730
2731 ld = tty_ldisc_ref_wait(tty);
2732 if (ld->poll)
2733 ret = (ld->poll)(tty, filp, wait);
2734 tty_ldisc_deref(ld);
2735 return ret;
2736 }
2737
2738 static int tty_fasync(int fd, struct file * filp, int on)
2739 {
2740 struct tty_struct * tty;
2741 int retval;
2742
2743 tty = (struct tty_struct *)filp->private_data;
2744 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
2745 return 0;
2746
2747 retval = fasync_helper(fd, filp, on, &tty->fasync);
2748 if (retval <= 0)
2749 return retval;
2750
2751 if (on) {
2752 enum pid_type type;
2753 struct pid *pid;
2754 if (!waitqueue_active(&tty->read_wait))
2755 tty->minimum_to_wake = 1;
2756 if (tty->pgrp) {
2757 pid = tty->pgrp;
2758 type = PIDTYPE_PGID;
2759 } else {
2760 pid = task_pid(current);
2761 type = PIDTYPE_PID;
2762 }
2763 retval = __f_setown(filp, pid, type, 0);
2764 if (retval)
2765 return retval;
2766 } else {
2767 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2768 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2769 }
2770 return 0;
2771 }
2772
2773 /**
2774 * tiocsti - fake input character
2775 * @tty: tty to fake input into
2776 * @p: pointer to character
2777 *
2778 * Fake input to a tty device. Does the neccessary locking and
2779 * input management.
2780 *
2781 * FIXME: does not honour flow control ??
2782 *
2783 * Locking:
2784 * Called functions take tty_ldisc_lock
2785 * current->signal->tty check is safe without locks
2786 *
2787 * FIXME: may race normal receive processing
2788 */
2789
2790 static int tiocsti(struct tty_struct *tty, char __user *p)
2791 {
2792 char ch, mbz = 0;
2793 struct tty_ldisc *ld;
2794
2795 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2796 return -EPERM;
2797 if (get_user(ch, p))
2798 return -EFAULT;
2799 ld = tty_ldisc_ref_wait(tty);
2800 ld->receive_buf(tty, &ch, &mbz, 1);
2801 tty_ldisc_deref(ld);
2802 return 0;
2803 }
2804
2805 /**
2806 * tiocgwinsz - implement window query ioctl
2807 * @tty; tty
2808 * @arg: user buffer for result
2809 *
2810 * Copies the kernel idea of the window size into the user buffer.
2811 *
2812 * Locking: tty->termios_mutex is taken to ensure the winsize data
2813 * is consistent.
2814 */
2815
2816 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user * arg)
2817 {
2818 int err;
2819
2820 mutex_lock(&tty->termios_mutex);
2821 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2822 mutex_unlock(&tty->termios_mutex);
2823
2824 return err ? -EFAULT: 0;
2825 }
2826
2827 /**
2828 * tiocswinsz - implement window size set ioctl
2829 * @tty; tty
2830 * @arg: user buffer for result
2831 *
2832 * Copies the user idea of the window size to the kernel. Traditionally
2833 * this is just advisory information but for the Linux console it
2834 * actually has driver level meaning and triggers a VC resize.
2835 *
2836 * Locking:
2837 * Called function use the console_sem is used to ensure we do
2838 * not try and resize the console twice at once.
2839 * The tty->termios_mutex is used to ensure we don't double
2840 * resize and get confused. Lock order - tty->termios_mutex before
2841 * console sem
2842 */
2843
2844 static int tiocswinsz(struct tty_struct *tty, struct tty_struct *real_tty,
2845 struct winsize __user * arg)
2846 {
2847 struct winsize tmp_ws;
2848
2849 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2850 return -EFAULT;
2851
2852 mutex_lock(&tty->termios_mutex);
2853 if (!memcmp(&tmp_ws, &tty->winsize, sizeof(*arg)))
2854 goto done;
2855
2856 #ifdef CONFIG_VT
2857 if (tty->driver->type == TTY_DRIVER_TYPE_CONSOLE) {
2858 if (vc_lock_resize(tty->driver_data, tmp_ws.ws_col,
2859 tmp_ws.ws_row)) {
2860 mutex_unlock(&tty->termios_mutex);
2861 return -ENXIO;
2862 }
2863 }
2864 #endif
2865 if (tty->pgrp)
2866 kill_pgrp(tty->pgrp, SIGWINCH, 1);
2867 if ((real_tty->pgrp != tty->pgrp) && real_tty->pgrp)
2868 kill_pgrp(real_tty->pgrp, SIGWINCH, 1);
2869 tty->winsize = tmp_ws;
2870 real_tty->winsize = tmp_ws;
2871 done:
2872 mutex_unlock(&tty->termios_mutex);
2873 return 0;
2874 }
2875
2876 /**
2877 * tioccons - allow admin to move logical console
2878 * @file: the file to become console
2879 *
2880 * Allow the adminstrator to move the redirected console device
2881 *
2882 * Locking: uses redirect_lock to guard the redirect information
2883 */
2884
2885 static int tioccons(struct file *file)
2886 {
2887 if (!capable(CAP_SYS_ADMIN))
2888 return -EPERM;
2889 if (file->f_op->write == redirected_tty_write) {
2890 struct file *f;
2891 spin_lock(&redirect_lock);
2892 f = redirect;
2893 redirect = NULL;
2894 spin_unlock(&redirect_lock);
2895 if (f)
2896 fput(f);
2897 return 0;
2898 }
2899 spin_lock(&redirect_lock);
2900 if (redirect) {
2901 spin_unlock(&redirect_lock);
2902 return -EBUSY;
2903 }
2904 get_file(file);
2905 redirect = file;
2906 spin_unlock(&redirect_lock);
2907 return 0;
2908 }
2909
2910 /**
2911 * fionbio - non blocking ioctl
2912 * @file: file to set blocking value
2913 * @p: user parameter
2914 *
2915 * Historical tty interfaces had a blocking control ioctl before
2916 * the generic functionality existed. This piece of history is preserved
2917 * in the expected tty API of posix OS's.
