search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hwmon: (adt7475) fan stall prevention
[linux/fpc-iii.git] / drivers / tty / tty_io.c
blob0c150b5a9dd68d7bba0e91a50c45ecd5df831cac
1 /*
2 * Copyright (C) 1991, 1992 Linus Torvalds
3 */
4
5 /*
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
8 *
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
10 *
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
16 *
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
20 * makes for cleaner and more compact code. -TYT, 9/17/92
21 *
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
25 *
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
28 * -- TYT, 1/31/92
29 *
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
33 *
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
36 *
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
39 *
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
42 *
43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
45 *
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
49 *
50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
51 * -- Bill Hawes <whawes@star.net>, June 97
52 *
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
55 *
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
58 *
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
61 *
62 * Move do_SAK() into process context. Less stack use in devfs functions.
63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
65 */
66
67 #include <linux/types.h>
68 #include <linux/major.h>
69 #include <linux/errno.h>
70 #include <linux/signal.h>
71 #include <linux/fcntl.h>
72 #include <linux/sched/signal.h>
73 #include <linux/sched/task.h>
74 #include <linux/interrupt.h>
75 #include <linux/tty.h>
76 #include <linux/tty_driver.h>
77 #include <linux/tty_flip.h>
78 #include <linux/devpts_fs.h>
79 #include <linux/file.h>
80 #include <linux/fdtable.h>
81 #include <linux/console.h>
82 #include <linux/timer.h>
83 #include <linux/ctype.h>
84 #include <linux/kd.h>
85 #include <linux/mm.h>
86 #include <linux/string.h>
87 #include <linux/slab.h>
88 #include <linux/poll.h>
89 #include <linux/proc_fs.h>
90 #include <linux/init.h>
91 #include <linux/module.h>
92 #include <linux/device.h>
93 #include <linux/wait.h>
94 #include <linux/bitops.h>
95 #include <linux/delay.h>
96 #include <linux/seq_file.h>
97 #include <linux/serial.h>
98 #include <linux/ratelimit.h>
99
100 #include <linux/uaccess.h>
101
102 #include <linux/kbd_kern.h>
103 #include <linux/vt_kern.h>
104 #include <linux/selection.h>
105
106 #include <linux/kmod.h>
107 #include <linux/nsproxy.h>
108
109 #undef TTY_DEBUG_HANGUP
110 #ifdef TTY_DEBUG_HANGUP
111 # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args)
112 #else
113 # define tty_debug_hangup(tty, f, args...) do { } while (0)
114 #endif
115
116 #define TTY_PARANOIA_CHECK 1
117 #define CHECK_TTY_COUNT 1
118
119 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
120 .c_iflag = ICRNL | IXON,
121 .c_oflag = OPOST | ONLCR,
122 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
123 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
124 ECHOCTL | ECHOKE | IEXTEN,
125 .c_cc = INIT_C_CC,
126 .c_ispeed = 38400,
127 .c_ospeed = 38400,
128 /* .c_line = N_TTY, */
129 };
130
131 EXPORT_SYMBOL(tty_std_termios);
132
133 /* This list gets poked at by procfs and various bits of boot up code. This
134 could do with some rationalisation such as pulling the tty proc function
135 into this file */
136
137 LIST_HEAD(tty_drivers); /* linked list of tty drivers */
138
139 /* Mutex to protect creating and releasing a tty */
140 DEFINE_MUTEX(tty_mutex);
141
142 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
143 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
144 ssize_t redirected_tty_write(struct file *, const char __user *,
145 size_t, loff_t *);
146 static unsigned int tty_poll(struct file *, poll_table *);
147 static int tty_open(struct inode *, struct file *);
148 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
149 #ifdef CONFIG_COMPAT
150 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
151 unsigned long arg);
152 #else
153 #define tty_compat_ioctl NULL
154 #endif
155 static int __tty_fasync(int fd, struct file *filp, int on);
156 static int tty_fasync(int fd, struct file *filp, int on);
157 static void release_tty(struct tty_struct *tty, int idx);
158
159 /**
160 * free_tty_struct - free a disused tty
161 * @tty: tty struct to free
162 *
163 * Free the write buffers, tty queue and tty memory itself.
164 *
165 * Locking: none. Must be called after tty is definitely unused
166 */
167
168 static void free_tty_struct(struct tty_struct *tty)
169 {
170 tty_ldisc_deinit(tty);
171 put_device(tty->dev);
172 kfree(tty->write_buf);
173 tty->magic = 0xDEADDEAD;
174 kfree(tty);
175 }
176
177 static inline struct tty_struct *file_tty(struct file *file)
178 {
179 return ((struct tty_file_private *)file->private_data)->tty;
180 }
181
182 int tty_alloc_file(struct file *file)
183 {
184 struct tty_file_private *priv;
185
186 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
187 if (!priv)
188 return -ENOMEM;
189
190 file->private_data = priv;
191
192 return 0;
193 }
194
195 /* Associate a new file with the tty structure */
196 void tty_add_file(struct tty_struct *tty, struct file *file)
197 {
198 struct tty_file_private *priv = file->private_data;
199
200 priv->tty = tty;
201 priv->file = file;
202
203 spin_lock(&tty->files_lock);
204 list_add(&priv->list, &tty->tty_files);
205 spin_unlock(&tty->files_lock);
206 }
207
208 /**
209 * tty_free_file - free file->private_data
210 *
211 * This shall be used only for fail path handling when tty_add_file was not
212 * called yet.
213 */
214 void tty_free_file(struct file *file)
215 {
216 struct tty_file_private *priv = file->private_data;
217
218 file->private_data = NULL;
219 kfree(priv);
220 }
221
222 /* Delete file from its tty */
223 static void tty_del_file(struct file *file)
224 {
225 struct tty_file_private *priv = file->private_data;
226 struct tty_struct *tty = priv->tty;
227
228 spin_lock(&tty->files_lock);
229 list_del(&priv->list);
230 spin_unlock(&tty->files_lock);
231 tty_free_file(file);
232 }
233
234 /**
235 * tty_name - return tty naming
236 * @tty: tty structure
237 *
238 * Convert a tty structure into a name. The name reflects the kernel
239 * naming policy and if udev is in use may not reflect user space
240 *
241 * Locking: none
242 */
243
244 const char *tty_name(const struct tty_struct *tty)
245 {
246 if (!tty) /* Hmm. NULL pointer. That's fun. */
247 return "NULL tty";
248 return tty->name;
249 }
250
251 EXPORT_SYMBOL(tty_name);
252
253 const char *tty_driver_name(const struct tty_struct *tty)
254 {
255 if (!tty || !tty->driver)
256 return "";
257 return tty->driver->name;
258 }
259
260 static int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
261 const char *routine)
262 {
263 #ifdef TTY_PARANOIA_CHECK
264 if (!tty) {
265 pr_warn("(%d:%d): %s: NULL tty\n",
266 imajor(inode), iminor(inode), routine);
267 return 1;
268 }
269 if (tty->magic != TTY_MAGIC) {
270 pr_warn("(%d:%d): %s: bad magic number\n",
271 imajor(inode), iminor(inode), routine);
272 return 1;
273 }
274 #endif
275 return 0;
276 }
277
278 /* Caller must hold tty_lock */
279 static int check_tty_count(struct tty_struct *tty, const char *routine)
280 {
281 #ifdef CHECK_TTY_COUNT
282 struct list_head *p;
283 int count = 0;
284
285 spin_lock(&tty->files_lock);
286 list_for_each(p, &tty->tty_files) {
287 count++;
288 }
289 spin_unlock(&tty->files_lock);
290 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
291 tty->driver->subtype == PTY_TYPE_SLAVE &&
292 tty->link && tty->link->count)
293 count++;
294 if (tty->count != count) {
295 tty_warn(tty, "%s: tty->count(%d) != #fd's(%d)\n",
296 routine, tty->count, count);
297 return count;
298 }
299 #endif
300 return 0;
301 }
302
303 /**
304 * get_tty_driver - find device of a tty
305 * @dev_t: device identifier
306 * @index: returns the index of the tty
307 *
308 * This routine returns a tty driver structure, given a device number
309 * and also passes back the index number.
310 *
311 * Locking: caller must hold tty_mutex
312 */
313
314 static struct tty_driver *get_tty_driver(dev_t device, int *index)
315 {
316 struct tty_driver *p;
317
318 list_for_each_entry(p, &tty_drivers, tty_drivers) {
319 dev_t base = MKDEV(p->major, p->minor_start);
320 if (device < base || device >= base + p->num)
321 continue;
322 *index = device - base;
323 return tty_driver_kref_get(p);
324 }
325 return NULL;
326 }
327
328 #ifdef CONFIG_CONSOLE_POLL
329
330 /**
331 * tty_find_polling_driver - find device of a polled tty
332 * @name: name string to match
333 * @line: pointer to resulting tty line nr
334 *
335 * This routine returns a tty driver structure, given a name
336 * and the condition that the tty driver is capable of polled
337 * operation.
338 */
339 struct tty_driver *tty_find_polling_driver(char *name, int *line)
340 {
341 struct tty_driver *p, *res = NULL;
342 int tty_line = 0;
343 int len;
344 char *str, *stp;
345
346 for (str = name; *str; str++)
347 if ((*str >= '0' && *str <= '9') || *str == ',')
348 break;
349 if (!*str)
350 return NULL;
351
352 len = str - name;
353 tty_line = simple_strtoul(str, &str, 10);
354
355 mutex_lock(&tty_mutex);
356 /* Search through the tty devices to look for a match */
357 list_for_each_entry(p, &tty_drivers, tty_drivers) {
358 if (strncmp(name, p->name, len) != 0)
359 continue;
360 stp = str;
361 if (*stp == ',')
362 stp++;
363 if (*stp == '\0')
364 stp = NULL;
365
366 if (tty_line >= 0 && tty_line < p->num && p->ops &&
367 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
368 res = tty_driver_kref_get(p);
369 *line = tty_line;
370 break;
371 }
372 }
373 mutex_unlock(&tty_mutex);
374
375 return res;
376 }
377 EXPORT_SYMBOL_GPL(tty_find_polling_driver);
378 #endif
379
380 static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
381 size_t count, loff_t *ppos)
382 {
383 return 0;
384 }
385
386 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
387 size_t count, loff_t *ppos)
388 {
389 return -EIO;
390 }
391
392 /* No kernel lock held - none needed ;) */
393 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
394 {
395 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
396 }
397
398 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
399 unsigned long arg)
400 {
401 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
402 }
403
404 static long hung_up_tty_compat_ioctl(struct file *file,
405 unsigned int cmd, unsigned long arg)
406 {
407 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
408 }
409
410 static int hung_up_tty_fasync(int fd, struct file *file, int on)
411 {
412 return -ENOTTY;
413 }
414
415 static const struct file_operations tty_fops = {
416 .llseek = no_llseek,
417 .read = tty_read,
418 .write = tty_write,
419 .poll = tty_poll,
420 .unlocked_ioctl = tty_ioctl,
421 .compat_ioctl = tty_compat_ioctl,
422 .open = tty_open,
423 .release = tty_release,
424 .fasync = tty_fasync,
425 };
426
427 static const struct file_operations console_fops = {
428 .llseek = no_llseek,
429 .read = tty_read,
430 .write = redirected_tty_write,
431 .poll = tty_poll,
432 .unlocked_ioctl = tty_ioctl,
433 .compat_ioctl = tty_compat_ioctl,
434 .open = tty_open,
435 .release = tty_release,
436 .fasync = tty_fasync,
437 };
438
439 static const struct file_operations hung_up_tty_fops = {
440 .llseek = no_llseek,
441 .read = hung_up_tty_read,
442 .write = hung_up_tty_write,
443 .poll = hung_up_tty_poll,
444 .unlocked_ioctl = hung_up_tty_ioctl,
445 .compat_ioctl = hung_up_tty_compat_ioctl,
446 .release = tty_release,
447 .fasync = hung_up_tty_fasync,
448 };
449
450 static DEFINE_SPINLOCK(redirect_lock);
451 static struct file *redirect;
452
453 /**
454 * tty_wakeup - request more data
455 * @tty: terminal
456 *
457 * Internal and external helper for wakeups of tty. This function
458 * informs the line discipline if present that the driver is ready
459 * to receive more output data.
