/drivers/tty/tty_io.c

https://bitbucket.org/slukk/jb-tsm-kernel-4.2 · C · 3357 lines · 2057 code · 367 blank · 933 comment · 378 complexity · 6ecc1c9b9f67f4bbb78c995a054161ca MD5 · raw file

Large files are truncated click here to view the full file

  1. /*
  2. * Copyright (C) 1991, 1992 Linus Torvalds
  3. */
  4. /*
  5. * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
  6. * or rs-channels. It also implements echoing, cooked mode etc.
  7. *
  8. * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
  9. *
  10. * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
  11. * tty_struct and tty_queue structures. Previously there was an array
  12. * of 256 tty_struct's which was statically allocated, and the
  13. * tty_queue structures were allocated at boot time. Both are now
  14. * dynamically allocated only when the tty is open.
  15. *
  16. * Also restructured routines so that there is more of a separation
  17. * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
  18. * the low-level tty routines (serial.c, pty.c, console.c). This
  19. * makes for cleaner and more compact code. -TYT, 9/17/92
  20. *
  21. * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
  22. * which can be dynamically activated and de-activated by the line
  23. * discipline handling modules (like SLIP).
  24. *
  25. * NOTE: pay no attention to the line discipline code (yet); its
  26. * interface is still subject to change in this version...
  27. * -- TYT, 1/31/92
  28. *
  29. * Added functionality to the OPOST tty handling. No delays, but all
  30. * other bits should be there.
  31. * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
  32. *
  33. * Rewrote canonical mode and added more termios flags.
  34. * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
  35. *
  36. * Reorganized FASYNC support so mouse code can share it.
  37. * -- ctm@ardi.com, 9Sep95
  38. *
  39. * New TIOCLINUX variants added.
  40. * -- mj@k332.feld.cvut.cz, 19-Nov-95
  41. *
  42. * Restrict vt switching via ioctl()
  43. * -- grif@cs.ucr.edu, 5-Dec-95
  44. *
  45. * Move console and virtual terminal code to more appropriate files,
  46. * implement CONFIG_VT and generalize console device interface.
  47. * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
  48. *
  49. * Rewrote tty_init_dev and tty_release_dev to eliminate races.
  50. * -- Bill Hawes <whawes@star.net>, June 97
  51. *
  52. * Added devfs support.
  53. * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
  54. *
  55. * Added support for a Unix98-style ptmx device.
  56. * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
  57. *
  58. * Reduced memory usage for older ARM systems
  59. * -- Russell King <rmk@arm.linux.org.uk>
  60. *
  61. * Move do_SAK() into process context. Less stack use in devfs functions.
  62. * alloc_tty_struct() always uses kmalloc()
  63. * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
  64. */
  65. #include <linux/types.h>
  66. #include <linux/major.h>
  67. #include <linux/errno.h>
  68. #include <linux/signal.h>
  69. #include <linux/fcntl.h>
  70. #include <linux/sched.h>
  71. #include <linux/interrupt.h>
  72. #include <linux/tty.h>
  73. #include <linux/tty_driver.h>
  74. #include <linux/tty_flip.h>
  75. #include <linux/devpts_fs.h>
  76. #include <linux/file.h>
  77. #include <linux/fdtable.h>
  78. #include <linux/console.h>
  79. #include <linux/timer.h>
  80. #include <linux/ctype.h>
  81. #include <linux/kd.h>
  82. #include <linux/mm.h>
  83. #include <linux/string.h>
  84. #include <linux/slab.h>
  85. #include <linux/poll.h>
  86. #include <linux/proc_fs.h>
  87. #include <linux/init.h>
  88. #include <linux/module.h>
  89. #include <linux/device.h>
  90. #include <linux/wait.h>
  91. #include <linux/bitops.h>
  92. #include <linux/delay.h>
  93. #include <linux/seq_file.h>
  94. #include <linux/serial.h>
  95. #include <linux/uaccess.h>
  96. #include <asm/system.h>
  97. #include <linux/kbd_kern.h>
  98. #include <linux/vt_kern.h>
  99. #include <linux/selection.h>
  100. #include <linux/kmod.h>
  101. #include <linux/nsproxy.h>
  102. #undef TTY_DEBUG_HANGUP
  103. #define TTY_PARANOIA_CHECK 1
  104. #define CHECK_TTY_COUNT 1
  105. struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
  106. .c_iflag = ICRNL | IXON,
  107. .c_oflag = OPOST | ONLCR,
  108. .c_cflag = B38400 | CS8 | CREAD | HUPCL,
  109. .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
  110. ECHOCTL | ECHOKE | IEXTEN,
  111. .c_cc = INIT_C_CC,
  112. .c_ispeed = 38400,
  113. .c_ospeed = 38400
  114. };
  115. EXPORT_SYMBOL(tty_std_termios);
  116. /* This list gets poked at by procfs and various bits of boot up code. This
  117. could do with some rationalisation such as pulling the tty proc function
  118. into this file */
  119. LIST_HEAD(tty_drivers); /* linked list of tty drivers */
  120. /* Mutex to protect creating and releasing a tty. This is shared with
  121. vt.c for deeply disgusting hack reasons */
  122. DEFINE_MUTEX(tty_mutex);
  123. EXPORT_SYMBOL(tty_mutex);
  124. /* Spinlock to protect the tty->tty_files list */
  125. DEFINE_SPINLOCK(tty_files_lock);
  126. static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
  127. static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
  128. ssize_t redirected_tty_write(struct file *, const char __user *,
  129. size_t, loff_t *);
  130. static unsigned int tty_poll(struct file *, poll_table *);
  131. static int tty_open(struct inode *, struct file *);
  132. long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
  133. #ifdef CONFIG_COMPAT
  134. static long tty_compat_ioctl(struct file *file, unsigned int cmd,
  135. unsigned long arg);
  136. #else
  137. #define tty_compat_ioctl NULL
  138. #endif
  139. static int __tty_fasync(int fd, struct file *filp, int on);
  140. static int tty_fasync(int fd, struct file *filp, int on);
  141. static void release_tty(struct tty_struct *tty, int idx);
  142. static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
  143. static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
  144. /**
  145. * alloc_tty_struct - allocate a tty object
  146. *
  147. * Return a new empty tty structure. The data fields have not
  148. * been initialized in any way but has been zeroed
  149. *
  150. * Locking: none
  151. */
  152. struct tty_struct *alloc_tty_struct(void)
  153. {
  154. return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
  155. }
  156. /**
  157. * free_tty_struct - free a disused tty
  158. * @tty: tty struct to free
  159. *
  160. * Free the write buffers, tty queue and tty memory itself.
  161. *
  162. * Locking: none. Must be called after tty is definitely unused
  163. */
  164. void free_tty_struct(struct tty_struct *tty)
  165. {
  166. if (tty->dev)
  167. put_device(tty->dev);
  168. kfree(tty->write_buf);
  169. tty_buffer_free_all(tty);
  170. kfree(tty);
  171. }
  172. static inline struct tty_struct *file_tty(struct file *file)
  173. {
  174. return ((struct tty_file_private *)file->private_data)->tty;
  175. }
  176. int tty_alloc_file(struct file *file)
  177. {
  178. struct tty_file_private *priv;
  179. priv = kmalloc(sizeof(*priv), GFP_KERNEL);
  180. if (!priv)
  181. return -ENOMEM;
  182. file->private_data = priv;
  183. return 0;
  184. }
  185. /* Associate a new file with the tty structure */
  186. void tty_add_file(struct tty_struct *tty, struct file *file)
  187. {
  188. struct tty_file_private *priv = file->private_data;
  189. priv->tty = tty;
  190. priv->file = file;
  191. spin_lock(&tty_files_lock);
  192. list_add(&priv->list, &tty->tty_files);
  193. spin_unlock(&tty_files_lock);
  194. }
  195. /**
  196. * tty_free_file - free file->private_data
  197. *
  198. * This shall be used only for fail path handling when tty_add_file was not
  199. * called yet.
