tty: handle the case where we cannot restore a line discipline
authorAlan Cox <alan@llwyncelyn.cymru>
Fri, 2 Jun 2017 12:49:30 +0000 (13:49 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 3 Jun 2017 09:43:46 +0000 (18:43 +0900)
Historically the N_TTY driver could never fail but this has become broken over
time. Rather than trying to rewrite half the ldisc layer to fix the breakage
introduce a second level of fallback with an N_NULL ldisc which cannot fail,
and thus restore the guarantees required by the ldisc layer.

We still try and fail to N_TTY first. It's much more useful to find yourself
back in your old ldisc (first attempt) or in N_TTY (second attempt), and while
I'm not aware of any code out there that makes those assumptions it's good to
drive(r) defensively.

Signed-off-by: Alan Cox <alan@linux.intel.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Tested-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/tty/Makefile
drivers/tty/n_null.c [new file with mode: 0644]
drivers/tty/tty_ldisc.c
include/uapi/linux/tty.h

index f02becdb3e33850c368d2903656ebf16265c654c..8689279afdf1b53169243f2629076fb9fb3e7a29 100644 (file)
@@ -1,6 +1,7 @@
 obj-$(CONFIG_TTY)              += tty_io.o n_tty.o tty_ioctl.o tty_ldisc.o \
                                   tty_buffer.o tty_port.o tty_mutex.o \
-                                  tty_ldsem.o tty_baudrate.o tty_jobctrl.o
+                                  tty_ldsem.o tty_baudrate.o tty_jobctrl.o \
+                                  n_null.o
 obj-$(CONFIG_LEGACY_PTYS)      += pty.o
 obj-$(CONFIG_UNIX98_PTYS)      += pty.o
 obj-$(CONFIG_AUDIT)            += tty_audit.o
diff --git a/drivers/tty/n_null.c b/drivers/tty/n_null.c
new file mode 100644 (file)
index 0000000..d63261c
--- /dev/null
@@ -0,0 +1,80 @@
+#include <linux/types.h>
+#include <linux/errno.h>
+#include <linux/tty.h>
+#include <linux/module.h>
+
+/*
+ *  n_null.c - Null line discipline used in the failure path
+ *
+ *  Copyright (C) Intel 2017
+ *
+ * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2
+ *  as published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ */
+
+static int n_null_open(struct tty_struct *tty)
+{
+       return 0;
+}
+
+static void n_null_close(struct tty_struct *tty)
+{
+}
+
+static ssize_t n_null_read(struct tty_struct *tty, struct file *file,
+                          unsigned char __user * buf, size_t nr)
+{
+       return -EOPNOTSUPP;
+}
+
+static ssize_t n_null_write(struct tty_struct *tty, struct file *file,
+                           const unsigned char *buf, size_t nr)
+{
+       return -EOPNOTSUPP;
+}
+
+static void n_null_receivebuf(struct tty_struct *tty,
+                                const unsigned char *cp, char *fp,
+                                int cnt)
+{
+}
+
+static struct tty_ldisc_ops null_ldisc = {
+       .owner          =       THIS_MODULE,
+       .magic          =       TTY_LDISC_MAGIC,
+       .name           =       "n_null",
+       .open           =       n_null_open,
+       .close          =       n_null_close,
+       .read           =       n_null_read,
+       .write          =       n_null_write,
+       .receive_buf    =       n_null_receivebuf
+};
+
+static int __init n_null_init(void)
+{
+       BUG_ON(tty_register_ldisc(N_NULL, &null_ldisc));
+       return 0;
+}
+
+static void __exit n_null_exit(void)
+{
+       tty_unregister_ldisc(N_NULL);
+}
+
+module_init(n_null_init);
+module_exit(n_null_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Alan Cox");
+MODULE_ALIAS_LDISC(N_NULL);
+MODULE_DESCRIPTION("Null ldisc driver");
index e4603b09863a8fa5ffd4467e81a463538f0533bb..4a04567d9aef69e698610f1a9eef0d7f352dbf15 100644 (file)
@@ -491,6 +491,29 @@ static void tty_ldisc_close(struct tty_struct *tty, struct tty_ldisc *ld)
        tty_ldisc_debug(tty, "%p: closed\n", ld);
 }
 
+/**
+ *     tty_ldisc_failto        -       helper for ldisc failback
+ *     @tty: tty to open the ldisc on
+ *     @ld: ldisc we are trying to fail back to
+ *
+ *     Helper to try and recover a tty when switching back to the old
+ *     ldisc fails and we need something attached.
+ */
+
+static int tty_ldisc_failto(struct tty_struct *tty, int ld)
+{
+       struct tty_ldisc *disc = tty_ldisc_get(tty, ld);
+       int r;
+
+       if (IS_ERR(disc))
+               return PTR_ERR(disc);
+       tty->ldisc = disc;
+       tty_set_termios_ldisc(tty, ld);
+       if ((r = tty_ldisc_open(tty, disc)) < 0)
+               tty_ldisc_put(disc);
+       return r;
+}
+
 /**
  *     tty_ldisc_restore       -       helper for tty ldisc change
  *     @tty: tty to recover
@@ -502,9 +525,6 @@ static void tty_ldisc_close(struct tty_struct *tty, struct tty_ldisc *ld)
 
 static void tty_ldisc_restore(struct tty_struct *tty, struct tty_ldisc *old)
 {
-       struct tty_ldisc *new_ldisc;
-       int r;
-
        /* There is an outstanding reference here so this is safe */
        old = tty_ldisc_get(tty, old->ops->num);
        WARN_ON(IS_ERR(old));
@@ -512,17 +532,13 @@ static void tty_ldisc_restore(struct tty_struct *tty, struct tty_ldisc *old)
        tty_set_termios_ldisc(tty, old->ops->num);
        if (tty_ldisc_open(tty, old) < 0) {
                tty_ldisc_put(old);
-               /* This driver is always present */
-               new_ldisc = tty_ldisc_get(tty, N_TTY);
-               if (IS_ERR(new_ldisc))
-                       panic("n_tty: get");
-               tty->ldisc = new_ldisc;
-               tty_set_termios_ldisc(tty, N_TTY);
-               r = tty_ldisc_open(tty, new_ldisc);
-               if (r < 0)
-                       panic("Couldn't open N_TTY ldisc for "
-                             "%s --- error %d.",
-                             tty_name(tty), r);
+               /* The traditional behaviour is to fall back to N_TTY, we
+                  want to avoid falling back to N_NULL unless we have no
+                  choice to avoid the risk of breaking anything */
+               if (tty_ldisc_failto(tty, N_TTY) < 0 &&
+                   tty_ldisc_failto(tty, N_NULL) < 0)
+                       panic("Couldn't open N_NULL ldisc for %s.",
+                             tty_name(tty));
        }
 }
 
index e7855dffd592018e6dd5f6f4ac7dd230db97f3fd..cf1455396df0703b007b9709d298aa0fa9f5e54b 100644 (file)
@@ -36,5 +36,6 @@
 #define N_TRACEROUTER  24      /* Trace data routing for MIPI P1149.7 */
 #define N_NCI          25      /* NFC NCI UART */
 #define N_SPEAKUP      26      /* Speakup communication with synths */
+#define N_NULL         27      /* Null ldisc used for error handling */
 
 #endif /* _UAPI_LINUX_TTY_H */