2918 *
2919 * Locking: none, the open fle handle ensures it won't go away.
2920 */
2921
2922 static int fionbio(struct file *file, int __user *p)
2923 {
2924 int nonblock;
2925
2926 if (get_user(nonblock, p))
2927 return -EFAULT;
2928
2929 if (nonblock)
2930 file->f_flags |= O_NONBLOCK;
2931 else
2932 file->f_flags &= ~O_NONBLOCK;
2933 return 0;
2934 }
2935
2936 /**
2937 * tiocsctty - set controlling tty
2938 * @tty: tty structure
2939 * @arg: user argument
2940 *
2941 * This ioctl is used to manage job control. It permits a session
2942 * leader to set this tty as the controlling tty for the session.
2943 *
2944 * Locking:
2945 * Takes tty_mutex() to protect tty instance
2946 * Takes tasklist_lock internally to walk sessions
2947 * Takes ->siglock() when updating signal->tty
2948 */
2949
2950 static int tiocsctty(struct tty_struct *tty, int arg)
2951 {
2952 int ret = 0;
2953 if (current->signal->leader && (task_session(current) == tty->session))
2954 return ret;
2955
2956 mutex_lock(&tty_mutex);
2957 /*
2958 * The process must be a session leader and
2959 * not have a controlling tty already.
2960 */
2961 if (!current->signal->leader || current->signal->tty) {
2962 ret = -EPERM;
2963 goto unlock;
2964 }
2965
2966 if (tty->session) {
2967 /*
2968 * This tty is already the controlling
2969 * tty for another session group!
2970 */
2971 if ((arg == 1) && capable(CAP_SYS_ADMIN)) {
2972 /*
2973 * Steal it away
2974 */
2975 read_lock(&tasklist_lock);
2976 session_clear_tty(tty->session);
2977 read_unlock(&tasklist_lock);
2978 } else {
2979 ret = -EPERM;
2980 goto unlock;
2981 }
2982 }
2983 proc_set_tty(current, tty);
2984 unlock:
2985 mutex_unlock(&tty_mutex);
2986 return ret;
2987 }
2988
2989 /**
2990 * tiocgpgrp - get process group
2991 * @tty: tty passed by user
2992 * @real_tty: tty side of the tty pased by the user if a pty else the tty
2993 * @p: returned pid
2994 *
2995 * Obtain the process group of the tty. If there is no process group
2996 * return an error.
2997 *
2998 * Locking: none. Reference to current->signal->tty is safe.
2999 */
3000
3001 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
3002 {
3003 /*
3004 * (tty == real_tty) is a cheap way of
3005 * testing if the tty is NOT a master pty.
3006 */
3007 if (tty == real_tty && current->signal->tty != real_tty)
3008 return -ENOTTY;
3009 return put_user(pid_nr(real_tty->pgrp), p);
3010 }
3011
3012 /**
3013 * tiocspgrp - attempt to set process group
3014 * @tty: tty passed by user
3015 * @real_tty: tty side device matching tty passed by user
3016 * @p: pid pointer
3017 *
3018 * Set the process group of the tty to the session passed. Only
3019 * permitted where the tty session is our session.
3020 *
3021 * Locking: None
3022 */
3023
3024 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
3025 {
3026 struct pid *pgrp;
3027 pid_t pgrp_nr;
3028 int retval = tty_check_change(real_tty);
3029
3030 if (retval == -EIO)
3031 return -ENOTTY;
3032 if (retval)
3033 return retval;
3034 if (!current->signal->tty ||
3035 (current->signal->tty != real_tty) ||
3036 (real_tty->session != task_session(current)))
3037 return -ENOTTY;
3038 if (get_user(pgrp_nr, p))
3039 return -EFAULT;
3040 if (pgrp_nr < 0)
3041 return -EINVAL;
3042 rcu_read_lock();
3043 pgrp = find_pid(pgrp_nr);
3044 retval = -ESRCH;
3045 if (!pgrp)
3046 goto out_unlock;
3047 retval = -EPERM;
3048 if (session_of_pgrp(pgrp) != task_session(current))
3049 goto out_unlock;
3050 retval = 0;
3051 put_pid(real_tty->pgrp);
3052 real_tty->pgrp = get_pid(pgrp);
3053 out_unlock:
3054 rcu_read_unlock();
3055 return retval;
3056 }
3057
3058 /**
3059 * tiocgsid - get session id
3060 * @tty: tty passed by user
3061 * @real_tty: tty side of the tty pased by the user if a pty else the tty
3062 * @p: pointer to returned session id
3063 *
3064 * Obtain the session id of the tty. If there is no session
3065 * return an error.