  200. */
  201. void tty_free_file(struct file *file)
  202. {
  203. struct tty_file_private *priv = file->private_data;
  204. file->private_data = NULL;
  205. kfree(priv);
  206. }
  207. /* Delete file from its tty */
  208. void tty_del_file(struct file *file)
  209. {
  210. struct tty_file_private *priv = file->private_data;
  211. spin_lock(&tty_files_lock);
  212. list_del(&priv->list);
  213. spin_unlock(&tty_files_lock);
  214. tty_free_file(file);
  215. }
  216. #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
  217. /**
  218. * tty_name - return tty naming
  219. * @tty: tty structure
  220. * @buf: buffer for output
  221. *
  222. * Convert a tty structure into a name. The name reflects the kernel
  223. * naming policy and if udev is in use may not reflect user space
  224. *
  225. * Locking: none
  226. */
  227. char *tty_name(struct tty_struct *tty, char *buf)
  228. {
  229. if (!tty) /* Hmm. NULL pointer. That's fun. */
  230. strcpy(buf, "NULL tty");
  231. else
  232. strcpy(buf, tty->name);
  233. return buf;
  234. }
  235. EXPORT_SYMBOL(tty_name);
  236. int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
  237. const char *routine)
  238. {
  239. #ifdef TTY_PARANOIA_CHECK
  240. if (!tty) {
  241. printk(KERN_WARNING
  242. "null TTY for (%d:%d) in %s\n",
  243. imajor(inode), iminor(inode), routine);
  244. return 1;
  245. }
  246. if (tty->magic != TTY_MAGIC) {
  247. printk(KERN_WARNING
  248. "bad magic number for tty struct (%d:%d) in %s\n",
  249. imajor(inode), iminor(inode), routine);
  250. return 1;
  251. }
  252. #endif
  253. return 0;
  254. }
  255. static int check_tty_count(struct tty_struct *tty, const char *routine)
  256. {
  257. #ifdef CHECK_TTY_COUNT
  258. struct list_head *p;
  259. int count = 0;
  260. spin_lock(&tty_files_lock);
  261. list_for_each(p, &tty->tty_files) {
  262. count++;
  263. }
  264. spin_unlock(&tty_files_lock);
  265. if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
  266. tty->driver->subtype == PTY_TYPE_SLAVE &&
  267. tty->link && tty->link->count)
  268. count++;
  269. if (tty->count != count) {
  270. printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
  271. "!= #fd's(%d) in %s\n",
  272. tty->name, tty->count, count, routine);
  273. return count;
  274. }
  275. #endif
  276. return 0;
  277. }
  278. /**
  279. * get_tty_driver - find device of a tty
  280. * @dev_t: device identifier
  281. * @index: returns the index of the tty
  282. *
  283. * This routine returns a tty driver structure, given a device number
  284. * and also passes back the index number.
  285. *
  286. * Locking: caller must hold tty_mutex
  287. */
  288. static struct tty_driver *get_tty_driver(dev_t device, int *index)
  289. {
  290. struct tty_driver *p;
  291. list_for_each_entry(p, &tty_drivers, tty_drivers) {
  292. dev_t base = MKDEV(p->major, p->minor_start);
  293. if (device < base || device >= base + p->num)
  294. continue;
  295. *index = device - base;
  296. return tty_driver_kref_get(p);
  297. }
  298. return NULL;
  299. }
  300. #ifdef CONFIG_CONSOLE_POLL
  301. /**
  302. * tty_find_polling_driver - find device of a polled tty
  303. * @name: name string to match
  304. * @line: pointer to resulting tty line nr
  305. *
  306. * This routine returns a tty driver structure, given a name
  307. * and the condition that the tty driver is capable of polled
  308. * operation.
  309. */
  310. struct tty_driver *tty_find_polling_driver(char *name, int *line)
  311. {
  312. struct tty_driver *p, *res = NULL;
  313. int tty_line = 0;
  314. int len;
  315. char *str, *stp;
  316. for (str = name; *str; str++)
  317. if ((*str >= '0' && *str <= '9') || *str == ',')
  318. break;
  319. if (!*str)
  320. return NULL;
  321. len = str - name;
  322. tty_line = simple_strtoul(str, &str, 10);
  323. mutex_lock(&tty_mutex);
  324. /* Search through the tty devices to look for a match */
  325. list_for_each_entry(p, &tty_drivers, tty_drivers) {
  326. if (strncmp(name, p->name, len) != 0)
  327. continue;
  328. stp = str;
  329. if (*stp == ',')
  330. stp++;
  331. if (*stp == '\0')
  332. stp = NULL;
  333. if (tty_line >= 0 && tty_line < p->num && p->ops &&
  334. p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
  335. res = tty_driver_kref_get(p);
  336. *line = tty_line;
  337. break;
  338. }
  339. }
  340. mutex_unlock(&tty_mutex);
  341. return res;
  342. }
  343. EXPORT_SYMBOL_GPL(tty_find_polling_driver);
  344. #endif
  345. /**
  346. * tty_check_change - check for POSIX terminal changes
  347. * @tty: tty to check
  348. *
  349. * If we try to write to, or set the state of, a terminal and we're
  350. * not in the foreground, send a SIGTTOU. If the signal is blocked or
  351. * ignored, go ahead and perform the operation. (POSIX 7.2)
  352. *
  353. * Locking: ctrl_lock
  354. */
  355. int tty_check_change(struct tty_struct *tty)
  356. {
  357. unsigned long flags;
  358. int ret = 0;
  359. if (current->signal->tty != tty)
  360. return 0;
  361. spin_lock_irqsave(&tty->ctrl_lock, flags);
  362. if (!tty->pgrp) {
  363. printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
  364. goto out_unlock;
  365. }
  366. if (task_pgrp(current) == tty->pgrp)
  367. goto out_unlock;
  368. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  369. if (is_ignored(SIGTTOU))
  370. goto out;
  371. if (is_current_pgrp_orphaned()) {
  372. ret = -EIO;
  373. goto out;
  374. }
  375. kill_pgrp(task_pgrp(current), SIGTTOU, 1);
  376. set_thread_flag(TIF_SIGPENDING);
  377. ret = -ERESTARTSYS;
  378. out:
  379. return ret;
  380. out_unlock:
  381. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  382. return ret;
  383. }
  384. EXPORT_SYMBOL(tty_check_change);
  385. static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
  386. size_t count, loff_t *ppos)
  387. {
  388. return 0;
  389. }
  390. static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
  391. size_t count, loff_t *ppos)
  392. {
  393. return -EIO;
  394. }
  395. /* No kernel lock held - none needed ;) */
  396. static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
  397. {
  398. return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
  399. }
  400. static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
  401. unsigned long arg)
  402. {
  403. return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
  404. }
  405. static long hung_up_tty_compat_ioctl(struct file *file,
  406. unsigned int cmd, unsigned long arg)
  407. {
  408. return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
  409. }
  410. static const struct file_operations tty_fops = {
  411. .llseek = no_llseek,
  412. .read = tty_read,
  413. .write = tty_write,
  414. .poll = tty_poll,
  415. .unlocked_ioctl = tty_ioctl,
  416. .compat_ioctl = tty_compat_ioctl,
  417. .open = tty_open,
  418. .release = tty_release,
  419. .fasync = tty_fasync,
  420. };
  421. static const struct file_operations console_fops = {
  422. .llseek = no_llseek,
  423. .read = tty_read,
  424. .write = redirected_tty_write,
  425. .poll = tty_poll,
  426. .unlocked_ioctl = tty_ioctl,
  427. .compat_ioctl = tty_compat_ioctl,
  428. .open = tty_open,
  429. .release = tty_release,
  430. .fasync = tty_fasync,
  431. };
  432. static const struct file_operations hung_up_tty_fops = {
  433. .llseek = no_llseek,
  434. .read = hung_up_tty_read,
  435. .write = hung_up_tty_write,
  436. .poll = hung_up_tty_poll,
  437. .unlocked_ioctl = hung_up_tty_ioctl,
  438. .compat_ioctl = hung_up_tty_compat_ioctl,
  439. .release = tty_release,
  440. };
  441. static DEFINE_SPINLOCK(redirect_lock);
  442. static struct file *redirect;
  443. /**
  444. * tty_wakeup - request more data
  445. * @tty: terminal
  446. *
  447. * Internal and external helper for wakeups of tty. This function
  448. * informs the line discipline if present that the driver is ready
  449. * to receive more output data.