460 */
461
462 void tty_wakeup(struct tty_struct *tty)
463 {
464 struct tty_ldisc *ld;
465
466 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
467 ld = tty_ldisc_ref(tty);
468 if (ld) {
469 if (ld->ops->write_wakeup)
470 ld->ops->write_wakeup(tty);
471 tty_ldisc_deref(ld);
472 }
473 }
474 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
475 }
476
477 EXPORT_SYMBOL_GPL(tty_wakeup);
478
479 /**
480 * __tty_hangup - actual handler for hangup events
481 * @work: tty device
482 *
483 * This can be called by a "kworker" kernel thread. That is process
484 * synchronous but doesn't hold any locks, so we need to make sure we
485 * have the appropriate locks for what we're doing.
486 *
487 * The hangup event clears any pending redirections onto the hung up
488 * device. It ensures future writes will error and it does the needed
489 * line discipline hangup and signal delivery. The tty object itself
490 * remains intact.
491 *
492 * Locking:
493 * BTM
494 * redirect lock for undoing redirection
495 * file list lock for manipulating list of ttys
496 * tty_ldiscs_lock from called functions
497 * termios_rwsem resetting termios data
498 * tasklist_lock to walk task list for hangup event
499 * ->siglock to protect ->signal/->sighand
500 */
501 static void __tty_hangup(struct tty_struct *tty, int exit_session)
502 {
503 struct file *cons_filp = NULL;
504 struct file *filp, *f = NULL;
505 struct tty_file_private *priv;
506 int closecount = 0, n;
507 int refs;
508
509 if (!tty)
510 return;
511
512
513 spin_lock(&redirect_lock);
514 if (redirect && file_tty(redirect) == tty) {
515 f = redirect;
516 redirect = NULL;
517 }
518 spin_unlock(&redirect_lock);
519
520 tty_lock(tty);
521
522 if (test_bit(TTY_HUPPED, &tty->flags)) {
523 tty_unlock(tty);
524 return;
525 }
526
527 /* inuse_filps is protected by the single tty lock,
528 this really needs to change if we want to flush the
529 workqueue with the lock held */
530 check_tty_count(tty, "tty_hangup");
531
532 spin_lock(&tty->files_lock);
533 /* This breaks for file handles being sent over AF_UNIX sockets ? */
534 list_for_each_entry(priv, &tty->tty_files, list) {
535 filp = priv->file;
536 if (filp->f_op->write == redirected_tty_write)
537 cons_filp = filp;
538 if (filp->f_op->write != tty_write)
539 continue;
540 closecount++;
541 __tty_fasync(-1, filp, 0); /* can't block */
542 filp->f_op = &hung_up_tty_fops;
543 }
544 spin_unlock(&tty->files_lock);
545
546 refs = tty_signal_session_leader(tty, exit_session);
547 /* Account for the p->signal references we killed */
548 while (refs--)
549 tty_kref_put(tty);
550
551 tty_ldisc_hangup(tty, cons_filp != NULL);
552
553 spin_lock_irq(&tty->ctrl_lock);
554 clear_bit(TTY_THROTTLED, &tty->flags);
555 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
556 put_pid(tty->session);
557 put_pid(tty->pgrp);
558 tty->session = NULL;
559 tty->pgrp = NULL;
560 tty->ctrl_status = 0;
561 spin_unlock_irq(&tty->ctrl_lock);
562
563 /*
564 * If one of the devices matches a console pointer, we
565 * cannot just call hangup() because that will cause
566 * tty->count and state->count to go out of sync.
567 * So we just call close() the right number of times.
568 */
569 if (cons_filp) {
570 if (tty->ops->close)
571 for (n = 0; n < closecount; n++)
572 tty->ops->close(tty, cons_filp);
573 } else if (tty->ops->hangup)
574 tty->ops->hangup(tty);
575 /*
576 * We don't want to have driver/ldisc interactions beyond the ones
577 * we did here. The driver layer expects no calls after ->hangup()
578 * from the ldisc side, which is now guaranteed.
579 */
580 set_bit(TTY_HUPPED, &tty->flags);
581 tty_unlock(tty);
582
583 if (f)
584 fput(f);
585 }
586
587 static void do_tty_hangup(struct work_struct *work)
588 {
589 struct tty_struct *tty =
590 container_of(work, struct tty_struct, hangup_work);
591
592 __tty_hangup(tty, 0);
593 }
594
595 /**
596 * tty_hangup - trigger a hangup event
597 * @tty: tty to hangup
598 *
599 * A carrier loss (virtual or otherwise) has occurred on this like
600 * schedule a hangup sequence to run after this event.
601 */
602
603 void tty_hangup(struct tty_struct *tty)
604 {
605 tty_debug_hangup(tty, "hangup\n");
606 schedule_work(&tty->hangup_work);
607 }
608
609 EXPORT_SYMBOL(tty_hangup);
610
611 /**
612 * tty_vhangup - process vhangup
613 * @tty: tty to hangup
614 *
615 * The user has asked via system call for the terminal to be hung up.
616 * We do this synchronously so that when the syscall returns the process
617 * is complete. That guarantee is necessary for security reasons.
618 */
619
620 void tty_vhangup(struct tty_struct *tty)
621 {
622 tty_debug_hangup(tty, "vhangup\n");
623 __tty_hangup(tty, 0);
624 }
625
626 EXPORT_SYMBOL(tty_vhangup);
627
628
629 /**
630 * tty_vhangup_self - process vhangup for own ctty
631 *
632 * Perform a vhangup on the current controlling tty
633 */
634
635 void tty_vhangup_self(void)
636 {
637 struct tty_struct *tty;
638
639 tty = get_current_tty();
640 if (tty) {
641 tty_vhangup(tty);
642 tty_kref_put(tty);
643 }
644 }
645
646 /**
647 * tty_vhangup_session - hangup session leader exit
648 * @tty: tty to hangup
649 *
650 * The session leader is exiting and hanging up its controlling terminal.
651 * Every process in the foreground process group is signalled SIGHUP.
652 *
653 * We do this synchronously so that when the syscall returns the process
654 * is complete. That guarantee is necessary for security reasons.
655 */
656
657 void tty_vhangup_session(struct tty_struct *tty)
658 {
659 tty_debug_hangup(tty, "session hangup\n");
660 __tty_hangup(tty, 1);
661 }
662
663 /**
664 * tty_hung_up_p - was tty hung up
665 * @filp: file pointer of tty
666 *
667 * Return true if the tty has been subject to a vhangup or a carrier
668 * loss
669 */
670
671 int tty_hung_up_p(struct file *filp)
672 {
673 return (filp && filp->f_op == &hung_up_tty_fops);
674 }
675
676 EXPORT_SYMBOL(tty_hung_up_p);
677
678 /**
679 * stop_tty - propagate flow control
680 * @tty: tty to stop
681 *
682 * Perform flow control to the driver. May be called
683 * on an already stopped device and will not re-call the driver
684 * method.
685 *
686 * This functionality is used by both the line disciplines for
687 * halting incoming flow and by the driver. It may therefore be
688 * called from any context, may be under the tty atomic_write_lock
689 * but not always.
690 *
691 * Locking:
692 * flow_lock
693 */
694
695 void __stop_tty(struct tty_struct *tty)
696 {
697 if (tty->stopped)
698 return;
699 tty->stopped = 1;
700 if (tty->ops->stop)
701 tty->ops->stop(tty);
702 }
703
704 void stop_tty(struct tty_struct *tty)
705 {
706 unsigned long flags;
707
708 spin_lock_irqsave(&tty->flow_lock, flags);
709 __stop_tty(tty);
710 spin_unlock_irqrestore(&tty->flow_lock, flags);
711 }
712 EXPORT_SYMBOL(stop_tty);
713
714 /**
715 * start_tty - propagate flow control
716 * @tty: tty to start
717 *
718 * Start a tty that has been stopped if at all possible. If this
719 * tty was previous stopped and is now being started, the driver
720 * start method is invoked and the line discipline woken.
721 *
722 * Locking:
723 * flow_lock
724 */
725
726 void __start_tty(struct tty_struct *tty)
727 {
728 if (!tty->stopped || tty->flow_stopped)
729 return;
730 tty->stopped = 0;
731 if (tty->ops->start)
732 tty->ops->start(tty);
733 tty_wakeup(tty);
734 }
735
736 void start_tty(struct tty_struct *tty)
737 {
738 unsigned long flags;
739
740 spin_lock_irqsave(&tty->flow_lock, flags);
741 __start_tty(tty);
742 spin_unlock_irqrestore(&tty->flow_lock, flags);
743 }
744 EXPORT_SYMBOL(start_tty);
745
746 static void tty_update_time(struct timespec *time)
747 {
748 unsigned long sec = get_seconds();
749
750 /*
751 * We only care if the two values differ in anything other than the
752 * lower three bits (i.e every 8 seconds). If so, then we can update
753 * the time of the tty device, otherwise it could be construded as a
754 * security leak to let userspace know the exact timing of the tty.
755 */
756 if ((sec ^ time->tv_sec) & ~7)
757 time->tv_sec = sec;
758 }
759
760 /**
761 * tty_read - read method for tty device files
762 * @file: pointer to tty file
763 * @buf: user buffer
764 * @count: size of user buffer
765 * @ppos: unused
766 *
767 * Perform the read system call function on this terminal device. Checks
768 * for hung up devices before calling the line discipline method.
769 *
770 * Locking:
771 * Locks the line discipline internally while needed. Multiple
772 * read calls may be outstanding in parallel.
773 */
774
775 static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
776 loff_t *ppos)
777 {
778 int i;
779 struct inode *inode = file_inode(file);
780 struct tty_struct *tty = file_tty(file);
781 struct tty_ldisc *ld;
782
783 if (tty_paranoia_check(tty, inode, "tty_read"))
784 return -EIO;
785 if (!tty || tty_io_error(tty))
786 return -EIO;
787
788 /* We want to wait for the line discipline to sort out in this
789 situation */
790 ld = tty_ldisc_ref_wait(tty);
791 if (!ld)
792 return hung_up_tty_read(file, buf, count, ppos);
793 if (ld->ops->read)
794 i = ld->ops->read(tty, file, buf, count);
795 else
796 i = -EIO;
797 tty_ldisc_deref(ld);
798
799 if (i > 0)
800 tty_update_time(&inode->i_atime);
801
802 return i;
803 }
804
805 static void tty_write_unlock(struct tty_struct *tty)
806 {
807 mutex_unlock(&tty->atomic_write_lock);
808 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
809 }
810
811 static int tty_write_lock(struct tty_struct *tty, int ndelay)
812 {
813 if (!mutex_trylock(&tty->atomic_write_lock)) {
814 if (ndelay)
815 return -EAGAIN;
816 if (mutex_lock_interruptible(&tty->atomic_write_lock))
817 return -ERESTARTSYS;
818 }
819 return 0;
820 }
821
822 /*
823 * Split writes up in sane blocksizes to avoid
824 * denial-of-service type attacks
825 */
826 static inline ssize_t do_tty_write(
827 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
828 struct tty_struct *tty,
829 struct file *file,
830 const char __user *buf,
831 size_t count)
832 {
833 ssize_t ret, written = 0;
834 unsigned int chunk;
835
836 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
837 if (ret < 0)
838 return ret;
839
840 /*
841 * We chunk up writes into a temporary buffer. This
842 * simplifies low-level drivers immensely, since they
843 * don't have locking issues and user mode accesses.
844 *
845 * But if TTY_NO_WRITE_SPLIT is set, we should use a
846 * big chunk-size..
847 *
848 * The default chunk-size is 2kB, because the NTTY
849 * layer has problems with bigger chunks. It will
850 * claim to be able to handle more characters than
851 * it actually does.
852 *
853 * FIXME: This can probably go away now except that 64K chunks
854 * are too likely to fail unless switched to vmalloc...