3066 *
3067 * Locking: none. Reference to current->signal->tty is safe.
3068 */
3069
3070 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
3071 {
3072 /*
3073 * (tty == real_tty) is a cheap way of
3074 * testing if the tty is NOT a master pty.
3075 */
3076 if (tty == real_tty && current->signal->tty != real_tty)
3077 return -ENOTTY;
3078 if (!real_tty->session)
3079 return -ENOTTY;
3080 return put_user(pid_nr(real_tty->session), p);
3081 }
3082
3083 /**
3084 * tiocsetd - set line discipline
3085 * @tty: tty device
3086 * @p: pointer to user data
3087 *
3088 * Set the line discipline according to user request.
3089 *
3090 * Locking: see tty_set_ldisc, this function is just a helper
3091 */
3092
3093 static int tiocsetd(struct tty_struct *tty, int __user *p)
3094 {
3095 int ldisc;
3096
3097 if (get_user(ldisc, p))
3098 return -EFAULT;
3099 return tty_set_ldisc(tty, ldisc);
3100 }
3101
3102 /**
3103 * send_break - performed time break
3104 * @tty: device to break on
3105 * @duration: timeout in mS
3106 *
3107 * Perform a timed break on hardware that lacks its own driver level
3108 * timed break functionality.
3109 *
3110 * Locking:
3111 * atomic_write_lock serializes
3112 *
3113 */
3114
3115 static int send_break(struct tty_struct *tty, unsigned int duration)
3116 {
3117 if (mutex_lock_interruptible(&tty->atomic_write_lock))
3118 return -EINTR;
3119 tty->driver->break_ctl(tty, -1);
3120 if (!signal_pending(current)) {
3121 msleep_interruptible(duration);
3122 }
3123 tty->driver->break_ctl(tty, 0);
3124 mutex_unlock(&tty->atomic_write_lock);
3125 if (signal_pending(current))
3126 return -EINTR;
3127 return 0;
3128 }
3129
3130 /**
3131 * tiocmget - get modem status
3132 * @tty: tty device
3133 * @file: user file pointer
3134 * @p: pointer to result
3135 *
3136 * Obtain the modem status bits from the tty driver if the feature
3137 * is supported. Return -EINVAL if it is not available.
3138 *
3139 * Locking: none (up to the driver)
3140 */
3141
3142 static int tty_tiocmget(struct tty_struct *tty, struct file *file, int __user *p)
3143 {
3144 int retval = -EINVAL;
3145
3146 if (tty->driver->tiocmget) {
3147 retval = tty->driver->tiocmget(tty, file);
3148
3149 if (retval >= 0)
3150 retval = put_user(retval, p);
3151 }
3152 return retval;
3153 }
3154
3155 /**
3156 * tiocmset - set modem status
3157 * @tty: tty device
3158 * @file: user file pointer
3159 * @cmd: command - clear bits, set bits or set all
3160 * @p: pointer to desired bits
3161 *
3162 * Set the modem status bits from the tty driver if the feature
3163 * is supported. Return -EINVAL if it is not available.
3164 *
3165 * Locking: none (up to the driver)
3166 */
3167
3168 static int tty_tiocmset(struct tty_struct *tty, struct file *file, unsigned int cmd,
3169 unsigned __user *p)
3170 {
3171 int retval = -EINVAL;
3172
3173 if (tty->driver->tiocmset) {
3174 unsigned int set, clear, val;
3175
3176 retval = get_user(val, p);
3177 if (retval)
3178 return retval;
3179
3180 set = clear = 0;
3181 switch (cmd) {
3182 case TIOCMBIS:
3183 set = val;
3184 break;
3185 case TIOCMBIC:
3186 clear = val;
3187 break;
3188 case TIOCMSET:
3189 set = val;
3190 clear = ~val;
3191 break;
3192 }
3193
3194 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
3195 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
3196
3197 retval = tty->driver->tiocmset(tty, file, set, clear);
3198 }
3199 return retval;
3200 }
3201
3202 /*
3203 * Split this up, as gcc can choke on it otherwise..