  450. */
  451. void tty_wakeup(struct tty_struct *tty)
  452. {
  453. struct tty_ldisc *ld;
  454. if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
  455. ld = tty_ldisc_ref(tty);
  456. if (ld) {
  457. if (ld->ops->write_wakeup)
  458. ld->ops->write_wakeup(tty);
  459. tty_ldisc_deref(ld);
  460. }
  461. }
  462. wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
  463. }
  464. EXPORT_SYMBOL_GPL(tty_wakeup);
  465. /**
  466. * __tty_hangup - actual handler for hangup events
  467. * @work: tty device
  468. *
  469. * This can be called by the "eventd" kernel thread. That is process
  470. * synchronous but doesn't hold any locks, so we need to make sure we
  471. * have the appropriate locks for what we're doing.
  472. *
  473. * The hangup event clears any pending redirections onto the hung up
  474. * device. It ensures future writes will error and it does the needed
  475. * line discipline hangup and signal delivery. The tty object itself
  476. * remains intact.
  477. *
  478. * Locking:
  479. * BTM
  480. * redirect lock for undoing redirection
  481. * file list lock for manipulating list of ttys
  482. * tty_ldisc_lock from called functions
  483. * termios_mutex resetting termios data
  484. * tasklist_lock to walk task list for hangup event
  485. * ->siglock to protect ->signal/->sighand
  486. */
  487. void __tty_hangup(struct tty_struct *tty)
  488. {
  489. struct file *cons_filp = NULL;
  490. struct file *filp, *f = NULL;
  491. struct task_struct *p;
  492. struct tty_file_private *priv;
  493. int closecount = 0, n;
  494. unsigned long flags;
  495. int refs = 0;
  496. if (!tty)
  497. return;
  498. spin_lock(&redirect_lock);
  499. if (redirect && file_tty(redirect) == tty) {
  500. f = redirect;
  501. redirect = NULL;
  502. }
  503. spin_unlock(&redirect_lock);
  504. tty_lock();
  505. /* some functions below drop BTM, so we need this bit */
  506. set_bit(TTY_HUPPING, &tty->flags);
  507. /* inuse_filps is protected by the single tty lock,
  508. this really needs to change if we want to flush the
  509. workqueue with the lock held */
  510. check_tty_count(tty, "tty_hangup");
  511. spin_lock(&tty_files_lock);
  512. /* This breaks for file handles being sent over AF_UNIX sockets ? */
  513. list_for_each_entry(priv, &tty->tty_files, list) {
  514. filp = priv->file;
  515. if (filp->f_op->write == redirected_tty_write)
  516. cons_filp = filp;
  517. if (filp->f_op->write != tty_write)
  518. continue;
  519. closecount++;
  520. __tty_fasync(-1, filp, 0); /* can't block */
  521. filp->f_op = &hung_up_tty_fops;
  522. }
  523. spin_unlock(&tty_files_lock);
  524. /*
  525. * it drops BTM and thus races with reopen
  526. * we protect the race by TTY_HUPPING
  527. */
  528. tty_ldisc_hangup(tty);
  529. read_lock(&tasklist_lock);
  530. if (tty->session) {
  531. do_each_pid_task(tty->session, PIDTYPE_SID, p) {
  532. spin_lock_irq(&p->sighand->siglock);
  533. if (p->signal->tty == tty) {
  534. p->signal->tty = NULL;
  535. /* We defer the dereferences outside fo
  536. the tasklist lock */
  537. refs++;
  538. }
  539. if (!p->signal->leader) {
  540. spin_unlock_irq(&p->sighand->siglock);
  541. continue;
  542. }
  543. __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
  544. __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
  545. put_pid(p->signal->tty_old_pgrp); /* A noop */
  546. spin_lock_irqsave(&tty->ctrl_lock, flags);
  547. if (tty->pgrp)
  548. p->signal->tty_old_pgrp = get_pid(tty->pgrp);
  549. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  550. spin_unlock_irq(&p->sighand->siglock);
  551. } while_each_pid_task(tty->session, PIDTYPE_SID, p);
  552. }
  553. read_unlock(&tasklist_lock);
  554. spin_lock_irqsave(&tty->ctrl_lock, flags);
  555. clear_bit(TTY_THROTTLED, &tty->flags);
  556. clear_bit(TTY_PUSH, &tty->flags);
  557. clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
  558. put_pid(tty->session);
  559. put_pid(tty->pgrp);
  560. tty->session = NULL;
  561. tty->pgrp = NULL;
  562. tty->ctrl_status = 0;
  563. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  564. /* Account for the p->signal references we killed */
  565. while (refs--)
  566. tty_kref_put(tty);
  567. /*
  568. * If one of the devices matches a console pointer, we
  569. * cannot just call hangup() because that will cause
  570. * tty->count and state->count to go out of sync.
  571. * So we just call close() the right number of times.
  572. */
  573. if (cons_filp) {
  574. if (tty->ops->close)
  575. for (n = 0; n < closecount; n++)
  576. tty->ops->close(tty, cons_filp);
  577. } else if (tty->ops->hangup)
  578. (tty->ops->hangup)(tty);
  579. /*
  580. * We don't want to have driver/ldisc interactions beyond
  581. * the ones we did here. The driver layer expects no
  582. * calls after ->hangup() from the ldisc side. However we
  583. * can't yet guarantee all that.
  584. */
  585. set_bit(TTY_HUPPED, &tty->flags);
  586. clear_bit(TTY_HUPPING, &tty->flags);
  587. tty_ldisc_enable(tty);
  588. tty_unlock();
  589. if (f)
  590. fput(f);
  591. }
  592. static void do_tty_hangup(struct work_struct *work)
  593. {
  594. struct tty_struct *tty =
  595. container_of(work, struct tty_struct, hangup_work);
  596. __tty_hangup(tty);
  597. }
  598. /**
  599. * tty_hangup - trigger a hangup event
  600. * @tty: tty to hangup
  601. *
  602. * A carrier loss (virtual or otherwise) has occurred on this like
  603. * schedule a hangup sequence to run after this event.
  604. */
  605. void tty_hangup(struct tty_struct *tty)
  606. {
  607. #ifdef TTY_DEBUG_HANGUP
  608. char buf[64];
  609. printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
  610. #endif
  611. schedule_work(&tty->hangup_work);
  612. }
  613. EXPORT_SYMBOL(tty_hangup);
  614. /**
  615. * tty_vhangup - process vhangup
  616. * @tty: tty to hangup
  617. *
  618. * The user has asked via system call for the terminal to be hung up.
  619. * We do this synchronously so that when the syscall returns the process
  620. * is complete. That guarantee is necessary for security reasons.
  621. */
  622. void tty_vhangup(struct tty_struct *tty)
  623. {
  624. #ifdef TTY_DEBUG_HANGUP
  625. char buf[64];
  626. printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
  627. #endif
  628. __tty_hangup(tty);
  629. }
  630. EXPORT_SYMBOL(tty_vhangup);
  631. /**
  632. * tty_vhangup_self - process vhangup for own ctty
  633. *
  634. * Perform a vhangup on the current controlling tty
  635. */
  636. void tty_vhangup_self(void)
  637. {
  638. struct tty_struct *tty;
  639. tty = get_current_tty();
  640. if (tty) {
  641. tty_vhangup(tty);
  642. tty_kref_put(tty);
  643. }
  644. }
  645. /**
  646. * tty_hung_up_p - was tty hung up
  647. * @filp: file pointer of tty
  648. *
  649. * Return true if the tty has been subject to a vhangup or a carrier
  650. * loss
  651. */
  652. int tty_hung_up_p(struct file *filp)
  653. {
  654. return (filp->f_op == &hung_up_tty_fops);
  655. }
  656. EXPORT_SYMBOL(tty_hung_up_p);
  657. static void session_clear_tty(struct pid *session)
  658. {
  659. struct task_struct *p;
  660. do_each_pid_task(session, PIDTYPE_SID, p) {
  661. proc_clear_tty(p);
  662. } while_each_pid_task(session, PIDTYPE_SID, p);
  663. }
  664. /**
  665. * disassociate_ctty - disconnect controlling tty
  666. * @on_exit: true if exiting so need to "hang up" the session
  667. *
  668. * This function is typically called only by the session leader, when
  669. * it wants to disassociate itself from its controlling tty.