855 */
856 chunk = 2048;
857 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
858 chunk = 65536;
859 if (count < chunk)
860 chunk = count;
861
862 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
863 if (tty->write_cnt < chunk) {
864 unsigned char *buf_chunk;
865
866 if (chunk < 1024)
867 chunk = 1024;
868
869 buf_chunk = kmalloc(chunk, GFP_KERNEL);
870 if (!buf_chunk) {
871 ret = -ENOMEM;
872 goto out;
873 }
874 kfree(tty->write_buf);
875 tty->write_cnt = chunk;
876 tty->write_buf = buf_chunk;
877 }
878
879 /* Do the write .. */
880 for (;;) {
881 size_t size = count;
882 if (size > chunk)
883 size = chunk;
884 ret = -EFAULT;
885 if (copy_from_user(tty->write_buf, buf, size))
886 break;
887 ret = write(tty, file, tty->write_buf, size);
888 if (ret <= 0)
889 break;
890 written += ret;
891 buf += ret;
892 count -= ret;
893 if (!count)
894 break;
895 ret = -ERESTARTSYS;
896 if (signal_pending(current))
897 break;
898 cond_resched();
899 }
900 if (written) {
901 tty_update_time(&file_inode(file)->i_mtime);
902 ret = written;
903 }
904 out:
905 tty_write_unlock(tty);
906 return ret;
907 }
908
909 /**
910 * tty_write_message - write a message to a certain tty, not just the console.
911 * @tty: the destination tty_struct
912 * @msg: the message to write
913 *
914 * This is used for messages that need to be redirected to a specific tty.
915 * We don't put it into the syslog queue right now maybe in the future if
916 * really needed.
917 *
918 * We must still hold the BTM and test the CLOSING flag for the moment.
919 */
920
921 void tty_write_message(struct tty_struct *tty, char *msg)
922 {
923 if (tty) {
924 mutex_lock(&tty->atomic_write_lock);
925 tty_lock(tty);
926 if (tty->ops->write && tty->count > 0)
927 tty->ops->write(tty, msg, strlen(msg));
928 tty_unlock(tty);
929 tty_write_unlock(tty);
930 }
931 return;
932 }
933
934
935 /**
936 * tty_write - write method for tty device file
937 * @file: tty file pointer
938 * @buf: user data to write
939 * @count: bytes to write
940 * @ppos: unused
941 *
942 * Write data to a tty device via the line discipline.
943 *
944 * Locking:
945 * Locks the line discipline as required
946 * Writes to the tty driver are serialized by the atomic_write_lock
947 * and are then processed in chunks to the device. The line discipline
948 * write method will not be invoked in parallel for each device.
949 */
950
951 static ssize_t tty_write(struct file *file, const char __user *buf,
952 size_t count, loff_t *ppos)
953 {
954 struct tty_struct *tty = file_tty(file);
955 struct tty_ldisc *ld;
956 ssize_t ret;
957
958 if (tty_paranoia_check(tty, file_inode(file), "tty_write"))
959 return -EIO;
960 if (!tty || !tty->ops->write || tty_io_error(tty))
961 return -EIO;
962 /* Short term debug to catch buggy drivers */
963 if (tty->ops->write_room == NULL)
964 tty_err(tty, "missing write_room method\n");
965 ld = tty_ldisc_ref_wait(tty);
966 if (!ld)
967 return hung_up_tty_write(file, buf, count, ppos);
968 if (!ld->ops->write)
969 ret = -EIO;
970 else
971 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
972 tty_ldisc_deref(ld);
973 return ret;
974 }
975
976 ssize_t redirected_tty_write(struct file *file, const char __user *buf,
977 size_t count, loff_t *ppos)
978 {
979 struct file *p = NULL;
980
981 spin_lock(&redirect_lock);
982 if (redirect)
983 p = get_file(redirect);
984 spin_unlock(&redirect_lock);
985
986 if (p) {
987 ssize_t res;
988 res = vfs_write(p, buf, count, &p->f_pos);
989 fput(p);
990 return res;
991 }
992 return tty_write(file, buf, count, ppos);
993 }
994
995 /**
996 * tty_send_xchar - send priority character
997 *
998 * Send a high priority character to the tty even if stopped
999 *
1000 * Locking: none for xchar method, write ordering for write method.
1001 */
1002
1003 int tty_send_xchar(struct tty_struct *tty, char ch)
1004 {
1005 int was_stopped = tty->stopped;
1006
1007 if (tty->ops->send_xchar) {
1008 down_read(&tty->termios_rwsem);
1009 tty->ops->send_xchar(tty, ch);
1010 up_read(&tty->termios_rwsem);
1011 return 0;
1012 }
1013
1014 if (tty_write_lock(tty, 0) < 0)
1015 return -ERESTARTSYS;
1016
1017 down_read(&tty->termios_rwsem);
1018 if (was_stopped)
1019 start_tty(tty);
1020 tty->ops->write(tty, &ch, 1);
1021 if (was_stopped)
1022 stop_tty(tty);
1023 up_read(&tty->termios_rwsem);
1024 tty_write_unlock(tty);
1025 return 0;
1026 }
1027
1028 static char ptychar[] = "pqrstuvwxyzabcde";
1029
1030 /**
1031 * pty_line_name - generate name for a pty
1032 * @driver: the tty driver in use
1033 * @index: the minor number
1034 * @p: output buffer of at least 6 bytes
1035 *
1036 * Generate a name from a driver reference and write it to the output
1037 * buffer.
1038 *
1039 * Locking: None
1040 */
1041 static void pty_line_name(struct tty_driver *driver, int index, char *p)
1042 {
1043 int i = index + driver->name_base;
1044 /* ->name is initialized to "ttyp", but "tty" is expected */
1045 sprintf(p, "%s%c%x",
1046 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1047 ptychar[i >> 4 & 0xf], i & 0xf);
1048 }
1049
1050 /**
1051 * tty_line_name - generate name for a tty
1052 * @driver: the tty driver in use
1053 * @index: the minor number
1054 * @p: output buffer of at least 7 bytes
1055 *
1056 * Generate a name from a driver reference and write it to the output
1057 * buffer.
1058 *
1059 * Locking: None
1060 */
1061 static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p)
1062 {
1063 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
1064 return sprintf(p, "%s", driver->name);
1065 else
1066 return sprintf(p, "%s%d", driver->name,
1067 index + driver->name_base);
1068 }
1069
1070 /**
1071 * tty_driver_lookup_tty() - find an existing tty, if any
1072 * @driver: the driver for the tty
1073 * @idx: the minor number
1074 *
1075 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the
1076 * driver lookup() method returns an error.
1077 *
1078 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref.
1079 */
1080 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1081 struct file *file, int idx)
1082 {
1083 struct tty_struct *tty;
1084
1085 if (driver->ops->lookup)
1086 tty = driver->ops->lookup(driver, file, idx);
1087 else
1088 tty = driver->ttys[idx];
1089
1090 if (!IS_ERR(tty))
1091 tty_kref_get(tty);
1092 return tty;
1093 }
1094
1095 /**
1096 * tty_init_termios - helper for termios setup
1097 * @tty: the tty to set up
1098 *
1099 * Initialise the termios structures for this tty. Thus runs under
1100 * the tty_mutex currently so we can be relaxed about ordering.
1101 */
1102
1103 void tty_init_termios(struct tty_struct *tty)
1104 {
1105 struct ktermios *tp;
1106 int idx = tty->index;
1107
1108 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1109 tty->termios = tty->driver->init_termios;
1110 else {
1111 /* Check for lazy saved data */
1112 tp = tty->driver->termios[idx];
1113 if (tp != NULL) {
1114 tty->termios = *tp;
1115 tty->termios.c_line = tty->driver->init_termios.c_line;
1116 } else
1117 tty->termios = tty->driver->init_termios;
1118 }
1119 /* Compatibility until drivers always set this */
1120 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1121 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
1122 }
1123 EXPORT_SYMBOL_GPL(tty_init_termios);
1124
1125 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1126 {
1127 tty_init_termios(tty);
1128 tty_driver_kref_get(driver);
1129 tty->count++;
1130 driver->ttys[tty->index] = tty;
1131 return 0;
1132 }
1133 EXPORT_SYMBOL_GPL(tty_standard_install);
1134
1135 /**
1136 * tty_driver_install_tty() - install a tty entry in the driver
1137 * @driver: the driver for the tty
1138 * @tty: the tty
1139 *
1140 * Install a tty object into the driver tables. The tty->index field
1141 * will be set by the time this is called. This method is responsible
1142 * for ensuring any need additional structures are allocated and
1143 * configured.
1144 *
1145 * Locking: tty_mutex for now
1146 */
1147 static int tty_driver_install_tty(struct tty_driver *driver,
1148 struct tty_struct *tty)
1149 {
1150 return driver->ops->install ? driver->ops->install(driver, tty) :
1151 tty_standard_install(driver, tty);
1152 }
1153
1154 /**
1155 * tty_driver_remove_tty() - remove a tty from the driver tables
1156 * @driver: the driver for the tty
1157 * @idx: the minor number
1158 *
1159 * Remvoe a tty object from the driver tables. The tty->index field
1160 * will be set by the time this is called.
1161 *
1162 * Locking: tty_mutex for now
1163 */
1164 static void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
1165 {
1166 if (driver->ops->remove)
1167 driver->ops->remove(driver, tty);
1168 else
1169 driver->ttys[tty->index] = NULL;
1170 }
1171
1172 /*
1173 * tty_reopen() - fast re-open of an open tty
1174 * @tty - the tty to open
1175 *
1176 * Return 0 on success, -errno on error.
1177 * Re-opens on master ptys are not allowed and return -EIO.
1178 *
1179 * Locking: Caller must hold tty_lock
1180 */
1181 static int tty_reopen(struct tty_struct *tty)
1182 {
1183 struct tty_driver *driver = tty->driver;
1184
1185 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1186 driver->subtype == PTY_TYPE_MASTER)
1187 return -EIO;
1188
1189 if (!tty->count)
1190 return -EAGAIN;
1191
1192 if (test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN))
1193 return -EBUSY;
1194
1195 tty->count++;
1196
1197 if (!tty->ldisc)
1198 return tty_ldisc_reinit(tty, tty->termios.c_line);
1199
1200 return 0;
1201 }
1202
1203 /**
1204 * tty_init_dev - initialise a tty device
1205 * @driver: tty driver we are opening a device on
1206 * @idx: device index
1207 * @ret_tty: returned tty structure
1208 *
1209 * Prepare a tty device. This may not be a "new" clean device but
1210 * could also be an active device. The pty drivers require special
1211 * handling because of this.
1212 *
1213 * Locking:
1214 * The function is called under the tty_mutex, which
1215 * protects us from the tty struct or driver itself going away.
1216 *
1217 * On exit the tty device has the line discipline attached and
1218 * a reference count of 1. If a pair was created for pty/tty use
1219 * and the other was a pty master then it too has a reference count of 1.
1220 *
1221 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1222 * failed open. The new code protects the open with a mutex, so it's
1223 * really quite straightforward. The mutex locking can probably be
1224 * relaxed for the (most common) case of reopening a tty.
1225 */
1226
1227 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1228 {
1229 struct tty_struct *tty;
1230 int retval;
1231
1232 /*
1233 * First time open is complex, especially for PTY devices.
1234 * This code guarantees that either everything succeeds and the
1235 * TTY is ready for operation, or else the table slots are vacated
1236 * and the allocated memory released. (Except that the termios
1237 * may be retained.)
1238 */
1239
1240 if (!try_module_get(driver->owner))
1241 return ERR_PTR(-ENODEV);
1242
1243 tty = alloc_tty_struct(driver, idx);
1244 if (!tty) {
1245 retval = -ENOMEM;
1246 goto err_module_put;
1247 }
1248
1249 tty_lock(tty);
1250 retval = tty_driver_install_tty(driver, tty);
1251 if (retval < 0)
1252 goto err_free_tty;
1253
1254 if (!tty->port)
1255 tty->port = driver->ports[idx];
1256
1257 WARN_RATELIMIT(!tty->port,
1258 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1259 __func__, tty->driver->name);
1260
1261 tty->port->itty = tty;
1262
1263 /*
1264 * Structures all installed ... call the ldisc open routines.