3204 */
3205 int tty_ioctl(struct inode * inode, struct file * file,
3206 unsigned int cmd, unsigned long arg)
3207 {
3208 struct tty_struct *tty, *real_tty;
3209 void __user *p = (void __user *)arg;
3210 int retval;
3211 struct tty_ldisc *ld;
3212
3213 tty = (struct tty_struct *)file->private_data;
3214 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
3215 return -EINVAL;
3216
3217 /* CHECKME: is this safe as one end closes ? */
3218
3219 real_tty = tty;
3220 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
3221 tty->driver->subtype == PTY_TYPE_MASTER)
3222 real_tty = tty->link;
3223
3224 /*
3225 * Break handling by driver
3226 */
3227 if (!tty->driver->break_ctl) {
3228 switch(cmd) {
3229 case TIOCSBRK:
3230 case TIOCCBRK:
3231 if (tty->driver->ioctl)
3232 return tty->driver->ioctl(tty, file, cmd, arg);
3233 return -EINVAL;
3234
3235 /* These two ioctl's always return success; even if */
3236 /* the driver doesn't support them. */
3237 case TCSBRK:
3238 case TCSBRKP:
3239 if (!tty->driver->ioctl)
3240 return 0;
3241 retval = tty->driver->ioctl(tty, file, cmd, arg);
3242 if (retval == -ENOIOCTLCMD)
3243 retval = 0;
3244 return retval;
3245 }
3246 }
3247
3248 /*
3249 * Factor out some common prep work
3250 */
3251 switch (cmd) {
3252 case TIOCSETD:
3253 case TIOCSBRK:
3254 case TIOCCBRK:
3255 case TCSBRK:
3256 case TCSBRKP:
3257 retval = tty_check_change(tty);
3258 if (retval)
3259 return retval;
3260 if (cmd != TIOCCBRK) {
3261 tty_wait_until_sent(tty, 0);
3262 if (signal_pending(current))
3263 return -EINTR;
3264 }
3265 break;
3266 }
3267
3268 switch (cmd) {
3269 case TIOCSTI:
3270 return tiocsti(tty, p);
3271 case TIOCGWINSZ:
3272 return tiocgwinsz(tty, p);
3273 case TIOCSWINSZ:
3274 return tiocswinsz(tty, real_tty, p);
3275 case TIOCCONS:
3276 return real_tty!=tty ? -EINVAL : tioccons(file);
3277 case FIONBIO:
3278 return fionbio(file, p);
3279 case TIOCEXCL:
3280 set_bit(TTY_EXCLUSIVE, &tty->flags);
3281 return 0;
3282 case TIOCNXCL:
3283 clear_bit(TTY_EXCLUSIVE, &tty->flags);
3284 return 0;
3285 case TIOCNOTTY:
3286 if (current->signal->tty != tty)
3287 return -ENOTTY;
3288 if (current->signal->leader)
3289 disassociate_ctty(0);
3290 proc_clear_tty(current);
3291 return 0;
3292 case TIOCSCTTY:
3293 return tiocsctty(tty, arg);
3294 case TIOCGPGRP:
3295 return tiocgpgrp(tty, real_tty, p);
3296 case TIOCSPGRP:
3297 return tiocspgrp(tty, real_tty, p);
3298 case TIOCGSID:
3299 return tiocgsid(tty, real_tty, p);
3300 case TIOCGETD:
3301 /* FIXME: check this is ok */
3302 return put_user(tty->ldisc.num, (int __user *)p);
3303 case TIOCSETD:
3304 return tiocsetd(tty, p);
3305 #ifdef CONFIG_VT
3306 case TIOCLINUX:
3307 return tioclinux(tty, arg);
3308 #endif
3309 /*
3310 * Break handling
3311 */
3312 case TIOCSBRK: /* Turn break on, unconditionally */
3313 tty->driver->break_ctl(tty, -1);
3314 return 0;
3315
3316 case TIOCCBRK: /* Turn break off, unconditionally */
3317 tty->driver->break_ctl(tty, 0);
3318 return 0;
3319 case TCSBRK: /* SVID version: non-zero arg --> no break */
3320 /* non-zero arg means wait for all output data
3321 * to be sent (performed above) but don't send break.
3322 * This is used by the tcdrain() termios function.
3323 */
3324 if (!arg)
3325 return send_break(tty, 250);
3326 return 0;
3327 case TCSBRKP: /* support for POSIX tcsendbreak() */
3328 return send_break(tty, arg ? arg*100 : 250);
3329
3330 case TIOCMGET:
3331 return tty_tiocmget(tty, file, p);
3332
3333 case TIOCMSET:
3334 case TIOCMBIC:
3335 case TIOCMBIS:
3336 return tty_tiocmset(tty, file, cmd, p);
3337 }
3338 if (tty->driver->ioctl) {
3339 retval = (tty->driver->ioctl)(tty, file, cmd, arg);
3340 if (retval != -ENOIOCTLCMD)
3341 return retval;
3342 }
3343 ld = tty_ldisc_ref_wait(tty);
3344 retval = -EINVAL;
3345 if (ld->ioctl) {
3346 retval = ld->ioctl(tty, file, cmd, arg);
3347 if (retval == -ENOIOCTLCMD)
3348 retval = -EINVAL;
3349 }
3350 tty_ldisc_deref(ld);
3351 return retval;
3352 }
3353
3354
3355 /*
3356 * This implements the "Secure Attention Key" --- the idea is to
3357 * prevent trojan horses by killing all processes associated with this
3358 * tty when the user hits the "Secure Attention Key". Required for
3359 * super-paranoid applications --- see the Orange Book for more details.
3360 *
3361 * This code could be nicer; ideally it should send a HUP, wait a few
3362 * seconds, then send a INT, and then a KILL signal. But you then
3363 * have to coordinate with the init process, since all processes associated
3364 * with the current tty must be dead before the new getty is allowed
3365 * to spawn.