  670. *
  671. * It performs the following functions:
  672. * (1) Sends a SIGHUP and SIGCONT to the foreground process group
  673. * (2) Clears the tty from being controlling the session
  674. * (3) Clears the controlling tty for all processes in the
  675. * session group.
  676. *
  677. * The argument on_exit is set to 1 if called when a process is
  678. * exiting; it is 0 if called by the ioctl TIOCNOTTY.
  679. *
  680. * Locking:
  681. * BTM is taken for hysterical raisins, and held when
  682. * called from no_tty().
  683. * tty_mutex is taken to protect tty
  684. * ->siglock is taken to protect ->signal/->sighand
  685. * tasklist_lock is taken to walk process list for sessions
  686. * ->siglock is taken to protect ->signal/->sighand
  687. */
  688. void disassociate_ctty(int on_exit)
  689. {
  690. struct tty_struct *tty;
  691. struct pid *tty_pgrp = NULL;
  692. if (!current->signal->leader)
  693. return;
  694. tty = get_current_tty();
  695. if (tty) {
  696. tty_pgrp = get_pid(tty->pgrp);
  697. if (on_exit) {
  698. if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
  699. tty_vhangup(tty);
  700. }
  701. tty_kref_put(tty);
  702. } else if (on_exit) {
  703. struct pid *old_pgrp;
  704. spin_lock_irq(&current->sighand->siglock);
  705. old_pgrp = current->signal->tty_old_pgrp;
  706. current->signal->tty_old_pgrp = NULL;
  707. spin_unlock_irq(&current->sighand->siglock);
  708. if (old_pgrp) {
  709. kill_pgrp(old_pgrp, SIGHUP, on_exit);
  710. kill_pgrp(old_pgrp, SIGCONT, on_exit);
  711. put_pid(old_pgrp);
  712. }
  713. return;
  714. }
  715. if (tty_pgrp) {
  716. kill_pgrp(tty_pgrp, SIGHUP, on_exit);
  717. if (!on_exit)
  718. kill_pgrp(tty_pgrp, SIGCONT, on_exit);
  719. put_pid(tty_pgrp);
  720. }
  721. spin_lock_irq(&current->sighand->siglock);
  722. put_pid(current->signal->tty_old_pgrp);
  723. current->signal->tty_old_pgrp = NULL;
  724. spin_unlock_irq(&current->sighand->siglock);
  725. tty = get_current_tty();
  726. if (tty) {
  727. unsigned long flags;
  728. spin_lock_irqsave(&tty->ctrl_lock, flags);
  729. put_pid(tty->session);
  730. put_pid(tty->pgrp);
  731. tty->session = NULL;
  732. tty->pgrp = NULL;
  733. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  734. tty_kref_put(tty);
  735. } else {
  736. #ifdef TTY_DEBUG_HANGUP
  737. printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
  738. " = NULL", tty);
  739. #endif
  740. }
  741. /* Now clear signal->tty under the lock */
  742. read_lock(&tasklist_lock);
  743. session_clear_tty(task_session(current));
  744. read_unlock(&tasklist_lock);
  745. }
  746. /**
  747. *
  748. * no_tty - Ensure the current process does not have a controlling tty
  749. */
  750. void no_tty(void)
  751. {
  752. struct task_struct *tsk = current;
  753. tty_lock();
  754. disassociate_ctty(0);
  755. tty_unlock();
  756. proc_clear_tty(tsk);
  757. }
  758. /**
  759. * stop_tty - propagate flow control
  760. * @tty: tty to stop
  761. *
  762. * Perform flow control to the driver. For PTY/TTY pairs we
  763. * must also propagate the TIOCKPKT status. May be called
  764. * on an already stopped device and will not re-call the driver
  765. * method.
  766. *
  767. * This functionality is used by both the line disciplines for
  768. * halting incoming flow and by the driver. It may therefore be
  769. * called from any context, may be under the tty atomic_write_lock
  770. * but not always.
  771. *
  772. * Locking:
  773. * Uses the tty control lock internally
  774. */
  775. void stop_tty(struct tty_struct *tty)
  776. {
  777. unsigned long flags;
  778. spin_lock_irqsave(&tty->ctrl_lock, flags);
  779. if (tty->stopped) {
  780. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  781. return;
  782. }
  783. tty->stopped = 1;
  784. if (tty->link && tty->link->packet) {
  785. tty->ctrl_status &= ~TIOCPKT_START;
  786. tty->ctrl_status |= TIOCPKT_STOP;
  787. wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
  788. }
  789. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  790. if (tty->ops->stop)
  791. (tty->ops->stop)(tty);
  792. }
  793. EXPORT_SYMBOL(stop_tty);
  794. /**
  795. * start_tty - propagate flow control
  796. * @tty: tty to start
  797. *
  798. * Start a tty that has been stopped if at all possible. Perform
  799. * any necessary wakeups and propagate the TIOCPKT status. If this
  800. * is the tty was previous stopped and is being started then the
  801. * driver start method is invoked and the line discipline woken.
  802. *
  803. * Locking:
  804. * ctrl_lock
  805. */
  806. void start_tty(struct tty_struct *tty)
  807. {
  808. unsigned long flags;
  809. spin_lock_irqsave(&tty->ctrl_lock, flags);
  810. if (!tty->stopped || tty->flow_stopped) {
  811. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  812. return;
  813. }
  814. tty->stopped = 0;
  815. if (tty->link && tty->link->packet) {
  816. tty->ctrl_status &= ~TIOCPKT_STOP;
  817. tty->ctrl_status |= TIOCPKT_START;
  818. wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
  819. }
  820. spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  821. if (tty->ops->start)
  822. (tty->ops->start)(tty);
  823. /* If we have a running line discipline it may need kicking */
  824. tty_wakeup(tty);
  825. }
  826. EXPORT_SYMBOL(start_tty);
  827. /**
  828. * tty_read - read method for tty device files
  829. * @file: pointer to tty file
  830. * @buf: user buffer
  831. * @count: size of user buffer
  832. * @ppos: unused
  833. *
  834. * Perform the read system call function on this terminal device. Checks
  835. * for hung up devices before calling the line discipline method.
  836. *
  837. * Locking:
  838. * Locks the line discipline internally while needed. Multiple
  839. * read calls may be outstanding in parallel.
  840. */
  841. static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
  842. loff_t *ppos)
  843. {
  844. int i;
  845. struct inode *inode = file->f_path.dentry->d_inode;
  846. struct tty_struct *tty = file_tty(file);
  847. struct tty_ldisc *ld;
  848. if (tty_paranoia_check(tty, inode, "tty_read"))
  849. return -EIO;
  850. if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
  851. return -EIO;
  852. /* We want to wait for the line discipline to sort out in this
  853. situation */
  854. ld = tty_ldisc_ref_wait(tty);
  855. if (ld->ops->read)
  856. i = (ld->ops->read)(tty, file, buf, count);
  857. else
  858. i = -EIO;
  859. tty_ldisc_deref(ld);
  860. if (i > 0)
  861. inode->i_atime = current_fs_time(inode->i_sb);
  862. return i;
  863. }
  864. void tty_write_unlock(struct tty_struct *tty)
  865. __releases(&tty->atomic_write_lock)
  866. {
  867. mutex_unlock(&tty->atomic_write_lock);
  868. wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
  869. }
  870. int tty_write_lock(struct tty_struct *tty, int ndelay)
  871. __acquires(&tty->atomic_write_lock)
  872. {
  873. if (!mutex_trylock(&tty->atomic_write_lock)) {
  874. if (ndelay)
  875. return -EAGAIN;
  876. if (mutex_lock_interruptible(&tty->atomic_write_lock))
  877. return -ERESTARTSYS;
  878. }
  879. return 0;
  880. }
  881. /*
  882. * Split writes up in sane blocksizes to avoid
  883. * denial-of-service type attacks
  884. */
  885. static inline ssize_t do_tty_write(
  886. ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
  887. struct tty_struct *tty,
  888. struct file *file,
  889. const char __user *buf,
  890. size_t count)
  891. {
  892. ssize_t ret, written = 0;
  893. unsigned int chunk;
  894. ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
  895. if (ret < 0)
  896. return ret;
  897. /*
  898. * We chunk up writes into a temporary buffer. This
  899. * simplifies low-level drivers immensely, since they
  900. * don't have locking issues and user mode accesses.