1265 * If we fail here just call release_tty to clean up. No need
1266 * to decrement the use counts, as release_tty doesn't care.
1267 */
1268 retval = tty_ldisc_setup(tty, tty->link);
1269 if (retval)
1270 goto err_release_tty;
1271 /* Return the tty locked so that it cannot vanish under the caller */
1272 return tty;
1273
1274 err_free_tty:
1275 tty_unlock(tty);
1276 free_tty_struct(tty);
1277 err_module_put:
1278 module_put(driver->owner);
1279 return ERR_PTR(retval);
1280
1281 /* call the tty release_tty routine to clean out this slot */
1282 err_release_tty:
1283 tty_unlock(tty);
1284 tty_info_ratelimited(tty, "ldisc open failed (%d), clearing slot %d\n",
1285 retval, idx);
1286 release_tty(tty, idx);
1287 return ERR_PTR(retval);
1288 }
1289
1290 static void tty_free_termios(struct tty_struct *tty)
1291 {
1292 struct ktermios *tp;
1293 int idx = tty->index;
1294
1295 /* If the port is going to reset then it has no termios to save */
1296 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1297 return;
1298
1299 /* Stash the termios data */
1300 tp = tty->driver->termios[idx];
1301 if (tp == NULL) {
1302 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1303 if (tp == NULL)
1304 return;
1305 tty->driver->termios[idx] = tp;
1306 }
1307 *tp = tty->termios;
1308 }
1309
1310 /**
1311 * tty_flush_works - flush all works of a tty/pty pair
1312 * @tty: tty device to flush works for (or either end of a pty pair)
1313 *
1314 * Sync flush all works belonging to @tty (and the 'other' tty).
1315 */
1316 static void tty_flush_works(struct tty_struct *tty)
1317 {
1318 flush_work(&tty->SAK_work);
1319 flush_work(&tty->hangup_work);
1320 if (tty->link) {
1321 flush_work(&tty->link->SAK_work);
1322 flush_work(&tty->link->hangup_work);
1323 }
1324 }
1325
1326 /**
1327 * release_one_tty - release tty structure memory
1328 * @kref: kref of tty we are obliterating
1329 *
1330 * Releases memory associated with a tty structure, and clears out the
1331 * driver table slots. This function is called when a device is no longer
1332 * in use. It also gets called when setup of a device fails.
1333 *
1334 * Locking:
1335 * takes the file list lock internally when working on the list
1336 * of ttys that the driver keeps.
1337 *
1338 * This method gets called from a work queue so that the driver private
1339 * cleanup ops can sleep (needed for USB at least)
1340 */
1341 static void release_one_tty(struct work_struct *work)
1342 {
1343 struct tty_struct *tty =
1344 container_of(work, struct tty_struct, hangup_work);
1345 struct tty_driver *driver = tty->driver;
1346 struct module *owner = driver->owner;
1347
1348 if (tty->ops->cleanup)
1349 tty->ops->cleanup(tty);
1350
1351 tty->magic = 0;
1352 tty_driver_kref_put(driver);
1353 module_put(owner);
1354
1355 spin_lock(&tty->files_lock);
1356 list_del_init(&tty->tty_files);
1357 spin_unlock(&tty->files_lock);
1358
1359 put_pid(tty->pgrp);
1360 put_pid(tty->session);
1361 free_tty_struct(tty);
1362 }
1363
1364 static void queue_release_one_tty(struct kref *kref)
1365 {
1366 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1367
1368 /* The hangup queue is now free so we can reuse it rather than
1369 waste a chunk of memory for each port */
1370 INIT_WORK(&tty->hangup_work, release_one_tty);
1371 schedule_work(&tty->hangup_work);
1372 }
1373
1374 /**
1375 * tty_kref_put - release a tty kref
1376 * @tty: tty device
1377 *
1378 * Release a reference to a tty device and if need be let the kref
1379 * layer destruct the object for us
1380 */
1381
1382 void tty_kref_put(struct tty_struct *tty)
1383 {
1384 if (tty)
1385 kref_put(&tty->kref, queue_release_one_tty);
1386 }
1387 EXPORT_SYMBOL(tty_kref_put);
1388
1389 /**
1390 * release_tty - release tty structure memory
1391 *
1392 * Release both @tty and a possible linked partner (think pty pair),
1393 * and decrement the refcount of the backing module.
1394 *
1395 * Locking:
1396 * tty_mutex
1397 * takes the file list lock internally when working on the list
1398 * of ttys that the driver keeps.
1399 *
1400 */
1401 static void release_tty(struct tty_struct *tty, int idx)
1402 {
1403 /* This should always be true but check for the moment */
1404 WARN_ON(tty->index != idx);
1405 WARN_ON(!mutex_is_locked(&tty_mutex));
1406 if (tty->ops->shutdown)
1407 tty->ops->shutdown(tty);
1408 tty_free_termios(tty);
1409 tty_driver_remove_tty(tty->driver, tty);
1410 tty->port->itty = NULL;
1411 if (tty->link)
1412 tty->link->port->itty = NULL;
1413 tty_buffer_cancel_work(tty->port);
1414
1415 tty_kref_put(tty->link);
1416 tty_kref_put(tty);
1417 }
1418
1419 /**
1420 * tty_release_checks - check a tty before real release
1421 * @tty: tty to check
1422 * @o_tty: link of @tty (if any)
1423 * @idx: index of the tty
1424 *
1425 * Performs some paranoid checking before true release of the @tty.
1426 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1427 */
1428 static int tty_release_checks(struct tty_struct *tty, int idx)
1429 {
1430 #ifdef TTY_PARANOIA_CHECK
1431 if (idx < 0 || idx >= tty->driver->num) {
1432 tty_debug(tty, "bad idx %d\n", idx);
1433 return -1;
1434 }
1435
1436 /* not much to check for devpts */
1437 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1438 return 0;
1439
1440 if (tty != tty->driver->ttys[idx]) {
1441 tty_debug(tty, "bad driver table[%d] = %p\n",
1442 idx, tty->driver->ttys[idx]);
1443 return -1;
1444 }
1445 if (tty->driver->other) {
1446 struct tty_struct *o_tty = tty->link;
1447
1448 if (o_tty != tty->driver->other->ttys[idx]) {
1449 tty_debug(tty, "bad other table[%d] = %p\n",
1450 idx, tty->driver->other->ttys[idx]);
1451 return -1;
1452 }
1453 if (o_tty->link != tty) {
1454 tty_debug(tty, "bad link = %p\n", o_tty->link);
1455 return -1;
1456 }
1457 }
1458 #endif
1459 return 0;
1460 }
1461
1462 /**
1463 * tty_release_struct - release a tty struct
1464 * @tty: tty device
1465 * @idx: index of the tty
1466 *
1467 * Performs the final steps to release and free a tty device. It is
1468 * roughly the reverse of tty_init_dev.
1469 */
1470 void tty_release_struct(struct tty_struct *tty, int idx)
1471 {
1472 /*
1473 * Ask the line discipline code to release its structures
1474 */
1475 tty_ldisc_release(tty);
1476
1477 /* Wait for pending work before tty destruction commmences */
1478 tty_flush_works(tty);
1479
1480 tty_debug_hangup(tty, "freeing structure\n");
1481 /*
1482 * The release_tty function takes care of the details of clearing
1483 * the slots and preserving the termios structure. The tty_unlock_pair
1484 * should be safe as we keep a kref while the tty is locked (so the
1485 * unlock never unlocks a freed tty).
1486 */
1487 mutex_lock(&tty_mutex);
1488 release_tty(tty, idx);
1489 mutex_unlock(&tty_mutex);
1490 }
1491 EXPORT_SYMBOL_GPL(tty_release_struct);
1492
1493 /**
1494 * tty_release - vfs callback for close
1495 * @inode: inode of tty
1496 * @filp: file pointer for handle to tty
1497 *
1498 * Called the last time each file handle is closed that references
1499 * this tty. There may however be several such references.
1500 *
1501 * Locking:
1502 * Takes bkl. See tty_release_dev
1503 *
1504 * Even releasing the tty structures is a tricky business.. We have
1505 * to be very careful that the structures are all released at the
1506 * same time, as interrupts might otherwise get the wrong pointers.
1507 *
1508 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1509 * lead to double frees or releasing memory still in use.
1510 */
1511
1512 int tty_release(struct inode *inode, struct file *filp)
1513 {
1514 struct tty_struct *tty = file_tty(filp);
1515 struct tty_struct *o_tty = NULL;
1516 int do_sleep, final;
1517 int idx;
1518 long timeout = 0;
1519 int once = 1;
1520
1521 if (tty_paranoia_check(tty, inode, __func__))
1522 return 0;
1523
1524 tty_lock(tty);
1525 check_tty_count(tty, __func__);
1526
1527 __tty_fasync(-1, filp, 0);
1528
1529 idx = tty->index;
1530 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1531 tty->driver->subtype == PTY_TYPE_MASTER)
1532 o_tty = tty->link;
1533
1534 if (tty_release_checks(tty, idx)) {
1535 tty_unlock(tty);
1536 return 0;
1537 }
1538
1539 tty_debug_hangup(tty, "releasing (count=%d)\n", tty->count);
1540
1541 if (tty->ops->close)
1542 tty->ops->close(tty, filp);
1543
1544 /* If tty is pty master, lock the slave pty (stable lock order) */
1545 tty_lock_slave(o_tty);
1546
1547 /*
1548 * Sanity check: if tty->count is going to zero, there shouldn't be
1549 * any waiters on tty->read_wait or tty->write_wait. We test the
1550 * wait queues and kick everyone out _before_ actually starting to
1551 * close. This ensures that we won't block while releasing the tty
1552 * structure.
1553 *
1554 * The test for the o_tty closing is necessary, since the master and
1555 * slave sides may close in any order. If the slave side closes out
1556 * first, its count will be one, since the master side holds an open.
1557 * Thus this test wouldn't be triggered at the time the slave closed,
1558 * so we do it now.
1559 */
1560 while (1) {
1561 do_sleep = 0;
1562
1563 if (tty->count <= 1) {
1564 if (waitqueue_active(&tty->read_wait)) {
1565 wake_up_poll(&tty->read_wait, POLLIN);
1566 do_sleep++;
1567 }
1568 if (waitqueue_active(&tty->write_wait)) {
1569 wake_up_poll(&tty->write_wait, POLLOUT);
1570 do_sleep++;
1571 }
1572 }
1573 if (o_tty && o_tty->count <= 1) {
1574 if (waitqueue_active(&o_tty->read_wait)) {
1575 wake_up_poll(&o_tty->read_wait, POLLIN);
1576 do_sleep++;
1577 }
1578 if (waitqueue_active(&o_tty->write_wait)) {
1579 wake_up_poll(&o_tty->write_wait, POLLOUT);
1580 do_sleep++;
1581 }
1582 }
1583 if (!do_sleep)
1584 break;
1585
1586 if (once) {
1587 once = 0;
1588 tty_warn(tty, "read/write wait queue active!\n");
1589 }
1590 schedule_timeout_killable(timeout);
1591 if (timeout < 120 * HZ)
1592 timeout = 2 * timeout + 1;
1593 else
1594 timeout = MAX_SCHEDULE_TIMEOUT;
1595 }
1596
1597 if (o_tty) {
1598 if (--o_tty->count < 0) {
1599 tty_warn(tty, "bad slave count (%d)\n", o_tty->count);
1600 o_tty->count = 0;
1601 }
1602 }
1603 if (--tty->count < 0) {
1604 tty_warn(tty, "bad tty->count (%d)\n", tty->count);
1605 tty->count = 0;
1606 }
1607
1608 /*
1609 * We've decremented tty->count, so we need to remove this file
1610 * descriptor off the tty->tty_files list; this serves two
1611 * purposes:
1612 * - check_tty_count sees the correct number of file descriptors
1613 * associated with this tty.
1614 * - do_tty_hangup no longer sees this file descriptor as
1615 * something that needs to be handled for hangups.
1616 */
1617 tty_del_file(filp);
1618
1619 /*
1620 * Perform some housekeeping before deciding whether to return.