3366 *
3367 * Now, if it would be correct ;-/ The current code has a nasty hole -
3368 * it doesn't catch files in flight. We may send the descriptor to ourselves
3369 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
3370 *
3371 * Nasty bug: do_SAK is being called in interrupt context. This can
3372 * deadlock. We punt it up to process context. AKPM - 16Mar2001
3373 */
3374 void __do_SAK(struct tty_struct *tty)
3375 {
3376 #ifdef TTY_SOFT_SAK
3377 tty_hangup(tty);
3378 #else
3379 struct task_struct *g, *p;
3380 struct pid *session;
3381 int i;
3382 struct file *filp;
3383 struct fdtable *fdt;
3384
3385 if (!tty)
3386 return;
3387 session = tty->session;
3388
3389 tty_ldisc_flush(tty);
3390
3391 if (tty->driver->flush_buffer)
3392 tty->driver->flush_buffer(tty);
3393
3394 read_lock(&tasklist_lock);
3395 /* Kill the entire session */
3396 do_each_pid_task(session, PIDTYPE_SID, p) {
3397 printk(KERN_NOTICE "SAK: killed process %d"
3398 " (%s): process_session(p)==tty->session\n",
3399 p->pid, p->comm);
3400 send_sig(SIGKILL, p, 1);
3401 } while_each_pid_task(session, PIDTYPE_SID, p);
3402 /* Now kill any processes that happen to have the
3403 * tty open.
3404 */
3405 do_each_thread(g, p) {
3406 if (p->signal->tty == tty) {
3407 printk(KERN_NOTICE "SAK: killed process %d"
3408 " (%s): process_session(p)==tty->session\n",
3409 p->pid, p->comm);
3410 send_sig(SIGKILL, p, 1);
3411 continue;
3412 }
3413 task_lock(p);
3414 if (p->files) {
3415 /*
3416 * We don't take a ref to the file, so we must
3417 * hold ->file_lock instead.
3418 */
3419 spin_lock(&p->files->file_lock);
3420 fdt = files_fdtable(p->files);
3421 for (i=0; i < fdt->max_fds; i++) {
3422 filp = fcheck_files(p->files, i);
3423 if (!filp)
3424 continue;
3425 if (filp->f_op->read == tty_read &&
3426 filp->private_data == tty) {
3427 printk(KERN_NOTICE "SAK: killed process %d"
3428 " (%s): fd#%d opened to the tty\n",
3429 p->pid, p->comm, i);
3430 force_sig(SIGKILL, p);
3431 break;
3432 }
3433 }
3434 spin_unlock(&p->files->file_lock);
3435 }
3436 task_unlock(p);
3437 } while_each_thread(g, p);
3438 read_unlock(&tasklist_lock);
3439 #endif
3440 }
3441
3442 static void do_SAK_work(struct work_struct *work)
3443 {
3444 struct tty_struct *tty =
3445 container_of(work, struct tty_struct, SAK_work);
3446 __do_SAK(tty);
3447 }
3448
3449 /*
3450 * The tq handling here is a little racy - tty->SAK_work may already be queued.
3451 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
3452 * the values which we write to it will be identical to the values which it
3453 * already has. --akpm
3454 */
3455 void do_SAK(struct tty_struct *tty)
3456 {
3457 if (!tty)
3458 return;
3459 schedule_work(&tty->SAK_work);
3460 }
3461
3462 EXPORT_SYMBOL(do_SAK);
3463
3464 /**
3465 * flush_to_ldisc
3466 * @work: tty structure passed from work queue.
3467 *
3468 * This routine is called out of the software interrupt to flush data
3469 * from the buffer chain to the line discipline.
3470 *
3471 * Locking: holds tty->buf.lock to guard buffer list. Drops the lock
3472 * while invoking the line discipline receive_buf method. The
3473 * receive_buf method is single threaded for each tty instance.
3474 */
3475
3476 static void flush_to_ldisc(struct work_struct *work)
3477 {
3478 struct tty_struct *tty =
3479 container_of(work, struct tty_struct, buf.work.work);
3480 unsigned long flags;
3481 struct tty_ldisc *disc;
3482 struct tty_buffer *tbuf, *head;
3483 char *char_buf;
3484 unsigned char *flag_buf;
3485
3486 disc = tty_ldisc_ref(tty);
3487 if (disc == NULL) /* !TTY_LDISC */
3488 return;
3489
3490 spin_lock_irqsave(&tty->buf.lock, flags);
3491 head = tty->buf.head;
3492 if (head != NULL) {
3493 tty->buf.head = NULL;
3494 for (;;) {
3495 int count = head->commit - head->read;
3496 if (!count) {
3497 if (head->next == NULL)
3498 break;
3499 tbuf = head;
3500 head = head->next;
3501 tty_buffer_free(tty, tbuf);
3502 continue;
3503 }
3504 if (!tty->receive_room) {
3505 schedule_delayed_work(&tty->buf.work, 1);
3506 break;
3507 }
3508 if (count > tty->receive_room)
3509 count = tty->receive_room;
3510 char_buf = head->char_buf_ptr + head->read;
3511 flag_buf = head->flag_buf_ptr + head->read;
3512 head->read += count;
3513 spin_unlock_irqrestore(&tty->buf.lock, flags);
3514 disc->receive_buf(tty, char_buf, flag_buf, count);
3515 spin_lock_irqsave(&tty->buf.lock, flags);
3516 }
3517 tty->buf.head = head;
3518 }
3519 spin_unlock_irqrestore(&tty->buf.lock, flags);
3520
3521 tty_ldisc_deref(disc);
3522 }
3523
3524 /**
3525 * tty_flip_buffer_push - terminal
3526 * @tty: tty to push
3527 *
3528 * Queue a push of the terminal flip buffers to the line discipline. This
3529 * function must not be called from IRQ context if tty->low_latency is set.