  901. *
  902. * But if TTY_NO_WRITE_SPLIT is set, we should use a
  903. * big chunk-size..
  904. *
  905. * The default chunk-size is 2kB, because the NTTY
  906. * layer has problems with bigger chunks. It will
  907. * claim to be able to handle more characters than
  908. * it actually does.
  909. *
  910. * FIXME: This can probably go away now except that 64K chunks
  911. * are too likely to fail unless switched to vmalloc...
  912. */
  913. chunk = 2048;
  914. if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
  915. chunk = 65536;
  916. if (count < chunk)
  917. chunk = count;
  918. /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
  919. if (tty->write_cnt < chunk) {
  920. unsigned char *buf_chunk;
  921. if (chunk < 1024)
  922. chunk = 1024;
  923. buf_chunk = kmalloc(chunk, GFP_KERNEL);
  924. if (!buf_chunk) {
  925. ret = -ENOMEM;
  926. goto out;
  927. }
  928. kfree(tty->write_buf);
  929. tty->write_cnt = chunk;
  930. tty->write_buf = buf_chunk;
  931. }
  932. /* Do the write .. */
  933. for (;;) {
  934. size_t size = count;
  935. if (size > chunk)
  936. size = chunk;
  937. ret = -EFAULT;
  938. if (copy_from_user(tty->write_buf, buf, size))
  939. break;
  940. ret = write(tty, file, tty->write_buf, size);
  941. if (ret <= 0)
  942. break;
  943. written += ret;
  944. buf += ret;
  945. count -= ret;
  946. if (!count)
  947. break;
  948. ret = -ERESTARTSYS;
  949. if (signal_pending(current))
  950. break;
  951. cond_resched();
  952. }
  953. if (written) {
  954. struct inode *inode = file->f_path.dentry->d_inode;
  955. inode->i_mtime = current_fs_time(inode->i_sb);
  956. ret = written;
  957. }
  958. out:
  959. tty_write_unlock(tty);
  960. return ret;
  961. }
  962. /**
  963. * tty_write_message - write a message to a certain tty, not just the console.
  964. * @tty: the destination tty_struct
  965. * @msg: the message to write
  966. *
  967. * This is used for messages that need to be redirected to a specific tty.
  968. * We don't put it into the syslog queue right now maybe in the future if
  969. * really needed.
  970. *
  971. * We must still hold the BTM and test the CLOSING flag for the moment.
  972. */
  973. void tty_write_message(struct tty_struct *tty, char *msg)
  974. {
  975. if (tty) {
  976. mutex_lock(&tty->atomic_write_lock);
  977. tty_lock();
  978. if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
  979. tty_unlock();
  980. tty->ops->write(tty, msg, strlen(msg));
  981. } else
  982. tty_unlock();
  983. tty_write_unlock(tty);
  984. }
  985. return;
  986. }
  987. /**
  988. * tty_write - write method for tty device file
  989. * @file: tty file pointer
  990. * @buf: user data to write
  991. * @count: bytes to write
  992. * @ppos: unused
  993. *
  994. * Write data to a tty device via the line discipline.
  995. *
  996. * Locking:
  997. * Locks the line discipline as required
  998. * Writes to the tty driver are serialized by the atomic_write_lock
  999. * and are then processed in chunks to the device. The line discipline
  1000. * write method will not be invoked in parallel for each device.
  1001. */
  1002. static ssize_t tty_write(struct file *file, const char __user *buf,
  1003. size_t count, loff_t *ppos)
  1004. {
  1005. struct inode *inode = file->f_path.dentry->d_inode;
  1006. struct tty_struct *tty = file_tty(file);
  1007. struct tty_ldisc *ld;
  1008. ssize_t ret;
  1009. if (tty_paranoia_check(tty, inode, "tty_write"))
  1010. return -EIO;
  1011. if (!tty || !tty->ops->write ||
  1012. (test_bit(TTY_IO_ERROR, &tty->flags)))
  1013. return -EIO;
  1014. /* Short term debug to catch buggy drivers */
  1015. if (tty->ops->write_room == NULL)
  1016. printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
  1017. tty->driver->name);
  1018. ld = tty_ldisc_ref_wait(tty);
  1019. if (!ld->ops->write)
  1020. ret = -EIO;
  1021. else
  1022. ret = do_tty_write(ld->ops->write, tty, file, buf, count);
  1023. tty_ldisc_deref(ld);
  1024. return ret;
  1025. }
  1026. ssize_t redirected_tty_write(struct file *file, const char __user *buf,
  1027. size_t count, loff_t *ppos)
  1028. {
  1029. struct file *p = NULL;
  1030. spin_lock(&redirect_lock);
  1031. if (redirect) {
  1032. get_file(redirect);
  1033. p = redirect;
  1034. }
  1035. spin_unlock(&redirect_lock);
  1036. if (p) {
  1037. ssize_t res;
  1038. res = vfs_write(p, buf, count, &p->f_pos);
  1039. fput(p);
  1040. return res;
  1041. }
  1042. return tty_write(file, buf, count, ppos);
  1043. }
  1044. static char ptychar[] = "pqrstuvwxyzabcde";
  1045. /**
  1046. * pty_line_name - generate name for a pty
  1047. * @driver: the tty driver in use
  1048. * @index: the minor number
  1049. * @p: output buffer of at least 6 bytes
  1050. *
  1051. * Generate a name from a driver reference and write it to the output
  1052. * buffer.
  1053. *
  1054. * Locking: None
  1055. */
  1056. static void pty_line_name(struct tty_driver *driver, int index, char *p)
  1057. {
  1058. int i = index + driver->name_base;
  1059. /* ->name is initialized to "ttyp", but "tty" is expected */
  1060. sprintf(p, "%s%c%x",
  1061. driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
  1062. ptychar[i >> 4 & 0xf], i & 0xf);
  1063. }
  1064. /**
  1065. * tty_line_name - generate name for a tty
  1066. * @driver: the tty driver in use
  1067. * @index: the minor number
  1068. * @p: output buffer of at least 7 bytes
  1069. *
  1070. * Generate a name from a driver reference and write it to the output
  1071. * buffer.
  1072. *
  1073. * Locking: None
  1074. */
  1075. static void tty_line_name(struct tty_driver *driver, int index, char *p)
  1076. {
  1077. sprintf(p, "%s%d", driver->name, index + driver->name_base);
  1078. }
  1079. /**
  1080. * tty_driver_lookup_tty() - find an existing tty, if any
  1081. * @driver: the driver for the tty
  1082. * @idx: the minor number
  1083. *
  1084. * Return the tty, if found or ERR_PTR() otherwise.
  1085. *
  1086. * Locking: tty_mutex must be held. If tty is found, the mutex must
  1087. * be held until the 'fast-open' is also done. Will change once we
  1088. * have refcounting in the driver and per driver locking
  1089. */
  1090. static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
  1091. struct inode *inode, int idx)
  1092. {
  1093. struct tty_struct *tty;
  1094. if (driver->ops->lookup)
  1095. return driver->ops->lookup(driver, inode, idx);
  1096. tty = driver->ttys[idx];
  1097. return tty;
  1098. }
  1099. /**
  1100. * tty_init_termios - helper for termios setup
  1101. * @tty: the tty to set up
  1102. *
  1103. * Initialise the termios structures for this tty. Thus runs under
  1104. * the tty_mutex currently so we can be relaxed about ordering.