1621 *
1622 * If _either_ side is closing, make sure there aren't any
1623 * processes that still think tty or o_tty is their controlling
1624 * tty.
1625 */
1626 if (!tty->count) {
1627 read_lock(&tasklist_lock);
1628 session_clear_tty(tty->session);
1629 if (o_tty)
1630 session_clear_tty(o_tty->session);
1631 read_unlock(&tasklist_lock);
1632 }
1633
1634 /* check whether both sides are closing ... */
1635 final = !tty->count && !(o_tty && o_tty->count);
1636
1637 tty_unlock_slave(o_tty);
1638 tty_unlock(tty);
1639
1640 /* At this point, the tty->count == 0 should ensure a dead tty
1641 cannot be re-opened by a racing opener */
1642
1643 if (!final)
1644 return 0;
1645
1646 tty_debug_hangup(tty, "final close\n");
1647
1648 tty_release_struct(tty, idx);
1649 return 0;
1650 }
1651
1652 /**
1653 * tty_open_current_tty - get locked tty of current task
1654 * @device: device number
1655 * @filp: file pointer to tty
1656 * @return: locked tty of the current task iff @device is /dev/tty
1657 *
1658 * Performs a re-open of the current task's controlling tty.
1659 *
1660 * We cannot return driver and index like for the other nodes because
1661 * devpts will not work then. It expects inodes to be from devpts FS.
1662 */
1663 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1664 {
1665 struct tty_struct *tty;
1666 int retval;
1667
1668 if (device != MKDEV(TTYAUX_MAJOR, 0))
1669 return NULL;
1670
1671 tty = get_current_tty();
1672 if (!tty)
1673 return ERR_PTR(-ENXIO);
1674
1675 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1676 /* noctty = 1; */
1677 tty_lock(tty);
1678 tty_kref_put(tty); /* safe to drop the kref now */
1679
1680 retval = tty_reopen(tty);
1681 if (retval < 0) {
1682 tty_unlock(tty);
1683 tty = ERR_PTR(retval);
1684 }
1685 return tty;
1686 }
1687
1688 /**
1689 * tty_lookup_driver - lookup a tty driver for a given device file
1690 * @device: device number
1691 * @filp: file pointer to tty
1692 * @index: index for the device in the @return driver
1693 * @return: driver for this inode (with increased refcount)
1694 *
1695 * If @return is not erroneous, the caller is responsible to decrement the
1696 * refcount by tty_driver_kref_put.
1697 *
1698 * Locking: tty_mutex protects get_tty_driver
1699 */
1700 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1701 int *index)
1702 {
1703 struct tty_driver *driver;
1704
1705 switch (device) {
1706 #ifdef CONFIG_VT
1707 case MKDEV(TTY_MAJOR, 0): {
1708 extern struct tty_driver *console_driver;
1709 driver = tty_driver_kref_get(console_driver);
1710 *index = fg_console;
1711 break;
1712 }
1713 #endif
1714 case MKDEV(TTYAUX_MAJOR, 1): {
1715 struct tty_driver *console_driver = console_device(index);
1716 if (console_driver) {
1717 driver = tty_driver_kref_get(console_driver);
1718 if (driver) {
1719 /* Don't let /dev/console block */
1720 filp->f_flags |= O_NONBLOCK;
1721 break;
1722 }
1723 }
1724 return ERR_PTR(-ENODEV);
1725 }
1726 default:
1727 driver = get_tty_driver(device, index);
1728 if (!driver)
1729 return ERR_PTR(-ENODEV);
1730 break;
1731 }
1732 return driver;
1733 }
1734
1735 /**
1736 * tty_open_by_driver - open a tty device
1737 * @device: dev_t of device to open
1738 * @inode: inode of device file
1739 * @filp: file pointer to tty
1740 *
1741 * Performs the driver lookup, checks for a reopen, or otherwise
1742 * performs the first-time tty initialization.
1743 *
1744 * Returns the locked initialized or re-opened &tty_struct
1745 *
1746 * Claims the global tty_mutex to serialize:
1747 * - concurrent first-time tty initialization
1748 * - concurrent tty driver removal w/ lookup
1749 * - concurrent tty removal from driver table
1750 */
1751 static struct tty_struct *tty_open_by_driver(dev_t device, struct inode *inode,
1752 struct file *filp)
1753 {
1754 struct tty_struct *tty;
1755 struct tty_driver *driver = NULL;
1756 int index = -1;
1757 int retval;
1758
1759 mutex_lock(&tty_mutex);
1760 driver = tty_lookup_driver(device, filp, &index);
1761 if (IS_ERR(driver)) {
1762 mutex_unlock(&tty_mutex);
1763 return ERR_CAST(driver);
1764 }
1765
1766 /* check whether we're reopening an existing tty */
1767 tty = tty_driver_lookup_tty(driver, filp, index);
1768 if (IS_ERR(tty)) {
1769 mutex_unlock(&tty_mutex);
1770 goto out;
1771 }
1772
1773 if (tty) {
1774 mutex_unlock(&tty_mutex);
1775 retval = tty_lock_interruptible(tty);
1776 tty_kref_put(tty); /* drop kref from tty_driver_lookup_tty() */
1777 if (retval) {
1778 if (retval == -EINTR)
1779 retval = -ERESTARTSYS;
1780 tty = ERR_PTR(retval);
1781 goto out;
1782 }
1783 retval = tty_reopen(tty);
1784 if (retval < 0) {
1785 tty_unlock(tty);
1786 tty = ERR_PTR(retval);
1787 }
1788 } else { /* Returns with the tty_lock held for now */
1789 tty = tty_init_dev(driver, index);
1790 mutex_unlock(&tty_mutex);
1791 }
1792 out:
1793 tty_driver_kref_put(driver);
1794 return tty;
1795 }
1796
1797 /**
1798 * tty_open - open a tty device
1799 * @inode: inode of device file
1800 * @filp: file pointer to tty
1801 *
1802 * tty_open and tty_release keep up the tty count that contains the
1803 * number of opens done on a tty. We cannot use the inode-count, as
1804 * different inodes might point to the same tty.
1805 *
1806 * Open-counting is needed for pty masters, as well as for keeping
1807 * track of serial lines: DTR is dropped when the last close happens.
1808 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1809 *
1810 * The termios state of a pty is reset on first open so that
1811 * settings don't persist across reuse.
1812 *
1813 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
1814 * tty->count should protect the rest.
1815 * ->siglock protects ->signal/->sighand
1816 *
1817 * Note: the tty_unlock/lock cases without a ref are only safe due to
1818 * tty_mutex
1819 */
1820
1821 static int tty_open(struct inode *inode, struct file *filp)
1822 {
1823 struct tty_struct *tty;
1824 int noctty, retval;
1825 dev_t device = inode->i_rdev;
1826 unsigned saved_flags = filp->f_flags;
1827
1828 nonseekable_open(inode, filp);
1829
1830 retry_open:
1831 retval = tty_alloc_file(filp);
1832 if (retval)
1833 return -ENOMEM;
1834
1835 tty = tty_open_current_tty(device, filp);
1836 if (!tty)
1837 tty = tty_open_by_driver(device, inode, filp);
1838
1839 if (IS_ERR(tty)) {
1840 tty_free_file(filp);
1841 retval = PTR_ERR(tty);
1842 if (retval != -EAGAIN || signal_pending(current))
1843 return retval;
1844 schedule();
1845 goto retry_open;
1846 }
1847
1848 tty_add_file(tty, filp);
1849
1850 check_tty_count(tty, __func__);
1851 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count);
1852
1853 if (tty->ops->open)
1854 retval = tty->ops->open(tty, filp);
1855 else
1856 retval = -ENODEV;
1857 filp->f_flags = saved_flags;
1858
1859 if (retval) {
1860 tty_debug_hangup(tty, "open error %d, releasing\n", retval);
1861
1862 tty_unlock(tty); /* need to call tty_release without BTM */
1863 tty_release(inode, filp);
1864 if (retval != -ERESTARTSYS)
1865 return retval;
1866
1867 if (signal_pending(current))
1868 return retval;
1869
1870 schedule();
1871 /*
1872 * Need to reset f_op in case a hangup happened.
1873 */
1874 if (tty_hung_up_p(filp))
1875 filp->f_op = &tty_fops;
1876 goto retry_open;
1877 }
1878 clear_bit(TTY_HUPPED, &tty->flags);
1879
1880 noctty = (filp->f_flags & O_NOCTTY) ||
1881 (IS_ENABLED(CONFIG_VT) && device == MKDEV(TTY_MAJOR, 0)) ||
1882 device == MKDEV(TTYAUX_MAJOR, 1) ||
1883 (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1884 tty->driver->subtype == PTY_TYPE_MASTER);
1885 if (!noctty)
1886 tty_open_proc_set_tty(filp, tty);
1887 tty_unlock(tty);
1888 return 0;
1889 }
1890
1891
1892
1893 /**
1894 * tty_poll - check tty status
1895 * @filp: file being polled
1896 * @wait: poll wait structures to update
1897 *
1898 * Call the line discipline polling method to obtain the poll
1899 * status of the device.
1900 *
1901 * Locking: locks called line discipline but ldisc poll method
1902 * may be re-entered freely by other callers.
1903 */
1904
1905 static unsigned int tty_poll(struct file *filp, poll_table *wait)
1906 {
1907 struct tty_struct *tty = file_tty(filp);
1908 struct tty_ldisc *ld;
1909 int ret = 0;
1910
1911 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll"))
1912 return 0;
1913
1914 ld = tty_ldisc_ref_wait(tty);
1915 if (!ld)
1916 return hung_up_tty_poll(filp, wait);
1917 if (ld->ops->poll)
1918 ret = ld->ops->poll(tty, filp, wait);
1919 tty_ldisc_deref(ld);
1920 return ret;
1921 }
1922
1923 static int __tty_fasync(int fd, struct file *filp, int on)
1924 {
1925 struct tty_struct *tty = file_tty(filp);
1926 unsigned long flags;
1927 int retval = 0;
1928
1929 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync"))
1930 goto out;
1931
1932 retval = fasync_helper(fd, filp, on, &tty->fasync);
1933 if (retval <= 0)
1934 goto out;
1935
1936 if (on) {
1937 enum pid_type type;
1938 struct pid *pid;
1939
1940 spin_lock_irqsave(&tty->ctrl_lock, flags);
1941 if (tty->pgrp) {
1942 pid = tty->pgrp;
1943 type = PIDTYPE_PGID;
1944 } else {
1945 pid = task_pid(current);
1946 type = PIDTYPE_PID;
1947 }
1948 get_pid(pid);
1949 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1950 __f_setown(filp, pid, type, 0);
1951 put_pid(pid);
1952 retval = 0;
1953 }
1954 out:
1955 return retval;
1956 }
1957
1958 static int tty_fasync(int fd, struct file *filp, int on)
1959 {
1960 struct tty_struct *tty = file_tty(filp);
1961 int retval = -ENOTTY;
1962
1963 tty_lock(tty);
1964 if (!tty_hung_up_p(filp))
1965 retval = __tty_fasync(fd, filp, on);
1966 tty_unlock(tty);
1967
1968 return retval;
1969 }
1970
1971 /**
1972 * tiocsti - fake input character
1973 * @tty: tty to fake input into
1974 * @p: pointer to character
1975 *
1976 * Fake input to a tty device. Does the necessary locking and
1977 * input management.
1978 *
1979 * FIXME: does not honour flow control ??
1980 *
1981 * Locking:
1982 * Called functions take tty_ldiscs_lock
1983 * current->signal->tty check is safe without locks
1984 *
1985 * FIXME: may race normal receive processing
1986 */
1987
1988 static int tiocsti(struct tty_struct *tty, char __user *p)
1989 {
1990 char ch, mbz = 0;
1991 struct tty_ldisc *ld;
1992
1993 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
1994 return -EPERM;
1995 if (get_user(ch, p))
1996 return -EFAULT;
1997 tty_audit_tiocsti(tty, ch);
1998 ld = tty_ldisc_ref_wait(tty);
1999 if (!ld)
2000 return -EIO;
2001 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2002 tty_ldisc_deref(ld);
2003 return 0;
2004 }
2005
2006 /**
2007 * tiocgwinsz - implement window query ioctl
2008 * @tty; tty
2009 * @arg: user buffer for result
2010 *
2011 * Copies the kernel idea of the window size into the user buffer.