3530 *
3531 * In the event of the queue being busy for flipping the work will be
3532 * held off and retried later.
3533 *
3534 * Locking: tty buffer lock. Driver locks in low latency mode.
3535 */
3536
3537 void tty_flip_buffer_push(struct tty_struct *tty)
3538 {
3539 unsigned long flags;
3540 spin_lock_irqsave(&tty->buf.lock, flags);
3541 if (tty->buf.tail != NULL)
3542 tty->buf.tail->commit = tty->buf.tail->used;
3543 spin_unlock_irqrestore(&tty->buf.lock, flags);
3544
3545 if (tty->low_latency)
3546 flush_to_ldisc(&tty->buf.work.work);
3547 else
3548 schedule_delayed_work(&tty->buf.work, 1);
3549 }
3550
3551 EXPORT_SYMBOL(tty_flip_buffer_push);
3552
3553
3554 /**
3555 * initialize_tty_struct
3556 * @tty: tty to initialize
3557 *
3558 * This subroutine initializes a tty structure that has been newly
3559 * allocated.
3560 *
3561 * Locking: none - tty in question must not be exposed at this point
3562 */
3563
3564 static void initialize_tty_struct(struct tty_struct *tty)
3565 {
3566 memset(tty, 0, sizeof(struct tty_struct));
3567 tty->magic = TTY_MAGIC;
3568 tty_ldisc_assign(tty, tty_ldisc_get(N_TTY));
3569 tty->session = NULL;
3570 tty->pgrp = NULL;
3571 tty->overrun_time = jiffies;
3572 tty->buf.head = tty->buf.tail = NULL;
3573 tty_buffer_init(tty);
3574 INIT_DELAYED_WORK(&tty->buf.work, flush_to_ldisc);
3575 init_MUTEX(&tty->buf.pty_sem);
3576 mutex_init(&tty->termios_mutex);
3577 init_waitqueue_head(&tty->write_wait);
3578 init_waitqueue_head(&tty->read_wait);
3579 INIT_WORK(&tty->hangup_work, do_tty_hangup);
3580 mutex_init(&tty->atomic_read_lock);
3581 mutex_init(&tty->atomic_write_lock);
3582 spin_lock_init(&tty->read_lock);
3583 INIT_LIST_HEAD(&tty->tty_files);
3584 INIT_WORK(&tty->SAK_work, do_SAK_work);
3585 }
3586
3587 /*
3588 * The default put_char routine if the driver did not define one.
3589 */
3590
3591 static void tty_default_put_char(struct tty_struct *tty, unsigned char ch)
3592 {
3593 tty->driver->write(tty, &ch, 1);
3594 }
3595
3596 static struct class *tty_class;
3597
3598 /**
3599 * tty_register_device - register a tty device
3600 * @driver: the tty driver that describes the tty device
3601 * @index: the index in the tty driver for this tty device
3602 * @device: a struct device that is associated with this tty device.
3603 * This field is optional, if there is no known struct device
3604 * for this tty device it can be set to NULL safely.
3605 *
3606 * Returns a pointer to the struct device for this tty device
3607 * (or ERR_PTR(-EFOO) on error).
3608 *
3609 * This call is required to be made to register an individual tty device
3610 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3611 * that bit is not set, this function should not be called by a tty
3612 * driver.
3613 *
3614 * Locking: ??
3615 */
3616
3617 struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3618 struct device *device)
3619 {
3620 char name[64];
3621 dev_t dev = MKDEV(driver->major, driver->minor_start) + index;
3622
3623 if (index >= driver->num) {
3624 printk(KERN_ERR "Attempt to register invalid tty line number "
3625 " (%d).\n", index);
3626 return ERR_PTR(-EINVAL);
3627 }
3628
3629 if (driver->type == TTY_DRIVER_TYPE_PTY)
3630 pty_line_name(driver, index, name);
3631 else
3632 tty_line_name(driver, index, name);
3633
3634 return device_create(tty_class, device, dev, name);
3635 }
3636
3637 /**
3638 * tty_unregister_device - unregister a tty device
3639 * @driver: the tty driver that describes the tty device
3640 * @index: the index in the tty driver for this tty device
3641 *
3642 * If a tty device is registered with a call to tty_register_device() then
3643 * this function must be called when the tty device is gone.
3644 *
3645 * Locking: ??