  1105. */
  1106. int tty_init_termios(struct tty_struct *tty)
  1107. {
  1108. struct ktermios *tp;
  1109. int idx = tty->index;
  1110. tp = tty->driver->termios[idx];
  1111. if (tp == NULL) {
  1112. tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL);
  1113. if (tp == NULL)
  1114. return -ENOMEM;
  1115. memcpy(tp, &tty->driver->init_termios,
  1116. sizeof(struct ktermios));
  1117. tty->driver->termios[idx] = tp;
  1118. }
  1119. tty->termios = tp;
  1120. tty->termios_locked = tp + 1;
  1121. /* Compatibility until drivers always set this */
  1122. tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
  1123. tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
  1124. return 0;
  1125. }
  1126. EXPORT_SYMBOL_GPL(tty_init_termios);
  1127. /**
  1128. * tty_driver_install_tty() - install a tty entry in the driver
  1129. * @driver: the driver for the tty
  1130. * @tty: the tty
  1131. *
  1132. * Install a tty object into the driver tables. The tty->index field
  1133. * will be set by the time this is called. This method is responsible
  1134. * for ensuring any need additional structures are allocated and
  1135. * configured.
  1136. *
  1137. * Locking: tty_mutex for now
  1138. */
  1139. static int tty_driver_install_tty(struct tty_driver *driver,
  1140. struct tty_struct *tty)
  1141. {
  1142. int idx = tty->index;
  1143. int ret;
  1144. if (driver->ops->install) {
  1145. ret = driver->ops->install(driver, tty);
  1146. return ret;
  1147. }
  1148. if (tty_init_termios(tty) == 0) {
  1149. tty_driver_kref_get(driver);
  1150. tty->count++;
  1151. driver->ttys[idx] = tty;
  1152. return 0;
  1153. }
  1154. return -ENOMEM;
  1155. }
  1156. /**
  1157. * tty_driver_remove_tty() - remove a tty from the driver tables
  1158. * @driver: the driver for the tty
  1159. * @idx: the minor number
  1160. *
  1161. * Remvoe a tty object from the driver tables. The tty->index field
  1162. * will be set by the time this is called.
  1163. *
  1164. * Locking: tty_mutex for now
  1165. */
  1166. void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
  1167. {
  1168. if (driver->ops->remove)
  1169. driver->ops->remove(driver, tty);
  1170. else
  1171. driver->ttys[tty->index] = NULL;
  1172. }
  1173. /*
  1174. * tty_reopen() - fast re-open of an open tty
  1175. * @tty - the tty to open
  1176. *
  1177. * Return 0 on success, -errno on error.
  1178. *
  1179. * Locking: tty_mutex must be held from the time the tty was found
  1180. * till this open completes.
  1181. */
  1182. static int tty_reopen(struct tty_struct *tty)
  1183. {
  1184. struct tty_driver *driver = tty->driver;
  1185. if (test_bit(TTY_CLOSING, &tty->flags) ||
  1186. test_bit(TTY_HUPPING, &tty->flags) ||
  1187. test_bit(TTY_LDISC_CHANGING, &tty->flags))
  1188. return -EIO;
  1189. if (driver->type == TTY_DRIVER_TYPE_PTY &&
  1190. driver->subtype == PTY_TYPE_MASTER) {
  1191. /*
  1192. * special case for PTY masters: only one open permitted,
  1193. * and the slave side open count is incremented as well.
  1194. */
  1195. if (tty->count)
  1196. return -EIO;
  1197. tty->link->count++;
  1198. }
  1199. tty->count++;
  1200. tty->driver = driver; /* N.B. why do this every time?? */
  1201. mutex_lock(&tty->ldisc_mutex);
  1202. WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
  1203. mutex_unlock(&tty->ldisc_mutex);
  1204. return 0;
  1205. }
  1206. /**
  1207. * tty_init_dev - initialise a tty device
  1208. * @driver: tty driver we are opening a device on
  1209. * @idx: device index
  1210. * @ret_tty: returned tty structure
  1211. * @first_ok: ok to open a new device (used by ptmx)
  1212. *
  1213. * Prepare a tty device. This may not be a "new" clean device but
  1214. * could also be an active device. The pty drivers require special
  1215. * handling because of this.
  1216. *
  1217. * Locking:
  1218. * The function is called under the tty_mutex, which
  1219. * protects us from the tty struct or driver itself going away.
  1220. *
  1221. * On exit the tty device has the line discipline attached and
  1222. * a reference count of 1. If a pair was created for pty/tty use
  1223. * and the other was a pty master then it too has a reference count of 1.
  1224. *
  1225. * WSH 06/09/97: Rewritten to remove races and properly clean up after a
  1226. * failed open. The new code protects the open with a mutex, so it's
  1227. * really quite straightforward. The mutex locking can probably be
  1228. * relaxed for the (most common) case of reopening a tty.
  1229. */
  1230. struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx,
  1231. int first_ok)
  1232. {
  1233. struct tty_struct *tty;
  1234. int retval;
  1235. /* Check if pty master is being opened multiple times */
  1236. if (driver->subtype == PTY_TYPE_MASTER &&
  1237. (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) {
  1238. return ERR_PTR(-EIO);
  1239. }
  1240. /*
  1241. * First time open is complex, especially for PTY devices.
  1242. * This code guarantees that either everything succeeds and the
  1243. * TTY is ready for operation, or else the table slots are vacated
  1244. * and the allocated memory released. (Except that the termios
  1245. * and locked termios may be retained.)
  1246. */
  1247. if (!try_module_get(driver->owner))
  1248. return ERR_PTR(-ENODEV);
  1249. tty = alloc_tty_struct();
  1250. if (!tty) {
  1251. retval = -ENOMEM;
  1252. goto err_module_put;
  1253. }
  1254. initialize_tty_struct(tty, driver, idx);
  1255. retval = tty_driver_install_tty(driver, tty);
  1256. if (retval < 0)
  1257. goto err_deinit_tty;
  1258. /*
  1259. * Structures all installed ... call the ldisc open routines.
  1260. * If we fail here just call release_tty to clean up. No need
  1261. * to decrement the use counts, as release_tty doesn't care.
  1262. */
  1263. retval = tty_ldisc_setup(tty, tty->link);
  1264. if (retval)
  1265. goto err_release_tty;
  1266. return tty;
  1267. err_deinit_tty:
  1268. deinitialize_tty_struct(tty);
  1269. free_tty_struct(tty);
  1270. err_module_put:
  1271. module_put(driver->owner);
  1272. return ERR_PTR(retval);
  1273. /* call the tty release_tty routine to clean out this slot */
  1274. err_release_tty:
  1275. if (printk_ratelimit())
  1276. printk(KERN_INFO "tty_init_dev: ldisc open failed, "
  1277. "clearing slot %d\n", idx);
  1278. release_tty(tty, idx);
  1279. return ERR_PTR(retval);
  1280. }
  1281. void tty_free_termios(struct tty_struct *tty)
  1282. {
  1283. struct ktermios *tp;
  1284. int idx = tty->index;
  1285. /* Kill this flag and push into drivers for locking etc */
  1286. if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) {
  1287. /* FIXME: Locking on ->termios array */
  1288. tp = tty->termios;
  1289. tty->driver->termios[idx] = NULL;
  1290. kfree(tp);
  1291. }
  1292. }
  1293. EXPORT_SYMBOL(tty_free_termios);
  1294. void tty_shutdown(struct tty_struct *tty)
  1295. {
  1296. tty_driver_remove_tty(tty->driver, tty);
  1297. tty_free_termios(tty);
  1298. }
  1299. EXPORT_SYMBOL(tty_shutdown);
  1300. /**
  1301. * release_one_tty - release tty structure memory
  1302. * @kref: kref of tty we are obliterating
  1303. *
  1304. * Releases memory associated with a tty structure, and clears out the
  1305. * driver table slots. This function is called when a device is no longer
  1306. * in use. It also gets called when setup of a device fails.