2012 *
2013 * Locking: tty->winsize_mutex is taken to ensure the winsize data
2014 * is consistent.
2015 */
2016
2017 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2018 {
2019 int err;
2020
2021 mutex_lock(&tty->winsize_mutex);
2022 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2023 mutex_unlock(&tty->winsize_mutex);
2024
2025 return err ? -EFAULT: 0;
2026 }
2027
2028 /**
2029 * tty_do_resize - resize event
2030 * @tty: tty being resized
2031 * @rows: rows (character)
2032 * @cols: cols (character)
2033 *
2034 * Update the termios variables and send the necessary signals to
2035 * peform a terminal resize correctly
2036 */
2037
2038 int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2039 {
2040 struct pid *pgrp;
2041
2042 /* Lock the tty */
2043 mutex_lock(&tty->winsize_mutex);
2044 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2045 goto done;
2046
2047 /* Signal the foreground process group */
2048 pgrp = tty_get_pgrp(tty);
2049 if (pgrp)
2050 kill_pgrp(pgrp, SIGWINCH, 1);
2051 put_pid(pgrp);
2052
2053 tty->winsize = *ws;
2054 done:
2055 mutex_unlock(&tty->winsize_mutex);
2056 return 0;
2057 }
2058 EXPORT_SYMBOL(tty_do_resize);
2059
2060 /**
2061 * tiocswinsz - implement window size set ioctl
2062 * @tty; tty side of tty
2063 * @arg: user buffer for result
2064 *
2065 * Copies the user idea of the window size to the kernel. Traditionally
2066 * this is just advisory information but for the Linux console it
2067 * actually has driver level meaning and triggers a VC resize.
2068 *
2069 * Locking:
2070 * Driver dependent. The default do_resize method takes the
2071 * tty termios mutex and ctrl_lock. The console takes its own lock
2072 * then calls into the default method.
2073 */
2074
2075 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2076 {
2077 struct winsize tmp_ws;
2078 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2079 return -EFAULT;
2080
2081 if (tty->ops->resize)
2082 return tty->ops->resize(tty, &tmp_ws);
2083 else
2084 return tty_do_resize(tty, &tmp_ws);
2085 }
2086
2087 /**
2088 * tioccons - allow admin to move logical console
2089 * @file: the file to become console
2090 *
2091 * Allow the administrator to move the redirected console device
2092 *
2093 * Locking: uses redirect_lock to guard the redirect information
2094 */
2095
2096 static int tioccons(struct file *file)
2097 {
2098 if (!capable(CAP_SYS_ADMIN))
2099 return -EPERM;
2100 if (file->f_op->write == redirected_tty_write) {
2101 struct file *f;
2102 spin_lock(&redirect_lock);
2103 f = redirect;
2104 redirect = NULL;
2105 spin_unlock(&redirect_lock);
2106 if (f)
2107 fput(f);
2108 return 0;
2109 }
2110 spin_lock(&redirect_lock);
2111 if (redirect) {
2112 spin_unlock(&redirect_lock);
2113 return -EBUSY;
2114 }
2115 redirect = get_file(file);
2116 spin_unlock(&redirect_lock);
2117 return 0;
2118 }
2119
2120 /**
2121 * fionbio - non blocking ioctl
2122 * @file: file to set blocking value
2123 * @p: user parameter
2124 *
2125 * Historical tty interfaces had a blocking control ioctl before
2126 * the generic functionality existed. This piece of history is preserved
2127 * in the expected tty API of posix OS's.
2128 *
2129 * Locking: none, the open file handle ensures it won't go away.
2130 */
2131
2132 static int fionbio(struct file *file, int __user *p)
2133 {
2134 int nonblock;
2135
2136 if (get_user(nonblock, p))
2137 return -EFAULT;
2138
2139 spin_lock(&file->f_lock);
2140 if (nonblock)
2141 file->f_flags |= O_NONBLOCK;
2142 else
2143 file->f_flags &= ~O_NONBLOCK;
2144 spin_unlock(&file->f_lock);
2145 return 0;
2146 }
2147
2148 /**
2149 * tiocsetd - set line discipline
2150 * @tty: tty device
2151 * @p: pointer to user data
2152 *
2153 * Set the line discipline according to user request.
2154 *
2155 * Locking: see tty_set_ldisc, this function is just a helper
2156 */
2157
2158 static int tiocsetd(struct tty_struct *tty, int __user *p)
2159 {
2160 int disc;
2161 int ret;
2162
2163 if (get_user(disc, p))
2164 return -EFAULT;
2165
2166 ret = tty_set_ldisc(tty, disc);
2167
2168 return ret;
2169 }
2170
2171 /**
2172 * tiocgetd - get line discipline
2173 * @tty: tty device
2174 * @p: pointer to user data
2175 *
2176 * Retrieves the line discipline id directly from the ldisc.
2177 *
2178 * Locking: waits for ldisc reference (in case the line discipline
2179 * is changing or the tty is being hungup)
2180 */
2181
2182 static int tiocgetd(struct tty_struct *tty, int __user *p)
2183 {
2184 struct tty_ldisc *ld;
2185 int ret;
2186
2187 ld = tty_ldisc_ref_wait(tty);
2188 if (!ld)
2189 return -EIO;
2190 ret = put_user(ld->ops->num, p);
2191 tty_ldisc_deref(ld);
2192 return ret;
2193 }
2194
2195 /**
2196 * send_break - performed time break
2197 * @tty: device to break on
2198 * @duration: timeout in mS
2199 *
2200 * Perform a timed break on hardware that lacks its own driver level
2201 * timed break functionality.
2202 *
2203 * Locking:
2204 * atomic_write_lock serializes
2205 *
2206 */
2207
2208 static int send_break(struct tty_struct *tty, unsigned int duration)
2209 {
2210 int retval;
2211
2212 if (tty->ops->break_ctl == NULL)
2213 return 0;
2214
2215 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2216 retval = tty->ops->break_ctl(tty, duration);
2217 else {
2218 /* Do the work ourselves */
2219 if (tty_write_lock(tty, 0) < 0)
2220 return -EINTR;
2221 retval = tty->ops->break_ctl(tty, -1);
2222 if (retval)
2223 goto out;
2224 if (!signal_pending(current))
2225 msleep_interruptible(duration);
2226 retval = tty->ops->break_ctl(tty, 0);
2227 out:
2228 tty_write_unlock(tty);
2229 if (signal_pending(current))
2230 retval = -EINTR;
2231 }
2232 return retval;
2233 }
2234
2235 /**
2236 * tty_tiocmget - get modem status
2237 * @tty: tty device
2238 * @file: user file pointer
2239 * @p: pointer to result
2240 *
2241 * Obtain the modem status bits from the tty driver if the feature
2242 * is supported. Return -EINVAL if it is not available.
2243 *
2244 * Locking: none (up to the driver)
2245 */
2246
2247 static int tty_tiocmget(struct tty_struct *tty, int __user *p)
2248 {
2249 int retval = -EINVAL;
2250
2251 if (tty->ops->tiocmget) {
2252 retval = tty->ops->tiocmget(tty);
2253
2254 if (retval >= 0)
2255 retval = put_user(retval, p);
2256 }
2257 return retval;
2258 }
2259
2260 /**
2261 * tty_tiocmset - set modem status
2262 * @tty: tty device
2263 * @cmd: command - clear bits, set bits or set all
2264 * @p: pointer to desired bits
2265 *
2266 * Set the modem status bits from the tty driver if the feature
2267 * is supported. Return -EINVAL if it is not available.
2268 *
2269 * Locking: none (up to the driver)
2270 */
2271
2272 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
2273 unsigned __user *p)
2274 {
2275 int retval;
2276 unsigned int set, clear, val;
2277
2278 if (tty->ops->tiocmset == NULL)
2279 return -EINVAL;
2280
2281 retval = get_user(val, p);
2282 if (retval)
2283 return retval;
2284 set = clear = 0;
2285 switch (cmd) {
2286 case TIOCMBIS:
2287 set = val;
2288 break;
2289 case TIOCMBIC:
2290 clear = val;
2291 break;
2292 case TIOCMSET:
2293 set = val;
2294 clear = ~val;
2295 break;
2296 }
2297 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2298 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2299 return tty->ops->tiocmset(tty, set, clear);
2300 }
2301
2302 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2303 {
2304 int retval = -EINVAL;
2305 struct serial_icounter_struct icount;
2306 memset(&icount, 0, sizeof(icount));
2307 if (tty->ops->get_icount)
2308 retval = tty->ops->get_icount(tty, &icount);
2309 if (retval != 0)
2310 return retval;
2311 if (copy_to_user(arg, &icount, sizeof(icount)))
2312 return -EFAULT;
2313 return 0;
2314 }
2315
2316 static void tty_warn_deprecated_flags(struct serial_struct __user *ss)
2317 {
2318 static DEFINE_RATELIMIT_STATE(depr_flags,
2319 DEFAULT_RATELIMIT_INTERVAL,
2320 DEFAULT_RATELIMIT_BURST);
2321 char comm[TASK_COMM_LEN];
2322 int flags;
2323
2324 if (get_user(flags, &ss->flags))
2325 return;
2326
2327 flags &= ASYNC_DEPRECATED;
2328
2329 if (flags && __ratelimit(&depr_flags))
2330 pr_warn("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n",
2331 __func__, get_task_comm(comm, current), flags);
2332 }
2333
2334 /*
2335 * if pty, return the slave side (real_tty)
2336 * otherwise, return self
2337 */
2338 static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2339 {
2340 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2341 tty->driver->subtype == PTY_TYPE_MASTER)
2342 tty = tty->link;
2343 return tty;
2344 }
2345
2346 /*
2347 * Split this up, as gcc can choke on it otherwise..
2348 */
2349 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2350 {
2351 struct tty_struct *tty = file_tty(file);
2352 struct tty_struct *real_tty;
2353 void __user *p = (void __user *)arg;
2354 int retval;
2355 struct tty_ldisc *ld;
2356
2357 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
2358 return -EINVAL;
2359
2360 real_tty = tty_pair_get_tty(tty);
2361
2362 /*
2363 * Factor out some common prep work
2364 */
2365 switch (cmd) {
2366 case TIOCSETD:
2367 case TIOCSBRK:
2368 case TIOCCBRK:
2369 case TCSBRK:
2370 case TCSBRKP:
2371 retval = tty_check_change(tty);
2372 if (retval)
2373 return retval;
2374 if (cmd != TIOCCBRK) {
2375 tty_wait_until_sent(tty, 0);
2376 if (signal_pending(current))
2377 return -EINTR;
2378 }
2379 break;
2380 }
2381
2382 /*
2383 * Now do the stuff.
2384 */
2385 switch (cmd) {
2386 case TIOCSTI:
2387 return tiocsti(tty, p);
2388 case TIOCGWINSZ:
2389 return tiocgwinsz(real_tty, p);
2390 case TIOCSWINSZ:
2391 return tiocswinsz(real_tty, p);
2392 case TIOCCONS:
2393 return real_tty != tty ? -EINVAL : tioccons(file);
2394 case FIONBIO:
2395 return fionbio(file, p);
2396 case TIOCEXCL:
2397 set_bit(TTY_EXCLUSIVE, &tty->flags);
2398 return 0;
2399 case TIOCNXCL:
2400 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2401 return 0;
2402 case TIOCGEXCL:
2403 {
2404 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags);
2405 return put_user(excl, (int __user *)p);
2406 }
2407 case TIOCGETD:
2408 return tiocgetd(tty, p);
2409 case TIOCSETD:
2410 return tiocsetd(tty, p);
2411 case TIOCVHANGUP:
2412 if (!capable(CAP_SYS_ADMIN))
2413 return -EPERM;
2414 tty_vhangup(tty);
2415 return 0;
2416 case TIOCGDEV:
2417 {
2418 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2419 return put_user(ret, (unsigned int __user *)p);
2420 }
2421 /*
2422 * Break handling
2423 */
2424 case TIOCSBRK: /* Turn break on, unconditionally */
2425 if (tty->ops->break_ctl)
2426 return tty->ops->break_ctl(tty, -1);
2427 return 0;
2428 case TIOCCBRK: /* Turn break off, unconditionally */
2429 if (tty->ops->break_ctl)
2430 return tty->ops->break_ctl(tty, 0);
2431 return 0;
2432 case TCSBRK: /* SVID version: non-zero arg --> no break */
2433 /* non-zero arg means wait for all output data
2434 * to be sent (performed above) but don't send break.