3646 */
3647
3648 void tty_unregister_device(struct tty_driver *driver, unsigned index)
3649 {
3650 device_destroy(tty_class, MKDEV(driver->major, driver->minor_start) + index);
3651 }
3652
3653 EXPORT_SYMBOL(tty_register_device);
3654 EXPORT_SYMBOL(tty_unregister_device);
3655
3656 struct tty_driver *alloc_tty_driver(int lines)
3657 {
3658 struct tty_driver *driver;
3659
3660 driver = kmalloc(sizeof(struct tty_driver), GFP_KERNEL);
3661 if (driver) {
3662 memset(driver, 0, sizeof(struct tty_driver));
3663 driver->magic = TTY_DRIVER_MAGIC;
3664 driver->num = lines;
3665 /* later we'll move allocation of tables here */
3666 }
3667 return driver;
3668 }
3669
3670 void put_tty_driver(struct tty_driver *driver)
3671 {
3672 kfree(driver);
3673 }
3674
3675 void tty_set_operations(struct tty_driver *driver,
3676 const struct tty_operations *op)
3677 {
3678 driver->open = op->open;
3679 driver->close = op->close;
3680 driver->write = op->write;
3681 driver->put_char = op->put_char;
3682 driver->flush_chars = op->flush_chars;
3683 driver->write_room = op->write_room;
3684 driver->chars_in_buffer = op->chars_in_buffer;
3685 driver->ioctl = op->ioctl;
3686 driver->set_termios = op->set_termios;
3687 driver->throttle = op->throttle;
3688 driver->unthrottle = op->unthrottle;
3689 driver->stop = op->stop;
3690 driver->start = op->start;
3691 driver->hangup = op->hangup;
3692 driver->break_ctl = op->break_ctl;
3693 driver->flush_buffer = op->flush_buffer;
3694 driver->set_ldisc = op->set_ldisc;
3695 driver->wait_until_sent = op->wait_until_sent;
3696 driver->send_xchar = op->send_xchar;
3697 driver->read_proc = op->read_proc;
3698 driver->write_proc = op->write_proc;
3699 driver->tiocmget = op->tiocmget;
3700 driver->tiocmset = op->tiocmset;
3701 }
3702
3703
3704 EXPORT_SYMBOL(alloc_tty_driver);
3705 EXPORT_SYMBOL(put_tty_driver);
3706 EXPORT_SYMBOL(tty_set_operations);
3707
3708 /*
3709 * Called by a tty driver to register itself.
3710 */
3711 int tty_register_driver(struct tty_driver *driver)
3712 {
3713 int error;
3714 int i;
3715 dev_t dev;
3716 void **p = NULL;
3717
3718 if (driver->flags & TTY_DRIVER_INSTALLED)
3719 return 0;
3720
3721 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
3722 p = kmalloc(driver->num * 3 * sizeof(void *), GFP_KERNEL);
3723 if (!p)
3724 return -ENOMEM;
3725 memset(p, 0, driver->num * 3 * sizeof(void *));
3726 }
3727
3728 if (!driver->major) {
3729 error = alloc_chrdev_region(&dev, driver->minor_start, driver->num,
3730 driver->name);
3731 if (!error) {
3732 driver->major = MAJOR(dev);
3733 driver->minor_start = MINOR(dev);
3734 }
3735 } else {
3736 dev = MKDEV(driver->major, driver->minor_start);
3737 error = register_chrdev_region(dev, driver->num, driver->name);
3738 }
3739 if (error < 0) {
3740 kfree(p);
3741 return error;
3742 }
3743
3744 if (p) {
3745 driver->ttys = (struct tty_struct **)p;
3746 driver->termios = (struct ktermios **)(p + driver->num);
3747 driver->termios_locked = (struct ktermios **)(p + driver->num * 2);
3748 } else {
3749 driver->ttys = NULL;
3750 driver->termios = NULL;
3751 driver->termios_locked = NULL;
3752 }
3753
3754 cdev_init(&driver->cdev, &tty_fops);
3755 driver->cdev.owner = driver->owner;
3756 error = cdev_add(&driver->cdev, dev, driver->num);
3757 if (error) {
3758 unregister_chrdev_region(dev, driver->num);
3759 driver->ttys = NULL;
3760 driver->termios = driver->termios_locked = NULL;
3761 kfree(p);
3762 return error;
3763 }
3764
3765 if (!driver->put_char)
3766 driver->put_char = tty_default_put_char;
3767
3768 list_add(&driver->tty_drivers, &tty_drivers);
3769
3770 if ( !(driver->flags & TTY_DRIVER_DYNAMIC_DEV) ) {
3771 for(i = 0; i < driver->num; i++)
3772 tty_register_device(driver, i, NULL);
3773 }
3774 proc_tty_register_driver(driver);
3775 return 0;
3776 }
3777
3778 EXPORT_SYMBOL(tty_register_driver);
3779
3780 /*
3781 * Called by a tty driver to unregister itself.
3782 */
3783 int tty_unregister_driver(struct tty_driver *driver)
3784 {
3785 int i;
3786 struct ktermios *tp;
3787 void *p;
3788
3789 if (driver->refcount)
3790 return -EBUSY;
3791
3792 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3793 driver->num);
3794
3795 list_del(&driver->tty_drivers);
3796
3797 /*
3798 * Free the termios and termios_locked structures because
3799 * we don't want to get memory leaks when modular tty
3800 * drivers are removed from the kernel.