  1307. *
  1308. * Locking:
  1309. * tty_mutex - sometimes only
  1310. * takes the file list lock internally when working on the list
  1311. * of ttys that the driver keeps.
  1312. *
  1313. * This method gets called from a work queue so that the driver private
  1314. * cleanup ops can sleep (needed for USB at least)
  1315. */
  1316. static void release_one_tty(struct work_struct *work)
  1317. {
  1318. struct tty_struct *tty =
  1319. container_of(work, struct tty_struct, hangup_work);
  1320. struct tty_driver *driver = tty->driver;
  1321. if (tty->ops->cleanup)
  1322. tty->ops->cleanup(tty);
  1323. tty->magic = 0;
  1324. tty_driver_kref_put(driver);
  1325. module_put(driver->owner);
  1326. spin_lock(&tty_files_lock);
  1327. list_del_init(&tty->tty_files);
  1328. spin_unlock(&tty_files_lock);
  1329. put_pid(tty->pgrp);
  1330. put_pid(tty->session);
  1331. free_tty_struct(tty);
  1332. }
  1333. static void queue_release_one_tty(struct kref *kref)
  1334. {
  1335. struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
  1336. if (tty->ops->shutdown)
  1337. tty->ops->shutdown(tty);
  1338. else
  1339. tty_shutdown(tty);
  1340. /* The hangup queue is now free so we can reuse it rather than
  1341. waste a chunk of memory for each port */
  1342. INIT_WORK(&tty->hangup_work, release_one_tty);
  1343. schedule_work(&tty->hangup_work);
  1344. }
  1345. /**
  1346. * tty_kref_put - release a tty kref
  1347. * @tty: tty device
  1348. *
  1349. * Release a reference to a tty device and if need be let the kref
  1350. * layer destruct the object for us
  1351. */
  1352. void tty_kref_put(struct tty_struct *tty)
  1353. {
  1354. if (tty)
  1355. kref_put(&tty->kref, queue_release_one_tty);
  1356. }
  1357. EXPORT_SYMBOL(tty_kref_put);
  1358. /**
  1359. * release_tty - release tty structure memory
  1360. *
  1361. * Release both @tty and a possible linked partner (think pty pair),
  1362. * and decrement the refcount of the backing module.
  1363. *
  1364. * Locking:
  1365. * tty_mutex - sometimes only
  1366. * takes the file list lock internally when working on the list
  1367. * of ttys that the driver keeps.
  1368. * FIXME: should we require tty_mutex is held here ??
  1369. *
  1370. */
  1371. static void release_tty(struct tty_struct *tty, int idx)
  1372. {
  1373. /* This should always be true but check for the moment */
  1374. WARN_ON(tty->index != idx);
  1375. if (tty->link)
  1376. tty_kref_put(tty->link);
  1377. tty_kref_put(tty);
  1378. }
  1379. /**
  1380. * tty_release - vfs callback for close
  1381. * @inode: inode of tty
  1382. * @filp: file pointer for handle to tty
  1383. *
  1384. * Called the last time each file handle is closed that references
  1385. * this tty. There may however be several such references.
  1386. *
  1387. * Locking:
  1388. * Takes bkl. See tty_release_dev
  1389. *
  1390. * Even releasing the tty structures is a tricky business.. We have
  1391. * to be very careful that the structures are all released at the
  1392. * same time, as interrupts might otherwise get the wrong pointers.
  1393. *
  1394. * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
  1395. * lead to double frees or releasing memory still in use.
  1396. */
  1397. int tty_release(struct inode *inode, struct file *filp)
  1398. {
  1399. struct tty_struct *tty = file_tty(filp);
  1400. struct tty_struct *o_tty;
  1401. int pty_master, tty_closing, o_tty_closing, do_sleep;
  1402. int devpts;
  1403. int idx;
  1404. char buf[64];
  1405. if (tty_paranoia_check(tty, inode, "tty_release_dev"))
  1406. return 0;
  1407. tty_lock();
  1408. check_tty_count(tty, "tty_release_dev");
  1409. __tty_fasync(-1, filp, 0);
  1410. idx = tty->index;
  1411. pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
  1412. tty->driver->subtype == PTY_TYPE_MASTER);
  1413. devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
  1414. o_tty = tty->link;
  1415. #ifdef TTY_PARANOIA_CHECK
  1416. if (idx < 0 || idx >= tty->driver->num) {
  1417. printk(KERN_DEBUG "tty_release_dev: bad idx when trying to "
  1418. "free (%s)\n", tty->name);
  1419. tty_unlock();
  1420. return 0;
  1421. }
  1422. if (!devpts) {
  1423. if (tty != tty->driver->ttys[idx]) {
  1424. tty_unlock();
  1425. printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty "
  1426. "for (%s)\n", idx, tty->name);
  1427. return 0;
  1428. }
  1429. if (tty->termios != tty->driver->termios[idx]) {
  1430. tty_unlock();
  1431. printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios "
  1432. "for (%s)\n",
  1433. idx, tty->name);
  1434. return 0;
  1435. }
  1436. }
  1437. #endif
  1438. #ifdef TTY_DEBUG_HANGUP
  1439. printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...",
  1440. tty_name(tty, buf), tty->count);
  1441. #endif
  1442. #ifdef TTY_PARANOIA_CHECK
  1443. if (tty->driver->other &&
  1444. !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
  1445. if (o_tty != tty->driver->other->ttys[idx]) {
  1446. tty_unlock();
  1447. printk(KERN_DEBUG "tty_release_dev: other->table[%d] "
  1448. "not o_tty for (%s)\n",
  1449. idx, tty->name);
  1450. return 0 ;
  1451. }
  1452. if (o_tty->termios != tty->driver->other->termios[idx]) {
  1453. tty_unlock();
  1454. printk(KERN_DEBUG "tty_release_dev: other->termios[%d] "
  1455. "not o_termios for (%s)\n",
  1456. idx, tty->name);
  1457. return 0;
  1458. }
  1459. if (o_tty->link != tty) {
  1460. tty_unlock();
  1461. printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n");
  1462. return 0;
  1463. }
  1464. }
  1465. #endif
  1466. if (tty->ops->close)
  1467. tty->ops->close(tty, filp);
  1468. tty_unlock();
  1469. /*
  1470. * Sanity check: if tty->count is going to zero, there shouldn't be
  1471. * any waiters on tty->read_wait or tty->write_wait. We test the
  1472. * wait queues and kick everyone out _before_ actually starting to
  1473. * close. This ensures that we won't block while releasing the tty
  1474. * structure.
  1475. *
  1476. * The test for the o_tty closing is necessary, since the master and
  1477. * slave sides may close in any order. If the slave side closes out
  1478. * first, its count will be one, since the master side holds an open.
  1479. * Thus this test wouldn't be triggered at the time the slave closes,
  1480. * so we do it now.
  1481. *
  1482. * Note that it's possible for the tty to be opened again while we're
  1483. * flushing out waiters. By recalculating the closing flags before
  1484. * each iteration we avoid any problems.
  1485. */
  1486. while (1) {
  1487. /* Guard against races with tty->count changes elsewhere and
  1488. opens on /dev/tty */
  1489. mutex_lock(&tty_mutex);
  1490. tty_lock();
  1491. tty_closing = tty->count <= 1;
  1492. o_tty_closing = o_tty &&
  1493. (o_tty->count <= (pty_master ? 1 : 0));
  1494. do_sleep = 0;
  1495. if (tty_closing) {
  1496. if (waitqueue_active(&tty->read_wait)) {
  1497. wake_up_poll(&tty->read_wait, POLLIN);
  1498. do_sleep++;
  1499. }
  1500. if (waitqueue_active(&tty->write_wait)) {
  1501. wake_up_poll(&tty->write_wait, POLLOUT);
  1502. do_sleep++;
  1503. }
  1504. }
  1505. if (o_tty_closing) {
  1506. if (waitqueue_active(&o_tty->read_wait)) {
  1507. wake_up_poll(&o_tty->read_wait, POLLIN);
  1508. do_sleep++;
  1509. }
  1510. if (waitqueue_active(&o_tty->write_wait)) {
  1511. wake_up_poll(&o_tty->write_wait, POLLOUT);
  1512. do_sleep++;
  1513. }
  1514. }
  1515. if (!do_sleep)
  1516. break;
  1517. printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue "
  1518. "active!\n", tty_name(tty, buf));
  1519. tty_unlock();
  1520. mutex_unlock(&tty_mutex);
  1521. schedule();
  1522. }
  1523. /*
  1524. * The closing flags are now consistent with the open counts on
  1525. * both sides, and we've completed the last operation that could
  1526. * block, so it's safe to proceed with closing.