2435 * This is used by the tcdrain() termios function.
2436 */
2437 if (!arg)
2438 return send_break(tty, 250);
2439 return 0;
2440 case TCSBRKP: /* support for POSIX tcsendbreak() */
2441 return send_break(tty, arg ? arg*100 : 250);
2442
2443 case TIOCMGET:
2444 return tty_tiocmget(tty, p);
2445 case TIOCMSET:
2446 case TIOCMBIC:
2447 case TIOCMBIS:
2448 return tty_tiocmset(tty, cmd, p);
2449 case TIOCGICOUNT:
2450 retval = tty_tiocgicount(tty, p);
2451 /* For the moment allow fall through to the old method */
2452 if (retval != -EINVAL)
2453 return retval;
2454 break;
2455 case TCFLSH:
2456 switch (arg) {
2457 case TCIFLUSH:
2458 case TCIOFLUSH:
2459 /* flush tty buffer and allow ldisc to process ioctl */
2460 tty_buffer_flush(tty, NULL);
2461 break;
2462 }
2463 break;
2464 case TIOCSSERIAL:
2465 tty_warn_deprecated_flags(p);
2466 break;
2467 default:
2468 retval = tty_jobctrl_ioctl(tty, real_tty, file, cmd, arg);
2469 if (retval != -ENOIOCTLCMD)
2470 return retval;
2471 }
2472 if (tty->ops->ioctl) {
2473 retval = tty->ops->ioctl(tty, cmd, arg);
2474 if (retval != -ENOIOCTLCMD)
2475 return retval;
2476 }
2477 ld = tty_ldisc_ref_wait(tty);
2478 if (!ld)
2479 return hung_up_tty_ioctl(file, cmd, arg);
2480 retval = -EINVAL;
2481 if (ld->ops->ioctl) {
2482 retval = ld->ops->ioctl(tty, file, cmd, arg);
2483 if (retval == -ENOIOCTLCMD)
2484 retval = -ENOTTY;
2485 }
2486 tty_ldisc_deref(ld);
2487 return retval;
2488 }
2489
2490 #ifdef CONFIG_COMPAT
2491 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
2492 unsigned long arg)
2493 {
2494 struct tty_struct *tty = file_tty(file);
2495 struct tty_ldisc *ld;
2496 int retval = -ENOIOCTLCMD;
2497
2498 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
2499 return -EINVAL;
2500
2501 if (tty->ops->compat_ioctl) {
2502 retval = tty->ops->compat_ioctl(tty, cmd, arg);
2503 if (retval != -ENOIOCTLCMD)
2504 return retval;
2505 }
2506
2507 ld = tty_ldisc_ref_wait(tty);
2508 if (!ld)
2509 return hung_up_tty_compat_ioctl(file, cmd, arg);
2510 if (ld->ops->compat_ioctl)
2511 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
2512 else
2513 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
2514 tty_ldisc_deref(ld);
2515
2516 return retval;
2517 }
2518 #endif
2519
2520 static int this_tty(const void *t, struct file *file, unsigned fd)
2521 {
2522 if (likely(file->f_op->read != tty_read))
2523 return 0;
2524 return file_tty(file) != t ? 0 : fd + 1;
2525 }
2526
2527 /*
2528 * This implements the "Secure Attention Key" --- the idea is to
2529 * prevent trojan horses by killing all processes associated with this
2530 * tty when the user hits the "Secure Attention Key". Required for
2531 * super-paranoid applications --- see the Orange Book for more details.
2532 *
2533 * This code could be nicer; ideally it should send a HUP, wait a few
2534 * seconds, then send a INT, and then a KILL signal. But you then
2535 * have to coordinate with the init process, since all processes associated
2536 * with the current tty must be dead before the new getty is allowed
2537 * to spawn.
2538 *
2539 * Now, if it would be correct ;-/ The current code has a nasty hole -
2540 * it doesn't catch files in flight. We may send the descriptor to ourselves
2541 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2542 *
2543 * Nasty bug: do_SAK is being called in interrupt context. This can
2544 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2545 */
2546 void __do_SAK(struct tty_struct *tty)
2547 {
2548 #ifdef TTY_SOFT_SAK
2549 tty_hangup(tty);
2550 #else
2551 struct task_struct *g, *p;
2552 struct pid *session;
2553 int i;
2554
2555 if (!tty)
2556 return;
2557 session = tty->session;
2558
2559 tty_ldisc_flush(tty);
2560
2561 tty_driver_flush_buffer(tty);
2562
2563 read_lock(&tasklist_lock);
2564 /* Kill the entire session */
2565 do_each_pid_task(session, PIDTYPE_SID, p) {
2566 tty_notice(tty, "SAK: killed process %d (%s): by session\n",
2567 task_pid_nr(p), p->comm);
2568 send_sig(SIGKILL, p, 1);
2569 } while_each_pid_task(session, PIDTYPE_SID, p);
2570
2571 /* Now kill any processes that happen to have the tty open */
2572 do_each_thread(g, p) {
2573 if (p->signal->tty == tty) {
2574 tty_notice(tty, "SAK: killed process %d (%s): by controlling tty\n",
2575 task_pid_nr(p), p->comm);
2576 send_sig(SIGKILL, p, 1);
2577 continue;
2578 }
2579 task_lock(p);
2580 i = iterate_fd(p->files, 0, this_tty, tty);
2581 if (i != 0) {
2582 tty_notice(tty, "SAK: killed process %d (%s): by fd#%d\n",
2583 task_pid_nr(p), p->comm, i - 1);
2584 force_sig(SIGKILL, p);
2585 }
2586 task_unlock(p);
2587 } while_each_thread(g, p);
2588 read_unlock(&tasklist_lock);
2589 #endif
2590 }
2591
2592 static void do_SAK_work(struct work_struct *work)
2593 {
2594 struct tty_struct *tty =
2595 container_of(work, struct tty_struct, SAK_work);
2596 __do_SAK(tty);
2597 }
2598
2599 /*
2600 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2601 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2602 * the values which we write to it will be identical to the values which it
2603 * already has. --akpm
2604 */
2605 void do_SAK(struct tty_struct *tty)
2606 {
2607 if (!tty)
2608 return;
2609 schedule_work(&tty->SAK_work);
2610 }
2611
2612 EXPORT_SYMBOL(do_SAK);
2613
2614 static int dev_match_devt(struct device *dev, const void *data)
2615 {
2616 const dev_t *devt = data;
2617 return dev->devt == *devt;
2618 }
2619
2620 /* Must put_device() after it's unused! */
2621 static struct device *tty_get_device(struct tty_struct *tty)
2622 {
2623 dev_t devt = tty_devnum(tty);
2624 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2625 }
2626
2627
2628 /**
2629 * alloc_tty_struct
2630 *
2631 * This subroutine allocates and initializes a tty structure.
2632 *
2633 * Locking: none - tty in question is not exposed at this point
2634 */
2635
2636 struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
2637 {
2638 struct tty_struct *tty;
2639
2640 tty = kzalloc(sizeof(*tty), GFP_KERNEL);
2641 if (!tty)
2642 return NULL;
2643
2644 kref_init(&tty->kref);
2645 tty->magic = TTY_MAGIC;
2646 tty_ldisc_init(tty);
2647 tty->session = NULL;
2648 tty->pgrp = NULL;
2649 mutex_init(&tty->legacy_mutex);
2650 mutex_init(&tty->throttle_mutex);
2651 init_rwsem(&tty->termios_rwsem);
2652 mutex_init(&tty->winsize_mutex);
2653 init_ldsem(&tty->ldisc_sem);
2654 init_waitqueue_head(&tty->write_wait);
2655 init_waitqueue_head(&tty->read_wait);
2656 INIT_WORK(&tty->hangup_work, do_tty_hangup);
2657 mutex_init(&tty->atomic_write_lock);
2658 spin_lock_init(&tty->ctrl_lock);
2659 spin_lock_init(&tty->flow_lock);
2660 spin_lock_init(&tty->files_lock);
2661 INIT_LIST_HEAD(&tty->tty_files);
2662 INIT_WORK(&tty->SAK_work, do_SAK_work);
2663
2664 tty->driver = driver;
2665 tty->ops = driver->ops;
2666 tty->index = idx;
2667 tty_line_name(driver, idx, tty->name);
2668 tty->dev = tty_get_device(tty);
2669
2670 return tty;
2671 }
2672
2673 /**
2674 * tty_put_char - write one character to a tty
2675 * @tty: tty
2676 * @ch: character
2677 *
2678 * Write one byte to the tty using the provided put_char method
2679 * if present. Returns the number of characters successfully output.
2680 *
2681 * Note: the specific put_char operation in the driver layer may go
2682 * away soon. Don't call it directly, use this method
2683 */
2684
2685 int tty_put_char(struct tty_struct *tty, unsigned char ch)
2686 {
2687 if (tty->ops->put_char)
2688 return tty->ops->put_char(tty, ch);
2689 return tty->ops->write(tty, &ch, 1);
2690 }
2691 EXPORT_SYMBOL_GPL(tty_put_char);
2692
2693 struct class *tty_class;
2694
2695 static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
2696 unsigned int index, unsigned int count)
2697 {
2698 int err;
2699
2700 /* init here, since reused cdevs cause crashes */
2701 driver->cdevs[index] = cdev_alloc();
2702 if (!driver->cdevs[index])
2703 return -ENOMEM;
2704 driver->cdevs[index]->ops = &tty_fops;
2705 driver->cdevs[index]->owner = driver->owner;
2706 err = cdev_add(driver->cdevs[index], dev, count);
2707 if (err)
2708 kobject_put(&driver->cdevs[index]->kobj);
2709 return err;
2710 }
2711
2712 /**
2713 * tty_register_device - register a tty device
2714 * @driver: the tty driver that describes the tty device
2715 * @index: the index in the tty driver for this tty device
2716 * @device: a struct device that is associated with this tty device.
2717 * This field is optional, if there is no known struct device
2718 * for this tty device it can be set to NULL safely.
2719 *
2720 * Returns a pointer to the struct device for this tty device
2721 * (or ERR_PTR(-EFOO) on error).
2722 *
2723 * This call is required to be made to register an individual tty device
2724 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
2725 * that bit is not set, this function should not be called by a tty
2726 * driver.
2727 *
2728 * Locking: ??
2729 */
2730
2731 struct device *tty_register_device(struct tty_driver *driver, unsigned index,
2732 struct device *device)
2733 {
2734 return tty_register_device_attr(driver, index, device, NULL, NULL);
2735 }
2736 EXPORT_SYMBOL(tty_register_device);
2737
2738 static void tty_device_create_release(struct device *dev)
2739 {
2740 dev_dbg(dev, "releasing...\n");
2741 kfree(dev);
2742 }
2743
2744 /**
2745 * tty_register_device_attr - register a tty device
2746 * @driver: the tty driver that describes the tty device
2747 * @index: the index in the tty driver for this tty device
2748 * @device: a struct device that is associated with this tty device.
2749 * This field is optional, if there is no known struct device
2750 * for this tty device it can be set to NULL safely.
2751 * @drvdata: Driver data to be set to device.
2752 * @attr_grp: Attribute group to be set on device.
2753 *
2754 * Returns a pointer to the struct device for this tty device
2755 * (or ERR_PTR(-EFOO) on error).
2756 *
2757 * This call is required to be made to register an individual tty device
2758 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
2759 * that bit is not set, this function should not be called by a tty
2760 * driver.
2761 *
2762 * Locking: ??