3801 */
3802 for (i = 0; i < driver->num; i++) {
3803 tp = driver->termios[i];
3804 if (tp) {
3805 driver->termios[i] = NULL;
3806 kfree(tp);
3807 }
3808 tp = driver->termios_locked[i];
3809 if (tp) {
3810 driver->termios_locked[i] = NULL;
3811 kfree(tp);
3812 }
3813 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3814 tty_unregister_device(driver, i);
3815 }
3816 p = driver->ttys;
3817 proc_tty_unregister_driver(driver);
3818 driver->ttys = NULL;
3819 driver->termios = driver->termios_locked = NULL;
3820 kfree(p);
3821 cdev_del(&driver->cdev);
3822 return 0;
3823 }
3824 EXPORT_SYMBOL(tty_unregister_driver);
3825
3826 dev_t tty_devnum(struct tty_struct *tty)
3827 {
3828 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3829 }
3830 EXPORT_SYMBOL(tty_devnum);
3831
3832 void proc_clear_tty(struct task_struct *p)
3833 {
3834 spin_lock_irq(&p->sighand->siglock);
3835 p->signal->tty = NULL;
3836 spin_unlock_irq(&p->sighand->siglock);
3837 }
3838 EXPORT_SYMBOL(proc_clear_tty);
3839
3840 static struct pid *__proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3841 {
3842 struct pid *old_pgrp;
3843 if (tty) {
3844 tty->session = get_pid(task_session(tsk));
3845 tty->pgrp = get_pid(task_pgrp(tsk));
3846 }
3847 old_pgrp = tsk->signal->tty_old_pgrp;
3848 tsk->signal->tty = tty;
3849 tsk->signal->tty_old_pgrp = NULL;
3850 return old_pgrp;
3851 }
3852
3853 void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3854 {
3855 struct pid *old_pgrp;
3856
3857 spin_lock_irq(&tsk->sighand->siglock);
3858 old_pgrp = __proc_set_tty(tsk, tty);
3859 spin_unlock_irq(&tsk->sighand->siglock);
3860
3861 put_pid(old_pgrp);
3862 }
3863
3864 struct tty_struct *get_current_tty(void)
3865 {
3866 struct tty_struct *tty;
3867 WARN_ON_ONCE(!mutex_is_locked(&tty_mutex));
3868 tty = current->signal->tty;
3869 /*
3870 * session->tty can be changed/cleared from under us, make sure we
3871 * issue the load. The obtained pointer, when not NULL, is valid as
3872 * long as we hold tty_mutex.
3873 */
3874 barrier();
3875 return tty;
3876 }
3877 EXPORT_SYMBOL_GPL(get_current_tty);
3878
3879 /*
3880 * Initialize the console device. This is called *early*, so
3881 * we can't necessarily depend on lots of kernel help here.
3882 * Just do some early initializations, and do the complex setup
3883 * later.
3884 */
3885 void __init console_init(void)
3886 {
3887 initcall_t *call;
3888
3889 /* Setup the default TTY line discipline. */
3890 (void) tty_register_ldisc(N_TTY, &tty_ldisc_N_TTY);
3891
3892 /*
3893 * set up the console device so that later boot sequences can
3894 * inform about problems etc..
3895 */
3896 #ifdef CONFIG_EARLY_PRINTK
3897 disable_early_printk();
3898 #endif
3899 call = __con_initcall_start;
3900 while (call < __con_initcall_end) {
3901 (*call)();
3902 call++;
3903 }
3904 }
3905
3906 #ifdef CONFIG_VT
3907 extern int vty_init(void);
3908 #endif
3909
3910 static int __init tty_class_init(void)
3911 {
3912 tty_class = class_create(THIS_MODULE, "tty");
3913 if (IS_ERR(tty_class))
3914 return PTR_ERR(tty_class);
3915 return 0;
3916 }
3917
3918 postcore_initcall(tty_class_init);
3919
3920 /* 3/2004 jmc: why do these devices exist? */
3921
3922 static struct cdev tty_cdev, console_cdev;
3923 #ifdef CONFIG_UNIX98_PTYS
3924 static struct cdev ptmx_cdev;
3925 #endif
3926 #ifdef CONFIG_VT
3927 static struct cdev vc0_cdev;
3928 #endif
3929
3930 /*
3931 * Ok, now we can initialize the rest of the tty devices and can count
3932 * on memory allocations, interrupts etc..
3933 */
3934 static int __init tty_init(void)
3935 {
3936 cdev_init(&tty_cdev, &tty_fops);
3937 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3938 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3939 panic("Couldn't register /dev/tty driver\n");
3940 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), "tty");
3941
3942 cdev_init(&console_cdev, &console_fops);
3943 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3944 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3945 panic("Couldn't register /dev/console driver\n");
3946 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), "console");
3947
3948 #ifdef CONFIG_UNIX98_PTYS
3949 cdev_init(&ptmx_cdev, &ptmx_fops);
3950 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) ||
3951 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0)
3952 panic("Couldn't register /dev/ptmx driver\n");
3953 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), "ptmx");
3954 #endif
3955
3956 #ifdef CONFIG_VT
3957 cdev_init(&vc0_cdev, &console_fops);
3958 if (cdev_add(&vc0_cdev, MKDEV(TTY_MAJOR, 0), 1) ||
3959 register_chrdev_region(MKDEV(TTY_MAJOR, 0), 1, "/dev/vc/0") < 0)
3960 panic("Couldn't register /dev/tty0 driver\n");
3961 device_create(tty_class, NULL, MKDEV(TTY_MAJOR, 0), "tty0");
3962
3963 vty_init();
3964 #endif
3965 return 0;
3966 }
3967 module_init(tty_init);
Linux kernel - Deliverables
This page took 0.110337 seconds and 6 git commands to generate.