  1527. */
  1528. if (pty_master) {
  1529. if (--o_tty->count < 0) {
  1530. printk(KERN_WARNING "tty_release_dev: bad pty slave count "
  1531. "(%d) for %s\n",
  1532. o_tty->count, tty_name(o_tty, buf));
  1533. o_tty->count = 0;
  1534. }
  1535. }
  1536. if (--tty->count < 0) {
  1537. printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n",
  1538. tty->count, tty_name(tty, buf));
  1539. tty->count = 0;
  1540. }
  1541. /*
  1542. * We've decremented tty->count, so we need to remove this file
  1543. * descriptor off the tty->tty_files list; this serves two
  1544. * purposes:
  1545. * - check_tty_count sees the correct number of file descriptors
  1546. * associated with this tty.
  1547. * - do_tty_hangup no longer sees this file descriptor as
  1548. * something that needs to be handled for hangups.
  1549. */
  1550. tty_del_file(filp);
  1551. /*
  1552. * Perform some housekeeping before deciding whether to return.
  1553. *
  1554. * Set the TTY_CLOSING flag if this was the last open. In the
  1555. * case of a pty we may have to wait around for the other side
  1556. * to close, and TTY_CLOSING makes sure we can't be reopened.
  1557. */
  1558. if (tty_closing)
  1559. set_bit(TTY_CLOSING, &tty->flags);
  1560. if (o_tty_closing)
  1561. set_bit(TTY_CLOSING, &o_tty->flags);
  1562. /*
  1563. * If _either_ side is closing, make sure there aren't any
  1564. * processes that still think tty or o_tty is their controlling
  1565. * tty.
  1566. */
  1567. if (tty_closing || o_tty_closing) {
  1568. read_lock(&tasklist_lock);
  1569. session_clear_tty(tty->session);
  1570. if (o_tty)
  1571. session_clear_tty(o_tty->session);
  1572. read_unlock(&tasklist_lock);
  1573. }
  1574. mutex_unlock(&tty_mutex);
  1575. /* check whether both sides are closing ... */
  1576. if (!tty_closing || (o_tty && !o_tty_closing)) {
  1577. tty_unlock();
  1578. return 0;
  1579. }
  1580. #ifdef TTY_DEBUG_HANGUP
  1581. printk(KERN_DEBUG "freeing tty structure...");
  1582. #endif
  1583. /*
  1584. * Ask the line discipline code to release its structures
  1585. */
  1586. tty_ldisc_release(tty, o_tty);
  1587. /*
  1588. * The release_tty function takes care of the details of clearing
  1589. * the slots and preserving the termios structure.
  1590. */
  1591. release_tty(tty, idx);
  1592. /* Make this pty number available for reallocation */
  1593. if (devpts)
  1594. devpts_kill_index(inode, idx);
  1595. tty_unlock();
  1596. return 0;
  1597. }
  1598. /**
  1599. * tty_open - open a tty device
  1600. * @inode: inode of device file
  1601. * @filp: file pointer to tty
  1602. *
  1603. * tty_open and tty_release keep up the tty count that contains the
  1604. * number of opens done on a tty. We cannot use the inode-count, as
  1605. * different inodes might point to the same tty.
  1606. *
  1607. * Open-counting is needed for pty masters, as well as for keeping
  1608. * track of serial lines: DTR is dropped when the last close happens.
  1609. * (This is not done solely through tty->count, now. - Ted 1/27/92)
  1610. *
  1611. * The termios state of a pty is reset on first open so that
  1612. * settings don't persist across reuse.
  1613. *
  1614. * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work.
  1615. * tty->count should protect the rest.
  1616. * ->siglock protects ->signal/->sighand
  1617. */
  1618. static int tty_open(struct inode *inode, struct file *filp)
  1619. {
  1620. struct tty_struct *tty = NULL;
  1621. int noctty, retval;
  1622. struct tty_driver *driver;
  1623. int index;
  1624. dev_t device = inode->i_rdev;
  1625. unsigned saved_flags = filp->f_flags;
  1626. nonseekable_open(inode, filp);
  1627. retry_open:
  1628. retval = tty_alloc_file(filp);
  1629. if (retval)
  1630. return -ENOMEM;
  1631. noctty = filp->f_flags & O_NOCTTY;
  1632. index = -1;
  1633. retval = 0;
  1634. mutex_lock(&tty_mutex);
  1635. tty_lock();
  1636. if (device == MKDEV(TTYAUX_MAJOR, 0)) {
  1637. tty = get_current_tty();
  1638. if (!tty) {
  1639. tty_unlock();
  1640. mutex_unlock(&tty_mutex);
  1641. tty_free_file(filp);
  1642. return -ENXIO;
  1643. }
  1644. driver = tty_driver_kref_get(tty->driver);
  1645. index = tty->index;
  1646. filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
  1647. /* noctty = 1; */
  1648. /* FIXME: Should we take a driver reference ? */
  1649. tty_kref_put(tty);
  1650. goto got_driver;
  1651. }
  1652. #ifdef CONFIG_VT
  1653. if (device == MKDEV(TTY_MAJOR, 0)) {
  1654. extern struct tty_driver *console_driver;
  1655. driver = tty_driver_kref_get(console_driver);
  1656. index = fg_console;
  1657. noctty = 1;
  1658. goto got_driver;
  1659. }
  1660. #endif
  1661. if (device == MKDEV(TTYAUX_MAJOR, 1)) {
  1662. struct tty_driver *console_driver = console_device(&index);
  1663. if (console_driver) {
  1664. driver = tty_driver_kref_get(console_driver);
  1665. if (driver) {
  1666. /* Don't let /dev/console block */
  1667. filp->f_flags |= O_NONBLOCK;
  1668. noctty = 1;
  1669. goto got_driver;
  1670. }
  1671. }
  1672. tty_unlock();
  1673. mutex_unlock(&tty_mutex);
  1674. tty_free_file(filp);
  1675. return -ENODEV;
  1676. }
  1677. driver = get_tty_driver(device, &index);
  1678. if (!driver) {
  1679. tty_unlock();
  1680. mutex_unlock(&tty_mutex);
  1681. tty_free_file(filp);
  1682. return -ENODEV;
  1683. }
  1684. got_driver:
  1685. if (!tty) {
  1686. /* check whether we're reopening an existing tty */
  1687. tty = tty_driver_lookup_tty(driver, inode, index);
  1688. if (IS_ERR(tty)) {
  1689. tty_unlock();
  1690. mutex_unlock(&tty_mutex);
  1691. tty_driver_kref_put(driver);
  1692. tty_free_file(filp);
  1693. return PTR_ERR(tty);
  1694. }
  1695. }
  1696. if (tty) {
  1697. retval = tty_reopen(tty);
  1698. if (retval)
  1699. tty = ERR_PTR(retval);
  1700. } else
  1701. tty = tty_init_dev(driver, index, 0);
  1702. mutex_unlock(&tty_mutex);
  1703. tty_driver_kref_put(driver);
  1704. if (IS_ERR(tty)) {
  1705. tty_unlock();
  1706. tty_free_file(filp);
  1707. return PTR_ERR(tty);
  1708. }
  1709. tty_add_file(tty, filp);
  1710. check_tty_count(tty, "tty_open");
  1711. if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
  1712. tty->driver->subtype == PTY_TYPE_MASTER)
  1713. noctty = 1;
  1714. #ifdef TTY_DEBUG_HANG