2763 */
2764 struct device *tty_register_device_attr(struct tty_driver *driver,
2765 unsigned index, struct device *device,
2766 void *drvdata,
2767 const struct attribute_group **attr_grp)
2768 {
2769 char name[64];
2770 dev_t devt = MKDEV(driver->major, driver->minor_start) + index;
2771 struct ktermios *tp;
2772 struct device *dev;
2773 int retval;
2774
2775 if (index >= driver->num) {
2776 pr_err("%s: Attempt to register invalid tty line number (%d)\n",
2777 driver->name, index);
2778 return ERR_PTR(-EINVAL);
2779 }
2780
2781 if (driver->type == TTY_DRIVER_TYPE_PTY)
2782 pty_line_name(driver, index, name);
2783 else
2784 tty_line_name(driver, index, name);
2785
2786 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2787 if (!dev)
2788 return ERR_PTR(-ENOMEM);
2789
2790 dev->devt = devt;
2791 dev->class = tty_class;
2792 dev->parent = device;
2793 dev->release = tty_device_create_release;
2794 dev_set_name(dev, "%s", name);
2795 dev->groups = attr_grp;
2796 dev_set_drvdata(dev, drvdata);
2797
2798 dev_set_uevent_suppress(dev, 1);
2799
2800 retval = device_register(dev);
2801 if (retval)
2802 goto err_put;
2803
2804 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
2805 /*
2806 * Free any saved termios data so that the termios state is
2807 * reset when reusing a minor number.
2808 */
2809 tp = driver->termios[index];
2810 if (tp) {
2811 driver->termios[index] = NULL;
2812 kfree(tp);
2813 }
2814
2815 retval = tty_cdev_add(driver, devt, index, 1);
2816 if (retval)
2817 goto err_del;
2818 }
2819
2820 dev_set_uevent_suppress(dev, 0);
2821 kobject_uevent(&dev->kobj, KOBJ_ADD);
2822
2823 return dev;
2824
2825 err_del:
2826 device_del(dev);
2827 err_put:
2828 put_device(dev);
2829
2830 return ERR_PTR(retval);
2831 }
2832 EXPORT_SYMBOL_GPL(tty_register_device_attr);
2833
2834 /**
2835 * tty_unregister_device - unregister a tty device
2836 * @driver: the tty driver that describes the tty device
2837 * @index: the index in the tty driver for this tty device
2838 *
2839 * If a tty device is registered with a call to tty_register_device() then
2840 * this function must be called when the tty device is gone.
2841 *
2842 * Locking: ??
2843 */
2844
2845 void tty_unregister_device(struct tty_driver *driver, unsigned index)
2846 {
2847 device_destroy(tty_class,
2848 MKDEV(driver->major, driver->minor_start) + index);
2849 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
2850 cdev_del(driver->cdevs[index]);
2851 driver->cdevs[index] = NULL;
2852 }
2853 }
2854 EXPORT_SYMBOL(tty_unregister_device);
2855
2856 /**
2857 * __tty_alloc_driver -- allocate tty driver
2858 * @lines: count of lines this driver can handle at most
2859 * @owner: module which is responsible for this driver
2860 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
2861 *
2862 * This should not be called directly, some of the provided macros should be
2863 * used instead. Use IS_ERR and friends on @retval.
2864 */
2865 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
2866 unsigned long flags)
2867 {
2868 struct tty_driver *driver;
2869 unsigned int cdevs = 1;
2870 int err;
2871
2872 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
2873 return ERR_PTR(-EINVAL);
2874
2875 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
2876 if (!driver)
2877 return ERR_PTR(-ENOMEM);
2878
2879 kref_init(&driver->kref);
2880 driver->magic = TTY_DRIVER_MAGIC;
2881 driver->num = lines;
2882 driver->owner = owner;
2883 driver->flags = flags;
2884
2885 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
2886 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
2887 GFP_KERNEL);
2888 driver->termios = kcalloc(lines, sizeof(*driver->termios),
2889 GFP_KERNEL);
2890 if (!driver->ttys || !driver->termios) {
2891 err = -ENOMEM;
2892 goto err_free_all;
2893 }
2894 }
2895
2896 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
2897 driver->ports = kcalloc(lines, sizeof(*driver->ports),
2898 GFP_KERNEL);
2899 if (!driver->ports) {
2900 err = -ENOMEM;
2901 goto err_free_all;
2902 }
2903 cdevs = lines;
2904 }
2905
2906 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
2907 if (!driver->cdevs) {
2908 err = -ENOMEM;
2909 goto err_free_all;
2910 }
2911
2912 return driver;
2913 err_free_all:
2914 kfree(driver->ports);
2915 kfree(driver->ttys);
2916 kfree(driver->termios);
2917 kfree(driver->cdevs);
2918 kfree(driver);
2919 return ERR_PTR(err);
2920 }
2921 EXPORT_SYMBOL(__tty_alloc_driver);
2922
2923 static void destruct_tty_driver(struct kref *kref)
2924 {
2925 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
2926 int i;
2927 struct ktermios *tp;
2928
2929 if (driver->flags & TTY_DRIVER_INSTALLED) {
2930 for (i = 0; i < driver->num; i++) {
2931 tp = driver->termios[i];
2932 if (tp) {
2933 driver->termios[i] = NULL;
2934 kfree(tp);
2935 }
2936 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
2937 tty_unregister_device(driver, i);
2938 }
2939 proc_tty_unregister_driver(driver);
2940 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
2941 cdev_del(driver->cdevs[0]);
2942 }
2943 kfree(driver->cdevs);
2944 kfree(driver->ports);
2945 kfree(driver->termios);
2946 kfree(driver->ttys);
2947 kfree(driver);
2948 }
2949
2950 void tty_driver_kref_put(struct tty_driver *driver)
2951 {
2952 kref_put(&driver->kref, destruct_tty_driver);
2953 }
2954 EXPORT_SYMBOL(tty_driver_kref_put);
2955
2956 void tty_set_operations(struct tty_driver *driver,
2957 const struct tty_operations *op)
2958 {
2959 driver->ops = op;
2960 };
2961 EXPORT_SYMBOL(tty_set_operations);
2962
2963 void put_tty_driver(struct tty_driver *d)
2964 {
2965 tty_driver_kref_put(d);
2966 }
2967 EXPORT_SYMBOL(put_tty_driver);
2968
2969 /*
2970 * Called by a tty driver to register itself.
2971 */
2972 int tty_register_driver(struct tty_driver *driver)
2973 {
2974 int error;
2975 int i;
2976 dev_t dev;
2977 struct device *d;
2978
2979 if (!driver->major) {
2980 error = alloc_chrdev_region(&dev, driver->minor_start,
2981 driver->num, driver->name);
2982 if (!error) {
2983 driver->major = MAJOR(dev);
2984 driver->minor_start = MINOR(dev);
2985 }
2986 } else {
2987 dev = MKDEV(driver->major, driver->minor_start);
2988 error = register_chrdev_region(dev, driver->num, driver->name);
2989 }
2990 if (error < 0)
2991 goto err;
2992
2993 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
2994 error = tty_cdev_add(driver, dev, 0, driver->num);
2995 if (error)
2996 goto err_unreg_char;
2997 }
2998
2999 mutex_lock(&tty_mutex);
3000 list_add(&driver->tty_drivers, &tty_drivers);
3001 mutex_unlock(&tty_mutex);
3002
3003 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3004 for (i = 0; i < driver->num; i++) {
3005 d = tty_register_device(driver, i, NULL);
3006 if (IS_ERR(d)) {
3007 error = PTR_ERR(d);
3008 goto err_unreg_devs;
3009 }
3010 }
3011 }
3012 proc_tty_register_driver(driver);
3013 driver->flags |= TTY_DRIVER_INSTALLED;
3014 return 0;
3015
3016 err_unreg_devs:
3017 for (i--; i >= 0; i--)
3018 tty_unregister_device(driver, i);
3019
3020 mutex_lock(&tty_mutex);
3021 list_del(&driver->tty_drivers);
3022 mutex_unlock(&tty_mutex);
3023
3024 err_unreg_char:
3025 unregister_chrdev_region(dev, driver->num);
3026 err:
3027 return error;
3028 }
3029 EXPORT_SYMBOL(tty_register_driver);
3030
3031 /*
3032 * Called by a tty driver to unregister itself.
3033 */
3034 int tty_unregister_driver(struct tty_driver *driver)
3035 {
3036 #if 0
3037 /* FIXME */
3038 if (driver->refcount)
3039 return -EBUSY;
3040 #endif
3041 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3042 driver->num);
3043 mutex_lock(&tty_mutex);
3044 list_del(&driver->tty_drivers);
3045 mutex_unlock(&tty_mutex);
3046 return 0;
3047 }
3048
3049 EXPORT_SYMBOL(tty_unregister_driver);
3050
3051 dev_t tty_devnum(struct tty_struct *tty)
3052 {
3053 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3054 }
3055 EXPORT_SYMBOL(tty_devnum);
3056
3057 void tty_default_fops(struct file_operations *fops)
3058 {
3059 *fops = tty_fops;
3060 }
3061
3062 static char *tty_devnode(struct device *dev, umode_t *mode)
3063 {
3064 if (!mode)
3065 return NULL;
3066 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3067 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3068 *mode = 0666;
3069 return NULL;
3070 }
3071
3072 static int __init tty_class_init(void)
3073 {
3074 tty_class = class_create(THIS_MODULE, "tty");
3075 if (IS_ERR(tty_class))
3076 return PTR_ERR(tty_class);
3077 tty_class->devnode = tty_devnode;
3078 return 0;
3079 }
3080
3081 postcore_initcall(tty_class_init);
3082
3083 /* 3/2004 jmc: why do these devices exist? */
3084 static struct cdev tty_cdev, console_cdev;
3085
3086 static ssize_t show_cons_active(struct device *dev,
3087 struct device_attribute *attr, char *buf)
3088 {
3089 struct console *cs[16];
3090 int i = 0;
3091 struct console *c;
3092 ssize_t count = 0;
3093
3094 console_lock();
3095 for_each_console(c) {
3096 if (!c->device)
3097 continue;
3098 if (!c->write)
3099 continue;
3100 if ((c->flags & CON_ENABLED) == 0)
3101 continue;
3102 cs[i++] = c;
3103 if (i >= ARRAY_SIZE(cs))
3104 break;
3105 }
3106 while (i--) {
3107 int index = cs[i]->index;
3108 struct tty_driver *drv = cs[i]->device(cs[i], &index);
3109
3110 /* don't resolve tty0 as some programs depend on it */
3111 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR))
3112 count += tty_line_name(drv, index, buf + count);
3113 else
3114 count += sprintf(buf + count, "%s%d",
3115 cs[i]->name, cs[i]->index);
3116
3117 count += sprintf(buf + count, "%c", i ? ' ':'\n');
3118 }
3119 console_unlock();
3120
3121 return count;
3122 }
3123 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3124
3125 static struct attribute *cons_dev_attrs[] = {
3126 &dev_attr_active.attr,
3127 NULL
3128 };
3129
3130 ATTRIBUTE_GROUPS(cons_dev);
3131
3132 static struct device *consdev;
3133
3134 void console_sysfs_notify(void)
3135 {
3136 if (consdev)
3137 sysfs_notify(&consdev->kobj, NULL, "active");
3138 }
3139
3140 /*
3141 * Ok, now we can initialize the rest of the tty devices and can count
3142 * on memory allocations, interrupts etc..
3143 */
3144 int __init tty_init(void)
3145 {
3146 cdev_init(&tty_cdev, &tty_fops);
3147 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3148 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3149 panic("Couldn't register /dev/tty driver\n");
3150 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
3151
3152 cdev_init(&console_cdev, &console_fops);
3153 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3154 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3155 panic("Couldn't register /dev/console driver\n");
3156 consdev = device_create_with_groups(tty_class, NULL,
3157 MKDEV(TTYAUX_MAJOR, 1), NULL,
3158 cons_dev_groups, "console");
3159 if (IS_ERR(consdev))
3160 consdev = NULL;
3161
3162 #ifdef CONFIG_VT
3163 vty_init(&console_fops);
3164 #endif
3165 return 0;
3166 }
3167
Linux with added FPC-III support